aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/linux-grsec/APKBUILD8
-rw-r--r--main/linux-grsec/grsecurity-2.9-3.3.3-201204231833.patch (renamed from main/linux-grsec/grsecurity-2.9-3.3.2-201204172135.patch)307
2 files changed, 183 insertions, 132 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index eea3d28fdf..dd212592f3 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
_flavor=grsec
pkgname=linux-${_flavor}
-pkgver=3.3.2
+pkgver=3.3.3
_kernver=3.3
pkgrel=0
pkgdesc="Linux kernel with grsecurity"
@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH}}
install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
- grsecurity-2.9-3.3.2-201204172135.patch
+ grsecurity-2.9-3.3.3-201204231833.patch
0004-arp-flush-arp-cache-on-device-change.patch
@@ -138,8 +138,8 @@ dev() {
}
md5sums="7133f5a2086a7d7ef97abac610c094f5 linux-3.3.tar.xz
-68907107b0f62a19608588bdb6b29e20 patch-3.3.2.xz
-8449f14948e6a7bc0de34f404d48a88d grsecurity-2.9-3.3.2-201204172135.patch
+634a088d3789870885dc6ee1eb9627d4 patch-3.3.3.xz
+be1a42f051803149e2074cdb557de55e grsecurity-2.9-3.3.3-201204231833.patch
776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch
5d2818cb5329aec600ee8ffc3896a728 kernelconfig.x86
39552b468a33a04678113c12ec6c1a91 kernelconfig.x86_64"
diff --git a/main/linux-grsec/grsecurity-2.9-3.3.2-201204172135.patch b/main/linux-grsec/grsecurity-2.9-3.3.3-201204231833.patch
index 22c20492f9..8309b6eb6a 100644
--- a/main/linux-grsec/grsecurity-2.9-3.3.2-201204172135.patch
+++ b/main/linux-grsec/grsecurity-2.9-3.3.3-201204231833.patch
@@ -195,7 +195,7 @@ index d99fd9c..8689fef 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index ddcb70a..32da20d 100644
+index 0acd141..865e73d 100644
--- a/Makefile
+++ b/Makefile
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -221,15 +221,17 @@ index ddcb70a..32da20d 100644
$(Q)$(MAKE) $(build)=scripts/basic
$(Q)rm -f .tmp_quiet_recordmcount
-@@ -564,6 +565,53 @@ else
+@@ -564,6 +565,55 @@ else
KBUILD_CFLAGS += -O2
endif
+ifndef DISABLE_PAX_PLUGINS
+ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y)
+ifndef DISABLE_PAX_CONSTIFY_PLUGIN
++ifndef CONFIG_UML
+CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
+endif
++endif
+ifdef CONFIG_PAX_MEMORY_STACKLEAK
+STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
+STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
@@ -275,7 +277,7 @@ index ddcb70a..32da20d 100644
include $(srctree)/arch/$(SRCARCH)/Makefile
ifneq ($(CONFIG_FRAME_WARN),0)
-@@ -708,7 +756,7 @@ export mod_strip_cmd
+@@ -708,7 +758,7 @@ export mod_strip_cmd
ifeq ($(KBUILD_EXTMOD),)
@@ -284,7 +286,7 @@ index ddcb70a..32da20d 100644
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-@@ -932,6 +980,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
+@@ -932,6 +982,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
# The actual objects are generated when descending,
# make sure no implicit rule kicks in
@@ -293,7 +295,7 @@ index ddcb70a..32da20d 100644
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Handle descending into subdirectories listed in $(vmlinux-dirs)
-@@ -941,7 +991,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
+@@ -941,7 +993,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Error messages still appears in the original language
PHONY += $(vmlinux-dirs)
@@ -302,7 +304,7 @@ index ddcb70a..32da20d 100644
$(Q)$(MAKE) $(build)=$@
# Store (new) KERNELRELASE string in include/config/kernel.release
-@@ -985,6 +1035,7 @@ prepare0: archprepare FORCE
+@@ -985,6 +1037,7 @@ prepare0: archprepare FORCE
$(Q)$(MAKE) $(build)=.
# All the preparing..
@@ -310,7 +312,7 @@ index ddcb70a..32da20d 100644
prepare: prepare0
# Generate some files
-@@ -1089,6 +1140,8 @@ all: modules
+@@ -1089,6 +1142,8 @@ all: modules
# using awk while concatenating to the final file.
PHONY += modules
@@ -319,7 +321,7 @@ index ddcb70a..32da20d 100644
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
@$(kecho) ' Building modules, stage 2.';
-@@ -1104,7 +1157,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
+@@ -1104,7 +1159,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
# Target to prepare building external modules
PHONY += modules_prepare
@@ -328,7 +330,7 @@ index ddcb70a..32da20d 100644
# Target to install modules
PHONY += modules_install
-@@ -1201,6 +1254,7 @@ distclean: mrproper
+@@ -1201,6 +1256,7 @@ distclean: mrproper
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
-o -name '.*.rej' \
@@ -336,7 +338,7 @@ index ddcb70a..32da20d 100644
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
-type f -print | xargs rm -f
-@@ -1361,6 +1415,8 @@ PHONY += $(module-dirs) modules
+@@ -1361,6 +1417,8 @@ PHONY += $(module-dirs) modules
$(module-dirs): crmodverdir $(objtree)/Module.symvers
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
@@ -345,7 +347,7 @@ index ddcb70a..32da20d 100644
modules: $(module-dirs)
@$(kecho) ' Building modules, stage 2.';
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
-@@ -1487,17 +1543,21 @@ else
+@@ -1487,17 +1545,21 @@ else
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
endif
@@ -371,7 +373,7 @@ index ddcb70a..32da20d 100644
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.symtypes: %.c prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
-@@ -1507,11 +1567,15 @@ endif
+@@ -1507,11 +1569,15 @@ endif
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
$(build)=$(build-dir)
@@ -9650,7 +9652,7 @@ index 46fc474..b02b0f9 100644
if (len)
diff --git a/arch/x86/include/asm/cmpxchg.h b/arch/x86/include/asm/cmpxchg.h
-index b3b7332..d81165b 100644
+index 99480e5..d81165b 100644
--- a/arch/x86/include/asm/cmpxchg.h
+++ b/arch/x86/include/asm/cmpxchg.h
@@ -14,8 +14,12 @@ extern void __cmpxchg_wrong_size(void)
@@ -9666,15 +9668,6 @@ index b3b7332..d81165b 100644
/*
* Constants for operation sizes. On 32-bit, the 64-bit size it set to
-@@ -43,7 +47,7 @@ extern void __add_wrong_size(void)
- switch (sizeof(*(ptr))) { \
- case __X86_CASE_B: \
- asm volatile (lock #op "b %b0, %1\n" \
-- : "+r" (__ret), "+m" (*(ptr)) \
-+ : "+q" (__ret), "+m" (*(ptr)) \
- : : "memory", "cc"); \
- break; \
- case __X86_CASE_W: \
@@ -67,6 +71,34 @@ extern void __add_wrong_size(void)
__ret; \
})
@@ -9710,7 +9703,7 @@ index b3b7332..d81165b 100644
/*
* Note: no "lock" prefix even on SMP: xchg always implies lock anyway.
* Since this is generally used to protect other memory information, we
-@@ -167,13 +199,16 @@ extern void __add_wrong_size(void)
+@@ -167,6 +199,9 @@ extern void __add_wrong_size(void)
#define xadd_sync(ptr, inc) __xadd((ptr), (inc), "lock; ")
#define xadd_local(ptr, inc) __xadd((ptr), (inc), "")
@@ -9720,14 +9713,6 @@ index b3b7332..d81165b 100644
#define __add(ptr, inc, lock) \
({ \
__typeof__ (*(ptr)) __ret = (inc); \
- switch (sizeof(*(ptr))) { \
- case __X86_CASE_B: \
- asm volatile (lock "addb %b1, %0\n" \
-- : "+m" (*(ptr)) : "ri" (inc) \
-+ : "+m" (*(ptr)) : "qi" (inc) \
- : "memory", "cc"); \
- break; \
- case __X86_CASE_W: \
diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h
index 8d67d42..183d0eb 100644
--- a/arch/x86/include/asm/cpufeature.h
@@ -20097,18 +20082,10 @@ index 1561028..0ed7f14 100644
goto error;
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
-index e385214..029e9dd 100644
+index e385214..f8df033 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
-@@ -3051,6 +3051,7 @@ static int svm_set_vm_cr(struct kvm_vcpu *vcpu, u64 data)
- return 0;
- }
-
-+static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data) __size_overflow(3);
- static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data)
- {
- struct vcpu_svm *svm = to_svm(vcpu);
-@@ -3420,7 +3421,11 @@ static void reload_tss(struct kvm_vcpu *vcpu)
+@@ -3420,7 +3420,11 @@ static void reload_tss(struct kvm_vcpu *vcpu)
int cpu = raw_smp_processor_id();
struct svm_cpu_data *sd = per_cpu(svm_data, cpu);
@@ -20120,7 +20097,7 @@ index e385214..029e9dd 100644
load_TR_desc();
}
-@@ -3798,6 +3803,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
+@@ -3798,6 +3802,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
#endif
#endif
@@ -30365,7 +30342,7 @@ index 5bd4361..0241a42 100644
INIT_WORK(&dev_priv->hotplug_work, i915_hotplug_work_func);
INIT_WORK(&dev_priv->error_work, i915_error_work_func);
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
-index 2163818..e536c3d 100644
+index 2163818..cede019 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -2238,7 +2238,7 @@ intel_pipe_set_base(struct drm_crtc *crtc, int x, int y,
@@ -30395,7 +30372,22 @@ index 2163818..e536c3d 100644
wake_up(&dev_priv->pending_flip_queue);
schedule_work(&work->work);
-@@ -7461,7 +7461,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
+@@ -7354,7 +7354,13 @@ static int intel_gen6_queue_flip(struct drm_device *dev,
+ OUT_RING(fb->pitches[0] | obj->tiling_mode);
+ OUT_RING(obj->gtt_offset);
+
+- pf = I915_READ(PF_CTL(intel_crtc->pipe)) & PF_ENABLE;
++ /* Contrary to the suggestions in the documentation,
++ * "Enable Panel Fitter" does not seem to be required when page
++ * flipping with a non-native mode, and worse causes a normal
++ * modeset to fail.
++ * pf = I915_READ(PF_CTL(intel_crtc->pipe)) & PF_ENABLE;
++ */
++ pf = 0;
+ pipesrc = I915_READ(PIPESRC(intel_crtc->pipe)) & 0x0fff0fff;
+ OUT_RING(pf | pipesrc);
+ ADVANCE_LP_RING();
+@@ -7461,7 +7467,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
/* Block clients from rendering to the new back buffer until
* the flip occurs and the object is no longer visible.
*/
@@ -30404,7 +30396,7 @@ index 2163818..e536c3d 100644
ret = dev_priv->display.queue_flip(dev, crtc, fb, obj);
if (ret)
-@@ -7475,7 +7475,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
+@@ -7475,7 +7481,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
return 0;
cleanup_pending:
@@ -33524,7 +33516,7 @@ index 1cbfc6b..56e1dbb 100644
/*----------------------------------------------------------------*/
diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c
-index 118e0f6..210c4d7 100644
+index edc735a..e9b97f1 100644
--- a/drivers/md/raid1.c
+++ b/drivers/md/raid1.c
@@ -1645,7 +1645,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio)
@@ -33536,7 +33528,7 @@ index 118e0f6..210c4d7 100644
}
sectors -= s;
sect += s;
-@@ -1858,7 +1858,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk,
+@@ -1859,7 +1859,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk,
test_bit(In_sync, &rdev->flags)) {
if (r1_sync_page_io(rdev, sect, s,
conf->tmppage, READ)) {
@@ -33546,7 +33538,7 @@ index 118e0f6..210c4d7 100644
"md/raid1:%s: read error corrected "
"(%d sectors at %llu on %s)\n",
diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c
-index be7101d..f23ba30 100644
+index 1898389..a3aa617 100644
--- a/drivers/md/raid10.c
+++ b/drivers/md/raid10.c
@@ -1636,7 +1636,7 @@ static void end_sync_read(struct bio *bio, int error)
@@ -35249,6 +35241,19 @@ index 133b7fb..d58c559 100644
/* Ignore return since this msg is optional. */
rndis_filter_send_request(dev, request);
+diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c
+index 58dc117..f140c77 100644
+--- a/drivers/net/macvtap.c
++++ b/drivers/net/macvtap.c
+@@ -526,6 +526,8 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from,
+ }
+ base = (unsigned long)from->iov_base + offset1;
+ size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT;
++ if (i + size >= MAX_SKB_FRAGS)
++ return -EFAULT;
+ num_pages = get_user_pages_fast(base, size, 0, &page[i]);
+ if ((num_pages != size) ||
+ (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags))
diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c
index 486b404..0d6677d 100644
--- a/drivers/net/ppp/ppp_generic.c
@@ -41612,7 +41617,7 @@ index a40c05e..785c583 100644
return count;
}
diff --git a/drivers/video/uvesafb.c b/drivers/video/uvesafb.c
-index e7f69ef..83af4fd 100644
+index 8408543..357841c 100644
--- a/drivers/video/uvesafb.c
+++ b/drivers/video/uvesafb.c
@@ -19,6 +19,7 @@
@@ -41665,7 +41670,24 @@ index e7f69ef..83af4fd 100644
printk(KERN_INFO "uvesafb: protected mode interface info at "
"%04x:%04x\n",
(u16)task->t.regs.es, (u16)task->t.regs.edi);
-@@ -1821,6 +1844,11 @@ out:
+@@ -816,13 +839,14 @@ static int __devinit uvesafb_vbe_init(struct fb_info *info)
+ par->ypan = ypan;
+
+ if (par->pmi_setpal || par->ypan) {
++#if !defined(CONFIG_MODULES) || !defined(CONFIG_PAX_KERNEXEC)
+ if (__supported_pte_mask & _PAGE_NX) {
+ par->pmi_setpal = par->ypan = 0;
+ printk(KERN_WARNING "uvesafb: NX protection is actively."
+ "We have better not to use the PMI.\n");
+- } else {
++ } else
++#endif
+ uvesafb_vbe_getpmi(task, par);
+- }
+ }
+ #else
+ /* The protected mode interface is not available on non-x86. */
+@@ -1828,6 +1852,11 @@ out:
if (par->vbe_modes)
kfree(par->vbe_modes);
@@ -41677,7 +41699,7 @@ index e7f69ef..83af4fd 100644
framebuffer_release(info);
return err;
}
-@@ -1847,6 +1875,12 @@ static int uvesafb_remove(struct platform_device *dev)
+@@ -1854,6 +1883,12 @@ static int uvesafb_remove(struct platform_device *dev)
kfree(par->vbe_state_orig);
if (par->vbe_state_saved)
kfree(par->vbe_state_saved);
@@ -43036,7 +43058,7 @@ index 892b347..b3db246 100644
* If a file is moved, it will inherit the cow and compression flags of the new
* directory.
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
-index d8b5471..e5463d7 100644
+index 1b36f19..5ac7360 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -2783,9 +2783,12 @@ long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg)
@@ -44717,10 +44739,10 @@ index f9e2cd8..bfdc476 100644
if (free_clusters >= (nclusters + dirty_clusters))
return 1;
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
-index 3ce6a0c..0311fe5 100644
+index 9983ba8..2a5272c 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
-@@ -1220,19 +1220,19 @@ struct ext4_sb_info {
+@@ -1217,19 +1217,19 @@ struct ext4_sb_info {
unsigned long s_mb_last_start;
/* stats for buddy allocator */
@@ -62179,7 +62201,7 @@ index 9c07dce..a92fa71 100644
if (atomic_sub_and_test((int) count, &kref->refcount)) {
release(kref);
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
-index 900c763..3287a0b 100644
+index 900c763..098aefa 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -326,7 +326,7 @@ void kvm_vcpu_uninit(struct kvm_vcpu *vcpu);
@@ -62227,7 +62249,27 @@ index 900c763..3287a0b 100644
void kvm_arch_exit(void);
int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu);
-@@ -721,7 +721,7 @@ int kvm_setup_default_irq_routing(struct kvm *kvm);
+@@ -593,6 +593,7 @@ void kvm_free_irq_source_id(struct kvm *kvm, int irq_source_id);
+
+ #ifdef CONFIG_IOMMU_API
+ int kvm_iommu_map_pages(struct kvm *kvm, struct kvm_memory_slot *slot);
++void kvm_iommu_unmap_pages(struct kvm *kvm, struct kvm_memory_slot *slot);
+ int kvm_iommu_map_guest(struct kvm *kvm);
+ int kvm_iommu_unmap_guest(struct kvm *kvm);
+ int kvm_assign_device(struct kvm *kvm,
+@@ -606,6 +607,11 @@ static inline int kvm_iommu_map_pages(struct kvm *kvm,
+ return 0;
+ }
+
++static inline void kvm_iommu_unmap_pages(struct kvm *kvm,
++ struct kvm_memory_slot *slot)
++{
++}
++
+ static inline int kvm_iommu_map_guest(struct kvm *kvm)
+ {
+ return -ENODEV;
+@@ -721,7 +727,7 @@ int kvm_setup_default_irq_routing(struct kvm *kvm);
int kvm_set_irq_routing(struct kvm *kvm,
const struct kvm_irq_routing_entry *entries,
unsigned nr,
@@ -63642,6 +63684,27 @@ index de8832d..0147b46 100644
__SONET_ITEMS
#undef __HANDLE_ITEM
};
+diff --git a/include/linux/stddef.h b/include/linux/stddef.h
+index 6a40c76..1747b67 100644
+--- a/include/linux/stddef.h
++++ b/include/linux/stddef.h
+@@ -3,14 +3,10 @@
+
+ #include <linux/compiler.h>
+
++#ifdef __KERNEL__
++
+ #undef NULL
+-#if defined(__cplusplus)
+-#define NULL 0
+-#else
+ #define NULL ((void *)0)
+-#endif
+-
+-#ifdef __KERNEL__
+
+ enum {
+ false = 0,
diff --git a/include/linux/sunrpc/clnt.h b/include/linux/sunrpc/clnt.h
index 2c5993a..b0e79f0 100644
--- a/include/linux/sunrpc/clnt.h
@@ -66340,7 +66403,7 @@ index 26a7a67..a1053f9 100644
else
new_fs = fs;
diff --git a/kernel/futex.c b/kernel/futex.c
-index 0677023..f3c3b79 100644
+index 866c9d5..5c5f828 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -54,6 +54,7 @@
@@ -66351,7 +66414,7 @@ index 0677023..f3c3b79 100644
#include <linux/signal.h>
#include <linux/export.h>
#include <linux/magic.h>
-@@ -238,6 +239,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
+@@ -239,6 +240,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
struct page *page, *page_head;
int err, ro = 0;
@@ -66363,18 +66426,7 @@ index 0677023..f3c3b79 100644
/*
* The futex address must be "naturally" aligned.
*/
-@@ -2459,6 +2465,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid,
- if (!p)
- goto err_unlock;
- ret = -EPERM;
-+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
-+ if (!ptrace_may_access(p, PTRACE_MODE_READ))
-+ goto err_unlock;
-+#endif
- pcred = __task_cred(p);
- /* If victim is in different user_ns, then uids are not
- comparable, so we must have CAP_SYS_PTRACE */
-@@ -2731,6 +2741,7 @@ static int __init futex_init(void)
+@@ -2721,6 +2727,7 @@ static int __init futex_init(void)
{
u32 curval;
int i;
@@ -66382,7 +66434,7 @@ index 0677023..f3c3b79 100644
/*
* This will fail and we want it. Some arch implementations do
-@@ -2742,8 +2753,11 @@ static int __init futex_init(void)
+@@ -2732,8 +2739,11 @@ static int __init futex_init(void)
* implementation, the non-functional ones will return
* -ENOSYS.
*/
@@ -66394,39 +66446,6 @@ index 0677023..f3c3b79 100644
for (i = 0; i < ARRAY_SIZE(futex_queues); i++) {
plist_head_init(&futex_queues[i].chain);
-diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c
-index 5f9e689..582d46d 100644
---- a/kernel/futex_compat.c
-+++ b/kernel/futex_compat.c
-@@ -10,6 +10,7 @@
- #include <linux/compat.h>
- #include <linux/nsproxy.h>
- #include <linux/futex.h>
-+#include <linux/ptrace.h>
-
- #include <asm/uaccess.h>
-
-@@ -136,7 +137,8 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr,
- {
- struct compat_robust_list_head __user *head;
- unsigned long ret;
-- const struct cred *cred = current_cred(), *pcred;
-+ const struct cred *cred = current_cred();
-+ const struct cred *pcred;
-
- if (!futex_cmpxchg_enabled)
- return -ENOSYS;
-@@ -152,6 +154,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr,
- if (!p)
- goto err_unlock;
- ret = -EPERM;
-+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
-+ if (!ptrace_may_access(p, PTRACE_MODE_READ))
-+ goto err_unlock;
-+#endif
- pcred = __task_cred(p);
- /* If victim is in different user_ns, then uids are not
- comparable, so we must have CAP_SYS_PTRACE */
diff --git a/kernel/gcov/base.c b/kernel/gcov/base.c
index 9b22d03..6295b62 100644
--- a/kernel/gcov/base.c
@@ -67691,18 +67710,9 @@ index b452599..5d68f4e 100644
atomic_set(&pd->refcnt, 0);
pd->pinst = pinst;
diff --git a/kernel/panic.c b/kernel/panic.c
-index 80aed44..e83856a 100644
+index 8ed89a1..e83856a 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
-@@ -97,7 +97,7 @@ void panic(const char *fmt, ...)
- /*
- * Avoid nested stack-dumping if a panic occurs during oops processing
- */
-- if (!oops_in_progress)
-+ if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
- dump_stack();
- #endif
-
@@ -402,7 +402,7 @@ static void warn_slowpath_common(const char *file, int line, void *caller,
const char *board;
@@ -70288,7 +70298,7 @@ index 8f7fc39..69bf1e9 100644
/* if an huge pmd materialized from under us just retry later */
if (unlikely(pmd_trans_huge(*pmd)))
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
-index a876871..132cde0 100644
+index a7cf829..d60e0e1 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -2346,6 +2346,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma,
@@ -74543,7 +74553,7 @@ index 07d1c1d..7e9bea9 100644
frag2->seqno = htons(seqno);
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
-index 07bc69e..21e76b1 100644
+index 280953b..cd219bb 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -234,7 +234,7 @@ void hci_le_ltk_reply(struct hci_conn *conn, u8 ltk[16])
@@ -79335,18 +79345,18 @@ index 97ce8fa..23dad96 100644
.ptrace_access_check = apparmor_ptrace_access_check,
diff --git a/security/commoncap.c b/security/commoncap.c
-index 7ce191e..6c29c34 100644
+index b8d2bb9..980069e 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
-@@ -28,6 +28,7 @@
- #include <linux/prctl.h>
+@@ -29,6 +29,7 @@
#include <linux/securebits.h>
#include <linux/user_namespace.h>
+ #include <linux/personality.h>
+#include <net/sock.h>
/*
* If a non-root user executes a setuid-root binary in
-@@ -569,6 +570,9 @@ int cap_bprm_secureexec(struct linux_binprm *bprm)
+@@ -575,6 +576,9 @@ int cap_bprm_secureexec(struct linux_binprm *bprm)
{
const struct cred *cred = current_cred();
@@ -80528,7 +80538,7 @@ index 0000000..ee950d0
+}
diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c
new file mode 100644
-index 0000000..704a564
+index 0000000..88a7438
--- /dev/null
+++ b/tools/gcc/constify_plugin.c
@@ -0,0 +1,303 @@
@@ -80791,7 +80801,7 @@ index 0000000..704a564
+// continue;
+
+ if (walk_struct(type)) {
-+ error("constified variable %qE cannot be local", var);
++ error_at(DECL_SOURCE_LOCATION(var), "constified variable %qE cannot be local", var);
+ return 1;
+ }
+ }
@@ -86008,8 +86018,33 @@ index af0f22f..9a7d479 100644
} else
break;
}
+diff --git a/virt/kvm/iommu.c b/virt/kvm/iommu.c
+index a457d21..fec1723 100644
+--- a/virt/kvm/iommu.c
++++ b/virt/kvm/iommu.c
+@@ -310,6 +310,11 @@ static void kvm_iommu_put_pages(struct kvm *kvm,
+ }
+ }
+
++void kvm_iommu_unmap_pages(struct kvm *kvm, struct kvm_memory_slot *slot)
++{
++ kvm_iommu_put_pages(kvm, slot->base_gfn, slot->npages);
++}
++
+ static int kvm_iommu_unmap_memslots(struct kvm *kvm)
+ {
+ int idx;
+@@ -320,7 +325,7 @@ static int kvm_iommu_unmap_memslots(struct kvm *kvm)
+ slots = kvm_memslots(kvm);
+
+ kvm_for_each_memslot(memslot, slots)
+- kvm_iommu_put_pages(kvm, memslot->base_gfn, memslot->npages);
++ kvm_iommu_unmap_pages(kvm, memslot);
+
+ srcu_read_unlock(&kvm->srcu, idx);
+
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
-index a91f980..a58d32c 100644
+index a91f980..527711d 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -75,7 +75,7 @@ LIST_HEAD(vm_list);
@@ -86021,7 +86056,23 @@ index a91f980..a58d32c 100644
struct kmem_cache *kvm_vcpu_cache;
EXPORT_SYMBOL_GPL(kvm_vcpu_cache);
-@@ -2312,7 +2312,7 @@ static void hardware_enable_nolock(void *junk)
+@@ -873,12 +873,13 @@ skip_lpage:
+ if (r)
+ goto out_free;
+
+- /* map the pages in iommu page table */
++ /* map/unmap the pages in iommu page table */
+ if (npages) {
+ r = kvm_iommu_map_pages(kvm, &new);
+ if (r)
+ goto out_free;
+- }
++ } else
++ kvm_iommu_unmap_pages(kvm, &old);
+
+ r = -ENOMEM;
+ slots = kmemdup(kvm->memslots, sizeof(struct kvm_memslots),
+@@ -2312,7 +2313,7 @@ static void hardware_enable_nolock(void *junk)
if (r) {
cpumask_clear_cpu(cpu, cpus_hardware_enabled);
@@ -86030,7 +86081,7 @@ index a91f980..a58d32c 100644
printk(KERN_INFO "kvm: enabling virtualization on "
"CPU%d failed\n", cpu);
}
-@@ -2366,10 +2366,10 @@ static int hardware_enable_all(void)
+@@ -2366,10 +2367,10 @@ static int hardware_enable_all(void)
kvm_usage_count++;
if (kvm_usage_count == 1) {
@@ -86043,7 +86094,7 @@ index a91f980..a58d32c 100644
hardware_disable_all_nolock();
r = -EBUSY;
}
-@@ -2732,7 +2732,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
+@@ -2732,7 +2733,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
kvm_arch_vcpu_put(vcpu);
}
@@ -86052,7 +86103,7 @@ index a91f980..a58d32c 100644
struct module *module)
{
int r;
-@@ -2795,7 +2795,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
+@@ -2795,7 +2796,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
if (!vcpu_align)
vcpu_align = __alignof__(struct kvm_vcpu);
kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align,
@@ -86061,7 +86112,7 @@ index a91f980..a58d32c 100644
if (!kvm_vcpu_cache) {
r = -ENOMEM;
goto out_free_3;
-@@ -2805,9 +2805,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
+@@ -2805,9 +2806,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
if (r)
goto out_free;