aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-07-23 09:03:17 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-07-23 12:29:16 +0000
commit95f495fda4c834d82394d4db5c2425adcf684dd2 (patch)
tree7f1c3248c4bd46f9923f8baaa0ed403012a3ded5
parenta4c5463c3d06bd6e64ba89bf738ee6eb409a77d4 (diff)
downloadaports-95f495fda4c834d82394d4db5c2425adcf684dd2.tar.bz2
aports-95f495fda4c834d82394d4db5c2425adcf684dd2.tar.xz
main/linux-grsec: upgrade to 3.9.11
-rw-r--r--main/linux-grsec/APKBUILD16
-rw-r--r--main/linux-grsec/grsecurity-2.9.1-3.9.11-unofficial-0.patch (renamed from main/linux-grsec/grsecurity-2.9.1-3.9.9-201307050017.patch)963
2 files changed, 478 insertions, 501 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index d0028f5815..3bf39595bf 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
_flavor=grsec
pkgname=linux-${_flavor}
-pkgver=3.9.9
+pkgver=3.9.11
case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
@@ -17,7 +17,7 @@ _config=${config:-kernelconfig.${CARCH}}
install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
- grsecurity-2.9.1-3.9.9-201307050017.patch
+ grsecurity-2.9.1-3.9.11-unofficial-0.patch
0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
@@ -149,8 +149,8 @@ dev() {
}
md5sums="4348c9b6b2eb3144d601e87c19d5d909 linux-3.9.tar.xz
-41f350c2fd6aa14414bf39f173a8e6a3 patch-3.9.9.xz
-f3b3db991845d216a1f60921f5fd650e grsecurity-2.9.1-3.9.9-201307050017.patch
+552146435b7ecc414bf8e3cd8bb6ac4a patch-3.9.11.xz
+6d3715f39d6c9e418550443ddf472ec8 grsecurity-2.9.1-3.9.11-unofficial-0.patch
a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -160,8 +160,8 @@ aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-p
d89089b3c7eb94dd9f65cf8a357fc36d kernelconfig.x86
eb147f09fef5996a488c247790205cd6 kernelconfig.x86_64"
sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541 linux-3.9.tar.xz
-4ae653db69190a10b842f05c19499a528ae29898e4f2dfbdb420ef5d26112f3b patch-3.9.9.xz
-d864bb3e745101f5a624a2b716a03ec1b5dc31e4b3ddec6c9741426bcbbd1e53 grsecurity-2.9.1-3.9.9-201307050017.patch
+29be11d16ef152ae1858d567cbf45f0da0193adf364826f5e3fa8b2fcd839682 patch-3.9.11.xz
+09787452cd5f7b0bfcef6c27f4f64c3a8c1f46fad69a6c9604883a4f4d2924df grsecurity-2.9.1-3.9.11-unofficial-0.patch
6af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
0985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -171,8 +171,8 @@ fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use-
de3c17420664ae4e52826c6e602aade0deeae94f72253f85b3e48771491ed5d6 kernelconfig.x86
e1cce320f207cc2ba72b9d154c7060c8cbed52c664319dfd21f24e8956d0bf3e kernelconfig.x86_64"
sha512sums="77fa521f42380409f8ab400c26f7b00e225cb075ef40834bb263325cfdcc3e65aef8511ec2fc2b50bbf4f50e226fb5ab07d7a479aaf09162adbbf318325d0790 linux-3.9.tar.xz
-51fa4e20b23c9900078e90ace0c4cc38e419e5028a88b63443fafa66c07ad28aab77cb0f56ceb9c8416bfde848ceba64e95f608f0f64ab4634386a161cbc7994 patch-3.9.9.xz
-a16dde6d53649aecfa9eb47b969dbc5d147909c48191cc44a666c8f946181688344ac7512330e08fc47c48073010dd4154aac7b572d6301acaf39f5ad6e1b0df grsecurity-2.9.1-3.9.9-201307050017.patch
+c3a0be102d816ae06d7dfdd2738915fc2114cb9bb488b03b34e4f52f2367dcba4d8cb8ba203687bf694c2dcad36d70bb9d3121ac739a28e2c7fb2c44f08a9c71 patch-3.9.11.xz
+a6a4b7fc2b5a532845dc31f7ba539b4f9b643750a4e96870e3fc4ac516953d456e28246c0964493ba5ddd41f5e65f2ca99b9e71d2a3d94dba2385be5a9dcceac grsecurity-2.9.1-3.9.11-unofficial-0.patch
81e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
51ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
57d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
diff --git a/main/linux-grsec/grsecurity-2.9.1-3.9.9-201307050017.patch b/main/linux-grsec/grsecurity-2.9.1-3.9.11-unofficial-0.patch
index 1ae3c82aef..2aebee9454 100644
--- a/main/linux-grsec/grsecurity-2.9.1-3.9.9-201307050017.patch
+++ b/main/linux-grsec/grsecurity-2.9.1-3.9.11-unofficial-0.patch
@@ -263,7 +263,7 @@ index 8ccbf27..afffeb4 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index 9591325..1457ef3 100644
+index ad368cd..96b21c3 100644
--- a/Makefile
+++ b/Makefile
@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -1212,13 +1212,11 @@ index c79f61f..9ac0642 100644
static inline u64 atomic64_add_return(u64 i, atomic64_t *v)
{
-- u64 result;
-- unsigned long tmp;
+ u64 result, tmp;
-
- smp_mb();
-
- __asm__ __volatile__("@ atomic64_add_return\n"
++
++ smp_mb();
++
++ __asm__ __volatile__("@ atomic64_add_return\n"
+"1: ldrexd %1, %H1, [%3]\n"
+" adds %0, %1, %4\n"
+" adcs %H0, %H1, %H4\n"
@@ -1251,19 +1249,21 @@ index c79f61f..9ac0642 100644
+
+static inline u64 atomic64_add_return_unchecked(u64 i, atomic64_unchecked_t *v)
+{
-+ u64 result;
-+ unsigned long tmp;
-+
-+ smp_mb();
-+
+ u64 result;
+ unsigned long tmp;
+
+ smp_mb();
+
+- __asm__ __volatile__("@ atomic64_add_return\n"
+ __asm__ __volatile__("@ atomic64_add_return_unchecked\n"
"1: ldrexd %0, %H0, [%3]\n"
" adds %0, %0, %4\n"
" adc %H0, %H0, %H4\n"
-@@ -318,6 +607,36 @@ static inline void atomic64_sub(u64 i, atomic64_t *v)
+@@ -318,23 +607,34 @@ static inline void atomic64_sub(u64 i, atomic64_t *v)
__asm__ __volatile__("@ atomic64_sub\n"
"1: ldrexd %0, %H0, [%3]\n"
" subs %0, %0, %4\n"
+-" sbc %H0, %H0, %H4\n"
+" sbcs %H0, %H0, %H4\n"
+
+#ifdef CONFIG_PAX_REFCOUNT
@@ -1272,45 +1272,46 @@ index c79f61f..9ac0642 100644
+"3:\n"
+#endif
+
-+" strexd %1, %0, %H0, [%3]\n"
-+" teq %1, #0\n"
-+" bne 1b"
+ " strexd %1, %0, %H0, [%3]\n"
+ " teq %1, #0\n"
+ " bne 1b"
+
+#ifdef CONFIG_PAX_REFCOUNT
+"\n4:\n"
+ _ASM_EXTABLE(2b, 4b)
+#endif
+
-+ : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
-+ : "r" (&v->counter), "r" (i)
-+ : "cc");
-+}
-+
+ : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
+ : "r" (&v->counter), "r" (i)
+ : "cc");
+ }
+
+-static inline u64 atomic64_sub_return(u64 i, atomic64_t *v)
+static inline void atomic64_sub_unchecked(u64 i, atomic64_unchecked_t *v)
-+{
-+ u64 result;
-+ unsigned long tmp;
-+
+ {
+ u64 result;
+ unsigned long tmp;
+
+- smp_mb();
+-
+- __asm__ __volatile__("@ atomic64_sub_return\n"
+ __asm__ __volatile__("@ atomic64_sub_unchecked\n"
-+"1: ldrexd %0, %H0, [%3]\n"
-+" subs %0, %0, %4\n"
+ "1: ldrexd %0, %H0, [%3]\n"
+ " subs %0, %0, %4\n"
" sbc %H0, %H0, %H4\n"
- " strexd %1, %0, %H0, [%3]\n"
- " teq %1, #0\n"
-@@ -329,18 +648,32 @@ static inline void atomic64_sub(u64 i, atomic64_t *v)
-
- static inline u64 atomic64_sub_return(u64 i, atomic64_t *v)
- {
-- u64 result;
-- unsigned long tmp;
+@@ -344,6 +644,39 @@ static inline u64 atomic64_sub_return(u64 i, atomic64_t *v)
+ : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
+ : "r" (&v->counter), "r" (i)
+ : "cc");
++}
++
++static inline u64 atomic64_sub_return(u64 i, atomic64_t *v)
++{
+ u64 result, tmp;
-
- smp_mb();
-
- __asm__ __volatile__("@ atomic64_sub_return\n"
--"1: ldrexd %0, %H0, [%3]\n"
--" subs %0, %0, %4\n"
--" sbc %H0, %H0, %H4\n"
++
++ smp_mb();
++
++ __asm__ __volatile__("@ atomic64_sub_return\n"
+"1: ldrexd %1, %H1, [%3]\n"
+" subs %0, %1, %4\n"
+" sbcs %H0, %H1, %H4\n"
@@ -1323,18 +1324,21 @@ index c79f61f..9ac0642 100644
+"3:\n"
+#endif
+
- " strexd %1, %0, %H0, [%3]\n"
- " teq %1, #0\n"
- " bne 1b"
++" strexd %1, %0, %H0, [%3]\n"
++" teq %1, #0\n"
++" bne 1b"
+
+#ifdef CONFIG_PAX_REFCOUNT
+"\n4:\n"
+ _ASM_EXTABLE(2b, 4b)
+#endif
+
- : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
- : "r" (&v->counter), "r" (i)
- : "cc");
++ : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
++ : "r" (&v->counter), "r" (i)
++ : "cc");
+
+ smp_mb();
+
@@ -374,6 +707,30 @@ static inline u64 atomic64_cmpxchg(atomic64_t *ptr, u64 old, u64 new)
return oldval;
}
@@ -1539,15 +1543,15 @@ index 6ddbe44..b5e38b1 100644
+#define DOMAIN_KERNELCLIENT 1
#define DOMAIN_MANAGER 3
+#define DOMAIN_VECTORS DOMAIN_USER
- #else
++#else
+
+#ifdef CONFIG_PAX_KERNEXEC
- #define DOMAIN_MANAGER 1
-+#define DOMAIN_KERNEXEC 3
-+#else
+#define DOMAIN_MANAGER 1
-+#endif
-+
++#define DOMAIN_KERNEXEC 3
+ #else
+ #define DOMAIN_MANAGER 1
+ #endif
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+#define DOMAIN_USERCLIENT 0
+#define DOMAIN_UDEREF 1
@@ -1558,8 +1562,8 @@ index 6ddbe44..b5e38b1 100644
+#endif
+#define DOMAIN_KERNELCLIENT 1
+
- #endif
-
++#endif
++
#define domain_val(dom,type) ((type) << (2*(dom)))
#ifndef __ASSEMBLY__
@@ -2967,15 +2971,16 @@ index 296786b..a8d4dd5 100644
- */
- flush_icache_range((unsigned long)rc,
- (unsigned long)(rc + 2));
+-
+- retcode = ((unsigned long)rc) + thumb;
+- }
+ /*
+ * Ensure that the instruction cache sees
+ * the return code written onto the stack.
+ */
+ flush_icache_range((unsigned long)rc,
+ (unsigned long)(rc + 2));
-
-- retcode = ((unsigned long)rc) + thumb;
-- }
++
+ retcode = ((unsigned long)rc) + thumb;
}
@@ -3750,7 +3755,7 @@ index ad722f1..763fdd3 100644
#ifdef CONFIG_HAVE_TCM
extern char __tcm_start, __tcm_end;
+#endif
-
++
+#ifdef CONFIG_PAX_KERNEXEC
+ unsigned long addr;
+ pgd_t *pgd;
@@ -3787,7 +3792,7 @@ index ad722f1..763fdd3 100644
+ }
+ }
+#endif
-+
+
+#ifdef CONFIG_HAVE_TCM
poison_init_mem(&__tcm_start, &__tcm_end - &__tcm_start);
totalram_pages += free_area(__phys_to_pfn(__pa(&__tcm_start)),
@@ -4197,12 +4202,12 @@ index a84ff76..f221c1d 100644
struct map_desc map;
unsigned long addr;
- void *vectors;
-
+-
- /*
- * Allocate the vector page early.
- */
- vectors = early_alloc(PAGE_SIZE);
--
+
- early_trap_init(vectors);
+ early_trap_init(&vectors);
@@ -8206,13 +8211,13 @@ index e562d3c..191f176 100644
{
- unsigned long ret = ___copy_to_user(to, from, size);
+ unsigned long ret;
-
++
+ if ((long)size < 0 || size > INT_MAX)
+ return size;
+
+ if (!__builtin_constant_p(size))
+ check_object_size(from, size, true);
-+
+
+ ret = ___copy_to_user(to, from, size);
if (unlikely(ret))
ret = copy_to_user_fixup(to, from, size);
@@ -12389,6 +12394,11 @@ index 722aa3b..3a0bb27 100644
-#define atomic_clear_mask(mask, addr) \
- asm volatile(LOCK_PREFIX "andl %0,%1" \
- : : "r" (~(mask)), "m" (*(addr)) : "memory")
+-
+-#define atomic_set_mask(mask, addr) \
+- asm volatile(LOCK_PREFIX "orl %0,%1" \
+- : : "r" ((unsigned)(mask)), "m" (*(addr)) \
+- : "memory")
+static inline void atomic_clear_mask(unsigned int mask, atomic_t *v)
+{
+ asm volatile(LOCK_PREFIX "andl %1,%0"
@@ -12396,11 +12406,7 @@ index 722aa3b..3a0bb27 100644
+ : "r" (~(mask))
+ : "memory");
+}
-
--#define atomic_set_mask(mask, addr) \
-- asm volatile(LOCK_PREFIX "orl %0,%1" \
-- : : "r" ((unsigned)(mask)), "m" (*(addr)) \
-- : "memory")
++
+static inline void atomic_clear_mask_unchecked(unsigned int mask, atomic_unchecked_t *v)
+{
+ asm volatile(LOCK_PREFIX "andl %1,%0"
@@ -14033,9 +14039,9 @@ index cdbf367..adb37ac 100644
+#endif
+
}
-+#endif
- }
--#endif
+- }
+ #endif
++ }
}
#define activate_mm(prev, next) \
@@ -15438,15 +15444,7 @@ index 70bbe39..4ae2bd4 100644
- void *data,
- unsigned long *end,
- int *graph);
-+typedef unsigned long walk_stack_t(struct task_struct *task,
-+ void *stack_start,
-+ unsigned long *stack,
-+ unsigned long bp,
-+ const struct stacktrace_ops *ops,
-+ void *data,
-+ unsigned long *end,
-+ int *graph);
-
+-
-extern unsigned long
-print_context_stack(struct thread_info *tinfo,
- unsigned long *stack, unsigned long bp,
@@ -15458,6 +15456,15 @@ index 70bbe39..4ae2bd4 100644
- unsigned long *stack, unsigned long bp,
- const struct stacktrace_ops *ops, void *data,
- unsigned long *end, int *graph);
++typedef unsigned long walk_stack_t(struct task_struct *task,
++ void *stack_start,
++ unsigned long *stack,
++ unsigned long bp,
++ const struct stacktrace_ops *ops,
++ void *data,
++ unsigned long *end,
++ int *graph);
++
+extern walk_stack_t print_context_stack;
+extern walk_stack_t print_context_stack_bp;
@@ -15583,43 +15590,16 @@ index 2cd056e..0224df8 100644
/* Only used for 64 bit */
#define _TIF_DO_NOTIFY_MASK \
-@@ -158,45 +154,40 @@ struct thread_info {
+@@ -158,6 +154,23 @@ struct thread_info {
#define PREEMPT_ACTIVE 0x10000000
--#ifdef CONFIG_X86_32
--
--#define STACK_WARN (THREAD_SIZE/8)
--/*
-- * macros/functions for gaining access to the thread information structure
-- *
-- * preempt_count needs to be 1 initially, until the scheduler is functional.
-- */
--#ifndef __ASSEMBLY__
--
--
--/* how to get the current stack pointer from C */
--register unsigned long current_stack_pointer asm("esp") __used;
--
--/* how to get the thread information struct from C */
--static inline struct thread_info *current_thread_info(void)
--{
-- return (struct thread_info *)
-- (current_stack_pointer & ~(THREAD_SIZE - 1));
--}
--
--#else /* !__ASSEMBLY__ */
--
+#ifdef __ASSEMBLY__
- /* how to get the thread information struct from ASM */
- #define GET_THREAD_INFO(reg) \
-- movl $-THREAD_SIZE, reg; \
-- andl %esp, reg
++/* how to get the thread information struct from ASM */
++#define GET_THREAD_INFO(reg) \
+ mov PER_CPU_VAR(current_tinfo), reg
-
- /* use this one if reg already contains %esp */
--#define GET_THREAD_INFO_WITH_ESP(reg) \
-- andl $-THREAD_SIZE, reg
++
++/* use this one if reg already contains %esp */
+#define GET_THREAD_INFO_WITH_ESP(reg) GET_THREAD_INFO(reg)
+#else
+/* how to get the thread information struct from C */
@@ -15631,19 +15611,35 @@ index 2cd056e..0224df8 100644
+}
+#endif
+
-+#ifdef CONFIG_X86_32
-+
-+#define STACK_WARN (THREAD_SIZE/8)
-+/*
-+ * macros/functions for gaining access to the thread information structure
-+ *
-+ * preempt_count needs to be 1 initially, until the scheduler is functional.
-+ */
-+#ifndef __ASSEMBLY__
-+
-+/* how to get the current stack pointer from C */
-+register unsigned long current_stack_pointer asm("esp") __used;
+ #ifdef CONFIG_X86_32
+
+ #define STACK_WARN (THREAD_SIZE/8)
+@@ -168,35 +181,13 @@ struct thread_info {
+ */
+ #ifndef __ASSEMBLY__
+
+-
+ /* how to get the current stack pointer from C */
+ register unsigned long current_stack_pointer asm("esp") __used;
+-/* how to get the thread information struct from C */
+-static inline struct thread_info *current_thread_info(void)
+-{
+- return (struct thread_info *)
+- (current_stack_pointer & ~(THREAD_SIZE - 1));
+-}
+-
+-#else /* !__ASSEMBLY__ */
+-
+-/* how to get the thread information struct from ASM */
+-#define GET_THREAD_INFO(reg) \
+- movl $-THREAD_SIZE, reg; \
+- andl %esp, reg
+-
+-/* use this one if reg already contains %esp */
+-#define GET_THREAD_INFO_WITH_ESP(reg) \
+- andl $-THREAD_SIZE, reg
+-
#endif
#else /* X86_32 */
@@ -16008,18 +16004,18 @@ index 7f760a9..04b1c65 100644
unsigned long n)
{
- return __copy_from_user_ll_nocache_nozero(to, from, n);
+-}
+ if ((long)n < 0)
+ return n;
-+
-+ return __copy_from_user_ll_nocache_nozero(to, from, n);
- }
-unsigned long __must_check copy_to_user(void __user *to,
- const void *from, unsigned long n);
-unsigned long __must_check _copy_from_user(void *to,
- const void __user *from,
- unsigned long n);
--
++ return __copy_from_user_ll_nocache_nozero(to, from, n);
++}
+
+extern void copy_to_user_overflow(void)
+#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
+ __compiletime_error("copy_to_user() buffer size is not provably correct")
@@ -16059,13 +16055,14 @@ index 7f760a9..04b1c65 100644
- if (likely(sz == -1 || sz >= n))
- n = _copy_from_user(to, from, n);
- else
+- copy_from_user_overflow();
+ if (unlikely(sz != (size_t)-1 && sz < n))
+ copy_to_user_overflow();
+ else if (access_ok(VERIFY_WRITE, to, n))
+ n = __copy_to_user(to, from, n);
+ return n;
+}
-+
+
+/**
+ * copy_from_user: - Copy a block of data from user space.
+ * @to: Destination address, in kernel space.
@@ -16090,8 +16087,7 @@ index 7f760a9..04b1c65 100644
+ check_object_size(to, n, false);
+
+ if (unlikely(sz != (size_t)-1 && sz < n))
- copy_from_user_overflow();
--
++ copy_from_user_overflow();
+ else if (access_ok(VERIFY_READ, from, n))
+ n = __copy_from_user(to, from, n);
+ else if ((long)n > 0)
@@ -17129,16 +17125,16 @@ index 2861082..6d4718e 100644
+
+#ifdef CONFIG_PAX_KERNEXEC
+ OFFSET(PV_CPU_write_cr0, pv_cpu_ops, write_cr0);
- #endif
-
++#endif
++
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ OFFSET(PV_MMU_read_cr3, pv_mmu_ops, read_cr3);
+ OFFSET(PV_MMU_write_cr3, pv_mmu_ops, write_cr3);
+#ifdef CONFIG_X86_64
+ OFFSET(PV_MMU_set_pgd_batched, pv_mmu_ops, set_pgd_batched);
+#endif
-+#endif
-+
+ #endif
+
+#endif
+
+ BLANK();
@@ -20678,10 +20674,10 @@ index 321d65e..ad8817d 100644
+#ifndef CONFIG_XEN
+ addq %rbp, level3_ident_pgt + (1*8)(%rip)
+#endif
++
++ addq %rbp, level3_vmemmap_pgt + (L3_VMEMMAP_START*8)(%rip)
- addq %rbp, level2_fixmap_pgt + (506*8)(%rip)
-+ addq %rbp, level3_vmemmap_pgt + (L3_VMEMMAP_START*8)(%rip)
-+
+ addq %rbp, level3_kernel_pgt + (L3_START_KERNEL*8)(%rip)
+ addq %rbp, level3_kernel_pgt + ((L3_START_KERNEL+1)*8)(%rip)
+
@@ -20753,10 +20749,10 @@ index 321d65e..ad8817d 100644
+ .section .rodata,"a",@progbits
-#ifndef CONFIG_XEN
- NEXT_PAGE(init_level4_pgt)
+-NEXT_PAGE(init_level4_pgt)
- .fill 512,8,0
-#else
--NEXT_PAGE(init_level4_pgt)
+ NEXT_PAGE(init_level4_pgt)
- .quad level3_ident_pgt - __START_KERNEL_map + _KERNPG_TABLE
.org init_level4_pgt + L4_PAGE_OFFSET*8, 0
.quad level3_ident_pgt - __START_KERNEL_map + _KERNPG_TABLE
@@ -21933,10 +21929,10 @@ index 8bfb335..c1463c6 100644
ret = paravirt_patch_ident_32(insnbuf, len);
- else if (opfunc == _paravirt_ident_64)
+ else if (opfunc == (void *)_paravirt_ident_64)
- ret = paravirt_patch_ident_64(insnbuf, len);
++ ret = paravirt_patch_ident_64(insnbuf, len);
+#if defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
+ else if (opfunc == (void *)__raw_callee_save__paravirt_ident_64)
-+ ret = paravirt_patch_ident_64(insnbuf, len);
+ ret = paravirt_patch_ident_64(insnbuf, len);
+#endif
else if (type == PARAVIRT_PATCH(pv_cpu_ops.iret) ||
@@ -24142,7 +24138,7 @@ index e1b1ce2..f7b4b43 100644
local_irq_disable();
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
-index 0af1807..06912bb 100644
+index 0e2f2a4..4331db2 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1184,12 +1184,12 @@ static void vmcs_write64(unsigned long field, u64 value)
@@ -24212,7 +24208,7 @@ index 0af1807..06912bb 100644
if (nested)
nested_vmx_setup_ctls_msrs();
-@@ -3883,7 +3896,10 @@ static void vmx_set_constant_host_state(void)
+@@ -3890,7 +3903,10 @@ static void vmx_set_constant_host_state(void)
vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */
vmcs_writel(HOST_CR4, read_cr4()); /* 22.2.3, 22.2.5 */
@@ -24223,7 +24219,7 @@ index 0af1807..06912bb 100644
vmcs_write16(HOST_CS_SELECTOR, __KERNEL_CS); /* 22.2.4 */
#ifdef CONFIG_X86_64
-@@ -3904,7 +3920,7 @@ static void vmx_set_constant_host_state(void)
+@@ -3911,7 +3927,7 @@ static void vmx_set_constant_host_state(void)
native_store_idt(&dt);
vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */
@@ -24232,7 +24228,7 @@ index 0af1807..06912bb 100644
rdmsr(MSR_IA32_SYSENTER_CS, low32, high32);
vmcs_write32(HOST_IA32_SYSENTER_CS, low32);
-@@ -6580,6 +6596,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
+@@ -6587,6 +6603,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
"jmp 2f \n\t"
"1: " __ex(ASM_VMX_VMRESUME) "\n\t"
"2: "
@@ -24245,7 +24241,7 @@ index 0af1807..06912bb 100644
/* Save guest registers, load host registers, keep flags */
"mov %0, %c[wordsize](%%" _ASM_SP ") \n\t"
"pop %0 \n\t"
-@@ -6632,6 +6654,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
+@@ -6639,6 +6661,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
#endif
[cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)),
[wordsize]"i"(sizeof(ulong))
@@ -24257,7 +24253,7 @@ index 0af1807..06912bb 100644
: "cc", "memory"
#ifdef CONFIG_X86_64
, "rax", "rbx", "rdi", "rsi"
-@@ -6645,7 +6672,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
+@@ -6652,7 +6679,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
if (debugctlmsr)
update_debugctlmsr(debugctlmsr);
@@ -24266,7 +24262,7 @@ index 0af1807..06912bb 100644
/*
* The sysexit path does not restore ds/es, so we must set them to
* a reasonable value ourselves.
-@@ -6654,8 +6681,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
+@@ -6661,8 +6688,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
* may be executed in interrupt context, which saves and restore segments
* around it, nullifying its effect.
*/
@@ -27104,13 +27100,16 @@ index f0312d7..9c39d63 100644
- */
-unsigned long
-copy_to_user(void __user *to, const void *from, unsigned long n)
--{
++void copy_from_user_overflow(void)
+ {
- if (access_ok(VERIFY_WRITE, to, n))
- n = __copy_to_user(to, from, n);
- return n;
--}
++ WARN(1, "Buffer overflow detected!\n");
+ }
-EXPORT_SYMBOL(copy_to_user);
--
++EXPORT_SYMBOL(copy_from_user_overflow);
+
-/**
- * copy_from_user: - Copy a block of data from user space.
- * @to: Destination address, in kernel space.
@@ -27129,30 +27128,23 @@ index f0312d7..9c39d63 100644
- */
-unsigned long
-_copy_from_user(void *to, const void __user *from, unsigned long n)
--{
++void copy_to_user_overflow(void)
+ {
- if (access_ok(VERIFY_READ, from, n))
- n = __copy_from_user(to, from, n);
- else
- memset(to, 0, n);
- return n;
--}
--EXPORT_SYMBOL(_copy_from_user);
--
- void copy_from_user_overflow(void)
- {
- WARN(1, "Buffer overflow detected!\n");
- }
- EXPORT_SYMBOL(copy_from_user_overflow);
-+
-+void copy_to_user_overflow(void)
-+{
+ WARN(1, "Buffer overflow detected!\n");
-+}
+ }
+-EXPORT_SYMBOL(_copy_from_user);
+EXPORT_SYMBOL(copy_to_user_overflow);
-+
+
+-void copy_from_user_overflow(void)
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+void __set_fs(mm_segment_t x)
-+{
+ {
+- WARN(1, "Buffer overflow detected!\n");
+ switch (x.seg) {
+ case 0:
+ loadsegment(gs, 0);
@@ -27167,7 +27159,8 @@ index f0312d7..9c39d63 100644
+ BUG();
+ }
+ return;
-+}
+ }
+-EXPORT_SYMBOL(copy_from_user_overflow);
+EXPORT_SYMBOL(__set_fs);
+
+void set_fs(mm_segment_t x)
@@ -27643,7 +27636,7 @@ index 0e88336..2bb9777 100644
return false;
return true;
-@@ -1008,18 +1203,33 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
+@@ -1008,19 +1203,34 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
{
struct vm_area_struct *vma;
struct task_struct *tsk;
@@ -27654,11 +27647,7 @@ index 0e88336..2bb9777 100644
unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE |
(write ? FAULT_FLAG_WRITE : 0);
-- tsk = current;
-- mm = tsk->mm;
--
- /* Get the faulting address: */
-- address = read_cr2();
++ /* Get the faulting address: */
+ unsigned long address = read_cr2();
+
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
@@ -27677,11 +27666,15 @@ index 0e88336..2bb9777 100644
+ }
+#endif
+
-+ tsk = current;
-+ mm = tsk->mm;
+ tsk = current;
+ mm = tsk->mm;
+- /* Get the faulting address: */
+- address = read_cr2();
+-
/*
* Detect and handle instructions that would cause a page fault for
+ * both a tracked kernel page and a userspace page.
@@ -1080,7 +1290,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
* User-mode registers count as a user access even for any
* potential system fault or CPU buglet:
@@ -28222,10 +28215,10 @@ index 0c13708..ca05f23 100644
+#ifdef CONFIG_GRKERNSEC_KMEM
+ /* allow BDA */
+ if (!pagenr)
- return 1;
++ return 1;
+ /* allow EBDA */
+ if (pagenr >= ebda_start && pagenr < ebda_end)
-+ return 1;
+ return 1;
+ /* if tboot is in use, allow access to its hardcoded serial log range */
+ if (tboot_enabled() && ((0x60000 >> PAGE_SHIFT) <= pagenr) && (pagenr < (0x68000 >> PAGE_SHIFT)))
+ return 1;
@@ -28767,7 +28760,7 @@ index 474e28f..f016b6e 100644
if (vma == &gate_vma)
return "[vsyscall]";
diff --git a/arch/x86/mm/iomap_32.c b/arch/x86/mm/iomap_32.c
-index 7b179b4..6bd17777 100644
+index 7b179b4..6bd1777 100644
--- a/arch/x86/mm/iomap_32.c
+++ b/arch/x86/mm/iomap_32.c
@@ -64,7 +64,11 @@ void *kmap_atomic_prot_pfn(unsigned long pfn, pgprot_t prot)
@@ -29223,7 +29216,7 @@ index 17fda6a..489c74a 100644
+void __shadow_user_pgds(pgd_t *dst, const pgd_t *src)
+{
+ unsigned int count = USER_PGD_PTRS;
-
++
+ while (count--)
+ *dst++ = __pgd((pgd_val(*src++) | (_PAGE_NX & __supported_pte_mask)) & ~_PAGE_USER);
+}
@@ -29236,7 +29229,7 @@ index 17fda6a..489c74a 100644
+
+ while (count--) {
+ pgd_t pgd;
-+
+
+#ifdef CONFIG_X86_64
+ pgd = __pgd(pgd_val(*src++) | _PAGE_USER);
+#else
@@ -31654,7 +31647,7 @@ index af00795..2bb8105 100644
#define XCHAL_ICACHE_SIZE 32768 /* I-cache size in bytes or 0 */
#define XCHAL_DCACHE_SIZE 32768 /* D-cache size in bytes or 0 */
diff --git a/block/blk-iopoll.c b/block/blk-iopoll.c
-index 58916af..eb9dbcf6 100644
+index 58916af..eb9dbcf 100644
--- a/block/blk-iopoll.c
+++ b/block/blk-iopoll.c
@@ -77,7 +77,7 @@ void blk_iopoll_complete(struct blk_iopoll *iopoll)
@@ -31755,7 +31748,7 @@ index 7c668c8..db3521c 100644
err = -EFAULT;
goto out;
diff --git a/block/genhd.c b/block/genhd.c
-index 3c001fb..d15a9e8 100644
+index 5098a64..d15a9e8 100644
--- a/block/genhd.c
+++ b/block/genhd.c
@@ -467,21 +467,24 @@ static char *bdevt_str(dev_t devt, char *buf)
@@ -31786,15 +31779,6 @@ index 3c001fb..d15a9e8 100644
}
EXPORT_SYMBOL(blk_unregister_region);
-@@ -512,7 +515,7 @@ static void register_disk(struct gendisk *disk)
-
- ddev->parent = disk->driverfs_dev;
-
-- dev_set_name(ddev, disk->disk_name);
-+ dev_set_name(ddev, "%s", disk->disk_name);
-
- /* delay uevents, until we scanned partition table */
- dev_set_uevent_suppress(ddev, 1);
diff --git a/block/partitions/efi.c b/block/partitions/efi.c
index ff5804e..a88acad 100644
--- a/block/partitions/efi.c
@@ -31803,20 +31787,18 @@ index ff5804e..a88acad 100644
if (!gpt)
return NULL;
-+ if (!le32_to_cpu(gpt->num_partition_entries))
-+ return NULL;
-+ pte = kcalloc(le32_to_cpu(gpt->num_partition_entries), le32_to_cpu(gpt->sizeof_partition_entry), GFP_KERNEL);
-+ if (!pte)
-+ return NULL;
-+
- count = le32_to_cpu(gpt->num_partition_entries) *
- le32_to_cpu(gpt->sizeof_partition_entry);
+- count = le32_to_cpu(gpt->num_partition_entries) *
+- le32_to_cpu(gpt->sizeof_partition_entry);
- if (!count)
-- return NULL;
++ if (!le32_to_cpu(gpt->num_partition_entries))
+ return NULL;
- pte = kzalloc(count, GFP_KERNEL);
-- if (!pte)
-- return NULL;
--
++ pte = kcalloc(le32_to_cpu(gpt->num_partition_entries), le32_to_cpu(gpt->sizeof_partition_entry), GFP_KERNEL);
+ if (!pte)
+ return NULL;
+
++ count = le32_to_cpu(gpt->num_partition_entries) *
++ le32_to_cpu(gpt->sizeof_partition_entry);
if (read_lba(state, le64_to_cpu(gpt->partition_entry_lba),
(u8 *) pte,
count) < count) {
@@ -31875,19 +31857,6 @@ index 9a87daa..fb17486 100644
if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len))
goto error;
-diff --git a/crypto/algapi.c b/crypto/algapi.c
-index 6149a6e..55ed50d 100644
---- a/crypto/algapi.c
-+++ b/crypto/algapi.c
-@@ -495,7 +495,7 @@ static struct crypto_template *__crypto_lookup_template(const char *name)
-
- struct crypto_template *crypto_lookup_template(const char *name)
- {
-- return try_then_request_module(__crypto_lookup_template(name), name);
-+ return try_then_request_module(__crypto_lookup_template(name), "%s", name);
- }
- EXPORT_SYMBOL_GPL(crypto_lookup_template);
-
diff --git a/crypto/cryptd.c b/crypto/cryptd.c
index 7bdd61b..afec999 100644
--- a/crypto/cryptd.c
@@ -32092,7 +32061,7 @@ index 41c0504..f8c0836 100644
static void delete_gpe_attr_array(void)
{
diff --git a/drivers/ata/libahci.c b/drivers/ata/libahci.c
-index 34c8216..f56c828 100644
+index 09f6047..3b3dab4 100644
--- a/drivers/ata/libahci.c
+++ b/drivers/ata/libahci.c
@@ -1230,7 +1230,7 @@ int ahci_kick_engine(struct ata_port *ap)
@@ -33785,19 +33754,6 @@ index dfe7583..83768bb 100644
set_fs(old_fs);
if (likely(bw == len))
return 0;
-diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
-index 7fecc78..84d217c 100644
---- a/drivers/block/nbd.c
-+++ b/drivers/block/nbd.c
-@@ -714,7 +714,7 @@ static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *nbd,
- else
- blk_queue_flush(nbd->disk->queue, 0);
-
-- thread = kthread_create(nbd_thread, nbd, nbd->disk->disk_name);
-+ thread = kthread_create(nbd_thread, nbd, "%s", nbd->disk->disk_name);
- if (IS_ERR(thread)) {
- mutex_lock(&nbd->tx_lock);
- return PTR_ERR(thread);
diff --git a/drivers/block/pktcdvd.c b/drivers/block/pktcdvd.c
index 2e7de7a..ed86dc0 100644
--- a/drivers/block/pktcdvd.c
@@ -33812,7 +33768,7 @@ index 2e7de7a..ed86dc0 100644
static DEFINE_MUTEX(pktcdvd_mutex);
static struct pktcdvd_device *pkt_devs[MAX_WRITERS];
diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
-index d620b44..d7538c2 100644
+index 8a3aff7..d7538c2 100644
--- a/drivers/cdrom/cdrom.c
+++ b/drivers/cdrom/cdrom.c
@@ -416,7 +416,6 @@ int register_cdrom(struct cdrom_device_info *cdi)
@@ -33854,15 +33810,6 @@ index d620b44..d7538c2 100644
if (cgc.buffer)
break;
-@@ -2882,7 +2883,7 @@ static noinline int mmc_ioctl_cdrom_read_data(struct cdrom_device_info *cdi,
- if (lba < 0)
- return -EINVAL;
-
-- cgc->buffer = kmalloc(blocksize, GFP_KERNEL);
-+ cgc->buffer = kzalloc(blocksize, GFP_KERNEL);
- if (cgc->buffer == NULL)
- return -ENOMEM;
-
@@ -3429,7 +3430,7 @@ static int cdrom_print_info(const char *header, int val, char *info,
struct cdrom_device_info *cdi;
int ret;
@@ -33980,7 +33927,7 @@ index 86fe45c..c0ea948 100644
}
diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c
-index 053201b0..8335cce 100644
+index 053201b..8335cce 100644
--- a/drivers/char/ipmi/ipmi_msghandler.c
+++ b/drivers/char/ipmi/ipmi_msghandler.c
@@ -420,7 +420,7 @@ struct ipmi_smi {
@@ -34202,7 +34149,7 @@ index 2c644af..4b7aede 100644
return tty_init();
diff --git a/drivers/char/mwave/tp3780i.c b/drivers/char/mwave/tp3780i.c
-index c689697..04e6d6a2 100644
+index c689697..04e6d6a 100644
--- a/drivers/char/mwave/tp3780i.c
+++ b/drivers/char/mwave/tp3780i.c
@@ -479,6 +479,7 @@ int tp3780I_QueryAbilities(THINKPAD_BD_DATA * pBDData, MW_ABILITIES * pAbilities
@@ -36577,7 +36524,7 @@ index 12f2f9e..679603c 100644
/*
* Represents channel interrupts. Each bit position represents a
diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c
-index bf421e0..ce2c897 100644
+index 4004e54..c2de226 100644
--- a/drivers/hv/vmbus_drv.c
+++ b/drivers/hv/vmbus_drv.c
@@ -668,10 +668,10 @@ int vmbus_device_register(struct hv_device *child_device_obj)
@@ -39592,6 +39539,31 @@ index 5c3ce24..4915ccb 100644
- atomic_long_t flush_tlb_gru;
- atomic_long_t flush_tlb_gru_tgh;
- atomic_long_t flush_tlb_gru_zero_asid;
+-
+- atomic_long_t copy_gpa;
+- atomic_long_t read_gpa;
+-
+- atomic_long_t mesq_receive;
+- atomic_long_t mesq_receive_none;
+- atomic_long_t mesq_send;
+- atomic_long_t mesq_send_failed;
+- atomic_long_t mesq_noop;
+- atomic_long_t mesq_send_unexpected_error;
+- atomic_long_t mesq_send_lb_overflow;
+- atomic_long_t mesq_send_qlimit_reached;
+- atomic_long_t mesq_send_amo_nacked;
+- atomic_long_t mesq_send_put_nacked;
+- atomic_long_t mesq_page_overflow;
+- atomic_long_t mesq_qf_locked;
+- atomic_long_t mesq_qf_noop_not_full;
+- atomic_long_t mesq_qf_switch_head_failed;
+- atomic_long_t mesq_qf_unexpected_error;
+- atomic_long_t mesq_noop_unexpected_error;
+- atomic_long_t mesq_noop_lb_overflow;
+- atomic_long_t mesq_noop_qlimit_reached;
+- atomic_long_t mesq_noop_amo_nacked;
+- atomic_long_t mesq_noop_put_nacked;
+- atomic_long_t mesq_noop_page_overflow;
+ atomic_long_unchecked_t vdata_alloc;
+ atomic_long_unchecked_t vdata_free;
+ atomic_long_unchecked_t gts_alloc;
@@ -39643,33 +39615,10 @@ index 5c3ce24..4915ccb 100644
+ atomic_long_unchecked_t flush_tlb_gru;
+ atomic_long_unchecked_t flush_tlb_gru_tgh;
+ atomic_long_unchecked_t flush_tlb_gru_zero_asid;
-
-- atomic_long_t copy_gpa;
-- atomic_long_t read_gpa;
++
+ atomic_long_unchecked_t copy_gpa;
+ atomic_long_unchecked_t read_gpa;
-
-- atomic_long_t mesq_receive;
-- atomic_long_t mesq_receive_none;
-- atomic_long_t mesq_send;
-- atomic_long_t mesq_send_failed;
-- atomic_long_t mesq_noop;
-- atomic_long_t mesq_send_unexpected_error;
-- atomic_long_t mesq_send_lb_overflow;
-- atomic_long_t mesq_send_qlimit_reached;
-- atomic_long_t mesq_send_amo_nacked;
-- atomic_long_t mesq_send_put_nacked;
-- atomic_long_t mesq_page_overflow;
-- atomic_long_t mesq_qf_locked;
-- atomic_long_t mesq_qf_noop_not_full;
-- atomic_long_t mesq_qf_switch_head_failed;
-- atomic_long_t mesq_qf_unexpected_error;
-- atomic_long_t mesq_noop_unexpected_error;
-- atomic_long_t mesq_noop_lb_overflow;
-- atomic_long_t mesq_noop_qlimit_reached;
-- atomic_long_t mesq_noop_amo_nacked;
-- atomic_long_t mesq_noop_put_nacked;
-- atomic_long_t mesq_noop_page_overflow;
++
+ atomic_long_unchecked_t mesq_receive;
+ atomic_long_unchecked_t mesq_receive_none;
+ atomic_long_unchecked_t mesq_send;
@@ -41479,7 +41428,7 @@ index d320df6..ca9a8f6 100644
#define ASPM_STATE_ALL (ASPM_STATE_L0S | ASPM_STATE_L1)
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
-index 563771f..4e3c368 100644
+index 9c8b3bd..899c8fa 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -173,7 +173,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type,
@@ -42936,7 +42885,7 @@ index f379c7f..e8fc69c 100644
transport_setup_device(&rport->dev);
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
-index 82910cc..7c350ad 100644
+index 0f0370f..7e076c4 100644
--- a/drivers/scsi/sd.c
+++ b/drivers/scsi/sd.c
@@ -2929,7 +2929,7 @@ static int sd_probe(struct device *dev)
@@ -49159,6 +49108,8 @@ index 86af964..5d53bf6 100644
+ */
}
+- if (elf_interpreter) {
+- unsigned long interp_map_addr = 0;
+#ifdef CONFIG_PAX_RANDMMAP
+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
+ unsigned long start, size, flags;
@@ -49168,7 +49119,7 @@ index 86af964..5d53bf6 100644
+ size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
+ flags = MAP_FIXED | MAP_PRIVATE;
+ vm_flags = VM_DONTEXPAND | VM_DONTDUMP;
-+
+
+ down_write(&current->mm->mmap_sem);
+ start = get_unmapped_area(NULL, start, PAGE_ALIGN(size), 0, flags);
+ retval = -ENOMEM;
@@ -49188,9 +49139,7 @@ index 86af964..5d53bf6 100644
+ }
+#endif
+
- if (elf_interpreter) {
-- unsigned long interp_map_addr = 0;
--
++ if (elf_interpreter) {
elf_entry = load_elf_interp(&loc->interp_elf_ex,
interpreter,
- &interp_map_addr,
@@ -49496,7 +49445,7 @@ index aae187a..fd790ba 100644
else if (whole->bd_holder != NULL)
return false; /* is a partition of a held device */
diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c
-index ca9d8f1..8c0142d 100644
+index 7a983f7..c73ee93 100644
--- a/fs/btrfs/ctree.c
+++ b/fs/btrfs/ctree.c
@@ -1036,9 +1036,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans,
@@ -51471,7 +51420,7 @@ index 3b83cd6..0f34dcd 100644
/* locality groups */
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
-index f3190ab..84ffb21 100644
+index 8b6e837..36fd6c1 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -1754,7 +1754,7 @@ void ext4_mb_simple_scan_group(struct ext4_allocation_context *ac,
@@ -51601,7 +51550,7 @@ index b3b1f7d..cff51d5 100644
"MMP failure info: last update time: %llu, last update "
"node: %s, last update device: %s\n",
diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c
-index 3beae6a..8cc5637 100644
+index 1cb76e8..0fe3928 100644
--- a/fs/ext4/resize.c
+++ b/fs/ext4/resize.c
@@ -79,12 +79,20 @@ static int verify_group_input(struct super_block *sb,
@@ -52045,9 +51994,7 @@ index ee38fef..0a326d4 100644
#ifdef CONFIG_FSCACHE_STATS
-extern atomic_t fscache_n_ops_processed[FSCACHE_MAX_THREADS];
-extern atomic_t fscache_n_objs_processed[FSCACHE_MAX_THREADS];
-+extern atomic_unchecked_t fscache_n_ops_processed[FSCACHE_MAX_THREADS];
-+extern atomic_unchecked_t fscache_n_objs_processed[FSCACHE_MAX_THREADS];
-
+-
-extern atomic_t fscache_n_op_pend;
-extern atomic_t fscache_n_op_run;
-extern atomic_t fscache_n_op_enqueue;
@@ -52056,26 +52003,13 @@ index ee38fef..0a326d4 100644
-extern atomic_t fscache_n_op_gc;
-extern atomic_t fscache_n_op_cancelled;
-extern atomic_t fscache_n_op_rejected;
-+extern atomic_unchecked_t fscache_n_op_pend;
-+extern atomic_unchecked_t fscache_n_op_run;
-+extern atomic_unchecked_t fscache_n_op_enqueue;
-+extern atomic_unchecked_t fscache_n_op_deferred_release;
-+extern atomic_unchecked_t fscache_n_op_release;
-+extern atomic_unchecked_t fscache_n_op_gc;
-+extern atomic_unchecked_t fscache_n_op_cancelled;
-+extern atomic_unchecked_t fscache_n_op_rejected;
-
+-
-extern atomic_t fscache_n_attr_changed;
-extern atomic_t fscache_n_attr_changed_ok;
-extern atomic_t fscache_n_attr_changed_nobufs;
-extern atomic_t fscache_n_attr_changed_nomem;
-extern atomic_t fscache_n_attr_changed_calls;
-+extern atomic_unchecked_t fscache_n_attr_changed;
-+extern atomic_unchecked_t fscache_n_attr_changed_ok;
-+extern atomic_unchecked_t fscache_n_attr_changed_nobufs;
-+extern atomic_unchecked_t fscache_n_attr_changed_nomem;
-+extern atomic_unchecked_t fscache_n_attr_changed_calls;
-
+-
-extern atomic_t fscache_n_allocs;
-extern atomic_t fscache_n_allocs_ok;
-extern atomic_t fscache_n_allocs_wait;
@@ -52084,15 +52018,7 @@ index ee38fef..0a326d4 100644
-extern atomic_t fscache_n_allocs_object_dead;
-extern atomic_t fscache_n_alloc_ops;
-extern atomic_t fscache_n_alloc_op_waits;
-+extern atomic_unchecked_t fscache_n_allocs;
-+extern atomic_unchecked_t fscache_n_allocs_ok;
-+extern atomic_unchecked_t fscache_n_allocs_wait;
-+extern atomic_unchecked_t fscache_n_allocs_nobufs;
-+extern atomic_unchecked_t fscache_n_allocs_intr;
-+extern atomic_unchecked_t fscache_n_allocs_object_dead;
-+extern atomic_unchecked_t fscache_n_alloc_ops;
-+extern atomic_unchecked_t fscache_n_alloc_op_waits;
-
+-
-extern atomic_t fscache_n_retrievals;
-extern atomic_t fscache_n_retrievals_ok;
-extern atomic_t fscache_n_retrievals_wait;
@@ -52103,17 +52029,7 @@ index ee38fef..0a326d4 100644
-extern atomic_t fscache_n_retrievals_object_dead;
-extern atomic_t fscache_n_retrieval_ops;
-extern atomic_t fscache_n_retrieval_op_waits;
-+extern atomic_unchecked_t fscache_n_retrievals;
-+extern atomic_unchecked_t fscache_n_retrievals_ok;
-+extern atomic_unchecked_t fscache_n_retrievals_wait;
-+extern atomic_unchecked_t fscache_n_retrievals_nodata;
-+extern atomic_unchecked_t fscache_n_retrievals_nobufs;
-+extern atomic_unchecked_t fscache_n_retrievals_intr;
-+extern atomic_unchecked_t fscache_n_retrievals_nomem;
-+extern atomic_unchecked_t fscache_n_retrievals_object_dead;
-+extern atomic_unchecked_t fscache_n_retrieval_ops;
-+extern atomic_unchecked_t fscache_n_retrieval_op_waits;
-
+-
-extern atomic_t fscache_n_stores;
-extern atomic_t fscache_n_stores_ok;
-extern atomic_t fscache_n_stores_again;
@@ -52124,6 +52040,91 @@ index ee38fef..0a326d4 100644
-extern atomic_t fscache_n_store_pages;
-extern atomic_t fscache_n_store_radix_deletes;
-extern atomic_t fscache_n_store_pages_over_limit;
+-
+-extern atomic_t fscache_n_store_vmscan_not_storing;
+-extern atomic_t fscache_n_store_vmscan_gone;
+-extern atomic_t fscache_n_store_vmscan_busy;
+-extern atomic_t fscache_n_store_vmscan_cancelled;
+-extern atomic_t fscache_n_store_vmscan_wait;
+-
+-extern atomic_t fscache_n_marks;
+-extern atomic_t fscache_n_uncaches;
+-
+-extern atomic_t fscache_n_acquires;
+-extern atomic_t fscache_n_acquires_null;
+-extern atomic_t fscache_n_acquires_no_cache;
+-extern atomic_t fscache_n_acquires_ok;
+-extern atomic_t fscache_n_acquires_nobufs;
+-extern atomic_t fscache_n_acquires_oom;
+-
+-extern atomic_t fscache_n_invalidates;
+-extern atomic_t fscache_n_invalidates_run;
+-
+-extern atomic_t fscache_n_updates;
+-extern atomic_t fscache_n_updates_null;
+-extern atomic_t fscache_n_updates_run;
+-
+-extern atomic_t fscache_n_relinquishes;
+-extern atomic_t fscache_n_relinquishes_null;
+-extern atomic_t fscache_n_relinquishes_waitcrt;
+-extern atomic_t fscache_n_relinquishes_retire;
+-
+-extern atomic_t fscache_n_cookie_index;
+-extern atomic_t fscache_n_cookie_data;
+-extern atomic_t fscache_n_cookie_special;
+-
+-extern atomic_t fscache_n_object_alloc;
+-extern atomic_t fscache_n_object_no_alloc;
+-extern atomic_t fscache_n_object_lookups;
+-extern atomic_t fscache_n_object_lookups_negative;
+-extern atomic_t fscache_n_object_lookups_positive;
+-extern atomic_t fscache_n_object_lookups_timed_out;
+-extern atomic_t fscache_n_object_created;
+-extern atomic_t fscache_n_object_avail;
+-extern atomic_t fscache_n_object_dead;
+-
+-extern atomic_t fscache_n_checkaux_none;
+-extern atomic_t fscache_n_checkaux_okay;
+-extern atomic_t fscache_n_checkaux_update;
+-extern atomic_t fscache_n_checkaux_obsolete;
++extern atomic_unchecked_t fscache_n_ops_processed[FSCACHE_MAX_THREADS];
++extern atomic_unchecked_t fscache_n_objs_processed[FSCACHE_MAX_THREADS];
++
++extern atomic_unchecked_t fscache_n_op_pend;
++extern atomic_unchecked_t fscache_n_op_run;
++extern atomic_unchecked_t fscache_n_op_enqueue;
++extern atomic_unchecked_t fscache_n_op_deferred_release;
++extern atomic_unchecked_t fscache_n_op_release;
++extern atomic_unchecked_t fscache_n_op_gc;
++extern atomic_unchecked_t fscache_n_op_cancelled;
++extern atomic_unchecked_t fscache_n_op_rejected;
++
++extern atomic_unchecked_t fscache_n_attr_changed;
++extern atomic_unchecked_t fscache_n_attr_changed_ok;
++extern atomic_unchecked_t fscache_n_attr_changed_nobufs;
++extern atomic_unchecked_t fscache_n_attr_changed_nomem;
++extern atomic_unchecked_t fscache_n_attr_changed_calls;
++
++extern atomic_unchecked_t fscache_n_allocs;
++extern atomic_unchecked_t fscache_n_allocs_ok;
++extern atomic_unchecked_t fscache_n_allocs_wait;
++extern atomic_unchecked_t fscache_n_allocs_nobufs;
++extern atomic_unchecked_t fscache_n_allocs_intr;
++extern atomic_unchecked_t fscache_n_allocs_object_dead;
++extern atomic_unchecked_t fscache_n_alloc_ops;
++extern atomic_unchecked_t fscache_n_alloc_op_waits;
++
++extern atomic_unchecked_t fscache_n_retrievals;
++extern atomic_unchecked_t fscache_n_retrievals_ok;
++extern atomic_unchecked_t fscache_n_retrievals_wait;
++extern atomic_unchecked_t fscache_n_retrievals_nodata;
++extern atomic_unchecked_t fscache_n_retrievals_nobufs;
++extern atomic_unchecked_t fscache_n_retrievals_intr;
++extern atomic_unchecked_t fscache_n_retrievals_nomem;
++extern atomic_unchecked_t fscache_n_retrievals_object_dead;
++extern atomic_unchecked_t fscache_n_retrieval_ops;
++extern atomic_unchecked_t fscache_n_retrieval_op_waits;
++
+extern atomic_unchecked_t fscache_n_stores;
+extern atomic_unchecked_t fscache_n_stores_ok;
+extern atomic_unchecked_t fscache_n_stores_again;
@@ -52134,73 +52135,39 @@ index ee38fef..0a326d4 100644
+extern atomic_unchecked_t fscache_n_store_pages;
+extern atomic_unchecked_t fscache_n_store_radix_deletes;
+extern atomic_unchecked_t fscache_n_store_pages_over_limit;
-
--extern atomic_t fscache_n_store_vmscan_not_storing;
--extern atomic_t fscache_n_store_vmscan_gone;
--extern atomic_t fscache_n_store_vmscan_busy;
--extern atomic_t fscache_n_store_vmscan_cancelled;
--extern atomic_t fscache_n_store_vmscan_wait;
++
+extern atomic_unchecked_t fscache_n_store_vmscan_not_storing;
+extern atomic_unchecked_t fscache_n_store_vmscan_gone;
+extern atomic_unchecked_t fscache_n_store_vmscan_busy;
+extern atomic_unchecked_t fscache_n_store_vmscan_cancelled;
+extern atomic_unchecked_t fscache_n_store_vmscan_wait;
-
--extern atomic_t fscache_n_marks;
--extern atomic_t fscache_n_uncaches;
++
+extern atomic_unchecked_t fscache_n_marks;
+extern atomic_unchecked_t fscache_n_uncaches;
-
--extern atomic_t fscache_n_acquires;
--extern atomic_t fscache_n_acquires_null;
--extern atomic_t fscache_n_acquires_no_cache;
--extern atomic_t fscache_n_acquires_ok;
--extern atomic_t fscache_n_acquires_nobufs;
--extern atomic_t fscache_n_acquires_oom;
++
+extern atomic_unchecked_t fscache_n_acquires;
+extern atomic_unchecked_t fscache_n_acquires_null;
+extern atomic_unchecked_t fscache_n_acquires_no_cache;
+extern atomic_unchecked_t fscache_n_acquires_ok;
+extern atomic_unchecked_t fscache_n_acquires_nobufs;
+extern atomic_unchecked_t fscache_n_acquires_oom;
-
--extern atomic_t fscache_n_invalidates;
--extern atomic_t fscache_n_invalidates_run;
++
+extern atomic_unchecked_t fscache_n_invalidates;
+extern atomic_unchecked_t fscache_n_invalidates_run;
-
--extern atomic_t fscache_n_updates;
--extern atomic_t fscache_n_updates_null;
--extern atomic_t fscache_n_updates_run;
++
+extern atomic_unchecked_t fscache_n_updates;
+extern atomic_unchecked_t fscache_n_updates_null;
+extern atomic_unchecked_t fscache_n_updates_run;
-
--extern atomic_t fscache_n_relinquishes;
--extern atomic_t fscache_n_relinquishes_null;
--extern atomic_t fscache_n_relinquishes_waitcrt;
--extern atomic_t fscache_n_relinquishes_retire;
++
+extern atomic_unchecked_t fscache_n_relinquishes;
+extern atomic_unchecked_t fscache_n_relinquishes_null;
+extern atomic_unchecked_t fscache_n_relinquishes_waitcrt;
+extern atomic_unchecked_t fscache_n_relinquishes_retire;
-
--extern atomic_t fscache_n_cookie_index;
--extern atomic_t fscache_n_cookie_data;
--extern atomic_t fscache_n_cookie_special;
++
+extern atomic_unchecked_t fscache_n_cookie_index;
+extern atomic_unchecked_t fscache_n_cookie_data;
+extern atomic_unchecked_t fscache_n_cookie_special;
-
--extern atomic_t fscache_n_object_alloc;
--extern atomic_t fscache_n_object_no_alloc;
--extern atomic_t fscache_n_object_lookups;
--extern atomic_t fscache_n_object_lookups_negative;
--extern atomic_t fscache_n_object_lookups_positive;
--extern atomic_t fscache_n_object_lookups_timed_out;
--extern atomic_t fscache_n_object_created;
--extern atomic_t fscache_n_object_avail;
--extern atomic_t fscache_n_object_dead;
++
+extern atomic_unchecked_t fscache_n_object_alloc;
+extern atomic_unchecked_t fscache_n_object_no_alloc;
+extern atomic_unchecked_t fscache_n_object_lookups;
@@ -52210,11 +52177,7 @@ index ee38fef..0a326d4 100644
+extern atomic_unchecked_t fscache_n_object_created;
+extern atomic_unchecked_t fscache_n_object_avail;
+extern atomic_unchecked_t fscache_n_object_dead;
-
--extern atomic_t fscache_n_checkaux_none;
--extern atomic_t fscache_n_checkaux_okay;
--extern atomic_t fscache_n_checkaux_update;
--extern atomic_t fscache_n_checkaux_obsolete;
++
+extern atomic_unchecked_t fscache_n_checkaux_none;
+extern atomic_unchecked_t fscache_n_checkaux_okay;
+extern atomic_unchecked_t fscache_n_checkaux_update;
@@ -52911,27 +52874,13 @@ index 40d13c7..ddf52b9 100644
-atomic_t fscache_n_op_gc;
-atomic_t fscache_n_op_cancelled;
-atomic_t fscache_n_op_rejected;
-+atomic_unchecked_t fscache_n_op_pend;
-+atomic_unchecked_t fscache_n_op_run;
-+atomic_unchecked_t fscache_n_op_enqueue;
-+atomic_unchecked_t fscache_n_op_requeue;
-+atomic_unchecked_t fscache_n_op_deferred_release;
-+atomic_unchecked_t fscache_n_op_release;
-+atomic_unchecked_t fscache_n_op_gc;
-+atomic_unchecked_t fscache_n_op_cancelled;
-+atomic_unchecked_t fscache_n_op_rejected;
-
+-
-atomic_t fscache_n_attr_changed;
-atomic_t fscache_n_attr_changed_ok;
-atomic_t fscache_n_attr_changed_nobufs;
-atomic_t fscache_n_attr_changed_nomem;
-atomic_t fscache_n_attr_changed_calls;
-+atomic_unchecked_t fscache_n_attr_changed;
-+atomic_unchecked_t fscache_n_attr_changed_ok;
-+atomic_unchecked_t fscache_n_attr_changed_nobufs;
-+atomic_unchecked_t fscache_n_attr_changed_nomem;
-+atomic_unchecked_t fscache_n_attr_changed_calls;
-
+-
-atomic_t fscache_n_allocs;
-atomic_t fscache_n_allocs_ok;
-atomic_t fscache_n_allocs_wait;
@@ -52940,15 +52889,7 @@ index 40d13c7..ddf52b9 100644
-atomic_t fscache_n_allocs_object_dead;
-atomic_t fscache_n_alloc_ops;
-atomic_t fscache_n_alloc_op_waits;
-+atomic_unchecked_t fscache_n_allocs;
-+atomic_unchecked_t fscache_n_allocs_ok;
-+atomic_unchecked_t fscache_n_allocs_wait;
-+atomic_unchecked_t fscache_n_allocs_nobufs;
-+atomic_unchecked_t fscache_n_allocs_intr;
-+atomic_unchecked_t fscache_n_allocs_object_dead;
-+atomic_unchecked_t fscache_n_alloc_ops;
-+atomic_unchecked_t fscache_n_alloc_op_waits;
-
+-
-atomic_t fscache_n_retrievals;
-atomic_t fscache_n_retrievals_ok;
-atomic_t fscache_n_retrievals_wait;
@@ -52959,17 +52900,7 @@ index 40d13c7..ddf52b9 100644
-atomic_t fscache_n_retrievals_object_dead;
-atomic_t fscache_n_retrieval_ops;
-atomic_t fscache_n_retrieval_op_waits;
-+atomic_unchecked_t fscache_n_retrievals;
-+atomic_unchecked_t fscache_n_retrievals_ok;
-+atomic_unchecked_t fscache_n_retrievals_wait;
-+atomic_unchecked_t fscache_n_retrievals_nodata;
-+atomic_unchecked_t fscache_n_retrievals_nobufs;
-+atomic_unchecked_t fscache_n_retrievals_intr;
-+atomic_unchecked_t fscache_n_retrievals_nomem;
-+atomic_unchecked_t fscache_n_retrievals_object_dead;
-+atomic_unchecked_t fscache_n_retrieval_ops;
-+atomic_unchecked_t fscache_n_retrieval_op_waits;
-
+-
-atomic_t fscache_n_stores;
-atomic_t fscache_n_stores_ok;
-atomic_t fscache_n_stores_again;
@@ -52980,6 +52911,89 @@ index 40d13c7..ddf52b9 100644
-atomic_t fscache_n_store_pages;
-atomic_t fscache_n_store_radix_deletes;
-atomic_t fscache_n_store_pages_over_limit;
+-
+-atomic_t fscache_n_store_vmscan_not_storing;
+-atomic_t fscache_n_store_vmscan_gone;
+-atomic_t fscache_n_store_vmscan_busy;
+-atomic_t fscache_n_store_vmscan_cancelled;
+-atomic_t fscache_n_store_vmscan_wait;
+-
+-atomic_t fscache_n_marks;
+-atomic_t fscache_n_uncaches;
+-
+-atomic_t fscache_n_acquires;
+-atomic_t fscache_n_acquires_null;
+-atomic_t fscache_n_acquires_no_cache;
+-atomic_t fscache_n_acquires_ok;
+-atomic_t fscache_n_acquires_nobufs;
+-atomic_t fscache_n_acquires_oom;
+-
+-atomic_t fscache_n_invalidates;
+-atomic_t fscache_n_invalidates_run;
+-
+-atomic_t fscache_n_updates;
+-atomic_t fscache_n_updates_null;
+-atomic_t fscache_n_updates_run;
+-
+-atomic_t fscache_n_relinquishes;
+-atomic_t fscache_n_relinquishes_null;
+-atomic_t fscache_n_relinquishes_waitcrt;
+-atomic_t fscache_n_relinquishes_retire;
+-
+-atomic_t fscache_n_cookie_index;
+-atomic_t fscache_n_cookie_data;
+-atomic_t fscache_n_cookie_special;
+-
+-atomic_t fscache_n_object_alloc;
+-atomic_t fscache_n_object_no_alloc;
+-atomic_t fscache_n_object_lookups;
+-atomic_t fscache_n_object_lookups_negative;
+-atomic_t fscache_n_object_lookups_positive;
+-atomic_t fscache_n_object_lookups_timed_out;
+-atomic_t fscache_n_object_created;
+-atomic_t fscache_n_object_avail;
+-atomic_t fscache_n_object_dead;
+-
+-atomic_t fscache_n_checkaux_none;
+-atomic_t fscache_n_checkaux_okay;
+-atomic_t fscache_n_checkaux_update;
+-atomic_t fscache_n_checkaux_obsolete;
++atomic_unchecked_t fscache_n_op_pend;
++atomic_unchecked_t fscache_n_op_run;
++atomic_unchecked_t fscache_n_op_enqueue;
++atomic_unchecked_t fscache_n_op_requeue;
++atomic_unchecked_t fscache_n_op_deferred_release;
++atomic_unchecked_t fscache_n_op_release;
++atomic_unchecked_t fscache_n_op_gc;
++atomic_unchecked_t fscache_n_op_cancelled;
++atomic_unchecked_t fscache_n_op_rejected;
++
++atomic_unchecked_t fscache_n_attr_changed;
++atomic_unchecked_t fscache_n_attr_changed_ok;
++atomic_unchecked_t fscache_n_attr_changed_nobufs;
++atomic_unchecked_t fscache_n_attr_changed_nomem;
++atomic_unchecked_t fscache_n_attr_changed_calls;
++
++atomic_unchecked_t fscache_n_allocs;
++atomic_unchecked_t fscache_n_allocs_ok;
++atomic_unchecked_t fscache_n_allocs_wait;
++atomic_unchecked_t fscache_n_allocs_nobufs;
++atomic_unchecked_t fscache_n_allocs_intr;
++atomic_unchecked_t fscache_n_allocs_object_dead;
++atomic_unchecked_t fscache_n_alloc_ops;
++atomic_unchecked_t fscache_n_alloc_op_waits;
++
++atomic_unchecked_t fscache_n_retrievals;
++atomic_unchecked_t fscache_n_retrievals_ok;
++atomic_unchecked_t fscache_n_retrievals_wait;
++atomic_unchecked_t fscache_n_retrievals_nodata;
++atomic_unchecked_t fscache_n_retrievals_nobufs;
++atomic_unchecked_t fscache_n_retrievals_intr;
++atomic_unchecked_t fscache_n_retrievals_nomem;
++atomic_unchecked_t fscache_n_retrievals_object_dead;
++atomic_unchecked_t fscache_n_retrieval_ops;
++atomic_unchecked_t fscache_n_retrieval_op_waits;
++
+atomic_unchecked_t fscache_n_stores;
+atomic_unchecked_t fscache_n_stores_ok;
+atomic_unchecked_t fscache_n_stores_again;
@@ -52990,73 +53004,39 @@ index 40d13c7..ddf52b9 100644
+atomic_unchecked_t fscache_n_store_pages;
+atomic_unchecked_t fscache_n_store_radix_deletes;
+atomic_unchecked_t fscache_n_store_pages_over_limit;
-
--atomic_t fscache_n_store_vmscan_not_storing;
--atomic_t fscache_n_store_vmscan_gone;
--atomic_t fscache_n_store_vmscan_busy;
--atomic_t fscache_n_store_vmscan_cancelled;
--atomic_t fscache_n_store_vmscan_wait;
++
+atomic_unchecked_t fscache_n_store_vmscan_not_storing;
+atomic_unchecked_t fscache_n_store_vmscan_gone;
+atomic_unchecked_t fscache_n_store_vmscan_busy;
+atomic_unchecked_t fscache_n_store_vmscan_cancelled;
+atomic_unchecked_t fscache_n_store_vmscan_wait;
-
--atomic_t fscache_n_marks;
--atomic_t fscache_n_uncaches;
++
+atomic_unchecked_t fscache_n_marks;
+atomic_unchecked_t fscache_n_uncaches;
-
--atomic_t fscache_n_acquires;
--atomic_t fscache_n_acquires_null;
--atomic_t fscache_n_acquires_no_cache;
--atomic_t fscache_n_acquires_ok;
--atomic_t fscache_n_acquires_nobufs;
--atomic_t fscache_n_acquires_oom;
++
+atomic_unchecked_t fscache_n_acquires;
+atomic_unchecked_t fscache_n_acquires_null;
+atomic_unchecked_t fscache_n_acquires_no_cache;
+atomic_unchecked_t fscache_n_acquires_ok;
+atomic_unchecked_t fscache_n_acquires_nobufs;
+atomic_unchecked_t fscache_n_acquires_oom;
-
--atomic_t fscache_n_invalidates;
--atomic_t fscache_n_invalidates_run;
++
+atomic_unchecked_t fscache_n_invalidates;
+atomic_unchecked_t fscache_n_invalidates_run;
-
--atomic_t fscache_n_updates;
--atomic_t fscache_n_updates_null;
--atomic_t fscache_n_updates_run;
++
+atomic_unchecked_t fscache_n_updates;
+atomic_unchecked_t fscache_n_updates_null;
+atomic_unchecked_t fscache_n_updates_run;
-
--atomic_t fscache_n_relinquishes;
--atomic_t fscache_n_relinquishes_null;
--atomic_t fscache_n_relinquishes_waitcrt;
--atomic_t fscache_n_relinquishes_retire;
++
+atomic_unchecked_t fscache_n_relinquishes;
+atomic_unchecked_t fscache_n_relinquishes_null;
+atomic_unchecked_t fscache_n_relinquishes_waitcrt;
+atomic_unchecked_t fscache_n_relinquishes_retire;
-
--atomic_t fscache_n_cookie_index;
--atomic_t fscache_n_cookie_data;
--atomic_t fscache_n_cookie_special;
++
+atomic_unchecked_t fscache_n_cookie_index;
+atomic_unchecked_t fscache_n_cookie_data;
+atomic_unchecked_t fscache_n_cookie_special;
-
--atomic_t fscache_n_object_alloc;
--atomic_t fscache_n_object_no_alloc;
--atomic_t fscache_n_object_lookups;
--atomic_t fscache_n_object_lookups_negative;
--atomic_t fscache_n_object_lookups_positive;
--atomic_t fscache_n_object_lookups_timed_out;
--atomic_t fscache_n_object_created;
--atomic_t fscache_n_object_avail;
--atomic_t fscache_n_object_dead;
++
+atomic_unchecked_t fscache_n_object_alloc;
+atomic_unchecked_t fscache_n_object_no_alloc;
+atomic_unchecked_t fscache_n_object_lookups;
@@ -53066,11 +53046,7 @@ index 40d13c7..ddf52b9 100644
+atomic_unchecked_t fscache_n_object_created;
+atomic_unchecked_t fscache_n_object_avail;
+atomic_unchecked_t fscache_n_object_dead;
-
--atomic_t fscache_n_checkaux_none;
--atomic_t fscache_n_checkaux_okay;
--atomic_t fscache_n_checkaux_update;
--atomic_t fscache_n_checkaux_obsolete;
++
+atomic_unchecked_t fscache_n_checkaux_none;
+atomic_unchecked_t fscache_n_checkaux_okay;
+atomic_unchecked_t fscache_n_checkaux_update;
@@ -54289,7 +54265,7 @@ index d401d01..10b3e62 100644
static struct nfsd4_operation nfsd4_ops[];
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
-index 6eb0dc5..29067a9 100644
+index a49c11b..8cd8130 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -1457,7 +1457,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p)
@@ -55656,9 +55632,7 @@ index eda6f01..006ae24 100644
} else {
if (kern_addr_valid(start)) {
- unsigned long n;
-+ char *elf_buf;
-+ mm_segment_t oldfs;
-
+-
- n = copy_to_user(buffer, (char *)start, tsz);
- /*
- * We cannot distinguish between fault on source
@@ -55669,6 +55643,9 @@ index eda6f01..006ae24 100644
- if (n) {
- if (clear_user(buffer + tsz - n,
- n))
++ char *elf_buf;
++ mm_segment_t oldfs;
++
+ elf_buf = kmalloc(tsz, GFP_KERNEL);
+ if (!elf_buf)
+ return -ENOMEM;
@@ -74828,10 +74805,10 @@ index f6c2ce5..982c0f9 100644
+ return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
+}
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
-index a48de6a..df24bfe 100644
+index 526f4ba..19cca33 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
-@@ -5567,7 +5567,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
+@@ -5580,7 +5580,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
struct css_set *cg = link->cg;
struct task_struct *task;
int count = 0;
@@ -75819,7 +75796,7 @@ index 1766d32..c0e44e2 100644
else
new_fs = fs;
diff --git a/kernel/futex.c b/kernel/futex.c
-index b26dcfc..39e266a 100644
+index 49dacfb..5c6b450 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -54,6 +54,7 @@
@@ -75830,7 +75807,7 @@ index b26dcfc..39e266a 100644
#include <linux/signal.h>
#include <linux/export.h>
#include <linux/magic.h>
-@@ -241,6 +242,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
+@@ -242,6 +243,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
struct page *page, *page_head;
int err, ro = 0;
@@ -75842,7 +75819,7 @@ index b26dcfc..39e266a 100644
/*
* The futex address must be "naturally" aligned.
*/
-@@ -2732,6 +2738,7 @@ static int __init futex_init(void)
+@@ -2733,6 +2739,7 @@ static int __init futex_init(void)
{
u32 curval;
int i;
@@ -75850,7 +75827,7 @@ index b26dcfc..39e266a 100644
/*
* This will fail and we want it. Some arch implementations do
-@@ -2743,8 +2750,11 @@ static int __init futex_init(void)
+@@ -2744,8 +2751,11 @@ static int __init futex_init(void)
* implementation, the non-functional ones will return
* -ENOSYS.
*/
@@ -76426,7 +76403,7 @@ index b2c71c5..7b88d63 100644
seq_printf(m, "%40s %14lu %29s %pS\n",
name, stats->contending_point[i],
diff --git a/kernel/module.c b/kernel/module.c
-index 97f202c..109575f 100644
+index a55f61b..1561428 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -61,6 +61,7 @@
@@ -76880,14 +76857,11 @@ index 97f202c..109575f 100644
if (!ptr) {
- module_free(mod, mod->module_core);
+ module_free(mod, mod->module_core_rw);
- return -ENOMEM;
- }
-- memset(ptr, 0, mod->init_size);
-- mod->module_init = ptr;
++ return -ENOMEM;
++ }
+ memset(ptr, 0, mod->init_size_rw);
+ mod->module_init_rw = ptr;
- } else
-- mod->module_init = NULL;
++ } else
+ mod->module_init_rw = NULL;
+
+ ptr = module_alloc_update_bounds_rx(mod->core_size_rx);
@@ -76912,14 +76886,17 @@ index 97f202c..109575f 100644
+ if (mod->module_init_rw)
+ module_free(mod, mod->module_init_rw);
+ module_free(mod, mod->module_core_rw);
-+ return -ENOMEM;
-+ }
+ return -ENOMEM;
+ }
+- memset(ptr, 0, mod->init_size);
+- mod->module_init = ptr;
+
+ pax_open_kernel();
+ memset(ptr, 0, mod->init_size_rx);
+ pax_close_kernel();
+ mod->module_init_rx = ptr;
-+ } else
+ } else
+- mod->module_init = NULL;
+ mod->module_init_rx = NULL;
/* Transfer each section which specifies SHF_ALLOC */
@@ -76996,7 +76973,7 @@ index 97f202c..109575f 100644
set_fs(old_fs);
}
-@@ -2992,8 +3097,10 @@ out:
+@@ -2989,8 +3094,10 @@ static int alloc_module_percpu(struct module *mod, struct load_info *info)
static void module_deallocate(struct module *mod, struct load_info *info)
{
percpu_modfree(mod);
@@ -77009,7 +76986,7 @@ index 97f202c..109575f 100644
}
int __weak module_finalize(const Elf_Ehdr *hdr,
-@@ -3006,7 +3113,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr,
+@@ -3003,7 +3110,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr,
static int post_relocation(struct module *mod, const struct load_info *info)
{
/* Sort exception table now relocations are done. */
@@ -77019,7 +76996,7 @@ index 97f202c..109575f 100644
/* Copy relocated percpu area over. */
percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr,
-@@ -3060,16 +3169,16 @@ static int do_init_module(struct module *mod)
+@@ -3057,16 +3166,16 @@ static int do_init_module(struct module *mod)
MODULE_STATE_COMING, mod);
/* Set RO and NX regions for core */
@@ -77044,7 +77021,7 @@ index 97f202c..109575f 100644
do_mod_ctors(mod);
/* Start the module */
-@@ -3131,11 +3240,12 @@ static int do_init_module(struct module *mod)
+@@ -3128,11 +3237,12 @@ static int do_init_module(struct module *mod)
mod->strtab = mod->core_strtab;
#endif
unset_module_init_ro_nx(mod);
@@ -77062,7 +77039,7 @@ index 97f202c..109575f 100644
mutex_unlock(&module_mutex);
wake_up_all(&module_wq);
-@@ -3262,9 +3372,38 @@ static int load_module(struct load_info *info, const char __user *uargs,
+@@ -3264,9 +3374,38 @@ static int load_module(struct load_info *info, const char __user *uargs,
if (err)
goto free_unload;
@@ -77101,7 +77078,7 @@ index 97f202c..109575f 100644
/* Fix up syms, so that st_value is a pointer to location. */
err = simplify_symbols(mod, info);
if (err < 0)
-@@ -3280,13 +3419,6 @@ static int load_module(struct load_info *info, const char __user *uargs,
+@@ -3282,13 +3421,6 @@ static int load_module(struct load_info *info, const char __user *uargs,
flush_module_icache(mod);
@@ -77115,7 +77092,7 @@ index 97f202c..109575f 100644
dynamic_debug_setup(info->debug, info->num_debug);
/* Finally it's fully formed, ready to start executing. */
-@@ -3321,11 +3453,10 @@ static int load_module(struct load_info *info, const char __user *uargs,
+@@ -3323,11 +3455,10 @@ static int load_module(struct load_info *info, const char __user *uargs,
ddebug_cleanup:
dynamic_debug_remove(info->debug);
synchronize_sched();
@@ -77128,7 +77105,7 @@ index 97f202c..109575f 100644
free_unload:
module_unload_free(mod);
unlink_mod:
-@@ -3408,10 +3539,16 @@ static const char *get_ksymbol(struct module *mod,
+@@ -3410,10 +3541,16 @@ static const char *get_ksymbol(struct module *mod,
unsigned long nextval;
/* At worse, next value is at end of module */
@@ -77148,7 +77125,7 @@ index 97f202c..109575f 100644
/* Scan for closest preceding symbol, and next symbol. (ELF
starts real symbols at 1). */
-@@ -3664,7 +3801,7 @@ static int m_show(struct seq_file *m, void *p)
+@@ -3666,7 +3803,7 @@ static int m_show(struct seq_file *m, void *p)
return 0;
seq_printf(m, "%s %u",
@@ -77157,7 +77134,7 @@ index 97f202c..109575f 100644
print_unload_info(m, mod);
/* Informative for users. */
-@@ -3673,7 +3810,7 @@ static int m_show(struct seq_file *m, void *p)
+@@ -3675,7 +3812,7 @@ static int m_show(struct seq_file *m, void *p)
mod->state == MODULE_STATE_COMING ? "Loading":
"Live");
/* Used by oprofile and other similar tools. */
@@ -77166,7 +77143,7 @@ index 97f202c..109575f 100644
/* Taints info */
if (mod->taints)
-@@ -3709,7 +3846,17 @@ static const struct file_operations proc_modules_operations = {
+@@ -3711,7 +3848,17 @@ static const struct file_operations proc_modules_operations = {
static int __init proc_modules_init(void)
{
@@ -77184,7 +77161,7 @@ index 97f202c..109575f 100644
return 0;
}
module_init(proc_modules_init);
-@@ -3770,14 +3917,14 @@ struct module *__module_address(unsigned long addr)
+@@ -3772,14 +3919,14 @@ struct module *__module_address(unsigned long addr)
{
struct module *mod;
@@ -77202,7 +77179,7 @@ index 97f202c..109575f 100644
return mod;
}
return NULL;
-@@ -3812,11 +3959,20 @@ bool is_module_text_address(unsigned long addr)
+@@ -3814,11 +3961,20 @@ bool is_module_text_address(unsigned long addr)
*/
struct module *__module_text_address(unsigned long addr)
{
@@ -79673,10 +79650,10 @@ index 0b537f2..40d6c20 100644
return -ENOMEM;
return 0;
diff --git a/kernel/timer.c b/kernel/timer.c
-index 1b399c8..90e1849 100644
+index 3361cff..0751080 100644
--- a/kernel/timer.c
+++ b/kernel/timer.c
-@@ -1363,7 +1363,7 @@ void update_process_times(int user_tick)
+@@ -1365,7 +1365,7 @@ void update_process_times(int user_tick)
/*
* This function runs timers and the timer-tq in bottom half context.
*/
@@ -79685,7 +79662,7 @@ index 1b399c8..90e1849 100644
{
struct tvec_base *base = __this_cpu_read(tvec_bases);
-@@ -1481,7 +1481,7 @@ static void process_timeout(unsigned long __data)
+@@ -1483,7 +1483,7 @@ static void process_timeout(unsigned long __data)
*
* In all cases the return value is guaranteed to be non-negative.
*/
@@ -79694,7 +79671,7 @@ index 1b399c8..90e1849 100644
{
struct timer_list timer;
unsigned long expire;
-@@ -1772,7 +1772,7 @@ static int __cpuinit timer_cpu_notify(struct notifier_block *self,
+@@ -1774,7 +1774,7 @@ static int __cpuinit timer_cpu_notify(struct notifier_block *self,
return NOTIFY_OK;
}
@@ -81054,10 +81031,10 @@ index b32b70c..e512eb0 100644
set_page_address(page, (void *)vaddr);
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
-index ce4cb19..93899ef 100644
+index 2baa6e3..cd0a264 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
-@@ -2005,15 +2005,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy,
+@@ -2022,15 +2022,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy,
struct hstate *h = &default_hstate;
unsigned long tmp;
int ret;
@@ -81078,7 +81055,7 @@ index ce4cb19..93899ef 100644
if (ret)
goto out;
-@@ -2070,15 +2072,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write,
+@@ -2087,15 +2089,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write,
struct hstate *h = &default_hstate;
unsigned long tmp;
int ret;
@@ -81099,7 +81076,7 @@ index ce4cb19..93899ef 100644
if (ret)
goto out;
-@@ -2512,6 +2516,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma,
+@@ -2529,6 +2533,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma,
return 1;
}
@@ -81127,7 +81104,7 @@ index ce4cb19..93899ef 100644
/*
* Hugetlb_cow() should be called with page lock of the original hugepage held.
* Called with hugetlb_instantiation_mutex held and pte_page locked so we
-@@ -2630,6 +2655,11 @@ retry_avoidcopy:
+@@ -2647,6 +2672,11 @@ retry_avoidcopy:
make_huge_pte(vma, new_page, 1));
page_remove_rmap(old_page);
hugepage_add_new_anon_rmap(new_page, vma, address);
@@ -81139,7 +81116,7 @@ index ce4cb19..93899ef 100644
/* Make the old page be freed below */
new_page = old_page;
}
-@@ -2788,6 +2818,10 @@ retry:
+@@ -2805,6 +2835,10 @@ retry:
&& (vma->vm_flags & VM_SHARED)));
set_huge_pte_at(mm, address, ptep, new_pte);
@@ -81150,7 +81127,7 @@ index ce4cb19..93899ef 100644
if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) {
/* Optimization, do the COW without a second fault */
ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page);
-@@ -2817,6 +2851,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma,
+@@ -2834,6 +2868,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma,
static DEFINE_MUTEX(hugetlb_instantiation_mutex);
struct hstate *h = hstate_vma(vma);
@@ -81161,7 +81138,7 @@ index ce4cb19..93899ef 100644
address &= huge_page_mask(h);
ptep = huge_pte_offset(mm, address);
-@@ -2830,6 +2868,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma,
+@@ -2847,6 +2885,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma,
VM_FAULT_SET_HINDEX(hstate_index(h));
}
@@ -84022,7 +83999,7 @@ index efe6814..64b4701 100644
.next = NULL,
};
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
-index 0d4fef2..8870335 100644
+index ab62b75..410422f 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -59,6 +59,7 @@