diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-03 06:43:42 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-03 07:44:26 +0000 |
commit | 5e97f1b32fc2e7c6050335b29e36641eb719f4d0 (patch) | |
tree | b8efeaadd96c926826edf03ed23818e96202b647 /main | |
parent | 72dfeb01ba1e25b20d8c063aef48a8e34c45e162 (diff) | |
download | aports-5e97f1b32fc2e7c6050335b29e36641eb719f4d0.tar.bz2 aports-5e97f1b32fc2e7c6050335b29e36641eb719f4d0.tar.xz |
main/linux-grsec: upgrade to 3.14.5
Diffstat (limited to 'main')
-rw-r--r-- | main/linux-grsec/APKBUILD | 18 | ||||
-rw-r--r-- | main/linux-grsec/grsecurity-3.0-3.14.5-201406021708.patch (renamed from main/linux-grsec/grsecurity-3.0-3.14.4-201405271114.patch) | 608 |
2 files changed, 280 insertions, 346 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 48c9fad10a..6d3afc84c3 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -2,12 +2,12 @@ _flavor=grsec pkgname=linux-${_flavor} -pkgver=3.14.4 +pkgver=3.14.5 case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; esac -pkgrel=2 +pkgrel=0 pkgdesc="Linux kernel with grsecurity" url=http://grsecurity.net depends="mkinitfs linux-firmware" @@ -17,7 +17,7 @@ _config=${config:-kernelconfig.${CARCH}} install= source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz - grsecurity-3.0-3.14.4-201405271114.patch + grsecurity-3.0-3.14.5-201406021708.patch fix-memory-map-for-PIE-applications.patch imx6q-no-unclocked-sleep.patch @@ -165,24 +165,24 @@ dev() { } md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz -116f27cf17c3522716b6678b17516067 patch-3.14.4.xz -60e4f370c3543eb4634c84c24009b92d grsecurity-3.0-3.14.4-201405271114.patch +a56bf05cb9033097198f9269bbcff130 patch-3.14.5.xz +e3879ccdca92dbec4e42109a9f5552bb grsecurity-3.0-3.14.5-201406021708.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch 1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch 7dbab6689abe6d34178c40773ea6759d kernelconfig.x86 21240113d77342def57ea9d6017c2cd6 kernelconfig.x86_64 727688e12e37262437fc9ca9c1fbd215 kernelconfig.armhf" sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz -af640ea64e923d525a8238832e8452381e6dc76a3bf28046411cadd67c408114 patch-3.14.4.xz -76daa7e437ab5fedc51c1fec3a84b7e6901a073b083a94e3a55671bca9e67d34 grsecurity-3.0-3.14.4-201405271114.patch +ecc00856830c05736b3f99609bc6d80353c29d2db9b0dffb91eb2d169808cac4 patch-3.14.5.xz +8695054d1a1bd02acd2a08b1268eb65349f6877b1be1a00251dcbc5dd95a5a00 grsecurity-3.0-3.14.5-201406021708.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch 21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch ea60441bed9d50ed3cde8b73c664448b4efebd60c6b58ea0a6df67f087bbc64b kernelconfig.x86 c87d9045758f474d092e18a77fc936c1fc9007b09564b79a1ecc46c083c7e3c0 kernelconfig.x86_64 00fc74f27931d161ecc1c26e5cd000d9aeaf6ebea6e0e1293ecde14a64d80467 kernelconfig.armhf" sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz -61eca26d57f7d7caa78d157582d4b98fbba1c85af73f1773fb51eab3db4381de53f4fbfbc202083e45297c0b4487bc58880a518e7ee9c0d616cddf0b3909b303 patch-3.14.4.xz -4276c7f2d533b62074180efb069047f562336647078cd47b8a0abb70123fe05f3b2d30c3a212358bfde9897f8b5592d63057f66c2b47718691474cbc77f09d5a grsecurity-3.0-3.14.4-201405271114.patch +068d139063c94f0e3fd4c24217705628b20f996f6e4cce88366c060150a123381babcfc05c953c58023deff0f7b28b4129b8d381b20dd4e3ac80ce4dbc4ec1e3 patch-3.14.5.xz +86aa2f621e4fe52eaf498236289b66532f7a8bc087e9100ec168861cead44b7a4329ad609314b6b0bcbf114adf7378ae4eb38b37fc7d8e414473b7de1b84bd2f grsecurity-3.0-3.14.5-201406021708.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch 87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch e19c081066d5615f3037d66e8cf5074bfa4d448d8db2f32642957eb808e8c26e2a2467d333f8773a02aac44b13d5afe556780bd2303df3a9ac88ad6099a898b2 kernelconfig.x86 diff --git a/main/linux-grsec/grsecurity-3.0-3.14.4-201405271114.patch b/main/linux-grsec/grsecurity-3.0-3.14.5-201406021708.patch index 3537db8395..400f193d7c 100644 --- a/main/linux-grsec/grsecurity-3.0-3.14.4-201405271114.patch +++ b/main/linux-grsec/grsecurity-3.0-3.14.5-201406021708.patch @@ -287,7 +287,7 @@ index 7116fda..d8ed6e8 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index d7c07fd..1ad8228 100644 +index fa77b0b..dadf5fd 100644 --- a/Makefile +++ b/Makefile @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -7508,18 +7508,6 @@ index 4006964..fcb3cc2 100644 ret = __copy_from_user(to, from, n); else copy_from_user_overflow(); -diff --git a/arch/parisc/include/uapi/asm/resource.h b/arch/parisc/include/uapi/asm/resource.h -index 8b06343..090483c 100644 ---- a/arch/parisc/include/uapi/asm/resource.h -+++ b/arch/parisc/include/uapi/asm/resource.h -@@ -1,7 +1,6 @@ - #ifndef _ASM_PARISC_RESOURCE_H - #define _ASM_PARISC_RESOURCE_H - --#define _STK_LIM_MAX 10 * _STK_LIM - #include <asm-generic/resource.h> - - #endif diff --git a/arch/parisc/kernel/module.c b/arch/parisc/kernel/module.c index 50dfafc..b9fc230 100644 --- a/arch/parisc/kernel/module.c @@ -7624,7 +7612,7 @@ index 50dfafc..b9fc230 100644 DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", me->arch.unwind_section, table, end, gp); diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c -index b7cadc4..bf4a32d 100644 +index 31ffa9b..588a798 100644 --- a/arch/parisc/kernel/sys_parisc.c +++ b/arch/parisc/kernel/sys_parisc.c @@ -89,6 +89,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, @@ -7648,7 +7636,7 @@ index b7cadc4..bf4a32d 100644 addr = COLOR_ALIGN(addr, last_mmap, pgoff); @@ -124,6 +129,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, info.high_limit = mmap_upper_limit(); - info.align_mask = last_mmap ? (PAGE_MASK & (SHMLBA - 1)) : 0; + info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; info.align_offset = shared_align_offset(last_mmap, pgoff); + info.threadstack_offset = offset; addr = vm_unmapped_area(&info); @@ -7675,7 +7663,7 @@ index b7cadc4..bf4a32d 100644 addr = COLOR_ALIGN(addr, last_mmap, pgoff); @@ -184,6 +195,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; - info.align_mask = last_mmap ? (PAGE_MASK & (SHMLBA - 1)) : 0; + info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; info.align_offset = shared_align_offset(last_mmap, pgoff); + info.threadstack_offset = offset; addr = vm_unmapped_area(&info); @@ -18365,10 +18353,10 @@ index 94e40f1..ebd03e4 100644 #define pgprot_writecombine pgprot_writecombine extern pgprot_t pgprot_writecombine(pgprot_t prot); diff --git a/arch/x86/include/asm/preempt.h b/arch/x86/include/asm/preempt.h -index c8b0519..fd29e73 100644 +index b39e194..9d44fd1 100644 --- a/arch/x86/include/asm/preempt.h +++ b/arch/x86/include/asm/preempt.h -@@ -87,7 +87,7 @@ static __always_inline void __preempt_count_sub(int val) +@@ -99,7 +99,7 @@ static __always_inline void __preempt_count_sub(int val) */ static __always_inline bool __preempt_count_dec_and_test(void) { @@ -19602,7 +19590,7 @@ index 04905bf..49203ca 100644 } diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h -index 0d592e0..f58a222 100644 +index 0d592e0..7437fcc 100644 --- a/arch/x86/include/asm/uaccess.h +++ b/arch/x86/include/asm/uaccess.h @@ -7,6 +7,7 @@ @@ -19626,7 +19614,7 @@ index 0d592e0..f58a222 100644 #define segment_eq(a, b) ((a).seg == (b).seg) -@@ -85,8 +91,34 @@ static inline bool __chk_range_not_ok(unsigned long addr, unsigned long size, un +@@ -85,8 +91,36 @@ static inline bool __chk_range_not_ok(unsigned long addr, unsigned long size, un * checks that the pointer is in the user space range - after calling * this function, memory access functions may still return -EFAULT. */ @@ -19636,26 +19624,28 @@ index 0d592e0..f58a222 100644 +#define access_ok_noprefault(type, addr, size) (likely(!__range_not_ok(addr, size, user_addr_max()))) +#define access_ok(type, addr, size) \ +({ \ -+ long __size = size; \ ++ unsigned long __size = size; \ + unsigned long __addr = (unsigned long)addr; \ -+ unsigned long __addr_ao = __addr & PAGE_MASK; \ -+ unsigned long __end_ao = __addr + __size - 1; \ + bool __ret_ao = __range_not_ok(__addr, __size, user_addr_max()) == 0;\ -+ if (__ret_ao && unlikely((__end_ao ^ __addr_ao) & PAGE_MASK)) { \ -+ while(__addr_ao <= __end_ao) { \ -+ char __c_ao; \ -+ __addr_ao += PAGE_SIZE; \ -+ if (__size > PAGE_SIZE) \ -+ _cond_resched(); \ -+ if (__get_user(__c_ao, (char __user *)__addr)) \ -+ break; \ -+ if (type != VERIFY_WRITE) { \ ++ if (__ret_ao && __size) { \ ++ unsigned long __addr_ao = __addr & PAGE_MASK; \ ++ unsigned long __end_ao = __addr + __size - 1; \ ++ if (unlikely((__end_ao ^ __addr_ao) & PAGE_MASK)) { \ ++ while (__addr_ao <= __end_ao) { \ ++ char __c_ao; \ ++ __addr_ao += PAGE_SIZE; \ ++ if (__size > PAGE_SIZE) \ ++ _cond_resched(); \ ++ if (__get_user(__c_ao, (char __user *)__addr)) \ ++ break; \ ++ if (type != VERIFY_WRITE) { \ ++ __addr = __addr_ao; \ ++ continue; \ ++ } \ ++ if (__put_user(__c_ao, (char __user *)__addr)) \ ++ break; \ + __addr = __addr_ao; \ -+ continue; \ + } \ -+ if (__put_user(__c_ao, (char __user *)__addr)) \ -+ break; \ -+ __addr = __addr_ao; \ + } \ + } \ + __ret_ao; \ @@ -19663,7 +19653,7 @@ index 0d592e0..f58a222 100644 /* * The exception table consists of pairs of addresses relative to the -@@ -176,10 +208,12 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -176,10 +210,12 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) register __inttype(*(ptr)) __val_gu asm("%"_ASM_DX); \ __chk_user_ptr(ptr); \ might_fault(); \ @@ -19676,7 +19666,7 @@ index 0d592e0..f58a222 100644 __ret_gu; \ }) -@@ -187,13 +221,21 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -187,13 +223,21 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) asm volatile("call __put_user_" #size : "=a" (__ret_pu) \ : "0" ((typeof(*(ptr)))(x)), "c" (ptr) : "ebx") @@ -19701,7 +19691,7 @@ index 0d592e0..f58a222 100644 "3: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "4: movl %3,%0\n" \ -@@ -206,8 +248,8 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -206,8 +250,8 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) #define __put_user_asm_ex_u64(x, addr) \ asm volatile(ASM_STAC "\n" \ @@ -19712,7 +19702,7 @@ index 0d592e0..f58a222 100644 "3: " ASM_CLAC "\n" \ _ASM_EXTABLE_EX(1b, 2b) \ _ASM_EXTABLE_EX(2b, 3b) \ -@@ -257,7 +299,8 @@ extern void __put_user_8(void); +@@ -257,7 +301,8 @@ extern void __put_user_8(void); __typeof__(*(ptr)) __pu_val; \ __chk_user_ptr(ptr); \ might_fault(); \ @@ -19722,7 +19712,7 @@ index 0d592e0..f58a222 100644 switch (sizeof(*(ptr))) { \ case 1: \ __put_user_x(1, __pu_val, ptr, __ret_pu); \ -@@ -275,6 +318,7 @@ extern void __put_user_8(void); +@@ -275,6 +320,7 @@ extern void __put_user_8(void); __put_user_x(X, __pu_val, ptr, __ret_pu); \ break; \ } \ @@ -19730,7 +19720,7 @@ index 0d592e0..f58a222 100644 __ret_pu; \ }) -@@ -355,8 +399,10 @@ do { \ +@@ -355,8 +401,10 @@ do { \ } while (0) #define __get_user_asm(x, addr, err, itype, rtype, ltype, errret) \ @@ -19742,7 +19732,7 @@ index 0d592e0..f58a222 100644 "2: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ -@@ -364,8 +410,10 @@ do { \ +@@ -364,8 +412,10 @@ do { \ " jmp 2b\n" \ ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ @@ -19755,7 +19745,7 @@ index 0d592e0..f58a222 100644 #define __get_user_size_ex(x, ptr, size) \ do { \ -@@ -389,7 +437,7 @@ do { \ +@@ -389,7 +439,7 @@ do { \ } while (0) #define __get_user_asm_ex(x, addr, itype, rtype, ltype) \ @@ -19764,7 +19754,7 @@ index 0d592e0..f58a222 100644 "2:\n" \ _ASM_EXTABLE_EX(1b, 2b) \ : ltype(x) : "m" (__m(addr))) -@@ -406,13 +454,24 @@ do { \ +@@ -406,13 +456,24 @@ do { \ int __gu_err; \ unsigned long __gu_val; \ __get_user_size(__gu_val, (ptr), (size), __gu_err, -EFAULT); \ @@ -19791,7 +19781,7 @@ index 0d592e0..f58a222 100644 /* * Tell gcc we read from memory instead of writing: this is because -@@ -420,8 +479,10 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -420,8 +481,10 @@ struct __large_struct { unsigned long buf[100]; }; * aliasing issues. */ #define __put_user_asm(x, addr, err, itype, rtype, ltype, errret) \ @@ -19803,7 +19793,7 @@ index 0d592e0..f58a222 100644 "2: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ -@@ -429,10 +490,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -429,10 +492,12 @@ struct __large_struct { unsigned long buf[100]; }; ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ : "=r"(err) \ @@ -19818,7 +19808,7 @@ index 0d592e0..f58a222 100644 "2:\n" \ _ASM_EXTABLE_EX(1b, 2b) \ : : ltype(x), "m" (__m(addr))) -@@ -442,11 +505,13 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -442,11 +507,13 @@ struct __large_struct { unsigned long buf[100]; }; */ #define uaccess_try do { \ current_thread_info()->uaccess_err = 0; \ @@ -19832,7 +19822,7 @@ index 0d592e0..f58a222 100644 (err) |= (current_thread_info()->uaccess_err ? -EFAULT : 0); \ } while (0) -@@ -471,8 +536,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -471,8 +538,12 @@ struct __large_struct { unsigned long buf[100]; }; * On error, the variable @x is set to zero. */ @@ -19845,7 +19835,7 @@ index 0d592e0..f58a222 100644 /** * __put_user: - Write a simple value into user space, with less checking. -@@ -494,8 +563,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -494,8 +565,12 @@ struct __large_struct { unsigned long buf[100]; }; * Returns zero on success, or -EFAULT on error. */ @@ -19858,7 +19848,7 @@ index 0d592e0..f58a222 100644 #define __get_user_unaligned __get_user #define __put_user_unaligned __put_user -@@ -513,7 +586,7 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -513,7 +588,7 @@ struct __large_struct { unsigned long buf[100]; }; #define get_user_ex(x, ptr) do { \ unsigned long __gue_val; \ __get_user_size_ex((__gue_val), (ptr), (sizeof(*(ptr)))); \ @@ -19867,7 +19857,7 @@ index 0d592e0..f58a222 100644 } while (0) #define put_user_try uaccess_try -@@ -542,18 +615,19 @@ extern void __cmpxchg_wrong_size(void) +@@ -542,18 +617,19 @@ extern void __cmpxchg_wrong_size(void) __typeof__(ptr) __uval = (uval); \ __typeof__(*(ptr)) __old = (old); \ __typeof__(*(ptr)) __new = (new); \ @@ -19889,7 +19879,7 @@ index 0d592e0..f58a222 100644 : "i" (-EFAULT), "q" (__new), "1" (__old) \ : "memory" \ ); \ -@@ -562,14 +636,14 @@ extern void __cmpxchg_wrong_size(void) +@@ -562,14 +638,14 @@ extern void __cmpxchg_wrong_size(void) case 2: \ { \ asm volatile("\t" ASM_STAC "\n" \ @@ -19906,7 +19896,7 @@ index 0d592e0..f58a222 100644 : "i" (-EFAULT), "r" (__new), "1" (__old) \ : "memory" \ ); \ -@@ -578,14 +652,14 @@ extern void __cmpxchg_wrong_size(void) +@@ -578,14 +654,14 @@ extern void __cmpxchg_wrong_size(void) case 4: \ { \ asm volatile("\t" ASM_STAC "\n" \ @@ -19923,7 +19913,7 @@ index 0d592e0..f58a222 100644 : "i" (-EFAULT), "r" (__new), "1" (__old) \ : "memory" \ ); \ -@@ -597,14 +671,14 @@ extern void __cmpxchg_wrong_size(void) +@@ -597,14 +673,14 @@ extern void __cmpxchg_wrong_size(void) __cmpxchg_wrong_size(); \ \ asm volatile("\t" ASM_STAC "\n" \ @@ -19940,7 +19930,7 @@ index 0d592e0..f58a222 100644 : "i" (-EFAULT), "r" (__new), "1" (__old) \ : "memory" \ ); \ -@@ -613,6 +687,7 @@ extern void __cmpxchg_wrong_size(void) +@@ -613,6 +689,7 @@ extern void __cmpxchg_wrong_size(void) default: \ __cmpxchg_wrong_size(); \ } \ @@ -19948,7 +19938,7 @@ index 0d592e0..f58a222 100644 *__uval = __old; \ __ret; \ }) -@@ -636,17 +711,6 @@ extern struct movsl_mask { +@@ -636,17 +713,6 @@ extern struct movsl_mask { #define ARCH_HAS_NOCACHE_UACCESS 1 @@ -19966,7 +19956,7 @@ index 0d592e0..f58a222 100644 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS # define copy_user_diag __compiletime_error #else -@@ -656,7 +720,7 @@ unsigned long __must_check _copy_to_user(void __user *to, const void *from, +@@ -656,7 +722,7 @@ unsigned long __must_check _copy_to_user(void __user *to, const void *from, extern void copy_user_diag("copy_from_user() buffer size is too small") copy_from_user_overflow(void); extern void copy_user_diag("copy_to_user() buffer size is too small") @@ -19975,7 +19965,7 @@ index 0d592e0..f58a222 100644 #undef copy_user_diag -@@ -669,7 +733,7 @@ __copy_from_user_overflow(void) __asm__("copy_from_user_overflow"); +@@ -669,7 +735,7 @@ __copy_from_user_overflow(void) __asm__("copy_from_user_overflow"); extern void __compiletime_warning("copy_to_user() buffer size is not provably correct") @@ -19984,7 +19974,7 @@ index 0d592e0..f58a222 100644 #define __copy_to_user_overflow(size, count) __copy_to_user_overflow() #else -@@ -684,10 +748,16 @@ __copy_from_user_overflow(int size, unsigned long count) +@@ -684,10 +750,16 @@ __copy_from_user_overflow(int size, unsigned long count) #endif @@ -20002,7 +19992,7 @@ index 0d592e0..f58a222 100644 might_fault(); -@@ -709,12 +779,15 @@ copy_from_user(void *to, const void __user *from, unsigned long n) +@@ -709,12 +781,15 @@ copy_from_user(void *to, const void __user *from, unsigned long n) * case, and do only runtime checking for non-constant sizes. */ @@ -20024,7 +20014,7 @@ index 0d592e0..f58a222 100644 return n; } -@@ -722,17 +795,18 @@ copy_from_user(void *to, const void __user *from, unsigned long n) +@@ -722,17 +797,18 @@ copy_from_user(void *to, const void __user *from, unsigned long n) static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) { @@ -28784,10 +28774,10 @@ index 3927528..fc19971 100644 vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 2b85784..ad70e19 100644 +index ee0c3b5..773bb94 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -1777,8 +1777,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) +@@ -1776,8 +1776,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) { struct kvm *kvm = vcpu->kvm; int lm = is_long_mode(vcpu); @@ -28798,7 +28788,7 @@ index 2b85784..ad70e19 100644 u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64 : kvm->arch.xen_hvm_config.blob_size_32; u32 page_num = data & ~PAGE_MASK; -@@ -2689,6 +2689,8 @@ long kvm_arch_dev_ioctl(struct file *filp, +@@ -2688,6 +2688,8 @@ long kvm_arch_dev_ioctl(struct file *filp, if (n < msr_list.nmsrs) goto out; r = -EFAULT; @@ -28807,7 +28797,7 @@ index 2b85784..ad70e19 100644 if (copy_to_user(user_msr_list->indices, &msrs_to_save, num_msrs_to_save * sizeof(u32))) goto out; -@@ -5503,7 +5505,7 @@ static struct notifier_block pvclock_gtod_notifier = { +@@ -5502,7 +5504,7 @@ static struct notifier_block pvclock_gtod_notifier = { }; #endif @@ -34132,7 +34122,7 @@ index 0149575..f746de8 100644 + pax_force_retaddr ret diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c -index 4ed75dd..3cf24f0b 100644 +index af2d431..3cf24f0b 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -50,13 +50,90 @@ static inline u8 *emit_code(u8 *ptr, u32 bytes, unsigned int len) @@ -34298,7 +34288,7 @@ index 4ed75dd..3cf24f0b 100644 + pax_close_kernel(); - header->pages = sz / PAGE_SIZE; -- hole = sz - (proglen + sizeof(*header)); +- hole = min(sz - (proglen + sizeof(*header)), PAGE_SIZE - sizeof(*header)); + hole = PAGE_SIZE - (proglen & ~PAGE_MASK); /* insert a random number of int3 instructions before BPF code */ @@ -40603,10 +40593,10 @@ index 15a74f9..4278889 100644 return can_switch; } diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h -index df77e20..d3fda9f 100644 +index 697f215..6f89b7f 100644 --- a/drivers/gpu/drm/i915/i915_drv.h +++ b/drivers/gpu/drm/i915/i915_drv.h -@@ -1361,7 +1361,7 @@ typedef struct drm_i915_private { +@@ -1362,7 +1362,7 @@ typedef struct drm_i915_private { drm_dma_handle_t *status_page_dmah; struct resource mch_res; @@ -40788,10 +40778,10 @@ index d554169..f4426bb 100644 iir = I915_READ(IIR); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index 9b8a7c7..60f6003 100644 +index 963639d..ea0c0cb 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c -@@ -10776,13 +10776,13 @@ struct intel_quirk { +@@ -10787,13 +10787,13 @@ struct intel_quirk { int subsystem_vendor; int subsystem_device; void (*hook)(struct drm_device *dev); @@ -40807,7 +40797,7 @@ index 9b8a7c7..60f6003 100644 static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) { -@@ -10790,18 +10790,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) +@@ -10801,18 +10801,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) return 1; } @@ -41191,7 +41181,7 @@ index 28f84b4..fb3e224 100644 ret = drm_irq_install(qdev->ddev); qdev->ram_header->int_mask = QXL_INTERRUPT_MASK; diff --git a/drivers/gpu/drm/qxl/qxl_ttm.c b/drivers/gpu/drm/qxl/qxl_ttm.c -index c7e7e65..7dddd4d 100644 +index c82c1d6a9..6158c02 100644 --- a/drivers/gpu/drm/qxl/qxl_ttm.c +++ b/drivers/gpu/drm/qxl/qxl_ttm.c @@ -103,7 +103,7 @@ static void qxl_ttm_global_fini(struct qxl_device *qdev) @@ -41214,7 +41204,7 @@ index c7e7e65..7dddd4d 100644 } vma->vm_ops = &qxl_ttm_vm_ops; return 0; -@@ -560,25 +562,23 @@ static int qxl_mm_dump_table(struct seq_file *m, void *data) +@@ -561,25 +563,23 @@ static int qxl_mm_dump_table(struct seq_file *m, void *data) static int qxl_ttm_debugfs_init(struct qxl_device *qdev) { #if defined(CONFIG_DEBUG_FS) @@ -41881,10 +41871,10 @@ index ec0ae2d..dc0780b 100644 /* copy over all the bus versions */ if (dev->bus && dev->bus->pm) { diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c -index cc32a6f..02a4b1c 100644 +index 8a5384c..cf63c18 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c -@@ -2421,7 +2421,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); +@@ -2422,7 +2422,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); int hid_add_device(struct hid_device *hdev) { @@ -41893,7 +41883,7 @@ index cc32a6f..02a4b1c 100644 int ret; if (WARN_ON(hdev->status & HID_STAT_ADDED)) -@@ -2455,7 +2455,7 @@ int hid_add_device(struct hid_device *hdev) +@@ -2456,7 +2456,7 @@ int hid_add_device(struct hid_device *hdev) /* XXX hack, any other cleaner solution after the driver core * is converted to allow more than 20 bytes as the device name? */ dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, @@ -44611,10 +44601,10 @@ index 3e6d115..ffecdeb 100644 /*----------------------------------------------------------------*/ diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c -index 4a6ca1c..e952750 100644 +index 56e24c0..e1c8e1f 100644 --- a/drivers/md/raid1.c +++ b/drivers/md/raid1.c -@@ -1922,7 +1922,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) +@@ -1931,7 +1931,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) if (r1_sync_page_io(rdev, sect, s, bio->bi_io_vec[idx].bv_page, READ) != 0) @@ -44623,7 +44613,7 @@ index 4a6ca1c..e952750 100644 } sectors -= s; sect += s; -@@ -2156,7 +2156,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, +@@ -2165,7 +2165,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, test_bit(In_sync, &rdev->flags)) { if (r1_sync_page_io(rdev, sect, s, conf->tmppage, READ)) { @@ -46214,10 +46204,10 @@ index cf49c22..971b133 100644 struct sm_sysfs_attribute *vendor_attribute; char *vendor; diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c -index e5628fc..ffe54d1 100644 +index 91ec8cd..562ff5f 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c -@@ -4551,6 +4551,7 @@ static void __exit bonding_exit(void) +@@ -4552,6 +4552,7 @@ static void __exit bonding_exit(void) bond_netlink_fini(); unregister_pernet_subsys(&bond_net_ops); @@ -46656,10 +46646,10 @@ index bf0d55e..82bcfbd1 100644 priv = netdev_priv(dev); priv->phy = phy; diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c -index 1831fb7..9c24bca 100644 +index 20bb669..9a0e17e 100644 --- a/drivers/net/macvlan.c +++ b/drivers/net/macvlan.c -@@ -984,13 +984,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { +@@ -991,13 +991,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { int macvlan_link_register(struct rtnl_link_ops *ops) { /* common fields */ @@ -46682,7 +46672,7 @@ index 1831fb7..9c24bca 100644 return rtnl_link_register(ops); }; -@@ -1045,7 +1047,7 @@ static int macvlan_device_event(struct notifier_block *unused, +@@ -1052,7 +1054,7 @@ static int macvlan_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -46692,10 +46682,10 @@ index 1831fb7..9c24bca 100644 }; diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c -index ff111a8..c4c3ac4 100644 +index 3381c4f..dea5fd5 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c -@@ -1011,7 +1011,7 @@ static long macvtap_ioctl(struct file *file, unsigned int cmd, +@@ -1020,7 +1020,7 @@ static long macvtap_ioctl(struct file *file, unsigned int cmd, } ret = 0; @@ -46704,7 +46694,7 @@ index ff111a8..c4c3ac4 100644 put_user(q->flags, &ifr->ifr_flags)) ret = -EFAULT; macvtap_put_vlan(vlan); -@@ -1181,7 +1181,7 @@ static int macvtap_device_event(struct notifier_block *unused, +@@ -1190,7 +1190,7 @@ static int macvtap_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -46796,19 +46786,6 @@ index 26f8635..c237839 100644 if (cmd == TUNSETIFF || cmd == TUNSETQUEUE || _IOC_TYPE(cmd) == 0x89) { if (copy_from_user(&ifr, argp, ifreq_len)) return -EFAULT; -diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c -index d350d27..75d7d9d 100644 ---- a/drivers/net/usb/cdc_ncm.c -+++ b/drivers/net/usb/cdc_ncm.c -@@ -768,7 +768,7 @@ cdc_ncm_fill_tx_frame(struct usbnet *dev, struct sk_buff *skb, __le32 sign) - skb_out->len > CDC_NCM_MIN_TX_PKT) - memset(skb_put(skb_out, ctx->tx_max - skb_out->len), 0, - ctx->tx_max - skb_out->len); -- else if ((skb_out->len % dev->maxpacket) == 0) -+ else if (skb_out->len < ctx->tx_max && (skb_out->len % dev->maxpacket) == 0) - *skb_put(skb_out, 1) = 0; /* force short packet */ - - /* set final frame length */ diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c index 660bd5e..ac59452 100644 --- a/drivers/net/usb/hso.c @@ -50026,10 +50003,10 @@ index 62ec84b..93159d8 100644 disposition = scsi_decide_disposition(cmd); if (disposition != SUCCESS && diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c -index 9117d0b..d289a7a 100644 +index 665acbf..d18fab4 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c -@@ -739,7 +739,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \ +@@ -734,7 +734,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \ char *buf) \ { \ struct scsi_device *sdev = to_scsi_device(dev); \ @@ -57622,7 +57599,7 @@ index 1e86823..8e34695 100644 else if (whole->bd_holder != NULL) return false; /* is a partition of a held device */ diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c -index cbd3a7d..c6a2881 100644 +index cbd3a7d6f..c6a2881 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1216,9 +1216,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, @@ -57995,10 +57972,10 @@ index f3ac415..3d2420c 100644 server->ops->print_stats(m, tcon); } diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c -index 849f613..eae6dec 100644 +index 7c6b73c..a8f0db2 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c -@@ -1056,7 +1056,7 @@ cifs_init_request_bufs(void) +@@ -1068,7 +1068,7 @@ cifs_init_request_bufs(void) */ cifs_req_cachep = kmem_cache_create("cifs_request", CIFSMaxBufSize + max_hdr_size, 0, @@ -58007,7 +57984,7 @@ index 849f613..eae6dec 100644 if (cifs_req_cachep == NULL) return -ENOMEM; -@@ -1083,7 +1083,7 @@ cifs_init_request_bufs(void) +@@ -1095,7 +1095,7 @@ cifs_init_request_bufs(void) efficient to alloc 1 per page off the slab compared to 17K (5page) alloc of large cifs buffers even when page debugging is on */ cifs_sm_req_cachep = kmem_cache_create("cifs_small_rq", @@ -58016,7 +57993,7 @@ index 849f613..eae6dec 100644 NULL); if (cifs_sm_req_cachep == NULL) { mempool_destroy(cifs_req_poolp); -@@ -1168,8 +1168,8 @@ init_cifs(void) +@@ -1180,8 +1180,8 @@ init_cifs(void) atomic_set(&bufAllocCount, 0); atomic_set(&smBufAllocCount, 0); #ifdef CONFIG_CIFS_STATS2 @@ -58028,10 +58005,10 @@ index 849f613..eae6dec 100644 atomic_set(&midCount, 0); diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h -index c0f3718..6afed7d 100644 +index 30f6e92..e915ba5 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h -@@ -804,35 +804,35 @@ struct cifs_tcon { +@@ -806,35 +806,35 @@ struct cifs_tcon { __u16 Flags; /* optional support bits */ enum statusEnum tidStatus; #ifdef CONFIG_CIFS_STATS @@ -58091,7 +58068,7 @@ index c0f3718..6afed7d 100644 } smb2_stats; #endif /* CONFIG_CIFS_SMB2 */ } stats; -@@ -1162,7 +1162,7 @@ convert_delimiter(char *path, char delim) +@@ -1170,7 +1170,7 @@ convert_delimiter(char *path, char delim) } #ifdef CONFIG_CIFS_STATS @@ -58100,7 +58077,7 @@ index c0f3718..6afed7d 100644 static inline void cifs_stats_bytes_written(struct cifs_tcon *tcon, unsigned int bytes) -@@ -1528,8 +1528,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; +@@ -1536,8 +1536,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; /* Various Debug counters */ GLOBAL_EXTERN atomic_t bufAllocCount; /* current number allocated */ #ifdef CONFIG_CIFS_STATS2 @@ -58112,7 +58089,7 @@ index c0f3718..6afed7d 100644 GLOBAL_EXTERN atomic_t smBufAllocCount; GLOBAL_EXTERN atomic_t midCount; diff --git a/fs/cifs/file.c b/fs/cifs/file.c -index 834fce7..8a314b5 100644 +index 87c4dd0..a90f115 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1900,10 +1900,14 @@ static int cifs_writepages(struct address_space *mapping, @@ -58134,7 +58111,7 @@ index 834fce7..8a314b5 100644 } retry: diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c -index 2f9f379..43f8025 100644 +index 3b0c62e..f7d090c 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c @@ -170,7 +170,7 @@ cifs_buf_get(void) @@ -58156,10 +58133,10 @@ index 2f9f379..43f8025 100644 } diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c -index 526fb89..ecdbf5a 100644 +index d1fdfa8..94558f8 100644 --- a/fs/cifs/smb1ops.c +++ b/fs/cifs/smb1ops.c -@@ -616,27 +616,27 @@ static void +@@ -626,27 +626,27 @@ static void cifs_clear_stats(struct cifs_tcon *tcon) { #ifdef CONFIG_CIFS_STATS @@ -58208,7 +58185,7 @@ index 526fb89..ecdbf5a 100644 #endif } -@@ -645,36 +645,36 @@ cifs_print_stats(struct seq_file *m, struct cifs_tcon *tcon) +@@ -655,36 +655,36 @@ cifs_print_stats(struct seq_file *m, struct cifs_tcon *tcon) { #ifdef CONFIG_CIFS_STATS seq_printf(m, " Oplocks breaks: %d", @@ -58265,7 +58242,7 @@ index 526fb89..ecdbf5a 100644 } diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c -index 192f51a..539307e 100644 +index 35ddc3e..563e809 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -364,8 +364,8 @@ smb2_clear_stats(struct cifs_tcon *tcon) @@ -58838,7 +58815,7 @@ index e4141f2..d8263e8 100644 i += packet_length_size; if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) diff --git a/fs/exec.c b/fs/exec.c -index 3d78fcc..cd4f983 100644 +index 3d78fcc..75b208f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -55,8 +55,20 @@ @@ -59329,7 +59306,7 @@ index 3d78fcc..cd4f983 100644 out: if (bprm->mm) { acct_arg_size(bprm, 0); -@@ -1626,3 +1801,296 @@ asmlinkage long compat_sys_execve(const char __user * filename, +@@ -1626,3 +1801,311 @@ asmlinkage long compat_sys_execve(const char __user * filename, return compat_do_execve(getname(filename), argv, envp); } #endif @@ -59577,12 +59554,25 @@ index 3d78fcc..cd4f983 100644 +} +#endif + -+void __check_object_size(const void *ptr, unsigned long n, bool to_user) ++void __check_object_size(const void *ptr, unsigned long n, bool to_user, bool const_size) +{ -+ +#ifdef CONFIG_PAX_USERCOPY + const char *type; ++#endif ++ ++#ifndef CONFIG_STACK_GROWSUP ++ const void * stackstart = task_stack_page(current); ++ if (unlikely(current_stack_pointer < stackstart + 512 || ++ current_stack_pointer >= stackstart + THREAD_SIZE)) ++ BUG(); ++#endif + ++#ifndef CONFIG_PAX_USERCOPY_DEBUG ++ if (const_size) ++ return; ++#endif ++ ++#ifdef CONFIG_PAX_USERCOPY + if (!n) + return; + @@ -59613,6 +59603,8 @@ index 3d78fcc..cd4f983 100644 + if (sp < current_thread_info()->lowest_stack && + sp > (unsigned long)task_stack_page(current)) + current_thread_info()->lowest_stack = sp; ++ if (unlikely((sp & ~(THREAD_SIZE - 1)) < (THREAD_SIZE/16))) ++ BUG(); +} +EXPORT_SYMBOL(pax_track_stack); +#endif @@ -63006,7 +62998,7 @@ index 49d84f8..4807e0b 100644 /* Copy the blockcheck stats from the superblock probe */ osb->osb_ecc_stats = *stats; diff --git a/fs/open.c b/fs/open.c -index b9ed8b2..0d5c7a0 100644 +index 2ed7325..4e77ac3 100644 --- a/fs/open.c +++ b/fs/open.c @@ -32,6 +32,8 @@ @@ -63110,7 +63102,7 @@ index b9ed8b2..0d5c7a0 100644 newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { if (!uid_valid(uid)) -@@ -994,6 +1031,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) +@@ -982,6 +1019,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) } else { fsnotify_open(f); fd_install(fd, f); @@ -77538,10 +77530,10 @@ index 810431d..0ec4804f 100644 * (puds are folded into pgds so this doesn't get actually called, * but the define is needed for a generic inline function.) diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h -index 34c7bdc..38d4f3b 100644 +index 38a7437..47f62a4 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h -@@ -787,6 +787,22 @@ static inline void pmdp_set_numa(struct mm_struct *mm, unsigned long addr, +@@ -802,6 +802,22 @@ static inline void pmdp_set_numa(struct mm_struct *mm, unsigned long addr, } #endif /* CONFIG_NUMA_BALANCING */ @@ -78286,7 +78278,7 @@ index d08e4d2..95fad61 100644 /** diff --git a/include/linux/cred.h b/include/linux/cred.h -index 04421e8..117e17a 100644 +index 04421e8..a85afd4 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -35,7 +35,7 @@ struct group_info { @@ -78317,6 +78309,14 @@ index 04421e8..117e17a 100644 #endif /** +@@ -322,6 +325,7 @@ static inline void put_cred(const struct cred *_cred) + + #define task_uid(task) (task_cred_xxx((task), uid)) + #define task_euid(task) (task_cred_xxx((task), euid)) ++#define task_securebits(task) (task_cred_xxx((task), securebits)) + + #define current_cred_xxx(xxx) \ + ({ \ diff --git a/include/linux/crypto.h b/include/linux/crypto.h index b92eadf..b4ecdc1 100644 --- a/include/linux/crypto.h @@ -81343,7 +81343,7 @@ index 492de72..1bddcd4 100644 return nd->saved_names[nd->depth]; } diff --git a/include/linux/net.h b/include/linux/net.h -index 94734a6..d8d6931 100644 +index 17d8339..81656c0 100644 --- a/include/linux/net.h +++ b/include/linux/net.h @@ -192,7 +192,7 @@ struct net_proto_family { @@ -81356,18 +81356,18 @@ index 94734a6..d8d6931 100644 struct iovec; struct kvec; diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h -index daafd95..74c5d1e 100644 +index 911718f..f673407 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h -@@ -1146,6 +1146,7 @@ struct net_device_ops { - struct net_device *dev, +@@ -1147,6 +1147,7 @@ struct net_device_ops { void *priv); + int (*ndo_get_lock_subclass)(struct net_device *dev); }; +typedef struct net_device_ops __no_const net_device_ops_no_const; /* * The DEVICE structure. -@@ -1228,7 +1229,7 @@ struct net_device { +@@ -1229,7 +1230,7 @@ struct net_device { int iflink; struct net_device_stats stats; @@ -81710,10 +81710,10 @@ index 4ea1d37..80f4b33 100644 /* * The return value from decompress routine is the length of the diff --git a/include/linux/preempt.h b/include/linux/preempt.h -index de83b4e..c4b997d 100644 +index 1841b58..fbeebf8 100644 --- a/include/linux/preempt.h +++ b/include/linux/preempt.h -@@ -27,11 +27,16 @@ extern void preempt_count_sub(int val); +@@ -29,11 +29,16 @@ extern void preempt_count_sub(int val); #define preempt_count_dec_and_test() __preempt_count_dec_and_test() #endif @@ -81730,7 +81730,7 @@ index de83b4e..c4b997d 100644 #ifdef CONFIG_PREEMPT_COUNT -@@ -41,6 +46,12 @@ do { \ +@@ -43,6 +48,12 @@ do { \ barrier(); \ } while (0) @@ -81743,7 +81743,7 @@ index de83b4e..c4b997d 100644 #define sched_preempt_enable_no_resched() \ do { \ barrier(); \ -@@ -49,6 +60,12 @@ do { \ +@@ -51,6 +62,12 @@ do { \ #define preempt_enable_no_resched() sched_preempt_enable_no_resched() @@ -81756,7 +81756,7 @@ index de83b4e..c4b997d 100644 #ifdef CONFIG_PREEMPT #define preempt_enable() \ do { \ -@@ -113,8 +130,10 @@ do { \ +@@ -115,8 +132,10 @@ do { \ * region. */ #define preempt_disable() barrier() @@ -81767,7 +81767,7 @@ index de83b4e..c4b997d 100644 #define preempt_enable() barrier() #define preempt_check_resched() do { } while (0) -@@ -128,11 +147,13 @@ do { \ +@@ -130,11 +149,13 @@ do { \ /* * Modules have no business playing preemption tricks. */ @@ -82106,7 +82106,7 @@ index b66c211..13d2915 100644 static inline void anon_vma_merge(struct vm_area_struct *vma, struct vm_area_struct *next) diff --git a/include/linux/sched.h b/include/linux/sched.h -index a781dec..2c03225 100644 +index ccd0c6f..39c28a4 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -129,6 +129,7 @@ struct fs_struct; @@ -82342,7 +82342,7 @@ index a781dec..2c03225 100644 { return tsk->pid; } -@@ -1988,6 +2099,25 @@ extern u64 sched_clock_cpu(int cpu); +@@ -2006,6 +2117,25 @@ extern u64 sched_clock_cpu(int cpu); extern void sched_clock_init(void); @@ -82368,7 +82368,7 @@ index a781dec..2c03225 100644 #ifndef CONFIG_HAVE_UNSTABLE_SCHED_CLOCK static inline void sched_clock_tick(void) { -@@ -2112,7 +2242,9 @@ void yield(void); +@@ -2130,7 +2260,9 @@ void yield(void); extern struct exec_domain default_exec_domain; union thread_union { @@ -82378,7 +82378,7 @@ index a781dec..2c03225 100644 unsigned long stack[THREAD_SIZE/sizeof(long)]; }; -@@ -2145,6 +2277,7 @@ extern struct pid_namespace init_pid_ns; +@@ -2163,6 +2295,7 @@ extern struct pid_namespace init_pid_ns; */ extern struct task_struct *find_task_by_vpid(pid_t nr); @@ -82386,7 +82386,7 @@ index a781dec..2c03225 100644 extern struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns); -@@ -2307,7 +2440,7 @@ extern void __cleanup_sighand(struct sighand_struct *); +@@ -2325,7 +2458,7 @@ extern void __cleanup_sighand(struct sighand_struct *); extern void exit_itimers(struct signal_struct *); extern void flush_itimer_signals(void); @@ -82395,7 +82395,7 @@ index a781dec..2c03225 100644 extern int allow_signal(int); extern int disallow_signal(int); -@@ -2508,9 +2641,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) +@@ -2526,9 +2659,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) #endif @@ -82729,7 +82729,7 @@ index 6ae004e..2743532 100644 /* * Callback to arch code if there's nosmp or maxcpus=0 on the diff --git a/include/linux/sock_diag.h b/include/linux/sock_diag.h -index 54f91d3..be2c379 100644 +index 302ab80..3233276 100644 --- a/include/linux/sock_diag.h +++ b/include/linux/sock_diag.h @@ -11,7 +11,7 @@ struct sock; @@ -83015,30 +83015,18 @@ index 387fa7d..3fcde6b 100644 #ifdef CONFIG_MAGIC_SYSRQ diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h -index fddbe20..e4cce53 100644 +index a629e4b..3fea3d9 100644 --- a/include/linux/thread_info.h +++ b/include/linux/thread_info.h -@@ -161,6 +161,25 @@ static inline bool test_and_clear_restore_sigmask(void) +@@ -159,6 +159,13 @@ static inline bool test_and_clear_restore_sigmask(void) #error "no set_restore_sigmask() provided and default one won't work" #endif -+extern void __check_object_size(const void *ptr, unsigned long n, bool to_user); -+ -+#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY) -+extern void pax_check_alloca(unsigned long size); -+#endif ++extern void __check_object_size(const void *ptr, unsigned long n, bool to_user, bool const_size); + +static inline void check_object_size(const void *ptr, unsigned long n, bool to_user) +{ -+#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY) -+ /* always check if we've overflowed the stack in a copy*user */ -+ pax_check_alloca(sizeof(unsigned long)); -+#endif -+ -+#ifndef CONFIG_PAX_USERCOPY_DEBUG -+ if (!__builtin_constant_p(n)) -+#endif -+ __check_object_size(ptr, n, to_user); ++ __check_object_size(ptr, n, to_user, __builtin_constant_p(n)); +} + #endif /* __KERNEL__ */ @@ -83975,21 +83963,6 @@ index 8ba8ce2..99b7fff 100644 struct sk_buff *skb, int offset, struct iovec *to, size_t len, struct dma_pinned_list *pinned_list); -diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h -index 956b175..55d1504 100644 ---- a/include/net/netfilter/nf_conntrack_extend.h -+++ b/include/net/netfilter/nf_conntrack_extend.h -@@ -47,8 +47,8 @@ enum nf_ct_ext_id { - /* Extensions: optional stuff which isn't permanently in struct. */ - struct nf_ct_ext { - struct rcu_head rcu; -- u8 offset[NF_CT_EXT_NUM]; -- u8 len; -+ u16 offset[NF_CT_EXT_NUM]; -+ u16 len; - char data[0]; - }; - diff --git a/include/net/netlink.h b/include/net/netlink.h index 2b47eaa..6d5bcc2 100644 --- a/include/net/netlink.h @@ -84151,7 +84124,7 @@ index 7f4eeb3..37e8fe1 100644 /* Get the size of a DATA chunk payload. */ diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h -index 6ee76c8..45f2609 100644 +index 0dfcc92..7967849 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -507,7 +507,7 @@ struct sctp_pf { @@ -84355,7 +84328,7 @@ index 52beadf..598734c 100644 u8 qfull; enum fc_lport_state state; diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h -index d65fbec..f80fef2 100644 +index b4f1eff..7fdbd46 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -180,9 +180,9 @@ struct scsi_device { @@ -84815,7 +84788,7 @@ index 30f5362..8ed8ac9 100644 void *pmi_pal; u8 *vbe_state_orig; /* diff --git a/init/Kconfig b/init/Kconfig -index d56cb03..7e6d5dc 100644 +index 93c5ef0..ac92caa 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1079,6 +1079,7 @@ endif # CGROUPS @@ -85655,7 +85628,7 @@ index 8d6e145..33e0b1e 100644 current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; set_fs(fs); diff --git a/kernel/audit.c b/kernel/audit.c -index 95a20f3..e1cb300 100644 +index d5f31c1..06646e1 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -122,7 +122,7 @@ u32 audit_sig_sid = 0; @@ -85695,7 +85668,7 @@ index 95a20f3..e1cb300 100644 s.version = AUDIT_VERSION_LATEST; s.backlog_wait_time = audit_backlog_wait_time; diff --git a/kernel/auditsc.c b/kernel/auditsc.c -index 7aef2f4..db6ced2 100644 +index 3b29605..f6c85d0 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1945,7 +1945,7 @@ int auditsc_get_stamp(struct audit_context *ctx, @@ -86009,7 +85982,7 @@ index c18b1f1..b9a0132 100644 return -ENOMEM; diff --git a/kernel/cred.c b/kernel/cred.c -index e0573a4..3874e41 100644 +index e0573a4..20fb164 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -164,6 +164,16 @@ void exit_creds(struct task_struct *tsk) @@ -86047,7 +86020,7 @@ index e0573a4..3874e41 100644 /* dumpability changes */ if (!uid_eq(old->euid, new->euid) || !gid_eq(old->egid, new->egid) || -@@ -479,6 +491,102 @@ int commit_creds(struct cred *new) +@@ -479,6 +491,108 @@ int commit_creds(struct cred *new) put_cred(old); return 0; } @@ -86116,6 +86089,7 @@ index e0573a4..3874e41 100644 + int ret; + int schedule_it = 0; + struct task_struct *t; ++ unsigned oldsecurebits = current_cred()->securebits; + + /* we won't get called with tasklist_lock held for writing + and interrupts disabled as the cred struct in that case is @@ -86132,7 +86106,11 @@ index e0573a4..3874e41 100644 + read_lock(&tasklist_lock); + for (t = next_thread(current); t != current; + t = next_thread(t)) { -+ if (t->delayed_cred == NULL) { ++ /* we'll check if the thread has uid 0 in ++ * the delayed worker routine ++ */ ++ if (task_securebits(t) == oldsecurebits && ++ t->delayed_cred == NULL) { + t->delayed_cred = get_cred(new); + set_tsk_thread_flag(t, TIF_GRSEC_SETXID); + set_tsk_need_resched(t); @@ -86141,6 +86119,7 @@ index e0573a4..3874e41 100644 + read_unlock(&tasklist_lock); + rcu_read_unlock(); + } ++ + return ret; +#else + return __commit_creds(new); @@ -90964,7 +90943,7 @@ index accfd24..e00f0c0 100644 struct timer_list timer; unsigned long expire; diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c -index b418cb0..f879a3d 100644 +index 4f3a3c03..04b7886 100644 --- a/kernel/trace/blktrace.c +++ b/kernel/trace/blktrace.c @@ -328,7 +328,7 @@ static ssize_t blk_dropped_read(struct file *filp, char __user *buffer, @@ -92486,10 +92465,10 @@ index b32b70c..e512eb0 100644 set_page_address(page, (void *)vaddr); diff --git a/mm/hugetlb.c b/mm/hugetlb.c -index 2de3c84..4ecaf1b 100644 +index 06a9bc0..cfbba83 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c -@@ -2069,15 +2069,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, +@@ -2070,15 +2070,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, struct hstate *h = &default_hstate; unsigned long tmp; int ret; @@ -92510,7 +92489,7 @@ index 2de3c84..4ecaf1b 100644 if (ret) goto out; -@@ -2122,15 +2124,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, +@@ -2123,15 +2125,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, struct hstate *h = &default_hstate; unsigned long tmp; int ret; @@ -92531,7 +92510,7 @@ index 2de3c84..4ecaf1b 100644 if (ret) goto out; -@@ -2599,6 +2603,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2600,6 +2604,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, return 1; } @@ -92559,7 +92538,7 @@ index 2de3c84..4ecaf1b 100644 /* * Hugetlb_cow() should be called with page lock of the original hugepage held. * Called with hugetlb_instantiation_mutex held and pte_page locked so we -@@ -2715,6 +2740,11 @@ retry_avoidcopy: +@@ -2716,6 +2741,11 @@ retry_avoidcopy: make_huge_pte(vma, new_page, 1)); page_remove_rmap(old_page); hugepage_add_new_anon_rmap(new_page, vma, address); @@ -92571,7 +92550,7 @@ index 2de3c84..4ecaf1b 100644 /* Make the old page be freed below */ new_page = old_page; } -@@ -2879,6 +2909,10 @@ retry: +@@ -2880,6 +2910,10 @@ retry: && (vma->vm_flags & VM_SHARED))); set_huge_pte_at(mm, address, ptep, new_pte); @@ -92582,7 +92561,7 @@ index 2de3c84..4ecaf1b 100644 if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { /* Optimization, do the COW without a second fault */ ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page, ptl); -@@ -2909,6 +2943,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2910,6 +2944,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, static DEFINE_MUTEX(hugetlb_instantiation_mutex); struct hstate *h = hstate_vma(vma); @@ -92593,7 +92572,7 @@ index 2de3c84..4ecaf1b 100644 address &= huge_page_mask(h); ptep = huge_pte_offset(mm, address); -@@ -2922,6 +2960,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2923,6 +2961,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, VM_FAULT_SET_HINDEX(hstate_index(h)); } @@ -97227,10 +97206,10 @@ index def5dd2..4ce55cec 100644 return 0; } diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c -index 175273f..1c63e05 100644 +index 44ebd5c..1f732bae 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c -@@ -474,7 +474,7 @@ out: +@@ -475,7 +475,7 @@ out: return NOTIFY_DONE; } @@ -97239,7 +97218,7 @@ index 175273f..1c63e05 100644 .notifier_call = vlan_device_event, }; -@@ -549,8 +549,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) +@@ -550,8 +550,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) err = -EPERM; if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) break; @@ -97507,7 +97486,7 @@ index 919a5ce..cc6b444 100644 table = kmemdup(ax25_param_table, sizeof(ax25_param_table), GFP_KERNEL); if (!table) diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c -index 8323bce..a03130d 100644 +index d074d06..ad3cfcf 100644 --- a/net/batman-adv/bat_iv_ogm.c +++ b/net/batman-adv/bat_iv_ogm.c @@ -312,7 +312,7 @@ static int batadv_iv_ogm_iface_enable(struct batadv_hard_iface *hard_iface) @@ -97531,7 +97510,7 @@ index 8323bce..a03130d 100644 batadv_iv_ogm_slide_own_bcast_window(hard_iface); -@@ -1594,7 +1594,7 @@ static void batadv_iv_ogm_process(const struct sk_buff *skb, int ogm_offset, +@@ -1596,7 +1596,7 @@ static void batadv_iv_ogm_process(const struct sk_buff *skb, int ogm_offset, return; /* could be changed by schedule_own_packet() */ @@ -97541,10 +97520,10 @@ index 8323bce..a03130d 100644 if (ogm_packet->flags & BATADV_DIRECTLINK) has_directlink_flag = true; diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c -index 88df9b1..69cf7c0 100644 +index cc1cfd6..7a68e022 100644 --- a/net/batman-adv/fragmentation.c +++ b/net/batman-adv/fragmentation.c -@@ -445,7 +445,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb, +@@ -446,7 +446,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb, frag_header.packet_type = BATADV_UNICAST_FRAG; frag_header.version = BATADV_COMPAT_VERSION; frag_header.ttl = BATADV_TTL; @@ -97741,10 +97720,10 @@ index f9c0980a..fcbbfeb 100644 tty_port_close(&dev->port, tty, filp); } diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c -index 0e474b1..fb7109c 100644 +index 1059ed3..d70846a 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c -@@ -1525,7 +1525,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1524,7 +1524,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) tmp.valid_hooks = t->table->valid_hooks; } mutex_unlock(&ebt_mutex); @@ -97753,7 +97732,7 @@ index 0e474b1..fb7109c 100644 BUGPRINT("c2u Didn't work\n"); ret = -EFAULT; break; -@@ -2331,7 +2331,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, +@@ -2330,7 +2330,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, goto out; tmp.valid_hooks = t->valid_hooks; @@ -97762,7 +97741,7 @@ index 0e474b1..fb7109c 100644 ret = -EFAULT; break; } -@@ -2342,7 +2342,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, +@@ -2341,7 +2341,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, tmp.entries_size = t->table->entries_size; tmp.valid_hooks = t->table->valid_hooks; @@ -98060,7 +98039,7 @@ index a16ed7b..eb44d17 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 45fa2f1..f3e28ec 100644 +index fccc195..c8486ab 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1688,14 +1688,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) @@ -98116,7 +98095,7 @@ index 45fa2f1..f3e28ec 100644 kfree_skb(skb); /* Jamal, now you will not able to escape explaining * me how you were going to use this. :-) -@@ -4331,7 +4331,7 @@ void netif_napi_del(struct napi_struct *napi) +@@ -4333,7 +4333,7 @@ void netif_napi_del(struct napi_struct *napi) } EXPORT_SYMBOL(netif_napi_del); @@ -98125,7 +98104,7 @@ index 45fa2f1..f3e28ec 100644 { struct softnet_data *sd = &__get_cpu_var(softnet_data); unsigned long time_limit = jiffies + 2; -@@ -6250,7 +6250,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, +@@ -6302,7 +6302,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, } else { netdev_stats_to_stats64(storage, &dev->stats); } @@ -98153,7 +98132,7 @@ index cf999e0..c59a975 100644 } EXPORT_SYMBOL(dev_load); diff --git a/net/core/filter.c b/net/core/filter.c -index ad30d62..21c0743 100644 +index ebce437..9fed9d0 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -126,7 +126,7 @@ unsigned int sk_run_filter(const struct sk_buff *skb, @@ -98191,35 +98170,7 @@ index ad30d62..21c0743 100644 continue; case BPF_S_ANC_PROTOCOL: A = ntohs(skb->protocol); -@@ -355,6 +355,10 @@ load_b: - - if (skb_is_nonlinear(skb)) - return 0; -+ -+ if (skb->len < sizeof(struct nlattr)) -+ return 0; -+ - if (A > skb->len - sizeof(struct nlattr)) - return 0; - -@@ -371,11 +375,15 @@ load_b: - - if (skb_is_nonlinear(skb)) - return 0; -+ -+ if (skb->len < sizeof(struct nlattr)) -+ return 0; -+ - if (A > skb->len - sizeof(struct nlattr)) - return 0; - - nla = (struct nlattr *)&skb->data[A]; -- if (nla->nla_len > A - skb->len) -+ if (nla->nla_len > skb->len - A) - return 0; - - nla = nla_find_nested(nla, X); -@@ -391,9 +399,10 @@ load_b: +@@ -395,9 +395,10 @@ load_b: continue; #endif default: @@ -98231,7 +98182,7 @@ index ad30d62..21c0743 100644 return 0; } } -@@ -416,7 +425,7 @@ static int check_load_and_stores(struct sock_filter *filter, int flen) +@@ -420,7 +421,7 @@ static int check_load_and_stores(struct sock_filter *filter, int flen) u16 *masks, memvalid = 0; /* one bit per cell, 16 cells */ int pc, ret = 0; @@ -98240,7 +98191,7 @@ index ad30d62..21c0743 100644 masks = kmalloc(flen * sizeof(*masks), GFP_KERNEL); if (!masks) return -ENOMEM; -@@ -679,7 +688,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, +@@ -683,7 +684,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, fp = kmalloc(sk_filter_size(fprog->len), GFP_KERNEL); if (!fp) return -ENOMEM; @@ -98312,7 +98263,7 @@ index b618694..192bbba 100644 m->msg_iov = iov; diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index e161290..8149aea 100644 +index 7d95f69..a6065de 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -2824,7 +2824,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, @@ -98402,7 +98353,7 @@ index 2bf8329..2eb1423 100644 return 0; diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c -index 81d3a9a..a0bd7a8 100644 +index 7c8ffd9..0cb3687 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -443,7 +443,7 @@ static int __register_pernet_operations(struct list_head *list, @@ -98477,7 +98428,7 @@ index fdac61c..e5e5b46 100644 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR); return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index 120eecc..cd1ec44 100644 +index 83b9d6a..cff1ce7 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -58,7 +58,7 @@ struct rtnl_link { @@ -98556,7 +98507,7 @@ index b442e7e..6f5b5a2 100644 { struct socket *sock; diff --git a/net/core/skbuff.c b/net/core/skbuff.c -index 90b96a1..cd18f16d 100644 +index e5ae776e..15c90cb 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -2003,7 +2003,7 @@ EXPORT_SYMBOL(__skb_checksum); @@ -98702,7 +98653,7 @@ index c0fc6bd..51d8326 100644 msg->msg_flags |= MSG_ERRQUEUE; err = copied; diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c -index a0e9cf6..ef7f9ed 100644 +index 6a7fae2..d7c22e6 100644 --- a/net/core/sock_diag.c +++ b/net/core/sock_diag.c @@ -9,26 +9,33 @@ @@ -99022,7 +98973,7 @@ index c7539e2..b455e51 100644 break; case NETDEV_DOWN: diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c -index b53f0bf..3585b33 100644 +index 9d43468..ffa28cc 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -767,7 +767,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh) @@ -99144,7 +99095,7 @@ index c10a3ce..dd71f84 100644 return -ENOMEM; } diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c -index ec4f762..4ce3645 100644 +index 94213c8..8bdb342 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -115,7 +115,7 @@ static bool log_ecn_error = true; @@ -99198,7 +99149,7 @@ index 580dd96..9fcef7e 100644 msg.msg_flags = flags; diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c -index 48eafae..defff53 100644 +index e4a8f76..dd8ad72 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c @@ -44,7 +44,7 @@ @@ -99273,7 +99224,7 @@ index 812b183..56cbe9c 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ipip_policy, diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c -index 59da7cd..e318de1 100644 +index f95b6f9..2ee2097 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -885,14 +885,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -99303,7 +99254,7 @@ index 59da7cd..e318de1 100644 ret = -EFAULT; else ret = 0; -@@ -1688,7 +1688,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, +@@ -1690,7 +1690,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, switch (cmd) { case ARPT_SO_GET_INFO: @@ -99312,7 +99263,7 @@ index 59da7cd..e318de1 100644 break; case ARPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -1733,7 +1733,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len +@@ -1735,7 +1735,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len switch (cmd) { case ARPT_SO_GET_INFO: @@ -99322,7 +99273,7 @@ index 59da7cd..e318de1 100644 case ARPT_SO_GET_ENTRIES: diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c -index 718dfbd..cef4152 100644 +index 99e810f..3711b81 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -1073,14 +1073,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -99352,7 +99303,7 @@ index 718dfbd..cef4152 100644 ret = -EFAULT; else ret = 0; -@@ -1971,7 +1971,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1973,7 +1973,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -99361,7 +99312,7 @@ index 718dfbd..cef4152 100644 break; case IPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2018,7 +2018,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2020,7 +2020,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -99384,7 +99335,7 @@ index 2510c02..cfb34fa 100644 pr_err("Unable to proc dir entry\n"); return -ENOMEM; diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c -index 2d11c09..3f153f8 100644 +index e21934b..16f52a6 100644 --- a/net/ipv4/ping.c +++ b/net/ipv4/ping.c @@ -59,7 +59,7 @@ struct ping_table { @@ -99396,39 +99347,16 @@ index 2d11c09..3f153f8 100644 EXPORT_SYMBOL_GPL(pingv6_ops); static u16 ping_port_rover; -@@ -255,23 +255,28 @@ int ping_init_sock(struct sock *sk) - struct group_info *group_info = get_current_groups(); - int i, j, count = group_info->ngroups; - kgid_t low, high; -+ int ret = 0; +@@ -259,7 +259,7 @@ int ping_init_sock(struct sock *sk) inet_get_ping_group_range_net(net, &low, &high); if (gid_lte(low, group) && gid_lte(group, high)) - return 0; + goto out_release_group; - for (i = 0; i < group_info->nblocks; i++) { - int cp_count = min_t(int, NGROUPS_PER_BLOCK, count); - for (j = 0; j < cp_count; j++) { - kgid_t gid = group_info->blocks[i][j]; - if (gid_lte(low, gid) && gid_lte(gid, high)) -- return 0; -+ goto out_release_group; - } - - count -= cp_count; - } - -- return -EACCES; -+ ret = -EACCES; -+ -+out_release_group: -+ put_group_info(group_info); -+ return ret; - } - EXPORT_SYMBOL_GPL(ping_init_sock); - -@@ -341,7 +346,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, + group_info = get_current_groups(); + count = group_info->ngroups; +@@ -348,7 +348,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, return -ENODEV; } } @@ -99437,7 +99365,7 @@ index 2d11c09..3f153f8 100644 scoped); rcu_read_unlock(); -@@ -549,7 +554,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) +@@ -556,7 +556,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) } #if IS_ENABLED(CONFIG_IPV6) } else if (skb->protocol == htons(ETH_P_IPV6)) { @@ -99446,7 +99374,7 @@ index 2d11c09..3f153f8 100644 #endif } -@@ -567,7 +572,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) +@@ -574,7 +574,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) info, (u8 *)icmph); #if IS_ENABLED(CONFIG_IPV6) } else if (family == AF_INET6) { @@ -99455,7 +99383,7 @@ index 2d11c09..3f153f8 100644 info, (u8 *)icmph); #endif } -@@ -837,6 +842,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -844,6 +844,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, { struct inet_sock *isk = inet_sk(sk); int family = sk->sk_family; @@ -99464,7 +99392,7 @@ index 2d11c09..3f153f8 100644 struct sk_buff *skb; int copied, err; -@@ -846,12 +853,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -853,12 +855,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, if (flags & MSG_OOB) goto out; @@ -99485,7 +99413,7 @@ index 2d11c09..3f153f8 100644 addr_len); #endif } -@@ -883,7 +897,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -890,7 +899,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, sin->sin_port = 0 /* skb->h.uh->source */; sin->sin_addr.s_addr = ip_hdr(skb)->saddr; memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); @@ -99493,7 +99421,7 @@ index 2d11c09..3f153f8 100644 } if (isk->cmsg_flags) -@@ -905,14 +918,13 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -912,14 +920,13 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, sin6->sin6_scope_id = ipv6_iface_scope_id(&sin6->sin6_addr, IP6CB(skb)->iif); @@ -99510,7 +99438,7 @@ index 2d11c09..3f153f8 100644 else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags) ip_cmsg_recv(msg, skb); #endif -@@ -1104,7 +1116,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, +@@ -1111,7 +1118,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -99593,7 +99521,7 @@ index c04518f..824ebe5 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index 4c011ec..8fae66b 100644 +index 1344373..02f339e 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -233,7 +233,7 @@ static const struct seq_operations rt_cache_seq_ops = { @@ -100261,7 +100189,7 @@ index 7b32652..0bc348b 100644 table = kmemdup(ipv6_icmp_table_template, sizeof(ipv6_icmp_table_template), diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index f3ffb43..1172ba7 100644 +index 2465d18..bc5bf7f 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -71,7 +71,7 @@ struct ip6gre_net { @@ -100282,7 +100210,7 @@ index f3ffb43..1172ba7 100644 .handler = ip6gre_rcv, .err_handler = ip6gre_err, .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, -@@ -1634,7 +1634,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { +@@ -1643,7 +1643,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { [IFLA_GRE_FLAGS] = { .type = NLA_U32 }, }; @@ -100291,7 +100219,7 @@ index f3ffb43..1172ba7 100644 .kind = "ip6gre", .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, -@@ -1647,7 +1647,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { +@@ -1657,7 +1657,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { .fill_info = ip6gre_fill_info, }; @@ -100301,7 +100229,7 @@ index f3ffb43..1172ba7 100644 .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c -index 5db8d31..4a72c26 100644 +index 0e51f68..1f501e1 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c @@ -85,7 +85,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) @@ -100358,7 +100286,7 @@ index 0a00f44..bec42b2 100644 msg.msg_flags = flags; diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c -index 710238f..0fd1816 100644 +index e080fbb..412b3cf 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -1083,14 +1083,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -100388,7 +100316,7 @@ index 710238f..0fd1816 100644 ret = -EFAULT; else ret = 0; -@@ -1981,7 +1981,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1983,7 +1983,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -100397,7 +100325,7 @@ index 710238f..0fd1816 100644 break; case IP6T_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2028,7 +2028,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2030,7 +2030,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -100690,10 +100618,10 @@ index cc85a9b..526a133 100644 return -ENOMEM; } diff --git a/net/ipv6/route.c b/net/ipv6/route.c -index fba54a4..73e374e 100644 +index 7cc1102..7785931 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c -@@ -2972,7 +2972,7 @@ struct ctl_table ipv6_route_table_template[] = { +@@ -2973,7 +2973,7 @@ struct ctl_table ipv6_route_table_template[] = { struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) { @@ -101740,7 +101668,7 @@ index f042ae5..30ea486 100644 } EXPORT_SYMBOL(nf_unregister_sockopt); diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c -index adce01e..8d52d50 100644 +index c68e5e0..8d52d50 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -152,8 +152,8 @@ nf_tables_chain_type_lookup(const struct nft_af_info *afi, @@ -101754,16 +101682,6 @@ index adce01e..8d52d50 100644 nfnl_lock(NFNL_SUBSYS_NFTABLES); type = __nf_tables_chain_type_lookup(afi->family, nla); if (type != NULL) -@@ -1934,7 +1934,8 @@ static const struct nft_set_ops *nft_select_set_ops(const struct nlattr * const - - static const struct nla_policy nft_set_policy[NFTA_SET_MAX + 1] = { - [NFTA_SET_TABLE] = { .type = NLA_STRING }, -- [NFTA_SET_NAME] = { .type = NLA_STRING }, -+ [NFTA_SET_NAME] = { .type = NLA_STRING, -+ .len = IFNAMSIZ - 1 }, - [NFTA_SET_FLAGS] = { .type = NLA_U32 }, - [NFTA_SET_KEY_TYPE] = { .type = NLA_U32 }, - [NFTA_SET_KEY_LEN] = { .type = NLA_U32 }, diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index a155d19..726b0f2 100644 --- a/net/netfilter/nfnetlink_log.c @@ -102519,10 +102437,10 @@ index 2b1738e..a9d0fc9 100644 /* Initialize IPv6 support and register with socket layer. */ diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c -index 4e1d0fc..068fef7 100644 +index a62a215..0976540 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c -@@ -831,8 +831,10 @@ int sctp_register_af(struct sctp_af *af) +@@ -836,8 +836,10 @@ int sctp_register_af(struct sctp_af *af) return 0; } @@ -102534,7 +102452,7 @@ index 4e1d0fc..068fef7 100644 return 1; } -@@ -962,7 +964,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb, +@@ -967,7 +969,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb, static struct sctp_af sctp_af_inet; @@ -102543,7 +102461,7 @@ index 4e1d0fc..068fef7 100644 .event_msgname = sctp_inet_event_msgname, .skb_msgname = sctp_inet_skb_msgname, .af_supported = sctp_inet_af_supported, -@@ -1034,7 +1036,7 @@ static const struct net_protocol sctp_protocol = { +@@ -1039,7 +1041,7 @@ static const struct net_protocol sctp_protocol = { }; /* IPv4 address related functions. */ @@ -102552,7 +102470,7 @@ index 4e1d0fc..068fef7 100644 .sa_family = AF_INET, .sctp_xmit = sctp_v4_xmit, .setsockopt = ip_setsockopt, -@@ -1119,7 +1121,7 @@ static void sctp_v4_pf_init(void) +@@ -1124,7 +1126,7 @@ static void sctp_v4_pf_init(void) static void sctp_v4_pf_exit(void) { @@ -102562,7 +102480,7 @@ index 4e1d0fc..068fef7 100644 static int sctp_v4_protosw_init(void) diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c -index 5d6883f..394a102 100644 +index fef2acd..c705c4f 100644 --- a/net/sctp/sm_sideeffect.c +++ b/net/sctp/sm_sideeffect.c @@ -439,7 +439,7 @@ static void sctp_generate_sack_event(unsigned long data) @@ -102575,10 +102493,10 @@ index 5d6883f..394a102 100644 sctp_generate_t1_cookie_event, sctp_generate_t1_init_event, diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 981aaf8..5bc016d 100644 +index 604a6ac..f87f0a3 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c -@@ -2169,11 +2169,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, +@@ -2175,11 +2175,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, { struct sctp_association *asoc; struct sctp_ulpevent *event; @@ -102593,7 +102511,7 @@ index 981aaf8..5bc016d 100644 /* * At the time when a user app subscribes to SCTP_SENDER_DRY_EVENT, -@@ -4255,13 +4257,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, +@@ -4259,13 +4261,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -102611,7 +102529,7 @@ index 981aaf8..5bc016d 100644 return -EFAULT; return 0; } -@@ -4279,6 +4284,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, +@@ -4283,6 +4288,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, */ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -102620,7 +102538,7 @@ index 981aaf8..5bc016d 100644 /* Applicable to UDP-style socket only */ if (sctp_style(sk, TCP)) return -EOPNOTSUPP; -@@ -4287,7 +4294,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv +@@ -4291,7 +4298,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv len = sizeof(int); if (put_user(len, optlen)) return -EFAULT; @@ -102630,7 +102548,7 @@ index 981aaf8..5bc016d 100644 return -EFAULT; return 0; } -@@ -4662,12 +4670,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, +@@ -4666,12 +4674,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, */ static int sctp_getsockopt_initmsg(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -102647,7 +102565,7 @@ index 981aaf8..5bc016d 100644 return -EFAULT; return 0; } -@@ -4708,6 +4719,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, +@@ -4712,6 +4723,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len; if (space_left < addrlen) return -ENOMEM; @@ -102657,10 +102575,10 @@ index 981aaf8..5bc016d 100644 return -EFAULT; to += addrlen; diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c -index 35c8923..536614e 100644 +index c82fdc1..4ca1f95 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c -@@ -305,7 +305,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, +@@ -308,7 +308,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; char tmp[8]; @@ -102669,7 +102587,7 @@ index 35c8923..536614e 100644 int ret; int changed = 0; char *none = "none"; -@@ -352,7 +352,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, +@@ -355,7 +355,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; int new_value; @@ -102678,7 +102596,7 @@ index 35c8923..536614e 100644 unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; int ret; -@@ -379,7 +379,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +@@ -382,7 +382,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; int new_value; @@ -102687,7 +102605,16 @@ index 35c8923..536614e 100644 unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; int ret; -@@ -402,7 +402,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +@@ -408,7 +408,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, + loff_t *ppos) + { + struct net *net = current->nsproxy->net_ns; +- struct ctl_table tbl; ++ ctl_table_no_const tbl; + int new_value, ret; + + memset(&tbl, 0, sizeof(struct ctl_table)); +@@ -436,7 +436,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, int sctp_sysctl_net_register(struct net *net) { @@ -102696,7 +102623,7 @@ index 35c8923..536614e 100644 if (!net_eq(net, &init_net)) { int i; -@@ -415,7 +415,10 @@ int sctp_sysctl_net_register(struct net *net) +@@ -449,7 +449,10 @@ int sctp_sysctl_net_register(struct net *net) table[i].data += (char *)(&net->sctp) - (char *)&init_net.sctp; } @@ -104215,10 +104142,10 @@ index 8fac3fd..32ff38d 100644 unsigned int secindex_strings; diff --git a/security/Kconfig b/security/Kconfig -index beb86b5..55198cd 100644 +index beb86b5..1ea5a01 100644 --- a/security/Kconfig +++ b/security/Kconfig -@@ -4,6 +4,961 @@ +@@ -4,6 +4,960 @@ menu "Security options" @@ -104255,7 +104182,6 @@ index beb86b5..55198cd 100644 + select TTY + select DEBUG_KERNEL + select DEBUG_LIST -+ select DEBUG_STACKOVERFLOW if HAVE_DEBUG_STACKOVERFLOW + help + If you say Y here, you will be able to configure many features + that will enhance the security of your system. It is highly @@ -105180,7 +105106,7 @@ index beb86b5..55198cd 100644 source security/keys/Kconfig config SECURITY_DMESG_RESTRICT -@@ -103,7 +1058,7 @@ config INTEL_TXT +@@ -103,7 +1057,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX @@ -107562,10 +107488,10 @@ index 0000000..82bc5a8 +} diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h new file mode 100644 -index 0000000..8af3693 +index 0000000..e90c205 --- /dev/null +++ b/tools/gcc/gcc-common.h -@@ -0,0 +1,287 @@ +@@ -0,0 +1,295 @@ +#ifndef GCC_COMMON_H_INCLUDED +#define GCC_COMMON_H_INCLUDED + @@ -107636,7 +107562,6 @@ index 0000000..8af3693 +#include "tree-pass.h" +//#include "df.h" +#include "predict.h" -+//#include "lto-streamer.h" +#include "ipa-utils.h" + +#if BUILDING_GCC_VERSION >= 4009 @@ -107651,6 +107576,7 @@ index 0000000..8af3693 +#include "tree-ssanames.h" +#include "print-tree.h" +#include "tree-eh.h" ++#include "stmt.h" +#endif + +#include "gimple.h" @@ -107664,6 +107590,10 @@ index 0000000..8af3693 +#include "ssa-iterators.h" +#endif + ++//#include "lto/lto.h" ++//#include "data-streamer.h" ++//#include "lto-compress.h" ++ +//#include "expr.h" where are you... +extern rtx emit_move_insn(rtx x, rtx y); + @@ -107675,6 +107605,8 @@ index 0000000..8af3693 + +#define DECL_NAME_POINTER(node) IDENTIFIER_POINTER(DECL_NAME(node)) +#define DECL_NAME_LENGTH(node) IDENTIFIER_LENGTH(DECL_NAME(node)) ++#define TYPE_NAME_POINTER(node) IDENTIFIER_POINTER(TYPE_NAME(node)) ++#define TYPE_NAME_LENGTH(node) IDENTIFIER_LENGTH(TYPE_NAME(node)) + +#if BUILDING_GCC_VERSION == 4005 +#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I) @@ -107813,6 +107745,8 @@ index 0000000..8af3693 +#if BUILDING_GCC_VERSION >= 4007 +#define cgraph_create_edge(caller, callee, call_stmt, count, freq, nest) \ + cgraph_create_edge((caller), (callee), (call_stmt), (count), (freq)) ++#define cgraph_create_edge_including_clones(caller, callee, old_call_stmt, call_stmt, count, freq, nest, reason) \ ++ cgraph_create_edge_including_clones((caller), (callee), (old_call_stmt), (call_stmt), (count), (freq), (reason)) +#endif + +#if BUILDING_GCC_VERSION <= 4008 @@ -121718,7 +121652,7 @@ index ed2f51e..cc2d8f6 100644 ALL_CFLAGS = $(CFLAGS) $(BASIC_CFLAGS) -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 ALL_LDFLAGS = $(LDFLAGS) diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h -index 6789d78..4afd019e 100644 +index 6789d788..4afd019e 100644 --- a/tools/perf/util/include/asm/alternative-asm.h +++ b/tools/perf/util/include/asm/alternative-asm.h @@ -5,4 +5,7 @@ |