aboutsummaryrefslogtreecommitdiffstats
path: root/main/linux-grsec
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2014-07-08 11:05:17 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2014-07-08 11:13:42 +0000
commit742aeb7fe755176c257d19bd477e778395feb04f (patch)
tree8a4ca7f85d7d2677954220d62babaa43a013800d /main/linux-grsec
parent614de3f348e53eb80ddfbdf8ceef7b32fe546606 (diff)
downloadaports-742aeb7fe755176c257d19bd477e778395feb04f.tar.bz2
aports-742aeb7fe755176c257d19bd477e778395feb04f.tar.xz
main/linux-grsec: upgrade to 3.14.11
Diffstat (limited to 'main/linux-grsec')
-rw-r--r--main/linux-grsec/APKBUILD16
-rw-r--r--main/linux-grsec/grsecurity-3.0-3.14.11-201407072045.patch (renamed from main/linux-grsec/grsecurity-3.0-3.14.10-201407052031.patch)178
2 files changed, 80 insertions, 114 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index e91d727238..5cdf615c70 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
_flavor=grsec
pkgname=linux-${_flavor}
-pkgver=3.14.10
+pkgver=3.14.11
case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
@@ -17,7 +17,7 @@ _config=${config:-kernelconfig.${CARCH}}
install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
- grsecurity-3.0-3.14.10-201407052031.patch
+ grsecurity-3.0-3.14.11-201407072045.patch
fix-memory-map-for-PIE-applications.patch
imx6q-no-unclocked-sleep.patch
@@ -165,24 +165,24 @@ dev() {
}
md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz
-13d435d77d719cd845fb82627aa07974 patch-3.14.10.xz
-08c26e89d09fb4cc0d41c159ea17bb24 grsecurity-3.0-3.14.10-201407052031.patch
+5cf3d2cb0f552c2c6faf829b6630e84f patch-3.14.11.xz
+53571da447f6543f8741e8c998a01e4f grsecurity-3.0-3.14.11-201407072045.patch
c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch
1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch
83f0e1b1d2413bcb2dddcf87a10dc42b kernelconfig.x86
0b07cc6ece6232c631e2d55f2dd860d6 kernelconfig.x86_64
887980f603af6a1ac6f67edeae2e0d07 kernelconfig.armhf"
sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz
-e93bcbbd4568449e771f420ddd281a797b8df92ff265d59f849c3f53172fd95e patch-3.14.10.xz
-238f1499e7b6669b199e85cc334e01c9240665d65647b2ea0c30c230b88ac714 grsecurity-3.0-3.14.10-201407052031.patch
+3f290fb547cb4afe23bf520c8c863b6d1e090814f4a6fa0080ed51b4afd9a409 patch-3.14.11.xz
+b9f3eee998c12873b3b4263522c4faaf1c3a1536b513d553377d4b4dc07b9bb5 grsecurity-3.0-3.14.11-201407072045.patch
500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch
21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch
5431d66b9c1af413b4dc6f91de00a6e830e3d780a79c5f85d2d8b013b151c169 kernelconfig.x86
9f420cee74896fd3578c3b342188438ac5d6b0f327586c108367abcfc3f1e6ff kernelconfig.x86_64
ab3e07f85f4dd090b2d22b485881031bd479a1c34fc9a2e9707cb8cdebfcfda4 kernelconfig.armhf"
sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz
-807783caa9ff492b936b1deef2da96bfb4af5429adc4810de66fbc709ab1a707e26c03edb66a10e429ad5038697c0d522d7f63075382db5d65f622f727be5452 patch-3.14.10.xz
-194d0b023eb9841c2784220ecd80eedd61b62ce1f971a8e5a4fe2f7dcc7a1cff304a4e1bbd7a69aaf5ac2dc9fe112e3d4618bfa8e9541770c8fd3c0dcfe1a358 grsecurity-3.0-3.14.10-201407052031.patch
+fb4dca2cf832b04896f4c052ea84eab501c459bf27030b81a88b288d09d320b86254b7e995ae1931c6083ae4c88f62e4ba1976ce2254d88645f9e95a253d19e4 patch-3.14.11.xz
+c02ef0f5df3231c3cdb9ebe4aae360ec950a2f6cb6ef11eccaf9736abe71c90cf4a163324ff515aaa1279a57ab70481cb9323dc5896563c716a5fd8461306632 grsecurity-3.0-3.14.11-201407072045.patch
4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch
87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch
03f817222bf5812fa8363542e4ab108767212c67efe3994ea8fe9d0751215d9c3f166ce41de41f9070c855db6c04606828dc61265a1738920b984a24077347c4 kernelconfig.x86
diff --git a/main/linux-grsec/grsecurity-3.0-3.14.10-201407052031.patch b/main/linux-grsec/grsecurity-3.0-3.14.11-201407072045.patch
index 5cd674b923..a883f759f7 100644
--- a/main/linux-grsec/grsecurity-3.0-3.14.10-201407052031.patch
+++ b/main/linux-grsec/grsecurity-3.0-3.14.11-201407072045.patch
@@ -287,7 +287,7 @@ index 7116fda..d8ed6e8 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index bd5d673..00eaa40 100644
+index f1bbec5..d78810b 100644
--- a/Makefile
+++ b/Makefile
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -16136,7 +16136,7 @@ index 69bbb48..32517fe 100644
#define smp_load_acquire(p) \
diff --git a/arch/x86/include/asm/bitops.h b/arch/x86/include/asm/bitops.h
-index 9fc1af7..fc71228 100644
+index 9fc1af7..776d75a 100644
--- a/arch/x86/include/asm/bitops.h
+++ b/arch/x86/include/asm/bitops.h
@@ -49,7 +49,7 @@
@@ -16216,7 +16216,7 @@ index 9fc1af7..fc71228 100644
*/
#ifdef CONFIG_X86_64
-static __always_inline int fls64(__u64 x)
-+static __always_inline long fls64(__u64 x)
++static __always_inline __intentional_overflow(-1) int fls64(__u64 x)
{
int bitpos = -1;
/*
@@ -18734,7 +18734,7 @@ index fdedd38..95c02c2 100644
void df_debug(struct pt_regs *regs, long error_code);
#endif /* _ASM_X86_PROCESSOR_H */
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h
-index 14fd6fd..b31a4a4 100644
+index 6205f0c..b31a4a4 100644
--- a/arch/x86/include/asm/ptrace.h
+++ b/arch/x86/include/asm/ptrace.h
@@ -84,28 +84,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs)
@@ -18807,29 +18807,6 @@ index 14fd6fd..b31a4a4 100644
#endif
return *(unsigned long *)((unsigned long)regs + offset);
}
-@@ -231,6 +235,22 @@ static inline unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs,
-
- #define ARCH_HAS_USER_SINGLE_STEP_INFO
-
-+/*
-+ * When hitting ptrace_stop(), we cannot return using SYSRET because
-+ * that does not restore the full CPU state, only a minimal set. The
-+ * ptracer can change arbitrary register values, which is usually okay
-+ * because the usual ptrace stops run off the signal delivery path which
-+ * forces IRET; however, ptrace_event() stops happen in arbitrary places
-+ * in the kernel and don't force IRET path.
-+ *
-+ * So force IRET path after a ptrace stop.
-+ */
-+#define arch_ptrace_stop_needed(code, info) \
-+({ \
-+ set_thread_flag(TIF_NOTIFY_RESUME); \
-+ false; \
-+})
-+
- struct user_desc;
- extern int do_get_thread_area(struct task_struct *p, int idx,
- struct user_desc __user *info);
diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h
index 9c6b890..5305f53 100644
--- a/arch/x86/include/asm/realmode.h
@@ -26887,7 +26864,7 @@ index 9c0280f..5bbb1c0 100644
ip = *(u64 *)(fp+8);
if (!in_sched_functions(ip))
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
-index 7461f50..1334029 100644
+index 7461f50..01d0b9c 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -184,14 +184,13 @@ unsigned long kernel_stack_pointer(struct pt_regs *regs)
@@ -26909,7 +26886,28 @@ index 7461f50..1334029 100644
return (unsigned long)regs;
}
-@@ -588,7 +587,7 @@ static void ptrace_triggered(struct perf_event *bp,
+@@ -452,6 +451,20 @@ static int putreg(struct task_struct *child,
+ if (child->thread.gs != value)
+ return do_arch_prctl(child, ARCH_SET_GS, value);
+ return 0;
++
++ case offsetof(struct user_regs_struct,ip):
++ /*
++ * Protect against any attempt to set ip to an
++ * impossible address. There are dragons lurking if the
++ * address is noncanonical. (This explicitly allows
++ * setting ip to TASK_SIZE_MAX, because user code can do
++ * that all by itself by running off the end of its
++ * address space.
++ */
++ if (value > TASK_SIZE_MAX)
++ return -EIO;
++ break;
++
+ #endif
+ }
+
+@@ -588,7 +601,7 @@ static void ptrace_triggered(struct perf_event *bp,
static unsigned long ptrace_get_dr7(struct perf_event *bp[])
{
int i;
@@ -26918,7 +26916,7 @@ index 7461f50..1334029 100644
struct arch_hw_breakpoint *info;
for (i = 0; i < HBP_NUM; i++) {
-@@ -822,7 +821,7 @@ long arch_ptrace(struct task_struct *child, long request,
+@@ -822,7 +835,7 @@ long arch_ptrace(struct task_struct *child, long request,
unsigned long addr, unsigned long data)
{
int ret;
@@ -26927,7 +26925,7 @@ index 7461f50..1334029 100644
switch (request) {
/* read the word at location addr in the USER area. */
-@@ -907,14 +906,14 @@ long arch_ptrace(struct task_struct *child, long request,
+@@ -907,14 +920,14 @@ long arch_ptrace(struct task_struct *child, long request,
if ((int) addr < 0)
return -EIO;
ret = do_get_thread_area(child, addr,
@@ -26944,7 +26942,7 @@ index 7461f50..1334029 100644
break;
#endif
-@@ -1292,7 +1291,7 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
+@@ -1292,7 +1305,7 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
#ifdef CONFIG_X86_64
@@ -26953,7 +26951,7 @@ index 7461f50..1334029 100644
[REGSET_GENERAL] = {
.core_note_type = NT_PRSTATUS,
.n = sizeof(struct user_regs_struct) / sizeof(long),
-@@ -1333,7 +1332,7 @@ static const struct user_regset_view user_x86_64_view = {
+@@ -1333,7 +1346,7 @@ static const struct user_regset_view user_x86_64_view = {
#endif /* CONFIG_X86_64 */
#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
@@ -26962,7 +26960,7 @@ index 7461f50..1334029 100644
[REGSET_GENERAL] = {
.core_note_type = NT_PRSTATUS,
.n = sizeof(struct user_regs_struct32) / sizeof(u32),
-@@ -1386,7 +1385,7 @@ static const struct user_regset_view user_x86_32_view = {
+@@ -1386,7 +1399,7 @@ static const struct user_regset_view user_x86_32_view = {
*/
u64 xstate_fx_sw_bytes[USER_XSTATE_FX_SW_WORDS];
@@ -26971,7 +26969,7 @@ index 7461f50..1334029 100644
{
#ifdef CONFIG_X86_64
x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64);
-@@ -1421,7 +1420,7 @@ static void fill_sigtrap_info(struct task_struct *tsk,
+@@ -1421,7 +1434,7 @@ static void fill_sigtrap_info(struct task_struct *tsk,
memset(info, 0, sizeof(*info));
info->si_signo = SIGTRAP;
info->si_code = si_code;
@@ -26980,7 +26978,7 @@ index 7461f50..1334029 100644
}
void user_single_step_siginfo(struct task_struct *tsk,
-@@ -1450,6 +1449,10 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs,
+@@ -1450,6 +1463,10 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs,
# define IS_IA32 0
#endif
@@ -26991,7 +26989,7 @@ index 7461f50..1334029 100644
/*
* We must return the syscall number to actually look up in the table.
* This can be -1L to skip running any syscall at all.
-@@ -1460,6 +1463,11 @@ long syscall_trace_enter(struct pt_regs *regs)
+@@ -1460,6 +1477,11 @@ long syscall_trace_enter(struct pt_regs *regs)
user_exit();
@@ -27003,7 +27001,7 @@ index 7461f50..1334029 100644
/*
* If we stepped into a sysenter/syscall insn, it trapped in
* kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP.
-@@ -1515,6 +1523,11 @@ void syscall_trace_leave(struct pt_regs *regs)
+@@ -1515,6 +1537,11 @@ void syscall_trace_leave(struct pt_regs *regs)
*/
user_exit();
@@ -47099,6 +47097,19 @@ index a2515887..6d13233 100644
dev->net->dev_addr[ETH_ALEN-1] = ifacenum;
/* we will have to manufacture ethernet headers, prepare template */
+diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
+index 841b608..198a8b7 100644
+--- a/drivers/net/virtio_net.c
++++ b/drivers/net/virtio_net.c
+@@ -47,7 +47,7 @@ module_param(gso, bool, 0444);
+ #define RECEIVE_AVG_WEIGHT 64
+
+ /* Minimum alignment for mergeable packet buffers. */
+-#define MERGEABLE_BUFFER_ALIGN max(L1_CACHE_BYTES, 256)
++#define MERGEABLE_BUFFER_ALIGN max(L1_CACHE_BYTES, 256UL)
+
+ #define VIRTNET_DRIVER_VERSION "1.0.0"
+
diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
index 40ad25d..8703023 100644
--- a/drivers/net/vxlan.c
@@ -50909,10 +50920,10 @@ index 24884ca..26c8220 100644
login->tgt_agt = sbp_target_agent_register(login);
if (IS_ERR(login->tgt_agt)) {
diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c
-index 26416c1..e796a3d 100644
+index 6ea95d2..88607b4 100644
--- a/drivers/target/target_core_device.c
+++ b/drivers/target/target_core_device.c
-@@ -1524,7 +1524,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name)
+@@ -1525,7 +1525,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name)
spin_lock_init(&dev->se_tmr_lock);
spin_lock_init(&dev->qf_cmd_lock);
sema_init(&dev->caw_sem, 1);
@@ -62806,7 +62817,7 @@ index f4ccfe6..a5cf064 100644
static struct callback_op callback_ops[];
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
-index 360114a..ac6e265 100644
+index 15f9d98..082c625 100644
--- a/fs/nfs/inode.c
+++ b/fs/nfs/inode.c
@@ -1189,16 +1189,16 @@ static int nfs_size_need_update(const struct inode *inode, const struct nfs_fatt
@@ -62843,7 +62854,7 @@ index 9a914e8..e89c0ea 100644
static struct nfsd4_operation nfsd4_ops[];
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
-index 16e8fa7..b0803f6 100644
+index bc11bf6..324b058 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -1531,7 +1531,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p)
@@ -82100,20 +82111,6 @@ index 34a1e10..70f6bde 100644
struct proc_ns {
void *ns;
-diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h
-index 077904c..cc79eff 100644
---- a/include/linux/ptrace.h
-+++ b/include/linux/ptrace.h
-@@ -334,6 +334,9 @@ static inline void user_single_step_siginfo(struct task_struct *tsk,
- * calling arch_ptrace_stop() when it would be superfluous. For example,
- * if the thread has not been back to user mode since the last stop, the
- * thread state might indicate that nothing needs to be done.
-+ *
-+ * This is guaranteed to be invoked once before a task stops for ptrace and
-+ * may include arch-specific operations necessary prior to a ptrace stop.
- */
- #define arch_ptrace_stop_needed(code, info) (0)
- #endif
diff --git a/include/linux/quota.h b/include/linux/quota.h
index cc7494a..1e27036 100644
--- a/include/linux/quota.h
@@ -86755,7 +86752,7 @@ index 81b3d67..ef189a4 100644
{
struct signal_struct *sig = current->signal;
diff --git a/kernel/fork.c b/kernel/fork.c
-index 45da005c..6581b2b 100644
+index c44bff8..a3c5876 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -180,6 +180,48 @@ void thread_info_cache_init(void)
@@ -87137,7 +87134,7 @@ index 45da005c..6581b2b 100644
if (likely(p->pid)) {
ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
-@@ -1537,6 +1647,8 @@ bad_fork_cleanup_count:
+@@ -1539,6 +1649,8 @@ bad_fork_cleanup_count:
bad_fork_free:
free_task(p);
fork_out:
@@ -87146,7 +87143,7 @@ index 45da005c..6581b2b 100644
return ERR_PTR(retval);
}
-@@ -1598,6 +1710,7 @@ long do_fork(unsigned long clone_flags,
+@@ -1600,6 +1712,7 @@ long do_fork(unsigned long clone_flags,
p = copy_process(clone_flags, stack_start, stack_size,
child_tidptr, NULL, trace);
@@ -87154,7 +87151,7 @@ index 45da005c..6581b2b 100644
/*
* Do this prior waking up the new thread - the thread pointer
* might get invalid after that point, if the thread exits quickly.
-@@ -1614,6 +1727,8 @@ long do_fork(unsigned long clone_flags,
+@@ -1616,6 +1729,8 @@ long do_fork(unsigned long clone_flags,
if (clone_flags & CLONE_PARENT_SETTID)
put_user(nr, parent_tidptr);
@@ -87163,7 +87160,7 @@ index 45da005c..6581b2b 100644
if (clone_flags & CLONE_VFORK) {
p->vfork_done = &vfork;
init_completion(&vfork);
-@@ -1732,7 +1847,7 @@ void __init proc_caches_init(void)
+@@ -1734,7 +1849,7 @@ void __init proc_caches_init(void)
mm_cachep = kmem_cache_create("mm_struct",
sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,
SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);
@@ -87172,7 +87169,7 @@ index 45da005c..6581b2b 100644
mmap_init();
nsproxy_cache_init();
}
-@@ -1772,7 +1887,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
+@@ -1774,7 +1889,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
return 0;
/* don't need lock here; in the worst case we'll do useless copy */
@@ -87181,7 +87178,7 @@ index 45da005c..6581b2b 100644
return 0;
*new_fsp = copy_fs_struct(fs);
-@@ -1879,7 +1994,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
+@@ -1881,7 +1996,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
fs = current->fs;
spin_lock(&fs->lock);
current->fs = new_fs;
@@ -91701,10 +91698,10 @@ index fc4da2d..f3e800b 100644
*data_page = bpage;
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
-index 24c1f23..781fd73f 100644
+index f0831c22..4b19cb3 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
-@@ -3399,7 +3399,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set)
+@@ -3400,7 +3400,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set)
return 0;
}
@@ -91894,7 +91891,7 @@ index 4f69f9a..7c6f8f8 100644
memcpy(&uts_table, table, sizeof(uts_table));
uts_table.data = get_uts(table, write);
diff --git a/kernel/watchdog.c b/kernel/watchdog.c
-index 4431610..4265616 100644
+index c9b6f01..37781d9 100644
--- a/kernel/watchdog.c
+++ b/kernel/watchdog.c
@@ -475,7 +475,7 @@ static int watchdog_nmi_enable(unsigned int cpu) { return 0; }
@@ -92442,37 +92439,6 @@ index c24c2f7..f0296f4 100644
+ pax_close_kernel();
+}
+EXPORT_SYMBOL(pax_list_del_rcu);
-diff --git a/lib/lz4/lz4_decompress.c b/lib/lz4/lz4_decompress.c
-index b74da44..7a85967 100644
---- a/lib/lz4/lz4_decompress.c
-+++ b/lib/lz4/lz4_decompress.c
-@@ -192,6 +192,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest,
- int s = 255;
- while ((ip < iend) && (s == 255)) {
- s = *ip++;
-+ if (unlikely(length > (size_t)(length + s)))
-+ goto _output_error;
- length += s;
- }
- }
-@@ -232,6 +234,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest,
- if (length == ML_MASK) {
- while (ip < iend) {
- int s = *ip++;
-+ if (unlikely(length > (size_t)(length + s)))
-+ goto _output_error;
- length += s;
- if (s == 255)
- continue;
-@@ -284,7 +288,7 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest,
-
- /* write overflow error detected */
- _output_error:
-- return (int) (-(((char *) ip) - source));
-+ return -1;
- }
-
- int lz4_decompress(const unsigned char *src, size_t *src_len,
diff --git a/lib/percpu-refcount.c b/lib/percpu-refcount.c
index 963b703..438bc51 100644
--- a/lib/percpu-refcount.c
@@ -101804,7 +101770,7 @@ index a8eb0a8..86f2de4 100644
if (!todrop_rate[i]) return 0;
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
-index 4f26ee4..6a9d7c3 100644
+index 3d2d2c8..c87e4d3 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -567,7 +567,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
@@ -101816,7 +101782,7 @@ index 4f26ee4..6a9d7c3 100644
ip_vs_conn_put(cp);
return ret;
}
-@@ -1706,7 +1706,7 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
+@@ -1711,7 +1711,7 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
if (cp->flags & IP_VS_CONN_F_ONE_PACKET)
pkts = sysctl_sync_threshold(ipvs);
else
@@ -101994,7 +101960,7 @@ index a4b5e2a..13b1de3 100644
table = kmemdup(acct_sysctl_table, sizeof(acct_sysctl_table),
GFP_KERNEL);
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
-index 356bef5..99932cb 100644
+index 356bef5..163b56a 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1627,6 +1627,10 @@ void nf_conntrack_init_end(void)
@@ -102013,7 +101979,7 @@ index 356bef5..99932cb 100644
}
+#ifdef CONFIG_GRKERNSEC_HIDESYM
-+ net->ct.slabname = kasprintf(GFP_KERNEL, "nf_conntrack_%08lx", atomic_inc_return_unchecked(&conntrack_cache_id));
++ net->ct.slabname = kasprintf(GFP_KERNEL, "nf_conntrack_%08x", atomic_inc_return_unchecked(&conntrack_cache_id));
+#else
net->ct.slabname = kasprintf(GFP_KERNEL, "nf_conntrack_%p", net);
+#endif
@@ -114733,7 +114699,7 @@ index 0000000..4378111
+}
diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
new file mode 100644
-index 0000000..8972f81
+index 0000000..4077712
--- /dev/null
+++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
@@ -0,0 +1,5988 @@
@@ -116547,8 +116513,8 @@ index 0000000..8972f81
+attach_hdlc_protocol_19986 attach_hdlc_protocol 3 19986 NULL
+rtw_set_wps_probe_resp_19989 rtw_set_wps_probe_resp 3 19989 NULL
+diva_um_idi_read_20003 diva_um_idi_read 0 20003 NULL
-+lov_stripe_md_size_20009 lov_stripe_md_size 0-1 20009 NULL nohasharray
-+event_trigger_write_20009 event_trigger_write 3 20009 &lov_stripe_md_size_20009
++event_trigger_write_20009 event_trigger_write 3 20009 NULL nohasharray
++lov_stripe_md_size_20009 lov_stripe_md_size 0-1 20009 &event_trigger_write_20009
+tree_mod_log_eb_move_20011 tree_mod_log_eb_move 5 20011 NULL
+SYSC_fgetxattr_20027 SYSC_fgetxattr 4 20027 NULL
+split_scan_timeout_read_20029 split_scan_timeout_read 3 20029 NULL
@@ -116915,8 +116881,8 @@ index 0000000..8972f81
+bin_to_hex_dup_23853 bin_to_hex_dup 2 23853 NULL
+ocfs2_xattr_get_clusters_23857 ocfs2_xattr_get_clusters 0 23857 NULL
+ieee80211_if_read_dot11MeshMaxPeerLinks_23878 ieee80211_if_read_dot11MeshMaxPeerLinks 3 23878 NULL
-+nouveau_clock_create__23881 nouveau_clock_create_ 5 23881 NULL nohasharray
-+writeback_single_inode_23881 writeback_single_inode 0 23881 &nouveau_clock_create__23881
++writeback_single_inode_23881 writeback_single_inode 0 23881 NULL nohasharray
++nouveau_clock_create__23881 nouveau_clock_create_ 5 23881 &writeback_single_inode_23881
+tipc_snprintf_23893 tipc_snprintf 2-0 23893 NULL
+add_new_gdb_meta_bg_23911 add_new_gdb_meta_bg 3 23911 NULL nohasharray
+ieee80211_if_read_hw_queues_23911 ieee80211_if_read_hw_queues 3 23911 &add_new_gdb_meta_bg_23911