diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2015-07-26 10:58:55 -0400 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2015-07-26 10:58:55 -0400 |
| commit | 4ebff2984d3a400f1b57bce913d936abea740202 (patch) | |
| tree | a9b53e8017f254a41dc10493e1db6fae35ed03d0 | |
| parent | Grsec/PaX: 3.1-{3.2.69,3.14.48,4.0.8}-201507111211 (diff) | |
| download | hardened-patchset-4ebff2984d3a400f1b57bce913d936abea740202.tar.gz hardened-patchset-4ebff2984d3a400f1b57bce913d936abea740202.tar.bz2 hardened-patchset-4ebff2984d3a400f1b57bce913d936abea740202.zip | |
grsecurity-{3.2.69,3.14,48,4.1.3}-20150725141920150725
| -rw-r--r-- | 3.14.48/0000_README | 10 | ||||
| -rw-r--r-- | 3.14.48/1046_linux-3.14.47.patch | 1395 | ||||
| -rw-r--r-- | 3.14.48/1047_linux-3.14.48.patch | 1019 | ||||
| -rw-r--r-- | 3.14.48/4420_grsecurity-3.1-3.14.48-201507251417.patch (renamed from 3.14.48/4420_grsecurity-3.1-3.14.48-201507111210.patch) | 2066 | ||||
| -rw-r--r-- | 3.2.69/0000_README | 2 | ||||
| -rw-r--r-- | 3.2.69/4420_grsecurity-3.1-3.2.69-201507251415.patch (renamed from 3.2.69/4420_grsecurity-3.1-3.2.69-201507111207.patch) | 4612 | ||||
| -rw-r--r-- | 4.0.8/1007_linux-4.0.8.patch | 2139 | ||||
| -rw-r--r-- | 4.1.3/0000_README (renamed from 4.0.8/0000_README) | 6 | ||||
| -rw-r--r-- | 4.1.3/4420_grsecurity-3.1-4.1.3-201507251419.patch (renamed from 4.0.8/4420_grsecurity-3.1-4.0.8-201507111211.patch) | 13925 | ||||
| -rw-r--r-- | 4.1.3/4425_grsec_remove_EI_PAX.patch (renamed from 4.0.8/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4427_force_XATTR_PAX_tmpfs.patch (renamed from 4.0.8/4427_force_XATTR_PAX_tmpfs.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4430_grsec-remove-localversion-grsec.patch (renamed from 4.0.8/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4435_grsec-mute-warnings.patch (renamed from 4.0.8/4435_grsec-mute-warnings.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4440_grsec-remove-protected-paths.patch (renamed from 4.0.8/4440_grsec-remove-protected-paths.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4450_grsec-kconfig-default-gids.patch (renamed from 4.0.8/4450_grsec-kconfig-default-gids.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 4.0.8/4465_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4470_disable-compat_vdso.patch (renamed from 4.0.8/4470_disable-compat_vdso.patch) | 0 | ||||
| -rw-r--r-- | 4.1.3/4475_emutramp_default_on.patch (renamed from 4.0.8/4475_emutramp_default_on.patch) | 0 |
18 files changed, 13081 insertions, 12093 deletions
diff --git a/3.14.48/0000_README b/3.14.48/0000_README index 44ff3ab..2207222 100644 --- a/3.14.48/0000_README +++ b/3.14.48/0000_README @@ -2,15 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 1046_linux-3.14.47.patch -From: http://www.kernel.org -Desc: Linux 3.14.47 - -Patch: 1047_linux-3.14.48.patch -From: http://www.kernel.org -Desc: Linux 3.14.48 - -Patch: 4420_grsecurity-3.1-3.14.48-201507111210.patch +Patch: 4420_grsecurity-3.1-3.14.48-201507251417.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.48/1046_linux-3.14.47.patch b/3.14.48/1046_linux-3.14.47.patch deleted file mode 100644 index 4dc0c5a..0000000 --- a/3.14.48/1046_linux-3.14.47.patch +++ /dev/null @@ -1,1395 +0,0 @@ -diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt -index 6cd63a9..bc6d617 100644 ---- a/Documentation/virtual/kvm/api.txt -+++ b/Documentation/virtual/kvm/api.txt -@@ -2344,7 +2344,8 @@ should be created before this ioctl is invoked. - - Possible features: - - KVM_ARM_VCPU_POWER_OFF: Starts the CPU in a power-off state. -- Depends on KVM_CAP_ARM_PSCI. -+ Depends on KVM_CAP_ARM_PSCI. If not set, the CPU will be powered on -+ and execute guest code when KVM_RUN is called. - - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode. - Depends on KVM_CAP_ARM_EL1_32BIT (arm64 only). - -diff --git a/Makefile b/Makefile -index def39fd..f9041e6 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,6 +1,6 @@ - VERSION = 3 - PATCHLEVEL = 14 --SUBLEVEL = 46 -+SUBLEVEL = 47 - EXTRAVERSION = - NAME = Remembering Coco - -diff --git a/arch/arm/include/asm/kvm_emulate.h b/arch/arm/include/asm/kvm_emulate.h -index 0fa90c9..853e2be 100644 ---- a/arch/arm/include/asm/kvm_emulate.h -+++ b/arch/arm/include/asm/kvm_emulate.h -@@ -33,6 +33,11 @@ void kvm_inject_undefined(struct kvm_vcpu *vcpu); - void kvm_inject_dabt(struct kvm_vcpu *vcpu, unsigned long addr); - void kvm_inject_pabt(struct kvm_vcpu *vcpu, unsigned long addr); - -+static inline void vcpu_reset_hcr(struct kvm_vcpu *vcpu) -+{ -+ vcpu->arch.hcr = HCR_GUEST_MASK; -+} -+ - static inline bool vcpu_mode_is_32bit(struct kvm_vcpu *vcpu) - { - return 1; -diff --git a/arch/arm/include/asm/kvm_mmu.h b/arch/arm/include/asm/kvm_mmu.h -index 0cbdb8e..9f79231 100644 ---- a/arch/arm/include/asm/kvm_mmu.h -+++ b/arch/arm/include/asm/kvm_mmu.h -@@ -47,6 +47,7 @@ int create_hyp_io_mappings(void *from, void *to, phys_addr_t); - void free_boot_hyp_pgd(void); - void free_hyp_pgds(void); - -+void stage2_unmap_vm(struct kvm *kvm); - int kvm_alloc_stage2_pgd(struct kvm *kvm); - void kvm_free_stage2_pgd(struct kvm *kvm); - int kvm_phys_addr_ioremap(struct kvm *kvm, phys_addr_t guest_ipa, -@@ -78,17 +79,6 @@ static inline void kvm_set_pte(pte_t *pte, pte_t new_pte) - flush_pmd_entry(pte); - } - --static inline bool kvm_is_write_fault(unsigned long hsr) --{ -- unsigned long hsr_ec = hsr >> HSR_EC_SHIFT; -- if (hsr_ec == HSR_EC_IABT) -- return false; -- else if ((hsr & HSR_ISV) && !(hsr & HSR_WNR)) -- return false; -- else -- return true; --} -- - static inline void kvm_clean_pgd(pgd_t *pgd) - { - clean_dcache_area(pgd, PTRS_PER_S2_PGD * sizeof(pgd_t)); -diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c -index df6e75e..2e74a61 100644 ---- a/arch/arm/kvm/arm.c -+++ b/arch/arm/kvm/arm.c -@@ -220,6 +220,11 @@ struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm, unsigned int id) - int err; - struct kvm_vcpu *vcpu; - -+ if (irqchip_in_kernel(kvm) && vgic_initialized(kvm)) { -+ err = -EBUSY; -+ goto out; -+ } -+ - vcpu = kmem_cache_zalloc(kvm_vcpu_cache, GFP_KERNEL); - if (!vcpu) { - err = -ENOMEM; -@@ -427,9 +432,9 @@ static void update_vttbr(struct kvm *kvm) - - /* update vttbr to be used with the new vmid */ - pgd_phys = virt_to_phys(kvm->arch.pgd); -+ BUG_ON(pgd_phys & ~VTTBR_BADDR_MASK); - vmid = ((u64)(kvm->arch.vmid) << VTTBR_VMID_SHIFT) & VTTBR_VMID_MASK; -- kvm->arch.vttbr = pgd_phys & VTTBR_BADDR_MASK; -- kvm->arch.vttbr |= vmid; -+ kvm->arch.vttbr = pgd_phys | vmid; - - spin_unlock(&kvm_vmid_lock); - } -@@ -676,10 +681,21 @@ static int kvm_arch_vcpu_ioctl_vcpu_init(struct kvm_vcpu *vcpu, - return ret; - - /* -+ * Ensure a rebooted VM will fault in RAM pages and detect if the -+ * guest MMU is turned off and flush the caches as needed. -+ */ -+ if (vcpu->arch.has_run_once) -+ stage2_unmap_vm(vcpu->kvm); -+ -+ vcpu_reset_hcr(vcpu); -+ -+ /* - * Handle the "start in power-off" case by marking the VCPU as paused. - */ -- if (__test_and_clear_bit(KVM_ARM_VCPU_POWER_OFF, vcpu->arch.features)) -+ if (test_bit(KVM_ARM_VCPU_POWER_OFF, vcpu->arch.features)) - vcpu->arch.pause = true; -+ else -+ vcpu->arch.pause = false; - - return 0; - } -@@ -825,7 +841,8 @@ static int hyp_init_cpu_notify(struct notifier_block *self, - switch (action) { - case CPU_STARTING: - case CPU_STARTING_FROZEN: -- cpu_init_hyp_mode(NULL); -+ if (__hyp_get_vectors() == hyp_default_vectors) -+ cpu_init_hyp_mode(NULL); - break; - } - -diff --git a/arch/arm/kvm/guest.c b/arch/arm/kvm/guest.c -index b23a59c..2786eae 100644 ---- a/arch/arm/kvm/guest.c -+++ b/arch/arm/kvm/guest.c -@@ -38,7 +38,6 @@ struct kvm_stats_debugfs_item debugfs_entries[] = { - - int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu) - { -- vcpu->arch.hcr = HCR_GUEST_MASK; - return 0; - } - -diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c -index 70ed2c1..524b4b5 100644 ---- a/arch/arm/kvm/mmu.c -+++ b/arch/arm/kvm/mmu.c -@@ -197,7 +197,8 @@ static void unmap_range(struct kvm *kvm, pgd_t *pgdp, - pgd = pgdp + pgd_index(addr); - do { - next = kvm_pgd_addr_end(addr, end); -- unmap_puds(kvm, pgd, addr, next); -+ if (!pgd_none(*pgd)) -+ unmap_puds(kvm, pgd, addr, next); - } while (pgd++, addr = next, addr != end); - } - -@@ -555,6 +556,71 @@ static void unmap_stage2_range(struct kvm *kvm, phys_addr_t start, u64 size) - unmap_range(kvm, kvm->arch.pgd, start, size); - } - -+static void stage2_unmap_memslot(struct kvm *kvm, -+ struct kvm_memory_slot *memslot) -+{ -+ hva_t hva = memslot->userspace_addr; -+ phys_addr_t addr = memslot->base_gfn << PAGE_SHIFT; -+ phys_addr_t size = PAGE_SIZE * memslot->npages; -+ hva_t reg_end = hva + size; -+ -+ /* -+ * A memory region could potentially cover multiple VMAs, and any holes -+ * between them, so iterate over all of them to find out if we should -+ * unmap any of them. -+ * -+ * +--------------------------------------------+ -+ * +---------------+----------------+ +----------------+ -+ * | : VMA 1 | VMA 2 | | VMA 3 : | -+ * +---------------+----------------+ +----------------+ -+ * | memory region | -+ * +--------------------------------------------+ -+ */ -+ do { -+ struct vm_area_struct *vma = find_vma(current->mm, hva); -+ hva_t vm_start, vm_end; -+ -+ if (!vma || vma->vm_start >= reg_end) -+ break; -+ -+ /* -+ * Take the intersection of this VMA with the memory region -+ */ -+ vm_start = max(hva, vma->vm_start); -+ vm_end = min(reg_end, vma->vm_end); -+ -+ if (!(vma->vm_flags & VM_PFNMAP)) { -+ gpa_t gpa = addr + (vm_start - memslot->userspace_addr); -+ unmap_stage2_range(kvm, gpa, vm_end - vm_start); -+ } -+ hva = vm_end; -+ } while (hva < reg_end); -+} -+ -+/** -+ * stage2_unmap_vm - Unmap Stage-2 RAM mappings -+ * @kvm: The struct kvm pointer -+ * -+ * Go through the memregions and unmap any reguler RAM -+ * backing memory already mapped to the VM. -+ */ -+void stage2_unmap_vm(struct kvm *kvm) -+{ -+ struct kvm_memslots *slots; -+ struct kvm_memory_slot *memslot; -+ int idx; -+ -+ idx = srcu_read_lock(&kvm->srcu); -+ spin_lock(&kvm->mmu_lock); -+ -+ slots = kvm_memslots(kvm); -+ kvm_for_each_memslot(memslot, slots) -+ stage2_unmap_memslot(kvm, memslot); -+ -+ spin_unlock(&kvm->mmu_lock); -+ srcu_read_unlock(&kvm->srcu, idx); -+} -+ - /** - * kvm_free_stage2_pgd - free all stage-2 tables - * @kvm: The KVM struct pointer for the VM. -@@ -746,6 +812,19 @@ static bool transparent_hugepage_adjust(pfn_t *pfnp, phys_addr_t *ipap) - return false; - } - -+static bool kvm_is_write_fault(struct kvm_vcpu *vcpu) -+{ -+ if (kvm_vcpu_trap_is_iabt(vcpu)) -+ return false; -+ -+ return kvm_vcpu_dabt_iswrite(vcpu); -+} -+ -+static bool kvm_is_device_pfn(unsigned long pfn) -+{ -+ return !pfn_valid(pfn); -+} -+ - static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, - struct kvm_memory_slot *memslot, - unsigned long fault_status) -@@ -761,7 +840,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, - pfn_t pfn; - pgprot_t mem_type = PAGE_S2; - -- write_fault = kvm_is_write_fault(kvm_vcpu_get_hsr(vcpu)); -+ write_fault = kvm_is_write_fault(vcpu); - if (fault_status == FSC_PERM && !write_fault) { - kvm_err("Unexpected L2 read permission error\n"); - return -EFAULT; -@@ -770,6 +849,12 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, - /* Let's check if we will get back a huge page backed by hugetlbfs */ - down_read(¤t->mm->mmap_sem); - vma = find_vma_intersection(current->mm, hva, hva + 1); -+ if (unlikely(!vma)) { -+ kvm_err("Failed to find VMA for hva 0x%lx\n", hva); -+ up_read(¤t->mm->mmap_sem); -+ return -EFAULT; -+ } -+ - if (is_vm_hugetlb_page(vma)) { - hugetlb = true; - gfn = (fault_ipa & PMD_MASK) >> PAGE_SHIFT; -@@ -810,7 +895,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, - if (is_error_pfn(pfn)) - return -EFAULT; - -- if (kvm_is_mmio_pfn(pfn)) -+ if (kvm_is_device_pfn(pfn)) - mem_type = PAGE_S2_DEVICE; - - spin_lock(&kvm->mmu_lock); -@@ -836,7 +921,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, - } - coherent_cache_guest_page(vcpu, hva, PAGE_SIZE); - ret = stage2_set_pte(kvm, memcache, fault_ipa, &new_pte, -- mem_type == PAGE_S2_DEVICE); -+ pgprot_val(mem_type) == pgprot_val(PAGE_S2_DEVICE)); - } - - -@@ -912,6 +997,9 @@ int kvm_handle_guest_abort(struct kvm_vcpu *vcpu, struct kvm_run *run) - - memslot = gfn_to_memslot(vcpu->kvm, gfn); - -+ /* Userspace should not be able to register out-of-bounds IPAs */ -+ VM_BUG_ON(fault_ipa >= KVM_PHYS_SIZE); -+ - ret = user_mem_abort(vcpu, fault_ipa, memslot, fault_status); - if (ret == 0) - ret = 1; -@@ -1136,6 +1224,14 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, - struct kvm_userspace_memory_region *mem, - enum kvm_mr_change change) - { -+ /* -+ * Prevent userspace from creating a memory region outside of the IPA -+ * space addressable by the KVM guest IPA space. -+ */ -+ if (memslot->base_gfn + memslot->npages >= -+ (KVM_PHYS_SIZE >> PAGE_SHIFT)) -+ return -EFAULT; -+ - return 0; - } - -diff --git a/arch/arm/mach-dove/board-dt.c b/arch/arm/mach-dove/board-dt.c -index 49fa9ab..7a7a09a5 100644 ---- a/arch/arm/mach-dove/board-dt.c -+++ b/arch/arm/mach-dove/board-dt.c -@@ -26,7 +26,7 @@ static void __init dove_dt_init(void) - #ifdef CONFIG_CACHE_TAUROS2 - tauros2_init(0); - #endif -- BUG_ON(mvebu_mbus_dt_init()); -+ BUG_ON(mvebu_mbus_dt_init(false)); - of_platform_populate(NULL, of_default_bus_match_table, NULL, NULL); - } - -diff --git a/arch/arm/mach-imx/clk-imx6q.c b/arch/arm/mach-imx/clk-imx6q.c -index 01a5765..b509556 100644 ---- a/arch/arm/mach-imx/clk-imx6q.c -+++ b/arch/arm/mach-imx/clk-imx6q.c -@@ -406,7 +406,7 @@ static void __init imx6q_clocks_init(struct device_node *ccm_node) - clk[gpmi_io] = imx_clk_gate2("gpmi_io", "enfc", base + 0x78, 28); - clk[gpmi_apb] = imx_clk_gate2("gpmi_apb", "usdhc3", base + 0x78, 30); - clk[rom] = imx_clk_gate2("rom", "ahb", base + 0x7c, 0); -- clk[sata] = imx_clk_gate2("sata", "ipg", base + 0x7c, 4); -+ clk[sata] = imx_clk_gate2("sata", "ahb", base + 0x7c, 4); - clk[sdma] = imx_clk_gate2("sdma", "ahb", base + 0x7c, 6); - clk[spba] = imx_clk_gate2("spba", "ipg", base + 0x7c, 12); - clk[spdif] = imx_clk_gate2("spdif", "spdif_podf", base + 0x7c, 14); -diff --git a/arch/arm/mach-kirkwood/board-dt.c b/arch/arm/mach-kirkwood/board-dt.c -index 7818815..79e629d 100644 ---- a/arch/arm/mach-kirkwood/board-dt.c -+++ b/arch/arm/mach-kirkwood/board-dt.c -@@ -116,7 +116,7 @@ static void __init kirkwood_dt_init(void) - */ - writel(readl(CPU_CONFIG) & ~CPU_CONFIG_ERROR_PROP, CPU_CONFIG); - -- BUG_ON(mvebu_mbus_dt_init()); -+ BUG_ON(mvebu_mbus_dt_init(false)); - - kirkwood_l2_init(); - -diff --git a/arch/arm/mach-mvebu/armada-370-xp.c b/arch/arm/mach-mvebu/armada-370-xp.c -index f6c9d1d..79c3766a 100644 ---- a/arch/arm/mach-mvebu/armada-370-xp.c -+++ b/arch/arm/mach-mvebu/armada-370-xp.c -@@ -41,7 +41,7 @@ static void __init armada_370_xp_timer_and_clk_init(void) - of_clk_init(NULL); - clocksource_of_init(); - coherency_init(); -- BUG_ON(mvebu_mbus_dt_init()); -+ BUG_ON(mvebu_mbus_dt_init(coherency_available())); - #ifdef CONFIG_CACHE_L2X0 - l2x0_of_init(0, ~0UL); - #endif -diff --git a/arch/arm/mach-mvebu/coherency.c b/arch/arm/mach-mvebu/coherency.c -index c295c10..49bad4d 100644 ---- a/arch/arm/mach-mvebu/coherency.c -+++ b/arch/arm/mach-mvebu/coherency.c -@@ -121,6 +121,20 @@ static struct notifier_block mvebu_hwcc_platform_nb = { - .notifier_call = mvebu_hwcc_platform_notifier, - }; - -+/* -+ * Keep track of whether we have IO hardware coherency enabled or not. -+ * On Armada 370's we will not be using it for example. We need to make -+ * that available [through coherency_available()] so the mbus controller -+ * doesn't enable the IO coherency bit in the attribute bits of the -+ * chip selects. -+ */ -+static int coherency_enabled; -+ -+int coherency_available(void) -+{ -+ return coherency_enabled; -+} -+ - int __init coherency_init(void) - { - struct device_node *np; -@@ -164,6 +178,7 @@ int __init coherency_init(void) - coherency_base = of_iomap(np, 0); - coherency_cpu_base = of_iomap(np, 1); - set_cpu_coherent(cpu_logical_map(smp_processor_id()), 0); -+ coherency_enabled = 1; - of_node_put(np); - } - -diff --git a/arch/arm/mach-mvebu/coherency.h b/arch/arm/mach-mvebu/coherency.h -index 760226c..63e18c6 100644 ---- a/arch/arm/mach-mvebu/coherency.h -+++ b/arch/arm/mach-mvebu/coherency.h -@@ -17,6 +17,7 @@ - extern unsigned long coherency_phys_base; - - int set_cpu_coherent(unsigned int cpu_id, int smp_group_id); -+int coherency_available(void); - int coherency_init(void); - - #endif /* __MACH_370_XP_COHERENCY_H */ -diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h -index 00fbaa7..ea68925 100644 ---- a/arch/arm64/include/asm/kvm_arm.h -+++ b/arch/arm64/include/asm/kvm_arm.h -@@ -18,6 +18,7 @@ - #ifndef __ARM64_KVM_ARM_H__ - #define __ARM64_KVM_ARM_H__ - -+#include <asm/memory.h> - #include <asm/types.h> - - /* Hyp Configuration Register (HCR) bits */ -@@ -122,6 +123,17 @@ - #define VTCR_EL2_T0SZ_MASK 0x3f - #define VTCR_EL2_T0SZ_40B 24 - -+/* -+ * We configure the Stage-2 page tables to always restrict the IPA space to be -+ * 40 bits wide (T0SZ = 24). Systems with a PARange smaller than 40 bits are -+ * not known to exist and will break with this configuration. -+ * -+ * Note that when using 4K pages, we concatenate two first level page tables -+ * together. -+ * -+ * The magic numbers used for VTTBR_X in this patch can be found in Tables -+ * D4-23 and D4-25 in ARM DDI 0487A.b. -+ */ - #ifdef CONFIG_ARM64_64K_PAGES - /* - * Stage2 translation configuration: -@@ -151,9 +163,9 @@ - #endif - - #define VTTBR_BADDR_SHIFT (VTTBR_X - 1) --#define VTTBR_BADDR_MASK (((1LLU << (40 - VTTBR_X)) - 1) << VTTBR_BADDR_SHIFT) --#define VTTBR_VMID_SHIFT (48LLU) --#define VTTBR_VMID_MASK (0xffLLU << VTTBR_VMID_SHIFT) -+#define VTTBR_BADDR_MASK (((UL(1) << (PHYS_MASK_SHIFT - VTTBR_X)) - 1) << VTTBR_BADDR_SHIFT) -+#define VTTBR_VMID_SHIFT (UL(48)) -+#define VTTBR_VMID_MASK (UL(0xFF) << VTTBR_VMID_SHIFT) - - /* Hyp System Trap Register */ - #define HSTR_EL2_TTEE (1 << 16) -@@ -176,13 +188,13 @@ - - /* Exception Syndrome Register (ESR) bits */ - #define ESR_EL2_EC_SHIFT (26) --#define ESR_EL2_EC (0x3fU << ESR_EL2_EC_SHIFT) --#define ESR_EL2_IL (1U << 25) -+#define ESR_EL2_EC (UL(0x3f) << ESR_EL2_EC_SHIFT) -+#define ESR_EL2_IL (UL(1) << 25) - #define ESR_EL2_ISS (ESR_EL2_IL - 1) - #define ESR_EL2_ISV_SHIFT (24) --#define ESR_EL2_ISV (1U << ESR_EL2_ISV_SHIFT) -+#define ESR_EL2_ISV (UL(1) << ESR_EL2_ISV_SHIFT) - #define ESR_EL2_SAS_SHIFT (22) --#define ESR_EL2_SAS (3U << ESR_EL2_SAS_SHIFT) -+#define ESR_EL2_SAS (UL(3) << ESR_EL2_SAS_SHIFT) - #define ESR_EL2_SSE (1 << 21) - #define ESR_EL2_SRT_SHIFT (16) - #define ESR_EL2_SRT_MASK (0x1f << ESR_EL2_SRT_SHIFT) -@@ -196,16 +208,16 @@ - #define ESR_EL2_FSC_TYPE (0x3c) - - #define ESR_EL2_CV_SHIFT (24) --#define ESR_EL2_CV (1U << ESR_EL2_CV_SHIFT) -+#define ESR_EL2_CV (UL(1) << ESR_EL2_CV_SHIFT) - #define ESR_EL2_COND_SHIFT (20) --#define ESR_EL2_COND (0xfU << ESR_EL2_COND_SHIFT) -+#define ESR_EL2_COND (UL(0xf) << ESR_EL2_COND_SHIFT) - - - #define FSC_FAULT (0x04) - #define FSC_PERM (0x0c) - - /* Hyp Prefetch Fault Address Register (HPFAR/HDFAR) */ --#define HPFAR_MASK (~0xFUL) -+#define HPFAR_MASK (~UL(0xf)) - - #define ESR_EL2_EC_UNKNOWN (0x00) - #define ESR_EL2_EC_WFI (0x01) -diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/kvm_emulate.h -index dd8ecfc3..681cb90 100644 ---- a/arch/arm64/include/asm/kvm_emulate.h -+++ b/arch/arm64/include/asm/kvm_emulate.h -@@ -38,6 +38,11 @@ void kvm_inject_undefined(struct kvm_vcpu *vcpu); - void kvm_inject_dabt(struct kvm_vcpu *vcpu, unsigned long addr); - void kvm_inject_pabt(struct kvm_vcpu *vcpu, unsigned long addr); - -+static inline void vcpu_reset_hcr(struct kvm_vcpu *vcpu) -+{ -+ vcpu->arch.hcr_el2 = HCR_GUEST_FLAGS; -+} -+ - static inline unsigned long *vcpu_pc(const struct kvm_vcpu *vcpu) - { - return (unsigned long *)&vcpu_gp_regs(vcpu)->regs.pc; -diff --git a/arch/arm64/include/asm/kvm_mmu.h b/arch/arm64/include/asm/kvm_mmu.h -index 8e138c7..0d51874 100644 ---- a/arch/arm64/include/asm/kvm_mmu.h -+++ b/arch/arm64/include/asm/kvm_mmu.h -@@ -59,10 +59,9 @@ - #define KERN_TO_HYP(kva) ((unsigned long)kva - PAGE_OFFSET + HYP_PAGE_OFFSET) - - /* -- * Align KVM with the kernel's view of physical memory. Should be -- * 40bit IPA, with PGD being 8kB aligned in the 4KB page configuration. -+ * We currently only support a 40bit IPA. - */ --#define KVM_PHYS_SHIFT PHYS_MASK_SHIFT -+#define KVM_PHYS_SHIFT (40) - #define KVM_PHYS_SIZE (1UL << KVM_PHYS_SHIFT) - #define KVM_PHYS_MASK (KVM_PHYS_SIZE - 1UL) - -@@ -75,6 +74,7 @@ int create_hyp_io_mappings(void *from, void *to, phys_addr_t); - void free_boot_hyp_pgd(void); - void free_hyp_pgds(void); - -+void stage2_unmap_vm(struct kvm *kvm); - int kvm_alloc_stage2_pgd(struct kvm *kvm); - void kvm_free_stage2_pgd(struct kvm *kvm); - int kvm_phys_addr_ioremap(struct kvm *kvm, phys_addr_t guest_ipa, -@@ -93,19 +93,6 @@ void kvm_clear_hyp_idmap(void); - #define kvm_set_pte(ptep, pte) set_pte(ptep, pte) - #define kvm_set_pmd(pmdp, pmd) set_pmd(pmdp, pmd) - --static inline bool kvm_is_write_fault(unsigned long esr) --{ -- unsigned long esr_ec = esr >> ESR_EL2_EC_SHIFT; -- -- if (esr_ec == ESR_EL2_EC_IABT) -- return false; -- -- if ((esr & ESR_EL2_ISV) && !(esr & ESR_EL2_WNR)) -- return false; -- -- return true; --} -- - static inline void kvm_clean_pgd(pgd_t *pgd) {} - static inline void kvm_clean_pmd_entry(pmd_t *pmd) {} - static inline void kvm_clean_pte(pte_t *pte) {} -diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c -index 0874557..a8d81fa 100644 ---- a/arch/arm64/kvm/guest.c -+++ b/arch/arm64/kvm/guest.c -@@ -38,7 +38,6 @@ struct kvm_stats_debugfs_item debugfs_entries[] = { - - int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu) - { -- vcpu->arch.hcr_el2 = HCR_GUEST_FLAGS; - return 0; - } - -diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c -index 3974881..b76159a 100644 ---- a/arch/arm64/mm/dma-mapping.c -+++ b/arch/arm64/mm/dma-mapping.c -@@ -54,8 +54,7 @@ static void *arm64_swiotlb_alloc_coherent(struct device *dev, size_t size, - - *dma_handle = phys_to_dma(dev, page_to_phys(page)); - addr = page_address(page); -- if (flags & __GFP_ZERO) -- memset(addr, 0, size); -+ memset(addr, 0, size); - return addr; - } else { - return swiotlb_alloc_coherent(dev, size, dma_handle, flags); -diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 2f645c9..5dab54a 100644 ---- a/arch/x86/Kconfig -+++ b/arch/x86/Kconfig -@@ -160,7 +160,7 @@ config SBUS - - config NEED_DMA_MAP_STATE - def_bool y -- depends on X86_64 || INTEL_IOMMU || DMA_API_DEBUG -+ depends on X86_64 || INTEL_IOMMU || DMA_API_DEBUG || SWIOTLB - - config NEED_SG_DMA_LENGTH - def_bool y -diff --git a/arch/x86/kernel/cpu/microcode/intel_early.c b/arch/x86/kernel/cpu/microcode/intel_early.c -index 18f7391..43a07bf 100644 ---- a/arch/x86/kernel/cpu/microcode/intel_early.c -+++ b/arch/x86/kernel/cpu/microcode/intel_early.c -@@ -321,7 +321,7 @@ get_matching_model_microcode(int cpu, unsigned long start, - unsigned int mc_saved_count = mc_saved_data->mc_saved_count; - int i; - -- while (leftover) { -+ while (leftover && mc_saved_count < ARRAY_SIZE(mc_saved_tmp)) { - mc_header = (struct microcode_header_intel *)ucode_ptr; - - mc_size = get_totalsize(mc_header); -diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c -index a1f5b18..490fee1 100644 ---- a/arch/x86/kernel/kprobes/core.c -+++ b/arch/x86/kernel/kprobes/core.c -@@ -326,13 +326,16 @@ int __kprobes __copy_instruction(u8 *dest, u8 *src) - { - struct insn insn; - kprobe_opcode_t buf[MAX_INSN_SIZE]; -+ int length; - - kernel_insn_init(&insn, (void *)recover_probed_instruction(buf, (unsigned long)src)); - insn_get_length(&insn); -+ length = insn.length; -+ - /* Another subsystem puts a breakpoint, failed to recover */ - if (insn.opcode.bytes[0] == BREAKPOINT_INSTRUCTION) - return 0; -- memcpy(dest, insn.kaddr, insn.length); -+ memcpy(dest, insn.kaddr, length); - - #ifdef CONFIG_X86_64 - if (insn_rip_relative(&insn)) { -@@ -362,7 +365,7 @@ int __kprobes __copy_instruction(u8 *dest, u8 *src) - *(s32 *) disp = (s32) newdisp; - } - #endif -- return insn.length; -+ return length; - } - - static int __kprobes arch_copy_kprobe(struct kprobe *p) -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 9643eda6..0746334 100644 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -495,8 +495,10 @@ static void skip_emulated_instruction(struct kvm_vcpu *vcpu) - { - struct vcpu_svm *svm = to_svm(vcpu); - -- if (svm->vmcb->control.next_rip != 0) -+ if (svm->vmcb->control.next_rip != 0) { -+ WARN_ON(!static_cpu_has(X86_FEATURE_NRIPS)); - svm->next_rip = svm->vmcb->control.next_rip; -+ } - - if (!svm->next_rip) { - if (emulate_instruction(vcpu, EMULTYPE_SKIP) != -@@ -4246,7 +4248,9 @@ static int svm_check_intercept(struct kvm_vcpu *vcpu, - break; - } - -- vmcb->control.next_rip = info->next_rip; -+ /* TODO: Advertise NRIPS to guest hypervisor unconditionally */ -+ if (static_cpu_has(X86_FEATURE_NRIPS)) -+ vmcb->control.next_rip = info->next_rip; - vmcb->control.exit_code = icpt_info.exit_code; - vmexit = nested_svm_exit_handled(svm); - -diff --git a/drivers/bus/mvebu-mbus.c b/drivers/bus/mvebu-mbus.c -index e990dee..1aa0130 100644 ---- a/drivers/bus/mvebu-mbus.c -+++ b/drivers/bus/mvebu-mbus.c -@@ -701,7 +701,6 @@ static int __init mvebu_mbus_common_init(struct mvebu_mbus_state *mbus, - phys_addr_t sdramwins_phys_base, - size_t sdramwins_size) - { -- struct device_node *np; - int win; - - mbus->mbuswins_base = ioremap(mbuswins_phys_base, mbuswins_size); -@@ -714,12 +713,6 @@ static int __init mvebu_mbus_common_init(struct mvebu_mbus_state *mbus, - return -ENOMEM; - } - -- np = of_find_compatible_node(NULL, NULL, "marvell,coherency-fabric"); -- if (np) { -- mbus->hw_io_coherency = 1; -- of_node_put(np); -- } -- - for (win = 0; win < mbus->soc->num_wins; win++) - mvebu_mbus_disable_window(mbus, win); - -@@ -889,7 +882,7 @@ static void __init mvebu_mbus_get_pcie_resources(struct device_node *np, - } - } - --int __init mvebu_mbus_dt_init(void) -+int __init mvebu_mbus_dt_init(bool is_coherent) - { - struct resource mbuswins_res, sdramwins_res; - struct device_node *np, *controller; -@@ -928,6 +921,8 @@ int __init mvebu_mbus_dt_init(void) - return -EINVAL; - } - -+ mbus_state.hw_io_coherency = is_coherent; -+ - /* Get optional pcie-{mem,io}-aperture properties */ - mvebu_mbus_get_pcie_resources(np, &mbus_state.pcie_mem_aperture, - &mbus_state.pcie_io_aperture); -diff --git a/drivers/edac/sb_edac.c b/drivers/edac/sb_edac.c -index c611bcc..3e623ab 100644 ---- a/drivers/edac/sb_edac.c -+++ b/drivers/edac/sb_edac.c -@@ -765,7 +765,7 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - u32 reg; - u64 limit, prv = 0; - u64 tmp_mb; -- u32 mb, kb; -+ u32 gb, mb; - u32 rir_way; - - /* -@@ -775,15 +775,17 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - pvt->tolm = pvt->info.get_tolm(pvt); - tmp_mb = (1 + pvt->tolm) >> 20; - -- mb = div_u64_rem(tmp_mb, 1000, &kb); -- edac_dbg(0, "TOLM: %u.%03u GB (0x%016Lx)\n", mb, kb, (u64)pvt->tolm); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); -+ edac_dbg(0, "TOLM: %u.%03u GB (0x%016Lx)\n", -+ gb, (mb*1000)/1024, (u64)pvt->tolm); - - /* Address range is already 45:25 */ - pvt->tohm = pvt->info.get_tohm(pvt); - tmp_mb = (1 + pvt->tohm) >> 20; - -- mb = div_u64_rem(tmp_mb, 1000, &kb); -- edac_dbg(0, "TOHM: %u.%03u GB (0x%016Lx)\n", mb, kb, (u64)pvt->tohm); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); -+ edac_dbg(0, "TOHM: %u.%03u GB (0x%016Lx)\n", -+ gb, (mb*1000)/1024, (u64)pvt->tohm); - - /* - * Step 2) Get SAD range and SAD Interleave list -@@ -805,11 +807,11 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - break; - - tmp_mb = (limit + 1) >> 20; -- mb = div_u64_rem(tmp_mb, 1000, &kb); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); - edac_dbg(0, "SAD#%d %s up to %u.%03u GB (0x%016Lx) Interleave: %s reg=0x%08x\n", - n_sads, - get_dram_attr(reg), -- mb, kb, -+ gb, (mb*1000)/1024, - ((u64)tmp_mb) << 20L, - INTERLEAVE_MODE(reg) ? "8:6" : "[8:6]XOR[18:16]", - reg); -@@ -840,9 +842,9 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - break; - tmp_mb = (limit + 1) >> 20; - -- mb = div_u64_rem(tmp_mb, 1000, &kb); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); - edac_dbg(0, "TAD#%d: up to %u.%03u GB (0x%016Lx), socket interleave %d, memory interleave %d, TGT: %d, %d, %d, %d, reg=0x%08x\n", -- n_tads, mb, kb, -+ n_tads, gb, (mb*1000)/1024, - ((u64)tmp_mb) << 20L, - (u32)TAD_SOCK(reg), - (u32)TAD_CH(reg), -@@ -865,10 +867,10 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - tad_ch_nilv_offset[j], - ®); - tmp_mb = TAD_OFFSET(reg) >> 20; -- mb = div_u64_rem(tmp_mb, 1000, &kb); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); - edac_dbg(0, "TAD CH#%d, offset #%d: %u.%03u GB (0x%016Lx), reg=0x%08x\n", - i, j, -- mb, kb, -+ gb, (mb*1000)/1024, - ((u64)tmp_mb) << 20L, - reg); - } -@@ -890,10 +892,10 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - - tmp_mb = RIR_LIMIT(reg) >> 20; - rir_way = 1 << RIR_WAY(reg); -- mb = div_u64_rem(tmp_mb, 1000, &kb); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); - edac_dbg(0, "CH#%d RIR#%d, limit: %u.%03u GB (0x%016Lx), way: %d, reg=0x%08x\n", - i, j, -- mb, kb, -+ gb, (mb*1000)/1024, - ((u64)tmp_mb) << 20L, - rir_way, - reg); -@@ -904,10 +906,10 @@ static void get_memory_layout(const struct mem_ctl_info *mci) - ®); - tmp_mb = RIR_OFFSET(reg) << 6; - -- mb = div_u64_rem(tmp_mb, 1000, &kb); -+ gb = div_u64_rem(tmp_mb, 1024, &mb); - edac_dbg(0, "CH#%d RIR#%d INTL#%d, offset %u.%03u GB (0x%016Lx), tgt: %d, reg=0x%08x\n", - i, j, k, -- mb, kb, -+ gb, (mb*1000)/1024, - ((u64)tmp_mb) << 20L, - (u32)RIR_RNK_TGT(reg), - reg); -@@ -945,7 +947,7 @@ static int get_memory_error_data(struct mem_ctl_info *mci, - u8 ch_way, sck_way, pkg, sad_ha = 0; - u32 tad_offset; - u32 rir_way; -- u32 mb, kb; -+ u32 mb, gb; - u64 ch_addr, offset, limit = 0, prv = 0; - - -@@ -1183,10 +1185,10 @@ static int get_memory_error_data(struct mem_ctl_info *mci, - continue; - - limit = RIR_LIMIT(reg); -- mb = div_u64_rem(limit >> 20, 1000, &kb); -+ gb = div_u64_rem(limit >> 20, 1024, &mb); - edac_dbg(0, "RIR#%d, limit: %u.%03u GB (0x%016Lx), way: %d\n", - n_rir, -- mb, kb, -+ gb, (mb*1000)/1024, - limit, - 1 << RIR_WAY(reg)); - if (ch_addr <= limit) -diff --git a/drivers/net/ethernet/mellanox/mlx4/en_tx.c b/drivers/net/ethernet/mellanox/mlx4/en_tx.c -index 019a04a..a467261 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/en_tx.c -+++ b/drivers/net/ethernet/mellanox/mlx4/en_tx.c -@@ -810,8 +810,11 @@ netdev_tx_t mlx4_en_xmit(struct sk_buff *skb, struct net_device *dev) - tx_desc->ctrl.fence_size = (real_size / 16) & 0x3f; - tx_desc->ctrl.srcrb_flags = priv->ctrl_flags; - if (likely(skb->ip_summed == CHECKSUM_PARTIAL)) { -- tx_desc->ctrl.srcrb_flags |= cpu_to_be32(MLX4_WQE_CTRL_IP_CSUM | -- MLX4_WQE_CTRL_TCP_UDP_CSUM); -+ if (!skb->encapsulation) -+ tx_desc->ctrl.srcrb_flags |= cpu_to_be32(MLX4_WQE_CTRL_IP_CSUM | -+ MLX4_WQE_CTRL_TCP_UDP_CSUM); -+ else -+ tx_desc->ctrl.srcrb_flags |= cpu_to_be32(MLX4_WQE_CTRL_IP_CSUM); - ring->tx_csum++; - } - -diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c -index 528bff5..85d370e 100644 ---- a/drivers/scsi/hpsa.c -+++ b/drivers/scsi/hpsa.c -@@ -3984,10 +3984,6 @@ static int hpsa_kdump_hard_reset_controller(struct pci_dev *pdev) - - /* Save the PCI command register */ - pci_read_config_word(pdev, 4, &command_register); -- /* Turn the board off. This is so that later pci_restore_state() -- * won't turn the board on before the rest of config space is ready. -- */ -- pci_disable_device(pdev); - pci_save_state(pdev); - - /* find the first memory BAR, so we can find the cfg table */ -@@ -4035,11 +4031,6 @@ static int hpsa_kdump_hard_reset_controller(struct pci_dev *pdev) - goto unmap_cfgtable; - - pci_restore_state(pdev); -- rc = pci_enable_device(pdev); -- if (rc) { -- dev_warn(&pdev->dev, "failed to enable device.\n"); -- goto unmap_cfgtable; -- } - pci_write_config_word(pdev, 4, command_register); - - /* Some devices (notably the HP Smart Array 5i Controller) -@@ -4525,6 +4516,23 @@ static int hpsa_init_reset_devices(struct pci_dev *pdev) - if (!reset_devices) - return 0; - -+ /* kdump kernel is loading, we don't know in which state is -+ * the pci interface. The dev->enable_cnt is equal zero -+ * so we call enable+disable, wait a while and switch it on. -+ */ -+ rc = pci_enable_device(pdev); -+ if (rc) { -+ dev_warn(&pdev->dev, "Failed to enable PCI device\n"); -+ return -ENODEV; -+ } -+ pci_disable_device(pdev); -+ msleep(260); /* a randomly chosen number */ -+ rc = pci_enable_device(pdev); -+ if (rc) { -+ dev_warn(&pdev->dev, "failed to enable device.\n"); -+ return -ENODEV; -+ } -+ pci_set_master(pdev); - /* Reset the controller with a PCI power-cycle or via doorbell */ - rc = hpsa_kdump_hard_reset_controller(pdev); - -@@ -4533,10 +4541,11 @@ static int hpsa_init_reset_devices(struct pci_dev *pdev) - * "performant mode". Or, it might be 640x, which can't reset - * due to concerns about shared bbwc between 6402/6404 pair. - */ -- if (rc == -ENOTSUPP) -- return rc; /* just try to do the kdump anyhow. */ -- if (rc) -- return -ENODEV; -+ if (rc) { -+ if (rc != -ENOTSUPP) /* just try to do the kdump anyhow. */ -+ rc = -ENODEV; -+ goto out_disable; -+ } - - /* Now try to get the controller to respond to a no-op */ - dev_warn(&pdev->dev, "Waiting for controller to respond to no-op\n"); -@@ -4547,7 +4556,11 @@ static int hpsa_init_reset_devices(struct pci_dev *pdev) - dev_warn(&pdev->dev, "no-op failed%s\n", - (i < 11 ? "; re-trying" : "")); - } -- return 0; -+ -+out_disable: -+ -+ pci_disable_device(pdev); -+ return rc; - } - - static int hpsa_allocate_cmd_pool(struct ctlr_info *h) -@@ -4690,6 +4703,7 @@ static void hpsa_undo_allocations_after_kdump_soft_reset(struct ctlr_info *h) - iounmap(h->transtable); - if (h->cfgtable) - iounmap(h->cfgtable); -+ pci_disable_device(h->pdev); - pci_release_regions(h->pdev); - kfree(h); - } -diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c -index 93de3ba..f8ffee4 100644 ---- a/fs/btrfs/ctree.c -+++ b/fs/btrfs/ctree.c -@@ -2963,7 +2963,7 @@ done: - */ - if (!p->leave_spinning) - btrfs_set_path_blocking(p); -- if (ret < 0) -+ if (ret < 0 && !p->skip_release_on_error) - btrfs_release_path(p); - return ret; - } -diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h -index d3511cc..3b39eb4 100644 ---- a/fs/btrfs/ctree.h -+++ b/fs/btrfs/ctree.h -@@ -608,6 +608,7 @@ struct btrfs_path { - unsigned int skip_locking:1; - unsigned int leave_spinning:1; - unsigned int search_commit_root:1; -+ unsigned int skip_release_on_error:1; - }; - - /* -@@ -3609,6 +3610,10 @@ struct btrfs_dir_item *btrfs_lookup_xattr(struct btrfs_trans_handle *trans, - int verify_dir_item(struct btrfs_root *root, - struct extent_buffer *leaf, - struct btrfs_dir_item *dir_item); -+struct btrfs_dir_item *btrfs_match_dir_item_name(struct btrfs_root *root, -+ struct btrfs_path *path, -+ const char *name, -+ int name_len); - - /* orphan.c */ - int btrfs_insert_orphan_item(struct btrfs_trans_handle *trans, -diff --git a/fs/btrfs/dir-item.c b/fs/btrfs/dir-item.c -index a0691df..9521a93 100644 ---- a/fs/btrfs/dir-item.c -+++ b/fs/btrfs/dir-item.c -@@ -21,10 +21,6 @@ - #include "hash.h" - #include "transaction.h" - --static struct btrfs_dir_item *btrfs_match_dir_item_name(struct btrfs_root *root, -- struct btrfs_path *path, -- const char *name, int name_len); -- - /* - * insert a name into a directory, doing overflow properly if there is a hash - * collision. data_size indicates how big the item inserted should be. On -@@ -383,9 +379,9 @@ struct btrfs_dir_item *btrfs_lookup_xattr(struct btrfs_trans_handle *trans, - * this walks through all the entries in a dir item and finds one - * for a specific name. - */ --static struct btrfs_dir_item *btrfs_match_dir_item_name(struct btrfs_root *root, -- struct btrfs_path *path, -- const char *name, int name_len) -+struct btrfs_dir_item *btrfs_match_dir_item_name(struct btrfs_root *root, -+ struct btrfs_path *path, -+ const char *name, int name_len) - { - struct btrfs_dir_item *dir_item; - unsigned long name_ptr; -diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c -index 488e987..618e86c 100644 ---- a/fs/btrfs/xattr.c -+++ b/fs/btrfs/xattr.c -@@ -29,6 +29,7 @@ - #include "xattr.h" - #include "disk-io.h" - #include "props.h" -+#include "locking.h" - - - ssize_t __btrfs_getxattr(struct inode *inode, const char *name, -@@ -91,7 +92,7 @@ static int do_setxattr(struct btrfs_trans_handle *trans, - struct inode *inode, const char *name, - const void *value, size_t size, int flags) - { -- struct btrfs_dir_item *di; -+ struct btrfs_dir_item *di = NULL; - struct btrfs_root *root = BTRFS_I(inode)->root; - struct btrfs_path *path; - size_t name_len = strlen(name); -@@ -103,84 +104,119 @@ static int do_setxattr(struct btrfs_trans_handle *trans, - path = btrfs_alloc_path(); - if (!path) - return -ENOMEM; -+ path->skip_release_on_error = 1; -+ -+ if (!value) { -+ di = btrfs_lookup_xattr(trans, root, path, btrfs_ino(inode), -+ name, name_len, -1); -+ if (!di && (flags & XATTR_REPLACE)) -+ ret = -ENODATA; -+ else if (di) -+ ret = btrfs_delete_one_dir_name(trans, root, path, di); -+ goto out; -+ } - -+ /* -+ * For a replace we can't just do the insert blindly. -+ * Do a lookup first (read-only btrfs_search_slot), and return if xattr -+ * doesn't exist. If it exists, fall down below to the insert/replace -+ * path - we can't race with a concurrent xattr delete, because the VFS -+ * locks the inode's i_mutex before calling setxattr or removexattr. -+ */ - if (flags & XATTR_REPLACE) { -- di = btrfs_lookup_xattr(trans, root, path, btrfs_ino(inode), name, -- name_len, -1); -- if (IS_ERR(di)) { -- ret = PTR_ERR(di); -- goto out; -- } else if (!di) { -+ ASSERT(mutex_is_locked(&inode->i_mutex)); -+ di = btrfs_lookup_xattr(NULL, root, path, btrfs_ino(inode), -+ name, name_len, 0); -+ if (!di) { - ret = -ENODATA; - goto out; - } -- ret = btrfs_delete_one_dir_name(trans, root, path, di); -- if (ret) -- goto out; - btrfs_release_path(path); -+ di = NULL; -+ } - -+ ret = btrfs_insert_xattr_item(trans, root, path, btrfs_ino(inode), -+ name, name_len, value, size); -+ if (ret == -EOVERFLOW) { - /* -- * remove the attribute -+ * We have an existing item in a leaf, split_leaf couldn't -+ * expand it. That item might have or not a dir_item that -+ * matches our target xattr, so lets check. - */ -- if (!value) -- goto out; -- } else { -- di = btrfs_lookup_xattr(NULL, root, path, btrfs_ino(inode), -- name, name_len, 0); -- if (IS_ERR(di)) { -- ret = PTR_ERR(di); -+ ret = 0; -+ btrfs_assert_tree_locked(path->nodes[0]); -+ di = btrfs_match_dir_item_name(root, path, name, name_len); -+ if (!di && !(flags & XATTR_REPLACE)) { -+ ret = -ENOSPC; - goto out; - } -- if (!di && !value) -- goto out; -- btrfs_release_path(path); -+ } else if (ret == -EEXIST) { -+ ret = 0; -+ di = btrfs_match_dir_item_name(root, path, name, name_len); -+ ASSERT(di); /* logic error */ -+ } else if (ret) { -+ goto out; - } - --again: -- ret = btrfs_insert_xattr_item(trans, root, path, btrfs_ino(inode), -- name, name_len, value, size); -- /* -- * If we're setting an xattr to a new value but the new value is say -- * exactly BTRFS_MAX_XATTR_SIZE, we could end up with EOVERFLOW getting -- * back from split_leaf. This is because it thinks we'll be extending -- * the existing item size, but we're asking for enough space to add the -- * item itself. So if we get EOVERFLOW just set ret to EEXIST and let -- * the rest of the function figure it out. -- */ -- if (ret == -EOVERFLOW) -+ if (di && (flags & XATTR_CREATE)) { - ret = -EEXIST; -+ goto out; -+ } - -- if (ret == -EEXIST) { -- if (flags & XATTR_CREATE) -- goto out; -+ if (di) { - /* -- * We can't use the path we already have since we won't have the -- * proper locking for a delete, so release the path and -- * re-lookup to delete the thing. -+ * We're doing a replace, and it must be atomic, that is, at -+ * any point in time we have either the old or the new xattr -+ * value in the tree. We don't want readers (getxattr and -+ * listxattrs) to miss a value, this is specially important -+ * for ACLs. - */ -- btrfs_release_path(path); -- di = btrfs_lookup_xattr(trans, root, path, btrfs_ino(inode), -- name, name_len, -1); -- if (IS_ERR(di)) { -- ret = PTR_ERR(di); -- goto out; -- } else if (!di) { -- /* Shouldn't happen but just in case... */ -- btrfs_release_path(path); -- goto again; -+ const int slot = path->slots[0]; -+ struct extent_buffer *leaf = path->nodes[0]; -+ const u16 old_data_len = btrfs_dir_data_len(leaf, di); -+ const u32 item_size = btrfs_item_size_nr(leaf, slot); -+ const u32 data_size = sizeof(*di) + name_len + size; -+ struct btrfs_item *item; -+ unsigned long data_ptr; -+ char *ptr; -+ -+ if (size > old_data_len) { -+ if (btrfs_leaf_free_space(root, leaf) < -+ (size - old_data_len)) { -+ ret = -ENOSPC; -+ goto out; -+ } - } - -- ret = btrfs_delete_one_dir_name(trans, root, path, di); -- if (ret) -- goto out; -+ if (old_data_len + name_len + sizeof(*di) == item_size) { -+ /* No other xattrs packed in the same leaf item. */ -+ if (size > old_data_len) -+ btrfs_extend_item(root, path, -+ size - old_data_len); -+ else if (size < old_data_len) -+ btrfs_truncate_item(root, path, data_size, 1); -+ } else { -+ /* There are other xattrs packed in the same item. */ -+ ret = btrfs_delete_one_dir_name(trans, root, path, di); -+ if (ret) -+ goto out; -+ btrfs_extend_item(root, path, data_size); -+ } - -+ item = btrfs_item_nr(slot); -+ ptr = btrfs_item_ptr(leaf, slot, char); -+ ptr += btrfs_item_size(leaf, item) - data_size; -+ di = (struct btrfs_dir_item *)ptr; -+ btrfs_set_dir_data_len(leaf, di, size); -+ data_ptr = ((unsigned long)(di + 1)) + name_len; -+ write_extent_buffer(leaf, value, data_ptr, size); -+ btrfs_mark_buffer_dirty(leaf); -+ } else { - /* -- * We have a value to set, so go back and try to insert it now. -+ * Insert, and we had space for the xattr, so path->slots[0] is -+ * where our xattr dir_item is and btrfs_insert_xattr_item() -+ * filled it. - */ -- if (value) { -- btrfs_release_path(path); -- goto again; -- } - } - out: - btrfs_free_path(path); -diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c -index 7fe30f6..35f54bc 100644 ---- a/fs/ocfs2/file.c -+++ b/fs/ocfs2/file.c -@@ -2478,9 +2478,7 @@ static ssize_t ocfs2_file_splice_write(struct pipe_inode_info *pipe, - struct address_space *mapping = out->f_mapping; - struct inode *inode = mapping->host; - struct splice_desc sd = { -- .total_len = len, - .flags = flags, -- .pos = *ppos, - .u.file = out, - }; - -@@ -2490,6 +2488,12 @@ static ssize_t ocfs2_file_splice_write(struct pipe_inode_info *pipe, - out->f_path.dentry->d_name.len, - out->f_path.dentry->d_name.name, len); - -+ ret = generic_write_checks(out, ppos, &len, 0); -+ if (ret) -+ return ret; -+ sd.total_len = len; -+ sd.pos = *ppos; -+ - pipe_lock(pipe); - - splice_from_pipe_begin(&sd); -diff --git a/fs/splice.c b/fs/splice.c -index 12028fa..f345d53 100644 ---- a/fs/splice.c -+++ b/fs/splice.c -@@ -1012,13 +1012,17 @@ generic_file_splice_write(struct pipe_inode_info *pipe, struct file *out, - struct address_space *mapping = out->f_mapping; - struct inode *inode = mapping->host; - struct splice_desc sd = { -- .total_len = len, - .flags = flags, -- .pos = *ppos, - .u.file = out, - }; - ssize_t ret; - -+ ret = generic_write_checks(out, ppos, &len, S_ISBLK(inode->i_mode)); -+ if (ret) -+ return ret; -+ sd.total_len = len; -+ sd.pos = *ppos; -+ - pipe_lock(pipe); - - splice_from_pipe_begin(&sd); -diff --git a/include/linux/mbus.h b/include/linux/mbus.h -index 345b8c5..550c88f 100644 ---- a/include/linux/mbus.h -+++ b/include/linux/mbus.h -@@ -73,6 +73,6 @@ int mvebu_mbus_del_window(phys_addr_t base, size_t size); - int mvebu_mbus_init(const char *soc, phys_addr_t mbus_phys_base, - size_t mbus_size, phys_addr_t sdram_phys_base, - size_t sdram_size); --int mvebu_mbus_dt_init(void); -+int mvebu_mbus_dt_init(bool is_coherent); - - #endif /* __LINUX_MBUS_H */ -diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c -index c68e5e0..99de240 100644 ---- a/net/netfilter/nf_tables_api.c -+++ b/net/netfilter/nf_tables_api.c -@@ -855,7 +855,10 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb, - - if (nla[NFTA_CHAIN_POLICY]) { - if ((chain != NULL && -- !(chain->flags & NFT_BASE_CHAIN)) || -+ !(chain->flags & NFT_BASE_CHAIN))) -+ return -EOPNOTSUPP; -+ -+ if (chain == NULL && - nla[NFTA_CHAIN_HOOK] == NULL) - return -EOPNOTSUPP; - -diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c -index 9e287cb..54330fb 100644 ---- a/net/netfilter/nfnetlink_cthelper.c -+++ b/net/netfilter/nfnetlink_cthelper.c -@@ -77,6 +77,9 @@ nfnl_cthelper_parse_tuple(struct nf_conntrack_tuple *tuple, - if (!tb[NFCTH_TUPLE_L3PROTONUM] || !tb[NFCTH_TUPLE_L4PROTONUM]) - return -EINVAL; - -+ /* Not all fields are initialized so first zero the tuple */ -+ memset(tuple, 0, sizeof(struct nf_conntrack_tuple)); -+ - tuple->src.l3num = ntohs(nla_get_be16(tb[NFCTH_TUPLE_L3PROTONUM])); - tuple->dst.protonum = nla_get_u8(tb[NFCTH_TUPLE_L4PROTONUM]); - -@@ -86,7 +89,7 @@ nfnl_cthelper_parse_tuple(struct nf_conntrack_tuple *tuple, - static int - nfnl_cthelper_from_nlattr(struct nlattr *attr, struct nf_conn *ct) - { -- const struct nf_conn_help *help = nfct_help(ct); -+ struct nf_conn_help *help = nfct_help(ct); - - if (attr == NULL) - return -EINVAL; -@@ -94,7 +97,7 @@ nfnl_cthelper_from_nlattr(struct nlattr *attr, struct nf_conn *ct) - if (help->helper->data_len == 0) - return -EINVAL; - -- memcpy(&help->data, nla_data(attr), help->helper->data_len); -+ memcpy(help->data, nla_data(attr), help->helper->data_len); - return 0; - } - -diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c -index 7350723..9695895 100644 ---- a/net/netfilter/nft_compat.c -+++ b/net/netfilter/nft_compat.c -@@ -82,6 +82,9 @@ nft_target_set_tgchk_param(struct xt_tgchk_param *par, - entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0; - break; - case AF_INET6: -+ if (proto) -+ entry->e6.ipv6.flags |= IP6T_F_PROTO; -+ - entry->e6.ipv6.proto = proto; - entry->e6.ipv6.invflags = inv ? IP6T_INV_PROTO : 0; - break; -@@ -313,6 +316,9 @@ nft_match_set_mtchk_param(struct xt_mtchk_param *par, const struct nft_ctx *ctx, - entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0; - break; - case AF_INET6: -+ if (proto) -+ entry->e6.ipv6.flags |= IP6T_F_PROTO; -+ - entry->e6.ipv6.proto = proto; - entry->e6.ipv6.invflags = inv ? IP6T_INV_PROTO : 0; - break; -diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c -index 1316e55..c324a52 100644 ---- a/virt/kvm/arm/vgic.c -+++ b/virt/kvm/arm/vgic.c -@@ -674,7 +674,7 @@ static bool read_set_clear_sgi_pend_reg(struct kvm_vcpu *vcpu, - { - struct vgic_dist *dist = &vcpu->kvm->arch.vgic; - int sgi; -- int min_sgi = (offset & ~0x3) * 4; -+ int min_sgi = (offset & ~0x3); - int max_sgi = min_sgi + 3; - int vcpu_id = vcpu->vcpu_id; - u32 reg = 0; -@@ -695,7 +695,7 @@ static bool write_set_clear_sgi_pend_reg(struct kvm_vcpu *vcpu, - { - struct vgic_dist *dist = &vcpu->kvm->arch.vgic; - int sgi; -- int min_sgi = (offset & ~0x3) * 4; -+ int min_sgi = (offset & ~0x3); - int max_sgi = min_sgi + 3; - int vcpu_id = vcpu->vcpu_id; - u32 reg; -@@ -1387,7 +1387,8 @@ out: - int kvm_vgic_inject_irq(struct kvm *kvm, int cpuid, unsigned int irq_num, - bool level) - { -- if (vgic_update_irq_state(kvm, cpuid, irq_num, level)) -+ if (likely(vgic_initialized(kvm)) && -+ vgic_update_irq_state(kvm, cpuid, irq_num, level)) - vgic_kick_vcpus(kvm); - - return 0; -@@ -1610,7 +1611,7 @@ out: - - int kvm_vgic_create(struct kvm *kvm) - { -- int i, vcpu_lock_idx = -1, ret = 0; -+ int i, vcpu_lock_idx = -1, ret; - struct kvm_vcpu *vcpu; - - mutex_lock(&kvm->lock); -@@ -1625,6 +1626,7 @@ int kvm_vgic_create(struct kvm *kvm) - * vcpu->mutex. By grabbing the vcpu->mutex of all VCPUs we ensure - * that no other VCPUs are run while we create the vgic. - */ -+ ret = -EBUSY; - kvm_for_each_vcpu(i, vcpu, kvm) { - if (!mutex_trylock(&vcpu->mutex)) - goto out_unlock; -@@ -1632,11 +1634,10 @@ int kvm_vgic_create(struct kvm *kvm) - } - - kvm_for_each_vcpu(i, vcpu, kvm) { -- if (vcpu->arch.has_run_once) { -- ret = -EBUSY; -+ if (vcpu->arch.has_run_once) - goto out_unlock; -- } - } -+ ret = 0; - - spin_lock_init(&kvm->arch.vgic.lock); - kvm->arch.vgic.vctrl_base = vgic_vctrl_base; diff --git a/3.14.48/1047_linux-3.14.48.patch b/3.14.48/1047_linux-3.14.48.patch deleted file mode 100644 index 3a7169d..0000000 --- a/3.14.48/1047_linux-3.14.48.patch +++ /dev/null @@ -1,1019 +0,0 @@ -diff --git a/Makefile b/Makefile -index f9041e6..25393e8 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,6 +1,6 @@ - VERSION = 3 - PATCHLEVEL = 14 --SUBLEVEL = 47 -+SUBLEVEL = 48 - EXTRAVERSION = - NAME = Remembering Coco - -diff --git a/arch/arm/include/asm/kvm_mmu.h b/arch/arm/include/asm/kvm_mmu.h -index 9f79231..7d35af3 100644 ---- a/arch/arm/include/asm/kvm_mmu.h -+++ b/arch/arm/include/asm/kvm_mmu.h -@@ -117,13 +117,14 @@ static inline void kvm_set_s2pmd_writable(pmd_t *pmd) - (__boundary - 1 < (end) - 1)? __boundary: (end); \ - }) - -+#define kvm_pgd_index(addr) pgd_index(addr) -+ - static inline bool kvm_page_empty(void *ptr) - { - struct page *ptr_page = virt_to_page(ptr); - return page_count(ptr_page) == 1; - } - -- - #define kvm_pte_table_empty(ptep) kvm_page_empty(ptep) - #define kvm_pmd_table_empty(pmdp) kvm_page_empty(pmdp) - #define kvm_pud_table_empty(pudp) (0) -diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c -index 2e74a61..f6a52a2 100644 ---- a/arch/arm/kvm/arm.c -+++ b/arch/arm/kvm/arm.c -@@ -441,6 +441,7 @@ static void update_vttbr(struct kvm *kvm) - - static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu) - { -+ struct kvm *kvm = vcpu->kvm; - int ret; - - if (likely(vcpu->arch.has_run_once)) -@@ -452,12 +453,20 @@ static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu) - * Initialize the VGIC before running a vcpu the first time on - * this VM. - */ -- if (unlikely(!vgic_initialized(vcpu->kvm))) { -- ret = kvm_vgic_init(vcpu->kvm); -+ if (unlikely(!vgic_initialized(kvm))) { -+ ret = kvm_vgic_init(kvm); - if (ret) - return ret; - } - -+ /* -+ * Enable the arch timers only if we have an in-kernel VGIC -+ * and it has been properly initialized, since we cannot handle -+ * interrupts from the virtual timer with a userspace gic. -+ */ -+ if (irqchip_in_kernel(kvm) && vgic_initialized(kvm)) -+ kvm_timer_enable(kvm); -+ - return 0; - } - -diff --git a/arch/arm/kvm/interrupts.S b/arch/arm/kvm/interrupts.S -index 0d68d40..a1467e7 100644 ---- a/arch/arm/kvm/interrupts.S -+++ b/arch/arm/kvm/interrupts.S -@@ -159,13 +159,9 @@ __kvm_vcpu_return: - @ Don't trap coprocessor accesses for host kernel - set_hstr vmexit - set_hdcr vmexit -- set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11)) -+ set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11)), after_vfp_restore - - #ifdef CONFIG_VFPv3 -- @ Save floating point registers we if let guest use them. -- tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11)) -- bne after_vfp_restore -- - @ Switch VFP/NEON hardware state to the host's - add r7, vcpu, #VCPU_VFP_GUEST - store_vfp_state r7 -@@ -177,6 +173,8 @@ after_vfp_restore: - @ Restore FPEXC_EN which we clobbered on entry - pop {r2} - VFPFMXR FPEXC, r2 -+#else -+after_vfp_restore: - #endif - - @ Reset Hyp-role -@@ -467,7 +465,7 @@ switch_to_guest_vfp: - push {r3-r7} - - @ NEON/VFP used. Turn on VFP access. -- set_hcptr vmexit, (HCPTR_TCP(10) | HCPTR_TCP(11)) -+ set_hcptr vmtrap, (HCPTR_TCP(10) | HCPTR_TCP(11)) - - @ Switch VFP/NEON hardware state to the guest's - add r7, r0, #VCPU_VFP_HOST -diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S -index 76af9302..2973b2d 100644 ---- a/arch/arm/kvm/interrupts_head.S -+++ b/arch/arm/kvm/interrupts_head.S -@@ -578,8 +578,13 @@ vcpu .req r0 @ vcpu pointer always in r0 - .endm - - /* Configures the HCPTR (Hyp Coprocessor Trap Register) on entry/return -- * (hardware reset value is 0). Keep previous value in r2. */ --.macro set_hcptr operation, mask -+ * (hardware reset value is 0). Keep previous value in r2. -+ * An ISB is emited on vmexit/vmtrap, but executed on vmexit only if -+ * VFP wasn't already enabled (always executed on vmtrap). -+ * If a label is specified with vmexit, it is branched to if VFP wasn't -+ * enabled. -+ */ -+.macro set_hcptr operation, mask, label = none - mrc p15, 4, r2, c1, c1, 2 - ldr r3, =\mask - .if \operation == vmentry -@@ -588,6 +593,17 @@ vcpu .req r0 @ vcpu pointer always in r0 - bic r3, r2, r3 @ Don't trap defined coproc-accesses - .endif - mcr p15, 4, r3, c1, c1, 2 -+ .if \operation != vmentry -+ .if \operation == vmexit -+ tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11)) -+ beq 1f -+ .endif -+ isb -+ .if \label != none -+ b \label -+ .endif -+1: -+ .endif - .endm - - /* Configures the HDCR (Hyp Debug Configuration Register) on entry/return -diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c -index 524b4b5..c612e37 100644 ---- a/arch/arm/kvm/mmu.c -+++ b/arch/arm/kvm/mmu.c -@@ -194,7 +194,7 @@ static void unmap_range(struct kvm *kvm, pgd_t *pgdp, - phys_addr_t addr = start, end = start + size; - phys_addr_t next; - -- pgd = pgdp + pgd_index(addr); -+ pgd = pgdp + kvm_pgd_index(addr); - do { - next = kvm_pgd_addr_end(addr, end); - if (!pgd_none(*pgd)) -@@ -264,7 +264,7 @@ static void stage2_flush_memslot(struct kvm *kvm, - phys_addr_t next; - pgd_t *pgd; - -- pgd = kvm->arch.pgd + pgd_index(addr); -+ pgd = kvm->arch.pgd + kvm_pgd_index(addr); - do { - next = kvm_pgd_addr_end(addr, end); - stage2_flush_puds(kvm, pgd, addr, next); -@@ -649,7 +649,7 @@ static pmd_t *stage2_get_pmd(struct kvm *kvm, struct kvm_mmu_memory_cache *cache - pud_t *pud; - pmd_t *pmd; - -- pgd = kvm->arch.pgd + pgd_index(addr); -+ pgd = kvm->arch.pgd + kvm_pgd_index(addr); - pud = pud_offset(pgd, addr); - if (pud_none(*pud)) { - if (!cache) -diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/kvm_emulate.h -index 681cb90..91f33c2 100644 ---- a/arch/arm64/include/asm/kvm_emulate.h -+++ b/arch/arm64/include/asm/kvm_emulate.h -@@ -41,6 +41,8 @@ void kvm_inject_pabt(struct kvm_vcpu *vcpu, unsigned long addr); - static inline void vcpu_reset_hcr(struct kvm_vcpu *vcpu) - { - vcpu->arch.hcr_el2 = HCR_GUEST_FLAGS; -+ if (test_bit(KVM_ARM_VCPU_EL1_32BIT, vcpu->arch.features)) -+ vcpu->arch.hcr_el2 &= ~HCR_RW; - } - - static inline unsigned long *vcpu_pc(const struct kvm_vcpu *vcpu) -diff --git a/arch/arm64/include/asm/kvm_mmu.h b/arch/arm64/include/asm/kvm_mmu.h -index 0d51874..15a8a86 100644 ---- a/arch/arm64/include/asm/kvm_mmu.h -+++ b/arch/arm64/include/asm/kvm_mmu.h -@@ -69,6 +69,8 @@ - #define PTRS_PER_S2_PGD (1 << (KVM_PHYS_SHIFT - PGDIR_SHIFT)) - #define S2_PGD_ORDER get_order(PTRS_PER_S2_PGD * sizeof(pgd_t)) - -+#define kvm_pgd_index(addr) (((addr) >> PGDIR_SHIFT) & (PTRS_PER_S2_PGD - 1)) -+ - int create_hyp_mappings(void *from, void *to); - int create_hyp_io_mappings(void *from, void *to, phys_addr_t); - void free_boot_hyp_pgd(void); -diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S -index 5dfc8331..3aaf3bc 100644 ---- a/arch/arm64/kvm/hyp.S -+++ b/arch/arm64/kvm/hyp.S -@@ -629,6 +629,7 @@ ENTRY(__kvm_tlb_flush_vmid_ipa) - * Instead, we invalidate Stage-2 for this IPA, and the - * whole of Stage-1. Weep... - */ -+ lsr x1, x1, #12 - tlbi ipas2e1is, x1 - /* - * We have to ensure completion of the invalidation at Stage-2, -diff --git a/arch/arm64/kvm/reset.c b/arch/arm64/kvm/reset.c -index 70a7816..0b43265 100644 ---- a/arch/arm64/kvm/reset.c -+++ b/arch/arm64/kvm/reset.c -@@ -90,7 +90,6 @@ int kvm_reset_vcpu(struct kvm_vcpu *vcpu) - if (!cpu_has_32bit_el1()) - return -EINVAL; - cpu_reset = &default_regs_reset32; -- vcpu->arch.hcr_el2 &= ~HCR_RW; - } else { - cpu_reset = &default_regs_reset; - } -diff --git a/arch/mips/include/asm/mach-generic/spaces.h b/arch/mips/include/asm/mach-generic/spaces.h -index 9488fa5..afc96ec 100644 ---- a/arch/mips/include/asm/mach-generic/spaces.h -+++ b/arch/mips/include/asm/mach-generic/spaces.h -@@ -94,7 +94,11 @@ - #endif - - #ifndef FIXADDR_TOP -+#ifdef CONFIG_KVM_GUEST -+#define FIXADDR_TOP ((unsigned long)(long)(int)0x7ffe0000) -+#else - #define FIXADDR_TOP ((unsigned long)(long)(int)0xfffe0000) - #endif -+#endif - - #endif /* __ASM_MACH_GENERIC_SPACES_H */ -diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c -index 38265dc..65dfbd0 100644 ---- a/arch/powerpc/perf/core-book3s.c -+++ b/arch/powerpc/perf/core-book3s.c -@@ -124,7 +124,16 @@ static inline void power_pmu_bhrb_read(struct cpu_hw_events *cpuhw) {} - - static bool regs_use_siar(struct pt_regs *regs) - { -- return !!regs->result; -+ /* -+ * When we take a performance monitor exception the regs are setup -+ * using perf_read_regs() which overloads some fields, in particular -+ * regs->result to tell us whether to use SIAR. -+ * -+ * However if the regs are from another exception, eg. a syscall, then -+ * they have not been setup using perf_read_regs() and so regs->result -+ * is something random. -+ */ -+ return ((TRAP(regs) == 0xf00) && regs->result); - } - - /* -diff --git a/arch/sparc/kernel/ldc.c b/arch/sparc/kernel/ldc.c -index 27bb554..7ef2862 100644 ---- a/arch/sparc/kernel/ldc.c -+++ b/arch/sparc/kernel/ldc.c -@@ -2307,7 +2307,7 @@ void *ldc_alloc_exp_dring(struct ldc_channel *lp, unsigned int len, - if (len & (8UL - 1)) - return ERR_PTR(-EINVAL); - -- buf = kzalloc(len, GFP_KERNEL); -+ buf = kzalloc(len, GFP_ATOMIC); - if (!buf) - return ERR_PTR(-ENOMEM); - -diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 5dab54a..96e743a 100644 ---- a/arch/x86/Kconfig -+++ b/arch/x86/Kconfig -@@ -2440,9 +2440,19 @@ config X86_DMA_REMAP - depends on STA2X11 - - config IOSF_MBI -- tristate -- default m -+ tristate "Intel System On Chip IOSF Sideband support" - depends on PCI -+ ---help--- -+ Enables sideband access to mailbox registers on SoC's. The sideband is -+ available on the following platforms. This list is not meant to be -+ exclusive. -+ - BayTrail -+ - Cherryview -+ - Braswell -+ - Quark -+ -+ You should say Y if you are running a kernel on one of these -+ platforms. - - source "net/Kconfig" - -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index e9dc029..ac03bd7 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -571,7 +571,7 @@ struct kvm_arch { - struct kvm_pic *vpic; - struct kvm_ioapic *vioapic; - struct kvm_pit *vpit; -- int vapics_in_nmi_mode; -+ atomic_t vapics_in_nmi_mode; - struct mutex apic_map_lock; - struct kvm_apic_map *apic_map; - -diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c -index 298781d..1406ffd 100644 ---- a/arch/x86/kvm/i8254.c -+++ b/arch/x86/kvm/i8254.c -@@ -305,7 +305,7 @@ static void pit_do_work(struct kthread_work *work) - * LVT0 to NMI delivery. Other PIC interrupts are just sent to - * VCPU0, and only if its LVT0 is in EXTINT mode. - */ -- if (kvm->arch.vapics_in_nmi_mode > 0) -+ if (atomic_read(&kvm->arch.vapics_in_nmi_mode) > 0) - kvm_for_each_vcpu(i, vcpu, kvm) - kvm_apic_nmi_wd_deliver(vcpu); - } -diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index 453e5fb..6456734 100644 ---- a/arch/x86/kvm/lapic.c -+++ b/arch/x86/kvm/lapic.c -@@ -1109,10 +1109,10 @@ static void apic_manage_nmi_watchdog(struct kvm_lapic *apic, u32 lvt0_val) - if (!nmi_wd_enabled) { - apic_debug("Receive NMI setting on APIC_LVT0 " - "for cpu %d\n", apic->vcpu->vcpu_id); -- apic->vcpu->kvm->arch.vapics_in_nmi_mode++; -+ atomic_inc(&apic->vcpu->kvm->arch.vapics_in_nmi_mode); - } - } else if (nmi_wd_enabled) -- apic->vcpu->kvm->arch.vapics_in_nmi_mode--; -+ atomic_dec(&apic->vcpu->kvm->arch.vapics_in_nmi_mode); - } - - static int apic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val) -diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c -index 4f25ec0..bf00138 100644 ---- a/arch/x86/pci/acpi.c -+++ b/arch/x86/pci/acpi.c -@@ -84,6 +84,17 @@ static const struct dmi_system_id pci_crs_quirks[] __initconst = { - DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"), - }, - }, -+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/931368 */ -+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1033299 */ -+ { -+ .callback = set_use_crs, -+ .ident = "Foxconn K8M890-8237A", -+ .matches = { -+ DMI_MATCH(DMI_BOARD_VENDOR, "Foxconn"), -+ DMI_MATCH(DMI_BOARD_NAME, "K8M890-8237A"), -+ DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"), -+ }, -+ }, - - /* Now for the blacklist.. */ - -@@ -124,8 +135,10 @@ void __init pci_acpi_crs_quirks(void) - { - int year; - -- if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008) -- pci_use_crs = false; -+ if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008) { -+ if (iomem_resource.end <= 0xffffffff) -+ pci_use_crs = false; -+ } - - dmi_check_system(pci_crs_quirks); - -diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c -index 533a509..fbc693b 100644 ---- a/drivers/cpufreq/intel_pstate.c -+++ b/drivers/cpufreq/intel_pstate.c -@@ -417,7 +417,7 @@ static void byt_set_pstate(struct cpudata *cpudata, int pstate) - - val |= vid; - -- wrmsrl(MSR_IA32_PERF_CTL, val); -+ wrmsrl_on_cpu(cpudata->cpu, MSR_IA32_PERF_CTL, val); - } - - #define BYT_BCLK_FREQS 5 -diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c -index 5967667..1f35487 100644 ---- a/drivers/crypto/talitos.c -+++ b/drivers/crypto/talitos.c -@@ -927,7 +927,8 @@ static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, - sg_count--; - link_tbl_ptr--; - } -- be16_add_cpu(&link_tbl_ptr->len, cryptlen); -+ link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) -+ + cryptlen); - - /* tag end of link table */ - link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; -@@ -2563,6 +2564,7 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, - break; - default: - dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type); -+ kfree(t_alg); - return ERR_PTR(-EINVAL); - } - -diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c -index 9cbef59..9359740 100644 ---- a/drivers/iommu/amd_iommu.c -+++ b/drivers/iommu/amd_iommu.c -@@ -1922,9 +1922,15 @@ static void free_pt_##LVL (unsigned long __pt) \ - pt = (u64 *)__pt; \ - \ - for (i = 0; i < 512; ++i) { \ -+ /* PTE present? */ \ - if (!IOMMU_PTE_PRESENT(pt[i])) \ - continue; \ - \ -+ /* Large PTE? */ \ -+ if (PM_PTE_LEVEL(pt[i]) == 0 || \ -+ PM_PTE_LEVEL(pt[i]) == 7) \ -+ continue; \ -+ \ - p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \ - FN(p); \ - } \ -diff --git a/drivers/net/phy/phy_device.c b/drivers/net/phy/phy_device.c -index 25f7419..62c3fb9 100644 ---- a/drivers/net/phy/phy_device.c -+++ b/drivers/net/phy/phy_device.c -@@ -765,10 +765,11 @@ static int genphy_config_advert(struct phy_device *phydev) - if (phydev->supported & (SUPPORTED_1000baseT_Half | - SUPPORTED_1000baseT_Full)) { - adv |= ethtool_adv_to_mii_ctrl1000_t(advertise); -- if (adv != oldadv) -- changed = 1; - } - -+ if (adv != oldadv) -+ changed = 1; -+ - err = phy_write(phydev, MII_CTRL1000, adv); - if (err < 0) - return err; -diff --git a/fs/dcache.c b/fs/dcache.c -index 1d7e8a3..aa24f7d 100644 ---- a/fs/dcache.c -+++ b/fs/dcache.c -@@ -2905,17 +2905,6 @@ restart: - vfsmnt = &mnt->mnt; - continue; - } -- /* -- * Filesystems needing to implement special "root names" -- * should do so with ->d_dname() -- */ -- if (IS_ROOT(dentry) && -- (dentry->d_name.len != 1 || -- dentry->d_name.name[0] != '/')) { -- WARN(1, "Root dentry has weird name <%.*s>\n", -- (int) dentry->d_name.len, -- dentry->d_name.name); -- } - if (!error) - error = is_mounted(vfsmnt) ? 1 : 2; - break; -diff --git a/fs/inode.c b/fs/inode.c -index e846a32..644875b 100644 ---- a/fs/inode.c -+++ b/fs/inode.c -@@ -1631,8 +1631,8 @@ int file_remove_suid(struct file *file) - error = security_inode_killpriv(dentry); - if (!error && killsuid) - error = __remove_suid(dentry, killsuid); -- if (!error && (inode->i_sb->s_flags & MS_NOSEC)) -- inode->i_flags |= S_NOSEC; -+ if (!error) -+ inode_has_no_xattr(inode); - - return error; - } -diff --git a/fs/namespace.c b/fs/namespace.c -index 2faa7ea..fc99d18 100644 ---- a/fs/namespace.c -+++ b/fs/namespace.c -@@ -3031,11 +3031,15 @@ bool fs_fully_visible(struct file_system_type *type) - if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root) - continue; - -- /* This mount is not fully visible if there are any child mounts -- * that cover anything except for empty directories. -+ /* This mount is not fully visible if there are any -+ * locked child mounts that cover anything except for -+ * empty directories. - */ - list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) { - struct inode *inode = child->mnt_mountpoint->d_inode; -+ /* Only worry about locked mounts */ -+ if (!(mnt->mnt.mnt_flags & MNT_LOCKED)) -+ continue; - if (!S_ISDIR(inode->i_mode)) - goto next; - if (inode->i_nlink > 2) -diff --git a/include/kvm/arm_arch_timer.h b/include/kvm/arm_arch_timer.h -index 6d9aedd..327b155 100644 ---- a/include/kvm/arm_arch_timer.h -+++ b/include/kvm/arm_arch_timer.h -@@ -60,7 +60,8 @@ struct arch_timer_cpu { - - #ifdef CONFIG_KVM_ARM_TIMER - int kvm_timer_hyp_init(void); --int kvm_timer_init(struct kvm *kvm); -+void kvm_timer_enable(struct kvm *kvm); -+void kvm_timer_init(struct kvm *kvm); - void kvm_timer_vcpu_reset(struct kvm_vcpu *vcpu, - const struct kvm_irq_level *irq); - void kvm_timer_vcpu_init(struct kvm_vcpu *vcpu); -@@ -73,11 +74,8 @@ static inline int kvm_timer_hyp_init(void) - return 0; - }; - --static inline int kvm_timer_init(struct kvm *kvm) --{ -- return 0; --} -- -+static inline void kvm_timer_enable(struct kvm *kvm) {} -+static inline void kvm_timer_init(struct kvm *kvm) {} - static inline void kvm_timer_vcpu_reset(struct kvm_vcpu *vcpu, - const struct kvm_irq_level *irq) {} - static inline void kvm_timer_vcpu_init(struct kvm_vcpu *vcpu) {} -diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h -index 3573a81..8ba379f 100644 ---- a/include/net/netns/sctp.h -+++ b/include/net/netns/sctp.h -@@ -31,6 +31,7 @@ struct netns_sctp { - struct list_head addr_waitq; - struct timer_list addr_wq_timer; - struct list_head auto_asconf_splist; -+ /* Lock that protects both addr_waitq and auto_asconf_splist */ - spinlock_t addr_wq_lock; - - /* Lock that protects the local_addr_list writers */ -diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h -index 0dfcc92..2c2d388 100644 ---- a/include/net/sctp/structs.h -+++ b/include/net/sctp/structs.h -@@ -219,6 +219,10 @@ struct sctp_sock { - atomic_t pd_mode; - /* Receive to here while partial delivery is in effect. */ - struct sk_buff_head pd_lobby; -+ -+ /* These must be the last fields, as they will skipped on copies, -+ * like on accept and peeloff operations -+ */ - struct list_head auto_asconf_list; - int do_auto_asconf; - }; -diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c -index a9a4a1b..8d423bc 100644 ---- a/net/bridge/br_ioctl.c -+++ b/net/bridge/br_ioctl.c -@@ -247,9 +247,7 @@ static int old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) - if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) - return -EPERM; - -- spin_lock_bh(&br->lock); - br_stp_set_bridge_priority(br, args[1]); -- spin_unlock_bh(&br->lock); - return 0; - - case BRCTL_SET_PORT_PRIORITY: -diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c -index 11a2e6c..7bbc8fe 100644 ---- a/net/bridge/br_multicast.c -+++ b/net/bridge/br_multicast.c -@@ -1086,6 +1086,9 @@ static void br_multicast_add_router(struct net_bridge *br, - struct net_bridge_port *p; - struct hlist_node *slot = NULL; - -+ if (!hlist_unhashed(&port->rlist)) -+ return; -+ - hlist_for_each_entry(p, &br->router_list, rlist) { - if ((unsigned long) port >= (unsigned long) p) - break; -@@ -1113,12 +1116,8 @@ static void br_multicast_mark_router(struct net_bridge *br, - if (port->multicast_router != 1) - return; - -- if (!hlist_unhashed(&port->rlist)) -- goto timer; -- - br_multicast_add_router(br, port); - --timer: - mod_timer(&port->multicast_router_timer, - now + br->multicast_querier_interval); - } -diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c -index 189ba1e..9a0005a 100644 ---- a/net/bridge/br_stp_if.c -+++ b/net/bridge/br_stp_if.c -@@ -243,12 +243,13 @@ bool br_stp_recalculate_bridge_id(struct net_bridge *br) - return true; - } - --/* called under bridge lock */ -+/* Acquires and releases bridge lock */ - void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio) - { - struct net_bridge_port *p; - int wasroot; - -+ spin_lock_bh(&br->lock); - wasroot = br_is_root_bridge(br); - - list_for_each_entry(p, &br->port_list, list) { -@@ -266,6 +267,7 @@ void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio) - br_port_state_selection(br); - if (br_is_root_bridge(br) && !wasroot) - br_become_root_bridge(br); -+ spin_unlock_bh(&br->lock); - } - - /* called under bridge lock */ -diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 7d95f69..0f062c6 100644 ---- a/net/core/neighbour.c -+++ b/net/core/neighbour.c -@@ -976,6 +976,8 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) - rc = 0; - if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) - goto out_unlock_bh; -+ if (neigh->dead) -+ goto out_dead; - - if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { - if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + -@@ -1032,6 +1034,13 @@ out_unlock_bh: - write_unlock(&neigh->lock); - local_bh_enable(); - return rc; -+ -+out_dead: -+ if (neigh->nud_state & NUD_STALE) -+ goto out_unlock_bh; -+ write_unlock_bh(&neigh->lock); -+ kfree_skb(skb); -+ return 1; - } - EXPORT_SYMBOL(__neigh_event_send); - -@@ -1095,6 +1104,8 @@ int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, - if (!(flags & NEIGH_UPDATE_F_ADMIN) && - (old & (NUD_NOARP | NUD_PERMANENT))) - goto out; -+ if (neigh->dead) -+ goto out; - - if (!(new & NUD_VALID)) { - neigh_del_timer(neigh); -@@ -1244,6 +1255,8 @@ EXPORT_SYMBOL(neigh_update); - */ - void __neigh_set_probe_once(struct neighbour *neigh) - { -+ if (neigh->dead) -+ return; - neigh->updated = jiffies; - if (!(neigh->nud_state & NUD_FAILED)) - return; -diff --git a/net/core/skbuff.c b/net/core/skbuff.c -index 69ec61a..8207f8d 100644 ---- a/net/core/skbuff.c -+++ b/net/core/skbuff.c -@@ -368,9 +368,11 @@ refill: - for (order = NETDEV_FRAG_PAGE_MAX_ORDER; ;) { - gfp_t gfp = gfp_mask; - -- if (order) -+ if (order) { - gfp |= __GFP_COMP | __GFP_NOWARN | - __GFP_NOMEMALLOC; -+ gfp &= ~__GFP_WAIT; -+ } - nc->frag.page = alloc_pages(gfp, order); - if (likely(nc->frag.page)) - break; -diff --git a/net/core/sock.c b/net/core/sock.c -index 650dd58..8ebfa52 100644 ---- a/net/core/sock.c -+++ b/net/core/sock.c -@@ -1914,8 +1914,10 @@ bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t prio) - do { - gfp_t gfp = prio; - -- if (order) -+ if (order) { - gfp |= __GFP_COMP | __GFP_NOWARN | __GFP_NORETRY; -+ gfp &= ~__GFP_WAIT; -+ } - pfrag->page = alloc_pages(gfp, order); - if (likely(pfrag->page)) { - pfrag->offset = 0; -diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c -index 07bd8ed..951fe55 100644 ---- a/net/ipv4/af_inet.c -+++ b/net/ipv4/af_inet.c -@@ -228,6 +228,8 @@ int inet_listen(struct socket *sock, int backlog) - err = 0; - if (err) - goto out; -+ -+ tcp_fastopen_init_key_once(true); - } - err = inet_csk_listen_start(sk, backlog); - if (err) -diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c -index 29d240b..dc45221 100644 ---- a/net/ipv4/tcp.c -+++ b/net/ipv4/tcp.c -@@ -2684,10 +2684,13 @@ static int do_tcp_setsockopt(struct sock *sk, int level, - - case TCP_FASTOPEN: - if (val >= 0 && ((1 << sk->sk_state) & (TCPF_CLOSE | -- TCPF_LISTEN))) -+ TCPF_LISTEN))) { -+ tcp_fastopen_init_key_once(true); -+ - err = fastopen_init_queue(sk, val); -- else -+ } else { - err = -EINVAL; -+ } - break; - case TCP_TIMESTAMP: - if (!tp->repair) -diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c -index f195d93..ee6518d 100644 ---- a/net/ipv4/tcp_fastopen.c -+++ b/net/ipv4/tcp_fastopen.c -@@ -84,8 +84,6 @@ void tcp_fastopen_cookie_gen(__be32 src, __be32 dst, - __be32 path[4] = { src, dst, 0, 0 }; - struct tcp_fastopen_context *ctx; - -- tcp_fastopen_init_key_once(true); -- - rcu_read_lock(); - ctx = rcu_dereference(tcp_fastopen_ctx); - if (ctx) { -diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index 48b1817..84a60b8 100644 ---- a/net/packet/af_packet.c -+++ b/net/packet/af_packet.c -@@ -1264,16 +1264,6 @@ static void packet_sock_destruct(struct sock *sk) - sk_refcnt_debug_dec(sk); - } - --static int fanout_rr_next(struct packet_fanout *f, unsigned int num) --{ -- int x = atomic_read(&f->rr_cur) + 1; -- -- if (x >= num) -- x = 0; -- -- return x; --} -- - static unsigned int fanout_demux_hash(struct packet_fanout *f, - struct sk_buff *skb, - unsigned int num) -@@ -1285,13 +1275,9 @@ static unsigned int fanout_demux_lb(struct packet_fanout *f, - struct sk_buff *skb, - unsigned int num) - { -- int cur, old; -+ unsigned int val = atomic_inc_return(&f->rr_cur); - -- cur = atomic_read(&f->rr_cur); -- while ((old = atomic_cmpxchg(&f->rr_cur, cur, -- fanout_rr_next(f, num))) != cur) -- cur = old; -- return cur; -+ return val % num; - } - - static unsigned int fanout_demux_cpu(struct packet_fanout *f, -@@ -1345,7 +1331,7 @@ static int packet_rcv_fanout(struct sk_buff *skb, struct net_device *dev, - struct packet_type *pt, struct net_device *orig_dev) - { - struct packet_fanout *f = pt->af_packet_priv; -- unsigned int num = f->num_members; -+ unsigned int num = ACCESS_ONCE(f->num_members); - struct packet_sock *po; - unsigned int idx; - -diff --git a/net/sctp/output.c b/net/sctp/output.c -index 740ca5f..e39e6d5 100644 ---- a/net/sctp/output.c -+++ b/net/sctp/output.c -@@ -599,7 +599,9 @@ out: - return err; - no_route: - kfree_skb(nskb); -- IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES); -+ -+ if (asoc) -+ IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES); - - /* FIXME: Returning the 'err' will effect all the associations - * associated with a socket, although only one of the paths of the -diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 604a6ac..f940fdc 100644 ---- a/net/sctp/socket.c -+++ b/net/sctp/socket.c -@@ -1532,8 +1532,10 @@ static void sctp_close(struct sock *sk, long timeout) - - /* Supposedly, no process has access to the socket, but - * the net layers still may. -+ * Also, sctp_destroy_sock() needs to be called with addr_wq_lock -+ * held and that should be grabbed before socket lock. - */ -- local_bh_disable(); -+ spin_lock_bh(&net->sctp.addr_wq_lock); - bh_lock_sock(sk); - - /* Hold the sock, since sk_common_release() will put sock_put() -@@ -1543,7 +1545,7 @@ static void sctp_close(struct sock *sk, long timeout) - sk_common_release(sk); - - bh_unlock_sock(sk); -- local_bh_enable(); -+ spin_unlock_bh(&net->sctp.addr_wq_lock); - - sock_put(sk); - -@@ -3511,6 +3513,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval, - if ((val && sp->do_auto_asconf) || (!val && !sp->do_auto_asconf)) - return 0; - -+ spin_lock_bh(&sock_net(sk)->sctp.addr_wq_lock); - if (val == 0 && sp->do_auto_asconf) { - list_del(&sp->auto_asconf_list); - sp->do_auto_asconf = 0; -@@ -3519,6 +3522,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval, - &sock_net(sk)->sctp.auto_asconf_splist); - sp->do_auto_asconf = 1; - } -+ spin_unlock_bh(&sock_net(sk)->sctp.addr_wq_lock); - return 0; - } - -@@ -4009,18 +4013,28 @@ static int sctp_init_sock(struct sock *sk) - local_bh_disable(); - percpu_counter_inc(&sctp_sockets_allocated); - sock_prot_inuse_add(net, sk->sk_prot, 1); -+ -+ /* Nothing can fail after this block, otherwise -+ * sctp_destroy_sock() will be called without addr_wq_lock held -+ */ - if (net->sctp.default_auto_asconf) { -+ spin_lock(&sock_net(sk)->sctp.addr_wq_lock); - list_add_tail(&sp->auto_asconf_list, - &net->sctp.auto_asconf_splist); - sp->do_auto_asconf = 1; -- } else -+ spin_unlock(&sock_net(sk)->sctp.addr_wq_lock); -+ } else { - sp->do_auto_asconf = 0; -+ } -+ - local_bh_enable(); - - return 0; - } - --/* Cleanup any SCTP per socket resources. */ -+/* Cleanup any SCTP per socket resources. Must be called with -+ * sock_net(sk)->sctp.addr_wq_lock held if sp->do_auto_asconf is true -+ */ - static void sctp_destroy_sock(struct sock *sk) - { - struct sctp_sock *sp; -@@ -6973,6 +6987,19 @@ void sctp_copy_sock(struct sock *newsk, struct sock *sk, - newinet->mc_list = NULL; - } - -+static inline void sctp_copy_descendant(struct sock *sk_to, -+ const struct sock *sk_from) -+{ -+ int ancestor_size = sizeof(struct inet_sock) + -+ sizeof(struct sctp_sock) - -+ offsetof(struct sctp_sock, auto_asconf_list); -+ -+ if (sk_from->sk_family == PF_INET6) -+ ancestor_size += sizeof(struct ipv6_pinfo); -+ -+ __inet_sk_copy_descendant(sk_to, sk_from, ancestor_size); -+} -+ - /* Populate the fields of the newsk from the oldsk and migrate the assoc - * and its messages to the newsk. - */ -@@ -6987,7 +7014,6 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk, - struct sk_buff *skb, *tmp; - struct sctp_ulpevent *event; - struct sctp_bind_hashbucket *head; -- struct list_head tmplist; - - /* Migrate socket buffer sizes and all the socket level options to the - * new socket. -@@ -6995,12 +7021,7 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk, - newsk->sk_sndbuf = oldsk->sk_sndbuf; - newsk->sk_rcvbuf = oldsk->sk_rcvbuf; - /* Brute force copy old sctp opt. */ -- if (oldsp->do_auto_asconf) { -- memcpy(&tmplist, &newsp->auto_asconf_list, sizeof(tmplist)); -- inet_sk_copy_descendant(newsk, oldsk); -- memcpy(&newsp->auto_asconf_list, &tmplist, sizeof(tmplist)); -- } else -- inet_sk_copy_descendant(newsk, oldsk); -+ sctp_copy_descendant(newsk, oldsk); - - /* Restore the ep value that was overwritten with the above structure - * copy. -diff --git a/virt/kvm/arm/arch_timer.c b/virt/kvm/arm/arch_timer.c -index 5081e80..c6fe405 100644 ---- a/virt/kvm/arm/arch_timer.c -+++ b/virt/kvm/arm/arch_timer.c -@@ -61,12 +61,14 @@ static void timer_disarm(struct arch_timer_cpu *timer) - - static void kvm_timer_inject_irq(struct kvm_vcpu *vcpu) - { -+ int ret; - struct arch_timer_cpu *timer = &vcpu->arch.timer_cpu; - - timer->cntv_ctl |= ARCH_TIMER_CTRL_IT_MASK; -- kvm_vgic_inject_irq(vcpu->kvm, vcpu->vcpu_id, -- timer->irq->irq, -- timer->irq->level); -+ ret = kvm_vgic_inject_irq(vcpu->kvm, vcpu->vcpu_id, -+ timer->irq->irq, -+ timer->irq->level); -+ WARN_ON(ret); - } - - static irqreturn_t kvm_arch_timer_handler(int irq, void *dev_id) -@@ -307,12 +309,24 @@ void kvm_timer_vcpu_terminate(struct kvm_vcpu *vcpu) - timer_disarm(timer); - } - --int kvm_timer_init(struct kvm *kvm) -+void kvm_timer_enable(struct kvm *kvm) - { -- if (timecounter && wqueue) { -- kvm->arch.timer.cntvoff = kvm_phys_timer_read(); -+ if (kvm->arch.timer.enabled) -+ return; -+ -+ /* -+ * There is a potential race here between VCPUs starting for the first -+ * time, which may be enabling the timer multiple times. That doesn't -+ * hurt though, because we're just setting a variable to the same -+ * variable that it already was. The important thing is that all -+ * VCPUs have the enabled variable set, before entering the guest, if -+ * the arch timers are enabled. -+ */ -+ if (timecounter && wqueue) - kvm->arch.timer.enabled = 1; -- } -+} - -- return 0; -+void kvm_timer_init(struct kvm *kvm) -+{ -+ kvm->arch.timer.cntvoff = kvm_phys_timer_read(); - } -diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c -index c324a52..152ec76 100644 ---- a/virt/kvm/arm/vgic.c -+++ b/virt/kvm/arm/vgic.c -@@ -1042,6 +1042,7 @@ static bool vgic_queue_irq(struct kvm_vcpu *vcpu, u8 sgi_source_id, int irq) - lr, irq, vgic_cpu->vgic_lr[lr]); - BUG_ON(!test_bit(lr, vgic_cpu->lr_used)); - vgic_cpu->vgic_lr[lr] |= GICH_LR_PENDING_BIT; -+ __clear_bit(lr, (unsigned long *)vgic_cpu->vgic_elrsr); - return true; - } - -@@ -1055,6 +1056,7 @@ static bool vgic_queue_irq(struct kvm_vcpu *vcpu, u8 sgi_source_id, int irq) - vgic_cpu->vgic_lr[lr] = MK_LR_PEND(sgi_source_id, irq); - vgic_cpu->vgic_irq_lr_map[irq] = lr; - set_bit(lr, vgic_cpu->lr_used); -+ __clear_bit(lr, (unsigned long *)vgic_cpu->vgic_elrsr); - - if (!vgic_irq_is_edge(vcpu, irq)) - vgic_cpu->vgic_lr[lr] |= GICH_LR_EOI; -@@ -1209,6 +1211,14 @@ static bool vgic_process_maintenance(struct kvm_vcpu *vcpu) - if (vgic_cpu->vgic_misr & GICH_MISR_U) - vgic_cpu->vgic_hcr &= ~GICH_HCR_UIE; - -+ /* -+ * In the next iterations of the vcpu loop, if we sync the vgic state -+ * after flushing it, but before entering the guest (this happens for -+ * pending signals and vmid rollovers), then make sure we don't pick -+ * up any old maintenance interrupts here. -+ */ -+ memset(vgic_cpu->vgic_eisr, 0, sizeof(vgic_cpu->vgic_eisr[0]) * 2); -+ - return level_pending; - } - diff --git a/3.14.48/4420_grsecurity-3.1-3.14.48-201507111210.patch b/3.14.48/4420_grsecurity-3.1-3.14.48-201507251417.patch index 8faa105..59a0c47 100644 --- a/3.14.48/4420_grsecurity-3.1-3.14.48-201507111210.patch +++ b/3.14.48/4420_grsecurity-3.1-3.14.48-201507251417.patch @@ -294,6 +294,39 @@ index 5d91ba1..ef1d374 100644 pcbit= [HW,ISDN] pcd. [PARIDE] +diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt +index 855d9b3..154c500 100644 +--- a/Documentation/sysctl/kernel.txt ++++ b/Documentation/sysctl/kernel.txt +@@ -41,6 +41,7 @@ show up in /proc/sys/kernel: + - kptr_restrict + - kstack_depth_to_print [ X86 only ] + - l2cr [ PPC only ] ++- modify_ldt [ X86 only ] + - modprobe ==> Documentation/debugging-modules.txt + - modules_disabled + - msg_next_id [ sysv ipc ] +@@ -381,6 +382,20 @@ This flag controls the L2 cache of G3 processor boards. If + + ============================================================== + ++modify_ldt: (X86 only) ++ ++Enables (1) or disables (0) the modify_ldt syscall. Modifying the LDT ++(Local Descriptor Table) may be needed to run a 16-bit or segmented code ++such as Dosemu or Wine. This is done via a system call which is not needed ++to run portable applications, and which can sometimes be abused to exploit ++some weaknesses of the architecture, opening new vulnerabilities. ++ ++This sysctl allows one to increase the system's security by disabling the ++system call, or to restore compatibility with specific applications when it ++was already disabled. ++ ++============================================================== ++ + modules_disabled: + + A toggle value indicating if modules are allowed to be loaded diff --git a/Makefile b/Makefile index 25393e8..65e3b07 100644 --- a/Makefile @@ -4767,6 +4800,105 @@ index f15c22e..d830561 100644 } } +diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c +index 6adf591..00ad1e9 100644 +--- a/arch/arm/net/bpf_jit_32.c ++++ b/arch/arm/net/bpf_jit_32.c +@@ -73,32 +73,52 @@ struct jit_ctx { + + int bpf_jit_enable __read_mostly; + +-static u64 jit_get_skb_b(struct sk_buff *skb, unsigned offset) ++static inline int call_neg_helper(struct sk_buff *skb, int offset, void *ret, ++ unsigned int size) ++{ ++ void *ptr = bpf_internal_load_pointer_neg_helper(skb, offset, size); ++ ++ if (!ptr) ++ return -EFAULT; ++ memcpy(ret, ptr, size); ++ return 0; ++} ++ ++static u64 jit_get_skb_b(struct sk_buff *skb, int offset) + { + u8 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 1); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 1); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 1); + + return (u64)err << 32 | ret; + } + +-static u64 jit_get_skb_h(struct sk_buff *skb, unsigned offset) ++static u64 jit_get_skb_h(struct sk_buff *skb, int offset) + { + u16 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 2); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 2); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 2); + + return (u64)err << 32 | ntohs(ret); + } + +-static u64 jit_get_skb_w(struct sk_buff *skb, unsigned offset) ++static u64 jit_get_skb_w(struct sk_buff *skb, int offset) + { + u32 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 4); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 4); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 4); + + return (u64)err << 32 | ntohl(ret); + } +@@ -523,9 +543,6 @@ static int build_body(struct jit_ctx *ctx) + case BPF_S_LD_B_ABS: + load_order = 0; + load: +- /* the interpreter will deal with the negative K */ +- if ((int)k < 0) +- return -ENOTSUPP; + emit_mov_i(r_off, k, ctx); + load_common: + ctx->seen |= SEEN_DATA | SEEN_CALL; +@@ -534,12 +551,24 @@ load_common: + emit(ARM_SUB_I(r_scratch, r_skb_hl, + 1 << load_order), ctx); + emit(ARM_CMP_R(r_scratch, r_off), ctx); +- condt = ARM_COND_HS; ++ condt = ARM_COND_GE; + } else { + emit(ARM_CMP_R(r_skb_hl, r_off), ctx); + condt = ARM_COND_HI; + } + ++ /* ++ * test for negative offset, only if we are ++ * currently scheduled to take the fast ++ * path. this will update the flags so that ++ * the slowpath instruction are ignored if the ++ * offset is negative. ++ * ++ * for loard_order == 0 the HI condition will ++ * make loads at offset 0 take the slow path too. ++ */ ++ _emit(condt, ARM_CMP_I(r_off, 0), ctx); ++ + _emit(condt, ARM_ADD_R(r_scratch, r_off, r_skb_data), + ctx); + diff --git a/arch/arm/plat-iop/setup.c b/arch/arm/plat-iop/setup.c index 5b217f4..c23f40e 100644 --- a/arch/arm/plat-iop/setup.c @@ -12396,7 +12528,7 @@ index ad8f795..2c7eec6 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 96e743a..7f93c3a 100644 +index 96e743a..ca34a86 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -22,6 +22,7 @@ config X86_64 @@ -12499,6 +12631,29 @@ index 96e743a..7f93c3a 100644 ---help--- Map the 32-bit VDSO to the predictable old-style address too. +@@ -1914,6 +1921,22 @@ config CMDLINE_OVERRIDE + This is used to work around broken boot loaders. This should + be set to 'N' under normal conditions. + ++config DEFAULT_MODIFY_LDT_SYSCALL ++ bool "Allow userspace to modify the LDT by default" ++ default y ++ ++ ---help--- ++ Modifying the LDT (Local Descriptor Table) may be needed to run a ++ 16-bit or segmented code such as Dosemu or Wine. This is done via ++ a system call which is not needed to run portable applications, ++ and which can sometimes be abused to exploit some weaknesses of ++ the architecture, opening new vulnerabilities. ++ ++ For this reason this option allows one to enable or disable the ++ feature at runtime. It is recommended to say 'N' here to leave ++ the system protected, and to enable it at runtime only if needed ++ by setting the sys.kernel.modify_ldt sysctl. ++ + endmenu + + config ARCH_ENABLE_MEMORY_HOTPLUG diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu index f3aaf23..a1d3c49 100644 --- a/arch/x86/Kconfig.cpu @@ -26013,10 +26168,33 @@ index c2bedae..25e7ab60 100644 .name = "data", .mode = S_IRUGO, diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c -index c37886d..3f425e3 100644 +index c37886d..f43b63d 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c -@@ -66,13 +66,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) +@@ -11,6 +11,7 @@ + #include <linux/sched.h> + #include <linux/string.h> + #include <linux/mm.h> ++#include <linux/ratelimit.h> + #include <linux/smp.h> + #include <linux/vmalloc.h> + #include <linux/uaccess.h> +@@ -20,6 +21,14 @@ + #include <asm/mmu_context.h> + #include <asm/syscalls.h> + ++#ifdef CONFIG_GRKERNSEC ++int sysctl_modify_ldt __read_only = 0; ++#elif defined(CONFIG_DEFAULT_MODIFY_LDT_SYSCALL) ++int sysctl_modify_ldt __read_only = 1; ++#else ++int sysctl_modify_ldt __read_only = 0; ++#endif ++ + #ifdef CONFIG_SMP + static void flush_ldt(void *current_mm) + { +@@ -66,13 +75,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) if (reload) { #ifdef CONFIG_SMP preempt_disable(); @@ -26032,7 +26210,7 @@ index c37886d..3f425e3 100644 #endif } if (oldsize) { -@@ -94,7 +94,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) +@@ -94,7 +103,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) return err; for (i = 0; i < old->size; i++) @@ -26041,7 +26219,7 @@ index c37886d..3f425e3 100644 return 0; } -@@ -115,6 +115,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) +@@ -115,6 +124,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) retval = copy_ldt(&mm->context, &old_mm->context); mutex_unlock(&old_mm->context.lock); } @@ -26066,7 +26244,7 @@ index c37886d..3f425e3 100644 return retval; } -@@ -229,6 +247,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) +@@ -229,6 +256,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) } } @@ -26080,6 +26258,22 @@ index c37886d..3f425e3 100644 if (!IS_ENABLED(CONFIG_X86_16BIT) && !ldt_info.seg_32bit) { error = -EINVAL; goto out_unlock; +@@ -254,6 +288,15 @@ asmlinkage int sys_modify_ldt(int func, void __user *ptr, + { + int ret = -ENOSYS; + ++ if (!sysctl_modify_ldt) { ++ printk_ratelimited(KERN_INFO ++ "Denied a call to modify_ldt() from %s[%d] (uid: %d)." ++ " Adjust sysctl if this was not an exploit attempt.\n", ++ current->comm, task_pid_nr(current), ++ from_kuid_munged(current_user_ns(), current_uid())); ++ return ret; ++ } ++ + switch (func) { + case 0: + ret = read_ldt(ptr, bytecount); diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c index 1667b1d..16492c5 100644 --- a/arch/x86/kernel/machine_kexec_32.c @@ -48521,6 +48715,74 @@ index dff0977..6df4b1d 100644 adapter->vfinfo[vf].spoofchk_enabled = setting; regval = IXGBE_READ_REG(hw, IXGBE_PFVFSPOOF(vf_target_reg)); +diff --git a/drivers/net/ethernet/marvell/mvneta.c b/drivers/net/ethernet/marvell/mvneta.c +index 96fc7fe..1c776d6 100644 +--- a/drivers/net/ethernet/marvell/mvneta.c ++++ b/drivers/net/ethernet/marvell/mvneta.c +@@ -1441,7 +1441,7 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + struct mvneta_rx_queue *rxq) + { + struct net_device *dev = pp->dev; +- int rx_done, rx_filled; ++ int rx_done; + u32 rcvd_pkts = 0; + u32 rcvd_bytes = 0; + +@@ -1452,7 +1452,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + rx_todo = rx_done; + + rx_done = 0; +- rx_filled = 0; + + /* Fairness NAPI loop */ + while (rx_done < rx_todo) { +@@ -1463,7 +1462,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + int rx_bytes, err; + + rx_done++; +- rx_filled++; + rx_status = rx_desc->status; + rx_bytes = rx_desc->data_size - (ETH_FCS_LEN + MVNETA_MH_SIZE); + data = (unsigned char *)rx_desc->buf_cookie; +@@ -1503,6 +1501,14 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + continue; + } + ++ /* Refill processing */ ++ err = mvneta_rx_refill(pp, rx_desc); ++ if (err) { ++ netdev_err(dev, "Linux processing - Can't refill\n"); ++ rxq->missed++; ++ goto err_drop_frame; ++ } ++ + skb = build_skb(data, pp->frag_size > PAGE_SIZE ? 0 : pp->frag_size); + if (!skb) + goto err_drop_frame; +@@ -1522,14 +1528,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + mvneta_rx_csum(pp, rx_status, skb); + + napi_gro_receive(&pp->napi, skb); +- +- /* Refill processing */ +- err = mvneta_rx_refill(pp, rx_desc); +- if (err) { +- netdev_err(dev, "Linux processing - Can't refill\n"); +- rxq->missed++; +- rx_filled--; +- } + } + + if (rcvd_pkts) { +@@ -1542,7 +1540,7 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + } + + /* Update rxq management counters */ +- mvneta_rxq_desc_num_update(pp, rxq, rx_done, rx_filled); ++ mvneta_rxq_desc_num_update(pp, rxq, rx_done, rx_done); + + return rx_done; + } diff --git a/drivers/net/ethernet/neterion/s2io.c b/drivers/net/ethernet/neterion/s2io.c index 9eeddbd..6d9e10d 100644 --- a/drivers/net/ethernet/neterion/s2io.c @@ -48824,7 +49086,7 @@ index fbf7dcd..ad71499 100644 }; diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c -index e8c21f9..747b848 100644 +index e8c21f9..6ecd8cc 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -422,7 +422,7 @@ static void macvtap_setup(struct net_device *dev) @@ -48854,6 +49116,14 @@ index e8c21f9..747b848 100644 .notifier_call = macvtap_device_event, }; +@@ -1250,6 +1250,7 @@ static void macvtap_exit(void) + class_unregister(macvtap_class); + cdev_del(&macvtap_cdev); + unregister_chrdev_region(macvtap_major, MACVTAP_NUM_DEVS); ++ idr_destroy(&minor_idr); + } + module_exit(macvtap_exit); + diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c index d2bb12b..d6c921e 100644 --- a/drivers/net/nlmon.c @@ -49148,6 +49418,51 @@ index 841b608..198a8b7 100644 #define VIRTNET_DRIVER_VERSION "1.0.0" +diff --git a/drivers/net/vmxnet3/vmxnet3_drv.c b/drivers/net/vmxnet3/vmxnet3_drv.c +index 0fa3b44..e913fc9 100644 +--- a/drivers/net/vmxnet3/vmxnet3_drv.c ++++ b/drivers/net/vmxnet3/vmxnet3_drv.c +@@ -1156,7 +1156,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + static const u32 rxprod_reg[2] = { + VMXNET3_REG_RXPROD, VMXNET3_REG_RXPROD2 + }; +- u32 num_rxd = 0; ++ u32 num_pkts = 0; + bool skip_page_frags = false; + struct Vmxnet3_RxCompDesc *rcd; + struct vmxnet3_rx_ctx *ctx = &rq->rx_ctx; +@@ -1174,13 +1174,12 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + struct Vmxnet3_RxDesc *rxd; + u32 idx, ring_idx; + struct vmxnet3_cmd_ring *ring = NULL; +- if (num_rxd >= quota) { ++ if (num_pkts >= quota) { + /* we may stop even before we see the EOP desc of + * the current pkt + */ + break; + } +- num_rxd++; + BUG_ON(rcd->rqID != rq->qid && rcd->rqID != rq->qid2); + idx = rcd->rxdIdx; + ring_idx = rcd->rqID < adapter->num_rx_queues ? 0 : 1; +@@ -1312,6 +1311,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + napi_gro_receive(&rq->napi, skb); + + ctx->skb = NULL; ++ num_pkts++; + } + + rcd_done: +@@ -1342,7 +1342,7 @@ rcd_done: + &rq->comp_ring.base[rq->comp_ring.next2proc].rcd, &rxComp); + } + +- return num_rxd; ++ return num_pkts; + } + + diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c index 5988910..be561a2 100644 --- a/drivers/net/vxlan.c @@ -52600,6 +52915,21 @@ index 40d8592..8e89146 100644 int block_sectors = 0; long error_sector; struct scsi_cd *cd = scsi_cd(SCpnt->request->rq_disk); +diff --git a/drivers/scsi/st.c b/drivers/scsi/st.c +index a1d6986..f310982 100644 +--- a/drivers/scsi/st.c ++++ b/drivers/scsi/st.c +@@ -1262,9 +1262,9 @@ static int st_open(struct inode *inode, struct file *filp) + spin_lock(&st_use_lock); + STp->in_use = 0; + spin_unlock(&st_use_lock); +- scsi_tape_put(STp); + if (resumed) + scsi_autopm_put_device(STp->device); ++ scsi_tape_put(STp); + return retval; + + } diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c index d6563ec..a1c5da2 100644 --- a/drivers/spi/spi.c @@ -65676,10 +66006,20 @@ index c71e886..61d3d44b 100644 if (retval > 0) retval = 0; diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c -index bb7991c..481e21a 100644 +index bb7991c..9c2bc01 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c -@@ -1312,7 +1312,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -540,8 +540,7 @@ static struct inode *v9fs_qid_iget(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } +@@ -1312,7 +1311,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) void v9fs_vfs_put_link(struct dentry *dentry, struct nameidata *nd, void *p) { @@ -65688,6 +66028,20 @@ index bb7991c..481e21a 100644 p9_debug(P9_DEBUG_VFS, " %s %s\n", dentry->d_name.name, IS_ERR(s) ? "<error>" : s); +diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c +index 59dc8e8..de8606c 100644 +--- a/fs/9p/vfs_inode_dotl.c ++++ b/fs/9p/vfs_inode_dotl.c +@@ -149,8 +149,7 @@ static struct inode *v9fs_qid_iget_dotl(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } diff --git a/fs/Kconfig.binfmt b/fs/Kconfig.binfmt index 370b24c..ff0be7b 100644 --- a/fs/Kconfig.binfmt @@ -68121,7 +68475,7 @@ index a93f7e6..d58bcbe 100644 return 0; while (nr) { diff --git a/fs/dcache.c b/fs/dcache.c -index aa24f7d..befb5fd 100644 +index aa24f7d..8f1bf8c 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -250,7 +250,7 @@ static void __d_free(struct rcu_head *head) @@ -68133,7 +68487,17 @@ index aa24f7d..befb5fd 100644 this_cpu_dec(nr_dentry); if (dentry->d_op && dentry->d_op->d_release) dentry->d_op->d_release(dentry); -@@ -596,7 +596,7 @@ repeat: +@@ -587,6 +587,9 @@ repeat: + if (unlikely(d_unhashed(dentry))) + goto kill_it; + ++ if (unlikely(dentry->d_flags & DCACHE_DISCONNECTED)) ++ goto kill_it; ++ + if (unlikely(dentry->d_flags & DCACHE_OP_DELETE)) { + if (dentry->d_op->d_delete(dentry)) + goto kill_it; +@@ -596,7 +599,7 @@ repeat: dentry->d_flags |= DCACHE_REFERENCED; dentry_lru_add(dentry); @@ -68142,7 +68506,7 @@ index aa24f7d..befb5fd 100644 spin_unlock(&dentry->d_lock); return; -@@ -651,7 +651,7 @@ int d_invalidate(struct dentry * dentry) +@@ -651,7 +654,7 @@ int d_invalidate(struct dentry * dentry) * We also need to leave mountpoints alone, * directory or not. */ @@ -68151,7 +68515,7 @@ index aa24f7d..befb5fd 100644 if (S_ISDIR(dentry->d_inode->i_mode) || d_mountpoint(dentry)) { spin_unlock(&dentry->d_lock); return -EBUSY; -@@ -667,7 +667,7 @@ EXPORT_SYMBOL(d_invalidate); +@@ -667,7 +670,7 @@ EXPORT_SYMBOL(d_invalidate); /* This must be called with d_lock held */ static inline void __dget_dlock(struct dentry *dentry) { @@ -68160,7 +68524,7 @@ index aa24f7d..befb5fd 100644 } static inline void __dget(struct dentry *dentry) -@@ -708,8 +708,8 @@ repeat: +@@ -708,8 +711,8 @@ repeat: goto repeat; } rcu_read_unlock(); @@ -68171,7 +68535,7 @@ index aa24f7d..befb5fd 100644 spin_unlock(&ret->d_lock); return ret; } -@@ -792,7 +792,7 @@ restart: +@@ -792,7 +795,7 @@ restart: spin_lock(&inode->i_lock); hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { spin_lock(&dentry->d_lock); @@ -68180,7 +68544,7 @@ index aa24f7d..befb5fd 100644 /* * inform the fs via d_prune that this dentry * is about to be unhashed and destroyed. -@@ -884,7 +884,7 @@ static void shrink_dentry_list(struct list_head *list) +@@ -884,7 +887,7 @@ static void shrink_dentry_list(struct list_head *list) * We found an inuse dentry which was not removed from * the LRU because of laziness during lookup. Do not free it. */ @@ -68189,7 +68553,7 @@ index aa24f7d..befb5fd 100644 spin_unlock(&dentry->d_lock); continue; } -@@ -930,7 +930,7 @@ dentry_lru_isolate(struct list_head *item, spinlock_t *lru_lock, void *arg) +@@ -930,7 +933,7 @@ dentry_lru_isolate(struct list_head *item, spinlock_t *lru_lock, void *arg) * counts, just remove them from the LRU. Otherwise give them * another pass through the LRU. */ @@ -68198,7 +68562,7 @@ index aa24f7d..befb5fd 100644 d_lru_isolate(dentry); spin_unlock(&dentry->d_lock); return LRU_REMOVED; -@@ -1269,7 +1269,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry) +@@ -1269,7 +1272,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry) * loop in shrink_dcache_parent() might not make any progress * and loop forever. */ @@ -68207,7 +68571,7 @@ index aa24f7d..befb5fd 100644 dentry_lru_del(dentry); } else if (!(dentry->d_flags & DCACHE_SHRINK_LIST)) { /* -@@ -1323,11 +1323,11 @@ static enum d_walk_ret umount_collect(void *_data, struct dentry *dentry) +@@ -1323,11 +1326,11 @@ static enum d_walk_ret umount_collect(void *_data, struct dentry *dentry) struct select_data *data = _data; enum d_walk_ret ret = D_WALK_CONTINUE; @@ -68221,7 +68585,7 @@ index aa24f7d..befb5fd 100644 goto out; printk(KERN_ERR "BUG: Dentry %p{i=%lx,n=%s}" -@@ -1337,7 +1337,7 @@ static enum d_walk_ret umount_collect(void *_data, struct dentry *dentry) +@@ -1337,7 +1340,7 @@ static enum d_walk_ret umount_collect(void *_data, struct dentry *dentry) dentry->d_inode ? dentry->d_inode->i_ino : 0UL, dentry->d_name.name, @@ -68230,7 +68594,7 @@ index aa24f7d..befb5fd 100644 dentry->d_sb->s_type->name, dentry->d_sb->s_id); BUG(); -@@ -1495,7 +1495,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1495,7 +1498,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) */ dentry->d_iname[DNAME_INLINE_LEN-1] = 0; if (name->len > DNAME_INLINE_LEN-1) { @@ -68239,7 +68603,7 @@ index aa24f7d..befb5fd 100644 if (!dname) { kmem_cache_free(dentry_cache, dentry); return NULL; -@@ -1513,7 +1513,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1513,7 +1516,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) smp_wmb(); dentry->d_name.name = dname; @@ -68248,7 +68612,7 @@ index aa24f7d..befb5fd 100644 dentry->d_flags = 0; spin_lock_init(&dentry->d_lock); seqcount_init(&dentry->d_seq); -@@ -1522,6 +1522,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1522,6 +1525,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) dentry->d_sb = sb; dentry->d_op = NULL; dentry->d_fsdata = NULL; @@ -68258,7 +68622,7 @@ index aa24f7d..befb5fd 100644 INIT_HLIST_BL_NODE(&dentry->d_hash); INIT_LIST_HEAD(&dentry->d_lru); INIT_LIST_HEAD(&dentry->d_subdirs); -@@ -2276,7 +2279,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name) +@@ -2276,7 +2282,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name) goto next; } @@ -68267,7 +68631,7 @@ index aa24f7d..befb5fd 100644 found = dentry; spin_unlock(&dentry->d_lock); break; -@@ -2375,7 +2378,7 @@ again: +@@ -2375,7 +2381,7 @@ again: spin_lock(&dentry->d_lock); inode = dentry->d_inode; isdir = S_ISDIR(inode->i_mode); @@ -68276,7 +68640,7 @@ index aa24f7d..befb5fd 100644 if (!spin_trylock(&inode->i_lock)) { spin_unlock(&dentry->d_lock); cpu_relax(); -@@ -3308,7 +3311,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry) +@@ -3308,7 +3314,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry) if (!(dentry->d_flags & DCACHE_GENOCIDE)) { dentry->d_flags |= DCACHE_GENOCIDE; @@ -68285,7 +68649,7 @@ index aa24f7d..befb5fd 100644 } } return D_WALK_CONTINUE; -@@ -3424,7 +3427,8 @@ void __init vfs_caches_init(unsigned long mempages) +@@ -3424,7 +3430,8 @@ void __init vfs_caches_init(unsigned long mempages) mempages -= reserve; names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0, @@ -82401,7 +82765,7 @@ index 0000000..25f54ef +}; diff --git a/grsecurity/gracl_policy.c b/grsecurity/gracl_policy.c new file mode 100644 -index 0000000..fd26052 +index 0000000..7dc01b3 --- /dev/null +++ b/grsecurity/gracl_policy.c @@ -0,0 +1,1781 @@ @@ -82860,7 +83224,7 @@ index 0000000..fd26052 + get_fs_root(reaper->fs, &gr_real_root); + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", __get_dev(gr_real_root.dentry), gr_real_root.dentry->d_inode->i_ino); ++ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", gr_get_dev_from_dentry(gr_real_root.dentry), gr_get_ino_from_dentry(gr_real_root.dentry)); +#endif + + fakefs_obj_rw = kzalloc(sizeof(struct acl_object_label), GFP_KERNEL); @@ -85841,7 +86205,7 @@ index 0000000..8ca18bf +} diff --git a/grsecurity/grsec_init.c b/grsecurity/grsec_init.c new file mode 100644 -index 0000000..4ed9e7d +index 0000000..a364c58 --- /dev/null +++ b/grsecurity/grsec_init.c @@ -0,0 +1,290 @@ @@ -85854,61 +86218,61 @@ index 0000000..4ed9e7d +#include <linux/percpu.h> +#include <linux/module.h> + -+int grsec_enable_ptrace_readexec; -+int grsec_enable_setxid; -+int grsec_enable_symlinkown; -+kgid_t grsec_symlinkown_gid; -+int grsec_enable_brute; -+int grsec_enable_link; -+int grsec_enable_dmesg; -+int grsec_enable_harden_ptrace; -+int grsec_enable_harden_ipc; -+int grsec_enable_fifo; -+int grsec_enable_execlog; -+int grsec_enable_signal; -+int grsec_enable_forkfail; -+int grsec_enable_audit_ptrace; -+int grsec_enable_time; -+int grsec_enable_group; -+kgid_t grsec_audit_gid; -+int grsec_enable_chdir; -+int grsec_enable_mount; -+int grsec_enable_rofs; -+int grsec_deny_new_usb; -+int grsec_enable_chroot_findtask; -+int grsec_enable_chroot_mount; -+int grsec_enable_chroot_shmat; -+int grsec_enable_chroot_fchdir; -+int grsec_enable_chroot_double; -+int grsec_enable_chroot_pivot; -+int grsec_enable_chroot_chdir; -+int grsec_enable_chroot_chmod; -+int grsec_enable_chroot_mknod; -+int grsec_enable_chroot_nice; -+int grsec_enable_chroot_execlog; -+int grsec_enable_chroot_caps; -+int grsec_enable_chroot_rename; -+int grsec_enable_chroot_sysctl; -+int grsec_enable_chroot_unix; -+int grsec_enable_tpe; -+kgid_t grsec_tpe_gid; -+int grsec_enable_blackhole; ++int grsec_enable_ptrace_readexec __read_only; ++int grsec_enable_setxid __read_only; ++int grsec_enable_symlinkown __read_only; ++kgid_t grsec_symlinkown_gid __read_only; ++int grsec_enable_brute __read_only; ++int grsec_enable_link __read_only; ++int grsec_enable_dmesg __read_only; ++int grsec_enable_harden_ptrace __read_only; ++int grsec_enable_harden_ipc __read_only; ++int grsec_enable_fifo __read_only; ++int grsec_enable_execlog __read_only; ++int grsec_enable_signal __read_only; ++int grsec_enable_forkfail __read_only; ++int grsec_enable_audit_ptrace __read_only; ++int grsec_enable_time __read_only; ++int grsec_enable_group __read_only; ++kgid_t grsec_audit_gid __read_only; ++int grsec_enable_chdir __read_only; ++int grsec_enable_mount __read_only; ++int grsec_enable_rofs __read_only; ++int grsec_deny_new_usb __read_only; ++int grsec_enable_chroot_findtask __read_only; ++int grsec_enable_chroot_mount __read_only; ++int grsec_enable_chroot_shmat __read_only; ++int grsec_enable_chroot_fchdir __read_only; ++int grsec_enable_chroot_double __read_only; ++int grsec_enable_chroot_pivot __read_only; ++int grsec_enable_chroot_chdir __read_only; ++int grsec_enable_chroot_chmod __read_only; ++int grsec_enable_chroot_mknod __read_only; ++int grsec_enable_chroot_nice __read_only; ++int grsec_enable_chroot_execlog __read_only; ++int grsec_enable_chroot_caps __read_only; ++int grsec_enable_chroot_rename __read_only; ++int grsec_enable_chroot_sysctl __read_only; ++int grsec_enable_chroot_unix __read_only; ++int grsec_enable_tpe __read_only; ++kgid_t grsec_tpe_gid __read_only; ++int grsec_enable_blackhole __read_only; +#ifdef CONFIG_IPV6_MODULE +EXPORT_SYMBOL_GPL(grsec_enable_blackhole); +#endif -+int grsec_lastack_retries; -+int grsec_enable_tpe_all; -+int grsec_enable_tpe_invert; -+int grsec_enable_socket_all; -+kgid_t grsec_socket_all_gid; -+int grsec_enable_socket_client; -+kgid_t grsec_socket_client_gid; -+int grsec_enable_socket_server; -+kgid_t grsec_socket_server_gid; -+int grsec_resource_logging; -+int grsec_disable_privio; -+int grsec_enable_log_rwxmaps; -+int grsec_lock; ++int grsec_lastack_retries __read_only; ++int grsec_enable_tpe_all __read_only; ++int grsec_enable_tpe_invert __read_only; ++int grsec_enable_socket_all __read_only; ++kgid_t grsec_socket_all_gid __read_only; ++int grsec_enable_socket_client __read_only; ++kgid_t grsec_socket_client_gid __read_only; ++int grsec_enable_socket_server __read_only; ++kgid_t grsec_socket_server_gid __read_only; ++int grsec_resource_logging __read_only; ++int grsec_disable_privio __read_only; ++int grsec_enable_log_rwxmaps __read_only; ++int grsec_lock __read_only; + +DEFINE_SPINLOCK(grsec_alert_lock); +unsigned long grsec_alert_wtime = 0; @@ -87332,7 +87696,7 @@ index 0000000..a523bd2 +} diff --git a/grsecurity/grsec_sysctl.c b/grsecurity/grsec_sysctl.c new file mode 100644 -index 0000000..cce889e +index 0000000..aaec43c --- /dev/null +++ b/grsecurity/grsec_sysctl.c @@ -0,0 +1,488 @@ @@ -87371,7 +87735,7 @@ index 0000000..cce889e + .data = &grsec_disable_privio, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#endif @@ -87381,7 +87745,7 @@ index 0000000..cce889e + .data = &grsec_enable_link, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SYMLINKOWN @@ -87390,14 +87754,14 @@ index 0000000..cce889e + .data = &grsec_enable_symlinkown, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "symlinkown_gid", + .data = &grsec_symlinkown_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BRUTE @@ -87406,7 +87770,7 @@ index 0000000..cce889e + .data = &grsec_enable_brute, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FIFO @@ -87415,7 +87779,7 @@ index 0000000..cce889e + .data = &grsec_enable_fifo, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC @@ -87424,7 +87788,7 @@ index 0000000..cce889e + .data = &grsec_enable_ptrace_readexec, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SETXID @@ -87433,7 +87797,7 @@ index 0000000..cce889e + .data = &grsec_enable_setxid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BLACKHOLE @@ -87442,14 +87806,14 @@ index 0000000..cce889e + .data = &grsec_enable_blackhole, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "lastack_retries", + .data = &grsec_lastack_retries, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_EXECLOG @@ -87458,7 +87822,7 @@ index 0000000..cce889e + .data = &grsec_enable_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RWXMAP_LOG @@ -87467,7 +87831,7 @@ index 0000000..cce889e + .data = &grsec_enable_log_rwxmaps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SIGNAL @@ -87476,7 +87840,7 @@ index 0000000..cce889e + .data = &grsec_enable_signal, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FORKFAIL @@ -87485,7 +87849,7 @@ index 0000000..cce889e + .data = &grsec_enable_forkfail, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TIME @@ -87494,7 +87858,7 @@ index 0000000..cce889e + .data = &grsec_enable_time, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SHMAT @@ -87503,7 +87867,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_shmat, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_UNIX @@ -87512,7 +87876,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_unix, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MOUNT @@ -87521,7 +87885,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FCHDIR @@ -87530,7 +87894,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_fchdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_DOUBLE @@ -87539,7 +87903,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_double, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_PIVOT @@ -87548,7 +87912,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_pivot, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHDIR @@ -87557,7 +87921,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHMOD @@ -87566,7 +87930,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_chmod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MKNOD @@ -87575,7 +87939,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_mknod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_NICE @@ -87584,7 +87948,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_nice, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_EXECLOG @@ -87593,7 +87957,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CAPS @@ -87602,7 +87966,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_caps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_RENAME @@ -87611,7 +87975,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_rename, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SYSCTL @@ -87620,7 +87984,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_sysctl, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE @@ -87629,14 +87993,14 @@ index 0000000..cce889e + .data = &grsec_enable_tpe, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "tpe_gid", + .data = &grsec_tpe_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_INVERT @@ -87645,7 +88009,7 @@ index 0000000..cce889e + .data = &grsec_enable_tpe_invert, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_ALL @@ -87654,7 +88018,7 @@ index 0000000..cce889e + .data = &grsec_enable_tpe_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_ALL @@ -87663,14 +88027,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_all_gid", + .data = &grsec_socket_all_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_CLIENT @@ -87679,14 +88043,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_client, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_client_gid", + .data = &grsec_socket_client_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_SERVER @@ -87695,14 +88059,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_server, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_server_gid", + .data = &grsec_socket_server_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_GROUP @@ -87711,14 +88075,14 @@ index 0000000..cce889e + .data = &grsec_enable_group, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "audit_gid", + .data = &grsec_audit_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_CHDIR @@ -87727,7 +88091,7 @@ index 0000000..cce889e + .data = &grsec_enable_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT @@ -87736,7 +88100,7 @@ index 0000000..cce889e + .data = &grsec_enable_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_DMESG @@ -87745,7 +88109,7 @@ index 0000000..cce889e + .data = &grsec_enable_dmesg, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FINDTASK @@ -87754,7 +88118,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_findtask, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RESLOG @@ -87763,7 +88127,7 @@ index 0000000..cce889e + .data = &grsec_resource_logging, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_PTRACE @@ -87772,7 +88136,7 @@ index 0000000..cce889e + .data = &grsec_enable_audit_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE @@ -87781,7 +88145,7 @@ index 0000000..cce889e + .data = &grsec_enable_harden_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_IPC @@ -87790,7 +88154,7 @@ index 0000000..cce889e + .data = &grsec_enable_harden_ipc, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { @@ -87798,7 +88162,7 @@ index 0000000..cce889e + .data = &grsec_lock, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_ROFS @@ -87807,7 +88171,7 @@ index 0000000..cce889e + .data = &grsec_enable_rofs, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec_minmax, ++ .proc_handler = &proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, @@ -87818,7 +88182,7 @@ index 0000000..cce889e + .data = &grsec_deny_new_usb, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { } @@ -89080,8 +89444,31 @@ index 939533d..cf0a57c 100644 /** * struct clk_init_data - holds init data that's common to all clocks and is +diff --git a/include/linux/clkdev.h b/include/linux/clkdev.h +index 94bad77..a39e810 100644 +--- a/include/linux/clkdev.h ++++ b/include/linux/clkdev.h +@@ -32,7 +32,7 @@ struct clk_lookup { + } + + struct clk_lookup *clkdev_alloc(struct clk *clk, const char *con_id, +- const char *dev_fmt, ...); ++ const char *dev_fmt, ...) __printf(3, 4); + + void clkdev_add(struct clk_lookup *cl); + void clkdev_drop(struct clk_lookup *cl); +@@ -40,7 +40,8 @@ void clkdev_drop(struct clk_lookup *cl); + void clkdev_add_table(struct clk_lookup *, size_t); + int clk_add_alias(const char *, const char *, char *, struct device *); + +-int clk_register_clkdev(struct clk *, const char *, const char *, ...); ++int clk_register_clkdev(struct clk *, const char *, const char *, ...) ++ __printf(3, 4); + int clk_register_clkdevs(struct clk *, struct clk_lookup *, size_t); + + #ifdef CONFIG_COMMON_CLK diff --git a/include/linux/compat.h b/include/linux/compat.h -index 3f448c6..8dd869d 100644 +index 3f448c6..4d53187 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -313,7 +313,7 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, @@ -89102,6 +89489,15 @@ index 3f448c6..8dd869d 100644 asmlinkage long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5); asmlinkage long compat_sys_ustat(unsigned dev, struct compat_ustat __user *u32); +@@ -405,7 +405,7 @@ asmlinkage long compat_sys_settimeofday(struct compat_timeval __user *tv, + + asmlinkage long compat_sys_adjtimex(struct compat_timex __user *utp); + +-extern int compat_printk(const char *fmt, ...); ++extern __printf(1, 2) int compat_printk(const char *fmt, ...); + extern void sigset_from_compat(sigset_t *set, const compat_sigset_t *compat); + extern void sigset_to_compat(compat_sigset_t *compat, const sigset_t *set); + @@ -420,7 +420,7 @@ extern int compat_ptrace_request(struct task_struct *child, extern long compat_arch_ptrace(struct task_struct *child, compat_long_t request, compat_ulong_t addr, compat_ulong_t data); @@ -89151,10 +89547,10 @@ index 2507fd2..55203f8 100644 * Mark a position in code as unreachable. This can be used to * suppress control flow warnings after asm blocks that transfer diff --git a/include/linux/compiler-gcc5.h b/include/linux/compiler-gcc5.h -index cdd1cc2..9c1ee22 100644 +index cdd1cc2..d062745 100644 --- a/include/linux/compiler-gcc5.h +++ b/include/linux/compiler-gcc5.h -@@ -28,6 +28,31 @@ +@@ -28,6 +28,30 @@ # define __compiletime_error(message) __attribute__((error(message))) #endif /* __CHECKER__ */ @@ -89174,7 +89570,6 @@ index cdd1cc2..9c1ee22 100644 +#endif + +#ifdef SIZE_OVERFLOW_PLUGIN -+#error not yet +#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__))) +#define __intentional_overflow(...) __attribute__((intentional_overflow(__VA_ARGS__))) +#endif @@ -89186,7 +89581,7 @@ index cdd1cc2..9c1ee22 100644 /* * Mark a position in code as unreachable. This can be used to * suppress control flow warnings after asm blocks that transfer -@@ -53,7 +78,6 @@ +@@ -53,7 +77,6 @@ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 * * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. @@ -89368,19 +89763,20 @@ index 5d5aaae..0ea9b84 100644 extern bool completion_done(struct completion *x); diff --git a/include/linux/configfs.h b/include/linux/configfs.h -index 34025df..2a6ee32 100644 +index 34025df..9c263df 100644 --- a/include/linux/configfs.h +++ b/include/linux/configfs.h -@@ -64,7 +64,7 @@ struct config_item { +@@ -64,7 +64,8 @@ struct config_item { struct dentry *ci_dentry; }; -extern int config_item_set_name(struct config_item *, const char *, ...); -+extern __printf(2, 3) int config_item_set_name(struct config_item *, const char *, ...); ++extern __printf(2, 3) ++int config_item_set_name(struct config_item *, const char *, ...); static inline char *config_item_name(struct config_item * item) { -@@ -125,7 +125,7 @@ struct configfs_attribute { +@@ -125,7 +126,7 @@ struct configfs_attribute { const char *ca_name; struct module *ca_owner; umode_t ca_mode; @@ -89568,7 +89964,7 @@ index 653589e..4ef254a 100644 return c | 0x20; } diff --git a/include/linux/dcache.h b/include/linux/dcache.h -index 0f0eb1c..776283e 100644 +index 0f0eb1c..3c17a3d 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -123,6 +123,9 @@ struct dentry { @@ -89590,6 +89986,16 @@ index 0f0eb1c..776283e 100644 /* * dentry->d_lock spinlock nesting subclasses: +@@ -328,7 +331,8 @@ extern int d_validate(struct dentry *, struct dentry *); + /* + * helper function for dentry_operations.d_dname() members + */ +-extern char *dynamic_dname(struct dentry *, char *, int, const char *, ...); ++extern __printf(4, 5) ++char *dynamic_dname(struct dentry *, char *, int, const char *, ...); + extern char *simple_dname(struct dentry *, char *, int); + + extern char *__d_path(const struct path *, const struct path *, char *, int); diff --git a/include/linux/decompress/mm.h b/include/linux/decompress/mm.h index 7925bf0..d5143d2 100644 --- a/include/linux/decompress/mm.h @@ -89617,7 +90023,7 @@ index d48dc00..211ee54 100644 /** * struct devfreq - Device devfreq structure diff --git a/include/linux/device.h b/include/linux/device.h -index 952b010..d5b7691 100644 +index 952b010..2f65744 100644 --- a/include/linux/device.h +++ b/include/linux/device.h @@ -310,7 +310,7 @@ struct subsys_interface { @@ -89652,6 +90058,23 @@ index 952b010..d5b7691 100644 ssize_t device_show_ulong(struct device *dev, struct device_attribute *attr, char *buf); +@@ -956,12 +957,10 @@ extern int __must_check device_reprobe(struct device *dev); + /* + * Easy functions for dynamically creating devices on the fly + */ +-extern struct device *device_create_vargs(struct class *cls, +- struct device *parent, +- dev_t devt, +- void *drvdata, +- const char *fmt, +- va_list vargs); ++extern __printf(5, 0) ++struct device *device_create_vargs(struct class *cls, struct device *parent, ++ dev_t devt, void *drvdata, ++ const char *fmt, va_list vargs); + extern __printf(5, 6) + struct device *device_create(struct class *cls, struct device *parent, + dev_t devt, void *drvdata, diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h index fd4aee2..1f28db9 100644 --- a/include/linux/dma-mapping.h @@ -91739,6 +92162,42 @@ index 6883e19..e854fcb 100644 /* This macro allows us to keep printk typechecking */ static __printf(1, 2) +diff --git a/include/linux/kernel.h b/include/linux/kernel.h +index 196d1ea..86a6927 100644 +--- a/include/linux/kernel.h ++++ b/include/linux/kernel.h +@@ -397,7 +397,8 @@ extern __printf(3, 0) + int vscnprintf(char *buf, size_t size, const char *fmt, va_list args); + extern __printf(2, 3) + char *kasprintf(gfp_t gfp, const char *fmt, ...); +-extern char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); ++extern __printf(2, 0) ++char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); + + extern __scanf(2, 3) + int sscanf(const char *, const char *, ...); +@@ -670,10 +671,10 @@ do { \ + __ftrace_vprintk(_THIS_IP_, fmt, vargs); \ + } while (0) + +-extern int ++extern __printf(2, 0) int + __ftrace_vbprintk(unsigned long ip, const char *fmt, va_list ap); + +-extern int ++extern __printf(2, 0) int + __ftrace_vprintk(unsigned long ip, const char *fmt, va_list ap); + + extern void ftrace_dump(enum ftrace_dump_mode oops_dump_mode); +@@ -693,7 +694,7 @@ int trace_printk(const char *fmt, ...) + { + return 0; + } +-static inline int ++static __printf(1, 0) inline int + ftrace_vprintk(const char *fmt, va_list ap) + { + return 0; diff --git a/include/linux/key-type.h b/include/linux/key-type.h index a74c3a8..28d3f21 100644 --- a/include/linux/key-type.h @@ -91807,10 +92266,22 @@ index 0555cc6..40116ce 100644 char **envp; int wait; diff --git a/include/linux/kobject.h b/include/linux/kobject.h -index 926afb6..58dd6e5 100644 +index 926afb6..e4d3dd9 100644 --- a/include/linux/kobject.h +++ b/include/linux/kobject.h -@@ -116,7 +116,7 @@ struct kobj_type { +@@ -78,8 +78,9 @@ struct kobject { + + extern __printf(2, 3) + int kobject_set_name(struct kobject *kobj, const char *name, ...); +-extern int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, +- va_list vargs); ++extern __printf(2, 0) ++int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, ++ va_list vargs); + + static inline const char *kobject_name(const struct kobject *kobj) + { +@@ -116,7 +117,7 @@ struct kobj_type { struct attribute **default_attrs; const struct kobj_ns_type_operations *(*child_ns_type)(struct kobject *kobj); const void *(*namespace)(struct kobject *kobj); @@ -91819,7 +92290,7 @@ index 926afb6..58dd6e5 100644 struct kobj_uevent_env { char *envp[UEVENT_NUM_ENVP]; -@@ -139,6 +139,7 @@ struct kobj_attribute { +@@ -139,6 +140,7 @@ struct kobj_attribute { ssize_t (*store)(struct kobject *kobj, struct kobj_attribute *attr, const char *buf, size_t count); }; @@ -91827,7 +92298,7 @@ index 926afb6..58dd6e5 100644 extern const struct sysfs_ops kobj_sysfs_ops; -@@ -166,7 +167,7 @@ struct kset { +@@ -166,7 +168,7 @@ struct kset { spinlock_t list_lock; struct kobject kobj; const struct kset_uevent_ops *uevent_ops; @@ -92388,7 +92859,7 @@ index 87079fc..7724b1f 100644 /* * Standard errno values are used for errors, but some have specific diff --git a/include/linux/mmiotrace.h b/include/linux/mmiotrace.h -index c5d5278..f0b68c8 100644 +index c5d5278..85cd5ce 100644 --- a/include/linux/mmiotrace.h +++ b/include/linux/mmiotrace.h @@ -46,7 +46,7 @@ extern int kmmio_handler(struct pt_regs *regs, unsigned long addr); @@ -92409,6 +92880,14 @@ index c5d5278..f0b68c8 100644 { } +@@ -106,6 +106,6 @@ extern void enable_mmiotrace(void); + extern void disable_mmiotrace(void); + extern void mmio_trace_rw(struct mmiotrace_rw *rw); + extern void mmio_trace_mapping(struct mmiotrace_map *map); +-extern int mmio_trace_printk(const char *fmt, va_list args); ++extern __printf(1, 0) int mmio_trace_printk(const char *fmt, va_list args); + + #endif /* _LINUX_MMIOTRACE_H */ diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h index ac819bf..838afec 100644 --- a/include/linux/mmzone.h @@ -93159,7 +93638,7 @@ index 1841b58..fbeebf8 100644 #define preempt_set_need_resched() \ do { \ diff --git a/include/linux/printk.h b/include/linux/printk.h -index cbf094f..86007b7 100644 +index cbf094f..630d761 100644 --- a/include/linux/printk.h +++ b/include/linux/printk.h @@ -114,6 +114,8 @@ static inline __printf(1, 2) __cold @@ -93171,7 +93650,7 @@ index cbf094f..86007b7 100644 #ifdef CONFIG_PRINTK asmlinkage __printf(5, 0) int vprintk_emit(int facility, int level, -@@ -148,7 +150,6 @@ extern bool printk_timed_ratelimit(unsigned long *caller_jiffies, +@@ -148,13 +150,12 @@ extern bool printk_timed_ratelimit(unsigned long *caller_jiffies, extern int printk_delay_msec; extern int dmesg_restrict; @@ -93179,6 +93658,22 @@ index cbf094f..86007b7 100644 extern void wake_up_klogd(void); + void log_buf_kexec_setup(void); + void __init setup_log_buf(int early); +-void dump_stack_set_arch_desc(const char *fmt, ...); ++__printf(1, 2) void dump_stack_set_arch_desc(const char *fmt, ...); + void dump_stack_print_info(const char *log_lvl); + void show_regs_print_info(const char *log_lvl); + #else +@@ -195,7 +196,7 @@ static inline void setup_log_buf(int early) + { + } + +-static inline void dump_stack_set_arch_desc(const char *fmt, ...) ++static inline __printf(1, 2) void dump_stack_set_arch_desc(const char *fmt, ...) + { + } + diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h index 608e60a..bbcb1a0 100644 --- a/include/linux/proc_fs.h @@ -94377,10 +94872,10 @@ index 27b3b0b..e093dd9 100644 extern void register_syscore_ops(struct syscore_ops *ops); extern void unregister_syscore_ops(struct syscore_ops *ops); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h -index 14a8ff2..fa95f3a 100644 +index 14a8ff2..65dc1e2 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h -@@ -34,13 +34,13 @@ struct ctl_table_root; +@@ -34,17 +34,21 @@ struct ctl_table_root; struct ctl_table_header; struct ctl_dir; @@ -94395,8 +94890,16 @@ index 14a8ff2..fa95f3a 100644 + void __user *, size_t *, loff_t *); extern int proc_dointvec(struct ctl_table *, int, void __user *, size_t *, loff_t *); ++extern int proc_dointvec_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); extern int proc_dointvec_minmax(struct ctl_table *, int, -@@ -115,7 +115,9 @@ struct ctl_table + void __user *, size_t *, loff_t *); ++extern int proc_dointvec_minmax_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); + extern int proc_dointvec_jiffies(struct ctl_table *, int, + void __user *, size_t *, loff_t *); + extern int proc_dointvec_userhz_jiffies(struct ctl_table *, int, +@@ -115,7 +119,9 @@ struct ctl_table struct ctl_table_poll *poll; void *extra1; void *extra2; @@ -97574,10 +98077,10 @@ index c18b1f1..b9a0132 100644 return -ENOMEM; diff --git a/kernel/cred.c b/kernel/cred.c -index e0573a4..20fb164 100644 +index e0573a4..3907beb 100644 --- a/kernel/cred.c +++ b/kernel/cred.c -@@ -164,6 +164,16 @@ void exit_creds(struct task_struct *tsk) +@@ -164,6 +164,15 @@ void exit_creds(struct task_struct *tsk) validate_creds(cred); alter_cred_subscribers(cred, -1); put_cred(cred); @@ -97587,14 +98090,13 @@ index e0573a4..20fb164 100644 + if (cred != NULL) { + tsk->delayed_cred = NULL; + validate_creds(cred); -+ alter_cred_subscribers(cred, -1); + put_cred(cred); + } +#endif } /** -@@ -411,7 +421,7 @@ static bool cred_cap_issubset(const struct cred *set, const struct cred *subset) +@@ -411,7 +420,7 @@ static bool cred_cap_issubset(const struct cred *set, const struct cred *subset) * Always returns 0 thus allowing this function to be tail-called at the end * of, say, sys_setgid(). */ @@ -97603,7 +98105,7 @@ index e0573a4..20fb164 100644 { struct task_struct *task = current; const struct cred *old = task->real_cred; -@@ -430,6 +440,8 @@ int commit_creds(struct cred *new) +@@ -430,6 +439,8 @@ int commit_creds(struct cred *new) get_cred(new); /* we will require a ref for the subj creds too */ @@ -97612,7 +98114,7 @@ index e0573a4..20fb164 100644 /* dumpability changes */ if (!uid_eq(old->euid, new->euid) || !gid_eq(old->egid, new->egid) || -@@ -479,6 +491,108 @@ int commit_creds(struct cred *new) +@@ -479,6 +490,108 @@ int commit_creds(struct cred *new) put_cred(old); return 0; } @@ -97808,7 +98310,7 @@ index 449518e..2658dd6 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index 60146fe..2e89117 100644 +index 60146fe..7037710 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -159,8 +159,15 @@ static struct srcu_struct pmus_srcu; @@ -97819,11 +98321,11 @@ index 60146fe..2e89117 100644 */ -int sysctl_perf_event_paranoid __read_mostly = 1; +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN -+int sysctl_perf_event_legitimately_concerned __read_mostly = 3; ++int sysctl_perf_event_legitimately_concerned __read_only = 3; +#elif defined(CONFIG_GRKERNSEC_HIDESYM) -+int sysctl_perf_event_legitimately_concerned __read_mostly = 2; ++int sysctl_perf_event_legitimately_concerned __read_only = 2; +#else -+int sysctl_perf_event_legitimately_concerned __read_mostly = 1; ++int sysctl_perf_event_legitimately_concerned __read_only = 1; +#endif /* Minimum for 512 kiB + 1 user control page */ @@ -99388,7 +99890,7 @@ index 1d96dd0..994ff19 100644 default: diff --git a/kernel/module.c b/kernel/module.c -index 1d679a6..acc7443 100644 +index 1d679a6..b67e85e 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -61,6 +61,7 @@ @@ -99399,6 +99901,15 @@ index 1d679a6..acc7443 100644 #include <uapi/linux/module.h> #include "module-internal.h" +@@ -147,7 +148,7 @@ module_param(sig_enforce, bool_enable_only, 0644); + #endif /* CONFIG_MODULE_SIG */ + + /* Block module loading/unloading? */ +-int modules_disabled = 0; ++int modules_disabled __read_only = 0; + core_param(nomodule, modules_disabled, bint, 0); + + /* Waiting for a module to finish initializing? */ @@ -157,7 +158,8 @@ static BLOCKING_NOTIFIER_HEAD(module_notify_list); /* Bounds of module allocation, for speeding __module_address. @@ -100607,9 +101118,21 @@ index f1fe7ec..7d4e641 100644 if (pm_wakeup_pending()) { diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c -index a755ad7..bf7e534 100644 +index a755ad7..ba98f34 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c +@@ -359,9 +359,9 @@ static void log_store(int facility, int level, + } + + #ifdef CONFIG_SECURITY_DMESG_RESTRICT +-int dmesg_restrict = 1; ++int dmesg_restrict __read_only = 1; + #else +-int dmesg_restrict; ++int dmesg_restrict __read_only; + #endif + + static int syslog_action_restricted(int type) @@ -385,6 +385,11 @@ static int check_syslog_permissions(int type, bool from_file) if (from_file && type != SYSLOG_ACTION_OPEN) return 0; @@ -102248,7 +102771,7 @@ index c0a58be..95e292b 100644 if (!retval) { if (old_rlim) diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index c1b26e1..bc7b50d 100644 +index c1b26e1..947cae6 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -94,7 +94,6 @@ @@ -102259,7 +102782,11 @@ index c1b26e1..bc7b50d 100644 /* External variables not in a header file. */ extern int max_threads; extern int suid_dumpable; -@@ -118,19 +117,18 @@ extern int blk_iopoll_enabled; +@@ -115,22 +114,22 @@ extern int sysctl_nr_trim_pages; + #ifdef CONFIG_BLOCK + extern int blk_iopoll_enabled; + #endif ++extern int sysctl_modify_ldt; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -102288,18 +102815,19 @@ index c1b26e1..bc7b50d 100644 #endif /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ -@@ -181,10 +179,8 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -181,10 +180,8 @@ static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -#endif static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -@@ -215,6 +211,8 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, +@@ -215,6 +212,8 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, #endif @@ -102308,7 +102836,7 @@ index c1b26e1..bc7b50d 100644 static struct ctl_table kern_table[]; static struct ctl_table vm_table[]; static struct ctl_table fs_table[]; -@@ -229,6 +227,20 @@ extern struct ctl_table epoll_table[]; +@@ -229,6 +228,20 @@ extern struct ctl_table epoll_table[]; int sysctl_legacy_va_layout; #endif @@ -102329,7 +102857,7 @@ index c1b26e1..bc7b50d 100644 /* The default sysctl tables: */ static struct ctl_table sysctl_base_table[] = { -@@ -277,6 +289,22 @@ static int max_extfrag_threshold = 1000; +@@ -277,6 +290,22 @@ static int max_extfrag_threshold = 1000; #endif static struct ctl_table kern_table[] = { @@ -102352,7 +102880,7 @@ index c1b26e1..bc7b50d 100644 { .procname = "sched_child_runs_first", .data = &sysctl_sched_child_runs_first, -@@ -639,7 +667,7 @@ static struct ctl_table kern_table[] = { +@@ -639,7 +668,7 @@ static struct ctl_table kern_table[] = { .data = &modprobe_path, .maxlen = KMOD_PATH_LEN, .mode = 0644, @@ -102361,7 +102889,21 @@ index c1b26e1..bc7b50d 100644 }, { .procname = "modules_disabled", -@@ -806,16 +834,20 @@ static struct ctl_table kern_table[] = { +@@ -647,7 +676,7 @@ static struct ctl_table kern_table[] = { + .maxlen = sizeof(int), + .mode = 0644, + /* only handle a transition from default "0" to "1" */ +- .proc_handler = proc_dointvec_minmax, ++ .proc_handler = proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, +@@ -802,20 +831,24 @@ static struct ctl_table kern_table[] = { + .data = &dmesg_restrict, + .maxlen = sizeof(int), + .mode = 0644, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, .extra1 = &zero, .extra2 = &one, }, @@ -102371,7 +102913,8 @@ index c1b26e1..bc7b50d 100644 .data = &kptr_restrict, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_minmax_sysadmin, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, +#ifdef CONFIG_GRKERNSEC_HIDESYM + .extra1 = &two, +#else @@ -102383,7 +102926,23 @@ index c1b26e1..bc7b50d 100644 { .procname = "ngroups_max", .data = &ngroups_max, -@@ -1060,10 +1092,17 @@ static struct ctl_table kern_table[] = { +@@ -929,6 +962,15 @@ static struct ctl_table kern_table[] = { + .mode = 0644, + .proc_handler = proc_dointvec, + }, ++ { ++ .procname = "modify_ldt", ++ .data = &sysctl_modify_ldt, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, ++ .extra1 = &zero, ++ .extra2 = &one, ++ }, + #endif + #if defined(CONFIG_MMU) + { +@@ -1060,10 +1102,17 @@ static struct ctl_table kern_table[] = { */ { .procname = "perf_event_paranoid", @@ -102394,7 +102953,7 @@ index c1b26e1..bc7b50d 100644 .mode = 0644, - .proc_handler = proc_dointvec, + /* go ahead, be a hero */ -+ .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, + .extra1 = &neg_one, +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN + .extra2 = &three, @@ -102404,7 +102963,7 @@ index c1b26e1..bc7b50d 100644 }, { .procname = "perf_event_mlock_kb", -@@ -1334,6 +1373,13 @@ static struct ctl_table vm_table[] = { +@@ -1334,6 +1383,13 @@ static struct ctl_table vm_table[] = { .proc_handler = proc_dointvec_minmax, .extra1 = &zero, }, @@ -102418,7 +102977,7 @@ index c1b26e1..bc7b50d 100644 #else { .procname = "nr_trim_pages", -@@ -1798,6 +1844,16 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -1798,6 +1854,16 @@ int proc_dostring(struct ctl_table *table, int write, buffer, lenp, ppos); } @@ -102435,7 +102994,7 @@ index c1b26e1..bc7b50d 100644 static size_t proc_skip_spaces(char **buf) { size_t ret; -@@ -1903,6 +1959,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, +@@ -1903,6 +1969,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, len = strlen(tmp); if (len > *size) len = *size; @@ -102444,7 +103003,52 @@ index c1b26e1..bc7b50d 100644 if (copy_to_user(*buf, tmp, len)) return -EFAULT; *size -= len; -@@ -2067,7 +2125,7 @@ int proc_dointvec(struct ctl_table *table, int write, +@@ -2060,6 +2128,44 @@ int proc_dointvec(struct ctl_table *table, int write, + NULL,NULL); + } + ++static int do_proc_dointvec_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ if (write) { ++ if (*negp) { ++ if (*lvalp > (unsigned long) INT_MAX + 1) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = -*lvalp; ++ pax_close_kernel(); ++ } else { ++ if (*lvalp > (unsigned long) INT_MAX) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = *lvalp; ++ pax_close_kernel(); ++ } ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ ++int proc_dointvec_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ return do_proc_dointvec(table,write,buffer,lenp,ppos, ++ do_proc_dointvec_conv_secure,NULL); ++} ++ + /* + * Taint values can only be increased + * This means we can safely use a temporary. +@@ -2067,7 +2173,7 @@ int proc_dointvec(struct ctl_table *table, int write, static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -102453,23 +103057,77 @@ index c1b26e1..bc7b50d 100644 unsigned long tmptaint = get_taint(); int err; -@@ -2095,7 +2153,6 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -2095,16 +2201,14 @@ static int proc_taint(struct ctl_table *table, int write, return err; } -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2104,7 +2161,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, + if (write && !capable(CAP_SYS_ADMIN)) + return -EPERM; - return proc_dointvec_minmax(table, write, buffer, lenp, ppos); +- return proc_dointvec_minmax(table, write, buffer, lenp, ppos); ++ return proc_dointvec_minmax_secure(table, write, buffer, lenp, ppos); } -#endif struct do_proc_dointvec_minmax_conv_param { int *min; -@@ -2651,6 +2707,12 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -2135,6 +2239,32 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, + return 0; + } + ++static int do_proc_dointvec_minmax_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ struct do_proc_dointvec_minmax_conv_param *param = data; ++ if (write) { ++ int val = *negp ? -*lvalp : *lvalp; ++ if ((param->min && *param->min > val) || ++ (param->max && *param->max < val)) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = val; ++ pax_close_kernel(); ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ + /** + * proc_dointvec_minmax - read a vector of integers with min/max values + * @table: the sysctl table +@@ -2162,6 +2292,17 @@ int proc_dointvec_minmax(struct ctl_table *table, int write, + do_proc_dointvec_minmax_conv, ¶m); + } + ++int proc_dointvec_minmax_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ struct do_proc_dointvec_minmax_conv_param param = { ++ .min = (int *) table->extra1, ++ .max = (int *) table->extra2, ++ }; ++ return do_proc_dointvec(table, write, buffer, lenp, ppos, ++ do_proc_dointvec_minmax_conv_secure, ¶m); ++} ++ + static void validate_coredump_safety(void) + { + #ifdef CONFIG_COREDUMP +@@ -2651,6 +2792,12 @@ int proc_dostring(struct ctl_table *table, int write, return -ENOSYS; } @@ -102482,7 +103140,7 @@ index c1b26e1..bc7b50d 100644 int proc_dointvec(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2707,5 +2769,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); +@@ -2707,5 +2854,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); @@ -103832,10 +104490,22 @@ index bd2bea9..6b3c95e 100644 return false; diff --git a/lib/kobject.c b/lib/kobject.c -index cb14aea..8c53cdb 100644 +index cb14aea..7ae9777 100644 --- a/lib/kobject.c +++ b/lib/kobject.c -@@ -931,9 +931,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); +@@ -340,8 +340,9 @@ error: + } + EXPORT_SYMBOL(kobject_init); + +-static int kobject_add_varg(struct kobject *kobj, struct kobject *parent, +- const char *fmt, va_list vargs) ++static __printf(3, 0) int kobject_add_varg(struct kobject *kobj, ++ struct kobject *parent, ++ const char *fmt, va_list vargs) + { + int retval; + +@@ -931,9 +932,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -104334,7 +105004,7 @@ index 4f5b1dd..7cab418 100644 +} +EXPORT_SYMBOL(copy_to_user_overflow); diff --git a/lib/vsprintf.c b/lib/vsprintf.c -index 185b6d3..823c48c 100644 +index 185b6d3..c82c105 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -16,6 +16,9 @@ @@ -104351,10 +105021,11 @@ index 185b6d3..823c48c 100644 return number(buf, end, num, spec); } +-int kptr_restrict __read_mostly; +#ifdef CONFIG_GRKERNSEC_HIDESYM -+int kptr_restrict __read_mostly = 2; ++int kptr_restrict __read_only = 2; +#else - int kptr_restrict __read_mostly; ++int kptr_restrict __read_only; +#endif /* @@ -109843,6 +110514,18 @@ index 0447d5d..3cf4728 100644 __AAL_STAT_ITEMS #undef __HANDLE_ITEM } +diff --git a/net/ax25/ax25_subr.c b/net/ax25/ax25_subr.c +index 1997538..3b78e84 100644 +--- a/net/ax25/ax25_subr.c ++++ b/net/ax25/ax25_subr.c +@@ -264,6 +264,7 @@ void ax25_disconnect(ax25_cb *ax25, int reason) + { + ax25_clear_queues(ax25); + ++ ax25_stop_heartbeat(ax25); + ax25_stop_t1timer(ax25); + ax25_stop_t2timer(ax25); + ax25_stop_t3timer(ax25); diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c index 919a5ce..cc6b444 100644 --- a/net/ax25/sysctl_net_ax25.c @@ -110513,10 +111196,87 @@ index d125290..e86e034 100644 a0 = a[0]; a1 = a[1]; diff --git a/net/core/datagram.c b/net/core/datagram.c -index a16ed7b..eb44d17 100644 +index a16ed7b..689402b 100644 --- a/net/core/datagram.c +++ b/net/core/datagram.c -@@ -301,7 +301,7 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags) +@@ -130,6 +130,35 @@ out_noerr: + goto out; + } + ++static int skb_set_peeked(struct sk_buff *skb) ++{ ++ struct sk_buff *nskb; ++ ++ if (skb->peeked) ++ return 0; ++ ++ /* We have to unshare an skb before modifying it. */ ++ if (!skb_shared(skb)) ++ goto done; ++ ++ nskb = skb_clone(skb, GFP_ATOMIC); ++ if (!nskb) ++ return -ENOMEM; ++ ++ skb->prev->next = nskb; ++ skb->next->prev = nskb; ++ nskb->prev = skb->prev; ++ nskb->next = skb->next; ++ ++ consume_skb(skb); ++ skb = nskb; ++ ++done: ++ skb->peeked = 1; ++ ++ return 0; ++} ++ + /** + * __skb_recv_datagram - Receive a datagram skbuff + * @sk: socket +@@ -164,7 +193,9 @@ out_noerr: + struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + int *peeked, int *off, int *err) + { ++ struct sk_buff_head *queue = &sk->sk_receive_queue; + struct sk_buff *skb, *last; ++ unsigned long cpu_flags; + long timeo; + /* + * Caller is allowed not to check sk->sk_err before skb_recv_datagram() +@@ -183,8 +214,6 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + * Look at current nfs client by the way... + * However, this function was correct in any case. 8) + */ +- unsigned long cpu_flags; +- struct sk_buff_head *queue = &sk->sk_receive_queue; + int _off = *off; + + last = (struct sk_buff *)queue; +@@ -198,7 +227,11 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + _off -= skb->len; + continue; + } +- skb->peeked = 1; ++ ++ error = skb_set_peeked(skb); ++ if (error) ++ goto unlock_err; ++ + atomic_inc(&skb->users); + } else + __skb_unlink(skb, queue); +@@ -222,6 +255,8 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + + return NULL; + ++unlock_err: ++ spin_unlock_irqrestore(&queue->lock, cpu_flags); + no_packet: + *err = error; + return NULL; +@@ -301,7 +336,7 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags) } kfree_skb(skb); @@ -110645,6 +111405,21 @@ index cf999e0..c59a9754 100644 } } EXPORT_SYMBOL(dev_load); +diff --git a/net/core/dst.c b/net/core/dst.c +index 15b6792..0d70357 100644 +--- a/net/core/dst.c ++++ b/net/core/dst.c +@@ -282,7 +282,9 @@ void dst_release(struct dst_entry *dst) + int newrefcnt; + + newrefcnt = atomic_dec_return(&dst->__refcnt); +- WARN_ON(newrefcnt < 0); ++ if (unlikely(newrefcnt < 0)) ++ net_warn_ratelimited("%s: dst:%p refcnt:%d\n", ++ __func__, dst, newrefcnt); + if (unlikely(dst->flags & DST_NOCACHE) && !newrefcnt) + call_rcu(&dst->rcu_head, dst_destroy_rcu); + } diff --git a/net/core/filter.c b/net/core/filter.c index ebce437..9fed9d0 100644 --- a/net/core/filter.c @@ -110942,7 +111717,7 @@ index ca68d32..236499d 100644 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR); return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index 8aadd6a..adf3f59 100644 +index 8aadd6a..5063f2a 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -58,7 +58,7 @@ struct rtnl_link { @@ -110980,7 +111755,25 @@ index 8aadd6a..adf3f59 100644 } EXPORT_SYMBOL_GPL(__rtnl_link_unregister); -@@ -2006,6 +2009,10 @@ replay: +@@ -1605,10 +1608,13 @@ static int do_setlink(const struct sk_buff *skb, + goto errout; + + nla_for_each_nested(attr, tb[IFLA_VF_PORTS], rem) { +- if (nla_type(attr) != IFLA_VF_PORT) +- continue; +- err = nla_parse_nested(port, IFLA_PORT_MAX, +- attr, ifla_port_policy); ++ if (nla_type(attr) != IFLA_VF_PORT || ++ nla_len(attr) < NLA_HDRLEN) { ++ err = -EINVAL; ++ goto errout; ++ } ++ err = nla_parse_nested(port, IFLA_PORT_MAX, attr, ++ ifla_port_policy); + if (err < 0) + goto errout; + if (!port[IFLA_PORT_VF]) { +@@ -2006,6 +2012,10 @@ replay: if (IS_ERR(dest_net)) return PTR_ERR(dest_net); @@ -110991,7 +111784,7 @@ index 8aadd6a..adf3f59 100644 dev = rtnl_create_link(dest_net, ifname, ops, tb); if (IS_ERR(dev)) { err = PTR_ERR(dev); -@@ -2693,6 +2700,9 @@ static int rtnl_bridge_setlink(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -2693,6 +2703,9 @@ static int rtnl_bridge_setlink(struct sk_buff *skb, struct nlmsghdr *nlh) if (br_spec) { nla_for_each_nested(attr, br_spec, rem) { if (nla_type(attr) == IFLA_BRIDGE_FLAGS) { @@ -111001,7 +111794,7 @@ index 8aadd6a..adf3f59 100644 have_flags = true; flags = nla_get_u16(attr); break; -@@ -2763,6 +2773,9 @@ static int rtnl_bridge_dellink(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -2763,6 +2776,9 @@ static int rtnl_bridge_dellink(struct sk_buff *skb, struct nlmsghdr *nlh) if (br_spec) { nla_for_each_nested(attr, br_spec, rem) { if (nla_type(attr) == IFLA_BRIDGE_FLAGS) { @@ -115635,6 +116428,35 @@ index 8e3cf49..4a8e322 100644 } static int cls_bpf_change(struct net *net, struct sk_buff *in_skb, +diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c +index ba5bc92..1232a25 100644 +--- a/net/sched/sch_fq_codel.c ++++ b/net/sched/sch_fq_codel.c +@@ -167,6 +167,15 @@ static unsigned int fq_codel_drop(struct Qdisc *sch) + return idx; + } + ++static unsigned int fq_codel_qdisc_drop(struct Qdisc *sch) ++{ ++ unsigned int prev_backlog; ++ ++ prev_backlog = sch->qstats.backlog; ++ fq_codel_drop(sch); ++ return prev_backlog - sch->qstats.backlog; ++} ++ + static int fq_codel_enqueue(struct sk_buff *skb, struct Qdisc *sch) + { + struct fq_codel_sched_data *q = qdisc_priv(sch); +@@ -600,7 +609,7 @@ static struct Qdisc_ops fq_codel_qdisc_ops __read_mostly = { + .enqueue = fq_codel_enqueue, + .dequeue = fq_codel_dequeue, + .peek = qdisc_peek_dequeued, +- .drop = fq_codel_drop, ++ .drop = fq_codel_qdisc_drop, + .init = fq_codel_init, + .reset = fq_codel_reset, + .destroy = fq_codel_destroy, diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 2b1738e..a9d0fc9 100644 --- a/net/sctp/ipv6.c @@ -120467,10 +121289,10 @@ index 0000000..0c96d8a +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..da184c5 +index 0000000..c5de280 --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,564 @@ +@@ -0,0 +1,568 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2015 by PaX Team <pageexec@freemail.hu> @@ -120912,7 +121734,7 @@ index 0000000..da184c5 + .optinfo_flags = OPTGROUP_NONE, +#endif +#if BUILDING_GCC_VERSION >= 5000 -+#elif BUILDING_GCC_VERSION >= 4009 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -120937,7 +121759,11 @@ index 0000000..da184c5 +class check_local_variables_pass : public gimple_opt_pass { +public: + check_local_variables_pass() : gimple_opt_pass(check_local_variables_pass_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return check_local_variables(); } ++#else + unsigned int execute() { return check_local_variables(); } ++#endif +}; +} + @@ -121037,10 +121863,10 @@ index 0000000..da184c5 +} diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h new file mode 100644 -index 0000000..1d20e32 +index 0000000..70924d4 --- /dev/null +++ b/tools/gcc/gcc-common.h -@@ -0,0 +1,689 @@ +@@ -0,0 +1,787 @@ +#ifndef GCC_COMMON_H_INCLUDED +#define GCC_COMMON_H_INCLUDED + @@ -121119,6 +121945,8 @@ index 0000000..1d20e32 +#include "tree-flow.h" +#else +#include "tree-cfgcleanup.h" ++#include "tree-ssa-operands.h" ++#include "tree-into-ssa.h" +#endif + +#if BUILDING_GCC_VERSION >= 4008 @@ -121449,6 +122277,76 @@ index 0000000..1d20e32 +typedef union gimple_statement_d gdebug; +typedef union gimple_statement_d gphi; +typedef union gimple_statement_d greturn; ++ ++static inline gasm *as_a_gasm(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gasm *as_a_const_gasm(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gassign *as_a_gassign(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gassign *as_a_const_gassign(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcall *as_a_gcall(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcall *as_a_const_gcall(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcond *as_a_const_gcond(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gdebug *as_a_gdebug(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline greturn *as_a_greturn(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const greturn *as_a_const_greturn(const_gimple stmt) ++{ ++ return stmt; ++} +#endif + +#if BUILDING_GCC_VERSION == 4008 @@ -121468,34 +122366,35 @@ index 0000000..1d20e32 +#if BUILDING_GCC_VERSION <= 4009 +#define TODO_verify_il 0 +#define AVAIL_INTERPOSABLE AVAIL_OVERWRITABLE -+#endif + -+#if BUILDING_GCC_VERSION == 4009 -+typedef struct gimple_statement_base gasm; -+typedef struct gimple_statement_base gassign; -+typedef struct gimple_statement_base gcall; -+typedef struct gimple_statement_base gcond; -+typedef struct gimple_statement_base gdebug; -+typedef struct gimple_statement_base gphi; -+typedef struct gimple_statement_base greturn; -+#endif ++#define section_name_prefix LTO_SECTION_NAME_PREFIX ++#define fatal_error(loc, gmsgid, ...) fatal_error((gmsgid), __VA_ARGS__) + -+#if BUILDING_GCC_VERSION <= 4009 +typedef struct rtx_def rtx_insn; + +static inline void set_decl_section_name(tree node, const char *value) +{ + DECL_SECTION_NAME(node) = build_string(strlen(value) + 1, value); +} ++#endif ++ ++#if BUILDING_GCC_VERSION == 4009 ++typedef struct gimple_statement_asm gasm; ++typedef struct gimple_statement_base gassign; ++typedef struct gimple_statement_call gcall; ++typedef struct gimple_statement_base gcond; ++typedef struct gimple_statement_base gdebug; ++typedef struct gimple_statement_phi gphi; ++typedef struct gimple_statement_base greturn; + +static inline gasm *as_a_gasm(gimple stmt) +{ -+ return stmt; ++ return as_a<gasm>(stmt); +} + +static inline const gasm *as_a_const_gasm(const_gimple stmt) +{ -+ return stmt; ++ return as_a<const gasm>(stmt); +} + +static inline gassign *as_a_gassign(gimple stmt) @@ -121510,24 +122409,44 @@ index 0000000..1d20e32 + +static inline gcall *as_a_gcall(gimple stmt) +{ -+ return stmt; ++ return as_a<gcall>(stmt); +} + +static inline const gcall *as_a_const_gcall(const_gimple stmt) +{ ++ return as_a<const gcall>(stmt); ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ + return stmt; +} + -+static inline gphi *as_a_gphi(gimple stmt) ++static inline const gcond *as_a_const_gcond(const_gimple stmt) +{ + return stmt; +} + -+static inline const gphi *as_a_const_gphi(const_gimple stmt) ++static inline gdebug *as_a_gdebug(gimple stmt) +{ + return stmt; +} + ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return as_a<gphi>(stmt); ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return as_a<const gphi>(stmt); ++} ++ +static inline greturn *as_a_greturn(gimple stmt) +{ + return stmt; @@ -121589,6 +122508,11 @@ index 0000000..1d20e32 + varpool_node::add(decl); +} + ++static inline unsigned int rebuild_cgraph_edges(void) ++{ ++ return cgraph_edge::rebuild_edges(); ++} ++ +static inline cgraph_node_ptr cgraph_function_node(cgraph_node_ptr node, enum availability *availability) +{ + return node->function_symbol(availability); @@ -122973,10 +123897,10 @@ index 0000000..ac6f9b4 +} diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c new file mode 100644 -index 0000000..713be61 +index 0000000..40dcfa9 --- /dev/null +++ b/tools/gcc/randomize_layout_plugin.c -@@ -0,0 +1,918 @@ +@@ -0,0 +1,922 @@ +/* + * Copyright 2014,2015 by Open Source Security, Inc., Brad Spengler <spender@grsecurity.net> + * and PaX Team <pageexec@freemail.hu> @@ -123822,7 +124746,11 @@ index 0000000..713be61 +class randomize_layout_bad_cast : public gimple_opt_pass { +public: + randomize_layout_bad_cast() : gimple_opt_pass(randomize_layout_bad_cast_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return find_bad_casts(); } ++#else + unsigned int execute() { return find_bad_casts(); } ++#endif +}; +} +#endif @@ -124039,15 +124967,16 @@ index 0000000..12b1e3b +exit 0 diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c new file mode 100644 -index 0000000..c43901f +index 0000000..495983ff --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c -@@ -0,0 +1,748 @@ +@@ -0,0 +1,762 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -124065,8 +124994,8 @@ index 0000000..c43901f +#include "gcc-common.h" +#include "size_overflow.h" + -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs); -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs); ++static void search_size_overflow_attribute(gimple_set *visited, tree lhs); ++static enum mark search_intentional(gimple_set *visited, const_tree lhs); + +// data for the size_overflow asm stmt +struct asm_data { @@ -124100,7 +125029,7 @@ index 0000000..c43901f + +static void create_asm_stmt(const char *str, tree str_input, tree str_output, struct asm_data *asm_data) +{ -+ gimple asm_stmt; ++ gasm *asm_stmt; + gimple_stmt_iterator gsi; +#if BUILDING_GCC_VERSION <= 4007 + VEC(tree, gc) *input, *output = NULL; @@ -124113,7 +125042,7 @@ index 0000000..c43901f + if (asm_data->output) + output = create_asm_io_list(str_output, asm_data->output); + -+ asm_stmt = gimple_build_asm_vec(str, input, output, NULL, NULL); ++ asm_stmt = as_a_gasm(gimple_build_asm_vec(str, input, output, NULL, NULL)); + gsi = gsi_for_stmt(asm_data->def_stmt); + gsi_insert_after(&gsi, asm_stmt, GSI_NEW_STMT); + @@ -124128,13 +125057,13 @@ index 0000000..c43901f + SSA_NAME_DEF_STMT(asm_data->input) = asm_data->def_stmt; +} + -+static enum mark search_intentional_phi(struct pointer_set_t *visited, const_tree result) ++static enum mark search_intentional_phi(gimple_set *visited, const_tree result) +{ + enum mark cur_fndecl_attr; -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + -+ pointer_set_insert(visited, phi); ++ pointer_set_insert(visited, (gimple)phi); + for (i = 0; i < n; i++) { + tree arg = gimple_phi_arg_def(phi, i); + @@ -124145,11 +125074,11 @@ index 0000000..c43901f + return MARK_NO; +} + -+static enum mark search_intentional_binary(struct pointer_set_t *visited, const_tree lhs) ++static enum mark search_intentional_binary(gimple_set *visited, const_tree lhs) +{ + enum mark cur_fndecl_attr; + const_tree rhs1, rhs2; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + rhs1 = gimple_assign_rhs1(def_stmt); + rhs2 = gimple_assign_rhs2(def_stmt); @@ -124161,7 +125090,7 @@ index 0000000..c43901f +} + +// Look up the intentional_overflow attribute on the caller and the callee functions. -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs) ++static enum mark search_intentional(gimple_set *visited, const_tree lhs) +{ + const_gimple def_stmt; + @@ -124179,7 +125108,7 @@ index 0000000..c43901f + case GIMPLE_NOP: + return search_intentional(visited, SSA_NAME_VAR(lhs)); + case GIMPLE_ASM: -+ if (is_size_overflow_intentional_asm_turn_off(def_stmt)) ++ if (is_size_overflow_intentional_asm_turn_off(as_a_const_gasm(def_stmt))) + return MARK_TURN_OFF; + return MARK_NO; + case GIMPLE_CALL: @@ -124189,7 +125118,7 @@ index 0000000..c43901f + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return search_intentional(visited, gimple_assign_rhs1(def_stmt)); ++ return search_intentional(visited, gimple_assign_rhs1(as_a_const_gassign(def_stmt))); + case 3: + return search_intentional_binary(visited, lhs); + } @@ -124206,7 +125135,7 @@ index 0000000..c43901f +static enum mark check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) +{ + const_tree fndecl; -+ struct pointer_set_t *visited; ++ gimple_set *visited; + enum mark cur_fndecl_attr, decl_attr = MARK_NO; + + fndecl = get_interesting_orig_fndecl(stmt, argnum); @@ -124249,7 +125178,7 @@ index 0000000..c43901f + is_missing_function(orig_fndecl, num); +} + -+static void search_size_overflow_attribute_phi(struct pointer_set_t *visited, const_tree result) ++static void search_size_overflow_attribute_phi(gimple_set *visited, const_tree result) +{ + gimple phi = get_def_stmt(result); + unsigned int i, n = gimple_phi_num_args(phi); @@ -124262,7 +125191,7 @@ index 0000000..c43901f + } +} + -+static void search_size_overflow_attribute_binary(struct pointer_set_t *visited, const_tree lhs) ++static void search_size_overflow_attribute_binary(gimple_set *visited, const_tree lhs) +{ + const_gimple def_stmt = get_def_stmt(lhs); + tree rhs1, rhs2; @@ -124274,7 +125203,7 @@ index 0000000..c43901f + search_size_overflow_attribute(visited, rhs2); +} + -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs) ++static void search_size_overflow_attribute(gimple_set *visited, tree lhs) +{ + const_gimple def_stmt; + @@ -124324,18 +125253,20 @@ index 0000000..c43901f +{ + tree fndecl = NULL_TREE; + tree lhs; -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) + return; + + if (num == 0) { + gcc_assert(gimple_code(stmt) == GIMPLE_RETURN); -+ lhs = gimple_return_retval(stmt); ++ lhs = gimple_return_retval(as_a_const_greturn(stmt)); + } else { -+ gcc_assert(is_gimple_call(stmt)); -+ lhs = gimple_call_arg(stmt, num - 1); -+ fndecl = gimple_call_fndecl(stmt); ++ const gcall *call = as_a_const_gcall(stmt); ++ ++ gcc_assert(is_gimple_call(call)); ++ lhs = gimple_call_arg(call, num - 1); ++ fndecl = gimple_call_fndecl(call); + } + + if (fndecl != NULL_TREE && is_turn_off_intentional_attr(DECL_ORIGIN(fndecl))) @@ -124359,9 +125290,9 @@ index 0000000..c43901f + asm_data->output = create_new_var(TREE_TYPE(asm_data->output)); + asm_data->output = make_ssa_name(asm_data->output, stmt); + if (gimple_code(stmt) == GIMPLE_RETURN) -+ gimple_return_set_retval(stmt, asm_data->output); ++ gimple_return_set_retval(as_a_greturn(stmt), asm_data->output); + else -+ gimple_call_set_arg(stmt, argnum - 1, asm_data->output); ++ gimple_call_set_arg(as_a_gcall(stmt), argnum - 1, asm_data->output); + update_stmt(stmt); +} + @@ -124441,7 +125372,7 @@ index 0000000..c43901f + break; + } + case GIMPLE_ASM: -+ if (is_size_overflow_asm(asm_data->def_stmt)) { ++ if (is_size_overflow_asm(as_a_const_gasm(asm_data->def_stmt))) { + asm_data->input = NULL_TREE; + break; + } @@ -124472,7 +125403,7 @@ index 0000000..c43901f + search_missing_size_overflow_attribute_gimple(stmt, argnum); + + asm_data.def_stmt = get_def_stmt(asm_data.output); -+ if (is_size_overflow_intentional_asm_turn_off(asm_data.def_stmt)) ++ if (gimple_code(asm_data.def_stmt) == GIMPLE_ASM && is_size_overflow_intentional_asm_turn_off(as_a_const_gasm(asm_data.def_stmt))) + return; + + create_asm_input(stmt, argnum, &asm_data); @@ -124522,7 +125453,7 @@ index 0000000..c43901f + return true; +} + -+static void walk_use_def_ptr(struct pointer_set_t *visited, const_tree lhs) ++static void walk_use_def_ptr(gimple_set *visited, const_tree lhs) +{ + gimple def_stmt; + @@ -124539,28 +125470,33 @@ index 0000000..c43901f + case GIMPLE_CALL: + break; + case GIMPLE_PHI: { -+ unsigned int i, n = gimple_phi_num_args(def_stmt); ++ gphi *phi = as_a_gphi(def_stmt); ++ unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, def_stmt); + + for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(def_stmt, i); ++ tree arg = gimple_phi_arg_def(phi, i); + + walk_use_def_ptr(visited, arg); + } ++ break; + } -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { ++ case GIMPLE_ASSIGN: { ++ gassign *assign = as_a_gassign(def_stmt); ++ ++ switch (gimple_num_ops(assign)) { + case 2: -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs1(assign)); + return; + case 3: -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); -+ walk_use_def_ptr(visited, gimple_assign_rhs2(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs1(assign)); ++ walk_use_def_ptr(visited, gimple_assign_rhs2(assign)); + return; + default: + return; + } ++ } + default: + debug_gimple_stmt((gimple)def_stmt); + error("%s: unknown gimple code", __func__); @@ -124571,7 +125507,7 @@ index 0000000..c43901f +// Look for a ptr - ptr expression (e.g., cpuset_common_file_read() s - page) +static void insert_mark_not_intentional_asm_at_ptr(const_tree arg) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + visited = pointer_set_create(); + walk_use_def_ptr(visited, arg); @@ -124579,7 +125515,7 @@ index 0000000..c43901f +} + +// Determine the return value and insert the asm stmt to mark the return stmt. -+static void insert_asm_ret(gimple stmt) ++static void insert_asm_ret(greturn *stmt) +{ + tree ret; + @@ -124588,7 +125524,7 @@ index 0000000..c43901f +} + +// Determine the correct arg index and arg and insert the asm stmt to mark the stmt. -+static void insert_asm_arg(gimple stmt, unsigned int orig_argnum) ++static void insert_asm_arg(gcall *stmt, unsigned int orig_argnum) +{ + tree arg; + unsigned int argnum; @@ -124665,7 +125601,7 @@ index 0000000..c43901f + * Look up the intentional_overflow attribute that turns off ipa based duplication + * on the callee function. + */ -+static bool is_mark_turn_off_attribute(gimple stmt) ++static bool is_mark_turn_off_attribute(gcall *stmt) +{ + enum mark mark; + const_tree fndecl = gimple_call_fndecl(stmt); @@ -124677,7 +125613,7 @@ index 0000000..c43901f +} + +// If the argument(s) of the callee function is/are in the hash table or are marked by an attribute then mark the call stmt with an asm stmt -+static void handle_interesting_function(gimple stmt) ++static void handle_interesting_function(gcall *stmt) +{ + unsigned int argnum; + tree fndecl; @@ -124703,7 +125639,7 @@ index 0000000..c43901f +} + +// If the return value of the caller function is in hash table (its index is 0) then mark the return stmt with an asm stmt -+static void handle_interesting_ret(gimple stmt) ++static void handle_interesting_ret(greturn *stmt) +{ + bool orig_argnums[MAX_PARAM + 1] = {false}; + @@ -124724,13 +125660,13 @@ index 0000000..c43901f + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { + gimple stmt = gsi_stmt(gsi); + -+ if (is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) == GIMPLE_ASM && is_size_overflow_asm(as_a_const_gasm(stmt))) + continue; + + if (is_gimple_call(stmt)) -+ handle_interesting_function(stmt); ++ handle_interesting_function(as_a_gcall(stmt)); + else if (gimple_code(stmt) == GIMPLE_RETURN) -+ handle_interesting_ret(stmt); ++ handle_interesting_ret(as_a_greturn(stmt)); + } + } + return 0; @@ -124742,6 +125678,7 @@ index 0000000..c43901f + * that the ipa pass will detect and insert the size overflow checks for. + */ +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data insert_size_overflow_asm_pass_data = { +#else +static struct gimple_opt_pass insert_size_overflow_asm_pass = { @@ -124752,7 +125689,8 @@ index 0000000..c43901f +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -124774,34 +125712,39 @@ index 0000000..c43901f +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class insert_size_overflow_asm_pass : public gimple_opt_pass { +public: + insert_size_overflow_asm_pass() : gimple_opt_pass(insert_size_overflow_asm_pass_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return search_interesting_functions(); } ++#else + unsigned int execute() { return search_interesting_functions(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_insert_size_overflow_asm_pass(void) ++opt_pass *make_insert_size_overflow_asm_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new insert_size_overflow_asm_pass(); ++} +#else ++struct opt_pass *make_insert_size_overflow_asm_pass(void) ++{ + return &insert_size_overflow_asm_pass.pass; -+#endif +} ++#endif diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c new file mode 100644 -index 0000000..73f0a12 +index 0000000..0766e39 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c -@@ -0,0 +1,943 @@ +@@ -0,0 +1,931 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -124865,19 +125808,6 @@ index 0000000..73f0a12 + return new_type; +} + -+static tree get_lhs(const_gimple stmt) -+{ -+ switch (gimple_code(stmt)) { -+ case GIMPLE_ASSIGN: -+ case GIMPLE_CALL: -+ return gimple_get_lhs(stmt); -+ case GIMPLE_PHI: -+ return gimple_phi_result(stmt); -+ default: -+ return NULL_TREE; -+ } -+} -+ +static tree cast_to_new_size_overflow_type(struct visited *visited, gimple stmt, tree rhs, tree size_overflow_type, bool before) +{ + gimple_stmt_iterator gsi; @@ -124951,7 +125881,7 @@ index 0000000..73f0a12 + return cast_to_new_size_overflow_type(visited, oldstmt, rhs1, dst_type, before); +} + -+tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) ++tree dup_assign(struct visited *visited, gassign *oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) +{ + gimple stmt; + gimple_stmt_iterator gsi; @@ -125020,13 +125950,14 @@ index 0000000..73f0a12 + assign = build_cast_stmt(visited, size_overflow_type, arg, phi_ssa_name, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); + -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static tree use_phi_ssa_name(struct visited *visited, tree ssa_name_var, tree new_arg) +{ + gimple_stmt_iterator gsi; -+ gimple assign, def_stmt = get_def_stmt(new_arg); ++ gimple assign; ++ gimple def_stmt = get_def_stmt(new_arg); + + if (gimple_code(def_stmt) == GIMPLE_PHI) { + gsi = gsi_after_labels(gimple_bb(def_stmt)); @@ -125037,7 +125968,7 @@ index 0000000..73f0a12 + } + + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static tree cast_visited_phi_arg(struct visited *visited, tree ssa_name_var, tree arg, tree size_overflow_type) @@ -125054,13 +125985,12 @@ index 0000000..73f0a12 + + assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + -+static tree create_new_phi_arg(struct visited *visited, tree ssa_name_var, tree new_arg, gimple oldstmt, unsigned int i) ++static tree create_new_phi_arg(struct visited *visited, tree ssa_name_var, tree new_arg, gphi *oldstmt, unsigned int i) +{ -+ tree size_overflow_type; -+ tree arg; ++ tree size_overflow_type, arg; + const_gimple def_stmt; + + if (new_arg != NULL_TREE && is_gimple_constant(new_arg)) @@ -125077,7 +126007,7 @@ index 0000000..73f0a12 + case GIMPLE_NOP: { + basic_block bb; + -+ bb = gimple_phi_arg_edge(oldstmt, i)->src; ++ bb = gimple_phi_arg_edge(as_a_gphi(oldstmt), i)->src; + return cast_parm_decl(visited, ssa_name_var, arg, size_overflow_type, bb); + } + case GIMPLE_ASM: { @@ -125087,7 +126017,7 @@ index 0000000..73f0a12 + gsi = gsi_for_stmt(stmt); + assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, AFTER_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); + } + default: + gcc_assert(new_arg != NULL_TREE); @@ -125096,10 +126026,10 @@ index 0000000..73f0a12 + } +} + -+static gimple overflow_create_phi_node(struct visited *visited, gimple oldstmt, tree result) ++static gphi *overflow_create_phi_node(struct visited *visited, gphi *oldstmt, tree result) +{ + basic_block bb; -+ gimple phi; ++ gphi *phi; + gimple_seq seq; + gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); + @@ -125112,7 +126042,7 @@ index 0000000..73f0a12 + result = create_new_var(size_overflow_type); + } + -+ phi = create_phi_node(result, bb); ++ phi = as_a_gphi(create_phi_node(result, bb)); + gimple_phi_set_result(phi, make_ssa_name(result, phi)); + seq = phi_nodes(bb); + gsi = gsi_last(seq); @@ -125125,12 +126055,12 @@ index 0000000..73f0a12 +} + +#if BUILDING_GCC_VERSION <= 4007 -+static tree create_new_phi_node(struct visited *visited, VEC(tree, heap) **args, tree ssa_name_var, gimple oldstmt) ++static tree create_new_phi_node(struct visited *visited, VEC(tree, heap) **args, tree ssa_name_var, gphi *oldstmt) +#else -+static tree create_new_phi_node(struct visited *visited, vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gimple oldstmt) ++static tree create_new_phi_node(struct visited *visited, vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gphi *oldstmt) +#endif +{ -+ gimple new_phi; ++ gphi *new_phi; + unsigned int i; + tree arg, result; + location_t loc = gimple_location(oldstmt); @@ -125172,7 +126102,7 @@ index 0000000..73f0a12 +#else + vec<tree, va_heap, vl_embed> *args = NULL; +#endif -+ gimple oldstmt = get_def_stmt(orig_result); ++ gphi *oldstmt = as_a_gphi(get_def_stmt(orig_result)); + unsigned int i, len = gimple_phi_num_args(oldstmt); + + pointer_set_insert(visited->stmts, oldstmt); @@ -125205,7 +126135,7 @@ index 0000000..73f0a12 +#endif +} + -+static tree create_cast_assign(struct visited *visited, gimple stmt) ++static tree create_cast_assign(struct visited *visited, gassign *stmt) +{ + tree rhs1 = gimple_assign_rhs1(stmt); + tree lhs = gimple_assign_lhs(stmt); @@ -125218,7 +126148,7 @@ index 0000000..73f0a12 + return create_assign(visited, stmt, rhs1, AFTER_STMT); +} + -+static bool skip_lhs_cast_check(const_gimple stmt) ++static bool skip_lhs_cast_check(const gassign *stmt) +{ + const_tree rhs = gimple_assign_rhs1(stmt); + const_gimple def_stmt = get_def_stmt(rhs); @@ -125252,7 +126182,7 @@ index 0000000..73f0a12 + +static void insert_cond(basic_block cond_bb, tree arg, enum tree_code cond_code, tree type_value) +{ -+ gimple cond_stmt; ++ gcond *cond_stmt; + gimple_stmt_iterator gsi = gsi_last_bb(cond_bb); + + cond_stmt = gimple_build_cond(cond_code, arg, type_value, NULL_TREE, NULL_TREE); @@ -125262,7 +126192,7 @@ index 0000000..73f0a12 + +static void insert_cond_result(struct cgraph_node *caller_node, basic_block bb_true, const_gimple stmt, const_tree arg, bool min) +{ -+ gimple func_stmt; ++ gcall *func_stmt; + const_gimple def_stmt; + const_tree loc_line; + tree loc_file, ssa_name, current_func; @@ -125300,7 +126230,7 @@ index 0000000..73f0a12 + ssa_name = create_string_param(ssa_name); + + // void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name) -+ func_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); ++ func_stmt = as_a_gcall(gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name)); + gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING); + + callee_node = cgraph_get_create_node(report_size_overflow_decl); @@ -125384,7 +126314,7 @@ index 0000000..73f0a12 + insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK); +} + -+static tree create_cast_overflow_check(struct visited *visited, struct cgraph_node *caller_node, tree new_rhs1, gimple stmt) ++static tree create_cast_overflow_check(struct visited *visited, struct cgraph_node *caller_node, tree new_rhs1, gassign *stmt) +{ + bool cast_lhs, cast_rhs; + tree lhs = gimple_assign_lhs(stmt); @@ -125437,7 +126367,7 @@ index 0000000..73f0a12 + return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); +} + -+static tree handle_unary_rhs(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++static tree handle_unary_rhs(struct visited *visited, struct cgraph_node *caller_node, gassign *stmt) +{ + enum tree_code rhs_code; + tree rhs1, new_rhs1, lhs = gimple_assign_lhs(stmt); @@ -125472,10 +126402,10 @@ index 0000000..73f0a12 + return create_cast_overflow_check(visited, caller_node, new_rhs1, stmt); +} + -+static tree handle_unary_ops(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++static tree handle_unary_ops(struct visited *visited, struct cgraph_node *caller_node, gassign *stmt) +{ + tree rhs1, lhs = gimple_assign_lhs(stmt); -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP); + rhs1 = gimple_assign_rhs1(def_stmt); @@ -125534,7 +126464,7 @@ index 0000000..73f0a12 +} + +// Skip duplication when there is a minus expr and the type of rhs1 or rhs2 is a pointer_type. -+static bool is_a_ptr_minus(gimple stmt) ++static bool is_a_ptr_minus(gassign *stmt) +{ + const_tree rhs1, rhs2, ptr1_rhs, ptr2_rhs; + @@ -125562,7 +126492,7 @@ index 0000000..73f0a12 +{ + enum intentional_overflow_type res; + tree rhs1, rhs2, new_lhs; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + tree new_rhs1 = NULL_TREE; + tree new_rhs2 = NULL_TREE; + @@ -125603,13 +126533,13 @@ index 0000000..73f0a12 + res = add_mul_intentional_overflow(def_stmt); + if (res != NO_INTENTIONAL_OVERFLOW) { + new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+ insert_cast_expr(visited, get_def_stmt(new_lhs), res); ++ insert_cast_expr(visited, as_a_gassign(get_def_stmt(new_lhs)), res); + return new_lhs; + } + + if (skip_expr_on_double_type(def_stmt)) { + new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+ insert_cast_expr(visited, get_def_stmt(new_lhs), NO_INTENTIONAL_OVERFLOW); ++ insert_cast_expr(visited, as_a_gassign(get_def_stmt(new_lhs)), NO_INTENTIONAL_OVERFLOW); + return new_lhs; + } + @@ -125646,7 +126576,7 @@ index 0000000..73f0a12 +static tree handle_ternary_ops(struct visited *visited, struct cgraph_node *caller_node, tree lhs) +{ + tree rhs1, rhs2, rhs3, new_rhs1, new_rhs2, new_rhs3, size_overflow_type; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + size_overflow_type = get_size_overflow_type(visited, def_stmt, lhs); + @@ -125725,7 +126655,7 @@ index 0000000..73f0a12 + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return handle_unary_ops(visited, caller_node, def_stmt); ++ return handle_unary_ops(visited, caller_node, as_a_gassign(def_stmt)); + case 3: + return handle_binary_ops(visited, caller_node, lhs); +#if BUILDING_GCC_VERSION >= 4006 @@ -125742,16 +126672,17 @@ index 0000000..73f0a12 + diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c new file mode 100644 -index 0000000..df50164 +index 0000000..e1e6e19 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c -@@ -0,0 +1,1141 @@ +@@ -0,0 +1,1157 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: + * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * https://github.com/ephox-gcc-plugins + * + * Documentation: + * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 @@ -125775,8 +126706,8 @@ index 0000000..df50164 + +unsigned int call_count; + -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs); -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs); ++static void set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree lhs); ++static void walk_use_def(gimple_set *visited, struct interesting_node *cur_node, tree lhs); + +struct visited_fns { + struct visited_fns *next; @@ -125946,9 +126877,9 @@ index 0000000..df50164 + return cnodes; +} + -+static void walk_phi_set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree result) ++static void walk_phi_set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree result) +{ -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, phi); @@ -125964,7 +126895,7 @@ index 0000000..df50164 +}; + +// Search for constants, cast assignments and binary/ternary assignments -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs) ++static void set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree lhs) +{ + gimple def_stmt = get_def_stmt(lhs); + @@ -125981,7 +126912,7 @@ index 0000000..df50164 + + switch (gimple_code(def_stmt)) { + case GIMPLE_CALL: -+ if (lhs == gimple_call_lhs(def_stmt)) ++ if (lhs == gimple_call_lhs(as_a_const_gcall(def_stmt))) + interesting_conditions[RET] = true; + return; + case GIMPLE_NOP: @@ -125990,11 +126921,13 @@ index 0000000..df50164 + case GIMPLE_PHI: + interesting_conditions[PHI] = true; + return walk_phi_set_conditions(visited, interesting_conditions, lhs); -+ case GIMPLE_ASSIGN: -+ if (gimple_num_ops(def_stmt) == 2) { -+ const_tree rhs = gimple_assign_rhs1(def_stmt); ++ case GIMPLE_ASSIGN: { ++ gassign *assign = as_a_gassign(def_stmt); ++ ++ if (gimple_num_ops(assign) == 2) { ++ const_tree rhs = gimple_assign_rhs1(assign); + -+ if (gimple_assign_cast_p(def_stmt)) ++ if (gimple_assign_cast_p(assign)) + interesting_conditions[CAST] = true; + + return set_conditions(visited, interesting_conditions, rhs); @@ -126002,6 +126935,7 @@ index 0000000..df50164 + interesting_conditions[NOT_UNARY] = true; + return; + } ++ } + default: + debug_gimple_stmt(def_stmt); + gcc_unreachable(); @@ -126011,7 +126945,7 @@ index 0000000..df50164 +// determine whether duplication will be necessary or not. +static void search_interesting_conditions(struct interesting_node *cur_node, bool *interesting_conditions) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + if (gimple_assign_cast_p(cur_node->first_stmt)) + interesting_conditions[CAST] = true; @@ -126024,9 +126958,9 @@ index 0000000..df50164 +} + +// Remove the size_overflow asm stmt and create an assignment from the input and output of the asm -+static void replace_size_overflow_asm_with_assign(gimple asm_stmt, tree lhs, tree rhs) ++static void replace_size_overflow_asm_with_assign(gasm *asm_stmt, tree lhs, tree rhs) +{ -+ gimple assign; ++ gassign *assign; + gimple_stmt_iterator gsi; + + // already removed @@ -126067,13 +127001,13 @@ index 0000000..df50164 + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ def_stmt = get_def_stmt(gimple_assign_rhs1(def_stmt)); ++ def_stmt = get_def_stmt(gimple_assign_rhs1(as_a_gassign(def_stmt))); + return def_stmt && gimple_code(def_stmt) == GIMPLE_ASM; +} + -+static void walk_use_def_phi(struct pointer_set_t *visited, struct interesting_node *cur_node, tree result) ++static void walk_use_def_phi(gimple_set *visited, struct interesting_node *cur_node, tree result) +{ -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, phi); @@ -126084,9 +127018,9 @@ index 0000000..df50164 + } +} + -+static void walk_use_def_binary(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++static void walk_use_def_binary(gimple_set *visited, struct interesting_node *cur_node, tree lhs) +{ -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + tree rhs1, rhs2; + + rhs1 = gimple_assign_rhs1(def_stmt); @@ -126135,16 +127069,16 @@ index 0000000..df50164 +} + +// a size_overflow asm stmt in the control flow doesn't stop the recursion -+static void handle_asm_stmt(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs, const_gimple stmt) ++static void handle_asm_stmt(gimple_set *visited, struct interesting_node *cur_node, tree lhs, const gasm *stmt) +{ -+ if (!is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) != GIMPLE_ASM || !is_size_overflow_asm(stmt)) + walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); +} + +/* collect the parm_decls and fndecls (for checking a missing size_overflow attribute (ret or arg) or intentional_overflow) + * and component refs (for checking the intentional_overflow attribute). + */ -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++static void walk_use_def(gimple_set *visited, struct interesting_node *cur_node, tree lhs) +{ + const_gimple def_stmt; + @@ -126164,9 +127098,9 @@ index 0000000..df50164 + case GIMPLE_NOP: + return walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); + case GIMPLE_ASM: -+ return handle_asm_stmt(visited, cur_node, lhs, def_stmt); ++ return handle_asm_stmt(visited, cur_node, lhs, as_a_const_gasm(def_stmt)); + case GIMPLE_CALL: { -+ tree fndecl = gimple_call_fndecl(def_stmt); ++ tree fndecl = gimple_call_fndecl(as_a_const_gcall(def_stmt)); + + if (fndecl == NULL_TREE) + return; @@ -126178,7 +127112,7 @@ index 0000000..df50164 + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return walk_use_def(visited, cur_node, gimple_assign_rhs1(def_stmt)); ++ return walk_use_def(visited, cur_node, gimple_assign_rhs1(as_a_const_gassign(def_stmt))); + case 3: + return walk_use_def_binary(visited, cur_node, lhs); + } @@ -126192,7 +127126,7 @@ index 0000000..df50164 +// Collect all the last nodes for checking the intentional_overflow and size_overflow attributes +static void set_last_nodes(struct interesting_node *cur_node) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + visited = pointer_set_create(); + walk_use_def(visited, cur_node, cur_node->node); @@ -126245,7 +127179,7 @@ index 0000000..df50164 + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); + + assign = build_cast_stmt(visited, orig_type, new_node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static void change_orig_node(struct visited *visited, struct interesting_node *cur_node, tree new_node) @@ -126256,10 +127190,10 @@ index 0000000..df50164 + + switch (gimple_code(stmt)) { + case GIMPLE_RETURN: -+ gimple_return_set_retval(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ gimple_return_set_retval(as_a_greturn(stmt), cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + case GIMPLE_CALL: -+ gimple_call_set_arg(stmt, cur_node->num - 1, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ gimple_call_set_arg(as_a_gcall(stmt), cur_node->num - 1, cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + case GIMPLE_ASSIGN: + switch (cur_node->num) { @@ -126278,7 +127212,7 @@ index 0000000..df50164 + gcc_unreachable(); + } + -+ set_rhs(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ set_rhs(as_a_gassign(stmt), cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + default: + debug_gimple_stmt(stmt); @@ -126365,7 +127299,7 @@ index 0000000..df50164 + intentional_attr_cur_fndecl: intentional_overflow attribute of the caller function + intentional_mark_from_gimple: the intentional overflow type of size_overflow asm stmt from gimple if it exists + */ -+static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gimple asm_stmt) ++static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gasm *asm_stmt) +{ + struct interesting_node *new_node; + tree fndecl; @@ -126385,7 +127319,7 @@ index 0000000..df50164 + return head; + + if (is_gimple_call(first_stmt)) -+ fndecl = gimple_call_fndecl(first_stmt); ++ fndecl = gimple_call_fndecl(as_a_const_gcall(first_stmt)); + else + fndecl = current_function_decl; + @@ -126421,7 +127355,7 @@ index 0000000..df50164 +/* Check the ret stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). + * If the ret stmt is in the next cgraph node list then it's an interesting ret. + */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, greturn *stmt, struct next_cgraph_node *next_node) +{ + struct next_cgraph_node *cur_node; + tree ret = gimple_return_retval(stmt); @@ -126442,7 +127376,7 @@ index 0000000..df50164 +/* Check the call stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). + * If the call stmt is in the next cgraph node list then it's an interesting call. + */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gcall *stmt, struct next_cgraph_node *next_node) +{ + unsigned int argnum; + tree arg; @@ -126478,7 +127412,7 @@ index 0000000..df50164 +} + +// Get the index of the rhs node in an assignment -+static unsigned int get_assign_ops_count(const_gimple stmt, tree node) ++static unsigned int get_assign_ops_count(const gassign *stmt, tree node) +{ + const_tree rhs1, rhs2; + unsigned int ret; @@ -126506,7 +127440,7 @@ index 0000000..df50164 +} + +// Find the correct arg number of a call stmt. It is needed when the interesting function is a cloned function. -+static unsigned int find_arg_number_gimple(const_tree arg, const_gimple stmt) ++static unsigned int find_arg_number_gimple(const_tree arg, const gcall *stmt) +{ + unsigned int i; + @@ -126529,7 +127463,7 @@ index 0000000..df50164 +/* starting from the size_overflow asm stmt collect interesting stmts. They can be + * any of return, call or assignment stmts (because of inlining). + */ -+static struct interesting_node *get_interesting_ret_or_call(struct pointer_set_t *visited, struct interesting_node *head, tree node, gimple intentional_asm) ++static struct interesting_node *get_interesting_ret_or_call(tree_set *visited, struct interesting_node *head, tree node, gasm *intentional_asm) +{ + use_operand_p use_p; + imm_use_iterator imm_iter; @@ -126550,28 +127484,31 @@ index 0000000..df50164 + + switch (gimple_code(stmt)) { + case GIMPLE_CALL: -+ argnum = find_arg_number_gimple(node, stmt); ++ argnum = find_arg_number_gimple(node, as_a_gcall(stmt)); + head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); + break; + case GIMPLE_RETURN: + head = create_new_interesting_node(head, stmt, node, 0, intentional_asm); + break; + case GIMPLE_ASSIGN: -+ argnum = get_assign_ops_count(stmt, node); ++ argnum = get_assign_ops_count(as_a_const_gassign(stmt), node); + head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); + break; + case GIMPLE_PHI: { -+ tree result = gimple_phi_result(stmt); ++ tree result = gimple_phi_result(as_a_gphi(stmt)); + head = get_interesting_ret_or_call(visited, head, result, intentional_asm); + break; + } -+ case GIMPLE_ASM: -+ if (gimple_asm_noutputs(stmt) != 0) ++ case GIMPLE_ASM: { ++ gasm *asm_stmt = as_a_gasm(stmt); ++ ++ if (gimple_asm_noutputs(asm_stmt) != 0) + break; -+ if (!is_size_overflow_asm(stmt)) ++ if (!is_size_overflow_asm(asm_stmt)) + break; -+ head = create_new_interesting_node(head, stmt, node, 1, intentional_asm); ++ head = create_new_interesting_node(head, asm_stmt, node, 1, intentional_asm); + break; ++ } + case GIMPLE_COND: + case GIMPLE_SWITCH: + break; @@ -126586,66 +127523,71 @@ index 0000000..df50164 + +static void remove_size_overflow_asm(gimple stmt) +{ ++ gasm *asm_stmt; + gimple_stmt_iterator gsi; + tree input, output; + -+ if (!is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) != GIMPLE_ASM) + return; + -+ if (gimple_asm_noutputs(stmt) == 0) { -+ gsi = gsi_for_stmt(stmt); -+ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), stmt); ++ asm_stmt = as_a_gasm(stmt); ++ if (!is_size_overflow_asm(asm_stmt)) ++ return; ++ ++ if (gimple_asm_noutputs(asm_stmt) == 0) { ++ gsi = gsi_for_stmt(asm_stmt); ++ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), asm_stmt); + gsi_remove(&gsi, true); + return; + } + -+ input = gimple_asm_input_op(stmt, 0); -+ output = gimple_asm_output_op(stmt, 0); -+ replace_size_overflow_asm_with_assign(stmt, TREE_VALUE(output), TREE_VALUE(input)); ++ input = gimple_asm_input_op(asm_stmt, 0); ++ output = gimple_asm_output_op(asm_stmt, 0); ++ replace_size_overflow_asm_with_assign(asm_stmt, TREE_VALUE(output), TREE_VALUE(input)); +} + +/* handle the size_overflow asm stmts from the gimple pass and collect the interesting stmts. + * If the asm stmt is a parm_decl kind (noutputs == 0) then remove it. + * If it is a simple asm stmt then replace it with an assignment from the asm input to the asm output. + */ -+static struct interesting_node *handle_stmt_by_size_overflow_asm(gimple stmt, struct interesting_node *head) ++static struct interesting_node *handle_stmt_by_size_overflow_asm(gasm *asm_stmt, struct interesting_node *head) +{ + const_tree output; -+ struct pointer_set_t *visited; -+ gimple intentional_asm = NOT_INTENTIONAL_ASM; ++ tree_set *visited; ++ gasm *intentional_asm = NOT_INTENTIONAL_ASM; + -+ if (!is_size_overflow_asm(stmt)) ++ if (!is_size_overflow_asm(asm_stmt)) + return head; + -+ if (is_size_overflow_intentional_asm_yes(stmt) || is_size_overflow_intentional_asm_turn_off(stmt)) -+ intentional_asm = stmt; ++ if (is_size_overflow_intentional_asm_yes(asm_stmt) || is_size_overflow_intentional_asm_turn_off(asm_stmt)) ++ intentional_asm = asm_stmt; + -+ gcc_assert(gimple_asm_ninputs(stmt) == 1); ++ gcc_assert(gimple_asm_ninputs(asm_stmt) == 1); + -+ if (gimple_asm_noutputs(stmt) == 0 && is_size_overflow_intentional_asm_turn_off(stmt)) ++ if (gimple_asm_noutputs(asm_stmt) == 0 && is_size_overflow_intentional_asm_turn_off(asm_stmt)) + return head; + -+ if (gimple_asm_noutputs(stmt) == 0) { ++ if (gimple_asm_noutputs(asm_stmt) == 0) { + const_tree input; + -+ if (!is_size_overflow_intentional_asm_turn_off(stmt)) ++ if (!is_size_overflow_intentional_asm_turn_off(asm_stmt)) + return head; + -+ input = gimple_asm_input_op(stmt, 0); -+ remove_size_overflow_asm(stmt); ++ input = gimple_asm_input_op(asm_stmt, 0); ++ remove_size_overflow_asm(asm_stmt); + if (is_gimple_constant(TREE_VALUE(input))) + return head; -+ visited = pointer_set_create(); ++ visited = tree_pointer_set_create(); + head = get_interesting_ret_or_call(visited, head, TREE_VALUE(input), intentional_asm); + pointer_set_destroy(visited); + return head; + } + -+ if (!is_size_overflow_intentional_asm_yes(stmt) && !is_size_overflow_intentional_asm_turn_off(stmt)) -+ remove_size_overflow_asm(stmt); ++ if (!is_size_overflow_intentional_asm_yes(asm_stmt) && !is_size_overflow_intentional_asm_turn_off(asm_stmt)) ++ remove_size_overflow_asm(asm_stmt); + -+ visited = pointer_set_create(); -+ output = gimple_asm_output_op(stmt, 0); ++ visited = tree_pointer_set_create(); ++ output = gimple_asm_output_op(asm_stmt, 0); + head = get_interesting_ret_or_call(visited, head, TREE_VALUE(output), intentional_asm); + pointer_set_destroy(visited); + return head; @@ -126669,14 +127611,14 @@ index 0000000..df50164 + code = gimple_code(stmt); + + if (code == GIMPLE_ASM) -+ head = handle_stmt_by_size_overflow_asm(stmt, head); ++ head = handle_stmt_by_size_overflow_asm(as_a_gasm(stmt), head); + + if (!next_node) + continue; + if (code == GIMPLE_CALL) -+ head = handle_stmt_by_cgraph_nodes_call(head, stmt, next_node); ++ head = handle_stmt_by_cgraph_nodes_call(head, as_a_gcall(stmt), next_node); + if (code == GIMPLE_RETURN) -+ head = handle_stmt_by_cgraph_nodes_ret(head, stmt, next_node); ++ head = handle_stmt_by_cgraph_nodes_ret(head, as_a_greturn(stmt), next_node); + } + } + return head; @@ -126813,7 +127755,6 @@ index 0000000..df50164 + struct visited_fns *visited_fns = NULL; + + FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { -+ gcc_assert(cgraph_function_flags_ready); +#if BUILDING_GCC_VERSION <= 4007 + gcc_assert(node->reachable); +#endif @@ -126826,6 +127767,7 @@ index 0000000..df50164 +} + +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data insert_size_overflow_check_data = { +#else +static struct ipa_opt_pass_d insert_size_overflow_check = { @@ -126836,7 +127778,8 @@ index 0000000..df50164 +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -126869,36 +127812,40 @@ index 0000000..df50164 +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class insert_size_overflow_check : public ipa_opt_pass_d { +public: + insert_size_overflow_check() : ipa_opt_pass_d(insert_size_overflow_check_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return search_function(); } ++#else + unsigned int execute() { return search_function(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_insert_size_overflow_check(void) ++opt_pass *make_insert_size_overflow_check(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new insert_size_overflow_check(); ++} +#else ++struct opt_pass *make_insert_size_overflow_check(void) ++{ + return &insert_size_overflow_check.pass; -+#endif +} -+ ++#endif diff --git a/tools/gcc/size_overflow_plugin/intentional_overflow.c b/tools/gcc/size_overflow_plugin/intentional_overflow.c new file mode 100644 -index 0000000..d71d72a +index 0000000..eb62680 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/intentional_overflow.c -@@ -0,0 +1,736 @@ +@@ -0,0 +1,748 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: + * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * https://github.com/ephox-gcc-plugins + * + * Documentation: + * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 @@ -126943,7 +127890,7 @@ index 0000000..d71d72a + if (param_head == NULL_TREE) + return false; + -+ if (TREE_INT_CST_HIGH(TREE_VALUE(param_head)) == -1) ++ if (tree_to_shwi(TREE_VALUE(param_head)) == -1) + return true; + return false; +} @@ -127135,13 +128082,15 @@ index 0000000..d71d72a +{ + const_tree rhs1, lhs, rhs1_type, lhs_type; + enum machine_mode lhs_mode, rhs_mode; ++ const gassign *assign; + gimple def_stmt = get_def_stmt(no_const_rhs); + + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ lhs = gimple_assign_lhs(def_stmt); ++ assign = as_a_const_gassign(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ lhs = gimple_assign_lhs(assign); + rhs1_type = TREE_TYPE(rhs1); + lhs_type = TREE_TYPE(lhs); + rhs_mode = TYPE_MODE(rhs1_type); @@ -127165,7 +128114,7 @@ index 0000000..d71d72a + return num; + if (is_gimple_debug(use_stmt)) + continue; -+ if (gimple_assign_cast_p(use_stmt) && is_size_overflow_type(gimple_assign_lhs(use_stmt))) ++ if (gimple_assign_cast_p(use_stmt) && is_size_overflow_type(gimple_assign_lhs(as_a_const_gassign(use_stmt)))) + continue; + num++; + } @@ -127181,12 +128130,14 @@ index 0000000..d71d72a +bool is_const_plus_unsigned_signed_truncation(const_tree lhs) +{ + tree rhs1, lhs_type, rhs_type, rhs2, not_const_rhs; ++ gassign *assign; + gimple def_stmt = get_def_stmt(lhs); + + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ assign = as_a_gassign(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); + rhs_type = TREE_TYPE(rhs1); + lhs_type = TREE_TYPE(lhs); + if (TYPE_UNSIGNED(lhs_type) || !TYPE_UNSIGNED(rhs_type)) @@ -127198,11 +128149,12 @@ index 0000000..d71d72a + if (!def_stmt || !is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 3) + return false; + -+ if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR) ++ assign = as_a_gassign(def_stmt); ++ if (gimple_assign_rhs_code(assign) != PLUS_EXPR) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ rhs2 = gimple_assign_rhs2(assign); + if (!is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) + return false; + @@ -127259,7 +128211,7 @@ index 0000000..d71d72a + return false; +} + -+bool is_a_constant_overflow(const_gimple stmt, const_tree rhs) ++bool is_a_constant_overflow(const gassign *stmt, const_tree rhs) +{ + if (gimple_assign_rhs_code(stmt) == MIN_EXPR) + return false; @@ -127273,7 +128225,7 @@ index 0000000..d71d72a + return true; +} + -+static tree change_assign_rhs(struct visited *visited, gimple stmt, const_tree orig_rhs, tree new_rhs) ++static tree change_assign_rhs(struct visited *visited, gassign *stmt, const_tree orig_rhs, tree new_rhs) +{ + gimple assign; + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); @@ -127283,10 +128235,10 @@ index 0000000..d71d72a + + assign = build_cast_stmt(visited, origtype, new_rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + -+tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2) ++tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gassign *stmt, tree change_rhs, tree new_rhs2) +{ + tree new_rhs, orig_rhs; + void (*gimple_assign_set_rhs)(gimple, tree); @@ -127317,9 +128269,10 @@ index 0000000..d71d72a + return create_assign(visited, stmt, lhs, AFTER_STMT); +} + -+static bool is_subtraction_special(struct visited *visited, const_gimple stmt) ++static bool is_subtraction_special(struct visited *visited, const gassign *stmt) +{ -+ gimple rhs1_def_stmt, rhs2_def_stmt; ++ gimple def_stmt_1, def_stmt_2; ++ const gassign *rhs1_def_stmt, *rhs2_def_stmt; + const_tree rhs1_def_stmt_rhs1, rhs2_def_stmt_rhs1, rhs1_def_stmt_lhs, rhs2_def_stmt_lhs; + enum machine_mode rhs1_def_stmt_rhs1_mode, rhs2_def_stmt_rhs1_mode, rhs1_def_stmt_lhs_mode, rhs2_def_stmt_lhs_mode; + const_tree rhs1 = gimple_assign_rhs1(stmt); @@ -127333,15 +128286,18 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) + return false; + -+ rhs1_def_stmt = get_def_stmt(rhs1); -+ rhs2_def_stmt = get_def_stmt(rhs2); -+ if (!gimple_assign_cast_p(rhs1_def_stmt) || !gimple_assign_cast_p(rhs2_def_stmt)) ++ def_stmt_1 = get_def_stmt(rhs1); ++ def_stmt_2 = get_def_stmt(rhs2); ++ if (!gimple_assign_cast_p(def_stmt_1) || !gimple_assign_cast_p(def_stmt_2)) + return false; + ++ rhs1_def_stmt = as_a_const_gassign(def_stmt_1); ++ rhs2_def_stmt = as_a_const_gassign(def_stmt_2); + rhs1_def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); + rhs2_def_stmt_rhs1 = gimple_assign_rhs1(rhs2_def_stmt); + rhs1_def_stmt_lhs = gimple_assign_lhs(rhs1_def_stmt); + rhs2_def_stmt_lhs = gimple_assign_lhs(rhs2_def_stmt); ++ + rhs1_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_rhs1)); + rhs2_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_rhs1)); + rhs1_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_lhs)); @@ -127356,15 +128312,15 @@ index 0000000..d71d72a + return true; +} + -+static gimple create_binary_assign(struct visited *visited, enum tree_code code, gimple stmt, tree rhs1, tree rhs2) ++static gassign *create_binary_assign(struct visited *visited, enum tree_code code, gassign *stmt, tree rhs1, tree rhs2) +{ -+ gimple assign; ++ gassign *assign; + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); + tree type = TREE_TYPE(rhs1); + tree lhs = create_new_var(type); + + gcc_assert(types_compatible_p(type, TREE_TYPE(rhs2))); -+ assign = gimple_build_assign_with_ops(code, lhs, rhs1, rhs2); ++ assign = as_a_gassign(gimple_build_assign_with_ops(code, lhs, rhs1, rhs2)); + gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); + + gsi_insert_before(&gsi, assign, GSI_NEW_STMT); @@ -127384,11 +128340,11 @@ index 0000000..d71d72a + + gsi = gsi_for_stmt(stmt); + cast_stmt = build_cast_stmt(visited, intTI_type_node, node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ pointer_set_insert(visited->my_stmts, cast_stmt); -+ return gimple_assign_lhs(cast_stmt); ++ pointer_set_insert(visited->my_stmts, (gimple)cast_stmt); ++ return get_lhs(cast_stmt); +} + -+static tree get_def_stmt_rhs(struct visited *visited, const_tree var) ++static tree get_def_stmt_rhs(const_tree var) +{ + tree rhs1, def_stmt_rhs1; + gimple rhs1_def_stmt, def_stmt_rhs1_def_stmt, def_stmt; @@ -127396,14 +128352,13 @@ index 0000000..d71d72a + def_stmt = get_def_stmt(var); + if (!gimple_assign_cast_p(def_stmt)) + return NULL_TREE; -+ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP && pointer_set_contains(visited->my_stmts, def_stmt) && gimple_assign_cast_p(def_stmt)); + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs1 = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + rhs1_def_stmt = get_def_stmt(rhs1); + if (!gimple_assign_cast_p(rhs1_def_stmt)) + return rhs1; + -+ def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); ++ def_stmt_rhs1 = gimple_assign_rhs1(as_a_const_gassign(rhs1_def_stmt)); + def_stmt_rhs1_def_stmt = get_def_stmt(def_stmt_rhs1); + + switch (gimple_code(def_stmt_rhs1_def_stmt)) { @@ -127424,7 +128379,7 @@ index 0000000..d71d72a +{ + tree new_rhs1, new_rhs2; + tree new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1, new_lhs; -+ gimple assign, stmt = get_def_stmt(lhs); ++ gassign *assign, *stmt = as_a_gassign(get_def_stmt(lhs)); + tree rhs1 = gimple_assign_rhs1(stmt); + tree rhs2 = gimple_assign_rhs2(stmt); + @@ -127434,8 +128389,8 @@ index 0000000..d71d72a + new_rhs1 = expand(visited, caller_node, rhs1); + new_rhs2 = expand(visited, caller_node, rhs2); + -+ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs1); -+ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs2); ++ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs1); ++ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs2); + + if (new_rhs1_def_stmt_rhs1 == NULL_TREE || new_rhs2_def_stmt_rhs1 == NULL_TREE) + return NULL_TREE; @@ -127478,6 +128433,7 @@ index 0000000..d71d72a + const_tree res; + tree rhs1, rhs2, def_rhs1, def_rhs2, const_rhs, def_const_rhs; + const_gimple def_stmt; ++ const gassign *assign, *def_assign; + + if (!stmt || gimple_code(stmt) == GIMPLE_NOP) + return false; @@ -127486,8 +128442,9 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(stmt) != MULT_EXPR) + return false; + -+ rhs1 = gimple_assign_rhs1(stmt); -+ rhs2 = gimple_assign_rhs2(stmt); ++ assign = as_a_const_gassign(stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ rhs2 = gimple_assign_rhs2(assign); + if (is_gimple_constant(rhs1)) { + const_rhs = rhs1; + def_stmt = get_def_stmt(rhs2); @@ -127503,8 +128460,9 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR && gimple_assign_rhs_code(def_stmt) != MINUS_EXPR) + return false; + -+ def_rhs1 = gimple_assign_rhs1(def_stmt); -+ def_rhs2 = gimple_assign_rhs2(def_stmt); ++ def_assign = as_a_const_gassign(def_stmt); ++ def_rhs1 = gimple_assign_rhs1(def_assign); ++ def_rhs2 = gimple_assign_rhs2(def_assign); + if (is_gimple_constant(def_rhs1)) + def_const_rhs = def_rhs1; + else if (is_gimple_constant(def_rhs2)) @@ -127512,13 +128470,13 @@ index 0000000..d71d72a + else + return false; + -+ res = fold_binary_loc(gimple_location(def_stmt), MULT_EXPR, TREE_TYPE(const_rhs), const_rhs, def_const_rhs); ++ res = fold_binary_loc(gimple_location(def_assign), MULT_EXPR, TREE_TYPE(const_rhs), const_rhs, def_const_rhs); + if (is_lt_signed_type_max(res) && is_gt_zero(res)) + return false; + return true; +} + -+enum intentional_overflow_type add_mul_intentional_overflow(const_gimple stmt) ++enum intentional_overflow_type add_mul_intentional_overflow(const gassign *stmt) +{ + const_gimple def_stmt_1, def_stmt_2; + const_tree rhs1, rhs2; @@ -127584,17 +128542,17 @@ index 0000000..d71d72a + + if (!is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 2) + return false; -+ rhs = gimple_assign_rhs1(def_stmt); ++ rhs = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + def_stmt = get_def_stmt(rhs); + if (!def_stmt) + return false; + return is_call_or_cast(def_stmt); +} + -+void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt) ++void unsigned_signed_cast_intentional_overflow(struct visited *visited, gassign *stmt) +{ + unsigned int use_num; -+ gimple so_stmt; ++ gassign *so_stmt; + const_gimple def_stmt; + const_tree rhs1, rhs2; + tree rhs = gimple_assign_rhs1(stmt); @@ -127615,31 +128573,32 @@ index 0000000..d71d72a + if (!is_gimple_assign(def_stmt)) + return; + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs1 = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + if (!is_unsigned_cast_or_call_def_stmt(rhs1)) + return; + -+ rhs2 = gimple_assign_rhs2(def_stmt); ++ rhs2 = gimple_assign_rhs2(as_a_const_gassign(def_stmt)); + if (!is_unsigned_cast_or_call_def_stmt(rhs2)) + return; + if (gimple_num_ops(def_stmt) == 3 && !is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) + return; + -+ so_stmt = get_dup_stmt(visited, stmt); ++ so_stmt = as_a_gassign(get_dup_stmt(visited, stmt)); + create_up_and_down_cast(visited, so_stmt, lhs_type, gimple_assign_rhs1(so_stmt)); +} + diff --git a/tools/gcc/size_overflow_plugin/misc.c b/tools/gcc/size_overflow_plugin/misc.c new file mode 100644 -index 0000000..4bddad2 +index 0000000..253b4a8b --- /dev/null +++ b/tools/gcc/size_overflow_plugin/misc.c -@@ -0,0 +1,203 @@ +@@ -0,0 +1,219 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -127673,6 +128632,20 @@ index 0000000..4bddad2 + current_function_decl = NULL_TREE; +} + ++tree get_lhs(const_gimple stmt) ++{ ++ switch (gimple_code(stmt)) { ++ case GIMPLE_ASSIGN: ++ case GIMPLE_CALL: ++ return gimple_get_lhs(as_a_const_gassign(stmt)); ++ case GIMPLE_PHI: ++ return gimple_phi_result(as_a_const_gphi(stmt)); ++ default: ++ debug_gimple_stmt((gimple)stmt); ++ gcc_unreachable(); ++ } ++} ++ +static bool is_bool(const_tree node) +{ + const_tree type; @@ -127784,7 +128757,8 @@ index 0000000..4bddad2 + +gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force) +{ -+ gimple assign, def_stmt; ++ gimple def_stmt; ++ gassign *assign; + + gcc_assert(dst_type != NULL_TREE && rhs != NULL_TREE); + gcc_assert(!is_gimple_constant(rhs)); @@ -127840,15 +128814,16 @@ index 0000000..4bddad2 + diff --git a/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c new file mode 100644 -index 0000000..7c9e6d1 +index 0000000..de5999d --- /dev/null +++ b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c -@@ -0,0 +1,138 @@ +@@ -0,0 +1,139 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -127866,7 +128841,7 @@ index 0000000..7c9e6d1 +#include "gcc-common.h" +#include "size_overflow.h" + -+bool skip_expr_on_double_type(const_gimple stmt) ++bool skip_expr_on_double_type(const gassign *stmt) +{ + enum tree_code code = gimple_assign_rhs_code(stmt); + @@ -127888,19 +128863,19 @@ index 0000000..7c9e6d1 + } +} + -+void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs) ++void create_up_and_down_cast(struct visited *visited, gassign *use_stmt, tree orig_type, tree rhs) +{ + const_tree orig_rhs1; + tree down_lhs, new_lhs, dup_type = TREE_TYPE(rhs); -+ gimple down_cast, up_cast; ++ const_gimple down_cast, up_cast; + gimple_stmt_iterator gsi = gsi_for_stmt(use_stmt); + + down_cast = build_cast_stmt(visited, orig_type, rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ down_lhs = gimple_assign_lhs(down_cast); ++ down_lhs = get_lhs(down_cast); + + gsi = gsi_for_stmt(use_stmt); + up_cast = build_cast_stmt(visited, dup_type, down_lhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ new_lhs = gimple_assign_lhs(up_cast); ++ new_lhs = get_lhs(up_cast); + + orig_rhs1 = gimple_assign_rhs1(use_stmt); + if (operand_equal_p(orig_rhs1, rhs, 0)) @@ -127944,7 +128919,7 @@ index 0000000..7c9e6d1 + return new_type; +} + -+static void insert_cast_rhs(struct visited *visited, gimple stmt, tree rhs) ++static void insert_cast_rhs(struct visited *visited, gassign *stmt, tree rhs) +{ + tree type; + @@ -127959,7 +128934,7 @@ index 0000000..7c9e6d1 + create_up_and_down_cast(visited, stmt, type, rhs); +} + -+static void insert_cast(struct visited *visited, gimple stmt, tree rhs) ++static void insert_cast(struct visited *visited, gassign *stmt, tree rhs) +{ + if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && !is_size_overflow_type(rhs)) + return; @@ -127967,7 +128942,7 @@ index 0000000..7c9e6d1 + insert_cast_rhs(visited, stmt, rhs); +} + -+void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type) ++void insert_cast_expr(struct visited *visited, gassign *stmt, enum intentional_overflow_type type) +{ + tree rhs1, rhs2; + @@ -127984,10 +128959,10 @@ index 0000000..7c9e6d1 + diff --git a/tools/gcc/size_overflow_plugin/size_overflow.h b/tools/gcc/size_overflow_plugin/size_overflow.h new file mode 100644 -index 0000000..37f8fc3 +index 0000000..20732b1 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow.h -@@ -0,0 +1,127 @@ +@@ -0,0 +1,183 @@ +#ifndef SIZE_OVERFLOW_H +#define SIZE_OVERFLOW_H + @@ -128009,11 +128984,66 @@ index 0000000..37f8fc3 + NO_INTENTIONAL_OVERFLOW, RHS1_INTENTIONAL_OVERFLOW, RHS2_INTENTIONAL_OVERFLOW +}; + ++ ++#if BUILDING_GCC_VERSION >= 5000 ++typedef struct hash_set<const_gimple> gimple_set; ++ ++static inline bool pointer_set_insert(gimple_set *visited, const_gimple stmt) ++{ ++ return visited->add(stmt); ++} ++ ++static inline bool pointer_set_contains(gimple_set *visited, const_gimple stmt) ++{ ++ return visited->contains(stmt); ++} ++ ++static inline gimple_set* pointer_set_create(void) ++{ ++ return new hash_set<const_gimple>; ++} ++ ++static inline void pointer_set_destroy(gimple_set *visited) ++{ ++ delete visited; ++} ++ ++typedef struct hash_set<tree> tree_set; ++ ++static inline bool pointer_set_insert(tree_set *visited, tree node) ++{ ++ return visited->add(node); ++} ++ ++static inline bool pointer_set_contains(tree_set *visited, tree node) ++{ ++ return visited->contains(node); ++} ++ ++static inline tree_set *tree_pointer_set_create(void) ++{ ++ return new hash_set<tree>; ++} ++ ++static inline void pointer_set_destroy(tree_set *visited) ++{ ++ delete visited; ++} ++#else ++typedef struct pointer_set_t gimple_set; ++typedef struct pointer_set_t tree_set; ++ ++static inline tree_set *tree_pointer_set_create(void) ++{ ++ return pointer_set_create(); ++} ++#endif ++ +struct visited { -+ struct pointer_set_t *stmts; -+ struct pointer_set_t *my_stmts; -+ struct pointer_set_t *skip_expr_casts; -+ struct pointer_set_t *no_cast_check; ++ gimple_set *stmts; ++ gimple_set *my_stmts; ++ gimple_set *skip_expr_casts; ++ gimple_set *no_cast_check; +}; + +// size_overflow_plugin.c @@ -128044,10 +129074,10 @@ index 0000000..37f8fc3 + unsigned int num; + enum mark intentional_attr_decl; + enum mark intentional_attr_cur_fndecl; -+ gimple intentional_mark_from_gimple; ++ gasm *intentional_mark_from_gimple; +}; + -+extern bool is_size_overflow_asm(const_gimple stmt); ++extern bool is_size_overflow_asm(const gasm *stmt); +extern unsigned int get_function_num(const_tree node, const_tree orig_fndecl); +extern unsigned int get_correct_arg_count(unsigned int argnum, const_tree fndecl); +extern bool is_missing_function(const_tree orig_fndecl, unsigned int num); @@ -128062,8 +129092,8 @@ index 0000000..37f8fc3 + +// intentional_overflow.c +extern enum mark get_intentional_attr_type(const_tree node); -+extern bool is_size_overflow_intentional_asm_yes(const_gimple stmt); -+extern bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt); ++extern bool is_size_overflow_intentional_asm_yes(const gasm *stmt); ++extern bool is_size_overflow_intentional_asm_turn_off(const gasm *stmt); +extern bool is_end_intentional_intentional_attr(const_tree decl, unsigned int argnum); +extern bool is_yes_intentional_attr(const_tree decl, unsigned int argnum); +extern bool is_turn_off_intentional_attr(const_tree decl); @@ -128071,12 +129101,12 @@ index 0000000..37f8fc3 +extern void check_intentional_attribute_ipa(struct interesting_node *cur_node); +extern bool is_a_cast_and_const_overflow(const_tree no_const_rhs); +extern bool is_const_plus_unsigned_signed_truncation(const_tree lhs); -+extern bool is_a_constant_overflow(const_gimple stmt, const_tree rhs); -+extern tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2); ++extern bool is_a_constant_overflow(const gassign *stmt, const_tree rhs); ++extern tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gassign *stmt, tree change_rhs, tree new_rhs2); +extern tree handle_integer_truncation(struct visited *visited, struct cgraph_node *caller_node, const_tree lhs); +extern bool is_a_neg_overflow(const_gimple stmt, const_tree rhs); -+extern enum intentional_overflow_type add_mul_intentional_overflow(const_gimple def_stmt); -+extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt); ++extern enum intentional_overflow_type add_mul_intentional_overflow(const gassign *def_stmt); ++extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gassign *stmt); + + +// insert_size_overflow_check_ipa.c @@ -128093,6 +129123,7 @@ index 0000000..37f8fc3 +// misc.c +extern void set_current_function_decl(tree fndecl); +extern void unset_current_function_decl(void); ++extern tree get_lhs(const_gimple stmt); +extern gimple get_def_stmt(const_tree node); +extern tree create_new_var(tree type); +extern gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force); @@ -128104,28 +129135,29 @@ index 0000000..37f8fc3 +// insert_size_overflow_check_core.c +extern tree expand(struct visited *visited, struct cgraph_node *caller_node, tree lhs); +extern void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before); -+extern tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); ++extern tree dup_assign(struct visited *visited, gassign *oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); +extern tree create_assign(struct visited *visited, gimple oldstmt, tree rhs1, bool before); + + +// remove_unnecessary_dup.c +extern struct opt_pass *make_remove_unnecessary_dup_pass(void); -+extern void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type); -+extern bool skip_expr_on_double_type(const_gimple stmt); -+extern void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs); ++extern void insert_cast_expr(struct visited *visited, gassign *stmt, enum intentional_overflow_type type); ++extern bool skip_expr_on_double_type(const gassign *stmt); ++extern void create_up_and_down_cast(struct visited *visited, gassign *use_stmt, tree orig_type, tree rhs); + +#endif diff --git a/tools/gcc/size_overflow_plugin/size_overflow_debug.c b/tools/gcc/size_overflow_plugin/size_overflow_debug.c new file mode 100644 -index 0000000..4378111 +index 0000000..176c32f --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_debug.c -@@ -0,0 +1,116 @@ +@@ -0,0 +1,123 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -128142,7 +129174,7 @@ index 0000000..4378111 + +#include "gcc-common.h" + -+static unsigned int dump_functions(void) ++static unsigned int __unused dump_functions(void) +{ + struct cgraph_node *node; + @@ -128177,6 +129209,7 @@ index 0000000..4378111 +} + +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data dump_pass_data = { +#else +static struct ipa_opt_pass_d dump_pass = { @@ -128187,7 +129220,8 @@ index 0000000..4378111 +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -128220,23 +129254,27 @@ index 0000000..4378111 +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class dump_pass : public ipa_opt_pass_d { +public: + dump_pass() : ipa_opt_pass_d(dump_pass_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return dump_functions(); } ++#else + unsigned int execute() { return dump_functions(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_dump_pass(void) ++opt_pass *make_dump_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new dump_pass(); ++} +#else ++struct opt_pass *make_dump_pass(void) ++{ + return &dump_pass.pass; -+#endif +} ++#endif diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 index 0000000..51560ee @@ -134404,15 +135442,16 @@ index 0000000..560cd7b +zpios_read_64734 zpios_read 3 64734 NULL diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c new file mode 100644 -index 0000000..95f7abd +index 0000000..7e07890 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c -@@ -0,0 +1,259 @@ +@@ -0,0 +1,260 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -134440,7 +135479,7 @@ index 0000000..95f7abd +tree size_overflow_type_TI; + +static struct plugin_info size_overflow_plugin_info = { -+ .version = "20140725", ++ .version = "20140725_01", + .help = "no-size-overflow\tturn off size overflow checking\n", +}; + @@ -134494,7 +135533,7 @@ index 0000000..95f7abd + return NULL_TREE; + } + -+ if (TREE_INT_CST_HIGH(TREE_VALUE(args)) != 0) ++ if (tree_to_shwi(TREE_VALUE(args)) != 0) + return NULL_TREE; + + for (; args; args = TREE_CHAIN(args)) { @@ -134669,15 +135708,16 @@ index 0000000..95f7abd +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c new file mode 100644 -index 0000000..0888f6c +index 0000000..2a693fe --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c -@@ -0,0 +1,364 @@ +@@ -0,0 +1,355 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -134905,43 +135945,33 @@ index 0000000..0888f6c + return CANNOT_FIND_ARG; +} + -+static const char *get_asm_string(const_gimple stmt) -+{ -+ if (!stmt) -+ return NULL; -+ if (gimple_code(stmt) != GIMPLE_ASM) -+ return NULL; -+ -+ return gimple_asm_string(stmt); -+} -+ -+bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt) ++bool is_size_overflow_intentional_asm_turn_off(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, TURN_OFF_ASM_STR, sizeof(TURN_OFF_ASM_STR) - 1); +} + -+bool is_size_overflow_intentional_asm_yes(const_gimple stmt) ++bool is_size_overflow_intentional_asm_yes(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, YES_ASM_STR, sizeof(YES_ASM_STR) - 1); +} + -+bool is_size_overflow_asm(const_gimple stmt) ++bool is_size_overflow_asm(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, OK_ASM_STR, sizeof(OK_ASM_STR) - 1); +} + diff --git a/3.2.69/0000_README b/3.2.69/0000_README index 0df9a58..9b79be0 100644 --- a/3.2.69/0000_README +++ b/3.2.69/0000_README @@ -194,7 +194,7 @@ Patch: 1068_linux-3.2.69.patch From: http://www.kernel.org Desc: Linux 3.2.69 -Patch: 4420_grsecurity-3.1-3.2.69-201507111207.patch +Patch: 4420_grsecurity-3.1-3.2.69-201507251415.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.2.69/4420_grsecurity-3.1-3.2.69-201507111207.patch b/3.2.69/4420_grsecurity-3.1-3.2.69-201507251415.patch index d2caf34..11686d8 100644 --- a/3.2.69/4420_grsecurity-3.1-3.2.69-201507111207.patch +++ b/3.2.69/4420_grsecurity-3.1-3.2.69-201507251415.patch @@ -281,6 +281,39 @@ index 88fd7f5..b318a78 100644 ============================================================== +diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt +index 2a68089..b3300e1 100644 +--- a/Documentation/sysctl/kernel.txt ++++ b/Documentation/sysctl/kernel.txt +@@ -36,6 +36,7 @@ show up in /proc/sys/kernel: + - kptr_restrict + - kstack_depth_to_print [ X86 only ] + - l2cr [ PPC only ] ++- modify_ldt [ X86 only ] + - modprobe ==> Documentation/debugging-modules.txt + - modules_disabled + - msgmax +@@ -318,6 +319,20 @@ This flag controls the L2 cache of G3 processor boards. If + + ============================================================== + ++modify_ldt: (X86 only) ++ ++Enables (1) or disables (0) the modify_ldt syscall. Modifying the LDT ++(Local Descriptor Table) may be needed to run a 16-bit or segmented code ++such as Dosemu or Wine. This is done via a system call which is not needed ++to run portable applications, and which can sometimes be abused to exploit ++some weaknesses of the architecture, opening new vulnerabilities. ++ ++This sysctl allows one to increase the system's security by disabling the ++system call, or to restore compatibility with specific applications when it ++was already disabled. ++ ++============================================================== ++ + modules_disabled: + + A toggle value indicating if modules are allowed to be loaded diff --git a/Makefile b/Makefile index 8071888..b024b7b 100644 --- a/Makefile @@ -10454,7 +10487,7 @@ index ad8f795..2c7eec6 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 28a1bca..6eebf04 100644 +index 28a1bca..0443883 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -75,6 +75,7 @@ config X86 @@ -10554,6 +10587,29 @@ index 28a1bca..6eebf04 100644 ---help--- Map the 32-bit VDSO to the predictable old-style address too. +@@ -1720,6 +1728,22 @@ config CMDLINE_OVERRIDE + This is used to work around broken boot loaders. This should + be set to 'N' under normal conditions. + ++config DEFAULT_MODIFY_LDT_SYSCALL ++ bool "Allow userspace to modify the LDT by default" ++ default y ++ ++ ---help--- ++ Modifying the LDT (Local Descriptor Table) may be needed to run a ++ 16-bit or segmented code such as Dosemu or Wine. This is done via ++ a system call which is not needed to run portable applications, ++ and which can sometimes be abused to exploit some weaknesses of ++ the architecture, opening new vulnerabilities. ++ ++ For this reason this option allows one to enable or disable the ++ feature at runtime. It is recommended to say 'N' here to leave ++ the system protected, and to enable it at runtime only if needed ++ by setting the sys.kernel.modify_ldt sysctl. ++ + endmenu + + config ARCH_ENABLE_MEMORY_HOTPLUG diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu index e3ca7e0..b30b28a 100644 --- a/arch/x86/Kconfig.cpu @@ -22436,10 +22492,33 @@ index 4b6701e..1a3dcdb 100644 }; #endif diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c -index 0a8e65e..6e8de34 100644 +index 0a8e65e..563640b 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c -@@ -67,13 +67,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) +@@ -11,6 +11,7 @@ + #include <linux/sched.h> + #include <linux/string.h> + #include <linux/mm.h> ++#include <linux/ratelimit.h> + #include <linux/smp.h> + #include <linux/vmalloc.h> + #include <linux/uaccess.h> +@@ -21,6 +22,14 @@ + #include <asm/mmu_context.h> + #include <asm/syscalls.h> + ++#ifdef CONFIG_GRKERNSEC ++int sysctl_modify_ldt __read_only = 0; ++#elif defined(CONFIG_DEFAULT_MODIFY_LDT_SYSCALL) ++int sysctl_modify_ldt __read_only = 1; ++#else ++int sysctl_modify_ldt __read_only = 0; ++#endif ++ + #ifdef CONFIG_SMP + static void flush_ldt(void *current_mm) + { +@@ -67,13 +76,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) if (reload) { #ifdef CONFIG_SMP preempt_disable(); @@ -22455,7 +22534,7 @@ index 0a8e65e..6e8de34 100644 #endif } if (oldsize) { -@@ -95,7 +95,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) +@@ -95,7 +104,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) return err; for (i = 0; i < old->size; i++) @@ -22464,7 +22543,7 @@ index 0a8e65e..6e8de34 100644 return 0; } -@@ -116,6 +116,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) +@@ -116,6 +125,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) retval = copy_ldt(&mm->context, &old_mm->context); mutex_unlock(&old_mm->context.lock); } @@ -22489,7 +22568,7 @@ index 0a8e65e..6e8de34 100644 return retval; } -@@ -230,6 +248,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) +@@ -230,6 +257,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) } } @@ -22503,6 +22582,21 @@ index 0a8e65e..6e8de34 100644 if (!IS_ENABLED(CONFIG_X86_16BIT) && !ldt_info.seg_32bit) { error = -EINVAL; goto out_unlock; +@@ -255,6 +289,14 @@ asmlinkage int sys_modify_ldt(int func, void __user *ptr, + { + int ret = -ENOSYS; + ++ if (!sysctl_modify_ldt) { ++ printk_ratelimited(KERN_INFO ++ "Denied a call to modify_ldt() from %s[%d] (uid: %d)." ++ " Adjust sysctl if this was not an exploit attempt.\n", ++ current->comm, task_pid_nr(current), current_uid()); ++ return ret; ++ } ++ + switch (func) { + case 0: + ret = read_ldt(ptr, bytecount); diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c index a3fa43b..8966f4c 100644 --- a/arch/x86/kernel/machine_kexec_32.c @@ -46312,7 +46406,7 @@ index fed39de..8adf3152 100644 }; diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c -index 7300447..fa23d39 100644 +index 7300447..cb83d3e 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -351,7 +351,7 @@ static void macvtap_setup(struct net_device *dev) @@ -46342,6 +46436,14 @@ index 7300447..fa23d39 100644 .notifier_call = macvtap_device_event, }; +@@ -1151,6 +1151,7 @@ static void macvtap_exit(void) + class_unregister(macvtap_class); + cdev_del(&macvtap_cdev); + unregister_chrdev_region(macvtap_major, MACVTAP_NUM_DEVS); ++ idr_destroy(&minor_idr); + } + module_exit(macvtap_exit); + diff --git a/drivers/net/phy/phy_device.c b/drivers/net/phy/phy_device.c index 83a5a5a..9a9d0ae 100644 --- a/drivers/net/phy/phy_device.c @@ -46804,6 +46906,51 @@ index 3d21742..b8e03e7 100644 // waiting for all pending urbs to complete? if (dev->wait) { if ((dev->txq.qlen + dev->rxq.qlen + dev->done.qlen) == 0) { +diff --git a/drivers/net/vmxnet3/vmxnet3_drv.c b/drivers/net/vmxnet3/vmxnet3_drv.c +index 28ceef2..655b059 100644 +--- a/drivers/net/vmxnet3/vmxnet3_drv.c ++++ b/drivers/net/vmxnet3/vmxnet3_drv.c +@@ -1140,7 +1140,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + static const u32 rxprod_reg[2] = { + VMXNET3_REG_RXPROD, VMXNET3_REG_RXPROD2 + }; +- u32 num_rxd = 0; ++ u32 num_pkts = 0; + bool skip_page_frags = false; + struct Vmxnet3_RxCompDesc *rcd; + struct vmxnet3_rx_ctx *ctx = &rq->rx_ctx; +@@ -1158,13 +1158,12 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + struct Vmxnet3_RxDesc *rxd; + u32 idx, ring_idx; + struct vmxnet3_cmd_ring *ring = NULL; +- if (num_rxd >= quota) { ++ if (num_pkts >= quota) { + /* we may stop even before we see the EOP desc of + * the current pkt + */ + break; + } +- num_rxd++; + BUG_ON(rcd->rqID != rq->qid && rcd->rqID != rq->qid2); + idx = rcd->rxdIdx; + ring_idx = rcd->rqID < adapter->num_rx_queues ? 0 : 1; +@@ -1288,6 +1287,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + napi_gro_receive(&rq->napi, skb); + + ctx->skb = NULL; ++ num_pkts++; + } + + rcd_done: +@@ -1319,7 +1319,7 @@ rcd_done: + &rq->comp_ring.base[rq->comp_ring.next2proc].rcd, &rxComp); + } + +- return num_rxd; ++ return num_pkts; + } + + diff --git a/drivers/net/vmxnet3/vmxnet3_ethtool.c b/drivers/net/vmxnet3/vmxnet3_ethtool.c index e662cbc..8d4a102 100644 --- a/drivers/net/vmxnet3/vmxnet3_ethtool.c @@ -56737,10 +56884,20 @@ index 2524e4c..2962cc6a 100644 if (retval > 0) retval = 0; diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c -index 879ed88..bc03a01 100644 +index 879ed88..dbaf762 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c -@@ -1286,7 +1286,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -527,8 +527,7 @@ static struct inode *v9fs_qid_iget(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } +@@ -1286,7 +1285,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) void v9fs_vfs_put_link(struct dentry *dentry, struct nameidata *nd, void *p) { @@ -56749,6 +56906,20 @@ index 879ed88..bc03a01 100644 P9_DPRINTK(P9_DEBUG_VFS, " %s %s\n", dentry->d_name.name, IS_ERR(s) ? "<error>" : s); +diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c +index 30d4fa8..dbbc83f 100644 +--- a/fs/9p/vfs_inode_dotl.c ++++ b/fs/9p/vfs_inode_dotl.c +@@ -169,8 +169,7 @@ static struct inode *v9fs_qid_iget_dotl(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } diff --git a/fs/9p/vfs_super.c b/fs/9p/vfs_super.c index c70251d..fe305fd 100644 --- a/fs/9p/vfs_super.c @@ -59166,7 +59337,7 @@ index 739fb59..5385976 100644 static int __init init_cramfs_fs(void) { diff --git a/fs/dcache.c b/fs/dcache.c -index 8bc98af..2cc0298 100644 +index 8bc98af..68601d9 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -103,11 +103,11 @@ static unsigned int d_hash_shift __read_mostly; @@ -59185,7 +59356,31 @@ index 8bc98af..2cc0298 100644 return dentry_hashtable + (hash & D_HASHMASK); } -@@ -1016,13 +1016,13 @@ ascend: +@@ -478,15 +478,18 @@ repeat: + return; + } + +- if (dentry->d_flags & DCACHE_OP_DELETE) { ++ /* Unreachable? Get rid of it */ ++ if (unlikely(d_unhashed(dentry))) ++ goto kill_it; ++ ++ if (unlikely(dentry->d_flags & DCACHE_DISCONNECTED)) ++ goto kill_it; ++ ++ if (unlikely(dentry->d_flags & DCACHE_OP_DELETE)) { + if (dentry->d_op->d_delete(dentry)) + goto kill_it; + } + +- /* Unreachable? Get rid of it */ +- if (d_unhashed(dentry)) +- goto kill_it; +- + /* + * If this dentry needs lookup, don't set the referenced flag so that it + * is more likely to be cleaned up by the dcache shrinker in case of +@@ -1016,13 +1019,13 @@ ascend: /* might go back up the wrong parent if we have had a rename */ if (!locked && read_seqretry(&rename_lock, seq)) goto rename_retry; @@ -59203,7 +59398,7 @@ index 8bc98af..2cc0298 100644 rcu_read_unlock(); goto resume; } -@@ -1235,6 +1235,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1235,6 +1238,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) dentry->d_sb = sb; dentry->d_op = NULL; dentry->d_fsdata = NULL; @@ -59213,7 +59408,7 @@ index 8bc98af..2cc0298 100644 INIT_HLIST_BL_NODE(&dentry->d_hash); INIT_LIST_HEAD(&dentry->d_lru); INIT_LIST_HEAD(&dentry->d_subdirs); -@@ -3082,7 +3085,8 @@ void __init vfs_caches_init(unsigned long mempages) +@@ -3082,7 +3088,8 @@ void __init vfs_caches_init(unsigned long mempages) mempages -= reserve; names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0, @@ -73953,7 +74148,7 @@ index 0000000..25f54ef +}; diff --git a/grsecurity/gracl_policy.c b/grsecurity/gracl_policy.c new file mode 100644 -index 0000000..62916b2 +index 0000000..edcb09b --- /dev/null +++ b/grsecurity/gracl_policy.c @@ -0,0 +1,1780 @@ @@ -74411,7 +74606,7 @@ index 0000000..62916b2 + get_fs_root(reaper->fs, &gr_real_root); + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", __get_dev(gr_real_root.dentry), gr_real_root.dentry->d_inode->i_ino); ++ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", gr_get_dev_from_dentry(gr_real_root.dentry), gr_get_ino_from_dentry(gr_real_root.dentry)); +#endif + + fakefs_obj_rw = kzalloc(sizeof(struct acl_object_label), GFP_KERNEL); @@ -77353,7 +77548,7 @@ index 0000000..8ca18bf +} diff --git a/grsecurity/grsec_init.c b/grsecurity/grsec_init.c new file mode 100644 -index 0000000..b09101d +index 0000000..68121e2 --- /dev/null +++ b/grsecurity/grsec_init.c @@ -0,0 +1,290 @@ @@ -77366,61 +77561,61 @@ index 0000000..b09101d +#include <linux/percpu.h> +#include <linux/module.h> + -+int grsec_enable_ptrace_readexec; -+int grsec_enable_setxid; -+int grsec_enable_symlinkown; -+int grsec_symlinkown_gid; -+int grsec_enable_brute; -+int grsec_enable_link; -+int grsec_enable_dmesg; -+int grsec_enable_harden_ptrace; -+int grsec_enable_harden_ipc; -+int grsec_enable_fifo; -+int grsec_enable_execlog; -+int grsec_enable_signal; -+int grsec_enable_forkfail; -+int grsec_enable_audit_ptrace; -+int grsec_enable_time; -+int grsec_enable_group; -+int grsec_audit_gid; -+int grsec_enable_chdir; -+int grsec_enable_mount; -+int grsec_enable_rofs; -+int grsec_deny_new_usb; -+int grsec_enable_chroot_findtask; -+int grsec_enable_chroot_mount; -+int grsec_enable_chroot_shmat; -+int grsec_enable_chroot_fchdir; -+int grsec_enable_chroot_double; -+int grsec_enable_chroot_pivot; -+int grsec_enable_chroot_chdir; -+int grsec_enable_chroot_chmod; -+int grsec_enable_chroot_mknod; -+int grsec_enable_chroot_nice; -+int grsec_enable_chroot_execlog; -+int grsec_enable_chroot_caps; -+int grsec_enable_chroot_rename; -+int grsec_enable_chroot_sysctl; -+int grsec_enable_chroot_unix; -+int grsec_enable_tpe; -+int grsec_tpe_gid; -+int grsec_enable_blackhole; ++int grsec_enable_ptrace_readexec __read_only; ++int grsec_enable_setxid __read_only; ++int grsec_enable_symlinkown __read_only; ++int grsec_symlinkown_gid __read_only; ++int grsec_enable_brute __read_only; ++int grsec_enable_link __read_only; ++int grsec_enable_dmesg __read_only; ++int grsec_enable_harden_ptrace __read_only; ++int grsec_enable_harden_ipc __read_only; ++int grsec_enable_fifo __read_only; ++int grsec_enable_execlog __read_only; ++int grsec_enable_signal __read_only; ++int grsec_enable_forkfail __read_only; ++int grsec_enable_audit_ptrace __read_only; ++int grsec_enable_time __read_only; ++int grsec_enable_group __read_only; ++int grsec_audit_gid __read_only; ++int grsec_enable_chdir __read_only; ++int grsec_enable_mount __read_only; ++int grsec_enable_rofs __read_only; ++int grsec_deny_new_usb __read_only; ++int grsec_enable_chroot_findtask __read_only; ++int grsec_enable_chroot_mount __read_only; ++int grsec_enable_chroot_shmat __read_only; ++int grsec_enable_chroot_fchdir __read_only; ++int grsec_enable_chroot_double __read_only; ++int grsec_enable_chroot_pivot __read_only; ++int grsec_enable_chroot_chdir __read_only; ++int grsec_enable_chroot_chmod __read_only; ++int grsec_enable_chroot_mknod __read_only; ++int grsec_enable_chroot_nice __read_only; ++int grsec_enable_chroot_execlog __read_only; ++int grsec_enable_chroot_caps __read_only; ++int grsec_enable_chroot_rename __read_only; ++int grsec_enable_chroot_sysctl __read_only; ++int grsec_enable_chroot_unix __read_only; ++int grsec_enable_tpe __read_only; ++int grsec_tpe_gid __read_only; ++int grsec_enable_blackhole __read_only; +#ifdef CONFIG_IPV6_MODULE +EXPORT_SYMBOL_GPL(grsec_enable_blackhole); +#endif -+int grsec_lastack_retries; -+int grsec_enable_tpe_all; -+int grsec_enable_tpe_invert; -+int grsec_enable_socket_all; -+int grsec_socket_all_gid; -+int grsec_enable_socket_client; -+int grsec_socket_client_gid; -+int grsec_enable_socket_server; -+int grsec_socket_server_gid; -+int grsec_resource_logging; -+int grsec_disable_privio; -+int grsec_enable_log_rwxmaps; -+int grsec_lock; ++int grsec_lastack_retries __read_only; ++int grsec_enable_tpe_all __read_only; ++int grsec_enable_tpe_invert __read_only; ++int grsec_enable_socket_all __read_only; ++int grsec_socket_all_gid __read_only; ++int grsec_enable_socket_client __read_only; ++int grsec_socket_client_gid __read_only; ++int grsec_enable_socket_server __read_only; ++int grsec_socket_server_gid __read_only; ++int grsec_resource_logging __read_only; ++int grsec_disable_privio __read_only; ++int grsec_enable_log_rwxmaps __read_only; ++int grsec_lock __read_only; + +DEFINE_SPINLOCK(grsec_alert_lock); +unsigned long grsec_alert_wtime = 0; @@ -78849,7 +79044,7 @@ index 0000000..a523bd2 +} diff --git a/grsecurity/grsec_sysctl.c b/grsecurity/grsec_sysctl.c new file mode 100644 -index 0000000..a51b175 +index 0000000..a3b8942 --- /dev/null +++ b/grsecurity/grsec_sysctl.c @@ -0,0 +1,486 @@ @@ -78886,7 +79081,7 @@ index 0000000..a51b175 + .data = &grsec_disable_privio, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#endif @@ -78896,7 +79091,7 @@ index 0000000..a51b175 + .data = &grsec_enable_link, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SYMLINKOWN @@ -78905,14 +79100,14 @@ index 0000000..a51b175 + .data = &grsec_enable_symlinkown, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "symlinkown_gid", + .data = &grsec_symlinkown_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BRUTE @@ -78921,7 +79116,7 @@ index 0000000..a51b175 + .data = &grsec_enable_brute, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FIFO @@ -78930,7 +79125,7 @@ index 0000000..a51b175 + .data = &grsec_enable_fifo, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC @@ -78939,7 +79134,7 @@ index 0000000..a51b175 + .data = &grsec_enable_ptrace_readexec, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SETXID @@ -78948,7 +79143,7 @@ index 0000000..a51b175 + .data = &grsec_enable_setxid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BLACKHOLE @@ -78957,14 +79152,14 @@ index 0000000..a51b175 + .data = &grsec_enable_blackhole, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "lastack_retries", + .data = &grsec_lastack_retries, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_EXECLOG @@ -78973,7 +79168,7 @@ index 0000000..a51b175 + .data = &grsec_enable_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RWXMAP_LOG @@ -78982,7 +79177,7 @@ index 0000000..a51b175 + .data = &grsec_enable_log_rwxmaps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SIGNAL @@ -78991,7 +79186,7 @@ index 0000000..a51b175 + .data = &grsec_enable_signal, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FORKFAIL @@ -79000,7 +79195,7 @@ index 0000000..a51b175 + .data = &grsec_enable_forkfail, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TIME @@ -79009,7 +79204,7 @@ index 0000000..a51b175 + .data = &grsec_enable_time, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SHMAT @@ -79018,7 +79213,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_shmat, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_UNIX @@ -79027,7 +79222,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_unix, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MOUNT @@ -79036,7 +79231,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FCHDIR @@ -79045,7 +79240,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_fchdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_DOUBLE @@ -79054,7 +79249,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_double, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_PIVOT @@ -79063,7 +79258,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_pivot, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHDIR @@ -79072,7 +79267,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHMOD @@ -79081,7 +79276,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_chmod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MKNOD @@ -79090,7 +79285,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_mknod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_NICE @@ -79099,7 +79294,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_nice, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_EXECLOG @@ -79108,7 +79303,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CAPS @@ -79117,7 +79312,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_caps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_RENAME @@ -79126,7 +79321,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_rename, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SYSCTL @@ -79135,7 +79330,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_sysctl, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE @@ -79144,14 +79339,14 @@ index 0000000..a51b175 + .data = &grsec_enable_tpe, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "tpe_gid", + .data = &grsec_tpe_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_INVERT @@ -79160,7 +79355,7 @@ index 0000000..a51b175 + .data = &grsec_enable_tpe_invert, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_ALL @@ -79169,7 +79364,7 @@ index 0000000..a51b175 + .data = &grsec_enable_tpe_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_ALL @@ -79178,14 +79373,14 @@ index 0000000..a51b175 + .data = &grsec_enable_socket_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_all_gid", + .data = &grsec_socket_all_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_CLIENT @@ -79194,14 +79389,14 @@ index 0000000..a51b175 + .data = &grsec_enable_socket_client, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_client_gid", + .data = &grsec_socket_client_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_SERVER @@ -79210,14 +79405,14 @@ index 0000000..a51b175 + .data = &grsec_enable_socket_server, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_server_gid", + .data = &grsec_socket_server_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_GROUP @@ -79226,14 +79421,14 @@ index 0000000..a51b175 + .data = &grsec_enable_group, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "audit_gid", + .data = &grsec_audit_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_CHDIR @@ -79242,7 +79437,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT @@ -79251,7 +79446,7 @@ index 0000000..a51b175 + .data = &grsec_enable_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_DMESG @@ -79260,7 +79455,7 @@ index 0000000..a51b175 + .data = &grsec_enable_dmesg, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FINDTASK @@ -79269,7 +79464,7 @@ index 0000000..a51b175 + .data = &grsec_enable_chroot_findtask, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RESLOG @@ -79278,7 +79473,7 @@ index 0000000..a51b175 + .data = &grsec_resource_logging, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_PTRACE @@ -79287,7 +79482,7 @@ index 0000000..a51b175 + .data = &grsec_enable_audit_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE @@ -79296,7 +79491,7 @@ index 0000000..a51b175 + .data = &grsec_enable_harden_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_IPC @@ -79305,7 +79500,7 @@ index 0000000..a51b175 + .data = &grsec_enable_harden_ipc, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { @@ -79313,7 +79508,7 @@ index 0000000..a51b175 + .data = &grsec_lock, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_ROFS @@ -79322,7 +79517,7 @@ index 0000000..a51b175 + .data = &grsec_enable_rofs, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec_minmax, ++ .proc_handler = &proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, @@ -79333,7 +79528,7 @@ index 0000000..a51b175 + .data = &grsec_deny_new_usb, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { } @@ -80750,6 +80945,19 @@ index 04ffb2e..6799180 100644 extern struct cleancache_ops cleancache_register_ops(struct cleancache_ops *ops); +diff --git a/include/linux/clkdev.h b/include/linux/clkdev.h +index d9a4fd0..13edc9f 100644 +--- a/include/linux/clkdev.h ++++ b/include/linux/clkdev.h +@@ -32,7 +32,7 @@ struct clk_lookup { + } + + struct clk_lookup *clkdev_alloc(struct clk *clk, const char *con_id, +- const char *dev_fmt, ...); ++ const char *dev_fmt, ...) __printf(3, 4); + + void clkdev_add(struct clk_lookup *cl); + void clkdev_drop(struct clk_lookup *cl); diff --git a/include/linux/clocksource.h b/include/linux/clocksource.h index 081147d..da89543 100644 --- a/include/linux/clocksource.h @@ -80764,7 +80972,7 @@ index 081147d..da89543 100644 extern void diff --git a/include/linux/compat.h b/include/linux/compat.h -index d42bd48..a20850d 100644 +index d42bd48..f651bd9 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -240,10 +240,10 @@ long compat_sys_msgrcv(int first, int second, int msgtyp, int third, @@ -80780,6 +80988,15 @@ index d42bd48..a20850d 100644 asmlinkage long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5); asmlinkage long compat_sys_ustat(unsigned dev, struct compat_ustat __user *u32); +@@ -320,7 +320,7 @@ asmlinkage long compat_sys_settimeofday(struct compat_timeval __user *tv, + + asmlinkage long compat_sys_adjtimex(struct compat_timex __user *utp); + +-extern int compat_printk(const char *fmt, ...); ++extern __printf(1, 2) int compat_printk(const char *fmt, ...); + extern void sigset_from_compat(sigset_t *set, compat_sigset_t *compat); + + asmlinkage long compat_sys_migrate_pages(compat_pid_t pid, @@ -334,7 +334,7 @@ extern int compat_ptrace_request(struct task_struct *child, extern long compat_arch_ptrace(struct task_struct *child, compat_long_t request, compat_ulong_t addr, compat_ulong_t data); @@ -80833,10 +81050,10 @@ index 59a7e4c..8feb590 100644 #if __GNUC_MINOR__ > 0 diff --git a/include/linux/compiler-gcc5.h b/include/linux/compiler-gcc5.h -index cdd1cc2..9c1ee22 100644 +index cdd1cc2..d062745 100644 --- a/include/linux/compiler-gcc5.h +++ b/include/linux/compiler-gcc5.h -@@ -28,6 +28,31 @@ +@@ -28,6 +28,30 @@ # define __compiletime_error(message) __attribute__((error(message))) #endif /* __CHECKER__ */ @@ -80856,7 +81073,6 @@ index cdd1cc2..9c1ee22 100644 +#endif + +#ifdef SIZE_OVERFLOW_PLUGIN -+#error not yet +#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__))) +#define __intentional_overflow(...) __attribute__((intentional_overflow(__VA_ARGS__))) +#endif @@ -80868,7 +81084,7 @@ index cdd1cc2..9c1ee22 100644 /* * Mark a position in code as unreachable. This can be used to * suppress control flow warnings after asm blocks that transfer -@@ -53,7 +78,6 @@ +@@ -53,7 +77,6 @@ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 * * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. @@ -81066,19 +81282,20 @@ index 51494e6..340575ab 100644 extern bool completion_done(struct completion *x); diff --git a/include/linux/configfs.h b/include/linux/configfs.h -index 3081c58..5a0b545 100644 +index 3081c58..80789a0 100644 --- a/include/linux/configfs.h +++ b/include/linux/configfs.h -@@ -64,7 +64,7 @@ struct config_item { +@@ -64,7 +64,8 @@ struct config_item { struct dentry *ci_dentry; }; -extern int config_item_set_name(struct config_item *, const char *, ...); -+extern __printf(2, 3) int config_item_set_name(struct config_item *, const char *, ...); ++extern __printf(2, 3) ++int config_item_set_name(struct config_item *, const char *, ...); static inline char *config_item_name(struct config_item * item) { -@@ -125,7 +125,7 @@ struct configfs_attribute { +@@ -125,7 +126,7 @@ struct configfs_attribute { const char *ca_name; struct module *ca_owner; mode_t ca_mode; @@ -81279,7 +81496,7 @@ index 8acfe31..6ffccd63 100644 return c | 0x20; } diff --git a/include/linux/dcache.h b/include/linux/dcache.h -index 99374de..ac23d39 100644 +index 99374de..01feff6 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -132,6 +132,9 @@ struct dentry { @@ -81301,6 +81518,16 @@ index 99374de..ac23d39 100644 /* * dentry->d_lock spinlock nesting subclasses: +@@ -340,7 +343,8 @@ extern int d_validate(struct dentry *, struct dentry *); + /* + * helper function for dentry_operations.d_dname() members + */ +-extern char *dynamic_dname(struct dentry *, char *, int, const char *, ...); ++extern __printf(4, 5) ++char *dynamic_dname(struct dentry *, char *, int, const char *, ...); + + extern char *__d_path(const struct path *, const struct path *, char *, int); + extern char *d_absolute_path(const struct path *, char *, int); diff --git a/include/linux/decompress/mm.h b/include/linux/decompress/mm.h index 7925bf0..d5143d2 100644 --- a/include/linux/decompress/mm.h @@ -81315,7 +81542,7 @@ index 7925bf0..d5143d2 100644 #define large_malloc(a) vmalloc(a) diff --git a/include/linux/device.h b/include/linux/device.h -index a31c5d0..ff3d03b 100644 +index a31c5d0..e9e8aac 100644 --- a/include/linux/device.h +++ b/include/linux/device.h @@ -427,7 +427,7 @@ struct device_type { @@ -81335,6 +81562,23 @@ index a31c5d0..ff3d03b 100644 #define DEVICE_ATTR(_name, _mode, _show, _store) \ struct device_attribute dev_attr_##_name = __ATTR(_name, _mode, _show, _store) +@@ -757,12 +758,10 @@ extern int __must_check device_reprobe(struct device *dev); + /* + * Easy functions for dynamically creating devices on the fly + */ +-extern struct device *device_create_vargs(struct class *cls, +- struct device *parent, +- dev_t devt, +- void *drvdata, +- const char *fmt, +- va_list vargs); ++extern __printf(5, 0) ++struct device *device_create_vargs(struct class *cls, struct device *parent, ++ dev_t devt, void *drvdata, ++ const char *fmt, va_list vargs); + extern __printf(5, 6) + struct device *device_create(struct class *cls, struct device *parent, + dev_t devt, void *drvdata, diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h index e13117c..e9fc938 100644 --- a/include/linux/dma-mapping.h @@ -83441,10 +83685,42 @@ index 3875719..4663bc3 100644 /* This macro allows us to keep printk typechecking */ static __printf(1, 2) diff --git a/include/linux/kernel.h b/include/linux/kernel.h -index dcf6a8b..e1f7aa5 100644 +index dcf6a8b..a182533 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h -@@ -698,24 +698,30 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { } +@@ -326,7 +326,8 @@ extern __printf(3, 0) + int vscnprintf(char *buf, size_t size, const char *fmt, va_list args); + extern __printf(2, 3) + char *kasprintf(gfp_t gfp, const char *fmt, ...); +-extern char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); ++extern __printf(2, 0) ++char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); + + extern int sscanf(const char *, const char *, ...) + __attribute__ ((format (scanf, 2, 3))); +@@ -514,10 +515,10 @@ do { \ + __ftrace_vprintk(_THIS_IP_, fmt, vargs); \ + } while (0) + +-extern int ++extern __printf(2, 0) int + __ftrace_vbprintk(unsigned long ip, const char *fmt, va_list ap); + +-extern int ++extern __printf(2, 0) int + __ftrace_vprintk(unsigned long ip, const char *fmt, va_list ap); + + extern void ftrace_dump(enum ftrace_dump_mode oops_dump_mode); +@@ -534,7 +535,7 @@ trace_printk(const char *fmt, ...) + { + return 0; + } +-static inline int ++static __printf(1, 0) inline int + ftrace_vprintk(const char *fmt, va_list ap) + { + return 0; +@@ -698,24 +699,30 @@ static inline void ftrace_dump(enum ftrace_dump_mode oops_dump_mode) { } * @condition: the condition which the compiler should know is false. * * If you have some code which relies on certain constants being equal, or @@ -83560,10 +83836,22 @@ index f8d4b27..8560882 100644 char **envp; enum umh_wait wait; diff --git a/include/linux/kobject.h b/include/linux/kobject.h -index 445f978..24e427c 100644 +index 445f978..6b3fc2c 100644 --- a/include/linux/kobject.h +++ b/include/linux/kobject.h -@@ -111,7 +111,7 @@ struct kobj_type { +@@ -74,8 +74,9 @@ struct kobject { + + extern __printf(2, 3) + int kobject_set_name(struct kobject *kobj, const char *name, ...); +-extern int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, +- va_list vargs); ++extern __printf(2, 0) ++int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, ++ va_list vargs); + + static inline const char *kobject_name(const struct kobject *kobj) + { +@@ -111,7 +112,7 @@ struct kobj_type { struct attribute **default_attrs; const struct kobj_ns_type_operations *(*child_ns_type)(struct kobject *kobj); const void *(*namespace)(struct kobject *kobj); @@ -83572,7 +83860,7 @@ index 445f978..24e427c 100644 struct kobj_uevent_env { char *envp[UEVENT_NUM_ENVP]; -@@ -134,6 +134,7 @@ struct kobj_attribute { +@@ -134,6 +135,7 @@ struct kobj_attribute { ssize_t (*store)(struct kobject *kobj, struct kobj_attribute *attr, const char *buf, size_t count); }; @@ -83580,7 +83868,7 @@ index 445f978..24e427c 100644 extern const struct sysfs_ops kobj_sysfs_ops; -@@ -161,7 +162,7 @@ struct kset { +@@ -161,7 +163,7 @@ struct kset { spinlock_t list_lock; struct kobject kobj; const struct kset_uevent_ops *uevent_ops; @@ -84064,7 +84352,7 @@ index 174a844..11483c2 100644 /* * Standard errno values are used for errors, but some have specific diff --git a/include/linux/mmiotrace.h b/include/linux/mmiotrace.h -index c5d5278..f0b68c8 100644 +index c5d5278..85cd5ce 100644 --- a/include/linux/mmiotrace.h +++ b/include/linux/mmiotrace.h @@ -46,7 +46,7 @@ extern int kmmio_handler(struct pt_regs *regs, unsigned long addr); @@ -84085,6 +84373,14 @@ index c5d5278..f0b68c8 100644 { } +@@ -106,6 +106,6 @@ extern void enable_mmiotrace(void); + extern void disable_mmiotrace(void); + extern void mmio_trace_rw(struct mmiotrace_rw *rw); + extern void mmio_trace_mapping(struct mmiotrace_map *map); +-extern int mmio_trace_printk(const char *fmt, va_list args); ++extern __printf(1, 0) int mmio_trace_printk(const char *fmt, va_list args); + + #endif /* _LINUX_MMIOTRACE_H */ diff --git a/include/linux/mmu_notifier.h b/include/linux/mmu_notifier.h index ee2baf0..e24a58c 100644 --- a/include/linux/mmu_notifier.h @@ -86448,7 +86744,7 @@ index 27b3b0b..e093dd9 100644 extern void register_syscore_ops(struct syscore_ops *ops); extern void unregister_syscore_ops(struct syscore_ops *ops); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h -index 703cfa33..305427e 100644 +index 703cfa33..98e3375 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -155,8 +155,6 @@ enum @@ -86460,7 +86756,7 @@ index 703cfa33..305427e 100644 /* CTL_VM names: */ enum { -@@ -961,13 +959,13 @@ extern void sysctl_head_finish(struct ctl_table_header *prev); +@@ -961,17 +959,21 @@ extern void sysctl_head_finish(struct ctl_table_header *prev); extern int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op); @@ -86475,8 +86771,16 @@ index 703cfa33..305427e 100644 + void __user *, size_t *, loff_t *); extern int proc_dointvec(struct ctl_table *, int, void __user *, size_t *, loff_t *); ++extern int proc_dointvec_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); extern int proc_dointvec_minmax(struct ctl_table *, int, -@@ -1045,7 +1043,9 @@ struct ctl_table + void __user *, size_t *, loff_t *); ++extern int proc_dointvec_minmax_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); + extern int proc_dointvec_jiffies(struct ctl_table *, int, + void __user *, size_t *, loff_t *); + extern int proc_dointvec_userhz_jiffies(struct ctl_table *, int, +@@ -1045,7 +1047,9 @@ struct ctl_table struct ctl_table_poll *poll; void *extra1; void *extra2; @@ -90107,7 +90411,7 @@ index f56af55..657c675 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index 4277095..836fd7d 100644 +index 4277095..c1440e1 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -146,8 +146,15 @@ static struct srcu_struct pmus_srcu; @@ -90118,11 +90422,11 @@ index 4277095..836fd7d 100644 */ -int sysctl_perf_event_paranoid __read_mostly = 1; +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN -+int sysctl_perf_event_legitimately_concerned __read_mostly = 3; ++int sysctl_perf_event_legitimately_concerned __read_only = 3; +#elif defined(CONFIG_GRKERNSEC_HIDESYM) -+int sysctl_perf_event_legitimately_concerned __read_mostly = 2; ++int sysctl_perf_event_legitimately_concerned __read_only = 2; +#else -+int sysctl_perf_event_legitimately_concerned __read_mostly = 1; ++int sysctl_perf_event_legitimately_concerned __read_only = 1; +#endif /* Minimum for 512 kiB + 1 user control page */ @@ -91612,7 +91916,7 @@ index 91c32a0..7b88d63 100644 seq_printf(m, "%40s %14lu %29s %pS\n", name, stats->contending_point[i], diff --git a/kernel/module.c b/kernel/module.c -index 95ecd9f..dfa3a9b 100644 +index 95ecd9f..db549a6 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -58,6 +58,7 @@ @@ -91623,6 +91927,15 @@ index 95ecd9f..dfa3a9b 100644 #define CREATE_TRACE_POINTS #include <trace/events/module.h> +@@ -110,7 +111,7 @@ struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */ + + + /* Block module loading/unloading? */ +-int modules_disabled = 0; ++int modules_disabled __read_only = 0; + + /* Waiting for a module to finish initializing? */ + static DECLARE_WAIT_QUEUE_HEAD(module_wq); @@ -119,7 +120,8 @@ static BLOCKING_NOTIFIER_HEAD(module_notify_list); /* Bounds of module allocation, for speeding __module_address. @@ -92941,6 +93254,2924 @@ index c073f43..ced569b 100644 if (syslog_action_restricted(type)) { if (capable(CAP_SYSLOG)) return 0; +diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c +new file mode 100644 +index 0000000..ba98f34 +--- /dev/null ++++ b/kernel/printk/printk.c +@@ -0,0 +1,2912 @@ ++/* ++ * linux/kernel/printk.c ++ * ++ * Copyright (C) 1991, 1992 Linus Torvalds ++ * ++ * Modified to make sys_syslog() more flexible: added commands to ++ * return the last 4k of kernel messages, regardless of whether ++ * they've been read or not. Added option to suppress kernel printk's ++ * to the console. Added hook for sending the console messages ++ * elsewhere, in preparation for a serial line console (someday). ++ * Ted Ts'o, 2/11/93. ++ * Modified for sysctl support, 1/8/97, Chris Horn. ++ * Fixed SMP synchronization, 08/08/99, Manfred Spraul ++ * manfred@colorfullife.com ++ * Rewrote bits to get rid of console_lock ++ * 01Mar01 Andrew Morton ++ */ ++ ++#include <linux/kernel.h> ++#include <linux/mm.h> ++#include <linux/tty.h> ++#include <linux/tty_driver.h> ++#include <linux/console.h> ++#include <linux/init.h> ++#include <linux/jiffies.h> ++#include <linux/nmi.h> ++#include <linux/module.h> ++#include <linux/moduleparam.h> ++#include <linux/interrupt.h> /* For in_interrupt() */ ++#include <linux/delay.h> ++#include <linux/smp.h> ++#include <linux/security.h> ++#include <linux/bootmem.h> ++#include <linux/memblock.h> ++#include <linux/aio.h> ++#include <linux/syscalls.h> ++#include <linux/kexec.h> ++#include <linux/kdb.h> ++#include <linux/ratelimit.h> ++#include <linux/kmsg_dump.h> ++#include <linux/syslog.h> ++#include <linux/cpu.h> ++#include <linux/notifier.h> ++#include <linux/rculist.h> ++#include <linux/poll.h> ++#include <linux/irq_work.h> ++#include <linux/utsname.h> ++ ++#include <asm/uaccess.h> ++ ++#define CREATE_TRACE_POINTS ++#include <trace/events/printk.h> ++ ++#include "console_cmdline.h" ++#include "braille.h" ++ ++/* printk's without a loglevel use this.. */ ++#define DEFAULT_MESSAGE_LOGLEVEL CONFIG_DEFAULT_MESSAGE_LOGLEVEL ++ ++/* We show everything that is MORE important than this.. */ ++#define MINIMUM_CONSOLE_LOGLEVEL 1 /* Minimum loglevel we let people use */ ++#define DEFAULT_CONSOLE_LOGLEVEL 7 /* anything MORE serious than KERN_DEBUG */ ++ ++int console_printk[4] = { ++ DEFAULT_CONSOLE_LOGLEVEL, /* console_loglevel */ ++ DEFAULT_MESSAGE_LOGLEVEL, /* default_message_loglevel */ ++ MINIMUM_CONSOLE_LOGLEVEL, /* minimum_console_loglevel */ ++ DEFAULT_CONSOLE_LOGLEVEL, /* default_console_loglevel */ ++}; ++ ++/* ++ * Low level drivers may need that to know if they can schedule in ++ * their unblank() callback or not. So let's export it. ++ */ ++int oops_in_progress; ++EXPORT_SYMBOL(oops_in_progress); ++ ++/* ++ * console_sem protects the console_drivers list, and also ++ * provides serialisation for access to the entire console ++ * driver system. ++ */ ++static DEFINE_SEMAPHORE(console_sem); ++struct console *console_drivers; ++EXPORT_SYMBOL_GPL(console_drivers); ++ ++#ifdef CONFIG_LOCKDEP ++static struct lockdep_map console_lock_dep_map = { ++ .name = "console_lock" ++}; ++#endif ++ ++/* ++ * This is used for debugging the mess that is the VT code by ++ * keeping track if we have the console semaphore held. It's ++ * definitely not the perfect debug tool (we don't know if _WE_ ++ * hold it are racing, but it helps tracking those weird code ++ * path in the console code where we end up in places I want ++ * locked without the console sempahore held ++ */ ++static int console_locked, console_suspended; ++ ++/* ++ * If exclusive_console is non-NULL then only this console is to be printed to. ++ */ ++static struct console *exclusive_console; ++ ++/* ++ * Array of consoles built from command line options (console=) ++ */ ++ ++#define MAX_CMDLINECONSOLES 8 ++ ++static struct console_cmdline console_cmdline[MAX_CMDLINECONSOLES]; ++ ++static int selected_console = -1; ++static int preferred_console = -1; ++int console_set_on_cmdline; ++EXPORT_SYMBOL(console_set_on_cmdline); ++ ++/* Flag: console code may call schedule() */ ++static int console_may_schedule; ++ ++/* ++ * The printk log buffer consists of a chain of concatenated variable ++ * length records. Every record starts with a record header, containing ++ * the overall length of the record. ++ * ++ * The heads to the first and last entry in the buffer, as well as the ++ * sequence numbers of these both entries are maintained when messages ++ * are stored.. ++ * ++ * If the heads indicate available messages, the length in the header ++ * tells the start next message. A length == 0 for the next message ++ * indicates a wrap-around to the beginning of the buffer. ++ * ++ * Every record carries the monotonic timestamp in microseconds, as well as ++ * the standard userspace syslog level and syslog facility. The usual ++ * kernel messages use LOG_KERN; userspace-injected messages always carry ++ * a matching syslog facility, by default LOG_USER. The origin of every ++ * message can be reliably determined that way. ++ * ++ * The human readable log message directly follows the message header. The ++ * length of the message text is stored in the header, the stored message ++ * is not terminated. ++ * ++ * Optionally, a message can carry a dictionary of properties (key/value pairs), ++ * to provide userspace with a machine-readable message context. ++ * ++ * Examples for well-defined, commonly used property names are: ++ * DEVICE=b12:8 device identifier ++ * b12:8 block dev_t ++ * c127:3 char dev_t ++ * n8 netdev ifindex ++ * +sound:card0 subsystem:devname ++ * SUBSYSTEM=pci driver-core subsystem name ++ * ++ * Valid characters in property names are [a-zA-Z0-9.-_]. The plain text value ++ * follows directly after a '=' character. Every property is terminated by ++ * a '\0' character. The last property is not terminated. ++ * ++ * Example of a message structure: ++ * 0000 ff 8f 00 00 00 00 00 00 monotonic time in nsec ++ * 0008 34 00 record is 52 bytes long ++ * 000a 0b 00 text is 11 bytes long ++ * 000c 1f 00 dictionary is 23 bytes long ++ * 000e 03 00 LOG_KERN (facility) LOG_ERR (level) ++ * 0010 69 74 27 73 20 61 20 6c "it's a l" ++ * 69 6e 65 "ine" ++ * 001b 44 45 56 49 43 "DEVIC" ++ * 45 3d 62 38 3a 32 00 44 "E=b8:2\0D" ++ * 52 49 56 45 52 3d 62 75 "RIVER=bu" ++ * 67 "g" ++ * 0032 00 00 00 padding to next message header ++ * ++ * The 'struct printk_log' buffer header must never be directly exported to ++ * userspace, it is a kernel-private implementation detail that might ++ * need to be changed in the future, when the requirements change. ++ * ++ * /dev/kmsg exports the structured data in the following line format: ++ * "level,sequnum,timestamp;<message text>\n" ++ * ++ * The optional key/value pairs are attached as continuation lines starting ++ * with a space character and terminated by a newline. All possible ++ * non-prinatable characters are escaped in the "\xff" notation. ++ * ++ * Users of the export format should ignore possible additional values ++ * separated by ',', and find the message after the ';' character. ++ */ ++ ++enum log_flags { ++ LOG_NOCONS = 1, /* already flushed, do not print to console */ ++ LOG_NEWLINE = 2, /* text ended with a newline */ ++ LOG_PREFIX = 4, /* text started with a prefix */ ++ LOG_CONT = 8, /* text is a fragment of a continuation line */ ++}; ++ ++struct printk_log { ++ u64 ts_nsec; /* timestamp in nanoseconds */ ++ u16 len; /* length of entire record */ ++ u16 text_len; /* length of text buffer */ ++ u16 dict_len; /* length of dictionary buffer */ ++ u8 facility; /* syslog facility */ ++ u8 flags:5; /* internal record flags */ ++ u8 level:3; /* syslog level */ ++}; ++ ++/* ++ * The logbuf_lock protects kmsg buffer, indices, counters. It is also ++ * used in interesting ways to provide interlocking in console_unlock(); ++ */ ++static DEFINE_RAW_SPINLOCK(logbuf_lock); ++ ++#ifdef CONFIG_PRINTK ++DECLARE_WAIT_QUEUE_HEAD(log_wait); ++/* the next printk record to read by syslog(READ) or /proc/kmsg */ ++static u64 syslog_seq; ++static u32 syslog_idx; ++static enum log_flags syslog_prev; ++static size_t syslog_partial; ++ ++/* index and sequence number of the first record stored in the buffer */ ++static u64 log_first_seq; ++static u32 log_first_idx; ++ ++/* index and sequence number of the next record to store in the buffer */ ++static u64 log_next_seq; ++static u32 log_next_idx; ++ ++/* the next printk record to write to the console */ ++static u64 console_seq; ++static u32 console_idx; ++static enum log_flags console_prev; ++ ++/* the next printk record to read after the last 'clear' command */ ++static u64 clear_seq; ++static u32 clear_idx; ++ ++#define PREFIX_MAX 32 ++#define LOG_LINE_MAX 1024 - PREFIX_MAX ++ ++/* record buffer */ ++#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ++#define LOG_ALIGN 4 ++#else ++#define LOG_ALIGN __alignof__(struct printk_log) ++#endif ++#define __LOG_BUF_LEN (1 << CONFIG_LOG_BUF_SHIFT) ++static char __log_buf[__LOG_BUF_LEN] __aligned(LOG_ALIGN); ++static char *log_buf = __log_buf; ++static u32 log_buf_len = __LOG_BUF_LEN; ++ ++/* cpu currently holding logbuf_lock */ ++static volatile unsigned int logbuf_cpu = UINT_MAX; ++ ++/* human readable text of the record */ ++static char *log_text(const struct printk_log *msg) ++{ ++ return (char *)msg + sizeof(struct printk_log); ++} ++ ++/* optional key/value pair dictionary attached to the record */ ++static char *log_dict(const struct printk_log *msg) ++{ ++ return (char *)msg + sizeof(struct printk_log) + msg->text_len; ++} ++ ++/* get record by index; idx must point to valid msg */ ++static struct printk_log *log_from_idx(u32 idx) ++{ ++ struct printk_log *msg = (struct printk_log *)(log_buf + idx); ++ ++ /* ++ * A length == 0 record is the end of buffer marker. Wrap around and ++ * read the message at the start of the buffer. ++ */ ++ if (!msg->len) ++ return (struct printk_log *)log_buf; ++ return msg; ++} ++ ++/* get next record; idx must point to valid msg */ ++static u32 log_next(u32 idx) ++{ ++ struct printk_log *msg = (struct printk_log *)(log_buf + idx); ++ ++ /* length == 0 indicates the end of the buffer; wrap */ ++ /* ++ * A length == 0 record is the end of buffer marker. Wrap around and ++ * read the message at the start of the buffer as *this* one, and ++ * return the one after that. ++ */ ++ if (!msg->len) { ++ msg = (struct printk_log *)log_buf; ++ return msg->len; ++ } ++ return idx + msg->len; ++} ++ ++/* insert record into the buffer, discard old ones, update heads */ ++static void log_store(int facility, int level, ++ enum log_flags flags, u64 ts_nsec, ++ const char *dict, u16 dict_len, ++ const char *text, u16 text_len) ++{ ++ struct printk_log *msg; ++ u32 size, pad_len; ++ ++ /* number of '\0' padding bytes to next message */ ++ size = sizeof(struct printk_log) + text_len + dict_len; ++ pad_len = (-size) & (LOG_ALIGN - 1); ++ size += pad_len; ++ ++ while (log_first_seq < log_next_seq) { ++ u32 free; ++ ++ if (log_next_idx > log_first_idx) ++ free = max(log_buf_len - log_next_idx, log_first_idx); ++ else ++ free = log_first_idx - log_next_idx; ++ ++ if (free > size + sizeof(struct printk_log)) ++ break; ++ ++ /* drop old messages until we have enough contiuous space */ ++ log_first_idx = log_next(log_first_idx); ++ log_first_seq++; ++ } ++ ++ if (log_next_idx + size + sizeof(struct printk_log) >= log_buf_len) { ++ /* ++ * This message + an additional empty header does not fit ++ * at the end of the buffer. Add an empty header with len == 0 ++ * to signify a wrap around. ++ */ ++ memset(log_buf + log_next_idx, 0, sizeof(struct printk_log)); ++ log_next_idx = 0; ++ } ++ ++ /* fill message */ ++ msg = (struct printk_log *)(log_buf + log_next_idx); ++ memcpy(log_text(msg), text, text_len); ++ msg->text_len = text_len; ++ memcpy(log_dict(msg), dict, dict_len); ++ msg->dict_len = dict_len; ++ msg->facility = facility; ++ msg->level = level & 7; ++ msg->flags = flags & 0x1f; ++ if (ts_nsec > 0) ++ msg->ts_nsec = ts_nsec; ++ else ++ msg->ts_nsec = local_clock(); ++ memset(log_dict(msg) + dict_len, 0, pad_len); ++ msg->len = sizeof(struct printk_log) + text_len + dict_len + pad_len; ++ ++ /* insert message */ ++ log_next_idx += msg->len; ++ log_next_seq++; ++} ++ ++#ifdef CONFIG_SECURITY_DMESG_RESTRICT ++int dmesg_restrict __read_only = 1; ++#else ++int dmesg_restrict __read_only; ++#endif ++ ++static int syslog_action_restricted(int type) ++{ ++ if (dmesg_restrict) ++ return 1; ++ /* ++ * Unless restricted, we allow "read all" and "get buffer size" ++ * for everybody. ++ */ ++ return type != SYSLOG_ACTION_READ_ALL && ++ type != SYSLOG_ACTION_SIZE_BUFFER; ++} ++ ++static int check_syslog_permissions(int type, bool from_file) ++{ ++ /* ++ * If this is from /proc/kmsg and we've already opened it, then we've ++ * already done the capabilities checks at open time. ++ */ ++ if (from_file && type != SYSLOG_ACTION_OPEN) ++ return 0; ++ ++#ifdef CONFIG_GRKERNSEC_DMESG ++ if (grsec_enable_dmesg && !capable(CAP_SYSLOG) && !capable_nolog(CAP_SYS_ADMIN)) ++ return -EPERM; ++#endif ++ ++ if (syslog_action_restricted(type)) { ++ if (capable(CAP_SYSLOG)) ++ return 0; ++ /* ++ * For historical reasons, accept CAP_SYS_ADMIN too, with ++ * a warning. ++ */ ++ if (capable(CAP_SYS_ADMIN)) { ++ pr_warn_once("%s (%d): Attempt to access syslog with " ++ "CAP_SYS_ADMIN but no CAP_SYSLOG " ++ "(deprecated).\n", ++ current->comm, task_pid_nr(current)); ++ return 0; ++ } ++ return -EPERM; ++ } ++ return security_syslog(type); ++} ++ ++ ++/* /dev/kmsg - userspace message inject/listen interface */ ++struct devkmsg_user { ++ u64 seq; ++ u32 idx; ++ enum log_flags prev; ++ struct mutex lock; ++ char buf[8192]; ++}; ++ ++static ssize_t devkmsg_writev(struct kiocb *iocb, const struct iovec *iv, ++ unsigned long count, loff_t pos) ++{ ++ char *buf, *line; ++ int i; ++ int level = default_message_loglevel; ++ int facility = 1; /* LOG_USER */ ++ size_t len = iov_length(iv, count); ++ ssize_t ret = len; ++ ++ if (len > LOG_LINE_MAX) ++ return -EINVAL; ++ buf = kmalloc(len+1, GFP_KERNEL); ++ if (buf == NULL) ++ return -ENOMEM; ++ ++ line = buf; ++ for (i = 0; i < count; i++) { ++ if (copy_from_user(line, iv[i].iov_base, iv[i].iov_len)) { ++ ret = -EFAULT; ++ goto out; ++ } ++ line += iv[i].iov_len; ++ } ++ ++ /* ++ * Extract and skip the syslog prefix <[0-9]*>. Coming from userspace ++ * the decimal value represents 32bit, the lower 3 bit are the log ++ * level, the rest are the log facility. ++ * ++ * If no prefix or no userspace facility is specified, we ++ * enforce LOG_USER, to be able to reliably distinguish ++ * kernel-generated messages from userspace-injected ones. ++ */ ++ line = buf; ++ if (line[0] == '<') { ++ char *endp = NULL; ++ ++ i = simple_strtoul(line+1, &endp, 10); ++ if (endp && endp[0] == '>') { ++ level = i & 7; ++ if (i >> 3) ++ facility = i >> 3; ++ endp++; ++ len -= endp - line; ++ line = endp; ++ } ++ } ++ line[len] = '\0'; ++ ++ printk_emit(facility, level, NULL, 0, "%s", line); ++out: ++ kfree(buf); ++ return ret; ++} ++ ++static ssize_t devkmsg_read(struct file *file, char __user *buf, ++ size_t count, loff_t *ppos) ++{ ++ struct devkmsg_user *user = file->private_data; ++ struct printk_log *msg; ++ u64 ts_usec; ++ size_t i; ++ char cont = '-'; ++ size_t len; ++ ssize_t ret; ++ ++ if (!user) ++ return -EBADF; ++ ++ ret = mutex_lock_interruptible(&user->lock); ++ if (ret) ++ return ret; ++ raw_spin_lock_irq(&logbuf_lock); ++ while (user->seq == log_next_seq) { ++ if (file->f_flags & O_NONBLOCK) { ++ ret = -EAGAIN; ++ raw_spin_unlock_irq(&logbuf_lock); ++ goto out; ++ } ++ ++ raw_spin_unlock_irq(&logbuf_lock); ++ ret = wait_event_interruptible(log_wait, ++ user->seq != log_next_seq); ++ if (ret) ++ goto out; ++ raw_spin_lock_irq(&logbuf_lock); ++ } ++ ++ if (user->seq < log_first_seq) { ++ /* our last seen message is gone, return error and reset */ ++ user->idx = log_first_idx; ++ user->seq = log_first_seq; ++ ret = -EPIPE; ++ raw_spin_unlock_irq(&logbuf_lock); ++ goto out; ++ } ++ ++ msg = log_from_idx(user->idx); ++ ts_usec = msg->ts_nsec; ++ do_div(ts_usec, 1000); ++ ++ /* ++ * If we couldn't merge continuation line fragments during the print, ++ * export the stored flags to allow an optional external merge of the ++ * records. Merging the records isn't always neccessarily correct, like ++ * when we hit a race during printing. In most cases though, it produces ++ * better readable output. 'c' in the record flags mark the first ++ * fragment of a line, '+' the following. ++ */ ++ if (msg->flags & LOG_CONT && !(user->prev & LOG_CONT)) ++ cont = 'c'; ++ else if ((msg->flags & LOG_CONT) || ++ ((user->prev & LOG_CONT) && !(msg->flags & LOG_PREFIX))) ++ cont = '+'; ++ ++ len = sprintf(user->buf, "%u,%llu,%llu,%c;", ++ (msg->facility << 3) | msg->level, ++ user->seq, ts_usec, cont); ++ user->prev = msg->flags; ++ ++ /* escape non-printable characters */ ++ for (i = 0; i < msg->text_len; i++) { ++ unsigned char c = log_text(msg)[i]; ++ ++ if (c < ' ' || c >= 127 || c == '\\') ++ len += sprintf(user->buf + len, "\\x%02x", c); ++ else ++ user->buf[len++] = c; ++ } ++ user->buf[len++] = '\n'; ++ ++ if (msg->dict_len) { ++ bool line = true; ++ ++ for (i = 0; i < msg->dict_len; i++) { ++ unsigned char c = log_dict(msg)[i]; ++ ++ if (line) { ++ user->buf[len++] = ' '; ++ line = false; ++ } ++ ++ if (c == '\0') { ++ user->buf[len++] = '\n'; ++ line = true; ++ continue; ++ } ++ ++ if (c < ' ' || c >= 127 || c == '\\') { ++ len += sprintf(user->buf + len, "\\x%02x", c); ++ continue; ++ } ++ ++ user->buf[len++] = c; ++ } ++ user->buf[len++] = '\n'; ++ } ++ ++ user->idx = log_next(user->idx); ++ user->seq++; ++ raw_spin_unlock_irq(&logbuf_lock); ++ ++ if (len > count) { ++ ret = -EINVAL; ++ goto out; ++ } ++ ++ if (copy_to_user(buf, user->buf, len)) { ++ ret = -EFAULT; ++ goto out; ++ } ++ ret = len; ++out: ++ mutex_unlock(&user->lock); ++ return ret; ++} ++ ++static loff_t devkmsg_llseek(struct file *file, loff_t offset, int whence) ++{ ++ struct devkmsg_user *user = file->private_data; ++ loff_t ret = 0; ++ ++ if (!user) ++ return -EBADF; ++ if (offset) ++ return -ESPIPE; ++ ++ raw_spin_lock_irq(&logbuf_lock); ++ switch (whence) { ++ case SEEK_SET: ++ /* the first record */ ++ user->idx = log_first_idx; ++ user->seq = log_first_seq; ++ break; ++ case SEEK_DATA: ++ /* ++ * The first record after the last SYSLOG_ACTION_CLEAR, ++ * like issued by 'dmesg -c'. Reading /dev/kmsg itself ++ * changes no global state, and does not clear anything. ++ */ ++ user->idx = clear_idx; ++ user->seq = clear_seq; ++ break; ++ case SEEK_END: ++ /* after the last record */ ++ user->idx = log_next_idx; ++ user->seq = log_next_seq; ++ break; ++ default: ++ ret = -EINVAL; ++ } ++ raw_spin_unlock_irq(&logbuf_lock); ++ return ret; ++} ++ ++static unsigned int devkmsg_poll(struct file *file, poll_table *wait) ++{ ++ struct devkmsg_user *user = file->private_data; ++ int ret = 0; ++ ++ if (!user) ++ return POLLERR|POLLNVAL; ++ ++ poll_wait(file, &log_wait, wait); ++ ++ raw_spin_lock_irq(&logbuf_lock); ++ if (user->seq < log_next_seq) { ++ /* return error when data has vanished underneath us */ ++ if (user->seq < log_first_seq) ++ ret = POLLIN|POLLRDNORM|POLLERR|POLLPRI; ++ else ++ ret = POLLIN|POLLRDNORM; ++ } ++ raw_spin_unlock_irq(&logbuf_lock); ++ ++ return ret; ++} ++ ++static int devkmsg_open(struct inode *inode, struct file *file) ++{ ++ struct devkmsg_user *user; ++ int err; ++ ++ /* write-only does not need any file context */ ++ if ((file->f_flags & O_ACCMODE) == O_WRONLY) ++ return 0; ++ ++ err = check_syslog_permissions(SYSLOG_ACTION_READ_ALL, ++ SYSLOG_FROM_READER); ++ if (err) ++ return err; ++ ++ user = kmalloc(sizeof(struct devkmsg_user), GFP_KERNEL); ++ if (!user) ++ return -ENOMEM; ++ ++ mutex_init(&user->lock); ++ ++ raw_spin_lock_irq(&logbuf_lock); ++ user->idx = log_first_idx; ++ user->seq = log_first_seq; ++ raw_spin_unlock_irq(&logbuf_lock); ++ ++ file->private_data = user; ++ return 0; ++} ++ ++static int devkmsg_release(struct inode *inode, struct file *file) ++{ ++ struct devkmsg_user *user = file->private_data; ++ ++ if (!user) ++ return 0; ++ ++ mutex_destroy(&user->lock); ++ kfree(user); ++ return 0; ++} ++ ++const struct file_operations kmsg_fops = { ++ .open = devkmsg_open, ++ .read = devkmsg_read, ++ .aio_write = devkmsg_writev, ++ .llseek = devkmsg_llseek, ++ .poll = devkmsg_poll, ++ .release = devkmsg_release, ++}; ++ ++#ifdef CONFIG_KEXEC ++/* ++ * This appends the listed symbols to /proc/vmcore ++ * ++ * /proc/vmcore is used by various utilities, like crash and makedumpfile to ++ * obtain access to symbols that are otherwise very difficult to locate. These ++ * symbols are specifically used so that utilities can access and extract the ++ * dmesg log from a vmcore file after a crash. ++ */ ++void log_buf_kexec_setup(void) ++{ ++ VMCOREINFO_SYMBOL(log_buf); ++ VMCOREINFO_SYMBOL(log_buf_len); ++ VMCOREINFO_SYMBOL(log_first_idx); ++ VMCOREINFO_SYMBOL(log_next_idx); ++ /* ++ * Export struct printk_log size and field offsets. User space tools can ++ * parse it and detect any changes to structure down the line. ++ */ ++ VMCOREINFO_STRUCT_SIZE(printk_log); ++ VMCOREINFO_OFFSET(printk_log, ts_nsec); ++ VMCOREINFO_OFFSET(printk_log, len); ++ VMCOREINFO_OFFSET(printk_log, text_len); ++ VMCOREINFO_OFFSET(printk_log, dict_len); ++} ++#endif ++ ++/* requested log_buf_len from kernel cmdline */ ++static unsigned long __initdata new_log_buf_len; ++ ++/* save requested log_buf_len since it's too early to process it */ ++static int __init log_buf_len_setup(char *str) ++{ ++ unsigned size = memparse(str, &str); ++ ++ if (size) ++ size = roundup_pow_of_two(size); ++ if (size > log_buf_len) ++ new_log_buf_len = size; ++ ++ return 0; ++} ++early_param("log_buf_len", log_buf_len_setup); ++ ++void __init setup_log_buf(int early) ++{ ++ unsigned long flags; ++ char *new_log_buf; ++ int free; ++ ++ if (!new_log_buf_len) ++ return; ++ ++ if (early) { ++ new_log_buf = ++ memblock_virt_alloc(new_log_buf_len, PAGE_SIZE); ++ } else { ++ new_log_buf = memblock_virt_alloc_nopanic(new_log_buf_len, 0); ++ } ++ ++ if (unlikely(!new_log_buf)) { ++ pr_err("log_buf_len: %ld bytes not available\n", ++ new_log_buf_len); ++ return; ++ } ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ log_buf_len = new_log_buf_len; ++ log_buf = new_log_buf; ++ new_log_buf_len = 0; ++ free = __LOG_BUF_LEN - log_next_idx; ++ memcpy(log_buf, __log_buf, __LOG_BUF_LEN); ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ ++ pr_info("log_buf_len: %d\n", log_buf_len); ++ pr_info("early log buf free: %d(%d%%)\n", ++ free, (free * 100) / __LOG_BUF_LEN); ++} ++ ++static bool __read_mostly ignore_loglevel; ++ ++static int __init ignore_loglevel_setup(char *str) ++{ ++ ignore_loglevel = 1; ++ pr_info("debug: ignoring loglevel setting.\n"); ++ ++ return 0; ++} ++ ++early_param("ignore_loglevel", ignore_loglevel_setup); ++module_param(ignore_loglevel, bool, S_IRUGO | S_IWUSR); ++MODULE_PARM_DESC(ignore_loglevel, "ignore loglevel setting, to" ++ "print all kernel messages to the console."); ++ ++#ifdef CONFIG_BOOT_PRINTK_DELAY ++ ++static int boot_delay; /* msecs delay after each printk during bootup */ ++static unsigned long long loops_per_msec; /* based on boot_delay */ ++ ++static int __init boot_delay_setup(char *str) ++{ ++ unsigned long lpj; ++ ++ lpj = preset_lpj ? preset_lpj : 1000000; /* some guess */ ++ loops_per_msec = (unsigned long long)lpj / 1000 * HZ; ++ ++ get_option(&str, &boot_delay); ++ if (boot_delay > 10 * 1000) ++ boot_delay = 0; ++ ++ pr_debug("boot_delay: %u, preset_lpj: %ld, lpj: %lu, " ++ "HZ: %d, loops_per_msec: %llu\n", ++ boot_delay, preset_lpj, lpj, HZ, loops_per_msec); ++ return 0; ++} ++early_param("boot_delay", boot_delay_setup); ++ ++static void boot_delay_msec(int level) ++{ ++ unsigned long long k; ++ unsigned long timeout; ++ ++ if ((boot_delay == 0 || system_state != SYSTEM_BOOTING) ++ || (level >= console_loglevel && !ignore_loglevel)) { ++ return; ++ } ++ ++ k = (unsigned long long)loops_per_msec * boot_delay; ++ ++ timeout = jiffies + msecs_to_jiffies(boot_delay); ++ while (k) { ++ k--; ++ cpu_relax(); ++ /* ++ * use (volatile) jiffies to prevent ++ * compiler reduction; loop termination via jiffies ++ * is secondary and may or may not happen. ++ */ ++ if (time_after(jiffies, timeout)) ++ break; ++ touch_nmi_watchdog(); ++ } ++} ++#else ++static inline void boot_delay_msec(int level) ++{ ++} ++#endif ++ ++#if defined(CONFIG_PRINTK_TIME) ++static bool printk_time = 1; ++#else ++static bool printk_time; ++#endif ++module_param_named(time, printk_time, bool, S_IRUGO | S_IWUSR); ++ ++static size_t print_time(u64 ts, char *buf) ++{ ++ unsigned long rem_nsec; ++ ++ if (!printk_time) ++ return 0; ++ ++ rem_nsec = do_div(ts, 1000000000); ++ ++ if (!buf) ++ return snprintf(NULL, 0, "[%5lu.000000] ", (unsigned long)ts); ++ ++ return sprintf(buf, "[%5lu.%06lu] ", ++ (unsigned long)ts, rem_nsec / 1000); ++} ++ ++static size_t print_prefix(const struct printk_log *msg, bool syslog, char *buf) ++{ ++ size_t len = 0; ++ unsigned int prefix = (msg->facility << 3) | msg->level; ++ ++ if (syslog) { ++ if (buf) { ++ len += sprintf(buf, "<%u>", prefix); ++ } else { ++ len += 3; ++ if (prefix > 999) ++ len += 3; ++ else if (prefix > 99) ++ len += 2; ++ else if (prefix > 9) ++ len++; ++ } ++ } ++ ++ len += print_time(msg->ts_nsec, buf ? buf + len : NULL); ++ return len; ++} ++ ++static size_t msg_print_text(const struct printk_log *msg, enum log_flags prev, ++ bool syslog, char *buf, size_t size) ++{ ++ const char *text = log_text(msg); ++ size_t text_size = msg->text_len; ++ bool prefix = true; ++ bool newline = true; ++ size_t len = 0; ++ ++ if ((prev & LOG_CONT) && !(msg->flags & LOG_PREFIX)) ++ prefix = false; ++ ++ if (msg->flags & LOG_CONT) { ++ if ((prev & LOG_CONT) && !(prev & LOG_NEWLINE)) ++ prefix = false; ++ ++ if (!(msg->flags & LOG_NEWLINE)) ++ newline = false; ++ } ++ ++ do { ++ const char *next = memchr(text, '\n', text_size); ++ size_t text_len; ++ ++ if (next) { ++ text_len = next - text; ++ next++; ++ text_size -= next - text; ++ } else { ++ text_len = text_size; ++ } ++ ++ if (buf) { ++ if (print_prefix(msg, syslog, NULL) + ++ text_len + 1 >= size - len) ++ break; ++ ++ if (prefix) ++ len += print_prefix(msg, syslog, buf + len); ++ memcpy(buf + len, text, text_len); ++ len += text_len; ++ if (next || newline) ++ buf[len++] = '\n'; ++ } else { ++ /* SYSLOG_ACTION_* buffer size only calculation */ ++ if (prefix) ++ len += print_prefix(msg, syslog, NULL); ++ len += text_len; ++ if (next || newline) ++ len++; ++ } ++ ++ prefix = true; ++ text = next; ++ } while (text); ++ ++ return len; ++} ++ ++static int syslog_print(char __user *buf, int size) ++{ ++ char *text; ++ struct printk_log *msg; ++ int len = 0; ++ ++ text = kmalloc(LOG_LINE_MAX + PREFIX_MAX, GFP_KERNEL); ++ if (!text) ++ return -ENOMEM; ++ ++ while (size > 0) { ++ size_t n; ++ size_t skip; ++ ++ raw_spin_lock_irq(&logbuf_lock); ++ if (syslog_seq < log_first_seq) { ++ /* messages are gone, move to first one */ ++ syslog_seq = log_first_seq; ++ syslog_idx = log_first_idx; ++ syslog_prev = 0; ++ syslog_partial = 0; ++ } ++ if (syslog_seq == log_next_seq) { ++ raw_spin_unlock_irq(&logbuf_lock); ++ break; ++ } ++ ++ skip = syslog_partial; ++ msg = log_from_idx(syslog_idx); ++ n = msg_print_text(msg, syslog_prev, true, text, ++ LOG_LINE_MAX + PREFIX_MAX); ++ if (n - syslog_partial <= size) { ++ /* message fits into buffer, move forward */ ++ syslog_idx = log_next(syslog_idx); ++ syslog_seq++; ++ syslog_prev = msg->flags; ++ n -= syslog_partial; ++ syslog_partial = 0; ++ } else if (!len){ ++ /* partial read(), remember position */ ++ n = size; ++ syslog_partial += n; ++ } else ++ n = 0; ++ raw_spin_unlock_irq(&logbuf_lock); ++ ++ if (!n) ++ break; ++ ++ if (copy_to_user(buf, text + skip, n)) { ++ if (!len) ++ len = -EFAULT; ++ break; ++ } ++ ++ len += n; ++ size -= n; ++ buf += n; ++ } ++ ++ kfree(text); ++ return len; ++} ++ ++static int syslog_print_all(char __user *buf, int size, bool clear) ++{ ++ char *text; ++ int len = 0; ++ ++ text = kmalloc(LOG_LINE_MAX + PREFIX_MAX, GFP_KERNEL); ++ if (!text) ++ return -ENOMEM; ++ ++ raw_spin_lock_irq(&logbuf_lock); ++ if (buf) { ++ u64 next_seq; ++ u64 seq; ++ u32 idx; ++ enum log_flags prev; ++ ++ if (clear_seq < log_first_seq) { ++ /* messages are gone, move to first available one */ ++ clear_seq = log_first_seq; ++ clear_idx = log_first_idx; ++ } ++ ++ /* ++ * Find first record that fits, including all following records, ++ * into the user-provided buffer for this dump. ++ */ ++ seq = clear_seq; ++ idx = clear_idx; ++ prev = 0; ++ while (seq < log_next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ len += msg_print_text(msg, prev, true, NULL, 0); ++ prev = msg->flags; ++ idx = log_next(idx); ++ seq++; ++ } ++ ++ /* move first record forward until length fits into the buffer */ ++ seq = clear_seq; ++ idx = clear_idx; ++ prev = 0; ++ while (len > size && seq < log_next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ len -= msg_print_text(msg, prev, true, NULL, 0); ++ prev = msg->flags; ++ idx = log_next(idx); ++ seq++; ++ } ++ ++ /* last message fitting into this dump */ ++ next_seq = log_next_seq; ++ ++ len = 0; ++ while (len >= 0 && seq < next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ int textlen; ++ ++ textlen = msg_print_text(msg, prev, true, text, ++ LOG_LINE_MAX + PREFIX_MAX); ++ if (textlen < 0) { ++ len = textlen; ++ break; ++ } ++ idx = log_next(idx); ++ seq++; ++ prev = msg->flags; ++ ++ raw_spin_unlock_irq(&logbuf_lock); ++ if (copy_to_user(buf + len, text, textlen)) ++ len = -EFAULT; ++ else ++ len += textlen; ++ raw_spin_lock_irq(&logbuf_lock); ++ ++ if (seq < log_first_seq) { ++ /* messages are gone, move to next one */ ++ seq = log_first_seq; ++ idx = log_first_idx; ++ prev = 0; ++ } ++ } ++ } ++ ++ if (clear) { ++ clear_seq = log_next_seq; ++ clear_idx = log_next_idx; ++ } ++ raw_spin_unlock_irq(&logbuf_lock); ++ ++ kfree(text); ++ return len; ++} ++ ++int do_syslog(int type, char __user *buf, int len, bool from_file) ++{ ++ bool clear = false; ++ static int saved_console_loglevel = -1; ++ int error; ++ ++ error = check_syslog_permissions(type, from_file); ++ if (error) ++ goto out; ++ ++ error = security_syslog(type); ++ if (error) ++ return error; ++ ++ switch (type) { ++ case SYSLOG_ACTION_CLOSE: /* Close log */ ++ break; ++ case SYSLOG_ACTION_OPEN: /* Open log */ ++ break; ++ case SYSLOG_ACTION_READ: /* Read from log */ ++ error = -EINVAL; ++ if (!buf || len < 0) ++ goto out; ++ error = 0; ++ if (!len) ++ goto out; ++ if (!access_ok(VERIFY_WRITE, buf, len)) { ++ error = -EFAULT; ++ goto out; ++ } ++ error = wait_event_interruptible(log_wait, ++ syslog_seq != log_next_seq); ++ if (error) ++ goto out; ++ error = syslog_print(buf, len); ++ break; ++ /* Read/clear last kernel messages */ ++ case SYSLOG_ACTION_READ_CLEAR: ++ clear = true; ++ /* FALL THRU */ ++ /* Read last kernel messages */ ++ case SYSLOG_ACTION_READ_ALL: ++ error = -EINVAL; ++ if (!buf || len < 0) ++ goto out; ++ error = 0; ++ if (!len) ++ goto out; ++ if (!access_ok(VERIFY_WRITE, buf, len)) { ++ error = -EFAULT; ++ goto out; ++ } ++ error = syslog_print_all(buf, len, clear); ++ break; ++ /* Clear ring buffer */ ++ case SYSLOG_ACTION_CLEAR: ++ syslog_print_all(NULL, 0, true); ++ break; ++ /* Disable logging to console */ ++ case SYSLOG_ACTION_CONSOLE_OFF: ++ if (saved_console_loglevel == -1) ++ saved_console_loglevel = console_loglevel; ++ console_loglevel = minimum_console_loglevel; ++ break; ++ /* Enable logging to console */ ++ case SYSLOG_ACTION_CONSOLE_ON: ++ if (saved_console_loglevel != -1) { ++ console_loglevel = saved_console_loglevel; ++ saved_console_loglevel = -1; ++ } ++ break; ++ /* Set level of messages printed to console */ ++ case SYSLOG_ACTION_CONSOLE_LEVEL: ++ error = -EINVAL; ++ if (len < 1 || len > 8) ++ goto out; ++ if (len < minimum_console_loglevel) ++ len = minimum_console_loglevel; ++ console_loglevel = len; ++ /* Implicitly re-enable logging to console */ ++ saved_console_loglevel = -1; ++ error = 0; ++ break; ++ /* Number of chars in the log buffer */ ++ case SYSLOG_ACTION_SIZE_UNREAD: ++ raw_spin_lock_irq(&logbuf_lock); ++ if (syslog_seq < log_first_seq) { ++ /* messages are gone, move to first one */ ++ syslog_seq = log_first_seq; ++ syslog_idx = log_first_idx; ++ syslog_prev = 0; ++ syslog_partial = 0; ++ } ++ if (from_file) { ++ /* ++ * Short-cut for poll(/"proc/kmsg") which simply checks ++ * for pending data, not the size; return the count of ++ * records, not the length. ++ */ ++ error = log_next_idx - syslog_idx; ++ } else { ++ u64 seq = syslog_seq; ++ u32 idx = syslog_idx; ++ enum log_flags prev = syslog_prev; ++ ++ error = 0; ++ while (seq < log_next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ error += msg_print_text(msg, prev, true, NULL, 0); ++ idx = log_next(idx); ++ seq++; ++ prev = msg->flags; ++ } ++ error -= syslog_partial; ++ } ++ raw_spin_unlock_irq(&logbuf_lock); ++ break; ++ /* Size of the log buffer */ ++ case SYSLOG_ACTION_SIZE_BUFFER: ++ error = log_buf_len; ++ break; ++ default: ++ error = -EINVAL; ++ break; ++ } ++out: ++ return error; ++} ++ ++SYSCALL_DEFINE3(syslog, int, type, char __user *, buf, int, len) ++{ ++ return do_syslog(type, buf, len, SYSLOG_FROM_READER); ++} ++ ++/* ++ * Call the console drivers, asking them to write out ++ * log_buf[start] to log_buf[end - 1]. ++ * The console_lock must be held. ++ */ ++static void call_console_drivers(int level, const char *text, size_t len) ++{ ++ struct console *con; ++ ++ trace_console(text, len); ++ ++ if (level >= console_loglevel && !ignore_loglevel) ++ return; ++ if (!console_drivers) ++ return; ++ ++ for_each_console(con) { ++ if (exclusive_console && con != exclusive_console) ++ continue; ++ if (!(con->flags & CON_ENABLED)) ++ continue; ++ if (!con->write) ++ continue; ++ if (!cpu_online(smp_processor_id()) && ++ !(con->flags & CON_ANYTIME)) ++ continue; ++ con->write(con, text, len); ++ } ++} ++ ++/* ++ * Zap console related locks when oopsing. Only zap at most once ++ * every 10 seconds, to leave time for slow consoles to print a ++ * full oops. ++ */ ++static void zap_locks(void) ++{ ++ static unsigned long oops_timestamp; ++ ++ if (time_after_eq(jiffies, oops_timestamp) && ++ !time_after(jiffies, oops_timestamp + 30 * HZ)) ++ return; ++ ++ oops_timestamp = jiffies; ++ ++ debug_locks_off(); ++ /* If a crash is occurring, make sure we can't deadlock */ ++ raw_spin_lock_init(&logbuf_lock); ++ /* And make sure that we print immediately */ ++ sema_init(&console_sem, 1); ++} ++ ++/* Check if we have any console registered that can be called early in boot. */ ++static int have_callable_console(void) ++{ ++ struct console *con; ++ ++ for_each_console(con) ++ if (con->flags & CON_ANYTIME) ++ return 1; ++ ++ return 0; ++} ++ ++/* ++ * Can we actually use the console at this time on this cpu? ++ * ++ * Console drivers may assume that per-cpu resources have ++ * been allocated. So unless they're explicitly marked as ++ * being able to cope (CON_ANYTIME) don't call them until ++ * this CPU is officially up. ++ */ ++static inline int can_use_console(unsigned int cpu) ++{ ++ return cpu_online(cpu) || have_callable_console(); ++} ++ ++/* ++ * Try to get console ownership to actually show the kernel ++ * messages from a 'printk'. Return true (and with the ++ * console_lock held, and 'console_locked' set) if it ++ * is successful, false otherwise. ++ * ++ * This gets called with the 'logbuf_lock' spinlock held and ++ * interrupts disabled. It should return with 'lockbuf_lock' ++ * released but interrupts still disabled. ++ */ ++static int console_trylock_for_printk(unsigned int cpu) ++ __releases(&logbuf_lock) ++{ ++ int retval = 0, wake = 0; ++ ++ if (console_trylock()) { ++ retval = 1; ++ ++ /* ++ * If we can't use the console, we need to release ++ * the console semaphore by hand to avoid flushing ++ * the buffer. We need to hold the console semaphore ++ * in order to do this test safely. ++ */ ++ if (!can_use_console(cpu)) { ++ console_locked = 0; ++ wake = 1; ++ retval = 0; ++ } ++ } ++ logbuf_cpu = UINT_MAX; ++ raw_spin_unlock(&logbuf_lock); ++ if (wake) ++ up(&console_sem); ++ return retval; ++} ++ ++int printk_delay_msec __read_mostly; ++ ++static inline void printk_delay(void) ++{ ++ if (unlikely(printk_delay_msec)) { ++ int m = printk_delay_msec; ++ ++ while (m--) { ++ mdelay(1); ++ touch_nmi_watchdog(); ++ } ++ } ++} ++ ++/* ++ * Continuation lines are buffered, and not committed to the record buffer ++ * until the line is complete, or a race forces it. The line fragments ++ * though, are printed immediately to the consoles to ensure everything has ++ * reached the console in case of a kernel crash. ++ */ ++static struct cont { ++ char buf[LOG_LINE_MAX]; ++ size_t len; /* length == 0 means unused buffer */ ++ size_t cons; /* bytes written to console */ ++ struct task_struct *owner; /* task of first print*/ ++ u64 ts_nsec; /* time of first print */ ++ u8 level; /* log level of first message */ ++ u8 facility; /* log level of first message */ ++ enum log_flags flags; /* prefix, newline flags */ ++ bool flushed:1; /* buffer sealed and committed */ ++} cont; ++ ++static void cont_flush(enum log_flags flags) ++{ ++ if (cont.flushed) ++ return; ++ if (cont.len == 0) ++ return; ++ ++ if (cont.cons) { ++ /* ++ * If a fragment of this line was directly flushed to the ++ * console; wait for the console to pick up the rest of the ++ * line. LOG_NOCONS suppresses a duplicated output. ++ */ ++ log_store(cont.facility, cont.level, flags | LOG_NOCONS, ++ cont.ts_nsec, NULL, 0, cont.buf, cont.len); ++ cont.flags = flags; ++ cont.flushed = true; ++ } else { ++ /* ++ * If no fragment of this line ever reached the console, ++ * just submit it to the store and free the buffer. ++ */ ++ log_store(cont.facility, cont.level, flags, 0, ++ NULL, 0, cont.buf, cont.len); ++ cont.len = 0; ++ } ++} ++ ++static bool cont_add(int facility, int level, const char *text, size_t len) ++{ ++ if (cont.len && cont.flushed) ++ return false; ++ ++ if (cont.len + len > sizeof(cont.buf)) { ++ /* the line gets too long, split it up in separate records */ ++ cont_flush(LOG_CONT); ++ return false; ++ } ++ ++ if (!cont.len) { ++ cont.facility = facility; ++ cont.level = level; ++ cont.owner = current; ++ cont.ts_nsec = local_clock(); ++ cont.flags = 0; ++ cont.cons = 0; ++ cont.flushed = false; ++ } ++ ++ memcpy(cont.buf + cont.len, text, len); ++ cont.len += len; ++ ++ if (cont.len > (sizeof(cont.buf) * 80) / 100) ++ cont_flush(LOG_CONT); ++ ++ return true; ++} ++ ++static size_t cont_print_text(char *text, size_t size) ++{ ++ size_t textlen = 0; ++ size_t len; ++ ++ if (cont.cons == 0 && (console_prev & LOG_NEWLINE)) { ++ textlen += print_time(cont.ts_nsec, text); ++ size -= textlen; ++ } ++ ++ len = cont.len - cont.cons; ++ if (len > 0) { ++ if (len+1 > size) ++ len = size-1; ++ memcpy(text + textlen, cont.buf + cont.cons, len); ++ textlen += len; ++ cont.cons = cont.len; ++ } ++ ++ if (cont.flushed) { ++ if (cont.flags & LOG_NEWLINE) ++ text[textlen++] = '\n'; ++ /* got everything, release buffer */ ++ cont.len = 0; ++ } ++ return textlen; ++} ++ ++asmlinkage int vprintk_emit(int facility, int level, ++ const char *dict, size_t dictlen, ++ const char *fmt, va_list args) ++{ ++ static int recursion_bug; ++ static char textbuf[LOG_LINE_MAX]; ++ char *text = textbuf; ++ size_t text_len; ++ enum log_flags lflags = 0; ++ unsigned long flags; ++ int this_cpu; ++ int printed_len = 0; ++ ++ boot_delay_msec(level); ++ printk_delay(); ++ ++ /* This stops the holder of console_sem just where we want him */ ++ local_irq_save(flags); ++ this_cpu = smp_processor_id(); ++ ++ /* ++ * Ouch, printk recursed into itself! ++ */ ++ if (unlikely(logbuf_cpu == this_cpu)) { ++ /* ++ * If a crash is occurring during printk() on this CPU, ++ * then try to get the crash message out but make sure ++ * we can't deadlock. Otherwise just return to avoid the ++ * recursion and return - but flag the recursion so that ++ * it can be printed at the next appropriate moment: ++ */ ++ if (!oops_in_progress && !lockdep_recursing(current)) { ++ recursion_bug = 1; ++ goto out_restore_irqs; ++ } ++ zap_locks(); ++ } ++ ++ lockdep_off(); ++ raw_spin_lock(&logbuf_lock); ++ logbuf_cpu = this_cpu; ++ ++ if (recursion_bug) { ++ static const char recursion_msg[] = ++ "BUG: recent printk recursion!"; ++ ++ recursion_bug = 0; ++ printed_len += strlen(recursion_msg); ++ /* emit KERN_CRIT message */ ++ log_store(0, 2, LOG_PREFIX|LOG_NEWLINE, 0, ++ NULL, 0, recursion_msg, printed_len); ++ } ++ ++ /* ++ * The printf needs to come first; we need the syslog ++ * prefix which might be passed-in as a parameter. ++ */ ++ text_len = vscnprintf(text, sizeof(textbuf), fmt, args); ++ ++ /* mark and strip a trailing newline */ ++ if (text_len && text[text_len-1] == '\n') { ++ text_len--; ++ lflags |= LOG_NEWLINE; ++ } ++ ++ /* strip kernel syslog prefix and extract log level or control flags */ ++ if (facility == 0) { ++ int kern_level = printk_get_level(text); ++ ++ if (kern_level) { ++ const char *end_of_header = printk_skip_level(text); ++ switch (kern_level) { ++ case '0' ... '7': ++ if (level == -1) ++ level = kern_level - '0'; ++ case 'd': /* KERN_DEFAULT */ ++ lflags |= LOG_PREFIX; ++ case 'c': /* KERN_CONT */ ++ break; ++ } ++ text_len -= end_of_header - text; ++ text = (char *)end_of_header; ++ } ++ } ++ ++ if (level == -1) ++ level = default_message_loglevel; ++ ++ if (dict) ++ lflags |= LOG_PREFIX|LOG_NEWLINE; ++ ++ if (!(lflags & LOG_NEWLINE)) { ++ /* ++ * Flush the conflicting buffer. An earlier newline was missing, ++ * or another task also prints continuation lines. ++ */ ++ if (cont.len && (lflags & LOG_PREFIX || cont.owner != current)) ++ cont_flush(LOG_NEWLINE); ++ ++ /* buffer line if possible, otherwise store it right away */ ++ if (!cont_add(facility, level, text, text_len)) ++ log_store(facility, level, lflags | LOG_CONT, 0, ++ dict, dictlen, text, text_len); ++ } else { ++ bool stored = false; ++ ++ /* ++ * If an earlier newline was missing and it was the same task, ++ * either merge it with the current buffer and flush, or if ++ * there was a race with interrupts (prefix == true) then just ++ * flush it out and store this line separately. ++ * If the preceding printk was from a different task and missed ++ * a newline, flush and append the newline. ++ */ ++ if (cont.len) { ++ if (cont.owner == current && !(lflags & LOG_PREFIX)) ++ stored = cont_add(facility, level, text, ++ text_len); ++ cont_flush(LOG_NEWLINE); ++ } ++ ++ if (!stored) ++ log_store(facility, level, lflags, 0, ++ dict, dictlen, text, text_len); ++ } ++ printed_len += text_len; ++ ++ /* ++ * Try to acquire and then immediately release the console semaphore. ++ * The release will print out buffers and wake up /dev/kmsg and syslog() ++ * users. ++ * ++ * The console_trylock_for_printk() function will release 'logbuf_lock' ++ * regardless of whether it actually gets the console semaphore or not. ++ */ ++ if (console_trylock_for_printk(this_cpu)) ++ console_unlock(); ++ ++ lockdep_on(); ++out_restore_irqs: ++ local_irq_restore(flags); ++ ++ return printed_len; ++} ++EXPORT_SYMBOL(vprintk_emit); ++ ++asmlinkage int vprintk(const char *fmt, va_list args) ++{ ++ return vprintk_emit(0, -1, NULL, 0, fmt, args); ++} ++EXPORT_SYMBOL(vprintk); ++ ++asmlinkage int printk_emit(int facility, int level, ++ const char *dict, size_t dictlen, ++ const char *fmt, ...) ++{ ++ va_list args; ++ int r; ++ ++ va_start(args, fmt); ++ r = vprintk_emit(facility, level, dict, dictlen, fmt, args); ++ va_end(args); ++ ++ return r; ++} ++EXPORT_SYMBOL(printk_emit); ++ ++/** ++ * printk - print a kernel message ++ * @fmt: format string ++ * ++ * This is printk(). It can be called from any context. We want it to work. ++ * ++ * We try to grab the console_lock. If we succeed, it's easy - we log the ++ * output and call the console drivers. If we fail to get the semaphore, we ++ * place the output into the log buffer and return. The current holder of ++ * the console_sem will notice the new output in console_unlock(); and will ++ * send it to the consoles before releasing the lock. ++ * ++ * One effect of this deferred printing is that code which calls printk() and ++ * then changes console_loglevel may break. This is because console_loglevel ++ * is inspected when the actual printing occurs. ++ * ++ * See also: ++ * printf(3) ++ * ++ * See the vsnprintf() documentation for format string extensions over C99. ++ */ ++asmlinkage int printk(const char *fmt, ...) ++{ ++ va_list args; ++ int r; ++ ++#ifdef CONFIG_KGDB_KDB ++ if (unlikely(kdb_trap_printk)) { ++ va_start(args, fmt); ++ r = vkdb_printf(fmt, args); ++ va_end(args); ++ return r; ++ } ++#endif ++ va_start(args, fmt); ++ r = vprintk_emit(0, -1, NULL, 0, fmt, args); ++ va_end(args); ++ ++ return r; ++} ++EXPORT_SYMBOL(printk); ++ ++#else /* CONFIG_PRINTK */ ++ ++#define LOG_LINE_MAX 0 ++#define PREFIX_MAX 0 ++#define LOG_LINE_MAX 0 ++static u64 syslog_seq; ++static u32 syslog_idx; ++static u64 console_seq; ++static u32 console_idx; ++static enum log_flags syslog_prev; ++static u64 log_first_seq; ++static u32 log_first_idx; ++static u64 log_next_seq; ++static enum log_flags console_prev; ++static struct cont { ++ size_t len; ++ size_t cons; ++ u8 level; ++ bool flushed:1; ++} cont; ++static struct printk_log *log_from_idx(u32 idx) { return NULL; } ++static u32 log_next(u32 idx) { return 0; } ++static void call_console_drivers(int level, const char *text, size_t len) {} ++static size_t msg_print_text(const struct printk_log *msg, enum log_flags prev, ++ bool syslog, char *buf, size_t size) { return 0; } ++static size_t cont_print_text(char *text, size_t size) { return 0; } ++ ++#endif /* CONFIG_PRINTK */ ++ ++#ifdef CONFIG_EARLY_PRINTK ++struct console *early_console; ++ ++void early_vprintk(const char *fmt, va_list ap) ++{ ++ if (early_console) { ++ char buf[512]; ++ int n = vscnprintf(buf, sizeof(buf), fmt, ap); ++ ++ early_console->write(early_console, buf, n); ++ } ++} ++ ++asmlinkage void early_printk(const char *fmt, ...) ++{ ++ va_list ap; ++ ++ va_start(ap, fmt); ++ early_vprintk(fmt, ap); ++ va_end(ap); ++} ++#endif ++ ++static int __add_preferred_console(char *name, int idx, char *options, ++ char *brl_options) ++{ ++ struct console_cmdline *c; ++ int i; ++ ++ /* ++ * See if this tty is not yet registered, and ++ * if we have a slot free. ++ */ ++ for (i = 0, c = console_cmdline; ++ i < MAX_CMDLINECONSOLES && c->name[0]; ++ i++, c++) { ++ if (strcmp(c->name, name) == 0 && c->index == idx) { ++ if (!brl_options) ++ selected_console = i; ++ return 0; ++ } ++ } ++ if (i == MAX_CMDLINECONSOLES) ++ return -E2BIG; ++ if (!brl_options) ++ selected_console = i; ++ strlcpy(c->name, name, sizeof(c->name)); ++ c->options = options; ++ braille_set_options(c, brl_options); ++ ++ c->index = idx; ++ return 0; ++} ++/* ++ * Set up a list of consoles. Called from init/main.c ++ */ ++static int __init console_setup(char *str) ++{ ++ char buf[sizeof(console_cmdline[0].name) + 4]; /* 4 for index */ ++ char *s, *options, *brl_options = NULL; ++ int idx; ++ ++ if (_braille_console_setup(&str, &brl_options)) ++ return 1; ++ ++ /* ++ * Decode str into name, index, options. ++ */ ++ if (str[0] >= '0' && str[0] <= '9') { ++ strcpy(buf, "ttyS"); ++ strncpy(buf + 4, str, sizeof(buf) - 5); ++ } else { ++ strncpy(buf, str, sizeof(buf) - 1); ++ } ++ buf[sizeof(buf) - 1] = 0; ++ if ((options = strchr(str, ',')) != NULL) ++ *(options++) = 0; ++#ifdef __sparc__ ++ if (!strcmp(str, "ttya")) ++ strcpy(buf, "ttyS0"); ++ if (!strcmp(str, "ttyb")) ++ strcpy(buf, "ttyS1"); ++#endif ++ for (s = buf; *s; s++) ++ if ((*s >= '0' && *s <= '9') || *s == ',') ++ break; ++ idx = simple_strtoul(s, NULL, 10); ++ *s = 0; ++ ++ __add_preferred_console(buf, idx, options, brl_options); ++ console_set_on_cmdline = 1; ++ return 1; ++} ++__setup("console=", console_setup); ++ ++/** ++ * add_preferred_console - add a device to the list of preferred consoles. ++ * @name: device name ++ * @idx: device index ++ * @options: options for this console ++ * ++ * The last preferred console added will be used for kernel messages ++ * and stdin/out/err for init. Normally this is used by console_setup ++ * above to handle user-supplied console arguments; however it can also ++ * be used by arch-specific code either to override the user or more ++ * commonly to provide a default console (ie from PROM variables) when ++ * the user has not supplied one. ++ */ ++int add_preferred_console(char *name, int idx, char *options) ++{ ++ return __add_preferred_console(name, idx, options, NULL); ++} ++ ++int update_console_cmdline(char *name, int idx, char *name_new, int idx_new, char *options) ++{ ++ struct console_cmdline *c; ++ int i; ++ ++ for (i = 0, c = console_cmdline; ++ i < MAX_CMDLINECONSOLES && c->name[0]; ++ i++, c++) ++ if (strcmp(c->name, name) == 0 && c->index == idx) { ++ strlcpy(c->name, name_new, sizeof(c->name)); ++ c->name[sizeof(c->name) - 1] = 0; ++ c->options = options; ++ c->index = idx_new; ++ return i; ++ } ++ /* not found */ ++ return -1; ++} ++ ++bool console_suspend_enabled = 1; ++EXPORT_SYMBOL(console_suspend_enabled); ++ ++static int __init console_suspend_disable(char *str) ++{ ++ console_suspend_enabled = 0; ++ return 1; ++} ++__setup("no_console_suspend", console_suspend_disable); ++module_param_named(console_suspend, console_suspend_enabled, ++ bool, S_IRUGO | S_IWUSR); ++MODULE_PARM_DESC(console_suspend, "suspend console during suspend" ++ " and hibernate operations"); ++ ++/** ++ * suspend_console - suspend the console subsystem ++ * ++ * This disables printk() while we go into suspend states ++ */ ++void suspend_console(void) ++{ ++ if (!console_suspend_enabled) ++ return; ++ printk("Suspending console(s) (use no_console_suspend to debug)\n"); ++ console_lock(); ++ console_suspended = 1; ++ up(&console_sem); ++} ++ ++void resume_console(void) ++{ ++ if (!console_suspend_enabled) ++ return; ++ down(&console_sem); ++ console_suspended = 0; ++ console_unlock(); ++} ++ ++/** ++ * console_cpu_notify - print deferred console messages after CPU hotplug ++ * @self: notifier struct ++ * @action: CPU hotplug event ++ * @hcpu: unused ++ * ++ * If printk() is called from a CPU that is not online yet, the messages ++ * will be spooled but will not show up on the console. This function is ++ * called when a new CPU comes online (or fails to come up), and ensures ++ * that any such output gets printed. ++ */ ++static int console_cpu_notify(struct notifier_block *self, ++ unsigned long action, void *hcpu) ++{ ++ switch (action) { ++ case CPU_ONLINE: ++ case CPU_DEAD: ++ case CPU_DOWN_FAILED: ++ case CPU_UP_CANCELED: ++ console_lock(); ++ console_unlock(); ++ } ++ return NOTIFY_OK; ++} ++ ++/** ++ * console_lock - lock the console system for exclusive use. ++ * ++ * Acquires a lock which guarantees that the caller has ++ * exclusive access to the console system and the console_drivers list. ++ * ++ * Can sleep, returns nothing. ++ */ ++void console_lock(void) ++{ ++ might_sleep(); ++ ++ down(&console_sem); ++ if (console_suspended) ++ return; ++ console_locked = 1; ++ console_may_schedule = 1; ++ mutex_acquire(&console_lock_dep_map, 0, 0, _RET_IP_); ++} ++EXPORT_SYMBOL(console_lock); ++ ++/** ++ * console_trylock - try to lock the console system for exclusive use. ++ * ++ * Tried to acquire a lock which guarantees that the caller has ++ * exclusive access to the console system and the console_drivers list. ++ * ++ * returns 1 on success, and 0 on failure to acquire the lock. ++ */ ++int console_trylock(void) ++{ ++ if (down_trylock(&console_sem)) ++ return 0; ++ if (console_suspended) { ++ up(&console_sem); ++ return 0; ++ } ++ console_locked = 1; ++ console_may_schedule = 0; ++ mutex_acquire(&console_lock_dep_map, 0, 1, _RET_IP_); ++ return 1; ++} ++EXPORT_SYMBOL(console_trylock); ++ ++int is_console_locked(void) ++{ ++ return console_locked; ++} ++ ++static void console_cont_flush(char *text, size_t size) ++{ ++ unsigned long flags; ++ size_t len; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ ++ if (!cont.len) ++ goto out; ++ ++ /* ++ * We still queue earlier records, likely because the console was ++ * busy. The earlier ones need to be printed before this one, we ++ * did not flush any fragment so far, so just let it queue up. ++ */ ++ if (console_seq < log_next_seq && !cont.cons) ++ goto out; ++ ++ len = cont_print_text(text, size); ++ raw_spin_unlock(&logbuf_lock); ++ stop_critical_timings(); ++ call_console_drivers(cont.level, text, len); ++ start_critical_timings(); ++ local_irq_restore(flags); ++ return; ++out: ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++} ++ ++/** ++ * console_unlock - unlock the console system ++ * ++ * Releases the console_lock which the caller holds on the console system ++ * and the console driver list. ++ * ++ * While the console_lock was held, console output may have been buffered ++ * by printk(). If this is the case, console_unlock(); emits ++ * the output prior to releasing the lock. ++ * ++ * If there is output waiting, we wake /dev/kmsg and syslog() users. ++ * ++ * console_unlock(); may be called from any context. ++ */ ++void console_unlock(void) ++{ ++ static char text[LOG_LINE_MAX + PREFIX_MAX]; ++ static u64 seen_seq; ++ unsigned long flags; ++ bool wake_klogd = false; ++ bool retry; ++ ++ if (console_suspended) { ++ up(&console_sem); ++ return; ++ } ++ ++ console_may_schedule = 0; ++ ++ /* flush buffered message fragment immediately to console */ ++ console_cont_flush(text, sizeof(text)); ++again: ++ for (;;) { ++ struct printk_log *msg; ++ size_t len; ++ int level; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ if (seen_seq != log_next_seq) { ++ wake_klogd = true; ++ seen_seq = log_next_seq; ++ } ++ ++ if (console_seq < log_first_seq) { ++ /* messages are gone, move to first one */ ++ console_seq = log_first_seq; ++ console_idx = log_first_idx; ++ console_prev = 0; ++ } ++skip: ++ if (console_seq == log_next_seq) ++ break; ++ ++ msg = log_from_idx(console_idx); ++ if (msg->flags & LOG_NOCONS) { ++ /* ++ * Skip record we have buffered and already printed ++ * directly to the console when we received it. ++ */ ++ console_idx = log_next(console_idx); ++ console_seq++; ++ /* ++ * We will get here again when we register a new ++ * CON_PRINTBUFFER console. Clear the flag so we ++ * will properly dump everything later. ++ */ ++ msg->flags &= ~LOG_NOCONS; ++ console_prev = msg->flags; ++ goto skip; ++ } ++ ++ level = msg->level; ++ len = msg_print_text(msg, console_prev, false, ++ text, sizeof(text)); ++ console_idx = log_next(console_idx); ++ console_seq++; ++ console_prev = msg->flags; ++ raw_spin_unlock(&logbuf_lock); ++ ++ stop_critical_timings(); /* don't trace print latency */ ++ call_console_drivers(level, text, len); ++ start_critical_timings(); ++ local_irq_restore(flags); ++ } ++ console_locked = 0; ++ mutex_release(&console_lock_dep_map, 1, _RET_IP_); ++ ++ /* Release the exclusive_console once it is used */ ++ if (unlikely(exclusive_console)) ++ exclusive_console = NULL; ++ ++ raw_spin_unlock(&logbuf_lock); ++ ++ up(&console_sem); ++ ++ /* ++ * Someone could have filled up the buffer again, so re-check if there's ++ * something to flush. In case we cannot trylock the console_sem again, ++ * there's a new owner and the console_unlock() from them will do the ++ * flush, no worries. ++ */ ++ raw_spin_lock(&logbuf_lock); ++ retry = console_seq != log_next_seq; ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ ++ if (retry && console_trylock()) ++ goto again; ++ ++ if (wake_klogd) ++ wake_up_klogd(); ++} ++EXPORT_SYMBOL(console_unlock); ++ ++/** ++ * console_conditional_schedule - yield the CPU if required ++ * ++ * If the console code is currently allowed to sleep, and ++ * if this CPU should yield the CPU to another task, do ++ * so here. ++ * ++ * Must be called within console_lock();. ++ */ ++void __sched console_conditional_schedule(void) ++{ ++ if (console_may_schedule) ++ cond_resched(); ++} ++EXPORT_SYMBOL(console_conditional_schedule); ++ ++void console_unblank(void) ++{ ++ struct console *c; ++ ++ /* ++ * console_unblank can no longer be called in interrupt context unless ++ * oops_in_progress is set to 1.. ++ */ ++ if (oops_in_progress) { ++ if (down_trylock(&console_sem) != 0) ++ return; ++ } else ++ console_lock(); ++ ++ console_locked = 1; ++ console_may_schedule = 0; ++ for_each_console(c) ++ if ((c->flags & CON_ENABLED) && c->unblank) ++ c->unblank(); ++ console_unlock(); ++} ++ ++/* ++ * Return the console tty driver structure and its associated index ++ */ ++struct tty_driver *console_device(int *index) ++{ ++ struct console *c; ++ struct tty_driver *driver = NULL; ++ ++ console_lock(); ++ for_each_console(c) { ++ if (!c->device) ++ continue; ++ driver = c->device(c, index); ++ if (driver) ++ break; ++ } ++ console_unlock(); ++ return driver; ++} ++ ++/* ++ * Prevent further output on the passed console device so that (for example) ++ * serial drivers can disable console output before suspending a port, and can ++ * re-enable output afterwards. ++ */ ++void console_stop(struct console *console) ++{ ++ console_lock(); ++ console->flags &= ~CON_ENABLED; ++ console_unlock(); ++} ++EXPORT_SYMBOL(console_stop); ++ ++void console_start(struct console *console) ++{ ++ console_lock(); ++ console->flags |= CON_ENABLED; ++ console_unlock(); ++} ++EXPORT_SYMBOL(console_start); ++ ++static int __read_mostly keep_bootcon; ++ ++static int __init keep_bootcon_setup(char *str) ++{ ++ keep_bootcon = 1; ++ pr_info("debug: skip boot console de-registration.\n"); ++ ++ return 0; ++} ++ ++early_param("keep_bootcon", keep_bootcon_setup); ++ ++/* ++ * The console driver calls this routine during kernel initialization ++ * to register the console printing procedure with printk() and to ++ * print any messages that were printed by the kernel before the ++ * console driver was initialized. ++ * ++ * This can happen pretty early during the boot process (because of ++ * early_printk) - sometimes before setup_arch() completes - be careful ++ * of what kernel features are used - they may not be initialised yet. ++ * ++ * There are two types of consoles - bootconsoles (early_printk) and ++ * "real" consoles (everything which is not a bootconsole) which are ++ * handled differently. ++ * - Any number of bootconsoles can be registered at any time. ++ * - As soon as a "real" console is registered, all bootconsoles ++ * will be unregistered automatically. ++ * - Once a "real" console is registered, any attempt to register a ++ * bootconsoles will be rejected ++ */ ++void register_console(struct console *newcon) ++{ ++ int i; ++ unsigned long flags; ++ struct console *bcon = NULL; ++ struct console_cmdline *c; ++ ++ if (console_drivers) ++ for_each_console(bcon) ++ if (WARN(bcon == newcon, ++ "console '%s%d' already registered\n", ++ bcon->name, bcon->index)) ++ return; ++ ++ /* ++ * before we register a new CON_BOOT console, make sure we don't ++ * already have a valid console ++ */ ++ if (console_drivers && newcon->flags & CON_BOOT) { ++ /* find the last or real console */ ++ for_each_console(bcon) { ++ if (!(bcon->flags & CON_BOOT)) { ++ pr_info("Too late to register bootconsole %s%d\n", ++ newcon->name, newcon->index); ++ return; ++ } ++ } ++ } ++ ++ if (console_drivers && console_drivers->flags & CON_BOOT) ++ bcon = console_drivers; ++ ++ if (preferred_console < 0 || bcon || !console_drivers) ++ preferred_console = selected_console; ++ ++ if (newcon->early_setup) ++ newcon->early_setup(); ++ ++ /* ++ * See if we want to use this console driver. If we ++ * didn't select a console we take the first one ++ * that registers here. ++ */ ++ if (preferred_console < 0) { ++ if (newcon->index < 0) ++ newcon->index = 0; ++ if (newcon->setup == NULL || ++ newcon->setup(newcon, NULL) == 0) { ++ newcon->flags |= CON_ENABLED; ++ if (newcon->device) { ++ newcon->flags |= CON_CONSDEV; ++ preferred_console = 0; ++ } ++ } ++ } ++ ++ /* ++ * See if this console matches one we selected on ++ * the command line. ++ */ ++ for (i = 0, c = console_cmdline; ++ i < MAX_CMDLINECONSOLES && c->name[0]; ++ i++, c++) { ++ BUILD_BUG_ON(sizeof(c->name) != sizeof(newcon->name)); ++ if (strcmp(c->name, newcon->name) != 0) ++ continue; ++ if (newcon->index >= 0 && ++ newcon->index != c->index) ++ continue; ++ if (newcon->index < 0) ++ newcon->index = c->index; ++ ++ if (_braille_register_console(newcon, c)) ++ return; ++ ++ if (newcon->setup && ++ newcon->setup(newcon, console_cmdline[i].options) != 0) ++ break; ++ newcon->flags |= CON_ENABLED; ++ newcon->index = c->index; ++ if (i == selected_console) { ++ newcon->flags |= CON_CONSDEV; ++ preferred_console = selected_console; ++ } ++ break; ++ } ++ ++ if (!(newcon->flags & CON_ENABLED)) ++ return; ++ ++ /* ++ * If we have a bootconsole, and are switching to a real console, ++ * don't print everything out again, since when the boot console, and ++ * the real console are the same physical device, it's annoying to ++ * see the beginning boot messages twice ++ */ ++ if (bcon && ((newcon->flags & (CON_CONSDEV | CON_BOOT)) == CON_CONSDEV)) ++ newcon->flags &= ~CON_PRINTBUFFER; ++ ++ /* ++ * Put this console in the list - keep the ++ * preferred driver at the head of the list. ++ */ ++ console_lock(); ++ if ((newcon->flags & CON_CONSDEV) || console_drivers == NULL) { ++ newcon->next = console_drivers; ++ console_drivers = newcon; ++ if (newcon->next) ++ newcon->next->flags &= ~CON_CONSDEV; ++ } else { ++ newcon->next = console_drivers->next; ++ console_drivers->next = newcon; ++ } ++ if (newcon->flags & CON_PRINTBUFFER) { ++ /* ++ * console_unlock(); will print out the buffered messages ++ * for us. ++ */ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ console_seq = syslog_seq; ++ console_idx = syslog_idx; ++ console_prev = syslog_prev; ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ /* ++ * We're about to replay the log buffer. Only do this to the ++ * just-registered console to avoid excessive message spam to ++ * the already-registered consoles. ++ */ ++ exclusive_console = newcon; ++ } ++ console_unlock(); ++ console_sysfs_notify(); ++ ++ /* ++ * By unregistering the bootconsoles after we enable the real console ++ * we get the "console xxx enabled" message on all the consoles - ++ * boot consoles, real consoles, etc - this is to ensure that end ++ * users know there might be something in the kernel's log buffer that ++ * went to the bootconsole (that they do not see on the real console) ++ */ ++ pr_info("%sconsole [%s%d] enabled\n", ++ (newcon->flags & CON_BOOT) ? "boot" : "" , ++ newcon->name, newcon->index); ++ if (bcon && ++ ((newcon->flags & (CON_CONSDEV | CON_BOOT)) == CON_CONSDEV) && ++ !keep_bootcon) { ++ /* We need to iterate through all boot consoles, to make ++ * sure we print everything out, before we unregister them. ++ */ ++ for_each_console(bcon) ++ if (bcon->flags & CON_BOOT) ++ unregister_console(bcon); ++ } ++} ++EXPORT_SYMBOL(register_console); ++ ++int unregister_console(struct console *console) ++{ ++ struct console *a, *b; ++ int res; ++ ++ pr_info("%sconsole [%s%d] disabled\n", ++ (console->flags & CON_BOOT) ? "boot" : "" , ++ console->name, console->index); ++ ++ res = _braille_unregister_console(console); ++ if (res) ++ return res; ++ ++ res = 1; ++ console_lock(); ++ if (console_drivers == console) { ++ console_drivers=console->next; ++ res = 0; ++ } else if (console_drivers) { ++ for (a=console_drivers->next, b=console_drivers ; ++ a; b=a, a=b->next) { ++ if (a == console) { ++ b->next = a->next; ++ res = 0; ++ break; ++ } ++ } ++ } ++ ++ /* ++ * If this isn't the last console and it has CON_CONSDEV set, we ++ * need to set it on the next preferred console. ++ */ ++ if (console_drivers != NULL && console->flags & CON_CONSDEV) ++ console_drivers->flags |= CON_CONSDEV; ++ ++ console_unlock(); ++ console_sysfs_notify(); ++ return res; ++} ++EXPORT_SYMBOL(unregister_console); ++ ++static int __init printk_late_init(void) ++{ ++ struct console *con; ++ ++ for_each_console(con) { ++ if (!keep_bootcon && con->flags & CON_BOOT) { ++ unregister_console(con); ++ } ++ } ++ hotcpu_notifier(console_cpu_notify, 0); ++ return 0; ++} ++late_initcall(printk_late_init); ++ ++#if defined CONFIG_PRINTK ++/* ++ * Delayed printk version, for scheduler-internal messages: ++ */ ++#define PRINTK_BUF_SIZE 512 ++ ++#define PRINTK_PENDING_WAKEUP 0x01 ++#define PRINTK_PENDING_SCHED 0x02 ++ ++static DEFINE_PER_CPU(int, printk_pending); ++static DEFINE_PER_CPU(char [PRINTK_BUF_SIZE], printk_sched_buf); ++ ++static void wake_up_klogd_work_func(struct irq_work *irq_work) ++{ ++ int pending = __this_cpu_xchg(printk_pending, 0); ++ ++ if (pending & PRINTK_PENDING_SCHED) { ++ char *buf = __get_cpu_var(printk_sched_buf); ++ pr_warn("[sched_delayed] %s", buf); ++ } ++ ++ if (pending & PRINTK_PENDING_WAKEUP) ++ wake_up_interruptible(&log_wait); ++} ++ ++static DEFINE_PER_CPU(struct irq_work, wake_up_klogd_work) = { ++ .func = wake_up_klogd_work_func, ++ .flags = IRQ_WORK_LAZY, ++}; ++ ++void wake_up_klogd(void) ++{ ++ preempt_disable(); ++ if (waitqueue_active(&log_wait)) { ++ this_cpu_or(printk_pending, PRINTK_PENDING_WAKEUP); ++ irq_work_queue(&__get_cpu_var(wake_up_klogd_work)); ++ } ++ preempt_enable(); ++} ++ ++int printk_deferred(const char *fmt, ...) ++{ ++ unsigned long flags; ++ va_list args; ++ char *buf; ++ int r; ++ ++ local_irq_save(flags); ++ buf = __get_cpu_var(printk_sched_buf); ++ ++ va_start(args, fmt); ++ r = vsnprintf(buf, PRINTK_BUF_SIZE, fmt, args); ++ va_end(args); ++ ++ __this_cpu_or(printk_pending, PRINTK_PENDING_SCHED); ++ irq_work_queue(&__get_cpu_var(wake_up_klogd_work)); ++ local_irq_restore(flags); ++ ++ return r; ++} ++ ++/* ++ * printk rate limiting, lifted from the networking subsystem. ++ * ++ * This enforces a rate limit: not more than 10 kernel messages ++ * every 5s to make a denial-of-service attack impossible. ++ */ ++DEFINE_RATELIMIT_STATE(printk_ratelimit_state, 5 * HZ, 10); ++ ++int __printk_ratelimit(const char *func) ++{ ++ return ___ratelimit(&printk_ratelimit_state, func); ++} ++EXPORT_SYMBOL(__printk_ratelimit); ++ ++/** ++ * printk_timed_ratelimit - caller-controlled printk ratelimiting ++ * @caller_jiffies: pointer to caller's state ++ * @interval_msecs: minimum interval between prints ++ * ++ * printk_timed_ratelimit() returns true if more than @interval_msecs ++ * milliseconds have elapsed since the last time printk_timed_ratelimit() ++ * returned true. ++ */ ++bool printk_timed_ratelimit(unsigned long *caller_jiffies, ++ unsigned int interval_msecs) ++{ ++ if (*caller_jiffies == 0 ++ || !time_in_range(jiffies, *caller_jiffies, ++ *caller_jiffies ++ + msecs_to_jiffies(interval_msecs))) { ++ *caller_jiffies = jiffies; ++ return true; ++ } ++ return false; ++} ++EXPORT_SYMBOL(printk_timed_ratelimit); ++ ++static DEFINE_SPINLOCK(dump_list_lock); ++static LIST_HEAD(dump_list); ++ ++/** ++ * kmsg_dump_register - register a kernel log dumper. ++ * @dumper: pointer to the kmsg_dumper structure ++ * ++ * Adds a kernel log dumper to the system. The dump callback in the ++ * structure will be called when the kernel oopses or panics and must be ++ * set. Returns zero on success and %-EINVAL or %-EBUSY otherwise. ++ */ ++int kmsg_dump_register(struct kmsg_dumper *dumper) ++{ ++ unsigned long flags; ++ int err = -EBUSY; ++ ++ /* The dump callback needs to be set */ ++ if (!dumper->dump) ++ return -EINVAL; ++ ++ spin_lock_irqsave(&dump_list_lock, flags); ++ /* Don't allow registering multiple times */ ++ if (!dumper->registered) { ++ dumper->registered = 1; ++ list_add_tail_rcu(&dumper->list, &dump_list); ++ err = 0; ++ } ++ spin_unlock_irqrestore(&dump_list_lock, flags); ++ ++ return err; ++} ++EXPORT_SYMBOL_GPL(kmsg_dump_register); ++ ++/** ++ * kmsg_dump_unregister - unregister a kmsg dumper. ++ * @dumper: pointer to the kmsg_dumper structure ++ * ++ * Removes a dump device from the system. Returns zero on success and ++ * %-EINVAL otherwise. ++ */ ++int kmsg_dump_unregister(struct kmsg_dumper *dumper) ++{ ++ unsigned long flags; ++ int err = -EINVAL; ++ ++ spin_lock_irqsave(&dump_list_lock, flags); ++ if (dumper->registered) { ++ dumper->registered = 0; ++ list_del_rcu(&dumper->list); ++ err = 0; ++ } ++ spin_unlock_irqrestore(&dump_list_lock, flags); ++ synchronize_rcu(); ++ ++ return err; ++} ++EXPORT_SYMBOL_GPL(kmsg_dump_unregister); ++ ++static bool always_kmsg_dump; ++module_param_named(always_kmsg_dump, always_kmsg_dump, bool, S_IRUGO | S_IWUSR); ++ ++/** ++ * kmsg_dump - dump kernel log to kernel message dumpers. ++ * @reason: the reason (oops, panic etc) for dumping ++ * ++ * Call each of the registered dumper's dump() callback, which can ++ * retrieve the kmsg records with kmsg_dump_get_line() or ++ * kmsg_dump_get_buffer(). ++ */ ++void kmsg_dump(enum kmsg_dump_reason reason) ++{ ++ struct kmsg_dumper *dumper; ++ unsigned long flags; ++ ++ if ((reason > KMSG_DUMP_OOPS) && !always_kmsg_dump) ++ return; ++ ++ rcu_read_lock(); ++ list_for_each_entry_rcu(dumper, &dump_list, list) { ++ if (dumper->max_reason && reason > dumper->max_reason) ++ continue; ++ ++ /* initialize iterator with data about the stored records */ ++ dumper->active = true; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ dumper->cur_seq = clear_seq; ++ dumper->cur_idx = clear_idx; ++ dumper->next_seq = log_next_seq; ++ dumper->next_idx = log_next_idx; ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ ++ /* invoke dumper which will iterate over records */ ++ dumper->dump(dumper, reason); ++ ++ /* reset iterator */ ++ dumper->active = false; ++ } ++ rcu_read_unlock(); ++} ++ ++/** ++ * kmsg_dump_get_line_nolock - retrieve one kmsg log line (unlocked version) ++ * @dumper: registered kmsg dumper ++ * @syslog: include the "<4>" prefixes ++ * @line: buffer to copy the line to ++ * @size: maximum size of the buffer ++ * @len: length of line placed into buffer ++ * ++ * Start at the beginning of the kmsg buffer, with the oldest kmsg ++ * record, and copy one record into the provided buffer. ++ * ++ * Consecutive calls will return the next available record moving ++ * towards the end of the buffer with the youngest messages. ++ * ++ * A return value of FALSE indicates that there are no more records to ++ * read. ++ * ++ * The function is similar to kmsg_dump_get_line(), but grabs no locks. ++ */ ++bool kmsg_dump_get_line_nolock(struct kmsg_dumper *dumper, bool syslog, ++ char *line, size_t size, size_t *len) ++{ ++ struct printk_log *msg; ++ size_t l = 0; ++ bool ret = false; ++ ++ if (!dumper->active) ++ goto out; ++ ++ if (dumper->cur_seq < log_first_seq) { ++ /* messages are gone, move to first available one */ ++ dumper->cur_seq = log_first_seq; ++ dumper->cur_idx = log_first_idx; ++ } ++ ++ /* last entry */ ++ if (dumper->cur_seq >= log_next_seq) ++ goto out; ++ ++ msg = log_from_idx(dumper->cur_idx); ++ l = msg_print_text(msg, 0, syslog, line, size); ++ ++ dumper->cur_idx = log_next(dumper->cur_idx); ++ dumper->cur_seq++; ++ ret = true; ++out: ++ if (len) ++ *len = l; ++ return ret; ++} ++ ++/** ++ * kmsg_dump_get_line - retrieve one kmsg log line ++ * @dumper: registered kmsg dumper ++ * @syslog: include the "<4>" prefixes ++ * @line: buffer to copy the line to ++ * @size: maximum size of the buffer ++ * @len: length of line placed into buffer ++ * ++ * Start at the beginning of the kmsg buffer, with the oldest kmsg ++ * record, and copy one record into the provided buffer. ++ * ++ * Consecutive calls will return the next available record moving ++ * towards the end of the buffer with the youngest messages. ++ * ++ * A return value of FALSE indicates that there are no more records to ++ * read. ++ */ ++bool kmsg_dump_get_line(struct kmsg_dumper *dumper, bool syslog, ++ char *line, size_t size, size_t *len) ++{ ++ unsigned long flags; ++ bool ret; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ ret = kmsg_dump_get_line_nolock(dumper, syslog, line, size, len); ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ ++ return ret; ++} ++EXPORT_SYMBOL_GPL(kmsg_dump_get_line); ++ ++/** ++ * kmsg_dump_get_buffer - copy kmsg log lines ++ * @dumper: registered kmsg dumper ++ * @syslog: include the "<4>" prefixes ++ * @buf: buffer to copy the line to ++ * @size: maximum size of the buffer ++ * @len: length of line placed into buffer ++ * ++ * Start at the end of the kmsg buffer and fill the provided buffer ++ * with as many of the the *youngest* kmsg records that fit into it. ++ * If the buffer is large enough, all available kmsg records will be ++ * copied with a single call. ++ * ++ * Consecutive calls will fill the buffer with the next block of ++ * available older records, not including the earlier retrieved ones. ++ * ++ * A return value of FALSE indicates that there are no more records to ++ * read. ++ */ ++bool kmsg_dump_get_buffer(struct kmsg_dumper *dumper, bool syslog, ++ char *buf, size_t size, size_t *len) ++{ ++ unsigned long flags; ++ u64 seq; ++ u32 idx; ++ u64 next_seq; ++ u32 next_idx; ++ enum log_flags prev; ++ size_t l = 0; ++ bool ret = false; ++ ++ if (!dumper->active) ++ goto out; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ if (dumper->cur_seq < log_first_seq) { ++ /* messages are gone, move to first available one */ ++ dumper->cur_seq = log_first_seq; ++ dumper->cur_idx = log_first_idx; ++ } ++ ++ /* last entry */ ++ if (dumper->cur_seq >= dumper->next_seq) { ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++ goto out; ++ } ++ ++ /* calculate length of entire buffer */ ++ seq = dumper->cur_seq; ++ idx = dumper->cur_idx; ++ prev = 0; ++ while (seq < dumper->next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ l += msg_print_text(msg, prev, true, NULL, 0); ++ idx = log_next(idx); ++ seq++; ++ prev = msg->flags; ++ } ++ ++ /* move first record forward until length fits into the buffer */ ++ seq = dumper->cur_seq; ++ idx = dumper->cur_idx; ++ prev = 0; ++ while (l > size && seq < dumper->next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ l -= msg_print_text(msg, prev, true, NULL, 0); ++ idx = log_next(idx); ++ seq++; ++ prev = msg->flags; ++ } ++ ++ /* last message in next interation */ ++ next_seq = seq; ++ next_idx = idx; ++ ++ l = 0; ++ while (seq < dumper->next_seq) { ++ struct printk_log *msg = log_from_idx(idx); ++ ++ l += msg_print_text(msg, prev, syslog, buf + l, size - l); ++ idx = log_next(idx); ++ seq++; ++ prev = msg->flags; ++ } ++ ++ dumper->next_seq = next_seq; ++ dumper->next_idx = next_idx; ++ ret = true; ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++out: ++ if (len) ++ *len = l; ++ return ret; ++} ++EXPORT_SYMBOL_GPL(kmsg_dump_get_buffer); ++ ++/** ++ * kmsg_dump_rewind_nolock - reset the interator (unlocked version) ++ * @dumper: registered kmsg dumper ++ * ++ * Reset the dumper's iterator so that kmsg_dump_get_line() and ++ * kmsg_dump_get_buffer() can be called again and used multiple ++ * times within the same dumper.dump() callback. ++ * ++ * The function is similar to kmsg_dump_rewind(), but grabs no locks. ++ */ ++void kmsg_dump_rewind_nolock(struct kmsg_dumper *dumper) ++{ ++ dumper->cur_seq = clear_seq; ++ dumper->cur_idx = clear_idx; ++ dumper->next_seq = log_next_seq; ++ dumper->next_idx = log_next_idx; ++} ++ ++/** ++ * kmsg_dump_rewind - reset the interator ++ * @dumper: registered kmsg dumper ++ * ++ * Reset the dumper's iterator so that kmsg_dump_get_line() and ++ * kmsg_dump_get_buffer() can be called again and used multiple ++ * times within the same dumper.dump() callback. ++ */ ++void kmsg_dump_rewind(struct kmsg_dumper *dumper) ++{ ++ unsigned long flags; ++ ++ raw_spin_lock_irqsave(&logbuf_lock, flags); ++ kmsg_dump_rewind_nolock(dumper); ++ raw_spin_unlock_irqrestore(&logbuf_lock, flags); ++} ++EXPORT_SYMBOL_GPL(kmsg_dump_rewind); ++ ++static char dump_stack_arch_desc_str[128]; ++ ++/** ++ * dump_stack_set_arch_desc - set arch-specific str to show with task dumps ++ * @fmt: printf-style format string ++ * @...: arguments for the format string ++ * ++ * The configured string will be printed right after utsname during task ++ * dumps. Usually used to add arch-specific system identifiers. If an ++ * arch wants to make use of such an ID string, it should initialize this ++ * as soon as possible during boot. ++ */ ++void __init dump_stack_set_arch_desc(const char *fmt, ...) ++{ ++ va_list args; ++ ++ va_start(args, fmt); ++ vsnprintf(dump_stack_arch_desc_str, sizeof(dump_stack_arch_desc_str), ++ fmt, args); ++ va_end(args); ++} ++ ++/** ++ * dump_stack_print_info - print generic debug info for dump_stack() ++ * @log_lvl: log level ++ * ++ * Arch-specific dump_stack() implementations can use this function to ++ * print out the same debug information as the generic dump_stack(). ++ */ ++void dump_stack_print_info(const char *log_lvl) ++{ ++ printk("%sCPU: %d PID: %d Comm: %.20s %s %s %.*s\n", ++ log_lvl, raw_smp_processor_id(), current->pid, current->comm, ++ print_tainted(), init_utsname()->release, ++ (int)strcspn(init_utsname()->version, " "), ++ init_utsname()->version); ++ ++ if (dump_stack_arch_desc_str[0] != '\0') ++ printk("%sHardware name: %s\n", ++ log_lvl, dump_stack_arch_desc_str); ++ ++ print_worker_info(log_lvl, current); ++} ++ ++/** ++ * show_regs_print_info - print generic debug info for show_regs() ++ * @log_lvl: log level ++ * ++ * show_regs() implementations can use this function to print out generic ++ * debug information. ++ */ ++void show_regs_print_info(const char *log_lvl) ++{ ++ dump_stack_print_info(log_lvl); ++ ++ printk("%stask: %p ti: %p task.ti: %p\n", ++ log_lvl, current, current_thread_info(), ++ task_thread_info(current)); ++} ++ ++#endif diff --git a/kernel/profile.c b/kernel/profile.c index 76b8e77..a2930e8 100644 --- a/kernel/profile.c @@ -94920,7 +98151,7 @@ index 9d557df..7207dae 100644 error = -EINVAL; break; diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index ea7ec7f..798623e 100644 +index ea7ec7f..da588ba 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -86,6 +86,13 @@ @@ -94937,7 +98168,11 @@ index ea7ec7f..798623e 100644 /* External variables not in a header file. */ extern int sysctl_overcommit_memory; -@@ -112,18 +119,18 @@ extern int blk_iopoll_enabled; +@@ -109,21 +116,22 @@ extern int sysctl_nr_trim_pages; + #ifdef CONFIG_BLOCK + extern int blk_iopoll_enabled; + #endif ++extern int sysctl_modify_ldt; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -94965,12 +98200,13 @@ index ea7ec7f..798623e 100644 #endif /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ -@@ -165,10 +172,13 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -165,10 +173,13 @@ static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -#endif + @@ -94981,7 +98217,7 @@ index ea7ec7f..798623e 100644 #ifdef CONFIG_MAGIC_SYSRQ /* Note: sysrq code uses it's own private copy */ -@@ -191,6 +201,7 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, +@@ -191,6 +202,7 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, } #endif @@ -94989,7 +98225,7 @@ index ea7ec7f..798623e 100644 static struct ctl_table root_table[]; static struct ctl_table_root sysctl_table_root; -@@ -220,6 +231,20 @@ extern struct ctl_table epoll_table[]; +@@ -220,6 +232,20 @@ extern struct ctl_table epoll_table[]; int sysctl_legacy_va_layout; #endif @@ -95010,7 +98246,7 @@ index ea7ec7f..798623e 100644 /* The default sysctl tables: */ static struct ctl_table root_table[] = { -@@ -266,6 +291,22 @@ static int max_extfrag_threshold = 1000; +@@ -266,6 +292,22 @@ static int max_extfrag_threshold = 1000; #endif static struct ctl_table kern_table[] = { @@ -95033,7 +98269,7 @@ index ea7ec7f..798623e 100644 { .procname = "sched_child_runs_first", .data = &sysctl_sched_child_runs_first, -@@ -420,7 +461,7 @@ static struct ctl_table kern_table[] = { +@@ -420,7 +462,7 @@ static struct ctl_table kern_table[] = { .data = core_pattern, .maxlen = CORENAME_MAX_SIZE, .mode = 0644, @@ -95042,7 +98278,7 @@ index ea7ec7f..798623e 100644 }, { .procname = "core_pipe_limit", -@@ -550,7 +591,7 @@ static struct ctl_table kern_table[] = { +@@ -550,7 +592,7 @@ static struct ctl_table kern_table[] = { .data = &modprobe_path, .maxlen = KMOD_PATH_LEN, .mode = 0644, @@ -95051,7 +98287,21 @@ index ea7ec7f..798623e 100644 }, { .procname = "modules_disabled", -@@ -717,16 +758,20 @@ static struct ctl_table kern_table[] = { +@@ -558,7 +600,7 @@ static struct ctl_table kern_table[] = { + .maxlen = sizeof(int), + .mode = 0644, + /* only handle a transition from default "0" to "1" */ +- .proc_handler = proc_dointvec_minmax, ++ .proc_handler = proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, +@@ -713,20 +755,24 @@ static struct ctl_table kern_table[] = { + .data = &dmesg_restrict, + .maxlen = sizeof(int), + .mode = 0644, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, .extra1 = &zero, .extra2 = &one, }, @@ -95061,7 +98311,8 @@ index ea7ec7f..798623e 100644 .data = &kptr_restrict, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_minmax_sysadmin, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, +#ifdef CONFIG_GRKERNSEC_HIDESYM + .extra1 = &two, +#else @@ -95073,7 +98324,23 @@ index ea7ec7f..798623e 100644 { .procname = "ngroups_max", .data = &ngroups_max, -@@ -957,10 +1002,17 @@ static struct ctl_table kern_table[] = { +@@ -831,6 +877,15 @@ static struct ctl_table kern_table[] = { + .mode = 0644, + .proc_handler = proc_dointvec, + }, ++ { ++ .procname = "modify_ldt", ++ .data = &sysctl_modify_ldt, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, ++ .extra1 = &zero, ++ .extra2 = &one, ++ }, + #endif + #if defined(CONFIG_MMU) + { +@@ -957,10 +1012,17 @@ static struct ctl_table kern_table[] = { */ { .procname = "perf_event_paranoid", @@ -95084,7 +98351,7 @@ index ea7ec7f..798623e 100644 .mode = 0644, - .proc_handler = proc_dointvec, + /* go ahead, be a hero */ -+ .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, + .extra1 = &neg_one, +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN + .extra2 = &three, @@ -95094,7 +98361,7 @@ index ea7ec7f..798623e 100644 }, { .procname = "perf_event_mlock_kb", -@@ -1216,6 +1268,13 @@ static struct ctl_table vm_table[] = { +@@ -1216,6 +1278,13 @@ static struct ctl_table vm_table[] = { .proc_handler = proc_dointvec_minmax, .extra1 = &zero, }, @@ -95108,7 +98375,7 @@ index ea7ec7f..798623e 100644 #else { .procname = "nr_trim_pages", -@@ -1499,7 +1558,7 @@ static struct ctl_table fs_table[] = { +@@ -1499,7 +1568,7 @@ static struct ctl_table fs_table[] = { .data = &suid_dumpable, .maxlen = sizeof(int), .mode = 0644, @@ -95117,7 +98384,7 @@ index ea7ec7f..798623e 100644 .extra1 = &zero, .extra2 = &two, }, -@@ -1720,6 +1779,17 @@ static int test_perm(int mode, int op) +@@ -1720,6 +1789,17 @@ static int test_perm(int mode, int op) int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op) { int mode; @@ -95135,7 +98402,7 @@ index ea7ec7f..798623e 100644 if (root->permissions) mode = root->permissions(root, current->nsproxy, table); -@@ -1732,7 +1802,9 @@ int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op) +@@ -1732,7 +1812,9 @@ int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op) static void sysctl_set_parent(struct ctl_table *parent, struct ctl_table *table) { for (; table->procname; table++) { @@ -95146,7 +98413,7 @@ index ea7ec7f..798623e 100644 if (table->child) sysctl_set_parent(table, table->child); } -@@ -1856,7 +1928,8 @@ struct ctl_table_header *__register_sysctl_paths( +@@ -1856,7 +1938,8 @@ struct ctl_table_header *__register_sysctl_paths( const struct ctl_path *path, struct ctl_table *table) { struct ctl_table_header *header; @@ -95156,7 +98423,7 @@ index ea7ec7f..798623e 100644 unsigned int n, npath; struct ctl_table_set *set; -@@ -1877,7 +1950,7 @@ struct ctl_table_header *__register_sysctl_paths( +@@ -1877,7 +1960,7 @@ struct ctl_table_header *__register_sysctl_paths( if (!header) return NULL; @@ -95165,7 +98432,7 @@ index ea7ec7f..798623e 100644 /* Now connect the dots */ prevp = &header->ctl_table; -@@ -2124,6 +2197,16 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -2124,6 +2207,16 @@ int proc_dostring(struct ctl_table *table, int write, buffer, lenp, ppos); } @@ -95182,7 +98449,7 @@ index ea7ec7f..798623e 100644 static size_t proc_skip_spaces(char **buf) { size_t ret; -@@ -2229,6 +2312,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, +@@ -2229,6 +2322,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, len = strlen(tmp); if (len > *size) len = *size; @@ -95191,7 +98458,52 @@ index ea7ec7f..798623e 100644 if (copy_to_user(*buf, tmp, len)) return -EFAULT; *size -= len; -@@ -2393,7 +2478,7 @@ int proc_dointvec(struct ctl_table *table, int write, +@@ -2386,6 +2481,44 @@ int proc_dointvec(struct ctl_table *table, int write, + NULL,NULL); + } + ++static int do_proc_dointvec_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ if (write) { ++ if (*negp) { ++ if (*lvalp > (unsigned long) INT_MAX + 1) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = -*lvalp; ++ pax_close_kernel(); ++ } else { ++ if (*lvalp > (unsigned long) INT_MAX) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = *lvalp; ++ pax_close_kernel(); ++ } ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ ++int proc_dointvec_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ return do_proc_dointvec(table,write,buffer,lenp,ppos, ++ do_proc_dointvec_conv_secure,NULL); ++} ++ + /* + * Taint values can only be increased + * This means we can safely use a temporary. +@@ -2393,7 +2526,7 @@ int proc_dointvec(struct ctl_table *table, int write, static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -95200,26 +98512,73 @@ index ea7ec7f..798623e 100644 unsigned long tmptaint = get_taint(); int err; -@@ -2421,7 +2506,6 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -2421,16 +2554,14 @@ static int proc_taint(struct ctl_table *table, int write, return err; } -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2430,7 +2514,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, + if (write && !capable(CAP_SYS_ADMIN)) + return -EPERM; - return proc_dointvec_minmax(table, write, buffer, lenp, ppos); +- return proc_dointvec_minmax(table, write, buffer, lenp, ppos); ++ return proc_dointvec_minmax_secure(table, write, buffer, lenp, ppos); } -#endif struct do_proc_dointvec_minmax_conv_param { int *min; -@@ -2488,6 +2571,34 @@ int proc_dointvec_minmax(struct ctl_table *table, int write, +@@ -2461,6 +2592,32 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, + return 0; + } + ++static int do_proc_dointvec_minmax_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ struct do_proc_dointvec_minmax_conv_param *param = data; ++ if (write) { ++ int val = *negp ? -*lvalp : *lvalp; ++ if ((param->min && *param->min > val) || ++ (param->max && *param->max < val)) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = val; ++ pax_close_kernel(); ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ + /** + * proc_dointvec_minmax - read a vector of integers with min/max values + * @table: the sysctl table +@@ -2488,6 +2645,45 @@ int proc_dointvec_minmax(struct ctl_table *table, int write, do_proc_dointvec_minmax_conv, ¶m); } ++int proc_dointvec_minmax_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ struct do_proc_dointvec_minmax_conv_param param = { ++ .min = (int *) table->extra1, ++ .max = (int *) table->extra2, ++ }; ++ return do_proc_dointvec(table, write, buffer, lenp, ppos, ++ do_proc_dointvec_minmax_conv_secure, ¶m); ++} ++ +static void validate_coredump_safety(void) +{ + if (suid_dumpable == SUID_DUMPABLE_SAFE && @@ -95251,7 +98610,7 @@ index ea7ec7f..798623e 100644 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos, -@@ -2545,8 +2656,11 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int +@@ -2545,8 +2741,11 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int *i = val; } else { val = convdiv * (*i) / convmul; @@ -95264,7 +98623,7 @@ index ea7ec7f..798623e 100644 err = proc_put_long(&buffer, &left, val, false); if (err) break; -@@ -2941,6 +3055,12 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -2941,6 +3140,12 @@ int proc_dostring(struct ctl_table *table, int write, return -ENOSYS; } @@ -95277,7 +98636,7 @@ index ea7ec7f..798623e 100644 int proc_dointvec(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2997,6 +3117,7 @@ EXPORT_SYMBOL(proc_dointvec_minmax); +@@ -2997,6 +3202,7 @@ EXPORT_SYMBOL(proc_dointvec_minmax); EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); @@ -96783,10 +100142,22 @@ index bd2bea9..6b3c95e 100644 return false; diff --git a/lib/kobject.c b/lib/kobject.c -index 83bd5b3..8a0c75f 100644 +index 83bd5b3..757af67 100644 --- a/lib/kobject.c +++ b/lib/kobject.c -@@ -844,7 +844,7 @@ static struct kset *kset_create(const char *name, +@@ -296,8 +296,9 @@ error: + } + EXPORT_SYMBOL(kobject_init); + +-static int kobject_add_varg(struct kobject *kobj, struct kobject *parent, +- const char *fmt, va_list vargs) ++static __printf(3, 0) int kobject_add_varg(struct kobject *kobj, ++ struct kobject *parent, ++ const char *fmt, va_list vargs) + { + int retval; + +@@ -844,7 +845,7 @@ static struct kset *kset_create(const char *name, kset = kzalloc(sizeof(*kset), GFP_KERNEL); if (!kset) return NULL; @@ -96795,7 +100166,7 @@ index 83bd5b3..8a0c75f 100644 if (retval) { kfree(kset); return NULL; -@@ -898,9 +898,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); +@@ -898,9 +899,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -97566,7 +100937,7 @@ index 1f44bdc..009bfe8 100644 +} +#endif diff --git a/lib/vsprintf.c b/lib/vsprintf.c -index ae02e42..4ffc938 100644 +index ae02e42..cd72015 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -16,6 +16,9 @@ @@ -97592,10 +100963,11 @@ index ae02e42..4ffc938 100644 return string(buf, end, uuid, spec); } +-int kptr_restrict __read_mostly; +#ifdef CONFIG_GRKERNSEC_HIDESYM -+int kptr_restrict __read_mostly = 2; ++int kptr_restrict __read_only = 2; +#else - int kptr_restrict __read_mostly; ++int kptr_restrict __read_only; +#endif /* @@ -103475,6 +106847,18 @@ index 23f45ce..c748f1a 100644 __AAL_STAT_ITEMS #undef __HANDLE_ITEM } +diff --git a/net/ax25/ax25_subr.c b/net/ax25/ax25_subr.c +index c6715ee..69745c0 100644 +--- a/net/ax25/ax25_subr.c ++++ b/net/ax25/ax25_subr.c +@@ -265,6 +265,7 @@ void ax25_disconnect(ax25_cb *ax25, int reason) + { + ax25_clear_queues(ax25); + ++ ax25_stop_heartbeat(ax25); + ax25_stop_t1timer(ax25); + ax25_stop_t2timer(ax25); + ax25_stop_t3timer(ax25); diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c index ebe0ef3..d5b0a8e 100644 --- a/net/ax25/sysctl_net_ax25.c @@ -104847,7 +108231,7 @@ index 80aeac9..b08d0a8 100644 return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index 5b412f0..e251eea 100644 +index 5b412f0..595dfcd 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -57,7 +57,7 @@ struct rtnl_link { @@ -104885,6 +108269,24 @@ index 5b412f0..e251eea 100644 } EXPORT_SYMBOL_GPL(__rtnl_link_unregister); +@@ -1484,10 +1487,13 @@ static int do_setlink(struct net_device *dev, struct ifinfomsg *ifm, + goto errout; + + nla_for_each_nested(attr, tb[IFLA_VF_PORTS], rem) { +- if (nla_type(attr) != IFLA_VF_PORT) +- continue; +- err = nla_parse_nested(port, IFLA_PORT_MAX, +- attr, ifla_port_policy); ++ if (nla_type(attr) != IFLA_VF_PORT || ++ nla_len(attr) < NLA_HDRLEN) { ++ err = -EINVAL; ++ goto errout; ++ } ++ err = nla_parse_nested(port, IFLA_PORT_MAX, attr, ++ ifla_port_policy); + if (err < 0) + goto errout; + if (!port[IFLA_PORT_VF]) { diff --git a/net/core/scm.c b/net/core/scm.c index ff52ad0..aff1c0f 100644 --- a/net/core/scm.c @@ -116088,10 +119490,10 @@ index 0000000..0c96d8a +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..da184c5 +index 0000000..c5de280 --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,564 @@ +@@ -0,0 +1,568 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2015 by PaX Team <pageexec@freemail.hu> @@ -116533,7 +119935,7 @@ index 0000000..da184c5 + .optinfo_flags = OPTGROUP_NONE, +#endif +#if BUILDING_GCC_VERSION >= 5000 -+#elif BUILDING_GCC_VERSION >= 4009 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -116558,7 +119960,11 @@ index 0000000..da184c5 +class check_local_variables_pass : public gimple_opt_pass { +public: + check_local_variables_pass() : gimple_opt_pass(check_local_variables_pass_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return check_local_variables(); } ++#else + unsigned int execute() { return check_local_variables(); } ++#endif +}; +} + @@ -116658,10 +120064,10 @@ index 0000000..da184c5 +} diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h new file mode 100644 -index 0000000..1d20e32 +index 0000000..70924d4 --- /dev/null +++ b/tools/gcc/gcc-common.h -@@ -0,0 +1,689 @@ +@@ -0,0 +1,787 @@ +#ifndef GCC_COMMON_H_INCLUDED +#define GCC_COMMON_H_INCLUDED + @@ -116740,6 +120146,8 @@ index 0000000..1d20e32 +#include "tree-flow.h" +#else +#include "tree-cfgcleanup.h" ++#include "tree-ssa-operands.h" ++#include "tree-into-ssa.h" +#endif + +#if BUILDING_GCC_VERSION >= 4008 @@ -117070,6 +120478,76 @@ index 0000000..1d20e32 +typedef union gimple_statement_d gdebug; +typedef union gimple_statement_d gphi; +typedef union gimple_statement_d greturn; ++ ++static inline gasm *as_a_gasm(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gasm *as_a_const_gasm(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gassign *as_a_gassign(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gassign *as_a_const_gassign(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcall *as_a_gcall(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcall *as_a_const_gcall(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcond *as_a_const_gcond(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gdebug *as_a_gdebug(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline greturn *as_a_greturn(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const greturn *as_a_const_greturn(const_gimple stmt) ++{ ++ return stmt; ++} +#endif + +#if BUILDING_GCC_VERSION == 4008 @@ -117089,34 +120567,35 @@ index 0000000..1d20e32 +#if BUILDING_GCC_VERSION <= 4009 +#define TODO_verify_il 0 +#define AVAIL_INTERPOSABLE AVAIL_OVERWRITABLE -+#endif + -+#if BUILDING_GCC_VERSION == 4009 -+typedef struct gimple_statement_base gasm; -+typedef struct gimple_statement_base gassign; -+typedef struct gimple_statement_base gcall; -+typedef struct gimple_statement_base gcond; -+typedef struct gimple_statement_base gdebug; -+typedef struct gimple_statement_base gphi; -+typedef struct gimple_statement_base greturn; -+#endif ++#define section_name_prefix LTO_SECTION_NAME_PREFIX ++#define fatal_error(loc, gmsgid, ...) fatal_error((gmsgid), __VA_ARGS__) + -+#if BUILDING_GCC_VERSION <= 4009 +typedef struct rtx_def rtx_insn; + +static inline void set_decl_section_name(tree node, const char *value) +{ + DECL_SECTION_NAME(node) = build_string(strlen(value) + 1, value); +} ++#endif ++ ++#if BUILDING_GCC_VERSION == 4009 ++typedef struct gimple_statement_asm gasm; ++typedef struct gimple_statement_base gassign; ++typedef struct gimple_statement_call gcall; ++typedef struct gimple_statement_base gcond; ++typedef struct gimple_statement_base gdebug; ++typedef struct gimple_statement_phi gphi; ++typedef struct gimple_statement_base greturn; + +static inline gasm *as_a_gasm(gimple stmt) +{ -+ return stmt; ++ return as_a<gasm>(stmt); +} + +static inline const gasm *as_a_const_gasm(const_gimple stmt) +{ -+ return stmt; ++ return as_a<const gasm>(stmt); +} + +static inline gassign *as_a_gassign(gimple stmt) @@ -117131,24 +120610,44 @@ index 0000000..1d20e32 + +static inline gcall *as_a_gcall(gimple stmt) +{ -+ return stmt; ++ return as_a<gcall>(stmt); +} + +static inline const gcall *as_a_const_gcall(const_gimple stmt) +{ ++ return as_a<const gcall>(stmt); ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ + return stmt; +} + -+static inline gphi *as_a_gphi(gimple stmt) ++static inline const gcond *as_a_const_gcond(const_gimple stmt) +{ + return stmt; +} + -+static inline const gphi *as_a_const_gphi(const_gimple stmt) ++static inline gdebug *as_a_gdebug(gimple stmt) +{ + return stmt; +} + ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return as_a<gphi>(stmt); ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return as_a<const gphi>(stmt); ++} ++ +static inline greturn *as_a_greturn(gimple stmt) +{ + return stmt; @@ -117210,6 +120709,11 @@ index 0000000..1d20e32 + varpool_node::add(decl); +} + ++static inline unsigned int rebuild_cgraph_edges(void) ++{ ++ return cgraph_edge::rebuild_edges(); ++} ++ +static inline cgraph_node_ptr cgraph_function_node(cgraph_node_ptr node, enum availability *availability) +{ + return node->function_symbol(availability); @@ -118594,10 +122098,10 @@ index 0000000..ac6f9b4 +} diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c new file mode 100644 -index 0000000..713be61 +index 0000000..40dcfa9 --- /dev/null +++ b/tools/gcc/randomize_layout_plugin.c -@@ -0,0 +1,918 @@ +@@ -0,0 +1,922 @@ +/* + * Copyright 2014,2015 by Open Source Security, Inc., Brad Spengler <spender@grsecurity.net> + * and PaX Team <pageexec@freemail.hu> @@ -119443,7 +122947,11 @@ index 0000000..713be61 +class randomize_layout_bad_cast : public gimple_opt_pass { +public: + randomize_layout_bad_cast() : gimple_opt_pass(randomize_layout_bad_cast_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return find_bad_casts(); } ++#else + unsigned int execute() { return find_bad_casts(); } ++#endif +}; +} +#endif @@ -119660,15 +123168,16 @@ index 0000000..12b1e3b +exit 0 diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c new file mode 100644 -index 0000000..c43901f +index 0000000..495983ff --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c -@@ -0,0 +1,748 @@ +@@ -0,0 +1,762 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -119686,8 +123195,8 @@ index 0000000..c43901f +#include "gcc-common.h" +#include "size_overflow.h" + -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs); -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs); ++static void search_size_overflow_attribute(gimple_set *visited, tree lhs); ++static enum mark search_intentional(gimple_set *visited, const_tree lhs); + +// data for the size_overflow asm stmt +struct asm_data { @@ -119721,7 +123230,7 @@ index 0000000..c43901f + +static void create_asm_stmt(const char *str, tree str_input, tree str_output, struct asm_data *asm_data) +{ -+ gimple asm_stmt; ++ gasm *asm_stmt; + gimple_stmt_iterator gsi; +#if BUILDING_GCC_VERSION <= 4007 + VEC(tree, gc) *input, *output = NULL; @@ -119734,7 +123243,7 @@ index 0000000..c43901f + if (asm_data->output) + output = create_asm_io_list(str_output, asm_data->output); + -+ asm_stmt = gimple_build_asm_vec(str, input, output, NULL, NULL); ++ asm_stmt = as_a_gasm(gimple_build_asm_vec(str, input, output, NULL, NULL)); + gsi = gsi_for_stmt(asm_data->def_stmt); + gsi_insert_after(&gsi, asm_stmt, GSI_NEW_STMT); + @@ -119749,13 +123258,13 @@ index 0000000..c43901f + SSA_NAME_DEF_STMT(asm_data->input) = asm_data->def_stmt; +} + -+static enum mark search_intentional_phi(struct pointer_set_t *visited, const_tree result) ++static enum mark search_intentional_phi(gimple_set *visited, const_tree result) +{ + enum mark cur_fndecl_attr; -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + -+ pointer_set_insert(visited, phi); ++ pointer_set_insert(visited, (gimple)phi); + for (i = 0; i < n; i++) { + tree arg = gimple_phi_arg_def(phi, i); + @@ -119766,11 +123275,11 @@ index 0000000..c43901f + return MARK_NO; +} + -+static enum mark search_intentional_binary(struct pointer_set_t *visited, const_tree lhs) ++static enum mark search_intentional_binary(gimple_set *visited, const_tree lhs) +{ + enum mark cur_fndecl_attr; + const_tree rhs1, rhs2; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + rhs1 = gimple_assign_rhs1(def_stmt); + rhs2 = gimple_assign_rhs2(def_stmt); @@ -119782,7 +123291,7 @@ index 0000000..c43901f +} + +// Look up the intentional_overflow attribute on the caller and the callee functions. -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs) ++static enum mark search_intentional(gimple_set *visited, const_tree lhs) +{ + const_gimple def_stmt; + @@ -119800,7 +123309,7 @@ index 0000000..c43901f + case GIMPLE_NOP: + return search_intentional(visited, SSA_NAME_VAR(lhs)); + case GIMPLE_ASM: -+ if (is_size_overflow_intentional_asm_turn_off(def_stmt)) ++ if (is_size_overflow_intentional_asm_turn_off(as_a_const_gasm(def_stmt))) + return MARK_TURN_OFF; + return MARK_NO; + case GIMPLE_CALL: @@ -119810,7 +123319,7 @@ index 0000000..c43901f + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return search_intentional(visited, gimple_assign_rhs1(def_stmt)); ++ return search_intentional(visited, gimple_assign_rhs1(as_a_const_gassign(def_stmt))); + case 3: + return search_intentional_binary(visited, lhs); + } @@ -119827,7 +123336,7 @@ index 0000000..c43901f +static enum mark check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) +{ + const_tree fndecl; -+ struct pointer_set_t *visited; ++ gimple_set *visited; + enum mark cur_fndecl_attr, decl_attr = MARK_NO; + + fndecl = get_interesting_orig_fndecl(stmt, argnum); @@ -119870,7 +123379,7 @@ index 0000000..c43901f + is_missing_function(orig_fndecl, num); +} + -+static void search_size_overflow_attribute_phi(struct pointer_set_t *visited, const_tree result) ++static void search_size_overflow_attribute_phi(gimple_set *visited, const_tree result) +{ + gimple phi = get_def_stmt(result); + unsigned int i, n = gimple_phi_num_args(phi); @@ -119883,7 +123392,7 @@ index 0000000..c43901f + } +} + -+static void search_size_overflow_attribute_binary(struct pointer_set_t *visited, const_tree lhs) ++static void search_size_overflow_attribute_binary(gimple_set *visited, const_tree lhs) +{ + const_gimple def_stmt = get_def_stmt(lhs); + tree rhs1, rhs2; @@ -119895,7 +123404,7 @@ index 0000000..c43901f + search_size_overflow_attribute(visited, rhs2); +} + -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs) ++static void search_size_overflow_attribute(gimple_set *visited, tree lhs) +{ + const_gimple def_stmt; + @@ -119945,18 +123454,20 @@ index 0000000..c43901f +{ + tree fndecl = NULL_TREE; + tree lhs; -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) + return; + + if (num == 0) { + gcc_assert(gimple_code(stmt) == GIMPLE_RETURN); -+ lhs = gimple_return_retval(stmt); ++ lhs = gimple_return_retval(as_a_const_greturn(stmt)); + } else { -+ gcc_assert(is_gimple_call(stmt)); -+ lhs = gimple_call_arg(stmt, num - 1); -+ fndecl = gimple_call_fndecl(stmt); ++ const gcall *call = as_a_const_gcall(stmt); ++ ++ gcc_assert(is_gimple_call(call)); ++ lhs = gimple_call_arg(call, num - 1); ++ fndecl = gimple_call_fndecl(call); + } + + if (fndecl != NULL_TREE && is_turn_off_intentional_attr(DECL_ORIGIN(fndecl))) @@ -119980,9 +123491,9 @@ index 0000000..c43901f + asm_data->output = create_new_var(TREE_TYPE(asm_data->output)); + asm_data->output = make_ssa_name(asm_data->output, stmt); + if (gimple_code(stmt) == GIMPLE_RETURN) -+ gimple_return_set_retval(stmt, asm_data->output); ++ gimple_return_set_retval(as_a_greturn(stmt), asm_data->output); + else -+ gimple_call_set_arg(stmt, argnum - 1, asm_data->output); ++ gimple_call_set_arg(as_a_gcall(stmt), argnum - 1, asm_data->output); + update_stmt(stmt); +} + @@ -120062,7 +123573,7 @@ index 0000000..c43901f + break; + } + case GIMPLE_ASM: -+ if (is_size_overflow_asm(asm_data->def_stmt)) { ++ if (is_size_overflow_asm(as_a_const_gasm(asm_data->def_stmt))) { + asm_data->input = NULL_TREE; + break; + } @@ -120093,7 +123604,7 @@ index 0000000..c43901f + search_missing_size_overflow_attribute_gimple(stmt, argnum); + + asm_data.def_stmt = get_def_stmt(asm_data.output); -+ if (is_size_overflow_intentional_asm_turn_off(asm_data.def_stmt)) ++ if (gimple_code(asm_data.def_stmt) == GIMPLE_ASM && is_size_overflow_intentional_asm_turn_off(as_a_const_gasm(asm_data.def_stmt))) + return; + + create_asm_input(stmt, argnum, &asm_data); @@ -120143,7 +123654,7 @@ index 0000000..c43901f + return true; +} + -+static void walk_use_def_ptr(struct pointer_set_t *visited, const_tree lhs) ++static void walk_use_def_ptr(gimple_set *visited, const_tree lhs) +{ + gimple def_stmt; + @@ -120160,28 +123671,33 @@ index 0000000..c43901f + case GIMPLE_CALL: + break; + case GIMPLE_PHI: { -+ unsigned int i, n = gimple_phi_num_args(def_stmt); ++ gphi *phi = as_a_gphi(def_stmt); ++ unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, def_stmt); + + for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(def_stmt, i); ++ tree arg = gimple_phi_arg_def(phi, i); + + walk_use_def_ptr(visited, arg); + } ++ break; + } -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { ++ case GIMPLE_ASSIGN: { ++ gassign *assign = as_a_gassign(def_stmt); ++ ++ switch (gimple_num_ops(assign)) { + case 2: -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs1(assign)); + return; + case 3: -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); -+ walk_use_def_ptr(visited, gimple_assign_rhs2(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs1(assign)); ++ walk_use_def_ptr(visited, gimple_assign_rhs2(assign)); + return; + default: + return; + } ++ } + default: + debug_gimple_stmt((gimple)def_stmt); + error("%s: unknown gimple code", __func__); @@ -120192,7 +123708,7 @@ index 0000000..c43901f +// Look for a ptr - ptr expression (e.g., cpuset_common_file_read() s - page) +static void insert_mark_not_intentional_asm_at_ptr(const_tree arg) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + visited = pointer_set_create(); + walk_use_def_ptr(visited, arg); @@ -120200,7 +123716,7 @@ index 0000000..c43901f +} + +// Determine the return value and insert the asm stmt to mark the return stmt. -+static void insert_asm_ret(gimple stmt) ++static void insert_asm_ret(greturn *stmt) +{ + tree ret; + @@ -120209,7 +123725,7 @@ index 0000000..c43901f +} + +// Determine the correct arg index and arg and insert the asm stmt to mark the stmt. -+static void insert_asm_arg(gimple stmt, unsigned int orig_argnum) ++static void insert_asm_arg(gcall *stmt, unsigned int orig_argnum) +{ + tree arg; + unsigned int argnum; @@ -120286,7 +123802,7 @@ index 0000000..c43901f + * Look up the intentional_overflow attribute that turns off ipa based duplication + * on the callee function. + */ -+static bool is_mark_turn_off_attribute(gimple stmt) ++static bool is_mark_turn_off_attribute(gcall *stmt) +{ + enum mark mark; + const_tree fndecl = gimple_call_fndecl(stmt); @@ -120298,7 +123814,7 @@ index 0000000..c43901f +} + +// If the argument(s) of the callee function is/are in the hash table or are marked by an attribute then mark the call stmt with an asm stmt -+static void handle_interesting_function(gimple stmt) ++static void handle_interesting_function(gcall *stmt) +{ + unsigned int argnum; + tree fndecl; @@ -120324,7 +123840,7 @@ index 0000000..c43901f +} + +// If the return value of the caller function is in hash table (its index is 0) then mark the return stmt with an asm stmt -+static void handle_interesting_ret(gimple stmt) ++static void handle_interesting_ret(greturn *stmt) +{ + bool orig_argnums[MAX_PARAM + 1] = {false}; + @@ -120345,13 +123861,13 @@ index 0000000..c43901f + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { + gimple stmt = gsi_stmt(gsi); + -+ if (is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) == GIMPLE_ASM && is_size_overflow_asm(as_a_const_gasm(stmt))) + continue; + + if (is_gimple_call(stmt)) -+ handle_interesting_function(stmt); ++ handle_interesting_function(as_a_gcall(stmt)); + else if (gimple_code(stmt) == GIMPLE_RETURN) -+ handle_interesting_ret(stmt); ++ handle_interesting_ret(as_a_greturn(stmt)); + } + } + return 0; @@ -120363,6 +123879,7 @@ index 0000000..c43901f + * that the ipa pass will detect and insert the size overflow checks for. + */ +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data insert_size_overflow_asm_pass_data = { +#else +static struct gimple_opt_pass insert_size_overflow_asm_pass = { @@ -120373,7 +123890,8 @@ index 0000000..c43901f +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -120395,34 +123913,39 @@ index 0000000..c43901f +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class insert_size_overflow_asm_pass : public gimple_opt_pass { +public: + insert_size_overflow_asm_pass() : gimple_opt_pass(insert_size_overflow_asm_pass_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return search_interesting_functions(); } ++#else + unsigned int execute() { return search_interesting_functions(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_insert_size_overflow_asm_pass(void) ++opt_pass *make_insert_size_overflow_asm_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new insert_size_overflow_asm_pass(); ++} +#else ++struct opt_pass *make_insert_size_overflow_asm_pass(void) ++{ + return &insert_size_overflow_asm_pass.pass; -+#endif +} ++#endif diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c new file mode 100644 -index 0000000..73f0a12 +index 0000000..0766e39 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c -@@ -0,0 +1,943 @@ +@@ -0,0 +1,931 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -120486,19 +124009,6 @@ index 0000000..73f0a12 + return new_type; +} + -+static tree get_lhs(const_gimple stmt) -+{ -+ switch (gimple_code(stmt)) { -+ case GIMPLE_ASSIGN: -+ case GIMPLE_CALL: -+ return gimple_get_lhs(stmt); -+ case GIMPLE_PHI: -+ return gimple_phi_result(stmt); -+ default: -+ return NULL_TREE; -+ } -+} -+ +static tree cast_to_new_size_overflow_type(struct visited *visited, gimple stmt, tree rhs, tree size_overflow_type, bool before) +{ + gimple_stmt_iterator gsi; @@ -120572,7 +124082,7 @@ index 0000000..73f0a12 + return cast_to_new_size_overflow_type(visited, oldstmt, rhs1, dst_type, before); +} + -+tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) ++tree dup_assign(struct visited *visited, gassign *oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) +{ + gimple stmt; + gimple_stmt_iterator gsi; @@ -120641,13 +124151,14 @@ index 0000000..73f0a12 + assign = build_cast_stmt(visited, size_overflow_type, arg, phi_ssa_name, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); + -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static tree use_phi_ssa_name(struct visited *visited, tree ssa_name_var, tree new_arg) +{ + gimple_stmt_iterator gsi; -+ gimple assign, def_stmt = get_def_stmt(new_arg); ++ gimple assign; ++ gimple def_stmt = get_def_stmt(new_arg); + + if (gimple_code(def_stmt) == GIMPLE_PHI) { + gsi = gsi_after_labels(gimple_bb(def_stmt)); @@ -120658,7 +124169,7 @@ index 0000000..73f0a12 + } + + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static tree cast_visited_phi_arg(struct visited *visited, tree ssa_name_var, tree arg, tree size_overflow_type) @@ -120675,13 +124186,12 @@ index 0000000..73f0a12 + + assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + -+static tree create_new_phi_arg(struct visited *visited, tree ssa_name_var, tree new_arg, gimple oldstmt, unsigned int i) ++static tree create_new_phi_arg(struct visited *visited, tree ssa_name_var, tree new_arg, gphi *oldstmt, unsigned int i) +{ -+ tree size_overflow_type; -+ tree arg; ++ tree size_overflow_type, arg; + const_gimple def_stmt; + + if (new_arg != NULL_TREE && is_gimple_constant(new_arg)) @@ -120698,7 +124208,7 @@ index 0000000..73f0a12 + case GIMPLE_NOP: { + basic_block bb; + -+ bb = gimple_phi_arg_edge(oldstmt, i)->src; ++ bb = gimple_phi_arg_edge(as_a_gphi(oldstmt), i)->src; + return cast_parm_decl(visited, ssa_name_var, arg, size_overflow_type, bb); + } + case GIMPLE_ASM: { @@ -120708,7 +124218,7 @@ index 0000000..73f0a12 + gsi = gsi_for_stmt(stmt); + assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, AFTER_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); + } + default: + gcc_assert(new_arg != NULL_TREE); @@ -120717,10 +124227,10 @@ index 0000000..73f0a12 + } +} + -+static gimple overflow_create_phi_node(struct visited *visited, gimple oldstmt, tree result) ++static gphi *overflow_create_phi_node(struct visited *visited, gphi *oldstmt, tree result) +{ + basic_block bb; -+ gimple phi; ++ gphi *phi; + gimple_seq seq; + gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); + @@ -120733,7 +124243,7 @@ index 0000000..73f0a12 + result = create_new_var(size_overflow_type); + } + -+ phi = create_phi_node(result, bb); ++ phi = as_a_gphi(create_phi_node(result, bb)); + gimple_phi_set_result(phi, make_ssa_name(result, phi)); + seq = phi_nodes(bb); + gsi = gsi_last(seq); @@ -120746,12 +124256,12 @@ index 0000000..73f0a12 +} + +#if BUILDING_GCC_VERSION <= 4007 -+static tree create_new_phi_node(struct visited *visited, VEC(tree, heap) **args, tree ssa_name_var, gimple oldstmt) ++static tree create_new_phi_node(struct visited *visited, VEC(tree, heap) **args, tree ssa_name_var, gphi *oldstmt) +#else -+static tree create_new_phi_node(struct visited *visited, vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gimple oldstmt) ++static tree create_new_phi_node(struct visited *visited, vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gphi *oldstmt) +#endif +{ -+ gimple new_phi; ++ gphi *new_phi; + unsigned int i; + tree arg, result; + location_t loc = gimple_location(oldstmt); @@ -120793,7 +124303,7 @@ index 0000000..73f0a12 +#else + vec<tree, va_heap, vl_embed> *args = NULL; +#endif -+ gimple oldstmt = get_def_stmt(orig_result); ++ gphi *oldstmt = as_a_gphi(get_def_stmt(orig_result)); + unsigned int i, len = gimple_phi_num_args(oldstmt); + + pointer_set_insert(visited->stmts, oldstmt); @@ -120826,7 +124336,7 @@ index 0000000..73f0a12 +#endif +} + -+static tree create_cast_assign(struct visited *visited, gimple stmt) ++static tree create_cast_assign(struct visited *visited, gassign *stmt) +{ + tree rhs1 = gimple_assign_rhs1(stmt); + tree lhs = gimple_assign_lhs(stmt); @@ -120839,7 +124349,7 @@ index 0000000..73f0a12 + return create_assign(visited, stmt, rhs1, AFTER_STMT); +} + -+static bool skip_lhs_cast_check(const_gimple stmt) ++static bool skip_lhs_cast_check(const gassign *stmt) +{ + const_tree rhs = gimple_assign_rhs1(stmt); + const_gimple def_stmt = get_def_stmt(rhs); @@ -120873,7 +124383,7 @@ index 0000000..73f0a12 + +static void insert_cond(basic_block cond_bb, tree arg, enum tree_code cond_code, tree type_value) +{ -+ gimple cond_stmt; ++ gcond *cond_stmt; + gimple_stmt_iterator gsi = gsi_last_bb(cond_bb); + + cond_stmt = gimple_build_cond(cond_code, arg, type_value, NULL_TREE, NULL_TREE); @@ -120883,7 +124393,7 @@ index 0000000..73f0a12 + +static void insert_cond_result(struct cgraph_node *caller_node, basic_block bb_true, const_gimple stmt, const_tree arg, bool min) +{ -+ gimple func_stmt; ++ gcall *func_stmt; + const_gimple def_stmt; + const_tree loc_line; + tree loc_file, ssa_name, current_func; @@ -120921,7 +124431,7 @@ index 0000000..73f0a12 + ssa_name = create_string_param(ssa_name); + + // void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name) -+ func_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); ++ func_stmt = as_a_gcall(gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name)); + gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING); + + callee_node = cgraph_get_create_node(report_size_overflow_decl); @@ -121005,7 +124515,7 @@ index 0000000..73f0a12 + insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK); +} + -+static tree create_cast_overflow_check(struct visited *visited, struct cgraph_node *caller_node, tree new_rhs1, gimple stmt) ++static tree create_cast_overflow_check(struct visited *visited, struct cgraph_node *caller_node, tree new_rhs1, gassign *stmt) +{ + bool cast_lhs, cast_rhs; + tree lhs = gimple_assign_lhs(stmt); @@ -121058,7 +124568,7 @@ index 0000000..73f0a12 + return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); +} + -+static tree handle_unary_rhs(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++static tree handle_unary_rhs(struct visited *visited, struct cgraph_node *caller_node, gassign *stmt) +{ + enum tree_code rhs_code; + tree rhs1, new_rhs1, lhs = gimple_assign_lhs(stmt); @@ -121093,10 +124603,10 @@ index 0000000..73f0a12 + return create_cast_overflow_check(visited, caller_node, new_rhs1, stmt); +} + -+static tree handle_unary_ops(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++static tree handle_unary_ops(struct visited *visited, struct cgraph_node *caller_node, gassign *stmt) +{ + tree rhs1, lhs = gimple_assign_lhs(stmt); -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP); + rhs1 = gimple_assign_rhs1(def_stmt); @@ -121155,7 +124665,7 @@ index 0000000..73f0a12 +} + +// Skip duplication when there is a minus expr and the type of rhs1 or rhs2 is a pointer_type. -+static bool is_a_ptr_minus(gimple stmt) ++static bool is_a_ptr_minus(gassign *stmt) +{ + const_tree rhs1, rhs2, ptr1_rhs, ptr2_rhs; + @@ -121183,7 +124693,7 @@ index 0000000..73f0a12 +{ + enum intentional_overflow_type res; + tree rhs1, rhs2, new_lhs; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + tree new_rhs1 = NULL_TREE; + tree new_rhs2 = NULL_TREE; + @@ -121224,13 +124734,13 @@ index 0000000..73f0a12 + res = add_mul_intentional_overflow(def_stmt); + if (res != NO_INTENTIONAL_OVERFLOW) { + new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+ insert_cast_expr(visited, get_def_stmt(new_lhs), res); ++ insert_cast_expr(visited, as_a_gassign(get_def_stmt(new_lhs)), res); + return new_lhs; + } + + if (skip_expr_on_double_type(def_stmt)) { + new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+ insert_cast_expr(visited, get_def_stmt(new_lhs), NO_INTENTIONAL_OVERFLOW); ++ insert_cast_expr(visited, as_a_gassign(get_def_stmt(new_lhs)), NO_INTENTIONAL_OVERFLOW); + return new_lhs; + } + @@ -121267,7 +124777,7 @@ index 0000000..73f0a12 +static tree handle_ternary_ops(struct visited *visited, struct cgraph_node *caller_node, tree lhs) +{ + tree rhs1, rhs2, rhs3, new_rhs1, new_rhs2, new_rhs3, size_overflow_type; -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + + size_overflow_type = get_size_overflow_type(visited, def_stmt, lhs); + @@ -121346,7 +124856,7 @@ index 0000000..73f0a12 + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return handle_unary_ops(visited, caller_node, def_stmt); ++ return handle_unary_ops(visited, caller_node, as_a_gassign(def_stmt)); + case 3: + return handle_binary_ops(visited, caller_node, lhs); +#if BUILDING_GCC_VERSION >= 4006 @@ -121363,16 +124873,17 @@ index 0000000..73f0a12 + diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c new file mode 100644 -index 0000000..df50164 +index 0000000..e1e6e19 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c -@@ -0,0 +1,1141 @@ +@@ -0,0 +1,1157 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: + * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * https://github.com/ephox-gcc-plugins + * + * Documentation: + * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 @@ -121396,8 +124907,8 @@ index 0000000..df50164 + +unsigned int call_count; + -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs); -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs); ++static void set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree lhs); ++static void walk_use_def(gimple_set *visited, struct interesting_node *cur_node, tree lhs); + +struct visited_fns { + struct visited_fns *next; @@ -121567,9 +125078,9 @@ index 0000000..df50164 + return cnodes; +} + -+static void walk_phi_set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree result) ++static void walk_phi_set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree result) +{ -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, phi); @@ -121585,7 +125096,7 @@ index 0000000..df50164 +}; + +// Search for constants, cast assignments and binary/ternary assignments -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs) ++static void set_conditions(gimple_set *visited, bool *interesting_conditions, const_tree lhs) +{ + gimple def_stmt = get_def_stmt(lhs); + @@ -121602,7 +125113,7 @@ index 0000000..df50164 + + switch (gimple_code(def_stmt)) { + case GIMPLE_CALL: -+ if (lhs == gimple_call_lhs(def_stmt)) ++ if (lhs == gimple_call_lhs(as_a_const_gcall(def_stmt))) + interesting_conditions[RET] = true; + return; + case GIMPLE_NOP: @@ -121611,11 +125122,13 @@ index 0000000..df50164 + case GIMPLE_PHI: + interesting_conditions[PHI] = true; + return walk_phi_set_conditions(visited, interesting_conditions, lhs); -+ case GIMPLE_ASSIGN: -+ if (gimple_num_ops(def_stmt) == 2) { -+ const_tree rhs = gimple_assign_rhs1(def_stmt); ++ case GIMPLE_ASSIGN: { ++ gassign *assign = as_a_gassign(def_stmt); ++ ++ if (gimple_num_ops(assign) == 2) { ++ const_tree rhs = gimple_assign_rhs1(assign); + -+ if (gimple_assign_cast_p(def_stmt)) ++ if (gimple_assign_cast_p(assign)) + interesting_conditions[CAST] = true; + + return set_conditions(visited, interesting_conditions, rhs); @@ -121623,6 +125136,7 @@ index 0000000..df50164 + interesting_conditions[NOT_UNARY] = true; + return; + } ++ } + default: + debug_gimple_stmt(def_stmt); + gcc_unreachable(); @@ -121632,7 +125146,7 @@ index 0000000..df50164 +// determine whether duplication will be necessary or not. +static void search_interesting_conditions(struct interesting_node *cur_node, bool *interesting_conditions) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + if (gimple_assign_cast_p(cur_node->first_stmt)) + interesting_conditions[CAST] = true; @@ -121645,9 +125159,9 @@ index 0000000..df50164 +} + +// Remove the size_overflow asm stmt and create an assignment from the input and output of the asm -+static void replace_size_overflow_asm_with_assign(gimple asm_stmt, tree lhs, tree rhs) ++static void replace_size_overflow_asm_with_assign(gasm *asm_stmt, tree lhs, tree rhs) +{ -+ gimple assign; ++ gassign *assign; + gimple_stmt_iterator gsi; + + // already removed @@ -121688,13 +125202,13 @@ index 0000000..df50164 + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ def_stmt = get_def_stmt(gimple_assign_rhs1(def_stmt)); ++ def_stmt = get_def_stmt(gimple_assign_rhs1(as_a_gassign(def_stmt))); + return def_stmt && gimple_code(def_stmt) == GIMPLE_ASM; +} + -+static void walk_use_def_phi(struct pointer_set_t *visited, struct interesting_node *cur_node, tree result) ++static void walk_use_def_phi(gimple_set *visited, struct interesting_node *cur_node, tree result) +{ -+ gimple phi = get_def_stmt(result); ++ gphi *phi = as_a_gphi(get_def_stmt(result)); + unsigned int i, n = gimple_phi_num_args(phi); + + pointer_set_insert(visited, phi); @@ -121705,9 +125219,9 @@ index 0000000..df50164 + } +} + -+static void walk_use_def_binary(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++static void walk_use_def_binary(gimple_set *visited, struct interesting_node *cur_node, tree lhs) +{ -+ gimple def_stmt = get_def_stmt(lhs); ++ gassign *def_stmt = as_a_gassign(get_def_stmt(lhs)); + tree rhs1, rhs2; + + rhs1 = gimple_assign_rhs1(def_stmt); @@ -121756,16 +125270,16 @@ index 0000000..df50164 +} + +// a size_overflow asm stmt in the control flow doesn't stop the recursion -+static void handle_asm_stmt(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs, const_gimple stmt) ++static void handle_asm_stmt(gimple_set *visited, struct interesting_node *cur_node, tree lhs, const gasm *stmt) +{ -+ if (!is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) != GIMPLE_ASM || !is_size_overflow_asm(stmt)) + walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); +} + +/* collect the parm_decls and fndecls (for checking a missing size_overflow attribute (ret or arg) or intentional_overflow) + * and component refs (for checking the intentional_overflow attribute). + */ -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++static void walk_use_def(gimple_set *visited, struct interesting_node *cur_node, tree lhs) +{ + const_gimple def_stmt; + @@ -121785,9 +125299,9 @@ index 0000000..df50164 + case GIMPLE_NOP: + return walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); + case GIMPLE_ASM: -+ return handle_asm_stmt(visited, cur_node, lhs, def_stmt); ++ return handle_asm_stmt(visited, cur_node, lhs, as_a_const_gasm(def_stmt)); + case GIMPLE_CALL: { -+ tree fndecl = gimple_call_fndecl(def_stmt); ++ tree fndecl = gimple_call_fndecl(as_a_const_gcall(def_stmt)); + + if (fndecl == NULL_TREE) + return; @@ -121799,7 +125313,7 @@ index 0000000..df50164 + case GIMPLE_ASSIGN: + switch (gimple_num_ops(def_stmt)) { + case 2: -+ return walk_use_def(visited, cur_node, gimple_assign_rhs1(def_stmt)); ++ return walk_use_def(visited, cur_node, gimple_assign_rhs1(as_a_const_gassign(def_stmt))); + case 3: + return walk_use_def_binary(visited, cur_node, lhs); + } @@ -121813,7 +125327,7 @@ index 0000000..df50164 +// Collect all the last nodes for checking the intentional_overflow and size_overflow attributes +static void set_last_nodes(struct interesting_node *cur_node) +{ -+ struct pointer_set_t *visited; ++ gimple_set *visited; + + visited = pointer_set_create(); + walk_use_def(visited, cur_node, cur_node->node); @@ -121866,7 +125380,7 @@ index 0000000..df50164 + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); + + assign = build_cast_stmt(visited, orig_type, new_node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + +static void change_orig_node(struct visited *visited, struct interesting_node *cur_node, tree new_node) @@ -121877,10 +125391,10 @@ index 0000000..df50164 + + switch (gimple_code(stmt)) { + case GIMPLE_RETURN: -+ gimple_return_set_retval(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ gimple_return_set_retval(as_a_greturn(stmt), cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + case GIMPLE_CALL: -+ gimple_call_set_arg(stmt, cur_node->num - 1, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ gimple_call_set_arg(as_a_gcall(stmt), cur_node->num - 1, cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + case GIMPLE_ASSIGN: + switch (cur_node->num) { @@ -121899,7 +125413,7 @@ index 0000000..df50164 + gcc_unreachable(); + } + -+ set_rhs(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ set_rhs(as_a_gassign(stmt), cast_to_orig_type(visited, stmt, orig_node, new_node)); + break; + default: + debug_gimple_stmt(stmt); @@ -121986,7 +125500,7 @@ index 0000000..df50164 + intentional_attr_cur_fndecl: intentional_overflow attribute of the caller function + intentional_mark_from_gimple: the intentional overflow type of size_overflow asm stmt from gimple if it exists + */ -+static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gimple asm_stmt) ++static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gasm *asm_stmt) +{ + struct interesting_node *new_node; + tree fndecl; @@ -122006,7 +125520,7 @@ index 0000000..df50164 + return head; + + if (is_gimple_call(first_stmt)) -+ fndecl = gimple_call_fndecl(first_stmt); ++ fndecl = gimple_call_fndecl(as_a_const_gcall(first_stmt)); + else + fndecl = current_function_decl; + @@ -122042,7 +125556,7 @@ index 0000000..df50164 +/* Check the ret stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). + * If the ret stmt is in the next cgraph node list then it's an interesting ret. + */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, greturn *stmt, struct next_cgraph_node *next_node) +{ + struct next_cgraph_node *cur_node; + tree ret = gimple_return_retval(stmt); @@ -122063,7 +125577,7 @@ index 0000000..df50164 +/* Check the call stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). + * If the call stmt is in the next cgraph node list then it's an interesting call. + */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gcall *stmt, struct next_cgraph_node *next_node) +{ + unsigned int argnum; + tree arg; @@ -122099,7 +125613,7 @@ index 0000000..df50164 +} + +// Get the index of the rhs node in an assignment -+static unsigned int get_assign_ops_count(const_gimple stmt, tree node) ++static unsigned int get_assign_ops_count(const gassign *stmt, tree node) +{ + const_tree rhs1, rhs2; + unsigned int ret; @@ -122127,7 +125641,7 @@ index 0000000..df50164 +} + +// Find the correct arg number of a call stmt. It is needed when the interesting function is a cloned function. -+static unsigned int find_arg_number_gimple(const_tree arg, const_gimple stmt) ++static unsigned int find_arg_number_gimple(const_tree arg, const gcall *stmt) +{ + unsigned int i; + @@ -122150,7 +125664,7 @@ index 0000000..df50164 +/* starting from the size_overflow asm stmt collect interesting stmts. They can be + * any of return, call or assignment stmts (because of inlining). + */ -+static struct interesting_node *get_interesting_ret_or_call(struct pointer_set_t *visited, struct interesting_node *head, tree node, gimple intentional_asm) ++static struct interesting_node *get_interesting_ret_or_call(tree_set *visited, struct interesting_node *head, tree node, gasm *intentional_asm) +{ + use_operand_p use_p; + imm_use_iterator imm_iter; @@ -122171,28 +125685,31 @@ index 0000000..df50164 + + switch (gimple_code(stmt)) { + case GIMPLE_CALL: -+ argnum = find_arg_number_gimple(node, stmt); ++ argnum = find_arg_number_gimple(node, as_a_gcall(stmt)); + head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); + break; + case GIMPLE_RETURN: + head = create_new_interesting_node(head, stmt, node, 0, intentional_asm); + break; + case GIMPLE_ASSIGN: -+ argnum = get_assign_ops_count(stmt, node); ++ argnum = get_assign_ops_count(as_a_const_gassign(stmt), node); + head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); + break; + case GIMPLE_PHI: { -+ tree result = gimple_phi_result(stmt); ++ tree result = gimple_phi_result(as_a_gphi(stmt)); + head = get_interesting_ret_or_call(visited, head, result, intentional_asm); + break; + } -+ case GIMPLE_ASM: -+ if (gimple_asm_noutputs(stmt) != 0) ++ case GIMPLE_ASM: { ++ gasm *asm_stmt = as_a_gasm(stmt); ++ ++ if (gimple_asm_noutputs(asm_stmt) != 0) + break; -+ if (!is_size_overflow_asm(stmt)) ++ if (!is_size_overflow_asm(asm_stmt)) + break; -+ head = create_new_interesting_node(head, stmt, node, 1, intentional_asm); ++ head = create_new_interesting_node(head, asm_stmt, node, 1, intentional_asm); + break; ++ } + case GIMPLE_COND: + case GIMPLE_SWITCH: + break; @@ -122207,66 +125724,71 @@ index 0000000..df50164 + +static void remove_size_overflow_asm(gimple stmt) +{ ++ gasm *asm_stmt; + gimple_stmt_iterator gsi; + tree input, output; + -+ if (!is_size_overflow_asm(stmt)) ++ if (gimple_code(stmt) != GIMPLE_ASM) + return; + -+ if (gimple_asm_noutputs(stmt) == 0) { -+ gsi = gsi_for_stmt(stmt); -+ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), stmt); ++ asm_stmt = as_a_gasm(stmt); ++ if (!is_size_overflow_asm(asm_stmt)) ++ return; ++ ++ if (gimple_asm_noutputs(asm_stmt) == 0) { ++ gsi = gsi_for_stmt(asm_stmt); ++ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), asm_stmt); + gsi_remove(&gsi, true); + return; + } + -+ input = gimple_asm_input_op(stmt, 0); -+ output = gimple_asm_output_op(stmt, 0); -+ replace_size_overflow_asm_with_assign(stmt, TREE_VALUE(output), TREE_VALUE(input)); ++ input = gimple_asm_input_op(asm_stmt, 0); ++ output = gimple_asm_output_op(asm_stmt, 0); ++ replace_size_overflow_asm_with_assign(asm_stmt, TREE_VALUE(output), TREE_VALUE(input)); +} + +/* handle the size_overflow asm stmts from the gimple pass and collect the interesting stmts. + * If the asm stmt is a parm_decl kind (noutputs == 0) then remove it. + * If it is a simple asm stmt then replace it with an assignment from the asm input to the asm output. + */ -+static struct interesting_node *handle_stmt_by_size_overflow_asm(gimple stmt, struct interesting_node *head) ++static struct interesting_node *handle_stmt_by_size_overflow_asm(gasm *asm_stmt, struct interesting_node *head) +{ + const_tree output; -+ struct pointer_set_t *visited; -+ gimple intentional_asm = NOT_INTENTIONAL_ASM; ++ tree_set *visited; ++ gasm *intentional_asm = NOT_INTENTIONAL_ASM; + -+ if (!is_size_overflow_asm(stmt)) ++ if (!is_size_overflow_asm(asm_stmt)) + return head; + -+ if (is_size_overflow_intentional_asm_yes(stmt) || is_size_overflow_intentional_asm_turn_off(stmt)) -+ intentional_asm = stmt; ++ if (is_size_overflow_intentional_asm_yes(asm_stmt) || is_size_overflow_intentional_asm_turn_off(asm_stmt)) ++ intentional_asm = asm_stmt; + -+ gcc_assert(gimple_asm_ninputs(stmt) == 1); ++ gcc_assert(gimple_asm_ninputs(asm_stmt) == 1); + -+ if (gimple_asm_noutputs(stmt) == 0 && is_size_overflow_intentional_asm_turn_off(stmt)) ++ if (gimple_asm_noutputs(asm_stmt) == 0 && is_size_overflow_intentional_asm_turn_off(asm_stmt)) + return head; + -+ if (gimple_asm_noutputs(stmt) == 0) { ++ if (gimple_asm_noutputs(asm_stmt) == 0) { + const_tree input; + -+ if (!is_size_overflow_intentional_asm_turn_off(stmt)) ++ if (!is_size_overflow_intentional_asm_turn_off(asm_stmt)) + return head; + -+ input = gimple_asm_input_op(stmt, 0); -+ remove_size_overflow_asm(stmt); ++ input = gimple_asm_input_op(asm_stmt, 0); ++ remove_size_overflow_asm(asm_stmt); + if (is_gimple_constant(TREE_VALUE(input))) + return head; -+ visited = pointer_set_create(); ++ visited = tree_pointer_set_create(); + head = get_interesting_ret_or_call(visited, head, TREE_VALUE(input), intentional_asm); + pointer_set_destroy(visited); + return head; + } + -+ if (!is_size_overflow_intentional_asm_yes(stmt) && !is_size_overflow_intentional_asm_turn_off(stmt)) -+ remove_size_overflow_asm(stmt); ++ if (!is_size_overflow_intentional_asm_yes(asm_stmt) && !is_size_overflow_intentional_asm_turn_off(asm_stmt)) ++ remove_size_overflow_asm(asm_stmt); + -+ visited = pointer_set_create(); -+ output = gimple_asm_output_op(stmt, 0); ++ visited = tree_pointer_set_create(); ++ output = gimple_asm_output_op(asm_stmt, 0); + head = get_interesting_ret_or_call(visited, head, TREE_VALUE(output), intentional_asm); + pointer_set_destroy(visited); + return head; @@ -122290,14 +125812,14 @@ index 0000000..df50164 + code = gimple_code(stmt); + + if (code == GIMPLE_ASM) -+ head = handle_stmt_by_size_overflow_asm(stmt, head); ++ head = handle_stmt_by_size_overflow_asm(as_a_gasm(stmt), head); + + if (!next_node) + continue; + if (code == GIMPLE_CALL) -+ head = handle_stmt_by_cgraph_nodes_call(head, stmt, next_node); ++ head = handle_stmt_by_cgraph_nodes_call(head, as_a_gcall(stmt), next_node); + if (code == GIMPLE_RETURN) -+ head = handle_stmt_by_cgraph_nodes_ret(head, stmt, next_node); ++ head = handle_stmt_by_cgraph_nodes_ret(head, as_a_greturn(stmt), next_node); + } + } + return head; @@ -122434,7 +125956,6 @@ index 0000000..df50164 + struct visited_fns *visited_fns = NULL; + + FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { -+ gcc_assert(cgraph_function_flags_ready); +#if BUILDING_GCC_VERSION <= 4007 + gcc_assert(node->reachable); +#endif @@ -122447,6 +125968,7 @@ index 0000000..df50164 +} + +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data insert_size_overflow_check_data = { +#else +static struct ipa_opt_pass_d insert_size_overflow_check = { @@ -122457,7 +125979,8 @@ index 0000000..df50164 +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -122490,36 +126013,40 @@ index 0000000..df50164 +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class insert_size_overflow_check : public ipa_opt_pass_d { +public: + insert_size_overflow_check() : ipa_opt_pass_d(insert_size_overflow_check_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return search_function(); } ++#else + unsigned int execute() { return search_function(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_insert_size_overflow_check(void) ++opt_pass *make_insert_size_overflow_check(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new insert_size_overflow_check(); ++} +#else ++struct opt_pass *make_insert_size_overflow_check(void) ++{ + return &insert_size_overflow_check.pass; -+#endif +} -+ ++#endif diff --git a/tools/gcc/size_overflow_plugin/intentional_overflow.c b/tools/gcc/size_overflow_plugin/intentional_overflow.c new file mode 100644 -index 0000000..d71d72a +index 0000000..eb62680 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/intentional_overflow.c -@@ -0,0 +1,736 @@ +@@ -0,0 +1,748 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: + * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * https://github.com/ephox-gcc-plugins + * + * Documentation: + * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 @@ -122564,7 +126091,7 @@ index 0000000..d71d72a + if (param_head == NULL_TREE) + return false; + -+ if (TREE_INT_CST_HIGH(TREE_VALUE(param_head)) == -1) ++ if (tree_to_shwi(TREE_VALUE(param_head)) == -1) + return true; + return false; +} @@ -122756,13 +126283,15 @@ index 0000000..d71d72a +{ + const_tree rhs1, lhs, rhs1_type, lhs_type; + enum machine_mode lhs_mode, rhs_mode; ++ const gassign *assign; + gimple def_stmt = get_def_stmt(no_const_rhs); + + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ lhs = gimple_assign_lhs(def_stmt); ++ assign = as_a_const_gassign(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ lhs = gimple_assign_lhs(assign); + rhs1_type = TREE_TYPE(rhs1); + lhs_type = TREE_TYPE(lhs); + rhs_mode = TYPE_MODE(rhs1_type); @@ -122786,7 +126315,7 @@ index 0000000..d71d72a + return num; + if (is_gimple_debug(use_stmt)) + continue; -+ if (gimple_assign_cast_p(use_stmt) && is_size_overflow_type(gimple_assign_lhs(use_stmt))) ++ if (gimple_assign_cast_p(use_stmt) && is_size_overflow_type(gimple_assign_lhs(as_a_const_gassign(use_stmt)))) + continue; + num++; + } @@ -122802,12 +126331,14 @@ index 0000000..d71d72a +bool is_const_plus_unsigned_signed_truncation(const_tree lhs) +{ + tree rhs1, lhs_type, rhs_type, rhs2, not_const_rhs; ++ gassign *assign; + gimple def_stmt = get_def_stmt(lhs); + + if (!def_stmt || !gimple_assign_cast_p(def_stmt)) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ assign = as_a_gassign(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); + rhs_type = TREE_TYPE(rhs1); + lhs_type = TREE_TYPE(lhs); + if (TYPE_UNSIGNED(lhs_type) || !TYPE_UNSIGNED(rhs_type)) @@ -122819,11 +126350,12 @@ index 0000000..d71d72a + if (!def_stmt || !is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 3) + return false; + -+ if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR) ++ assign = as_a_gassign(def_stmt); ++ if (gimple_assign_rhs_code(assign) != PLUS_EXPR) + return false; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ rhs2 = gimple_assign_rhs2(assign); + if (!is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) + return false; + @@ -122880,7 +126412,7 @@ index 0000000..d71d72a + return false; +} + -+bool is_a_constant_overflow(const_gimple stmt, const_tree rhs) ++bool is_a_constant_overflow(const gassign *stmt, const_tree rhs) +{ + if (gimple_assign_rhs_code(stmt) == MIN_EXPR) + return false; @@ -122894,7 +126426,7 @@ index 0000000..d71d72a + return true; +} + -+static tree change_assign_rhs(struct visited *visited, gimple stmt, const_tree orig_rhs, tree new_rhs) ++static tree change_assign_rhs(struct visited *visited, gassign *stmt, const_tree orig_rhs, tree new_rhs) +{ + gimple assign; + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); @@ -122904,10 +126436,10 @@ index 0000000..d71d72a + + assign = build_cast_stmt(visited, origtype, new_rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); + pointer_set_insert(visited->my_stmts, assign); -+ return gimple_assign_lhs(assign); ++ return get_lhs(assign); +} + -+tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2) ++tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gassign *stmt, tree change_rhs, tree new_rhs2) +{ + tree new_rhs, orig_rhs; + void (*gimple_assign_set_rhs)(gimple, tree); @@ -122938,9 +126470,10 @@ index 0000000..d71d72a + return create_assign(visited, stmt, lhs, AFTER_STMT); +} + -+static bool is_subtraction_special(struct visited *visited, const_gimple stmt) ++static bool is_subtraction_special(struct visited *visited, const gassign *stmt) +{ -+ gimple rhs1_def_stmt, rhs2_def_stmt; ++ gimple def_stmt_1, def_stmt_2; ++ const gassign *rhs1_def_stmt, *rhs2_def_stmt; + const_tree rhs1_def_stmt_rhs1, rhs2_def_stmt_rhs1, rhs1_def_stmt_lhs, rhs2_def_stmt_lhs; + enum machine_mode rhs1_def_stmt_rhs1_mode, rhs2_def_stmt_rhs1_mode, rhs1_def_stmt_lhs_mode, rhs2_def_stmt_lhs_mode; + const_tree rhs1 = gimple_assign_rhs1(stmt); @@ -122954,15 +126487,18 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) + return false; + -+ rhs1_def_stmt = get_def_stmt(rhs1); -+ rhs2_def_stmt = get_def_stmt(rhs2); -+ if (!gimple_assign_cast_p(rhs1_def_stmt) || !gimple_assign_cast_p(rhs2_def_stmt)) ++ def_stmt_1 = get_def_stmt(rhs1); ++ def_stmt_2 = get_def_stmt(rhs2); ++ if (!gimple_assign_cast_p(def_stmt_1) || !gimple_assign_cast_p(def_stmt_2)) + return false; + ++ rhs1_def_stmt = as_a_const_gassign(def_stmt_1); ++ rhs2_def_stmt = as_a_const_gassign(def_stmt_2); + rhs1_def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); + rhs2_def_stmt_rhs1 = gimple_assign_rhs1(rhs2_def_stmt); + rhs1_def_stmt_lhs = gimple_assign_lhs(rhs1_def_stmt); + rhs2_def_stmt_lhs = gimple_assign_lhs(rhs2_def_stmt); ++ + rhs1_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_rhs1)); + rhs2_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_rhs1)); + rhs1_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_lhs)); @@ -122977,15 +126513,15 @@ index 0000000..d71d72a + return true; +} + -+static gimple create_binary_assign(struct visited *visited, enum tree_code code, gimple stmt, tree rhs1, tree rhs2) ++static gassign *create_binary_assign(struct visited *visited, enum tree_code code, gassign *stmt, tree rhs1, tree rhs2) +{ -+ gimple assign; ++ gassign *assign; + gimple_stmt_iterator gsi = gsi_for_stmt(stmt); + tree type = TREE_TYPE(rhs1); + tree lhs = create_new_var(type); + + gcc_assert(types_compatible_p(type, TREE_TYPE(rhs2))); -+ assign = gimple_build_assign_with_ops(code, lhs, rhs1, rhs2); ++ assign = as_a_gassign(gimple_build_assign_with_ops(code, lhs, rhs1, rhs2)); + gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); + + gsi_insert_before(&gsi, assign, GSI_NEW_STMT); @@ -123005,11 +126541,11 @@ index 0000000..d71d72a + + gsi = gsi_for_stmt(stmt); + cast_stmt = build_cast_stmt(visited, intTI_type_node, node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ pointer_set_insert(visited->my_stmts, cast_stmt); -+ return gimple_assign_lhs(cast_stmt); ++ pointer_set_insert(visited->my_stmts, (gimple)cast_stmt); ++ return get_lhs(cast_stmt); +} + -+static tree get_def_stmt_rhs(struct visited *visited, const_tree var) ++static tree get_def_stmt_rhs(const_tree var) +{ + tree rhs1, def_stmt_rhs1; + gimple rhs1_def_stmt, def_stmt_rhs1_def_stmt, def_stmt; @@ -123017,14 +126553,13 @@ index 0000000..d71d72a + def_stmt = get_def_stmt(var); + if (!gimple_assign_cast_p(def_stmt)) + return NULL_TREE; -+ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP && pointer_set_contains(visited->my_stmts, def_stmt) && gimple_assign_cast_p(def_stmt)); + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs1 = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + rhs1_def_stmt = get_def_stmt(rhs1); + if (!gimple_assign_cast_p(rhs1_def_stmt)) + return rhs1; + -+ def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); ++ def_stmt_rhs1 = gimple_assign_rhs1(as_a_const_gassign(rhs1_def_stmt)); + def_stmt_rhs1_def_stmt = get_def_stmt(def_stmt_rhs1); + + switch (gimple_code(def_stmt_rhs1_def_stmt)) { @@ -123045,7 +126580,7 @@ index 0000000..d71d72a +{ + tree new_rhs1, new_rhs2; + tree new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1, new_lhs; -+ gimple assign, stmt = get_def_stmt(lhs); ++ gassign *assign, *stmt = as_a_gassign(get_def_stmt(lhs)); + tree rhs1 = gimple_assign_rhs1(stmt); + tree rhs2 = gimple_assign_rhs2(stmt); + @@ -123055,8 +126590,8 @@ index 0000000..d71d72a + new_rhs1 = expand(visited, caller_node, rhs1); + new_rhs2 = expand(visited, caller_node, rhs2); + -+ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs1); -+ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs2); ++ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs1); ++ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs2); + + if (new_rhs1_def_stmt_rhs1 == NULL_TREE || new_rhs2_def_stmt_rhs1 == NULL_TREE) + return NULL_TREE; @@ -123099,6 +126634,7 @@ index 0000000..d71d72a + const_tree res; + tree rhs1, rhs2, def_rhs1, def_rhs2, const_rhs, def_const_rhs; + const_gimple def_stmt; ++ const gassign *assign, *def_assign; + + if (!stmt || gimple_code(stmt) == GIMPLE_NOP) + return false; @@ -123107,8 +126643,9 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(stmt) != MULT_EXPR) + return false; + -+ rhs1 = gimple_assign_rhs1(stmt); -+ rhs2 = gimple_assign_rhs2(stmt); ++ assign = as_a_const_gassign(stmt); ++ rhs1 = gimple_assign_rhs1(assign); ++ rhs2 = gimple_assign_rhs2(assign); + if (is_gimple_constant(rhs1)) { + const_rhs = rhs1; + def_stmt = get_def_stmt(rhs2); @@ -123124,8 +126661,9 @@ index 0000000..d71d72a + if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR && gimple_assign_rhs_code(def_stmt) != MINUS_EXPR) + return false; + -+ def_rhs1 = gimple_assign_rhs1(def_stmt); -+ def_rhs2 = gimple_assign_rhs2(def_stmt); ++ def_assign = as_a_const_gassign(def_stmt); ++ def_rhs1 = gimple_assign_rhs1(def_assign); ++ def_rhs2 = gimple_assign_rhs2(def_assign); + if (is_gimple_constant(def_rhs1)) + def_const_rhs = def_rhs1; + else if (is_gimple_constant(def_rhs2)) @@ -123133,13 +126671,13 @@ index 0000000..d71d72a + else + return false; + -+ res = fold_binary_loc(gimple_location(def_stmt), MULT_EXPR, TREE_TYPE(const_rhs), const_rhs, def_const_rhs); ++ res = fold_binary_loc(gimple_location(def_assign), MULT_EXPR, TREE_TYPE(const_rhs), const_rhs, def_const_rhs); + if (is_lt_signed_type_max(res) && is_gt_zero(res)) + return false; + return true; +} + -+enum intentional_overflow_type add_mul_intentional_overflow(const_gimple stmt) ++enum intentional_overflow_type add_mul_intentional_overflow(const gassign *stmt) +{ + const_gimple def_stmt_1, def_stmt_2; + const_tree rhs1, rhs2; @@ -123205,17 +126743,17 @@ index 0000000..d71d72a + + if (!is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 2) + return false; -+ rhs = gimple_assign_rhs1(def_stmt); ++ rhs = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + def_stmt = get_def_stmt(rhs); + if (!def_stmt) + return false; + return is_call_or_cast(def_stmt); +} + -+void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt) ++void unsigned_signed_cast_intentional_overflow(struct visited *visited, gassign *stmt) +{ + unsigned int use_num; -+ gimple so_stmt; ++ gassign *so_stmt; + const_gimple def_stmt; + const_tree rhs1, rhs2; + tree rhs = gimple_assign_rhs1(stmt); @@ -123236,31 +126774,32 @@ index 0000000..d71d72a + if (!is_gimple_assign(def_stmt)) + return; + -+ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs1 = gimple_assign_rhs1(as_a_const_gassign(def_stmt)); + if (!is_unsigned_cast_or_call_def_stmt(rhs1)) + return; + -+ rhs2 = gimple_assign_rhs2(def_stmt); ++ rhs2 = gimple_assign_rhs2(as_a_const_gassign(def_stmt)); + if (!is_unsigned_cast_or_call_def_stmt(rhs2)) + return; + if (gimple_num_ops(def_stmt) == 3 && !is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) + return; + -+ so_stmt = get_dup_stmt(visited, stmt); ++ so_stmt = as_a_gassign(get_dup_stmt(visited, stmt)); + create_up_and_down_cast(visited, so_stmt, lhs_type, gimple_assign_rhs1(so_stmt)); +} + diff --git a/tools/gcc/size_overflow_plugin/misc.c b/tools/gcc/size_overflow_plugin/misc.c new file mode 100644 -index 0000000..4bddad2 +index 0000000..253b4a8b --- /dev/null +++ b/tools/gcc/size_overflow_plugin/misc.c -@@ -0,0 +1,203 @@ +@@ -0,0 +1,219 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -123294,6 +126833,20 @@ index 0000000..4bddad2 + current_function_decl = NULL_TREE; +} + ++tree get_lhs(const_gimple stmt) ++{ ++ switch (gimple_code(stmt)) { ++ case GIMPLE_ASSIGN: ++ case GIMPLE_CALL: ++ return gimple_get_lhs(as_a_const_gassign(stmt)); ++ case GIMPLE_PHI: ++ return gimple_phi_result(as_a_const_gphi(stmt)); ++ default: ++ debug_gimple_stmt((gimple)stmt); ++ gcc_unreachable(); ++ } ++} ++ +static bool is_bool(const_tree node) +{ + const_tree type; @@ -123405,7 +126958,8 @@ index 0000000..4bddad2 + +gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force) +{ -+ gimple assign, def_stmt; ++ gimple def_stmt; ++ gassign *assign; + + gcc_assert(dst_type != NULL_TREE && rhs != NULL_TREE); + gcc_assert(!is_gimple_constant(rhs)); @@ -123461,15 +127015,16 @@ index 0000000..4bddad2 + diff --git a/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c new file mode 100644 -index 0000000..7c9e6d1 +index 0000000..de5999d --- /dev/null +++ b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c -@@ -0,0 +1,138 @@ +@@ -0,0 +1,139 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -123487,7 +127042,7 @@ index 0000000..7c9e6d1 +#include "gcc-common.h" +#include "size_overflow.h" + -+bool skip_expr_on_double_type(const_gimple stmt) ++bool skip_expr_on_double_type(const gassign *stmt) +{ + enum tree_code code = gimple_assign_rhs_code(stmt); + @@ -123509,19 +127064,19 @@ index 0000000..7c9e6d1 + } +} + -+void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs) ++void create_up_and_down_cast(struct visited *visited, gassign *use_stmt, tree orig_type, tree rhs) +{ + const_tree orig_rhs1; + tree down_lhs, new_lhs, dup_type = TREE_TYPE(rhs); -+ gimple down_cast, up_cast; ++ const_gimple down_cast, up_cast; + gimple_stmt_iterator gsi = gsi_for_stmt(use_stmt); + + down_cast = build_cast_stmt(visited, orig_type, rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ down_lhs = gimple_assign_lhs(down_cast); ++ down_lhs = get_lhs(down_cast); + + gsi = gsi_for_stmt(use_stmt); + up_cast = build_cast_stmt(visited, dup_type, down_lhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ new_lhs = gimple_assign_lhs(up_cast); ++ new_lhs = get_lhs(up_cast); + + orig_rhs1 = gimple_assign_rhs1(use_stmt); + if (operand_equal_p(orig_rhs1, rhs, 0)) @@ -123565,7 +127120,7 @@ index 0000000..7c9e6d1 + return new_type; +} + -+static void insert_cast_rhs(struct visited *visited, gimple stmt, tree rhs) ++static void insert_cast_rhs(struct visited *visited, gassign *stmt, tree rhs) +{ + tree type; + @@ -123580,7 +127135,7 @@ index 0000000..7c9e6d1 + create_up_and_down_cast(visited, stmt, type, rhs); +} + -+static void insert_cast(struct visited *visited, gimple stmt, tree rhs) ++static void insert_cast(struct visited *visited, gassign *stmt, tree rhs) +{ + if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && !is_size_overflow_type(rhs)) + return; @@ -123588,7 +127143,7 @@ index 0000000..7c9e6d1 + insert_cast_rhs(visited, stmt, rhs); +} + -+void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type) ++void insert_cast_expr(struct visited *visited, gassign *stmt, enum intentional_overflow_type type) +{ + tree rhs1, rhs2; + @@ -123605,10 +127160,10 @@ index 0000000..7c9e6d1 + diff --git a/tools/gcc/size_overflow_plugin/size_overflow.h b/tools/gcc/size_overflow_plugin/size_overflow.h new file mode 100644 -index 0000000..37f8fc3 +index 0000000..20732b1 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow.h -@@ -0,0 +1,127 @@ +@@ -0,0 +1,183 @@ +#ifndef SIZE_OVERFLOW_H +#define SIZE_OVERFLOW_H + @@ -123630,11 +127185,66 @@ index 0000000..37f8fc3 + NO_INTENTIONAL_OVERFLOW, RHS1_INTENTIONAL_OVERFLOW, RHS2_INTENTIONAL_OVERFLOW +}; + ++ ++#if BUILDING_GCC_VERSION >= 5000 ++typedef struct hash_set<const_gimple> gimple_set; ++ ++static inline bool pointer_set_insert(gimple_set *visited, const_gimple stmt) ++{ ++ return visited->add(stmt); ++} ++ ++static inline bool pointer_set_contains(gimple_set *visited, const_gimple stmt) ++{ ++ return visited->contains(stmt); ++} ++ ++static inline gimple_set* pointer_set_create(void) ++{ ++ return new hash_set<const_gimple>; ++} ++ ++static inline void pointer_set_destroy(gimple_set *visited) ++{ ++ delete visited; ++} ++ ++typedef struct hash_set<tree> tree_set; ++ ++static inline bool pointer_set_insert(tree_set *visited, tree node) ++{ ++ return visited->add(node); ++} ++ ++static inline bool pointer_set_contains(tree_set *visited, tree node) ++{ ++ return visited->contains(node); ++} ++ ++static inline tree_set *tree_pointer_set_create(void) ++{ ++ return new hash_set<tree>; ++} ++ ++static inline void pointer_set_destroy(tree_set *visited) ++{ ++ delete visited; ++} ++#else ++typedef struct pointer_set_t gimple_set; ++typedef struct pointer_set_t tree_set; ++ ++static inline tree_set *tree_pointer_set_create(void) ++{ ++ return pointer_set_create(); ++} ++#endif ++ +struct visited { -+ struct pointer_set_t *stmts; -+ struct pointer_set_t *my_stmts; -+ struct pointer_set_t *skip_expr_casts; -+ struct pointer_set_t *no_cast_check; ++ gimple_set *stmts; ++ gimple_set *my_stmts; ++ gimple_set *skip_expr_casts; ++ gimple_set *no_cast_check; +}; + +// size_overflow_plugin.c @@ -123665,10 +127275,10 @@ index 0000000..37f8fc3 + unsigned int num; + enum mark intentional_attr_decl; + enum mark intentional_attr_cur_fndecl; -+ gimple intentional_mark_from_gimple; ++ gasm *intentional_mark_from_gimple; +}; + -+extern bool is_size_overflow_asm(const_gimple stmt); ++extern bool is_size_overflow_asm(const gasm *stmt); +extern unsigned int get_function_num(const_tree node, const_tree orig_fndecl); +extern unsigned int get_correct_arg_count(unsigned int argnum, const_tree fndecl); +extern bool is_missing_function(const_tree orig_fndecl, unsigned int num); @@ -123683,8 +127293,8 @@ index 0000000..37f8fc3 + +// intentional_overflow.c +extern enum mark get_intentional_attr_type(const_tree node); -+extern bool is_size_overflow_intentional_asm_yes(const_gimple stmt); -+extern bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt); ++extern bool is_size_overflow_intentional_asm_yes(const gasm *stmt); ++extern bool is_size_overflow_intentional_asm_turn_off(const gasm *stmt); +extern bool is_end_intentional_intentional_attr(const_tree decl, unsigned int argnum); +extern bool is_yes_intentional_attr(const_tree decl, unsigned int argnum); +extern bool is_turn_off_intentional_attr(const_tree decl); @@ -123692,12 +127302,12 @@ index 0000000..37f8fc3 +extern void check_intentional_attribute_ipa(struct interesting_node *cur_node); +extern bool is_a_cast_and_const_overflow(const_tree no_const_rhs); +extern bool is_const_plus_unsigned_signed_truncation(const_tree lhs); -+extern bool is_a_constant_overflow(const_gimple stmt, const_tree rhs); -+extern tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2); ++extern bool is_a_constant_overflow(const gassign *stmt, const_tree rhs); ++extern tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gassign *stmt, tree change_rhs, tree new_rhs2); +extern tree handle_integer_truncation(struct visited *visited, struct cgraph_node *caller_node, const_tree lhs); +extern bool is_a_neg_overflow(const_gimple stmt, const_tree rhs); -+extern enum intentional_overflow_type add_mul_intentional_overflow(const_gimple def_stmt); -+extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt); ++extern enum intentional_overflow_type add_mul_intentional_overflow(const gassign *def_stmt); ++extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gassign *stmt); + + +// insert_size_overflow_check_ipa.c @@ -123714,6 +127324,7 @@ index 0000000..37f8fc3 +// misc.c +extern void set_current_function_decl(tree fndecl); +extern void unset_current_function_decl(void); ++extern tree get_lhs(const_gimple stmt); +extern gimple get_def_stmt(const_tree node); +extern tree create_new_var(tree type); +extern gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force); @@ -123725,28 +127336,29 @@ index 0000000..37f8fc3 +// insert_size_overflow_check_core.c +extern tree expand(struct visited *visited, struct cgraph_node *caller_node, tree lhs); +extern void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before); -+extern tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); ++extern tree dup_assign(struct visited *visited, gassign *oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); +extern tree create_assign(struct visited *visited, gimple oldstmt, tree rhs1, bool before); + + +// remove_unnecessary_dup.c +extern struct opt_pass *make_remove_unnecessary_dup_pass(void); -+extern void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type); -+extern bool skip_expr_on_double_type(const_gimple stmt); -+extern void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs); ++extern void insert_cast_expr(struct visited *visited, gassign *stmt, enum intentional_overflow_type type); ++extern bool skip_expr_on_double_type(const gassign *stmt); ++extern void create_up_and_down_cast(struct visited *visited, gassign *use_stmt, tree orig_type, tree rhs); + +#endif diff --git a/tools/gcc/size_overflow_plugin/size_overflow_debug.c b/tools/gcc/size_overflow_plugin/size_overflow_debug.c new file mode 100644 -index 0000000..4378111 +index 0000000..176c32f --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_debug.c -@@ -0,0 +1,116 @@ +@@ -0,0 +1,123 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -123763,7 +127375,7 @@ index 0000000..4378111 + +#include "gcc-common.h" + -+static unsigned int dump_functions(void) ++static unsigned int __unused dump_functions(void) +{ + struct cgraph_node *node; + @@ -123798,6 +127410,7 @@ index 0000000..4378111 +} + +#if BUILDING_GCC_VERSION >= 4009 ++namespace { +static const struct pass_data dump_pass_data = { +#else +static struct ipa_opt_pass_d dump_pass = { @@ -123808,7 +127421,8 @@ index 0000000..4378111 +#if BUILDING_GCC_VERSION >= 4008 + .optinfo_flags = OPTGROUP_NONE, +#endif -+#if BUILDING_GCC_VERSION >= 4009 ++#if BUILDING_GCC_VERSION >= 5000 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -123841,23 +127455,27 @@ index 0000000..4378111 +}; + +#if BUILDING_GCC_VERSION >= 4009 -+namespace { +class dump_pass : public ipa_opt_pass_d { +public: + dump_pass() : ipa_opt_pass_d(dump_pass_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return dump_functions(); } ++#else + unsigned int execute() { return dump_functions(); } ++#endif +}; +} -+#endif + -+struct opt_pass *make_dump_pass(void) ++opt_pass *make_dump_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new dump_pass(); ++} +#else ++struct opt_pass *make_dump_pass(void) ++{ + return &dump_pass.pass; -+#endif +} ++#endif diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 index 0000000..cd3c18f @@ -129101,15 +132719,16 @@ index 0000000..4ad4525 +zpios_read_64734 zpios_read 3 64734 NULL diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c new file mode 100644 -index 0000000..95f7abd +index 0000000..7e07890 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c -@@ -0,0 +1,259 @@ +@@ -0,0 +1,260 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -129137,7 +132756,7 @@ index 0000000..95f7abd +tree size_overflow_type_TI; + +static struct plugin_info size_overflow_plugin_info = { -+ .version = "20140725", ++ .version = "20140725_01", + .help = "no-size-overflow\tturn off size overflow checking\n", +}; + @@ -129191,7 +132810,7 @@ index 0000000..95f7abd + return NULL_TREE; + } + -+ if (TREE_INT_CST_HIGH(TREE_VALUE(args)) != 0) ++ if (tree_to_shwi(TREE_VALUE(args)) != 0) + return NULL_TREE; + + for (; args; args = TREE_CHAIN(args)) { @@ -129366,15 +132985,16 @@ index 0000000..95f7abd +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c new file mode 100644 -index 0000000..0888f6c +index 0000000..2a693fe --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c -@@ -0,0 +1,364 @@ +@@ -0,0 +1,355 @@ +/* -+ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: ++ * https://github.com/ephox-gcc-plugins + * http://www.grsecurity.net/~ephox/overflow_plugin/ + * + * Documentation: @@ -129602,43 +133222,33 @@ index 0000000..0888f6c + return CANNOT_FIND_ARG; +} + -+static const char *get_asm_string(const_gimple stmt) -+{ -+ if (!stmt) -+ return NULL; -+ if (gimple_code(stmt) != GIMPLE_ASM) -+ return NULL; -+ -+ return gimple_asm_string(stmt); -+} -+ -+bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt) ++bool is_size_overflow_intentional_asm_turn_off(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, TURN_OFF_ASM_STR, sizeof(TURN_OFF_ASM_STR) - 1); +} + -+bool is_size_overflow_intentional_asm_yes(const_gimple stmt) ++bool is_size_overflow_intentional_asm_yes(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, YES_ASM_STR, sizeof(YES_ASM_STR) - 1); +} + -+bool is_size_overflow_asm(const_gimple stmt) ++bool is_size_overflow_asm(const gasm *stmt) +{ + const char *str; + -+ str = get_asm_string(stmt); -+ if (!str) ++ if (!stmt) + return false; ++ str = gimple_asm_string(stmt); + return !strncmp(str, OK_ASM_STR, sizeof(OK_ASM_STR) - 1); +} + diff --git a/4.0.8/1007_linux-4.0.8.patch b/4.0.8/1007_linux-4.0.8.patch deleted file mode 100644 index 609598e..0000000 --- a/4.0.8/1007_linux-4.0.8.patch +++ /dev/null @@ -1,2139 +0,0 @@ -diff --git a/Documentation/devicetree/bindings/net/marvell-armada-370-neta.txt b/Documentation/devicetree/bindings/net/marvell-armada-370-neta.txt -index 750d577..f5a8ca2 100644 ---- a/Documentation/devicetree/bindings/net/marvell-armada-370-neta.txt -+++ b/Documentation/devicetree/bindings/net/marvell-armada-370-neta.txt -@@ -1,7 +1,7 @@ - * Marvell Armada 370 / Armada XP Ethernet Controller (NETA) - - Required properties: --- compatible: should be "marvell,armada-370-neta". -+- compatible: "marvell,armada-370-neta" or "marvell,armada-xp-neta". - - reg: address and length of the register set for the device. - - interrupts: interrupt for the device - - phy: See ethernet.txt file in the same directory. -diff --git a/Makefile b/Makefile -index bd76a8e..0e315d6 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,6 +1,6 @@ - VERSION = 4 - PATCHLEVEL = 0 --SUBLEVEL = 7 -+SUBLEVEL = 8 - EXTRAVERSION = - NAME = Hurr durr I'ma sheep - -diff --git a/arch/arm/boot/dts/armada-370-xp.dtsi b/arch/arm/boot/dts/armada-370-xp.dtsi -index 8a322ad..a038c20 100644 ---- a/arch/arm/boot/dts/armada-370-xp.dtsi -+++ b/arch/arm/boot/dts/armada-370-xp.dtsi -@@ -265,7 +265,6 @@ - }; - - eth0: ethernet@70000 { -- compatible = "marvell,armada-370-neta"; - reg = <0x70000 0x4000>; - interrupts = <8>; - clocks = <&gateclk 4>; -@@ -281,7 +280,6 @@ - }; - - eth1: ethernet@74000 { -- compatible = "marvell,armada-370-neta"; - reg = <0x74000 0x4000>; - interrupts = <10>; - clocks = <&gateclk 3>; -diff --git a/arch/arm/boot/dts/armada-370.dtsi b/arch/arm/boot/dts/armada-370.dtsi -index 27397f1..3773025 100644 ---- a/arch/arm/boot/dts/armada-370.dtsi -+++ b/arch/arm/boot/dts/armada-370.dtsi -@@ -306,6 +306,14 @@ - dmacap,memset; - }; - }; -+ -+ ethernet@70000 { -+ compatible = "marvell,armada-370-neta"; -+ }; -+ -+ ethernet@74000 { -+ compatible = "marvell,armada-370-neta"; -+ }; - }; - }; - }; -diff --git a/arch/arm/boot/dts/armada-xp-mv78260.dtsi b/arch/arm/boot/dts/armada-xp-mv78260.dtsi -index 4a7cbed..1676d30 100644 ---- a/arch/arm/boot/dts/armada-xp-mv78260.dtsi -+++ b/arch/arm/boot/dts/armada-xp-mv78260.dtsi -@@ -319,7 +319,7 @@ - }; - - eth3: ethernet@34000 { -- compatible = "marvell,armada-370-neta"; -+ compatible = "marvell,armada-xp-neta"; - reg = <0x34000 0x4000>; - interrupts = <14>; - clocks = <&gateclk 1>; -diff --git a/arch/arm/boot/dts/armada-xp-mv78460.dtsi b/arch/arm/boot/dts/armada-xp-mv78460.dtsi -index 36ce63a..d41fe88 100644 ---- a/arch/arm/boot/dts/armada-xp-mv78460.dtsi -+++ b/arch/arm/boot/dts/armada-xp-mv78460.dtsi -@@ -357,7 +357,7 @@ - }; - - eth3: ethernet@34000 { -- compatible = "marvell,armada-370-neta"; -+ compatible = "marvell,armada-xp-neta"; - reg = <0x34000 0x4000>; - interrupts = <14>; - clocks = <&gateclk 1>; -diff --git a/arch/arm/boot/dts/armada-xp.dtsi b/arch/arm/boot/dts/armada-xp.dtsi -index 8291723..9ce7d5f 100644 ---- a/arch/arm/boot/dts/armada-xp.dtsi -+++ b/arch/arm/boot/dts/armada-xp.dtsi -@@ -175,7 +175,7 @@ - }; - - eth2: ethernet@30000 { -- compatible = "marvell,armada-370-neta"; -+ compatible = "marvell,armada-xp-neta"; - reg = <0x30000 0x4000>; - interrupts = <12>; - clocks = <&gateclk 2>; -@@ -218,6 +218,14 @@ - }; - }; - -+ ethernet@70000 { -+ compatible = "marvell,armada-xp-neta"; -+ }; -+ -+ ethernet@74000 { -+ compatible = "marvell,armada-xp-neta"; -+ }; -+ - xor@f0900 { - compatible = "marvell,orion-xor"; - reg = <0xF0900 0x100 -diff --git a/arch/arm/kvm/interrupts.S b/arch/arm/kvm/interrupts.S -index 79caf79..f7db3a5 100644 ---- a/arch/arm/kvm/interrupts.S -+++ b/arch/arm/kvm/interrupts.S -@@ -170,13 +170,9 @@ __kvm_vcpu_return: - @ Don't trap coprocessor accesses for host kernel - set_hstr vmexit - set_hdcr vmexit -- set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11)) -+ set_hcptr vmexit, (HCPTR_TTA | HCPTR_TCP(10) | HCPTR_TCP(11)), after_vfp_restore - - #ifdef CONFIG_VFPv3 -- @ Save floating point registers we if let guest use them. -- tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11)) -- bne after_vfp_restore -- - @ Switch VFP/NEON hardware state to the host's - add r7, vcpu, #VCPU_VFP_GUEST - store_vfp_state r7 -@@ -188,6 +184,8 @@ after_vfp_restore: - @ Restore FPEXC_EN which we clobbered on entry - pop {r2} - VFPFMXR FPEXC, r2 -+#else -+after_vfp_restore: - #endif - - @ Reset Hyp-role -@@ -483,7 +481,7 @@ switch_to_guest_vfp: - push {r3-r7} - - @ NEON/VFP used. Turn on VFP access. -- set_hcptr vmexit, (HCPTR_TCP(10) | HCPTR_TCP(11)) -+ set_hcptr vmtrap, (HCPTR_TCP(10) | HCPTR_TCP(11)) - - @ Switch VFP/NEON hardware state to the guest's - add r7, r0, #VCPU_VFP_HOST -diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S -index 14d4883..f6f1481 100644 ---- a/arch/arm/kvm/interrupts_head.S -+++ b/arch/arm/kvm/interrupts_head.S -@@ -599,8 +599,13 @@ ARM_BE8(rev r6, r6 ) - .endm - - /* Configures the HCPTR (Hyp Coprocessor Trap Register) on entry/return -- * (hardware reset value is 0). Keep previous value in r2. */ --.macro set_hcptr operation, mask -+ * (hardware reset value is 0). Keep previous value in r2. -+ * An ISB is emited on vmexit/vmtrap, but executed on vmexit only if -+ * VFP wasn't already enabled (always executed on vmtrap). -+ * If a label is specified with vmexit, it is branched to if VFP wasn't -+ * enabled. -+ */ -+.macro set_hcptr operation, mask, label = none - mrc p15, 4, r2, c1, c1, 2 - ldr r3, =\mask - .if \operation == vmentry -@@ -609,6 +614,17 @@ ARM_BE8(rev r6, r6 ) - bic r3, r2, r3 @ Don't trap defined coproc-accesses - .endif - mcr p15, 4, r3, c1, c1, 2 -+ .if \operation != vmentry -+ .if \operation == vmexit -+ tst r2, #(HCPTR_TCP(10) | HCPTR_TCP(11)) -+ beq 1f -+ .endif -+ isb -+ .if \label != none -+ b \label -+ .endif -+1: -+ .endif - .endm - - /* Configures the HDCR (Hyp Debug Configuration Register) on entry/return -diff --git a/arch/arm/kvm/psci.c b/arch/arm/kvm/psci.c -index 02fa8ef..531e922 100644 ---- a/arch/arm/kvm/psci.c -+++ b/arch/arm/kvm/psci.c -@@ -230,10 +230,6 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu) - case PSCI_0_2_FN64_AFFINITY_INFO: - val = kvm_psci_vcpu_affinity_info(vcpu); - break; -- case PSCI_0_2_FN_MIGRATE: -- case PSCI_0_2_FN64_MIGRATE: -- val = PSCI_RET_NOT_SUPPORTED; -- break; - case PSCI_0_2_FN_MIGRATE_INFO_TYPE: - /* - * Trusted OS is MP hence does not require migration -@@ -242,10 +238,6 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu) - */ - val = PSCI_0_2_TOS_MP; - break; -- case PSCI_0_2_FN_MIGRATE_INFO_UP_CPU: -- case PSCI_0_2_FN64_MIGRATE_INFO_UP_CPU: -- val = PSCI_RET_NOT_SUPPORTED; -- break; - case PSCI_0_2_FN_SYSTEM_OFF: - kvm_psci_system_off(vcpu); - /* -@@ -271,7 +263,8 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu) - ret = 0; - break; - default: -- return -EINVAL; -+ val = PSCI_RET_NOT_SUPPORTED; -+ break; - } - - *vcpu_reg(vcpu, 0) = val; -@@ -291,12 +284,9 @@ static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu) - case KVM_PSCI_FN_CPU_ON: - val = kvm_psci_vcpu_on(vcpu); - break; -- case KVM_PSCI_FN_CPU_SUSPEND: -- case KVM_PSCI_FN_MIGRATE: -+ default: - val = PSCI_RET_NOT_SUPPORTED; - break; -- default: -- return -EINVAL; - } - - *vcpu_reg(vcpu, 0) = val; -diff --git a/arch/arm/mach-imx/clk-imx6q.c b/arch/arm/mach-imx/clk-imx6q.c -index d04a430..3a3f88c 100644 ---- a/arch/arm/mach-imx/clk-imx6q.c -+++ b/arch/arm/mach-imx/clk-imx6q.c -@@ -439,7 +439,7 @@ static void __init imx6q_clocks_init(struct device_node *ccm_node) - clk[IMX6QDL_CLK_GPMI_IO] = imx_clk_gate2("gpmi_io", "enfc", base + 0x78, 28); - clk[IMX6QDL_CLK_GPMI_APB] = imx_clk_gate2("gpmi_apb", "usdhc3", base + 0x78, 30); - clk[IMX6QDL_CLK_ROM] = imx_clk_gate2("rom", "ahb", base + 0x7c, 0); -- clk[IMX6QDL_CLK_SATA] = imx_clk_gate2("sata", "ipg", base + 0x7c, 4); -+ clk[IMX6QDL_CLK_SATA] = imx_clk_gate2("sata", "ahb", base + 0x7c, 4); - clk[IMX6QDL_CLK_SDMA] = imx_clk_gate2("sdma", "ahb", base + 0x7c, 6); - clk[IMX6QDL_CLK_SPBA] = imx_clk_gate2("spba", "ipg", base + 0x7c, 12); - clk[IMX6QDL_CLK_SPDIF] = imx_clk_gate2("spdif", "spdif_podf", base + 0x7c, 14); -diff --git a/arch/arm/mach-mvebu/pm-board.c b/arch/arm/mach-mvebu/pm-board.c -index 6dfd4ab..301ab38 100644 ---- a/arch/arm/mach-mvebu/pm-board.c -+++ b/arch/arm/mach-mvebu/pm-board.c -@@ -43,6 +43,9 @@ static void mvebu_armada_xp_gp_pm_enter(void __iomem *sdram_reg, u32 srcmd) - for (i = 0; i < ARMADA_XP_GP_PIC_NR_GPIOS; i++) - ackcmd |= BIT(pic_raw_gpios[i]); - -+ srcmd = cpu_to_le32(srcmd); -+ ackcmd = cpu_to_le32(ackcmd); -+ - /* - * Wait a while, the PIC needs quite a bit of time between the - * two GPIO commands. -diff --git a/arch/arm/mach-tegra/cpuidle-tegra20.c b/arch/arm/mach-tegra/cpuidle-tegra20.c -index 4f25a7c..a351eff 100644 ---- a/arch/arm/mach-tegra/cpuidle-tegra20.c -+++ b/arch/arm/mach-tegra/cpuidle-tegra20.c -@@ -35,6 +35,7 @@ - #include "iomap.h" - #include "irq.h" - #include "pm.h" -+#include "reset.h" - #include "sleep.h" - - #ifdef CONFIG_PM_SLEEP -@@ -71,15 +72,13 @@ static struct cpuidle_driver tegra_idle_driver = { - - #ifdef CONFIG_PM_SLEEP - #ifdef CONFIG_SMP --static void __iomem *pmc = IO_ADDRESS(TEGRA_PMC_BASE); -- - static int tegra20_reset_sleeping_cpu_1(void) - { - int ret = 0; - - tegra_pen_lock(); - -- if (readl(pmc + PMC_SCRATCH41) == CPU_RESETTABLE) -+ if (readb(tegra20_cpu1_resettable_status) == CPU_RESETTABLE) - tegra20_cpu_shutdown(1); - else - ret = -EINVAL; -diff --git a/arch/arm/mach-tegra/reset-handler.S b/arch/arm/mach-tegra/reset-handler.S -index 71be4af..e3070fd 100644 ---- a/arch/arm/mach-tegra/reset-handler.S -+++ b/arch/arm/mach-tegra/reset-handler.S -@@ -169,10 +169,10 @@ after_errata: - cmp r6, #TEGRA20 - bne 1f - /* If not CPU0, don't let CPU0 reset CPU1 now that CPU1 is coming up. */ -- mov32 r5, TEGRA_PMC_BASE -- mov r0, #0 -+ mov32 r5, TEGRA_IRAM_BASE + TEGRA_IRAM_RESET_HANDLER_OFFSET -+ mov r0, #CPU_NOT_RESETTABLE - cmp r10, #0 -- strne r0, [r5, #PMC_SCRATCH41] -+ strneb r0, [r5, #__tegra20_cpu1_resettable_status_offset] - 1: - #endif - -@@ -281,6 +281,10 @@ __tegra_cpu_reset_handler_data: - .rept TEGRA_RESET_DATA_SIZE - .long 0 - .endr -+ .globl __tegra20_cpu1_resettable_status_offset -+ .equ __tegra20_cpu1_resettable_status_offset, \ -+ . - __tegra_cpu_reset_handler_start -+ .byte 0 - .align L1_CACHE_SHIFT - - ENTRY(__tegra_cpu_reset_handler_end) -diff --git a/arch/arm/mach-tegra/reset.h b/arch/arm/mach-tegra/reset.h -index 76a9343..29c3dec 100644 ---- a/arch/arm/mach-tegra/reset.h -+++ b/arch/arm/mach-tegra/reset.h -@@ -35,6 +35,7 @@ extern unsigned long __tegra_cpu_reset_handler_data[TEGRA_RESET_DATA_SIZE]; - - void __tegra_cpu_reset_handler_start(void); - void __tegra_cpu_reset_handler(void); -+void __tegra20_cpu1_resettable_status_offset(void); - void __tegra_cpu_reset_handler_end(void); - void tegra_secondary_startup(void); - -@@ -47,6 +48,9 @@ void tegra_secondary_startup(void); - (IO_ADDRESS(TEGRA_IRAM_BASE + TEGRA_IRAM_RESET_HANDLER_OFFSET + \ - ((u32)&__tegra_cpu_reset_handler_data[TEGRA_RESET_MASK_LP2] - \ - (u32)__tegra_cpu_reset_handler_start))) -+#define tegra20_cpu1_resettable_status \ -+ (IO_ADDRESS(TEGRA_IRAM_BASE + TEGRA_IRAM_RESET_HANDLER_OFFSET + \ -+ (u32)__tegra20_cpu1_resettable_status_offset)) - #endif - - #define tegra_cpu_reset_handler_offset \ -diff --git a/arch/arm/mach-tegra/sleep-tegra20.S b/arch/arm/mach-tegra/sleep-tegra20.S -index be4bc5f..e6b684e 100644 ---- a/arch/arm/mach-tegra/sleep-tegra20.S -+++ b/arch/arm/mach-tegra/sleep-tegra20.S -@@ -97,9 +97,10 @@ ENDPROC(tegra20_hotplug_shutdown) - ENTRY(tegra20_cpu_shutdown) - cmp r0, #0 - reteq lr @ must not be called for CPU 0 -- mov32 r1, TEGRA_PMC_VIRT + PMC_SCRATCH41 -+ mov32 r1, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r2, =__tegra20_cpu1_resettable_status_offset - mov r12, #CPU_RESETTABLE -- str r12, [r1] -+ strb r12, [r1, r2] - - cpu_to_halt_reg r1, r0 - ldr r3, =TEGRA_FLOW_CTRL_VIRT -@@ -182,38 +183,41 @@ ENDPROC(tegra_pen_unlock) - /* - * tegra20_cpu_clear_resettable(void) - * -- * Called to clear the "resettable soon" flag in PMC_SCRATCH41 when -+ * Called to clear the "resettable soon" flag in IRAM variable when - * it is expected that the secondary CPU will be idle soon. - */ - ENTRY(tegra20_cpu_clear_resettable) -- mov32 r1, TEGRA_PMC_VIRT + PMC_SCRATCH41 -+ mov32 r1, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r2, =__tegra20_cpu1_resettable_status_offset - mov r12, #CPU_NOT_RESETTABLE -- str r12, [r1] -+ strb r12, [r1, r2] - ret lr - ENDPROC(tegra20_cpu_clear_resettable) - - /* - * tegra20_cpu_set_resettable_soon(void) - * -- * Called to set the "resettable soon" flag in PMC_SCRATCH41 when -+ * Called to set the "resettable soon" flag in IRAM variable when - * it is expected that the secondary CPU will be idle soon. - */ - ENTRY(tegra20_cpu_set_resettable_soon) -- mov32 r1, TEGRA_PMC_VIRT + PMC_SCRATCH41 -+ mov32 r1, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r2, =__tegra20_cpu1_resettable_status_offset - mov r12, #CPU_RESETTABLE_SOON -- str r12, [r1] -+ strb r12, [r1, r2] - ret lr - ENDPROC(tegra20_cpu_set_resettable_soon) - - /* - * tegra20_cpu_is_resettable_soon(void) - * -- * Returns true if the "resettable soon" flag in PMC_SCRATCH41 has been -+ * Returns true if the "resettable soon" flag in IRAM variable has been - * set because it is expected that the secondary CPU will be idle soon. - */ - ENTRY(tegra20_cpu_is_resettable_soon) -- mov32 r1, TEGRA_PMC_VIRT + PMC_SCRATCH41 -- ldr r12, [r1] -+ mov32 r1, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r2, =__tegra20_cpu1_resettable_status_offset -+ ldrb r12, [r1, r2] - cmp r12, #CPU_RESETTABLE_SOON - moveq r0, #1 - movne r0, #0 -@@ -256,9 +260,10 @@ ENTRY(tegra20_sleep_cpu_secondary_finish) - mov r0, #TEGRA_FLUSH_CACHE_LOUIS - bl tegra_disable_clean_inv_dcache - -- mov32 r0, TEGRA_PMC_VIRT + PMC_SCRATCH41 -+ mov32 r0, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r4, =__tegra20_cpu1_resettable_status_offset - mov r3, #CPU_RESETTABLE -- str r3, [r0] -+ strb r3, [r0, r4] - - bl tegra_cpu_do_idle - -@@ -274,10 +279,10 @@ ENTRY(tegra20_sleep_cpu_secondary_finish) - - bl tegra_pen_lock - -- mov32 r3, TEGRA_PMC_VIRT -- add r0, r3, #PMC_SCRATCH41 -+ mov32 r0, TEGRA_IRAM_RESET_BASE_VIRT -+ ldr r4, =__tegra20_cpu1_resettable_status_offset - mov r3, #CPU_NOT_RESETTABLE -- str r3, [r0] -+ strb r3, [r0, r4] - - bl tegra_pen_unlock - -diff --git a/arch/arm/mach-tegra/sleep.h b/arch/arm/mach-tegra/sleep.h -index 92d46ec..0d59360 100644 ---- a/arch/arm/mach-tegra/sleep.h -+++ b/arch/arm/mach-tegra/sleep.h -@@ -18,6 +18,7 @@ - #define __MACH_TEGRA_SLEEP_H - - #include "iomap.h" -+#include "irammap.h" - - #define TEGRA_ARM_PERIF_VIRT (TEGRA_ARM_PERIF_BASE - IO_CPU_PHYS \ - + IO_CPU_VIRT) -@@ -29,6 +30,9 @@ - + IO_APB_VIRT) - #define TEGRA_PMC_VIRT (TEGRA_PMC_BASE - IO_APB_PHYS + IO_APB_VIRT) - -+#define TEGRA_IRAM_RESET_BASE_VIRT (IO_IRAM_VIRT + \ -+ TEGRA_IRAM_RESET_HANDLER_OFFSET) -+ - /* PMC_SCRATCH37-39 and 41 are used for tegra_pen_lock and idle */ - #define PMC_SCRATCH37 0x130 - #define PMC_SCRATCH38 0x134 -diff --git a/arch/mips/include/asm/mach-generic/spaces.h b/arch/mips/include/asm/mach-generic/spaces.h -index 9488fa5..afc96ec 100644 ---- a/arch/mips/include/asm/mach-generic/spaces.h -+++ b/arch/mips/include/asm/mach-generic/spaces.h -@@ -94,7 +94,11 @@ - #endif - - #ifndef FIXADDR_TOP -+#ifdef CONFIG_KVM_GUEST -+#define FIXADDR_TOP ((unsigned long)(long)(int)0x7ffe0000) -+#else - #define FIXADDR_TOP ((unsigned long)(long)(int)0xfffe0000) - #endif -+#endif - - #endif /* __ASM_MACH_GENERIC_SPACES_H */ -diff --git a/arch/mips/kvm/mips.c b/arch/mips/kvm/mips.c -index f5e7dda..adf3886 100644 ---- a/arch/mips/kvm/mips.c -+++ b/arch/mips/kvm/mips.c -@@ -785,7 +785,7 @@ int kvm_vm_ioctl_get_dirty_log(struct kvm *kvm, struct kvm_dirty_log *log) - - /* If nothing is dirty, don't bother messing with page tables. */ - if (is_dirty) { -- memslot = &kvm->memslots->memslots[log->slot]; -+ memslot = id_to_memslot(kvm->memslots, log->slot); - - ga = memslot->base_gfn << PAGE_SHIFT; - ga_end = ga + (memslot->npages << PAGE_SHIFT); -diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c -index 7c4f669..3cb25fd 100644 ---- a/arch/powerpc/perf/core-book3s.c -+++ b/arch/powerpc/perf/core-book3s.c -@@ -131,7 +131,16 @@ static void pmao_restore_workaround(bool ebb) { } - - static bool regs_use_siar(struct pt_regs *regs) - { -- return !!regs->result; -+ /* -+ * When we take a performance monitor exception the regs are setup -+ * using perf_read_regs() which overloads some fields, in particular -+ * regs->result to tell us whether to use SIAR. -+ * -+ * However if the regs are from another exception, eg. a syscall, then -+ * they have not been setup using perf_read_regs() and so regs->result -+ * is something random. -+ */ -+ return ((TRAP(regs) == 0xf00) && regs->result); - } - - /* -diff --git a/arch/s390/kernel/crash_dump.c b/arch/s390/kernel/crash_dump.c -index 9f73c80..49b7445 100644 ---- a/arch/s390/kernel/crash_dump.c -+++ b/arch/s390/kernel/crash_dump.c -@@ -415,7 +415,7 @@ static void *nt_s390_vx_low(void *ptr, __vector128 *vx_regs) - ptr += len; - /* Copy lower halves of SIMD registers 0-15 */ - for (i = 0; i < 16; i++) { -- memcpy(ptr, &vx_regs[i], 8); -+ memcpy(ptr, &vx_regs[i].u[2], 8); - ptr += 8; - } - return ptr; -diff --git a/arch/s390/kvm/interrupt.c b/arch/s390/kvm/interrupt.c -index e7bc2fd..b2b7ddf 100644 ---- a/arch/s390/kvm/interrupt.c -+++ b/arch/s390/kvm/interrupt.c -@@ -1037,7 +1037,7 @@ static int __inject_extcall(struct kvm_vcpu *vcpu, struct kvm_s390_irq *irq) - if (sclp_has_sigpif()) - return __inject_extcall_sigpif(vcpu, src_id); - -- if (!test_and_set_bit(IRQ_PEND_EXT_EXTERNAL, &li->pending_irqs)) -+ if (test_and_set_bit(IRQ_PEND_EXT_EXTERNAL, &li->pending_irqs)) - return -EBUSY; - *extcall = irq->u.extcall; - atomic_set_mask(CPUSTAT_EXT_INT, li->cpuflags); -diff --git a/arch/sparc/kernel/ldc.c b/arch/sparc/kernel/ldc.c -index 274a9f5..591f119f 100644 ---- a/arch/sparc/kernel/ldc.c -+++ b/arch/sparc/kernel/ldc.c -@@ -2313,7 +2313,7 @@ void *ldc_alloc_exp_dring(struct ldc_channel *lp, unsigned int len, - if (len & (8UL - 1)) - return ERR_PTR(-EINVAL); - -- buf = kzalloc(len, GFP_KERNEL); -+ buf = kzalloc(len, GFP_ATOMIC); - if (!buf) - return ERR_PTR(-ENOMEM); - -diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index b7d31ca..570c71d 100644 ---- a/arch/x86/Kconfig -+++ b/arch/x86/Kconfig -@@ -177,7 +177,7 @@ config SBUS - - config NEED_DMA_MAP_STATE - def_bool y -- depends on X86_64 || INTEL_IOMMU || DMA_API_DEBUG -+ depends on X86_64 || INTEL_IOMMU || DMA_API_DEBUG || SWIOTLB - - config NEED_SG_DMA_LENGTH - def_bool y -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index 1c0fb57..e02589d 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -583,7 +583,7 @@ struct kvm_arch { - struct kvm_pic *vpic; - struct kvm_ioapic *vioapic; - struct kvm_pit *vpit; -- int vapics_in_nmi_mode; -+ atomic_t vapics_in_nmi_mode; - struct mutex apic_map_lock; - struct kvm_apic_map *apic_map; - -diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c -index 298781d..1406ffd 100644 ---- a/arch/x86/kvm/i8254.c -+++ b/arch/x86/kvm/i8254.c -@@ -305,7 +305,7 @@ static void pit_do_work(struct kthread_work *work) - * LVT0 to NMI delivery. Other PIC interrupts are just sent to - * VCPU0, and only if its LVT0 is in EXTINT mode. - */ -- if (kvm->arch.vapics_in_nmi_mode > 0) -+ if (atomic_read(&kvm->arch.vapics_in_nmi_mode) > 0) - kvm_for_each_vcpu(i, vcpu, kvm) - kvm_apic_nmi_wd_deliver(vcpu); - } -diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index 3cb2b58..8ee4aa7 100644 ---- a/arch/x86/kvm/lapic.c -+++ b/arch/x86/kvm/lapic.c -@@ -1224,10 +1224,10 @@ static void apic_manage_nmi_watchdog(struct kvm_lapic *apic, u32 lvt0_val) - if (!nmi_wd_enabled) { - apic_debug("Receive NMI setting on APIC_LVT0 " - "for cpu %d\n", apic->vcpu->vcpu_id); -- apic->vcpu->kvm->arch.vapics_in_nmi_mode++; -+ atomic_inc(&apic->vcpu->kvm->arch.vapics_in_nmi_mode); - } - } else if (nmi_wd_enabled) -- apic->vcpu->kvm->arch.vapics_in_nmi_mode--; -+ atomic_dec(&apic->vcpu->kvm->arch.vapics_in_nmi_mode); - } - - static int apic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val) -@@ -1784,6 +1784,7 @@ void kvm_apic_post_state_restore(struct kvm_vcpu *vcpu, - apic_update_ppr(apic); - hrtimer_cancel(&apic->lapic_timer.timer); - apic_update_lvtt(apic); -+ apic_manage_nmi_watchdog(apic, kvm_apic_get_reg(apic, APIC_LVT0)); - update_divide_count(apic); - start_apic_timer(apic); - apic->irr_pending = true; -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index a4e62fc..1b32e29 100644 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -511,8 +511,10 @@ static void skip_emulated_instruction(struct kvm_vcpu *vcpu) - { - struct vcpu_svm *svm = to_svm(vcpu); - -- if (svm->vmcb->control.next_rip != 0) -+ if (svm->vmcb->control.next_rip != 0) { -+ WARN_ON(!static_cpu_has(X86_FEATURE_NRIPS)); - svm->next_rip = svm->vmcb->control.next_rip; -+ } - - if (!svm->next_rip) { - if (emulate_instruction(vcpu, EMULTYPE_SKIP) != -@@ -4310,7 +4312,9 @@ static int svm_check_intercept(struct kvm_vcpu *vcpu, - break; - } - -- vmcb->control.next_rip = info->next_rip; -+ /* TODO: Advertise NRIPS to guest hypervisor unconditionally */ -+ if (static_cpu_has(X86_FEATURE_NRIPS)) -+ vmcb->control.next_rip = info->next_rip; - vmcb->control.exit_code = icpt_info.exit_code; - vmexit = nested_svm_exit_handled(svm); - -diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c -index d939633..b33615f 100644 ---- a/arch/x86/pci/acpi.c -+++ b/arch/x86/pci/acpi.c -@@ -81,6 +81,17 @@ static const struct dmi_system_id pci_crs_quirks[] __initconst = { - DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"), - }, - }, -+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/931368 */ -+ /* https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1033299 */ -+ { -+ .callback = set_use_crs, -+ .ident = "Foxconn K8M890-8237A", -+ .matches = { -+ DMI_MATCH(DMI_BOARD_VENDOR, "Foxconn"), -+ DMI_MATCH(DMI_BOARD_NAME, "K8M890-8237A"), -+ DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"), -+ }, -+ }, - - /* Now for the blacklist.. */ - -@@ -121,8 +132,10 @@ void __init pci_acpi_crs_quirks(void) - { - int year; - -- if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008) -- pci_use_crs = false; -+ if (dmi_get_date(DMI_BIOS_DATE, &year, NULL, NULL) && year < 2008) { -+ if (iomem_resource.end <= 0xffffffff) -+ pci_use_crs = false; -+ } - - dmi_check_system(pci_crs_quirks); - -diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c -index 872c577..2c867a6 100644 ---- a/drivers/cpufreq/intel_pstate.c -+++ b/drivers/cpufreq/intel_pstate.c -@@ -534,7 +534,7 @@ static void byt_set_pstate(struct cpudata *cpudata, int pstate) - - val |= vid; - -- wrmsrl(MSR_IA32_PERF_CTL, val); -+ wrmsrl_on_cpu(cpudata->cpu, MSR_IA32_PERF_CTL, val); - } - - #define BYT_BCLK_FREQS 5 -diff --git a/drivers/cpuidle/cpuidle-powernv.c b/drivers/cpuidle/cpuidle-powernv.c -index 5937207..3442764 100644 ---- a/drivers/cpuidle/cpuidle-powernv.c -+++ b/drivers/cpuidle/cpuidle-powernv.c -@@ -60,6 +60,8 @@ static int nap_loop(struct cpuidle_device *dev, - return index; - } - -+/* Register for fastsleep only in oneshot mode of broadcast */ -+#ifdef CONFIG_TICK_ONESHOT - static int fastsleep_loop(struct cpuidle_device *dev, - struct cpuidle_driver *drv, - int index) -@@ -83,7 +85,7 @@ static int fastsleep_loop(struct cpuidle_device *dev, - - return index; - } -- -+#endif - /* - * States for dedicated partition case. - */ -@@ -209,7 +211,14 @@ static int powernv_add_idle_states(void) - powernv_states[nr_idle_states].flags = 0; - powernv_states[nr_idle_states].target_residency = 100; - powernv_states[nr_idle_states].enter = &nap_loop; -- } else if (flags[i] & OPAL_PM_SLEEP_ENABLED || -+ } -+ -+ /* -+ * All cpuidle states with CPUIDLE_FLAG_TIMER_STOP set must come -+ * within this config dependency check. -+ */ -+#ifdef CONFIG_TICK_ONESHOT -+ if (flags[i] & OPAL_PM_SLEEP_ENABLED || - flags[i] & OPAL_PM_SLEEP_ENABLED_ER1) { - /* Add FASTSLEEP state */ - strcpy(powernv_states[nr_idle_states].name, "FastSleep"); -@@ -218,7 +227,7 @@ static int powernv_add_idle_states(void) - powernv_states[nr_idle_states].target_residency = 300000; - powernv_states[nr_idle_states].enter = &fastsleep_loop; - } -- -+#endif - powernv_states[nr_idle_states].exit_latency = - ((unsigned int)latency_ns[i]) / 1000; - -diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c -index ebbae8d..9f7333a 100644 ---- a/drivers/crypto/talitos.c -+++ b/drivers/crypto/talitos.c -@@ -927,7 +927,8 @@ static int sg_to_link_tbl(struct scatterlist *sg, int sg_count, - sg_count--; - link_tbl_ptr--; - } -- be16_add_cpu(&link_tbl_ptr->len, cryptlen); -+ link_tbl_ptr->len = cpu_to_be16(be16_to_cpu(link_tbl_ptr->len) -+ + cryptlen); - - /* tag end of link table */ - link_tbl_ptr->j_extent = DESC_PTR_LNKTBL_RETURN; -@@ -2563,6 +2564,7 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, - break; - default: - dev_err(dev, "unknown algorithm type %d\n", t_alg->algt.type); -+ kfree(t_alg); - return ERR_PTR(-EINVAL); - } - -diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c -index 48882c1..13cfbf4 100644 ---- a/drivers/iommu/amd_iommu.c -+++ b/drivers/iommu/amd_iommu.c -@@ -1870,9 +1870,15 @@ static void free_pt_##LVL (unsigned long __pt) \ - pt = (u64 *)__pt; \ - \ - for (i = 0; i < 512; ++i) { \ -+ /* PTE present? */ \ - if (!IOMMU_PTE_PRESENT(pt[i])) \ - continue; \ - \ -+ /* Large PTE? */ \ -+ if (PM_PTE_LEVEL(pt[i]) == 0 || \ -+ PM_PTE_LEVEL(pt[i]) == 7) \ -+ continue; \ -+ \ - p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \ - FN(p); \ - } \ -diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c -index bd6252b..2d1b203 100644 ---- a/drivers/iommu/arm-smmu.c -+++ b/drivers/iommu/arm-smmu.c -@@ -1533,7 +1533,7 @@ static int arm_smmu_device_cfg_probe(struct arm_smmu_device *smmu) - return -ENODEV; - } - -- if ((id & ID0_S1TS) && ((smmu->version == 1) || (id & ID0_ATOSNS))) { -+ if ((id & ID0_S1TS) && ((smmu->version == 1) || !(id & ID0_ATOSNS))) { - smmu->features |= ARM_SMMU_FEAT_TRANS_OPS; - dev_notice(smmu->dev, "\taddress translation ops\n"); - } -diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c -index 0ad412a..d3a7bff 100644 ---- a/drivers/mmc/host/sdhci.c -+++ b/drivers/mmc/host/sdhci.c -@@ -846,7 +846,7 @@ static void sdhci_prepare_data(struct sdhci_host *host, struct mmc_command *cmd) - int sg_cnt; - - sg_cnt = sdhci_pre_dma_transfer(host, data, NULL); -- if (sg_cnt == 0) { -+ if (sg_cnt <= 0) { - /* - * This only happens when someone fed - * us an invalid request. -diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-desc.c b/drivers/net/ethernet/amd/xgbe/xgbe-desc.c -index d81fc6b..5c92fb7 100644 ---- a/drivers/net/ethernet/amd/xgbe/xgbe-desc.c -+++ b/drivers/net/ethernet/amd/xgbe/xgbe-desc.c -@@ -263,7 +263,7 @@ static int xgbe_alloc_pages(struct xgbe_prv_data *pdata, - int ret; - - /* Try to obtain pages, decreasing order if necessary */ -- gfp |= __GFP_COLD | __GFP_COMP; -+ gfp |= __GFP_COLD | __GFP_COMP | __GFP_NOWARN; - while (order >= 0) { - pages = alloc_pages(gfp, order); - if (pages) -diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c -index 1ec635f..196474f 100644 ---- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c -+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c -@@ -9323,7 +9323,8 @@ unload_error: - * function stop ramrod is sent, since as part of this ramrod FW access - * PTP registers. - */ -- bnx2x_stop_ptp(bp); -+ if (bp->flags & PTP_SUPPORTED) -+ bnx2x_stop_ptp(bp); - - /* Disable HW interrupts, NAPI */ - bnx2x_netif_stop(bp, 1); -diff --git a/drivers/net/ethernet/intel/igb/igb_ptp.c b/drivers/net/ethernet/intel/igb/igb_ptp.c -index d20fc8e..c365765 100644 ---- a/drivers/net/ethernet/intel/igb/igb_ptp.c -+++ b/drivers/net/ethernet/intel/igb/igb_ptp.c -@@ -540,8 +540,8 @@ static int igb_ptp_feature_enable_i210(struct ptp_clock_info *ptp, - igb->perout[i].start.tv_nsec = rq->perout.start.nsec; - igb->perout[i].period.tv_sec = ts.tv_sec; - igb->perout[i].period.tv_nsec = ts.tv_nsec; -- wr32(trgttiml, rq->perout.start.sec); -- wr32(trgttimh, rq->perout.start.nsec); -+ wr32(trgttimh, rq->perout.start.sec); -+ wr32(trgttiml, rq->perout.start.nsec); - tsauxc |= tsauxc_mask; - tsim |= tsim_mask; - } else { -diff --git a/drivers/net/ethernet/marvell/mvneta.c b/drivers/net/ethernet/marvell/mvneta.c -index 2db6532..87c7f52c 100644 ---- a/drivers/net/ethernet/marvell/mvneta.c -+++ b/drivers/net/ethernet/marvell/mvneta.c -@@ -304,6 +304,7 @@ struct mvneta_port { - unsigned int link; - unsigned int duplex; - unsigned int speed; -+ unsigned int tx_csum_limit; - }; - - /* The mvneta_tx_desc and mvneta_rx_desc structures describe the -@@ -2441,8 +2442,10 @@ static int mvneta_change_mtu(struct net_device *dev, int mtu) - - dev->mtu = mtu; - -- if (!netif_running(dev)) -+ if (!netif_running(dev)) { -+ netdev_update_features(dev); - return 0; -+ } - - /* The interface is running, so we have to force a - * reallocation of the queues -@@ -2471,9 +2474,26 @@ static int mvneta_change_mtu(struct net_device *dev, int mtu) - mvneta_start_dev(pp); - mvneta_port_up(pp); - -+ netdev_update_features(dev); -+ - return 0; - } - -+static netdev_features_t mvneta_fix_features(struct net_device *dev, -+ netdev_features_t features) -+{ -+ struct mvneta_port *pp = netdev_priv(dev); -+ -+ if (pp->tx_csum_limit && dev->mtu > pp->tx_csum_limit) { -+ features &= ~(NETIF_F_IP_CSUM | NETIF_F_TSO); -+ netdev_info(dev, -+ "Disable IP checksum for MTU greater than %dB\n", -+ pp->tx_csum_limit); -+ } -+ -+ return features; -+} -+ - /* Get mac address */ - static void mvneta_get_mac_addr(struct mvneta_port *pp, unsigned char *addr) - { -@@ -2785,6 +2805,7 @@ static const struct net_device_ops mvneta_netdev_ops = { - .ndo_set_rx_mode = mvneta_set_rx_mode, - .ndo_set_mac_address = mvneta_set_mac_addr, - .ndo_change_mtu = mvneta_change_mtu, -+ .ndo_fix_features = mvneta_fix_features, - .ndo_get_stats64 = mvneta_get_stats64, - .ndo_do_ioctl = mvneta_ioctl, - }; -@@ -3023,6 +3044,9 @@ static int mvneta_probe(struct platform_device *pdev) - } - } - -+ if (of_device_is_compatible(dn, "marvell,armada-370-neta")) -+ pp->tx_csum_limit = 1600; -+ - pp->tx_ring_size = MVNETA_MAX_TXD; - pp->rx_ring_size = MVNETA_MAX_RXD; - -@@ -3095,6 +3119,7 @@ static int mvneta_remove(struct platform_device *pdev) - - static const struct of_device_id mvneta_match[] = { - { .compatible = "marvell,armada-370-neta" }, -+ { .compatible = "marvell,armada-xp-neta" }, - { } - }; - MODULE_DEVICE_TABLE(of, mvneta_match); -diff --git a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c -index 2f1324b..f30c322 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c -+++ b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c -@@ -1971,10 +1971,6 @@ void mlx4_en_free_resources(struct mlx4_en_priv *priv) - mlx4_en_destroy_cq(priv, &priv->rx_cq[i]); - } - -- if (priv->base_tx_qpn) { -- mlx4_qp_release_range(priv->mdev->dev, priv->base_tx_qpn, priv->tx_ring_num); -- priv->base_tx_qpn = 0; -- } - } - - int mlx4_en_alloc_resources(struct mlx4_en_priv *priv) -diff --git a/drivers/net/ethernet/mellanox/mlx4/en_rx.c b/drivers/net/ethernet/mellanox/mlx4/en_rx.c -index 05ec5e1..3478c87 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/en_rx.c -+++ b/drivers/net/ethernet/mellanox/mlx4/en_rx.c -@@ -723,7 +723,7 @@ static int get_fixed_ipv6_csum(__wsum hw_checksum, struct sk_buff *skb, - } - #endif - static int check_csum(struct mlx4_cqe *cqe, struct sk_buff *skb, void *va, -- int hwtstamp_rx_filter) -+ netdev_features_t dev_features) - { - __wsum hw_checksum = 0; - -@@ -731,14 +731,8 @@ static int check_csum(struct mlx4_cqe *cqe, struct sk_buff *skb, void *va, - - hw_checksum = csum_unfold((__force __sum16)cqe->checksum); - -- if (((struct ethhdr *)va)->h_proto == htons(ETH_P_8021Q) && -- hwtstamp_rx_filter != HWTSTAMP_FILTER_NONE) { -- /* next protocol non IPv4 or IPv6 */ -- if (((struct vlan_hdr *)hdr)->h_vlan_encapsulated_proto -- != htons(ETH_P_IP) && -- ((struct vlan_hdr *)hdr)->h_vlan_encapsulated_proto -- != htons(ETH_P_IPV6)) -- return -1; -+ if (cqe->vlan_my_qpn & cpu_to_be32(MLX4_CQE_VLAN_PRESENT_MASK) && -+ !(dev_features & NETIF_F_HW_VLAN_CTAG_RX)) { - hw_checksum = get_fixed_vlan_csum(hw_checksum, hdr); - hdr += sizeof(struct vlan_hdr); - } -@@ -901,7 +895,8 @@ int mlx4_en_process_rx_cq(struct net_device *dev, struct mlx4_en_cq *cq, int bud - - if (ip_summed == CHECKSUM_COMPLETE) { - void *va = skb_frag_address(skb_shinfo(gro_skb)->frags); -- if (check_csum(cqe, gro_skb, va, ring->hwtstamp_rx_filter)) { -+ if (check_csum(cqe, gro_skb, va, -+ dev->features)) { - ip_summed = CHECKSUM_NONE; - ring->csum_none++; - ring->csum_complete--; -@@ -956,7 +951,7 @@ int mlx4_en_process_rx_cq(struct net_device *dev, struct mlx4_en_cq *cq, int bud - } - - if (ip_summed == CHECKSUM_COMPLETE) { -- if (check_csum(cqe, skb, skb->data, ring->hwtstamp_rx_filter)) { -+ if (check_csum(cqe, skb, skb->data, dev->features)) { - ip_summed = CHECKSUM_NONE; - ring->csum_complete--; - ring->csum_none++; -diff --git a/drivers/net/ethernet/mellanox/mlx4/en_tx.c b/drivers/net/ethernet/mellanox/mlx4/en_tx.c -index 8c234ec..35dd887 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/en_tx.c -+++ b/drivers/net/ethernet/mellanox/mlx4/en_tx.c -@@ -66,6 +66,7 @@ int mlx4_en_create_tx_ring(struct mlx4_en_priv *priv, - ring->size = size; - ring->size_mask = size - 1; - ring->stride = stride; -+ ring->full_size = ring->size - HEADROOM - MAX_DESC_TXBBS; - - tmp = size * sizeof(struct mlx4_en_tx_info); - ring->tx_info = kmalloc_node(tmp, GFP_KERNEL | __GFP_NOWARN, node); -@@ -180,6 +181,7 @@ void mlx4_en_destroy_tx_ring(struct mlx4_en_priv *priv, - mlx4_bf_free(mdev->dev, &ring->bf); - mlx4_qp_remove(mdev->dev, &ring->qp); - mlx4_qp_free(mdev->dev, &ring->qp); -+ mlx4_qp_release_range(priv->mdev->dev, ring->qpn, 1); - mlx4_en_unmap_buffer(&ring->wqres.buf); - mlx4_free_hwq_res(mdev->dev, &ring->wqres, ring->buf_size); - kfree(ring->bounce_buf); -@@ -231,6 +233,11 @@ void mlx4_en_deactivate_tx_ring(struct mlx4_en_priv *priv, - MLX4_QP_STATE_RST, NULL, 0, 0, &ring->qp); - } - -+static inline bool mlx4_en_is_tx_ring_full(struct mlx4_en_tx_ring *ring) -+{ -+ return ring->prod - ring->cons > ring->full_size; -+} -+ - static void mlx4_en_stamp_wqe(struct mlx4_en_priv *priv, - struct mlx4_en_tx_ring *ring, int index, - u8 owner) -@@ -473,11 +480,10 @@ static bool mlx4_en_process_tx_cq(struct net_device *dev, - - netdev_tx_completed_queue(ring->tx_queue, packets, bytes); - -- /* -- * Wakeup Tx queue if this stopped, and at least 1 packet -- * was completed -+ /* Wakeup Tx queue if this stopped, and ring is not full. - */ -- if (netif_tx_queue_stopped(ring->tx_queue) && txbbs_skipped > 0) { -+ if (netif_tx_queue_stopped(ring->tx_queue) && -+ !mlx4_en_is_tx_ring_full(ring)) { - netif_tx_wake_queue(ring->tx_queue); - ring->wake_queue++; - } -@@ -921,8 +927,7 @@ netdev_tx_t mlx4_en_xmit(struct sk_buff *skb, struct net_device *dev) - skb_tx_timestamp(skb); - - /* Check available TXBBs And 2K spare for prefetch */ -- stop_queue = (int)(ring->prod - ring_cons) > -- ring->size - HEADROOM - MAX_DESC_TXBBS; -+ stop_queue = mlx4_en_is_tx_ring_full(ring); - if (unlikely(stop_queue)) { - netif_tx_stop_queue(ring->tx_queue); - ring->queue_stopped++; -@@ -991,8 +996,7 @@ netdev_tx_t mlx4_en_xmit(struct sk_buff *skb, struct net_device *dev) - smp_rmb(); - - ring_cons = ACCESS_ONCE(ring->cons); -- if (unlikely(((int)(ring->prod - ring_cons)) <= -- ring->size - HEADROOM - MAX_DESC_TXBBS)) { -+ if (unlikely(!mlx4_en_is_tx_ring_full(ring))) { - netif_tx_wake_queue(ring->tx_queue); - ring->wake_queue++; - } -diff --git a/drivers/net/ethernet/mellanox/mlx4/intf.c b/drivers/net/ethernet/mellanox/mlx4/intf.c -index 6fce587..0d80aed 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/intf.c -+++ b/drivers/net/ethernet/mellanox/mlx4/intf.c -@@ -93,8 +93,14 @@ int mlx4_register_interface(struct mlx4_interface *intf) - mutex_lock(&intf_mutex); - - list_add_tail(&intf->list, &intf_list); -- list_for_each_entry(priv, &dev_list, dev_list) -+ list_for_each_entry(priv, &dev_list, dev_list) { -+ if (mlx4_is_mfunc(&priv->dev) && (intf->flags & MLX4_INTFF_BONDING)) { -+ mlx4_dbg(&priv->dev, -+ "SRIOV, disabling HA mode for intf proto %d\n", intf->protocol); -+ intf->flags &= ~MLX4_INTFF_BONDING; -+ } - mlx4_add_device(intf, priv); -+ } - - mutex_unlock(&intf_mutex); - -diff --git a/drivers/net/ethernet/mellanox/mlx4/mlx4_en.h b/drivers/net/ethernet/mellanox/mlx4/mlx4_en.h -index 8687c8d..0bf0fdd 100644 ---- a/drivers/net/ethernet/mellanox/mlx4/mlx4_en.h -+++ b/drivers/net/ethernet/mellanox/mlx4/mlx4_en.h -@@ -280,6 +280,7 @@ struct mlx4_en_tx_ring { - u32 size; /* number of TXBBs */ - u32 size_mask; - u16 stride; -+ u32 full_size; - u16 cqn; /* index of port CQ associated with this ring */ - u32 buf_size; - __be32 doorbell_qpn; -@@ -601,7 +602,6 @@ struct mlx4_en_priv { - int vids[128]; - bool wol; - struct device *ddev; -- int base_tx_qpn; - struct hlist_head mac_hash[MLX4_EN_MAC_HASH_SIZE]; - struct hwtstamp_config hwtstamp_config; - -diff --git a/drivers/net/phy/phy_device.c b/drivers/net/phy/phy_device.c -index bdfe51f..d551df6 100644 ---- a/drivers/net/phy/phy_device.c -+++ b/drivers/net/phy/phy_device.c -@@ -796,10 +796,11 @@ static int genphy_config_advert(struct phy_device *phydev) - if (phydev->supported & (SUPPORTED_1000baseT_Half | - SUPPORTED_1000baseT_Full)) { - adv |= ethtool_adv_to_mii_ctrl1000_t(advertise); -- if (adv != oldadv) -- changed = 1; - } - -+ if (adv != oldadv) -+ changed = 1; -+ - err = phy_write(phydev, MII_CTRL1000, adv); - if (err < 0) - return err; -diff --git a/drivers/s390/kvm/virtio_ccw.c b/drivers/s390/kvm/virtio_ccw.c -index 71d7802..5717117 100644 ---- a/drivers/s390/kvm/virtio_ccw.c -+++ b/drivers/s390/kvm/virtio_ccw.c -@@ -65,6 +65,7 @@ struct virtio_ccw_device { - bool is_thinint; - bool going_away; - bool device_lost; -+ unsigned int config_ready; - void *airq_info; - }; - -@@ -833,8 +834,11 @@ static void virtio_ccw_get_config(struct virtio_device *vdev, - if (ret) - goto out_free; - -- memcpy(vcdev->config, config_area, sizeof(vcdev->config)); -- memcpy(buf, &vcdev->config[offset], len); -+ memcpy(vcdev->config, config_area, offset + len); -+ if (buf) -+ memcpy(buf, &vcdev->config[offset], len); -+ if (vcdev->config_ready < offset + len) -+ vcdev->config_ready = offset + len; - - out_free: - kfree(config_area); -@@ -857,6 +861,9 @@ static void virtio_ccw_set_config(struct virtio_device *vdev, - if (!config_area) - goto out_free; - -+ /* Make sure we don't overwrite fields. */ -+ if (vcdev->config_ready < offset) -+ virtio_ccw_get_config(vdev, 0, NULL, offset); - memcpy(&vcdev->config[offset], buf, len); - /* Write the config area to the host. */ - memcpy(config_area, vcdev->config, sizeof(vcdev->config)); -diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c -index 175c995..ce3b407 100644 ---- a/drivers/usb/gadget/function/f_fs.c -+++ b/drivers/usb/gadget/function/f_fs.c -@@ -845,7 +845,7 @@ static ssize_t ffs_epfile_io(struct file *file, struct ffs_io_data *io_data) - ret = ep->status; - if (io_data->read && ret > 0) { - ret = copy_to_iter(data, ret, &io_data->data); -- if (unlikely(iov_iter_count(&io_data->data))) -+ if (!ret) - ret = -EFAULT; - } - } -@@ -3433,6 +3433,7 @@ done: - static void ffs_closed(struct ffs_data *ffs) - { - struct ffs_dev *ffs_obj; -+ struct f_fs_opts *opts; - - ENTER(); - ffs_dev_lock(); -@@ -3446,8 +3447,13 @@ static void ffs_closed(struct ffs_data *ffs) - if (ffs_obj->ffs_closed_callback) - ffs_obj->ffs_closed_callback(ffs); - -- if (!ffs_obj->opts || ffs_obj->opts->no_configfs -- || !ffs_obj->opts->func_inst.group.cg_item.ci_parent) -+ if (ffs_obj->opts) -+ opts = ffs_obj->opts; -+ else -+ goto done; -+ -+ if (opts->no_configfs || !opts->func_inst.group.cg_item.ci_parent -+ || !atomic_read(&opts->func_inst.group.cg_item.ci_kref.refcount)) - goto done; - - unregister_gadget_item(ffs_obj->opts-> -diff --git a/fs/dcache.c b/fs/dcache.c -index 922f23e..b05c557 100644 ---- a/fs/dcache.c -+++ b/fs/dcache.c -@@ -2896,17 +2896,6 @@ restart: - vfsmnt = &mnt->mnt; - continue; - } -- /* -- * Filesystems needing to implement special "root names" -- * should do so with ->d_dname() -- */ -- if (IS_ROOT(dentry) && -- (dentry->d_name.len != 1 || -- dentry->d_name.name[0] != '/')) { -- WARN(1, "Root dentry has weird name <%.*s>\n", -- (int) dentry->d_name.len, -- dentry->d_name.name); -- } - if (!error) - error = is_mounted(vfsmnt) ? 1 : 2; - break; -diff --git a/fs/inode.c b/fs/inode.c -index f00b16f..c60671d 100644 ---- a/fs/inode.c -+++ b/fs/inode.c -@@ -1693,8 +1693,8 @@ int file_remove_suid(struct file *file) - error = security_inode_killpriv(dentry); - if (!error && killsuid) - error = __remove_suid(dentry, killsuid); -- if (!error && (inode->i_sb->s_flags & MS_NOSEC)) -- inode->i_flags |= S_NOSEC; -+ if (!error) -+ inode_has_no_xattr(inode); - - return error; - } -diff --git a/fs/namespace.c b/fs/namespace.c -index 13b0f7b..f07c769 100644 ---- a/fs/namespace.c -+++ b/fs/namespace.c -@@ -3187,11 +3187,15 @@ bool fs_fully_visible(struct file_system_type *type) - if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root) - continue; - -- /* This mount is not fully visible if there are any child mounts -- * that cover anything except for empty directories. -+ /* This mount is not fully visible if there are any -+ * locked child mounts that cover anything except for -+ * empty directories. - */ - list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) { - struct inode *inode = child->mnt_mountpoint->d_inode; -+ /* Only worry about locked mounts */ -+ if (!(mnt->mnt.mnt_flags & MNT_LOCKED)) -+ continue; - if (!S_ISDIR(inode->i_mode)) - goto next; - if (inode->i_nlink > 2) -diff --git a/fs/ufs/balloc.c b/fs/ufs/balloc.c -index 2c10360..a7106ed 100644 ---- a/fs/ufs/balloc.c -+++ b/fs/ufs/balloc.c -@@ -51,8 +51,8 @@ void ufs_free_fragments(struct inode *inode, u64 fragment, unsigned count) - - if (ufs_fragnum(fragment) + count > uspi->s_fpg) - ufs_error (sb, "ufs_free_fragments", "internal error"); -- -- lock_ufs(sb); -+ -+ mutex_lock(&UFS_SB(sb)->s_lock); - - cgno = ufs_dtog(uspi, fragment); - bit = ufs_dtogd(uspi, fragment); -@@ -115,13 +115,13 @@ void ufs_free_fragments(struct inode *inode, u64 fragment, unsigned count) - if (sb->s_flags & MS_SYNCHRONOUS) - ubh_sync_block(UCPI_UBH(ucpi)); - ufs_mark_sb_dirty(sb); -- -- unlock_ufs(sb); -+ -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT\n"); - return; - - failed: -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT (FAILED)\n"); - return; - } -@@ -151,7 +151,7 @@ void ufs_free_blocks(struct inode *inode, u64 fragment, unsigned count) - goto failed; - } - -- lock_ufs(sb); -+ mutex_lock(&UFS_SB(sb)->s_lock); - - do_more: - overflow = 0; -@@ -211,12 +211,12 @@ do_more: - } - - ufs_mark_sb_dirty(sb); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT\n"); - return; - - failed_unlock: -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - failed: - UFSD("EXIT (FAILED)\n"); - return; -@@ -357,7 +357,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - usb1 = ubh_get_usb_first(uspi); - *err = -ENOSPC; - -- lock_ufs(sb); -+ mutex_lock(&UFS_SB(sb)->s_lock); - tmp = ufs_data_ptr_to_cpu(sb, p); - - if (count + ufs_fragnum(fragment) > uspi->s_fpb) { -@@ -378,19 +378,19 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - "fragment %llu, tmp %llu\n", - (unsigned long long)fragment, - (unsigned long long)tmp); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - return INVBLOCK; - } - if (fragment < UFS_I(inode)->i_lastfrag) { - UFSD("EXIT (ALREADY ALLOCATED)\n"); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - return 0; - } - } - else { - if (tmp) { - UFSD("EXIT (ALREADY ALLOCATED)\n"); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - return 0; - } - } -@@ -399,7 +399,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - * There is not enough space for user on the device - */ - if (!capable(CAP_SYS_RESOURCE) && ufs_freespace(uspi, UFS_MINFREE) <= 0) { -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT (FAILED)\n"); - return 0; - } -@@ -424,7 +424,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - ufs_clear_frags(inode, result + oldcount, - newcount - oldcount, locked_page != NULL); - } -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT, result %llu\n", (unsigned long long)result); - return result; - } -@@ -439,7 +439,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - fragment + count); - ufs_clear_frags(inode, result + oldcount, newcount - oldcount, - locked_page != NULL); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT, result %llu\n", (unsigned long long)result); - return result; - } -@@ -477,7 +477,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - *err = 0; - UFS_I(inode)->i_lastfrag = max(UFS_I(inode)->i_lastfrag, - fragment + count); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - if (newcount < request) - ufs_free_fragments (inode, result + newcount, request - newcount); - ufs_free_fragments (inode, tmp, oldcount); -@@ -485,7 +485,7 @@ u64 ufs_new_fragments(struct inode *inode, void *p, u64 fragment, - return result; - } - -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT (FAILED)\n"); - return 0; - } -diff --git a/fs/ufs/ialloc.c b/fs/ufs/ialloc.c -index 7caa016..fd0203c 100644 ---- a/fs/ufs/ialloc.c -+++ b/fs/ufs/ialloc.c -@@ -69,11 +69,11 @@ void ufs_free_inode (struct inode * inode) - - ino = inode->i_ino; - -- lock_ufs(sb); -+ mutex_lock(&UFS_SB(sb)->s_lock); - - if (!((ino > 1) && (ino < (uspi->s_ncg * uspi->s_ipg )))) { - ufs_warning(sb, "ufs_free_inode", "reserved inode or nonexistent inode %u\n", ino); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - return; - } - -@@ -81,7 +81,7 @@ void ufs_free_inode (struct inode * inode) - bit = ufs_inotocgoff (ino); - ucpi = ufs_load_cylinder (sb, cg); - if (!ucpi) { -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - return; - } - ucg = ubh_get_ucg(UCPI_UBH(ucpi)); -@@ -115,7 +115,7 @@ void ufs_free_inode (struct inode * inode) - ubh_sync_block(UCPI_UBH(ucpi)); - - ufs_mark_sb_dirty(sb); -- unlock_ufs(sb); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - UFSD("EXIT\n"); - } - -@@ -193,7 +193,7 @@ struct inode *ufs_new_inode(struct inode *dir, umode_t mode) - sbi = UFS_SB(sb); - uspi = sbi->s_uspi; - -- lock_ufs(sb); -+ mutex_lock(&sbi->s_lock); - - /* - * Try to place the inode in its parent directory -@@ -331,21 +331,21 @@ cg_found: - sync_dirty_buffer(bh); - brelse(bh); - } -- unlock_ufs(sb); -+ mutex_unlock(&sbi->s_lock); - - UFSD("allocating inode %lu\n", inode->i_ino); - UFSD("EXIT\n"); - return inode; - - fail_remove_inode: -- unlock_ufs(sb); -+ mutex_unlock(&sbi->s_lock); - clear_nlink(inode); - unlock_new_inode(inode); - iput(inode); - UFSD("EXIT (FAILED): err %d\n", err); - return ERR_PTR(err); - failed: -- unlock_ufs(sb); -+ mutex_unlock(&sbi->s_lock); - make_bad_inode(inode); - iput (inode); - UFSD("EXIT (FAILED): err %d\n", err); -diff --git a/fs/ufs/inode.c b/fs/ufs/inode.c -index be7d42c..2d93ab0 100644 ---- a/fs/ufs/inode.c -+++ b/fs/ufs/inode.c -@@ -902,6 +902,9 @@ void ufs_evict_inode(struct inode * inode) - invalidate_inode_buffers(inode); - clear_inode(inode); - -- if (want_delete) -+ if (want_delete) { -+ lock_ufs(inode->i_sb); - ufs_free_inode(inode); -+ unlock_ufs(inode->i_sb); -+ } - } -diff --git a/fs/ufs/namei.c b/fs/ufs/namei.c -index fd65deb..e8ee298 100644 ---- a/fs/ufs/namei.c -+++ b/fs/ufs/namei.c -@@ -128,12 +128,12 @@ static int ufs_symlink (struct inode * dir, struct dentry * dentry, - if (l > sb->s_blocksize) - goto out_notlocked; - -+ lock_ufs(dir->i_sb); - inode = ufs_new_inode(dir, S_IFLNK | S_IRWXUGO); - err = PTR_ERR(inode); - if (IS_ERR(inode)) -- goto out_notlocked; -+ goto out; - -- lock_ufs(dir->i_sb); - if (l > UFS_SB(sb)->s_uspi->s_maxsymlinklen) { - /* slow symlink */ - inode->i_op = &ufs_symlink_inode_operations; -@@ -174,7 +174,12 @@ static int ufs_link (struct dentry * old_dentry, struct inode * dir, - inode_inc_link_count(inode); - ihold(inode); - -- error = ufs_add_nondir(dentry, inode); -+ error = ufs_add_link(dentry, inode); -+ if (error) { -+ inode_dec_link_count(inode); -+ iput(inode); -+ } else -+ d_instantiate(dentry, inode); - unlock_ufs(dir->i_sb); - return error; - } -@@ -184,9 +189,13 @@ static int ufs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) - struct inode * inode; - int err; - -+ lock_ufs(dir->i_sb); -+ inode_inc_link_count(dir); -+ - inode = ufs_new_inode(dir, S_IFDIR|mode); -+ err = PTR_ERR(inode); - if (IS_ERR(inode)) -- return PTR_ERR(inode); -+ goto out_dir; - - inode->i_op = &ufs_dir_inode_operations; - inode->i_fop = &ufs_dir_operations; -@@ -194,9 +203,6 @@ static int ufs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) - - inode_inc_link_count(inode); - -- lock_ufs(dir->i_sb); -- inode_inc_link_count(dir); -- - err = ufs_make_empty(inode, dir); - if (err) - goto out_fail; -@@ -206,6 +212,7 @@ static int ufs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) - goto out_fail; - unlock_ufs(dir->i_sb); - -+ unlock_new_inode(inode); - d_instantiate(dentry, inode); - out: - return err; -@@ -215,6 +222,7 @@ out_fail: - inode_dec_link_count(inode); - unlock_new_inode(inode); - iput (inode); -+out_dir: - inode_dec_link_count(dir); - unlock_ufs(dir->i_sb); - goto out; -diff --git a/fs/ufs/super.c b/fs/ufs/super.c -index 8092d37..eb16791 100644 ---- a/fs/ufs/super.c -+++ b/fs/ufs/super.c -@@ -694,6 +694,7 @@ static int ufs_sync_fs(struct super_block *sb, int wait) - unsigned flags; - - lock_ufs(sb); -+ mutex_lock(&UFS_SB(sb)->s_lock); - - UFSD("ENTER\n"); - -@@ -711,6 +712,7 @@ static int ufs_sync_fs(struct super_block *sb, int wait) - ufs_put_cstotal(sb); - - UFSD("EXIT\n"); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - - return 0; -@@ -799,6 +801,7 @@ static int ufs_fill_super(struct super_block *sb, void *data, int silent) - UFSD("flag %u\n", (int)(sb->s_flags & MS_RDONLY)); - - mutex_init(&sbi->mutex); -+ mutex_init(&sbi->s_lock); - spin_lock_init(&sbi->work_lock); - INIT_DELAYED_WORK(&sbi->sync_work, delayed_sync_fs); - /* -@@ -1277,6 +1280,7 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - - sync_filesystem(sb); - lock_ufs(sb); -+ mutex_lock(&UFS_SB(sb)->s_lock); - uspi = UFS_SB(sb)->s_uspi; - flags = UFS_SB(sb)->s_flags; - usb1 = ubh_get_usb_first(uspi); -@@ -1290,6 +1294,7 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - new_mount_opt = 0; - ufs_set_opt (new_mount_opt, ONERROR_LOCK); - if (!ufs_parse_options (data, &new_mount_opt)) { -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return -EINVAL; - } -@@ -1297,12 +1302,14 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - new_mount_opt |= ufstype; - } else if ((new_mount_opt & UFS_MOUNT_UFSTYPE) != ufstype) { - pr_err("ufstype can't be changed during remount\n"); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return -EINVAL; - } - - if ((*mount_flags & MS_RDONLY) == (sb->s_flags & MS_RDONLY)) { - UFS_SB(sb)->s_mount_opt = new_mount_opt; -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return 0; - } -@@ -1326,6 +1333,7 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - */ - #ifndef CONFIG_UFS_FS_WRITE - pr_err("ufs was compiled with read-only support, can't be mounted as read-write\n"); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return -EINVAL; - #else -@@ -1335,11 +1343,13 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - ufstype != UFS_MOUNT_UFSTYPE_SUNx86 && - ufstype != UFS_MOUNT_UFSTYPE_UFS2) { - pr_err("this ufstype is read-only supported\n"); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return -EINVAL; - } - if (!ufs_read_cylinder_structures(sb)) { - pr_err("failed during remounting\n"); -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return -EPERM; - } -@@ -1347,6 +1357,7 @@ static int ufs_remount (struct super_block *sb, int *mount_flags, char *data) - #endif - } - UFS_SB(sb)->s_mount_opt = new_mount_opt; -+ mutex_unlock(&UFS_SB(sb)->s_lock); - unlock_ufs(sb); - return 0; - } -diff --git a/fs/ufs/ufs.h b/fs/ufs/ufs.h -index 2a07396..cf6368d 100644 ---- a/fs/ufs/ufs.h -+++ b/fs/ufs/ufs.h -@@ -30,6 +30,7 @@ struct ufs_sb_info { - int work_queued; /* non-zero if the delayed work is queued */ - struct delayed_work sync_work; /* FS sync delayed work */ - spinlock_t work_lock; /* protects sync_work and work_queued */ -+ struct mutex s_lock; - }; - - struct ufs_inode_info { -diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h -index 3573a81..8ba379f 100644 ---- a/include/net/netns/sctp.h -+++ b/include/net/netns/sctp.h -@@ -31,6 +31,7 @@ struct netns_sctp { - struct list_head addr_waitq; - struct timer_list addr_wq_timer; - struct list_head auto_asconf_splist; -+ /* Lock that protects both addr_waitq and auto_asconf_splist */ - spinlock_t addr_wq_lock; - - /* Lock that protects the local_addr_list writers */ -diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h -index 2bb2fcf..495c87e 100644 ---- a/include/net/sctp/structs.h -+++ b/include/net/sctp/structs.h -@@ -223,6 +223,10 @@ struct sctp_sock { - atomic_t pd_mode; - /* Receive to here while partial delivery is in effect. */ - struct sk_buff_head pd_lobby; -+ -+ /* These must be the last fields, as they will skipped on copies, -+ * like on accept and peeloff operations -+ */ - struct list_head auto_asconf_list; - int do_auto_asconf; - }; -diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c -index a9a4a1b..8d423bc 100644 ---- a/net/bridge/br_ioctl.c -+++ b/net/bridge/br_ioctl.c -@@ -247,9 +247,7 @@ static int old_dev_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) - if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) - return -EPERM; - -- spin_lock_bh(&br->lock); - br_stp_set_bridge_priority(br, args[1]); -- spin_unlock_bh(&br->lock); - return 0; - - case BRCTL_SET_PORT_PRIORITY: -diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c -index b0aee78..c08f510 100644 ---- a/net/bridge/br_multicast.c -+++ b/net/bridge/br_multicast.c -@@ -1166,6 +1166,9 @@ static void br_multicast_add_router(struct net_bridge *br, - struct net_bridge_port *p; - struct hlist_node *slot = NULL; - -+ if (!hlist_unhashed(&port->rlist)) -+ return; -+ - hlist_for_each_entry(p, &br->router_list, rlist) { - if ((unsigned long) port >= (unsigned long) p) - break; -@@ -1193,12 +1196,8 @@ static void br_multicast_mark_router(struct net_bridge *br, - if (port->multicast_router != 1) - return; - -- if (!hlist_unhashed(&port->rlist)) -- goto timer; -- - br_multicast_add_router(br, port); - --timer: - mod_timer(&port->multicast_router_timer, - now + br->multicast_querier_interval); - } -diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_stp_if.c -index 4114687..7832d07 100644 ---- a/net/bridge/br_stp_if.c -+++ b/net/bridge/br_stp_if.c -@@ -243,12 +243,13 @@ bool br_stp_recalculate_bridge_id(struct net_bridge *br) - return true; - } - --/* called under bridge lock */ -+/* Acquires and releases bridge lock */ - void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio) - { - struct net_bridge_port *p; - int wasroot; - -+ spin_lock_bh(&br->lock); - wasroot = br_is_root_bridge(br); - - list_for_each_entry(p, &br->port_list, list) { -@@ -266,6 +267,7 @@ void br_stp_set_bridge_priority(struct net_bridge *br, u16 newprio) - br_port_state_selection(br); - if (br_is_root_bridge(br) && !wasroot) - br_become_root_bridge(br); -+ spin_unlock_bh(&br->lock); - } - - /* called under bridge lock */ -diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 70fe9e1..d0e5d66 100644 ---- a/net/core/neighbour.c -+++ b/net/core/neighbour.c -@@ -971,6 +971,8 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) - rc = 0; - if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) - goto out_unlock_bh; -+ if (neigh->dead) -+ goto out_dead; - - if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { - if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + -@@ -1027,6 +1029,13 @@ out_unlock_bh: - write_unlock(&neigh->lock); - local_bh_enable(); - return rc; -+ -+out_dead: -+ if (neigh->nud_state & NUD_STALE) -+ goto out_unlock_bh; -+ write_unlock_bh(&neigh->lock); -+ kfree_skb(skb); -+ return 1; - } - EXPORT_SYMBOL(__neigh_event_send); - -@@ -1090,6 +1099,8 @@ int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, - if (!(flags & NEIGH_UPDATE_F_ADMIN) && - (old & (NUD_NOARP | NUD_PERMANENT))) - goto out; -+ if (neigh->dead) -+ goto out; - - if (!(new & NUD_VALID)) { - neigh_del_timer(neigh); -@@ -1239,6 +1250,8 @@ EXPORT_SYMBOL(neigh_update); - */ - void __neigh_set_probe_once(struct neighbour *neigh) - { -+ if (neigh->dead) -+ return; - neigh->updated = jiffies; - if (!(neigh->nud_state & NUD_FAILED)) - return; -diff --git a/net/core/skbuff.c b/net/core/skbuff.c -index e9f9a15..1e3abb8 100644 ---- a/net/core/skbuff.c -+++ b/net/core/skbuff.c -@@ -4443,7 +4443,7 @@ struct sk_buff *alloc_skb_with_frags(unsigned long header_len, - - while (order) { - if (npages >= 1 << order) { -- page = alloc_pages(gfp_mask | -+ page = alloc_pages((gfp_mask & ~__GFP_WAIT) | - __GFP_COMP | - __GFP_NOWARN | - __GFP_NORETRY, -diff --git a/net/core/sock.c b/net/core/sock.c -index 71e3e5f..c77d5d2 100644 ---- a/net/core/sock.c -+++ b/net/core/sock.c -@@ -1895,7 +1895,7 @@ bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t gfp) - - pfrag->offset = 0; - if (SKB_FRAG_PAGE_ORDER) { -- pfrag->page = alloc_pages(gfp | __GFP_COMP | -+ pfrag->page = alloc_pages((gfp & ~__GFP_WAIT) | __GFP_COMP | - __GFP_NOWARN | __GFP_NORETRY, - SKB_FRAG_PAGE_ORDER); - if (likely(pfrag->page)) { -diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c -index d2e49ba..61edc49 100644 ---- a/net/ipv4/af_inet.c -+++ b/net/ipv4/af_inet.c -@@ -228,6 +228,8 @@ int inet_listen(struct socket *sock, int backlog) - err = 0; - if (err) - goto out; -+ -+ tcp_fastopen_init_key_once(true); - } - err = inet_csk_listen_start(sk, backlog); - if (err) -diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c -index 5cd9927..d9e8ff3 100644 ---- a/net/ipv4/ip_sockglue.c -+++ b/net/ipv4/ip_sockglue.c -@@ -432,6 +432,15 @@ void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 port, u32 inf - kfree_skb(skb); - } - -+/* For some errors we have valid addr_offset even with zero payload and -+ * zero port. Also, addr_offset should be supported if port is set. -+ */ -+static inline bool ipv4_datagram_support_addr(struct sock_exterr_skb *serr) -+{ -+ return serr->ee.ee_origin == SO_EE_ORIGIN_ICMP || -+ serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL || serr->port; -+} -+ - /* IPv4 supports cmsg on all imcp errors and some timestamps - * - * Timestamp code paths do not initialize the fields expected by cmsg: -@@ -498,7 +507,7 @@ int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) - - serr = SKB_EXT_ERR(skb); - -- if (sin && serr->port) { -+ if (sin && ipv4_datagram_support_addr(serr)) { - sin->sin_family = AF_INET; - sin->sin_addr.s_addr = *(__be32 *)(skb_network_header(skb) + - serr->addr_offset); -diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c -index 995a225..d03a344 100644 ---- a/net/ipv4/tcp.c -+++ b/net/ipv4/tcp.c -@@ -2541,10 +2541,13 @@ static int do_tcp_setsockopt(struct sock *sk, int level, - - case TCP_FASTOPEN: - if (val >= 0 && ((1 << sk->sk_state) & (TCPF_CLOSE | -- TCPF_LISTEN))) -+ TCPF_LISTEN))) { -+ tcp_fastopen_init_key_once(true); -+ - err = fastopen_init_queue(sk, val); -- else -+ } else { - err = -EINVAL; -+ } - break; - case TCP_TIMESTAMP: - if (!tp->repair) -diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c -index ea82fd4..9c37181 100644 ---- a/net/ipv4/tcp_fastopen.c -+++ b/net/ipv4/tcp_fastopen.c -@@ -78,8 +78,6 @@ static bool __tcp_fastopen_cookie_gen(const void *path, - struct tcp_fastopen_context *ctx; - bool ok = false; - -- tcp_fastopen_init_key_once(true); -- - rcu_read_lock(); - ctx = rcu_dereference(tcp_fastopen_ctx); - if (ctx) { -diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c -index ace8dac..d174b91 100644 ---- a/net/ipv6/datagram.c -+++ b/net/ipv6/datagram.c -@@ -325,6 +325,16 @@ void ipv6_local_rxpmtu(struct sock *sk, struct flowi6 *fl6, u32 mtu) - kfree_skb(skb); - } - -+/* For some errors we have valid addr_offset even with zero payload and -+ * zero port. Also, addr_offset should be supported if port is set. -+ */ -+static inline bool ipv6_datagram_support_addr(struct sock_exterr_skb *serr) -+{ -+ return serr->ee.ee_origin == SO_EE_ORIGIN_ICMP6 || -+ serr->ee.ee_origin == SO_EE_ORIGIN_ICMP || -+ serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL || serr->port; -+} -+ - /* IPv6 supports cmsg on all origins aside from SO_EE_ORIGIN_LOCAL. - * - * At one point, excluding local errors was a quick test to identify icmp/icmp6 -@@ -389,7 +399,7 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) - - serr = SKB_EXT_ERR(skb); - -- if (sin && serr->port) { -+ if (sin && ipv6_datagram_support_addr(serr)) { - const unsigned char *nh = skb_network_header(skb); - sin->sin6_family = AF_INET6; - sin->sin6_flowinfo = 0; -diff --git a/net/netfilter/nft_rbtree.c b/net/netfilter/nft_rbtree.c -index 46214f2..2c75361 100644 ---- a/net/netfilter/nft_rbtree.c -+++ b/net/netfilter/nft_rbtree.c -@@ -37,10 +37,11 @@ static bool nft_rbtree_lookup(const struct nft_set *set, - { - const struct nft_rbtree *priv = nft_set_priv(set); - const struct nft_rbtree_elem *rbe, *interval = NULL; -- const struct rb_node *parent = priv->root.rb_node; -+ const struct rb_node *parent; - int d; - - spin_lock_bh(&nft_rbtree_lock); -+ parent = priv->root.rb_node; - while (parent != NULL) { - rbe = rb_entry(parent, struct nft_rbtree_elem, node); - -@@ -158,7 +159,6 @@ static int nft_rbtree_get(const struct nft_set *set, struct nft_set_elem *elem) - struct nft_rbtree_elem *rbe; - int d; - -- spin_lock_bh(&nft_rbtree_lock); - while (parent != NULL) { - rbe = rb_entry(parent, struct nft_rbtree_elem, node); - -@@ -173,11 +173,9 @@ static int nft_rbtree_get(const struct nft_set *set, struct nft_set_elem *elem) - !(rbe->flags & NFT_SET_ELEM_INTERVAL_END)) - nft_data_copy(&elem->data, rbe->data); - elem->flags = rbe->flags; -- spin_unlock_bh(&nft_rbtree_lock); - return 0; - } - } -- spin_unlock_bh(&nft_rbtree_lock); - return -ENOENT; - } - -diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index f8db706..bfe5c69 100644 ---- a/net/packet/af_packet.c -+++ b/net/packet/af_packet.c -@@ -1266,16 +1266,6 @@ static void packet_sock_destruct(struct sock *sk) - sk_refcnt_debug_dec(sk); - } - --static int fanout_rr_next(struct packet_fanout *f, unsigned int num) --{ -- int x = atomic_read(&f->rr_cur) + 1; -- -- if (x >= num) -- x = 0; -- -- return x; --} -- - static unsigned int fanout_demux_hash(struct packet_fanout *f, - struct sk_buff *skb, - unsigned int num) -@@ -1287,13 +1277,9 @@ static unsigned int fanout_demux_lb(struct packet_fanout *f, - struct sk_buff *skb, - unsigned int num) - { -- int cur, old; -+ unsigned int val = atomic_inc_return(&f->rr_cur); - -- cur = atomic_read(&f->rr_cur); -- while ((old = atomic_cmpxchg(&f->rr_cur, cur, -- fanout_rr_next(f, num))) != cur) -- cur = old; -- return cur; -+ return val % num; - } - - static unsigned int fanout_demux_cpu(struct packet_fanout *f, -@@ -1347,7 +1333,7 @@ static int packet_rcv_fanout(struct sk_buff *skb, struct net_device *dev, - struct packet_type *pt, struct net_device *orig_dev) - { - struct packet_fanout *f = pt->af_packet_priv; -- unsigned int num = f->num_members; -+ unsigned int num = READ_ONCE(f->num_members); - struct packet_sock *po; - unsigned int idx; - -diff --git a/net/sctp/output.c b/net/sctp/output.c -index fc5e45b..abe7c2d 100644 ---- a/net/sctp/output.c -+++ b/net/sctp/output.c -@@ -599,7 +599,9 @@ out: - return err; - no_route: - kfree_skb(nskb); -- IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES); -+ -+ if (asoc) -+ IP_INC_STATS(sock_net(asoc->base.sk), IPSTATS_MIB_OUTNOROUTES); - - /* FIXME: Returning the 'err' will effect all the associations - * associated with a socket, although only one of the paths of the -diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index aafe94b..4e56571 100644 ---- a/net/sctp/socket.c -+++ b/net/sctp/socket.c -@@ -1533,8 +1533,10 @@ static void sctp_close(struct sock *sk, long timeout) - - /* Supposedly, no process has access to the socket, but - * the net layers still may. -+ * Also, sctp_destroy_sock() needs to be called with addr_wq_lock -+ * held and that should be grabbed before socket lock. - */ -- local_bh_disable(); -+ spin_lock_bh(&net->sctp.addr_wq_lock); - bh_lock_sock(sk); - - /* Hold the sock, since sk_common_release() will put sock_put() -@@ -1544,7 +1546,7 @@ static void sctp_close(struct sock *sk, long timeout) - sk_common_release(sk); - - bh_unlock_sock(sk); -- local_bh_enable(); -+ spin_unlock_bh(&net->sctp.addr_wq_lock); - - sock_put(sk); - -@@ -3587,6 +3589,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval, - if ((val && sp->do_auto_asconf) || (!val && !sp->do_auto_asconf)) - return 0; - -+ spin_lock_bh(&sock_net(sk)->sctp.addr_wq_lock); - if (val == 0 && sp->do_auto_asconf) { - list_del(&sp->auto_asconf_list); - sp->do_auto_asconf = 0; -@@ -3595,6 +3598,7 @@ static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval, - &sock_net(sk)->sctp.auto_asconf_splist); - sp->do_auto_asconf = 1; - } -+ spin_unlock_bh(&sock_net(sk)->sctp.addr_wq_lock); - return 0; - } - -@@ -4128,18 +4132,28 @@ static int sctp_init_sock(struct sock *sk) - local_bh_disable(); - percpu_counter_inc(&sctp_sockets_allocated); - sock_prot_inuse_add(net, sk->sk_prot, 1); -+ -+ /* Nothing can fail after this block, otherwise -+ * sctp_destroy_sock() will be called without addr_wq_lock held -+ */ - if (net->sctp.default_auto_asconf) { -+ spin_lock(&sock_net(sk)->sctp.addr_wq_lock); - list_add_tail(&sp->auto_asconf_list, - &net->sctp.auto_asconf_splist); - sp->do_auto_asconf = 1; -- } else -+ spin_unlock(&sock_net(sk)->sctp.addr_wq_lock); -+ } else { - sp->do_auto_asconf = 0; -+ } -+ - local_bh_enable(); - - return 0; - } - --/* Cleanup any SCTP per socket resources. */ -+/* Cleanup any SCTP per socket resources. Must be called with -+ * sock_net(sk)->sctp.addr_wq_lock held if sp->do_auto_asconf is true -+ */ - static void sctp_destroy_sock(struct sock *sk) - { - struct sctp_sock *sp; -@@ -7202,6 +7216,19 @@ void sctp_copy_sock(struct sock *newsk, struct sock *sk, - newinet->mc_list = NULL; - } - -+static inline void sctp_copy_descendant(struct sock *sk_to, -+ const struct sock *sk_from) -+{ -+ int ancestor_size = sizeof(struct inet_sock) + -+ sizeof(struct sctp_sock) - -+ offsetof(struct sctp_sock, auto_asconf_list); -+ -+ if (sk_from->sk_family == PF_INET6) -+ ancestor_size += sizeof(struct ipv6_pinfo); -+ -+ __inet_sk_copy_descendant(sk_to, sk_from, ancestor_size); -+} -+ - /* Populate the fields of the newsk from the oldsk and migrate the assoc - * and its messages to the newsk. - */ -@@ -7216,7 +7243,6 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk, - struct sk_buff *skb, *tmp; - struct sctp_ulpevent *event; - struct sctp_bind_hashbucket *head; -- struct list_head tmplist; - - /* Migrate socket buffer sizes and all the socket level options to the - * new socket. -@@ -7224,12 +7250,7 @@ static void sctp_sock_migrate(struct sock *oldsk, struct sock *newsk, - newsk->sk_sndbuf = oldsk->sk_sndbuf; - newsk->sk_rcvbuf = oldsk->sk_rcvbuf; - /* Brute force copy old sctp opt. */ -- if (oldsp->do_auto_asconf) { -- memcpy(&tmplist, &newsp->auto_asconf_list, sizeof(tmplist)); -- inet_sk_copy_descendant(newsk, oldsk); -- memcpy(&newsp->auto_asconf_list, &tmplist, sizeof(tmplist)); -- } else -- inet_sk_copy_descendant(newsk, oldsk); -+ sctp_copy_descendant(newsk, oldsk); - - /* Restore the ep value that was overwritten with the above structure - * copy. -diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 4d1a541..2588e08 100644 ---- a/security/selinux/hooks.c -+++ b/security/selinux/hooks.c -@@ -404,6 +404,7 @@ static int selinux_is_sblabel_mnt(struct super_block *sb) - return sbsec->behavior == SECURITY_FS_USE_XATTR || - sbsec->behavior == SECURITY_FS_USE_TRANS || - sbsec->behavior == SECURITY_FS_USE_TASK || -+ sbsec->behavior == SECURITY_FS_USE_NATIVE || - /* Special handling. Genfs but also in-core setxattr handler */ - !strcmp(sb->s_type->name, "sysfs") || - !strcmp(sb->s_type->name, "pstore") || diff --git a/4.0.8/0000_README b/4.1.3/0000_README index 919b754..8d6de14 100644 --- a/4.0.8/0000_README +++ b/4.1.3/0000_README @@ -2,11 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 1007_linux-4.0.8.patch -From: http://www.kernel.org -Desc: Linux 4.0.8 - -Patch: 4420_grsecurity-3.1-4.0.8-201507111211.patch +Patch: 4420_grsecurity-3.1-4.1.3-201507251419.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.0.8/4420_grsecurity-3.1-4.0.8-201507111211.patch b/4.1.3/4420_grsecurity-3.1-4.1.3-201507251419.patch index c0c4b69..723abab 100644 --- a/4.0.8/4420_grsecurity-3.1-4.0.8-201507111211.patch +++ b/4.1.3/4420_grsecurity-3.1-4.1.3-201507251419.patch @@ -313,10 +313,10 @@ index 74b6c6d..eac0e77 100644 A typical pattern in a Kbuild file looks like this: diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt -index 4d68ec8..9546b75 100644 +index 6726139..c825c0a 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt -@@ -1203,6 +1203,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -1223,6 +1223,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. Format: <unsigned int> such that (rxsize & ~0x1fffc0) == 0. Default: 1024 @@ -330,7 +330,7 @@ index 4d68ec8..9546b75 100644 hashdist= [KNL,NUMA] Large hashes allocated during boot are distributed across NUMA nodes. Defaults on for 64-bit NUMA, off otherwise. -@@ -2300,6 +2307,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2333,6 +2340,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. noexec=on: enable non-executable mappings (default) noexec=off: disable non-executable mappings @@ -341,7 +341,7 @@ index 4d68ec8..9546b75 100644 nosmap [X86] Disable SMAP (Supervisor Mode Access Prevention) even if it is supported by processor. -@@ -2601,6 +2612,30 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2631,6 +2642,30 @@ bytes respectively. Such letter suffixes can also be entirely omitted. the specified number of seconds. This is to be used if your oopses keep scrolling off the screen. @@ -372,11 +372,44 @@ index 4d68ec8..9546b75 100644 pcbit= [HW,ISDN] pcd. [PARIDE] +diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt +index c831001..1bfbbf6 100644 +--- a/Documentation/sysctl/kernel.txt ++++ b/Documentation/sysctl/kernel.txt +@@ -41,6 +41,7 @@ show up in /proc/sys/kernel: + - kptr_restrict + - kstack_depth_to_print [ X86 only ] + - l2cr [ PPC only ] ++- modify_ldt [ X86 only ] + - modprobe ==> Documentation/debugging-modules.txt + - modules_disabled + - msg_next_id [ sysv ipc ] +@@ -391,6 +392,20 @@ This flag controls the L2 cache of G3 processor boards. If + + ============================================================== + ++modify_ldt: (X86 only) ++ ++Enables (1) or disables (0) the modify_ldt syscall. Modifying the LDT ++(Local Descriptor Table) may be needed to run a 16-bit or segmented code ++such as Dosemu or Wine. This is done via a system call which is not needed ++to run portable applications, and which can sometimes be abused to exploit ++some weaknesses of the architecture, opening new vulnerabilities. ++ ++This sysctl allows one to increase the system's security by disabling the ++system call, or to restore compatibility with specific applications when it ++was already disabled. ++ ++============================================================== ++ + modules_disabled: + + A toggle value indicating if modules are allowed to be loaded diff --git a/Makefile b/Makefile -index 0e315d6..68f608f 100644 +index e3cdec4..56ae73d 100644 --- a/Makefile +++ b/Makefile -@@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ +@@ -299,7 +299,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ HOSTCC = gcc HOSTCXX = g++ HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89 @@ -387,7 +420,7 @@ index 0e315d6..68f608f 100644 ifeq ($(shell $(HOSTCC) -v 2>&1 | grep -c "clang version"), 1) HOSTCFLAGS += -Wno-unused-value -Wno-unused-parameter \ -@@ -446,8 +448,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \ +@@ -444,8 +446,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \ # Rules shared between *config targets and build targets # Basic helpers built in scripts/ @@ -398,7 +431,7 @@ index 0e315d6..68f608f 100644 $(Q)$(MAKE) $(build)=scripts/basic $(Q)rm -f .tmp_quiet_recordmcount -@@ -622,6 +624,74 @@ endif +@@ -620,6 +622,74 @@ endif # Tell gcc to never replace conditional load with a non-conditional one KBUILD_CFLAGS += $(call cc-option,--param=allow-store-data-races=0) @@ -473,7 +506,7 @@ index 0e315d6..68f608f 100644 ifdef CONFIG_READABLE_ASM # Disable optimizations that make assembler listings hard to read. # reorder blocks reorders the control in the function -@@ -714,7 +784,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g) +@@ -712,7 +782,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g) else KBUILD_CFLAGS += -g endif @@ -482,7 +515,7 @@ index 0e315d6..68f608f 100644 endif ifdef CONFIG_DEBUG_INFO_DWARF4 KBUILD_CFLAGS += $(call cc-option, -gdwarf-4,) -@@ -884,7 +954,7 @@ export mod_sign_cmd +@@ -883,7 +953,7 @@ export mod_sign_cmd ifeq ($(KBUILD_EXTMOD),) @@ -491,7 +524,7 @@ index 0e315d6..68f608f 100644 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -@@ -934,6 +1004,8 @@ endif +@@ -933,6 +1003,8 @@ endif # The actual objects are generated when descending, # make sure no implicit rule kicks in @@ -500,7 +533,7 @@ index 0e315d6..68f608f 100644 $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Handle descending into subdirectories listed in $(vmlinux-dirs) -@@ -943,7 +1015,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; +@@ -942,7 +1014,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Error messages still appears in the original language PHONY += $(vmlinux-dirs) @@ -509,7 +542,7 @@ index 0e315d6..68f608f 100644 $(Q)$(MAKE) $(build)=$@ define filechk_kernel.release -@@ -986,10 +1058,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ +@@ -985,10 +1057,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ archprepare: archheaders archscripts prepare1 scripts_basic @@ -523,7 +556,7 @@ index 0e315d6..68f608f 100644 prepare: prepare0 # Generate some files -@@ -1103,6 +1178,8 @@ all: modules +@@ -1096,6 +1171,8 @@ all: modules # using awk while concatenating to the final file. PHONY += modules @@ -532,7 +565,7 @@ index 0e315d6..68f608f 100644 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order @$(kecho) ' Building modules, stage 2.'; -@@ -1118,7 +1195,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) +@@ -1111,7 +1188,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) # Target to prepare building external modules PHONY += modules_prepare @@ -541,7 +574,7 @@ index 0e315d6..68f608f 100644 # Target to install modules PHONY += modules_install -@@ -1184,7 +1261,10 @@ MRPROPER_FILES += .config .config.old .version .old_version \ +@@ -1177,7 +1254,10 @@ MRPROPER_FILES += .config .config.old .version .old_version \ Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \ signing_key.priv signing_key.x509 x509.genkey \ extra_certificates signing_key.x509.keyid \ @@ -553,7 +586,7 @@ index 0e315d6..68f608f 100644 # clean - Delete most, but leave enough to build external modules # -@@ -1223,7 +1303,7 @@ distclean: mrproper +@@ -1216,7 +1296,7 @@ distclean: mrproper @find $(srctree) $(RCS_FIND_IGNORE) \ \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ @@ -562,7 +595,7 @@ index 0e315d6..68f608f 100644 -type f -print | xargs rm -f -@@ -1389,6 +1469,8 @@ PHONY += $(module-dirs) modules +@@ -1382,6 +1462,8 @@ PHONY += $(module-dirs) modules $(module-dirs): crmodverdir $(objtree)/Module.symvers $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) @@ -571,7 +604,7 @@ index 0e315d6..68f608f 100644 modules: $(module-dirs) @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost -@@ -1529,17 +1611,21 @@ else +@@ -1522,17 +1604,21 @@ else target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) endif @@ -597,7 +630,7 @@ index 0e315d6..68f608f 100644 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) %.symtypes: %.c prepare scripts FORCE $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) -@@ -1551,11 +1637,15 @@ endif +@@ -1544,11 +1630,15 @@ endif $(build)=$(build-dir) # Make sure the latest headers are built for Documentation Documentation/: headers_install @@ -731,10 +764,10 @@ index 2fd00b7..cfd5069 100644 for (i = 0; i < n; i++) { diff --git a/arch/alpha/kernel/osf_sys.c b/arch/alpha/kernel/osf_sys.c -index e51f578..16c64a3 100644 +index 36dc91a..6769cb0 100644 --- a/arch/alpha/kernel/osf_sys.c +++ b/arch/alpha/kernel/osf_sys.c -@@ -1296,10 +1296,11 @@ SYSCALL_DEFINE1(old_adjtimex, struct timex32 __user *, txc_p) +@@ -1295,10 +1295,11 @@ SYSCALL_DEFINE1(old_adjtimex, struct timex32 __user *, txc_p) generic version except that we know how to honor ADDR_LIMIT_32BIT. */ static unsigned long @@ -748,7 +781,7 @@ index e51f578..16c64a3 100644 info.flags = 0; info.length = len; -@@ -1307,6 +1308,7 @@ arch_get_unmapped_area_1(unsigned long addr, unsigned long len, +@@ -1306,6 +1307,7 @@ arch_get_unmapped_area_1(unsigned long addr, unsigned long len, info.high_limit = limit; info.align_mask = 0; info.align_offset = 0; @@ -756,7 +789,7 @@ index e51f578..16c64a3 100644 return vm_unmapped_area(&info); } -@@ -1339,20 +1341,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1338,20 +1340,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, merely specific addresses, but regions of memory -- perhaps this feature should be incorporated into all ports? */ @@ -946,10 +979,10 @@ index 9d0ac09..479a962 100644 /* Allow reads even for write-only mappings */ if (!(vma->vm_flags & (VM_READ | VM_WRITE))) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig -index cf4c0c9..a87ecf5 100644 +index 45df48b..952017a 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig -@@ -1735,7 +1735,7 @@ config ALIGNMENT_TRAP +@@ -1716,7 +1716,7 @@ config ALIGNMENT_TRAP config UACCESS_WITH_MEMCPY bool "Use kernel mem{cpy,set}() for {copy_to,clear}_user()" @@ -958,7 +991,7 @@ index cf4c0c9..a87ecf5 100644 default y if CPU_FEROCEON help Implement faster copy_to_user and clear_user methods for CPU -@@ -1999,6 +1999,7 @@ config XIP_PHYS_ADDR +@@ -1951,6 +1951,7 @@ config XIP_PHYS_ADDR config KEXEC bool "Kexec system call (EXPERIMENTAL)" depends on (!SMP || PM_SLEEP_SMP) @@ -1680,10 +1713,10 @@ index 6ddbe44..b5e38b1a 100644 static inline void set_domain(unsigned val) { } static inline void modify_domain(unsigned dom, unsigned type) { } diff --git a/arch/arm/include/asm/elf.h b/arch/arm/include/asm/elf.h -index 674d03f..9a0bac0 100644 +index d2315ff..f60b47b 100644 --- a/arch/arm/include/asm/elf.h +++ b/arch/arm/include/asm/elf.h -@@ -115,7 +115,14 @@ int dump_task_regs(struct task_struct *t, elf_gregset_t *elfregs); +@@ -117,7 +117,14 @@ int dump_task_regs(struct task_struct *t, elf_gregset_t *elfregs); the loader. We need to make sure that it is out of the way of the program that it will "exec", and that there is sufficient room for the brk. */ @@ -1699,17 +1732,6 @@ index 674d03f..9a0bac0 100644 /* When the program starts, a1 contains a pointer to a function to be registered with atexit, as per the SVR4 ABI. A value of 0 means we -@@ -125,10 +132,6 @@ int dump_task_regs(struct task_struct *t, elf_gregset_t *elfregs); - extern void elf_set_personality(const struct elf32_hdr *); - #define SET_PERSONALITY(ex) elf_set_personality(&(ex)) - --struct mm_struct; --extern unsigned long arch_randomize_brk(struct mm_struct *mm); --#define arch_randomize_brk arch_randomize_brk -- - #ifdef CONFIG_MMU - #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1 - struct linux_binprm; diff --git a/arch/arm/include/asm/fncpy.h b/arch/arm/include/asm/fncpy.h index de53547..52b9a28 100644 --- a/arch/arm/include/asm/fncpy.h @@ -1725,7 +1747,7 @@ index de53547..52b9a28 100644 (unsigned long)(dest_buf) + (size)); \ \ diff --git a/arch/arm/include/asm/futex.h b/arch/arm/include/asm/futex.h -index 53e69da..3fdc896 100644 +index 4e78065..f265b48 100644 --- a/arch/arm/include/asm/futex.h +++ b/arch/arm/include/asm/futex.h @@ -46,6 +46,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, @@ -2110,10 +2132,10 @@ index 18f5a55..5072a40 100644 struct of_cpu_method { const char *method; diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h -index 72812a1..335f4f3 100644 +index bd32ede..bd90a0b 100644 --- a/arch/arm/include/asm/thread_info.h +++ b/arch/arm/include/asm/thread_info.h -@@ -77,9 +77,9 @@ struct thread_info { +@@ -74,9 +74,9 @@ struct thread_info { .flags = 0, \ .preempt_count = INIT_PREEMPT_COUNT, \ .addr_limit = KERNEL_DS, \ @@ -2126,7 +2148,7 @@ index 72812a1..335f4f3 100644 } #define init_thread_info (init_thread_union.thread_info) -@@ -155,7 +155,11 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, +@@ -152,7 +152,11 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, #define TIF_SYSCALL_AUDIT 9 #define TIF_SYSCALL_TRACEPOINT 10 #define TIF_SECCOMP 11 /* seccomp syscall filtering active */ @@ -2139,7 +2161,7 @@ index 72812a1..335f4f3 100644 #define TIF_USING_IWMMXT 17 #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ #define TIF_RESTORE_SIGMASK 20 -@@ -169,10 +173,11 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, +@@ -166,10 +170,11 @@ extern int vfp_restore_user_hwstate(struct user_vfp __user *, #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) #define _TIF_SECCOMP (1 << TIF_SECCOMP) #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) @@ -2175,7 +2197,7 @@ index 5f833f7..76e6644 100644 } diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h -index ce0786e..a80c264 100644 +index 74b17d0..57a4bf4 100644 --- a/arch/arm/include/asm/uaccess.h +++ b/arch/arm/include/asm/uaccess.h @@ -18,6 +18,7 @@ @@ -2406,7 +2428,7 @@ index a88671c..1cc895e 100644 EXPORT_SYMBOL(__get_user_1); EXPORT_SYMBOL(__get_user_2); diff --git a/arch/arm/kernel/entry-armv.S b/arch/arm/kernel/entry-armv.S -index 672b219..4aa120a 100644 +index 570306c..c87f193 100644 --- a/arch/arm/kernel/entry-armv.S +++ b/arch/arm/kernel/entry-armv.S @@ -48,6 +48,87 @@ @@ -2576,7 +2598,7 @@ index 672b219..4aa120a 100644 str r2, [sp, #S_PC] @ it's a 2x16bit instr, update @@ -547,7 +650,8 @@ ENDPROC(__und_usr) */ - .pushsection .fixup, "ax" + .pushsection .text.fixup, "ax" .align 2 -4: str r4, [sp, #S_PC] @ retry current instruction +4: pax_close_userland @@ -2770,7 +2792,7 @@ index 059c3da..8e45cfc 100644 flush_icache_range((unsigned long)base + offset, offset + length); diff --git a/arch/arm/kernel/head.S b/arch/arm/kernel/head.S -index 0196327..50ac8895 100644 +index 3637973..cb29657 100644 --- a/arch/arm/kernel/head.S +++ b/arch/arm/kernel/head.S @@ -444,7 +444,7 @@ __enable_mmu: @@ -2783,7 +2805,7 @@ index 0196327..50ac8895 100644 mcr p15, 0, r4, c2, c0, 0 @ load page table pointer #endif diff --git a/arch/arm/kernel/module.c b/arch/arm/kernel/module.c -index 2e11961..07f0704 100644 +index af791f4..3ff9821 100644 --- a/arch/arm/kernel/module.c +++ b/arch/arm/kernel/module.c @@ -38,12 +38,39 @@ @@ -2849,27 +2871,10 @@ index 69bda1a..755113a 100644 if (waddr != addr) { flush_kernel_vmap_range(waddr, twopage ? size / 2 : size); diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c -index 2bf1a16..d959d40 100644 +index f192a2a..1a40523 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c -@@ -213,6 +213,7 @@ void machine_power_off(void) - - if (pm_power_off) - pm_power_off(); -+ BUG(); - } - - /* -@@ -226,7 +227,7 @@ void machine_power_off(void) - * executing pre-reset code, and using RAM that the primary CPU's code wishes - * to use. Implementing such co-ordination would be essentially impossible. - */ --void machine_restart(char *cmd) -+__noreturn void machine_restart(char *cmd) - { - local_irq_disable(); - smp_send_stop(); -@@ -252,8 +253,8 @@ void __show_regs(struct pt_regs *regs) +@@ -105,8 +105,8 @@ void __show_regs(struct pt_regs *regs) show_regs_print_info(KERN_DEFAULT); @@ -2880,7 +2885,7 @@ index 2bf1a16..d959d40 100644 printk("pc : [<%08lx>] lr : [<%08lx>] psr: %08lx\n" "sp : %08lx ip : %08lx fp : %08lx\n", regs->ARM_pc, regs->ARM_lr, regs->ARM_cpsr, -@@ -430,12 +431,6 @@ unsigned long get_wchan(struct task_struct *p) +@@ -283,12 +283,6 @@ unsigned long get_wchan(struct task_struct *p) return 0; } @@ -2893,7 +2898,7 @@ index 2bf1a16..d959d40 100644 #ifdef CONFIG_MMU #ifdef CONFIG_KUSER_HELPERS /* -@@ -451,7 +446,7 @@ static struct vm_area_struct gate_vma = { +@@ -304,7 +298,7 @@ static struct vm_area_struct gate_vma = { static int __init gate_vma_init(void) { @@ -2902,12 +2907,12 @@ index 2bf1a16..d959d40 100644 return 0; } arch_initcall(gate_vma_init); -@@ -480,81 +475,13 @@ const char *arch_vma_name(struct vm_area_struct *vma) +@@ -333,91 +327,13 @@ const char *arch_vma_name(struct vm_area_struct *vma) return is_gate_vma(vma) ? "[vectors]" : NULL; } -/* If possible, provide a placement hint at a random offset from the -- * stack for the signal page. +- * stack for the sigpage and vdso pages. - */ -static unsigned long sigpage_addr(const struct mm_struct *mm, - unsigned int npages) @@ -2951,6 +2956,7 @@ index 2bf1a16..d959d40 100644 { struct mm_struct *mm = current->mm; - struct vm_area_struct *vma; +- unsigned long npages; - unsigned long addr; - unsigned long hint; - int ret = 0; @@ -2959,10 +2965,13 @@ index 2bf1a16..d959d40 100644 - signal_page = get_signal_page(); - if (!signal_page) - return -ENOMEM; +- +- npages = 1; /* for sigpage */ +- npages += vdso_total_pages; down_write(&mm->mmap_sem); -- hint = sigpage_addr(mm, 1); -- addr = get_unmapped_area(NULL, hint, PAGE_SIZE, 0, 0); +- hint = sigpage_addr(mm, npages); +- addr = get_unmapped_area(NULL, hint, npages << PAGE_SHIFT, 0, 0); - if (IS_ERR_VALUE(addr)) { - ret = addr; - goto up_fail; @@ -2979,6 +2988,12 @@ index 2bf1a16..d959d40 100644 - - mm->context.sigpage = addr; - +- /* Unlike the sigpage, failure to install the vdso is unlikely +- * to be fatal to the process, so no error check needed +- * here. +- */ +- arm_install_vdso(mm, addr + PAGE_SIZE); +- - up_fail: + mm->context.sigpage = (PAGE_OFFSET + (get_random_int() % 0x3FFEFFE0)) & 0xFFFFFFFC; up_write(&mm->mmap_sem); @@ -3023,8 +3038,20 @@ index ef9119f..31995a3 100644 /* Do the secure computing check first; failures should be fast. */ #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER if (secure_computing() == -1) +diff --git a/arch/arm/kernel/reboot.c b/arch/arm/kernel/reboot.c +index 1a4d232..2677169 100644 +--- a/arch/arm/kernel/reboot.c ++++ b/arch/arm/kernel/reboot.c +@@ -122,6 +122,7 @@ void machine_power_off(void) + + if (pm_power_off) + pm_power_off(); ++ while (1); + } + + /* diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c -index 1d60beb..4aa25d5 100644 +index 6c777e9..3d2d0ca 100644 --- a/arch/arm/kernel/setup.c +++ b/arch/arm/kernel/setup.c @@ -105,21 +105,23 @@ EXPORT_SYMBOL(elf_hwcap); @@ -3073,7 +3100,7 @@ index 1d60beb..4aa25d5 100644 cpu_arch = CPU_ARCH_ARMv6; else diff --git a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c -index 023ac90..0a69950 100644 +index 423663e..bfeb0ff 100644 --- a/arch/arm/kernel/signal.c +++ b/arch/arm/kernel/signal.c @@ -24,8 +24,6 @@ @@ -3085,7 +3112,7 @@ index 023ac90..0a69950 100644 #ifdef CONFIG_CRUNCH static int preserve_crunch_context(struct crunch_sigframe __user *frame) { -@@ -396,8 +394,7 @@ setup_return(struct pt_regs *regs, struct ksignal *ksig, +@@ -385,8 +383,7 @@ setup_return(struct pt_regs *regs, struct ksignal *ksig, * except when the MPU has protected the vectors * page from PL0 */ @@ -3095,7 +3122,7 @@ index 023ac90..0a69950 100644 } else #endif { -@@ -603,33 +600,3 @@ do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall) +@@ -592,33 +589,3 @@ do_work_pending(struct pt_regs *regs, unsigned int thread_flags, int syscall) } while (thread_flags & _TIF_WORK_MASK); return 0; } @@ -3130,7 +3157,7 @@ index 023ac90..0a69950 100644 - return page; -} diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c -index 86ef244..c518451 100644 +index cca5b87..68f0f73 100644 --- a/arch/arm/kernel/smp.c +++ b/arch/arm/kernel/smp.c @@ -76,7 +76,7 @@ enum ipi_msg_type { @@ -3166,7 +3193,7 @@ index 7a3be1d..b00c7de 100644 start, end); itcm_present = true; diff --git a/arch/arm/kernel/traps.c b/arch/arm/kernel/traps.c -index 788e23f..6fa06a1 100644 +index 3dce1a3..60e857f 100644 --- a/arch/arm/kernel/traps.c +++ b/arch/arm/kernel/traps.c @@ -65,7 +65,7 @@ static void dump_mem(const char *, const char *, unsigned long, unsigned long); @@ -3197,7 +3224,7 @@ index 788e23f..6fa06a1 100644 if (signr) do_exit(signr); } -@@ -880,7 +885,11 @@ void __init early_trap_init(void *vectors_base) +@@ -878,7 +883,11 @@ void __init early_trap_init(void *vectors_base) kuser_init(vectors_base); flush_icache_range(vectors, vectors + PAGE_SIZE * 2); @@ -3211,7 +3238,7 @@ index 788e23f..6fa06a1 100644 /* * on V7-M there is no need to copy the vector table to a dedicated diff --git a/arch/arm/kernel/vmlinux.lds.S b/arch/arm/kernel/vmlinux.lds.S -index b31aa73..cc4b7a1 100644 +index 8b60fde..8d986dd 100644 --- a/arch/arm/kernel/vmlinux.lds.S +++ b/arch/arm/kernel/vmlinux.lds.S @@ -37,7 +37,7 @@ @@ -3223,7 +3250,7 @@ index b31aa73..cc4b7a1 100644 #define ARM_EXIT_KEEP(x) x #define ARM_EXIT_DISCARD(x) #else -@@ -123,6 +123,8 @@ SECTIONS +@@ -120,6 +120,8 @@ SECTIONS #ifdef CONFIG_DEBUG_RODATA . = ALIGN(1<<SECTION_SHIFT); #endif @@ -3232,7 +3259,7 @@ index b31aa73..cc4b7a1 100644 RO_DATA(PAGE_SIZE) . = ALIGN(4); -@@ -153,8 +155,6 @@ SECTIONS +@@ -150,8 +152,6 @@ SECTIONS NOTES @@ -3242,7 +3269,7 @@ index b31aa73..cc4b7a1 100644 # ifdef CONFIG_ARM_KERNMEM_PERMS . = ALIGN(1<<SECTION_SHIFT); diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c -index b652af5..60231ab 100644 +index d9631ec..b0c966c 100644 --- a/arch/arm/kvm/arm.c +++ b/arch/arm/kvm/arm.c @@ -57,7 +57,7 @@ static unsigned long hyp_default_vectors; @@ -3254,7 +3281,7 @@ index b652af5..60231ab 100644 static u8 kvm_next_vmid; static DEFINE_SPINLOCK(kvm_vmid_lock); -@@ -358,7 +358,7 @@ void force_vm_exit(const cpumask_t *mask) +@@ -373,7 +373,7 @@ void force_vm_exit(const cpumask_t *mask) */ static bool need_new_vmid_gen(struct kvm *kvm) { @@ -3263,7 +3290,7 @@ index b652af5..60231ab 100644 } /** -@@ -391,7 +391,7 @@ static void update_vttbr(struct kvm *kvm) +@@ -406,7 +406,7 @@ static void update_vttbr(struct kvm *kvm) /* First user of a new VMID generation? */ if (unlikely(kvm_next_vmid == 0)) { @@ -3272,7 +3299,7 @@ index b652af5..60231ab 100644 kvm_next_vmid = 1; /* -@@ -408,7 +408,7 @@ static void update_vttbr(struct kvm *kvm) +@@ -423,7 +423,7 @@ static void update_vttbr(struct kvm *kvm) kvm_call_hyp(__kvm_flush_vm_context); } @@ -3281,7 +3308,7 @@ index b652af5..60231ab 100644 kvm->arch.vmid = kvm_next_vmid; kvm_next_vmid++; -@@ -1087,7 +1087,7 @@ struct kvm_vcpu *kvm_mpidr_to_vcpu(struct kvm *kvm, unsigned long mpidr) +@@ -1098,7 +1098,7 @@ struct kvm_vcpu *kvm_mpidr_to_vcpu(struct kvm *kvm, unsigned long mpidr) /** * Initialize Hyp-mode and memory mappings on all CPUs. */ @@ -3291,7 +3318,7 @@ index b652af5..60231ab 100644 int err; int ret, cpu; diff --git a/arch/arm/lib/clear_user.S b/arch/arm/lib/clear_user.S -index 14a0d98..7771a7d 100644 +index 1710fd7..ec3e014 100644 --- a/arch/arm/lib/clear_user.S +++ b/arch/arm/lib/clear_user.S @@ -12,14 +12,14 @@ @@ -3319,7 +3346,7 @@ index 14a0d98..7771a7d 100644 +ENDPROC(___clear_user) ENDPROC(__clear_user_std) - .pushsection .fixup,"ax" + .pushsection .text.fixup,"ax" diff --git a/arch/arm/lib/copy_from_user.S b/arch/arm/lib/copy_from_user.S index 7a235b9..73a0556 100644 --- a/arch/arm/lib/copy_from_user.S @@ -3360,7 +3387,7 @@ index 6ee2f67..d1cce76 100644 #include <asm/asm-offsets.h> #include <asm/cache.h> diff --git a/arch/arm/lib/copy_to_user.S b/arch/arm/lib/copy_to_user.S -index a9d3db1..164b089 100644 +index 9648b06..19c333c 100644 --- a/arch/arm/lib/copy_to_user.S +++ b/arch/arm/lib/copy_to_user.S @@ -17,7 +17,7 @@ @@ -3385,9 +3412,9 @@ index a9d3db1..164b089 100644 +ENDPROC(___copy_to_user) ENDPROC(__copy_to_user_std) - .pushsection .fixup,"ax" + .pushsection .text.fixup,"ax" diff --git a/arch/arm/lib/csumpartialcopyuser.S b/arch/arm/lib/csumpartialcopyuser.S -index 7d08b43..f7ca7ea 100644 +index 1d0957e..f708846 100644 --- a/arch/arm/lib/csumpartialcopyuser.S +++ b/arch/arm/lib/csumpartialcopyuser.S @@ -57,8 +57,8 @@ @@ -3402,7 +3429,7 @@ index 7d08b43..f7ca7ea 100644 #include "csumpartialcopygeneric.S" diff --git a/arch/arm/lib/delay.c b/arch/arm/lib/delay.c -index 312d43e..21d2322 100644 +index 8044591..c9b2609 100644 --- a/arch/arm/lib/delay.c +++ b/arch/arm/lib/delay.c @@ -29,7 +29,7 @@ @@ -3437,18 +3464,10 @@ index 3e58d71..029817c 100644 /* See rational for this in __copy_to_user() above. */ if (n < 64) diff --git a/arch/arm/mach-exynos/suspend.c b/arch/arm/mach-exynos/suspend.c -index 582ef2d..d314e82 100644 +index 7d23ce0..5ef383a 100644 --- a/arch/arm/mach-exynos/suspend.c +++ b/arch/arm/mach-exynos/suspend.c -@@ -18,6 +18,7 @@ - #include <linux/syscore_ops.h> - #include <linux/cpu_pm.h> - #include <linux/io.h> -+#include <linux/irq.h> - #include <linux/irqchip/arm-gic.h> - #include <linux/err.h> - #include <linux/regulator/machine.h> -@@ -635,8 +636,10 @@ void __init exynos_pm_init(void) +@@ -738,8 +738,10 @@ void __init exynos_pm_init(void) tmp |= pm_data->wake_disable_mask; pmu_raw_writel(tmp, S5P_WAKEUP_MASK); @@ -3544,10 +3563,10 @@ index 5305ec7..6d74045 100644 #include <asm/smp_scu.h> diff --git a/arch/arm/mach-omap2/omap-wakeupgen.c b/arch/arm/mach-omap2/omap-wakeupgen.c -index f961c46..4a453dc 100644 +index 3b56722..33ac281 100644 --- a/arch/arm/mach-omap2/omap-wakeupgen.c +++ b/arch/arm/mach-omap2/omap-wakeupgen.c -@@ -344,7 +344,7 @@ static int irq_cpu_hotplug_notify(struct notifier_block *self, +@@ -330,7 +330,7 @@ static int irq_cpu_hotplug_notify(struct notifier_block *self, return NOTIFY_OK; } @@ -3557,7 +3576,7 @@ index f961c46..4a453dc 100644 }; diff --git a/arch/arm/mach-omap2/omap_device.c b/arch/arm/mach-omap2/omap_device.c -index be9541e..821805f 100644 +index 166b18f..f985f04 100644 --- a/arch/arm/mach-omap2/omap_device.c +++ b/arch/arm/mach-omap2/omap_device.c @@ -510,7 +510,7 @@ void omap_device_delete(struct omap_device *od) @@ -3598,10 +3617,10 @@ index 78c02b3..c94109a 100644 struct omap_device *omap_device_alloc(struct platform_device *pdev, struct omap_hwmod **ohs, int oh_cnt); diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c -index 355b089..2c9d7c3 100644 +index 752969f..a34b446 100644 --- a/arch/arm/mach-omap2/omap_hwmod.c +++ b/arch/arm/mach-omap2/omap_hwmod.c -@@ -193,10 +193,10 @@ struct omap_hwmod_soc_ops { +@@ -199,10 +199,10 @@ struct omap_hwmod_soc_ops { int (*init_clkdm)(struct omap_hwmod *oh); void (*update_context_lost)(struct omap_hwmod *oh); int (*get_context_lost)(struct omap_hwmod *oh); @@ -3662,10 +3681,10 @@ index ff0a68c..b312aa0 100644 sizeof(struct omap_wd_timer_platform_data)); WARN(IS_ERR(pdev), "Can't build omap_device for %s:%s.\n", diff --git a/arch/arm/mach-tegra/cpuidle-tegra20.c b/arch/arm/mach-tegra/cpuidle-tegra20.c -index a351eff..87baad9 100644 +index 7469347..1ecc350 100644 --- a/arch/arm/mach-tegra/cpuidle-tegra20.c +++ b/arch/arm/mach-tegra/cpuidle-tegra20.c -@@ -178,7 +178,7 @@ static int tegra20_idle_lp2_coupled(struct cpuidle_device *dev, +@@ -177,7 +177,7 @@ static int tegra20_idle_lp2_coupled(struct cpuidle_device *dev, bool entered_lp2 = false; if (tegra_pending_sgi()) @@ -3675,7 +3694,7 @@ index a351eff..87baad9 100644 cpuidle_coupled_parallel_barrier(dev, &abort_barrier); diff --git a/arch/arm/mach-tegra/irq.c b/arch/arm/mach-tegra/irq.c -index ab95f53..4b977a7 100644 +index 3b9098d..15b390f 100644 --- a/arch/arm/mach-tegra/irq.c +++ b/arch/arm/mach-tegra/irq.c @@ -20,6 +20,7 @@ @@ -3729,7 +3748,7 @@ index 52d768f..5f93180 100644 #include "common.h" diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig -index 9b4f29e..bbf3bfa 100644 +index b4f92b9..ffefea9 100644 --- a/arch/arm/mm/Kconfig +++ b/arch/arm/mm/Kconfig @@ -446,6 +446,7 @@ config CPU_32v5 @@ -3767,7 +3786,7 @@ index 9b4f29e..bbf3bfa 100644 If all of the binaries and libraries which run on your platform diff --git a/arch/arm/mm/alignment.c b/arch/arm/mm/alignment.c -index 2c0c541..4585df9 100644 +index 9769f1e..16aaa55 100644 --- a/arch/arm/mm/alignment.c +++ b/arch/arm/mm/alignment.c @@ -216,10 +216,12 @@ union offset_union { @@ -3832,7 +3851,7 @@ index 2c0c541..4585df9 100644 goto fault; \ } while (0) diff --git a/arch/arm/mm/cache-l2x0.c b/arch/arm/mm/cache-l2x0.c -index 8f15f70..d599a2b 100644 +index e309c8f..f8965e8 100644 --- a/arch/arm/mm/cache-l2x0.c +++ b/arch/arm/mm/cache-l2x0.c @@ -43,7 +43,7 @@ struct l2c_init_data { @@ -4143,10 +4162,10 @@ index cf08bdf..772656c 100644 unsigned long search_exception_table(unsigned long addr); diff --git a/arch/arm/mm/init.c b/arch/arm/mm/init.c -index 1609b02..def0785 100644 +index be92fa0..5252d7e 100644 --- a/arch/arm/mm/init.c +++ b/arch/arm/mm/init.c -@@ -755,7 +755,46 @@ void free_tcmmem(void) +@@ -709,7 +709,46 @@ void free_tcmmem(void) { #ifdef CONFIG_HAVE_TCM extern char __tcm_start, __tcm_end; @@ -4210,7 +4229,7 @@ index d1e5ad7..84dcbf2 100644 return __arm_ioremap_caller(phys_addr, size, mtype, __builtin_return_address(0)); diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c -index 5e85ed3..b10a7ed 100644 +index 407dc78..047ce9d 100644 --- a/arch/arm/mm/mmap.c +++ b/arch/arm/mm/mmap.c @@ -59,6 +59,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, @@ -4287,7 +4306,7 @@ index 5e85ed3..b10a7ed 100644 addr = vm_unmapped_area(&info); /* -@@ -173,6 +183,10 @@ void arch_pick_mmap_layout(struct mm_struct *mm) +@@ -183,14 +193,30 @@ void arch_pick_mmap_layout(struct mm_struct *mm) { unsigned long random_factor = 0UL; @@ -4295,10 +4314,8 @@ index 5e85ed3..b10a7ed 100644 + if (!(mm->pax_flags & MF_PAX_RANDMMAP)) +#endif + - /* 8 bits of randomness in 20 address space bits */ - if ((current->flags & PF_RANDOMIZE) && - !(current->personality & ADDR_NO_RANDOMIZE)) -@@ -180,9 +194,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) + if (current->flags & PF_RANDOMIZE) + random_factor = arch_mmap_rnd(); if (mmap_is_legacy()) { mm->mmap_base = TASK_UNMAPPED_BASE + random_factor; @@ -4705,7 +4722,7 @@ index 7186382..0c145cf 100644 } diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c -index f412b53..fc89433 100644 +index e0e2358..a4ee460 100644 --- a/arch/arm/net/bpf_jit_32.c +++ b/arch/arm/net/bpf_jit_32.c @@ -20,6 +20,7 @@ @@ -4716,7 +4733,7 @@ index f412b53..fc89433 100644 #include "bpf_jit_32.h" -@@ -71,7 +72,11 @@ struct jit_ctx { +@@ -72,34 +73,58 @@ struct jit_ctx { #endif }; @@ -4726,9 +4743,62 @@ index f412b53..fc89433 100644 int bpf_jit_enable __read_mostly; +#endif - static u64 jit_get_skb_b(struct sk_buff *skb, unsigned offset) +-static u64 jit_get_skb_b(struct sk_buff *skb, unsigned offset) ++static inline int call_neg_helper(struct sk_buff *skb, int offset, void *ret, ++ unsigned int size) ++{ ++ void *ptr = bpf_internal_load_pointer_neg_helper(skb, offset, size); ++ ++ if (!ptr) ++ return -EFAULT; ++ memcpy(ret, ptr, size); ++ return 0; ++} ++ ++static u64 jit_get_skb_b(struct sk_buff *skb, int offset) + { + u8 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 1); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 1); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 1); + + return (u64)err << 32 | ret; + } + +-static u64 jit_get_skb_h(struct sk_buff *skb, unsigned offset) ++static u64 jit_get_skb_h(struct sk_buff *skb, int offset) + { + u16 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 2); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 2); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 2); + + return (u64)err << 32 | ntohs(ret); + } + +-static u64 jit_get_skb_w(struct sk_buff *skb, unsigned offset) ++static u64 jit_get_skb_w(struct sk_buff *skb, int offset) { -@@ -178,8 +183,10 @@ static void jit_fill_hole(void *area, unsigned int size) + u32 ret; + int err; + +- err = skb_copy_bits(skb, offset, &ret, 4); ++ if (offset < 0) ++ err = call_neg_helper(skb, offset, &ret, 4); ++ else ++ err = skb_copy_bits(skb, offset, &ret, 4); + + return (u64)err << 32 | ntohl(ret); + } +@@ -179,8 +204,10 @@ static void jit_fill_hole(void *area, unsigned int size) { u32 *ptr; /* We are guaranteed to have aligned memory. */ @@ -4739,6 +4809,57 @@ index f412b53..fc89433 100644 } static void build_prologue(struct jit_ctx *ctx) +@@ -536,9 +563,6 @@ static int build_body(struct jit_ctx *ctx) + case BPF_LD | BPF_B | BPF_ABS: + load_order = 0; + load: +- /* the interpreter will deal with the negative K */ +- if ((int)k < 0) +- return -ENOTSUPP; + emit_mov_i(r_off, k, ctx); + load_common: + ctx->seen |= SEEN_DATA | SEEN_CALL; +@@ -547,12 +571,24 @@ load_common: + emit(ARM_SUB_I(r_scratch, r_skb_hl, + 1 << load_order), ctx); + emit(ARM_CMP_R(r_scratch, r_off), ctx); +- condt = ARM_COND_HS; ++ condt = ARM_COND_GE; + } else { + emit(ARM_CMP_R(r_skb_hl, r_off), ctx); + condt = ARM_COND_HI; + } + ++ /* ++ * test for negative offset, only if we are ++ * currently scheduled to take the fast ++ * path. this will update the flags so that ++ * the slowpath instruction are ignored if the ++ * offset is negative. ++ * ++ * for loard_order == 0 the HI condition will ++ * make loads at offset 0 take the slow path too. ++ */ ++ _emit(condt, ARM_CMP_I(r_off, 0), ctx); ++ + _emit(condt, ARM_ADD_R(r_scratch, r_off, r_skb_data), + ctx); + +@@ -860,9 +896,11 @@ b_epilogue: + off = offsetof(struct sk_buff, vlan_tci); + emit(ARM_LDRH_I(r_A, r_skb, off), ctx); + if (code == (BPF_ANC | SKF_AD_VLAN_TAG)) +- OP_IMM3(ARM_AND, r_A, r_A, VLAN_VID_MASK, ctx); +- else +- OP_IMM3(ARM_AND, r_A, r_A, VLAN_TAG_PRESENT, ctx); ++ OP_IMM3(ARM_AND, r_A, r_A, ~VLAN_TAG_PRESENT, ctx); ++ else { ++ OP_IMM3(ARM_LSR, r_A, r_A, 12, ctx); ++ OP_IMM3(ARM_AND, r_A, r_A, 0x1, ctx); ++ } + break; + case BPF_ANC | SKF_AD_QUEUE: + ctx->seen |= SEEN_SKB; diff --git a/arch/arm/plat-iop/setup.c b/arch/arm/plat-iop/setup.c index 5b217f4..c23f40e 100644 --- a/arch/arm/plat-iop/setup.c @@ -4786,7 +4907,7 @@ index 7047051..44e8675 100644 #endif #endif diff --git a/arch/arm64/include/asm/barrier.h b/arch/arm64/include/asm/barrier.h -index a5abb00..9cbca9a 100644 +index 71f19c4..2b13cfe 100644 --- a/arch/arm64/include/asm/barrier.h +++ b/arch/arm64/include/asm/barrier.h @@ -44,7 +44,7 @@ @@ -4824,7 +4945,7 @@ index 4fde8c1..441f84f 100644 default: BUILD_BUG(); diff --git a/arch/arm64/include/asm/pgalloc.h b/arch/arm64/include/asm/pgalloc.h -index e20df38..027ede3 100644 +index 7642056..bffc904 100644 --- a/arch/arm64/include/asm/pgalloc.h +++ b/arch/arm64/include/asm/pgalloc.h @@ -46,6 +46,11 @@ static inline void pud_populate(struct mm_struct *mm, pud_t *pud, pmd_t *pmd) @@ -4836,9 +4957,9 @@ index e20df38..027ede3 100644 + pud_populate(mm, pud, pmd); +} + - #endif /* CONFIG_ARM64_PGTABLE_LEVELS > 2 */ + #endif /* CONFIG_PGTABLE_LEVELS > 2 */ - #if CONFIG_ARM64_PGTABLE_LEVELS > 3 + #if CONFIG_PGTABLE_LEVELS > 3 diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h index 07e1ba44..ec8cbbb 100644 --- a/arch/arm64/include/asm/uaccess.h @@ -4881,14 +5002,14 @@ index c3a58a1..78fbf54 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/avr32/include/asm/elf.h b/arch/avr32/include/asm/elf.h -index d232888..87c8df1 100644 +index 0388ece..87c8df1 100644 --- a/arch/avr32/include/asm/elf.h +++ b/arch/avr32/include/asm/elf.h @@ -84,8 +84,14 @@ typedef struct user_fpu_struct elf_fpregset_t; the loader. We need to make sure that it is out of the way of the program that it will "exec", and that there is sufficient room for the brk. */ --#define ELF_ET_DYN_BASE (2 * TASK_SIZE / 3) +-#define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) +#define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) +#ifdef CONFIG_PAX_ASLR @@ -5114,10 +5235,10 @@ index 69952c18..4fa2908 100644 #define ARCH_DMA_MINALIGN L1_CACHE_BYTES diff --git a/arch/ia64/Kconfig b/arch/ia64/Kconfig -index 074e52b..76afdac 100644 +index 76d25b2..d3793a0f 100644 --- a/arch/ia64/Kconfig +++ b/arch/ia64/Kconfig -@@ -548,6 +548,7 @@ source "drivers/sn/Kconfig" +@@ -541,6 +541,7 @@ source "drivers/sn/Kconfig" config KEXEC bool "kexec system call" depends on !IA64_HP_SIM && (!SMP || HOTPLUG_CPU) @@ -5208,7 +5329,7 @@ index 5a83c5c..4d7f553 100644 /* IA-64 relocations: */ diff --git a/arch/ia64/include/asm/pgalloc.h b/arch/ia64/include/asm/pgalloc.h -index 5767cdf..7462574 100644 +index f5e70e9..624fad5 100644 --- a/arch/ia64/include/asm/pgalloc.h +++ b/arch/ia64/include/asm/pgalloc.h @@ -39,6 +39,12 @@ pgd_populate(struct mm_struct *mm, pgd_t * pgd_entry, pud_t * pud) @@ -5238,7 +5359,7 @@ index 5767cdf..7462574 100644 { return quicklist_alloc(0, GFP_KERNEL, NULL); diff --git a/arch/ia64/include/asm/pgtable.h b/arch/ia64/include/asm/pgtable.h -index 7b6f880..ac8e008 100644 +index 9f3ed9e..c99b418 100644 --- a/arch/ia64/include/asm/pgtable.h +++ b/arch/ia64/include/asm/pgtable.h @@ -12,7 +12,7 @@ @@ -5565,7 +5686,7 @@ index 52b7604b..455cb85 100644 } diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c -index 6b33457..88b5124 100644 +index a9b65cf..49ae1cf 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -120,6 +120,19 @@ ia64_init_addr_space (void) @@ -5698,10 +5819,10 @@ index 4efe96a..60e8699 100644 #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig -index 1a313c4..f27b613 100644 +index f501665..b107753 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig -@@ -2504,6 +2504,7 @@ source "kernel/Kconfig.preempt" +@@ -2585,6 +2585,7 @@ source "kernel/Kconfig.preempt" config KEXEC bool "Kexec system call" @@ -6358,10 +6479,10 @@ index b4db69f..8f3b093 100644 #define SMP_CACHE_SHIFT L1_CACHE_SHIFT #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/mips/include/asm/elf.h b/arch/mips/include/asm/elf.h -index 694925a..990fa62 100644 +index f19e890..a4f8177 100644 --- a/arch/mips/include/asm/elf.h +++ b/arch/mips/include/asm/elf.h -@@ -410,15 +410,18 @@ extern const char *__elf_platform; +@@ -417,6 +417,13 @@ extern const char *__elf_platform; #define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) #endif @@ -6375,15 +6496,6 @@ index 694925a..990fa62 100644 #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1 struct linux_binprm; extern int arch_setup_additional_pages(struct linux_binprm *bprm, - int uses_interp); - --struct mm_struct; --extern unsigned long arch_randomize_brk(struct mm_struct *mm); --#define arch_randomize_brk arch_randomize_brk -- - struct arch_elf_state { - int fp_abi; - int interp_fp_abi; diff --git a/arch/mips/include/asm/exec.h b/arch/mips/include/asm/exec.h index c1f6afa..38cc6e9 100644 --- a/arch/mips/include/asm/exec.h @@ -6501,10 +6613,10 @@ index 8feaed6..1bd8a64 100644 /** diff --git a/arch/mips/include/asm/page.h b/arch/mips/include/asm/page.h -index 154b70a..426ae3d 100644 +index 89dd7fe..a123c97 100644 --- a/arch/mips/include/asm/page.h +++ b/arch/mips/include/asm/page.h -@@ -120,7 +120,7 @@ extern void copy_user_highpage(struct page *to, struct page *from, +@@ -118,7 +118,7 @@ extern void copy_user_highpage(struct page *to, struct page *from, #ifdef CONFIG_CPU_MIPS32 typedef struct { unsigned long pte_low, pte_high; } pte_t; #define pte_val(x) ((x).pte_low | ((unsigned long long)(x).pte_high << 32)) @@ -6530,7 +6642,7 @@ index b336037..5b874cc 100644 /* diff --git a/arch/mips/include/asm/pgtable.h b/arch/mips/include/asm/pgtable.h -index f8f809f..b5f3fa4 100644 +index 819af9d..439839d 100644 --- a/arch/mips/include/asm/pgtable.h +++ b/arch/mips/include/asm/pgtable.h @@ -20,6 +20,9 @@ @@ -6544,10 +6656,10 @@ index f8f809f..b5f3fa4 100644 struct vm_area_struct; diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h -index 55ed660..3dc9422 100644 +index 9c0014e..5101ef5 100644 --- a/arch/mips/include/asm/thread_info.h +++ b/arch/mips/include/asm/thread_info.h -@@ -102,6 +102,9 @@ static inline struct thread_info *current_thread_info(void) +@@ -100,6 +100,9 @@ static inline struct thread_info *current_thread_info(void) #define TIF_SECCOMP 4 /* secure computing */ #define TIF_NOTIFY_RESUME 5 /* callback before returning to user */ #define TIF_RESTORE_SIGMASK 9 /* restore signal mask in do_signal() */ @@ -6557,7 +6669,7 @@ index 55ed660..3dc9422 100644 #define TIF_USEDFPU 16 /* FPU was used by this task this quantum (SMP) */ #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ #define TIF_NOHZ 19 /* in adaptive nohz mode */ -@@ -137,14 +140,16 @@ static inline struct thread_info *current_thread_info(void) +@@ -135,14 +138,16 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_USEDMSA (1<<TIF_USEDMSA) #define _TIF_MSA_CTX_LIVE (1<<TIF_MSA_CTX_LIVE) #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) @@ -6576,7 +6688,7 @@ index 55ed660..3dc9422 100644 /* work to do on interrupt/exception return */ #define _TIF_WORK_MASK \ -@@ -152,7 +157,7 @@ static inline struct thread_info *current_thread_info(void) +@@ -150,7 +155,7 @@ static inline struct thread_info *current_thread_info(void) /* work to do on any return to u-space */ #define _TIF_ALLWORK_MASK (_TIF_NOHZ | _TIF_WORK_MASK | \ _TIF_WORK_SYSCALL_EXIT | \ @@ -6660,7 +6772,7 @@ index 44a1f79..2bd6aa3 100644 void __init gt641xx_irq_init(void) diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c -index be15e52..a089cc4 100644 +index 3c8a18a..b4929b6 100644 --- a/arch/mips/kernel/irq.c +++ b/arch/mips/kernel/irq.c @@ -76,17 +76,17 @@ void ack_bad_irq(unsigned int irq) @@ -6715,10 +6827,10 @@ index 0614717..002fa43 100644 /* Run the generated entry code */ diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c -index bf85cc1..b365c61 100644 +index f2975d4..f61d355 100644 --- a/arch/mips/kernel/process.c +++ b/arch/mips/kernel/process.c -@@ -535,18 +535,6 @@ out: +@@ -541,18 +541,6 @@ out: return pc; } @@ -6738,10 +6850,10 @@ index bf85cc1..b365c61 100644 { struct pt_regs *regs; diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c -index 5104528..950bbdc 100644 +index e933a30..0d02625 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c -@@ -761,6 +761,10 @@ long arch_ptrace(struct task_struct *child, long request, +@@ -785,6 +785,10 @@ long arch_ptrace(struct task_struct *child, long request, return ret; } @@ -6752,7 +6864,7 @@ index 5104528..950bbdc 100644 /* * Notification of system call entry/exit * - triggered by current->work.syscall_trace -@@ -779,6 +783,11 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall) +@@ -803,6 +807,11 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall) tracehook_report_syscall_entry(regs)) ret = -1; @@ -6764,38 +6876,6 @@ index 5104528..950bbdc 100644 if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs->regs[2]); -diff --git a/arch/mips/kernel/reset.c b/arch/mips/kernel/reset.c -index 07fc524..b9d7f28 100644 ---- a/arch/mips/kernel/reset.c -+++ b/arch/mips/kernel/reset.c -@@ -13,6 +13,7 @@ - #include <linux/reboot.h> - - #include <asm/reboot.h> -+#include <asm/bug.h> - - /* - * Urgs ... Too many MIPS machines to handle this in a generic way. -@@ -29,16 +30,19 @@ void machine_restart(char *command) - { - if (_machine_restart) - _machine_restart(command); -+ BUG(); - } - - void machine_halt(void) - { - if (_machine_halt) - _machine_halt(); -+ BUG(); - } - - void machine_power_off(void) - { - if (pm_power_off) - pm_power_off(); -+ BUG(); - } diff --git a/arch/mips/kernel/sync-r4k.c b/arch/mips/kernel/sync-r4k.c index 2242bdd..b284048 100644 --- a/arch/mips/kernel/sync-r4k.c @@ -6866,7 +6946,7 @@ index 2242bdd..b284048 100644 } /* Arrange for an interrupt in a short while */ diff --git a/arch/mips/kernel/traps.c b/arch/mips/kernel/traps.c -index 33984c0..666a96d 100644 +index d2d1c19..3e21d8d 100644 --- a/arch/mips/kernel/traps.c +++ b/arch/mips/kernel/traps.c @@ -689,7 +689,18 @@ asmlinkage void do_ov(struct pt_regs *regs) @@ -6890,10 +6970,10 @@ index 33984c0..666a96d 100644 info.si_code = FPE_INTOVF; info.si_signo = SIGFPE; diff --git a/arch/mips/kvm/mips.c b/arch/mips/kvm/mips.c -index adf3886..ce8f002 100644 +index 52f205a..335927c 100644 --- a/arch/mips/kvm/mips.c +++ b/arch/mips/kvm/mips.c -@@ -816,7 +816,7 @@ long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) +@@ -1013,7 +1013,7 @@ long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) return r; } @@ -6946,7 +7026,7 @@ index 7ff8637..6004edb 100644 tsk->thread.error_code = write; if (show_unhandled_signals && diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c -index f1baadd..5472dca 100644 +index 5c81fdd..db158d3 100644 --- a/arch/mips/mm/mmap.c +++ b/arch/mips/mm/mmap.c @@ -59,6 +59,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, @@ -6986,7 +7066,7 @@ index f1baadd..5472dca 100644 if (dir == DOWN) { info.flags = VM_UNMAPPED_AREA_TOPDOWN; -@@ -146,6 +152,10 @@ void arch_pick_mmap_layout(struct mm_struct *mm) +@@ -160,45 +166,34 @@ void arch_pick_mmap_layout(struct mm_struct *mm) { unsigned long random_factor = 0UL; @@ -6994,10 +7074,8 @@ index f1baadd..5472dca 100644 + if (!(mm->pax_flags & MF_PAX_RANDMMAP)) +#endif + - if (current->flags & PF_RANDOMIZE) { - random_factor = get_random_int(); - random_factor = random_factor << PAGE_SHIFT; -@@ -157,40 +167,25 @@ void arch_pick_mmap_layout(struct mm_struct *mm) + if (current->flags & PF_RANDOMIZE) + random_factor = arch_mmap_rnd(); if (mmap_is_legacy()) { mm->mmap_base = TASK_UNMAPPED_BASE + random_factor; @@ -7251,7 +7329,7 @@ index 78c9fd3..42fa66a 100644 instruction set this CPU supports. This could be done in user space, but it's not easy, and we've already done it here. */ diff --git a/arch/parisc/include/asm/pgalloc.h b/arch/parisc/include/asm/pgalloc.h -index d174372..f27fe5c 100644 +index 3a08eae..08fef28 100644 --- a/arch/parisc/include/asm/pgalloc.h +++ b/arch/parisc/include/asm/pgalloc.h @@ -61,6 +61,11 @@ static inline void pgd_populate(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmd) @@ -7266,7 +7344,24 @@ index d174372..f27fe5c 100644 static inline pmd_t *pmd_alloc_one(struct mm_struct *mm, unsigned long address) { pmd_t *pmd = (pmd_t *)__get_free_pages(GFP_KERNEL|__GFP_REPEAT, -@@ -96,6 +101,7 @@ static inline void pmd_free(struct mm_struct *mm, pmd_t *pmd) +@@ -72,7 +77,7 @@ static inline pmd_t *pmd_alloc_one(struct mm_struct *mm, unsigned long address) + + static inline void pmd_free(struct mm_struct *mm, pmd_t *pmd) + { +- if(pmd_flag(*pmd) & PxD_FLAG_ATTACHED) ++ if (pmd_flag(*pmd) & PxD_FLAG_ATTACHED) { + /* + * This is the permanent pmd attached to the pgd; + * cannot free it. +@@ -81,6 +86,7 @@ static inline void pmd_free(struct mm_struct *mm, pmd_t *pmd) + */ + mm_inc_nr_pmds(mm); + return; ++ } + free_pages((unsigned long)pmd, PMD_ORDER); + } + +@@ -96,6 +102,7 @@ static inline void pmd_free(struct mm_struct *mm, pmd_t *pmd) #define pmd_alloc_one(mm, addr) ({ BUG(); ((pmd_t *)2); }) #define pmd_free(mm, x) do { } while (0) #define pgd_populate(mm, pmd, pte) BUG() @@ -7275,10 +7370,10 @@ index d174372..f27fe5c 100644 #endif diff --git a/arch/parisc/include/asm/pgtable.h b/arch/parisc/include/asm/pgtable.h -index 15207b9..3209e65 100644 +index 0a18375..d613939 100644 --- a/arch/parisc/include/asm/pgtable.h +++ b/arch/parisc/include/asm/pgtable.h -@@ -215,6 +215,17 @@ extern void purge_tlb_entries(struct mm_struct *, unsigned long); +@@ -213,6 +213,17 @@ extern void purge_tlb_entries(struct mm_struct *, unsigned long); #define PAGE_EXECREAD __pgprot(_PAGE_PRESENT | _PAGE_USER | _PAGE_READ | _PAGE_EXEC |_PAGE_ACCESSED) #define PAGE_COPY PAGE_EXECREAD #define PAGE_RWX __pgprot(_PAGE_PRESENT | _PAGE_USER | _PAGE_READ | _PAGE_WRITE | _PAGE_EXEC |_PAGE_ACCESSED) @@ -7677,10 +7772,10 @@ index e5120e6..8ddb5cc 100644 /* * If for any reason at all we couldn't handle the fault, make diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig -index 22b0940..309f790 100644 +index 190cc48..48439ce 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig -@@ -409,6 +409,7 @@ config PPC64_SUPPORTS_MEMORY_FAILURE +@@ -413,6 +413,7 @@ config PPC64_SUPPORTS_MEMORY_FAILURE config KEXEC bool "kexec system call" depends on (PPC_BOOK3S || FSL_BOOKE || (44x && !SMP)) @@ -8215,7 +8310,7 @@ index a3bf5be..e03ba81 100644 #define smp_load_acquire(p) \ diff --git a/arch/powerpc/include/asm/cache.h b/arch/powerpc/include/asm/cache.h -index 34a05a1..a1f2c67 100644 +index 0dc42c5..b80a3a1 100644 --- a/arch/powerpc/include/asm/cache.h +++ b/arch/powerpc/include/asm/cache.h @@ -4,6 +4,7 @@ @@ -8236,7 +8331,7 @@ index 34a05a1..a1f2c67 100644 #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/powerpc/include/asm/elf.h b/arch/powerpc/include/asm/elf.h -index 57d289a..b36c98c 100644 +index ee46ffe..b36c98c 100644 --- a/arch/powerpc/include/asm/elf.h +++ b/arch/powerpc/include/asm/elf.h @@ -30,6 +30,18 @@ @@ -8258,17 +8353,6 @@ index 57d289a..b36c98c 100644 #define ELF_CORE_EFLAGS (is_elf2_task() ? 2 : 0) /* -@@ -128,10 +140,6 @@ extern int arch_setup_additional_pages(struct linux_binprm *bprm, - (0x7ff >> (PAGE_SHIFT - 12)) : \ - (0x3ffff >> (PAGE_SHIFT - 12))) - --extern unsigned long arch_randomize_brk(struct mm_struct *mm); --#define arch_randomize_brk arch_randomize_brk -- -- - #ifdef CONFIG_SPU_BASE - /* Notes used in ET_CORE. Note name is "SPU/<fd>/<filename>". */ - #define NT_SPU 1 diff --git a/arch/powerpc/include/asm/exec.h b/arch/powerpc/include/asm/exec.h index 8196e9c..d83a9f3 100644 --- a/arch/powerpc/include/asm/exec.h @@ -8470,7 +8554,7 @@ index 4b0be20..c15a27d 100644 static inline void pmd_populate_kernel(struct mm_struct *mm, pmd_t *pmd, pte_t *pte) diff --git a/arch/powerpc/include/asm/pgtable.h b/arch/powerpc/include/asm/pgtable.h -index 9835ac4..900430f 100644 +index 11a3863..108f194 100644 --- a/arch/powerpc/include/asm/pgtable.h +++ b/arch/powerpc/include/asm/pgtable.h @@ -2,6 +2,7 @@ @@ -8506,7 +8590,7 @@ index af56b5c..f86f3f6 100644 #define DSISR_ISSTORE 0x02000000 /* access was a store */ #define DSISR_DABRMATCH 0x00400000 /* hit data breakpoint */ diff --git a/arch/powerpc/include/asm/smp.h b/arch/powerpc/include/asm/smp.h -index d607df5..08dc9ae 100644 +index 825663c..f9e9134 100644 --- a/arch/powerpc/include/asm/smp.h +++ b/arch/powerpc/include/asm/smp.h @@ -51,7 +51,7 @@ struct smp_ops_t { @@ -8586,10 +8670,10 @@ index 4dbe072..b803275 100644 : "r"(&rw->lock) : "cr0", "xer", "memory"); diff --git a/arch/powerpc/include/asm/thread_info.h b/arch/powerpc/include/asm/thread_info.h -index 7248979..80b75de 100644 +index 7efee4a..48d47cc 100644 --- a/arch/powerpc/include/asm/thread_info.h +++ b/arch/powerpc/include/asm/thread_info.h -@@ -103,6 +103,8 @@ static inline struct thread_info *current_thread_info(void) +@@ -101,6 +101,8 @@ static inline struct thread_info *current_thread_info(void) #if defined(CONFIG_PPC64) #define TIF_ELF2ABI 18 /* function descriptors must die! */ #endif @@ -8598,7 +8682,7 @@ index 7248979..80b75de 100644 /* as above, but as bit values */ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) -@@ -121,9 +123,10 @@ static inline struct thread_info *current_thread_info(void) +@@ -119,9 +121,10 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) #define _TIF_EMULATE_STACK_STORE (1<<TIF_EMULATE_STACK_STORE) #define _TIF_NOHZ (1<<TIF_NOHZ) @@ -8791,7 +8875,7 @@ index a0c071d..49cdc7f 100644 static inline unsigned long clear_user(void __user *addr, unsigned long size) diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile -index 502cf69..53936a1 100644 +index c1ebbda..fd8a98d 100644 --- a/arch/powerpc/kernel/Makefile +++ b/arch/powerpc/kernel/Makefile @@ -15,6 +15,11 @@ CFLAGS_prom_init.o += -fPIC @@ -8917,7 +9001,7 @@ index c94d2e0..992a9ce 100644 sechdrs, module); #endif diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c -index b4cc7be..1fe8bb3 100644 +index febb50d..bb10020 100644 --- a/arch/powerpc/kernel/process.c +++ b/arch/powerpc/kernel/process.c @@ -1036,8 +1036,8 @@ void show_regs(struct pt_regs * regs) @@ -8931,7 +9015,7 @@ index b4cc7be..1fe8bb3 100644 #endif show_stack(current, (unsigned long *) regs->gpr[1]); if (!user_mode(regs)) -@@ -1549,10 +1549,10 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) +@@ -1554,10 +1554,10 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) newsp = stack[0]; ip = stack[STACK_FRAME_LR_SAVE]; if (!firstframe || ip != lr) { @@ -8944,7 +9028,7 @@ index b4cc7be..1fe8bb3 100644 (void *)current->ret_stack[curr_frame].ret); curr_frame--; } -@@ -1572,7 +1572,7 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) +@@ -1577,7 +1577,7 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) struct pt_regs *regs = (struct pt_regs *) (sp + STACK_FRAME_OVERHEAD); lr = regs->link; @@ -8953,7 +9037,7 @@ index b4cc7be..1fe8bb3 100644 regs->trap, (void *)regs->nip, (void *)lr); firstframe = 1; } -@@ -1608,49 +1608,3 @@ void notrace __ppc64_runlatch_off(void) +@@ -1613,49 +1613,3 @@ void notrace __ppc64_runlatch_off(void) mtspr(SPRN_CTRLT, ctrl); } #endif /* CONFIG_PPC64 */ @@ -9157,10 +9241,10 @@ index 305eb0d..accc5b40 100644 rc = vdso_base; goto fail_mmapsem; diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c -index 27c0fac..6ec4a32 100644 +index ac3ddf1..9a54c76 100644 --- a/arch/powerpc/kvm/powerpc.c +++ b/arch/powerpc/kvm/powerpc.c -@@ -1402,7 +1402,7 @@ void kvmppc_init_lpid(unsigned long nr_lpids_param) +@@ -1403,7 +1403,7 @@ void kvmppc_init_lpid(unsigned long nr_lpids_param) } EXPORT_SYMBOL_GPL(kvmppc_init_lpid); @@ -9305,44 +9389,21 @@ index b396868..3eb6b9f 100644 goto bail; } diff --git a/arch/powerpc/mm/mmap.c b/arch/powerpc/mm/mmap.c -index cb8bdbe..cde4bc7 100644 +index 0f0502e..bc3e7a3 100644 --- a/arch/powerpc/mm/mmap.c +++ b/arch/powerpc/mm/mmap.c -@@ -53,10 +53,14 @@ static inline int mmap_is_legacy(void) - return sysctl_legacy_va_layout; - } - --static unsigned long mmap_rnd(void) -+static unsigned long mmap_rnd(struct mm_struct *mm) +@@ -86,6 +86,10 @@ void arch_pick_mmap_layout(struct mm_struct *mm) { - unsigned long rnd = 0; + unsigned long random_factor = 0UL; +#ifdef CONFIG_PAX_RANDMMAP + if (!(mm->pax_flags & MF_PAX_RANDMMAP)) +#endif + - if (current->flags & PF_RANDOMIZE) { - /* 8MB for 32bit, 1GB for 64bit */ - if (is_32bit_task()) -@@ -67,7 +71,7 @@ static unsigned long mmap_rnd(void) - return rnd << PAGE_SHIFT; - } + if (current->flags & PF_RANDOMIZE) + random_factor = arch_mmap_rnd(); --static inline unsigned long mmap_base(void) -+static inline unsigned long mmap_base(struct mm_struct *mm) - { - unsigned long gap = rlimit(RLIMIT_STACK); - -@@ -76,7 +80,7 @@ static inline unsigned long mmap_base(void) - else if (gap > MAX_GAP) - gap = MAX_GAP; - -- return PAGE_ALIGN(TASK_SIZE - gap - mmap_rnd()); -+ return PAGE_ALIGN(TASK_SIZE - gap - mmap_rnd(mm)); - } - - /* -@@ -91,9 +95,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) +@@ -95,9 +99,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) */ if (mmap_is_legacy()) { mm->mmap_base = TASK_UNMAPPED_BASE; @@ -9354,8 +9415,7 @@ index cb8bdbe..cde4bc7 100644 + mm->get_unmapped_area = arch_get_unmapped_area; } else { -- mm->mmap_base = mmap_base(); -+ mm->mmap_base = mmap_base(mm); + mm->mmap_base = mmap_base(random_factor); + +#ifdef CONFIG_PAX_RANDMMAP + if (mm->pax_flags & MF_PAX_RANDMMAP) @@ -9420,10 +9480,10 @@ index d966bbe..372124a 100644 struct spu_context *ctx = vma->vm_file->private_data; unsigned long offset = address - vma->vm_start; diff --git a/arch/s390/include/asm/atomic.h b/arch/s390/include/asm/atomic.h -index fa934fe..c296056 100644 +index adbe380..adb7516 100644 --- a/arch/s390/include/asm/atomic.h +++ b/arch/s390/include/asm/atomic.h -@@ -412,4 +412,14 @@ static inline long long atomic64_dec_if_positive(atomic64_t *v) +@@ -317,4 +317,14 @@ static inline long long atomic64_dec_if_positive(atomic64_t *v) #define atomic64_dec_and_test(_v) (atomic64_sub_return(1, _v) == 0) #define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0) @@ -9468,36 +9528,23 @@ index 4d7ccac..d03d0ad 100644 #define __read_mostly __attribute__((__section__(".data..read_mostly"))) diff --git a/arch/s390/include/asm/elf.h b/arch/s390/include/asm/elf.h -index c9c875d..b4b0e4c 100644 +index 3ad48f2..64cc6f3 100644 --- a/arch/s390/include/asm/elf.h +++ b/arch/s390/include/asm/elf.h -@@ -163,8 +163,14 @@ extern unsigned int vdso_enabled; - the loader. We need to make sure that it is out of the way of the program - that it will "exec", and that there is sufficient room for the brk. */ +@@ -163,6 +163,13 @@ extern unsigned int vdso_enabled; + (STACK_TOP / 3 * 2) : \ + (STACK_TOP / 3 * 2) & ~((1UL << 32) - 1)) --extern unsigned long randomize_et_dyn(void); --#define ELF_ET_DYN_BASE randomize_et_dyn() -+#define ELF_ET_DYN_BASE (STACK_TOP / 3 * 2) -+ +#ifdef CONFIG_PAX_ASLR +#define PAX_ELF_ET_DYN_BASE (test_thread_flag(TIF_31BIT) ? 0x10000UL : 0x80000000UL) + +#define PAX_DELTA_MMAP_LEN (test_thread_flag(TIF_31BIT) ? 15 : 26) +#define PAX_DELTA_STACK_LEN (test_thread_flag(TIF_31BIT) ? 15 : 26) +#endif - ++ /* This yields a mask that user programs can use to figure out what instruction set this CPU supports. */ -@@ -225,9 +231,6 @@ struct linux_binprm; - #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1 - int arch_setup_additional_pages(struct linux_binprm *, int); --extern unsigned long arch_randomize_brk(struct mm_struct *mm); --#define arch_randomize_brk arch_randomize_brk -- - void *fill_cpu_elf_notes(void *ptr, struct save_area *sa, __vector128 *vxrs); - - #endif diff --git a/arch/s390/include/asm/exec.h b/arch/s390/include/asm/exec.h index c4a93d6..4d2a9b4 100644 --- a/arch/s390/include/asm/exec.h @@ -9511,7 +9558,7 @@ index c4a93d6..4d2a9b4 100644 #endif /* __ASM_EXEC_H */ diff --git a/arch/s390/include/asm/uaccess.h b/arch/s390/include/asm/uaccess.h -index cd4c68e..6764641 100644 +index d64a7a6..0830329 100644 --- a/arch/s390/include/asm/uaccess.h +++ b/arch/s390/include/asm/uaccess.h @@ -59,6 +59,7 @@ static inline int __range_ok(unsigned long addr, unsigned long size) @@ -9551,10 +9598,10 @@ index cd4c68e..6764641 100644 return n; } diff --git a/arch/s390/kernel/module.c b/arch/s390/kernel/module.c -index 2ca9586..55682a9 100644 +index 0c1a679..e1df357 100644 --- a/arch/s390/kernel/module.c +++ b/arch/s390/kernel/module.c -@@ -165,11 +165,11 @@ int module_frob_arch_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs, +@@ -159,11 +159,11 @@ int module_frob_arch_sections(Elf_Ehdr *hdr, Elf_Shdr *sechdrs, /* Increase core size by size of got & plt and set start offsets for got and plt. */ @@ -9571,7 +9618,7 @@ index 2ca9586..55682a9 100644 return 0; } -@@ -285,7 +285,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, +@@ -279,7 +279,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, if (info->got_initialized == 0) { Elf_Addr *gotent; @@ -9580,7 +9627,7 @@ index 2ca9586..55682a9 100644 info->got_offset; *gotent = val; info->got_initialized = 1; -@@ -308,7 +308,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, +@@ -302,7 +302,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, rc = apply_rela_bits(loc, val, 0, 64, 0); else if (r_type == R_390_GOTENT || r_type == R_390_GOTPLTENT) { @@ -9589,16 +9636,16 @@ index 2ca9586..55682a9 100644 rc = apply_rela_bits(loc, val, 1, 32, 1); } break; -@@ -321,7 +321,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, +@@ -315,7 +315,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, case R_390_PLTOFF64: /* 16 bit offset from GOT to PLT. */ if (info->plt_initialized == 0) { unsigned int *ip; - ip = me->module_core + me->arch.plt_offset + + ip = me->module_core_rx + me->arch.plt_offset + info->plt_offset; - #ifndef CONFIG_64BIT - ip[0] = 0x0d105810; /* basr 1,0; l 1,6(1); br 1 */ -@@ -346,7 +346,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, + ip[0] = 0x0d10e310; /* basr 1,0; lg 1,10(1); br 1 */ + ip[1] = 0x100a0004; +@@ -334,7 +334,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, val - loc + 0xffffUL < 0x1ffffeUL) || (r_type == R_390_PLT32DBL && val - loc + 0xffffffffULL < 0x1fffffffeULL))) @@ -9607,7 +9654,7 @@ index 2ca9586..55682a9 100644 me->arch.plt_offset + info->plt_offset; val += rela->r_addend - loc; -@@ -368,7 +368,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, +@@ -356,7 +356,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, case R_390_GOTOFF32: /* 32 bit offset to GOT. */ case R_390_GOTOFF64: /* 64 bit offset to GOT. */ val = val + rela->r_addend - @@ -9616,7 +9663,7 @@ index 2ca9586..55682a9 100644 if (r_type == R_390_GOTOFF16) rc = apply_rela_bits(loc, val, 0, 16, 0); else if (r_type == R_390_GOTOFF32) -@@ -378,7 +378,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, +@@ -366,7 +366,7 @@ static int apply_rela(Elf_Rela *rela, Elf_Addr base, Elf_Sym *symtab, break; case R_390_GOTPC: /* 32 bit PC relative offset to GOT. */ case R_390_GOTPCDBL: /* 32 bit PC rel. off. to GOT shifted by 1. */ @@ -9626,10 +9673,10 @@ index 2ca9586..55682a9 100644 if (r_type == R_390_GOTPC) rc = apply_rela_bits(loc, val, 1, 32, 0); diff --git a/arch/s390/kernel/process.c b/arch/s390/kernel/process.c -index 13fc097..84d375f 100644 +index dc5edc2..7d34ae3 100644 --- a/arch/s390/kernel/process.c +++ b/arch/s390/kernel/process.c -@@ -227,27 +227,3 @@ unsigned long get_wchan(struct task_struct *p) +@@ -200,27 +200,3 @@ unsigned long get_wchan(struct task_struct *p) } return 0; } @@ -9658,48 +9705,24 @@ index 13fc097..84d375f 100644 - return (ret > mm->brk) ? ret : mm->brk; -} diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c -index 179a2c2..4ba9137 100644 +index 6e552af..3e608a1 100644 --- a/arch/s390/mm/mmap.c +++ b/arch/s390/mm/mmap.c -@@ -62,6 +62,12 @@ static inline int mmap_is_legacy(void) - - static unsigned long mmap_rnd(void) +@@ -239,6 +239,10 @@ void arch_pick_mmap_layout(struct mm_struct *mm) { -+ -+#ifdef CONFIG_PAX_RANDMMAP -+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) -+ return 0; -+#endif -+ - if (!(current->flags & PF_RANDOMIZE)) - return 0; - if (is_32bit_task()) -@@ -204,9 +210,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) - */ - if (mmap_is_legacy()) { - mm->mmap_base = mmap_base_legacy(); -+ -+#ifdef CONFIG_PAX_RANDMMAP -+ if (mm->pax_flags & MF_PAX_RANDMMAP) -+ mm->mmap_base += mm->delta_mmap; -+#endif -+ - mm->get_unmapped_area = arch_get_unmapped_area; - } else { - mm->mmap_base = mmap_base(); -+ + unsigned long random_factor = 0UL; + +#ifdef CONFIG_PAX_RANDMMAP -+ if (mm->pax_flags & MF_PAX_RANDMMAP) -+ mm->mmap_base -= mm->delta_mmap + mm->delta_stack; ++ if (!(mm->pax_flags & MF_PAX_RANDMMAP)) +#endif + - mm->get_unmapped_area = arch_get_unmapped_area_topdown; - } - } -@@ -279,9 +297,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) + if (current->flags & PF_RANDOMIZE) + random_factor = arch_mmap_rnd(); + +@@ -248,9 +252,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm) */ if (mmap_is_legacy()) { - mm->mmap_base = mmap_base_legacy(); + mm->mmap_base = mmap_base_legacy(random_factor); + +#ifdef CONFIG_PAX_RANDMMAP + if (mm->pax_flags & MF_PAX_RANDMMAP) @@ -9708,7 +9731,7 @@ index 179a2c2..4ba9137 100644 + mm->get_unmapped_area = s390_get_unmapped_area; } else { - mm->mmap_base = mmap_base(); + mm->mmap_base = mmap_base(random_factor); + +#ifdef CONFIG_PAX_RANDMMAP + if (mm->pax_flags & MF_PAX_RANDMMAP) @@ -10329,10 +10352,10 @@ index 9689176..63c18ea 100644 unsigned long mask, tmp1, tmp2, result; diff --git a/arch/sparc/include/asm/thread_info_32.h b/arch/sparc/include/asm/thread_info_32.h -index fd7bd0a..2e2fa7a 100644 +index 229475f..2fca9163 100644 --- a/arch/sparc/include/asm/thread_info_32.h +++ b/arch/sparc/include/asm/thread_info_32.h -@@ -47,6 +47,7 @@ struct thread_info { +@@ -48,6 +48,7 @@ struct thread_info { struct reg_window32 reg_window[NSWINS]; /* align for ldd! */ unsigned long rwbuf_stkptrs[NSWINS]; unsigned long w_saved; @@ -10341,10 +10364,10 @@ index fd7bd0a..2e2fa7a 100644 /* diff --git a/arch/sparc/include/asm/thread_info_64.h b/arch/sparc/include/asm/thread_info_64.h -index ff45516..73001ab 100644 +index bde5982..9cbb56d 100644 --- a/arch/sparc/include/asm/thread_info_64.h +++ b/arch/sparc/include/asm/thread_info_64.h -@@ -61,6 +61,8 @@ struct thread_info { +@@ -59,6 +59,8 @@ struct thread_info { struct pt_regs *kern_una_regs; unsigned int kern_una_insn; @@ -10353,7 +10376,7 @@ index ff45516..73001ab 100644 unsigned long fpregs[(7 * 256) / sizeof(unsigned long)] __attribute__ ((aligned(64))); }; -@@ -184,12 +186,13 @@ register struct thread_info *current_thread_info_reg asm("g6"); +@@ -180,12 +182,13 @@ register struct thread_info *current_thread_info_reg asm("g6"); #define TIF_NEED_RESCHED 3 /* rescheduling necessary */ /* flag bit 4 is available */ #define TIF_UNALIGNED 5 /* allowed to do unaligned accesses */ @@ -10368,7 +10391,7 @@ index ff45516..73001ab 100644 /* NOTE: Thread flags >= 12 should be ones we have no interest * in using in assembly, else we can't use the mask as * an immediate value in instructions such as andcc. -@@ -209,12 +212,17 @@ register struct thread_info *current_thread_info_reg asm("g6"); +@@ -205,12 +208,17 @@ register struct thread_info *current_thread_info_reg asm("g6"); #define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT) #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) #define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) @@ -10654,10 +10677,10 @@ index 9ddc492..27a5619 100644 if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) diff --git a/arch/sparc/kernel/smp_64.c b/arch/sparc/kernel/smp_64.c -index 61139d9..c1a5f28 100644 +index 19cd08d..ff21e99 100644 --- a/arch/sparc/kernel/smp_64.c +++ b/arch/sparc/kernel/smp_64.c -@@ -887,7 +887,7 @@ void smp_flush_dcache_page_impl(struct page *page, int cpu) +@@ -891,7 +891,7 @@ void smp_flush_dcache_page_impl(struct page *page, int cpu) return; #ifdef CONFIG_DEBUG_DCFLUSH @@ -10666,7 +10689,7 @@ index 61139d9..c1a5f28 100644 #endif this_cpu = get_cpu(); -@@ -911,7 +911,7 @@ void smp_flush_dcache_page_impl(struct page *page, int cpu) +@@ -915,7 +915,7 @@ void smp_flush_dcache_page_impl(struct page *page, int cpu) xcall_deliver(data0, __pa(pg_addr), (u64) pg_addr, cpumask_of(cpu)); #ifdef CONFIG_DEBUG_DCFLUSH @@ -10675,7 +10698,7 @@ index 61139d9..c1a5f28 100644 #endif } } -@@ -930,7 +930,7 @@ void flush_dcache_page_all(struct mm_struct *mm, struct page *page) +@@ -934,7 +934,7 @@ void flush_dcache_page_all(struct mm_struct *mm, struct page *page) preempt_disable(); #ifdef CONFIG_DEBUG_DCFLUSH @@ -10684,7 +10707,7 @@ index 61139d9..c1a5f28 100644 #endif data0 = 0; pg_addr = page_address(page); -@@ -947,7 +947,7 @@ void flush_dcache_page_all(struct mm_struct *mm, struct page *page) +@@ -951,7 +951,7 @@ void flush_dcache_page_all(struct mm_struct *mm, struct page *page) xcall_deliver(data0, __pa(pg_addr), (u64) pg_addr, cpu_online_mask); #ifdef CONFIG_DEBUG_DCFLUSH @@ -10920,7 +10943,7 @@ index bb00089..e0ea580 100644 2: diff --git a/arch/sparc/kernel/traps_32.c b/arch/sparc/kernel/traps_32.c -index 6fd386c5..6907d81 100644 +index 4f21df7..0a374da 100644 --- a/arch/sparc/kernel/traps_32.c +++ b/arch/sparc/kernel/traps_32.c @@ -44,6 +44,8 @@ static void instruction_dump(unsigned long *pc) @@ -10953,7 +10976,7 @@ index 6fd386c5..6907d81 100644 } diff --git a/arch/sparc/kernel/traps_64.c b/arch/sparc/kernel/traps_64.c -index 0e69974..0c15a6e 100644 +index d21cd62..00a4a17 100644 --- a/arch/sparc/kernel/traps_64.c +++ b/arch/sparc/kernel/traps_64.c @@ -79,7 +79,7 @@ static void dump_tl1_traplog(struct tl1_traplog *p) @@ -12270,10 +12293,10 @@ index 4242eab..9ae6360 100644 pte_t *huge_pte_alloc(struct mm_struct *mm, diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c -index 4ca0d6b..e89bca1 100644 +index 559cb74..9e5f097 100644 --- a/arch/sparc/mm/init_64.c +++ b/arch/sparc/mm/init_64.c -@@ -186,9 +186,9 @@ unsigned long sparc64_kern_sec_context __read_mostly; +@@ -187,9 +187,9 @@ unsigned long sparc64_kern_sec_context __read_mostly; int num_kernel_image_mappings; #ifdef CONFIG_DEBUG_DCFLUSH @@ -12285,7 +12308,7 @@ index 4ca0d6b..e89bca1 100644 #endif #endif -@@ -196,7 +196,7 @@ inline void flush_dcache_page_impl(struct page *page) +@@ -197,7 +197,7 @@ inline void flush_dcache_page_impl(struct page *page) { BUG_ON(tlb_type == hypervisor); #ifdef CONFIG_DEBUG_DCFLUSH @@ -12294,7 +12317,7 @@ index 4ca0d6b..e89bca1 100644 #endif #ifdef DCACHE_ALIASING_POSSIBLE -@@ -468,10 +468,10 @@ void mmu_info(struct seq_file *m) +@@ -469,10 +469,10 @@ void mmu_info(struct seq_file *m) #ifdef CONFIG_DEBUG_DCFLUSH seq_printf(m, "DCPageFlushes\t: %d\n", @@ -12308,10 +12331,10 @@ index 4ca0d6b..e89bca1 100644 #endif /* CONFIG_DEBUG_DCFLUSH */ } diff --git a/arch/tile/Kconfig b/arch/tile/Kconfig -index 7cca418..53fc030 100644 +index a07e31b..85c9003 100644 --- a/arch/tile/Kconfig +++ b/arch/tile/Kconfig -@@ -192,6 +192,7 @@ source "kernel/Kconfig.hz" +@@ -198,6 +198,7 @@ source "kernel/Kconfig.hz" config KEXEC bool "kexec system call" @@ -12395,7 +12418,7 @@ index 8416240..a012fb7 100644 /* diff --git a/arch/um/Makefile b/arch/um/Makefile -index e4b1a96..16162f8 100644 +index 17d4460..9d74338e3de4 100644 --- a/arch/um/Makefile +++ b/arch/um/Makefile @@ -72,6 +72,10 @@ USER_CFLAGS = $(patsubst $(KERNEL_DEFINES),,$(patsubst -D__KERNEL__,,\ @@ -12407,7 +12430,7 @@ index e4b1a96..16162f8 100644 +endif + #This will adjust *FLAGS accordingly to the platform. - include $(srctree)/$(ARCH_DIR)/Makefile-os-$(OS) + include $(ARCH_DIR)/Makefile-os-$(OS) diff --git a/arch/um/include/asm/cache.h b/arch/um/include/asm/cache.h index 19e1bdd..3665b77 100644 @@ -12468,10 +12491,10 @@ index 2b4274e..754fe06 100644 #ifdef CONFIG_64BIT #define set_pud(pudptr, pudval) set_64bit((u64 *) (pudptr), pud_val(pudval)) diff --git a/arch/um/kernel/process.c b/arch/um/kernel/process.c -index f17bca8..48adb87 100644 +index 68b9119..f72353c 100644 --- a/arch/um/kernel/process.c +++ b/arch/um/kernel/process.c -@@ -356,22 +356,6 @@ int singlestepping(void * t) +@@ -345,22 +345,6 @@ int singlestepping(void * t) return 2; } @@ -12512,10 +12535,19 @@ index ad8f795..2c7eec6 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 570c71d..992da93 100644 +index 226d569..d420edc 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig -@@ -132,7 +132,7 @@ config X86 +@@ -32,7 +32,7 @@ config X86 + select HAVE_AOUT if X86_32 + select HAVE_UNSTABLE_SCHED_CLOCK + select ARCH_SUPPORTS_NUMA_BALANCING if X86_64 +- select ARCH_SUPPORTS_INT128 if X86_64 ++ select ARCH_SUPPORTS_INT128 if X86_64 && !PAX_SIZE_OVERFLOW + select HAVE_IDE + select HAVE_OPROFILE + select HAVE_PCSPKR_PLATFORM +@@ -134,7 +134,7 @@ config X86 select RTC_LIB select HAVE_DEBUG_STACKOVERFLOW select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64 @@ -12533,7 +12565,7 @@ index 570c71d..992da93 100644 config ARCH_HWEIGHT_CFLAGS string -@@ -632,6 +632,7 @@ config SCHED_OMIT_FRAME_POINTER +@@ -638,6 +638,7 @@ config SCHED_OMIT_FRAME_POINTER menuconfig HYPERVISOR_GUEST bool "Linux guest support" @@ -12541,7 +12573,7 @@ index 570c71d..992da93 100644 ---help--- Say Y here to enable options for running Linux under various hyper- visors. This option enables basic hypervisor detection and platform -@@ -1013,6 +1014,7 @@ config VM86 +@@ -1005,6 +1006,7 @@ config VM86 config X86_16BIT bool "Enable support for 16-bit segments" if EXPERT @@ -12549,7 +12581,7 @@ index 570c71d..992da93 100644 default y ---help--- This option is required by programs like Wine to run 16-bit -@@ -1186,6 +1188,7 @@ choice +@@ -1178,6 +1180,7 @@ choice config NOHIGHMEM bool "off" @@ -12557,7 +12589,7 @@ index 570c71d..992da93 100644 ---help--- Linux can use up to 64 Gigabytes of physical memory on x86 systems. However, the address space of 32-bit x86 processors is only 4 -@@ -1222,6 +1225,7 @@ config NOHIGHMEM +@@ -1214,6 +1217,7 @@ config NOHIGHMEM config HIGHMEM4G bool "4GB" @@ -12565,7 +12597,7 @@ index 570c71d..992da93 100644 ---help--- Select this if you have a 32-bit processor and between 1 and 4 gigabytes of physical RAM. -@@ -1274,7 +1278,7 @@ config PAGE_OFFSET +@@ -1266,7 +1270,7 @@ config PAGE_OFFSET hex default 0xB0000000 if VMSPLIT_3G_OPT default 0x80000000 if VMSPLIT_2G @@ -12574,7 +12606,7 @@ index 570c71d..992da93 100644 default 0x40000000 if VMSPLIT_1G default 0xC0000000 depends on X86_32 -@@ -1715,6 +1719,7 @@ source kernel/Kconfig.hz +@@ -1717,6 +1721,7 @@ source kernel/Kconfig.hz config KEXEC bool "kexec system call" @@ -12582,7 +12614,7 @@ index 570c71d..992da93 100644 ---help--- kexec is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot -@@ -1900,7 +1905,9 @@ config X86_NEED_RELOCS +@@ -1899,7 +1904,9 @@ config X86_NEED_RELOCS config PHYSICAL_ALIGN hex "Alignment value to which kernel should be aligned" @@ -12593,7 +12625,7 @@ index 570c71d..992da93 100644 range 0x2000 0x1000000 if X86_32 range 0x200000 0x1000000 if X86_64 ---help--- -@@ -1983,6 +1990,7 @@ config COMPAT_VDSO +@@ -1982,6 +1989,7 @@ config COMPAT_VDSO def_bool n prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)" depends on X86_32 || IA32_EMULATION @@ -12601,6 +12633,29 @@ index 570c71d..992da93 100644 ---help--- Certain buggy versions of glibc will crash if they are presented with a 32-bit vDSO that is not mapped at the address +@@ -2046,6 +2054,22 @@ config CMDLINE_OVERRIDE + This is used to work around broken boot loaders. This should + be set to 'N' under normal conditions. + ++config DEFAULT_MODIFY_LDT_SYSCALL ++ bool "Allow userspace to modify the LDT by default" ++ default y ++ ++ ---help--- ++ Modifying the LDT (Local Descriptor Table) may be needed to run a ++ 16-bit or segmented code such as Dosemu or Wine. This is done via ++ a system call which is not needed to run portable applications, ++ and which can sometimes be abused to exploit some weaknesses of ++ the architecture, opening new vulnerabilities. ++ ++ For this reason this option allows one to enable or disable the ++ feature at runtime. It is recommended to say 'N' here to leave ++ the system protected, and to enable it at runtime only if needed ++ by setting the sys.kernel.modify_ldt sysctl. ++ + source "kernel/livepatch/Kconfig" + + endmenu diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu index 6983314..54ad7e8 100644 --- a/arch/x86/Kconfig.cpu @@ -12633,10 +12688,10 @@ index 6983314..54ad7e8 100644 config X86_MINIMUM_CPU_FAMILY int diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug -index 20028da..88d5946 100644 +index 72484a6..83a4411 100644 --- a/arch/x86/Kconfig.debug +++ b/arch/x86/Kconfig.debug -@@ -93,7 +93,7 @@ config EFI_PGT_DUMP +@@ -89,7 +89,7 @@ config EFI_PGT_DUMP config DEBUG_RODATA bool "Write protect kernel read-only data structures" default y @@ -12645,7 +12700,7 @@ index 20028da..88d5946 100644 ---help--- Mark the kernel read-only data as write-protected in the pagetables, in order to catch accidental (and incorrect) writes to such const -@@ -111,7 +111,7 @@ config DEBUG_RODATA_TEST +@@ -107,7 +107,7 @@ config DEBUG_RODATA_TEST config DEBUG_SET_MODULE_RONX bool "Set loadable kernel module data as NX and text as RO" @@ -12655,12 +12710,12 @@ index 20028da..88d5946 100644 This option helps catch unintended modifications to loadable kernel module's text and read-only data. It also prevents execution diff --git a/arch/x86/Makefile b/arch/x86/Makefile -index 5ba2d9c..41e5bb6 100644 +index 2fda005..2c72d40 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile @@ -65,9 +65,6 @@ ifeq ($(CONFIG_X86_32),y) # CPU-specific tuning. Anything which can be shared with UML should go here. - include $(srctree)/arch/x86/Makefile_32.cpu + include arch/x86/Makefile_32.cpu KBUILD_CFLAGS += $(cflags-y) - - # temporary until string.h is fixed @@ -12817,10 +12872,10 @@ index 630384a..278e788 100644 .quad 0x0000000000000000 /* TS continued */ efi_gdt64_end: diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S -index 1d7fbbc..36ecd58 100644 +index 8ef964d..fcfb8aa 100644 --- a/arch/x86/boot/compressed/head_32.S +++ b/arch/x86/boot/compressed/head_32.S -@@ -140,10 +140,10 @@ preferred_addr: +@@ -141,10 +141,10 @@ preferred_addr: addl %eax, %ebx notl %eax andl %eax, %ebx @@ -12834,10 +12889,10 @@ index 1d7fbbc..36ecd58 100644 /* Target address to relocate to for decompression */ diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S -index 6b1766c..ad465c9 100644 +index b0c0d16..3b44ff8 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S -@@ -94,10 +94,10 @@ ENTRY(startup_32) +@@ -95,10 +95,10 @@ ENTRY(startup_32) addl %eax, %ebx notl %eax andl %eax, %ebx @@ -12850,7 +12905,7 @@ index 6b1766c..ad465c9 100644 1: /* Target address to relocate to for decompression */ -@@ -322,10 +322,10 @@ preferred_addr: +@@ -323,10 +323,10 @@ preferred_addr: addq %rax, %rbp notq %rax andq %rax, %rbp @@ -12863,7 +12918,7 @@ index 6b1766c..ad465c9 100644 1: /* Target address to relocate to for decompression */ -@@ -434,8 +434,8 @@ gdt: +@@ -435,8 +435,8 @@ gdt: .long gdt .word 0 .quad 0x0000000000000000 /* NULL descriptor */ @@ -12875,7 +12930,7 @@ index 6b1766c..ad465c9 100644 .quad 0x0000000000000000 /* TS continued */ gdt_end: diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c -index a950864..c710239 100644 +index a107b93..55602de 100644 --- a/arch/x86/boot/compressed/misc.c +++ b/arch/x86/boot/compressed/misc.c @@ -242,7 +242,7 @@ static void handle_relocations(void *output, unsigned long output_len) @@ -12914,7 +12969,7 @@ index a950864..c710239 100644 break; default: /* Ignore other PT_* */ break; } -@@ -416,7 +419,7 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap, +@@ -419,7 +422,7 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap, error("Destination address too large"); #endif #ifndef CONFIG_RELOCATABLE @@ -13014,10 +13069,10 @@ index ba3e100..6501b8f 100644 /* diff --git a/arch/x86/boot/video.c b/arch/x86/boot/video.c -index 43eda28..5ab5fdb 100644 +index 05111bb..a1ae1f0 100644 --- a/arch/x86/boot/video.c +++ b/arch/x86/boot/video.c -@@ -96,7 +96,7 @@ static void store_mode_params(void) +@@ -98,7 +98,7 @@ static void store_mode_params(void) static unsigned int get_entry(void) { char entry_buf[4]; @@ -13982,7 +14037,7 @@ index e3531f8..e123f35 100644 ret; ENDPROC(cast6_xts_dec_8way) diff --git a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S -index 26d49eb..8bf39c8 100644 +index 225be06..2885e731 100644 --- a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S +++ b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S @@ -45,6 +45,7 @@ @@ -14302,7 +14357,7 @@ index a410950..9dfe7ad 100644 ENDPROC(\name) diff --git a/arch/x86/crypto/sha256-avx-asm.S b/arch/x86/crypto/sha256-avx-asm.S -index 642f156..51a513c 100644 +index 92b3b5d..0dc1dcb 100644 --- a/arch/x86/crypto/sha256-avx-asm.S +++ b/arch/x86/crypto/sha256-avx-asm.S @@ -49,6 +49,7 @@ @@ -14322,7 +14377,7 @@ index 642f156..51a513c 100644 ENDPROC(sha256_transform_avx) diff --git a/arch/x86/crypto/sha256-avx2-asm.S b/arch/x86/crypto/sha256-avx2-asm.S -index 9e86944..3795e6a 100644 +index 570ec5e..cf2b625 100644 --- a/arch/x86/crypto/sha256-avx2-asm.S +++ b/arch/x86/crypto/sha256-avx2-asm.S @@ -50,6 +50,7 @@ @@ -14342,7 +14397,7 @@ index 9e86944..3795e6a 100644 ENDPROC(sha256_transform_rorx) diff --git a/arch/x86/crypto/sha256-ssse3-asm.S b/arch/x86/crypto/sha256-ssse3-asm.S -index f833b74..8c62a9e 100644 +index 2cedc44..5144899 100644 --- a/arch/x86/crypto/sha256-ssse3-asm.S +++ b/arch/x86/crypto/sha256-ssse3-asm.S @@ -47,6 +47,7 @@ @@ -14362,7 +14417,7 @@ index f833b74..8c62a9e 100644 ENDPROC(sha256_transform_ssse3) diff --git a/arch/x86/crypto/sha512-avx-asm.S b/arch/x86/crypto/sha512-avx-asm.S -index 974dde9..a823ff9 100644 +index 565274d..af6bc08 100644 --- a/arch/x86/crypto/sha512-avx-asm.S +++ b/arch/x86/crypto/sha512-avx-asm.S @@ -49,6 +49,7 @@ @@ -14382,7 +14437,7 @@ index 974dde9..a823ff9 100644 ENDPROC(sha512_transform_avx) diff --git a/arch/x86/crypto/sha512-avx2-asm.S b/arch/x86/crypto/sha512-avx2-asm.S -index 568b961..ed20c37 100644 +index 1f20b35..f25c8c1 100644 --- a/arch/x86/crypto/sha512-avx2-asm.S +++ b/arch/x86/crypto/sha512-avx2-asm.S @@ -51,6 +51,7 @@ @@ -14402,7 +14457,7 @@ index 568b961..ed20c37 100644 ENDPROC(sha512_transform_rorx) diff --git a/arch/x86/crypto/sha512-ssse3-asm.S b/arch/x86/crypto/sha512-ssse3-asm.S -index fb56855..6edd768 100644 +index e610e29..ffcb5ed 100644 --- a/arch/x86/crypto/sha512-ssse3-asm.S +++ b/arch/x86/crypto/sha512-ssse3-asm.S @@ -48,6 +48,7 @@ @@ -14567,7 +14622,7 @@ index 1c3b7ce..02f578d 100644 ret; ENDPROC(twofish_dec_blk_3way) diff --git a/arch/x86/crypto/twofish-x86_64-asm_64.S b/arch/x86/crypto/twofish-x86_64-asm_64.S -index a039d21..524b8b2 100644 +index a350c99..c1bac24 100644 --- a/arch/x86/crypto/twofish-x86_64-asm_64.S +++ b/arch/x86/crypto/twofish-x86_64-asm_64.S @@ -22,6 +22,7 @@ @@ -14581,7 +14636,7 @@ index a039d21..524b8b2 100644 @@ -265,6 +266,7 @@ ENTRY(twofish_enc_blk) popq R1 - movq $1,%rax + movl $1,%eax + pax_force_retaddr ret ENDPROC(twofish_enc_blk) @@ -14589,7 +14644,7 @@ index a039d21..524b8b2 100644 @@ -317,5 +319,6 @@ ENTRY(twofish_dec_blk) popq R1 - movq $1,%rax + movl $1,%eax + pax_force_retaddr ret ENDPROC(twofish_dec_blk) @@ -14607,10 +14662,10 @@ index ae6aad1..719d6d9 100644 set_fs(KERNEL_DS); has_dumped = 1; diff --git a/arch/x86/ia32/ia32_signal.c b/arch/x86/ia32/ia32_signal.c -index d0165c9..0d5639b 100644 +index c81d35e6..3500144 100644 --- a/arch/x86/ia32/ia32_signal.c +++ b/arch/x86/ia32/ia32_signal.c -@@ -218,7 +218,7 @@ asmlinkage long sys32_sigreturn(void) +@@ -216,7 +216,7 @@ asmlinkage long sys32_sigreturn(void) if (__get_user(set.sig[0], &frame->sc.oldmask) || (_COMPAT_NSIG_WORDS > 1 && __copy_from_user((((char *) &set.sig) + 4), @@ -14619,7 +14674,7 @@ index d0165c9..0d5639b 100644 sizeof(frame->extramask)))) goto badframe; -@@ -338,7 +338,7 @@ static void __user *get_sigframe(struct ksignal *ksig, struct pt_regs *regs, +@@ -335,7 +335,7 @@ static void __user *get_sigframe(struct ksignal *ksig, struct pt_regs *regs, sp -= frame_size; /* Align the stack pointer according to the i386 ABI, * i.e. so that on function entry ((sp + 4) & 15) == 0. */ @@ -14628,7 +14683,7 @@ index d0165c9..0d5639b 100644 return (void __user *) sp; } -@@ -383,10 +383,10 @@ int ia32_setup_frame(int sig, struct ksignal *ksig, +@@ -380,10 +380,10 @@ int ia32_setup_frame(int sig, struct ksignal *ksig, } else { /* Return stub is in 32bit vsyscall page */ if (current->mm->context.vdso) @@ -14642,7 +14697,7 @@ index d0165c9..0d5639b 100644 } put_user_try { -@@ -396,7 +396,7 @@ int ia32_setup_frame(int sig, struct ksignal *ksig, +@@ -393,7 +393,7 @@ int ia32_setup_frame(int sig, struct ksignal *ksig, * These are actually not used anymore, but left because some * gdb versions depend on them as a marker. */ @@ -14651,7 +14706,7 @@ index d0165c9..0d5639b 100644 } put_user_catch(err); if (err) -@@ -438,7 +438,7 @@ int ia32_setup_rt_frame(int sig, struct ksignal *ksig, +@@ -435,7 +435,7 @@ int ia32_setup_rt_frame(int sig, struct ksignal *ksig, 0xb8, __NR_ia32_rt_sigreturn, 0x80cd, @@ -14660,7 +14715,7 @@ index d0165c9..0d5639b 100644 }; frame = get_sigframe(ksig, regs, sizeof(*frame), &fpstate); -@@ -461,16 +461,19 @@ int ia32_setup_rt_frame(int sig, struct ksignal *ksig, +@@ -458,16 +458,19 @@ int ia32_setup_rt_frame(int sig, struct ksignal *ksig, if (ksig->ka.sa.sa_flags & SA_RESTORER) restorer = ksig->ka.sa.sa_restorer; @@ -14684,7 +14739,7 @@ index d0165c9..0d5639b 100644 err |= copy_siginfo_to_user32(&frame->info, &ksig->info); diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S -index 156ebca..9591cf0 100644 +index 72bf268..127572a 100644 --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S @@ -15,8 +15,10 @@ @@ -14698,25 +14753,7 @@ index 156ebca..9591cf0 100644 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ #include <linux/elf-em.h> -@@ -62,12 +64,12 @@ - */ - .macro LOAD_ARGS32 offset, _r9=0 - .if \_r9 -- movl \offset+16(%rsp),%r9d -+ movl \offset+R9(%rsp),%r9d - .endif -- movl \offset+40(%rsp),%ecx -- movl \offset+48(%rsp),%edx -- movl \offset+56(%rsp),%esi -- movl \offset+64(%rsp),%edi -+ movl \offset+RCX(%rsp),%ecx -+ movl \offset+RDX(%rsp),%edx -+ movl \offset+RSI(%rsp),%esi -+ movl \offset+RDI(%rsp),%edi - movl %eax,%eax /* zero extension */ - .endm - -@@ -96,6 +98,32 @@ ENTRY(native_irq_enable_sysexit) +@@ -85,6 +87,32 @@ ENTRY(native_irq_enable_sysexit) ENDPROC(native_irq_enable_sysexit) #endif @@ -14749,51 +14786,56 @@ index 156ebca..9591cf0 100644 /* * 32bit SYSENTER instruction entry. * -@@ -122,12 +150,6 @@ ENTRY(ia32_sysenter_target) - CFI_REGISTER rsp,rbp +@@ -119,23 +147,24 @@ ENTRY(ia32_sysenter_target) + * it is too small to ever cause noticeable irq latency. + */ SWAPGS_UNSAFE_STACK - movq PER_CPU_VAR(kernel_stack), %rsp -- addq $(KERNEL_STACK_OFFSET),%rsp -- /* -- * No need to follow this irqs on/off section: the syscall -- * disabled irqs, here we enable it straight after entry: -- */ +- movq PER_CPU_VAR(cpu_tss + TSS_sp0), %rsp - ENABLE_INTERRUPTS(CLBR_NONE) - movl %ebp,%ebp /* zero extension */ - pushq_cfi $__USER32_DS - /*CFI_REL_OFFSET ss,0*/ -@@ -135,23 +157,46 @@ ENTRY(ia32_sysenter_target) - CFI_REL_OFFSET rsp,0 - pushfq_cfi - /*CFI_REL_OFFSET rflags,0*/ -- movl TI_sysenter_return+THREAD_INFO(%rsp,3*8-KERNEL_STACK_OFFSET),%r10d ++ movq PER_CPU_VAR(kernel_stack), %rsp + + /* Zero-extending 32-bit regs, do not remove */ + movl %ebp, %ebp + movl %eax, %eax + +- movl ASM_THREAD_INFO(TI_sysenter_return, %rsp, 0), %r10d - CFI_REGISTER rip,r10 -+ orl $X86_EFLAGS_IF,(%rsp) + GET_THREAD_INFO(%r11) + movl TI_sysenter_return(%r11), %r11d + CFI_REGISTER rip,r11 - pushq_cfi $__USER32_CS - /*CFI_REL_OFFSET cs,0*/ - movl %eax, %eax -- pushq_cfi %r10 -+ pushq_cfi %r11 - CFI_REL_OFFSET rip,0 - pushq_cfi %rax - cld - SAVE_ARGS 0,1,0 + + /* Construct struct pt_regs on stack */ + pushq_cfi $__USER32_DS /* pt_regs->ss */ + pushq_cfi %rbp /* pt_regs->sp */ + CFI_REL_OFFSET rsp,0 + pushfq_cfi /* pt_regs->flags */ ++ orl $X86_EFLAGS_IF,(%rsp) + pushq_cfi $__USER32_CS /* pt_regs->cs */ +- pushq_cfi %r10 /* pt_regs->ip = thread_info->sysenter_return */ ++ pushq_cfi %r11 /* pt_regs->ip = thread_info->sysenter_return */ + CFI_REL_OFFSET rip,0 + pushq_cfi_reg rax /* pt_regs->orig_ax */ + pushq_cfi_reg rdi /* pt_regs->di */ +@@ -147,15 +176,37 @@ ENTRY(ia32_sysenter_target) + sub $(10*8),%rsp /* pt_regs->r8-11,bp,bx,r12-15 not saved */ + CFI_ADJUST_CFA_OFFSET 10*8 + ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 ++#endif ++ + pax_enter_kernel_user + +#ifdef CONFIG_PAX_RANDKSTACK + pax_erase_kstack +#endif + -+ /* -+ * No need to follow this irqs on/off section: the syscall -+ * disabled irqs, here we enable it straight after entry: -+ */ + ENABLE_INTERRUPTS(CLBR_NONE) - /* no need to do an access_ok check here because rbp has been - 32bit zero extended */ ++ + /* + * no need to do an access_ok check here because rbp has been + * 32bit zero extended + */ + +#ifdef CONFIG_PAX_MEMORY_UDEREF + addq pax_user_shadow_base,%rbp @@ -14812,83 +14854,85 @@ index 156ebca..9591cf0 100644 /* * Sysenter doesn't filter flags, so we need to clear NT * ourselves. To save a few cycles, we can check whether -@@ -161,8 +206,9 @@ ENTRY(ia32_sysenter_target) +@@ -165,8 +216,9 @@ ENTRY(ia32_sysenter_target) jnz sysenter_fix_flags sysenter_flags_fixed: -- orl $TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) -- testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS) +- testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + GET_THREAD_INFO(%r11) + orl $TS_COMPAT,TI_status(%r11) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r11) CFI_REMEMBER_STATE jnz sysenter_tracesys cmpq $(IA32_NR_syscalls-1),%rax -@@ -172,14 +218,17 @@ sysenter_do_call: +@@ -181,9 +233,10 @@ sysenter_do_call: sysenter_dispatch: call *ia32_sys_call_table(,%rax,8) - movq %rax,RAX-ARGOFFSET(%rsp) + movq %rax,RAX(%rsp) + GET_THREAD_INFO(%r11) DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF -- testl $_TIF_ALLWORK_MASK,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $_TIF_ALLWORK_MASK, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl $_TIF_ALLWORK_MASK,TI_flags(%r11) jnz sysexit_audit sysexit_from_sys_call: -- andl $~TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) + /* +@@ -196,7 +249,9 @@ sysexit_from_sys_call: + * This code path is still called 'sysexit' because it pairs + * with 'sysenter' and it uses the SYSENTER calling convention. + */ +- andl $~TS_COMPAT,ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS) + pax_exit_kernel_user + pax_erase_kstack + andl $~TS_COMPAT,TI_status(%r11) - /* clear IF, that popfq doesn't enable interrupts early */ -- andl $~0x200,EFLAGS-ARGOFFSET(%rsp) -+ andl $~X86_EFLAGS_IF,EFLAGS-ARGOFFSET(%rsp) - movl RIP-ARGOFFSET(%rsp),%edx /* User %eip */ - CFI_REGISTER rip,rdx - RESTORE_ARGS 0,24,0,0,0,0 -@@ -205,6 +254,9 @@ sysexit_from_sys_call: + movl RIP(%rsp),%ecx /* User %eip */ + CFI_REGISTER rip,rcx + RESTORE_RSI_RDI +@@ -247,6 +302,9 @@ sysexit_from_sys_call: movl %ebx,%esi /* 2nd arg: 1st syscall arg */ movl %eax,%edi /* 1st arg: syscall number */ call __audit_syscall_entry + + pax_erase_kstack + - movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall number */ + movl RAX(%rsp),%eax /* reload syscall number */ cmpq $(IA32_NR_syscalls-1),%rax ja ia32_badsys -@@ -216,7 +268,7 @@ sysexit_from_sys_call: +@@ -258,7 +316,7 @@ sysexit_from_sys_call: .endm .macro auditsys_exit exit -- testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),TI_flags(%r11) jnz ia32_ret_from_sys_call TRACE_IRQS_ON ENABLE_INTERRUPTS(CLBR_NONE) -@@ -227,11 +279,12 @@ sysexit_from_sys_call: +@@ -269,11 +327,12 @@ sysexit_from_sys_call: 1: setbe %al /* 1 if error, 0 if not */ movzbl %al,%edi /* zero-extend that into %edi */ call __audit_syscall_exit + GET_THREAD_INFO(%r11) - movq RAX-ARGOFFSET(%rsp),%rax /* reload syscall return value */ + movq RAX(%rsp),%rax /* reload syscall return value */ movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF -- testl %edi,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl %edi, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl %edi,TI_flags(%r11) jz \exit - CLEAR_RREGS -ARGOFFSET + CLEAR_RREGS jmp int_with_check -@@ -253,7 +306,7 @@ sysenter_fix_flags: +@@ -295,7 +354,7 @@ sysenter_fix_flags: sysenter_tracesys: #ifdef CONFIG_AUDITSYSCALL -- testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags(%r11) jz sysenter_auditsys #endif - SAVE_REST -@@ -265,6 +318,9 @@ sysenter_tracesys: - RESTORE_REST + SAVE_EXTRA_REGS +@@ -307,6 +366,9 @@ sysenter_tracesys: + RESTORE_EXTRA_REGS cmpq $(IA32_NR_syscalls-1),%rax ja int_ret_from_sys_call /* sysenter_tracesys has set RAX(%rsp) */ + @@ -14897,51 +14941,47 @@ index 156ebca..9591cf0 100644 jmp sysenter_do_call CFI_ENDPROC ENDPROC(ia32_sysenter_target) -@@ -292,19 +348,25 @@ ENDPROC(ia32_sysenter_target) - ENTRY(ia32_cstar_target) - CFI_STARTPROC32 simple - CFI_SIGNAL_FRAME -- CFI_DEF_CFA rsp,KERNEL_STACK_OFFSET -+ CFI_DEF_CFA rsp,0 - CFI_REGISTER rip,rcx - /*CFI_REGISTER rflags,r11*/ - SWAPGS_UNSAFE_STACK +@@ -357,7 +419,6 @@ ENTRY(ia32_cstar_target) movl %esp,%r8d CFI_REGISTER rsp,r8 movq PER_CPU_VAR(kernel_stack),%rsp -+ SAVE_ARGS 8*6,0,0 +- ENABLE_INTERRUPTS(CLBR_NONE) + + /* Zero-extending 32-bit regs, do not remove */ + movl %eax,%eax +@@ -380,16 +441,41 @@ ENTRY(ia32_cstar_target) + sub $(10*8),%rsp /* pt_regs->r8-11,bp,bx,r12-15 not saved */ + CFI_ADJUST_CFA_OFFSET 10*8 + ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 ++#endif ++ + pax_enter_kernel_user + +#ifdef CONFIG_PAX_RANDKSTACK + pax_erase_kstack +#endif + ++ ENABLE_INTERRUPTS(CLBR_NONE) ++ /* - * No need to follow this irqs on/off section: the syscall - * disabled irqs and here we enable it straight after entry: + * no need to do an access_ok check here because r8 has been + * 32bit zero extended */ - ENABLE_INTERRUPTS(CLBR_NONE) -- SAVE_ARGS 8,0,0 - movl %eax,%eax /* zero extension */ - movq %rax,ORIG_RAX-ARGOFFSET(%rsp) - movq %rcx,RIP-ARGOFFSET(%rsp) -@@ -320,12 +382,25 @@ ENTRY(ia32_cstar_target) - /* no need to do an access_ok check here because r8 has been - 32bit zero extended */ - /* hardware stack frame is complete now */ + +#ifdef CONFIG_PAX_MEMORY_UDEREF + ASM_PAX_OPEN_USERLAND + movq pax_user_shadow_base,%r8 -+ addq RSP-ARGOFFSET(%rsp),%r8 ++ addq RSP(%rsp),%r8 +#endif + ASM_STAC 1: movl (%r8),%r9d _ASM_EXTABLE(1b,ia32_badarg) ASM_CLAC -- orl $TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) -- testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS) +- testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + +#ifdef CONFIG_PAX_MEMORY_UDEREF + ASM_PAX_CLOSE_USERLAND @@ -14953,36 +14993,34 @@ index 156ebca..9591cf0 100644 CFI_REMEMBER_STATE jnz cstar_tracesys cmpq $IA32_NR_syscalls-1,%rax -@@ -335,13 +410,16 @@ cstar_do_call: +@@ -404,12 +490,15 @@ cstar_do_call: cstar_dispatch: call *ia32_sys_call_table(,%rax,8) - movq %rax,RAX-ARGOFFSET(%rsp) + movq %rax,RAX(%rsp) + GET_THREAD_INFO(%r11) DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF -- testl $_TIF_ALLWORK_MASK,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $_TIF_ALLWORK_MASK, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl $_TIF_ALLWORK_MASK,TI_flags(%r11) jnz sysretl_audit sysretl_from_sys_call: -- andl $~TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) -- RESTORE_ARGS 0,-ARG_SKIP,0,0,0 +- andl $~TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS) + pax_exit_kernel_user + pax_erase_kstack + andl $~TS_COMPAT,TI_status(%r11) -+ RESTORE_ARGS 0,-ORIG_RAX,0,0,0 - movl RIP-ARGOFFSET(%rsp),%ecx + RESTORE_RSI_RDI_RDX + movl RIP(%rsp),%ecx CFI_REGISTER rip,rcx - movl EFLAGS-ARGOFFSET(%rsp),%r11d -@@ -368,7 +446,7 @@ sysretl_audit: +@@ -451,7 +540,7 @@ sysretl_audit: cstar_tracesys: #ifdef CONFIG_AUDITSYSCALL -- testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags(%r11) jz cstar_auditsys #endif xchgl %r9d,%ebp -@@ -382,11 +460,19 @@ cstar_tracesys: +@@ -465,11 +554,19 @@ cstar_tracesys: xchgl %ebp,%r9d cmpq $(IA32_NR_syscalls-1),%rax ja int_ret_from_sys_call /* cstar_tracesys has set RAX(%rsp) */ @@ -15002,23 +15040,31 @@ index 156ebca..9591cf0 100644 movq $-EFAULT,%rax jmp ia32_sysret CFI_ENDPROC -@@ -423,19 +509,26 @@ ENTRY(ia32_syscall) - CFI_REL_OFFSET rip,RIP-RIP - PARAVIRT_ADJUST_EXCEPTION_FRAME - SWAPGS +@@ -505,14 +602,8 @@ ENTRY(ia32_syscall) + /*CFI_REL_OFFSET cs,1*8 */ + CFI_REL_OFFSET rip,0*8 + - /* -- * No need to follow this irqs on/off section: the syscall -- * disabled irqs and here we enable it straight after entry: +- * Interrupts are off on entry. +- * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON, +- * it is too small to ever cause noticeable irq latency. - */ + PARAVIRT_ADJUST_EXCEPTION_FRAME + SWAPGS - ENABLE_INTERRUPTS(CLBR_NONE) - movl %eax,%eax - pushq_cfi %rax - cld - /* note the registers are not zero extended to the sf. - this could be a problem. */ - SAVE_ARGS 0,1,0 -- orl $TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) -- testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) + + /* Zero-extending 32-bit regs, do not remove */ + movl %eax,%eax +@@ -528,8 +619,26 @@ ENTRY(ia32_syscall) + sub $(10*8),%rsp /* pt_regs->r8-11,bp,bx,r12-15 not saved */ + CFI_ADJUST_CFA_OFFSET 10*8 + +- orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS) +- testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 ++#endif ++ + pax_enter_kernel_user + +#ifdef CONFIG_PAX_RANDKSTACK @@ -15026,18 +15072,20 @@ index 156ebca..9591cf0 100644 +#endif + + /* -+ * No need to follow this irqs on/off section: the syscall -+ * disabled irqs and here we enable it straight after entry: ++ * Interrupts are off on entry. ++ * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON, ++ * it is too small to ever cause noticeable irq latency. + */ + ENABLE_INTERRUPTS(CLBR_NONE) ++ + GET_THREAD_INFO(%r11) + orl $TS_COMPAT,TI_status(%r11) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r11) jnz ia32_tracesys cmpq $(IA32_NR_syscalls-1),%rax ja ia32_badsys -@@ -458,6 +551,9 @@ ia32_tracesys: - RESTORE_REST +@@ -557,6 +666,9 @@ ia32_tracesys: + RESTORE_EXTRA_REGS cmpq $(IA32_NR_syscalls-1),%rax ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ + @@ -15047,7 +15095,7 @@ index 156ebca..9591cf0 100644 END(ia32_syscall) diff --git a/arch/x86/ia32/sys_ia32.c b/arch/x86/ia32/sys_ia32.c -index 8e0ceec..af13504 100644 +index 719cd70..69d576b 100644 --- a/arch/x86/ia32/sys_ia32.c +++ b/arch/x86/ia32/sys_ia32.c @@ -69,8 +69,8 @@ asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long offset_low, @@ -15062,7 +15110,7 @@ index 8e0ceec..af13504 100644 SET_GID(gid, from_kgid_munged(current_user_ns(), stat->gid)); if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct stat64)) || diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h -index 372231c..51b537d 100644 +index bdf02ee..51a4656 100644 --- a/arch/x86/include/asm/alternative-asm.h +++ b/arch/x86/include/asm/alternative-asm.h @@ -18,6 +18,45 @@ @@ -15108,25 +15156,43 @@ index 372231c..51b537d 100644 + .endm +#endif + - .macro altinstruction_entry orig alt feature orig_len alt_len + .macro altinstruction_entry orig alt feature orig_len alt_len pad_len .long \orig - . .long \alt - . +@@ -38,7 +77,7 @@ + altinstruction_entry 140b,143f,\feature,142b-140b,144f-143f,142b-141b + .popsection + +- .pushsection .altinstr_replacement,"ax" ++ .pushsection .altinstr_replacement,"a" + 143: + \newinstr + 144: +@@ -68,7 +107,7 @@ + altinstruction_entry 140b,144f,\feature2,142b-140b,145f-144f,142b-141b + .popsection + +- .pushsection .altinstr_replacement,"ax" ++ .pushsection .altinstr_replacement,"a" + 143: + \newinstr1 + 144: diff --git a/arch/x86/include/asm/alternative.h b/arch/x86/include/asm/alternative.h -index 473bdbe..b1e3377 100644 +index ba32af0..ff42fc0 100644 --- a/arch/x86/include/asm/alternative.h +++ b/arch/x86/include/asm/alternative.h -@@ -106,7 +106,7 @@ static inline int alternatives_text_reserved(void *start, void *end) - ".pushsection .discard,\"aw\",@progbits\n" \ - DISCARD_ENTRY(1) \ +@@ -130,7 +130,7 @@ static inline int alternatives_text_reserved(void *start, void *end) + ".pushsection .altinstructions,\"a\"\n" \ + ALTINSTR_ENTRY(feature, 1) \ ".popsection\n" \ - ".pushsection .altinstr_replacement, \"ax\"\n" \ + ".pushsection .altinstr_replacement, \"a\"\n" \ ALTINSTR_REPLACEMENT(newinstr, feature, 1) \ ".popsection" -@@ -120,7 +120,7 @@ static inline int alternatives_text_reserved(void *start, void *end) - DISCARD_ENTRY(1) \ - DISCARD_ENTRY(2) \ +@@ -140,7 +140,7 @@ static inline int alternatives_text_reserved(void *start, void *end) + ALTINSTR_ENTRY(feature1, 1) \ + ALTINSTR_ENTRY(feature2, 2) \ ".popsection\n" \ - ".pushsection .altinstr_replacement, \"ax\"\n" \ + ".pushsection .altinstr_replacement, \"a\"\n" \ @@ -15134,7 +15200,7 @@ index 473bdbe..b1e3377 100644 ALTINSTR_REPLACEMENT(newinstr2, feature2, 2) \ ".popsection" diff --git a/arch/x86/include/asm/apic.h b/arch/x86/include/asm/apic.h -index efc3b22..85c4f3a 100644 +index 976b86a..f3bc83a 100644 --- a/arch/x86/include/asm/apic.h +++ b/arch/x86/include/asm/apic.h @@ -45,7 +45,7 @@ static inline void generic_apic_probe(void) @@ -16011,7 +16077,7 @@ index f8d273e..02f39f3 100644 #define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0) diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h -index 2ab1eb3..1e8cc5d 100644 +index 959e45b..6ea9bf6 100644 --- a/arch/x86/include/asm/barrier.h +++ b/arch/x86/include/asm/barrier.h @@ -57,7 +57,7 @@ @@ -16159,181 +16225,163 @@ index 48f99f1..d78ebf9 100644 #ifdef CONFIG_X86_VSMP #ifdef CONFIG_SMP diff --git a/arch/x86/include/asm/calling.h b/arch/x86/include/asm/calling.h -index 1f1297b..72b8439 100644 +index 1c8b50e..166bcaa 100644 --- a/arch/x86/include/asm/calling.h +++ b/arch/x86/include/asm/calling.h -@@ -82,106 +82,117 @@ For 32-bit we have the following conventions - kernel is built with - #define RSP 152 - #define SS 160 - --#define ARGOFFSET R11 -+#define ARGOFFSET R15 - - .macro SAVE_ARGS addskip=0, save_rcx=1, save_r891011=1, rax_enosys=0 -- subq $9*8+\addskip, %rsp -- CFI_ADJUST_CFA_OFFSET 9*8+\addskip -- movq_cfi rdi, 8*8 -- movq_cfi rsi, 7*8 -- movq_cfi rdx, 6*8 -+ subq $ORIG_RAX-ARGOFFSET+\addskip, %rsp -+ CFI_ADJUST_CFA_OFFSET ORIG_RAX-ARGOFFSET+\addskip -+ movq_cfi rdi, RDI -+ movq_cfi rsi, RSI -+ movq_cfi rdx, RDX - - .if \save_rcx -- movq_cfi rcx, 5*8 -+ movq_cfi rcx, RCX - .endif +@@ -96,23 +96,26 @@ For 32-bit we have the following conventions - kernel is built with + .endm - .if \rax_enosys -- movq $-ENOSYS, 4*8(%rsp) -+ movq $-ENOSYS, RAX(%rsp) - .else -- movq_cfi rax, 4*8 -+ movq_cfi rax, RAX + .macro SAVE_C_REGS_HELPER offset=0 rax=1 rcx=1 r8910=1 r11=1 ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12+\offset ++#endif + .if \r11 +- movq_cfi r11, 6*8+\offset ++ movq_cfi r11, R11+\offset .endif - - .if \save_r891011 -- movq_cfi r8, 3*8 -- movq_cfi r9, 2*8 -- movq_cfi r10, 1*8 -- movq_cfi r11, 0*8 -+ movq_cfi r8, R8 -+ movq_cfi r9, R9 -+ movq_cfi r10, R10 -+ movq_cfi r11, R11 + .if \r8910 +- movq_cfi r10, 7*8+\offset +- movq_cfi r9, 8*8+\offset +- movq_cfi r8, 9*8+\offset ++ movq_cfi r10, R10+\offset ++ movq_cfi r9, R9+\offset ++ movq_cfi r8, R8+\offset + .endif + .if \rax +- movq_cfi rax, 10*8+\offset ++ movq_cfi rax, RAX+\offset .endif + .if \rcx +- movq_cfi rcx, 11*8+\offset ++ movq_cfi rcx, RCX+\offset + .endif +- movq_cfi rdx, 12*8+\offset +- movq_cfi rsi, 13*8+\offset +- movq_cfi rdi, 14*8+\offset ++ movq_cfi rdx, RDX+\offset ++ movq_cfi rsi, RSI+\offset ++ movq_cfi rdi, RDI+\offset + .endm + .macro SAVE_C_REGS offset=0 + SAVE_C_REGS_HELPER \offset, 1, 1, 1, 1 +@@ -131,76 +134,87 @@ For 32-bit we have the following conventions - kernel is built with + .endm -+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR -+ movq_cfi r12, R12 + .macro SAVE_EXTRA_REGS offset=0 +- movq_cfi r15, 0*8+\offset +- movq_cfi r14, 1*8+\offset +- movq_cfi r13, 2*8+\offset +- movq_cfi r12, 3*8+\offset +- movq_cfi rbp, 4*8+\offset +- movq_cfi rbx, 5*8+\offset ++ movq_cfi r15, R15+\offset ++ movq_cfi r14, R14+\offset ++ movq_cfi r13, R13+\offset ++#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12+\offset +#endif -+ ++ movq_cfi rbp, RBP+\offset ++ movq_cfi rbx, RBX+\offset + .endm + .macro SAVE_EXTRA_REGS_RBP offset=0 +- movq_cfi rbp, 4*8+\offset ++ movq_cfi rbp, RBP+\offset .endm --#define ARG_SKIP (9*8) -+#define ARG_SKIP ORIG_RAX + .macro RESTORE_EXTRA_REGS offset=0 +- movq_cfi_restore 0*8+\offset, r15 +- movq_cfi_restore 1*8+\offset, r14 +- movq_cfi_restore 2*8+\offset, r13 +- movq_cfi_restore 3*8+\offset, r12 +- movq_cfi_restore 4*8+\offset, rbp +- movq_cfi_restore 5*8+\offset, rbx ++ movq_cfi_restore R15+\offset, r15 ++ movq_cfi_restore R14+\offset, r14 ++ movq_cfi_restore R13+\offset, r13 ++#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi_restore R12+\offset, r12 ++#endif ++ movq_cfi_restore RBP+\offset, rbp ++ movq_cfi_restore RBX+\offset, rbx + .endm - .macro RESTORE_ARGS rstor_rax=1, addskip=0, rstor_rcx=1, rstor_r11=1, \ - rstor_r8910=1, rstor_rdx=1 -+ + .macro ZERO_EXTRA_REGS + xorl %r15d, %r15d + xorl %r14d, %r14d + xorl %r13d, %r13d ++#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR + xorl %r12d, %r12d ++#endif + xorl %ebp, %ebp + xorl %ebx, %ebx + .endm + +- .macro RESTORE_C_REGS_HELPER rstor_rax=1, rstor_rcx=1, rstor_r11=1, rstor_r8910=1, rstor_rdx=1 ++ .macro RESTORE_C_REGS_HELPER rstor_rax=1, rstor_rcx=1, rstor_r11=1, rstor_r8910=1, rstor_rdx=1, rstor_r12=1 +#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ .if \rstor_r12 + movq_cfi_restore R12, r12 ++ .endif +#endif -+ .if \rstor_r11 -- movq_cfi_restore 0*8, r11 +- movq_cfi_restore 6*8, r11 + movq_cfi_restore R11, r11 .endif - .if \rstor_r8910 -- movq_cfi_restore 1*8, r10 -- movq_cfi_restore 2*8, r9 -- movq_cfi_restore 3*8, r8 +- movq_cfi_restore 7*8, r10 +- movq_cfi_restore 8*8, r9 +- movq_cfi_restore 9*8, r8 + movq_cfi_restore R10, r10 + movq_cfi_restore R9, r9 + movq_cfi_restore R8, r8 .endif - .if \rstor_rax -- movq_cfi_restore 4*8, rax +- movq_cfi_restore 10*8, rax + movq_cfi_restore RAX, rax .endif - .if \rstor_rcx -- movq_cfi_restore 5*8, rcx +- movq_cfi_restore 11*8, rcx + movq_cfi_restore RCX, rcx .endif - .if \rstor_rdx -- movq_cfi_restore 6*8, rdx +- movq_cfi_restore 12*8, rdx + movq_cfi_restore RDX, rdx .endif - -- movq_cfi_restore 7*8, rsi -- movq_cfi_restore 8*8, rdi +- movq_cfi_restore 13*8, rsi +- movq_cfi_restore 14*8, rdi + movq_cfi_restore RSI, rsi + movq_cfi_restore RDI, rdi - -- .if ARG_SKIP+\addskip > 0 -- addq $ARG_SKIP+\addskip, %rsp -- CFI_ADJUST_CFA_OFFSET -(ARG_SKIP+\addskip) -+ .if ORIG_RAX+\addskip > 0 -+ addq $ORIG_RAX+\addskip, %rsp -+ CFI_ADJUST_CFA_OFFSET -(ORIG_RAX+\addskip) - .endif .endm - -- .macro LOAD_ARGS offset, skiprax=0 -- movq \offset(%rsp), %r11 -- movq \offset+8(%rsp), %r10 -- movq \offset+16(%rsp), %r9 -- movq \offset+24(%rsp), %r8 -- movq \offset+40(%rsp), %rcx -- movq \offset+48(%rsp), %rdx -- movq \offset+56(%rsp), %rsi -- movq \offset+64(%rsp), %rdi -+ .macro LOAD_ARGS skiprax=0 -+ movq R11(%rsp), %r11 -+ movq R10(%rsp), %r10 -+ movq R9(%rsp), %r9 -+ movq R8(%rsp), %r8 -+ movq RCX(%rsp), %rcx -+ movq RDX(%rsp), %rdx -+ movq RSI(%rsp), %rsi -+ movq RDI(%rsp), %rdi - .if \skiprax - .else -- movq \offset+72(%rsp), %rax -+ movq ORIG_RAX(%rsp), %rax - .endif + .macro RESTORE_C_REGS +- RESTORE_C_REGS_HELPER 1,1,1,1,1 ++ RESTORE_C_REGS_HELPER 1,1,1,1,1,1 .endm - --#define REST_SKIP (6*8) -- - .macro SAVE_REST -- subq $REST_SKIP, %rsp -- CFI_ADJUST_CFA_OFFSET REST_SKIP -- movq_cfi rbx, 5*8 -- movq_cfi rbp, 4*8 -- movq_cfi r12, 3*8 -- movq_cfi r13, 2*8 -- movq_cfi r14, 1*8 -- movq_cfi r15, 0*8 -+ movq_cfi rbx, RBX -+ movq_cfi rbp, RBP -+ -+#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR -+ movq_cfi r12, R12 -+#endif -+ -+ movq_cfi r13, R13 -+ movq_cfi r14, R14 -+ movq_cfi r15, R15 + .macro RESTORE_C_REGS_EXCEPT_RAX +- RESTORE_C_REGS_HELPER 0,1,1,1,1 ++ RESTORE_C_REGS_HELPER 0,1,1,1,1,0 .endm - - .macro RESTORE_REST -- movq_cfi_restore 0*8, r15 -- movq_cfi_restore 1*8, r14 -- movq_cfi_restore 2*8, r13 -- movq_cfi_restore 3*8, r12 -- movq_cfi_restore 4*8, rbp -- movq_cfi_restore 5*8, rbx -- addq $REST_SKIP, %rsp -- CFI_ADJUST_CFA_OFFSET -(REST_SKIP) -+ movq_cfi_restore R15, r15 -+ movq_cfi_restore R14, r14 -+ movq_cfi_restore R13, r13 -+ -+#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR -+ movq_cfi_restore R12, r12 -+#endif -+ -+ movq_cfi_restore RBP, rbp -+ movq_cfi_restore RBX, rbx + .macro RESTORE_C_REGS_EXCEPT_RCX +- RESTORE_C_REGS_HELPER 1,0,1,1,1 ++ RESTORE_C_REGS_HELPER 1,0,1,1,1,0 + .endm + .macro RESTORE_C_REGS_EXCEPT_R11 +- RESTORE_C_REGS_HELPER 1,1,0,1,1 ++ RESTORE_C_REGS_HELPER 1,1,0,1,1,1 + .endm + .macro RESTORE_C_REGS_EXCEPT_RCX_R11 +- RESTORE_C_REGS_HELPER 1,0,0,1,1 ++ RESTORE_C_REGS_HELPER 1,0,0,1,1,1 + .endm + .macro RESTORE_RSI_RDI +- RESTORE_C_REGS_HELPER 0,0,0,0,0 ++ RESTORE_C_REGS_HELPER 0,0,0,0,0,1 + .endm + .macro RESTORE_RSI_RDI_RDX +- RESTORE_C_REGS_HELPER 0,0,0,0,1 ++ RESTORE_C_REGS_HELPER 0,0,0,0,1,1 .endm - .macro SAVE_ALL + .macro REMOVE_PT_GPREGS_FROM_STACK addskip=0 diff --git a/arch/x86/include/asm/checksum_32.h b/arch/x86/include/asm/checksum_32.h index f50de69..2b0a458 100644 --- a/arch/x86/include/asm/checksum_32.h @@ -16438,7 +16486,7 @@ index 99c105d7..2f667ac 100644 ({ \ __typeof__ (*(ptr)) __ret = (inc); \ diff --git a/arch/x86/include/asm/compat.h b/arch/x86/include/asm/compat.h -index 59c6c40..5e0b22c 100644 +index acdee09..a553db3 100644 --- a/arch/x86/include/asm/compat.h +++ b/arch/x86/include/asm/compat.h @@ -41,7 +41,7 @@ typedef s64 __attribute__((aligned(4))) compat_s64; @@ -16451,10 +16499,10 @@ index 59c6c40..5e0b22c 100644 struct compat_timespec { compat_time_t tv_sec; diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h -index 90a5485..43b6211 100644 +index 3d6606f..91703f1 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h -@@ -213,7 +213,7 @@ +@@ -214,7 +214,7 @@ #define X86_FEATURE_PAUSEFILTER ( 8*32+13) /* AMD filtered pause intercept */ #define X86_FEATURE_PFTHRESHOLD ( 8*32+14) /* AMD pause filter threshold */ #define X86_FEATURE_VMMCALL ( 8*32+15) /* Prefer vmmcall to vmcall */ @@ -16463,7 +16511,7 @@ index 90a5485..43b6211 100644 /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */ #define X86_FEATURE_FSGSBASE ( 9*32+ 0) /* {RD/WR}{FS/GS}BASE instructions*/ -@@ -221,7 +221,7 @@ +@@ -222,7 +222,7 @@ #define X86_FEATURE_BMI1 ( 9*32+ 3) /* 1st group bit manipulation extensions */ #define X86_FEATURE_HLE ( 9*32+ 4) /* Hardware Lock Elision */ #define X86_FEATURE_AVX2 ( 9*32+ 5) /* AVX2 instructions */ @@ -16472,7 +16520,7 @@ index 90a5485..43b6211 100644 #define X86_FEATURE_BMI2 ( 9*32+ 8) /* 2nd group bit manipulation extensions */ #define X86_FEATURE_ERMS ( 9*32+ 9) /* Enhanced REP MOVSB/STOSB */ #define X86_FEATURE_INVPCID ( 9*32+10) /* Invalidate Processor Context ID */ -@@ -390,6 +390,7 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; +@@ -401,6 +401,7 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; #define cpu_has_eager_fpu boot_cpu_has(X86_FEATURE_EAGER_FPU) #define cpu_has_topoext boot_cpu_has(X86_FEATURE_TOPOEXT) #define cpu_has_bpext boot_cpu_has(X86_FEATURE_BPEXT) @@ -16480,7 +16528,7 @@ index 90a5485..43b6211 100644 #if __GNUC__ >= 4 extern void warn_pre_alternatives(void); -@@ -441,7 +442,8 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) +@@ -454,7 +455,8 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) #ifdef CONFIG_X86_DEBUG_STATIC_CPU_HAS t_warn: @@ -16490,7 +16538,7 @@ index 90a5485..43b6211 100644 return false; #endif -@@ -461,7 +463,7 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) +@@ -475,7 +477,7 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (4f-3f) - (2b-1b)\n" /* size check */ ".previous\n" @@ -16499,16 +16547,16 @@ index 90a5485..43b6211 100644 "3: movb $1,%0\n" "4:\n" ".previous\n" -@@ -498,7 +500,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) - " .byte 2b - 1b\n" /* src len */ - " .byte 4f - 3f\n" /* repl len */ +@@ -510,7 +512,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) + " .byte 5f - 4f\n" /* repl len */ + " .byte 3b - 2b\n" /* pad len */ ".previous\n" - ".section .altinstr_replacement,\"ax\"\n" + ".section .altinstr_replacement,\"a\"\n" - "3: .byte 0xe9\n .long %l[t_no] - 2b\n" - "4:\n" + "4: jmp %l[t_no]\n" + "5:\n" ".previous\n" -@@ -531,7 +533,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) +@@ -545,7 +547,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (4f-3f) - (2b-1b)\n" /* size check */ ".previous\n" @@ -16517,7 +16565,7 @@ index 90a5485..43b6211 100644 "3: movb $0,%0\n" "4:\n" ".previous\n" -@@ -545,7 +547,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) +@@ -560,7 +562,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (6f-5f) - (4b-3b)\n" /* size check */ ".previous\n" @@ -16527,7 +16575,7 @@ index 90a5485..43b6211 100644 "6:\n" ".previous\n" diff --git a/arch/x86/include/asm/desc.h b/arch/x86/include/asm/desc.h -index a94b82e..59ecefa 100644 +index a0bf89f..56f0b2a 100644 --- a/arch/x86/include/asm/desc.h +++ b/arch/x86/include/asm/desc.h @@ -4,6 +4,7 @@ @@ -16681,19 +16729,24 @@ index a94b82e..59ecefa 100644 unsigned dpl, unsigned ist, unsigned seg) { gate_desc s; -@@ -379,9 +392,9 @@ static inline void _set_gate(int gate, unsigned type, void *addr, - #define set_intr_gate(n, addr) \ +@@ -379,14 +392,14 @@ static inline void _set_gate(int gate, unsigned type, void *addr, + #define set_intr_gate_notrace(n, addr) \ do { \ BUG_ON((unsigned)n > 0xFF); \ - _set_gate(n, GATE_INTERRUPT, (void *)addr, 0, 0, \ + _set_gate(n, GATE_INTERRUPT, (const void *)addr, 0, 0, \ __KERNEL_CS); \ + } while (0) + + #define set_intr_gate(n, addr) \ + do { \ + set_intr_gate_notrace(n, addr); \ - _trace_set_gate(n, GATE_INTERRUPT, (void *)trace_##addr,\ + _trace_set_gate(n, GATE_INTERRUPT, (const void *)trace_##addr,\ 0, 0, __KERNEL_CS); \ } while (0) -@@ -409,19 +422,19 @@ static inline void alloc_system_vector(int vector) +@@ -414,19 +427,19 @@ static inline void alloc_system_vector(int vector) /* * This routine sets up an interrupt gate at directory privilege level 3. */ @@ -16716,7 +16769,7 @@ index a94b82e..59ecefa 100644 { BUG_ON((unsigned)n > 0xFF); _set_gate(n, GATE_TRAP, addr, 0, 0, __KERNEL_CS); -@@ -430,16 +443,16 @@ static inline void set_trap_gate(unsigned int n, void *addr) +@@ -435,16 +448,16 @@ static inline void set_trap_gate(unsigned int n, void *addr) static inline void set_task_gate(unsigned int n, unsigned int gdt_entry) { BUG_ON((unsigned)n > 0xFF); @@ -16736,7 +16789,7 @@ index a94b82e..59ecefa 100644 { BUG_ON((unsigned)n > 0xFF); _set_gate(n, GATE_INTERRUPT, addr, 0x3, ist, __KERNEL_CS); -@@ -511,4 +524,17 @@ static inline void load_current_idt(void) +@@ -516,4 +529,17 @@ static inline void load_current_idt(void) else load_idt((const struct desc_ptr *)&idt_descr); } @@ -16785,7 +16838,7 @@ index ced283a..ffe04cc 100644 union { u64 v64; diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h -index ca3347a..1a5082a 100644 +index f161c18..97d43e8 100644 --- a/arch/x86/include/asm/elf.h +++ b/arch/x86/include/asm/elf.h @@ -75,9 +75,6 @@ typedef struct user_fxsr_struct elf_fpxregset_t; @@ -16798,7 +16851,7 @@ index ca3347a..1a5082a 100644 #if defined(CONFIG_X86_32) || defined(CONFIG_COMPAT) extern unsigned int vdso32_enabled; #endif -@@ -249,7 +246,25 @@ extern int force_personality32; +@@ -250,7 +247,25 @@ extern int force_personality32; the loader. We need to make sure that it is out of the way of the program that it will "exec", and that there is sufficient room for the brk. */ @@ -16824,7 +16877,7 @@ index ca3347a..1a5082a 100644 /* This yields a mask that user programs can use to figure out what instruction set this CPU supports. This could be done in user space, -@@ -298,17 +313,13 @@ do { \ +@@ -299,17 +314,13 @@ do { \ #define ARCH_DLINFO \ do { \ @@ -16844,7 +16897,7 @@ index ca3347a..1a5082a 100644 } while (0) #define AT_SYSINFO 32 -@@ -323,10 +334,10 @@ else \ +@@ -324,10 +335,10 @@ else \ #endif /* !CONFIG_X86_32 */ @@ -16857,16 +16910,6 @@ index ca3347a..1a5082a 100644 selected_vdso32->sym___kernel_vsyscall) struct linux_binprm; -@@ -338,9 +349,6 @@ extern int compat_arch_setup_additional_pages(struct linux_binprm *bprm, - int uses_interp); - #define compat_arch_setup_additional_pages compat_arch_setup_additional_pages - --extern unsigned long arch_randomize_brk(struct mm_struct *mm); --#define arch_randomize_brk arch_randomize_brk -- - /* - * True on X86_32 or when emulating IA32 on X86_64 - */ diff --git a/arch/x86/include/asm/emergency-restart.h b/arch/x86/include/asm/emergency-restart.h index 77a99ac..39ff7f5 100644 --- a/arch/x86/include/asm/emergency-restart.h @@ -16913,10 +16956,10 @@ index 1c7eefe..d0e4702 100644 }; diff --git a/arch/x86/include/asm/fpu-internal.h b/arch/x86/include/asm/fpu-internal.h -index 72ba21a..79f3f66 100644 +index da5e967..ab07eec 100644 --- a/arch/x86/include/asm/fpu-internal.h +++ b/arch/x86/include/asm/fpu-internal.h -@@ -124,8 +124,11 @@ static inline void sanitize_i387_state(struct task_struct *tsk) +@@ -151,8 +151,11 @@ static inline void sanitize_i387_state(struct task_struct *tsk) #define user_insn(insn, output, input...) \ ({ \ int err; \ @@ -16929,7 +16972,7 @@ index 72ba21a..79f3f66 100644 "2: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "3: movl $-1,%[err]\n" \ -@@ -134,6 +137,7 @@ static inline void sanitize_i387_state(struct task_struct *tsk) +@@ -161,6 +164,7 @@ static inline void sanitize_i387_state(struct task_struct *tsk) _ASM_EXTABLE(1b, 3b) \ : [err] "=r" (err), output \ : "0"(0), input); \ @@ -16937,12 +16980,12 @@ index 72ba21a..79f3f66 100644 err; \ }) -@@ -300,7 +304,7 @@ static inline int restore_fpu_checking(struct task_struct *tsk) +@@ -327,7 +331,7 @@ static inline int restore_fpu_checking(struct task_struct *tsk) "fnclex\n\t" "emms\n\t" "fildl %P[addr]" /* set F?P to defined value */ - : : [addr] "m" (tsk->thread.fpu.has_fpu)); -+ : : [addr] "m" (init_tss[raw_smp_processor_id()].x86_tss.sp0)); ++ : : [addr] "m" (cpu_tss[raw_smp_processor_id()].x86_tss.sp0)); } return fpu_restore_checking(&tsk->thread.fpu); @@ -17011,7 +17054,7 @@ index b4c1f54..e290c08 100644 pagefault_enable(); diff --git a/arch/x86/include/asm/hw_irq.h b/arch/x86/include/asm/hw_irq.h -index 9662290..49ca5e5 100644 +index e9571dd..df5f542 100644 --- a/arch/x86/include/asm/hw_irq.h +++ b/arch/x86/include/asm/hw_irq.h @@ -160,8 +160,8 @@ static inline void unlock_vector_lock(void) {} @@ -17096,12 +17139,12 @@ index 34a5b93..27e40a6 100644 * Convert a virtual cached pointer to an uncached pointer */ diff --git a/arch/x86/include/asm/irqflags.h b/arch/x86/include/asm/irqflags.h -index 0a8b519..80e7d5b 100644 +index b77f5ed..a2f791e 100644 --- a/arch/x86/include/asm/irqflags.h +++ b/arch/x86/include/asm/irqflags.h -@@ -141,6 +141,11 @@ static inline notrace unsigned long arch_local_irq_save(void) - sti; \ - sysexit +@@ -137,6 +137,11 @@ static inline notrace unsigned long arch_local_irq_save(void) + swapgs; \ + sysretl +#define GET_CR0_INTO_RDI mov %cr0, %rdi +#define SET_RDI_INTO_CR0 mov %rdi, %cr0 @@ -17697,7 +17740,7 @@ index b3bebf9..13ac22e 100644 #define __phys_addr(x) __phys_addr_nodebug(x) #define __phys_addr_symbol(x) \ diff --git a/arch/x86/include/asm/paravirt.h b/arch/x86/include/asm/paravirt.h -index 965c47d..ffe0af8 100644 +index 8957810..f34efb4 100644 --- a/arch/x86/include/asm/paravirt.h +++ b/arch/x86/include/asm/paravirt.h @@ -560,7 +560,7 @@ static inline pmd_t __pmd(pmdval_t val) @@ -17759,10 +17802,10 @@ index 965c47d..ffe0af8 100644 #endif #define INTERRUPT_RETURN \ -@@ -981,6 +1008,21 @@ extern void default_banner(void); - PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_irq_enable_sysexit), \ +@@ -976,6 +1003,21 @@ extern void default_banner(void); + PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_usergs_sysret64), \ CLBR_NONE, \ - jmp PARA_INDIRECT(pv_cpu_ops+PV_CPU_irq_enable_sysexit)) + jmp PARA_INDIRECT(pv_cpu_ops+PV_CPU_usergs_sysret64)) + +#define GET_CR0_INTO_RDI \ + call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0); \ @@ -17782,7 +17825,7 @@ index 965c47d..ffe0af8 100644 #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h -index 7549b8b..f0edfda 100644 +index f7b0b5c..cdd33f9 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h @@ -84,7 +84,7 @@ struct pv_init_ops { @@ -17842,8 +17885,8 @@ index 7549b8b..f0edfda 100644 void (*set_pgd)(pgd_t *pudp, pgd_t pgdval); + void (*set_pgd_batched)(pgd_t *pudp, pgd_t pgdval); - #endif /* PAGETABLE_LEVELS == 4 */ - #endif /* PAGETABLE_LEVELS >= 3 */ + #endif /* CONFIG_PGTABLE_LEVELS == 4 */ + #endif /* CONFIG_PGTABLE_LEVELS >= 3 */ @@ -324,7 +325,13 @@ struct pv_mmu_ops { an mfn. We can tell which is which from the index. */ @@ -17887,7 +17930,7 @@ index 7549b8b..f0edfda 100644 extern struct pv_info pv_info; extern struct pv_init_ops pv_init_ops; diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h -index c4412e9..90e88c5 100644 +index bf7f8b5..ca5799d 100644 --- a/arch/x86/include/asm/pgalloc.h +++ b/arch/x86/include/asm/pgalloc.h @@ -63,6 +63,13 @@ static inline void pmd_populate_kernel(struct mm_struct *mm, @@ -17926,7 +17969,7 @@ index c4412e9..90e88c5 100644 +} #endif /* CONFIG_X86_PAE */ - #if PAGETABLE_LEVELS > 3 + #if CONFIG_PGTABLE_LEVELS > 3 @@ -123,6 +140,12 @@ static inline void pgd_populate(struct mm_struct *mm, pgd_t *pgd, pud_t *pud) set_pgd(pgd, __pgd(_PAGE_TABLE | __pa(pud))); } @@ -17976,7 +18019,7 @@ index cdaa58c..e61122b 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index a0c35bf..7045c6a 100644 +index fe57e7a..0573d42 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -47,6 +47,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); @@ -18332,10 +18375,10 @@ index 2ee7811..55aca24 100644 } diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h -index 602b602..acb53ed 100644 +index e6844df..432b56e 100644 --- a/arch/x86/include/asm/pgtable_64_types.h +++ b/arch/x86/include/asm/pgtable_64_types.h -@@ -61,11 +61,16 @@ typedef struct { pteval_t pte; } pte_t; +@@ -60,11 +60,16 @@ typedef struct { pteval_t pte; } pte_t; #define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE) #define MODULES_END _AC(0xffffffffff000000, UL) #define MODULES_LEN (MODULES_END - MODULES_VADDR) @@ -18353,7 +18396,7 @@ index 602b602..acb53ed 100644 #endif /* _ASM_X86_PGTABLE_64_DEFS_H */ diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h -index 8c7c108..1c1b77f 100644 +index 78f0c8c..4424bb0 100644 --- a/arch/x86/include/asm/pgtable_types.h +++ b/arch/x86/include/asm/pgtable_types.h @@ -85,8 +85,10 @@ @@ -18402,16 +18445,16 @@ index 8c7c108..1c1b77f 100644 } +#endif -+#if PAGETABLE_LEVELS == 3 ++#if CONFIG_PGTABLE_LEVELS == 3 +#include <asm-generic/pgtable-nopud.h> +#endif + -+#if PAGETABLE_LEVELS == 2 ++#if CONFIG_PGTABLE_LEVELS == 2 +#include <asm-generic/pgtable-nopmd.h> +#endif + +#ifndef __ASSEMBLY__ - #if PAGETABLE_LEVELS > 3 + #if CONFIG_PGTABLE_LEVELS > 3 typedef struct { pudval_t pud; } pud_t; @@ -247,8 +262,6 @@ static inline pudval_t native_pud_val(pud_t pud) @@ -18454,10 +18497,10 @@ index 8f327184..368fb29 100644 /* diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h -index ec1c935..5cc6023 100644 +index 23ba676..6584489 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h -@@ -127,7 +127,7 @@ struct cpuinfo_x86 { +@@ -130,7 +130,7 @@ struct cpuinfo_x86 { /* Index into per_cpu list: */ u16 cpu_index; u32 microcode; @@ -18466,7 +18509,7 @@ index ec1c935..5cc6023 100644 #define X86_VENDOR_INTEL 0 #define X86_VENDOR_CYRIX 1 -@@ -198,9 +198,21 @@ static inline void native_cpuid(unsigned int *eax, unsigned int *ebx, +@@ -201,9 +201,21 @@ static inline void native_cpuid(unsigned int *eax, unsigned int *ebx, : "memory"); } @@ -18489,16 +18532,16 @@ index ec1c935..5cc6023 100644 } #ifdef CONFIG_X86_32 -@@ -282,7 +294,7 @@ struct tss_struct { +@@ -300,7 +312,7 @@ struct tss_struct { } ____cacheline_aligned; --DECLARE_PER_CPU_SHARED_ALIGNED(struct tss_struct, init_tss); -+extern struct tss_struct init_tss[NR_CPUS]; +-DECLARE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss); ++extern struct tss_struct cpu_tss[NR_CPUS]; - /* - * Save the original ist values for checking stack pointers during debugging -@@ -479,6 +491,7 @@ struct thread_struct { + #ifdef CONFIG_X86_32 + DECLARE_PER_CPU(unsigned long, cpu_current_top_of_stack); +@@ -500,6 +512,7 @@ struct thread_struct { unsigned short ds; unsigned short fsindex; unsigned short gsindex; @@ -18506,7 +18549,20 @@ index ec1c935..5cc6023 100644 #endif #ifdef CONFIG_X86_32 unsigned long ip; -@@ -805,11 +818,18 @@ static inline void spin_lock_prefetch(const void *x) +@@ -585,10 +598,10 @@ static inline void native_swapgs(void) + #endif + } + +-static inline unsigned long current_top_of_stack(void) ++static inline unsigned long current_top_of_stack(unsigned int cpu) + { + #ifdef CONFIG_X86_64 +- return this_cpu_read_stable(cpu_tss.x86_tss.sp0); ++ return cpu_tss[cpu].x86_tss.sp0; + #else + /* sp0 on x86_32 is special in and around vm86 mode. */ + return this_cpu_read_stable(cpu_current_top_of_stack); +@@ -837,8 +850,15 @@ static inline void spin_lock_prefetch(const void *x) */ #define TASK_SIZE PAGE_OFFSET #define TASK_SIZE_MAX TASK_SIZE @@ -18522,43 +18578,22 @@ index ec1c935..5cc6023 100644 +#define STACK_TOP_MAX TASK_SIZE #define INIT_THREAD { \ -- .sp0 = sizeof(init_stack) + (long)&init_stack, \ -+ .sp0 = sizeof(init_stack) + (long)&init_stack - 8, \ - .vm86_info = NULL, \ - .sysenter_cs = __KERNEL_CS, \ - .io_bitmap_ptr = NULL, \ -@@ -823,7 +843,7 @@ static inline void spin_lock_prefetch(const void *x) + .sp0 = TOP_OF_INIT_STACK, \ +@@ -859,12 +879,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); + * "struct pt_regs" is possible, but they may contain the + * completely wrong values. */ - #define INIT_TSS { \ - .x86_tss = { \ -- .sp0 = sizeof(init_stack) + (long)&init_stack, \ -+ .sp0 = sizeof(init_stack) + (long)&init_stack - 8, \ - .ss0 = __KERNEL_DS, \ - .ss1 = __KERNEL_CS, \ - .io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \ -@@ -834,11 +854,7 @@ static inline void spin_lock_prefetch(const void *x) - extern unsigned long thread_saved_pc(struct task_struct *tsk); - - #define THREAD_SIZE_LONGS (THREAD_SIZE/sizeof(unsigned long)) --#define KSTK_TOP(info) \ --({ \ -- unsigned long *__ptr = (unsigned long *)(info); \ -- (unsigned long)(&__ptr[THREAD_SIZE_LONGS]); \ +-#define task_pt_regs(task) \ +-({ \ +- unsigned long __ptr = (unsigned long)task_stack_page(task); \ +- __ptr += THREAD_SIZE - TOP_OF_KERNEL_STACK_PADDING; \ +- ((struct pt_regs *)__ptr) - 1; \ -}) -+#define KSTK_TOP(info) ((container_of(info, struct task_struct, tinfo))->thread.sp0) ++#define task_pt_regs(tsk) ((struct pt_regs *)(tsk)->thread.sp0 - 1) - /* - * The below -8 is to reserve 8 bytes on top of the ring0 stack. -@@ -853,7 +869,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); - #define task_pt_regs(task) \ - ({ \ - struct pt_regs *__regs__; \ -- __regs__ = (struct pt_regs *)(KSTK_TOP(task_stack_page(task))-8); \ -+ __regs__ = (struct pt_regs *)((task)->thread.sp0); \ - __regs__ - 1; \ - }) + #define KSTK_ESP(task) (task_pt_regs(task)->sp) -@@ -869,13 +885,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); +@@ -878,13 +893,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); * particular problem by preventing anything from being mapped * at the maximum canonical address. */ @@ -18574,21 +18609,7 @@ index ec1c935..5cc6023 100644 #define TASK_SIZE (test_thread_flag(TIF_ADDR32) ? \ IA32_PAGE_OFFSET : TASK_SIZE_MAX) -@@ -886,11 +902,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); - #define STACK_TOP_MAX TASK_SIZE_MAX - - #define INIT_THREAD { \ -- .sp0 = (unsigned long)&init_stack + sizeof(init_stack) \ -+ .sp0 = (unsigned long)&init_stack + sizeof(init_stack) - 16 \ - } - - #define INIT_TSS { \ -- .x86_tss.sp0 = (unsigned long)&init_stack + sizeof(init_stack) \ -+ .x86_tss.sp0 = (unsigned long)&init_stack + sizeof(init_stack) - 16 \ - } - - /* -@@ -918,6 +934,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, +@@ -918,6 +933,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, */ #define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 3)) @@ -18599,7 +18620,7 @@ index ec1c935..5cc6023 100644 #define KSTK_EIP(task) (task_pt_regs(task)->ip) /* Get/set a process' ability to use the timestamp counter instruction */ -@@ -962,7 +982,7 @@ static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves) +@@ -962,7 +981,7 @@ static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves) return 0; } @@ -18608,7 +18629,7 @@ index ec1c935..5cc6023 100644 extern void free_init_pages(char *what, unsigned long begin, unsigned long end); void default_idle(void); -@@ -972,6 +992,6 @@ bool xen_set_default_idle(void); +@@ -972,6 +991,6 @@ bool xen_set_default_idle(void); #define xen_set_default_idle 0 #endif @@ -18617,46 +18638,10 @@ index ec1c935..5cc6023 100644 void df_debug(struct pt_regs *regs, long error_code); #endif /* _ASM_X86_PROCESSOR_H */ diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h -index 86fc2bb..bd5049a 100644 +index 5fabf13..7388158 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h -@@ -89,28 +89,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) - } - - /* -- * user_mode_vm(regs) determines whether a register set came from user mode. -+ * user_mode(regs) determines whether a register set came from user mode. - * This is true if V8086 mode was enabled OR if the register set was from - * protected mode with RPL-3 CS value. This tricky test checks that with - * one comparison. Many places in the kernel can bypass this full check -- * if they have already ruled out V8086 mode, so user_mode(regs) can be used. -+ * if they have already ruled out V8086 mode, so user_mode_novm(regs) can -+ * be used. - */ --static inline int user_mode(struct pt_regs *regs) -+static inline int user_mode_novm(struct pt_regs *regs) - { - #ifdef CONFIG_X86_32 - return (regs->cs & SEGMENT_RPL_MASK) == USER_RPL; - #else -- return !!(regs->cs & 3); -+ return !!(regs->cs & SEGMENT_RPL_MASK); - #endif - } - --static inline int user_mode_vm(struct pt_regs *regs) -+static inline int user_mode(struct pt_regs *regs) - { - #ifdef CONFIG_X86_32 - return ((regs->cs & SEGMENT_RPL_MASK) | (regs->flags & X86_VM_MASK)) >= - USER_RPL; - #else -- return user_mode(regs); -+ return user_mode_novm(regs); - #endif - } - -@@ -126,15 +127,16 @@ static inline int v8086_mode(struct pt_regs *regs) +@@ -125,15 +125,16 @@ static inline int v8086_mode(struct pt_regs *regs) #ifdef CONFIG_X86_64 static inline bool user_64bit_mode(struct pt_regs *regs) { @@ -18675,7 +18660,7 @@ index 86fc2bb..bd5049a 100644 #endif } -@@ -185,9 +187,11 @@ static inline unsigned long regs_get_register(struct pt_regs *regs, +@@ -180,9 +181,11 @@ static inline unsigned long regs_get_register(struct pt_regs *regs, * Traps from the kernel do not save sp and ss. * Use the helper function to retrieve sp. */ @@ -18985,13 +18970,13 @@ index cad82c9..2e5c5c1 100644 #endif /* __KERNEL__ */ diff --git a/arch/x86/include/asm/segment.h b/arch/x86/include/asm/segment.h -index e657b7b..81fefb444 100644 +index 7d5a192..23ef1aa 100644 --- a/arch/x86/include/asm/segment.h +++ b/arch/x86/include/asm/segment.h -@@ -73,10 +73,15 @@ +@@ -82,14 +82,20 @@ * 26 - ESPFIX small SS * 27 - per-cpu [ offset to per-cpu data area ] - * 28 - stack_canary-20 [ for stack protector ] + * 28 - stack_canary-20 [ for stack protector ] <=== cacheline #8 - * 29 - unused - * 30 - unused + * 29 - PCI BIOS CS @@ -19003,115 +18988,92 @@ index e657b7b..81fefb444 100644 +#define __KERNEXEC_EFI_CS (GDT_ENTRY_KERNEXEC_EFI_CS*8) +#define __KERNEXEC_EFI_DS (GDT_ENTRY_KERNEXEC_EFI_DS*8) + - #define GDT_ENTRY_TLS_MIN 6 - #define GDT_ENTRY_TLS_MAX (GDT_ENTRY_TLS_MIN + GDT_ENTRY_TLS_ENTRIES - 1) - -@@ -88,6 +93,8 @@ + #define GDT_ENTRY_TLS_MIN 6 + #define GDT_ENTRY_TLS_MAX (GDT_ENTRY_TLS_MIN + GDT_ENTRY_TLS_ENTRIES - 1) - #define GDT_ENTRY_KERNEL_CS (GDT_ENTRY_KERNEL_BASE+0) + #define GDT_ENTRY_KERNEL_CS 12 ++#define GDT_ENTRY_KERNEXEC_KERNEL_CS 4 + #define GDT_ENTRY_KERNEL_DS 13 + #define GDT_ENTRY_DEFAULT_USER_CS 14 + #define GDT_ENTRY_DEFAULT_USER_DS 15 +@@ -106,6 +112,12 @@ + #define GDT_ENTRY_PERCPU 27 + #define GDT_ENTRY_STACK_CANARY 28 -+#define GDT_ENTRY_KERNEXEC_KERNEL_CS (4) ++#define GDT_ENTRY_PCIBIOS_CS 29 ++#define __PCIBIOS_DS (GDT_ENTRY_PCIBIOS_DS * 8) + - #define GDT_ENTRY_KERNEL_DS (GDT_ENTRY_KERNEL_BASE+1) - - #define GDT_ENTRY_TSS (GDT_ENTRY_KERNEL_BASE+4) -@@ -113,6 +120,12 @@ - #define __KERNEL_STACK_CANARY 0 - #endif - -+#define GDT_ENTRY_PCIBIOS_CS (GDT_ENTRY_KERNEL_BASE+17) ++#define GDT_ENTRY_PCIBIOS_DS 30 +#define __PCIBIOS_CS (GDT_ENTRY_PCIBIOS_CS * 8) + -+#define GDT_ENTRY_PCIBIOS_DS (GDT_ENTRY_KERNEL_BASE+18) -+#define __PCIBIOS_DS (GDT_ENTRY_PCIBIOS_DS * 8) -+ #define GDT_ENTRY_DOUBLEFAULT_TSS 31 /* -@@ -140,7 +153,7 @@ +@@ -118,6 +130,7 @@ */ - /* Matches PNP_CS32 and PNP_CS16 (they must be consecutive) */ --#define SEGMENT_IS_PNP_CODE(x) (((x) & 0xf4) == GDT_ENTRY_PNPBIOS_BASE * 8) -+#define SEGMENT_IS_PNP_CODE(x) (((x) & 0xFFFCU) == PNP_CS32 || ((x) & 0xFFFCU) == PNP_CS16) + #define __KERNEL_CS (GDT_ENTRY_KERNEL_CS*8) ++#define __KERNEXEC_KERNEL_CS (GDT_ENTRY_KERNEXEC_KERNEL_CS*8) + #define __KERNEL_DS (GDT_ENTRY_KERNEL_DS*8) + #define __USER_DS (GDT_ENTRY_DEFAULT_USER_DS*8 + 3) + #define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS*8 + 3) +@@ -129,7 +142,7 @@ + #define PNP_CS16 (GDT_ENTRY_PNPBIOS_CS16*8) + /* "Is this PNP code selector (PNP_CS32 or PNP_CS16)?" */ +-#define SEGMENT_IS_PNP_CODE(x) (((x) & 0xf4) == PNP_CS32) ++#define SEGMENT_IS_PNP_CODE(x) (((x) & 0xFFFCU) == PNP_CS32 || ((x) & 0xFFFCU) == PNP_CS16) - #else -@@ -164,6 +177,8 @@ - #define __USER32_CS (GDT_ENTRY_DEFAULT_USER32_CS*8+3) - #define __USER32_DS __USER_DS + /* data segment for BIOS: */ + #define PNP_DS (GDT_ENTRY_PNPBIOS_DS*8) +@@ -176,6 +189,8 @@ + #define GDT_ENTRY_DEFAULT_USER_DS 5 + #define GDT_ENTRY_DEFAULT_USER_CS 6 -+#define GDT_ENTRY_KERNEXEC_KERNEL_CS 7 ++#define GDT_ENTRY_KERNEXEC_KERNEL_CS 7 + - #define GDT_ENTRY_TSS 8 /* needs two entries */ - #define GDT_ENTRY_LDT 10 /* needs two entries */ - #define GDT_ENTRY_TLS_MIN 12 -@@ -172,6 +187,8 @@ - #define GDT_ENTRY_PER_CPU 15 /* Abused to load per CPU data from limit */ - #define __PER_CPU_SEG (GDT_ENTRY_PER_CPU * 8 + 3) + /* Needs two entries */ + #define GDT_ENTRY_TSS 8 + /* Needs two entries */ +@@ -187,10 +202,12 @@ + /* Abused to load per CPU data from limit */ + #define GDT_ENTRY_PER_CPU 15 -+#define GDT_ENTRY_UDEREF_KERNEL_DS 16 ++#define GDT_ENTRY_UDEREF_KERNEL_DS 16 + - /* TLS indexes for 64bit - hardcoded in arch_prctl */ - #define FS_TLS 0 - #define GS_TLS 1 -@@ -179,12 +196,14 @@ - #define GS_TLS_SEL ((GDT_ENTRY_TLS_MIN+GS_TLS)*8 + 3) - #define FS_TLS_SEL ((GDT_ENTRY_TLS_MIN+FS_TLS)*8 + 3) - --#define GDT_ENTRIES 16 -+#define GDT_ENTRIES 17 - - #endif - - #define __KERNEL_CS (GDT_ENTRY_KERNEL_CS*8) -+#define __KERNEXEC_KERNEL_CS (GDT_ENTRY_KERNEXEC_KERNEL_CS*8) - #define __KERNEL_DS (GDT_ENTRY_KERNEL_DS*8) -+#define __UDEREF_KERNEL_DS (GDT_ENTRY_UDEREF_KERNEL_DS*8) - #define __USER_DS (GDT_ENTRY_DEFAULT_USER_DS*8+3) - #define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS*8+3) - #ifndef CONFIG_PARAVIRT -@@ -267,7 +286,7 @@ static inline unsigned long get_limit(unsigned long segment) - { - unsigned long __limit; - asm("lsll %1,%0" : "=r" (__limit) : "r" (segment)); -- return __limit + 1; -+ return __limit; - } + /* + * Number of entries in the GDT table: + */ +-#define GDT_ENTRIES 16 ++#define GDT_ENTRIES 17 - #endif /* !__ASSEMBLY__ */ + /* + * Segment selector values corresponding to the above entries: +@@ -200,7 +217,9 @@ + */ + #define __KERNEL32_CS (GDT_ENTRY_KERNEL32_CS*8) + #define __KERNEL_CS (GDT_ENTRY_KERNEL_CS*8) ++#define __KERNEXEC_KERNEL_CS (GDT_ENTRY_KERNEXEC_KERNEL_CS*8) + #define __KERNEL_DS (GDT_ENTRY_KERNEL_DS*8) ++#define __UDEREF_KERNEL_DS (GDT_ENTRY_UDEREF_KERNEL_DS*8) + #define __USER32_CS (GDT_ENTRY_DEFAULT_USER32_CS*8 + 3) + #define __USER_DS (GDT_ENTRY_DEFAULT_USER_DS*8 + 3) + #define __USER32_DS __USER_DS diff --git a/arch/x86/include/asm/smap.h b/arch/x86/include/asm/smap.h -index 8d3120f..352b440 100644 +index ba665eb..0f72938 100644 --- a/arch/x86/include/asm/smap.h +++ b/arch/x86/include/asm/smap.h -@@ -25,11 +25,40 @@ +@@ -25,6 +25,18 @@ #include <asm/alternative-asm.h> +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) +#define ASM_PAX_OPEN_USERLAND \ -+ 661: jmp 663f; \ -+ .pushsection .altinstr_replacement, "a" ; \ -+ 662: pushq %rax; nop; \ -+ .popsection ; \ -+ .pushsection .altinstructions, "a" ; \ -+ altinstruction_entry 661b, 662b, X86_FEATURE_STRONGUDEREF, 2, 2;\ -+ .popsection ; \ -+ call __pax_open_userland; \ -+ popq %rax; \ -+ 663: ++ ALTERNATIVE "", "call __pax_open_userland", X86_FEATURE_STRONGUDEREF + +#define ASM_PAX_CLOSE_USERLAND \ -+ 661: jmp 663f; \ -+ .pushsection .altinstr_replacement, "a" ; \ -+ 662: pushq %rax; nop; \ -+ .popsection; \ -+ .pushsection .altinstructions, "a" ; \ -+ altinstruction_entry 661b, 662b, X86_FEATURE_STRONGUDEREF, 2, 2;\ -+ .popsection; \ -+ call __pax_close_userland; \ -+ popq %rax; \ -+ 663: ++ ALTERNATIVE "", "call __pax_close_userland", X86_FEATURE_STRONGUDEREF ++ +#else +#define ASM_PAX_OPEN_USERLAND +#define ASM_PAX_CLOSE_USERLAND @@ -19119,23 +19081,8 @@ index 8d3120f..352b440 100644 + #ifdef CONFIG_X86_SMAP - #define ASM_CLAC \ - 661: ASM_NOP3 ; \ -- .pushsection .altinstr_replacement, "ax" ; \ -+ .pushsection .altinstr_replacement, "a" ; \ - 662: __ASM_CLAC ; \ - .popsection ; \ - .pushsection .altinstructions, "a" ; \ -@@ -38,7 +67,7 @@ - - #define ASM_STAC \ - 661: ASM_NOP3 ; \ -- .pushsection .altinstr_replacement, "ax" ; \ -+ .pushsection .altinstr_replacement, "a" ; \ - 662: __ASM_STAC ; \ - .popsection ; \ - .pushsection .altinstructions, "a" ; \ -@@ -56,6 +85,37 @@ + #define ASM_CLAC \ +@@ -44,6 +56,37 @@ #include <asm/alternative.h> @@ -19147,7 +19094,7 @@ index 8d3120f..352b440 100644 +{ + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) -+ asm volatile(ALTERNATIVE(ASM_NOP5, "call %P[open]", X86_FEATURE_STRONGUDEREF) ++ asm volatile(ALTERNATIVE("", "call %P[open]", X86_FEATURE_STRONGUDEREF) + : + : [open] "i" (__pax_open_userland) + : "memory", "rax"); @@ -19161,7 +19108,7 @@ index 8d3120f..352b440 100644 +{ + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) -+ asm volatile(ALTERNATIVE(ASM_NOP5, "call %P[close]", X86_FEATURE_STRONGUDEREF) ++ asm volatile(ALTERNATIVE("", "call %P[close]", X86_FEATURE_STRONGUDEREF) + : + : [close] "i" (__pax_close_userland) + : "memory", "rax"); @@ -19174,7 +19121,7 @@ index 8d3120f..352b440 100644 static __always_inline void clac(void) diff --git a/arch/x86/include/asm/smp.h b/arch/x86/include/asm/smp.h -index 8cd1cc3..827e09e 100644 +index 17a8dce..79f7280 100644 --- a/arch/x86/include/asm/smp.h +++ b/arch/x86/include/asm/smp.h @@ -35,7 +35,7 @@ DECLARE_PER_CPU_READ_MOSTLY(cpumask_var_t, cpu_core_map); @@ -19195,7 +19142,7 @@ index 8cd1cc3..827e09e 100644 /* Globals due to paravirt */ extern void set_cpu_sibling_map(int cpu); -@@ -191,14 +191,8 @@ extern unsigned disabled_cpus; +@@ -192,14 +192,8 @@ extern unsigned disabled_cpus; extern int safe_smp_processor_id(void); #elif defined(CONFIG_X86_64_SMP) @@ -19310,18 +19257,26 @@ index 751bf4b..a1278b5 100644 __switch_canary_iparam \ : "memory", "cc" __EXTRA_CLOBBER) diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h -index 1d4e4f2..506db18 100644 +index b4bdec3..e8af9bc 100644 --- a/arch/x86/include/asm/thread_info.h +++ b/arch/x86/include/asm/thread_info.h -@@ -24,7 +24,6 @@ struct exec_domain; +@@ -36,7 +36,7 @@ + #ifdef CONFIG_X86_32 + # define TOP_OF_KERNEL_STACK_PADDING 8 + #else +-# define TOP_OF_KERNEL_STACK_PADDING 0 ++# define TOP_OF_KERNEL_STACK_PADDING 16 + #endif + + /* +@@ -50,27 +50,26 @@ struct task_struct; #include <linux/atomic.h> struct thread_info { - struct task_struct *task; /* main task structure */ - struct exec_domain *exec_domain; /* execution domain */ __u32 flags; /* low level flags */ __u32 status; /* thread synchronous flags */ -@@ -32,13 +31,13 @@ struct thread_info { + __u32 cpu; /* current CPU */ int saved_preempt_count; mm_segment_t addr_limit; void __user *sysenter_return; @@ -19334,10 +19289,9 @@ index 1d4e4f2..506db18 100644 +#define INIT_THREAD_INFO \ { \ - .task = &tsk, \ - .exec_domain = &default_exec_domain, \ .flags = 0, \ .cpu = 0, \ -@@ -46,7 +45,7 @@ struct thread_info { + .saved_preempt_count = INIT_PREEMPT_COUNT, \ .addr_limit = KERNEL_DS, \ } @@ -19346,7 +19300,7 @@ index 1d4e4f2..506db18 100644 #define init_stack (init_thread_union.stack) #else /* !__ASSEMBLY__ */ -@@ -86,6 +85,7 @@ struct thread_info { +@@ -110,6 +109,7 @@ struct thread_info { #define TIF_SYSCALL_TRACEPOINT 28 /* syscall tracepoint instrumentation */ #define TIF_ADDR32 29 /* 32-bit address space on 64 bits */ #define TIF_X32 30 /* 32-bit native x86-64 binary */ @@ -19354,7 +19308,7 @@ index 1d4e4f2..506db18 100644 #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) -@@ -109,17 +109,18 @@ struct thread_info { +@@ -133,17 +133,18 @@ struct thread_info { #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) #define _TIF_ADDR32 (1 << TIF_ADDR32) #define _TIF_X32 (1 << TIF_X32) @@ -19375,7 +19329,7 @@ index 1d4e4f2..506db18 100644 /* work to do on interrupt/exception return */ #define _TIF_WORK_MASK \ -@@ -130,7 +131,7 @@ struct thread_info { +@@ -154,7 +155,7 @@ struct thread_info { /* work to do on any return to user space */ #define _TIF_ALLWORK_MASK \ ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT | \ @@ -19384,15 +19338,7 @@ index 1d4e4f2..506db18 100644 /* Only used for 64 bit */ #define _TIF_DO_NOTIFY_MASK \ -@@ -145,7 +146,6 @@ struct thread_info { - #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW) - - #define STACK_WARN (THREAD_SIZE/8) --#define KERNEL_STACK_OFFSET (5*(BITS_PER_LONG/8)) - - /* - * macros/functions for gaining access to the thread information structure -@@ -156,12 +156,11 @@ struct thread_info { +@@ -179,9 +180,11 @@ struct thread_info { DECLARE_PER_CPU(unsigned long, kernel_stack); @@ -19400,31 +19346,22 @@ index 1d4e4f2..506db18 100644 + static inline struct thread_info *current_thread_info(void) { -- struct thread_info *ti; -- ti = (void *)(this_cpu_read_stable(kernel_stack) + -- KERNEL_STACK_OFFSET - THREAD_SIZE); -- return ti; +- return (struct thread_info *)(current_top_of_stack() - THREAD_SIZE); + return this_cpu_read_stable(current_tinfo); } static inline unsigned long current_stack_pointer(void) -@@ -179,14 +178,7 @@ static inline unsigned long current_stack_pointer(void) +@@ -199,8 +202,7 @@ static inline unsigned long current_stack_pointer(void) - /* how to get the thread information struct from ASM */ + /* Load thread_info address into "reg" */ #define GET_THREAD_INFO(reg) \ - _ASM_MOV PER_CPU_VAR(kernel_stack),reg ; \ -- _ASM_SUB $(THREAD_SIZE-KERNEL_STACK_OFFSET),reg ; -- --/* -- * Same if PER_CPU_VAR(kernel_stack) is, perhaps with some offset, already in -- * a certain register (to be used in assembler memory operands). -- */ --#define THREAD_INFO(reg, off) KERNEL_STACK_OFFSET+(off)-THREAD_SIZE(reg) +- _ASM_SUB $(THREAD_SIZE),reg ; + _ASM_MOV PER_CPU_VAR(current_tinfo),reg ; - #endif - -@@ -242,5 +234,12 @@ static inline bool is_ia32_task(void) + /* + * ASM operand which evaluates to a 'thread_info' address of +@@ -293,5 +295,12 @@ static inline bool is_ia32_task(void) extern void arch_task_cache_init(void); extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); extern void arch_release_task_struct(struct task_struct *tsk); @@ -20475,7 +20412,7 @@ index f58a9c7..dc378042a 100644 extern struct x86_init_ops x86_init; extern struct x86_cpuinit_ops x86_cpuinit; diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/page.h -index 358dcd3..23c0bf1 100644 +index c44a5d5..7f83cfc 100644 --- a/arch/x86/include/asm/xen/page.h +++ b/arch/x86/include/asm/xen/page.h @@ -82,7 +82,7 @@ static inline int xen_safe_read_ulong(unsigned long *addr, unsigned long *val) @@ -20533,10 +20470,10 @@ index c9a6d68..cb57f42 100644 } diff --git a/arch/x86/include/uapi/asm/e820.h b/arch/x86/include/uapi/asm/e820.h -index d993e33..8db1b18 100644 +index 960a8a9..404daf7 100644 --- a/arch/x86/include/uapi/asm/e820.h +++ b/arch/x86/include/uapi/asm/e820.h -@@ -58,7 +58,7 @@ struct e820map { +@@ -68,7 +68,7 @@ struct e820map { #define ISA_START_ADDRESS 0xa0000 #define ISA_END_ADDRESS 0x100000 @@ -20545,20 +20482,8 @@ index d993e33..8db1b18 100644 #define BIOS_END 0x00100000 #define BIOS_ROM_BASE 0xffe00000 -diff --git a/arch/x86/include/uapi/asm/ptrace-abi.h b/arch/x86/include/uapi/asm/ptrace-abi.h -index 7b0a55a..ad115bf 100644 ---- a/arch/x86/include/uapi/asm/ptrace-abi.h -+++ b/arch/x86/include/uapi/asm/ptrace-abi.h -@@ -49,7 +49,6 @@ - #define EFLAGS 144 - #define RSP 152 - #define SS 160 --#define ARGOFFSET R11 - #endif /* __ASSEMBLY__ */ - - /* top of stack page */ diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile -index cdb1b70..426434c 100644 +index 9bcd0b5..750f1b7 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -28,7 +28,7 @@ obj-y += time.o ioport.o ldt.o dumpstack.o nmi.o @@ -20571,7 +20496,7 @@ index cdb1b70..426434c 100644 obj-$(CONFIG_X86_64) += mcount_64.o obj-y += syscall_$(BITS).o vsyscall_gtod.o diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c -index 803b684..68c64f1 100644 +index dbe76a1..e2ec334 100644 --- a/arch/x86/kernel/acpi/boot.c +++ b/arch/x86/kernel/acpi/boot.c @@ -1361,7 +1361,7 @@ static void __init acpi_reduced_hw_init(void) @@ -20630,36 +20555,68 @@ index 665c6b7..eae4d56 100644 bogus_magic: jmp bogus_magic diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c -index 703130f..27a155d 100644 +index aef6531..2044b66 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c -@@ -268,6 +268,13 @@ void __init_or_module apply_alternatives(struct alt_instr *start, - */ - for (a = start; a < end; a++) { +@@ -248,7 +248,9 @@ static void __init_or_module add_nops(void *insns, unsigned int len) + unsigned int noplen = len; + if (noplen > ASM_NOP_MAX) + noplen = ASM_NOP_MAX; ++ pax_open_kernel(); + memcpy(insns, ideal_nops[noplen], noplen); ++ pax_close_kernel(); + insns += noplen; + len -= noplen; + } +@@ -276,6 +278,11 @@ recompute_jump(struct alt_instr *a, u8 *orig_insn, u8 *repl_insn, u8 *insnbuf) + if (a->replacementlen != 5) + return; + ++#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) ++ if (orig_insn < (u8 *)_text || (u8 *)_einittext <= orig_insn) ++ orig_insn = ktva_ktla(orig_insn); ++#endif ++ + o_dspl = *(s32 *)(insnbuf + 1); + + /* next_rip of the replacement JMP */ +@@ -362,7 +369,23 @@ void __init_or_module apply_alternatives(struct alt_instr *start, + int insnbuf_sz = 0; + instr = (u8 *)&a->instr_offset + a->instr_offset; + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) -+ instr += ____LOAD_PHYSICAL_ADDR - LOAD_PHYSICAL_ADDR; -+ if (instr < (u8 *)_text || (u8 *)_einittext <= instr) -+ instr -= ____LOAD_PHYSICAL_ADDR - LOAD_PHYSICAL_ADDR; ++ if ((u8 *)_text <= instr && instr < (u8 *)_einittext) { ++ instr += ____LOAD_PHYSICAL_ADDR - LOAD_PHYSICAL_ADDR; ++ instr = ktla_ktva(instr); ++ } +#endif + replacement = (u8 *)&a->repl_offset + a->repl_offset; - BUG_ON(a->replacementlen > a->instrlen); ++ ++#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) ++ if ((u8 *)_text <= replacement && replacement < (u8 *)_einittext) { ++ replacement += ____LOAD_PHYSICAL_ADDR - LOAD_PHYSICAL_ADDR; ++ replacement = ktla_ktva(replacement); ++ } ++#endif ++ BUG_ON(a->instrlen > sizeof(insnbuf)); -@@ -284,6 +291,11 @@ void __init_or_module apply_alternatives(struct alt_instr *start, - add_nops(insnbuf + a->replacementlen, - a->instrlen - a->replacementlen); + BUG_ON(a->cpuid >= (NCAPINTS + NBUGINTS) * 32); + if (!boot_cpu_has(a->cpuid)) { +@@ -402,6 +425,11 @@ void __init_or_module apply_alternatives(struct alt_instr *start, + } + DUMP_BYTES(insnbuf, insnbuf_sz, "%p: final_insn: ", instr); +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) + if (instr < (u8 *)_text || (u8 *)_einittext <= instr) + instr = ktva_ktla(instr); +#endif + - text_poke_early(instr, insnbuf, a->instrlen); + text_poke_early(instr, insnbuf, insnbuf_sz); } } -@@ -299,10 +311,16 @@ static void alternatives_smp_lock(const s32 *start, const s32 *end, +@@ -416,10 +444,16 @@ static void alternatives_smp_lock(const s32 *start, const s32 *end, for (poff = start; poff < end; poff++) { u8 *ptr = (u8 *)poff + *poff; @@ -20677,7 +20634,7 @@ index 703130f..27a155d 100644 text_poke(ptr, ((unsigned char []){0xf0}), 1); } mutex_unlock(&text_mutex); -@@ -317,10 +335,16 @@ static void alternatives_smp_unlock(const s32 *start, const s32 *end, +@@ -434,10 +468,16 @@ static void alternatives_smp_unlock(const s32 *start, const s32 *end, for (poff = start; poff < end; poff++) { u8 *ptr = (u8 *)poff + *poff; @@ -20695,7 +20652,7 @@ index 703130f..27a155d 100644 text_poke(ptr, ((unsigned char []){0x3E}), 1); } mutex_unlock(&text_mutex); -@@ -457,7 +481,7 @@ void __init_or_module apply_paravirt(struct paravirt_patch_site *start, +@@ -574,7 +614,7 @@ void __init_or_module apply_paravirt(struct paravirt_patch_site *start, BUG_ON(p->len > MAX_PATCH_LEN); /* prep the buffer with the original instructions */ @@ -20704,7 +20661,7 @@ index 703130f..27a155d 100644 used = pv_init_ops.patch(p->instrtype, p->clobbers, insnbuf, (unsigned long)p->instr, p->len); -@@ -504,7 +528,7 @@ void __init alternative_instructions(void) +@@ -621,7 +661,7 @@ void __init alternative_instructions(void) if (!uniproc_patched || num_possible_cpus() == 1) free_init_pages("SMP alternatives", (unsigned long)__smp_locks, @@ -20713,7 +20670,7 @@ index 703130f..27a155d 100644 #endif apply_paravirt(__parainstructions, __parainstructions_end); -@@ -524,13 +548,17 @@ void __init alternative_instructions(void) +@@ -641,13 +681,17 @@ void __init alternative_instructions(void) * instructions. And on the local CPU you need to be protected again NMI or MCE * handlers seeing an inconsistent instruction while you patch. */ @@ -20733,7 +20690,7 @@ index 703130f..27a155d 100644 local_irq_restore(flags); /* Could also do a CLFLUSH here to speed up CPU recovery; but that causes hangs on some VIA CPUs. */ -@@ -552,36 +580,22 @@ void *__init_or_module text_poke_early(void *addr, const void *opcode, +@@ -669,36 +713,22 @@ void *__init_or_module text_poke_early(void *addr, const void *opcode, */ void *text_poke(void *addr, const void *opcode, size_t len) { @@ -20778,16 +20735,7 @@ index 703130f..27a155d 100644 return addr; } -@@ -601,7 +615,7 @@ int poke_int3_handler(struct pt_regs *regs) - if (likely(!bp_patching_in_progress)) - return 0; - -- if (user_mode_vm(regs) || regs->ip != (unsigned long)bp_int3_addr) -+ if (user_mode(regs) || regs->ip != (unsigned long)bp_int3_addr) - return 0; - - /* set up the specified breakpoint handler */ -@@ -635,7 +649,7 @@ int poke_int3_handler(struct pt_regs *regs) +@@ -752,7 +782,7 @@ int poke_int3_handler(struct pt_regs *regs) */ void *text_poke_bp(void *addr, const void *opcode, size_t len, void *handler) { @@ -20797,7 +20745,7 @@ index 703130f..27a155d 100644 bp_int3_handler = handler; bp_int3_addr = (u8 *)addr + sizeof(int3); diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c -index ad3639a..bd4253c 100644 +index dcb5285..cc79e9d 100644 --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c @@ -171,7 +171,7 @@ int first_system_vector = FIRST_SYSTEM_VECTOR; @@ -20809,7 +20757,7 @@ index ad3639a..bd4253c 100644 int pic_mode; -@@ -1918,7 +1918,7 @@ static inline void __smp_error_interrupt(struct pt_regs *regs) +@@ -1857,7 +1857,7 @@ static inline void __smp_error_interrupt(struct pt_regs *regs) apic_write(APIC_ESR, 0); v = apic_read(APIC_ESR); ack_APIC_irq(); @@ -20942,7 +20890,7 @@ index 6cedd79..023ff8e 100644 raw_spin_unlock(&vector_lock); } diff --git a/arch/x86/kernel/apic/x2apic_cluster.c b/arch/x86/kernel/apic/x2apic_cluster.c -index e658f21..b695a1a 100644 +index ab3219b..e8033eb 100644 --- a/arch/x86/kernel/apic/x2apic_cluster.c +++ b/arch/x86/kernel/apic/x2apic_cluster.c @@ -182,7 +182,7 @@ update_clusterinfo(struct notifier_block *nfb, unsigned long action, void *hcpu) @@ -20977,10 +20925,10 @@ index 6fae733..5ca17af 100644 .name = "physical x2apic", .probe = x2apic_phys_probe, diff --git a/arch/x86/kernel/apic/x2apic_uv_x.c b/arch/x86/kernel/apic/x2apic_uv_x.c -index 8e9dcfd..c61b3e4 100644 +index c8d9295..9af2d03 100644 --- a/arch/x86/kernel/apic/x2apic_uv_x.c +++ b/arch/x86/kernel/apic/x2apic_uv_x.c -@@ -348,7 +348,7 @@ static int uv_probe(void) +@@ -375,7 +375,7 @@ static int uv_probe(void) return apic == &apic_x2apic_uv_x; } @@ -21114,7 +21062,7 @@ index 9f6b934..cf5ffb3 100644 BLANK(); OFFSET(XEN_vcpu_info_mask, vcpu_info, evtchn_upcall_mask); diff --git a/arch/x86/kernel/asm-offsets_64.c b/arch/x86/kernel/asm-offsets_64.c -index fdcbb4d..036dd93 100644 +index 5ce6f2d..9e738f3 100644 --- a/arch/x86/kernel/asm-offsets_64.c +++ b/arch/x86/kernel/asm-offsets_64.c @@ -80,6 +80,7 @@ int main(void) @@ -21123,10 +21071,10 @@ index fdcbb4d..036dd93 100644 + DEFINE(TSS_size, sizeof(struct tss_struct)); OFFSET(TSS_ist, tss_struct, x86_tss.ist); + OFFSET(TSS_sp0, tss_struct, x86_tss.sp0); BLANK(); - diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile -index 80091ae..0c5184f 100644 +index 9bff687..5b899fb 100644 --- a/arch/x86/kernel/cpu/Makefile +++ b/arch/x86/kernel/cpu/Makefile @@ -8,10 +8,6 @@ CFLAGS_REMOVE_common.o = -pg @@ -21141,10 +21089,10 @@ index 80091ae..0c5184f 100644 obj-y += common.o obj-y += rdrand.o diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c -index a220239..607fc38 100644 +index e4cf633..941f450 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c -@@ -717,7 +717,7 @@ static void init_amd(struct cpuinfo_x86 *c) +@@ -729,7 +729,7 @@ static void init_amd(struct cpuinfo_x86 *c) static unsigned int amd_size_cache(struct cpuinfo_x86 *c, unsigned int size) { /* AMD errata T13 (order #21922) */ @@ -21154,7 +21102,7 @@ index a220239..607fc38 100644 if (c->x86_model == 3 && c->x86_mask == 0) size = 64; diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c -index 2346c95..c061472 100644 +index a62cf04..041e39c 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -91,60 +91,6 @@ static const struct cpu_dev default_cpu = { @@ -21287,7 +21235,7 @@ index 2346c95..c061472 100644 gdt_descr.size = GDT_SIZE - 1; load_gdt(&gdt_descr); /* Reload the per-cpu base */ -@@ -897,6 +896,20 @@ static void identify_cpu(struct cpuinfo_x86 *c) +@@ -935,6 +934,20 @@ static void identify_cpu(struct cpuinfo_x86 *c) setup_smep(c); setup_smap(c); @@ -21308,16 +21256,16 @@ index 2346c95..c061472 100644 /* * The vendor-specific functions might have changed features. * Now we do "generic changes." -@@ -979,7 +992,7 @@ static void syscall32_cpu_init(void) - void enable_sep_cpu(void) - { - int cpu = get_cpu(); -- struct tss_struct *tss = &per_cpu(init_tss, cpu); -+ struct tss_struct *tss = init_tss + cpu; +@@ -1009,7 +1022,7 @@ void enable_sep_cpu(void) + int cpu; - if (!boot_cpu_has(X86_FEATURE_SEP)) { - put_cpu(); -@@ -1117,14 +1130,16 @@ static __init int setup_disablecpuid(char *arg) + cpu = get_cpu(); +- tss = &per_cpu(cpu_tss, cpu); ++ tss = cpu_tss + cpu; + + if (!boot_cpu_has(X86_FEATURE_SEP)) + goto out; +@@ -1155,14 +1168,16 @@ static __init int setup_disablecpuid(char *arg) } __setup("clearcpuid=", setup_disablecpuid); @@ -21325,7 +21273,7 @@ index 2346c95..c061472 100644 +EXPORT_PER_CPU_SYMBOL(current_tinfo); + DEFINE_PER_CPU(unsigned long, kernel_stack) = -- (unsigned long)&init_thread_union - KERNEL_STACK_OFFSET + THREAD_SIZE; +- (unsigned long)&init_thread_union + THREAD_SIZE; + (unsigned long)&init_thread_union - 16 + THREAD_SIZE; EXPORT_PER_CPU_SYMBOL(kernel_stack); @@ -21338,16 +21286,16 @@ index 2346c95..c061472 100644 DEFINE_PER_CPU_FIRST(union irq_stack_union, irq_stack_union) __aligned(PAGE_SIZE) __visible; -@@ -1307,7 +1322,7 @@ void cpu_init(void) +@@ -1367,7 +1382,7 @@ void cpu_init(void) */ load_ucode_ap(); -- t = &per_cpu(init_tss, cpu); -+ t = init_tss + cpu; +- t = &per_cpu(cpu_tss, cpu); ++ t = cpu_tss + cpu; oist = &per_cpu(orig_ist, cpu); #ifdef CONFIG_NUMA -@@ -1339,7 +1354,6 @@ void cpu_init(void) +@@ -1399,7 +1414,6 @@ void cpu_init(void) wrmsrl(MSR_KERNEL_GS_BASE, 0); barrier(); @@ -21355,108 +21303,69 @@ index 2346c95..c061472 100644 x2apic_setup(); /* -@@ -1391,7 +1405,7 @@ void cpu_init(void) +@@ -1451,7 +1465,7 @@ void cpu_init(void) { int cpu = smp_processor_id(); struct task_struct *curr = current; -- struct tss_struct *t = &per_cpu(init_tss, cpu); -+ struct tss_struct *t = init_tss + cpu; +- struct tss_struct *t = &per_cpu(cpu_tss, cpu); ++ struct tss_struct *t = cpu_tss + cpu; struct thread_struct *thread = &curr->thread; wait_for_master_cpu(cpu); diff --git a/arch/x86/kernel/cpu/intel_cacheinfo.c b/arch/x86/kernel/cpu/intel_cacheinfo.c -index 6596433..1ad6eaf 100644 +index edcb0e2..a138233 100644 --- a/arch/x86/kernel/cpu/intel_cacheinfo.c +++ b/arch/x86/kernel/cpu/intel_cacheinfo.c -@@ -1024,6 +1024,22 @@ static struct attribute *default_attrs[] = { - }; +@@ -519,25 +519,23 @@ cache_private_attrs_is_visible(struct kobject *kobj, + return 0; + } - #ifdef CONFIG_AMD_NB -+static struct attribute *default_attrs_amd_nb[] = { -+ &type.attr, -+ &level.attr, -+ &coherency_line_size.attr, -+ &physical_line_partition.attr, -+ &ways_of_associativity.attr, -+ &number_of_sets.attr, -+ &size.attr, -+ &shared_cpu_map.attr, -+ &shared_cpu_list.attr, -+ NULL, -+ NULL, -+ NULL, -+ NULL -+}; ++static struct attribute *amd_l3_attrs[4]; + - static struct attribute **amd_l3_attrs(void) + static struct attribute_group cache_private_group = { + .is_visible = cache_private_attrs_is_visible, ++ .attrs = amd_l3_attrs, + }; + + static void init_amd_l3_attrs(void) { - static struct attribute **attrs; -@@ -1034,18 +1050,7 @@ static struct attribute **amd_l3_attrs(void) + int n = 1; +- static struct attribute **amd_l3_attrs; +- +- if (amd_l3_attrs) /* already initialized */ +- return; - n = ARRAY_SIZE(default_attrs); + if (amd_nb_has_feature(AMD_NB_L3_INDEX_DISABLE)) + n += 2; + if (amd_nb_has_feature(AMD_NB_L3_PARTITIONING)) + n += 1; -- if (amd_nb_has_feature(AMD_NB_L3_INDEX_DISABLE)) -- n += 2; -- -- if (amd_nb_has_feature(AMD_NB_L3_PARTITIONING)) -- n += 1; -- -- attrs = kzalloc(n * sizeof (struct attribute *), GFP_KERNEL); -- if (attrs == NULL) -- return attrs = default_attrs; -- -- for (n = 0; default_attrs[n]; n++) -- attrs[n] = default_attrs[n]; -+ attrs = default_attrs_amd_nb; - - if (amd_nb_has_feature(AMD_NB_L3_INDEX_DISABLE)) { - attrs[n++] = &cache_disable_0.attr; -@@ -1096,6 +1101,13 @@ static struct kobj_type ktype_cache = { - .default_attrs = default_attrs, - }; +- amd_l3_attrs = kcalloc(n, sizeof(*amd_l3_attrs), GFP_KERNEL); +- if (!amd_l3_attrs) ++ if (n > 1 && amd_l3_attrs[0]) /* already initialized */ + return; -+#ifdef CONFIG_AMD_NB -+static struct kobj_type ktype_cache_amd_nb = { -+ .sysfs_ops = &sysfs_ops, -+ .default_attrs = default_attrs_amd_nb, -+}; -+#endif -+ - static struct kobj_type ktype_percpu_entry = { - .sysfs_ops = &sysfs_ops, - }; -@@ -1161,20 +1173,26 @@ static int cache_add_dev(struct device *dev) - return retval; + n = 0; +@@ -547,8 +545,6 @@ static void init_amd_l3_attrs(void) } + if (amd_nb_has_feature(AMD_NB_L3_PARTITIONING)) + amd_l3_attrs[n++] = &dev_attr_subcaches.attr; +- +- cache_private_group.attrs = amd_l3_attrs; + } -+#ifdef CONFIG_AMD_NB -+ amd_l3_attrs(); -+#endif -+ - for (i = 0; i < num_cache_leaves; i++) { -+ struct kobj_type *ktype; -+ - this_object = INDEX_KOBJECT_PTR(cpu, i); - this_object->cpu = cpu; - this_object->index = i; + const struct attribute_group * +@@ -559,7 +555,7 @@ cache_get_priv_group(struct cacheinfo *this_leaf) + if (this_leaf->level < 3 || !nb) + return NULL; - this_leaf = CPUID4_INFO_IDX(cpu, i); +- if (nb && nb->l3_cache.indices) ++ if (nb->l3_cache.indices) + init_amd_l3_attrs(); -- ktype_cache.default_attrs = default_attrs; -+ ktype = &ktype_cache; - #ifdef CONFIG_AMD_NB - if (this_leaf->base.nb) -- ktype_cache.default_attrs = amd_l3_attrs(); -+ ktype = &ktype_cache_amd_nb; - #endif - retval = kobject_init_and_add(&(this_object->kobj), -- &ktype_cache, -+ ktype, - per_cpu(ici_cache_kobject, cpu), - "index%1lu", i); - if (unlikely(retval)) { + return &cache_private_group; diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c -index 11dd8f2..fd88f68 100644 +index 20190bd..cadb2ab 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -47,6 +47,7 @@ @@ -21467,7 +21376,7 @@ index 11dd8f2..fd88f68 100644 #include "mce-internal.h" -@@ -258,7 +259,7 @@ static void print_mce(struct mce *m) +@@ -256,7 +257,7 @@ static void print_mce(struct mce *m) !(m->mcgstatus & MCG_STATUS_EIPV) ? " !INEXACT!" : "", m->cs, m->ip); @@ -21476,7 +21385,7 @@ index 11dd8f2..fd88f68 100644 print_symbol("{%s}", m->ip); pr_cont("\n"); } -@@ -291,10 +292,10 @@ static void print_mce(struct mce *m) +@@ -289,10 +290,10 @@ static void print_mce(struct mce *m) #define PANIC_TIMEOUT 5 /* 5 seconds */ @@ -21489,7 +21398,7 @@ index 11dd8f2..fd88f68 100644 /* Panic in progress. Enable interrupts and wait for final IPI */ static void wait_for_panic(void) -@@ -318,7 +319,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) +@@ -316,7 +317,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) /* * Make sure only one CPU runs in machine check panic */ @@ -21498,7 +21407,7 @@ index 11dd8f2..fd88f68 100644 wait_for_panic(); barrier(); -@@ -326,7 +327,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) +@@ -324,7 +325,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) console_verbose(); } else { /* Don't log too much for fake panic */ @@ -21507,7 +21416,7 @@ index 11dd8f2..fd88f68 100644 return; } /* First print corrected ones that are still unlogged */ -@@ -365,7 +366,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) +@@ -363,7 +364,7 @@ static void mce_panic(const char *msg, struct mce *final, char *exp) if (!fake_panic) { if (panic_timeout == 0) panic_timeout = mca_cfg.panic_timeout; @@ -21516,7 +21425,7 @@ index 11dd8f2..fd88f68 100644 } else pr_emerg(HW_ERR "Fake kernel panic: %s\n", msg); } -@@ -746,7 +747,7 @@ static int mce_timed_out(u64 *t, const char *msg) +@@ -749,7 +750,7 @@ static int mce_timed_out(u64 *t, const char *msg) * might have been modified by someone else. */ rmb(); @@ -21525,7 +21434,7 @@ index 11dd8f2..fd88f68 100644 wait_for_panic(); if (!mca_cfg.monarch_timeout) goto out; -@@ -1672,7 +1673,7 @@ static void unexpected_machine_check(struct pt_regs *regs, long error_code) +@@ -1679,7 +1680,7 @@ static void unexpected_machine_check(struct pt_regs *regs, long error_code) } /* Call the installed machine check handler for this CPU setup. */ @@ -21534,7 +21443,7 @@ index 11dd8f2..fd88f68 100644 unexpected_machine_check; /* -@@ -1695,7 +1696,9 @@ void mcheck_cpu_init(struct cpuinfo_x86 *c) +@@ -1702,7 +1703,9 @@ void mcheck_cpu_init(struct cpuinfo_x86 *c) return; } @@ -21544,7 +21453,7 @@ index 11dd8f2..fd88f68 100644 __mcheck_cpu_init_generic(); __mcheck_cpu_init_vendor(c); -@@ -1709,7 +1712,7 @@ void mcheck_cpu_init(struct cpuinfo_x86 *c) +@@ -1716,7 +1719,7 @@ void mcheck_cpu_init(struct cpuinfo_x86 *c) */ static DEFINE_SPINLOCK(mce_chrdev_state_lock); @@ -21553,7 +21462,7 @@ index 11dd8f2..fd88f68 100644 static int mce_chrdev_open_exclu; /* already open exclusive? */ static int mce_chrdev_open(struct inode *inode, struct file *file) -@@ -1717,7 +1720,7 @@ static int mce_chrdev_open(struct inode *inode, struct file *file) +@@ -1724,7 +1727,7 @@ static int mce_chrdev_open(struct inode *inode, struct file *file) spin_lock(&mce_chrdev_state_lock); if (mce_chrdev_open_exclu || @@ -21562,7 +21471,7 @@ index 11dd8f2..fd88f68 100644 spin_unlock(&mce_chrdev_state_lock); return -EBUSY; -@@ -1725,7 +1728,7 @@ static int mce_chrdev_open(struct inode *inode, struct file *file) +@@ -1732,7 +1735,7 @@ static int mce_chrdev_open(struct inode *inode, struct file *file) if (file->f_flags & O_EXCL) mce_chrdev_open_exclu = 1; @@ -21571,7 +21480,7 @@ index 11dd8f2..fd88f68 100644 spin_unlock(&mce_chrdev_state_lock); -@@ -1736,7 +1739,7 @@ static int mce_chrdev_release(struct inode *inode, struct file *file) +@@ -1743,7 +1746,7 @@ static int mce_chrdev_release(struct inode *inode, struct file *file) { spin_lock(&mce_chrdev_state_lock); @@ -21580,7 +21489,7 @@ index 11dd8f2..fd88f68 100644 mce_chrdev_open_exclu = 0; spin_unlock(&mce_chrdev_state_lock); -@@ -2411,7 +2414,7 @@ static __init void mce_init_banks(void) +@@ -2419,7 +2422,7 @@ static __init void mce_init_banks(void) for (i = 0; i < mca_cfg.banks; i++) { struct mce_bank *b = &mce_banks[i]; @@ -21589,7 +21498,7 @@ index 11dd8f2..fd88f68 100644 sysfs_attr_init(&a->attr); a->attr.name = b->attrname; -@@ -2518,7 +2521,7 @@ struct dentry *mce_get_debugfs_dir(void) +@@ -2526,7 +2529,7 @@ struct dentry *mce_get_debugfs_dir(void) static void mce_reset(void) { cpu_missing = 0; @@ -21656,7 +21565,7 @@ index 36a8361..e7058c2 100644 }; diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c -index 746e7fd..8dc677e 100644 +index a41bead..4e3685b 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -298,13 +298,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device, @@ -21702,10 +21611,10 @@ index df5e41f..816c719 100644 extern int generic_get_free_region(unsigned long base, unsigned long size, int replace_reg); diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c -index b71a7f8..534af0e 100644 +index aa4e3a7..469370f 100644 --- a/arch/x86/kernel/cpu/perf_event.c +++ b/arch/x86/kernel/cpu/perf_event.c -@@ -1376,7 +1376,7 @@ static void __init pmu_check_apic(void) +@@ -1509,7 +1509,7 @@ static void __init pmu_check_apic(void) } @@ -21714,7 +21623,7 @@ index b71a7f8..534af0e 100644 .name = "format", .attrs = NULL, }; -@@ -1475,7 +1475,7 @@ static struct attribute *events_attr[] = { +@@ -1608,7 +1608,7 @@ static struct attribute *events_attr[] = { NULL, }; @@ -21723,7 +21632,7 @@ index b71a7f8..534af0e 100644 .name = "events", .attrs = events_attr, }; -@@ -2037,7 +2037,7 @@ static unsigned long get_segment_base(unsigned int segment) +@@ -2181,7 +2181,7 @@ static unsigned long get_segment_base(unsigned int segment) if (idx > GDT_ENTRIES) return 0; @@ -21732,7 +21641,7 @@ index b71a7f8..534af0e 100644 } return get_desc_base(desc + idx); -@@ -2127,7 +2127,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) +@@ -2271,7 +2271,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) break; perf_callchain_store(entry, frame.return_address); @@ -21755,10 +21664,10 @@ index 97242a9..cf9c30e 100644 while (amd_iommu_v2_event_descs[i].attr.attr.name) diff --git a/arch/x86/kernel/cpu/perf_event_intel.c b/arch/x86/kernel/cpu/perf_event_intel.c -index 2589906..1ca1000 100644 +index 2813ea0..3ef5969c8 100644 --- a/arch/x86/kernel/cpu/perf_event_intel.c +++ b/arch/x86/kernel/cpu/perf_event_intel.c -@@ -2353,10 +2353,10 @@ __init int intel_pmu_init(void) +@@ -3033,10 +3033,10 @@ __init int intel_pmu_init(void) x86_pmu.num_counters_fixed = max((int)edx.split.num_counters_fixed, 3); if (boot_cpu_has(X86_FEATURE_PDCM)) { @@ -21772,11 +21681,147 @@ index 2589906..1ca1000 100644 } intel_ds_init(); +diff --git a/arch/x86/kernel/cpu/perf_event_intel_bts.c b/arch/x86/kernel/cpu/perf_event_intel_bts.c +index 7795f3f..3535b76 100644 +--- a/arch/x86/kernel/cpu/perf_event_intel_bts.c ++++ b/arch/x86/kernel/cpu/perf_event_intel_bts.c +@@ -252,7 +252,7 @@ static void bts_event_start(struct perf_event *event, int flags) + __bts_event_start(event); + + /* PMI handler: this counter is running and likely generating PMIs */ +- ACCESS_ONCE(bts->started) = 1; ++ ACCESS_ONCE_RW(bts->started) = 1; + } + + static void __bts_event_stop(struct perf_event *event) +@@ -266,7 +266,7 @@ static void __bts_event_stop(struct perf_event *event) + if (event->hw.state & PERF_HES_STOPPED) + return; + +- ACCESS_ONCE(event->hw.state) |= PERF_HES_STOPPED; ++ ACCESS_ONCE_RW(event->hw.state) |= PERF_HES_STOPPED; + } + + static void bts_event_stop(struct perf_event *event, int flags) +@@ -274,7 +274,7 @@ static void bts_event_stop(struct perf_event *event, int flags) + struct bts_ctx *bts = this_cpu_ptr(&bts_ctx); + + /* PMI handler: don't restart this counter */ +- ACCESS_ONCE(bts->started) = 0; ++ ACCESS_ONCE_RW(bts->started) = 0; + + __bts_event_stop(event); + +diff --git a/arch/x86/kernel/cpu/perf_event_intel_cqm.c b/arch/x86/kernel/cpu/perf_event_intel_cqm.c +index e4d1b8b..2c6ffa0 100644 +--- a/arch/x86/kernel/cpu/perf_event_intel_cqm.c ++++ b/arch/x86/kernel/cpu/perf_event_intel_cqm.c +@@ -1352,7 +1352,9 @@ static int __init intel_cqm_init(void) + goto out; + } + +- event_attr_intel_cqm_llc_scale.event_str = str; ++ pax_open_kernel(); ++ *(const char **)&event_attr_intel_cqm_llc_scale.event_str = str; ++ pax_close_kernel(); + + ret = intel_cqm_setup_rmid_cache(); + if (ret) +diff --git a/arch/x86/kernel/cpu/perf_event_intel_pt.c b/arch/x86/kernel/cpu/perf_event_intel_pt.c +index 123ff1b..d53e500 100644 +--- a/arch/x86/kernel/cpu/perf_event_intel_pt.c ++++ b/arch/x86/kernel/cpu/perf_event_intel_pt.c +@@ -116,16 +116,12 @@ static const struct attribute_group *pt_attr_groups[] = { + + static int __init pt_pmu_hw_init(void) + { +- struct dev_ext_attribute *de_attrs; +- struct attribute **attrs; +- size_t size; +- int ret; ++ static struct dev_ext_attribute de_attrs[ARRAY_SIZE(pt_caps)]; ++ static struct attribute *attrs[ARRAY_SIZE(pt_caps)]; + long i; + +- attrs = NULL; +- ret = -ENODEV; + if (!test_cpu_cap(&boot_cpu_data, X86_FEATURE_INTEL_PT)) +- goto fail; ++ return -ENODEV; + + for (i = 0; i < PT_CPUID_LEAVES; i++) { + cpuid_count(20, i, +@@ -135,39 +131,25 @@ static int __init pt_pmu_hw_init(void) + &pt_pmu.caps[CR_EDX + i*4]); + } + +- ret = -ENOMEM; +- size = sizeof(struct attribute *) * (ARRAY_SIZE(pt_caps)+1); +- attrs = kzalloc(size, GFP_KERNEL); +- if (!attrs) +- goto fail; +- +- size = sizeof(struct dev_ext_attribute) * (ARRAY_SIZE(pt_caps)+1); +- de_attrs = kzalloc(size, GFP_KERNEL); +- if (!de_attrs) +- goto fail; +- ++ pax_open_kernel(); + for (i = 0; i < ARRAY_SIZE(pt_caps); i++) { +- struct dev_ext_attribute *de_attr = de_attrs + i; ++ struct dev_ext_attribute *de_attr = &de_attrs[i]; + +- de_attr->attr.attr.name = pt_caps[i].name; ++ *(const char **)&de_attr->attr.attr.name = pt_caps[i].name; + + sysfs_attr_init(&de_attr->attr.attr); + +- de_attr->attr.attr.mode = S_IRUGO; +- de_attr->attr.show = pt_cap_show; +- de_attr->var = (void *)i; ++ *(umode_t *)&de_attr->attr.attr.mode = S_IRUGO; ++ *(void **)&de_attr->attr.show = pt_cap_show; ++ *(void **)&de_attr->var = (void *)i; + + attrs[i] = &de_attr->attr.attr; + } + +- pt_cap_group.attrs = attrs; ++ *(struct attribute ***)&pt_cap_group.attrs = attrs; ++ pax_close_kernel(); + + return 0; +- +-fail: +- kfree(attrs); +- +- return ret; + } + + #define PT_CONFIG_MASK (RTIT_CTL_TSC_EN | RTIT_CTL_DISRETC) +@@ -928,7 +910,7 @@ static void pt_event_start(struct perf_event *event, int mode) + return; + } + +- ACCESS_ONCE(pt->handle_nmi) = 1; ++ ACCESS_ONCE_RW(pt->handle_nmi) = 1; + event->hw.state = 0; + + pt_config_buffer(buf->cur->table, buf->cur_idx, +@@ -945,7 +927,7 @@ static void pt_event_stop(struct perf_event *event, int mode) + * Protect against the PMI racing with disabling wrmsr, + * see comment in intel_pt_interrupt(). + */ +- ACCESS_ONCE(pt->handle_nmi) = 0; ++ ACCESS_ONCE_RW(pt->handle_nmi) = 0; + pt_config_start(false); + + if (event->hw.state == PERF_HES_STOPPED) diff --git a/arch/x86/kernel/cpu/perf_event_intel_rapl.c b/arch/x86/kernel/cpu/perf_event_intel_rapl.c -index 76d8cbe..e5f9681 100644 +index 358c54a..f068235 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_rapl.c +++ b/arch/x86/kernel/cpu/perf_event_intel_rapl.c -@@ -465,7 +465,7 @@ static struct attribute *rapl_events_hsw_attr[] = { +@@ -487,7 +487,7 @@ static struct attribute *rapl_events_hsw_attr[] = { NULL, }; @@ -21786,10 +21831,10 @@ index 76d8cbe..e5f9681 100644 .attrs = NULL, /* patched at runtime */ }; diff --git a/arch/x86/kernel/cpu/perf_event_intel_uncore.c b/arch/x86/kernel/cpu/perf_event_intel_uncore.c -index c635b8b..b78835e 100644 +index 90b7c50..7863ae3 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_uncore.c +++ b/arch/x86/kernel/cpu/perf_event_intel_uncore.c -@@ -733,7 +733,7 @@ static void __init uncore_types_exit(struct intel_uncore_type **types) +@@ -732,7 +732,7 @@ static void __init uncore_types_exit(struct intel_uncore_type **types) static int __init uncore_type_init(struct intel_uncore_type *type) { struct intel_uncore_pmu *pmus; @@ -21799,10 +21844,10 @@ index c635b8b..b78835e 100644 int i, j; diff --git a/arch/x86/kernel/cpu/perf_event_intel_uncore.h b/arch/x86/kernel/cpu/perf_event_intel_uncore.h -index 6c8c1e7..515b98a 100644 +index ceac8f5..a562de7 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_uncore.h +++ b/arch/x86/kernel/cpu/perf_event_intel_uncore.h -@@ -114,7 +114,7 @@ struct intel_uncore_box { +@@ -115,7 +115,7 @@ struct intel_uncore_box { struct uncore_event_desc { struct kobj_attribute attr; const char *config; @@ -21824,19 +21869,6 @@ index 83741a7..bd3507d 100644 { .notifier_call = cpuid_class_cpu_callback, }; -diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c -index aceb2f9..c76d3e3 100644 ---- a/arch/x86/kernel/crash.c -+++ b/arch/x86/kernel/crash.c -@@ -105,7 +105,7 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs) - #ifdef CONFIG_X86_32 - struct pt_regs fixed_regs; - -- if (!user_mode_vm(regs)) { -+ if (!user_mode(regs)) { - crash_fixup_ss_esp(&fixed_regs, regs); - regs = &fixed_regs; - } diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c index afa64ad..dce67dd 100644 --- a/arch/x86/kernel/crash_dump_64.c @@ -21886,7 +21918,7 @@ index f6dfd93..892ade4 100644 .__cr3 = __pa_nodebug(swapper_pg_dir), diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c -index cf3df1d..b637d9a 100644 +index 9c30acf..8cf2411 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -2,6 +2,9 @@ @@ -21899,7 +21931,7 @@ index cf3df1d..b637d9a 100644 #include <linux/kallsyms.h> #include <linux/kprobes.h> #include <linux/uaccess.h> -@@ -33,23 +36,21 @@ static void printk_stack_address(unsigned long address, int reliable) +@@ -35,23 +38,21 @@ static void printk_stack_address(unsigned long address, int reliable, void printk_address(unsigned long address) { @@ -21925,7 +21957,7 @@ index cf3df1d..b637d9a 100644 index = task->curr_ret_stack; if (!task->ret_stack || index < *graph) -@@ -66,7 +67,7 @@ print_ftrace_graph_addr(unsigned long addr, void *data, +@@ -68,7 +69,7 @@ print_ftrace_graph_addr(unsigned long addr, void *data, static inline void print_ftrace_graph_addr(unsigned long addr, void *data, const struct stacktrace_ops *ops, @@ -21934,7 +21966,7 @@ index cf3df1d..b637d9a 100644 { } #endif -@@ -77,10 +78,8 @@ print_ftrace_graph_addr(unsigned long addr, void *data, +@@ -79,10 +80,8 @@ print_ftrace_graph_addr(unsigned long addr, void *data, * severe exception (double fault, nmi, stack fault, debug, mce) hardware stack */ @@ -21946,7 +21978,7 @@ index cf3df1d..b637d9a 100644 if (end) { if (p < end && p >= (end-THREAD_SIZE)) return 1; -@@ -91,14 +90,14 @@ static inline int valid_stack_ptr(struct thread_info *tinfo, +@@ -93,14 +92,14 @@ static inline int valid_stack_ptr(struct thread_info *tinfo, } unsigned long @@ -21963,7 +21995,7 @@ index cf3df1d..b637d9a 100644 unsigned long addr; addr = *stack; -@@ -110,7 +109,7 @@ print_context_stack(struct thread_info *tinfo, +@@ -112,7 +111,7 @@ print_context_stack(struct thread_info *tinfo, } else { ops->address(data, addr, 0); } @@ -21972,7 +22004,7 @@ index cf3df1d..b637d9a 100644 } stack++; } -@@ -119,7 +118,7 @@ print_context_stack(struct thread_info *tinfo, +@@ -121,7 +120,7 @@ print_context_stack(struct thread_info *tinfo, EXPORT_SYMBOL_GPL(print_context_stack); unsigned long @@ -21981,7 +22013,7 @@ index cf3df1d..b637d9a 100644 unsigned long *stack, unsigned long bp, const struct stacktrace_ops *ops, void *data, unsigned long *end, int *graph) -@@ -127,7 +126,7 @@ print_context_stack_bp(struct thread_info *tinfo, +@@ -129,7 +128,7 @@ print_context_stack_bp(struct thread_info *tinfo, struct stack_frame *frame = (struct stack_frame *)bp; unsigned long *ret_addr = &frame->return_address; @@ -21990,7 +22022,7 @@ index cf3df1d..b637d9a 100644 unsigned long addr = *ret_addr; if (!__kernel_text_address(addr)) -@@ -136,7 +135,7 @@ print_context_stack_bp(struct thread_info *tinfo, +@@ -138,7 +137,7 @@ print_context_stack_bp(struct thread_info *tinfo, ops->address(data, addr, 1); frame = frame->next_frame; ret_addr = &frame->return_address; @@ -21999,16 +22031,7 @@ index cf3df1d..b637d9a 100644 } return (unsigned long)frame; -@@ -155,7 +154,7 @@ static int print_trace_stack(void *data, char *name) - static void print_trace_address(void *data, unsigned long addr, int reliable) - { - touch_nmi_watchdog(); -- printk(data); -+ printk("%s", (char *)data); - printk_stack_address(addr, reliable); - } - -@@ -225,6 +224,8 @@ unsigned long oops_begin(void) +@@ -226,6 +225,8 @@ unsigned long oops_begin(void) EXPORT_SYMBOL_GPL(oops_begin); NOKPROBE_SYMBOL(oops_begin); @@ -22017,7 +22040,7 @@ index cf3df1d..b637d9a 100644 void oops_end(unsigned long flags, struct pt_regs *regs, int signr) { if (regs && kexec_should_crash(current)) -@@ -246,7 +247,10 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr) +@@ -247,7 +248,10 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr) panic("Fatal exception in interrupt"); if (panic_on_oops) panic("Fatal exception"); @@ -22029,26 +22052,8 @@ index cf3df1d..b637d9a 100644 } NOKPROBE_SYMBOL(oops_end); -@@ -278,7 +282,7 @@ int __die(const char *str, struct pt_regs *regs, long err) - print_modules(); - show_regs(regs); - #ifdef CONFIG_X86_32 -- if (user_mode_vm(regs)) { -+ if (user_mode(regs)) { - sp = regs->sp; - ss = regs->ss & 0xffff; - } else { -@@ -307,7 +311,7 @@ void die(const char *str, struct pt_regs *regs, long err) - unsigned long flags = oops_begin(); - int sig = SIGSEGV; - -- if (!user_mode_vm(regs)) -+ if (!user_mode(regs)) - report_bug(regs->ip, regs); - - if (__die(str, regs, err)) diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c -index 5abd4cd..ca97162 100644 +index 464ffd6..01f2cda 100644 --- a/arch/x86/kernel/dumpstack_32.c +++ b/arch/x86/kernel/dumpstack_32.c @@ -61,15 +61,14 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs, @@ -22069,20 +22074,7 @@ index 5abd4cd..ca97162 100644 end_stack, &graph); /* Stop if not on irq stack */ -@@ -123,27 +122,28 @@ void show_regs(struct pt_regs *regs) - int i; - - show_regs_print_info(KERN_EMERG); -- __show_regs(regs, !user_mode_vm(regs)); -+ __show_regs(regs, !user_mode(regs)); - - /* - * When in-kernel, we also print out the stack and code at the - * time of the fault.. - */ -- if (!user_mode_vm(regs)) { -+ if (!user_mode(regs)) { - unsigned int code_prologue = code_bytes * 43 / 64; +@@ -137,16 +136,17 @@ void show_regs(struct pt_regs *regs) unsigned int code_len = code_bytes; unsigned char c; u8 *ip; @@ -22102,7 +22094,7 @@ index 5abd4cd..ca97162 100644 code_len = code_len - code_prologue + 1; } for (i = 0; i < code_len; i++, ip++) { -@@ -152,7 +152,7 @@ void show_regs(struct pt_regs *regs) +@@ -155,7 +155,7 @@ void show_regs(struct pt_regs *regs) pr_cont(" Bad EIP value."); break; } @@ -22111,7 +22103,7 @@ index 5abd4cd..ca97162 100644 pr_cont(" <%02x>", c); else pr_cont(" %02x", c); -@@ -165,6 +165,7 @@ int is_valid_bugaddr(unsigned long ip) +@@ -168,6 +168,7 @@ int is_valid_bugaddr(unsigned long ip) { unsigned short ud2; @@ -22119,7 +22111,7 @@ index 5abd4cd..ca97162 100644 if (ip < PAGE_OFFSET) return 0; if (probe_kernel_address((unsigned short *)ip, ud2)) -@@ -172,3 +173,15 @@ int is_valid_bugaddr(unsigned long ip) +@@ -175,3 +176,15 @@ int is_valid_bugaddr(unsigned long ip) return ud2 == 0x0b0f; } @@ -22136,7 +22128,7 @@ index 5abd4cd..ca97162 100644 +EXPORT_SYMBOL(pax_check_alloca); +#endif diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c -index ff86f19..a2efee8 100644 +index 5f1c626..1cba97e 100644 --- a/arch/x86/kernel/dumpstack_64.c +++ b/arch/x86/kernel/dumpstack_64.c @@ -153,12 +153,12 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs, @@ -22199,7 +22191,7 @@ index ff86f19..a2efee8 100644 put_cpu(); } EXPORT_SYMBOL(dump_trace); -@@ -344,8 +347,55 @@ int is_valid_bugaddr(unsigned long ip) +@@ -347,8 +350,55 @@ int is_valid_bugaddr(unsigned long ip) { unsigned short ud2; @@ -22257,10 +22249,10 @@ index ff86f19..a2efee8 100644 +EXPORT_SYMBOL(pax_check_alloca); +#endif diff --git a/arch/x86/kernel/e820.c b/arch/x86/kernel/e820.c -index 46201de..ebffabf 100644 +index e2ce85d..00ccad0 100644 --- a/arch/x86/kernel/e820.c +++ b/arch/x86/kernel/e820.c -@@ -794,8 +794,8 @@ unsigned long __init e820_end_of_low_ram_pfn(void) +@@ -802,8 +802,8 @@ unsigned long __init e820_end_of_low_ram_pfn(void) static void early_panic(char *msg) { @@ -22272,7 +22264,7 @@ index 46201de..ebffabf 100644 static int userdef __initdata; diff --git a/arch/x86/kernel/early_printk.c b/arch/x86/kernel/early_printk.c -index a62536a..8444df4 100644 +index 89427d8..00c0d52 100644 --- a/arch/x86/kernel/early_printk.c +++ b/arch/x86/kernel/early_printk.c @@ -7,6 +7,7 @@ @@ -22284,7 +22276,7 @@ index a62536a..8444df4 100644 #include <asm/processor.h> #include <asm/fcntl.h> diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S -index 31e2d5b..b31c76d 100644 +index 1c30976..71b41b9 100644 --- a/arch/x86/kernel/entry_32.S +++ b/arch/x86/kernel/entry_32.S @@ -177,13 +177,154 @@ @@ -22328,7 +22320,7 @@ index 31e2d5b..b31c76d 100644 +#else + mov %cr0, %esi +#endif -+ bts $16, %esi ++ bts $X86_CR0_WP_BIT, %esi + jnc 1f + mov %cs, %esi + cmp $__KERNEL_CS, %esi @@ -22364,7 +22356,7 @@ index 31e2d5b..b31c76d 100644 +#else + mov %cr0, %esi +#endif -+ btr $16, %esi ++ btr $X86_CR0_WP_BIT, %esi + ljmp $__KERNEL_CS, $1f +1: +#ifdef CONFIG_PARAVIRT @@ -22513,14 +22505,17 @@ index 31e2d5b..b31c76d 100644 #endif CFI_ENDPROC -@@ -395,30 +553,45 @@ sysenter_past_esp: +@@ -395,33 +553,45 @@ sysenter_past_esp: /*CFI_REL_OFFSET cs, 0*/ /* * Push current_thread_info()->sysenter_return to the stack. -- * A tiny bit of offset fixup is necessary - 4*4 means the 4 words -- * pushed above; +8 corresponds to copy_thread's esp0 setting. +- * A tiny bit of offset fixup is necessary: TI_sysenter_return +- * is relative to thread_info, which is at the bottom of the +- * kernel stack page. 4*4 means the 4 words pushed above; +- * TOP_OF_KERNEL_STACK_PADDING takes us to the top of the stack; +- * and THREAD_SIZE takes us to the bottom. */ -- pushl_cfi ((TI_sysenter_return)-THREAD_SIZE+8+4*4)(%esp) +- pushl_cfi ((TI_sysenter_return) - THREAD_SIZE + TOP_OF_KERNEL_STACK_PADDING + 4*4)(%esp) + pushl_cfi $0 CFI_REL_OFFSET eip, 0 @@ -22562,9 +22557,9 @@ index 31e2d5b..b31c76d 100644 testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%ebp) jnz sysenter_audit sysenter_do_call: -@@ -434,12 +607,24 @@ sysenter_after_call: +@@ -437,12 +607,24 @@ sysenter_after_call: testl $_TIF_ALLWORK_MASK, %ecx - jne sysexit_audit + jnz sysexit_audit sysenter_exit: + +#ifdef CONFIG_PAX_RANDKSTACK @@ -22587,7 +22582,7 @@ index 31e2d5b..b31c76d 100644 PTGS_TO_GS ENABLE_INTERRUPTS_SYSEXIT -@@ -453,6 +638,9 @@ sysenter_audit: +@@ -456,6 +638,9 @@ sysenter_audit: pushl_cfi PT_ESI(%esp) /* a3: 5th arg */ pushl_cfi PT_EDX+4(%esp) /* a2: 4th arg */ call __audit_syscall_entry @@ -22597,7 +22592,7 @@ index 31e2d5b..b31c76d 100644 popl_cfi %ecx /* get that remapped edx off the stack */ popl_cfi %ecx /* get that remapped esi off the stack */ movl PT_EAX(%esp),%eax /* reload syscall number */ -@@ -479,10 +667,16 @@ sysexit_audit: +@@ -482,10 +667,16 @@ sysexit_audit: CFI_ENDPROC .pushsection .fixup,"ax" @@ -22616,7 +22611,7 @@ index 31e2d5b..b31c76d 100644 PTGS_TO_GS_EX ENDPROC(ia32_sysenter_target) -@@ -493,6 +687,11 @@ ENTRY(system_call) +@@ -496,6 +687,11 @@ ENTRY(system_call) pushl_cfi %eax # save orig_eax SAVE_ALL GET_THREAD_INFO(%ebp) @@ -22628,9 +22623,9 @@ index 31e2d5b..b31c76d 100644 # system call tracing in operation / emulation testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%ebp) jnz syscall_trace_entry -@@ -512,6 +711,15 @@ syscall_exit: +@@ -515,6 +711,15 @@ syscall_exit: testl $_TIF_ALLWORK_MASK, %ecx # current->work - jne syscall_exit_work + jnz syscall_exit_work +restore_all_pax: + @@ -22644,7 +22639,7 @@ index 31e2d5b..b31c76d 100644 restore_all: TRACE_IRQS_IRET restore_all_notrace: -@@ -566,14 +774,34 @@ ldt_ss: +@@ -569,14 +774,34 @@ ldt_ss: * compensating for the offset by changing to the ESPFIX segment with * a base address that matches for the difference. */ @@ -22667,7 +22662,7 @@ index 31e2d5b..b31c76d 100644 + +#ifdef CONFIG_PAX_KERNEXEC + mov %cr0, %esi -+ btr $16, %esi ++ btr $X86_CR0_WP_BIT, %esi + mov %esi, %cr0 +#endif + @@ -22675,14 +22670,14 @@ index 31e2d5b..b31c76d 100644 + mov %dh, 7 + GDT_ESPFIX_SS /* bits 24..31 */ + +#ifdef CONFIG_PAX_KERNEXEC -+ bts $16, %esi ++ bts $X86_CR0_WP_BIT, %esi + mov %esi, %cr0 +#endif + pushl_cfi $__ESPFIX_SS pushl_cfi %eax /* new kernel esp */ /* Disable interrupts, but do not irqtrace this section: we -@@ -603,20 +831,18 @@ work_resched: +@@ -606,20 +831,18 @@ work_resched: movl TI_flags(%ebp), %ecx andl $_TIF_WORK_MASK, %ecx # is there any work to be done other # than syscall tracing? @@ -22697,7 +22692,7 @@ index 31e2d5b..b31c76d 100644 #ifdef CONFIG_VM86 testl $X86_EFLAGS_VM, PT_EFLAGS(%esp) - movl %esp, %eax - jne work_notifysig_v86 # returning to kernel-space or + jnz work_notifysig_v86 # returning to kernel-space or # vm86-space 1: -#else @@ -22705,7 +22700,7 @@ index 31e2d5b..b31c76d 100644 #endif TRACE_IRQS_ON ENABLE_INTERRUPTS(CLBR_NONE) -@@ -637,7 +863,7 @@ work_notifysig_v86: +@@ -640,7 +863,7 @@ work_notifysig_v86: movl %eax, %esp jmp 1b #endif @@ -22714,7 +22709,7 @@ index 31e2d5b..b31c76d 100644 # perform syscall exit tracing ALIGN -@@ -645,11 +871,14 @@ syscall_trace_entry: +@@ -648,11 +871,14 @@ syscall_trace_entry: movl $-ENOSYS,PT_EAX(%esp) movl %esp, %eax call syscall_trace_enter @@ -22730,7 +22725,7 @@ index 31e2d5b..b31c76d 100644 # perform syscall exit tracing ALIGN -@@ -662,26 +891,30 @@ syscall_exit_work: +@@ -665,26 +891,30 @@ syscall_exit_work: movl %esp, %eax call syscall_trace_leave jmp resume_userspace @@ -22765,7 +22760,7 @@ index 31e2d5b..b31c76d 100644 CFI_ENDPROC .macro FIXUP_ESPFIX_STACK -@@ -694,8 +927,15 @@ END(sysenter_badsys) +@@ -697,8 +927,15 @@ END(sysenter_badsys) */ #ifdef CONFIG_X86_ESPFIX32 /* fixup the stack */ @@ -22783,16 +22778,16 @@ index 31e2d5b..b31c76d 100644 shl $16, %eax addl %esp, %eax /* the adjusted stack pointer */ pushl_cfi $__KERNEL_DS -@@ -751,7 +991,7 @@ vector=vector+1 - .endr - 2: jmp common_interrupt - .endr +@@ -737,7 +974,7 @@ ENTRY(irq_entries_start) + CFI_ADJUST_CFA_OFFSET -4 + .align 8 + .endr -END(irq_entries_start) +ENDPROC(irq_entries_start) - .previous - END(interrupt) -@@ -808,7 +1048,7 @@ ENTRY(coprocessor_error) + /* + * the CPU automatically disables interrupts when executing an IRQ vector, +@@ -790,7 +1027,7 @@ ENTRY(coprocessor_error) pushl_cfi $do_coprocessor_error jmp error_code CFI_ENDPROC @@ -22801,16 +22796,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(simd_coprocessor_error) RING0_INT_FRAME -@@ -821,7 +1061,7 @@ ENTRY(simd_coprocessor_error) - .section .altinstructions,"a" - altinstruction_entry 661b, 663f, X86_FEATURE_XMM, 662b-661b, 664f-663f - .previous --.section .altinstr_replacement,"ax" -+.section .altinstr_replacement,"a" - 663: pushl $do_simd_coprocessor_error - 664: - .previous -@@ -830,7 +1070,7 @@ ENTRY(simd_coprocessor_error) +@@ -806,7 +1043,7 @@ ENTRY(simd_coprocessor_error) #endif jmp error_code CFI_ENDPROC @@ -22819,7 +22805,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(device_not_available) RING0_INT_FRAME -@@ -839,18 +1079,18 @@ ENTRY(device_not_available) +@@ -815,18 +1052,18 @@ ENTRY(device_not_available) pushl_cfi $do_device_not_available jmp error_code CFI_ENDPROC @@ -22841,7 +22827,7 @@ index 31e2d5b..b31c76d 100644 #endif ENTRY(overflow) -@@ -860,7 +1100,7 @@ ENTRY(overflow) +@@ -836,7 +1073,7 @@ ENTRY(overflow) pushl_cfi $do_overflow jmp error_code CFI_ENDPROC @@ -22850,7 +22836,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(bounds) RING0_INT_FRAME -@@ -869,7 +1109,7 @@ ENTRY(bounds) +@@ -845,7 +1082,7 @@ ENTRY(bounds) pushl_cfi $do_bounds jmp error_code CFI_ENDPROC @@ -22859,7 +22845,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(invalid_op) RING0_INT_FRAME -@@ -878,7 +1118,7 @@ ENTRY(invalid_op) +@@ -854,7 +1091,7 @@ ENTRY(invalid_op) pushl_cfi $do_invalid_op jmp error_code CFI_ENDPROC @@ -22868,7 +22854,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(coprocessor_segment_overrun) RING0_INT_FRAME -@@ -887,7 +1127,7 @@ ENTRY(coprocessor_segment_overrun) +@@ -863,7 +1100,7 @@ ENTRY(coprocessor_segment_overrun) pushl_cfi $do_coprocessor_segment_overrun jmp error_code CFI_ENDPROC @@ -22877,7 +22863,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(invalid_TSS) RING0_EC_FRAME -@@ -895,7 +1135,7 @@ ENTRY(invalid_TSS) +@@ -871,7 +1108,7 @@ ENTRY(invalid_TSS) pushl_cfi $do_invalid_TSS jmp error_code CFI_ENDPROC @@ -22886,7 +22872,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(segment_not_present) RING0_EC_FRAME -@@ -903,7 +1143,7 @@ ENTRY(segment_not_present) +@@ -879,7 +1116,7 @@ ENTRY(segment_not_present) pushl_cfi $do_segment_not_present jmp error_code CFI_ENDPROC @@ -22895,7 +22881,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(stack_segment) RING0_EC_FRAME -@@ -911,7 +1151,7 @@ ENTRY(stack_segment) +@@ -887,7 +1124,7 @@ ENTRY(stack_segment) pushl_cfi $do_stack_segment jmp error_code CFI_ENDPROC @@ -22904,7 +22890,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(alignment_check) RING0_EC_FRAME -@@ -919,7 +1159,7 @@ ENTRY(alignment_check) +@@ -895,7 +1132,7 @@ ENTRY(alignment_check) pushl_cfi $do_alignment_check jmp error_code CFI_ENDPROC @@ -22913,7 +22899,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(divide_error) RING0_INT_FRAME -@@ -928,7 +1168,7 @@ ENTRY(divide_error) +@@ -904,7 +1141,7 @@ ENTRY(divide_error) pushl_cfi $do_divide_error jmp error_code CFI_ENDPROC @@ -22922,7 +22908,7 @@ index 31e2d5b..b31c76d 100644 #ifdef CONFIG_X86_MCE ENTRY(machine_check) -@@ -938,7 +1178,7 @@ ENTRY(machine_check) +@@ -914,7 +1151,7 @@ ENTRY(machine_check) pushl_cfi machine_check_vector jmp error_code CFI_ENDPROC @@ -22931,7 +22917,7 @@ index 31e2d5b..b31c76d 100644 #endif ENTRY(spurious_interrupt_bug) -@@ -948,7 +1188,7 @@ ENTRY(spurious_interrupt_bug) +@@ -924,7 +1161,7 @@ ENTRY(spurious_interrupt_bug) pushl_cfi $do_spurious_interrupt_bug jmp error_code CFI_ENDPROC @@ -22940,7 +22926,7 @@ index 31e2d5b..b31c76d 100644 #ifdef CONFIG_XEN /* Xen doesn't set %esp to be precisely what the normal sysenter -@@ -1057,7 +1297,7 @@ BUILD_INTERRUPT3(hyperv_callback_vector, HYPERVISOR_CALLBACK_VECTOR, +@@ -1033,7 +1270,7 @@ BUILD_INTERRUPT3(hyperv_callback_vector, HYPERVISOR_CALLBACK_VECTOR, ENTRY(mcount) ret @@ -22949,7 +22935,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(ftrace_caller) pushl %eax -@@ -1087,7 +1327,7 @@ ftrace_graph_call: +@@ -1063,7 +1300,7 @@ ftrace_graph_call: .globl ftrace_stub ftrace_stub: ret @@ -22958,7 +22944,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(ftrace_regs_caller) pushf /* push flags before compare (in cs location) */ -@@ -1185,7 +1425,7 @@ trace: +@@ -1161,7 +1398,7 @@ trace: popl %ecx popl %eax jmp ftrace_stub @@ -22967,7 +22953,7 @@ index 31e2d5b..b31c76d 100644 #endif /* CONFIG_DYNAMIC_FTRACE */ #endif /* CONFIG_FUNCTION_TRACER */ -@@ -1203,7 +1443,7 @@ ENTRY(ftrace_graph_caller) +@@ -1179,7 +1416,7 @@ ENTRY(ftrace_graph_caller) popl %ecx popl %eax ret @@ -22976,7 +22962,7 @@ index 31e2d5b..b31c76d 100644 .globl return_to_handler return_to_handler: -@@ -1264,15 +1504,18 @@ error_code: +@@ -1233,15 +1470,18 @@ error_code: movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart REG_TO_PTGS %ecx SET_KERNEL_GS %ecx @@ -22997,7 +22983,7 @@ index 31e2d5b..b31c76d 100644 /* * Debug traps and NMI can happen at the one SYSENTER instruction -@@ -1315,7 +1558,7 @@ debug_stack_correct: +@@ -1284,7 +1524,7 @@ debug_stack_correct: call do_debug jmp ret_from_exception CFI_ENDPROC @@ -23006,7 +22992,7 @@ index 31e2d5b..b31c76d 100644 /* * NMI is doubly nasty. It can happen _while_ we're handling -@@ -1355,6 +1598,9 @@ nmi_stack_correct: +@@ -1324,6 +1564,9 @@ nmi_stack_correct: xorl %edx,%edx # zero error code movl %esp,%eax # pt_regs pointer call do_nmi @@ -23016,7 +23002,7 @@ index 31e2d5b..b31c76d 100644 jmp restore_all_notrace CFI_ENDPROC -@@ -1392,13 +1638,16 @@ nmi_espfix_stack: +@@ -1361,13 +1604,16 @@ nmi_espfix_stack: FIXUP_ESPFIX_STACK # %eax == %esp xorl %edx,%edx # zero error code call do_nmi @@ -23034,7 +23020,7 @@ index 31e2d5b..b31c76d 100644 ENTRY(int3) RING0_INT_FRAME -@@ -1411,14 +1660,14 @@ ENTRY(int3) +@@ -1380,14 +1626,14 @@ ENTRY(int3) call do_int3 jmp ret_from_exception CFI_ENDPROC @@ -23051,7 +23037,7 @@ index 31e2d5b..b31c76d 100644 #ifdef CONFIG_KVM_GUEST ENTRY(async_page_fault) -@@ -1427,6 +1676,6 @@ ENTRY(async_page_fault) +@@ -1396,6 +1642,6 @@ ENTRY(async_page_fault) pushl_cfi $do_async_page_fault jmp error_code CFI_ENDPROC @@ -23060,10 +23046,10 @@ index 31e2d5b..b31c76d 100644 #endif diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S -index f0095a7..7ece039 100644 +index 02c2eff..bd9cb4d 100644 --- a/arch/x86/kernel/entry_64.S +++ b/arch/x86/kernel/entry_64.S -@@ -59,6 +59,8 @@ +@@ -46,6 +46,8 @@ #include <asm/smap.h> #include <asm/pgtable_types.h> #include <linux/err.h> @@ -23072,7 +23058,7 @@ index f0095a7..7ece039 100644 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ #include <linux/elf-em.h> -@@ -81,6 +83,431 @@ ENTRY(native_usergs_sysret64) +@@ -64,6 +66,401 @@ ENTRY(native_usergs_sysret64) ENDPROC(native_usergs_sysret64) #endif /* CONFIG_PARAVIRT */ @@ -23123,13 +23109,7 @@ index f0095a7..7ece039 100644 +#endif + +#ifdef CONFIG_PAX_MEMORY_UDEREF -+ 661: jmp 111f -+ .pushsection .altinstr_replacement, "a" -+ 662: ASM_NOP2 -+ .popsection -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 661b, 662b, X86_FEATURE_PCID, 2, 2 -+ .popsection ++ ALTERNATIVE "jmp 111f", "", X86_FEATURE_PCID + GET_CR3_INTO_RDI + cmp $0,%dil + jnz 112f @@ -23181,13 +23161,7 @@ index f0095a7..7ece039 100644 +#endif + +#ifdef CONFIG_PAX_MEMORY_UDEREF -+ 661: jmp 111f -+ .pushsection .altinstr_replacement, "a" -+ 662: ASM_NOP2 -+ .popsection -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 661b, 662b, X86_FEATURE_PCID, 2, 2 -+ .popsection ++ ALTERNATIVE "jmp 111f", "", X86_FEATURE_PCID + mov %ss,%edi + cmp $__UDEREF_KERNEL_DS,%edi + jnz 111f @@ -23253,13 +23227,7 @@ index f0095a7..7ece039 100644 + PV_SAVE_REGS(CLBR_RDI) +#endif + -+ 661: jmp 111f -+ .pushsection .altinstr_replacement, "a" -+ 662: ASM_NOP2 -+ .popsection -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 661b, 662b, X86_FEATURE_PCID, 2, 2 -+ .popsection ++ ALTERNATIVE "jmp 111f", "", X86_FEATURE_PCID + GET_CR3_INTO_RDI + cmp $1,%dil + jnz 4f @@ -23327,13 +23295,7 @@ index f0095a7..7ece039 100644 +#endif + + GET_CR3_INTO_RDI -+ 661: jmp 1f -+ .pushsection .altinstr_replacement, "a" -+ 662: ASM_NOP2 -+ .popsection -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 661b, 662b, X86_FEATURE_PCID, 2, 2 -+ .popsection ++ ALTERNATIVE "jmp 1f", "", X86_FEATURE_PCID + cmp $0,%dil + jnz 3f + add $4097,%rdi @@ -23401,13 +23363,7 @@ index f0095a7..7ece039 100644 +#endif + +#ifdef CONFIG_PAX_MEMORY_UDEREF -+ 661: jmp 111f -+ .pushsection .altinstr_replacement, "a" -+ 662: ASM_NOP2 -+ .popsection -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 661b, 662b, X86_FEATURE_PCID, 2, 2 -+ .popsection ++ ALTERNATIVE "jmp 111f", "", X86_FEATURE_PCID + GET_CR3_INTO_RDI + cmp $0,%dil + jz 111f @@ -23502,247 +23458,160 @@ index f0095a7..7ece039 100644 +ENDPROC(pax_erase_kstack) +#endif - .macro TRACE_IRQS_IRETQ offset=ARGOFFSET + .macro TRACE_IRQS_IRETQ #ifdef CONFIG_TRACE_IRQFLAGS -@@ -117,7 +544,7 @@ ENDPROC(native_usergs_sysret64) +@@ -100,7 +497,7 @@ ENDPROC(native_usergs_sysret64) .endm - .macro TRACE_IRQS_IRETQ_DEBUG offset=ARGOFFSET -- bt $9,EFLAGS-\offset(%rsp) /* interrupts off? */ -+ bt $X86_EFLAGS_IF_BIT,EFLAGS-\offset(%rsp) /* interrupts off? */ + .macro TRACE_IRQS_IRETQ_DEBUG +- bt $9,EFLAGS(%rsp) /* interrupts off? */ ++ bt $X86_EFLAGS_IF_BIT,EFLAGS(%rsp) /* interrupts off? */ jnc 1f TRACE_IRQS_ON_DEBUG 1: -@@ -243,9 +670,52 @@ ENTRY(save_paranoid) - js 1f /* negative -> in kernel */ - SWAPGS - xorl %ebx,%ebx --1: ret -+1: -+#ifdef CONFIG_PAX_MEMORY_UDEREF -+ testb $3, CS+8(%rsp) -+ jnz 1f -+ pax_enter_kernel -+ jmp 2f -+1: pax_enter_kernel_user -+2: -+#else -+ pax_enter_kernel +@@ -221,14 +618,6 @@ GLOBAL(system_call_after_swapgs) + /* Construct struct pt_regs on stack */ + pushq_cfi $__USER_DS /* pt_regs->ss */ + pushq_cfi PER_CPU_VAR(rsp_scratch) /* pt_regs->sp */ +- /* +- * Re-enable interrupts. +- * We use 'rsp_scratch' as a scratch space, hence irq-off block above +- * must execute atomically in the face of possible interrupt-driven +- * task preemption. We must enable interrupts only after we're done +- * with using rsp_scratch: +- */ +- ENABLE_INTERRUPTS(CLBR_NONE) + pushq_cfi %r11 /* pt_regs->flags */ + pushq_cfi $__USER_CS /* pt_regs->cs */ + pushq_cfi %rcx /* pt_regs->ip */ +@@ -246,7 +635,27 @@ GLOBAL(system_call_after_swapgs) + sub $(6*8),%rsp /* pt_regs->bp,bx,r12-15 not saved */ + CFI_ADJUST_CFA_OFFSET 6*8 + +- testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 +#endif -+ pax_force_retaddr -+ ret - CFI_ENDPROC --END(save_paranoid) -+ENDPROC(save_paranoid) + -+ENTRY(save_paranoid_nmi) -+ XCPT_FRAME 1 RDI+8 -+ cld -+ movq_cfi rdi, RDI+8 -+ movq_cfi rsi, RSI+8 -+ movq_cfi rdx, RDX+8 -+ movq_cfi rcx, RCX+8 -+ movq_cfi rax, RAX+8 -+ movq_cfi r8, R8+8 -+ movq_cfi r9, R9+8 -+ movq_cfi r10, R10+8 -+ movq_cfi r11, R11+8 -+ movq_cfi rbx, RBX+8 -+ movq_cfi rbp, RBP+8 -+ movq_cfi r12, R12+8 -+ movq_cfi r13, R13+8 -+ movq_cfi r14, R14+8 -+ movq_cfi r15, R15+8 -+ movl $1,%ebx -+ movl $MSR_GS_BASE,%ecx -+ rdmsr -+ testl %edx,%edx -+ js 1f /* negative -> in kernel */ -+ SWAPGS -+ xorl %ebx,%ebx -+1: pax_enter_kernel_nmi -+ pax_force_retaddr -+ ret -+ CFI_ENDPROC -+ENDPROC(save_paranoid_nmi) - - /* - * A newly forked process directly context switches into this address. -@@ -266,7 +736,7 @@ ENTRY(ret_from_fork) - - RESTORE_REST - -- testl $3, CS-ARGOFFSET(%rsp) # from kernel_thread? -+ testb $3, CS-ARGOFFSET(%rsp) # from kernel_thread? - jz 1f - - /* -@@ -279,15 +749,13 @@ ENTRY(ret_from_fork) - jmp int_ret_from_sys_call - - 1: -- subq $REST_SKIP, %rsp # leave space for volatiles -- CFI_ADJUST_CFA_OFFSET REST_SKIP - movq %rbp, %rdi - call *%rbx - movl $0, RAX(%rsp) - RESTORE_REST - jmp int_ret_from_sys_call - CFI_ENDPROC --END(ret_from_fork) -+ENDPROC(ret_from_fork) - - /* - * System call entry. Up to 6 arguments in registers are supported. -@@ -324,7 +792,7 @@ END(ret_from_fork) - ENTRY(system_call) - CFI_STARTPROC simple - CFI_SIGNAL_FRAME -- CFI_DEF_CFA rsp,KERNEL_STACK_OFFSET -+ CFI_DEF_CFA rsp,0 - CFI_REGISTER rip,rcx - /*CFI_REGISTER rflags,r11*/ - SWAPGS_UNSAFE_STACK -@@ -337,16 +805,23 @@ GLOBAL(system_call_after_swapgs) - - movq %rsp,PER_CPU_VAR(old_rsp) - movq PER_CPU_VAR(kernel_stack),%rsp -+ SAVE_ARGS 8*6, 0, rax_enosys=1 + pax_enter_kernel_user + +#ifdef CONFIG_PAX_RANDKSTACK + pax_erase_kstack +#endif + - /* - * No need to follow this irqs off/on section - it's straight - * and short: - */ - ENABLE_INTERRUPTS(CLBR_NONE) -- SAVE_ARGS 8, 0, rax_enosys=1 - movq_cfi rax,(ORIG_RAX-ARGOFFSET) - movq %rcx,RIP-ARGOFFSET(%rsp) - CFI_REL_OFFSET rip,RIP-ARGOFFSET -- testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) ++ /* ++ * Re-enable interrupts. ++ * We use 'rsp_scratch' as a scratch space, hence irq-off block above ++ * must execute atomically in the face of possible interrupt-driven ++ * task preemption. We must enable interrupts only after we're done ++ * with using rsp_scratch: ++ */ ++ ENABLE_INTERRUPTS(CLBR_NONE) ++ + GET_THREAD_INFO(%rcx) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%rcx) jnz tracesys system_call_fastpath: #if __SYSCALL_MASK == ~0 -@@ -376,10 +851,13 @@ ret_from_sys_call: +@@ -279,10 +688,13 @@ system_call_fastpath: * flags (TIF_NOTIFY_RESUME, TIF_USER_RETURN_NOTIFY, etc) set is * very bad. */ -- testl $_TIF_ALLWORK_MASK,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- testl $_TIF_ALLWORK_MASK, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS) + GET_THREAD_INFO(%rcx) + testl $_TIF_ALLWORK_MASK,TI_flags(%rcx) - jnz int_ret_from_sys_call_fixup /* Go the the slow path */ + jnz int_ret_from_sys_call_irqs_off /* Go to the slow path */ CFI_REMEMBER_STATE + pax_exit_kernel_user + pax_erase_kstack - /* - * sysretq will re-enable interrupts: - */ -@@ -399,12 +877,15 @@ int_ret_from_sys_call_fixup: - /* Do syscall tracing */ - tracesys: -- leaq -REST_SKIP(%rsp), %rdi -+ movq %rsp, %rdi - movq $AUDIT_ARCH_X86_64, %rsi + RESTORE_C_REGS_EXCEPT_RCX_R11 + movq RIP(%rsp),%rcx +@@ -316,6 +728,9 @@ tracesys: call syscall_trace_enter_phase1 test %rax, %rax jnz tracesys_phase2 /* if needed, run the slow path */ -- LOAD_ARGS 0 /* else restore clobbered regs */ + + pax_erase_kstack + -+ LOAD_ARGS /* else restore clobbered regs */ + RESTORE_C_REGS_EXCEPT_RAX /* else restore clobbered regs */ + movq ORIG_RAX(%rsp), %rax jmp system_call_fastpath /* and return to the fast path */ - - tracesys_phase2: -@@ -415,12 +896,14 @@ tracesys_phase2: +@@ -327,6 +742,8 @@ tracesys_phase2: movq %rax,%rdx call syscall_trace_enter_phase2 + pax_erase_kstack + /* - * Reload arg registers from stack in case ptrace changed them. + * Reload registers from stack in case ptrace changed them. * We don't reload %rax because syscall_trace_entry_phase2() returned - * the value it wants us to use in the table lookup. - */ -- LOAD_ARGS ARGOFFSET, 1 -+ LOAD_ARGS 1 - RESTORE_REST - #if __SYSCALL_MASK == ~0 - cmpq $__NR_syscall_max,%rax -@@ -451,7 +934,9 @@ GLOBAL(int_with_check) +@@ -364,6 +781,8 @@ GLOBAL(int_with_check) andl %edi,%edx jnz int_careful - andl $~TS_COMPAT,TI_status(%rcx) -- jmp retint_swapgs + andl $~TS_COMPAT,TI_status(%rcx) + pax_exit_kernel_user + pax_erase_kstack -+ jmp retint_swapgs_pax + jmp syscall_return /* Either reschedule or signal or syscall exit tracking needed. */ - /* First do a reschedule test. */ -@@ -497,7 +982,7 @@ int_restore_rest: - TRACE_IRQS_OFF - jmp int_with_check +@@ -485,7 +904,7 @@ opportunistic_sysret_failed: + SWAPGS + jmp restore_c_regs_and_iret CFI_ENDPROC -END(system_call) +ENDPROC(system_call) + .macro FORK_LIKE func - ENTRY(stub_\func) -@@ -510,9 +995,10 @@ ENTRY(stub_\func) - DEFAULT_FRAME 0 8 /* offset 8: return address */ - call sys_\func - RESTORE_TOP_OF_STACK %r11, 8 -- ret $REST_SKIP /* pop extended registers */ -+ pax_force_retaddr -+ ret +@@ -495,7 +914,7 @@ ENTRY(stub_\func) + SAVE_EXTRA_REGS 8 + jmp sys_\func CFI_ENDPROC -END(stub_\func) +ENDPROC(stub_\func) .endm - .macro FIXED_FRAME label,func -@@ -522,9 +1008,10 @@ ENTRY(\label) - FIXUP_TOP_OF_STACK %r11, 8-ARGOFFSET - call \func - RESTORE_TOP_OF_STACK %r11, 8-ARGOFFSET -+ pax_force_retaddr - ret - CFI_ENDPROC --END(\label) -+ENDPROC(\label) - .endm - FORK_LIKE clone -@@ -543,7 +1030,7 @@ ENTRY(stub_execve) - RESTORE_REST - jmp int_ret_from_sys_call +@@ -519,7 +938,7 @@ return_from_execve: + movq %rax,RAX(%rsp) + jmp int_ret_from_sys_call CFI_ENDPROC -END(stub_execve) +ENDPROC(stub_execve) - - ENTRY(stub_execveat) - CFI_STARTPROC -@@ -557,7 +1044,7 @@ ENTRY(stub_execveat) - RESTORE_REST - jmp int_ret_from_sys_call + /* + * Remaining execve stubs are only 7 bytes long. + * ENTRY() often aligns to 16 bytes, which in this case has no benefits. +@@ -531,7 +950,7 @@ GLOBAL(stub_execveat) + call sys_execveat + jmp return_from_execve CFI_ENDPROC -END(stub_execveat) +ENDPROC(stub_execveat) - /* - * sigreturn is special because it needs to restore all registers on return. -@@ -574,7 +1061,7 @@ ENTRY(stub_rt_sigreturn) - RESTORE_REST + #ifdef CONFIG_X86_X32_ABI + .align 8 +@@ -541,7 +960,7 @@ GLOBAL(stub_x32_execve) + call compat_sys_execve + jmp return_from_execve + CFI_ENDPROC +-END(stub_x32_execve) ++ENDPROC(stub_x32_execve) + .align 8 + GLOBAL(stub_x32_execveat) + CFI_STARTPROC +@@ -549,7 +968,7 @@ GLOBAL(stub_x32_execveat) + call compat_sys_execveat + jmp return_from_execve + CFI_ENDPROC +-END(stub_x32_execveat) ++ENDPROC(stub_x32_execveat) + #endif + + #ifdef CONFIG_IA32_EMULATION +@@ -592,7 +1011,7 @@ return_from_stub: + movq %rax,RAX(%rsp) jmp int_ret_from_sys_call CFI_ENDPROC -END(stub_rt_sigreturn) @@ -23750,90 +23619,75 @@ index f0095a7..7ece039 100644 #ifdef CONFIG_X86_X32_ABI ENTRY(stub_x32_rt_sigreturn) -@@ -588,7 +1075,7 @@ ENTRY(stub_x32_rt_sigreturn) - RESTORE_REST - jmp int_ret_from_sys_call +@@ -602,7 +1021,7 @@ ENTRY(stub_x32_rt_sigreturn) + call sys32_x32_rt_sigreturn + jmp return_from_stub CFI_ENDPROC -END(stub_x32_rt_sigreturn) +ENDPROC(stub_x32_rt_sigreturn) + #endif - ENTRY(stub_x32_execve) - CFI_STARTPROC -@@ -602,7 +1089,7 @@ ENTRY(stub_x32_execve) - RESTORE_REST - jmp int_ret_from_sys_call - CFI_ENDPROC --END(stub_x32_execve) -+ENDPROC(stub_x32_execve) + /* +@@ -622,7 +1041,7 @@ ENTRY(ret_from_fork) - ENTRY(stub_x32_execveat) - CFI_STARTPROC -@@ -616,7 +1103,7 @@ ENTRY(stub_x32_execveat) - RESTORE_REST + RESTORE_EXTRA_REGS + +- testl $3,CS(%rsp) # from kernel_thread? ++ testb $3,CS(%rsp) # from kernel_thread? + + /* + * By the time we get here, we have no idea whether our pt_regs, +@@ -641,7 +1060,7 @@ ENTRY(ret_from_fork) + RESTORE_EXTRA_REGS jmp int_ret_from_sys_call CFI_ENDPROC --END(stub_x32_execveat) -+ENDPROC(stub_x32_execveat) - - #endif +-END(ret_from_fork) ++ENDPROC(ret_from_fork) -@@ -653,7 +1140,7 @@ vector=vector+1 - 2: jmp common_interrupt - .endr + /* + * Build the entry stubs with some assembler magic. +@@ -659,7 +1078,7 @@ ENTRY(irq_entries_start) + .align 8 + .endr CFI_ENDPROC -END(irq_entries_start) +ENDPROC(irq_entries_start) - .previous - END(interrupt) -@@ -670,28 +1157,29 @@ END(interrupt) + /* + * Interrupt entry/exit. +@@ -672,21 +1091,13 @@ END(irq_entries_start) /* 0(%rsp): ~(interrupt number) */ .macro interrupt func - /* reserve pt_regs for scratch regs and rbp */ -- subq $ORIG_RAX-RBP, %rsp -- CFI_ADJUST_CFA_OFFSET ORIG_RAX-RBP -+ subq $ORIG_RAX, %rsp -+ CFI_ADJUST_CFA_OFFSET ORIG_RAX cld -- /* start from rbp in pt_regs and jump over */ -- movq_cfi rdi, (RDI-RBP) -- movq_cfi rsi, (RSI-RBP) -- movq_cfi rdx, (RDX-RBP) -- movq_cfi rcx, (RCX-RBP) -- movq_cfi rax, (RAX-RBP) -- movq_cfi r8, (R8-RBP) -- movq_cfi r9, (R9-RBP) -- movq_cfi r10, (R10-RBP) -- movq_cfi r11, (R11-RBP) -+ /* start from r15 in pt_regs and jump over */ -+ movq_cfi rdi, RDI -+ movq_cfi rsi, RSI -+ movq_cfi rdx, RDX -+ movq_cfi rcx, RCX -+ movq_cfi rax, RAX -+ movq_cfi r8, R8 -+ movq_cfi r9, R9 -+ movq_cfi r10, R10 -+ movq_cfi r11, R11 -+ movq_cfi r12, R12 - - /* Save rbp so that we can unwind from get_irq_regs() */ -- movq_cfi rbp, 0 -+ movq_cfi rbp, RBP - - /* Save previous stack value */ - movq %rsp, %rsi - -- leaq -RBP(%rsp),%rdi /* arg1 for handler */ -- testl $3, CS-RBP(%rsi) -+ movq %rsp,%rdi /* arg1 for handler */ -+ testb $3, CS(%rsi) +- /* +- * Since nothing in interrupt handling code touches r12...r15 members +- * of "struct pt_regs", and since interrupts can nest, we can save +- * four stack slots and simultaneously provide +- * an unwind-friendly stack layout by saving "truncated" pt_regs +- * exactly up to rbp slot, without these members. +- */ +- ALLOC_PT_GPREGS_ON_STACK -RBP +- SAVE_C_REGS -RBP +- /* this goes to 0(%rsp) for unwinder, not for saving the value: */ +- SAVE_EXTRA_REGS_RBP -RBP ++ ALLOC_PT_GPREGS_ON_STACK ++ SAVE_C_REGS ++ SAVE_EXTRA_REGS + +- leaq -RBP(%rsp),%rdi /* arg1 for \func (pointer to pt_regs) */ ++ movq %rsp,%rdi /* arg1 for \func (pointer to pt_regs) */ + +- testl $3, CS-RBP(%rsp) ++ testb $3, CS(%rsp) je 1f SWAPGS - /* -@@ -711,6 +1199,18 @@ END(interrupt) + 1: +@@ -709,8 +1120,20 @@ END(irq_entries_start) + CFI_ESCAPE 0x0f /* DW_CFA_def_cfa_expression */, 6, \ + 0x77 /* DW_OP_breg7 (rsp) */, 0, \ 0x06 /* DW_OP_deref */, \ - 0x08 /* DW_OP_const1u */, SS+8-RBP, \ +- 0x08 /* DW_OP_const1u */, SIZEOF_PTREGS-RBP, \ ++ 0x08 /* DW_OP_const1u */, SIZEOF_PTREGS, \ 0x22 /* DW_OP_plus */ + +#ifdef CONFIG_PAX_MEMORY_UDEREF @@ -23850,57 +23704,38 @@ index f0095a7..7ece039 100644 /* We entered an interrupt context - irqs are off: */ TRACE_IRQS_OFF -@@ -735,14 +1235,14 @@ ret_from_intr: +@@ -735,13 +1158,12 @@ ret_from_intr: /* Restore saved previous stack */ popq %rsi -- CFI_DEF_CFA rsi,SS+8-RBP /* reg/off reset after def_cfa_expr */ -- leaq ARGOFFSET-RBP(%rsi), %rsp -+ CFI_DEF_CFA rsi,SS+8 /* reg/off reset after def_cfa_expr */ +- CFI_DEF_CFA rsi,SIZEOF_PTREGS-RBP /* reg/off reset after def_cfa_expr */ +- /* return code expects complete pt_regs - adjust rsp accordingly: */ +- leaq -RBP(%rsi),%rsp ++ CFI_DEF_CFA rsi,SIZEOF_PTREGS /* reg/off reset after def_cfa_expr */ + movq %rsi, %rsp CFI_DEF_CFA_REGISTER rsp -- CFI_ADJUST_CFA_OFFSET RBP-ARGOFFSET -+ CFI_ADJUST_CFA_OFFSET -ARGOFFSET +- CFI_ADJUST_CFA_OFFSET RBP ++ CFI_ADJUST_CFA_OFFSET 0 - exit_intr: - GET_THREAD_INFO(%rcx) -- testl $3,CS-ARGOFFSET(%rsp) -+ testb $3,CS-ARGOFFSET(%rsp) +- testl $3,CS(%rsp) ++ testb $3,CS(%rsp) je retint_kernel - /* Interrupt came from user space */ -@@ -764,14 +1264,16 @@ retint_swapgs: /* return to user-space */ + +@@ -763,6 +1185,8 @@ retint_swapgs: /* return to user-space */ * The iretq could re-enable interrupts: */ DISABLE_INTERRUPTS(CLBR_ANY) + pax_exit_kernel_user -+retint_swapgs_pax: ++# pax_erase_kstack TRACE_IRQS_IRETQ - /* - * Try to use SYSRET instead of IRET if we're returning to - * a completely clean 64-bit userspace context. - */ -- movq (RCX-R11)(%rsp), %rcx -- cmpq %rcx,(RIP-R11)(%rsp) /* RCX == RIP */ -+ movq (RCX-ARGOFFSET)(%rsp), %rcx -+ cmpq %rcx,(RIP-ARGOFFSET)(%rsp) /* RCX == RIP */ - jne opportunistic_sysret_failed - - /* -@@ -792,7 +1294,7 @@ retint_swapgs: /* return to user-space */ - shr $__VIRTUAL_MASK_SHIFT, %rcx - jnz opportunistic_sysret_failed - -- cmpq $__USER_CS,(CS-R11)(%rsp) /* CS must match SYSRET */ -+ cmpq $__USER_CS,(CS-ARGOFFSET)(%rsp) /* CS must match SYSRET */ - jne opportunistic_sysret_failed - - movq (R11-ARGOFFSET)(%rsp), %r11 -@@ -838,6 +1340,27 @@ opportunistic_sysret_failed: - - retint_restore_args: /* return to kernel space */ - DISABLE_INTERRUPTS(CLBR_ANY) + SWAPGS +@@ -781,6 +1205,21 @@ retint_kernel: + jmp 0b + 1: + #endif ++ + pax_exit_kernel + +#if defined(CONFIG_EFI) && defined(CONFIG_PAX_KERNEXEC) @@ -23910,22 +23745,24 @@ index f0095a7..7ece039 100644 + * (BTS/OR) before starting any userland process; even before starting + * up the APs. + */ -+ .pushsection .altinstr_replacement, "a" -+ 601: pax_force_retaddr (RIP-ARGOFFSET) -+ 602: -+ .popsection -+ 603: .fill 602b-601b, 1, 0x90 -+ .pushsection .altinstructions, "a" -+ altinstruction_entry 603b, 601b, X86_FEATURE_ALWAYS, 602b-601b, 602b-601b -+ .popsection ++ ALTERNATIVE "", "pax_force_retaddr 16*8", X86_FEATURE_ALWAYS +#else -+ pax_force_retaddr (RIP-ARGOFFSET) ++ pax_force_retaddr RIP +#endif + /* * The iretq could re-enable interrupts: */ -@@ -875,15 +1398,15 @@ native_irq_return_ldt: +@@ -793,8 +1232,6 @@ retint_kernel: + restore_c_regs_and_iret: + RESTORE_C_REGS + REMOVE_PT_GPREGS_FROM_STACK 8 +- +-irq_return: + INTERRUPT_RETURN + + ENTRY(native_iret) +@@ -824,15 +1261,15 @@ native_irq_return_ldt: SWAPGS movq PER_CPU_VAR(espfix_waddr),%rdi movq %rax,(0*8)(%rdi) /* RAX */ @@ -23946,16 +23783,16 @@ index f0095a7..7ece039 100644 movq %rax,(4*8)(%rdi) andl $0xffff0000,%eax popq_cfi %rdi -@@ -937,7 +1460,7 @@ ENTRY(retint_kernel) - jmp exit_intr - #endif +@@ -875,7 +1312,7 @@ retint_signal: + jmp retint_with_reschedule + CFI_ENDPROC -END(common_interrupt) +ENDPROC(common_interrupt) /* * APIC interrupts. -@@ -951,7 +1474,7 @@ ENTRY(\sym) +@@ -889,7 +1326,7 @@ ENTRY(\sym) interrupt \do_sym jmp ret_from_intr CFI_ENDPROC @@ -23964,29 +23801,29 @@ index f0095a7..7ece039 100644 .endm #ifdef CONFIG_TRACING -@@ -1024,7 +1547,7 @@ apicinterrupt IRQ_WORK_VECTOR \ +@@ -962,7 +1399,7 @@ apicinterrupt IRQ_WORK_VECTOR \ /* * Exception entry points. */ --#define INIT_TSS_IST(x) PER_CPU_VAR(init_tss) + (TSS_ist + ((x) - 1) * 8) -+#define INIT_TSS_IST(x) (TSS_ist + ((x) - 1) * 8)(%r13) +-#define CPU_TSS_IST(x) PER_CPU_VAR(cpu_tss) + (TSS_ist + ((x) - 1) * 8) ++#define CPU_TSS_IST(x) (TSS_ist + ((x) - 1) * 8)(%r13) .macro idtentry sym do_sym has_error_code:req paranoid=0 shift_ist=-1 ENTRY(\sym) -@@ -1080,6 +1603,12 @@ ENTRY(\sym) +@@ -1018,6 +1455,12 @@ ENTRY(\sym) .endif .if \shift_ist != -1 +#ifdef CONFIG_SMP + imul $TSS_size, PER_CPU_VAR(cpu_number), %r13d -+ lea init_tss(%r13), %r13 ++ lea cpu_tss(%r13), %r13 +#else -+ lea init_tss(%rip), %r13 ++ lea cpu_tss(%rip), %r13 +#endif - subq $EXCEPTION_STKSZ, INIT_TSS_IST(\shift_ist) + subq $EXCEPTION_STKSZ, CPU_TSS_IST(\shift_ist) .endif -@@ -1126,7 +1655,7 @@ ENTRY(\sym) +@@ -1065,7 +1508,7 @@ ENTRY(\sym) .endif CFI_ENDPROC @@ -23995,7 +23832,7 @@ index f0095a7..7ece039 100644 .endm #ifdef CONFIG_TRACING -@@ -1167,9 +1696,10 @@ gs_change: +@@ -1106,9 +1549,10 @@ gs_change: 2: mfence /* workaround */ SWAPGS popfq_cfi @@ -24007,7 +23844,7 @@ index f0095a7..7ece039 100644 _ASM_EXTABLE(gs_change,bad_gs) .section .fixup,"ax" -@@ -1197,9 +1727,10 @@ ENTRY(do_softirq_own_stack) +@@ -1136,9 +1580,10 @@ ENTRY(do_softirq_own_stack) CFI_DEF_CFA_REGISTER rsp CFI_ADJUST_CFA_OFFSET -8 decl PER_CPU_VAR(irq_count) @@ -24019,7 +23856,7 @@ index f0095a7..7ece039 100644 #ifdef CONFIG_XEN idtentry xen_hypervisor_callback xen_do_hypervisor_callback has_error_code=0 -@@ -1240,7 +1771,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs) +@@ -1179,7 +1624,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs) #endif jmp error_exit CFI_ENDPROC @@ -24028,8 +23865,8 @@ index f0095a7..7ece039 100644 /* * Hypervisor uses this for application faults while it executes. -@@ -1299,7 +1830,7 @@ ENTRY(xen_failsafe_callback) - SAVE_ALL +@@ -1240,7 +1685,7 @@ ENTRY(xen_failsafe_callback) + SAVE_EXTRA_REGS jmp error_exit CFI_ENDPROC -END(xen_failsafe_callback) @@ -24037,26 +23874,70 @@ index f0095a7..7ece039 100644 apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \ xen_hvm_callback_vector xen_evtchn_do_upcall -@@ -1344,18 +1875,25 @@ ENTRY(paranoid_exit) +@@ -1286,9 +1731,39 @@ ENTRY(paranoid_entry) + js 1f /* negative -> in kernel */ + SWAPGS + xorl %ebx,%ebx +-1: ret ++1: ++#ifdef CONFIG_PAX_MEMORY_UDEREF ++ testb $3, CS+8(%rsp) ++ jnz 1f ++ pax_enter_kernel ++ jmp 2f ++1: pax_enter_kernel_user ++2: ++#else ++ pax_enter_kernel ++#endif ++ pax_force_retaddr ++ ret + CFI_ENDPROC +-END(paranoid_entry) ++ENDPROC(paranoid_entry) ++ ++ENTRY(paranoid_entry_nmi) ++ XCPT_FRAME 1 15*8 ++ cld ++ SAVE_C_REGS 8 ++ SAVE_EXTRA_REGS 8 ++ movl $1,%ebx ++ movl $MSR_GS_BASE,%ecx ++ rdmsr ++ testl %edx,%edx ++ js 1f /* negative -> in kernel */ ++ SWAPGS ++ xorl %ebx,%ebx ++1: pax_enter_kernel_nmi ++ pax_force_retaddr ++ ret ++ CFI_ENDPROC ++ENDPROC(paranoid_entry_nmi) + + /* + * "Paranoid" exit path from exception stack. This is invoked +@@ -1305,20 +1780,27 @@ ENTRY(paranoid_exit) DEFAULT_FRAME DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF_DEBUG - testl %ebx,%ebx /* swapgs needed? */ + testl $1,%ebx /* swapgs needed? */ - jnz paranoid_restore + jnz paranoid_exit_no_swapgs +#ifdef CONFIG_PAX_MEMORY_UDEREF + pax_exit_kernel_user +#else + pax_exit_kernel +#endif - TRACE_IRQS_IRETQ 0 + TRACE_IRQS_IRETQ SWAPGS_UNSAFE_STACK - RESTORE_ALL 8 - INTERRUPT_RETURN - paranoid_restore: + jmp paranoid_exit_restore + paranoid_exit_no_swapgs: + pax_exit_kernel - TRACE_IRQS_IRETQ_DEBUG 0 - RESTORE_ALL 8 + TRACE_IRQS_IRETQ_DEBUG + paranoid_exit_restore: + RESTORE_EXTRA_REGS + RESTORE_C_REGS + REMOVE_PT_GPREGS_FROM_STACK 8 + pax_force_retaddr_bts INTERRUPT_RETURN CFI_ENDPROC @@ -24064,10 +23945,10 @@ index f0095a7..7ece039 100644 +ENDPROC(paranoid_exit) /* - * Exception entry point. This expects an error code/orig_rax on the stack. -@@ -1382,12 +1920,23 @@ ENTRY(error_entry) - movq %r14, R14+8(%rsp) - movq %r15, R15+8(%rsp) + * Save all registers in pt_regs, and switch gs if needed. +@@ -1330,12 +1812,23 @@ ENTRY(error_entry) + SAVE_C_REGS 8 + SAVE_EXTRA_REGS 8 xorl %ebx,%ebx - testl $3,CS+8(%rsp) + testb $3,CS+8(%rsp) @@ -24089,8 +23970,8 @@ index f0095a7..7ece039 100644 + pax_force_retaddr ret - /* -@@ -1422,7 +1971,7 @@ error_bad_iret: + /* +@@ -1370,7 +1863,7 @@ error_bad_iret: decl %ebx /* Return to usergs */ jmp error_sti CFI_ENDPROC @@ -24098,8 +23979,8 @@ index f0095a7..7ece039 100644 +ENDPROC(error_entry) - /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */ -@@ -1433,7 +1982,7 @@ ENTRY(error_exit) + /* On entry, ebx is "no swapgs" flag (1: don't need swapgs, 0: need it) */ +@@ -1381,7 +1874,7 @@ ENTRY(error_exit) DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF GET_THREAD_INFO(%rcx) @@ -24108,85 +23989,410 @@ index f0095a7..7ece039 100644 jne retint_kernel LOCKDEP_SYS_EXIT_IRQ movl TI_flags(%rcx),%edx -@@ -1442,7 +1991,7 @@ ENTRY(error_exit) +@@ -1390,7 +1883,7 @@ ENTRY(error_exit) jnz retint_careful jmp retint_swapgs CFI_ENDPROC -END(error_exit) +ENDPROC(error_exit) - /* - * Test if a given stack is an NMI stack or not. -@@ -1500,9 +2049,11 @@ ENTRY(nmi) - * If %cs was not the kernel segment, then the NMI triggered in user - * space, which means it is definitely not nested. + /* Runs on exception stack */ + ENTRY(nmi) +@@ -1413,11 +1906,12 @@ ENTRY(nmi) + * If the variable is not set and the stack is not the NMI + * stack then: + * o Set the special variable on the stack +- * o Copy the interrupt frame into a "saved" location on the stack +- * o Copy the interrupt frame into a "copy" location on the stack ++ * o Copy the interrupt frame into an "outermost" location on the ++ * stack ++ * o Copy the interrupt frame into an "iret" location on the stack + * o Continue processing the NMI + * If the variable is set or the previous stack is the NMI stack: +- * o Modify the "copy" location to jump to the repeate_nmi ++ * o Modify the "iret" location to jump to the repeat_nmi + * o return back to the first NMI + * + * Now on exit of the first NMI, we first clear the stack variable +@@ -1426,32 +1920,177 @@ ENTRY(nmi) + * a nested NMI that updated the copy interrupt stack frame, a + * jump will be made to the repeat_nmi code that will handle the second + * NMI. ++ * ++ * However, espfix prevents us from directly returning to userspace ++ * with a single IRET instruction. Similarly, IRET to user mode ++ * can fault. We therefore handle NMIs from user space like ++ * other IST entries. */ -+ cmpl $__KERNEXEC_KERNEL_CS, 16(%rsp) -+ je 1f - cmpl $__KERNEL_CS, 16(%rsp) - jne first_nmi -- + + /* Use %rdx as our temp variable throughout */ + pushq_cfi %rdx + CFI_REL_OFFSET rdx, 0 + ++ testb $3, CS-RIP+8(%rsp) ++ jz .Lnmi_from_kernel ++ ++ /* ++ * NMI from user mode. We need to run on the thread stack, but we ++ * can't go through the normal entry paths: NMIs are masked, and ++ * we don't want to enable interrupts, because then we'll end ++ * up in an awkward situation in which IRQs are on but NMIs ++ * are off. ++ */ ++ ++ SWAPGS ++ cld ++ movq %rsp, %rdx ++ movq PER_CPU_VAR(kernel_stack), %rsp ++ pushq 5*8(%rdx) /* pt_regs->ss */ ++ pushq 4*8(%rdx) /* pt_regs->rsp */ ++ pushq 3*8(%rdx) /* pt_regs->flags */ ++ pushq 2*8(%rdx) /* pt_regs->cs */ ++ pushq 1*8(%rdx) /* pt_regs->rip */ ++ pushq $-1 /* pt_regs->orig_ax */ ++ pushq %rdi /* pt_regs->di */ ++ pushq %rsi /* pt_regs->si */ ++ pushq (%rdx) /* pt_regs->dx */ ++ pushq %rcx /* pt_regs->cx */ ++ pushq %rax /* pt_regs->ax */ ++ pushq %r8 /* pt_regs->r8 */ ++ pushq %r9 /* pt_regs->r9 */ ++ pushq %r10 /* pt_regs->r10 */ ++ pushq %r11 /* pt_regs->r11 */ ++ pushq %rbx /* pt_regs->rbx */ ++ pushq %rbp /* pt_regs->rbp */ ++ pushq %r12 /* pt_regs->r12 */ ++ pushq %r13 /* pt_regs->r13 */ ++ pushq %r14 /* pt_regs->r14 */ ++ pushq %r15 /* pt_regs->r15 */ ++ ++ pax_enter_kernel_nmi ++ + /* +- * If %cs was not the kernel segment, then the NMI triggered in user +- * space, which means it is definitely not nested. ++ * At this point we no longer need to worry about stack damage ++ * due to nesting -- we're on the normal thread stack and we're ++ * done with the NMI stack. + */ +- cmpl $__KERNEL_CS, 16(%rsp) +- jne first_nmi ++ ++ movq %rsp, %rdi ++ movq $-1, %rsi ++ call do_nmi ++ ++ pax_exit_kernel_nmi ++ ++ /* ++ * Return back to user mode. We must *not* do the normal exit ++ * work, because we don't want to enable interrupts. Fortunately, ++ * do_nmi doesn't modify pt_regs. ++ */ ++ SWAPGS ++ ++ /* ++ * Open-code the entire return process for compatibility with varying ++ * register layouts across different kernel versions. ++ */ ++ ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq R12(%rsp), %r12 ++#endif ++ ++ addq $6*8, %rsp /* skip bx, bp, and r12-r15 */ ++ popq %r11 /* pt_regs->r11 */ ++ popq %r10 /* pt_regs->r10 */ ++ popq %r9 /* pt_regs->r9 */ ++ popq %r8 /* pt_regs->r8 */ ++ popq %rax /* pt_regs->ax */ ++ popq %rcx /* pt_regs->cx */ ++ popq %rdx /* pt_regs->dx */ ++ popq %rsi /* pt_regs->si */ ++ popq %rdi /* pt_regs->di */ ++ addq $8, %rsp /* skip orig_ax */ ++ INTERRUPT_RETURN ++ ++.Lnmi_from_kernel: ++ /* ++ * Here's what our stack frame will look like: ++ * +---------------------------------------------------------+ ++ * | original SS | ++ * | original Return RSP | ++ * | original RFLAGS | ++ * | original CS | ++ * | original RIP | ++ * +---------------------------------------------------------+ ++ * | temp storage for rdx | ++ * +---------------------------------------------------------+ ++ * | "NMI executing" variable | ++ * +---------------------------------------------------------+ ++ * | iret SS } Copied from "outermost" frame | ++ * | iret Return RSP } on each loop iteration; overwritten | ++ * | iret RFLAGS } by a nested NMI to force another | ++ * | iret CS } iteration if needed. | ++ * | iret RIP } | ++ * +---------------------------------------------------------+ ++ * | outermost SS } initialized in first_nmi; | ++ * | outermost Return RSP } will not be changed before | ++ * | outermost RFLAGS } NMI processing is done. | ++ * | outermost CS } Copied to "iret" frame on each | ++ * | outermost RIP } iteration. | ++ * +---------------------------------------------------------+ ++ * | pt_regs | ++ * +---------------------------------------------------------+ ++ * ++ * The "original" frame is used by hardware. Before re-enabling ++ * NMIs, we need to be done with it, and we need to leave enough ++ * space for the asm code here. ++ * ++ * We return by executing IRET while RSP points to the "iret" frame. ++ * That will either return for real or it will loop back into NMI ++ * processing. ++ * ++ * The "outermost" frame is copied to the "iret" frame on each ++ * iteration of the loop, so each iteration starts with the "iret" ++ * frame pointing to the final return target. ++ */ ++ ++ /* ++ * If we interrupted kernel code between repeat_nmi and ++ * end_repeat_nmi, then we are a nested NMI. We must not ++ * modify the "iret" frame because it's being written by ++ * the outer NMI. That's okay: the outer NMI handler is ++ * about to about to call do_nmi anyway, so we can just ++ * resume the outer NMI. ++ */ ++ ++ movq $repeat_nmi, %rdx ++ cmpq 8(%rsp), %rdx ++ ja 1f ++ movq $end_repeat_nmi, %rdx ++ cmpq 8(%rsp), %rdx ++ ja nested_nmi_out +1: + /* - * Check the special variable on the stack to see if NMIs are - * executing. -@@ -1536,8 +2087,7 @@ nested_nmi: +- * Check the special variable on the stack to see if NMIs are +- * executing. ++ * Now check "NMI executing". If it's set, then we're nested. ++ * ++ * First check "NMI executing". If it's set, then we're nested. ++ * This will not detect if we interrupted an outer NMI just ++ * before IRET. + */ + cmpl $1, -8(%rsp) + je nested_nmi - 1: - /* Set up the interrupted NMIs stack to jump to repeat_nmi */ + /* +- * Now test if the previous stack was an NMI stack. +- * We need the double check. We check the NMI stack to satisfy the +- * race when the first NMI clears the variable before returning. +- * We check the variable because the first NMI could be in a +- * breakpoint routine using a breakpoint stack. ++ * Now test if the previous stack was an NMI stack. This covers ++ * the case where we interrupt an outer NMI after it clears ++ * "NMI executing" but before IRET. We need to be careful, though: ++ * there is one case in which RSP could point to the NMI stack ++ * despite there being no NMI active: naughty userspace controls ++ * RSP at the very beginning of the SYSCALL targets. We can ++ * pull a fast one on naughty userspace, though: we program ++ * SYSCALL to mask DF, so userspace cannot cause DF to be set ++ * if it controls the kernel's RSP. We set DF before we clear ++ * "NMI executing". + */ + lea 6*8(%rsp), %rdx + /* Compare the NMI stack (rdx) with the stack we came from (4*8(%rsp)) */ +@@ -1462,27 +2101,22 @@ ENTRY(nmi) + cmpq %rdx, 4*8(%rsp) + /* If it is below the NMI stack, it is a normal NMI */ + jb first_nmi +- /* Ah, it is within the NMI stack, treat it as nested */ ++ ++ /* Ah, it is within the NMI stack. */ ++ ++ testb $(X86_EFLAGS_DF >> 8), (3*8 + 1)(%rsp) ++ jz first_nmi /* RSP was user controlled. */ + + CFI_REMEMBER_STATE + ++ /* This is a nested NMI. */ ++ + nested_nmi: + /* +- * Do nothing if we interrupted the fixup in repeat_nmi. +- * It's about to repeat the NMI handler, so we are fine +- * with ignoring this one. ++ * Modify the "iret" frame to point to repeat_nmi, forcing another ++ * iteration of NMI handling. + */ +- movq $repeat_nmi, %rdx +- cmpq 8(%rsp), %rdx +- ja 1f +- movq $end_repeat_nmi, %rdx +- cmpq 8(%rsp), %rdx +- ja nested_nmi_out +- +-1: +- /* Set up the interrupted NMIs stack to jump to repeat_nmi */ - leaq -1*8(%rsp), %rdx - movq %rdx, %rsp + subq $8, %rsp CFI_ADJUST_CFA_OFFSET 1*8 leaq -10*8(%rsp), %rdx pushq_cfi $__KERNEL_DS -@@ -1555,6 +2105,7 @@ nested_nmi_out: +@@ -1499,60 +2133,24 @@ nested_nmi_out: + popq_cfi %rdx CFI_RESTORE rdx - /* No need to check faults here */ +- /* No need to check faults here */ ++ /* We are returning to kernel mode, so this cannot result in a fault. */ +# pax_force_retaddr_bts INTERRUPT_RETURN CFI_RESTORE_STATE -@@ -1651,13 +2202,13 @@ end_repeat_nmi: - subq $ORIG_RAX-R15, %rsp - CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15 + first_nmi: +- /* +- * Because nested NMIs will use the pushed location that we +- * stored in rdx, we must keep that space available. +- * Here's what our stack frame will look like: +- * +-------------------------+ +- * | original SS | +- * | original Return RSP | +- * | original RFLAGS | +- * | original CS | +- * | original RIP | +- * +-------------------------+ +- * | temp storage for rdx | +- * +-------------------------+ +- * | NMI executing variable | +- * +-------------------------+ +- * | copied SS | +- * | copied Return RSP | +- * | copied RFLAGS | +- * | copied CS | +- * | copied RIP | +- * +-------------------------+ +- * | Saved SS | +- * | Saved Return RSP | +- * | Saved RFLAGS | +- * | Saved CS | +- * | Saved RIP | +- * +-------------------------+ +- * | pt_regs | +- * +-------------------------+ +- * +- * The saved stack frame is used to fix up the copied stack frame +- * that a nested NMI may change to make the interrupted NMI iret jump +- * to the repeat_nmi. The original stack frame and the temp storage +- * is also used by nested NMIs and can not be trusted on exit. +- */ +- /* Do not pop rdx, nested NMIs will corrupt that part of the stack */ ++ /* Restore rdx. */ + movq (%rsp), %rdx + CFI_RESTORE rdx + + /* Set the NMI executing variable on the stack. */ + pushq_cfi $1 + +- /* +- * Leave room for the "copied" frame +- */ ++ /* Leave room for the "iret" frame */ + subq $(5*8), %rsp + CFI_ADJUST_CFA_OFFSET 5*8 + +- /* Copy the stack frame to the Saved frame */ ++ /* Copy the "original" frame to the "outermost" frame */ + .rept 5 + pushq_cfi 11*8(%rsp) + .endr +@@ -1560,6 +2158,7 @@ first_nmi: + + /* Everything up to here is safe from nested NMIs */ + ++repeat_nmi: /* -- * Use save_paranoid to handle SWAPGS, but no need to use paranoid_exit -+ * Use save_paranoid_nmi to handle SWAPGS, but no need to use paranoid_exit + * If there was a nested NMI, the first NMI's iret will return + * here. But NMIs are still enabled and we can take another +@@ -1568,16 +2167,21 @@ first_nmi: + * it will just return, as we are about to repeat an NMI anyway. + * This makes it safe to copy to the stack frame that a nested + * NMI will update. +- */ +-repeat_nmi: +- /* +- * Update the stack variable to say we are still in NMI (the update +- * is benign for the non-repeat case, where 1 was pushed just above +- * to this very stack slot). ++ * ++ * RSP is pointing to "outermost RIP". gsbase is unknown, but, if ++ * we're repeating an NMI, gsbase has the same value that it had on ++ * the first iteration. paranoid_entry will load the kernel ++ * gsbase if needed before we call do_nmi. ++ * ++ * Set "NMI executing" in case we came back here via IRET. + */ + movq $1, 10*8(%rsp) + +- /* Make another copy, this one may be modified by nested NMIs */ ++ /* ++ * Copy the "outermost" frame to the "iret" frame. NMIs that nest ++ * here must not modify the "iret" frame while we're writing to ++ * it or it will end up containing garbage. ++ */ + addq $(10*8), %rsp + CFI_ADJUST_CFA_OFFSET -10*8 + .rept 5 +@@ -1588,66 +2192,65 @@ repeat_nmi: + end_repeat_nmi: + + /* +- * Everything below this point can be preempted by a nested +- * NMI if the first NMI took an exception and reset our iret stack +- * so that we repeat another NMI. ++ * Everything below this point can be preempted by a nested NMI. ++ * If this happens, then the inner NMI will change the "iret" ++ * frame to point back to repeat_nmi. + */ + pushq_cfi $-1 /* ORIG_RAX: no syscall to restart */ + ALLOC_PT_GPREGS_ON_STACK + + /* +- * Use paranoid_entry to handle SWAPGS, but no need to use paranoid_exit ++ * Use paranoid_entry_nmi to handle SWAPGS, but no need to use paranoid_exit * as we should not be calling schedule in NMI context. * Even with normal interrupts enabled. An NMI should not be * setting NEED_RESCHED or anything that normal interrupts and * exceptions might do. */ -- call save_paranoid -+ call save_paranoid_nmi +- call paranoid_entry ++ call paranoid_entry_nmi DEFAULT_FRAME 0 - /* -@@ -1667,9 +2218,9 @@ end_repeat_nmi: - * NMI itself takes a page fault, the page fault that was preempted - * will read the information from the NMI page fault and not the - * origin fault. Save it off and restore it if it changes. +- /* +- * Save off the CR2 register. If we take a page fault in the NMI then +- * it could corrupt the CR2 value. If the NMI preempts a page fault +- * handler before it was able to read the CR2 register, and then the +- * NMI itself takes a page fault, the page fault that was preempted +- * will read the information from the NMI page fault and not the +- * origin fault. Save it off and restore it if it changes. - * Use the r12 callee-saved register. -+ * Use the r13 callee-saved register. - */ +- */ - movq %cr2, %r12 -+ movq %cr2, %r13 - +- /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */ movq %rsp,%rdi -@@ -1678,29 +2229,34 @@ end_repeat_nmi: + movq $-1,%rsi + call do_nmi - /* Did the NMI take a page fault? Restore cr2 if it did */ - movq %cr2, %rcx +- /* Did the NMI take a page fault? Restore cr2 if it did */ +- movq %cr2, %rcx - cmpq %rcx, %r12 -+ cmpq %rcx, %r13 - je 1f +- je 1f - movq %r12, %cr2 -+ movq %r13, %cr2 - 1: - +-1: +- - testl %ebx,%ebx /* swapgs needed? */ + testl $1,%ebx /* swapgs needed? */ jnz nmi_restore @@ -24194,16 +24400,34 @@ index f0095a7..7ece039 100644 SWAPGS_UNSAFE_STACK nmi_restore: + pax_exit_kernel_nmi - /* Pop the extra iret frame at once */ - RESTORE_ALL 6*8 -+ testb $3, 8(%rsp) -+ jnz 1f -+ pax_force_retaddr_bts -+1: + RESTORE_EXTRA_REGS + RESTORE_C_REGS +- /* Pop the extra iret frame at once */ ++ + REMOVE_PT_GPREGS_FROM_STACK 6*8 - /* Clear the NMI executing stack variable */ - movq $0, 5*8(%rsp) - jmp irq_return +- /* Clear the NMI executing stack variable */ +- movq $0, 5*8(%rsp) +- jmp irq_return ++ pax_force_retaddr_bts ++ ++ /* ++ * Clear "NMI executing". Set DF first so that we can easily ++ * distinguish the remaining code between here and IRET from ++ * the SYSCALL entry and exit paths. On a native kernel, we ++ * could just inspect RIP, but, on paravirt kernels, ++ * INTERRUPT_RETURN can translate into a jump into a ++ * hypercall page. ++ */ ++ std ++ movq $0, 5*8(%rsp) /* clear "NMI executing" */ ++ ++ /* ++ * INTERRUPT_RETURN reads the "iret" frame and exits the NMI ++ * stack in a single instruction. We are returning to kernel ++ * mode, so this cannot result in a fault. ++ */ ++ INTERRUPT_RETURN CFI_ENDPROC -END(nmi) +ENDPROC(nmi) @@ -24349,7 +24573,7 @@ index 8b7b0a5..02219db 100644 /* ALLOC_TRAMP flags lets us know we created it */ ops->flags |= FTRACE_OPS_FL_ALLOC_TRAMP; diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c -index b111ab5..3d419ea 100644 +index 5a46681..1ef7ffa 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -68,12 +68,12 @@ again: @@ -24393,19 +24617,19 @@ index b111ab5..3d419ea 100644 } pmd = (physaddr & PMD_MASK) + early_pmd_flags; pmd_p[pmd_index(address)] = pmd; -@@ -180,7 +180,6 @@ asmlinkage __visible void __init x86_64_start_kernel(char * real_mode_data) - if (console_loglevel >= CONSOLE_LOGLEVEL_DEBUG) - early_printk("Kernel alive\n"); +@@ -177,7 +177,6 @@ asmlinkage __visible void __init x86_64_start_kernel(char * real_mode_data) + */ + load_ucode_bsp(); - clear_page(init_level4_pgt); /* set init_level4_pgt kernel high mapping*/ init_level4_pgt[511] = early_level4_pgt[511]; diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S -index 30a2aa3..d62e1dd 100644 +index 7e429c9..7244a52 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S -@@ -26,6 +26,12 @@ +@@ -27,6 +27,12 @@ /* Physical address */ #define pa(X) ((X) - __PAGE_OFFSET) @@ -24418,7 +24642,7 @@ index 30a2aa3..d62e1dd 100644 /* * References to members of the new_cpu_data structure. */ -@@ -55,11 +61,7 @@ +@@ -56,11 +62,7 @@ * and small than max_low_pfn, otherwise will waste some page table entries */ @@ -24429,9 +24653,9 @@ index 30a2aa3..d62e1dd 100644 -#endif +#define PAGE_TABLE_SIZE(pages) ((pages) / PTRS_PER_PTE) - /* Number of possible pages in the lowmem region */ - LOWMEM_PAGES = (((1<<32) - __PAGE_OFFSET) >> PAGE_SHIFT) -@@ -78,6 +80,12 @@ INIT_MAP_SIZE = PAGE_TABLE_SIZE(KERNEL_PAGES) * PAGE_SIZE + /* + * Number of possible pages in the lowmem region. +@@ -86,6 +88,12 @@ INIT_MAP_SIZE = PAGE_TABLE_SIZE(KERNEL_PAGES) * PAGE_SIZE RESERVE_BRK(pagetables, INIT_MAP_SIZE) /* @@ -24444,7 +24668,7 @@ index 30a2aa3..d62e1dd 100644 * 32-bit kernel entrypoint; only used by the boot CPU. On entry, * %esi points to the real-mode code as a 32-bit pointer. * CS and DS must be 4 GB flat segments, but we don't depend on -@@ -85,6 +93,13 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) +@@ -93,6 +101,13 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) * can. */ __HEAD @@ -24458,7 +24682,7 @@ index 30a2aa3..d62e1dd 100644 ENTRY(startup_32) movl pa(stack_start),%ecx -@@ -106,6 +121,59 @@ ENTRY(startup_32) +@@ -114,6 +129,59 @@ ENTRY(startup_32) 2: leal -__PAGE_OFFSET(%ecx),%esp @@ -24518,7 +24742,7 @@ index 30a2aa3..d62e1dd 100644 /* * Clear BSS first so that there are no surprises... */ -@@ -201,8 +269,11 @@ ENTRY(startup_32) +@@ -209,8 +277,11 @@ ENTRY(startup_32) movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -24532,7 +24756,7 @@ index 30a2aa3..d62e1dd 100644 #else /* Not PAE */ page_pde_offset = (__PAGE_OFFSET >> 20); -@@ -232,8 +303,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); +@@ -240,8 +311,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -24546,7 +24770,7 @@ index 30a2aa3..d62e1dd 100644 #endif #ifdef CONFIG_PARAVIRT -@@ -247,9 +321,7 @@ page_pde_offset = (__PAGE_OFFSET >> 20); +@@ -255,9 +329,7 @@ page_pde_offset = (__PAGE_OFFSET >> 20); cmpl $num_subarch_entries, %eax jae bad_subarch @@ -24557,7 +24781,7 @@ index 30a2aa3..d62e1dd 100644 bad_subarch: WEAK(lguest_entry) -@@ -261,10 +333,10 @@ WEAK(xen_entry) +@@ -269,10 +341,10 @@ WEAK(xen_entry) __INITDATA subarch_entries: @@ -24572,7 +24796,7 @@ index 30a2aa3..d62e1dd 100644 num_subarch_entries = (. - subarch_entries) / 4 .previous #else -@@ -354,6 +426,7 @@ default_entry: +@@ -362,6 +434,7 @@ default_entry: movl pa(mmu_cr4_features),%eax movl %eax,%cr4 @@ -24580,7 +24804,7 @@ index 30a2aa3..d62e1dd 100644 testb $X86_CR4_PAE, %al # check if PAE is enabled jz enable_paging -@@ -382,6 +455,9 @@ default_entry: +@@ -390,6 +463,9 @@ default_entry: /* Make changes effective */ wrmsr @@ -24590,7 +24814,7 @@ index 30a2aa3..d62e1dd 100644 enable_paging: /* -@@ -449,14 +525,20 @@ is486: +@@ -457,14 +533,20 @@ is486: 1: movl $(__KERNEL_DS),%eax # reload all the segment registers movl %eax,%ss # after changing gdt. @@ -24612,7 +24836,7 @@ index 30a2aa3..d62e1dd 100644 movl %eax,%gs xorl %eax,%eax # Clear LDT -@@ -513,8 +595,11 @@ setup_once: +@@ -521,8 +603,11 @@ setup_once: * relocation. Manually set base address in stack canary * segment descriptor. */ @@ -24625,7 +24849,7 @@ index 30a2aa3..d62e1dd 100644 movw %cx, 8 * GDT_ENTRY_STACK_CANARY + 2(%eax) shrl $16, %ecx movb %cl, 8 * GDT_ENTRY_STACK_CANARY + 4(%eax) -@@ -551,7 +636,7 @@ early_idt_handler_common: +@@ -559,7 +644,7 @@ early_idt_handler_common: cmpl $2,(%esp) # X86_TRAP_NMI je is_nmi # Ignore NMI @@ -24634,7 +24858,7 @@ index 30a2aa3..d62e1dd 100644 je hlt_loop incl %ss:early_recursion_flag -@@ -589,8 +674,8 @@ early_idt_handler_common: +@@ -597,8 +682,8 @@ early_idt_handler_common: pushl (20+6*4)(%esp) /* trapno */ pushl $fault_msg call printk @@ -24644,7 +24868,7 @@ index 30a2aa3..d62e1dd 100644 hlt_loop: hlt jmp hlt_loop -@@ -610,8 +695,11 @@ ENDPROC(early_idt_handler_common) +@@ -618,8 +703,11 @@ ENDPROC(early_idt_handler_common) /* This is the default interrupt "handler" :-) */ ALIGN ignore_int: @@ -24657,7 +24881,7 @@ index 30a2aa3..d62e1dd 100644 pushl %eax pushl %ecx pushl %edx -@@ -620,9 +708,6 @@ ignore_int: +@@ -628,9 +716,6 @@ ignore_int: movl $(__KERNEL_DS),%eax movl %eax,%ds movl %eax,%es @@ -24667,7 +24891,7 @@ index 30a2aa3..d62e1dd 100644 pushl 16(%esp) pushl 24(%esp) pushl 32(%esp) -@@ -656,29 +741,34 @@ ENTRY(setup_once_ref) +@@ -664,29 +749,34 @@ ENTRY(setup_once_ref) /* * BSS section */ @@ -24707,7 +24931,7 @@ index 30a2aa3..d62e1dd 100644 ENTRY(initial_page_table) .long pa(initial_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ # if KPMDS == 3 -@@ -697,12 +787,20 @@ ENTRY(initial_page_table) +@@ -705,12 +795,20 @@ ENTRY(initial_page_table) # error "Kernel PMDs should be 1, 2 or 3" # endif .align PAGE_SIZE /* needs to be page-sized too */ @@ -24729,7 +24953,7 @@ index 30a2aa3..d62e1dd 100644 __INITRODATA int_msg: -@@ -730,7 +828,7 @@ fault_msg: +@@ -738,7 +836,7 @@ fault_msg: * segment size, and 32-bit linear address value: */ @@ -24738,7 +24962,7 @@ index 30a2aa3..d62e1dd 100644 .globl boot_gdt_descr .globl idt_descr -@@ -739,7 +837,7 @@ fault_msg: +@@ -747,7 +845,7 @@ fault_msg: .word 0 # 32 bit align gdt_desc.address boot_gdt_descr: .word __BOOT_DS+7 @@ -24747,7 +24971,7 @@ index 30a2aa3..d62e1dd 100644 .word 0 # 32-bit align idt_desc.address idt_descr: -@@ -750,7 +848,7 @@ idt_descr: +@@ -758,7 +856,7 @@ idt_descr: .word 0 # 32 bit align gdt_desc.address ENTRY(early_gdt_descr) .word GDT_ENTRIES*8-1 @@ -24756,7 +24980,7 @@ index 30a2aa3..d62e1dd 100644 /* * The boot_gdt must mirror the equivalent in setup.S and is -@@ -759,5 +857,65 @@ ENTRY(early_gdt_descr) +@@ -767,5 +865,65 @@ ENTRY(early_gdt_descr) .align L1_CACHE_BYTES ENTRY(boot_gdt) .fill GDT_ENTRY_BOOT_CS,8,0 @@ -24825,7 +25049,7 @@ index 30a2aa3..d62e1dd 100644 + .fill PAGE_SIZE_asm - GDT_SIZE,1,0 + .endr diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S -index f8a8406..ad6d014 100644 +index df7e780..e97a497 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -20,6 +20,8 @@ @@ -25131,19 +25355,6 @@ index 05fd74f..c3548b1 100644 +#ifdef CONFIG_PAX_PER_CPU_PGD +EXPORT_SYMBOL(cpu_pgd); +#endif -diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c -index f341d56..d9b527b 100644 ---- a/arch/x86/kernel/i387.c -+++ b/arch/x86/kernel/i387.c -@@ -68,7 +68,7 @@ static inline bool interrupted_kernel_fpu_idle(void) - static inline bool interrupted_user_mode(void) - { - struct pt_regs *regs = get_irq_regs(); -- return regs && user_mode_vm(regs); -+ return regs && user_mode(regs); - } - - /* diff --git a/arch/x86/kernel/i8259.c b/arch/x86/kernel/i8259.c index e7cc537..67d7372 100644 --- a/arch/x86/kernel/i8259.c @@ -25199,7 +25410,7 @@ index a979b5b..1d6db75 100644 .callback = dmi_io_delay_0xed_port, .ident = "Compaq Presario V6000", diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c -index 4ddaf66..49d5c18 100644 +index 37dae79..620dd84 100644 --- a/arch/x86/kernel/ioport.c +++ b/arch/x86/kernel/ioport.c @@ -6,6 +6,7 @@ @@ -25227,8 +25438,8 @@ index 4ddaf66..49d5c18 100644 * because the ->io_bitmap_max value must match the bitmap * contents: */ -- tss = &per_cpu(init_tss, get_cpu()); -+ tss = init_tss + get_cpu(); +- tss = &per_cpu(cpu_tss, get_cpu()); ++ tss = cpu_tss + get_cpu(); if (turn_on) bitmap_clear(t->io_bitmap_ptr, from, num); @@ -25246,7 +25457,7 @@ index 4ddaf66..49d5c18 100644 regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); t->iopl = level << 12; diff --git a/arch/x86/kernel/irq.c b/arch/x86/kernel/irq.c -index 67b1cbe..6ad4cbc 100644 +index e5952c2..11c3a54 100644 --- a/arch/x86/kernel/irq.c +++ b/arch/x86/kernel/irq.c @@ -22,7 +22,7 @@ @@ -25280,7 +25491,7 @@ index 67b1cbe..6ad4cbc 100644 } diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c -index 28d28f5..e6cc9ae 100644 +index f9fd86a..e6cc9ae 100644 --- a/arch/x86/kernel/irq_32.c +++ b/arch/x86/kernel/irq_32.c @@ -29,6 +29,8 @@ EXPORT_PER_CPU_SYMBOL(irq_regs); @@ -25406,17 +25617,8 @@ index 28d28f5..e6cc9ae 100644 } bool handle_irq(unsigned irq, struct pt_regs *regs) -@@ -165,7 +171,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs) - if (unlikely(!desc)) - return false; - -- if (user_mode_vm(regs) || !execute_on_irq_stack(overflow, desc, irq)) { -+ if (user_mode(regs) || !execute_on_irq_stack(overflow, desc, irq)) { - if (unlikely(overflow)) - print_stack_overflow(); - desc->handle_irq(irq, desc); diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c -index e4b503d..824fce8 100644 +index 394e643..824fce8 100644 --- a/arch/x86/kernel/irq_64.c +++ b/arch/x86/kernel/irq_64.c @@ -26,6 +26,8 @@ EXPORT_PER_CPU_SYMBOL(irq_stat); @@ -25428,15 +25630,6 @@ index e4b503d..824fce8 100644 int sysctl_panic_on_stackoverflow; /* -@@ -44,7 +46,7 @@ static inline void stack_overflow_check(struct pt_regs *regs) - u64 estack_top, estack_bottom; - u64 curbase = (u64)task_stack_page(current); - -- if (user_mode_vm(regs)) -+ if (user_mode(regs)) - return; - - if (regs->sp >= curbase + sizeof(struct thread_info) + @@ -69,6 +71,8 @@ static inline void stack_overflow_check(struct pt_regs *regs) irq_stack_top, irq_stack_bottom, estack_top, estack_bottom); @@ -25485,23 +25678,9 @@ index 26d5a55..a01160a 100644 } memcpy(&code, ideal_nops[NOP_ATOMIC5], JUMP_LABEL_NOP_SIZE); diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c -index 25ecd56..e12482f 100644 +index d6178d9..e12482f 100644 --- a/arch/x86/kernel/kgdb.c +++ b/arch/x86/kernel/kgdb.c -@@ -126,11 +126,11 @@ char *dbg_get_reg(int regno, void *mem, struct pt_regs *regs) - #ifdef CONFIG_X86_32 - switch (regno) { - case GDB_SS: -- if (!user_mode_vm(regs)) -+ if (!user_mode(regs)) - *(unsigned long *)mem = __KERNEL_DS; - break; - case GDB_SP: -- if (!user_mode_vm(regs)) -+ if (!user_mode(regs)) - *(unsigned long *)mem = kernel_stack_pointer(regs); - break; - case GDB_GS: @@ -228,7 +228,10 @@ static void kgdb_correct_hw_break(void) bp->attr.bp_addr = breakinfo[breakno].addr; bp->attr.bp_len = breakinfo[breakno].len; @@ -25578,7 +25757,7 @@ index 25ecd56..e12482f 100644 } diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c -index 03189d8..4705700 100644 +index 1deffe6..4705700 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -120,9 +120,12 @@ __synthesize_relative_insn(void *from, void *to, u8 op) @@ -25660,15 +25839,6 @@ index 03189d8..4705700 100644 } NOKPROBE_SYMBOL(setup_singlestep); -@@ -605,7 +612,7 @@ int kprobe_int3_handler(struct pt_regs *regs) - struct kprobe *p; - struct kprobe_ctlblk *kcb; - -- if (user_mode_vm(regs)) -+ if (user_mode(regs)) - return 0; - - addr = (kprobe_opcode_t *)(regs->ip - sizeof(kprobe_opcode_t)); @@ -640,7 +647,7 @@ int kprobe_int3_handler(struct pt_regs *regs) setup_singlestep(p, regs, kcb, 0); return 1; @@ -25697,15 +25867,6 @@ index 03189d8..4705700 100644 unsigned long orig_ip = (unsigned long)p->addr; kprobe_opcode_t *insn = p->ainsn.insn; -@@ -1010,7 +1020,7 @@ int kprobe_exceptions_notify(struct notifier_block *self, unsigned long val, - struct die_args *args = data; - int ret = NOTIFY_DONE; - -- if (args->regs && user_mode_vm(args->regs)) -+ if (args->regs && user_mode(args->regs)) - return ret; - - if (val == DIE_GPF) { diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c index 7b3b9d1..e2478b91 100644 --- a/arch/x86/kernel/kprobes/opt.c @@ -25789,10 +25950,33 @@ index c2bedae..25e7ab60 100644 .name = "data", .mode = S_IRUGO, diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c -index c37886d..3f425e3 100644 +index c37886d..f43b63d 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c -@@ -66,13 +66,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) +@@ -11,6 +11,7 @@ + #include <linux/sched.h> + #include <linux/string.h> + #include <linux/mm.h> ++#include <linux/ratelimit.h> + #include <linux/smp.h> + #include <linux/vmalloc.h> + #include <linux/uaccess.h> +@@ -20,6 +21,14 @@ + #include <asm/mmu_context.h> + #include <asm/syscalls.h> + ++#ifdef CONFIG_GRKERNSEC ++int sysctl_modify_ldt __read_only = 0; ++#elif defined(CONFIG_DEFAULT_MODIFY_LDT_SYSCALL) ++int sysctl_modify_ldt __read_only = 1; ++#else ++int sysctl_modify_ldt __read_only = 0; ++#endif ++ + #ifdef CONFIG_SMP + static void flush_ldt(void *current_mm) + { +@@ -66,13 +75,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) if (reload) { #ifdef CONFIG_SMP preempt_disable(); @@ -25808,7 +25992,7 @@ index c37886d..3f425e3 100644 #endif } if (oldsize) { -@@ -94,7 +94,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) +@@ -94,7 +103,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) return err; for (i = 0; i < old->size; i++) @@ -25817,7 +26001,7 @@ index c37886d..3f425e3 100644 return 0; } -@@ -115,6 +115,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) +@@ -115,6 +124,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) retval = copy_ldt(&mm->context, &old_mm->context); mutex_unlock(&old_mm->context.lock); } @@ -25842,7 +26026,7 @@ index c37886d..3f425e3 100644 return retval; } -@@ -229,6 +247,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) +@@ -229,6 +256,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) } } @@ -25856,6 +26040,22 @@ index c37886d..3f425e3 100644 if (!IS_ENABLED(CONFIG_X86_16BIT) && !ldt_info.seg_32bit) { error = -EINVAL; goto out_unlock; +@@ -254,6 +288,15 @@ asmlinkage int sys_modify_ldt(int func, void __user *ptr, + { + int ret = -ENOSYS; + ++ if (!sysctl_modify_ldt) { ++ printk_ratelimited(KERN_INFO ++ "Denied a call to modify_ldt() from %s[%d] (uid: %d)." ++ " Adjust sysctl if this was not an exploit attempt.\n", ++ current->comm, task_pid_nr(current), ++ from_kuid_munged(current_user_ns(), current_uid())); ++ return ret; ++ } ++ + switch (func) { + case 0: + ret = read_ldt(ptr, bytecount); diff --git a/arch/x86/kernel/livepatch.c b/arch/x86/kernel/livepatch.c index ff3c3101d..d7c0cd8 100644 --- a/arch/x86/kernel/livepatch.c @@ -26006,10 +26206,10 @@ index 94ea120..4154cea 100644 +ENDPROC(return_to_handler) #endif diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c -index d1ac80b..f593701 100644 +index 005c03e..2f440cd 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c -@@ -82,17 +82,17 @@ static unsigned long int get_module_load_offset(void) +@@ -75,17 +75,17 @@ static unsigned long int get_module_load_offset(void) } #endif @@ -26031,7 +26231,7 @@ index d1ac80b..f593701 100644 __builtin_return_address(0)); if (p && (kasan_module_alloc(p, size) < 0)) { vfree(p); -@@ -102,6 +102,51 @@ void *module_alloc(unsigned long size) +@@ -95,6 +95,51 @@ void *module_alloc(unsigned long size) return p; } @@ -26083,7 +26283,7 @@ index d1ac80b..f593701 100644 #ifdef CONFIG_X86_32 int apply_relocate(Elf32_Shdr *sechdrs, const char *strtab, -@@ -112,14 +157,16 @@ int apply_relocate(Elf32_Shdr *sechdrs, +@@ -105,14 +150,16 @@ int apply_relocate(Elf32_Shdr *sechdrs, unsigned int i; Elf32_Rel *rel = (void *)sechdrs[relsec].sh_addr; Elf32_Sym *sym; @@ -26103,7 +26303,7 @@ index d1ac80b..f593701 100644 /* This is the symbol it is referring to. Note that all undefined symbols have been resolved. */ sym = (Elf32_Sym *)sechdrs[symindex].sh_addr -@@ -128,11 +175,15 @@ int apply_relocate(Elf32_Shdr *sechdrs, +@@ -121,11 +168,15 @@ int apply_relocate(Elf32_Shdr *sechdrs, switch (ELF32_R_TYPE(rel[i].r_info)) { case R_386_32: /* We add the value into the location given */ @@ -26121,7 +26321,7 @@ index d1ac80b..f593701 100644 break; default: pr_err("%s: Unknown relocation: %u\n", -@@ -177,21 +228,30 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, +@@ -170,21 +221,30 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, case R_X86_64_NONE: break; case R_X86_64_64: @@ -26197,7 +26397,7 @@ index 113e707..0a690e1 100644 }; diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c -index c3e985d..110a36a 100644 +index c3e985d..f690edd 100644 --- a/arch/x86/kernel/nmi.c +++ b/arch/x86/kernel/nmi.c @@ -98,16 +98,16 @@ fs_initcall(nmi_warning_debugfs); @@ -26275,9 +26475,116 @@ index c3e985d..110a36a 100644 break; } } -@@ -528,6 +529,17 @@ static inline void nmi_nesting_postprocess(void) - dotraplinkage notrace void - do_nmi(struct pt_regs *regs, long error_code) +@@ -408,15 +409,15 @@ static void default_do_nmi(struct pt_regs *regs) + NOKPROBE_SYMBOL(default_do_nmi); + + /* +- * NMIs can hit breakpoints which will cause it to lose its +- * NMI context with the CPU when the breakpoint does an iret. +- */ +-#ifdef CONFIG_X86_32 +-/* +- * For i386, NMIs use the same stack as the kernel, and we can +- * add a workaround to the iret problem in C (preventing nested +- * NMIs if an NMI takes a trap). Simply have 3 states the NMI +- * can be in: ++ * NMIs can page fault or hit breakpoints which will cause it to lose ++ * its NMI context with the CPU when the breakpoint or page fault does an IRET. ++ * ++ * As a result, NMIs can nest if NMIs get unmasked due an IRET during ++ * NMI processing. On x86_64, the asm glue protects us from nested NMIs ++ * if the outer NMI came from kernel mode, but we can still nest if the ++ * outer NMI came from user mode. ++ * ++ * To handle these nested NMIs, we have three states: + * + * 1) not running + * 2) executing +@@ -430,15 +431,14 @@ NOKPROBE_SYMBOL(default_do_nmi); + * (Note, the latch is binary, thus multiple NMIs triggering, + * when one is running, are ignored. Only one NMI is restarted.) + * +- * If an NMI hits a breakpoint that executes an iret, another +- * NMI can preempt it. We do not want to allow this new NMI +- * to run, but we want to execute it when the first one finishes. +- * We set the state to "latched", and the exit of the first NMI will +- * perform a dec_return, if the result is zero (NOT_RUNNING), then +- * it will simply exit the NMI handler. If not, the dec_return +- * would have set the state to NMI_EXECUTING (what we want it to +- * be when we are running). In this case, we simply jump back +- * to rerun the NMI handler again, and restart the 'latched' NMI. ++ * If an NMI executes an iret, another NMI can preempt it. We do not ++ * want to allow this new NMI to run, but we want to execute it when the ++ * first one finishes. We set the state to "latched", and the exit of ++ * the first NMI will perform a dec_return, if the result is zero ++ * (NOT_RUNNING), then it will simply exit the NMI handler. If not, the ++ * dec_return would have set the state to NMI_EXECUTING (what we want it ++ * to be when we are running). In this case, we simply jump back to ++ * rerun the NMI handler again, and restart the 'latched' NMI. + * + * No trap (breakpoint or page fault) should be hit before nmi_restart, + * thus there is no race between the first check of state for NOT_RUNNING +@@ -461,49 +461,47 @@ enum nmi_states { + static DEFINE_PER_CPU(enum nmi_states, nmi_state); + static DEFINE_PER_CPU(unsigned long, nmi_cr2); + +-#define nmi_nesting_preprocess(regs) \ +- do { \ +- if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) { \ +- this_cpu_write(nmi_state, NMI_LATCHED); \ +- return; \ +- } \ +- this_cpu_write(nmi_state, NMI_EXECUTING); \ +- this_cpu_write(nmi_cr2, read_cr2()); \ +- } while (0); \ +- nmi_restart: +- +-#define nmi_nesting_postprocess() \ +- do { \ +- if (unlikely(this_cpu_read(nmi_cr2) != read_cr2())) \ +- write_cr2(this_cpu_read(nmi_cr2)); \ +- if (this_cpu_dec_return(nmi_state)) \ +- goto nmi_restart; \ +- } while (0) +-#else /* x86_64 */ ++#ifdef CONFIG_X86_64 + /* +- * In x86_64 things are a bit more difficult. This has the same problem +- * where an NMI hitting a breakpoint that calls iret will remove the +- * NMI context, allowing a nested NMI to enter. What makes this more +- * difficult is that both NMIs and breakpoints have their own stack. +- * When a new NMI or breakpoint is executed, the stack is set to a fixed +- * point. If an NMI is nested, it will have its stack set at that same +- * fixed address that the first NMI had, and will start corrupting the +- * stack. This is handled in entry_64.S, but the same problem exists with +- * the breakpoint stack. ++ * In x86_64, we need to handle breakpoint -> NMI -> breakpoint. Without ++ * some care, the inner breakpoint will clobber the outer breakpoint's ++ * stack. + * +- * If a breakpoint is being processed, and the debug stack is being used, +- * if an NMI comes in and also hits a breakpoint, the stack pointer +- * will be set to the same fixed address as the breakpoint that was +- * interrupted, causing that stack to be corrupted. To handle this case, +- * check if the stack that was interrupted is the debug stack, and if +- * so, change the IDT so that new breakpoints will use the current stack +- * and not switch to the fixed address. On return of the NMI, switch back +- * to the original IDT. ++ * If a breakpoint is being processed, and the debug stack is being ++ * used, if an NMI comes in and also hits a breakpoint, the stack ++ * pointer will be set to the same fixed address as the breakpoint that ++ * was interrupted, causing that stack to be corrupted. To handle this ++ * case, check if the stack that was interrupted is the debug stack, and ++ * if so, change the IDT so that new breakpoints will use the current ++ * stack and not switch to the fixed address. On return of the NMI, ++ * switch back to the original IDT. + */ + static DEFINE_PER_CPU(int, update_debug_stack); ++#endif + +-static inline void nmi_nesting_preprocess(struct pt_regs *regs) ++dotraplinkage notrace void ++do_nmi(struct pt_regs *regs, long error_code) { + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) @@ -26290,9 +26597,61 @@ index c3e985d..110a36a 100644 + } +#endif + - nmi_nesting_preprocess(regs); ++ if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) { ++ this_cpu_write(nmi_state, NMI_LATCHED); ++ return; ++ } ++ this_cpu_write(nmi_state, NMI_EXECUTING); ++ this_cpu_write(nmi_cr2, read_cr2()); ++nmi_restart: ++ ++#ifdef CONFIG_X86_64 + /* + * If we interrupted a breakpoint, it is possible that + * the nmi handler will have breakpoints too. We need to +@@ -514,22 +512,8 @@ static inline void nmi_nesting_preprocess(struct pt_regs *regs) + debug_stack_set_zero(); + this_cpu_write(update_debug_stack, 1); + } +-} +- +-static inline void nmi_nesting_postprocess(void) +-{ +- if (unlikely(this_cpu_read(update_debug_stack))) { +- debug_stack_reset(); +- this_cpu_write(update_debug_stack, 0); +- } +-} + #endif +-dotraplinkage notrace void +-do_nmi(struct pt_regs *regs, long error_code) +-{ +- nmi_nesting_preprocess(regs); +- nmi_enter(); + + inc_irq_stat(__nmi_count); +@@ -539,8 +523,17 @@ do_nmi(struct pt_regs *regs, long error_code) + + nmi_exit(); + +- /* On i386, may loop back to preprocess */ +- nmi_nesting_postprocess(); ++#ifdef CONFIG_X86_64 ++ if (unlikely(this_cpu_read(update_debug_stack))) { ++ debug_stack_reset(); ++ this_cpu_write(update_debug_stack, 0); ++ } ++#endif ++ ++ if (unlikely(this_cpu_read(nmi_cr2) != read_cr2())) ++ write_cr2(this_cpu_read(nmi_cr2)); ++ if (this_cpu_dec_return(nmi_state)) ++ goto nmi_restart; + } + NOKPROBE_SYMBOL(do_nmi); + diff --git a/arch/x86/kernel/nmi_selftest.c b/arch/x86/kernel/nmi_selftest.c index 6d9582e..f746287 100644 --- a/arch/x86/kernel/nmi_selftest.c @@ -26329,7 +26688,7 @@ index bbb6c73..24a58ef 100644 .lock_spinning = __PV_IS_CALLEE_SAVE(paravirt_nop), .unlock_kick = paravirt_nop, diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c -index 548d25f..f8fb99c 100644 +index c614dd4..9ad659e 100644 --- a/arch/x86/kernel/paravirt.c +++ b/arch/x86/kernel/paravirt.c @@ -56,6 +56,9 @@ u64 _paravirt_ident_64(u64 x) @@ -26450,7 +26809,7 @@ index 548d25f..f8fb99c 100644 .set_pgd = native_set_pgd, + .set_pgd_batched = native_set_pgd_batched, #endif - #endif /* PAGETABLE_LEVELS >= 3 */ + #endif /* CONFIG_PGTABLE_LEVELS >= 3 */ @@ -479,6 +492,12 @@ struct pv_mmu_ops pv_mmu_ops = { }, @@ -26533,20 +26892,28 @@ index 77dd0ad..9ec4723 100644 dma_generic_free_coherent(dev, size, vaddr, dma_addr, attrs); } diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c -index a388bb8..97064ad 100644 +index 6e338e3..82f946e 100644 --- a/arch/x86/kernel/process.c +++ b/arch/x86/kernel/process.c @@ -38,7 +38,8 @@ * section. Since TSS's are completely CPU-local, we want them * on exact cacheline boundaries, to eliminate cacheline ping-pong. */ --__visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, init_tss) = INIT_TSS; -+struct tss_struct init_tss[NR_CPUS] __visible ____cacheline_internodealigned_in_smp = { [0 ... NR_CPUS-1] = INIT_TSS }; -+EXPORT_SYMBOL(init_tss); +-__visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss) = { ++struct tss_struct cpu_tss[NR_CPUS] __visible ____cacheline_internodealigned_in_smp = { ++ [0 ... NR_CPUS-1] = { + .x86_tss = { + .sp0 = TOP_OF_INIT_STACK, + #ifdef CONFIG_X86_32 +@@ -56,6 +57,7 @@ __visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss) = { + */ + .io_bitmap = { [0 ... IO_BITMAP_LONGS] = ~0 }, + #endif ++} + }; + EXPORT_PER_CPU_SYMBOL(cpu_tss); - #ifdef CONFIG_X86_64 - static DEFINE_PER_CPU(unsigned char, is_idle); -@@ -96,7 +97,7 @@ void arch_task_cache_init(void) +@@ -115,7 +117,7 @@ void arch_task_cache_init(void) task_xstate_cachep = kmem_cache_create("task_xstate", xstate_size, __alignof__(union thread_xstate), @@ -26555,16 +26922,16 @@ index a388bb8..97064ad 100644 setup_xstate_comp(); } -@@ -110,7 +111,7 @@ void exit_thread(void) +@@ -129,7 +131,7 @@ void exit_thread(void) unsigned long *bp = t->io_bitmap_ptr; if (bp) { -- struct tss_struct *tss = &per_cpu(init_tss, get_cpu()); -+ struct tss_struct *tss = init_tss + get_cpu(); +- struct tss_struct *tss = &per_cpu(cpu_tss, get_cpu()); ++ struct tss_struct *tss = cpu_tss + get_cpu(); t->io_bitmap_ptr = NULL; clear_thread_flag(TIF_IO_BITMAP); -@@ -130,6 +131,9 @@ void flush_thread(void) +@@ -149,6 +151,9 @@ void flush_thread(void) { struct task_struct *tsk = current; @@ -26573,8 +26940,8 @@ index a388bb8..97064ad 100644 +#endif flush_ptrace_hw_breakpoint(tsk); memset(tsk->thread.tls_array, 0, sizeof(tsk->thread.tls_array)); - drop_init_fpu(tsk); -@@ -276,7 +280,7 @@ static void __exit_idle(void) + +@@ -302,7 +307,7 @@ static void __exit_idle(void) void exit_idle(void) { /* idle loop has pid 0 */ @@ -26583,7 +26950,7 @@ index a388bb8..97064ad 100644 return; __exit_idle(); } -@@ -329,7 +333,7 @@ bool xen_set_default_idle(void) +@@ -355,7 +360,7 @@ bool xen_set_default_idle(void) return ret; } #endif @@ -26592,32 +26959,35 @@ index a388bb8..97064ad 100644 { local_irq_disable(); /* -@@ -508,16 +512,37 @@ static int __init idle_setup(char *str) +@@ -531,16 +536,43 @@ static int __init idle_setup(char *str) } early_param("idle", idle_setup); -unsigned long arch_align_stack(unsigned long sp) -+#ifdef CONFIG_PAX_RANDKSTACK -+void pax_randomize_kstack(struct pt_regs *regs) - { +-{ - if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space) - sp -= get_random_int() % 8192; - return sp & ~0xf; -} +- + unsigned long arch_randomize_brk(struct mm_struct *mm) + { + unsigned long range_end = mm->brk + 0x02000000; + return randomize_range(mm->brk, range_end, 0) ? : mm->brk; + } + ++#ifdef CONFIG_PAX_RANDKSTACK ++void pax_randomize_kstack(struct pt_regs *regs) ++{ + struct thread_struct *thread = ¤t->thread; + unsigned long time; - --unsigned long arch_randomize_brk(struct mm_struct *mm) --{ -- unsigned long range_end = mm->brk + 0x02000000; -- return randomize_range(mm->brk, range_end, 0) ? : mm->brk; --} ++ + if (!randomize_va_space) + return; + + if (v8086_mode(regs)) + return; - ++ + rdtscl(time); + + /* P4 seems to return a 0 LSB, ignore it */ @@ -26633,7 +27003,7 @@ index a388bb8..97064ad 100644 +#endif + + thread->sp0 ^= time; -+ load_sp0(init_tss + smp_processor_id(), thread); ++ load_sp0(cpu_tss + smp_processor_id(), thread); + +#ifdef CONFIG_X86_64 + this_cpu_write(kernel_stack, thread->sp0); @@ -26641,7 +27011,7 @@ index a388bb8..97064ad 100644 +} +#endif diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c -index 603c4f9..3a105d7 100644 +index 8ed2106..1345704 100644 --- a/arch/x86/kernel/process_32.c +++ b/arch/x86/kernel/process_32.c @@ -64,6 +64,7 @@ asmlinkage void ret_from_kernel_thread(void) __asm__("ret_from_kernel_thread"); @@ -26652,12 +27022,8 @@ index 603c4f9..3a105d7 100644 } void __show_regs(struct pt_regs *regs, int all) -@@ -73,19 +74,18 @@ void __show_regs(struct pt_regs *regs, int all) - unsigned long sp; - unsigned short ss, gs; - -- if (user_mode_vm(regs)) { -+ if (user_mode(regs)) { +@@ -76,16 +77,15 @@ void __show_regs(struct pt_regs *regs, int all) + if (user_mode(regs)) { sp = regs->sp; ss = regs->ss & 0xffff; - gs = get_user_gs(regs); @@ -26702,16 +27068,16 @@ index 603c4f9..3a105d7 100644 childregs->fs = __KERNEL_PERCPU; childregs->bx = sp; /* function */ childregs->bp = arg; -@@ -248,7 +249,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -244,7 +245,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) struct thread_struct *prev = &prev_p->thread, *next = &next_p->thread; int cpu = smp_processor_id(); -- struct tss_struct *tss = &per_cpu(init_tss, cpu); -+ struct tss_struct *tss = init_tss + cpu; +- struct tss_struct *tss = &per_cpu(cpu_tss, cpu); ++ struct tss_struct *tss = cpu_tss + cpu; fpu_switch_t fpu; /* never put a printk in __switch_to... printk() calls wake_up*() indirectly */ -@@ -272,6 +273,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -263,6 +264,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) */ lazy_save_gs(prev->gs); @@ -26722,20 +27088,24 @@ index 603c4f9..3a105d7 100644 /* * Load the per-thread Thread-Local Storage descriptor. */ -@@ -310,9 +315,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -306,12 +311,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) + * current_thread_info(). */ - arch_end_context_switch(next_p); - + load_sp0(tss, next); - this_cpu_write(kernel_stack, -- (unsigned long)task_stack_page(next_p) + -- THREAD_SIZE - KERNEL_STACK_OFFSET); +- (unsigned long)task_stack_page(next_p) + +- THREAD_SIZE); +- this_cpu_write(cpu_current_top_of_stack, +- (unsigned long)task_stack_page(next_p) + +- THREAD_SIZE); + this_cpu_write(current_task, next_p); + this_cpu_write(current_tinfo, &next_p->tinfo); + this_cpu_write(kernel_stack, next->sp0); ++ this_cpu_write(cpu_current_top_of_stack, next->sp0); /* * Restore %gs if needed (which is common) -@@ -322,8 +327,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -321,8 +324,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) switch_fpu_finish(next_p, fpu); @@ -26744,16 +27114,16 @@ index 603c4f9..3a105d7 100644 return prev_p; } -@@ -353,4 +356,3 @@ unsigned long get_wchan(struct task_struct *p) +@@ -352,4 +353,3 @@ unsigned long get_wchan(struct task_struct *p) } while (count++ < 16); return 0; } - diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c -index 67fcc43..0d2c630 100644 +index ddfdbf7..625417c 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c -@@ -158,10 +158,11 @@ int copy_thread(unsigned long clone_flags, unsigned long sp, +@@ -158,9 +158,10 @@ int copy_thread(unsigned long clone_flags, unsigned long sp, struct pt_regs *childregs; struct task_struct *me = current; @@ -26761,12 +27131,11 @@ index 67fcc43..0d2c630 100644 + p->thread.sp0 = (unsigned long)task_stack_page(p) + THREAD_SIZE - 16; childregs = task_pt_regs(p); p->thread.sp = (unsigned long) childregs; - p->thread.usersp = me->thread.usersp; + p->tinfo.lowest_stack = (unsigned long)task_stack_page(p) + 2 * sizeof(unsigned long); set_tsk_thread_flag(p, TIF_FORK); p->thread.io_bitmap_ptr = NULL; -@@ -171,6 +172,8 @@ int copy_thread(unsigned long clone_flags, unsigned long sp, +@@ -170,6 +171,8 @@ int copy_thread(unsigned long clone_flags, unsigned long sp, p->thread.fs = p->thread.fsindex ? 0 : me->thread.fs; savesegment(es, p->thread.es); savesegment(ds, p->thread.ds); @@ -26775,16 +27144,16 @@ index 67fcc43..0d2c630 100644 memset(p->thread.ptrace_bps, 0, sizeof(p->thread.ptrace_bps)); if (unlikely(p->flags & PF_KTHREAD)) { -@@ -277,7 +280,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -275,7 +278,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) struct thread_struct *prev = &prev_p->thread; struct thread_struct *next = &next_p->thread; int cpu = smp_processor_id(); -- struct tss_struct *tss = &per_cpu(init_tss, cpu); -+ struct tss_struct *tss = init_tss + cpu; +- struct tss_struct *tss = &per_cpu(cpu_tss, cpu); ++ struct tss_struct *tss = cpu_tss + cpu; unsigned fsindex, gsindex; fpu_switch_t fpu; -@@ -331,6 +334,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -326,6 +329,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) if (unlikely(next->ds | prev->ds)) loadsegment(ds, next->ds); @@ -26795,26 +27164,25 @@ index 67fcc43..0d2c630 100644 /* * Switch FS and GS. * -@@ -404,6 +411,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) - prev->usersp = this_cpu_read(old_rsp); - this_cpu_write(old_rsp, next->usersp); +@@ -397,6 +404,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) + * Switch the PDA and FPU contexts. + */ this_cpu_write(current_task, next_p); + this_cpu_write(current_tinfo, &next_p->tinfo); /* * If it were not for PREEMPT_ACTIVE we could guarantee that the -@@ -413,9 +421,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) - task_thread_info(prev_p)->saved_preempt_count = this_cpu_read(__preempt_count); - this_cpu_write(__preempt_count, task_thread_info(next_p)->saved_preempt_count); +@@ -409,8 +417,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) + /* Reload esp0 and ss1. This changes current_thread_info(). */ + load_sp0(tss, next); - this_cpu_write(kernel_stack, -- (unsigned long)task_stack_page(next_p) + -- THREAD_SIZE - KERNEL_STACK_OFFSET); +- (unsigned long)task_stack_page(next_p) + THREAD_SIZE); + this_cpu_write(kernel_stack, next->sp0); /* * Now maybe reload the debug registers and handle I/O bitmaps -@@ -485,12 +491,11 @@ unsigned long get_wchan(struct task_struct *p) +@@ -508,12 +515,11 @@ unsigned long get_wchan(struct task_struct *p) if (!p || p == current || p->state == TASK_RUNNING) return 0; stack = (unsigned long)task_stack_page(p); @@ -26830,7 +27198,7 @@ index 67fcc43..0d2c630 100644 ip = *(u64 *)(fp+8); if (!in_sched_functions(ip)) diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c -index e510618..5165ac0 100644 +index a7bc794..094ee8e 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c @@ -186,10 +186,10 @@ unsigned long kernel_stack_pointer(struct pt_regs *regs) @@ -26846,7 +27214,7 @@ index e510618..5165ac0 100644 if (prev_esp) return (unsigned long)prev_esp; -@@ -452,6 +452,20 @@ static int putreg(struct task_struct *child, +@@ -446,6 +446,20 @@ static int putreg(struct task_struct *child, if (child->thread.gs != value) return do_arch_prctl(child, ARCH_SET_GS, value); return 0; @@ -26867,7 +27235,7 @@ index e510618..5165ac0 100644 #endif } -@@ -588,7 +602,7 @@ static void ptrace_triggered(struct perf_event *bp, +@@ -582,7 +596,7 @@ static void ptrace_triggered(struct perf_event *bp, static unsigned long ptrace_get_dr7(struct perf_event *bp[]) { int i; @@ -26876,7 +27244,7 @@ index e510618..5165ac0 100644 struct arch_hw_breakpoint *info; for (i = 0; i < HBP_NUM; i++) { -@@ -822,7 +836,7 @@ long arch_ptrace(struct task_struct *child, long request, +@@ -816,7 +830,7 @@ long arch_ptrace(struct task_struct *child, long request, unsigned long addr, unsigned long data) { int ret; @@ -26885,7 +27253,7 @@ index e510618..5165ac0 100644 switch (request) { /* read the word at location addr in the USER area. */ -@@ -907,14 +921,14 @@ long arch_ptrace(struct task_struct *child, long request, +@@ -901,14 +915,14 @@ long arch_ptrace(struct task_struct *child, long request, if ((int) addr < 0) return -EIO; ret = do_get_thread_area(child, addr, @@ -26902,7 +27270,7 @@ index e510618..5165ac0 100644 break; #endif -@@ -1292,7 +1306,7 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request, +@@ -1286,7 +1300,7 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request, #ifdef CONFIG_X86_64 @@ -26911,7 +27279,7 @@ index e510618..5165ac0 100644 [REGSET_GENERAL] = { .core_note_type = NT_PRSTATUS, .n = sizeof(struct user_regs_struct) / sizeof(long), -@@ -1333,7 +1347,7 @@ static const struct user_regset_view user_x86_64_view = { +@@ -1327,7 +1341,7 @@ static const struct user_regset_view user_x86_64_view = { #endif /* CONFIG_X86_64 */ #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION @@ -26920,7 +27288,7 @@ index e510618..5165ac0 100644 [REGSET_GENERAL] = { .core_note_type = NT_PRSTATUS, .n = sizeof(struct user_regs_struct32) / sizeof(u32), -@@ -1386,7 +1400,7 @@ static const struct user_regset_view user_x86_32_view = { +@@ -1380,7 +1394,7 @@ static const struct user_regset_view user_x86_32_view = { */ u64 xstate_fx_sw_bytes[USER_XSTATE_FX_SW_WORDS]; @@ -26929,16 +27297,16 @@ index e510618..5165ac0 100644 { #ifdef CONFIG_X86_64 x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64); -@@ -1421,7 +1435,7 @@ static void fill_sigtrap_info(struct task_struct *tsk, +@@ -1415,7 +1429,7 @@ static void fill_sigtrap_info(struct task_struct *tsk, memset(info, 0, sizeof(*info)); info->si_signo = SIGTRAP; info->si_code = si_code; -- info->si_addr = user_mode_vm(regs) ? (void __user *)regs->ip : NULL; +- info->si_addr = user_mode(regs) ? (void __user *)regs->ip : NULL; + info->si_addr = user_mode(regs) ? (__force void __user *)regs->ip : NULL; } void user_single_step_siginfo(struct task_struct *tsk, -@@ -1455,6 +1469,10 @@ static void do_audit_syscall_entry(struct pt_regs *regs, u32 arch) +@@ -1449,6 +1463,10 @@ static void do_audit_syscall_entry(struct pt_regs *regs, u32 arch) } } @@ -26949,7 +27317,7 @@ index e510618..5165ac0 100644 /* * We can return 0 to resume the syscall or anything else to go to phase * 2. If we resume the syscall, we need to put something appropriate in -@@ -1562,6 +1580,11 @@ long syscall_trace_enter_phase2(struct pt_regs *regs, u32 arch, +@@ -1556,6 +1574,11 @@ long syscall_trace_enter_phase2(struct pt_regs *regs, u32 arch, BUG_ON(regs != task_pt_regs(current)); @@ -26961,7 +27329,7 @@ index e510618..5165ac0 100644 /* * If we stepped into a sysenter/syscall insn, it trapped in * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP. -@@ -1620,6 +1643,11 @@ void syscall_trace_leave(struct pt_regs *regs) +@@ -1614,6 +1637,11 @@ void syscall_trace_leave(struct pt_regs *regs) */ user_exit(); @@ -26974,7 +27342,7 @@ index e510618..5165ac0 100644 if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) diff --git a/arch/x86/kernel/pvclock.c b/arch/x86/kernel/pvclock.c -index e5ecd20..60f7eef 100644 +index 2f355d2..e75ed0a 100644 --- a/arch/x86/kernel/pvclock.c +++ b/arch/x86/kernel/pvclock.c @@ -51,11 +51,11 @@ void pvclock_touch_watchdogs(void) @@ -27130,7 +27498,7 @@ index c8e41e9..64049ef 100644 /* * PCI ids solely used for fixups_table go here diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S -index 3fd2c69..a444264 100644 +index 98111b3..73ca125 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -96,8 +96,7 @@ relocate_kernel: @@ -27144,7 +27512,7 @@ index 3fd2c69..a444264 100644 identity_mapped: /* set return address to 0 if not preserving context */ diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c -index 0a2421c..11f3f36 100644 +index d74ac33..d9efe04 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -111,6 +111,7 @@ @@ -27189,7 +27557,7 @@ index 0a2421c..11f3f36 100644 u64 size = __pa_symbol(_end) - start; /* -@@ -855,8 +858,12 @@ dump_kernel_offset(struct notifier_block *self, unsigned long v, void *p) +@@ -860,8 +863,12 @@ dump_kernel_offset(struct notifier_block *self, unsigned long v, void *p) void __init setup_arch(char **cmdline_p) { @@ -27202,7 +27570,7 @@ index 0a2421c..11f3f36 100644 early_reserve_initrd(); -@@ -954,16 +961,16 @@ void __init setup_arch(char **cmdline_p) +@@ -959,16 +966,16 @@ void __init setup_arch(char **cmdline_p) if (!boot_params.hdr.root_flags) root_mountflags &= ~MS_RDONLY; @@ -27301,10 +27669,10 @@ index e4fcb87..9c06c55 100644 * Up to this point, the boot CPU has been using .init.data * area. Reload any changed state for the boot CPU. diff --git a/arch/x86/kernel/signal.c b/arch/x86/kernel/signal.c -index e504246..ba10432 100644 +index 1ea14fd..b16147f 100644 --- a/arch/x86/kernel/signal.c +++ b/arch/x86/kernel/signal.c -@@ -190,7 +190,7 @@ static unsigned long align_sigframe(unsigned long sp) +@@ -183,7 +183,7 @@ static unsigned long align_sigframe(unsigned long sp) * Align the stack pointer according to the i386 ABI, * i.e. so that on function entry ((sp + 4) & 15) == 0. */ @@ -27313,7 +27681,7 @@ index e504246..ba10432 100644 #else /* !CONFIG_X86_32 */ sp = round_down(sp, 16) - 8; #endif -@@ -298,10 +298,9 @@ __setup_frame(int sig, struct ksignal *ksig, sigset_t *set, +@@ -291,10 +291,9 @@ __setup_frame(int sig, struct ksignal *ksig, sigset_t *set, } if (current->mm->context.vdso) @@ -27326,7 +27694,7 @@ index e504246..ba10432 100644 if (ksig->ka.sa.sa_flags & SA_RESTORER) restorer = ksig->ka.sa.sa_restorer; -@@ -315,7 +314,7 @@ __setup_frame(int sig, struct ksignal *ksig, sigset_t *set, +@@ -308,7 +307,7 @@ __setup_frame(int sig, struct ksignal *ksig, sigset_t *set, * reasons and because gdb uses it as a signature to notice * signal handler stack frames. */ @@ -27335,7 +27703,7 @@ index e504246..ba10432 100644 if (err) return -EFAULT; -@@ -362,8 +361,10 @@ static int __setup_rt_frame(int sig, struct ksignal *ksig, +@@ -355,8 +354,10 @@ static int __setup_rt_frame(int sig, struct ksignal *ksig, save_altstack_ex(&frame->uc.uc_stack, regs->sp); /* Set up to return from userspace. */ @@ -27348,7 +27716,7 @@ index e504246..ba10432 100644 if (ksig->ka.sa.sa_flags & SA_RESTORER) restorer = ksig->ka.sa.sa_restorer; put_user_ex(restorer, &frame->pretcode); -@@ -375,7 +376,7 @@ static int __setup_rt_frame(int sig, struct ksignal *ksig, +@@ -368,7 +369,7 @@ static int __setup_rt_frame(int sig, struct ksignal *ksig, * reasons and because gdb uses it as a signature to notice * signal handler stack frames. */ @@ -27357,9 +27725,9 @@ index e504246..ba10432 100644 } put_user_catch(err); err |= copy_siginfo_to_user(&frame->info, &ksig->info); -@@ -611,7 +612,12 @@ setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) +@@ -598,7 +599,12 @@ setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) { - int usig = signr_convert(ksig->sig); + int usig = ksig->sig; sigset_t *set = sigmask_to_save(); - compat_sigset_t *cset = (compat_sigset_t *) set; + sigset_t sigcopy; @@ -27371,7 +27739,7 @@ index e504246..ba10432 100644 /* Set up the stack frame */ if (is_ia32_frame()) { -@@ -622,7 +628,7 @@ setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) +@@ -609,7 +615,7 @@ setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs) } else if (is_x32_frame()) { return x32_setup_rt_frame(ksig, cset, regs); } else { @@ -27394,10 +27762,10 @@ index be8e1bd..a3d93fa 100644 .smp_prepare_cpus = native_smp_prepare_cpus, .smp_cpus_done = native_smp_cpus_done, diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c -index febc6aa..37d8edf 100644 +index 50e547e..d59d06a 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c -@@ -229,14 +229,17 @@ static void notrace start_secondary(void *unused) +@@ -226,14 +226,17 @@ static void notrace start_secondary(void *unused) enable_start_cpu0 = 0; @@ -27419,34 +27787,44 @@ index febc6aa..37d8edf 100644 /* * Check TSC synchronization with the BP: */ -@@ -800,8 +803,9 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle) +@@ -782,18 +785,17 @@ void common_cpu_up(unsigned int cpu, struct task_struct *idle) alternatives_enable_smp(); - idle->thread.sp = (unsigned long) (((struct pt_regs *) -- (THREAD_SIZE + task_stack_page(idle))) - 1); -+ (THREAD_SIZE - 16 + task_stack_page(idle))) - 1); per_cpu(current_task, cpu) = idle; + per_cpu(current_tinfo, cpu) = &idle->tinfo; #ifdef CONFIG_X86_32 /* Stack for startup_32 can be just as for start_secondary onwards */ -@@ -810,10 +814,10 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle) + irq_ctx_init(cpu); +- per_cpu(cpu_current_top_of_stack, cpu) = +- (unsigned long)task_stack_page(idle) + THREAD_SIZE; ++ per_cpu(cpu_current_top_of_stack, cpu) = (unsigned long)task_stack_page(idle) - 16 + THREAD_SIZE; + #else clear_tsk_thread_flag(idle, TIF_FORK); initial_gs = per_cpu_offset(cpu); #endif - per_cpu(kernel_stack, cpu) = -- (unsigned long)task_stack_page(idle) - -- KERNEL_STACK_OFFSET + THREAD_SIZE; +- (unsigned long)task_stack_page(idle) + THREAD_SIZE; + per_cpu(kernel_stack, cpu) = (unsigned long)task_stack_page(idle) - 16 + THREAD_SIZE; + } + + /* +@@ -814,9 +816,11 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle) + unsigned long timeout; + + idle->thread.sp = (unsigned long) (((struct pt_regs *) +- (THREAD_SIZE + task_stack_page(idle))) - 1); ++ (THREAD_SIZE - 16 + task_stack_page(idle))) - 1); + + pax_open_kernel(); early_gdt_descr.address = (unsigned long)get_cpu_gdt_table(cpu); + pax_close_kernel(); initial_code = (unsigned long)start_secondary; stack_start = idle->thread.sp; -@@ -953,6 +957,15 @@ int native_cpu_up(unsigned int cpu, struct task_struct *tidle) - /* the FPU context is blank, nobody can own it */ - __cpu_disable_lazy_restore(cpu); +@@ -961,6 +965,15 @@ int native_cpu_up(unsigned int cpu, struct task_struct *tidle) + + common_cpu_up(cpu, tidle); +#ifdef CONFIG_PAX_PER_CPU_PGD + clone_pgd_range(get_cpu_pgd(cpu, kernel) + KERNEL_PGD_BOUNDARY, @@ -27693,10 +28071,10 @@ index 0000000..5877189 + return arch_get_unmapped_area(filp, addr0, len, pgoff, flags); +} diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c -index 30277e2..5664a29 100644 +index 10e0272..b4bb9a7 100644 --- a/arch/x86/kernel/sys_x86_64.c +++ b/arch/x86/kernel/sys_x86_64.c -@@ -81,8 +81,8 @@ out: +@@ -97,8 +97,8 @@ out: return error; } @@ -27707,7 +28085,7 @@ index 30277e2..5664a29 100644 { if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) { unsigned long new_begin; -@@ -101,7 +101,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin, +@@ -117,7 +117,7 @@ static void find_start_end(unsigned long flags, unsigned long *begin, *begin = new_begin; } } else { @@ -27716,7 +28094,7 @@ index 30277e2..5664a29 100644 *end = TASK_SIZE; } } -@@ -114,20 +114,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -130,20 +130,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, struct vm_area_struct *vma; struct vm_unmapped_area_info info; unsigned long begin, end; @@ -27744,15 +28122,15 @@ index 30277e2..5664a29 100644 return addr; } -@@ -137,6 +141,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, - info.high_limit = end; - info.align_mask = filp ? get_align_mask() : 0; - info.align_offset = pgoff << PAGE_SHIFT; +@@ -157,6 +161,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, + info.align_mask = get_align_mask(); + info.align_offset += get_align_bits(); + } + info.threadstack_offset = offset; return vm_unmapped_area(&info); } -@@ -149,6 +154,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -169,6 +174,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, struct mm_struct *mm = current->mm; unsigned long addr = addr0; struct vm_unmapped_area_info info; @@ -27760,7 +28138,7 @@ index 30277e2..5664a29 100644 /* requested length too big for entire address space */ if (len > TASK_SIZE) -@@ -161,12 +167,15 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -181,12 +187,15 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, if (!test_thread_flag(TIF_ADDR32) && (flags & MAP_32BIT)) goto bottomup; @@ -27778,10 +28156,10 @@ index 30277e2..5664a29 100644 return addr; } -@@ -176,6 +185,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, - info.high_limit = mm->mmap_base; - info.align_mask = filp ? get_align_mask() : 0; - info.align_offset = pgoff << PAGE_SHIFT; +@@ -200,6 +209,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, + info.align_mask = get_align_mask(); + info.align_offset += get_align_bits(); + } + info.threadstack_offset = offset; addr = vm_unmapped_area(&info); if (!(addr & ~PAGE_MASK)) @@ -27849,15 +28227,12 @@ index 91a4496..42fc304 100644 #ifdef CONFIG_DEBUG_FS diff --git a/arch/x86/kernel/time.c b/arch/x86/kernel/time.c -index 25adc0e..1df4349 100644 +index d39c091..1df4349 100644 --- a/arch/x86/kernel/time.c +++ b/arch/x86/kernel/time.c -@@ -30,9 +30,9 @@ unsigned long profile_pc(struct pt_regs *regs) - { - unsigned long pc = instruction_pointer(regs); +@@ -32,7 +32,7 @@ unsigned long profile_pc(struct pt_regs *regs) -- if (!user_mode_vm(regs) && in_lock_functions(pc)) { -+ if (!user_mode(regs) && in_lock_functions(pc)) { + if (!user_mode(regs) && in_lock_functions(pc)) { #ifdef CONFIG_FRAME_POINTER - return *(unsigned long *)(regs->bp + sizeof(long)); + return ktla_ktva(*(unsigned long *)(regs->bp + sizeof(long))); @@ -27926,7 +28301,7 @@ index 1c113db..287b42e 100644 static int trace_irq_vector_refcount; static DEFINE_MUTEX(irq_vector_mutex); diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c -index 4ff5d16..736e3e1 100644 +index 324ab52..0cfd2d05 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -68,7 +68,7 @@ @@ -27947,43 +28322,16 @@ index 4ff5d16..736e3e1 100644 DECLARE_BITMAP(used_vectors, NR_VECTORS); EXPORT_SYMBOL_GPL(used_vectors); -@@ -112,7 +112,7 @@ enum ctx_state ist_enter(struct pt_regs *regs) - { - enum ctx_state prev_state; +@@ -174,7 +174,7 @@ void ist_begin_non_atomic(struct pt_regs *regs) + * will catch asm bugs and any attempt to use ist_preempt_enable + * from double_fault. + */ +- BUG_ON((unsigned long)(current_top_of_stack() - ++ BUG_ON((unsigned long)(current_top_of_stack(smp_processor_id()) - + current_stack_pointer()) >= THREAD_SIZE); -- if (user_mode_vm(regs)) { -+ if (user_mode(regs)) { - /* Other than that, we're just an exception. */ - prev_state = exception_enter(); - } else { -@@ -146,7 +146,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state) - /* Must be before exception_exit. */ preempt_count_sub(HARDIRQ_OFFSET); - -- if (user_mode_vm(regs)) -+ if (user_mode(regs)) - return exception_exit(prev_state); - else - rcu_nmi_exit(); -@@ -158,7 +158,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state) - * - * IST exception handlers normally cannot schedule. As a special - * exception, if the exception interrupted userspace code (i.e. -- * user_mode_vm(regs) would return true) and the exception was not -+ * user_mode(regs) would return true) and the exception was not - * a double fault, it can be safe to schedule. ist_begin_non_atomic() - * begins a non-atomic section within an ist_enter()/ist_exit() region. - * Callers are responsible for enabling interrupts themselves inside -@@ -167,7 +167,7 @@ void ist_exit(struct pt_regs *regs, enum ctx_state prev_state) - */ - void ist_begin_non_atomic(struct pt_regs *regs) - { -- BUG_ON(!user_mode_vm(regs)); -+ BUG_ON(!user_mode(regs)); - - /* - * Sanity check: we need to be on the normal thread stack. This -@@ -191,11 +191,11 @@ void ist_end_non_atomic(void) +@@ -191,7 +191,7 @@ void ist_end_non_atomic(void) } static nokprobe_inline int @@ -27991,18 +28339,8 @@ index 4ff5d16..736e3e1 100644 +do_trap_no_signal(struct task_struct *tsk, int trapnr, const char *str, struct pt_regs *regs, long error_code) { - #ifdef CONFIG_X86_32 -- if (regs->flags & X86_VM_MASK) { -+ if (v8086_mode(regs)) { - /* - * Traps 0, 1, 3, 4, and 5 should be forwarded to vm86. - * On nmi (interrupt 2), do_trap should not be called. -@@ -208,12 +208,24 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str, - return -1; - } - #endif -- if (!user_mode(regs)) { -+ if (!user_mode_novm(regs)) { + if (v8086_mode(regs)) { +@@ -211,8 +211,20 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str, if (!fixup_exception(regs)) { tsk->thread.error_code = error_code; tsk->thread.trap_nr = trapnr; @@ -28023,7 +28361,7 @@ index 4ff5d16..736e3e1 100644 return 0; } -@@ -252,7 +264,7 @@ static siginfo_t *fill_trap_info(struct pt_regs *regs, int signr, int trapnr, +@@ -251,7 +263,7 @@ static siginfo_t *fill_trap_info(struct pt_regs *regs, int signr, int trapnr, } static void @@ -28032,7 +28370,7 @@ index 4ff5d16..736e3e1 100644 long error_code, siginfo_t *info) { struct task_struct *tsk = current; -@@ -276,7 +288,7 @@ do_trap(int trapnr, int signr, char *str, struct pt_regs *regs, +@@ -275,7 +287,7 @@ do_trap(int trapnr, int signr, char *str, struct pt_regs *regs, if (show_unhandled_signals && unhandled_signal(tsk, signr) && printk_ratelimit()) { pr_info("%s[%d] trap %s ip:%lx sp:%lx error:%lx", @@ -28041,7 +28379,7 @@ index 4ff5d16..736e3e1 100644 regs->ip, regs->sp, error_code); print_vma_addr(" in ", regs->ip); pr_cont("\n"); -@@ -358,6 +370,11 @@ dotraplinkage void do_double_fault(struct pt_regs *regs, long error_code) +@@ -357,6 +369,11 @@ dotraplinkage void do_double_fault(struct pt_regs *regs, long error_code) tsk->thread.error_code = error_code; tsk->thread.trap_nr = X86_TRAP_DF; @@ -28053,33 +28391,7 @@ index 4ff5d16..736e3e1 100644 #ifdef CONFIG_DOUBLEFAULT df_debug(regs, error_code); #endif -@@ -384,7 +401,7 @@ dotraplinkage void do_bounds(struct pt_regs *regs, long error_code) - goto exit; - conditional_sti(regs); - -- if (!user_mode_vm(regs)) -+ if (!user_mode(regs)) - die("bounds", regs, error_code); - - if (!cpu_feature_enabled(X86_FEATURE_MPX)) { -@@ -463,7 +480,7 @@ do_general_protection(struct pt_regs *regs, long error_code) - conditional_sti(regs); - - #ifdef CONFIG_X86_32 -- if (regs->flags & X86_VM_MASK) { -+ if (v8086_mode(regs)) { - local_irq_enable(); - handle_vm86_fault((struct kernel_vm86_regs *) regs, error_code); - goto exit; -@@ -471,18 +488,42 @@ do_general_protection(struct pt_regs *regs, long error_code) - #endif - - tsk = current; -- if (!user_mode(regs)) { -+ if (!user_mode_novm(regs)) { - if (fixup_exception(regs)) - goto exit; - +@@ -475,11 +492,35 @@ do_general_protection(struct pt_regs *regs, long error_code) tsk->thread.error_code = error_code; tsk->thread.trap_nr = X86_TRAP_GP; if (notify_die(DIE_GPF, "general protection fault", regs, error_code, @@ -28116,7 +28428,7 @@ index 4ff5d16..736e3e1 100644 tsk->thread.error_code = error_code; tsk->thread.trap_nr = X86_TRAP_GP; -@@ -581,13 +622,16 @@ struct bad_iret_stack *fixup_bad_iret(struct bad_iret_stack *s) +@@ -578,6 +619,9 @@ struct bad_iret_stack *fixup_bad_iret(struct bad_iret_stack *s) container_of(task_pt_regs(current), struct bad_iret_stack, regs); @@ -28126,50 +28438,6 @@ index 4ff5d16..736e3e1 100644 /* Copy the IRET target to the new stack. */ memmove(&new_stack->regs.ip, (void *)s->regs.sp, 5*8); - /* Copy the remainder of the stack from the current stack. */ - memmove(new_stack, s, offsetof(struct bad_iret_stack, regs.ip)); - -- BUG_ON(!user_mode_vm(&new_stack->regs)); -+ BUG_ON(!user_mode(&new_stack->regs)); - return new_stack; - } - NOKPROBE_SYMBOL(fixup_bad_iret); -@@ -637,7 +681,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code) - * then it's very likely the result of an icebp/int01 trap. - * User wants a sigtrap for that. - */ -- if (!dr6 && user_mode_vm(regs)) -+ if (!dr6 && user_mode(regs)) - user_icebp = 1; - - /* Catch kmemcheck conditions first of all! */ -@@ -673,7 +717,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code) - /* It's safe to allow irq's after DR6 has been saved */ - preempt_conditional_sti(regs); - -- if (regs->flags & X86_VM_MASK) { -+ if (v8086_mode(regs)) { - handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code, - X86_TRAP_DB); - preempt_conditional_cli(regs); -@@ -688,7 +732,7 @@ dotraplinkage void do_debug(struct pt_regs *regs, long error_code) - * We already checked v86 mode above, so we can check for kernel mode - * by just checking the CPL of CS. - */ -- if ((dr6 & DR_STEP) && !user_mode(regs)) { -+ if ((dr6 & DR_STEP) && !user_mode_novm(regs)) { - tsk->thread.debugreg6 &= ~DR_STEP; - set_tsk_thread_flag(tsk, TIF_SINGLESTEP); - regs->flags &= ~X86_EFLAGS_TF; -@@ -721,7 +765,7 @@ static void math_error(struct pt_regs *regs, int error_code, int trapnr) - return; - conditional_sti(regs); - -- if (!user_mode_vm(regs)) -+ if (!user_mode(regs)) - { - if (!fixup_exception(regs)) { - task->thread.error_code = error_code; diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c index 5054497..139f8f8 100644 --- a/arch/x86/kernel/tsc.c @@ -28184,18 +28452,9 @@ index 5054497..139f8f8 100644 /* diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c -index 81f8adb0..fff670e 100644 +index 0b81ad6..fff670e 100644 --- a/arch/x86/kernel/uprobes.c +++ b/arch/x86/kernel/uprobes.c -@@ -912,7 +912,7 @@ int arch_uprobe_exception_notify(struct notifier_block *self, unsigned long val, - int ret = NOTIFY_DONE; - - /* We are only interested in userspace traps */ -- if (regs && !user_mode_vm(regs)) -+ if (regs && !user_mode(regs)) - return NOTIFY_DONE; - - switch (val) { @@ -986,7 +986,7 @@ arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct pt_regs if (nleft != rasize) { @@ -28218,7 +28477,7 @@ index b9242ba..50c5edd 100644 * verify_cpu, returns the status of longmode and SSE in register %eax. * 0: Success 1: Failure diff --git a/arch/x86/kernel/vm86_32.c b/arch/x86/kernel/vm86_32.c -index e8edcf5..27f9344 100644 +index fc9db6e..2c5865d 100644 --- a/arch/x86/kernel/vm86_32.c +++ b/arch/x86/kernel/vm86_32.c @@ -44,6 +44,7 @@ @@ -28233,8 +28492,8 @@ index e8edcf5..27f9344 100644 do_exit(SIGSEGV); } -- tss = &per_cpu(init_tss, get_cpu()); -+ tss = init_tss + get_cpu(); +- tss = &per_cpu(cpu_tss, get_cpu()); ++ tss = cpu_tss + get_cpu(); current->thread.sp0 = current->thread.saved_sp0; current->thread.sysenter_cs = __KERNEL_CS; load_sp0(tss, ¤t->thread); @@ -28271,8 +28530,8 @@ index e8edcf5..27f9344 100644 tsk->thread.saved_fs = info->regs32->fs; tsk->thread.saved_gs = get_user_gs(info->regs32); -- tss = &per_cpu(init_tss, get_cpu()); -+ tss = init_tss + get_cpu(); +- tss = &per_cpu(cpu_tss, get_cpu()); ++ tss = cpu_tss + get_cpu(); tsk->thread.sp0 = (unsigned long) &info->VM86_TSS_ESP0; if (cpu_has_sep) tsk->thread.sysenter_cs = 0; @@ -28656,7 +28915,7 @@ index 234b072..b7ab191 100644 .read = native_io_apic_read, .write = native_io_apic_write, diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c -index cdc6cf9..e04f495 100644 +index 87a815b..727dbe6 100644 --- a/arch/x86/kernel/xsave.c +++ b/arch/x86/kernel/xsave.c @@ -168,18 +168,18 @@ static inline int save_xstate_epilog(void __user *buf, int ia32_frame) @@ -28707,10 +28966,10 @@ index cdc6cf9..e04f495 100644 if ((unsigned long)buf % 64 || fx_only) { u64 init_bv = pcntxt_mask & ~XSTATE_FPSSE; diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c -index 307f9ec..0d8aa91 100644 +index 1d08ad3..c6a4faf 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c -@@ -186,15 +186,20 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu, +@@ -204,15 +204,20 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu, struct kvm_cpuid2 *cpuid, struct kvm_cpuid_entry2 __user *entries) { @@ -28734,7 +28993,7 @@ index 307f9ec..0d8aa91 100644 vcpu->arch.cpuid_nent = cpuid->nent; kvm_apic_set_version(vcpu); kvm_x86_ops->cpuid_update(vcpu); -@@ -207,15 +212,19 @@ int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu, +@@ -225,15 +230,19 @@ int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu, struct kvm_cpuid2 *cpuid, struct kvm_cpuid_entry2 __user *entries) { @@ -28758,10 +29017,10 @@ index 307f9ec..0d8aa91 100644 out: diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c -index 106c015..2db7161 100644 +index 630bcb0..a7f6d9e 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c -@@ -3572,7 +3572,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) +@@ -3569,7 +3569,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) int cr = ctxt->modrm_reg; u64 efer = 0; @@ -28771,7 +29030,7 @@ index 106c015..2db7161 100644 0, 0, 0, /* CR3 checked later */ CR4_RESERVED_BITS, diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index 8ee4aa7..40c3d4c 100644 +index 67d07e0..10769d5 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -56,7 +56,7 @@ @@ -28784,10 +29043,10 @@ index 8ee4aa7..40c3d4c 100644 #define APIC_LVT_NUM 6 /* 14 is the version for Xeon and Pentium 8.4.8*/ diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h -index 0bc6c65..ca4f92d 100644 +index 9d28383..c4ea87e 100644 --- a/arch/x86/kvm/lapic.h +++ b/arch/x86/kvm/lapic.h -@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr) +@@ -150,7 +150,7 @@ static inline bool kvm_apic_vid_enabled(struct kvm *kvm) static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu) { @@ -28810,10 +29069,10 @@ index 6e6d115..43fecbf 100644 goto error; walker->ptep_user[walker->level - 1] = ptep_user; diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 1b32e29..076a16d 100644 +index 4911bf1..e7d3ed2 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c -@@ -3570,7 +3570,11 @@ static void reload_tss(struct kvm_vcpu *vcpu) +@@ -3577,7 +3577,11 @@ static void reload_tss(struct kvm_vcpu *vcpu) int cpu = raw_smp_processor_id(); struct svm_cpu_data *sd = per_cpu(svm_data, cpu); @@ -28825,7 +29084,7 @@ index 1b32e29..076a16d 100644 load_TR_desc(); } -@@ -3966,6 +3970,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) +@@ -3973,6 +3977,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) #endif #endif @@ -28837,7 +29096,7 @@ index 1b32e29..076a16d 100644 local_irq_disable(); diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 5318d64..ff5f7aa 100644 +index 2d73807..84a0e59 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -1440,12 +1440,12 @@ static void vmcs_write64(unsigned long field, u64 value) @@ -28887,7 +29146,7 @@ index 5318d64..ff5f7aa 100644 { u64 host_tsc, tsc_offset; -@@ -4466,7 +4474,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4467,7 +4475,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) unsigned long cr4; vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */ @@ -28898,7 +29157,7 @@ index 5318d64..ff5f7aa 100644 /* Save the most likely value for this task's CR4 in the VMCS. */ cr4 = cr4_read_shadow(); -@@ -4493,7 +4504,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4494,7 +4505,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ vmx->host_idt_base = dt.address; @@ -28907,7 +29166,7 @@ index 5318d64..ff5f7aa 100644 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); vmcs_write32(HOST_IA32_SYSENTER_CS, low32); -@@ -6104,11 +6115,17 @@ static __init int hardware_setup(void) +@@ -6107,11 +6118,17 @@ static __init int hardware_setup(void) * page upon invalidation. No need to do anything if not * using the APIC_ACCESS_ADDR VMCS field. */ @@ -28929,7 +29188,7 @@ index 5318d64..ff5f7aa 100644 if (enable_ept && !cpu_has_vmx_ept_2m_page()) kvm_disable_largepages(); -@@ -6119,14 +6136,16 @@ static __init int hardware_setup(void) +@@ -6122,14 +6139,16 @@ static __init int hardware_setup(void) if (!cpu_has_vmx_apicv()) enable_apicv = 0; @@ -28951,7 +29210,7 @@ index 5318d64..ff5f7aa 100644 vmx_disable_intercept_for_msr(MSR_FS_BASE, false); vmx_disable_intercept_for_msr(MSR_GS_BASE, false); -@@ -6179,10 +6198,12 @@ static __init int hardware_setup(void) +@@ -6182,10 +6201,12 @@ static __init int hardware_setup(void) enable_pml = 0; if (!enable_pml) { @@ -28968,7 +29227,7 @@ index 5318d64..ff5f7aa 100644 } return alloc_kvm_area(); -@@ -8227,6 +8248,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8230,6 +8251,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) "jmp 2f \n\t" "1: " __ex(ASM_VMX_VMRESUME) "\n\t" "2: " @@ -28981,7 +29240,7 @@ index 5318d64..ff5f7aa 100644 /* Save guest registers, load host registers, keep flags */ "mov %0, %c[wordsize](%%" _ASM_SP ") \n\t" "pop %0 \n\t" -@@ -8279,6 +8306,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8282,6 +8309,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) #endif [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), [wordsize]"i"(sizeof(ulong)) @@ -28993,7 +29252,7 @@ index 5318d64..ff5f7aa 100644 : "cc", "memory" #ifdef CONFIG_X86_64 , "rax", "rbx", "rdi", "rsi" -@@ -8292,7 +8324,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8295,7 +8327,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) if (debugctlmsr) update_debugctlmsr(debugctlmsr); @@ -29002,7 +29261,7 @@ index 5318d64..ff5f7aa 100644 /* * The sysexit path does not restore ds/es, so we must set them to * a reasonable value ourselves. -@@ -8301,8 +8333,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8304,8 +8336,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) * may be executed in interrupt context, which saves and restore segments * around it, nullifying its effect. */ @@ -29024,10 +29283,10 @@ index 5318d64..ff5f7aa 100644 vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 8838057..8f42ce3 100644 +index ea306ad..669f42d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -1895,8 +1895,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) +@@ -1929,8 +1929,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) { struct kvm *kvm = vcpu->kvm; int lm = is_long_mode(vcpu); @@ -29038,7 +29297,7 @@ index 8838057..8f42ce3 100644 u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64 : kvm->arch.xen_hvm_config.blob_size_32; u32 page_num = data & ~PAGE_MASK; -@@ -2833,6 +2833,8 @@ long kvm_arch_dev_ioctl(struct file *filp, +@@ -2867,6 +2867,8 @@ long kvm_arch_dev_ioctl(struct file *filp, if (n < msr_list.nmsrs) goto out; r = -EFAULT; @@ -29047,7 +29306,7 @@ index 8838057..8f42ce3 100644 if (copy_to_user(user_msr_list->indices, &msrs_to_save, num_msrs_to_save * sizeof(u32))) goto out; -@@ -5737,7 +5739,7 @@ static struct notifier_block pvclock_gtod_notifier = { +@@ -5784,7 +5786,7 @@ static struct notifier_block pvclock_gtod_notifier = { }; #endif @@ -29057,10 +29316,10 @@ index 8838057..8f42ce3 100644 int r; struct kvm_x86_ops *ops = opaque; diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c -index ac4453d..1f43bf3 100644 +index 8f9a133..3c7694b 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c -@@ -1340,9 +1340,10 @@ static __init int early_put_chars(u32 vtermno, const char *buf, int count) +@@ -1341,9 +1341,10 @@ static __init int early_put_chars(u32 vtermno, const char *buf, int count) * Rebooting also tells the Host we're finished, but the RESTART flag tells the * Launcher to reboot us. */ @@ -29332,10 +29591,10 @@ index 00933d5..3a64af9 100644 movl %eax, (v) movl %edx, 4(v) diff --git a/arch/x86/lib/atomic64_cx8_32.S b/arch/x86/lib/atomic64_cx8_32.S -index f5cc9eb..51fa319 100644 +index 082a851..6a963bc 100644 --- a/arch/x86/lib/atomic64_cx8_32.S +++ b/arch/x86/lib/atomic64_cx8_32.S -@@ -35,10 +35,20 @@ ENTRY(atomic64_read_cx8) +@@ -25,10 +25,20 @@ ENTRY(atomic64_read_cx8) CFI_STARTPROC read64 %ecx @@ -29356,7 +29615,7 @@ index f5cc9eb..51fa319 100644 ENTRY(atomic64_set_cx8) CFI_STARTPROC -@@ -48,10 +58,25 @@ ENTRY(atomic64_set_cx8) +@@ -38,10 +48,25 @@ ENTRY(atomic64_set_cx8) cmpxchg8b (%esi) jne 1b @@ -29382,7 +29641,7 @@ index f5cc9eb..51fa319 100644 ENTRY(atomic64_xchg_cx8) CFI_STARTPROC -@@ -60,12 +85,13 @@ ENTRY(atomic64_xchg_cx8) +@@ -50,12 +75,13 @@ ENTRY(atomic64_xchg_cx8) cmpxchg8b (%esi) jne 1b @@ -29396,9 +29655,9 @@ index f5cc9eb..51fa319 100644 +.macro addsub_return func ins insc unchecked="" +ENTRY(atomic64_\func\()_return\unchecked\()_cx8) CFI_STARTPROC - SAVE ebp - SAVE ebx -@@ -82,27 +108,44 @@ ENTRY(atomic64_\func\()_return_cx8) + pushl_cfi_reg ebp + pushl_cfi_reg ebx +@@ -72,27 +98,44 @@ ENTRY(atomic64_\func\()_return_cx8) movl %edx, %ecx \ins\()l %esi, %ebx \insc\()l %edi, %ecx @@ -29425,10 +29684,10 @@ index f5cc9eb..51fa319 100644 +#endif +.endif + - RESTORE edi - RESTORE esi - RESTORE ebx - RESTORE ebp + popl_cfi_reg edi + popl_cfi_reg esi + popl_cfi_reg ebx + popl_cfi_reg ebp + pax_force_retaddr ret CFI_ENDPROC @@ -29446,9 +29705,9 @@ index f5cc9eb..51fa319 100644 +.macro incdec_return func ins insc unchecked="" +ENTRY(atomic64_\func\()_return\unchecked\()_cx8) CFI_STARTPROC - SAVE ebx + pushl_cfi_reg ebx -@@ -112,21 +155,39 @@ ENTRY(atomic64_\func\()_return_cx8) +@@ -102,21 +145,38 @@ ENTRY(atomic64_\func\()_return_cx8) movl %edx, %ecx \ins\()l $1, %ebx \insc\()l $0, %ecx @@ -29464,7 +29723,7 @@ index f5cc9eb..51fa319 100644 LOCK_PREFIX cmpxchg8b (%esi) jne 1b - +- -10: movl %ebx, %eax movl %ecx, %edx @@ -29475,7 +29734,7 @@ index f5cc9eb..51fa319 100644 +#endif +.endif + - RESTORE ebx + popl_cfi_reg ebx + pax_force_retaddr ret CFI_ENDPROC @@ -29490,7 +29749,7 @@ index f5cc9eb..51fa319 100644 ENTRY(atomic64_dec_if_positive_cx8) CFI_STARTPROC -@@ -138,6 +199,13 @@ ENTRY(atomic64_dec_if_positive_cx8) +@@ -128,6 +188,13 @@ ENTRY(atomic64_dec_if_positive_cx8) movl %edx, %ecx subl $1, %ebx sbb $0, %ecx @@ -29504,15 +29763,15 @@ index f5cc9eb..51fa319 100644 js 2f LOCK_PREFIX cmpxchg8b (%esi) -@@ -147,6 +215,7 @@ ENTRY(atomic64_dec_if_positive_cx8) +@@ -137,6 +204,7 @@ ENTRY(atomic64_dec_if_positive_cx8) movl %ebx, %eax movl %ecx, %edx - RESTORE ebx + popl_cfi_reg ebx + pax_force_retaddr ret CFI_ENDPROC ENDPROC(atomic64_dec_if_positive_cx8) -@@ -171,6 +240,13 @@ ENTRY(atomic64_add_unless_cx8) +@@ -161,6 +229,13 @@ ENTRY(atomic64_add_unless_cx8) movl %edx, %ecx addl %ebp, %ebx adcl %edi, %ecx @@ -29526,15 +29785,15 @@ index f5cc9eb..51fa319 100644 LOCK_PREFIX cmpxchg8b (%esi) jne 1b -@@ -181,6 +257,7 @@ ENTRY(atomic64_add_unless_cx8) +@@ -171,6 +246,7 @@ ENTRY(atomic64_add_unless_cx8) CFI_ADJUST_CFA_OFFSET -8 - RESTORE ebx - RESTORE ebp + popl_cfi_reg ebx + popl_cfi_reg ebp + pax_force_retaddr ret 4: cmpl %edx, 4(%esp) -@@ -203,6 +280,13 @@ ENTRY(atomic64_inc_not_zero_cx8) +@@ -193,6 +269,13 @@ ENTRY(atomic64_inc_not_zero_cx8) xorl %ecx, %ecx addl $1, %ebx adcl %edx, %ecx @@ -29548,16 +29807,16 @@ index f5cc9eb..51fa319 100644 LOCK_PREFIX cmpxchg8b (%esi) jne 1b -@@ -210,6 +294,7 @@ ENTRY(atomic64_inc_not_zero_cx8) +@@ -200,6 +283,7 @@ ENTRY(atomic64_inc_not_zero_cx8) movl $1, %eax 3: - RESTORE ebx + popl_cfi_reg ebx + pax_force_retaddr ret CFI_ENDPROC ENDPROC(atomic64_inc_not_zero_cx8) diff --git a/arch/x86/lib/checksum_32.S b/arch/x86/lib/checksum_32.S -index e78b8eee..7e173a8 100644 +index 9bc944a..e52be6c 100644 --- a/arch/x86/lib/checksum_32.S +++ b/arch/x86/lib/checksum_32.S @@ -29,7 +29,8 @@ @@ -29570,7 +29829,7 @@ index e78b8eee..7e173a8 100644 /* * computes a partial checksum, e.g. for TCP/UDP fragments */ -@@ -293,9 +294,24 @@ unsigned int csum_partial_copy_generic (const char *src, char *dst, +@@ -285,9 +286,24 @@ unsigned int csum_partial_copy_generic (const char *src, char *dst, #define ARGBASE 16 #define FP 12 @@ -29596,8 +29855,8 @@ index e78b8eee..7e173a8 100644 +ENTRY(csum_partial_copy_generic) subl $4,%esp CFI_ADJUST_CFA_OFFSET 4 - pushl_cfi %edi -@@ -317,7 +333,7 @@ ENTRY(csum_partial_copy_generic) + pushl_cfi_reg edi +@@ -306,7 +322,7 @@ ENTRY(csum_partial_copy_generic) jmp 4f SRC(1: movw (%esi), %bx ) addl $2, %esi @@ -29606,7 +29865,7 @@ index e78b8eee..7e173a8 100644 addl $2, %edi addw %bx, %ax adcl $0, %eax -@@ -329,30 +345,30 @@ DST( movw %bx, (%edi) ) +@@ -318,30 +334,30 @@ DST( movw %bx, (%edi) ) SRC(1: movl (%esi), %ebx ) SRC( movl 4(%esi), %edx ) adcl %ebx, %eax @@ -29645,7 +29904,7 @@ index e78b8eee..7e173a8 100644 lea 32(%esi), %esi lea 32(%edi), %edi -@@ -366,7 +382,7 @@ DST( movl %edx, 28(%edi) ) +@@ -355,7 +371,7 @@ DST( movl %edx, 28(%edi) ) shrl $2, %edx # This clears CF SRC(3: movl (%esi), %ebx ) adcl %ebx, %eax @@ -29654,7 +29913,7 @@ index e78b8eee..7e173a8 100644 lea 4(%esi), %esi lea 4(%edi), %edi dec %edx -@@ -378,12 +394,12 @@ DST( movl %ebx, (%edi) ) +@@ -367,12 +383,12 @@ DST( movl %ebx, (%edi) ) jb 5f SRC( movw (%esi), %cx ) leal 2(%esi), %esi @@ -29669,7 +29928,7 @@ index e78b8eee..7e173a8 100644 6: addl %ecx, %eax adcl $0, %eax 7: -@@ -394,7 +410,7 @@ DST( movb %cl, (%edi) ) +@@ -383,7 +399,7 @@ DST( movb %cl, (%edi) ) 6001: movl ARGBASE+20(%esp), %ebx # src_err_ptr @@ -29678,7 +29937,7 @@ index e78b8eee..7e173a8 100644 # zero the complete destination - computing the rest # is too much work -@@ -407,11 +423,15 @@ DST( movb %cl, (%edi) ) +@@ -396,37 +412,58 @@ DST( movb %cl, (%edi) ) 6002: movl ARGBASE+24(%esp), %ebx # dst_err_ptr @@ -29692,10 +29951,9 @@ index e78b8eee..7e173a8 100644 + popl_cfi %ds + pushl_cfi %ss + popl_cfi %es - popl_cfi %ebx - CFI_RESTORE ebx - popl_cfi %esi -@@ -421,26 +441,43 @@ DST( movb %cl, (%edi) ) + popl_cfi_reg ebx + popl_cfi_reg esi + popl_cfi_reg edi popl_cfi %ecx # equivalent to addl $4,%esp ret CFI_ENDPROC @@ -29741,10 +29999,10 @@ index e78b8eee..7e173a8 100644 +#endif + +ENTRY(csum_partial_copy_generic) - pushl_cfi %ebx - CFI_REL_OFFSET ebx, 0 - pushl_cfi %edi -@@ -461,7 +498,7 @@ ENTRY(csum_partial_copy_generic) + pushl_cfi_reg ebx + pushl_cfi_reg edi + pushl_cfi_reg esi +@@ -444,7 +481,7 @@ ENTRY(csum_partial_copy_generic) subl %ebx, %edi lea -1(%esi),%edx andl $-32,%edx @@ -29753,7 +30011,7 @@ index e78b8eee..7e173a8 100644 testl %esi, %esi jmp *%ebx 1: addl $64,%esi -@@ -482,19 +519,19 @@ ENTRY(csum_partial_copy_generic) +@@ -465,19 +502,19 @@ ENTRY(csum_partial_copy_generic) jb 5f SRC( movw (%esi), %dx ) leal 2(%esi), %esi @@ -29776,7 +30034,7 @@ index e78b8eee..7e173a8 100644 # zero the complete destination (computing the rest is too much work) movl ARGBASE+8(%esp),%edi # dst movl ARGBASE+12(%esp),%ecx # len -@@ -502,10 +539,17 @@ DST( movb %dl, (%edi) ) +@@ -485,16 +522,23 @@ DST( movb %dl, (%edi) ) rep; stosb jmp 7b 6002: movl ARGBASE+24(%esp), %ebx # dst_err_ptr @@ -29792,11 +30050,9 @@ index e78b8eee..7e173a8 100644 + popl_cfi %es +#endif + - popl_cfi %esi - CFI_RESTORE esi - popl_cfi %edi -@@ -514,7 +558,7 @@ DST( movb %dl, (%edi) ) - CFI_RESTORE ebx + popl_cfi_reg esi + popl_cfi_reg edi + popl_cfi_reg ebx ret CFI_ENDPROC -ENDPROC(csum_partial_copy_generic) @@ -29805,18 +30061,26 @@ index e78b8eee..7e173a8 100644 #undef ROUND #undef ROUND1 diff --git a/arch/x86/lib/clear_page_64.S b/arch/x86/lib/clear_page_64.S -index f2145cf..cea889d 100644 +index e67e579..4782449 100644 --- a/arch/x86/lib/clear_page_64.S +++ b/arch/x86/lib/clear_page_64.S -@@ -11,6 +11,7 @@ ENTRY(clear_page_c) +@@ -23,6 +23,7 @@ ENTRY(clear_page) movl $4096/8,%ecx xorl %eax,%eax rep stosq + pax_force_retaddr ret CFI_ENDPROC - ENDPROC(clear_page_c) -@@ -20,6 +21,7 @@ ENTRY(clear_page_c_e) + ENDPROC(clear_page) +@@ -47,6 +48,7 @@ ENTRY(clear_page_orig) + leaq 64(%rdi),%rdi + jnz .Lloop + nop ++ pax_force_retaddr + ret + CFI_ENDPROC + ENDPROC(clear_page_orig) +@@ -56,6 +58,7 @@ ENTRY(clear_page_c_e) movl $4096,%ecx xorl %eax,%eax rep stosb @@ -29824,23 +30088,6 @@ index f2145cf..cea889d 100644 ret CFI_ENDPROC ENDPROC(clear_page_c_e) -@@ -43,6 +45,7 @@ ENTRY(clear_page) - leaq 64(%rdi),%rdi - jnz .Lloop - nop -+ pax_force_retaddr - ret - CFI_ENDPROC - .Lclear_page_end: -@@ -58,7 +61,7 @@ ENDPROC(clear_page) - - #include <asm/cpufeature.h> - -- .section .altinstr_replacement,"ax" -+ .section .altinstr_replacement,"a" - 1: .byte 0xeb /* jmp <disp8> */ - .byte (clear_page_c - clear_page) - (2f - 1b) /* offset */ - 2: .byte 0xeb /* jmp <disp8> */ diff --git a/arch/x86/lib/cmpxchg16b_emu.S b/arch/x86/lib/cmpxchg16b_emu.S index 40a1725..5d12ac4 100644 --- a/arch/x86/lib/cmpxchg16b_emu.S @@ -29869,18 +30116,18 @@ index 40a1725..5d12ac4 100644 CFI_ENDPROC diff --git a/arch/x86/lib/copy_page_64.S b/arch/x86/lib/copy_page_64.S -index 176cca6..e0d658e 100644 +index 8239dbc..e714d2a 100644 --- a/arch/x86/lib/copy_page_64.S +++ b/arch/x86/lib/copy_page_64.S -@@ -9,6 +9,7 @@ copy_page_rep: - CFI_STARTPROC +@@ -17,6 +17,7 @@ ENTRY(copy_page) + ALTERNATIVE "jmp copy_page_regs", "", X86_FEATURE_REP_GOOD movl $4096/8, %ecx rep movsq + pax_force_retaddr ret CFI_ENDPROC - ENDPROC(copy_page_rep) -@@ -24,8 +25,8 @@ ENTRY(copy_page) + ENDPROC(copy_page) +@@ -27,8 +28,8 @@ ENTRY(copy_page_regs) CFI_ADJUST_CFA_OFFSET 2*8 movq %rbx, (%rsp) CFI_REL_OFFSET rbx, 0 @@ -29891,7 +30138,7 @@ index 176cca6..e0d658e 100644 movl $(4096/64)-5, %ecx .p2align 4 -@@ -38,7 +39,7 @@ ENTRY(copy_page) +@@ -41,7 +42,7 @@ ENTRY(copy_page_regs) movq 0x8*4(%rsi), %r9 movq 0x8*5(%rsi), %r10 movq 0x8*6(%rsi), %r11 @@ -29900,7 +30147,7 @@ index 176cca6..e0d658e 100644 prefetcht0 5*64(%rsi) -@@ -49,7 +50,7 @@ ENTRY(copy_page) +@@ -52,7 +53,7 @@ ENTRY(copy_page_regs) movq %r9, 0x8*4(%rdi) movq %r10, 0x8*5(%rdi) movq %r11, 0x8*6(%rdi) @@ -29909,7 +30156,7 @@ index 176cca6..e0d658e 100644 leaq 64 (%rsi), %rsi leaq 64 (%rdi), %rdi -@@ -68,7 +69,7 @@ ENTRY(copy_page) +@@ -71,7 +72,7 @@ ENTRY(copy_page_regs) movq 0x8*4(%rsi), %r9 movq 0x8*5(%rsi), %r10 movq 0x8*6(%rsi), %r11 @@ -29918,7 +30165,7 @@ index 176cca6..e0d658e 100644 movq %rax, 0x8*0(%rdi) movq %rbx, 0x8*1(%rdi) -@@ -77,7 +78,7 @@ ENTRY(copy_page) +@@ -80,7 +81,7 @@ ENTRY(copy_page_regs) movq %r9, 0x8*4(%rdi) movq %r10, 0x8*5(%rdi) movq %r11, 0x8*6(%rdi) @@ -29927,7 +30174,7 @@ index 176cca6..e0d658e 100644 leaq 64(%rdi), %rdi leaq 64(%rsi), %rsi -@@ -85,10 +86,11 @@ ENTRY(copy_page) +@@ -88,10 +89,11 @@ ENTRY(copy_page_regs) movq (%rsp), %rbx CFI_RESTORE rbx @@ -29939,56 +30186,22 @@ index 176cca6..e0d658e 100644 CFI_ADJUST_CFA_OFFSET -2*8 + pax_force_retaddr ret - .Lcopy_page_end: CFI_ENDPROC -@@ -99,7 +101,7 @@ ENDPROC(copy_page) - - #include <asm/cpufeature.h> - -- .section .altinstr_replacement,"ax" -+ .section .altinstr_replacement,"a" - 1: .byte 0xeb /* jmp <disp8> */ - .byte (copy_page_rep - copy_page) - (2f - 1b) /* offset */ - 2: + ENDPROC(copy_page_regs) diff --git a/arch/x86/lib/copy_user_64.S b/arch/x86/lib/copy_user_64.S -index dee945d..a84067b 100644 +index fa997df..060ab18 100644 --- a/arch/x86/lib/copy_user_64.S +++ b/arch/x86/lib/copy_user_64.S -@@ -18,31 +18,7 @@ +@@ -15,6 +15,7 @@ #include <asm/alternative-asm.h> #include <asm/asm.h> #include <asm/smap.h> -- --/* -- * By placing feature2 after feature1 in altinstructions section, we logically -- * implement: -- * If CPU has feature2, jmp to alt2 is used -- * else if CPU has feature1, jmp to alt1 is used -- * else jmp to orig is used. -- */ -- .macro ALTERNATIVE_JUMP feature1,feature2,orig,alt1,alt2 --0: -- .byte 0xe9 /* 32bit jump */ -- .long \orig-1f /* by default jump to orig */ --1: -- .section .altinstr_replacement,"ax" --2: .byte 0xe9 /* near jump with 32bit immediate */ -- .long \alt1-1b /* offset */ /* or alternatively to alt1 */ --3: .byte 0xe9 /* near jump with 32bit immediate */ -- .long \alt2-1b /* offset */ /* or alternatively to alt2 */ -- .previous -- -- .section .altinstructions,"a" -- altinstruction_entry 0b,2b,\feature1,5,5 -- altinstruction_entry 0b,3b,\feature2,5,5 -- .previous -- .endm +#include <asm/pgtable.h> .macro ALIGN_DESTINATION - #ifdef FIX_ALIGNMENT -@@ -70,52 +46,6 @@ - #endif + /* check for bad alignment of destination */ +@@ -40,56 +41,6 @@ + _ASM_EXTABLE(101b,103b) .endm -/* Standard copy_to_user with segment limit checking */ @@ -30000,9 +30213,11 @@ index dee945d..a84067b 100644 - jc bad_to_user - cmpq TI_addr_limit(%rax),%rcx - ja bad_to_user -- ALTERNATIVE_JUMP X86_FEATURE_REP_GOOD,X86_FEATURE_ERMS, \ -- copy_user_generic_unrolled,copy_user_generic_string, \ -- copy_user_enhanced_fast_string +- ALTERNATIVE_2 "jmp copy_user_generic_unrolled", \ +- "jmp copy_user_generic_string", \ +- X86_FEATURE_REP_GOOD, \ +- "jmp copy_user_enhanced_fast_string", \ +- X86_FEATURE_ERMS - CFI_ENDPROC -ENDPROC(_copy_to_user) - @@ -30015,9 +30230,11 @@ index dee945d..a84067b 100644 - jc bad_from_user - cmpq TI_addr_limit(%rax),%rcx - ja bad_from_user -- ALTERNATIVE_JUMP X86_FEATURE_REP_GOOD,X86_FEATURE_ERMS, \ -- copy_user_generic_unrolled,copy_user_generic_string, \ -- copy_user_enhanced_fast_string +- ALTERNATIVE_2 "jmp copy_user_generic_unrolled", \ +- "jmp copy_user_generic_string", \ +- X86_FEATURE_REP_GOOD, \ +- "jmp copy_user_enhanced_fast_string", \ +- X86_FEATURE_ERMS - CFI_ENDPROC -ENDPROC(_copy_from_user) - @@ -30040,7 +30257,7 @@ index dee945d..a84067b 100644 /* * copy_user_generic_unrolled - memory copy with exception handling. * This version is for CPUs like P4 that don't have efficient micro -@@ -131,6 +61,7 @@ ENDPROC(bad_from_user) +@@ -105,6 +56,7 @@ ENDPROC(bad_from_user) */ ENTRY(copy_user_generic_unrolled) CFI_STARTPROC @@ -30048,7 +30265,7 @@ index dee945d..a84067b 100644 ASM_STAC cmpl $8,%edx jb 20f /* less then 8 bytes, go to byte copy loop */ -@@ -180,6 +111,8 @@ ENTRY(copy_user_generic_unrolled) +@@ -154,6 +106,8 @@ ENTRY(copy_user_generic_unrolled) jnz 21b 23: xor %eax,%eax ASM_CLAC @@ -30057,7 +30274,7 @@ index dee945d..a84067b 100644 ret .section .fixup,"ax" -@@ -235,6 +168,7 @@ ENDPROC(copy_user_generic_unrolled) +@@ -209,6 +163,7 @@ ENDPROC(copy_user_generic_unrolled) */ ENTRY(copy_user_generic_string) CFI_STARTPROC @@ -30065,7 +30282,7 @@ index dee945d..a84067b 100644 ASM_STAC cmpl $8,%edx jb 2f /* less than 8 bytes, go to byte copy loop */ -@@ -249,6 +183,8 @@ ENTRY(copy_user_generic_string) +@@ -223,6 +178,8 @@ ENTRY(copy_user_generic_string) movsb xorl %eax,%eax ASM_CLAC @@ -30074,7 +30291,7 @@ index dee945d..a84067b 100644 ret .section .fixup,"ax" -@@ -276,12 +212,15 @@ ENDPROC(copy_user_generic_string) +@@ -250,12 +207,15 @@ ENDPROC(copy_user_generic_string) */ ENTRY(copy_user_enhanced_fast_string) CFI_STARTPROC @@ -30138,7 +30355,7 @@ index 6a4f43c..c70fb52 100644 .section .fixup,"ax" diff --git a/arch/x86/lib/csum-copy_64.S b/arch/x86/lib/csum-copy_64.S -index 2419d5f..fe52d0e 100644 +index 9734182..dbee61c 100644 --- a/arch/x86/lib/csum-copy_64.S +++ b/arch/x86/lib/csum-copy_64.S @@ -9,6 +9,7 @@ @@ -30398,7 +30615,7 @@ index a451235..a74bfa3 100644 CFI_ENDPROC END(bad_get_user_8) diff --git a/arch/x86/lib/insn.c b/arch/x86/lib/insn.c -index 85994f5..9929d7f 100644 +index 8f72b33..a43d9969 100644 --- a/arch/x86/lib/insn.c +++ b/arch/x86/lib/insn.c @@ -20,8 +20,10 @@ @@ -30446,41 +30663,26 @@ index 05a95e7..326f2fa 100644 CFI_ENDPROC ENDPROC(__iowrite32_copy) diff --git a/arch/x86/lib/memcpy_64.S b/arch/x86/lib/memcpy_64.S -index 89b53c9..97357ca 100644 +index b046664..dec9465 100644 --- a/arch/x86/lib/memcpy_64.S +++ b/arch/x86/lib/memcpy_64.S -@@ -24,7 +24,7 @@ - * This gets patched over the unrolled variant (below) via the - * alternative instructions framework: - */ -- .section .altinstr_replacement, "ax", @progbits -+ .section .altinstr_replacement, "a", @progbits - .Lmemcpy_c: - movq %rdi, %rax - movq %rdx, %rcx -@@ -33,6 +33,7 @@ +@@ -37,6 +37,7 @@ ENTRY(memcpy) rep movsq movl %edx, %ecx rep movsb + pax_force_retaddr ret - .Lmemcpy_e: - .previous -@@ -44,11 +45,12 @@ - * This gets patched over the unrolled variant (below) via the - * alternative instructions framework: - */ -- .section .altinstr_replacement, "ax", @progbits -+ .section .altinstr_replacement, "a", @progbits - .Lmemcpy_c_e: + ENDPROC(memcpy) + ENDPROC(__memcpy) +@@ -49,6 +50,7 @@ ENTRY(memcpy_erms) movq %rdi, %rax movq %rdx, %rcx rep movsb + pax_force_retaddr ret - .Lmemcpy_e_e: - .previous -@@ -138,6 +140,7 @@ ENTRY(memcpy) + ENDPROC(memcpy_erms) + +@@ -134,6 +136,7 @@ ENTRY(memcpy_orig) movq %r9, 1*8(%rdi) movq %r10, -2*8(%rdi, %rdx) movq %r11, -1*8(%rdi, %rdx) @@ -30488,7 +30690,7 @@ index 89b53c9..97357ca 100644 retq .p2align 4 .Lless_16bytes: -@@ -150,6 +153,7 @@ ENTRY(memcpy) +@@ -146,6 +149,7 @@ ENTRY(memcpy_orig) movq -1*8(%rsi, %rdx), %r9 movq %r8, 0*8(%rdi) movq %r9, -1*8(%rdi, %rdx) @@ -30496,7 +30698,7 @@ index 89b53c9..97357ca 100644 retq .p2align 4 .Lless_8bytes: -@@ -163,6 +167,7 @@ ENTRY(memcpy) +@@ -159,6 +163,7 @@ ENTRY(memcpy_orig) movl -4(%rsi, %rdx), %r8d movl %ecx, (%rdi) movl %r8d, -4(%rdi, %rdx) @@ -30504,74 +30706,56 @@ index 89b53c9..97357ca 100644 retq .p2align 4 .Lless_3bytes: -@@ -181,6 +186,7 @@ ENTRY(memcpy) +@@ -177,6 +182,7 @@ ENTRY(memcpy_orig) movb %cl, (%rdi) .Lend: + pax_force_retaddr retq CFI_ENDPROC - ENDPROC(memcpy) + ENDPROC(memcpy_orig) diff --git a/arch/x86/lib/memmove_64.S b/arch/x86/lib/memmove_64.S -index 9c4b530..830b77a 100644 +index 0f8a0d0..f6e0ea4 100644 --- a/arch/x86/lib/memmove_64.S +++ b/arch/x86/lib/memmove_64.S -@@ -205,14 +205,16 @@ ENTRY(__memmove) +@@ -43,7 +43,7 @@ ENTRY(__memmove) + jg 2f + + .Lmemmove_begin_forward: +- ALTERNATIVE "", "movq %rdx, %rcx; rep movsb; retq", X86_FEATURE_ERMS ++ ALTERNATIVE "", "movq %rdx, %rcx; rep movsb; pax_force_retaddr; retq", X86_FEATURE_ERMS + + /* + * movsq instruction have many startup latency +@@ -206,6 +206,7 @@ ENTRY(__memmove) movb (%rsi), %r11b movb %r11b, (%rdi) 13: + pax_force_retaddr retq CFI_ENDPROC - -- .section .altinstr_replacement,"ax" -+ .section .altinstr_replacement,"a" - .Lmemmove_begin_forward_efs: - /* Forward moving data. */ - movq %rdx, %rcx - rep movsb -+ pax_force_retaddr - retq - .Lmemmove_end_forward_efs: - .previous + ENDPROC(__memmove) diff --git a/arch/x86/lib/memset_64.S b/arch/x86/lib/memset_64.S -index 6f44935..fbf5f6d 100644 +index 93118fb..386ed2a 100644 --- a/arch/x86/lib/memset_64.S +++ b/arch/x86/lib/memset_64.S -@@ -16,7 +16,7 @@ - * - * rax original destination - */ -- .section .altinstr_replacement, "ax", @progbits -+ .section .altinstr_replacement, "a", @progbits - .Lmemset_c: - movq %rdi,%r9 - movq %rdx,%rcx -@@ -30,6 +30,7 @@ +@@ -41,6 +41,7 @@ ENTRY(__memset) movl %edx,%ecx rep stosb movq %r9,%rax + pax_force_retaddr ret - .Lmemset_e: - .previous -@@ -45,13 +46,14 @@ - * - * rax original destination - */ -- .section .altinstr_replacement, "ax", @progbits -+ .section .altinstr_replacement, "a", @progbits - .Lmemset_c_e: - movq %rdi,%r9 - movb %sil,%al + ENDPROC(memset) + ENDPROC(__memset) +@@ -62,6 +63,7 @@ ENTRY(memset_erms) movq %rdx,%rcx rep stosb movq %r9,%rax + pax_force_retaddr ret - .Lmemset_e_e: - .previous -@@ -120,6 +122,7 @@ ENTRY(__memset) + ENDPROC(memset_erms) + +@@ -126,6 +128,7 @@ ENTRY(memset_orig) .Lende: movq %r10,%rax @@ -30899,7 +31083,7 @@ index c9f2d9b..e7fd2c0 100644 from += 64; to += 64; diff --git a/arch/x86/lib/msr-reg.S b/arch/x86/lib/msr-reg.S -index f6d13ee..d789440 100644 +index 3ca5218..c2ae6bc 100644 --- a/arch/x86/lib/msr-reg.S +++ b/arch/x86/lib/msr-reg.S @@ -3,6 +3,7 @@ @@ -30912,8 +31096,8 @@ index f6d13ee..d789440 100644 /* @@ -37,6 +38,7 @@ ENTRY(\op\()_safe_regs) movl %edi, 28(%r10) - popq_cfi %rbp - popq_cfi %rbx + popq_cfi_reg rbp + popq_cfi_reg rbx + pax_force_retaddr ret 3: @@ -31069,18 +31253,18 @@ index fc6ba17..14ad9a5 100644 xor %eax,%eax EXIT diff --git a/arch/x86/lib/rwsem.S b/arch/x86/lib/rwsem.S -index 5dff5f0..cadebf4 100644 +index 2322abe..1e78a75 100644 --- a/arch/x86/lib/rwsem.S +++ b/arch/x86/lib/rwsem.S -@@ -94,6 +94,7 @@ ENTRY(call_rwsem_down_read_failed) - __ASM_SIZE(pop,_cfi) %__ASM_REG(dx) - CFI_RESTORE __ASM_REG(dx) +@@ -92,6 +92,7 @@ ENTRY(call_rwsem_down_read_failed) + call rwsem_down_read_failed + __ASM_SIZE(pop,_cfi_reg) __ASM_REG(dx) restore_common_regs + pax_force_retaddr ret CFI_ENDPROC ENDPROC(call_rwsem_down_read_failed) -@@ -104,6 +105,7 @@ ENTRY(call_rwsem_down_write_failed) +@@ -102,6 +103,7 @@ ENTRY(call_rwsem_down_write_failed) movq %rax,%rdi call rwsem_down_write_failed restore_common_regs @@ -31088,7 +31272,7 @@ index 5dff5f0..cadebf4 100644 ret CFI_ENDPROC ENDPROC(call_rwsem_down_write_failed) -@@ -117,7 +119,8 @@ ENTRY(call_rwsem_wake) +@@ -115,7 +117,8 @@ ENTRY(call_rwsem_wake) movq %rax,%rdi call rwsem_wake restore_common_regs @@ -31098,16 +31282,16 @@ index 5dff5f0..cadebf4 100644 CFI_ENDPROC ENDPROC(call_rwsem_wake) -@@ -131,6 +134,7 @@ ENTRY(call_rwsem_downgrade_wake) - __ASM_SIZE(pop,_cfi) %__ASM_REG(dx) - CFI_RESTORE __ASM_REG(dx) +@@ -127,6 +130,7 @@ ENTRY(call_rwsem_downgrade_wake) + call rwsem_downgrade_wake + __ASM_SIZE(pop,_cfi_reg) __ASM_REG(dx) restore_common_regs + pax_force_retaddr ret CFI_ENDPROC ENDPROC(call_rwsem_downgrade_wake) diff --git a/arch/x86/lib/thunk_64.S b/arch/x86/lib/thunk_64.S -index b30b5eb..2b57052 100644 +index f89ba4e9..512b2de 100644 --- a/arch/x86/lib/thunk_64.S +++ b/arch/x86/lib/thunk_64.S @@ -9,6 +9,7 @@ @@ -31118,30 +31302,10 @@ index b30b5eb..2b57052 100644 /* rdi: arg1 ... normal C conventions. rax is saved/restored. */ .macro THUNK name, func, put_ret_addr_in_rdi=0 -@@ -16,11 +17,11 @@ - \name: - CFI_STARTPROC - -- /* this one pushes 9 elems, the next one would be %rIP */ -- SAVE_ARGS -+ /* this one pushes 15+1 elems, the next one would be %rIP */ -+ SAVE_ARGS 8 - - .if \put_ret_addr_in_rdi -- movq_cfi_restore 9*8, rdi -+ movq_cfi_restore RIP, rdi - .endif - - call \func -@@ -47,9 +48,10 @@ - - /* SAVE_ARGS below is used only for the .cfi directives it contains. */ - CFI_STARTPROC -- SAVE_ARGS -+ SAVE_ARGS 8 - restore: -- RESTORE_ARGS -+ RESTORE_ARGS 1,8 +@@ -69,6 +70,7 @@ restore: + popq_cfi_reg rdx + popq_cfi_reg rsi + popq_cfi_reg rdi + pax_force_retaddr ret CFI_ENDPROC @@ -31805,17 +31969,17 @@ index 0a42327..7a82465 100644 return len; } diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile -index c4cc740..60a7362 100644 +index a482d10..1a6edb5 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile -@@ -35,3 +35,7 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o - obj-$(CONFIG_MEMTEST) += memtest.o +@@ -33,3 +33,7 @@ obj-$(CONFIG_ACPI_NUMA) += srat.o + obj-$(CONFIG_NUMA_EMU) += numa_emulation.o obj-$(CONFIG_X86_INTEL_MPX) += mpx.o + +quote:=" +obj-$(CONFIG_X86_64) += uderef_64.o -+CFLAGS_uderef_64.o := $(subst $(quote),,$(CONFIG_ARCH_HWEIGHT_CFLAGS)) ++CFLAGS_uderef_64.o := $(subst $(quote),,$(CONFIG_ARCH_HWEIGHT_CFLAGS)) -fcall-saved-rax diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c index 903ec1e..c4166b2 100644 --- a/arch/x86/mm/extable.c @@ -31871,7 +32035,7 @@ index 903ec1e..c4166b2 100644 } diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c -index ede025f..ecc2d96 100644 +index 181c53b..d336596 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -13,12 +13,19 @@ @@ -31894,15 +32058,6 @@ index ede025f..ecc2d96 100644 #define CREATE_TRACE_POINTS #include <asm/trace/exceptions.h> -@@ -59,7 +66,7 @@ static nokprobe_inline int kprobes_fault(struct pt_regs *regs) - int ret = 0; - - /* kprobe_running() needs smp_processor_id() */ -- if (kprobes_built_in() && !user_mode_vm(regs)) { -+ if (kprobes_built_in() && !user_mode(regs)) { - preempt_disable(); - if (kprobe_running() && kprobe_fault_handler(regs, 14)) - ret = 1; @@ -120,7 +127,10 @@ check_prefetch_opcode(struct pt_regs *regs, unsigned char *instr, return !instr_lo || (instr_lo>>1) == 1; case 0x00: @@ -32136,11 +32291,19 @@ index ede025f..ecc2d96 100644 code = BUS_MCEERR_AR; } #endif -@@ -916,6 +1028,99 @@ static int spurious_fault_check(unsigned long error_code, pte_t *pte) +@@ -916,6 +1028,107 @@ static int spurious_fault_check(unsigned long error_code, pte_t *pte) return 1; } +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_PAGEEXEC) ++static inline unsigned long get_limit(unsigned long segment) ++{ ++ unsigned long __limit; ++ ++ asm("lsll %1,%0" : "=r" (__limit) : "r" (segment)); ++ return __limit + 1; ++} ++ +static int pax_handle_pageexec_fault(struct pt_regs *regs, struct mm_struct *mm, unsigned long address, unsigned long error_code) +{ + pte_t *pte; @@ -32236,7 +32399,7 @@ index ede025f..ecc2d96 100644 /* * Handle a spurious fault caused by a stale TLB entry. * -@@ -1001,6 +1206,9 @@ int show_unhandled_signals = 1; +@@ -1001,6 +1214,9 @@ int show_unhandled_signals = 1; static inline int access_error(unsigned long error_code, struct vm_area_struct *vma) { @@ -32246,16 +32409,7 @@ index ede025f..ecc2d96 100644 if (error_code & PF_WRITE) { /* write, present and write, not present: */ if (unlikely(!(vma->vm_flags & VM_WRITE))) -@@ -1035,7 +1243,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs) - if (error_code & PF_USER) - return false; - -- if (!user_mode_vm(regs) && (regs->flags & X86_EFLAGS_AC)) -+ if (!user_mode(regs) && (regs->flags & X86_EFLAGS_AC)) - return false; - - return true; -@@ -1063,6 +1271,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, +@@ -1063,6 +1279,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, tsk = current; mm = tsk->mm; @@ -32278,16 +32432,7 @@ index ede025f..ecc2d96 100644 /* * Detect and handle instructions that would cause a page fault for * both a tracked kernel page and a userspace page. -@@ -1140,7 +1364,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, - * User-mode registers count as a user access even for any - * potential system fault or CPU buglet: - */ -- if (user_mode_vm(regs)) { -+ if (user_mode(regs)) { - local_irq_enable(); - error_code |= PF_USER; - flags |= FAULT_FLAG_USER; -@@ -1187,6 +1411,11 @@ retry: +@@ -1187,6 +1419,11 @@ retry: might_sleep(); } @@ -32299,7 +32444,7 @@ index ede025f..ecc2d96 100644 vma = find_vma(mm, address); if (unlikely(!vma)) { bad_area(regs, error_code, address); -@@ -1198,18 +1427,24 @@ retry: +@@ -1198,18 +1435,24 @@ retry: bad_area(regs, error_code, address); return; } @@ -32335,7 +32480,7 @@ index ede025f..ecc2d96 100644 if (unlikely(expand_stack(vma, address))) { bad_area(regs, error_code, address); return; -@@ -1329,3 +1564,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) +@@ -1329,3 +1572,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) } NOKPROBE_SYMBOL(trace_do_page_fault); #endif /* CONFIG_TRACING */ @@ -32771,7 +32916,7 @@ index 42982b2..7168fc3 100644 #endif /* CONFIG_HUGETLB_PAGE */ diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c -index a110efc..a31a18f 100644 +index 1d55318..d58fd6a 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -4,6 +4,7 @@ @@ -32791,7 +32936,7 @@ index a110efc..a31a18f 100644 /* * We need to define the tracepoints somewhere, and tlb.c -@@ -620,7 +623,18 @@ void __init init_mem_mapping(void) +@@ -615,7 +618,18 @@ void __init init_mem_mapping(void) early_ioremap_page_table_range_init(); #endif @@ -32810,7 +32955,7 @@ index a110efc..a31a18f 100644 __flush_tlb_all(); early_memtest(0, max_pfn_mapped << PAGE_SHIFT); -@@ -636,10 +650,40 @@ void __init init_mem_mapping(void) +@@ -631,10 +645,40 @@ void __init init_mem_mapping(void) * Access has to be given to non-kernel-ram areas as well, these contain the PCI * mmio resources as well as potential bios/acpi data regions. */ @@ -32852,7 +32997,7 @@ index a110efc..a31a18f 100644 if (iomem_is_exclusive(pagenr << PAGE_SHIFT)) return 0; if (!page_is_ram(pagenr)) -@@ -685,8 +729,117 @@ void free_init_pages(char *what, unsigned long begin, unsigned long end) +@@ -680,8 +724,117 @@ void free_init_pages(char *what, unsigned long begin, unsigned long end) #endif } @@ -33224,10 +33369,10 @@ index c8140e1..59257fc 100644 printk(KERN_INFO "Write protecting the kernel text: %luk\n", size >> 10); diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c -index 30eb05a..ae671ac 100644 +index 3fba623..5ee9802 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c -@@ -150,7 +150,7 @@ early_param("gbpages", parse_direct_gbpages_on); +@@ -136,7 +136,7 @@ int kernel_ident_mapping_init(struct x86_mapping_info *info, pgd_t *pgd_page, * around without checking the pgd every time. */ @@ -33236,7 +33381,7 @@ index 30eb05a..ae671ac 100644 EXPORT_SYMBOL_GPL(__supported_pte_mask); int force_personality32; -@@ -183,7 +183,12 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) +@@ -169,7 +169,12 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) for (address = start; address <= end; address += PGDIR_SIZE) { const pgd_t *pgd_ref = pgd_offset_k(address); @@ -33249,7 +33394,7 @@ index 30eb05a..ae671ac 100644 /* * When it is called after memory hot remove, pgd_none() -@@ -194,6 +199,25 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) +@@ -180,6 +185,25 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) continue; spin_lock(&pgd_lock); @@ -33275,7 +33420,7 @@ index 30eb05a..ae671ac 100644 list_for_each_entry(page, &pgd_list, lru) { pgd_t *pgd; spinlock_t *pgt_lock; -@@ -202,6 +226,7 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) +@@ -188,6 +212,7 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) /* the pgt_lock only for Xen */ pgt_lock = &pgd_page_get_mm(page)->page_table_lock; spin_lock(pgt_lock); @@ -33283,7 +33428,7 @@ index 30eb05a..ae671ac 100644 if (!pgd_none(*pgd_ref) && !pgd_none(*pgd)) BUG_ON(pgd_page_vaddr(*pgd) -@@ -215,7 +240,10 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) +@@ -201,7 +226,10 @@ void sync_global_pgds(unsigned long start, unsigned long end, int removed) set_pgd(pgd, *pgd_ref); } @@ -33294,7 +33439,7 @@ index 30eb05a..ae671ac 100644 } spin_unlock(&pgd_lock); } -@@ -248,7 +276,7 @@ static pud_t *fill_pud(pgd_t *pgd, unsigned long vaddr) +@@ -234,7 +262,7 @@ static pud_t *fill_pud(pgd_t *pgd, unsigned long vaddr) { if (pgd_none(*pgd)) { pud_t *pud = (pud_t *)spp_getpage(); @@ -33303,7 +33448,7 @@ index 30eb05a..ae671ac 100644 if (pud != pud_offset(pgd, 0)) printk(KERN_ERR "PAGETABLE BUG #00! %p <-> %p\n", pud, pud_offset(pgd, 0)); -@@ -260,7 +288,7 @@ static pmd_t *fill_pmd(pud_t *pud, unsigned long vaddr) +@@ -246,7 +274,7 @@ static pmd_t *fill_pmd(pud_t *pud, unsigned long vaddr) { if (pud_none(*pud)) { pmd_t *pmd = (pmd_t *) spp_getpage(); @@ -33312,7 +33457,7 @@ index 30eb05a..ae671ac 100644 if (pmd != pmd_offset(pud, 0)) printk(KERN_ERR "PAGETABLE BUG #01! %p <-> %p\n", pmd, pmd_offset(pud, 0)); -@@ -289,7 +317,9 @@ void set_pte_vaddr_pud(pud_t *pud_page, unsigned long vaddr, pte_t new_pte) +@@ -275,7 +303,9 @@ void set_pte_vaddr_pud(pud_t *pud_page, unsigned long vaddr, pte_t new_pte) pmd = fill_pmd(pud, vaddr); pte = fill_pte(pmd, vaddr); @@ -33322,7 +33467,7 @@ index 30eb05a..ae671ac 100644 /* * It's enough to flush this one mapping. -@@ -351,14 +381,12 @@ static void __init __init_extra_mapping(unsigned long phys, unsigned long size, +@@ -337,14 +367,12 @@ static void __init __init_extra_mapping(unsigned long phys, unsigned long size, pgd = pgd_offset_k((unsigned long)__va(phys)); if (pgd_none(*pgd)) { pud = (pud_t *) spp_getpage(); @@ -33339,7 +33484,7 @@ index 30eb05a..ae671ac 100644 } pmd = pmd_offset(pud, phys); BUG_ON(!pmd_none(*pmd)); -@@ -599,7 +627,7 @@ phys_pud_init(pud_t *pud_page, unsigned long addr, unsigned long end, +@@ -585,7 +613,7 @@ phys_pud_init(pud_t *pud_page, unsigned long addr, unsigned long end, prot); spin_lock(&init_mm.page_table_lock); @@ -33348,7 +33493,7 @@ index 30eb05a..ae671ac 100644 spin_unlock(&init_mm.page_table_lock); } __flush_tlb_all(); -@@ -640,7 +668,7 @@ kernel_physical_mapping_init(unsigned long start, +@@ -626,7 +654,7 @@ kernel_physical_mapping_init(unsigned long start, page_size_mask); spin_lock(&init_mm.page_table_lock); @@ -33374,7 +33519,7 @@ index 9ca35fc..4b2b7b7 100644 return (void *)vaddr; diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c -index fdf617c..b9e85bc 100644 +index 70e7444..75b9a13 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -56,8 +56,8 @@ static int __ioremap_check_ram(unsigned long start_pfn, unsigned long nr_pages, @@ -33388,7 +33533,7 @@ index fdf617c..b9e85bc 100644 return 1; WARN_ONCE(1, "ioremap on RAM pfn 0x%lx\n", start_pfn); -@@ -283,7 +283,7 @@ EXPORT_SYMBOL(ioremap_prot); +@@ -288,7 +288,7 @@ EXPORT_SYMBOL(ioremap_prot); * * Caller must ensure there is only one unmapping for the same pointer. */ @@ -33397,39 +33542,52 @@ index fdf617c..b9e85bc 100644 { struct vm_struct *p, *o; -@@ -332,30 +332,29 @@ EXPORT_SYMBOL(iounmap); +@@ -351,32 +351,36 @@ int arch_ioremap_pmd_supported(void) */ void *xlate_dev_mem_ptr(phys_addr_t phys) { -- void *addr; -- unsigned long start = phys & PAGE_MASK; -- - /* If page is RAM, we can use __va. Otherwise ioremap and unmap. */ +- unsigned long start = phys & PAGE_MASK; +- unsigned long offset = phys & ~PAGE_MASK; +- unsigned long vaddr; ++ phys_addr_t pfn = phys >> PAGE_SHIFT; + +- /* If page is RAM, we can use __va. Otherwise ioremap and unmap. */ - if (page_is_ram(start >> PAGE_SHIFT)) -+ if (page_is_ram(phys >> PAGE_SHIFT)) +- return __va(phys); ++ if (page_is_ram(pfn)) { +#ifdef CONFIG_HIGHMEM -+ if ((phys >> PAGE_SHIFT) < max_low_pfn) ++ if (pfn >= max_low_pfn) ++ return kmap_high(pfn_to_page(pfn)); ++ else +#endif - return __va(phys); ++ return __va(phys); ++ } -- addr = (void __force *)ioremap_cache(start, PAGE_SIZE); -- if (addr) -- addr = (void *)((unsigned long)addr | (phys & ~PAGE_MASK)); +- vaddr = (unsigned long)ioremap_cache(start, PAGE_SIZE); +- /* Only add the offset on success and return NULL if the ioremap() failed: */ +- if (vaddr) +- vaddr += offset; - -- return addr; -+ return (void __force *)ioremap_cache(phys, PAGE_SIZE); +- return (void *)vaddr; ++ return (void __force *)ioremap_cache(phys, 1); } void unxlate_dev_mem_ptr(phys_addr_t phys, void *addr) { - if (page_is_ram(phys >> PAGE_SHIFT)) +- if (page_is_ram(phys >> PAGE_SHIFT)) ++ phys_addr_t pfn = phys >> PAGE_SHIFT; ++ ++ if (page_is_ram(pfn)) { +#ifdef CONFIG_HIGHMEM -+ if ((phys >> PAGE_SHIFT) < max_low_pfn) ++ if (pfn >= max_low_pfn) ++ kunmap_high(pfn_to_page(pfn)); +#endif return; ++ } - iounmap((void __iomem *)((unsigned long)addr & PAGE_MASK)); - return; +- iounmap((void __iomem *)((unsigned long)addr & PAGE_MASK)); +- return; ++ iounmap((void __iomem __force *)addr); } -static pte_t bm_pte[PAGE_SIZE/sizeof(pte_t)] __page_aligned_bss; @@ -33437,7 +33595,7 @@ index fdf617c..b9e85bc 100644 static inline pmd_t * __init early_ioremap_pmd(unsigned long addr) { -@@ -391,8 +390,7 @@ void __init early_ioremap_init(void) +@@ -412,8 +416,7 @@ void __init early_ioremap_init(void) early_ioremap_setup(); pmd = early_ioremap_pmd(fix_to_virt(FIX_BTMAP_BEGIN)); @@ -33464,7 +33622,7 @@ index b4f2e7e..96c9c3e 100644 pte = kmemcheck_pte_lookup(address); diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c -index df4552b..12c129c 100644 +index 9d518d6..8a091f5 100644 --- a/arch/x86/mm/mmap.c +++ b/arch/x86/mm/mmap.c @@ -52,7 +52,7 @@ static unsigned long stack_maxrandom_size(void) @@ -33476,12 +33634,12 @@ index df4552b..12c129c 100644 static int mmap_is_legacy(void) { -@@ -82,27 +82,40 @@ static unsigned long mmap_rnd(void) +@@ -81,27 +81,40 @@ unsigned long arch_mmap_rnd(void) return rnd << PAGE_SHIFT; } --static unsigned long mmap_base(void) -+static unsigned long mmap_base(struct mm_struct *mm) +-static unsigned long mmap_base(unsigned long rnd) ++static unsigned long mmap_base(struct mm_struct *mm, unsigned long rnd) { unsigned long gap = rlimit(RLIMIT_STACK); + unsigned long pax_task_size = TASK_SIZE; @@ -33496,16 +33654,16 @@ index df4552b..12c129c 100644 else if (gap > MAX_GAP) gap = MAX_GAP; -- return PAGE_ALIGN(TASK_SIZE - gap - mmap_rnd()); -+ return PAGE_ALIGN(pax_task_size - gap - mmap_rnd()); +- return PAGE_ALIGN(TASK_SIZE - gap - rnd); ++ return PAGE_ALIGN(pax_task_size - gap - rnd); } /* * Bottom-up (legacy) layout on X86_32 did not support randomization, X86_64 * does, but not when emulating X86_32 */ --static unsigned long mmap_legacy_base(void) -+static unsigned long mmap_legacy_base(struct mm_struct *mm) +-static unsigned long mmap_legacy_base(unsigned long rnd) ++static unsigned long mmap_legacy_base(struct mm_struct *mm, unsigned long rnd) { - if (mmap_is_ia32()) + if (mmap_is_ia32()) { @@ -33519,17 +33677,30 @@ index df4552b..12c129c 100644 return TASK_UNMAPPED_BASE; - else + } else - return TASK_UNMAPPED_BASE + mmap_rnd(); + return TASK_UNMAPPED_BASE + rnd; } -@@ -112,8 +125,15 @@ static unsigned long mmap_legacy_base(void) - */ - void arch_pick_mmap_layout(struct mm_struct *mm) +@@ -113,16 +126,27 @@ void arch_pick_mmap_layout(struct mm_struct *mm) { -- mm->mmap_legacy_base = mmap_legacy_base(); -- mm->mmap_base = mmap_base(); -+ mm->mmap_legacy_base = mmap_legacy_base(mm); -+ mm->mmap_base = mmap_base(mm); + unsigned long random_factor = 0UL; + ++#ifdef CONFIG_PAX_RANDMMAP ++ if (!(mm->pax_flags & MF_PAX_RANDMMAP)) ++#endif + if (current->flags & PF_RANDOMIZE) + random_factor = arch_mmap_rnd(); + +- mm->mmap_legacy_base = mmap_legacy_base(random_factor); ++ mm->mmap_legacy_base = mmap_legacy_base(mm, random_factor); + + if (mmap_is_legacy()) { + mm->mmap_base = mm->mmap_legacy_base; + mm->get_unmapped_area = arch_get_unmapped_area; + } else { +- mm->mmap_base = mmap_base(random_factor); ++ mm->mmap_base = mmap_base(mm, random_factor); + mm->get_unmapped_area = arch_get_unmapped_area_topdown; + } + +#ifdef CONFIG_PAX_RANDMMAP + if (mm->pax_flags & MF_PAX_RANDMMAP) { @@ -33537,9 +33708,8 @@ index df4552b..12c129c 100644 + mm->mmap_base -= mm->delta_mmap + mm->delta_stack; + } +#endif - - if (mmap_is_legacy()) { - mm->mmap_base = mm->mmap_legacy_base; ++ + } diff --git a/arch/x86/mm/mmio-mod.c b/arch/x86/mm/mmio-mod.c index 0057a7a..95c7edd 100644 --- a/arch/x86/mm/mmio-mod.c @@ -33590,10 +33760,10 @@ index 0057a7a..95c7edd 100644 might_sleep(); if (is_enabled()) /* recheck and proper locking in *_core() */ diff --git a/arch/x86/mm/numa.c b/arch/x86/mm/numa.c -index cd4785b..25188b6 100644 +index 4053bb5..b1ad3dc 100644 --- a/arch/x86/mm/numa.c +++ b/arch/x86/mm/numa.c -@@ -499,7 +499,7 @@ static void __init numa_clear_kernel_node_hotplug(void) +@@ -506,7 +506,7 @@ static void __init numa_clear_kernel_node_hotplug(void) } } @@ -33603,10 +33773,10 @@ index cd4785b..25188b6 100644 unsigned long uninitialized_var(pfn_align); int i, nid; diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c -index 536ea2f..f42c293 100644 +index 89af288..05381957 100644 --- a/arch/x86/mm/pageattr.c +++ b/arch/x86/mm/pageattr.c -@@ -262,7 +262,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -260,7 +260,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, */ #ifdef CONFIG_PCI_BIOS if (pcibios_enabled && within(pfn, BIOS_BEGIN >> PAGE_SHIFT, BIOS_END >> PAGE_SHIFT)) @@ -33615,7 +33785,7 @@ index 536ea2f..f42c293 100644 #endif /* -@@ -270,9 +270,10 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -268,9 +268,10 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, * Does not cover __inittext since that is gone later on. On * 64bit we do not enforce !NX on the low mapping */ @@ -33628,7 +33798,7 @@ index 536ea2f..f42c293 100644 /* * The .rodata section needs to be read-only. Using the pfn * catches all aliases. -@@ -280,6 +281,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -278,6 +279,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, if (within(pfn, __pa_symbol(__start_rodata) >> PAGE_SHIFT, __pa_symbol(__end_rodata) >> PAGE_SHIFT)) pgprot_val(forbidden) |= _PAGE_RW; @@ -33636,7 +33806,7 @@ index 536ea2f..f42c293 100644 #if defined(CONFIG_X86_64) && defined(CONFIG_DEBUG_RODATA) /* -@@ -318,6 +320,13 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -316,6 +318,13 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, } #endif @@ -33650,7 +33820,7 @@ index 536ea2f..f42c293 100644 prot = __pgprot(pgprot_val(prot) & ~pgprot_val(forbidden)); return prot; -@@ -440,23 +449,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); +@@ -438,23 +447,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); static void __set_pmd_pte(pte_t *kpte, unsigned long address, pte_t pte) { /* change init_mm */ @@ -33691,7 +33861,7 @@ index 536ea2f..f42c293 100644 static int diff --git a/arch/x86/mm/pat.c b/arch/x86/mm/pat.c -index 7ac6869..c0ba541 100644 +index 35af677..e7bf11f 100644 --- a/arch/x86/mm/pat.c +++ b/arch/x86/mm/pat.c @@ -89,7 +89,7 @@ static inline enum page_cache_mode get_page_memtype(struct page *pg) @@ -33738,10 +33908,10 @@ index 7ac6869..c0ba541 100644 while (cursor < to) { if (!devmem_is_allowed(pfn)) { -- printk(KERN_INFO "Program %s tried to access /dev/mem between [mem %#010Lx-%#010Lx]\n", -- current->comm, from, to - 1); -+ printk(KERN_INFO "Program %s tried to access /dev/mem between [mem %#010Lx-%#010Lx] (%#010Lx)\n", -+ current->comm, from, to - 1, cursor); +- printk(KERN_INFO "Program %s tried to access /dev/mem between [mem %#010Lx-%#010Lx], PAT prevents it\n", +- current->comm, from, to - 1); ++ printk(KERN_INFO "Program %s tried to access /dev/mem between [mem %#010Lx-%#010Lx] (%#010Lx), PAT prevents it\n", ++ current->comm, from, to - 1, cursor); return 0; } cursor += PAGE_SIZE; @@ -33835,10 +34005,10 @@ index 9f0614d..92ae64a 100644 p += get_opcode(p, &opcode); for (i = 0; i < ARRAY_SIZE(imm_wop); i++) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c -index 7b22ada..b11e66f 100644 +index 0b97d2c..597bb38 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c -@@ -97,10 +97,75 @@ static inline void pgd_list_del(pgd_t *pgd) +@@ -98,10 +98,75 @@ static inline void pgd_list_del(pgd_t *pgd) list_del(&page->lru); } @@ -33916,7 +34086,7 @@ index 7b22ada..b11e66f 100644 static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm) { BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm)); -@@ -141,6 +206,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -142,6 +207,7 @@ static void pgd_dtor(pgd_t *pgd) pgd_list_del(pgd); spin_unlock(&pgd_lock); } @@ -33924,7 +34094,7 @@ index 7b22ada..b11e66f 100644 /* * List of all pgd's needed for non-PAE so it can invalidate entries -@@ -153,7 +219,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -154,7 +220,7 @@ static void pgd_dtor(pgd_t *pgd) * -- nyc */ @@ -33933,7 +34103,7 @@ index 7b22ada..b11e66f 100644 /* * In PAE mode, we need to do a cr3 reload (=tlb flush) when * updating the top-level pagetable entries to guarantee the -@@ -165,7 +231,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -166,7 +232,7 @@ static void pgd_dtor(pgd_t *pgd) * not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate * and initialize the kernel pmds here. */ @@ -33942,7 +34112,7 @@ index 7b22ada..b11e66f 100644 void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) { -@@ -183,46 +249,48 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) +@@ -184,46 +250,48 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) */ flush_tlb_mm(mm); } @@ -34009,7 +34179,7 @@ index 7b22ada..b11e66f 100644 return -ENOMEM; } -@@ -235,50 +303,54 @@ static int preallocate_pmds(struct mm_struct *mm, pmd_t *pmds[]) +@@ -236,43 +304,47 @@ static int preallocate_pmds(struct mm_struct *mm, pmd_t *pmds[]) * preallocate which never got a corresponding vma will need to be * freed manually. */ @@ -34073,15 +34243,16 @@ index 7b22ada..b11e66f 100644 } } +@@ -354,7 +426,7 @@ static inline void _pgd_free(pgd_t *pgd) pgd_t *pgd_alloc(struct mm_struct *mm) { pgd_t *pgd; - pmd_t *pmds[PREALLOCATED_PMDS]; + pxd_t *pxds[PREALLOCATED_PXDS]; - pgd = (pgd_t *)__get_free_page(PGALLOC_GFP); + pgd = _pgd_alloc(); -@@ -287,11 +359,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -363,11 +435,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) mm->pgd = pgd; @@ -34095,7 +34266,7 @@ index 7b22ada..b11e66f 100644 /* * Make sure that pre-populating the pmds is atomic with -@@ -301,14 +373,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -377,14 +449,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) spin_lock(&pgd_lock); pgd_ctor(mm, pgd); @@ -34111,9 +34282,9 @@ index 7b22ada..b11e66f 100644 +out_free_pxds: + free_pxds(mm, pxds); out_free_pgd: - free_page((unsigned long)pgd); + _pgd_free(pgd); out: -@@ -317,7 +389,7 @@ out: +@@ -393,7 +465,7 @@ out: void pgd_free(struct mm_struct *mm, pgd_t *pgd) { @@ -34121,7 +34292,7 @@ index 7b22ada..b11e66f 100644 + pgd_mop_up_pxds(mm, pgd); pgd_dtor(pgd); paravirt_pgd_free(mm, pgd); - free_page((unsigned long)pgd); + _pgd_free(pgd); diff --git a/arch/x86/mm/pgtable_32.c b/arch/x86/mm/pgtable_32.c index 75cc097..79a097f 100644 --- a/arch/x86/mm/pgtable_32.c @@ -34403,7 +34574,7 @@ index ddeff48..877ead6 100644 bpf_prog_unlock_free(fp); } diff --git a/arch/x86/oprofile/backtrace.c b/arch/x86/oprofile/backtrace.c -index 5d04be5..2beeaa2 100644 +index 4e664bd..2beeaa2 100644 --- a/arch/x86/oprofile/backtrace.c +++ b/arch/x86/oprofile/backtrace.c @@ -46,11 +46,11 @@ dump_user_backtrace_32(struct stack_frame_ia32 *head) @@ -34429,15 +34600,6 @@ index 5d04be5..2beeaa2 100644 if (bytes != 0) return NULL; -@@ -111,7 +111,7 @@ x86_backtrace(struct pt_regs * const regs, unsigned int depth) - { - struct stack_frame *head = (struct stack_frame *)frame_pointer(regs); - -- if (!user_mode_vm(regs)) { -+ if (!user_mode(regs)) { - unsigned long stack = kernel_stack_pointer(regs); - if (depth) - dump_trace(NULL, regs, (unsigned long *)stack, 0, diff --git a/arch/x86/oprofile/nmi_int.c b/arch/x86/oprofile/nmi_int.c index 1d2e639..f6ef82a 100644 --- a/arch/x86/oprofile/nmi_int.c @@ -34877,19 +35039,24 @@ index 9b83b90..4112152 100644 } EXPORT_SYMBOL(pcibios_set_irq_routing); diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c -index 40e7cda..c7e6672 100644 +index ed5b673..24d2d53 100644 --- a/arch/x86/platform/efi/efi_32.c +++ b/arch/x86/platform/efi/efi_32.c -@@ -61,11 +61,22 @@ void __init efi_call_phys_prolog(void) - { +@@ -61,11 +61,27 @@ pgd_t * __init efi_call_phys_prolog(void) struct desc_ptr gdt_descr; + pgd_t *save_pgd; +#ifdef CONFIG_PAX_KERNEXEC + struct desc_struct d; +#endif + - local_irq_save(efi_rt_eflags); - + /* Current pgd is swapper_pg_dir, we'll restore it later: */ ++#ifdef CONFIG_PAX_PER_CPU_PGD ++ save_pgd = get_cpu_pgd(smp_processor_id(), kernel); ++#else + save_pgd = swapper_pg_dir; ++#endif ++ load_cr3(initial_page_table); __flush_tlb_all(); @@ -34903,7 +35070,7 @@ index 40e7cda..c7e6672 100644 gdt_descr.address = __pa(get_cpu_gdt_table(0)); gdt_descr.size = GDT_SIZE - 1; load_gdt(&gdt_descr); -@@ -75,11 +86,24 @@ void __init efi_call_phys_epilog(void) +@@ -77,6 +93,14 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd) { struct desc_ptr gdt_descr; @@ -34918,21 +35085,11 @@ index 40e7cda..c7e6672 100644 gdt_descr.address = (unsigned long)get_cpu_gdt_table(0); gdt_descr.size = GDT_SIZE - 1; load_gdt(&gdt_descr); - -+#ifdef CONFIG_PAX_PER_CPU_PGD -+ load_cr3(get_cpu_pgd(smp_processor_id(), kernel)); -+#else - load_cr3(swapper_pg_dir); -+#endif -+ - __flush_tlb_all(); - - local_irq_restore(efi_rt_eflags); diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c -index 17e80d8..9fa6e41 100644 +index a0ac0f9..f41d324 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c -@@ -98,6 +98,11 @@ void __init efi_call_phys_prolog(void) +@@ -96,6 +96,11 @@ pgd_t * __init efi_call_phys_prolog(void) vaddress = (unsigned long)__va(pgd * PGDIR_SIZE); set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress)); } @@ -34942,21 +35099,20 @@ index 17e80d8..9fa6e41 100644 +#endif + __flush_tlb_all(); - } -@@ -115,6 +120,11 @@ void __init efi_call_phys_epilog(void) - for (pgd = 0; pgd < n_pgds; pgd++) - set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), save_pgd[pgd]); + return save_pgd; +@@ -119,6 +124,10 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd) + kfree(save_pgd); -+ + +#ifdef CONFIG_PAX_PER_CPU_PGD + load_cr3(get_cpu_pgd(smp_processor_id(), kernel)); +#endif + __flush_tlb_all(); - local_irq_restore(efi_flags); early_code_mapping_set_exec(0); -@@ -145,8 +155,23 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages) + } +@@ -148,8 +157,23 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages) unsigned npages; pgd_t *pgd; @@ -35202,10 +35358,10 @@ index aaca917..66eadbc 100644 return &tangier_ops; } diff --git a/arch/x86/platform/intel-quark/imr_selftest.c b/arch/x86/platform/intel-quark/imr_selftest.c -index c9a0838..fae0977 100644 +index 278e4da..55e8d8a 100644 --- a/arch/x86/platform/intel-quark/imr_selftest.c +++ b/arch/x86/platform/intel-quark/imr_selftest.c -@@ -54,7 +54,7 @@ static void __init imr_self_test_result(int res, const char *fmt, ...) +@@ -55,7 +55,7 @@ static void __init imr_self_test_result(int res, const char *fmt, ...) */ static void __init imr_self_test(void) { @@ -35228,19 +35384,19 @@ index d6ee929..3637cb5 100644 .getproplen = olpc_dt_getproplen, .getproperty = olpc_dt_getproperty, diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c -index 3e32ed5..cc0adc5 100644 +index 757678f..9895d9b 100644 --- a/arch/x86/power/cpu.c +++ b/arch/x86/power/cpu.c @@ -134,11 +134,8 @@ static void do_fpu_end(void) static void fix_processor_context(void) { int cpu = smp_processor_id(); -- struct tss_struct *t = &per_cpu(init_tss, cpu); +- struct tss_struct *t = &per_cpu(cpu_tss, cpu); -#ifdef CONFIG_X86_64 - struct desc_struct *desc = get_cpu_gdt_table(cpu); - tss_desc tss; -#endif -+ struct tss_struct *t = init_tss + cpu; ++ struct tss_struct *t = cpu_tss + cpu; + set_tss_desc(cpu, t); /* * This just modifies memory; should not be @@ -35665,7 +35821,7 @@ index 80ffa5b..a33bd15 100644 return 0; diff --git a/arch/x86/vdso/Makefile b/arch/x86/vdso/Makefile -index 8533c96..ff98c52 100644 +index e970320..c006fea 100644 --- a/arch/x86/vdso/Makefile +++ b/arch/x86/vdso/Makefile @@ -175,7 +175,7 @@ quiet_cmd_vdso = VDSO $@ @@ -35828,7 +35984,7 @@ index e88fda8..76ce7ce 100644 This is the Linux Xen port. Enabling this will allow the kernel to boot in a paravirtualized environment under the diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index 5240f56..0c12163 100644 +index 46957ea..ef7b714 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c @@ -125,8 +125,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); @@ -35869,16 +36025,7 @@ index 5240f56..0c12163 100644 BUG_ON(va & ~PAGE_MASK); for (f = 0; va < dtr->address + size; va += PAGE_SIZE, f++) { -@@ -991,7 +987,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) - return 0; - } - --static void set_xen_basic_apic_ops(void) -+static void __init set_xen_basic_apic_ops(void) - { - apic->read = xen_apic_read; - apic->write = xen_apic_write; -@@ -1308,30 +1304,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { +@@ -1223,30 +1219,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { #endif }; @@ -35916,7 +36063,7 @@ index 5240f56..0c12163 100644 { if (pm_power_off) pm_power_off(); -@@ -1484,8 +1480,11 @@ static void __ref xen_setup_gdt(int cpu) +@@ -1399,8 +1395,11 @@ static void __ref xen_setup_gdt(int cpu) pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry_boot; pv_cpu_ops.load_gdt = xen_load_gdt_boot; @@ -35930,7 +36077,7 @@ index 5240f56..0c12163 100644 pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry; pv_cpu_ops.load_gdt = xen_load_gdt; -@@ -1600,7 +1599,17 @@ asmlinkage __visible void __init xen_start_kernel(void) +@@ -1515,7 +1514,17 @@ asmlinkage __visible void __init xen_start_kernel(void) __userpte_alloc_gfp &= ~__GFP_HIGHMEM; /* Work out if we support NX */ @@ -35949,7 +36096,7 @@ index 5240f56..0c12163 100644 /* Get mfn list */ xen_build_dynamic_phys_to_machine(); -@@ -1628,13 +1637,6 @@ asmlinkage __visible void __init xen_start_kernel(void) +@@ -1543,13 +1552,6 @@ asmlinkage __visible void __init xen_start_kernel(void) machine_ops = xen_machine_ops; @@ -35964,7 +36111,7 @@ index 5240f56..0c12163 100644 #ifdef CONFIG_ACPI_NUMA diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c -index adca9e2..cdba9d1 100644 +index dd151b2..d5ab952 100644 --- a/arch/x86/xen/mmu.c +++ b/arch/x86/xen/mmu.c @@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) @@ -36010,7 +36157,7 @@ index adca9e2..cdba9d1 100644 pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, @@ -2048,6 +2059,7 @@ static void __init xen_post_allocator_init(void) pv_mmu_ops.set_pud = xen_set_pud; - #if PAGETABLE_LEVELS == 4 + #if CONFIG_PGTABLE_LEVELS == 4 pv_mmu_ops.set_pgd = xen_set_pgd; + pv_mmu_ops.set_pgd_batched = xen_set_pgd; #endif @@ -36025,10 +36172,10 @@ index adca9e2..cdba9d1 100644 .alloc_pud = xen_alloc_pmd_init, .release_pud = xen_release_pmd_init, diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c -index 08e8489..b1e182f 100644 +index 8648438..18bac20 100644 --- a/arch/x86/xen/smp.c +++ b/arch/x86/xen/smp.c -@@ -288,17 +288,13 @@ static void __init xen_smp_prepare_boot_cpu(void) +@@ -284,17 +284,13 @@ static void __init xen_smp_prepare_boot_cpu(void) if (xen_pv_domain()) { if (!xen_feature(XENFEAT_writable_page_tables)) @@ -36048,7 +36195,7 @@ index 08e8489..b1e182f 100644 #endif xen_filter_cpu_maps(); -@@ -379,7 +375,7 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) +@@ -375,7 +371,7 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) #ifdef CONFIG_X86_32 /* Note: PVH is not yet supported on x86_32. */ ctxt->user_regs.fs = __KERNEL_PERCPU; @@ -36057,7 +36204,7 @@ index 08e8489..b1e182f 100644 #endif memset(&ctxt->fpu_ctxt, 0, sizeof(ctxt->fpu_ctxt)); -@@ -387,8 +383,8 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) +@@ -383,8 +379,8 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) ctxt->user_regs.eip = (unsigned long)cpu_bringup_and_idle; ctxt->flags = VGCF_IN_KERNEL; ctxt->user_regs.eflags = 0x1000; /* IOPL_RING1 */ @@ -36068,24 +36215,7 @@ index 08e8489..b1e182f 100644 ctxt->user_regs.ss = __KERNEL_DS; xen_copy_trap_info(ctxt->trap_ctxt); -@@ -446,14 +442,13 @@ static int xen_cpu_up(unsigned int cpu, struct task_struct *idle) - int rc; - - per_cpu(current_task, cpu) = idle; -+ per_cpu(current_tinfo, cpu) = &idle->tinfo; - #ifdef CONFIG_X86_32 - irq_ctx_init(cpu); - #else - clear_tsk_thread_flag(idle, TIF_FORK); - #endif -- per_cpu(kernel_stack, cpu) = -- (unsigned long)task_stack_page(idle) - -- KERNEL_STACK_OFFSET + THREAD_SIZE; -+ per_cpu(kernel_stack, cpu) = (unsigned long)task_stack_page(idle) - 16 + THREAD_SIZE; - - xen_setup_runstate_info(cpu); - xen_setup_timer(cpu); -@@ -732,7 +727,7 @@ static const struct smp_ops xen_smp_ops __initconst = { +@@ -720,7 +716,7 @@ static const struct smp_ops xen_smp_ops __initconst = { void __init xen_smp_init(void) { @@ -36108,10 +36238,10 @@ index fd92a64..1f72641 100644 #else movl %ss:xen_vcpu, %eax diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S -index 674b2225..f1f5dc1 100644 +index 8afdfcc..79239db 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S -@@ -39,6 +39,17 @@ ENTRY(startup_xen) +@@ -41,6 +41,17 @@ ENTRY(startup_xen) #ifdef CONFIG_X86_32 mov %esi,xen_start_info mov $init_thread_union+THREAD_SIZE,%esp @@ -36216,7 +36346,7 @@ index 0736729..2ec3b48 100644 struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); int rearm = 0, budget = blk_iopoll_budget; diff --git a/block/blk-map.c b/block/blk-map.c -index b8d2725..08c52b0 100644 +index da310a1..213b5c9 100644 --- a/block/blk-map.c +++ b/block/blk-map.c @@ -192,7 +192,7 @@ int blk_rq_map_kern(struct request_queue *q, struct request *rq, void *kbuf, @@ -36228,6 +36358,19 @@ index b8d2725..08c52b0 100644 if (do_copy) bio = bio_copy_kern(q, kbuf, len, gfp_mask, reading); else +diff --git a/block/blk-mq.c b/block/blk-mq.c +index 594eea0..2dc1fd6 100644 +--- a/block/blk-mq.c ++++ b/block/blk-mq.c +@@ -1968,7 +1968,7 @@ struct request_queue *blk_mq_init_allocated_queue(struct blk_mq_tag_set *set, + goto err_hctxs; + + setup_timer(&q->timeout, blk_mq_rq_timer, (unsigned long) q); +- blk_queue_rq_timeout(q, set->timeout ? set->timeout : 30000); ++ blk_queue_rq_timeout(q, set->timeout ? set->timeout : 30 * HZ); + + q->nr_queues = nr_cpu_ids; + q->nr_hw_queues = set->nr_hw_queues; diff --git a/block/blk-softirq.c b/block/blk-softirq.c index 53b1737..08177d2e 100644 --- a/block/blk-softirq.c @@ -36352,7 +36495,7 @@ index 26cb624..a49c3a5 100644 (u8 *) pte, count) < count) { kfree(pte); diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c -index e1f71c3..02d295a 100644 +index 55b6f15..b602c9a 100644 --- a/block/scsi_ioctl.c +++ b/block/scsi_ioctl.c @@ -67,7 +67,7 @@ static int scsi_get_bus(struct request_queue *q, int __user *p) @@ -36386,7 +36529,7 @@ index e1f71c3..02d295a 100644 if (blk_verify_command(rq->cmd, mode & FMODE_WRITE)) return -EPERM; -@@ -422,6 +434,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, +@@ -420,6 +432,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, int err; unsigned int in_len, out_len, bytes, opcode, cmdlen; char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE]; @@ -36395,7 +36538,7 @@ index e1f71c3..02d295a 100644 if (!sic) return -EINVAL; -@@ -460,9 +474,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, +@@ -458,9 +472,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, */ err = -EFAULT; rq->cmd_len = cmdlen; @@ -36416,7 +36559,7 @@ index e1f71c3..02d295a 100644 goto error; diff --git a/crypto/cryptd.c b/crypto/cryptd.c -index 650afac1..f3307de 100644 +index b0602ba..fb71850 100644 --- a/crypto/cryptd.c +++ b/crypto/cryptd.c @@ -63,7 +63,7 @@ struct cryptd_blkcipher_ctx { @@ -36542,7 +36685,7 @@ index a83e3c6..c3d617f 100644 bgrt_kobj = kobject_create_and_add("bgrt", acpi_kobj); if (!bgrt_kobj) diff --git a/drivers/acpi/blacklist.c b/drivers/acpi/blacklist.c -index 9b693d5..8953d54 100644 +index 1d17919..315e955 100644 --- a/drivers/acpi/blacklist.c +++ b/drivers/acpi/blacklist.c @@ -51,7 +51,7 @@ struct acpi_blacklist_item { @@ -36564,7 +36707,7 @@ index 9b693d5..8953d54 100644 .callback = dmi_disable_osi_vista, .ident = "Fujitsu Siemens", diff --git a/drivers/acpi/bus.c b/drivers/acpi/bus.c -index 8b67bd0..b59593e 100644 +index 513e7230e..802015a 100644 --- a/drivers/acpi/bus.c +++ b/drivers/acpi/bus.c @@ -67,7 +67,7 @@ static int set_copy_dsdt(const struct dmi_system_id *id) @@ -36601,10 +36744,10 @@ index c68e724..e863008 100644 /* parse the table header to get the table length */ if (count <= sizeof(struct acpi_table_header)) diff --git a/drivers/acpi/device_pm.c b/drivers/acpi/device_pm.c -index 735db11..91e07ff 100644 +index 8217e0b..3294cb6 100644 --- a/drivers/acpi/device_pm.c +++ b/drivers/acpi/device_pm.c -@@ -1025,6 +1025,8 @@ EXPORT_SYMBOL_GPL(acpi_subsys_freeze); +@@ -1026,6 +1026,8 @@ EXPORT_SYMBOL_GPL(acpi_subsys_freeze); #endif /* CONFIG_PM_SLEEP */ @@ -36613,7 +36756,7 @@ index 735db11..91e07ff 100644 static struct dev_pm_domain acpi_general_pm_domain = { .ops = { .runtime_suspend = acpi_subsys_runtime_suspend, -@@ -1041,6 +1043,7 @@ static struct dev_pm_domain acpi_general_pm_domain = { +@@ -1042,6 +1044,7 @@ static struct dev_pm_domain acpi_general_pm_domain = { .restore_early = acpi_subsys_resume_early, #endif }, @@ -36621,7 +36764,7 @@ index 735db11..91e07ff 100644 }; /** -@@ -1110,7 +1113,6 @@ int acpi_dev_pm_attach(struct device *dev, bool power_on) +@@ -1111,7 +1114,6 @@ int acpi_dev_pm_attach(struct device *dev, bool power_on) acpi_device_wakeup(adev, ACPI_STATE_S0, false); } @@ -36630,10 +36773,10 @@ index 735db11..91e07ff 100644 } EXPORT_SYMBOL_GPL(acpi_dev_pm_attach); diff --git a/drivers/acpi/ec.c b/drivers/acpi/ec.c -index a8dd2f7..e15950e 100644 +index 5e8fed4..d9bb545 100644 --- a/drivers/acpi/ec.c +++ b/drivers/acpi/ec.c -@@ -1242,7 +1242,7 @@ static int ec_clear_on_resume(const struct dmi_system_id *id) +@@ -1293,7 +1293,7 @@ static int ec_clear_on_resume(const struct dmi_system_id *id) return 0; } @@ -36669,10 +36812,10 @@ index d9f7158..168e742 100644 }; diff --git a/drivers/acpi/processor_idle.c b/drivers/acpi/processor_idle.c -index f98db0b..8309c83 100644 +index 39e0c8e..b5ae20c 100644 --- a/drivers/acpi/processor_idle.c +++ b/drivers/acpi/processor_idle.c -@@ -912,7 +912,7 @@ static int acpi_processor_setup_cpuidle_states(struct acpi_processor *pr) +@@ -910,7 +910,7 @@ static int acpi_processor_setup_cpuidle_states(struct acpi_processor *pr) { int i, count = CPUIDLE_DRIVER_STATE_START; struct acpi_processor_cx *cx; @@ -36695,7 +36838,7 @@ index e5dd808..1eceed1 100644 set_no_mwait, "Extensa 5220", { DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies LTD"), diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c -index 7f251dd..47b262c 100644 +index 2f0d4db..b9e9b15 100644 --- a/drivers/acpi/sleep.c +++ b/drivers/acpi/sleep.c @@ -148,7 +148,7 @@ static int __init init_nvs_nosave(const struct dmi_system_id *d) @@ -36708,7 +36851,7 @@ index 7f251dd..47b262c 100644 .callback = init_old_suspend_ordering, .ident = "Abit KN9 (nForce4 variant)", diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c -index 13e577c..cef11ee 100644 +index 0876d77b..3ba0127 100644 --- a/drivers/acpi/sysfs.c +++ b/drivers/acpi/sysfs.c @@ -423,11 +423,11 @@ static u32 num_counters; @@ -36739,10 +36882,10 @@ index d24fa19..782f1e6 100644 * Award BIOS on this AOpen makes thermal control almost worthless. * http://bugzilla.kernel.org/show_bug.cgi?id=8842 diff --git a/drivers/acpi/video.c b/drivers/acpi/video.c -index 26eb70c..4d66ddf 100644 +index cc79d3f..28adb33 100644 --- a/drivers/acpi/video.c +++ b/drivers/acpi/video.c -@@ -418,7 +418,7 @@ static int __init video_disable_native_backlight(const struct dmi_system_id *d) +@@ -431,7 +431,7 @@ static int __init video_enable_native_backlight(const struct dmi_system_id *d) return 0; } @@ -36765,10 +36908,10 @@ index 287c4ba..6a600bc 100644 unsigned long timeout_msec) { diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c -index 87b4b7f..d876fbd 100644 +index 577849c..920847c 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c -@@ -99,7 +99,7 @@ static unsigned int ata_dev_set_xfermode(struct ata_device *dev); +@@ -102,7 +102,7 @@ static unsigned int ata_dev_set_xfermode(struct ata_device *dev); static void ata_dev_xfermask(struct ata_device *dev); static unsigned long ata_dev_blacklisted(const struct ata_device *dev); @@ -36777,7 +36920,7 @@ index 87b4b7f..d876fbd 100644 struct ata_force_param { const char *name; -@@ -4780,7 +4780,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) +@@ -4801,7 +4801,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) struct ata_port *ap; unsigned int tag; @@ -36786,7 +36929,7 @@ index 87b4b7f..d876fbd 100644 ap = qc->ap; qc->flags = 0; -@@ -4797,7 +4797,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) +@@ -4818,7 +4818,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) struct ata_port *ap; struct ata_link *link; @@ -36795,7 +36938,7 @@ index 87b4b7f..d876fbd 100644 WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); ap = qc->ap; link = qc->dev->link; -@@ -5901,6 +5901,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -5925,6 +5925,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) return; spin_lock(&lock); @@ -36803,7 +36946,7 @@ index 87b4b7f..d876fbd 100644 for (cur = ops->inherits; cur; cur = cur->inherits) { void **inherit = (void **)cur; -@@ -5914,8 +5915,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -5938,8 +5939,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) if (IS_ERR(*pp)) *pp = NULL; @@ -36814,7 +36957,7 @@ index 87b4b7f..d876fbd 100644 spin_unlock(&lock); } -@@ -6111,7 +6113,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) +@@ -6135,7 +6137,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) /* give ports names and add SCSI hosts */ for (i = 0; i < host->n_ports; i++) { @@ -36824,10 +36967,10 @@ index 87b4b7f..d876fbd 100644 } diff --git a/drivers/ata/libata-scsi.c b/drivers/ata/libata-scsi.c -index b061ba2..fdcd85f 100644 +index 3131adc..93e7aa0 100644 --- a/drivers/ata/libata-scsi.c +++ b/drivers/ata/libata-scsi.c -@@ -4172,7 +4172,7 @@ int ata_sas_port_init(struct ata_port *ap) +@@ -4209,7 +4209,7 @@ int ata_sas_port_init(struct ata_port *ap) if (rc) return rc; @@ -36837,7 +36980,7 @@ index b061ba2..fdcd85f 100644 } EXPORT_SYMBOL_GPL(ata_sas_port_init); diff --git a/drivers/ata/libata.h b/drivers/ata/libata.h -index f840ca1..edd6ef3 100644 +index a998a17..8de4bf4 100644 --- a/drivers/ata/libata.h +++ b/drivers/ata/libata.h @@ -53,7 +53,7 @@ enum { @@ -37540,10 +37683,10 @@ index ce43ae3..969de38 100644 lvcc->rx.buf.ptr = &lvcc->rx.buf.start[SERVICE_GET_END(s) * 4]; cardvcc_write(lvcc, SERVICE_GET_END(s), vcc_rxreadptr); diff --git a/drivers/atm/nicstar.c b/drivers/atm/nicstar.c -index b7e1cc0..eb336bfe 100644 +index ddc4ceb..36e29aa 100644 --- a/drivers/atm/nicstar.c +++ b/drivers/atm/nicstar.c -@@ -1640,7 +1640,7 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -1632,7 +1632,7 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) if ((vc = (vc_map *) vcc->dev_data) == NULL) { printk("nicstar%d: vcc->dev_data == NULL on ns_send().\n", card->index); @@ -37552,7 +37695,7 @@ index b7e1cc0..eb336bfe 100644 dev_kfree_skb_any(skb); return -EINVAL; } -@@ -1648,7 +1648,7 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -1640,7 +1640,7 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) if (!vc->tx) { printk("nicstar%d: Trying to transmit on a non-tx VC.\n", card->index); @@ -37561,7 +37704,7 @@ index b7e1cc0..eb336bfe 100644 dev_kfree_skb_any(skb); return -EINVAL; } -@@ -1656,14 +1656,14 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -1648,14 +1648,14 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) if (vcc->qos.aal != ATM_AAL5 && vcc->qos.aal != ATM_AAL0) { printk("nicstar%d: Only AAL0 and AAL5 are supported.\n", card->index); @@ -37578,7 +37721,7 @@ index b7e1cc0..eb336bfe 100644 dev_kfree_skb_any(skb); return -EINVAL; } -@@ -1711,11 +1711,11 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -1703,11 +1703,11 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) } if (push_scqe(card, vc, scq, &scqe, skb) != 0) { @@ -37592,7 +37735,7 @@ index b7e1cc0..eb336bfe 100644 return 0; } -@@ -2032,14 +2032,14 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2024,14 +2024,14 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) printk ("nicstar%d: Can't allocate buffers for aal0.\n", card->index); @@ -37609,7 +37752,7 @@ index b7e1cc0..eb336bfe 100644 dev_kfree_skb_any(sb); break; } -@@ -2054,7 +2054,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2046,7 +2046,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ATM_SKB(sb)->vcc = vcc; __net_timestamp(sb); vcc->push(vcc, sb); @@ -37618,7 +37761,7 @@ index b7e1cc0..eb336bfe 100644 cell += ATM_CELL_PAYLOAD; } -@@ -2071,7 +2071,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2063,7 +2063,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) if (iovb == NULL) { printk("nicstar%d: Out of iovec buffers.\n", card->index); @@ -37627,7 +37770,7 @@ index b7e1cc0..eb336bfe 100644 recycle_rx_buf(card, skb); return; } -@@ -2095,7 +2095,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2087,7 +2087,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) small or large buffer itself. */ } else if (NS_PRV_IOVCNT(iovb) >= NS_MAX_IOVECS) { printk("nicstar%d: received too big AAL5 SDU.\n", card->index); @@ -37636,7 +37779,7 @@ index b7e1cc0..eb336bfe 100644 recycle_iovec_rx_bufs(card, (struct iovec *)iovb->data, NS_MAX_IOVECS); NS_PRV_IOVCNT(iovb) = 0; -@@ -2115,7 +2115,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2107,7 +2107,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ("nicstar%d: Expected a small buffer, and this is not one.\n", card->index); which_list(card, skb); @@ -37645,7 +37788,7 @@ index b7e1cc0..eb336bfe 100644 recycle_rx_buf(card, skb); vc->rx_iov = NULL; recycle_iov_buf(card, iovb); -@@ -2128,7 +2128,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2120,7 +2120,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ("nicstar%d: Expected a large buffer, and this is not one.\n", card->index); which_list(card, skb); @@ -37654,7 +37797,7 @@ index b7e1cc0..eb336bfe 100644 recycle_iovec_rx_bufs(card, (struct iovec *)iovb->data, NS_PRV_IOVCNT(iovb)); vc->rx_iov = NULL; -@@ -2151,7 +2151,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2143,7 +2143,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) printk(" - PDU size mismatch.\n"); else printk(".\n"); @@ -37663,7 +37806,7 @@ index b7e1cc0..eb336bfe 100644 recycle_iovec_rx_bufs(card, (struct iovec *)iovb->data, NS_PRV_IOVCNT(iovb)); vc->rx_iov = NULL; -@@ -2165,7 +2165,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2157,14 +2157,14 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) /* skb points to a small buffer */ if (!atm_charge(vcc, skb->truesize)) { push_rxbufs(card, skb); @@ -37672,7 +37815,6 @@ index b7e1cc0..eb336bfe 100644 } else { skb_put(skb, len); dequeue_sm_buf(card, skb); -@@ -2175,7 +2175,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ATM_SKB(skb)->vcc = vcc; __net_timestamp(skb); vcc->push(vcc, skb); @@ -37681,7 +37823,7 @@ index b7e1cc0..eb336bfe 100644 } } else if (NS_PRV_IOVCNT(iovb) == 2) { /* One small plus one large buffer */ struct sk_buff *sb; -@@ -2186,7 +2186,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2175,14 +2175,14 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) if (len <= NS_SMBUFSIZE) { if (!atm_charge(vcc, sb->truesize)) { push_rxbufs(card, sb); @@ -37690,7 +37832,6 @@ index b7e1cc0..eb336bfe 100644 } else { skb_put(sb, len); dequeue_sm_buf(card, sb); -@@ -2196,7 +2196,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ATM_SKB(sb)->vcc = vcc; __net_timestamp(sb); vcc->push(vcc, sb); @@ -37699,7 +37840,7 @@ index b7e1cc0..eb336bfe 100644 } push_rxbufs(card, skb); -@@ -2205,7 +2205,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2191,7 +2191,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) if (!atm_charge(vcc, skb->truesize)) { push_rxbufs(card, skb); @@ -37707,8 +37848,8 @@ index b7e1cc0..eb336bfe 100644 + atomic_inc_unchecked(&vcc->stats->rx_drop); } else { dequeue_lg_buf(card, skb); - #ifdef NS_USE_DESTRUCTORS -@@ -2218,7 +2218,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) + skb_push(skb, NS_SMBUFSIZE); +@@ -2201,7 +2201,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) ATM_SKB(skb)->vcc = vcc; __net_timestamp(skb); vcc->push(vcc, skb); @@ -37717,7 +37858,7 @@ index b7e1cc0..eb336bfe 100644 } push_rxbufs(card, sb); -@@ -2239,7 +2239,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2222,7 +2222,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) printk ("nicstar%d: Out of huge buffers.\n", card->index); @@ -37726,7 +37867,7 @@ index b7e1cc0..eb336bfe 100644 recycle_iovec_rx_bufs(card, (struct iovec *) iovb->data, -@@ -2290,7 +2290,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) +@@ -2273,7 +2273,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) card->hbpool.count++; } else dev_kfree_skb_any(hb); @@ -37735,8 +37876,8 @@ index b7e1cc0..eb336bfe 100644 } else { /* Copy the small buffer to the huge buffer */ sb = (struct sk_buff *)iov->iov_base; -@@ -2327,7 +2327,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) - #endif /* NS_USE_DESTRUCTORS */ +@@ -2307,7 +2307,7 @@ static void dequeue_rx(ns_dev * card, ns_rsqe * rsqe) + ATM_SKB(hb)->vcc = vcc; __net_timestamp(hb); vcc->push(vcc, hb); - atomic_inc(&vcc->stats->rx); @@ -37883,7 +38024,7 @@ index 79bc203..fa3945b 100644 subsys_dev_iter_init(&iter, subsys, NULL, NULL); while ((dev = subsys_dev_iter_next(&iter))) diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c -index 25798db..15f130e 100644 +index 68f0314..ca2a609 100644 --- a/drivers/base/devtmpfs.c +++ b/drivers/base/devtmpfs.c @@ -354,7 +354,7 @@ int devtmpfs_mount(const char *mntdir) @@ -37911,10 +38052,10 @@ index 25798db..15f130e 100644 while (1) { spin_lock(&req_lock); diff --git a/drivers/base/node.c b/drivers/base/node.c -index 36fabe43..8cfc112 100644 +index a2aa65b..8831326 100644 --- a/drivers/base/node.c +++ b/drivers/base/node.c -@@ -615,7 +615,7 @@ static ssize_t print_nodes_state(enum node_states state, char *buf) +@@ -613,7 +613,7 @@ static ssize_t print_nodes_state(enum node_states state, char *buf) struct node_attr { struct device_attribute attr; enum node_states state; @@ -37924,10 +38065,10 @@ index 36fabe43..8cfc112 100644 static ssize_t show_node_state(struct device *dev, struct device_attribute *attr, char *buf) diff --git a/drivers/base/power/domain.c b/drivers/base/power/domain.c -index 45937f8..b9a342e 100644 +index 2327613..211d7f5 100644 --- a/drivers/base/power/domain.c +++ b/drivers/base/power/domain.c -@@ -1698,7 +1698,7 @@ int pm_genpd_attach_cpuidle(struct generic_pm_domain *genpd, int state) +@@ -1725,7 +1725,7 @@ int pm_genpd_attach_cpuidle(struct generic_pm_domain *genpd, int state) { struct cpuidle_driver *cpuidle_drv; struct gpd_cpuidle_data *cpuidle_data; @@ -37936,7 +38077,7 @@ index 45937f8..b9a342e 100644 int ret = 0; if (IS_ERR_OR_NULL(genpd) || state < 0) -@@ -1766,7 +1766,7 @@ int pm_genpd_name_attach_cpuidle(const char *name, int state) +@@ -1793,7 +1793,7 @@ int pm_genpd_name_attach_cpuidle(const char *name, int state) int pm_genpd_detach_cpuidle(struct generic_pm_domain *genpd) { struct gpd_cpuidle_data *cpuidle_data; @@ -37945,13 +38086,15 @@ index 45937f8..b9a342e 100644 int ret = 0; if (IS_ERR_OR_NULL(genpd)) -@@ -2195,7 +2195,10 @@ int genpd_dev_pm_attach(struct device *dev) +@@ -2222,8 +2222,11 @@ int genpd_dev_pm_attach(struct device *dev) return ret; } - dev->pm_domain->detach = genpd_dev_pm_detach; +- dev->pm_domain->sync = genpd_dev_pm_sync; + pax_open_kernel(); + *(void **)&dev->pm_domain->detach = genpd_dev_pm_detach; ++ *(void **)&dev->pm_domain->sync = genpd_dev_pm_sync; + pax_close_kernel(); + pm_genpd_poweron(pd); @@ -37971,7 +38114,7 @@ index d2be3f9..0a3167a 100644 static DEVICE_ATTR(runtime_status, 0444, rtpm_status_show, NULL); diff --git a/drivers/base/power/wakeup.c b/drivers/base/power/wakeup.c -index aab7158..b172db2 100644 +index 7726200..a417da7 100644 --- a/drivers/base/power/wakeup.c +++ b/drivers/base/power/wakeup.c @@ -32,14 +32,14 @@ static bool pm_abort_suspend __read_mostly; @@ -38206,7 +38349,7 @@ index 7fda30e..2f27946 100644 struct board_type { diff --git a/drivers/block/cpqarray.c b/drivers/block/cpqarray.c -index 2b94403..fd6ad1f 100644 +index f749df9..5f8b9c4 100644 --- a/drivers/block/cpqarray.c +++ b/drivers/block/cpqarray.c @@ -404,7 +404,7 @@ static int cpqarray_register_ctlr(int i, struct pci_dev *pdev) @@ -38215,8 +38358,8 @@ index 2b94403..fd6ad1f 100644 } - hba[i]->access.set_intr_mask(hba[i], 0); + hba[i]->access->set_intr_mask(hba[i], 0); - if (request_irq(hba[i]->intr, do_ida_intr, - IRQF_DISABLED|IRQF_SHARED, hba[i]->devname, hba[i])) + if (request_irq(hba[i]->intr, do_ida_intr, IRQF_SHARED, + hba[i]->devname, hba[i])) { @@ -459,7 +459,7 @@ static int cpqarray_register_ctlr(int i, struct pci_dev *pdev) add_timer(&hba[i]->timer); @@ -38385,7 +38528,7 @@ index b905e98..0812ed8 100644 int rs_last_events; /* counter of read or write "events" (unit sectors) * on the lower level device when we last looked. */ diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c -index 1fc8342..7e7742b 100644 +index 81fde9e..9948c05 100644 --- a/drivers/block/drbd/drbd_main.c +++ b/drivers/block/drbd/drbd_main.c @@ -1328,7 +1328,7 @@ static int _drbd_send_ack(struct drbd_peer_device *peer_device, enum drbd_packet @@ -38417,7 +38560,7 @@ index 1fc8342..7e7742b 100644 atomic_set(&device->ap_in_flight, 0); atomic_set(&device->md_io.in_use, 0); -@@ -2684,8 +2684,8 @@ void drbd_destroy_connection(struct kref *kref) +@@ -2683,8 +2683,8 @@ void drbd_destroy_connection(struct kref *kref) struct drbd_connection *connection = container_of(kref, struct drbd_connection, kref); struct drbd_resource *resource = connection->resource; @@ -38634,19 +38777,6 @@ index d0fae55..4469096 100644 device->rs_in_flight = 0; device->rs_last_events = (int)part_stat_read(&disk->part0, sectors[0]) + -diff --git a/drivers/block/loop.c b/drivers/block/loop.c -index 773e964..e85af00 100644 ---- a/drivers/block/loop.c -+++ b/drivers/block/loop.c -@@ -234,7 +234,7 @@ static int __do_lo_send_write(struct file *file, - - file_start_write(file); - set_fs(get_ds()); -- bw = file->f_op->write(file, buf, len, &pos); -+ bw = file->f_op->write(file, (const char __force_user *)buf, len, &pos); - set_fs(old_fs); - file_end_write(file); - if (likely(bw == len)) diff --git a/drivers/block/pktcdvd.c b/drivers/block/pktcdvd.c index 09e628da..7607aaa 100644 --- a/drivers/block/pktcdvd.c @@ -38670,7 +38800,7 @@ index 09e628da..7607aaa 100644 if (ti.nwa_v) { pd->nwa = be32_to_cpu(ti.next_writable); diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c -index b67066d..515b7f4 100644 +index ec6c5c6..820ee2abc 100644 --- a/drivers/block/rbd.c +++ b/drivers/block/rbd.c @@ -64,7 +64,7 @@ @@ -38912,10 +39042,10 @@ index 5c0baa9..44011b1 100644 { struct hpet_timer __iomem *timer; diff --git a/drivers/char/i8k.c b/drivers/char/i8k.c -index 24cc4ed..f9807cf 100644 +index a43048b..14724d5 100644 --- a/drivers/char/i8k.c +++ b/drivers/char/i8k.c -@@ -788,7 +788,7 @@ static const struct i8k_config_data i8k_config_data[] = { +@@ -790,7 +790,7 @@ static const struct i8k_config_data i8k_config_data[] = { }, }; @@ -38925,7 +39055,7 @@ index 24cc4ed..f9807cf 100644 .ident = "Dell Inspiron", .matches = { diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c -index 9bb5928..57a7801 100644 +index bf75f63..359fa10 100644 --- a/drivers/char/ipmi/ipmi_msghandler.c +++ b/drivers/char/ipmi/ipmi_msghandler.c @@ -436,7 +436,7 @@ struct ipmi_smi { @@ -38959,7 +39089,7 @@ index 9bb5928..57a7801 100644 intf->proc_dir = NULL; diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c -index 518585c..6c985cef 100644 +index 8a45e92..e41b1c7 100644 --- a/drivers/char/ipmi/ipmi_si_intf.c +++ b/drivers/char/ipmi/ipmi_si_intf.c @@ -289,7 +289,7 @@ struct smi_info { @@ -38983,7 +39113,7 @@ index 518585c..6c985cef 100644 #define SI_MAX_PARMS 4 -@@ -3498,7 +3498,7 @@ static int try_smi_init(struct smi_info *new_smi) +@@ -3500,7 +3500,7 @@ static int try_smi_init(struct smi_info *new_smi) atomic_set(&new_smi->req_events, 0); new_smi->run_to_completion = false; for (i = 0; i < SI_NUM_STATS; i++) @@ -38993,7 +39123,7 @@ index 518585c..6c985cef 100644 new_smi->interrupt_disabled = true; atomic_set(&new_smi->need_watch, 0); diff --git a/drivers/char/mem.c b/drivers/char/mem.c -index 297110c..3f69b43 100644 +index 6b1721f..fda9398 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -18,6 +18,7 @@ @@ -39122,7 +39252,7 @@ index 297110c..3f69b43 100644 return -EFAULT; buf += sz; p += sz; -@@ -804,6 +853,9 @@ static const struct memdev { +@@ -802,6 +851,9 @@ static const struct memdev { #ifdef CONFIG_PRINTK [11] = { "kmsg", 0644, &kmsg_fops, 0 }, #endif @@ -39132,7 +39262,7 @@ index 297110c..3f69b43 100644 }; static int memory_open(struct inode *inode, struct file *filp) -@@ -865,7 +917,7 @@ static int __init chr_dev_init(void) +@@ -863,7 +915,7 @@ static int __init chr_dev_init(void) continue; device_create(mem_class, NULL, MKDEV(MEM_MAJOR, minor), @@ -39391,7 +39521,7 @@ index 3a56a13..f8cbd25 100644 return 0; } diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c -index 72d7028..1586601 100644 +index 50754d20..9561cdc 100644 --- a/drivers/char/virtio_console.c +++ b/drivers/char/virtio_console.c @@ -685,7 +685,7 @@ static ssize_t fill_readbuf(struct port *port, char __user *out_buf, @@ -39425,152 +39555,6 @@ index 956b7e5..b655045 100644 composite = kzalloc(sizeof(*composite), GFP_KERNEL); if (!composite) { -diff --git a/drivers/clk/hisilicon/clk-hi3620.c b/drivers/clk/hisilicon/clk-hi3620.c -index 2e4f6d4..b4cf487 100644 ---- a/drivers/clk/hisilicon/clk-hi3620.c -+++ b/drivers/clk/hisilicon/clk-hi3620.c -@@ -38,44 +38,44 @@ - #include "clk.h" - - /* clock parent list */ --static const char *timer0_mux_p[] __initconst = { "osc32k", "timerclk01", }; --static const char *timer1_mux_p[] __initconst = { "osc32k", "timerclk01", }; --static const char *timer2_mux_p[] __initconst = { "osc32k", "timerclk23", }; --static const char *timer3_mux_p[] __initconst = { "osc32k", "timerclk23", }; --static const char *timer4_mux_p[] __initconst = { "osc32k", "timerclk45", }; --static const char *timer5_mux_p[] __initconst = { "osc32k", "timerclk45", }; --static const char *timer6_mux_p[] __initconst = { "osc32k", "timerclk67", }; --static const char *timer7_mux_p[] __initconst = { "osc32k", "timerclk67", }; --static const char *timer8_mux_p[] __initconst = { "osc32k", "timerclk89", }; --static const char *timer9_mux_p[] __initconst = { "osc32k", "timerclk89", }; --static const char *uart0_mux_p[] __initconst = { "osc26m", "pclk", }; --static const char *uart1_mux_p[] __initconst = { "osc26m", "pclk", }; --static const char *uart2_mux_p[] __initconst = { "osc26m", "pclk", }; --static const char *uart3_mux_p[] __initconst = { "osc26m", "pclk", }; --static const char *uart4_mux_p[] __initconst = { "osc26m", "pclk", }; --static const char *spi0_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; --static const char *spi1_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; --static const char *spi2_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; -+static const char * const timer0_mux_p[] __initconst = { "osc32k", "timerclk01", }; -+static const char * const timer1_mux_p[] __initconst = { "osc32k", "timerclk01", }; -+static const char * const timer2_mux_p[] __initconst = { "osc32k", "timerclk23", }; -+static const char * const timer3_mux_p[] __initconst = { "osc32k", "timerclk23", }; -+static const char * const timer4_mux_p[] __initconst = { "osc32k", "timerclk45", }; -+static const char * const timer5_mux_p[] __initconst = { "osc32k", "timerclk45", }; -+static const char * const timer6_mux_p[] __initconst = { "osc32k", "timerclk67", }; -+static const char * const timer7_mux_p[] __initconst = { "osc32k", "timerclk67", }; -+static const char * const timer8_mux_p[] __initconst = { "osc32k", "timerclk89", }; -+static const char * const timer9_mux_p[] __initconst = { "osc32k", "timerclk89", }; -+static const char * const uart0_mux_p[] __initconst = { "osc26m", "pclk", }; -+static const char * const uart1_mux_p[] __initconst = { "osc26m", "pclk", }; -+static const char * const uart2_mux_p[] __initconst = { "osc26m", "pclk", }; -+static const char * const uart3_mux_p[] __initconst = { "osc26m", "pclk", }; -+static const char * const uart4_mux_p[] __initconst = { "osc26m", "pclk", }; -+static const char * const spi0_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; -+static const char * const spi1_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; -+static const char * const spi2_mux_p[] __initconst = { "osc26m", "rclk_cfgaxi", }; - /* share axi parent */ --static const char *saxi_mux_p[] __initconst = { "armpll3", "armpll2", }; --static const char *pwm0_mux_p[] __initconst = { "osc32k", "osc26m", }; --static const char *pwm1_mux_p[] __initconst = { "osc32k", "osc26m", }; --static const char *sd_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *mmc1_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *mmc1_mux2_p[] __initconst = { "osc26m", "mmc1_div", }; --static const char *g2d_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *venc_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *vdec_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *vpp_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *edc0_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *ldi0_mux_p[] __initconst = { "armpll2", "armpll4", -+static const char * const saxi_mux_p[] __initconst = { "armpll3", "armpll2", }; -+static const char * const pwm0_mux_p[] __initconst = { "osc32k", "osc26m", }; -+static const char * const pwm1_mux_p[] __initconst = { "osc32k", "osc26m", }; -+static const char * const sd_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const mmc1_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const mmc1_mux2_p[] __initconst = { "osc26m", "mmc1_div", }; -+static const char * const g2d_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const venc_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const vdec_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const vpp_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const edc0_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const ldi0_mux_p[] __initconst = { "armpll2", "armpll4", - "armpll3", "armpll5", }; --static const char *edc1_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *ldi1_mux_p[] __initconst = { "armpll2", "armpll4", -+static const char * const edc1_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const ldi1_mux_p[] __initconst = { "armpll2", "armpll4", - "armpll3", "armpll5", }; --static const char *rclk_hsic_p[] __initconst = { "armpll3", "armpll2", }; --static const char *mmc2_mux_p[] __initconst = { "armpll2", "armpll3", }; --static const char *mmc3_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const rclk_hsic_p[] __initconst = { "armpll3", "armpll2", }; -+static const char * const mmc2_mux_p[] __initconst = { "armpll2", "armpll3", }; -+static const char * const mmc3_mux_p[] __initconst = { "armpll2", "armpll3", }; - - - /* fixed rate clocks */ -diff --git a/drivers/clk/hisilicon/clk-hix5hd2.c b/drivers/clk/hisilicon/clk-hix5hd2.c -index 3f369c6..05f9ffd 100644 ---- a/drivers/clk/hisilicon/clk-hix5hd2.c -+++ b/drivers/clk/hisilicon/clk-hix5hd2.c -@@ -46,15 +46,15 @@ static struct hisi_fixed_rate_clock hix5hd2_fixed_rate_clks[] __initdata = { - { HIX5HD2_FIXED_83M, "83m", NULL, CLK_IS_ROOT, 83333333, }, - }; - --static const char *sfc_mux_p[] __initconst = { -+static const char * const sfc_mux_p[] __initconst = { - "24m", "150m", "200m", "100m", "75m", }; - static u32 sfc_mux_table[] = {0, 4, 5, 6, 7}; - --static const char *sdio_mux_p[] __initconst = { -+static const char * const sdio_mux_p[] __initconst = { - "75m", "100m", "50m", "15m", }; - static u32 sdio_mux_table[] = {0, 1, 2, 3}; - --static const char *fephy_mux_p[] __initconst = { "25m", "125m"}; -+static const char * const fephy_mux_p[] __initconst = { "25m", "125m"}; - static u32 fephy_mux_table[] = {0, 1}; - - -diff --git a/drivers/clk/rockchip/clk-rk3188.c b/drivers/clk/rockchip/clk-rk3188.c -index 7eb684c..147c6fc 100644 ---- a/drivers/clk/rockchip/clk-rk3188.c -+++ b/drivers/clk/rockchip/clk-rk3188.c -@@ -704,7 +704,7 @@ static struct rockchip_clk_branch rk3188_clk_branches[] __initdata = { - GATE(ACLK_GPS, "aclk_gps", "aclk_peri", 0, RK2928_CLKGATE_CON(8), 13, GFLAGS), - }; - --static const char *rk3188_critical_clocks[] __initconst = { -+static const char * const rk3188_critical_clocks[] __initconst = { - "aclk_cpu", - "aclk_peri", - "hclk_peri", -diff --git a/drivers/clk/rockchip/clk-rk3288.c b/drivers/clk/rockchip/clk-rk3288.c -index 05d7a0b..4fc131c 100644 ---- a/drivers/clk/rockchip/clk-rk3288.c -+++ b/drivers/clk/rockchip/clk-rk3288.c -@@ -771,7 +771,7 @@ static struct rockchip_clk_branch rk3288_clk_branches[] __initdata = { - GATE(0, "pclk_isp_in", "ext_isp", 0, RK3288_CLKGATE_CON(16), 3, GFLAGS), - }; - --static const char *rk3288_critical_clocks[] __initconst = { -+static const char * const rk3288_critical_clocks[] __initconst = { - "aclk_cpu", - "aclk_peri", - "hclk_peri", -diff --git a/drivers/clk/rockchip/clk.h b/drivers/clk/rockchip/clk.h -index 58d2e3b..0c21b0d 100644 ---- a/drivers/clk/rockchip/clk.h -+++ b/drivers/clk/rockchip/clk.h -@@ -182,7 +182,7 @@ struct clk *rockchip_clk_register_mmc(const char *name, - const char **parent_names, u8 num_parents, - void __iomem *reg, int shift); - --#define PNAME(x) static const char *x[] __initconst -+#define PNAME(x) static const char * const x[] __initconst - - enum rockchip_clk_branch_type { - branch_composite, diff --git a/drivers/clk/samsung/clk.h b/drivers/clk/samsung/clk.h index e4c7538..99c50cd 100644 --- a/drivers/clk/samsung/clk.h @@ -39652,58 +39636,6 @@ index de6da95..c98278b 100644 clk = clk_register(NULL, &pll_clk->hw.hw); if (WARN_ON(IS_ERR(clk))) { -diff --git a/drivers/clk/ti/composite.c b/drivers/clk/ti/composite.c -index 3654f61..81abe81 100644 ---- a/drivers/clk/ti/composite.c -+++ b/drivers/clk/ti/composite.c -@@ -69,7 +69,7 @@ struct component_clk { - struct list_head link; - }; - --static const char * __initconst component_clk_types[] = { -+static const char * const __initconst component_clk_types[] = { - "gate", "divider", "mux" - }; - -diff --git a/drivers/clk/zynq/clkc.c b/drivers/clk/zynq/clkc.c -index f870aad..04ba1e4 100644 ---- a/drivers/clk/zynq/clkc.c -+++ b/drivers/clk/zynq/clkc.c -@@ -85,22 +85,22 @@ static DEFINE_SPINLOCK(canmioclk_lock); - static DEFINE_SPINLOCK(dbgclk_lock); - static DEFINE_SPINLOCK(aperclk_lock); - --static const char *armpll_parents[] __initconst = {"armpll_int", "ps_clk"}; --static const char *ddrpll_parents[] __initconst = {"ddrpll_int", "ps_clk"}; --static const char *iopll_parents[] __initconst = {"iopll_int", "ps_clk"}; --static const char *gem0_mux_parents[] __initconst = {"gem0_div1", "dummy_name"}; --static const char *gem1_mux_parents[] __initconst = {"gem1_div1", "dummy_name"}; --static const char *can0_mio_mux2_parents[] __initconst = {"can0_gate", -+static const char * const armpll_parents[] __initconst = {"armpll_int", "ps_clk"}; -+static const char * const ddrpll_parents[] __initconst = {"ddrpll_int", "ps_clk"}; -+static const char * const iopll_parents[] __initconst = {"iopll_int", "ps_clk"}; -+static const char * gem0_mux_parents[] __initdata = {"gem0_div1", "dummy_name"}; -+static const char * gem1_mux_parents[] __initdata = {"gem1_div1", "dummy_name"}; -+static const char * const can0_mio_mux2_parents[] __initconst = {"can0_gate", - "can0_mio_mux"}; --static const char *can1_mio_mux2_parents[] __initconst = {"can1_gate", -+static const char * const can1_mio_mux2_parents[] __initconst = {"can1_gate", - "can1_mio_mux"}; --static const char *dbg_emio_mux_parents[] __initconst = {"dbg_div", -+static const char * dbg_emio_mux_parents[] __initdata = {"dbg_div", - "dummy_name"}; - --static const char *dbgtrc_emio_input_names[] __initconst = {"trace_emio_clk"}; --static const char *gem0_emio_input_names[] __initconst = {"gem0_emio_clk"}; --static const char *gem1_emio_input_names[] __initconst = {"gem1_emio_clk"}; --static const char *swdt_ext_clk_input_names[] __initconst = {"swdt_ext_clk"}; -+static const char * const dbgtrc_emio_input_names[] __initconst = {"trace_emio_clk"}; -+static const char * const gem0_emio_input_names[] __initconst = {"gem0_emio_clk"}; -+static const char * const gem1_emio_input_names[] __initconst = {"gem1_emio_clk"}; -+static const char * const swdt_ext_clk_input_names[] __initconst = {"swdt_ext_clk"}; - - static void __init zynq_clk_register_fclk(enum zynq_clk fclk, - const char *clk_name, void __iomem *fclk_ctrl_reg, diff --git a/drivers/cpufreq/acpi-cpufreq.c b/drivers/cpufreq/acpi-cpufreq.c index b0c18ed..1713a80 100644 --- a/drivers/cpufreq/acpi-cpufreq.c @@ -39918,10 +39850,10 @@ index ad3f38f..8f086cd 100644 } EXPORT_SYMBOL_GPL(od_unregister_powersave_bias_handler); diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c -index 2c867a6..2d7d333 100644 +index c45d274..0f469f7 100644 --- a/drivers/cpufreq/intel_pstate.c +++ b/drivers/cpufreq/intel_pstate.c -@@ -133,10 +133,10 @@ struct pstate_funcs { +@@ -134,10 +134,10 @@ struct pstate_funcs { struct cpu_defaults { struct pstate_adjust_policy pid_policy; struct pstate_funcs funcs; @@ -39934,7 +39866,7 @@ index 2c867a6..2d7d333 100644 static int hwp_active; struct perf_limits { -@@ -690,18 +690,18 @@ static void intel_pstate_set_pstate(struct cpudata *cpu, int pstate) +@@ -721,18 +721,18 @@ static void intel_pstate_set_pstate(struct cpudata *cpu, int pstate) cpu->pstate.current_pstate = pstate; @@ -39960,10 +39892,10 @@ index 2c867a6..2d7d333 100644 intel_pstate_set_pstate(cpu, cpu->pstate.min_pstate); } -@@ -1030,9 +1030,9 @@ static int intel_pstate_msrs_not_valid(void) - rdmsrl(MSR_IA32_APERF, aperf); - rdmsrl(MSR_IA32_MPERF, mperf); +@@ -1056,15 +1056,15 @@ static unsigned int force_load; + static int intel_pstate_msrs_not_valid(void) + { - if (!pstate_funcs.get_max() || - !pstate_funcs.get_min() || - !pstate_funcs.get_turbo()) @@ -39972,8 +39904,6 @@ index 2c867a6..2d7d333 100644 + !pstate_funcs->get_turbo()) return -ENODEV; - rdmsrl(MSR_IA32_APERF, tmp); -@@ -1046,7 +1046,7 @@ static int intel_pstate_msrs_not_valid(void) return 0; } @@ -39982,7 +39912,7 @@ index 2c867a6..2d7d333 100644 { pid_params.sample_rate_ms = policy->sample_rate_ms; pid_params.p_gain_pct = policy->p_gain_pct; -@@ -1058,12 +1058,7 @@ static void copy_pid_params(struct pstate_adjust_policy *policy) +@@ -1076,12 +1076,7 @@ static void copy_pid_params(struct pstate_adjust_policy *policy) static void copy_cpu_funcs(struct pstate_funcs *funcs) { @@ -40157,10 +40087,10 @@ index 7d4a315..21bb886 100644 if (policy->cpu != 0) return -ENODEV; diff --git a/drivers/cpuidle/driver.c b/drivers/cpuidle/driver.c -index 2697e87..c32476c 100644 +index 5db1478..e90e25e 100644 --- a/drivers/cpuidle/driver.c +++ b/drivers/cpuidle/driver.c -@@ -194,7 +194,7 @@ static int poll_idle(struct cpuidle_device *dev, +@@ -193,7 +193,7 @@ static int poll_idle(struct cpuidle_device *dev, static void poll_idle_init(struct cpuidle_driver *drv) { @@ -40217,11 +40147,25 @@ index 8d2a772..33826c9 100644 err = pci_request_regions(pdev, name); if (err) +diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c +index 4630709..0a70e46 100644 +--- a/drivers/crypto/omap-des.c ++++ b/drivers/crypto/omap-des.c +@@ -536,9 +536,6 @@ static int omap_des_crypt_dma_stop(struct omap_des_dev *dd) + dmaengine_terminate_all(dd->dma_lch_in); + dmaengine_terminate_all(dd->dma_lch_out); + +- dma_unmap_sg(dd->dev, dd->in_sg, dd->in_sg_len, DMA_TO_DEVICE); +- dma_unmap_sg(dd->dev, dd->out_sg, dd->out_sg_len, DMA_FROM_DEVICE); +- + return err; + } + diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c -index 30b538d8..1610d75 100644 +index ca1b362..01cae6a 100644 --- a/drivers/devfreq/devfreq.c +++ b/drivers/devfreq/devfreq.c -@@ -673,7 +673,7 @@ int devfreq_add_governor(struct devfreq_governor *governor) +@@ -672,7 +672,7 @@ int devfreq_add_governor(struct devfreq_governor *governor) goto err_out; } @@ -40230,7 +40174,7 @@ index 30b538d8..1610d75 100644 list_for_each_entry(devfreq, &devfreq_list, node) { int ret = 0; -@@ -761,7 +761,7 @@ int devfreq_remove_governor(struct devfreq_governor *governor) +@@ -760,7 +760,7 @@ int devfreq_remove_governor(struct devfreq_governor *governor) } } @@ -40240,10 +40184,10 @@ index 30b538d8..1610d75 100644 mutex_unlock(&devfreq_list_lock); diff --git a/drivers/dma/sh/shdma-base.c b/drivers/dma/sh/shdma-base.c -index 8ee383d..736b5de 100644 +index 10fcaba..326f709 100644 --- a/drivers/dma/sh/shdma-base.c +++ b/drivers/dma/sh/shdma-base.c -@@ -228,8 +228,8 @@ static int shdma_alloc_chan_resources(struct dma_chan *chan) +@@ -227,8 +227,8 @@ static int shdma_alloc_chan_resources(struct dma_chan *chan) schan->slave_id = -EINVAL; } @@ -40255,7 +40199,7 @@ index 8ee383d..736b5de 100644 ret = -ENOMEM; goto edescalloc; diff --git a/drivers/dma/sh/shdmac.c b/drivers/dma/sh/shdmac.c -index 9f1d4c7..fceff78 100644 +index 11707df..2ea96f7 100644 --- a/drivers/dma/sh/shdmac.c +++ b/drivers/dma/sh/shdmac.c @@ -513,7 +513,7 @@ static int sh_dmae_nmi_handler(struct notifier_block *self, @@ -40284,7 +40228,7 @@ index 592af5f..bb1d583 100644 EXPORT_SYMBOL_GPL(edac_device_alloc_index); diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c -index c84eecb..4d7381d 100644 +index 112d63a..5443a61 100644 --- a/drivers/edac/edac_mc_sysfs.c +++ b/drivers/edac/edac_mc_sysfs.c @@ -154,7 +154,7 @@ static const char * const edac_caps[] = { @@ -40296,28 +40240,6 @@ index c84eecb..4d7381d 100644 #define DEVICE_CHANNEL(_name, _mode, _show, _store, _var) \ static struct dev_ch_attribute dev_attr_legacy_##_name = \ -@@ -1009,15 +1009,17 @@ int edac_create_sysfs_mci_device(struct mem_ctl_info *mci) - } - - if (mci->set_sdram_scrub_rate || mci->get_sdram_scrub_rate) { -+ pax_open_kernel(); - if (mci->get_sdram_scrub_rate) { -- dev_attr_sdram_scrub_rate.attr.mode |= S_IRUGO; -- dev_attr_sdram_scrub_rate.show = &mci_sdram_scrub_rate_show; -+ *(umode_t *)&dev_attr_sdram_scrub_rate.attr.mode |= S_IRUGO; -+ *(void **)&dev_attr_sdram_scrub_rate.show = &mci_sdram_scrub_rate_show; - } - - if (mci->set_sdram_scrub_rate) { -- dev_attr_sdram_scrub_rate.attr.mode |= S_IWUSR; -- dev_attr_sdram_scrub_rate.store = &mci_sdram_scrub_rate_store; -+ *(umode_t *)&dev_attr_sdram_scrub_rate.attr.mode |= S_IWUSR; -+ *(void **)&dev_attr_sdram_scrub_rate.store = &mci_sdram_scrub_rate_store; - } -+ pax_close_kernel(); - - err = device_create_file(&mci->dev, &dev_attr_sdram_scrub_rate); - if (err) { diff --git a/drivers/edac/edac_pci.c b/drivers/edac/edac_pci.c index 2cf44b4d..6dd2dc7 100644 --- a/drivers/edac/edac_pci.c @@ -40574,10 +40496,10 @@ index 4fd9961..52d60ce 100644 EXPORT_SYMBOL_GPL(cper_next_record_id); diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c -index 3061bb8..92b5fcc 100644 +index e14363d..c3d5d84 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c -@@ -160,14 +160,16 @@ static struct attribute_group efi_subsys_attr_group = { +@@ -159,14 +159,16 @@ static struct attribute_group efi_subsys_attr_group = { }; static struct efivars generic_efivars; @@ -40613,7 +40535,7 @@ index 7b2e049..a253334 100644 /* new_var */ diff --git a/drivers/firmware/efi/runtime-map.c b/drivers/firmware/efi/runtime-map.c -index 87b8e3b..c4afb35 100644 +index 5c55227..97f4978 100644 --- a/drivers/firmware/efi/runtime-map.c +++ b/drivers/firmware/efi/runtime-map.c @@ -97,7 +97,7 @@ static void map_release(struct kobject *kobj) @@ -40690,7 +40612,7 @@ index 3cfcfc6..09d6f117 100644 int ret; diff --git a/drivers/gpio/gpio-ich.c b/drivers/gpio/gpio-ich.c -index 7818cd1..1be40e5 100644 +index 4ba7ed5..1536b5d 100644 --- a/drivers/gpio/gpio-ich.c +++ b/drivers/gpio/gpio-ich.c @@ -94,7 +94,7 @@ struct ichx_desc { @@ -40703,10 +40625,10 @@ index 7818cd1..1be40e5 100644 static struct { spinlock_t lock; diff --git a/drivers/gpio/gpio-omap.c b/drivers/gpio/gpio-omap.c -index f476ae2..05e1bdd 100644 +index b232397..a3ccece 100644 --- a/drivers/gpio/gpio-omap.c +++ b/drivers/gpio/gpio-omap.c -@@ -1188,7 +1188,7 @@ static int omap_gpio_probe(struct platform_device *pdev) +@@ -1137,7 +1137,7 @@ static int omap_gpio_probe(struct platform_device *pdev) const struct omap_gpio_platform_data *pdata; struct resource *res; struct gpio_bank *bank; @@ -40716,10 +40638,10 @@ index f476ae2..05e1bdd 100644 match = of_match_device(of_match_ptr(omap_gpio_match), dev); diff --git a/drivers/gpio/gpio-rcar.c b/drivers/gpio/gpio-rcar.c -index c49522e..9a7ee54 100644 +index 1e14a6c..0442450 100644 --- a/drivers/gpio/gpio-rcar.c +++ b/drivers/gpio/gpio-rcar.c -@@ -348,7 +348,7 @@ static int gpio_rcar_probe(struct platform_device *pdev) +@@ -379,7 +379,7 @@ static int gpio_rcar_probe(struct platform_device *pdev) struct gpio_rcar_priv *p; struct resource *io, *irq; struct gpio_chip *gpio_chip; @@ -40742,10 +40664,10 @@ index c1caa45..f0f97d2 100644 return -EINVAL; } diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c -index 1ca9295..9f3d481 100644 +index 6bc612b..3932464 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c -@@ -554,8 +554,10 @@ static void gpiochip_irqchip_remove(struct gpio_chip *gpiochip) +@@ -558,8 +558,10 @@ static void gpiochip_irqchip_remove(struct gpio_chip *gpiochip) } if (gpiochip->irqchip) { @@ -40758,7 +40680,7 @@ index 1ca9295..9f3d481 100644 gpiochip->irqchip = NULL; } } -@@ -621,8 +623,11 @@ int gpiochip_irqchip_add(struct gpio_chip *gpiochip, +@@ -625,8 +627,11 @@ int gpiochip_irqchip_add(struct gpio_chip *gpiochip, gpiochip->irqchip = NULL; return -EINVAL; } @@ -40950,10 +40872,10 @@ index 9b23525..65f4110 100644 dev->driver->context_dtor(dev, ctx->handle); drm_legacy_ctxbitmap_free(dev, ctx->handle); diff --git a/drivers/gpu/drm/drm_crtc.c b/drivers/gpu/drm/drm_crtc.c -index b6f076b..2918de2 100644 +index 3007b44..420b4a3 100644 --- a/drivers/gpu/drm/drm_crtc.c +++ b/drivers/gpu/drm/drm_crtc.c -@@ -4118,7 +4118,7 @@ int drm_mode_getproperty_ioctl(struct drm_device *dev, +@@ -4176,7 +4176,7 @@ int drm_mode_getproperty_ioctl(struct drm_device *dev, goto done; } @@ -40963,7 +40885,7 @@ index b6f076b..2918de2 100644 ret = -EFAULT; goto done; diff --git a/drivers/gpu/drm/drm_drv.c b/drivers/gpu/drm/drm_drv.c -index d512134..a80a8e4 100644 +index 48f7359..8c3b594 100644 --- a/drivers/gpu/drm/drm_drv.c +++ b/drivers/gpu/drm/drm_drv.c @@ -448,7 +448,7 @@ void drm_unplug_dev(struct drm_device *dev) @@ -41108,10 +41030,10 @@ index 3d2e91c..d31c4c9 100644 item->object = NULL; } diff --git a/drivers/gpu/drm/drm_info.c b/drivers/gpu/drm/drm_info.c -index f1b32f9..394f791 100644 +index cbb4fc0..5c756cb9 100644 --- a/drivers/gpu/drm/drm_info.c +++ b/drivers/gpu/drm/drm_info.c -@@ -76,10 +76,13 @@ int drm_vm_info(struct seq_file *m, void *data) +@@ -77,10 +77,13 @@ int drm_vm_info(struct seq_file *m, void *data) struct drm_local_map *map; struct drm_map_list *r_list; @@ -41129,7 +41051,7 @@ index f1b32f9..394f791 100644 const char *type; int i; -@@ -90,7 +93,7 @@ int drm_vm_info(struct seq_file *m, void *data) +@@ -91,7 +94,7 @@ int drm_vm_info(struct seq_file *m, void *data) map = r_list->map; if (!map) continue; @@ -41139,7 +41061,7 @@ index f1b32f9..394f791 100644 else type = types[map->type]; diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c -index 2f4c4343..dd12cd2 100644 +index aa8bbb4..0f62630 100644 --- a/drivers/gpu/drm/drm_ioc32.c +++ b/drivers/gpu/drm/drm_ioc32.c @@ -457,7 +457,7 @@ static int compat_drm_infobufs(struct file *file, unsigned int cmd, @@ -41164,12 +41086,12 @@ index 2f4c4343..dd12cd2 100644 return 0; } --drm_ioctl_compat_t *drm_compat_ioctls[] = { -+drm_ioctl_compat_t drm_compat_ioctls[] = { +-static drm_ioctl_compat_t *drm_compat_ioctls[] = { ++static drm_ioctl_compat_t drm_compat_ioctls[] = { [DRM_IOCTL_NR(DRM_IOCTL_VERSION32)] = compat_drm_version, [DRM_IOCTL_NR(DRM_IOCTL_GET_UNIQUE32)] = compat_drm_getunique, [DRM_IOCTL_NR(DRM_IOCTL_GET_MAP32)] = compat_drm_getmap, -@@ -1062,7 +1062,6 @@ drm_ioctl_compat_t *drm_compat_ioctls[] = { +@@ -1062,7 +1062,6 @@ static drm_ioctl_compat_t *drm_compat_ioctls[] = { long drm_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) { unsigned int nr = DRM_IOCTL_NR(cmd); @@ -41191,10 +41113,10 @@ index 2f4c4343..dd12cd2 100644 ret = drm_ioctl(filp, cmd, arg); diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c -index 3785d66..1c489ef 100644 +index 266dcd6..d0194d9 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c -@@ -655,7 +655,7 @@ long drm_ioctl(struct file *filp, +@@ -663,7 +663,7 @@ long drm_ioctl(struct file *filp, struct drm_file *file_priv = filp->private_data; struct drm_device *dev; const struct drm_ioctl_desc *ioctl = NULL; @@ -41285,20 +41207,19 @@ index 93ec5dc..82acbaf 100644 int front_offset; } drm_i810_private_t; diff --git a/drivers/gpu/drm/i915/i915_dma.c b/drivers/gpu/drm/i915/i915_dma.c -index 1a46787..7fb387c 100644 +index 68e0c85..3303192 100644 --- a/drivers/gpu/drm/i915/i915_dma.c +++ b/drivers/gpu/drm/i915/i915_dma.c -@@ -149,6 +149,9 @@ static int i915_getparam(struct drm_device *dev, void *data, - case I915_PARAM_MMAP_VERSION: - value = 1; - break; +@@ -162,6 +162,8 @@ static int i915_getparam(struct drm_device *dev, void *data, + value = INTEL_INFO(dev)->eu_total; + if (!value) + return -ENODEV; + case I915_PARAM_HAS_LEGACY_CONTEXT: + value = drm_core_check_feature(dev, DRIVER_KMS_LEGACY_CONTEXT); -+ break; + break; default: DRM_DEBUG("Unknown parameter %d\n", param->param); - return -EINVAL; -@@ -362,7 +365,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) +@@ -376,7 +378,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) * locking inversion with the driver load path. And the access here is * completely racy anyway. So don't bother with locking for now. */ @@ -41308,10 +41229,10 @@ index 1a46787..7fb387c 100644 static const struct vga_switcheroo_client_ops i915_switcheroo_ops = { diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c -index 38a7425..5322b16 100644 +index a3190e79..86b06cb 100644 --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c -@@ -872,12 +872,12 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) +@@ -936,12 +936,12 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) static int validate_exec_list(struct drm_device *dev, struct drm_i915_gem_exec_object2 *exec, @@ -41385,10 +41306,10 @@ index 176de63..b50b66a 100644 ret = drm_ioctl(filp, cmd, arg); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index f75173c..f283e45 100644 +index d0f3cbc..f3ab4cc 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c -@@ -13056,13 +13056,13 @@ struct intel_quirk { +@@ -13604,13 +13604,13 @@ struct intel_quirk { int subsystem_vendor; int subsystem_device; void (*hook)(struct drm_device *dev); @@ -41404,7 +41325,7 @@ index f75173c..f283e45 100644 static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) { -@@ -13070,18 +13070,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) +@@ -13618,18 +13618,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) return 1; } @@ -41436,7 +41357,7 @@ index f75173c..f283e45 100644 }, }; diff --git a/drivers/gpu/drm/imx/imx-drm-core.c b/drivers/gpu/drm/imx/imx-drm-core.c -index a002f53..0d60514 100644 +index 74f505b..21f6914 100644 --- a/drivers/gpu/drm/imx/imx-drm-core.c +++ b/drivers/gpu/drm/imx/imx-drm-core.c @@ -355,7 +355,7 @@ int imx_drm_add_crtc(struct drm_device *drm, struct drm_crtc *crtc, @@ -41551,10 +41472,10 @@ index 0190b69..60c3eaf 100644 #define BIT_TABLE(id, funcid) ((struct bit_table){ id, parse_bit_##funcid##_tbl_entry }) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c -index 8763deb..936b423 100644 +index 8904933..9624b38 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c -@@ -940,7 +940,8 @@ static struct drm_driver +@@ -941,7 +941,8 @@ static struct drm_driver driver_stub = { .driver_features = DRIVER_USE_AGP | @@ -41565,10 +41486,10 @@ index 8763deb..936b423 100644 .load = nouveau_drm_load, .unload = nouveau_drm_unload, diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.h b/drivers/gpu/drm/nouveau/nouveau_drm.h -index fc68f09..0511d71 100644 +index dd72652..1fd2368 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.h +++ b/drivers/gpu/drm/nouveau/nouveau_drm.h -@@ -121,7 +121,6 @@ struct nouveau_drm { +@@ -123,7 +123,6 @@ struct nouveau_drm { struct drm_global_reference mem_global_ref; struct ttm_bo_global_ref bo_global_ref; struct ttm_bo_device bdev; @@ -41590,10 +41511,10 @@ index 462679a..88e32a7 100644 if (nr < DRM_COMMAND_BASE) diff --git a/drivers/gpu/drm/nouveau/nouveau_ttm.c b/drivers/gpu/drm/nouveau/nouveau_ttm.c -index 273e501..3b6c0a2 100644 +index 18f4497..10f6025 100644 --- a/drivers/gpu/drm/nouveau/nouveau_ttm.c +++ b/drivers/gpu/drm/nouveau/nouveau_ttm.c -@@ -127,11 +127,11 @@ nouveau_vram_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) +@@ -130,11 +130,11 @@ nouveau_vram_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) } const struct ttm_mem_type_manager_func nouveau_vram_manager = { @@ -41610,7 +41531,7 @@ index 273e501..3b6c0a2 100644 }; static int -@@ -195,11 +195,11 @@ nouveau_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) +@@ -198,11 +198,11 @@ nouveau_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) } const struct ttm_mem_type_manager_func nouveau_gart_manager = { @@ -41627,7 +41548,7 @@ index 273e501..3b6c0a2 100644 }; /*XXX*/ -@@ -268,11 +268,11 @@ nv04_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) +@@ -271,11 +271,11 @@ nv04_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) } const struct ttm_mem_type_manager_func nv04_gart_manager = { @@ -42005,7 +41926,7 @@ index b928c17..e5d9400 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index aa232fd..7e5f6e1 100644 +index a7fdfa4..04a3964 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c @@ -1247,7 +1247,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) @@ -42143,10 +42064,10 @@ index edafd3c..3af7c9c 100644 vma->vm_ops = &radeon_ttm_vm_ops; return 0; diff --git a/drivers/gpu/drm/tegra/dc.c b/drivers/gpu/drm/tegra/dc.c -index 1a52522..8e78043 100644 +index a287e4f..df1d5dd 100644 --- a/drivers/gpu/drm/tegra/dc.c +++ b/drivers/gpu/drm/tegra/dc.c -@@ -1585,7 +1585,7 @@ static int tegra_dc_debugfs_init(struct tegra_dc *dc, struct drm_minor *minor) +@@ -1594,7 +1594,7 @@ static int tegra_dc_debugfs_init(struct tegra_dc *dc, struct drm_minor *minor) } for (i = 0; i < ARRAY_SIZE(debugfs_files); i++) @@ -42169,7 +42090,7 @@ index ed970f6..4eeea42 100644 struct dentry *debugfs; diff --git a/drivers/gpu/drm/tegra/hdmi.c b/drivers/gpu/drm/tegra/hdmi.c -index 7eaaee74..cc2bc04 100644 +index 06ab178..b5324e4 100644 --- a/drivers/gpu/drm/tegra/hdmi.c +++ b/drivers/gpu/drm/tegra/hdmi.c @@ -64,7 +64,7 @@ struct tegra_hdmi { @@ -42638,10 +42559,10 @@ index 37ac7b5..d52a5c9 100644 /* copy over all the bus versions */ if (dev->bus && dev->bus->pm) { diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c -index 56ce8c2..32ce524 100644 +index 722a925..594c312 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c -@@ -2531,7 +2531,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); +@@ -2552,7 +2552,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); int hid_add_device(struct hid_device *hdev) { @@ -42650,7 +42571,7 @@ index 56ce8c2..32ce524 100644 int ret; if (WARN_ON(hdev->status & HID_STAT_ADDED)) -@@ -2574,7 +2574,7 @@ int hid_add_device(struct hid_device *hdev) +@@ -2595,7 +2595,7 @@ int hid_add_device(struct hid_device *hdev) /* XXX hack, any other cleaner solution after the driver core * is converted to allow more than 20 bytes as the device name? */ dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, @@ -42659,6 +42580,28 @@ index 56ce8c2..32ce524 100644 hid_debug_register(hdev, dev_name(&hdev->dev)); ret = device_add(&hdev->dev); +diff --git a/drivers/hid/hid-sensor-custom.c b/drivers/hid/hid-sensor-custom.c +index 5614fee..8301fbf 100644 +--- a/drivers/hid/hid-sensor-custom.c ++++ b/drivers/hid/hid-sensor-custom.c +@@ -34,7 +34,7 @@ struct hid_sensor_custom_field { + int report_id; + char group_name[HID_CUSTOM_NAME_LENGTH]; + struct hid_sensor_hub_attribute_info attribute; +- struct device_attribute sd_attrs[HID_CUSTOM_MAX_CORE_ATTRS]; ++ device_attribute_no_const sd_attrs[HID_CUSTOM_MAX_CORE_ATTRS]; + char attr_name[HID_CUSTOM_TOTAL_ATTRS][HID_CUSTOM_NAME_LENGTH]; + struct attribute *attrs[HID_CUSTOM_TOTAL_ATTRS]; + struct attribute_group hid_custom_attribute_group; +@@ -590,7 +590,7 @@ static int hid_sensor_custom_add_attributes(struct hid_sensor_custom + j = 0; + while (j < HID_CUSTOM_TOTAL_ATTRS && + hid_custom_attrs[j].name) { +- struct device_attribute *device_attr; ++ device_attribute_no_const *device_attr; + + device_attr = &sensor_inst->fields[i].sd_attrs[j]; + diff --git a/drivers/hid/hid-wiimote-debug.c b/drivers/hid/hid-wiimote-debug.c index c13fb5b..55a3802 100644 --- a/drivers/hid/hid-wiimote-debug.c @@ -42673,10 +42616,10 @@ index c13fb5b..55a3802 100644 *off += size; diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c -index 00bc30e..d8e5097 100644 +index 54da66d..aa3a3d7 100644 --- a/drivers/hv/channel.c +++ b/drivers/hv/channel.c -@@ -370,7 +370,7 @@ int vmbus_establish_gpadl(struct vmbus_channel *channel, void *kbuffer, +@@ -373,7 +373,7 @@ int vmbus_establish_gpadl(struct vmbus_channel *channel, void *kbuffer, int ret = 0; next_gpadl_handle = @@ -42686,7 +42629,7 @@ index 00bc30e..d8e5097 100644 ret = create_gpadl_header(kbuffer, size, &msginfo, &msgcount); if (ret) diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c -index 50e51a5..b0bfd78 100644 +index d3943bc..3de28a9 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -118,7 +118,7 @@ static u64 do_hypercall(u64 control, void *input, void *output) @@ -42708,10 +42651,10 @@ index 50e51a5..b0bfd78 100644 if (!virtaddr) goto cleanup; diff --git a/drivers/hv/hv_balloon.c b/drivers/hv/hv_balloon.c -index ff16938..e60879c 100644 +index cb5b7dc..6052f22 100644 --- a/drivers/hv/hv_balloon.c +++ b/drivers/hv/hv_balloon.c -@@ -470,7 +470,7 @@ MODULE_PARM_DESC(hot_add, "If set attempt memory hot_add"); +@@ -469,7 +469,7 @@ MODULE_PARM_DESC(hot_add, "If set attempt memory hot_add"); module_param(pressure_report_delay, uint, (S_IRUGO | S_IWUSR)); MODULE_PARM_DESC(pressure_report_delay, "Delay in secs in reporting pressure"); @@ -42720,7 +42663,7 @@ index ff16938..e60879c 100644 static int dm_ring_size = (5 * PAGE_SIZE); -@@ -947,7 +947,7 @@ static void hot_add_req(struct work_struct *dummy) +@@ -941,7 +941,7 @@ static void hot_add_req(struct work_struct *dummy) pr_info("Memory hot add failed\n"); dm->state = DM_INITIALIZED; @@ -42729,7 +42672,7 @@ index ff16938..e60879c 100644 vmbus_sendpacket(dm->dev->channel, &resp, sizeof(struct dm_hot_add_response), (unsigned long)NULL, -@@ -1028,7 +1028,7 @@ static void post_status(struct hv_dynmem_device *dm) +@@ -1022,7 +1022,7 @@ static void post_status(struct hv_dynmem_device *dm) memset(&status, 0, sizeof(struct dm_status)); status.hdr.type = DM_STATUS_REPORT; status.hdr.size = sizeof(struct dm_status); @@ -42737,8 +42680,8 @@ index ff16938..e60879c 100644 + status.hdr.trans_id = atomic_inc_return_unchecked(&trans_id); /* - * The host expects the guest to report free memory. -@@ -1048,7 +1048,7 @@ static void post_status(struct hv_dynmem_device *dm) + * The host expects the guest to report free and committed memory. +@@ -1046,7 +1046,7 @@ static void post_status(struct hv_dynmem_device *dm) * send the status. This can happen if we were interrupted * after we picked our transaction ID. */ @@ -42747,7 +42690,7 @@ index ff16938..e60879c 100644 return; /* -@@ -1188,7 +1188,7 @@ static void balloon_up(struct work_struct *dummy) +@@ -1191,7 +1191,7 @@ static void balloon_up(struct work_struct *dummy) */ do { @@ -42756,7 +42699,7 @@ index ff16938..e60879c 100644 ret = vmbus_sendpacket(dm_device.dev->channel, bl_resp, bl_resp->hdr.size, -@@ -1234,7 +1234,7 @@ static void balloon_down(struct hv_dynmem_device *dm, +@@ -1237,7 +1237,7 @@ static void balloon_down(struct hv_dynmem_device *dm, memset(&resp, 0, sizeof(struct dm_unballoon_response)); resp.hdr.type = DM_UNBALLOON_RESPONSE; @@ -42765,7 +42708,7 @@ index ff16938..e60879c 100644 resp.hdr.size = sizeof(struct dm_unballoon_response); vmbus_sendpacket(dm_device.dev->channel, &resp, -@@ -1295,7 +1295,7 @@ static void version_resp(struct hv_dynmem_device *dm, +@@ -1298,7 +1298,7 @@ static void version_resp(struct hv_dynmem_device *dm, memset(&version_req, 0, sizeof(struct dm_version_request)); version_req.hdr.type = DM_VERSION_REQUEST; version_req.hdr.size = sizeof(struct dm_version_request); @@ -42774,7 +42717,7 @@ index ff16938..e60879c 100644 version_req.version.version = DYNMEM_PROTOCOL_VERSION_WIN7; version_req.is_last_attempt = 1; -@@ -1468,7 +1468,7 @@ static int balloon_probe(struct hv_device *dev, +@@ -1471,7 +1471,7 @@ static int balloon_probe(struct hv_device *dev, memset(&version_req, 0, sizeof(struct dm_version_request)); version_req.hdr.type = DM_VERSION_REQUEST; version_req.hdr.size = sizeof(struct dm_version_request); @@ -42783,7 +42726,7 @@ index ff16938..e60879c 100644 version_req.version.version = DYNMEM_PROTOCOL_VERSION_WIN8; version_req.is_last_attempt = 0; -@@ -1499,7 +1499,7 @@ static int balloon_probe(struct hv_device *dev, +@@ -1502,7 +1502,7 @@ static int balloon_probe(struct hv_device *dev, memset(&cap_msg, 0, sizeof(struct dm_capabilities)); cap_msg.hdr.type = DM_CAPABILITIES_REPORT; cap_msg.hdr.size = sizeof(struct dm_capabilities); @@ -42793,10 +42736,10 @@ index ff16938..e60879c 100644 cap_msg.caps.cap_bits.balloon = 1; cap_msg.caps.cap_bits.hot_add = 1; diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h -index 44b1c94..6dccc2c 100644 +index 887287a..238a626 100644 --- a/drivers/hv/hyperv_vmbus.h +++ b/drivers/hv/hyperv_vmbus.h -@@ -632,7 +632,7 @@ enum vmbus_connect_state { +@@ -645,7 +645,7 @@ enum vmbus_connect_state { struct vmbus_connection { enum vmbus_connect_state conn_state; @@ -42805,23 +42748,6 @@ index 44b1c94..6dccc2c 100644 /* * Represents channel interrupts. Each bit position represents a -diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c -index f518b8d7..4bc0b64 100644 ---- a/drivers/hv/vmbus_drv.c -+++ b/drivers/hv/vmbus_drv.c -@@ -840,10 +840,10 @@ int vmbus_device_register(struct hv_device *child_device_obj) - { - int ret = 0; - -- static atomic_t device_num = ATOMIC_INIT(0); -+ static atomic_unchecked_t device_num = ATOMIC_INIT(0); - - dev_set_name(&child_device_obj->device, "vmbus_0_%d", -- atomic_inc_return(&device_num)); -+ atomic_inc_return_unchecked(&device_num)); - - child_device_obj->device.bus = &hv_bus; - child_device_obj->device.parent = &hv_acpi_dev->dev; diff --git a/drivers/hwmon/acpi_power_meter.c b/drivers/hwmon/acpi_power_meter.c index 579bdf9..0dac21d5 100644 --- a/drivers/hwmon/acpi_power_meter.c @@ -42895,10 +42821,10 @@ index cccef87..06ce8ec 100644 { sysfs_attr_init(&attr->attr); diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c -index 5b7fec8..05c957a 100644 +index ed303ba..e24bd26f 100644 --- a/drivers/hwmon/coretemp.c +++ b/drivers/hwmon/coretemp.c -@@ -783,7 +783,7 @@ static int coretemp_cpu_callback(struct notifier_block *nfb, +@@ -782,7 +782,7 @@ static int coretemp_cpu_callback(struct notifier_block *nfb, return NOTIFY_OK; } @@ -42953,10 +42879,10 @@ index 37f0170..414ec2c 100644 int i, j, count; diff --git a/drivers/hwmon/nct6775.c b/drivers/hwmon/nct6775.c -index 0773930..6f04305 100644 +index bd1c99d..2fa55ad 100644 --- a/drivers/hwmon/nct6775.c +++ b/drivers/hwmon/nct6775.c -@@ -952,10 +952,10 @@ static struct attribute_group * +@@ -953,10 +953,10 @@ static struct attribute_group * nct6775_create_attr_group(struct device *dev, struct sensor_template_group *tg, int repeat) { @@ -43163,7 +43089,7 @@ index 4df97f6..c751151 100644 struct iio_chan_spec const *chan, ssize_t (*readfunc)(struct device *dev, diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c -index e28a494..f7c2671 100644 +index 0271608..81998c5 100644 --- a/drivers/infiniband/core/cm.c +++ b/drivers/infiniband/core/cm.c @@ -115,7 +115,7 @@ static char const counter_group_names[CM_COUNTER_GROUPS] @@ -43175,7 +43101,7 @@ index e28a494..f7c2671 100644 }; struct cm_counter_attribute { -@@ -1398,7 +1398,7 @@ static void cm_dup_req_handler(struct cm_work *work, +@@ -1397,7 +1397,7 @@ static void cm_dup_req_handler(struct cm_work *work, struct ib_mad_send_buf *msg = NULL; int ret; @@ -43184,7 +43110,7 @@ index e28a494..f7c2671 100644 counter[CM_REQ_COUNTER]); /* Quick state check to discard duplicate REQs. */ -@@ -1785,7 +1785,7 @@ static void cm_dup_rep_handler(struct cm_work *work) +@@ -1784,7 +1784,7 @@ static void cm_dup_rep_handler(struct cm_work *work) if (!cm_id_priv) return; @@ -43193,7 +43119,7 @@ index e28a494..f7c2671 100644 counter[CM_REP_COUNTER]); ret = cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg); if (ret) -@@ -1952,7 +1952,7 @@ static int cm_rtu_handler(struct cm_work *work) +@@ -1951,7 +1951,7 @@ static int cm_rtu_handler(struct cm_work *work) if (cm_id_priv->id.state != IB_CM_REP_SENT && cm_id_priv->id.state != IB_CM_MRA_REP_RCVD) { spin_unlock_irq(&cm_id_priv->lock); @@ -43202,7 +43128,7 @@ index e28a494..f7c2671 100644 counter[CM_RTU_COUNTER]); goto out; } -@@ -2135,7 +2135,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2134,7 +2134,7 @@ static int cm_dreq_handler(struct cm_work *work) cm_id_priv = cm_acquire_id(dreq_msg->remote_comm_id, dreq_msg->local_comm_id); if (!cm_id_priv) { @@ -43211,7 +43137,7 @@ index e28a494..f7c2671 100644 counter[CM_DREQ_COUNTER]); cm_issue_drep(work->port, work->mad_recv_wc); return -EINVAL; -@@ -2160,7 +2160,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2159,7 +2159,7 @@ static int cm_dreq_handler(struct cm_work *work) case IB_CM_MRA_REP_RCVD: break; case IB_CM_TIMEWAIT: @@ -43220,7 +43146,7 @@ index e28a494..f7c2671 100644 counter[CM_DREQ_COUNTER]); if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) goto unlock; -@@ -2174,7 +2174,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2173,7 +2173,7 @@ static int cm_dreq_handler(struct cm_work *work) cm_free_msg(msg); goto deref; case IB_CM_DREQ_RCVD: @@ -43229,7 +43155,7 @@ index e28a494..f7c2671 100644 counter[CM_DREQ_COUNTER]); goto unlock; default: -@@ -2541,7 +2541,7 @@ static int cm_mra_handler(struct cm_work *work) +@@ -2540,7 +2540,7 @@ static int cm_mra_handler(struct cm_work *work) ib_modify_mad(cm_id_priv->av.port->mad_agent, cm_id_priv->msg, timeout)) { if (cm_id_priv->id.lap_state == IB_CM_MRA_LAP_RCVD) @@ -43238,7 +43164,7 @@ index e28a494..f7c2671 100644 counter_group[CM_RECV_DUPLICATES]. counter[CM_MRA_COUNTER]); goto out; -@@ -2550,7 +2550,7 @@ static int cm_mra_handler(struct cm_work *work) +@@ -2549,7 +2549,7 @@ static int cm_mra_handler(struct cm_work *work) break; case IB_CM_MRA_REQ_RCVD: case IB_CM_MRA_REP_RCVD: @@ -43247,7 +43173,7 @@ index e28a494..f7c2671 100644 counter[CM_MRA_COUNTER]); /* fall through */ default: -@@ -2712,7 +2712,7 @@ static int cm_lap_handler(struct cm_work *work) +@@ -2711,7 +2711,7 @@ static int cm_lap_handler(struct cm_work *work) case IB_CM_LAP_IDLE: break; case IB_CM_MRA_LAP_SENT: @@ -43256,7 +43182,7 @@ index e28a494..f7c2671 100644 counter[CM_LAP_COUNTER]); if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) goto unlock; -@@ -2728,7 +2728,7 @@ static int cm_lap_handler(struct cm_work *work) +@@ -2727,7 +2727,7 @@ static int cm_lap_handler(struct cm_work *work) cm_free_msg(msg); goto deref; case IB_CM_LAP_RCVD: @@ -43265,7 +43191,7 @@ index e28a494..f7c2671 100644 counter[CM_LAP_COUNTER]); goto unlock; default: -@@ -3012,7 +3012,7 @@ static int cm_sidr_req_handler(struct cm_work *work) +@@ -3011,7 +3011,7 @@ static int cm_sidr_req_handler(struct cm_work *work) cur_cm_id_priv = cm_insert_remote_sidr(cm_id_priv); if (cur_cm_id_priv) { spin_unlock_irq(&cm.lock); @@ -43274,7 +43200,7 @@ index e28a494..f7c2671 100644 counter[CM_SIDR_REQ_COUNTER]); goto out; /* Duplicate message. */ } -@@ -3224,10 +3224,10 @@ static void cm_send_handler(struct ib_mad_agent *mad_agent, +@@ -3223,10 +3223,10 @@ static void cm_send_handler(struct ib_mad_agent *mad_agent, if (!msg->context[0] && (attr_index != CM_REJ_COUNTER)) msg->retries = 1; @@ -43287,7 +43213,7 @@ index e28a494..f7c2671 100644 &port->counter_group[CM_XMIT_RETRIES]. counter[attr_index]); -@@ -3437,7 +3437,7 @@ static void cm_recv_handler(struct ib_mad_agent *mad_agent, +@@ -3436,7 +3436,7 @@ static void cm_recv_handler(struct ib_mad_agent *mad_agent, } attr_id = be16_to_cpu(mad_recv_wc->recv_buf.mad->mad_hdr.attr_id); @@ -43296,7 +43222,7 @@ index e28a494..f7c2671 100644 counter[attr_id - CM_ATTR_ID_OFFSET]); work = kmalloc(sizeof *work + sizeof(struct ib_sa_path_rec) * paths, -@@ -3668,7 +3668,7 @@ static ssize_t cm_show_counter(struct kobject *obj, struct attribute *attr, +@@ -3667,7 +3667,7 @@ static ssize_t cm_show_counter(struct kobject *obj, struct attribute *attr, cm_attr = container_of(attr, struct cm_counter_attribute, attr); return sprintf(buf, "%ld\n", @@ -43391,7 +43317,7 @@ index a9f0489..27a161b 100644 (unsigned long) cmd.response + sizeof resp, in_len - sizeof cmd, out_len - sizeof resp); diff --git a/drivers/infiniband/hw/cxgb4/mem.c b/drivers/infiniband/hw/cxgb4/mem.c -index 6791fd1..78bdcdf 100644 +index cff815b..75576dd 100644 --- a/drivers/infiniband/hw/cxgb4/mem.c +++ b/drivers/infiniband/hw/cxgb4/mem.c @@ -256,7 +256,7 @@ static int write_tpt_entry(struct c4iw_rdev *rdev, u32 reset_tpt_entry, @@ -43467,7 +43393,7 @@ index 1f95bba..9530f87 100644 sdata, wqe->wr.wr.atomic.swap); goto send_comp; diff --git a/drivers/infiniband/hw/mlx4/mad.c b/drivers/infiniband/hw/mlx4/mad.c -index 5904026..f1c30e5 100644 +index 9cd2b00..7486df4 100644 --- a/drivers/infiniband/hw/mlx4/mad.c +++ b/drivers/infiniband/hw/mlx4/mad.c @@ -106,7 +106,7 @@ __be64 mlx4_ib_gen_node_guid(void) @@ -43493,10 +43419,10 @@ index ed327e6..ca1739e0 100644 ctx->mcg_wq = create_singlethread_workqueue(name); if (!ctx->mcg_wq) diff --git a/drivers/infiniband/hw/mlx4/mlx4_ib.h b/drivers/infiniband/hw/mlx4/mlx4_ib.h -index f829fd9..1a8d436 100644 +index fce39343..9d8fdff 100644 --- a/drivers/infiniband/hw/mlx4/mlx4_ib.h +++ b/drivers/infiniband/hw/mlx4/mlx4_ib.h -@@ -439,7 +439,7 @@ struct mlx4_ib_demux_ctx { +@@ -435,7 +435,7 @@ struct mlx4_ib_demux_ctx { struct list_head mcg_mgid0_list; struct workqueue_struct *mcg_wq; struct mlx4_ib_demux_pv_ctx **tun; @@ -43603,7 +43529,7 @@ index 415f8e1..e34214e 100644 struct mthca_dev *dev = to_mdev(ibcq->device); struct mthca_cq *cq = to_mcq(ibcq); diff --git a/drivers/infiniband/hw/nes/nes.c b/drivers/infiniband/hw/nes/nes.c -index 3b2a6dc..bce26ff 100644 +index 9f9d5c5..3c19aac 100644 --- a/drivers/infiniband/hw/nes/nes.c +++ b/drivers/infiniband/hw/nes/nes.c @@ -97,7 +97,7 @@ MODULE_PARM_DESC(limit_maxrdreqsz, "Limit max read request size to 256 Bytes"); @@ -43615,7 +43541,7 @@ index 3b2a6dc..bce26ff 100644 static unsigned int ee_flsh_adapter; static unsigned int sysfs_nonidx_addr; -@@ -278,7 +278,7 @@ static void nes_cqp_rem_ref_callback(struct nes_device *nesdev, struct nes_cqp_r +@@ -279,7 +279,7 @@ static void nes_cqp_rem_ref_callback(struct nes_device *nesdev, struct nes_cqp_r struct nes_qp *nesqp = cqp_request->cqp_callback_pointer; struct nes_adapter *nesadapter = nesdev->nesadapter; @@ -43684,7 +43610,7 @@ index bd9d132..70d84f4 100644 extern u32 int_mod_timer_init; extern u32 int_mod_cq_depth_256; diff --git a/drivers/infiniband/hw/nes/nes_cm.c b/drivers/infiniband/hw/nes/nes_cm.c -index 6f09a72..cf4399d 100644 +index 72b4341..2600332 100644 --- a/drivers/infiniband/hw/nes/nes_cm.c +++ b/drivers/infiniband/hw/nes/nes_cm.c @@ -69,14 +69,14 @@ u32 cm_packets_dropped; @@ -43756,7 +43682,7 @@ index 6f09a72..cf4399d 100644 int nes_add_ref_cm_node(struct nes_cm_node *cm_node) { -@@ -1436,7 +1436,7 @@ static int mini_cm_dec_refcnt_listen(struct nes_cm_core *cm_core, +@@ -1461,7 +1461,7 @@ static int mini_cm_dec_refcnt_listen(struct nes_cm_core *cm_core, kfree(listener); listener = NULL; ret = 0; @@ -43765,7 +43691,7 @@ index 6f09a72..cf4399d 100644 } else { spin_unlock_irqrestore(&cm_core->listen_list_lock, flags); } -@@ -1637,7 +1637,7 @@ static struct nes_cm_node *make_cm_node(struct nes_cm_core *cm_core, +@@ -1667,7 +1667,7 @@ static struct nes_cm_node *make_cm_node(struct nes_cm_core *cm_core, cm_node->rem_mac); add_hte_node(cm_core, cm_node); @@ -43774,7 +43700,7 @@ index 6f09a72..cf4399d 100644 return cm_node; } -@@ -1698,7 +1698,7 @@ static int rem_ref_cm_node(struct nes_cm_core *cm_core, +@@ -1728,7 +1728,7 @@ static int rem_ref_cm_node(struct nes_cm_core *cm_core, } atomic_dec(&cm_core->node_cnt); @@ -43783,7 +43709,7 @@ index 6f09a72..cf4399d 100644 nesqp = cm_node->nesqp; if (nesqp) { nesqp->cm_node = NULL; -@@ -1762,7 +1762,7 @@ static int process_options(struct nes_cm_node *cm_node, u8 *optionsloc, +@@ -1792,7 +1792,7 @@ static int process_options(struct nes_cm_node *cm_node, u8 *optionsloc, static void drop_packet(struct sk_buff *skb) { @@ -43792,7 +43718,7 @@ index 6f09a72..cf4399d 100644 dev_kfree_skb_any(skb); } -@@ -1825,7 +1825,7 @@ static void handle_rst_pkt(struct nes_cm_node *cm_node, struct sk_buff *skb, +@@ -1855,7 +1855,7 @@ static void handle_rst_pkt(struct nes_cm_node *cm_node, struct sk_buff *skb, { int reset = 0; /* whether to send reset in case of err.. */ @@ -43801,7 +43727,7 @@ index 6f09a72..cf4399d 100644 nes_debug(NES_DBG_CM, "Received Reset, cm_node = %p, state = %u." " refcnt=%d\n", cm_node, cm_node->state, atomic_read(&cm_node->ref_count)); -@@ -2492,7 +2492,7 @@ static struct nes_cm_node *mini_cm_connect(struct nes_cm_core *cm_core, +@@ -2523,7 +2523,7 @@ static struct nes_cm_node *mini_cm_connect(struct nes_cm_core *cm_core, rem_ref_cm_node(cm_node->cm_core, cm_node); return NULL; } @@ -43810,7 +43736,7 @@ index 6f09a72..cf4399d 100644 loopbackremotenode->loopbackpartner = cm_node; loopbackremotenode->tcp_cntxt.rcv_wscale = NES_CM_DEFAULT_RCV_WND_SCALE; -@@ -2773,7 +2773,7 @@ static int mini_cm_recv_pkt(struct nes_cm_core *cm_core, +@@ -2804,7 +2804,7 @@ static int mini_cm_recv_pkt(struct nes_cm_core *cm_core, nes_queue_mgt_skbs(skb, nesvnic, cm_node->nesqp); else { rem_ref_cm_node(cm_core, cm_node); @@ -43819,7 +43745,7 @@ index 6f09a72..cf4399d 100644 dev_kfree_skb_any(skb); } break; -@@ -3081,7 +3081,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) +@@ -3112,7 +3112,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) if ((cm_id) && (cm_id->event_handler)) { if (issue_disconn) { @@ -43828,7 +43754,7 @@ index 6f09a72..cf4399d 100644 cm_event.event = IW_CM_EVENT_DISCONNECT; cm_event.status = disconn_status; cm_event.local_addr = cm_id->local_addr; -@@ -3103,7 +3103,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) +@@ -3134,7 +3134,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) } if (issue_close) { @@ -43837,7 +43763,7 @@ index 6f09a72..cf4399d 100644 nes_disconnect(nesqp, 1); cm_id->provider_data = nesqp; -@@ -3241,7 +3241,7 @@ int nes_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) +@@ -3272,7 +3272,7 @@ int nes_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) nes_debug(NES_DBG_CM, "QP%u, cm_node=%p, jiffies = %lu listener = %p\n", nesqp->hwqp.qp_id, cm_node, jiffies, cm_node->listener); @@ -43846,7 +43772,7 @@ index 6f09a72..cf4399d 100644 nes_debug(NES_DBG_CM, "netdev refcnt = %u.\n", netdev_refcnt_read(nesvnic->netdev)); -@@ -3439,7 +3439,7 @@ int nes_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len) +@@ -3470,7 +3470,7 @@ int nes_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len) struct nes_cm_core *cm_core; u8 *start_buff; @@ -43855,7 +43781,7 @@ index 6f09a72..cf4399d 100644 cm_node = (struct nes_cm_node *)cm_id->provider_data; loopback = cm_node->loopbackpartner; cm_core = cm_node->cm_core; -@@ -3504,7 +3504,7 @@ int nes_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) +@@ -3535,7 +3535,7 @@ int nes_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) ntohs(raddr->sin_port), ntohl(laddr->sin_addr.s_addr), ntohs(laddr->sin_port)); @@ -43864,7 +43790,7 @@ index 6f09a72..cf4399d 100644 nesqp->active_conn = 1; /* cache the cm_id in the qp */ -@@ -3649,7 +3649,7 @@ int nes_create_listen(struct iw_cm_id *cm_id, int backlog) +@@ -3680,7 +3680,7 @@ int nes_create_listen(struct iw_cm_id *cm_id, int backlog) g_cm_core->api->stop_listener(g_cm_core, (void *)cm_node); return err; } @@ -43873,7 +43799,7 @@ index 6f09a72..cf4399d 100644 } cm_id->add_ref(cm_id); -@@ -3756,7 +3756,7 @@ static void cm_event_connected(struct nes_cm_event *event) +@@ -3787,7 +3787,7 @@ static void cm_event_connected(struct nes_cm_event *event) if (nesqp->destroyed) return; @@ -43882,7 +43808,7 @@ index 6f09a72..cf4399d 100644 nes_debug(NES_DBG_CM, "QP%u attempting to connect to 0x%08X:0x%04X on" " local port 0x%04X. jiffies = %lu.\n", nesqp->hwqp.qp_id, ntohl(raddr->sin_addr.s_addr), -@@ -3941,7 +3941,7 @@ static void cm_event_reset(struct nes_cm_event *event) +@@ -3972,7 +3972,7 @@ static void cm_event_reset(struct nes_cm_event *event) cm_id->add_ref(cm_id); ret = cm_id->event_handler(cm_id, &cm_event); @@ -43891,7 +43817,7 @@ index 6f09a72..cf4399d 100644 cm_event.event = IW_CM_EVENT_CLOSE; cm_event.status = 0; cm_event.provider_data = cm_id->provider_data; -@@ -3981,7 +3981,7 @@ static void cm_event_mpa_req(struct nes_cm_event *event) +@@ -4012,7 +4012,7 @@ static void cm_event_mpa_req(struct nes_cm_event *event) return; cm_id = cm_node->cm_id; @@ -43900,7 +43826,7 @@ index 6f09a72..cf4399d 100644 nes_debug(NES_DBG_CM, "cm_node = %p - cm_id = %p, jiffies = %lu\n", cm_node, cm_id, jiffies); -@@ -4030,7 +4030,7 @@ static void cm_event_mpa_reject(struct nes_cm_event *event) +@@ -4061,7 +4061,7 @@ static void cm_event_mpa_reject(struct nes_cm_event *event) return; cm_id = cm_node->cm_id; @@ -44042,7 +43968,7 @@ index c0d0296..3185f57 100644 /* Blow away the connection if it exists. */ diff --git a/drivers/infiniband/hw/qib/qib.h b/drivers/infiniband/hw/qib/qib.h -index ffd48bf..83cdb56 100644 +index 7df16f7..7e1b21e 100644 --- a/drivers/infiniband/hw/qib/qib.h +++ b/drivers/infiniband/hw/qib/qib.h @@ -52,6 +52,7 @@ @@ -44122,10 +44048,10 @@ index 4a95b22..874c182 100644 #include <linux/gameport.h> #include <linux/jiffies.h> diff --git a/drivers/input/joystick/xpad.c b/drivers/input/joystick/xpad.c -index 3aa2f3f..53c00ea 100644 +index 61c7611..e1bfa38 100644 --- a/drivers/input/joystick/xpad.c +++ b/drivers/input/joystick/xpad.c -@@ -886,7 +886,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, +@@ -905,7 +905,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, static int xpad_led_probe(struct usb_xpad *xpad) { @@ -44134,7 +44060,7 @@ index 3aa2f3f..53c00ea 100644 unsigned long led_no; struct xpad_led *led; struct led_classdev *led_cdev; -@@ -899,7 +899,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) +@@ -918,7 +918,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) if (!led) return -ENOMEM; @@ -44166,10 +44092,10 @@ index ac1fa5f..5f7502c 100644 /* * PCU-B devices, both GEN_1 and GEN_2 do not have OFN sensor diff --git a/drivers/input/mouse/psmouse.h b/drivers/input/mouse/psmouse.h -index d02e1bd..d719719 100644 +index ad5a5a1..5eac214 100644 --- a/drivers/input/mouse/psmouse.h +++ b/drivers/input/mouse/psmouse.h -@@ -124,7 +124,7 @@ struct psmouse_attribute { +@@ -125,7 +125,7 @@ struct psmouse_attribute { ssize_t (*set)(struct psmouse *psmouse, void *data, const char *buf, size_t count); bool protect; @@ -44249,10 +44175,10 @@ index 92e2243..8fd9092 100644 .ident = "Shift", .matches = { diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c -index 13cfbf4..b5184d9 100644 +index ca9f4ed..b860ff1 100644 --- a/drivers/iommu/amd_iommu.c +++ b/drivers/iommu/amd_iommu.c -@@ -823,11 +823,21 @@ static void copy_cmd_to_buffer(struct amd_iommu *iommu, +@@ -829,11 +829,21 @@ static void copy_cmd_to_buffer(struct amd_iommu *iommu, static void build_completion_wait(struct iommu_cmd *cmd, u64 address) { @@ -44277,7 +44203,7 @@ index 13cfbf4..b5184d9 100644 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT); } diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c -index 2d1b203..b9f8e18 100644 +index 65075ef..53823f9 100644 --- a/drivers/iommu/arm-smmu.c +++ b/drivers/iommu/arm-smmu.c @@ -331,7 +331,7 @@ enum arm_smmu_domain_stage { @@ -44289,7 +44215,7 @@ index 2d1b203..b9f8e18 100644 spinlock_t pgtbl_lock; struct arm_smmu_cfg cfg; enum arm_smmu_domain_stage stage; -@@ -807,7 +807,7 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, +@@ -817,7 +817,7 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, { int irq, start, ret = 0; unsigned long ias, oas; @@ -44297,8 +44223,8 @@ index 2d1b203..b9f8e18 100644 + struct io_pgtable *pgtbl; struct io_pgtable_cfg pgtbl_cfg; enum io_pgtable_fmt fmt; - struct arm_smmu_domain *smmu_domain = domain->priv; -@@ -892,14 +892,16 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); +@@ -902,14 +902,16 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, }; smmu_domain->smmu = smmu; @@ -44318,7 +44244,7 @@ index 2d1b203..b9f8e18 100644 /* Initialise the context bank with our page table cfg */ arm_smmu_init_context_bank(smmu_domain, &pgtbl_cfg); -@@ -920,7 +922,7 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, +@@ -930,7 +932,7 @@ static int arm_smmu_init_domain_context(struct iommu_domain *domain, mutex_unlock(&smmu_domain->init_mutex); /* Publish page table ops for map/unmap */ @@ -44327,7 +44253,7 @@ index 2d1b203..b9f8e18 100644 return 0; out_clear_smmu: -@@ -953,8 +955,7 @@ static void arm_smmu_destroy_domain_context(struct iommu_domain *domain) +@@ -963,8 +965,7 @@ static void arm_smmu_destroy_domain_context(struct iommu_domain *domain) free_irq(irq, domain); } @@ -44337,10 +44263,10 @@ index 2d1b203..b9f8e18 100644 __arm_smmu_free_bitmap(smmu->context_map, cfg->cbndx); } -@@ -1178,13 +1179,13 @@ static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova, +@@ -1190,13 +1191,13 @@ static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova, int ret; unsigned long flags; - struct arm_smmu_domain *smmu_domain = domain->priv; + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); - struct io_pgtable_ops *ops= smmu_domain->pgtbl_ops; + struct io_pgtable *iop = smmu_domain->pgtbl; @@ -44354,10 +44280,10 @@ index 2d1b203..b9f8e18 100644 spin_unlock_irqrestore(&smmu_domain->pgtbl_lock, flags); return ret; } -@@ -1195,13 +1196,13 @@ static size_t arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova, +@@ -1207,13 +1208,13 @@ static size_t arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova, size_t ret; unsigned long flags; - struct arm_smmu_domain *smmu_domain = domain->priv; + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); - struct io_pgtable_ops *ops= smmu_domain->pgtbl_ops; + struct io_pgtable *iop = smmu_domain->pgtbl; @@ -44371,8 +44297,8 @@ index 2d1b203..b9f8e18 100644 spin_unlock_irqrestore(&smmu_domain->pgtbl_lock, flags); return ret; } -@@ -1212,7 +1213,7 @@ static phys_addr_t arm_smmu_iova_to_phys_hard(struct iommu_domain *domain, - struct arm_smmu_domain *smmu_domain = domain->priv; +@@ -1224,7 +1225,7 @@ static phys_addr_t arm_smmu_iova_to_phys_hard(struct iommu_domain *domain, + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); struct arm_smmu_device *smmu = smmu_domain->smmu; struct arm_smmu_cfg *cfg = &smmu_domain->cfg; - struct io_pgtable_ops *ops= smmu_domain->pgtbl_ops; @@ -44380,7 +44306,7 @@ index 2d1b203..b9f8e18 100644 struct device *dev = smmu->dev; void __iomem *cb_base; u32 tmp; -@@ -1235,7 +1236,7 @@ static phys_addr_t arm_smmu_iova_to_phys_hard(struct iommu_domain *domain, +@@ -1247,7 +1248,7 @@ static phys_addr_t arm_smmu_iova_to_phys_hard(struct iommu_domain *domain, dev_err(dev, "iova to phys timed out on 0x%pad. Falling back to software table walk.\n", &iova); @@ -44389,10 +44315,10 @@ index 2d1b203..b9f8e18 100644 } phys = readl_relaxed(cb_base + ARM_SMMU_CB_PAR_LO); -@@ -1256,9 +1257,9 @@ static phys_addr_t arm_smmu_iova_to_phys(struct iommu_domain *domain, +@@ -1268,9 +1269,9 @@ static phys_addr_t arm_smmu_iova_to_phys(struct iommu_domain *domain, phys_addr_t ret; unsigned long flags; - struct arm_smmu_domain *smmu_domain = domain->priv; + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); - struct io_pgtable_ops *ops= smmu_domain->pgtbl_ops; + struct io_pgtable *iop = smmu_domain->pgtbl; @@ -44401,7 +44327,7 @@ index 2d1b203..b9f8e18 100644 return 0; spin_lock_irqsave(&smmu_domain->pgtbl_lock, flags); -@@ -1266,7 +1267,7 @@ static phys_addr_t arm_smmu_iova_to_phys(struct iommu_domain *domain, +@@ -1278,7 +1279,7 @@ static phys_addr_t arm_smmu_iova_to_phys(struct iommu_domain *domain, smmu_domain->stage == ARM_SMMU_DOMAIN_S1) { ret = arm_smmu_iova_to_phys_hard(domain, iova); } else { @@ -44410,7 +44336,7 @@ index 2d1b203..b9f8e18 100644 } spin_unlock_irqrestore(&smmu_domain->pgtbl_lock, flags); -@@ -1625,7 +1626,9 @@ static int arm_smmu_device_cfg_probe(struct arm_smmu_device *smmu) +@@ -1668,7 +1669,9 @@ static int arm_smmu_device_cfg_probe(struct arm_smmu_device *smmu) size |= SZ_64K | SZ_512M; } @@ -44421,8 +44347,36 @@ index 2d1b203..b9f8e18 100644 dev_notice(smmu->dev, "\tSupported page sizes: 0x%08lx\n", size); if (smmu->features & ARM_SMMU_FEAT_TRANS_S1) +diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c +index 5ecfaf2..c87c4b1 100644 +--- a/drivers/iommu/intel-iommu.c ++++ b/drivers/iommu/intel-iommu.c +@@ -1756,8 +1756,9 @@ static int domain_init(struct dmar_domain *domain, int guest_width) + + static void domain_exit(struct dmar_domain *domain) + { ++ struct dmar_drhd_unit *drhd; ++ struct intel_iommu *iommu; + struct page *freelist = NULL; +- int i; + + /* Domain 0 is reserved, so dont process it */ + if (!domain) +@@ -1777,8 +1778,10 @@ static void domain_exit(struct dmar_domain *domain) + + /* clear attached or cached domains */ + rcu_read_lock(); +- for_each_set_bit(i, domain->iommu_bmp, g_num_of_iommus) +- iommu_detach_domain(domain, g_iommus[i]); ++ for_each_active_iommu(iommu, drhd) ++ if (domain_type_is_vm(domain) || ++ test_bit(iommu->seq_id, domain->iommu_bmp)) ++ iommu_detach_domain(domain, iommu); + rcu_read_unlock(); + + dma_free_pagelist(freelist); diff --git a/drivers/iommu/io-pgtable-arm.c b/drivers/iommu/io-pgtable-arm.c -index b610a8d..08eb879 100644 +index 4e46021..f0a24fef 100644 --- a/drivers/iommu/io-pgtable-arm.c +++ b/drivers/iommu/io-pgtable-arm.c @@ -36,12 +36,6 @@ @@ -44438,7 +44392,7 @@ index b610a8d..08eb879 100644 /* * For consistency with the architecture, we always consider * ARM_LPAE_MAX_LEVELS levels, with the walk starting at level n >=0 -@@ -302,10 +296,10 @@ static arm_lpae_iopte arm_lpae_prot_to_pte(struct arm_lpae_io_pgtable *data, +@@ -304,10 +298,10 @@ static arm_lpae_iopte arm_lpae_prot_to_pte(struct arm_lpae_io_pgtable *data, return pte; } @@ -44451,7 +44405,7 @@ index b610a8d..08eb879 100644 arm_lpae_iopte *ptep = data->pgd; int lvl = ARM_LPAE_START_LVL(data); arm_lpae_iopte prot; -@@ -445,12 +439,11 @@ static int __arm_lpae_unmap(struct arm_lpae_io_pgtable *data, +@@ -447,12 +441,11 @@ static int __arm_lpae_unmap(struct arm_lpae_io_pgtable *data, return __arm_lpae_unmap(data, iova, size, lvl + 1, ptep); } @@ -44466,7 +44420,7 @@ index b610a8d..08eb879 100644 arm_lpae_iopte *ptep = data->pgd; int lvl = ARM_LPAE_START_LVL(data); -@@ -461,10 +454,10 @@ static int arm_lpae_unmap(struct io_pgtable_ops *ops, unsigned long iova, +@@ -463,10 +456,10 @@ static int arm_lpae_unmap(struct io_pgtable_ops *ops, unsigned long iova, return unmapped; } @@ -44479,7 +44433,7 @@ index b610a8d..08eb879 100644 arm_lpae_iopte pte, *ptep = data->pgd; int lvl = ARM_LPAE_START_LVL(data); -@@ -531,6 +524,12 @@ static void arm_lpae_restrict_pgsizes(struct io_pgtable_cfg *cfg) +@@ -533,6 +526,12 @@ static void arm_lpae_restrict_pgsizes(struct io_pgtable_cfg *cfg) } } @@ -44492,7 +44446,7 @@ index b610a8d..08eb879 100644 static struct arm_lpae_io_pgtable * arm_lpae_alloc_pgtable(struct io_pgtable_cfg *cfg) { -@@ -562,11 +561,7 @@ arm_lpae_alloc_pgtable(struct io_pgtable_cfg *cfg) +@@ -564,11 +563,7 @@ arm_lpae_alloc_pgtable(struct io_pgtable_cfg *cfg) pgd_bits = va_bits - (data->bits_per_level * (data->levels - 1)); data->pgd_size = 1UL << (pgd_bits + ilog2(sizeof(arm_lpae_iopte))); @@ -44505,7 +44459,7 @@ index b610a8d..08eb879 100644 return data; } -@@ -825,9 +820,9 @@ static struct iommu_gather_ops dummy_tlb_ops __initdata = { +@@ -830,9 +825,9 @@ static struct iommu_gather_ops dummy_tlb_ops __initdata = { .flush_pgtable = dummy_flush_pgtable, }; @@ -44517,7 +44471,7 @@ index b610a8d..08eb879 100644 struct io_pgtable_cfg *cfg = &data->iop.cfg; pr_err("cfg: pgsize_bitmap 0x%lx, ias %u-bit\n", -@@ -837,9 +832,9 @@ static void __init arm_lpae_dump_ops(struct io_pgtable_ops *ops) +@@ -842,9 +837,9 @@ static void __init arm_lpae_dump_ops(struct io_pgtable_ops *ops) data->bits_per_level, data->pgd); } @@ -44529,7 +44483,7 @@ index b610a8d..08eb879 100644 selftest_running = false; \ -EFAULT; \ }) -@@ -854,30 +849,32 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) +@@ -859,30 +854,32 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) int i, j; unsigned long iova; size_t size; @@ -44571,7 +44525,7 @@ index b610a8d..08eb879 100644 /* * Distinct mappings of different granule sizes. -@@ -887,19 +884,19 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) +@@ -892,19 +889,19 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) while (j != BITS_PER_LONG) { size = 1UL << j; @@ -44597,7 +44551,7 @@ index b610a8d..08eb879 100644 iova += SZ_1G; j++; -@@ -908,15 +905,15 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) +@@ -913,15 +910,15 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) /* Partial unmap */ size = 1UL << __ffs(cfg->pgsize_bitmap); @@ -44619,7 +44573,7 @@ index b610a8d..08eb879 100644 /* Full unmap */ iova = 0; -@@ -924,25 +921,25 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) +@@ -929,25 +926,25 @@ static int __init arm_lpae_run_tests(struct io_pgtable_cfg *cfg) while (j != BITS_PER_LONG) { size = 1UL << j; @@ -44751,7 +44705,7 @@ index 10e32f6..0b276c8 100644 /** diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c -index 72e683d..c9db262 100644 +index d4f527e..8e4a4fd 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -802,7 +802,7 @@ static int iommu_bus_notifier(struct notifier_block *nb, @@ -44764,11 +44718,11 @@ index 72e683d..c9db262 100644 .ops = ops, }; diff --git a/drivers/iommu/ipmmu-vmsa.c b/drivers/iommu/ipmmu-vmsa.c -index bc39bdf..e2de272 100644 +index 1a67c53..23181d8 100644 --- a/drivers/iommu/ipmmu-vmsa.c +++ b/drivers/iommu/ipmmu-vmsa.c @@ -41,7 +41,7 @@ struct ipmmu_vmsa_domain { - struct iommu_domain *io_domain; + struct iommu_domain io_domain; struct io_pgtable_cfg cfg; - struct io_pgtable_ops *iop; @@ -44776,7 +44730,7 @@ index bc39bdf..e2de272 100644 unsigned int context_id; spinlock_t lock; /* Protects mappings */ -@@ -323,8 +323,7 @@ static int ipmmu_domain_init_context(struct ipmmu_vmsa_domain *domain) +@@ -328,8 +328,7 @@ static int ipmmu_domain_init_context(struct ipmmu_vmsa_domain *domain) domain->cfg.oas = 40; domain->cfg.tlb = &ipmmu_gather_ops; @@ -44786,7 +44740,7 @@ index bc39bdf..e2de272 100644 if (!domain->iop) return -EINVAL; -@@ -482,7 +481,7 @@ static void ipmmu_domain_destroy(struct iommu_domain *io_domain) +@@ -487,7 +486,7 @@ static void ipmmu_domain_free(struct iommu_domain *io_domain) * been detached. */ ipmmu_domain_destroy_context(domain); @@ -44795,7 +44749,7 @@ index bc39bdf..e2de272 100644 kfree(domain); } -@@ -551,7 +550,7 @@ static int ipmmu_map(struct iommu_domain *io_domain, unsigned long iova, +@@ -556,7 +555,7 @@ static int ipmmu_map(struct iommu_domain *io_domain, unsigned long iova, if (!domain) return -ENODEV; @@ -44804,16 +44758,16 @@ index bc39bdf..e2de272 100644 } static size_t ipmmu_unmap(struct iommu_domain *io_domain, unsigned long iova, -@@ -559,7 +558,7 @@ static size_t ipmmu_unmap(struct iommu_domain *io_domain, unsigned long iova, +@@ -564,7 +563,7 @@ static size_t ipmmu_unmap(struct iommu_domain *io_domain, unsigned long iova, { - struct ipmmu_vmsa_domain *domain = io_domain->priv; + struct ipmmu_vmsa_domain *domain = to_vmsa_domain(io_domain); - return domain->iop->unmap(domain->iop, iova, size); + return domain->iop->ops->unmap(domain->iop, iova, size); } static phys_addr_t ipmmu_iova_to_phys(struct iommu_domain *io_domain, -@@ -569,7 +568,7 @@ static phys_addr_t ipmmu_iova_to_phys(struct iommu_domain *io_domain, +@@ -574,7 +573,7 @@ static phys_addr_t ipmmu_iova_to_phys(struct iommu_domain *io_domain, /* TODO: Is locking needed ? */ @@ -44853,19 +44807,10 @@ index 390079e..1da9d6c 100644 bool setup_remapped_irq(int irq, struct irq_cfg *cfg, struct irq_chip *chip) diff --git a/drivers/irqchip/irq-gic.c b/drivers/irqchip/irq-gic.c -index 471e1cd..b53b870 100644 +index 01999d7..4f14bb7 100644 --- a/drivers/irqchip/irq-gic.c +++ b/drivers/irqchip/irq-gic.c -@@ -84,7 +84,7 @@ static u8 gic_cpu_map[NR_GIC_CPU_IF] __read_mostly; - * Supported arch specific GIC irq extension. - * Default make them NULL. - */ --struct irq_chip gic_arch_extn = { -+irq_chip_no_const gic_arch_extn = { - .irq_eoi = NULL, - .irq_mask = NULL, - .irq_unmask = NULL, -@@ -318,7 +318,7 @@ static void gic_handle_cascade_irq(unsigned int irq, struct irq_desc *desc) +@@ -313,7 +313,7 @@ static void gic_handle_cascade_irq(unsigned int irq, struct irq_desc *desc) chained_irq_exit(chip, desc); } @@ -44888,10 +44833,10 @@ index 9a0767b..5e5f86f 100644 void (*disable_fn)(struct irq_data *d); const char *name = dev_name(dev); diff --git a/drivers/irqchip/irq-renesas-irqc.c b/drivers/irqchip/irq-renesas-irqc.c -index 384e6ed..7a771b2 100644 +index cdf80b7..e5c3ade 100644 --- a/drivers/irqchip/irq-renesas-irqc.c +++ b/drivers/irqchip/irq-renesas-irqc.c -@@ -151,7 +151,7 @@ static int irqc_probe(struct platform_device *pdev) +@@ -179,7 +179,7 @@ static int irqc_probe(struct platform_device *pdev) struct irqc_priv *p; struct resource *io; struct resource *irq; @@ -45265,7 +45210,7 @@ index 358a574..b4987ea 100644 } else memcpy(msg, buf, count); diff --git a/drivers/isdn/mISDN/dsp_cmx.c b/drivers/isdn/mISDN/dsp_cmx.c -index 87f7dff..7300125 100644 +index 52c4382..09e0c7c 100644 --- a/drivers/isdn/mISDN/dsp_cmx.c +++ b/drivers/isdn/mISDN/dsp_cmx.c @@ -1625,7 +1625,7 @@ unsigned long dsp_spl_jiffies; /* calculate the next time to fire */ @@ -45442,10 +45387,10 @@ index a08e3ee..df8ade2 100644 cl->fn = fn; cl->wq = wq; diff --git a/drivers/md/bitmap.c b/drivers/md/bitmap.c -index 3a57679..c58cdaf 100644 +index 135a090..f7872f6 100644 --- a/drivers/md/bitmap.c +++ b/drivers/md/bitmap.c -@@ -1786,7 +1786,7 @@ void bitmap_status(struct seq_file *seq, struct bitmap *bitmap) +@@ -1927,7 +1927,7 @@ void bitmap_status(struct seq_file *seq, struct bitmap *bitmap) chunk_kb ? "KB" : "B"); if (bitmap->storage.file) { seq_printf(seq, ", file: "); @@ -45455,10 +45400,10 @@ index 3a57679..c58cdaf 100644 seq_printf(seq, "\n"); diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c -index c8a18e4..0ab43e5 100644 +index 720ceeb..030f1d4 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c -@@ -1772,7 +1772,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param) +@@ -1773,7 +1773,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param) cmd == DM_LIST_VERSIONS_CMD) return 0; @@ -45610,10 +45555,10 @@ index f8b37d4..5c5cafd 100644 schedule_work(&sc->trigger_event); } diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c -index 757f1ba..bf9ec8f 100644 +index 16ba55a..31af906 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c -@@ -303,7 +303,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, +@@ -305,7 +305,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, if (!dev_size) return 0; @@ -45645,10 +45590,10 @@ index 79f6941..b33b4e0 100644 pmd->bl_info.value_type.inc = data_block_inc; pmd->bl_info.value_type.dec = data_block_dec; diff --git a/drivers/md/dm.c b/drivers/md/dm.c -index beda011..de57372 100644 +index 2caf492..0c0dcac 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c -@@ -188,9 +188,9 @@ struct mapped_device { +@@ -191,9 +191,9 @@ struct mapped_device { /* * Event handling. */ @@ -45660,7 +45605,7 @@ index beda011..de57372 100644 struct list_head uevent_list; spinlock_t uevent_lock; /* Protect access to uevent_list */ -@@ -2170,8 +2170,8 @@ static struct mapped_device *alloc_dev(int minor) +@@ -2298,8 +2298,8 @@ static struct mapped_device *alloc_dev(int minor) spin_lock_init(&md->deferred_lock); atomic_set(&md->holders, 1); atomic_set(&md->open_count, 0); @@ -45671,7 +45616,7 @@ index beda011..de57372 100644 INIT_LIST_HEAD(&md->uevent_list); INIT_LIST_HEAD(&md->table_devices); spin_lock_init(&md->uevent_lock); -@@ -2336,7 +2336,7 @@ static void event_callback(void *context) +@@ -2466,7 +2466,7 @@ static void event_callback(void *context) dm_send_uevents(&uevents, &disk_to_dev(md->disk)->kobj); @@ -45680,7 +45625,7 @@ index beda011..de57372 100644 wake_up(&md->eventq); } -@@ -3182,18 +3182,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, +@@ -3465,18 +3465,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, uint32_t dm_next_uevent_seq(struct mapped_device *md) { @@ -45703,10 +45648,10 @@ index beda011..de57372 100644 void dm_uevent_add(struct mapped_device *md, struct list_head *elist) diff --git a/drivers/md/md.c b/drivers/md/md.c -index b7bf8ee..ee17152 100644 +index 4dbed4a..bed2a6a 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c -@@ -191,10 +191,10 @@ EXPORT_SYMBOL_GPL(bio_clone_mddev); +@@ -197,10 +197,10 @@ EXPORT_SYMBOL_GPL(bio_clone_mddev); * start build, activate spare */ static DECLARE_WAIT_QUEUE_HEAD(md_event_waiters); @@ -45719,7 +45664,7 @@ index b7bf8ee..ee17152 100644 wake_up(&md_event_waiters); } EXPORT_SYMBOL_GPL(md_new_event); -@@ -204,7 +204,7 @@ EXPORT_SYMBOL_GPL(md_new_event); +@@ -210,7 +210,7 @@ EXPORT_SYMBOL_GPL(md_new_event); */ static void md_new_event_inintr(struct mddev *mddev) { @@ -45728,7 +45673,7 @@ index b7bf8ee..ee17152 100644 wake_up(&md_event_waiters); } -@@ -1442,7 +1442,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ +@@ -1449,7 +1449,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ if ((le32_to_cpu(sb->feature_map) & MD_FEATURE_RESHAPE_ACTIVE) && (le32_to_cpu(sb->feature_map) & MD_FEATURE_NEW_OFFSET)) rdev->new_data_offset += (s32)le32_to_cpu(sb->new_offset); @@ -45737,7 +45682,7 @@ index b7bf8ee..ee17152 100644 rdev->sb_size = le32_to_cpu(sb->max_dev) * 2 + 256; bmask = queue_logical_block_size(rdev->bdev->bd_disk->queue)-1; -@@ -1693,7 +1693,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) +@@ -1700,7 +1700,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) else sb->resync_offset = cpu_to_le64(0); @@ -45746,7 +45691,7 @@ index b7bf8ee..ee17152 100644 sb->raid_disks = cpu_to_le32(mddev->raid_disks); sb->size = cpu_to_le64(mddev->dev_sectors); -@@ -2564,7 +2564,7 @@ __ATTR_PREALLOC(state, S_IRUGO|S_IWUSR, state_show, state_store); +@@ -2624,7 +2624,7 @@ __ATTR_PREALLOC(state, S_IRUGO|S_IWUSR, state_show, state_store); static ssize_t errors_show(struct md_rdev *rdev, char *page) { @@ -45755,7 +45700,7 @@ index b7bf8ee..ee17152 100644 } static ssize_t -@@ -2573,7 +2573,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) +@@ -2633,7 +2633,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) char *e; unsigned long n = simple_strtoul(buf, &e, 10); if (*buf && (*e == 0 || *e == '\n')) { @@ -45764,7 +45709,7 @@ index b7bf8ee..ee17152 100644 return len; } return -EINVAL; -@@ -3009,8 +3009,8 @@ int md_rdev_init(struct md_rdev *rdev) +@@ -3069,8 +3069,8 @@ int md_rdev_init(struct md_rdev *rdev) rdev->sb_loaded = 0; rdev->bb_page = NULL; atomic_set(&rdev->nr_pending, 0); @@ -45775,7 +45720,7 @@ index b7bf8ee..ee17152 100644 INIT_LIST_HEAD(&rdev->same_set); init_waitqueue_head(&rdev->blocked_wait); -@@ -7086,7 +7086,7 @@ static int md_seq_show(struct seq_file *seq, void *v) +@@ -7232,7 +7232,7 @@ static int md_seq_show(struct seq_file *seq, void *v) spin_unlock(&pers_lock); seq_printf(seq, "\n"); @@ -45784,7 +45729,7 @@ index b7bf8ee..ee17152 100644 return 0; } if (v == (void*)2) { -@@ -7189,7 +7189,7 @@ static int md_seq_open(struct inode *inode, struct file *file) +@@ -7335,7 +7335,7 @@ static int md_seq_open(struct inode *inode, struct file *file) return error; seq = file->private_data; @@ -45793,7 +45738,7 @@ index b7bf8ee..ee17152 100644 return error; } -@@ -7206,7 +7206,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) +@@ -7352,7 +7352,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) /* always allow read */ mask = POLLIN | POLLRDNORM; @@ -45802,7 +45747,7 @@ index b7bf8ee..ee17152 100644 mask |= POLLERR | POLLPRI; return mask; } -@@ -7253,7 +7253,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) +@@ -7448,7 +7448,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) struct gendisk *disk = rdev->bdev->bd_contains->bd_disk; curr_events = (int)part_stat_read(&disk->part0, sectors[0]) + (int)part_stat_read(&disk->part0, sectors[1]) - @@ -45812,10 +45757,10 @@ index b7bf8ee..ee17152 100644 * as sync_io is counted when a request starts, and * disk_stats is counted when it completes. diff --git a/drivers/md/md.h b/drivers/md/md.h -index 318ca8f..31e4478 100644 +index 4046a6c..e2f2997 100644 --- a/drivers/md/md.h +++ b/drivers/md/md.h -@@ -94,13 +94,13 @@ struct md_rdev { +@@ -95,13 +95,13 @@ struct md_rdev { * only maintained for arrays that * support hot removal */ @@ -45831,7 +45776,7 @@ index 318ca8f..31e4478 100644 * for reporting to userspace and storing * in superblock. */ -@@ -476,7 +476,7 @@ extern void mddev_unlock(struct mddev *mddev); +@@ -486,7 +486,7 @@ extern void mddev_unlock(struct mddev *mddev); static inline void md_sync_acct(struct block_device *bdev, unsigned long nr_sectors) { @@ -45875,10 +45820,10 @@ index 3e6d115..ffecdeb 100644 /*----------------------------------------------------------------*/ diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c -index d34e238..34f8d98 100644 +index 9157a29..0d462f0 100644 --- a/drivers/md/raid1.c +++ b/drivers/md/raid1.c -@@ -1922,7 +1922,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) +@@ -1934,7 +1934,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) if (r1_sync_page_io(rdev, sect, s, bio->bi_io_vec[idx].bv_page, READ) != 0) @@ -45887,7 +45832,7 @@ index d34e238..34f8d98 100644 } sectors -= s; sect += s; -@@ -2155,7 +2155,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, +@@ -2167,7 +2167,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, !test_bit(Faulty, &rdev->flags)) { if (r1_sync_page_io(rdev, sect, s, conf->tmppage, READ)) { @@ -45897,7 +45842,7 @@ index d34e238..34f8d98 100644 "md/raid1:%s: read error corrected " "(%d sectors at %llu on %s)\n", diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c -index a7196c4..439f012 100644 +index f55c3f3..4cca8c8 100644 --- a/drivers/md/raid10.c +++ b/drivers/md/raid10.c @@ -1934,7 +1934,7 @@ static void end_sync_read(struct bio *bio, int error) @@ -45960,10 +45905,10 @@ index a7196c4..439f012 100644 rdev_dec_pending(rdev, mddev); diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c -index 007ab86..d11593d 100644 +index b6793d2..92be2bc 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c -@@ -947,23 +947,23 @@ async_copy_data(int frombio, struct bio *bio, struct page **page, +@@ -1108,23 +1108,23 @@ async_copy_data(int frombio, struct bio *bio, struct page **page, struct bio_vec bvl; struct bvec_iter iter; struct page *bio_page; @@ -45993,7 +45938,7 @@ index 007ab86..d11593d 100644 if (page_offset < 0) { b_offset = -page_offset; -@@ -1727,6 +1727,10 @@ static int grow_one_stripe(struct r5conf *conf, int hash) +@@ -2017,6 +2017,10 @@ static int grow_one_stripe(struct r5conf *conf, gfp_t gfp) return 1; } @@ -46004,7 +45949,7 @@ index 007ab86..d11593d 100644 static int grow_stripes(struct r5conf *conf, int num) { struct kmem_cache *sc; -@@ -1738,7 +1742,11 @@ static int grow_stripes(struct r5conf *conf, int num) +@@ -2027,7 +2031,11 @@ static int grow_stripes(struct r5conf *conf, int num) "raid%d-%s", conf->level, mdname(conf->mddev)); else sprintf(conf->cache_name[0], @@ -46016,7 +45961,7 @@ index 007ab86..d11593d 100644 sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]); conf->active_name = 0; -@@ -2015,21 +2023,21 @@ static void raid5_end_read_request(struct bio * bi, int error) +@@ -2315,21 +2323,21 @@ static void raid5_end_read_request(struct bio * bi, int error) mdname(conf->mddev), STRIPE_SECTORS, (unsigned long long)s, bdevname(rdev->bdev, b)); @@ -46042,7 +45987,7 @@ index 007ab86..d11593d 100644 if (test_bit(R5_ReadRepl, &sh->dev[i].flags)) printk_ratelimited( KERN_WARNING -@@ -2057,7 +2065,7 @@ static void raid5_end_read_request(struct bio * bi, int error) +@@ -2357,7 +2365,7 @@ static void raid5_end_read_request(struct bio * bi, int error) mdname(conf->mddev), (unsigned long long)s, bdn); @@ -46052,10 +45997,10 @@ index 007ab86..d11593d 100644 printk(KERN_WARNING "md/raid:%s: Too many read errors, failing device %s.\n", diff --git a/drivers/media/dvb-core/dvbdev.c b/drivers/media/dvb-core/dvbdev.c -index 983db75..ef9248c 100644 +index 13bb57f..0ca21b2 100644 --- a/drivers/media/dvb-core/dvbdev.c +++ b/drivers/media/dvb-core/dvbdev.c -@@ -185,7 +185,7 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, +@@ -272,7 +272,7 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, const struct dvb_device *template, void *priv, int type) { struct dvb_device *dvbdev; @@ -46077,7 +46022,7 @@ index 6ad22b6..6e90e2a 100644 #endif /* AF9033_H */ diff --git a/drivers/media/dvb-frontends/dib3000.h b/drivers/media/dvb-frontends/dib3000.h -index 9b6c3bb..baeb5c7 100644 +index 6ae9899..07d8543 100644 --- a/drivers/media/dvb-frontends/dib3000.h +++ b/drivers/media/dvb-frontends/dib3000.h @@ -39,7 +39,7 @@ struct dib_fe_xfer_ops @@ -46087,10 +46032,10 @@ index 9b6c3bb..baeb5c7 100644 -}; +} __no_const; - #if IS_ENABLED(CONFIG_DVB_DIB3000MB) + #if IS_REACHABLE(CONFIG_DVB_DIB3000MB) extern struct dvb_frontend* dib3000mb_attach(const struct dib3000_config* config, diff --git a/drivers/media/dvb-frontends/dib7000p.h b/drivers/media/dvb-frontends/dib7000p.h -index 1fea0e9..321ce8f 100644 +index baa2789..c8de7fe 100644 --- a/drivers/media/dvb-frontends/dib7000p.h +++ b/drivers/media/dvb-frontends/dib7000p.h @@ -64,7 +64,7 @@ struct dib7000p_ops { @@ -46100,10 +46045,10 @@ index 1fea0e9..321ce8f 100644 -}; +} __no_const; - #if IS_ENABLED(CONFIG_DVB_DIB7000P) + #if IS_REACHABLE(CONFIG_DVB_DIB7000P) void *dib7000p_attach(struct dib7000p_ops *ops); diff --git a/drivers/media/dvb-frontends/dib8000.h b/drivers/media/dvb-frontends/dib8000.h -index 84cc103..5780c54 100644 +index 780c37b..50e2620 100644 --- a/drivers/media/dvb-frontends/dib8000.h +++ b/drivers/media/dvb-frontends/dib8000.h @@ -61,7 +61,7 @@ struct dib8000_ops { @@ -46113,10 +46058,10 @@ index 84cc103..5780c54 100644 -}; +} __no_const; - #if IS_ENABLED(CONFIG_DVB_DIB8000) + #if IS_REACHABLE(CONFIG_DVB_DIB8000) void *dib8000_attach(struct dib8000_ops *ops); diff --git a/drivers/media/pci/cx88/cx88-video.c b/drivers/media/pci/cx88/cx88-video.c -index 860c98fc..497fa25 100644 +index c9decd8..7849cec 100644 --- a/drivers/media/pci/cx88/cx88-video.c +++ b/drivers/media/pci/cx88/cx88-video.c @@ -50,9 +50,9 @@ MODULE_VERSION(CX88_VERSION); @@ -46133,7 +46078,7 @@ index 860c98fc..497fa25 100644 module_param_array(video_nr, int, NULL, 0444); module_param_array(vbi_nr, int, NULL, 0444); diff --git a/drivers/media/pci/ivtv/ivtv-driver.c b/drivers/media/pci/ivtv/ivtv-driver.c -index 802642d..5534900 100644 +index c2e60b4..5eeccc0 100644 --- a/drivers/media/pci/ivtv/ivtv-driver.c +++ b/drivers/media/pci/ivtv/ivtv-driver.c @@ -83,7 +83,7 @@ static struct pci_device_id ivtv_pci_tbl[] = { @@ -46211,7 +46156,7 @@ index c135165..dc69499 100644 /* ------------------------------------------------------------------ */ diff --git a/drivers/media/platform/omap/omap_vout.c b/drivers/media/platform/omap/omap_vout.c -index ba2d8f9..1566684 100644 +index 17b189a..b78aa6b 100644 --- a/drivers/media/platform/omap/omap_vout.c +++ b/drivers/media/platform/omap/omap_vout.c @@ -63,7 +63,6 @@ enum omap_vout_channels { @@ -46286,7 +46231,7 @@ index b713403..53cb5ad 100644 if (done && done != layer->shadow_buf) vb2_buffer_done(&done->vb, VB2_BUF_STATE_DONE); diff --git a/drivers/media/platform/s5p-tv/mixer_video.c b/drivers/media/platform/s5p-tv/mixer_video.c -index 72d4f2e..4b2ea0d 100644 +index 751f3b6..d829203 100644 --- a/drivers/media/platform/s5p-tv/mixer_video.c +++ b/drivers/media/platform/s5p-tv/mixer_video.c @@ -210,7 +210,7 @@ static void mxr_layer_default_geo(struct mxr_layer *layer) @@ -46988,19 +46933,6 @@ index 733a7ff..f8b52e3 100644 return ret; } EXPORT_SYMBOL(usb_cypress_load_firmware); -diff --git a/drivers/media/usb/dvb-usb/dw2102.c b/drivers/media/usb/dvb-usb/dw2102.c -index 1a3df10..57997a5 100644 ---- a/drivers/media/usb/dvb-usb/dw2102.c -+++ b/drivers/media/usb/dvb-usb/dw2102.c -@@ -118,7 +118,7 @@ struct su3000_state { - - struct s6x0_state { - int (*old_set_voltage)(struct dvb_frontend *f, fe_sec_voltage_t v); --}; -+} __no_const; - - /* debug */ - static int dvb_usb_dw2102_debug; diff --git a/drivers/media/usb/dvb-usb/technisat-usb2.c b/drivers/media/usb/dvb-usb/technisat-usb2.c index 5801ae7..83f71fa 100644 --- a/drivers/media/usb/dvb-usb/technisat-usb2.c @@ -47266,10 +47198,10 @@ index af63543..0436f20 100644 } diff --git a/drivers/media/v4l2-core/v4l2-device.c b/drivers/media/v4l2-core/v4l2-device.c -index 015f92a..59e311e 100644 +index 5b0a30b..1974b38 100644 --- a/drivers/media/v4l2-core/v4l2-device.c +++ b/drivers/media/v4l2-core/v4l2-device.c -@@ -75,9 +75,9 @@ int v4l2_device_put(struct v4l2_device *v4l2_dev) +@@ -74,9 +74,9 @@ int v4l2_device_put(struct v4l2_device *v4l2_dev) EXPORT_SYMBOL_GPL(v4l2_device_put); int v4l2_device_set_name(struct v4l2_device *v4l2_dev, const char *basename, @@ -47282,7 +47214,7 @@ index 015f92a..59e311e 100644 if (basename[len - 1] >= '0' && basename[len - 1] <= '9') diff --git a/drivers/media/v4l2-core/v4l2-ioctl.c b/drivers/media/v4l2-core/v4l2-ioctl.c -index b084072..36706d7 100644 +index aa407cb..ee847d4 100644 --- a/drivers/media/v4l2-core/v4l2-ioctl.c +++ b/drivers/media/v4l2-core/v4l2-ioctl.c @@ -2151,7 +2151,8 @@ struct v4l2_ioctl_info { @@ -47341,10 +47273,10 @@ index b084072..36706d7 100644 err = -EFAULT; goto out_array_args; diff --git a/drivers/memory/omap-gpmc.c b/drivers/memory/omap-gpmc.c -index 24696f5..3637780 100644 +index c94ea0d..b8a9f88 100644 --- a/drivers/memory/omap-gpmc.c +++ b/drivers/memory/omap-gpmc.c -@@ -211,7 +211,6 @@ struct omap3_gpmc_regs { +@@ -232,7 +232,6 @@ struct omap3_gpmc_regs { }; static struct gpmc_client_irq gpmc_client_irq[GPMC_NR_IRQ]; @@ -47352,7 +47284,7 @@ index 24696f5..3637780 100644 static int gpmc_irq_start; static struct resource gpmc_mem_root; -@@ -939,6 +938,17 @@ static void gpmc_irq_noop(struct irq_data *data) { } +@@ -1146,6 +1145,17 @@ static void gpmc_irq_noop(struct irq_data *data) { } static unsigned int gpmc_irq_noop_ret(struct irq_data *data) { return 0; } @@ -47370,7 +47302,7 @@ index 24696f5..3637780 100644 static int gpmc_setup_irq(void) { int i; -@@ -953,15 +963,6 @@ static int gpmc_setup_irq(void) +@@ -1160,15 +1170,6 @@ static int gpmc_setup_irq(void) return gpmc_irq_start; } @@ -47469,7 +47401,7 @@ index 5bdaae1..eced16f 100644 mptsas_get_port(struct mptsas_phyinfo *phy_info) { diff --git a/drivers/mfd/ab8500-debugfs.c b/drivers/mfd/ab8500-debugfs.c -index 9a8e185..27ff17d 100644 +index cdd6f3d..1907a98 100644 --- a/drivers/mfd/ab8500-debugfs.c +++ b/drivers/mfd/ab8500-debugfs.c @@ -100,7 +100,7 @@ static int irq_last; @@ -47482,7 +47414,7 @@ index 9a8e185..27ff17d 100644 static u8 avg_sample = SAMPLE_16; diff --git a/drivers/mfd/kempld-core.c b/drivers/mfd/kempld-core.c -index 5615522..1eb6f3dc 100644 +index 8057849..0550fdf 100644 --- a/drivers/mfd/kempld-core.c +++ b/drivers/mfd/kempld-core.c @@ -499,7 +499,7 @@ static struct platform_driver kempld_driver = { @@ -47601,7 +47533,7 @@ index 36f5d52..32311c3 100644 if (memcmp(before, after, BREAK_INSTR_SIZE)) { printk(KERN_CRIT "kgdbts: ERROR kgdb corrupted memory\n"); diff --git a/drivers/misc/lis3lv02d/lis3lv02d.c b/drivers/misc/lis3lv02d/lis3lv02d.c -index 3ef4627..8d00486 100644 +index 4739689..8a52950 100644 --- a/drivers/misc/lis3lv02d/lis3lv02d.c +++ b/drivers/misc/lis3lv02d/lis3lv02d.c @@ -497,7 +497,7 @@ static irqreturn_t lis302dl_interrupt(int irq, void *data) @@ -47935,7 +47867,7 @@ index b94d5f7..7f494c5 100644 extern int xpc_disengage_timedout; extern int xpc_activate_IRQ_rcvd; diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c -index 82dc574..8539ab2 100644 +index 7f32712..8539ab2 100644 --- a/drivers/misc/sgi-xp/xpc_main.c +++ b/drivers/misc/sgi-xp/xpc_main.c @@ -166,7 +166,7 @@ static struct notifier_block xpc_die_notifier = { @@ -47947,17 +47879,8 @@ index 82dc574..8539ab2 100644 /* * Timer function to enforce the timelimit on the partition disengage. -@@ -1210,7 +1210,7 @@ xpc_system_die(struct notifier_block *nb, unsigned long event, void *_die_args) - - if (((die_args->trapnr == X86_TRAP_MF) || - (die_args->trapnr == X86_TRAP_XF)) && -- !user_mode_vm(die_args->regs)) -+ !user_mode(die_args->regs)) - xpc_die_deactivate(); - - break; diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c -index ed2e71a..54c498e 100644 +index 60f7141..ba97c1a 100644 --- a/drivers/mmc/card/block.c +++ b/drivers/mmc/card/block.c @@ -577,7 +577,7 @@ static int mmc_blk_ioctl_cmd(struct block_device *bdev, @@ -47970,21 +47893,21 @@ index ed2e71a..54c498e 100644 goto cmd_rel_host; } diff --git a/drivers/mmc/host/dw_mmc.h b/drivers/mmc/host/dw_mmc.h -index 18c4afe..43be71e 100644 +index f45ab91..9f50d8f 100644 --- a/drivers/mmc/host/dw_mmc.h +++ b/drivers/mmc/host/dw_mmc.h -@@ -271,5 +271,5 @@ struct dw_mci_drv_data { - void (*set_ios)(struct dw_mci *host, struct mmc_ios *ios); - int (*parse_dt)(struct dw_mci *host); +@@ -287,5 +287,5 @@ struct dw_mci_drv_data { int (*execute_tuning)(struct dw_mci_slot *slot); + int (*prepare_hs400_tuning)(struct dw_mci *host, + struct mmc_ios *ios); -}; +} __do_const; #endif /* _DW_MMC_H_ */ diff --git a/drivers/mmc/host/mmci.c b/drivers/mmc/host/mmci.c -index 7fe1619..ae0781b 100644 +index fb26674..3172c2b 100644 --- a/drivers/mmc/host/mmci.c +++ b/drivers/mmc/host/mmci.c -@@ -1630,7 +1630,9 @@ static int mmci_probe(struct amba_device *dev, +@@ -1633,7 +1633,9 @@ static int mmci_probe(struct amba_device *dev, mmc->caps |= MMC_CAP_CMD23; if (variant->busy_detect) { @@ -47996,10 +47919,10 @@ index 7fe1619..ae0781b 100644 mmc->caps |= MMC_CAP_WAIT_WHILE_BUSY; mmc->max_busy_timeout = 0; diff --git a/drivers/mmc/host/omap_hsmmc.c b/drivers/mmc/host/omap_hsmmc.c -index f84cfb0..aebe5d6 100644 +index 9df2b68..6d5ed1a 100644 --- a/drivers/mmc/host/omap_hsmmc.c +++ b/drivers/mmc/host/omap_hsmmc.c -@@ -2054,7 +2054,9 @@ static int omap_hsmmc_probe(struct platform_device *pdev) +@@ -2004,7 +2004,9 @@ static int omap_hsmmc_probe(struct platform_device *pdev) if (host->pdata->controller_flags & OMAP_HSMMC_BROKEN_MULTIBLOCK_READ) { dev_info(&pdev->dev, "multiblock reads disabled due to 35xx erratum 2.1.1.128; MMC read performance may suffer\n"); @@ -48011,10 +47934,10 @@ index f84cfb0..aebe5d6 100644 pm_runtime_enable(host->dev); diff --git a/drivers/mmc/host/sdhci-esdhc-imx.c b/drivers/mmc/host/sdhci-esdhc-imx.c -index 10ef824..88461a2 100644 +index 82f512d..5a228bb 100644 --- a/drivers/mmc/host/sdhci-esdhc-imx.c +++ b/drivers/mmc/host/sdhci-esdhc-imx.c -@@ -989,9 +989,12 @@ static int sdhci_esdhc_imx_probe(struct platform_device *pdev) +@@ -993,9 +993,12 @@ static int sdhci_esdhc_imx_probe(struct platform_device *pdev) host->mmc->caps |= MMC_CAP_1_8V_DDR; } @@ -48049,7 +47972,7 @@ index c6d2dd7..81b1ca3 100644 /* It supports additional host capabilities if needed */ diff --git a/drivers/mtd/chips/cfi_cmdset_0020.c b/drivers/mtd/chips/cfi_cmdset_0020.c -index 423666b..81ff5eb 100644 +index 9a1a6ff..b8f1a57 100644 --- a/drivers/mtd/chips/cfi_cmdset_0020.c +++ b/drivers/mtd/chips/cfi_cmdset_0020.c @@ -666,7 +666,7 @@ cfi_staa_writev(struct mtd_info *mtd, const struct kvec *vecs, @@ -48062,7 +47985,7 @@ index 423666b..81ff5eb 100644 if (!ECCBUF_SIZE) { /* We should fall back to a general writev implementation. diff --git a/drivers/mtd/nand/denali.c b/drivers/mtd/nand/denali.c -index f44c606..aa4e804 100644 +index 870c7fc..c7d6440 100644 --- a/drivers/mtd/nand/denali.c +++ b/drivers/mtd/nand/denali.c @@ -24,6 +24,7 @@ @@ -48074,7 +47997,7 @@ index f44c606..aa4e804 100644 #include "denali.h" diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c -index 33f3c3c..d6bbe6a 100644 +index 1b8f350..990f2e9 100644 --- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c +++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c @@ -386,7 +386,7 @@ void prepare_data_dma(struct gpmi_nand_data *this, enum dma_data_direction dr) @@ -48138,7 +48061,7 @@ index b3b922a..80bba38 100644 .priv_size = sizeof(struct cfhsi), .setup = cfhsi_setup, diff --git a/drivers/net/can/Kconfig b/drivers/net/can/Kconfig -index 58808f65..0bdc7b3 100644 +index e8c96b8..516a96c 100644 --- a/drivers/net/can/Kconfig +++ b/drivers/net/can/Kconfig @@ -98,7 +98,7 @@ config CAN_JANZ_ICAN3 @@ -48151,10 +48074,10 @@ index 58808f65..0bdc7b3 100644 Say Y here if you want to support for Freescale FlexCAN. diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c -index b0f6924..59e9640 100644 +index e9b1810..5c2f3f9 100644 --- a/drivers/net/can/dev.c +++ b/drivers/net/can/dev.c -@@ -959,7 +959,7 @@ static int can_newlink(struct net *src_net, struct net_device *dev, +@@ -964,7 +964,7 @@ static int can_newlink(struct net *src_net, struct net_device *dev, return -EOPNOTSUPP; } @@ -48164,10 +48087,10 @@ index b0f6924..59e9640 100644 .maxtype = IFLA_CAN_MAX, .policy = can_policy, diff --git a/drivers/net/can/vcan.c b/drivers/net/can/vcan.c -index 674f367..ec3a31f 100644 +index 0ce868d..e5dc8bd 100644 --- a/drivers/net/can/vcan.c +++ b/drivers/net/can/vcan.c -@@ -163,7 +163,7 @@ static void vcan_setup(struct net_device *dev) +@@ -166,7 +166,7 @@ static void vcan_setup(struct net_device *dev) dev->destructor = free_netdev; } @@ -48207,10 +48130,10 @@ index 0443654..4f0aa18 100644 if (!request_mem_region(mem->start, mem_size, pdev->name)) { diff --git a/drivers/net/ethernet/altera/altera_tse_main.c b/drivers/net/ethernet/altera/altera_tse_main.c -index 6725dc0..163549c 100644 +index da48e66..2dbec80 100644 --- a/drivers/net/ethernet/altera/altera_tse_main.c +++ b/drivers/net/ethernet/altera/altera_tse_main.c -@@ -1216,7 +1216,7 @@ static int tse_shutdown(struct net_device *dev) +@@ -1256,7 +1256,7 @@ static int tse_shutdown(struct net_device *dev) return 0; } @@ -48219,7 +48142,7 @@ index 6725dc0..163549c 100644 .ndo_open = tse_open, .ndo_stop = tse_shutdown, .ndo_start_xmit = tse_start_xmit, -@@ -1453,11 +1453,13 @@ static int altera_tse_probe(struct platform_device *pdev) +@@ -1493,11 +1493,13 @@ static int altera_tse_probe(struct platform_device *pdev) ndev->netdev_ops = &altera_tse_netdev_ops; altera_tse_set_ethtool_ops(ndev); @@ -48234,10 +48157,10 @@ index 6725dc0..163549c 100644 /* Scatter/gather IO is not supported, * so it is turned off diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-common.h b/drivers/net/ethernet/amd/xgbe/xgbe-common.h -index 29a0927..5a348e24 100644 +index 34c28aa..5e06567 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-common.h +++ b/drivers/net/ethernet/amd/xgbe/xgbe-common.h -@@ -1122,14 +1122,14 @@ do { \ +@@ -1124,14 +1124,14 @@ do { \ * operations, everything works on mask values. */ #define XMDIO_READ(_pdata, _mmd, _reg) \ @@ -48277,7 +48200,7 @@ index 8a50b01..39c1ad0 100644 return 0; } diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-desc.c b/drivers/net/ethernet/amd/xgbe/xgbe-desc.c -index 5c92fb7..e0757dc 100644 +index 5c92fb7..08be735 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-desc.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-desc.c @@ -347,7 +347,7 @@ static int xgbe_map_rx_buffer(struct xgbe_prv_data *pdata, @@ -48316,7 +48239,7 @@ index 5c92fb7..e0757dc 100644 - - DBGPR("<--xgbe_init_function_ptrs_desc\n"); -} -+const struct xgbe_desc_if default_xgbe_desc_if = { ++struct xgbe_desc_if default_xgbe_desc_if = { + .alloc_ring_resources = xgbe_alloc_ring_resources, + .free_ring_resources = xgbe_free_ring_resources, + .map_tx_skb = xgbe_map_tx_skb, @@ -48326,10 +48249,10 @@ index 5c92fb7..e0757dc 100644 + .wrapper_rx_desc_init = xgbe_wrapper_rx_descriptor_init, +}; diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-dev.c b/drivers/net/ethernet/amd/xgbe/xgbe-dev.c -index 400757b..d8c53f6 100644 +index 21d9497..c74b40f 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-dev.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-dev.c -@@ -2748,7 +2748,7 @@ static void xgbe_powerdown_rx(struct xgbe_prv_data *pdata) +@@ -2772,7 +2772,7 @@ static void xgbe_powerdown_rx(struct xgbe_prv_data *pdata) static int xgbe_init(struct xgbe_prv_data *pdata) { @@ -48338,7 +48261,7 @@ index 400757b..d8c53f6 100644 int ret; DBGPR("-->xgbe_init\n"); -@@ -2813,108 +2813,103 @@ static int xgbe_init(struct xgbe_prv_data *pdata) +@@ -2838,106 +2838,101 @@ static int xgbe_init(struct xgbe_prv_data *pdata) return 0; } @@ -48348,10 +48271,8 @@ index 400757b..d8c53f6 100644 - - hw_if->tx_complete = xgbe_tx_complete; - -- hw_if->set_promiscuous_mode = xgbe_set_promiscuous_mode; -- hw_if->set_all_multicast_mode = xgbe_set_all_multicast_mode; -- hw_if->add_mac_addresses = xgbe_add_mac_addresses; - hw_if->set_mac_address = xgbe_set_mac_address; +- hw_if->config_rx_mode = xgbe_config_rx_mode; - - hw_if->enable_rx_csum = xgbe_enable_rx_csum; - hw_if->disable_rx_csum = xgbe_disable_rx_csum; @@ -48385,13 +48306,11 @@ index 400757b..d8c53f6 100644 - hw_if->disable_int = xgbe_disable_int; - hw_if->init = xgbe_init; - hw_if->exit = xgbe_exit; -+const struct xgbe_hw_if default_xgbe_hw_if = { ++struct xgbe_hw_if default_xgbe_hw_if = { + .tx_complete = xgbe_tx_complete, + -+ .set_promiscuous_mode = xgbe_set_promiscuous_mode, -+ .set_all_multicast_mode = xgbe_set_all_multicast_mode, -+ .add_mac_addresses = xgbe_add_mac_addresses, + .set_mac_address = xgbe_set_mac_address, ++ .config_rx_mode = xgbe_config_rx_mode, + + .enable_rx_csum = xgbe_enable_rx_csum, + .disable_rx_csum = xgbe_disable_rx_csum, @@ -48526,10 +48445,10 @@ index 400757b..d8c53f6 100644 + .set_rss_lookup_table = xgbe_set_rss_lookup_table, +}; diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c -index 885b02b..4b31a4c 100644 +index 9fd6c69..588ff02 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c -@@ -244,7 +244,7 @@ static int xgbe_maybe_stop_tx_queue(struct xgbe_channel *channel, +@@ -243,7 +243,7 @@ static int xgbe_maybe_stop_tx_queue(struct xgbe_channel *channel, * support, tell it now */ if (ring->tx.xmit_more) @@ -48538,7 +48457,7 @@ index 885b02b..4b31a4c 100644 return NETDEV_TX_BUSY; } -@@ -272,7 +272,7 @@ static int xgbe_calc_rx_buf_size(struct net_device *netdev, unsigned int mtu) +@@ -271,7 +271,7 @@ static int xgbe_calc_rx_buf_size(struct net_device *netdev, unsigned int mtu) static void xgbe_enable_rx_tx_ints(struct xgbe_prv_data *pdata) { @@ -48547,7 +48466,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; enum xgbe_int int_id; unsigned int i; -@@ -294,7 +294,7 @@ static void xgbe_enable_rx_tx_ints(struct xgbe_prv_data *pdata) +@@ -293,7 +293,7 @@ static void xgbe_enable_rx_tx_ints(struct xgbe_prv_data *pdata) static void xgbe_disable_rx_tx_ints(struct xgbe_prv_data *pdata) { @@ -48556,7 +48475,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; enum xgbe_int int_id; unsigned int i; -@@ -317,7 +317,7 @@ static void xgbe_disable_rx_tx_ints(struct xgbe_prv_data *pdata) +@@ -316,7 +316,7 @@ static void xgbe_disable_rx_tx_ints(struct xgbe_prv_data *pdata) static irqreturn_t xgbe_isr(int irq, void *data) { struct xgbe_prv_data *pdata = data; @@ -48565,7 +48484,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; unsigned int dma_isr, dma_ch_isr; unsigned int mac_isr, mac_tssr; -@@ -673,7 +673,7 @@ static void xgbe_free_irqs(struct xgbe_prv_data *pdata) +@@ -682,7 +682,7 @@ static void xgbe_free_irqs(struct xgbe_prv_data *pdata) void xgbe_init_tx_coalesce(struct xgbe_prv_data *pdata) { @@ -48574,7 +48493,7 @@ index 885b02b..4b31a4c 100644 DBGPR("-->xgbe_init_tx_coalesce\n"); -@@ -687,7 +687,7 @@ void xgbe_init_tx_coalesce(struct xgbe_prv_data *pdata) +@@ -696,7 +696,7 @@ void xgbe_init_tx_coalesce(struct xgbe_prv_data *pdata) void xgbe_init_rx_coalesce(struct xgbe_prv_data *pdata) { @@ -48583,7 +48502,7 @@ index 885b02b..4b31a4c 100644 DBGPR("-->xgbe_init_rx_coalesce\n"); -@@ -701,7 +701,7 @@ void xgbe_init_rx_coalesce(struct xgbe_prv_data *pdata) +@@ -711,7 +711,7 @@ void xgbe_init_rx_coalesce(struct xgbe_prv_data *pdata) static void xgbe_free_tx_data(struct xgbe_prv_data *pdata) { @@ -48592,7 +48511,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; struct xgbe_ring *ring; struct xgbe_ring_data *rdata; -@@ -726,7 +726,7 @@ static void xgbe_free_tx_data(struct xgbe_prv_data *pdata) +@@ -736,7 +736,7 @@ static void xgbe_free_tx_data(struct xgbe_prv_data *pdata) static void xgbe_free_rx_data(struct xgbe_prv_data *pdata) { @@ -48601,7 +48520,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; struct xgbe_ring *ring; struct xgbe_ring_data *rdata; -@@ -752,7 +752,7 @@ static void xgbe_free_rx_data(struct xgbe_prv_data *pdata) +@@ -762,7 +762,7 @@ static void xgbe_free_rx_data(struct xgbe_prv_data *pdata) static void xgbe_adjust_link(struct net_device *netdev) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48610,7 +48529,7 @@ index 885b02b..4b31a4c 100644 struct phy_device *phydev = pdata->phydev; int new_state = 0; -@@ -860,7 +860,7 @@ static void xgbe_phy_exit(struct xgbe_prv_data *pdata) +@@ -870,7 +870,7 @@ static void xgbe_phy_exit(struct xgbe_prv_data *pdata) int xgbe_powerdown(struct net_device *netdev, unsigned int caller) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48619,7 +48538,7 @@ index 885b02b..4b31a4c 100644 unsigned long flags; DBGPR("-->xgbe_powerdown\n"); -@@ -898,7 +898,7 @@ int xgbe_powerdown(struct net_device *netdev, unsigned int caller) +@@ -908,7 +908,7 @@ int xgbe_powerdown(struct net_device *netdev, unsigned int caller) int xgbe_powerup(struct net_device *netdev, unsigned int caller) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48628,7 +48547,7 @@ index 885b02b..4b31a4c 100644 unsigned long flags; DBGPR("-->xgbe_powerup\n"); -@@ -935,7 +935,7 @@ int xgbe_powerup(struct net_device *netdev, unsigned int caller) +@@ -945,7 +945,7 @@ int xgbe_powerup(struct net_device *netdev, unsigned int caller) static int xgbe_start(struct xgbe_prv_data *pdata) { @@ -48637,7 +48556,7 @@ index 885b02b..4b31a4c 100644 struct net_device *netdev = pdata->netdev; int ret; -@@ -976,7 +976,7 @@ err_napi: +@@ -984,7 +984,7 @@ err_napi: static void xgbe_stop(struct xgbe_prv_data *pdata) { @@ -48646,7 +48565,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; struct net_device *netdev = pdata->netdev; struct netdev_queue *txq; -@@ -1203,7 +1203,7 @@ static int xgbe_set_hwtstamp_settings(struct xgbe_prv_data *pdata, +@@ -1211,7 +1211,7 @@ static int xgbe_set_hwtstamp_settings(struct xgbe_prv_data *pdata, return -ERANGE; } @@ -48655,7 +48574,7 @@ index 885b02b..4b31a4c 100644 memcpy(&pdata->tstamp_config, &config, sizeof(config)); -@@ -1352,7 +1352,7 @@ static void xgbe_packet_info(struct xgbe_prv_data *pdata, +@@ -1360,7 +1360,7 @@ static void xgbe_packet_info(struct xgbe_prv_data *pdata, static int xgbe_open(struct net_device *netdev) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48664,7 +48583,7 @@ index 885b02b..4b31a4c 100644 int ret; DBGPR("-->xgbe_open\n"); -@@ -1424,7 +1424,7 @@ err_phy_init: +@@ -1432,7 +1432,7 @@ err_phy_init: static int xgbe_close(struct net_device *netdev) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48673,7 +48592,7 @@ index 885b02b..4b31a4c 100644 DBGPR("-->xgbe_close\n"); -@@ -1452,8 +1452,8 @@ static int xgbe_close(struct net_device *netdev) +@@ -1460,8 +1460,8 @@ static int xgbe_close(struct net_device *netdev) static int xgbe_xmit(struct sk_buff *skb, struct net_device *netdev) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48684,16 +48603,16 @@ index 885b02b..4b31a4c 100644 struct xgbe_channel *channel; struct xgbe_ring *ring; struct xgbe_packet_data *packet; -@@ -1521,7 +1521,7 @@ tx_netdev_return: +@@ -1529,7 +1529,7 @@ tx_netdev_return: static void xgbe_set_rx_mode(struct net_device *netdev) { struct xgbe_prv_data *pdata = netdev_priv(netdev); - struct xgbe_hw_if *hw_if = &pdata->hw_if; + struct xgbe_hw_if *hw_if = pdata->hw_if; - unsigned int pr_mode, am_mode; DBGPR("-->xgbe_set_rx_mode\n"); -@@ -1540,7 +1540,7 @@ static void xgbe_set_rx_mode(struct net_device *netdev) + +@@ -1541,7 +1541,7 @@ static void xgbe_set_rx_mode(struct net_device *netdev) static int xgbe_set_mac_address(struct net_device *netdev, void *addr) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48702,7 +48621,7 @@ index 885b02b..4b31a4c 100644 struct sockaddr *saddr = addr; DBGPR("-->xgbe_set_mac_address\n"); -@@ -1607,7 +1607,7 @@ static struct rtnl_link_stats64 *xgbe_get_stats64(struct net_device *netdev, +@@ -1616,7 +1616,7 @@ static struct rtnl_link_stats64 *xgbe_get_stats64(struct net_device *netdev, DBGPR("-->%s\n", __func__); @@ -48711,7 +48630,7 @@ index 885b02b..4b31a4c 100644 s->rx_packets = pstats->rxframecount_gb; s->rx_bytes = pstats->rxoctetcount_gb; -@@ -1634,7 +1634,7 @@ static int xgbe_vlan_rx_add_vid(struct net_device *netdev, __be16 proto, +@@ -1643,7 +1643,7 @@ static int xgbe_vlan_rx_add_vid(struct net_device *netdev, __be16 proto, u16 vid) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48720,7 +48639,7 @@ index 885b02b..4b31a4c 100644 DBGPR("-->%s\n", __func__); -@@ -1650,7 +1650,7 @@ static int xgbe_vlan_rx_kill_vid(struct net_device *netdev, __be16 proto, +@@ -1659,7 +1659,7 @@ static int xgbe_vlan_rx_kill_vid(struct net_device *netdev, __be16 proto, u16 vid) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48729,7 +48648,7 @@ index 885b02b..4b31a4c 100644 DBGPR("-->%s\n", __func__); -@@ -1716,7 +1716,7 @@ static int xgbe_set_features(struct net_device *netdev, +@@ -1725,7 +1725,7 @@ static int xgbe_set_features(struct net_device *netdev, netdev_features_t features) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48738,7 +48657,7 @@ index 885b02b..4b31a4c 100644 netdev_features_t rxhash, rxcsum, rxvlan, rxvlan_filter; int ret = 0; -@@ -1781,8 +1781,8 @@ struct net_device_ops *xgbe_get_netdev_ops(void) +@@ -1791,8 +1791,8 @@ struct net_device_ops *xgbe_get_netdev_ops(void) static void xgbe_rx_refresh(struct xgbe_channel *channel) { struct xgbe_prv_data *pdata = channel->pdata; @@ -48749,7 +48668,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_ring *ring = channel->rx_ring; struct xgbe_ring_data *rdata; -@@ -1835,8 +1835,8 @@ static struct sk_buff *xgbe_create_skb(struct xgbe_prv_data *pdata, +@@ -1847,8 +1847,8 @@ static struct sk_buff *xgbe_create_skb(struct napi_struct *napi, static int xgbe_tx_poll(struct xgbe_channel *channel) { struct xgbe_prv_data *pdata = channel->pdata; @@ -48760,7 +48679,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_ring *ring = channel->tx_ring; struct xgbe_ring_data *rdata; struct xgbe_ring_desc *rdesc; -@@ -1901,7 +1901,7 @@ static int xgbe_tx_poll(struct xgbe_channel *channel) +@@ -1913,7 +1913,7 @@ static int xgbe_tx_poll(struct xgbe_channel *channel) static int xgbe_rx_poll(struct xgbe_channel *channel, int budget) { struct xgbe_prv_data *pdata = channel->pdata; @@ -48770,7 +48689,7 @@ index 885b02b..4b31a4c 100644 struct xgbe_ring_data *rdata; struct xgbe_packet_data *packet; diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-ethtool.c b/drivers/net/ethernet/amd/xgbe/xgbe-ethtool.c -index ebf4893..a8f51c6 100644 +index 5f149e8..6736bf4 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-ethtool.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-ethtool.c @@ -203,7 +203,7 @@ static void xgbe_get_ethtool_stats(struct net_device *netdev, @@ -48782,25 +48701,16 @@ index ebf4893..a8f51c6 100644 for (i = 0; i < XGBE_STATS_COUNT; i++) { stat = (u8 *)pdata + xgbe_gstring_stats[i].stat_offset; *data++ = *(u64 *)stat; -@@ -378,7 +378,7 @@ static int xgbe_get_coalesce(struct net_device *netdev, - struct ethtool_coalesce *ec) - { - struct xgbe_prv_data *pdata = netdev_priv(netdev); -- struct xgbe_hw_if *hw_if = &pdata->hw_if; -+ struct xgbe_hw_if *hw_if = pdata->hw_if; - unsigned int riwt; - - DBGPR("-->xgbe_get_coalesce\n"); -@@ -401,7 +401,7 @@ static int xgbe_set_coalesce(struct net_device *netdev, +@@ -396,7 +396,7 @@ static int xgbe_set_coalesce(struct net_device *netdev, struct ethtool_coalesce *ec) { struct xgbe_prv_data *pdata = netdev_priv(netdev); - struct xgbe_hw_if *hw_if = &pdata->hw_if; + struct xgbe_hw_if *hw_if = pdata->hw_if; unsigned int rx_frames, rx_riwt, rx_usecs; - unsigned int tx_frames, tx_usecs; + unsigned int tx_frames; -@@ -536,7 +536,7 @@ static int xgbe_set_rxfh(struct net_device *netdev, const u32 *indir, +@@ -521,7 +521,7 @@ static int xgbe_set_rxfh(struct net_device *netdev, const u32 *indir, const u8 *key, const u8 hfunc) { struct xgbe_prv_data *pdata = netdev_priv(netdev); @@ -48810,7 +48720,7 @@ index ebf4893..a8f51c6 100644 if (hfunc != ETH_RSS_HASH_NO_CHANGE && hfunc != ETH_RSS_HASH_TOP) diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-main.c b/drivers/net/ethernet/amd/xgbe/xgbe-main.c -index 32dd651..225cca3 100644 +index 7149053..889c5492 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-main.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-main.c @@ -159,12 +159,6 @@ static void xgbe_default_config(struct xgbe_prv_data *pdata) @@ -48826,7 +48736,7 @@ index 32dd651..225cca3 100644 #ifdef CONFIG_ACPI static int xgbe_acpi_support(struct xgbe_prv_data *pdata) { -@@ -396,9 +390,8 @@ static int xgbe_probe(struct platform_device *pdev) +@@ -387,9 +381,8 @@ static int xgbe_probe(struct platform_device *pdev) memcpy(netdev->dev_addr, pdata->mac_addr, netdev->addr_len); /* Set all the function pointers */ @@ -48861,7 +48771,7 @@ index 59e267f..0842a88 100644 DBGPR_MDIO("-->xgbe_mdio_write: prtad=%#x mmd_reg=%#x mmd_data=%#x\n", diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-ptp.c b/drivers/net/ethernet/amd/xgbe/xgbe-ptp.c -index f326178..8bd7daf 100644 +index b03e4f5..78e4cc4 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe-ptp.c +++ b/drivers/net/ethernet/amd/xgbe/xgbe-ptp.c @@ -129,7 +129,7 @@ static cycle_t xgbe_cc_read(const struct cyclecounter *cc) @@ -48883,10 +48793,10 @@ index f326178..8bd7daf 100644 spin_unlock_irqrestore(&pdata->tstamp_lock, flags); diff --git a/drivers/net/ethernet/amd/xgbe/xgbe.h b/drivers/net/ethernet/amd/xgbe/xgbe.h -index 13e8f95..1d8beef 100644 +index e62dfa2..7df28d5 100644 --- a/drivers/net/ethernet/amd/xgbe/xgbe.h +++ b/drivers/net/ethernet/amd/xgbe/xgbe.h -@@ -675,8 +675,8 @@ struct xgbe_prv_data { +@@ -673,8 +673,8 @@ struct xgbe_prv_data { int dev_irq; unsigned int per_channel_irq; @@ -48897,18 +48807,31 @@ index 13e8f95..1d8beef 100644 /* AXI DMA settings */ unsigned int coherent; -@@ -798,6 +798,9 @@ struct xgbe_prv_data { +@@ -797,6 +797,9 @@ struct xgbe_prv_data { #endif }; -+extern const struct xgbe_hw_if default_xgbe_hw_if; -+extern const struct xgbe_desc_if default_xgbe_desc_if; ++extern struct xgbe_hw_if default_xgbe_hw_if; ++extern struct xgbe_desc_if default_xgbe_desc_if; + /* Function prototypes*/ void xgbe_init_function_ptrs_dev(struct xgbe_hw_if *); +diff --git a/drivers/net/ethernet/broadcom/bcmsysport.c b/drivers/net/ethernet/broadcom/bcmsysport.c +index 783543a..a472348 100644 +--- a/drivers/net/ethernet/broadcom/bcmsysport.c ++++ b/drivers/net/ethernet/broadcom/bcmsysport.c +@@ -1721,7 +1721,7 @@ static int bcm_sysport_probe(struct platform_device *pdev) + macaddr = of_get_mac_address(dn); + if (!macaddr || !is_valid_ether_addr(macaddr)) { + dev_warn(&pdev->dev, "using random Ethernet MAC\n"); +- random_ether_addr(dev->dev_addr); ++ eth_hw_addr_random(dev); + } else { + ether_addr_copy(dev->dev_addr, macaddr); + } diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h -index adcacda..fa6e0ae 100644 +index d7a7175..7011194 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h @@ -1065,7 +1065,7 @@ static inline u8 bnx2x_get_path_func_num(struct bnx2x *bp) @@ -48972,10 +48895,10 @@ index 31c9f82..e65e986 100644 #define CHIPREV_ID_5752_A0_HW 0x5000 #define CHIPREV_ID_5752_A0 0x6000 diff --git a/drivers/net/ethernet/brocade/bna/bna_enet.c b/drivers/net/ethernet/brocade/bna/bna_enet.c -index 903466e..b285864 100644 +index deb8da6..45d473b 100644 --- a/drivers/net/ethernet/brocade/bna/bna_enet.c +++ b/drivers/net/ethernet/brocade/bna/bna_enet.c -@@ -1693,10 +1693,10 @@ bna_cb_ioceth_reset(void *arg) +@@ -1694,10 +1694,10 @@ bna_cb_ioceth_reset(void *arg) } static struct bfa_ioc_cbfn bna_ioceth_cbfn = { @@ -49003,19 +48926,6 @@ index 8cffcdf..aadf043 100644 #define L2T_SKB_CB(skb) ((struct l2t_skb_cb *)(skb)->cb) -diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c -index d929951..a2c23f5 100644 ---- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c -+++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c -@@ -2215,7 +2215,7 @@ static void get_regs(struct net_device *dev, struct ethtool_regs *regs, - - int i; - struct adapter *ap = netdev2adap(dev); -- static const unsigned int *reg_ranges; -+ const unsigned int *reg_ranges; - int arr_size = 0, buf_size = 0; - - if (is_t4(ap->params.chip)) { diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c index badff18..e15c4ec 100644 --- a/drivers/net/ethernet/dec/tulip/de4x5.c @@ -49039,10 +48949,10 @@ index badff18..e15c4ec 100644 break; } diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c -index 893753f..3b5d790 100644 +index e43cc8a..f1cf67c 100644 --- a/drivers/net/ethernet/emulex/benet/be_main.c +++ b/drivers/net/ethernet/emulex/benet/be_main.c -@@ -536,7 +536,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) +@@ -539,7 +539,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) if (wrapped) newacc += 65536; @@ -49078,7 +48988,7 @@ index dce5f7b..2433466 100644 #include "ftmac100.h" diff --git a/drivers/net/ethernet/intel/i40e/i40e_ptp.c b/drivers/net/ethernet/intel/i40e/i40e_ptp.c -index fabcfa1..188fd22 100644 +index a92b772..250fe69 100644 --- a/drivers/net/ethernet/intel/i40e/i40e_ptp.c +++ b/drivers/net/ethernet/intel/i40e/i40e_ptp.c @@ -419,7 +419,7 @@ void i40e_ptp_set_increment(struct i40e_pf *pf) @@ -49091,10 +49001,10 @@ index fabcfa1..188fd22 100644 } diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c -index 79c00f5..8da39f6 100644 +index e5ba040..d47531c 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c -@@ -785,7 +785,7 @@ void ixgbe_ptp_start_cyclecounter(struct ixgbe_adapter *adapter) +@@ -782,7 +782,7 @@ void ixgbe_ptp_start_cyclecounter(struct ixgbe_adapter *adapter) } /* update the base incval used to calculate frequency adjustment */ @@ -49103,8 +49013,76 @@ index 79c00f5..8da39f6 100644 smp_mb(); /* need lock to prevent incorrect read while modifying cyclecounter */ +diff --git a/drivers/net/ethernet/marvell/mvneta.c b/drivers/net/ethernet/marvell/mvneta.c +index 74d0389..086ac03 100644 +--- a/drivers/net/ethernet/marvell/mvneta.c ++++ b/drivers/net/ethernet/marvell/mvneta.c +@@ -1462,7 +1462,7 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + struct mvneta_rx_queue *rxq) + { + struct net_device *dev = pp->dev; +- int rx_done, rx_filled; ++ int rx_done; + u32 rcvd_pkts = 0; + u32 rcvd_bytes = 0; + +@@ -1473,7 +1473,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + rx_todo = rx_done; + + rx_done = 0; +- rx_filled = 0; + + /* Fairness NAPI loop */ + while (rx_done < rx_todo) { +@@ -1484,7 +1483,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + int rx_bytes, err; + + rx_done++; +- rx_filled++; + rx_status = rx_desc->status; + rx_bytes = rx_desc->data_size - (ETH_FCS_LEN + MVNETA_MH_SIZE); + data = (unsigned char *)rx_desc->buf_cookie; +@@ -1524,6 +1522,14 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + continue; + } + ++ /* Refill processing */ ++ err = mvneta_rx_refill(pp, rx_desc); ++ if (err) { ++ netdev_err(dev, "Linux processing - Can't refill\n"); ++ rxq->missed++; ++ goto err_drop_frame; ++ } ++ + skb = build_skb(data, pp->frag_size > PAGE_SIZE ? 0 : pp->frag_size); + if (!skb) + goto err_drop_frame; +@@ -1543,14 +1549,6 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + mvneta_rx_csum(pp, rx_status, skb); + + napi_gro_receive(&pp->napi, skb); +- +- /* Refill processing */ +- err = mvneta_rx_refill(pp, rx_desc); +- if (err) { +- netdev_err(dev, "Linux processing - Can't refill\n"); +- rxq->missed++; +- rx_filled--; +- } + } + + if (rcvd_pkts) { +@@ -1563,7 +1561,7 @@ static int mvneta_rx(struct mvneta_port *pp, int rx_todo, + } + + /* Update rxq management counters */ +- mvneta_rxq_desc_num_update(pp, rxq, rx_done, rx_filled); ++ mvneta_rxq_desc_num_update(pp, rxq, rx_done, rx_done); + + return rx_done; + } diff --git a/drivers/net/ethernet/mellanox/mlx4/en_tx.c b/drivers/net/ethernet/mellanox/mlx4/en_tx.c -index 35dd887..38b3476 100644 +index c10d98f..72914c6 100644 --- a/drivers/net/ethernet/mellanox/mlx4/en_tx.c +++ b/drivers/net/ethernet/mellanox/mlx4/en_tx.c @@ -475,8 +475,8 @@ static bool mlx4_en_process_tx_cq(struct net_device *dev, @@ -49144,7 +49122,7 @@ index 6223930..975033d 100644 __vxge_hw_mempool_create(vpath->hldev, fifo->config->memblock_size, diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c -index 2bb48d5..d1a865d 100644 +index 33669c2..a29c75e 100644 --- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c +++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c @@ -2324,7 +2324,9 @@ int qlcnic_83xx_configure_opmode(struct qlcnic_adapter *adapter) @@ -49203,7 +49181,7 @@ index 332bb8a..e6adcd1 100644 u32 entry_offset, dump, no_entries, buf_offset = 0; int i, k, ops_cnt, ops_index, dump_size = 0; diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c -index c70ab40..00b28e0 100644 +index 3df51fa..e9b517f 100644 --- a/drivers/net/ethernet/realtek/r8169.c +++ b/drivers/net/ethernet/realtek/r8169.c @@ -788,22 +788,22 @@ struct rtl8169_private { @@ -49234,7 +49212,7 @@ index c70ab40..00b28e0 100644 int (*set_speed)(struct net_device *, u8 aneg, u16 sp, u8 dpx, u32 adv); int (*get_settings)(struct net_device *, struct ethtool_cmd *); diff --git a/drivers/net/ethernet/sfc/ptp.c b/drivers/net/ethernet/sfc/ptp.c -index 6b861e3..204ac86 100644 +index a2e9aee..af41a0e 100644 --- a/drivers/net/ethernet/sfc/ptp.c +++ b/drivers/net/ethernet/sfc/ptp.c @@ -822,7 +822,7 @@ static int efx_ptp_synchronize(struct efx_nic *efx, unsigned int num_readings) @@ -49246,19 +49224,6 @@ index 6b861e3..204ac86 100644 rc = efx_mcdi_rpc_start(efx, MC_CMD_PTP, synch_buf, MC_CMD_PTP_IN_SYNCHRONIZE_LEN); EFX_BUG_ON_PARANOID(rc); -diff --git a/drivers/net/ethernet/sfc/selftest.c b/drivers/net/ethernet/sfc/selftest.c -index 10b6173..b605dfd5 100644 ---- a/drivers/net/ethernet/sfc/selftest.c -+++ b/drivers/net/ethernet/sfc/selftest.c -@@ -46,7 +46,7 @@ struct efx_loopback_payload { - struct iphdr ip; - struct udphdr udp; - __be16 iteration; -- const char msg[64]; -+ char msg[64]; - } __packed; - - /* Loopback test source MAC address */ diff --git a/drivers/net/ethernet/stmicro/stmmac/mmc_core.c b/drivers/net/ethernet/stmicro/stmmac/mmc_core.c index 08c483b..2c4a553 100644 --- a/drivers/net/ethernet/stmicro/stmmac/mmc_core.c @@ -49275,10 +49240,10 @@ index 08c483b..2c4a553 100644 /* To mask all all interrupts.*/ diff --git a/drivers/net/ethernet/via/via-rhine.c b/drivers/net/ethernet/via/via-rhine.c -index 17e2766..c332f1e 100644 +index de28504..7f1c1cd 100644 --- a/drivers/net/ethernet/via/via-rhine.c +++ b/drivers/net/ethernet/via/via-rhine.c -@@ -2514,7 +2514,7 @@ static struct platform_driver rhine_driver_platform = { +@@ -2525,7 +2525,7 @@ static struct platform_driver rhine_driver_platform = { } }; @@ -49288,10 +49253,10 @@ index 17e2766..c332f1e 100644 .ident = "EPIA-M", .matches = { diff --git a/drivers/net/hyperv/hyperv_net.h b/drivers/net/hyperv/hyperv_net.h -index 384ca4f..dd7d4f9 100644 +index 41071d3..6e362e1 100644 --- a/drivers/net/hyperv/hyperv_net.h +++ b/drivers/net/hyperv/hyperv_net.h -@@ -171,7 +171,7 @@ struct rndis_device { +@@ -176,7 +176,7 @@ struct rndis_device { enum rndis_device_state state; bool link_state; bool link_change; @@ -49301,10 +49266,10 @@ index 384ca4f..dd7d4f9 100644 spinlock_t request_lock; struct list_head req_list; diff --git a/drivers/net/hyperv/rndis_filter.c b/drivers/net/hyperv/rndis_filter.c -index 7816d98..7890614 100644 +index 9118cea..1a8e06a 100644 --- a/drivers/net/hyperv/rndis_filter.c +++ b/drivers/net/hyperv/rndis_filter.c -@@ -102,7 +102,7 @@ static struct rndis_request *get_rndis_request(struct rndis_device *dev, +@@ -100,7 +100,7 @@ static struct rndis_request *get_rndis_request(struct rndis_device *dev, * template */ set = &rndis_msg->msg.set_req; @@ -49313,7 +49278,7 @@ index 7816d98..7890614 100644 /* Add to the request list */ spin_lock_irqsave(&dev->request_lock, flags); -@@ -918,7 +918,7 @@ static void rndis_filter_halt_device(struct rndis_device *dev) +@@ -923,7 +923,7 @@ static void rndis_filter_halt_device(struct rndis_device *dev) /* Setup the rndis set */ halt = &request->request_msg.msg.halt_req; @@ -49323,7 +49288,7 @@ index 7816d98..7890614 100644 /* Ignore return since this msg is optional. */ rndis_filter_send_request(dev, request); diff --git a/drivers/net/ifb.c b/drivers/net/ifb.c -index 34f846b..4a0d5b1 100644 +index 94570aa..1a798e1 100644 --- a/drivers/net/ifb.c +++ b/drivers/net/ifb.c @@ -253,7 +253,7 @@ static int ifb_validate(struct nlattr *tb[], struct nlattr *data[]) @@ -49335,8 +49300,37 @@ index 34f846b..4a0d5b1 100644 .kind = "ifb", .priv_size = sizeof(struct ifb_private), .setup = ifb_setup, +diff --git a/drivers/net/ipvlan/ipvlan.h b/drivers/net/ipvlan/ipvlan.h +index 54549a6..0799442 100644 +--- a/drivers/net/ipvlan/ipvlan.h ++++ b/drivers/net/ipvlan/ipvlan.h +@@ -102,6 +102,11 @@ static inline struct ipvl_port *ipvlan_port_get_rcu(const struct net_device *d) + return rcu_dereference(d->rx_handler_data); + } + ++static inline struct ipvl_port *ipvlan_port_get_rcu_bh(const struct net_device *d) ++{ ++ return rcu_dereference_bh(d->rx_handler_data); ++} ++ + static inline struct ipvl_port *ipvlan_port_get_rtnl(const struct net_device *d) + { + return rtnl_dereference(d->rx_handler_data); +diff --git a/drivers/net/ipvlan/ipvlan_core.c b/drivers/net/ipvlan/ipvlan_core.c +index c30b5c3..b349dad 100644 +--- a/drivers/net/ipvlan/ipvlan_core.c ++++ b/drivers/net/ipvlan/ipvlan_core.c +@@ -507,7 +507,7 @@ static int ipvlan_xmit_mode_l2(struct sk_buff *skb, struct net_device *dev) + int ipvlan_queue_xmit(struct sk_buff *skb, struct net_device *dev) + { + struct ipvl_dev *ipvlan = netdev_priv(dev); +- struct ipvl_port *port = ipvlan_port_get_rcu(ipvlan->phy_dev); ++ struct ipvl_port *port = ipvlan_port_get_rcu_bh(ipvlan->phy_dev); + + if (!port) + goto out; diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c -index 1df38bd..4bc20b0 100644 +index 9f59f17..52cb38f 100644 --- a/drivers/net/macvlan.c +++ b/drivers/net/macvlan.c @@ -335,7 +335,7 @@ static void macvlan_broadcast_enqueue(struct macvlan_port *port, @@ -49348,7 +49342,7 @@ index 1df38bd..4bc20b0 100644 } static void macvlan_flush_sources(struct macvlan_port *port, -@@ -1459,13 +1459,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { +@@ -1480,13 +1480,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { int macvlan_link_register(struct rtnl_link_ops *ops) { /* common fields */ @@ -49371,7 +49365,7 @@ index 1df38bd..4bc20b0 100644 return rtnl_link_register(ops); }; -@@ -1551,7 +1553,7 @@ static int macvlan_device_event(struct notifier_block *unused, +@@ -1572,7 +1574,7 @@ static int macvlan_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -49381,7 +49375,7 @@ index 1df38bd..4bc20b0 100644 }; diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c -index 27ecc5c..f636328 100644 +index 8c350c5..30fdc98 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -436,7 +436,7 @@ static void macvtap_setup(struct net_device *dev) @@ -49402,7 +49396,7 @@ index 27ecc5c..f636328 100644 put_user(u, &ifr->ifr_flags)) ret = -EFAULT; macvtap_put_vlan(vlan); -@@ -1217,7 +1217,7 @@ static int macvtap_device_event(struct notifier_block *unused, +@@ -1214,7 +1214,7 @@ static int macvtap_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -49411,6 +49405,14 @@ index 27ecc5c..f636328 100644 .notifier_call = macvtap_device_event, }; +@@ -1268,6 +1268,7 @@ static void macvtap_exit(void) + class_unregister(macvtap_class); + cdev_del(&macvtap_cdev); + unregister_chrdev_region(macvtap_major, MACVTAP_NUM_DEVS); ++ idr_destroy(&minor_idr); + } + module_exit(macvtap_exit); + diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c index 34924df..a747360 100644 --- a/drivers/net/nlmon.c @@ -49491,10 +49493,10 @@ index 079f7ad..b2a2bfa7 100644 /* We've got a compressed packet; read the change byte */ diff --git a/drivers/net/team/team.c b/drivers/net/team/team.c -index 7d39484..d58499d 100644 +index 6928448..e30c57f 100644 --- a/drivers/net/team/team.c +++ b/drivers/net/team/team.c -@@ -2099,7 +2099,7 @@ static unsigned int team_get_num_rx_queues(void) +@@ -2103,7 +2103,7 @@ static unsigned int team_get_num_rx_queues(void) return TEAM_DEFAULT_NUM_RX_QUEUES; } @@ -49503,7 +49505,7 @@ index 7d39484..d58499d 100644 .kind = DRV_NAME, .priv_size = sizeof(struct team), .setup = team_setup, -@@ -2889,7 +2889,7 @@ static int team_device_event(struct notifier_block *unused, +@@ -2893,7 +2893,7 @@ static int team_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -49513,7 +49515,7 @@ index 7d39484..d58499d 100644 }; diff --git a/drivers/net/tun.c b/drivers/net/tun.c -index 857dca4..642f532 100644 +index e470ae5..e812f5e 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c @@ -1421,7 +1421,7 @@ static int tun_validate(struct nlattr *tb[], struct nlattr *data[]) @@ -49525,7 +49527,7 @@ index 857dca4..642f532 100644 .kind = DRV_NAME, .priv_size = sizeof(struct tun_struct), .setup = tun_setup, -@@ -1830,7 +1830,7 @@ unlock: +@@ -1828,7 +1828,7 @@ unlock: } static long __tun_chr_ioctl(struct file *file, unsigned int cmd, @@ -49534,7 +49536,7 @@ index 857dca4..642f532 100644 { struct tun_file *tfile = file->private_data; struct tun_struct *tun; -@@ -1844,6 +1844,9 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, +@@ -1842,6 +1842,9 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, int le; int ret; @@ -49545,7 +49547,7 @@ index 857dca4..642f532 100644 if (copy_from_user(&ifr, argp, ifreq_len)) return -EFAULT; diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c -index 778e915..58c4d95 100644 +index 111d907..1ee643e 100644 --- a/drivers/net/usb/hso.c +++ b/drivers/net/usb/hso.c @@ -70,7 +70,7 @@ @@ -49617,7 +49619,7 @@ index 778e915..58c4d95 100644 _hso_serial_set_termios(tty, old); else tty->termios = *old; -@@ -1886,7 +1885,7 @@ static void intr_callback(struct urb *urb) +@@ -1891,7 +1890,7 @@ static void intr_callback(struct urb *urb) D1("Pending read interrupt on port %d\n", i); spin_lock(&serial->serial_lock); if (serial->rx_state == RX_IDLE && @@ -49626,7 +49628,7 @@ index 778e915..58c4d95 100644 /* Setup and send a ctrl req read on * port i */ if (!serial->rx_urb_filled[0]) { -@@ -3053,7 +3052,7 @@ static int hso_resume(struct usb_interface *iface) +@@ -3058,7 +3057,7 @@ static int hso_resume(struct usb_interface *iface) /* Start all serial ports */ for (i = 0; i < HSO_SERIAL_TTY_MINORS; i++) { if (serial_table[i] && (serial_table[i]->interface == iface)) { @@ -49636,10 +49638,10 @@ index 778e915..58c4d95 100644 hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); diff --git a/drivers/net/usb/r8152.c b/drivers/net/usb/r8152.c -index 9f7c0ab..1577b4a 100644 +index aafa1a1..f59c651 100644 --- a/drivers/net/usb/r8152.c +++ b/drivers/net/usb/r8152.c -@@ -601,7 +601,7 @@ struct r8152 { +@@ -602,7 +602,7 @@ struct r8152 { void (*unload)(struct r8152 *); int (*eee_get)(struct r8152 *, struct ethtool_eee *); int (*eee_set)(struct r8152 *, struct ethtool_eee *); @@ -49670,30 +49672,8 @@ index a2515887..6d13233 100644 dev->net->dev_addr[ETH_ALEN-1] = ifacenum; /* we will have to manufacture ethernet headers, prepare template */ -diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c -index 777757a..395a767 100644 ---- a/drivers/net/usb/usbnet.c -+++ b/drivers/net/usb/usbnet.c -@@ -1285,7 +1285,7 @@ netdev_tx_t usbnet_start_xmit (struct sk_buff *skb, - struct net_device *net) - { - struct usbnet *dev = netdev_priv(net); -- int length; -+ unsigned int length; - struct urb *urb = NULL; - struct skb_data *entry; - struct driver_info *info = dev->driver_info; -@@ -1413,7 +1413,7 @@ not_drop: - } - } else - netif_dbg(dev, tx_queued, dev->net, -- "> tx, len %d, type 0x%x\n", length, skb->protocol); -+ "> tx, len %u, type 0x%x\n", length, skb->protocol); - #ifdef CONFIG_PM - deferred: - #endif diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c -index 59b0e97..a6ed579 100644 +index 63c7810..4ad33aa 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -48,7 +48,7 @@ module_param(gso, bool, 0444); @@ -49705,11 +49685,56 @@ index 59b0e97..a6ed579 100644 #define VIRTNET_DRIVER_VERSION "1.0.0" +diff --git a/drivers/net/vmxnet3/vmxnet3_drv.c b/drivers/net/vmxnet3/vmxnet3_drv.c +index 61c0840..92e7f7e 100644 +--- a/drivers/net/vmxnet3/vmxnet3_drv.c ++++ b/drivers/net/vmxnet3/vmxnet3_drv.c +@@ -1167,7 +1167,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + static const u32 rxprod_reg[2] = { + VMXNET3_REG_RXPROD, VMXNET3_REG_RXPROD2 + }; +- u32 num_rxd = 0; ++ u32 num_pkts = 0; + bool skip_page_frags = false; + struct Vmxnet3_RxCompDesc *rcd; + struct vmxnet3_rx_ctx *ctx = &rq->rx_ctx; +@@ -1185,13 +1185,12 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + struct Vmxnet3_RxDesc *rxd; + u32 idx, ring_idx; + struct vmxnet3_cmd_ring *ring = NULL; +- if (num_rxd >= quota) { ++ if (num_pkts >= quota) { + /* we may stop even before we see the EOP desc of + * the current pkt + */ + break; + } +- num_rxd++; + BUG_ON(rcd->rqID != rq->qid && rcd->rqID != rq->qid2); + idx = rcd->rxdIdx; + ring_idx = rcd->rqID < adapter->num_rx_queues ? 0 : 1; +@@ -1323,6 +1322,7 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, + napi_gro_receive(&rq->napi, skb); + + ctx->skb = NULL; ++ num_pkts++; + } + + rcd_done: +@@ -1353,7 +1353,7 @@ rcd_done: + &rq->comp_ring.base[rq->comp_ring.next2proc].rcd, &rxComp); + } + +- return num_rxd; ++ return num_pkts; + } + + diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c -index fceb637..37c70fd 100644 +index 21a0fbf..055b54f 100644 --- a/drivers/net/vxlan.c +++ b/drivers/net/vxlan.c -@@ -2935,7 +2935,7 @@ static struct net *vxlan_get_link_net(const struct net_device *dev) +@@ -2878,7 +2878,7 @@ static struct net *vxlan_get_link_net(const struct net_device *dev) return vxlan->net; } @@ -49718,7 +49743,7 @@ index fceb637..37c70fd 100644 .kind = "vxlan", .maxtype = IFLA_VXLAN_MAX, .policy = vxlan_policy, -@@ -2983,7 +2983,7 @@ static int vxlan_lowerdev_event(struct notifier_block *unused, +@@ -2926,7 +2926,7 @@ static int vxlan_lowerdev_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -49909,7 +49934,7 @@ index 0b60295..b8bfa5b 100644 if (rd == NULL) { result = -ENOMEM; diff --git a/drivers/net/wireless/airo.c b/drivers/net/wireless/airo.c -index e71a2ce..2268d61 100644 +index d0c97c2..108f59b 100644 --- a/drivers/net/wireless/airo.c +++ b/drivers/net/wireless/airo.c @@ -7846,7 +7846,7 @@ static int writerids(struct net_device *dev, aironet_ioctl *comp) { @@ -49922,7 +49947,7 @@ index e71a2ce..2268d61 100644 /* Only super-user can write RIDs */ diff --git a/drivers/net/wireless/at76c50x-usb.c b/drivers/net/wireless/at76c50x-usb.c -index da92bfa..5a9001a 100644 +index 49219c5..3625441 100644 --- a/drivers/net/wireless/at76c50x-usb.c +++ b/drivers/net/wireless/at76c50x-usb.c @@ -353,7 +353,7 @@ static int at76_dfu_get_state(struct usb_device *udev, u8 *state) @@ -50203,19 +50228,19 @@ index da84b70..83e4978 100644 static u16 ar9003_calc_ptr_chksum(struct ar9003_txc *ads) diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h -index e82e570..8c3cf90 100644 +index c1d2d03..08352db 100644 --- a/drivers/net/wireless/ath/ath9k/hw.h +++ b/drivers/net/wireless/ath/ath9k/hw.h -@@ -646,7 +646,7 @@ struct ath_hw_private_ops { - - /* ANI */ - void (*ani_cache_ini_regs)(struct ath_hw *ah); +@@ -671,7 +671,7 @@ struct ath_hw_private_ops { + #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT + bool (*is_aic_enabled)(struct ath_hw *ah); + #endif /* CONFIG_ATH9K_BTCOEX_SUPPORT */ -}; +} __no_const; /** * struct ath_spec_scan - parameters for Atheros spectral scan -@@ -722,7 +722,7 @@ struct ath_hw_ops { +@@ -747,7 +747,7 @@ struct ath_hw_ops { #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT void (*set_bt_ant_diversity)(struct ath_hw *hw, bool enable); #endif @@ -50225,10 +50250,10 @@ index e82e570..8c3cf90 100644 struct ath_nf_limits { s16 max; diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c -index 9ede991..a8f08fb 100644 +index b0badef..3e3464c 100644 --- a/drivers/net/wireless/ath/ath9k/main.c +++ b/drivers/net/wireless/ath/ath9k/main.c -@@ -2537,16 +2537,18 @@ void ath9k_fill_chanctx_ops(void) +@@ -2573,16 +2573,18 @@ void ath9k_fill_chanctx_ops(void) if (!ath9k_is_chanctx_enabled()) return; @@ -50422,10 +50447,10 @@ index 0ffb6ff..c0b7f0e 100644 memset(buf, 0, sizeof(buf)); buf_size = min(count, sizeof(buf) - 1); diff --git a/drivers/net/wireless/iwlwifi/pcie/trans.c b/drivers/net/wireless/iwlwifi/pcie/trans.c -index cb72edb..242b24f 100644 +index dc17909..989c9fb 100644 --- a/drivers/net/wireless/iwlwifi/pcie/trans.c +++ b/drivers/net/wireless/iwlwifi/pcie/trans.c -@@ -1837,7 +1837,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, +@@ -1919,7 +1919,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, struct isr_statistics *isr_stats = &trans_pcie->isr_stats; char buf[8]; @@ -50434,7 +50459,7 @@ index cb72edb..242b24f 100644 u32 reset_flag; memset(buf, 0, sizeof(buf)); -@@ -1858,7 +1858,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, +@@ -1940,7 +1940,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, { struct iwl_trans *trans = file->private_data; char buf[8]; @@ -50444,10 +50469,10 @@ index cb72edb..242b24f 100644 memset(buf, 0, sizeof(buf)); diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c -index 8908be6..fe97ddd 100644 +index d5c0a1a..d056b20 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c -@@ -3070,20 +3070,20 @@ static int __init init_mac80211_hwsim(void) +@@ -3149,20 +3149,20 @@ static int __init init_mac80211_hwsim(void) if (channels < 1) return -EINVAL; @@ -50483,7 +50508,7 @@ index 8908be6..fe97ddd 100644 spin_lock_init(&hwsim_radio_lock); INIT_LIST_HEAD(&hwsim_radios); diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c -index 60d44ce..884dd1c 100644 +index d72ff8e..c209a45 100644 --- a/drivers/net/wireless/rndis_wlan.c +++ b/drivers/net/wireless/rndis_wlan.c @@ -1236,7 +1236,7 @@ static int set_rts_threshold(struct usbnet *usbdev, u32 rts_threshold) @@ -50551,10 +50576,10 @@ index b661f896..ddf7d2b 100644 wl1251_info("using SDIO interrupt"); } diff --git a/drivers/net/wireless/ti/wl12xx/main.c b/drivers/net/wireless/ti/wl12xx/main.c -index 144d1f8..7030936 100644 +index af0fe2e..d04986b 100644 --- a/drivers/net/wireless/ti/wl12xx/main.c +++ b/drivers/net/wireless/ti/wl12xx/main.c -@@ -657,7 +657,9 @@ static int wl12xx_identify_chip(struct wl1271 *wl) +@@ -655,7 +655,9 @@ static int wl12xx_identify_chip(struct wl1271 *wl) sizeof(wl->conf.mem)); /* read data preparation is only needed by wl127x */ @@ -50565,7 +50590,7 @@ index 144d1f8..7030936 100644 wlcore_set_min_fw_ver(wl, WL127X_CHIP_VER, WL127X_IFTYPE_SR_VER, WL127X_MAJOR_SR_VER, -@@ -682,7 +684,9 @@ static int wl12xx_identify_chip(struct wl1271 *wl) +@@ -680,7 +682,9 @@ static int wl12xx_identify_chip(struct wl1271 *wl) sizeof(wl->conf.mem)); /* read data preparation is only needed by wl127x */ @@ -50606,6 +50631,27 @@ index a912dc0..a8225ba 100644 u16 int_num; ZD_ASSERT(in_interrupt()); +diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c +index 0d25943..0866c5d 100644 +--- a/drivers/net/xen-netback/netback.c ++++ b/drivers/net/xen-netback/netback.c +@@ -1571,13 +1571,13 @@ static inline void xenvif_tx_dealloc_action(struct xenvif_queue *queue) + smp_rmb(); + + while (dc != dp) { +- BUG_ON(gop - queue->tx_unmap_ops > MAX_PENDING_REQS); ++ BUG_ON(gop - queue->tx_unmap_ops >= MAX_PENDING_REQS); + pending_idx = + queue->dealloc_ring[pending_index(dc++)]; + +- pending_idx_release[gop-queue->tx_unmap_ops] = ++ pending_idx_release[gop - queue->tx_unmap_ops] = + pending_idx; +- queue->pages_to_unmap[gop-queue->tx_unmap_ops] = ++ queue->pages_to_unmap[gop - queue->tx_unmap_ops] = + queue->mmap_pages[pending_idx]; + gnttab_set_unmap_op(gop, + idx_to_kaddr(queue, pending_idx), diff --git a/drivers/nfc/nfcwilink.c b/drivers/nfc/nfcwilink.c index ce2e2cf..f81e500 100644 --- a/drivers/nfc/nfcwilink.c @@ -50620,7 +50666,7 @@ index ce2e2cf..f81e500 100644 __u32 protocols; diff --git a/drivers/nfc/st21nfca/st21nfca.c b/drivers/nfc/st21nfca/st21nfca.c -index 24d3d24..b662ba0 100644 +index d251f72..0512865 100644 --- a/drivers/nfc/st21nfca/st21nfca.c +++ b/drivers/nfc/st21nfca/st21nfca.c @@ -148,14 +148,14 @@ static int st21nfca_hci_load_session(struct nfc_hci_dev *hdev) @@ -50672,20 +50718,11 @@ index 24d3d24..b662ba0 100644 kfree_skb(skb_pipe_list); return r; } -@@ -588,7 +589,7 @@ static int st21nfca_get_iso14443_3_uid(struct nfc_hci_dev *hdev, u8 *gate, - goto exit; - } - -- gate = uid_skb->data; -+ memcpy(gate, uid_skb->data, uid_skb->len); - *len = uid_skb->len; - exit: - kfree_skb(uid_skb); diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c -index 3a896c9..ac7b1c8 100644 +index cde35c5d01..2dbfdbbf 100644 --- a/drivers/of/fdt.c +++ b/drivers/of/fdt.c -@@ -1118,7 +1118,9 @@ static int __init of_fdt_raw_init(void) +@@ -1136,7 +1136,9 @@ static int __init of_fdt_raw_init(void) pr_warn("fdt: not creating '/sys/firmware/fdt': CRC check failed\n"); return 0; } @@ -50697,10 +50734,10 @@ index 3a896c9..ac7b1c8 100644 } late_initcall(of_fdt_raw_init); diff --git a/drivers/oprofile/buffer_sync.c b/drivers/oprofile/buffer_sync.c -index d93b2b6..ae50401 100644 +index 82f7000..d6d0447 100644 --- a/drivers/oprofile/buffer_sync.c +++ b/drivers/oprofile/buffer_sync.c -@@ -332,7 +332,7 @@ static void add_data(struct op_entry *entry, struct mm_struct *mm) +@@ -345,7 +345,7 @@ static void add_data(struct op_entry *entry, struct mm_struct *mm) if (cookie == NO_COOKIE) offset = pc; if (cookie == INVALID_COOKIE) { @@ -50709,7 +50746,7 @@ index d93b2b6..ae50401 100644 offset = pc; } if (cookie != last_cookie) { -@@ -376,14 +376,14 @@ add_sample(struct mm_struct *mm, struct op_sample *s, int in_kernel) +@@ -389,14 +389,14 @@ add_sample(struct mm_struct *mm, struct op_sample *s, int in_kernel) /* add userspace sample */ if (!mm) { @@ -50726,7 +50763,7 @@ index d93b2b6..ae50401 100644 return 0; } -@@ -552,7 +552,7 @@ void sync_buffer(int cpu) +@@ -554,7 +554,7 @@ void sync_buffer(int cpu) /* ignore backtraces if failed to add a sample */ if (state == sb_bt_start) { state = sb_bt_ignore; @@ -50817,7 +50854,7 @@ index 1fc622b..8c48fc3 100644 extern struct oprofile_stat_struct oprofile_stats; diff --git a/drivers/oprofile/oprofilefs.c b/drivers/oprofile/oprofilefs.c -index 3f49345..c750d0b 100644 +index dd92c5e..dfc04b5 100644 --- a/drivers/oprofile/oprofilefs.c +++ b/drivers/oprofile/oprofilefs.c @@ -176,8 +176,8 @@ int oprofilefs_create_ro_ulong(struct dentry *root, @@ -51133,7 +51170,7 @@ index 312f23a..d21181c 100644 if (!sysfs_initialized) return -EACCES; diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h -index 4091f82..7d98eef 100644 +index 9bd762c2..6fb9504 100644 --- a/drivers/pci/pci.h +++ b/drivers/pci/pci.h @@ -99,7 +99,7 @@ struct pci_vpd_ops { @@ -51146,7 +51183,7 @@ index 4091f82..7d98eef 100644 int pci_vpd_pci22_init(struct pci_dev *dev); diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c -index 820740a..8b1c673 100644 +index 7d4fcdc..2f6d8f8 100644 --- a/drivers/pci/pcie/aspm.c +++ b/drivers/pci/pcie/aspm.c @@ -27,9 +27,9 @@ @@ -51176,10 +51213,10 @@ index be35da2..ec16cdb 100644 * Boxes that should not use MSI for PCIe PME signaling. */ diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c -index 8d2f400..c97cc91 100644 +index c911857..56f3f9d 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c -@@ -175,7 +175,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, +@@ -176,7 +176,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, u16 orig_cmd; struct pci_bus_region region, inverted_region; @@ -51282,10 +51319,10 @@ index 7543a56..367ca8ed 100644 1, asus->debug.method_id, &input, &output); diff --git a/drivers/platform/x86/compal-laptop.c b/drivers/platform/x86/compal-laptop.c -index bceb30b..bf063d4 100644 +index b4e9447..9dc6ec34 100644 --- a/drivers/platform/x86/compal-laptop.c +++ b/drivers/platform/x86/compal-laptop.c -@@ -766,7 +766,7 @@ static int dmi_check_cb_extra(const struct dmi_system_id *id) +@@ -765,7 +765,7 @@ static int dmi_check_cb_extra(const struct dmi_system_id *id) return 1; } @@ -51321,7 +51358,7 @@ index 97c2be1..2ee50ce 100644 .matches = { \ DMI_MATCH(DMI_SYS_VENDOR, "IBM"), \ diff --git a/drivers/platform/x86/intel_oaktrail.c b/drivers/platform/x86/intel_oaktrail.c -index a4a4258..a58a04c 100644 +index 8037c8b..f88445c 100644 --- a/drivers/platform/x86/intel_oaktrail.c +++ b/drivers/platform/x86/intel_oaktrail.c @@ -298,7 +298,7 @@ static int dmi_check_cb(const struct dmi_system_id *id) @@ -51474,19 +51511,10 @@ index e51c1e7..71bb385 100644 .ident = "Sony Vaio", .matches = { diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c -index 3b8ceee..e18652c 100644 +index 28f3281..171d8c3 100644 --- a/drivers/platform/x86/thinkpad_acpi.c +++ b/drivers/platform/x86/thinkpad_acpi.c -@@ -2093,7 +2093,7 @@ static int hotkey_mask_get(void) - return 0; - } - --void static hotkey_mask_warn_incomplete_mask(void) -+static void hotkey_mask_warn_incomplete_mask(void) - { - /* log only what the user can fix... */ - const u32 wantedmask = hotkey_driver_mask & -@@ -2437,10 +2437,10 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2459,10 +2459,10 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, && !tp_features.bright_unkfw) TPACPI_MAY_SEND_KEY(TP_ACPI_HOTKEYSCAN_FNHOME); } @@ -51572,10 +51600,10 @@ index facd43b..b291260 100644 .callback = exploding_pnp_bios, .ident = "Higraded P14H", diff --git a/drivers/power/pda_power.c b/drivers/power/pda_power.c -index 0c52e2a..3421ab7 100644 +index dfe1ee8..67e820c 100644 --- a/drivers/power/pda_power.c +++ b/drivers/power/pda_power.c -@@ -37,7 +37,11 @@ static int polling; +@@ -38,7 +38,11 @@ static struct power_supply *pda_psy_ac, *pda_psy_usb; #if IS_ENABLED(CONFIG_USB_PHY) static struct usb_phy *transceiver; @@ -51588,7 +51616,7 @@ index 0c52e2a..3421ab7 100644 #endif static struct regulator *ac_draw; -@@ -369,7 +373,6 @@ static int pda_power_probe(struct platform_device *pdev) +@@ -373,7 +377,6 @@ static int pda_power_probe(struct platform_device *pdev) #if IS_ENABLED(CONFIG_USB_PHY) if (!IS_ERR_OR_NULL(transceiver) && pdata->use_otg_notifier) { @@ -51616,7 +51644,7 @@ index cc439fd..8fa30df 100644 #endif /* CONFIG_SYSFS */ diff --git a/drivers/power/power_supply_core.c b/drivers/power/power_supply_core.c -index 694e8cd..9f03483 100644 +index 4bc0c7f..198c99d 100644 --- a/drivers/power/power_supply_core.c +++ b/drivers/power/power_supply_core.c @@ -28,7 +28,10 @@ EXPORT_SYMBOL_GPL(power_supply_class); @@ -51629,9 +51657,9 @@ index 694e8cd..9f03483 100644 + .groups = power_supply_attr_groups, +}; - static bool __power_supply_is_supplied_by(struct power_supply *supplier, - struct power_supply *supply) -@@ -637,7 +640,7 @@ static int __init power_supply_class_init(void) + #define POWER_SUPPLY_DEFERRED_REGISTER_TIME msecs_to_jiffies(10) + +@@ -921,7 +924,7 @@ static int __init power_supply_class_init(void) return PTR_ERR(power_supply_class); power_supply_class->dev_uevent = power_supply_uevent; @@ -51641,7 +51669,7 @@ index 694e8cd..9f03483 100644 return 0; } diff --git a/drivers/power/power_supply_sysfs.c b/drivers/power/power_supply_sysfs.c -index 62653f5..d0bb485 100644 +index 9134e3d..45eee1e 100644 --- a/drivers/power/power_supply_sysfs.c +++ b/drivers/power/power_supply_sysfs.c @@ -238,17 +238,15 @@ static struct attribute_group power_supply_attr_group = { @@ -51880,10 +51908,10 @@ index 302e626..12579af 100644 da->attr.name = info->pin_config[i].name; da->attr.mode = 0644; diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c -index a4a8a6d..a3456f4 100644 +index 8a28116..05b0ad5 100644 --- a/drivers/regulator/core.c +++ b/drivers/regulator/core.c -@@ -3529,7 +3529,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3603,7 +3603,7 @@ regulator_register(const struct regulator_desc *regulator_desc, const struct regulation_constraints *constraints = NULL; const struct regulator_init_data *init_data; struct regulator_config *config = NULL; @@ -51892,7 +51920,7 @@ index a4a8a6d..a3456f4 100644 struct regulator_dev *rdev; struct device *dev; int ret, i; -@@ -3613,7 +3613,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3686,7 +3686,7 @@ regulator_register(const struct regulator_desc *regulator_desc, rdev->dev.class = ®ulator_class; rdev->dev.parent = dev; dev_set_name(&rdev->dev, "regulator.%lu", @@ -51902,10 +51930,10 @@ index a4a8a6d..a3456f4 100644 if (ret != 0) { put_device(&rdev->dev); diff --git a/drivers/regulator/max8660.c b/drivers/regulator/max8660.c -index 7eee2ca..4024513 100644 +index 4071d74..260b15a 100644 --- a/drivers/regulator/max8660.c +++ b/drivers/regulator/max8660.c -@@ -424,8 +424,10 @@ static int max8660_probe(struct i2c_client *client, +@@ -423,8 +423,10 @@ static int max8660_probe(struct i2c_client *client, max8660->shadow_regs[MAX8660_OVER1] = 5; } else { /* Otherwise devices can be toggled via software */ @@ -51958,10 +51986,10 @@ index 0d17c92..a29f627 100644 mc13xxx_data = mc13xxx_parse_regulators_dt(pdev, mc13892_regulators, diff --git a/drivers/rtc/rtc-cmos.c b/drivers/rtc/rtc-cmos.c -index 5b2e761..c8c8a4a 100644 +index a82556a0..e842923 100644 --- a/drivers/rtc/rtc-cmos.c +++ b/drivers/rtc/rtc-cmos.c -@@ -789,7 +789,9 @@ cmos_do_probe(struct device *dev, struct resource *ports, int rtc_irq) +@@ -793,7 +793,9 @@ cmos_do_probe(struct device *dev, struct resource *ports, int rtc_irq) hpet_rtc_timer_init(); /* export at least the first block of NVRAM */ @@ -52021,6 +52049,23 @@ index 90abb5b..e0bf6dd 100644 ret = sysfs_create_bin_file(&pdev->dev.kobj, &m48t59_nvram_attr); if (ret) +diff --git a/drivers/rtc/rtc-test.c b/drivers/rtc/rtc-test.c +index 3a2da4c..e88493c 100644 +--- a/drivers/rtc/rtc-test.c ++++ b/drivers/rtc/rtc-test.c +@@ -112,8 +112,10 @@ static int test_probe(struct platform_device *plat_dev) + struct rtc_device *rtc; + + if (test_mmss64) { +- test_rtc_ops.set_mmss64 = test_rtc_set_mmss64; +- test_rtc_ops.set_mmss = NULL; ++ pax_open_kernel(); ++ *(void **)&test_rtc_ops.set_mmss64 = test_rtc_set_mmss64; ++ *(void **)&test_rtc_ops.set_mmss = NULL; ++ pax_close_kernel(); + } + + rtc = devm_rtc_device_register(&plat_dev->dev, "test", diff --git a/drivers/scsi/bfa/bfa_fcpim.h b/drivers/scsi/bfa/bfa_fcpim.h index e693af6..2e525b6 100644 --- a/drivers/scsi/bfa/bfa_fcpim.h @@ -52216,7 +52261,7 @@ index 8bb173e..20236b4 100644 /* These three are default values which can be overridden */ diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c -index a1cfbd3..d7f8ebc 100644 +index 8eab107..599cd79 100644 --- a/drivers/scsi/hpsa.c +++ b/drivers/scsi/hpsa.c @@ -697,10 +697,10 @@ static inline u32 next_command(struct ctlr_info *h, u8 q) @@ -52271,7 +52316,7 @@ index a1cfbd3..d7f8ebc 100644 pci_disable_link_state(h->pdev, PCIE_LINK_STATE_L0S | PCIE_LINK_STATE_L1 | PCIE_LINK_STATE_CLKPM); -@@ -6649,7 +6649,7 @@ static void controller_lockup_detected(struct ctlr_info *h) +@@ -6647,7 +6647,7 @@ static void controller_lockup_detected(struct ctlr_info *h) unsigned long flags; u32 lockup_detected; @@ -52280,7 +52325,7 @@ index a1cfbd3..d7f8ebc 100644 spin_lock_irqsave(&h->lock, flags); lockup_detected = readl(h->vaddr + SA5_SCRATCHPAD_OFFSET); if (!lockup_detected) { -@@ -6924,7 +6924,7 @@ reinit_after_soft_reset: +@@ -6922,7 +6922,7 @@ reinit_after_soft_reset: } /* make sure the board interrupts are off */ @@ -52289,7 +52334,7 @@ index a1cfbd3..d7f8ebc 100644 if (hpsa_request_irqs(h, do_hpsa_intr_msi, do_hpsa_intr_intx)) goto clean2; -@@ -6960,7 +6960,7 @@ reinit_after_soft_reset: +@@ -6958,7 +6958,7 @@ reinit_after_soft_reset: * fake ones to scoop up any residual completions. */ spin_lock_irqsave(&h->lock, flags); @@ -52298,7 +52343,7 @@ index a1cfbd3..d7f8ebc 100644 spin_unlock_irqrestore(&h->lock, flags); hpsa_free_irqs(h); rc = hpsa_request_irqs(h, hpsa_msix_discard_completions, -@@ -6979,9 +6979,9 @@ reinit_after_soft_reset: +@@ -6977,9 +6977,9 @@ reinit_after_soft_reset: dev_info(&h->pdev->dev, "Board READY.\n"); dev_info(&h->pdev->dev, "Waiting for stale completions to drain.\n"); @@ -52310,7 +52355,7 @@ index a1cfbd3..d7f8ebc 100644 rc = controller_reset_failed(h->cfgtable); if (rc) -@@ -7006,7 +7006,7 @@ reinit_after_soft_reset: +@@ -7004,7 +7004,7 @@ reinit_after_soft_reset: /* Turn the interrupts on so we can service requests */ @@ -52319,7 +52364,7 @@ index a1cfbd3..d7f8ebc 100644 hpsa_hba_inquiry(h); hpsa_register_scsi(h); /* hook ourselves into SCSI subsystem */ -@@ -7079,7 +7079,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) +@@ -7077,7 +7077,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) * To write all data in the battery backed cache to disks */ hpsa_flush_cache(h); @@ -52328,7 +52373,7 @@ index a1cfbd3..d7f8ebc 100644 hpsa_free_irqs_and_disable_msix(h); } -@@ -7200,7 +7200,7 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) +@@ -7198,7 +7198,7 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) CFGTBL_Trans_enable_directed_msix | (trans_support & (CFGTBL_Trans_io_accel1 | CFGTBL_Trans_io_accel2)); @@ -52337,7 +52382,7 @@ index a1cfbd3..d7f8ebc 100644 /* This is a bit complicated. There are 8 registers on * the controller which we write to to tell it 8 different -@@ -7242,7 +7242,7 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) +@@ -7240,7 +7240,7 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) * perform the superfluous readl() after each command submission. */ if (trans_support & (CFGTBL_Trans_io_accel1 | CFGTBL_Trans_io_accel2)) @@ -52346,7 +52391,7 @@ index a1cfbd3..d7f8ebc 100644 /* Controller spec: zero out this buffer. */ for (i = 0; i < h->nreply_queues; i++) -@@ -7272,12 +7272,12 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) +@@ -7270,12 +7270,12 @@ static int hpsa_enter_performant_mode(struct ctlr_info *h, u32 trans_support) * enable outbound interrupt coalescing in accelerator mode; */ if (trans_support & CFGTBL_Trans_io_accel1) { @@ -52592,10 +52637,10 @@ index 9c706d8..d3e3ed2 100644 .qc_issue = sas_ata_qc_issue, .qc_fill_rtf = sas_ata_qc_fill_rtf, diff --git a/drivers/scsi/lpfc/lpfc.h b/drivers/scsi/lpfc/lpfc.h -index 434e903..5a4a79b 100644 +index 9b81a34..a9b7b8c 100644 --- a/drivers/scsi/lpfc/lpfc.h +++ b/drivers/scsi/lpfc/lpfc.h -@@ -430,7 +430,7 @@ struct lpfc_vport { +@@ -433,7 +433,7 @@ struct lpfc_vport { struct dentry *debug_nodelist; struct dentry *vport_debugfs_root; struct lpfc_debugfs_trc *disc_trc; @@ -52604,7 +52649,7 @@ index 434e903..5a4a79b 100644 #endif uint8_t stat_data_enabled; uint8_t stat_data_blocked; -@@ -880,8 +880,8 @@ struct lpfc_hba { +@@ -883,8 +883,8 @@ struct lpfc_hba { struct timer_list fabric_block_timer; unsigned long bit_flags; #define FABRIC_COMANDS_BLOCKED 0 @@ -52615,7 +52660,7 @@ index 434e903..5a4a79b 100644 unsigned long last_rsrc_error_time; unsigned long last_ramp_down_time; #ifdef CONFIG_SCSI_LPFC_DEBUG_FS -@@ -916,7 +916,7 @@ struct lpfc_hba { +@@ -919,7 +919,7 @@ struct lpfc_hba { struct dentry *debug_slow_ring_trc; struct lpfc_debugfs_trc *slow_ring_trc; @@ -52625,7 +52670,7 @@ index 434e903..5a4a79b 100644 struct dentry *idiag_root; struct dentry *idiag_pci_cfg; diff --git a/drivers/scsi/lpfc/lpfc_debugfs.c b/drivers/scsi/lpfc/lpfc_debugfs.c -index 5633e7d..8272114 100644 +index 513edcb..805c6a8 100644 --- a/drivers/scsi/lpfc/lpfc_debugfs.c +++ b/drivers/scsi/lpfc/lpfc_debugfs.c @@ -106,7 +106,7 @@ MODULE_PARM_DESC(lpfc_debugfs_mask_disc_trc, @@ -52708,10 +52753,10 @@ index 5633e7d..8272114 100644 snprintf(name, sizeof(name), "discovery_trace"); vport->debug_disc_trc = diff --git a/drivers/scsi/lpfc/lpfc_init.c b/drivers/scsi/lpfc/lpfc_init.c -index 0b2c53a..aec2b45 100644 +index e8c8c1e..5f2e11c 100644 --- a/drivers/scsi/lpfc/lpfc_init.c +++ b/drivers/scsi/lpfc/lpfc_init.c -@@ -11290,8 +11290,10 @@ lpfc_init(void) +@@ -11406,8 +11406,10 @@ lpfc_init(void) "misc_register returned with status %d", error); if (lpfc_enable_npiv) { @@ -52725,7 +52770,7 @@ index 0b2c53a..aec2b45 100644 lpfc_transport_template = fc_attach_transport(&lpfc_transport_functions); diff --git a/drivers/scsi/lpfc/lpfc_scsi.c b/drivers/scsi/lpfc/lpfc_scsi.c -index 4f9222e..f1850e3 100644 +index c140f99..11b2505 100644 --- a/drivers/scsi/lpfc/lpfc_scsi.c +++ b/drivers/scsi/lpfc/lpfc_scsi.c @@ -261,7 +261,7 @@ lpfc_rampdown_queue_depth(struct lpfc_hba *phba) @@ -52944,7 +52989,7 @@ index 7686bfe..4710893 100644 extern void qla2x00_free_sysfs_attr(scsi_qla_host_t *, bool); extern void qla2x00_init_host_attr(scsi_qla_host_t *); diff --git a/drivers/scsi/qla2xxx/qla_os.c b/drivers/scsi/qla2xxx/qla_os.c -index cce1cbc..5b9f0fe 100644 +index 7462dd7..5b64c24 100644 --- a/drivers/scsi/qla2xxx/qla_os.c +++ b/drivers/scsi/qla2xxx/qla_os.c @@ -1435,8 +1435,10 @@ qla2x00_config_dma_addressing(struct qla_hw_data *ha) @@ -53002,7 +53047,7 @@ index 6d25879..3031a9f 100644 ddb_entry->default_relogin_timeout = (def_timeout > LOGIN_TOV) && (def_timeout < LOGIN_TOV * 10) ? diff --git a/drivers/scsi/scsi.c b/drivers/scsi/scsi.c -index c9c3b57..22a8e41 100644 +index 3833bf5..95feaf1 100644 --- a/drivers/scsi/scsi.c +++ b/drivers/scsi/scsi.c @@ -637,7 +637,7 @@ void scsi_finish_command(struct scsi_cmnd *cmd) @@ -53062,10 +53107,10 @@ index 1ac38e7..6acc656 100644 } \ static DEVICE_ATTR(field, S_IRUGO, show_iostat_##field, NULL) diff --git a/drivers/scsi/scsi_transport_fc.c b/drivers/scsi/scsi_transport_fc.c -index 5d6f348..18778a6b 100644 +index 24eaaf6..de30ec9 100644 --- a/drivers/scsi/scsi_transport_fc.c +++ b/drivers/scsi/scsi_transport_fc.c -@@ -501,7 +501,7 @@ static DECLARE_TRANSPORT_CLASS(fc_vport_class, +@@ -502,7 +502,7 @@ static DECLARE_TRANSPORT_CLASS(fc_vport_class, * Netlink Infrastructure */ @@ -53074,7 +53119,7 @@ index 5d6f348..18778a6b 100644 /** * fc_get_event_number - Obtain the next sequential FC event number -@@ -514,7 +514,7 @@ static atomic_t fc_event_seq; +@@ -515,7 +515,7 @@ static atomic_t fc_event_seq; u32 fc_get_event_number(void) { @@ -53083,7 +53128,7 @@ index 5d6f348..18778a6b 100644 } EXPORT_SYMBOL(fc_get_event_number); -@@ -658,7 +658,7 @@ static __init int fc_transport_init(void) +@@ -659,7 +659,7 @@ static __init int fc_transport_init(void) { int error; @@ -53092,7 +53137,7 @@ index 5d6f348..18778a6b 100644 error = transport_class_register(&fc_host_class); if (error) -@@ -848,7 +848,7 @@ static int fc_str_to_dev_loss(const char *buf, unsigned long *val) +@@ -849,7 +849,7 @@ static int fc_str_to_dev_loss(const char *buf, unsigned long *val) char *cp; *val = simple_strtoul(buf, &cp, 0); @@ -53133,7 +53178,7 @@ index 67d43e3..8cee73c 100644 err = class_register(&iscsi_transport_class); if (err) diff --git a/drivers/scsi/scsi_transport_srp.c b/drivers/scsi/scsi_transport_srp.c -index ae45bd9..c32a586 100644 +index f115f67..b80b2c1 100644 --- a/drivers/scsi/scsi_transport_srp.c +++ b/drivers/scsi/scsi_transport_srp.c @@ -35,7 +35,7 @@ @@ -53154,7 +53199,7 @@ index ae45bd9..c32a586 100644 return 0; } -@@ -734,7 +734,7 @@ struct srp_rport *srp_rport_add(struct Scsi_Host *shost, +@@ -744,7 +744,7 @@ struct srp_rport *srp_rport_add(struct Scsi_Host *shost, rport_fast_io_fail_timedout); INIT_DELAYED_WORK(&rport->dev_loss_work, rport_dev_loss_timedout); @@ -53164,7 +53209,7 @@ index ae45bd9..c32a586 100644 transport_setup_device(&rport->dev); diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c -index a661d33..1b233fa 100644 +index 7f9d65f..e856438 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -111,7 +111,7 @@ static int sd_resume(struct device *); @@ -53176,7 +53221,7 @@ index a661d33..1b233fa 100644 static int sd_eh_action(struct scsi_cmnd *, int); static void sd_read_capacity(struct scsi_disk *sdkp, unsigned char *buffer); static void scsi_disk_release(struct device *cdev); -@@ -1670,7 +1670,7 @@ static unsigned int sd_completed_bytes(struct scsi_cmnd *scmd) +@@ -1646,7 +1646,7 @@ static unsigned int sd_completed_bytes(struct scsi_cmnd *scmd) * * Note: potentially run from within an ISR. Must not block. **/ @@ -53185,7 +53230,7 @@ index a661d33..1b233fa 100644 { int result = SCpnt->result; unsigned int good_bytes = result ? 0 : scsi_bufflen(SCpnt); -@@ -2997,7 +2997,7 @@ static int sd_probe(struct device *dev) +@@ -2973,7 +2973,7 @@ static int sd_probe(struct device *dev) sdkp->disk = gd; sdkp->index = index; atomic_set(&sdkp->openers, 0); @@ -53195,7 +53240,7 @@ index a661d33..1b233fa 100644 if (!sdp->request_queue->rq_timeout) { if (sdp->type != TYPE_MOD) diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c -index 2270bd5..98408a5 100644 +index 9d7b7db..33ecc51 100644 --- a/drivers/scsi/sg.c +++ b/drivers/scsi/sg.c @@ -1083,7 +1083,7 @@ sg_ioctl(struct file *filp, unsigned int cmd_in, unsigned long arg) @@ -53235,6 +53280,21 @@ index 8bd54a6..dd037a5 100644 int block_sectors = 0; long error_sector; struct scsi_cd *cd = scsi_cd(SCpnt->request->rq_disk); +diff --git a/drivers/scsi/st.c b/drivers/scsi/st.c +index 9a1c342..525ab4c 100644 +--- a/drivers/scsi/st.c ++++ b/drivers/scsi/st.c +@@ -1274,9 +1274,9 @@ static int st_open(struct inode *inode, struct file *filp) + spin_lock(&st_use_lock); + STp->in_use = 0; + spin_unlock(&st_use_lock); +- scsi_tape_put(STp); + if (resumed) + scsi_autopm_put_device(STp->device); ++ scsi_tape_put(STp); + return retval; + + } diff --git a/drivers/soc/tegra/fuse/fuse-tegra.c b/drivers/soc/tegra/fuse/fuse-tegra.c index c0d660f..24a5854 100644 --- a/drivers/soc/tegra/fuse/fuse-tegra.c @@ -53249,10 +53309,10 @@ index c0d660f..24a5854 100644 .read = fuse_read, }; diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c -index 57a1950..ae54e21 100644 +index d35c1a1..eda08dc 100644 --- a/drivers/spi/spi.c +++ b/drivers/spi/spi.c -@@ -2307,7 +2307,7 @@ int spi_bus_unlock(struct spi_master *master) +@@ -2206,7 +2206,7 @@ int spi_bus_unlock(struct spi_master *master) EXPORT_SYMBOL_GPL(spi_bus_unlock); /* portable code must never pass more than 32 bytes */ @@ -53293,7 +53353,7 @@ index b41429f..2de5373 100644 MKDEV(0, tdev->index), NULL, "%s", tdev->name); if (IS_ERR(tdev->dev)) diff --git a/drivers/staging/comedi/comedi_fops.c b/drivers/staging/comedi/comedi_fops.c -index 727640e..55bf61c 100644 +index e78ddbe..ac437c0 100644 --- a/drivers/staging/comedi/comedi_fops.c +++ b/drivers/staging/comedi/comedi_fops.c @@ -297,8 +297,8 @@ static void comedi_file_reset(struct file *file) @@ -53307,7 +53367,7 @@ index 727640e..55bf61c 100644 } static void comedi_file_check(struct file *file) -@@ -1924,7 +1924,7 @@ static int do_setrsubd_ioctl(struct comedi_device *dev, unsigned long arg, +@@ -1951,7 +1951,7 @@ static int do_setrsubd_ioctl(struct comedi_device *dev, unsigned long arg, !(s_old->async->cmd.flags & CMDF_WRITE)) return -EBUSY; @@ -53316,7 +53376,7 @@ index 727640e..55bf61c 100644 return 0; } -@@ -1966,7 +1966,7 @@ static int do_setwsubd_ioctl(struct comedi_device *dev, unsigned long arg, +@@ -1993,7 +1993,7 @@ static int do_setwsubd_ioctl(struct comedi_device *dev, unsigned long arg, (s_old->async->cmd.flags & CMDF_WRITE)) return -EBUSY; @@ -53326,10 +53386,10 @@ index 727640e..55bf61c 100644 } diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c -index 37dcf7e..f3c2016 100644 +index 53b748b..a5ae0b3 100644 --- a/drivers/staging/fbtft/fbtft-core.c +++ b/drivers/staging/fbtft/fbtft-core.c -@@ -689,7 +689,7 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display, +@@ -680,7 +680,7 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display, { struct fb_info *info; struct fbtft_par *par; @@ -53339,7 +53399,7 @@ index 37dcf7e..f3c2016 100644 struct fbtft_platform_data *pdata = dev->platform_data; u8 *vmem = NULL; diff --git a/drivers/staging/fbtft/fbtft.h b/drivers/staging/fbtft/fbtft.h -index 0dbf3f9..fed0063 100644 +index 9fd98cb..a9cf912 100644 --- a/drivers/staging/fbtft/fbtft.h +++ b/drivers/staging/fbtft/fbtft.h @@ -106,7 +106,7 @@ struct fbtft_ops { @@ -53378,10 +53438,10 @@ index d23c3c2..eb63c81 100644 and pointers */ #endif diff --git a/drivers/staging/i2o/i2o_proc.c b/drivers/staging/i2o/i2o_proc.c -index ad84f33..c5bdf65 100644 +index 780fee3..ca9dcae 100644 --- a/drivers/staging/i2o/i2o_proc.c +++ b/drivers/staging/i2o/i2o_proc.c -@@ -255,12 +255,6 @@ static char *scsi_devices[] = { +@@ -253,12 +253,6 @@ static char *scsi_devices[] = { "Array Controller Device" }; @@ -53394,7 +53454,7 @@ index ad84f33..c5bdf65 100644 static int i2o_report_query_status(struct seq_file *seq, int block_status, char *group) { -@@ -707,9 +701,9 @@ static int i2o_seq_show_status(struct seq_file *seq, void *v) +@@ -711,9 +705,9 @@ static int i2o_seq_show_status(struct seq_file *seq, void *v) static int i2o_seq_show_hw(struct seq_file *seq, void *v) { struct i2o_controller *c = (struct i2o_controller *)seq->private; @@ -53407,7 +53467,7 @@ index ad84f33..c5bdf65 100644 int token; u32 hwcap; -@@ -790,7 +784,6 @@ static int i2o_seq_show_ddm_table(struct seq_file *seq, void *v) +@@ -794,7 +788,6 @@ static int i2o_seq_show_ddm_table(struct seq_file *seq, void *v) } *result; i2o_exec_execute_ddm_table ddm_table; @@ -53415,7 +53475,7 @@ index ad84f33..c5bdf65 100644 result = kmalloc(sizeof(*result), GFP_KERNEL); if (!result) -@@ -825,8 +818,7 @@ static int i2o_seq_show_ddm_table(struct seq_file *seq, void *v) +@@ -829,8 +822,7 @@ static int i2o_seq_show_ddm_table(struct seq_file *seq, void *v) seq_printf(seq, "%-#7x", ddm_table.i2o_vendor_id); seq_printf(seq, "%-#8x", ddm_table.module_id); @@ -53425,7 +53485,7 @@ index ad84f33..c5bdf65 100644 seq_printf(seq, "%9d ", ddm_table.data_size); seq_printf(seq, "%8d", ddm_table.code_size); -@@ -893,7 +885,6 @@ static int i2o_seq_show_drivers_stored(struct seq_file *seq, void *v) +@@ -897,7 +889,6 @@ static int i2o_seq_show_drivers_stored(struct seq_file *seq, void *v) i2o_driver_result_table *result; i2o_driver_store_table *dst; @@ -53433,7 +53493,7 @@ index ad84f33..c5bdf65 100644 result = kmalloc(sizeof(i2o_driver_result_table), GFP_KERNEL); if (result == NULL) -@@ -928,9 +919,8 @@ static int i2o_seq_show_drivers_stored(struct seq_file *seq, void *v) +@@ -932,9 +923,8 @@ static int i2o_seq_show_drivers_stored(struct seq_file *seq, void *v) seq_printf(seq, "%-#7x", dst->i2o_vendor_id); seq_printf(seq, "%-#8x", dst->module_id); @@ -53445,7 +53505,7 @@ index ad84f33..c5bdf65 100644 seq_printf(seq, "%8d ", dst->module_size); seq_printf(seq, "%8d ", dst->mpb_size); seq_printf(seq, "0x%04x", dst->module_flags); -@@ -1246,11 +1236,10 @@ static int i2o_seq_show_authorized_users(struct seq_file *seq, void *v) +@@ -1250,11 +1240,10 @@ static int i2o_seq_show_authorized_users(struct seq_file *seq, void *v) static int i2o_seq_show_dev_identity(struct seq_file *seq, void *v) { struct i2o_device *d = (struct i2o_device *)seq->private; @@ -53459,7 +53519,7 @@ index ad84f33..c5bdf65 100644 token = i2o_parm_field_get(d, 0xF100, -1, &work32, sizeof(work32)); -@@ -1262,14 +1251,10 @@ static int i2o_seq_show_dev_identity(struct seq_file *seq, void *v) +@@ -1266,14 +1255,10 @@ static int i2o_seq_show_dev_identity(struct seq_file *seq, void *v) seq_printf(seq, "Device Class : %s\n", i2o_get_class_name(work16[0])); seq_printf(seq, "Owner TID : %0#5x\n", work16[2]); seq_printf(seq, "Parent TID : %0#5x\n", work16[3]); @@ -53478,7 +53538,7 @@ index ad84f33..c5bdf65 100644 seq_printf(seq, "Serial number : "); print_serial_number(seq, (u8 *) (work32 + 16), -@@ -1306,8 +1291,6 @@ static int i2o_seq_show_ddm_identity(struct seq_file *seq, void *v) +@@ -1310,8 +1295,6 @@ static int i2o_seq_show_ddm_identity(struct seq_file *seq, void *v) u8 pad[256]; // allow up to 256 byte (max) serial number } result; @@ -53487,7 +53547,7 @@ index ad84f33..c5bdf65 100644 token = i2o_parm_field_get(d, 0xF101, -1, &result, sizeof(result)); if (token < 0) { -@@ -1316,10 +1299,8 @@ static int i2o_seq_show_ddm_identity(struct seq_file *seq, void *v) +@@ -1320,10 +1303,8 @@ static int i2o_seq_show_ddm_identity(struct seq_file *seq, void *v) } seq_printf(seq, "Registering DDM TID : 0x%03x\n", result.ddm_tid); @@ -53500,7 +53560,7 @@ index ad84f33..c5bdf65 100644 seq_printf(seq, "Serial number : "); print_serial_number(seq, result.serial_number, sizeof(result) - 36); -@@ -1343,8 +1324,6 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) +@@ -1347,8 +1328,6 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) u8 instance_number[4]; } result; @@ -53509,7 +53569,7 @@ index ad84f33..c5bdf65 100644 token = i2o_parm_field_get(d, 0xF102, -1, &result, sizeof(result)); if (token < 0) { -@@ -1352,14 +1331,10 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) +@@ -1356,14 +1335,10 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) return 0; } @@ -53528,7 +53588,7 @@ index ad84f33..c5bdf65 100644 return 0; } -@@ -1368,9 +1343,9 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) +@@ -1372,9 +1347,9 @@ static int i2o_seq_show_uinfo(struct seq_file *seq, void *v) static int i2o_seq_show_sgl_limits(struct seq_file *seq, void *v) { struct i2o_device *d = (struct i2o_device *)seq->private; @@ -53542,7 +53602,7 @@ index ad84f33..c5bdf65 100644 token = i2o_parm_field_get(d, 0xF103, -1, &work32, sizeof(work32)); diff --git a/drivers/staging/i2o/iop.c b/drivers/staging/i2o/iop.c -index 52334fc..d7f40b3 100644 +index 23bdbe4..4e1f340 100644 --- a/drivers/staging/i2o/iop.c +++ b/drivers/staging/i2o/iop.c @@ -111,10 +111,10 @@ u32 i2o_cntxt_list_add(struct i2o_controller * c, void *ptr) @@ -53568,11 +53628,39 @@ index 52334fc..d7f40b3 100644 INIT_LIST_HEAD(&c->context_list); #endif +diff --git a/drivers/staging/iio/accel/lis3l02dq_ring.c b/drivers/staging/iio/accel/lis3l02dq_ring.c +index b892f2c..9b4898a 100644 +--- a/drivers/staging/iio/accel/lis3l02dq_ring.c ++++ b/drivers/staging/iio/accel/lis3l02dq_ring.c +@@ -118,7 +118,7 @@ static int lis3l02dq_get_buffer_element(struct iio_dev *indio_dev, + int scan_count = bitmap_weight(indio_dev->active_scan_mask, + indio_dev->masklength); + +- rx_array = kcalloc(4, scan_count, GFP_KERNEL); ++ rx_array = kcalloc(scan_count, 4, GFP_KERNEL); + if (!rx_array) + return -ENOMEM; + ret = lis3l02dq_read_all(indio_dev, rx_array); +diff --git a/drivers/staging/iio/adc/ad7280a.c b/drivers/staging/iio/adc/ad7280a.c +index d98e229..9c59bc2 100644 +--- a/drivers/staging/iio/adc/ad7280a.c ++++ b/drivers/staging/iio/adc/ad7280a.c +@@ -547,8 +547,8 @@ static int ad7280_attr_init(struct ad7280_state *st) + { + int dev, ch, cnt; + +- st->iio_attr = kcalloc(2, sizeof(*st->iio_attr) * +- (st->slave_num + 1) * AD7280A_CELLS_PER_DEV, ++ st->iio_attr = kcalloc(sizeof(*st->iio_attr) * ++ (st->slave_num + 1) * AD7280A_CELLS_PER_DEV, 2, + GFP_KERNEL); + if (st->iio_attr == NULL) + return -ENOMEM; diff --git a/drivers/staging/lustre/lnet/selftest/brw_test.c b/drivers/staging/lustre/lnet/selftest/brw_test.c -index 463da07..e791ce9 100644 +index 658f458..0564216 100644 --- a/drivers/staging/lustre/lnet/selftest/brw_test.c +++ b/drivers/staging/lustre/lnet/selftest/brw_test.c -@@ -488,13 +488,11 @@ brw_server_handle(struct srpc_server_rpc *rpc) +@@ -487,13 +487,11 @@ brw_server_handle(struct srpc_server_rpc *rpc) return 0; } @@ -53592,7 +53680,7 @@ index 463da07..e791ce9 100644 srpc_service_t brw_test_service; diff --git a/drivers/staging/lustre/lnet/selftest/framework.c b/drivers/staging/lustre/lnet/selftest/framework.c -index 5709148..ccd9e0d 100644 +index a93a90d..c51dde6 100644 --- a/drivers/staging/lustre/lnet/selftest/framework.c +++ b/drivers/staging/lustre/lnet/selftest/framework.c @@ -1628,12 +1628,10 @@ static srpc_service_t sfw_services[] = { @@ -53608,21 +53696,21 @@ index 5709148..ccd9e0d 100644 extern void brw_init_test_service(void); -@@ -1675,12 +1673,10 @@ sfw_startup (void) +@@ -1675,12 +1673,10 @@ sfw_startup(void) INIT_LIST_HEAD(&sfw_data.fw_zombie_rpcs); INIT_LIST_HEAD(&sfw_data.fw_zombie_sessions); - brw_init_test_client(); brw_init_test_service(); rc = sfw_register_test(&brw_test_service, &brw_test_client); - LASSERT (rc == 0); + LASSERT(rc == 0); - ping_init_test_client(); ping_init_test_service(); rc = sfw_register_test(&ping_test_service, &ping_test_client); - LASSERT (rc == 0); + LASSERT(rc == 0); diff --git a/drivers/staging/lustre/lnet/selftest/ping_test.c b/drivers/staging/lustre/lnet/selftest/ping_test.c -index d8c0df6..5041cbb 100644 +index 644069a..83cbd26 100644 --- a/drivers/staging/lustre/lnet/selftest/ping_test.c +++ b/drivers/staging/lustre/lnet/selftest/ping_test.c @@ -211,14 +211,12 @@ ping_server_handle(struct srpc_server_rpc *rpc) @@ -53647,7 +53735,7 @@ index d8c0df6..5041cbb 100644 srpc_service_t ping_test_service; void ping_init_test_service(void) diff --git a/drivers/staging/lustre/lustre/include/lustre_dlm.h b/drivers/staging/lustre/lustre/include/lustre_dlm.h -index 83bc0a9..12ba00a 100644 +index bac9902..0225fe1 100644 --- a/drivers/staging/lustre/lustre/include/lustre_dlm.h +++ b/drivers/staging/lustre/lustre/include/lustre_dlm.h @@ -1139,7 +1139,7 @@ struct ldlm_callback_suite { @@ -53685,11 +53773,28 @@ index a4c252f..b21acac 100644 CDEBUG(D_DLMTRACE, "flags %#llx owner %llu pid %u mode %u start %llu end %llu\n", -diff --git a/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c b/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c -index c539e37..743b213 100644 ---- a/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c -+++ b/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c -@@ -237,7 +237,7 @@ static int proc_console_max_delay_cs(struct ctl_table *table, int write, +diff --git a/drivers/staging/lustre/lustre/libcfs/module.c b/drivers/staging/lustre/lustre/libcfs/module.c +index f0ee76a..1d01af9 100644 +--- a/drivers/staging/lustre/lustre/libcfs/module.c ++++ b/drivers/staging/lustre/lustre/libcfs/module.c +@@ -380,11 +380,11 @@ out: + + + struct cfs_psdev_ops libcfs_psdev_ops = { +- libcfs_psdev_open, +- libcfs_psdev_release, +- NULL, +- NULL, +- libcfs_ioctl ++ .p_open = libcfs_psdev_open, ++ .p_close = libcfs_psdev_release, ++ .p_read = NULL, ++ .p_write = NULL, ++ .p_ioctl = libcfs_ioctl + }; + + static int init_libcfs_module(void) +@@ -631,7 +631,7 @@ static int proc_console_max_delay_cs(struct ctl_table *table, int write, loff_t *ppos) { int rc, max_delay_cs; @@ -53698,7 +53803,7 @@ index c539e37..743b213 100644 long d; dummy.data = &max_delay_cs; -@@ -270,7 +270,7 @@ static int proc_console_min_delay_cs(struct ctl_table *table, int write, +@@ -664,7 +664,7 @@ static int proc_console_min_delay_cs(struct ctl_table *table, int write, loff_t *ppos) { int rc, min_delay_cs; @@ -53707,7 +53812,7 @@ index c539e37..743b213 100644 long d; dummy.data = &min_delay_cs; -@@ -302,7 +302,7 @@ static int proc_console_backoff(struct ctl_table *table, int write, +@@ -696,7 +696,7 @@ static int proc_console_backoff(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int rc, backoff; @@ -53716,27 +53821,6 @@ index c539e37..743b213 100644 dummy.data = &backoff; dummy.proc_handler = &proc_dointvec; -diff --git a/drivers/staging/lustre/lustre/libcfs/module.c b/drivers/staging/lustre/lustre/libcfs/module.c -index 7dc77dd..289d03e 100644 ---- a/drivers/staging/lustre/lustre/libcfs/module.c -+++ b/drivers/staging/lustre/lustre/libcfs/module.c -@@ -313,11 +313,11 @@ out: - - - struct cfs_psdev_ops libcfs_psdev_ops = { -- libcfs_psdev_open, -- libcfs_psdev_release, -- NULL, -- NULL, -- libcfs_ioctl -+ .p_open = libcfs_psdev_open, -+ .p_close = libcfs_psdev_release, -+ .p_read = NULL, -+ .p_write = NULL, -+ .p_ioctl = libcfs_ioctl - }; - - extern int insert_proc(void); diff --git a/drivers/staging/octeon/ethernet-rx.c b/drivers/staging/octeon/ethernet-rx.c index 22667db..8b703b6 100644 --- a/drivers/staging/octeon/ethernet-rx.c @@ -53774,10 +53858,10 @@ index 22667db..8b703b6 100644 #endif dev_kfree_skb_irq(skb); diff --git a/drivers/staging/octeon/ethernet.c b/drivers/staging/octeon/ethernet.c -index 460e854..f926452 100644 +index fbbe866..2943243 100644 --- a/drivers/staging/octeon/ethernet.c +++ b/drivers/staging/octeon/ethernet.c -@@ -241,11 +241,11 @@ static struct net_device_stats *cvm_oct_common_get_stats(struct net_device *dev) +@@ -251,11 +251,11 @@ static struct net_device_stats *cvm_oct_common_get_stats(struct net_device *dev) * since the RX tasklet also increments it. */ #ifdef CONFIG_64BIT @@ -53819,11 +53903,61 @@ index 070cc03..6806e37 100644 struct io_req { struct list_head list; +diff --git a/drivers/staging/sm750fb/sm750.c b/drivers/staging/sm750fb/sm750.c +index dbbb2f8..5232114 100644 +--- a/drivers/staging/sm750fb/sm750.c ++++ b/drivers/staging/sm750fb/sm750.c +@@ -780,6 +780,7 @@ static struct fb_ops lynxfb_ops = { + .fb_set_par = lynxfb_ops_set_par, + .fb_setcolreg = lynxfb_ops_setcolreg, + .fb_blank = lynxfb_ops_blank, ++ .fb_pan_display = lynxfb_ops_pan_display, + .fb_fillrect = cfb_fillrect, + .fb_imageblit = cfb_imageblit, + .fb_copyarea = cfb_copyarea, +@@ -827,8 +828,10 @@ static int lynxfb_set_fbinfo(struct fb_info *info, int index) + par->index = index; + output->channel = &crtc->channel; + sm750fb_set_drv(par); +- lynxfb_ops.fb_pan_display = lynxfb_ops_pan_display; + ++ pax_open_kernel(); ++ *(void **)&lynxfb_ops.fb_pan_display = lynxfb_ops_pan_display; ++ pax_close_kernel(); + + /* set current cursor variable and proc pointer, + * must be set after crtc member initialized */ +@@ -850,7 +853,9 @@ static int lynxfb_set_fbinfo(struct fb_info *info, int index) + crtc->cursor.share = share; + memset_io(crtc->cursor.vstart, 0, crtc->cursor.size); + if (!g_hwcursor) { +- lynxfb_ops.fb_cursor = NULL; ++ pax_open_kernel(); ++ *(void **)&lynxfb_ops.fb_cursor = NULL; ++ pax_close_kernel(); + crtc->cursor.disable(&crtc->cursor); + } + +@@ -858,9 +863,11 @@ static int lynxfb_set_fbinfo(struct fb_info *info, int index) + /* set info->fbops, must be set before fb_find_mode */ + if (!share->accel_off) { + /* use 2d acceleration */ +- lynxfb_ops.fb_fillrect = lynxfb_ops_fillrect; +- lynxfb_ops.fb_copyarea = lynxfb_ops_copyarea; +- lynxfb_ops.fb_imageblit = lynxfb_ops_imageblit; ++ pax_open_kernel(); ++ *(void **)&lynxfb_ops.fb_fillrect = lynxfb_ops_fillrect; ++ *(void **)&lynxfb_ops.fb_copyarea = lynxfb_ops_copyarea; ++ *(void **)&lynxfb_ops.fb_imageblit = lynxfb_ops_imageblit; ++ pax_close_kernel(); + } + info->fbops = &lynxfb_ops; + diff --git a/drivers/staging/unisys/visorchipset/visorchipset.h b/drivers/staging/unisys/visorchipset/visorchipset.h -index 98f3ba4..c6a7fce 100644 +index bd46df9..a0a5274 100644 --- a/drivers/staging/unisys/visorchipset/visorchipset.h +++ b/drivers/staging/unisys/visorchipset/visorchipset.h -@@ -171,7 +171,7 @@ struct visorchipset_busdev_notifiers { +@@ -170,7 +170,7 @@ struct visorchipset_busdev_notifiers { void (*device_resume)(ulong bus_no, ulong dev_no); int (*get_channel_info)(uuid_le type_uuid, ulong *min_size, ulong *max_size); @@ -53832,7 +53966,7 @@ index 98f3ba4..c6a7fce 100644 /* These functions live inside visorchipset, and will be called to indicate * responses to specific events (by code outside of visorchipset). -@@ -186,7 +186,7 @@ struct visorchipset_busdev_responders { +@@ -185,7 +185,7 @@ struct visorchipset_busdev_responders { void (*device_destroy)(ulong bus_no, ulong dev_no, int response); void (*device_pause)(ulong bus_no, ulong dev_no, int response); void (*device_resume)(ulong bus_no, ulong dev_no, int response); @@ -53842,10 +53976,10 @@ index 98f3ba4..c6a7fce 100644 /** Register functions (in the bus driver) to get called by visorchipset * whenever a bus or device appears for which this service partition is diff --git a/drivers/target/sbp/sbp_target.c b/drivers/target/sbp/sbp_target.c -index 9512af6..045bf5a 100644 +index 18b0f97..9c7716e 100644 --- a/drivers/target/sbp/sbp_target.c +++ b/drivers/target/sbp/sbp_target.c -@@ -62,7 +62,7 @@ static const u32 sbp_unit_directory_template[] = { +@@ -61,7 +61,7 @@ static const u32 sbp_unit_directory_template[] = { #define SESSION_MAINTENANCE_INTERVAL HZ @@ -53854,7 +53988,7 @@ index 9512af6..045bf5a 100644 static void session_maintenance_work(struct work_struct *); static int sbp_run_transaction(struct fw_card *, int, int, int, int, -@@ -444,7 +444,7 @@ static void sbp_management_request_login( +@@ -443,7 +443,7 @@ static void sbp_management_request_login( login->lun = se_lun; login->status_fifo_addr = sbp2_pointer_to_addr(&req->orb.status_fifo); login->exclusive = LOGIN_ORB_EXCLUSIVE(be32_to_cpu(req->orb.misc)); @@ -53864,10 +53998,10 @@ index 9512af6..045bf5a 100644 login->tgt_agt = sbp_target_agent_register(login); if (IS_ERR(login->tgt_agt)) { diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c -index 7faa6ae..ae6c410 100644 +index ce5f768..a4f884a 100644 --- a/drivers/target/target_core_device.c +++ b/drivers/target/target_core_device.c -@@ -1495,7 +1495,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) +@@ -1496,7 +1496,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) spin_lock_init(&dev->se_tmr_lock); spin_lock_init(&dev->qf_cmd_lock); sema_init(&dev->caw_sem, 1); @@ -53877,10 +54011,10 @@ index 7faa6ae..ae6c410 100644 spin_lock_init(&dev->t10_wwn.t10_vpd_lock); INIT_LIST_HEAD(&dev->t10_pr.registration_list); diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c -index f786de0..04b643e 100644 +index 675f2d9..1389429 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c -@@ -1168,7 +1168,7 @@ transport_check_alloc_task_attr(struct se_cmd *cmd) +@@ -1208,7 +1208,7 @@ transport_check_alloc_task_attr(struct se_cmd *cmd) * Used to determine when ORDERED commands should go from * Dormant to Active status. */ @@ -54392,7 +54526,7 @@ index 14c54e0..1efd4f2 100644 tty_port_tty_set(&ch->port, tty); mutex_lock(&ch->port.mutex); diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c -index bce16e4..1120a85 100644 +index 2c34c32..81d10e1 100644 --- a/drivers/tty/n_gsm.c +++ b/drivers/tty/n_gsm.c @@ -1644,7 +1644,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) @@ -54414,7 +54548,7 @@ index bce16e4..1120a85 100644 dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index eee40b5..796fb03 100644 +index 396344c..875c1d6 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -116,7 +116,7 @@ struct n_tty_data { @@ -54482,6 +54616,35 @@ index c8dd8dc..dca6cfd 100644 atomic_dec(&rp_num_ports_open); clear_bit((info->aiop * 8) + info->chan, (void *) &xmit_flags[info->board]); spin_unlock_irqrestore(&info->port.lock, flags); +diff --git a/drivers/tty/serial/8250/8250_core.c b/drivers/tty/serial/8250/8250_core.c +index 4506e40..ac0b470 100644 +--- a/drivers/tty/serial/8250/8250_core.c ++++ b/drivers/tty/serial/8250/8250_core.c +@@ -3241,9 +3241,9 @@ static void univ8250_release_port(struct uart_port *port) + + static void univ8250_rsa_support(struct uart_ops *ops) + { +- ops->config_port = univ8250_config_port; +- ops->request_port = univ8250_request_port; +- ops->release_port = univ8250_release_port; ++ *(void **)&ops->config_port = univ8250_config_port; ++ *(void **)&ops->request_port = univ8250_request_port; ++ *(void **)&ops->release_port = univ8250_release_port; + } + + #else +@@ -3286,8 +3286,10 @@ static void __init serial8250_isa_init_ports(void) + } + + /* chain base port ops to support Remote Supervisor Adapter */ +- univ8250_port_ops = *base_ops; ++ pax_open_kernel(); ++ memcpy((void *)&univ8250_port_ops, base_ops, sizeof univ8250_port_ops); + univ8250_rsa_support(&univ8250_port_ops); ++ pax_close_kernel(); + + if (share_irqs) + irqflag = IRQF_SHARED; diff --git a/drivers/tty/serial/ioc4_serial.c b/drivers/tty/serial/ioc4_serial.c index aa28209..e08fb85 100644 --- a/drivers/tty/serial/ioc4_serial.c @@ -54657,7 +54820,7 @@ index b73889c..9f74f0a 100644 if (unlikely(line < 0 || line >= UART_NR)) return -ENXIO; diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c -index cf08876..711e0bf 100644 +index a0ae942..befa48d 100644 --- a/drivers/tty/serial/samsung.c +++ b/drivers/tty/serial/samsung.c @@ -987,11 +987,16 @@ static void s3c24xx_serial_shutdown(struct uart_port *port) @@ -54677,7 +54840,7 @@ index cf08876..711e0bf 100644 dbg("s3c24xx_serial_startup: port=%p (%08llx,%p)\n", port, (unsigned long long)port->mapbase, port->membase); -@@ -1697,10 +1702,6 @@ static int s3c24xx_serial_init_port(struct s3c24xx_uart_port *ourport, +@@ -1698,10 +1703,6 @@ static int s3c24xx_serial_init_port(struct s3c24xx_uart_port *ourport, /* setup info for port */ port->dev = &platdev->dev; @@ -54689,10 +54852,10 @@ index cf08876..711e0bf 100644 if (cfg->uart_flags & UPF_CONS_FLOW) { diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c -index 6a1055a..5ca9ad9 100644 +index 0b7bb12..ebe191a 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c -@@ -1377,7 +1377,7 @@ static void uart_close(struct tty_struct *tty, struct file *filp) +@@ -1376,7 +1376,7 @@ static void uart_close(struct tty_struct *tty, struct file *filp) state = drv->state + tty->index; port = &state->port; spin_lock_irq(&port->lock); @@ -54701,7 +54864,7 @@ index 6a1055a..5ca9ad9 100644 spin_unlock_irq(&port->lock); return; } -@@ -1387,7 +1387,7 @@ static void uart_close(struct tty_struct *tty, struct file *filp) +@@ -1386,7 +1386,7 @@ static void uart_close(struct tty_struct *tty, struct file *filp) pr_debug("uart_close(%d) called\n", uport ? uport->line : -1); @@ -54710,7 +54873,7 @@ index 6a1055a..5ca9ad9 100644 return; /* -@@ -1511,7 +1511,7 @@ static void uart_hangup(struct tty_struct *tty) +@@ -1510,7 +1510,7 @@ static void uart_hangup(struct tty_struct *tty) uart_flush_buffer(tty); uart_shutdown(tty, state); spin_lock_irqsave(&port->lock, flags); @@ -54719,7 +54882,7 @@ index 6a1055a..5ca9ad9 100644 clear_bit(ASYNCB_NORMAL_ACTIVE, &port->flags); spin_unlock_irqrestore(&port->lock, flags); tty_port_tty_set(port, NULL); -@@ -1598,7 +1598,7 @@ static int uart_open(struct tty_struct *tty, struct file *filp) +@@ -1597,7 +1597,7 @@ static int uart_open(struct tty_struct *tty, struct file *filp) pr_debug("uart_open(%d) called\n", line); spin_lock_irq(&port->lock); @@ -54728,6 +54891,26 @@ index 6a1055a..5ca9ad9 100644 spin_unlock_irq(&port->lock); /* +diff --git a/drivers/tty/serial/uartlite.c b/drivers/tty/serial/uartlite.c +index b1c6bd3..5f038e2 100644 +--- a/drivers/tty/serial/uartlite.c ++++ b/drivers/tty/serial/uartlite.c +@@ -341,13 +341,13 @@ static int ulite_request_port(struct uart_port *port) + return -EBUSY; + } + +- port->private_data = &uartlite_be; ++ port->private_data = (void *)&uartlite_be; + ret = uart_in32(ULITE_CONTROL, port); + uart_out32(ULITE_CONTROL_RST_TX, ULITE_CONTROL, port); + ret = uart_in32(ULITE_STATUS, port); + /* Endianess detection */ + if ((ret & ULITE_STATUS_TXEMPTY) != ULITE_STATUS_TXEMPTY) +- port->private_data = &uartlite_le; ++ port->private_data = (void *)&uartlite_le; + + return 0; + } diff --git a/drivers/tty/synclink.c b/drivers/tty/synclink.c index b799170..87dafd5 100644 --- a/drivers/tty/synclink.c @@ -55114,10 +55297,10 @@ index c3f9091..abe4601 100644 if (!retval) port->flags |= ASYNC_NORMAL_ACTIVE; diff --git a/drivers/tty/sysrq.c b/drivers/tty/sysrq.c -index 259a4d5..9b0c9e7 100644 +index 843f2cd..7d530a6 100644 --- a/drivers/tty/sysrq.c +++ b/drivers/tty/sysrq.c -@@ -1085,7 +1085,7 @@ EXPORT_SYMBOL(unregister_sysrq_key); +@@ -1086,7 +1086,7 @@ EXPORT_SYMBOL(unregister_sysrq_key); static ssize_t write_sysrq_trigger(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { @@ -55127,10 +55310,10 @@ index 259a4d5..9b0c9e7 100644 if (get_user(c, buf)) diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c -index 2bb4dfc..a7f6e86 100644 +index e569546..fbce20c 100644 --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c -@@ -3503,7 +3503,7 @@ EXPORT_SYMBOL(tty_devnum); +@@ -3509,7 +3509,7 @@ EXPORT_SYMBOL(tty_devnum); void tty_default_fops(struct file_operations *fops) { @@ -55308,7 +55491,7 @@ index 8a89f6e..50b32af 100644 ret = -EPERM; goto reterr; diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c -index 6276f13..84f2449 100644 +index 65bf067..b3b2e13 100644 --- a/drivers/uio/uio.c +++ b/drivers/uio/uio.c @@ -25,6 +25,7 @@ @@ -55516,7 +55699,7 @@ index 2a3bbdf..91d72cf 100644 file->f_version = event_count; return POLLIN | POLLRDNORM; diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c -index 1163553..f292679 100644 +index 4b0448c..fc84bec 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -187,7 +187,7 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, @@ -55645,10 +55828,10 @@ index d269738..7340cd7 100644 static DEVICE_ATTR_RO(urbnum); diff --git a/drivers/usb/core/usb.c b/drivers/usb/core/usb.c -index b1fb9ae..4224885 100644 +index 8d5b2f4..3896940 100644 --- a/drivers/usb/core/usb.c +++ b/drivers/usb/core/usb.c -@@ -431,7 +431,7 @@ struct usb_device *usb_alloc_dev(struct usb_device *parent, +@@ -447,7 +447,7 @@ struct usb_device *usb_alloc_dev(struct usb_device *parent, set_dev_node(&dev->dev, dev_to_node(bus->controller)); dev->state = USB_STATE_ATTACHED; dev->lpm_disable_count = 1; @@ -55712,7 +55895,7 @@ index 0495c94..289e201 100644 usb_put_function_instance(fi); return ERR_PTR(ret); diff --git a/drivers/usb/gadget/function/f_uac1.c b/drivers/usb/gadget/function/f_uac1.c -index 9719abf..789d5d9 100644 +index 7856b33..8b7fe09 100644 --- a/drivers/usb/gadget/function/f_uac1.c +++ b/drivers/usb/gadget/function/f_uac1.c @@ -14,6 +14,7 @@ @@ -55724,10 +55907,10 @@ index 9719abf..789d5d9 100644 #include "u_uac1.h" diff --git a/drivers/usb/gadget/function/u_serial.c b/drivers/usb/gadget/function/u_serial.c -index 491082a..dfd7d17 100644 +index 7ee05793..2e31e99 100644 --- a/drivers/usb/gadget/function/u_serial.c +++ b/drivers/usb/gadget/function/u_serial.c -@@ -729,9 +729,9 @@ static int gs_open(struct tty_struct *tty, struct file *file) +@@ -732,9 +732,9 @@ static int gs_open(struct tty_struct *tty, struct file *file) spin_lock_irq(&port->port_lock); /* already open? Great. */ @@ -55739,7 +55922,7 @@ index 491082a..dfd7d17 100644 /* currently opening/closing? wait ... */ } else if (port->openclose) { -@@ -790,7 +790,7 @@ static int gs_open(struct tty_struct *tty, struct file *file) +@@ -793,7 +793,7 @@ static int gs_open(struct tty_struct *tty, struct file *file) tty->driver_data = port; port->port.tty = tty; @@ -55748,7 +55931,7 @@ index 491082a..dfd7d17 100644 port->openclose = false; /* if connected, start the I/O stream */ -@@ -832,11 +832,11 @@ static void gs_close(struct tty_struct *tty, struct file *file) +@@ -835,11 +835,11 @@ static void gs_close(struct tty_struct *tty, struct file *file) spin_lock_irq(&port->port_lock); @@ -55763,7 +55946,7 @@ index 491082a..dfd7d17 100644 goto exit; } -@@ -846,7 +846,7 @@ static void gs_close(struct tty_struct *tty, struct file *file) +@@ -849,7 +849,7 @@ static void gs_close(struct tty_struct *tty, struct file *file) * and sleep if necessary */ port->openclose = true; @@ -55772,7 +55955,7 @@ index 491082a..dfd7d17 100644 gser = port->port_usb; if (gser && gser->disconnect) -@@ -1062,7 +1062,7 @@ static int gs_closed(struct gs_port *port) +@@ -1065,7 +1065,7 @@ static int gs_closed(struct gs_port *port) int cond; spin_lock_irq(&port->port_lock); @@ -55781,7 +55964,7 @@ index 491082a..dfd7d17 100644 spin_unlock_irq(&port->port_lock); return cond; } -@@ -1205,7 +1205,7 @@ int gserial_connect(struct gserial *gser, u8 port_num) +@@ -1208,7 +1208,7 @@ int gserial_connect(struct gserial *gser, u8 port_num) /* if it's already open, start I/O ... and notify the serial * protocol about open/close status (connect/disconnect). */ @@ -55790,7 +55973,7 @@ index 491082a..dfd7d17 100644 pr_debug("gserial_connect: start ttyGS%d\n", port->port_num); gs_start_io(port); if (gser->connect) -@@ -1252,7 +1252,7 @@ void gserial_disconnect(struct gserial *gser) +@@ -1255,7 +1255,7 @@ void gserial_disconnect(struct gserial *gser) port->port_usb = NULL; gser->ioport = NULL; @@ -55799,7 +55982,7 @@ index 491082a..dfd7d17 100644 wake_up_interruptible(&port->drain_wait); if (port->port.tty) tty_hangup(port->port.tty); -@@ -1268,7 +1268,7 @@ void gserial_disconnect(struct gserial *gser) +@@ -1271,7 +1271,7 @@ void gserial_disconnect(struct gserial *gser) /* finally, free any unused/unusable I/O buffers */ spin_lock_irqsave(&port->port_lock, flags); @@ -55821,7 +56004,7 @@ index c78c841..48fd281 100644 #include "u_uac1.h" diff --git a/drivers/usb/host/ehci-hub.c b/drivers/usb/host/ehci-hub.c -index 7354d01..299478e 100644 +index 6920844..480bb7e 100644 --- a/drivers/usb/host/ehci-hub.c +++ b/drivers/usb/host/ehci-hub.c @@ -772,7 +772,7 @@ static struct urb *request_single_step_set_feature_urb( @@ -55873,7 +56056,7 @@ index 1db0626..4948782 100644 } diff --git a/drivers/usb/misc/appledisplay.c b/drivers/usb/misc/appledisplay.c -index b3d245e..99549ed 100644 +index a0a3827..d7ec10b 100644 --- a/drivers/usb/misc/appledisplay.c +++ b/drivers/usb/misc/appledisplay.c @@ -84,7 +84,7 @@ struct appledisplay { @@ -55961,7 +56144,7 @@ index a863a98..d272795 100644 /* * NOTE: diff --git a/drivers/usb/usbip/vhci_hcd.c b/drivers/usb/usbip/vhci_hcd.c -index 11f6f61..1087910 100644 +index e9ef1ec..c3a0b04 100644 --- a/drivers/usb/usbip/vhci_hcd.c +++ b/drivers/usb/usbip/vhci_hcd.c @@ -440,7 +440,7 @@ static void vhci_tx_urb(struct urb *urb) @@ -56040,10 +56223,10 @@ index 69af4fd..da390d7 100644 /* Return the xfer's ID. */ diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c -index 837d177..170724af 100644 +index e1278fe..7fdeac4 100644 --- a/drivers/vfio/vfio.c +++ b/drivers/vfio/vfio.c -@@ -518,7 +518,7 @@ static int vfio_group_nb_add_dev(struct vfio_group *group, struct device *dev) +@@ -517,7 +517,7 @@ static int vfio_group_nb_add_dev(struct vfio_group *group, struct device *dev) return 0; /* TODO Prevent device auto probing */ @@ -56152,7 +56335,7 @@ index 1b0b233..6f34c2c 100644 err = -ENOSPC; } diff --git a/drivers/video/fbdev/aty/aty128fb.c b/drivers/video/fbdev/aty/aty128fb.c -index aedf2fb..47c9aca 100644 +index 0156954..c07d4e0 100644 --- a/drivers/video/fbdev/aty/aty128fb.c +++ b/drivers/video/fbdev/aty/aty128fb.c @@ -149,7 +149,7 @@ enum { @@ -56246,7 +56429,7 @@ index 0705d88..d9429bf 100644 data = (__u32) (unsigned long) fix->smem_start; err |= put_user(data, &fix32->smem_start); diff --git a/drivers/video/fbdev/hyperv_fb.c b/drivers/video/fbdev/hyperv_fb.c -index 4254336..282567e 100644 +index 807ee22..7814cd6 100644 --- a/drivers/video/fbdev/hyperv_fb.c +++ b/drivers/video/fbdev/hyperv_fb.c @@ -240,7 +240,7 @@ static uint screen_fb_size; @@ -56352,10 +56535,10 @@ index fe92eed..106e085 100644 outreg(draw, GDC_REG_DRAW_BASE, 0); outreg(draw, GDC_REG_MODE_MISC, 0x8000); diff --git a/drivers/video/fbdev/nvidia/nvidia.c b/drivers/video/fbdev/nvidia/nvidia.c -index def0412..fed6529 100644 +index 4273c6e..b413013 100644 --- a/drivers/video/fbdev/nvidia/nvidia.c +++ b/drivers/video/fbdev/nvidia/nvidia.c -@@ -669,19 +669,23 @@ static int nvidiafb_set_par(struct fb_info *info) +@@ -665,19 +665,23 @@ static int nvidiafb_set_par(struct fb_info *info) info->fix.line_length = (info->var.xres_virtual * info->var.bits_per_pixel) >> 3; if (info->var.accel_flags) { @@ -56387,7 +56570,7 @@ index def0412..fed6529 100644 info->pixmap.scan_align = 1; info->flags |= FBINFO_HWACCEL_DISABLED; info->flags &= ~FBINFO_READS_FAST; -@@ -1173,8 +1177,11 @@ static int nvidia_set_fbinfo(struct fb_info *info) +@@ -1169,8 +1173,11 @@ static int nvidia_set_fbinfo(struct fb_info *info) info->pixmap.size = 8 * 1024; info->pixmap.flags = FB_PIXMAP_SYSTEM; @@ -56402,7 +56585,7 @@ index def0412..fed6529 100644 info->var.accel_flags = (!noaccel); diff --git a/drivers/video/fbdev/omap2/dss/display.c b/drivers/video/fbdev/omap2/dss/display.c -index 2412a0d..294215b 100644 +index ef5b902..47cf7f5 100644 --- a/drivers/video/fbdev/omap2/dss/display.c +++ b/drivers/video/fbdev/omap2/dss/display.c @@ -161,12 +161,14 @@ int omapdss_register_display(struct omap_dss_device *dssdev) @@ -56441,7 +56624,7 @@ index 83433cb..71e9b98 100644 FBINFO_HWACCEL_FILLRECT | FBINFO_HWACCEL_COPYAREA; break; diff --git a/drivers/video/fbdev/sh_mobile_lcdcfb.c b/drivers/video/fbdev/sh_mobile_lcdcfb.c -index d3013cd..95b8285 100644 +index 82c0a8c..42499a1 100644 --- a/drivers/video/fbdev/sh_mobile_lcdcfb.c +++ b/drivers/video/fbdev/sh_mobile_lcdcfb.c @@ -439,9 +439,9 @@ static unsigned long lcdc_sys_read_data(void *handle) @@ -59576,6 +59759,21 @@ index 3838795..0d48d61 100644 .name = "xen-percpu", .irq_disable = disable_dynirq, +diff --git a/drivers/xen/evtchn.c b/drivers/xen/evtchn.c +index 00f40f0..e3c0b15 100644 +--- a/drivers/xen/evtchn.c ++++ b/drivers/xen/evtchn.c +@@ -201,8 +201,8 @@ static ssize_t evtchn_read(struct file *file, char __user *buf, + + /* Byte lengths of two chunks. Chunk split (if any) is at ring wrap. */ + if (((c ^ p) & EVTCHN_RING_SIZE) != 0) { +- bytes1 = (EVTCHN_RING_SIZE - EVTCHN_RING_MASK(c)) * +- sizeof(evtchn_port_t); ++ bytes1 = EVTCHN_RING_SIZE - EVTCHN_RING_MASK(c); ++ bytes1 *= sizeof(evtchn_port_t); + bytes2 = EVTCHN_RING_MASK(p) * sizeof(evtchn_port_t); + } else { + bytes1 = (p - c) * sizeof(evtchn_port_t); diff --git a/drivers/xen/xenfs/xenstored.c b/drivers/xen/xenfs/xenstored.c index fef20db..d28b1ab 100644 --- a/drivers/xen/xenfs/xenstored.c @@ -66141,24 +66339,21 @@ index 0000000..43d7c4f +:1095C00080080000800E00008008008080080000F5 +:1095D00080000A8080000A00800009808000090065 +:00000001FF -diff --git a/fs/9p/vfs_addr.c b/fs/9p/vfs_addr.c -index eb14e05..5156de7 100644 ---- a/fs/9p/vfs_addr.c -+++ b/fs/9p/vfs_addr.c -@@ -187,7 +187,7 @@ static int v9fs_vfs_writepage_locked(struct page *page) - - retval = v9fs_file_write_internal(inode, - v9inode->writeback_fid, -- (__force const char __user *)buffer, -+ (const char __force_user *)buffer, - len, &offset, 0); - if (retval > 0) - retval = 0; diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c -index 3662f1d..90558b5 100644 +index 703342e..2b96b597 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c -@@ -1312,7 +1312,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -540,8 +540,7 @@ static struct inode *v9fs_qid_iget(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } +@@ -1312,7 +1311,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) void v9fs_vfs_put_link(struct dentry *dentry, struct nameidata *nd, void *p) { @@ -66167,11 +66362,25 @@ index 3662f1d..90558b5 100644 p9_debug(P9_DEBUG_VFS, " %pd %s\n", dentry, IS_ERR(s) ? "<error>" : s); +diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c +index 9861c7c..4d3ecfb 100644 +--- a/fs/9p/vfs_inode_dotl.c ++++ b/fs/9p/vfs_inode_dotl.c +@@ -149,8 +149,7 @@ static struct inode *v9fs_qid_iget_dotl(struct super_block *sb, + unlock_new_inode(inode); + return inode; + error: +- unlock_new_inode(inode); +- iput(inode); ++ iget_failed(inode); + return ERR_PTR(retval); + + } diff --git a/fs/Kconfig.binfmt b/fs/Kconfig.binfmt -index 270c481..0d8a962 100644 +index 2d0cbbd..a6d6149 100644 --- a/fs/Kconfig.binfmt +++ b/fs/Kconfig.binfmt -@@ -106,7 +106,7 @@ config HAVE_AOUT +@@ -103,7 +103,7 @@ config HAVE_AOUT config BINFMT_AOUT tristate "Kernel support for a.out and ECOFF binaries" @@ -66181,7 +66390,7 @@ index 270c481..0d8a962 100644 A.out (Assembler.OUTput) is a set of formats for libraries and executables used in the earliest versions of UNIX. Linux used diff --git a/fs/afs/inode.c b/fs/afs/inode.c -index 8a1d38e..300a14e 100644 +index e06f5a2..81d07ac 100644 --- a/fs/afs/inode.c +++ b/fs/afs/inode.c @@ -141,7 +141,7 @@ struct inode *afs_iget_autocell(struct inode *dir, const char *dev_name, @@ -66203,10 +66412,10 @@ index 8a1d38e..300a14e 100644 &data); if (!inode) { diff --git a/fs/aio.c b/fs/aio.c -index a1736e9..c80a8ac 100644 +index 480440f..623fd88 100644 --- a/fs/aio.c +++ b/fs/aio.c -@@ -409,7 +409,7 @@ static int aio_setup_ring(struct kioctx *ctx) +@@ -441,7 +441,7 @@ static int aio_setup_ring(struct kioctx *ctx) size += sizeof(struct io_event) * nr_events; nr_pages = PFN_UP(size); @@ -66228,7 +66437,7 @@ index 6530ced..4a827e2 100644 goto out_sig; if (offset > inode->i_sb->s_maxbytes) diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c -index 116fd38..c04182da 100644 +index 35b755e..f4b9e0a 100644 --- a/fs/autofs4/waitq.c +++ b/fs/autofs4/waitq.c @@ -59,7 +59,7 @@ static int autofs4_write(struct autofs_sb_info *sbi, @@ -66376,10 +66585,10 @@ index 4c55668..eeae150 100644 fd_offset + ex.a_text); if (error != N_DATADDR(ex)) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c -index 8081aba..90a7bdd 100644 +index cd46e41..244f778 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c -@@ -34,6 +34,7 @@ +@@ -35,6 +35,7 @@ #include <linux/utsname.h> #include <linux/coredump.h> #include <linux/sched.h> @@ -66387,7 +66596,7 @@ index 8081aba..90a7bdd 100644 #include <asm/uaccess.h> #include <asm/param.h> #include <asm/page.h> -@@ -47,7 +48,7 @@ +@@ -48,7 +49,7 @@ static int load_elf_binary(struct linux_binprm *bprm); static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *, @@ -66396,7 +66605,7 @@ index 8081aba..90a7bdd 100644 #ifdef CONFIG_USELIB static int load_elf_library(struct file *); -@@ -65,6 +66,14 @@ static int elf_core_dump(struct coredump_params *cprm); +@@ -66,6 +67,14 @@ static int elf_core_dump(struct coredump_params *cprm); #define elf_core_dump NULL #endif @@ -66411,7 +66620,7 @@ index 8081aba..90a7bdd 100644 #if ELF_EXEC_PAGESIZE > PAGE_SIZE #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE #else -@@ -84,6 +93,15 @@ static struct linux_binfmt elf_format = { +@@ -85,6 +94,15 @@ static struct linux_binfmt elf_format = { .load_binary = load_elf_binary, .load_shlib = load_elf_library, .core_dump = elf_core_dump, @@ -66427,7 +66636,7 @@ index 8081aba..90a7bdd 100644 .min_coredump = ELF_EXEC_PAGESIZE, }; -@@ -91,6 +109,8 @@ static struct linux_binfmt elf_format = { +@@ -92,6 +110,8 @@ static struct linux_binfmt elf_format = { static int set_brk(unsigned long start, unsigned long end) { @@ -66436,7 +66645,7 @@ index 8081aba..90a7bdd 100644 start = ELF_PAGEALIGN(start); end = ELF_PAGEALIGN(end); if (end > start) { -@@ -99,7 +119,7 @@ static int set_brk(unsigned long start, unsigned long end) +@@ -100,7 +120,7 @@ static int set_brk(unsigned long start, unsigned long end) if (BAD_ADDR(addr)) return addr; } @@ -66445,7 +66654,7 @@ index 8081aba..90a7bdd 100644 return 0; } -@@ -160,12 +180,13 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, +@@ -161,12 +181,13 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, elf_addr_t __user *u_rand_bytes; const char *k_platform = ELF_PLATFORM; const char *k_base_platform = ELF_BASE_PLATFORM; @@ -66460,7 +66669,7 @@ index 8081aba..90a7bdd 100644 /* * In some cases (e.g. Hyper-Threading), we want to avoid L1 -@@ -207,8 +228,12 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, +@@ -208,8 +229,12 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, * Generate 16 random bytes for userspace PRNG seeding. */ get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes)); @@ -66475,7 +66684,7 @@ index 8081aba..90a7bdd 100644 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes))) return -EFAULT; -@@ -323,9 +348,11 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, +@@ -324,9 +349,11 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, return -EFAULT; current->mm->env_end = p; @@ -66488,7 +66697,7 @@ index 8081aba..90a7bdd 100644 return -EFAULT; return 0; } -@@ -514,14 +541,14 @@ static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp, +@@ -515,14 +542,14 @@ static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp, an ELF header */ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, @@ -66506,7 +66715,7 @@ index 8081aba..90a7bdd 100644 unsigned long total_size; int i; -@@ -541,6 +568,11 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, +@@ -542,6 +569,11 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, goto out; } @@ -66518,7 +66727,7 @@ index 8081aba..90a7bdd 100644 eppnt = interp_elf_phdata; for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) { if (eppnt->p_type == PT_LOAD) { -@@ -564,8 +596,6 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, +@@ -565,8 +597,6 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, map_addr = elf_map(interpreter, load_addr + vaddr, eppnt, elf_prot, elf_type, total_size); total_size = 0; @@ -66527,7 +66736,7 @@ index 8081aba..90a7bdd 100644 error = map_addr; if (BAD_ADDR(map_addr)) goto out; -@@ -584,8 +614,8 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, +@@ -585,8 +615,8 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, k = load_addr + eppnt->p_vaddr; if (BAD_ADDR(k) || eppnt->p_filesz > eppnt->p_memsz || @@ -66538,7 +66747,7 @@ index 8081aba..90a7bdd 100644 error = -ENOMEM; goto out; } -@@ -624,9 +654,11 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, +@@ -625,9 +655,11 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex, elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1); /* Map the last of the bss segment */ @@ -66553,7 +66762,7 @@ index 8081aba..90a7bdd 100644 } error = load_addr; -@@ -634,6 +666,336 @@ out: +@@ -635,6 +667,336 @@ out: return error; } @@ -66890,7 +67099,7 @@ index 8081aba..90a7bdd 100644 /* * These are the functions used to load ELF style executables and shared * libraries. There is no binary dependent code anywhere else. -@@ -647,6 +1009,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) +@@ -648,6 +1010,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) { unsigned long random_variable = 0; @@ -66902,7 +67111,7 @@ index 8081aba..90a7bdd 100644 if ((current->flags & PF_RANDOMIZE) && !(current->personality & ADDR_NO_RANDOMIZE)) { random_variable = (unsigned long) get_random_int(); -@@ -666,7 +1033,7 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -667,7 +1034,7 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long load_addr = 0, load_bias = 0; int load_addr_set = 0; char * elf_interpreter = NULL; @@ -66911,7 +67120,7 @@ index 8081aba..90a7bdd 100644 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL; unsigned long elf_bss, elf_brk; int retval, i; -@@ -681,6 +1048,7 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -682,6 +1049,7 @@ static int load_elf_binary(struct linux_binprm *bprm) struct elfhdr interp_elf_ex; } *loc; struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE; @@ -66919,7 +67128,7 @@ index 8081aba..90a7bdd 100644 loc = kmalloc(sizeof(*loc), GFP_KERNEL); if (!loc) { -@@ -839,6 +1207,77 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -840,6 +1208,77 @@ static int load_elf_binary(struct linux_binprm *bprm) /* Do this immediately, since STACK_TOP as used in setup_arg_pages may depend on the personality. */ SET_PERSONALITY2(loc->elf_ex, &arch_state); @@ -66997,10 +67206,10 @@ index 8081aba..90a7bdd 100644 if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -925,8 +1364,21 @@ static int load_elf_binary(struct linux_binprm *bprm) - #else - load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); - #endif +@@ -915,8 +1354,21 @@ static int load_elf_binary(struct linux_binprm *bprm) + if (current->flags & PF_RANDOMIZE) + load_bias += arch_mmap_rnd(); + load_bias = ELF_PAGESTART(load_bias); - total_size = total_mapping_size(elf_phdata, - loc->elf_ex.e_phnum); + @@ -67021,7 +67230,7 @@ index 8081aba..90a7bdd 100644 if (!total_size) { retval = -EINVAL; goto out_free_dentry; -@@ -962,9 +1414,9 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -952,9 +1404,9 @@ static int load_elf_binary(struct linux_binprm *bprm) * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -67034,7 +67243,7 @@ index 8081aba..90a7bdd 100644 /* set_brk can never work. Avoid overflows. */ retval = -EINVAL; goto out_free_dentry; -@@ -1000,16 +1452,43 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -990,16 +1442,43 @@ static int load_elf_binary(struct linux_binprm *bprm) if (retval) goto out_free_dentry; if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -67083,7 +67292,23 @@ index 8081aba..90a7bdd 100644 load_bias, interp_elf_phdata); if (!IS_ERR((void *)elf_entry)) { /* -@@ -1237,7 +1716,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) +@@ -1050,6 +1529,7 @@ static int load_elf_binary(struct linux_binprm *bprm) + current->mm->end_data = end_data; + current->mm->start_stack = bprm->p; + ++#ifndef CONFIG_PAX_RANDMMAP + if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) { + current->mm->brk = current->mm->start_brk = + arch_randomize_brk(current->mm); +@@ -1057,6 +1537,7 @@ static int load_elf_binary(struct linux_binprm *bprm) + current->brk_randomized = 1; + #endif + } ++#endif + + if (current->personality & MMAP_PAGE_ZERO) { + /* Why this, you ask??? Well SVr4 maps page 0 as read-only, +@@ -1225,7 +1706,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -67092,7 +67317,7 @@ index 8081aba..90a7bdd 100644 { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1275,7 +1754,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, +@@ -1263,7 +1744,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, if (vma->vm_file == NULL) return 0; @@ -67101,7 +67326,7 @@ index 8081aba..90a7bdd 100644 goto whole; /* -@@ -1482,9 +1961,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) +@@ -1470,9 +1951,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -67113,7 +67338,7 @@ index 8081aba..90a7bdd 100644 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -1493,7 +1972,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, +@@ -1481,7 +1962,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, { mm_segment_t old_fs = get_fs(); set_fs(KERNEL_DS); @@ -67122,7 +67347,7 @@ index 8081aba..90a7bdd 100644 set_fs(old_fs); fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata); } -@@ -2213,7 +2692,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2201,7 +2682,7 @@ static int elf_core_dump(struct coredump_params *cprm) vma = next_vma(vma, gate_vma)) { unsigned long dump_size; @@ -67131,7 +67356,7 @@ index 8081aba..90a7bdd 100644 vma_filesz[i++] = dump_size; vma_data_size += dump_size; } -@@ -2321,6 +2800,167 @@ out: +@@ -2309,6 +2790,167 @@ out: #endif /* CONFIG_ELF_CORE */ @@ -67300,10 +67525,10 @@ index 8081aba..90a7bdd 100644 { register_binfmt(&elf_format); diff --git a/fs/block_dev.c b/fs/block_dev.c -index 975266b..c3d1856 100644 +index c7e4163..6939003 100644 --- a/fs/block_dev.c +++ b/fs/block_dev.c -@@ -734,7 +734,7 @@ static bool bd_may_claim(struct block_device *bdev, struct block_device *whole, +@@ -732,7 +732,7 @@ static bool bd_may_claim(struct block_device *bdev, struct block_device *whole, else if (bdev->bd_contains == bdev) return true; /* is a whole device which isn't held */ @@ -67313,10 +67538,10 @@ index 975266b..c3d1856 100644 else if (whole->bd_holder != NULL) return false; /* is a partition of a held device */ diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c -index 6d67f32..8f33187 100644 +index 0f11ebc..1bf3321 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c -@@ -1181,9 +1181,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, +@@ -1180,9 +1180,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, free_extent_buffer(buf); add_root_to_dirty_list(root); } else { @@ -67333,7 +67558,7 @@ index 6d67f32..8f33187 100644 WARN_ON(trans->transid != btrfs_header_generation(parent)); diff --git a/fs/btrfs/delayed-inode.c b/fs/btrfs/delayed-inode.c -index 82f0c7c..dff78a8 100644 +index a2ae427..53c2e98 100644 --- a/fs/btrfs/delayed-inode.c +++ b/fs/btrfs/delayed-inode.c @@ -462,7 +462,7 @@ static int __btrfs_add_delayed_deletion_item(struct btrfs_delayed_node *node, @@ -67354,14 +67579,14 @@ index 82f0c7c..dff78a8 100644 if (val < seq || val >= seq + BTRFS_DELAYED_BATCH) return 1; -@@ -1436,7 +1436,7 @@ void btrfs_balance_delayed_items(struct btrfs_root *root) +@@ -1437,7 +1437,7 @@ void btrfs_balance_delayed_items(struct btrfs_root *root) int seq; int ret; - seq = atomic_read(&delayed_root->items_seq); + seq = atomic_read_unchecked(&delayed_root->items_seq); - ret = btrfs_wq_run_delayed_node(delayed_root, root, 0); + ret = btrfs_wq_run_delayed_node(delayed_root, fs_info, 0); if (ret) diff --git a/fs/btrfs/delayed-inode.h b/fs/btrfs/delayed-inode.h index f70119f..ab5894d 100644 @@ -67386,7 +67611,7 @@ index f70119f..ab5894d 100644 spin_lock_init(&delayed_root->lock); init_waitqueue_head(&delayed_root->wait); diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c -index e477ed6..480c0db 100644 +index 9e66f5e..f7caaf0 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -271,7 +271,7 @@ void __btrfs_abort_transaction(struct btrfs_trans_handle *trans, @@ -67399,7 +67624,7 @@ index e477ed6..480c0db 100644 wake_up(&root->fs_info->transaction_wait); wake_up(&root->fs_info->transaction_blocked_wait); diff --git a/fs/btrfs/sysfs.c b/fs/btrfs/sysfs.c -index 94edb0a..e94dc93 100644 +index e8a4c86..f8c22ae 100644 --- a/fs/btrfs/sysfs.c +++ b/fs/btrfs/sysfs.c @@ -472,7 +472,7 @@ static int addrm_unknown_feature_attrs(struct btrfs_fs_info *fs_info, bool add) @@ -67438,10 +67663,10 @@ index 2299bfd..4098e72 100644 return 0; diff --git a/fs/btrfs/tree-log.h b/fs/btrfs/tree-log.h -index 154990c..d0cf699 100644 +index 6916a78..4598936 100644 --- a/fs/btrfs/tree-log.h +++ b/fs/btrfs/tree-log.h -@@ -43,7 +43,7 @@ static inline void btrfs_init_log_ctx(struct btrfs_log_ctx *ctx) +@@ -45,7 +45,7 @@ static inline void btrfs_init_log_ctx(struct btrfs_log_ctx *ctx) static inline void btrfs_set_log_full_commit(struct btrfs_fs_info *fs_info, struct btrfs_trans_handle *trans) { @@ -67451,7 +67676,7 @@ index 154990c..d0cf699 100644 static inline int btrfs_need_log_full_commit(struct btrfs_fs_info *fs_info, diff --git a/fs/buffer.c b/fs/buffer.c -index 20805db..2e8fc69 100644 +index c7a5602..18eabd1 100644 --- a/fs/buffer.c +++ b/fs/buffer.c @@ -3417,7 +3417,7 @@ void __init buffer_init(void) @@ -67464,7 +67689,7 @@ index 20805db..2e8fc69 100644 /* diff --git a/fs/cachefiles/bind.c b/fs/cachefiles/bind.c -index fbb08e9..0fda764 100644 +index 6af790f..ec4c1e6 100644 --- a/fs/cachefiles/bind.c +++ b/fs/cachefiles/bind.c @@ -39,13 +39,11 @@ int cachefiles_daemon_bind(struct cachefiles_cache *cache, char *args) @@ -67562,7 +67787,7 @@ index 8c52472..c4e3a69 100644 #else diff --git a/fs/cachefiles/namei.c b/fs/cachefiles/namei.c -index 1e51714e..411eded 100644 +index ab857ab..ff8d593 100644 --- a/fs/cachefiles/namei.c +++ b/fs/cachefiles/namei.c @@ -309,7 +309,7 @@ try_again: @@ -67605,7 +67830,7 @@ index eccd339..4c1d995 100644 return 0; diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c -index 83e9976..bfd1eee 100644 +index 4248307..f41e44e 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -127,6 +127,8 @@ static int __dcache_readdir(struct file *file, struct dir_context *ctx, @@ -67620,7 +67845,7 @@ index 83e9976..bfd1eee 100644 @@ -190,7 +192,12 @@ more: dout(" %llu (%llu) dentry %p %pd %p\n", di->offset, ctx->pos, - dentry, dentry, dentry->d_inode); + dentry, dentry, d_inode(dentry)); - if (!dir_emit(ctx, dentry->d_name.name, + name = dentry->d_name.name; + if (name == dentry->d_iname) { @@ -67629,8 +67854,8 @@ index 83e9976..bfd1eee 100644 + } + if (!dir_emit(ctx, name, dentry->d_name.len, - ceph_translate_ino(dentry->d_sb, dentry->d_inode->i_ino), - dentry->d_inode->i_mode >> 12)) { + ceph_translate_ino(dentry->d_sb, d_inode(dentry)->i_ino), + d_inode(dentry)->i_mode >> 12)) { @@ -248,7 +255,7 @@ static int ceph_readdir(struct file *file, struct dir_context *ctx) struct ceph_fs_client *fsc = ceph_inode_to_client(inode); struct ceph_mds_client *mdsc = fsc->mdsc; @@ -67641,10 +67866,10 @@ index 83e9976..bfd1eee 100644 u32 ftype; struct ceph_mds_reply_info_parsed *rinfo; diff --git a/fs/ceph/super.c b/fs/ceph/super.c -index a63997b..ddc0577 100644 +index 4e99053..a7e2a5f 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c -@@ -889,7 +889,7 @@ static int ceph_compare_super(struct super_block *sb, void *data) +@@ -885,7 +885,7 @@ static int ceph_compare_super(struct super_block *sb, void *data) /* * construct our own bdi so we can control readahead, etc. */ @@ -67653,7 +67878,7 @@ index a63997b..ddc0577 100644 static int ceph_register_bdi(struct super_block *sb, struct ceph_fs_client *fsc) -@@ -906,7 +906,7 @@ static int ceph_register_bdi(struct super_block *sb, +@@ -902,7 +902,7 @@ static int ceph_register_bdi(struct super_block *sb, VM_MAX_READAHEAD * 1024 / PAGE_CACHE_SIZE; err = bdi_register(&fsc->backing_dev_info, NULL, "ceph-%ld", @@ -67707,10 +67932,10 @@ index 7febcf2..62a5721 100644 server->ops->print_stats(m, tcon); } diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c -index d72fe37..ded5511 100644 +index 0a9fb6b..9def7fa 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c -@@ -1092,7 +1092,7 @@ cifs_init_request_bufs(void) +@@ -1082,7 +1082,7 @@ cifs_init_request_bufs(void) */ cifs_req_cachep = kmem_cache_create("cifs_request", CIFSMaxBufSize + max_hdr_size, 0, @@ -67719,7 +67944,7 @@ index d72fe37..ded5511 100644 if (cifs_req_cachep == NULL) return -ENOMEM; -@@ -1119,7 +1119,7 @@ cifs_init_request_bufs(void) +@@ -1109,7 +1109,7 @@ cifs_init_request_bufs(void) efficient to alloc 1 per page off the slab compared to 17K (5page) alloc of large cifs buffers even when page debugging is on */ cifs_sm_req_cachep = kmem_cache_create("cifs_small_rq", @@ -67728,7 +67953,7 @@ index d72fe37..ded5511 100644 NULL); if (cifs_sm_req_cachep == NULL) { mempool_destroy(cifs_req_poolp); -@@ -1204,8 +1204,8 @@ init_cifs(void) +@@ -1194,8 +1194,8 @@ init_cifs(void) atomic_set(&bufAllocCount, 0); atomic_set(&smBufAllocCount, 0); #ifdef CONFIG_CIFS_STATS2 @@ -67824,10 +68049,10 @@ index 22b289a..bbbba082 100644 GLOBAL_EXTERN atomic_t smBufAllocCount; GLOBAL_EXTERN atomic_t midCount; diff --git a/fs/cifs/file.c b/fs/cifs/file.c -index ca30c39..570fb94 100644 +index 3f50cee..7741620 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c -@@ -2055,10 +2055,14 @@ static int cifs_writepages(struct address_space *mapping, +@@ -2054,10 +2054,14 @@ static int cifs_writepages(struct address_space *mapping, index = mapping->writeback_index; /* Start from prev offset */ end = -1; } else { @@ -67846,7 +68071,7 @@ index ca30c39..570fb94 100644 } server = cifs_sb_master_tcon(cifs_sb)->ses->server; diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c -index 3379463..3af418a 100644 +index 8442b8b..ea6986f 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c @@ -170,7 +170,7 @@ cifs_buf_get(void) @@ -67868,7 +68093,7 @@ index 3379463..3af418a 100644 } diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c -index d297903..1cb7516 100644 +index fc537c2..47d654c 100644 --- a/fs/cifs/smb1ops.c +++ b/fs/cifs/smb1ops.c @@ -622,27 +622,27 @@ static void @@ -67977,7 +68202,7 @@ index d297903..1cb7516 100644 } diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c -index eab05e1..ffe5ea4 100644 +index 54daee5..2669fcb 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -418,8 +418,8 @@ smb2_clear_stats(struct cifs_tcon *tcon) @@ -68098,7 +68323,7 @@ index eab05e1..ffe5ea4 100644 } diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c -index 65cd7a8..3518676 100644 +index 54cbe19..fcd4a1b 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -2147,8 +2147,7 @@ SMB2_query_directory(const unsigned int xid, struct cifs_tcon *tcon, @@ -68112,7 +68337,7 @@ index 65cd7a8..3518676 100644 req->FileIndex = cpu_to_le32(index); diff --git a/fs/coda/cache.c b/fs/coda/cache.c -index 46ee6f2..89a9e7f 100644 +index 5bb630a..043dc70 100644 --- a/fs/coda/cache.c +++ b/fs/coda/cache.c @@ -24,7 +24,7 @@ @@ -68290,10 +68515,10 @@ index 4d24d17..4f8c09e 100644 /* diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c -index afec645..9c65620 100644 +index 6b8e2f0..9b13a5e 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c -@@ -621,7 +621,7 @@ static int serial_struct_ioctl(unsigned fd, unsigned cmd, +@@ -622,7 +622,7 @@ static int serial_struct_ioctl(unsigned fd, unsigned cmd, return -EFAULT; if (__get_user(udata, &ss32->iomem_base)) return -EFAULT; @@ -68302,7 +68527,7 @@ index afec645..9c65620 100644 if (__get_user(ss.iomem_reg_shift, &ss32->iomem_reg_shift) || __get_user(ss.port_high, &ss32->port_high)) return -EFAULT; -@@ -703,8 +703,8 @@ static int do_i2c_rdwr_ioctl(unsigned int fd, unsigned int cmd, +@@ -704,8 +704,8 @@ static int do_i2c_rdwr_ioctl(unsigned int fd, unsigned int cmd, for (i = 0; i < nmsgs; i++) { if (copy_in_user(&tmsgs[i].addr, &umsgs[i].addr, 3*sizeof(u16))) return -EFAULT; @@ -68313,7 +68538,7 @@ index afec645..9c65620 100644 return -EFAULT; } return sys_ioctl(fd, cmd, (unsigned long)tdata); -@@ -797,7 +797,7 @@ static int compat_ioctl_preallocate(struct file *file, +@@ -798,7 +798,7 @@ static int compat_ioctl_preallocate(struct file *file, copy_in_user(&p->l_len, &p32->l_len, sizeof(s64)) || copy_in_user(&p->l_sysid, &p32->l_sysid, sizeof(s32)) || copy_in_user(&p->l_pid, &p32->l_pid, sizeof(u32)) || @@ -68322,7 +68547,7 @@ index afec645..9c65620 100644 return -EFAULT; return ioctl_preallocate(file, p); -@@ -1618,8 +1618,8 @@ COMPAT_SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd, +@@ -1620,8 +1620,8 @@ COMPAT_SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd, static int __init init_sys32_ioctl_cmp(const void *p, const void *q) { unsigned int a, b; @@ -68334,7 +68559,7 @@ index afec645..9c65620 100644 return 1; if (a < b) diff --git a/fs/configfs/dir.c b/fs/configfs/dir.c -index cf0db00..c7f70e8 100644 +index c81ce7f..f3de5fd 100644 --- a/fs/configfs/dir.c +++ b/fs/configfs/dir.c @@ -1540,7 +1540,8 @@ static int configfs_readdir(struct file *file, struct dir_context *ctx) @@ -68490,10 +68715,10 @@ index bbbe139..b76fae5 100644 return 0; while (nr) { diff --git a/fs/dcache.c b/fs/dcache.c -index b05c557..4bcc589 100644 +index 50bb3c2..d874b57 100644 --- a/fs/dcache.c +++ b/fs/dcache.c -@@ -511,7 +511,7 @@ static void __dentry_kill(struct dentry *dentry) +@@ -545,7 +545,7 @@ static void __dentry_kill(struct dentry *dentry) * dentry_iput drops the locks, at which point nobody (except * transient RCU lookups) can reach this dentry. */ @@ -68502,7 +68727,7 @@ index b05c557..4bcc589 100644 this_cpu_dec(nr_dentry); if (dentry->d_op && dentry->d_op->d_release) dentry->d_op->d_release(dentry); -@@ -564,7 +564,7 @@ static inline struct dentry *lock_parent(struct dentry *dentry) +@@ -598,7 +598,7 @@ static inline struct dentry *lock_parent(struct dentry *dentry) struct dentry *parent = dentry->d_parent; if (IS_ROOT(dentry)) return NULL; @@ -68511,7 +68736,16 @@ index b05c557..4bcc589 100644 return NULL; if (likely(spin_trylock(&parent->d_lock))) return parent; -@@ -626,8 +626,8 @@ static inline bool fast_dput(struct dentry *dentry) +@@ -642,7 +642,7 @@ static inline bool fast_dput(struct dentry *dentry) + + /* + * If we have a d_op->d_delete() operation, we sould not +- * let the dentry count go to zero, so use "put__or_lock". ++ * let the dentry count go to zero, so use "put_or_lock". + */ + if (unlikely(dentry->d_flags & DCACHE_OP_DELETE)) + return lockref_put_or_lock(&dentry->d_lockref); +@@ -660,8 +660,8 @@ static inline bool fast_dput(struct dentry *dentry) */ if (unlikely(ret < 0)) { spin_lock(&dentry->d_lock); @@ -68522,7 +68756,16 @@ index b05c557..4bcc589 100644 spin_unlock(&dentry->d_lock); return 1; } -@@ -682,7 +682,7 @@ static inline bool fast_dput(struct dentry *dentry) +@@ -697,7 +697,7 @@ static inline bool fast_dput(struct dentry *dentry) + */ + smp_rmb(); + d_flags = ACCESS_ONCE(dentry->d_flags); +- d_flags &= DCACHE_REFERENCED | DCACHE_LRU_LIST; ++ d_flags &= DCACHE_REFERENCED | DCACHE_LRU_LIST | DCACHE_DISCONNECTED; + + /* Nothing to do? Dropping the reference was all we needed? */ + if (d_flags == (DCACHE_REFERENCED | DCACHE_LRU_LIST) && !d_unhashed(dentry)) +@@ -716,7 +716,7 @@ static inline bool fast_dput(struct dentry *dentry) * else could have killed it and marked it dead. Either way, we * don't need to do anything else. */ @@ -68531,7 +68774,7 @@ index b05c557..4bcc589 100644 spin_unlock(&dentry->d_lock); return 1; } -@@ -692,7 +692,7 @@ static inline bool fast_dput(struct dentry *dentry) +@@ -726,7 +726,7 @@ static inline bool fast_dput(struct dentry *dentry) * lock, and we just tested that it was zero, so we can just * set it to 1. */ @@ -68540,7 +68783,17 @@ index b05c557..4bcc589 100644 return 0; } -@@ -751,7 +751,7 @@ repeat: +@@ -776,6 +776,9 @@ repeat: + if (unlikely(d_unhashed(dentry))) + goto kill_it; + ++ if (unlikely(dentry->d_flags & DCACHE_DISCONNECTED)) ++ goto kill_it; ++ + if (unlikely(dentry->d_flags & DCACHE_OP_DELETE)) { + if (dentry->d_op->d_delete(dentry)) + goto kill_it; +@@ -785,7 +788,7 @@ repeat: dentry->d_flags |= DCACHE_REFERENCED; dentry_lru_add(dentry); @@ -68549,7 +68802,7 @@ index b05c557..4bcc589 100644 spin_unlock(&dentry->d_lock); return; -@@ -766,7 +766,7 @@ EXPORT_SYMBOL(dput); +@@ -800,7 +803,7 @@ EXPORT_SYMBOL(dput); /* This must be called with d_lock held */ static inline void __dget_dlock(struct dentry *dentry) { @@ -68558,7 +68811,7 @@ index b05c557..4bcc589 100644 } static inline void __dget(struct dentry *dentry) -@@ -807,8 +807,8 @@ repeat: +@@ -841,8 +844,8 @@ repeat: goto repeat; } rcu_read_unlock(); @@ -68569,7 +68822,7 @@ index b05c557..4bcc589 100644 spin_unlock(&ret->d_lock); return ret; } -@@ -886,9 +886,9 @@ restart: +@@ -920,9 +923,9 @@ restart: spin_lock(&inode->i_lock); hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { spin_lock(&dentry->d_lock); @@ -68581,7 +68834,7 @@ index b05c557..4bcc589 100644 __dentry_kill(dentry); dput(parent); goto restart; -@@ -923,7 +923,7 @@ static void shrink_dentry_list(struct list_head *list) +@@ -957,7 +960,7 @@ static void shrink_dentry_list(struct list_head *list) * We found an inuse dentry which was not removed from * the LRU because of laziness during lookup. Do not free it. */ @@ -68590,7 +68843,7 @@ index b05c557..4bcc589 100644 spin_unlock(&dentry->d_lock); if (parent) spin_unlock(&parent->d_lock); -@@ -961,8 +961,8 @@ static void shrink_dentry_list(struct list_head *list) +@@ -995,8 +998,8 @@ static void shrink_dentry_list(struct list_head *list) dentry = parent; while (dentry && !lockref_put_or_lock(&dentry->d_lockref)) { parent = lock_parent(dentry); @@ -68601,7 +68854,7 @@ index b05c557..4bcc589 100644 spin_unlock(&dentry->d_lock); if (parent) spin_unlock(&parent->d_lock); -@@ -1002,7 +1002,7 @@ static enum lru_status dentry_lru_isolate(struct list_head *item, +@@ -1036,7 +1039,7 @@ static enum lru_status dentry_lru_isolate(struct list_head *item, * counts, just remove them from the LRU. Otherwise give them * another pass through the LRU. */ @@ -68610,7 +68863,7 @@ index b05c557..4bcc589 100644 d_lru_isolate(lru, dentry); spin_unlock(&dentry->d_lock); return LRU_REMOVED; -@@ -1336,7 +1336,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry) +@@ -1370,7 +1373,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry) } else { if (dentry->d_flags & DCACHE_LRU_LIST) d_lru_del(dentry); @@ -68619,7 +68872,7 @@ index b05c557..4bcc589 100644 d_shrink_add(dentry, &data->dispose); data->found++; } -@@ -1384,7 +1384,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry) +@@ -1418,7 +1421,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry) return D_WALK_CONTINUE; /* root with refcount 1 is fine */ @@ -68628,7 +68881,7 @@ index b05c557..4bcc589 100644 return D_WALK_CONTINUE; printk(KERN_ERR "BUG: Dentry %p{i=%lx,n=%pd} " -@@ -1393,7 +1393,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry) +@@ -1427,7 +1430,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry) dentry->d_inode ? dentry->d_inode->i_ino : 0UL, dentry, @@ -68637,7 +68890,7 @@ index b05c557..4bcc589 100644 dentry->d_sb->s_type->name, dentry->d_sb->s_id); WARN_ON(1); -@@ -1534,7 +1534,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1568,7 +1571,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) dentry->d_iname[DNAME_INLINE_LEN-1] = 0; if (name->len > DNAME_INLINE_LEN-1) { size_t size = offsetof(struct external_name, name[1]); @@ -68646,7 +68899,7 @@ index b05c557..4bcc589 100644 if (!p) { kmem_cache_free(dentry_cache, dentry); return NULL; -@@ -1557,7 +1557,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1591,7 +1594,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) smp_wmb(); dentry->d_name.name = dname; @@ -68655,7 +68908,7 @@ index b05c557..4bcc589 100644 dentry->d_flags = 0; spin_lock_init(&dentry->d_lock); seqcount_init(&dentry->d_seq); -@@ -1566,6 +1566,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) +@@ -1600,6 +1603,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) dentry->d_sb = sb; dentry->d_op = NULL; dentry->d_fsdata = NULL; @@ -68665,7 +68918,7 @@ index b05c557..4bcc589 100644 INIT_HLIST_BL_NODE(&dentry->d_hash); INIT_LIST_HEAD(&dentry->d_lru); INIT_LIST_HEAD(&dentry->d_subdirs); -@@ -2290,7 +2293,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name) +@@ -2321,7 +2327,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name) goto next; } @@ -68674,7 +68927,7 @@ index b05c557..4bcc589 100644 found = dentry; spin_unlock(&dentry->d_lock); break; -@@ -2358,7 +2361,7 @@ again: +@@ -2389,7 +2395,7 @@ again: spin_lock(&dentry->d_lock); inode = dentry->d_inode; isdir = S_ISDIR(inode->i_mode); @@ -68683,7 +68936,7 @@ index b05c557..4bcc589 100644 if (!spin_trylock(&inode->i_lock)) { spin_unlock(&dentry->d_lock); cpu_relax(); -@@ -3300,7 +3303,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry) +@@ -3331,7 +3337,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry) if (!(dentry->d_flags & DCACHE_GENOCIDE)) { dentry->d_flags |= DCACHE_GENOCIDE; @@ -68692,7 +68945,7 @@ index b05c557..4bcc589 100644 } } return D_WALK_CONTINUE; -@@ -3416,7 +3419,8 @@ void __init vfs_caches_init(unsigned long mempages) +@@ -3447,7 +3453,8 @@ void __init vfs_caches_init(unsigned long mempages) mempages -= reserve; names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0, @@ -68703,21 +68956,10 @@ index b05c557..4bcc589 100644 dcache_init(); inode_init(); diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c -index 96400ab..906103d 100644 +index 1275604..d2ca85b 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c -@@ -386,6 +386,10 @@ struct dentry *debugfs_create_file_size(const char *name, umode_t mode, - } - EXPORT_SYMBOL_GPL(debugfs_create_file_size); - -+#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT -+extern int grsec_enable_sysfs_restrict; -+#endif -+ - /** - * debugfs_create_dir - create a directory in the debugfs filesystem - * @name: a pointer to a string containing the name of the directory to -@@ -404,6 +408,10 @@ EXPORT_SYMBOL_GPL(debugfs_create_file_size); +@@ -407,6 +407,10 @@ EXPORT_SYMBOL_GPL(debugfs_create_file_size); * If debugfs is not enabled in the kernel, the value -%ENODEV will be * returned. */ @@ -68728,7 +68970,7 @@ index 96400ab..906103d 100644 struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) { struct dentry *dentry = start_creating(name, parent); -@@ -416,7 +424,12 @@ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) +@@ -419,7 +423,12 @@ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) if (unlikely(!inode)) return failed_creating(dentry); @@ -68743,13 +68985,13 @@ index 96400ab..906103d 100644 inode->i_fop = &simple_dir_operations; diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c -index b08b518..d6acffa 100644 +index fc850b5..1677a2a 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -663,7 +663,7 @@ static char *ecryptfs_readlink_lower(struct dentry *dentry, size_t *bufsiz) old_fs = get_fs(); set_fs(get_ds()); - rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, + rc = d_inode(lower_dentry)->i_op->readlink(lower_dentry, - (char __user *)lower_buf, + (char __force_user *)lower_buf, PATH_MAX); @@ -68769,7 +69011,7 @@ index e4141f2..d8263e8 100644 i += packet_length_size; if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) diff --git a/fs/exec.c b/fs/exec.c -index 1202445..620c98e 100644 +index 1977c2a..40e7f8f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -56,8 +56,20 @@ @@ -69089,23 +69331,7 @@ index 1202445..620c98e 100644 tsk->mm->vmacache_seqnum = 0; vmacache_flush(tsk); task_unlock(tsk); -@@ -929,10 +1008,14 @@ static int de_thread(struct task_struct *tsk) - if (!thread_group_leader(tsk)) { - struct task_struct *leader = tsk->group_leader; - -- sig->notify_count = -1; /* for exit_notify() */ - for (;;) { - threadgroup_change_begin(tsk); - write_lock_irq(&tasklist_lock); -+ /* -+ * Do this under tasklist_lock to ensure that -+ * exit_notify() can't miss ->group_exit_task -+ */ -+ sig->notify_count = -1; - if (likely(leader->exit_state)) - break; - __set_current_state(TASK_KILLABLE); -@@ -1261,7 +1344,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) +@@ -1271,7 +1350,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) } rcu_read_unlock(); @@ -69114,7 +69340,7 @@ index 1202445..620c98e 100644 bprm->unsafe |= LSM_UNSAFE_SHARE; else p->fs->in_exec = 1; -@@ -1462,6 +1545,31 @@ static int exec_binprm(struct linux_binprm *bprm) +@@ -1472,6 +1551,31 @@ static int exec_binprm(struct linux_binprm *bprm) return ret; } @@ -69146,7 +69372,7 @@ index 1202445..620c98e 100644 /* * sys_execve() executes a new program. */ -@@ -1470,6 +1578,11 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1480,6 +1584,11 @@ static int do_execveat_common(int fd, struct filename *filename, struct user_arg_ptr envp, int flags) { @@ -69158,7 +69384,7 @@ index 1202445..620c98e 100644 char *pathbuf = NULL; struct linux_binprm *bprm; struct file *file; -@@ -1479,6 +1592,8 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1489,6 +1598,8 @@ static int do_execveat_common(int fd, struct filename *filename, if (IS_ERR(filename)) return PTR_ERR(filename); @@ -69167,7 +69393,7 @@ index 1202445..620c98e 100644 /* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs -@@ -1516,6 +1631,11 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1526,6 +1637,11 @@ static int do_execveat_common(int fd, struct filename *filename, if (IS_ERR(file)) goto out_unmark; @@ -69179,7 +69405,7 @@ index 1202445..620c98e 100644 sched_exec(); bprm->file = file; -@@ -1542,6 +1662,11 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1552,6 +1668,11 @@ static int do_execveat_common(int fd, struct filename *filename, } bprm->interp = bprm->filename; @@ -69191,7 +69417,7 @@ index 1202445..620c98e 100644 retval = bprm_mm_init(bprm); if (retval) goto out_unmark; -@@ -1558,24 +1683,70 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1568,24 +1689,70 @@ static int do_execveat_common(int fd, struct filename *filename, if (retval < 0) goto out; @@ -69266,7 +69492,7 @@ index 1202445..620c98e 100644 current->fs->in_exec = 0; current->in_execve = 0; acct_update_integrals(current); -@@ -1587,6 +1758,14 @@ static int do_execveat_common(int fd, struct filename *filename, +@@ -1597,6 +1764,14 @@ static int do_execveat_common(int fd, struct filename *filename, put_files_struct(displaced); return retval; @@ -69281,7 +69507,7 @@ index 1202445..620c98e 100644 out: if (bprm->mm) { acct_arg_size(bprm, 0); -@@ -1733,3 +1912,312 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, +@@ -1743,3 +1918,312 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, argv, envp, flags); } #endif @@ -69639,7 +69865,7 @@ index d0e746e..82e06f0 100644 #ifdef CONFIG_EXT2_FS_POSIX_ACL if (def_mount_opts & EXT2_DEFM_ACL) diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c -index 9142614..97484fa 100644 +index 0b6bfd3..93a2964 100644 --- a/fs/ext2/xattr.c +++ b/fs/ext2/xattr.c @@ -247,7 +247,7 @@ ext2_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size) @@ -69681,7 +69907,7 @@ index 158b5d4..2432610 100644 } return 1; diff --git a/fs/ext3/super.c b/fs/ext3/super.c -index d4dbf3c..906a6fb 100644 +index a9312f0..e3a11ec 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -655,10 +655,8 @@ static int ext3_show_options(struct seq_file *seq, struct dentry *root) @@ -69708,7 +69934,7 @@ index d4dbf3c..906a6fb 100644 #ifdef CONFIG_EXT3_FS_POSIX_ACL if (def_mount_opts & EXT3_DEFM_ACL) diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c -index c6874be..f8a6ae8 100644 +index 7cf3650..e3f4a51 100644 --- a/fs/ext3/xattr.c +++ b/fs/ext3/xattr.c @@ -330,7 +330,7 @@ static int @@ -69733,10 +69959,10 @@ index c6874be..f8a6ae8 100644 static int diff --git a/fs/ext4/balloc.c b/fs/ext4/balloc.c -index 83a6f49..d4e4d03 100644 +index 955bf49a..44ee359 100644 --- a/fs/ext4/balloc.c +++ b/fs/ext4/balloc.c -@@ -557,8 +557,8 @@ static int ext4_has_free_clusters(struct ext4_sb_info *sbi, +@@ -556,8 +556,8 @@ static int ext4_has_free_clusters(struct ext4_sb_info *sbi, /* Hm, nope. Are (enough) root reserved clusters available? */ if (uid_eq(sbi->s_resuid, current_fsuid()) || (!gid_eq(sbi->s_resgid, GLOBAL_ROOT_GID) && in_group_p(sbi->s_resgid)) || @@ -69748,10 +69974,10 @@ index 83a6f49..d4e4d03 100644 if (free_clusters >= (nclusters + dirty_clusters + resv_clusters)) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h -index f63c3d5..3c1a033 100644 +index 9a83f14..1dd1b38 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h -@@ -1287,19 +1287,19 @@ struct ext4_sb_info { +@@ -1310,19 +1310,19 @@ struct ext4_sb_info { unsigned long s_mb_last_start; /* stats for buddy allocator */ @@ -69912,7 +70138,7 @@ index 8313ca3..8a37d08 100644 "MMP failure info: last update time: %llu, last update " "node: %s, last update device: %s\n", diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c -index 8a8ec62..1b02de5 100644 +index cf0c472..ddf284d 100644 --- a/fs/ext4/resize.c +++ b/fs/ext4/resize.c @@ -413,7 +413,7 @@ static int set_flexbg_block_bitmap(struct super_block *sb, handle_t *handle, @@ -69954,10 +70180,10 @@ index 8a8ec62..1b02de5 100644 err = ext4_handle_dirty_metadata(handle, NULL, bh); if (unlikely(err)) diff --git a/fs/ext4/super.c b/fs/ext4/super.c -index e061e66..87bc092 100644 +index ca9d4a2..4c52f42 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c -@@ -1243,7 +1243,7 @@ static ext4_fsblk_t get_sb_block(void **data) +@@ -1232,7 +1232,7 @@ static ext4_fsblk_t get_sb_block(void **data) } #define DEFAULT_JOURNAL_IOPRIO (IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 3)) @@ -69966,7 +70192,7 @@ index e061e66..87bc092 100644 "Contact linux-ext4@vger.kernel.org if you think we should keep it.\n"; #ifdef CONFIG_QUOTA -@@ -2443,7 +2443,7 @@ struct ext4_attr { +@@ -2442,7 +2442,7 @@ struct ext4_attr { int offset; int deprecated_val; } u; @@ -69976,10 +70202,10 @@ index e061e66..87bc092 100644 static int parse_strtoull(const char *buf, unsigned long long max, unsigned long long *value) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c -index 1e09fc7..0400dd4 100644 +index 16e28c0..728c282 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c -@@ -399,7 +399,7 @@ static int +@@ -398,7 +398,7 @@ static int ext4_xattr_list_entries(struct dentry *dentry, struct ext4_xattr_entry *entry, char *buffer, size_t buffer_size) { @@ -69988,7 +70214,7 @@ index 1e09fc7..0400dd4 100644 for (; !IS_LAST_ENTRY(entry); entry = EXT4_XATTR_NEXT(entry)) { const struct xattr_handler *handler = -@@ -416,9 +416,10 @@ ext4_xattr_list_entries(struct dentry *dentry, struct ext4_xattr_entry *entry, +@@ -415,9 +415,10 @@ ext4_xattr_list_entries(struct dentry *dentry, struct ext4_xattr_entry *entry, buffer += size; } rest -= size; @@ -70047,7 +70273,7 @@ index d59712d..2281df9 100644 goto out_err; } diff --git a/fs/file.c b/fs/file.c -index ee738ea..f6c15629 100644 +index 93c5f89..ed75817 100644 --- a/fs/file.c +++ b/fs/file.c @@ -16,6 +16,7 @@ @@ -70076,7 +70302,7 @@ index ee738ea..f6c15629 100644 { struct fdtable *fdt; -@@ -800,6 +801,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) +@@ -799,6 +800,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) if (!file) return __close_fd(files, fd); @@ -70084,7 +70310,7 @@ index ee738ea..f6c15629 100644 if (fd >= rlimit(RLIMIT_NOFILE)) return -EBADF; -@@ -826,6 +828,7 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags) +@@ -825,6 +827,7 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags) if (unlikely(oldfd == newfd)) return -EINVAL; @@ -70092,7 +70318,7 @@ index ee738ea..f6c15629 100644 if (newfd >= rlimit(RLIMIT_NOFILE)) return -EBADF; -@@ -881,6 +884,7 @@ SYSCALL_DEFINE1(dup, unsigned int, fildes) +@@ -880,6 +883,7 @@ SYSCALL_DEFINE1(dup, unsigned int, fildes) int f_dupfd(unsigned int from, struct file *file, unsigned flags) { int err; @@ -71614,10 +71840,10 @@ index 40d13c7..ddf52b9 100644 seq_printf(m, "CacheOp: alo=%d luo=%d luc=%d gro=%d\n", atomic_read(&fscache_n_cop_alloc_object), diff --git a/fs/fuse/cuse.c b/fs/fuse/cuse.c -index 28d0c7a..04816b7 100644 +index e5bbf74..9bfdaf3 100644 --- a/fs/fuse/cuse.c +++ b/fs/fuse/cuse.c -@@ -611,10 +611,12 @@ static int __init cuse_init(void) +@@ -602,10 +602,12 @@ static int __init cuse_init(void) INIT_LIST_HEAD(&cuse_conntbl[i]); /* inherit and extend fuse_dev_operations */ @@ -71635,10 +71861,10 @@ index 28d0c7a..04816b7 100644 cuse_class = class_create(THIS_MODULE, "cuse"); if (IS_ERR(cuse_class)) diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c -index 39706c5..a803c71 100644 +index c8b68ab..97190db 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c -@@ -1405,7 +1405,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, +@@ -1398,7 +1398,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, ret = 0; pipe_lock(pipe); @@ -71647,7 +71873,7 @@ index 39706c5..a803c71 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -1434,7 +1434,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, +@@ -1427,7 +1427,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, page_nr++; ret += buf->len; @@ -71657,7 +71883,7 @@ index 39706c5..a803c71 100644 } diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c -index 1545b71..7fabe47 100644 +index 0572bca..cb9c3fa 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1394,7 +1394,7 @@ static char *read_link(struct dentry *dentry) @@ -71670,7 +71896,7 @@ index 1545b71..7fabe47 100644 if (!IS_ERR(link)) free_page((unsigned long) link); diff --git a/fs/gfs2/glock.c b/fs/gfs2/glock.c -index f42dffb..4a4c435 100644 +index 0fa8062..755b198 100644 --- a/fs/gfs2/glock.c +++ b/fs/gfs2/glock.c @@ -385,9 +385,9 @@ static void state_change(struct gfs2_glock *gl, unsigned int new_state) @@ -71768,7 +71994,7 @@ index fe91951..ce38a6e 100644 } diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c -index 3aa17d4..b338075 100644 +index e3065cb..45e7117 100644 --- a/fs/gfs2/quota.c +++ b/fs/gfs2/quota.c @@ -154,7 +154,7 @@ static enum lru_status gfs2_qd_isolate(struct list_head *item, @@ -71799,10 +72025,10 @@ index 3aa17d4..b338075 100644 spin_unlock(&qd->qd_lockref.lock); diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c -index fd62cae..3494dfa 100644 +index 07d8d8f..2c2a4e7 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c -@@ -908,7 +908,7 @@ static void *hostfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -918,7 +918,7 @@ static void *hostfs_follow_link(struct dentry *dentry, struct nameidata *nd) static void hostfs_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) { @@ -71812,10 +72038,10 @@ index fd62cae..3494dfa 100644 __putname(s); } diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c -index c274aca..772fa5e 100644 +index 87724c1..5a5e53f 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c -@@ -148,6 +148,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -151,6 +151,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, struct mm_struct *mm = current->mm; struct vm_area_struct *vma; struct hstate *h = hstate_file(file); @@ -71823,7 +72049,7 @@ index c274aca..772fa5e 100644 struct vm_unmapped_area_info info; if (len & ~huge_page_mask(h)) -@@ -161,17 +162,26 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -164,17 +165,26 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, return addr; } @@ -71852,7 +72078,7 @@ index c274aca..772fa5e 100644 info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; -@@ -912,7 +922,7 @@ static struct file_system_type hugetlbfs_fs_type = { +@@ -939,7 +949,7 @@ static struct file_system_type hugetlbfs_fs_type = { }; MODULE_ALIAS_FS("hugetlbfs"); @@ -71862,7 +72088,7 @@ index c274aca..772fa5e 100644 static int can_do_hugetlb_shm(void) { diff --git a/fs/inode.c b/fs/inode.c -index c60671d..9c2eb5f 100644 +index 6e342ca..0538cb7 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -830,16 +830,20 @@ unsigned int get_next_ino(void) @@ -71918,7 +72144,7 @@ index 09ed551..45684f8 100644 /* diff --git a/fs/jfs/super.c b/fs/jfs/super.c -index 5d30c56..8c45372 100644 +index 4cd9798..8dfe86a 100644 --- a/fs/jfs/super.c +++ b/fs/jfs/super.c @@ -901,7 +901,7 @@ static int __init init_jfs_fs(void) @@ -71931,7 +72157,7 @@ index 5d30c56..8c45372 100644 if (jfs_inode_cachep == NULL) return -ENOMEM; diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c -index 345b35f..da7e0da 100644 +index 2d48d28..82eddad 100644 --- a/fs/kernfs/dir.c +++ b/fs/kernfs/dir.c @@ -182,7 +182,7 @@ struct kernfs_node *kernfs_get_parent(struct kernfs_node *kn) @@ -71943,7 +72169,7 @@ index 345b35f..da7e0da 100644 { unsigned long hash = init_name_hash(); unsigned int len = strlen(name); -@@ -838,6 +838,12 @@ static int kernfs_iop_mkdir(struct inode *dir, struct dentry *dentry, +@@ -873,6 +873,12 @@ static int kernfs_iop_mkdir(struct inode *dir, struct dentry *dentry, ret = scops->mkdir(parent, dentry->d_name.name, mode); kernfs_put_active(parent); @@ -72053,7 +72279,7 @@ index 8a19889..4c3069a 100644 free_page((unsigned long)page); } diff --git a/fs/libfs.c b/fs/libfs.c -index 0ab6512..cd9982d 100644 +index 0281359..24971ac 100644 --- a/fs/libfs.c +++ b/fs/libfs.c @@ -160,6 +160,9 @@ int dcache_readdir(struct file *file, struct dir_context *ctx) @@ -72077,7 +72303,7 @@ index 0ab6512..cd9982d 100644 + name = d_name; + } + if (!dir_emit(ctx, name, next->d_name.len, - next->d_inode->i_ino, dt_type(next->d_inode))) + d_inode(next)->i_ino, dt_type(d_inode(next)))) return 0; spin_lock(&dentry->d_lock); @@ -1027,7 +1035,7 @@ EXPORT_SYMBOL(noop_fsync); @@ -72130,10 +72356,10 @@ index 6a61c2b..bd79179 100644 #define MNT_NS_INTERNAL ERR_PTR(-EINVAL) /* distinct from any mnt_namespace */ diff --git a/fs/namei.c b/fs/namei.c -index 50a8583..44c470a 100644 +index fe30d3b..cf767ae 100644 --- a/fs/namei.c +++ b/fs/namei.c -@@ -337,17 +337,32 @@ int generic_permission(struct inode *inode, int mask) +@@ -336,17 +336,32 @@ int generic_permission(struct inode *inode, int mask) if (ret != -EACCES) return ret; @@ -72170,7 +72396,7 @@ index 50a8583..44c470a 100644 * Read/write DACs are always overridable. * Executable DACs are overridable when there is * at least one exec bit set. -@@ -356,14 +371,6 @@ int generic_permission(struct inode *inode, int mask) +@@ -355,14 +370,6 @@ int generic_permission(struct inode *inode, int mask) if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) return 0; @@ -72185,7 +72411,7 @@ index 50a8583..44c470a 100644 return -EACCES; } EXPORT_SYMBOL(generic_permission); -@@ -503,7 +510,7 @@ struct nameidata { +@@ -502,7 +509,7 @@ struct nameidata { int last_type; unsigned depth; struct file *base; @@ -72194,7 +72420,7 @@ index 50a8583..44c470a 100644 }; /* -@@ -714,13 +721,13 @@ void nd_jump_link(struct nameidata *nd, struct path *path) +@@ -713,13 +720,13 @@ void nd_jump_link(struct nameidata *nd, struct path *path) nd->flags |= LOOKUP_JUMPED; } @@ -72210,7 +72436,7 @@ index 50a8583..44c470a 100644 { return nd->saved_names[nd->depth]; } -@@ -855,7 +862,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -854,7 +861,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) { struct dentry *dentry = link->dentry; int error; @@ -72219,12 +72445,11 @@ index 50a8583..44c470a 100644 BUG_ON(nd->flags & LOOKUP_RCU); -@@ -876,6 +883,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -875,6 +882,11 @@ follow_link(struct path *link, struct nameidata *nd, void **p) if (error) goto out_put_nd_path; -+ if (gr_handle_follow_link(dentry->d_parent->d_inode, -+ dentry->d_inode, dentry, nd->path.mnt)) { ++ if (gr_handle_follow_link(dentry, nd->path.mnt)) { + error = -EACCES; + goto out_put_nd_path; + } @@ -72232,7 +72457,7 @@ index 50a8583..44c470a 100644 nd->last_type = LAST_BIND; *p = dentry->d_inode->i_op->follow_link(dentry, nd); error = PTR_ERR(*p); -@@ -1640,6 +1653,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) +@@ -1647,6 +1659,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) if (res) break; res = walk_component(nd, path, LOOKUP_FOLLOW); @@ -72241,7 +72466,7 @@ index 50a8583..44c470a 100644 put_link(nd, &link, cookie); } while (res > 0); -@@ -1712,7 +1727,7 @@ EXPORT_SYMBOL(full_name_hash); +@@ -1719,7 +1733,7 @@ EXPORT_SYMBOL(full_name_hash); static inline u64 hash_name(const char *name) { unsigned long a, b, adata, bdata, mask, hash, len; @@ -72250,7 +72475,7 @@ index 50a8583..44c470a 100644 hash = a = 0; len = -sizeof(unsigned long); -@@ -2007,6 +2022,8 @@ static int path_lookupat(int dfd, const char *name, +@@ -2015,6 +2029,8 @@ static int path_lookupat(int dfd, const struct filename *name, if (err) break; err = lookup_last(nd, &path); @@ -72259,7 +72484,7 @@ index 50a8583..44c470a 100644 put_link(nd, &link, cookie); } } -@@ -2014,6 +2031,13 @@ static int path_lookupat(int dfd, const char *name, +@@ -2022,6 +2038,13 @@ static int path_lookupat(int dfd, const struct filename *name, if (!err) err = complete_walk(nd); @@ -72273,9 +72498,9 @@ index 50a8583..44c470a 100644 if (!err && nd->flags & LOOKUP_DIRECTORY) { if (!d_can_lookup(nd->path.dentry)) { path_put(&nd->path); -@@ -2035,8 +2059,15 @@ static int filename_lookup(int dfd, struct filename *name, - retval = path_lookupat(dfd, name->name, - flags | LOOKUP_REVAL, nd); +@@ -2042,8 +2065,15 @@ static int filename_lookup(int dfd, struct filename *name, + if (unlikely(retval == -ESTALE)) + retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd); - if (likely(!retval)) + if (likely(!retval)) { @@ -72290,7 +72515,7 @@ index 50a8583..44c470a 100644 return retval; } -@@ -2615,6 +2646,13 @@ static int may_open(struct path *path, int acc_mode, int flag) +@@ -2621,6 +2651,13 @@ static int may_open(struct path *path, int acc_mode, int flag) if (flag & O_NOATIME && !inode_owner_or_capable(inode)) return -EPERM; @@ -72304,7 +72529,7 @@ index 50a8583..44c470a 100644 return 0; } -@@ -2846,7 +2884,7 @@ looked_up: +@@ -2852,7 +2889,7 @@ looked_up: * cleared otherwise prior to returning. */ static int lookup_open(struct nameidata *nd, struct path *path, @@ -72313,7 +72538,7 @@ index 50a8583..44c470a 100644 const struct open_flags *op, bool got_write, int *opened) { -@@ -2881,6 +2919,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2887,6 +2924,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, /* Negative dentry, just create the file */ if (!dentry->d_inode && (op->open_flag & O_CREAT)) { umode_t mode = op->mode; @@ -72331,7 +72556,7 @@ index 50a8583..44c470a 100644 if (!IS_POSIXACL(dir->d_inode)) mode &= ~current_umask(); /* -@@ -2902,6 +2951,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2908,6 +2956,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, nd->flags & LOOKUP_EXCL); if (error) goto out_dput; @@ -72340,7 +72565,7 @@ index 50a8583..44c470a 100644 } out_no_open: path->dentry = dentry; -@@ -2916,7 +2967,7 @@ out_dput: +@@ -2922,7 +2972,7 @@ out_dput: /* * Handle the last step of open() */ @@ -72349,7 +72574,7 @@ index 50a8583..44c470a 100644 struct file *file, const struct open_flags *op, int *opened, struct filename *name) { -@@ -2966,6 +3017,15 @@ static int do_last(struct nameidata *nd, struct path *path, +@@ -2972,6 +3022,15 @@ static int do_last(struct nameidata *nd, struct path *path, if (error) return error; @@ -72365,7 +72590,7 @@ index 50a8583..44c470a 100644 audit_inode(name, dir, LOOKUP_PARENT); error = -EISDIR; /* trailing slashes? */ -@@ -2985,7 +3045,7 @@ retry_lookup: +@@ -2991,7 +3050,7 @@ retry_lookup: */ } mutex_lock(&dir->d_inode->i_mutex); @@ -72374,7 +72599,7 @@ index 50a8583..44c470a 100644 mutex_unlock(&dir->d_inode->i_mutex); if (error <= 0) { -@@ -3009,11 +3069,28 @@ retry_lookup: +@@ -3015,11 +3074,28 @@ retry_lookup: goto finish_open_created; } @@ -72404,7 +72629,7 @@ index 50a8583..44c470a 100644 /* * If atomic_open() acquired write access it is dropped now due to -@@ -3055,6 +3132,11 @@ finish_lookup: +@@ -3060,6 +3136,11 @@ finish_lookup: } } BUG_ON(inode != path->dentry->d_inode); @@ -72416,7 +72641,7 @@ index 50a8583..44c470a 100644 return 1; } -@@ -3074,7 +3156,18 @@ finish_open: +@@ -3079,7 +3160,18 @@ finish_open: path_put(&save_parent); return error; } @@ -72435,7 +72660,7 @@ index 50a8583..44c470a 100644 error = -EISDIR; if ((open_flag & O_CREAT) && d_is_dir(nd->path.dentry)) goto out; -@@ -3235,7 +3328,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -3240,7 +3332,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, if (unlikely(error)) goto out; @@ -72444,7 +72669,7 @@ index 50a8583..44c470a 100644 while (unlikely(error > 0)) { /* trailing symlink */ struct path link = path; void *cookie; -@@ -3253,7 +3346,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -3258,7 +3350,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, error = follow_link(&link, nd, &cookie); if (unlikely(error)) break; @@ -72453,7 +72678,7 @@ index 50a8583..44c470a 100644 put_link(nd, &link, cookie); } out: -@@ -3356,9 +3449,11 @@ static struct dentry *filename_create(int dfd, struct filename *name, +@@ -3361,9 +3453,11 @@ static struct dentry *filename_create(int dfd, struct filename *name, goto unlock; error = -EEXIST; @@ -72467,7 +72692,7 @@ index 50a8583..44c470a 100644 /* * Special case - lookup gave negative, but... we had foo/bar/ * From the vfs_mknod() POV we just have a negative dentry - -@@ -3423,6 +3518,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, +@@ -3428,6 +3522,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, } EXPORT_SYMBOL(user_path_create); @@ -72488,7 +72713,7 @@ index 50a8583..44c470a 100644 int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { int error = may_create(dir, dentry); -@@ -3486,6 +3595,17 @@ retry: +@@ -3491,6 +3599,17 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -72506,7 +72731,7 @@ index 50a8583..44c470a 100644 error = security_path_mknod(&path, dentry, mode, dev); if (error) goto out; -@@ -3501,6 +3621,8 @@ retry: +@@ -3506,6 +3625,8 @@ retry: error = vfs_mknod(path.dentry->d_inode,dentry,mode,0); break; } @@ -72515,7 +72740,7 @@ index 50a8583..44c470a 100644 out: done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { -@@ -3555,9 +3677,16 @@ retry: +@@ -3560,9 +3681,16 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -72532,7 +72757,7 @@ index 50a8583..44c470a 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3590,7 +3719,7 @@ void dentry_unhash(struct dentry *dentry) +@@ -3595,7 +3723,7 @@ void dentry_unhash(struct dentry *dentry) { shrink_dcache_parent(dentry); spin_lock(&dentry->d_lock); @@ -72541,7 +72766,7 @@ index 50a8583..44c470a 100644 __d_drop(dentry); spin_unlock(&dentry->d_lock); } -@@ -3641,6 +3770,8 @@ static long do_rmdir(int dfd, const char __user *pathname) +@@ -3646,6 +3774,8 @@ static long do_rmdir(int dfd, const char __user *pathname) struct filename *name; struct dentry *dentry; struct nameidata nd; @@ -72550,7 +72775,7 @@ index 50a8583..44c470a 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3673,10 +3804,21 @@ retry: +@@ -3678,10 +3808,21 @@ retry: error = -ENOENT; goto exit3; } @@ -72572,7 +72797,7 @@ index 50a8583..44c470a 100644 exit3: dput(dentry); exit2: -@@ -3769,6 +3911,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) +@@ -3774,6 +3915,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) struct nameidata nd; struct inode *inode = NULL; struct inode *delegated_inode = NULL; @@ -72581,7 +72806,7 @@ index 50a8583..44c470a 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3795,10 +3939,22 @@ retry_deleg: +@@ -3800,10 +3943,22 @@ retry_deleg: if (d_is_negative(dentry)) goto slashes; ihold(inode); @@ -72604,7 +72829,7 @@ index 50a8583..44c470a 100644 exit2: dput(dentry); } -@@ -3887,9 +4043,17 @@ retry: +@@ -3892,9 +4047,17 @@ retry: if (IS_ERR(dentry)) goto out_putname; @@ -72622,7 +72847,7 @@ index 50a8583..44c470a 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3993,6 +4157,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, +@@ -3998,6 +4161,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, struct dentry *new_dentry; struct path old_path, new_path; struct inode *delegated_inode = NULL; @@ -72630,7 +72855,7 @@ index 50a8583..44c470a 100644 int how = 0; int error; -@@ -4016,7 +4181,7 @@ retry: +@@ -4021,7 +4185,7 @@ retry: if (error) return error; @@ -72639,14 +72864,12 @@ index 50a8583..44c470a 100644 (how & LOOKUP_REVAL)); error = PTR_ERR(new_dentry); if (IS_ERR(new_dentry)) -@@ -4028,11 +4193,28 @@ retry: +@@ -4033,11 +4197,26 @@ retry: error = may_linkat(&old_path); if (unlikely(error)) goto out_dput; + -+ if (gr_handle_hardlink(old_path.dentry, old_path.mnt, -+ old_path.dentry->d_inode, -+ old_path.dentry->d_inode->i_mode, to)) { ++ if (gr_handle_hardlink(old_path.dentry, old_path.mnt, to)) { + error = -EACCES; + goto out_dput; + } @@ -72668,7 +72891,7 @@ index 50a8583..44c470a 100644 done_path_create(&new_path, new_dentry); if (delegated_inode) { error = break_deleg_wait(&delegated_inode); -@@ -4348,6 +4530,20 @@ retry_deleg: +@@ -4353,6 +4532,20 @@ retry_deleg: if (new_dentry == trap) goto exit5; @@ -72681,7 +72904,7 @@ index 50a8583..44c470a 100644 + } + + error = gr_acl_handle_rename(new_dentry, new_dir, newnd.path.mnt, -+ old_dentry, old_dir->d_inode, oldnd.path.mnt, ++ old_dentry, d_backing_inode(old_dir), oldnd.path.mnt, + to, flags); + if (error) + goto exit5; @@ -72689,17 +72912,17 @@ index 50a8583..44c470a 100644 error = security_path_rename(&oldnd.path, old_dentry, &newnd.path, new_dentry, flags); if (error) -@@ -4355,6 +4551,9 @@ retry_deleg: +@@ -4360,6 +4553,9 @@ retry_deleg: error = vfs_rename(old_dir->d_inode, old_dentry, new_dir->d_inode, new_dentry, &delegated_inode, flags); + if (!error) -+ gr_handle_rename(old_dir->d_inode, new_dir->d_inode, old_dentry, -+ new_dentry, oldnd.path.mnt, new_dentry->d_inode ? 1 : 0, flags); ++ gr_handle_rename(d_backing_inode(old_dir), d_backing_inode(new_dir), old_dentry, ++ new_dentry, oldnd.path.mnt, d_is_positive(new_dentry) ? 1 : 0, flags); exit5: dput(new_dentry); exit4: -@@ -4411,14 +4610,24 @@ EXPORT_SYMBOL(vfs_whiteout); +@@ -4416,14 +4612,24 @@ EXPORT_SYMBOL(vfs_whiteout); int readlink_copy(char __user *buffer, int buflen, const char *link) { @@ -72726,10 +72949,59 @@ index 50a8583..44c470a 100644 out: return len; diff --git a/fs/namespace.c b/fs/namespace.c -index f07c769..9246b81 100644 +index 02c6875..ac3626c 100644 --- a/fs/namespace.c +++ b/fs/namespace.c -@@ -1480,6 +1480,9 @@ static int do_umount(struct mount *mnt, int flags) +@@ -1350,6 +1350,36 @@ enum umount_tree_flags { + UMOUNT_PROPAGATE = 2, + UMOUNT_CONNECTED = 4, + }; ++ ++static bool disconnect_mount(struct mount *mnt, enum umount_tree_flags how) ++{ ++ /* Leaving mounts connected is only valid for lazy umounts */ ++ if (how & UMOUNT_SYNC) ++ return true; ++ ++ /* A mount without a parent has nothing to be connected to */ ++ if (!mnt_has_parent(mnt)) ++ return true; ++ ++ /* Because the reference counting rules change when mounts are ++ * unmounted and connected, umounted mounts may not be ++ * connected to mounted mounts. ++ */ ++ if (!(mnt->mnt_parent->mnt.mnt_flags & MNT_UMOUNT)) ++ return true; ++ ++ /* Has it been requested that the mount remain connected? */ ++ if (how & UMOUNT_CONNECTED) ++ return false; ++ ++ /* Is the mount locked such that it needs to remain connected? */ ++ if (IS_MNT_LOCKED(mnt)) ++ return false; ++ ++ /* By default disconnect the mount */ ++ return true; ++} ++ + /* + * mount_lock must be held + * namespace_sem must be held for write +@@ -1387,10 +1417,7 @@ static void umount_tree(struct mount *mnt, enum umount_tree_flags how) + if (how & UMOUNT_SYNC) + p->mnt.mnt_flags |= MNT_SYNC_UMOUNT; + +- disconnect = !(((how & UMOUNT_CONNECTED) && +- mnt_has_parent(p) && +- (p->mnt_parent->mnt.mnt_flags & MNT_UMOUNT)) || +- IS_MNT_LOCKED_AND_LAZY(p)); ++ disconnect = disconnect_mount(p, how); + + pin_insert_group(&p->mnt_umount, &p->mnt_parent->mnt, + disconnect ? &unmounted : NULL); +@@ -1478,6 +1505,9 @@ static int do_umount(struct mount *mnt, int flags) if (!(sb->s_flags & MS_RDONLY)) retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); up_write(&sb->s_umount); @@ -72739,7 +73011,7 @@ index f07c769..9246b81 100644 return retval; } -@@ -1502,6 +1505,9 @@ static int do_umount(struct mount *mnt, int flags) +@@ -1500,6 +1530,9 @@ static int do_umount(struct mount *mnt, int flags) } unlock_mount_hash(); namespace_unlock(); @@ -72749,7 +73021,21 @@ index f07c769..9246b81 100644 return retval; } -@@ -1559,7 +1565,7 @@ static inline bool may_mount(void) +@@ -1527,11 +1560,8 @@ void __detach_mounts(struct dentry *dentry) + while (!hlist_empty(&mp->m_list)) { + mnt = hlist_entry(mp->m_list.first, struct mount, mnt_mp_list); + if (mnt->mnt.mnt_flags & MNT_UMOUNT) { +- struct mount *p, *tmp; +- list_for_each_entry_safe(p, tmp, &mnt->mnt_mounts, mnt_child) { +- hlist_add_head(&p->mnt_umount.s_list, &unmounted); +- umount_mnt(p); +- } ++ hlist_add_head(&mnt->mnt_umount.s_list, &unmounted); ++ umount_mnt(mnt); + } + else umount_tree(mnt, UMOUNT_CONNECTED); + } +@@ -1557,7 +1587,7 @@ static inline bool may_mount(void) * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD */ @@ -72758,7 +73044,7 @@ index f07c769..9246b81 100644 { struct path path; struct mount *mnt; -@@ -1604,7 +1610,7 @@ out: +@@ -1602,7 +1632,7 @@ out: /* * The 2.0 compatible umount. No flags. */ @@ -72767,7 +73053,7 @@ index f07c769..9246b81 100644 { return sys_umount(name, 0); } -@@ -2673,6 +2679,16 @@ long do_mount(const char *dev_name, const char __user *dir_name, +@@ -2677,6 +2707,16 @@ long do_mount(const char *dev_name, const char __user *dir_name, MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | MS_STRICTATIME); @@ -72784,7 +73070,7 @@ index f07c769..9246b81 100644 if (flags & MS_REMOUNT) retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, data_page); -@@ -2686,7 +2702,10 @@ long do_mount(const char *dev_name, const char __user *dir_name, +@@ -2690,7 +2730,10 @@ long do_mount(const char *dev_name, const char __user *dir_name, retval = do_new_mount(&path, type_page, flags, mnt_flags, dev_name, data_page); dput_out: @@ -72795,7 +73081,7 @@ index f07c769..9246b81 100644 return retval; } -@@ -2704,7 +2723,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) +@@ -2708,7 +2751,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) * number incrementing at 10Ghz will take 12,427 years to wrap which * is effectively never, so we can ignore the possibility. */ @@ -72804,7 +73090,7 @@ index f07c769..9246b81 100644 static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) { -@@ -2720,7 +2739,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) +@@ -2724,7 +2767,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) return ERR_PTR(ret); } new_ns->ns.ops = &mntns_operations; @@ -72813,7 +73099,7 @@ index f07c769..9246b81 100644 atomic_set(&new_ns->count, 1); new_ns->root = NULL; INIT_LIST_HEAD(&new_ns->list); -@@ -2730,7 +2749,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) +@@ -2734,7 +2777,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) return new_ns; } @@ -72822,7 +73108,7 @@ index f07c769..9246b81 100644 struct user_namespace *user_ns, struct fs_struct *new_fs) { struct mnt_namespace *new_ns; -@@ -2851,8 +2870,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) +@@ -2855,8 +2898,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) } EXPORT_SYMBOL(mount_subtree); @@ -72833,7 +73119,7 @@ index f07c769..9246b81 100644 { int ret; char *kernel_type; -@@ -2958,6 +2977,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, +@@ -2962,6 +3005,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, if (error) goto out2; @@ -72845,7 +73131,7 @@ index f07c769..9246b81 100644 get_fs_root(current->fs, &root); old_mp = lock_mount(&old); error = PTR_ERR(old_mp); -@@ -3242,7 +3266,7 @@ static int mntns_install(struct nsproxy *nsproxy, struct ns_common *ns) +@@ -3263,7 +3311,7 @@ static int mntns_install(struct nsproxy *nsproxy, struct ns_common *ns) !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) return -EPERM; @@ -72868,10 +73154,10 @@ index 19ca95c..b28702c 100644 static struct callback_op callback_ops[]; diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c -index d42dff6..ecbdf42 100644 +index f734562..3fd6c4e 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c -@@ -1270,16 +1270,16 @@ static int nfs_ctime_need_update(const struct inode *inode, const struct nfs_fat +@@ -1275,16 +1275,16 @@ static int nfs_ctime_need_update(const struct inode *inode, const struct nfs_fat return timespec_compare(&fattr->ctime, &inode->i_ctime) > 0; } @@ -72892,7 +73178,7 @@ index d42dff6..ecbdf42 100644 EXPORT_SYMBOL_GPL(nfs_inc_attr_generation_counter); diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c -index 5416968..0942042 100644 +index 864e200..357c255 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -1496,7 +1496,7 @@ struct nfsd4_operation { @@ -72905,7 +73191,7 @@ index 5416968..0942042 100644 static struct nfsd4_operation nfsd4_ops[]; diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c -index 5b33ce1..c2a92aa 100644 +index 158badf..f7132ea 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -1703,7 +1703,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) @@ -72958,7 +73244,7 @@ index 46ec934..f384e41 100644 break; case RC_REPLBUFF: diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c -index 3685265..e77261e 100644 +index 84d770b..929bc5e 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -893,7 +893,7 @@ __be32 nfsd_readv(struct file *file, loff_t offset, struct kvec *vec, int vlen, @@ -73143,19 +73429,6 @@ index 9e38daf..5727cae 100644 ntfs_error(sb, "Out of bounds check failed. Corrupt directory " "inode 0x%lx or driver bug.", vdir->i_ino); goto err_out; -diff --git a/fs/ntfs/file.c b/fs/ntfs/file.c -index 1da9b2d..9cca092a 100644 ---- a/fs/ntfs/file.c -+++ b/fs/ntfs/file.c -@@ -1281,7 +1281,7 @@ static inline size_t ntfs_copy_from_user(struct page **pages, - char *addr; - size_t total = 0; - unsigned len; -- int left; -+ unsigned left; - - do { - len = PAGE_CACHE_SIZE - ofs; diff --git a/fs/ntfs/super.c b/fs/ntfs/super.c index 9e1e112..241a52a 100644 --- a/fs/ntfs/super.c @@ -73188,7 +73461,7 @@ index 9e1e112..241a52a 100644 if (bh_primary) brelse(bh_primary); diff --git a/fs/ocfs2/localalloc.c b/fs/ocfs2/localalloc.c -index 0440134..d52c93a 100644 +index 857bbbc..3c47d15 100644 --- a/fs/ocfs2/localalloc.c +++ b/fs/ocfs2/localalloc.c @@ -1320,7 +1320,7 @@ static int ocfs2_local_alloc_slide_window(struct ocfs2_super *osb, @@ -73221,21 +73494,8 @@ index 460c6c3..b4ef513 100644 }; enum ocfs2_local_alloc_state -diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c -index ee541f9..df3a500 100644 ---- a/fs/ocfs2/refcounttree.c -+++ b/fs/ocfs2/refcounttree.c -@@ -4276,7 +4276,7 @@ static int ocfs2_reflink(struct dentry *old_dentry, struct inode *dir, - error = posix_acl_create(dir, &mode, &default_acl, &acl); - if (error) { - mlog_errno(error); -- goto out; -+ return error; - } - - error = ocfs2_create_inode_in_orphan(dir, mode, diff --git a/fs/ocfs2/suballoc.c b/fs/ocfs2/suballoc.c -index 0cb889a..6a26b24 100644 +index 4479029..5de740b 100644 --- a/fs/ocfs2/suballoc.c +++ b/fs/ocfs2/suballoc.c @@ -867,7 +867,7 @@ static int ocfs2_reserve_suballoc_bits(struct ocfs2_super *osb, @@ -73293,7 +73553,7 @@ index 0cb889a..6a26b24 100644 } } diff --git a/fs/ocfs2/super.c b/fs/ocfs2/super.c -index 2667518..24bcf79 100644 +index 403c566..6525b35 100644 --- a/fs/ocfs2/super.c +++ b/fs/ocfs2/super.c @@ -308,11 +308,11 @@ static int ocfs2_osb_dump(struct ocfs2_super *osb, char *buf, int len) @@ -73313,7 +73573,7 @@ index 2667518..24bcf79 100644 out += snprintf(buf + out, len - out, "%10s => State: %u Descriptor: %llu Size: %u bits " -@@ -2093,11 +2093,11 @@ static int ocfs2_initialize_super(struct super_block *sb, +@@ -2095,11 +2095,11 @@ static int ocfs2_initialize_super(struct super_block *sb, mutex_init(&osb->system_file_mutex); @@ -73331,7 +73591,7 @@ index 2667518..24bcf79 100644 /* Copy the blockcheck stats from the superblock probe */ osb->osb_ecc_stats = *stats; diff --git a/fs/open.c b/fs/open.c -index 44a3be1..5e97aa1 100644 +index 98e5a52..8e77e14 100644 --- a/fs/open.c +++ b/fs/open.c @@ -32,6 +32,8 @@ @@ -73361,7 +73621,7 @@ index 44a3be1..5e97aa1 100644 if (!error) error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, f.file); sb_end_write(inode->i_sb); -@@ -392,6 +398,9 @@ retry: +@@ -396,6 +402,9 @@ retry: if (__mnt_is_readonly(path.mnt)) res = -EROFS; @@ -73371,7 +73631,7 @@ index 44a3be1..5e97aa1 100644 out_path_release: path_put(&path); if (retry_estale(res, lookup_flags)) { -@@ -423,6 +432,8 @@ retry: +@@ -427,6 +436,8 @@ retry: if (error) goto dput_and_out; @@ -73380,7 +73640,7 @@ index 44a3be1..5e97aa1 100644 set_fs_pwd(current->fs, &path); dput_and_out: -@@ -452,6 +463,13 @@ SYSCALL_DEFINE1(fchdir, unsigned int, fd) +@@ -456,6 +467,13 @@ SYSCALL_DEFINE1(fchdir, unsigned int, fd) goto out_putf; error = inode_permission(inode, MAY_EXEC | MAY_CHDIR); @@ -73394,7 +73654,7 @@ index 44a3be1..5e97aa1 100644 if (!error) set_fs_pwd(current->fs, &f.file->f_path); out_putf: -@@ -481,7 +499,13 @@ retry: +@@ -485,7 +503,13 @@ retry: if (error) goto dput_and_out; @@ -73408,7 +73668,7 @@ index 44a3be1..5e97aa1 100644 error = 0; dput_and_out: path_put(&path); -@@ -505,6 +529,16 @@ static int chmod_common(struct path *path, umode_t mode) +@@ -509,6 +533,16 @@ static int chmod_common(struct path *path, umode_t mode) return error; retry_deleg: mutex_lock(&inode->i_mutex); @@ -73425,7 +73685,7 @@ index 44a3be1..5e97aa1 100644 error = security_path_chmod(path, mode); if (error) goto out_unlock; -@@ -570,6 +604,9 @@ static int chown_common(struct path *path, uid_t user, gid_t group) +@@ -574,6 +608,9 @@ static int chown_common(struct path *path, uid_t user, gid_t group) uid = make_kuid(current_user_ns(), user); gid = make_kgid(current_user_ns(), group); @@ -73435,7 +73695,7 @@ index 44a3be1..5e97aa1 100644 retry_deleg: newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { -@@ -1017,6 +1054,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) +@@ -1018,6 +1055,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) } else { fsnotify_open(f); fd_install(fd, f); @@ -73443,6 +73703,20 @@ index 44a3be1..5e97aa1 100644 } } putname(tmp); +diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c +index 04f1248..60b3be1 100644 +--- a/fs/overlayfs/inode.c ++++ b/fs/overlayfs/inode.c +@@ -344,6 +344,9 @@ static int ovl_dentry_open(struct dentry *dentry, struct file *file, + enum ovl_path_type type; + bool want_write = false; + ++ if (d_is_dir(dentry)) ++ return d_backing_inode(dentry); ++ + type = ovl_path_real(dentry, &realpath); + if (ovl_open_need_copy_up(file->f_flags, type, realpath.dentry)) { + want_write = true; diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index bf8537c..c16ef7d 100644 --- a/fs/overlayfs/super.c @@ -73468,10 +73742,10 @@ index bf8537c..c16ef7d 100644 struct ovl_entry *oe; struct ovl_fs *ufs; diff --git a/fs/pipe.c b/fs/pipe.c -index 21981e5..2c0bffb 100644 +index 8865f79..bd2c79b 100644 --- a/fs/pipe.c +++ b/fs/pipe.c -@@ -37,7 +37,7 @@ unsigned int pipe_max_size = 1048576; +@@ -36,7 +36,7 @@ unsigned int pipe_max_size = 1048576; /* * Minimum pipe size, as required by POSIX */ @@ -73480,7 +73754,7 @@ index 21981e5..2c0bffb 100644 /* * We use a start+len construction, which provides full use of the -@@ -56,7 +56,7 @@ unsigned int pipe_min_size = PAGE_SIZE; +@@ -55,7 +55,7 @@ unsigned int pipe_min_size = PAGE_SIZE; static void pipe_lock_nested(struct pipe_inode_info *pipe, int subclass) { @@ -73489,7 +73763,7 @@ index 21981e5..2c0bffb 100644 mutex_lock_nested(&pipe->mutex, subclass); } -@@ -71,7 +71,7 @@ EXPORT_SYMBOL(pipe_lock); +@@ -70,7 +70,7 @@ EXPORT_SYMBOL(pipe_lock); void pipe_unlock(struct pipe_inode_info *pipe) { @@ -73498,7 +73772,7 @@ index 21981e5..2c0bffb 100644 mutex_unlock(&pipe->mutex); } EXPORT_SYMBOL(pipe_unlock); -@@ -292,9 +292,9 @@ pipe_read(struct kiocb *iocb, struct iov_iter *to) +@@ -291,9 +291,9 @@ pipe_read(struct kiocb *iocb, struct iov_iter *to) } if (bufs) /* More to do? */ continue; @@ -73510,7 +73784,7 @@ index 21981e5..2c0bffb 100644 /* syscall merging: Usually we must not sleep * if O_NONBLOCK is set, or if we got some data. * But if a writer sleeps in kernel space, then -@@ -351,7 +351,7 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) +@@ -350,7 +350,7 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) __pipe_lock(pipe); @@ -73519,7 +73793,7 @@ index 21981e5..2c0bffb 100644 send_sig(SIGPIPE, current, 0); ret = -EPIPE; goto out; -@@ -387,7 +387,7 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) +@@ -386,7 +386,7 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) for (;;) { int bufs; @@ -73528,7 +73802,7 @@ index 21981e5..2c0bffb 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -455,9 +455,9 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) +@@ -454,9 +454,9 @@ pipe_write(struct kiocb *iocb, struct iov_iter *from) kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); do_wakeup = 0; } @@ -73540,7 +73814,7 @@ index 21981e5..2c0bffb 100644 } out: __pipe_unlock(pipe); -@@ -512,7 +512,7 @@ pipe_poll(struct file *filp, poll_table *wait) +@@ -511,7 +511,7 @@ pipe_poll(struct file *filp, poll_table *wait) mask = 0; if (filp->f_mode & FMODE_READ) { mask = (nrbufs > 0) ? POLLIN | POLLRDNORM : 0; @@ -73549,7 +73823,7 @@ index 21981e5..2c0bffb 100644 mask |= POLLHUP; } -@@ -522,7 +522,7 @@ pipe_poll(struct file *filp, poll_table *wait) +@@ -521,7 +521,7 @@ pipe_poll(struct file *filp, poll_table *wait) * Most Unices do not set POLLERR for FIFOs but on Linux they * behave exactly like pipes for poll(). */ @@ -73558,7 +73832,7 @@ index 21981e5..2c0bffb 100644 mask |= POLLERR; } -@@ -534,7 +534,7 @@ static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) +@@ -533,7 +533,7 @@ static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) int kill = 0; spin_lock(&inode->i_lock); @@ -73567,7 +73841,7 @@ index 21981e5..2c0bffb 100644 inode->i_pipe = NULL; kill = 1; } -@@ -551,11 +551,11 @@ pipe_release(struct inode *inode, struct file *file) +@@ -550,11 +550,11 @@ pipe_release(struct inode *inode, struct file *file) __pipe_lock(pipe); if (file->f_mode & FMODE_READ) @@ -73582,7 +73856,7 @@ index 21981e5..2c0bffb 100644 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP); kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); -@@ -620,7 +620,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) +@@ -619,7 +619,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) kfree(pipe); } @@ -73591,7 +73865,7 @@ index 21981e5..2c0bffb 100644 /* * pipefs_dname() is called from d_path(). -@@ -650,8 +650,9 @@ static struct inode * get_pipe_inode(void) +@@ -649,8 +649,9 @@ static struct inode * get_pipe_inode(void) goto fail_iput; inode->i_pipe = pipe; @@ -73603,7 +73877,7 @@ index 21981e5..2c0bffb 100644 inode->i_fop = &pipefifo_fops; /* -@@ -830,17 +831,17 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -829,17 +830,17 @@ static int fifo_open(struct inode *inode, struct file *filp) spin_lock(&inode->i_lock); if (inode->i_pipe) { pipe = inode->i_pipe; @@ -73624,7 +73898,7 @@ index 21981e5..2c0bffb 100644 spin_unlock(&inode->i_lock); free_pipe_info(pipe); pipe = inode->i_pipe; -@@ -865,10 +866,10 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -864,10 +865,10 @@ static int fifo_open(struct inode *inode, struct file *filp) * opened, even when there is no process writing the FIFO. */ pipe->r_counter++; @@ -73637,7 +73911,7 @@ index 21981e5..2c0bffb 100644 if ((filp->f_flags & O_NONBLOCK)) { /* suppress POLLHUP until we have * seen a writer */ -@@ -887,14 +888,14 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -886,14 +887,14 @@ static int fifo_open(struct inode *inode, struct file *filp) * errno=ENXIO when there is no process reading the FIFO. */ ret = -ENXIO; @@ -73655,7 +73929,7 @@ index 21981e5..2c0bffb 100644 if (wait_for_partner(pipe, &pipe->r_counter)) goto err_wr; } -@@ -908,11 +909,11 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -907,11 +908,11 @@ static int fifo_open(struct inode *inode, struct file *filp) * the process can at least talk to itself. */ @@ -73670,7 +73944,7 @@ index 21981e5..2c0bffb 100644 wake_up_partner(pipe); break; -@@ -926,13 +927,13 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -925,13 +926,13 @@ static int fifo_open(struct inode *inode, struct file *filp) return 0; err_rd: @@ -73686,7 +73960,7 @@ index 21981e5..2c0bffb 100644 wake_up_interruptible(&pipe->wait); ret = -ERESTARTSYS; goto err; -@@ -1010,7 +1011,7 @@ static long pipe_set_size(struct pipe_inode_info *pipe, unsigned long nr_pages) +@@ -1007,7 +1008,7 @@ static long pipe_set_size(struct pipe_inode_info *pipe, unsigned long nr_pages) * Currently we rely on the pipe array holding a power-of-2 number * of pages. */ @@ -73695,7 +73969,7 @@ index 21981e5..2c0bffb 100644 { unsigned long nr_pages; -@@ -1058,13 +1059,16 @@ long pipe_fcntl(struct file *file, unsigned int cmd, unsigned long arg) +@@ -1055,13 +1056,16 @@ long pipe_fcntl(struct file *file, unsigned int cmd, unsigned long arg) switch (cmd) { case F_SETPIPE_SZ: { @@ -73715,8 +73989,21 @@ index 21981e5..2c0bffb 100644 goto out; if (!capable(CAP_SYS_RESOURCE) && size > pipe_max_size) { +diff --git a/fs/pnode.h b/fs/pnode.h +index 7114ce6..0fcdbe7 100644 +--- a/fs/pnode.h ++++ b/fs/pnode.h +@@ -20,8 +20,6 @@ + #define SET_MNT_MARK(m) ((m)->mnt.mnt_flags |= MNT_MARKED) + #define CLEAR_MNT_MARK(m) ((m)->mnt.mnt_flags &= ~MNT_MARKED) + #define IS_MNT_LOCKED(m) ((m)->mnt.mnt_flags & MNT_LOCKED) +-#define IS_MNT_LOCKED_AND_LAZY(m) \ +- (((m)->mnt.mnt_flags & (MNT_LOCKED|MNT_SYNC_UMOUNT)) == MNT_LOCKED) + + #define CL_EXPIRE 0x01 + #define CL_SLAVE 0x02 diff --git a/fs/posix_acl.c b/fs/posix_acl.c -index 3a48bb7..403067b 100644 +index 84bb65b8..4270e47 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -20,6 +20,7 @@ @@ -73832,7 +74119,7 @@ index 2183fcf..3c32a98 100644 help Various /proc files exist to monitor process memory utilization: diff --git a/fs/proc/array.c b/fs/proc/array.c -index 1295a00..4c91a6b 100644 +index fd02a9e..7bc9dff 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c @@ -60,6 +60,7 @@ @@ -73843,7 +74130,7 @@ index 1295a00..4c91a6b 100644 #include <linux/proc_fs.h> #include <linux/ioport.h> #include <linux/uaccess.h> -@@ -322,6 +323,21 @@ static void task_cpus_allowed(struct seq_file *m, struct task_struct *task) +@@ -340,6 +341,21 @@ static void task_cpus_allowed(struct seq_file *m, struct task_struct *task) cpumask_pr_args(&task->cpus_allowed)); } @@ -73865,7 +74152,7 @@ index 1295a00..4c91a6b 100644 int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { -@@ -340,9 +356,24 @@ int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, +@@ -358,9 +374,24 @@ int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, task_cpus_allowed(m, task); cpuset_task_status_allowed(m, task); task_context_switch_counts(m, task); @@ -73890,7 +74177,7 @@ index 1295a00..4c91a6b 100644 static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task, int whole) { -@@ -364,6 +395,13 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -382,6 +413,13 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, char tcomm[sizeof(task->comm)]; unsigned long flags; @@ -73904,7 +74191,7 @@ index 1295a00..4c91a6b 100644 state = *get_task_state(task); vsize = eip = esp = 0; permitted = ptrace_may_access(task, PTRACE_MODE_READ | PTRACE_MODE_NOAUDIT); -@@ -434,6 +472,19 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -452,6 +490,19 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, gtime = task_gtime(task); } @@ -73924,7 +74211,7 @@ index 1295a00..4c91a6b 100644 /* scale priority and nice values from timeslices to -20..20 */ /* to make it look like a "normal" Unix priority/nice value */ priority = task_prio(task); -@@ -465,9 +516,15 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -483,9 +534,15 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, seq_put_decimal_ull(m, ' ', vsize); seq_put_decimal_ull(m, ' ', mm ? get_mm_rss(mm) : 0); seq_put_decimal_ull(m, ' ', rsslim); @@ -73940,7 +74227,7 @@ index 1295a00..4c91a6b 100644 seq_put_decimal_ull(m, ' ', esp); seq_put_decimal_ull(m, ' ', eip); /* The signal information here is obsolete. -@@ -489,7 +546,11 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -507,7 +564,11 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, seq_put_decimal_ull(m, ' ', cputime_to_clock_t(gtime)); seq_put_decimal_ll(m, ' ', cputime_to_clock_t(cgtime)); @@ -73953,7 +74240,7 @@ index 1295a00..4c91a6b 100644 seq_put_decimal_ull(m, ' ', mm->start_data); seq_put_decimal_ull(m, ' ', mm->end_data); seq_put_decimal_ull(m, ' ', mm->start_brk); -@@ -527,8 +588,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, +@@ -545,8 +606,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { unsigned long size = 0, resident = 0, shared = 0, text = 0, data = 0; @@ -73970,7 +74257,7 @@ index 1295a00..4c91a6b 100644 if (mm) { size = task_statm(mm, &shared, &text, &data, &resident); mmput(mm); -@@ -551,6 +619,20 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, +@@ -569,6 +637,20 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, return 0; } @@ -73992,7 +74279,7 @@ index 1295a00..4c91a6b 100644 static struct pid * get_children_pid(struct inode *inode, struct pid *pid_prev, loff_t pos) diff --git a/fs/proc/base.c b/fs/proc/base.c -index 3f3d7ae..68de109 100644 +index 093ca14..322f097 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -113,6 +113,14 @@ struct pid_entry { @@ -74048,7 +74335,7 @@ index 3f3d7ae..68de109 100644 /* * Provides a wchan file via kallsyms in a proper one-value-per-file format. * Returns the resolved symbol. If that fails, simply return the address. -@@ -265,7 +289,7 @@ static void unlock_trace(struct task_struct *task) +@@ -267,7 +291,7 @@ static void unlock_trace(struct task_struct *task) mutex_unlock(&task->signal->cred_guard_mutex); } @@ -74057,7 +74344,7 @@ index 3f3d7ae..68de109 100644 #define MAX_STACK_TRACE_DEPTH 64 -@@ -456,7 +480,7 @@ static int proc_pid_limits(struct seq_file *m, struct pid_namespace *ns, +@@ -462,7 +486,7 @@ static int proc_pid_limits(struct seq_file *m, struct pid_namespace *ns, return 0; } @@ -74066,7 +74353,7 @@ index 3f3d7ae..68de109 100644 static int proc_pid_syscall(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { -@@ -486,7 +510,7 @@ static int proc_pid_syscall(struct seq_file *m, struct pid_namespace *ns, +@@ -495,7 +519,7 @@ static int proc_pid_syscall(struct seq_file *m, struct pid_namespace *ns, /************************************************************************/ /* permission checks */ @@ -74075,7 +74362,7 @@ index 3f3d7ae..68de109 100644 { struct task_struct *task; int allowed = 0; -@@ -496,7 +520,10 @@ static int proc_fd_access_allowed(struct inode *inode) +@@ -505,7 +529,10 @@ static int proc_fd_access_allowed(struct inode *inode) */ task = get_proc_task(inode); if (task) { @@ -74087,7 +74374,7 @@ index 3f3d7ae..68de109 100644 put_task_struct(task); } return allowed; -@@ -527,10 +554,35 @@ static bool has_pid_permissions(struct pid_namespace *pid, +@@ -536,10 +563,35 @@ static bool has_pid_permissions(struct pid_namespace *pid, struct task_struct *task, int hide_pid_min) { @@ -74123,7 +74410,7 @@ index 3f3d7ae..68de109 100644 return ptrace_may_access(task, PTRACE_MODE_READ); } -@@ -548,7 +600,11 @@ static int proc_pid_permission(struct inode *inode, int mask) +@@ -557,7 +609,11 @@ static int proc_pid_permission(struct inode *inode, int mask) put_task_struct(task); if (!has_perms) { @@ -74135,7 +74422,7 @@ index 3f3d7ae..68de109 100644 /* * Let's make getdents(), stat(), and open() * consistent with each other. If a process -@@ -609,6 +665,10 @@ struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode) +@@ -618,6 +674,10 @@ struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode) if (task) { mm = mm_access(task, mode); @@ -74146,7 +74433,7 @@ index 3f3d7ae..68de109 100644 put_task_struct(task); if (!IS_ERR_OR_NULL(mm)) { -@@ -630,6 +690,11 @@ static int __mem_open(struct inode *inode, struct file *file, unsigned int mode) +@@ -639,6 +699,11 @@ static int __mem_open(struct inode *inode, struct file *file, unsigned int mode) return PTR_ERR(mm); file->private_data = mm; @@ -74158,7 +74445,7 @@ index 3f3d7ae..68de109 100644 return 0; } -@@ -651,6 +716,17 @@ static ssize_t mem_rw(struct file *file, char __user *buf, +@@ -660,6 +725,17 @@ static ssize_t mem_rw(struct file *file, char __user *buf, ssize_t copied; char *page; @@ -74176,7 +74463,7 @@ index 3f3d7ae..68de109 100644 if (!mm) return 0; -@@ -663,7 +739,7 @@ static ssize_t mem_rw(struct file *file, char __user *buf, +@@ -672,7 +748,7 @@ static ssize_t mem_rw(struct file *file, char __user *buf, goto free; while (count > 0) { @@ -74185,7 +74472,7 @@ index 3f3d7ae..68de109 100644 if (write && copy_from_user(page, buf, this_len)) { copied = -EFAULT; -@@ -755,6 +831,13 @@ static ssize_t environ_read(struct file *file, char __user *buf, +@@ -764,6 +840,13 @@ static ssize_t environ_read(struct file *file, char __user *buf, if (!mm) return 0; @@ -74199,7 +74486,7 @@ index 3f3d7ae..68de109 100644 page = (char *)__get_free_page(GFP_TEMPORARY); if (!page) return -ENOMEM; -@@ -764,7 +847,7 @@ static ssize_t environ_read(struct file *file, char __user *buf, +@@ -773,7 +856,7 @@ static ssize_t environ_read(struct file *file, char __user *buf, goto free; while (count > 0) { size_t this_len, max_len; @@ -74208,7 +74495,7 @@ index 3f3d7ae..68de109 100644 if (src >= (mm->env_end - mm->env_start)) break; -@@ -1378,7 +1461,7 @@ static void *proc_pid_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -1387,7 +1470,7 @@ static void *proc_pid_follow_link(struct dentry *dentry, struct nameidata *nd) int error = -EACCES; /* Are we allowed to snoop on the tasks file descriptors? */ @@ -74217,7 +74504,7 @@ index 3f3d7ae..68de109 100644 goto out; error = PROC_I(inode)->op.proc_get_link(dentry, &path); -@@ -1422,8 +1505,18 @@ static int proc_pid_readlink(struct dentry * dentry, char __user * buffer, int b +@@ -1431,8 +1514,18 @@ static int proc_pid_readlink(struct dentry * dentry, char __user * buffer, int b struct path path; /* Are we allowed to snoop on the tasks file descriptors? */ @@ -74238,7 +74525,7 @@ index 3f3d7ae..68de109 100644 error = PROC_I(inode)->op.proc_get_link(dentry, &path); if (error) -@@ -1473,7 +1566,11 @@ struct inode *proc_pid_make_inode(struct super_block * sb, struct task_struct *t +@@ -1482,7 +1575,11 @@ struct inode *proc_pid_make_inode(struct super_block * sb, struct task_struct *t rcu_read_lock(); cred = __task_cred(task); inode->i_uid = cred->euid; @@ -74250,7 +74537,7 @@ index 3f3d7ae..68de109 100644 rcu_read_unlock(); } security_task_to_inode(task, inode); -@@ -1509,10 +1606,19 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) +@@ -1518,10 +1615,19 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) return -ENOENT; } if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || @@ -74270,7 +74557,7 @@ index 3f3d7ae..68de109 100644 } } rcu_read_unlock(); -@@ -1550,11 +1656,20 @@ int pid_revalidate(struct dentry *dentry, unsigned int flags) +@@ -1559,11 +1665,20 @@ int pid_revalidate(struct dentry *dentry, unsigned int flags) if (task) { if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || @@ -74291,7 +74578,7 @@ index 3f3d7ae..68de109 100644 rcu_read_unlock(); } else { inode->i_uid = GLOBAL_ROOT_UID; -@@ -2085,6 +2200,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, +@@ -2095,6 +2210,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, if (!task) goto out_no_task; @@ -74301,7 +74588,7 @@ index 3f3d7ae..68de109 100644 /* * Yes, it does not scale. And it should not. Don't add * new entries into /proc/<tgid>/ without very good reasons. -@@ -2115,6 +2233,9 @@ static int proc_pident_readdir(struct file *file, struct dir_context *ctx, +@@ -2125,6 +2243,9 @@ static int proc_pident_readdir(struct file *file, struct dir_context *ctx, if (!task) return -ENOENT; @@ -74311,7 +74598,7 @@ index 3f3d7ae..68de109 100644 if (!dir_emit_dots(file, ctx)) goto out; -@@ -2557,7 +2678,7 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2569,7 +2690,7 @@ static const struct pid_entry tgid_base_stuff[] = { REG("autogroup", S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations), #endif REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), @@ -74320,7 +74607,7 @@ index 3f3d7ae..68de109 100644 ONE("syscall", S_IRUSR, proc_pid_syscall), #endif ONE("cmdline", S_IRUGO, proc_pid_cmdline), -@@ -2582,10 +2703,10 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2594,10 +2715,10 @@ static const struct pid_entry tgid_base_stuff[] = { #ifdef CONFIG_SECURITY DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), #endif @@ -74333,7 +74620,7 @@ index 3f3d7ae..68de109 100644 ONE("stack", S_IRUSR, proc_pid_stack), #endif #ifdef CONFIG_SCHEDSTATS -@@ -2619,6 +2740,9 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2631,6 +2752,9 @@ static const struct pid_entry tgid_base_stuff[] = { #ifdef CONFIG_HARDWALL ONE("hardwall", S_IRUGO, proc_pid_hardwall), #endif @@ -74343,7 +74630,7 @@ index 3f3d7ae..68de109 100644 #ifdef CONFIG_USER_NS REG("uid_map", S_IRUGO|S_IWUSR, proc_uid_map_operations), REG("gid_map", S_IRUGO|S_IWUSR, proc_gid_map_operations), -@@ -2751,7 +2875,14 @@ static int proc_pid_instantiate(struct inode *dir, +@@ -2763,7 +2887,14 @@ static int proc_pid_instantiate(struct inode *dir, if (!inode) goto out; @@ -74358,7 +74645,7 @@ index 3f3d7ae..68de109 100644 inode->i_op = &proc_tgid_base_inode_operations; inode->i_fop = &proc_tgid_base_operations; inode->i_flags|=S_IMMUTABLE; -@@ -2789,7 +2920,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign +@@ -2801,7 +2932,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign if (!task) goto out; @@ -74370,7 +74657,7 @@ index 3f3d7ae..68de109 100644 put_task_struct(task); out: return ERR_PTR(result); -@@ -2903,7 +3038,7 @@ static const struct pid_entry tid_base_stuff[] = { +@@ -2915,7 +3050,7 @@ static const struct pid_entry tid_base_stuff[] = { REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations), #endif REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), @@ -74379,7 +74666,7 @@ index 3f3d7ae..68de109 100644 ONE("syscall", S_IRUSR, proc_pid_syscall), #endif ONE("cmdline", S_IRUGO, proc_pid_cmdline), -@@ -2930,10 +3065,10 @@ static const struct pid_entry tid_base_stuff[] = { +@@ -2942,10 +3077,10 @@ static const struct pid_entry tid_base_stuff[] = { #ifdef CONFIG_SECURITY DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), #endif @@ -74425,10 +74712,10 @@ index 50493ed..248166b 100644 } fs_initcall(proc_devices_init); diff --git a/fs/proc/fd.c b/fs/proc/fd.c -index 8e5ad83..1f07a8c 100644 +index 6e5fcd0..06ea074 100644 --- a/fs/proc/fd.c +++ b/fs/proc/fd.c -@@ -26,7 +26,8 @@ static int seq_show(struct seq_file *m, void *v) +@@ -27,7 +27,8 @@ static int seq_show(struct seq_file *m, void *v) if (!task) return -ENOENT; @@ -74438,7 +74725,7 @@ index 8e5ad83..1f07a8c 100644 put_task_struct(task); if (files) { -@@ -284,11 +285,21 @@ static struct dentry *proc_lookupfd(struct inode *dir, struct dentry *dentry, +@@ -291,11 +292,21 @@ static struct dentry *proc_lookupfd(struct inode *dir, struct dentry *dentry, */ int proc_fd_permission(struct inode *inode, int mask) { @@ -74463,7 +74750,7 @@ index 8e5ad83..1f07a8c 100644 } diff --git a/fs/proc/generic.c b/fs/proc/generic.c -index be65b20..2998ba8 100644 +index e5dee5c..dafe21b 100644 --- a/fs/proc/generic.c +++ b/fs/proc/generic.c @@ -22,6 +22,7 @@ @@ -74533,7 +74820,7 @@ index be65b20..2998ba8 100644 static int proc_register(struct proc_dir_entry * dir, struct proc_dir_entry * dp) { int ret; -@@ -441,6 +473,31 @@ struct proc_dir_entry *proc_mkdir_data(const char *name, umode_t mode, +@@ -445,6 +477,31 @@ struct proc_dir_entry *proc_mkdir_data(const char *name, umode_t mode, } EXPORT_SYMBOL_GPL(proc_mkdir_data); @@ -74565,7 +74852,7 @@ index be65b20..2998ba8 100644 struct proc_dir_entry *proc_mkdir_mode(const char *name, umode_t mode, struct proc_dir_entry *parent) { -@@ -455,6 +512,13 @@ struct proc_dir_entry *proc_mkdir(const char *name, +@@ -459,6 +516,13 @@ struct proc_dir_entry *proc_mkdir(const char *name, } EXPORT_SYMBOL(proc_mkdir); @@ -74576,11 +74863,11 @@ index be65b20..2998ba8 100644 +} +EXPORT_SYMBOL(proc_mkdir_restrict); + - struct proc_dir_entry *proc_create_data(const char *name, umode_t mode, - struct proc_dir_entry *parent, - const struct file_operations *proc_fops, + struct proc_dir_entry *proc_create_mount_point(const char *name) + { + umode_t mode = S_IFDIR | S_IRUGO | S_IXUGO; diff --git a/fs/proc/inode.c b/fs/proc/inode.c -index 7697b66..8d8e541 100644 +index e3eb552..bcb0f25 100644 --- a/fs/proc/inode.c +++ b/fs/proc/inode.c @@ -24,11 +24,17 @@ @@ -74615,7 +74902,7 @@ index 7697b66..8d8e541 100644 } static struct kmem_cache * proc_inode_cachep; -@@ -426,7 +439,11 @@ struct inode *proc_get_inode(struct super_block *sb, struct proc_dir_entry *de) +@@ -430,7 +443,11 @@ struct inode *proc_get_inode(struct super_block *sb, struct proc_dir_entry *de) if (de->mode) { inode->i_mode = de->mode; inode->i_uid = de->uid; @@ -74628,7 +74915,7 @@ index 7697b66..8d8e541 100644 if (de->size) inode->i_size = de->size; diff --git a/fs/proc/internal.h b/fs/proc/internal.h -index c835b94..c9e01a3 100644 +index aa27810..9f2d3b2 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -47,9 +47,10 @@ struct proc_dir_entry { @@ -74787,7 +75074,7 @@ index d4a3574..b421ce9 100644 seq_putc(m, '\n'); diff --git a/fs/proc/proc_net.c b/fs/proc/proc_net.c -index 1bde894..22ac7eb 100644 +index 350984a..0fb02a9 100644 --- a/fs/proc/proc_net.c +++ b/fs/proc/proc_net.c @@ -23,9 +23,27 @@ @@ -74853,7 +75140,7 @@ index 1bde894..22ac7eb 100644 net = get_proc_net(inode); if (net == NULL) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c -index f92d5dd..26398ac 100644 +index fdda62e..cd7c75f 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -11,13 +11,21 @@ @@ -74878,9 +75165,29 @@ index f92d5dd..26398ac 100644 -static const struct inode_operations proc_sys_dir_operations; +const struct inode_operations proc_sys_dir_operations; - void proc_sys_poll_notify(struct ctl_table_poll *poll) + /* Support for permanently empty directories */ + +@@ -32,13 +40,17 @@ static bool is_empty_dir(struct ctl_table_header *head) + + static void set_empty_dir(struct ctl_dir *dir) { -@@ -467,6 +475,9 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry, +- dir->header.ctl_table[0].child = sysctl_mount_point; ++ pax_open_kernel(); ++ *(const void **)&dir->header.ctl_table[0].child = sysctl_mount_point; ++ pax_close_kernel(); + } + + static void clear_empty_dir(struct ctl_dir *dir) + + { +- dir->header.ctl_table[0].child = NULL; ++ pax_open_kernel(); ++ *(void **)&dir->header.ctl_table[0].child = NULL; ++ pax_close_kernel(); + } + + void proc_sys_poll_notify(struct ctl_table_poll *poll) +@@ -504,6 +516,9 @@ static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry, err = NULL; d_set_d_op(dentry, &proc_sys_dentry_operations); @@ -74890,7 +75197,7 @@ index f92d5dd..26398ac 100644 d_add(dentry, inode); out: -@@ -482,6 +493,7 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, +@@ -519,6 +534,7 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, struct inode *inode = file_inode(filp); struct ctl_table_header *head = grab_header(inode); struct ctl_table *table = PROC_I(inode)->sysctl_entry; @@ -74898,7 +75205,7 @@ index f92d5dd..26398ac 100644 ssize_t error; size_t res; -@@ -493,7 +505,7 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, +@@ -530,7 +546,7 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, * and won't be until we finish. */ error = -EPERM; @@ -74907,7 +75214,7 @@ index f92d5dd..26398ac 100644 goto out; /* if that can happen at all, it should be -EINVAL, not -EISDIR */ -@@ -501,6 +513,27 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, +@@ -538,6 +554,27 @@ static ssize_t proc_sys_call_handler(struct file *filp, void __user *buf, if (!table->proc_handler) goto out; @@ -74935,7 +75242,7 @@ index f92d5dd..26398ac 100644 /* careful: calling conventions are nasty here */ res = count; error = table->proc_handler(table, write, buf, &res, ppos); -@@ -598,6 +631,9 @@ static bool proc_sys_fill_cache(struct file *file, +@@ -635,6 +672,9 @@ static bool proc_sys_fill_cache(struct file *file, return false; } else { d_set_d_op(child, &proc_sys_dentry_operations); @@ -74945,7 +75252,7 @@ index f92d5dd..26398ac 100644 d_add(child, inode); } } else { -@@ -641,6 +677,9 @@ static int scan(struct ctl_table_header *head, struct ctl_table *table, +@@ -678,6 +718,9 @@ static int scan(struct ctl_table_header *head, struct ctl_table *table, if ((*pos)++ < ctx->pos) return true; @@ -74955,7 +75262,7 @@ index f92d5dd..26398ac 100644 if (unlikely(S_ISLNK(table->mode))) res = proc_sys_link_fill_cache(file, ctx, head, table); else -@@ -734,6 +773,9 @@ static int proc_sys_getattr(struct vfsmount *mnt, struct dentry *dentry, struct +@@ -771,6 +814,9 @@ static int proc_sys_getattr(struct vfsmount *mnt, struct dentry *dentry, struct if (IS_ERR(head)) return PTR_ERR(head); @@ -74965,7 +75272,7 @@ index f92d5dd..26398ac 100644 generic_fillattr(inode, stat); if (table) stat->mode = (stat->mode & S_IFMT) | table->mode; -@@ -756,13 +798,13 @@ static const struct file_operations proc_sys_dir_file_operations = { +@@ -793,13 +839,13 @@ static const struct file_operations proc_sys_dir_file_operations = { .llseek = generic_file_llseek, }; @@ -74981,7 +75288,7 @@ index f92d5dd..26398ac 100644 .lookup = proc_sys_lookup, .permission = proc_sys_permission, .setattr = proc_sys_setattr, -@@ -839,7 +881,7 @@ static struct ctl_dir *find_subdir(struct ctl_dir *dir, +@@ -876,7 +922,7 @@ static struct ctl_dir *find_subdir(struct ctl_dir *dir, static struct ctl_dir *new_dir(struct ctl_table_set *set, const char *name, int namelen) { @@ -74990,7 +75297,7 @@ index f92d5dd..26398ac 100644 struct ctl_dir *new; struct ctl_node *node; char *new_name; -@@ -851,7 +893,7 @@ static struct ctl_dir *new_dir(struct ctl_table_set *set, +@@ -888,7 +934,7 @@ static struct ctl_dir *new_dir(struct ctl_table_set *set, return NULL; node = (struct ctl_node *)(new + 1); @@ -74999,7 +75306,7 @@ index f92d5dd..26398ac 100644 new_name = (char *)(table + 2); memcpy(new_name, name, namelen); new_name[namelen] = '\0'; -@@ -1020,7 +1062,8 @@ static int sysctl_check_table(const char *path, struct ctl_table *table) +@@ -1057,7 +1103,8 @@ static int sysctl_check_table(const char *path, struct ctl_table *table) static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table *table, struct ctl_table_root *link_root) { @@ -75009,7 +75316,7 @@ index f92d5dd..26398ac 100644 struct ctl_table_header *links; struct ctl_node *node; char *link_name; -@@ -1043,7 +1086,7 @@ static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table +@@ -1080,7 +1127,7 @@ static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table return NULL; node = (struct ctl_node *)(links + 1); @@ -75018,7 +75325,7 @@ index f92d5dd..26398ac 100644 link_name = (char *)&link_table[nr_entries + 1]; for (link = link_table, entry = table; entry->procname; link++, entry++) { -@@ -1291,8 +1334,8 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, +@@ -1328,8 +1375,8 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, struct ctl_table_header ***subheader, struct ctl_table_set *set, struct ctl_table *table) { @@ -75029,7 +75336,7 @@ index f92d5dd..26398ac 100644 int nr_files = 0; int nr_dirs = 0; int err = -ENOMEM; -@@ -1304,10 +1347,9 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, +@@ -1341,10 +1388,9 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, nr_files++; } @@ -75041,7 +75348,7 @@ index f92d5dd..26398ac 100644 files = kzalloc(sizeof(struct ctl_table) * (nr_files + 1), GFP_KERNEL); if (!files) -@@ -1325,7 +1367,7 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, +@@ -1362,7 +1408,7 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, /* Register everything except a directory full of subdirectories */ if (nr_files || !nr_dirs) { struct ctl_table_header *header; @@ -75051,11 +75358,11 @@ index f92d5dd..26398ac 100644 kfree(ctl_table_arg); goto out; diff --git a/fs/proc/root.c b/fs/proc/root.c -index e74ac9f..35e89f4 100644 +index 68feb0f..2c04780 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c -@@ -188,7 +188,15 @@ void __init proc_root_init(void) - proc_mkdir("openprom", NULL); +@@ -185,7 +185,15 @@ void __init proc_root_init(void) + proc_create_mount_point("openprom"); #endif proc_tty_init(); +#ifdef CONFIG_GRKERNSEC_PROC_ADD @@ -75492,10 +75799,10 @@ index bb2869f..d34ada8 100644 if (!msg_head) { printk(KERN_ERR diff --git a/fs/read_write.c b/fs/read_write.c -index 8e1b687..bad2eec 100644 +index 819ef3f..f07222d 100644 --- a/fs/read_write.c +++ b/fs/read_write.c -@@ -553,7 +553,7 @@ ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t +@@ -505,7 +505,7 @@ ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t old_fs = get_fs(); set_fs(get_ds()); @@ -75503,7 +75810,7 @@ index 8e1b687..bad2eec 100644 + p = (const char __force_user *)buf; if (count > MAX_RW_COUNT) count = MAX_RW_COUNT; - if (file->f_op->write) + ret = __vfs_write(file, p, count, pos); diff --git a/fs/readdir.c b/fs/readdir.c index ced6791..936687b 100644 --- a/fs/readdir.c @@ -75658,7 +75965,7 @@ index 621b9f3..af527fd 100644 SF(s_do_balance), SF(s_unneeded_left_neighbor), SF(s_good_search_by_key_reada), SF(s_bmaps), diff --git a/fs/reiserfs/reiserfs.h b/fs/reiserfs/reiserfs.h -index bb79cdd..fcf49ef 100644 +index 2adcde1..7d27bc8 100644 --- a/fs/reiserfs/reiserfs.h +++ b/fs/reiserfs/reiserfs.h @@ -580,7 +580,7 @@ struct reiserfs_sb_info { @@ -75670,7 +75977,7 @@ index bb79cdd..fcf49ef 100644 /* File system properties. Currently holds on-disk FS format */ unsigned long s_properties; -@@ -2301,7 +2301,7 @@ static inline loff_t max_reiserfs_offset(struct inode *inode) +@@ -2300,7 +2300,7 @@ static inline loff_t max_reiserfs_offset(struct inode *inode) #define REISERFS_USER_MEM 1 /* user memory mode */ #define fs_generation(s) (REISERFS_SB(s)->s_generation_counter) @@ -75680,7 +75987,7 @@ index bb79cdd..fcf49ef 100644 #define __fs_changed(gen,s) (gen != get_generation (s)) #define fs_changed(gen,s) \ diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c -index 71fbbe3..eff29ba 100644 +index 0111ad0..00f4749 100644 --- a/fs/reiserfs/super.c +++ b/fs/reiserfs/super.c @@ -1868,6 +1868,10 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) @@ -75809,10 +76116,10 @@ index 555f821..34684d7 100644 { const struct seq_operations *op = ((struct seq_file *)file->private_data)->op; diff --git a/fs/splice.c b/fs/splice.c -index 7968da9..4ce985b 100644 +index bfe62ae..a84920d 100644 --- a/fs/splice.c +++ b/fs/splice.c -@@ -193,7 +193,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -192,7 +192,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, pipe_lock(pipe); for (;;) { @@ -75821,7 +76128,7 @@ index 7968da9..4ce985b 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -216,7 +216,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -215,7 +215,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, page_nr++; ret += buf->len; @@ -75830,7 +76137,7 @@ index 7968da9..4ce985b 100644 do_wakeup = 1; if (!--spd->nr_pages) -@@ -247,9 +247,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -246,9 +246,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, do_wakeup = 0; } @@ -75842,7 +76149,7 @@ index 7968da9..4ce985b 100644 } pipe_unlock(pipe); -@@ -576,7 +576,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, +@@ -578,7 +578,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -75851,7 +76158,7 @@ index 7968da9..4ce985b 100644 set_fs(old_fs); return res; -@@ -591,7 +591,7 @@ ssize_t kernel_write(struct file *file, const char *buf, size_t count, +@@ -593,7 +593,7 @@ ssize_t kernel_write(struct file *file, const char *buf, size_t count, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -75860,7 +76167,7 @@ index 7968da9..4ce985b 100644 set_fs(old_fs); return res; -@@ -644,7 +644,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, +@@ -646,7 +646,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, goto err; this_len = min_t(size_t, len, PAGE_CACHE_SIZE - offset); @@ -75869,7 +76176,7 @@ index 7968da9..4ce985b 100644 vec[i].iov_len = this_len; spd.pages[i] = page; spd.nr_pages++; -@@ -783,7 +783,7 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des +@@ -785,7 +785,7 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des ops->release(pipe, buf); pipe->curbuf = (pipe->curbuf + 1) & (pipe->buffers - 1); pipe->nrbufs--; @@ -75878,7 +76185,7 @@ index 7968da9..4ce985b 100644 sd->need_wakeup = true; } -@@ -807,10 +807,10 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des +@@ -809,10 +809,10 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des static int splice_from_pipe_next(struct pipe_inode_info *pipe, struct splice_desc *sd) { while (!pipe->nrbufs) { @@ -75891,7 +76198,7 @@ index 7968da9..4ce985b 100644 return 0; if (sd->flags & SPLICE_F_NONBLOCK) -@@ -1025,7 +1025,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out, +@@ -1027,7 +1027,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out, ops->release(pipe, buf); pipe->curbuf = (pipe->curbuf + 1) & (pipe->buffers - 1); pipe->nrbufs--; @@ -75900,16 +76207,7 @@ index 7968da9..4ce985b 100644 sd.need_wakeup = true; } else { buf->offset += ret; -@@ -1159,7 +1159,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, - long ret, bytes; - umode_t i_mode; - size_t len; -- int i, flags; -+ int i, flags, more; - - /* - * We require the input being a regular file, as we don't want to -@@ -1185,7 +1185,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, +@@ -1187,7 +1187,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, * out of the pipe right after the splice_to_pipe(). So set * PIPE_READERS appropriately. */ @@ -75918,31 +76216,7 @@ index 7968da9..4ce985b 100644 current->splice_pipe = pipe; } -@@ -1202,6 +1202,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, - * Don't block on output, we have to drain the direct pipe. - */ - sd->flags &= ~SPLICE_F_NONBLOCK; -+ more = sd->flags & SPLICE_F_MORE; - - while (len) { - size_t read_len; -@@ -1215,6 +1216,15 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, - sd->total_len = read_len; - - /* -+ * If more data is pending, set SPLICE_F_MORE -+ * If this is the last data and SPLICE_F_MORE was not set -+ * initially, clears it. -+ */ -+ if (read_len < len) -+ sd->flags |= SPLICE_F_MORE; -+ else if (!more) -+ sd->flags &= ~SPLICE_F_MORE; -+ /* - * NOTE: nonblocking mode only applies to the input. We - * must not do the output in nonblocking mode as then we - * could get stuck data in the internal pipe: -@@ -1482,6 +1492,7 @@ static int get_iovec_page_array(const struct iovec __user *iov, +@@ -1494,6 +1494,7 @@ static int get_iovec_page_array(const struct iovec __user *iov, partial[buffers].offset = off; partial[buffers].len = plen; @@ -75950,7 +76224,7 @@ index 7968da9..4ce985b 100644 off = 0; len -= plen; -@@ -1718,9 +1729,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1725,9 +1726,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) ret = -ERESTARTSYS; break; } @@ -75962,7 +76236,7 @@ index 7968da9..4ce985b 100644 if (flags & SPLICE_F_NONBLOCK) { ret = -EAGAIN; break; -@@ -1752,7 +1763,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1759,7 +1760,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) pipe_lock(pipe); while (pipe->nrbufs >= pipe->buffers) { @@ -75971,7 +76245,7 @@ index 7968da9..4ce985b 100644 send_sig(SIGPIPE, current, 0); ret = -EPIPE; break; -@@ -1765,9 +1776,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1772,9 +1773,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) ret = -ERESTARTSYS; break; } @@ -75983,7 +76257,7 @@ index 7968da9..4ce985b 100644 } pipe_unlock(pipe); -@@ -1803,14 +1814,14 @@ retry: +@@ -1810,14 +1811,14 @@ retry: pipe_double_lock(ipipe, opipe); do { @@ -76000,7 +76274,7 @@ index 7968da9..4ce985b 100644 break; /* -@@ -1907,7 +1918,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, +@@ -1914,7 +1915,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, pipe_double_lock(ipipe, opipe); do { @@ -76009,7 +76283,7 @@ index 7968da9..4ce985b 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -1952,7 +1963,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, +@@ -1959,7 +1960,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, * return EAGAIN if we have the potential of some data in the * future, otherwise just return 0 */ @@ -76019,7 +76293,7 @@ index 7968da9..4ce985b 100644 pipe_unlock(ipipe); diff --git a/fs/squashfs/xattr.c b/fs/squashfs/xattr.c -index 92fcde7..1687329 100644 +index e5e0ddf..09598c4 100644 --- a/fs/squashfs/xattr.c +++ b/fs/squashfs/xattr.c @@ -46,8 +46,8 @@ ssize_t squashfs_listxattr(struct dentry *d, char *buffer, @@ -76066,7 +76340,7 @@ index 92fcde7..1687329 100644 failed: return err; diff --git a/fs/stat.c b/fs/stat.c -index ae0c3ce..9ee641c 100644 +index cccc1aa..7fe8951 100644 --- a/fs/stat.c +++ b/fs/stat.c @@ -28,8 +28,13 @@ void generic_fillattr(struct inode *inode, struct kstat *stat) @@ -76088,7 +76362,7 @@ index ae0c3ce..9ee641c 100644 @@ -52,9 +57,16 @@ EXPORT_SYMBOL(generic_fillattr); int vfs_getattr_nosec(struct path *path, struct kstat *stat) { - struct inode *inode = path->dentry->d_inode; + struct inode *inode = d_backing_inode(path->dentry); + int retval; - if (inode->i_op->getattr) @@ -76105,7 +76379,7 @@ index ae0c3ce..9ee641c 100644 generic_fillattr(inode, stat); return 0; diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c -index 0b45ff4..edf9d3a 100644 +index 94374e4..b5da3a1 100644 --- a/fs/sysfs/dir.c +++ b/fs/sysfs/dir.c @@ -33,6 +33,10 @@ void sysfs_warn_dup(struct kernfs_node *parent, const char *name) @@ -76177,8 +76451,34 @@ index 69d4889..a810bd4 100644 { if (sbi->s_bytesex == BYTESEX_PDP) return PDP_swab((__force __u32)n); +diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c +index a43df11..c368e71 100644 +--- a/fs/tracefs/inode.c ++++ b/fs/tracefs/inode.c +@@ -53,7 +53,7 @@ static const struct file_operations tracefs_file_operations = { + static struct tracefs_dir_ops { + int (*mkdir)(const char *name); + int (*rmdir)(const char *name); +-} tracefs_ops; ++} __no_const tracefs_ops __read_only; + + static char *get_dname(struct dentry *dentry) + { +@@ -490,8 +490,10 @@ struct dentry *tracefs_create_instance_dir(const char *name, struct dentry *pare + if (!dentry) + return NULL; + +- tracefs_ops.mkdir = mkdir; +- tracefs_ops.rmdir = rmdir; ++ pax_open_kernel(); ++ *(void **)&tracefs_ops.mkdir = mkdir; ++ *(void **)&tracefs_ops.rmdir = rmdir; ++ pax_close_kernel(); + + return dentry; + } diff --git a/fs/ubifs/io.c b/fs/ubifs/io.c -index fb08b0c..65fcc7e 100644 +index 97be412..974b37f 100644 --- a/fs/ubifs/io.c +++ b/fs/ubifs/io.c @@ -155,7 +155,7 @@ int ubifs_leb_change(struct ubifs_info *c, int lnum, const void *buf, int len) @@ -76191,10 +76491,10 @@ index fb08b0c..65fcc7e 100644 int err; diff --git a/fs/udf/misc.c b/fs/udf/misc.c -index c175b4d..8f36a16 100644 +index 71d1c25..084e2ad 100644 --- a/fs/udf/misc.c +++ b/fs/udf/misc.c -@@ -289,7 +289,7 @@ void udf_new_tag(char *data, uint16_t ident, uint16_t version, uint16_t snum, +@@ -288,7 +288,7 @@ void udf_new_tag(char *data, uint16_t ident, uint16_t version, uint16_t snum, u8 udf_tag_checksum(const struct tag *t) { @@ -76372,10 +76672,10 @@ index 4ef6985..a6cd6567 100644 } fdput(f); diff --git a/fs/xfs/libxfs/xfs_bmap.c b/fs/xfs/libxfs/xfs_bmap.c -index 61ec015..7c18807 100644 +index f1026e8..a0fbe4f 100644 --- a/fs/xfs/libxfs/xfs_bmap.c +++ b/fs/xfs/libxfs/xfs_bmap.c -@@ -580,7 +580,7 @@ xfs_bmap_validate_ret( +@@ -554,7 +554,7 @@ xfs_bmap_validate_ret( #else #define xfs_bmap_check_leaf_extents(cur, ip, whichfork) do { } while (0) @@ -76403,7 +76703,7 @@ index 098cd78..724d3f8 100644 return 0; sfep = dp->d_ops->sf_nextentry(sfp, sfep); diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c -index ac4feae..386d551 100644 +index 87f67c6..7e335bf 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -120,7 +120,7 @@ xfs_find_handle( @@ -76416,10 +76716,10 @@ index ac4feae..386d551 100644 goto out_put; diff --git a/fs/xfs/xfs_linux.h b/fs/xfs/xfs_linux.h -index c31d2c2..6ec8f62 100644 +index 7c7842c..ce15222 100644 --- a/fs/xfs/xfs_linux.h +++ b/fs/xfs/xfs_linux.h -@@ -234,7 +234,7 @@ static inline kgid_t xfs_gid_to_kgid(__uint32_t gid) +@@ -225,7 +225,7 @@ static inline kgid_t xfs_gid_to_kgid(__uint32_t gid) * of the compiler which do not like us using do_div in the middle * of large functions. */ @@ -76428,7 +76728,7 @@ index c31d2c2..6ec8f62 100644 { __u32 mod; -@@ -290,7 +290,7 @@ static inline __u32 xfs_do_mod(void *a, __u32 b, int n) +@@ -281,7 +281,7 @@ static inline __u32 xfs_do_mod(void *a, __u32 b, int n) return 0; } #else @@ -77687,10 +77987,10 @@ index 0000000..30ababb +endif diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c new file mode 100644 -index 0000000..811af1f +index 0000000..7ad630a --- /dev/null +++ b/grsecurity/gracl.c -@@ -0,0 +1,2749 @@ +@@ -0,0 +1,2757 @@ +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/sched.h> @@ -77790,22 +78090,26 @@ index 0000000..811af1f + +static inline dev_t __get_dev(const struct dentry *dentry) +{ ++ struct dentry *ldentry = d_backing_dentry((struct dentry *)dentry); ++ +#if defined(CONFIG_BTRFS_FS) || defined(CONFIG_BTRFS_FS_MODULE) -+ if (dentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) -+ return BTRFS_I(dentry->d_inode)->root->anon_dev; ++ if (ldentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) ++ return BTRFS_I(d_inode(ldentry))->root->anon_dev; + else +#endif -+ return dentry->d_sb->s_dev; ++ return d_inode(ldentry)->i_sb->s_dev; +} + +static inline u64 __get_ino(const struct dentry *dentry) +{ ++ struct dentry *ldentry = d_backing_dentry((struct dentry *)dentry); ++ +#if defined(CONFIG_BTRFS_FS) || defined(CONFIG_BTRFS_FS_MODULE) -+ if (dentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) -+ return btrfs_ino(dentry->d_inode); ++ if (ldentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) ++ return btrfs_ino(d_inode(dentry)); + else +#endif -+ return dentry->d_inode->i_ino; ++ return d_inode(ldentry)->i_ino; +} + +dev_t gr_get_dev_from_dentry(struct dentry *dentry) @@ -78592,6 +78896,7 @@ index 0000000..811af1f +{ + struct dentry *dentry = (struct dentry *) l_dentry; + struct vfsmount *mnt = (struct vfsmount *) l_mnt; ++ struct inode * inode = d_backing_inode(dentry); + struct mount *real_mnt = real_mount(mnt); + struct acl_object_label *retval; + struct dentry *parent; @@ -78599,15 +78904,15 @@ index 0000000..811af1f + read_seqlock_excl(&mount_lock); + write_seqlock(&rename_lock); + -+ if (unlikely((mnt == shm_mnt && dentry->d_inode->i_nlink == 0) || mnt == pipe_mnt || ++ if (unlikely((mnt == shm_mnt && inode->i_nlink == 0) || mnt == pipe_mnt || +#ifdef CONFIG_NET + mnt == sock_mnt || +#endif +#ifdef CONFIG_HUGETLBFS -+ (is_hugetlbfs_mnt(mnt) && dentry->d_inode->i_nlink == 0) || ++ (is_hugetlbfs_mnt(mnt) && inode->i_nlink == 0) || +#endif + /* ignore Eric Biederman */ -+ IS_PRIVATE(l_dentry->d_inode))) { ++ IS_PRIVATE(inode))) { + retval = (subj->mode & GR_SHMEXEC) ? fakefs_obj_rwx : fakefs_obj_rw; + goto out; + } @@ -79837,7 +80142,8 @@ index 0000000..811af1f + struct name_entry *matchn; + struct name_entry *matchn2 = NULL; + struct inodev_entry *inodev; -+ struct inode *inode = new_dentry->d_inode; ++ struct inode *inode = d_backing_inode(new_dentry); ++ struct inode *old_inode = d_backing_inode(old_dentry); + u64 old_ino = __get_ino(old_dentry); + dev_t old_dev = __get_dev(old_dentry); + unsigned int exchange = flags & RENAME_EXCHANGE; @@ -79884,12 +80190,12 @@ index 0000000..811af1f + dev_t new_dev = __get_dev(new_dentry); + + inodev = lookup_inodev_entry(new_ino, new_dev); -+ if (inodev != NULL && ((inode->i_nlink <= 1) || S_ISDIR(inode->i_mode))) ++ if (inodev != NULL && ((inode->i_nlink <= 1) || d_is_dir(new_dentry))) + do_handle_delete(inodev, new_ino, new_dev); + } + + inodev = lookup_inodev_entry(old_ino, old_dev); -+ if (inodev != NULL && ((old_dentry->d_inode->i_nlink <= 1) || S_ISDIR(old_dentry->d_inode->i_mode))) ++ if (inodev != NULL && ((old_inode->i_nlink <= 1) || d_is_dir(old_dentry))) + do_handle_delete(inodev, old_ino, old_dev); + + if (unlikely(matchn != NULL)) @@ -80163,14 +80469,16 @@ index 0000000..811af1f +{ + struct task_struct *task = current; + struct acl_object_label *obj, *obj2; ++ struct dentry *dentry = filp->f_path.dentry; ++ struct vfsmount *mnt = filp->f_path.mnt; ++ struct inode *inode = d_backing_inode(dentry); + + if (gr_status & GR_READY && !(task->acl->mode & GR_OVERRIDE) && -+ !task->is_writable && S_ISREG(filp->f_path.dentry->d_inode->i_mode) && (filp->f_path.mnt != shm_mnt || (filp->f_path.dentry->d_inode->i_nlink > 0))) { -+ obj = chk_obj_label(filp->f_path.dentry, filp->f_path.mnt, running_polstate.default_role->root_label); -+ obj2 = chk_obj_label(filp->f_path.dentry, filp->f_path.mnt, -+ task->role->root_label); ++ !task->is_writable && d_is_reg(dentry) && (mnt != shm_mnt || (inode->i_nlink > 0))) { ++ obj = chk_obj_label(dentry, mnt, running_polstate.default_role->root_label); ++ obj2 = chk_obj_label(dentry, mnt, task->role->root_label); + if (unlikely((obj->mode & GR_WRITE) || (obj2->mode & GR_WRITE))) { -+ gr_log_fs_generic(GR_DONT_AUDIT, GR_WRITLIB_ACL_MSG, filp->f_path.dentry, filp->f_path.mnt); ++ gr_log_fs_generic(GR_DONT_AUDIT, GR_WRITLIB_ACL_MSG, dentry, mnt); + return 1; + } + } @@ -80360,7 +80668,7 @@ index 0000000..811af1f + return 1; + + /* ignore Eric Biederman */ -+ if (IS_PRIVATE(dentry->d_inode)) ++ if (IS_PRIVATE(d_backing_inode(dentry))) + return 1; + + subj = task->acl; @@ -80961,10 +81269,10 @@ index 0000000..a43dd06 + diff --git a/grsecurity/gracl_fs.c b/grsecurity/gracl_fs.c new file mode 100644 -index 0000000..8ee8e4f +index 0000000..fce7f71 --- /dev/null +++ b/grsecurity/gracl_fs.c -@@ -0,0 +1,447 @@ +@@ -0,0 +1,448 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/types.h> @@ -81022,7 +81330,7 @@ index 0000000..8ee8e4f + reqmode |= GR_APPEND; + else if (acc_mode & MAY_WRITE) + reqmode |= GR_WRITE; -+ if ((acc_mode & MAY_READ) && !S_ISDIR(dentry->d_inode->i_mode)) ++ if ((acc_mode & MAY_READ) && !d_is_dir(dentry)) + reqmode |= GR_READ; + + mode = @@ -81063,7 +81371,7 @@ index 0000000..8ee8e4f + // if a directory was required or the directory already exists, then + // don't count this open as a read + if ((acc_mode & MAY_READ) && -+ !((open_flags & O_DIRECTORY) || (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)))) ++ !((open_flags & O_DIRECTORY) || d_is_dir(dentry))) + reqmode |= GR_READ; + if ((open_flags & O_CREAT) && + ((imode & S_ISUID) || ((imode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)))) @@ -81099,7 +81407,7 @@ index 0000000..8ee8e4f +{ + __u32 mode, reqmode = GR_FIND; + -+ if ((fmode & S_IXOTH) && !S_ISDIR(dentry->d_inode->i_mode)) ++ if ((fmode & S_IXOTH) && !d_is_dir(dentry)) + reqmode |= GR_EXEC; + if (fmode & S_IWOTH) + reqmode |= GR_WRITE; @@ -81177,14 +81485,15 @@ index 0000000..8ee8e4f + umode_t *modeptr) +{ + umode_t mode; ++ struct inode *inode = d_backing_inode(dentry); + + *modeptr &= ~gr_acl_umask(); + mode = *modeptr; + -+ if (unlikely(dentry->d_inode && S_ISSOCK(dentry->d_inode->i_mode))) ++ if (unlikely(inode && S_ISSOCK(inode->i_mode))) + return 1; + -+ if (unlikely(dentry->d_inode && !S_ISDIR(dentry->d_inode->i_mode) && ++ if (unlikely(!d_is_dir(dentry) && + ((mode & S_ISUID) || ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP))))) { + return generic_fs_handler(dentry, mnt, GR_WRITE | GR_SETID, + GR_CHMOD_ACL_MSG); @@ -82019,10 +82328,10 @@ index 0000000..25f54ef +}; diff --git a/grsecurity/gracl_policy.c b/grsecurity/gracl_policy.c new file mode 100644 -index 0000000..fd26052 +index 0000000..0773423 --- /dev/null +++ b/grsecurity/gracl_policy.c -@@ -0,0 +1,1781 @@ +@@ -0,0 +1,1786 @@ +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/sched.h> @@ -82478,7 +82787,7 @@ index 0000000..fd26052 + get_fs_root(reaper->fs, &gr_real_root); + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", __get_dev(gr_real_root.dentry), gr_real_root.dentry->d_inode->i_ino); ++ printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", gr_get_dev_from_dentry(gr_real_root.dentry), gr_get_ino_from_dentry(gr_real_root.dentry)); +#endif + + fakefs_obj_rw = kzalloc(sizeof(struct acl_object_label), GFP_KERNEL); @@ -83417,6 +83726,7 @@ index 0000000..fd26052 + struct files_struct *files; + struct fdtable *fdt; + struct file *our_file = NULL, *file; ++ struct inode *our_inode = NULL; + int i; + + if (task->signal->tty == NULL) @@ -83440,6 +83750,8 @@ index 0000000..fd26052 + if (our_file == NULL) + return 1; + ++ our_inode = d_backing_inode(our_file->f_path.dentry); ++ + read_lock(&tasklist_lock); + do_each_thread(p2, p) { + files = get_files_struct(p); @@ -83452,9 +83764,11 @@ index 0000000..fd26052 + rcu_read_lock(); + fdt = files_fdtable(files); + for (i=0; i < fdt->max_fds; i++) { ++ struct inode *inode = NULL; + file = fcheck_files(files, i); -+ if (file && S_ISCHR(file->f_path.dentry->d_inode->i_mode) && -+ file->f_path.dentry->d_inode->i_rdev == our_file->f_path.dentry->d_inode->i_rdev) { ++ if (file) ++ inode = d_backing_inode(file->f_path.dentry); ++ if (inode && S_ISCHR(inode->i_mode) && inode->i_rdev == our_inode->i_rdev) { + p3 = task; + while (task_pid_nr(p3) > 0) { + if (p3 == p) @@ -83880,10 +84194,10 @@ index 0000000..39645c9 +} diff --git a/grsecurity/gracl_segv.c b/grsecurity/gracl_segv.c new file mode 100644 -index 0000000..35d9e65 +index 0000000..21646aa --- /dev/null +++ b/grsecurity/gracl_segv.c -@@ -0,0 +1,324 @@ +@@ -0,0 +1,304 @@ +#include <linux/kernel.h> +#include <linux/mm.h> +#include <asm/uaccess.h> @@ -83917,26 +84231,6 @@ index 0000000..35d9e65 + lookup_acl_subj_label(const u64 inode, const dev_t dev, + struct acl_role_label *role); + -+static inline dev_t __get_dev(const struct dentry *dentry) -+{ -+#if defined(CONFIG_BTRFS_FS) || defined(CONFIG_BTRFS_FS_MODULE) -+ if (dentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) -+ return BTRFS_I(dentry->d_inode)->root->anon_dev; -+ else -+#endif -+ return dentry->d_sb->s_dev; -+} -+ -+static inline u64 __get_ino(const struct dentry *dentry) -+{ -+#if defined(CONFIG_BTRFS_FS) || defined(CONFIG_BTRFS_FS_MODULE) -+ if (dentry->d_sb->s_magic == BTRFS_SUPER_MAGIC) -+ return btrfs_ino(dentry->d_inode); -+ else -+#endif -+ return dentry->d_inode->i_ino; -+} -+ +int +gr_init_uidset(void) +{ @@ -84164,7 +84458,7 @@ index 0000000..35d9e65 + + read_lock(&gr_inode_lock); + dentry = filp->f_path.dentry; -+ curr = lookup_acl_subj_label(__get_ino(dentry), __get_dev(dentry), ++ curr = lookup_acl_subj_label(gr_get_ino_from_dentry(dentry), gr_get_dev_from_dentry(dentry), + current->role); + read_unlock(&gr_inode_lock); + @@ -84281,7 +84575,7 @@ index 0000000..bc0be01 +} diff --git a/grsecurity/grsec_chroot.c b/grsecurity/grsec_chroot.c new file mode 100644 -index 0000000..114ea4f +index 0000000..652ab45 --- /dev/null +++ b/grsecurity/grsec_chroot.c @@ -0,0 +1,467 @@ @@ -84743,7 +85037,7 @@ index 0000000..114ea4f +{ +#ifdef CONFIG_GRKERNSEC_CHROOT_CHMOD + /* allow chmod +s on directories, but not files */ -+ if (grsec_enable_chroot_chmod && !S_ISDIR(dentry->d_inode->i_mode) && ++ if (grsec_enable_chroot_chmod && !d_is_dir(dentry) && + ((mode & S_ISUID) || ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP))) && + proc_is_chrooted(current)) { + gr_log_fs_generic(GR_DONT_AUDIT, GR_CHMOD_CHROOT_MSG, dentry, mnt); @@ -84754,7 +85048,7 @@ index 0000000..114ea4f +} diff --git a/grsecurity/grsec_disabled.c b/grsecurity/grsec_disabled.c new file mode 100644 -index 0000000..946f750 +index 0000000..e723c08 --- /dev/null +++ b/grsecurity/grsec_disabled.c @@ -0,0 +1,445 @@ @@ -85186,12 +85480,12 @@ index 0000000..946f750 + +dev_t gr_get_dev_from_dentry(struct dentry *dentry) +{ -+ return dentry->d_sb->s_dev; ++ return d_backing_inode(dentry)->i_sb->s_dev; +} + +u64 gr_get_ino_from_dentry(struct dentry *dentry) +{ -+ return dentry->d_inode->i_ino; ++ return d_backing_inode(dentry)->i_ino; +} + +void gr_put_exec_file(struct task_struct *task) @@ -85400,10 +85694,10 @@ index 0000000..fb7531e +EXPORT_SYMBOL_GPL(gr_task_is_capable_nolog); diff --git a/grsecurity/grsec_fifo.c b/grsecurity/grsec_fifo.c new file mode 100644 -index 0000000..06cc6ea +index 0000000..cdec49b --- /dev/null +++ b/grsecurity/grsec_fifo.c -@@ -0,0 +1,24 @@ +@@ -0,0 +1,26 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/fs.h> @@ -85416,13 +85710,15 @@ index 0000000..06cc6ea +{ +#ifdef CONFIG_GRKERNSEC_FIFO + const struct cred *cred = current_cred(); -+ -+ if (grsec_enable_fifo && S_ISFIFO(dentry->d_inode->i_mode) && -+ !(flag & O_EXCL) && (dir->d_inode->i_mode & S_ISVTX) && -+ !uid_eq(dentry->d_inode->i_uid, dir->d_inode->i_uid) && -+ !uid_eq(cred->fsuid, dentry->d_inode->i_uid)) { -+ if (!inode_permission(dentry->d_inode, acc_mode)) -+ gr_log_fs_int2(GR_DONT_AUDIT, GR_FIFO_MSG, dentry, mnt, GR_GLOBAL_UID(dentry->d_inode->i_uid), GR_GLOBAL_GID(dentry->d_inode->i_gid)); ++ struct inode *inode = d_backing_inode(dentry); ++ struct inode *dir_inode = d_backing_inode(dir); ++ ++ if (grsec_enable_fifo && S_ISFIFO(inode->i_mode) && ++ !(flag & O_EXCL) && (dir_inode->i_mode & S_ISVTX) && ++ !uid_eq(inode->i_uid, dir_inode->i_uid) && ++ !uid_eq(cred->fsuid, inode->i_uid)) { ++ if (!inode_permission(inode, acc_mode)) ++ gr_log_fs_int2(GR_DONT_AUDIT, GR_FIFO_MSG, dentry, mnt, GR_GLOBAL_UID(inode->i_uid), GR_GLOBAL_GID(inode->i_gid)); + return -EACCES; + } +#endif @@ -85459,7 +85755,7 @@ index 0000000..8ca18bf +} diff --git a/grsecurity/grsec_init.c b/grsecurity/grsec_init.c new file mode 100644 -index 0000000..4ed9e7d +index 0000000..a364c58 --- /dev/null +++ b/grsecurity/grsec_init.c @@ -0,0 +1,290 @@ @@ -85472,61 +85768,61 @@ index 0000000..4ed9e7d +#include <linux/percpu.h> +#include <linux/module.h> + -+int grsec_enable_ptrace_readexec; -+int grsec_enable_setxid; -+int grsec_enable_symlinkown; -+kgid_t grsec_symlinkown_gid; -+int grsec_enable_brute; -+int grsec_enable_link; -+int grsec_enable_dmesg; -+int grsec_enable_harden_ptrace; -+int grsec_enable_harden_ipc; -+int grsec_enable_fifo; -+int grsec_enable_execlog; -+int grsec_enable_signal; -+int grsec_enable_forkfail; -+int grsec_enable_audit_ptrace; -+int grsec_enable_time; -+int grsec_enable_group; -+kgid_t grsec_audit_gid; -+int grsec_enable_chdir; -+int grsec_enable_mount; -+int grsec_enable_rofs; -+int grsec_deny_new_usb; -+int grsec_enable_chroot_findtask; -+int grsec_enable_chroot_mount; -+int grsec_enable_chroot_shmat; -+int grsec_enable_chroot_fchdir; -+int grsec_enable_chroot_double; -+int grsec_enable_chroot_pivot; -+int grsec_enable_chroot_chdir; -+int grsec_enable_chroot_chmod; -+int grsec_enable_chroot_mknod; -+int grsec_enable_chroot_nice; -+int grsec_enable_chroot_execlog; -+int grsec_enable_chroot_caps; -+int grsec_enable_chroot_rename; -+int grsec_enable_chroot_sysctl; -+int grsec_enable_chroot_unix; -+int grsec_enable_tpe; -+kgid_t grsec_tpe_gid; -+int grsec_enable_blackhole; ++int grsec_enable_ptrace_readexec __read_only; ++int grsec_enable_setxid __read_only; ++int grsec_enable_symlinkown __read_only; ++kgid_t grsec_symlinkown_gid __read_only; ++int grsec_enable_brute __read_only; ++int grsec_enable_link __read_only; ++int grsec_enable_dmesg __read_only; ++int grsec_enable_harden_ptrace __read_only; ++int grsec_enable_harden_ipc __read_only; ++int grsec_enable_fifo __read_only; ++int grsec_enable_execlog __read_only; ++int grsec_enable_signal __read_only; ++int grsec_enable_forkfail __read_only; ++int grsec_enable_audit_ptrace __read_only; ++int grsec_enable_time __read_only; ++int grsec_enable_group __read_only; ++kgid_t grsec_audit_gid __read_only; ++int grsec_enable_chdir __read_only; ++int grsec_enable_mount __read_only; ++int grsec_enable_rofs __read_only; ++int grsec_deny_new_usb __read_only; ++int grsec_enable_chroot_findtask __read_only; ++int grsec_enable_chroot_mount __read_only; ++int grsec_enable_chroot_shmat __read_only; ++int grsec_enable_chroot_fchdir __read_only; ++int grsec_enable_chroot_double __read_only; ++int grsec_enable_chroot_pivot __read_only; ++int grsec_enable_chroot_chdir __read_only; ++int grsec_enable_chroot_chmod __read_only; ++int grsec_enable_chroot_mknod __read_only; ++int grsec_enable_chroot_nice __read_only; ++int grsec_enable_chroot_execlog __read_only; ++int grsec_enable_chroot_caps __read_only; ++int grsec_enable_chroot_rename __read_only; ++int grsec_enable_chroot_sysctl __read_only; ++int grsec_enable_chroot_unix __read_only; ++int grsec_enable_tpe __read_only; ++kgid_t grsec_tpe_gid __read_only; ++int grsec_enable_blackhole __read_only; +#ifdef CONFIG_IPV6_MODULE +EXPORT_SYMBOL_GPL(grsec_enable_blackhole); +#endif -+int grsec_lastack_retries; -+int grsec_enable_tpe_all; -+int grsec_enable_tpe_invert; -+int grsec_enable_socket_all; -+kgid_t grsec_socket_all_gid; -+int grsec_enable_socket_client; -+kgid_t grsec_socket_client_gid; -+int grsec_enable_socket_server; -+kgid_t grsec_socket_server_gid; -+int grsec_resource_logging; -+int grsec_disable_privio; -+int grsec_enable_log_rwxmaps; -+int grsec_lock; ++int grsec_lastack_retries __read_only; ++int grsec_enable_tpe_all __read_only; ++int grsec_enable_tpe_invert __read_only; ++int grsec_enable_socket_all __read_only; ++kgid_t grsec_socket_all_gid __read_only; ++int grsec_enable_socket_client __read_only; ++kgid_t grsec_socket_client_gid __read_only; ++int grsec_enable_socket_server __read_only; ++kgid_t grsec_socket_server_gid __read_only; ++int grsec_resource_logging __read_only; ++int grsec_disable_privio __read_only; ++int grsec_enable_log_rwxmaps __read_only; ++int grsec_lock __read_only; + +DEFINE_SPINLOCK(grsec_alert_lock); +unsigned long grsec_alert_wtime = 0; @@ -85809,10 +86105,10 @@ index 0000000..1773300 +} diff --git a/grsecurity/grsec_link.c b/grsecurity/grsec_link.c new file mode 100644 -index 0000000..5e05e20 +index 0000000..8ef2b75 --- /dev/null +++ b/grsecurity/grsec_link.c -@@ -0,0 +1,58 @@ +@@ -0,0 +1,59 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/fs.h> @@ -85822,7 +86118,7 @@ index 0000000..5e05e20 +int gr_handle_symlink_owner(const struct path *link, const struct inode *target) +{ +#ifdef CONFIG_GRKERNSEC_SYMLINKOWN -+ const struct inode *link_inode = link->dentry->d_inode; ++ const struct inode *link_inode = d_backing_inode(link->dentry); + + if (grsec_enable_symlinkown && in_group_p(grsec_symlinkown_gid) && + /* ignore root-owned links, e.g. /proc/self */ @@ -85836,14 +86132,14 @@ index 0000000..5e05e20 +} + +int -+gr_handle_follow_link(const struct inode *parent, -+ const struct inode *inode, -+ const struct dentry *dentry, const struct vfsmount *mnt) ++gr_handle_follow_link(const struct dentry *dentry, const struct vfsmount *mnt) +{ +#ifdef CONFIG_GRKERNSEC_LINK ++ struct inode *inode = d_backing_inode(dentry); ++ struct inode *parent = d_backing_inode(dentry->d_parent); + const struct cred *cred = current_cred(); + -+ if (grsec_enable_link && S_ISLNK(inode->i_mode) && ++ if (grsec_enable_link && d_is_symlink(dentry) && + (parent->i_mode & S_ISVTX) && !uid_eq(parent->i_uid, inode->i_uid) && + (parent->i_mode & S_IWOTH) && !uid_eq(cred->fsuid, inode->i_uid)) { + gr_log_fs_int2(GR_DONT_AUDIT, GR_SYMLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid); @@ -85856,13 +86152,14 @@ index 0000000..5e05e20 +int +gr_handle_hardlink(const struct dentry *dentry, + const struct vfsmount *mnt, -+ struct inode *inode, const int mode, const struct filename *to) ++ const struct filename *to) +{ +#ifdef CONFIG_GRKERNSEC_LINK ++ struct inode *inode = d_backing_inode(dentry); + const struct cred *cred = current_cred(); + + if (grsec_enable_link && !uid_eq(cred->fsuid, inode->i_uid) && -+ (!S_ISREG(mode) || is_privileged_binary(dentry) || ++ (!d_is_reg(dentry) || is_privileged_binary(dentry) || + (inode_permission(inode, MAY_READ | MAY_WRITE))) && + !capable(CAP_FOWNER) && gr_is_global_nonroot(cred->uid)) { + gr_log_fs_int2_str(GR_DONT_AUDIT, GR_HARDLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid, to->name); @@ -86274,7 +86571,7 @@ index 0000000..0e39d8c +} diff --git a/grsecurity/grsec_mount.c b/grsecurity/grsec_mount.c new file mode 100644 -index 0000000..6f9eb73 +index 0000000..fe02bf4 --- /dev/null +++ b/grsecurity/grsec_mount.c @@ -0,0 +1,65 @@ @@ -86332,7 +86629,7 @@ index 0000000..6f9eb73 +gr_handle_rofs_blockwrite(struct dentry *dentry, struct vfsmount *mnt, int acc_mode) +{ +#ifdef CONFIG_GRKERNSEC_ROFS -+ struct inode *inode = dentry->d_inode; ++ struct inode *inode = d_backing_inode(dentry); + + if (grsec_enable_rofs && (acc_mode & MAY_WRITE) && + inode && (S_ISBLK(inode->i_mode) || (S_ISCHR(inode->i_mode) && imajor(inode) == RAW_MAJOR))) { @@ -86422,7 +86719,7 @@ index 0000000..2005a3a +} diff --git a/grsecurity/grsec_ptrace.c b/grsecurity/grsec_ptrace.c new file mode 100644 -index 0000000..f7f29aa +index 0000000..304c518 --- /dev/null +++ b/grsecurity/grsec_ptrace.c @@ -0,0 +1,30 @@ @@ -86449,7 +86746,7 @@ index 0000000..f7f29aa + const struct vfsmount *mnt = file->f_path.mnt; + + if (grsec_enable_ptrace_readexec && (unsafe_flags & LSM_UNSAFE_PTRACE) && -+ (inode_permission(dentry->d_inode, MAY_READ) || !gr_acl_handle_open(dentry, mnt, MAY_READ))) { ++ (inode_permission(d_backing_inode(dentry), MAY_READ) || !gr_acl_handle_open(dentry, mnt, MAY_READ))) { + gr_log_fs_generic(GR_DONT_AUDIT, GR_PTRACE_READEXEC_MSG, dentry, mnt); + return -EACCES; + } @@ -86950,7 +87247,7 @@ index 0000000..a523bd2 +} diff --git a/grsecurity/grsec_sysctl.c b/grsecurity/grsec_sysctl.c new file mode 100644 -index 0000000..cce889e +index 0000000..aaec43c --- /dev/null +++ b/grsecurity/grsec_sysctl.c @@ -0,0 +1,488 @@ @@ -86989,7 +87286,7 @@ index 0000000..cce889e + .data = &grsec_disable_privio, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#endif @@ -86999,7 +87296,7 @@ index 0000000..cce889e + .data = &grsec_enable_link, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SYMLINKOWN @@ -87008,14 +87305,14 @@ index 0000000..cce889e + .data = &grsec_enable_symlinkown, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "symlinkown_gid", + .data = &grsec_symlinkown_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BRUTE @@ -87024,7 +87321,7 @@ index 0000000..cce889e + .data = &grsec_enable_brute, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FIFO @@ -87033,7 +87330,7 @@ index 0000000..cce889e + .data = &grsec_enable_fifo, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC @@ -87042,7 +87339,7 @@ index 0000000..cce889e + .data = &grsec_enable_ptrace_readexec, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SETXID @@ -87051,7 +87348,7 @@ index 0000000..cce889e + .data = &grsec_enable_setxid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_BLACKHOLE @@ -87060,14 +87357,14 @@ index 0000000..cce889e + .data = &grsec_enable_blackhole, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "lastack_retries", + .data = &grsec_lastack_retries, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_EXECLOG @@ -87076,7 +87373,7 @@ index 0000000..cce889e + .data = &grsec_enable_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RWXMAP_LOG @@ -87085,7 +87382,7 @@ index 0000000..cce889e + .data = &grsec_enable_log_rwxmaps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SIGNAL @@ -87094,7 +87391,7 @@ index 0000000..cce889e + .data = &grsec_enable_signal, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_FORKFAIL @@ -87103,7 +87400,7 @@ index 0000000..cce889e + .data = &grsec_enable_forkfail, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TIME @@ -87112,7 +87409,7 @@ index 0000000..cce889e + .data = &grsec_enable_time, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SHMAT @@ -87121,7 +87418,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_shmat, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_UNIX @@ -87130,7 +87427,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_unix, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MOUNT @@ -87139,7 +87436,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FCHDIR @@ -87148,7 +87445,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_fchdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_DOUBLE @@ -87157,7 +87454,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_double, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_PIVOT @@ -87166,7 +87463,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_pivot, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHDIR @@ -87175,7 +87472,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CHMOD @@ -87184,7 +87481,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_chmod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_MKNOD @@ -87193,7 +87490,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_mknod, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_NICE @@ -87202,7 +87499,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_nice, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_EXECLOG @@ -87211,7 +87508,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_execlog, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_CAPS @@ -87220,7 +87517,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_caps, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_RENAME @@ -87229,7 +87526,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_rename, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_SYSCTL @@ -87238,7 +87535,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_sysctl, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE @@ -87247,14 +87544,14 @@ index 0000000..cce889e + .data = &grsec_enable_tpe, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "tpe_gid", + .data = &grsec_tpe_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_INVERT @@ -87263,7 +87560,7 @@ index 0000000..cce889e + .data = &grsec_enable_tpe_invert, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_TPE_ALL @@ -87272,7 +87569,7 @@ index 0000000..cce889e + .data = &grsec_enable_tpe_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_ALL @@ -87281,14 +87578,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_all, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_all_gid", + .data = &grsec_socket_all_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_CLIENT @@ -87297,14 +87594,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_client, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_client_gid", + .data = &grsec_socket_client_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_SOCKET_SERVER @@ -87313,14 +87610,14 @@ index 0000000..cce889e + .data = &grsec_enable_socket_server, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "socket_server_gid", + .data = &grsec_socket_server_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_GROUP @@ -87329,14 +87626,14 @@ index 0000000..cce889e + .data = &grsec_enable_group, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, + { + .procname = "audit_gid", + .data = &grsec_audit_gid, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_CHDIR @@ -87345,7 +87642,7 @@ index 0000000..cce889e + .data = &grsec_enable_chdir, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT @@ -87354,7 +87651,7 @@ index 0000000..cce889e + .data = &grsec_enable_mount, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_DMESG @@ -87363,7 +87660,7 @@ index 0000000..cce889e + .data = &grsec_enable_dmesg, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_CHROOT_FINDTASK @@ -87372,7 +87669,7 @@ index 0000000..cce889e + .data = &grsec_enable_chroot_findtask, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_RESLOG @@ -87381,7 +87678,7 @@ index 0000000..cce889e + .data = &grsec_resource_logging, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_AUDIT_PTRACE @@ -87390,7 +87687,7 @@ index 0000000..cce889e + .data = &grsec_enable_audit_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE @@ -87399,7 +87696,7 @@ index 0000000..cce889e + .data = &grsec_enable_harden_ptrace, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_HARDEN_IPC @@ -87408,7 +87705,7 @@ index 0000000..cce889e + .data = &grsec_enable_harden_ipc, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { @@ -87416,7 +87713,7 @@ index 0000000..cce889e + .data = &grsec_lock, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif +#ifdef CONFIG_GRKERNSEC_ROFS @@ -87425,7 +87722,7 @@ index 0000000..cce889e + .data = &grsec_enable_rofs, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec_minmax, ++ .proc_handler = &proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, @@ -87436,7 +87733,7 @@ index 0000000..cce889e + .data = &grsec_deny_new_usb, + .maxlen = sizeof(int), + .mode = 0600, -+ .proc_handler = &proc_dointvec, ++ .proc_handler = &proc_dointvec_secure, + }, +#endif + { } @@ -87466,7 +87763,7 @@ index 0000000..61b514e +EXPORT_SYMBOL_GPL(gr_log_timechange); diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c new file mode 100644 -index 0000000..d1953de +index 0000000..9786671 --- /dev/null +++ b/grsecurity/grsec_tpe.c @@ -0,0 +1,78 @@ @@ -87482,8 +87779,8 @@ index 0000000..d1953de +gr_tpe_allow(const struct file *file) +{ +#ifdef CONFIG_GRKERNSEC -+ struct inode *inode = file->f_path.dentry->d_parent->d_inode; -+ struct inode *file_inode = file->f_path.dentry->d_inode; ++ struct inode *inode = d_backing_inode(file->f_path.dentry->d_parent); ++ struct inode *file_inode = d_backing_inode(file->f_path.dentry); + const struct cred *cred = current_cred(); + char *msg = NULL; + char *msg2 = NULL; @@ -88293,10 +88590,10 @@ index 810431d..0ec4804f 100644 * (puds are folded into pgds so this doesn't get actually called, * but the define is needed for a generic inline function.) diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h -index 4d46085..f4e92ef 100644 +index 39f1d6a..7dae6fb 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h -@@ -689,6 +689,22 @@ static inline int pmd_protnone(pmd_t pmd) +@@ -695,6 +695,22 @@ static inline int pmd_protnone(pmd_t pmd) } #endif /* CONFIG_NUMA_BALANCING */ @@ -88318,7 +88615,7 @@ index 4d46085..f4e92ef 100644 + #endif /* CONFIG_MMU */ - #endif /* !__ASSEMBLY__ */ + #ifdef CONFIG_HAVE_ARCH_HUGE_VMAP diff --git a/include/asm-generic/uaccess.h b/include/asm-generic/uaccess.h index 72d8803..cb9749c 100644 --- a/include/asm-generic/uaccess.h @@ -88345,10 +88642,10 @@ index 72d8803..cb9749c 100644 + #endif /* __ASM_GENERIC_UACCESS_H */ diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h -index ac78910..8b5f068 100644 +index 8bd374d..9590e70 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h -@@ -234,6 +234,7 @@ +@@ -246,6 +246,7 @@ .rodata : AT(ADDR(.rodata) - LOAD_OFFSET) { \ VMLINUX_SYMBOL(__start_rodata) = .; \ *(.rodata) *(.rodata.*) \ @@ -88356,7 +88653,7 @@ index ac78910..8b5f068 100644 *(__vermagic) /* Kernel version magic */ \ . = ALIGN(8); \ VMLINUX_SYMBOL(__start___tracepoints_ptrs) = .; \ -@@ -492,6 +493,7 @@ +@@ -504,6 +505,7 @@ KERNEL_CTORS() \ MCOUNT_REC() \ *(.init.rodata) \ @@ -88364,7 +88661,7 @@ index ac78910..8b5f068 100644 FTRACE_EVENTS() \ TRACE_SYSCALLS() \ KPROBE_BLACKLIST() \ -@@ -511,6 +513,8 @@ +@@ -525,6 +527,8 @@ #define EXIT_DATA \ *(.exit.data) \ @@ -88373,7 +88670,7 @@ index ac78910..8b5f068 100644 MEM_DISCARD(exit.data) \ MEM_DISCARD(exit.rodata) -@@ -727,17 +731,18 @@ +@@ -741,17 +745,18 @@ * section in the linker script will go there too. @phdr should have * a leading colon. * @@ -88397,7 +88694,7 @@ index ac78910..8b5f068 100644 /** * PERCPU_SECTION - define output section for percpu area, simple version diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h -index 623a59c..1e79ab9 100644 +index 0ecb768..f910132 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -34,7 +34,7 @@ struct crypto_type { @@ -88410,7 +88707,7 @@ index 623a59c..1e79ab9 100644 struct crypto_instance { struct crypto_alg alg; diff --git a/include/drm/drmP.h b/include/drm/drmP.h -index e928625..ff97886 100644 +index 62c40777..f980496 100644 --- a/include/drm/drmP.h +++ b/include/drm/drmP.h @@ -59,6 +59,7 @@ @@ -88421,7 +88718,7 @@ index e928625..ff97886 100644 #include <asm/uaccess.h> #include <uapi/drm/drm.h> -@@ -133,17 +134,18 @@ void drm_err(const char *format, ...); +@@ -137,17 +138,18 @@ void drm_err(const char *format, ...); /*@{*/ /* driver capabilities and requirements mask */ @@ -88451,7 +88748,7 @@ index e928625..ff97886 100644 /***********************************************************************/ /** \name Macros to make printk easier */ -@@ -224,10 +226,12 @@ void drm_err(const char *format, ...); +@@ -233,10 +235,12 @@ void drm_err(const char *format, ...); * \param cmd command. * \param arg argument. */ @@ -88466,20 +88763,19 @@ index e928625..ff97886 100644 unsigned long arg); #define DRM_IOCTL_NR(n) _IOC_NR(n) -@@ -243,10 +247,10 @@ typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, +@@ -252,9 +256,9 @@ typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, struct drm_ioctl_desc { unsigned int cmd; int flags; - drm_ioctl_t *func; + drm_ioctl_t func; - unsigned int cmd_drv; const char *name; -}; +} __do_const; /** * Creates a driver or general drm_ioctl_desc array entry for the given -@@ -632,7 +636,8 @@ struct drm_info_list { +@@ -645,7 +649,8 @@ struct drm_info_list { int (*show)(struct seq_file*, void*); /** show callback */ u32 driver_features; /**< Required driver features for this entry */ void *data; @@ -88489,7 +88785,7 @@ index e928625..ff97886 100644 /** * debugfs node structure. This structure represents a debugfs file. -@@ -716,7 +721,7 @@ struct drm_device { +@@ -729,7 +734,7 @@ struct drm_device { /** \name Usage Counters */ /*@{ */ @@ -88499,10 +88795,10 @@ index e928625..ff97886 100644 int buf_use; /**< Buffers in use -- cannot alloc */ atomic_t buf_alloc; /**< Buffer allocation in progress */ diff --git a/include/drm/drm_crtc_helper.h b/include/drm/drm_crtc_helper.h -index c250a22..59d2094 100644 +index c8fc187..079d4c2 100644 --- a/include/drm/drm_crtc_helper.h +++ b/include/drm/drm_crtc_helper.h -@@ -160,7 +160,7 @@ struct drm_encoder_helper_funcs { +@@ -161,7 +161,7 @@ struct drm_encoder_helper_funcs { int (*atomic_check)(struct drm_encoder *encoder, struct drm_crtc_state *crtc_state, struct drm_connector_state *conn_state); @@ -88512,7 +88808,7 @@ index c250a22..59d2094 100644 /** * struct drm_connector_helper_funcs - helper operations for connectors diff --git a/include/drm/i915_pciids.h b/include/drm/i915_pciids.h -index d016dc5..3951fe0 100644 +index 6133723..4c1fccb 100644 --- a/include/drm/i915_pciids.h +++ b/include/drm/i915_pciids.h @@ -37,7 +37,7 @@ @@ -88636,11 +88932,11 @@ index 576e463..28fd926 100644 extern void __register_binfmt(struct linux_binfmt *fmt, int insert); diff --git a/include/linux/bitmap.h b/include/linux/bitmap.h -index dbfbf49..10be372 100644 +index ea17cca..dd56e56 100644 --- a/include/linux/bitmap.h +++ b/include/linux/bitmap.h -@@ -299,7 +299,7 @@ static inline int bitmap_full(const unsigned long *src, unsigned int nbits) - return __bitmap_full(src, nbits); +@@ -295,7 +295,7 @@ static inline int bitmap_full(const unsigned long *src, unsigned int nbits) + return find_first_zero_bit(src, nbits) == nbits; } -static inline int bitmap_weight(const unsigned long *src, unsigned int nbits) @@ -88649,7 +88945,7 @@ index dbfbf49..10be372 100644 if (small_const_nbits(nbits)) return hweight_long(*src & BITMAP_LAST_WORD_MASK(nbits)); diff --git a/include/linux/bitops.h b/include/linux/bitops.h -index 5d858e0..336c1d9 100644 +index 297f5bd..0b6d1e8 100644 --- a/include/linux/bitops.h +++ b/include/linux/bitops.h @@ -105,7 +105,7 @@ static inline __u64 ror64(__u64 word, unsigned int shift) @@ -88680,10 +88976,10 @@ index 5d858e0..336c1d9 100644 if (sizeof(l) == 4) return fls(l); diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h -index 7f9a516..8889453 100644 +index 5d93a66..978c4a0 100644 --- a/include/linux/blkdev.h +++ b/include/linux/blkdev.h -@@ -1616,7 +1616,7 @@ struct block_device_operations { +@@ -1614,7 +1614,7 @@ struct block_device_operations { /* this callback is with swap_lock and sometimes page table lock held */ void (*swap_slot_free_notify) (struct block_device *, unsigned long); struct module *owner; @@ -88725,12 +89021,26 @@ index 17e7e82..1d7da26 100644 #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) #endif diff --git a/include/linux/capability.h b/include/linux/capability.h -index aa93e5e..985a1b0 100644 +index af9f0b9..71a5e5c 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h -@@ -214,9 +214,14 @@ extern bool has_ns_capability_noaudit(struct task_struct *t, - extern bool capable(int cap); - extern bool ns_capable(struct user_namespace *ns, int cap); +@@ -237,15 +237,28 @@ static inline bool capable(int cap) + { + return true; + } ++static inline bool capable_nolog(int cap) ++{ ++ return true; ++} + static inline bool ns_capable(struct user_namespace *ns, int cap) + { + return true; + } ++static inline bool ns_capable_nolog(struct user_namespace *ns, int cap) ++{ ++ return true; ++} + #endif /* CONFIG_MULTIUSER */ extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap); +extern bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap); extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap); @@ -88756,20 +89066,20 @@ index 8609d57..86e4d79 100644 int (*generic_packet) (struct cdrom_device_info *, struct packet_command *); diff --git a/include/linux/cleancache.h b/include/linux/cleancache.h -index 4ce9056..86caac6 100644 +index bda5ec0b4..51d8ea1 100644 --- a/include/linux/cleancache.h +++ b/include/linux/cleancache.h -@@ -31,7 +31,7 @@ struct cleancache_ops { +@@ -35,7 +35,7 @@ struct cleancache_ops { void (*invalidate_page)(int, struct cleancache_filekey, pgoff_t); void (*invalidate_inode)(int, struct cleancache_filekey); void (*invalidate_fs)(int); -}; +} __no_const; - extern struct cleancache_ops * - cleancache_register_ops(struct cleancache_ops *ops); + extern int cleancache_register_ops(struct cleancache_ops *ops); + extern void __cleancache_init_fs(struct super_block *); diff --git a/include/linux/clk-provider.h b/include/linux/clk-provider.h -index 5591ea7..61b77ce 100644 +index df69531..c4459db 100644 --- a/include/linux/clk-provider.h +++ b/include/linux/clk-provider.h @@ -195,6 +195,7 @@ struct clk_ops { @@ -88780,8 +89090,31 @@ index 5591ea7..61b77ce 100644 /** * struct clk_init_data - holds init data that's common to all clocks and is +diff --git a/include/linux/clkdev.h b/include/linux/clkdev.h +index 94bad77..a39e810 100644 +--- a/include/linux/clkdev.h ++++ b/include/linux/clkdev.h +@@ -32,7 +32,7 @@ struct clk_lookup { + } + + struct clk_lookup *clkdev_alloc(struct clk *clk, const char *con_id, +- const char *dev_fmt, ...); ++ const char *dev_fmt, ...) __printf(3, 4); + + void clkdev_add(struct clk_lookup *cl); + void clkdev_drop(struct clk_lookup *cl); +@@ -40,7 +40,8 @@ void clkdev_drop(struct clk_lookup *cl); + void clkdev_add_table(struct clk_lookup *, size_t); + int clk_add_alias(const char *, const char *, char *, struct device *); + +-int clk_register_clkdev(struct clk *, const char *, const char *, ...); ++int clk_register_clkdev(struct clk *, const char *, const char *, ...) ++ __printf(3, 4); + int clk_register_clkdevs(struct clk *, struct clk_lookup *, size_t); + + #ifdef CONFIG_COMMON_CLK diff --git a/include/linux/compat.h b/include/linux/compat.h -index ab25814..d1540d1 100644 +index ab25814..63b52db 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -316,7 +316,7 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, @@ -88802,6 +89135,15 @@ index ab25814..d1540d1 100644 asmlinkage long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5); asmlinkage long compat_sys_ustat(unsigned dev, struct compat_ustat __user *u32); +@@ -424,7 +424,7 @@ asmlinkage long compat_sys_settimeofday(struct compat_timeval __user *tv, + + asmlinkage long compat_sys_adjtimex(struct compat_timex __user *utp); + +-extern int compat_printk(const char *fmt, ...); ++extern __printf(1, 2) int compat_printk(const char *fmt, ...); + extern void sigset_from_compat(sigset_t *set, const compat_sigset_t *compat); + extern void sigset_to_compat(compat_sigset_t *compat, const sigset_t *set); + @@ -439,7 +439,7 @@ extern int compat_ptrace_request(struct task_struct *child, extern long compat_arch_ptrace(struct task_struct *child, compat_long_t request, compat_ulong_t addr, compat_ulong_t data); @@ -88812,10 +89154,10 @@ index ab25814..d1540d1 100644 asmlinkage long compat_sys_lookup_dcookie(u32, u32, char __user *, compat_size_t); /* diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h -index cdf13ca..ba5e086 100644 +index 371e560..e2e4e3e 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h -@@ -94,8 +94,8 @@ +@@ -108,8 +108,8 @@ */ #define __pure __attribute__((pure)) #define __aligned(x) __attribute__((aligned(x))) @@ -88909,7 +89251,7 @@ index efee493..8aa8f6b 100644 * Mark a position in code as unreachable. This can be used to * suppress control flow warnings after asm blocks that transfer diff --git a/include/linux/compiler.h b/include/linux/compiler.h -index 1b45e4a..eff29a7 100644 +index 8677225..2d49df1 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h @@ -5,11 +5,14 @@ @@ -88977,25 +89319,22 @@ index 1b45e4a..eff29a7 100644 #endif /* Indirect macros required for expanded argument pasting, eg. __LINE__. */ -@@ -205,32 +227,32 @@ static __always_inline void data_access_exceeds_word_size(void) +@@ -199,27 +221,27 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); static __always_inline void __read_once_size(const volatile void *p, void *res, int size) { switch (size) { - case 1: *(__u8 *)res = *(volatile __u8 *)p; break; - case 2: *(__u16 *)res = *(volatile __u16 *)p; break; - case 4: *(__u32 *)res = *(volatile __u32 *)p; break; +- case 8: *(__u64 *)res = *(volatile __u64 *)p; break; + case 1: *(__u8 *)res = *(const volatile __u8 *)p; break; + case 2: *(__u16 *)res = *(const volatile __u16 *)p; break; + case 4: *(__u32 *)res = *(const volatile __u32 *)p; break; - #ifdef CONFIG_64BIT -- case 8: *(__u64 *)res = *(volatile __u64 *)p; break; + case 8: *(__u64 *)res = *(const volatile __u64 *)p; break; - #endif default: barrier(); - __builtin_memcpy((void *)res, (const void *)p, size); + __builtin_memcpy(res, (const void *)p, size); - data_access_exceeds_word_size(); barrier(); } } @@ -89007,21 +89346,19 @@ index 1b45e4a..eff29a7 100644 - case 1: *(volatile __u8 *)p = *(__u8 *)res; break; - case 2: *(volatile __u16 *)p = *(__u16 *)res; break; - case 4: *(volatile __u32 *)p = *(__u32 *)res; break; +- case 8: *(volatile __u64 *)p = *(__u64 *)res; break; + case 1: *(volatile __u8 *)p = *(const __u8 *)res; break; + case 2: *(volatile __u16 *)p = *(const __u16 *)res; break; + case 4: *(volatile __u32 *)p = *(const __u32 *)res; break; - #ifdef CONFIG_64BIT -- case 8: *(volatile __u64 *)p = *(__u64 *)res; break; + case 8: *(volatile __u64 *)p = *(const __u64 *)res; break; - #endif default: barrier(); - __builtin_memcpy((void *)p, (const void *)res, size); + __builtin_memcpy((void *)p, res, size); - data_access_exceeds_word_size(); barrier(); } -@@ -364,6 +386,38 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s + } +@@ -352,6 +374,38 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s # define __attribute_const__ /* unimplemented */ #endif @@ -89060,7 +89397,7 @@ index 1b45e4a..eff29a7 100644 /* * Tell gcc if a function is cold. The compiler will assume any path * directly leading to the call is unlikely. -@@ -373,6 +427,22 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s +@@ -361,6 +415,22 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s #define __cold #endif @@ -89083,7 +89420,7 @@ index 1b45e4a..eff29a7 100644 /* Simple shorthand for a section definition */ #ifndef __section # define __section(S) __attribute__ ((__section__(#S))) -@@ -387,6 +457,8 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s +@@ -375,6 +445,8 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s # define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b)) #endif @@ -89092,7 +89429,7 @@ index 1b45e4a..eff29a7 100644 /* Is this type a native word size -- useful for atomic operations */ #ifndef __native_word # define __native_word(t) (sizeof(t) == sizeof(char) || sizeof(t) == sizeof(short) || sizeof(t) == sizeof(int) || sizeof(t) == sizeof(long)) -@@ -466,8 +538,9 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s +@@ -454,8 +526,9 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s */ #define __ACCESS_ONCE(x) ({ \ __maybe_unused typeof(x) __var = (__force typeof(x)) 0; \ @@ -89131,19 +89468,20 @@ index 5d5aaae..0ea9b84 100644 extern bool completion_done(struct completion *x); diff --git a/include/linux/configfs.h b/include/linux/configfs.h -index 34025df..2a6ee32 100644 +index 34025df..9c263df 100644 --- a/include/linux/configfs.h +++ b/include/linux/configfs.h -@@ -64,7 +64,7 @@ struct config_item { +@@ -64,7 +64,8 @@ struct config_item { struct dentry *ci_dentry; }; -extern int config_item_set_name(struct config_item *, const char *, ...); -+extern __printf(2, 3) int config_item_set_name(struct config_item *, const char *, ...); ++extern __printf(2, 3) ++int config_item_set_name(struct config_item *, const char *, ...); static inline char *config_item_name(struct config_item * item) { -@@ -125,7 +125,7 @@ struct configfs_attribute { +@@ -125,7 +126,7 @@ struct configfs_attribute { const char *ca_name; struct module *ca_owner; umode_t ca_mode; @@ -89152,6 +89490,24 @@ index 34025df..2a6ee32 100644 /* * Users often need to create attribute structures for their configurable +diff --git a/include/linux/cpu.h b/include/linux/cpu.h +index c0fb6b1..23c30bd 100644 +--- a/include/linux/cpu.h ++++ b/include/linux/cpu.h +@@ -40,9 +40,10 @@ extern void cpu_remove_dev_attr(struct device_attribute *attr); + extern int cpu_add_dev_attr_group(struct attribute_group *attrs); + extern void cpu_remove_dev_attr_group(struct attribute_group *attrs); + +-extern struct device *cpu_device_create(struct device *parent, void *drvdata, +- const struct attribute_group **groups, +- const char *fmt, ...); ++extern __printf(4, 5) ++struct device *cpu_device_create(struct device *parent, void *drvdata, ++ const struct attribute_group **groups, ++ const char *fmt, ...); + #ifdef CONFIG_HOTPLUG_CPU + extern void unregister_cpu(struct cpu *cpu); + extern ssize_t arch_cpu_probe(const char *, size_t); diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h index 2ee4888..0451f5e 100644 --- a/include/linux/cpufreq.h @@ -89197,10 +89553,10 @@ index 9c5e892..feb34e0 100644 #ifdef CONFIG_CPU_IDLE extern int cpuidle_register_governor(struct cpuidle_governor *gov); diff --git a/include/linux/cpumask.h b/include/linux/cpumask.h -index 086549a..a572d94 100644 +index 59915ea..81ebec0 100644 --- a/include/linux/cpumask.h +++ b/include/linux/cpumask.h -@@ -126,17 +126,17 @@ static inline unsigned int cpumask_first(const struct cpumask *srcp) +@@ -127,17 +127,17 @@ static inline unsigned int cpumask_first(const struct cpumask *srcp) } /* Valid inputs for n are -1 and 0. */ @@ -89221,7 +89577,7 @@ index 086549a..a572d94 100644 const struct cpumask *srcp, const struct cpumask *andp) { -@@ -182,7 +182,7 @@ static inline unsigned int cpumask_first(const struct cpumask *srcp) +@@ -181,7 +181,7 @@ static inline unsigned int cpumask_first(const struct cpumask *srcp) * * Returns >= nr_cpu_ids if no further cpus set. */ @@ -89230,7 +89586,7 @@ index 086549a..a572d94 100644 { /* -1 is a legal arg here. */ if (n != -1) -@@ -197,7 +197,7 @@ static inline unsigned int cpumask_next(int n, const struct cpumask *srcp) +@@ -196,7 +196,7 @@ static inline unsigned int cpumask_next(int n, const struct cpumask *srcp) * * Returns >= nr_cpu_ids if no further cpus unset. */ @@ -89239,16 +89595,16 @@ index 086549a..a572d94 100644 { /* -1 is a legal arg here. */ if (n != -1) -@@ -205,7 +205,7 @@ static inline unsigned int cpumask_next_zero(int n, const struct cpumask *srcp) +@@ -204,7 +204,7 @@ static inline unsigned int cpumask_next_zero(int n, const struct cpumask *srcp) return find_next_zero_bit(cpumask_bits(srcp), nr_cpumask_bits, n+1); } -int cpumask_next_and(int n, const struct cpumask *, const struct cpumask *); +int cpumask_next_and(int n, const struct cpumask *, const struct cpumask *) __intentional_overflow(-1); int cpumask_any_but(const struct cpumask *mask, unsigned int cpu); - int cpumask_set_cpu_local_first(int i, int numa_node, cpumask_t *dstp); + unsigned int cpumask_local_spread(unsigned int i, int node); -@@ -472,7 +472,7 @@ static inline bool cpumask_full(const struct cpumask *srcp) +@@ -471,7 +471,7 @@ static inline bool cpumask_full(const struct cpumask *srcp) * cpumask_weight - Count of bits in *srcp * @srcp: the cpumask to count bits (< nr_cpu_ids) in. */ @@ -89258,7 +89614,7 @@ index 086549a..a572d94 100644 return bitmap_weight(cpumask_bits(srcp), nr_cpumask_bits); } diff --git a/include/linux/cred.h b/include/linux/cred.h -index 2fb2ca2..d6a3340 100644 +index 8b6c083..51cb9f5 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -35,7 +35,7 @@ struct group_info { @@ -89270,7 +89626,7 @@ index 2fb2ca2..d6a3340 100644 /** * get_group_info - Get a reference to a group info structure -@@ -137,7 +137,7 @@ struct cred { +@@ -152,7 +152,7 @@ struct cred { struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */ struct group_info *group_info; /* supplementary groups for euid/fsgid */ struct rcu_head rcu; /* RCU deletion hook */ @@ -89279,7 +89635,7 @@ index 2fb2ca2..d6a3340 100644 extern void __put_cred(struct cred *); extern void exit_creds(struct task_struct *); -@@ -195,6 +195,9 @@ static inline void validate_creds_for_do_exit(struct task_struct *tsk) +@@ -210,6 +210,9 @@ static inline void validate_creds_for_do_exit(struct task_struct *tsk) static inline void validate_process_creds(void) { } @@ -89289,7 +89645,7 @@ index 2fb2ca2..d6a3340 100644 #endif /** -@@ -332,6 +335,7 @@ static inline void put_cred(const struct cred *_cred) +@@ -347,6 +350,7 @@ static inline void put_cred(const struct cred *_cred) #define task_uid(task) (task_cred_xxx((task), uid)) #define task_euid(task) (task_cred_xxx((task), euid)) @@ -89298,10 +89654,10 @@ index 2fb2ca2..d6a3340 100644 #define current_cred_xxx(xxx) \ ({ \ diff --git a/include/linux/crypto.h b/include/linux/crypto.h -index fb5ef16..05d1e59 100644 +index 10df5d2..503d678 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h -@@ -626,7 +626,7 @@ struct cipher_tfm { +@@ -632,7 +632,7 @@ struct cipher_tfm { const u8 *key, unsigned int keylen); void (*cit_encrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src); void (*cit_decrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src); @@ -89310,7 +89666,7 @@ index fb5ef16..05d1e59 100644 struct hash_tfm { int (*init)(struct hash_desc *desc); -@@ -647,13 +647,13 @@ struct compress_tfm { +@@ -653,13 +653,13 @@ struct compress_tfm { int (*cot_decompress)(struct crypto_tfm *tfm, const u8 *src, unsigned int slen, u8 *dst, unsigned int *dlen); @@ -89340,7 +89696,7 @@ index 653589e..4ef254a 100644 return c | 0x20; } diff --git a/include/linux/dcache.h b/include/linux/dcache.h -index d835879..c8e5b92 100644 +index df334cb..e730faa 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -123,6 +123,9 @@ struct dentry { @@ -89362,7 +89718,7 @@ index d835879..c8e5b92 100644 /* * dentry->d_lock spinlock nesting subclasses: -@@ -319,7 +322,7 @@ extern struct dentry *__d_lookup_rcu(const struct dentry *parent, +@@ -319,13 +322,14 @@ extern struct dentry *__d_lookup_rcu(const struct dentry *parent, static inline unsigned d_count(const struct dentry *dentry) { @@ -89371,7 +89727,15 @@ index d835879..c8e5b92 100644 } /* -@@ -347,7 +350,7 @@ extern char *dentry_path(struct dentry *, char *, int); + * helper function for dentry_operations.d_dname() members + */ +-extern char *dynamic_dname(struct dentry *, char *, int, const char *, ...); ++extern __printf(4, 5) ++char *dynamic_dname(struct dentry *, char *, int, const char *, ...); + extern char *simple_dname(struct dentry *, char *, int); + + extern char *__d_path(const struct path *, const struct path *, char *, int); +@@ -347,7 +351,7 @@ extern char *dentry_path(struct dentry *, char *, int); static inline struct dentry *dget_dlock(struct dentry *dentry) { if (dentry) @@ -89407,10 +89771,10 @@ index ce447f0..83c66bd 100644 /** * struct devfreq - Device devfreq structure diff --git a/include/linux/device.h b/include/linux/device.h -index 0eb8ee2..c603b6a 100644 +index 6558af9..48bce1a 100644 --- a/include/linux/device.h +++ b/include/linux/device.h -@@ -311,7 +311,7 @@ struct subsys_interface { +@@ -312,7 +312,7 @@ struct subsys_interface { struct list_head node; int (*add_dev)(struct device *dev, struct subsys_interface *sif); int (*remove_dev)(struct device *dev, struct subsys_interface *sif); @@ -89419,7 +89783,7 @@ index 0eb8ee2..c603b6a 100644 int subsys_interface_register(struct subsys_interface *sif); void subsys_interface_unregister(struct subsys_interface *sif); -@@ -507,7 +507,7 @@ struct device_type { +@@ -508,7 +508,7 @@ struct device_type { void (*release)(struct device *dev); const struct dev_pm_ops *pm; @@ -89428,7 +89792,7 @@ index 0eb8ee2..c603b6a 100644 /* interface for exporting device attributes */ struct device_attribute { -@@ -517,11 +517,12 @@ struct device_attribute { +@@ -518,11 +518,12 @@ struct device_attribute { ssize_t (*store)(struct device *dev, struct device_attribute *attr, const char *buf, size_t count); }; @@ -89442,11 +89806,40 @@ index 0eb8ee2..c603b6a 100644 ssize_t device_show_ulong(struct device *dev, struct device_attribute *attr, char *buf); +@@ -607,8 +608,9 @@ extern int devres_release_group(struct device *dev, void *id); + + /* managed devm_k.alloc/kfree for device drivers */ + extern void *devm_kmalloc(struct device *dev, size_t size, gfp_t gfp); +-extern char *devm_kvasprintf(struct device *dev, gfp_t gfp, const char *fmt, +- va_list ap); ++extern __printf(3, 0) ++char *devm_kvasprintf(struct device *dev, gfp_t gfp, const char *fmt, ++ va_list ap); + extern __printf(3, 4) + char *devm_kasprintf(struct device *dev, gfp_t gfp, const char *fmt, ...); + static inline void *devm_kzalloc(struct device *dev, size_t size, gfp_t gfp) +@@ -980,12 +982,10 @@ extern int __must_check device_reprobe(struct device *dev); + /* + * Easy functions for dynamically creating devices on the fly + */ +-extern struct device *device_create_vargs(struct class *cls, +- struct device *parent, +- dev_t devt, +- void *drvdata, +- const char *fmt, +- va_list vargs); ++extern __printf(5, 0) ++struct device *device_create_vargs(struct class *cls, struct device *parent, ++ dev_t devt, void *drvdata, ++ const char *fmt, va_list vargs); + extern __printf(5, 6) + struct device *device_create(struct class *cls, struct device *parent, + dev_t devt, void *drvdata, diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h -index c3007cb..43efc8c 100644 +index ac07ff0..edff186 100644 --- a/include/linux/dma-mapping.h +++ b/include/linux/dma-mapping.h -@@ -60,7 +60,7 @@ struct dma_map_ops { +@@ -64,7 +64,7 @@ struct dma_map_ops { u64 (*get_required_mask)(struct device *dev); #endif int is_phys; @@ -89455,27 +89848,11 @@ index c3007cb..43efc8c 100644 #define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1)) -diff --git a/include/linux/dmaengine.h b/include/linux/dmaengine.h -index b6997a0..108be6c 100644 ---- a/include/linux/dmaengine.h -+++ b/include/linux/dmaengine.h -@@ -1133,9 +1133,9 @@ struct dma_pinned_list { - struct dma_pinned_list *dma_pin_iovec_pages(struct iovec *iov, size_t len); - void dma_unpin_iovec_pages(struct dma_pinned_list* pinned_list); - --dma_cookie_t dma_memcpy_to_iovec(struct dma_chan *chan, struct iovec *iov, -+dma_cookie_t __intentional_overflow(0) dma_memcpy_to_iovec(struct dma_chan *chan, struct iovec *iov, - struct dma_pinned_list *pinned_list, unsigned char *kdata, size_t len); --dma_cookie_t dma_memcpy_pg_to_iovec(struct dma_chan *chan, struct iovec *iov, -+dma_cookie_t __intentional_overflow(0) dma_memcpy_pg_to_iovec(struct dma_chan *chan, struct iovec *iov, - struct dma_pinned_list *pinned_list, struct page *page, - unsigned int offset, size_t len); - diff --git a/include/linux/efi.h b/include/linux/efi.h -index cf7e431..d239dce 100644 +index af5be03..d8a6ae2 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h -@@ -1056,6 +1056,7 @@ struct efivar_operations { +@@ -1057,6 +1057,7 @@ struct efivar_operations { efi_set_variable_nonblocking_t *set_variable_nonblocking; efi_query_variable_store_t *query_variable_store; }; @@ -89576,10 +89953,10 @@ index 8293262..2b3b8bd 100644 extern bool frontswap_enabled; extern struct frontswap_ops * diff --git a/include/linux/fs.h b/include/linux/fs.h -index 52cc449..31f35cb 100644 +index 571aab9..03a5b06 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h -@@ -410,7 +410,7 @@ struct address_space { +@@ -437,7 +437,7 @@ struct address_space { spinlock_t private_lock; /* for use by the address_space */ struct list_head private_list; /* ditto */ void *private_data; /* ditto */ @@ -89588,7 +89965,7 @@ index 52cc449..31f35cb 100644 /* * On most architectures that alignment is already the case; but * must be enforced here for CRIS, to let the least significant bit -@@ -453,7 +453,7 @@ struct block_device { +@@ -480,7 +480,7 @@ struct block_device { int bd_fsfreeze_count; /* Mutex for freeze */ struct mutex bd_fsfreeze_mutex; @@ -89597,7 +89974,7 @@ index 52cc449..31f35cb 100644 /* * Radix-tree tags, for tagging dirty and writeback pages within the pagecache -@@ -639,7 +639,7 @@ struct inode { +@@ -666,7 +666,7 @@ struct inode { #endif void *i_private; /* fs or device private pointer */ @@ -89606,7 +89983,7 @@ index 52cc449..31f35cb 100644 static inline int inode_unhashed(struct inode *inode) { -@@ -834,7 +834,7 @@ struct file { +@@ -861,7 +861,7 @@ struct file { struct list_head f_tfile_llink; #endif /* #ifdef CONFIG_EPOLL */ struct address_space *f_mapping; @@ -89615,7 +89992,7 @@ index 52cc449..31f35cb 100644 struct file_handle { __u32 handle_bytes; -@@ -962,7 +962,7 @@ struct file_lock { +@@ -990,7 +990,7 @@ struct file_lock { int state; /* state of grant or error if -ve */ } afs; } fl_u; @@ -89624,7 +90001,7 @@ index 52cc449..31f35cb 100644 struct file_lock_context { spinlock_t flc_lock; -@@ -1316,7 +1316,7 @@ struct super_block { +@@ -1351,7 +1351,7 @@ struct super_block { * Indicates how deep in a filesystem stack this SB is */ int s_stack_depth; @@ -89633,7 +90010,7 @@ index 52cc449..31f35cb 100644 extern struct timespec current_fs_time(struct super_block *sb); -@@ -1570,7 +1570,8 @@ struct file_operations { +@@ -1603,7 +1603,8 @@ struct file_operations { #ifndef CONFIG_MMU unsigned (*mmap_capabilities)(struct file *); #endif @@ -89643,7 +90020,7 @@ index 52cc449..31f35cb 100644 struct inode_operations { struct dentry * (*lookup) (struct inode *,struct dentry *, unsigned int); -@@ -2269,7 +2270,7 @@ extern int register_chrdev_region(dev_t, unsigned, const char *); +@@ -2303,7 +2304,7 @@ extern int register_chrdev_region(dev_t, unsigned, const char *); extern int __register_chrdev(unsigned int major, unsigned int baseminor, unsigned int count, const char *name, const struct file_operations *fops); @@ -89652,7 +90029,7 @@ index 52cc449..31f35cb 100644 unsigned int count, const char *name); extern void unregister_chrdev_region(dev_t, unsigned); extern void chrdev_show(struct seq_file *,off_t); -@@ -2918,4 +2919,14 @@ static inline bool dir_relax(struct inode *inode) +@@ -2989,4 +2990,14 @@ static inline bool dir_relax(struct inode *inode) return !IS_DEADDIR(inode); } @@ -89791,7 +90168,7 @@ index 667c311..abac2a7 100644 }; diff --git a/include/linux/gfp.h b/include/linux/gfp.h -index eb6fafe..9360779 100644 +index 15928f0..90b31d7 100644 --- a/include/linux/gfp.h +++ b/include/linux/gfp.h @@ -35,6 +35,13 @@ struct vm_area_struct; @@ -89808,7 +90185,7 @@ index eb6fafe..9360779 100644 /* If the above are modified, __GFP_BITS_SHIFT may need updating */ /* -@@ -92,6 +99,7 @@ struct vm_area_struct; +@@ -94,6 +101,7 @@ struct vm_area_struct; #define __GFP_NO_KSWAPD ((__force gfp_t)___GFP_NO_KSWAPD) #define __GFP_OTHER_NODE ((__force gfp_t)___GFP_OTHER_NODE) /* On behalf of other node */ #define __GFP_WRITE ((__force gfp_t)___GFP_WRITE) /* Allocator intends to dirty page */ @@ -89816,7 +90193,7 @@ index eb6fafe..9360779 100644 /* * This may seem redundant, but it's a way of annotating false positives vs. -@@ -99,7 +107,7 @@ struct vm_area_struct; +@@ -101,7 +109,7 @@ struct vm_area_struct; */ #define __GFP_NOTRACK_FALSE_POSITIVE (__GFP_NOTRACK) @@ -89825,7 +90202,7 @@ index eb6fafe..9360779 100644 #define __GFP_BITS_MASK ((__force gfp_t)((1 << __GFP_BITS_SHIFT) - 1)) /* This equals 0, but use constants in case they ever change */ -@@ -154,6 +162,8 @@ struct vm_area_struct; +@@ -146,6 +154,8 @@ struct vm_area_struct; /* 4GB DMA on some platforms */ #define GFP_DMA32 __GFP_DMA32 @@ -90867,10 +91244,10 @@ index 0000000..26ef560 +#define GR_MSRWRITE_MSG "denied write to CPU MSR by " diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h new file mode 100644 -index 0000000..63c1850 +index 0000000..085a746 --- /dev/null +++ b/include/linux/grsecurity.h -@@ -0,0 +1,250 @@ +@@ -0,0 +1,247 @@ +#ifndef GR_SECURITY_H +#define GR_SECURITY_H +#include <linux/fs.h> @@ -90963,9 +91340,7 @@ index 0000000..63c1850 +void gr_log_rwxmmap(struct file *file); +void gr_log_rwxmprotect(struct vm_area_struct *vma); + -+int gr_handle_follow_link(const struct inode *parent, -+ const struct inode *inode, -+ const struct dentry *dentry, ++int gr_handle_follow_link(const struct dentry *dentry, + const struct vfsmount *mnt); +int gr_handle_fifo(const struct dentry *dentry, + const struct vfsmount *mnt, @@ -90973,8 +91348,7 @@ index 0000000..63c1850 + const int acc_mode); +int gr_handle_hardlink(const struct dentry *dentry, + const struct vfsmount *mnt, -+ struct inode *inode, -+ const int mode, const struct filename *to); ++ const struct filename *to); + +int gr_is_capable(const int cap); +int gr_is_capable_nolog(const int cap); @@ -91194,7 +91568,7 @@ index 1c7b89a..7dda400 100644 container_of(_dev_attr, struct sensor_device_attribute_2, dev_attr) diff --git a/include/linux/i2c.h b/include/linux/i2c.h -index f17da50..2f8b203 100644 +index e83a738..8b323fa 100644 --- a/include/linux/i2c.h +++ b/include/linux/i2c.h @@ -409,6 +409,7 @@ struct i2c_algorithm { @@ -91206,10 +91580,10 @@ index f17da50..2f8b203 100644 /** * struct i2c_bus_recovery_info - I2C bus recovery information diff --git a/include/linux/if_pppox.h b/include/linux/if_pppox.h -index aff7ad8..3942bbd 100644 +index 66a7d76..5e68d20 100644 --- a/include/linux/if_pppox.h +++ b/include/linux/if_pppox.h -@@ -76,7 +76,7 @@ struct pppox_proto { +@@ -78,7 +78,7 @@ struct pppox_proto { int (*ioctl)(struct socket *sock, unsigned int cmd, unsigned long arg); struct module *owner; @@ -91219,7 +91593,7 @@ index aff7ad8..3942bbd 100644 extern int register_pppox_proto(int proto_num, const struct pppox_proto *pp); extern void unregister_pppox_proto(int proto_num); diff --git a/include/linux/init.h b/include/linux/init.h -index 2df8e8d..3e1280d 100644 +index 21b6d76..4a6775c 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -37,9 +37,17 @@ @@ -91276,10 +91650,10 @@ index 696d223..6d6b39f 100644 .files = &init_files, \ .signal = &init_signals, \ diff --git a/include/linux/interrupt.h b/include/linux/interrupt.h -index 2e88580..f6a99a0 100644 +index 950ae45..df6ac60 100644 --- a/include/linux/interrupt.h +++ b/include/linux/interrupt.h -@@ -420,8 +420,8 @@ extern const char * const softirq_to_name[NR_SOFTIRQS]; +@@ -432,8 +432,8 @@ extern const char * const softirq_to_name[NR_SOFTIRQS]; struct softirq_action { @@ -91290,7 +91664,7 @@ index 2e88580..f6a99a0 100644 asmlinkage void do_softirq(void); asmlinkage void __do_softirq(void); -@@ -435,7 +435,7 @@ static inline void do_softirq_own_stack(void) +@@ -447,7 +447,7 @@ static inline void do_softirq_own_stack(void) } #endif @@ -91300,10 +91674,10 @@ index 2e88580..f6a99a0 100644 extern void __raise_softirq_irqoff(unsigned int nr); diff --git a/include/linux/iommu.h b/include/linux/iommu.h -index 38daa45..4de4317 100644 +index 0546b87..46fd5b6 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h -@@ -147,7 +147,7 @@ struct iommu_ops { +@@ -174,7 +174,7 @@ struct iommu_ops { unsigned long pgsize_bitmap; void *priv; @@ -91312,8 +91686,17 @@ index 38daa45..4de4317 100644 #define IOMMU_GROUP_NOTIFY_ADD_DEVICE 1 /* Device added */ #define IOMMU_GROUP_NOTIFY_DEL_DEVICE 2 /* Pre Device removed */ +@@ -234,7 +234,7 @@ extern int iommu_domain_set_attr(struct iommu_domain *domain, enum iommu_attr, + void *data); + struct device *iommu_device_create(struct device *parent, void *drvdata, + const struct attribute_group **groups, +- const char *fmt, ...); ++ const char *fmt, ...) __printf(4, 5); + void iommu_device_destroy(struct device *dev); + int iommu_device_link(struct device *dev, struct device *link); + void iommu_device_unlink(struct device *dev, struct device *link); diff --git a/include/linux/ioport.h b/include/linux/ioport.h -index 2c525022..345b106 100644 +index 388e3ae..d7e45a1 100644 --- a/include/linux/ioport.h +++ b/include/linux/ioport.h @@ -161,7 +161,7 @@ struct resource *lookup_resource(struct resource *root, resource_size_t start); @@ -91339,11 +91722,11 @@ index 1eee6bc..9cf4912 100644 extern struct ipc_namespace init_ipc_ns; extern atomic_t nr_ipc_ns; diff --git a/include/linux/irq.h b/include/linux/irq.h -index d09ec7a..f373eb5 100644 +index 62c6901..827f8f6 100644 --- a/include/linux/irq.h +++ b/include/linux/irq.h -@@ -364,7 +364,8 @@ struct irq_chip { - void (*irq_write_msi_msg)(struct irq_data *data, struct msi_msg *msg); +@@ -370,7 +370,8 @@ struct irq_chip { + int (*irq_set_irqchip_state)(struct irq_data *data, enum irqchip_irq_state which, bool state); unsigned long flags; -}; @@ -91352,19 +91735,6 @@ index d09ec7a..f373eb5 100644 /* * irq_chip specific flags -diff --git a/include/linux/irqchip/arm-gic.h b/include/linux/irqchip/arm-gic.h -index 71d706d..817cdec 100644 ---- a/include/linux/irqchip/arm-gic.h -+++ b/include/linux/irqchip/arm-gic.h -@@ -95,7 +95,7 @@ - - struct device_node; - --extern struct irq_chip gic_arch_extn; -+extern irq_chip_no_const gic_arch_extn; - - void gic_init_bases(unsigned int, int, void __iomem *, void __iomem *, - u32 offset, struct device_node *); diff --git a/include/linux/irqdesc.h b/include/linux/irqdesc.h index dd1109f..4f4fdda 100644 --- a/include/linux/irqdesc.h @@ -91459,10 +91829,10 @@ index 6883e19..e854fcb 100644 /* This macro allows us to keep printk typechecking */ static __printf(1, 2) diff --git a/include/linux/kernel.h b/include/linux/kernel.h -index d6d630d..feea1f5 100644 +index 3a5b48e..240107b 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h -@@ -378,7 +378,7 @@ static inline int __must_check kstrtos32_from_user(const char __user *s, size_t +@@ -390,7 +390,7 @@ static inline int __must_check kstrtos32_from_user(const char __user *s, size_t /* Obsolete, do not use. Use kstrto<foo> instead */ extern unsigned long simple_strtoul(const char *,char **,unsigned int); @@ -91471,6 +91841,38 @@ index d6d630d..feea1f5 100644 extern unsigned long long simple_strtoull(const char *,char **,unsigned int); extern long long simple_strtoll(const char *,char **,unsigned int); +@@ -410,7 +410,8 @@ extern __printf(3, 0) + int vscnprintf(char *buf, size_t size, const char *fmt, va_list args); + extern __printf(2, 3) + char *kasprintf(gfp_t gfp, const char *fmt, ...); +-extern char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); ++extern __printf(2, 0) ++char *kvasprintf(gfp_t gfp, const char *fmt, va_list args); + + extern __scanf(2, 3) + int sscanf(const char *, const char *, ...); +@@ -681,10 +682,10 @@ do { \ + __ftrace_vprintk(_THIS_IP_, fmt, vargs); \ + } while (0) + +-extern int ++extern __printf(2, 0) int + __ftrace_vbprintk(unsigned long ip, const char *fmt, va_list ap); + +-extern int ++extern __printf(2, 0) int + __ftrace_vprintk(unsigned long ip, const char *fmt, va_list ap); + + extern void ftrace_dump(enum ftrace_dump_mode oops_dump_mode); +@@ -704,7 +705,7 @@ int trace_printk(const char *fmt, ...) + { + return 0; + } +-static inline int ++static __printf(1, 0) inline int + ftrace_vprintk(const char *fmt, va_list ap) + { + return 0; diff --git a/include/linux/key-type.h b/include/linux/key-type.h index ff9f1d3..6712be5 100644 --- a/include/linux/key-type.h @@ -91516,7 +91918,7 @@ index e465bb1..19f605fd 100644 extern struct kgdb_arch arch_kgdb_ops; diff --git a/include/linux/kmemleak.h b/include/linux/kmemleak.h -index e705467..a92471d 100644 +index d0a1f99..0bd8b7c 100644 --- a/include/linux/kmemleak.h +++ b/include/linux/kmemleak.h @@ -27,7 +27,7 @@ @@ -91525,10 +91927,10 @@ index e705467..a92471d 100644 extern void kmemleak_alloc(const void *ptr, size_t size, int min_count, - gfp_t gfp) __ref; + gfp_t gfp) __ref __size_overflow(2); - extern void kmemleak_alloc_percpu(const void __percpu *ptr, size_t size) __ref; + extern void kmemleak_alloc_percpu(const void __percpu *ptr, size_t size, + gfp_t gfp) __ref; extern void kmemleak_free(const void *ptr) __ref; - extern void kmemleak_free_part(const void *ptr, size_t size) __ref; -@@ -62,7 +62,7 @@ static inline void kmemleak_erase(void **ptr) +@@ -63,7 +63,7 @@ static inline void kmemleak_erase(void **ptr) static inline void kmemleak_init(void) { } @@ -91561,10 +91963,22 @@ index 0555cc6..40116ce 100644 char **envp; int wait; diff --git a/include/linux/kobject.h b/include/linux/kobject.h -index 2d61b90..a1d0a13 100644 +index 2d61b90..3d69945 100644 --- a/include/linux/kobject.h +++ b/include/linux/kobject.h -@@ -118,7 +118,7 @@ struct kobj_type { +@@ -80,8 +80,9 @@ struct kobject { + + extern __printf(2, 3) + int kobject_set_name(struct kobject *kobj, const char *name, ...); +-extern int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, +- va_list vargs); ++extern __printf(2, 0) ++int kobject_set_name_vargs(struct kobject *kobj, const char *fmt, ++ va_list vargs); + + static inline const char *kobject_name(const struct kobject *kobj) + { +@@ -118,7 +119,7 @@ struct kobj_type { struct attribute **default_attrs; const struct kobj_ns_type_operations *(*child_ns_type)(struct kobject *kobj); const void *(*namespace)(struct kobject *kobj); @@ -91573,7 +91987,7 @@ index 2d61b90..a1d0a13 100644 struct kobj_uevent_env { char *argv[3]; -@@ -142,6 +142,7 @@ struct kobj_attribute { +@@ -142,6 +143,7 @@ struct kobj_attribute { ssize_t (*store)(struct kobject *kobj, struct kobj_attribute *attr, const char *buf, size_t count); }; @@ -91581,7 +91995,7 @@ index 2d61b90..a1d0a13 100644 extern const struct sysfs_ops kobj_sysfs_ops; -@@ -169,7 +170,7 @@ struct kset { +@@ -169,7 +171,7 @@ struct kset { spinlock_t list_lock; struct kobject kobj; const struct kset_uevent_ops *uevent_ops; @@ -91617,7 +92031,7 @@ index 484604d..0f6c5b6 100644 if (atomic_sub_and_test((int) count, &kref->refcount)) { release(kref); diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h -index d12b210..d91fd76 100644 +index ad45054..7c54663 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -455,7 +455,7 @@ static inline void kvm_irqfd_exit(void) @@ -91639,10 +92053,10 @@ index d12b210..d91fd76 100644 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); diff --git a/include/linux/libata.h b/include/linux/libata.h -index f8994b4..c1dec7a 100644 +index 28aeae4..320b3bf6 100644 --- a/include/linux/libata.h +++ b/include/linux/libata.h -@@ -989,7 +989,7 @@ struct ata_port_operations { +@@ -988,7 +988,7 @@ struct ata_port_operations { * fields must be pointers. */ const struct ata_port_operations *inherits; @@ -91816,7 +92230,7 @@ index 3d385c8..deacb6a 100644 static inline int vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst) diff --git a/include/linux/mm.h b/include/linux/mm.h -index 47a9392..ef645bc 100644 +index 0755b9f..2960e96 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -135,6 +135,11 @@ extern unsigned int kobjsize(const void *objp); @@ -91831,7 +92245,7 @@ index 47a9392..ef645bc 100644 #define VM_ACCOUNT 0x00100000 /* Is a VM accounted object */ #define VM_NORESERVE 0x00200000 /* should the VM suppress accounting */ #define VM_HUGETLB 0x00400000 /* Huge TLB Page VM */ -@@ -254,8 +259,8 @@ struct vm_operations_struct { +@@ -257,8 +262,8 @@ struct vm_operations_struct { /* called by access_process_vm when get_user_pages() fails, typically * for use by special VMAs that can switch between memory and hardware */ @@ -91842,7 +92256,7 @@ index 47a9392..ef645bc 100644 /* Called by the /proc/PID/maps code to ask the vma whether it * has a special name. Returning non-NULL will also cause this -@@ -293,6 +298,7 @@ struct vm_operations_struct { +@@ -296,6 +301,7 @@ struct vm_operations_struct { struct page *(*find_special_page)(struct vm_area_struct *vma, unsigned long addr); }; @@ -91850,7 +92264,7 @@ index 47a9392..ef645bc 100644 struct mmu_gather; struct inode; -@@ -1213,8 +1219,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, +@@ -1131,8 +1137,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, unsigned long *pfn); int follow_phys(struct vm_area_struct *vma, unsigned long address, unsigned int flags, unsigned long *prot, resource_size_t *phys); @@ -91861,7 +92275,7 @@ index 47a9392..ef645bc 100644 static inline void unmap_shared_mapping_range(struct address_space *mapping, loff_t const holebegin, loff_t const holelen) -@@ -1254,9 +1260,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, +@@ -1172,9 +1178,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, } #endif @@ -91874,8 +92288,8 @@ index 47a9392..ef645bc 100644 long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, unsigned long start, unsigned long nr_pages, -@@ -1299,34 +1305,6 @@ int set_page_dirty_lock(struct page *page); - int clear_page_dirty_for_io(struct page *page); +@@ -1219,34 +1225,6 @@ int clear_page_dirty_for_io(struct page *page); + int get_cmdline(struct task_struct *task, char *buffer, int buflen); -/* Is the vma a continuation of the stack vma above it? */ @@ -91909,7 +92323,7 @@ index 47a9392..ef645bc 100644 extern struct task_struct *task_of_stack(struct task_struct *task, struct vm_area_struct *vma, bool in_group); -@@ -1449,8 +1427,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, +@@ -1369,8 +1347,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, { return 0; } @@ -91925,7 +92339,7 @@ index 47a9392..ef645bc 100644 #endif #if defined(__PAGETABLE_PMD_FOLDED) || !defined(CONFIG_MMU) -@@ -1460,6 +1445,12 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, +@@ -1380,6 +1365,12 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, return 0; } @@ -91938,7 +92352,7 @@ index 47a9392..ef645bc 100644 static inline void mm_nr_pmds_init(struct mm_struct *mm) {} static inline unsigned long mm_nr_pmds(struct mm_struct *mm) -@@ -1472,6 +1463,7 @@ static inline void mm_dec_nr_pmds(struct mm_struct *mm) {} +@@ -1392,6 +1383,7 @@ static inline void mm_dec_nr_pmds(struct mm_struct *mm) {} #else int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address); @@ -91946,7 +92360,7 @@ index 47a9392..ef645bc 100644 static inline void mm_nr_pmds_init(struct mm_struct *mm) { -@@ -1509,11 +1501,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a +@@ -1429,11 +1421,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a NULL: pud_offset(pgd, address); } @@ -91970,7 +92384,7 @@ index 47a9392..ef645bc 100644 #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ #if USE_SPLIT_PTE_PTLOCKS -@@ -1890,12 +1894,23 @@ extern struct vm_area_struct *copy_vma(struct vm_area_struct **, +@@ -1810,12 +1814,23 @@ extern struct vm_area_struct *copy_vma(struct vm_area_struct **, bool *need_rmap_locks); extern void exit_mmap(struct mm_struct *); @@ -91994,7 +92408,7 @@ index 47a9392..ef645bc 100644 if (rlim < RLIM_INFINITY) { if (((new - start) + (end_data - start_data)) > rlim) return -ENOSPC; -@@ -1920,7 +1935,7 @@ extern int install_special_mapping(struct mm_struct *mm, +@@ -1840,7 +1855,7 @@ extern int install_special_mapping(struct mm_struct *mm, unsigned long addr, unsigned long len, unsigned long flags, struct page **pages); @@ -92003,7 +92417,7 @@ index 47a9392..ef645bc 100644 extern unsigned long mmap_region(struct file *file, unsigned long addr, unsigned long len, vm_flags_t vm_flags, unsigned long pgoff); -@@ -1928,6 +1943,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1848,6 +1863,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long pgoff, unsigned long *populate); extern int do_munmap(struct mm_struct *, unsigned long, size_t); @@ -92011,7 +92425,7 @@ index 47a9392..ef645bc 100644 #ifdef CONFIG_MMU extern int __mm_populate(unsigned long addr, unsigned long len, -@@ -1956,10 +1972,11 @@ struct vm_unmapped_area_info { +@@ -1876,10 +1892,11 @@ struct vm_unmapped_area_info { unsigned long high_limit; unsigned long align_mask; unsigned long align_offset; @@ -92025,16 +92439,16 @@ index 47a9392..ef645bc 100644 /* * Search for an unmapped address range. -@@ -1971,7 +1988,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); +@@ -1891,7 +1908,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); * - satisfies (begin_addr & align_mask) == (align_offset & align_mask) */ static inline unsigned long -vm_unmapped_area(struct vm_unmapped_area_info *info) +vm_unmapped_area(const struct vm_unmapped_area_info *info) { - if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN)) - return unmapped_area(info); -@@ -2033,6 +2050,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add + if (info->flags & VM_UNMAPPED_AREA_TOPDOWN) + return unmapped_area_topdown(info); +@@ -1953,6 +1970,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, struct vm_area_struct **pprev); @@ -92045,7 +92459,7 @@ index 47a9392..ef645bc 100644 /* Look up the first VMA which intersects the interval start_addr..end_addr-1, NULL if none. Assume start_addr < end_addr. */ static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) -@@ -2062,10 +2083,10 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, +@@ -1982,10 +2003,10 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, } #ifdef CONFIG_MMU @@ -92058,7 +92472,7 @@ index 47a9392..ef645bc 100644 { return __pgprot(0); } -@@ -2127,6 +2148,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); +@@ -2047,6 +2068,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); static inline void vm_stat_account(struct mm_struct *mm, unsigned long flags, struct file *file, long pages) { @@ -92070,7 +92484,7 @@ index 47a9392..ef645bc 100644 mm->total_vm += pages; } #endif /* CONFIG_PROC_FS */ -@@ -2229,7 +2255,7 @@ extern int unpoison_memory(unsigned long pfn); +@@ -2149,7 +2175,7 @@ extern int unpoison_memory(unsigned long pfn); extern int sysctl_memory_failure_early_kill; extern int sysctl_memory_failure_recovery; extern void shake_page(struct page *p, int access); @@ -92079,7 +92493,7 @@ index 47a9392..ef645bc 100644 extern int soft_offline_page(struct page *page, int flags); #if defined(CONFIG_TRANSPARENT_HUGEPAGE) || defined(CONFIG_HUGETLBFS) -@@ -2280,5 +2306,11 @@ void __init setup_nr_node_ids(void); +@@ -2200,5 +2226,11 @@ void __init setup_nr_node_ids(void); static inline void setup_nr_node_ids(void) {} #endif @@ -92092,7 +92506,7 @@ index 47a9392..ef645bc 100644 #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */ diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h -index 199a03a..7328440 100644 +index 8d37e26..6a6f55b 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -313,7 +313,9 @@ struct vm_area_struct { @@ -92106,7 +92520,7 @@ index 199a03a..7328440 100644 struct core_thread { struct task_struct *task; -@@ -464,7 +466,25 @@ struct mm_struct { +@@ -466,7 +468,25 @@ struct mm_struct { /* address of the bounds directory */ void __user *bd_addr; #endif @@ -92133,21 +92547,8 @@ index 199a03a..7328440 100644 static inline void mm_init_cpumask(struct mm_struct *mm) { -diff --git a/include/linux/mmc/core.h b/include/linux/mmc/core.h -index 160448f..7b332b7 100644 ---- a/include/linux/mmc/core.h -+++ b/include/linux/mmc/core.h -@@ -79,7 +79,7 @@ struct mmc_command { - #define mmc_cmd_type(cmd) ((cmd)->flags & MMC_CMD_MASK) - - unsigned int retries; /* max number of retries */ -- unsigned int error; /* command error */ -+ int error; /* command error */ - - /* - * Standard errno values are used for errors, but some have specific diff --git a/include/linux/mmiotrace.h b/include/linux/mmiotrace.h -index c5d5278..f0b68c8 100644 +index c5d5278..85cd5ce 100644 --- a/include/linux/mmiotrace.h +++ b/include/linux/mmiotrace.h @@ -46,7 +46,7 @@ extern int kmmio_handler(struct pt_regs *regs, unsigned long addr); @@ -92168,8 +92569,16 @@ index c5d5278..f0b68c8 100644 { } +@@ -106,6 +106,6 @@ extern void enable_mmiotrace(void); + extern void disable_mmiotrace(void); + extern void mmio_trace_rw(struct mmiotrace_rw *rw); + extern void mmio_trace_mapping(struct mmiotrace_map *map); +-extern int mmio_trace_printk(const char *fmt, va_list args); ++extern __printf(1, 0) int mmio_trace_printk(const char *fmt, va_list args); + + #endif /* _LINUX_MMIOTRACE_H */ diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h -index 2782df4..abe756e 100644 +index 54d74f6..0728424 100644 --- a/include/linux/mmzone.h +++ b/include/linux/mmzone.h @@ -526,7 +526,7 @@ struct zone { @@ -92182,7 +92591,7 @@ index 2782df4..abe756e 100644 enum zone_flags { diff --git a/include/linux/mod_devicetable.h b/include/linux/mod_devicetable.h -index e530533..c9620c7 100644 +index 3bfd567..72e7d8f 100644 --- a/include/linux/mod_devicetable.h +++ b/include/linux/mod_devicetable.h @@ -139,7 +139,7 @@ struct usb_device_id { @@ -92204,7 +92613,7 @@ index e530533..c9620c7 100644 * struct dmi_device_id appears during expansion of * "MODULE_DEVICE_TABLE(dmi, x)". Compiler doesn't look inside it diff --git a/include/linux/module.h b/include/linux/module.h -index b03485b..a26974f 100644 +index c883b86..516812e 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -17,9 +17,11 @@ @@ -92276,10 +92685,10 @@ index b03485b..a26974f 100644 /* Arch-specific module values */ struct mod_arch_specific arch; -@@ -338,6 +338,10 @@ struct module { - #ifdef CONFIG_EVENT_TRACING - struct ftrace_event_call **trace_events; +@@ -340,6 +340,10 @@ struct module { unsigned int num_trace_events; + struct trace_enum_map **trace_enums; + unsigned int num_trace_enums; + struct file_operations trace_id; + struct file_operations trace_enable; + struct file_operations trace_format; @@ -92287,7 +92696,7 @@ index b03485b..a26974f 100644 #endif #ifdef CONFIG_FTRACE_MCOUNT_RECORD unsigned int num_ftrace_callsites; -@@ -365,7 +369,7 @@ struct module { +@@ -367,7 +371,7 @@ struct module { ctor_fn_t *ctors; unsigned int num_ctors; #endif @@ -92296,7 +92705,7 @@ index b03485b..a26974f 100644 #ifndef MODULE_ARCH_INIT #define MODULE_ARCH_INIT {} #endif -@@ -386,18 +390,48 @@ bool is_module_address(unsigned long addr); +@@ -388,18 +392,48 @@ bool is_module_address(unsigned long addr); bool is_module_percpu_address(unsigned long addr); bool is_module_text_address(unsigned long addr); @@ -92420,7 +92829,7 @@ index 1c9effa..1160bdd 100644 .ops = ¶m_ops_##type, \ .elemsize = sizeof(array[0]), .elem = array }; \ diff --git a/include/linux/mount.h b/include/linux/mount.h -index 564beee..653be6f 100644 +index f822c3c..958ca0a 100644 --- a/include/linux/mount.h +++ b/include/linux/mount.h @@ -67,7 +67,7 @@ struct vfsmount { @@ -92448,10 +92857,10 @@ index c899077..b9a2010 100644 static inline void nd_terminate_link(void *name, size_t len, size_t maxlen) { diff --git a/include/linux/net.h b/include/linux/net.h -index 17d8339..81656c0 100644 +index 738ea48..409dc09 100644 --- a/include/linux/net.h +++ b/include/linux/net.h -@@ -192,7 +192,7 @@ struct net_proto_family { +@@ -190,7 +190,7 @@ struct net_proto_family { int (*create)(struct net *net, struct socket *sock, int protocol, int kern); struct module *owner; @@ -92461,18 +92870,27 @@ index 17d8339..81656c0 100644 struct iovec; struct kvec; diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h -index 2787388..1dd8e88 100644 +index 05b9a69..4d7e300 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h -@@ -1198,6 +1198,7 @@ struct net_device_ops { - u8 state); - #endif +@@ -1208,6 +1208,7 @@ struct net_device_ops { + u32 maxrate); + int (*ndo_get_iflink)(const struct net_device *dev); }; +typedef struct net_device_ops __no_const net_device_ops_no_const; /** * enum net_device_priv_flags - &struct net_device priv_flags -@@ -1546,10 +1547,10 @@ struct net_device { +@@ -1515,7 +1516,7 @@ struct net_device { + unsigned long base_addr; + int irq; + +- atomic_t carrier_changes; ++ atomic_unchecked_t carrier_changes; + + /* + * Some hardware also needs these fields (state,dev_list, +@@ -1554,8 +1555,8 @@ struct net_device { struct net_device_stats stats; @@ -92481,16 +92899,13 @@ index 2787388..1dd8e88 100644 + atomic_long_unchecked_t rx_dropped; + atomic_long_unchecked_t tx_dropped; -- atomic_t carrier_changes; -+ atomic_unchecked_t carrier_changes; - #ifdef CONFIG_WIRELESS_EXT const struct iw_handler_def * wireless_handlers; diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h -index 2517ece..0bbfcfb 100644 +index 63560d0..64aba5c 100644 --- a/include/linux/netfilter.h +++ b/include/linux/netfilter.h -@@ -85,7 +85,7 @@ struct nf_sockopt_ops { +@@ -113,7 +113,7 @@ struct nf_sockopt_ops { #endif /* Use the module struct to lock set/get code in place */ struct module *owner; @@ -92641,10 +93056,10 @@ index caebf2a..4c3ae9d 100644 /* diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h -index 2b62198..2b74233 100644 +index d8a82a8..8b580f0 100644 --- a/include/linux/perf_event.h +++ b/include/linux/perf_event.h -@@ -343,8 +343,8 @@ struct perf_event { +@@ -379,8 +379,8 @@ struct perf_event { enum perf_event_active_state state; unsigned int attach_state; @@ -92655,7 +93070,7 @@ index 2b62198..2b74233 100644 /* * These are the total time in nanoseconds that the event -@@ -395,8 +395,8 @@ struct perf_event { +@@ -431,8 +431,8 @@ struct perf_event { * These accumulate total time (in nanoseconds) that children * events have been enabled and running, respectively. */ @@ -92666,7 +93081,16 @@ index 2b62198..2b74233 100644 /* * Protect attach/detach and child_list: -@@ -752,7 +752,7 @@ static inline void perf_callchain_store(struct perf_callchain_entry *entry, u64 +@@ -812,7 +812,7 @@ static inline void perf_event_task_sched_out(struct task_struct *prev, + + static inline u64 __perf_event_count(struct perf_event *event) + { +- return local64_read(&event->count) + atomic64_read(&event->child_count); ++ return local64_read(&event->count) + atomic64_read_unchecked(&event->child_count); + } + + extern void perf_event_mmap(struct vm_area_struct *vma); +@@ -836,7 +836,7 @@ static inline void perf_callchain_store(struct perf_callchain_entry *entry, u64 entry->ip[entry->nr++] = ip; } @@ -92675,7 +93099,7 @@ index 2b62198..2b74233 100644 extern int sysctl_perf_event_mlock; extern int sysctl_perf_event_sample_rate; extern int sysctl_perf_cpu_time_max_percent; -@@ -767,19 +767,24 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, +@@ -851,19 +851,24 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, loff_t *ppos); @@ -92703,7 +93127,7 @@ index 2b62198..2b74233 100644 } extern void perf_event_init(void); -@@ -912,7 +917,7 @@ struct perf_pmu_events_attr { +@@ -1017,7 +1022,7 @@ struct perf_pmu_events_attr { struct device_attribute attr; u64 id; const char *event_str; @@ -92745,19 +93169,19 @@ index eb8b8ac..62649e1 100644 unsigned int w_counter; struct page *tmp_page; diff --git a/include/linux/pm.h b/include/linux/pm.h -index e2f1be6..78a0506 100644 +index 2d29c64..1b25b2a 100644 --- a/include/linux/pm.h +++ b/include/linux/pm.h -@@ -608,6 +608,7 @@ struct dev_pm_domain { - struct dev_pm_ops ops; - void (*detach)(struct device *dev, bool power_off); +@@ -616,6 +616,7 @@ struct dev_pm_domain { + void (*sync)(struct device *dev); + void (*dismiss)(struct device *dev); }; +typedef struct dev_pm_domain __no_const dev_pm_domain_no_const; /* * The PM_EVENT_ messages are also used by drivers implementing the legacy diff --git a/include/linux/pm_domain.h b/include/linux/pm_domain.h -index 080e778..cbdaef7 100644 +index 681ccb0..a90e0b7 100644 --- a/include/linux/pm_domain.h +++ b/include/linux/pm_domain.h @@ -39,11 +39,11 @@ struct gpd_dev_ops { @@ -92788,7 +93212,7 @@ index 30e84d4..22278b4 100644 static inline bool pm_runtime_is_irq_safe(struct device *dev) diff --git a/include/linux/pnp.h b/include/linux/pnp.h -index 6512e9c..ec27fa2 100644 +index 5df733b..d55f252 100644 --- a/include/linux/pnp.h +++ b/include/linux/pnp.h @@ -298,7 +298,7 @@ static inline void pnp_set_drvdata(struct pnp_dev *pdev, void *data) @@ -92914,13 +93338,15 @@ index de83b4e..c4b997d 100644 #define preempt_set_need_resched() \ do { \ diff --git a/include/linux/printk.h b/include/linux/printk.h -index baa3f97..168cff1 100644 +index 9b30871..1aebc2d 100644 --- a/include/linux/printk.h +++ b/include/linux/printk.h -@@ -121,6 +121,7 @@ void early_printk(const char *s, ...) { } +@@ -120,7 +120,8 @@ static inline __printf(1, 2) __cold + void early_printk(const char *s, ...) { } #endif - typedef int(*printk_func_t)(const char *fmt, va_list args); +-typedef int(*printk_func_t)(const char *fmt, va_list args); ++typedef __printf(1, 0) int (*printk_func_t)(const char *fmt, va_list args); +extern int kptr_restrict; #ifdef CONFIG_PRINTK @@ -92933,6 +93359,24 @@ index baa3f97..168cff1 100644 extern void wake_up_klogd(void); +@@ -164,7 +164,7 @@ char *log_buf_addr_get(void); + u32 log_buf_len_get(void); + void log_buf_kexec_setup(void); + void __init setup_log_buf(int early); +-void dump_stack_set_arch_desc(const char *fmt, ...); ++__printf(1, 2) void dump_stack_set_arch_desc(const char *fmt, ...); + void dump_stack_print_info(const char *log_lvl); + void show_regs_print_info(const char *log_lvl); + #else +@@ -215,7 +215,7 @@ static inline void setup_log_buf(int early) + { + } + +-static inline void dump_stack_set_arch_desc(const char *fmt, ...) ++static inline __printf(1, 2) void dump_stack_set_arch_desc(const char *fmt, ...) + { + } + diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h index b97bf2e..f14c92d4 100644 --- a/include/linux/proc_fs.h @@ -93005,10 +93449,10 @@ index 42dfc61..8113a99 100644 extern const struct proc_ns_operations netns_operations; extern const struct proc_ns_operations utsns_operations; diff --git a/include/linux/quota.h b/include/linux/quota.h -index d534e8e..782e604 100644 +index b2505ac..5f7ab55 100644 --- a/include/linux/quota.h +++ b/include/linux/quota.h -@@ -75,7 +75,7 @@ struct kqid { /* Type in which we store the quota identifier */ +@@ -76,7 +76,7 @@ struct kqid { /* Type in which we store the quota identifier */ extern bool qid_eq(struct kqid left, struct kqid right); extern bool qid_lt(struct kqid left, struct kqid right); @@ -93152,10 +93596,10 @@ index a18b16f..2683096 100644 * hlist_del_init_rcu - deletes entry from hash list with re-initialization * @n: the element to delete from the hash list. diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h -index 7809749..1cd9315 100644 +index 573a5af..de97a14 100644 --- a/include/linux/rcupdate.h +++ b/include/linux/rcupdate.h -@@ -333,7 +333,7 @@ extern struct srcu_struct tasks_rcu_exit_srcu; +@@ -365,7 +365,7 @@ extern struct srcu_struct tasks_rcu_exit_srcu; do { \ rcu_all_qs(); \ if (ACCESS_ONCE((t)->rcu_tasks_holdout)) \ @@ -93165,7 +93609,7 @@ index 7809749..1cd9315 100644 #else /* #ifdef CONFIG_TASKS_RCU */ #define TASKS_RCU(x) do { } while (0) diff --git a/include/linux/reboot.h b/include/linux/reboot.h -index 67fc8fc..a90f7d8 100644 +index a7ff409..03e2fa8 100644 --- a/include/linux/reboot.h +++ b/include/linux/reboot.h @@ -47,9 +47,9 @@ extern void do_kernel_restart(char *cmd); @@ -93194,7 +93638,7 @@ index 67fc8fc..a90f7d8 100644 extern int C_A_D; /* for sysctl */ void ctrl_alt_del(void); -@@ -76,7 +76,7 @@ extern int orderly_poweroff(bool force); +@@ -77,7 +77,7 @@ extern void orderly_reboot(void); * Emergency restart, callable from an interrupt handler. */ @@ -93244,10 +93688,10 @@ index 6bda06f..bf39a9b 100644 #define RIO_RESOURCE_MEM 0x00000100 #define RIO_RESOURCE_DOORBELL 0x00000200 diff --git a/include/linux/rmap.h b/include/linux/rmap.h -index c4c559a..6ba9a26 100644 +index c89c53a..aa0a65a 100644 --- a/include/linux/rmap.h +++ b/include/linux/rmap.h -@@ -154,8 +154,8 @@ static inline void anon_vma_unlock_read(struct anon_vma *anon_vma) +@@ -146,8 +146,8 @@ static inline void anon_vma_unlock_read(struct anon_vma *anon_vma) void anon_vma_init(void); /* create anon_vma_cachep */ int anon_vma_prepare(struct vm_area_struct *); void unlink_anon_vmas(struct vm_area_struct *); @@ -93291,10 +93735,10 @@ index ed8f9e70..2e627f2 100644 /* diff --git a/include/linux/sched.h b/include/linux/sched.h -index 51348f7..8c8b0ba 100644 +index 26a2e61..36bbf4b 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h -@@ -133,6 +133,7 @@ struct fs_struct; +@@ -132,6 +132,7 @@ struct fs_struct; struct perf_event_context; struct blk_plug; struct filename; @@ -93302,7 +93746,7 @@ index 51348f7..8c8b0ba 100644 #define VMACACHE_BITS 2 #define VMACACHE_SIZE (1U << VMACACHE_BITS) -@@ -420,7 +421,7 @@ extern char __sched_text_start[], __sched_text_end[]; +@@ -413,7 +414,7 @@ extern char __sched_text_start[], __sched_text_end[]; extern int in_sched_functions(unsigned long addr); #define MAX_SCHEDULE_TIMEOUT LONG_MAX @@ -93311,7 +93755,7 @@ index 51348f7..8c8b0ba 100644 extern signed long schedule_timeout_interruptible(signed long timeout); extern signed long schedule_timeout_killable(signed long timeout); extern signed long schedule_timeout_uninterruptible(signed long timeout); -@@ -438,6 +439,19 @@ struct nsproxy; +@@ -431,6 +432,19 @@ struct nsproxy; struct user_namespace; #ifdef CONFIG_MMU @@ -93331,7 +93775,7 @@ index 51348f7..8c8b0ba 100644 extern void arch_pick_mmap_layout(struct mm_struct *mm); extern unsigned long arch_get_unmapped_area(struct file *, unsigned long, unsigned long, -@@ -736,6 +750,17 @@ struct signal_struct { +@@ -729,6 +743,17 @@ struct signal_struct { #ifdef CONFIG_TASKSTATS struct taskstats *stats; #endif @@ -93349,7 +93793,7 @@ index 51348f7..8c8b0ba 100644 #ifdef CONFIG_AUDIT unsigned audit_tty; unsigned audit_tty_log_passwd; -@@ -762,7 +787,7 @@ struct signal_struct { +@@ -755,7 +780,7 @@ struct signal_struct { struct mutex cred_guard_mutex; /* guard against foreign influences on * credential calculations * (notably. ptrace) */ @@ -93358,7 +93802,7 @@ index 51348f7..8c8b0ba 100644 /* * Bits in flags field of signal_struct. -@@ -815,6 +840,14 @@ struct user_struct { +@@ -808,6 +833,14 @@ struct user_struct { struct key *session_keyring; /* UID's default session keyring */ #endif @@ -93373,7 +93817,7 @@ index 51348f7..8c8b0ba 100644 /* Hash table maintenance information */ struct hlist_node uidhash_node; kuid_t uid; -@@ -822,7 +855,7 @@ struct user_struct { +@@ -815,7 +848,7 @@ struct user_struct { #ifdef CONFIG_PERF_EVENTS atomic_long_t locked_vm; #endif @@ -93382,7 +93826,7 @@ index 51348f7..8c8b0ba 100644 extern int uids_sysfs_init(void); -@@ -1286,6 +1319,9 @@ enum perf_event_task_context { +@@ -1292,6 +1325,9 @@ enum perf_event_task_context { struct task_struct { volatile long state; /* -1 unrunnable, 0 runnable, >0 stopped */ void *stack; @@ -93392,7 +93836,7 @@ index 51348f7..8c8b0ba 100644 atomic_t usage; unsigned int flags; /* per process flags, defined below */ unsigned int ptrace; -@@ -1419,8 +1455,8 @@ struct task_struct { +@@ -1425,8 +1461,8 @@ struct task_struct { struct list_head thread_node; struct completion *vfork_done; /* for vfork() */ @@ -93403,7 +93847,7 @@ index 51348f7..8c8b0ba 100644 cputime_t utime, stime, utimescaled, stimescaled; cputime_t gtime; -@@ -1445,11 +1481,6 @@ struct task_struct { +@@ -1451,11 +1487,6 @@ struct task_struct { struct task_cputime cputime_expires; struct list_head cpu_timers[3]; @@ -93415,7 +93859,7 @@ index 51348f7..8c8b0ba 100644 char comm[TASK_COMM_LEN]; /* executable name excluding path - access with [gs]et_task_comm (which lock it with task_lock()) -@@ -1467,6 +1498,10 @@ struct task_struct { +@@ -1473,6 +1504,10 @@ struct task_struct { #endif /* CPU-specific state of this task */ struct thread_struct thread; @@ -93426,7 +93870,7 @@ index 51348f7..8c8b0ba 100644 /* filesystem information */ struct fs_struct *fs; /* open file information */ -@@ -1541,6 +1576,10 @@ struct task_struct { +@@ -1547,6 +1582,10 @@ struct task_struct { gfp_t lockdep_reclaim_gfp; #endif @@ -93437,7 +93881,7 @@ index 51348f7..8c8b0ba 100644 /* journalling filesystem info */ void *journal_info; -@@ -1579,6 +1618,10 @@ struct task_struct { +@@ -1585,6 +1624,10 @@ struct task_struct { /* cg_list protected by css_set_lock and tsk->alloc_lock */ struct list_head cg_list; #endif @@ -93448,7 +93892,7 @@ index 51348f7..8c8b0ba 100644 #ifdef CONFIG_FUTEX struct robust_list_head __user *robust_list; #ifdef CONFIG_COMPAT -@@ -1690,7 +1733,7 @@ struct task_struct { +@@ -1696,7 +1739,7 @@ struct task_struct { * Number of functions that haven't been traced * because of depth overrun. */ @@ -93457,7 +93901,7 @@ index 51348f7..8c8b0ba 100644 /* Pause for the tracing */ atomic_t tracing_graph_pause; #endif -@@ -1718,7 +1761,78 @@ struct task_struct { +@@ -1724,7 +1767,78 @@ struct task_struct { #ifdef CONFIG_DEBUG_ATOMIC_SLEEP unsigned long task_state_change; #endif @@ -93537,7 +93981,7 @@ index 51348f7..8c8b0ba 100644 /* Future-safe accessor for struct task_struct's cpus_allowed. */ #define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) -@@ -1801,7 +1915,7 @@ struct pid_namespace; +@@ -1807,7 +1921,7 @@ struct pid_namespace; pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type, struct pid_namespace *ns); @@ -93546,7 +93990,7 @@ index 51348f7..8c8b0ba 100644 { return tsk->pid; } -@@ -2169,6 +2283,25 @@ extern u64 sched_clock_cpu(int cpu); +@@ -2175,6 +2289,25 @@ extern u64 sched_clock_cpu(int cpu); extern void sched_clock_init(void); @@ -93572,8 +94016,8 @@ index 51348f7..8c8b0ba 100644 #ifndef CONFIG_HAVE_UNSTABLE_SCHED_CLOCK static inline void sched_clock_tick(void) { -@@ -2302,7 +2435,9 @@ void yield(void); - extern struct exec_domain default_exec_domain; +@@ -2303,7 +2436,9 @@ extern void set_curr_task(int cpu, struct task_struct *p); + void yield(void); union thread_union { +#ifndef CONFIG_X86 @@ -93582,7 +94026,7 @@ index 51348f7..8c8b0ba 100644 unsigned long stack[THREAD_SIZE/sizeof(long)]; }; -@@ -2335,6 +2470,7 @@ extern struct pid_namespace init_pid_ns; +@@ -2336,6 +2471,7 @@ extern struct pid_namespace init_pid_ns; */ extern struct task_struct *find_task_by_vpid(pid_t nr); @@ -93590,7 +94034,7 @@ index 51348f7..8c8b0ba 100644 extern struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns); -@@ -2499,7 +2635,7 @@ extern void __cleanup_sighand(struct sighand_struct *); +@@ -2500,7 +2636,7 @@ extern void __cleanup_sighand(struct sighand_struct *); extern void exit_itimers(struct signal_struct *); extern void flush_itimer_signals(void); @@ -93599,7 +94043,7 @@ index 51348f7..8c8b0ba 100644 extern int do_execve(struct filename *, const char __user * const __user *, -@@ -2720,9 +2856,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) +@@ -2721,9 +2857,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) #define task_stack_end_corrupted(task) \ (*(end_of_stack(task)) != STACK_END_MAGIC) @@ -93624,7 +94068,7 @@ index 596a0e0..bea77ec 100644 extern unsigned int sysctl_sched_latency; extern unsigned int sysctl_sched_min_granularity; diff --git a/include/linux/security.h b/include/linux/security.h -index a1b7dbd..036f47f 100644 +index 18264ea..e0238e4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -27,6 +27,7 @@ @@ -93644,7 +94088,7 @@ index a1b7dbd..036f47f 100644 #ifdef CONFIG_MMU extern unsigned long mmap_min_addr; extern unsigned long dac_mmap_min_addr; -@@ -1756,7 +1755,7 @@ struct security_operations { +@@ -1755,7 +1754,7 @@ struct security_operations { struct audit_context *actx); void (*audit_rule_free) (void *lsmrule); #endif /* CONFIG_AUDIT */ @@ -93733,10 +94177,10 @@ index ab1e039..ad4229e 100644 static inline void disallow_signal(int sig) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h -index bdccc4b..e9f8670 100644 +index f15154a..72cf02c 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h -@@ -771,7 +771,7 @@ struct sk_buff *__alloc_skb(unsigned int size, gfp_t priority, int flags, +@@ -776,7 +776,7 @@ struct sk_buff *__alloc_skb(unsigned int size, gfp_t priority, int flags, int node); struct sk_buff *__build_skb(void *data, unsigned int frag_size); struct sk_buff *build_skb(void *data, unsigned int frag_size); @@ -93745,7 +94189,7 @@ index bdccc4b..e9f8670 100644 gfp_t priority) { return __alloc_skb(size, priority, 0, NUMA_NO_NODE); -@@ -1967,7 +1967,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb) +@@ -1971,7 +1971,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb) return skb->inner_transport_header - skb->inner_network_header; } @@ -93754,7 +94198,7 @@ index bdccc4b..e9f8670 100644 { return skb_network_header(skb) - skb->data; } -@@ -2027,7 +2027,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) +@@ -2031,7 +2031,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) */ #ifndef NET_SKB_PAD @@ -93763,7 +94207,7 @@ index bdccc4b..e9f8670 100644 #endif int ___pskb_trim(struct sk_buff *skb, unsigned int len); -@@ -2669,9 +2669,9 @@ struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, int noblock, +@@ -2673,9 +2673,9 @@ struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, int noblock, int *err); unsigned int datagram_poll(struct file *file, struct socket *sock, struct poll_table_struct *wait); @@ -93775,7 +94219,7 @@ index bdccc4b..e9f8670 100644 struct msghdr *msg, int size) { return skb_copy_datagram_iter(from, offset, &msg->msg_iter, size); -@@ -3193,6 +3193,9 @@ static inline void nf_reset(struct sk_buff *skb) +@@ -3197,6 +3197,9 @@ static inline void nf_reset(struct sk_buff *skb) nf_bridge_put(skb->nf_bridge); skb->nf_bridge = NULL; #endif @@ -93786,19 +94230,18 @@ index bdccc4b..e9f8670 100644 static inline void nf_reset_trace(struct sk_buff *skb) diff --git a/include/linux/slab.h b/include/linux/slab.h -index 76f1fee..d95e6d2 100644 +index ffd24c8..cbbe7de 100644 --- a/include/linux/slab.h +++ b/include/linux/slab.h -@@ -14,15 +14,29 @@ - #include <linux/gfp.h> +@@ -15,14 +15,29 @@ #include <linux/types.h> #include <linux/workqueue.h> -- + +#include <linux/err.h> /* * Flags to pass to kmem_cache_create(). - * The ones marked DEBUG are only valid if CONFIG_SLAB_DEBUG is set. + * The ones marked DEBUG are only valid if CONFIG_DEBUG_SLAB is set. */ #define SLAB_DEBUG_FREE 0x00000100UL /* DEBUG: Perform (expensive) checks on free */ + @@ -93820,7 +94263,7 @@ index 76f1fee..d95e6d2 100644 #define SLAB_HWCACHE_ALIGN 0x00002000UL /* Align objs on cache lines */ #define SLAB_CACHE_DMA 0x00004000UL /* Use GFP_DMA memory */ #define SLAB_STORE_USER 0x00010000UL /* DEBUG: Store the last owner for bug hunting */ -@@ -98,10 +112,13 @@ +@@ -98,10 +113,13 @@ * ZERO_SIZE_PTR can be passed to kfree though in the same way that NULL can. * Both make kfree a no-op. */ @@ -93837,7 +94280,7 @@ index 76f1fee..d95e6d2 100644 #include <linux/kmemleak.h> #include <linux/kasan.h> -@@ -143,6 +160,8 @@ void * __must_check krealloc(const void *, size_t, gfp_t); +@@ -143,6 +161,8 @@ void * __must_check krealloc(const void *, size_t, gfp_t); void kfree(const void *); void kzfree(const void *); size_t ksize(const void *); @@ -93846,7 +94289,7 @@ index 76f1fee..d95e6d2 100644 /* * Some archs want to perform DMA into kmalloc caches and need a guaranteed -@@ -235,6 +254,10 @@ extern struct kmem_cache *kmalloc_caches[KMALLOC_SHIFT_HIGH + 1]; +@@ -235,6 +255,10 @@ extern struct kmem_cache *kmalloc_caches[KMALLOC_SHIFT_HIGH + 1]; extern struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; #endif @@ -93857,7 +94300,7 @@ index 76f1fee..d95e6d2 100644 /* * Figure out which kmalloc slab an allocation of a certain size * belongs to. -@@ -243,7 +266,7 @@ extern struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; +@@ -243,7 +267,7 @@ extern struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; * 2 = 120 .. 192 bytes * n = 2^(n-1) .. 2^n -1 */ @@ -93866,7 +94309,7 @@ index 76f1fee..d95e6d2 100644 { if (!size) return 0; -@@ -286,15 +309,15 @@ static __always_inline int kmalloc_index(size_t size) +@@ -286,15 +310,15 @@ static __always_inline int kmalloc_index(size_t size) } #endif /* !CONFIG_SLOB */ @@ -93931,7 +94374,7 @@ index 3388511..6252f90 100644 int inuse; /* Offset to metadata */ int align; /* Alignment */ diff --git a/include/linux/smp.h b/include/linux/smp.h -index be91db2..3f23232 100644 +index c441407..f487b83 100644 --- a/include/linux/smp.h +++ b/include/linux/smp.h @@ -183,7 +183,9 @@ static inline void smp_init(void) { } @@ -93945,7 +94388,7 @@ index be91db2..3f23232 100644 /* * Callback to arch code if there's nosmp or maxcpus=0 on the diff --git a/include/linux/sock_diag.h b/include/linux/sock_diag.h -index 46cca4c..3323536 100644 +index 083ac38..b23e3e8 100644 --- a/include/linux/sock_diag.h +++ b/include/linux/sock_diag.h @@ -11,7 +11,7 @@ struct sock; @@ -94156,10 +94599,10 @@ index 27b3b0b..e093dd9 100644 extern void register_syscore_ops(struct syscore_ops *ops); extern void unregister_syscore_ops(struct syscore_ops *ops); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h -index b7361f8..341a15a 100644 +index fa7bc29..0d96561 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h -@@ -39,6 +39,8 @@ typedef int proc_handler (struct ctl_table *ctl, int write, +@@ -39,10 +39,16 @@ typedef int proc_handler (struct ctl_table *ctl, int write, extern int proc_dostring(struct ctl_table *, int, void __user *, size_t *, loff_t *); @@ -94167,8 +94610,16 @@ index b7361f8..341a15a 100644 + void __user *, size_t *, loff_t *); extern int proc_dointvec(struct ctl_table *, int, void __user *, size_t *, loff_t *); ++extern int proc_dointvec_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); extern int proc_dointvec_minmax(struct ctl_table *, int, -@@ -113,7 +115,8 @@ struct ctl_table + void __user *, size_t *, loff_t *); ++extern int proc_dointvec_minmax_secure(struct ctl_table *, int, ++ void __user *, size_t *, loff_t *); + extern int proc_dointvec_jiffies(struct ctl_table *, int, + void __user *, size_t *, loff_t *); + extern int proc_dointvec_userhz_jiffies(struct ctl_table *, int, +@@ -113,7 +119,8 @@ struct ctl_table struct ctl_table_poll *poll; void *extra1; void *extra2; @@ -94179,7 +94630,7 @@ index b7361f8..341a15a 100644 struct ctl_node { struct rb_node node; diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h -index ddad161..a3efd26 100644 +index 9f65758..487a6f1 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -34,7 +34,8 @@ struct attribute { @@ -94192,7 +94643,7 @@ index ddad161..a3efd26 100644 /** * sysfs_attr_init - initialize a dynamically allocated sysfs attribute -@@ -63,7 +64,8 @@ struct attribute_group { +@@ -78,7 +79,8 @@ struct attribute_group { struct attribute *, int); struct attribute **attrs; struct bin_attribute **bin_attrs; @@ -94202,7 +94653,7 @@ index ddad161..a3efd26 100644 /** * Use these macros to make defining attributes easier. See include/linux/device.h -@@ -137,7 +139,8 @@ struct bin_attribute { +@@ -152,7 +154,8 @@ struct bin_attribute { char *, loff_t, size_t); int (*mmap)(struct file *, struct kobject *, struct bin_attribute *attr, struct vm_area_struct *vma); @@ -94252,7 +94703,7 @@ index ff307b5..f1a4468 100644 #endif /* _LINUX_THREAD_INFO_H */ diff --git a/include/linux/tty.h b/include/linux/tty.h -index 790752a..36d9b54 100644 +index d76631f..de91e82 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -225,7 +225,7 @@ struct tty_port { @@ -94273,7 +94724,7 @@ index 790752a..36d9b54 100644 /* Each of a tty's open files has private_data pointing to tty_file_private */ struct tty_file_private { -@@ -572,7 +572,7 @@ extern int tty_port_open(struct tty_port *port, +@@ -573,7 +573,7 @@ extern int tty_port_open(struct tty_port *port, struct tty_struct *tty, struct file *filp); static inline int tty_port_users(struct tty_port *port) { @@ -94318,10 +94769,10 @@ index 00c9d68..bc0188b 100644 struct tty_ldisc { diff --git a/include/linux/types.h b/include/linux/types.h -index 6747247..fc7ec8b 100644 +index 8715287..1be77ee 100644 --- a/include/linux/types.h +++ b/include/linux/types.h -@@ -174,10 +174,26 @@ typedef struct { +@@ -176,10 +176,26 @@ typedef struct { int counter; } atomic_t; @@ -94368,10 +94819,10 @@ index ecd3319..8a36ded 100644 }) diff --git a/include/linux/uidgid.h b/include/linux/uidgid.h -index 2d1f9b6..d7a9fce 100644 +index 0383552..a0125dd 100644 --- a/include/linux/uidgid.h +++ b/include/linux/uidgid.h -@@ -175,4 +175,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) +@@ -187,4 +187,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) #endif /* CONFIG_USER_NS */ @@ -94468,7 +94919,7 @@ index 447fe29..9fc875f 100644 void *data, int len, int *actual_length, int timeout); extern int usb_bulk_msg(struct usb_device *usb_dev, unsigned int pipe, diff --git a/include/linux/usb/renesas_usbhs.h b/include/linux/usb/renesas_usbhs.h -index 9fd9e48..e2c5f35 100644 +index f06529c..dfeabd8 100644 --- a/include/linux/usb/renesas_usbhs.h +++ b/include/linux/usb/renesas_usbhs.h @@ -39,7 +39,7 @@ enum { @@ -94732,10 +95183,10 @@ index 92dbbd3..13ab0b3 100644 Returns the number of bytes that needs to be allocated for a per- stream workspace with the specified parameters. A pointer to this diff --git a/include/media/v4l2-dev.h b/include/media/v4l2-dev.h -index 3e4fddf..5ec9104 100644 +index acbcd2f..c3abe84 100644 --- a/include/media/v4l2-dev.h +++ b/include/media/v4l2-dev.h -@@ -75,7 +75,7 @@ struct v4l2_file_operations { +@@ -74,7 +74,7 @@ struct v4l2_file_operations { int (*mmap) (struct file *, struct vm_area_struct *); int (*open) (struct file *); int (*release) (struct file *); @@ -94745,10 +95196,10 @@ index 3e4fddf..5ec9104 100644 /* * Newer version of video_device, handled by videodev2.c diff --git a/include/media/v4l2-device.h b/include/media/v4l2-device.h -index ffb69da..040393e 100644 +index 9c58157..d86ebf5 100644 --- a/include/media/v4l2-device.h +++ b/include/media/v4l2-device.h -@@ -95,7 +95,7 @@ int __must_check v4l2_device_register(struct device *dev, struct v4l2_device *v4 +@@ -93,7 +93,7 @@ int __must_check v4l2_device_register(struct device *dev, struct v4l2_device *v4 this function returns 0. If the name ends with a digit (e.g. cx18), then the name will be set to cx18-0 since cx180 looks really odd. */ int v4l2_device_set_name(struct v4l2_device *v4l2_dev, const char *basename, @@ -94758,13 +95209,13 @@ index ffb69da..040393e 100644 /* Set v4l2_dev->dev to NULL. Call when the USB parent disconnects. Since the parent disappears this ensures that v4l2_dev doesn't have an diff --git a/include/net/9p/transport.h b/include/net/9p/transport.h -index 2a25dec..bf6dd8a 100644 +index 5122b5e..598b440 100644 --- a/include/net/9p/transport.h +++ b/include/net/9p/transport.h @@ -62,7 +62,7 @@ struct p9_trans_module { int (*cancelled)(struct p9_client *, struct p9_req_t *req); int (*zc_request)(struct p9_client *, struct p9_req_t *, - char *, char *, int , int, int, int); + struct iov_iter *, struct iov_iter *, int , int, int); -}; +} __do_const; @@ -94797,10 +95248,10 @@ index 2239a37..a83461f 100644 struct l2cap_conn { struct hci_conn *hcon; diff --git a/include/net/bonding.h b/include/net/bonding.h -index fda6fee..dbdf83c 100644 +index 78ed135..2f53667 100644 --- a/include/net/bonding.h +++ b/include/net/bonding.h -@@ -665,7 +665,7 @@ extern struct rtnl_link_ops bond_link_ops; +@@ -658,7 +658,7 @@ extern struct rtnl_link_ops bond_link_ops; static inline void bond_tx_drop(struct net_device *dev, struct sk_buff *skb) { @@ -94846,10 +95297,10 @@ index 8109a15..504466d 100644 #endif diff --git a/include/net/genetlink.h b/include/net/genetlink.h -index 0574abd..0f16881 100644 +index a9af1cc..1f3fa7b 100644 --- a/include/net/genetlink.h +++ b/include/net/genetlink.h -@@ -130,7 +130,7 @@ struct genl_ops { +@@ -128,7 +128,7 @@ struct genl_ops { u8 cmd; u8 internal_flags; u8 flags; @@ -94872,7 +95323,7 @@ index 0f712c0..cd762c4 100644 return; } diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h -index 9fe865c..43735aa 100644 +index 0320bbb..938789c 100644 --- a/include/net/inet_connection_sock.h +++ b/include/net/inet_connection_sock.h @@ -63,7 +63,7 @@ struct inet_connection_sock_af_ops { @@ -94885,10 +95336,10 @@ index 9fe865c..43735aa 100644 /** inet_connection_sock - INET connection oriented sock * diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h -index 80479ab..0c3f647 100644 +index d5332dd..10a5c3c 100644 --- a/include/net/inetpeer.h +++ b/include/net/inetpeer.h -@@ -47,7 +47,7 @@ struct inet_peer { +@@ -48,7 +48,7 @@ struct inet_peer { */ union { struct { @@ -94898,20 +95349,20 @@ index 80479ab..0c3f647 100644 struct rcu_head rcu; struct inet_peer *gc_next; diff --git a/include/net/ip.h b/include/net/ip.h -index 6cc1eaf..14059b0 100644 +index d14af7e..52816c2 100644 --- a/include/net/ip.h +++ b/include/net/ip.h -@@ -317,7 +317,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb) +@@ -318,7 +318,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb) } } -u32 ip_idents_reserve(u32 hash, int segs); +u32 ip_idents_reserve(u32 hash, int segs) __intentional_overflow(-1); - void __ip_select_ident(struct iphdr *iph, int segs); + void __ip_select_ident(struct net *net, struct iphdr *iph, int segs); - static inline void ip_select_ident_segs(struct sk_buff *skb, struct sock *sk, int segs) + static inline void ip_select_ident_segs(struct net *net, struct sk_buff *skb, diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h -index 5bd120e4..03fb812 100644 +index 54271ed..eb7e0e6 100644 --- a/include/net/ip_fib.h +++ b/include/net/ip_fib.h @@ -170,7 +170,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh); @@ -94924,10 +95375,10 @@ index 5bd120e4..03fb812 100644 fib_info_update_nh_saddr((net), &FIB_RES_NH(res))) #define FIB_RES_GW(res) (FIB_RES_NH(res).nh_gw) diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h -index 615b20b..fd4cbd8 100644 +index 4e3731e..a242e28 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h -@@ -534,7 +534,7 @@ struct ip_vs_conn { +@@ -551,7 +551,7 @@ struct ip_vs_conn { struct ip_vs_conn *control; /* Master control connection */ atomic_t n_control; /* Number of controlled ones */ struct ip_vs_dest *dest; /* real server */ @@ -94936,7 +95387,7 @@ index 615b20b..fd4cbd8 100644 /* Packet transmitter for different forwarding methods. If it * mangles the packet, it must return NF_DROP or better NF_STOLEN, -@@ -682,7 +682,7 @@ struct ip_vs_dest { +@@ -699,7 +699,7 @@ struct ip_vs_dest { __be16 port; /* port number of the server */ union nf_inet_addr addr; /* IP address of the server */ volatile unsigned int flags; /* dest status flags */ @@ -94945,7 +95396,7 @@ index 615b20b..fd4cbd8 100644 atomic_t weight; /* server weight */ atomic_t refcnt; /* reference counter */ -@@ -928,11 +928,11 @@ struct netns_ipvs { +@@ -946,11 +946,11 @@ struct netns_ipvs { /* ip_vs_lblc */ int sysctl_lblc_expiration; struct ctl_table_header *lblc_ctl_header; @@ -95052,10 +95503,10 @@ index c4359e2..76dbc4a 100644 struct llc_sap_state { u8 curr_state; diff --git a/include/net/mac80211.h b/include/net/mac80211.h -index d52914b..2b13cec 100644 +index fc57f6b..9c1fdb2 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h -@@ -4915,7 +4915,7 @@ struct rate_control_ops { +@@ -5104,7 +5104,7 @@ struct rate_control_ops { void (*remove_sta_debugfs)(void *priv, void *priv_sta); u32 (*get_expected_throughput)(void *priv_sta); @@ -95065,10 +95516,10 @@ index d52914b..2b13cec 100644 static inline int rate_supported(struct ieee80211_sta *sta, enum ieee80211_band band, diff --git a/include/net/neighbour.h b/include/net/neighbour.h -index 76f7084..8f36e39 100644 +index bd33e66..6508d00 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h -@@ -163,7 +163,7 @@ struct neigh_ops { +@@ -162,7 +162,7 @@ struct neigh_ops { void (*error_report)(struct neighbour *, struct sk_buff *); int (*output)(struct neighbour *, struct sk_buff *); int (*connected_output)(struct neighbour *, struct sk_buff *); @@ -95077,7 +95528,7 @@ index 76f7084..8f36e39 100644 struct pneigh_entry { struct pneigh_entry *next; -@@ -217,7 +217,7 @@ struct neigh_table { +@@ -216,7 +216,7 @@ struct neigh_table { struct neigh_statistics __percpu *stats; struct neigh_hash_table __rcu *nht; struct pneigh_entry **phash_buckets; @@ -95087,11 +95538,11 @@ index 76f7084..8f36e39 100644 enum { NEIGH_ARP_TABLE = 0, diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h -index 36faf49..6927638 100644 +index f733656..54053db 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h -@@ -131,8 +131,8 @@ struct net { - struct netns_ipvs *ipvs; +@@ -132,8 +132,8 @@ struct net { + struct netns_mpls mpls; #endif struct sock *diag_nlsk; - atomic_t fnhe_genid; @@ -95101,7 +95552,7 @@ index 36faf49..6927638 100644 #include <linux/seq_file_net.h> -@@ -288,7 +288,11 @@ static inline struct net *read_pnet(struct net * const *pnet) +@@ -268,7 +268,11 @@ static inline struct net *read_pnet(const possible_net_t *pnet) #define __net_init __init #define __net_exit __exit_refok #define __net_initdata __initdata @@ -95113,7 +95564,7 @@ index 36faf49..6927638 100644 #endif int peernet2id(struct net *net, struct net *peer); -@@ -301,7 +305,7 @@ struct pernet_operations { +@@ -281,7 +285,7 @@ struct pernet_operations { void (*exit_batch)(struct list_head *net_exit_list); int *id; size_t size; @@ -95122,7 +95573,7 @@ index 36faf49..6927638 100644 /* * Use these carefully. If you implement a network device and it -@@ -349,12 +353,12 @@ static inline void unregister_net_sysctl_table(struct ctl_table_header *header) +@@ -329,12 +333,12 @@ static inline void unregister_net_sysctl_table(struct ctl_table_header *header) static inline int rt_genid_ipv4(struct net *net) { @@ -95137,7 +95588,7 @@ index 36faf49..6927638 100644 } extern void (*__fib6_flush_trees)(struct net *net); -@@ -381,12 +385,12 @@ static inline void rt_genid_bump_all(struct net *net) +@@ -361,12 +365,12 @@ static inline void rt_genid_bump_all(struct net *net) static inline int fnhe_genid(struct net *net) { @@ -95153,10 +95604,10 @@ index 36faf49..6927638 100644 #endif /* __NET_NET_NAMESPACE_H */ diff --git a/include/net/netlink.h b/include/net/netlink.h -index e010ee8..405b9f4 100644 +index 2a5dbcc..8243656 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h -@@ -518,7 +518,7 @@ static inline void nlmsg_trim(struct sk_buff *skb, const void *mark) +@@ -521,7 +521,7 @@ static inline void nlmsg_trim(struct sk_buff *skb, const void *mark) { if (mark) { WARN_ON((unsigned char *) mark < skb->data); @@ -95192,10 +95643,10 @@ index 29d6a94..235d3d84 100644 }; diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h -index dbe2254..ed0c151 100644 +index 614a49b..0b94386 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h -@@ -87,7 +87,7 @@ struct netns_ipv4 { +@@ -90,7 +90,7 @@ struct netns_ipv4 { struct ping_group_range ping_group_range; @@ -95204,7 +95655,7 @@ index dbe2254..ed0c151 100644 #ifdef CONFIG_SYSCTL unsigned long *sysctl_local_reserved_ports; -@@ -101,6 +101,6 @@ struct netns_ipv4 { +@@ -104,6 +104,6 @@ struct netns_ipv4 { struct fib_rules_ops *mr_rules_ops; #endif #endif @@ -95213,10 +95664,10 @@ index dbe2254..ed0c151 100644 }; #endif diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h -index 69ae41f..4f94868 100644 +index d2527bf..2c802d5 100644 --- a/include/net/netns/ipv6.h +++ b/include/net/netns/ipv6.h -@@ -75,8 +75,8 @@ struct netns_ipv6 { +@@ -78,8 +78,8 @@ struct netns_ipv6 { struct fib_rules_ops *mr6_rules_ops; #endif #endif @@ -95241,7 +95692,7 @@ index 730d82a..045f2c4 100644 spinlock_t flow_cache_gc_lock; struct work_struct flow_cache_gc_work; diff --git a/include/net/ping.h b/include/net/ping.h -index cc16d41..664f40b 100644 +index ac80cb4..ec1ed09 100644 --- a/include/net/ping.h +++ b/include/net/ping.h @@ -54,7 +54,7 @@ struct ping_iter_state { @@ -95276,7 +95727,7 @@ index d6fcc1f..ca277058 100644 #define INET6_PROTO_NOPOLICY 0x1 #define INET6_PROTO_FINAL 0x2 diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h -index 6c6d539..af70817 100644 +index 343d922..7959cde 100644 --- a/include/net/rtnetlink.h +++ b/include/net/rtnetlink.h @@ -95,7 +95,7 @@ struct rtnl_link_ops { @@ -95339,10 +95790,10 @@ index 495c87e..5b327ff 100644 /* Structure to track chunk fragments that have been acked, but peer diff --git a/include/net/sock.h b/include/net/sock.h -index e4079c2..79c5d3a 100644 +index 3a4898e..67456ac 100644 --- a/include/net/sock.h +++ b/include/net/sock.h -@@ -362,7 +362,7 @@ struct sock { +@@ -363,7 +363,7 @@ struct sock { unsigned int sk_napi_id; unsigned int sk_ll_usec; #endif @@ -95369,7 +95820,7 @@ index e4079c2..79c5d3a 100644 sk_memory_allocated(const struct sock *sk) { struct proto *prot = sk->sk_prot; -@@ -1778,7 +1778,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) +@@ -1777,7 +1777,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) } static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, @@ -95378,7 +95829,7 @@ index e4079c2..79c5d3a 100644 int copy, int offset) { if (skb->ip_summed == CHECKSUM_NONE) { -@@ -2025,7 +2025,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) +@@ -2024,7 +2024,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) } } @@ -95387,11 +95838,20 @@ index e4079c2..79c5d3a 100644 /** * sk_page_frag - return an appropriate page_frag +@@ -2099,7 +2099,7 @@ struct sock_skb_cb { + static inline void + sock_skb_set_dropcount(const struct sock *sk, struct sk_buff *skb) + { +- SOCK_SKB_CB(skb)->dropcount = atomic_read(&sk->sk_drops); ++ SOCK_SKB_CB(skb)->dropcount = atomic_read_unchecked(&sk->sk_drops); + } + + void __sock_recv_timestamp(struct msghdr *msg, struct sock *sk, diff --git a/include/net/tcp.h b/include/net/tcp.h -index 8d6b983..5813205 100644 +index 6d204f3..d5a8ff0 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h -@@ -516,7 +516,7 @@ void tcp_retransmit_timer(struct sock *sk); +@@ -523,7 +523,7 @@ void tcp_retransmit_timer(struct sock *sk); void tcp_xmit_retransmit_queue(struct sock *); void tcp_simple_retransmit(struct sock *); int tcp_trim_head(struct sock *, struct sk_buff *, u32); @@ -95400,7 +95860,7 @@ index 8d6b983..5813205 100644 void tcp_send_probe0(struct sock *); void tcp_send_partial(struct sock *); -@@ -694,8 +694,8 @@ static inline u32 tcp_skb_timestamp(const struct sk_buff *skb) +@@ -699,8 +699,8 @@ static inline u32 tcp_skb_timestamp(const struct sk_buff *skb) * If this grows please adjust skbuff.h:skbuff->cb[xxx] size appropriately. */ struct tcp_skb_cb { @@ -95411,7 +95871,7 @@ index 8d6b983..5813205 100644 union { /* Note : tcp_tw_isn is used in input path only * (isn chosen by tcp_timewait_state_process()) -@@ -720,7 +720,7 @@ struct tcp_skb_cb { +@@ -725,7 +725,7 @@ struct tcp_skb_cb { __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ /* 1 byte hole */ @@ -95421,10 +95881,10 @@ index 8d6b983..5813205 100644 struct inet_skb_parm h4; #if IS_ENABLED(CONFIG_IPV6) diff --git a/include/net/xfrm.h b/include/net/xfrm.h -index dc4865e..152ee4c 100644 +index 36ac102..6e8b34b 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h -@@ -285,7 +285,6 @@ struct xfrm_dst; +@@ -283,7 +283,6 @@ struct xfrm_dst; struct xfrm_policy_afinfo { unsigned short family; struct dst_ops *dst_ops; @@ -95432,7 +95892,7 @@ index dc4865e..152ee4c 100644 struct dst_entry *(*dst_lookup)(struct net *net, int tos, const xfrm_address_t *saddr, const xfrm_address_t *daddr); -@@ -303,7 +302,7 @@ struct xfrm_policy_afinfo { +@@ -301,7 +300,7 @@ struct xfrm_policy_afinfo { struct net_device *dev, const struct flowi *fl); struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig); @@ -95441,7 +95901,7 @@ index dc4865e..152ee4c 100644 int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); -@@ -342,7 +341,7 @@ struct xfrm_state_afinfo { +@@ -340,7 +339,7 @@ struct xfrm_state_afinfo { int (*transport_finish)(struct sk_buff *skb, int async); void (*local_error)(struct sk_buff *skb, u32 mtu); @@ -95450,7 +95910,7 @@ index dc4865e..152ee4c 100644 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo); -@@ -437,7 +436,7 @@ struct xfrm_mode { +@@ -435,7 +434,7 @@ struct xfrm_mode { struct module *owner; unsigned int encap; int flags; @@ -95459,7 +95919,7 @@ index dc4865e..152ee4c 100644 /* Flags for xfrm_mode. */ enum { -@@ -534,7 +533,7 @@ struct xfrm_policy { +@@ -530,7 +529,7 @@ struct xfrm_policy { struct timer_list timer; struct flow_cache_object flo; @@ -95468,7 +95928,7 @@ index dc4865e..152ee4c 100644 u32 priority; u32 index; struct xfrm_mark mark; -@@ -1167,6 +1166,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk) +@@ -1163,6 +1162,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk) } void xfrm_garbage_collect(struct net *net); @@ -95476,7 +95936,7 @@ index dc4865e..152ee4c 100644 #else -@@ -1205,6 +1205,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, +@@ -1201,6 +1201,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, static inline void xfrm_garbage_collect(struct net *net) { } @@ -95551,10 +96011,10 @@ index 891a658..fcd68df 100644 }; #define to_scsi_driver(drv) \ diff --git a/include/scsi/scsi_transport_fc.h b/include/scsi/scsi_transport_fc.h -index 007a0bc..7188db8 100644 +index 784bc2c..855a04c 100644 --- a/include/scsi/scsi_transport_fc.h +++ b/include/scsi/scsi_transport_fc.h -@@ -756,7 +756,8 @@ struct fc_function_template { +@@ -757,7 +757,8 @@ struct fc_function_template { unsigned long show_host_system_hostname:1; unsigned long disable_target_scan:1; @@ -95565,7 +96025,7 @@ index 007a0bc..7188db8 100644 /** diff --git a/include/sound/compress_driver.h b/include/sound/compress_driver.h -index f48089d..73abe48 100644 +index fa1d055..3647940 100644 --- a/include/sound/compress_driver.h +++ b/include/sound/compress_driver.h @@ -130,7 +130,7 @@ struct snd_compr_ops { @@ -95578,10 +96038,10 @@ index f48089d..73abe48 100644 /** * struct snd_compr: Compressed device diff --git a/include/sound/soc.h b/include/sound/soc.h -index 0d1ade1..34e77d3 100644 +index f6226914..e919a2e 100644 --- a/include/sound/soc.h +++ b/include/sound/soc.h -@@ -856,7 +856,7 @@ struct snd_soc_codec_driver { +@@ -870,7 +870,7 @@ struct snd_soc_codec_driver { enum snd_soc_dapm_type, int); bool ignore_pmdown_time; /* Doesn't benefit from pmdown delay */ @@ -95590,7 +96050,7 @@ index 0d1ade1..34e77d3 100644 /* SoC platform interface */ struct snd_soc_platform_driver { -@@ -883,7 +883,7 @@ struct snd_soc_platform_driver { +@@ -897,7 +897,7 @@ struct snd_soc_platform_driver { const struct snd_compr_ops *compr_ops; int (*bespoke_trigger)(struct snd_pcm_substream *, int); @@ -95600,7 +96060,7 @@ index 0d1ade1..34e77d3 100644 struct snd_soc_dai_link_component { const char *name; diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h -index 985ca4c..b55b54a 100644 +index 480e9f8..2d59c93 100644 --- a/include/target/target_core_base.h +++ b/include/target/target_core_base.h @@ -767,7 +767,7 @@ struct se_device { @@ -95672,10 +96132,10 @@ index 0000000..fb634b7 +/* This part must be outside protection */ +#include <trace/define_trace.h> diff --git a/include/trace/events/irq.h b/include/trace/events/irq.h -index 3608beb..df39d8a 100644 +index ff8f6c0..6b6bae3 100644 --- a/include/trace/events/irq.h +++ b/include/trace/events/irq.h -@@ -36,7 +36,7 @@ struct softirq_action; +@@ -51,7 +51,7 @@ SOFTIRQ_NAME_LIST */ TRACE_EVENT(irq_handler_entry, @@ -95684,7 +96144,7 @@ index 3608beb..df39d8a 100644 TP_ARGS(irq, action), -@@ -66,7 +66,7 @@ TRACE_EVENT(irq_handler_entry, +@@ -81,7 +81,7 @@ TRACE_EVENT(irq_handler_entry, */ TRACE_EVENT(irq_handler_exit, @@ -95694,13 +96154,13 @@ index 3608beb..df39d8a 100644 TP_ARGS(irq, action, ret), diff --git a/include/uapi/drm/i915_drm.h b/include/uapi/drm/i915_drm.h -index 6eed16b..3e05750 100644 +index 551b673..9c680df 100644 --- a/include/uapi/drm/i915_drm.h +++ b/include/uapi/drm/i915_drm.h -@@ -347,6 +347,7 @@ typedef struct drm_i915_irq_wait { - #define I915_PARAM_HAS_COHERENT_PHYS_GTT 29 - #define I915_PARAM_MMAP_VERSION 30 - #define I915_PARAM_HAS_BSD2 31 +@@ -350,6 +350,7 @@ typedef struct drm_i915_irq_wait { + #define I915_PARAM_REVISION 32 + #define I915_PARAM_SUBSLICE_TOTAL 33 + #define I915_PARAM_EU_TOTAL 34 +#define I915_PARAM_HAS_LEGACY_CONTEXT 35 typedef struct drm_i915_getparam { @@ -95980,10 +96440,10 @@ index 30f5362..8ed8ac9 100644 void *pmi_pal; u8 *vbe_state_orig; /* diff --git a/init/Kconfig b/init/Kconfig -index f5dbc6d..8259396 100644 +index dc24dec..b77638f 100644 --- a/init/Kconfig +++ b/init/Kconfig -@@ -1136,6 +1136,7 @@ endif # CGROUPS +@@ -1145,6 +1145,7 @@ endif # CGROUPS config CHECKPOINT_RESTORE bool "Checkpoint/restore support" if EXPERT @@ -95991,7 +96451,7 @@ index f5dbc6d..8259396 100644 default n help Enables additional kernel features in a sake of checkpoint/restore. -@@ -1646,7 +1647,7 @@ config SLUB_DEBUG +@@ -1670,7 +1671,7 @@ config SLUB_DEBUG config COMPAT_BRK bool "Disable heap randomization" @@ -96000,7 +96460,7 @@ index f5dbc6d..8259396 100644 help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1977,7 +1978,7 @@ config INIT_ALL_POSSIBLE +@@ -2001,7 +2002,7 @@ config INIT_ALL_POSSIBLE config STOP_MACHINE bool default y @@ -96024,10 +96484,10 @@ index 7bc47ee..6da2dc7 100644 ifneq ($(CONFIG_BLK_DEV_INITRD),y) obj-y += noinitramfs.o diff --git a/init/do_mounts.c b/init/do_mounts.c -index eb41008..f5dbbf9 100644 +index a95bbdb..82c48fd 100644 --- a/init/do_mounts.c +++ b/init/do_mounts.c -@@ -360,11 +360,11 @@ static void __init get_fs_names(char *page) +@@ -363,11 +363,11 @@ static void __init get_fs_names(char *page) static int __init do_mount_root(char *name, char *fs, int flags, void *data) { struct super_block *s; @@ -96041,7 +96501,7 @@ index eb41008..f5dbbf9 100644 s = current->fs->pwd.dentry->d_sb; ROOT_DEV = s->s_dev; printk(KERN_INFO -@@ -487,18 +487,18 @@ void __init change_floppy(char *fmt, ...) +@@ -490,18 +490,18 @@ void __init change_floppy(char *fmt, ...) va_start(args, fmt); vsprintf(buf, fmt, args); va_end(args); @@ -96063,7 +96523,7 @@ index eb41008..f5dbbf9 100644 termios.c_lflag |= ICANON; sys_ioctl(fd, TCSETSF, (long)&termios); sys_close(fd); -@@ -592,8 +592,8 @@ void __init prepare_namespace(void) +@@ -595,8 +595,8 @@ void __init prepare_namespace(void) mount_root(); out: devtmpfs_mount("dev"); @@ -96349,10 +96809,10 @@ index ad1bd77..dca2c1b 100644 next_state = Reset; return 0; diff --git a/init/main.c b/init/main.c -index 6f0f1c5f..a542824 100644 +index 2a89545..449eca2 100644 --- a/init/main.c +++ b/init/main.c -@@ -96,6 +96,8 @@ extern void radix_tree_init(void); +@@ -97,6 +97,8 @@ extern void radix_tree_init(void); static inline void mark_rodata_ro(void) { } #endif @@ -96361,7 +96821,7 @@ index 6f0f1c5f..a542824 100644 /* * Debug helper: via this flag we know that we are in 'early bootup code' * where only the boot processor is running with IRQ disabled. This means -@@ -157,6 +159,85 @@ static int __init set_reset_devices(char *str) +@@ -158,6 +160,85 @@ static int __init set_reset_devices(char *str) __setup("reset_devices", set_reset_devices); @@ -96447,7 +96907,7 @@ index 6f0f1c5f..a542824 100644 static const char *argv_init[MAX_INIT_ARGS+2] = { "init", NULL, }; const char *envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, }; static const char *panic_later, *panic_param; -@@ -722,7 +803,7 @@ static bool __init_or_module initcall_blacklisted(initcall_t fn) +@@ -726,7 +807,7 @@ static bool __init_or_module initcall_blacklisted(initcall_t fn) struct blacklist_entry *entry; char *fn_name; @@ -96456,7 +96916,7 @@ index 6f0f1c5f..a542824 100644 if (!fn_name) return false; -@@ -774,7 +855,7 @@ int __init_or_module do_one_initcall(initcall_t fn) +@@ -778,7 +859,7 @@ int __init_or_module do_one_initcall(initcall_t fn) { int count = preempt_count(); int ret; @@ -96465,7 +96925,7 @@ index 6f0f1c5f..a542824 100644 if (initcall_blacklisted(fn)) return -EPERM; -@@ -784,18 +865,17 @@ int __init_or_module do_one_initcall(initcall_t fn) +@@ -788,18 +869,17 @@ int __init_or_module do_one_initcall(initcall_t fn) else ret = fn(); @@ -96488,7 +96948,7 @@ index 6f0f1c5f..a542824 100644 return ret; } -@@ -901,8 +981,8 @@ static int run_init_process(const char *init_filename) +@@ -905,8 +985,8 @@ static int run_init_process(const char *init_filename) { argv_init[0] = init_filename; return do_execve(getname_kernel(init_filename), @@ -96499,7 +96959,7 @@ index 6f0f1c5f..a542824 100644 } static int try_to_run_init_process(const char *init_filename) -@@ -919,6 +999,10 @@ static int try_to_run_init_process(const char *init_filename) +@@ -923,6 +1003,10 @@ static int try_to_run_init_process(const char *init_filename) return ret; } @@ -96510,7 +96970,7 @@ index 6f0f1c5f..a542824 100644 static noinline void __init kernel_init_freeable(void); static int __ref kernel_init(void *unused) -@@ -943,6 +1027,11 @@ static int __ref kernel_init(void *unused) +@@ -947,6 +1031,11 @@ static int __ref kernel_init(void *unused) ramdisk_execute_command, ret); } @@ -96522,7 +96982,7 @@ index 6f0f1c5f..a542824 100644 /* * We try each of these until one succeeds. * -@@ -998,7 +1087,7 @@ static noinline void __init kernel_init_freeable(void) +@@ -1002,7 +1091,7 @@ static noinline void __init kernel_init_freeable(void) do_basic_setup(); /* Open the /dev/console on the rootfs, this should never fail */ @@ -96531,7 +96991,7 @@ index 6f0f1c5f..a542824 100644 pr_err("Warning: unable to open an initial console.\n"); (void) sys_dup(0); -@@ -1011,11 +1100,13 @@ static noinline void __init kernel_init_freeable(void) +@@ -1015,11 +1104,13 @@ static noinline void __init kernel_init_freeable(void) if (!ramdisk_execute_command) ramdisk_execute_command = "/init"; @@ -96631,7 +97091,7 @@ index 68d4e95..1477ded 100644 mq_table.data = get_mq(table); diff --git a/ipc/mqueue.c b/ipc/mqueue.c -index 7635a1c..7432cb6 100644 +index 3aaea7f..e8a13d6 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -278,6 +278,7 @@ static struct inode *mqueue_get_inode(struct super_block *sb, @@ -96643,7 +97103,7 @@ index 7635a1c..7432cb6 100644 if (u->mq_bytes + mq_bytes < u->mq_bytes || u->mq_bytes + mq_bytes > rlimit(RLIMIT_MSGQUEUE)) { diff --git a/ipc/sem.c b/ipc/sem.c -index 9284211..bca5b1b 100644 +index d1a6edd..ef08b40 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -1780,7 +1780,7 @@ static int get_queue_result(struct sem_queue *q) @@ -96665,7 +97125,7 @@ index 9284211..bca5b1b 100644 return sys_semtimedop(semid, tsops, nsops, NULL); } diff --git a/ipc/shm.c b/ipc/shm.c -index 19633b4..d454904 100644 +index 6d76707..b646bbe 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -72,6 +72,14 @@ static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp); @@ -96729,11 +97189,11 @@ index 19633b4..d454904 100644 +#ifdef CONFIG_GRKERNSEC + shp->shm_lapid = current->pid; +#endif - size = i_size_read(path.dentry->d_inode); + size = i_size_read(d_inode(path.dentry)); ipc_unlock_object(&shp->shm_perm); rcu_read_unlock(); diff --git a/ipc/util.c b/ipc/util.c -index 106bed0..f851429 100644 +index ff3323e..d6d63d1 100644 --- a/ipc/util.c +++ b/ipc/util.c @@ -71,6 +71,8 @@ struct ipc_proc_iface { @@ -96757,10 +97217,10 @@ index 106bed0..f851429 100644 if ((requested_mode & ~granted_mode & 0007) && !ns_capable(ns->user_ns, CAP_IPC_OWNER)) diff --git a/kernel/audit.c b/kernel/audit.c -index 72ab759..757deba 100644 +index 1c13e42..6c171ab 100644 --- a/kernel/audit.c +++ b/kernel/audit.c -@@ -122,7 +122,7 @@ u32 audit_sig_sid = 0; +@@ -124,7 +124,7 @@ u32 audit_sig_sid = 0; 3) suppressed due to audit_rate_limit 4) suppressed due to audit_backlog_limit */ @@ -96769,7 +97229,7 @@ index 72ab759..757deba 100644 /* The netlink socket. */ static struct sock *audit_sock; -@@ -256,7 +256,7 @@ void audit_log_lost(const char *message) +@@ -258,7 +258,7 @@ void audit_log_lost(const char *message) unsigned long now; int print; @@ -96778,7 +97238,7 @@ index 72ab759..757deba 100644 print = (audit_failure == AUDIT_FAIL_PANIC || !audit_rate_limit); -@@ -273,7 +273,7 @@ void audit_log_lost(const char *message) +@@ -275,7 +275,7 @@ void audit_log_lost(const char *message) if (print) { if (printk_ratelimit()) pr_warn("audit_lost=%u audit_rate_limit=%u audit_backlog_limit=%u\n", @@ -96787,7 +97247,7 @@ index 72ab759..757deba 100644 audit_rate_limit, audit_backlog_limit); audit_panic(message); -@@ -831,7 +831,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -833,7 +833,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) s.pid = audit_pid; s.rate_limit = audit_rate_limit; s.backlog_limit = audit_backlog_limit; @@ -96795,9 +97255,9 @@ index 72ab759..757deba 100644 + s.lost = atomic_read_unchecked(&audit_lost); s.backlog = skb_queue_len(&audit_skb_queue); s.feature_bitmap = AUDIT_FEATURE_BITMAP_ALL; - s.backlog_wait_time = audit_backlog_wait_time; + s.backlog_wait_time = audit_backlog_wait_time_master; diff --git a/kernel/auditsc.c b/kernel/auditsc.c -index dc4ae70..14681ff 100644 +index 9fb9d1c..afb1610 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1023,7 +1023,7 @@ static int audit_log_single_execve_arg(struct audit_context *context, @@ -96828,7 +97288,7 @@ index dc4ae70..14681ff 100644 task->sessionid = sessionid; task->loginuid = loginuid; diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c -index 0c5796e..a9414e2 100644 +index 54f0e7f..fed997b 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -143,14 +143,17 @@ bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr, @@ -96860,10 +97320,10 @@ index 0c5796e..a9414e2 100644 #endif /* CONFIG_BPF_JIT */ diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c -index 536edc2..d28c85d 100644 +index 3bae6c5..59ea175 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c -@@ -548,11 +548,15 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz +@@ -554,11 +554,15 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz int err; /* the syscall is limited to root temporarily. This restriction will be @@ -96882,10 +97342,10 @@ index 536edc2..d28c85d 100644 if (!access_ok(VERIFY_READ, uattr, 1)) return -EFAULT; diff --git a/kernel/capability.c b/kernel/capability.c -index 989f5bf..d317ca0 100644 +index 45432b5..988f1e4 100644 --- a/kernel/capability.c +++ b/kernel/capability.c -@@ -192,6 +192,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) +@@ -193,6 +193,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) * before modification is attempted and the application * fails. */ @@ -96895,7 +97355,7 @@ index 989f5bf..d317ca0 100644 if (copy_to_user(dataptr, kdata, tocopy * sizeof(struct __user_cap_data_struct))) { return -EFAULT; -@@ -297,10 +300,11 @@ bool has_ns_capability(struct task_struct *t, +@@ -298,10 +301,11 @@ bool has_ns_capability(struct task_struct *t, int ret; rcu_read_lock(); @@ -96909,7 +97369,7 @@ index 989f5bf..d317ca0 100644 } /** -@@ -337,10 +341,10 @@ bool has_ns_capability_noaudit(struct task_struct *t, +@@ -338,10 +342,10 @@ bool has_ns_capability_noaudit(struct task_struct *t, int ret; rcu_read_lock(); @@ -96922,7 +97382,7 @@ index 989f5bf..d317ca0 100644 } /** -@@ -378,7 +382,7 @@ bool ns_capable(struct user_namespace *ns, int cap) +@@ -379,7 +383,7 @@ bool ns_capable(struct user_namespace *ns, int cap) BUG(); } @@ -96931,14 +97391,14 @@ index 989f5bf..d317ca0 100644 current->flags |= PF_SUPERPRIV; return true; } -@@ -386,6 +390,21 @@ bool ns_capable(struct user_namespace *ns, int cap) +@@ -387,6 +391,20 @@ bool ns_capable(struct user_namespace *ns, int cap) } EXPORT_SYMBOL(ns_capable); +bool ns_capable_nolog(struct user_namespace *ns, int cap) +{ + if (unlikely(!cap_valid(cap))) { -+ printk(KERN_CRIT "capable_nolog() called with invalid cap=%u\n", cap); ++ pr_crit("capable_nolog() called with invalid cap=%u\n", cap); + BUG(); + } + @@ -96949,24 +97409,24 @@ index 989f5bf..d317ca0 100644 + return false; +} +EXPORT_SYMBOL(ns_capable_nolog); -+ + /** - * file_ns_capable - Determine if the file's opener had a capability in effect - * @file: The file we want to check -@@ -427,6 +446,12 @@ bool capable(int cap) + * capable - Determine if the current task has a superior capability in effect +@@ -403,6 +421,13 @@ bool capable(int cap) + return ns_capable(&init_user_ns, cap); } EXPORT_SYMBOL(capable); - ++ +bool capable_nolog(int cap) +{ + return ns_capable_nolog(&init_user_ns, cap); +} +EXPORT_SYMBOL(capable_nolog); + + #endif /* CONFIG_MULTIUSER */ + /** - * capable_wrt_inode_uidgid - Check nsown_capable and uid and gid mapped - * @inode: The inode in question -@@ -444,3 +469,12 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap) +@@ -447,3 +472,12 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap) kgid_has_mapping(ns, inode->i_gid); } EXPORT_SYMBOL(capable_wrt_inode_uidgid); @@ -96980,7 +97440,7 @@ index 989f5bf..d317ca0 100644 +} +EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog); diff --git a/kernel/cgroup.c b/kernel/cgroup.c -index 29a7b2c..a64e30a 100644 +index e8a5491..ab4bfa3 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -5347,6 +5347,9 @@ static void cgroup_release_agent(struct work_struct *work) @@ -97003,7 +97463,7 @@ index 29a7b2c..a64e30a 100644 list_for_each_entry(task, &cset->tasks, cg_list) { if (count++ > MAX_TASKS_SHOWN_PER_CSS) diff --git a/kernel/compat.c b/kernel/compat.c -index 24f0061..762ec00 100644 +index 333d364..762ec00 100644 --- a/kernel/compat.c +++ b/kernel/compat.c @@ -13,6 +13,7 @@ @@ -97148,27 +97608,7 @@ index 24f0061..762ec00 100644 set_fs(oldfs); if ((err == -ERESTART_RESTARTBLOCK) && rmtp && -@@ -912,7 +913,8 @@ long compat_get_bitmap(unsigned long *mask, const compat_ulong_t __user *umask, - * bitmap. We must however ensure the end of the - * kernel bitmap is zeroed. - */ -- if (nr_compat_longs-- > 0) { -+ if (nr_compat_longs) { -+ nr_compat_longs--; - if (__get_user(um, umask)) - return -EFAULT; - } else { -@@ -954,7 +956,8 @@ long compat_put_bitmap(compat_ulong_t __user *umask, unsigned long *mask, - * We dont want to write past the end of the userspace - * bitmap. - */ -- if (nr_compat_longs-- > 0) { -+ if (nr_compat_longs) { -+ nr_compat_longs--; - if (__put_user(um, umask)) - return -EFAULT; - } -@@ -1145,7 +1148,7 @@ COMPAT_SYSCALL_DEFINE2(sched_rr_get_interval, +@@ -1147,7 +1148,7 @@ COMPAT_SYSCALL_DEFINE2(sched_rr_get_interval, mm_segment_t old_fs = get_fs(); set_fs(KERNEL_DS); @@ -97202,10 +97642,10 @@ index c18b1f1..b9a0132 100644 return -ENOMEM; diff --git a/kernel/cred.c b/kernel/cred.c -index e0573a4..26c0fd3 100644 +index ec1c076..7da8a0e 100644 --- a/kernel/cred.c +++ b/kernel/cred.c -@@ -164,6 +164,16 @@ void exit_creds(struct task_struct *tsk) +@@ -167,6 +167,15 @@ void exit_creds(struct task_struct *tsk) validate_creds(cred); alter_cred_subscribers(cred, -1); put_cred(cred); @@ -97215,14 +97655,13 @@ index e0573a4..26c0fd3 100644 + if (cred != NULL) { + tsk->delayed_cred = NULL; + validate_creds(cred); -+ alter_cred_subscribers(cred, -1); + put_cred(cred); + } +#endif } /** -@@ -411,7 +421,7 @@ static bool cred_cap_issubset(const struct cred *set, const struct cred *subset) +@@ -414,7 +423,7 @@ static bool cred_cap_issubset(const struct cred *set, const struct cred *subset) * Always returns 0 thus allowing this function to be tail-called at the end * of, say, sys_setgid(). */ @@ -97231,7 +97670,7 @@ index e0573a4..26c0fd3 100644 { struct task_struct *task = current; const struct cred *old = task->real_cred; -@@ -430,6 +440,8 @@ int commit_creds(struct cred *new) +@@ -433,6 +442,8 @@ int commit_creds(struct cred *new) get_cred(new); /* we will require a ref for the subj creds too */ @@ -97240,7 +97679,7 @@ index e0573a4..26c0fd3 100644 /* dumpability changes */ if (!uid_eq(old->euid, new->euid) || !gid_eq(old->egid, new->egid) || -@@ -479,6 +491,105 @@ int commit_creds(struct cred *new) +@@ -482,6 +493,105 @@ int commit_creds(struct cred *new) put_cred(old); return 0; } @@ -97433,10 +97872,10 @@ index 41213454..861e178 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index 2fabc06..79cceec 100644 +index 0ceb386..ddaf008 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c -@@ -170,8 +170,15 @@ static struct srcu_struct pmus_srcu; +@@ -172,8 +172,15 @@ static struct srcu_struct pmus_srcu; * 0 - disallow raw tracepoint access for unpriv * 1 - disallow cpu events for unpriv * 2 - disallow kernel profiling for unpriv @@ -97444,16 +97883,16 @@ index 2fabc06..79cceec 100644 */ -int sysctl_perf_event_paranoid __read_mostly = 1; +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN -+int sysctl_perf_event_legitimately_concerned __read_mostly = 3; ++int sysctl_perf_event_legitimately_concerned __read_only = 3; +#elif defined(CONFIG_GRKERNSEC_HIDESYM) -+int sysctl_perf_event_legitimately_concerned __read_mostly = 2; ++int sysctl_perf_event_legitimately_concerned __read_only = 2; +#else -+int sysctl_perf_event_legitimately_concerned __read_mostly = 1; ++int sysctl_perf_event_legitimately_concerned __read_only = 1; +#endif /* Minimum for 512 kiB + 1 user control page */ int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */ -@@ -197,7 +204,7 @@ void update_perf_cpu_limits(void) +@@ -199,7 +206,7 @@ void update_perf_cpu_limits(void) tmp *= sysctl_perf_cpu_time_max_percent; do_div(tmp, 100); @@ -97462,7 +97901,7 @@ index 2fabc06..79cceec 100644 } static int perf_rotate_context(struct perf_cpu_context *cpuctx); -@@ -303,7 +310,7 @@ void perf_sample_event_took(u64 sample_len_ns) +@@ -305,7 +312,7 @@ void perf_sample_event_took(u64 sample_len_ns) } } @@ -97471,16 +97910,7 @@ index 2fabc06..79cceec 100644 static void cpu_ctx_sched_out(struct perf_cpu_context *cpuctx, enum event_type_t event_type); -@@ -3220,7 +3227,7 @@ static void __perf_event_read(void *info) - - static inline u64 perf_event_count(struct perf_event *event) - { -- return local64_read(&event->count) + atomic64_read(&event->child_count); -+ return local64_read(&event->count) + atomic64_read_unchecked(&event->child_count); - } - - static u64 perf_event_read(struct perf_event *event) -@@ -3656,9 +3663,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) +@@ -3771,9 +3778,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) mutex_lock(&event->child_mutex); total += perf_event_read(event); *enabled += event->total_time_enabled + @@ -97492,7 +97922,7 @@ index 2fabc06..79cceec 100644 list_for_each_entry(child, &event->child_list, child_list) { total += perf_event_read(child); -@@ -4147,10 +4154,10 @@ void perf_event_update_userpage(struct perf_event *event) +@@ -4268,10 +4275,10 @@ void perf_event_update_userpage(struct perf_event *event) userpg->offset -= local64_read(&event->hw.prev_count); userpg->time_enabled = enabled + @@ -97505,7 +97935,7 @@ index 2fabc06..79cceec 100644 arch_perf_update_userpage(event, userpg, now); -@@ -4740,7 +4747,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, +@@ -4946,7 +4953,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, /* Data. */ sp = perf_user_stack_pointer(regs); @@ -97514,7 +97944,7 @@ index 2fabc06..79cceec 100644 dyn_size = dump_size - rem; perf_output_skip(handle, rem); -@@ -4831,11 +4838,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, +@@ -5037,11 +5044,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, values[n++] = perf_event_count(event); if (read_format & PERF_FORMAT_TOTAL_TIME_ENABLED) { values[n++] = enabled + @@ -97528,7 +97958,7 @@ index 2fabc06..79cceec 100644 } if (read_format & PERF_FORMAT_ID) values[n++] = primary_event_id(event); -@@ -7180,7 +7187,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, +@@ -7533,7 +7540,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, event->parent = parent_event; event->ns = get_pid_ns(task_active_pid_ns(current)); @@ -97537,7 +97967,7 @@ index 2fabc06..79cceec 100644 event->state = PERF_EVENT_STATE_INACTIVE; -@@ -7470,6 +7477,11 @@ SYSCALL_DEFINE5(perf_event_open, +@@ -7892,6 +7899,11 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -97549,7 +97979,7 @@ index 2fabc06..79cceec 100644 err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -@@ -7892,10 +7904,10 @@ static void sync_child_event(struct perf_event *child_event, +@@ -8340,10 +8352,10 @@ static void sync_child_event(struct perf_event *child_event, /* * Add back the child's count to the parent's count: */ @@ -97564,11 +97994,11 @@ index 2fabc06..79cceec 100644 /* diff --git a/kernel/events/internal.h b/kernel/events/internal.h -index 569b2187..19940d9 100644 +index 9f6ce9b..e4f2cbb 100644 --- a/kernel/events/internal.h +++ b/kernel/events/internal.h -@@ -81,10 +81,10 @@ static inline unsigned long perf_data_size(struct ring_buffer *rb) - return rb->nr_pages << (PAGE_SHIFT + page_order(rb)); +@@ -114,10 +114,10 @@ static inline unsigned long perf_aux_size(struct ring_buffer *rb) + return rb->aux_nr_pages << PAGE_SHIFT; } -#define DEFINE_OUTPUT_COPY(func_name, memcpy_func) \ @@ -97580,7 +98010,7 @@ index 569b2187..19940d9 100644 { \ unsigned long size, written; \ \ -@@ -117,7 +117,7 @@ memcpy_common(void *dst, const void *src, unsigned long n) +@@ -150,7 +150,7 @@ memcpy_common(void *dst, const void *src, unsigned long n) return 0; } @@ -97589,7 +98019,7 @@ index 569b2187..19940d9 100644 static inline unsigned long memcpy_skip(void *dst, const void *src, unsigned long n) -@@ -125,7 +125,7 @@ memcpy_skip(void *dst, const void *src, unsigned long n) +@@ -158,7 +158,7 @@ memcpy_skip(void *dst, const void *src, unsigned long n) return 0; } @@ -97598,7 +98028,7 @@ index 569b2187..19940d9 100644 #ifndef arch_perf_out_copy_user #define arch_perf_out_copy_user arch_perf_out_copy_user -@@ -143,7 +143,7 @@ arch_perf_out_copy_user(void *dst, const void *src, unsigned long n) +@@ -176,7 +176,7 @@ arch_perf_out_copy_user(void *dst, const void *src, unsigned long n) } #endif @@ -97621,7 +98051,7 @@ index cb346f2..e4dc317 100644 pagefault_disable(); result = __copy_from_user_inatomic(&opcode, (void __user*)vaddr, diff --git a/kernel/exit.c b/kernel/exit.c -index feff10b..f623dd5 100644 +index 22fcc05..5f07dbc 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -171,6 +171,10 @@ void release_task(struct task_struct *p) @@ -97662,7 +98092,7 @@ index feff10b..f623dd5 100644 exit_mm(tsk); if (group_dead) -@@ -849,7 +857,7 @@ SYSCALL_DEFINE1(exit, int, error_code) +@@ -847,7 +855,7 @@ SYSCALL_DEFINE1(exit, int, error_code) * Take down every thread in the group. This is called by fatal signals * as well as by sys_exit_group (below). */ @@ -97672,10 +98102,10 @@ index feff10b..f623dd5 100644 { struct signal_struct *sig = current->signal; diff --git a/kernel/fork.c b/kernel/fork.c -index cf65139..704476e 100644 +index 03c1eaa..461be4c 100644 --- a/kernel/fork.c +++ b/kernel/fork.c -@@ -177,12 +177,54 @@ static void free_thread_info(struct thread_info *ti) +@@ -188,12 +188,54 @@ static void free_thread_info(struct thread_info *ti) void thread_info_cache_init(void) { thread_info_cache = kmem_cache_create("thread_info", THREAD_SIZE, @@ -97731,7 +98161,7 @@ index cf65139..704476e 100644 /* SLAB cache for signal_struct structures (tsk->signal) */ static struct kmem_cache *signal_cachep; -@@ -201,18 +243,22 @@ struct kmem_cache *vm_area_cachep; +@@ -212,18 +254,22 @@ struct kmem_cache *vm_area_cachep; /* SLAB cache for mm_struct structures (tsk->mm) */ static struct kmem_cache *mm_cachep; @@ -97757,7 +98187,7 @@ index cf65139..704476e 100644 rt_mutex_debug_task_free(tsk); ftrace_graph_exit_task(tsk); put_seccomp_filter(tsk); -@@ -306,6 +352,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -329,6 +375,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) { struct task_struct *tsk; struct thread_info *ti; @@ -97765,7 +98195,7 @@ index cf65139..704476e 100644 int node = tsk_fork_get_node(orig); int err; -@@ -313,7 +360,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -336,7 +383,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) if (!tsk) return NULL; @@ -97774,7 +98204,7 @@ index cf65139..704476e 100644 if (!ti) goto free_tsk; -@@ -322,6 +369,9 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -345,6 +392,9 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) goto free_ti; tsk->stack = ti; @@ -97784,7 +98214,7 @@ index cf65139..704476e 100644 #ifdef CONFIG_SECCOMP /* * We must handle setting up seccomp filters once we're under -@@ -338,7 +388,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -361,7 +411,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) set_task_stack_end_magic(tsk); #ifdef CONFIG_CC_STACKPROTECTOR @@ -97793,7 +98223,7 @@ index cf65139..704476e 100644 #endif /* -@@ -352,24 +402,89 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -375,24 +425,89 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) tsk->splice_pipe = NULL; tsk->task_frag.page = NULL; @@ -97887,7 +98317,7 @@ index cf65139..704476e 100644 uprobe_start_dup_mmap(); down_write(&oldmm->mmap_sem); -@@ -397,51 +512,15 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) +@@ -423,51 +538,15 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) prev = NULL; for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) { @@ -97943,7 +98373,7 @@ index cf65139..704476e 100644 } /* -@@ -473,6 +552,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) +@@ -499,6 +578,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) if (retval) goto out; } @@ -97975,7 +98405,7 @@ index cf65139..704476e 100644 /* a new mm has just been created */ arch_dup_mmap(oldmm, mm); retval = 0; -@@ -482,14 +586,6 @@ out: +@@ -508,14 +612,6 @@ out: up_write(&oldmm->mmap_sem); uprobe_end_dup_mmap(); return retval; @@ -97990,7 +98420,7 @@ index cf65139..704476e 100644 } static inline int mm_alloc_pgd(struct mm_struct *mm) -@@ -739,8 +835,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) +@@ -790,8 +886,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) return ERR_PTR(err); mm = get_task_mm(task); @@ -98001,7 +98431,7 @@ index cf65139..704476e 100644 mmput(mm); mm = ERR_PTR(-EACCES); } -@@ -943,13 +1039,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) +@@ -992,13 +1088,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) spin_unlock(&fs->lock); return -EAGAIN; } @@ -98023,7 +98453,7 @@ index cf65139..704476e 100644 return 0; } -@@ -1187,7 +1290,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) +@@ -1236,7 +1339,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) * parts of the process environment (as per the clone * flags). The actual kick-off is left to the caller. */ @@ -98032,7 +98462,7 @@ index cf65139..704476e 100644 unsigned long stack_start, unsigned long stack_size, int __user *child_tidptr, -@@ -1258,6 +1361,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1307,6 +1410,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); #endif retval = -EAGAIN; @@ -98042,7 +98472,7 @@ index cf65139..704476e 100644 if (atomic_read(&p->real_cred->user->processes) >= task_rlimit(p, RLIMIT_NPROC)) { if (p->real_cred->user != INIT_USER && -@@ -1507,6 +1613,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1554,6 +1660,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, goto bad_fork_free_pid; } @@ -98054,7 +98484,7 @@ index cf65139..704476e 100644 if (likely(p->pid)) { ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace); -@@ -1597,6 +1708,8 @@ bad_fork_cleanup_count: +@@ -1643,6 +1754,8 @@ bad_fork_cleanup_count: bad_fork_free: free_task(p); fork_out: @@ -98063,7 +98493,7 @@ index cf65139..704476e 100644 return ERR_PTR(retval); } -@@ -1658,6 +1771,7 @@ long do_fork(unsigned long clone_flags, +@@ -1704,6 +1817,7 @@ long do_fork(unsigned long clone_flags, p = copy_process(clone_flags, stack_start, stack_size, child_tidptr, NULL, trace); @@ -98071,7 +98501,7 @@ index cf65139..704476e 100644 /* * Do this prior waking up the new thread - the thread pointer * might get invalid after that point, if the thread exits quickly. -@@ -1674,6 +1788,8 @@ long do_fork(unsigned long clone_flags, +@@ -1720,6 +1834,8 @@ long do_fork(unsigned long clone_flags, if (clone_flags & CLONE_PARENT_SETTID) put_user(nr, parent_tidptr); @@ -98080,7 +98510,7 @@ index cf65139..704476e 100644 if (clone_flags & CLONE_VFORK) { p->vfork_done = &vfork; init_completion(&vfork); -@@ -1792,7 +1908,7 @@ void __init proc_caches_init(void) +@@ -1838,7 +1954,7 @@ void __init proc_caches_init(void) mm_cachep = kmem_cache_create("mm_struct", sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL); @@ -98089,7 +98519,7 @@ index cf65139..704476e 100644 mmap_init(); nsproxy_cache_init(); } -@@ -1832,7 +1948,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) +@@ -1878,7 +1994,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) return 0; /* don't need lock here; in the worst case we'll do useless copy */ @@ -98098,7 +98528,7 @@ index cf65139..704476e 100644 return 0; *new_fsp = copy_fs_struct(fs); -@@ -1944,7 +2060,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -1990,7 +2106,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) fs = current->fs; spin_lock(&fs->lock); current->fs = new_fs; @@ -98108,8 +98538,17 @@ index cf65139..704476e 100644 new_fs = NULL; else new_fs = fs; +@@ -2054,7 +2171,7 @@ int unshare_files(struct files_struct **displaced) + int sysctl_max_threads(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table t; ++ ctl_table_no_const t; + int ret; + int threads = max_threads; + int min = MIN_THREADS; diff --git a/kernel/futex.c b/kernel/futex.c -index 2a5e383..878bac6 100644 +index 2579e40..c33f33e 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -201,7 +201,7 @@ struct futex_pi_state { @@ -98185,10 +98624,10 @@ index 55c8c93..9ba7ad6 100644 { compat_uptr_t base = ptr_to_compat(entry); diff --git a/kernel/gcov/base.c b/kernel/gcov/base.c -index b358a80..fc25240 100644 +index a744098..539f7b6 100644 --- a/kernel/gcov/base.c +++ b/kernel/gcov/base.c -@@ -114,11 +114,6 @@ void gcov_enable_events(void) +@@ -117,11 +117,6 @@ void gcov_enable_events(void) } #ifdef CONFIG_MODULES @@ -98200,7 +98639,7 @@ index b358a80..fc25240 100644 /* Update list and generate events when modules are unloaded. */ static int gcov_module_notifier(struct notifier_block *nb, unsigned long event, void *data) -@@ -133,7 +128,7 @@ static int gcov_module_notifier(struct notifier_block *nb, unsigned long event, +@@ -136,7 +131,7 @@ static int gcov_module_notifier(struct notifier_block *nb, unsigned long event, /* Remove entries located in module from linked list. */ while ((info = gcov_info_next(info))) { @@ -98210,10 +98649,10 @@ index b358a80..fc25240 100644 if (gcov_events_enabled) gcov_event(GCOV_REMOVE, info); diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c -index 886d09e..c7ff4e5 100644 +index e68932b..2247e06 100644 --- a/kernel/irq/manage.c +++ b/kernel/irq/manage.c -@@ -874,7 +874,7 @@ static int irq_thread(void *data) +@@ -906,7 +906,7 @@ static int irq_thread(void *data) action_ret = handler_fn(desc, action); if (action_ret == IRQ_HANDLED) @@ -98391,7 +98830,7 @@ index 0aa69ea..a7fcafb 100644 /* diff --git a/kernel/kexec.c b/kernel/kexec.c -index 38c25b1..12b3f69 100644 +index 7a36fdc..3dcabac 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c @@ -1348,7 +1348,8 @@ COMPAT_SYSCALL_DEFINE4(kexec_load, compat_ulong_t, entry, @@ -98672,10 +99111,10 @@ index 6683cce..daf8999 100644 .name = "notes", .mode = S_IRUGO, diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c -index ba77ab5..d6a3e20 100644 +index aaeae88..10f3663 100644 --- a/kernel/locking/lockdep.c +++ b/kernel/locking/lockdep.c -@@ -599,6 +599,10 @@ static int static_obj(void *obj) +@@ -613,6 +613,10 @@ static int static_obj(void *obj) end = (unsigned long) &_end, addr = (unsigned long) obj; @@ -98686,7 +99125,7 @@ index ba77ab5..d6a3e20 100644 /* * static variable? */ -@@ -743,6 +747,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) +@@ -757,6 +761,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) if (!static_obj(lock->key)) { debug_locks_off(); printk("INFO: trying to register non-static key.\n"); @@ -98694,7 +99133,7 @@ index ba77ab5..d6a3e20 100644 printk("the code is fine but needs lockdep annotation.\n"); printk("turning off the locking correctness validator.\n"); dump_stack(); -@@ -3088,7 +3093,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, +@@ -3102,7 +3107,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, if (!class) return 0; } @@ -98704,7 +99143,7 @@ index ba77ab5..d6a3e20 100644 printk("\nacquire class [%p] %s", class->key, class->name); if (class->name_version > 1) diff --git a/kernel/locking/lockdep_proc.c b/kernel/locking/lockdep_proc.c -index ef43ac4..2720dfa 100644 +index d83d798..ea3120d 100644 --- a/kernel/locking/lockdep_proc.c +++ b/kernel/locking/lockdep_proc.c @@ -65,7 +65,7 @@ static int l_show(struct seq_file *m, void *v) @@ -98734,7 +99173,7 @@ index ef43ac4..2720dfa 100644 print_name(m, class); seq_puts(m, "\n"); } -@@ -496,7 +496,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data) +@@ -508,7 +508,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data) if (!i) seq_line(m, '-', 40-namelen, namelen); @@ -98743,7 +99182,7 @@ index ef43ac4..2720dfa 100644 (void *)class->contention_point[i]); seq_printf(m, "%40s %14lu %29s %pS\n", name, stats->contention_point[i], -@@ -511,7 +511,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data) +@@ -523,7 +523,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data) if (!i) seq_line(m, '-', 40-namelen, namelen); @@ -98752,19 +99191,6 @@ index ef43ac4..2720dfa 100644 (void *)class->contending_point[i]); seq_printf(m, "%40s %14lu %29s %pS\n", name, stats->contending_point[i], -diff --git a/kernel/locking/mcs_spinlock.h b/kernel/locking/mcs_spinlock.h -index d1fe2ba..180cd65e 100644 ---- a/kernel/locking/mcs_spinlock.h -+++ b/kernel/locking/mcs_spinlock.h -@@ -78,7 +78,7 @@ void mcs_spin_lock(struct mcs_spinlock **lock, struct mcs_spinlock *node) - */ - return; - } -- ACCESS_ONCE(prev->next) = node; -+ ACCESS_ONCE_RW(prev->next) = node; - - /* Wait until the lock holder passes the lock down. */ - arch_mcs_spin_lock_contended(&node->locked); diff --git a/kernel/locking/mutex-debug.c b/kernel/locking/mutex-debug.c index 3ef3736..9c951fa 100644 --- a/kernel/locking/mutex-debug.c @@ -98814,10 +99240,10 @@ index 0799fd3..d06ae3b 100644 extern void debug_mutex_init(struct mutex *lock, const char *name, struct lock_class_key *key); diff --git a/kernel/locking/mutex.c b/kernel/locking/mutex.c -index 94674e5..de4966f 100644 +index 4cccea6..4382db9 100644 --- a/kernel/locking/mutex.c +++ b/kernel/locking/mutex.c -@@ -542,7 +542,7 @@ __mutex_lock_common(struct mutex *lock, long state, unsigned int subclass, +@@ -533,7 +533,7 @@ __mutex_lock_common(struct mutex *lock, long state, unsigned int subclass, goto skip_wait; debug_mutex_lock_common(lock, &waiter); @@ -98826,7 +99252,7 @@ index 94674e5..de4966f 100644 /* add waiting tasks to the end of the waitqueue (FIFO): */ list_add_tail(&waiter.list, &lock->wait_list); -@@ -589,7 +589,7 @@ __mutex_lock_common(struct mutex *lock, long state, unsigned int subclass, +@@ -580,7 +580,7 @@ __mutex_lock_common(struct mutex *lock, long state, unsigned int subclass, } __set_task_state(task, TASK_RUNNING); @@ -98835,7 +99261,7 @@ index 94674e5..de4966f 100644 /* set it to 0 if there are no waiters left: */ if (likely(list_empty(&lock->wait_list))) atomic_set(&lock->count, 0); -@@ -610,7 +610,7 @@ skip_wait: +@@ -601,7 +601,7 @@ skip_wait: return 0; err: @@ -98844,44 +99270,6 @@ index 94674e5..de4966f 100644 spin_unlock_mutex(&lock->wait_lock, flags); debug_mutex_free_waiter(&waiter); mutex_release(&lock->dep_map, 1, ip); -diff --git a/kernel/locking/osq_lock.c b/kernel/locking/osq_lock.c -index c112d00..1946ad9 100644 ---- a/kernel/locking/osq_lock.c -+++ b/kernel/locking/osq_lock.c -@@ -98,7 +98,7 @@ bool osq_lock(struct optimistic_spin_queue *lock) - - prev = decode_cpu(old); - node->prev = prev; -- ACCESS_ONCE(prev->next) = node; -+ ACCESS_ONCE_RW(prev->next) = node; - - /* - * Normally @prev is untouchable after the above store; because at that -@@ -170,8 +170,8 @@ unqueue: - * it will wait in Step-A. - */ - -- ACCESS_ONCE(next->prev) = prev; -- ACCESS_ONCE(prev->next) = next; -+ ACCESS_ONCE_RW(next->prev) = prev; -+ ACCESS_ONCE_RW(prev->next) = next; - - return false; - } -@@ -193,11 +193,11 @@ void osq_unlock(struct optimistic_spin_queue *lock) - node = this_cpu_ptr(&osq_node); - next = xchg(&node->next, NULL); - if (next) { -- ACCESS_ONCE(next->locked) = 1; -+ ACCESS_ONCE_RW(next->locked) = 1; - return; - } - - next = osq_wait_next(lock, node, NULL); - if (next) -- ACCESS_ONCE(next->locked) = 1; -+ ACCESS_ONCE_RW(next->locked) = 1; - } diff --git a/kernel/locking/rtmutex-tester.c b/kernel/locking/rtmutex-tester.c index 1d96dd0..994ff19 100644 --- a/kernel/locking/rtmutex-tester.c @@ -98977,7 +99365,7 @@ index 1d96dd0..994ff19 100644 default: diff --git a/kernel/module.c b/kernel/module.c -index 538794c..76d7957 100644 +index cfc9e84..a058697 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -59,6 +59,7 @@ @@ -98988,6 +99376,15 @@ index 538794c..76d7957 100644 #include <uapi/linux/module.h> #include "module-internal.h" +@@ -145,7 +146,7 @@ module_param(sig_enforce, bool_enable_only, 0644); + #endif /* CONFIG_MODULE_SIG */ + + /* Block module loading/unloading? */ +-int modules_disabled = 0; ++int modules_disabled __read_only = 0; + core_param(nomodule, modules_disabled, bint, 0); + + /* Waiting for a module to finish initializing? */ @@ -155,7 +156,8 @@ static BLOCKING_NOTIFIER_HEAD(module_notify_list); /* Bounds of module allocation, for speeding __module_address. @@ -99428,7 +99825,7 @@ index 538794c..76d7957 100644 mutex_unlock(&module_mutex); } return ret; -@@ -2665,7 +2728,15 @@ static struct module *setup_load_info(struct load_info *info, int flags) +@@ -2666,7 +2729,15 @@ static struct module *setup_load_info(struct load_info *info, int flags) mod = (void *)info->sechdrs[info->index.mod].sh_addr; if (info->index.sym == 0) { @@ -99444,7 +99841,7 @@ index 538794c..76d7957 100644 return ERR_PTR(-ENOEXEC); } -@@ -2681,8 +2752,14 @@ static struct module *setup_load_info(struct load_info *info, int flags) +@@ -2682,8 +2753,14 @@ static struct module *setup_load_info(struct load_info *info, int flags) static int check_modinfo(struct module *mod, struct load_info *info, int flags) { const char *modmagic = get_modinfo(info, "vermagic"); @@ -99459,7 +99856,7 @@ index 538794c..76d7957 100644 if (flags & MODULE_INIT_IGNORE_VERMAGIC) modmagic = NULL; -@@ -2707,7 +2784,7 @@ static int check_modinfo(struct module *mod, struct load_info *info, int flags) +@@ -2708,7 +2785,7 @@ static int check_modinfo(struct module *mod, struct load_info *info, int flags) } /* Set up license info based on the info section */ @@ -99468,7 +99865,7 @@ index 538794c..76d7957 100644 return 0; } -@@ -2801,7 +2878,7 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2805,7 +2882,7 @@ static int move_module(struct module *mod, struct load_info *info) void *ptr; /* Do the allocs. */ @@ -99477,7 +99874,7 @@ index 538794c..76d7957 100644 /* * The pointer to this block is stored in the module structure * which is inside the block. Just mark it as not being a -@@ -2811,11 +2888,11 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2815,11 +2892,11 @@ static int move_module(struct module *mod, struct load_info *info) if (!ptr) return -ENOMEM; @@ -99493,7 +99890,7 @@ index 538794c..76d7957 100644 /* * The pointer to this block is stored in the module structure * which is inside the block. This block doesn't need to be -@@ -2824,13 +2901,45 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2828,13 +2905,45 @@ static int move_module(struct module *mod, struct load_info *info) */ kmemleak_ignore(ptr); if (!ptr) { @@ -99543,7 +99940,7 @@ index 538794c..76d7957 100644 /* Transfer each section which specifies SHF_ALLOC */ pr_debug("final section addresses:\n"); -@@ -2841,16 +2950,45 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2845,16 +2954,45 @@ static int move_module(struct module *mod, struct load_info *info) if (!(shdr->sh_flags & SHF_ALLOC)) continue; @@ -99596,7 +99993,7 @@ index 538794c..76d7957 100644 pr_debug("\t0x%lx %s\n", (long)shdr->sh_addr, info->secstrings + shdr->sh_name); } -@@ -2907,12 +3045,12 @@ static void flush_module_icache(const struct module *mod) +@@ -2911,12 +3049,12 @@ static void flush_module_icache(const struct module *mod) * Do it before processing of module parameters, so the module * can provide parameter accessor functions of its own. */ @@ -99615,7 +100012,7 @@ index 538794c..76d7957 100644 set_fs(old_fs); } -@@ -2970,8 +3108,10 @@ static void module_deallocate(struct module *mod, struct load_info *info) +@@ -2974,8 +3112,10 @@ static void module_deallocate(struct module *mod, struct load_info *info) { percpu_modfree(mod); module_arch_freeing_init(mod); @@ -99628,7 +100025,7 @@ index 538794c..76d7957 100644 } int __weak module_finalize(const Elf_Ehdr *hdr, -@@ -2984,7 +3124,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, +@@ -2988,7 +3128,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, static int post_relocation(struct module *mod, const struct load_info *info) { /* Sort exception table now relocations are done. */ @@ -99638,7 +100035,7 @@ index 538794c..76d7957 100644 /* Copy relocated percpu area over. */ percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr, -@@ -3032,13 +3174,15 @@ static void do_mod_ctors(struct module *mod) +@@ -3036,13 +3178,15 @@ static void do_mod_ctors(struct module *mod) /* For freeing module_init on success, in case kallsyms traversing */ struct mod_initfree { struct rcu_head rcu; @@ -99656,7 +100053,7 @@ index 538794c..76d7957 100644 kfree(m); } -@@ -3058,7 +3202,8 @@ static noinline int do_init_module(struct module *mod) +@@ -3062,7 +3206,8 @@ static noinline int do_init_module(struct module *mod) ret = -ENOMEM; goto fail; } @@ -99666,7 +100063,7 @@ index 538794c..76d7957 100644 /* * We want to find out whether @mod uses async during init. Clear -@@ -3117,10 +3262,10 @@ static noinline int do_init_module(struct module *mod) +@@ -3121,10 +3266,10 @@ static noinline int do_init_module(struct module *mod) #endif unset_module_init_ro_nx(mod); module_arch_freeing_init(mod); @@ -99681,7 +100078,7 @@ index 538794c..76d7957 100644 /* * We want to free module_init, but be aware that kallsyms may be * walking this with preempt disabled. In all the failure paths, -@@ -3208,16 +3353,16 @@ static int complete_formation(struct module *mod, struct load_info *info) +@@ -3212,16 +3357,16 @@ static int complete_formation(struct module *mod, struct load_info *info) module_bug_finalize(info->hdr, info->sechdrs, mod); /* Set RO and NX regions for core */ @@ -99706,7 +100103,7 @@ index 538794c..76d7957 100644 /* Mark state as coming so strong_try_module_get() ignores us, * but kallsyms etc. can see us. */ -@@ -3301,9 +3446,38 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3305,9 +3450,38 @@ static int load_module(struct load_info *info, const char __user *uargs, if (err) goto free_unload; @@ -99745,7 +100142,7 @@ index 538794c..76d7957 100644 /* Fix up syms, so that st_value is a pointer to location. */ err = simplify_symbols(mod, info); if (err < 0) -@@ -3319,13 +3493,6 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3323,13 +3497,6 @@ static int load_module(struct load_info *info, const char __user *uargs, flush_module_icache(mod); @@ -99759,7 +100156,7 @@ index 538794c..76d7957 100644 dynamic_debug_setup(info->debug, info->num_debug); /* Ftrace init must be called in the MODULE_STATE_UNFORMED state */ -@@ -3376,11 +3543,10 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3380,11 +3547,10 @@ static int load_module(struct load_info *info, const char __user *uargs, ddebug_cleanup: dynamic_debug_remove(info->debug); synchronize_sched(); @@ -99772,7 +100169,7 @@ index 538794c..76d7957 100644 free_unload: module_unload_free(mod); unlink_mod: -@@ -3393,7 +3559,8 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3397,7 +3563,8 @@ static int load_module(struct load_info *info, const char __user *uargs, mutex_unlock(&module_mutex); free_module: /* Free lock-classes; relies on the preceding sync_rcu() */ @@ -99782,7 +100179,7 @@ index 538794c..76d7957 100644 module_deallocate(mod, info); free_copy: -@@ -3470,10 +3637,16 @@ static const char *get_ksymbol(struct module *mod, +@@ -3474,10 +3641,16 @@ static const char *get_ksymbol(struct module *mod, unsigned long nextval; /* At worse, next value is at end of module */ @@ -99802,7 +100199,7 @@ index 538794c..76d7957 100644 /* Scan for closest preceding symbol, and next symbol. (ELF starts real symbols at 1). */ -@@ -3721,7 +3894,7 @@ static int m_show(struct seq_file *m, void *p) +@@ -3725,7 +3898,7 @@ static int m_show(struct seq_file *m, void *p) return 0; seq_printf(m, "%s %u", @@ -99811,7 +100208,7 @@ index 538794c..76d7957 100644 print_unload_info(m, mod); /* Informative for users. */ -@@ -3730,7 +3903,7 @@ static int m_show(struct seq_file *m, void *p) +@@ -3734,7 +3907,7 @@ static int m_show(struct seq_file *m, void *p) mod->state == MODULE_STATE_COMING ? "Loading" : "Live"); /* Used by oprofile and other similar tools. */ @@ -99820,7 +100217,7 @@ index 538794c..76d7957 100644 /* Taints info */ if (mod->taints) -@@ -3766,7 +3939,17 @@ static const struct file_operations proc_modules_operations = { +@@ -3770,7 +3943,17 @@ static const struct file_operations proc_modules_operations = { static int __init proc_modules_init(void) { @@ -99838,7 +100235,7 @@ index 538794c..76d7957 100644 return 0; } module_init(proc_modules_init); -@@ -3827,7 +4010,8 @@ struct module *__module_address(unsigned long addr) +@@ -3831,7 +4014,8 @@ struct module *__module_address(unsigned long addr) { struct module *mod; @@ -99848,7 +100245,7 @@ index 538794c..76d7957 100644 return NULL; list_for_each_entry_rcu(mod, &modules, list) { -@@ -3868,11 +4052,20 @@ bool is_module_text_address(unsigned long addr) +@@ -3872,11 +4056,20 @@ bool is_module_text_address(unsigned long addr) */ struct module *__module_text_address(unsigned long addr) { @@ -99983,7 +100380,7 @@ index 8136ad7..15c857b 100644 } EXPORT_SYMBOL(__stack_chk_fail); diff --git a/kernel/pid.c b/kernel/pid.c -index cd36a5e..11f185d 100644 +index 4fd07d5..02bce4f 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -33,6 +33,7 @@ @@ -100003,7 +100400,7 @@ index cd36a5e..11f185d 100644 int pid_max_min = RESERVED_PIDS + 1; int pid_max_max = PID_MAX_LIMIT; -@@ -450,10 +451,18 @@ EXPORT_SYMBOL(pid_task); +@@ -451,10 +452,18 @@ EXPORT_SYMBOL(pid_task); */ struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns) { @@ -100023,7 +100420,7 @@ index cd36a5e..11f185d 100644 } struct task_struct *find_task_by_vpid(pid_t vnr) -@@ -461,6 +470,14 @@ struct task_struct *find_task_by_vpid(pid_t vnr) +@@ -462,6 +471,14 @@ struct task_struct *find_task_by_vpid(pid_t vnr) return find_task_by_pid_ns(vnr, task_active_pid_ns(current)); } @@ -100108,9 +100505,18 @@ index 564f786..361a18e 100644 if (pm_wakeup_pending()) { diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c -index bb0635b..9aff9f3 100644 +index c099b08..54bcfe8 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c +@@ -463,7 +463,7 @@ static int log_store(int facility, int level, + return msg->text_len; + } + +-int dmesg_restrict = IS_ENABLED(CONFIG_SECURITY_DMESG_RESTRICT); ++int dmesg_restrict __read_only = IS_ENABLED(CONFIG_SECURITY_DMESG_RESTRICT); + + static int syslog_action_restricted(int type) + { @@ -486,6 +486,11 @@ int check_syslog_permissions(int type, bool from_file) if (from_file && type != SYSLOG_ACTION_OPEN) return 0; @@ -100185,7 +100591,7 @@ index a7bcd28..5b368fa 100644 } diff --git a/kernel/ptrace.c b/kernel/ptrace.c -index 9a34bd8..38d90e5 100644 +index c8e0e05..2be5614 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -321,7 +321,7 @@ static int ptrace_attach(struct task_struct *task, long request, @@ -100197,7 +100603,7 @@ index 9a34bd8..38d90e5 100644 flags |= PT_PTRACE_CAP; rcu_read_unlock(); task->ptrace = flags; -@@ -515,7 +515,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst +@@ -514,7 +514,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst break; return -EIO; } @@ -100206,7 +100612,7 @@ index 9a34bd8..38d90e5 100644 return -EFAULT; copied += retval; src += retval; -@@ -803,7 +803,7 @@ int ptrace_request(struct task_struct *child, long request, +@@ -802,7 +802,7 @@ int ptrace_request(struct task_struct *child, long request, bool seized = child->ptrace & PT_SEIZED; int ret = -EIO; siginfo_t siginfo, *si; @@ -100215,7 +100621,7 @@ index 9a34bd8..38d90e5 100644 unsigned long __user *datalp = datavp; unsigned long flags; -@@ -1049,14 +1049,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, +@@ -1048,14 +1048,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, goto out; } @@ -100238,7 +100644,7 @@ index 9a34bd8..38d90e5 100644 goto out_put_task_struct; } -@@ -1084,7 +1091,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, +@@ -1083,7 +1090,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, copied = access_process_vm(tsk, addr, &tmp, sizeof(tmp), 0); if (copied != sizeof(tmp)) return -EIO; @@ -100247,7 +100653,7 @@ index 9a34bd8..38d90e5 100644 } int generic_ptrace_pokedata(struct task_struct *tsk, unsigned long addr, -@@ -1177,7 +1184,7 @@ int compat_ptrace_request(struct task_struct *child, compat_long_t request, +@@ -1176,7 +1183,7 @@ int compat_ptrace_request(struct task_struct *child, compat_long_t request, } COMPAT_SYSCALL_DEFINE4(ptrace, compat_long_t, request, compat_long_t, pid, @@ -100256,7 +100662,7 @@ index 9a34bd8..38d90e5 100644 { struct task_struct *child; long ret; -@@ -1193,14 +1200,21 @@ COMPAT_SYSCALL_DEFINE4(ptrace, compat_long_t, request, compat_long_t, pid, +@@ -1192,14 +1199,21 @@ COMPAT_SYSCALL_DEFINE4(ptrace, compat_long_t, request, compat_long_t, pid, goto out; } @@ -100280,7 +100686,7 @@ index 9a34bd8..38d90e5 100644 } diff --git a/kernel/rcu/rcutorture.c b/kernel/rcu/rcutorture.c -index 30d42aa..cac5d66 100644 +index 8dbe276..8e87dbd 100644 --- a/kernel/rcu/rcutorture.c +++ b/kernel/rcu/rcutorture.c @@ -134,12 +134,12 @@ static DEFINE_PER_CPU(long [RCU_TORTURE_PIPE_LEN + 1], @@ -100352,7 +100758,7 @@ index 30d42aa..cac5d66 100644 WARN_ON(signal_pending(current)); for (i = 0; i < cbflood_n_burst; i++) { for (j = 0; j < cbflood_n_per_burst; j++) { -@@ -915,7 +915,7 @@ rcu_torture_writer(void *arg) +@@ -923,7 +923,7 @@ rcu_torture_writer(void *arg) i = old_rp->rtort_pipe_count; if (i > RCU_TORTURE_PIPE_LEN) i = RCU_TORTURE_PIPE_LEN; @@ -100361,7 +100767,7 @@ index 30d42aa..cac5d66 100644 old_rp->rtort_pipe_count++; switch (synctype[torture_random(&rand) % nsynctypes]) { case RTWS_DEF_FREE: -@@ -1036,7 +1036,7 @@ static void rcu_torture_timer(unsigned long unused) +@@ -1061,7 +1061,7 @@ static void rcu_torture_timer(unsigned long unused) return; } if (p->rtort_mbtest == 0) @@ -100370,7 +100776,7 @@ index 30d42aa..cac5d66 100644 spin_lock(&rand_lock); cur_ops->read_delay(&rand); n_rcu_torture_timers++; -@@ -1111,7 +1111,7 @@ rcu_torture_reader(void *arg) +@@ -1136,7 +1136,7 @@ rcu_torture_reader(void *arg) continue; } if (p->rtort_mbtest == 0) @@ -100379,7 +100785,7 @@ index 30d42aa..cac5d66 100644 cur_ops->read_delay(&rand); preempt_disable(); pipe_count = p->rtort_pipe_count; -@@ -1180,11 +1180,11 @@ rcu_torture_stats_print(void) +@@ -1205,11 +1205,11 @@ rcu_torture_stats_print(void) rcu_torture_current, rcu_torture_current_version, list_empty(&rcu_torture_freelist), @@ -100395,7 +100801,7 @@ index 30d42aa..cac5d66 100644 n_rcu_torture_boost_ktrerror, n_rcu_torture_boost_rterror); pr_cont("rtbf: %ld rtb: %ld nt: %ld ", -@@ -1196,17 +1196,17 @@ rcu_torture_stats_print(void) +@@ -1221,17 +1221,17 @@ rcu_torture_stats_print(void) n_barrier_successes, n_barrier_attempts, n_rcu_torture_barrier_error); @@ -100416,7 +100822,7 @@ index 30d42aa..cac5d66 100644 WARN_ON_ONCE(1); } pr_cont("Reader Pipe: "); -@@ -1223,7 +1223,7 @@ rcu_torture_stats_print(void) +@@ -1248,7 +1248,7 @@ rcu_torture_stats_print(void) pr_alert("%s%s ", torture_type, TORTURE_FLAG); pr_cont("Free-Block Circulation: "); for (i = 0; i < RCU_TORTURE_PIPE_LEN + 1; i++) { @@ -100425,7 +100831,7 @@ index 30d42aa..cac5d66 100644 } pr_cont("\n"); -@@ -1570,7 +1570,7 @@ rcu_torture_cleanup(void) +@@ -1595,7 +1595,7 @@ rcu_torture_cleanup(void) rcu_torture_stats_print(); /* -After- the stats thread is stopped! */ @@ -100434,7 +100840,7 @@ index 30d42aa..cac5d66 100644 rcu_torture_print_module_parms(cur_ops, "End of test: FAILURE"); else if (torture_onoff_failures()) rcu_torture_print_module_parms(cur_ops, -@@ -1695,18 +1695,18 @@ rcu_torture_init(void) +@@ -1720,18 +1720,18 @@ rcu_torture_init(void) rcu_torture_current = NULL; rcu_torture_current_version = 0; @@ -100460,7 +100866,7 @@ index 30d42aa..cac5d66 100644 for (i = 0; i < RCU_TORTURE_PIPE_LEN + 1; i++) { per_cpu(rcu_torture_count, cpu)[i] = 0; diff --git a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c -index cc9ceca..ce075a6 100644 +index ec30868..89752ff 100644 --- a/kernel/rcu/tiny.c +++ b/kernel/rcu/tiny.c @@ -42,7 +42,7 @@ @@ -100472,7 +100878,7 @@ index cc9ceca..ce075a6 100644 static void __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), struct rcu_ctrlblk *rcp); -@@ -210,7 +210,7 @@ static void __rcu_process_callbacks(struct rcu_ctrlblk *rcp) +@@ -203,7 +203,7 @@ static void __rcu_process_callbacks(struct rcu_ctrlblk *rcp) false)); } @@ -100508,10 +100914,10 @@ index f94e209..d2985bd 100644 static void check_cpu_stalls(void) diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c -index 48d640c..9401d30 100644 +index 8cf7304..953f8ad 100644 --- a/kernel/rcu/tree.c +++ b/kernel/rcu/tree.c -@@ -268,7 +268,7 @@ static void rcu_momentary_dyntick_idle(void) +@@ -290,7 +290,7 @@ static void rcu_momentary_dyntick_idle(void) */ rdtp = this_cpu_ptr(&rcu_dynticks); smp_mb__before_atomic(); /* Earlier stuff before QS. */ @@ -100520,7 +100926,7 @@ index 48d640c..9401d30 100644 smp_mb__after_atomic(); /* Later stuff after QS. */ break; } -@@ -580,9 +580,9 @@ static void rcu_eqs_enter_common(long long oldval, bool user) +@@ -602,9 +602,9 @@ static void rcu_eqs_enter_common(long long oldval, bool user) rcu_prepare_for_idle(); /* CPUs seeing atomic_inc() must see prior RCU read-side crit sects */ smp_mb__before_atomic(); /* See above. */ @@ -100532,7 +100938,7 @@ index 48d640c..9401d30 100644 rcu_dynticks_task_enter(); /* -@@ -703,10 +703,10 @@ static void rcu_eqs_exit_common(long long oldval, int user) +@@ -725,10 +725,10 @@ static void rcu_eqs_exit_common(long long oldval, int user) rcu_dynticks_task_exit(); smp_mb__before_atomic(); /* Force ordering w/previous sojourn. */ @@ -100545,7 +100951,7 @@ index 48d640c..9401d30 100644 rcu_cleanup_after_idle(); trace_rcu_dyntick(TPS("End"), oldval, rdtp->dynticks_nesting); if (!user && !is_idle_task(current)) { -@@ -840,12 +840,12 @@ void rcu_nmi_enter(void) +@@ -862,12 +862,12 @@ void rcu_nmi_enter(void) * to be in the outermost NMI handler that interrupted an RCU-idle * period (observation due to Andy Lutomirski). */ @@ -100561,7 +100967,7 @@ index 48d640c..9401d30 100644 incby = 1; } rdtp->dynticks_nmi_nesting += incby; -@@ -870,7 +870,7 @@ void rcu_nmi_exit(void) +@@ -892,7 +892,7 @@ void rcu_nmi_exit(void) * to us!) */ WARN_ON_ONCE(rdtp->dynticks_nmi_nesting <= 0); @@ -100570,7 +100976,7 @@ index 48d640c..9401d30 100644 /* * If the nesting level is not 1, the CPU wasn't RCU-idle, so -@@ -885,9 +885,9 @@ void rcu_nmi_exit(void) +@@ -907,9 +907,9 @@ void rcu_nmi_exit(void) rdtp->dynticks_nmi_nesting = 0; /* CPUs seeing atomic_inc() must see prior RCU read-side crit sects */ smp_mb__before_atomic(); /* See above. */ @@ -100582,7 +100988,7 @@ index 48d640c..9401d30 100644 } /** -@@ -900,7 +900,7 @@ void rcu_nmi_exit(void) +@@ -922,7 +922,7 @@ void rcu_nmi_exit(void) */ bool notrace __rcu_is_watching(void) { @@ -100591,7 +100997,7 @@ index 48d640c..9401d30 100644 } /** -@@ -983,7 +983,7 @@ static int rcu_is_cpu_rrupt_from_idle(void) +@@ -1005,7 +1005,7 @@ static int rcu_is_cpu_rrupt_from_idle(void) static int dyntick_save_progress_counter(struct rcu_data *rdp, bool *isidle, unsigned long *maxj) { @@ -100600,7 +101006,7 @@ index 48d640c..9401d30 100644 rcu_sysidle_check_cpu(rdp, isidle, maxj); if ((rdp->dynticks_snap & 0x1) == 0) { trace_rcu_fqs(rdp->rsp->name, rdp->gpnum, rdp->cpu, TPS("dti")); -@@ -991,7 +991,7 @@ static int dyntick_save_progress_counter(struct rcu_data *rdp, +@@ -1013,7 +1013,7 @@ static int dyntick_save_progress_counter(struct rcu_data *rdp, } else { if (ULONG_CMP_LT(ACCESS_ONCE(rdp->gpnum) + ULONG_MAX / 4, rdp->mynode->gpnum)) @@ -100609,7 +101015,7 @@ index 48d640c..9401d30 100644 return 0; } } -@@ -1009,7 +1009,7 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, +@@ -1031,7 +1031,7 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, int *rcrmp; unsigned int snap; @@ -100618,7 +101024,7 @@ index 48d640c..9401d30 100644 snap = (unsigned int)rdp->dynticks_snap; /* -@@ -1072,10 +1072,10 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, +@@ -1094,10 +1094,10 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, rdp->rsp->gp_start + jiffies_till_sched_qs) || ULONG_CMP_GE(jiffies, rdp->rsp->jiffies_resched)) { if (!(ACCESS_ONCE(*rcrmp) & rdp->rsp->flavor_mask)) { @@ -100631,7 +101037,7 @@ index 48d640c..9401d30 100644 ACCESS_ONCE(*rcrmp) + rdp->rsp->flavor_mask; resched_cpu(rdp->cpu); /* Force CPU into scheduler. */ rdp->rsp->jiffies_resched += 5; /* Enable beating. */ -@@ -1097,7 +1097,7 @@ static void record_gp_stall_check_time(struct rcu_state *rsp) +@@ -1119,7 +1119,7 @@ static void record_gp_stall_check_time(struct rcu_state *rsp) rsp->gp_start = j; smp_wmb(); /* Record start time before stall time. */ j1 = rcu_jiffies_till_stall_check(); @@ -100640,7 +101046,7 @@ index 48d640c..9401d30 100644 rsp->jiffies_resched = j + j1 / 2; rsp->n_force_qs_gpstart = ACCESS_ONCE(rsp->n_force_qs); } -@@ -1156,7 +1156,7 @@ static void print_other_cpu_stall(struct rcu_state *rsp, unsigned long gpnum) +@@ -1178,7 +1178,7 @@ static void print_other_cpu_stall(struct rcu_state *rsp, unsigned long gpnum) raw_spin_unlock_irqrestore(&rnp->lock, flags); return; } @@ -100649,7 +101055,7 @@ index 48d640c..9401d30 100644 raw_spin_unlock_irqrestore(&rnp->lock, flags); /* -@@ -1240,7 +1240,7 @@ static void print_cpu_stall(struct rcu_state *rsp) +@@ -1263,7 +1263,7 @@ static void print_cpu_stall(struct rcu_state *rsp) raw_spin_lock_irqsave(&rnp->lock, flags); if (ULONG_CMP_GE(jiffies, ACCESS_ONCE(rsp->jiffies_stall))) @@ -100658,7 +101064,7 @@ index 48d640c..9401d30 100644 3 * rcu_jiffies_till_stall_check() + 3; raw_spin_unlock_irqrestore(&rnp->lock, flags); -@@ -1324,7 +1324,7 @@ void rcu_cpu_stall_reset(void) +@@ -1347,7 +1347,7 @@ void rcu_cpu_stall_reset(void) struct rcu_state *rsp; for_each_rcu_flavor(rsp) @@ -100667,7 +101073,7 @@ index 48d640c..9401d30 100644 } /* -@@ -1671,7 +1671,7 @@ static bool __note_gp_changes(struct rcu_state *rsp, struct rcu_node *rnp, +@@ -1704,7 +1704,7 @@ static bool __note_gp_changes(struct rcu_state *rsp, struct rcu_node *rnp, rdp->rcu_qs_ctr_snap = __this_cpu_read(rcu_qs_ctr); rdp->qs_pending = !!(rnp->qsmask & rdp->grpmask); zero_cpu_stall_ticks(rdp); @@ -100676,16 +101082,16 @@ index 48d640c..9401d30 100644 } return ret; } -@@ -1706,7 +1706,7 @@ static int rcu_gp_init(struct rcu_state *rsp) +@@ -1740,7 +1740,7 @@ static int rcu_gp_init(struct rcu_state *rsp) struct rcu_data *rdp; struct rcu_node *rnp = rcu_get_root(rsp); - ACCESS_ONCE(rsp->gp_activity) = jiffies; + ACCESS_ONCE_RW(rsp->gp_activity) = jiffies; - rcu_bind_gp_kthread(); raw_spin_lock_irq(&rnp->lock); smp_mb__after_unlock_lock(); -@@ -1715,7 +1715,7 @@ static int rcu_gp_init(struct rcu_state *rsp) + if (!ACCESS_ONCE(rsp->gp_flags)) { +@@ -1748,7 +1748,7 @@ static int rcu_gp_init(struct rcu_state *rsp) raw_spin_unlock_irq(&rnp->lock); return 0; } @@ -100694,28 +101100,28 @@ index 48d640c..9401d30 100644 if (WARN_ON_ONCE(rcu_gp_in_progress(rsp))) { /* -@@ -1756,9 +1756,9 @@ static int rcu_gp_init(struct rcu_state *rsp) +@@ -1834,9 +1834,9 @@ static int rcu_gp_init(struct rcu_state *rsp) rdp = this_cpu_ptr(rsp->rda); rcu_preempt_check_blocked_tasks(rnp); rnp->qsmask = rnp->qsmaskinit; - ACCESS_ONCE(rnp->gpnum) = rsp->gpnum; + ACCESS_ONCE_RW(rnp->gpnum) = rsp->gpnum; - WARN_ON_ONCE(rnp->completed != rsp->completed); -- ACCESS_ONCE(rnp->completed) = rsp->completed; -+ ACCESS_ONCE_RW(rnp->completed) = rsp->completed; + if (WARN_ON_ONCE(rnp->completed != rsp->completed)) +- ACCESS_ONCE(rnp->completed) = rsp->completed; ++ ACCESS_ONCE_RW(rnp->completed) = rsp->completed; if (rnp == rdp->mynode) (void)__note_gp_changes(rsp, rnp, rdp); rcu_preempt_boost_start_gp(rnp); -@@ -1767,7 +1767,7 @@ static int rcu_gp_init(struct rcu_state *rsp) +@@ -1845,7 +1845,7 @@ static int rcu_gp_init(struct rcu_state *rsp) rnp->grphi, rnp->qsmask); raw_spin_unlock_irq(&rnp->lock); cond_resched_rcu_qs(); - ACCESS_ONCE(rsp->gp_activity) = jiffies; + ACCESS_ONCE_RW(rsp->gp_activity) = jiffies; - } - - mutex_unlock(&rsp->onoff_mutex); -@@ -1784,7 +1784,7 @@ static int rcu_gp_fqs(struct rcu_state *rsp, int fqs_state_in) + if (gp_init_delay > 0 && + !(rsp->gpnum % (rcu_num_nodes * PER_RCU_NODE_PERIOD))) + schedule_timeout_uninterruptible(gp_init_delay); +@@ -1864,7 +1864,7 @@ static int rcu_gp_fqs(struct rcu_state *rsp, int fqs_state_in) unsigned long maxj; struct rcu_node *rnp = rcu_get_root(rsp); @@ -100724,7 +101130,7 @@ index 48d640c..9401d30 100644 rsp->n_force_qs++; if (fqs_state == RCU_SAVE_DYNTICK) { /* Collect dyntick-idle snapshots. */ -@@ -1805,7 +1805,7 @@ static int rcu_gp_fqs(struct rcu_state *rsp, int fqs_state_in) +@@ -1885,7 +1885,7 @@ static int rcu_gp_fqs(struct rcu_state *rsp, int fqs_state_in) if (ACCESS_ONCE(rsp->gp_flags) & RCU_GP_FLAG_FQS) { raw_spin_lock_irq(&rnp->lock); smp_mb__after_unlock_lock(); @@ -100733,7 +101139,7 @@ index 48d640c..9401d30 100644 ACCESS_ONCE(rsp->gp_flags) & ~RCU_GP_FLAG_FQS; raw_spin_unlock_irq(&rnp->lock); } -@@ -1823,7 +1823,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) +@@ -1903,7 +1903,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) struct rcu_data *rdp; struct rcu_node *rnp = rcu_get_root(rsp); @@ -100742,16 +101148,16 @@ index 48d640c..9401d30 100644 raw_spin_lock_irq(&rnp->lock); smp_mb__after_unlock_lock(); gp_duration = jiffies - rsp->gp_start; -@@ -1852,7 +1852,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) - rcu_for_each_node_breadth_first(rsp, rnp) { - raw_spin_lock_irq(&rnp->lock); +@@ -1934,7 +1934,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) smp_mb__after_unlock_lock(); + WARN_ON_ONCE(rcu_preempt_blocked_readers_cgp(rnp)); + WARN_ON_ONCE(rnp->qsmask); - ACCESS_ONCE(rnp->completed) = rsp->gpnum; + ACCESS_ONCE_RW(rnp->completed) = rsp->gpnum; rdp = this_cpu_ptr(rsp->rda); if (rnp == rdp->mynode) needgp = __note_gp_changes(rsp, rnp, rdp) || needgp; -@@ -1860,7 +1860,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) +@@ -1942,7 +1942,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) nocb += rcu_future_gp_cleanup(rsp, rnp); raw_spin_unlock_irq(&rnp->lock); cond_resched_rcu_qs(); @@ -100760,7 +101166,7 @@ index 48d640c..9401d30 100644 } rnp = rcu_get_root(rsp); raw_spin_lock_irq(&rnp->lock); -@@ -1868,14 +1868,14 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) +@@ -1950,14 +1950,14 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) rcu_nocb_gp_set(rnp, nocb); /* Declare grace period done. */ @@ -100777,7 +101183,7 @@ index 48d640c..9401d30 100644 trace_rcu_grace_period(rsp->name, ACCESS_ONCE(rsp->gpnum), TPS("newreq")); -@@ -1910,7 +1910,7 @@ static int __noreturn rcu_gp_kthread(void *arg) +@@ -1993,7 +1993,7 @@ static int __noreturn rcu_gp_kthread(void *arg) if (rcu_gp_init(rsp)) break; cond_resched_rcu_qs(); @@ -100786,7 +101192,7 @@ index 48d640c..9401d30 100644 WARN_ON(signal_pending(current)); trace_rcu_grace_period(rsp->name, ACCESS_ONCE(rsp->gpnum), -@@ -1954,11 +1954,11 @@ static int __noreturn rcu_gp_kthread(void *arg) +@@ -2037,11 +2037,11 @@ static int __noreturn rcu_gp_kthread(void *arg) ACCESS_ONCE(rsp->gpnum), TPS("fqsend")); cond_resched_rcu_qs(); @@ -100800,7 +101206,7 @@ index 48d640c..9401d30 100644 WARN_ON(signal_pending(current)); trace_rcu_grace_period(rsp->name, ACCESS_ONCE(rsp->gpnum), -@@ -2003,7 +2003,7 @@ rcu_start_gp_advanced(struct rcu_state *rsp, struct rcu_node *rnp, +@@ -2086,7 +2086,7 @@ rcu_start_gp_advanced(struct rcu_state *rsp, struct rcu_node *rnp, */ return false; } @@ -100809,7 +101215,7 @@ index 48d640c..9401d30 100644 trace_rcu_grace_period(rsp->name, ACCESS_ONCE(rsp->gpnum), TPS("newreq")); -@@ -2228,7 +2228,7 @@ rcu_send_cbs_to_orphanage(int cpu, struct rcu_state *rsp, +@@ -2359,7 +2359,7 @@ rcu_send_cbs_to_orphanage(int cpu, struct rcu_state *rsp, rsp->qlen += rdp->qlen; rdp->n_cbs_orphaned += rdp->qlen; rdp->qlen_lazy = 0; @@ -100818,7 +101224,7 @@ index 48d640c..9401d30 100644 } /* -@@ -2490,7 +2490,7 @@ static void rcu_do_batch(struct rcu_state *rsp, struct rcu_data *rdp) +@@ -2636,7 +2636,7 @@ static void rcu_do_batch(struct rcu_state *rsp, struct rcu_data *rdp) } smp_mb(); /* List handling before counting for rcu_barrier(). */ rdp->qlen_lazy -= count_lazy; @@ -100827,7 +101233,7 @@ index 48d640c..9401d30 100644 rdp->n_cbs_invoked += count; /* Reinstate batch limit if we have worked down the excess. */ -@@ -2647,7 +2647,7 @@ static void force_quiescent_state(struct rcu_state *rsp) +@@ -2814,7 +2814,7 @@ static void force_quiescent_state(struct rcu_state *rsp) raw_spin_unlock_irqrestore(&rnp_old->lock, flags); return; /* Someone beat us to it. */ } @@ -100836,7 +101242,7 @@ index 48d640c..9401d30 100644 ACCESS_ONCE(rsp->gp_flags) | RCU_GP_FLAG_FQS; raw_spin_unlock_irqrestore(&rnp_old->lock, flags); rcu_gp_kthread_wake(rsp); -@@ -2693,7 +2693,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) +@@ -2860,7 +2860,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) /* * Do RCU core processing for the current CPU. */ @@ -100845,7 +101251,7 @@ index 48d640c..9401d30 100644 { struct rcu_state *rsp; -@@ -2805,7 +2805,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), +@@ -2972,7 +2972,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), WARN_ON_ONCE((unsigned long)head & 0x1); /* Misaligned rcu_head! */ if (debug_rcu_head_queue(head)) { /* Probable double call_rcu(), so leak the callback. */ @@ -100854,16 +101260,16 @@ index 48d640c..9401d30 100644 WARN_ONCE(1, "__call_rcu(): Leaked duplicate callback\n"); return; } -@@ -2833,7 +2833,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), - local_irq_restore(flags); - return; +@@ -3011,7 +3011,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), + if (!likely(rdp->nxtlist)) + init_default_callback_list(rdp); } - ACCESS_ONCE(rdp->qlen) = rdp->qlen + 1; + ACCESS_ONCE_RW(rdp->qlen) = rdp->qlen + 1; if (lazy) rdp->qlen_lazy++; else -@@ -3106,11 +3106,11 @@ void synchronize_sched_expedited(void) +@@ -3284,11 +3284,11 @@ void synchronize_sched_expedited(void) * counter wrap on a 32-bit system. Quite a few more CPUs would of * course be required on a 64-bit system. */ @@ -100877,7 +101283,7 @@ index 48d640c..9401d30 100644 return; } -@@ -3118,12 +3118,12 @@ void synchronize_sched_expedited(void) +@@ -3296,12 +3296,12 @@ void synchronize_sched_expedited(void) * Take a ticket. Note that atomic_inc_return() implies a * full memory barrier. */ @@ -100892,7 +101298,7 @@ index 48d640c..9401d30 100644 return; } WARN_ON_ONCE(cpu_is_offline(raw_smp_processor_id())); -@@ -3136,7 +3136,7 @@ void synchronize_sched_expedited(void) +@@ -3314,7 +3314,7 @@ void synchronize_sched_expedited(void) for_each_cpu(cpu, cm) { struct rcu_dynticks *rdtp = &per_cpu(rcu_dynticks, cpu); @@ -100901,7 +101307,7 @@ index 48d640c..9401d30 100644 cpumask_clear_cpu(cpu, cm); } if (cpumask_weight(cm) == 0) -@@ -3151,14 +3151,14 @@ void synchronize_sched_expedited(void) +@@ -3329,14 +3329,14 @@ void synchronize_sched_expedited(void) synchronize_sched_expedited_cpu_stop, NULL) == -EAGAIN) { put_online_cpus(); @@ -100918,7 +101324,7 @@ index 48d640c..9401d30 100644 free_cpumask_var(cm); return; } -@@ -3168,7 +3168,7 @@ void synchronize_sched_expedited(void) +@@ -3346,7 +3346,7 @@ void synchronize_sched_expedited(void) udelay(trycount * num_online_cpus()); } else { wait_rcu_gp(call_rcu_sched); @@ -100927,7 +101333,7 @@ index 48d640c..9401d30 100644 free_cpumask_var(cm); return; } -@@ -3178,7 +3178,7 @@ void synchronize_sched_expedited(void) +@@ -3356,7 +3356,7 @@ void synchronize_sched_expedited(void) if (ULONG_CMP_GE((ulong)s, (ulong)firstsnap)) { /* ensure test happens before caller kfree */ smp_mb__before_atomic(); /* ^^^ */ @@ -100936,7 +101342,7 @@ index 48d640c..9401d30 100644 free_cpumask_var(cm); return; } -@@ -3193,14 +3193,14 @@ void synchronize_sched_expedited(void) +@@ -3371,14 +3371,14 @@ void synchronize_sched_expedited(void) if (!try_get_online_cpus()) { /* CPU hotplug operation in flight, use normal GP. */ wait_rcu_gp(call_rcu_sched); @@ -100954,7 +101360,7 @@ index 48d640c..9401d30 100644 all_cpus_idle: free_cpumask_var(cm); -@@ -3212,16 +3212,16 @@ all_cpus_idle: +@@ -3390,16 +3390,16 @@ all_cpus_idle: * than we did already did their update. */ do { @@ -100974,7 +101380,7 @@ index 48d640c..9401d30 100644 put_online_cpus(); } -@@ -3431,7 +3431,7 @@ static void _rcu_barrier(struct rcu_state *rsp) +@@ -3609,7 +3609,7 @@ static void _rcu_barrier(struct rcu_state *rsp) * ACCESS_ONCE() to prevent the compiler from speculating * the increment to precede the early-exit check. */ @@ -100983,7 +101389,7 @@ index 48d640c..9401d30 100644 WARN_ON_ONCE((rsp->n_barrier_done & 0x1) != 1); _rcu_barrier_trace(rsp, "Inc1", -1, rsp->n_barrier_done); smp_mb(); /* Order ->n_barrier_done increment with below mechanism. */ -@@ -3487,7 +3487,7 @@ static void _rcu_barrier(struct rcu_state *rsp) +@@ -3665,7 +3665,7 @@ static void _rcu_barrier(struct rcu_state *rsp) /* Increment ->n_barrier_done to prevent duplicate work. */ smp_mb(); /* Keep increment after above mechanism. */ @@ -100992,7 +101398,7 @@ index 48d640c..9401d30 100644 WARN_ON_ONCE((rsp->n_barrier_done & 0x1) != 0); _rcu_barrier_trace(rsp, "Inc2", -1, rsp->n_barrier_done); smp_mb(); /* Keep increment before caller's subsequent code. */ -@@ -3532,7 +3532,7 @@ rcu_boot_init_percpu_data(int cpu, struct rcu_state *rsp) +@@ -3732,7 +3732,7 @@ rcu_boot_init_percpu_data(int cpu, struct rcu_state *rsp) rdp->grpmask = 1UL << (cpu - rdp->mynode->grplo); rdp->dynticks = &per_cpu(rcu_dynticks, cpu); WARN_ON_ONCE(rdp->dynticks->dynticks_nesting != DYNTICK_TASK_EXIT_IDLE); @@ -101001,8 +101407,8 @@ index 48d640c..9401d30 100644 rdp->cpu = cpu; rdp->rsp = rsp; rcu_boot_init_nocb_percpu_data(rdp); -@@ -3565,8 +3565,8 @@ rcu_init_percpu_data(int cpu, struct rcu_state *rsp) - init_callback_list(rdp); /* Re-enable callbacks on this CPU. */ +@@ -3763,8 +3763,8 @@ rcu_init_percpu_data(int cpu, struct rcu_state *rsp) + init_callback_list(rdp); /* Re-enable callbacks on this CPU. */ rdp->dynticks->dynticks_nesting = DYNTICK_TASK_EXIT_IDLE; rcu_sysidle_init_percpu_data(rdp->dynticks); - atomic_set(&rdp->dynticks->dynticks, @@ -101011,9 +101417,9 @@ index 48d640c..9401d30 100644 + (atomic_read_unchecked(&rdp->dynticks->dynticks) & ~0x1) + 1); raw_spin_unlock(&rnp->lock); /* irqs remain disabled. */ - /* Add CPU to rcu_node bitmasks. */ + /* diff --git a/kernel/rcu/tree.h b/kernel/rcu/tree.h -index 119de39..f07d31a 100644 +index a69d3da..51993c4 100644 --- a/kernel/rcu/tree.h +++ b/kernel/rcu/tree.h @@ -86,11 +86,11 @@ struct rcu_dynticks { @@ -101030,7 +101436,7 @@ index 119de39..f07d31a 100644 /* "Idle" excludes userspace execution. */ unsigned long dynticks_idle_jiffies; /* End of last non-NMI non-idle period. */ -@@ -457,17 +457,17 @@ struct rcu_state { +@@ -463,17 +463,17 @@ struct rcu_state { /* _rcu_barrier(). */ /* End of fields guarded by barrier_mutex. */ @@ -101060,10 +101466,10 @@ index 119de39..f07d31a 100644 unsigned long jiffies_force_qs; /* Time at which to invoke */ /* force_quiescent_state(). */ diff --git a/kernel/rcu/tree_plugin.h b/kernel/rcu/tree_plugin.h -index 0a571e9..fbfd611 100644 +index 8c0ec0f..99d52c5 100644 --- a/kernel/rcu/tree_plugin.h +++ b/kernel/rcu/tree_plugin.h -@@ -619,7 +619,7 @@ static int rcu_preempted_readers_exp(struct rcu_node *rnp) +@@ -570,7 +570,7 @@ static int rcu_preempted_readers_exp(struct rcu_node *rnp) static int sync_rcu_preempt_exp_done(struct rcu_node *rnp) { return !rcu_preempted_readers_exp(rnp) && @@ -101081,7 +101487,7 @@ index 0a571e9..fbfd611 100644 sync_rcu_preempt_exp_count + 1; unlock_mb_ret: mutex_unlock(&sync_rcu_preempt_exp_mutex); -@@ -1290,7 +1290,7 @@ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu) +@@ -1286,7 +1286,7 @@ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu) free_cpumask_var(cm); } @@ -101090,7 +101496,7 @@ index 0a571e9..fbfd611 100644 .store = &rcu_cpu_kthread_task, .thread_should_run = rcu_cpu_kthread_should_run, .thread_fn = rcu_cpu_kthread, -@@ -1761,7 +1761,7 @@ static void print_cpu_stall_info(struct rcu_state *rsp, int cpu) +@@ -1757,7 +1757,7 @@ static void print_cpu_stall_info(struct rcu_state *rsp, int cpu) print_cpu_stall_fast_no_hz(fast_no_hz, cpu); pr_err("\t%d: (%lu %s) idle=%03x/%llx/%d softirq=%u/%u fqs=%ld %s\n", cpu, ticks_value, ticks_title, @@ -101099,7 +101505,7 @@ index 0a571e9..fbfd611 100644 rdtp->dynticks_nesting, rdtp->dynticks_nmi_nesting, rdp->softirq_snap, kstat_softirqs_cpu(RCU_SOFTIRQ, cpu), ACCESS_ONCE(rsp->n_force_qs) - rsp->n_force_qs_gpstart, -@@ -1906,7 +1906,7 @@ static void wake_nocb_leader(struct rcu_data *rdp, bool force) +@@ -1902,7 +1902,7 @@ static void wake_nocb_leader(struct rcu_data *rdp, bool force) return; if (ACCESS_ONCE(rdp_leader->nocb_leader_sleep) || force) { /* Prior smp_mb__after_atomic() orders against prior enqueue. */ @@ -101108,7 +101514,7 @@ index 0a571e9..fbfd611 100644 wake_up(&rdp_leader->nocb_wq); } } -@@ -1978,7 +1978,7 @@ static void __call_rcu_nocb_enqueue(struct rcu_data *rdp, +@@ -1975,7 +1975,7 @@ static void __call_rcu_nocb_enqueue(struct rcu_data *rdp, atomic_long_add(rhcount, &rdp->nocb_q_count); /* rcu_barrier() relies on ->nocb_q_count add before xchg. */ old_rhpp = xchg(&rdp->nocb_tail, rhtp); @@ -101117,7 +101523,7 @@ index 0a571e9..fbfd611 100644 atomic_long_add(rhcount_lazy, &rdp->nocb_q_count_lazy); smp_mb__after_atomic(); /* Store *old_rhpp before _wake test. */ -@@ -2167,7 +2167,7 @@ wait_again: +@@ -2164,7 +2164,7 @@ wait_again: continue; /* No CBs here, try next follower. */ /* Move callbacks to wait-for-GP list, which is empty. */ @@ -101126,7 +101532,7 @@ index 0a571e9..fbfd611 100644 rdp->nocb_gp_tail = xchg(&rdp->nocb_tail, &rdp->nocb_head); gotcbs = true; } -@@ -2288,7 +2288,7 @@ static int rcu_nocb_kthread(void *arg) +@@ -2285,7 +2285,7 @@ static int rcu_nocb_kthread(void *arg) list = ACCESS_ONCE(rdp->nocb_follower_head); BUG_ON(!list); trace_rcu_nocb_wake(rdp->rsp->name, rdp->cpu, "WokeNonEmpty"); @@ -101135,7 +101541,7 @@ index 0a571e9..fbfd611 100644 tail = xchg(&rdp->nocb_follower_tail, &rdp->nocb_follower_head); /* Each pass through the following loop invokes a callback. */ -@@ -2338,7 +2338,7 @@ static void do_nocb_deferred_wakeup(struct rcu_data *rdp) +@@ -2335,7 +2335,7 @@ static void do_nocb_deferred_wakeup(struct rcu_data *rdp) if (!rcu_nocb_need_deferred_wakeup(rdp)) return; ndw = ACCESS_ONCE(rdp->nocb_defer_wakeup); @@ -101144,7 +101550,7 @@ index 0a571e9..fbfd611 100644 wake_nocb_leader(rdp, ndw == RCU_NOGP_WAKE_FORCE); trace_rcu_nocb_wake(rdp->rsp->name, rdp->cpu, TPS("DeferredWake")); } -@@ -2461,7 +2461,7 @@ static void rcu_spawn_one_nocb_kthread(struct rcu_state *rsp, int cpu) +@@ -2448,7 +2448,7 @@ static void rcu_spawn_one_nocb_kthread(struct rcu_state *rsp, int cpu) t = kthread_run(rcu_nocb_kthread, rdp_spawn, "rcuo%c/%d", rsp->abbr, cpu); BUG_ON(IS_ERR(t)); @@ -101153,7 +101559,7 @@ index 0a571e9..fbfd611 100644 } /* -@@ -2666,11 +2666,11 @@ static void rcu_sysidle_enter(int irq) +@@ -2663,11 +2663,11 @@ static void rcu_sysidle_enter(int irq) /* Record start of fully idle period. */ j = jiffies; @@ -101168,7 +101574,7 @@ index 0a571e9..fbfd611 100644 } /* -@@ -2741,9 +2741,9 @@ static void rcu_sysidle_exit(int irq) +@@ -2738,9 +2738,9 @@ static void rcu_sysidle_exit(int irq) /* Record end of idle period. */ smp_mb__before_atomic(); @@ -101180,8 +101586,8 @@ index 0a571e9..fbfd611 100644 /* * If we are the timekeeping CPU, we are permitted to be non-idle -@@ -2788,7 +2788,7 @@ static void rcu_sysidle_check_cpu(struct rcu_data *rdp, bool *isidle, - WARN_ON_ONCE(smp_processor_id() != tick_do_timer_cpu); +@@ -2786,7 +2786,7 @@ static void rcu_sysidle_check_cpu(struct rcu_data *rdp, bool *isidle, + WARN_ON_ONCE(smp_processor_id() != tick_do_timer_cpu); /* Pick up current idle and NMI-nesting counter and check. */ - cur = atomic_read(&rdtp->dynticks_idle); @@ -101189,7 +101595,7 @@ index 0a571e9..fbfd611 100644 if (cur & 0x1) { *isidle = false; /* We are not idle! */ return; -@@ -2837,7 +2837,7 @@ static void rcu_sysidle(unsigned long j) +@@ -2835,7 +2835,7 @@ static void rcu_sysidle(unsigned long j) case RCU_SYSIDLE_NOT: /* First time all are idle, so note a short idle period. */ @@ -101198,7 +101604,7 @@ index 0a571e9..fbfd611 100644 break; case RCU_SYSIDLE_SHORT: -@@ -2875,7 +2875,7 @@ static void rcu_sysidle_cancel(void) +@@ -2873,7 +2873,7 @@ static void rcu_sysidle_cancel(void) { smp_mb(); if (full_sysidle_state > RCU_SYSIDLE_SHORT) @@ -101207,7 +101613,7 @@ index 0a571e9..fbfd611 100644 } /* -@@ -2927,7 +2927,7 @@ static void rcu_sysidle_cb(struct rcu_head *rhp) +@@ -2925,7 +2925,7 @@ static void rcu_sysidle_cb(struct rcu_head *rhp) smp_mb(); /* grace period precedes setting inuse. */ rshp = container_of(rhp, struct rcu_sysidle_head, rh); @@ -101216,7 +101622,7 @@ index 0a571e9..fbfd611 100644 } /* -@@ -3080,7 +3080,7 @@ static void rcu_bind_gp_kthread(void) +@@ -3077,7 +3077,7 @@ static void rcu_bind_gp_kthread(void) static void rcu_dynticks_task_enter(void) { #if defined(CONFIG_TASKS_RCU) && defined(CONFIG_NO_HZ_FULL) @@ -101225,7 +101631,7 @@ index 0a571e9..fbfd611 100644 #endif /* #if defined(CONFIG_TASKS_RCU) && defined(CONFIG_NO_HZ_FULL) */ } -@@ -3088,6 +3088,6 @@ static void rcu_dynticks_task_enter(void) +@@ -3085,6 +3085,6 @@ static void rcu_dynticks_task_enter(void) static void rcu_dynticks_task_exit(void) { #if defined(CONFIG_TASKS_RCU) && defined(CONFIG_NO_HZ_FULL) @@ -101234,7 +101640,7 @@ index 0a571e9..fbfd611 100644 #endif /* #if defined(CONFIG_TASKS_RCU) && defined(CONFIG_NO_HZ_FULL) */ } diff --git a/kernel/rcu/tree_trace.c b/kernel/rcu/tree_trace.c -index fbb6240..f6c5097 100644 +index f92361e..0052f88 100644 --- a/kernel/rcu/tree_trace.c +++ b/kernel/rcu/tree_trace.c @@ -125,7 +125,7 @@ static void print_one_rcu_data(struct seq_file *m, struct rcu_data *rdp) @@ -101275,10 +101681,10 @@ index fbb6240..f6c5097 100644 } diff --git a/kernel/rcu/update.c b/kernel/rcu/update.c -index e0d31a3..f4dafe3 100644 +index 1f13335..77ebb7f 100644 --- a/kernel/rcu/update.c +++ b/kernel/rcu/update.c -@@ -342,10 +342,10 @@ int rcu_jiffies_till_stall_check(void) +@@ -396,10 +396,10 @@ int rcu_jiffies_till_stall_check(void) * for CONFIG_RCU_CPU_STALL_TIMEOUT. */ if (till_stall_check < 3) { @@ -101291,7 +101697,7 @@ index e0d31a3..f4dafe3 100644 till_stall_check = 300; } return till_stall_check * HZ + RCU_STALL_DELAY_DELTA; -@@ -501,7 +501,7 @@ static void check_holdout_task(struct task_struct *t, +@@ -555,7 +555,7 @@ static void check_holdout_task(struct task_struct *t, !ACCESS_ONCE(t->on_rq) || (IS_ENABLED(CONFIG_NO_HZ_FULL) && !is_idle_task(t) && t->rcu_tasks_idle_cpu >= 0)) { @@ -101300,7 +101706,7 @@ index e0d31a3..f4dafe3 100644 list_del_init(&t->rcu_tasks_holdout_list); put_task_struct(t); return; -@@ -589,7 +589,7 @@ static int __noreturn rcu_tasks_kthread(void *arg) +@@ -643,7 +643,7 @@ static int __noreturn rcu_tasks_kthread(void *arg) !is_idle_task(t)) { get_task_struct(t); t->rcu_tasks_nvcsw = ACCESS_ONCE(t->nvcsw); @@ -101309,7 +101715,7 @@ index e0d31a3..f4dafe3 100644 list_add(&t->rcu_tasks_holdout_list, &rcu_tasks_holdouts); } -@@ -686,7 +686,7 @@ static void rcu_spawn_tasks_kthread(void) +@@ -740,7 +740,7 @@ static void rcu_spawn_tasks_kthread(void) t = kthread_run(rcu_tasks_kthread, NULL, "rcu_tasks_kthread"); BUG_ON(IS_ERR(t)); smp_mb(); /* Ensure others see full kthread. */ @@ -101319,7 +101725,7 @@ index e0d31a3..f4dafe3 100644 } diff --git a/kernel/resource.c b/kernel/resource.c -index 19f2357..ebe7f35 100644 +index 90552aa..8c02098 100644 --- a/kernel/resource.c +++ b/kernel/resource.c @@ -162,8 +162,18 @@ static const struct file_operations proc_iomem_operations = { @@ -101395,10 +101801,10 @@ index 8d0f35d..c16360d 100644 unsigned long timeout) { diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index f4da2cb..e44587b 100644 +index 1236732..df281d6 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c -@@ -1862,7 +1862,7 @@ void set_numabalancing_state(bool enabled) +@@ -1867,7 +1867,7 @@ void set_numabalancing_state(bool enabled) int sysctl_numa_balancing(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -101407,7 +101813,7 @@ index f4da2cb..e44587b 100644 int err; int state = numabalancing_enabled; -@@ -2312,8 +2312,10 @@ context_switch(struct rq *rq, struct task_struct *prev, +@@ -2317,8 +2317,10 @@ context_switch(struct rq *rq, struct task_struct *prev, next->active_mm = oldmm; atomic_inc(&oldmm->mm_count); enter_lazy_tlb(oldmm, next); @@ -101419,7 +101825,7 @@ index f4da2cb..e44587b 100644 if (!prev->mm) { prev->active_mm = NULL; -@@ -3124,6 +3126,8 @@ int can_nice(const struct task_struct *p, const int nice) +@@ -3129,6 +3131,8 @@ int can_nice(const struct task_struct *p, const int nice) /* convert nice value [19,-20] to rlimit style value [1,40] */ int nice_rlim = nice_to_rlimit(nice); @@ -101428,7 +101834,7 @@ index f4da2cb..e44587b 100644 return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || capable(CAP_SYS_NICE)); } -@@ -3150,7 +3154,8 @@ SYSCALL_DEFINE1(nice, int, increment) +@@ -3155,7 +3159,8 @@ SYSCALL_DEFINE1(nice, int, increment) nice = task_nice(current) + increment; nice = clamp_val(nice, MIN_NICE, MAX_NICE); @@ -101438,7 +101844,7 @@ index f4da2cb..e44587b 100644 return -EPERM; retval = security_task_setnice(current, nice); -@@ -3462,6 +3467,7 @@ recheck: +@@ -3467,6 +3472,7 @@ recheck: if (policy != p->policy && !rlim_rtprio) return -EPERM; @@ -101446,7 +101852,7 @@ index f4da2cb..e44587b 100644 /* can't increase priority */ if (attr->sched_priority > p->rt_priority && attr->sched_priority > rlim_rtprio) -@@ -4945,6 +4951,7 @@ void idle_task_exit(void) +@@ -4950,6 +4956,7 @@ void idle_task_exit(void) if (mm != &init_mm) { switch_mm(mm, &init_mm, current); @@ -101454,7 +101860,7 @@ index f4da2cb..e44587b 100644 finish_arch_post_lock_switch(); } mmdrop(mm); -@@ -5040,7 +5047,7 @@ static void migrate_tasks(unsigned int dead_cpu) +@@ -5045,7 +5052,7 @@ static void migrate_tasks(unsigned int dead_cpu) #if defined(CONFIG_SCHED_DEBUG) && defined(CONFIG_SYSCTL) @@ -101463,7 +101869,7 @@ index f4da2cb..e44587b 100644 { .procname = "sched_domain", .mode = 0555, -@@ -5057,17 +5064,17 @@ static struct ctl_table sd_ctl_root[] = { +@@ -5062,17 +5069,17 @@ static struct ctl_table sd_ctl_root[] = { {} }; @@ -101485,7 +101891,7 @@ index f4da2cb..e44587b 100644 /* * In the intermediate directories, both the child directory and -@@ -5075,22 +5082,25 @@ static void sd_free_ctl_entry(struct ctl_table **tablep) +@@ -5080,22 +5087,25 @@ static void sd_free_ctl_entry(struct ctl_table **tablep) * will always be set. In the lowest directory the names are * static strings and all have proc handlers. */ @@ -101517,7 +101923,7 @@ index f4da2cb..e44587b 100644 const char *procname, void *data, int maxlen, umode_t mode, proc_handler *proc_handler, bool load_idx) -@@ -5110,7 +5120,7 @@ set_table_entry(struct ctl_table *entry, +@@ -5115,7 +5125,7 @@ set_table_entry(struct ctl_table *entry, static struct ctl_table * sd_alloc_ctl_domain_table(struct sched_domain *sd) { @@ -101526,7 +101932,7 @@ index f4da2cb..e44587b 100644 if (table == NULL) return NULL; -@@ -5148,9 +5158,9 @@ sd_alloc_ctl_domain_table(struct sched_domain *sd) +@@ -5153,9 +5163,9 @@ sd_alloc_ctl_domain_table(struct sched_domain *sd) return table; } @@ -101538,7 +101944,7 @@ index f4da2cb..e44587b 100644 struct sched_domain *sd; int domain_num = 0, i; char buf[32]; -@@ -5177,11 +5187,13 @@ static struct ctl_table_header *sd_sysctl_header; +@@ -5182,11 +5192,13 @@ static struct ctl_table_header *sd_sysctl_header; static void register_sched_domain_sysctl(void) { int i, cpu_num = num_possible_cpus(); @@ -101553,7 +101959,7 @@ index f4da2cb..e44587b 100644 if (entry == NULL) return; -@@ -5204,8 +5216,12 @@ static void unregister_sched_domain_sysctl(void) +@@ -5209,8 +5221,12 @@ static void unregister_sched_domain_sysctl(void) if (sd_sysctl_header) unregister_sysctl_table(sd_sysctl_header); sd_sysctl_header = NULL; @@ -101569,10 +101975,10 @@ index f4da2cb..e44587b 100644 #else static void register_sched_domain_sysctl(void) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c -index 486d00c..62f3f6e 100644 +index c2980e8..4737a6d 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c -@@ -2092,7 +2092,7 @@ void task_numa_fault(int last_cpupid, int mem_node, int pages, int flags) +@@ -2107,7 +2107,7 @@ void task_numa_fault(int last_cpupid, int mem_node, int pages, int flags) static void reset_ptenuma_scan(struct task_struct *p) { @@ -101581,7 +101987,7 @@ index 486d00c..62f3f6e 100644 p->mm->numa_scan_offset = 0; } -@@ -7656,7 +7656,7 @@ static void nohz_idle_balance(struct rq *this_rq, enum cpu_idle_type idle) { } +@@ -7753,7 +7753,7 @@ static void nohz_idle_balance(struct rq *this_rq, enum cpu_idle_type idle) { } * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ @@ -101591,10 +101997,10 @@ index 486d00c..62f3f6e 100644 struct rq *this_rq = this_rq(); enum cpu_idle_type idle = this_rq->idle_balance ? diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h -index dc0f435..ae2e085 100644 +index e0e1299..e1e896b 100644 --- a/kernel/sched/sched.h +++ b/kernel/sched/sched.h -@@ -1200,7 +1200,7 @@ struct sched_class { +@@ -1219,7 +1219,7 @@ struct sched_class { #ifdef CONFIG_FAIR_GROUP_SCHED void (*task_move_group) (struct task_struct *p, int on_rq); #endif @@ -101604,7 +102010,7 @@ index dc0f435..ae2e085 100644 static inline void put_prev_task(struct rq *rq, struct task_struct *prev) { diff --git a/kernel/signal.c b/kernel/signal.c -index a390499..ebe9a21 100644 +index d51c5dd..065c4c8 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -53,12 +53,12 @@ static struct kmem_cache *sigqueue_cachep; @@ -101730,7 +102136,7 @@ index a390499..ebe9a21 100644 if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) { error = check_kill_permission(sig, info, p); /* -@@ -3248,8 +3279,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, +@@ -3244,8 +3275,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, } seg = get_fs(); set_fs(KERNEL_DS); @@ -101742,10 +102148,10 @@ index a390499..ebe9a21 100644 set_fs(seg); if (ret >= 0 && uoss_ptr) { diff --git a/kernel/smpboot.c b/kernel/smpboot.c -index 40190f2..8861d40 100644 +index c697f73..4ef1c25 100644 --- a/kernel/smpboot.c +++ b/kernel/smpboot.c -@@ -290,7 +290,7 @@ int smpboot_register_percpu_thread(struct smp_hotplug_thread *plug_thread) +@@ -291,7 +291,7 @@ int smpboot_register_percpu_thread(struct smp_hotplug_thread *plug_thread) } smpboot_unpark_thread(plug_thread, cpu); } @@ -101754,7 +102160,7 @@ index 40190f2..8861d40 100644 out: mutex_unlock(&smpboot_threads_lock); put_online_cpus(); -@@ -308,7 +308,7 @@ void smpboot_unregister_percpu_thread(struct smp_hotplug_thread *plug_thread) +@@ -309,7 +309,7 @@ void smpboot_unregister_percpu_thread(struct smp_hotplug_thread *plug_thread) { get_online_cpus(); mutex_lock(&smpboot_threads_lock); @@ -101822,7 +102228,7 @@ index 479e443..66d845e1 100644 .thread_should_run = ksoftirqd_should_run, .thread_fn = run_ksoftirqd, diff --git a/kernel/sys.c b/kernel/sys.c -index a03d9cd..55dbe9c 100644 +index a4e372b..766810e 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -160,6 +160,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) @@ -101838,7 +102244,7 @@ index a03d9cd..55dbe9c 100644 no_nice = security_task_setnice(p, niceval); if (no_nice) { error = no_nice; -@@ -365,6 +371,20 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) +@@ -366,6 +372,20 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) goto error; } @@ -101859,7 +102265,7 @@ index a03d9cd..55dbe9c 100644 if (rgid != (gid_t) -1 || (egid != (gid_t) -1 && !gid_eq(kegid, old->gid))) new->sgid = new->egid; -@@ -400,6 +420,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) +@@ -401,6 +421,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) old = current_cred(); retval = -EPERM; @@ -101870,7 +102276,7 @@ index a03d9cd..55dbe9c 100644 if (ns_capable(old->user_ns, CAP_SETGID)) new->gid = new->egid = new->sgid = new->fsgid = kgid; else if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->sgid)) -@@ -417,7 +441,7 @@ error: +@@ -418,7 +442,7 @@ error: /* * change the user struct in a credentials set to match the new UID */ @@ -101879,7 +102285,7 @@ index a03d9cd..55dbe9c 100644 { struct user_struct *new_user; -@@ -497,7 +521,18 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) +@@ -498,7 +522,18 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) goto error; } @@ -101898,7 +102304,7 @@ index a03d9cd..55dbe9c 100644 retval = set_user(new); if (retval < 0) goto error; -@@ -547,6 +582,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) +@@ -548,6 +583,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) old = current_cred(); retval = -EPERM; @@ -101911,7 +102317,7 @@ index a03d9cd..55dbe9c 100644 if (ns_capable(old->user_ns, CAP_SETUID)) { new->suid = new->uid = kuid; if (!uid_eq(kuid, old->uid)) { -@@ -616,6 +657,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) +@@ -617,6 +658,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) goto error; } @@ -101921,7 +102327,7 @@ index a03d9cd..55dbe9c 100644 if (ruid != (uid_t) -1) { new->uid = kruid; if (!uid_eq(kruid, old->uid)) { -@@ -700,6 +744,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) +@@ -701,6 +745,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) goto error; } @@ -101931,7 +102337,7 @@ index a03d9cd..55dbe9c 100644 if (rgid != (gid_t) -1) new->gid = krgid; if (egid != (gid_t) -1) -@@ -764,12 +811,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) +@@ -765,12 +812,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) uid_eq(kuid, old->suid) || uid_eq(kuid, old->fsuid) || ns_capable(old->user_ns, CAP_SETUID)) { if (!uid_eq(kuid, old->fsuid)) { @@ -101948,7 +102354,7 @@ index a03d9cd..55dbe9c 100644 abort_creds(new); return old_fsuid; -@@ -802,12 +853,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) +@@ -803,12 +854,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->egid) || gid_eq(kgid, old->sgid) || gid_eq(kgid, old->fsgid) || ns_capable(old->user_ns, CAP_SETGID)) { @@ -101965,7 +102371,7 @@ index a03d9cd..55dbe9c 100644 abort_creds(new); return old_fsgid; -@@ -1185,19 +1240,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) +@@ -1187,19 +1242,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) return -EFAULT; down_read(&uts_sem); @@ -101990,7 +102396,7 @@ index a03d9cd..55dbe9c 100644 __OLD_UTS_LEN); error |= __put_user(0, name->machine + __OLD_UTS_LEN); up_read(&uts_sem); -@@ -1398,6 +1453,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, +@@ -1400,6 +1455,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, */ new_rlim->rlim_cur = 1; } @@ -102005,18 +102411,22 @@ index a03d9cd..55dbe9c 100644 if (!retval) { if (old_rlim) diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index ce410bb..cd276f0 100644 +index c3eee4c..bcfd2c0 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -94,7 +94,6 @@ - + #endif #if defined(CONFIG_SYSCTL) - /* External variables not in a header file. */ - extern int max_threads; extern int suid_dumpable; -@@ -115,19 +114,20 @@ extern int sysctl_nr_trim_pages; + #ifdef CONFIG_COREDUMP +@@ -111,22 +110,24 @@ extern int sysctl_nr_open_min, sysctl_nr_open_max; + #ifndef CONFIG_MMU + extern int sysctl_nr_trim_pages; + #endif ++extern int sysctl_modify_ldt; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -102046,18 +102456,19 @@ index ce410bb..cd276f0 100644 #endif /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ -@@ -181,10 +181,8 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -180,10 +181,8 @@ static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -#endif static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -@@ -215,6 +213,8 @@ static int sysrq_sysctl_handler(struct ctl_table *table, int write, +@@ -214,6 +213,8 @@ static int sysrq_sysctl_handler(struct ctl_table *table, int write, #endif @@ -102066,7 +102477,7 @@ index ce410bb..cd276f0 100644 static struct ctl_table kern_table[]; static struct ctl_table vm_table[]; static struct ctl_table fs_table[]; -@@ -229,6 +229,20 @@ extern struct ctl_table epoll_table[]; +@@ -228,6 +229,20 @@ extern struct ctl_table epoll_table[]; int sysctl_legacy_va_layout; #endif @@ -102087,7 +102498,7 @@ index ce410bb..cd276f0 100644 /* The default sysctl tables: */ static struct ctl_table sysctl_base_table[] = { -@@ -277,6 +291,22 @@ static int max_extfrag_threshold = 1000; +@@ -276,6 +291,22 @@ static int max_extfrag_threshold = 1000; #endif static struct ctl_table kern_table[] = { @@ -102110,7 +102521,7 @@ index ce410bb..cd276f0 100644 { .procname = "sched_child_runs_first", .data = &sysctl_sched_child_runs_first, -@@ -649,7 +679,7 @@ static struct ctl_table kern_table[] = { +@@ -648,7 +679,7 @@ static struct ctl_table kern_table[] = { .data = &modprobe_path, .maxlen = KMOD_PATH_LEN, .mode = 0644, @@ -102119,7 +102530,21 @@ index ce410bb..cd276f0 100644 }, { .procname = "modules_disabled", -@@ -816,16 +846,20 @@ static struct ctl_table kern_table[] = { +@@ -656,7 +687,7 @@ static struct ctl_table kern_table[] = { + .maxlen = sizeof(int), + .mode = 0644, + /* only handle a transition from default "0" to "1" */ +- .proc_handler = proc_dointvec_minmax, ++ .proc_handler = proc_dointvec_minmax_secure, + .extra1 = &one, + .extra2 = &one, + }, +@@ -811,20 +842,24 @@ static struct ctl_table kern_table[] = { + .data = &dmesg_restrict, + .maxlen = sizeof(int), + .mode = 0644, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, .extra1 = &zero, .extra2 = &one, }, @@ -102129,7 +102554,8 @@ index ce410bb..cd276f0 100644 .data = &kptr_restrict, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_minmax_sysadmin, +- .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, +#ifdef CONFIG_GRKERNSEC_HIDESYM + .extra1 = &two, +#else @@ -102141,7 +102567,23 @@ index ce410bb..cd276f0 100644 { .procname = "ngroups_max", .data = &ngroups_max, -@@ -1072,10 +1106,17 @@ static struct ctl_table kern_table[] = { +@@ -962,6 +997,15 @@ static struct ctl_table kern_table[] = { + .mode = 0644, + .proc_handler = proc_dointvec, + }, ++ { ++ .procname = "modify_ldt", ++ .data = &sysctl_modify_ldt, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, ++ .extra1 = &zero, ++ .extra2 = &one, ++ }, + #endif + #if defined(CONFIG_MMU) + { +@@ -1084,10 +1128,17 @@ static struct ctl_table kern_table[] = { */ { .procname = "perf_event_paranoid", @@ -102152,7 +102594,7 @@ index ce410bb..cd276f0 100644 .mode = 0644, - .proc_handler = proc_dointvec, + /* go ahead, be a hero */ -+ .proc_handler = proc_dointvec_minmax_sysadmin, ++ .proc_handler = proc_dointvec_minmax_secure_sysadmin, + .extra1 = &neg_one, +#ifdef CONFIG_GRKERNSEC_PERF_HARDEN + .extra2 = &three, @@ -102162,7 +102604,7 @@ index ce410bb..cd276f0 100644 }, { .procname = "perf_event_mlock_kb", -@@ -1348,6 +1389,13 @@ static struct ctl_table vm_table[] = { +@@ -1369,6 +1420,13 @@ static struct ctl_table vm_table[] = { .proc_handler = proc_dointvec_minmax, .extra1 = &zero, }, @@ -102176,7 +102618,7 @@ index ce410bb..cd276f0 100644 #else { .procname = "nr_trim_pages", -@@ -1830,6 +1878,16 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -1845,6 +1903,16 @@ int proc_dostring(struct ctl_table *table, int write, (char __user *)buffer, lenp, ppos); } @@ -102193,7 +102635,7 @@ index ce410bb..cd276f0 100644 static size_t proc_skip_spaces(char **buf) { size_t ret; -@@ -1935,6 +1993,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, +@@ -1950,6 +2018,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, len = strlen(tmp); if (len > *size) len = *size; @@ -102202,7 +102644,52 @@ index ce410bb..cd276f0 100644 if (copy_to_user(*buf, tmp, len)) return -EFAULT; *size -= len; -@@ -2112,7 +2172,7 @@ int proc_dointvec(struct ctl_table *table, int write, +@@ -2128,6 +2198,44 @@ int proc_dointvec(struct ctl_table *table, int write, + NULL,NULL); + } + ++static int do_proc_dointvec_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ if (write) { ++ if (*negp) { ++ if (*lvalp > (unsigned long) INT_MAX + 1) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = -*lvalp; ++ pax_close_kernel(); ++ } else { ++ if (*lvalp > (unsigned long) INT_MAX) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = *lvalp; ++ pax_close_kernel(); ++ } ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ ++int proc_dointvec_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ return do_proc_dointvec(table,write,buffer,lenp,ppos, ++ do_proc_dointvec_conv_secure,NULL); ++} ++ + /* + * Taint values can only be increased + * This means we can safely use a temporary. +@@ -2135,7 +2243,7 @@ int proc_dointvec(struct ctl_table *table, int write, static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -102211,23 +102698,77 @@ index ce410bb..cd276f0 100644 unsigned long tmptaint = get_taint(); int err; -@@ -2140,7 +2200,6 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -2163,16 +2271,14 @@ static int proc_taint(struct ctl_table *table, int write, return err; } -#ifdef CONFIG_PRINTK - static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +-static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, ++static int proc_dointvec_minmax_secure_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2149,7 +2208,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, + if (write && !capable(CAP_SYS_ADMIN)) + return -EPERM; - return proc_dointvec_minmax(table, write, buffer, lenp, ppos); +- return proc_dointvec_minmax(table, write, buffer, lenp, ppos); ++ return proc_dointvec_minmax_secure(table, write, buffer, lenp, ppos); } -#endif struct do_proc_dointvec_minmax_conv_param { int *min; -@@ -2709,6 +2767,12 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -2203,6 +2309,32 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, + return 0; + } + ++static int do_proc_dointvec_minmax_conv_secure(bool *negp, unsigned long *lvalp, ++ int *valp, ++ int write, void *data) ++{ ++ struct do_proc_dointvec_minmax_conv_param *param = data; ++ if (write) { ++ int val = *negp ? -*lvalp : *lvalp; ++ if ((param->min && *param->min > val) || ++ (param->max && *param->max < val)) ++ return -EINVAL; ++ pax_open_kernel(); ++ *valp = val; ++ pax_close_kernel(); ++ } else { ++ int val = *valp; ++ if (val < 0) { ++ *negp = true; ++ *lvalp = (unsigned long)-val; ++ } else { ++ *negp = false; ++ *lvalp = (unsigned long)val; ++ } ++ } ++ return 0; ++} ++ + /** + * proc_dointvec_minmax - read a vector of integers with min/max values + * @table: the sysctl table +@@ -2230,6 +2362,17 @@ int proc_dointvec_minmax(struct ctl_table *table, int write, + do_proc_dointvec_minmax_conv, ¶m); + } + ++int proc_dointvec_minmax_secure(struct ctl_table *table, int write, ++ void __user *buffer, size_t *lenp, loff_t *ppos) ++{ ++ struct do_proc_dointvec_minmax_conv_param param = { ++ .min = (int *) table->extra1, ++ .max = (int *) table->extra2, ++ }; ++ return do_proc_dointvec(table, write, buffer, lenp, ppos, ++ do_proc_dointvec_minmax_conv_secure, ¶m); ++} ++ + static void validate_coredump_safety(void) + { + #ifdef CONFIG_COREDUMP +@@ -2732,6 +2875,12 @@ int proc_dostring(struct ctl_table *table, int write, return -ENOSYS; } @@ -102240,7 +102781,7 @@ index ce410bb..cd276f0 100644 int proc_dointvec(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2765,5 +2829,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); +@@ -2788,5 +2937,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); @@ -102288,7 +102829,7 @@ index 1b001ed..55ef9e4 100644 .clock_get = alarm_clock_get, .timer_create = alarm_timer_create, diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c -index 38f586c..14386a7 100644 +index 93ef7190..7c85701 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -1393,7 +1393,7 @@ void hrtimer_peek_ahead_timers(void) @@ -102454,7 +102995,7 @@ index 2c85b77..6530536 100644 update_vsyscall_tz(); if (firsttime) { diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c -index 91db941..a371671 100644 +index 946acb7..1e13c0f 100644 --- a/kernel/time/timekeeping.c +++ b/kernel/time/timekeeping.c @@ -15,6 +15,7 @@ @@ -102465,7 +103006,7 @@ index 91db941..a371671 100644 #include <linux/syscore_ops.h> #include <linux/clocksource.h> #include <linux/jiffies.h> -@@ -802,6 +803,8 @@ int do_settimeofday64(const struct timespec64 *ts) +@@ -915,6 +916,8 @@ int do_settimeofday64(const struct timespec64 *ts) if (!timespec64_valid_strict(ts)) return -EINVAL; @@ -102475,10 +103016,10 @@ index 91db941..a371671 100644 write_seqcount_begin(&tk_core.seq); diff --git a/kernel/time/timer.c b/kernel/time/timer.c -index 2d3f5c5..7ed7dc5 100644 +index 2ece3aa..055a295 100644 --- a/kernel/time/timer.c +++ b/kernel/time/timer.c -@@ -1393,7 +1393,7 @@ void update_process_times(int user_tick) +@@ -1405,7 +1405,7 @@ void update_process_times(int user_tick) /* * This function runs timers and the timer-tq in bottom half context. */ @@ -102487,7 +103028,7 @@ index 2d3f5c5..7ed7dc5 100644 { struct tvec_base *base = __this_cpu_read(tvec_bases); -@@ -1456,7 +1456,7 @@ static void process_timeout(unsigned long __data) +@@ -1468,7 +1468,7 @@ static void process_timeout(unsigned long __data) * * In all cases the return value is guaranteed to be non-negative. */ @@ -102497,7 +103038,7 @@ index 2d3f5c5..7ed7dc5 100644 struct timer_list timer; unsigned long expire; diff --git a/kernel/time/timer_list.c b/kernel/time/timer_list.c -index 61ed862..3b52c65 100644 +index e878c2e..cf1546bb 100644 --- a/kernel/time/timer_list.c +++ b/kernel/time/timer_list.c @@ -45,12 +45,16 @@ DECLARE_PER_CPU(struct hrtimer_cpu_base, hrtimer_bases); @@ -102529,7 +103070,7 @@ index 61ed862..3b52c65 100644 SEQ_printf(m, " .index: %d\n", base->index); SEQ_printf(m, " .resolution: %Lu nsecs\n", -@@ -362,7 +370,11 @@ static int __init init_timer_list_procfs(void) +@@ -388,7 +396,11 @@ static int __init init_timer_list_procfs(void) { struct proc_dir_entry *pe; @@ -102685,10 +103226,10 @@ index 483cecf..ac46091 100644 ret = -EIO; diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c -index 4f22802..bd268b1 100644 +index 02bece4..f9b05af 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c -@@ -2382,12 +2382,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) +@@ -2395,12 +2395,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) if (unlikely(ftrace_disabled)) return 0; @@ -102708,7 +103249,7 @@ index 4f22802..bd268b1 100644 } /* -@@ -4776,8 +4781,10 @@ static int ftrace_process_locs(struct module *mod, +@@ -4789,8 +4794,10 @@ static int ftrace_process_locs(struct module *mod, if (!count) return 0; @@ -102719,7 +103260,7 @@ index 4f22802..bd268b1 100644 start_pg = ftrace_allocate_pages(count); if (!start_pg) -@@ -5653,7 +5660,7 @@ static int alloc_retstack_tasklist(struct ftrace_ret_stack **ret_stack_list) +@@ -5659,7 +5666,7 @@ static int alloc_retstack_tasklist(struct ftrace_ret_stack **ret_stack_list) if (t->ret_stack == NULL) { atomic_set(&t->tracing_graph_pause, 0); @@ -102728,7 +103269,7 @@ index 4f22802..bd268b1 100644 t->curr_ret_stack = -1; /* Make sure the tasks see the -1 first: */ smp_wmb(); -@@ -5876,7 +5883,7 @@ static void +@@ -5882,7 +5889,7 @@ static void graph_init_task(struct task_struct *t, struct ftrace_ret_stack *ret_stack) { atomic_set(&t->tracing_graph_pause, 0); @@ -102738,7 +103279,7 @@ index 4f22802..bd268b1 100644 /* make curr_ret_stack visible before we add the ret_stack */ smp_wmb(); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c -index 922048a..bb71a55 100644 +index 0315d43..2e5e9a2 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -348,9 +348,9 @@ struct buffer_data_page { @@ -102950,7 +103491,7 @@ index 922048a..bb71a55 100644 return NULL; } #endif -@@ -2901,7 +2901,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, +@@ -2898,7 +2898,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, /* Do the likely case first */ if (likely(bpage->page == (void *)addr)) { @@ -102959,7 +103500,7 @@ index 922048a..bb71a55 100644 return; } -@@ -2913,7 +2913,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, +@@ -2910,7 +2910,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, start = bpage; do { if (bpage->page == (void *)addr) { @@ -102968,7 +103509,7 @@ index 922048a..bb71a55 100644 return; } rb_inc_page(cpu_buffer, &bpage); -@@ -3197,7 +3197,7 @@ static inline unsigned long +@@ -3194,7 +3194,7 @@ static inline unsigned long rb_num_of_entries(struct ring_buffer_per_cpu *cpu_buffer) { return local_read(&cpu_buffer->entries) - @@ -102977,7 +103518,7 @@ index 922048a..bb71a55 100644 } /** -@@ -3286,7 +3286,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu) +@@ -3283,7 +3283,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu) return 0; cpu_buffer = buffer->buffers[cpu]; @@ -102986,7 +103527,7 @@ index 922048a..bb71a55 100644 return ret; } -@@ -3309,7 +3309,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu) +@@ -3306,7 +3306,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu) return 0; cpu_buffer = buffer->buffers[cpu]; @@ -102995,7 +103536,7 @@ index 922048a..bb71a55 100644 return ret; } -@@ -3331,7 +3331,7 @@ ring_buffer_dropped_events_cpu(struct ring_buffer *buffer, int cpu) +@@ -3328,7 +3328,7 @@ ring_buffer_dropped_events_cpu(struct ring_buffer *buffer, int cpu) return 0; cpu_buffer = buffer->buffers[cpu]; @@ -103004,7 +103545,7 @@ index 922048a..bb71a55 100644 return ret; } -@@ -3394,7 +3394,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer) +@@ -3391,7 +3391,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer) /* if you care about this being correct, lock the buffer */ for_each_buffer_cpu(buffer, cpu) { cpu_buffer = buffer->buffers[cpu]; @@ -103013,7 +103554,7 @@ index 922048a..bb71a55 100644 } return overruns; -@@ -3565,8 +3565,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) +@@ -3562,8 +3562,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) /* * Reset the reader page to size zero. */ @@ -103024,7 +103565,7 @@ index 922048a..bb71a55 100644 local_set(&cpu_buffer->reader_page->page->commit, 0); cpu_buffer->reader_page->real_end = 0; -@@ -3600,7 +3600,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) +@@ -3597,7 +3597,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) * want to compare with the last_overrun. */ smp_mb(); @@ -103033,7 +103574,7 @@ index 922048a..bb71a55 100644 /* * Here's the tricky part. -@@ -4172,8 +4172,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) +@@ -4169,8 +4169,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) cpu_buffer->head_page = list_entry(cpu_buffer->pages, struct buffer_page, list); @@ -103044,7 +103585,7 @@ index 922048a..bb71a55 100644 local_set(&cpu_buffer->head_page->page->commit, 0); cpu_buffer->head_page->read = 0; -@@ -4183,18 +4183,18 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) +@@ -4180,18 +4180,18 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) INIT_LIST_HEAD(&cpu_buffer->reader_page->list); INIT_LIST_HEAD(&cpu_buffer->new_pages); @@ -103069,7 +103610,7 @@ index 922048a..bb71a55 100644 cpu_buffer->read = 0; cpu_buffer->read_bytes = 0; -@@ -4595,8 +4595,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer, +@@ -4592,8 +4592,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer, rb_init_page(bpage); bpage = reader->page; reader->page = *data_page; @@ -103081,10 +103622,10 @@ index 922048a..bb71a55 100644 *data_page = bpage; diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c -index 62c6506..5c25989 100644 +index 0533049..85e27f0 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c -@@ -3500,7 +3500,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) +@@ -3538,7 +3538,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) return 0; } @@ -103094,7 +103635,7 @@ index 62c6506..5c25989 100644 /* do nothing if flag is already set */ if (!!(trace_flags & mask) == !!enabled) diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h -index dd8205a..1aae87a 100644 +index d261201..da10429 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h @@ -1271,7 +1271,7 @@ extern const char *__stop___tracepoint_str[]; @@ -103127,10 +103668,10 @@ index 57b67b1..66082a9 100644 + return atomic64_inc_return_unchecked(&trace_counter); } diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c -index a9c10a3..1864f6b 100644 +index c4de47f..5f134b8 100644 --- a/kernel/trace/trace_events.c +++ b/kernel/trace/trace_events.c -@@ -1762,7 +1762,6 @@ __trace_early_add_new_event(struct ftrace_event_call *call, +@@ -1887,7 +1887,6 @@ __trace_early_add_new_event(struct ftrace_event_call *call, return 0; } @@ -103163,10 +103704,10 @@ index 7f2e97c..085a257 100644 ps->infix.tail++; } diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c -index b6fce36..d9f11a3 100644 +index a51e796..1f32ebd 100644 --- a/kernel/trace/trace_functions_graph.c +++ b/kernel/trace/trace_functions_graph.c -@@ -133,7 +133,7 @@ ftrace_push_return_trace(unsigned long ret, unsigned long func, int *depth, +@@ -132,7 +132,7 @@ ftrace_push_return_trace(unsigned long ret, unsigned long func, int *depth, /* The return trace stack is full */ if (current->curr_ret_stack == FTRACE_RETFUNC_DEPTH - 1) { @@ -103175,7 +103716,7 @@ index b6fce36..d9f11a3 100644 return -EBUSY; } -@@ -230,7 +230,7 @@ ftrace_pop_return_trace(struct ftrace_graph_ret *trace, unsigned long *ret, +@@ -229,7 +229,7 @@ ftrace_pop_return_trace(struct ftrace_graph_ret *trace, unsigned long *ret, *ret = current->ret_stack[index].ret; trace->func = current->ret_stack[index].func; trace->calltime = current->ret_stack[index].calltime; @@ -103225,10 +103766,10 @@ index 7a9ba62..2e0e4a1 100644 } entry = ring_buffer_event_data(event); diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c -index 692bf71..6d9a9cd 100644 +index 25a086b..a918131 100644 --- a/kernel/trace/trace_output.c +++ b/kernel/trace/trace_output.c -@@ -751,14 +751,16 @@ int register_ftrace_event(struct trace_event *event) +@@ -752,14 +752,16 @@ int register_ftrace_event(struct trace_event *event) goto out; } @@ -103263,7 +103804,7 @@ index e694c9f..6775a38 100644 if (unlikely(seq_buf_has_overflowed(&s->seq))) { s->seq.len = save_len; diff --git a/kernel/trace/trace_stack.c b/kernel/trace/trace_stack.c -index c3e4fcf..ef6cc43 100644 +index 3f34496..0492d95 100644 --- a/kernel/trace/trace_stack.c +++ b/kernel/trace/trace_stack.c @@ -88,7 +88,7 @@ check_stack(unsigned long ip, unsigned long *stack) @@ -103364,11 +103905,11 @@ index c8eac43..4b5f08f 100644 memcpy(&uts_table, table, sizeof(uts_table)); uts_table.data = get_uts(table, write); diff --git a/kernel/watchdog.c b/kernel/watchdog.c -index 3174bf8..3553520 100644 +index 581a68a..7ff6a89 100644 --- a/kernel/watchdog.c +++ b/kernel/watchdog.c -@@ -572,7 +572,7 @@ static int watchdog_nmi_enable(unsigned int cpu) { return 0; } - static void watchdog_nmi_disable(unsigned int cpu) { return; } +@@ -648,7 +648,7 @@ void watchdog_nmi_enable_all(void) {} + void watchdog_nmi_disable_all(void) {} #endif /* CONFIG_HARDLOCKUP_DETECTOR */ -static struct smp_hotplug_thread watchdog_threads = { @@ -103377,10 +103918,10 @@ index 3174bf8..3553520 100644 .thread_should_run = watchdog_should_run, .thread_fn = watchdog, diff --git a/kernel/workqueue.c b/kernel/workqueue.c -index 41ff75b..5ad683a 100644 +index 586ad91..5f8844a 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c -@@ -4564,7 +4564,7 @@ static void rebind_workers(struct worker_pool *pool) +@@ -4428,7 +4428,7 @@ static void rebind_workers(struct worker_pool *pool) WARN_ON_ONCE(!(worker_flags & WORKER_UNBOUND)); worker_flags |= WORKER_REBOUND; worker_flags &= ~WORKER_UNBOUND; @@ -103390,10 +103931,10 @@ index 41ff75b..5ad683a 100644 spin_unlock_irq(&pool->lock); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index c5cefb3..a4241e3 100644 +index ba2b0c8..a571efc 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug -@@ -923,7 +923,7 @@ config DEBUG_MUTEXES +@@ -936,7 +936,7 @@ config DEBUG_MUTEXES config DEBUG_WW_MUTEX_SLOWPATH bool "Wait/wound mutex debugging: Slowpath testing" @@ -103402,7 +103943,7 @@ index c5cefb3..a4241e3 100644 select DEBUG_LOCK_ALLOC select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -940,7 +940,7 @@ config DEBUG_WW_MUTEX_SLOWPATH +@@ -953,7 +953,7 @@ config DEBUG_WW_MUTEX_SLOWPATH config DEBUG_LOCK_ALLOC bool "Lock debugging: detect incorrect freeing of live locks" @@ -103411,7 +103952,7 @@ index c5cefb3..a4241e3 100644 select DEBUG_SPINLOCK select DEBUG_MUTEXES select LOCKDEP -@@ -954,7 +954,7 @@ config DEBUG_LOCK_ALLOC +@@ -967,7 +967,7 @@ config DEBUG_LOCK_ALLOC config PROVE_LOCKING bool "Lock debugging: prove locking correctness" @@ -103420,7 +103961,7 @@ index c5cefb3..a4241e3 100644 select LOCKDEP select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -1005,7 +1005,7 @@ config LOCKDEP +@@ -1018,7 +1018,7 @@ config LOCKDEP config LOCK_STAT bool "Lock usage statistics" @@ -103429,7 +103970,7 @@ index c5cefb3..a4241e3 100644 select LOCKDEP select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -1467,6 +1467,7 @@ config LATENCYTOP +@@ -1496,6 +1496,7 @@ config LATENCYTOP depends on DEBUG_KERNEL depends on STACKTRACE_SUPPORT depends on PROC_FS @@ -103437,7 +103978,7 @@ index c5cefb3..a4241e3 100644 select FRAME_POINTER if !MIPS && !PPC && !S390 && !MICROBLAZE && !ARM_UNWIND && !ARC select KALLSYMS select KALLSYMS_ALL -@@ -1483,7 +1484,7 @@ config ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS +@@ -1512,7 +1513,7 @@ config ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS config DEBUG_STRICT_USER_COPY_CHECKS bool "Strict user copy size checks" depends on ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS @@ -103446,7 +103987,7 @@ index c5cefb3..a4241e3 100644 help Enabling this option turns a certain set of sanity checks for user copy operations into compile time failures. -@@ -1614,7 +1615,7 @@ endmenu # runtime tests +@@ -1643,7 +1644,7 @@ endmenu # runtime tests config PROVIDE_OHCI1394_DMA_INIT bool "Remote debugging over FireWire early on boot" @@ -103456,7 +103997,7 @@ index c5cefb3..a4241e3 100644 If you want to debug problems which hang or crash the kernel early on boot and the crashing machine has a FireWire port, you can use diff --git a/lib/Makefile b/lib/Makefile -index 58f74d2..08e011f 100644 +index 6c37933..d48e7ca 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -59,7 +59,7 @@ obj-$(CONFIG_BTREE) += btree.o @@ -103482,10 +104023,10 @@ index 114d1be..ab0350c 100644 (val << avg->factor)) >> avg->weight : (val << avg->factor); diff --git a/lib/bitmap.c b/lib/bitmap.c -index d456f4c1..29a0308 100644 +index 64c0926f..9de1a1f 100644 --- a/lib/bitmap.c +++ b/lib/bitmap.c -@@ -264,7 +264,7 @@ int __bitmap_subset(const unsigned long *bitmap1, +@@ -234,7 +234,7 @@ int __bitmap_subset(const unsigned long *bitmap1, } EXPORT_SYMBOL(__bitmap_subset); @@ -103494,7 +104035,7 @@ index d456f4c1..29a0308 100644 { unsigned int k, lim = bits/BITS_PER_LONG; int w = 0; -@@ -391,7 +391,7 @@ int __bitmap_parse(const char *buf, unsigned int buflen, +@@ -361,7 +361,7 @@ int __bitmap_parse(const char *buf, unsigned int buflen, { int c, old_c, totaldigits, ndigits, nchunks, nbits; u32 chunk; @@ -103503,7 +104044,7 @@ index d456f4c1..29a0308 100644 bitmap_zero(maskp, nmaskbits); -@@ -476,7 +476,7 @@ int bitmap_parse_user(const char __user *ubuf, +@@ -446,7 +446,7 @@ int bitmap_parse_user(const char __user *ubuf, { if (!access_ok(VERIFY_READ, ubuf, ulen)) return -EFAULT; @@ -103512,7 +104053,7 @@ index d456f4c1..29a0308 100644 ulen, 1, maskp, nmaskbits); } -@@ -535,7 +535,7 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen, +@@ -505,7 +505,7 @@ static int __bitmap_parselist(const char *buf, unsigned int buflen, { unsigned a, b; int c, old_c, totaldigits; @@ -103521,7 +104062,7 @@ index d456f4c1..29a0308 100644 int exp_digit, in_range; totaldigits = c = 0; -@@ -630,7 +630,7 @@ int bitmap_parselist_user(const char __user *ubuf, +@@ -600,7 +600,7 @@ int bitmap_parselist_user(const char __user *ubuf, { if (!access_ok(VERIFY_READ, ubuf, ulen)) return -EFAULT; @@ -103588,7 +104129,7 @@ index 0be83af..4605e93 100644 for (i = 0; i < size; i++) ret = (ret << 8) | ptr[size-i-1]; diff --git a/lib/div64.c b/lib/div64.c -index 4382ad7..08aa558 100644 +index 19ea7ed..20cac21 100644 --- a/lib/div64.c +++ b/lib/div64.c @@ -59,7 +59,7 @@ uint32_t __attribute__((weak)) __div64_32(uint64_t *n, uint32_t base) @@ -103601,7 +104142,7 @@ index 4382ad7..08aa558 100644 u64 quotient; @@ -130,7 +130,7 @@ EXPORT_SYMBOL(div64_u64_rem); - * 'http://www.hackersdelight.org/HDcode/newCode/divDouble.c.txt' + * 'http://www.hackersdelight.org/hdcodetxt/divDouble.c.txt' */ #ifndef div64_u64 -u64 div64_u64(u64 dividend, u64 divisor) @@ -103610,7 +104151,7 @@ index 4382ad7..08aa558 100644 u32 high = divisor >> 32; u64 quot; diff --git a/lib/dma-debug.c b/lib/dma-debug.c -index 9722bd2..0d826f4 100644 +index ae4b65e..daf0230 100644 --- a/lib/dma-debug.c +++ b/lib/dma-debug.c @@ -979,7 +979,7 @@ static int dma_debug_device_change(struct notifier_block *nb, unsigned long acti @@ -103645,10 +104186,10 @@ index 013a761..c28f3fc 100644 #endif diff --git a/lib/ioremap.c b/lib/ioremap.c -index 0c9216c..863bd89 100644 +index 86c8911..f5bfc34 100644 --- a/lib/ioremap.c +++ b/lib/ioremap.c -@@ -38,7 +38,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, +@@ -75,7 +75,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, unsigned long next; phys_addr -= addr; @@ -103657,7 +104198,7 @@ index 0c9216c..863bd89 100644 if (!pmd) return -ENOMEM; do { -@@ -56,7 +56,7 @@ static inline int ioremap_pud_range(pgd_t *pgd, unsigned long addr, +@@ -101,7 +101,7 @@ static inline int ioremap_pud_range(pgd_t *pgd, unsigned long addr, unsigned long next; phys_addr -= addr; @@ -103681,10 +104222,22 @@ index bd2bea9..6b3c95e 100644 return false; diff --git a/lib/kobject.c b/lib/kobject.c -index 03d4ab3..46f6374 100644 +index 3b841b9..7c215aa 100644 --- a/lib/kobject.c +++ b/lib/kobject.c -@@ -931,9 +931,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); +@@ -340,8 +340,9 @@ error: + } + EXPORT_SYMBOL(kobject_init); + +-static int kobject_add_varg(struct kobject *kobj, struct kobject *parent, +- const char *fmt, va_list vargs) ++static __printf(3, 0) int kobject_add_varg(struct kobject *kobj, ++ struct kobject *parent, ++ const char *fmt, va_list vargs) + { + int retval; + +@@ -936,9 +937,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -103918,7 +104471,7 @@ index c24c2f7..f0296f4 100644 +} +EXPORT_SYMBOL(pax_list_del_rcu); diff --git a/lib/lockref.c b/lib/lockref.c -index ecb9a66..a044fc5 100644 +index 494994b..65caf94 100644 --- a/lib/lockref.c +++ b/lib/lockref.c @@ -48,13 +48,13 @@ @@ -104049,28 +104602,6 @@ index ecb9a66..a044fc5 100644 retval = 1; } spin_unlock(&lockref->lock); -diff --git a/lib/mpi/longlong.h b/lib/mpi/longlong.h -index aac5114..a89d041 100644 ---- a/lib/mpi/longlong.h -+++ b/lib/mpi/longlong.h -@@ -639,7 +639,7 @@ do { \ - ************** MIPS ***************** - ***************************************/ - #if defined(__mips__) && W_TYPE_SIZE == 32 --#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 -+#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) - #define umul_ppmm(w1, w0, u, v) \ - do { \ - UDItype __ll = (UDItype)(u) * (v); \ -@@ -671,7 +671,7 @@ do { \ - ************** MIPS/64 ************** - ***************************************/ - #if (defined(__mips) && __mips >= 3) && W_TYPE_SIZE == 64 --#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 -+#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) - #define umul_ppmm(w1, w0, u, v) \ - do { \ - typedef unsigned int __ll_UTItype __attribute__((mode(TI))); \ diff --git a/lib/nlattr.c b/lib/nlattr.c index f5907d2..36072be 100644 --- a/lib/nlattr.c @@ -104164,7 +104695,7 @@ index e0af6ff..fcc9f15 100644 /* diff --git a/lib/strnlen_user.c b/lib/strnlen_user.c -index 1164961..02dccaa 100644 +index fe9a325..85cd8aa 100644 --- a/lib/strnlen_user.c +++ b/lib/strnlen_user.c @@ -26,7 +26,7 @@ @@ -104177,10 +104708,10 @@ index 1164961..02dccaa 100644 unsigned long c; diff --git a/lib/swiotlb.c b/lib/swiotlb.c -index 4abda07..b9d3765 100644 +index 3c365ab..75b43df 100644 --- a/lib/swiotlb.c +++ b/lib/swiotlb.c -@@ -682,7 +682,7 @@ EXPORT_SYMBOL(swiotlb_alloc_coherent); +@@ -683,7 +683,7 @@ EXPORT_SYMBOL(swiotlb_alloc_coherent); void swiotlb_free_coherent(struct device *hwdev, size_t size, void *vaddr, @@ -104190,22 +104721,14 @@ index 4abda07..b9d3765 100644 phys_addr_t paddr = dma_to_phys(hwdev, dev_addr); diff --git a/lib/test-hexdump.c b/lib/test-hexdump.c -index daf29a39..56f44ac 100644 +index c227cc4..5241df3 100644 --- a/lib/test-hexdump.c +++ b/lib/test-hexdump.c -@@ -18,26 +18,26 @@ static const unsigned char data_b[] = { - - static const unsigned char data_a[] = ".2.{....p..$}.4...1.....L...C..."; - --static const char *test_data_1_le[] __initconst = { -+static const char * const test_data_1_le[] __initconst = { - "be", "32", "db", "7b", "0a", "18", "93", "b2", - "70", "ba", "c4", "24", "7d", "83", "34", "9b", - "a6", "9c", "31", "ad", "9c", "0f", "ac", "e9", +@@ -25,19 +25,19 @@ static const char * const test_data_1_le[] __initconst = { "4c", "d1", "19", "99", "43", "b1", "af", "0c", }; --static const char *test_data_2_le[] __initconst = { +-static const char *test_data_2_le[] __initdata = { +static const char * const test_data_2_le[] __initconst = { "32be", "7bdb", "180a", "b293", "ba70", "24c4", "837d", "9b34", @@ -104213,13 +104736,13 @@ index daf29a39..56f44ac 100644 "d14c", "9919", "b143", "0caf", }; --static const char *test_data_4_le[] __initconst = { +-static const char *test_data_4_le[] __initdata = { +static const char * const test_data_4_le[] __initconst = { "7bdb32be", "b293180a", "24c4ba70", "9b34837d", "ad319ca6", "e9ac0f9c", "9919d14c", "0cafb143", }; --static const char *test_data_8_le[] __initconst = { +-static const char *test_data_8_le[] __initdata = { +static const char * const test_data_8_le[] __initconst = { "b293180a7bdb32be", "9b34837d24c4ba70", "e9ac0f9cad319ca6", "0cafb1439919d14c", @@ -104239,7 +104762,7 @@ index 4f5b1dd..7cab418 100644 +} +EXPORT_SYMBOL(copy_to_user_overflow); diff --git a/lib/vsprintf.c b/lib/vsprintf.c -index b235c96..343ffc1 100644 +index da39c60..ac91239 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -16,6 +16,9 @@ @@ -104250,9 +104773,9 @@ index b235c96..343ffc1 100644 +#define __INCLUDED_BY_HIDESYM 1 +#endif #include <stdarg.h> + #include <linux/clk-provider.h> #include <linux/module.h> /* for KSYM_SYMBOL_LEN */ - #include <linux/types.h> -@@ -626,7 +629,7 @@ char *symbol_string(char *buf, char *end, void *ptr, +@@ -628,7 +631,7 @@ char *symbol_string(char *buf, char *end, void *ptr, #ifdef CONFIG_KALLSYMS if (*fmt == 'B') sprint_backtrace(sym, value); @@ -104261,19 +104784,20 @@ index b235c96..343ffc1 100644 sprint_symbol(sym, value); else sprint_symbol_no_offset(sym, value); -@@ -1322,7 +1325,11 @@ char *address_val(char *buf, char *end, const void *addr, - return number(buf, end, num, spec); +@@ -1360,7 +1363,11 @@ char *clock(char *buf, char *end, struct clk *clk, struct printf_spec spec, + } } +-int kptr_restrict __read_mostly; +#ifdef CONFIG_GRKERNSEC_HIDESYM -+int kptr_restrict __read_mostly = 2; ++int kptr_restrict __read_only = 2; +#else - int kptr_restrict __read_mostly; ++int kptr_restrict __read_only; +#endif /* * Show a '%p' thing. A kernel extension is that the '%p' is followed -@@ -1333,8 +1340,10 @@ int kptr_restrict __read_mostly; +@@ -1371,8 +1378,10 @@ int kptr_restrict __read_mostly; * * - 'F' For symbolic function descriptor pointers with offset * - 'f' For simple symbolic function names without offset @@ -104284,7 +104808,7 @@ index b235c96..343ffc1 100644 * - '[FfSs]R' as above with __builtin_extract_return_addr() translation * - 'B' For backtraced symbolic direct pointers with offset * - 'R' For decoded struct resource, e.g., [mem 0x0-0x1f 64bit pref] -@@ -1417,12 +1426,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1460,12 +1469,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, if (!ptr && *fmt != 'K') { /* @@ -104299,7 +104823,7 @@ index b235c96..343ffc1 100644 } switch (*fmt) { -@@ -1432,6 +1441,14 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1475,6 +1484,14 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, /* Fallthrough */ case 'S': case 's': @@ -104314,7 +104838,7 @@ index b235c96..343ffc1 100644 case 'B': return symbol_string(buf, end, ptr, spec, fmt); case 'R': -@@ -1496,6 +1513,8 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1539,6 +1556,8 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, va_end(va); return buf; } @@ -104323,7 +104847,7 @@ index b235c96..343ffc1 100644 case 'K': /* * %pK cannot be used in IRQ context because its test -@@ -1553,6 +1572,22 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1598,6 +1617,22 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, ((const struct file *)ptr)->f_path.dentry, spec, fmt); } @@ -104346,7 +104870,7 @@ index b235c96..343ffc1 100644 spec.flags |= SMALL; if (spec.field_width == -1) { spec.field_width = default_width; -@@ -2254,11 +2289,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -2296,11 +2331,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) typeof(type) value; \ if (sizeof(type) == 8) { \ args = PTR_ALIGN(args, sizeof(u32)); \ @@ -104361,7 +104885,7 @@ index b235c96..343ffc1 100644 } \ args += sizeof(type); \ value; \ -@@ -2321,7 +2356,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -2363,7 +2398,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) case FORMAT_TYPE_STR: { const char *str_arg = args; args += strlen(str_arg) + 1; @@ -104378,7 +104902,7 @@ index 0000000..7cd6065 @@ -0,0 +1 @@ +-grsec diff --git a/mm/Kconfig b/mm/Kconfig -index a03131b..1b1bafb 100644 +index 390214d..f96e3b8 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -342,10 +342,11 @@ config KSM @@ -104439,11 +104963,54 @@ index 000e7b3..aad2605 100644 if (err) { bdi_destroy(bdi); return err; +diff --git a/mm/cma_debug.c b/mm/cma_debug.c +index 7621ee3..f8e4b60 100644 +--- a/mm/cma_debug.c ++++ b/mm/cma_debug.c +@@ -39,7 +39,7 @@ static int cma_used_get(void *data, u64 *val) + + mutex_lock(&cma->lock); + /* pages counter is smaller than sizeof(int) */ +- used = bitmap_weight(cma->bitmap, (int)cma->count); ++ used = bitmap_weight(cma->bitmap, (int)cma_bitmap_maxno(cma)); + mutex_unlock(&cma->lock); + *val = (u64)used << cma->order_per_bit; + +@@ -52,13 +52,14 @@ static int cma_maxchunk_get(void *data, u64 *val) + struct cma *cma = data; + unsigned long maxchunk = 0; + unsigned long start, end = 0; ++ unsigned long bitmap_maxno = cma_bitmap_maxno(cma); + + mutex_lock(&cma->lock); + for (;;) { +- start = find_next_zero_bit(cma->bitmap, cma->count, end); ++ start = find_next_zero_bit(cma->bitmap, bitmap_maxno, end); + if (start >= cma->count) + break; +- end = find_next_bit(cma->bitmap, cma->count, start); ++ end = find_next_bit(cma->bitmap, bitmap_maxno, start); + maxchunk = max(end - start, maxchunk); + } + mutex_unlock(&cma->lock); +@@ -170,10 +171,10 @@ static void cma_debugfs_add_one(struct cma *cma, int idx) + + tmp = debugfs_create_dir(name, cma_debugfs_root); + +- debugfs_create_file("alloc", S_IWUSR, cma_debugfs_root, cma, ++ debugfs_create_file("alloc", S_IWUSR, tmp, cma, + &cma_alloc_fops); + +- debugfs_create_file("free", S_IWUSR, cma_debugfs_root, cma, ++ debugfs_create_file("free", S_IWUSR, tmp, cma, + &cma_free_fops); + + debugfs_create_file("base_pfn", S_IRUGO, tmp, diff --git a/mm/filemap.c b/mm/filemap.c -index ad72420..0a20ef2 100644 +index 6bf5e42..1e631ee 100644 --- a/mm/filemap.c +++ b/mm/filemap.c -@@ -2097,7 +2097,7 @@ int generic_file_mmap(struct file * file, struct vm_area_struct * vma) +@@ -2095,7 +2095,7 @@ int generic_file_mmap(struct file * file, struct vm_area_struct * vma) struct address_space *mapping = file->f_mapping; if (!mapping->a_ops->readpage) @@ -104452,24 +105019,24 @@ index ad72420..0a20ef2 100644 file_accessed(file); vma->vm_ops = &generic_file_vm_ops; return 0; -@@ -2275,6 +2275,7 @@ inline int generic_write_checks(struct file *file, loff_t *pos, size_t *count, i - *pos = i_size_read(inode); - - if (limit != RLIM_INFINITY) { -+ gr_learn_resource(current, RLIMIT_FSIZE,*pos, 0); - if (*pos >= limit) { - send_sig(SIGXFSZ, current, 0); - return -EFBIG; +@@ -2276,6 +2276,7 @@ inline ssize_t generic_write_checks(struct kiocb *iocb, struct iov_iter *from) + pos = iocb->ki_pos; + + if (limit != RLIM_INFINITY) { ++ gr_learn_resource(current, RLIMIT_FSIZE, iocb->ki_pos, 0); + if (iocb->ki_pos >= limit) { + send_sig(SIGXFSZ, current, 0); + return -EFBIG; diff --git a/mm/gup.c b/mm/gup.c -index a6e24e2..72dd2cf 100644 +index 6297f6b..7652403 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -265,11 +265,6 @@ static int faultin_page(struct task_struct *tsk, struct vm_area_struct *vma, unsigned int fault_flags = 0; int ret; -- /* For mlock, just skip the stack guard page. */ -- if ((*flags & FOLL_MLOCK) && +- /* For mm_populate(), just skip the stack guard page. */ +- if ((*flags & FOLL_POPULATE) && - (stack_guard_page_start(vma, address) || - stack_guard_page_end(vma, address + PAGE_SIZE))) - return -ENOENT; @@ -104540,10 +105107,10 @@ index 123bcd3..0de52ba 100644 set_page_address(page, (void *)vaddr); diff --git a/mm/hugetlb.c b/mm/hugetlb.c -index caad3c5..4f68807 100644 +index 271e443..c582971 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c -@@ -2260,6 +2260,7 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, +@@ -2362,6 +2362,7 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, struct ctl_table *table, int write, void __user *buffer, size_t *length, loff_t *ppos) { @@ -104551,7 +105118,7 @@ index caad3c5..4f68807 100644 struct hstate *h = &default_hstate; unsigned long tmp = h->max_huge_pages; int ret; -@@ -2267,9 +2268,10 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, +@@ -2369,9 +2370,10 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, if (!hugepages_supported()) return -ENOTSUPP; @@ -104565,7 +105132,7 @@ index caad3c5..4f68807 100644 if (ret) goto out; -@@ -2304,6 +2306,7 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, +@@ -2406,6 +2408,7 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, struct hstate *h = &default_hstate; unsigned long tmp; int ret; @@ -104573,7 +105140,7 @@ index caad3c5..4f68807 100644 if (!hugepages_supported()) return -ENOTSUPP; -@@ -2313,9 +2316,10 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, +@@ -2415,9 +2418,10 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, if (write && hstate_is_gigantic(h)) return -EINVAL; @@ -104587,7 +105154,7 @@ index caad3c5..4f68807 100644 if (ret) goto out; -@@ -2800,6 +2804,27 @@ static void unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2907,6 +2911,27 @@ static void unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, i_mmap_unlock_write(mapping); } @@ -104615,7 +105182,7 @@ index caad3c5..4f68807 100644 /* * Hugetlb_cow() should be called with page lock of the original hugepage held. * Called with hugetlb_instantiation_mutex held and pte_page locked so we -@@ -2912,6 +2937,11 @@ retry_avoidcopy: +@@ -3020,6 +3045,11 @@ retry_avoidcopy: make_huge_pte(vma, new_page, 1)); page_remove_rmap(old_page); hugepage_add_new_anon_rmap(new_page, vma, address); @@ -104627,7 +105194,7 @@ index caad3c5..4f68807 100644 /* Make the old page be freed below */ new_page = old_page; } -@@ -3072,6 +3102,10 @@ retry: +@@ -3181,6 +3211,10 @@ retry: && (vma->vm_flags & VM_SHARED))); set_huge_pte_at(mm, address, ptep, new_pte); @@ -104638,7 +105205,7 @@ index caad3c5..4f68807 100644 if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { /* Optimization, do the COW without a second fault */ ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page, ptl); -@@ -3139,6 +3173,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3248,6 +3282,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, struct address_space *mapping; int need_wait_lock = 0; @@ -104649,7 +105216,7 @@ index caad3c5..4f68807 100644 address &= huge_page_mask(h); ptep = huge_pte_offset(mm, address); -@@ -3152,6 +3190,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3261,6 +3299,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, VM_FAULT_SET_HINDEX(hstate_index(h)); } @@ -104677,7 +105244,7 @@ index caad3c5..4f68807 100644 if (!ptep) return VM_FAULT_OOM; diff --git a/mm/internal.h b/mm/internal.h -index a96da5b..42ebd54 100644 +index a25e359..e2c96e9 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -156,6 +156,7 @@ __find_buddy_index(unsigned long page_idx, unsigned int order) @@ -104688,7 +105255,7 @@ index a96da5b..42ebd54 100644 extern void prep_compound_page(struct page *page, unsigned long order); #ifdef CONFIG_MEMORY_FAILURE extern bool is_free_buddy_page(struct page *page); -@@ -411,7 +412,7 @@ extern u32 hwpoison_filter_enable; +@@ -413,7 +414,7 @@ extern u32 hwpoison_filter_enable; extern unsigned long vm_mmap_pgoff(struct file *, unsigned long, unsigned long, unsigned long, @@ -104698,10 +105265,10 @@ index a96da5b..42ebd54 100644 extern void set_pageblock_order(void); unsigned long reclaim_clean_pages_from_list(struct zone *zone, diff --git a/mm/kmemleak.c b/mm/kmemleak.c -index f0fe4f2..898208c 100644 +index 3716cdb..25b97dc 100644 --- a/mm/kmemleak.c +++ b/mm/kmemleak.c -@@ -366,7 +366,7 @@ static void print_unreferenced(struct seq_file *seq, +@@ -368,7 +368,7 @@ static void print_unreferenced(struct seq_file *seq, for (i = 0; i < object->trace_len; i++) { void *ptr = (void *)object->trace[i]; @@ -104710,7 +105277,7 @@ index f0fe4f2..898208c 100644 } } -@@ -1912,7 +1912,7 @@ static int __init kmemleak_late_init(void) +@@ -1926,7 +1926,7 @@ static int __init kmemleak_late_init(void) return -ENOMEM; } @@ -104816,7 +105383,7 @@ index d551475..8fdd7f3 100644 if (end == start) return error; diff --git a/mm/memory-failure.c b/mm/memory-failure.c -index 72a5224..51ba846 100644 +index 501820c..9612bcf 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; @@ -104837,16 +105404,16 @@ index 72a5224..51ba846 100644 #ifdef __ARCH_SI_TRAPNO si.si_trapno = trapno; #endif -@@ -779,7 +779,7 @@ static struct page_state { +@@ -825,7 +825,7 @@ static struct page_state { unsigned long res; - char *msg; + enum action_page_type type; int (*action)(struct page *p, unsigned long pfn); -} error_states[] = { +} __do_const error_states[] = { - { reserved, reserved, "reserved kernel", me_kernel }, + { reserved, reserved, MSG_KERNEL, me_kernel }, /* * free pages are specially detected outside this table: -@@ -1087,7 +1087,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1133,7 +1133,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) nr_pages = 1 << compound_order(hpage); else /* normal page or thp */ nr_pages = 1; @@ -104855,7 +105422,7 @@ index 72a5224..51ba846 100644 /* * We need/can do nothing about count=0 pages. -@@ -1116,7 +1116,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1162,7 +1162,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) if (PageHWPoison(hpage)) { if ((hwpoison_filter(p) && TestClearPageHWPoison(p)) || (p != hpage && TestSetPageHWPoison(hpage))) { @@ -104864,7 +105431,7 @@ index 72a5224..51ba846 100644 unlock_page(hpage); return 0; } -@@ -1184,14 +1184,14 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1231,14 +1231,14 @@ int memory_failure(unsigned long pfn, int trapno, int flags) */ if (!PageHWPoison(p)) { printk(KERN_ERR "MCE %#lx: just unpoisoned\n", pfn); @@ -104881,7 +105448,7 @@ index 72a5224..51ba846 100644 unlock_page(hpage); put_page(hpage); return 0; -@@ -1421,7 +1421,7 @@ int unpoison_memory(unsigned long pfn) +@@ -1467,7 +1467,7 @@ int unpoison_memory(unsigned long pfn) return 0; } if (TestClearPageHWPoison(p)) @@ -104890,7 +105457,7 @@ index 72a5224..51ba846 100644 pr_info("MCE: Software-unpoisoned free page %#lx\n", pfn); return 0; } -@@ -1435,7 +1435,7 @@ int unpoison_memory(unsigned long pfn) +@@ -1481,7 +1481,7 @@ int unpoison_memory(unsigned long pfn) */ if (TestClearPageHWPoison(page)) { pr_info("MCE: Software-unpoisoned page %#lx\n", pfn); @@ -104899,7 +105466,7 @@ index 72a5224..51ba846 100644 freeit = 1; if (PageHuge(page)) clear_page_hwpoison_huge_page(page); -@@ -1560,11 +1560,11 @@ static int soft_offline_huge_page(struct page *page, int flags) +@@ -1616,11 +1616,11 @@ static int soft_offline_huge_page(struct page *page, int flags) if (PageHuge(page)) { set_page_hwpoison_huge_page(hpage); dequeue_hwpoisoned_huge_page(hpage); @@ -104913,7 +105480,7 @@ index 72a5224..51ba846 100644 } } return ret; -@@ -1603,7 +1603,7 @@ static int __soft_offline_page(struct page *page, int flags) +@@ -1659,7 +1659,7 @@ static int __soft_offline_page(struct page *page, int flags) put_page(page); pr_info("soft_offline: %#lx: invalidated\n", pfn); SetPageHWPoison(page); @@ -104922,7 +105489,7 @@ index 72a5224..51ba846 100644 return 0; } -@@ -1652,7 +1652,7 @@ static int __soft_offline_page(struct page *page, int flags) +@@ -1708,7 +1708,7 @@ static int __soft_offline_page(struct page *page, int flags) if (!is_free_buddy_page(page)) pr_info("soft offline: %#lx: page leaked\n", pfn); @@ -104931,7 +105498,7 @@ index 72a5224..51ba846 100644 } } else { pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", -@@ -1722,11 +1722,11 @@ int soft_offline_page(struct page *page, int flags) +@@ -1778,11 +1778,11 @@ int soft_offline_page(struct page *page, int flags) if (PageHuge(page)) { set_page_hwpoison_huge_page(hpage); if (!dequeue_hwpoisoned_huge_page(hpage)) @@ -104946,7 +105513,7 @@ index 72a5224..51ba846 100644 } unset_migratetype_isolate(page, MIGRATE_MOVABLE); diff --git a/mm/memory.c b/mm/memory.c -index 97839f5..4bc5530 100644 +index 22e037e..347d230 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -414,6 +414,7 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, @@ -104982,20 +105549,16 @@ index 97839f5..4bc5530 100644 } /* -@@ -691,10 +696,10 @@ static void print_bad_pte(struct vm_area_struct *vma, unsigned long addr, +@@ -690,7 +695,7 @@ static void print_bad_pte(struct vm_area_struct *vma, unsigned long addr, + /* * Choose text because data symbols depend on CONFIG_KALLSYMS_ALL=y */ - if (vma->vm_ops) -- printk(KERN_ALERT "vma->vm_ops->fault: %pSR\n", -+ printk(KERN_ALERT "vma->vm_ops->fault: %pAR\n", - vma->vm_ops->fault); - if (vma->vm_file) -- printk(KERN_ALERT "vma->vm_file->f_op->mmap: %pSR\n", -+ printk(KERN_ALERT "vma->vm_file->f_op->mmap: %pAR\n", - vma->vm_file->f_op->mmap); - dump_stack(); - add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); -@@ -1464,6 +1469,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, +- pr_alert("file:%pD fault:%pf mmap:%pf readpage:%pf\n", ++ pr_alert("file:%pD fault:%pX mmap:%pX readpage:%pX\n", + vma->vm_file, + vma->vm_ops ? vma->vm_ops->fault : NULL, + vma->vm_file ? vma->vm_file->f_op->mmap : NULL, +@@ -1463,6 +1468,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, page_add_file_rmap(page); set_pte_at(mm, addr, pte, mk_pte(page, prot)); @@ -105006,7 +105569,7 @@ index 97839f5..4bc5530 100644 retval = 0; pte_unmap_unlock(pte, ptl); return retval; -@@ -1508,9 +1517,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, +@@ -1507,9 +1516,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, if (!page_count(page)) return -EINVAL; if (!(vma->vm_flags & VM_MIXEDMAP)) { @@ -105028,7 +105591,7 @@ index 97839f5..4bc5530 100644 } return insert_page(vma, addr, page, vma->vm_page_prot); } -@@ -1593,6 +1614,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, +@@ -1592,6 +1613,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, unsigned long pfn) { BUG_ON(!(vma->vm_flags & VM_MIXEDMAP)); @@ -105036,7 +105599,7 @@ index 97839f5..4bc5530 100644 if (addr < vma->vm_start || addr >= vma->vm_end) return -EFAULT; -@@ -1840,7 +1862,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, +@@ -1839,7 +1861,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, BUG_ON(pud_huge(*pud)); @@ -105047,7 +105610,7 @@ index 97839f5..4bc5530 100644 if (!pmd) return -ENOMEM; do { -@@ -1860,7 +1884,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, +@@ -1859,7 +1883,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, unsigned long next; int err; @@ -105058,8 +105621,8 @@ index 97839f5..4bc5530 100644 if (!pud) return -ENOMEM; do { -@@ -1982,6 +2008,185 @@ static int do_page_mkwrite(struct vm_area_struct *vma, struct page *page, - return ret; +@@ -2040,6 +2066,185 @@ static inline int wp_page_reuse(struct mm_struct *mm, + return VM_FAULT_WRITE; } +#ifdef CONFIG_PAX_SEGMEXEC @@ -105242,9 +105805,9 @@ index 97839f5..4bc5530 100644 +#endif + /* - * This routine handles present pages, when users try to write - * to a shared page. It is done by copying the page to a new address -@@ -2172,6 +2377,12 @@ gotten: + * Handle the case of a page which we actually need to copy to a new page. + * +@@ -2093,6 +2298,12 @@ static int wp_page_copy(struct mm_struct *mm, struct vm_area_struct *vma, */ page_table = pte_offset_map_lock(mm, pmd, address, &ptl); if (likely(pte_same(*page_table, orig_pte))) { @@ -105257,7 +105820,7 @@ index 97839f5..4bc5530 100644 if (old_page) { if (!PageAnon(old_page)) { dec_mm_counter_fast(mm, MM_FILEPAGES); -@@ -2225,6 +2436,10 @@ gotten: +@@ -2147,6 +2358,10 @@ static int wp_page_copy(struct mm_struct *mm, struct vm_area_struct *vma, page_remove_rmap(old_page); } @@ -105267,8 +105830,8 @@ index 97839f5..4bc5530 100644 + /* Free the old page.. */ new_page = old_page; - ret |= VM_FAULT_WRITE; -@@ -2483,6 +2698,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, + page_copied = 1; +@@ -2578,6 +2793,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, swap_free(entry); if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) try_to_free_swap(page); @@ -105280,7 +105843,7 @@ index 97839f5..4bc5530 100644 unlock_page(page); if (page != swapcache) { /* -@@ -2506,6 +2726,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2601,6 +2821,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, address, page_table); @@ -105292,7 +105855,7 @@ index 97839f5..4bc5530 100644 unlock: pte_unmap_unlock(page_table, ptl); out: -@@ -2525,40 +2750,6 @@ out_release: +@@ -2620,40 +2845,6 @@ out_release: } /* @@ -105333,7 +105896,7 @@ index 97839f5..4bc5530 100644 * We enter with non-exclusive mmap_sem (to exclude vma changes, * but allow concurrent faults), and pte mapped but not yet locked. * We return with mmap_sem still held, but pte unmapped and unlocked. -@@ -2568,27 +2759,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2663,27 +2854,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, unsigned int flags) { struct mem_cgroup *memcg; @@ -105366,7 +105929,7 @@ index 97839f5..4bc5530 100644 if (unlikely(anon_vma_prepare(vma))) goto oom; page = alloc_zeroed_user_highpage_movable(vma, address); -@@ -2612,6 +2799,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2707,6 +2894,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, if (!pte_none(*page_table)) goto release; @@ -105378,7 +105941,7 @@ index 97839f5..4bc5530 100644 inc_mm_counter_fast(mm, MM_ANONPAGES); page_add_new_anon_rmap(page, vma, address); mem_cgroup_commit_charge(page, memcg, false); -@@ -2621,6 +2813,12 @@ setpte: +@@ -2716,6 +2908,12 @@ setpte: /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, address, page_table); @@ -105391,7 +105954,7 @@ index 97839f5..4bc5530 100644 unlock: pte_unmap_unlock(page_table, ptl); return 0; -@@ -2853,6 +3051,11 @@ static int do_read_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2948,6 +3146,11 @@ static int do_read_fault(struct mm_struct *mm, struct vm_area_struct *vma, return ret; } do_set_pte(vma, address, fault_page, pte, false, false); @@ -105403,7 +105966,7 @@ index 97839f5..4bc5530 100644 unlock_page(fault_page); unlock_out: pte_unmap_unlock(pte, ptl); -@@ -2904,7 +3107,18 @@ static int do_cow_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2999,7 +3202,18 @@ static int do_cow_fault(struct mm_struct *mm, struct vm_area_struct *vma, } goto uncharge_out; } @@ -105422,7 +105985,7 @@ index 97839f5..4bc5530 100644 mem_cgroup_commit_charge(new_page, memcg, false); lru_cache_add_active_or_unevictable(new_page, vma); pte_unmap_unlock(pte, ptl); -@@ -2962,6 +3176,11 @@ static int do_shared_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3057,6 +3271,11 @@ static int do_shared_fault(struct mm_struct *mm, struct vm_area_struct *vma, return ret; } do_set_pte(vma, address, fault_page, pte, true, false); @@ -105434,7 +105997,7 @@ index 97839f5..4bc5530 100644 pte_unmap_unlock(pte, ptl); if (set_page_dirty(fault_page)) -@@ -3185,6 +3404,12 @@ static int handle_pte_fault(struct mm_struct *mm, +@@ -3280,6 +3499,12 @@ static int handle_pte_fault(struct mm_struct *mm, if (flags & FAULT_FLAG_WRITE) flush_tlb_fix_spurious_fault(vma, address); } @@ -105447,7 +106010,7 @@ index 97839f5..4bc5530 100644 unlock: pte_unmap_unlock(pte, ptl); return 0; -@@ -3204,9 +3429,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3299,9 +3524,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, pmd_t *pmd; pte_t *pte; @@ -105489,7 +106052,7 @@ index 97839f5..4bc5530 100644 pgd = pgd_offset(mm, address); pud = pud_alloc(mm, pgd, address); if (!pud) -@@ -3341,6 +3598,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) +@@ -3436,6 +3693,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) spin_unlock(&mm->page_table_lock); return 0; } @@ -105513,7 +106076,7 @@ index 97839f5..4bc5530 100644 #endif /* __PAGETABLE_PUD_FOLDED */ #ifndef __PAGETABLE_PMD_FOLDED -@@ -3373,6 +3647,32 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) +@@ -3468,6 +3742,32 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) spin_unlock(&mm->page_table_lock); return 0; } @@ -105546,7 +106109,7 @@ index 97839f5..4bc5530 100644 #endif /* __PAGETABLE_PMD_FOLDED */ static int __follow_pte(struct mm_struct *mm, unsigned long address, -@@ -3482,8 +3782,8 @@ out: +@@ -3577,8 +3877,8 @@ out: return ret; } @@ -105557,7 +106120,7 @@ index 97839f5..4bc5530 100644 { resource_size_t phys_addr; unsigned long prot = 0; -@@ -3509,8 +3809,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); +@@ -3604,8 +3904,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); * Access another process' address space as given in mm. If non-NULL, use the * given task for page fault accounting. */ @@ -105568,7 +106131,7 @@ index 97839f5..4bc5530 100644 { struct vm_area_struct *vma; void *old_buf = buf; -@@ -3518,7 +3818,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, +@@ -3613,7 +3913,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, down_read(&mm->mmap_sem); /* ignore errors, just check how much was successfully transferred */ while (len) { @@ -105577,7 +106140,7 @@ index 97839f5..4bc5530 100644 void *maddr; struct page *page = NULL; -@@ -3579,8 +3879,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, +@@ -3674,8 +3974,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, * * The caller must hold a reference on @mm. */ @@ -105588,7 +106151,7 @@ index 97839f5..4bc5530 100644 { return __access_remote_vm(NULL, mm, addr, buf, len, write); } -@@ -3590,11 +3890,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, +@@ -3685,11 +3985,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, * Source/target buffer must be kernel space, * Do not walk the page table directly, use get_user_pages */ @@ -105604,7 +106167,7 @@ index 97839f5..4bc5530 100644 mm = get_task_mm(tsk); if (!mm) diff --git a/mm/mempolicy.c b/mm/mempolicy.c -index 0f7d73b..737047f 100644 +index 99d4c1d..a577817 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -703,6 +703,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, @@ -105635,7 +106198,7 @@ index 0f7d73b..737047f 100644 } out: -@@ -1160,6 +1174,17 @@ static long do_mbind(unsigned long start, unsigned long len, +@@ -1161,6 +1175,17 @@ static long do_mbind(unsigned long start, unsigned long len, if (end < start) return -EINVAL; @@ -105653,7 +106216,7 @@ index 0f7d73b..737047f 100644 if (end == start) return 0; -@@ -1385,8 +1410,7 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, +@@ -1386,8 +1411,7 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -105663,7 +106226,7 @@ index 0f7d73b..737047f 100644 rcu_read_unlock(); err = -EPERM; goto out_put; -@@ -1417,6 +1441,15 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, +@@ -1418,6 +1442,15 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, goto out; } @@ -105680,10 +106243,10 @@ index 0f7d73b..737047f 100644 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); diff --git a/mm/migrate.c b/mm/migrate.c -index 85e0426..be49beb 100644 +index f53838f..a26fa94 100644 --- a/mm/migrate.c +++ b/mm/migrate.c -@@ -1472,8 +1472,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, +@@ -1484,8 +1484,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -105694,7 +106257,7 @@ index 85e0426..be49beb 100644 err = -EPERM; goto out; diff --git a/mm/mlock.c b/mm/mlock.c -index 8a54cd2..92f1747 100644 +index 6fd2cf1..cbae765 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -14,6 +14,7 @@ @@ -105705,7 +106268,7 @@ index 8a54cd2..92f1747 100644 #include <linux/sched.h> #include <linux/export.h> #include <linux/rmap.h> -@@ -613,7 +614,7 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -557,7 +558,7 @@ static int do_mlock(unsigned long start, size_t len, int on) { unsigned long nstart, end, tmp; struct vm_area_struct * vma, * prev; @@ -105714,7 +106277,7 @@ index 8a54cd2..92f1747 100644 VM_BUG_ON(start & ~PAGE_MASK); VM_BUG_ON(len != PAGE_ALIGN(len)); -@@ -622,6 +623,9 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -566,6 +567,9 @@ static int do_mlock(unsigned long start, size_t len, int on) return -EINVAL; if (end == start) return 0; @@ -105724,7 +106287,7 @@ index 8a54cd2..92f1747 100644 vma = find_vma(current->mm, start); if (!vma || vma->vm_start > start) return -ENOMEM; -@@ -633,6 +637,11 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -577,6 +581,11 @@ static int do_mlock(unsigned long start, size_t len, int on) for (nstart = start ; ; ) { vm_flags_t newflags; @@ -105736,7 +106299,7 @@ index 8a54cd2..92f1747 100644 /* Here we know that vma->vm_start <= nstart < vma->vm_end. */ newflags = vma->vm_flags & ~VM_LOCKED; -@@ -746,6 +755,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) +@@ -627,6 +636,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) locked += current->mm->locked_vm; /* check against resource limits */ @@ -105744,7 +106307,7 @@ index 8a54cd2..92f1747 100644 if ((locked <= lock_limit) || capable(CAP_IPC_LOCK)) error = do_mlock(start, len, 1); -@@ -783,6 +793,11 @@ static int do_mlockall(int flags) +@@ -668,6 +678,11 @@ static int do_mlockall(int flags) for (vma = current->mm->mmap; vma ; vma = prev->vm_next) { vm_flags_t newflags; @@ -105756,7 +106319,7 @@ index 8a54cd2..92f1747 100644 newflags = vma->vm_flags & ~VM_LOCKED; if (flags & MCL_CURRENT) newflags |= VM_LOCKED; -@@ -814,8 +829,10 @@ SYSCALL_DEFINE1(mlockall, int, flags) +@@ -699,8 +714,10 @@ SYSCALL_DEFINE1(mlockall, int, flags) lock_limit >>= PAGE_SHIFT; ret = -ENOMEM; @@ -105782,7 +106345,7 @@ index 5f420f7..dd42fb1b 100644 .priority = IPC_CALLBACK_PRI, /* use lowest priority */ }; diff --git a/mm/mmap.c b/mm/mmap.c -index 9ec50a3..0476e2d 100644 +index bb50cac..6d50a9f 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -41,6 +41,7 @@ @@ -106124,20 +106687,15 @@ index 9ec50a3..0476e2d 100644 if (!may_expand_vm(mm, len >> PAGE_SHIFT)) { unsigned long nr_pages; -@@ -1551,11 +1696,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, - - /* Clear old maps */ - error = -ENOMEM; --munmap_back: - if (find_vma_links(mm, addr, addr + len, &prev, &rb_link, &rb_parent)) { +@@ -1555,6 +1700,7 @@ unsigned long mmap_region(struct file *file, unsigned long addr, + &rb_parent)) { if (do_munmap(mm, addr, len)) return -ENOMEM; -- goto munmap_back; + BUG_ON(find_vma_links(mm, addr, addr + len, &prev, &rb_link, &rb_parent)); } /* -@@ -1586,6 +1730,16 @@ munmap_back: +@@ -1586,6 +1732,16 @@ unsigned long mmap_region(struct file *file, unsigned long addr, goto unacct_error; } @@ -106154,7 +106712,7 @@ index 9ec50a3..0476e2d 100644 vma->vm_mm = mm; vma->vm_start = addr; vma->vm_end = addr + len; -@@ -1616,6 +1770,13 @@ munmap_back: +@@ -1616,6 +1772,13 @@ unsigned long mmap_region(struct file *file, unsigned long addr, if (error) goto unmap_and_free_vma; @@ -106168,7 +106726,7 @@ index 9ec50a3..0476e2d 100644 /* Can addr have changed?? * * Answer: Yes, several device drivers can do it in their -@@ -1634,6 +1795,12 @@ munmap_back: +@@ -1634,6 +1797,12 @@ unsigned long mmap_region(struct file *file, unsigned long addr, } vma_link(mm, vma, prev, rb_link, rb_parent); @@ -106181,7 +106739,7 @@ index 9ec50a3..0476e2d 100644 /* Once vma denies write, undo our temporary denial count */ if (file) { if (vm_flags & VM_SHARED) -@@ -1646,6 +1813,7 @@ out: +@@ -1646,6 +1815,7 @@ out: perf_event_mmap(vma); vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); @@ -106189,7 +106747,7 @@ index 9ec50a3..0476e2d 100644 if (vm_flags & VM_LOCKED) { if (!((vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm))) -@@ -1683,6 +1851,12 @@ allow_write_and_free_vma: +@@ -1683,6 +1853,12 @@ allow_write_and_free_vma: if (vm_flags & VM_DENYWRITE) allow_write_access(file); free_vma: @@ -106202,7 +106760,7 @@ index 9ec50a3..0476e2d 100644 kmem_cache_free(vm_area_cachep, vma); unacct_error: if (charged) -@@ -1690,7 +1864,63 @@ unacct_error: +@@ -1690,7 +1866,63 @@ unacct_error: return error; } @@ -106267,7 +106825,7 @@ index 9ec50a3..0476e2d 100644 { /* * We implement the search by looking for an rbtree node that -@@ -1738,11 +1968,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) +@@ -1738,11 +1970,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) } } @@ -106298,7 +106856,7 @@ index 9ec50a3..0476e2d 100644 if (gap_end >= low_limit && gap_end - gap_start >= length) goto found; -@@ -1792,7 +2040,7 @@ found: +@@ -1792,7 +2042,7 @@ found: return gap_start; } @@ -106307,7 +106865,7 @@ index 9ec50a3..0476e2d 100644 { struct mm_struct *mm = current->mm; struct vm_area_struct *vma; -@@ -1846,6 +2094,24 @@ check_current: +@@ -1846,6 +2096,24 @@ check_current: gap_end = vma->vm_start; if (gap_end < low_limit) return -ENOMEM; @@ -106332,7 +106890,7 @@ index 9ec50a3..0476e2d 100644 if (gap_start <= high_limit && gap_end - gap_start >= length) goto found; -@@ -1909,6 +2175,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1909,6 +2177,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, struct mm_struct *mm = current->mm; struct vm_area_struct *vma; struct vm_unmapped_area_info info; @@ -106340,7 +106898,7 @@ index 9ec50a3..0476e2d 100644 if (len > TASK_SIZE - mmap_min_addr) return -ENOMEM; -@@ -1916,11 +2183,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1916,11 +2185,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, if (flags & MAP_FIXED) return addr; @@ -106357,7 +106915,7 @@ index 9ec50a3..0476e2d 100644 return addr; } -@@ -1929,6 +2200,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1929,6 +2202,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.low_limit = mm->mmap_base; info.high_limit = TASK_SIZE; info.align_mask = 0; @@ -106365,7 +106923,7 @@ index 9ec50a3..0476e2d 100644 return vm_unmapped_area(&info); } #endif -@@ -1947,6 +2219,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1947,6 +2221,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, struct mm_struct *mm = current->mm; unsigned long addr = addr0; struct vm_unmapped_area_info info; @@ -106373,7 +106931,7 @@ index 9ec50a3..0476e2d 100644 /* requested length too big for entire address space */ if (len > TASK_SIZE - mmap_min_addr) -@@ -1955,12 +2228,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1955,12 +2230,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, if (flags & MAP_FIXED) return addr; @@ -106391,7 +106949,7 @@ index 9ec50a3..0476e2d 100644 return addr; } -@@ -1969,6 +2246,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1969,6 +2248,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.low_limit = max(PAGE_SIZE, mmap_min_addr); info.high_limit = mm->mmap_base; info.align_mask = 0; @@ -106399,7 +106957,7 @@ index 9ec50a3..0476e2d 100644 addr = vm_unmapped_area(&info); /* -@@ -1981,6 +2259,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1981,6 +2261,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, VM_BUG_ON(addr != -ENOMEM); info.flags = 0; info.low_limit = TASK_UNMAPPED_BASE; @@ -106412,7 +106970,7 @@ index 9ec50a3..0476e2d 100644 info.high_limit = TASK_SIZE; addr = vm_unmapped_area(&info); } -@@ -2081,6 +2365,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, +@@ -2081,6 +2367,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, return vma; } @@ -106441,25 +106999,25 @@ index 9ec50a3..0476e2d 100644 /* * Verify that the stack growth is acceptable and * update accounting. This is shared with both the -@@ -2098,8 +2404,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2098,8 +2406,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns /* Stack limit test */ actual_size = size; - if (size && (vma->vm_flags & (VM_GROWSUP | VM_GROWSDOWN))) - actual_size -= PAGE_SIZE; + gr_learn_resource(current, RLIMIT_STACK, actual_size, 1); - if (actual_size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) + if (actual_size > READ_ONCE(rlim[RLIMIT_STACK].rlim_cur)) return -ENOMEM; -@@ -2110,6 +2415,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2110,6 +2417,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns locked = mm->locked_vm + grow; - limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); + limit = READ_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); limit >>= PAGE_SHIFT; + gr_learn_resource(current, RLIMIT_MEMLOCK, locked << PAGE_SHIFT, 1); if (locked > limit && !capable(CAP_IPC_LOCK)) return -ENOMEM; } -@@ -2139,37 +2445,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2139,37 +2447,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns * PA-RISC uses this for its stack; IA64 for its Register Backing Store. * vma is the last one with address > vma->vm_end. Have to extend vma. */ @@ -106517,7 +107075,7 @@ index 9ec50a3..0476e2d 100644 unsigned long size, grow; size = address - vma->vm_start; -@@ -2204,6 +2521,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) +@@ -2204,6 +2523,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) } } } @@ -106526,7 +107084,7 @@ index 9ec50a3..0476e2d 100644 vma_unlock_anon_vma(vma); khugepaged_enter_vma_merge(vma, vma->vm_flags); validate_mm(vma->vm_mm); -@@ -2218,6 +2537,8 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2218,6 +2539,8 @@ int expand_downwards(struct vm_area_struct *vma, unsigned long address) { int error; @@ -106535,7 +107093,7 @@ index 9ec50a3..0476e2d 100644 /* * We must make sure the anon_vma is allocated -@@ -2231,6 +2552,15 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2231,6 +2554,15 @@ int expand_downwards(struct vm_area_struct *vma, if (error) return error; @@ -106551,7 +107109,7 @@ index 9ec50a3..0476e2d 100644 vma_lock_anon_vma(vma); /* -@@ -2240,9 +2570,17 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2240,9 +2572,17 @@ int expand_downwards(struct vm_area_struct *vma, */ /* Somebody else might have raced and expanded it already */ @@ -106570,7 +107128,7 @@ index 9ec50a3..0476e2d 100644 size = vma->vm_end - address; grow = (vma->vm_start - address) >> PAGE_SHIFT; -@@ -2267,13 +2605,27 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2267,13 +2607,27 @@ int expand_downwards(struct vm_area_struct *vma, vma->vm_pgoff -= grow; anon_vma_interval_tree_post_update_vma(vma); vma_gap_update(vma); @@ -106598,7 +107156,7 @@ index 9ec50a3..0476e2d 100644 khugepaged_enter_vma_merge(vma, vma->vm_flags); validate_mm(vma->vm_mm); return error; -@@ -2373,6 +2725,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2373,6 +2727,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) do { long nrpages = vma_pages(vma); @@ -106612,7 +107170,7 @@ index 9ec50a3..0476e2d 100644 if (vma->vm_flags & VM_ACCOUNT) nr_accounted += nrpages; vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); -@@ -2417,6 +2776,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2417,6 +2778,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, insertion_point = (prev ? &prev->vm_next : &mm->mmap); vma->vm_prev = NULL; do { @@ -106629,7 +107187,7 @@ index 9ec50a3..0476e2d 100644 vma_rb_erase(vma, &mm->mm_rb); mm->map_count--; tail_vma = vma; -@@ -2444,14 +2813,33 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2444,14 +2815,33 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, struct vm_area_struct *new; int err = -ENOMEM; @@ -106663,7 +107221,7 @@ index 9ec50a3..0476e2d 100644 /* most fields are the same, copy all, and then fixup */ *new = *vma; -@@ -2464,6 +2852,22 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2464,6 +2854,22 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); } @@ -106686,7 +107244,7 @@ index 9ec50a3..0476e2d 100644 err = vma_dup_policy(vma, new); if (err) goto out_free_vma; -@@ -2484,6 +2888,38 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2484,6 +2890,38 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, else err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); @@ -106725,7 +107283,7 @@ index 9ec50a3..0476e2d 100644 /* Success. */ if (!err) return 0; -@@ -2493,10 +2929,18 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2493,10 +2931,18 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, new->vm_ops->close(new); if (new->vm_file) fput(new->vm_file); @@ -106745,7 +107303,7 @@ index 9ec50a3..0476e2d 100644 kmem_cache_free(vm_area_cachep, new); out_err: return err; -@@ -2509,6 +2953,15 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2509,6 +2955,15 @@ static int __split_vma(struct mm_struct *mm, struct vm_area_struct *vma, int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, unsigned long addr, int new_below) { @@ -106761,7 +107319,7 @@ index 9ec50a3..0476e2d 100644 if (mm->map_count >= sysctl_max_map_count) return -ENOMEM; -@@ -2520,11 +2973,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2520,11 +2975,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, * work. This now handles partial unmappings. * Jeremy Fitzhardinge <jeremy@goop.org> */ @@ -106792,7 +107350,7 @@ index 9ec50a3..0476e2d 100644 if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) return -EINVAL; -@@ -2602,6 +3074,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) +@@ -2602,6 +3076,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) /* Fix up all other VM information */ remove_vma_list(mm, vma); @@ -106801,7 +107359,7 @@ index 9ec50a3..0476e2d 100644 return 0; } -@@ -2610,6 +3084,13 @@ int vm_munmap(unsigned long start, size_t len) +@@ -2610,6 +3086,13 @@ int vm_munmap(unsigned long start, size_t len) int ret; struct mm_struct *mm = current->mm; @@ -106815,7 +107373,7 @@ index 9ec50a3..0476e2d 100644 down_write(&mm->mmap_sem); ret = do_munmap(mm, start, len); up_write(&mm->mmap_sem); -@@ -2656,6 +3137,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, +@@ -2656,6 +3139,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, down_write(&mm->mmap_sem); vma = find_vma(mm, start); @@ -106827,7 +107385,7 @@ index 9ec50a3..0476e2d 100644 if (!vma || !(vma->vm_flags & VM_SHARED)) goto out; -@@ -2692,16 +3178,6 @@ out: +@@ -2692,16 +3180,6 @@ out: return ret; } @@ -106844,7 +107402,7 @@ index 9ec50a3..0476e2d 100644 /* * this is really a simplified "do_mmap". it only handles * anonymous maps. eventually we may be able to do some -@@ -2715,6 +3191,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2715,6 +3193,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) struct rb_node **rb_link, *rb_parent; pgoff_t pgoff = addr >> PAGE_SHIFT; int error; @@ -106852,7 +107410,7 @@ index 9ec50a3..0476e2d 100644 len = PAGE_ALIGN(len); if (!len) -@@ -2722,10 +3199,24 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2722,10 +3201,24 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; @@ -106877,15 +107435,10 @@ index 9ec50a3..0476e2d 100644 error = mlock_future_check(mm, mm->def_flags, len); if (error) return error; -@@ -2739,21 +3230,20 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) - /* - * Clear old maps. this also does some error checking for us - */ -- munmap_back: - if (find_vma_links(mm, addr, addr + len, &prev, &rb_link, &rb_parent)) { +@@ -2743,16 +3236,17 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) + &rb_parent)) { if (do_munmap(mm, addr, len)) return -ENOMEM; -- goto munmap_back; + BUG_ON(find_vma_links(mm, addr, addr + len, &prev, &rb_link, &rb_parent)); } @@ -106902,7 +107455,7 @@ index 9ec50a3..0476e2d 100644 return -ENOMEM; /* Can we just expand an old private anonymous mapping? */ -@@ -2767,7 +3257,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2766,7 +3260,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) */ vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); if (!vma) { @@ -106911,7 +107464,7 @@ index 9ec50a3..0476e2d 100644 return -ENOMEM; } -@@ -2781,10 +3271,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2780,10 +3274,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) vma_link(mm, vma, prev, rb_link, rb_parent); out: perf_event_mmap(vma); @@ -106925,7 +107478,7 @@ index 9ec50a3..0476e2d 100644 return addr; } -@@ -2846,6 +3337,7 @@ void exit_mmap(struct mm_struct *mm) +@@ -2845,6 +3340,7 @@ void exit_mmap(struct mm_struct *mm) while (vma) { if (vma->vm_flags & VM_ACCOUNT) nr_accounted += vma_pages(vma); @@ -106933,7 +107486,7 @@ index 9ec50a3..0476e2d 100644 vma = remove_vma(vma); } vm_unacct_memory(nr_accounted); -@@ -2860,6 +3352,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2859,6 +3355,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) struct vm_area_struct *prev; struct rb_node **rb_link, *rb_parent; @@ -106947,7 +107500,7 @@ index 9ec50a3..0476e2d 100644 /* * The vm_pgoff of a purely anonymous vma should be irrelevant * until its first write fault, when page's anon_vma and index -@@ -2883,7 +3382,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2882,7 +3385,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) security_vm_enough_memory_mm(mm, vma_pages(vma))) return -ENOMEM; @@ -106969,7 +107522,7 @@ index 9ec50a3..0476e2d 100644 return 0; } -@@ -2902,6 +3415,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, +@@ -2901,6 +3418,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, struct rb_node **rb_link, *rb_parent; bool faulted_in_anon_vma = true; @@ -106978,7 +107531,7 @@ index 9ec50a3..0476e2d 100644 /* * If anonymous vma has not yet been faulted, update new pgoff * to match new location, to increase its chance of merging. -@@ -2966,6 +3481,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, +@@ -2965,6 +3484,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, return NULL; } @@ -107018,7 +107571,7 @@ index 9ec50a3..0476e2d 100644 /* * Return true if the calling process may expand its vm space by the passed * number of pages -@@ -2977,6 +3525,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) +@@ -2976,6 +3528,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; @@ -107026,7 +107579,7 @@ index 9ec50a3..0476e2d 100644 if (cur + npages > lim) return 0; return 1; -@@ -3059,6 +3608,22 @@ static struct vm_area_struct *__install_special_mapping( +@@ -3058,6 +3611,22 @@ static struct vm_area_struct *__install_special_mapping( vma->vm_start = addr; vma->vm_end = addr + len; @@ -107279,7 +107832,7 @@ index 8858483..72f2464 100644 if (nstart < prev->vm_end) diff --git a/mm/mremap.c b/mm/mremap.c -index 2dc44b1..caa1819 100644 +index 034e2d3..81deca5 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -142,6 +142,12 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd, @@ -107297,17 +107850,17 @@ index 2dc44b1..caa1819 100644 } @@ -350,6 +356,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr, if (is_vm_hugetlb_page(vma)) - goto Einval; + return ERR_PTR(-EINVAL); +#ifdef CONFIG_PAX_SEGMEXEC + if (pax_find_mirror_vma(vma)) -+ goto Einval; ++ return ERR_PTR(-EINVAL); +#endif + /* We can't remap across vm area boundaries */ if (old_len > vma->vm_end - addr) - goto Efault; -@@ -405,20 +416,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, + return ERR_PTR(-EFAULT); +@@ -396,20 +407,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, unsigned long ret = -EINVAL; unsigned long charged = 0; unsigned long map_flags; @@ -107338,7 +107891,7 @@ index 2dc44b1..caa1819 100644 goto out; ret = do_munmap(mm, new_addr, new_len); -@@ -487,6 +503,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -478,6 +494,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, unsigned long ret = -EINVAL; unsigned long charged = 0; bool locked = false; @@ -107346,7 +107899,7 @@ index 2dc44b1..caa1819 100644 if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE)) return ret; -@@ -508,6 +525,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -499,6 +516,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, if (!new_len) return ret; @@ -107364,7 +107917,7 @@ index 2dc44b1..caa1819 100644 down_write(¤t->mm->mmap_sem); if (flags & MREMAP_FIXED) { -@@ -558,6 +586,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -549,6 +577,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, new_addr = addr; } ret = addr; @@ -107372,7 +107925,7 @@ index 2dc44b1..caa1819 100644 goto out; } } -@@ -581,7 +610,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -572,7 +601,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, goto out; } @@ -107386,7 +107939,7 @@ index 2dc44b1..caa1819 100644 out: if (ret & ~PAGE_MASK) diff --git a/mm/nommu.c b/mm/nommu.c -index 3fba2dc9..fdad748 100644 +index e544508..b56ce7a 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -72,7 +72,6 @@ int sysctl_max_map_count = DEFAULT_MAX_MAP_COUNT; @@ -107453,7 +108006,7 @@ index 3fba2dc9..fdad748 100644 struct mm_struct *mm; diff --git a/mm/page-writeback.c b/mm/page-writeback.c -index ad05f2f..cee723a 100644 +index eb59f7e..b23a2a8 100644 --- a/mm/page-writeback.c +++ b/mm/page-writeback.c @@ -664,7 +664,7 @@ static long long pos_ratio_polynom(unsigned long setpoint, @@ -107466,7 +108019,7 @@ index ad05f2f..cee723a 100644 unsigned long bg_thresh, unsigned long dirty, diff --git a/mm/page_alloc.c b/mm/page_alloc.c -index 40e2942..0eb29a2 100644 +index ebffa0e..c61160a 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -61,6 +61,7 @@ @@ -107571,7 +108124,25 @@ index 40e2942..0eb29a2 100644 if (order && (gfp_flags & __GFP_COMP)) prep_compound_page(page, order); -@@ -1699,7 +1739,7 @@ struct page *buffered_rmqueue(struct zone *preferred_zone, +@@ -1649,6 +1689,8 @@ int __isolate_free_page(struct page *page, unsigned int order) + zone->free_area[order].nr_free--; + rmv_page_order(page); + ++ set_page_owner(page, order, 0); ++ + /* Set the pageblock if the isolated page is at least a pageblock */ + if (order >= pageblock_order - 1) { + struct page *endpage = page + (1 << order) - 1; +@@ -1660,7 +1702,7 @@ int __isolate_free_page(struct page *page, unsigned int order) + } + } + +- set_page_owner(page, order, 0); ++ + return 1UL << order; + } + +@@ -1749,7 +1791,7 @@ struct page *buffered_rmqueue(struct zone *preferred_zone, } __mod_zone_page_state(zone, NR_ALLOC_BATCH, -(1 << order)); @@ -107580,7 +108151,7 @@ index 40e2942..0eb29a2 100644 !test_bit(ZONE_FAIR_DEPLETED, &zone->flags)) set_bit(ZONE_FAIR_DEPLETED, &zone->flags); -@@ -2018,7 +2058,7 @@ static void reset_alloc_batches(struct zone *preferred_zone) +@@ -2068,7 +2110,7 @@ static void reset_alloc_batches(struct zone *preferred_zone) do { mod_zone_page_state(zone, NR_ALLOC_BATCH, high_wmark_pages(zone) - low_wmark_pages(zone) - @@ -107589,7 +108160,7 @@ index 40e2942..0eb29a2 100644 clear_bit(ZONE_FAIR_DEPLETED, &zone->flags); } while (zone++ != preferred_zone); } -@@ -5738,7 +5778,7 @@ static void __setup_per_zone_wmarks(void) +@@ -5781,7 +5823,7 @@ static void __setup_per_zone_wmarks(void) __mod_zone_page_state(zone, NR_ALLOC_BATCH, high_wmark_pages(zone) - low_wmark_pages(zone) - @@ -107599,7 +108170,7 @@ index 40e2942..0eb29a2 100644 setup_zone_migrate_reserve(zone); spin_unlock_irqrestore(&zone->lock, flags); diff --git a/mm/percpu.c b/mm/percpu.c -index 73c97a5..508ee25 100644 +index 2dd7448..9bb6305 100644 --- a/mm/percpu.c +++ b/mm/percpu.c @@ -131,7 +131,7 @@ static unsigned int pcpu_low_unit_cpu __read_mostly; @@ -107612,7 +108183,7 @@ index 73c97a5..508ee25 100644 static const int *pcpu_unit_map __read_mostly; /* cpu -> unit */ diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c -index b159769..d07037f 100644 +index e88d071..d80e01a 100644 --- a/mm/process_vm_access.c +++ b/mm/process_vm_access.c @@ -13,6 +13,7 @@ @@ -107663,7 +108234,7 @@ index b159769..d07037f 100644 if (!mm || IS_ERR(mm)) { rc = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH; diff --git a/mm/rmap.c b/mm/rmap.c -index c161a14..8a069bb 100644 +index 24dd3f9..4eb43f4 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -166,6 +166,10 @@ int anon_vma_prepare(struct vm_area_struct *vma) @@ -107767,12 +108338,12 @@ index c161a14..8a069bb 100644 /* diff --git a/mm/shmem.c b/mm/shmem.c -index cf2d0ca..ec06b8b 100644 +index 47d536e..8321b4e 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -33,7 +33,7 @@ #include <linux/swap.h> - #include <linux/aio.h> + #include <linux/uio.h> -static struct vfsmount *shm_mnt; +struct vfsmount *shm_mnt; @@ -107827,7 +108398,7 @@ index cf2d0ca..ec06b8b 100644 return -ENOMEM; diff --git a/mm/slab.c b/mm/slab.c -index c4b89ea..20990be 100644 +index 7eb38dd..a5172b1 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -314,10 +314,12 @@ static void kmem_cache_node_init(struct kmem_cache_node *parent) @@ -107865,7 +108436,7 @@ index c4b89ea..20990be 100644 { u32 offset = (obj - page->s_mem); return reciprocal_divide(offset, cache->reciprocal_buffer_size); -@@ -1438,7 +1442,7 @@ void __init kmem_cache_init(void) +@@ -1452,7 +1456,7 @@ void __init kmem_cache_init(void) * structures first. Without this, further allocations will bug. */ kmalloc_caches[INDEX_NODE] = create_kmalloc_cache("kmalloc-node", @@ -107874,7 +108445,7 @@ index c4b89ea..20990be 100644 slab_state = PARTIAL_NODE; slab_early_init = 0; -@@ -2059,7 +2063,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, +@@ -2073,7 +2077,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, cachep = find_mergeable(size, align, flags, name, ctor); if (cachep) { @@ -107883,7 +108454,7 @@ index c4b89ea..20990be 100644 /* * Adjust the object sizes so that we clear -@@ -3357,6 +3361,20 @@ static inline void __cache_free(struct kmem_cache *cachep, void *objp, +@@ -3371,6 +3375,20 @@ static inline void __cache_free(struct kmem_cache *cachep, void *objp, struct array_cache *ac = cpu_cache_get(cachep); check_irq_off(); @@ -107904,7 +108475,7 @@ index c4b89ea..20990be 100644 kmemleak_free_recursive(objp, cachep->flags); objp = cache_free_debugcheck(cachep, objp, caller); -@@ -3469,7 +3487,7 @@ __do_kmalloc_node(size_t size, gfp_t flags, int node, unsigned long caller) +@@ -3483,7 +3501,7 @@ __do_kmalloc_node(size_t size, gfp_t flags, int node, unsigned long caller) return kmem_cache_alloc_node_trace(cachep, flags, node, size); } @@ -107913,7 +108484,7 @@ index c4b89ea..20990be 100644 { return __do_kmalloc_node(size, flags, node, _RET_IP_); } -@@ -3489,7 +3507,7 @@ EXPORT_SYMBOL(__kmalloc_node_track_caller); +@@ -3503,7 +3521,7 @@ EXPORT_SYMBOL(__kmalloc_node_track_caller); * @flags: the type of memory to allocate (see kmalloc). * @caller: function caller for debug tracking of the caller */ @@ -107922,7 +108493,7 @@ index c4b89ea..20990be 100644 unsigned long caller) { struct kmem_cache *cachep; -@@ -3562,6 +3580,7 @@ void kfree(const void *objp) +@@ -3576,6 +3594,7 @@ void kfree(const void *objp) if (unlikely(ZERO_OR_NULL_PTR(objp))) return; @@ -107930,7 +108501,7 @@ index c4b89ea..20990be 100644 local_irq_save(flags); kfree_debugcheck(objp); c = virt_to_cache(objp); -@@ -3981,14 +4000,22 @@ void slabinfo_show_stats(struct seq_file *m, struct kmem_cache *cachep) +@@ -3995,14 +4014,22 @@ void slabinfo_show_stats(struct seq_file *m, struct kmem_cache *cachep) } /* cpu stats */ { @@ -107957,7 +108528,7 @@ index c4b89ea..20990be 100644 #endif } -@@ -4196,13 +4223,69 @@ static const struct file_operations proc_slabstats_operations = { +@@ -4210,13 +4237,69 @@ static const struct file_operations proc_slabstats_operations = { static int __init slab_proc_init(void) { #ifdef CONFIG_DEBUG_SLAB_LEAK @@ -108293,7 +108864,7 @@ index 999bb34..9843aea 100644 { void *ret; diff --git a/mm/slob.c b/mm/slob.c -index 94a7fed..cf3fb1a 100644 +index 4765f65..fafa9d5 100644 --- a/mm/slob.c +++ b/mm/slob.c @@ -157,7 +157,7 @@ static void set_slob(slob_t *s, slobidx_t size, slob_t *next) @@ -108591,7 +109162,7 @@ index 94a7fed..cf3fb1a 100644 @@ -534,23 +636,33 @@ int __kmem_cache_create(struct kmem_cache *c, unsigned long flags) - void *slob_alloc_node(struct kmem_cache *c, gfp_t flags, int node) + static void *slob_alloc_node(struct kmem_cache *c, gfp_t flags, int node) { - void *b; + void *b = NULL; @@ -108625,7 +109196,7 @@ index 94a7fed..cf3fb1a 100644 if (b && c->ctor) c->ctor(b); -@@ -567,7 +679,7 @@ void *kmem_cache_alloc(struct kmem_cache *cachep, gfp_t flags) +@@ -566,7 +678,7 @@ void *kmem_cache_alloc(struct kmem_cache *cachep, gfp_t flags) EXPORT_SYMBOL(kmem_cache_alloc); #ifdef CONFIG_NUMA @@ -108634,7 +109205,7 @@ index 94a7fed..cf3fb1a 100644 { return __do_kmalloc_node(size, gfp, node, _RET_IP_); } -@@ -580,12 +692,16 @@ void *kmem_cache_alloc_node(struct kmem_cache *cachep, gfp_t gfp, int node) +@@ -579,12 +691,16 @@ void *kmem_cache_alloc_node(struct kmem_cache *cachep, gfp_t gfp, int node) EXPORT_SYMBOL(kmem_cache_alloc_node); #endif @@ -108655,7 +109226,7 @@ index 94a7fed..cf3fb1a 100644 } static void kmem_rcu_free(struct rcu_head *head) -@@ -593,22 +709,36 @@ static void kmem_rcu_free(struct rcu_head *head) +@@ -592,22 +708,36 @@ static void kmem_rcu_free(struct rcu_head *head) struct slob_rcu *slob_rcu = (struct slob_rcu *)head; void *b = (void *)slob_rcu - (slob_rcu->size - sizeof(struct slob_rcu)); @@ -108697,7 +109268,7 @@ index 94a7fed..cf3fb1a 100644 EXPORT_SYMBOL(kmem_cache_free); diff --git a/mm/slub.c b/mm/slub.c -index 82c4737..55c316a 100644 +index 54c0876..31383a1 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -198,7 +198,7 @@ struct track { @@ -108718,7 +109289,7 @@ index 82c4737..55c316a 100644 s, (void *)t->addr, jiffies - t->when, t->cpu, t->pid); #ifdef CONFIG_STACKTRACE { -@@ -2709,6 +2709,14 @@ static __always_inline void slab_free(struct kmem_cache *s, +@@ -2707,6 +2707,14 @@ static __always_inline void slab_free(struct kmem_cache *s, slab_free_hook(s, x); @@ -108733,7 +109304,7 @@ index 82c4737..55c316a 100644 redo: /* * Determine the currently cpus per cpu slab. -@@ -3050,6 +3058,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) +@@ -3048,6 +3056,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) s->inuse = size; if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) || @@ -108743,7 +109314,7 @@ index 82c4737..55c316a 100644 s->ctor)) { /* * Relocate free pointer after the object if it is not -@@ -3304,7 +3315,7 @@ static int __init setup_slub_min_objects(char *str) +@@ -3302,7 +3313,7 @@ static int __init setup_slub_min_objects(char *str) __setup("slub_min_objects=", setup_slub_min_objects); @@ -108752,7 +109323,7 @@ index 82c4737..55c316a 100644 { struct kmem_cache *s; void *ret; -@@ -3342,7 +3353,7 @@ static void *kmalloc_large_node(size_t size, gfp_t flags, int node) +@@ -3340,7 +3351,7 @@ static void *kmalloc_large_node(size_t size, gfp_t flags, int node) return ptr; } @@ -108761,7 +109332,7 @@ index 82c4737..55c316a 100644 { struct kmem_cache *s; void *ret; -@@ -3390,6 +3401,59 @@ static size_t __ksize(const void *object) +@@ -3388,6 +3399,59 @@ static size_t __ksize(const void *object) return slab_ksize(page->slab_cache); } @@ -108821,7 +109392,7 @@ index 82c4737..55c316a 100644 size_t ksize(const void *object) { size_t size = __ksize(object); -@@ -3410,6 +3474,7 @@ void kfree(const void *x) +@@ -3408,6 +3472,7 @@ void kfree(const void *x) if (unlikely(ZERO_OR_NULL_PTR(x))) return; @@ -108829,7 +109400,7 @@ index 82c4737..55c316a 100644 page = virt_to_head_page(x); if (unlikely(!PageSlab(page))) { BUG_ON(!PageCompound(page)); -@@ -3726,7 +3791,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, +@@ -3724,7 +3789,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, s = find_mergeable(size, align, flags, name, ctor); if (s) { @@ -108838,7 +109409,7 @@ index 82c4737..55c316a 100644 /* * Adjust the object sizes so that we clear -@@ -3742,7 +3807,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, +@@ -3740,7 +3805,7 @@ __kmem_cache_alias(const char *name, size_t size, size_t align, } if (sysfs_slab_alias(s, name)) { @@ -108847,7 +109418,7 @@ index 82c4737..55c316a 100644 s = NULL; } } -@@ -3859,7 +3924,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, +@@ -3857,7 +3922,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, } #endif @@ -108856,7 +109427,7 @@ index 82c4737..55c316a 100644 static int count_inuse(struct page *page) { return page->inuse; -@@ -4140,7 +4205,11 @@ static int list_locations(struct kmem_cache *s, char *buf, +@@ -4138,7 +4203,11 @@ static int list_locations(struct kmem_cache *s, char *buf, len += sprintf(buf + len, "%7ld ", l->count); if (l->addr) @@ -108868,7 +109439,7 @@ index 82c4737..55c316a 100644 else len += sprintf(buf + len, "<not-available>"); -@@ -4238,12 +4307,12 @@ static void __init resiliency_test(void) +@@ -4236,12 +4305,12 @@ static void __init resiliency_test(void) validate_slab_cache(kmalloc_caches[9]); } #else @@ -108883,7 +109454,7 @@ index 82c4737..55c316a 100644 enum slab_stat_type { SL_ALL, /* All slabs */ SL_PARTIAL, /* Only partially allocated slabs */ -@@ -4480,13 +4549,17 @@ static ssize_t ctor_show(struct kmem_cache *s, char *buf) +@@ -4478,13 +4547,17 @@ static ssize_t ctor_show(struct kmem_cache *s, char *buf) { if (!s->ctor) return 0; @@ -108902,7 +109473,7 @@ index 82c4737..55c316a 100644 } SLAB_ATTR_RO(aliases); -@@ -4574,6 +4647,22 @@ static ssize_t cache_dma_show(struct kmem_cache *s, char *buf) +@@ -4572,6 +4645,22 @@ static ssize_t cache_dma_show(struct kmem_cache *s, char *buf) SLAB_ATTR_RO(cache_dma); #endif @@ -108925,7 +109496,7 @@ index 82c4737..55c316a 100644 static ssize_t destroy_by_rcu_show(struct kmem_cache *s, char *buf) { return sprintf(buf, "%d\n", !!(s->flags & SLAB_DESTROY_BY_RCU)); -@@ -4629,7 +4718,7 @@ static ssize_t trace_store(struct kmem_cache *s, const char *buf, +@@ -4627,7 +4716,7 @@ static ssize_t trace_store(struct kmem_cache *s, const char *buf, * as well as cause other issues like converting a mergeable * cache into an umergeable one. */ @@ -108934,7 +109505,7 @@ index 82c4737..55c316a 100644 return -EINVAL; s->flags &= ~SLAB_TRACE; -@@ -4749,7 +4838,7 @@ static ssize_t failslab_show(struct kmem_cache *s, char *buf) +@@ -4747,7 +4836,7 @@ static ssize_t failslab_show(struct kmem_cache *s, char *buf) static ssize_t failslab_store(struct kmem_cache *s, const char *buf, size_t length) { @@ -108943,7 +109514,7 @@ index 82c4737..55c316a 100644 return -EINVAL; s->flags &= ~SLAB_FAILSLAB; -@@ -4916,6 +5005,12 @@ static struct attribute *slab_attrs[] = { +@@ -4914,6 +5003,12 @@ static struct attribute *slab_attrs[] = { #ifdef CONFIG_ZONE_DMA &cache_dma_attr.attr, #endif @@ -108956,7 +109527,7 @@ index 82c4737..55c316a 100644 #ifdef CONFIG_NUMA &remote_node_defrag_ratio_attr.attr, #endif -@@ -5157,6 +5252,7 @@ static char *create_unique_id(struct kmem_cache *s) +@@ -5155,6 +5250,7 @@ static char *create_unique_id(struct kmem_cache *s) return name; } @@ -108964,7 +109535,7 @@ index 82c4737..55c316a 100644 static int sysfs_slab_add(struct kmem_cache *s) { int err; -@@ -5230,6 +5326,7 @@ void sysfs_slab_remove(struct kmem_cache *s) +@@ -5228,6 +5324,7 @@ void sysfs_slab_remove(struct kmem_cache *s) kobject_del(&s->kobj); kobject_put(&s->kobj); } @@ -108972,7 +109543,7 @@ index 82c4737..55c316a 100644 /* * Need to buffer aliases during bootup until sysfs becomes -@@ -5243,6 +5340,7 @@ struct saved_alias { +@@ -5241,6 +5338,7 @@ struct saved_alias { static struct saved_alias *alias_list; @@ -108980,7 +109551,7 @@ index 82c4737..55c316a 100644 static int sysfs_slab_alias(struct kmem_cache *s, const char *name) { struct saved_alias *al; -@@ -5265,6 +5363,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) +@@ -5263,6 +5361,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) alias_list = al; return 0; } @@ -109024,20 +109595,12 @@ index d1b48b6..6e8590e 100644 } } diff --git a/mm/swap.c b/mm/swap.c -index cd3a5e6..40c0c8f 100644 +index a7251a8..ac754a9 100644 --- a/mm/swap.c +++ b/mm/swap.c -@@ -31,6 +31,7 @@ - #include <linux/memcontrol.h> - #include <linux/gfp.h> - #include <linux/uio.h> -+#include <linux/hugetlb.h> - - #include "internal.h" - -@@ -77,6 +78,8 @@ static void __put_compound_page(struct page *page) - - __page_cache_release(page); +@@ -85,6 +85,8 @@ static void __put_compound_page(struct page *page) + if (!PageHuge(page)) + __page_cache_release(page); dtor = get_compound_page_dtor(page); + if (!PageHuge(page)) + BUG_ON(dtor != free_compound_page); @@ -109045,7 +109608,7 @@ index cd3a5e6..40c0c8f 100644 } diff --git a/mm/swapfile.c b/mm/swapfile.c -index 63f55cc..31874e6 100644 +index a7e7210..b286e7d 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -84,7 +84,7 @@ static DEFINE_MUTEX(swapon_mutex); @@ -109096,7 +109659,7 @@ index 63f55cc..31874e6 100644 if (S_ISREG(inode->i_mode)) diff --git a/mm/util.c b/mm/util.c -index 3981ae9..28b585b 100644 +index 68ff8a5..40c7a70 100644 --- a/mm/util.c +++ b/mm/util.c @@ -233,6 +233,12 @@ struct task_struct *task_of_stack(struct task_struct *task, @@ -109112,7 +109675,7 @@ index 3981ae9..28b585b 100644 mm->get_unmapped_area = arch_get_unmapped_area; } #endif -@@ -403,6 +409,9 @@ int get_cmdline(struct task_struct *task, char *buffer, int buflen) +@@ -434,6 +440,9 @@ int get_cmdline(struct task_struct *task, char *buffer, int buflen) if (!mm->arg_end) goto out_mm; /* Shh! No looking before we're done */ @@ -109123,10 +109686,10 @@ index 3981ae9..28b585b 100644 if (len > buflen) diff --git a/mm/vmalloc.c b/mm/vmalloc.c -index 49abccf..7bd1931 100644 +index 2faaa29..9744185 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c -@@ -39,20 +39,65 @@ struct vfree_deferred { +@@ -40,20 +40,65 @@ struct vfree_deferred { struct work_struct wq; }; static DEFINE_PER_CPU(struct vfree_deferred, vfree_deferred); @@ -109195,7 +109758,7 @@ index 49abccf..7bd1931 100644 /*** Page table manipulation functions ***/ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) -@@ -61,8 +106,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) +@@ -62,8 +107,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) pte = pte_offset_kernel(pmd, addr); do { @@ -109217,7 +109780,7 @@ index 49abccf..7bd1931 100644 } while (pte++, addr += PAGE_SIZE, addr != end); } -@@ -122,16 +178,29 @@ static int vmap_pte_range(pmd_t *pmd, unsigned long addr, +@@ -127,16 +183,29 @@ static int vmap_pte_range(pmd_t *pmd, unsigned long addr, pte = pte_alloc_kernel(pmd, addr); if (!pte) return -ENOMEM; @@ -109249,7 +109812,7 @@ index 49abccf..7bd1931 100644 return 0; } -@@ -141,7 +210,7 @@ static int vmap_pmd_range(pud_t *pud, unsigned long addr, +@@ -146,7 +215,7 @@ static int vmap_pmd_range(pud_t *pud, unsigned long addr, pmd_t *pmd; unsigned long next; @@ -109258,7 +109821,7 @@ index 49abccf..7bd1931 100644 if (!pmd) return -ENOMEM; do { -@@ -158,7 +227,7 @@ static int vmap_pud_range(pgd_t *pgd, unsigned long addr, +@@ -163,7 +232,7 @@ static int vmap_pud_range(pgd_t *pgd, unsigned long addr, pud_t *pud; unsigned long next; @@ -109267,7 +109830,7 @@ index 49abccf..7bd1931 100644 if (!pud) return -ENOMEM; do { -@@ -218,6 +287,12 @@ int is_vmalloc_or_module_addr(const void *x) +@@ -223,6 +292,12 @@ int is_vmalloc_or_module_addr(const void *x) if (addr >= MODULES_VADDR && addr < MODULES_END) return 1; #endif @@ -109280,7 +109843,7 @@ index 49abccf..7bd1931 100644 return is_vmalloc_addr(x); } -@@ -238,8 +313,14 @@ struct page *vmalloc_to_page(const void *vmalloc_addr) +@@ -243,8 +318,14 @@ struct page *vmalloc_to_page(const void *vmalloc_addr) if (!pgd_none(*pgd)) { pud_t *pud = pud_offset(pgd, addr); @@ -109295,7 +109858,7 @@ index 49abccf..7bd1931 100644 if (!pmd_none(*pmd)) { pte_t *ptep, pte; -@@ -341,7 +422,7 @@ static void purge_vmap_area_lazy(void); +@@ -346,7 +427,7 @@ static void purge_vmap_area_lazy(void); * Allocate a region of KVA of the specified size and alignment, within the * vstart and vend. */ @@ -109304,7 +109867,7 @@ index 49abccf..7bd1931 100644 unsigned long align, unsigned long vstart, unsigned long vend, int node, gfp_t gfp_mask) -@@ -1182,13 +1263,27 @@ void __init vmalloc_init(void) +@@ -1202,13 +1283,27 @@ void __init vmalloc_init(void) for_each_possible_cpu(i) { struct vmap_block_queue *vbq; struct vfree_deferred *p; @@ -109333,7 +109896,7 @@ index 49abccf..7bd1931 100644 } /* Import existing vmlist entries. */ -@@ -1313,6 +1408,16 @@ static struct vm_struct *__get_vm_area_node(unsigned long size, +@@ -1333,6 +1428,16 @@ static struct vm_struct *__get_vm_area_node(unsigned long size, struct vm_struct *area; BUG_ON(in_interrupt()); @@ -109348,9 +109911,9 @@ index 49abccf..7bd1931 100644 +#endif + if (flags & VM_IOREMAP) - align = 1ul << clamp(fls(size), PAGE_SHIFT, IOREMAP_MAX_ORDER); - -@@ -1510,13 +1615,36 @@ EXPORT_SYMBOL(vfree); + align = 1ul << clamp_t(int, fls_long(size), + PAGE_SHIFT, IOREMAP_MAX_ORDER); +@@ -1531,13 +1636,36 @@ EXPORT_SYMBOL(vfree); */ void vunmap(const void *addr) { @@ -109390,7 +109953,7 @@ index 49abccf..7bd1931 100644 /** * vmap - map an array of pages into virtually contiguous space * @pages: array of page pointers -@@ -1537,6 +1665,11 @@ void *vmap(struct page **pages, unsigned int count, +@@ -1558,6 +1686,11 @@ void *vmap(struct page **pages, unsigned int count, if (count > totalram_pages) return NULL; @@ -109402,7 +109965,7 @@ index 49abccf..7bd1931 100644 area = get_vm_area_caller((count << PAGE_SHIFT), flags, __builtin_return_address(0)); if (!area) -@@ -1641,6 +1774,14 @@ void *__vmalloc_node_range(unsigned long size, unsigned long align, +@@ -1662,6 +1795,14 @@ void *__vmalloc_node_range(unsigned long size, unsigned long align, if (!size || (size >> PAGE_SHIFT) > totalram_pages) goto fail; @@ -109417,7 +109980,7 @@ index 49abccf..7bd1931 100644 area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNINITIALIZED | vm_flags, start, end, node, gfp_mask, caller); if (!area) -@@ -1817,10 +1958,9 @@ EXPORT_SYMBOL(vzalloc_node); +@@ -1838,10 +1979,9 @@ EXPORT_SYMBOL(vzalloc_node); * For tight control over page level allocator and protection flags * use __vmalloc() instead. */ @@ -109429,7 +109992,7 @@ index 49abccf..7bd1931 100644 NUMA_NO_NODE, __builtin_return_address(0)); } -@@ -2127,6 +2267,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, +@@ -2148,6 +2288,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, { struct vm_struct *area; @@ -109438,7 +110001,7 @@ index 49abccf..7bd1931 100644 size = PAGE_ALIGN(size); if (!PAGE_ALIGNED(uaddr) || !PAGE_ALIGNED(kaddr)) -@@ -2609,7 +2751,11 @@ static int s_show(struct seq_file *m, void *p) +@@ -2630,7 +2772,11 @@ static int s_show(struct seq_file *m, void *p) v->addr, v->addr + v->size, v->size); if (v->caller) @@ -109555,10 +110118,10 @@ index 4f5cd97..9fb715a 100644 return 0; } diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c -index 64c6bed..b79a5de 100644 +index 59555f0..fd7ade9 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c -@@ -481,7 +481,7 @@ out: +@@ -491,7 +491,7 @@ out: return NOTIFY_DONE; } @@ -109567,7 +110130,7 @@ index 64c6bed..b79a5de 100644 .notifier_call = vlan_device_event, }; -@@ -556,8 +556,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) +@@ -566,8 +566,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) err = -EPERM; if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) break; @@ -109590,37 +110153,6 @@ index c92b52f..006c052 100644 .kind = "vlan", .maxtype = IFLA_VLAN_MAX, .policy = vlan_policy, -diff --git a/net/9p/client.c b/net/9p/client.c -index e86a9bea..e91f70e 100644 ---- a/net/9p/client.c -+++ b/net/9p/client.c -@@ -596,7 +596,7 @@ static int p9_check_zc_errors(struct p9_client *c, struct p9_req_t *req, - len - inline_len); - } else { - err = copy_from_user(ename + inline_len, -- uidata, len - inline_len); -+ (char __force_user *)uidata, len - inline_len); - if (err) { - err = -EFAULT; - goto out_err; -@@ -1570,7 +1570,7 @@ p9_client_read(struct p9_fid *fid, char *data, char __user *udata, u64 offset, - kernel_buf = 1; - indata = data; - } else -- indata = (__force char *)udata; -+ indata = (__force_kernel char *)udata; - /* - * response header len is 11 - * PDU Header(7) + IO Size (4) -@@ -1645,7 +1645,7 @@ p9_client_write(struct p9_fid *fid, char *data, const char __user *udata, - kernel_buf = 1; - odata = data; - } else -- odata = (char *)udata; -+ odata = (char __force_kernel *)udata; - req = p9_client_zc_rpc(clnt, P9_TWRITE, NULL, odata, 0, rsize, - P9_ZC_HDR_SZ, kernel_buf, "dqd", - fid->fid, offset, rsize); diff --git a/net/9p/mod.c b/net/9p/mod.c index 6ab36ae..6f1841b 100644 --- a/net/9p/mod.c @@ -109644,7 +110176,7 @@ index 6ab36ae..6f1841b 100644 } EXPORT_SYMBOL(v9fs_unregister_trans); diff --git a/net/9p/trans_fd.c b/net/9p/trans_fd.c -index 80d08f6..de63fd1 100644 +index bced8c0..ef253b7 100644 --- a/net/9p/trans_fd.c +++ b/net/9p/trans_fd.c @@ -428,7 +428,7 @@ static int p9_fd_write(struct p9_client *client, void *v, int len) @@ -109710,7 +110242,7 @@ index 876fbe8..8bbea9f 100644 #undef __HANDLE_ITEM } diff --git a/net/atm/lec.c b/net/atm/lec.c -index 4b98f89..5a2f6cb 100644 +index cd3b379..977a3c9 100644 --- a/net/atm/lec.c +++ b/net/atm/lec.c @@ -111,9 +111,9 @@ static inline void lec_arp_put(struct lec_arp_table *entry) @@ -109834,6 +110366,18 @@ index 0447d5d..3cf4728 100644 __AAL_STAT_ITEMS #undef __HANDLE_ITEM } +diff --git a/net/ax25/ax25_subr.c b/net/ax25/ax25_subr.c +index 1997538..3b78e84 100644 +--- a/net/ax25/ax25_subr.c ++++ b/net/ax25/ax25_subr.c +@@ -264,6 +264,7 @@ void ax25_disconnect(ax25_cb *ax25, int reason) + { + ax25_clear_queues(ax25); + ++ ax25_stop_heartbeat(ax25); + ax25_stop_t1timer(ax25); + ax25_stop_t2timer(ax25); + ax25_stop_t3timer(ax25); diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c index 919a5ce..cc6b444 100644 --- a/net/ax25/sysctl_net_ax25.c @@ -109966,10 +110510,10 @@ index 9398c3f..0e79657 100644 atomic_t batman_queue_left; char num_ifaces; diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c -index 1d65c5b..43e55fd 100644 +index 56f9edb..0a13cd1 100644 --- a/net/bluetooth/hci_sock.c +++ b/net/bluetooth/hci_sock.c -@@ -1042,7 +1042,7 @@ static int hci_sock_setsockopt(struct socket *sock, int level, int optname, +@@ -1241,7 +1241,7 @@ static int hci_sock_setsockopt(struct socket *sock, int level, int optname, uf.event_mask[1] = *((u32 *) f->event_mask + 1); } @@ -109979,10 +110523,10 @@ index 1d65c5b..43e55fd 100644 err = -EFAULT; break; diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c -index 6ba33f9..4afc26f 100644 +index dad4197..253bbdf 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c -@@ -3534,8 +3534,10 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, +@@ -3541,8 +3541,10 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, break; case L2CAP_CONF_RFC: @@ -109996,7 +110540,7 @@ index 6ba33f9..4afc26f 100644 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && rfc.mode != chan->mode) diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c -index 60694f0..32623ed 100644 +index a7278f0..3443626 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c @@ -633,7 +633,8 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, @@ -110047,7 +110591,7 @@ index 60694f0..32623ed 100644 err = -EFAULT; break; diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c -index 3c6d2c8..6afc970 100644 +index 825e8fb..efc24a4 100644 --- a/net/bluetooth/rfcomm/sock.c +++ b/net/bluetooth/rfcomm/sock.c @@ -686,7 +686,7 @@ static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, c @@ -110091,7 +110635,7 @@ index 8e385a0..a5bdd8e 100644 tty_port_close(&dev->port, tty, filp); } diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c -index 4096089..c602d26 100644 +index e29ad70b..cc00066 100644 --- a/net/bridge/br_mdb.c +++ b/net/bridge/br_mdb.c @@ -371,6 +371,7 @@ static int __br_mdb_add(struct net *net, struct net_bridge *br, @@ -110111,10 +110655,10 @@ index 4096089..c602d26 100644 if (ip.proto == htons(ETH_P_IP)) { if (timer_pending(&br->ip4_other_query.timer)) diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c -index 4fbcea0..69a6786 100644 +index 4b5c236..0627070 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c -@@ -726,7 +726,7 @@ static struct rtnl_af_ops br_af_ops __read_mostly = { +@@ -841,7 +841,7 @@ static struct rtnl_af_ops br_af_ops __read_mostly = { .get_link_af_size = br_get_link_af_size, }; @@ -110211,10 +110755,10 @@ index 67a4a36..8d28068 100644 .priv_size = sizeof(struct chnl_net), .setup = ipcaif_net_setup, diff --git a/net/can/af_can.c b/net/can/af_can.c -index 32d710e..93bcf05 100644 +index 689c818..6323851 100644 --- a/net/can/af_can.c +++ b/net/can/af_can.c -@@ -884,7 +884,7 @@ static const struct net_proto_family can_family_ops = { +@@ -888,7 +888,7 @@ static const struct net_proto_family can_family_ops = { }; /* notifier block for netdevice event */ @@ -110224,10 +110768,10 @@ index 32d710e..93bcf05 100644 }; diff --git a/net/can/bcm.c b/net/can/bcm.c -index ee9ffd9..dfdf3d4 100644 +index b523453..f96e639 100644 --- a/net/can/bcm.c +++ b/net/can/bcm.c -@@ -1619,7 +1619,7 @@ static int __init bcm_module_init(void) +@@ -1618,7 +1618,7 @@ static int __init bcm_module_init(void) } /* create /proc/net/can-bcm directory */ @@ -110281,7 +110825,7 @@ index 1a19b98..df2b4ec 100644 if (!can_dir) { printk(KERN_INFO "can: failed to create /proc/net/can . " diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c -index a9f4ae4..ee19b92 100644 +index 967080a..5e75f04 100644 --- a/net/ceph/messenger.c +++ b/net/ceph/messenger.c @@ -188,7 +188,7 @@ static void con_fault(struct ceph_connection *con); @@ -110303,10 +110847,10 @@ index a9f4ae4..ee19b92 100644 switch (ss->ss_family) { diff --git a/net/compat.c b/net/compat.c -index f7bd286..76ea56a 100644 +index 5cfd26a..7e43828 100644 --- a/net/compat.c +++ b/net/compat.c -@@ -100,20 +100,20 @@ ssize_t get_compat_msghdr(struct msghdr *kmsg, +@@ -98,20 +98,20 @@ int get_compat_msghdr(struct msghdr *kmsg, #define CMSG_COMPAT_FIRSTHDR(msg) \ (((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \ @@ -110330,7 +110874,7 @@ index f7bd286..76ea56a 100644 msg->msg_controllen) return NULL; return (struct compat_cmsghdr __user *)ptr; -@@ -203,7 +203,7 @@ Efault: +@@ -201,7 +201,7 @@ Efault: int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data) { @@ -110339,7 +110883,7 @@ index f7bd286..76ea56a 100644 struct compat_cmsghdr cmhdr; struct compat_timeval ctv; struct compat_timespec cts[3]; -@@ -259,7 +259,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *dat +@@ -257,7 +257,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *dat void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm) { @@ -110348,7 +110892,7 @@ index f7bd286..76ea56a 100644 int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) / sizeof(int); int fdnum = scm->fp->count; struct file **fp = scm->fp->fp; -@@ -347,7 +347,7 @@ static int do_set_sock_timeout(struct socket *sock, int level, +@@ -345,7 +345,7 @@ static int do_set_sock_timeout(struct socket *sock, int level, return -EFAULT; old_fs = get_fs(); set_fs(KERNEL_DS); @@ -110357,7 +110901,7 @@ index f7bd286..76ea56a 100644 set_fs(old_fs); return err; -@@ -408,7 +408,7 @@ static int do_get_sock_timeout(struct socket *sock, int level, int optname, +@@ -406,7 +406,7 @@ static int do_get_sock_timeout(struct socket *sock, int level, int optname, len = sizeof(ktime); old_fs = get_fs(); set_fs(KERNEL_DS); @@ -110366,7 +110910,7 @@ index f7bd286..76ea56a 100644 set_fs(old_fs); if (!err) { -@@ -551,7 +551,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, +@@ -549,7 +549,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, case MCAST_JOIN_GROUP: case MCAST_LEAVE_GROUP: { @@ -110375,7 +110919,7 @@ index f7bd286..76ea56a 100644 struct group_req __user *kgr = compat_alloc_user_space(sizeof(struct group_req)); u32 interface; -@@ -572,7 +572,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, +@@ -570,7 +570,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, case MCAST_BLOCK_SOURCE: case MCAST_UNBLOCK_SOURCE: { @@ -110384,7 +110928,7 @@ index f7bd286..76ea56a 100644 struct group_source_req __user *kgsr = compat_alloc_user_space( sizeof(struct group_source_req)); u32 interface; -@@ -593,7 +593,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, +@@ -591,7 +591,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, } case MCAST_MSFILTER: { @@ -110393,7 +110937,7 @@ index f7bd286..76ea56a 100644 struct group_filter __user *kgf; u32 interface, fmode, numsrc; -@@ -631,7 +631,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int optname, +@@ -629,7 +629,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int optname, char __user *optval, int __user *optlen, int (*getsockopt)(struct sock *, int, int, char __user *, int __user *)) { @@ -110402,7 +110946,7 @@ index f7bd286..76ea56a 100644 struct group_filter __user *kgf; int __user *koptlen; u32 interface, fmode, numsrc; -@@ -775,7 +775,7 @@ COMPAT_SYSCALL_DEFINE2(socketcall, int, call, u32 __user *, args) +@@ -773,7 +773,7 @@ COMPAT_SYSCALL_DEFINE2(socketcall, int, call, u32 __user *, args) if (call < SYS_SOCKET || call > SYS_SENDMMSG) return -EINVAL; @@ -110412,10 +110956,87 @@ index f7bd286..76ea56a 100644 a0 = a[0]; a1 = a[1]; diff --git a/net/core/datagram.c b/net/core/datagram.c -index df493d6..1145766 100644 +index b80fb91..d9f4ea5 100644 --- a/net/core/datagram.c +++ b/net/core/datagram.c -@@ -302,7 +302,7 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags) +@@ -131,6 +131,35 @@ out_noerr: + goto out; + } + ++static int skb_set_peeked(struct sk_buff *skb) ++{ ++ struct sk_buff *nskb; ++ ++ if (skb->peeked) ++ return 0; ++ ++ /* We have to unshare an skb before modifying it. */ ++ if (!skb_shared(skb)) ++ goto done; ++ ++ nskb = skb_clone(skb, GFP_ATOMIC); ++ if (!nskb) ++ return -ENOMEM; ++ ++ skb->prev->next = nskb; ++ skb->next->prev = nskb; ++ nskb->prev = skb->prev; ++ nskb->next = skb->next; ++ ++ consume_skb(skb); ++ skb = nskb; ++ ++done: ++ skb->peeked = 1; ++ ++ return 0; ++} ++ + /** + * __skb_recv_datagram - Receive a datagram skbuff + * @sk: socket +@@ -165,7 +194,9 @@ out_noerr: + struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + int *peeked, int *off, int *err) + { ++ struct sk_buff_head *queue = &sk->sk_receive_queue; + struct sk_buff *skb, *last; ++ unsigned long cpu_flags; + long timeo; + /* + * Caller is allowed not to check sk->sk_err before skb_recv_datagram() +@@ -184,8 +215,6 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + * Look at current nfs client by the way... + * However, this function was correct in any case. 8) + */ +- unsigned long cpu_flags; +- struct sk_buff_head *queue = &sk->sk_receive_queue; + int _off = *off; + + last = (struct sk_buff *)queue; +@@ -199,7 +228,11 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + _off -= skb->len; + continue; + } +- skb->peeked = 1; ++ ++ error = skb_set_peeked(skb); ++ if (error) ++ goto unlock_err; ++ + atomic_inc(&skb->users); + } else + __skb_unlink(skb, queue); +@@ -223,6 +256,8 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + + return NULL; + ++unlock_err: ++ spin_unlock_irqrestore(&queue->lock, cpu_flags); + no_packet: + *err = error; + return NULL; +@@ -302,7 +337,7 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags) } kfree_skb(skb); @@ -110424,28 +111045,49 @@ index df493d6..1145766 100644 sk_mem_reclaim_partial(sk); return err; +@@ -622,7 +657,8 @@ __sum16 __skb_checksum_complete_head(struct sk_buff *skb, int len) + !skb->csum_complete_sw) + netdev_rx_csum_fault(skb->dev); + } +- skb->csum_valid = !sum; ++ if (!skb_shared(skb)) ++ skb->csum_valid = !sum; + return sum; + } + EXPORT_SYMBOL(__skb_checksum_complete_head); +@@ -642,11 +678,13 @@ __sum16 __skb_checksum_complete(struct sk_buff *skb) + netdev_rx_csum_fault(skb->dev); + } + +- /* Save full packet checksum */ +- skb->csum = csum; +- skb->ip_summed = CHECKSUM_COMPLETE; +- skb->csum_complete_sw = 1; +- skb->csum_valid = !sum; ++ if (!skb_shared(skb)) { ++ /* Save full packet checksum */ ++ skb->csum = csum; ++ skb->ip_summed = CHECKSUM_COMPLETE; ++ skb->csum_complete_sw = 1; ++ skb->csum_valid = !sum; ++ } + + return sum; + } diff --git a/net/core/dev.c b/net/core/dev.c -index e977e15..74b19b0 100644 +index aa82f9a..f28b00e 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -1681,14 +1681,14 @@ int __dev_forward_skb(struct net_device *dev, struct sk_buff *skb) +@@ -1720,7 +1720,7 @@ int __dev_forward_skb(struct net_device *dev, struct sk_buff *skb) { - if (skb_shinfo(skb)->tx_flags & SKBTX_DEV_ZEROCOPY) { - if (skb_copy_ubufs(skb, GFP_ATOMIC)) { -- atomic_long_inc(&dev->rx_dropped); -+ atomic_long_inc_unchecked(&dev->rx_dropped); - kfree_skb(skb); - return NET_RX_DROP; - } - } - - if (unlikely(!is_skb_forwardable(dev, skb))) { + if (skb_orphan_frags(skb, GFP_ATOMIC) || + unlikely(!is_skb_forwardable(dev, skb))) { - atomic_long_inc(&dev->rx_dropped); + atomic_long_inc_unchecked(&dev->rx_dropped); kfree_skb(skb); return NET_RX_DROP; } -@@ -2987,7 +2987,7 @@ recursion_alert: +@@ -3018,7 +3018,7 @@ recursion_alert: drop: rcu_read_unlock_bh(); @@ -110454,7 +111096,7 @@ index e977e15..74b19b0 100644 kfree_skb_list(skb); return rc; out: -@@ -3336,7 +3336,7 @@ enqueue: +@@ -3367,7 +3367,7 @@ enqueue: local_irq_restore(flags); @@ -110463,7 +111105,7 @@ index e977e15..74b19b0 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -3413,7 +3413,7 @@ int netif_rx_ni(struct sk_buff *skb) +@@ -3444,7 +3444,7 @@ int netif_rx_ni(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_ni); @@ -110472,7 +111114,7 @@ index e977e15..74b19b0 100644 { struct softnet_data *sd = this_cpu_ptr(&softnet_data); -@@ -3751,7 +3751,7 @@ ncls: +@@ -3783,7 +3783,7 @@ ncls: ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); } else { drop: @@ -110481,7 +111123,7 @@ index e977e15..74b19b0 100644 kfree_skb(skb); /* Jamal, now you will not able to escape explaining * me how you were going to use this. :-) -@@ -4640,7 +4640,7 @@ out_unlock: +@@ -4672,7 +4672,7 @@ out_unlock: return work; } @@ -110490,7 +111132,7 @@ index e977e15..74b19b0 100644 { struct softnet_data *sd = this_cpu_ptr(&softnet_data); unsigned long time_limit = jiffies + 2; -@@ -6676,8 +6676,8 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, +@@ -6721,8 +6721,8 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, } else { netdev_stats_to_stats64(storage, &dev->stats); } @@ -110520,11 +111162,26 @@ index b94b1d2..da3ed7c 100644 } EXPORT_SYMBOL(dev_load); +diff --git a/net/core/dst.c b/net/core/dst.c +index e956ce6..002144be 100644 +--- a/net/core/dst.c ++++ b/net/core/dst.c +@@ -284,7 +284,9 @@ void dst_release(struct dst_entry *dst) + int newrefcnt; + + newrefcnt = atomic_dec_return(&dst->__refcnt); +- WARN_ON(newrefcnt < 0); ++ if (unlikely(newrefcnt < 0)) ++ net_warn_ratelimited("%s: dst:%p refcnt:%d\n", ++ __func__, dst, newrefcnt); + if (unlikely(dst->flags & DST_NOCACHE) && !newrefcnt) + call_rcu(&dst->rcu_head, dst_destroy_rcu); + } diff --git a/net/core/filter.c b/net/core/filter.c -index f6bdc2b..76eba8e 100644 +index bf831a8..8d2c4c2 100644 --- a/net/core/filter.c +++ b/net/core/filter.c -@@ -533,7 +533,11 @@ do_pass: +@@ -579,7 +579,11 @@ do_pass: /* Unknown instruction. */ default: @@ -110537,7 +111194,7 @@ index f6bdc2b..76eba8e 100644 } insn++; -@@ -577,7 +581,7 @@ static int check_load_and_stores(const struct sock_filter *filter, int flen) +@@ -623,7 +627,7 @@ static int check_load_and_stores(const struct sock_filter *filter, int flen) u16 *masks, memvalid = 0; /* One bit per cell, 16 cells */ int pc, ret = 0; @@ -110546,7 +111203,7 @@ index f6bdc2b..76eba8e 100644 masks = kmalloc_array(flen, sizeof(*masks), GFP_KERNEL); if (!masks) -@@ -992,7 +996,7 @@ int bpf_prog_create(struct bpf_prog **pfp, struct sock_fprog_kern *fprog) +@@ -1038,7 +1042,7 @@ int bpf_prog_create(struct bpf_prog **pfp, struct sock_fprog_kern *fprog) if (!fp) return -ENOMEM; @@ -110587,10 +111244,10 @@ index 1033725..340f65d 100644 fle->object = flo; else diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index d0e5d66..c55e69d 100644 +index 2237c1b..c0c80ab 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c -@@ -2819,7 +2819,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, +@@ -2818,7 +2818,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int size, ret; @@ -110599,7 +111256,7 @@ index d0e5d66..c55e69d 100644 tmp.extra1 = &zero; tmp.extra2 = &unres_qlen_max; -@@ -2881,7 +2881,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, +@@ -2880,7 +2880,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -110660,10 +111317,10 @@ index 2bf8329..2eb1423 100644 return 0; diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c -index f2aa73b..0d1a1ea 100644 +index 4238d6d..e6b605c 100644 --- a/net/core/net-sysfs.c +++ b/net/core/net-sysfs.c -@@ -279,7 +279,7 @@ static ssize_t carrier_changes_show(struct device *dev, +@@ -288,7 +288,7 @@ static ssize_t carrier_changes_show(struct device *dev, { struct net_device *netdev = to_net_dev(dev); return sprintf(buf, fmt_dec, @@ -110673,10 +111330,10 @@ index f2aa73b..0d1a1ea 100644 static DEVICE_ATTR_RO(carrier_changes); diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c -index 70d3450..eb7c528 100644 +index 572af00..5acf072 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c -@@ -663,7 +663,7 @@ static int __register_pernet_operations(struct list_head *list, +@@ -734,7 +734,7 @@ static int __register_pernet_operations(struct list_head *list, int error; LIST_HEAD(net_exit_list); @@ -110685,7 +111342,7 @@ index 70d3450..eb7c528 100644 if (ops->init || (ops->id && ops->size)) { for_each_net(net) { error = ops_init(ops, net); -@@ -676,7 +676,7 @@ static int __register_pernet_operations(struct list_head *list, +@@ -747,7 +747,7 @@ static int __register_pernet_operations(struct list_head *list, out_undo: /* If I have an error cleanup all namespaces I initialized */ @@ -110694,7 +111351,7 @@ index 70d3450..eb7c528 100644 ops_exit_list(ops, &net_exit_list); ops_free_list(ops, &net_exit_list); return error; -@@ -687,7 +687,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops) +@@ -758,7 +758,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops) struct net *net; LIST_HEAD(net_exit_list); @@ -110703,7 +111360,7 @@ index 70d3450..eb7c528 100644 for_each_net(net) list_add_tail(&net->exit_list, &net_exit_list); ops_exit_list(ops, &net_exit_list); -@@ -821,7 +821,7 @@ int register_pernet_device(struct pernet_operations *ops) +@@ -892,7 +892,7 @@ int register_pernet_device(struct pernet_operations *ops) mutex_lock(&net_mutex); error = register_pernet_operations(&pernet_list, ops); if (!error && (first_device == &pernet_list)) @@ -110748,7 +111405,7 @@ index 508155b..fad080f 100644 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR); return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index a2b90e1..7882f75 100644 +index 8de3682..fcb8a5e 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -61,7 +61,7 @@ struct rtnl_link { @@ -110786,7 +111443,7 @@ index a2b90e1..7882f75 100644 } EXPORT_SYMBOL_GPL(__rtnl_link_unregister); -@@ -1047,7 +1050,7 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, +@@ -1066,7 +1069,7 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, (dev->ifalias && nla_put_string(skb, IFLA_IFALIAS, dev->ifalias)) || nla_put_u32(skb, IFLA_CARRIER_CHANGES, @@ -110795,6 +111452,24 @@ index a2b90e1..7882f75 100644 goto nla_put_failure; if (1) { +@@ -1748,10 +1751,13 @@ static int do_setlink(const struct sk_buff *skb, + goto errout; + + nla_for_each_nested(attr, tb[IFLA_VF_PORTS], rem) { +- if (nla_type(attr) != IFLA_VF_PORT) +- continue; +- err = nla_parse_nested(port, IFLA_PORT_MAX, +- attr, ifla_port_policy); ++ if (nla_type(attr) != IFLA_VF_PORT || ++ nla_len(attr) < NLA_HDRLEN) { ++ err = -EINVAL; ++ goto errout; ++ } ++ err = nla_parse_nested(port, IFLA_PORT_MAX, attr, ++ ifla_port_policy); + if (err < 0) + goto errout; + if (!port[IFLA_PORT_VF]) { diff --git a/net/core/scm.c b/net/core/scm.c index 3b6899b..cf36238 100644 --- a/net/core/scm.c @@ -110836,7 +111511,7 @@ index 3b6899b..cf36238 100644 { struct socket *sock; diff --git a/net/core/skbuff.c b/net/core/skbuff.c -index 1e3abb8..d751ebd 100644 +index 41ec022..3cc0a1c 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -2139,7 +2139,7 @@ EXPORT_SYMBOL(__skb_checksum); @@ -110848,7 +111523,7 @@ index 1e3abb8..d751ebd 100644 .update = csum_partial_ext, .combine = csum_block_add_ext, }; -@@ -3379,12 +3379,14 @@ void __init skb_init(void) +@@ -3335,12 +3335,14 @@ void __init skb_init(void) skbuff_head_cache = kmem_cache_create("skbuff_head_cache", sizeof(struct sk_buff), 0, @@ -110866,10 +111541,10 @@ index 1e3abb8..d751ebd 100644 } diff --git a/net/core/sock.c b/net/core/sock.c -index c77d5d2..c1d6a84 100644 +index dc30dc5..8bb3ef3 100644 --- a/net/core/sock.c +++ b/net/core/sock.c -@@ -443,7 +443,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) +@@ -440,7 +440,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) struct sk_buff_head *list = &sk->sk_receive_queue; if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) { @@ -110878,7 +111553,7 @@ index c77d5d2..c1d6a84 100644 trace_sock_rcvqueue_full(sk, skb); return -ENOMEM; } -@@ -453,7 +453,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) +@@ -450,7 +450,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) return err; if (!sk_rmem_schedule(sk, skb, skb->truesize)) { @@ -110887,16 +111562,7 @@ index c77d5d2..c1d6a84 100644 return -ENOBUFS; } -@@ -466,7 +466,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) - skb_dst_force(skb); - - spin_lock_irqsave(&list->lock, flags); -- skb->dropcount = atomic_read(&sk->sk_drops); -+ skb->dropcount = atomic_read_unchecked(&sk->sk_drops); - __skb_queue_tail(list, skb); - spin_unlock_irqrestore(&list->lock, flags); - -@@ -486,7 +486,7 @@ int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested) +@@ -483,7 +483,7 @@ int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested) skb->dev = NULL; if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) { @@ -110905,7 +111571,7 @@ index c77d5d2..c1d6a84 100644 goto discard_and_relse; } if (nested) -@@ -504,7 +504,7 @@ int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested) +@@ -501,7 +501,7 @@ int sk_receive_skb(struct sock *sk, struct sk_buff *skb, const int nested) mutex_release(&sk->sk_lock.dep_map, 1, _RET_IP_); } else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) { bh_unlock_sock(sk); @@ -110914,7 +111580,7 @@ index c77d5d2..c1d6a84 100644 goto discard_and_relse; } -@@ -910,6 +910,7 @@ set_rcvbuf: +@@ -907,6 +907,7 @@ set_rcvbuf: } break; @@ -110922,7 +111588,7 @@ index c77d5d2..c1d6a84 100644 case SO_ATTACH_BPF: ret = -EINVAL; if (optlen == sizeof(u32)) { -@@ -922,7 +923,7 @@ set_rcvbuf: +@@ -919,7 +920,7 @@ set_rcvbuf: ret = sk_attach_bpf(ufd, sk); } break; @@ -110931,7 +111597,7 @@ index c77d5d2..c1d6a84 100644 case SO_DETACH_FILTER: ret = sk_detach_filter(sk); break; -@@ -1026,12 +1027,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -1021,12 +1022,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, struct timeval tm; } v; @@ -110947,7 +111613,7 @@ index c77d5d2..c1d6a84 100644 return -EINVAL; memset(&v, 0, sizeof(v)); -@@ -1169,11 +1170,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -1164,11 +1165,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, case SO_PEERNAME: { @@ -110961,7 +111627,7 @@ index c77d5d2..c1d6a84 100644 return -EINVAL; if (copy_to_user(optval, address, len)) return -EFAULT; -@@ -1258,7 +1259,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -1256,7 +1257,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, if (len > lv) len = lv; @@ -110970,7 +111636,7 @@ index c77d5d2..c1d6a84 100644 return -EFAULT; lenout: if (put_user(len, optlen)) -@@ -2375,7 +2376,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) +@@ -2359,7 +2360,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) */ smp_wmb(); atomic_set(&sk->sk_refcnt, 1); @@ -110979,7 +111645,7 @@ index c77d5d2..c1d6a84 100644 } EXPORT_SYMBOL(sock_init_data); -@@ -2503,6 +2504,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) +@@ -2487,6 +2488,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, int level, int type) { @@ -110987,7 +111653,7 @@ index c77d5d2..c1d6a84 100644 struct sock_exterr_skb *serr; struct sk_buff *skb; int copied, err; -@@ -2524,7 +2526,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, +@@ -2508,7 +2510,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, sock_recv_timestamp(msg, sk, skb); serr = SKB_EXT_ERR(skb); @@ -110998,10 +111664,10 @@ index c77d5d2..c1d6a84 100644 msg->msg_flags |= MSG_ERRQUEUE; err = copied; diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c -index ad704c7..ca48aff 100644 +index 74dddf8..7f4e77e 100644 --- a/net/core/sock_diag.c +++ b/net/core/sock_diag.c -@@ -9,26 +9,33 @@ +@@ -9,7 +9,7 @@ #include <linux/inet_diag.h> #include <linux/sock_diag.h> @@ -111010,33 +111676,7 @@ index ad704c7..ca48aff 100644 static int (*inet_rcv_compat)(struct sk_buff *skb, struct nlmsghdr *nlh); static DEFINE_MUTEX(sock_diag_table_mutex); - int sock_diag_check_cookie(void *sk, __u32 *cookie) - { -+#ifndef CONFIG_GRKERNSEC_HIDESYM - if ((cookie[0] != INET_DIAG_NOCOOKIE || - cookie[1] != INET_DIAG_NOCOOKIE) && - ((u32)(unsigned long)sk != cookie[0] || - (u32)((((unsigned long)sk) >> 31) >> 1) != cookie[1])) - return -ESTALE; - else -+#endif - return 0; - } - EXPORT_SYMBOL_GPL(sock_diag_check_cookie); - - void sock_diag_save_cookie(void *sk, __u32 *cookie) - { -+#ifdef CONFIG_GRKERNSEC_HIDESYM -+ cookie[0] = 0; -+ cookie[1] = 0; -+#else - cookie[0] = (u32)(unsigned long)sk; - cookie[1] = (u32)(((unsigned long)sk >> 31) >> 1); -+#endif - } - EXPORT_SYMBOL_GPL(sock_diag_save_cookie); - -@@ -110,8 +117,11 @@ int sock_diag_register(const struct sock_diag_handler *hndl) +@@ -127,8 +127,11 @@ int sock_diag_register(const struct sock_diag_handler *hndl) mutex_lock(&sock_diag_table_mutex); if (sock_diag_handlers[hndl->family]) err = -EBUSY; @@ -111049,7 +111689,7 @@ index ad704c7..ca48aff 100644 mutex_unlock(&sock_diag_table_mutex); return err; -@@ -127,7 +137,9 @@ void sock_diag_unregister(const struct sock_diag_handler *hnld) +@@ -144,7 +147,9 @@ void sock_diag_unregister(const struct sock_diag_handler *hnld) mutex_lock(&sock_diag_table_mutex); BUG_ON(sock_diag_handlers[family] != hnld); @@ -111060,10 +111700,10 @@ index ad704c7..ca48aff 100644 } EXPORT_SYMBOL_GPL(sock_diag_unregister); diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c -index 8ce351f..2c388f7 100644 +index 95b6139..3048623 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c -@@ -36,7 +36,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write, +@@ -35,7 +35,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write, { unsigned int orig_size, size; int ret, i; @@ -111072,7 +111712,7 @@ index 8ce351f..2c388f7 100644 .data = &size, .maxlen = sizeof(size), .mode = table->mode -@@ -204,7 +204,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, +@@ -203,7 +203,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { char id[IFNAMSIZ]; @@ -111081,7 +111721,7 @@ index 8ce351f..2c388f7 100644 .data = id, .maxlen = IFNAMSIZ, }; -@@ -222,7 +222,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, +@@ -221,7 +221,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, static int proc_do_rss_key(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -111090,7 +111730,7 @@ index 8ce351f..2c388f7 100644 char buf[NETDEV_RSS_KEY_LEN * 3]; snprintf(buf, sizeof(buf), "%*phC", NETDEV_RSS_KEY_LEN, netdev_rss_key); -@@ -286,7 +286,7 @@ static struct ctl_table net_core_table[] = { +@@ -285,7 +285,7 @@ static struct ctl_table net_core_table[] = { .mode = 0444, .proc_handler = proc_do_rss_key, }, @@ -111099,7 +111739,7 @@ index 8ce351f..2c388f7 100644 { .procname = "bpf_jit_enable", .data = &bpf_jit_enable, -@@ -411,13 +411,12 @@ static struct ctl_table netns_core_table[] = { +@@ -409,13 +409,12 @@ static struct ctl_table netns_core_table[] = { static __net_init int sysctl_core_net_init(struct net *net) { @@ -111115,7 +111755,7 @@ index 8ce351f..2c388f7 100644 if (tbl == NULL) goto err_dup; -@@ -427,17 +426,16 @@ static __net_init int sysctl_core_net_init(struct net *net) +@@ -425,17 +424,16 @@ static __net_init int sysctl_core_net_init(struct net *net) if (net->user_ns != &init_user_ns) { tbl[0].procname = NULL; } @@ -111137,7 +111777,7 @@ index 8ce351f..2c388f7 100644 err_dup: return -ENOMEM; } -@@ -452,7 +450,7 @@ static __net_exit void sysctl_core_net_exit(struct net *net) +@@ -450,7 +448,7 @@ static __net_exit void sysctl_core_net_exit(struct net *net) kfree(tbl); } @@ -111147,7 +111787,7 @@ index 8ce351f..2c388f7 100644 .exit = sysctl_core_net_exit, }; diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c -index 8102286..a0c2755 100644 +index 754484b..4f4b894 100644 --- a/net/decnet/af_decnet.c +++ b/net/decnet/af_decnet.c @@ -466,6 +466,7 @@ static struct proto dn_proto = { @@ -111193,6 +111833,19 @@ index 5325b54..a0d4d69 100644 return -EFAULT; *lenp = len; +diff --git a/net/dsa/dsa.c b/net/dsa/dsa.c +index 392e29a..da953a2 100644 +--- a/net/dsa/dsa.c ++++ b/net/dsa/dsa.c +@@ -851,7 +851,7 @@ static struct packet_type dsa_pack_type __read_mostly = { + .func = dsa_switch_rcv, + }; + +-static struct notifier_block dsa_netdevice_nb __read_mostly = { ++static struct notifier_block dsa_netdevice_nb = { + .notifier_call = dsa_slave_netdevice_event, + }; + diff --git a/net/hsr/hsr_netlink.c b/net/hsr/hsr_netlink.c index a2c7e4c..3dc9f67 100644 --- a/net/hsr/hsr_netlink.c @@ -111207,10 +111860,10 @@ index a2c7e4c..3dc9f67 100644 .maxtype = IFLA_HSR_MAX, .policy = hsr_policy, diff --git a/net/ieee802154/6lowpan/core.c b/net/ieee802154/6lowpan/core.c -index 055fbb7..c0dbe60 100644 +index 0ae5822..3fe3627 100644 --- a/net/ieee802154/6lowpan/core.c +++ b/net/ieee802154/6lowpan/core.c -@@ -217,7 +217,7 @@ static void lowpan_dellink(struct net_device *dev, struct list_head *head) +@@ -219,7 +219,7 @@ static void lowpan_dellink(struct net_device *dev, struct list_head *head) dev_put(real_dev); } @@ -111264,10 +111917,10 @@ index f46e4d1..30231f1 100644 return -ENOMEM; } diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c -index 61edc49..99991a4 100644 +index a5aa54e..3bd5f9f 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c -@@ -1392,7 +1392,7 @@ int inet_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) +@@ -1391,7 +1391,7 @@ int inet_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len) return ip_recv_error(sk, msg, len, addr_len); #if IS_ENABLED(CONFIG_IPV6) if (sk->sk_family == AF_INET6) @@ -111277,7 +111930,7 @@ index 61edc49..99991a4 100644 return -EINVAL; } diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c -index 3a8985c..9d2a870 100644 +index 419d23c..2084616 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -69,7 +69,8 @@ @@ -111300,7 +111953,7 @@ index 3a8985c..9d2a870 100644 [IPV4_DEVCONF_SEND_REDIRECTS - 1] = 1, [IPV4_DEVCONF_SECURE_REDIRECTS - 1] = 1, [IPV4_DEVCONF_SHARED_MEDIA - 1] = 1, -@@ -1549,7 +1551,7 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) +@@ -1580,7 +1582,7 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -111309,7 +111962,7 @@ index 3a8985c..9d2a870 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -1868,7 +1870,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, +@@ -1899,7 +1901,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -111318,7 +111971,7 @@ index 3a8985c..9d2a870 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -2103,7 +2105,7 @@ static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, +@@ -2134,7 +2136,7 @@ static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) @@ -111327,7 +111980,7 @@ index 3a8985c..9d2a870 100644 struct ctl_table_header *sysctl_header; struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; } devinet_sysctl = { -@@ -2235,7 +2237,7 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2266,7 +2268,7 @@ static __net_init int devinet_init_net(struct net *net) int err; struct ipv4_devconf *all, *dflt; #ifdef CONFIG_SYSCTL @@ -111336,16 +111989,16 @@ index 3a8985c..9d2a870 100644 struct ctl_table_header *forw_hdr; #endif -@@ -2253,7 +2255,7 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2284,7 +2286,7 @@ static __net_init int devinet_init_net(struct net *net) goto err_alloc_dflt; #ifdef CONFIG_SYSCTL - tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL); + tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL); - if (tbl == NULL) + if (!tbl) goto err_alloc_ctl; -@@ -2273,7 +2275,10 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2304,7 +2306,10 @@ static __net_init int devinet_init_net(struct net *net) goto err_reg_dflt; err = -ENOMEM; @@ -111354,10 +112007,10 @@ index 3a8985c..9d2a870 100644 + forw_hdr = register_net_sysctl(net, "net/ipv4", tbl); + else + forw_hdr = register_net_sysctl(net, "net/ipv4", ctl_forward_entry); - if (forw_hdr == NULL) + if (!forw_hdr) goto err_reg_ctl; net->ipv4.forw_hdr = forw_hdr; -@@ -2289,8 +2294,7 @@ err_reg_ctl: +@@ -2320,8 +2325,7 @@ err_reg_ctl: err_reg_dflt: __devinet_sysctl_unregister(all); err_reg_all: @@ -111368,10 +112021,10 @@ index 3a8985c..9d2a870 100644 #endif if (dflt != &ipv4_devconf_dflt) diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c -index 23b9b3e..60cf0c4 100644 +index 872494e..8e0b4d1 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c -@@ -1020,12 +1020,12 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event, +@@ -1083,12 +1083,12 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event, #ifdef CONFIG_IP_ROUTE_MULTIPATH fib_sync_up(dev); #endif @@ -111383,10 +112036,10 @@ index 23b9b3e..60cf0c4 100644 fib_del_ifaddr(ifa, NULL); - atomic_inc(&net->ipv4.dev_addr_genid); + atomic_inc_unchecked(&net->ipv4.dev_addr_genid); - if (ifa->ifa_dev->ifa_list == NULL) { + if (!ifa->ifa_dev->ifa_list) { /* Last address was deleted from this interface. * Disable IP. -@@ -1063,7 +1063,7 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo +@@ -1126,7 +1126,7 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo #ifdef CONFIG_IP_ROUTE_MULTIPATH fib_sync_up(dev); #endif @@ -111396,10 +112049,10 @@ index 23b9b3e..60cf0c4 100644 break; case NETDEV_DOWN: diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c -index 1e2090e..351a724 100644 +index 8d695b6..752d427a 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c -@@ -753,7 +753,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh) +@@ -752,7 +752,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh) nh->nh_saddr = inet_select_addr(nh->nh_dev, nh->nh_gw, nh->nh_parent->fib_scope); @@ -111408,27 +112061,8 @@ index 1e2090e..351a724 100644 return nh->nh_saddr; } -diff --git a/net/ipv4/fou.c b/net/ipv4/fou.c -index ff069f6..335e752 100644 ---- a/net/ipv4/fou.c -+++ b/net/ipv4/fou.c -@@ -771,12 +771,12 @@ EXPORT_SYMBOL(gue_build_header); - - #ifdef CONFIG_NET_FOU_IP_TUNNELS - --static const struct ip_tunnel_encap_ops __read_mostly fou_iptun_ops = { -+static const struct ip_tunnel_encap_ops fou_iptun_ops = { - .encap_hlen = fou_encap_hlen, - .build_header = fou_build_header, - }; - --static const struct ip_tunnel_encap_ops __read_mostly gue_iptun_ops = { -+static const struct ip_tunnel_encap_ops gue_iptun_ops = { - .encap_hlen = gue_encap_hlen, - .build_header = gue_build_header, - }; diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c -index 9111a4e..3576905 100644 +index c6fb80b..8705495 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -18,6 +18,7 @@ @@ -111439,8 +112073,8 @@ index 9111a4e..3576905 100644 #include <net/inet_connection_sock.h> #include <net/inet_hashtables.h> -@@ -49,6 +50,8 @@ static unsigned int inet_sk_ehashfn(const struct sock *sk) - return inet_ehashfn(net, laddr, lport, faddr, fport); +@@ -53,6 +54,8 @@ u32 sk_ehashfn(const struct sock *sk) + sk->sk_daddr, sk->sk_dport); } +extern void gr_update_task_in_ip_table(const struct inet_sock *inet); @@ -111448,14 +112082,14 @@ index 9111a4e..3576905 100644 /* * Allocate and initialize a new local port bind bucket. * The bindhash mutex for snum's hash chain must be held here. -@@ -554,6 +557,8 @@ ok: +@@ -564,6 +567,8 @@ ok: twrefcnt += inet_twsk_bind_unhash(tw, hinfo); spin_unlock(&head->lock); + gr_update_task_in_ip_table(inet_sk(sk)); + if (tw) { - inet_twsk_deschedule(tw, death_row); + inet_twsk_deschedule(tw); while (twrefcnt) { diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c index 241afd7..31b95d5 100644 @@ -111471,7 +112105,7 @@ index 241afd7..31b95d5 100644 p->rate_tokens = 0; /* 60*HZ is arbitrary, but chosen enough high so that the first diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c -index 145a50c..5dd8cc5 100644 +index cc1da6d..64b1534 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c @@ -268,7 +268,7 @@ static int ip_frag_too_far(struct ipq *qp) @@ -111483,7 +112117,7 @@ index 145a50c..5dd8cc5 100644 qp->rid = end; rc = qp->q.fragments && (end - start) > max; -@@ -748,12 +748,11 @@ static struct ctl_table ip4_frags_ctl_table[] = { +@@ -750,12 +750,11 @@ static struct ctl_table ip4_frags_ctl_table[] = { static int __net_init ip4_frags_ns_ctl_register(struct net *net) { @@ -111495,10 +112129,10 @@ index 145a50c..5dd8cc5 100644 if (!net_eq(net, &init_net)) { - table = kmemdup(table, sizeof(ip4_frags_ns_ctl_table), GFP_KERNEL); + table = kmemdup(ip4_frags_ns_ctl_table, sizeof(ip4_frags_ns_ctl_table), GFP_KERNEL); - if (table == NULL) + if (!table) goto err_alloc; -@@ -767,9 +766,10 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) +@@ -769,9 +768,10 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) /* Don't export sysctls to unprivileged users */ if (net->user_ns != &init_user_ns) table[0].procname = NULL; @@ -111508,10 +112142,10 @@ index 145a50c..5dd8cc5 100644 + hdr = register_net_sysctl(net, "net/ipv4", ip4_frags_ns_ctl_table); - hdr = register_net_sysctl(net, "net/ipv4", table); - if (hdr == NULL) + if (!hdr) goto err_reg; -@@ -777,8 +777,7 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) +@@ -779,8 +779,7 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) return 0; err_reg: @@ -111522,7 +112156,7 @@ index 145a50c..5dd8cc5 100644 return -ENOMEM; } diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c -index 6207275f..00323a2 100644 +index 5fd7064..d13d75f 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -115,7 +115,7 @@ static bool log_ecn_error = true; @@ -111534,7 +112168,7 @@ index 6207275f..00323a2 100644 static int ipgre_tunnel_init(struct net_device *dev); static int ipgre_net_id __read_mostly; -@@ -817,7 +817,7 @@ static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { +@@ -819,7 +819,7 @@ static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { [IFLA_GRE_ENCAP_DPORT] = { .type = NLA_U16 }, }; @@ -111543,7 +112177,7 @@ index 6207275f..00323a2 100644 .kind = "gre", .maxtype = IFLA_GRE_MAX, .policy = ipgre_policy, -@@ -832,7 +832,7 @@ static struct rtnl_link_ops ipgre_link_ops __read_mostly = { +@@ -834,7 +834,7 @@ static struct rtnl_link_ops ipgre_link_ops __read_mostly = { .get_link_net = ip_tunnel_get_link_net, }; @@ -111553,7 +112187,7 @@ index 6207275f..00323a2 100644 .maxtype = IFLA_GRE_MAX, .policy = ipgre_policy, diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c -index 3d4da2c..40f9c29 100644 +index 2db4c87..4db9282 100644 --- a/net/ipv4/ip_input.c +++ b/net/ipv4/ip_input.c @@ -147,6 +147,10 @@ @@ -111567,7 +112201,7 @@ index 3d4da2c..40f9c29 100644 /* * Process Router Attention IP option (RFC 2113) */ -@@ -223,6 +227,9 @@ static int ip_local_deliver_finish(struct sk_buff *skb) +@@ -223,6 +227,9 @@ static int ip_local_deliver_finish(struct sock *sk, struct sk_buff *skb) if (!raw) { if (xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) { IP_INC_STATS_BH(net, IPSTATS_MIB_INUNKNOWNPROTOS); @@ -111578,10 +112212,10 @@ index 3d4da2c..40f9c29 100644 ICMP_PROT_UNREACH, 0); } diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c -index d9e8ff3..a70a150 100644 +index 6ddde89..653e224 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c -@@ -1263,7 +1263,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, +@@ -1291,7 +1291,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, len = min_t(unsigned int, len, opt->optlen); if (put_user(len, optlen)) return -EFAULT; @@ -111591,7 +112225,7 @@ index d9e8ff3..a70a150 100644 return -EFAULT; return 0; } -@@ -1397,7 +1398,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, +@@ -1425,7 +1426,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, if (sk->sk_type != SOCK_STREAM) return -ENOPROTOOPT; @@ -111601,7 +112235,7 @@ index d9e8ff3..a70a150 100644 msg.msg_flags = flags; diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c -index 94efe14..1453fcc 100644 +index 0c15208..a3a76c5 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c @@ -45,7 +45,7 @@ @@ -111613,7 +112247,7 @@ index 94efe14..1453fcc 100644 static int vti_net_id __read_mostly; static int vti_tunnel_init(struct net_device *dev); -@@ -519,7 +519,7 @@ static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = { +@@ -525,7 +525,7 @@ static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = { [IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) }, }; @@ -111623,7 +112257,7 @@ index 94efe14..1453fcc 100644 .maxtype = IFLA_VTI_MAX, .policy = vti_policy, diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c -index b26376e..fc3d733 100644 +index 8e7328c..9bd7ed3 100644 --- a/net/ipv4/ipconfig.c +++ b/net/ipv4/ipconfig.c @@ -333,7 +333,7 @@ static int __init ic_devinet_ioctl(unsigned int cmd, struct ifreq *arg) @@ -111654,7 +112288,7 @@ index b26376e..fc3d733 100644 return res; } diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c -index 915d215..48d1db7 100644 +index ff96396..2e928ba 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -124,7 +124,7 @@ MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); @@ -111676,10 +112310,10 @@ index 915d215..48d1db7 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ipip_policy, diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c -index f95b6f9..2ee2097 100644 +index a612007..99ac4bc5 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -885,14 +885,14 @@ static int compat_table_info(const struct xt_table_info *info, +@@ -884,14 +884,14 @@ static int compat_table_info(const struct xt_table_info *info, #endif static int get_info(struct net *net, void __user *user, @@ -111697,7 +112331,7 @@ index f95b6f9..2ee2097 100644 sizeof(struct arpt_getinfo)); return -EINVAL; } -@@ -929,7 +929,7 @@ static int get_info(struct net *net, void __user *user, +@@ -928,7 +928,7 @@ static int get_info(struct net *net, void __user *user, info.size = private->size; strcpy(info.name, name); @@ -111706,7 +112340,7 @@ index f95b6f9..2ee2097 100644 ret = -EFAULT; else ret = 0; -@@ -1690,7 +1690,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, +@@ -1695,7 +1695,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, switch (cmd) { case ARPT_SO_GET_INFO: @@ -111715,7 +112349,7 @@ index f95b6f9..2ee2097 100644 break; case ARPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -1735,7 +1735,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len +@@ -1740,7 +1740,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len switch (cmd) { case ARPT_SO_GET_INFO: @@ -111725,10 +112359,10 @@ index f95b6f9..2ee2097 100644 case ARPT_SO_GET_ENTRIES: diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c -index cf5e82f..75a20f5 100644 +index 2d0e265..67e5b8d 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1073,14 +1073,14 @@ static int compat_table_info(const struct xt_table_info *info, +@@ -1072,14 +1072,14 @@ static int compat_table_info(const struct xt_table_info *info, #endif static int get_info(struct net *net, void __user *user, @@ -111746,7 +112380,7 @@ index cf5e82f..75a20f5 100644 sizeof(struct ipt_getinfo)); return -EINVAL; } -@@ -1117,7 +1117,7 @@ static int get_info(struct net *net, void __user *user, +@@ -1116,7 +1116,7 @@ static int get_info(struct net *net, void __user *user, info.size = private->size; strcpy(info.name, name); @@ -111755,7 +112389,7 @@ index cf5e82f..75a20f5 100644 ret = -EFAULT; else ret = 0; -@@ -1973,7 +1973,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1978,7 +1978,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -111764,7 +112398,7 @@ index cf5e82f..75a20f5 100644 break; case IPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2020,7 +2020,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2025,7 +2025,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -111774,10 +112408,10 @@ index cf5e82f..75a20f5 100644 case IPT_SO_GET_ENTRIES: diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c -index e90f83a..3e6acca 100644 +index 771ab3d..5b99b18 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c -@@ -720,7 +720,7 @@ static int clusterip_net_init(struct net *net) +@@ -725,7 +725,7 @@ static int clusterip_net_init(struct net *net) spin_lock_init(&cn->lock); #ifdef CONFIG_PROC_FS @@ -111787,7 +112421,7 @@ index e90f83a..3e6acca 100644 pr_err("Unable to proc dir entry\n"); return -ENOMEM; diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c -index 787b0d6..ab6c0ba 100644 +index 05ff44b..da00000 100644 --- a/net/ipv4/ping.c +++ b/net/ipv4/ping.c @@ -59,7 +59,7 @@ struct ping_table { @@ -111826,7 +112460,7 @@ index 787b0d6..ab6c0ba 100644 info, (u8 *)icmph); #endif } -@@ -919,10 +919,10 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -918,10 +918,10 @@ int ping_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int noblock, } if (inet6_sk(sk)->rxopt.all) @@ -111839,7 +112473,7 @@ index 787b0d6..ab6c0ba 100644 else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags) ip_cmsg_recv(msg, skb); #endif -@@ -1117,7 +1117,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, +@@ -1116,7 +1116,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -111849,10 +112483,10 @@ index 787b0d6..ab6c0ba 100644 static int ping_v4_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c -index f027a70..2e64edc 100644 +index 561cd4b..a32a155 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c -@@ -324,7 +324,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff *skb) +@@ -323,7 +323,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff *skb) int raw_rcv(struct sock *sk, struct sk_buff *skb) { if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) { @@ -111861,7 +112495,7 @@ index f027a70..2e64edc 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -773,16 +773,20 @@ static int raw_init(struct sock *sk) +@@ -771,16 +771,20 @@ static int raw_init(struct sock *sk) static int raw_seticmpfilter(struct sock *sk, char __user *optval, int optlen) { @@ -111883,7 +112517,7 @@ index f027a70..2e64edc 100644 if (get_user(len, optlen)) goto out; -@@ -792,8 +796,8 @@ static int raw_geticmpfilter(struct sock *sk, char __user *optval, int __user *o +@@ -790,8 +794,8 @@ static int raw_geticmpfilter(struct sock *sk, char __user *optval, int __user *o if (len > sizeof(struct icmp_filter)) len = sizeof(struct icmp_filter); ret = -EFAULT; @@ -111894,7 +112528,7 @@ index f027a70..2e64edc 100644 goto out; ret = 0; out: return ret; -@@ -1022,7 +1026,7 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) +@@ -1020,7 +1024,7 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) 0, 0L, 0, from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 0, sock_i_ino(sp), @@ -111904,10 +112538,10 @@ index f027a70..2e64edc 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index e262a08..d1fc3be 100644 +index f45f2a1..e7d47a3 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -228,7 +228,7 @@ static const struct seq_operations rt_cache_seq_ops = { +@@ -227,7 +227,7 @@ static const struct seq_operations rt_cache_seq_ops = { static int rt_cache_seq_open(struct inode *inode, struct file *file) { @@ -111916,7 +112550,7 @@ index e262a08..d1fc3be 100644 } static const struct file_operations rt_cache_seq_fops = { -@@ -319,7 +319,7 @@ static const struct seq_operations rt_cpu_seq_ops = { +@@ -318,7 +318,7 @@ static const struct seq_operations rt_cpu_seq_ops = { static int rt_cpu_seq_open(struct inode *inode, struct file *file) { @@ -111925,7 +112559,7 @@ index e262a08..d1fc3be 100644 } static const struct file_operations rt_cpu_seq_fops = { -@@ -357,7 +357,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v) +@@ -356,7 +356,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v) static int rt_acct_proc_open(struct inode *inode, struct file *file) { @@ -111934,7 +112568,7 @@ index e262a08..d1fc3be 100644 } static const struct file_operations rt_acct_proc_fops = { -@@ -459,11 +459,11 @@ static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst, +@@ -458,11 +458,11 @@ static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst, #define IP_IDENTS_SZ 2048u struct ip_ident_bucket { @@ -111948,7 +112582,7 @@ index e262a08..d1fc3be 100644 /* In order to protect privacy, we add a perturbation to identifiers * if one generator is seldom used. This makes hard for an attacker -@@ -479,7 +479,7 @@ u32 ip_idents_reserve(u32 hash, int segs) +@@ -478,7 +478,7 @@ u32 ip_idents_reserve(u32 hash, int segs) if (old != now && cmpxchg(&bucket->stamp32, old, now) == old) delta = prandom_u32_max(now - old); @@ -111957,7 +112591,7 @@ index e262a08..d1fc3be 100644 } EXPORT_SYMBOL(ip_idents_reserve); -@@ -2643,34 +2643,34 @@ static struct ctl_table ipv4_route_flush_table[] = { +@@ -2641,34 +2641,34 @@ static struct ctl_table ipv4_route_flush_table[] = { .maxlen = sizeof(int), .mode = 0200, .proc_handler = ipv4_sysctl_rtcache_flush, @@ -111975,7 +112609,7 @@ index e262a08..d1fc3be 100644 if (!net_eq(net, &init_net)) { - tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL); + tbl = kmemdup(ipv4_route_flush_table, sizeof(ipv4_route_flush_table), GFP_KERNEL); - if (tbl == NULL) + if (!tbl) goto err_dup; /* Don't export sysctls to unprivileged users */ @@ -111989,7 +112623,7 @@ index e262a08..d1fc3be 100644 + net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", ipv4_route_flush_table); - net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl); - if (net->ipv4.route_hdr == NULL) + if (!net->ipv4.route_hdr) goto err_reg; return 0; @@ -112000,7 +112634,7 @@ index e262a08..d1fc3be 100644 err_dup: return -ENOMEM; } -@@ -2693,8 +2693,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { +@@ -2691,8 +2691,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) { @@ -112011,7 +112645,7 @@ index e262a08..d1fc3be 100644 get_random_bytes(&net->ipv4.dev_addr_genid, sizeof(net->ipv4.dev_addr_genid)); return 0; -@@ -2738,11 +2738,7 @@ int __init ip_rt_init(void) +@@ -2736,11 +2736,7 @@ int __init ip_rt_init(void) int rc = 0; int cpu; @@ -112025,7 +112659,7 @@ index e262a08..d1fc3be 100644 for_each_possible_cpu(cpu) { struct uncached_list *ul = &per_cpu(rt_uncached_list, cpu); diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c -index d151539..5f5e247 100644 +index c3852a7..7bdbde7 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -60,7 +60,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write, @@ -112082,7 +112716,7 @@ index d151539..5f5e247 100644 struct tcp_fastopen_context *ctxt; int ret; u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */ -@@ -888,13 +888,12 @@ static struct ctl_table ipv4_net_table[] = { +@@ -902,13 +902,12 @@ static struct ctl_table ipv4_net_table[] = { static __net_init int ipv4_sysctl_init_net(struct net *net) { @@ -112095,10 +112729,10 @@ index d151539..5f5e247 100644 - table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL); + table = kmemdup(ipv4_net_table, sizeof(ipv4_net_table), GFP_KERNEL); - if (table == NULL) + if (!table) goto err_alloc; -@@ -903,7 +902,10 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) +@@ -917,7 +916,10 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) table[i].data += (void *)net - (void *)&init_net; } @@ -112107,27 +112741,11 @@ index d151539..5f5e247 100644 + net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", table); + else + net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", ipv4_net_table); - if (net->ipv4.ipv4_hdr == NULL) + if (!net->ipv4.ipv4_hdr) goto err_reg; -diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c -index d03a344..f3bbb71 100644 ---- a/net/ipv4/tcp.c -+++ b/net/ipv4/tcp.c -@@ -520,8 +520,10 @@ unsigned int tcp_poll(struct file *file, struct socket *sock, poll_table *wait) - - /* Race breaker. If space is freed after - * wspace test but before the flags are set, -- * IO signal will be lost. -+ * IO signal will be lost. Memory barrier -+ * pairs with the input side. - */ -+ smp_mb__after_atomic(); - if (sk_stream_is_writeable(sk)) - mask |= POLLOUT | POLLWRNORM; - } diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c -index f501ac04..0c5a1b2 100644 +index c9ab964..607d9f7 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -767,7 +767,7 @@ static void tcp_update_pacing_rate(struct sock *sk) @@ -112139,7 +112757,7 @@ index f501ac04..0c5a1b2 100644 sk->sk_max_pacing_rate); } -@@ -4541,7 +4541,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, +@@ -4610,7 +4610,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, * simplifies code) */ static void @@ -112148,16 +112766,7 @@ index f501ac04..0c5a1b2 100644 struct sk_buff *head, struct sk_buff *tail, u32 start, u32 end) { -@@ -4799,6 +4799,8 @@ static void tcp_check_space(struct sock *sk) - { - if (sock_flag(sk, SOCK_QUEUE_SHRUNK)) { - sock_reset_flag(sk, SOCK_QUEUE_SHRUNK); -+ /* pairs with tcp_poll() */ -+ smp_mb__after_atomic(); - if (sk->sk_socket && - test_bit(SOCK_NOSPACE, &sk->sk_socket->flags)) - tcp_new_space(sk); -@@ -5525,6 +5527,7 @@ discard: +@@ -5605,6 +5605,7 @@ discard: tcp_paws_reject(&tp->rx_opt, 0)) goto discard_and_undo; @@ -112165,7 +112774,7 @@ index f501ac04..0c5a1b2 100644 if (th->syn) { /* We see SYN without ACK. It is attempt of * simultaneous connect with crossed SYNs. -@@ -5575,6 +5578,7 @@ discard: +@@ -5655,6 +5656,7 @@ discard: goto discard; #endif } @@ -112173,7 +112782,7 @@ index f501ac04..0c5a1b2 100644 /* "fifth, if neither of the SYN or RST bits is set then * drop the segment and return." */ -@@ -5621,7 +5625,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, +@@ -5701,7 +5703,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, goto discard; if (th->syn) { @@ -112183,7 +112792,7 @@ index f501ac04..0c5a1b2 100644 if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) return 1; diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c -index f1756ee..8908cb0 100644 +index fc1c658..42a8d34 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -89,6 +89,10 @@ int sysctl_tcp_tw_reuse __read_mostly; @@ -112197,7 +112806,7 @@ index f1756ee..8908cb0 100644 #ifdef CONFIG_TCP_MD5SIG static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, __be32 daddr, __be32 saddr, const struct tcphdr *th); -@@ -1475,6 +1479,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) +@@ -1427,6 +1431,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; reset: @@ -112207,7 +112816,7 @@ index f1756ee..8908cb0 100644 tcp_v4_send_reset(rsk, skb); discard: kfree_skb(skb); -@@ -1639,12 +1646,19 @@ int tcp_v4_rcv(struct sk_buff *skb) +@@ -1591,12 +1598,19 @@ int tcp_v4_rcv(struct sk_buff *skb) TCP_SKB_CB(skb)->sacked = 0; sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); @@ -112230,7 +112839,7 @@ index f1756ee..8908cb0 100644 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); -@@ -1700,6 +1714,10 @@ csum_error: +@@ -1652,6 +1666,10 @@ csum_error: bad_packet: TCP_INC_STATS_BH(net, TCP_MIB_INERRS); } else { @@ -112242,7 +112851,7 @@ index f1756ee..8908cb0 100644 } diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c -index 50277af..defe393 100644 +index 17e7339..c72ff6c 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -27,6 +27,10 @@ @@ -112256,7 +112865,7 @@ index 50277af..defe393 100644 int sysctl_tcp_syncookies __read_mostly = 1; EXPORT_SYMBOL(sysctl_tcp_syncookies); -@@ -788,7 +792,10 @@ embryonic_reset: +@@ -778,7 +782,10 @@ embryonic_reset: * avoid becoming vulnerable to outside attack aiming at * resetting legit local connections. */ @@ -112282,7 +112891,7 @@ index ebf5ff5..4d1ff32 100644 cnt += width; } diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c -index 0732b78..a82bdc6 100644 +index 8c65dc1..55fd1ba 100644 --- a/net/ipv4/tcp_timer.c +++ b/net/ipv4/tcp_timer.c @@ -22,6 +22,10 @@ @@ -112296,7 +112905,7 @@ index 0732b78..a82bdc6 100644 int sysctl_tcp_syn_retries __read_mostly = TCP_SYN_RETRIES; int sysctl_tcp_synack_retries __read_mostly = TCP_SYNACK_RETRIES; int sysctl_tcp_keepalive_time __read_mostly = TCP_KEEPALIVE_TIME; -@@ -194,6 +198,13 @@ static int tcp_write_timeout(struct sock *sk) +@@ -195,6 +199,13 @@ static int tcp_write_timeout(struct sock *sk) } } @@ -112311,7 +112920,7 @@ index 0732b78..a82bdc6 100644 syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) { /* Has it gone just too far? */ diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c -index 51f1745..4bc0427 100644 +index 83aa604..dbfddf5 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -87,6 +87,7 @@ @@ -112333,7 +112942,7 @@ index 51f1745..4bc0427 100644 struct udp_table udp_table __read_mostly; EXPORT_SYMBOL(udp_table); -@@ -609,6 +614,9 @@ static inline bool __udp_is_mcast_sock(struct net *net, struct sock *sk, +@@ -608,6 +613,9 @@ static inline bool __udp_is_mcast_sock(struct net *net, struct sock *sk, return true; } @@ -112343,7 +112952,7 @@ index 51f1745..4bc0427 100644 /* * This routine is called by the ICMP module when it gets some * sort of error condition. If err < 0 then the socket should -@@ -946,9 +954,18 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -944,9 +952,18 @@ int udp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) dport = usin->sin_port; if (dport == 0) return -EINVAL; @@ -112362,7 +112971,7 @@ index 51f1745..4bc0427 100644 daddr = inet->inet_daddr; dport = inet->inet_dport; /* Open fast path for connected socket. -@@ -1196,7 +1213,7 @@ static unsigned int first_packet_length(struct sock *sk) +@@ -1193,7 +1210,7 @@ static unsigned int first_packet_length(struct sock *sk) IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, IS_UDPLITE(sk)); @@ -112371,7 +112980,7 @@ index 51f1745..4bc0427 100644 __skb_unlink(skb, rcvq); __skb_queue_tail(&list_kill, skb); } -@@ -1276,6 +1293,10 @@ try_again: +@@ -1273,6 +1290,10 @@ try_again: if (!skb) goto out; @@ -112382,7 +112991,7 @@ index 51f1745..4bc0427 100644 ulen = skb->len - sizeof(struct udphdr); copied = len; if (copied > ulen) -@@ -1308,7 +1329,7 @@ try_again: +@@ -1305,7 +1326,7 @@ try_again: if (unlikely(err)) { trace_kfree_skb(skb, udp_recvmsg); if (!peeked) { @@ -112391,7 +113000,7 @@ index 51f1745..4bc0427 100644 UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, is_udplite); } -@@ -1604,7 +1625,7 @@ csum_error: +@@ -1599,7 +1620,7 @@ csum_error: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -112400,7 +113009,7 @@ index 51f1745..4bc0427 100644 kfree_skb(skb); return -1; } -@@ -1623,7 +1644,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -1617,7 +1638,7 @@ static void flush_stack(struct sock **stack, unsigned int count, skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -112409,7 +113018,7 @@ index 51f1745..4bc0427 100644 UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -1829,6 +1850,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -1823,6 +1844,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -112419,7 +113028,7 @@ index 51f1745..4bc0427 100644 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); /* -@@ -2426,7 +2450,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, +@@ -2420,7 +2444,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -112429,7 +113038,7 @@ index 51f1745..4bc0427 100644 int udp4_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c -index 6156f68..d6ab46d 100644 +index bff6974..c63736c 100644 --- a/net/ipv4/xfrm4_policy.c +++ b/net/ipv4/xfrm4_policy.c @@ -186,11 +186,11 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse) @@ -112446,7 +113055,7 @@ index 6156f68..d6ab46d 100644 return (dst_entries_get_slow(ops) > ops->gc_thresh * 2); } -@@ -269,19 +269,18 @@ static struct ctl_table xfrm4_policy_table[] = { +@@ -268,19 +268,18 @@ static struct ctl_table xfrm4_policy_table[] = { static int __net_init xfrm4_net_init(struct net *net) { @@ -112471,7 +113080,7 @@ index 6156f68..d6ab46d 100644 if (!hdr) goto err_reg; -@@ -289,8 +288,7 @@ static int __net_init xfrm4_net_init(struct net *net) +@@ -288,8 +287,7 @@ static int __net_init xfrm4_net_init(struct net *net) return 0; err_reg: @@ -112482,10 +113091,10 @@ index 6156f68..d6ab46d 100644 return -ENOMEM; } diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index b603002..0de5c88 100644 +index 37b70e8..1475ab7 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c -@@ -171,7 +171,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { +@@ -178,7 +178,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { .hop_limit = IPV6_DEFAULT_HOPLIMIT, .mtu6 = IPV6_MIN_MTU, .accept_ra = 1, @@ -112494,7 +113103,7 @@ index b603002..0de5c88 100644 .autoconf = 1, .force_mld_version = 0, .mldv1_unsolicited_report_interval = 10 * HZ, -@@ -209,7 +209,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { +@@ -219,7 +219,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { .hop_limit = IPV6_DEFAULT_HOPLIMIT, .mtu6 = IPV6_MIN_MTU, .accept_ra = 1, @@ -112503,7 +113112,7 @@ index b603002..0de5c88 100644 .autoconf = 1, .force_mld_version = 0, .mldv1_unsolicited_report_interval = 10 * HZ, -@@ -607,7 +607,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, +@@ -620,7 +620,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -112512,7 +113121,7 @@ index b603002..0de5c88 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -2438,7 +2438,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) +@@ -2506,7 +2506,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) p.iph.ihl = 5; p.iph.protocol = IPPROTO_IPV6; p.iph.ttl = 64; @@ -112521,7 +113130,7 @@ index b603002..0de5c88 100644 if (ops->ndo_do_ioctl) { mm_segment_t oldfs = get_fs(); -@@ -3587,16 +3587,23 @@ static const struct file_operations if6_fops = { +@@ -3772,16 +3772,23 @@ static const struct file_operations if6_fops = { .release = seq_release_net, }; @@ -112546,7 +113155,7 @@ index b603002..0de5c88 100644 } static struct pernet_operations if6_proc_net_ops = { -@@ -4215,7 +4222,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, +@@ -4400,7 +4407,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, s_ip_idx = ip_idx = cb->args[2]; rcu_read_lock(); @@ -112555,7 +113164,7 @@ index b603002..0de5c88 100644 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { idx = 0; head = &net->dev_index_head[h]; -@@ -4864,7 +4871,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) +@@ -5057,7 +5064,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) rt_genid_bump_ipv6(net); break; } @@ -112564,7 +113173,7 @@ index b603002..0de5c88 100644 } static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) -@@ -4884,7 +4891,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, +@@ -5077,7 +5084,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -112573,7 +113182,7 @@ index b603002..0de5c88 100644 int ret; /* -@@ -4909,7 +4916,7 @@ int addrconf_sysctl_mtu(struct ctl_table *ctl, int write, +@@ -5102,7 +5109,7 @@ int addrconf_sysctl_mtu(struct ctl_table *ctl, int write, { struct inet6_dev *idev = ctl->extra1; int min_mtu = IPV6_MIN_MTU; @@ -112582,7 +113191,7 @@ index b603002..0de5c88 100644 lctl = *ctl; lctl.extra1 = &min_mtu; -@@ -4984,7 +4991,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, +@@ -5177,7 +5184,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -112591,49 +113200,30 @@ index b603002..0de5c88 100644 int ret; /* -diff --git a/net/ipv6/addrconf_core.c b/net/ipv6/addrconf_core.c -index 98cc4cd..0768c4e 100644 ---- a/net/ipv6/addrconf_core.c -+++ b/net/ipv6/addrconf_core.c -@@ -133,6 +133,14 @@ static void snmp6_free_dev(struct inet6_dev *idev) - free_percpu(idev->stats.ipv6); - } - -+static void in6_dev_finish_destroy_rcu(struct rcu_head *head) -+{ -+ struct inet6_dev *idev = container_of(head, struct inet6_dev, rcu); -+ -+ snmp6_free_dev(idev); -+ kfree(idev); -+} -+ - /* Nobody refers to this device, we may destroy it. */ +@@ -5242,7 +5249,7 @@ static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write, + int err; + struct in6_addr addr; + char str[IPV6_MAX_STRLEN]; +- struct ctl_table lctl = *ctl; ++ ctl_table_no_const lctl = *ctl; + struct net *net = ctl->extra2; + struct ipv6_stable_secret *secret = ctl->data; - void in6_dev_finish_destroy(struct inet6_dev *idev) -@@ -151,7 +159,6 @@ void in6_dev_finish_destroy(struct inet6_dev *idev) - pr_warn("Freeing alive inet6 device %p\n", idev); - return; - } -- snmp6_free_dev(idev); -- kfree_rcu(idev, rcu); -+ call_rcu(&idev->rcu, in6_dev_finish_destroy_rcu); - } - EXPORT_SYMBOL(in6_dev_finish_destroy); diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c -index e8c4400..a4cd5da 100644 +index eef63b3..d68f5da 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c -@@ -766,7 +766,7 @@ static int __net_init inet6_net_init(struct net *net) - net->ipv6.sysctl.icmpv6_time = 1*HZ; - net->ipv6.sysctl.flowlabel_consistency = 1; +@@ -768,7 +768,7 @@ static int __net_init inet6_net_init(struct net *net) net->ipv6.sysctl.auto_flowlabels = 0; + net->ipv6.sysctl.idgen_retries = 3; + net->ipv6.sysctl.idgen_delay = 1 * HZ; - atomic_set(&net->ipv6.fib6_sernum, 1); + atomic_set_unchecked(&net->ipv6.fib6_sernum, 1); err = ipv6_init_mibs(net); if (err) diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c -index d174b91..34801a1 100644 +index 62d908e..bac79a9 100644 --- a/net/ipv6/datagram.c +++ b/net/ipv6/datagram.c @@ -967,5 +967,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp, @@ -112644,10 +113234,10 @@ index d174b91..34801a1 100644 + atomic_read_unchecked(&sp->sk_drops)); } diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c -index a5e9519..16b7412 100644 +index 2c2b5d5..cc01abd 100644 --- a/net/ipv6/icmp.c +++ b/net/ipv6/icmp.c -@@ -1005,7 +1005,7 @@ static struct ctl_table ipv6_icmp_table_template[] = { +@@ -1004,7 +1004,7 @@ static struct ctl_table ipv6_icmp_table_template[] = { struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net) { @@ -112657,7 +113247,7 @@ index a5e9519..16b7412 100644 table = kmemdup(ipv6_icmp_table_template, sizeof(ipv6_icmp_table_template), diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c -index 263ef41..88c7be8 100644 +index bde57b1..5b45dbb 100644 --- a/net/ipv6/ip6_fib.c +++ b/net/ipv6/ip6_fib.c @@ -99,9 +99,9 @@ static int fib6_new_sernum(struct net *net) @@ -112673,7 +113263,7 @@ index 263ef41..88c7be8 100644 return new; } diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index bc28b7d..a08feea 100644 +index a38d3ac..d02e37d 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -71,8 +71,8 @@ struct ip6gre_net { @@ -112687,7 +113277,7 @@ index bc28b7d..a08feea 100644 static int ip6gre_tunnel_init(struct net_device *dev); static void ip6gre_tunnel_setup(struct net_device *dev); static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t); -@@ -1289,7 +1289,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) +@@ -1280,7 +1280,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) } @@ -112696,7 +113286,7 @@ index bc28b7d..a08feea 100644 .handler = ip6gre_rcv, .err_handler = ip6gre_err, .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, -@@ -1650,7 +1650,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { +@@ -1639,7 +1639,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { [IFLA_GRE_FLAGS] = { .type = NLA_U32 }, }; @@ -112705,7 +113295,7 @@ index bc28b7d..a08feea 100644 .kind = "ip6gre", .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, -@@ -1665,7 +1665,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { +@@ -1654,7 +1654,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { .get_link_net = ip6_tnl_get_link_net, }; @@ -112715,10 +113305,10 @@ index bc28b7d..a08feea 100644 .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c -index ddd94ec..b7cfefb 100644 +index 5cafd92..d5aead4 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c -@@ -86,7 +86,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) +@@ -80,7 +80,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) static int ip6_tnl_dev_init(struct net_device *dev); static void ip6_tnl_dev_setup(struct net_device *dev); @@ -112727,7 +113317,7 @@ index ddd94ec..b7cfefb 100644 static int ip6_tnl_net_id __read_mostly; struct ip6_tnl_net { -@@ -1780,7 +1780,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { +@@ -1776,7 +1776,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, }; @@ -112737,7 +113327,7 @@ index ddd94ec..b7cfefb 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ip6_tnl_policy, diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c -index 5fb9e21..92bf04b 100644 +index 0224c03..c5ec3d9 100644 --- a/net/ipv6/ip6_vti.c +++ b/net/ipv6/ip6_vti.c @@ -62,7 +62,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) @@ -112749,7 +113339,7 @@ index 5fb9e21..92bf04b 100644 static int vti6_net_id __read_mostly; struct vti6_net { -@@ -1004,7 +1004,7 @@ static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = { +@@ -1019,7 +1019,7 @@ static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = { [IFLA_VTI_OKEY] = { .type = NLA_U32 }, }; @@ -112759,10 +113349,10 @@ index 5fb9e21..92bf04b 100644 .maxtype = IFLA_VTI_MAX, .policy = vti6_policy, diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c -index 8d766d9..dcdfea7 100644 +index 63e6956..ebbbcf6 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c -@@ -989,7 +989,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, +@@ -1015,7 +1015,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, if (sk->sk_type != SOCK_STREAM) return -ENOPROTOOPT; @@ -112772,10 +113362,10 @@ index 8d766d9..dcdfea7 100644 msg.msg_flags = flags; diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c -index bb00c6f..16c90d7 100644 +index 62f5b0d..331fdb1 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1083,14 +1083,14 @@ static int compat_table_info(const struct xt_table_info *info, +@@ -1085,14 +1085,14 @@ static int compat_table_info(const struct xt_table_info *info, #endif static int get_info(struct net *net, void __user *user, @@ -112793,7 +113383,7 @@ index bb00c6f..16c90d7 100644 sizeof(struct ip6t_getinfo)); return -EINVAL; } -@@ -1127,7 +1127,7 @@ static int get_info(struct net *net, void __user *user, +@@ -1129,7 +1129,7 @@ static int get_info(struct net *net, void __user *user, info.size = private->size; strcpy(info.name, name); @@ -112802,7 +113392,7 @@ index bb00c6f..16c90d7 100644 ret = -EFAULT; else ret = 0; -@@ -1983,7 +1983,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1991,7 +1991,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -112811,7 +113401,7 @@ index bb00c6f..16c90d7 100644 break; case IP6T_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2030,7 +2030,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2038,7 +2038,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -112863,10 +113453,10 @@ index 6f187c8..34b367f 100644 return -ENOMEM; } diff --git a/net/ipv6/ping.c b/net/ipv6/ping.c -index a2dfff6..1e52e6d 100644 +index 263a516..692f738 100644 --- a/net/ipv6/ping.c +++ b/net/ipv6/ping.c -@@ -241,6 +241,24 @@ static struct pernet_operations ping_v6_net_ops = { +@@ -240,6 +240,24 @@ static struct pernet_operations ping_v6_net_ops = { }; #endif @@ -112891,7 +113481,7 @@ index a2dfff6..1e52e6d 100644 int __init pingv6_init(void) { #ifdef CONFIG_PROC_FS -@@ -248,13 +266,7 @@ int __init pingv6_init(void) +@@ -247,13 +265,7 @@ int __init pingv6_init(void) if (ret) return ret; #endif @@ -112906,7 +113496,7 @@ index a2dfff6..1e52e6d 100644 return inet6_register_protosw(&pingv6_protosw); } -@@ -263,14 +275,9 @@ int __init pingv6_init(void) +@@ -262,14 +274,9 @@ int __init pingv6_init(void) */ void pingv6_exit(void) { @@ -112936,7 +113526,7 @@ index 679253d0..70b653c 100644 goto proc_dev_snmp6_fail; return 0; diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c -index dae7f1a..783b20d 100644 +index 8072bd4..1629245 100644 --- a/net/ipv6/raw.c +++ b/net/ipv6/raw.c @@ -388,7 +388,7 @@ static inline int rawv6_rcv_skb(struct sock *sk, struct sk_buff *skb) @@ -112966,7 +113556,7 @@ index dae7f1a..783b20d 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -609,7 +609,7 @@ out: +@@ -608,7 +608,7 @@ out: return err; } @@ -112975,7 +113565,7 @@ index dae7f1a..783b20d 100644 struct flowi6 *fl6, struct dst_entry **dstp, unsigned int flags) { -@@ -915,12 +915,15 @@ do_confirm: +@@ -913,12 +913,15 @@ do_confirm: static int rawv6_seticmpfilter(struct sock *sk, int level, int optname, char __user *optval, int optlen) { @@ -112992,7 +113582,7 @@ index dae7f1a..783b20d 100644 return 0; default: return -ENOPROTOOPT; -@@ -933,6 +936,7 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, +@@ -931,6 +934,7 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { int len; @@ -113000,7 +113590,7 @@ index dae7f1a..783b20d 100644 switch (optname) { case ICMPV6_FILTER: -@@ -944,7 +948,8 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, +@@ -942,7 +946,8 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, len = sizeof(struct icmp6_filter); if (put_user(len, optlen)) return -EFAULT; @@ -113011,7 +113601,7 @@ index dae7f1a..783b20d 100644 return 0; default: diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c -index d7d70e6..bd5e9fc 100644 +index 8ffa2c8..5968612 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c @@ -626,12 +626,11 @@ static struct ctl_table ip6_frags_ctl_table[] = { @@ -113026,7 +113616,7 @@ index d7d70e6..bd5e9fc 100644 if (!net_eq(net, &init_net)) { - table = kmemdup(table, sizeof(ip6_frags_ns_ctl_table), GFP_KERNEL); + table = kmemdup(ip6_frags_ns_ctl_table, sizeof(ip6_frags_ns_ctl_table), GFP_KERNEL); - if (table == NULL) + if (!table) goto err_alloc; @@ -645,9 +644,10 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net) @@ -113039,7 +113629,7 @@ index d7d70e6..bd5e9fc 100644 + hdr = register_net_sysctl(net, "net/ipv6", ip6_frags_ns_ctl_table); - hdr = register_net_sysctl(net, "net/ipv6", table); - if (hdr == NULL) + if (!hdr) goto err_reg; @@ -655,8 +655,7 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net) @@ -113053,10 +113643,10 @@ index d7d70e6..bd5e9fc 100644 return -ENOMEM; } diff --git a/net/ipv6/route.c b/net/ipv6/route.c -index 4688bd4..584453d 100644 +index c73ae50..aa55e00 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c -@@ -3029,7 +3029,7 @@ struct ctl_table ipv6_route_table_template[] = { +@@ -3046,7 +3046,7 @@ struct ctl_table ipv6_route_table_template[] = { struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) { @@ -113066,7 +113656,7 @@ index 4688bd4..584453d 100644 table = kmemdup(ipv6_route_table_template, sizeof(ipv6_route_table_template), diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c -index e4cbd57..02b1aaa 100644 +index ac35a28..070cc8c 100644 --- a/net/ipv6/sit.c +++ b/net/ipv6/sit.c @@ -74,7 +74,7 @@ static void ipip6_tunnel_setup(struct net_device *dev); @@ -113078,7 +113668,7 @@ index e4cbd57..02b1aaa 100644 static int sit_net_id __read_mostly; struct sit_net { -@@ -1751,7 +1751,7 @@ static void ipip6_dellink(struct net_device *dev, struct list_head *head) +@@ -1749,7 +1749,7 @@ static void ipip6_dellink(struct net_device *dev, struct list_head *head) unregister_netdevice_queue(dev, head); } @@ -113088,10 +113678,10 @@ index e4cbd57..02b1aaa 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ipip6_policy, diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c -index c5c10fa..2577d51 100644 +index abcc79f..3b2d2d5 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c -@@ -78,7 +78,7 @@ static struct ctl_table ipv6_rotable[] = { +@@ -92,7 +92,7 @@ static struct ctl_table ipv6_rotable[] = { static int __net_init ipv6_sysctl_net_init(struct net *net) { @@ -113101,7 +113691,7 @@ index c5c10fa..2577d51 100644 struct ctl_table *ipv6_icmp_table; int err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c -index 5ca3bc8..8c53c81 100644 +index 3adffb3..a67e4d1 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) @@ -113112,10 +113702,10 @@ index 5ca3bc8..8c53c81 100644 +extern int grsec_enable_blackhole; +#endif + - static void tcp_v6_hash(struct sock *sk) + static __u32 tcp_v6_init_sequence(const struct sk_buff *skb) { - if (sk->sk_state != TCP_CLOSE) { -@@ -1345,6 +1349,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) + return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32, +@@ -1283,6 +1287,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; reset: @@ -113125,7 +113715,7 @@ index 5ca3bc8..8c53c81 100644 tcp_v6_send_reset(sk, skb); discard: if (opt_skb) -@@ -1454,12 +1461,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) +@@ -1392,12 +1399,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest, inet6_iif(skb)); @@ -113148,7 +113738,7 @@ index 5ca3bc8..8c53c81 100644 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); -@@ -1510,6 +1525,10 @@ csum_error: +@@ -1448,6 +1463,10 @@ csum_error: bad_packet: TCP_INC_STATS_BH(net, TCP_MIB_INERRS); } else { @@ -113160,10 +113750,10 @@ index 5ca3bc8..8c53c81 100644 } diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c -index 1c9512a..786b8d6 100644 +index e51fc3e..8f04229 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c -@@ -76,6 +76,10 @@ static unsigned int udp6_ehashfn(struct net *net, +@@ -76,6 +76,10 @@ static u32 udp6_ehashfn(const struct net *net, udp_ipv6_hash_secret + net_hash_mix(net)); } @@ -113174,7 +113764,7 @@ index 1c9512a..786b8d6 100644 int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2) { const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2); -@@ -448,7 +452,7 @@ try_again: +@@ -445,7 +449,7 @@ try_again: if (unlikely(err)) { trace_kfree_skb(skb, udpv6_recvmsg); if (!peeked) { @@ -113183,7 +113773,7 @@ index 1c9512a..786b8d6 100644 if (is_udp4) UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, -@@ -712,7 +716,7 @@ csum_error: +@@ -709,7 +713,7 @@ csum_error: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -113192,8 +113782,8 @@ index 1c9512a..786b8d6 100644 kfree_skb(skb); return -1; } -@@ -753,7 +757,7 @@ static void flush_stack(struct sock **stack, unsigned int count, - if (likely(skb1 == NULL)) +@@ -750,7 +754,7 @@ static void flush_stack(struct sock **stack, unsigned int count, + if (likely(!skb1)) skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { - atomic_inc(&sk->sk_drops); @@ -113201,7 +113791,7 @@ index 1c9512a..786b8d6 100644 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -937,6 +941,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -934,6 +938,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -113212,10 +113802,10 @@ index 1c9512a..786b8d6 100644 kfree_skb(skb); diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c -index 8d2d01b4..313511e 100644 +index f337a90..2a9a9db 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c -@@ -224,11 +224,11 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse) +@@ -222,11 +222,11 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse) } } @@ -113229,7 +113819,7 @@ index 8d2d01b4..313511e 100644 return dst_entries_get_fast(ops) > ops->gc_thresh * 2; } -@@ -341,19 +341,19 @@ static struct ctl_table xfrm6_policy_table[] = { +@@ -338,19 +338,19 @@ static struct ctl_table xfrm6_policy_table[] = { static int __net_init xfrm6_net_init(struct net *net) { @@ -113254,7 +113844,7 @@ index 8d2d01b4..313511e 100644 if (!hdr) goto err_reg; -@@ -361,8 +361,7 @@ static int __net_init xfrm6_net_init(struct net *net) +@@ -358,8 +358,7 @@ static int __net_init xfrm6_net_init(struct net *net) return 0; err_reg: @@ -113365,7 +113955,7 @@ index b9ac598..f88cc56 100644 return; diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c -index 53d9311..cbaf99f 100644 +index 6daa52a..786aa2b 100644 --- a/net/iucv/af_iucv.c +++ b/net/iucv/af_iucv.c @@ -686,10 +686,10 @@ static void __iucv_auto_name(struct iucv_sock *iucv) @@ -113395,7 +113985,7 @@ index 2a6a1fd..6c112b0 100644 }; diff --git a/net/key/af_key.c b/net/key/af_key.c -index f8ac939..1e189bf 100644 +index f0d52d7..9c9af38 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -3049,10 +3049,10 @@ static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, const struc @@ -113412,7 +114002,7 @@ index f8ac939..1e189bf 100644 return res; } diff --git a/net/l2tp/l2tp_eth.c b/net/l2tp/l2tp_eth.c -index 781b3a2..73a7434 100644 +index 4b55287..bd247f7 100644 --- a/net/l2tp/l2tp_eth.c +++ b/net/l2tp/l2tp_eth.c @@ -42,12 +42,12 @@ struct l2tp_eth { @@ -113488,7 +114078,7 @@ index 781b3a2..73a7434 100644 } diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c -index 05dfc8aa..df6cfd7 100644 +index 7964993..2c48a3a 100644 --- a/net/l2tp/l2tp_ip.c +++ b/net/l2tp/l2tp_ip.c @@ -608,7 +608,7 @@ static struct inet_protosw l2tp_ip_protosw = { @@ -113501,10 +114091,10 @@ index 05dfc8aa..df6cfd7 100644 .netns_ok = 1, }; diff --git a/net/l2tp/l2tp_ip6.c b/net/l2tp/l2tp_ip6.c -index 8611f1b..bc60a2d 100644 +index d1ded37..c0d1e49 100644 --- a/net/l2tp/l2tp_ip6.c +++ b/net/l2tp/l2tp_ip6.c -@@ -757,7 +757,7 @@ static struct inet_protosw l2tp_ip6_protosw = { +@@ -755,7 +755,7 @@ static struct inet_protosw l2tp_ip6_protosw = { .ops = &l2tp_ip6_ops, }; @@ -113527,10 +114117,10 @@ index 1a3c7e0..80f8b0c 100644 goto out; diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c -index dd4ff36..3462997 100644 +index ff347a0..6ea4923 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c -@@ -581,7 +581,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, +@@ -582,7 +582,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, ret = ieee80211_vif_use_channel(sdata, chandef, IEEE80211_CHANCTX_EXCLUSIVE); } @@ -113539,7 +114129,7 @@ index dd4ff36..3462997 100644 local->_oper_chandef = *chandef; ieee80211_hw_config(local, 0); } -@@ -3468,7 +3468,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, +@@ -3428,7 +3428,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, else local->probe_req_reg--; @@ -113548,7 +114138,7 @@ index dd4ff36..3462997 100644 break; ieee80211_queue_work(&local->hw, &local->reconfig_filter); -@@ -3603,8 +3603,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, +@@ -3563,8 +3563,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, if (chanctx_conf) { *chandef = sdata->vif.bss_conf.chandef; ret = 0; @@ -113560,10 +114150,10 @@ index dd4ff36..3462997 100644 if (local->use_chanctx) *chandef = local->monitor_chandef; diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h -index 81e8dc5..5b77c58 100644 +index c0a9187..2a13300 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h -@@ -29,6 +29,7 @@ +@@ -30,6 +30,7 @@ #include <net/ieee80211_radiotap.h> #include <net/cfg80211.h> #include <net/mac80211.h> @@ -113571,7 +114161,7 @@ index 81e8dc5..5b77c58 100644 #include "key.h" #include "sta_info.h" #include "debug.h" -@@ -1129,7 +1130,7 @@ struct ieee80211_local { +@@ -1118,7 +1119,7 @@ struct ieee80211_local { /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ spinlock_t queue_stop_reason_lock; @@ -113581,10 +114171,10 @@ index 81e8dc5..5b77c58 100644 /* number of interfaces with corresponding FIF_ flags */ int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss, fif_pspoll, diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c -index 81a2751..c06a026 100644 +index 84cef60..53ec813 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c -@@ -544,7 +544,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -550,7 +550,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) break; } @@ -113593,7 +114183,7 @@ index 81a2751..c06a026 100644 res = drv_start(local); if (res) goto err_del_bss; -@@ -591,7 +591,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -597,7 +597,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) res = drv_add_interface(local, sdata); if (res) goto err_stop; @@ -113602,7 +114192,7 @@ index 81a2751..c06a026 100644 res = ieee80211_add_virtual_monitor(local); if (res) goto err_stop; -@@ -701,7 +701,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -707,7 +707,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) atomic_inc(&local->iff_promiscs); if (coming_up) @@ -113611,7 +114201,7 @@ index 81a2751..c06a026 100644 if (hw_reconf_flags) ieee80211_hw_config(local, hw_reconf_flags); -@@ -739,7 +739,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -745,7 +745,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) err_del_interface: drv_remove_interface(local, sdata); err_stop: @@ -113620,7 +114210,7 @@ index 81a2751..c06a026 100644 drv_stop(local); err_del_bss: sdata->bss = NULL; -@@ -907,7 +907,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -915,7 +915,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, } if (going_down) @@ -113629,16 +114219,16 @@ index 81a2751..c06a026 100644 switch (sdata->vif.type) { case NL80211_IFTYPE_AP_VLAN: -@@ -969,7 +969,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -984,7 +984,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, + atomic_set(&sdata->txqs_len[txqi->txq.ac], 0); } - spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); - if (local->open_count == 0) + if (local_read(&local->open_count) == 0) ieee80211_clear_tx_pending(local); /* -@@ -1012,7 +1012,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -1027,7 +1027,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, if (cancel_scan) flush_delayed_work(&local->scan_work); @@ -113647,7 +114237,7 @@ index 81a2751..c06a026 100644 ieee80211_stop_device(local); /* no reconfiguring after stop! */ -@@ -1023,7 +1023,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -1038,7 +1038,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, ieee80211_configure_filter(local); ieee80211_hw_config(local, hw_reconf_flags); @@ -113657,7 +114247,7 @@ index 81a2751..c06a026 100644 } diff --git a/net/mac80211/main.c b/net/mac80211/main.c -index 5e09d35..e2fdbe2 100644 +index df3051d..359d2f4 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -175,7 +175,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) @@ -113670,7 +114260,7 @@ index 5e09d35..e2fdbe2 100644 /* * Goal: diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c -index ca405b6..6cc8bee 100644 +index ac6ad62..77dbac5 100644 --- a/net/mac80211/pm.c +++ b/net/mac80211/pm.c @@ -12,7 +12,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) @@ -113682,16 +114272,7 @@ index ca405b6..6cc8bee 100644 goto suspend; ieee80211_scan_cancel(local); -@@ -59,7 +59,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) - cancel_work_sync(&local->dynamic_ps_enable_work); - del_timer_sync(&local->dynamic_ps_timer); - -- local->wowlan = wowlan && local->open_count; -+ local->wowlan = wowlan && local_read(&local->open_count); - if (local->wowlan) { - int err = drv_suspend(local, wowlan); - if (err < 0) { -@@ -126,7 +126,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) +@@ -150,7 +150,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) WARN_ON(!list_empty(&local->chanctx_list)); /* stop hardware - this must stop RX */ @@ -113713,11 +114294,24 @@ index d53355b..21f583a 100644 return -EBUSY; if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) { +diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c +index 2880f2a..3085cec 100644 +--- a/net/mac80211/sta_info.c ++++ b/net/mac80211/sta_info.c +@@ -339,7 +339,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata, + int size = sizeof(struct txq_info) + + ALIGN(hw->txq_data_size, sizeof(void *)); + +- txq_data = kcalloc(ARRAY_SIZE(sta->sta.txq), size, gfp); ++ txq_data = kcalloc(size, ARRAY_SIZE(sta->sta.txq), gfp); + if (!txq_data) + goto free; + diff --git a/net/mac80211/util.c b/net/mac80211/util.c -index 747bdcf..eb2b981 100644 +index b864ebc..17326ff 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c -@@ -1741,7 +1741,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -1761,7 +1761,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) bool sched_scan_stopped = false; /* nothing to do if HW shouldn't run */ @@ -113726,7 +114320,7 @@ index 747bdcf..eb2b981 100644 goto wake_up; #ifdef CONFIG_PM -@@ -1993,7 +1993,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -2033,7 +2033,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) local->in_reconfig = false; barrier(); @@ -113735,7 +114329,7 @@ index 747bdcf..eb2b981 100644 ieee80211_add_virtual_monitor(local); /* -@@ -2048,7 +2048,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -2088,7 +2088,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) * If this is for hw restart things are still running. * We may want to change that later, however. */ @@ -113744,7 +114338,7 @@ index 747bdcf..eb2b981 100644 drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_RESTART); if (!local->suspended) -@@ -2072,7 +2072,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -2112,7 +2112,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) flush_delayed_work(&local->scan_work); } @@ -113753,11 +114347,42 @@ index 747bdcf..eb2b981 100644 drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_SUSPEND); list_for_each_entry(sdata, &local->interfaces, list) { +diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c +index 1f93a59..96faa29 100644 +--- a/net/mpls/af_mpls.c ++++ b/net/mpls/af_mpls.c +@@ -456,7 +456,7 @@ static int mpls_dev_sysctl_register(struct net_device *dev, + struct mpls_dev *mdev) + { + char path[sizeof("net/mpls/conf/") + IFNAMSIZ]; +- struct ctl_table *table; ++ ctl_table_no_const *table; + int i; + + table = kmemdup(&mpls_dev_table, sizeof(mpls_dev_table), GFP_KERNEL); +@@ -1025,7 +1025,7 @@ static int mpls_platform_labels(struct ctl_table *table, int write, + struct net *net = table->data; + int platform_labels = net->mpls.platform_labels; + int ret; +- struct ctl_table tmp = { ++ ctl_table_no_const tmp = { + .procname = table->procname, + .data = &platform_labels, + .maxlen = sizeof(int), +@@ -1055,7 +1055,7 @@ static const struct ctl_table mpls_table[] = { + + static int mpls_net_init(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + net->mpls.platform_labels = 0; + net->mpls.platform_label = NULL; diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig -index b02660f..c0f791c 100644 +index a0f3e6a3..b026fe2 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig -@@ -1122,6 +1122,16 @@ config NETFILTER_XT_MATCH_ESP +@@ -1112,6 +1112,16 @@ config NETFILTER_XT_MATCH_ESP To compile it as a module, choose M here. If unsure, say N. @@ -113775,7 +114400,7 @@ index b02660f..c0f791c 100644 tristate '"hashlimit" match support' depends on (IP6_NF_IPTABLES || IP6_NF_IPTABLES=n) diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile -index 89f73a9..e4e5bd9 100644 +index a87d8b8..d43183c 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -139,6 +139,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_DEVGROUP) += xt_devgroup.o @@ -113831,10 +114456,10 @@ index b0f7b62..0541842 100644 if (!todrop_rate[i]) return 0; diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c -index b87ca32..76c7799 100644 +index 5d2b806..9005b29 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c -@@ -568,7 +568,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, +@@ -574,7 +574,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, ret = cp->packet_xmit(skb, cp, pd->pp, iph); /* do not touch skb anymore */ @@ -113843,7 +114468,7 @@ index b87ca32..76c7799 100644 ip_vs_conn_put(cp); return ret; } -@@ -1723,7 +1723,7 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) +@@ -1750,7 +1750,7 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af) if (cp->flags & IP_VS_CONN_F_ONE_PACKET) pkts = sysctl_sync_threshold(ipvs); else @@ -113853,10 +114478,10 @@ index b87ca32..76c7799 100644 if (ipvs->sync_state & IP_VS_STATE_MASTER) ip_vs_sync_conn(net, cp, pkts); diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c -index ed99448..3ba6cad 100644 +index 285eae3..226f4a7 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c -@@ -799,7 +799,7 @@ __ip_vs_update_dest(struct ip_vs_service *svc, struct ip_vs_dest *dest, +@@ -814,7 +814,7 @@ __ip_vs_update_dest(struct ip_vs_service *svc, struct ip_vs_dest *dest, */ ip_vs_rs_hash(ipvs, dest); } @@ -113865,7 +114490,7 @@ index ed99448..3ba6cad 100644 /* bind the service */ old_svc = rcu_dereference_protected(dest->svc, 1); -@@ -1664,7 +1664,7 @@ proc_do_sync_ports(struct ctl_table *table, int write, +@@ -1679,7 +1679,7 @@ proc_do_sync_ports(struct ctl_table *table, int write, * align with netns init in ip_vs_control_net_init() */ @@ -113874,7 +114499,7 @@ index ed99448..3ba6cad 100644 { .procname = "amemthresh", .maxlen = sizeof(int), -@@ -1999,7 +1999,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) +@@ -2020,7 +2020,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) " %-7s %-6d %-10d %-10d\n", &dest->addr.in6, ntohs(dest->port), @@ -113883,7 +114508,7 @@ index ed99448..3ba6cad 100644 atomic_read(&dest->weight), atomic_read(&dest->activeconns), atomic_read(&dest->inactconns)); -@@ -2010,7 +2010,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) +@@ -2031,7 +2031,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) "%-7s %-6d %-10d %-10d\n", ntohl(dest->addr.ip), ntohs(dest->port), @@ -113892,7 +114517,7 @@ index ed99448..3ba6cad 100644 atomic_read(&dest->weight), atomic_read(&dest->activeconns), atomic_read(&dest->inactconns)); -@@ -2499,7 +2499,7 @@ __ip_vs_get_dest_entries(struct net *net, const struct ip_vs_get_dests *get, +@@ -2528,7 +2528,7 @@ __ip_vs_get_dest_entries(struct net *net, const struct ip_vs_get_dests *get, entry.addr = dest->addr.ip; entry.port = dest->port; @@ -113901,7 +114526,7 @@ index ed99448..3ba6cad 100644 entry.weight = atomic_read(&dest->weight); entry.u_threshold = dest->u_threshold; entry.l_threshold = dest->l_threshold; -@@ -3040,7 +3040,7 @@ static int ip_vs_genl_fill_dest(struct sk_buff *skb, struct ip_vs_dest *dest) +@@ -3101,7 +3101,7 @@ static int ip_vs_genl_fill_dest(struct sk_buff *skb, struct ip_vs_dest *dest) if (nla_put(skb, IPVS_DEST_ATTR_ADDR, sizeof(dest->addr), &dest->addr) || nla_put_be16(skb, IPVS_DEST_ATTR_PORT, dest->port) || nla_put_u32(skb, IPVS_DEST_ATTR_FWD_METHOD, @@ -113910,7 +114535,7 @@ index ed99448..3ba6cad 100644 IP_VS_CONN_F_FWD_MASK)) || nla_put_u32(skb, IPVS_DEST_ATTR_WEIGHT, atomic_read(&dest->weight)) || -@@ -3675,7 +3675,7 @@ static int __net_init ip_vs_control_net_init_sysctl(struct net *net) +@@ -3739,7 +3739,7 @@ static int __net_init ip_vs_control_net_init_sysctl(struct net *net) { int idx; struct netns_ipvs *ipvs = net_ipvs(net); @@ -113946,7 +114571,7 @@ index 2229d2d..b32b785 100644 .procname = "lblcr_expiration", .data = NULL, diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c -index d93ceeb..4556144 100644 +index 19b9cce..e4f3112 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c @@ -609,7 +609,7 @@ static void ip_vs_sync_conn_v0(struct net *net, struct ip_vs_conn *cp, @@ -113967,7 +114592,7 @@ index d93ceeb..4556144 100644 else pkts = sysctl_sync_threshold(ipvs); goto sloop; -@@ -902,7 +902,7 @@ static void ip_vs_proc_conn(struct net *net, struct ip_vs_conn_param *param, +@@ -919,7 +919,7 @@ static void ip_vs_proc_conn(struct net *net, struct ip_vs_conn_param *param, if (opt) memcpy(&cp->in_seq, opt, sizeof(*opt)); @@ -113977,10 +114602,10 @@ index d93ceeb..4556144 100644 cp->old_state = cp->state; /* diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c -index 3aedbda..6a63567 100644 +index 19986ec..416dbc5 100644 --- a/net/netfilter/ipvs/ip_vs_xmit.c +++ b/net/netfilter/ipvs/ip_vs_xmit.c -@@ -1214,7 +1214,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn *cp, +@@ -1215,7 +1215,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn *cp, else rc = NF_ACCEPT; /* do not touch skb anymore */ @@ -113989,7 +114614,7 @@ index 3aedbda..6a63567 100644 goto out; } -@@ -1307,7 +1307,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp, +@@ -1308,7 +1308,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp, else rc = NF_ACCEPT; /* do not touch skb anymore */ @@ -113999,10 +114624,10 @@ index 3aedbda..6a63567 100644 } diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c -index a4b5e2a..13b1de3 100644 +index 45da11a..ef3e5dc 100644 --- a/net/netfilter/nf_conntrack_acct.c +++ b/net/netfilter/nf_conntrack_acct.c -@@ -62,7 +62,7 @@ static struct nf_ct_ext_type acct_extend __read_mostly = { +@@ -64,7 +64,7 @@ static struct nf_ct_ext_type acct_extend __read_mostly = { #ifdef CONFIG_SYSCTL static int nf_conntrack_acct_init_sysctl(struct net *net) { @@ -114158,10 +114783,10 @@ index c68c1e5..8b5d670 100644 } EXPORT_SYMBOL(nf_unregister_sockopt); diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c -index 11d85b3..7fcc420 100644 +index 4ef1fae..f72f08b 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c -@@ -83,7 +83,7 @@ static int nfnl_log_net_id __read_mostly; +@@ -84,7 +84,7 @@ static int nfnl_log_net_id __read_mostly; struct nfnl_log_net { spinlock_t instances_lock; struct hlist_head instance_table[INSTANCE_BUCKETS]; @@ -114170,7 +114795,7 @@ index 11d85b3..7fcc420 100644 }; static struct nfnl_log_net *nfnl_log_pernet(struct net *net) -@@ -563,7 +563,7 @@ __build_packet_message(struct nfnl_log_net *log, +@@ -572,7 +572,7 @@ __build_packet_message(struct nfnl_log_net *log, /* global sequence number */ if ((inst->flags & NFULNL_CFG_F_SEQ_GLOBAL) && nla_put_be32(inst->skb, NFULA_SEQ_GLOBAL, @@ -114180,22 +114805,22 @@ index 11d85b3..7fcc420 100644 if (data_len) { diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c -index 65f3e2b..2e9d6a0 100644 +index 7f29cfc..917ef5f 100644 --- a/net/netfilter/nft_compat.c +++ b/net/netfilter/nft_compat.c -@@ -317,14 +317,7 @@ static void nft_match_eval(const struct nft_expr *expr, +@@ -321,14 +321,7 @@ static void nft_match_eval(const struct nft_expr *expr, return; } -- switch(ret) { -- case true: -- data[NFT_REG_VERDICT].verdict = NFT_CONTINUE; +- switch (ret ? 1 : 0) { +- case 1: +- regs->verdict.code = NFT_CONTINUE; - break; -- case false: -- data[NFT_REG_VERDICT].verdict = NFT_BREAK; +- case 0: +- regs->verdict.code = NFT_BREAK; - break; - } -+ data[NFT_REG_VERDICT].verdict = ret ? NFT_CONTINUE : NFT_BREAK; ++ regs->verdict.code = ret ? NFT_CONTINUE : NFT_BREAK; } static const struct nla_policy nft_match_policy[NFTA_MATCH_MAX + 1] = { @@ -114322,10 +114947,10 @@ index 11de55e..f25e448 100644 return 0; } diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c -index 0e9c28d..d99773f 100644 +index bf6e766..be67817 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c -@@ -260,7 +260,7 @@ static void netlink_overrun(struct sock *sk) +@@ -262,7 +262,7 @@ static void netlink_overrun(struct sock *sk) sk->sk_error_report(sk); } } @@ -114334,7 +114959,7 @@ index 0e9c28d..d99773f 100644 } static void netlink_rcv_wake(struct sock *sk) -@@ -3005,7 +3005,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) +@@ -3014,7 +3014,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) sk_wmem_alloc_get(s), nlk->cb_running, atomic_read(&s->sk_refcnt), @@ -114419,10 +115044,10 @@ index bc85331..0d3dce0 100644 /** * struct vport_portids - array of netlink portids of a vport. diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index bfe5c69..24c3a37 100644 +index fe1610d..ec1c87f 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c -@@ -269,7 +269,7 @@ static int packet_direct_xmit(struct sk_buff *skb) +@@ -275,7 +275,7 @@ static int packet_direct_xmit(struct sk_buff *skb) return ret; drop: @@ -114431,16 +115056,7 @@ index bfe5c69..24c3a37 100644 kfree_skb(skb); return NET_XMIT_DROP; } -@@ -1833,7 +1833,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, - - spin_lock(&sk->sk_receive_queue.lock); - po->stats.stats1.tp_packets++; -- skb->dropcount = atomic_read(&sk->sk_drops); -+ skb->dropcount = atomic_read_unchecked(&sk->sk_drops); - __skb_queue_tail(&sk->sk_receive_queue, skb); - spin_unlock(&sk->sk_receive_queue.lock); - sk->sk_data_ready(sk); -@@ -1842,7 +1842,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1848,7 +1848,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, drop_n_acct: spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_drops++; @@ -114449,7 +115065,7 @@ index bfe5c69..24c3a37 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -3485,7 +3485,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3514,7 +3514,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -114458,7 +115074,7 @@ index bfe5c69..24c3a37 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3531,7 +3531,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3560,7 +3560,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, len = lv; if (put_user(len, optlen)) return -EFAULT; @@ -114468,7 +115084,7 @@ index bfe5c69..24c3a37 100644 return 0; } diff --git a/net/phonet/pep.c b/net/phonet/pep.c -index 5d3f2b7..8a4dbb7 100644 +index 6de2aeb..1f8afe8 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -388,7 +388,7 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) @@ -114499,7 +115115,7 @@ index 5d3f2b7..8a4dbb7 100644 break; } diff --git a/net/phonet/socket.c b/net/phonet/socket.c -index 008214a..bb68240 100644 +index d575ef4..1dedc31 100644 --- a/net/phonet/socket.c +++ b/net/phonet/socket.c @@ -611,7 +611,7 @@ static int pn_sock_seq_show(struct seq_file *seq, void *v) @@ -114555,18 +115171,6 @@ index e6144b8..4f9fda6 100644 if (likely(*recent == gen)) return 0; -diff --git a/net/rds/connection.c b/net/rds/connection.c -index 378c3a6..ba4382c 100644 ---- a/net/rds/connection.c -+++ b/net/rds/connection.c -@@ -193,6 +193,7 @@ static struct rds_connection *__rds_conn_create(__be32 laddr, __be32 faddr, - } - - atomic_set(&conn->c_state, RDS_CONN_DOWN); -+ conn->c_send_gen = 0; - conn->c_reconnect_jiffies = 0; - INIT_DELAYED_WORK(&conn->c_send_w, rds_send_worker); - INIT_DELAYED_WORK(&conn->c_recv_w, rds_recv_worker); diff --git a/net/rds/ib.h b/net/rds/ib.h index c36d713..af45bf2 100644 --- a/net/rds/ib.h @@ -114581,10 +115185,10 @@ index c36d713..af45bf2 100644 spinlock_t i_ack_lock; /* protect i_ack_next */ u64 i_ack_next; /* next ACK to send */ diff --git a/net/rds/ib_cm.c b/net/rds/ib_cm.c -index 31b74f5..dc1fbfa 100644 +index 8a09ee7..45e2b64 100644 --- a/net/rds/ib_cm.c +++ b/net/rds/ib_cm.c -@@ -717,7 +717,7 @@ void rds_ib_conn_shutdown(struct rds_connection *conn) +@@ -726,7 +726,7 @@ void rds_ib_conn_shutdown(struct rds_connection *conn) /* Clear the ACK state */ clear_bit(IB_ACK_IN_FLIGHT, &ic->i_ack_flags); #ifdef KERNEL_HAS_ATOMIC64 @@ -114664,18 +115268,10 @@ index a66d179..cf1e258 100644 #endif diff --git a/net/rds/rds.h b/net/rds/rds.h -index c2a5eef..87a7460 100644 +index 0d41155..80cc278 100644 --- a/net/rds/rds.h +++ b/net/rds/rds.h -@@ -110,6 +110,7 @@ struct rds_connection { - void *c_transport_data; - - atomic_t c_state; -+ unsigned long c_send_gen; - unsigned long c_flags; - unsigned long c_reconnect_jiffies; - struct delayed_work c_send_w; -@@ -448,7 +449,7 @@ struct rds_transport { +@@ -449,7 +449,7 @@ struct rds_transport { void (*sync_mr)(void *trans_private, int direction); void (*free_mr)(void *trans_private, int invalidate); void (*flush_mrs)(void); @@ -114684,85 +115280,6 @@ index c2a5eef..87a7460 100644 struct rds_sock { struct sock rs_sk; -diff --git a/net/rds/send.c b/net/rds/send.c -index 42f65d4..49f77ef 100644 ---- a/net/rds/send.c -+++ b/net/rds/send.c -@@ -140,8 +140,11 @@ int rds_send_xmit(struct rds_connection *conn) - struct scatterlist *sg; - int ret = 0; - LIST_HEAD(to_be_dropped); -+ int batch_count; -+ unsigned long send_gen = 0; - - restart: -+ batch_count = 0; - - /* - * sendmsg calls here after having queued its message on the send -@@ -157,6 +160,17 @@ restart: - } - - /* -+ * we record the send generation after doing the xmit acquire. -+ * if someone else manages to jump in and do some work, we'll use -+ * this to avoid a goto restart farther down. -+ * -+ * The acquire_in_xmit() check above ensures that only one -+ * caller can increment c_send_gen at any time. -+ */ -+ conn->c_send_gen++; -+ send_gen = conn->c_send_gen; -+ -+ /* - * rds_conn_shutdown() sets the conn state and then tests RDS_IN_XMIT, - * we do the opposite to avoid races. - */ -@@ -202,6 +216,16 @@ restart: - if (!rm) { - unsigned int len; - -+ batch_count++; -+ -+ /* we want to process as big a batch as we can, but -+ * we also want to avoid softlockups. If we've been -+ * through a lot of messages, lets back off and see -+ * if anyone else jumps in -+ */ -+ if (batch_count >= 1024) -+ goto over_batch; -+ - spin_lock_irqsave(&conn->c_lock, flags); - - if (!list_empty(&conn->c_send_queue)) { -@@ -357,9 +381,9 @@ restart: - } - } - -+over_batch: - if (conn->c_trans->xmit_complete) - conn->c_trans->xmit_complete(conn); -- - release_in_xmit(conn); - - /* Nuke any messages we decided not to retransmit. */ -@@ -380,10 +404,15 @@ restart: - * If the transport cannot continue (i.e ret != 0), then it must - * call us when more room is available, such as from the tx - * completion handler. -+ * -+ * We have an extra generation check here so that if someone manages -+ * to jump in after our release_in_xmit, we'll see that they have done -+ * some work and we will skip our goto - */ - if (ret == 0) { - smp_mb(); -- if (!list_empty(&conn->c_send_queue)) { -+ if (!list_empty(&conn->c_send_queue) && -+ send_gen == conn->c_send_gen) { - rds_stats_inc(s_send_lock_queue_raced); - goto restart; - } diff --git a/net/rds/tcp.c b/net/rds/tcp.c index edac9ef..16bcb98 100644 --- a/net/rds/tcp.c @@ -114790,7 +115307,7 @@ index 53b17ca..45463e7 100644 set_fs(oldfs); } diff --git a/net/rxrpc/af_rxrpc.c b/net/rxrpc/af_rxrpc.c -index 7b16704..9628ec6 100644 +index 0095b9a..e95c49b 100644 --- a/net/rxrpc/af_rxrpc.c +++ b/net/rxrpc/af_rxrpc.c @@ -40,7 +40,7 @@ static const struct proto_ops rxrpc_rpc_ops; @@ -114909,7 +115426,7 @@ index e7ed43a..6afa140 100644 ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 2, len); diff --git a/net/rxrpc/ar-input.c b/net/rxrpc/ar-input.c -index 481f89f..ceeaf8d 100644 +index 4505a69..fe73096 100644 --- a/net/rxrpc/ar-input.c +++ b/net/rxrpc/ar-input.c @@ -331,9 +331,9 @@ void rxrpc_fast_process_packet(struct rxrpc_call *call, struct sk_buff *skb) @@ -114925,10 +115442,10 @@ index 481f89f..ceeaf8d 100644 /* request ACK generation for any ACK or DATA packet that requests diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h -index ba9fd36..9bbfe01 100644 +index aef1bd2..97736c3 100644 --- a/net/rxrpc/ar-internal.h +++ b/net/rxrpc/ar-internal.h -@@ -272,8 +272,8 @@ struct rxrpc_connection { +@@ -274,8 +274,8 @@ struct rxrpc_connection { int error; /* error code for local abort */ int debug_id; /* debug ID for printks */ unsigned int call_counter; /* call ID counter */ @@ -114939,7 +115456,7 @@ index ba9fd36..9bbfe01 100644 u8 avail_calls; /* number of calls available */ u8 size_align; /* data size alignment (for security) */ u8 header_size; /* rxrpc + security header size */ -@@ -346,7 +346,7 @@ struct rxrpc_call { +@@ -348,7 +348,7 @@ struct rxrpc_call { spinlock_t lock; rwlock_t state_lock; /* lock for state transition */ atomic_t usage; @@ -114948,7 +115465,7 @@ index ba9fd36..9bbfe01 100644 u32 abort_code; /* local/remote abort code */ enum { /* current state of call */ RXRPC_CALL_CLIENT_SEND_REQUEST, /* - client sending request phase */ -@@ -431,7 +431,7 @@ static inline void rxrpc_abort_call(struct rxrpc_call *call, u32 abort_code) +@@ -433,7 +433,7 @@ static inline void rxrpc_abort_call(struct rxrpc_call *call, u32 abort_code) */ extern atomic_t rxrpc_n_skbs; extern __be32 rxrpc_epoch; @@ -114958,10 +115475,10 @@ index ba9fd36..9bbfe01 100644 /* diff --git a/net/rxrpc/ar-local.c b/net/rxrpc/ar-local.c -index 87f7135..74d3703 100644 +index ca904ed..16082d5 100644 --- a/net/rxrpc/ar-local.c +++ b/net/rxrpc/ar-local.c -@@ -45,7 +45,7 @@ struct rxrpc_local *rxrpc_alloc_local(struct sockaddr_rxrpc *srx) +@@ -53,7 +53,7 @@ struct rxrpc_local *rxrpc_alloc_local(struct sockaddr_rxrpc *srx) spin_lock_init(&local->lock); rwlock_init(&local->services_lock); atomic_set(&local->usage, 1); @@ -114971,10 +115488,10 @@ index 87f7135..74d3703 100644 } diff --git a/net/rxrpc/ar-output.c b/net/rxrpc/ar-output.c -index 8331c95..401bf22 100644 +index c004280..ab1ed5a 100644 --- a/net/rxrpc/ar-output.c +++ b/net/rxrpc/ar-output.c -@@ -655,14 +655,14 @@ static int rxrpc_send_data(struct kiocb *iocb, +@@ -648,14 +648,14 @@ static int rxrpc_send_data(struct rxrpc_sock *rx, memset(skb_put(skb, pad), 0, pad); } @@ -115054,6 +115571,101 @@ index f226709..0e735a8 100644 _proto("Tx RESPONSE %%%u", ntohl(hdr->serial)); ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); +diff --git a/net/sched/act_bpf.c b/net/sched/act_bpf.c +index dc6a2d3..3b4fb96 100644 +--- a/net/sched/act_bpf.c ++++ b/net/sched/act_bpf.c +@@ -332,6 +332,9 @@ static void tcf_bpf_cleanup(struct tc_action *act, int bind) + bpf_prog_put(prog->filter); + else + bpf_prog_destroy(prog->filter); ++ ++ kfree(prog->bpf_ops); ++ kfree(prog->bpf_name); + } + + static struct tc_action_ops act_bpf_ops __read_mostly = { +diff --git a/net/sched/cls_bpf.c b/net/sched/cls_bpf.c +index 91bd9c1..c0b86f2 100644 +--- a/net/sched/cls_bpf.c ++++ b/net/sched/cls_bpf.c +@@ -364,7 +364,7 @@ static int cls_bpf_change(struct net *net, struct sk_buff *in_skb, + goto errout; + + if (oldprog) { +- list_replace_rcu(&prog->link, &oldprog->link); ++ list_replace_rcu(&oldprog->link, &prog->link); + tcf_unbind_filter(tp, &oldprog->res); + call_rcu(&oldprog->rcu, __cls_bpf_delete_prog); + } else { +diff --git a/net/sched/cls_flow.c b/net/sched/cls_flow.c +index a620c4e..75df923 100644 +--- a/net/sched/cls_flow.c ++++ b/net/sched/cls_flow.c +@@ -419,6 +419,8 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, + if (!fnew) + goto err2; + ++ tcf_exts_init(&fnew->exts, TCA_FLOW_ACT, TCA_FLOW_POLICE); ++ + fold = (struct flow_filter *)*arg; + if (fold) { + err = -EINVAL; +@@ -480,7 +482,6 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, + fnew->mask = ~0U; + fnew->tp = tp; + get_random_bytes(&fnew->hashrnd, 4); +- tcf_exts_init(&fnew->exts, TCA_FLOW_ACT, TCA_FLOW_POLICE); + } + + fnew->perturb_timer.function = flow_perturbation; +@@ -520,7 +521,7 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, + if (*arg == 0) + list_add_tail_rcu(&fnew->list, &head->filters); + else +- list_replace_rcu(&fnew->list, &fold->list); ++ list_replace_rcu(&fold->list, &fnew->list); + + *arg = (unsigned long)fnew; + +diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c +index c244c45b..4169e55 100644 +--- a/net/sched/sch_fq_codel.c ++++ b/net/sched/sch_fq_codel.c +@@ -162,14 +162,23 @@ static unsigned int fq_codel_drop(struct Qdisc *sch) + skb = dequeue_head(flow); + len = qdisc_pkt_len(skb); + q->backlogs[idx] -= len; +- kfree_skb(skb); + sch->q.qlen--; + qdisc_qstats_drop(sch); + qdisc_qstats_backlog_dec(sch, skb); ++ kfree_skb(skb); + flow->dropped++; + return idx; + } + ++static unsigned int fq_codel_qdisc_drop(struct Qdisc *sch) ++{ ++ unsigned int prev_backlog; ++ ++ prev_backlog = sch->qstats.backlog; ++ fq_codel_drop(sch); ++ return prev_backlog - sch->qstats.backlog; ++} ++ + static int fq_codel_enqueue(struct sk_buff *skb, struct Qdisc *sch) + { + struct fq_codel_sched_data *q = qdisc_priv(sch); +@@ -598,7 +607,7 @@ static struct Qdisc_ops fq_codel_qdisc_ops __read_mostly = { + .enqueue = fq_codel_enqueue, + .dequeue = fq_codel_dequeue, + .peek = qdisc_peek_dequeued, +- .drop = fq_codel_drop, ++ .drop = fq_codel_qdisc_drop, + .init = fq_codel_init, + .reset = fq_codel_reset, + .destroy = fq_codel_destroy, diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c index 6efca30..1259f82 100644 --- a/net/sched/sch_generic.c @@ -115076,6 +115688,22 @@ index 6efca30..1259f82 100644 linkwatch_fire_event(dev); } } +diff --git a/net/sched/sch_sfq.c b/net/sched/sch_sfq.c +index b877140..0f65ba4 100644 +--- a/net/sched/sch_sfq.c ++++ b/net/sched/sch_sfq.c +@@ -329,10 +329,10 @@ drop: + len = qdisc_pkt_len(skb); + slot->backlog -= len; + sfq_dec(q, x); +- kfree_skb(skb); + sch->q.qlen--; + qdisc_qstats_drop(sch); + qdisc_qstats_backlog_dec(sch, skb); ++ kfree_skb(skb); + return len; + } + diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 0e4198e..f94193e 100644 --- a/net/sctp/ipv6.c @@ -115108,7 +115736,7 @@ index 0e4198e..f94193e 100644 /* Initialize IPv6 support and register with socket layer. */ diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c -index 8f34b27..b105385 100644 +index 53b7acd..e7a0919 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -836,8 +836,10 @@ int sctp_register_af(struct sctp_af *af) @@ -115164,10 +115792,10 @@ index fef2acd..c705c4f 100644 sctp_generate_t1_cookie_event, sctp_generate_t1_init_event, diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 4e56571..f5cf113 100644 +index 5f6c4e6..07880fe 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c -@@ -2207,11 +2207,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, +@@ -2200,11 +2200,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, { struct sctp_association *asoc; struct sctp_ulpevent *event; @@ -115182,7 +115810,7 @@ index 4e56571..f5cf113 100644 if (sctp_sk(sk)->subscribe.sctp_data_io_event) pr_warn_ratelimited(DEPRECATED "%s (pid %d) " -@@ -4392,13 +4394,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, +@@ -4385,13 +4387,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -115200,7 +115828,7 @@ index 4e56571..f5cf113 100644 return -EFAULT; return 0; } -@@ -4416,6 +4421,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, +@@ -4409,6 +4414,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, */ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -115209,7 +115837,7 @@ index 4e56571..f5cf113 100644 /* Applicable to UDP-style socket only */ if (sctp_style(sk, TCP)) return -EOPNOTSUPP; -@@ -4424,7 +4431,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv +@@ -4417,7 +4424,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv len = sizeof(int); if (put_user(len, optlen)) return -EFAULT; @@ -115219,7 +115847,7 @@ index 4e56571..f5cf113 100644 return -EFAULT; return 0; } -@@ -4798,12 +4806,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, +@@ -4791,12 +4799,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, */ static int sctp_getsockopt_initmsg(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -115236,7 +115864,7 @@ index 4e56571..f5cf113 100644 return -EFAULT; return 0; } -@@ -4844,6 +4855,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, +@@ -4837,6 +4848,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, ->addr_to_user(sp, &temp); if (space_left < addrlen) return -ENOMEM; @@ -115246,10 +115874,10 @@ index 4e56571..f5cf113 100644 return -EFAULT; to += addrlen; diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c -index 2e9ada1..40f425d 100644 +index 26d50c5..dfae665 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c -@@ -321,7 +321,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, +@@ -317,7 +317,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -115258,7 +115886,7 @@ index 2e9ada1..40f425d 100644 bool changed = false; char *none = "none"; char tmp[8]; -@@ -369,7 +369,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, +@@ -365,7 +365,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, struct net *net = current->nsproxy->net_ns; unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; @@ -115267,7 +115895,7 @@ index 2e9ada1..40f425d 100644 int ret, new_value; memset(&tbl, 0, sizeof(struct ctl_table)); -@@ -398,7 +398,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +@@ -394,7 +394,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, struct net *net = current->nsproxy->net_ns; unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; @@ -115276,7 +115904,7 @@ index 2e9ada1..40f425d 100644 int ret, new_value; memset(&tbl, 0, sizeof(struct ctl_table)); -@@ -436,7 +436,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, +@@ -432,7 +432,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, loff_t *ppos) { struct net *net = current->nsproxy->net_ns; @@ -115285,7 +115913,7 @@ index 2e9ada1..40f425d 100644 int new_value, ret; memset(&tbl, 0, sizeof(struct ctl_table)); -@@ -463,7 +463,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, +@@ -459,7 +459,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, int sctp_sysctl_net_register(struct net *net) { @@ -115295,7 +115923,7 @@ index 2e9ada1..40f425d 100644 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); diff --git a/net/socket.c b/net/socket.c -index 245330c..919e2a7 100644 +index 884e329..def6df6 100644 --- a/net/socket.c +++ b/net/socket.c @@ -89,6 +89,7 @@ @@ -115314,7 +115942,7 @@ index 245330c..919e2a7 100644 #ifdef CONFIG_NET_RX_BUSY_POLL unsigned int sysctl_net_busy_read __read_mostly; -@@ -162,7 +164,7 @@ static const struct file_operations socket_file_ops = { +@@ -160,7 +162,7 @@ static const struct file_operations socket_file_ops = { */ static DEFINE_SPINLOCK(net_family_lock); @@ -115323,7 +115951,7 @@ index 245330c..919e2a7 100644 /* * Statistics counters of the socket lists -@@ -328,7 +330,7 @@ static struct dentry *sockfs_mount(struct file_system_type *fs_type, +@@ -326,7 +328,7 @@ static struct dentry *sockfs_mount(struct file_system_type *fs_type, &sockfs_dentry_operations, SOCKFS_MAGIC); } @@ -115332,7 +115960,7 @@ index 245330c..919e2a7 100644 static struct file_system_type sock_fs_type = { .name = "sockfs", -@@ -1172,6 +1174,8 @@ int __sock_create(struct net *net, int family, int type, int protocol, +@@ -1108,6 +1110,8 @@ int __sock_create(struct net *net, int family, int type, int protocol, return -EAFNOSUPPORT; if (type < 0 || type >= SOCK_MAX) return -EINVAL; @@ -115341,7 +115969,7 @@ index 245330c..919e2a7 100644 /* Compatibility. -@@ -1192,6 +1196,20 @@ int __sock_create(struct net *net, int family, int type, int protocol, +@@ -1128,6 +1132,20 @@ int __sock_create(struct net *net, int family, int type, int protocol, if (err) return err; @@ -115362,7 +115990,7 @@ index 245330c..919e2a7 100644 /* * Allocate the socket and allow the family to set things up. if * the protocol is 0, the family is instructed to select an appropriate -@@ -1443,6 +1461,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) +@@ -1379,6 +1397,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) if (sock) { err = move_addr_to_kernel(umyaddr, addrlen, &address); if (err >= 0) { @@ -115377,7 +116005,7 @@ index 245330c..919e2a7 100644 err = security_socket_bind(sock, (struct sockaddr *)&address, addrlen); -@@ -1451,6 +1477,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) +@@ -1387,6 +1413,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) (struct sockaddr *) &address, addrlen); } @@ -115385,7 +116013,7 @@ index 245330c..919e2a7 100644 fput_light(sock->file, fput_needed); } return err; -@@ -1474,10 +1501,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog) +@@ -1410,10 +1437,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog) if ((unsigned int)backlog > somaxconn) backlog = somaxconn; @@ -115406,7 +116034,7 @@ index 245330c..919e2a7 100644 fput_light(sock->file, fput_needed); } return err; -@@ -1521,6 +1558,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, +@@ -1457,6 +1494,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, newsock->type = sock->type; newsock->ops = sock->ops; @@ -115425,7 +116053,7 @@ index 245330c..919e2a7 100644 /* * We don't need try_module_get here, as the listening socket (sock) * has the protocol module (sock->ops->owner) held. -@@ -1566,6 +1615,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, +@@ -1502,6 +1551,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, fd_install(newfd, newfile); err = newfd; @@ -115434,7 +116062,7 @@ index 245330c..919e2a7 100644 out_put: fput_light(sock->file, fput_needed); out: -@@ -1598,6 +1649,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, +@@ -1534,6 +1585,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, int, addrlen) { struct socket *sock; @@ -115442,7 +116070,7 @@ index 245330c..919e2a7 100644 struct sockaddr_storage address; int err, fput_needed; -@@ -1608,6 +1660,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, +@@ -1544,6 +1596,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, if (err < 0) goto out_put; @@ -115460,7 +116088,7 @@ index 245330c..919e2a7 100644 err = security_socket_connect(sock, (struct sockaddr *)&address, addrlen); if (err) -@@ -1689,6 +1752,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr, +@@ -1625,6 +1688,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr, * the protocol. */ @@ -115469,7 +116097,7 @@ index 245330c..919e2a7 100644 SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, unsigned int, flags, struct sockaddr __user *, addr, int, addr_len) -@@ -1756,7 +1821,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, +@@ -1688,7 +1753,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, struct socket *sock; struct iovec iov; struct msghdr msg; @@ -115478,7 +116106,7 @@ index 245330c..919e2a7 100644 int err, err2; int fput_needed; -@@ -2006,7 +2071,7 @@ static int ___sys_sendmsg(struct socket *sock, struct user_msghdr __user *msg, +@@ -1930,7 +1995,7 @@ static int ___sys_sendmsg(struct socket *sock, struct user_msghdr __user *msg, * checking falls down on this. */ if (copy_from_user(ctl_buf, @@ -115487,7 +116115,7 @@ index 245330c..919e2a7 100644 ctl_len)) goto out_freectl; msg_sys->msg_control = ctl_buf; -@@ -2157,7 +2222,7 @@ static int ___sys_recvmsg(struct socket *sock, struct user_msghdr __user *msg, +@@ -2080,7 +2145,7 @@ static int ___sys_recvmsg(struct socket *sock, struct user_msghdr __user *msg, ssize_t err; /* kernel mode address */ @@ -115496,7 +116124,7 @@ index 245330c..919e2a7 100644 /* user mode address pointers */ struct sockaddr __user *uaddr; -@@ -2803,7 +2868,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) +@@ -2725,7 +2790,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) ifr = compat_alloc_user_space(buf_size); rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8); @@ -115505,7 +116133,7 @@ index 245330c..919e2a7 100644 return -EFAULT; if (put_user(convert_in ? rxnfc : compat_ptr(data), -@@ -2914,7 +2979,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, +@@ -2836,7 +2901,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, old_fs = get_fs(); set_fs(KERNEL_DS); err = dev_ioctl(net, cmd, @@ -115514,7 +116142,7 @@ index 245330c..919e2a7 100644 set_fs(old_fs); return err; -@@ -3007,7 +3072,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, +@@ -2929,7 +2994,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, old_fs = get_fs(); set_fs(KERNEL_DS); @@ -115523,7 +116151,7 @@ index 245330c..919e2a7 100644 set_fs(old_fs); if (cmd == SIOCGIFMAP && !err) { -@@ -3091,7 +3156,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, +@@ -3013,7 +3078,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, ret |= get_user(rtdev, &(ur4->rt_dev)); if (rtdev) { ret |= copy_from_user(devname, compat_ptr(rtdev), 15); @@ -115532,7 +116160,7 @@ index 245330c..919e2a7 100644 devname[15] = 0; } else r4.rt_dev = NULL; -@@ -3318,8 +3383,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, +@@ -3240,8 +3305,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, int __user *uoptlen; int err; @@ -115543,7 +116171,7 @@ index 245330c..919e2a7 100644 set_fs(KERNEL_DS); if (level == SOL_SOCKET) -@@ -3339,7 +3404,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, +@@ -3261,7 +3326,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, char __user *uoptval; int err; @@ -115575,10 +116203,10 @@ index 1095be9..815d777 100644 /* make a copy for the caller */ *handle = ctxh; diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c -index 5199bb1..567a54c 100644 +index 2928aff..6f9efeb 100644 --- a/net/sunrpc/cache.c +++ b/net/sunrpc/cache.c -@@ -1595,7 +1595,7 @@ static int create_cache_proc_entries(struct cache_detail *cd, struct net *net) +@@ -1597,7 +1597,7 @@ static int create_cache_proc_entries(struct cache_detail *cd, struct net *net) struct sunrpc_net *sn; sn = net_generic(net, sunrpc_net_id); @@ -115603,7 +116231,7 @@ index e6ce151..ba1cf85 100644 task->tk_action = call_reserve; } diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c -index b91fd9c..00fe5b1 100644 +index 337ca85..42feae8 100644 --- a/net/sunrpc/sched.c +++ b/net/sunrpc/sched.c @@ -261,9 +261,9 @@ static int rpc_wait_bit_killable(struct wait_bit_key *key) @@ -115936,10 +116564,10 @@ index ce9121e..fd1fcce 100644 kfree_skb(args); diff --git a/net/tipc/socket.c b/net/tipc/socket.c -index b4d4467..afb49d4 100644 +index f485600..20cc6df 100644 --- a/net/tipc/socket.c +++ b/net/tipc/socket.c -@@ -2071,6 +2071,7 @@ static int tipc_accept(struct socket *sock, struct socket *new_sock, int flags) +@@ -2009,6 +2009,7 @@ static int tipc_accept(struct socket *sock, struct socket *new_sock, int flags) res = tipc_sk_create(sock_net(sock->sk), new_sock, 0, 1); if (res) goto exit; @@ -115948,7 +116576,7 @@ index b4d4467..afb49d4 100644 new_sk = new_sock->sk; new_tsock = tipc_sk(new_sk); diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c -index 72c339e..a93593a 100644 +index 1c147c8..50d7957 100644 --- a/net/tipc/subscr.c +++ b/net/tipc/subscr.c @@ -70,7 +70,7 @@ static void subscr_send_event(struct tipc_subscription *sub, u32 found_lower, @@ -115961,10 +116589,10 @@ index 72c339e..a93593a 100644 sub->evt.event = htohl(event, sub->swap); sub->evt.found_lower = htohl(found_lower, sub->swap); diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index 146881f..9441ed2 100644 +index 0643059..4628deb 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c -@@ -791,6 +791,12 @@ static struct sock *unix_find_other(struct net *net, +@@ -786,6 +786,12 @@ static struct sock *unix_find_other(struct net *net, err = -ECONNREFUSED; if (!S_ISSOCK(inode->i_mode)) goto put_fail; @@ -115977,7 +116605,7 @@ index 146881f..9441ed2 100644 u = unix_find_socket_byinode(inode); if (!u) goto put_fail; -@@ -811,6 +817,13 @@ static struct sock *unix_find_other(struct net *net, +@@ -806,6 +812,13 @@ static struct sock *unix_find_other(struct net *net, if (u) { struct dentry *dentry; dentry = unix_sk(u)->path.dentry; @@ -115991,7 +116619,7 @@ index 146881f..9441ed2 100644 if (dentry) touch_atime(&unix_sk(u)->path); } else -@@ -844,12 +857,18 @@ static int unix_mknod(const char *sun_path, umode_t mode, struct path *res) +@@ -839,12 +852,18 @@ static int unix_mknod(const char *sun_path, umode_t mode, struct path *res) */ err = security_path_mknod(&path, dentry, mode, 0); if (!err) { @@ -115999,7 +116627,7 @@ index 146881f..9441ed2 100644 + err = -EACCES; + goto out; + } - err = vfs_mknod(path.dentry->d_inode, dentry, mode, 0); + err = vfs_mknod(d_inode(path.dentry), dentry, mode, 0); if (!err) { res->mnt = mntget(path.mnt); res->dentry = dget(dentry); @@ -116010,7 +116638,7 @@ index 146881f..9441ed2 100644 done_path_create(&path, dentry); return err; } -@@ -2241,11 +2260,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, +@@ -2233,11 +2252,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, writable = unix_writable(sk); other = unix_peer_get(sk); if (other) { @@ -116027,7 +116655,7 @@ index 146881f..9441ed2 100644 sock_put(other); } -@@ -2342,9 +2364,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2334,9 +2356,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_puts(seq, "Num RefCount Protocol Flags Type St " "Inode Path\n"); else { @@ -116042,7 +116670,7 @@ index 146881f..9441ed2 100644 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", s, -@@ -2369,10 +2395,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2361,10 +2387,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_putc(seq, '@'); i++; } @@ -116310,7 +116938,7 @@ index 638af06..7d9daad 100644 } diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c -index de971b6..b843409 100644 +index 96688cd..e68a2eb 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -166,12 +166,14 @@ int xfrm_register_type(const struct xfrm_type *type, unsigned short family) @@ -116694,7 +117322,7 @@ index 86a4fe7..99e91f9 100755 kallsymso="" kallsyms_vmlinux="" diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c -index e614ef6..d9d2b01 100644 +index 78691d5..56972f2 100644 --- a/scripts/mod/file2alias.c +++ b/scripts/mod/file2alias.c @@ -142,7 +142,7 @@ static void device_id_check(const char *modname, const char *device_id, @@ -116761,31 +117389,31 @@ index e614ef6..d9d2b01 100644 sprintf(alias, "dmi*"); diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c -index d439856..10c1eac 100644 +index 91ee1b2..c9cf01a 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c -@@ -921,6 +921,7 @@ enum mismatch { - ANY_INIT_TO_ANY_EXIT, +@@ -942,6 +942,7 @@ enum mismatch { ANY_EXIT_TO_ANY_INIT, EXPORT_TO_INIT_EXIT, + EXTABLE_TO_NON_TEXT, + DATA_TO_TEXT }; - struct sectioncheck { -@@ -1007,6 +1008,12 @@ static const struct sectioncheck sectioncheck[] = { - .tosec = { INIT_SECTIONS, EXIT_SECTIONS, NULL }, - .mismatch = EXPORT_TO_INIT_EXIT, - .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL }, + /** +@@ -1068,6 +1069,12 @@ static const struct sectioncheck sectioncheck[] = { + .good_tosec = {ALL_TEXT_SECTIONS , NULL}, + .mismatch = EXTABLE_TO_NON_TEXT, + .handler = extable_mismatch_handler, +}, +/* Do not reference code from writable data */ +{ + .fromsec = { DATA_SECTIONS, NULL }, -+ .tosec = { TEXT_SECTIONS, NULL }, ++ .bad_tosec = { ALL_TEXT_SECTIONS, NULL }, + .mismatch = DATA_TO_TEXT } }; -@@ -1127,10 +1134,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, +@@ -1217,10 +1224,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, continue; if (ELF_ST_TYPE(sym->st_info) == STT_SECTION) continue; @@ -116798,9 +117426,9 @@ index d439856..10c1eac 100644 if (d < 0) d = addr - sym->st_value; if (d < distance) { -@@ -1408,6 +1415,14 @@ static void report_sec_mismatch(const char *modname, - tosym, prl_to, prl_to, tosym); - free(prl_to); +@@ -1503,6 +1510,14 @@ static void report_sec_mismatch(const char *modname, + fatal("There's a special handler for this mismatch type, " + "we should never get here."); break; + case DATA_TO_TEXT: +#if 0 @@ -116813,7 +117441,7 @@ index d439856..10c1eac 100644 } fprintf(stderr, "\n"); } -@@ -1659,7 +1674,7 @@ static void section_rel(const char *modname, struct elf_info *elf, +@@ -1892,7 +1907,7 @@ static void section_rel(const char *modname, struct elf_info *elf, static void check_sec_ref(struct module *mod, const char *modname, struct elf_info *elf) { @@ -116822,7 +117450,7 @@ index d439856..10c1eac 100644 Elf_Shdr *sechdrs = elf->sechdrs; /* Walk through all sections */ -@@ -1790,7 +1805,7 @@ void __attribute__((format(printf, 2, 3))) buf_printf(struct buffer *buf, +@@ -2023,7 +2038,7 @@ void __attribute__((format(printf, 2, 3))) buf_printf(struct buffer *buf, va_end(ap); } @@ -116831,7 +117459,7 @@ index d439856..10c1eac 100644 { if (buf->size - buf->pos < len) { buf->size += len + SZ; -@@ -2009,7 +2024,7 @@ static void write_if_changed(struct buffer *b, const char *fname) +@@ -2242,7 +2257,7 @@ static void write_if_changed(struct buffer *b, const char *fname) if (fstat(fileno(file), &st) < 0) goto close_write; @@ -117046,10 +117674,10 @@ index cdb491d..8d32bfc 100755 # Find all available archs find_all_archs() diff --git a/security/Kconfig b/security/Kconfig -index beb86b5..135675f 100644 +index bf4ec46..1fa98bf 100644 --- a/security/Kconfig +++ b/security/Kconfig -@@ -4,6 +4,980 @@ +@@ -4,6 +4,981 @@ menu "Security options" @@ -117086,6 +117714,7 @@ index beb86b5..135675f 100644 + select TTY + select DEBUG_KERNEL + select DEBUG_LIST ++ select MULTIUSER + help + If you say Y here, you will be able to configure many features + that will enhance the security of your system. It is highly @@ -118030,7 +118659,7 @@ index beb86b5..135675f 100644 source security/keys/Kconfig config SECURITY_DMESG_RESTRICT -@@ -103,7 +1077,7 @@ config INTEL_TXT +@@ -104,7 +1079,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX @@ -118040,7 +118669,7 @@ index beb86b5..135675f 100644 help This is the portion of low virtual memory which should be protected diff --git a/security/apparmor/file.c b/security/apparmor/file.c -index fdaa50c..2761dcb 100644 +index 913f377..6e392d5 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -348,8 +348,8 @@ static inline bool xindex_is_subset(u32 link, u32 target) @@ -118052,10 +118681,10 @@ index fdaa50c..2761dcb 100644 + struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry }; + struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; struct path_cond cond = { - old_dentry->d_inode->i_uid, - old_dentry->d_inode->i_mode + d_backing_inode(old_dentry)->i_uid, + d_backing_inode(old_dentry)->i_mode diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c -index 107db88..185f3a0 100644 +index e5f1561..c351c05 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -186,7 +186,7 @@ static int common_perm_dir_dentry(int op, struct path *dir, @@ -118073,8 +118702,8 @@ index 107db88..185f3a0 100644 { - struct path path = { mnt, dentry }; + struct path path = { .mnt = mnt, .dentry = dentry }; - struct path_cond cond = { dentry->d_inode->i_uid, - dentry->d_inode->i_mode + struct path_cond cond = { d_backing_inode(dentry)->i_uid, + d_backing_inode(dentry)->i_mode }; @@ -325,8 +325,8 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, @@ -118084,8 +118713,8 @@ index 107db88..185f3a0 100644 - struct path new_path = { new_dir->mnt, new_dentry }; + struct path old_path = { .mnt = old_dir->mnt, .dentry = old_dentry }; + struct path new_path = { .mnt = new_dir->mnt, .dentry = new_dentry }; - struct path_cond cond = { old_dentry->d_inode->i_uid, - old_dentry->d_inode->i_mode + struct path_cond cond = { d_backing_inode(old_dentry)->i_uid, + d_backing_inode(old_dentry)->i_mode }; @@ -615,7 +615,7 @@ static int apparmor_task_setrlimit(struct task_struct *task, return error; @@ -118097,7 +118726,7 @@ index 107db88..185f3a0 100644 .ptrace_access_check = apparmor_ptrace_access_check, diff --git a/security/commoncap.c b/security/commoncap.c -index f66713b..b69aa8e 100644 +index f2875cd..9fc1de0 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -427,6 +427,32 @@ int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data @@ -118203,32 +118832,6 @@ index 552705d..9920f4fb 100644 key = ima_hash_key(entry->digest); hlist_add_head_rcu(&qe->hnext, &ima_htable.queue[key]); return 0; -diff --git a/security/keys/compat.c b/security/keys/compat.c -index 3478965..ec7bb9e 100644 ---- a/security/keys/compat.c -+++ b/security/keys/compat.c -@@ -44,7 +44,7 @@ static long compat_keyctl_instantiate_key_iov( - if (ret == 0) - goto no_payload_free; - -- ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid); -+ ret = keyctl_instantiate_key_common(id, (const struct iovec __force_user *)iov, ioc, ret, ringid); - err: - if (iov != iovstack) - kfree(iov); -diff --git a/security/keys/internal.h b/security/keys/internal.h -index 200e378..cdc74b5 100644 ---- a/security/keys/internal.h -+++ b/security/keys/internal.h -@@ -244,7 +244,7 @@ extern long keyctl_instantiate_key_iov(key_serial_t, - extern long keyctl_invalidate_key(key_serial_t); - - extern long keyctl_instantiate_key_common(key_serial_t, -- const struct iovec *, -+ const struct iovec __user *, - unsigned, size_t, key_serial_t); - #ifdef CONFIG_PERSISTENT_KEYRINGS - extern long keyctl_get_persistent(uid_t, key_serial_t); diff --git a/security/keys/key.c b/security/keys/key.c index aee2ec5..c276071 100644 --- a/security/keys/key.c @@ -118286,46 +118889,6 @@ index aee2ec5..c276071 100644 /* record the root user tracking */ rb_link_node(&root_key_user.node, -diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c -index 4743d71..170a185 100644 ---- a/security/keys/keyctl.c -+++ b/security/keys/keyctl.c -@@ -1000,7 +1000,7 @@ static int keyctl_change_reqkey_auth(struct key *key) - /* - * Copy the iovec data from userspace - */ --static long copy_from_user_iovec(void *buffer, const struct iovec *iov, -+static long copy_from_user_iovec(void *buffer, const struct iovec __user *iov, - unsigned ioc) - { - for (; ioc > 0; ioc--) { -@@ -1022,7 +1022,7 @@ static long copy_from_user_iovec(void *buffer, const struct iovec *iov, - * If successful, 0 will be returned. - */ - long keyctl_instantiate_key_common(key_serial_t id, -- const struct iovec *payload_iov, -+ const struct iovec __user *payload_iov, - unsigned ioc, - size_t plen, - key_serial_t ringid) -@@ -1117,7 +1117,7 @@ long keyctl_instantiate_key(key_serial_t id, - [0].iov_len = plen - }; - -- return keyctl_instantiate_key_common(id, iov, 1, plen, ringid); -+ return keyctl_instantiate_key_common(id, (const struct iovec __force_user *)iov, 1, plen, ringid); - } - - return keyctl_instantiate_key_common(id, NULL, 0, 0, ringid); -@@ -1150,7 +1150,7 @@ long keyctl_instantiate_key_iov(key_serial_t id, - if (ret == 0) - goto no_payload_free; - -- ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid); -+ ret = keyctl_instantiate_key_common(id, (const struct iovec __force_user *)iov, ioc, ret, ringid); - err: - if (iov != iovstack) - kfree(iov); diff --git a/security/min_addr.c b/security/min_addr.c index f728728..6457a0c 100644 --- a/security/min_addr.c @@ -118347,7 +118910,7 @@ index f728728..6457a0c 100644 /* diff --git a/security/security.c b/security/security.c -index e81d5bb..b9c5111 100644 +index 8e9b1f4..cda8e4c 100644 --- a/security/security.c +++ b/security/security.c @@ -33,8 +33,8 @@ @@ -118374,7 +118937,7 @@ index e81d5bb..b9c5111 100644 static int __init choose_lsm(char *str) { diff --git a/security/selinux/avc.c b/security/selinux/avc.c -index afcc0ae..71f0525 100644 +index 3c17dda..482b12c 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -59,7 +59,7 @@ struct avc_node { @@ -118405,10 +118968,10 @@ index afcc0ae..71f0525 100644 lock = &avc_cache.slots_lock[hvalue]; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 2588e08..271f042 100644 +index 212070e..87aa172 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c -@@ -3295,7 +3295,8 @@ static int file_map_prot_check(struct file *file, unsigned long prot, int shared +@@ -3288,7 +3288,8 @@ static int file_map_prot_check(struct file *file, unsigned long prot, int shared int rc = 0; if (default_noexec && @@ -118418,7 +118981,7 @@ index 2588e08..271f042 100644 /* * We are making executable an anonymous mapping or a * private file mapping that will also be writable. -@@ -5863,7 +5864,8 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) +@@ -5841,7 +5842,8 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) #endif @@ -118428,7 +118991,7 @@ index 2588e08..271f042 100644 .name = "selinux", .binder_set_context_mgr = selinux_binder_set_context_mgr, -@@ -6209,6 +6211,9 @@ static void selinux_nf_ip_exit(void) +@@ -6186,6 +6188,9 @@ static void selinux_nf_ip_exit(void) #ifdef CONFIG_SECURITY_SELINUX_DISABLE static int selinux_disabled; @@ -118438,7 +119001,7 @@ index 2588e08..271f042 100644 int selinux_disable(void) { if (ss_initialized) { -@@ -6226,7 +6231,9 @@ int selinux_disable(void) +@@ -6203,7 +6208,9 @@ int selinux_disable(void) selinux_disabled = 1; selinux_enabled = 0; @@ -118463,10 +119026,10 @@ index 1450f85..a91e0bc 100644 } rtnl_unlock(); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index c934311..ac64d68 100644 +index b644757..3763b10 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c -@@ -4187,7 +4187,7 @@ static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +@@ -4266,7 +4266,7 @@ static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) return 0; } @@ -118476,7 +119039,7 @@ index c934311..ac64d68 100644 .ptrace_access_check = smack_ptrace_access_check, diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c -index c151a18..14ba19a 100644 +index 2367b10..a0c3c51 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c @@ -692,7 +692,7 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, @@ -118497,7 +119060,7 @@ index c151a18..14ba19a 100644 }; int idx; -@@ -786,7 +786,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path, const char *target) +@@ -786,7 +786,7 @@ int tomoyo_path_perm(const u8 operation, const struct path *path, const char *ta { struct tomoyo_request_info r; struct tomoyo_obj_info obj = { @@ -118542,19 +119105,10 @@ index 390c646..f2f8db3 100644 if (!fstype) { error = -ENODEV; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c -index f0b756e..8aa497b 100644 +index 57c88d5..0c6fcf3 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c -@@ -146,7 +146,7 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) - */ - static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) - { -- struct path path = { mnt, dentry }; -+ struct path path = { .mnt = mnt, .dentry = dentry }; - return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL); - } - -@@ -172,7 +172,7 @@ static int tomoyo_path_truncate(struct path *path) +@@ -171,7 +171,7 @@ static int tomoyo_path_truncate(struct path *path) */ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) { @@ -118563,7 +119117,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL); } -@@ -188,7 +188,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) +@@ -187,7 +187,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, umode_t mode) { @@ -118572,7 +119126,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, mode & S_IALLUGO); } -@@ -203,7 +203,7 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, +@@ -202,7 +202,7 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, */ static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) { @@ -118581,7 +119135,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL); } -@@ -219,7 +219,7 @@ static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) +@@ -218,7 +218,7 @@ static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, const char *old_name) { @@ -118590,7 +119144,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name); } -@@ -236,7 +236,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, +@@ -235,7 +235,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, umode_t mode, unsigned int dev) { @@ -118599,7 +119153,7 @@ index f0b756e..8aa497b 100644 int type = TOMOYO_TYPE_CREATE; const unsigned int perm = mode & S_IALLUGO; -@@ -275,8 +275,8 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, +@@ -274,8 +274,8 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry) { @@ -118610,7 +119164,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2); } -@@ -295,8 +295,8 @@ static int tomoyo_path_rename(struct path *old_parent, +@@ -294,8 +294,8 @@ static int tomoyo_path_rename(struct path *old_parent, struct path *new_parent, struct dentry *new_dentry) { @@ -118621,7 +119175,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2); } -@@ -424,7 +424,7 @@ static int tomoyo_sb_mount(const char *dev_name, struct path *path, +@@ -423,7 +423,7 @@ static int tomoyo_sb_mount(const char *dev_name, struct path *path, */ static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) { @@ -118630,7 +119184,7 @@ index f0b756e..8aa497b 100644 return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL); } -@@ -503,7 +503,7 @@ static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, +@@ -502,7 +502,7 @@ static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. */ @@ -118640,7 +119194,7 @@ index f0b756e..8aa497b 100644 .cred_alloc_blank = tomoyo_cred_alloc_blank, .cred_prepare = tomoyo_cred_prepare, diff --git a/security/yama/Kconfig b/security/yama/Kconfig -index 20ef514..4182bed 100644 +index 3123e1d..951f48d 100644 --- a/security/yama/Kconfig +++ b/security/yama/Kconfig @@ -1,6 +1,6 @@ @@ -118648,11 +119202,11 @@ index 20ef514..4182bed 100644 bool "Yama support" - depends on SECURITY + depends on SECURITY && !GRKERNSEC - select SECURITYFS - select SECURITY_PATH default n + help + This selects Yama, which extends DAC support with additional diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c -index 13c88fbc..f8c115e 100644 +index 24aae2a..81c4548 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -365,7 +365,7 @@ int yama_ptrace_traceme(struct task_struct *parent) @@ -118664,43 +119218,15 @@ index 13c88fbc..f8c115e 100644 .name = "yama", .ptrace_access_check = yama_ptrace_access_check, -@@ -376,28 +376,24 @@ static struct security_operations yama_ops = { - #endif - - #ifdef CONFIG_SYSCTL -+static int zero __read_only; -+static int max_scope __read_only = YAMA_SCOPE_NO_ATTACH; -+ +@@ -379,7 +379,7 @@ static struct security_operations yama_ops = { static int yama_dointvec_minmax(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -- int rc; -+ ctl_table_no_const yama_table; +- struct ctl_table table_copy; ++ ctl_table_no_const table_copy; if (write && !capable(CAP_SYS_PTRACE)) return -EPERM; - -- rc = proc_dointvec_minmax(table, write, buffer, lenp, ppos); -- if (rc) -- return rc; -- -+ yama_table = *table; - /* Lock the max value if it ever gets set. */ -- if (write && *(int *)table->data == *(int *)table->extra2) -- table->extra1 = table->extra2; -- -- return rc; -+ if (ptrace_scope == max_scope) -+ yama_table.extra1 = &max_scope; -+ return proc_dointvec_minmax(&yama_table, write, buffer, lenp, ppos); - } - --static int zero; --static int max_scope = YAMA_SCOPE_NO_ATTACH; -- - struct ctl_path yama_sysctl_path[] = { - { .procname = "kernel", }, - { .procname = "yama", }, diff --git a/sound/aoa/codecs/onyx.c b/sound/aoa/codecs/onyx.c index 23c371e..da7c25e 100644 --- a/sound/aoa/codecs/onyx.c @@ -118746,10 +119272,10 @@ index ffd2025..df062c9 100644 /* PCM3052 register definitions */ diff --git a/sound/core/oss/pcm_oss.c b/sound/core/oss/pcm_oss.c -index 80423a4c..270c3d0 100644 +index 58550cc..4687a93 100644 --- a/sound/core/oss/pcm_oss.c +++ b/sound/core/oss/pcm_oss.c -@@ -1190,10 +1190,10 @@ snd_pcm_sframes_t snd_pcm_oss_write3(struct snd_pcm_substream *substream, const +@@ -1189,10 +1189,10 @@ snd_pcm_sframes_t snd_pcm_oss_write3(struct snd_pcm_substream *substream, const if (in_kernel) { mm_segment_t fs; fs = snd_enter_user(); @@ -118762,7 +119288,7 @@ index 80423a4c..270c3d0 100644 } if (ret != -EPIPE && ret != -ESTRPIPE) break; -@@ -1233,10 +1233,10 @@ snd_pcm_sframes_t snd_pcm_oss_read3(struct snd_pcm_substream *substream, char *p +@@ -1232,10 +1232,10 @@ snd_pcm_sframes_t snd_pcm_oss_read3(struct snd_pcm_substream *substream, char *p if (in_kernel) { mm_segment_t fs; fs = snd_enter_user(); @@ -118775,7 +119301,7 @@ index 80423a4c..270c3d0 100644 } if (ret == -EPIPE) { if (runtime->status->state == SNDRV_PCM_STATE_DRAINING) { -@@ -1332,7 +1332,7 @@ static ssize_t snd_pcm_oss_write2(struct snd_pcm_substream *substream, const cha +@@ -1331,7 +1331,7 @@ static ssize_t snd_pcm_oss_write2(struct snd_pcm_substream *substream, const cha struct snd_pcm_plugin_channel *channels; size_t oss_frame_bytes = (runtime->oss.plugin_first->src_width * runtime->oss.plugin_first->src_format.channels) / 8; if (!in_kernel) { @@ -118784,7 +119310,7 @@ index 80423a4c..270c3d0 100644 return -EFAULT; buf = runtime->oss.buffer; } -@@ -1402,7 +1402,7 @@ static ssize_t snd_pcm_oss_write1(struct snd_pcm_substream *substream, const cha +@@ -1401,7 +1401,7 @@ static ssize_t snd_pcm_oss_write1(struct snd_pcm_substream *substream, const cha } } else { tmp = snd_pcm_oss_write2(substream, @@ -118793,7 +119319,7 @@ index 80423a4c..270c3d0 100644 runtime->oss.period_bytes, 0); if (tmp <= 0) goto err; -@@ -1428,7 +1428,7 @@ static ssize_t snd_pcm_oss_read2(struct snd_pcm_substream *substream, char *buf, +@@ -1427,7 +1427,7 @@ static ssize_t snd_pcm_oss_read2(struct snd_pcm_substream *substream, char *buf, struct snd_pcm_runtime *runtime = substream->runtime; snd_pcm_sframes_t frames, frames1; #ifdef CONFIG_SND_PCM_OSS_PLUGINS @@ -118802,7 +119328,7 @@ index 80423a4c..270c3d0 100644 if (runtime->oss.plugin_first) { struct snd_pcm_plugin_channel *channels; size_t oss_frame_bytes = (runtime->oss.plugin_last->dst_width * runtime->oss.plugin_last->dst_format.channels) / 8; -@@ -1490,7 +1490,7 @@ static ssize_t snd_pcm_oss_read1(struct snd_pcm_substream *substream, char __use +@@ -1489,7 +1489,7 @@ static ssize_t snd_pcm_oss_read1(struct snd_pcm_substream *substream, char __use xfer += tmp; runtime->oss.buffer_used -= tmp; } else { @@ -118811,7 +119337,7 @@ index 80423a4c..270c3d0 100644 runtime->oss.period_bytes, 0); if (tmp <= 0) goto err; -@@ -1659,7 +1659,7 @@ static int snd_pcm_oss_sync(struct snd_pcm_oss_file *pcm_oss_file) +@@ -1658,7 +1658,7 @@ static int snd_pcm_oss_sync(struct snd_pcm_oss_file *pcm_oss_file) size1); size1 /= runtime->channels; /* frames */ fs = snd_enter_user(); @@ -118821,7 +119347,7 @@ index 80423a4c..270c3d0 100644 } } else if (runtime->access == SNDRV_PCM_ACCESS_RW_NONINTERLEAVED) { diff --git a/sound/core/pcm_compat.c b/sound/core/pcm_compat.c -index 2d957ba..fda022c 100644 +index b48b434..e2ba787 100644 --- a/sound/core/pcm_compat.c +++ b/sound/core/pcm_compat.c @@ -31,7 +31,7 @@ static int snd_pcm_ioctl_delay_compat(struct snd_pcm_substream *substream, @@ -118834,10 +119360,10 @@ index 2d957ba..fda022c 100644 if (err < 0) return err; diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c -index 279e24f..24aafe5 100644 +index d126c03..5d84d1cf 100644 --- a/sound/core/pcm_native.c +++ b/sound/core/pcm_native.c -@@ -2969,11 +2969,11 @@ int snd_pcm_kernel_ioctl(struct snd_pcm_substream *substream, +@@ -3004,11 +3004,11 @@ int snd_pcm_kernel_ioctl(struct snd_pcm_substream *substream, switch (substream->stream) { case SNDRV_PCM_STREAM_PLAYBACK: result = snd_pcm_playback_ioctl1(NULL, substream, cmd, @@ -118851,78 +119377,8 @@ index 279e24f..24aafe5 100644 break; default: result = -EINVAL; -diff --git a/sound/core/seq/oss/seq_oss.c b/sound/core/seq/oss/seq_oss.c -index 16d4267..fe8b49b 100644 ---- a/sound/core/seq/oss/seq_oss.c -+++ b/sound/core/seq/oss/seq_oss.c -@@ -69,8 +69,8 @@ static int __init alsa_seq_oss_init(void) - { - int rc; - static struct snd_seq_dev_ops ops = { -- snd_seq_oss_synth_register, -- snd_seq_oss_synth_unregister, -+ .init_device = snd_seq_oss_synth_register, -+ .free_device = snd_seq_oss_synth_unregister, - }; - - snd_seq_autoload_lock(); -diff --git a/sound/core/seq/seq_device.c b/sound/core/seq/seq_device.c -index 0631bda..d0dcd49 100644 ---- a/sound/core/seq/seq_device.c -+++ b/sound/core/seq/seq_device.c -@@ -65,7 +65,7 @@ struct ops_list { - int argsize; /* argument size */ - - /* operators */ -- struct snd_seq_dev_ops ops; -+ struct snd_seq_dev_ops *ops; - - /* registered devices */ - struct list_head dev_list; /* list of devices */ -@@ -371,7 +371,7 @@ int snd_seq_device_register_driver(char *id, struct snd_seq_dev_ops *entry, - - mutex_lock(&ops->reg_mutex); - /* copy driver operators */ -- ops->ops = *entry; -+ ops->ops = entry; - ops->driver |= DRIVER_LOADED; - ops->argsize = argsize; - -@@ -500,7 +500,7 @@ static int init_device(struct snd_seq_device *dev, struct ops_list *ops) - dev->name, ops->id, ops->argsize, dev->argsize); - return -EINVAL; - } -- if (ops->ops.init_device(dev) >= 0) { -+ if (ops->ops->init_device(dev) >= 0) { - dev->status = SNDRV_SEQ_DEVICE_REGISTERED; - ops->num_init_devices++; - } else { -@@ -527,7 +527,7 @@ static int free_device(struct snd_seq_device *dev, struct ops_list *ops) - dev->name, ops->id, ops->argsize, dev->argsize); - return -EINVAL; - } -- if ((result = ops->ops.free_device(dev)) >= 0 || result == -ENXIO) { -+ if ((result = ops->ops->free_device(dev)) >= 0 || result == -ENXIO) { - dev->status = SNDRV_SEQ_DEVICE_FREE; - dev->driver_data = NULL; - ops->num_init_devices--; -diff --git a/sound/core/seq/seq_midi.c b/sound/core/seq/seq_midi.c -index 68fec77..97fb643 100644 ---- a/sound/core/seq/seq_midi.c -+++ b/sound/core/seq/seq_midi.c -@@ -461,8 +461,8 @@ snd_seq_midisynth_unregister_port(struct snd_seq_device *dev) - static int __init alsa_seq_midi_init(void) - { - static struct snd_seq_dev_ops ops = { -- snd_seq_midisynth_register_port, -- snd_seq_midisynth_unregister_port, -+ .init_device = snd_seq_midisynth_register_port, -+ .free_device = snd_seq_midisynth_unregister_port, - }; - memset(&synths, 0, sizeof(synths)); - snd_seq_autoload_lock(); diff --git a/sound/core/sound.c b/sound/core/sound.c -index 185cec0..a95a1a9 100644 +index 5fc93d0..67d8037 100644 --- a/sound/core/sound.c +++ b/sound/core/sound.c @@ -86,7 +86,7 @@ static void snd_request_other(int minor) @@ -118994,21 +119450,6 @@ index 2a008a9..a1efb3f 100644 return 0; } -diff --git a/sound/drivers/opl3/opl3_seq.c b/sound/drivers/opl3/opl3_seq.c -index a9f618e..c5a7208 100644 ---- a/sound/drivers/opl3/opl3_seq.c -+++ b/sound/drivers/opl3/opl3_seq.c -@@ -279,8 +279,8 @@ static int __init alsa_opl3_seq_init(void) - { - static struct snd_seq_dev_ops ops = - { -- snd_opl3_seq_new_device, -- snd_opl3_seq_delete_device -+ .init_device = snd_opl3_seq_new_device, -+ .free_device = snd_opl3_seq_delete_device - }; - - return snd_seq_device_register_driver(SNDRV_SEQ_DEV_ID_OPL3, &ops, diff --git a/sound/drivers/opl4/opl4_lib.c b/sound/drivers/opl4/opl4_lib.c index 3b0ee42..8423ad6 100644 --- a/sound/drivers/opl4/opl4_lib.c @@ -119022,21 +119463,6 @@ index 3b0ee42..8423ad6 100644 { int timeout = 10; while ((inb(opl4->fm_port) & OPL4_STATUS_BUSY) && --timeout > 0) -diff --git a/sound/drivers/opl4/opl4_seq.c b/sound/drivers/opl4/opl4_seq.c -index 9919769..d7de36c 100644 ---- a/sound/drivers/opl4/opl4_seq.c -+++ b/sound/drivers/opl4/opl4_seq.c -@@ -198,8 +198,8 @@ static int snd_opl4_seq_delete_device(struct snd_seq_device *dev) - static int __init alsa_opl4_synth_init(void) - { - static struct snd_seq_dev_ops ops = { -- snd_opl4_seq_new_device, -- snd_opl4_seq_delete_device -+ .init_device = snd_opl4_seq_new_device, -+ .free_device = snd_opl4_seq_delete_device - }; - - return snd_seq_device_register_driver(SNDRV_SEQ_DEV_ID_OPL4, &ops, diff --git a/sound/drivers/portman2x4.c b/sound/drivers/portman2x4.c index 464385a..46ab3f6 100644 --- a/sound/drivers/portman2x4.c @@ -119059,7 +119485,7 @@ index 464385a..46ab3f6 100644 struct snd_rawmidi_substream *midi_input[PORTMAN_NUM_INPUT_PORTS]; }; diff --git a/sound/firewire/amdtp.c b/sound/firewire/amdtp.c -index 5cc356d..d65e68ff 100644 +index e061355..baed278 100644 --- a/sound/firewire/amdtp.c +++ b/sound/firewire/amdtp.c @@ -573,7 +573,7 @@ static void update_pcm_pointers(struct amdtp_stream *s, @@ -119179,21 +119605,6 @@ index 2dba848..c682aef 100644 wait_event(scs->idle_wait, scs->output_idle); -diff --git a/sound/isa/sb/emu8000_synth.c b/sound/isa/sb/emu8000_synth.c -index 72332df..82ec6a2 100644 ---- a/sound/isa/sb/emu8000_synth.c -+++ b/sound/isa/sb/emu8000_synth.c -@@ -118,8 +118,8 @@ static int __init alsa_emu8000_init(void) - { - - static struct snd_seq_dev_ops ops = { -- snd_emu8000_new_device, -- snd_emu8000_delete_device, -+ .init_device = snd_emu8000_new_device, -+ .free_device = snd_emu8000_delete_device, - }; - return snd_seq_device_register_driver(SNDRV_SEQ_DEV_ID_EMU8000, &ops, - sizeof(struct snd_emu8000*)); diff --git a/sound/oss/sb_audio.c b/sound/oss/sb_audio.c index 048439a..3be9f6f 100644 --- a/sound/oss/sb_audio.c @@ -119245,26 +119656,11 @@ index 213a416..aeab5c9 100644 list_add(&s->list, &cs4297a_devs); -diff --git a/sound/pci/emu10k1/emu10k1_synth.c b/sound/pci/emu10k1/emu10k1_synth.c -index 4c41c90..37f3631 100644 ---- a/sound/pci/emu10k1/emu10k1_synth.c -+++ b/sound/pci/emu10k1/emu10k1_synth.c -@@ -108,8 +108,8 @@ static int __init alsa_emu10k1_synth_init(void) - { - - static struct snd_seq_dev_ops ops = { -- snd_emu10k1_synth_new_device, -- snd_emu10k1_synth_delete_device, -+ .init_device = snd_emu10k1_synth_new_device, -+ .free_device = snd_emu10k1_synth_delete_device, - }; - return snd_seq_device_register_driver(SNDRV_SEQ_DEV_ID_EMU10K1_SYNTH, &ops, - sizeof(struct snd_emu10k1_synth_arg)); diff --git a/sound/pci/hda/hda_codec.c b/sound/pci/hda/hda_codec.c -index a63a863..fcf3087 100644 +index 5645481..63e53a2 100644 --- a/sound/pci/hda/hda_codec.c +++ b/sound/pci/hda/hda_codec.c -@@ -2865,7 +2865,7 @@ static int get_kctl_0dB_offset(struct hda_codec *codec, +@@ -1946,7 +1946,7 @@ static int get_kctl_0dB_offset(struct hda_codec *codec, /* FIXME: set_fs() hack for obtaining user-space TLV data */ mm_segment_t fs = get_fs(); set_fs(get_ds()); @@ -119980,10 +120376,10 @@ index 0000000..0c96d8a +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..da184c5 +index 0000000..c5de280 --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,564 @@ +@@ -0,0 +1,568 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2015 by PaX Team <pageexec@freemail.hu> @@ -120425,7 +120821,7 @@ index 0000000..da184c5 + .optinfo_flags = OPTGROUP_NONE, +#endif +#if BUILDING_GCC_VERSION >= 5000 -+#elif BUILDING_GCC_VERSION >= 4009 ++#elif BUILDING_GCC_VERSION == 4009 + .has_gate = false, + .has_execute = true, +#else @@ -120450,7 +120846,11 @@ index 0000000..da184c5 +class check_local_variables_pass : public gimple_opt_pass { +public: + check_local_variables_pass() : gimple_opt_pass(check_local_variables_pass_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return check_local_variables(); } ++#else + unsigned int execute() { return check_local_variables(); } ++#endif +}; +} + @@ -120550,10 +120950,10 @@ index 0000000..da184c5 +} diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h new file mode 100644 -index 0000000..1d20e32 +index 0000000..70924d4 --- /dev/null +++ b/tools/gcc/gcc-common.h -@@ -0,0 +1,689 @@ +@@ -0,0 +1,787 @@ +#ifndef GCC_COMMON_H_INCLUDED +#define GCC_COMMON_H_INCLUDED + @@ -120632,6 +121032,8 @@ index 0000000..1d20e32 +#include "tree-flow.h" +#else +#include "tree-cfgcleanup.h" ++#include "tree-ssa-operands.h" ++#include "tree-into-ssa.h" +#endif + +#if BUILDING_GCC_VERSION >= 4008 @@ -120962,6 +121364,76 @@ index 0000000..1d20e32 +typedef union gimple_statement_d gdebug; +typedef union gimple_statement_d gphi; +typedef union gimple_statement_d greturn; ++ ++static inline gasm *as_a_gasm(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gasm *as_a_const_gasm(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gassign *as_a_gassign(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gassign *as_a_const_gassign(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcall *as_a_gcall(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcall *as_a_const_gcall(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gcond *as_a_const_gcond(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gdebug *as_a_gdebug(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline greturn *as_a_greturn(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const greturn *as_a_const_greturn(const_gimple stmt) ++{ ++ return stmt; ++} +#endif + +#if BUILDING_GCC_VERSION == 4008 @@ -120981,34 +121453,35 @@ index 0000000..1d20e32 +#if BUILDING_GCC_VERSION <= 4009 +#define TODO_verify_il 0 +#define AVAIL_INTERPOSABLE AVAIL_OVERWRITABLE -+#endif + -+#if BUILDING_GCC_VERSION == 4009 -+typedef struct gimple_statement_base gasm; -+typedef struct gimple_statement_base gassign; -+typedef struct gimple_statement_base gcall; -+typedef struct gimple_statement_base gcond; -+typedef struct gimple_statement_base gdebug; -+typedef struct gimple_statement_base gphi; -+typedef struct gimple_statement_base greturn; -+#endif ++#define section_name_prefix LTO_SECTION_NAME_PREFIX ++#define fatal_error(loc, gmsgid, ...) fatal_error((gmsgid), __VA_ARGS__) + -+#if BUILDING_GCC_VERSION <= 4009 +typedef struct rtx_def rtx_insn; + +static inline void set_decl_section_name(tree node, const char *value) +{ + DECL_SECTION_NAME(node) = build_string(strlen(value) + 1, value); +} ++#endif ++ ++#if BUILDING_GCC_VERSION == 4009 ++typedef struct gimple_statement_asm gasm; ++typedef struct gimple_statement_base gassign; ++typedef struct gimple_statement_call gcall; ++typedef struct gimple_statement_base gcond; ++typedef struct gimple_statement_base gdebug; ++typedef struct gimple_statement_phi gphi; ++typedef struct gimple_statement_base greturn; + +static inline gasm *as_a_gasm(gimple stmt) +{ -+ return stmt; ++ return as_a<gasm>(stmt); +} + +static inline const gasm *as_a_const_gasm(const_gimple stmt) +{ -+ return stmt; ++ return as_a<const gasm>(stmt); +} + +static inline gassign *as_a_gassign(gimple stmt) @@ -121023,24 +121496,44 @@ index 0000000..1d20e32 + +static inline gcall *as_a_gcall(gimple stmt) +{ -+ return stmt; ++ return as_a<gcall>(stmt); +} + +static inline const gcall *as_a_const_gcall(const_gimple stmt) +{ ++ return as_a<const gcall>(stmt); ++} ++ ++static inline gcond *as_a_gcond(gimple stmt) ++{ + return stmt; +} + -+static inline gphi *as_a_gphi(gimple stmt) ++static inline const gcond *as_a_const_gcond(const_gimple stmt) +{ + return stmt; +} + -+static inline const gphi *as_a_const_gphi(const_gimple stmt) ++static inline gdebug *as_a_gdebug(gimple stmt) ++{ ++ return stmt; ++} ++ ++static inline const gdebug *as_a_const_gdebug(const_gimple stmt) +{ + return stmt; +} + ++static inline gphi *as_a_gphi(gimple stmt) ++{ ++ return as_a<gphi>(stmt); ++} ++ ++static inline const gphi *as_a_const_gphi(const_gimple stmt) ++{ ++ return as_a<const gphi>(stmt); ++} ++ +static inline greturn *as_a_greturn(gimple stmt) +{ + return stmt; @@ -121102,6 +121595,11 @@ index 0000000..1d20e32 + varpool_node::add(decl); +} + ++static inline unsigned int rebuild_cgraph_edges(void) ++{ ++ return cgraph_edge::rebuild_edges(); ++} ++ +static inline cgraph_node_ptr cgraph_function_node(cgraph_node_ptr node, enum availability *availability) +{ + return node->function_symbol(availability); @@ -121909,10 +122407,10 @@ index 0000000..457d54e +} diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c new file mode 100644 -index 0000000..b0d8255 +index 0000000..4838c8a --- /dev/null +++ b/tools/gcc/kernexec_plugin.c -@@ -0,0 +1,547 @@ +@@ -0,0 +1,551 @@ +/* + * Copyright 2011-2015 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -121947,10 +122445,12 @@ index 0000000..b0d8255 + */ +static void kernexec_reload_fptr_mask(gimple_stmt_iterator *gsi) +{ ++ gimple stmt; + gasm *asm_movabs_stmt; + + // build asm volatile("movabs $0x8000000000000000, %%r12\n\t" : : : ); -+ asm_movabs_stmt = gimple_build_asm_vec("movabs $0x8000000000000000, %%r12\n\t", NULL, NULL, NULL, NULL); ++ stmt = gimple_build_asm_vec("movabs $0x8000000000000000, %%r12\n\t", NULL, NULL, NULL, NULL); ++ asm_movabs_stmt = as_a_gasm(stmt); + gimple_asm_set_volatile(asm_movabs_stmt, true); + gsi_insert_after(gsi, asm_movabs_stmt, GSI_CONTINUE_LINKING); + update_stmt(asm_movabs_stmt); @@ -122044,6 +122544,7 @@ index 0000000..b0d8255 + +static void kernexec_instrument_fptr_or(gimple_stmt_iterator *gsi) +{ ++ gimple stmt; + gasm *asm_or_stmt; + gcall *call_stmt; + tree old_fptr, new_fptr, input, output; @@ -122075,7 +122576,8 @@ index 0000000..b0d8255 + vec_safe_push(inputs, input); + vec_safe_push(outputs, output); +#endif -+ asm_or_stmt = gimple_build_asm_vec("orq %%r12, %0\n\t", inputs, outputs, NULL, NULL); ++ stmt = gimple_build_asm_vec("orq %%r12, %0\n\t", inputs, outputs, NULL, NULL); ++ asm_or_stmt = as_a_gasm(stmt); + SSA_NAME_DEF_STMT(new_fptr) = asm_or_stmt; + gimple_asm_set_volatile(asm_or_stmt, true); + gsi_insert_before(gsi, asm_or_stmt, GSI_SAME_STMT); @@ -122942,10 +123444,10 @@ index 0000000..ac6f9b4 +} diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c new file mode 100644 -index 0000000..713be61 +index 0000000..40dcfa9 --- /dev/null +++ b/tools/gcc/randomize_layout_plugin.c -@@ -0,0 +1,918 @@ +@@ -0,0 +1,922 @@ +/* + * Copyright 2014,2015 by Open Source Security, Inc., Brad Spengler <spender@grsecurity.net> + * and PaX Team <pageexec@freemail.hu> @@ -123791,7 +124293,11 @@ index 0000000..713be61 +class randomize_layout_bad_cast : public gimple_opt_pass { +public: + randomize_layout_bad_cast() : gimple_opt_pass(randomize_layout_bad_cast_data, g) {} ++#if BUILDING_GCC_VERSION >= 5000 ++ virtual unsigned int execute(function *) { return find_bad_casts(); } ++#else + unsigned int execute() { return find_bad_casts(); } ++#endif +}; +} +#endif @@ -124009,10 +124515,10 @@ index 0000000..12b1e3b +exit 0 diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c new file mode 100644 -index 0000000..0b508b1 +index 0000000..7b7051a --- /dev/null +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c -@@ -0,0 +1,409 @@ +@@ -0,0 +1,411 @@ +/* + * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -124123,6 +124629,7 @@ index 0000000..0b508b1 +{ + char *asm_comment; + const char *mark_str; ++ gimple stmt; + gasm *asm_stmt; + gimple_stmt_iterator gsi; + tree str_input, str_output; @@ -124140,7 +124647,8 @@ index 0000000..0b508b1 + str_output = build_string(4, "=rm"); + output = create_asm_io_list(str_output, asm_data->output); + -+ asm_stmt = gimple_build_asm_vec(asm_comment, input, output, NULL, NULL); ++ stmt = gimple_build_asm_vec(asm_comment, input, output, NULL, NULL); ++ asm_stmt = as_a_gasm(stmt); + gimple_asm_set_volatile(asm_stmt, true); + + gsi = gsi_for_stmt(asm_data->def_stmt); @@ -126435,10 +126943,10 @@ index 0000000..b8e7188 +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 -index 0000000..89e8e68 +index 0000000..2e9138d --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data -@@ -0,0 +1,27982 @@ +@@ -0,0 +1,28379 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL nohasharray +iwl_set_tx_power_1 iwl_set_tx_power 0 1 &intel_fake_agp_alloc_by_type_1 +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL @@ -126530,7 +127038,8 @@ index 0000000..89e8e68 +rt73usb_enable_radio_258 rt73usb_enable_radio 0 258 NULL +sctp_assoc_set_bind_addr_from_ep_263 sctp_assoc_set_bind_addr_from_ep 0 263 NULL +setup_stream_272 setup_stream 0 272 NULL nohasharray -+mxl111sf_ctrl_msg_272 mxl111sf_ctrl_msg 0 272 &setup_stream_272 ++mxl111sf_ctrl_msg_272 mxl111sf_ctrl_msg 0 272 &setup_stream_272 nohasharray ++mpls_dev_sysctl_register_272 mpls_dev_sysctl_register 0 272 &mxl111sf_ctrl_msg_272 +xfs_dabuf_map_277 xfs_dabuf_map 0 277 NULL +lp855x_get_chip_id_278 lp855x_get_chip_id 0 278 NULL nohasharray +iscsi_tpg_attrib_show_demo_mode_write_protect_278 iscsi_tpg_attrib_show_demo_mode_write_protect 0 278 &lp855x_get_chip_id_278 @@ -126787,7 +127296,8 @@ index 0000000..89e8e68 +tuner_i2c_xfer_send_recv_864 tuner_i2c_xfer_send_recv 0-5 864 NULL +btrfs_dirty_inode_868 btrfs_dirty_inode 0 868 NULL +ipr_read_trace_869 ipr_read_trace 6-0-5 869 NULL nohasharray -+ace_set_mac_addr_869 ace_set_mac_addr 0 869 &ipr_read_trace_869 ++ace_set_mac_addr_869 ace_set_mac_addr 0 869 &ipr_read_trace_869 nohasharray ++hfsplus_setxattr_869 hfsplus_setxattr 0 869 &ace_set_mac_addr_869 +epx_c3_notify_sys_871 epx_c3_notify_sys 0 871 NULL +i2c_wait_done_873 i2c_wait_done 0 873 NULL +link_mem_sections_878 link_mem_sections 0 878 NULL @@ -126843,6 +127353,7 @@ index 0000000..89e8e68 +skge_rx_fill_991 skge_rx_fill 0 991 NULL +tts_notify_reboot_993 tts_notify_reboot 0 993 NULL nohasharray +memory_probe_store_993 memory_probe_store 0-4 993 &tts_notify_reboot_993 ++cma_free_mem_995 cma_free_mem 2 995 NULL +hdlcdev_rx_997 hdlcdev_rx 3 997 NULL +pch_udc_create_dma_chain_1001 pch_udc_create_dma_chain 0 1001 NULL +cdc_ncm_show_wNdpInDivisor_1003 cdc_ncm_show_wNdpInDivisor 0 1003 NULL nohasharray @@ -126896,7 +127407,8 @@ index 0000000..89e8e68 +b43legacy_phy_versioning_1117 b43legacy_phy_versioning 0 1117 NULL +bql_show_limit_min_1118 bql_show_limit_min 0 1118 NULL +show_temp_crit_enable_1119 show_temp_crit_enable 0 1119 NULL -+edac_fake_inject_write_1120 edac_fake_inject_write 0-3 1120 NULL ++edac_fake_inject_write_1120 edac_fake_inject_write 0-3 1120 NULL nohasharray ++sha1_base_finish_1120 sha1_base_finish 0 1120 &edac_fake_inject_write_1120 +splice_read_1122 splice_read 0 1122 NULL +sdio_uart_write_room_1123 sdio_uart_write_room 0 1123 NULL nohasharray +drvctl_store_1123 drvctl_store 0-4 1123 &sdio_uart_write_room_1123 @@ -126952,6 +127464,7 @@ index 0000000..89e8e68 +v9fs_write_inode_dotl_1241 v9fs_write_inode_dotl 0 1241 NULL +ehci_urb_enqueue_1242 ehci_urb_enqueue 0 1242 NULL +usnic_ib_show_cq_per_vf_1244 usnic_ib_show_cq_per_vf 0 1244 NULL ++snd_hdac_read_1245 snd_hdac_read 0 1245 NULL +qla2x00_total_isp_aborts_show_1247 qla2x00_total_isp_aborts_show 0 1247 NULL +class_osdblk_remove_1250 class_osdblk_remove 0-4 1250 NULL +ipath_read_umem64_1254 ipath_read_umem64 0 1254 NULL @@ -127164,6 +127677,7 @@ index 0000000..89e8e68 +set_temp_emergency_1776 set_temp_emergency 0-4 1776 NULL +event_show_1780 event_show 0 1780 NULL +tpacpi_driver_wlsw_emulstate_store_1783 tpacpi_driver_wlsw_emulstate_store 0-3 1783 NULL ++usb_dmac_desc_alloc_1792 usb_dmac_desc_alloc 2 1792 NULL +fcoe_ctlr_device_add_1793 fcoe_ctlr_device_add 3 1793 NULL +ueth_change_mtu_1794 ueth_change_mtu 0 1794 NULL +show_auto_fan_1801 show_auto_fan 0 1801 NULL @@ -127463,6 +127977,7 @@ index 0000000..89e8e68 +cifs_wp_retry_size_2491 cifs_wp_retry_size 0 2491 &xen_wdt_write_2491 +xenvif_alloc_skb_2492 xenvif_alloc_skb 1 2492 NULL +isicom_write_room_2493 isicom_write_room 0 2493 NULL ++widget_tree_create_2494 widget_tree_create 0 2494 NULL +show_tabletExecute_2495 show_tabletExecute 0 2495 NULL +_read_fact_prot_reg_2497 _read_fact_prot_reg 0 2497 NULL nohasharray +blk_rq_unmap_user_2497 blk_rq_unmap_user 0 2497 &_read_fact_prot_reg_2497 nohasharray @@ -127562,6 +128077,7 @@ index 0000000..89e8e68 +nfc_llcp_send_ui_frame_2702 nfc_llcp_send_ui_frame 5-0 2702 NULL +lx_pipe_allocate_2703 lx_pipe_allocate 0 2703 NULL +udf_setsize_2705 udf_setsize 0 2705 NULL ++rawsock_sendmsg_2706 rawsock_sendmsg 3 2706 NULL +SyS_pwrite64_2708 SyS_pwrite64 3 2708 NULL nohasharray +lprocfs_stats_counter_size_2708 lprocfs_stats_counter_size 0 2708 &SyS_pwrite64_2708 +sock_error_2715 sock_error 0 2715 NULL nohasharray @@ -127569,6 +128085,7 @@ index 0000000..89e8e68 +migration_call_2716 migration_call 0 2716 NULL +gpiod_direction_input_2718 gpiod_direction_input 0 2718 NULL +snd_hdspm_trigger_2720 snd_hdspm_trigger 0 2720 NULL ++llc_ui_recvmsg_2730 llc_ui_recvmsg 3 2730 NULL +o2hb_region_dev_read_2735 o2hb_region_dev_read 0 2735 NULL +ltm_capable_show_2738 ltm_capable_show 0 2738 NULL nohasharray +ad5398_enable_2738 ad5398_enable 0 2738 <m_capable_show_2738 @@ -127771,7 +128288,8 @@ index 0000000..89e8e68 +map_smb_to_linux_error_3163 map_smb_to_linux_error 0 3163 NULL +gfs2_rindex_update_3165 gfs2_rindex_update 0 3165 NULL +nf_conntrack_broadcast_help_3166 nf_conntrack_broadcast_help 0 3166 NULL nohasharray -+islpci_reset_3166 islpci_reset 0 3166 &nf_conntrack_broadcast_help_3166 ++islpci_reset_3166 islpci_reset 0 3166 &nf_conntrack_broadcast_help_3166 nohasharray ++mgmt_index_event_3166 mgmt_index_event 4 3166 &islpci_reset_3166 +nfc_alloc_send_skb_3167 nfc_alloc_send_skb 4 3167 NULL +rxrpc_create_3175 rxrpc_create 0 3175 NULL nohasharray +rebind_store_3175 rebind_store 0-3 3175 &rxrpc_create_3175 @@ -127813,10 +128331,12 @@ index 0000000..89e8e68 +ext3_xattr_find_entry_3237 ext3_xattr_find_entry 0 3237 NULL +macb_open_3240 macb_open 0 3240 NULL +key_key_read_3241 key_key_read 3-0 3241 NULL ++add_widget_node_3244 add_widget_node 0 3244 NULL +base_sock_bind_3245 base_sock_bind 0 3245 NULL +page_counter_memparse_3253 page_counter_memparse 0 3253 NULL +check_vendor_extension_3254 check_vendor_extension 1 3254 NULL nohasharray -+peak_usb_ndo_open_3254 peak_usb_ndo_open 0 3254 &check_vendor_extension_3254 ++peak_usb_ndo_open_3254 peak_usb_ndo_open 0 3254 &check_vendor_extension_3254 nohasharray ++__ip_local_out_sk_3254 __ip_local_out_sk 0 3254 &peak_usb_ndo_open_3254 +mei_amthif_write_3256 mei_amthif_write 0 3256 NULL +show_fc_host_firmware_version_3257 show_fc_host_firmware_version 0 3257 NULL +ipaq_open_3260 ipaq_open 0 3260 NULL @@ -127827,6 +128347,7 @@ index 0000000..89e8e68 +wq_cpumask_store_3269 wq_cpumask_store 0-4 3269 &mma8452_show_samp_freq_avail_3269 +technisat_usb2_i2c_xfer_3273 technisat_usb2_i2c_xfer 0-3 3273 NULL nohasharray +pccard_show_resource_3273 pccard_show_resource 0 3273 &technisat_usb2_i2c_xfer_3273 ++gk20a_instobj_ctor_iommu_3274 gk20a_instobj_ctor_iommu 4 3274 NULL +cifs_enable_signing_3276 cifs_enable_signing 0 3276 NULL +ath6kl_wmi_get_roam_tbl_cmd_3282 ath6kl_wmi_get_roam_tbl_cmd 0 3282 NULL +__ilog2_u64_3284 __ilog2_u64 0 3284 NULL @@ -127861,6 +128382,7 @@ index 0000000..89e8e68 +bt819_s_stream_3349 bt819_s_stream 0 3349 NULL +atm_init_aal34_3350 atm_init_aal34 0 3350 NULL +il_dbgfs_interrupt_read_3351 il_dbgfs_interrupt_read 3-0 3351 NULL ++rose_recvmsg_3352 rose_recvmsg 3 3352 NULL +gsm_control_rls_3353 gsm_control_rls 3 3353 NULL nohasharray +o2nm_cluster_attr_idle_timeout_ms_write_3353 o2nm_cluster_attr_idle_timeout_ms_write 3-0 3353 &gsm_control_rls_3353 +anx9805_aux_3358 anx9805_aux 0 3358 NULL @@ -127870,7 +128392,7 @@ index 0000000..89e8e68 +iwl_trans_update_sf_3363 iwl_trans_update_sf 0 3363 NULL +sr_read_3366 sr_read 3 3366 NULL +nilfs_segctor_fill_in_checkpoint_3369 nilfs_segctor_fill_in_checkpoint 0 3369 NULL -+mv88e6xxx_phy_write_3375 mv88e6xxx_phy_write 0 3375 NULL nohasharray ++mv88e6xxx_phy_write_3375 mv88e6xxx_phy_write 0-2 3375 NULL nohasharray +hotkey_bios_enabled_show_3375 hotkey_bios_enabled_show 0 3375 &mv88e6xxx_phy_write_3375 +cifs_write_3376 cifs_write 0 3376 NULL nohasharray +register_xenbus_watch_3376 register_xenbus_watch 0 3376 &cifs_write_3376 @@ -128030,6 +128552,7 @@ index 0000000..89e8e68 +__netdev_adjacent_dev_link_lists_3697 __netdev_adjacent_dev_link_lists 0 3697 NULL +target_core_show_dev_alias_3699 target_core_show_dev_alias 0 3699 NULL +videobuf_pages_to_sg_3708 videobuf_pages_to_sg 2 3708 NULL ++cfg80211_vendor_event_alloc_3709 cfg80211_vendor_event_alloc 3 3709 NULL +sys_getrandom_3710 sys_getrandom 2 3710 NULL +mlx4_en_config_rss_steer_3713 mlx4_en_config_rss_steer 0 3713 NULL +i2c_sendbytes_3714 i2c_sendbytes 0 3714 NULL @@ -128061,6 +128584,7 @@ index 0000000..89e8e68 +sctp_copy_one_addr_3771 sctp_copy_one_addr 0 3771 &temp1_show_3771 +mvs_show_driver_version_3772 mvs_show_driver_version 0 3772 NULL nohasharray +koneplus_sysfs_read_profilex_settings_3772 koneplus_sysfs_read_profilex_settings 0-5-6 3772 &mvs_show_driver_version_3772 ++ping_recvmsg_3773 ping_recvmsg 3 3773 NULL +store_enable_clkb0_output_3776 store_enable_clkb0_output 0-4 3776 NULL +nouveau_sysfs_pstate_set_3777 nouveau_sysfs_pstate_set 0-4 3777 NULL +apds990x_prox_enable_show_3778 apds990x_prox_enable_show 0 3778 NULL @@ -128089,7 +128613,8 @@ index 0000000..89e8e68 +ezusb_access_ltv_3838 ezusb_access_ltv 0 3838 &ceph_do_getattr_3838 +mtip_hw_show_status_3839 mtip_hw_show_status 0 3839 NULL +release_version_store_3841 release_version_store 0-4 3841 NULL -+fuse_try_move_page_3842 fuse_try_move_page 0 3842 NULL ++fuse_try_move_page_3842 fuse_try_move_page 0 3842 NULL nohasharray ++stringify_nodemap_3842 stringify_nodemap 2 3842 &fuse_try_move_page_3842 +max8925_disable_3844 max8925_disable 0 3844 NULL +vprbrd_i2c_read_3845 vprbrd_i2c_read 0 3845 NULL nohasharray +amd_xgbe_phy_switch_mode_3845 amd_xgbe_phy_switch_mode 0 3845 &vprbrd_i2c_read_3845 @@ -128101,11 +128626,13 @@ index 0000000..89e8e68 +smk_read_onlycap_3855 smk_read_onlycap 3-0 3855 NULL +show_session_param_ISCSI_PARAM_TARGET_ALIAS_3856 show_session_param_ISCSI_PARAM_TARGET_ALIAS 0 3856 NULL +fuse_retrieve_3857 fuse_retrieve 0 3857 NULL ++udf_direct_IO_3860 udf_direct_IO 3 3860 NULL +c67x00_urb_enqueue_3862 c67x00_urb_enqueue 0 3862 NULL +hfsplus_create_attr_3864 hfsplus_create_attr 0 3864 NULL nohasharray +video_write_3864 video_write 0 3864 &hfsplus_create_attr_3864 +get_fd_set_3866 get_fd_set 1 3866 NULL +show_pci_3867 show_pci 0 3867 NULL ++sst_hsw_module_set_param_3868 sst_hsw_module_set_param 5 3868 NULL +br_fdb_insert_3869 br_fdb_insert 0 3869 NULL +i7core_inject_show_channel_3874 i7core_inject_show_channel 0 3874 NULL +show_ctlr_enabled_state_3877 show_ctlr_enabled_state 0 3877 NULL @@ -128134,6 +128661,7 @@ index 0000000..89e8e68 +iwl_load_ucode_wait_alive_3936 iwl_load_ucode_wait_alive 0 3936 NULL +show_allow_ext_sg_3938 show_allow_ext_sg 0 3938 NULL +__vfs_read_3942 __vfs_read 0-3 3942 NULL ++rb_alloc_aux_3943 rb_alloc_aux 4 3943 NULL +hdlc_irq_one_3944 hdlc_irq_one 2 3944 NULL +cp_refill_rx_3947 cp_refill_rx 0 3947 NULL +apei_clear_mce_3948 apei_clear_mce 0 3948 NULL nohasharray @@ -128170,7 +128698,8 @@ index 0000000..89e8e68 +show_xps_map_4009 show_xps_map 0 4009 NULL +snd_hdsp_capture_copy_4011 snd_hdsp_capture_copy 5 4011 NULL +bcm_rx_setup_4014 bcm_rx_setup 0 4014 NULL -+wakeup_active_count_show_4016 wakeup_active_count_show 0 4016 NULL ++wakeup_active_count_show_4016 wakeup_active_count_show 0 4016 NULL nohasharray ++hsu_dma_prep_slave_sg_4016 hsu_dma_prep_slave_sg 3 4016 &wakeup_active_count_show_4016 +amd_xgbe_phy_gmii_mode_4019 amd_xgbe_phy_gmii_mode 0 4019 NULL +_request_firmware_4021 _request_firmware 0 4021 NULL +blk_end_request_4024 blk_end_request 3 4024 NULL nohasharray @@ -128181,7 +128710,8 @@ index 0000000..89e8e68 +ql3xxx_set_mac_address_4033 ql3xxx_set_mac_address 0 4033 NULL +b1_get_word_4035 b1_get_word 0 4035 NULL nohasharray +usbnet_write_cmd_async_4035 usbnet_write_cmd_async 7 4035 &b1_get_word_4035 -+xfs_free_ag_extent_4036 xfs_free_ag_extent 0 4036 NULL ++xfs_free_ag_extent_4036 xfs_free_ag_extent 0 4036 NULL nohasharray ++sha1_base_do_update_4036 sha1_base_do_update 0 4036 &xfs_free_ag_extent_4036 +mtip_hw_read_registers_4037 mtip_hw_read_registers 3-0 4037 NULL +store_tabletCoordinateMode_4043 store_tabletCoordinateMode 0-4 4043 NULL +oprofile_set_ulong_4046 oprofile_set_ulong 0 4046 NULL @@ -128270,7 +128800,8 @@ index 0000000..89e8e68 +axp20x_show_ext_attr_4232 axp20x_show_ext_attr 0 4232 NULL +bch_hprint_4233 bch_hprint 0 4233 NULL nohasharray +gpio_trig_gpio_store_4233 gpio_trig_gpio_store 0-4 4233 &bch_hprint_4233 -+show_fnode_max_segment_size_4234 show_fnode_max_segment_size 0 4234 NULL ++show_fnode_max_segment_size_4234 show_fnode_max_segment_size 0 4234 NULL nohasharray ++ext4_direct_IO_4234 ext4_direct_IO 3 4234 &show_fnode_max_segment_size_4234 +snd_seq_ioctl_query_next_port_4238 snd_seq_ioctl_query_next_port 0 4238 NULL +input_dev_show_cap_abs_4239 input_dev_show_cap_abs 0 4239 NULL +team_port_enable_netpoll_4243 team_port_enable_netpoll 0 4243 NULL @@ -128323,6 +128854,7 @@ index 0000000..89e8e68 +mlx4_qp_modify_4333 mlx4_qp_modify 0 4333 NULL +iscsi_disc_store_userid_4337 iscsi_disc_store_userid 0-3 4337 NULL +ima_eventdigest_init_common_4338 ima_eventdigest_init_common 2 4338 NULL ++unix_stream_sendmsg_4343 unix_stream_sendmsg 3 4343 NULL +rtl8169_get_sset_count_4349 rtl8169_get_sset_count 0 4349 NULL +show_tcrit1_4350 show_tcrit1 0 4350 NULL +netdev_vlan_rx_add_vid_4353 netdev_vlan_rx_add_vid 0 4353 NULL @@ -128343,6 +128875,7 @@ index 0000000..89e8e68 +uevent_seqnum_show_4383 uevent_seqnum_show 0 4383 NULL +pci_eg20t_init_4385 pci_eg20t_init 0 4385 NULL +irda_sendmsg_4388 irda_sendmsg 4-0 4388 NULL ++sctp_sendmsg_4391 sctp_sendmsg 3 4391 NULL +lp3943_gpio_set_mode_4393 lp3943_gpio_set_mode 0 4393 NULL +ovl_listxattr_4399 ovl_listxattr 0-3 4399 NULL +get_pwm1_enable_4401 get_pwm1_enable 0 4401 NULL nohasharray @@ -128554,7 +129087,8 @@ index 0000000..89e8e68 +isdn_divert_write_4891 isdn_divert_write 0-3 4891 NULL +s2io_ethtool_get_regs_len_4901 s2io_ethtool_get_regs_len 0 4901 NULL +shadow_fetch_4907 shadow_fetch 2 4907 NULL -+nilfs_segbuf_reset_4912 nilfs_segbuf_reset 0 4912 NULL ++nilfs_segbuf_reset_4912 nilfs_segbuf_reset 0 4912 NULL nohasharray ++mt6397_irq_handle_reg_4912 mt6397_irq_handle_reg 3 4912 &nilfs_segbuf_reset_4912 +qlcnic_82xx_alloc_mbx_args_4913 qlcnic_82xx_alloc_mbx_args 0 4913 NULL nohasharray +smsc911x_ethtool_getregslen_4913 smsc911x_ethtool_getregslen 0 4913 &qlcnic_82xx_alloc_mbx_args_4913 +sw_activity_store_4914 sw_activity_store 0 4914 NULL @@ -128716,6 +129250,7 @@ index 0000000..89e8e68 +snd_seq_ioctl_get_queue_tempo_5296 snd_seq_ioctl_get_queue_tempo 0 5296 NULL +qla2x00_optrom_fcode_version_show_5297 qla2x00_optrom_fcode_version_show 0 5297 NULL +lpfc_max_luns_show_5301 lpfc_max_luns_show 0 5301 NULL ++sco_sock_sendmsg_5302 sco_sock_sendmsg 3 5302 NULL +metapage_readpage_5304 metapage_readpage 0 5304 NULL nohasharray +alloc_dec_temp_buffers_5304 alloc_dec_temp_buffers 0 5304 &metapage_readpage_5304 nohasharray +t4vf_write_rss_vi_config_5304 t4vf_write_rss_vi_config 0 5304 &alloc_dec_temp_buffers_5304 @@ -128723,6 +129258,7 @@ index 0000000..89e8e68 +_efx_mcdi_rpc_finish_5310 _efx_mcdi_rpc_finish 0 5310 NULL +grow_inode_5311 grow_inode 0 5311 NULL +r592_write_fifo_pio_5315 r592_write_fifo_pio 3 5315 NULL ++pep_sendmsg_5316 pep_sendmsg 3 5316 NULL +sbc_get_write_same_sectors_5317 sbc_get_write_same_sectors 0 5317 NULL +selinux_ipv4_output_5320 selinux_ipv4_output 0 5320 NULL +pmcraid_show_log_level_5323 pmcraid_show_log_level 0 5323 NULL nohasharray @@ -128758,6 +129294,7 @@ index 0000000..89e8e68 +fcr_get_rxtrig_bytes_5384 fcr_get_rxtrig_bytes 0 5384 &disksize_store_5384 +efx_mcdi_port_reconfigure_5389 efx_mcdi_port_reconfigure 0 5389 NULL +at86rf230_set_hw_addr_filt_5394 at86rf230_set_hw_addr_filt 0 5394 NULL ++bitmap_fold_5396 bitmap_fold 4 5396 NULL +brcmf_netdev_set_mac_address_5397 brcmf_netdev_set_mac_address 0 5397 NULL +xadc_write_adc_reg_5398 xadc_write_adc_reg 0 5398 NULL +regulator_uV_show_5404 regulator_uV_show 0 5404 NULL @@ -128848,6 +129385,7 @@ index 0000000..89e8e68 +v4l2_s_ctrl_5571 v4l2_s_ctrl 0 5571 NULL +tda18271_set_standby_mode_5572 tda18271_set_standby_mode 0 5572 NULL +fir16_create_5574 fir16_create 3 5574 NULL ++ax25_sendmsg_5578 ax25_sendmsg 3 5578 NULL +bioset_create_5580 bioset_create 1 5580 NULL +fat_block_truncate_page_5581 fat_block_truncate_page 0 5581 NULL nohasharray +esas2r_write_vda_5581 esas2r_write_vda 0-3-4 5581 &fat_block_truncate_page_5581 @@ -128858,6 +129396,7 @@ index 0000000..89e8e68 +bind_store_5596 bind_store 0-3 5596 &thermal_throttle_cpu_callback_5596 +amd_xgbe_an_init_5602 amd_xgbe_an_init 0 5602 NULL +xcan_set_bittiming_5605 xcan_set_bittiming 0 5605 NULL ++pn_recvmsg_5607 pn_recvmsg 3 5607 NULL +ldm_frag_add_5611 ldm_frag_add 2 5611 NULL +compat_copy_entries_5617 compat_copy_entries 0 5617 NULL +__remove_suid_5618 __remove_suid 0 5618 NULL @@ -129002,11 +129541,14 @@ index 0000000..89e8e68 +sctp_bindx_rem_5938 sctp_bindx_rem 0 5938 &mlx4_en_create_tx_ring_5938 +edac_device_alloc_ctl_info_5941 edac_device_alloc_ctl_info 1 5941 NULL +ssb_devices_freeze_5945 ssb_devices_freeze 0 5945 NULL -+devkmsg_write_5947 devkmsg_write 0 5947 NULL -+affs_readpage_ofs_5951 affs_readpage_ofs 0 5951 NULL ++devkmsg_write_5947 devkmsg_write 0 5947 NULL nohasharray ++l2cap_sock_sendmsg_5947 l2cap_sock_sendmsg 3 5947 &devkmsg_write_5947 ++affs_readpage_ofs_5951 affs_readpage_ofs 0 5951 NULL nohasharray ++p9_get_mapped_pages_5951 p9_get_mapped_pages 4 5951 &affs_readpage_ofs_5951 +bnx2x_req_msix_irqs_5956 bnx2x_req_msix_irqs 0 5956 NULL +tipc_subseq_alloc_5957 tipc_subseq_alloc 1 5957 NULL nohasharray +erst_exec_add_value_5957 erst_exec_add_value 0 5957 &tipc_subseq_alloc_5957 ++tcp_recvmsg_5958 tcp_recvmsg 3 5958 NULL +attr_press_speed_show_tpkbd_5960 attr_press_speed_show_tpkbd 0 5960 NULL +free_hugepages_show_5961 free_hugepages_show 0 5961 NULL +ll_statahead_one_5962 ll_statahead_one 3 5962 NULL @@ -129041,11 +129583,13 @@ index 0000000..89e8e68 +crypto_rng_reset_6032 crypto_rng_reset 0 6032 &show_pwm_auto_point_channel_6032 +radeon_process_i2c_ch_6034 radeon_process_i2c_ch 0 6034 NULL +ntfs_rl_append_6037 ntfs_rl_append 4-2 6037 NULL -+hvfb_set_par_6038 hvfb_set_par 0 6038 NULL ++hvfb_set_par_6038 hvfb_set_par 0 6038 NULL nohasharray ++mei_cl_read_start_6038 mei_cl_read_start 2-0 6038 &hvfb_set_par_6038 +crccheck_store_6040 crccheck_store 0-4 6040 NULL +ipath_set_mtu_6042 ipath_set_mtu 0 6042 NULL +led_shot_6046 led_shot 0-4 6046 NULL -+otg_handle_notification_6055 otg_handle_notification 0 6055 NULL ++otg_handle_notification_6055 otg_handle_notification 0 6055 NULL nohasharray ++periph_interrupt_6055 periph_interrupt 2 6055 &otg_handle_notification_6055 +show_session_param_ISCSI_PARAM_DISCOVERY_LOGOUT_EN_6056 show_session_param_ISCSI_PARAM_DISCOVERY_LOGOUT_EN 0 6056 NULL +da9052_request_irq_6058 da9052_request_irq 2 6058 NULL +pccard_show_cis_6062 pccard_show_cis 0-5-6 6062 NULL @@ -129155,7 +129699,8 @@ index 0000000..89e8e68 +store_cluster_6316 store_cluster 0-4 6316 NULL +write_null_6319 write_null 0-3 6319 NULL +__netdev_adjacent_dev_link_neighbour_6321 __netdev_adjacent_dev_link_neighbour 0 6321 NULL -+extent_write_full_page_6322 extent_write_full_page 0 6322 NULL ++extent_write_full_page_6322 extent_write_full_page 0 6322 NULL nohasharray ++tipc_recvmsg_6322 tipc_recvmsg 3 6322 &extent_write_full_page_6322 +cyapa_gen3_bl_exit_6326 cyapa_gen3_bl_exit 0 6326 NULL +ibm_get_table_from_acpi_6329 ibm_get_table_from_acpi 0 6329 NULL nohasharray +SyS_mincore_6329 SyS_mincore 1-2 6329 &ibm_get_table_from_acpi_6329 @@ -129182,7 +129727,8 @@ index 0000000..89e8e68 +osd_req_read_sg_kern_6378 osd_req_read_sg_kern 5 6378 NULL nohasharray +sync_fence_alloc_6378 sync_fence_alloc 1 6378 &osd_req_read_sg_kern_6378 +msb_write_block_6379 msb_write_block 3 6379 NULL -+xfs_bmap_extents_to_btree_6387 xfs_bmap_extents_to_btree 0 6387 NULL ++xfs_bmap_extents_to_btree_6387 xfs_bmap_extents_to_btree 0 6387 NULL nohasharray ++sha1_ssse3_finup_6387 sha1_ssse3_finup 0 6387 &xfs_bmap_extents_to_btree_6387 +cfq_init_queue_6399 cfq_init_queue 0 6399 NULL +bb_store_6401 bb_store 3-0 6401 NULL +hash_elasticity_show_6402 hash_elasticity_show 0 6402 NULL @@ -129258,6 +129804,7 @@ index 0000000..89e8e68 +rng_recvmsg_6569 rng_recvmsg 4-0 6569 NULL +xfs_iozero_6573 xfs_iozero 0-3-2 6573 NULL +i2c_smbus_write_byte_6574 i2c_smbus_write_byte 0 6574 NULL ++do_blockdev_direct_IO_6575 do_blockdev_direct_IO 5-0 6575 NULL +max8997_rtc_set_alarm_6577 max8997_rtc_set_alarm 0 6577 NULL +bt_skb_send_alloc_6581 bt_skb_send_alloc 2 6581 NULL +SyS_fcntl64_6582 SyS_fcntl64 3 6582 NULL @@ -129338,8 +129885,10 @@ index 0000000..89e8e68 +mv88e6xxx_reg_read_6748 mv88e6xxx_reg_read 0 6748 NULL +wil_reset_6752 wil_reset 0 6752 NULL +uvesafb_show_nocrtc_6754 uvesafb_show_nocrtc 0 6754 NULL ++_mv88e6xxx_phy_write_6755 _mv88e6xxx_phy_write 0 6755 NULL +beiscsi_phys_port_disp_6756 beiscsi_phys_port_disp 0 6756 NULL nohasharray -+cciss_engage_scsi_6756 cciss_engage_scsi 0 6756 &beiscsi_phys_port_disp_6756 ++cciss_engage_scsi_6756 cciss_engage_scsi 0 6756 &beiscsi_phys_port_disp_6756 nohasharray ++i915_parse_cmds_6756 i915_parse_cmds 4-5 6756 &cciss_engage_scsi_6756 +mwifiex_cmd_rf_antenna_6757 mwifiex_cmd_rf_antenna 0 6757 NULL +usbhsh_urb_enqueue_6759 usbhsh_urb_enqueue 0 6759 NULL +mwl8k_cmd_set_new_stn_add_6760 mwl8k_cmd_set_new_stn_add 0 6760 NULL @@ -129379,6 +129928,7 @@ index 0000000..89e8e68 +codec_reg_show_6818 codec_reg_show 0 6818 NULL nohasharray +bcm_tx_setup_6818 bcm_tx_setup 0 6818 &codec_reg_show_6818 +rfcomm_send_frame_6819 rfcomm_send_frame 3 6819 NULL ++wil_get_bl_info_6823 wil_get_bl_info 0 6823 NULL +lbs_rdrf_write_6826 lbs_rdrf_write 3-0 6826 NULL nohasharray +host_reset_6826 host_reset 0 6826 &lbs_rdrf_write_6826 +xfs_bmap_first_unused_6827 xfs_bmap_first_unused 0 6827 NULL @@ -129417,7 +129967,8 @@ index 0000000..89e8e68 +show_fcstat_fc_seq_not_found_6897 show_fcstat_fc_seq_not_found 0 6897 NULL nohasharray +iscsi_tpg_param_show_DefaultTime2Retain_6897 iscsi_tpg_param_show_DefaultTime2Retain 0 6897 &show_fcstat_fc_seq_not_found_6897 +max_write_same_blocks_show_6899 max_write_same_blocks_show 0 6899 NULL -+wq_nice_store_6901 wq_nice_store 0-4 6901 NULL ++wq_nice_store_6901 wq_nice_store 0-4 6901 NULL nohasharray ++crypto_sha256_finup_6901 crypto_sha256_finup 0 6901 &wq_nice_store_6901 +veth_change_mtu_6902 veth_change_mtu 0 6902 NULL nohasharray +ext4_inode_bitmap_6902 ext4_inode_bitmap 0 6902 &veth_change_mtu_6902 +acerhdf_get_trip_temp_6903 acerhdf_get_trip_temp 0 6903 NULL @@ -129461,6 +130012,7 @@ index 0000000..89e8e68 +in_intr_mask_show_6971 in_intr_mask_show 0 6971 NULL +rsa_extract_mpi_6973 rsa_extract_mpi 5 6973 NULL nohasharray +i40e_dbg_dump_write_6973 i40e_dbg_dump_write 3-0 6973 &rsa_extract_mpi_6973 ++ubifs_decompress_6974 ubifs_decompress 0 6974 NULL +acpi_lpss_platform_notify_6980 acpi_lpss_platform_notify 0 6980 NULL +ismt_process_desc_6981 ismt_process_desc 0 6981 NULL +request_key_async_6990 request_key_async 4 6990 NULL @@ -129481,7 +130033,8 @@ index 0000000..89e8e68 +snd_pcm_do_resume_7028 snd_pcm_do_resume 0 7028 NULL +ath9k_tx99_init_7029 ath9k_tx99_init 0 7029 NULL +wimax_msg_7030 wimax_msg 4 7030 NULL -+ceph_kvmalloc_7033 ceph_kvmalloc 1 7033 NULL ++ceph_kvmalloc_7033 ceph_kvmalloc 1 7033 NULL nohasharray ++rawv6_recvmsg_7033 rawv6_recvmsg 3 7033 &ceph_kvmalloc_7033 +nilfs_segments_attr_store_7037 nilfs_segments_attr_store 0-4 7037 NULL +stmmac_hw_setup_7038 stmmac_hw_setup 0 7038 NULL +metrics_bytes_identical_show_7039 metrics_bytes_identical_show 0 7039 NULL @@ -129536,6 +130089,7 @@ index 0000000..89e8e68 +pscsi_show_configfs_dev_params_7152 pscsi_show_configfs_dev_params 0 7152 NULL +sky2_get_eeprom_len_7154 sky2_get_eeprom_len 0 7154 NULL +set_lcd_level_7155 set_lcd_level 0 7155 NULL ++nct7904_bank_lock_7159 nct7904_bank_lock 0 7159 NULL +max732x_gpio_to_irq_7160 max732x_gpio_to_irq 2 7160 NULL +fnic_reset_7163 fnic_reset 0 7163 NULL +r8a66597_enable_7164 r8a66597_enable 0 7164 NULL @@ -129545,7 +130099,8 @@ index 0000000..89e8e68 +fsp_attr_set_flags_7182 fsp_attr_set_flags 0-4 7182 NULL nohasharray +set_rdac1_7182 set_rdac1 4-0 7182 &fsp_attr_set_flags_7182 nohasharray +ext4_attr_store_7182 ext4_attr_store 0-4 7182 &set_rdac1_7182 -+f_hid_opts_report_desc_store_7188 f_hid_opts_report_desc_store 3 7188 NULL ++f_hid_opts_report_desc_store_7188 f_hid_opts_report_desc_store 3 7188 NULL nohasharray ++iwl_trans_wait_tx_queue_empty_7188 iwl_trans_wait_tx_queue_empty 0 7188 &f_hid_opts_report_desc_store_7188 +snd_mask_refine_max_7191 snd_mask_refine_max 0 7191 NULL +wl1271_init_pta_7195 wl1271_init_pta 0 7195 NULL +ext3_xattr_ibody_list_7201 ext3_xattr_ibody_list 0 7201 NULL @@ -129555,6 +130110,7 @@ index 0000000..89e8e68 +adjd_s311_update_scan_mode_7208 adjd_s311_update_scan_mode 0 7208 NULL +fsg_common_set_nluns_7209 fsg_common_set_nluns 2 7209 NULL +confirm_7211 confirm 0 7211 NULL ++trace_insert_enum_map_file_7213 trace_insert_enum_map_file 3 7213 NULL +tpm_rng_read_7214 tpm_rng_read 3 7214 NULL +of_dma_match_channel_7216 of_dma_match_channel 3 7216 NULL +acpi_device_uid_show_7226 acpi_device_uid_show 0 7226 NULL nohasharray @@ -129579,6 +130135,7 @@ index 0000000..89e8e68 +ssb_bus_resume_7272 ssb_bus_resume 0 7272 &dma_ops_alloc_addresses_7272 +palmas_update_bits_7273 palmas_update_bits 0 7273 NULL +htu21_show_humidity_7275 htu21_show_humidity 0 7275 NULL ++__vfs_write_7278 __vfs_write 0-3 7278 NULL +radeon_hw_i2c_xfer_7280 radeon_hw_i2c_xfer 0-3 7280 NULL nohasharray +smack_task_setnice_7280 smack_task_setnice 0 7280 &radeon_hw_i2c_xfer_7280 +kvm_suspend_7281 kvm_suspend 0 7281 NULL @@ -129723,6 +130280,7 @@ index 0000000..89e8e68 +xfs_bmap_btalloc_nullfb_7654 xfs_bmap_btalloc_nullfb 0 7654 NULL +show_fc_rport_supported_classes_7658 show_fc_rport_supported_classes 0 7658 NULL +fault_inject_write_7662 fault_inject_write 3-0 7662 NULL ++rng_recvmsg_7665 rng_recvmsg 3 7665 NULL +ds1305_set_alarm_7667 ds1305_set_alarm 0 7667 NULL +acpi_bus_init_power_7670 acpi_bus_init_power 0 7670 NULL +tcm_qla2xxx_tpg_attrib_store_generate_node_acls_7674 tcm_qla2xxx_tpg_attrib_store_generate_node_acls 0-3 7674 NULL @@ -129859,14 +130417,16 @@ index 0000000..89e8e68 +write_room_8009 write_room 0 8009 NULL +nfs_commit_inode_8011 nfs_commit_inode 0 8011 NULL +tt3650_ci_msg_locked_8013 tt3650_ci_msg_locked 4 8013 NULL nohasharray -+ip6gre_tap_init_8013 ip6gre_tap_init 0 8013 &tt3650_ci_msg_locked_8013 ++ip6gre_tap_init_8013 ip6gre_tap_init 0 8013 &tt3650_ci_msg_locked_8013 nohasharray ++xfs_break_layouts_8013 xfs_break_layouts 0 8013 &ip6gre_tap_init_8013 +vcs_read_8017 vcs_read 3-0 8017 NULL +cx18_s_audio_mode_8020 cx18_s_audio_mode 0 8020 NULL +aux3_show_8025 aux3_show 0 8025 NULL +cifs_sync_write_8031 cifs_sync_write 0 8031 NULL nohasharray +snd_seq_oss_synth_load_patch_8031 snd_seq_oss_synth_load_patch 0 8031 &cifs_sync_write_8031 +ath10k_vdev_start_restart_8033 ath10k_vdev_start_restart 0 8033 NULL -+fuse_copy_fill_8034 fuse_copy_fill 0 8034 NULL ++fuse_copy_fill_8034 fuse_copy_fill 0 8034 NULL nohasharray ++snd_hdac_bus_exec_verb_8034 snd_hdac_bus_exec_verb 0 8034 &fuse_copy_fill_8034 +led_set_flash_brightness_8039 led_set_flash_brightness 0 8039 NULL +bma180_show_scale_avail_8040 bma180_show_scale_avail 0 8040 NULL nohasharray +copy_gr_arg_normal_8040 copy_gr_arg_normal 0 8040 &bma180_show_scale_avail_8040 @@ -129887,6 +130447,7 @@ index 0000000..89e8e68 +qla4xxx_post_ping_evt_work_8074 qla4xxx_post_ping_evt_work 4 8074 &alloc_targets_8074 nohasharray +current_has_perm_8074 current_has_perm 0 8074 &qla4xxx_post_ping_evt_work_8074 nohasharray +reiserfs_setattr_8074 reiserfs_setattr 0 8074 ¤t_has_perm_8074 ++gfs2_quota_lock_check_8075 gfs2_quota_lock_check 0 8075 NULL +new_id_show_8076 new_id_show 0 8076 NULL nohasharray +command_setcompressiontarget_8076 command_setcompressiontarget 0 8076 &new_id_show_8076 +strict_show_8078 strict_show 0 8078 NULL @@ -129898,6 +130459,7 @@ index 0000000..89e8e68 +ext2_commit_chunk_8097 ext2_commit_chunk 3 8097 NULL +ds2781_write_8099 ds2781_write 4-3-0 8099 NULL +input_dev_show_cap_msc_8102 input_dev_show_cap_msc 0 8102 NULL ++vmbus_sendpacket_pagebuffer_ctl_8103 vmbus_sendpacket_pagebuffer_ctl 0 8103 NULL +csrow_ue_count_show_8104 csrow_ue_count_show 0 8104 NULL +ax88179_read_cmd_8105 ax88179_read_cmd 5 8105 NULL +show_bpdu_guard_8110 show_bpdu_guard 0 8110 NULL @@ -129940,6 +130502,7 @@ index 0000000..89e8e68 +ore_truncate_8181 ore_truncate 0 8181 NULL nohasharray +mlx4_en_activate_tx_ring_8181 mlx4_en_activate_tx_ring 0 8181 &ore_truncate_8181 +show_iface_max_burst_len_8182 show_iface_max_burst_len 0 8182 NULL ++hci_sock_recvmsg_8184 hci_sock_recvmsg 3 8184 NULL +lp3943_update_bits_8185 lp3943_update_bits 0 8185 NULL +ieee80211_if_fmt_dot11MeshHoldingTimeout_8187 ieee80211_if_fmt_dot11MeshHoldingTimeout 3 8187 NULL +write_classid_8189 write_classid 0 8189 NULL @@ -130000,6 +130563,7 @@ index 0000000..89e8e68 +sel_make_policycap_8346 sel_make_policycap 0 8346 NULL +ieee80211_if_fmt_ht_opmode_8347 ieee80211_if_fmt_ht_opmode 3 8347 NULL +target_core_dev_pr_show_attr_res_type_8349 target_core_dev_pr_show_attr_res_type 0 8349 NULL ++sync_request_8350 sync_request 2 8350 NULL +nfs4_lookup_root_sec_8353 nfs4_lookup_root_sec 0 8353 NULL +prop_compression_apply_8354 prop_compression_apply 0 8354 NULL nohasharray +open_candev_8354 open_candev 0 8354 &prop_compression_apply_8354 @@ -130033,7 +130597,8 @@ index 0000000..89e8e68 +roccat_common2_sysfs_read_8431 roccat_common2_sysfs_read 6-0 8431 NULL +capability_set_8433 capability_set 0-4 8433 NULL +snd_usb_ctl_msg_8436 snd_usb_ctl_msg 8-0 8436 NULL -+irq_create_mapping_8437 irq_create_mapping 0-2 8437 NULL ++irq_create_mapping_8437 irq_create_mapping 0-2 8437 NULL nohasharray ++nfs_sync_inode_8437 nfs_sync_inode 0 8437 &irq_create_mapping_8437 +sk_stream_wait_memory_8438 sk_stream_wait_memory 0 8438 NULL +generic_bin_search_8440 generic_bin_search 0 8440 NULL +get_b_bus_req_8443 get_b_bus_req 0 8443 NULL @@ -130063,6 +130628,7 @@ index 0000000..89e8e68 +snd_timer_open_8492 snd_timer_open 0 8492 NULL +rpcauth_key_timeout_notify_8494 rpcauth_key_timeout_notify 0 8494 NULL +in0_input_show_8498 in0_input_show 0 8498 NULL ++i40e_init_msix_8499 i40e_init_msix 0 8499 NULL +fore200e_chunk_alloc_8501 fore200e_chunk_alloc 4-3 8501 NULL +ecryptfs_calculate_md5_8504 ecryptfs_calculate_md5 0 8504 NULL +dev_config_8506 dev_config 3 8506 NULL @@ -130115,6 +130681,7 @@ index 0000000..89e8e68 +__dev_set_allmulti_8622 __dev_set_allmulti 0 8622 NULL +xfs_qm_dqattach_locked_8625 xfs_qm_dqattach_locked 0 8625 NULL +cifs_negotiate_8626 cifs_negotiate 0 8626 NULL ++iwl_pcie_load_cpu_sections_8000_8627 iwl_pcie_load_cpu_sections_8000 0 8627 NULL +it821x_firmware_command_8628 it821x_firmware_command 3 8628 NULL +scsi_dma_map_8632 scsi_dma_map 0 8632 NULL +sh_vou_buf_prepare_8633 sh_vou_buf_prepare 0 8633 NULL @@ -130193,6 +130760,7 @@ index 0000000..89e8e68 +show_hardware_8789 show_hardware 0 8789 NULL +edd_show_sectors_8794 edd_show_sectors 0 8794 NULL +__bitmap_weight_8796 __bitmap_weight 0 8796 NULL ++nct7904_read_reg16_8798 nct7904_read_reg16 0 8798 NULL +ip_vs_remote_request6_8805 ip_vs_remote_request6 0 8805 NULL +gfs2_glock_nq_8808 gfs2_glock_nq 0 8808 NULL nohasharray +prod_id2_show_8808 prod_id2_show 0 8808 &gfs2_glock_nq_8808 nohasharray @@ -130204,7 +130772,8 @@ index 0000000..89e8e68 +bd2802_store_reg0x06_8815 bd2802_store_reg0x06 0-4 8815 NULL +show_counter_rx_dwords_8819 show_counter_rx_dwords 0 8819 NULL +metronomefb_write_8823 metronomefb_write 3 8823 NULL -+SyS_llistxattr_8824 SyS_llistxattr 3 8824 NULL ++SyS_llistxattr_8824 SyS_llistxattr 3 8824 NULL nohasharray ++hfsplus_direct_IO_8824 hfsplus_direct_IO 3 8824 &SyS_llistxattr_8824 +nilfs_segctor_reset_segment_buffer_8825 nilfs_segctor_reset_segment_buffer 0 8825 NULL +extent_read_full_page_8826 extent_read_full_page 0 8826 NULL +ll_xattr_cache_get_8829 ll_xattr_cache_get 0 8829 NULL @@ -130213,7 +130782,8 @@ index 0000000..89e8e68 +new_files_jdata_store_8832 new_files_jdata_store 0-3 8832 &mmc_wait_for_cmd_8832 +get_queue_depth_8833 get_queue_depth 0 8833 NULL nohasharray +icmpv6_manip_pkt_8833 icmpv6_manip_pkt 4 8833 &get_queue_depth_8833 -+dvb_ringbuffer_pkt_next_8834 dvb_ringbuffer_pkt_next 0-2 8834 NULL ++dvb_ringbuffer_pkt_next_8834 dvb_ringbuffer_pkt_next 0-2 8834 NULL nohasharray ++mgmt_generic_event_8834 mgmt_generic_event 4 8834 &dvb_ringbuffer_pkt_next_8834 +usb_ep_queue_8839 usb_ep_queue 0 8839 NULL nohasharray +nilfs_mdt_get_block_8839 nilfs_mdt_get_block 0 8839 &usb_ep_queue_8839 +policydb_bounds_sanity_check_8846 policydb_bounds_sanity_check 0 8846 NULL @@ -130323,7 +130893,8 @@ index 0000000..89e8e68 +sta_tx_latency_stat_header_9050 sta_tx_latency_stat_header 0-3-4 9050 NULL +clk_ctl_store_9053 clk_ctl_store 0-4 9053 NULL +__uncore_xbr_mm_cfg_show_9057 __uncore_xbr_mm_cfg_show 0 9057 NULL -+ep_queue_9060 ep_queue 0 9060 NULL ++ep_queue_9060 ep_queue 0 9060 NULL nohasharray ++rhashtable_lookup_insert_key_9060 rhashtable_lookup_insert_key 0 9060 &ep_queue_9060 +snd_emu10k1_synth_copy_from_user_9061 snd_emu10k1_synth_copy_from_user 5-3 9061 NULL +snd_gus_dram_peek_9062 snd_gus_dram_peek 4 9062 NULL nohasharray +fnic_show_link_state_9062 fnic_show_link_state 0 9062 &snd_gus_dram_peek_9062 @@ -130366,7 +130937,8 @@ index 0000000..89e8e68 +ext4_da_write_inline_data_end_9179 ext4_da_write_inline_data_end 4-0 9179 NULL nohasharray +w1_ds2780_eeprom_cmd_9179 w1_ds2780_eeprom_cmd 0 9179 &ext4_da_write_inline_data_end_9179 +isr_irqs_read_9181 isr_irqs_read 3-0 9181 NULL -+count_leading_zeros_9183 count_leading_zeros 0 9183 NULL ++count_leading_zeros_9183 count_leading_zeros 0 9183 NULL nohasharray ++bitmap_storage_alloc_9183 bitmap_storage_alloc 2-0 9183 &count_leading_zeros_9183 +show_counter_ib_link_downeds_9184 show_counter_ib_link_downeds 0 9184 NULL +ax25_bind_9185 ax25_bind 0 9185 NULL +xfs_btree_rshift_9187 xfs_btree_rshift 0 9187 NULL @@ -130399,6 +130971,7 @@ index 0000000..89e8e68 +sctp_getsockopt_delayed_ack_9232 sctp_getsockopt_delayed_ack 2 9232 NULL nohasharray +core_alua_show_preferred_bit_9232 core_alua_show_preferred_bit 0 9232 &sctp_getsockopt_delayed_ack_9232 +edac_dev_ctl_info_store_9233 edac_dev_ctl_info_store 0-4 9233 NULL ++l2tp_ip_sendmsg_9235 l2tp_ip_sendmsg 3 9235 NULL +tps6507x_pmic_reg_read_9236 tps6507x_pmic_reg_read 0 9236 NULL +__bnx2fc_enable_9238 __bnx2fc_enable 0 9238 NULL +ext4_mark_iloc_dirty_9239 ext4_mark_iloc_dirty 0 9239 NULL @@ -130484,6 +131057,7 @@ index 0000000..89e8e68 +i2c_sysfs_new_device_9417 i2c_sysfs_new_device 0-4 9417 NULL +nf_nat_sip_expect_9418 nf_nat_sip_expect 8 9418 NULL nohasharray +store_lmc_9418 store_lmc 0-4 9418 &nf_nat_sip_expect_9418 ++ocfs2_direct_IO_zero_extend_9424 ocfs2_direct_IO_zero_extend 0-4 9424 NULL +show_ipv6_iface_router_state_9425 show_ipv6_iface_router_state 0 9425 NULL nohasharray +prism2_aux_dump_proc_no_read_9425 prism2_aux_dump_proc_no_read 0-3 9425 &show_ipv6_iface_router_state_9425 +sync_inode_9429 sync_inode 0 9429 NULL @@ -130534,6 +131108,7 @@ index 0000000..89e8e68 +match_format_9516 match_format 0 9516 &disk_events_show_9516 +do_strip_9517 do_strip 0 9517 NULL +target_core_alua_tg_pt_gp_show_attr_preferred_9519 target_core_alua_tg_pt_gp_show_attr_preferred 0 9519 NULL ++common_rfc4106_set_key_9520 common_rfc4106_set_key 3 9520 NULL +iwl_dbgfs_fw_dbg_conf_read_9522 iwl_dbgfs_fw_dbg_conf_read 3-0 9522 NULL +roccat_common2_sysfs_read_keys_macro_9524 roccat_common2_sysfs_read_keys_macro 0-5-6 9524 NULL +log_buf_len_show_9525 log_buf_len_show 0 9525 NULL @@ -130618,6 +131193,7 @@ index 0000000..89e8e68 +calgary_map_sg_9680 calgary_map_sg 0-3 9680 NULL +urbnum_show_9682 urbnum_show 0 9682 NULL nohasharray +wl1271_init_templates_config_9682 wl1271_init_templates_config 0 9682 &urbnum_show_9682 ++f81232_set_register_9683 f81232_set_register 0 9683 NULL +nilfs_btree_lookup_9685 nilfs_btree_lookup 0 9685 NULL +show_in0_9686 show_in0 0 9686 NULL +__erst_read_from_storage_9690 __erst_read_from_storage 0 9690 NULL @@ -130636,6 +131212,7 @@ index 0000000..89e8e68 +parse_uac2_sample_rate_range_9718 parse_uac2_sample_rate_range 0 9718 NULL +sstfb_set_par_9719 sstfb_set_par 0 9719 NULL +SYSC_ppoll_9721 SYSC_ppoll 2 9721 NULL ++sha512_base_finish_9729 sha512_base_finish 0 9729 NULL +t4_wr_mbox_9732 t4_wr_mbox 0 9732 NULL +cyapa_update_suspend_scanrate_9734 cyapa_update_suspend_scanrate 0-4 9734 NULL +show_cmd_per_lun_9735 show_cmd_per_lun 0 9735 NULL nohasharray @@ -130687,12 +131264,15 @@ index 0000000..89e8e68 +rtl92ce_hw_init_9858 rtl92ce_hw_init 0 9858 NULL +garmin_write_room_9859 garmin_write_room 0 9859 NULL +iwl_poll_prph_bit_9861 iwl_poll_prph_bit 0 9861 NULL -+bfad_im_model_show_9862 bfad_im_model_show 0 9862 NULL ++bfad_im_model_show_9862 bfad_im_model_show 0 9862 NULL nohasharray ++sha256_ssse3_finup_9862 sha256_ssse3_finup 0 9862 &bfad_im_model_show_9862 +pmcraid_alloc_sglist_9864 pmcraid_alloc_sglist 1 9864 NULL ++pep_recvmsg_9866 pep_recvmsg 3 9866 NULL +task_can_attach_9867 task_can_attach 0 9867 NULL +f1x_translate_sysaddr_to_cs_9868 f1x_translate_sysaddr_to_cs 2 9868 NULL +wil_read_file_ioblob_9878 wil_read_file_ioblob 3-0 9878 NULL nohasharray +dir_commit_chunk_9878 dir_commit_chunk 3 9878 &wil_read_file_ioblob_9878 ++ping_v4_sendmsg_9883 ping_v4_sendmsg 3 9883 NULL +fuse_dev_read_9884 fuse_dev_read 0 9884 NULL +wl1271_cmd_radio_parms_9886 wl1271_cmd_radio_parms 0 9886 NULL +show_sensor_9889 show_sensor 0 9889 NULL @@ -130725,7 +131305,8 @@ index 0000000..89e8e68 +store_9970 store 0 9970 &vivid_loop_out_s_ctrl_9970 +btrfs_add_link_9973 btrfs_add_link 5 9973 NULL nohasharray +show_fcstat_rx_frames_9973 show_fcstat_rx_frames 0 9973 &btrfs_add_link_9973 -+ath6kl_usb_submit_ctrl_out_9978 ath6kl_usb_submit_ctrl_out 6 9978 NULL ++ath6kl_usb_submit_ctrl_out_9978 ath6kl_usb_submit_ctrl_out 6 9978 NULL nohasharray ++compat_import_iovec_9978 compat_import_iovec 3-0 9978 &ath6kl_usb_submit_ctrl_out_9978 +il4965_dump_fh_9979 il4965_dump_fh 0 9979 NULL +twl6040_power_up_manual_9982 twl6040_power_up_manual 0 9982 NULL nohasharray +sscanf_9982 sscanf 0 9982 &twl6040_power_up_manual_9982 nohasharray @@ -130791,7 +131372,9 @@ index 0000000..89e8e68 +ufs_bitmap_search_10105 ufs_bitmap_search 0-3 10105 NULL +get_elem_size_10110 get_elem_size 0-2 10110 NULL nohasharray +dynamic_ps_timeout_read_10110 dynamic_ps_timeout_read 3-0 10110 &get_elem_size_10110 -+gfs2_meta_read_10112 gfs2_meta_read 0 10112 NULL ++rocker_desc_err_10111 rocker_desc_err 0 10111 NULL ++gfs2_meta_read_10112 gfs2_meta_read 0 10112 NULL nohasharray ++link_schedule_user_10112 link_schedule_user 0 10112 &gfs2_meta_read_10112 +host_control_smi_type_store_10118 host_control_smi_type_store 0-4 10118 NULL +snd_vortex_pcm_trigger_10123 snd_vortex_pcm_trigger 0 10123 NULL +wl1271_acx_host_if_cfg_bitmap_10124 wl1271_acx_host_if_cfg_bitmap 0 10124 NULL @@ -130963,6 +131546,7 @@ index 0000000..89e8e68 +get_key_10538 get_key 0 10538 NULL +sas_set_phy_speed_10540 sas_set_phy_speed 0 10540 NULL +SYSC_read_10545 SYSC_read 3 10545 NULL ++crypto_sha512_finup_10555 crypto_sha512_finup 0 10555 NULL +pm_qos_no_power_off_show_10556 pm_qos_no_power_off_show 0 10556 NULL +ivtv_start_10559 ivtv_start 0 10559 NULL +ipr_read_dump_10560 ipr_read_dump 0-5-6 10560 NULL @@ -130995,6 +131579,7 @@ index 0000000..89e8e68 +cap_mask_show_10632 cap_mask_show 0 10632 &alloc_coherent_10632 nohasharray +il4965_send_tx_power_10632 il4965_send_tx_power 0 10632 &cap_mask_show_10632 +fq_alloc_node_10633 fq_alloc_node 1 10633 NULL ++sha256_base_do_update_10634 sha256_base_do_update 0 10634 NULL +ov9650_set_auto_gain_10638 ov9650_set_auto_gain 0 10638 NULL nohasharray +proc_sys_write_10638 proc_sys_write 0-3 10638 &ov9650_set_auto_gain_10638 +check_transition_10639 check_transition 0 10639 NULL @@ -131083,6 +131668,7 @@ index 0000000..89e8e68 +fuse_conn_max_background_read_10855 fuse_conn_max_background_read 3-0 10855 NULL +snd_card_asihpi_playback_ioctl_10857 snd_card_asihpi_playback_ioctl 0 10857 NULL +usnic_ib_show_qp_per_vf_10858 usnic_ib_show_qp_per_vf 0 10858 NULL ++read_edid_block_10860 read_edid_block 4 10860 NULL +btrfs_permission_10861 btrfs_permission 0 10861 NULL +ol_chunk_blocks_10864 ol_chunk_blocks 0 10864 NULL +trivial_online_10866 trivial_online 0 10866 NULL @@ -131159,7 +131745,8 @@ index 0000000..89e8e68 +ixgbe_disable_sriov_11037 ixgbe_disable_sriov 0 11037 &mb_find_next_bit_11037 +shmem_listxattr_11040 shmem_listxattr 0-3 11040 NULL +mask_and_set_register_11042 mask_and_set_register 0 11042 NULL -+sys_sendfile_11048 sys_sendfile 4 11048 NULL ++sys_sendfile_11048 sys_sendfile 4 11048 NULL nohasharray ++rawsock_recvmsg_11048 rawsock_recvmsg 3 11048 &sys_sendfile_11048 +tda10048_writeregbulk_11050 tda10048_writeregbulk 4 11050 NULL +char2uni_11054 char2uni 0 11054 NULL +srpt_tpg_attrib_store_srp_sq_size_11059 srpt_tpg_attrib_store_srp_sq_size 0-3 11059 NULL @@ -131528,7 +132115,8 @@ index 0000000..89e8e68 +pc87413_notify_sys_11917 pc87413_notify_sys 0 11917 NULL +_rbd_dev_v2_snap_features_11922 _rbd_dev_v2_snap_features 0 11922 NULL +fs_devrw_entry_11924 fs_devrw_entry 3-0 11924 NULL -+SMBNTencrypt_11929 SMBNTencrypt 0 11929 NULL ++SMBNTencrypt_11929 SMBNTencrypt 0 11929 NULL nohasharray ++bitmap_remap_11929 bitmap_remap 5 11929 &SMBNTencrypt_11929 +show_limit_11932 show_limit 0 11932 NULL +nf_nat_ipv6_local_fn_11937 nf_nat_ipv6_local_fn 0 11937 NULL nohasharray +max1027_debugfs_reg_access_11937 max1027_debugfs_reg_access 0 11937 &nf_nat_ipv6_local_fn_11937 @@ -131577,6 +132165,7 @@ index 0000000..89e8e68 +audit_sockaddr_12030 audit_sockaddr 0 12030 NULL +s2io_card_up_12032 s2io_card_up 0 12032 NULL +notifier_call_chain_12036 notifier_call_chain 0 12036 NULL ++vcc_sendmsg_12038 vcc_sendmsg 3 12038 NULL +device_offline_12042 device_offline 0 12042 NULL +ftdi_elan_total_command_size_12045 ftdi_elan_total_command_size 0 12045 NULL +bdx_tx_init_12046 bdx_tx_init 0 12046 NULL @@ -131767,6 +132356,7 @@ index 0000000..89e8e68 +e1000e_get_sset_count_12456 e1000e_get_sset_count 0 12456 NULL +nvkm_engine_create__12458 nvkm_engine_create_ 7 12458 NULL +deadline_read_expire_store_12459 deadline_read_expire_store 0-3 12459 NULL ++llcp_sock_recvmsg_12460 llcp_sock_recvmsg 3 12460 NULL +rbd_dev_v2_header_info_12466 rbd_dev_v2_header_info 0 12466 NULL +defrag_show_12468 defrag_show 0 12468 NULL nohasharray +mei_write_message_12468 mei_write_message 0 12468 &defrag_show_12468 @@ -131858,7 +132448,8 @@ index 0000000..89e8e68 +wl18xx_acx_ap_sleep_12628 wl18xx_acx_ap_sleep 0 12628 NULL +pwr_rcvd_awake_bcns_cnt_read_12632 pwr_rcvd_awake_bcns_cnt_read 3-0 12632 NULL +store_blank_12636 store_blank 0-4 12636 NULL -+pn_sendmsg_12640 pn_sendmsg 4-0 12640 NULL ++pn_sendmsg_12640 pn_sendmsg 4-0 12640 NULL nohasharray ++nr_sendmsg_12640 nr_sendmsg 3 12640 &pn_sendmsg_12640 +dwc3_link_state_write_12641 dwc3_link_state_write 3-0 12641 NULL +nr_recvmsg_12649 nr_recvmsg 4-0 12649 NULL +wb_create_12651 wb_create 1 12651 NULL @@ -131972,6 +132563,7 @@ index 0000000..89e8e68 +wsm_cmd_send_12901 wsm_cmd_send 0 12901 NULL +_regmap_raw_read_12902 _regmap_raw_read 0 12902 NULL nohasharray +request_12902 request 0 12902 &_regmap_raw_read_12902 ++ocfs2_hamming_encode_block_12904 ocfs2_hamming_encode_block 2 12904 NULL +sha512_ssse3_export_12905 sha512_ssse3_export 0 12905 NULL +elan_write_fw_block_12906 elan_write_fw_block 0 12906 NULL +get_virtual_node_size_12908 get_virtual_node_size 0 12908 NULL @@ -132002,6 +132594,7 @@ index 0000000..89e8e68 +lpfc_link_speed_show_12965 lpfc_link_speed_show 0 12965 NULL nohasharray +snd_seq_prioq_cell_in_12965 snd_seq_prioq_cell_in 0 12965 &lpfc_link_speed_show_12965 +start_khugepaged_12971 start_khugepaged 0 12971 NULL ++__rhashtable_insert_fast_12974 __rhashtable_insert_fast 0 12974 NULL +iwl_mvm_read_external_nvm_12975 iwl_mvm_read_external_nvm 0 12975 NULL +klp_enable_object_12977 klp_enable_object 0 12977 NULL +broadsheet_setup_plls_12983 broadsheet_setup_plls 0 12983 NULL @@ -132169,6 +132762,7 @@ index 0000000..89e8e68 +iso_sched_alloc_13377 iso_sched_alloc 1 13377 &wep_key_not_found_read_13377 +iio_buffer_read_first_n_outer_13378 iio_buffer_read_first_n_outer 0-3 13378 NULL +sctp_wait_for_connect_13379 sctp_wait_for_connect 0 13379 NULL ++bt_sock_recvmsg_13380 bt_sock_recvmsg 3 13380 NULL +zl10036_set_params_13381 zl10036_set_params 0 13381 NULL +activity_write_13388 activity_write 0-6-5 13388 NULL nohasharray +lov_mds_md_size_13388 lov_mds_md_size 0-1 13388 &activity_write_13388 @@ -132187,7 +132781,8 @@ index 0000000..89e8e68 +compat_SyS_sendfile64_13420 compat_SyS_sendfile64 4 13420 NULL +show_multicast_fast_leave_13427 show_multicast_fast_leave 0 13427 NULL +bq2415x_exec_command_13430 bq2415x_exec_command 0 13430 NULL -+smb_sendv_13437 smb_sendv 0 13437 NULL ++smb_sendv_13437 smb_sendv 0 13437 NULL nohasharray ++__tipc_send_stream_13437 __tipc_send_stream 3 13437 &smb_sendv_13437 +mwifiex_get_bss_info_13439 mwifiex_get_bss_info 0 13439 NULL nohasharray +request_firmware_nowait_13439 request_firmware_nowait 0 13439 &mwifiex_get_bss_info_13439 +sctp_setsockopt_peer_primary_addr_13440 sctp_setsockopt_peer_primary_addr 3-0 13440 NULL @@ -132278,7 +132873,8 @@ index 0000000..89e8e68 +swap_cgroup_swapon_13614 swap_cgroup_swapon 2 13614 NULL +wm8994_bulk_write_13615 wm8994_bulk_write 2-3 13615 NULL nohasharray +ov7670_write_smbus_13615 ov7670_write_smbus 0 13615 &wm8994_bulk_write_13615 -+__ntfs_grab_cache_pages_13617 __ntfs_grab_cache_pages 0 13617 NULL ++__ntfs_grab_cache_pages_13617 __ntfs_grab_cache_pages 0 13617 NULL nohasharray ++nr_recvmsg_13617 nr_recvmsg 3 13617 &__ntfs_grab_cache_pages_13617 +pmcraid_get_minor_13619 pmcraid_get_minor 0 13619 NULL +atl1_get_regs_len_13624 atl1_get_regs_len 0 13624 NULL +iio_device_add_event_sysfs_13627 iio_device_add_event_sysfs 0 13627 NULL @@ -132305,6 +132901,7 @@ index 0000000..89e8e68 +nes_store_idx_addr_13673 nes_store_idx_addr 0-3 13673 NULL +show_ipOutForwDatagrams_13674 show_ipOutForwDatagrams 0 13674 NULL +omap_hsmmc_show_slot_name_13675 omap_hsmmc_show_slot_name 0 13675 NULL ++i915_gem_obj_ggtt_offset_view_13680 i915_gem_obj_ggtt_offset_view 0 13680 NULL +dvb_usb_generic_rw_13681 dvb_usb_generic_rw 0 13681 NULL nohasharray +acpi_suspend_lowlevel_13681 acpi_suspend_lowlevel 0 13681 &dvb_usb_generic_rw_13681 +ext3_xattr_list_entries_13682 ext3_xattr_list_entries 0 13682 NULL nohasharray @@ -132319,6 +132916,7 @@ index 0000000..89e8e68 +gadget_dev_desc_bcdUSB_store_13691 gadget_dev_desc_bcdUSB_store 0-3 13691 &check_intr_schedule_13691 nohasharray +uevent_helper_store_13691 uevent_helper_store 0-4 13691 &gadget_dev_desc_bcdUSB_store_13691 +usb_get_string_13693 usb_get_string 0 13693 NULL ++tipc_send_stream_13696 tipc_send_stream 3 13696 NULL +patch_vt2002P_13697 patch_vt2002P 0 13697 NULL +fw_iso_buffer_alloc_13704 fw_iso_buffer_alloc 2 13704 NULL nohasharray +ntc_show_name_13704 ntc_show_name 0 13704 &fw_iso_buffer_alloc_13704 nohasharray @@ -132338,6 +132936,7 @@ index 0000000..89e8e68 +dsbr100_setfreq_13739 dsbr100_setfreq 0 13739 &cfg80211_testmode_alloc_event_skb_13739 +ql_wait_reg_rdy_13741 ql_wait_reg_rdy 0 13741 NULL +audit_unpack_string_13748 audit_unpack_string 3 13748 NULL ++snd_hdac_device_register_13749 snd_hdac_device_register 0 13749 NULL +ufs_dtog_13750 ufs_dtog 0-2 13750 NULL +lbmLogInit_13756 lbmLogInit 0 13756 NULL +netprio_set_prio_13758 netprio_set_prio 0 13758 NULL @@ -132348,6 +132947,7 @@ index 0000000..89e8e68 +fb_sys_read_13778 fb_sys_read 3 13778 NULL +edac_device_ctl_panic_on_ue_show_13780 edac_device_ctl_panic_on_ue_show 0 13780 NULL +qib_setup_sdma_13784 qib_setup_sdma 0 13784 NULL ++l2tp_ip_recvmsg_13785 l2tp_ip_recvmsg 3 13785 NULL +roccat_common2_sysfs_read_sensor_13788 roccat_common2_sysfs_read_sensor 0-5-6 13788 NULL +sysfs_do_cmd_13790 sysfs_do_cmd 0-4 13790 NULL +ath6kl_mgmt_powersave_ap_13791 ath6kl_mgmt_powersave_ap 6 13791 NULL @@ -132355,6 +132955,7 @@ index 0000000..89e8e68 +migrate_pages_13797 migrate_pages 0 13797 NULL +cpu_down_13801 cpu_down 0 13801 NULL +fbcon_unbind_13802 fbcon_unbind 0 13802 NULL ++mwifiex_sdio_card_to_host_mp_aggr_13806 mwifiex_sdio_card_to_host_mp_aggr 2 13806 NULL +cpu_callback_13812 cpu_callback 0 13812 NULL nohasharray +e100_rx_alloc_list_13812 e100_rx_alloc_list 0 13812 &cpu_callback_13812 +random_read_13815 random_read 3-0 13815 NULL nohasharray @@ -132372,7 +132973,8 @@ index 0000000..89e8e68 +queue_bulk_on_old_endpoint_13828 queue_bulk_on_old_endpoint 0 13828 NULL nohasharray +__uncore_filter_opc2_show_13828 __uncore_filter_opc2_show 0 13828 &queue_bulk_on_old_endpoint_13828 +netxen_sysfs_read_mem_13830 netxen_sysfs_read_mem 0-6-5 13830 NULL -+qce_ahash_hmac_setkey_13837 qce_ahash_hmac_setkey 3 13837 NULL ++qce_ahash_hmac_setkey_13837 qce_ahash_hmac_setkey 3 13837 NULL nohasharray ++bucket_table_alloc_13837 bucket_table_alloc 2 13837 &qce_ahash_hmac_setkey_13837 +ds1685_rtc_sysfs_serial_show_13839 ds1685_rtc_sysfs_serial_show 0 13839 NULL +hwrng_attr_available_show_13843 hwrng_attr_available_show 0 13843 NULL +acknak_13844 acknak 0 13844 NULL nohasharray @@ -132384,6 +132986,7 @@ index 0000000..89e8e68 +lm95234_read_temp_13850 lm95234_read_temp 0 13850 NULL +evdev_ioctl_compat_13851 evdev_ioctl_compat 2 13851 NULL +c2port_poll_out_ready_13852 c2port_poll_out_ready 0 13852 NULL ++visorchipset_file_init_13861 visorchipset_file_init 1 13861 NULL +vendor_name_store_13862 vendor_name_store 0-4 13862 NULL +ath10k_wmi_vdev_install_key_13866 ath10k_wmi_vdev_install_key 0 13866 NULL +lmc_open_13868 lmc_open 0 13868 NULL @@ -132485,7 +133088,8 @@ index 0000000..89e8e68 +pci_conf1_read_14075 pci_conf1_read 0 14075 NULL +lov_stripeoffset_seq_write_14078 lov_stripeoffset_seq_write 3 14078 NULL +_cx88_stop_audio_dma_14079 _cx88_stop_audio_dma 0 14079 NULL -+w1_master_attribute_store_pullup_14080 w1_master_attribute_store_pullup 0-4 14080 NULL ++w1_master_attribute_store_pullup_14080 w1_master_attribute_store_pullup 0-4 14080 NULL nohasharray ++dgram_recvmsg_14080 dgram_recvmsg 3 14080 &w1_master_attribute_store_pullup_14080 +_nfs4_proc_readdir_14082 _nfs4_proc_readdir 0 14082 NULL +cond_read_av_list_14085 cond_read_av_list 0 14085 NULL +store_sched2_14094 store_sched2 4-0 14094 NULL @@ -132504,6 +133108,7 @@ index 0000000..89e8e68 +wl12xx_set_power_on_14117 wl12xx_set_power_on 0 14117 NULL +rsc_parse_14119 rsc_parse 0 14119 NULL nohasharray +enic_set_mac_addr_14119 enic_set_mac_addr 0 14119 &rsc_parse_14119 ++caif_stream_recvmsg_14125 caif_stream_recvmsg 3 14125 NULL +readSuper_14128 readSuper 0 14128 NULL +show_deactivate_slack_14129 show_deactivate_slack 0 14129 NULL nohasharray +iscsi_conn_get_addr_param_14129 iscsi_conn_get_addr_param 0 14129 &show_deactivate_slack_14129 @@ -132530,6 +133135,7 @@ index 0000000..89e8e68 +ov9650_set_exposure_14176 ov9650_set_exposure 0 14176 NULL nohasharray +ixgbevf_write_mbx_vf_14176 ixgbevf_write_mbx_vf 0 14176 &ov9650_set_exposure_14176 +uhid_dev_input_14180 uhid_dev_input 0 14180 NULL ++nfs_file_direct_write_14181 nfs_file_direct_write 0 14181 NULL +datafab_read_data_14186 datafab_read_data 4 14186 NULL +show_rf_kill_14187 show_rf_kill 0 14187 NULL +__platform_create_bundle_14191 __platform_create_bundle 6-4 14191 NULL @@ -132558,7 +133164,8 @@ index 0000000..89e8e68 +store_engine2_load_14233 store_engine2_load 4-0 14233 &ieee80211_if_write_uapsd_max_sp_len_14233 +show_fc_host_maxframe_size_14237 show_fc_host_maxframe_size 0 14237 NULL +usbhsh_endpoint_attach_14238 usbhsh_endpoint_attach 0 14238 NULL -+de_get_regs_len_14241 de_get_regs_len 0 14241 NULL ++de_get_regs_len_14241 de_get_regs_len 0 14241 NULL nohasharray ++sctp_recvmsg_14241 sctp_recvmsg 3 14241 &de_get_regs_len_14241 +dma_declare_coherent_memory_14244 dma_declare_coherent_memory 2-4 14244 NULL nohasharray +__tipc_link_xmit_14244 __tipc_link_xmit 0 14244 &dma_declare_coherent_memory_14244 +iscsi_tpg_param_store_AuthMethod_14245 iscsi_tpg_param_store_AuthMethod 0-3 14245 NULL @@ -132782,6 +133389,7 @@ index 0000000..89e8e68 +show_fcstat_fc_no_free_exch_xid_14727 show_fcstat_fc_no_free_exch_xid 0 14727 NULL +__blk_end_request_14729 __blk_end_request 3 14729 NULL +rh_urb_enqueue_14733 rh_urb_enqueue 0 14733 NULL ++codec_bind_generic_14739 codec_bind_generic 0 14739 NULL +raid1_resize_14740 raid1_resize 2-0 14740 NULL +show_conn_param_ISCSI_PARAM_IPV6_TC_14747 show_conn_param_ISCSI_PARAM_IPV6_TC 0 14747 NULL +sh_mobile_ceu_get_formats_14748 sh_mobile_ceu_get_formats 0 14748 NULL @@ -132826,6 +133434,7 @@ index 0000000..89e8e68 +max_power_show_14836 max_power_show 0 14836 NULL +name_len_14843 name_len 0-2 14843 NULL +subsystem_vendor_show_14845 subsystem_vendor_show 0 14845 NULL ++dccp_sendmsg_14850 dccp_sendmsg 3 14850 NULL +mrp_attr_create_14853 mrp_attr_create 3 14853 NULL +__krealloc_14857 __krealloc 2 14857 NULL nohasharray +lcd_write_14857 lcd_write 3-0 14857 &__krealloc_14857 @@ -132966,6 +133575,7 @@ index 0000000..89e8e68 +ocontext_read_15178 ocontext_read 0 15178 NULL +t4_sge_alloc_ofld_txq_15179 t4_sge_alloc_ofld_txq 0 15179 NULL +SYSC_setdomainname_15180 SYSC_setdomainname 2 15180 NULL ++st33zp24_i2c_send_15186 st33zp24_i2c_send 4 15186 NULL +pda_power_get_property_15191 pda_power_get_property 0 15191 NULL +iscsi_create_endpoint_15193 iscsi_create_endpoint 1 15193 NULL nohasharray +radeonfb_check_var_15193 radeonfb_check_var 0 15193 &iscsi_create_endpoint_15193 @@ -133056,6 +133666,7 @@ index 0000000..89e8e68 +mlx4_cmd_wait_15399 mlx4_cmd_wait 0 15399 NULL +sm501fb_check_var_15402 sm501fb_check_var 0 15402 NULL +pipeline_csum_to_rx_xfer_swi_read_15403 pipeline_csum_to_rx_xfer_swi_read 3-0 15403 NULL ++mei_amthif_run_next_cmd_15405 mei_amthif_run_next_cmd 0 15405 NULL +get_modalias_15406 get_modalias 2-0 15406 NULL nohasharray +nfs_setattr_15406 nfs_setattr 0 15406 &get_modalias_15406 +qlcnic_83xx_get_cap_size_15413 qlcnic_83xx_get_cap_size 0 15413 NULL @@ -133086,7 +133697,8 @@ index 0000000..89e8e68 +__mutex_lock_killable_slowpath_15472 __mutex_lock_killable_slowpath 0 15472 &mtd_flags_show_15472 +snd_m3_pcm_stop_15476 snd_m3_pcm_stop 0 15476 NULL nohasharray +snd_seq_ioctl_query_subs_15476 snd_seq_ioctl_query_subs 0 15476 &snd_m3_pcm_stop_15476 -+ath9k_get_stats_15482 ath9k_get_stats 0 15482 NULL ++ath9k_get_stats_15482 ath9k_get_stats 0 15482 NULL nohasharray ++rtl_download_firmware_15482 rtl_download_firmware 3 15482 &ath9k_get_stats_15482 +i2c_readbytes_15483 i2c_readbytes 0 15483 NULL +cp2112_read_15484 cp2112_read 0 15484 NULL nohasharray +target_stat_scsi_dev_attr_show_15484 target_stat_scsi_dev_attr_show 0 15484 &cp2112_read_15484 @@ -133098,8 +133710,10 @@ index 0000000..89e8e68 +vringh_iov_pull_user_15499 vringh_iov_pull_user 3 15499 NULL +iolock_15500 iolock 0 15500 NULL +psmouse_attr_set_helper_15505 psmouse_attr_set_helper 0-4 15505 NULL -+bNumInterfaces_show_15506 bNumInterfaces_show 0 15506 NULL ++bNumInterfaces_show_15506 bNumInterfaces_show 0 15506 NULL nohasharray ++nct7904_read_reg_15506 nct7904_read_reg 0 15506 &bNumInterfaces_show_15506 +mwl8k_load_fw_image_15508 mwl8k_load_fw_image 0 15508 NULL ++pppol2tp_sendmsg_15516 pppol2tp_sendmsg 3 15516 NULL +map_sg_15523 map_sg 0-3 15523 NULL +da9052_rtc_read_time_15524 da9052_rtc_read_time 0 15524 NULL +store_15525 store 0 15525 NULL @@ -133124,6 +133738,7 @@ index 0000000..89e8e68 +i801_block_transaction_15562 i801_block_transaction 0 15562 NULL nohasharray +create_capture_mixers_15562 create_capture_mixers 0 15562 &i801_block_transaction_15562 +get_checksum_15564 get_checksum 0 15564 NULL ++acpi_gpio_count_15567 acpi_gpio_count 0 15567 NULL +iwl_nvm_read_section_15568 iwl_nvm_read_section 0 15568 NULL +_read_user_prot_reg_15571 _read_user_prot_reg 0 15571 NULL +persistent_status_15574 persistent_status 4 15574 NULL @@ -133183,7 +133798,8 @@ index 0000000..89e8e68 +pinctrl_utils_reserve_map_15730 pinctrl_utils_reserve_map 5 15730 NULL nohasharray +btrfs_writepage_15730 btrfs_writepage 0 15730 &pinctrl_utils_reserve_map_15730 +acpi_ex_setup_region_15734 acpi_ex_setup_region 0 15734 NULL -+ea_alloc_skeleton_15736 ea_alloc_skeleton 0 15736 NULL ++ea_alloc_skeleton_15736 ea_alloc_skeleton 0 15736 NULL nohasharray ++tipc_msg_make_bundle_15736 tipc_msg_make_bundle 2 15736 &ea_alloc_skeleton_15736 +__tree_mod_log_insert_15744 __tree_mod_log_insert 0 15744 NULL +efx_ptp_describe_stats_15746 efx_ptp_describe_stats 0 15746 NULL +HiSax_readstatus_15752 HiSax_readstatus 2 15752 NULL nohasharray @@ -133196,6 +133812,7 @@ index 0000000..89e8e68 +fuse_direct_read_15768 fuse_direct_read 0-3 15768 NULL +isl1208_i2c_get_atr_15771 isl1208_i2c_get_atr 0 15771 NULL nohasharray +chunksize_store_15771 chunksize_store 0-3 15771 &isl1208_i2c_get_atr_15771 ++_mv88e6xxx_reg_read_15773 _mv88e6xxx_reg_read 0 15773 NULL +corb_send_verb_15777 corb_send_verb 0 15777 NULL +ipr_write_dump_15780 ipr_write_dump 0-6-5 15780 NULL +call_modprobe_15781 call_modprobe 0 15781 NULL @@ -133251,6 +133868,7 @@ index 0000000..89e8e68 +send_tx_power_15914 send_tx_power 0 15914 NULL +can_get_xstats_size_15916 can_get_xstats_size 0 15916 NULL +alc_build_controls_15918 alc_build_controls 0 15918 NULL ++unix_dgram_recvmsg_15920 unix_dgram_recvmsg 3 15920 NULL +hid_hw_power_15921 hid_hw_power 0 15921 NULL +bio_copy_kern_15925 bio_copy_kern 3 15925 NULL +erst_exec_store_var1_15933 erst_exec_store_var1 0 15933 NULL @@ -133291,13 +133909,15 @@ index 0000000..89e8e68 +si476x_core_cmd_agc_status_16027 si476x_core_cmd_agc_status 0 16027 NULL +got_frame_16028 got_frame 2 16028 NULL +wl1251_acx_rx_config_16034 wl1251_acx_rx_config 0 16034 NULL ++smk_write_unconfined_16041 smk_write_unconfined 3 16041 NULL +il3945_tx_reset_16042 il3945_tx_reset 0 16042 NULL +iscsi_stat_instance_show_attr_fail_rem_name_16045 iscsi_stat_instance_show_attr_fail_rem_name 0 16045 NULL +show_virtual_16047 show_virtual 0 16047 NULL +blk_init_tags_16052 blk_init_tags 1 16052 NULL nohasharray +hidp_send_message_16052 hidp_send_message 6-0 16052 &blk_init_tags_16052 +dccp_recvmsg_16056 dccp_recvmsg 4-0 16056 NULL -+read_file_spectral_period_16057 read_file_spectral_period 3-0 16057 NULL ++read_file_spectral_period_16057 read_file_spectral_period 3-0 16057 NULL nohasharray ++pppoe_recvmsg_16057 pppoe_recvmsg 3 16057 &read_file_spectral_period_16057 +nf_call_iptables_store_16058 nf_call_iptables_store 4-0 16058 NULL +si5351_msynth_params_address_16062 si5351_msynth_params_address 0-1 16062 NULL +cp2112_write_req_16068 cp2112_write_req 0-5 16068 NULL @@ -133312,6 +133932,7 @@ index 0000000..89e8e68 +sctp_setsockopt_disable_fragments_16088 sctp_setsockopt_disable_fragments 0 16088 NULL +wl1271_acx_tx_power_16092 wl1271_acx_tx_power 0 16092 NULL +ps2pp_attr_set_smartscroll_16094 ps2pp_attr_set_smartscroll 0-4 16094 NULL ++cifs_mapchar_16097 cifs_mapchar 0 16097 NULL +pb0100_set_gain_16099 pb0100_set_gain 0 16099 NULL +_ctl_ioc_reset_count_show_16102 _ctl_ioc_reset_count_show 0 16102 NULL +isr_tx_exch_complete_read_16103 isr_tx_exch_complete_read 3-0 16103 NULL nohasharray @@ -133523,7 +134144,8 @@ index 0000000..89e8e68 +fuse_listxattr_16550 fuse_listxattr 0-3 16550 NULL +nfc_llcp_send_snl_sdres_16557 nfc_llcp_send_snl_sdres 3 16557 NULL +dib0700_i2c_xfer_16559 dib0700_i2c_xfer 0-3 16559 NULL -+tcp_manip_pkt_16563 tcp_manip_pkt 4 16563 NULL ++tcp_manip_pkt_16563 tcp_manip_pkt 4 16563 NULL nohasharray ++mISDN_sock_sendmsg_16563 mISDN_sock_sendmsg 3 16563 &tcp_manip_pkt_16563 +wcn36xx_dxe_init_16565 wcn36xx_dxe_init 0 16565 NULL +lpfc_debugfs_read_16566 lpfc_debugfs_read 3-0 16566 NULL +transmit_skb_16573 transmit_skb 0 16573 NULL @@ -133538,9 +134160,11 @@ index 0000000..89e8e68 +target_core_hba_attr_show_16601 target_core_hba_attr_show 0 16601 NULL nohasharray +iscsi_stat_sess_attr_store_16601 iscsi_stat_sess_attr_store 0 16601 &target_core_hba_attr_show_16601 +ixgbe_setup_all_tx_resources_16602 ixgbe_setup_all_tx_resources 0 16602 NULL ++iwl_pcie_load_given_ucode_8000_16610 iwl_pcie_load_given_ucode_8000 0 16610 NULL +set_analog_out_reg_16611 set_analog_out_reg 0-4 16611 NULL +palmas_irq_get_virq_16613 palmas_irq_get_virq 2 16613 NULL nohasharray +pptp_inbound_pkt_16613 pptp_inbound_pkt 0 16613 &palmas_irq_get_virq_16613 ++rds_sendmsg_16616 rds_sendmsg 3 16616 NULL +compat_SyS_migrate_pages_16618 compat_SyS_migrate_pages 2 16618 NULL +show_mem_start_phys_index_16622 show_mem_start_phys_index 0 16622 NULL +s5k83a_s_ctrl_16628 s5k83a_s_ctrl 0 16628 NULL nohasharray @@ -133566,6 +134190,7 @@ index 0000000..89e8e68 +hash_elasticity_store_16673 hash_elasticity_store 4-0 16673 NULL +smsc_ircc_net_open_16680 smsc_ircc_net_open 0 16680 NULL +da9052_reg_write_16685 da9052_reg_write 0 16685 NULL ++iwl_mvm_fw_dbg_collect_16687 iwl_mvm_fw_dbg_collect 4 16687 NULL +t4_set_rxmode_16689 t4_set_rxmode 0 16689 NULL +drbd_drain_block_16697 drbd_drain_block 2 16697 NULL +__wa_populate_dto_urb_16699 __wa_populate_dto_urb 3-4-0 16699 NULL @@ -133724,7 +134349,8 @@ index 0000000..89e8e68 +mxt_load_fw_17073 mxt_load_fw 0 17073 &dvb_dvr_read_17073 +simple_transaction_read_17076 simple_transaction_read 3-0 17076 NULL +tpm_transmit_17077 tpm_transmit 0-3 17077 NULL -+__kmalloc_reserve_17080 __kmalloc_reserve 1 17080 NULL ++__kmalloc_reserve_17080 __kmalloc_reserve 1 17080 NULL nohasharray ++power_supply_get_property_17080 power_supply_get_property 0 17080 &__kmalloc_reserve_17080 +kovaplus_select_profile_17084 kovaplus_select_profile 0 17084 NULL +entry_length_17093 entry_length 0 17093 NULL +write_reg_17098 write_reg 0 17098 NULL @@ -133762,7 +134388,8 @@ index 0000000..89e8e68 +UniStrnlen_17169 UniStrnlen 0 17169 NULL nohasharray +nilfs_dat_mark_dirty_17169 nilfs_dat_mark_dirty 0 17169 &UniStrnlen_17169 +nilfs_write_begin_17172 nilfs_write_begin 0 17172 NULL nohasharray -+ipoib_dev_init_17172 ipoib_dev_init 0 17172 &nilfs_write_begin_17172 ++ipoib_dev_init_17172 ipoib_dev_init 0 17172 &nilfs_write_begin_17172 nohasharray ++cfg80211_sme_get_conn_ies_17172 cfg80211_sme_get_conn_ies 3 17172 &ipoib_dev_init_17172 +fan_set_state_17173 fan_set_state 0 17173 NULL +l1oip_socket_send_17174 l1oip_socket_send 7 17174 NULL +ipath_create_user_egr_17175 ipath_create_user_egr 0 17175 NULL @@ -133785,6 +134412,7 @@ index 0000000..89e8e68 +dn_recvmsg_17213 dn_recvmsg 4-0 17213 NULL +st6422_s_ctrl_17215 st6422_s_ctrl 0 17215 NULL nohasharray +rtl8150_open_17215 rtl8150_open 0 17215 &st6422_s_ctrl_17215 ++ext4_fname_crypto_alloc_buffer_17220 ext4_fname_crypto_alloc_buffer 2 17220 NULL +ipath_user_sdma_push_pkts_17221 ipath_user_sdma_push_pkts 0 17221 NULL +elan_i2c_prepare_fw_update_17228 elan_i2c_prepare_fw_update 0 17228 NULL +metadata_show_17234 metadata_show 0 17234 NULL @@ -133792,6 +134420,7 @@ index 0000000..89e8e68 +store_fatal_error_17242 store_fatal_error 0-4 17242 NULL +mlx4_enable_sriov_17247 mlx4_enable_sriov 3-4 17247 NULL +odev_attr_store_17252 odev_attr_store 0-4 17252 NULL ++remove_advertising_17253 remove_advertising 4 17253 NULL +r3964_read_17257 r3964_read 0 17257 NULL +__be16_to_cpup_17261 __be16_to_cpup 0 17261 NULL nohasharray +lprocfs_read_frac_helper_17261 lprocfs_read_frac_helper 0 17261 &__be16_to_cpup_17261 @@ -133809,7 +134438,8 @@ index 0000000..89e8e68 +hmac_sha256_17278 hmac_sha256 2 17278 NULL +aty_var_to_pll_18818_17279 aty_var_to_pll_18818 0 17279 NULL +neigh_hash_grow_17283 neigh_hash_grow 2 17283 NULL nohasharray -+rpc_pipefs_event_17283 rpc_pipefs_event 0 17283 &neigh_hash_grow_17283 ++rpc_pipefs_event_17283 rpc_pipefs_event 0 17283 &neigh_hash_grow_17283 nohasharray ++ext4_fname_match_17283 ext4_fname_match 3 17283 &rpc_pipefs_event_17283 +mmc_serial_show_17285 mmc_serial_show 0 17285 NULL +minstrel_stats_read_17290 minstrel_stats_read 3-0 17290 NULL nohasharray +fmc_set_mute_mode_17290 fmc_set_mute_mode 0 17290 &minstrel_stats_read_17290 @@ -133896,6 +134526,7 @@ index 0000000..89e8e68 +show_proc_name_17464 show_proc_name 0 17464 NULL +probe_bios_17467 probe_bios 1 17467 NULL +show_temp_min_17471 show_temp_min 0 17471 NULL ++xfs_mod_fdblocks_17472 xfs_mod_fdblocks 0 17472 NULL +probe_kernel_write_17481 probe_kernel_write 3 17481 NULL nohasharray +vv6410_set_exposure_17481 vv6410_set_exposure 0 17481 &probe_kernel_write_17481 +v9fs_xattr_trusted_set_17485 v9fs_xattr_trusted_set 0 17485 NULL @@ -133910,7 +134541,8 @@ index 0000000..89e8e68 +fc_vport_terminate_17513 fc_vport_terminate 0 17513 &reiserfs_direct_IO_17513 +lbs_highrssi_write_17515 lbs_highrssi_write 3-0 17515 NULL +wl1271_acx_dco_itrim_params_17523 wl1271_acx_dco_itrim_params 0 17523 NULL -+fsp_attr_show_flags_17527 fsp_attr_show_flags 0 17527 NULL ++fsp_attr_show_flags_17527 fsp_attr_show_flags 0 17527 NULL nohasharray ++bcmgenet_init_rx_ring_17527 bcmgenet_init_rx_ring 0 17527 &fsp_attr_show_flags_17527 +acerhdf_get_cur_state_17531 acerhdf_get_cur_state 0 17531 NULL +show_ipInNoRoutes_17533 show_ipInNoRoutes 0 17533 NULL +ixgbe_set_vfta_generic_17534 ixgbe_set_vfta_generic 0 17534 NULL @@ -133943,7 +134575,8 @@ index 0000000..89e8e68 +nvkm_gpio_create__17601 nvkm_gpio_create_ 4 17601 NULL +wm8994_gpio_to_irq_17604 wm8994_gpio_to_irq 2 17604 NULL +osst_execute_17607 osst_execute 6-7 17607 NULL nohasharray -+svc_export_parse_17607 svc_export_parse 0 17607 &osst_execute_17607 ++svc_export_parse_17607 svc_export_parse 0 17607 &osst_execute_17607 nohasharray ++irda_sendmsg_ultra_17607 irda_sendmsg_ultra 3 17607 &svc_export_parse_17607 +ieee80211_if_read_dot11MeshHWMPactivePathToRootTimeout_17618 ieee80211_if_read_dot11MeshHWMPactivePathToRootTimeout 3-0 17618 NULL +null_show_17619 null_show 0 17619 NULL +show_selfballoon_downhys_17620 show_selfballoon_downhys 0 17620 NULL @@ -133999,6 +134632,7 @@ index 0000000..89e8e68 +exofs_read_lookup_dev_table_17733 exofs_read_lookup_dev_table 3 17733 NULL nohasharray +pcpu_alloc_area_17733 pcpu_alloc_area 0-3 17733 &exofs_read_lookup_dev_table_17733 nohasharray +layout_show_17733 layout_show 0 17733 &pcpu_alloc_area_17733 ++mv88e6xxx_port_to_phy_addr_17740 mv88e6xxx_port_to_phy_addr 0-2 17740 NULL +sctpprobe_read_17741 sctpprobe_read 3-0 17741 NULL +inode_setxattr_17744 inode_setxattr 0 17744 NULL +qlcnic_sysfs_read_crb_17747 qlcnic_sysfs_read_crb 0-6-5 17747 NULL @@ -134147,12 +134781,14 @@ index 0000000..89e8e68 +qlcnic_get_cap_size_18042 qlcnic_get_cap_size 0 18042 NULL +nfs_check_inode_attributes_18043 nfs_check_inode_attributes 0 18043 NULL +cryptd_alloc_instance_18048 cryptd_alloc_instance 3-2 18048 NULL ++find_next_inuse_18051 find_next_inuse 2 18051 NULL +policydb_load_isids_18052 policydb_load_isids 0 18052 NULL nohasharray +core_tpg_set_initiator_node_queue_depth_18052 core_tpg_set_initiator_node_queue_depth 0 18052 &policydb_load_isids_18052 nohasharray +t3_config_sched_18052 t3_config_sched 0 18052 &core_tpg_set_initiator_node_queue_depth_18052 +ddebug_proc_write_18055 ddebug_proc_write 3-0 18055 NULL +zisofs_fill_pages_18057 zisofs_fill_pages 0 18057 NULL +max8925_enable_18058 max8925_enable 0 18058 NULL ++bcmgenet_init_rx_queues_18060 bcmgenet_init_rx_queues 0 18060 NULL +dlfb_set_video_mode_18061 dlfb_set_video_mode 0 18061 NULL +lua_sysfs_read_18062 lua_sysfs_read 6-0 18062 NULL nohasharray +dccp_error_18062 dccp_error 0 18062 &lua_sysfs_read_18062 @@ -134218,7 +134854,8 @@ index 0000000..89e8e68 +gsm_control_message_18209 gsm_control_message 4 18209 NULL +bq2415x_sysfs_show_limit_18213 bq2415x_sysfs_show_limit 0 18213 NULL nohasharray +show_phy_type_18213 show_phy_type 0 18213 &bq2415x_sysfs_show_limit_18213 nohasharray -+read_rindex_entry_18213 read_rindex_entry 0 18213 &show_phy_type_18213 ++read_rindex_entry_18213 read_rindex_entry 0 18213 &show_phy_type_18213 nohasharray ++raw_recvmsg_18213 raw_recvmsg 3 18213 &read_rindex_entry_18213 +si4713_set_rds_ps_name_18214 si4713_set_rds_ps_name 0 18214 NULL +do_ipv6_setsockopt_18215 do_ipv6_setsockopt 5-0 18215 NULL +pcmcia_enable_device_18218 pcmcia_enable_device 0 18218 NULL @@ -134242,6 +134879,7 @@ index 0000000..89e8e68 +tg3_bmcr_reset_18271 tg3_bmcr_reset 0 18271 NULL +gfs2_alloc_sort_buffer_18275 gfs2_alloc_sort_buffer 1 18275 NULL +ipip_get_size_18276 ipip_get_size 0 18276 NULL ++dn_recvmsg_18277 dn_recvmsg 3 18277 NULL +alloc_ring_18278 alloc_ring 4-2 18278 NULL +ext4_readpages_18283 ext4_readpages 4 18283 NULL +mmc_send_bus_test_18285 mmc_send_bus_test 4 18285 NULL @@ -134253,6 +134891,7 @@ index 0000000..89e8e68 +show_fnode_username_in_18293 show_fnode_username_in 0 18293 &um_idi_write_18293 nohasharray +xfs_file_read_iter_18293 xfs_file_read_iter 0 18293 &show_fnode_username_in_18293 nohasharray +__follow_pte_18293 __follow_pte 0 18293 &xfs_file_read_iter_18293 ++ocfs2_direct_IO_18297 ocfs2_direct_IO 3 18297 NULL +part_timeout_show_18298 part_timeout_show 0 18298 NULL +mwl8k_sta_add_18299 mwl8k_sta_add 0 18299 NULL +iscsi_stat_sess_err_show_attr_cxn_errors_18301 iscsi_stat_sess_err_show_attr_cxn_errors 0 18301 NULL @@ -134289,6 +134928,7 @@ index 0000000..89e8e68 +SyS_process_vm_readv_18366 SyS_process_vm_readv 3-5 18366 NULL +ep_io_18367 ep_io 0 18367 NULL nohasharray +irq_show_18367 irq_show 0 18367 &ep_io_18367 ++nf_hook_18370 nf_hook 0 18370 NULL +qib_user_sdma_num_pages_18371 qib_user_sdma_num_pages 0 18371 NULL +nilfs_checkpoints_README_show_18372 nilfs_checkpoints_README_show 0 18372 NULL +usbhsg_ep_queue_18376 usbhsg_ep_queue 0 18376 NULL @@ -134343,6 +134983,7 @@ index 0000000..89e8e68 +_nfs4_do_open_reclaim_18483 _nfs4_do_open_reclaim 0 18483 NULL nohasharray +__c2port_write_flash_data_18483 __c2port_write_flash_data 0-3-4 18483 &_nfs4_do_open_reclaim_18483 +technisat_usb2_i2c_access_18484 technisat_usb2_i2c_access 0 18484 NULL ++__regulatory_set_wiphy_regd_18486 __regulatory_set_wiphy_regd 0 18486 NULL +udpv6_setsockopt_18487 udpv6_setsockopt 5-0 18487 NULL nohasharray +snd_pcm_plugin_build_mulaw_18487 snd_pcm_plugin_build_mulaw 0 18487 &udpv6_setsockopt_18487 +aoedisk_show_netif_18490 aoedisk_show_netif 0 18490 NULL @@ -134389,7 +135030,8 @@ index 0000000..89e8e68 +mtd_size_show_18578 mtd_size_show 0 18578 NULL +vivid_radio_read_18579 vivid_radio_read 0-3 18579 NULL +metrics_bytes_rendered_show_18580 metrics_bytes_rendered_show 0 18580 NULL -+pn_socket_create_18581 pn_socket_create 0 18581 NULL ++pn_socket_create_18581 pn_socket_create 0 18581 NULL nohasharray ++__tipc_sendmsg_18581 __tipc_sendmsg 3 18581 &pn_socket_create_18581 +ipath_reset_device_18584 ipath_reset_device 0 18584 NULL +show_target_speed_18587 show_target_speed 0 18587 NULL +st_accel_buffer_predisable_18589 st_accel_buffer_predisable 0 18589 NULL @@ -134541,7 +135183,8 @@ index 0000000..89e8e68 +max_user_freq_store_18922 max_user_freq_store 0-4 18922 &xfs_buf_read_uncached_18922 +show_baseline_18929 show_baseline 0 18929 NULL +snapshot_write_next_18937 snapshot_write_next 0 18937 NULL -+mxl5005s_SetRfFreqHz_18939 mxl5005s_SetRfFreqHz 0 18939 NULL ++mxl5005s_SetRfFreqHz_18939 mxl5005s_SetRfFreqHz 0 18939 NULL nohasharray ++ms_transfer_data_18939 ms_transfer_data 7 18939 &mxl5005s_SetRfFreqHz_18939 +fmc_device_register_n_18942 fmc_device_register_n 2 18942 NULL +mtrr_del_18943 mtrr_del 1 18943 NULL +ida_get_new_18948 ida_get_new 0 18948 NULL @@ -134661,6 +135304,7 @@ index 0000000..89e8e68 +show_sys_image_guid_19207 show_sys_image_guid 0 19207 NULL +dev_counters_read_19216 dev_counters_read 3-0 19216 NULL +wbcir_tx_19219 wbcir_tx 3 19219 NULL ++udpv6_recvmsg_19221 udpv6_recvmsg 3 19221 NULL +nouveau_hwmon_max_temp_19222 nouveau_hwmon_max_temp 0 19222 NULL +snd_mask_max_19224 snd_mask_max 0 19224 NULL +_ctl_host_trace_buffer_enable_show_19227 _ctl_host_trace_buffer_enable_show 0 19227 NULL @@ -134730,6 +135374,7 @@ index 0000000..89e8e68 +mmio32read__write_file_19364 mmio32read__write_file 0 19364 NULL +ipheth_open_19366 ipheth_open 0 19366 NULL +qlge_vlan_rx_add_vid_19385 qlge_vlan_rx_add_vid 0 19385 NULL ++p9_check_zc_errors_19389 p9_check_zc_errors 4 19389 NULL +interpret_user_input_19393 interpret_user_input 2-0 19393 NULL +v9fs_xattr_security_set_19396 v9fs_xattr_security_set 0 19396 NULL nohasharray +lxt973a2_read_status_19396 lxt973a2_read_status 0 19396 &v9fs_xattr_security_set_19396 @@ -134879,6 +135524,7 @@ index 0000000..89e8e68 +sleep_functions_on_battery_store_19725 sleep_functions_on_battery_store 0-4 19725 NULL +wm8350_block_write_19727 wm8350_block_write 2-3-0 19727 NULL +target_stat_scsi_transport_show_attr_inst_19730 target_stat_scsi_transport_show_attr_inst 0 19730 NULL ++do_iter_readv_writev_19732 do_iter_readv_writev 0 19732 NULL +iwlagn_commit_rxon_19737 iwlagn_commit_rxon 0 19737 NULL +snd_usX2Y_usbpcm_prepare_19741 snd_usX2Y_usbpcm_prepare 0 19741 NULL +p9_client_read_19750 p9_client_read 5-0 19750 NULL @@ -134889,7 +135535,8 @@ index 0000000..89e8e68 +jffs2_acl_from_medium_19762 jffs2_acl_from_medium 2 19762 NULL +osst_recover_wait_frame_19766 osst_recover_wait_frame 0 19766 NULL +readhscx_19769 readhscx 0 19769 NULL nohasharray -+i8k_get_fan_type_19769 i8k_get_fan_type 0 19769 &readhscx_19769 ++i8k_get_fan_type_19769 i8k_get_fan_type 0 19769 &readhscx_19769 nohasharray ++regulatory_set_wiphy_regd_sync_rtnl_19769 regulatory_set_wiphy_regd_sync_rtnl 0 19769 &i8k_get_fan_type_19769 +flush_write_buffer_19770 flush_write_buffer 0 19770 NULL +pch_phub_gbe_serial_rom_conf_mp_19773 pch_phub_gbe_serial_rom_conf_mp 0 19773 NULL +ipath_f_get_base_info_19778 ipath_f_get_base_info 0 19778 NULL @@ -134984,7 +135631,7 @@ index 0000000..89e8e68 +apparmor_getprocattr_19982 apparmor_getprocattr 0 19982 NULL +snd_usbtv_card_trigger_19983 snd_usbtv_card_trigger 0 19983 NULL +attach_hdlc_protocol_19986 attach_hdlc_protocol 3 19986 NULL -+i40e_reserve_msix_vectors_19989 i40e_reserve_msix_vectors 2 19989 NULL nohasharray ++i40e_reserve_msix_vectors_19989 i40e_reserve_msix_vectors 2-0 19989 NULL nohasharray +rtw_set_wps_probe_resp_19989 rtw_set_wps_probe_resp 3 19989 &i40e_reserve_msix_vectors_19989 +_osd_req_finalize_set_attr_list_19990 _osd_req_finalize_set_attr_list 0 19990 NULL nohasharray +islpci_upload_fw_19990 islpci_upload_fw 0 19990 &_osd_req_finalize_set_attr_list_19990 @@ -135014,7 +135661,8 @@ index 0000000..89e8e68 +mt_show_quirks_20045 mt_show_quirks 0 20045 NULL +show_compression_20048 show_compression 0 20048 NULL +usX2Y_urbs_allocate_20052 usX2Y_urbs_allocate 0 20052 NULL -+lpfc_txcmplq_hw_show_20055 lpfc_txcmplq_hw_show 0 20055 NULL ++lpfc_txcmplq_hw_show_20055 lpfc_txcmplq_hw_show 0 20055 NULL nohasharray ++nf_iterate_20055 nf_iterate 0 20055 &lpfc_txcmplq_hw_show_20055 +__be32_to_cpup_20056 __be32_to_cpup 0 20056 NULL +roccat_common2_sysfs_write_stored_lights_20059 roccat_common2_sysfs_write_stored_lights 0-6-5 20059 NULL +upcall_20060 upcall 0-4 20060 NULL @@ -135028,7 +135676,8 @@ index 0000000..89e8e68 +init_chip_reset_20080 init_chip_reset 0 20080 &ieee802154_check_concurrent_iface_20080 +fuse_conn_limit_read_20084 fuse_conn_limit_read 3-0 20084 NULL +aat2870_reg_write_file_20086 aat2870_reg_write_file 3-0 20086 NULL -+reiserfs_dir_fsync_20088 reiserfs_dir_fsync 0 20088 NULL ++reiserfs_dir_fsync_20088 reiserfs_dir_fsync 0 20088 NULL nohasharray ++cma_alloc_write_20088 cma_alloc_write 2 20088 &reiserfs_dir_fsync_20088 +team_options_register_20091 team_options_register 3-0 20091 NULL nohasharray +lpfc_poll_show_20091 lpfc_poll_show 0 20091 &team_options_register_20091 nohasharray +rt2800pci_set_state_20091 rt2800pci_set_state 0 20091 &lpfc_poll_show_20091 nohasharray @@ -135040,7 +135689,8 @@ index 0000000..89e8e68 +dn_auto_bind_20098 dn_auto_bind 0 20098 &read_int_20098 +attr_press_speed_store_tpkbd_20100 attr_press_speed_store_tpkbd 0-4 20100 NULL +snd_es1938_playback1_trigger_20102 snd_es1938_playback1_trigger 0 20102 NULL -+xfs_qm_dqget_20103 xfs_qm_dqget 0 20103 NULL ++xfs_qm_dqget_20103 xfs_qm_dqget 0 20103 NULL nohasharray ++mgmt_limited_event_20103 mgmt_limited_event 4 20103 &xfs_qm_dqget_20103 +fd_do_unmap_20109 fd_do_unmap 4 20109 NULL +nilfs_segments_clean_segments_show_20115 nilfs_segments_clean_segments_show 0 20115 NULL +iscsi_tpg_param_store_TargetAlias_20119 iscsi_tpg_param_store_TargetAlias 0-3 20119 NULL @@ -135081,7 +135731,8 @@ index 0000000..89e8e68 +video_end_20205 video_end 0 20205 NULL +bitmap_find_next_zero_area_off_20211 bitmap_find_next_zero_area_off 2-3-0-4-5-6 20211 NULL +ds1343_read_time_20213 ds1343_read_time 0 20213 NULL -+udf_do_extend_file_20214 udf_do_extend_file 0 20214 NULL ++udf_do_extend_file_20214 udf_do_extend_file 0 20214 NULL nohasharray ++udf_bitmap_new_block_20214 udf_bitmap_new_block 4 20214 &udf_do_extend_file_20214 +parport_uss720_epp_write_addr_20216 parport_uss720_epp_write_addr 0 20216 NULL +dpm_suspend_noirq_20217 dpm_suspend_noirq 0 20217 NULL +target_fabric_port_attr_show_20218 target_fabric_port_attr_show 0 20218 NULL @@ -135105,7 +135756,8 @@ index 0000000..89e8e68 +async_20251 async 0 20251 NULL +store_filter_20252 store_filter 0-4 20252 NULL +resource_size_20256 resource_size 0 20256 NULL -+ssd1307fb_write_array_20258 ssd1307fb_write_array 3 20258 NULL ++ssd1307fb_write_array_20258 ssd1307fb_write_array 3 20258 NULL nohasharray ++create_pnp_modalias_20258 create_pnp_modalias 0 20258 &ssd1307fb_write_array_20258 +sru_s_stream_20259 sru_s_stream 0 20259 NULL +wl1271_boot_soft_reset_20262 wl1271_boot_soft_reset 0 20262 NULL nohasharray +target_core_hba_attr_store_20262 target_core_hba_attr_store 0-4 20262 &wl1271_boot_soft_reset_20262 @@ -135131,6 +135783,7 @@ index 0000000..89e8e68 +blk_mq_hw_sysfs_queued_show_20294 blk_mq_hw_sysfs_queued_show 0 20294 NULL +btrfs_header_nritems_20296 btrfs_header_nritems 0 20296 NULL +do_take_over_console_20297 do_take_over_console 0 20297 NULL ++iwl_parse_nvm_mcc_info_20301 iwl_parse_nvm_mcc_info 3 20301 NULL +r10_sync_page_io_20307 r10_sync_page_io 3 20307 NULL +curr_bitstream_show_20308 curr_bitstream_show 0 20308 NULL +lpfc_cr_count_show_20309 lpfc_cr_count_show 0 20309 NULL @@ -135149,6 +135802,7 @@ index 0000000..89e8e68 +wacom_buttons_luminance_store_20325 wacom_buttons_luminance_store 0-4 20325 NULL +cyapa_i2c_reg_read_block_20326 cyapa_i2c_reg_read_block 0 20326 NULL +sys_dmi_modalias_show_20334 sys_dmi_modalias_show 0 20334 NULL ++dax_do_io_20335 dax_do_io 4 20335 NULL +lpt_gc_20337 lpt_gc 0 20337 NULL +patch_nvhdmi_2ch_20339 patch_nvhdmi_2ch 0 20339 NULL +gfs2_glock_nq_m_20347 gfs2_glock_nq_m 1-0 20347 NULL @@ -135214,7 +135868,8 @@ index 0000000..89e8e68 +i7core_inject_enable_store_20501 i7core_inject_enable_store 0-4 20501 NULL +elan_sysfs_read_iap_ver_20502 elan_sysfs_read_iap_ver 0 20502 NULL +hidraw_report_event_20503 hidraw_report_event 3 20503 NULL nohasharray -+mcs_net_open_20503 mcs_net_open 0 20503 &hidraw_report_event_20503 ++mcs_net_open_20503 mcs_net_open 0 20503 &hidraw_report_event_20503 nohasharray ++ocfs2_db_frozen_trigger_20503 ocfs2_db_frozen_trigger 4 20503 &mcs_net_open_20503 +w1_master_attribute_show_pullup_20506 w1_master_attribute_show_pullup 0 20506 NULL +ipr_store_adapter_state_20513 ipr_store_adapter_state 0-4 20513 NULL +i2c_atmel_recv_20516 i2c_atmel_recv 0-3 20516 NULL nohasharray @@ -135244,7 +135899,8 @@ index 0000000..89e8e68 +cachefiles_daemon_frun_20577 cachefiles_daemon_frun 0 20577 NULL +bluetooth_enable_show_20578 bluetooth_enable_show 0 20578 NULL nohasharray +command_setcolourbalance_20578 command_setcolourbalance 0 20578 &bluetooth_enable_show_20578 nohasharray -+wl1271_acx_sta_rate_policies_20578 wl1271_acx_sta_rate_policies 0 20578 &command_setcolourbalance_20578 ++wl1271_acx_sta_rate_policies_20578 wl1271_acx_sta_rate_policies 0 20578 &command_setcolourbalance_20578 nohasharray ++nf_hook_slow_20578 nf_hook_slow 0 20578 &wl1271_acx_sta_rate_policies_20578 +xen_pci_notifier_20579 xen_pci_notifier 0 20579 NULL +set_performance_level_20580 set_performance_level 0-4 20580 NULL +saa711x_s_stream_20581 saa711x_s_stream 0 20581 NULL @@ -135296,6 +135952,7 @@ index 0000000..89e8e68 +btrfs_qgroup_reserve_20676 btrfs_qgroup_reserve 0 20676 &snd_hdsp_playback_copy_20676 +session_write_kbytes_show_20678 session_write_kbytes_show 0 20678 NULL +dvb_dmxdev_buffer_read_20682 dvb_dmxdev_buffer_read 0-4 20682 NULL ++cpumask_size_20683 cpumask_size 0 20683 NULL +btrfs_node_blockptr_20685 btrfs_node_blockptr 0 20685 NULL +store_20687 store 0 20687 NULL +ipath_user_sdma_coalesce_20688 ipath_user_sdma_coalesce 0 20688 NULL @@ -135393,6 +136050,7 @@ index 0000000..89e8e68 +nc_register_read_20875 nc_register_read 0 20875 NULL +command_setexposure_20876 command_setexposure 0 20876 NULL +pci_xircom_init_20881 pci_xircom_init 0 20881 NULL ++import_iovec_20882 import_iovec 0-3 20882 NULL +ace_open_20884 ace_open 0 20884 NULL nohasharray +cfs_cpt_table_create_20884 cfs_cpt_table_create 1 20884 &ace_open_20884 +rb_simple_write_20890 rb_simple_write 3 20890 NULL @@ -135484,6 +136142,7 @@ index 0000000..89e8e68 +write_posted_21108 write_posted 0 21108 NULL +ath6kl_send_go_probe_resp_21113 ath6kl_send_go_probe_resp 3 21113 NULL nohasharray +cyapa_gen5_check_fw_21113 cyapa_gen5_check_fw 0 21113 &ath6kl_send_go_probe_resp_21113 ++unix_dgram_sendmsg_21115 unix_dgram_sendmsg 3 21115 NULL +target_core_show_dev_info_21116 target_core_show_dev_info 0 21116 NULL +snd_ice1712_playback_ds_trigger_21118 snd_ice1712_playback_ds_trigger 0 21118 NULL nohasharray +ddebug_exec_queries_21118 ddebug_exec_queries 0 21118 &snd_ice1712_playback_ds_trigger_21118 nohasharray @@ -135497,13 +136156,16 @@ index 0000000..89e8e68 +i2400m_rx_trace_21127 i2400m_rx_trace 3 21127 NULL +st_gyro_buffer_postenable_21128 st_gyro_buffer_postenable 0 21128 NULL +iwl_dbgfs_uapsd_misbehaving_read_21129 iwl_dbgfs_uapsd_misbehaving_read 3-0 21129 NULL ++rfcomm_sock_recvmsg_21131 rfcomm_sock_recvmsg 3 21131 NULL +snd_nm256_capture_trigger_21135 snd_nm256_capture_trigger 0 21135 NULL +ubifs_write_iter_21137 ubifs_write_iter 0 21137 NULL +target_core_dev_pr_show_attr_res_pr_generation_21138 target_core_dev_pr_show_attr_res_pr_generation 0 21138 NULL -+omfs_writepage_21143 omfs_writepage 0 21143 NULL ++omfs_writepage_21143 omfs_writepage 0 21143 NULL nohasharray ++dgram_sendmsg_21143 dgram_sendmsg 3 21143 &omfs_writepage_21143 +tps6586x_irq_init_21144 tps6586x_irq_init 3 21144 NULL +aoedisk_show_payload_21147 aoedisk_show_payload 0 21147 NULL +new_skb_21148 new_skb 1 21148 NULL ++ocfs2_block_check_validate_21149 ocfs2_block_check_validate 2 21149 NULL +dgram_disconnect_21152 dgram_disconnect 0 21152 NULL +rtl2830_regmap_gather_write_21153 rtl2830_regmap_gather_write 0 21153 NULL +sisfb_set_mode_21155 sisfb_set_mode 0 21155 NULL @@ -135651,6 +136313,7 @@ index 0000000..89e8e68 +firmware_data_read_21488 firmware_data_read 0-5-6 21488 NULL +set_postcode_21490 set_postcode 0-4 21490 NULL +security_list_21491 security_list 0-5 21491 NULL ++dccp_recvmsg_21496 dccp_recvmsg 3 21496 NULL +ads7846_read12_ser_21501 ads7846_read12_ser 0 21501 NULL +force_bredr_smp_write_21502 force_bredr_smp_write 3-0 21502 NULL +mmc_alloc_sg_21504 mmc_alloc_sg 1 21504 NULL @@ -135752,7 +136415,8 @@ index 0000000..89e8e68 +ipv6_confirm_21743 ipv6_confirm 0 21743 NULL +__nf_nat_mangle_tcp_packet_21744 __nf_nat_mangle_tcp_packet 6-8 21744 NULL nohasharray +at91_open_21744 at91_open 0 21744 &__nf_nat_mangle_tcp_packet_21744 -+__scsi_format_command_21749 __scsi_format_command 2 21749 NULL ++__scsi_format_command_21749 __scsi_format_command 2 21749 NULL nohasharray ++ocfs2_direct_IO_extend_no_holes_21749 ocfs2_direct_IO_extend_no_holes 0-3 21749 &__scsi_format_command_21749 +set_sticky_21752 set_sticky 0-4 21752 NULL +mthca_alloc_init_21754 mthca_alloc_init 2 21754 NULL +l2down_create_21755 l2down_create 4 21755 NULL @@ -135773,7 +136437,8 @@ index 0000000..89e8e68 +libipw_get_hdrlen_21792 libipw_get_hdrlen 0 21792 NULL nohasharray +_cx88_start_audio_dma_21792 _cx88_start_audio_dma 0 21792 &libipw_get_hdrlen_21792 +d3cold_allowed_show_21797 d3cold_allowed_show 0 21797 NULL -+aa_may_ptrace_21798 aa_may_ptrace 0 21798 NULL ++aa_may_ptrace_21798 aa_may_ptrace 0 21798 NULL nohasharray ++crypto_sha1_finup_21798 crypto_sha1_finup 0 21798 &aa_may_ptrace_21798 +show_pwm_auto_point_temp_hyst_21800 show_pwm_auto_point_temp_hyst 0 21800 NULL +min_odd_21802 min_odd 0-1-2 21802 NULL +show_rotate_21803 show_rotate 0 21803 NULL @@ -135787,6 +136452,7 @@ index 0000000..89e8e68 +qib_portattr_store_21817 qib_portattr_store 0-4 21817 NULL nohasharray +__kernel_write_21817 __kernel_write 3-0 21817 &qib_portattr_store_21817 +ov9740_g_crop_21818 ov9740_g_crop 0 21818 NULL ++mei_io_cb_alloc_buf_21819 mei_io_cb_alloc_buf 2 21819 NULL +wm8994_request_irq_21822 wm8994_request_irq 2 21822 NULL +lm95234_fill_cache_21823 lm95234_fill_cache 0 21823 NULL +mtd_ecc_stats_errors_show_21825 mtd_ecc_stats_errors_show 0 21825 NULL nohasharray @@ -135920,6 +136586,7 @@ index 0000000..89e8e68 +nf_ct_seq_adjust_22086 nf_ct_seq_adjust 4 22086 NULL +acerhdf_get_mode_22088 acerhdf_get_mode 0 22088 NULL +niu_init_one_rx_channel_22095 niu_init_one_rx_channel 0 22095 NULL ++ocfs2_extend_allocation_22096 ocfs2_extend_allocation 0 22096 NULL +ext3_setattr_22100 ext3_setattr 0 22100 NULL +portio_name_show_22101 portio_name_show 0 22101 NULL +rndis_error_status_22103 rndis_error_status 0 22103 NULL nohasharray @@ -135948,6 +136615,7 @@ index 0000000..89e8e68 +__vlan_device_event_22159 __vlan_device_event 0 22159 NULL +show_otp2en_22160 show_otp2en 0 22160 NULL +set_pwm_enable_22161 set_pwm_enable 0-4 22161 NULL ++devm_ioremap_wc_22162 devm_ioremap_wc 2-3 22162 NULL +pm8001_phy_control_22163 pm8001_phy_control 0 22163 NULL nohasharray +store_pwm_interpolate_22163 store_pwm_interpolate 0-4 22163 &pm8001_phy_control_22163 +lx_hardware_open_22166 lx_hardware_open 0 22166 NULL @@ -135958,7 +136626,8 @@ index 0000000..89e8e68 +dccp_disconnect_22174 dccp_disconnect 0 22174 NULL +beiscsi_adap_family_disp_22179 beiscsi_adap_family_disp 0 22179 NULL nohasharray +nf_nat_ipv6_in_22179 nf_nat_ipv6_in 0 22179 &beiscsi_adap_family_disp_22179 -+iscsi_disc_show_userid_mutual_22181 iscsi_disc_show_userid_mutual 0 22181 NULL ++iscsi_disc_show_userid_mutual_22181 iscsi_disc_show_userid_mutual 0 22181 NULL nohasharray ++hid_sensor_custom_read_22181 hid_sensor_custom_read 3 22181 &iscsi_disc_show_userid_mutual_22181 +channel_dimm_label_store_22189 channel_dimm_label_store 0-4 22189 NULL +xen_acpi_processor_resume_22190 xen_acpi_processor_resume 0 22190 NULL +tps80031_rtc_alarm_irq_enable_22198 tps80031_rtc_alarm_irq_enable 0 22198 NULL @@ -136084,6 +136753,7 @@ index 0000000..89e8e68 +mutex_lock_interruptible_22505 mutex_lock_interruptible 0 22505 NULL nohasharray +asd_version_show_22505 asd_version_show 0 22505 &mutex_lock_interruptible_22505 +fan_pwm1_store_22510 fan_pwm1_store 0-4 22510 NULL ++sha512_ssse3_finup_22514 sha512_ssse3_finup 0 22514 NULL +trim_no_bitmap_22524 trim_no_bitmap 4-3 22524 NULL +attr_press_to_select_store_tpkbd_22525 attr_press_to_select_store_tpkbd 0-4 22525 NULL +snd_cx23885_prepare_22528 snd_cx23885_prepare 0 22528 NULL @@ -136116,6 +136786,7 @@ index 0000000..89e8e68 +btrfs_delalloc_reserve_space_22617 btrfs_delalloc_reserve_space 0 22617 NULL +bootflag_get_22618 bootflag_get 0 22618 NULL +qlcnic_pci_sriov_disable_22622 qlcnic_pci_sriov_disable 0 22622 NULL ++iwl_dbgfs_rx_phyinfo_read_22625 iwl_dbgfs_rx_phyinfo_read 3 22625 NULL +_maybe_not_all_in_one_io_22626 _maybe_not_all_in_one_io 0 22626 NULL +sctp_setsockopt_connectx_old_22631 sctp_setsockopt_connectx_old 3-0 22631 NULL +v9fs_vfs_getattr_dotl_22632 v9fs_vfs_getattr_dotl 0 22632 NULL @@ -136164,12 +136835,14 @@ index 0000000..89e8e68 +ecryptfs_write_metadata_to_contents_22721 ecryptfs_write_metadata_to_contents 3 22721 &qlcnic_83xx_lockless_flash_read32_22721 +mxuport_send_ctrl_urb_22723 mxuport_send_ctrl_urb 0 22723 NULL +channel_dimm_label_show_22728 channel_dimm_label_show 0 22728 NULL nohasharray -+acpi_ex_get_name_string_22728 acpi_ex_get_name_string 0 22728 &channel_dimm_label_show_22728 ++acpi_ex_get_name_string_22728 acpi_ex_get_name_string 0 22728 &channel_dimm_label_show_22728 nohasharray ++ext4_mpage_readpages_22728 ext4_mpage_readpages 0-4 22728 &acpi_ex_get_name_string_22728 +filename_trans_read_22730 filename_trans_read 0 22730 NULL +cx18_copy_buf_to_user_22735 cx18_copy_buf_to_user 4-0 22735 NULL nohasharray +show_filter_22735 show_filter 0 22735 &cx18_copy_buf_to_user_22735 nohasharray +__mlx4_cq_alloc_icm_22735 __mlx4_cq_alloc_icm 0 22735 &show_filter_22735 +ax25_output_22736 ax25_output 2 22736 NULL ++xenbus_map_ring_valloc_pv_22737 xenbus_map_ring_valloc_pv 3 22737 NULL +ceph_decode_32_22738 ceph_decode_32 0 22738 NULL nohasharray +__mei_cl_send_22738 __mei_cl_send 3 22738 &ceph_decode_32_22738 +__writeback_single_inode_22739 __writeback_single_inode 0 22739 NULL @@ -136232,7 +136905,8 @@ index 0000000..89e8e68 +smb_set_file_info_22880 smb_set_file_info 0 22880 NULL +pxa_ep_enable_22883 pxa_ep_enable 0 22883 NULL +vmw_execbuf_process_22885 vmw_execbuf_process 5 22885 NULL nohasharray -+show_counter_tx_flow_stalls_22885 show_counter_tx_flow_stalls 0 22885 &vmw_execbuf_process_22885 ++show_counter_tx_flow_stalls_22885 show_counter_tx_flow_stalls 0 22885 &vmw_execbuf_process_22885 nohasharray ++_mv88e6xxx_phy_read_indirect_22885 _mv88e6xxx_phy_read_indirect 0 22885 &show_counter_tx_flow_stalls_22885 +set_phy_speed_22886 set_phy_speed 0 22886 NULL +show_green_22889 show_green 0 22889 NULL +v9fs_direct_write_22891 v9fs_direct_write 0-3 22891 NULL @@ -136292,6 +136966,7 @@ index 0000000..89e8e68 +iwl_mvm_rm_sta_common_22994 iwl_mvm_rm_sta_common 0 22994 &show_pwm_temp_sel_common_22994 +nouveau_hwmon_show_temp1_auto_point1_pwm_22996 nouveau_hwmon_show_temp1_auto_point1_pwm 0 22996 NULL +pcan_usb_pro_set_silent_23000 pcan_usb_pro_set_silent 0 23000 NULL ++pfkey_sendmsg_23002 pfkey_sendmsg 3 23002 NULL +ubifs_find_free_leb_for_idx_23003 ubifs_find_free_leb_for_idx 0 23003 NULL +tw68_start_streaming_23004 tw68_start_streaming 0 23004 NULL +dig_playback_pcm_prepare_23006 dig_playback_pcm_prepare 0 23006 NULL @@ -136429,6 +137104,7 @@ index 0000000..89e8e68 +sctp_recvmsg_23265 sctp_recvmsg 4-0 23265 NULL nohasharray +intel_map_sg_23265 intel_map_sg 0-3 23265 &sctp_recvmsg_23265 +alg_bind_23268 alg_bind 0 23268 NULL ++sha512_base_do_update_23270 sha512_base_do_update 0 23270 NULL +lan87xx_read_status_23278 lan87xx_read_status 0 23278 NULL +remove_ftrace_ops_23280 remove_ftrace_ops 0 23280 NULL +uwb_dev_addr_print_23282 uwb_dev_addr_print 2 23282 NULL @@ -136473,8 +137149,10 @@ index 0000000..89e8e68 +fscache_fsdef_netfs_get_key_23368 fscache_fsdef_netfs_get_key 0 23368 NULL +fd_setup_write_same_buf_23369 fd_setup_write_same_buf 3 23369 NULL +rawv6_send_hdrinc_23370 rawv6_send_hdrinc 3 23370 NULL ++iwl_pcie_rsa_race_bug_wa_23375 iwl_pcie_rsa_race_bug_wa 0 23375 NULL +bonding_sysfs_store_option_23382 bonding_sysfs_store_option 0-4 23382 NULL +fc0011_writereg_23383 fc0011_writereg 0 23383 NULL ++pppoe_sendmsg_23391 pppoe_sendmsg 3 23391 NULL +kobil_write_23392 kobil_write 0-4 23392 NULL +jffs2_listxattr_23402 jffs2_listxattr 0-3 23402 NULL nohasharray +s_ctrl_23402 s_ctrl 0 23402 &jffs2_listxattr_23402 @@ -136816,7 +137494,8 @@ index 0000000..89e8e68 +lis3lv02d_selftest_show_24139 lis3lv02d_selftest_show 0 24139 &irnet_ctrl_write_24139 nohasharray +xfs_btree_increment_24139 xfs_btree_increment 0 24139 &lis3lv02d_selftest_show_24139 +ov9650_s_ctrl_24141 ov9650_s_ctrl 0 24141 NULL -+mem_cgroup_can_attach_24142 mem_cgroup_can_attach 0 24142 NULL ++mem_cgroup_can_attach_24142 mem_cgroup_can_attach 0 24142 NULL nohasharray ++unix_seqpacket_recvmsg_24142 unix_seqpacket_recvmsg 3 24142 &mem_cgroup_can_attach_24142 +cx24123_tuner_i2c_tuner_xfer_24143 cx24123_tuner_i2c_tuner_xfer 0-3 24143 NULL nohasharray +attr_dragging_show_tpkbd_24143 attr_dragging_show_tpkbd 0 24143 &cx24123_tuner_i2c_tuner_xfer_24143 +__niu_wait_bits_clear_24147 __niu_wait_bits_clear 0 24147 NULL @@ -136836,6 +137515,7 @@ index 0000000..89e8e68 +toshiba_usb_three_set_24183 toshiba_usb_three_set 0 24183 &adv7343_write_24183 +ql_configure_rings_24184 ql_configure_rings 0 24184 NULL +safe_prepare_write_buffer_24187 safe_prepare_write_buffer 3 24187 NULL ++ext4_match_24188 ext4_match 3 24188 NULL +resource_show_24189 resource_show 0 24189 NULL +po1030_set_blue_balance_24191 po1030_set_blue_balance 0 24191 NULL +irq_remapping_setup_msi_irqs_24194 irq_remapping_setup_msi_irqs 2 24194 NULL @@ -136882,6 +137562,7 @@ index 0000000..89e8e68 +azx_pcm_prepare_24285 azx_pcm_prepare 0 24285 NULL nohasharray +power_limit_1_max_uw_show_24285 power_limit_1_max_uw_show 0 24285 &azx_pcm_prepare_24285 +msg_size_24288 msg_size 0 24288 NULL ++__dm_get_module_param_24291 __dm_get_module_param 0-3-2 24291 NULL +ext2_free_blocks_24292 ext2_free_blocks 3-2 24292 NULL +i2c_smbus_check_pec_24297 i2c_smbus_check_pec 0 24297 NULL +map_page_24298 map_page 3-4 24298 NULL @@ -136906,6 +137587,7 @@ index 0000000..89e8e68 +C_SYSC_pwritev_24345 C_SYSC_pwritev 3 24345 NULL +nf_iterate_24348 nf_iterate 0 24348 NULL +prepare_pages_24349 prepare_pages 0 24349 NULL ++rhashtable_insert_slow_24350 rhashtable_insert_slow 0 24350 NULL +kzalloc_node_24352 kzalloc_node 1 24352 NULL +roccat_common2_sysfs_read_macro_24355 roccat_common2_sysfs_read_macro 0-5-6 24355 NULL +lp3972_i2c_read_24364 lp3972_i2c_read 0 24364 NULL @@ -137064,6 +137746,7 @@ index 0000000..89e8e68 +pps_show_24748 pps_show 0 24748 NULL +get_dma_residue_24749 get_dma_residue 0 24749 NULL nohasharray +commit_rxon_24749 commit_rxon 0 24749 &get_dma_residue_24749 ++ntfs_copy_from_user_iter_24753 ntfs_copy_from_user_iter 5-3 24753 NULL +kgdb_hex2mem_24755 kgdb_hex2mem 3 24755 NULL +ddp_device_event_24756 ddp_device_event 0 24756 NULL +get_temp_max_hyst_24757 get_temp_max_hyst 0 24757 NULL @@ -137084,6 +137767,7 @@ index 0000000..89e8e68 +mlx4_SET_PORT_general_24788 mlx4_SET_PORT_general 0 24788 &pb0100_s_ctrl_24788 +cache_read_24790 cache_read 3-0 24790 NULL +i915_gem_check_wedge_24793 i915_gem_check_wedge 0 24793 NULL ++st33zp24_spi_recv_24795 st33zp24_spi_recv 4 24795 NULL +user_regset_copyout_24796 user_regset_copyout 7 24796 NULL nohasharray +show_unchecked_isa_dma_24796 show_unchecked_isa_dma 0 24796 &user_regset_copyout_24796 +register_bcache_24797 register_bcache 0-4 24797 NULL @@ -137099,6 +137783,7 @@ index 0000000..89e8e68 +comedi_buf_alloc_24822 comedi_buf_alloc 3 24822 NULL +ndo_get_phys_port_id_24825 ndo_get_phys_port_id 0 24825 NULL +brport_show_24827 brport_show 0 24827 NULL ++lfib_nlmsg_size_24828 lfib_nlmsg_size 0 24828 NULL +cuse_class_abort_store_24829 cuse_class_abort_store 0-4 24829 NULL +rpf_s_stream_24830 rpf_s_stream 0 24830 NULL +__logfs_truncate_24831 __logfs_truncate 0 24831 NULL @@ -137221,6 +137906,7 @@ index 0000000..89e8e68 +hci_req_add_ev_25115 hci_req_add_ev 3 25115 NULL nohasharray +acpi_ex_create_method_25115 acpi_ex_create_method 0 25115 &hci_req_add_ev_25115 nohasharray +smb2_reconnect_25115 smb2_reconnect 0 25115 &acpi_ex_create_method_25115 ++rxrpc_recvmsg_25121 rxrpc_recvmsg 3 25121 NULL +wl18xx_acx_set_checksum_state_25124 wl18xx_acx_set_checksum_state 0 25124 NULL +lpfc_ack0_show_25126 lpfc_ack0_show 0 25126 NULL +caif_connect_client_25127 caif_connect_client 0 25127 NULL nohasharray @@ -137262,6 +137948,7 @@ index 0000000..89e8e68 +show_thresh_either_en_25218 show_thresh_either_en 0 25218 NULL +open_rx_first_25220 open_rx_first 0 25220 NULL +security_socket_post_create_25221 security_socket_post_create 0 25221 NULL ++ocfs2_block_check_compute_25223 ocfs2_block_check_compute 2 25223 NULL +b43legacy_op_get_stats_25225 b43legacy_op_get_stats 0 25225 NULL +ieee80211_start_tx_ba_session_25229 ieee80211_start_tx_ba_session 0 25229 NULL +sonypi_misc_read_25230 sonypi_misc_read 0-3 25230 NULL @@ -137362,6 +138049,7 @@ index 0000000..89e8e68 +panel_power_on_store_25422 panel_power_on_store 0-4 25422 NULL +pinctrl_gpio_direction_25423 pinctrl_gpio_direction 0 25423 NULL +v4l2_m2m_dqbuf_25427 v4l2_m2m_dqbuf 0 25427 NULL ++netlink_sendmsg_25428 netlink_sendmsg 3 25428 NULL +snd_pcm_lib_ioctl_reset_25437 snd_pcm_lib_ioctl_reset 0 25437 NULL +target_core_dev_wwn_show_attr_vpd_assoc_target_port_25438 target_core_dev_wwn_show_attr_vpd_assoc_target_port 0 25438 NULL +pcmcia_store_new_id_25439 pcmcia_store_new_id 0-3 25439 NULL @@ -137389,7 +138077,8 @@ index 0000000..89e8e68 +do_tcp_setsockopt_25495 do_tcp_setsockopt 0 25495 &dev_show_unique_id_25495 +generic_hdmi_build_jack_25496 generic_hdmi_build_jack 0 25496 NULL +beiscsi_get_host_param_25497 beiscsi_get_host_param 0 25497 NULL -+llc_ui_setsockopt_25501 llc_ui_setsockopt 0 25501 NULL ++llc_ui_setsockopt_25501 llc_ui_setsockopt 0 25501 NULL nohasharray ++ocfs2_hamming_encode_25501 ocfs2_hamming_encode 3 25501 &llc_ui_setsockopt_25501 +ivtv_buf_copy_from_user_25502 ivtv_buf_copy_from_user 4-0 25502 NULL +snd_pcm_plugin_build_25505 snd_pcm_plugin_build 5-0 25505 NULL nohasharray +__orinoco_hw_set_wap_25505 __orinoco_hw_set_wap 0 25505 &snd_pcm_plugin_build_25505 @@ -137611,7 +138300,8 @@ index 0000000..89e8e68 +blk_mq_sysfs_rq_list_show_26028 blk_mq_sysfs_rq_list_show 0 26028 NULL +do_sas_phy_reset_26034 do_sas_phy_reset 0-2 26034 NULL nohasharray +bdc_gadget_ep_queue_26034 bdc_gadget_ep_queue 0 26034 &do_sas_phy_reset_26034 -+bad_inode_setxattr_26035 bad_inode_setxattr 0 26035 NULL ++bad_inode_setxattr_26035 bad_inode_setxattr 0 26035 NULL nohasharray ++ntfs_perform_write_26035 ntfs_perform_write 3 26035 &bad_inode_setxattr_26035 +selinux_inode_post_setxattr_26037 selinux_inode_post_setxattr 4 26037 NULL nohasharray +rt2x00debug_read_dev_flags_26037 rt2x00debug_read_dev_flags 0-3 26037 &selinux_inode_post_setxattr_26037 +show_fnode_data_seq_in_order_26041 show_fnode_data_seq_in_order 0 26041 NULL @@ -137653,7 +138343,8 @@ index 0000000..89e8e68 +skb_cow_26138 skb_cow 2 26138 NULL +video_get_cur_state_26142 video_get_cur_state 0 26142 NULL +func_id_show_26143 func_id_show 0 26143 NULL -+core_alua_store_tg_pt_gp_info_26144 core_alua_store_tg_pt_gp_info 0-3 26144 NULL ++core_alua_store_tg_pt_gp_info_26144 core_alua_store_tg_pt_gp_info 0-3 26144 NULL nohasharray ++chaoskey_read_26144 chaoskey_read 3 26144 &core_alua_store_tg_pt_gp_info_26144 +ath9k_hw_name_26146 ath9k_hw_name 3 26146 NULL +ivtv_sendbyte_26147 ivtv_sendbyte 0 26147 NULL nohasharray +ufshcd_devfreq_target_26147 ufshcd_devfreq_target 0 26147 &ivtv_sendbyte_26147 @@ -137783,7 +138474,8 @@ index 0000000..89e8e68 +cx23885_start_streaming_26406 cx23885_start_streaming 0 26406 NULL +firmware_store_26408 firmware_store 4-0 26408 NULL +lx_pcm_trigger_dispatch_26419 lx_pcm_trigger_dispatch 0 26419 NULL nohasharray -+bl_prepare_layoutcommit_26419 bl_prepare_layoutcommit 0 26419 &lx_pcm_trigger_dispatch_26419 ++bl_prepare_layoutcommit_26419 bl_prepare_layoutcommit 0 26419 &lx_pcm_trigger_dispatch_26419 nohasharray ++serial2002_tty_write_26419 serial2002_tty_write 3 26419 &bl_prepare_layoutcommit_26419 +br_nf_post_routing_26421 br_nf_post_routing 0 26421 NULL +virtual_start_show_26424 virtual_start_show 0 26424 NULL +erst_exec_add_26425 erst_exec_add 0 26425 NULL nohasharray @@ -137831,7 +138523,8 @@ index 0000000..89e8e68 +iwl_dbgfs_rf_reset_read_26512 iwl_dbgfs_rf_reset_read 3-0 26512 NULL +l2cap_build_conf_req_26513 l2cap_build_conf_req 0 26513 NULL +retu_regmap_write_26516 retu_regmap_write 0 26516 NULL nohasharray -+ths7303_s_dv_timings_26516 ths7303_s_dv_timings 0 26516 &retu_regmap_write_26516 ++ths7303_s_dv_timings_26516 ths7303_s_dv_timings 0 26516 &retu_regmap_write_26516 nohasharray ++mv88e6xxx_phy_wait_26516 mv88e6xxx_phy_wait 0 26516 &ths7303_s_dv_timings_26516 +cxacru_sysfs_show_line_status_26518 cxacru_sysfs_show_line_status 0 26518 NULL +alloc_ep_req_26521 alloc_ep_req 3-2 26521 NULL +portio_size_show_26525 portio_size_show 0 26525 NULL @@ -137874,6 +138567,7 @@ index 0000000..89e8e68 +mem_cgroup_oom_control_write_26619 mem_cgroup_oom_control_write 0 26619 NULL +iommu_alloc_26621 iommu_alloc 4 26621 NULL +aa_change_profile_26624 aa_change_profile 0 26624 NULL ++iwl_mvm_init_mcc_26625 iwl_mvm_init_mcc 0 26625 NULL +pwr_fix_tsf_ps_read_26627 pwr_fix_tsf_ps_read 3-0 26627 NULL +nouveau_hwmon_set_max_temp_26628 nouveau_hwmon_set_max_temp 0-4 26628 NULL +si4713_set_rds_radio_text_26629 si4713_set_rds_radio_text 0 26629 NULL @@ -137909,6 +138603,7 @@ index 0000000..89e8e68 +show_in_input0_26705 show_in_input0 0 26705 NULL nohasharray +amd_xgbe_phy_soft_reset_26705 amd_xgbe_phy_soft_reset 0 26705 &show_in_input0_26705 nohasharray +uwb_dev_RSSI_store_26705 uwb_dev_RSSI_store 0-4 26705 &amd_xgbe_phy_soft_reset_26705 ++xenbus_map_ring_valloc_hvm_26709 xenbus_map_ring_valloc_hvm 3 26709 NULL +cx18_av_s_stream_26713 cx18_av_s_stream 0 26713 NULL nohasharray +rtllib_authentication_req_26713 rtllib_authentication_req 3 26713 &cx18_av_s_stream_26713 +yellowfin_init_ring_26714 yellowfin_init_ring 0 26714 NULL @@ -137927,6 +138622,7 @@ index 0000000..89e8e68 +b43legacy_attr_preamble_show_26740 b43legacy_attr_preamble_show 0 26740 NULL nohasharray +osst_probe_26740 osst_probe 0 26740 &b43legacy_attr_preamble_show_26740 +pipeline_tcp_rx_stat_fifo_int_read_26745 pipeline_tcp_rx_stat_fifo_int_read 3-0 26745 NULL ++mpls_rt_alloc_26748 mpls_rt_alloc 1 26748 NULL +bcm87xx_read_status_26749 bcm87xx_read_status 0 26749 NULL +virtscsi_change_queue_depth_26751 virtscsi_change_queue_depth 2-0 26751 NULL +msg_from_mpoad_26753 msg_from_mpoad 0 26753 NULL nohasharray @@ -137948,6 +138644,7 @@ index 0000000..89e8e68 +bond_slave_netdev_event_26777 bond_slave_netdev_event 0 26777 NULL +inotify_read_26778 inotify_read 0-3 26778 NULL +dma_map_single_attrs_26779 dma_map_single_attrs 0 26779 NULL ++resize_platform_label_table_26780 resize_platform_label_table 2 26780 NULL +read_port_26787 read_port 0-3 26787 NULL +store_bank1_mask_26793 store_bank1_mask 0-4 26793 NULL +compat_sys_recv_26794 compat_sys_recv 3 26794 NULL @@ -137977,6 +138674,7 @@ index 0000000..89e8e68 +ecryptfs_miscdev_write_26847 ecryptfs_miscdev_write 3-0 26847 NULL +ss_alloc_ep_req_26848 ss_alloc_ep_req 2 26848 NULL +gx_frame_buffer_size_26851 gx_frame_buffer_size 0 26851 NULL ++nfs_post_op_update_inode_locked_26852 nfs_post_op_update_inode_locked 0 26852 NULL +core_tpg_set_initiator_node_tag_26853 core_tpg_set_initiator_node_tag 0 26853 NULL nohasharray +ipath_f_set_ib_cfg_26853 ipath_f_set_ib_cfg 0 26853 &core_tpg_set_initiator_node_tag_26853 +sisusb_read_26856 sisusb_read 0-3 26856 NULL @@ -138027,7 +138725,8 @@ index 0000000..89e8e68 +lx_dsp_set_granularity_26954 lx_dsp_set_granularity 0 26954 NULL +mesh_id_set_26957 mesh_id_set 0-4 26957 NULL +adp8870_bl_ambient_light_zone_store_26959 adp8870_bl_ambient_light_zone_store 0-4 26959 NULL -+ext4_xattr_user_get_26961 ext4_xattr_user_get 0 26961 NULL ++ext4_xattr_user_get_26961 ext4_xattr_user_get 0 26961 NULL nohasharray ++add_fake_paths_26961 add_fake_paths 0 26961 &ext4_xattr_user_get_26961 +trackpoint_set_bit_attr_26969 trackpoint_set_bit_attr 0-4 26969 NULL +tb_path_alloc_26976 tb_path_alloc 2 26976 NULL nohasharray +lpfc_enable_hba_reset_show_26976 lpfc_enable_hba_reset_show 0 26976 &tb_path_alloc_26976 @@ -138063,7 +138762,8 @@ index 0000000..89e8e68 +hotkey_mask_show_27048 hotkey_mask_show 0 27048 NULL +sc16is7xx_port_read_27051 sc16is7xx_port_read 0 27051 NULL +show_fnode_discovery_parent_idx_27053 show_fnode_discovery_parent_idx 0 27053 NULL -+ufs_alloc_fragments_27059 ufs_alloc_fragments 3-0-2 27059 NULL ++ufs_alloc_fragments_27059 ufs_alloc_fragments 3-0-2 27059 NULL nohasharray ++snd_ctl_new_27059 snd_ctl_new 2 27059 &ufs_alloc_fragments_27059 +group_store_27061 group_store 4-0 27061 NULL +__videobuf_alloc_vb_27062 __videobuf_alloc_vb 1 27062 NULL +proc_fd_permission_27063 proc_fd_permission 0 27063 NULL @@ -138125,6 +138825,7 @@ index 0000000..89e8e68 +mt9t031_g_crop_27191 mt9t031_g_crop 0 27191 NULL +freeze_fs_27192 freeze_fs 0 27192 NULL +r852_media_type_show_27193 r852_media_type_show 0 27193 NULL ++hfs_direct_IO_27195 hfs_direct_IO 3 27195 NULL +vmci_transport_notify_pkt_recv_init_27208 vmci_transport_notify_pkt_recv_init 0 27208 NULL +toggle_hdmi_source_27212 toggle_hdmi_source 0-4 27212 NULL +target_stat_scsi_lu_show_attr_dev_type_27222 target_stat_scsi_lu_show_attr_dev_type 0 27222 NULL @@ -138203,6 +138904,7 @@ index 0000000..89e8e68 +wl1251_hw_init_rx_config_27393 wl1251_hw_init_rx_config 0 27393 NULL +init_memory_mapping_27395 init_memory_mapping 0 27395 NULL +padata_sysfs_store_27398 padata_sysfs_store 0-4 27398 NULL ++parser_init_byte_stream_27399 parser_init_byte_stream 2 27399 NULL +if_nlmsg_size_27404 if_nlmsg_size 0 27404 NULL +tcm_qla2xxx_tpg_attrib_store_demo_mode_login_only_27405 tcm_qla2xxx_tpg_attrib_store_demo_mode_login_only 0-3 27405 NULL +seq_read_27411 seq_read 3-0 27411 NULL nohasharray @@ -138434,6 +139136,7 @@ index 0000000..89e8e68 +bio_next_split_27961 bio_next_split 2 27961 NULL nohasharray +tracing_clock_write_27961 tracing_clock_write 3 27961 &bio_next_split_27961 +ec168_ctrl_msg_27963 ec168_ctrl_msg 0 27963 NULL ++snd_hdac_bus_exec_verb_unlocked_27964 snd_hdac_bus_exec_verb_unlocked 0 27964 NULL +tipc_media_addr_printf_27971 tipc_media_addr_printf 2 27971 NULL nohasharray +nfs4_read_cached_acl_27971 nfs4_read_cached_acl 0 27971 &tipc_media_addr_printf_27971 +mic_rx_pkts_read_27972 mic_rx_pkts_read 3-0 27972 NULL nohasharray @@ -138583,7 +139286,8 @@ index 0000000..89e8e68 +acpi_register_gsi_xen_28305 acpi_register_gsi_xen 2 28305 &nouveau_compat_ioctl_28305 +print_fw_version_28310 print_fw_version 0 28310 NULL +phys_switch_id_show_28314 phys_switch_id_show 0 28314 NULL -+adp5520_bl_office_max_store_28316 adp5520_bl_office_max_store 4-0 28316 NULL ++adp5520_bl_office_max_store_28316 adp5520_bl_office_max_store 4-0 28316 NULL nohasharray ++do_loop_readv_writev_28316 do_loop_readv_writev 0 28316 &adp5520_bl_office_max_store_28316 +snd_pcm_oss_read_28317 snd_pcm_oss_read 3-0 28317 NULL nohasharray +il4965_show_temperature_28317 il4965_show_temperature 0 28317 &snd_pcm_oss_read_28317 +generic_access_phys_28318 generic_access_phys 2-4 28318 NULL @@ -138666,7 +139370,8 @@ index 0000000..89e8e68 +ocfs2_backup_super_blkno_28484 ocfs2_backup_super_blkno 0-2 28484 NULL nohasharray +tty_read_28484 tty_read 0-3 28484 &ocfs2_backup_super_blkno_28484 +__filemap_fdatawrite_28485 __filemap_fdatawrite 0 28485 NULL -+coda_revalidate_inode_28489 coda_revalidate_inode 0 28489 NULL ++coda_revalidate_inode_28489 coda_revalidate_inode 0 28489 NULL nohasharray ++udp_uncompress_28489 udp_uncompress 2 28489 &coda_revalidate_inode_28489 +max_response_pages_28492 max_response_pages 0 28492 NULL +pxa168_eth_set_mac_address_28494 pxa168_eth_set_mac_address 0 28494 NULL +snd_interval_refine_max_28498 snd_interval_refine_max 0 28498 NULL @@ -138743,7 +139448,8 @@ index 0000000..89e8e68 +au6610_i2c_xfer_28645 au6610_i2c_xfer 0-3 28645 NULL +jfs_statfs_28649 jfs_statfs 0 28649 NULL +byte_read_data_28650 byte_read_data 0 28650 NULL -+p9_fcall_alloc_28652 p9_fcall_alloc 1 28652 NULL ++p9_fcall_alloc_28652 p9_fcall_alloc 1 28652 NULL nohasharray ++sco_sock_recvmsg_28652 sco_sock_recvmsg 3 28652 &p9_fcall_alloc_28652 +nilfs_construct_dsync_segment_28656 nilfs_construct_dsync_segment 0 28656 NULL +dpm_suspend_28657 dpm_suspend 0 28657 NULL +fsnotify_add_event_28660 fsnotify_add_event 0 28660 NULL @@ -138776,9 +139482,11 @@ index 0000000..89e8e68 +tcp_cgroup_write_28723 tcp_cgroup_write 0-3 28723 NULL +ip6_pkt_discard_out_28724 ip6_pkt_discard_out 0 28724 NULL +spi_sync_locked_28726 spi_sync_locked 0 28726 NULL ++cxgb4_write_rss_28727 cxgb4_write_rss 0 28727 NULL +drm_plane_init_28731 drm_plane_init 6 28731 NULL nohasharray +nfs_revalidate_file_size_28731 nfs_revalidate_file_size 0 28731 &drm_plane_init_28731 +spi_execute_28736 spi_execute 5 28736 NULL ++add_advertising_28737 add_advertising 4 28737 NULL +snd_pcm_aio_write_28738 snd_pcm_aio_write 3-0 28738 NULL nohasharray +mwifiex_cmd_tx_rate_cfg_28738 mwifiex_cmd_tx_rate_cfg 0 28738 &snd_pcm_aio_write_28738 +switch_channel_28739 switch_channel 0 28739 NULL @@ -138830,6 +139538,7 @@ index 0000000..89e8e68 +input_dev_show_phys_28859 input_dev_show_phys 0 28859 NULL +smack_ipv4_output_28860 smack_ipv4_output 0 28860 NULL +e100_self_test_28862 e100_self_test 0 28862 NULL ++create_of_modalias_28866 create_of_modalias 0 28866 NULL +ipv6_renew_options_28867 ipv6_renew_options 5 28867 NULL +profile_init_28870 profile_init 0 28870 NULL +b43_gphy_op_interf_mitigation_28872 b43_gphy_op_interf_mitigation 0 28872 NULL @@ -138854,6 +139563,7 @@ index 0000000..89e8e68 +walk_tg_tree_from_28923 walk_tg_tree_from 0 28923 NULL +ps_upsd_timeouts_read_28924 ps_upsd_timeouts_read 3-0 28924 NULL +iwl_dbgfs_sleep_level_override_write_28925 iwl_dbgfs_sleep_level_override_write 3-0 28925 NULL ++ocfs2_frozen_trigger_28929 ocfs2_frozen_trigger 4 28929 NULL +__ext2_write_inode_28931 __ext2_write_inode 0 28931 NULL +btrfs_set_prop_28935 btrfs_set_prop 0 28935 NULL +patch_cs4213_28937 patch_cs4213 0 28937 NULL @@ -139024,6 +139734,7 @@ index 0000000..89e8e68 +atyfb_set_par_29275 atyfb_set_par 0 29275 NULL +prism2_set_genericelement_29277 prism2_set_genericelement 3 29277 NULL +set_force_pwm_max_29278 set_force_pwm_max 0-4 29278 NULL ++bitmap_ord_to_pos_29279 bitmap_ord_to_pos 3 29279 NULL +_abb5zes3_rtc_update_alarm_29283 _abb5zes3_rtc_update_alarm 0 29283 NULL +_abb5zes3_rtc_set_timer_29286 _abb5zes3_rtc_set_timer 0 29286 NULL +iwl_mvm_send_cmd_pdu_status_29288 iwl_mvm_send_cmd_pdu_status 0 29288 NULL @@ -139033,7 +139744,8 @@ index 0000000..89e8e68 +writeset_alloc_29304 writeset_alloc 2 29304 NULL nohasharray +tpacpi_rfk_update_swstate_29304 tpacpi_rfk_update_swstate 0 29304 &writeset_alloc_29304 +abb5zes3_rtc_set_alarm_29308 abb5zes3_rtc_set_alarm 0 29308 NULL -+regmap_spmi_ext_read_29311 regmap_spmi_ext_read 0 29311 NULL ++regmap_spmi_ext_read_29311 regmap_spmi_ext_read 0 29311 NULL nohasharray ++mempool_resize_29311 mempool_resize 2 29311 ®map_spmi_ext_read_29311 +brcmf_sdio_tx_ctrlframe_29314 brcmf_sdio_tx_ctrlframe 3 29314 NULL +__fuse_get_req_29315 __fuse_get_req 2 29315 NULL +dac33_hw_write_29317 dac33_hw_write 3 29317 NULL nohasharray @@ -139061,6 +139773,7 @@ index 0000000..89e8e68 +write_block_data_29390 write_block_data 0 29390 NULL nohasharray +sleep_millisecs_store_29390 sleep_millisecs_store 0-4 29390 &write_block_data_29390 +store_29393 store 0 29393 NULL ++hci_sock_sendmsg_29396 hci_sock_sendmsg 3 29396 NULL +lpfc_use_adisc_show_29400 lpfc_use_adisc_show 0 29400 NULL +_ctl_diag_trigger_master_show_29403 _ctl_diag_trigger_master_show 0 29403 NULL nohasharray +shm16read__write_file_29403 shm16read__write_file 0 29403 &_ctl_diag_trigger_master_show_29403 @@ -139190,7 +139903,9 @@ index 0000000..89e8e68 +chv_gpio_direction_input_29662 chv_gpio_direction_input 0 29662 NULL nohasharray +e100_phy_init_29662 e100_phy_init 0 29662 &chv_gpio_direction_input_29662 +user_get_29663 user_get 0 29663 NULL -+br_send_bpdu_29669 br_send_bpdu 3 29669 NULL ++br_send_bpdu_29669 br_send_bpdu 3 29669 NULL nohasharray ++rfcomm_sock_sendmsg_29669 rfcomm_sock_sendmsg 3 29669 &br_send_bpdu_29669 ++br_nlmsg_size_29671 br_nlmsg_size 0 29671 NULL +sisusb_write_mem_bulk_29678 sisusb_write_mem_bulk 4-0 29678 NULL +pmbus_regulator_enable_29679 pmbus_regulator_enable 0 29679 NULL +netxen_store_bridged_mode_29684 netxen_store_bridged_mode 0-4 29684 NULL @@ -139210,7 +139925,8 @@ index 0000000..89e8e68 +sht15_show_temp_29714 sht15_show_temp 0 29714 NULL +compat_write_data_29715 compat_write_data 0 29715 NULL +target_core_alua_tg_pt_gp_show_attr_alua_write_metadata_29716 target_core_alua_tg_pt_gp_show_attr_alua_write_metadata 0 29716 NULL nohasharray -+wl1251_acx_station_id_29716 wl1251_acx_station_id 0 29716 &target_core_alua_tg_pt_gp_show_attr_alua_write_metadata_29716 ++wl1251_acx_station_id_29716 wl1251_acx_station_id 0 29716 &target_core_alua_tg_pt_gp_show_attr_alua_write_metadata_29716 nohasharray ++ext4_ext_direct_IO_29716 ext4_ext_direct_IO 3 29716 &wl1251_acx_station_id_29716 +sdev_show_evt_soft_threshold_reached_29724 sdev_show_evt_soft_threshold_reached 0 29724 NULL +dbs_cpufreq_notifier_29729 dbs_cpufreq_notifier 0 29729 NULL +wake_show_29730 wake_show 0 29730 NULL @@ -139274,7 +139990,8 @@ index 0000000..89e8e68 +itd_submit_29871 itd_submit 0 29871 &ipv6_setsockopt_29871 nohasharray +ath10k_mac_vif_recalc_ps_poll_count_29871 ath10k_mac_vif_recalc_ps_poll_count 0 29871 &itd_submit_29871 +dma_map_xdr_29874 dma_map_xdr 0 29874 NULL -+show_engine3_mode_29876 show_engine3_mode 0 29876 NULL ++show_engine3_mode_29876 show_engine3_mode 0 29876 NULL nohasharray ++br_get_link_af_size_filtered_29876 br_get_link_af_size_filtered 0 29876 &show_engine3_mode_29876 +setup_29880 setup 0 29880 NULL +store_pan_29882 store_pan 0-4 29882 NULL +nfc_targets_found_29886 nfc_targets_found 3 29886 NULL nohasharray @@ -139307,6 +140024,7 @@ index 0000000..89e8e68 +crb_do_acpi_start_29961 crb_do_acpi_start 0 29961 NULL +init_29962 init 0 29962 NULL +ubifs_readpage_29965 ubifs_readpage 0 29965 NULL ++dn_sendmsg_29966 dn_sendmsg 3 29966 NULL +vfb_set_par_29967 vfb_set_par 0 29967 NULL +register_one_node_29973 register_one_node 0 29973 NULL +acpi_ut_copy_iobject_to_eobject_29974 acpi_ut_copy_iobject_to_eobject 0 29974 NULL @@ -139351,7 +140069,8 @@ index 0000000..89e8e68 +tipc_sk_rcv_30090 tipc_sk_rcv 0 30090 NULL +cxgbi_ddp_reserve_30091 cxgbi_ddp_reserve 4 30091 NULL +snd_midi_channel_init_set_30092 snd_midi_channel_init_set 1 30092 NULL -+tg3_run_loopback_30093 tg3_run_loopback 2 30093 NULL ++tg3_run_loopback_30093 tg3_run_loopback 2 30093 NULL nohasharray ++generic_write_checks_30093 generic_write_checks 0 30093 &tg3_run_loopback_30093 +wake_lock_store_30096 wake_lock_store 0-4 30096 NULL +rx_filter_data_filter_read_30098 rx_filter_data_filter_read 3-0 30098 NULL +mlx5_cmd_exec_30102 mlx5_cmd_exec 0 30102 NULL @@ -139376,7 +140095,8 @@ index 0000000..89e8e68 +ext4_write_inline_data_end_30151 ext4_write_inline_data_end 0-4 30151 NULL +hvfb_check_var_30153 hvfb_check_var 0 30153 NULL +elfcorehdr_read_30159 elfcorehdr_read 2 30159 NULL -+netlink_realloc_groups_30162 netlink_realloc_groups 0 30162 NULL ++netlink_realloc_groups_30162 netlink_realloc_groups 0 30162 NULL nohasharray ++start_stop_khugepaged_30162 start_stop_khugepaged 0 30162 &netlink_realloc_groups_30162 +alloc_switch_ctx_30165 alloc_switch_ctx 2 30165 NULL +sundance_set_mac_addr_30166 sundance_set_mac_addr 0 30166 NULL +cs_init_30168 cs_init 0 30168 NULL @@ -139438,7 +140158,8 @@ index 0000000..89e8e68 +dn_dev_get_first_30296 dn_dev_get_first 0 30296 &tcp_sendmsg_30296 +snd_card_asihpi_playback_prepare_30297 snd_card_asihpi_playback_prepare 0 30297 NULL nohasharray +lbs_get_reg_30297 lbs_get_reg 0 30297 &snd_card_asihpi_playback_prepare_30297 -+qlcnic_netdev_event_30299 qlcnic_netdev_event 0 30299 NULL ++qlcnic_netdev_event_30299 qlcnic_netdev_event 0 30299 NULL nohasharray ++irda_sendmsg_dgram_30299 irda_sendmsg_dgram 3 30299 &qlcnic_netdev_event_30299 +__av7110_send_fw_cmd_30300 __av7110_send_fw_cmd 0 30300 NULL +fm_rx_set_mute_mode_30305 fm_rx_set_mute_mode 0 30305 NULL nohasharray +osc_contention_seconds_seq_write_30305 osc_contention_seconds_seq_write 3 30305 &fm_rx_set_mute_mode_30305 @@ -139462,7 +140183,8 @@ index 0000000..89e8e68 +s5k83a_set_hvflip_30350 s5k83a_set_hvflip 0 30350 &cyapa_gen3_show_baseline_30350 +__vmalloc_node_flags_30352 __vmalloc_node_flags 1 30352 NULL nohasharray +mmio32read__read_file_30352 mmio32read__read_file 0 30352 &__vmalloc_node_flags_30352 -+show_ipOutNoRoutes_30355 show_ipOutNoRoutes 0 30355 NULL ++show_ipOutNoRoutes_30355 show_ipOutNoRoutes 0 30355 NULL nohasharray ++wil_reset_30355 wil_reset 0 30355 &show_ipOutNoRoutes_30355 +wake_up_key_show_30358 wake_up_key_show 0 30358 NULL +gfs2_trans_begin_30359 gfs2_trans_begin 0 30359 NULL +ipx_getname_30363 ipx_getname 0 30363 NULL @@ -139491,7 +140213,8 @@ index 0000000..89e8e68 +lp3971_set_bits_30418 lp3971_set_bits 0 30418 NULL +ext3_xattr_list_30419 ext3_xattr_list 0 30419 NULL +vb2_fop_write_30420 vb2_fop_write 3-0 30420 NULL -+lpfc_npiv_info_show_30421 lpfc_npiv_info_show 0 30421 NULL ++lpfc_npiv_info_show_30421 lpfc_npiv_info_show 0 30421 NULL nohasharray ++trace_insert_enum_map_30421 trace_insert_enum_map 3 30421 &lpfc_npiv_info_show_30421 +iscsi_stat_login_attr_show_30423 iscsi_stat_login_attr_show 0 30423 NULL +tx_tx_template_prepared_read_30424 tx_tx_template_prepared_read 3-0 30424 NULL nohasharray +sequencer_write_30424 sequencer_write 0-4 30424 &tx_tx_template_prepared_read_30424 nohasharray @@ -139563,6 +140286,7 @@ index 0000000..89e8e68 +xfs_setattr_nonsize_30550 xfs_setattr_nonsize 0 30550 &lp3972_i2c_write_30550 nohasharray +logfs_setattr_30550 logfs_setattr 0 30550 &xfs_setattr_nonsize_30550 +usb_serial_generic_open_30553 usb_serial_generic_open 0 30553 NULL ++_mv88e6xxx_reg_write_30554 _mv88e6xxx_reg_write 0 30554 NULL +ixgbevf_acquire_msix_vectors_30559 ixgbevf_acquire_msix_vectors 2 30559 NULL +qlcnic_sriov_pf_create_flr_queue_30560 qlcnic_sriov_pf_create_flr_queue 0 30560 NULL +disk_expand_part_tbl_30561 disk_expand_part_tbl 2 30561 NULL nohasharray @@ -139735,6 +140459,7 @@ index 0000000..89e8e68 +sctp_setsockopt_rtoinfo_30941 sctp_setsockopt_rtoinfo 3-0 30941 NULL nohasharray +parport_uss720_ecp_read_data_30941 parport_uss720_ecp_read_data 0 30941 &sctp_setsockopt_rtoinfo_30941 +sctp_do_bind_30943 sctp_do_bind 0 30943 NULL ++affs_direct_IO_30947 affs_direct_IO 3 30947 NULL +reserve_space_30953 reserve_space 0 30953 NULL nohasharray +store_30953 store 0-4 30953 &reserve_space_30953 +st_accel_buffer_preenable_30954 st_accel_buffer_preenable 0 30954 NULL @@ -139817,6 +140542,7 @@ index 0000000..89e8e68 +ssb_read16_31139 ssb_read16 0 31139 NULL +store_speed_scan_31141 store_speed_scan 0-4 31141 NULL +b43_sdio_request_irq_31144 b43_sdio_request_irq 0 31144 NULL ++caif_seqpkt_recvmsg_31145 caif_seqpkt_recvmsg 3 31145 NULL +patch_nvhdmi_31148 patch_nvhdmi 0 31148 NULL +acpi_cpu_soft_notify_31149 acpi_cpu_soft_notify 0 31149 NULL +uvc_start_streaming_31157 uvc_start_streaming 0 31157 NULL @@ -139897,6 +140623,7 @@ index 0000000..89e8e68 +platform_device_add_31340 platform_device_add 0 31340 NULL +jffs2_trusted_listxattr_31348 jffs2_trusted_listxattr 0-5 31348 NULL nohasharray +snd_seq_enqueue_event_31348 snd_seq_enqueue_event 0 31348 &jffs2_trusted_listxattr_31348 ++sha256_base_finish_31352 sha256_base_finish 0 31352 NULL +queue_setup_31353 queue_setup 0 31353 NULL +vpx3220_s_ctrl_31356 vpx3220_s_ctrl 0 31356 NULL +outlen_write_31358 outlen_write 3-0 31358 NULL @@ -139930,6 +140657,7 @@ index 0000000..89e8e68 +cxacru_sysfs_show_downstream_attenuation_31423 cxacru_sysfs_show_downstream_attenuation 0 31423 NULL +TSS_checkhmac1_31429 TSS_checkhmac1 0 31429 NULL +iuu_open_31432 iuu_open 0 31432 NULL ++ext4_find_dest_de_31440 ext4_find_dest_de 7 31440 NULL +acpi_sci_ioapic_setup_31445 acpi_sci_ioapic_setup 4 31445 NULL nohasharray +snd_ice1712_capture_prepare_31445 snd_ice1712_capture_prepare 0 31445 &acpi_sci_ioapic_setup_31445 +security_set_bools_31447 security_set_bools 0 31447 NULL @@ -139971,7 +140699,8 @@ index 0000000..89e8e68 +fs_send_31530 fs_send 0 31530 NULL +cyapa_poll_state_31531 cyapa_poll_state 0 31531 NULL +__mv88e6xxx_reg_read_31534 __mv88e6xxx_reg_read 0 31534 NULL -+tvp5150_s_ctrl_31535 tvp5150_s_ctrl 0 31535 NULL ++tvp5150_s_ctrl_31535 tvp5150_s_ctrl 0 31535 NULL nohasharray ++irda_recvmsg_dgram_31535 irda_recvmsg_dgram 3 31535 &tvp5150_s_ctrl_31535 +hidraw_write_31536 hidraw_write 3-0 31536 NULL +mtd_div_by_eb_31543 mtd_div_by_eb 0-1 31543 NULL nohasharray +powerclamp_cpu_callback_31543 powerclamp_cpu_callback 0 31543 &mtd_div_by_eb_31543 @@ -140106,7 +140835,9 @@ index 0000000..89e8e68 +ad7793_read_frequency_31825 ad7793_read_frequency 0 31825 NULL +ocfs2_readpage_inline_31829 ocfs2_readpage_inline 0 31829 NULL +any_show_31831 any_show 0 31831 NULL -+notify_send_pre_enqueue_31834 notify_send_pre_enqueue 0 31834 NULL ++i915_get_ggtt_vma_pages_31833 i915_get_ggtt_vma_pages 0 31833 NULL ++notify_send_pre_enqueue_31834 notify_send_pre_enqueue 0 31834 NULL nohasharray ++_mv88e6xxx_phy_read_31834 _mv88e6xxx_phy_read 0 31834 ¬ify_send_pre_enqueue_31834 +cachefiles_daemon_fcull_31835 cachefiles_daemon_fcull 0 31835 NULL +__bond_release_one_31836 __bond_release_one 0 31836 NULL +isp1362_urb_enqueue_31839 isp1362_urb_enqueue 0 31839 NULL @@ -140307,6 +141038,8 @@ index 0000000..89e8e68 +show_control_32286 show_control 0 32286 NULL +uart401_open_32288 uart401_open 0 32288 NULL +l3_alloc_skb_32289 l3_alloc_skb 1 32289 NULL ++netvsc_send_pkt_32291 netvsc_send_pkt 0 32291 NULL ++alloc_ofld_rxqs_32293 alloc_ofld_rxqs 0 32293 NULL +proc_sys_getattr_32297 proc_sys_getattr 0 32297 NULL +sisusb_read_memio_long_32299 sisusb_read_memio_long 0 32299 NULL +find_ci_32301 find_ci 0 32301 NULL @@ -140381,7 +141114,8 @@ index 0000000..89e8e68 +bcm7xxx_28nm_b0_afe_config_init_32439 bcm7xxx_28nm_b0_afe_config_init 0 32439 NULL nohasharray +break_ksm_32439 break_ksm 0 32439 &bcm7xxx_28nm_b0_afe_config_init_32439 +fore200e_pca_proc_read_32440 fore200e_pca_proc_read 0 32440 NULL nohasharray -+cfq_set_leaf_weight_32440 cfq_set_leaf_weight 0 32440 &fore200e_pca_proc_read_32440 ++cfq_set_leaf_weight_32440 cfq_set_leaf_weight 0 32440 &fore200e_pca_proc_read_32440 nohasharray ++reiserfs_direct_IO_32440 reiserfs_direct_IO 3 32440 &cfq_set_leaf_weight_32440 +show_in16_32441 show_in16 0 32441 NULL +axnet_resume_32442 axnet_resume 0 32442 NULL +cx25840_s_ctrl_32444 cx25840_s_ctrl 0 32444 NULL @@ -140441,7 +141175,8 @@ index 0000000..89e8e68 +device_change_notifier_32558 device_change_notifier 0 32558 NULL +bitmap_store_32559 bitmap_store 0-3 32559 NULL +ipgre_header_32561 ipgre_header 0 32561 NULL nohasharray -+alloc_dma_desc_resources_32561 alloc_dma_desc_resources 0 32561 &ipgre_header_32561 ++alloc_dma_desc_resources_32561 alloc_dma_desc_resources 0 32561 &ipgre_header_32561 nohasharray ++__blockdev_direct_IO_32561 __blockdev_direct_IO 5-0 32561 &alloc_dma_desc_resources_32561 +aes_encrypt_fail_read_32562 aes_encrypt_fail_read 3-0 32562 NULL +loop_attr_backing_file_show_32564 loop_attr_backing_file_show 0 32564 NULL +osc_iocontrol_32565 osc_iocontrol 3 32565 NULL @@ -140592,6 +141327,7 @@ index 0000000..89e8e68 +write_policy_show_32908 write_policy_show 0 32908 NULL +show_fan16_32912 show_fan16 0 32912 NULL +il_dbgfs_tx_stats_read_32913 il_dbgfs_tx_stats_read 3-0 32913 NULL ++add_bound_rdev_32915 add_bound_rdev 0 32915 NULL +show_32916 show 0 32916 NULL +mcp3422_show_samp_freqs_32924 mcp3422_show_samp_freqs 0 32924 NULL nohasharray +hibernate_32924 hibernate 0 32924 &mcp3422_show_samp_freqs_32924 @@ -140678,6 +141414,7 @@ index 0000000..89e8e68 +nf_nat_ipv4_local_fn_33119 nf_nat_ipv4_local_fn 0 33119 NULL nohasharray +set_beep_33119 set_beep 0-4 33119 &nf_nat_ipv4_local_fn_33119 +write_node_33121 write_node 4-0 33121 NULL ++llc_ui_sendmsg_33123 llc_ui_sendmsg 3 33123 NULL +virtual_gb_store_33126 virtual_gb_store 0-3 33126 NULL +fb_sys_write_33130 fb_sys_write 3 33130 NULL nohasharray +cxgb4_inet6addr_handler_33130 cxgb4_inet6addr_handler 0 33130 &fb_sys_write_33130 @@ -140691,6 +141428,7 @@ index 0000000..89e8e68 +bond_option_arp_ip_target_add_33152 bond_option_arp_ip_target_add 0 33152 NULL nohasharray +SyS_poll_33152 SyS_poll 2 33152 &bond_option_arp_ip_target_add_33152 +_pci_add_cap_save_buffer_33153 _pci_add_cap_save_buffer 4 33153 NULL ++packet_sendmsg_33154 packet_sendmsg 3 33154 NULL +ubifs_gc_start_commit_33160 ubifs_gc_start_commit 0 33160 NULL +regmap_spmi_ext_write_33161 regmap_spmi_ext_write 0 33161 NULL +wl1271_sta_hw_init_33163 wl1271_sta_hw_init 0 33163 NULL nohasharray @@ -140781,7 +141519,8 @@ index 0000000..89e8e68 +aic26_keyclick_set_33378 aic26_keyclick_set 0-4 33378 NULL +mem_cgroup_resize_memsw_limit_33379 mem_cgroup_resize_memsw_limit 0 33379 NULL +setsockopt_33380 setsockopt 0 33380 NULL -+hackrf_alloc_stream_bufs_33381 hackrf_alloc_stream_bufs 0 33381 NULL ++hackrf_alloc_stream_bufs_33381 hackrf_alloc_stream_bufs 0 33381 NULL nohasharray ++_find_next_bit_33381 _find_next_bit 0-2 33381 &hackrf_alloc_stream_bufs_33381 +ieee80211_if_read_dropped_frames_no_route_33383 ieee80211_if_read_dropped_frames_no_route 3-0 33383 NULL +airo_suspend_33386 airo_suspend 0 33386 NULL +bmc150_accel_setup_new_data_interrupt_33387 bmc150_accel_setup_new_data_interrupt 0 33387 NULL @@ -140865,6 +141604,7 @@ index 0000000..89e8e68 +tomoyo_read_self_33539 tomoyo_read_self 3-0 33539 NULL nohasharray +osc_max_rpcs_in_flight_seq_write_33539 osc_max_rpcs_in_flight_seq_write 3 33539 &tomoyo_read_self_33539 +bnx2_request_firmware_33540 bnx2_request_firmware 0 33540 NULL ++__acpi_device_modalias_33545 __acpi_device_modalias 0 33545 NULL +get_fan_div_33546 get_fan_div 0 33546 NULL +cx8802_buf_prepare_33547 cx8802_buf_prepare 0 33547 NULL +compat_SyS_recv_33548 compat_SyS_recv 3 33548 NULL @@ -140971,6 +141711,7 @@ index 0000000..89e8e68 +var_to_pll_33759 var_to_pll 0 33759 NULL +pccard_show_voltage_33761 pccard_show_voltage 0 33761 NULL +vifs_state_read_33762 vifs_state_read 3-0 33762 NULL ++bitmap_full_33763 bitmap_full 2 33763 NULL +ext2_xattr_user_list_33764 ext2_xattr_user_list 0-5 33764 NULL nohasharray +ext3_mark_inode_dirty_33764 ext3_mark_inode_dirty 0 33764 &ext2_xattr_user_list_33764 +hashtab_create_33769 hashtab_create 3 33769 NULL @@ -141018,6 +141759,7 @@ index 0000000..89e8e68 +bin_string_33884 bin_string 5-3 33884 NULL +get_fan1_div_33886 get_fan1_div 0 33886 NULL nohasharray +mwifiex_cmd_802_11_snmp_mib_33886 mwifiex_cmd_802_11_snmp_mib 0 33886 &get_fan1_div_33886 ++vmci_transport_dgram_dequeue_33887 vmci_transport_dgram_dequeue 3 33887 NULL +twl_request_33892 twl_request 0 33892 NULL +sis190_init_ring_33895 sis190_init_ring 0 33895 NULL nohasharray +isl29003_set_resolution_33895 isl29003_set_resolution 0 33895 &sis190_init_ring_33895 @@ -141139,7 +141881,8 @@ index 0000000..89e8e68 +skb_to_sgvec_34171 skb_to_sgvec 0 34171 NULL +xfs_attr_get_34174 xfs_attr_get 0 34174 NULL +hdcs_s_ctrl_34177 hdcs_s_ctrl 0 34177 NULL -+qla2x00_fw_dump_size_show_34180 qla2x00_fw_dump_size_show 0 34180 NULL ++qla2x00_fw_dump_size_show_34180 qla2x00_fw_dump_size_show 0 34180 NULL nohasharray ++nilfs_direct_IO_34180 nilfs_direct_IO 3 34180 &qla2x00_fw_dump_size_show_34180 +show_pci_clock_34182 show_pci_clock 0 34182 NULL +mgsl_claim_resources_34183 mgsl_claim_resources 0 34183 NULL +hidp_set_raw_report_34192 hidp_set_raw_report 4-0 34192 NULL @@ -141260,7 +142003,8 @@ index 0000000..89e8e68 +monitor_id_show_34469 monitor_id_show 0 34469 NULL nohasharray +lbs_cmd_802_11_sleep_params_34469 lbs_cmd_802_11_sleep_params 0 34469 &monitor_id_show_34469 nohasharray +dev_start_34469 dev_start 0 34469 &lbs_cmd_802_11_sleep_params_34469 -+show_34470 show 0 34470 NULL ++show_34470 show 0 34470 NULL nohasharray ++dt_gpio_count_34470 dt_gpio_count 0 34470 &show_34470 +mwifiex_regrdwr_read_34472 mwifiex_regrdwr_read 3-0 34472 NULL +sha224_ssse3_init_34474 sha224_ssse3_init 0 34474 NULL +fw_csr_string_34475 fw_csr_string 0 34475 NULL @@ -141675,6 +142419,7 @@ index 0000000..89e8e68 +link_mode_show_35372 link_mode_show 0 35372 &read_kmem_35372 +reserved_clusters_store_35375 reserved_clusters_store 0-4 35375 NULL +queue_rq_affinity_store_35376 queue_rq_affinity_store 3-0 35376 NULL ++p9_virtio_zc_request_35377 p9_virtio_zc_request 6-5 35377 NULL +snd_pcm_do_start_35380 snd_pcm_do_start 0 35380 NULL nohasharray +memcpy_from_msg_35380 memcpy_from_msg 3-0 35380 &snd_pcm_do_start_35380 +show_pwmenable_35381 show_pwmenable 0 35381 NULL @@ -141698,6 +142443,7 @@ index 0000000..89e8e68 +firm_purge_35431 firm_purge 0 35431 NULL +C_SYSC_sendfile_35432 C_SYSC_sendfile 4 35432 NULL nohasharray +pep_init_35432 pep_init 0 35432 &C_SYSC_sendfile_35432 ++__set_test_and_free_35436 __set_test_and_free 2 35436 NULL +dwc3_gadget_set_xfer_resource_35437 dwc3_gadget_set_xfer_resource 0 35437 NULL nohasharray +set_num_temp_sensors_35437 set_num_temp_sensors 0-4 35437 &dwc3_gadget_set_xfer_resource_35437 +buffer_to_user_35439 buffer_to_user 3 35439 NULL @@ -141784,7 +142530,9 @@ index 0000000..89e8e68 +cfq_fifo_expire_async_store_35650 cfq_fifo_expire_async_store 3-0 35650 NULL nohasharray +mlx4_en_get_sset_count_35650 mlx4_en_get_sset_count 0 35650 &cfq_fifo_expire_async_store_35650 +spi_register_board_info_35651 spi_register_board_info 2 35651 NULL ++usb_dmac_desc_get_35654 usb_dmac_desc_get 2 35654 NULL +show_sched5_35655 show_sched5 0 35655 NULL ++blkdev_direct_IO_35665 blkdev_direct_IO 3 35665 NULL +regmap_update_bits_35668 regmap_update_bits 0 35668 NULL +request_lock_35670 request_lock 0 35670 NULL +bh1770_lux_calib_show_35671 bh1770_lux_calib_show 0 35671 NULL @@ -141804,7 +142552,8 @@ index 0000000..89e8e68 +sctp_listen_start_35709 sctp_listen_start 0 35709 NULL +toshiba_panel_power_on_get_35719 toshiba_panel_power_on_get 0 35719 NULL +bnx2_change_mac_addr_35722 bnx2_change_mac_addr 0 35722 NULL -+i2c_smbus_write_block_data_35723 i2c_smbus_write_block_data 0 35723 NULL ++i2c_smbus_write_block_data_35723 i2c_smbus_write_block_data 0 35723 NULL nohasharray ++mv88e6xxx_phy_page_write_35723 mv88e6xxx_phy_page_write 0 35723 &i2c_smbus_write_block_data_35723 +mlx4_internal_err_ret_value_35725 mlx4_internal_err_ret_value 0 35725 NULL +vfio_fops_read_35733 vfio_fops_read 0-3 35733 NULL +ipr_copy_ucode_buffer_35736 ipr_copy_ucode_buffer 0 35736 NULL @@ -141846,6 +142595,7 @@ index 0000000..89e8e68 +cgroup_file_write_35828 cgroup_file_write 0-3 35828 NULL +log_debug_write_35845 log_debug_write 3-0 35845 NULL +mp_set_gsi_attr_35852 mp_set_gsi_attr 1 35852 NULL ++unix_seqpacket_sendmsg_35853 unix_seqpacket_sendmsg 3 35853 NULL +tx_tx_cmplt_read_35854 tx_tx_cmplt_read 3-0 35854 NULL +wl3501_open_35855 wl3501_open 0 35855 NULL +mthca_buf_alloc_35861 mthca_buf_alloc 2 35861 NULL @@ -141933,6 +142683,7 @@ index 0000000..89e8e68 +page_action_36038 page_action 0 36038 &iscsi_nacl_attrib_show_random_datain_pdu_offsets_36038 +num_arg_36039 num_arg 0 36039 NULL +wm8739_s_ctrl_36040 wm8739_s_ctrl 0 36040 NULL ++i915_gem_object_do_pin_36045 i915_gem_object_do_pin 0 36045 NULL +init_36051 init 0 36051 NULL +at86rf230_set_promiscuous_mode_36052 at86rf230_set_promiscuous_mode 0 36052 NULL +snd_usb_caiaq_set_audio_params_36057 snd_usb_caiaq_set_audio_params 0 36057 NULL nohasharray @@ -142025,6 +142776,7 @@ index 0000000..89e8e68 +atomic_stats_read_36228 atomic_stats_read 3-0 36228 NULL +wil_agg_size_36229 wil_agg_size 0-2 36229 NULL nohasharray +wl1273_fm_start_36229 wl1273_fm_start 0 36229 &wil_agg_size_36229 ++irda_recvmsg_stream_36232 irda_recvmsg_stream 3 36232 NULL +__padata_remove_cpu_36235 __padata_remove_cpu 0 36235 NULL +ping_bind_36236 ping_bind 0 36236 NULL +viafb_iga1_odev_proc_write_36241 viafb_iga1_odev_proc_write 3-0 36241 NULL @@ -142052,11 +142804,13 @@ index 0000000..89e8e68 +bind_mode_show_36286 bind_mode_show 0 36286 NULL +aac_show_reset_adapter_36289 aac_show_reset_adapter 0 36289 NULL +nf_nat_ipv6_out_36291 nf_nat_ipv6_out 0 36291 NULL ++arch_mmap_rnd_36293 arch_mmap_rnd 0 36293 NULL +asix_write_rx_ctl_36295 asix_write_rx_ctl 0 36295 NULL +do_set_fan_div_36299 do_set_fan_div 0 36299 NULL +lpfc_debugfs_dif_err_read_36303 lpfc_debugfs_dif_err_read 3-0 36303 NULL +show_in_min3_36304 show_in_min3 0 36304 NULL -+l2cap_validate_le_psm_36306 l2cap_validate_le_psm 0 36306 NULL ++l2cap_validate_le_psm_36306 l2cap_validate_le_psm 0 36306 NULL nohasharray ++unix_stream_recvmsg_36306 unix_stream_recvmsg 3 36306 &l2cap_validate_le_psm_36306 +target_core_alua_tg_pt_gp_store_attr_alua_access_type_36308 target_core_alua_tg_pt_gp_store_attr_alua_access_type 0-3 36308 NULL +ad7879_spi_xfer_36311 ad7879_spi_xfer 3 36311 NULL +qla2x00_vlan_id_show_36314 qla2x00_vlan_id_show 0 36314 NULL @@ -142141,6 +142895,7 @@ index 0000000..89e8e68 +__hwahc_op_set_ptk_36510 __hwahc_op_set_ptk 5 36510 NULL +mcam_v4l_read_36513 mcam_v4l_read 3-0 36513 NULL +_iwl_dbgfs_fw_nmi_write_36515 _iwl_dbgfs_fw_nmi_write 3-0 36515 NULL ++pnfs_sync_inode_36519 pnfs_sync_inode 0 36519 NULL +ieee80211_if_read_fwded_frames_36520 ieee80211_if_read_fwded_frames 3-0 36520 NULL +it8761e_gpio_direction_out_36528 it8761e_gpio_direction_out 0 36528 NULL +lguest_setup_irq_36531 lguest_setup_irq 1 36531 NULL @@ -142205,7 +142960,8 @@ index 0000000..89e8e68 +ktti_read_regr_36658 ktti_read_regr 0 36658 NULL +pss_coproc_open_36662 pss_coproc_open 0 36662 NULL +osd_req_list_collection_objects_36664 osd_req_list_collection_objects 5 36664 NULL nohasharray -+ip6_pkt_prohibit_out_36664 ip6_pkt_prohibit_out 0 36664 &osd_req_list_collection_objects_36664 ++ip6_pkt_prohibit_out_36664 ip6_pkt_prohibit_out 0 36664 &osd_req_list_collection_objects_36664 nohasharray ++mgmt_send_event_36664 mgmt_send_event 5 36664 &ip6_pkt_prohibit_out_36664 +snd_pcsp_trigger_36665 snd_pcsp_trigger 0 36665 NULL +iscsi_host_alloc_36671 iscsi_host_alloc 2 36671 NULL nohasharray +get_temp_input_36671 get_temp_input 0 36671 &iscsi_host_alloc_36671 @@ -142314,13 +143070,15 @@ index 0000000..89e8e68 +set_green_36904 set_green 0-4 36904 &wm831x_auxadc_read_36904 +lm3533_als_get_target_36905 lm3533_als_get_target 0 36905 NULL +show_fnode_chap_auth_36909 show_fnode_chap_auth 0 36909 NULL nohasharray -+send_next_seg_36909 send_next_seg 0 36909 &show_fnode_chap_auth_36909 ++send_next_seg_36909 send_next_seg 0 36909 &show_fnode_chap_auth_36909 nohasharray ++packet_sendmsg_spkt_36909 packet_sendmsg_spkt 3 36909 &send_next_seg_36909 +zl10036_read_status_reg_36910 zl10036_read_status_reg 0 36910 NULL nohasharray +set_mandatory_rates_36910 set_mandatory_rates 0 36910 &zl10036_read_status_reg_36910 +cuse_read_36920 cuse_read 0-3 36920 NULL +show_counter_rx_p2_hdr_egr_ovfls_36924 show_counter_rx_p2_hdr_egr_ovfls 0 36924 NULL nohasharray +data_sock_getname_36924 data_sock_getname 0 36924 &show_counter_rx_p2_hdr_egr_ovfls_36924 +store_lid_36925 store_lid 0-4 36925 NULL ++copy_batch_36927 copy_batch 3-4 36927 NULL +netxen_sysfs_read_dimm_36930 netxen_sysfs_read_dimm 0-5-6 36930 NULL +queue_rq_affinity_show_36934 queue_rq_affinity_show 0 36934 NULL +clock_name_show_36935 clock_name_show 0 36935 NULL nohasharray @@ -142391,12 +143149,14 @@ index 0000000..89e8e68 +_iwl_dbgfs_bcast_filters_macs_write_37069 _iwl_dbgfs_bcast_filters_macs_write 3-0 37069 NULL +ql_get_sset_count_37070 ql_get_sset_count 0 37070 NULL +vmci_transport_send_wrote_37072 vmci_transport_send_wrote 0 37072 NULL nohasharray -+logfs_write_rec_37072 logfs_write_rec 0 37072 &vmci_transport_send_wrote_37072 ++logfs_write_rec_37072 logfs_write_rec 0 37072 &vmci_transport_send_wrote_37072 nohasharray ++vmap_batch_37072 vmap_batch 2-3 37072 &logfs_write_rec_37072 +uhci_submit_bulk_37073 uhci_submit_bulk 0 37073 NULL +ath10k_spectral_scan_config_37075 ath10k_spectral_scan_config 0 37075 NULL +SYSC_setxattr_37078 SYSC_setxattr 4 37078 NULL +parse_command_37079 parse_command 2-0 37079 NULL +drm_mode_create_rotation_property_37082 drm_mode_create_rotation_property 2 37082 NULL ++ll_direct_IO_26_37083 ll_direct_IO_26 3 37083 NULL +resize_37084 resize 0 37084 NULL +pipeline_cs_rx_packet_in_read_37089 pipeline_cs_rx_packet_in_read 3-0 37089 NULL nohasharray +show_fcstat_loss_of_sync_count_37089 show_fcstat_loss_of_sync_count 0 37089 &pipeline_cs_rx_packet_in_read_37089 @@ -142522,7 +143282,8 @@ index 0000000..89e8e68 +compat_SyS_fcntl_37376 compat_SyS_fcntl 3 37376 NULL +xcan_open_37377 xcan_open 0 37377 NULL +sched_domains_numa_masks_update_37380 sched_domains_numa_masks_update 0 37380 NULL -+queue_discard_zeroes_data_show_37381 queue_discard_zeroes_data_show 0 37381 NULL ++queue_discard_zeroes_data_show_37381 queue_discard_zeroes_data_show 0 37381 NULL nohasharray ++gfs2_direct_IO_37381 gfs2_direct_IO 3 37381 &queue_discard_zeroes_data_show_37381 +mmc_raw_rpmb_size_mult_show_37385 mmc_raw_rpmb_size_mult_show 0 37385 NULL nohasharray +setup_bd_list_xfr_37385 setup_bd_list_xfr 0 37385 &mmc_raw_rpmb_size_mult_show_37385 +iommu_num_pages_37391 iommu_num_pages 0-2-3-1 37391 NULL @@ -142536,7 +143297,7 @@ index 0000000..89e8e68 +max14577_set_fast_charge_timer_37418 max14577_set_fast_charge_timer 0 37418 &sys_getxattr_37418 +hci_sock_sendmsg_37420 hci_sock_sendmsg 4-0 37420 NULL +acpi_os_allocate_zeroed_37422 acpi_os_allocate_zeroed 1 37422 NULL nohasharray -+find_next_bit_37422 find_next_bit 0 37422 &acpi_os_allocate_zeroed_37422 ++find_next_bit_37422 find_next_bit 0-2 37422 &acpi_os_allocate_zeroed_37422 +tty_insert_flip_string_fixed_flag_37428 tty_insert_flip_string_fixed_flag 4-0 37428 NULL nohasharray +it8712f_wdt_notify_37428 it8712f_wdt_notify 0 37428 &tty_insert_flip_string_fixed_flag_37428 +iwl_print_last_event_logs_37433 iwl_print_last_event_logs 7-9-0 37433 NULL @@ -142612,7 +143373,8 @@ index 0000000..89e8e68 +bonding_show_updelay_37620 bonding_show_updelay 0 37620 NULL nohasharray +node_read_meminfo_37620 node_read_meminfo 0 37620 &bonding_show_updelay_37620 +SYSC_mbind_37622 SYSC_mbind 5 37622 NULL -+cdc_ncm_show_dwNtbOutMaxSize_37627 cdc_ncm_show_dwNtbOutMaxSize 0 37627 NULL ++cdc_ncm_show_dwNtbOutMaxSize_37627 cdc_ncm_show_dwNtbOutMaxSize 0 37627 NULL nohasharray ++aio_run_iocb_37627 aio_run_iocb 4 37627 &cdc_ncm_show_dwNtbOutMaxSize_37627 +rd_byte_37632 rd_byte 0 37632 NULL +os_desc_b_vendor_code_store_37633 os_desc_b_vendor_code_store 0-3 37633 NULL +__hw_addr_add_37635 __hw_addr_add 0 37635 NULL @@ -142732,6 +143494,7 @@ index 0000000..89e8e68 +pkt_alloc_packet_data_37928 pkt_alloc_packet_data 1 37928 NULL nohasharray +_rtw_malloc_37928 _rtw_malloc 1 37928 &pkt_alloc_packet_data_37928 +set_pwmchan_37930 set_pwmchan 0-4 37930 NULL ++security_inode_getattr_37932 security_inode_getattr 0 37932 NULL +toshiba_accelerometer_get_37934 toshiba_accelerometer_get 0 37934 NULL +ath5k_attr_store_spur_level_37935 ath5k_attr_store_spur_level 0-4 37935 NULL +read_rbu_packet_size_37939 read_rbu_packet_size 6-0-5 37939 NULL nohasharray @@ -142761,6 +143524,7 @@ index 0000000..89e8e68 +isl1208_sysfs_show_usr_37987 isl1208_sysfs_show_usr 0 37987 NULL +rds_rdma_extra_size_37990 rds_rdma_extra_size 0 37990 NULL nohasharray +netxen_nic_change_mtu_37990 netxen_nic_change_mtu 0 37990 &rds_rdma_extra_size_37990 ++aio_setup_vectored_rw_37994 aio_setup_vectored_rw 3 37994 NULL +of_regulator_match_37995 of_regulator_match 0 37995 NULL +persistent_ram_old_size_37997 persistent_ram_old_size 0 37997 NULL nohasharray +fm10k_update_vid_37997 fm10k_update_vid 0 37997 &persistent_ram_old_size_37997 @@ -142839,6 +143603,7 @@ index 0000000..89e8e68 +bonding_show_active_slave_38152 bonding_show_active_slave 0 38152 NULL +__ntfs_copy_from_user_iovec_inatomic_38153 __ntfs_copy_from_user_iovec_inatomic 0-4-3 38153 NULL +gss_import_sec_context_38154 gss_import_sec_context 0 38154 NULL ++vcc_recvmsg_38166 vcc_recvmsg 3 38166 NULL +fbcon_fb_unregistered_38168 fbcon_fb_unregistered 0 38168 NULL +snd_ca0106_pcm_trigger_capture_38169 snd_ca0106_pcm_trigger_capture 0 38169 NULL nohasharray +amb_open_38169 amb_open 0 38169 &snd_ca0106_pcm_trigger_capture_38169 @@ -142924,7 +143689,8 @@ index 0000000..89e8e68 +ql_set_mac_addr_reg_38341 ql_set_mac_addr_reg 0 38341 NULL +pm8001_ctl_mpi_interface_rev_show_38342 pm8001_ctl_mpi_interface_rev_show 0 38342 NULL +sisusb_write_memio_byte_38343 sisusb_write_memio_byte 0 38343 NULL -+iscsi_stat_sess_show_attr_conn_timeout_errors_38346 iscsi_stat_sess_show_attr_conn_timeout_errors 0 38346 NULL ++iscsi_stat_sess_show_attr_conn_timeout_errors_38346 iscsi_stat_sess_show_attr_conn_timeout_errors 0 38346 NULL nohasharray ++nf_hook_thresh_38346 nf_hook_thresh 0 38346 &iscsi_stat_sess_show_attr_conn_timeout_errors_38346 +af9005_write_tuner_registers_38347 af9005_write_tuner_registers 0 38347 NULL +snd_hda_add_pincfg_38354 snd_hda_add_pincfg 0 38354 NULL +security_getxattr_38355 security_getxattr 0 38355 NULL @@ -143007,12 +143773,14 @@ index 0000000..89e8e68 +prepare_header95_38540 prepare_header95 0 38540 NULL +jffs2_user_getxattr_38541 jffs2_user_getxattr 0 38541 NULL +btrfs_discard_extent_38547 btrfs_discard_extent 2 38547 NULL -+xs_error_38560 xs_error 0 38560 NULL ++xs_error_38560 xs_error 0 38560 NULL nohasharray ++tcp_sendmsg_38560 tcp_sendmsg 3 38560 &xs_error_38560 +irda_sendmsg_dgram_38563 irda_sendmsg_dgram 4-0 38563 NULL +il4965_rs_sta_dbgfs_scale_table_read_38564 il4965_rs_sta_dbgfs_scale_table_read 3-0 38564 NULL nohasharray +iscsi_stat_login_show_attr_authorize_fails_38564 iscsi_stat_login_show_attr_authorize_fails 0 38564 &il4965_rs_sta_dbgfs_scale_table_read_38564 +snd_nm256_playback_copy_38567 snd_nm256_playback_copy 5 38567 NULL nohasharray +sr9700_get_eeprom_len_38567 sr9700_get_eeprom_len 0 38567 &snd_nm256_playback_copy_38567 ++skcipher_sendmsg_38570 skcipher_sendmsg 3 38570 NULL +zd_reg2alpha2_38572 zd_reg2alpha2 0 38572 NULL +srp_create_target_38575 srp_create_target 0-4 38575 NULL +copy_ctl_value_to_user_38587 copy_ctl_value_to_user 4 38587 NULL @@ -143093,6 +143861,7 @@ index 0000000..89e8e68 +p9_mount_tag_show_38744 p9_mount_tag_show 0 38744 NULL nohasharray +extlog_print_38744 extlog_print 0 38744 &p9_mount_tag_show_38744 +clear_intrusion_38745 clear_intrusion 0-4 38745 NULL ++btusb_qca_send_vendor_req_38746 btusb_qca_send_vendor_req 4 38746 NULL +microcode_write_38754 microcode_write 0-3 38754 NULL +netxen_nic_get_eeprom_len_38756 netxen_nic_get_eeprom_len 0 38756 NULL +get_fan_rpm_38760 get_fan_rpm 0 38760 NULL nohasharray @@ -143188,7 +143957,8 @@ index 0000000..89e8e68 +wp512_init_38975 wp512_init 0 38975 NULL +usb_maxpacket_38977 usb_maxpacket 0 38977 NULL nohasharray +adfs_fplus_read_38977 adfs_fplus_read 0 38977 &usb_maxpacket_38977 -+addr_assign_type_show_38978 addr_assign_type_show 0 38978 NULL ++addr_assign_type_show_38978 addr_assign_type_show 0 38978 NULL nohasharray ++iwl_mvm_init_fw_regd_38978 iwl_mvm_init_fw_regd 0 38978 &addr_assign_type_show_38978 +_iommu_cpumask_show_38985 _iommu_cpumask_show 0 38985 NULL +OSDSetBlock_38986 OSDSetBlock 2-4 38986 NULL nohasharray +pti_tty_write_room_38986 pti_tty_write_room 0 38986 &OSDSetBlock_38986 @@ -143196,6 +143966,7 @@ index 0000000..89e8e68 +intel_nontranslate_map_sg_38992 intel_nontranslate_map_sg 0-3 38992 NULL +bio_clone_range_38997 bio_clone_range 2 38997 NULL +lpfc_idiag_extacc_write_38998 lpfc_idiag_extacc_write 3-0 38998 NULL ++udf_new_block_38999 udf_new_block 4 38999 NULL +bh1770_set_lux_thresh_39000 bh1770_set_lux_thresh 0 39000 NULL +mmio16write__write_file_39001 mmio16write__write_file 0 39001 NULL +systemid_show_39002 systemid_show 0 39002 NULL @@ -143220,7 +143991,8 @@ index 0000000..89e8e68 +write_battery_life_extender_39045 write_battery_life_extender 0 39045 NULL +wl18xx_trigger_cmd_39046 wl18xx_trigger_cmd 0 39046 NULL +power_limit_1_tmax_us_show_39050 power_limit_1_tmax_us_show 0 39050 NULL -+do_write_kmem_39051 do_write_kmem 0-1-3 39051 NULL ++do_write_kmem_39051 do_write_kmem 0-1-3 39051 NULL nohasharray ++log_writes_status_39051 log_writes_status 5 39051 &do_write_kmem_39051 +__wil_up_39052 __wil_up 0 39052 NULL +get_component_status_39053 get_component_status 0 39053 NULL +gen10g_read_status_39059 gen10g_read_status 0 39059 NULL @@ -143245,6 +144017,7 @@ index 0000000..89e8e68 +avoid_reset_quirk_show_39119 avoid_reset_quirk_show 0 39119 NULL +__kfifo_to_user_r_39123 __kfifo_to_user_r 3-5 39123 NULL +saa711x_set_size_39124 saa711x_set_size 0 39124 NULL ++l2tp_ip6_recvmsg_39130 l2tp_ip6_recvmsg 3 39130 NULL +snd_vt1724_pcm_trigger_39131 snd_vt1724_pcm_trigger 0 39131 NULL +ea_foreach_39133 ea_foreach 0 39133 NULL +snd_pcm_plug_format_plugins_39136 snd_pcm_plug_format_plugins 0 39136 NULL @@ -143265,6 +144038,7 @@ index 0000000..89e8e68 +msr_device_create_39175 msr_device_create 0 39175 NULL +vpe_buf_prepare_39183 vpe_buf_prepare 0 39183 NULL +wl1271_cmd_data_path_39185 wl1271_cmd_data_path 0 39185 NULL ++snd_hda_codec_parse_pcms_39188 snd_hda_codec_parse_pcms 0 39188 NULL +ubi_more_update_data_39189 ubi_more_update_data 4-0 39189 NULL +soc_camera_platform_s_stream_39190 soc_camera_platform_s_stream 0 39190 NULL nohasharray +quota_scale_store_39190 quota_scale_store 0-3 39190 &soc_camera_platform_s_stream_39190 @@ -143332,6 +144106,7 @@ index 0000000..89e8e68 +adp8860_store_39328 adp8860_store 0-3 39328 NULL +target_core_dev_attrib_attr_show_39329 target_core_dev_attrib_attr_show 0 39329 NULL +flex_array_prealloc_39330 flex_array_prealloc 0 39330 NULL ++drm_dp_i2c_drain_msg_39331 drm_dp_i2c_drain_msg 0 39331 NULL +gmbus_xfer_39341 gmbus_xfer 0-3 39341 NULL +xen_hvm_setup_msi_irqs_39342 xen_hvm_setup_msi_irqs 2 39342 NULL +wimax_msg_alloc_39343 wimax_msg_alloc 4 39343 NULL @@ -143403,7 +144178,8 @@ index 0000000..89e8e68 +rtnl_port_size_39551 rtnl_port_size 0 39551 NULL +pp_write_39554 pp_write 3-0 39554 NULL nohasharray +sr_write_cmd_39554 sr_write_cmd 5-0 39554 &pp_write_39554 -+sis630_block_data_39556 sis630_block_data 0 39556 NULL ++sis630_block_data_39556 sis630_block_data 0 39556 NULL nohasharray ++set_pcm_default_values_39556 set_pcm_default_values 0 39556 &sis630_block_data_39556 +ol_dqblk_block_39558 ol_dqblk_block 2 39558 NULL +cpulistaffinity_show_39560 cpulistaffinity_show 0 39560 NULL nohasharray +uhid_dev_input2_39560 uhid_dev_input2 0 39560 &cpulistaffinity_show_39560 nohasharray @@ -143567,6 +144343,7 @@ index 0000000..89e8e68 +bh1770_set_lux_rate_39960 bh1770_set_lux_rate 0-4 39960 NULL +bh1770_get_prox_rate_avail_39962 bh1770_get_prox_rate_avail 0 39962 NULL +prepare_39963 prepare 0 39963 NULL ++mv88e6xxx_phy_write_indirect_39966 mv88e6xxx_phy_write_indirect 2 39966 NULL +bio_chain_clone_range_39967 bio_chain_clone_range 3 39967 NULL +selinux_audit_rule_init_39969 selinux_audit_rule_init 0 39969 NULL +fmvj18x_resume_39970 fmvj18x_resume 0 39970 NULL @@ -143625,6 +144402,7 @@ index 0000000..89e8e68 +netlink_broadcast_filtered_40105 netlink_broadcast_filtered 0 40105 NULL +xfs_rtbuf_get_40107 xfs_rtbuf_get 0 40107 NULL +gen_pool_first_fit_40110 gen_pool_first_fit 2-3-4 40110 NULL ++snd_soc_dapm_new_pcm_40119 snd_soc_dapm_new_pcm 3 40119 NULL +sctp_setsockopt_delayed_ack_40129 sctp_setsockopt_delayed_ack 3-0 40129 NULL nohasharray +lp3971_i2c_read_40129 lp3971_i2c_read 0 40129 &sctp_setsockopt_delayed_ack_40129 nohasharray +cachefiles_daemon_tag_40129 cachefiles_daemon_tag 0 40129 &lp3971_i2c_read_40129 @@ -143660,6 +144438,7 @@ index 0000000..89e8e68 +allocate_probes_40204 allocate_probes 1 40204 NULL +selinux_socket_recvmsg_40208 selinux_socket_recvmsg 0 40208 NULL +ecryptfs_inode_newsize_ok_40210 ecryptfs_inode_newsize_ok 0 40210 NULL ++generic_exec_single_40212 generic_exec_single 0 40212 NULL +_nfs4_do_fsinfo_40215 _nfs4_do_fsinfo 0 40215 NULL +sync_cached_firmware_buf_40217 sync_cached_firmware_buf 0 40217 NULL +i40e_get_sset_count_40218 i40e_get_sset_count 0 40218 NULL @@ -143688,6 +144467,7 @@ index 0000000..89e8e68 +pcnet_suspend_40283 pcnet_suspend 0 40283 &rx_xfr_hint_trig_read_40283 +ad7877_dac_store_40285 ad7877_dac_store 0-4 40285 NULL +il_dbgfs_ucode_rx_stats_read_40286 il_dbgfs_ucode_rx_stats_read 0-3 40286 NULL ++ashmem_read_40287 ashmem_read 3 40287 NULL +tracing_thresh_read_40295 tracing_thresh_read 3 40295 NULL +dn_confirm_accept_40296 dn_confirm_accept 0 40296 NULL nohasharray +aat2870_ldo_is_enabled_40296 aat2870_ldo_is_enabled 0 40296 &dn_confirm_accept_40296 @@ -143696,6 +144476,7 @@ index 0000000..89e8e68 +SyS_bind_40303 SyS_bind 3 40303 NULL +ubi_io_write_data_40305 ubi_io_write_data 4-5-0 40305 NULL nohasharray +device_online_40305 device_online 0 40305 &ubi_io_write_data_40305 ++mv88e6xxx_phy_page_read_40309 mv88e6xxx_phy_page_read 0 40309 NULL +wm8350_rtc_readtime_40313 wm8350_rtc_readtime 0 40313 NULL +vlan_device_event_40315 vlan_device_event 0 40315 NULL +prepare_40316 prepare 0 40316 NULL @@ -143936,6 +144717,7 @@ index 0000000..89e8e68 +kmx61_set_mode_40839 kmx61_set_mode 0 40839 NULL +show_in_status_40844 show_in_status 0 40844 NULL nohasharray +can_rx_register_40844 can_rx_register 0 40844 &show_in_status_40844 ++test_smp_read_40845 test_smp_read 3 40845 NULL +nilfs_mdt_init_40849 nilfs_mdt_init 3 40849 NULL +isku_sysfs_write_keys_thumbster_40851 isku_sysfs_write_keys_thumbster 6-0-5 40851 NULL nohasharray +udp_lib_setsockopt_40851 udp_lib_setsockopt 0 40851 &isku_sysfs_write_keys_thumbster_40851 nohasharray @@ -143954,6 +144736,7 @@ index 0000000..89e8e68 +i7core_inject_eccmask_show_40872 i7core_inject_eccmask_show 0 40872 NULL +atomic_add_unless_40873 atomic_add_unless 0 40873 NULL +snd_cx88_card_trigger_40885 snd_cx88_card_trigger 0 40885 NULL ++iwl_mvm_start_fw_dbg_conf_40886 iwl_mvm_start_fw_dbg_conf 0 40886 NULL +wl12xx_cmd_build_probe_req_40888 wl12xx_cmd_build_probe_req 6-10-8 40888 NULL +init_vbus_channel_40889 init_vbus_channel 1-2 40889 NULL +store_global_beep_40893 store_global_beep 0-4 40893 NULL @@ -144041,6 +144824,7 @@ index 0000000..89e8e68 +ks8995_write_41066 ks8995_write 0-4 41066 NULL +recovery_start_show_41070 recovery_start_show 0 41070 NULL nohasharray +ims_pcu_ofn_bit_show_41070 ims_pcu_ofn_bit_show 0 41070 &recovery_start_show_41070 ++raw_recvmsg_41073 raw_recvmsg 3 41073 NULL +sc_only_mode_read_41076 sc_only_mode_read 3-0 41076 NULL nohasharray +usbvision_write_reg_41076 usbvision_write_reg 0 41076 &sc_only_mode_read_41076 +cfg80211_inform_bss_frame_41078 cfg80211_inform_bss_frame 4 41078 NULL @@ -144146,6 +144930,7 @@ index 0000000..89e8e68 +cnic_init_id_tbl_41354 cnic_init_id_tbl 2 41354 NULL nohasharray +show_temp_low_41354 show_temp_low 0 41354 &cnic_init_id_tbl_41354 nohasharray +hsit_s_stream_41354 hsit_s_stream 0 41354 &show_temp_low_41354 ++__cfg80211_alloc_vendor_skb_41356 __cfg80211_alloc_vendor_skb 3 41356 NULL +jbd2_alloc_41359 jbd2_alloc 1 41359 NULL +kovaplus_sysfs_show_actual_cpi_41367 kovaplus_sysfs_show_actual_cpi 0 41367 NULL +max16065_show_alarm_41372 max16065_show_alarm 0 41372 NULL nohasharray @@ -144206,6 +144991,7 @@ index 0000000..89e8e68 +dev_rescan_store_41481 dev_rescan_store 0-4 41481 NULL +rndis_proc_write_41483 rndis_proc_write 0-3 41483 NULL nohasharray +udc_bind_to_driver_41483 udc_bind_to_driver 0 41483 &rndis_proc_write_41483 ++rocker_port_fwd_enable_41484 rocker_port_fwd_enable 0 41484 NULL +ip1001_config_init_41490 ip1001_config_init 0 41490 NULL +wep_interrupt_read_41492 wep_interrupt_read 3-0 41492 NULL +btrfs_setsize_41495 btrfs_setsize 0 41495 NULL @@ -144258,7 +145044,8 @@ index 0000000..89e8e68 +rng_dev_read_41581 rng_dev_read 3-0 41581 NULL nohasharray +wl12xx_sdio_raw_write_41581 wl12xx_sdio_raw_write 0 41581 &rng_dev_read_41581 +bnx2x_vfpf_init_41583 bnx2x_vfpf_init 0 41583 NULL -+security_task_setnice_41584 security_task_setnice 0 41584 NULL ++security_task_setnice_41584 security_task_setnice 0 41584 NULL nohasharray ++mv88e6xxx_wait_41584 mv88e6xxx_wait 0 41584 &security_task_setnice_41584 +nfsd_readv_41585 nfsd_readv 4 41585 NULL +drbd_send_command_41586 drbd_send_command 4-6 41586 NULL +batadv_tvlv_container_ogm_append_41588 batadv_tvlv_container_ogm_append 4 41588 NULL @@ -144351,6 +145138,7 @@ index 0000000..89e8e68 +SyS_bpf_41770 SyS_bpf 3 41770 &blk_mq_hw_sysfs_run_show_41770 +mmc_sdio_power_restore_41772 mmc_sdio_power_restore 0 41772 NULL +brcmf_cfg80211_vndr_cmds_dcmd_handler_41776 brcmf_cfg80211_vndr_cmds_dcmd_handler 4 41776 NULL ++x25_recvmsg_41793 x25_recvmsg 3 41793 NULL +iwl_dbgfs_bt_notif_read_41794 iwl_dbgfs_bt_notif_read 3-0 41794 NULL +flash_dev_run_41795 flash_dev_run 0 41795 NULL +nilfs_sufile_alloc_41798 nilfs_sufile_alloc 0 41798 NULL @@ -144551,7 +145339,7 @@ index 0000000..89e8e68 +resources_store_42255 resources_store 0-4 42255 NULL +netxen_nic_map_indirect_address_128M_42257 netxen_nic_map_indirect_address_128M 2 42257 NULL nohasharray +amd5536_udc_start_42257 amd5536_udc_start 0 42257 &netxen_nic_map_indirect_address_128M_42257 -+find_last_bit_42260 find_last_bit 0 42260 NULL ++find_last_bit_42260 find_last_bit 0-2 42260 NULL +show_fc_host_port_name_42264 show_fc_host_port_name 0 42264 NULL +ctnetlink_proto_size_42270 ctnetlink_proto_size 0 42270 NULL +__pcpu_size_to_slot_42271 __pcpu_size_to_slot 0 42271 NULL @@ -144660,7 +145448,8 @@ index 0000000..89e8e68 +sys_vmsplice_42533 sys_vmsplice 3 42533 &snd_emux_create_port_42533 +sdev_store_evt_capacity_change_reported_42538 sdev_store_evt_capacity_change_reported 0-4 42538 NULL +mtip_hw_submit_io_42539 mtip_hw_submit_io 4 42539 NULL -+mt9m111_set_hvflip_42542 mt9m111_set_hvflip 0 42542 NULL ++mt9m111_set_hvflip_42542 mt9m111_set_hvflip 0 42542 NULL nohasharray ++smk_read_unconfined_42542 smk_read_unconfined 3 42542 &mt9m111_set_hvflip_42542 +__wa_xfer_setup_42543 __wa_xfer_setup 0 42543 NULL nohasharray +__register_ftrace_function_42543 __register_ftrace_function 0 42543 &__wa_xfer_setup_42543 +dbAllocNear_42546 dbAllocNear 0 42546 NULL @@ -144696,13 +145485,14 @@ index 0000000..89e8e68 +rt2500pci_set_device_state_42620 rt2500pci_set_device_state 0 42620 NULL nohasharray +vlan_dev_open_42620 vlan_dev_open 0 42620 &rt2500pci_set_device_state_42620 +secinfo_parse_42624 secinfo_parse 0 42624 NULL -+mv88e6xxx_phy_read_42625 mv88e6xxx_phy_read 0 42625 NULL ++mv88e6xxx_phy_read_42625 mv88e6xxx_phy_read 0-2 42625 NULL +sys_move_pages_42626 sys_move_pages 2 42626 NULL nohasharray +map_show_42626 map_show 0 42626 &sys_move_pages_42626 +xfs_attr_leaf_removename_42629 xfs_attr_leaf_removename 0 42629 NULL +crypto_ahash_walk_first_42630 crypto_ahash_walk_first 0 42630 NULL +snd_hwdep_dev_register_42632 snd_hwdep_dev_register 0 42632 NULL +ieee80211_if_fmt_dot11MeshHWMPactivePathTimeout_42635 ieee80211_if_fmt_dot11MeshHWMPactivePathTimeout 3 42635 NULL ++iommu_tbl_range_alloc_42638 iommu_tbl_range_alloc 5-3-6 42638 NULL +b43legacy_wireless_core_init_42640 b43legacy_wireless_core_init 0 42640 NULL +br_mdb_rehash_42643 br_mdb_rehash 2 42643 NULL +num_controllers_42644 num_controllers 0 42644 NULL @@ -145021,7 +145811,8 @@ index 0000000..89e8e68 +set_peripheral_43353 set_peripheral 0 43353 NULL +gart_free_coherent_43362 gart_free_coherent 2-4 43362 NULL +may_create_key_43363 may_create_key 0 43363 NULL -+pm_print_times_show_43364 pm_print_times_show 0 43364 NULL ++pm_print_times_show_43364 pm_print_times_show 0 43364 NULL nohasharray ++btrfs_check_data_free_space_43364 btrfs_check_data_free_space 0 43364 &pm_print_times_show_43364 +pn_init_43370 pn_init 0 43370 NULL +proc_sys_permission_43371 proc_sys_permission 0 43371 NULL nohasharray +bnad_tx_msix_register_43371 bnad_tx_msix_register 0 43371 &proc_sys_permission_43371 @@ -145101,7 +145892,8 @@ index 0000000..89e8e68 +ll_direct_IO_26_43530 ll_direct_IO_26 4 43530 &alloc_instance_buffer_43530 +dvb_ca_en50221_io_write_43533 dvb_ca_en50221_io_write 3-0 43533 NULL nohasharray +core_scsi3_alloc_aptpl_registration_43533 core_scsi3_alloc_aptpl_registration 0 43533 &dvb_ca_en50221_io_write_43533 -+read_events_43534 read_events 3 43534 NULL ++read_events_43534 read_events 3 43534 NULL nohasharray ++pdu_write_u_43534 pdu_write_u 3 43534 &read_events_43534 +cachefiles_daemon_write_43535 cachefiles_daemon_write 3-0 43535 NULL +xfs_qm_vop_chown_reserve_43536 xfs_qm_vop_chown_reserve 0 43536 NULL +store_43537 store 0-3 43537 NULL @@ -145388,10 +146180,12 @@ index 0000000..89e8e68 +mptscsih_change_queue_depth_44196 mptscsih_change_queue_depth 2-0 44196 NULL nohasharray +queue_int_on_old_endpoint_44196 queue_int_on_old_endpoint 0 44196 &mptscsih_change_queue_depth_44196 +pvclock_gtod_notify_44200 pvclock_gtod_notify 0 44200 NULL -+iwl_init_alive_start_44203 iwl_init_alive_start 0 44203 NULL ++iwl_init_alive_start_44203 iwl_init_alive_start 0 44203 NULL nohasharray ++virtinput_cfg_select_44203 virtinput_cfg_select 0 44203 &iwl_init_alive_start_44203 +core_alua_show_access_type_44204 core_alua_show_access_type 0 44204 NULL +roccat_common2_sysfs_read_info_44206 roccat_common2_sysfs_read_info 0-5-6 44206 NULL +wl1271_acx_mem_map_44208 wl1271_acx_mem_map 0 44208 NULL ++__set_free_44211 __set_free 2 44211 NULL +claim_ptd_buffers_44213 claim_ptd_buffers 3 44213 NULL nohasharray +write_44213 write 0 44213 &claim_ptd_buffers_44213 +qib_assign_ctxt_44217 qib_assign_ctxt 0 44217 NULL @@ -145418,6 +146212,7 @@ index 0000000..89e8e68 +enlarge_skb_44248 enlarge_skb 2 44248 NULL +ecryptfs_init_lower_file_44249 ecryptfs_init_lower_file 0 44249 NULL +rbd_parent_show_44252 rbd_parent_show 0 44252 NULL ++st33zp24_i2c_recv_44256 st33zp24_i2c_recv 4 44256 NULL +tm6000_i2c_xfer_44260 tm6000_i2c_xfer 0-3 44260 NULL +mgt_commit_44264 mgt_commit 0 44264 NULL nohasharray +ec_bhf_open_44264 ec_bhf_open 0 44264 &mgt_commit_44264 @@ -145500,7 +146295,8 @@ index 0000000..89e8e68 +iwl_dbgfs_bf_params_write_44450 iwl_dbgfs_bf_params_write 0-3 44450 NULL nohasharray +eth_change_mtu_44450 eth_change_mtu 0 44450 &iwl_dbgfs_bf_params_write_44450 +koneplus_sysfs_read_profilex_buttons_44454 koneplus_sysfs_read_profilex_buttons 0-5-6 44454 NULL -+dma_mask_bits_show_44456 dma_mask_bits_show 0 44456 NULL ++dma_mask_bits_show_44456 dma_mask_bits_show 0 44456 NULL nohasharray ++sensor_hub_get_feature_44456 sensor_hub_get_feature 0-4 44456 &dma_mask_bits_show_44456 +af_alg_make_sg_44459 af_alg_make_sg 0-3 44459 NULL +snd_pcm_do_suspend_44460 snd_pcm_do_suspend 0 44460 NULL +___alloc_bootmem_node_nopanic_44461 ___alloc_bootmem_node_nopanic 2 44461 NULL @@ -145594,6 +146390,7 @@ index 0000000..89e8e68 +sock_write_iter_44676 sock_write_iter 0 44676 NULL +ipheth_rx_submit_44679 ipheth_rx_submit 0 44679 NULL nohasharray +velocity_open_44679 velocity_open 0 44679 &ipheth_rx_submit_44679 ++rawv6_sendmsg_44680 rawv6_sendmsg 3 44680 NULL +fm10k_iov_alloc_data_44682 fm10k_iov_alloc_data 0-2 44682 NULL +st_try_direct_io_show_44683 st_try_direct_io_show 0 44683 NULL +cifs_setattr_nounix_44685 cifs_setattr_nounix 0 44685 NULL nohasharray @@ -145709,6 +146506,7 @@ index 0000000..89e8e68 +inode_setsecurity_44924 inode_setsecurity 0 44924 NULL nohasharray +ath5k_hw_write_ofdm_timings_44924 ath5k_hw_write_ofdm_timings 0 44924 &inode_setsecurity_44924 +lp855x_get_bl_ctl_mode_44927 lp855x_get_bl_ctl_mode 0 44927 NULL ++bcm_recvmsg_44928 bcm_recvmsg 3 44928 NULL +get_cpu_vid_44938 get_cpu_vid 0 44938 NULL nohasharray +store_rxbuf_44938 store_rxbuf 0-4 44938 &get_cpu_vid_44938 +loop_attr_do_show_backing_file_44940 loop_attr_do_show_backing_file 0 44940 NULL @@ -145742,10 +146540,12 @@ index 0000000..89e8e68 +ptrace_writedata_45021 ptrace_writedata 4 45021 NULL nohasharray +read_block_bitmap_45021 read_block_bitmap 2 45021 &ptrace_writedata_45021 nohasharray +iscsi_tpg_param_store_FirstBurstLength_45021 iscsi_tpg_param_store_FirstBurstLength 0-3 45021 &read_block_bitmap_45021 -+ath10k_htt_connect_45022 ath10k_htt_connect 0 45022 NULL ++ath10k_htt_connect_45022 ath10k_htt_connect 0 45022 NULL nohasharray ++hfsplus_getxattr_45022 hfsplus_getxattr 0 45022 &ath10k_htt_connect_45022 +show_state_power_usage_45023 show_state_power_usage 0 45023 NULL nohasharray +zd1211b_hw_init_hmac_45023 zd1211b_hw_init_hmac 0 45023 &show_state_power_usage_45023 -+dm_kvzalloc_45025 dm_kvzalloc 1 45025 NULL ++dm_kvzalloc_45025 dm_kvzalloc 1 45025 NULL nohasharray ++rose_sendmsg_45025 rose_sendmsg 3 45025 &dm_kvzalloc_45025 +hotplug_cfd_45029 hotplug_cfd 0 45029 NULL +snd_seq_kernel_client_ctl_45032 snd_seq_kernel_client_ctl 0 45032 NULL +vfio_ecap_init_45033 vfio_ecap_init 0 45033 NULL @@ -145783,7 +146583,8 @@ index 0000000..89e8e68 +set_auto_temp_min_45111 set_auto_temp_min 0-4 45111 NULL +pwr_missing_bcns_cnt_read_45113 pwr_missing_bcns_cnt_read 3-0 45113 NULL +usbdev_read_45114 usbdev_read 3-0 45114 NULL -+v9fs_xattr_user_set_45117 v9fs_xattr_user_set 0 45117 NULL ++v9fs_xattr_user_set_45117 v9fs_xattr_user_set 0 45117 NULL nohasharray ++sock_sendmsg_45117 sock_sendmsg 0 45117 &v9fs_xattr_user_set_45117 +edd_show_legacy_max_cylinder_45119 edd_show_legacy_max_cylinder 0 45119 NULL +isku_sysfs_write_reset_45133 isku_sysfs_write_reset 6-0-5 45133 NULL nohasharray +in_write_bytes_avail_show_45133 in_write_bytes_avail_show 0 45133 &isku_sysfs_write_reset_45133 @@ -145798,7 +146599,8 @@ index 0000000..89e8e68 +tcp_setsockopt_45152 tcp_setsockopt 0 45152 NULL nohasharray +st_probe_45152 st_probe 0 45152 &tcp_setsockopt_45152 +device_write_45156 device_write 3-0 45156 NULL -+usX2Y_urbs_start_45159 usX2Y_urbs_start 0 45159 NULL ++usX2Y_urbs_start_45159 usX2Y_urbs_start 0 45159 NULL nohasharray ++ocfs2_dq_frozen_trigger_45159 ocfs2_dq_frozen_trigger 4 45159 &usX2Y_urbs_start_45159 +SYSC_write_45160 SYSC_write 3-0 45160 NULL +tomoyo_write_self_45161 tomoyo_write_self 3-0 45161 NULL +xennet_create_queues_45162 xennet_create_queues 2 45162 NULL @@ -145859,6 +146661,7 @@ index 0000000..89e8e68 +get_raw_temp_45318 get_raw_temp 0 45318 NULL +__i2c_hid_command_45321 __i2c_hid_command 0 45321 NULL +compass_command_45324 compass_command 0 45324 NULL ++quirk_strict_duplicate_filter_write_45325 quirk_strict_duplicate_filter_write 3 45325 NULL +label_cpu_DTS_45336 label_cpu_DTS 0 45336 NULL nohasharray +bnx2x_vfpf_config_mac_45336 bnx2x_vfpf_config_mac 0 45336 &label_cpu_DTS_45336 +copy_vm86_regs_from_user_45340 copy_vm86_regs_from_user 3 45340 NULL @@ -145869,6 +146672,7 @@ index 0000000..89e8e68 +posix_lock_file_45352 posix_lock_file 0 45352 NULL +isl1208_rtc_read_time_45356 isl1208_rtc_read_time 0 45356 NULL +wl12xx_acx_set_rate_mgmt_params_45357 wl12xx_acx_set_rate_mgmt_params 0 45357 NULL ++xfs_file_aio_write_checks_45371 xfs_file_aio_write_checks 0 45371 NULL +hotkey_poll_freq_store_45373 hotkey_poll_freq_store 0-4 45373 NULL +null_alloc_repbuf_45375 null_alloc_repbuf 3 45375 NULL +wmi_set_channel_45380 wmi_set_channel 0 45380 NULL @@ -146070,7 +146874,8 @@ index 0000000..89e8e68 +b43_pcmcia_resume_45799 b43_pcmcia_resume 0 45799 &cbaf_cc_upload_45799 +raw_setsockopt_45800 raw_setsockopt 5-0 45800 NULL +adp5520_bl_dark_dim_show_45802 adp5520_bl_dark_dim_show 0 45802 NULL nohasharray -+michael_update_45802 michael_update 0 45802 &adp5520_bl_dark_dim_show_45802 ++michael_update_45802 michael_update 0 45802 &adp5520_bl_dark_dim_show_45802 nohasharray ++quirk_simultaneous_discovery_read_45802 quirk_simultaneous_discovery_read 3 45802 &michael_update_45802 +kvmclock_cpufreq_notifier_45803 kvmclock_cpufreq_notifier 0 45803 NULL +nct7802_read_fan_min_45804 nct7802_read_fan_min 0 45804 NULL +lbs_rdbbp_read_45805 lbs_rdbbp_read 3-0 45805 NULL @@ -146133,7 +146938,8 @@ index 0000000..89e8e68 +host_store_raid_offload_debug_45928 host_store_raid_offload_debug 0-4 45928 NULL +ext2_xattr_security_get_45930 ext2_xattr_security_get 0 45930 NULL nohasharray +_dln2_transfer_45930 _dln2_transfer 0 45930 &ext2_xattr_security_get_45930 -+request_ihex_firmware_45931 request_ihex_firmware 0 45931 NULL ++request_ihex_firmware_45931 request_ihex_firmware 0 45931 NULL nohasharray ++recomp_data_node_45931 recomp_data_node 0 45931 &request_ihex_firmware_45931 +bttv_s_ctrl_45933 bttv_s_ctrl 0 45933 NULL +alloc_mr_45935 alloc_mr 1 45935 NULL nohasharray +dlm_id_show_45935 dlm_id_show 0 45935 &alloc_mr_45935 @@ -146167,7 +146973,8 @@ index 0000000..89e8e68 +dn_device_event_46004 dn_device_event 0 46004 NULL +ci_ll_read_46006 ci_ll_read 0 46006 NULL +rtl2832_regmap_gather_write_46011 rtl2832_regmap_gather_write 0 46011 NULL -+rt2800pci_set_device_state_46015 rt2800pci_set_device_state 0 46015 NULL ++rt2800pci_set_device_state_46015 rt2800pci_set_device_state 0 46015 NULL nohasharray ++snd_hdac_exec_verb_46015 snd_hdac_exec_verb 0 46015 &rt2800pci_set_device_state_46015 +rt2800mmio_enable_radio_46016 rt2800mmio_enable_radio 0 46016 NULL +snd_cx231xx_capture_trigger_46017 snd_cx231xx_capture_trigger 0 46017 NULL +acpi_ds_method_data_set_value_46018 acpi_ds_method_data_set_value 0 46018 NULL @@ -146219,7 +147026,8 @@ index 0000000..89e8e68 +gpio_keys_store_disabled_switches_46139 gpio_keys_store_disabled_switches 0-4 46139 &twl6030_pwm_enable_46139 +nilfs_btree_assign_p_46142 nilfs_btree_assign_p 0 46142 NULL +__walk_page_range_46146 __walk_page_range 0 46146 NULL -+elan_i2c_get_checksum_46148 elan_i2c_get_checksum 0 46148 NULL ++elan_i2c_get_checksum_46148 elan_i2c_get_checksum 0 46148 NULL nohasharray ++pcibios_sriov_enable_46148 pcibios_sriov_enable 0 46148 &elan_i2c_get_checksum_46148 +set_temp_auto_temp_min_46149 set_temp_auto_temp_min 0-4 46149 NULL +ddp_clear_map_46152 ddp_clear_map 4 46152 NULL +dgram_bind_46155 dgram_bind 0 46155 NULL @@ -146227,6 +147035,7 @@ index 0000000..89e8e68 +si470x_set_register_46160 si470x_set_register 0 46160 NULL +ov9740_reg_write_array_46162 ov9740_reg_write_array 0 46162 NULL nohasharray +top_off_timer_store_46162 top_off_timer_store 4-0 46162 &ov9740_reg_write_array_46162 ++atalk_sendmsg_46165 atalk_sendmsg 3 46165 NULL +qla2x00_sysfs_write_nvram_46166 qla2x00_sysfs_write_nvram 0-6-5 46166 NULL +pcf8583_rtc_read_time_46169 pcf8583_rtc_read_time 0 46169 NULL +write_index_46171 write_index 0 46171 NULL @@ -146237,7 +147046,8 @@ index 0000000..89e8e68 +twl_direction_out_46182 twl_direction_out 2-0 46182 NULL nohasharray +sync_inode_metadata_46182 sync_inode_metadata 0 46182 &twl_direction_out_46182 +vxge_os_dma_malloc_46184 vxge_os_dma_malloc 2 46184 NULL -+kszphy_config_init_46188 kszphy_config_init 0 46188 NULL ++kszphy_config_init_46188 kszphy_config_init 0 46188 NULL nohasharray ++write8_reg_46188 write8_reg 4 46188 &kszphy_config_init_46188 +ax25_device_event_46189 ax25_device_event 0 46189 NULL +atmel_set_mac_address_46192 atmel_set_mac_address 0 46192 NULL +fq_resize_46195 fq_resize 2 46195 NULL @@ -146342,6 +147152,7 @@ index 0000000..89e8e68 +c2port_show_dev_id_46410 c2port_show_dev_id 0 46410 NULL +i2c_hid_output_raw_report_46413 i2c_hid_output_raw_report 0-3 46413 NULL nohasharray +w1_master_attribute_show_slave_count_46413 w1_master_attribute_show_slave_count 0 46413 &i2c_hid_output_raw_report_46413 ++platform_gpio_count_46416 platform_gpio_count 0 46416 NULL +addr_to_user_46418 addr_to_user 0 46418 NULL +vmbus_sendpacket_pagebuffer_46420 vmbus_sendpacket_pagebuffer 0 46420 NULL +iscsi_tpg_param_show_ErrorRecoveryLevel_46422 iscsi_tpg_param_show_ErrorRecoveryLevel 0 46422 NULL @@ -146418,6 +147229,7 @@ index 0000000..89e8e68 +set_min_uA_46584 set_min_uA 0-4 46584 NULL +__iwl_up_46589 __iwl_up 0 46589 NULL +snd_compr_write_data_46592 snd_compr_write_data 3-0 46592 NULL ++ec_device_read_46594 ec_device_read 3 46594 NULL +copy_gr_arg_46595 copy_gr_arg 0 46595 NULL +show_mute_46600 show_mute 0 46600 NULL nohasharray +mode_store_46600 mode_store 0-4 46600 &show_mute_46600 @@ -146614,6 +147426,7 @@ index 0000000..89e8e68 +acerhdf_get_fanstate_47052 acerhdf_get_fanstate 0 47052 &wm8994_set_bits_47052 +final_47055 final 0 47055 NULL +open_rx_47057 open_rx 0 47057 NULL ++udpv6_sendmsg_47060 udpv6_sendmsg 3 47060 NULL +dg_dispatch_as_guest_47063 dg_dispatch_as_guest 0 47063 NULL +ltc2945_show_value_47064 ltc2945_show_value 0 47064 NULL nohasharray +read_pod_47064 read_pod 0 47064 <c2945_show_value_47064 @@ -146649,7 +147462,8 @@ index 0000000..89e8e68 +ses_recv_diag_47143 ses_recv_diag 4 47143 &acpi_ut_initialize_buffer_47143 +store_target_kb_47150 store_target_kb 0-4 47150 NULL +sctp_get_port_47151 sctp_get_port 0 47151 NULL -+get_attr_rdpmc_47155 get_attr_rdpmc 0 47155 NULL ++get_attr_rdpmc_47155 get_attr_rdpmc 0 47155 NULL nohasharray ++mwifiex_alloc_dma_align_buf_47155 mwifiex_alloc_dma_align_buf 1 47155 &get_attr_rdpmc_47155 +il4965_mac_start_47159 il4965_mac_start 0 47159 NULL +gva_to_gpa_47160 gva_to_gpa 0 47160 NULL nohasharray +show_streaming_47160 show_streaming 0 47160 &gva_to_gpa_47160 @@ -146704,6 +147518,7 @@ index 0000000..89e8e68 +SYSC_semop_47292 SYSC_semop 3 47292 NULL +show_47293 show 0 47293 NULL +uvc_video_enable_47296 uvc_video_enable 0 47296 NULL ++rhashtable_rehash_attach_47298 rhashtable_rehash_attach 0 47298 NULL +tx_internal_desc_overflow_read_47300 tx_internal_desc_overflow_read 3-0 47300 NULL +virtqueue_add_47306 virtqueue_add 3 47306 NULL +il4965_fill_txpower_tbl_47307 il4965_fill_txpower_tbl 0 47307 NULL @@ -146714,6 +147529,7 @@ index 0000000..89e8e68 +get_l4proto_47318 get_l4proto 0 47318 NULL +usX2Y_usbpcm_urbs_start_47323 usX2Y_usbpcm_urbs_start 0 47323 NULL +snd_sb16_playback_trigger_47332 snd_sb16_playback_trigger 0 47332 NULL ++sock_sendmsg_nosec_47333 sock_sendmsg_nosec 0 47333 NULL +sctp_auth_set_active_key_47334 sctp_auth_set_active_key 0 47334 NULL nohasharray +fd_configure_device_47334 fd_configure_device 0 47334 &sctp_auth_set_active_key_47334 +next_bitstream_store_47342 next_bitstream_store 0-4 47342 NULL @@ -146734,6 +147550,7 @@ index 0000000..89e8e68 +show_ipv4_iface_bootproto_47376 show_ipv4_iface_bootproto 0 47376 NULL +stmmac_enable_47377 stmmac_enable 0 47377 NULL +shmem_getpage_47382 shmem_getpage 0 47382 NULL ++tun_recvmsg_47383 tun_recvmsg 3 47383 NULL +nv_rd32_47390 nv_rd32 0 47390 NULL nohasharray +trace_options_core_read_47390 trace_options_core_read 3 47390 &nv_rd32_47390 +pfkey_sendmsg_47394 pfkey_sendmsg 4-0 47394 NULL @@ -146757,7 +147574,8 @@ index 0000000..89e8e68 +array_size_store_47421 array_size_store 0-3 47421 &vzalloc_47421 +mvs_task_prep_ata_47424 mvs_task_prep_ata 0 47424 NULL +bLength_show_47432 bLength_show 0 47432 NULL -+fop_write_47433 fop_write 0-3 47433 NULL ++fop_write_47433 fop_write 0-3 47433 NULL nohasharray ++caif_seqpkt_sendmsg_47433 caif_seqpkt_sendmsg 3 47433 &fop_write_47433 +dibx000_i2c_gated_tuner_xfer_47436 dibx000_i2c_gated_tuner_xfer 0-3 47436 NULL +wl128x_configure_mcs_pll_47437 wl128x_configure_mcs_pll 0 47437 NULL +niu_reset_tx_bmac_47440 niu_reset_tx_bmac 0 47440 NULL @@ -146809,6 +147627,7 @@ index 0000000..89e8e68 +leb_read_sanity_check_47551 leb_read_sanity_check 0 47551 &drbg_statelen_47551 +pci_endrun_init_47554 pci_endrun_init 0 47554 NULL +_ctl_diag_trigger_scsi_show_47558 _ctl_diag_trigger_scsi_show 0 47558 NULL ++acpi_gpio_package_count_47562 acpi_gpio_package_count 0 47562 NULL +send_cmd_47563 send_cmd 0 47563 NULL +xfs_inobt_alloc_block_47565 xfs_inobt_alloc_block 0 47565 NULL +send_command_47567 send_command 0 47567 NULL nohasharray @@ -146860,6 +147679,7 @@ index 0000000..89e8e68 +queue_attr_store_47683 queue_attr_store 0-4 47683 NULL +mbus_show_47685 mbus_show 0 47685 NULL nohasharray +gprs_set_mtu_47685 gprs_set_mtu 0 47685 &mbus_show_47685 ++rtl8723b_parse_firmware_47686 rtl8723b_parse_firmware 0 47686 NULL +ce6230_ctrl_msg_47692 ce6230_ctrl_msg 0 47692 NULL +target_stat_scsi_lu_show_attr_num_cmds_47693 target_stat_scsi_lu_show_attr_num_cmds 0 47693 NULL nohasharray +niu_reset_rx_bmac_47693 niu_reset_rx_bmac 0 47693 &target_stat_scsi_lu_show_attr_num_cmds_47693 @@ -146923,6 +147743,7 @@ index 0000000..89e8e68 +rtl_store_debug_level_47834 rtl_store_debug_level 0-4 47834 NULL +pinconf_dbg_config_write_47835 pinconf_dbg_config_write 3-0 47835 NULL nohasharray +lanai_send_47835 lanai_send 0 47835 &pinconf_dbg_config_write_47835 ++raw_sendmsg_47838 raw_sendmsg 3 47838 NULL +cmos_nvram_write_47839 cmos_nvram_write 0-6-5 47839 NULL +did_show_47843 did_show 0 47843 NULL nohasharray +alloc_ringdesc_47843 alloc_ringdesc 0 47843 &did_show_47843 @@ -146947,6 +147768,7 @@ index 0000000..89e8e68 +keyctl_instantiate_key_common_47889 keyctl_instantiate_key_common 4 47889 NULL +read_prph_47892 read_prph 0 47892 NULL +erst_exec_skip_next_instruction_if_true_47893 erst_exec_skip_next_instruction_if_true 0 47893 NULL ++add_fake_beep_paths_47898 add_fake_beep_paths 0 47898 NULL +read_regr_47902 read_regr 0 47902 NULL nohasharray +read_dsmargin_47902 read_dsmargin 0 47902 &read_regr_47902 +osd_req_read_sg_47905 osd_req_read_sg 5 47905 NULL @@ -147053,7 +147875,8 @@ index 0000000..89e8e68 +dn_fib_count_nhs_48145 dn_fib_count_nhs 0 48145 NULL +__tcp_push_pending_frames_48148 __tcp_push_pending_frames 2 48148 NULL +SyS_vmsplice_48150 SyS_vmsplice 3 48150 NULL -+_add_to_r4w_48152 _add_to_r4w 4 48152 NULL ++_add_to_r4w_48152 _add_to_r4w 4 48152 NULL nohasharray ++bitmap_onto_48152 bitmap_onto 4 48152 &_add_to_r4w_48152 +bnx2i_host_get_param_48156 bnx2i_host_get_param 0 48156 NULL +isr_dma1_done_read_48159 isr_dma1_done_read 3-0 48159 NULL nohasharray +rx4581_get_datetime_48159 rx4581_get_datetime 0 48159 &isr_dma1_done_read_48159 @@ -147181,7 +148004,8 @@ index 0000000..89e8e68 +b43legacy_chip_init_48439 b43legacy_chip_init 0 48439 NULL +print_filtered_48442 print_filtered 0-2 48442 NULL +snd_find_free_minor_48446 snd_find_free_minor 0 48446 NULL -+vlv_pipe_crc_ctl_reg_48447 vlv_pipe_crc_ctl_reg 0 48447 NULL ++vlv_pipe_crc_ctl_reg_48447 vlv_pipe_crc_ctl_reg 0 48447 NULL nohasharray ++ext3_direct_IO_48447 ext3_direct_IO 3 48447 &vlv_pipe_crc_ctl_reg_48447 +shmem_add_to_page_cache_48451 shmem_add_to_page_cache 0 48451 NULL +stac_beep_switch_ctl_48456 stac_beep_switch_ctl 0 48456 NULL nohasharray +dlfb_ops_set_par_48456 dlfb_ops_set_par 0 48456 &stac_beep_switch_ctl_48456 @@ -147227,6 +148051,7 @@ index 0000000..89e8e68 +udp_lib_get_port_48545 udp_lib_get_port 0 48545 NULL nohasharray +l2tp_ip6_open_48545 l2tp_ip6_open 0 48545 &udp_lib_get_port_48545 +nvbios_extend_48550 nvbios_extend 2 48550 NULL ++f2fs_direct_IO_48556 f2fs_direct_IO 3 48556 NULL +b43_upload_initvals_48559 b43_upload_initvals 0 48559 NULL +m88e1116r_config_init_48560 m88e1116r_config_init 0 48560 NULL +ath10k_fw_stats_read_48561 ath10k_fw_stats_read 3-0 48561 NULL @@ -147247,6 +148072,7 @@ index 0000000..89e8e68 +update_fw_48597 update_fw 0 48597 NULL +get_register_interruptible_48598 get_register_interruptible 0 48598 NULL +label_SKIN_48603 label_SKIN 0 48603 NULL ++ext4_ind_direct_IO_48607 ext4_ind_direct_IO 3 48607 NULL +il3945_show_channels_48609 il3945_show_channels 0 48609 NULL +ctrl_48612 ctrl 0 48612 NULL +ufs_dtogd_48616 ufs_dtogd 0-2 48616 NULL @@ -147261,7 +148087,8 @@ index 0000000..89e8e68 +uwb_radio_force_channel_48645 uwb_radio_force_channel 0 48645 NULL +isl29003_set_mode_48650 isl29003_set_mode 0 48650 NULL +ll_rw_extents_stats_pp_seq_write_48651 ll_rw_extents_stats_pp_seq_write 3 48651 NULL -+__efx_reconfigure_port_48652 __efx_reconfigure_port 0 48652 NULL ++__efx_reconfigure_port_48652 __efx_reconfigure_port 0 48652 NULL nohasharray ++packet_recvmsg_48652 packet_recvmsg 3 48652 &__efx_reconfigure_port_48652 +mtd_read_48655 mtd_read 0 48655 NULL +show_vrm_reg_48661 show_vrm_reg 0 48661 NULL nohasharray +tg3_phy_toggle_auxctl_smdsp_48661 tg3_phy_toggle_auxctl_smdsp 0 48661 &show_vrm_reg_48661 @@ -147314,7 +148141,8 @@ index 0000000..89e8e68 +apds990x_lux_thresh_below_show_48763 apds990x_lux_thresh_below_show 0 48763 NULL +l2cap_segment_sdu_48772 l2cap_segment_sdu 4 48772 NULL nohasharray +event_buffer_read_48772 event_buffer_read 0-3 48772 &l2cap_segment_sdu_48772 -+rds_set_bool_option_48773 rds_set_bool_option 0 48773 NULL ++rds_set_bool_option_48773 rds_set_bool_option 0 48773 NULL nohasharray ++gpiod_count_48773 gpiod_count 0 48773 &rds_set_bool_option_48773 +boottime_set_48781 boottime_set 0-4 48781 NULL +lm3533_ctrlbank_set_pwm_48784 lm3533_ctrlbank_set_pwm 0 48784 NULL +transfer_48788 transfer 0 48788 NULL @@ -147403,7 +148231,8 @@ index 0000000..89e8e68 +ntb_transport_rx_enqueue_48986 ntb_transport_rx_enqueue 0 48986 NULL +show_48988 show 0 48988 NULL +_alloc_set_attr_list_48991 _alloc_set_attr_list 4 48991 NULL -+nes_store_nonidx_data_48992 nes_store_nonidx_data 0-3 48992 NULL ++nes_store_nonidx_data_48992 nes_store_nonidx_data 0-3 48992 NULL nohasharray ++mei_cl_alloc_cb_48992 mei_cl_alloc_cb 2 48992 &nes_store_nonidx_data_48992 +xen_memory_notifier_48993 xen_memory_notifier 0 48993 NULL +rds_rm_size_48996 rds_rm_size 0-2 48996 NULL nohasharray +rionet_open_48996 rionet_open 0 48996 &rds_rm_size_48996 @@ -147468,7 +148297,8 @@ index 0000000..89e8e68 +target_core_dev_pr_show_attr_res_pr_all_tgt_pts_49150 target_core_dev_pr_show_attr_res_pr_all_tgt_pts 0 49150 NULL +atyfb_setup_generic_49151 atyfb_setup_generic 3 49151 NULL nohasharray +divas_read_49151 divas_read 0-3 49151 &atyfb_setup_generic_49151 nohasharray -+patch_vt1812_49151 patch_vt1812 0 49151 &divas_read_49151 ++patch_vt1812_49151 patch_vt1812 0 49151 &divas_read_49151 nohasharray ++p9_client_zc_rpc_49151 p9_client_zc_rpc 7 49151 &patch_vt1812_49151 +bq24190_write_mask_49153 bq24190_write_mask 0 49153 NULL +ipwireless_tty_received_49154 ipwireless_tty_received 3 49154 NULL +f2fs_acl_count_49155 f2fs_acl_count 0-1 49155 NULL @@ -147575,7 +148405,8 @@ index 0000000..89e8e68 +quirk_pcie_aspm_write_49416 quirk_pcie_aspm_write 0 49416 NULL +kbd_backlight_mode_store_49419 kbd_backlight_mode_store 0-4 49419 NULL +iscsi_nacl_attrib_show_random_r2t_offsets_49422 iscsi_nacl_attrib_show_random_r2t_offsets 0 49422 NULL -+hdmiphy_s_stream_49426 hdmiphy_s_stream 0 49426 NULL ++hdmiphy_s_stream_49426 hdmiphy_s_stream 0 49426 NULL nohasharray ++gfs2_quota_check_49426 gfs2_quota_check 0 49426 &hdmiphy_s_stream_49426 +et131x_get_regs_len_49430 et131x_get_regs_len 0 49430 NULL +ds1685_rtc_read_time_49432 ds1685_rtc_read_time 0 49432 NULL +probe_kernel_read_49437 probe_kernel_read 0 49437 NULL @@ -147692,6 +148523,7 @@ index 0000000..89e8e68 +write_pool_49718 write_pool 3-0 49718 NULL +create_modalias_49720 create_modalias 0 49720 NULL +alloc_kmem_cache_node_49725 alloc_kmem_cache_node 0 49725 NULL ++__netlink_insert_49728 __netlink_insert 0 49728 NULL +pcnet_open_49729 pcnet_open 0 49729 NULL +dev_pm_qos_constraints_allocate_49731 dev_pm_qos_constraints_allocate 0 49731 NULL +sys_fsetxattr_49736 sys_fsetxattr 4 49736 NULL @@ -147704,7 +148536,8 @@ index 0000000..89e8e68 +show_usblim_49746 show_usblim 0 49746 NULL nohasharray +uvc_init_video_49746 uvc_init_video 0 49746 &show_usblim_49746 +firmware_loading_show_49748 firmware_loading_show 0 49748 NULL -+__niu_wait_bits_clear_ipp_49750 __niu_wait_bits_clear_ipp 0 49750 NULL ++__niu_wait_bits_clear_ipp_49750 __niu_wait_bits_clear_ipp 0 49750 NULL nohasharray ++snd_hdac_get_connections_49750 snd_hdac_get_connections 0 49750 &__niu_wait_bits_clear_ipp_49750 +btrfs_chunk_num_stripes_49751 btrfs_chunk_num_stripes 0 49751 NULL +fuse_wr_pages_49753 fuse_wr_pages 0-2-1 49753 NULL +lifetime_write_kbytes_show_49754 lifetime_write_kbytes_show 0 49754 NULL @@ -147749,6 +148582,7 @@ index 0000000..89e8e68 +ath6kl_fwlog_block_read_49836 ath6kl_fwlog_block_read 3-0 49836 NULL +snd_azf3328_pcm_prepare_49838 snd_azf3328_pcm_prepare 0 49838 NULL nohasharray +pci_add_dynid_49838 pci_add_dynid 0 49838 &snd_azf3328_pcm_prepare_49838 ++hash_recvmsg_49844 hash_recvmsg 3 49844 NULL +twl4030_write_49846 twl4030_write 2 49846 NULL +show_lut_temp_49847 show_lut_temp 0 49847 NULL +scsi_dispatch_cmd_entry_49848 scsi_dispatch_cmd_entry 3-0 49848 NULL @@ -147767,6 +148601,7 @@ index 0000000..89e8e68 +kovaplus_sysfs_read_profile_settings_49882 kovaplus_sysfs_read_profile_settings 0-5-6 49882 NULL +il_send_cmd_pdu_async_49891 il_send_cmd_pdu_async 0 49891 NULL +tgr192_init_49892 tgr192_init 0 49892 NULL ++lb_throttle_49897 lb_throttle 0 49897 NULL +ovs_key_attr_size_49898 ovs_key_attr_size 0 49898 NULL +bnx2x_open_49905 bnx2x_open 0 49905 NULL +ea_put_49907 ea_put 0 49907 NULL @@ -147779,13 +148614,16 @@ index 0000000..89e8e68 +megasas_fw_crash_state_store_49923 megasas_fw_crash_state_store 0-4 49923 &show_voltage_label_49923 +_cpu_up_49927 _cpu_up 0 49927 NULL +beacon_timeout_ms_store_49935 beacon_timeout_ms_store 0-4 49935 NULL -+mxl301rf_set_params_49936 mxl301rf_set_params 0 49936 NULL ++mxl301rf_set_params_49936 mxl301rf_set_params 0 49936 NULL nohasharray ++md_setup_cluster_49936 md_setup_cluster 0 49936 &mxl301rf_set_params_49936 +gnttab_setup_auto_xlat_frames_49940 gnttab_setup_auto_xlat_frames 1 49940 NULL +tpm_get_random_49950 tpm_get_random 0-3 49950 NULL +iscsi_nacl_attrib_show_default_erl_49955 iscsi_nacl_attrib_show_default_erl 0 49955 NULL +saa7706h_i2c_transfer_49957 saa7706h_i2c_transfer 3 49957 NULL ++__cfg80211_alloc_event_skb_49963 __cfg80211_alloc_event_skb 6 49963 NULL +snd_soundfont_load_49964 snd_soundfont_load 0-3 49964 NULL +store_temp_auto_boost_49966 store_temp_auto_boost 0-4 49966 NULL ++hda_widget_sysfs_init_49968 hda_widget_sysfs_init 0 49968 NULL +bDeviceSubClass_show_49970 bDeviceSubClass_show 0 49970 NULL +volume_write_49971 volume_write 0 49971 NULL +set_a_bus_drop_49973 set_a_bus_drop 0-4 49973 NULL @@ -147816,6 +148654,7 @@ index 0000000..89e8e68 +rose_device_event_50026 rose_device_event 0 50026 NULL +xlog_recovery_process_trans_50028 xlog_recovery_process_trans 4 50028 NULL nohasharray +qp_alloc_queue_50028 qp_alloc_queue 1 50028 &xlog_recovery_process_trans_50028 ++caif_stream_sendmsg_50030 caif_stream_sendmsg 3 50030 NULL +set_mtu_50032 set_mtu 0 50032 NULL +ath10k_wmi_pdev_pktlog_enable_50033 ath10k_wmi_pdev_pktlog_enable 0 50033 NULL +sky2_open_50034 sky2_open 0 50034 NULL @@ -147891,6 +148730,7 @@ index 0000000..89e8e68 +mxl111sf_tuner_program_regs_50179 mxl111sf_tuner_program_regs 0 50179 NULL +udc_create_dma_chain_50185 udc_create_dma_chain 0 50185 NULL +ib_send_cm_drep_50186 ib_send_cm_drep 3 50186 NULL ++_mv88e6xxx_phy_write_indirect_50195 _mv88e6xxx_phy_write_indirect 0 50195 NULL +store_beep_50196 store_beep 0-4 50196 NULL +max_medium_access_timeouts_show_50197 max_medium_access_timeouts_show 0 50197 NULL +cfg80211_roamed_bss_50198 cfg80211_roamed_bss 6-4 50198 NULL @@ -147953,6 +148793,7 @@ index 0000000..89e8e68 +set_auto_brightness_50345 set_auto_brightness 0 50345 NULL +__orinoco_up_50349 __orinoco_up 0 50349 NULL +nr_overcommit_hugepages_show_50351 nr_overcommit_hugepages_show 0 50351 NULL ++efx_nic_update_stats_50352 efx_nic_update_stats 2 50352 NULL +selinux_file_permission_50354 selinux_file_permission 0 50354 NULL +isdn_ppp_read_50356 isdn_ppp_read 4-0 50356 NULL +unpack_u16_chunk_50357 unpack_u16_chunk 0 50357 NULL @@ -147973,7 +148814,8 @@ index 0000000..89e8e68 +ad7877_gpio3_show_50397 ad7877_gpio3_show 0 50397 NULL +base_sock_create_50400 base_sock_create 0 50400 NULL +snd_mask_refine_last_50406 snd_mask_refine_last 0 50406 NULL -+inode_getsecctx_50410 inode_getsecctx 0 50410 NULL ++inode_getsecctx_50410 inode_getsecctx 0 50410 NULL nohasharray ++read8_reg_50410 read8_reg 4 50410 &inode_getsecctx_50410 +l2tp_ip_sendmsg_50411 l2tp_ip_sendmsg 4-0 50411 NULL +recomp_data_node_50412 recomp_data_node 0 50412 NULL +tg_set_rt_bandwidth_50413 tg_set_rt_bandwidth 0 50413 NULL @@ -148090,6 +148932,7 @@ index 0000000..89e8e68 +mt2063_setreg_50645 mt2063_setreg 0 50645 NULL +show_50648 show 0 50648 NULL +ext3_readpage_50653 ext3_readpage 0 50653 NULL ++fat_direct_IO_50654 fat_direct_IO 3 50654 NULL +show_fc_rport_node_name_50655 show_fc_rport_node_name 0 50655 NULL +snd_seq_ioctl_set_queue_info_50657 snd_seq_ioctl_set_queue_info 0 50657 NULL +raid56_parity_alloc_scrub_rbio_50658 raid56_parity_alloc_scrub_rbio 4 50658 NULL @@ -148250,10 +149093,13 @@ index 0000000..89e8e68 +brcm_phy_setbits_51027 brcm_phy_setbits 0 51027 NULL +fuse_conn_congestion_threshold_read_51028 fuse_conn_congestion_threshold_read 3-0 51028 NULL +xfs_dir2_grow_inode_51030 xfs_dir2_grow_inode 0 51030 NULL -+dump_midi_51040 dump_midi 3 51040 NULL ++mv88e6xxx_phy_read_indirect_51035 mv88e6xxx_phy_read_indirect 2 51035 NULL ++dump_midi_51040 dump_midi 3 51040 NULL nohasharray ++cma_free_write_51040 cma_free_write 2 51040 &dump_midi_51040 +usb_get_descriptor_51041 usb_get_descriptor 0 51041 NULL +srpt_alloc_ioctx_51042 srpt_alloc_ioctx 2-3 51042 NULL nohasharray -+i915_gem_object_get_pages_phys_51042 i915_gem_object_get_pages_phys 0 51042 &srpt_alloc_ioctx_51042 ++i915_gem_object_get_pages_phys_51042 i915_gem_object_get_pages_phys 0 51042 &srpt_alloc_ioctx_51042 nohasharray ++req_run_51042 req_run 0 51042 &i915_gem_object_get_pages_phys_51042 +store_detach_51045 store_detach 0-4 51045 NULL +show_51050 show 0 51050 NULL nohasharray +carl9170_mac_reset_51050 carl9170_mac_reset 0 51050 &show_51050 @@ -148278,6 +149124,7 @@ index 0000000..89e8e68 +nilfs_checkpoints_next_checkpoint_show_51093 nilfs_checkpoints_next_checkpoint_show 0 51093 NULL +solo_enc_v4l2_init_51094 solo_enc_v4l2_init 2 51094 NULL +__ocfs2_find_path_51096 __ocfs2_find_path 0 51096 NULL ++hci_req_run_skb_51098 hci_req_run_skb 0 51098 NULL +ath10k_vdev_start_51101 ath10k_vdev_start 0 51101 NULL +target_stat_scsi_auth_intr_show_attr_att_count_51106 target_stat_scsi_auth_intr_show_attr_att_count 0 51106 NULL +ti_recv_51110 ti_recv 3 51110 NULL nohasharray @@ -148493,6 +149340,7 @@ index 0000000..89e8e68 +tx_sg_51567 tx_sg 0 51567 NULL +batadv_tt_prepare_tvlv_local_data_51568 batadv_tt_prepare_tvlv_local_data 0 51568 NULL +netlink_broadcast_51573 netlink_broadcast 0 51573 NULL ++bt_sock_stream_recvmsg_51582 bt_sock_stream_recvmsg 3 51582 NULL +mlx4_en_vlan_rx_add_vid_51584 mlx4_en_vlan_rx_add_vid 0 51584 NULL +eeprom_93xx46_store_erase_51585 eeprom_93xx46_store_erase 0-4 51585 NULL +ixgb_get_eeprom_len_51586 ixgb_get_eeprom_len 0 51586 NULL @@ -148697,6 +149545,7 @@ index 0000000..89e8e68 +iscsi_stat_logout_attr_show_52087 iscsi_stat_logout_attr_show 0 52087 &amd_ec_read_52087 +nsm_get_handle_52089 nsm_get_handle 4 52089 NULL nohasharray +rt2x00debug_read_rf_52089 rt2x00debug_read_rf 0-3 52089 &nsm_get_handle_52089 ++udp_recvmsg_52094 udp_recvmsg 3 52094 NULL +affs_do_readpage_ofs_52095 affs_do_readpage_ofs 0 52095 NULL +ulist_add_merge_52096 ulist_add_merge 0 52096 NULL +mtrr_save_52097 mtrr_save 0 52097 NULL @@ -148850,7 +149699,8 @@ index 0000000..89e8e68 +snd_rme96_capture_prepare_52380 snd_rme96_capture_prepare 0 52380 NULL +iwl_nvm_init_52382 iwl_nvm_init 0 52382 NULL +isdn_writebuf_stub_52383 isdn_writebuf_stub 4-0 52383 NULL -+task_has_security_52386 task_has_security 0 52386 NULL ++task_has_security_52386 task_has_security 0 52386 NULL nohasharray ++nct7904_write_reg_52386 nct7904_write_reg 0 52386 &task_has_security_52386 +jfs_setxattr_52389 jfs_setxattr 4-0 52389 NULL +input_print_modalias_bits_52395 input_print_modalias_bits 0 52395 NULL +svc_partial_recvfrom_52396 svc_partial_recvfrom 4 52396 NULL @@ -148890,6 +149740,7 @@ index 0000000..89e8e68 +show_id_ext_52472 show_id_ext 0 52472 NULL +cifs_readpage_worker_52477 cifs_readpage_worker 0 52477 NULL nohasharray +ieee80211_alloc_txb_52477 ieee80211_alloc_txb 2-1 52477 &cifs_readpage_worker_52477 ++tipc_sendmsg_52481 tipc_sendmsg 3 52481 NULL +ocfs2_extend_no_holes_52483 ocfs2_extend_no_holes 0 52483 NULL +pch_i2c_wait_for_check_xfer_52485 pch_i2c_wait_for_check_xfer 0 52485 NULL nohasharray +snd_hda_gen_build_controls_52485 snd_hda_gen_build_controls 0 52485 &pch_i2c_wait_for_check_xfer_52485 @@ -149075,6 +149926,7 @@ index 0000000..89e8e68 +set_reset_mode_52952 set_reset_mode 0 52952 &twl4030_madc_set_irq_52952 +dev_bus_rescan_store_52953 dev_bus_rescan_store 0-4 52953 NULL +adv7170_write_52956 adv7170_write 0 52956 NULL ++cma_alloc_mem_52959 cma_alloc_mem 2 52959 NULL +tpacpi_driver_wwan_emulstate_store_52960 tpacpi_driver_wwan_emulstate_store 0-3 52960 NULL +ieee80211_if_fmt_fwded_mcast_52961 ieee80211_if_fmt_fwded_mcast 3 52961 NULL +hx8357_spi_write_then_read_52964 hx8357_spi_write_then_read 3 52964 NULL @@ -149175,6 +150027,7 @@ index 0000000..89e8e68 +C_SYSC_io_getevents_53191 C_SYSC_io_getevents 3 53191 NULL +ti_write_room_53194 ti_write_room 0 53194 NULL +xfs_btree_updkey_53195 xfs_btree_updkey 0 53195 NULL ++dax_io_53196 dax_io 4-3 53196 NULL +hackrf_alloc_urbs_53198 hackrf_alloc_urbs 0 53198 NULL +SyS_init_module_53202 SyS_init_module 2 53202 NULL +toss_secs_write_53205 toss_secs_write 3-0 53205 NULL @@ -149200,6 +150053,7 @@ index 0000000..89e8e68 +smack_sb_statfs_53255 smack_sb_statfs 0 53255 NULL +xfs_trans_read_buf_map_53258 xfs_trans_read_buf_map 5-0 53258 NULL nohasharray +target_core_dev_wwn_store_attr_vpd_protocol_identifier_53258 target_core_dev_wwn_store_attr_vpd_protocol_identifier 0-3 53258 &xfs_trans_read_buf_map_53258 ++bcmgenet_alloc_rx_buffers_53259 bcmgenet_alloc_rx_buffers 0 53259 NULL +ipr_change_queue_depth_53263 ipr_change_queue_depth 2-0 53263 NULL nohasharray +ip6_tnl_dev_init_gen_53263 ip6_tnl_dev_init_gen 0 53263 &ipr_change_queue_depth_53263 +picolcd_operation_mode_store_53264 picolcd_operation_mode_store 0-4 53264 NULL @@ -149221,6 +150075,7 @@ index 0000000..89e8e68 +dev_debug_store_53301 dev_debug_store 0-4 53301 NULL +isku_sysfs_write_key_mask_53305 isku_sysfs_write_key_mask 6-0-5 53305 NULL nohasharray +wishbone_serial_open_53305 wishbone_serial_open 0 53305 &isku_sysfs_write_key_mask_53305 ++x25_sendmsg_53311 x25_sendmsg 3 53311 NULL +dib7090p_rw_on_apb_53315 dib7090p_rw_on_apb 0-3 53315 NULL +batadv_interface_rx_53325 batadv_interface_rx 4 53325 NULL +usb_rapid_charge_show_53327 usb_rapid_charge_show 0 53327 NULL nohasharray @@ -149372,7 +150227,8 @@ index 0000000..89e8e68 +powr1220_show_voltage_53637 powr1220_show_voltage 0 53637 NULL nohasharray +iwl_set_mode_53637 iwl_set_mode 0 53637 &powr1220_show_voltage_53637 +si_fan_ctrl_set_fan_speed_percent_53640 si_fan_ctrl_set_fan_speed_percent 0 53640 NULL -+nr_sendmsg_53656 nr_sendmsg 4-0 53656 NULL ++nr_sendmsg_53656 nr_sendmsg 4-0 53656 NULL nohasharray ++pn_sendmsg_53656 pn_sendmsg 3 53656 &nr_sendmsg_53656 +allocate_page_53658 allocate_page 0 53658 NULL nohasharray +__bitmap_parse_53658 __bitmap_parse 0 53658 &allocate_page_53658 +__nfs4_proc_set_acl_53665 __nfs4_proc_set_acl 0 53665 NULL @@ -149428,6 +150284,7 @@ index 0000000..89e8e68 +nes_show_ee_cmd_53765 nes_show_ee_cmd 0 53765 NULL nohasharray +smo8800_misc_read_53765 smo8800_misc_read 0-3 53765 &nes_show_ee_cmd_53765 +store_53768 store 0-3 53768 NULL ++i915_gem_execbuffer_parse_53770 i915_gem_execbuffer_parse 5-6 53770 NULL +ext4_walk_page_buffers_53771 ext4_walk_page_buffers 0 53771 NULL +ext2_acl_count_53773 ext2_acl_count 0-1 53773 NULL +radeon_show_edid1_53782 radeon_show_edid1 6-0-5 53782 NULL @@ -149559,6 +150416,7 @@ index 0000000..89e8e68 +show_in_beep_54074 show_in_beep 0 54074 NULL +ext3_xattr_security_get_54081 ext3_xattr_security_get 0 54081 NULL +cachefiles_daemon_range_error_54092 cachefiles_daemon_range_error 0 54092 NULL ++bitmap_bitremap_54096 bitmap_bitremap 4 54096 NULL +remove_id_store_54097 remove_id_store 0-3 54097 NULL +snd_cs5535audio_trigger_54101 snd_cs5535audio_trigger 0 54101 NULL +altera_set_ir_pre_54103 altera_set_ir_pre 2 54103 NULL nohasharray @@ -149650,6 +150508,7 @@ index 0000000..89e8e68 +get_temp_alarm_54267 get_temp_alarm 0 54267 NULL +mwifiex_getlog_read_54269 mwifiex_getlog_read 3-0 54269 NULL +kstrtou16_from_user_54274 kstrtou16_from_user 2 54274 NULL ++snd_hda_query_supported_pcm_54275 snd_hda_query_supported_pcm 0 54275 NULL +sizeof_long_54276 sizeof_long 0 54276 NULL +ubi_calc_data_len_54279 ubi_calc_data_len 0-3 54279 NULL nohasharray +bond_option_tlb_dynamic_lb_set_54279 bond_option_tlb_dynamic_lb_set 0 54279 &ubi_calc_data_len_54279 @@ -149707,7 +150566,8 @@ index 0000000..89e8e68 +o2nm_cluster_attr_idle_timeout_ms_read_54400 o2nm_cluster_attr_idle_timeout_ms_read 0 54400 NULL nohasharray +set_gss_proxy_54400 set_gss_proxy 0 54400 &o2nm_cluster_attr_idle_timeout_ms_read_54400 +snd_pcm_add_chmap_ctls_54404 snd_pcm_add_chmap_ctls 0 54404 NULL -+efx_nic_describe_stats_54407 efx_nic_describe_stats 0 54407 NULL ++efx_nic_describe_stats_54407 efx_nic_describe_stats 0-2 54407 NULL ++vmbus_sendpacket_ctl_54410 vmbus_sendpacket_ctl 0 54410 NULL +__iscsi_disc_show_authenticate_target_54411 __iscsi_disc_show_authenticate_target 0 54411 NULL +iio_trigger_register_54412 iio_trigger_register 0 54412 NULL +ath10k_install_peer_wep_keys_54414 ath10k_install_peer_wep_keys 0 54414 NULL @@ -149781,6 +150641,7 @@ index 0000000..89e8e68 +s5k83a_set_brightness_54578 s5k83a_set_brightness 0 54578 NULL +rds_getname_54579 rds_getname 0 54579 NULL +fw_iso_buffer_init_54582 fw_iso_buffer_init 3 54582 NULL ++pfkey_recvmsg_54588 pfkey_recvmsg 3 54588 NULL +xfrm_polexpire_msgsize_54589 xfrm_polexpire_msgsize 0 54589 NULL +sync_callback_54596 sync_callback 0 54596 NULL +authorized_default_show_54600 authorized_default_show 0 54600 NULL nohasharray @@ -149842,6 +150703,7 @@ index 0000000..89e8e68 +platform_get_irq_byname_54700 platform_get_irq_byname 0 54700 NULL +smack_task_setscheduler_54707 smack_task_setscheduler 0 54707 NULL +rfkill_fop_read_54711 rfkill_fop_read 3-0 54711 NULL ++wmi_echo_54712 wmi_echo 0 54712 NULL +hpet_read_54717 hpet_read 0-3 54717 NULL nohasharray +iio_trigger_write_current_54717 iio_trigger_write_current 0-4 54717 &hpet_read_54717 +_add_sg_continuation_descriptor_54721 _add_sg_continuation_descriptor 3 54721 NULL nohasharray @@ -149912,6 +150774,7 @@ index 0000000..89e8e68 +nvkm_bar_create__54867 nvkm_bar_create_ 4 54867 NULL nohasharray +cpuset_track_online_nodes_54867 cpuset_track_online_nodes 0 54867 &nvkm_bar_create__54867 +show_learning_54874 show_learning 0 54874 NULL ++xfs_vm_direct_IO_54876 xfs_vm_direct_IO 3 54876 NULL +time_show_54879 time_show 0 54879 NULL nohasharray +xfs_alloc_read_agfl_54879 xfs_alloc_read_agfl 0 54879 &time_show_54879 +mlx4_en_tunnel_steer_add_54880 mlx4_en_tunnel_steer_add 0 54880 NULL @@ -149969,7 +150832,8 @@ index 0000000..89e8e68 +dev_exception_add_54979 dev_exception_add 0 54979 &ubi_change_vtbl_record_54979 +virtual_gb_show_54981 virtual_gb_show 0 54981 NULL +_queue_data_54983 _queue_data 4 54983 NULL -+cachefiles_daemon_inuse_54984 cachefiles_daemon_inuse 0 54984 NULL ++cachefiles_daemon_inuse_54984 cachefiles_daemon_inuse 0 54984 NULL nohasharray ++dev_queue_xmit_sk_54984 dev_queue_xmit_sk 0 54984 &cachefiles_daemon_inuse_54984 +net2280_start_54985 net2280_start 0 54985 NULL +ext3_xattr_get_54989 ext3_xattr_get 0 54989 NULL nohasharray +padlock_sha256_init_nano_54989 padlock_sha256_init_nano 0 54989 &ext3_xattr_get_54989 @@ -149982,6 +150846,7 @@ index 0000000..89e8e68 +cx231xx_v4l2_read_55014 cx231xx_v4l2_read 3-0 55014 NULL +ipvlan_vlan_rx_add_vid_55020 ipvlan_vlan_rx_add_vid 0 55020 NULL +driver_pin_configs_show_55022 driver_pin_configs_show 0 55022 NULL ++nfs_post_op_update_inode_55023 nfs_post_op_update_inode 0 55023 NULL +error_error_null_Frame_tx_start_read_55024 error_error_null_Frame_tx_start_read 3-0 55024 NULL +firmware_loading_store_55029 firmware_loading_store 0-4 55029 NULL +ubifs_read_node_wbuf_55034 ubifs_read_node_wbuf 0 55034 NULL @@ -149998,7 +150863,8 @@ index 0000000..89e8e68 +lanai_setup_tx_vci_55074 lanai_setup_tx_vci 0 55074 &iscsi_stat_tgt_attr_show_attr_inst_55074 +apei_exec_run_55075 apei_exec_run 0 55075 NULL +bitmap_storage_alloc_55077 bitmap_storage_alloc 2-0 55077 NULL -+fuse_read_interrupt_55081 fuse_read_interrupt 0 55081 NULL ++fuse_read_interrupt_55081 fuse_read_interrupt 0 55081 NULL nohasharray ++ath9k_hw_read_array_55081 ath9k_hw_read_array 3 55081 &fuse_read_interrupt_55081 +acq_write_55082 acq_write 0-3 55082 NULL nohasharray +cdc_mbim_rx_add_vid_55082 cdc_mbim_rx_add_vid 0 55082 &acq_write_55082 +lnc_add_55085 lnc_add 0 55085 NULL @@ -150095,6 +150961,7 @@ index 0000000..89e8e68 +gpio_trig_gpio_show_55336 gpio_trig_gpio_show 0 55336 NULL +reg_read_55337 reg_read 0 55337 NULL +vme_user_read_55338 vme_user_read 3 55338 NULL ++__set_pwm_55339 __set_pwm 0 55339 NULL +read_byte_55340 read_byte 0 55340 NULL +__wa_xfer_setup_sizes_55342 __wa_xfer_setup_sizes 0 55342 NULL +SYSC_recvfrom_55346 SYSC_recvfrom 3 55346 NULL @@ -150189,6 +151056,7 @@ index 0000000..89e8e68 +unmerge_and_remove_all_rmap_items_55557 unmerge_and_remove_all_rmap_items 0 55557 NULL +show_55563 show 0 55563 NULL +rpc_pipe_read_55564 rpc_pipe_read 0-3 55564 NULL ++snd_find_free_minor_55567 snd_find_free_minor 0 55567 NULL +show_ipv6_iface_link_local_addr_55568 show_ipv6_iface_link_local_addr 0 55568 NULL +sidtab_context_to_sid_55570 sidtab_context_to_sid 0 55570 NULL nohasharray +patch_vt1708_55570 patch_vt1708 0 55570 &sidtab_context_to_sid_55570 @@ -150197,6 +151065,7 @@ index 0000000..89e8e68 +edt_ft5x06_register_read_55576 edt_ft5x06_register_read 0 55576 NULL +compat_SyS_setsockopt_55581 compat_SyS_setsockopt 5 55581 NULL +add_partition_55588 add_partition 2 55588 NULL ++mgmt_cmd_complete_55590 mgmt_cmd_complete 6 55590 NULL +write_inode_55592 write_inode 0 55592 NULL +ufx_reg_write_55594 ufx_reg_write 0 55594 NULL +ip_vs_reply6_55598 ip_vs_reply6 0 55598 NULL @@ -150410,6 +151279,7 @@ index 0000000..89e8e68 +wdt_restart_handle_56057 wdt_restart_handle 0 56057 &mwifiex_wait_queue_complete_56057 +dccp_sendmsg_56058 dccp_sendmsg 4-0 56058 NULL +pm80x_rtc_read_time_56065 pm80x_rtc_read_time 0 56065 NULL ++quirk_strict_duplicate_filter_read_56073 quirk_strict_duplicate_filter_read 3 56073 NULL +show_fc_rport_scsi_target_id_56077 show_fc_rport_scsi_target_id 0 56077 NULL nohasharray +qp_dequeue_locked_56077 qp_dequeue_locked 0-5-3 56077 &show_fc_rport_scsi_target_id_56077 +nilfs_segctor_create_checkpoint_56078 nilfs_segctor_create_checkpoint 0 56078 NULL @@ -150511,6 +151381,7 @@ index 0000000..89e8e68 +journal_init_revoke_table_56331 journal_init_revoke_table 1 56331 NULL +axnet_suspend_56334 axnet_suspend 0 56334 NULL +snd_rawmidi_read_56337 snd_rawmidi_read 3-0 56337 NULL ++f81232_port_enable_56338 f81232_port_enable 0 56338 NULL +show_fcoe_ctlr_device_fcf_dev_loss_tmo_56343 show_fcoe_ctlr_device_fcf_dev_loss_tmo 0 56343 NULL +show_line2_56346 show_line2 0 56346 NULL +read_human_status_56349 read_human_status 0 56349 NULL @@ -150619,6 +151490,7 @@ index 0000000..89e8e68 +tcp_cwnd_test_56547 tcp_cwnd_test 0 56547 NULL nohasharray +megasas_sysfs_show_version_56547 megasas_sysfs_show_version 0 56547 &tcp_cwnd_test_56547 +ip_vs_prepare_tunneled_skb_56550 ip_vs_prepare_tunneled_skb 3 56550 NULL ++br_get_num_vlan_infos_56557 br_get_num_vlan_infos 0 56557 NULL +vim2m_start_streaming_56558 vim2m_start_streaming 0 56558 NULL nohasharray +xs_watch_56558 xs_watch 0 56558 &vim2m_start_streaming_56558 nohasharray +mmc_blk_probe_56558 mmc_blk_probe 0 56558 &xs_watch_56558 @@ -150753,8 +151625,10 @@ index 0000000..89e8e68 +max197_show_range_56863 max197_show_range 0 56863 &gk20a_ram_get_56863 nohasharray +target_stat_scsi_auth_intr_show_attr_inst_56863 target_stat_scsi_auth_intr_show_attr_inst 0 56863 &max197_show_range_56863 nohasharray +dlfb_setup_modes_56863 dlfb_setup_modes 0 56863 &target_stat_scsi_auth_intr_show_attr_inst_56863 -+check_export_56865 check_export 0 56865 NULL -+store_sched7_56868 store_sched7 0-4 56868 NULL ++check_export_56865 check_export 0 56865 NULL nohasharray ++btrfs_direct_IO_56865 btrfs_direct_IO 3 56865 &check_export_56865 ++store_sched7_56868 store_sched7 0-4 56868 NULL nohasharray ++hci_mgmt_cmd_56868 hci_mgmt_cmd 4 56868 &store_sched7_56868 +mwl8k_cmd_get_stat_56876 mwl8k_cmd_get_stat 0 56876 NULL +ims_pcu_ofn_bit_store_56878 ims_pcu_ofn_bit_store 0-4 56878 NULL +ext3_xattr_ibody_get_56880 ext3_xattr_ibody_get 0 56880 NULL @@ -150928,7 +151802,8 @@ index 0000000..89e8e68 +load_data_57279 load_data 0-3 57279 &crc32c_intel_final_57279 +mc44s803_set_params_57281 mc44s803_set_params 0 57281 NULL +lbs_sleepparams_write_57283 lbs_sleepparams_write 3-0 57283 NULL nohasharray -+read_iter_57283 read_iter 0 57283 &lbs_sleepparams_write_57283 ++read_iter_57283 read_iter 0 57283 &lbs_sleepparams_write_57283 nohasharray ++hid_sensor_capture_sample_57283 hid_sensor_capture_sample 3 57283 &read_iter_57283 +infos_show_57284 infos_show 0 57284 NULL +store_tolerance_57285 store_tolerance 0-4 57285 NULL +ath6kl_wmi_cmd_send_57286 ath6kl_wmi_cmd_send 0 57286 NULL @@ -150996,6 +151871,7 @@ index 0000000..89e8e68 +fscaps_show_57434 fscaps_show 0 57434 NULL nohasharray +fuse_notify_inval_inode_57434 fuse_notify_inval_inode 0 57434 &fscaps_show_57434 +gadget_dev_desc_bDeviceSubClass_store_57437 gadget_dev_desc_bDeviceSubClass_store 0-3 57437 NULL ++ping_v6_sendmsg_57440 ping_v6_sendmsg 3 57440 NULL +rss_key_write_57441 rss_key_write 3-0 57441 NULL +vmxnet3_rq_init_all_57442 vmxnet3_rq_init_all 0 57442 NULL +ov7670_s_gain_57445 ov7670_s_gain 0 57445 NULL @@ -151102,6 +151978,7 @@ index 0000000..89e8e68 +qlcnic_get_pci_func_type_57685 qlcnic_get_pci_func_type 0 57685 NULL +show_pwm_auto_vrdhot_ramp_57686 show_pwm_auto_vrdhot_ramp 0 57686 NULL +rt2x00debug_read_eeprom_57690 rt2x00debug_read_eeprom 0-3 57690 NULL ++skcipher_all_sg_nents_57692 skcipher_all_sg_nents 0 57692 NULL +f1x_match_to_this_node_57695 f1x_match_to_this_node 3 57695 NULL nohasharray +i40evf_open_57695 i40evf_open 0 57695 &f1x_match_to_this_node_57695 +ks8842_set_mac_57697 ks8842_set_mac 0 57697 NULL @@ -151226,6 +152103,7 @@ index 0000000..89e8e68 +rt2500usb_get_tx_data_len_57994 rt2500usb_get_tx_data_len 0 57994 NULL +lmLogShutdown_57995 lmLogShutdown 0 57995 NULL +lua_sysfs_write_control_57996 lua_sysfs_write_control 0-6-5 57996 NULL ++usb_dmac_prep_slave_sg_58000 usb_dmac_prep_slave_sg 3 58000 NULL +rx_reset_counter_read_58001 rx_reset_counter_read 3-0 58001 NULL nohasharray +btree_csum_one_bio_58001 btree_csum_one_bio 0 58001 &rx_reset_counter_read_58001 +pfkey_create_58010 pfkey_create 0 58010 NULL @@ -151483,6 +152361,7 @@ index 0000000..89e8e68 +rndis_add_response_58544 rndis_add_response 2 58544 NULL nohasharray +xfs_attr3_leaf_to_node_58544 xfs_attr3_leaf_to_node 0 58544 &rndis_add_response_58544 +mac80211_hwsim_get_et_sset_count_58547 mac80211_hwsim_get_et_sset_count 0 58547 NULL ++llcp_sock_sendmsg_58556 llcp_sock_sendmsg 3 58556 NULL +twl4030_madc_read_channels_58559 twl4030_madc_read_channels 0 58559 NULL +ath10k_debug_htt_stats_req_58561 ath10k_debug_htt_stats_req 0 58561 NULL +wep_decrypt_fail_read_58567 wep_decrypt_fail_read 3-0 58567 NULL @@ -151537,7 +152416,8 @@ index 0000000..89e8e68 +uwb_bce_print_IEs_58686 uwb_bce_print_IEs 4-0 58686 NULL +tps6586x_writes_58689 tps6586x_writes 2-3-0 58689 NULL +nfs_scan_commit_58690 nfs_scan_commit 0 58690 NULL -+nilfs_segbuf_submit_bh_58691 nilfs_segbuf_submit_bh 0 58691 NULL ++nilfs_segbuf_submit_bh_58691 nilfs_segbuf_submit_bh 0 58691 NULL nohasharray ++snd_hda_gen_fix_pin_power_58691 snd_hda_gen_fix_pin_power 0 58691 &nilfs_segbuf_submit_bh_58691 +tpm_show_ppi_version_58692 tpm_show_ppi_version 0 58692 NULL +tcm_loop_tpg_store_transport_status_58695 tcm_loop_tpg_store_transport_status 0-3 58695 NULL +regulator_min_uA_show_58696 regulator_min_uA_show 0 58696 NULL @@ -151579,6 +152459,7 @@ index 0000000..89e8e68 +ecryptfs_derive_iv_58784 ecryptfs_derive_iv 0 58784 NULL +cyapa_gen5_calibrate_pwcs_58789 cyapa_gen5_calibrate_pwcs 0 58789 NULL +show_58791 show 0 58791 NULL ++ipx_sendmsg_58794 ipx_sendmsg 3 58794 NULL +regmap_calc_reg_len_58795 regmap_calc_reg_len 0 58795 NULL +smack_inode_setxattr_58801 smack_inode_setxattr 0 58801 NULL +dlm_lock_58802 dlm_lock 0 58802 NULL nohasharray @@ -151592,7 +152473,8 @@ index 0000000..89e8e68 +usbhsg_ep_enable_58825 usbhsg_ep_enable 0 58825 NULL +tnc_read_node_nm_58830 tnc_read_node_nm 0 58830 NULL +pm8001_chip_ssp_io_req_58831 pm8001_chip_ssp_io_req 0 58831 NULL -+ssp_disable_sensor_58838 ssp_disable_sensor 0 58838 NULL ++ssp_disable_sensor_58838 ssp_disable_sensor 0 58838 NULL nohasharray ++pppol2tp_recvmsg_58838 pppol2tp_recvmsg 3 58838 &ssp_disable_sensor_58838 +command_write_58841 command_write 3-0 58841 NULL nohasharray +diolan_i2c_start_58841 diolan_i2c_start 0 58841 &command_write_58841 +vendor_show_58845 vendor_show 0 58845 NULL nohasharray @@ -152282,6 +153164,7 @@ index 0000000..89e8e68 +parse_output_paths_60438 parse_output_paths 0 60438 NULL +show_carrier_60439 show_carrier 0 60439 NULL nohasharray +elan_i2c_iap_get_mode_60439 elan_i2c_iap_get_mode 0 60439 &show_carrier_60439 ++tipc_recv_stream_60440 tipc_recv_stream 3 60440 NULL +rx_data_60442 rx_data 4 60442 NULL nohasharray +sysv_write_begin_60442 sysv_write_begin 0 60442 &rx_data_60442 +t4_wait_op_done_60444 t4_wait_op_done 0 60444 NULL nohasharray @@ -152470,9 +153353,11 @@ index 0000000..89e8e68 +nvif_object_init_60848 nvif_object_init 6 60848 NULL +pwr_tx_with_ps_read_60851 pwr_tx_with_ps_read 3-0 60851 NULL +show_hardware_version_60852 show_hardware_version 0 60852 NULL -+show_shost_supported_mode_60854 show_shost_supported_mode 0 60854 NULL ++show_shost_supported_mode_60854 show_shost_supported_mode 0 60854 NULL nohasharray ++l2cap_sock_recvmsg_60854 l2cap_sock_recvmsg 3 60854 &show_shost_supported_mode_60854 +htc_issue_send_60856 htc_issue_send 0 60856 NULL +usb_bulk_msg_60861 usb_bulk_msg 0 60861 NULL ++hsu_dma_alloc_desc_60863 hsu_dma_alloc_desc 1 60863 NULL +alloc_buf_60864 alloc_buf 3-2 60864 NULL +generic_writepages_60871 generic_writepages 0 60871 NULL +show_fc_vport_vport_last_state_60872 show_fc_vport_vport_last_state 0 60872 NULL @@ -152488,7 +153373,8 @@ index 0000000..89e8e68 +ch341_configure_60897 ch341_configure 0 60897 NULL +w1_master_attribute_show_timeout_60898 w1_master_attribute_show_timeout 0 60898 NULL +pnp_assign_irq_60906 pnp_assign_irq 0 60906 NULL -+ceph_sync_direct_write_60907 ceph_sync_direct_write 0 60907 NULL ++ceph_sync_direct_write_60907 ceph_sync_direct_write 0 60907 NULL nohasharray ++hugetlbfs_read_actor_60907 hugetlbfs_read_actor 0-4-2 60907 &ceph_sync_direct_write_60907 +iio_debugfs_read_reg_60908 iio_debugfs_read_reg 3-0 60908 NULL nohasharray +hfs_writepage_60908 hfs_writepage 0 60908 &iio_debugfs_read_reg_60908 +dg_dispatch_as_host_60909 dg_dispatch_as_host 0 60909 NULL @@ -152638,7 +153524,8 @@ index 0000000..89e8e68 +squashfs_read_metadata_61251 squashfs_read_metadata 0-5 61251 NULL +efi_status_to_err_61254 efi_status_to_err 0 61254 NULL +snd_ca0106_pcm_prepare_capture_61260 snd_ca0106_pcm_prepare_capture 0 61260 NULL -+v9fs_mmap_file_read_61262 v9fs_mmap_file_read 3-0 61262 NULL ++v9fs_mmap_file_read_61262 v9fs_mmap_file_read 3-0 61262 NULL nohasharray ++jfs_direct_IO_61262 jfs_direct_IO 3 61262 &v9fs_mmap_file_read_61262 +submit_bh_61263 submit_bh 0 61263 NULL +attr_sensitivity_show_tpkbd_61269 attr_sensitivity_show_tpkbd 0 61269 NULL nohasharray +t3_sge_init_ecntxt_61269 t3_sge_init_ecntxt 0 61269 &attr_sensitivity_show_tpkbd_61269 @@ -152870,7 +153757,8 @@ index 0000000..89e8e68 +kone_sysfs_show_actual_dpi_61804 kone_sysfs_show_actual_dpi 0 61804 NULL +show_blank_61805 show_blank 0 61805 NULL +mls_compute_context_len_61812 mls_compute_context_len 0 61812 NULL nohasharray -+pch_gbe_setup_rx_resources_61812 pch_gbe_setup_rx_resources 0 61812 &mls_compute_context_len_61812 ++pch_gbe_setup_rx_resources_61812 pch_gbe_setup_rx_resources 0 61812 &mls_compute_context_len_61812 nohasharray ++udp_sendmsg_61812 udp_sendmsg 3 61812 &pch_gbe_setup_rx_resources_61812 +cifs_server_get_key_61813 cifs_server_get_key 0 61813 NULL +show_pwm_ast_61818 show_pwm_ast 0 61818 NULL +get_cap_size_61822 get_cap_size 0 61822 NULL @@ -152910,6 +153798,7 @@ index 0000000..89e8e68 +br_get_size_61907 br_get_size 0 61907 NULL +rx_filter_arp_filter_read_61914 rx_filter_arp_filter_read 3-0 61914 NULL nohasharray +squashfs_security_get_61914 squashfs_security_get 0 61914 &rx_filter_arp_filter_read_61914 ++irda_sendmsg_61916 irda_sendmsg 3 61916 NULL +au0828_init_isoc_61917 au0828_init_isoc 3-2-4-0 61917 NULL +sctp_sendmsg_61919 sctp_sendmsg 4-0 61919 NULL +csrow_ce_count_show_61921 csrow_ce_count_show 0 61921 NULL nohasharray @@ -153057,6 +153946,7 @@ index 0000000..89e8e68 +pptp_outbound_pkt_62269 pptp_outbound_pkt 0 62269 NULL +chunk_size_store_62271 chunk_size_store 0-3 62271 NULL +security_file_permission_62278 security_file_permission 0 62278 NULL ++get_random_int_62279 get_random_int 0 62279 NULL +pcxhr_prepare_62280 pcxhr_prepare 0 62280 NULL nohasharray +tcm_qla2xxx_tpg_attrib_show_generate_node_acls_62280 tcm_qla2xxx_tpg_attrib_show_generate_node_acls 0 62280 &pcxhr_prepare_62280 +dccp_init_sock_62281 dccp_init_sock 0 62281 NULL @@ -153240,6 +154130,7 @@ index 0000000..89e8e68 +flush_62706 flush 0 62706 NULL +bioset_integrity_create_62708 bioset_integrity_create 2 62708 NULL nohasharray +target_stat_scsi_tgt_dev_attr_show_62708 target_stat_scsi_tgt_dev_attr_show 0 62708 &bioset_integrity_create_62708 ++netlink_recvmsg_62712 netlink_recvmsg 3 62712 NULL +target_configure_device_62714 target_configure_device 0 62714 NULL +gfs2_log_write_62717 gfs2_log_write 3 62717 NULL nohasharray +ubifs_getxattr_62717 ubifs_getxattr 0 62717 &gfs2_log_write_62717 @@ -153287,6 +154178,7 @@ index 0000000..89e8e68 +fsa9480_get_switch_62799 fsa9480_get_switch 0 62799 NULL +show_cam_size_62800 show_cam_size 0 62800 NULL +ad9523_store_62804 ad9523_store 0-4 62804 NULL ++quirk_simultaneous_discovery_write_62807 quirk_simultaneous_discovery_write 3 62807 NULL +da9052_read_chg_current_62811 da9052_read_chg_current 0 62811 NULL nohasharray +pcap_regulator_is_enabled_62811 pcap_regulator_is_enabled 0 62811 &da9052_read_chg_current_62811 nohasharray +set_port0_62811 set_port0 0-4 62811 &pcap_regulator_is_enabled_62811 @@ -153387,7 +154279,8 @@ index 0000000..89e8e68 +show_pwmfreq_63024 show_pwmfreq 0 63024 NULL +kstrtoull_from_user_63026 kstrtoull_from_user 2 63026 NULL nohasharray +xfs_trans_reserve_63026 xfs_trans_reserve 0 63026 &kstrtoull_from_user_63026 -+nfs_revalidate_inode_63032 nfs_revalidate_inode 0 63032 NULL ++nfs_revalidate_inode_63032 nfs_revalidate_inode 0 63032 NULL nohasharray ++_save_mc_63032 _save_mc 0-3 63032 &nfs_revalidate_inode_63032 +__vb2_perform_fileio_63033 __vb2_perform_fileio 3-0 63033 NULL +solo_i2c_master_xfer_63036 solo_i2c_master_xfer 0-3 63036 NULL +pipeline_defrag_to_csum_swi_read_63037 pipeline_defrag_to_csum_swi_read 3-0 63037 NULL @@ -153479,6 +154372,7 @@ index 0000000..89e8e68 +SyS_gethostname_63227 SyS_gethostname 2 63227 &nvkm_device_create__63227 +ttm_bo_global_show_63228 ttm_bo_global_show 0 63228 NULL +stk17ta8_rtc_set_alarm_63230 stk17ta8_rtc_set_alarm 0 63230 NULL ++ext2_direct_IO_63231 ext2_direct_IO 3 63231 NULL +ctxsize_63232 ctxsize 0 63232 NULL +module_alloc_update_bounds_rw_63233 module_alloc_update_bounds_rw 1 63233 NULL +mwl8k_cmd_get_hw_spec_ap_63234 mwl8k_cmd_get_hw_spec_ap 0 63234 NULL @@ -153490,6 +154384,7 @@ index 0000000..89e8e68 +do_convert_63247 do_convert 0 63247 NULL +setxattr_63249 setxattr 0 63249 NULL +ptp_read_63251 ptp_read 4-0 63251 NULL ++_iwl_dbgfs_rx_phyinfo_write_63254 _iwl_dbgfs_rx_phyinfo_write 3 63254 NULL +bond_option_arp_ip_targets_set_63257 bond_option_arp_ip_targets_set 0 63257 NULL +kmx61_set_power_state_63260 kmx61_set_power_state 0 63260 NULL +xfs_dir2_leaf_getdents_63262 xfs_dir2_leaf_getdents 3 63262 NULL @@ -153577,6 +154472,7 @@ index 0000000..89e8e68 +iwl_dbgfs_bcast_filters_read_63489 iwl_dbgfs_bcast_filters_read 3-0 63489 NULL +i2c_request_63490 i2c_request 0 63490 NULL +pm8001_ctl_max_out_io_show_63492 pm8001_ctl_max_out_io_show 0 63492 NULL ++dwapb_gpio_to_irq_63493 dwapb_gpio_to_irq 2 63493 NULL +show_crit_hyst_63497 show_crit_hyst 0 63497 NULL +module_attr_show_63501 module_attr_show 0 63501 NULL +snd_pcm_plug_write_transfer_63503 snd_pcm_plug_write_transfer 0-3 63503 NULL @@ -153771,7 +154667,8 @@ index 0000000..89e8e68 +set_bredr_63975 set_bredr 4 63975 &diva_xdi_write_63975 +msi001_set_tuner_63978 msi001_set_tuner 0 63978 NULL +genlmsg_new_unicast_63982 genlmsg_new_unicast 1 63982 NULL nohasharray -+set_mode_63982 set_mode 0-4 63982 &genlmsg_new_unicast_63982 ++set_mode_63982 set_mode 0-4 63982 &genlmsg_new_unicast_63982 nohasharray ++wil_rx_snaplen_63982 wil_rx_snaplen 0 63982 &set_mode_63982 +construct_key_and_link_63985 construct_key_and_link 3 63985 NULL +core_alua_store_offline_bit_63989 core_alua_store_offline_bit 0-3 63989 NULL +get_host_param_63991 get_host_param 0 63991 NULL nohasharray @@ -153866,7 +154763,8 @@ index 0000000..89e8e68 +ea_len_64229 ea_len 0 64229 NULL +header_len_64232 header_len 0 64232 NULL nohasharray +zd1201_set_mac_address_64232 zd1201_set_mac_address 0 64232 &header_len_64232 -+em28xx_i2c_xfer_64233 em28xx_i2c_xfer 0-3 64233 NULL ++em28xx_i2c_xfer_64233 em28xx_i2c_xfer 0-3 64233 NULL nohasharray ++rhashtable_insert_rehash_64233 rhashtable_insert_rehash 0 64233 &em28xx_i2c_xfer_64233 +vprbrd_i2c_status_64236 vprbrd_i2c_status 0 64236 NULL +xfrm_acquire_msgsize_64239 xfrm_acquire_msgsize 0 64239 NULL +brcmf_sdiod_send_buf_64245 brcmf_sdiod_send_buf 3 64245 NULL nohasharray @@ -153916,7 +154814,8 @@ index 0000000..89e8e68 +map_region_64328 map_region 1 64328 NULL +sisusbcon_clear_64329 sisusbcon_clear 5-3-4 64329 NULL +set_pwm_temp_map_64330 set_pwm_temp_map 0-4 64330 NULL -+ov9650_set_red_balance_64331 ov9650_set_red_balance 0 64331 NULL ++ov9650_set_red_balance_64331 ov9650_set_red_balance 0 64331 NULL nohasharray ++tipc_send_packet_64331 tipc_send_packet 3 64331 &ov9650_set_red_balance_64331 +ts_write_64336 ts_write 3-0 64336 NULL +qla8044_write_optrom_data_64338 qla8044_write_optrom_data 4 64338 NULL +usbtmc_write_64340 usbtmc_write 3-0 64340 NULL @@ -154038,6 +154937,7 @@ index 0000000..89e8e68 +kstrtoul_from_user_64569 kstrtoul_from_user 2-0 64569 NULL +osst_version_show_64570 osst_version_show 0 64570 NULL nohasharray +l2tp_ip6_disconnect_64570 l2tp_ip6_disconnect 0 64570 &osst_version_show_64570 ++blockdev_direct_IO_64571 blockdev_direct_IO 4 64571 NULL +do_erase_64574 do_erase 4 64574 NULL +__c2port_show_rev_id_64583 __c2port_show_rev_id 0 64583 NULL +snd_usb_init_sample_rate_64586 snd_usb_init_sample_rate 0 64586 NULL @@ -154091,6 +154991,7 @@ index 0000000..89e8e68 +regcache_flat_write_64702 regcache_flat_write 0 64702 NULL +show_temp_hyst_64705 show_temp_hyst 0 64705 NULL +_cx25821_start_audio_dma_64707 _cx25821_start_audio_dma 0 64707 NULL ++virtio_cread8_64708 virtio_cread8 0 64708 NULL +__feat_register_sp_64712 __feat_register_sp 6-0 64712 NULL +snd_pcm_oss_capture_position_fixup_64713 snd_pcm_oss_capture_position_fixup 0 64713 NULL nohasharray +show_in_input2_64713 show_in_input2 0 64713 &snd_pcm_oss_capture_position_fixup_64713 @@ -154208,6 +155109,7 @@ index 0000000..89e8e68 +core_alua_show_secondary_write_metadata_64979 core_alua_show_secondary_write_metadata 0 64979 NULL nohasharray +proc_sys_call_handler_64979 proc_sys_call_handler 0 64979 &core_alua_show_secondary_write_metadata_64979 +show_tcpRtoAlgorithm_64982 show_tcpRtoAlgorithm 0 64982 NULL ++l2tp_ip6_sendmsg_64989 l2tp_ip6_sendmsg 3 64989 NULL +i7core_inject_store_col_64991 i7core_inject_store_col 0-4 64991 NULL +sq905_command_64994 sq905_command 0 64994 NULL +pskb_pull_65005 pskb_pull 2 65005 NULL nohasharray @@ -154216,6 +155118,7 @@ index 0000000..89e8e68 +sh_mobile_ceu_videobuf_prepare_65016 sh_mobile_ceu_videobuf_prepare 0 65016 NULL +llc_ui_listen_65018 llc_ui_listen 0 65018 NULL +mag3110_show_samp_freq_avail_65028 mag3110_show_samp_freq_avail 0 65028 NULL ++test_ecdh_read_65032 test_ecdh_read 3 65032 NULL +insert_dent_65034 insert_dent 7 65034 NULL +root_id_show_65050 root_id_show 0 65050 NULL +keene_cmd_set_65052 keene_cmd_set 0 65052 NULL @@ -154229,7 +155132,7 @@ index 0000000..89e8e68 +pcibios_enable_device_65059 pcibios_enable_device 0 65059 &__erst_record_id_cache_add_one_65059 nohasharray +be_cmd_get_active_mac_65059 be_cmd_get_active_mac 0 65059 &pcibios_enable_device_65059 +fw_write_65069 fw_write 3 65069 NULL -+count_run_65072 count_run 0-4-5 65072 NULL nohasharray ++count_run_65072 count_run 0-4-5-2 65072 NULL nohasharray +bnx2fc_process_l2_frame_compl_65072 bnx2fc_process_l2_frame_compl 3 65072 &count_run_65072 +koneplus_sysfs_write_info_65073 koneplus_sysfs_write_info 0-6-5 65073 NULL +__alloc_bootmem_node_high_65076 __alloc_bootmem_node_high 2 65076 NULL nohasharray @@ -154328,6 +155231,7 @@ index 0000000..89e8e68 +ttm_mem_zone_show_65319 ttm_mem_zone_show 0 65319 NULL +write_acpi_int_65322 write_acpi_int 0 65322 NULL nohasharray +ivtv_start_decoding_65322 ivtv_start_decoding 0 65322 &write_acpi_int_65322 ++ocfs2_prepare_inode_for_write_65323 ocfs2_prepare_inode_for_write 0 65323 NULL +pci_vpd_find_tag_65325 pci_vpd_find_tag 0-2 65325 NULL +ds1685_rtc_sysfs_time_regs_show_65330 ds1685_rtc_sysfs_time_regs_show 0 65330 NULL +dccp_setsockopt_service_65336 dccp_setsockopt_service 4-0 65336 NULL @@ -154399,7 +155303,7 @@ index 0000000..89e8e68 +regmap_write_65478 regmap_write 0 65478 NULL +ath_rx_edma_init_65483 ath_rx_edma_init 2 65483 NULL nohasharray +activate_65483 activate 0 65483 &ath_rx_edma_init_65483 -+sock_recvmsg_nosec_65484 sock_recvmsg_nosec 3 65484 NULL ++sock_recvmsg_nosec_65484 sock_recvmsg_nosec 3-0 65484 NULL +ixgbevf_get_regs_len_65486 ixgbevf_get_regs_len 0 65486 NULL +show_temp3_beep_65487 show_temp3_beep 0 65487 NULL +dpcm_state_read_file_65489 dpcm_state_read_file 3-0 65489 NULL nohasharray @@ -154408,6 +155312,7 @@ index 0000000..89e8e68 +selnl_msglen_65499 selnl_msglen 0 65499 NULL +wm8350_rtc_setalarm_65501 wm8350_rtc_setalarm 0 65501 NULL +__xudc_ep_enable_65502 __xudc_ep_enable 0 65502 NULL ++ax25_recvmsg_65505 ax25_recvmsg 3 65505 NULL +dcdbas_smi_request_65515 dcdbas_smi_request 0 65515 NULL +tdfxfb_check_var_65516 tdfxfb_check_var 0 65516 NULL +cyapa_gen3_write_blocks_65517 cyapa_gen3_write_blocks 0 65517 NULL @@ -156492,10 +157397,10 @@ index 0000000..549decf +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c b/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c new file mode 100644 -index 0000000..c38a410 +index 0000000..c9d7068 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c -@@ -0,0 +1,962 @@ +@@ -0,0 +1,966 @@ +/* + * Copyright 2011-2015 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -156789,6 +157694,7 @@ index 0000000..c38a410 +static gphi *overflow_create_phi_node(struct visited *visited, gphi *oldstmt, tree result) +{ + basic_block bb; ++ gimple stmt; + gphi *phi; + gimple_seq seq; + gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); @@ -156802,7 +157708,8 @@ index 0000000..c38a410 + result = create_new_var(size_overflow_type); + } + -+ phi = create_phi_node(result, bb); ++ stmt = create_phi_node(result, bb); ++ phi = as_a_gphi(stmt); + gimple_phi_set_result(phi, make_ssa_name(result, phi)); + seq = phi_nodes(bb); + gsi = gsi_last(seq); @@ -156952,6 +157859,7 @@ index 0000000..c38a410 + +static void insert_cond_result(basic_block bb_true, const_gimple stmt, const_tree arg, bool min) +{ ++ gimple call_stmt; + gcall *func_stmt; + const_gimple def_stmt; + const_tree loc_line; @@ -156990,7 +157898,8 @@ index 0000000..c38a410 + ssa_name = create_string_param(ssa_name); + + // void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name) -+ func_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); ++ call_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); ++ func_stmt = as_a_gcall(call_stmt); + gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING); + + report_node = cgraph_get_create_node(report_size_overflow_decl); @@ -157460,10 +158369,10 @@ index 0000000..c38a410 +} diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c new file mode 100644 -index 0000000..1d296ce +index 0000000..155e2c5 --- /dev/null +++ b/tools/gcc/stackleak_plugin.c -@@ -0,0 +1,432 @@ +@@ -0,0 +1,436 @@ +/* + * Copyright 2011-2015 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -157503,6 +158412,7 @@ index 0000000..1d296ce + +static void stackleak_check_alloca(gimple_stmt_iterator *gsi) +{ ++ gimple stmt; + gcall *check_alloca; + tree alloca_size; + cgraph_node_ptr node; @@ -157511,7 +158421,8 @@ index 0000000..1d296ce + + // insert call to void pax_check_alloca(unsigned long size) + alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0); -+ check_alloca = gimple_build_call(check_function_decl, 1, alloca_size); ++ stmt = gimple_build_call(check_function_decl, 1, alloca_size); ++ check_alloca = as_a_gcall(stmt); + gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT); + + // update the cgraph @@ -157524,13 +158435,15 @@ index 0000000..1d296ce + +static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi) +{ ++ gimple stmt; + gcall *track_stack; + cgraph_node_ptr node; + int frequency; + basic_block bb; + + // insert call to void pax_track_stack(void) -+ track_stack = gimple_build_call(track_function_decl, 0); ++ stmt = gimple_build_call(track_function_decl, 0); ++ track_stack = as_a_gcall(stmt); + gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING); + + // update the cgraph @@ -158209,25 +159122,25 @@ index 88461f0..6fb70a0 100644 #endif /* _TOOLS_LINUX_COMPILER_H */ diff --git a/tools/lib/api/Makefile b/tools/lib/api/Makefile -index 36c08b1..87c72d1 100644 +index 8bd9606..abacd96 100644 --- a/tools/lib/api/Makefile +++ b/tools/lib/api/Makefile -@@ -21,7 +21,7 @@ LIB_OBJS += $(OUTPUT)fd/array.o +@@ -16,7 +16,7 @@ MAKEFLAGS += --no-print-directory + LIBFILE = $(OUTPUT)libapi.a - LIBFILE = libapikfs.a + CFLAGS := $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) +-CFLAGS += -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fPIC ++CFLAGS += -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) -fPIC + CFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 --CFLAGS = -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -D_FORTIFY_SOURCE=2 $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) -fPIC -+CFLAGS = -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) -fPIC - EXTLIBS = -lelf -lpthread -lrt -lm - ALL_CFLAGS = $(CFLAGS) $(BASIC_CFLAGS) -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 - ALL_LDFLAGS = $(LDFLAGS) + RM = rm -f diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h -index 6789d788..4afd019e 100644 +index 3a3a0f1..6cf679d 100644 --- a/tools/perf/util/include/asm/alternative-asm.h +++ b/tools/perf/util/include/asm/alternative-asm.h -@@ -5,4 +5,7 @@ - +@@ -6,4 +6,7 @@ #define altinstruction_entry # + #define ALTERNATIVE_2 # + .macro pax_force_retaddr rip=0, reload=0 + .endm @@ -158247,13 +159160,13 @@ index 0a578fe..b81f62d 100644 }) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index f8f3f5fe..9bc113f 100644 +index 9097741..2472109 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -81,12 +81,17 @@ LIST_HEAD(vm_list); static cpumask_var_t cpus_hardware_enabled; - static int kvm_usage_count = 0; + static int kvm_usage_count; -static atomic_t hardware_enable_failed; +static atomic_unchecked_t hardware_enable_failed; @@ -158269,8 +159182,8 @@ index f8f3f5fe..9bc113f 100644 +}; struct dentry *kvm_debugfs_dir; - -@@ -791,7 +796,7 @@ int __kvm_set_memory_region(struct kvm *kvm, + EXPORT_SYMBOL_GPL(kvm_debugfs_dir); +@@ -784,7 +789,7 @@ int __kvm_set_memory_region(struct kvm *kvm, /* We can read the guest memory with __xxx_user() later on. */ if ((mem->slot < KVM_USER_MEM_SLOTS) && ((mem->userspace_addr & (PAGE_SIZE - 1)) || @@ -158279,7 +159192,7 @@ index f8f3f5fe..9bc113f 100644 (void __user *)(unsigned long)mem->userspace_addr, mem->memory_size))) goto out; -@@ -1729,9 +1734,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); +@@ -1714,9 +1719,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); int kvm_clear_guest_page(struct kvm *kvm, gfn_t gfn, int offset, int len) { @@ -158299,7 +159212,7 @@ index f8f3f5fe..9bc113f 100644 } EXPORT_SYMBOL_GPL(kvm_clear_guest_page); -@@ -2007,7 +2020,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) +@@ -1993,7 +2006,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) return 0; } @@ -158308,7 +159221,7 @@ index f8f3f5fe..9bc113f 100644 .release = kvm_vcpu_release, .unlocked_ioctl = kvm_vcpu_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -2724,7 +2737,7 @@ out: +@@ -2713,7 +2726,7 @@ out: } #endif @@ -158317,7 +159230,7 @@ index f8f3f5fe..9bc113f 100644 .release = kvm_vm_release, .unlocked_ioctl = kvm_vm_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -2795,7 +2808,7 @@ out: +@@ -2784,7 +2797,7 @@ out: return r; } @@ -158326,16 +159239,16 @@ index f8f3f5fe..9bc113f 100644 .unlocked_ioctl = kvm_dev_ioctl, .compat_ioctl = kvm_dev_ioctl, .llseek = noop_llseek, -@@ -2821,7 +2834,7 @@ static void hardware_enable_nolock(void *junk) +@@ -2810,7 +2823,7 @@ static void hardware_enable_nolock(void *junk) if (r) { cpumask_clear_cpu(cpu, cpus_hardware_enabled); - atomic_inc(&hardware_enable_failed); + atomic_inc_unchecked(&hardware_enable_failed); - printk(KERN_INFO "kvm: enabling virtualization on " - "CPU%d failed\n", cpu); + pr_info("kvm: enabling virtualization on CPU%d failed\n", cpu); } -@@ -2877,10 +2890,10 @@ static int hardware_enable_all(void) + } +@@ -2865,10 +2878,10 @@ static int hardware_enable_all(void) kvm_usage_count++; if (kvm_usage_count == 1) { @@ -158348,7 +159261,7 @@ index f8f3f5fe..9bc113f 100644 hardware_disable_all_nolock(); r = -EBUSY; } -@@ -3287,7 +3300,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, +@@ -3276,7 +3289,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, kvm_arch_vcpu_put(vcpu); } @@ -158357,7 +159270,7 @@ index f8f3f5fe..9bc113f 100644 struct module *module) { int r; -@@ -3334,7 +3347,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3323,7 +3336,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (!vcpu_align) vcpu_align = __alignof__(struct kvm_vcpu); kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, @@ -158366,7 +159279,7 @@ index f8f3f5fe..9bc113f 100644 if (!kvm_vcpu_cache) { r = -ENOMEM; goto out_free_3; -@@ -3344,9 +3357,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3333,9 +3346,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (r) goto out_free; @@ -158378,7 +159291,7 @@ index f8f3f5fe..9bc113f 100644 r = misc_register(&kvm_dev); if (r) { -@@ -3356,9 +3371,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3345,9 +3360,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, register_syscore_ops(&kvm_syscore_ops); @@ -158387,4 +159300,4 @@ index f8f3f5fe..9bc113f 100644 - r = kvm_init_debug(); if (r) { - printk(KERN_ERR "kvm: create debugfs files failed\n"); + pr_err("kvm: create debugfs files failed\n"); diff --git a/4.0.8/4425_grsec_remove_EI_PAX.patch b/4.1.3/4425_grsec_remove_EI_PAX.patch index a80a5d7..a80a5d7 100644 --- a/4.0.8/4425_grsec_remove_EI_PAX.patch +++ b/4.1.3/4425_grsec_remove_EI_PAX.patch diff --git a/4.0.8/4427_force_XATTR_PAX_tmpfs.patch b/4.1.3/4427_force_XATTR_PAX_tmpfs.patch index a789f0b..a789f0b 100644 --- a/4.0.8/4427_force_XATTR_PAX_tmpfs.patch +++ b/4.1.3/4427_force_XATTR_PAX_tmpfs.patch diff --git a/4.0.8/4430_grsec-remove-localversion-grsec.patch b/4.1.3/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/4.0.8/4430_grsec-remove-localversion-grsec.patch +++ b/4.1.3/4430_grsec-remove-localversion-grsec.patch diff --git a/4.0.8/4435_grsec-mute-warnings.patch b/4.1.3/4435_grsec-mute-warnings.patch index b7564e4..b7564e4 100644 --- a/4.0.8/4435_grsec-mute-warnings.patch +++ b/4.1.3/4435_grsec-mute-warnings.patch diff --git a/4.0.8/4440_grsec-remove-protected-paths.patch b/4.1.3/4440_grsec-remove-protected-paths.patch index 741546d..741546d 100644 --- a/4.0.8/4440_grsec-remove-protected-paths.patch +++ b/4.1.3/4440_grsec-remove-protected-paths.patch diff --git a/4.0.8/4450_grsec-kconfig-default-gids.patch b/4.1.3/4450_grsec-kconfig-default-gids.patch index 61d903e..61d903e 100644 --- a/4.0.8/4450_grsec-kconfig-default-gids.patch +++ b/4.1.3/4450_grsec-kconfig-default-gids.patch diff --git a/4.0.8/4465_selinux-avc_audit-log-curr_ip.patch b/4.1.3/4465_selinux-avc_audit-log-curr_ip.patch index ba89596..ba89596 100644 --- a/4.0.8/4465_selinux-avc_audit-log-curr_ip.patch +++ b/4.1.3/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/4.0.8/4470_disable-compat_vdso.patch b/4.1.3/4470_disable-compat_vdso.patch index 7aefa02..7aefa02 100644 --- a/4.0.8/4470_disable-compat_vdso.patch +++ b/4.1.3/4470_disable-compat_vdso.patch diff --git a/4.0.8/4475_emutramp_default_on.patch b/4.1.3/4475_emutramp_default_on.patch index a128205..a128205 100644 --- a/4.0.8/4475_emutramp_default_on.patch +++ b/4.1.3/4475_emutramp_default_on.patch |