aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/linux-grsec/APKBUILD18
-rw-r--r--main/linux-grsec/grsecurity-3.0-3.14.28-201501120819.patch (renamed from main/linux-grsec/grsecurity-3.0-3.14.27-201501042018.patch)335
2 files changed, 76 insertions, 277 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 8c6556f77e..0cf77bff23 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,12 +2,12 @@
_flavor=grsec
pkgname=linux-${_flavor}
-pkgver=3.14.27
+pkgver=3.14.28
case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
esac
-pkgrel=2
+pkgrel=0
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
@@ -17,7 +17,7 @@ _config=${config:-kernelconfig.${CARCH}}
install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
- grsecurity-3.0-3.14.27-201501042018.patch
+ grsecurity-3.0-3.14.28-201501120819.patch
fix-memory-map-for-PIE-applications.patch
imx6q-no-unclocked-sleep.patch
@@ -166,8 +166,8 @@ dev() {
}
md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz
-d79fd9ea62b9c9dd3c17ed7651a9e408 patch-3.14.27.xz
-ca00f323d00586c39cd56cba64b53959 grsecurity-3.0-3.14.27-201501042018.patch
+502a4ee34af04e9b9e375e254f7b9a8f patch-3.14.28.xz
+14277edb3cc6b593f80bf0e62ba8ec70 grsecurity-3.0-3.14.28-201501120819.patch
c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch
1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch
59a78a67677e25540028414bb5eb6330 gre-fix-the-inner-mac-header-in-nbma-gre-tunnels-xmit-path.patch
@@ -175,8 +175,8 @@ c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch
38b50cd1a7670f886c5e9fe9f1f91496 kernelconfig.x86_64
6709c83fbbd38d40f31d39f0022d4ce9 kernelconfig.armhf"
sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz
-5f84a4ff394444486d1715d5283383a8461ff089ed9b9fdc5dde2ed65531d21e patch-3.14.27.xz
-3ce5950b71acc8b44db2611b5c72d999352b025dbfb8c90517ce0c8ab52d2e84 grsecurity-3.0-3.14.27-201501042018.patch
+e3c79a30ac959c84c329be5461da88a5c79c6463da30d376c27bb103aee79b51 patch-3.14.28.xz
+487f4b17658ab037586e9106bca355ad35195d1e78e73ceb2cc7feb55c54ef46 grsecurity-3.0-3.14.28-201501120819.patch
500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch
21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch
f04d0f6610398f3657ddb2e6926113c43ec331ae256704bca4de11f432881ec5 gre-fix-the-inner-mac-header-in-nbma-gre-tunnels-xmit-path.patch
@@ -184,8 +184,8 @@ bf953a65ba047b5316509da5bc7a6dbcee12767e343d26e8360369d27bfdbe78 kernelconfig.x
d555a01f2b464e20cfa71c67ea6d571f80c707c5a3fea33879de09b085e2d7b6 kernelconfig.x86_64
01a6c90cf0643f8727d120aede2267ca7303c4ebe548c5d19222d4387ceb98cc kernelconfig.armhf"
sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz
-1191ef739905b2e5057c5273e5cf026baea1ea4855dca8375dbe4ecaa7e6d2d38b8103e2781554f2d9ecf9026fdad1086c6b9d8f0b41fcb8e39aca0612e208e7 patch-3.14.27.xz
-5af36af71741806a91f509c2b71a6e47fb678c8afb12b2c8bc5890594e90ca27e44641f510187de121a5208cf510d860e71ea1b256cf0e0daf8cf5e4ead1e674 grsecurity-3.0-3.14.27-201501042018.patch
+ae4dc86ff594f1a4c1a2a8786a1ad1293e539c8225ae202b87ad474c22dbe1906cd919566307a69ae48f2e3819d1024e6997adaff48a2184ac87ec61a38b6a34 patch-3.14.28.xz
+633acca6d98d8a33ee34fcc5c4e51dffe30a682d39ad55bddcee196c15773dc410a59fa70691a73a638cfff7c74379b178952c69e30606435cc6dfae21775ef7 grsecurity-3.0-3.14.28-201501120819.patch
4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch
87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch
ddc32533bd519db5298895eb2da5eb95390999bd3f6d27b5eee38551387df4a43f537235d6a9be859ee1f433420f3afbf01e2c1e7ca0175b27460598c5c385f9 gre-fix-the-inner-mac-header-in-nbma-gre-tunnels-xmit-path.patch
diff --git a/main/linux-grsec/grsecurity-3.0-3.14.27-201501042018.patch b/main/linux-grsec/grsecurity-3.0-3.14.28-201501120819.patch
index c044d3506c..2e17d7508a 100644
--- a/main/linux-grsec/grsecurity-3.0-3.14.27-201501042018.patch
+++ b/main/linux-grsec/grsecurity-3.0-3.14.28-201501120819.patch
@@ -292,7 +292,7 @@ index 7116fda..2f71588 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index 944db23..f799f3e 100644
+index a2e572b..b0e0734 100644
--- a/Makefile
+++ b/Makefile
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -20522,24 +20522,6 @@ index bbae024..e1528f9 100644
#define BIOS_END 0x00100000
#define BIOS_ROM_BASE 0xffe00000
-diff --git a/arch/x86/include/uapi/asm/ldt.h b/arch/x86/include/uapi/asm/ldt.h
-index 46727eb..6e1aaf7 100644
---- a/arch/x86/include/uapi/asm/ldt.h
-+++ b/arch/x86/include/uapi/asm/ldt.h
-@@ -28,6 +28,13 @@ struct user_desc {
- unsigned int seg_not_present:1;
- unsigned int useable:1;
- #ifdef __x86_64__
-+ /*
-+ * Because this bit is not present in 32-bit user code, user
-+ * programs can pass uninitialized values here. Therefore, in
-+ * any context in which a user_desc comes from a 32-bit program,
-+ * the kernel must act as though lm == 0, regardless of the
-+ * actual value.
-+ */
- unsigned int lm:1;
- #endif
- };
diff --git a/arch/x86/include/uapi/asm/ptrace-abi.h b/arch/x86/include/uapi/asm/ptrace-abi.h
index 7b0a55a..ad115bf 100644
--- a/arch/x86/include/uapi/asm/ptrace-abi.h
@@ -25884,38 +25866,6 @@ index c2bedae..25e7ab60 100644
.attr = {
.name = "data",
.mode = S_IRUGO,
-diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
-index 713f1b3..0b1e1d5 100644
---- a/arch/x86/kernel/kvm.c
-+++ b/arch/x86/kernel/kvm.c
-@@ -280,7 +280,14 @@ do_async_page_fault(struct pt_regs *regs, unsigned long error_code)
- static void __init paravirt_ops_setup(void)
- {
- pv_info.name = "KVM";
-- pv_info.paravirt_enabled = 1;
-+
-+ /*
-+ * KVM isn't paravirt in the sense of paravirt_enabled. A KVM
-+ * guest kernel works like a bare metal kernel with additional
-+ * features, and paravirt_enabled is about features that are
-+ * missing.
-+ */
-+ pv_info.paravirt_enabled = 0;
-
- if (kvm_para_has_feature(KVM_FEATURE_NOP_IO_DELAY))
- pv_cpu_ops.io_delay = kvm_io_delay;
-diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c
-index e604109..c8e98cd 100644
---- a/arch/x86/kernel/kvmclock.c
-+++ b/arch/x86/kernel/kvmclock.c
-@@ -263,7 +263,6 @@ void __init kvmclock_init(void)
- #endif
- kvm_get_preset_lpj();
- clocksource_register_hz(&kvm_clock, NSEC_PER_SEC);
-- pv_info.paravirt_enabled = 1;
- pv_info.name = "KVM";
-
- if (kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE_STABLE_BIT))
diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c
index c37886d..d851d32 100644
--- a/arch/x86/kernel/ldt.c
@@ -26728,7 +26678,7 @@ index 0de43e9..056b840 100644
}
-
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
-index 9c0280f..5bbb1c0 100644
+index e2d26ce..10f7ec2 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -158,10 +158,11 @@ int copy_thread(unsigned long clone_flags, unsigned long sp,
@@ -26762,17 +26712,18 @@ index 9c0280f..5bbb1c0 100644
unsigned fsindex, gsindex;
fpu_switch_t fpu;
-@@ -303,6 +306,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
+@@ -334,6 +337,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
if (unlikely(next->ds | prev->ds))
loadsegment(ds, next->ds);
+ savesegment(ss, prev->ss);
+ if (unlikely(next->ss != prev->ss))
+ loadsegment(ss, next->ss);
-
- /* We must save %fs and %gs before load_TLS() because
- * %fs and %gs may be cleared by load_TLS().
-@@ -362,6 +368,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
++
+ /*
+ * Switch FS and GS.
+ *
+@@ -407,6 +414,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
prev->usersp = this_cpu_read(old_rsp);
this_cpu_write(old_rsp, next->usersp);
this_cpu_write(current_task, next_p);
@@ -26780,7 +26731,7 @@ index 9c0280f..5bbb1c0 100644
/*
* If it were not for PREEMPT_ACTIVE we could guarantee that the
-@@ -371,9 +378,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
+@@ -416,9 +424,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
task_thread_info(prev_p)->saved_preempt_count = this_cpu_read(__preempt_count);
this_cpu_write(__preempt_count, task_thread_info(next_p)->saved_preempt_count);
@@ -26791,7 +26742,7 @@ index 9c0280f..5bbb1c0 100644
/*
* Now maybe reload the debug registers and handle I/O bitmaps
-@@ -442,12 +447,11 @@ unsigned long get_wchan(struct task_struct *p)
+@@ -487,12 +493,11 @@ unsigned long get_wchan(struct task_struct *p)
if (!p || p == current || p->state == TASK_RUNNING)
return 0;
stack = (unsigned long)task_stack_page(p);
@@ -27884,58 +27835,10 @@ index 24d3c91..d06b473 100644
return pc;
}
diff --git a/arch/x86/kernel/tls.c b/arch/x86/kernel/tls.c
-index f7fec09..d0f623f 100644
+index 4e942f3..d0f623f 100644
--- a/arch/x86/kernel/tls.c
+++ b/arch/x86/kernel/tls.c
-@@ -27,6 +27,37 @@ static int get_free_idx(void)
- return -ESRCH;
- }
-
-+static bool tls_desc_okay(const struct user_desc *info)
-+{
-+ if (LDT_empty(info))
-+ return true;
-+
-+ /*
-+ * espfix is required for 16-bit data segments, but espfix
-+ * only works for LDT segments.
-+ */
-+ if (!info->seg_32bit)
-+ return false;
-+
-+ /* Only allow data segments in the TLS array. */
-+ if (info->contents > 1)
-+ return false;
-+
-+ /*
-+ * Non-present segments with DPL 3 present an interesting attack
-+ * surface. The kernel should handle such segments correctly,
-+ * but TLS is very difficult to protect in a sandbox, so prevent
-+ * such segments from being created.
-+ *
-+ * If userspace needs to remove a TLS entry, it can still delete
-+ * it outright.
-+ */
-+ if (info->seg_not_present)
-+ return false;
-+
-+ return true;
-+}
-+
- static void set_tls_desc(struct task_struct *p, int idx,
- const struct user_desc *info, int n)
- {
-@@ -66,6 +97,9 @@ int do_set_thread_area(struct task_struct *p, int idx,
- if (copy_from_user(&info, u_info, sizeof(info)))
- return -EFAULT;
-
-+ if (!tls_desc_okay(&info))
-+ return -EINVAL;
-+
- if (idx == -1)
- idx = info.entry_number;
-
-@@ -84,6 +118,11 @@ int do_set_thread_area(struct task_struct *p, int idx,
+@@ -118,6 +118,11 @@ int do_set_thread_area(struct task_struct *p, int idx,
if (idx < GDT_ENTRY_TLS_MIN || idx > GDT_ENTRY_TLS_MAX)
return -EINVAL;
@@ -27947,15 +27850,7 @@ index f7fec09..d0f623f 100644
set_tls_desc(p, idx, &info, 1);
return 0;
-@@ -192,6 +231,7 @@ int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
- {
- struct user_desc infobuf[GDT_ENTRY_TLS_ENTRIES];
- const struct user_desc *info;
-+ int i;
-
- if (pos >= GDT_ENTRY_TLS_ENTRIES * sizeof(struct user_desc) ||
- (pos % sizeof(struct user_desc)) != 0 ||
-@@ -200,11 +240,15 @@ int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
+@@ -235,7 +240,7 @@ int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
if (kbuf)
info = kbuf;
@@ -27964,14 +27859,6 @@ index f7fec09..d0f623f 100644
return -EFAULT;
else
info = infobuf;
-
-+ for (i = 0; i < count / sizeof(struct user_desc); i++)
-+ if (!tls_desc_okay(info + i))
-+ return -EINVAL;
-+
- set_tls_desc(target,
- GDT_ENTRY_TLS_MIN + (pos / sizeof(struct user_desc)),
- info, count / sizeof(struct user_desc));
diff --git a/arch/x86/kernel/tracepoint.c b/arch/x86/kernel/tracepoint.c
index 1c113db..287b42e 100644
--- a/arch/x86/kernel/tracepoint.c
@@ -44228,7 +44115,7 @@ index c9a02fe..0debc75 100644
INIT_LIST_HEAD(&serio_raw->client_list);
init_waitqueue_head(&serio_raw->wait);
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
-index 9cbef59..76d5cd3 100644
+index 9cbef59..26db8e4 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -878,11 +878,21 @@ static void copy_cmd_to_buffer(struct amd_iommu *iommu,
@@ -44243,7 +44130,7 @@ index 9cbef59..76d5cd3 100644
- cmd->data[1] = upper_32_bits(__pa(address));
+
+#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW
-+ if (object_starts_on_stack(address)) {
++ if (object_starts_on_stack((void *)address)) {
+ void *adjbuf = (void *)address - current->stack + current->lowmem_stack;
+ physaddr = __pa((u64)adjbuf);
+ } else
@@ -44933,10 +44820,10 @@ index 7ef7461..5a09dac 100644
cl->fn = fn;
cl->wq = wq;
diff --git a/drivers/md/bitmap.c b/drivers/md/bitmap.c
-index 4195a01..42527ac 100644
+index 8e51b3a..bc6febf 100644
--- a/drivers/md/bitmap.c
+++ b/drivers/md/bitmap.c
-@@ -1779,7 +1779,7 @@ void bitmap_status(struct seq_file *seq, struct bitmap *bitmap)
+@@ -1775,7 +1775,7 @@ void bitmap_status(struct seq_file *seq, struct bitmap *bitmap)
chunk_kb ? "KB" : "B");
if (bitmap->storage.file) {
seq_printf(seq, ", file: ");
@@ -45341,10 +45228,10 @@ index 07bba96..2d6788c 100644
struct md_personality
diff --git a/drivers/md/persistent-data/dm-space-map-metadata.c b/drivers/md/persistent-data/dm-space-map-metadata.c
-index 786b689..ea8c956 100644
+index f4e22bc..8f83114 100644
--- a/drivers/md/persistent-data/dm-space-map-metadata.c
+++ b/drivers/md/persistent-data/dm-space-map-metadata.c
-@@ -679,7 +679,7 @@ static int sm_metadata_extend(struct dm_space_map *sm, dm_block_t extra_blocks)
+@@ -681,7 +681,7 @@ static int sm_metadata_extend(struct dm_space_map *sm, dm_block_t extra_blocks)
* Flick into a mode where all blocks get allocated in the new area.
*/
smm->begin = old_len;
@@ -45353,7 +45240,7 @@ index 786b689..ea8c956 100644
/*
* Extend.
-@@ -710,7 +710,7 @@ out:
+@@ -712,7 +712,7 @@ out:
/*
* Switch back to normal behaviour.
*/
@@ -47530,7 +47417,7 @@ index 82dc574..8539ab2 100644
break;
diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c
-index 7b5424f..ed1d6ac 100644
+index df72c47..7e2aad4 100644
--- a/drivers/mmc/card/block.c
+++ b/drivers/mmc/card/block.c
@@ -575,7 +575,7 @@ static int mmc_blk_ioctl_cmd(struct block_device *bdev,
@@ -63686,47 +63573,6 @@ index e846a32..bb06bd0 100644
put_cpu_var(last_ino);
return res;
}
-diff --git a/fs/isofs/rock.c b/fs/isofs/rock.c
-index f488bba..735d752 100644
---- a/fs/isofs/rock.c
-+++ b/fs/isofs/rock.c
-@@ -30,6 +30,7 @@ struct rock_state {
- int cont_size;
- int cont_extent;
- int cont_offset;
-+ int cont_loops;
- struct inode *inode;
- };
-
-@@ -73,6 +74,9 @@ static void init_rock_state(struct rock_state *rs, struct inode *inode)
- rs->inode = inode;
- }
-
-+/* Maximum number of Rock Ridge continuation entries */
-+#define RR_MAX_CE_ENTRIES 32
-+
- /*
- * Returns 0 if the caller should continue scanning, 1 if the scan must end
- * and -ve on error.
-@@ -105,6 +109,8 @@ static int rock_continue(struct rock_state *rs)
- goto out;
- }
- ret = -EIO;
-+ if (++rs->cont_loops >= RR_MAX_CE_ENTRIES)
-+ goto out;
- bh = sb_bread(rs->inode->i_sb, rs->cont_extent);
- if (bh) {
- memcpy(rs->buffer, bh->b_data + rs->cont_offset,
-@@ -356,6 +362,9 @@ repeat:
- rs.cont_size = isonum_733(rr->u.CE.size);
- break;
- case SIG('E', 'R'):
-+ /* Invalid length of ER tag id? */
-+ if (rr->u.ER.len_id + offsetof(struct rock_ridge, u.ER.data) > rr->len)
-+ goto out;
- ISOFS_SB(inode->i_sb)->s_rock = 1;
- printk(KERN_DEBUG "ISO 9660 Extensions: ");
- {
diff --git a/fs/jffs2/erase.c b/fs/jffs2/erase.c
index 4a6cf28..d3a29d3 100644
--- a/fs/jffs2/erase.c
@@ -63769,7 +63615,7 @@ index e2b7483..855bca3 100644
if (jfs_inode_cachep == NULL)
return -ENOMEM;
diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
-index 39c0143..829bfe5 100644
+index 39c0143..79e8b68 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -28,7 +28,7 @@ DEFINE_MUTEX(kernfs_mutex);
@@ -63781,7 +63627,7 @@ index 39c0143..829bfe5 100644
{
unsigned long hash = init_name_hash();
unsigned int len = strlen(name);
-@@ -729,11 +729,17 @@ static int kernfs_iop_mkdir(struct inode *dir, struct dentry *dentry,
+@@ -729,11 +729,19 @@ static int kernfs_iop_mkdir(struct inode *dir, struct dentry *dentry,
{
struct kernfs_node *parent = dir->i_private;
struct kernfs_dir_ops *kdops = kernfs_root(parent)->dir_ops;
@@ -63793,8 +63639,10 @@ index 39c0143..829bfe5 100644
- return kdops->mkdir(parent, dentry->d_name.name, mode);
+ ret = kdops->mkdir(parent, dentry->d_name.name, mode);
+
-+ if (!ret)
-+ ret = kernfs_iop_lookup(dir, dentry, 0);
++ if (!ret) {
++ struct dentry *dentry_ret = kernfs_iop_lookup(dir, dentry, 0);
++ ret = PTR_ERR_OR_ZERO(dentry_ret);
++ }
+
+ return ret;
}
@@ -64597,19 +64445,10 @@ index 0dd72c8..34dd17d 100644
out:
return len;
diff --git a/fs/namespace.c b/fs/namespace.c
-index d9bf3ef..359b08c 100644
+index 039f380..4239636 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
-@@ -1295,6 +1295,8 @@ void umount_tree(struct mount *mnt, int how)
- }
- if (last) {
- last->mnt_hash.next = unmounted.first;
-+ if (unmounted.first)
-+ unmounted.first->pprev = &last->mnt_hash.next;
- unmounted.first = tmp_list.first;
- unmounted.first->pprev = &unmounted.first;
- }
-@@ -1371,6 +1373,9 @@ static int do_umount(struct mount *mnt, int flags)
+@@ -1373,6 +1373,9 @@ static int do_umount(struct mount *mnt, int flags)
if (!(sb->s_flags & MS_RDONLY))
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
up_write(&sb->s_umount);
@@ -64619,7 +64458,7 @@ index d9bf3ef..359b08c 100644
return retval;
}
-@@ -1393,6 +1398,9 @@ static int do_umount(struct mount *mnt, int flags)
+@@ -1395,6 +1398,9 @@ static int do_umount(struct mount *mnt, int flags)
}
unlock_mount_hash();
namespace_unlock();
@@ -64629,7 +64468,7 @@ index d9bf3ef..359b08c 100644
return retval;
}
-@@ -1412,7 +1420,7 @@ static inline bool may_mount(void)
+@@ -1414,7 +1420,7 @@ static inline bool may_mount(void)
* unixes. Our API is identical to OSF/1 to avoid making a mess of AMD
*/
@@ -64638,7 +64477,7 @@ index d9bf3ef..359b08c 100644
{
struct path path;
struct mount *mnt;
-@@ -1454,7 +1462,7 @@ out:
+@@ -1459,7 +1465,7 @@ out:
/*
* The 2.0 compatible umount. No flags.
*/
@@ -64647,7 +64486,7 @@ index d9bf3ef..359b08c 100644
{
return sys_umount(name, 0);
}
-@@ -2503,6 +2511,16 @@ long do_mount(const char *dev_name, const char *dir_name,
+@@ -2514,6 +2520,16 @@ long do_mount(const char *dev_name, const char *dir_name,
MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT |
MS_STRICTATIME);
@@ -64664,7 +64503,7 @@ index d9bf3ef..359b08c 100644
if (flags & MS_REMOUNT)
retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags,
data_page);
-@@ -2517,6 +2535,9 @@ long do_mount(const char *dev_name, const char *dir_name,
+@@ -2528,6 +2544,9 @@ long do_mount(const char *dev_name, const char *dir_name,
dev_name, data_page);
dput_out:
path_put(&path);
@@ -64674,7 +64513,7 @@ index d9bf3ef..359b08c 100644
return retval;
}
-@@ -2534,7 +2555,7 @@ static void free_mnt_ns(struct mnt_namespace *ns)
+@@ -2545,7 +2564,7 @@ static void free_mnt_ns(struct mnt_namespace *ns)
* number incrementing at 10Ghz will take 12,427 years to wrap which
* is effectively never, so we can ignore the possibility.
*/
@@ -64683,7 +64522,7 @@ index d9bf3ef..359b08c 100644
static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
{
-@@ -2549,7 +2570,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
+@@ -2560,7 +2579,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
kfree(new_ns);
return ERR_PTR(ret);
}
@@ -64692,7 +64531,7 @@ index d9bf3ef..359b08c 100644
atomic_set(&new_ns->count, 1);
new_ns->root = NULL;
INIT_LIST_HEAD(&new_ns->list);
-@@ -2559,7 +2580,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
+@@ -2570,7 +2589,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
return new_ns;
}
@@ -64701,7 +64540,7 @@ index d9bf3ef..359b08c 100644
struct user_namespace *user_ns, struct fs_struct *new_fs)
{
struct mnt_namespace *new_ns;
-@@ -2680,8 +2701,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name)
+@@ -2691,8 +2710,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name)
}
EXPORT_SYMBOL(mount_subtree);
@@ -64712,7 +64551,7 @@ index d9bf3ef..359b08c 100644
{
int ret;
char *kernel_type;
-@@ -2794,6 +2815,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
+@@ -2805,6 +2824,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
if (error)
goto out2;
@@ -64724,7 +64563,7 @@ index d9bf3ef..359b08c 100644
get_fs_root(current->fs, &root);
old_mp = lock_mount(&old);
error = PTR_ERR(old_mp);
-@@ -3065,7 +3091,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns)
+@@ -3076,7 +3100,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns)
!ns_capable(current_user_ns(), CAP_SYS_ADMIN))
return -EPERM;
@@ -65830,7 +65669,7 @@ index baf3464..5b394ec 100644
static struct pid *
get_children_pid(struct inode *inode, struct pid *pid_prev, loff_t pos)
diff --git a/fs/proc/base.c b/fs/proc/base.c
-index b976062..584d0bc 100644
+index 489ba8c..72265d6 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -113,6 +113,14 @@ struct pid_entry {
@@ -66159,7 +65998,7 @@ index b976062..584d0bc 100644
if (!dir_emit_dots(file, ctx))
goto out;
-@@ -2597,7 +2721,7 @@ static const struct pid_entry tgid_base_stuff[] = {
+@@ -2648,7 +2772,7 @@ static const struct pid_entry tgid_base_stuff[] = {
REG("autogroup", S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations),
#endif
REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations),
@@ -66168,7 +66007,7 @@ index b976062..584d0bc 100644
INF("syscall", S_IRUGO, proc_pid_syscall),
#endif
INF("cmdline", S_IRUGO, proc_pid_cmdline),
-@@ -2622,10 +2746,10 @@ static const struct pid_entry tgid_base_stuff[] = {
+@@ -2673,10 +2797,10 @@ static const struct pid_entry tgid_base_stuff[] = {
#ifdef CONFIG_SECURITY
DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations),
#endif
@@ -66181,7 +66020,7 @@ index b976062..584d0bc 100644
ONE("stack", S_IRUGO, proc_pid_stack),
#endif
#ifdef CONFIG_SCHEDSTATS
-@@ -2659,6 +2783,9 @@ static const struct pid_entry tgid_base_stuff[] = {
+@@ -2710,6 +2834,9 @@ static const struct pid_entry tgid_base_stuff[] = {
#ifdef CONFIG_HARDWALL
INF("hardwall", S_IRUGO, proc_pid_hardwall),
#endif
@@ -66191,7 +66030,7 @@ index b976062..584d0bc 100644
#ifdef CONFIG_USER_NS
REG("uid_map", S_IRUGO|S_IWUSR, proc_uid_map_operations),
REG("gid_map", S_IRUGO|S_IWUSR, proc_gid_map_operations),
-@@ -2789,7 +2916,14 @@ static int proc_pid_instantiate(struct inode *dir,
+@@ -2841,7 +2968,14 @@ static int proc_pid_instantiate(struct inode *dir,
if (!inode)
goto out;
@@ -66206,7 +66045,7 @@ index b976062..584d0bc 100644
inode->i_op = &proc_tgid_base_inode_operations;
inode->i_fop = &proc_tgid_base_operations;
inode->i_flags|=S_IMMUTABLE;
-@@ -2827,7 +2961,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign
+@@ -2879,7 +3013,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign
if (!task)
goto out;
@@ -66218,7 +66057,7 @@ index b976062..584d0bc 100644
put_task_struct(task);
out:
return ERR_PTR(result);
-@@ -2933,7 +3071,7 @@ static const struct pid_entry tid_base_stuff[] = {
+@@ -2985,7 +3123,7 @@ static const struct pid_entry tid_base_stuff[] = {
REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations),
#endif
REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations),
@@ -66227,7 +66066,7 @@ index b976062..584d0bc 100644
INF("syscall", S_IRUGO, proc_pid_syscall),
#endif
INF("cmdline", S_IRUGO, proc_pid_cmdline),
-@@ -2960,10 +3098,10 @@ static const struct pid_entry tid_base_stuff[] = {
+@@ -3012,10 +3150,10 @@ static const struct pid_entry tid_base_stuff[] = {
#ifdef CONFIG_SECURITY
DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations),
#endif
@@ -68517,7 +68356,7 @@ index 3306b9f..a1e0eda 100644
}
diff --git a/fs/udf/symlink.c b/fs/udf/symlink.c
-index d7c6dbe..0422b7b 100644
+index d89f324..0422b7b 100644
--- a/fs/udf/symlink.c
+++ b/fs/udf/symlink.c
@@ -30,49 +30,73 @@
@@ -68600,36 +68439,7 @@ index d7c6dbe..0422b7b 100644
}
static int udf_symlink_filler(struct file *file, struct page *page)
-@@ -80,11 +104,17 @@ static int udf_symlink_filler(struct file *file, struct page *page)
- struct inode *inode = page->mapping->host;
- struct buffer_head *bh = NULL;
- unsigned char *symlink;
-- int err = -EIO;
-+ int err;
- unsigned char *p = kmap(page);
- struct udf_inode_info *iinfo;
- uint32_t pos;
-
-+ /* We don't support symlinks longer than one block */
-+ if (inode->i_size > inode->i_sb->s_blocksize) {
-+ err = -ENAMETOOLONG;
-+ goto out_unmap;
-+ }
-+
- iinfo = UDF_I(inode);
- pos = udf_block_map(inode, 0);
-
-@@ -94,14 +124,18 @@ static int udf_symlink_filler(struct file *file, struct page *page)
- } else {
- bh = sb_bread(inode->i_sb, pos);
-
-- if (!bh)
-- goto out;
-+ if (!bh) {
-+ err = -EIO;
-+ goto out_unlock_inode;
-+ }
-
+@@ -108,8 +132,10 @@ static int udf_symlink_filler(struct file *file, struct page *page)
symlink = bh->b_data;
}
@@ -68641,18 +68451,6 @@ index d7c6dbe..0422b7b 100644
up_read(&iinfo->i_data_sem);
SetPageUptodate(page);
-@@ -109,9 +143,10 @@ static int udf_symlink_filler(struct file *file, struct page *page)
- unlock_page(page);
- return 0;
-
--out:
-+out_unlock_inode:
- up_read(&iinfo->i_data_sem);
- SetPageError(page);
-+out_unmap:
- kunmap(page);
- unlock_page(page);
- return err;
diff --git a/fs/udf/udfdecl.h b/fs/udf/udfdecl.h
index be7dabb..6b10c98 100644
--- a/fs/udf/udfdecl.h
@@ -80916,10 +80714,10 @@ index c1da539..1dcec55 100644
struct atmphy_ops {
int (*start)(struct atm_dev *dev);
diff --git a/include/linux/audit.h b/include/linux/audit.h
-index ec1464d..833274b 100644
+index 419b7d7..b79b4f2 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
-@@ -196,7 +196,7 @@ static inline void audit_ptrace(struct task_struct *t)
+@@ -200,7 +200,7 @@ static inline void audit_ptrace(struct task_struct *t)
extern unsigned int audit_serial(void);
extern int auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial);
@@ -81419,7 +81217,7 @@ index d08e4d2..95fad61 100644
/**
diff --git a/include/linux/cred.h b/include/linux/cred.h
-index 04421e8..a85afd4 100644
+index 6c58dd7..80d1d95 100644
--- a/include/linux/cred.h
+++ b/include/linux/cred.h
@@ -35,7 +35,7 @@ struct group_info {
@@ -81431,7 +81229,7 @@ index 04421e8..a85afd4 100644
/**
* get_group_info - Get a reference to a group info structure
-@@ -136,7 +136,7 @@ struct cred {
+@@ -137,7 +137,7 @@ struct cred {
struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */
struct group_info *group_info; /* supplementary groups for euid/fsgid */
struct rcu_head rcu; /* RCU deletion hook */
@@ -81440,7 +81238,7 @@ index 04421e8..a85afd4 100644
extern void __put_cred(struct cred *);
extern void exit_creds(struct task_struct *);
-@@ -194,6 +194,9 @@ static inline void validate_creds_for_do_exit(struct task_struct *tsk)
+@@ -195,6 +195,9 @@ static inline void validate_creds_for_do_exit(struct task_struct *tsk)
static inline void validate_process_creds(void)
{
}
@@ -81450,7 +81248,7 @@ index 04421e8..a85afd4 100644
#endif
/**
-@@ -322,6 +325,7 @@ static inline void put_cred(const struct cred *_cred)
+@@ -323,6 +326,7 @@ static inline void put_cred(const struct cred *_cred)
#define task_uid(task) (task_cred_xxx((task), uid))
#define task_euid(task) (task_cred_xxx((task), euid))
@@ -86518,10 +86316,10 @@ index e452ba6..78f8e80 100644
/*
* callback functions for platform
diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
-index 4836ba3..603f6ee 100644
+index e92abf9..b802b30 100644
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
-@@ -33,7 +33,7 @@ struct user_namespace {
+@@ -38,7 +38,7 @@ struct user_namespace {
struct key *persistent_keyring_register;
struct rw_semaphore persistent_keyring_register_sem;
#endif
@@ -91994,7 +91792,7 @@ index 6d63003..486a109 100644
}
EXPORT_SYMBOL(__stack_chk_fail);
diff --git a/kernel/pid.c b/kernel/pid.c
-index 9b9a266..c20ef80 100644
+index 82430c8..53d7793 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -33,6 +33,7 @@
@@ -92014,7 +91812,7 @@ index 9b9a266..c20ef80 100644
int pid_max_min = RESERVED_PIDS + 1;
int pid_max_max = PID_MAX_LIMIT;
-@@ -445,10 +446,18 @@ EXPORT_SYMBOL(pid_task);
+@@ -447,10 +448,18 @@ EXPORT_SYMBOL(pid_task);
*/
struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns)
{
@@ -92034,7 +91832,7 @@ index 9b9a266..c20ef80 100644
}
struct task_struct *find_task_by_vpid(pid_t vnr)
-@@ -456,6 +465,14 @@ struct task_struct *find_task_by_vpid(pid_t vnr)
+@@ -458,6 +467,14 @@ struct task_struct *find_task_by_vpid(pid_t vnr)
return find_task_by_pid_ns(vnr, task_active_pid_ns(current));
}
@@ -94930,10 +94728,10 @@ index 7e3cd7a..5156a5fe 100644
mutex_lock(&syscall_trace_lock);
sys_perf_refcount_exit--;
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 80a57af..7f5a7ff 100644
+index 153971e..ac4be58 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
-@@ -82,6 +82,21 @@ int create_user_ns(struct cred *new)
+@@ -83,6 +83,21 @@ int create_user_ns(struct cred *new)
!kgid_has_mapping(parent_ns, group))
return -EPERM;
@@ -94955,7 +94753,7 @@ index 80a57af..7f5a7ff 100644
ns = kmem_cache_zalloc(user_ns_cachep, GFP_KERNEL);
if (!ns)
return -ENOMEM;
-@@ -865,7 +880,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns)
+@@ -966,7 +981,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns)
if (atomic_read(&current->mm->mm_users) > 1)
return -EINVAL;
@@ -118556,10 +118354,10 @@ index 0000000..4378111
+}
diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
new file mode 100644
-index 0000000..bbd5d8e
+index 0000000..19cb000
--- /dev/null
+++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
-@@ -0,0 +1,6034 @@
+@@ -0,0 +1,6035 @@
+intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL
+ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL
+storvsc_connect_to_vsp_22 storvsc_connect_to_vsp 2 22 NULL
@@ -121784,6 +121582,7 @@ index 0000000..bbd5d8e
+l2cap_skbuff_fromiovec_35003 l2cap_skbuff_fromiovec 4-3 35003 NULL
+sisusb_copy_memory_35016 sisusb_copy_memory 4 35016 NULL
+coda_psdev_read_35029 coda_psdev_read 3 35029 NULL
++proc_setgroups_write_35039 proc_setgroups_write 3 35039 NULL
+xfs_rtallocate_extent_35052 xfs_rtallocate_extent 0 35052 NULL
+pwr_connection_out_of_sync_read_35061 pwr_connection_out_of_sync_read 3 35061 NULL
+ntfs_attr_extend_initialized_35084 ntfs_attr_extend_initialized 0 35084 NULL