diff options
-rw-r--r-- | main/linux-virt-grsec/APKBUILD | 36 | ||||
-rw-r--r-- | main/linux-virt-grsec/grsecurity-3.0-3.14.5-201406021708.patch (renamed from main/linux-virt-grsec/grsecurity-3.0-3.13.7-201403252047.patch) | 20341 | ||||
-rw-r--r-- | main/linux-virt-grsec/kernelconfig.x86 | 87 | ||||
-rw-r--r-- | main/linux-virt-grsec/kernelconfig.x86_64 | 92 |
4 files changed, 11783 insertions, 8773 deletions
diff --git a/main/linux-virt-grsec/APKBUILD b/main/linux-virt-grsec/APKBUILD index 58ccadc5c2..0236a81c1e 100644 --- a/main/linux-virt-grsec/APKBUILD +++ b/main/linux-virt-grsec/APKBUILD @@ -3,7 +3,7 @@ _flavor=virt-grsec pkgname=linux-${_flavor} -pkgver=3.13.7 +pkgver=3.14.5 case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; @@ -18,14 +18,14 @@ _config=${config:-kernelconfig.${CARCH}} install= source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz - grsecurity-3.0-$pkgver-201403252047.patch + grsecurity-3.0-3.14.5-201406021708.patch fix-memory-map-for-PIE-applications.patch kernelconfig.x86 kernelconfig.x86_64 " subpackages="$pkgname-dev" -arch="x86 x86_64 arm" +arch="x86 x86_64" license="GPL-2" _abi_release=${pkgver}-${pkgrel}-${_flavor} @@ -144,21 +144,21 @@ dev() { "$subpkgdir"/lib/modules/${_abi_release}/build } -md5sums="0ecbaf65c00374eb4a826c2f9f37606f linux-3.13.tar.xz -cb33b329d3417846d310c7f58a2614b6 patch-3.13.7.xz -00dbb1fb5bfc08842d97c02ece67e441 grsecurity-3.0-3.13.7-201403252047.patch +md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz +a56bf05cb9033097198f9269bbcff130 patch-3.14.5.xz +e3879ccdca92dbec4e42109a9f5552bb grsecurity-3.0-3.14.5-201406021708.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch -dafaf5ef5b477d21411b423caa0d6836 kernelconfig.x86 -492168c5783522e39f26ce5771f93e12 kernelconfig.x86_64" -sha256sums="4d5e5eee5f276424c32e9591f1b6c971baedc7b49f28ce03d1f48b1e5d6226a2 linux-3.13.tar.xz -4e7a062493c2a0dd2f2aa0ec636a47b2b1785aebccf652ae56e68f0dfc083f89 patch-3.13.7.xz -2bd65311a72df142f5b4f7be20f4b1e26fc62c076dba9991f0efba12dc847538 grsecurity-3.0-3.13.7-201403252047.patch +0593091e003403e5c52c7b173f8866f6 kernelconfig.x86 +d5427d0c3bc034aed0614ce29e66876f kernelconfig.x86_64" +sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz +ecc00856830c05736b3f99609bc6d80353c29d2db9b0dffb91eb2d169808cac4 patch-3.14.5.xz +8695054d1a1bd02acd2a08b1268eb65349f6877b1be1a00251dcbc5dd95a5a00 grsecurity-3.0-3.14.5-201406021708.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch -ae9d10524dde3504cf77db0f3a2efb10a60af804e246117d34c722be34e20d49 kernelconfig.x86 -f478c9d4e13f687a07bd4148be812ff9489668dd75d8512fc466428fa290198a kernelconfig.x86_64" -sha512sums="1ba223bb4b885d691a67196d86a8aaf7b4a1c351bf2a762f50f1b0c32da00dd0c28895872a66b49e8d244498d996876609268e64861d28ac4048886ef9f79b87 linux-3.13.tar.xz -bee628e25d8ed378fd32d0e96ac20f24d1bef2950377cee249b65db918bd528a744cc1058006f9e945095ccc81805d715eb27e5c36f2515c7dcfdf5fe6b6c7a6 patch-3.13.7.xz -f118a017084f8dee3d5ae0f9435f96e9e5cff7c2d4672855622133cc6fd811c4e481c6b6f907b43c691f0531bfaf168dbd08877e29c25da82989492bc4186de4 grsecurity-3.0-3.13.7-201403252047.patch +00f0bdb92fc2878625716b9e6569b597908639e1784ec283d896d87f7a9c8d65 kernelconfig.x86 +e7832d2bcb090a177640c75ac6a0c259d013e7e3a61cd173b729457d18533132 kernelconfig.x86_64" +sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz +068d139063c94f0e3fd4c24217705628b20f996f6e4cce88366c060150a123381babcfc05c953c58023deff0f7b28b4129b8d381b20dd4e3ac80ce4dbc4ec1e3 patch-3.14.5.xz +86aa2f621e4fe52eaf498236289b66532f7a8bc087e9100ec168861cead44b7a4329ad609314b6b0bcbf114adf7378ae4eb38b37fc7d8e414473b7de1b84bd2f grsecurity-3.0-3.14.5-201406021708.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch -e3632c26946afe40fad6ebd8bba9631d67c57c948efabc619096aeb108720464ffd70c4b69227b6906593b606d6e6ed0b22e71298a13cf4955076ffeb457198b kernelconfig.x86 -574f8b4373fa4f59aaf4958754baacf2c231718f7aae76264f9cc349582824b9edd4288daea7e3aa66b3c01b176897ad2c8975395971fe2062f7ca5ff27e8f82 kernelconfig.x86_64" +37661c86ee78bae4f71c325437bf5c1e4d3515988f636289ea120caad8925e959a5f7891d3909e8c721be851eb38810b1db5e19ee5db2046597f26f64d34ef23 kernelconfig.x86 +4bfeb5fe218e6adf6a323166607ce76e235645da53be31a8678f20d00b764e918a0be0bbad4e2b34281fb4aa2a208ccdb208cc1a7ed5a1210e50caec67735bf5 kernelconfig.x86_64" diff --git a/main/linux-virt-grsec/grsecurity-3.0-3.13.7-201403252047.patch b/main/linux-virt-grsec/grsecurity-3.0-3.14.5-201406021708.patch index 52f42f1148..400f193d7c 100644 --- a/main/linux-virt-grsec/grsecurity-3.0-3.13.7-201403252047.patch +++ b/main/linux-virt-grsec/grsecurity-3.0-3.14.5-201406021708.patch @@ -235,10 +235,10 @@ index b89a739..e289b9b 100644 +zconf.lex.c zoffset.h diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt -index b9e9bd8..bf49b92 100644 +index 7116fda..d8ed6e8 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt -@@ -1033,6 +1033,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -1084,6 +1084,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. Format: <unsigned int> such that (rxsize & ~0x1fffc0) == 0. Default: 1024 @@ -249,7 +249,7 @@ index b9e9bd8..bf49b92 100644 hashdist= [KNL,NUMA] Large hashes allocated during boot are distributed across NUMA nodes. Defaults on for 64-bit NUMA, off otherwise. -@@ -2018,6 +2022,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2080,6 +2084,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. noexec=on: enable non-executable mappings (default) noexec=off: disable non-executable mappings @@ -260,7 +260,7 @@ index b9e9bd8..bf49b92 100644 nosmap [X86] Disable SMAP (Supervisor Mode Access Prevention) even if it is supported by processor. -@@ -2285,6 +2293,25 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2347,6 +2355,25 @@ bytes respectively. Such letter suffixes can also be entirely omitted. the specified number of seconds. This is to be used if your oopses keep scrolling off the screen. @@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 9f214b4..8c9c622 100644 +index fa77b0b..dadf5fd 100644 --- a/Makefile +++ b/Makefile @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -298,27 +298,11 @@ index 9f214b4..8c9c622 100644 -HOSTCXXFLAGS = -O2 +HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks +HOSTCFLAGS += $(call cc-option, -Wno-empty-body) -+HOSTCXXFLAGS = -O2 -Wall -W -fno-delete-null-pointer-checks ++HOSTCXXFLAGS = -O2 -Wall -W -Wno-array-bounds # Decide whether to build built-in, modular, or both. # Normally, just do built-in. -@@ -311,9 +312,15 @@ endif - # If the user is running make -s (silent mode), suppress echoing of - # commands - -+ifneq ($(filter 4.%,$(MAKE_VERSION)),) # make-4 -+ifneq ($(filter %s ,$(firstword x$(MAKEFLAGS))),) -+ quiet=silent_ -+endif -+else # make-3.8x - ifneq ($(filter s% -s%,$(MAKEFLAGS)),) - quiet=silent_ - endif -+endif - - export quiet Q KBUILD_VERBOSE - -@@ -417,8 +424,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \ +@@ -423,8 +424,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \ # Rules shared between *config targets and build targets # Basic helpers built in scripts/ @@ -329,7 +313,7 @@ index 9f214b4..8c9c622 100644 $(Q)$(MAKE) $(build)=scripts/basic $(Q)rm -f .tmp_quiet_recordmcount -@@ -579,6 +586,72 @@ else +@@ -585,6 +586,72 @@ else KBUILD_CFLAGS += -O2 endif @@ -368,7 +352,7 @@ index 9f214b4..8c9c622 100644 +endif +COLORIZE_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/colorize_plugin.so +ifdef CONFIG_PAX_SIZE_OVERFLOW -+SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN ++SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN +endif +ifdef CONFIG_PAX_LATENT_ENTROPY +LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN @@ -402,16 +386,7 @@ index 9f214b4..8c9c622 100644 include $(srctree)/arch/$(SRCARCH)/Makefile ifdef CONFIG_READABLE_ASM -@@ -619,7 +692,7 @@ endif - - ifdef CONFIG_DEBUG_INFO - KBUILD_CFLAGS += -g --KBUILD_AFLAGS += -gdwarf-2 -+KBUILD_AFLAGS += -Wa,--gdwarf-2 - endif - - ifdef CONFIG_DEBUG_INFO_REDUCED -@@ -754,7 +827,7 @@ export mod_sign_cmd +@@ -779,7 +846,7 @@ export mod_sign_cmd ifeq ($(KBUILD_EXTMOD),) @@ -420,7 +395,7 @@ index 9f214b4..8c9c622 100644 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -@@ -803,6 +876,8 @@ endif +@@ -828,6 +895,8 @@ endif # The actual objects are generated when descending, # make sure no implicit rule kicks in @@ -429,7 +404,7 @@ index 9f214b4..8c9c622 100644 $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Handle descending into subdirectories listed in $(vmlinux-dirs) -@@ -812,7 +887,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; +@@ -837,7 +906,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Error messages still appears in the original language PHONY += $(vmlinux-dirs) @@ -438,7 +413,7 @@ index 9f214b4..8c9c622 100644 $(Q)$(MAKE) $(build)=$@ define filechk_kernel.release -@@ -855,10 +930,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ +@@ -880,10 +949,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ archprepare: archheaders archscripts prepare1 scripts_basic @@ -452,7 +427,7 @@ index 9f214b4..8c9c622 100644 prepare: prepare0 # Generate some files -@@ -966,6 +1044,8 @@ all: modules +@@ -991,6 +1063,8 @@ all: modules # using awk while concatenating to the final file. PHONY += modules @@ -461,7 +436,7 @@ index 9f214b4..8c9c622 100644 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order @$(kecho) ' Building modules, stage 2.'; -@@ -981,7 +1061,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) +@@ -1006,7 +1080,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) # Target to prepare building external modules PHONY += modules_prepare @@ -470,17 +445,19 @@ index 9f214b4..8c9c622 100644 # Target to install modules PHONY += modules_install -@@ -1047,7 +1127,8 @@ MRPROPER_FILES += .config .config.old .version .old_version $(version_h) \ +@@ -1072,7 +1146,10 @@ MRPROPER_FILES += .config .config.old .version .old_version $(version_h) \ Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \ signing_key.priv signing_key.x509 x509.genkey \ extra_certificates signing_key.x509.keyid \ - signing_key.x509.signer -+ signing_key.x509.signer tools/gcc/size_overflow_hash.h \ ++ signing_key.x509.signer \ ++ tools/gcc/size_overflow_plugin/size_overflow_hash_aux.h \ ++ tools/gcc/size_overflow_plugin/size_overflow_hash.h \ + tools/gcc/randomize_layout_seed.h # clean - Delete most, but leave enough to build external modules # -@@ -1087,6 +1168,7 @@ distclean: mrproper +@@ -1112,6 +1189,7 @@ distclean: mrproper \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ -o -name '.*.rej' \ @@ -488,7 +465,7 @@ index 9f214b4..8c9c622 100644 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ -type f -print | xargs rm -f -@@ -1248,6 +1330,8 @@ PHONY += $(module-dirs) modules +@@ -1273,6 +1351,8 @@ PHONY += $(module-dirs) modules $(module-dirs): crmodverdir $(objtree)/Module.symvers $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) @@ -497,7 +474,7 @@ index 9f214b4..8c9c622 100644 modules: $(module-dirs) @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost -@@ -1387,17 +1471,21 @@ else +@@ -1412,17 +1492,21 @@ else target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) endif @@ -523,7 +500,7 @@ index 9f214b4..8c9c622 100644 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) %.symtypes: %.c prepare scripts FORCE $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) -@@ -1407,11 +1495,15 @@ endif +@@ -1432,11 +1516,15 @@ endif $(cmd_crmodverdir) $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ $(build)=$(build-dir) @@ -874,10 +851,10 @@ index 98838a0..b304fb4 100644 /* Allow reads even for write-only mappings */ if (!(vma->vm_flags & (VM_READ | VM_WRITE))) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig -index 47085a0..f975a53 100644 +index 44298ad..29a20c0 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig -@@ -1830,7 +1830,7 @@ config ALIGNMENT_TRAP +@@ -1862,7 +1862,7 @@ config ALIGNMENT_TRAP config UACCESS_WITH_MEMCPY bool "Use kernel mem{cpy,set}() for {copy_to,clear}_user()" @@ -886,7 +863,7 @@ index 47085a0..f975a53 100644 default y if CPU_FEROCEON help Implement faster copy_to_user and clear_user methods for CPU -@@ -2102,6 +2102,7 @@ config XIP_PHYS_ADDR +@@ -2125,6 +2125,7 @@ config XIP_PHYS_ADDR config KEXEC bool "Kexec system call (EXPERIMENTAL)" depends on (!SMP || PM_SLEEP_SMP) @@ -1571,7 +1548,7 @@ index 75fe66b..ba3dee4 100644 #endif diff --git a/arch/arm/include/asm/cacheflush.h b/arch/arm/include/asm/cacheflush.h -index ab91ebb..2c2afeb 100644 +index 8b8b616..d973d24 100644 --- a/arch/arm/include/asm/cacheflush.h +++ b/arch/arm/include/asm/cacheflush.h @@ -116,7 +116,7 @@ struct cpu_cache_fns { @@ -1584,7 +1561,7 @@ index ab91ebb..2c2afeb 100644 /* * Select the calling method diff --git a/arch/arm/include/asm/checksum.h b/arch/arm/include/asm/checksum.h -index 6dcc164..b14d917 100644 +index 5233151..87a71fa 100644 --- a/arch/arm/include/asm/checksum.h +++ b/arch/arm/include/asm/checksum.h @@ -37,7 +37,19 @@ __wsum @@ -1728,10 +1705,10 @@ index de53547..52b9a28 100644 (unsigned long)(dest_buf) + (size)); \ \ diff --git a/arch/arm/include/asm/futex.h b/arch/arm/include/asm/futex.h -index e42cf59..7b94b8f 100644 +index 2aff798..099eb15 100644 --- a/arch/arm/include/asm/futex.h +++ b/arch/arm/include/asm/futex.h -@@ -50,6 +50,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, +@@ -45,6 +45,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))) return -EFAULT; @@ -1740,7 +1717,7 @@ index e42cf59..7b94b8f 100644 smp_mb(); __asm__ __volatile__("@futex_atomic_cmpxchg_inatomic\n" "1: ldrex %1, [%4]\n" -@@ -65,6 +67,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, +@@ -60,6 +62,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, : "cc", "memory"); smp_mb(); @@ -1749,7 +1726,7 @@ index e42cf59..7b94b8f 100644 *uval = val; return ret; } -@@ -95,6 +99,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, +@@ -90,6 +94,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))) return -EFAULT; @@ -1758,7 +1735,7 @@ index e42cf59..7b94b8f 100644 __asm__ __volatile__("@futex_atomic_cmpxchg_inatomic\n" "1: " TUSER(ldr) " %1, [%4]\n" " teq %1, %2\n" -@@ -105,6 +111,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, +@@ -100,6 +106,8 @@ futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, : "r" (oldval), "r" (newval), "r" (uaddr), "Ir" (-EFAULT) : "cc", "memory"); @@ -1767,7 +1744,7 @@ index e42cf59..7b94b8f 100644 *uval = val; return ret; } -@@ -127,6 +135,7 @@ futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) +@@ -122,6 +130,7 @@ futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) return -EFAULT; pagefault_disable(); /* implies preempt_disable() */ @@ -1775,7 +1752,7 @@ index e42cf59..7b94b8f 100644 switch (op) { case FUTEX_OP_SET: -@@ -148,6 +157,7 @@ futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) +@@ -143,6 +152,7 @@ futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr) ret = -ENOSYS; } @@ -1809,28 +1786,36 @@ index 9e614a1..3302cca 100644 struct dma_struct { void *addr; /* single DMA address */ diff --git a/arch/arm/include/asm/mach/map.h b/arch/arm/include/asm/mach/map.h -index 2fe141f..192dc01 100644 +index f98c7f3..e5c626d 100644 --- a/arch/arm/include/asm/mach/map.h +++ b/arch/arm/include/asm/mach/map.h -@@ -27,13 +27,16 @@ struct map_desc { - #define MT_MINICLEAN 6 - #define MT_LOW_VECTORS 7 - #define MT_HIGH_VECTORS 8 --#define MT_MEMORY 9 -+#define MT_MEMORY_RWX 9 - #define MT_ROM 10 --#define MT_MEMORY_NONCACHED 11 -+#define MT_MEMORY_NONCACHED_RX 11 - #define MT_MEMORY_DTCM 12 - #define MT_MEMORY_ITCM 13 - #define MT_MEMORY_SO 14 - #define MT_MEMORY_DMA_READY 15 -+#define MT_MEMORY_RW 16 -+#define MT_MEMORY_RX 17 -+#define MT_MEMORY_NONCACHED_RW 18 +@@ -23,17 +23,19 @@ struct map_desc { - #ifdef CONFIG_MMU - extern void iotable_init(struct map_desc *, int); + /* types 0-3 are defined in asm/io.h */ + enum { +- MT_UNCACHED = 4, +- MT_CACHECLEAN, +- MT_MINICLEAN, ++ MT_UNCACHED_RW = 4, ++ MT_CACHECLEAN_RO, ++ MT_MINICLEAN_RO, + MT_LOW_VECTORS, + MT_HIGH_VECTORS, +- MT_MEMORY_RWX, ++ __MT_MEMORY_RWX, + MT_MEMORY_RW, +- MT_ROM, +- MT_MEMORY_RWX_NONCACHED, ++ MT_MEMORY_RX, ++ MT_ROM_RX, ++ MT_MEMORY_RW_NONCACHED, ++ MT_MEMORY_RX_NONCACHED, + MT_MEMORY_RW_DTCM, +- MT_MEMORY_RWX_ITCM, ++ MT_MEMORY_RX_ITCM, + MT_MEMORY_RW_SO, + MT_MEMORY_DMA_READY, + }; diff --git a/arch/arm/include/asm/outercache.h b/arch/arm/include/asm/outercache.h index f94784f..9a09a4a 100644 --- a/arch/arm/include/asm/outercache.h @@ -1963,7 +1948,7 @@ index 5cfba15..f415e1a 100644 #define PTE_EXT_AP0 (_AT(pteval_t, 1) << 4) #define PTE_EXT_AP1 (_AT(pteval_t, 2) << 4) diff --git a/arch/arm/include/asm/pgtable-2level.h b/arch/arm/include/asm/pgtable-2level.h -index 86a659a..70e0120 100644 +index 219ac88..73ec32a 100644 --- a/arch/arm/include/asm/pgtable-2level.h +++ b/arch/arm/include/asm/pgtable-2level.h @@ -126,6 +126,9 @@ @@ -1989,7 +1974,7 @@ index 626989f..9d67a33 100644 /* diff --git a/arch/arm/include/asm/pgtable-3level.h b/arch/arm/include/asm/pgtable-3level.h -index 1d15673..04d626a 100644 +index 85c60ad..b0bbd7e 100644 --- a/arch/arm/include/asm/pgtable-3level.h +++ b/arch/arm/include/asm/pgtable-3level.h @@ -82,6 +82,7 @@ @@ -2009,7 +1994,7 @@ index 1d15673..04d626a 100644 #define L_PTE_DIRTY_HIGH (1 << (55 - 32)) diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h -index 1571d12..b8a9b43 100644 +index 7d59b52..27a12f8 100644 --- a/arch/arm/include/asm/pgtable.h +++ b/arch/arm/include/asm/pgtable.h @@ -33,6 +33,9 @@ @@ -2092,7 +2077,7 @@ index 1571d12..b8a9b43 100644 */ #define _L_PTE_DEFAULT L_PTE_PRESENT | L_PTE_YOUNG -@@ -260,7 +308,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } +@@ -262,7 +310,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } static inline pte_t pte_modify(pte_t pte, pgprot_t newprot) { const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | @@ -2376,10 +2361,10 @@ index 5af0ed1..cea83883 100644 #define PSR_ENDIAN_MASK 0x00000200 /* Endianness state mask */ diff --git a/arch/arm/kernel/armksyms.c b/arch/arm/kernel/armksyms.c -index 1f031dd..d9b5e4a 100644 +index 85e664b..419a1cd 100644 --- a/arch/arm/kernel/armksyms.c +++ b/arch/arm/kernel/armksyms.c -@@ -53,7 +53,7 @@ EXPORT_SYMBOL(arm_delay_ops); +@@ -55,7 +55,7 @@ EXPORT_SYMBOL(arm_delay_ops); /* networking */ EXPORT_SYMBOL(csum_partial); @@ -2388,7 +2373,7 @@ index 1f031dd..d9b5e4a 100644 EXPORT_SYMBOL(csum_partial_copy_nocheck); EXPORT_SYMBOL(__csum_ipv6_magic); -@@ -89,9 +89,9 @@ EXPORT_SYMBOL(__memzero); +@@ -91,9 +91,9 @@ EXPORT_SYMBOL(__memzero); #ifdef CONFIG_MMU EXPORT_SYMBOL(copy_page); @@ -2402,7 +2387,7 @@ index 1f031dd..d9b5e4a 100644 EXPORT_SYMBOL(__get_user_1); EXPORT_SYMBOL(__get_user_2); diff --git a/arch/arm/kernel/entry-armv.S b/arch/arm/kernel/entry-armv.S -index b3fb8c9..59cfab2 100644 +index 1879e8d..b2207fc 100644 --- a/arch/arm/kernel/entry-armv.S +++ b/arch/arm/kernel/entry-armv.S @@ -47,6 +47,87 @@ @@ -2554,22 +2539,23 @@ index b3fb8c9..59cfab2 100644 ARM_BE8(rev r0, r0) @ little endian instruction @ r0 = 32-bit ARM instruction which caused the exception -@@ -450,10 +549,14 @@ __und_usr_thumb: +@@ -450,11 +549,15 @@ __und_usr_thumb: */ .arch armv6t2 #endif + pax_open_userland 2: ldrht r5, [r4] + pax_close_userland + ARM_BE8(rev16 r5, r5) @ little endian instruction cmp r5, #0xe800 @ 32bit instruction if xx != 0 blo __und_usr_fault_16 @ 16bit undefined instruction + pax_open_userland 3: ldrht r0, [r2] + pax_close_userland + ARM_BE8(rev16 r0, r0) @ little endian instruction add r2, r2, #2 @ r2 is PC + 2, make it PC + 4 str r2, [sp, #S_PC] @ it's a 2x16bit instr, update - orr r0, r0, r5, lsl #16 -@@ -482,7 +585,8 @@ ENDPROC(__und_usr) +@@ -484,7 +587,8 @@ ENDPROC(__und_usr) */ .pushsection .fixup, "ax" .align 2 @@ -2579,7 +2565,7 @@ index b3fb8c9..59cfab2 100644 .popsection .pushsection __ex_table,"a" .long 1b, 4b -@@ -692,7 +796,7 @@ ENTRY(__switch_to) +@@ -694,7 +798,7 @@ ENTRY(__switch_to) THUMB( str lr, [ip], #4 ) ldr r4, [r2, #TI_TP_VALUE] ldr r5, [r2, #TI_TP_VALUE + 4] @@ -2588,7 +2574,7 @@ index b3fb8c9..59cfab2 100644 ldr r6, [r2, #TI_CPU_DOMAIN] #endif switch_tls r1, r4, r5, r3, r7 -@@ -701,7 +805,7 @@ ENTRY(__switch_to) +@@ -703,7 +807,7 @@ ENTRY(__switch_to) ldr r8, =__stack_chk_guard ldr r7, [r7, #TSK_STACK_CANARY] #endif @@ -2765,21 +2751,10 @@ index 918875d..cd5fa27 100644 flush_icache_range((unsigned long)base + offset, offset + length); diff --git a/arch/arm/kernel/head.S b/arch/arm/kernel/head.S -index 32f317e..710ae07 100644 +index f5f381d..a6f36a1 100644 --- a/arch/arm/kernel/head.S +++ b/arch/arm/kernel/head.S -@@ -52,7 +52,9 @@ - .equ swapper_pg_dir, KERNEL_RAM_VADDR - PG_DIR_SIZE - - .macro pgtbl, rd, phys -- add \rd, \phys, #TEXT_OFFSET - PG_DIR_SIZE -+ mov \rd, #TEXT_OFFSET -+ sub \rd, #PG_DIR_SIZE -+ add \rd, \rd, \phys - .endm - - /* -@@ -436,7 +438,7 @@ __enable_mmu: +@@ -437,7 +437,7 @@ __enable_mmu: mov r5, #(domain_val(DOMAIN_USER, DOMAIN_MANAGER) | \ domain_val(DOMAIN_KERNEL, DOMAIN_MANAGER) | \ domain_val(DOMAIN_TABLE, DOMAIN_MANAGER) | \ @@ -2991,7 +2966,7 @@ index 0dd3b79..e018f64 100644 if (secure_computing(scno) == -1) return -1; diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c -index 987a7f5..ab0c397 100644 +index 1e8b030..37c3022 100644 --- a/arch/arm/kernel/setup.c +++ b/arch/arm/kernel/setup.c @@ -100,21 +100,23 @@ EXPORT_SYMBOL(system_serial_high); @@ -3097,7 +3072,7 @@ index 04d6388..5115238 100644 - return page; -} diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c -index dc894ab..f929a0d 100644 +index b7b4c86..47c4f77 100644 --- a/arch/arm/kernel/smp.c +++ b/arch/arm/kernel/smp.c @@ -73,7 +73,7 @@ enum ipi_msg_type { @@ -3109,15 +3084,38 @@ index dc894ab..f929a0d 100644 void __init smp_set_ops(struct smp_operations *ops) { +diff --git a/arch/arm/kernel/tcm.c b/arch/arm/kernel/tcm.c +index 7a3be1d..b00c7de 100644 +--- a/arch/arm/kernel/tcm.c ++++ b/arch/arm/kernel/tcm.c +@@ -61,7 +61,7 @@ static struct map_desc itcm_iomap[] __initdata = { + .virtual = ITCM_OFFSET, + .pfn = __phys_to_pfn(ITCM_OFFSET), + .length = 0, +- .type = MT_MEMORY_RWX_ITCM, ++ .type = MT_MEMORY_RX_ITCM, + } + }; + +@@ -267,7 +267,9 @@ no_dtcm: + start = &__sitcm_text; + end = &__eitcm_text; + ram = &__itcm_start; ++ pax_open_kernel(); + memcpy(start, ram, itcm_code_sz); ++ pax_close_kernel(); + pr_debug("CPU ITCM: copied code from %p - %p\n", + start, end); + itcm_present = true; diff --git a/arch/arm/kernel/traps.c b/arch/arm/kernel/traps.c -index 4636d56..ce4ec3d 100644 +index 172ee18..ce4ec3d 100644 --- a/arch/arm/kernel/traps.c +++ b/arch/arm/kernel/traps.c @@ -62,7 +62,7 @@ static void dump_mem(const char *, const char *, unsigned long, unsigned long); void dump_backtrace_entry(unsigned long where, unsigned long from, unsigned long frame) { #ifdef CONFIG_KALLSYMS -- printk("[<%08lx>] (%pS) from [<%08lx>] (%pS)\n", where, (void *)where, from, (void *)from); +- printk("[<%08lx>] (%ps) from [<%08lx>] (%pS)\n", where, (void *)where, from, (void *)from); + printk("[<%08lx>] (%pA) from [<%08lx>] (%pA)\n", where, (void *)where, from, (void *)from); #else printk("Function entered at [<%08lx>] from [<%08lx>]\n", where, from); @@ -3235,10 +3233,10 @@ index 7bcee5c..e2f3249 100644 __data_loc = .; #endif diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c -index 2a700e0..745b980 100644 +index bd18bb8..87ede26 100644 --- a/arch/arm/kvm/arm.c +++ b/arch/arm/kvm/arm.c -@@ -56,7 +56,7 @@ static unsigned long hyp_default_vectors; +@@ -57,7 +57,7 @@ static unsigned long hyp_default_vectors; static DEFINE_PER_CPU(struct kvm_vcpu *, kvm_arm_running_vcpu); /* The VMID used in the VTTBR */ @@ -3247,7 +3245,7 @@ index 2a700e0..745b980 100644 static u8 kvm_next_vmid; static DEFINE_SPINLOCK(kvm_vmid_lock); -@@ -397,7 +397,7 @@ void force_vm_exit(const cpumask_t *mask) +@@ -408,7 +408,7 @@ void force_vm_exit(const cpumask_t *mask) */ static bool need_new_vmid_gen(struct kvm *kvm) { @@ -3256,7 +3254,7 @@ index 2a700e0..745b980 100644 } /** -@@ -430,7 +430,7 @@ static void update_vttbr(struct kvm *kvm) +@@ -441,7 +441,7 @@ static void update_vttbr(struct kvm *kvm) /* First user of a new VMID generation? */ if (unlikely(kvm_next_vmid == 0)) { @@ -3265,7 +3263,7 @@ index 2a700e0..745b980 100644 kvm_next_vmid = 1; /* -@@ -447,7 +447,7 @@ static void update_vttbr(struct kvm *kvm) +@@ -458,7 +458,7 @@ static void update_vttbr(struct kvm *kvm) kvm_call_hyp(__kvm_flush_vm_context); } @@ -3420,6 +3418,19 @@ index 3e58d71..029817c 100644 { /* See rational for this in __copy_to_user() above. */ if (n < 64) +diff --git a/arch/arm/mach-at91/setup.c b/arch/arm/mach-at91/setup.c +index f7ca97b..3d7e719 100644 +--- a/arch/arm/mach-at91/setup.c ++++ b/arch/arm/mach-at91/setup.c +@@ -81,7 +81,7 @@ void __init at91_init_sram(int bank, unsigned long base, unsigned int length) + + desc->pfn = __phys_to_pfn(base); + desc->length = length; +- desc->type = MT_MEMORY_RWX_NONCACHED; ++ desc->type = MT_MEMORY_RW_NONCACHED; + + pr_info("AT91: sram at 0x%lx of 0x%x mapped at 0x%lx\n", + base, length, desc->virtual); diff --git a/arch/arm/mach-kirkwood/common.c b/arch/arm/mach-kirkwood/common.c index f3407a5..bd4256f 100644 --- a/arch/arm/mach-kirkwood/common.c @@ -3458,10 +3469,10 @@ index f3407a5..bd4256f 100644 if (IS_ERR(clk)) diff --git a/arch/arm/mach-omap2/board-n8x0.c b/arch/arm/mach-omap2/board-n8x0.c -index 827d1500..2885dc6 100644 +index aead77a..a2253fa 100644 --- a/arch/arm/mach-omap2/board-n8x0.c +++ b/arch/arm/mach-omap2/board-n8x0.c -@@ -627,7 +627,7 @@ static int n8x0_menelaus_late_init(struct device *dev) +@@ -568,7 +568,7 @@ static int n8x0_menelaus_late_init(struct device *dev) } #endif @@ -3518,7 +3529,7 @@ index ab43755..ccfa231 100644 gpmc_client_irq[1].bitmask = GPMC_IRQ_COUNT_EVENT; diff --git a/arch/arm/mach-omap2/omap-mpuss-lowpower.c b/arch/arm/mach-omap2/omap-mpuss-lowpower.c -index f991016..145ebeb 100644 +index 667915d..2ee1219 100644 --- a/arch/arm/mach-omap2/omap-mpuss-lowpower.c +++ b/arch/arm/mach-omap2/omap-mpuss-lowpower.c @@ -84,7 +84,7 @@ struct cpu_pm_ops { @@ -3553,10 +3564,10 @@ index 3664562..72f85c6 100644 }; diff --git a/arch/arm/mach-omap2/omap_device.c b/arch/arm/mach-omap2/omap_device.c -index e0a398c..a470fa5 100644 +index 01ef59d..32ae28a8 100644 --- a/arch/arm/mach-omap2/omap_device.c +++ b/arch/arm/mach-omap2/omap_device.c -@@ -508,7 +508,7 @@ void omap_device_delete(struct omap_device *od) +@@ -510,7 +510,7 @@ void omap_device_delete(struct omap_device *od) struct platform_device __init *omap_device_build(const char *pdev_name, int pdev_id, struct omap_hwmod *oh, @@ -3565,7 +3576,7 @@ index e0a398c..a470fa5 100644 { struct omap_hwmod *ohs[] = { oh }; -@@ -536,7 +536,7 @@ struct platform_device __init *omap_device_build(const char *pdev_name, +@@ -538,7 +538,7 @@ struct platform_device __init *omap_device_build(const char *pdev_name, struct platform_device __init *omap_device_build_ss(const char *pdev_name, int pdev_id, struct omap_hwmod **ohs, @@ -3594,7 +3605,7 @@ index 78c02b3..c94109a 100644 struct omap_device *omap_device_alloc(struct platform_device *pdev, struct omap_hwmod **ohs, int oh_cnt); diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c -index 8a1b5e0..5f30074 100644 +index 66c60fe..c78950d 100644 --- a/arch/arm/mach-omap2/omap_hwmod.c +++ b/arch/arm/mach-omap2/omap_hwmod.c @@ -194,10 +194,10 @@ struct omap_hwmod_soc_ops { @@ -3671,10 +3682,10 @@ index b82dcae..44ee5b6 100644 cpuidle_coupled_parallel_barrier(dev, &abort_barrier); diff --git a/arch/arm/mach-ux500/setup.h b/arch/arm/mach-ux500/setup.h -index bdb3564..cebb96f 100644 +index 2dea8b5..6499da2 100644 --- a/arch/arm/mach-ux500/setup.h +++ b/arch/arm/mach-ux500/setup.h -@@ -39,13 +39,6 @@ extern void ux500_timer_init(void); +@@ -33,13 +33,6 @@ extern void ux500_timer_init(void); .type = MT_DEVICE, \ } @@ -3682,26 +3693,25 @@ index bdb3564..cebb96f 100644 - .virtual = IO_ADDRESS(x), \ - .pfn = __phys_to_pfn(x), \ - .length = sz, \ -- .type = MT_MEMORY, \ +- .type = MT_MEMORY_RWX, \ -} - extern struct smp_operations ux500_smp_ops; extern void ux500_cpu_die(unsigned int cpu); diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig -index 1f8fed9..14d7823 100644 +index ca8ecde..58ba893 100644 --- a/arch/arm/mm/Kconfig +++ b/arch/arm/mm/Kconfig -@@ -446,7 +446,7 @@ config CPU_32v5 +@@ -446,6 +446,7 @@ config CPU_32v5 config CPU_32v6 bool -- select CPU_USE_DOMAINS if CPU_V6 && MMU + select CPU_USE_DOMAINS if CPU_V6 && MMU && !PAX_KERNEXEC && !PAX_MEMORY_UDEREF select TLS_REG_EMUL if !CPU_32v6K && !MMU config CPU_32v6K -@@ -601,6 +601,7 @@ config CPU_CP15_MPU +@@ -600,6 +601,7 @@ config CPU_CP15_MPU config CPU_USE_DOMAINS bool @@ -3709,7 +3719,7 @@ index 1f8fed9..14d7823 100644 help This option enables or disables the use of domain switching via the set_fs() function. -@@ -800,6 +801,7 @@ config NEED_KUSER_HELPERS +@@ -799,6 +801,7 @@ config NEED_KUSER_HELPERS config KUSER_HELPERS bool "Enable kuser helpers in vector page" if !NEED_KUSER_HELPERS default y @@ -3717,7 +3727,7 @@ index 1f8fed9..14d7823 100644 help Warning: disabling this option may break user programs. -@@ -812,7 +814,7 @@ config KUSER_HELPERS +@@ -811,7 +814,7 @@ config KUSER_HELPERS See Documentation/arm/kernel_user_helpers.txt for details. However, the fixed address nature of these helpers can be used @@ -3792,10 +3802,10 @@ index 9240364..a2b8cf3 100644 goto fault; \ } while (0) diff --git a/arch/arm/mm/cache-l2x0.c b/arch/arm/mm/cache-l2x0.c -index 447da6f..77a5057 100644 +index 7abde2c..9df495f 100644 --- a/arch/arm/mm/cache-l2x0.c +++ b/arch/arm/mm/cache-l2x0.c -@@ -45,7 +45,7 @@ struct l2x0_of_data { +@@ -46,7 +46,7 @@ struct l2x0_of_data { void (*setup)(const struct device_node *, u32 *, u32 *); void (*save)(void); struct outer_cache_fns outer_cache; @@ -3805,7 +3815,7 @@ index 447da6f..77a5057 100644 static bool of_init = false; diff --git a/arch/arm/mm/context.c b/arch/arm/mm/context.c -index 84e6f77..0b52f31 100644 +index 6eb97b3..ac509f6 100644 --- a/arch/arm/mm/context.c +++ b/arch/arm/mm/context.c @@ -43,7 +43,7 @@ @@ -3817,25 +3827,25 @@ index 84e6f77..0b52f31 100644 static DECLARE_BITMAP(asid_map, NUM_USER_ASIDS); static DEFINE_PER_CPU(atomic64_t, active_asids); -@@ -180,7 +180,7 @@ static int is_reserved_asid(u64 asid) - static u64 new_context(struct mm_struct *mm, unsigned int cpu) +@@ -182,7 +182,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) { + static u32 cur_idx = 1; u64 asid = atomic64_read(&mm->context.id); - u64 generation = atomic64_read(&asid_generation); + u64 generation = atomic64_read_unchecked(&asid_generation); if (asid != 0 && is_reserved_asid(asid)) { /* -@@ -198,7 +198,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) +@@ -203,7 +203,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) */ - asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, 1); + asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, cur_idx); if (asid == NUM_USER_ASIDS) { - generation = atomic64_add_return(ASID_FIRST_VERSION, + generation = atomic64_add_return_unchecked(ASID_FIRST_VERSION, &asid_generation); flush_context(cpu); asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, 1); -@@ -227,14 +227,14 @@ void check_and_switch_context(struct mm_struct *mm, struct task_struct *tsk) +@@ -234,14 +234,14 @@ void check_and_switch_context(struct mm_struct *mm, struct task_struct *tsk) cpu_set_reserved_ttbr0(); asid = atomic64_read(&mm->context.id); @@ -4097,7 +4107,7 @@ index cf08bdf..772656c 100644 unsigned long search_exception_table(unsigned long addr); diff --git a/arch/arm/mm/init.c b/arch/arm/mm/init.c -index 3e8f106..a0a1fe4 100644 +index 804d615..fcec50a 100644 --- a/arch/arm/mm/init.c +++ b/arch/arm/mm/init.c @@ -30,6 +30,8 @@ @@ -4109,7 +4119,7 @@ index 3e8f106..a0a1fe4 100644 #include <asm/mach/arch.h> #include <asm/mach/map.h> -@@ -681,7 +683,46 @@ void free_initmem(void) +@@ -625,7 +627,46 @@ void free_initmem(void) { #ifdef CONFIG_HAVE_TCM extern char __tcm_start, __tcm_end; @@ -4157,18 +4167,18 @@ index 3e8f106..a0a1fe4 100644 free_reserved_area(&__tcm_start, &__tcm_end, -1, "TCM link"); #endif diff --git a/arch/arm/mm/ioremap.c b/arch/arm/mm/ioremap.c -index f123d6e..04bf569 100644 +index f9c32ba..8540068 100644 --- a/arch/arm/mm/ioremap.c +++ b/arch/arm/mm/ioremap.c @@ -392,9 +392,9 @@ __arm_ioremap_exec(phys_addr_t phys_addr, size_t size, bool cached) unsigned int mtype; if (cached) -- mtype = MT_MEMORY; +- mtype = MT_MEMORY_RWX; + mtype = MT_MEMORY_RX; else -- mtype = MT_MEMORY_NONCACHED; -+ mtype = MT_MEMORY_NONCACHED_RX; +- mtype = MT_MEMORY_RWX_NONCACHED; ++ mtype = MT_MEMORY_RX_NONCACHED; return __arm_ioremap_caller(phys_addr, size, mtype, __builtin_return_address(0)); @@ -4284,10 +4294,10 @@ index 5e85ed3..b10a7ed 100644 } } diff --git a/arch/arm/mm/mmu.c b/arch/arm/mm/mmu.c -index 911d433..8580952 100644 +index b68c6b2..f66c492 100644 --- a/arch/arm/mm/mmu.c +++ b/arch/arm/mm/mmu.c -@@ -38,6 +38,22 @@ +@@ -39,6 +39,22 @@ #include "mm.h" #include "tcm.h" @@ -4310,12 +4320,7 @@ index 911d433..8580952 100644 /* * empty_zero_page is a special page that is used for * zero-initialized data and COW. -@@ -230,11 +246,19 @@ __setup("noalign", noalign_setup); - - #endif /* ifdef CONFIG_CPU_CP15 / else */ - --#define PROT_PTE_DEVICE L_PTE_PRESENT|L_PTE_YOUNG|L_PTE_DIRTY|L_PTE_XN -+#define PROT_PTE_DEVICE L_PTE_PRESENT|L_PTE_YOUNG|L_PTE_DIRTY +@@ -235,7 +251,15 @@ __setup("noalign", noalign_setup); #define PROT_PTE_S2_DEVICE PROT_PTE_DEVICE #define PROT_SECT_DEVICE PMD_TYPE_SECT|PMD_SECT_AP_WRITE @@ -4332,27 +4337,32 @@ index 911d433..8580952 100644 [MT_DEVICE] = { /* Strongly ordered / ARMv6 shared device */ .prot_pte = PROT_PTE_DEVICE | L_PTE_MT_DEV_SHARED | L_PTE_SHARED, -@@ -266,16 +290,16 @@ static struct mem_type mem_types[] = { - [MT_UNCACHED] = { +@@ -264,19 +288,19 @@ static struct mem_type mem_types[] = { + .prot_sect = PROT_SECT_DEVICE, + .domain = DOMAIN_IO, + }, +- [MT_UNCACHED] = { ++ [MT_UNCACHED_RW] = { .prot_pte = PROT_PTE_DEVICE, .prot_l1 = PMD_TYPE_TABLE, -- .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN, -+ .prot_sect = PROT_SECT_DEVICE, + .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN, .domain = DOMAIN_IO, }, - [MT_CACHECLEAN] = { +- [MT_CACHECLEAN] = { - .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN, -+ .prot_sect = PMD_TYPE_SECT | PMD_SECT_RDONLY, ++ [MT_CACHECLEAN_RO] = { ++ .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN | PMD_SECT_RDONLY, .domain = DOMAIN_KERNEL, }, #ifndef CONFIG_ARM_LPAE - [MT_MINICLEAN] = { +- [MT_MINICLEAN] = { - .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN | PMD_SECT_MINICACHE, -+ .prot_sect = PMD_TYPE_SECT | PMD_SECT_MINICACHE | PMD_SECT_RDONLY, ++ [MT_MINICLEAN_RO] = { ++ .prot_sect = PMD_TYPE_SECT | PMD_SECT_MINICACHE | PMD_SECT_XN | PMD_SECT_RDONLY, .domain = DOMAIN_KERNEL, }, #endif -@@ -283,36 +307,54 @@ static struct mem_type mem_types[] = { +@@ -284,15 +308,15 @@ static struct mem_type mem_types[] = { .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | L_PTE_RDONLY, .prot_l1 = PMD_TYPE_TABLE, @@ -4366,161 +4376,123 @@ index 911d433..8580952 100644 - .domain = DOMAIN_USER, + .domain = DOMAIN_VECTORS, }, -- [MT_MEMORY] = { -+ [MT_MEMORY_RWX] = { +- [MT_MEMORY_RWX] = { ++ [__MT_MEMORY_RWX] = { .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY, .prot_l1 = PMD_TYPE_TABLE, .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, +@@ -305,17 +329,30 @@ static struct mem_type mem_types[] = { + .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, .domain = DOMAIN_KERNEL, }, -+ [MT_MEMORY_RW] = { -+ .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY, -+ .prot_l1 = PMD_TYPE_TABLE, -+ .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, -+ .domain = DOMAIN_KERNEL, -+ }, +- [MT_ROM] = { +- .prot_sect = PMD_TYPE_SECT, + [MT_MEMORY_RX] = { + .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_KERNEXEC, + .prot_l1 = PMD_TYPE_TABLE, + .prot_sect = PMD_TYPE_SECT | PMD_SECT_KERNEXEC, + .domain = DOMAIN_KERNEL, + }, - [MT_ROM] = { -- .prot_sect = PMD_TYPE_SECT, ++ [MT_ROM_RX] = { + .prot_sect = PMD_TYPE_SECT | PMD_SECT_RDONLY, .domain = DOMAIN_KERNEL, }, -- [MT_MEMORY_NONCACHED] = { -+ [MT_MEMORY_NONCACHED_RW] = { +- [MT_MEMORY_RWX_NONCACHED] = { ++ [MT_MEMORY_RW_NONCACHED] = { .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | L_PTE_MT_BUFFERABLE, .prot_l1 = PMD_TYPE_TABLE, .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE, .domain = DOMAIN_KERNEL, }, -+ [MT_MEMORY_NONCACHED_RX] = { ++ [MT_MEMORY_RX_NONCACHED] = { + .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_KERNEXEC | + L_PTE_MT_BUFFERABLE, + .prot_l1 = PMD_TYPE_TABLE, + .prot_sect = PMD_TYPE_SECT | PMD_SECT_KERNEXEC, + .domain = DOMAIN_KERNEL, + }, - [MT_MEMORY_DTCM] = { -- .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | -- L_PTE_XN, -+ .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY, - .prot_l1 = PMD_TYPE_TABLE, -- .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN, -+ .prot_sect = PMD_TYPE_SECT | PMD_SECT_RDONLY, + [MT_MEMORY_RW_DTCM] = { + .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | + L_PTE_XN, +@@ -323,9 +360,10 @@ static struct mem_type mem_types[] = { + .prot_sect = PMD_TYPE_SECT | PMD_SECT_XN, .domain = DOMAIN_KERNEL, }, - [MT_MEMORY_ITCM] = { -@@ -322,10 +364,10 @@ static struct mem_type mem_types[] = { - }, - [MT_MEMORY_SO] = { - .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY | -- L_PTE_MT_UNCACHED | L_PTE_XN, -+ L_PTE_MT_UNCACHED, +- [MT_MEMORY_RWX_ITCM] = { +- .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_DIRTY, ++ [MT_MEMORY_RX_ITCM] = { ++ .prot_pte = L_PTE_PRESENT | L_PTE_YOUNG | L_PTE_KERNEXEC, .prot_l1 = PMD_TYPE_TABLE, - .prot_sect = PMD_TYPE_SECT | PMD_SECT_AP_WRITE | PMD_SECT_S | -- PMD_SECT_UNCACHED | PMD_SECT_XN, -+ PMD_SECT_UNCACHED, ++ .prot_sect = PMD_TYPE_SECT | PMD_SECT_KERNEXEC, .domain = DOMAIN_KERNEL, }, - [MT_MEMORY_DMA_READY] = { -@@ -411,9 +453,35 @@ static void __init build_mem_type_table(void) - * to prevent speculative instruction fetches. - */ - mem_types[MT_DEVICE].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_DEVICE].prot_pte |= L_PTE_XN; - mem_types[MT_DEVICE_NONSHARED].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_DEVICE_NONSHARED].prot_pte |= L_PTE_XN; - mem_types[MT_DEVICE_CACHED].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_DEVICE_CACHED].prot_pte |= L_PTE_XN; - mem_types[MT_DEVICE_WC].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_DEVICE_WC].prot_pte |= L_PTE_XN; -+ -+ /* Mark other regions on ARMv6+ as execute-never */ -+ -+#ifdef CONFIG_PAX_KERNEXEC -+ mem_types[MT_UNCACHED].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_UNCACHED].prot_pte |= L_PTE_XN; -+ mem_types[MT_CACHECLEAN].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_CACHECLEAN].prot_pte |= L_PTE_XN; -+#ifndef CONFIG_ARM_LPAE -+ mem_types[MT_MINICLEAN].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_MINICLEAN].prot_pte |= L_PTE_XN; -+#endif -+ mem_types[MT_MEMORY_RW].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_MEMORY_RW].prot_pte |= L_PTE_XN; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_pte |= PMD_SECT_XN; -+ mem_types[MT_MEMORY_DTCM].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_MEMORY_DTCM].prot_pte |= L_PTE_XN; -+#endif -+ -+ mem_types[MT_MEMORY_SO].prot_sect |= PMD_SECT_XN; -+ mem_types[MT_MEMORY_SO].prot_pte |= L_PTE_XN; - } - if (cpu_arch >= CPU_ARCH_ARMv7 && (cr & CR_TRE)) { - /* -@@ -475,6 +543,9 @@ static void __init build_mem_type_table(void) + [MT_MEMORY_RW_SO] = { +@@ -534,9 +572,14 @@ static void __init build_mem_type_table(void) + * Mark cache clean areas and XIP ROM read only * from SVC mode and no access from userspace. */ - mem_types[MT_ROM].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; +- mem_types[MT_ROM].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; +- mem_types[MT_MINICLEAN].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; +- mem_types[MT_CACHECLEAN].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; ++ mem_types[MT_ROM_RX].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; +#ifdef CONFIG_PAX_KERNEXEC + mem_types[MT_MEMORY_RX].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; ++ mem_types[MT_MEMORY_RX_ITCM].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; +#endif - mem_types[MT_MINICLEAN].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; - mem_types[MT_CACHECLEAN].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; ++ mem_types[MT_MINICLEAN_RO].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; ++ mem_types[MT_CACHECLEAN_RO].prot_sect |= PMD_SECT_APX|PMD_SECT_AP_WRITE; #endif -@@ -492,11 +563,17 @@ static void __init build_mem_type_table(void) + + if (is_smp()) { +@@ -552,13 +595,17 @@ static void __init build_mem_type_table(void) mem_types[MT_DEVICE_WC].prot_pte |= L_PTE_SHARED; mem_types[MT_DEVICE_CACHED].prot_sect |= PMD_SECT_S; mem_types[MT_DEVICE_CACHED].prot_pte |= L_PTE_SHARED; -- mem_types[MT_MEMORY].prot_sect |= PMD_SECT_S; -- mem_types[MT_MEMORY].prot_pte |= L_PTE_SHARED; -+ mem_types[MT_MEMORY_RWX].prot_sect |= PMD_SECT_S; -+ mem_types[MT_MEMORY_RWX].prot_pte |= L_PTE_SHARED; -+ mem_types[MT_MEMORY_RW].prot_sect |= PMD_SECT_S; -+ mem_types[MT_MEMORY_RW].prot_pte |= L_PTE_SHARED; +- mem_types[MT_MEMORY_RWX].prot_sect |= PMD_SECT_S; +- mem_types[MT_MEMORY_RWX].prot_pte |= L_PTE_SHARED; ++ mem_types[__MT_MEMORY_RWX].prot_sect |= PMD_SECT_S; ++ mem_types[__MT_MEMORY_RWX].prot_pte |= L_PTE_SHARED; + mem_types[MT_MEMORY_RW].prot_sect |= PMD_SECT_S; + mem_types[MT_MEMORY_RW].prot_pte |= L_PTE_SHARED; + mem_types[MT_MEMORY_RX].prot_sect |= PMD_SECT_S; + mem_types[MT_MEMORY_RX].prot_pte |= L_PTE_SHARED; mem_types[MT_MEMORY_DMA_READY].prot_pte |= L_PTE_SHARED; -- mem_types[MT_MEMORY_NONCACHED].prot_sect |= PMD_SECT_S; -- mem_types[MT_MEMORY_NONCACHED].prot_pte |= L_PTE_SHARED; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= PMD_SECT_S; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_pte |= L_PTE_SHARED; -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_sect |= PMD_SECT_S; -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_pte |= L_PTE_SHARED; +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_sect |= PMD_SECT_S; +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_pte |= L_PTE_SHARED; ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_sect |= PMD_SECT_S; ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_pte |= L_PTE_SHARED; ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= PMD_SECT_S; ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_pte |= L_PTE_SHARED; } } -@@ -507,15 +584,20 @@ static void __init build_mem_type_table(void) +@@ -569,15 +616,20 @@ static void __init build_mem_type_table(void) if (cpu_arch >= CPU_ARCH_ARMv6) { if (cpu_arch >= CPU_ARCH_ARMv7 && (cr & CR_TRE)) { /* Non-cacheable Normal is XCB = 001 */ -- mem_types[MT_MEMORY_NONCACHED].prot_sect |= -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_sect |= ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_sect |= + PMD_SECT_BUFFERED; -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_sect |= ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= PMD_SECT_BUFFERED; } else { /* For both ARMv6 and non-TEX-remapping ARMv7 */ -- mem_types[MT_MEMORY_NONCACHED].prot_sect |= -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_sect |= ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_sect |= + PMD_SECT_TEX(1); -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_sect |= ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= PMD_SECT_TEX(1); } } else { -- mem_types[MT_MEMORY_NONCACHED].prot_sect |= PMD_SECT_BUFFERABLE; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= PMD_SECT_BUFFERABLE; -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_sect |= PMD_SECT_BUFFERABLE; +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_sect |= PMD_SECT_BUFFERABLE; ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_sect |= PMD_SECT_BUFFERABLE; ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= PMD_SECT_BUFFERABLE; } #ifdef CONFIG_ARM_LPAE -@@ -531,6 +613,8 @@ static void __init build_mem_type_table(void) +@@ -593,6 +645,8 @@ static void __init build_mem_type_table(void) vecs_pgprot |= PTE_EXT_AF; #endif @@ -4529,26 +4501,47 @@ index 911d433..8580952 100644 for (i = 0; i < 16; i++) { pteval_t v = pgprot_val(protection_map[i]); protection_map[i] = __pgprot(v | user_pgprot); -@@ -548,10 +632,15 @@ static void __init build_mem_type_table(void) +@@ -610,21 +664,24 @@ static void __init build_mem_type_table(void) mem_types[MT_LOW_VECTORS].prot_l1 |= ecc_mask; mem_types[MT_HIGH_VECTORS].prot_l1 |= ecc_mask; -- mem_types[MT_MEMORY].prot_sect |= ecc_mask | cp->pmd; -- mem_types[MT_MEMORY].prot_pte |= kern_pgprot; -+ mem_types[MT_MEMORY_RWX].prot_sect |= ecc_mask | cp->pmd; -+ mem_types[MT_MEMORY_RWX].prot_pte |= kern_pgprot; -+ mem_types[MT_MEMORY_RW].prot_sect |= ecc_mask | cp->pmd; -+ mem_types[MT_MEMORY_RW].prot_pte |= kern_pgprot; +- mem_types[MT_MEMORY_RWX].prot_sect |= ecc_mask | cp->pmd; +- mem_types[MT_MEMORY_RWX].prot_pte |= kern_pgprot; ++ mem_types[__MT_MEMORY_RWX].prot_sect |= ecc_mask | cp->pmd; ++ mem_types[__MT_MEMORY_RWX].prot_pte |= kern_pgprot; + mem_types[MT_MEMORY_RW].prot_sect |= ecc_mask | cp->pmd; + mem_types[MT_MEMORY_RW].prot_pte |= kern_pgprot; + mem_types[MT_MEMORY_RX].prot_sect |= ecc_mask | cp->pmd; + mem_types[MT_MEMORY_RX].prot_pte |= kern_pgprot; mem_types[MT_MEMORY_DMA_READY].prot_pte |= kern_pgprot; -- mem_types[MT_MEMORY_NONCACHED].prot_sect |= ecc_mask; -+ mem_types[MT_MEMORY_NONCACHED_RW].prot_sect |= ecc_mask; -+ mem_types[MT_MEMORY_NONCACHED_RX].prot_sect |= ecc_mask; - mem_types[MT_ROM].prot_sect |= cp->pmd; +- mem_types[MT_MEMORY_RWX_NONCACHED].prot_sect |= ecc_mask; +- mem_types[MT_ROM].prot_sect |= cp->pmd; ++ mem_types[MT_MEMORY_RW_NONCACHED].prot_sect |= ecc_mask; ++ mem_types[MT_MEMORY_RX_NONCACHED].prot_sect |= ecc_mask; ++ mem_types[MT_ROM_RX].prot_sect |= cp->pmd; switch (cp->pmd) { -@@ -1193,18 +1282,15 @@ void __init arm_mm_memblock_reserve(void) + case PMD_SECT_WT: +- mem_types[MT_CACHECLEAN].prot_sect |= PMD_SECT_WT; ++ mem_types[MT_CACHECLEAN_RO].prot_sect |= PMD_SECT_WT; + break; + case PMD_SECT_WB: + case PMD_SECT_WBWA: +- mem_types[MT_CACHECLEAN].prot_sect |= PMD_SECT_WB; ++ mem_types[MT_CACHECLEAN_RO].prot_sect |= PMD_SECT_WB; + break; + } + pr_info("Memory policy: %sData cache %s\n", +@@ -842,7 +899,7 @@ static void __init create_mapping(struct map_desc *md) + return; + } + +- if ((md->type == MT_DEVICE || md->type == MT_ROM) && ++ if ((md->type == MT_DEVICE || md->type == MT_ROM_RX) && + md->virtual >= PAGE_OFFSET && + (md->virtual < VMALLOC_START || md->virtual >= VMALLOC_END)) { + printk(KERN_WARNING "BUG: mapping for 0x%08llx" +@@ -1257,18 +1314,15 @@ void __init arm_mm_memblock_reserve(void) * called function. This means you can't use any function or debugging * method which may touch any device, otherwise the kernel _will_ crash. */ @@ -4571,7 +4564,33 @@ index 911d433..8580952 100644 for (addr = VMALLOC_START; addr; addr += PMD_SIZE) pmd_clear(pmd_off_k(addr)); -@@ -1244,7 +1330,7 @@ static void __init devicemaps_init(const struct machine_desc *mdesc) +@@ -1281,7 +1335,7 @@ static void __init devicemaps_init(const struct machine_desc *mdesc) + map.pfn = __phys_to_pfn(CONFIG_XIP_PHYS_ADDR & SECTION_MASK); + map.virtual = MODULES_VADDR; + map.length = ((unsigned long)_etext - map.virtual + ~SECTION_MASK) & SECTION_MASK; +- map.type = MT_ROM; ++ map.type = MT_ROM_RX; + create_mapping(&map); + #endif + +@@ -1292,14 +1346,14 @@ static void __init devicemaps_init(const struct machine_desc *mdesc) + map.pfn = __phys_to_pfn(FLUSH_BASE_PHYS); + map.virtual = FLUSH_BASE; + map.length = SZ_1M; +- map.type = MT_CACHECLEAN; ++ map.type = MT_CACHECLEAN_RO; + create_mapping(&map); + #endif + #ifdef FLUSH_BASE_MINICACHE + map.pfn = __phys_to_pfn(FLUSH_BASE_PHYS + SZ_1M); + map.virtual = FLUSH_BASE_MINICACHE; + map.length = SZ_1M; +- map.type = MT_MINICLEAN; ++ map.type = MT_MINICLEAN_RO; + create_mapping(&map); + #endif + +@@ -1308,7 +1362,7 @@ static void __init devicemaps_init(const struct machine_desc *mdesc) * location (0xffff0000). If we aren't using high-vectors, also * create a mapping at the low-vectors virtual address. */ @@ -4580,13 +4599,26 @@ index 911d433..8580952 100644 map.virtual = 0xffff0000; map.length = PAGE_SIZE; #ifdef CONFIG_KUSER_HELPERS -@@ -1316,8 +1402,39 @@ static void __init map_lowmem(void) - map.pfn = __phys_to_pfn(start); - map.virtual = __phys_to_virt(start); - map.length = end - start; -- map.type = MT_MEMORY; +@@ -1365,8 +1419,10 @@ static void __init kmap_init(void) + static void __init map_lowmem(void) + { + struct memblock_region *reg; ++#ifndef CONFIG_PAX_KERNEXEC + unsigned long kernel_x_start = round_down(__pa(_stext), SECTION_SIZE); + unsigned long kernel_x_end = round_up(__pa(__init_end), SECTION_SIZE); ++#endif + + /* Map all the lowmem memory banks. */ + for_each_memblock(memory, reg) { +@@ -1379,11 +1435,48 @@ static void __init map_lowmem(void) + if (start >= end) + break; +#ifdef CONFIG_PAX_KERNEXEC ++ map.pfn = __phys_to_pfn(start); ++ map.virtual = __phys_to_virt(start); ++ map.length = end - start; ++ + if (map.virtual <= (unsigned long)_stext && ((unsigned long)_end < (map.virtual + map.length))) { + struct map_desc kernel; + struct map_desc initmap; @@ -4595,19 +4627,19 @@ index 911d433..8580952 100644 + initmap.pfn = __phys_to_pfn(__pa(__init_begin)); + initmap.virtual = (unsigned long)__init_begin; + initmap.length = _sdata - __init_begin; -+ initmap.type = MT_MEMORY_RWX; ++ initmap.type = __MT_MEMORY_RWX; + create_mapping(&initmap); + + /* when freeing initmem we will make this RX */ + kernel.pfn = __phys_to_pfn(__pa(_stext)); + kernel.virtual = (unsigned long)_stext; + kernel.length = __init_begin - _stext; -+ kernel.type = MT_MEMORY_RWX; ++ kernel.type = __MT_MEMORY_RWX; + create_mapping(&kernel); + + if (map.virtual < (unsigned long)_stext) { + map.length = (unsigned long)_stext - map.virtual; -+ map.type = MT_MEMORY_RWX; ++ map.type = __MT_MEMORY_RWX; + create_mapping(&map); + } + @@ -4615,12 +4647,49 @@ index 911d433..8580952 100644 + map.virtual = (unsigned long)_sdata; + map.length = end - __pa(_sdata); + } -+#endif + + map.type = MT_MEMORY_RW; - create_mapping(&map); ++ create_mapping(&map); ++#else + if (end < kernel_x_start || start >= kernel_x_end) { + map.pfn = __phys_to_pfn(start); + map.virtual = __phys_to_virt(start); + map.length = end - start; +- map.type = MT_MEMORY_RWX; ++ map.type = __MT_MEMORY_RWX; + + create_mapping(&map); + } else { +@@ -1400,7 +1493,7 @@ static void __init map_lowmem(void) + map.pfn = __phys_to_pfn(kernel_x_start); + map.virtual = __phys_to_virt(kernel_x_start); + map.length = kernel_x_end - kernel_x_start; +- map.type = MT_MEMORY_RWX; ++ map.type = __MT_MEMORY_RWX; + + create_mapping(&map); + +@@ -1413,6 +1506,7 @@ static void __init map_lowmem(void) + create_mapping(&map); + } + } ++#endif } } + +diff --git a/arch/arm/plat-iop/setup.c b/arch/arm/plat-iop/setup.c +index 5b217f4..c23f40e 100644 +--- a/arch/arm/plat-iop/setup.c ++++ b/arch/arm/plat-iop/setup.c +@@ -24,7 +24,7 @@ static struct map_desc iop3xx_std_desc[] __initdata = { + .virtual = IOP3XX_PERIPHERAL_VIRT_BASE, + .pfn = __phys_to_pfn(IOP3XX_PERIPHERAL_PHYS_BASE), + .length = IOP3XX_PERIPHERAL_SIZE, +- .type = MT_UNCACHED, ++ .type = MT_UNCACHED_RW, + }, + }; + diff --git a/arch/arm/plat-omap/sram.c b/arch/arm/plat-omap/sram.c index a5bc92d..0bb4730 100644 --- a/arch/arm/plat-omap/sram.c @@ -4648,7 +4717,7 @@ index ce6d763..cfea917 100644 extern void *samsung_dmadev_get_ops(void); extern void *s3c_dma_get_ops(void); diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h -index 7ecc2b2..5e56c66 100644 +index 6c0f684..5faea9d 100644 --- a/arch/arm64/include/asm/uaccess.h +++ b/arch/arm64/include/asm/uaccess.h @@ -99,6 +99,7 @@ static inline void set_fs(mm_segment_t fs) @@ -4657,8 +4726,8 @@ index 7ecc2b2..5e56c66 100644 +#define access_ok_noprefault(type, addr, size) access_ok((type), (addr), (size)) #define access_ok(type, addr, size) __range_ok(addr, size) + #define user_addr_max get_fs - /* diff --git a/arch/avr32/include/asm/cache.h b/arch/avr32/include/asm/cache.h index c3a58a1..78fbf54 100644 --- a/arch/avr32/include/asm/cache.h @@ -4909,10 +4978,10 @@ index f4ca594..adc72fd6 100644 #define __cacheline_aligned __aligned(L1_CACHE_BYTES) #define ____cacheline_aligned __aligned(L1_CACHE_BYTES) diff --git a/arch/ia64/Kconfig b/arch/ia64/Kconfig -index 4e4119b..dd7de0a 100644 +index 0c8e553..112d734 100644 --- a/arch/ia64/Kconfig +++ b/arch/ia64/Kconfig -@@ -554,6 +554,7 @@ source "drivers/sn/Kconfig" +@@ -544,6 +544,7 @@ source "drivers/sn/Kconfig" config KEXEC bool "kexec system call" depends on !IA64_HP_SIM && (!SMP || HOTPLUG_CPU) @@ -5264,10 +5333,10 @@ index 41e33f8..65180b2a 100644 } diff --git a/arch/ia64/kernel/vmlinux.lds.S b/arch/ia64/kernel/vmlinux.lds.S -index 0ccb28f..8992469 100644 +index 84f8a52..7c76178 100644 --- a/arch/ia64/kernel/vmlinux.lds.S +++ b/arch/ia64/kernel/vmlinux.lds.S -@@ -198,7 +198,7 @@ SECTIONS { +@@ -192,7 +192,7 @@ SECTIONS { /* Per-cpu data: */ . = ALIGN(PERCPU_PAGE_SIZE); PERCPU_VADDR(SMP_CACHE_BYTES, PERCPU_ADDR, :percpu) @@ -5348,7 +5417,7 @@ index 68232db..6ca80af 100644 } diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c -index 88504ab..cbb6c9f 100644 +index 25c3502..560dae7 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -120,6 +120,19 @@ ia64_init_addr_space (void) @@ -5459,10 +5528,10 @@ index 4efe96a..60e8699 100644 #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig -index 650de39..6982b02 100644 +index 95fa1f1..56a6fa2 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig -@@ -2268,6 +2268,7 @@ source "kernel/Kconfig.preempt" +@@ -2298,6 +2298,7 @@ source "kernel/Kconfig.preempt" config KEXEC bool "Kexec system call" @@ -6408,10 +6477,10 @@ index b4db69f..8f3b093 100644 #define SMP_CACHE_SHIFT L1_CACHE_SHIFT #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/mips/include/asm/elf.h b/arch/mips/include/asm/elf.h -index a66359e..d3d474a 100644 +index d414405..6bb4ba2 100644 --- a/arch/mips/include/asm/elf.h +++ b/arch/mips/include/asm/elf.h -@@ -373,13 +373,16 @@ extern const char *__elf_platform; +@@ -398,13 +398,16 @@ extern const char *__elf_platform; #define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) #endif @@ -6444,64 +6513,6 @@ index c1f6afa..38cc6e9 100644 +#define arch_align_stack(x) ((x) & ~0xfUL) #endif /* _ASM_EXEC_H */ -diff --git a/arch/mips/include/asm/ftrace.h b/arch/mips/include/asm/ftrace.h -index ce35c9a..434321c 100644 ---- a/arch/mips/include/asm/ftrace.h -+++ b/arch/mips/include/asm/ftrace.h -@@ -22,12 +22,12 @@ extern void _mcount(void); - #define safe_load(load, src, dst, error) \ - do { \ - asm volatile ( \ -- "1: " load " %[" STR(dst) "], 0(%[" STR(src) "])\n"\ -- " li %[" STR(error) "], 0\n" \ -+ "1: " load " %[dest], 0(%[source])\n" \ -+ " li %[err], 0\n" \ - "2:\n" \ - \ - ".section .fixup, \"ax\"\n" \ -- "3: li %[" STR(error) "], 1\n" \ -+ "3: li %[err], 1\n" \ - " j 2b\n" \ - ".previous\n" \ - \ -@@ -35,8 +35,8 @@ do { \ - STR(PTR) "\t1b, 3b\n\t" \ - ".previous\n" \ - \ -- : [dst] "=&r" (dst), [error] "=r" (error)\ -- : [src] "r" (src) \ -+ : [dest] "=&r" (dst), [err] "=r" (error)\ -+ : [source] "r" (src) \ - : "memory" \ - ); \ - } while (0) -@@ -44,12 +44,12 @@ do { \ - #define safe_store(store, src, dst, error) \ - do { \ - asm volatile ( \ -- "1: " store " %[" STR(src) "], 0(%[" STR(dst) "])\n"\ -- " li %[" STR(error) "], 0\n" \ -+ "1: " store " %[source], 0(%[dest])\n"\ -+ " li %[err], 0\n" \ - "2:\n" \ - \ - ".section .fixup, \"ax\"\n" \ -- "3: li %[" STR(error) "], 1\n" \ -+ "3: li %[err], 1\n" \ - " j 2b\n" \ - ".previous\n" \ - \ -@@ -57,8 +57,8 @@ do { \ - STR(PTR) "\t1b, 3b\n\t" \ - ".previous\n" \ - \ -- : [error] "=r" (error) \ -- : [dst] "r" (dst), [src] "r" (src)\ -+ : [err] "=r" (error) \ -+ : [dest] "r" (dst), [source] "r" (src)\ - : "memory" \ - ); \ - } while (0) diff --git a/arch/mips/include/asm/hw_irq.h b/arch/mips/include/asm/hw_irq.h index 9e8ef59..1139d6b 100644 --- a/arch/mips/include/asm/hw_irq.h @@ -6607,10 +6618,10 @@ index d44622c..64990d2 100644 /** diff --git a/arch/mips/include/asm/page.h b/arch/mips/include/asm/page.h -index f6be474..12ad554 100644 +index 5e08bcc..cfedefc 100644 --- a/arch/mips/include/asm/page.h +++ b/arch/mips/include/asm/page.h -@@ -95,7 +95,7 @@ extern void copy_user_highpage(struct page *to, struct page *from, +@@ -120,7 +120,7 @@ extern void copy_user_highpage(struct page *to, struct page *from, #ifdef CONFIG_CPU_MIPS32 typedef struct { unsigned long pte_low, pte_high; } pte_t; #define pte_val(x) ((x).pte_low | ((unsigned long long)(x).pte_high << 32)) @@ -6661,65 +6672,22 @@ index 25da651..ae2a259 100644 +extern atomic_unchecked_t smtc_fpu_recoveries; #endif /* __ASM_SMTC_PROC_H */ -diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h -index 81c8913..81d8432 100644 ---- a/arch/mips/include/asm/syscall.h -+++ b/arch/mips/include/asm/syscall.h -@@ -29,7 +29,7 @@ static inline long syscall_get_nr(struct task_struct *task, - static inline unsigned long mips_get_syscall_arg(unsigned long *arg, - struct task_struct *task, struct pt_regs *regs, unsigned int n) - { -- unsigned long usp = regs->regs[29]; -+ unsigned long usp __maybe_unused = regs->regs[29]; - - switch (n) { - case 0: case 1: case 2: case 3: -@@ -39,14 +39,14 @@ static inline unsigned long mips_get_syscall_arg(unsigned long *arg, - - #ifdef CONFIG_32BIT - case 4: case 5: case 6: case 7: -- return get_user(*arg, (int *)usp + 4 * n); -+ return get_user(*arg, (int *)usp + n); - #endif - - #ifdef CONFIG_64BIT - case 4: case 5: case 6: case 7: - #ifdef CONFIG_MIPS32_O32 - if (test_thread_flag(TIF_32BIT_REGS)) -- return get_user(*arg, (int *)usp + 4 * n); -+ return get_user(*arg, (int *)usp + n); - else - #endif - *arg = regs->regs[4 + n]; -@@ -83,11 +83,10 @@ static inline void syscall_get_arguments(struct task_struct *task, - unsigned int i, unsigned int n, - unsigned long *args) - { -- unsigned long arg; - int ret; - - while (n--) -- ret |= mips_get_syscall_arg(&arg, task, regs, i++); -+ ret |= mips_get_syscall_arg(args++, task, regs, i++); - - /* - * No way to communicate an error because this is a void function. diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h -index 4f58ef6..5e7081b 100644 +index 24846f9..61c49f0 100644 --- a/arch/mips/include/asm/thread_info.h +++ b/arch/mips/include/asm/thread_info.h -@@ -115,6 +115,8 @@ static inline struct thread_info *current_thread_info(void) - #define TIF_FPUBOUND 24 /* thread bound to FPU-full CPU set */ +@@ -116,6 +116,8 @@ static inline struct thread_info *current_thread_info(void) #define TIF_LOAD_WATCH 25 /* If set, load watch registers */ #define TIF_SYSCALL_TRACEPOINT 26 /* syscall tracepoint instrumentation */ + #define TIF_32BIT_FPREGS 27 /* 32-bit floating point registers */ +/* li takes a 32bit immediate */ +#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ #define TIF_SYSCALL_TRACE 31 /* syscall trace active */ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) -@@ -132,13 +134,14 @@ static inline struct thread_info *current_thread_info(void) - #define _TIF_FPUBOUND (1<<TIF_FPUBOUND) +@@ -134,13 +136,14 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_LOAD_WATCH (1<<TIF_LOAD_WATCH) + #define _TIF_32BIT_FPREGS (1<<TIF_32BIT_FPREGS) #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) +#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) @@ -6734,7 +6702,7 @@ index 4f58ef6..5e7081b 100644 /* work to do on interrupt/exception return */ #define _TIF_WORK_MASK \ -@@ -146,7 +149,7 @@ static inline struct thread_info *current_thread_info(void) +@@ -148,7 +151,7 @@ static inline struct thread_info *current_thread_info(void) /* work to do on any return to u-space */ #define _TIF_ALLWORK_MASK (_TIF_NOHZ | _TIF_WORK_MASK | \ _TIF_WORK_SYSCALL_EXIT | \ @@ -6774,10 +6742,10 @@ index 1188e00..41cf144 100644 #include <linux/module.h> #include <linux/elfcore.h> diff --git a/arch/mips/kernel/binfmt_elfo32.c b/arch/mips/kernel/binfmt_elfo32.c -index 202e581..689ca79 100644 +index 7faf5f2..f3d3cf4 100644 --- a/arch/mips/kernel/binfmt_elfo32.c +++ b/arch/mips/kernel/binfmt_elfo32.c -@@ -56,6 +56,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_NFPREG]; +@@ -70,6 +70,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_NFPREG]; #undef ELF_ET_DYN_BASE #define ELF_ET_DYN_BASE (TASK32_SIZE / 3 * 2) @@ -6791,24 +6759,6 @@ index 202e581..689ca79 100644 #include <asm/processor.h> /* -diff --git a/arch/mips/kernel/ftrace.c b/arch/mips/kernel/ftrace.c -index 185ba25..374ed74 100644 ---- a/arch/mips/kernel/ftrace.c -+++ b/arch/mips/kernel/ftrace.c -@@ -111,11 +111,10 @@ static int ftrace_modify_code_2(unsigned long ip, unsigned int new_code1, - safe_store_code(new_code1, ip, faulted); - if (unlikely(faulted)) - return -EFAULT; -- ip += 4; -- safe_store_code(new_code2, ip, faulted); -+ safe_store_code(new_code2, ip + 4, faulted); - if (unlikely(faulted)) - return -EFAULT; -- flush_icache_range(ip, ip + 8); /* original ip + 12 */ -+ flush_icache_range(ip, ip + 8); - return 0; - } - #endif diff --git a/arch/mips/kernel/i8259.c b/arch/mips/kernel/i8259.c index 2b91fe8..fe4f6b4 100644 --- a/arch/mips/kernel/i8259.c @@ -6836,7 +6786,7 @@ index 44a1f79..2bd6aa3 100644 void __init gt641xx_irq_init(void) diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c -index d1fea7a..45602ea 100644 +index d1fea7a..2e591b0 100644 --- a/arch/mips/kernel/irq.c +++ b/arch/mips/kernel/irq.c @@ -77,17 +77,17 @@ void ack_bad_irq(unsigned int irq) @@ -6860,11 +6810,30 @@ index d1fea7a..45602ea 100644 } void __init init_IRQ(void) +@@ -110,7 +110,10 @@ void __init init_IRQ(void) + #endif + } + ++ + #ifdef DEBUG_STACKOVERFLOW ++extern void gr_handle_kernel_exploit(void); ++ + static inline void check_stack_overflow(void) + { + unsigned long sp; +@@ -126,6 +129,7 @@ static inline void check_stack_overflow(void) + printk("do_IRQ: stack overflow: %ld\n", + sp - sizeof(struct thread_info)); + dump_stack(); ++ gr_handle_kernel_exploit(); + } + } + #else diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c -index ddc7610..8c58f17 100644 +index 6ae540e..b7396dc 100644 --- a/arch/mips/kernel/process.c +++ b/arch/mips/kernel/process.c -@@ -566,15 +566,3 @@ unsigned long get_wchan(struct task_struct *task) +@@ -562,15 +562,3 @@ unsigned long get_wchan(struct task_struct *task) out: return pc; } @@ -6881,10 +6850,10 @@ index ddc7610..8c58f17 100644 - return sp & ALMASK; -} diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c -index b52e1d2..1a3ca09 100644 +index 7da9b76..21578be 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c -@@ -652,6 +652,10 @@ long arch_ptrace(struct task_struct *child, long request, +@@ -658,6 +658,10 @@ long arch_ptrace(struct task_struct *child, long request, return ret; } @@ -6895,7 +6864,7 @@ index b52e1d2..1a3ca09 100644 /* * Notification of system call entry/exit * - triggered by current->work.syscall_trace -@@ -668,6 +672,11 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) +@@ -674,6 +678,11 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) tracehook_report_syscall_entry(regs)) ret = -1; @@ -6984,10 +6953,10 @@ index dfc1b91..11a2c07 100644 diff --git a/arch/mips/kernel/sync-r4k.c b/arch/mips/kernel/sync-r4k.c -index 84536bf..79caa4d 100644 +index c24ad5f..9983ab2 100644 --- a/arch/mips/kernel/sync-r4k.c +++ b/arch/mips/kernel/sync-r4k.c -@@ -21,8 +21,8 @@ +@@ -20,8 +20,8 @@ #include <asm/mipsregs.h> static atomic_t count_start_flag = ATOMIC_INIT(0); @@ -6998,7 +6967,7 @@ index 84536bf..79caa4d 100644 static atomic_t count_reference = ATOMIC_INIT(0); #define COUNTON 100 -@@ -69,13 +69,13 @@ void synchronise_count_master(int cpu) +@@ -68,13 +68,13 @@ void synchronise_count_master(int cpu) for (i = 0; i < NR_LOOPS; i++) { /* slaves loop on '!= 2' */ @@ -7015,7 +6984,7 @@ index 84536bf..79caa4d 100644 /* * Everyone initialises count in the last loop: -@@ -86,11 +86,11 @@ void synchronise_count_master(int cpu) +@@ -85,11 +85,11 @@ void synchronise_count_master(int cpu) /* * Wait for all slaves to leave the synchronization point: */ @@ -7030,7 +6999,7 @@ index 84536bf..79caa4d 100644 } /* Arrange for an interrupt in a short while */ write_c0_compare(read_c0_count() + COUNTON); -@@ -131,8 +131,8 @@ void synchronise_count_slave(int cpu) +@@ -130,8 +130,8 @@ void synchronise_count_slave(int cpu) initcount = atomic_read(&count_reference); for (i = 0; i < NR_LOOPS; i++) { @@ -7041,7 +7010,7 @@ index 84536bf..79caa4d 100644 mb(); /* -@@ -141,8 +141,8 @@ void synchronise_count_slave(int cpu) +@@ -140,8 +140,8 @@ void synchronise_count_slave(int cpu) if (i == NR_LOOPS-1) write_c0_count(initcount); @@ -7053,10 +7022,10 @@ index 84536bf..79caa4d 100644 } /* Arrange for an interrupt in a short while */ diff --git a/arch/mips/kernel/traps.c b/arch/mips/kernel/traps.c -index f9c8746..78b64e3 100644 +index e0b4996..6b43ce7 100644 --- a/arch/mips/kernel/traps.c +++ b/arch/mips/kernel/traps.c -@@ -690,7 +690,18 @@ asmlinkage void do_ov(struct pt_regs *regs) +@@ -691,7 +691,18 @@ asmlinkage void do_ov(struct pt_regs *regs) siginfo_t info; prev_state = exception_enter(); @@ -7459,7 +7428,7 @@ index 47f11c7..3420df2 100644 #define SMP_CACHE_BYTES L1_CACHE_BYTES diff --git a/arch/parisc/include/asm/elf.h b/arch/parisc/include/asm/elf.h -index ad2b503..bdf1651 100644 +index 3391d06..c23a2cc 100644 --- a/arch/parisc/include/asm/elf.h +++ b/arch/parisc/include/asm/elf.h @@ -342,6 +342,13 @@ struct pt_regs; /* forward declaration... */ @@ -7501,7 +7470,7 @@ index f213f5b..0af3e8e 100644 #endif diff --git a/arch/parisc/include/asm/pgtable.h b/arch/parisc/include/asm/pgtable.h -index 34899b5..02dd060 100644 +index 22b89d1..ce34230 100644 --- a/arch/parisc/include/asm/pgtable.h +++ b/arch/parisc/include/asm/pgtable.h @@ -223,6 +223,17 @@ extern void purge_tlb_entries(struct mm_struct *, unsigned long); @@ -7643,74 +7612,77 @@ index 50dfafc..b9fc230 100644 DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", me->arch.unwind_section, table, end, gp); diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c -index 0d3a9d4..20a99b0 100644 +index 31ffa9b..588a798 100644 --- a/arch/parisc/kernel/sys_parisc.c +++ b/arch/parisc/kernel/sys_parisc.c -@@ -33,9 +33,11 @@ - #include <linux/utsname.h> - #include <linux/personality.h> - --static unsigned long get_unshared_area(unsigned long addr, unsigned long len) -+static unsigned long get_unshared_area(unsigned long addr, unsigned long len, -+ unsigned long flags) - { +@@ -89,6 +89,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, + unsigned long task_size = TASK_SIZE; + int do_color_align, last_mmap; struct vm_unmapped_area_info info; -+ unsigned long offset = gr_rand_threadstack_offset(current->mm, NULL, flags); ++ unsigned long offset = gr_rand_threadstack_offset(current->mm, filp, flags); - info.flags = 0; - info.length = len; -@@ -43,6 +45,7 @@ static unsigned long get_unshared_area(unsigned long addr, unsigned long len) - info.high_limit = TASK_SIZE; - info.align_mask = 0; - info.align_offset = 0; -+ info.threadstack_offset = offset; - return vm_unmapped_area(&info); - } + if (len > task_size) + return -ENOMEM; +@@ -106,6 +107,10 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, + goto found_addr; + } -@@ -69,9 +72,10 @@ static unsigned long shared_align_offset(struct file *filp, unsigned long pgoff) - } ++#ifdef CONFIG_PAX_RANDMMAP ++ if (!(mm->pax_flags & MF_PAX_RANDMMAP)) ++#endif ++ + if (addr) { + if (do_color_align && last_mmap) + addr = COLOR_ALIGN(addr, last_mmap, pgoff); +@@ -124,6 +129,7 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, + info.high_limit = mmap_upper_limit(); + info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; + info.align_offset = shared_align_offset(last_mmap, pgoff); ++ info.threadstack_offset = offset; + addr = vm_unmapped_area(&info); - static unsigned long get_shared_area(struct file *filp, unsigned long addr, -- unsigned long len, unsigned long pgoff) -+ unsigned long len, unsigned long pgoff, unsigned long flags) - { + found_addr: +@@ -143,6 +149,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, + unsigned long addr = addr0; + int do_color_align, last_mmap; struct vm_unmapped_area_info info; + unsigned long offset = gr_rand_threadstack_offset(current->mm, filp, flags); - info.flags = 0; - info.length = len; -@@ -79,6 +83,7 @@ static unsigned long get_shared_area(struct file *filp, unsigned long addr, - info.high_limit = TASK_SIZE; - info.align_mask = PAGE_MASK & (SHMLBA - 1); - info.align_offset = shared_align_offset(filp, pgoff); -+ info.threadstack_offset = offset; - return vm_unmapped_area(&info); - } - -@@ -93,13 +98,20 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, - return -EINVAL; - return addr; + #ifdef CONFIG_64BIT + /* This should only ever run for 32-bit processes. */ +@@ -167,6 +174,10 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, } -- if (!addr) -+ if (!addr) { - addr = TASK_UNMAPPED_BASE; + /* requesting a specific address */ +#ifdef CONFIG_PAX_RANDMMAP -+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) -+ addr += current->mm->delta_mmap; ++ if (!(mm->pax_flags & MF_PAX_RANDMMAP)) +#endif + + if (addr) { + if (do_color_align && last_mmap) + addr = COLOR_ALIGN(addr, last_mmap, pgoff); +@@ -184,6 +195,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, + info.high_limit = mm->mmap_base; + info.align_mask = last_mmap ? (PAGE_MASK & (SHM_COLOUR - 1)) : 0; + info.align_offset = shared_align_offset(last_mmap, pgoff); ++ info.threadstack_offset = offset; + addr = vm_unmapped_area(&info); + if (!(addr & ~PAGE_MASK)) + goto found_addr; +@@ -249,6 +261,13 @@ void arch_pick_mmap_layout(struct mm_struct *mm) + mm->mmap_legacy_base = mmap_legacy_base(); + mm->mmap_base = mmap_upper_limit(); + ++#ifdef CONFIG_PAX_RANDMMAP ++ if (mm->pax_flags & MF_PAX_RANDMMAP) { ++ mm->mmap_legacy_base += mm->delta_mmap; ++ mm->mmap_base -= mm->delta_mmap + mm->delta_stack; + } ++#endif + - if (filp || (flags & MAP_SHARED)) -- addr = get_shared_area(filp, addr, len, pgoff); -+ addr = get_shared_area(filp, addr, len, pgoff, flags); - else -- addr = get_unshared_area(addr, len); -+ addr = get_unshared_area(addr, len, flags); - - return addr; - } + if (mmap_is_legacy()) { + mm->mmap_base = mm->mmap_legacy_base; + mm->get_unmapped_area = arch_get_unmapped_area; diff --git a/arch/parisc/kernel/traps.c b/arch/parisc/kernel/traps.c index 1cd1d0c..44ec918 100644 --- a/arch/parisc/kernel/traps.c @@ -7900,10 +7872,10 @@ index 9d08c71..e2b4d20 100644 /* * If for any reason at all we couldn't handle the fault, make diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig -index b44b52c..4cd253c 100644 +index 957bf34..3430cc8 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig -@@ -382,6 +382,7 @@ config ARCH_ENABLE_MEMORY_HOTREMOVE +@@ -393,6 +393,7 @@ config PPC64_SUPPORTS_MEMORY_FAILURE config KEXEC bool "kexec system call" depends on (PPC_BOOK3S || FSL_BOOKE || (44x && !SMP)) @@ -7933,7 +7905,7 @@ index e3b1d41..8e81edf 100644 #endif /* __KERNEL__ */ diff --git a/arch/powerpc/include/asm/cache.h b/arch/powerpc/include/asm/cache.h -index 9e495c9..b6878e5 100644 +index ed0afc1..0332825 100644 --- a/arch/powerpc/include/asm/cache.h +++ b/arch/powerpc/include/asm/cache.h @@ -3,6 +3,7 @@ @@ -8168,7 +8140,7 @@ index 4b0be20..c15a27d 100644 static inline void pmd_populate_kernel(struct mm_struct *mm, pmd_t *pmd, pte_t *pte) diff --git a/arch/powerpc/include/asm/pgtable.h b/arch/powerpc/include/asm/pgtable.h -index 7d6eacf..14c0240 100644 +index 3ebb188..e17dddf 100644 --- a/arch/powerpc/include/asm/pgtable.h +++ b/arch/powerpc/include/asm/pgtable.h @@ -2,6 +2,7 @@ @@ -8177,8 +8149,8 @@ index 7d6eacf..14c0240 100644 +#include <linux/const.h> #ifndef __ASSEMBLY__ + #include <linux/mmdebug.h> #include <asm/processor.h> /* For TASK_SIZE */ - #include <asm/mmu.h> diff --git a/arch/powerpc/include/asm/pte-hash32.h b/arch/powerpc/include/asm/pte-hash32.h index 4aad413..85d86bf 100644 --- a/arch/powerpc/include/asm/pte-hash32.h @@ -8192,10 +8164,10 @@ index 4aad413..85d86bf 100644 #define _PAGE_NO_CACHE 0x020 /* I: cache inhibit */ #define _PAGE_WRITETHRU 0x040 /* W: cache write-through */ diff --git a/arch/powerpc/include/asm/reg.h b/arch/powerpc/include/asm/reg.h -index fa8388e..f985549 100644 +index ce17815..c5574cc 100644 --- a/arch/powerpc/include/asm/reg.h +++ b/arch/powerpc/include/asm/reg.h -@@ -239,6 +239,7 @@ +@@ -249,6 +249,7 @@ #define SPRN_DBCR 0x136 /* e300 Data Breakpoint Control Reg */ #define SPRN_DSISR 0x012 /* Data Storage Interrupt Status Register */ #define DSISR_NOHPTE 0x40000000 /* no translation found */ @@ -8217,28 +8189,19 @@ index 084e080..9415a3d 100644 extern void smp_send_debugger_break(void); extern void start_secondary_resume(void); diff --git a/arch/powerpc/include/asm/thread_info.h b/arch/powerpc/include/asm/thread_info.h -index 9854c56..7517190 100644 +index b034ecd..af7e31f 100644 --- a/arch/powerpc/include/asm/thread_info.h +++ b/arch/powerpc/include/asm/thread_info.h -@@ -91,7 +91,6 @@ static inline struct thread_info *current_thread_info(void) - #define TIF_POLLING_NRFLAG 3 /* true if poll_idle() is polling - TIF_NEED_RESCHED */ - #define TIF_32BIT 4 /* 32 bit binary */ --#define TIF_PERFMON_WORK 5 /* work for pfm_handle_work() */ - #define TIF_PERFMON_CTXSW 6 /* perfmon needs ctxsw calls */ - #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */ - #define TIF_SINGLESTEP 8 /* singlestepping active */ -@@ -108,6 +107,9 @@ static inline struct thread_info *current_thread_info(void) +@@ -107,6 +107,8 @@ static inline struct thread_info *current_thread_info(void) #if defined(CONFIG_PPC64) #define TIF_ELF2ABI 18 /* function descriptors must die! */ #endif -+#define TIF_PERFMON_WORK 19 /* work for pfm_handle_work() */ +/* mask must be expressable within 16 bits to satisfy 'andi' instruction reqs */ -+#define TIF_GRSEC_SETXID 5 /* update credentials on syscall entry/exit */ ++#define TIF_GRSEC_SETXID 6 /* update credentials on syscall entry/exit */ /* as above, but as bit values */ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) -@@ -127,9 +129,10 @@ static inline struct thread_info *current_thread_info(void) +@@ -125,9 +127,10 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) #define _TIF_EMULATE_STACK_STORE (1<<TIF_EMULATE_STACK_STORE) #define _TIF_NOHZ (1<<TIF_NOHZ) @@ -8249,7 +8212,7 @@ index 9854c56..7517190 100644 + _TIF_NOHZ | _TIF_GRSEC_SETXID) #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \ - _TIF_NOTIFY_RESUME | _TIF_UPROBE) + _TIF_NOTIFY_RESUME | _TIF_UPROBE | \ diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h index 9485b43..3bd3c16 100644 --- a/arch/powerpc/include/asm/uaccess.h @@ -8431,7 +8394,7 @@ index 9485b43..3bd3c16 100644 static inline unsigned long clear_user(void __user *addr, unsigned long size) diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile -index 445cb6e..4f80c5d 100644 +index fcc9a89..07be2bb 100644 --- a/arch/powerpc/kernel/Makefile +++ b/arch/powerpc/kernel/Makefile @@ -26,6 +26,8 @@ CFLAGS_REMOVE_ftrace.o = -pg -mno-sched-epilog @@ -8444,10 +8407,10 @@ index 445cb6e..4f80c5d 100644 irq.o align.o signal_32.o pmc.o vdso.o \ process.o systbl.o idle.o \ diff --git a/arch/powerpc/kernel/exceptions-64e.S b/arch/powerpc/kernel/exceptions-64e.S -index e775156..af2d1c0 100644 +index 063b65d..7a26e9d 100644 --- a/arch/powerpc/kernel/exceptions-64e.S +++ b/arch/powerpc/kernel/exceptions-64e.S -@@ -759,6 +759,7 @@ storage_fault_common: +@@ -771,6 +771,7 @@ storage_fault_common: std r14,_DAR(r1) std r15,_DSISR(r1) addi r3,r1,STACK_FRAME_OVERHEAD @@ -8455,7 +8418,7 @@ index e775156..af2d1c0 100644 mr r4,r14 mr r5,r15 ld r14,PACA_EXGEN+EX_R14(r13) -@@ -767,8 +768,7 @@ storage_fault_common: +@@ -779,8 +780,7 @@ storage_fault_common: cmpdi r3,0 bne- 1f b .ret_from_except_lite @@ -8466,10 +8429,10 @@ index e775156..af2d1c0 100644 ld r4,_DAR(r1) bl .bad_page_fault diff --git a/arch/powerpc/kernel/exceptions-64s.S b/arch/powerpc/kernel/exceptions-64s.S -index 9f905e4..1d6b3d2 100644 +index 38d5073..f00af8d 100644 --- a/arch/powerpc/kernel/exceptions-64s.S +++ b/arch/powerpc/kernel/exceptions-64s.S -@@ -1390,10 +1390,10 @@ handle_page_fault: +@@ -1584,10 +1584,10 @@ handle_page_fault: 11: ld r4,_DAR(r1) ld r5,_DSISR(r1) addi r3,r1,STACK_FRAME_OVERHEAD @@ -8481,6 +8444,27 @@ index 9f905e4..1d6b3d2 100644 mr r5,r3 addi r3,r1,STACK_FRAME_OVERHEAD lwz r4,_DAR(r1) +diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c +index 1d0848b..d74685f 100644 +--- a/arch/powerpc/kernel/irq.c ++++ b/arch/powerpc/kernel/irq.c +@@ -447,6 +447,8 @@ void migrate_irqs(void) + } + #endif + ++extern void gr_handle_kernel_exploit(void); ++ + static inline void check_stack_overflow(void) + { + #ifdef CONFIG_DEBUG_STACKOVERFLOW +@@ -459,6 +461,7 @@ static inline void check_stack_overflow(void) + printk("do_IRQ: stack overflow: %ld\n", + sp - sizeof(struct thread_info)); + dump_stack(); ++ gr_handle_kernel_exploit(); + } + #endif + } diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c index 6cff040..74ac5d1 100644 --- a/arch/powerpc/kernel/module_32.c @@ -8524,10 +8508,10 @@ index 6cff040..74ac5d1 100644 sechdrs, module); #endif diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c -index ea2f6a3..dbb2be3 100644 +index 31d0215..206af70 100644 --- a/arch/powerpc/kernel/process.c +++ b/arch/powerpc/kernel/process.c -@@ -888,8 +888,8 @@ void show_regs(struct pt_regs * regs) +@@ -1031,8 +1031,8 @@ void show_regs(struct pt_regs * regs) * Lookup NIP late so we have the best change of getting the * above info out without failing */ @@ -8538,7 +8522,7 @@ index ea2f6a3..dbb2be3 100644 #endif show_stack(current, (unsigned long *) regs->gpr[1]); if (!user_mode(regs)) -@@ -1385,10 +1385,10 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) +@@ -1554,10 +1554,10 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) newsp = stack[0]; ip = stack[STACK_FRAME_LR_SAVE]; if (!firstframe || ip != lr) { @@ -8551,7 +8535,7 @@ index ea2f6a3..dbb2be3 100644 (void *)current->ret_stack[curr_frame].ret); curr_frame--; } -@@ -1408,7 +1408,7 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) +@@ -1577,7 +1577,7 @@ void show_stack(struct task_struct *tsk, unsigned long *stack) struct pt_regs *regs = (struct pt_regs *) (sp + STACK_FRAME_OVERHEAD); lr = regs->link; @@ -8560,7 +8544,7 @@ index ea2f6a3..dbb2be3 100644 regs->trap, (void *)regs->nip, (void *)lr); firstframe = 1; } -@@ -1444,58 +1444,3 @@ void notrace __ppc64_runlatch_off(void) +@@ -1613,58 +1613,3 @@ void notrace __ppc64_runlatch_off(void) mtspr(SPRN_CTRLT, ctrl); } #endif /* CONFIG_PPC64 */ @@ -8659,10 +8643,10 @@ index 2e3d2bf..35df241 100644 if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c -index 68027bf..b26fd31 100644 +index 4e47db6..6dcc96e 100644 --- a/arch/powerpc/kernel/signal_32.c +++ b/arch/powerpc/kernel/signal_32.c -@@ -1004,7 +1004,7 @@ int handle_rt_signal32(unsigned long sig, struct k_sigaction *ka, +@@ -1013,7 +1013,7 @@ int handle_rt_signal32(unsigned long sig, struct k_sigaction *ka, /* Save user registers on the stack */ frame = &rt_sf->uc.uc_mcontext; addr = frame; @@ -8672,11 +8656,11 @@ index 68027bf..b26fd31 100644 tramp = current->mm->context.vdso_base + vdso32_rt_sigtramp; } else { diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c -index 448245f..b9bae83 100644 +index d501dc4..e5a0de0 100644 --- a/arch/powerpc/kernel/signal_64.c +++ b/arch/powerpc/kernel/signal_64.c -@@ -758,7 +758,7 @@ int handle_rt_signal64(int signr, struct k_sigaction *ka, siginfo_t *info, - #endif +@@ -760,7 +760,7 @@ int handle_rt_signal64(int signr, struct k_sigaction *ka, siginfo_t *info, + current->thread.fp_state.fpscr = 0; /* Set up to return from userspace. */ - if (vdso64_rt_sigtramp && current->mm->context.vdso_base) { @@ -8685,7 +8669,7 @@ index 448245f..b9bae83 100644 } else { err |= setup_trampoline(__NR_rt_sigreturn, &frame->tramp[0]); diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c -index 907a472..4ba206f 100644 +index 33cd7a0..d615344 100644 --- a/arch/powerpc/kernel/traps.c +++ b/arch/powerpc/kernel/traps.c @@ -142,6 +142,8 @@ static unsigned __kprobes long oops_begin(struct pt_regs *regs) @@ -8738,10 +8722,10 @@ index 094e45c..d82b848 100644 rc = vdso_base; goto fail_mmapsem; diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c -index 9ae9768..87c3448 100644 +index 3cf541a..ab2d825 100644 --- a/arch/powerpc/kvm/powerpc.c +++ b/arch/powerpc/kvm/powerpc.c -@@ -1141,7 +1141,7 @@ void kvmppc_init_lpid(unsigned long nr_lpids_param) +@@ -1153,7 +1153,7 @@ void kvmppc_init_lpid(unsigned long nr_lpids_param) } EXPORT_SYMBOL_GPL(kvmppc_init_lpid); @@ -8947,7 +8931,7 @@ index cb8bdbe..cde4bc7 100644 } } diff --git a/arch/powerpc/mm/slice.c b/arch/powerpc/mm/slice.c -index 7ce9cf3..a964087 100644 +index b0c75cc..ef7fb93 100644 --- a/arch/powerpc/mm/slice.c +++ b/arch/powerpc/mm/slice.c @@ -103,7 +103,7 @@ static int slice_area_is_free(struct mm_struct *mm, unsigned long addr, @@ -8974,7 +8958,7 @@ index 7ce9cf3..a964087 100644 if (!slice_scan_available(addr, available, 1, &addr)) @@ -410,6 +416,11 @@ unsigned long slice_get_unmapped_area(unsigned long addr, unsigned long len, if (fixed && addr > (mm->task_size - len)) - return -EINVAL; + return -ENOMEM; +#ifdef CONFIG_PAX_RANDMMAP + if (!fixed && (mm->pax_flags & MF_PAX_RANDMMAP)) @@ -9016,10 +9000,10 @@ index 9098692..3d54cd1 100644 struct spu_context *ctx = vma->vm_file->private_data; unsigned long offset = address - vma->vm_start; diff --git a/arch/s390/include/asm/atomic.h b/arch/s390/include/asm/atomic.h -index fa9aaf7..3f5d836 100644 +index 1d47061..0714963 100644 --- a/arch/s390/include/asm/atomic.h +++ b/arch/s390/include/asm/atomic.h -@@ -398,6 +398,16 @@ static inline long long atomic64_dec_if_positive(atomic64_t *v) +@@ -412,6 +412,16 @@ static inline long long atomic64_dec_if_positive(atomic64_t *v) #define atomic64_dec_and_test(_v) (atomic64_sub_return(1, _v) == 0) #define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0) @@ -9221,10 +9205,10 @@ index b89b591..fd9609d 100644 if (r_type == R_390_GOTPC) rc = apply_rela_bits(loc, val, 1, 32, 0); diff --git a/arch/s390/kernel/process.c b/arch/s390/kernel/process.c -index 7ed0d4e..1dfc145 100644 +index dd14532..1dfc145 100644 --- a/arch/s390/kernel/process.c +++ b/arch/s390/kernel/process.c -@@ -242,39 +242,3 @@ unsigned long get_wchan(struct task_struct *p) +@@ -242,37 +242,3 @@ unsigned long get_wchan(struct task_struct *p) } return 0; } @@ -9247,22 +9231,20 @@ index 7ed0d4e..1dfc145 100644 - -unsigned long arch_randomize_brk(struct mm_struct *mm) -{ -- unsigned long ret = PAGE_ALIGN(mm->brk + brk_rnd()); +- unsigned long ret; - -- if (ret < mm->brk) -- return mm->brk; -- return ret; +- ret = PAGE_ALIGN(mm->brk + brk_rnd()); +- return (ret > mm->brk) ? ret : mm->brk; -} - -unsigned long randomize_et_dyn(unsigned long base) -{ -- unsigned long ret = PAGE_ALIGN(base + brk_rnd()); +- unsigned long ret; - - if (!(current->flags & PF_RANDOMIZE)) - return base; -- if (ret < base) -- return base; -- return ret; +- ret = PAGE_ALIGN(base + brk_rnd()); +- return (ret > base) ? ret : base; -} diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c index 9b436c2..54fbf0a 100644 @@ -9771,6 +9753,142 @@ index 502f632..da1917f 100644 #define __S100 PAGE_READONLY #define __S101 PAGE_READONLY #define __S110 PAGE_SHARED +diff --git a/arch/sparc/include/asm/pgtable_64.h b/arch/sparc/include/asm/pgtable_64.h +index 0f9e945..a949e55 100644 +--- a/arch/sparc/include/asm/pgtable_64.h ++++ b/arch/sparc/include/asm/pgtable_64.h +@@ -71,6 +71,23 @@ + + #include <linux/sched.h> + ++extern unsigned long sparc64_valid_addr_bitmap[]; ++ ++/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */ ++static inline bool __kern_addr_valid(unsigned long paddr) ++{ ++ if ((paddr >> MAX_PHYS_ADDRESS_BITS) != 0UL) ++ return false; ++ return test_bit(paddr >> ILOG2_4MB, sparc64_valid_addr_bitmap); ++} ++ ++static inline bool kern_addr_valid(unsigned long addr) ++{ ++ unsigned long paddr = __pa(addr); ++ ++ return __kern_addr_valid(paddr); ++} ++ + /* Entries per page directory level. */ + #define PTRS_PER_PTE (1UL << (PAGE_SHIFT-3)) + #define PTRS_PER_PMD (1UL << PMD_BITS) +@@ -79,9 +96,12 @@ + /* Kernel has a separate 44bit address space. */ + #define FIRST_USER_ADDRESS 0 + +-#define pte_ERROR(e) __builtin_trap() +-#define pmd_ERROR(e) __builtin_trap() +-#define pgd_ERROR(e) __builtin_trap() ++#define pmd_ERROR(e) \ ++ pr_err("%s:%d: bad pmd %p(%016lx) seen at (%pS)\n", \ ++ __FILE__, __LINE__, &(e), pmd_val(e), __builtin_return_address(0)) ++#define pgd_ERROR(e) \ ++ pr_err("%s:%d: bad pgd %p(%016lx) seen at (%pS)\n", \ ++ __FILE__, __LINE__, &(e), pgd_val(e), __builtin_return_address(0)) + + #endif /* !(__ASSEMBLY__) */ + +@@ -633,7 +653,7 @@ static inline unsigned long pmd_large(pmd_t pmd) + { + pte_t pte = __pte(pmd_val(pmd)); + +- return (pte_val(pte) & _PAGE_PMD_HUGE) && pte_present(pte); ++ return pte_val(pte) & _PAGE_PMD_HUGE; + } + + #ifdef CONFIG_TRANSPARENT_HUGEPAGE +@@ -719,20 +739,6 @@ static inline pmd_t pmd_mkwrite(pmd_t pmd) + return __pmd(pte_val(pte)); + } + +-static inline pmd_t pmd_mknotpresent(pmd_t pmd) +-{ +- unsigned long mask; +- +- if (tlb_type == hypervisor) +- mask = _PAGE_PRESENT_4V; +- else +- mask = _PAGE_PRESENT_4U; +- +- pmd_val(pmd) &= ~mask; +- +- return pmd; +-} +- + static inline pmd_t pmd_mksplitting(pmd_t pmd) + { + pte_t pte = __pte(pmd_val(pmd)); +@@ -757,6 +763,20 @@ static inline int pmd_present(pmd_t pmd) + + #define pmd_none(pmd) (!pmd_val(pmd)) + ++/* pmd_bad() is only called on non-trans-huge PMDs. Our encoding is ++ * very simple, it's just the physical address. PTE tables are of ++ * size PAGE_SIZE so make sure the sub-PAGE_SIZE bits are clear and ++ * the top bits outside of the range of any physical address size we ++ * support are clear as well. We also validate the physical itself. ++ */ ++#define pmd_bad(pmd) ((pmd_val(pmd) & ~PAGE_MASK) || \ ++ !__kern_addr_valid(pmd_val(pmd))) ++ ++#define pud_none(pud) (!pud_val(pud)) ++ ++#define pud_bad(pud) ((pud_val(pud) & ~PAGE_MASK) || \ ++ !__kern_addr_valid(pud_val(pud))) ++ + #ifdef CONFIG_TRANSPARENT_HUGEPAGE + extern void set_pmd_at(struct mm_struct *mm, unsigned long addr, + pmd_t *pmdp, pmd_t pmd); +@@ -790,10 +810,7 @@ static inline unsigned long __pmd_page(pmd_t pmd) + #define pud_page_vaddr(pud) \ + ((unsigned long) __va(pud_val(pud))) + #define pud_page(pud) virt_to_page((void *)pud_page_vaddr(pud)) +-#define pmd_bad(pmd) (0) + #define pmd_clear(pmdp) (pmd_val(*(pmdp)) = 0UL) +-#define pud_none(pud) (!pud_val(pud)) +-#define pud_bad(pud) (0) + #define pud_present(pud) (pud_val(pud) != 0U) + #define pud_clear(pudp) (pud_val(*(pudp)) = 0UL) + +@@ -893,6 +910,10 @@ extern void update_mmu_cache(struct vm_area_struct *, unsigned long, pte_t *); + extern void update_mmu_cache_pmd(struct vm_area_struct *vma, unsigned long addr, + pmd_t *pmd); + ++#define __HAVE_ARCH_PMDP_INVALIDATE ++extern void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address, ++ pmd_t *pmdp); ++ + #define __HAVE_ARCH_PGTABLE_DEPOSIT + extern void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp, + pgtable_t pgtable); +@@ -919,18 +940,6 @@ extern unsigned long pte_file(pte_t); + extern pte_t pgoff_to_pte(unsigned long); + #define PTE_FILE_MAX_BITS (64UL - PAGE_SHIFT - 1UL) + +-extern unsigned long sparc64_valid_addr_bitmap[]; +- +-/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */ +-static inline bool kern_addr_valid(unsigned long addr) +-{ +- unsigned long paddr = __pa(addr); +- +- if ((paddr >> 41UL) != 0UL) +- return false; +- return test_bit(paddr >> 22, sparc64_valid_addr_bitmap); +-} +- + extern int page_in_phys_avail(unsigned long paddr); + + /* diff --git a/arch/sparc/include/asm/pgtsrmmu.h b/arch/sparc/include/asm/pgtsrmmu.h index 79da178..c2eede8 100644 --- a/arch/sparc/include/asm/pgtsrmmu.h @@ -9948,6 +10066,20 @@ index a5f01ac..703b554 100644 /* * Thread-synchronous status. * +diff --git a/arch/sparc/include/asm/tsb.h b/arch/sparc/include/asm/tsb.h +index 2230f80..90916f9 100644 +--- a/arch/sparc/include/asm/tsb.h ++++ b/arch/sparc/include/asm/tsb.h +@@ -171,7 +171,8 @@ extern struct tsb_phys_patch_entry __tsb_phys_patch, __tsb_phys_patch_end; + andcc REG1, REG2, %g0; \ + be,pt %xcc, 700f; \ + sethi %hi(4 * 1024 * 1024), REG2; \ +- andn REG1, REG2, REG1; \ ++ brgez,pn REG1, FAIL_LABEL; \ ++ andn REG1, REG2, REG1; \ + and VADDR, REG2, REG2; \ + brlz,pt REG1, PTE_LABEL; \ + or REG1, REG2, REG1; \ diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h index 0167d26..767bb0c 100644 --- a/arch/sparc/include/asm/uaccess.h @@ -10074,10 +10206,10 @@ index d15cc17..d0ae796 100644 extra-y := head_$(BITS).o diff --git a/arch/sparc/kernel/process_32.c b/arch/sparc/kernel/process_32.c -index fdd819d..5af08c8 100644 +index 510baec..9ff2607 100644 --- a/arch/sparc/kernel/process_32.c +++ b/arch/sparc/kernel/process_32.c -@@ -116,14 +116,14 @@ void show_regs(struct pt_regs *r) +@@ -115,14 +115,14 @@ void show_regs(struct pt_regs *r) printk("PSR: %08lx PC: %08lx NPC: %08lx Y: %08lx %s\n", r->psr, r->pc, r->npc, r->y, print_tainted()); @@ -10094,7 +10226,7 @@ index fdd819d..5af08c8 100644 printk("%%L: %08lx %08lx %08lx %08lx %08lx %08lx %08lx %08lx\n", rw->locals[0], rw->locals[1], rw->locals[2], rw->locals[3], -@@ -160,7 +160,7 @@ void show_stack(struct task_struct *tsk, unsigned long *_ksp) +@@ -159,7 +159,7 @@ void show_stack(struct task_struct *tsk, unsigned long *_ksp) rw = (struct reg_window32 *) fp; pc = rw->ins[7]; printk("[%08lx : ", pc); @@ -10104,10 +10236,10 @@ index fdd819d..5af08c8 100644 } while (++count < 16); printk("\n"); diff --git a/arch/sparc/kernel/process_64.c b/arch/sparc/kernel/process_64.c -index 32a280e..84fc6a9 100644 +index d7b4967..2edf827 100644 --- a/arch/sparc/kernel/process_64.c +++ b/arch/sparc/kernel/process_64.c -@@ -159,7 +159,7 @@ static void show_regwindow(struct pt_regs *regs) +@@ -161,7 +161,7 @@ static void show_regwindow(struct pt_regs *regs) printk("i4: %016lx i5: %016lx i6: %016lx i7: %016lx\n", rwk->ins[4], rwk->ins[5], rwk->ins[6], rwk->ins[7]); if (regs->tstate & TSTATE_PRIV) @@ -10116,7 +10248,7 @@ index 32a280e..84fc6a9 100644 } void show_regs(struct pt_regs *regs) -@@ -168,7 +168,7 @@ void show_regs(struct pt_regs *regs) +@@ -170,7 +170,7 @@ void show_regs(struct pt_regs *regs) printk("TSTATE: %016lx TPC: %016lx TNPC: %016lx Y: %08x %s\n", regs->tstate, regs->tpc, regs->tnpc, regs->y, print_tainted()); @@ -10125,7 +10257,7 @@ index 32a280e..84fc6a9 100644 printk("g0: %016lx g1: %016lx g2: %016lx g3: %016lx\n", regs->u_regs[0], regs->u_regs[1], regs->u_regs[2], regs->u_regs[3]); -@@ -181,7 +181,7 @@ void show_regs(struct pt_regs *regs) +@@ -183,7 +183,7 @@ void show_regs(struct pt_regs *regs) printk("o4: %016lx o5: %016lx sp: %016lx ret_pc: %016lx\n", regs->u_regs[12], regs->u_regs[13], regs->u_regs[14], regs->u_regs[15]); @@ -10134,7 +10266,7 @@ index 32a280e..84fc6a9 100644 show_regwindow(regs); show_stack(current, (unsigned long *) regs->u_regs[UREG_FP]); } -@@ -270,7 +270,7 @@ void arch_trigger_all_cpu_backtrace(void) +@@ -272,7 +272,7 @@ void arch_trigger_all_cpu_backtrace(void) ((tp && tp->task) ? tp->task->pid : -1)); if (gp->tstate & TSTATE_PRIV) { @@ -10433,7 +10565,7 @@ index beb0b5a..5a153f7 100644 } } diff --git a/arch/sparc/kernel/syscalls.S b/arch/sparc/kernel/syscalls.S -index 87729ff..d87fb1f 100644 +index 33a17e7..d87fb1f 100644 --- a/arch/sparc/kernel/syscalls.S +++ b/arch/sparc/kernel/syscalls.S @@ -52,7 +52,7 @@ sys32_rt_sigreturn: @@ -10445,7 +10577,7 @@ index 87729ff..d87fb1f 100644 be,pt %icc, rtrap nop call syscall_trace_leave -@@ -184,12 +184,13 @@ linux_sparc_syscall32: +@@ -184,7 +184,7 @@ linux_sparc_syscall32: srl %i3, 0, %o3 ! IEU0 srl %i2, 0, %o2 ! IEU0 Group @@ -10454,14 +10586,7 @@ index 87729ff..d87fb1f 100644 bne,pn %icc, linux_syscall_trace32 ! CTI mov %i0, %l5 ! IEU1 5: call %l7 ! CTI Group brk forced - srl %i5, 0, %o5 ! IEU1 -- ba,a,pt %xcc, 3f -+ ba,pt %xcc, 3f -+ sra %o0, 0, %o0 - - /* Linux native system calls enter here... */ - .align 32 -@@ -207,7 +208,7 @@ linux_sparc_syscall: +@@ -208,7 +208,7 @@ linux_sparc_syscall: mov %i3, %o3 ! IEU1 mov %i4, %o4 ! IEU0 Group @@ -10470,13 +10595,7 @@ index 87729ff..d87fb1f 100644 bne,pn %icc, linux_syscall_trace ! CTI Group mov %i0, %l5 ! IEU0 2: call %l7 ! CTI Group brk forced -@@ -217,13 +218,12 @@ linux_sparc_syscall: - 3: stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] - ret_sys_call: - ldx [%sp + PTREGS_OFF + PT_V9_TSTATE], %g3 -- sra %o0, 0, %o0 - mov %ulo(TSTATE_XCARRY | TSTATE_ICARRY), %g2 - sllx %g2, 32, %g2 +@@ -223,7 +223,7 @@ ret_sys_call: cmp %o0, -ERESTART_RESTARTBLOCK bgeu,pn %xcc, 1f @@ -10709,10 +10828,37 @@ index 4ced92f..965eeed 100644 } EXPORT_SYMBOL(die_if_kernel); diff --git a/arch/sparc/kernel/unaligned_64.c b/arch/sparc/kernel/unaligned_64.c -index 3c1a7cb..73e1923 100644 +index 3c1a7cb..9046547 100644 --- a/arch/sparc/kernel/unaligned_64.c +++ b/arch/sparc/kernel/unaligned_64.c -@@ -289,7 +289,7 @@ static void log_unaligned(struct pt_regs *regs) +@@ -166,17 +166,23 @@ static unsigned long *fetch_reg_addr(unsigned int reg, struct pt_regs *regs) + unsigned long compute_effective_address(struct pt_regs *regs, + unsigned int insn, unsigned int rd) + { ++ int from_kernel = (regs->tstate & TSTATE_PRIV) != 0; + unsigned int rs1 = (insn >> 14) & 0x1f; + unsigned int rs2 = insn & 0x1f; +- int from_kernel = (regs->tstate & TSTATE_PRIV) != 0; ++ unsigned long addr; + + if (insn & 0x2000) { + maybe_flush_windows(rs1, 0, rd, from_kernel); +- return (fetch_reg(rs1, regs) + sign_extend_imm13(insn)); ++ addr = (fetch_reg(rs1, regs) + sign_extend_imm13(insn)); + } else { + maybe_flush_windows(rs1, rs2, rd, from_kernel); +- return (fetch_reg(rs1, regs) + fetch_reg(rs2, regs)); ++ addr = (fetch_reg(rs1, regs) + fetch_reg(rs2, regs)); + } ++ ++ if (!from_kernel && test_thread_flag(TIF_32BIT)) ++ addr &= 0xffffffff; ++ ++ return addr; + } + + /* This is just to make gcc think die_if_kernel does return... */ +@@ -289,7 +295,7 @@ static void log_unaligned(struct pt_regs *regs) static DEFINE_RATELIMIT_STATE(ratelimit, 5 * HZ, 5); if (__ratelimit(&ratelimit)) { @@ -11302,7 +11448,7 @@ index 59dbd46..1dd7f5e 100644 if (!(vma->vm_flags & (VM_READ | VM_EXEC))) goto bad_area; diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c -index 69bb818..6ca35c8 100644 +index 69bb818..3542236 100644 --- a/arch/sparc/mm/fault_64.c +++ b/arch/sparc/mm/fault_64.c @@ -22,6 +22,9 @@ @@ -11324,7 +11470,124 @@ index 69bb818..6ca35c8 100644 printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr); dump_stack(); unhandled_fault(regs->tpc, current, regs); -@@ -271,6 +274,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, +@@ -96,38 +99,51 @@ static unsigned int get_user_insn(unsigned long tpc) + pte_t *ptep, pte; + unsigned long pa; + u32 insn = 0; +- unsigned long pstate; + +- if (pgd_none(*pgdp)) +- goto outret; ++ if (pgd_none(*pgdp) || unlikely(pgd_bad(*pgdp))) ++ goto out; + pudp = pud_offset(pgdp, tpc); +- if (pud_none(*pudp)) +- goto outret; +- pmdp = pmd_offset(pudp, tpc); +- if (pmd_none(*pmdp)) +- goto outret; ++ if (pud_none(*pudp) || unlikely(pud_bad(*pudp))) ++ goto out; + + /* This disables preemption for us as well. */ +- __asm__ __volatile__("rdpr %%pstate, %0" : "=r" (pstate)); +- __asm__ __volatile__("wrpr %0, %1, %%pstate" +- : : "r" (pstate), "i" (PSTATE_IE)); +- ptep = pte_offset_map(pmdp, tpc); +- pte = *ptep; +- if (!pte_present(pte)) +- goto out; ++ local_irq_disable(); + +- pa = (pte_pfn(pte) << PAGE_SHIFT); +- pa += (tpc & ~PAGE_MASK); ++ pmdp = pmd_offset(pudp, tpc); ++ if (pmd_none(*pmdp) || unlikely(pmd_bad(*pmdp))) ++ goto out_irq_enable; + +- /* Use phys bypass so we don't pollute dtlb/dcache. */ +- __asm__ __volatile__("lduwa [%1] %2, %0" +- : "=r" (insn) +- : "r" (pa), "i" (ASI_PHYS_USE_EC)); ++#ifdef CONFIG_TRANSPARENT_HUGEPAGE ++ if (pmd_trans_huge(*pmdp)) { ++ if (pmd_trans_splitting(*pmdp)) ++ goto out_irq_enable; + ++ pa = pmd_pfn(*pmdp) << PAGE_SHIFT; ++ pa += tpc & ~HPAGE_MASK; ++ ++ /* Use phys bypass so we don't pollute dtlb/dcache. */ ++ __asm__ __volatile__("lduwa [%1] %2, %0" ++ : "=r" (insn) ++ : "r" (pa), "i" (ASI_PHYS_USE_EC)); ++ } else ++#endif ++ { ++ ptep = pte_offset_map(pmdp, tpc); ++ pte = *ptep; ++ if (pte_present(pte)) { ++ pa = (pte_pfn(pte) << PAGE_SHIFT); ++ pa += (tpc & ~PAGE_MASK); ++ ++ /* Use phys bypass so we don't pollute dtlb/dcache. */ ++ __asm__ __volatile__("lduwa [%1] %2, %0" ++ : "=r" (insn) ++ : "r" (pa), "i" (ASI_PHYS_USE_EC)); ++ } ++ pte_unmap(ptep); ++ } ++out_irq_enable: ++ local_irq_enable(); + out: +- pte_unmap(ptep); +- __asm__ __volatile__("wrpr %0, 0x0, %%pstate" : : "r" (pstate)); +-outret: + return insn; + } + +@@ -153,7 +169,8 @@ show_signal_msg(struct pt_regs *regs, int sig, int code, + } + + static void do_fault_siginfo(int code, int sig, struct pt_regs *regs, +- unsigned int insn, int fault_code) ++ unsigned long fault_addr, unsigned int insn, ++ int fault_code) + { + unsigned long addr; + siginfo_t info; +@@ -161,10 +178,18 @@ static void do_fault_siginfo(int code, int sig, struct pt_regs *regs, + info.si_code = code; + info.si_signo = sig; + info.si_errno = 0; +- if (fault_code & FAULT_CODE_ITLB) ++ if (fault_code & FAULT_CODE_ITLB) { + addr = regs->tpc; +- else +- addr = compute_effective_address(regs, insn, 0); ++ } else { ++ /* If we were able to probe the faulting instruction, use it ++ * to compute a precise fault address. Otherwise use the fault ++ * time provided address which may only have page granularity. ++ */ ++ if (insn) ++ addr = compute_effective_address(regs, insn, 0); ++ else ++ addr = fault_addr; ++ } + info.si_addr = (void __user *) addr; + info.si_trapno = 0; + +@@ -239,7 +264,7 @@ static void __kprobes do_kernel_fault(struct pt_regs *regs, int si_code, + /* The si_code was set to make clear whether + * this was a SEGV_MAPERR or SEGV_ACCERR fault. + */ +- do_fault_siginfo(si_code, SIGSEGV, regs, insn, fault_code); ++ do_fault_siginfo(si_code, SIGSEGV, regs, address, insn, fault_code); + return; + } + +@@ -271,6 +296,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, show_regs(regs); } @@ -11791,7 +12054,7 @@ index 69bb818..6ca35c8 100644 asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) { enum ctx_state prev_state = exception_enter(); -@@ -344,6 +807,29 @@ retry: +@@ -344,6 +829,29 @@ retry: if (!vma) goto bad_area; @@ -11821,11 +12084,33 @@ index 69bb818..6ca35c8 100644 /* Pure DTLB misses do not tell us whether the fault causing * load/store/atomic was a write or not, it only says that there * was no match. So in such a case we (carefully) read the +@@ -525,7 +1033,7 @@ do_sigbus: + * Send a sigbus, regardless of whether we were in kernel + * or user mode. + */ +- do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, insn, fault_code); ++ do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, address, insn, fault_code); + + /* Kernel mode? Handle exceptions or die */ + if (regs->tstate & TSTATE_PRIV) +diff --git a/arch/sparc/mm/gup.c b/arch/sparc/mm/gup.c +index c4d3da6..1aed043 100644 +--- a/arch/sparc/mm/gup.c ++++ b/arch/sparc/mm/gup.c +@@ -73,7 +73,7 @@ static int gup_huge_pmd(pmd_t *pmdp, pmd_t pmd, unsigned long addr, + struct page *head, *page, *tail; + int refs; + +- if (!pmd_large(pmd)) ++ if (!(pmd_val(pmd) & _PAGE_VALID)) + return 0; + + if (write && !pmd_write(pmd)) diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c -index 3096317..a7b7654 100644 +index 9bd9ce8..dc84852 100644 --- a/arch/sparc/mm/hugetlbpage.c +++ b/arch/sparc/mm/hugetlbpage.c -@@ -26,7 +26,8 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, +@@ -25,8 +25,10 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, unsigned long addr, unsigned long len, unsigned long pgoff, @@ -11833,9 +12118,11 @@ index 3096317..a7b7654 100644 + unsigned long flags, + unsigned long offset) { ++ struct mm_struct *mm = current->mm; unsigned long task_size = TASK_SIZE; struct vm_unmapped_area_info info; -@@ -36,15 +37,22 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, + +@@ -35,15 +37,22 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, info.flags = 0; info.length = len; @@ -11859,7 +12146,7 @@ index 3096317..a7b7654 100644 info.high_limit = task_size; addr = vm_unmapped_area(&info); } -@@ -56,7 +64,8 @@ static unsigned long +@@ -55,7 +64,8 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, const unsigned long len, const unsigned long pgoff, @@ -11869,7 +12156,7 @@ index 3096317..a7b7654 100644 { struct mm_struct *mm = current->mm; unsigned long addr = addr0; -@@ -71,6 +80,7 @@ hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -70,6 +80,7 @@ hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.high_limit = mm->mmap_base; info.align_mask = PAGE_MASK & ~HPAGE_MASK; info.align_offset = 0; @@ -11877,7 +12164,7 @@ index 3096317..a7b7654 100644 addr = vm_unmapped_area(&info); /* -@@ -83,6 +93,12 @@ hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -82,6 +93,12 @@ hugetlb_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, VM_BUG_ON(addr != -ENOMEM); info.flags = 0; info.low_limit = TASK_UNMAPPED_BASE; @@ -11890,7 +12177,7 @@ index 3096317..a7b7654 100644 info.high_limit = STACK_TOP32; addr = vm_unmapped_area(&info); } -@@ -97,6 +113,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -96,6 +113,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, struct mm_struct *mm = current->mm; struct vm_area_struct *vma; unsigned long task_size = TASK_SIZE; @@ -11898,7 +12185,7 @@ index 3096317..a7b7654 100644 if (test_thread_flag(TIF_32BIT)) task_size = STACK_TOP32; -@@ -112,19 +129,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -111,19 +129,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, return addr; } @@ -11926,7 +12213,7 @@ index 3096317..a7b7654 100644 pte_t *huge_pte_alloc(struct mm_struct *mm, diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c -index 5322e53..f820c5e 100644 +index eafbc65..5a8070d 100644 --- a/arch/sparc/mm/init_64.c +++ b/arch/sparc/mm/init_64.c @@ -188,9 +188,9 @@ unsigned long sparc64_kern_sec_context __read_mostly; @@ -11963,6 +12250,67 @@ index 5322e53..f820c5e 100644 #endif /* CONFIG_SMP */ #endif /* CONFIG_DEBUG_DCFLUSH */ } +diff --git a/arch/sparc/mm/tlb.c b/arch/sparc/mm/tlb.c +index b12cb5e..b89aba2 100644 +--- a/arch/sparc/mm/tlb.c ++++ b/arch/sparc/mm/tlb.c +@@ -134,7 +134,7 @@ no_cache_flush: + + #ifdef CONFIG_TRANSPARENT_HUGEPAGE + static void tlb_batch_pmd_scan(struct mm_struct *mm, unsigned long vaddr, +- pmd_t pmd, bool exec) ++ pmd_t pmd) + { + unsigned long end; + pte_t *pte; +@@ -142,8 +142,11 @@ static void tlb_batch_pmd_scan(struct mm_struct *mm, unsigned long vaddr, + pte = pte_offset_map(&pmd, vaddr); + end = vaddr + HPAGE_SIZE; + while (vaddr < end) { +- if (pte_val(*pte) & _PAGE_VALID) ++ if (pte_val(*pte) & _PAGE_VALID) { ++ bool exec = pte_exec(*pte); ++ + tlb_batch_add_one(mm, vaddr, exec); ++ } + pte++; + vaddr += PAGE_SIZE; + } +@@ -177,19 +180,30 @@ void set_pmd_at(struct mm_struct *mm, unsigned long addr, + } + + if (!pmd_none(orig)) { +- pte_t orig_pte = __pte(pmd_val(orig)); +- bool exec = pte_exec(orig_pte); +- + addr &= HPAGE_MASK; + if (pmd_trans_huge(orig)) { ++ pte_t orig_pte = __pte(pmd_val(orig)); ++ bool exec = pte_exec(orig_pte); ++ + tlb_batch_add_one(mm, addr, exec); + tlb_batch_add_one(mm, addr + REAL_HPAGE_SIZE, exec); + } else { +- tlb_batch_pmd_scan(mm, addr, orig, exec); ++ tlb_batch_pmd_scan(mm, addr, orig); + } + } + } + ++void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address, ++ pmd_t *pmdp) ++{ ++ pmd_t entry = *pmdp; ++ ++ pmd_val(entry) &= ~_PAGE_VALID; ++ ++ set_pmd_at(vma->vm_mm, address, pmdp, entry); ++ flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE); ++} ++ + void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp, + pgtable_t pgtable) + { diff --git a/arch/tile/Kconfig b/arch/tile/Kconfig index b3692ce..e4517c9 100644 --- a/arch/tile/Kconfig @@ -12168,10 +12516,19 @@ index ad8f795..2c7eec6 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index 0952ecd..9cf578c 100644 +index 0af5250..59f9597 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig -@@ -249,7 +249,7 @@ config X86_HT +@@ -126,7 +126,7 @@ config X86 + select RTC_LIB + select HAVE_DEBUG_STACKOVERFLOW + select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64 +- select HAVE_CC_STACKPROTECTOR ++ select HAVE_CC_STACKPROTECTOR if X86_64 || !PAX_MEMORY_UDEREF + + config INSTRUCTION_DECODER + def_bool y +@@ -251,7 +251,7 @@ config X86_HT config X86_32_LAZY_GS def_bool y @@ -12180,7 +12537,7 @@ index 0952ecd..9cf578c 100644 config ARCH_HWEIGHT_CFLAGS string -@@ -602,6 +602,7 @@ config SCHED_OMIT_FRAME_POINTER +@@ -589,6 +589,7 @@ config SCHED_OMIT_FRAME_POINTER menuconfig HYPERVISOR_GUEST bool "Linux guest support" @@ -12188,7 +12545,7 @@ index 0952ecd..9cf578c 100644 ---help--- Say Y here to enable options for running Linux under various hyper- visors. This option enables basic hypervisor detection and platform -@@ -1127,7 +1128,7 @@ choice +@@ -1111,7 +1112,7 @@ choice config NOHIGHMEM bool "off" @@ -12197,7 +12554,7 @@ index 0952ecd..9cf578c 100644 ---help--- Linux can use up to 64 Gigabytes of physical memory on x86 systems. However, the address space of 32-bit x86 processors is only 4 -@@ -1164,7 +1165,7 @@ config NOHIGHMEM +@@ -1148,7 +1149,7 @@ config NOHIGHMEM config HIGHMEM4G bool "4GB" @@ -12206,7 +12563,7 @@ index 0952ecd..9cf578c 100644 ---help--- Select this if you have a 32-bit processor and between 1 and 4 gigabytes of physical RAM. -@@ -1217,7 +1218,7 @@ config PAGE_OFFSET +@@ -1201,7 +1202,7 @@ config PAGE_OFFSET hex default 0xB0000000 if VMSPLIT_3G_OPT default 0x80000000 if VMSPLIT_2G @@ -12215,15 +12572,7 @@ index 0952ecd..9cf578c 100644 default 0x40000000 if VMSPLIT_1G default 0xC0000000 depends on X86_32 -@@ -1619,6 +1620,7 @@ config SECCOMP - - config CC_STACKPROTECTOR - bool "Enable -fstack-protector buffer overflow detection" -+ depends on X86_64 || !PAX_MEMORY_UDEREF - ---help--- - This option turns on the -fstack-protector GCC feature. This - feature puts, at the beginning of functions, a canary value on -@@ -1637,6 +1639,7 @@ source kernel/Kconfig.hz +@@ -1605,6 +1606,7 @@ source kernel/Kconfig.hz config KEXEC bool "kexec system call" @@ -12231,16 +12580,18 @@ index 0952ecd..9cf578c 100644 ---help--- kexec is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot -@@ -1738,6 +1741,8 @@ config X86_NEED_RELOCS +@@ -1756,7 +1758,9 @@ config X86_NEED_RELOCS + config PHYSICAL_ALIGN hex "Alignment value to which kernel should be aligned" - default "0x1000000" +- default "0x200000" ++ default "0x1000000" + range 0x200000 0x1000000 if PAX_KERNEXEC && X86_PAE + range 0x400000 0x1000000 if PAX_KERNEXEC && !X86_PAE range 0x2000 0x1000000 if X86_32 range 0x200000 0x1000000 if X86_64 ---help--- -@@ -1817,9 +1822,10 @@ config DEBUG_HOTPLUG_CPU0 +@@ -1836,9 +1840,10 @@ config DEBUG_HOTPLUG_CPU0 If unsure, say N. config COMPAT_VDSO @@ -12253,7 +12604,7 @@ index 0952ecd..9cf578c 100644 Map the 32-bit VDSO to the predictable old-style address too. diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu -index c026cca..14657ae 100644 +index f3aaf23..a1d3c49 100644 --- a/arch/x86/Kconfig.cpu +++ b/arch/x86/Kconfig.cpu @@ -319,7 +319,7 @@ config X86_PPRO_FENCE @@ -12274,7 +12625,7 @@ index c026cca..14657ae 100644 config X86_INTEL_USERCOPY def_bool y -@@ -373,7 +373,7 @@ config X86_CMPXCHG64 +@@ -369,7 +369,7 @@ config X86_CMPXCHG64 # generates cmov. config X86_CMOV def_bool y @@ -12284,7 +12635,7 @@ index c026cca..14657ae 100644 config X86_MINIMUM_CPU_FAMILY int diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug -index 0f3621e..282f24b 100644 +index 321a52c..3d51a5e 100644 --- a/arch/x86/Kconfig.debug +++ b/arch/x86/Kconfig.debug @@ -84,7 +84,7 @@ config X86_PTDUMP @@ -12306,10 +12657,10 @@ index 0f3621e..282f24b 100644 This option helps catch unintended modifications to loadable kernel module's text and read-only data. It also prevents execution diff --git a/arch/x86/Makefile b/arch/x86/Makefile -index 57d0215..b4373fb 100644 +index 0dd99ea..4a63d82 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile -@@ -49,14 +49,12 @@ ifeq ($(CONFIG_X86_32),y) +@@ -71,9 +71,6 @@ ifeq ($(CONFIG_X86_32),y) # CPU-specific tuning. Anything which can be shared with UML should go here. include $(srctree)/arch/x86/Makefile_32.cpu KBUILD_CFLAGS += $(cflags-y) @@ -12319,23 +12670,17 @@ index 57d0215..b4373fb 100644 else BITS := 64 UTS_MACHINE := x86_64 - CHECKFLAGS += -D__x86_64__ -m64 - -+ biarch := $(call cc-option,-m64) - KBUILD_AFLAGS += -m64 - KBUILD_CFLAGS += -m64 - -@@ -89,6 +87,9 @@ else +@@ -112,6 +109,9 @@ else KBUILD_CFLAGS += -maccumulate-outgoing-args endif +# temporary until string.h is fixed +KBUILD_CFLAGS += -ffreestanding + + # Make sure compiler does not have buggy stack-protector support. ifdef CONFIG_CC_STACKPROTECTOR cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh - ifeq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(KBUILD_CPPFLAGS) $(biarch)),y) -@@ -247,3 +248,12 @@ define archhelp +@@ -269,3 +269,12 @@ define archhelp echo ' FDINITRD=file initrd for the booted kernel' echo ' kvmconfig - Enable additional options for guest kernel support' endef @@ -12349,13 +12694,13 @@ index 57d0215..b4373fb 100644 +archprepare: + $(if $(LDFLAGS_BUILD_ID),,$(error $(OLD_LD))) diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile -index d9c1195..a26ca0d 100644 +index 878df7e..a803913 100644 --- a/arch/x86/boot/Makefile +++ b/arch/x86/boot/Makefile -@@ -65,6 +65,9 @@ KBUILD_CFLAGS := $(USERINCLUDE) -m32 -g -Os -D_SETUP -D__KERNEL__ \ - $(call cc-option, -fno-unit-at-a-time)) \ - $(call cc-option, -fno-stack-protector) \ - $(call cc-option, -mpreferred-stack-boundary=2) +@@ -52,6 +52,9 @@ $(obj)/cpustr.h: $(obj)/mkcpustr FORCE + # --------------------------------------------------------------------------- + + KBUILD_CFLAGS := $(USERINCLUDE) $(REALMODE_CFLAGS) -D_SETUP +ifdef CONSTIFY_PLUGIN +KBUILD_CFLAGS += -fplugin-arg-constify_plugin-no-constify +endif @@ -12385,10 +12730,10 @@ index 878e4b9..20537ab 100644 #endif /* BOOT_BITOPS_H */ diff --git a/arch/x86/boot/boot.h b/arch/x86/boot/boot.h -index ef72bae..353a184 100644 +index 50f8c5e..4f84fff 100644 --- a/arch/x86/boot/boot.h +++ b/arch/x86/boot/boot.h -@@ -85,7 +85,7 @@ static inline void io_delay(void) +@@ -84,7 +84,7 @@ static inline void io_delay(void) static inline u16 ds(void) { u16 seg; @@ -12397,7 +12742,7 @@ index ef72bae..353a184 100644 return seg; } -@@ -181,7 +181,7 @@ static inline void wrgs32(u32 v, addr_t addr) +@@ -180,7 +180,7 @@ static inline void wrgs32(u32 v, addr_t addr) static inline int memcmp(const void *s1, const void *s2, size_t len) { u8 diff; @@ -12407,7 +12752,7 @@ index ef72bae..353a184 100644 return diff; } diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile -index c8a6792..2402765 100644 +index 0fcd913..3bb5c42 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -16,6 +16,9 @@ KBUILD_CFLAGS += $(cflags-y) @@ -12463,41 +12808,53 @@ index a53440e..c3dbf1e 100644 .previous diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S -index 5d6f689..9d06730 100644 +index f45ab7a..ebc015f 100644 --- a/arch/x86/boot/compressed/head_32.S +++ b/arch/x86/boot/compressed/head_32.S -@@ -118,7 +118,7 @@ preferred_addr: +@@ -119,10 +119,10 @@ preferred_addr: + addl %eax, %ebx notl %eax andl %eax, %ebx - #else +- cmpl $LOAD_PHYSICAL_ADDR, %ebx ++ cmpl $____LOAD_PHYSICAL_ADDR, %ebx + jge 1f + #endif - movl $LOAD_PHYSICAL_ADDR, %ebx + movl $____LOAD_PHYSICAL_ADDR, %ebx - #endif + 1: /* Target address to relocate to for decompression */ diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S -index c337422..2c5be72 100644 +index b10fa66..5ee0472 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S -@@ -95,7 +95,7 @@ ENTRY(startup_32) +@@ -94,10 +94,10 @@ ENTRY(startup_32) + addl %eax, %ebx notl %eax andl %eax, %ebx - #else +- cmpl $LOAD_PHYSICAL_ADDR, %ebx ++ cmpl $____LOAD_PHYSICAL_ADDR, %ebx + jge 1f + #endif - movl $LOAD_PHYSICAL_ADDR, %ebx + movl $____LOAD_PHYSICAL_ADDR, %ebx - #endif + 1: /* Target address to relocate to for decompression */ -@@ -270,7 +270,7 @@ preferred_addr: +@@ -268,10 +268,10 @@ preferred_addr: + addq %rax, %rbp notq %rax andq %rax, %rbp - #else +- cmpq $LOAD_PHYSICAL_ADDR, %rbp ++ cmpq $____LOAD_PHYSICAL_ADDR, %rbp + jge 1f + #endif - movq $LOAD_PHYSICAL_ADDR, %rbp + movq $____LOAD_PHYSICAL_ADDR, %rbp - #endif + 1: /* Target address to relocate to for decompression */ -@@ -362,8 +362,8 @@ gdt: +@@ -363,8 +363,8 @@ gdt: .long gdt .word 0 .quad 0x0000000000000000 /* NULL descriptor */ @@ -12509,10 +12866,19 @@ index c337422..2c5be72 100644 .quad 0x0000000000000000 /* TS continued */ gdt_end: diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c -index 434f077..b6b4b38 100644 +index 196eaf3..c96716d 100644 --- a/arch/x86/boot/compressed/misc.c +++ b/arch/x86/boot/compressed/misc.c -@@ -283,7 +283,7 @@ static void handle_relocations(void *output, unsigned long output_len) +@@ -218,7 +218,7 @@ void __putstr(const char *s) + + void *memset(void *s, int c, size_t n) + { +- int i; ++ size_t i; + char *ss = s; + + for (i = 0; i < n; i++) +@@ -277,7 +277,7 @@ static void handle_relocations(void *output, unsigned long output_len) * Calculate the delta between where vmlinux was linked to load * and where it was actually loaded. */ @@ -12521,7 +12887,16 @@ index 434f077..b6b4b38 100644 if (!delta) { debug_putstr("No relocation needed... "); return; -@@ -380,7 +380,7 @@ static void parse_elf(void *output) +@@ -347,7 +347,7 @@ static void parse_elf(void *output) + Elf32_Ehdr ehdr; + Elf32_Phdr *phdrs, *phdr; + #endif +- void *dest; ++ void *dest, *prev; + int i; + + memcpy(&ehdr, output, sizeof(ehdr)); +@@ -374,13 +374,16 @@ static void parse_elf(void *output) case PT_LOAD: #ifdef CONFIG_RELOCATABLE dest = output; @@ -12530,7 +12905,16 @@ index 434f077..b6b4b38 100644 #else dest = (void *)(phdr->p_paddr); #endif -@@ -432,7 +432,7 @@ asmlinkage void decompress_kernel(void *rmode, memptr heap, + memcpy(dest, + output + phdr->p_offset, + phdr->p_filesz); ++ if (i) ++ memset(prev, 0xff, dest - prev); ++ prev = dest + phdr->p_filesz; + break; + default: /* Ignore other PT_* */ break; + } +@@ -430,7 +433,7 @@ asmlinkage void *decompress_kernel(void *rmode, memptr heap, error("Destination address too large"); #endif #ifndef CONFIG_RELOCATABLE @@ -12540,64 +12924,10 @@ index 434f077..b6b4b38 100644 #endif diff --git a/arch/x86/boot/cpucheck.c b/arch/x86/boot/cpucheck.c -index 4d3ff03..e4972ff 100644 +index 100a9a1..bb3bdb0 100644 --- a/arch/x86/boot/cpucheck.c +++ b/arch/x86/boot/cpucheck.c -@@ -74,7 +74,7 @@ static int has_fpu(void) - u16 fcw = -1, fsw = -1; - u32 cr0; - -- asm("movl %%cr0,%0" : "=r" (cr0)); -+ asm volatile("movl %%cr0,%0" : "=r" (cr0)); - if (cr0 & (X86_CR0_EM|X86_CR0_TS)) { - cr0 &= ~(X86_CR0_EM|X86_CR0_TS); - asm volatile("movl %0,%%cr0" : : "r" (cr0)); -@@ -90,7 +90,7 @@ static int has_eflag(u32 mask) - { - u32 f0, f1; - -- asm("pushfl ; " -+ asm volatile("pushfl ; " - "pushfl ; " - "popl %0 ; " - "movl %0,%1 ; " -@@ -115,7 +115,7 @@ static void get_flags(void) - set_bit(X86_FEATURE_FPU, cpu.flags); - - if (has_eflag(X86_EFLAGS_ID)) { -- asm("cpuid" -+ asm volatile("cpuid" - : "=a" (max_intel_level), - "=b" (cpu_vendor[0]), - "=d" (cpu_vendor[1]), -@@ -124,7 +124,7 @@ static void get_flags(void) - - if (max_intel_level >= 0x00000001 && - max_intel_level <= 0x0000ffff) { -- asm("cpuid" -+ asm volatile("cpuid" - : "=a" (tfms), - "=c" (cpu.flags[4]), - "=d" (cpu.flags[0]) -@@ -136,7 +136,7 @@ static void get_flags(void) - cpu.model += ((tfms >> 16) & 0xf) << 4; - } - -- asm("cpuid" -+ asm volatile("cpuid" - : "=a" (max_amd_level) - : "a" (0x80000000) - : "ebx", "ecx", "edx"); -@@ -144,7 +144,7 @@ static void get_flags(void) - if (max_amd_level >= 0x80000001 && - max_amd_level <= 0x8000ffff) { - u32 eax = 0x80000001; -- asm("cpuid" -+ asm volatile("cpuid" - : "+a" (eax), - "=c" (cpu.flags[6]), - "=d" (cpu.flags[1]) -@@ -203,9 +203,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) +@@ -117,9 +117,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) u32 ecx = MSR_K7_HWCR; u32 eax, edx; @@ -12607,9 +12937,9 @@ index 4d3ff03..e4972ff 100644 - asm("wrmsr" : : "a" (eax), "d" (edx), "c" (ecx)); + asm volatile("wrmsr" : : "a" (eax), "d" (edx), "c" (ecx)); - get_flags(); /* Make sure it really did something */ - err = check_flags(); -@@ -218,9 +218,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) + get_cpuflags(); /* Make sure it really did something */ + err = check_cpuflags(); +@@ -132,9 +132,9 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) u32 ecx = MSR_VIA_FCR; u32 eax, edx; @@ -12620,8 +12950,8 @@ index 4d3ff03..e4972ff 100644 + asm volatile("wrmsr" : : "a" (eax), "d" (edx), "c" (ecx)); set_bit(X86_FEATURE_CX8, cpu.flags); - err = check_flags(); -@@ -231,12 +231,12 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) + err = check_cpuflags(); +@@ -145,12 +145,12 @@ int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr) u32 eax, edx; u32 level = 1; @@ -12636,13 +12966,13 @@ index 4d3ff03..e4972ff 100644 - asm("wrmsr" : : "a" (eax), "d" (edx), "c" (ecx)); + asm volatile("wrmsr" : : "a" (eax), "d" (edx), "c" (ecx)); - err = check_flags(); + err = check_cpuflags(); } diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S -index 9ec06a1..2c25e79 100644 +index ec3b8ba..6a0db1f 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S -@@ -409,10 +409,14 @@ setup_data: .quad 0 # 64-bit physical pointer to +@@ -416,10 +416,14 @@ setup_data: .quad 0 # 64-bit physical pointer to # single linked list of # struct setup_data @@ -13670,7 +14000,7 @@ index dbc4339..de6e120 100644 ################################################################ diff --git a/arch/x86/crypto/ghash-clmulni-intel_asm.S b/arch/x86/crypto/ghash-clmulni-intel_asm.S -index 586f41a..d02851e 100644 +index 185fad4..ff4cd36 100644 --- a/arch/x86/crypto/ghash-clmulni-intel_asm.S +++ b/arch/x86/crypto/ghash-clmulni-intel_asm.S @@ -18,6 +18,7 @@ @@ -13681,7 +14011,7 @@ index 586f41a..d02851e 100644 .data -@@ -93,6 +94,7 @@ __clmul_gf128mul_ble: +@@ -89,6 +90,7 @@ __clmul_gf128mul_ble: psrlq $1, T2 pxor T2, T1 pxor T1, DATA @@ -13689,7 +14019,7 @@ index 586f41a..d02851e 100644 ret ENDPROC(__clmul_gf128mul_ble) -@@ -105,6 +107,7 @@ ENTRY(clmul_ghash_mul) +@@ -101,6 +103,7 @@ ENTRY(clmul_ghash_mul) call __clmul_gf128mul_ble PSHUFB_XMM BSWAP DATA movups DATA, (%rdi) @@ -13697,21 +14027,13 @@ index 586f41a..d02851e 100644 ret ENDPROC(clmul_ghash_mul) -@@ -132,6 +135,7 @@ ENTRY(clmul_ghash_update) +@@ -128,5 +131,6 @@ ENTRY(clmul_ghash_update) PSHUFB_XMM BSWAP DATA movups DATA, (%rdi) .Lupdate_just_ret: + pax_force_retaddr ret ENDPROC(clmul_ghash_update) - -@@ -157,5 +161,6 @@ ENTRY(clmul_ghash_setkey) - pand .Lpoly, %xmm1 - pxor %xmm1, %xmm0 - movups %xmm0, (%rdi) -+ pax_force_retaddr - ret - ENDPROC(clmul_ghash_setkey) diff --git a/arch/x86/crypto/salsa20-x86_64-asm_64.S b/arch/x86/crypto/salsa20-x86_64-asm_64.S index 9279e0b..c4b3d2c 100644 --- a/arch/x86/crypto/salsa20-x86_64-asm_64.S @@ -16013,7 +16335,7 @@ index f50de69..2b0a458 100644 clac(); return ret; diff --git a/arch/x86/include/asm/cmpxchg.h b/arch/x86/include/asm/cmpxchg.h -index d47786a..ce1b05d 100644 +index d47786a..2d8883e 100644 --- a/arch/x86/include/asm/cmpxchg.h +++ b/arch/x86/include/asm/cmpxchg.h @@ -14,8 +14,12 @@ extern void __cmpxchg_wrong_size(void) @@ -16029,10 +16351,11 @@ index d47786a..ce1b05d 100644 /* * Constants for operation sizes. On 32-bit, the 64-bit size it set to -@@ -67,6 +71,34 @@ extern void __add_wrong_size(void) +@@ -67,6 +71,38 @@ extern void __add_wrong_size(void) __ret; \ }) ++#ifdef CONFIG_PAX_REFCOUNT +#define __xchg_op_check_overflow(ptr, arg, op, lock) \ + ({ \ + __typeof__ (*(ptr)) __ret = (arg); \ @@ -16060,11 +16383,14 @@ index d47786a..ce1b05d 100644 + } \ + __ret; \ + }) ++#else ++#define __xchg_op_check_overflow(ptr, arg, op, lock) __xchg_op(ptr, arg, op, lock) ++#endif + /* * Note: no "lock" prefix even on SMP: xchg always implies lock anyway. * Since this is generally used to protect other memory information, we -@@ -167,6 +199,9 @@ extern void __add_wrong_size(void) +@@ -167,6 +203,9 @@ extern void __add_wrong_size(void) #define xadd_sync(ptr, inc) __xadd((ptr), (inc), "lock; ") #define xadd_local(ptr, inc) __xadd((ptr), (inc), "") @@ -16088,7 +16414,7 @@ index 59c6c40..5e0b22c 100644 struct compat_timespec { compat_time_t tv_sec; diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h -index 89270b4..f0abf8e 100644 +index 5f12968..a383517 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -203,7 +203,7 @@ @@ -16109,7 +16435,7 @@ index 89270b4..f0abf8e 100644 #define X86_FEATURE_BMI2 (9*32+ 8) /* 2nd group bit manipulation extensions */ #define X86_FEATURE_ERMS (9*32+ 9) /* Enhanced REP MOVSB/STOSB */ #define X86_FEATURE_INVPCID (9*32+10) /* Invalidate Processor Context ID */ -@@ -353,6 +353,7 @@ extern const char * const x86_power_flags[32]; +@@ -358,6 +358,7 @@ extern const char * const x86_power_flags[32]; #undef cpu_has_centaur_mcr #define cpu_has_centaur_mcr 0 @@ -16117,7 +16443,7 @@ index 89270b4..f0abf8e 100644 #endif /* CONFIG_X86_64 */ #if __GNUC__ >= 4 -@@ -405,7 +406,8 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) +@@ -410,7 +411,8 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) #ifdef CONFIG_X86_DEBUG_STATIC_CPU_HAS t_warn: @@ -16127,7 +16453,7 @@ index 89270b4..f0abf8e 100644 return false; #endif -@@ -425,7 +427,7 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) +@@ -430,7 +432,7 @@ static __always_inline __pure bool __static_cpu_has(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (4f-3f) - (2b-1b)\n" /* size check */ ".previous\n" @@ -16136,7 +16462,7 @@ index 89270b4..f0abf8e 100644 "3: movb $1,%0\n" "4:\n" ".previous\n" -@@ -462,7 +464,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) +@@ -467,7 +469,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) " .byte 2b - 1b\n" /* src len */ " .byte 4f - 3f\n" /* repl len */ ".previous\n" @@ -16145,7 +16471,7 @@ index 89270b4..f0abf8e 100644 "3: .byte 0xe9\n .long %l[t_no] - 2b\n" "4:\n" ".previous\n" -@@ -495,7 +497,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) +@@ -500,7 +502,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (4f-3f) - (2b-1b)\n" /* size check */ ".previous\n" @@ -16154,7 +16480,7 @@ index 89270b4..f0abf8e 100644 "3: movb $0,%0\n" "4:\n" ".previous\n" -@@ -509,7 +511,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) +@@ -514,7 +516,7 @@ static __always_inline __pure bool _static_cpu_has_safe(u16 bit) ".section .discard,\"aw\",@progbits\n" " .byte 0xff + (6f-5f) - (4b-3b)\n" /* size check */ ".previous\n" @@ -16569,7 +16895,7 @@ index cea1c76..6c0d79b 100644 return fpu_restore_checking(&tsk->thread.fpu); diff --git a/arch/x86/include/asm/futex.h b/arch/x86/include/asm/futex.h -index be27ba1..04a8801 100644 +index b4c1f54..e290c08 100644 --- a/arch/x86/include/asm/futex.h +++ b/arch/x86/include/asm/futex.h @@ -12,6 +12,7 @@ @@ -16632,31 +16958,20 @@ index be27ba1..04a8801 100644 pagefault_enable(); -@@ -115,18 +119,20 @@ static inline int futex_atomic_cmpxchg_inatomic(u32 *uval, u32 __user *uaddr, - if (!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))) - return -EFAULT; - -+ pax_open_userland(); - asm volatile("\t" ASM_STAC "\n" -- "1:\t" LOCK_PREFIX "cmpxchgl %4, %2\n" -+ "1:\t" LOCK_PREFIX __copyuser_seg"cmpxchgl %4, %2\n" - "2:\t" ASM_CLAC "\n" - "\t.section .fixup, \"ax\"\n" - "3:\tmov %3, %0\n" - "\tjmp 2b\n" - "\t.previous\n" - _ASM_EXTABLE(1b, 3b) -- : "+r" (ret), "=a" (oldval), "+m" (*uaddr) -+ : "+r" (ret), "=a" (oldval), "+m" (*(u32 __user *)____m(uaddr)) - : "i" (-EFAULT), "r" (newval), "1" (oldval) - : "memory" - ); -+ pax_close_userland(); +diff --git a/arch/x86/include/asm/hugetlb.h b/arch/x86/include/asm/hugetlb.h +index a809121..68c0539 100644 +--- a/arch/x86/include/asm/hugetlb.h ++++ b/arch/x86/include/asm/hugetlb.h +@@ -52,6 +52,7 @@ static inline pte_t huge_ptep_get_and_clear(struct mm_struct *mm, + static inline void huge_ptep_clear_flush(struct vm_area_struct *vma, + unsigned long addr, pte_t *ptep) + { ++ ptep_clear_flush(vma, addr, ptep); + } - *uval = oldval; - return ret; + static inline int huge_pte_none(pte_t pte) diff --git a/arch/x86/include/asm/hw_irq.h b/arch/x86/include/asm/hw_irq.h -index cba45d9..86344ba 100644 +index 67d69b8..50e4b77 100644 --- a/arch/x86/include/asm/hw_irq.h +++ b/arch/x86/include/asm/hw_irq.h @@ -165,8 +165,8 @@ extern void setup_ioapic_dest(void); @@ -16684,7 +16999,7 @@ index a203659..9889f1c 100644 extern struct legacy_pic *legacy_pic; extern struct legacy_pic null_legacy_pic; diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h -index 34f69cb..6d95446 100644 +index 91d9c69..dfae7d0 100644 --- a/arch/x86/include/asm/io.h +++ b/arch/x86/include/asm/io.h @@ -51,12 +51,12 @@ static inline void name(type val, volatile void __iomem *addr) \ @@ -17251,7 +17566,7 @@ index 86f9301..b365cda 100644 void unregister_nmi_handler(unsigned int, const char *); diff --git a/arch/x86/include/asm/page.h b/arch/x86/include/asm/page.h -index c878924..21f4889 100644 +index 775873d..de5f0304 100644 --- a/arch/x86/include/asm/page.h +++ b/arch/x86/include/asm/page.h @@ -52,6 +52,7 @@ static inline void copy_user_page(void *to, void *from, unsigned long vaddr, @@ -17279,7 +17594,7 @@ index 0f1ddee..e2fc3d1 100644 unsigned long y = x - __START_KERNEL_map; diff --git a/arch/x86/include/asm/paravirt.h b/arch/x86/include/asm/paravirt.h -index 401f350..dee5d13 100644 +index cd6e1610..70f4418 100644 --- a/arch/x86/include/asm/paravirt.h +++ b/arch/x86/include/asm/paravirt.h @@ -560,7 +560,7 @@ static inline pmd_t __pmd(pmdval_t val) @@ -17364,7 +17679,7 @@ index 401f350..dee5d13 100644 #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h -index aab8f67..0fb0ee4 100644 +index 7549b8b..f0edfda 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h @@ -84,7 +84,7 @@ struct pv_init_ops { @@ -17523,7 +17838,7 @@ index c4412e9..90e88c5 100644 { return (pud_t *)get_zeroed_page(GFP_KERNEL|__GFP_REPEAT); diff --git a/arch/x86/include/asm/pgtable-2level.h b/arch/x86/include/asm/pgtable-2level.h -index 3bf2dd0..23d2a9f 100644 +index 0d193e2..bf59aeb 100644 --- a/arch/x86/include/asm/pgtable-2level.h +++ b/arch/x86/include/asm/pgtable-2level.h @@ -18,7 +18,9 @@ static inline void native_set_pte(pte_t *ptep , pte_t pte) @@ -17558,7 +17873,7 @@ index 81bb91b..9392125 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index 5ad38ad..71db3f2 100644 +index bbc8b12..f228861 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); @@ -17681,7 +17996,7 @@ index 5ad38ad..71db3f2 100644 #include <linux/mm_types.h> #include <linux/mmdebug.h> #include <linux/log2.h> -@@ -580,7 +655,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) +@@ -570,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) * Currently stuck as a macro due to indirect forward reference to * linux/mmzone.h's __section_mem_map_addr() definition: */ @@ -17690,7 +18005,7 @@ index 5ad38ad..71db3f2 100644 /* Find an entry in the second-level page table.. */ static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address) -@@ -620,7 +695,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) +@@ -610,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) * Currently stuck as a macro due to indirect forward reference to * linux/mmzone.h's __section_mem_map_addr() definition: */ @@ -17699,7 +18014,7 @@ index 5ad38ad..71db3f2 100644 /* to find an entry in a page-table-directory. */ static inline unsigned long pud_index(unsigned long address) -@@ -635,7 +710,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) +@@ -625,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) static inline int pgd_bad(pgd_t pgd) { @@ -17708,7 +18023,7 @@ index 5ad38ad..71db3f2 100644 } static inline int pgd_none(pgd_t pgd) -@@ -658,7 +733,12 @@ static inline int pgd_none(pgd_t pgd) +@@ -648,7 +723,12 @@ static inline int pgd_none(pgd_t pgd) * pgd_offset() returns a (pgd_t *) * pgd_index() is used get the offset into the pgd page's array of pgd_t's; */ @@ -17722,7 +18037,7 @@ index 5ad38ad..71db3f2 100644 /* * a shortcut which implies the use of the kernel's pgd, instead * of a process's -@@ -669,6 +749,23 @@ static inline int pgd_none(pgd_t pgd) +@@ -659,6 +739,23 @@ static inline int pgd_none(pgd_t pgd) #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) @@ -17746,7 +18061,7 @@ index 5ad38ad..71db3f2 100644 #ifndef __ASSEMBLY__ extern int direct_gbpages; -@@ -835,11 +932,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, +@@ -825,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, * dst and src can be on the same page, but the range must not overlap, * and must not cross a page boundary. */ @@ -17907,11 +18222,11 @@ index e22c1db..23a625a 100644 } diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h -index 2d88344..4679fc3 100644 +index c883bf7..19970b3 100644 --- a/arch/x86/include/asm/pgtable_64_types.h +++ b/arch/x86/include/asm/pgtable_64_types.h @@ -61,6 +61,11 @@ typedef struct { pteval_t pte; } pte_t; - #define MODULES_VADDR _AC(0xffffffffa0000000, UL) + #define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE) #define MODULES_END _AC(0xffffffffff000000, UL) #define MODULES_LEN (MODULES_END - MODULES_VADDR) +#define MODULES_EXEC_VADDR MODULES_VADDR @@ -17923,7 +18238,7 @@ index 2d88344..4679fc3 100644 #define EARLY_DYNAMIC_PAGE_TABLES 64 diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h -index 840c127..a8f297b 100644 +index 94e40f1..ebd03e4 100644 --- a/arch/x86/include/asm/pgtable_types.h +++ b/arch/x86/include/asm/pgtable_types.h @@ -16,13 +16,12 @@ @@ -18038,10 +18353,10 @@ index 840c127..a8f297b 100644 #define pgprot_writecombine pgprot_writecombine extern pgprot_t pgprot_writecombine(pgprot_t prot); diff --git a/arch/x86/include/asm/preempt.h b/arch/x86/include/asm/preempt.h -index c8b0519..fd29e73 100644 +index b39e194..9d44fd1 100644 --- a/arch/x86/include/asm/preempt.h +++ b/arch/x86/include/asm/preempt.h -@@ -87,7 +87,7 @@ static __always_inline void __preempt_count_sub(int val) +@@ -99,7 +99,7 @@ static __always_inline void __preempt_count_sub(int val) */ static __always_inline bool __preempt_count_dec_and_test(void) { @@ -18051,7 +18366,7 @@ index c8b0519..fd29e73 100644 /* diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h -index 7b034a4..4fe3e3f 100644 +index fdedd38..95c02c2 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -128,7 +128,7 @@ struct cpuinfo_x86 { @@ -18095,7 +18410,7 @@ index 7b034a4..4fe3e3f 100644 /* * Save the original ist values for checking stack pointers during debugging -@@ -453,6 +465,7 @@ struct thread_struct { +@@ -470,6 +482,7 @@ struct thread_struct { unsigned short ds; unsigned short fsindex; unsigned short gsindex; @@ -18103,7 +18418,7 @@ index 7b034a4..4fe3e3f 100644 #endif #ifdef CONFIG_X86_32 unsigned long ip; -@@ -562,29 +575,8 @@ static inline void load_sp0(struct tss_struct *tss, +@@ -579,29 +592,8 @@ static inline void load_sp0(struct tss_struct *tss, extern unsigned long mmu_cr4_features; extern u32 *trampoline_cr4_features; @@ -18135,7 +18450,7 @@ index 7b034a4..4fe3e3f 100644 typedef struct { unsigned long seg; -@@ -833,11 +825,18 @@ static inline void spin_lock_prefetch(const void *x) +@@ -827,11 +819,18 @@ static inline void spin_lock_prefetch(const void *x) */ #define TASK_SIZE PAGE_OFFSET #define TASK_SIZE_MAX TASK_SIZE @@ -18156,7 +18471,7 @@ index 7b034a4..4fe3e3f 100644 .vm86_info = NULL, \ .sysenter_cs = __KERNEL_CS, \ .io_bitmap_ptr = NULL, \ -@@ -851,7 +850,7 @@ static inline void spin_lock_prefetch(const void *x) +@@ -845,7 +844,7 @@ static inline void spin_lock_prefetch(const void *x) */ #define INIT_TSS { \ .x86_tss = { \ @@ -18165,7 +18480,7 @@ index 7b034a4..4fe3e3f 100644 .ss0 = __KERNEL_DS, \ .ss1 = __KERNEL_CS, \ .io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \ -@@ -862,11 +861,7 @@ static inline void spin_lock_prefetch(const void *x) +@@ -856,11 +855,7 @@ static inline void spin_lock_prefetch(const void *x) extern unsigned long thread_saved_pc(struct task_struct *tsk); #define THREAD_SIZE_LONGS (THREAD_SIZE/sizeof(unsigned long)) @@ -18178,7 +18493,7 @@ index 7b034a4..4fe3e3f 100644 /* * The below -8 is to reserve 8 bytes on top of the ring0 stack. -@@ -881,7 +876,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); +@@ -875,7 +870,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); #define task_pt_regs(task) \ ({ \ struct pt_regs *__regs__; \ @@ -18187,7 +18502,7 @@ index 7b034a4..4fe3e3f 100644 __regs__ - 1; \ }) -@@ -891,13 +886,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); +@@ -885,13 +880,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); /* * User space process size. 47bits minus one guard page. */ @@ -18203,7 +18518,7 @@ index 7b034a4..4fe3e3f 100644 #define TASK_SIZE (test_thread_flag(TIF_ADDR32) ? \ IA32_PAGE_OFFSET : TASK_SIZE_MAX) -@@ -908,11 +903,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); +@@ -902,11 +897,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); #define STACK_TOP_MAX TASK_SIZE_MAX #define INIT_THREAD { \ @@ -18217,7 +18532,7 @@ index 7b034a4..4fe3e3f 100644 } /* -@@ -940,6 +935,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, +@@ -934,6 +929,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, */ #define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 3)) @@ -18228,7 +18543,7 @@ index 7b034a4..4fe3e3f 100644 #define KSTK_EIP(task) (task_pt_regs(task)->ip) /* Get/set a process' ability to use the timestamp counter instruction */ -@@ -966,7 +965,7 @@ static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves) +@@ -960,7 +959,7 @@ static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves) return 0; } @@ -18237,7 +18552,7 @@ index 7b034a4..4fe3e3f 100644 extern void free_init_pages(char *what, unsigned long begin, unsigned long end); void default_idle(void); -@@ -976,6 +975,6 @@ bool xen_set_default_idle(void); +@@ -970,6 +969,6 @@ bool xen_set_default_idle(void); #define xen_set_default_idle 0 #endif @@ -18246,10 +18561,10 @@ index 7b034a4..4fe3e3f 100644 void df_debug(struct pt_regs *regs, long error_code); #endif /* _ASM_X86_PROCESSOR_H */ diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h -index 942a086..6c26446 100644 +index 14fd6fd..6740420 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h -@@ -85,28 +85,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) +@@ -84,28 +84,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) } /* @@ -18285,7 +18600,7 @@ index 942a086..6c26446 100644 #endif } -@@ -122,15 +123,16 @@ static inline int v8086_mode(struct pt_regs *regs) +@@ -121,15 +122,16 @@ static inline int v8086_mode(struct pt_regs *regs) #ifdef CONFIG_X86_64 static inline bool user_64bit_mode(struct pt_regs *regs) { @@ -18304,7 +18619,7 @@ index 942a086..6c26446 100644 #endif } -@@ -181,9 +183,11 @@ static inline unsigned long regs_get_register(struct pt_regs *regs, +@@ -180,9 +182,11 @@ static inline unsigned long regs_get_register(struct pt_regs *regs, * Traps from the kernel do not save sp and ss. * Use the helper function to retrieve sp. */ @@ -18788,10 +19103,10 @@ index 8d3120f..352b440 100644 static __always_inline void clac(void) diff --git a/arch/x86/include/asm/smp.h b/arch/x86/include/asm/smp.h -index 4137890..03fa172 100644 +index 8cd27e0..7f05ec8 100644 --- a/arch/x86/include/asm/smp.h +++ b/arch/x86/include/asm/smp.h -@@ -36,7 +36,7 @@ DECLARE_PER_CPU_READ_MOSTLY(cpumask_var_t, cpu_core_map); +@@ -35,7 +35,7 @@ DECLARE_PER_CPU_READ_MOSTLY(cpumask_var_t, cpu_core_map); /* cpus sharing the last level cache: */ DECLARE_PER_CPU_READ_MOSTLY(cpumask_var_t, cpu_llc_shared_map); DECLARE_PER_CPU_READ_MOSTLY(u16, cpu_llc_id); @@ -18800,7 +19115,7 @@ index 4137890..03fa172 100644 static inline struct cpumask *cpu_sibling_mask(int cpu) { -@@ -79,7 +79,7 @@ struct smp_ops { +@@ -78,7 +78,7 @@ struct smp_ops { void (*send_call_func_ipi)(const struct cpumask *mask); void (*send_call_func_single_ipi)(int cpu); @@ -18809,7 +19124,7 @@ index 4137890..03fa172 100644 /* Globals due to paravirt */ extern void set_cpu_sibling_map(int cpu); -@@ -191,14 +191,8 @@ extern unsigned disabled_cpus; +@@ -190,14 +190,8 @@ extern unsigned disabled_cpus; extern int safe_smp_processor_id(void); #elif defined(CONFIG_X86_64_SMP) @@ -18827,10 +19142,10 @@ index 4137890..03fa172 100644 #endif diff --git a/arch/x86/include/asm/spinlock.h b/arch/x86/include/asm/spinlock.h -index bf156de..1a782ab 100644 +index 0f62f54..cb5d0dd 100644 --- a/arch/x86/include/asm/spinlock.h +++ b/arch/x86/include/asm/spinlock.h -@@ -223,6 +223,14 @@ static inline int arch_write_can_lock(arch_rwlock_t *lock) +@@ -222,6 +222,14 @@ static inline int arch_write_can_lock(arch_rwlock_t *lock) static inline void arch_read_lock(arch_rwlock_t *rw) { asm volatile(LOCK_PREFIX READ_LOCK_SIZE(dec) " (%0)\n\t" @@ -18845,7 +19160,7 @@ index bf156de..1a782ab 100644 "jns 1f\n" "call __read_lock_failed\n\t" "1:\n" -@@ -232,6 +240,14 @@ static inline void arch_read_lock(arch_rwlock_t *rw) +@@ -231,6 +239,14 @@ static inline void arch_read_lock(arch_rwlock_t *rw) static inline void arch_write_lock(arch_rwlock_t *rw) { asm volatile(LOCK_PREFIX WRITE_LOCK_SUB(%1) "(%0)\n\t" @@ -18860,7 +19175,7 @@ index bf156de..1a782ab 100644 "jz 1f\n" "call __write_lock_failed\n\t" "1:\n" -@@ -261,13 +277,29 @@ static inline int arch_write_trylock(arch_rwlock_t *lock) +@@ -260,13 +276,29 @@ static inline int arch_write_trylock(arch_rwlock_t *lock) static inline void arch_read_unlock(arch_rwlock_t *rw) { @@ -18990,7 +19305,7 @@ index d7f3b3b..3cc39f1 100644 __switch_canary_iparam \ : "memory", "cc" __EXTRA_CLOBBER) diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h -index 3ba3de4..6c113b2 100644 +index e1940c0..ac50dd8 100644 --- a/arch/x86/include/asm/thread_info.h +++ b/arch/x86/include/asm/thread_info.h @@ -10,6 +10,7 @@ @@ -19078,43 +19393,16 @@ index 3ba3de4..6c113b2 100644 /* Only used for 64 bit */ #define _TIF_DO_NOTIFY_MASK \ -@@ -153,45 +149,40 @@ struct thread_info { +@@ -153,6 +149,23 @@ struct thread_info { #define _TIF_WORK_CTXSW_PREV (_TIF_WORK_CTXSW|_TIF_USER_RETURN_NOTIFY) #define _TIF_WORK_CTXSW_NEXT (_TIF_WORK_CTXSW) --#ifdef CONFIG_X86_32 -- --#define STACK_WARN (THREAD_SIZE/8) --/* -- * macros/functions for gaining access to the thread information structure -- * -- * preempt_count needs to be 1 initially, until the scheduler is functional. -- */ --#ifndef __ASSEMBLY__ -- -- --/* how to get the current stack pointer from C */ --register unsigned long current_stack_pointer asm("esp") __used; -- --/* how to get the thread information struct from C */ --static inline struct thread_info *current_thread_info(void) --{ -- return (struct thread_info *) -- (current_stack_pointer & ~(THREAD_SIZE - 1)); --} -- --#else /* !__ASSEMBLY__ */ -- +#ifdef __ASSEMBLY__ - /* how to get the thread information struct from ASM */ - #define GET_THREAD_INFO(reg) \ -- movl $-THREAD_SIZE, reg; \ -- andl %esp, reg ++/* how to get the thread information struct from ASM */ ++#define GET_THREAD_INFO(reg) \ + mov PER_CPU_VAR(current_tinfo), reg - - /* use this one if reg already contains %esp */ --#define GET_THREAD_INFO_WITH_ESP(reg) \ -- andl $-THREAD_SIZE, reg ++ ++/* use this one if reg already contains %esp */ +#define GET_THREAD_INFO_WITH_ESP(reg) GET_THREAD_INFO(reg) +#else +/* how to get the thread information struct from C */ @@ -19126,19 +19414,31 @@ index 3ba3de4..6c113b2 100644 +} +#endif + -+#ifdef CONFIG_X86_32 -+ -+#define STACK_WARN (THREAD_SIZE/8) -+/* -+ * macros/functions for gaining access to the thread information structure -+ * -+ * preempt_count needs to be 1 initially, until the scheduler is functional. -+ */ -+#ifndef __ASSEMBLY__ -+ -+/* how to get the current stack pointer from C */ -+register unsigned long current_stack_pointer asm("esp") __used; + #ifdef CONFIG_X86_32 + + #define STACK_WARN (THREAD_SIZE/8) +@@ -169,31 +182,10 @@ struct thread_info { + sp; \ + }) +-/* how to get the thread information struct from C */ +-static inline struct thread_info *current_thread_info(void) +-{ +- return (struct thread_info *) +- (current_stack_pointer & ~(THREAD_SIZE - 1)); +-} +- +-#else /* !__ASSEMBLY__ */ +- +-/* how to get the thread information struct from ASM */ +-#define GET_THREAD_INFO(reg) \ +- movl $-THREAD_SIZE, reg; \ +- andl %esp, reg +- +-/* use this one if reg already contains %esp */ +-#define GET_THREAD_INFO_WITH_ESP(reg) \ +- andl $-THREAD_SIZE, reg +- #endif #else /* X86_32 */ @@ -19149,7 +19449,7 @@ index 3ba3de4..6c113b2 100644 /* * macros/functions for gaining access to the thread information structure * preempt_count needs to be 1 initially, until the scheduler is functional. -@@ -199,27 +190,8 @@ static inline struct thread_info *current_thread_info(void) +@@ -201,27 +193,8 @@ static inline struct thread_info *current_thread_info(void) #ifndef __ASSEMBLY__ DECLARE_PER_CPU(unsigned long, kernel_stack); @@ -19179,7 +19479,7 @@ index 3ba3de4..6c113b2 100644 #endif #endif /* !X86_32 */ -@@ -278,5 +250,12 @@ static inline bool is_ia32_task(void) +@@ -280,5 +253,12 @@ static inline bool is_ia32_task(void) extern void arch_task_cache_init(void); extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); extern void arch_release_task_struct(struct task_struct *tsk); @@ -19193,7 +19493,7 @@ index 3ba3de4..6c113b2 100644 #endif #endif /* _ASM_X86_THREAD_INFO_H */ diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h -index e6d90ba..f81f114 100644 +index 04905bf..49203ca 100644 --- a/arch/x86/include/asm/tlbflush.h +++ b/arch/x86/include/asm/tlbflush.h @@ -17,18 +17,44 @@ @@ -19290,7 +19590,7 @@ index e6d90ba..f81f114 100644 } diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h -index 8ec57c0..451bcfc 100644 +index 0d592e0..7437fcc 100644 --- a/arch/x86/include/asm/uaccess.h +++ b/arch/x86/include/asm/uaccess.h @@ -7,6 +7,7 @@ @@ -19314,36 +19614,38 @@ index 8ec57c0..451bcfc 100644 #define segment_eq(a, b) ((a).seg == (b).seg) -@@ -77,8 +83,34 @@ +@@ -85,8 +91,36 @@ static inline bool __chk_range_not_ok(unsigned long addr, unsigned long size, un * checks that the pointer is in the user space range - after calling * this function, memory access functions may still return -EFAULT. */ -#define access_ok(type, addr, size) \ -- (likely(__range_not_ok(addr, size, user_addr_max()) == 0)) +- likely(!__range_not_ok(addr, size, user_addr_max())) +extern int _cond_resched(void); -+#define access_ok_noprefault(type, addr, size) (likely(__range_not_ok(addr, size, user_addr_max()) == 0)) ++#define access_ok_noprefault(type, addr, size) (likely(!__range_not_ok(addr, size, user_addr_max()))) +#define access_ok(type, addr, size) \ +({ \ -+ long __size = size; \ ++ unsigned long __size = size; \ + unsigned long __addr = (unsigned long)addr; \ -+ unsigned long __addr_ao = __addr & PAGE_MASK; \ -+ unsigned long __end_ao = __addr + __size - 1; \ + bool __ret_ao = __range_not_ok(__addr, __size, user_addr_max()) == 0;\ -+ if (__ret_ao && unlikely((__end_ao ^ __addr_ao) & PAGE_MASK)) { \ -+ while(__addr_ao <= __end_ao) { \ -+ char __c_ao; \ -+ __addr_ao += PAGE_SIZE; \ -+ if (__size > PAGE_SIZE) \ -+ _cond_resched(); \ -+ if (__get_user(__c_ao, (char __user *)__addr)) \ -+ break; \ -+ if (type != VERIFY_WRITE) { \ ++ if (__ret_ao && __size) { \ ++ unsigned long __addr_ao = __addr & PAGE_MASK; \ ++ unsigned long __end_ao = __addr + __size - 1; \ ++ if (unlikely((__end_ao ^ __addr_ao) & PAGE_MASK)) { \ ++ while (__addr_ao <= __end_ao) { \ ++ char __c_ao; \ ++ __addr_ao += PAGE_SIZE; \ ++ if (__size > PAGE_SIZE) \ ++ _cond_resched(); \ ++ if (__get_user(__c_ao, (char __user *)__addr)) \ ++ break; \ ++ if (type != VERIFY_WRITE) { \ ++ __addr = __addr_ao; \ ++ continue; \ ++ } \ ++ if (__put_user(__c_ao, (char __user *)__addr)) \ ++ break; \ + __addr = __addr_ao; \ -+ continue; \ + } \ -+ if (__put_user(__c_ao, (char __user *)__addr)) \ -+ break; \ -+ __addr = __addr_ao; \ + } \ + } \ + __ret_ao; \ @@ -19351,7 +19653,7 @@ index 8ec57c0..451bcfc 100644 /* * The exception table consists of pairs of addresses relative to the -@@ -168,10 +200,12 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -176,10 +210,12 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) register __inttype(*(ptr)) __val_gu asm("%"_ASM_DX); \ __chk_user_ptr(ptr); \ might_fault(); \ @@ -19364,7 +19666,7 @@ index 8ec57c0..451bcfc 100644 __ret_gu; \ }) -@@ -179,13 +213,21 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -187,13 +223,21 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) asm volatile("call __put_user_" #size : "=a" (__ret_pu) \ : "0" ((typeof(*(ptr)))(x)), "c" (ptr) : "ebx") @@ -19389,7 +19691,7 @@ index 8ec57c0..451bcfc 100644 "3: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "4: movl %3,%0\n" \ -@@ -198,8 +240,8 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) +@@ -206,8 +250,8 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL)) #define __put_user_asm_ex_u64(x, addr) \ asm volatile(ASM_STAC "\n" \ @@ -19400,7 +19702,7 @@ index 8ec57c0..451bcfc 100644 "3: " ASM_CLAC "\n" \ _ASM_EXTABLE_EX(1b, 2b) \ _ASM_EXTABLE_EX(2b, 3b) \ -@@ -249,7 +291,8 @@ extern void __put_user_8(void); +@@ -257,7 +301,8 @@ extern void __put_user_8(void); __typeof__(*(ptr)) __pu_val; \ __chk_user_ptr(ptr); \ might_fault(); \ @@ -19410,7 +19712,7 @@ index 8ec57c0..451bcfc 100644 switch (sizeof(*(ptr))) { \ case 1: \ __put_user_x(1, __pu_val, ptr, __ret_pu); \ -@@ -267,6 +310,7 @@ extern void __put_user_8(void); +@@ -275,6 +320,7 @@ extern void __put_user_8(void); __put_user_x(X, __pu_val, ptr, __ret_pu); \ break; \ } \ @@ -19418,7 +19720,7 @@ index 8ec57c0..451bcfc 100644 __ret_pu; \ }) -@@ -347,8 +391,10 @@ do { \ +@@ -355,8 +401,10 @@ do { \ } while (0) #define __get_user_asm(x, addr, err, itype, rtype, ltype, errret) \ @@ -19430,7 +19732,7 @@ index 8ec57c0..451bcfc 100644 "2: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ -@@ -356,8 +402,10 @@ do { \ +@@ -364,8 +412,10 @@ do { \ " jmp 2b\n" \ ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ @@ -19443,7 +19745,7 @@ index 8ec57c0..451bcfc 100644 #define __get_user_size_ex(x, ptr, size) \ do { \ -@@ -381,7 +429,7 @@ do { \ +@@ -389,7 +439,7 @@ do { \ } while (0) #define __get_user_asm_ex(x, addr, itype, rtype, ltype) \ @@ -19452,7 +19754,7 @@ index 8ec57c0..451bcfc 100644 "2:\n" \ _ASM_EXTABLE_EX(1b, 2b) \ : ltype(x) : "m" (__m(addr))) -@@ -398,13 +446,24 @@ do { \ +@@ -406,13 +456,24 @@ do { \ int __gu_err; \ unsigned long __gu_val; \ __get_user_size(__gu_val, (ptr), (size), __gu_err, -EFAULT); \ @@ -19479,7 +19781,7 @@ index 8ec57c0..451bcfc 100644 /* * Tell gcc we read from memory instead of writing: this is because -@@ -412,8 +471,10 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -420,8 +481,10 @@ struct __large_struct { unsigned long buf[100]; }; * aliasing issues. */ #define __put_user_asm(x, addr, err, itype, rtype, ltype, errret) \ @@ -19491,7 +19793,7 @@ index 8ec57c0..451bcfc 100644 "2: " ASM_CLAC "\n" \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ -@@ -421,10 +482,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -429,10 +492,12 @@ struct __large_struct { unsigned long buf[100]; }; ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ : "=r"(err) \ @@ -19506,7 +19808,7 @@ index 8ec57c0..451bcfc 100644 "2:\n" \ _ASM_EXTABLE_EX(1b, 2b) \ : : ltype(x), "m" (__m(addr))) -@@ -434,11 +497,13 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -442,11 +507,13 @@ struct __large_struct { unsigned long buf[100]; }; */ #define uaccess_try do { \ current_thread_info()->uaccess_err = 0; \ @@ -19520,7 +19822,7 @@ index 8ec57c0..451bcfc 100644 (err) |= (current_thread_info()->uaccess_err ? -EFAULT : 0); \ } while (0) -@@ -463,8 +528,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -471,8 +538,12 @@ struct __large_struct { unsigned long buf[100]; }; * On error, the variable @x is set to zero. */ @@ -19533,7 +19835,7 @@ index 8ec57c0..451bcfc 100644 /** * __put_user: - Write a simple value into user space, with less checking. -@@ -486,8 +555,12 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -494,8 +565,12 @@ struct __large_struct { unsigned long buf[100]; }; * Returns zero on success, or -EFAULT on error. */ @@ -19546,7 +19848,7 @@ index 8ec57c0..451bcfc 100644 #define __get_user_unaligned __get_user #define __put_user_unaligned __put_user -@@ -505,7 +578,7 @@ struct __large_struct { unsigned long buf[100]; }; +@@ -513,7 +588,7 @@ struct __large_struct { unsigned long buf[100]; }; #define get_user_ex(x, ptr) do { \ unsigned long __gue_val; \ __get_user_size_ex((__gue_val), (ptr), (sizeof(*(ptr)))); \ @@ -19555,7 +19857,88 @@ index 8ec57c0..451bcfc 100644 } while (0) #define put_user_try uaccess_try -@@ -536,17 +609,6 @@ extern struct movsl_mask { +@@ -542,18 +617,19 @@ extern void __cmpxchg_wrong_size(void) + __typeof__(ptr) __uval = (uval); \ + __typeof__(*(ptr)) __old = (old); \ + __typeof__(*(ptr)) __new = (new); \ ++ pax_open_userland(); \ + switch (size) { \ + case 1: \ + { \ + asm volatile("\t" ASM_STAC "\n" \ +- "1:\t" LOCK_PREFIX "cmpxchgb %4, %2\n" \ ++ "1:\t" LOCK_PREFIX __copyuser_seg"cmpxchgb %4, %2\n"\ + "2:\t" ASM_CLAC "\n" \ + "\t.section .fixup, \"ax\"\n" \ + "3:\tmov %3, %0\n" \ + "\tjmp 2b\n" \ + "\t.previous\n" \ + _ASM_EXTABLE(1b, 3b) \ +- : "+r" (__ret), "=a" (__old), "+m" (*(ptr)) \ ++ : "+r" (__ret), "=a" (__old), "+m" (*____m(ptr))\ + : "i" (-EFAULT), "q" (__new), "1" (__old) \ + : "memory" \ + ); \ +@@ -562,14 +638,14 @@ extern void __cmpxchg_wrong_size(void) + case 2: \ + { \ + asm volatile("\t" ASM_STAC "\n" \ +- "1:\t" LOCK_PREFIX "cmpxchgw %4, %2\n" \ ++ "1:\t" LOCK_PREFIX __copyuser_seg"cmpxchgw %4, %2\n"\ + "2:\t" ASM_CLAC "\n" \ + "\t.section .fixup, \"ax\"\n" \ + "3:\tmov %3, %0\n" \ + "\tjmp 2b\n" \ + "\t.previous\n" \ + _ASM_EXTABLE(1b, 3b) \ +- : "+r" (__ret), "=a" (__old), "+m" (*(ptr)) \ ++ : "+r" (__ret), "=a" (__old), "+m" (*____m(ptr))\ + : "i" (-EFAULT), "r" (__new), "1" (__old) \ + : "memory" \ + ); \ +@@ -578,14 +654,14 @@ extern void __cmpxchg_wrong_size(void) + case 4: \ + { \ + asm volatile("\t" ASM_STAC "\n" \ +- "1:\t" LOCK_PREFIX "cmpxchgl %4, %2\n" \ ++ "1:\t" LOCK_PREFIX __copyuser_seg"cmpxchgl %4, %2\n"\ + "2:\t" ASM_CLAC "\n" \ + "\t.section .fixup, \"ax\"\n" \ + "3:\tmov %3, %0\n" \ + "\tjmp 2b\n" \ + "\t.previous\n" \ + _ASM_EXTABLE(1b, 3b) \ +- : "+r" (__ret), "=a" (__old), "+m" (*(ptr)) \ ++ : "+r" (__ret), "=a" (__old), "+m" (*____m(ptr))\ + : "i" (-EFAULT), "r" (__new), "1" (__old) \ + : "memory" \ + ); \ +@@ -597,14 +673,14 @@ extern void __cmpxchg_wrong_size(void) + __cmpxchg_wrong_size(); \ + \ + asm volatile("\t" ASM_STAC "\n" \ +- "1:\t" LOCK_PREFIX "cmpxchgq %4, %2\n" \ ++ "1:\t" LOCK_PREFIX __copyuser_seg"cmpxchgq %4, %2\n"\ + "2:\t" ASM_CLAC "\n" \ + "\t.section .fixup, \"ax\"\n" \ + "3:\tmov %3, %0\n" \ + "\tjmp 2b\n" \ + "\t.previous\n" \ + _ASM_EXTABLE(1b, 3b) \ +- : "+r" (__ret), "=a" (__old), "+m" (*(ptr)) \ ++ : "+r" (__ret), "=a" (__old), "+m" (*____m(ptr))\ + : "i" (-EFAULT), "r" (__new), "1" (__old) \ + : "memory" \ + ); \ +@@ -613,6 +689,7 @@ extern void __cmpxchg_wrong_size(void) + default: \ + __cmpxchg_wrong_size(); \ + } \ ++ pax_close_userland(); \ + *__uval = __old; \ + __ret; \ + }) +@@ -636,17 +713,6 @@ extern struct movsl_mask { #define ARCH_HAS_NOCACHE_UACCESS 1 @@ -19573,7 +19956,7 @@ index 8ec57c0..451bcfc 100644 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS # define copy_user_diag __compiletime_error #else -@@ -556,7 +618,7 @@ unsigned long __must_check _copy_to_user(void __user *to, const void *from, +@@ -656,7 +722,7 @@ unsigned long __must_check _copy_to_user(void __user *to, const void *from, extern void copy_user_diag("copy_from_user() buffer size is too small") copy_from_user_overflow(void); extern void copy_user_diag("copy_to_user() buffer size is too small") @@ -19582,7 +19965,7 @@ index 8ec57c0..451bcfc 100644 #undef copy_user_diag -@@ -569,7 +631,7 @@ __copy_from_user_overflow(void) __asm__("copy_from_user_overflow"); +@@ -669,7 +735,7 @@ __copy_from_user_overflow(void) __asm__("copy_from_user_overflow"); extern void __compiletime_warning("copy_to_user() buffer size is not provably correct") @@ -19591,7 +19974,7 @@ index 8ec57c0..451bcfc 100644 #define __copy_to_user_overflow(size, count) __copy_to_user_overflow() #else -@@ -584,10 +646,16 @@ __copy_from_user_overflow(int size, unsigned long count) +@@ -684,10 +750,16 @@ __copy_from_user_overflow(int size, unsigned long count) #endif @@ -19609,7 +19992,7 @@ index 8ec57c0..451bcfc 100644 might_fault(); -@@ -609,12 +677,15 @@ copy_from_user(void *to, const void __user *from, unsigned long n) +@@ -709,12 +781,15 @@ copy_from_user(void *to, const void __user *from, unsigned long n) * case, and do only runtime checking for non-constant sizes. */ @@ -19631,7 +20014,7 @@ index 8ec57c0..451bcfc 100644 return n; } -@@ -622,17 +693,18 @@ copy_from_user(void *to, const void __user *from, unsigned long n) +@@ -722,17 +797,18 @@ copy_from_user(void *to, const void __user *from, unsigned long n) static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) { @@ -19727,7 +20110,7 @@ index 3c03a5d..1071638 100644 #endif /* _ASM_X86_UACCESS_32_H */ diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h -index 190413d..206c200 100644 +index 12a26b9..206c200 100644 --- a/arch/x86/include/asm/uaccess_64.h +++ b/arch/x86/include/asm/uaccess_64.h @@ -10,6 +10,9 @@ @@ -20005,8 +20388,7 @@ index 190413d..206c200 100644 +static __must_check __always_inline unsigned long +__copy_from_user_inatomic(void *dst, const void __user *src, unsigned long size) { -- return __copy_from_user_nocheck(dst, (__force const void *)src, size); -+ return __copy_from_user_nocheck(dst, src, size); + return __copy_from_user_nocheck(dst, src, size); } -static __must_check __always_inline int @@ -20014,8 +20396,7 @@ index 190413d..206c200 100644 +static __must_check __always_inline unsigned long +__copy_to_user_inatomic(void __user *dst, const void *src, unsigned long size) { -- return __copy_to_user_nocheck((__force void *)dst, src, size); -+ return __copy_to_user_nocheck(dst, src, size); + return __copy_to_user_nocheck(dst, src, size); } -extern long __copy_user_nocache(void *dst, const void __user *src, @@ -20077,7 +20458,7 @@ index 5b238981..77fdd78 100644 #define WORD_AT_A_TIME_CONSTANTS { REPEAT_BYTE(0x01), REPEAT_BYTE(0x80) } diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h -index 0f1be11..f7542bf 100644 +index e45e4da..44e8572 100644 --- a/arch/x86/include/asm/x86_init.h +++ b/arch/x86/include/asm/x86_init.h @@ -129,7 +129,7 @@ struct x86_init_ops { @@ -20126,7 +20507,7 @@ index 0f1be11..f7542bf 100644 extern struct x86_init_ops x86_init; extern struct x86_cpuinit_ops x86_cpuinit; diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/page.h -index b913915..4f5a581 100644 +index 3e276eb..2eb3c30 100644 --- a/arch/x86/include/asm/xen/page.h +++ b/arch/x86/include/asm/xen/page.h @@ -56,7 +56,7 @@ extern int m2p_remove_override(struct page *page, @@ -20139,10 +20520,10 @@ index b913915..4f5a581 100644 unsigned long mfn; diff --git a/arch/x86/include/asm/xsave.h b/arch/x86/include/asm/xsave.h -index 0415cda..3b22adc 100644 +index 6c1d741..39e6ecf 100644 --- a/arch/x86/include/asm/xsave.h +++ b/arch/x86/include/asm/xsave.h -@@ -70,8 +70,11 @@ static inline int xsave_user(struct xsave_struct __user *buf) +@@ -80,8 +80,11 @@ static inline int xsave_user(struct xsave_struct __user *buf) if (unlikely(err)) return -EFAULT; @@ -20155,7 +20536,7 @@ index 0415cda..3b22adc 100644 "2: " ASM_CLAC "\n" ".section .fixup,\"ax\"\n" "3: movl $-1,%[err]\n" -@@ -81,18 +84,22 @@ static inline int xsave_user(struct xsave_struct __user *buf) +@@ -91,18 +94,22 @@ static inline int xsave_user(struct xsave_struct __user *buf) : [err] "=r" (err) : "D" (buf), "a" (-1), "d" (-1), "0" (0) : "memory"); @@ -20180,7 +20561,7 @@ index 0415cda..3b22adc 100644 "2: " ASM_CLAC "\n" ".section .fixup,\"ax\"\n" "3: movl $-1,%[err]\n" -@@ -102,6 +109,7 @@ static inline int xrestore_user(struct xsave_struct __user *buf, u64 mask) +@@ -112,6 +119,7 @@ static inline int xrestore_user(struct xsave_struct __user *buf, u64 mask) : [err] "=r" (err) : "D" (xstate), "a" (lmask), "d" (hmask), "0" (0) : "memory"); /* memory required? */ @@ -20214,7 +20595,7 @@ index 7b0a55a..ad115bf 100644 /* top of stack page */ diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile -index 9b0a34e..fc7e553 100644 +index cb648c8..91cb07e 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -24,7 +24,7 @@ obj-y += time.o ioport.o ldt.o dumpstack.o nmi.o @@ -20227,10 +20608,10 @@ index 9b0a34e..fc7e553 100644 obj-y += syscall_$(BITS).o obj-$(CONFIG_X86_64) += vsyscall_64.o diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c -index 6c0b43b..e67bb31 100644 +index 1dac942..19c8b0c 100644 --- a/arch/x86/kernel/acpi/boot.c +++ b/arch/x86/kernel/acpi/boot.c -@@ -1315,7 +1315,7 @@ static int __init dmi_ignore_irq0_timer_override(const struct dmi_system_id *d) +@@ -1312,7 +1312,7 @@ static int __init dmi_ignore_irq0_timer_override(const struct dmi_system_id *d) * If your system is blacklisted here, but you find that acpi=force * works for you, please contact linux-acpi@vger.kernel.org */ @@ -20239,7 +20620,7 @@ index 6c0b43b..e67bb31 100644 /* * Boxes that need ACPI disabled */ -@@ -1390,7 +1390,7 @@ static struct dmi_system_id __initdata acpi_dmi_table[] = { +@@ -1387,7 +1387,7 @@ static struct dmi_system_id __initdata acpi_dmi_table[] = { }; /* second table for DMI checks that should run after early-quirks */ @@ -20441,10 +20822,10 @@ index df94598..f3b29bf 100644 bp_int3_handler = handler; bp_int3_addr = (u8 *)addr + sizeof(int3); diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c -index d278736..0b4af9a8 100644 +index 7f26c9a..694544e 100644 --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c -@@ -191,7 +191,7 @@ int first_system_vector = 0xfe; +@@ -198,7 +198,7 @@ int first_system_vector = 0xfe; /* * Debug level, exported for io_apic.c */ @@ -20453,20 +20834,20 @@ index d278736..0b4af9a8 100644 int pic_mode; -@@ -1986,7 +1986,7 @@ static inline void __smp_error_interrupt(struct pt_regs *regs) +@@ -1992,7 +1992,7 @@ static inline void __smp_error_interrupt(struct pt_regs *regs) apic_write(APIC_ESR, 0); - v1 = apic_read(APIC_ESR); + v = apic_read(APIC_ESR); ack_APIC_irq(); - atomic_inc(&irq_err_count); + atomic_inc_unchecked(&irq_err_count); - apic_printk(APIC_DEBUG, KERN_DEBUG "APIC error on CPU%d: %02x(%02x)", - smp_processor_id(), v0 , v1); + apic_printk(APIC_DEBUG, KERN_DEBUG "APIC error on CPU%d: %02x", + smp_processor_id(), v); diff --git a/arch/x86/kernel/apic/apic_flat_64.c b/arch/x86/kernel/apic/apic_flat_64.c -index 00c77cf..2dc6a2d 100644 +index 2c621a6..fa2b1ae 100644 --- a/arch/x86/kernel/apic/apic_flat_64.c +++ b/arch/x86/kernel/apic/apic_flat_64.c -@@ -157,7 +157,7 @@ static int flat_probe(void) +@@ -154,7 +154,7 @@ static int flat_probe(void) return 1; } @@ -20475,7 +20856,7 @@ index 00c77cf..2dc6a2d 100644 .name = "flat", .probe = flat_probe, .acpi_madt_oem_check = flat_acpi_madt_oem_check, -@@ -271,7 +271,7 @@ static int physflat_probe(void) +@@ -268,7 +268,7 @@ static int physflat_probe(void) return 0; } @@ -20485,10 +20866,10 @@ index 00c77cf..2dc6a2d 100644 .name = "physical flat", .probe = physflat_probe, diff --git a/arch/x86/kernel/apic/apic_noop.c b/arch/x86/kernel/apic/apic_noop.c -index e145f28..2752888 100644 +index 191ce75..2db6d63 100644 --- a/arch/x86/kernel/apic/apic_noop.c +++ b/arch/x86/kernel/apic/apic_noop.c -@@ -119,7 +119,7 @@ static void noop_apic_write(u32 reg, u32 v) +@@ -118,7 +118,7 @@ static void noop_apic_write(u32 reg, u32 v) WARN_ON_ONCE(cpu_has_apic && !disable_apic); } @@ -20534,10 +20915,10 @@ index c552247..587a316 100644 .name = "es7000", .probe = probe_es7000, diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c -index e63a5bd..c0babf8 100644 +index 6ad4658..38a7b5c 100644 --- a/arch/x86/kernel/apic/io_apic.c +++ b/arch/x86/kernel/apic/io_apic.c -@@ -1060,7 +1060,7 @@ int IO_APIC_get_PCI_irq_vector(int bus, int slot, int pin, +@@ -1057,7 +1057,7 @@ int IO_APIC_get_PCI_irq_vector(int bus, int slot, int pin, } EXPORT_SYMBOL(IO_APIC_get_PCI_irq_vector); @@ -20546,7 +20927,7 @@ index e63a5bd..c0babf8 100644 { /* Used to the online set of cpus does not change * during assign_irq_vector. -@@ -1068,7 +1068,7 @@ void lock_vector_lock(void) +@@ -1065,7 +1065,7 @@ void lock_vector_lock(void) raw_spin_lock(&vector_lock); } @@ -20555,7 +20936,7 @@ index e63a5bd..c0babf8 100644 { raw_spin_unlock(&vector_lock); } -@@ -2367,7 +2367,7 @@ static void ack_apic_edge(struct irq_data *data) +@@ -2364,7 +2364,7 @@ static void ack_apic_edge(struct irq_data *data) ack_APIC_irq(); } @@ -20564,7 +20945,7 @@ index e63a5bd..c0babf8 100644 #ifdef CONFIG_GENERIC_PENDING_IRQ static bool io_apic_level_ack_pending(struct irq_cfg *cfg) -@@ -2508,7 +2508,7 @@ static void ack_apic_level(struct irq_data *data) +@@ -2505,7 +2505,7 @@ static void ack_apic_level(struct irq_data *data) * at the cpu. */ if (!(v & (1 << (i & 0x1f)))) { @@ -20601,10 +20982,10 @@ index eb35ef9..f184a21 100644 .name = "default", .probe = probe_default, diff --git a/arch/x86/kernel/apic/summit_32.c b/arch/x86/kernel/apic/summit_32.c -index 77c95c0..434f8a4 100644 +index 00146f9..5e299b8 100644 --- a/arch/x86/kernel/apic/summit_32.c +++ b/arch/x86/kernel/apic/summit_32.c -@@ -486,7 +486,7 @@ void setup_summit(void) +@@ -485,7 +485,7 @@ void setup_summit(void) } #endif @@ -20614,10 +20995,10 @@ index 77c95c0..434f8a4 100644 .name = "summit", .probe = probe_summit, diff --git a/arch/x86/kernel/apic/x2apic_cluster.c b/arch/x86/kernel/apic/x2apic_cluster.c -index 140e29d..d88bc95 100644 +index cac85ee..01fa741 100644 --- a/arch/x86/kernel/apic/x2apic_cluster.c +++ b/arch/x86/kernel/apic/x2apic_cluster.c -@@ -183,7 +183,7 @@ update_clusterinfo(struct notifier_block *nfb, unsigned long action, void *hcpu) +@@ -182,7 +182,7 @@ update_clusterinfo(struct notifier_block *nfb, unsigned long action, void *hcpu) return notifier_from_errno(err); } @@ -20626,7 +21007,7 @@ index 140e29d..d88bc95 100644 .notifier_call = update_clusterinfo, }; -@@ -235,7 +235,7 @@ static void cluster_vector_allocation_domain(int cpu, struct cpumask *retmask, +@@ -234,7 +234,7 @@ static void cluster_vector_allocation_domain(int cpu, struct cpumask *retmask, cpumask_and(retmask, mask, per_cpu(cpus_in_cluster, cpu)); } @@ -20636,10 +21017,10 @@ index 140e29d..d88bc95 100644 .name = "cluster x2apic", .probe = x2apic_cluster_probe, diff --git a/arch/x86/kernel/apic/x2apic_phys.c b/arch/x86/kernel/apic/x2apic_phys.c -index 562a76d..a003c0f 100644 +index de231e3..1d1b2ee 100644 --- a/arch/x86/kernel/apic/x2apic_phys.c +++ b/arch/x86/kernel/apic/x2apic_phys.c -@@ -89,7 +89,7 @@ static int x2apic_phys_probe(void) +@@ -88,7 +88,7 @@ static int x2apic_phys_probe(void) return apic == &apic_x2apic_phys; } @@ -20649,7 +21030,7 @@ index 562a76d..a003c0f 100644 .name = "physical x2apic", .probe = x2apic_phys_probe, diff --git a/arch/x86/kernel/apic/x2apic_uv_x.c b/arch/x86/kernel/apic/x2apic_uv_x.c -index ad0dc04..0d9cc56 100644 +index d263b13..963258b 100644 --- a/arch/x86/kernel/apic/x2apic_uv_x.c +++ b/arch/x86/kernel/apic/x2apic_uv_x.c @@ -350,7 +350,7 @@ static int uv_probe(void) @@ -20789,7 +21170,7 @@ index e7c798b..2b2019b 100644 BLANK(); diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile -index 47b56a7..efc2bc6 100644 +index 7fd54f0..0691410 100644 --- a/arch/x86/kernel/cpu/Makefile +++ b/arch/x86/kernel/cpu/Makefile @@ -8,10 +8,6 @@ CFLAGS_REMOVE_common.o = -pg @@ -20804,10 +21185,10 @@ index 47b56a7..efc2bc6 100644 obj-y += proc.o capflags.o powerflags.o common.o obj-y += rdrand.o diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c -index 59bfebc..d8f27bd 100644 +index c67ffa6..f41fbbf 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c -@@ -753,7 +753,7 @@ static void init_amd(struct cpuinfo_x86 *c) +@@ -752,7 +752,7 @@ static void init_amd(struct cpuinfo_x86 *c) static unsigned int amd_size_cache(struct cpuinfo_x86 *c, unsigned int size) { /* AMD errata T13 (order #21922) */ @@ -20817,7 +21198,7 @@ index 59bfebc..d8f27bd 100644 if (c->x86_model == 3 && c->x86_mask == 0) size = 64; diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c -index fe2bdd0..77b0d1b 100644 +index 8e28bf2..bf5c0d2 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -88,60 +88,6 @@ static const struct cpu_dev default_cpu = { @@ -20950,7 +21331,7 @@ index fe2bdd0..77b0d1b 100644 gdt_descr.size = GDT_SIZE - 1; load_gdt(&gdt_descr); /* Reload the per-cpu base */ -@@ -882,6 +881,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) +@@ -883,6 +882,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) setup_smep(c); setup_smap(c); @@ -20961,7 +21342,7 @@ index fe2bdd0..77b0d1b 100644 /* * The vendor-specific functions might have changed features. * Now we do "generic changes." -@@ -890,6 +893,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) +@@ -891,6 +894,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) /* Filter out anything that depends on CPUID levels we don't have */ filter_cpuid_features(c, true); @@ -20972,7 +21353,7 @@ index fe2bdd0..77b0d1b 100644 /* If the model name is still unset, do table lookup. */ if (!c->x86_model_id[0]) { const char *p; -@@ -1077,10 +1084,12 @@ static __init int setup_disablecpuid(char *arg) +@@ -1078,10 +1085,12 @@ static __init int setup_disablecpuid(char *arg) } __setup("clearcpuid=", setup_disablecpuid); @@ -20988,7 +21369,7 @@ index fe2bdd0..77b0d1b 100644 DEFINE_PER_CPU_FIRST(union irq_stack_union, irq_stack_union) __aligned(PAGE_SIZE) __visible; -@@ -1094,7 +1103,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned = +@@ -1095,7 +1104,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned = EXPORT_PER_CPU_SYMBOL(current_task); DEFINE_PER_CPU(unsigned long, kernel_stack) = @@ -20997,7 +21378,7 @@ index fe2bdd0..77b0d1b 100644 EXPORT_PER_CPU_SYMBOL(kernel_stack); DEFINE_PER_CPU(char *, irq_stack_ptr) = -@@ -1244,7 +1253,7 @@ void cpu_init(void) +@@ -1245,7 +1254,7 @@ void cpu_init(void) load_ucode_ap(); cpu = stack_smp_processor_id(); @@ -21006,7 +21387,7 @@ index fe2bdd0..77b0d1b 100644 oist = &per_cpu(orig_ist, cpu); #ifdef CONFIG_NUMA -@@ -1279,7 +1288,6 @@ void cpu_init(void) +@@ -1280,7 +1289,6 @@ void cpu_init(void) wrmsrl(MSR_KERNEL_GS_BASE, 0); barrier(); @@ -21014,7 +21395,7 @@ index fe2bdd0..77b0d1b 100644 enable_x2apic(); /* -@@ -1331,7 +1339,7 @@ void cpu_init(void) +@@ -1332,7 +1340,7 @@ void cpu_init(void) { int cpu = smp_processor_id(); struct task_struct *curr = current; @@ -21115,7 +21496,7 @@ index 0641113..06f5ba4 100644 "index%1lu", i); if (unlikely(retval)) { diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c -index b3218cd..99a75de 100644 +index 4d5419b..95f11bb 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -45,6 +45,7 @@ @@ -21239,7 +21620,7 @@ index b3218cd..99a75de 100644 mce_chrdev_open_exclu = 0; spin_unlock(&mce_chrdev_state_lock); -@@ -2404,7 +2407,7 @@ static __init void mce_init_banks(void) +@@ -2406,7 +2409,7 @@ static __init void mce_init_banks(void) for (i = 0; i < mca_cfg.banks; i++) { struct mce_bank *b = &mce_banks[i]; @@ -21248,7 +21629,7 @@ index b3218cd..99a75de 100644 sysfs_attr_init(&a->attr); a->attr.name = b->attrname; -@@ -2472,7 +2475,7 @@ struct dentry *mce_get_debugfs_dir(void) +@@ -2474,7 +2477,7 @@ struct dentry *mce_get_debugfs_dir(void) static void mce_reset(void) { cpu_missing = 0; @@ -21258,10 +21639,10 @@ index b3218cd..99a75de 100644 atomic_set(&mce_callin, 0); atomic_set(&global_nwo, 0); diff --git a/arch/x86/kernel/cpu/mcheck/p5.c b/arch/x86/kernel/cpu/mcheck/p5.c -index 1c044b1..37a2a43 100644 +index a304298..49b6d06 100644 --- a/arch/x86/kernel/cpu/mcheck/p5.c +++ b/arch/x86/kernel/cpu/mcheck/p5.c -@@ -11,6 +11,7 @@ +@@ -10,6 +10,7 @@ #include <asm/processor.h> #include <asm/mce.h> #include <asm/msr.h> @@ -21269,7 +21650,7 @@ index 1c044b1..37a2a43 100644 /* By default disabled */ int mce_p5_enabled __read_mostly; -@@ -49,7 +50,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) +@@ -48,7 +49,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) if (!cpu_has(c, X86_FEATURE_MCE)) return; @@ -21280,10 +21661,10 @@ index 1c044b1..37a2a43 100644 wmb(); diff --git a/arch/x86/kernel/cpu/mcheck/winchip.c b/arch/x86/kernel/cpu/mcheck/winchip.c -index e9a701a..35317d6 100644 +index 7dc5564..1273569 100644 --- a/arch/x86/kernel/cpu/mcheck/winchip.c +++ b/arch/x86/kernel/cpu/mcheck/winchip.c -@@ -10,6 +10,7 @@ +@@ -9,6 +9,7 @@ #include <asm/processor.h> #include <asm/mce.h> #include <asm/msr.h> @@ -21291,7 +21672,7 @@ index e9a701a..35317d6 100644 /* Machine check handler for WinChip C6: */ static void winchip_machine_check(struct pt_regs *regs, long error_code) -@@ -23,7 +24,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) +@@ -22,7 +23,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) { u32 lo, hi; @@ -21301,6 +21682,39 @@ index e9a701a..35317d6 100644 /* Make sure the vector pointer is visible before we enable MCEs: */ wmb(); +diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c +index 15c9876..0a43909 100644 +--- a/arch/x86/kernel/cpu/microcode/core.c ++++ b/arch/x86/kernel/cpu/microcode/core.c +@@ -513,7 +513,7 @@ mc_cpu_callback(struct notifier_block *nb, unsigned long action, void *hcpu) + return NOTIFY_OK; + } + +-static struct notifier_block __refdata mc_cpu_notifier = { ++static struct notifier_block mc_cpu_notifier = { + .notifier_call = mc_cpu_callback, + }; + +diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c +index a276fa7..e66810f 100644 +--- a/arch/x86/kernel/cpu/microcode/intel.c ++++ b/arch/x86/kernel/cpu/microcode/intel.c +@@ -293,13 +293,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device, + + static int get_ucode_user(void *to, const void *from, size_t n) + { +- return copy_from_user(to, from, n); ++ return copy_from_user(to, (const void __force_user *)from, n); + } + + static enum ucode_state + request_microcode_user(int cpu, const void __user *buf, size_t size) + { +- return generic_load_microcode(cpu, (void *)buf, size, &get_ucode_user); ++ return generic_load_microcode(cpu, (__force_kernel void *)buf, size, &get_ucode_user); + } + + static void microcode_fini_cpu(int cpu) diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c index f961de9..8a9d332 100644 --- a/arch/x86/kernel/cpu/mtrr/main.c @@ -21328,7 +21742,7 @@ index df5e41f..816c719 100644 extern int generic_get_free_region(unsigned long base, unsigned long size, int replace_reg); diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c -index db6cdbe..faaf834 100644 +index 79f9f84..38ace52 100644 --- a/arch/x86/kernel/cpu/perf_event.c +++ b/arch/x86/kernel/cpu/perf_event.c @@ -1351,7 +1351,7 @@ static void __init pmu_check_apic(void) @@ -21349,7 +21763,7 @@ index db6cdbe..faaf834 100644 .name = "events", .attrs = events_attr, }; -@@ -1961,7 +1961,7 @@ static unsigned long get_segment_base(unsigned int segment) +@@ -1971,7 +1971,7 @@ static unsigned long get_segment_base(unsigned int segment) if (idx > GDT_ENTRIES) return 0; @@ -21358,7 +21772,7 @@ index db6cdbe..faaf834 100644 } return get_desc_base(desc + idx); -@@ -2051,7 +2051,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) +@@ -2061,7 +2061,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) break; perf_callchain_store(entry, frame.return_address); @@ -21381,13 +21795,13 @@ index 639d128..e92d7e5 100644 while (amd_iommu_v2_event_descs[i].attr.attr.name) diff --git a/arch/x86/kernel/cpu/perf_event_intel.c b/arch/x86/kernel/cpu/perf_event_intel.c -index 0fa4f24..17990ed 100644 +index aa333d9..f9db700 100644 --- a/arch/x86/kernel/cpu/perf_event_intel.c +++ b/arch/x86/kernel/cpu/perf_event_intel.c -@@ -2314,10 +2314,10 @@ __init int intel_pmu_init(void) - * v2 and above have a perf capabilities MSR - */ - if (version > 1) { +@@ -2309,10 +2309,10 @@ __init int intel_pmu_init(void) + x86_pmu.num_counters_fixed = max((int)edx.split.num_counters_fixed, 3); + + if (boot_cpu_has(X86_FEATURE_PDCM)) { - u64 capabilities; + u64 capabilities = x86_pmu.intel_cap.capabilities; @@ -21398,11 +21812,24 @@ index 0fa4f24..17990ed 100644 } intel_ds_init(); +diff --git a/arch/x86/kernel/cpu/perf_event_intel_rapl.c b/arch/x86/kernel/cpu/perf_event_intel_rapl.c +index 5ad35ad..e0a3960 100644 +--- a/arch/x86/kernel/cpu/perf_event_intel_rapl.c ++++ b/arch/x86/kernel/cpu/perf_event_intel_rapl.c +@@ -425,7 +425,7 @@ static struct attribute *rapl_events_cln_attr[] = { + NULL, + }; + +-static struct attribute_group rapl_pmu_events_group = { ++static attribute_group_no_const rapl_pmu_events_group __read_only = { + .name = "events", + .attrs = NULL, /* patched at runtime */ + }; diff --git a/arch/x86/kernel/cpu/perf_event_intel_uncore.c b/arch/x86/kernel/cpu/perf_event_intel_uncore.c -index 29c2487..a5606fa 100644 +index 047f540..afdeba0 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_uncore.c +++ b/arch/x86/kernel/cpu/perf_event_intel_uncore.c -@@ -3318,7 +3318,7 @@ static void __init uncore_types_exit(struct intel_uncore_type **types) +@@ -3326,7 +3326,7 @@ static void __init uncore_types_exit(struct intel_uncore_type **types) static int __init uncore_type_init(struct intel_uncore_type *type) { struct intel_uncore_pmu *pmus; @@ -21438,10 +21865,10 @@ index 7d9481c..99c7e4b 100644 .notifier_call = cpuid_class_cpu_callback, }; diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c -index 18677a9..f67c45b 100644 +index a57902e..ebaae2a 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c -@@ -58,10 +58,8 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs) +@@ -57,10 +57,8 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs) { #ifdef CONFIG_X86_32 struct pt_regs fixed_regs; @@ -21467,10 +21894,10 @@ index afa64ad..dce67dd 100644 return -EFAULT; } diff --git a/arch/x86/kernel/doublefault.c b/arch/x86/kernel/doublefault.c -index 5d3fe8d..02e1429 100644 +index f6dfd93..892ade4 100644 --- a/arch/x86/kernel/doublefault.c +++ b/arch/x86/kernel/doublefault.c -@@ -13,7 +13,7 @@ +@@ -12,7 +12,7 @@ #define DOUBLEFAULT_STACKSIZE (1024) static unsigned long doublefault_stack[DOUBLEFAULT_STACKSIZE]; @@ -21479,7 +21906,7 @@ index 5d3fe8d..02e1429 100644 #define ptr_ok(x) ((x) > PAGE_OFFSET && (x) < PAGE_OFFSET + MAXMEM) -@@ -23,7 +23,7 @@ static void doublefault_fn(void) +@@ -22,7 +22,7 @@ static void doublefault_fn(void) unsigned long gdt, tss; native_store_gdt(&gdt_desc); @@ -21488,7 +21915,7 @@ index 5d3fe8d..02e1429 100644 printk(KERN_EMERG "PANIC: double fault, gdt at %08lx [%d bytes]\n", gdt, gdt_desc.size); -@@ -60,10 +60,10 @@ struct tss_struct doublefault_tss __cacheline_aligned = { +@@ -59,10 +59,10 @@ struct tss_struct doublefault_tss __cacheline_aligned = { /* 0x2 bit is always set */ .flags = X86_EFLAGS_SF | 0x2, .sp = STACK_START, @@ -21656,7 +22083,7 @@ index d9c12d3..7858b62 100644 if (__die(str, regs, err)) diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c -index f2a1770..540657f 100644 +index f2a1770..10fa52d 100644 --- a/arch/x86/kernel/dumpstack_32.c +++ b/arch/x86/kernel/dumpstack_32.c @@ -38,15 +38,13 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs, @@ -21734,7 +22161,7 @@ index f2a1770..540657f 100644 return ud2 == 0x0b0f; } + -+#ifdef CONFIG_PAX_MEMORY_STACKLEAK ++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY) +void pax_check_alloca(unsigned long size) +{ + unsigned long sp = (unsigned long)&sp, stack_left; @@ -21746,7 +22173,7 @@ index f2a1770..540657f 100644 +EXPORT_SYMBOL(pax_check_alloca); +#endif diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c -index addb207..99635fa 100644 +index addb207..921706b 100644 --- a/arch/x86/kernel/dumpstack_64.c +++ b/arch/x86/kernel/dumpstack_64.c @@ -119,9 +119,9 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs, @@ -21815,7 +22242,7 @@ index addb207..99635fa 100644 return ud2 == 0x0b0f; } + -+#ifdef CONFIG_PAX_MEMORY_STACKLEAK ++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY) +void pax_check_alloca(unsigned long size) +{ + unsigned long sp = (unsigned long)&sp, stack_start, stack_end; @@ -21862,7 +22289,7 @@ index addb207..99635fa 100644 +EXPORT_SYMBOL(pax_check_alloca); +#endif diff --git a/arch/x86/kernel/e820.c b/arch/x86/kernel/e820.c -index 174da5f..5e55606 100644 +index 988c00a..4f673b6 100644 --- a/arch/x86/kernel/e820.c +++ b/arch/x86/kernel/e820.c @@ -803,8 +803,8 @@ unsigned long __init e820_end_of_low_ram_pfn(void) @@ -23915,7 +24342,7 @@ index 1e96c36..3ff710a 100644 /* * End of kprobes section diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c -index e625319..b9abb9d 100644 +index 1ffc32d..e52c745 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -104,6 +104,8 @@ ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code, @@ -24440,7 +24867,7 @@ index f36bd42..56ee1534 100644 + .fill PAGE_SIZE_asm - GDT_SIZE,1,0 + .endr diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S -index a468c0a..b9aed84 100644 +index a468c0a..c7dec74 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -20,6 +20,8 @@ @@ -24532,6 +24959,15 @@ index a468c0a..b9aed84 100644 movq initial_code(%rip),%rax pushq $0 # fake return address to stop unwinder pushq $__KERNEL_CS # set correct cs +@@ -313,7 +344,7 @@ ENDPROC(start_cpu0) + .quad INIT_PER_CPU_VAR(irq_stack_union) + + GLOBAL(stack_start) +- .quad init_thread_union+THREAD_SIZE-8 ++ .quad init_thread_union+THREAD_SIZE-16 + .word 0 + __FINITDATA + @@ -391,7 +422,7 @@ ENTRY(early_idt_handler) call dump_stack #ifdef CONFIG_KALLSYMS @@ -24836,7 +25272,7 @@ index 4ddaf66..49d5c18 100644 regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); t->iopl = level << 12; diff --git a/arch/x86/kernel/irq.c b/arch/x86/kernel/irq.c -index 22d0687..e07b2a5 100644 +index d99f31d..1c0f466 100644 --- a/arch/x86/kernel/irq.c +++ b/arch/x86/kernel/irq.c @@ -21,7 +21,7 @@ @@ -24870,10 +25306,19 @@ index 22d0687..e07b2a5 100644 } diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c -index d7fcbed..1f747f7 100644 +index d7fcbed..96e715a 100644 --- a/arch/x86/kernel/irq_32.c +++ b/arch/x86/kernel/irq_32.c -@@ -39,7 +39,7 @@ static int check_stack_overflow(void) +@@ -29,6 +29,8 @@ EXPORT_PER_CPU_SYMBOL(irq_regs); + + #ifdef CONFIG_DEBUG_STACKOVERFLOW + ++extern void gr_handle_kernel_exploit(void); ++ + int sysctl_panic_on_stackoverflow __read_mostly; + + /* Debugging check for stack overflow: is there less than 1KB free? */ +@@ -39,13 +41,14 @@ static int check_stack_overflow(void) __asm__ __volatile__("andl %%esp,%0" : "=r" (sp) : "0" (THREAD_SIZE - 1)); @@ -24882,7 +25327,14 @@ index d7fcbed..1f747f7 100644 } static void print_stack_overflow(void) -@@ -59,8 +59,8 @@ static inline void print_stack_overflow(void) { } + { + printk(KERN_WARNING "low stack detected by irq handler\n"); + dump_stack(); ++ gr_handle_kernel_exploit(); + if (sysctl_panic_on_stackoverflow) + panic("low stack detected by irq handler - check messages\n"); + } +@@ -59,8 +62,8 @@ static inline void print_stack_overflow(void) { } * per-CPU IRQ handling contexts (thread information and stack) */ union irq_ctx { @@ -24893,7 +25345,7 @@ index d7fcbed..1f747f7 100644 } __attribute__((aligned(THREAD_SIZE))); static DEFINE_PER_CPU(union irq_ctx *, hardirq_ctx); -@@ -80,10 +80,9 @@ static void call_on_stack(void *func, void *stack) +@@ -80,10 +83,9 @@ static void call_on_stack(void *func, void *stack) static inline int execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) { @@ -24905,7 +25357,7 @@ index d7fcbed..1f747f7 100644 irqctx = __this_cpu_read(hardirq_ctx); /* -@@ -92,13 +91,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) +@@ -92,13 +94,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) * handler) we can't do that and just have to keep using the * current stack (which is the irq stack already after all) */ @@ -24926,7 +25378,7 @@ index d7fcbed..1f747f7 100644 if (unlikely(overflow)) call_on_stack(print_stack_overflow, isp); -@@ -110,6 +112,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) +@@ -110,6 +115,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) : "0" (irq), "1" (desc), "2" (isp), "D" (desc->handle_irq) : "memory", "cc", "ecx"); @@ -24938,7 +25390,7 @@ index d7fcbed..1f747f7 100644 return 1; } -@@ -118,48 +125,34 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) +@@ -118,48 +128,34 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq) */ void irq_ctx_init(int cpu) { @@ -25000,7 +25452,7 @@ index d7fcbed..1f747f7 100644 } bool handle_irq(unsigned irq, struct pt_regs *regs) -@@ -173,7 +166,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs) +@@ -173,7 +169,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs) if (unlikely(!desc)) return false; @@ -25010,10 +25462,19 @@ index d7fcbed..1f747f7 100644 print_stack_overflow(); desc->handle_irq(irq, desc); diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c -index 4d1c746..232961d 100644 +index 4d1c746..55a22d6 100644 --- a/arch/x86/kernel/irq_64.c +++ b/arch/x86/kernel/irq_64.c -@@ -44,7 +44,7 @@ static inline void stack_overflow_check(struct pt_regs *regs) +@@ -26,6 +26,8 @@ EXPORT_PER_CPU_SYMBOL(irq_stat); + DEFINE_PER_CPU(struct pt_regs *, irq_regs); + EXPORT_PER_CPU_SYMBOL(irq_regs); + ++extern void gr_handle_kernel_exploit(void); ++ + int sysctl_panic_on_stackoverflow; + + /* +@@ -44,7 +46,7 @@ static inline void stack_overflow_check(struct pt_regs *regs) u64 estack_top, estack_bottom; u64 curbase = (u64)task_stack_page(current); @@ -25022,6 +25483,15 @@ index 4d1c746..232961d 100644 return; if (regs->sp >= curbase + sizeof(struct thread_info) + +@@ -69,6 +71,8 @@ static inline void stack_overflow_check(struct pt_regs *regs) + irq_stack_top, irq_stack_bottom, + estack_top, estack_bottom); + ++ gr_handle_kernel_exploit(); ++ + if (sysctl_panic_on_stackoverflow) + panic("low stack detected by irq handler - check messages\n"); + #endif diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c index 26d5a55..a01160a 100644 --- a/arch/x86/kernel/jump_label.c @@ -25061,10 +25531,10 @@ index 26d5a55..a01160a 100644 } memcpy(&code, ideal_nops[NOP_ATOMIC5], JUMP_LABEL_NOP_SIZE); diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c -index 836f832..a8bda67 100644 +index 7ec1d5f..5a7d130 100644 --- a/arch/x86/kernel/kgdb.c +++ b/arch/x86/kernel/kgdb.c -@@ -127,11 +127,11 @@ char *dbg_get_reg(int regno, void *mem, struct pt_regs *regs) +@@ -126,11 +126,11 @@ char *dbg_get_reg(int regno, void *mem, struct pt_regs *regs) #ifdef CONFIG_X86_32 switch (regno) { case GDB_SS: @@ -25078,7 +25548,7 @@ index 836f832..a8bda67 100644 *(unsigned long *)mem = kernel_stack_pointer(regs); break; case GDB_GS: -@@ -229,7 +229,10 @@ static void kgdb_correct_hw_break(void) +@@ -228,7 +228,10 @@ static void kgdb_correct_hw_break(void) bp->attr.bp_addr = breakinfo[breakno].addr; bp->attr.bp_len = breakinfo[breakno].len; bp->attr.bp_type = breakinfo[breakno].type; @@ -25090,7 +25560,7 @@ index 836f832..a8bda67 100644 info->len = breakinfo[breakno].len; info->type = breakinfo[breakno].type; val = arch_install_hw_breakpoint(bp); -@@ -476,12 +479,12 @@ int kgdb_arch_handle_exception(int e_vector, int signo, int err_code, +@@ -475,12 +478,12 @@ int kgdb_arch_handle_exception(int e_vector, int signo, int err_code, case 'k': /* clear the trace bit */ linux_regs->flags &= ~X86_EFLAGS_TF; @@ -25105,7 +25575,7 @@ index 836f832..a8bda67 100644 raw_smp_processor_id()); } -@@ -546,7 +549,7 @@ static int __kgdb_notify(struct die_args *args, unsigned long cmd) +@@ -545,7 +548,7 @@ static int __kgdb_notify(struct die_args *args, unsigned long cmd) switch (cmd) { case DIE_DEBUG: @@ -25114,7 +25584,7 @@ index 836f832..a8bda67 100644 if (user_mode(regs)) return single_step_cont(regs, args); break; -@@ -751,11 +754,11 @@ int kgdb_arch_set_breakpoint(struct kgdb_bkpt *bpt) +@@ -750,11 +753,11 @@ int kgdb_arch_set_breakpoint(struct kgdb_bkpt *bpt) #endif /* CONFIG_DEBUG_RODATA */ bpt->type = BP_BREAKPOINT; @@ -25128,7 +25598,7 @@ index 836f832..a8bda67 100644 arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE); #ifdef CONFIG_DEBUG_RODATA if (!err) -@@ -768,7 +771,7 @@ int kgdb_arch_set_breakpoint(struct kgdb_bkpt *bpt) +@@ -767,7 +770,7 @@ int kgdb_arch_set_breakpoint(struct kgdb_bkpt *bpt) return -EBUSY; text_poke((void *)bpt->bpt_addr, arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE); @@ -25137,7 +25607,7 @@ index 836f832..a8bda67 100644 if (err) return err; if (memcmp(opc, arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE)) -@@ -793,13 +796,13 @@ int kgdb_arch_remove_breakpoint(struct kgdb_bkpt *bpt) +@@ -792,13 +795,13 @@ int kgdb_arch_remove_breakpoint(struct kgdb_bkpt *bpt) if (mutex_is_locked(&text_mutex)) goto knl_write; text_poke((void *)bpt->bpt_addr, bpt->saved_instr, BREAK_INSTR_SIZE); @@ -25339,11 +25809,33 @@ index 898160b..758cde8 100644 if (!reenter) reset_current_kprobe(); preempt_enable_no_resched(); +diff --git a/arch/x86/kernel/ksysfs.c b/arch/x86/kernel/ksysfs.c +index c2bedae..25e7ab6 100644 +--- a/arch/x86/kernel/ksysfs.c ++++ b/arch/x86/kernel/ksysfs.c +@@ -184,7 +184,7 @@ out: + + static struct kobj_attribute type_attr = __ATTR_RO(type); + +-static struct bin_attribute data_attr = { ++static bin_attribute_no_const data_attr __read_only = { + .attr = { + .name = "data", + .mode = S_IRUGO, diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c -index ebc9873..1b9724b 100644 +index af1d14a..81ae763 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c -@@ -66,13 +66,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) +@@ -20,6 +20,8 @@ + #include <asm/mmu_context.h> + #include <asm/syscalls.h> + ++int sysctl_ldt16 = 0; ++ + #ifdef CONFIG_SMP + static void flush_ldt(void *current_mm) + { +@@ -66,13 +68,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) if (reload) { #ifdef CONFIG_SMP preempt_disable(); @@ -25359,7 +25851,7 @@ index ebc9873..1b9724b 100644 #endif } if (oldsize) { -@@ -94,7 +94,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) +@@ -94,7 +96,7 @@ static inline int copy_ldt(mm_context_t *new, mm_context_t *old) return err; for (i = 0; i < old->size; i++) @@ -25368,7 +25860,7 @@ index ebc9873..1b9724b 100644 return 0; } -@@ -115,6 +115,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) +@@ -115,6 +117,24 @@ int init_new_context(struct task_struct *tsk, struct mm_struct *mm) retval = copy_ldt(&mm->context, &old_mm->context); mutex_unlock(&old_mm->context.lock); } @@ -25393,7 +25885,7 @@ index ebc9873..1b9724b 100644 return retval; } -@@ -229,6 +247,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) +@@ -229,12 +249,19 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) } } @@ -25404,14 +25896,21 @@ index ebc9873..1b9724b 100644 + } +#endif + - fill_ldt(&ldt, &ldt_info); - if (oldmode) - ldt.avl = 0; + /* + * On x86-64 we do not support 16-bit segments due to + * IRET leaking the high bits of the kernel stack address. + */ + #ifdef CONFIG_X86_64 +- if (!ldt_info.seg_32bit) { ++ if (!ldt_info.seg_32bit && !sysctl_ldt16) { + error = -EINVAL; + goto out_unlock; + } diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c -index 5b19e4d..6476a76 100644 +index 1667b1d..16492c5 100644 --- a/arch/x86/kernel/machine_kexec_32.c +++ b/arch/x86/kernel/machine_kexec_32.c -@@ -26,7 +26,7 @@ +@@ -25,7 +25,7 @@ #include <asm/cacheflush.h> #include <asm/debugreg.h> @@ -25420,7 +25919,7 @@ index 5b19e4d..6476a76 100644 { struct desc_ptr curidt; -@@ -38,7 +38,7 @@ static void set_idt(void *newidt, __u16 limit) +@@ -37,7 +37,7 @@ static void set_idt(void *newidt, __u16 limit) } @@ -25429,7 +25928,7 @@ index 5b19e4d..6476a76 100644 { struct desc_ptr curgdt; -@@ -216,7 +216,7 @@ void machine_kexec(struct kimage *image) +@@ -215,7 +215,7 @@ void machine_kexec(struct kimage *image) } control_page = page_address(image->control_code_page); @@ -25438,39 +25937,6 @@ index 5b19e4d..6476a76 100644 relocate_kernel_ptr = control_page; page_list[PA_CONTROL_PAGE] = __pa(control_page); -diff --git a/arch/x86/kernel/microcode_core.c b/arch/x86/kernel/microcode_core.c -index 15c9876..0a43909 100644 ---- a/arch/x86/kernel/microcode_core.c -+++ b/arch/x86/kernel/microcode_core.c -@@ -513,7 +513,7 @@ mc_cpu_callback(struct notifier_block *nb, unsigned long action, void *hcpu) - return NOTIFY_OK; - } - --static struct notifier_block __refdata mc_cpu_notifier = { -+static struct notifier_block mc_cpu_notifier = { - .notifier_call = mc_cpu_callback, - }; - -diff --git a/arch/x86/kernel/microcode_intel.c b/arch/x86/kernel/microcode_intel.c -index 5fb2ceb..3ae90bb 100644 ---- a/arch/x86/kernel/microcode_intel.c -+++ b/arch/x86/kernel/microcode_intel.c -@@ -293,13 +293,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device, - - static int get_ucode_user(void *to, const void *from, size_t n) - { -- return copy_from_user(to, from, n); -+ return copy_from_user(to, (const void __force_user *)from, n); - } - - static enum ucode_state - request_microcode_user(int cpu, const void __user *buf, size_t size) - { -- return generic_load_microcode(cpu, (void *)buf, size, &get_ucode_user); -+ return generic_load_microcode(cpu, (__force_kernel void *)buf, size, &get_ucode_user); - } - - static void microcode_fini_cpu(int cpu) diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c index 18be189..4a9fe40 100644 --- a/arch/x86/kernel/module.c @@ -25740,7 +26206,7 @@ index bbb6c73..24a58ef 100644 .lock_spinning = __PV_IS_CALLEE_SAVE(paravirt_nop), .unlock_kick = paravirt_nop, diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c -index 1b10af8..0b58cbc 100644 +index 1b10af8..45bfbec 100644 --- a/arch/x86/kernel/paravirt.c +++ b/arch/x86/kernel/paravirt.c @@ -55,6 +55,9 @@ u64 _paravirt_ident_64(u64 x) @@ -25753,11 +26219,13 @@ index 1b10af8..0b58cbc 100644 void __init default_banner(void) { -@@ -142,15 +145,19 @@ unsigned paravirt_patch_default(u8 type, u16 clobbers, void *insnbuf, +@@ -141,16 +144,20 @@ unsigned paravirt_patch_default(u8 type, u16 clobbers, void *insnbuf, + if (opfunc == NULL) /* If there's no function, patch it with a ud2a (BUG) */ - ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a)); +- ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a)); - else if (opfunc == _paravirt_nop) ++ ret = paravirt_patch_insns(insnbuf, len, ktva_ktla(ud2a), ud2a+sizeof(ud2a)); + else if (opfunc == (void *)_paravirt_nop) /* If the operation is a nop, then nop the callsite */ ret = paravirt_patch_nop(); @@ -26049,10 +26517,10 @@ index 3fb8d95..254dc51 100644 +} +#endif diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c -index 6f1236c..fd448d4 100644 +index 0de43e9..056b840 100644 --- a/arch/x86/kernel/process_32.c +++ b/arch/x86/kernel/process_32.c -@@ -65,6 +65,7 @@ asmlinkage void ret_from_kernel_thread(void) __asm__("ret_from_kernel_thread"); +@@ -64,6 +64,7 @@ asmlinkage void ret_from_kernel_thread(void) __asm__("ret_from_kernel_thread"); unsigned long thread_saved_pc(struct task_struct *tsk) { return ((unsigned long *)tsk->thread.sp)[3]; @@ -26060,7 +26528,7 @@ index 6f1236c..fd448d4 100644 } void __show_regs(struct pt_regs *regs, int all) -@@ -74,19 +75,18 @@ void __show_regs(struct pt_regs *regs, int all) +@@ -73,19 +74,18 @@ void __show_regs(struct pt_regs *regs, int all) unsigned long sp; unsigned short ss, gs; @@ -26083,7 +26551,7 @@ index 6f1236c..fd448d4 100644 print_symbol("EIP is at %s\n", regs->ip); printk(KERN_DEFAULT "EAX: %08lx EBX: %08lx ECX: %08lx EDX: %08lx\n", -@@ -133,20 +133,21 @@ void release_thread(struct task_struct *dead_task) +@@ -132,20 +132,21 @@ void release_thread(struct task_struct *dead_task) int copy_thread(unsigned long clone_flags, unsigned long sp, unsigned long arg, struct task_struct *p) { @@ -26109,7 +26577,7 @@ index 6f1236c..fd448d4 100644 childregs->fs = __KERNEL_PERCPU; childregs->bx = sp; /* function */ childregs->bp = arg; -@@ -253,7 +254,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -252,7 +253,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) struct thread_struct *prev = &prev_p->thread, *next = &next_p->thread; int cpu = smp_processor_id(); @@ -26118,7 +26586,7 @@ index 6f1236c..fd448d4 100644 fpu_switch_t fpu; /* never put a printk in __switch_to... printk() calls wake_up*() indirectly */ -@@ -277,6 +278,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -276,6 +277,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) */ lazy_save_gs(prev->gs); @@ -26129,7 +26597,7 @@ index 6f1236c..fd448d4 100644 /* * Load the per-thread Thread-Local Storage descriptor. */ -@@ -315,6 +320,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -314,6 +319,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) */ arch_end_context_switch(next_p); @@ -26139,7 +26607,7 @@ index 6f1236c..fd448d4 100644 /* * Restore %gs if needed (which is common) */ -@@ -323,8 +331,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -322,8 +330,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) switch_fpu_finish(next_p, fpu); @@ -26148,7 +26616,7 @@ index 6f1236c..fd448d4 100644 return prev_p; } -@@ -354,4 +360,3 @@ unsigned long get_wchan(struct task_struct *p) +@@ -353,4 +359,3 @@ unsigned long get_wchan(struct task_struct *p) } while (count++ < 16); return 0; } @@ -26509,18 +26977,10 @@ index c8e41e9..64049ef 100644 /* * PCI ids solely used for fixups_table go here diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S -index 3fd2c69..16ef367 100644 +index 3fd2c69..a444264 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S -@@ -11,6 +11,7 @@ - #include <asm/kexec.h> - #include <asm/processor-flags.h> - #include <asm/pgtable_types.h> -+#include <asm/alternative-asm.h> - - /* - * Must be relocatable PIC code callable as a C function -@@ -96,8 +97,7 @@ relocate_kernel: +@@ -96,8 +96,7 @@ relocate_kernel: /* jump to identity mapped page */ addq $(identity_mapped - relocate_kernel), %r8 @@ -26530,16 +26990,8 @@ index 3fd2c69..16ef367 100644 identity_mapped: /* set return address to 0 if not preserving context */ -@@ -167,6 +167,7 @@ identity_mapped: - xorl %r14d, %r14d - xorl %r15d, %r15d - -+ pax_force_retaddr 0, 1 - ret - - 1: diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c -index cb233bc..23b4879 100644 +index ce72964..be8aea7 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -110,6 +110,7 @@ @@ -26604,7 +27056,7 @@ index cb233bc..23b4879 100644 /* Boot loader ID and version as integers, for the benefit of proc_dointvec */ int bootloader_type, bootloader_version; -@@ -768,7 +807,7 @@ static void __init trim_bios_range(void) +@@ -772,7 +811,7 @@ static void __init trim_bios_range(void) * area (640->1Mb) as ram even though it is not. * take them out. */ @@ -26613,7 +27065,7 @@ index cb233bc..23b4879 100644 sanitize_e820_map(e820.map, ARRAY_SIZE(e820.map), &e820.nr_map); } -@@ -776,7 +815,7 @@ static void __init trim_bios_range(void) +@@ -780,7 +819,7 @@ static void __init trim_bios_range(void) /* called before trim_bios_range() to spare extra sanitize */ static void __init e820_add_kernel_range(void) { @@ -26622,7 +27074,7 @@ index cb233bc..23b4879 100644 u64 size = __pa_symbol(_end) - start; /* -@@ -838,8 +877,12 @@ static void __init trim_low_memory_range(void) +@@ -856,8 +895,12 @@ dump_kernel_offset(struct notifier_block *self, unsigned long v, void *p) void __init setup_arch(char **cmdline_p) { @@ -26635,7 +27087,7 @@ index cb233bc..23b4879 100644 early_reserve_initrd(); -@@ -931,14 +974,14 @@ void __init setup_arch(char **cmdline_p) +@@ -947,14 +990,14 @@ void __init setup_arch(char **cmdline_p) if (!boot_params.hdr.root_flags) root_mountflags &= ~MS_RDONLY; @@ -26823,7 +27275,7 @@ index 7c3a5a6..f0a8961 100644 .smp_prepare_cpus = native_smp_prepare_cpus, .smp_cpus_done = native_smp_cpus_done, diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c -index 85dc05a..1241266 100644 +index a32da80..30c97f1 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -229,14 +229,18 @@ static void notrace start_secondary(void *unused) @@ -26851,9 +27303,12 @@ index 85dc05a..1241266 100644 /* * Check TSC synchronization with the BP: */ -@@ -751,6 +755,7 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle) +@@ -749,8 +753,9 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle) + alternatives_enable_smp(); + idle->thread.sp = (unsigned long) (((struct pt_regs *) - (THREAD_SIZE + task_stack_page(idle))) - 1); +- (THREAD_SIZE + task_stack_page(idle))) - 1); ++ (THREAD_SIZE - 16 + task_stack_page(idle))) - 1); per_cpu(current_task, cpu) = idle; + per_cpu(current_tinfo, cpu) = &idle->tinfo; @@ -27348,7 +27803,7 @@ index 1c113db..287b42e 100644 static int trace_irq_vector_refcount; static DEFINE_MUTEX(irq_vector_mutex); diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c -index b857ed8..51ae4cb 100644 +index 57409f6..b505597 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -66,7 +66,7 @@ @@ -27394,7 +27849,7 @@ index b857ed8..51ae4cb 100644 tsk->thread.trap_nr = trapnr; + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) -+ if (trapnr == 12 && ((regs->cs & 0xFFFF) == __KERNEL_CS || (regs->cs & 0xFFFF) == __KERNEXEC_KERNEL_CS)) ++ if (trapnr == X86_TRAP_SS && ((regs->cs & 0xFFFF) == __KERNEL_CS || (regs->cs & 0xFFFF) == __KERNEXEC_KERNEL_CS)) + str = "PAX: suspicious stack segment fault"; +#endif + @@ -27402,7 +27857,7 @@ index b857ed8..51ae4cb 100644 } + +#ifdef CONFIG_PAX_REFCOUNT -+ if (trapnr == 4) ++ if (trapnr == X86_TRAP_OF) + pax_report_refcount_overflow(regs); +#endif + @@ -27427,7 +27882,19 @@ index b857ed8..51ae4cb 100644 regs->ip, regs->sp, error_code); print_vma_addr(" in ", regs->ip); pr_cont("\n"); -@@ -277,7 +289,7 @@ do_general_protection(struct pt_regs *regs, long error_code) +@@ -251,6 +263,11 @@ dotraplinkage void do_double_fault(struct pt_regs *regs, long error_code) + tsk->thread.error_code = error_code; + tsk->thread.trap_nr = X86_TRAP_DF; + ++#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW ++ if ((unsigned long)tsk->stack - regs->sp <= PAGE_SIZE) ++ die("grsec: kernel stack overflow detected", regs, error_code); ++#endif ++ + #ifdef CONFIG_DOUBLEFAULT + df_debug(regs, error_code); + #endif +@@ -273,7 +290,7 @@ do_general_protection(struct pt_regs *regs, long error_code) conditional_sti(regs); #ifdef CONFIG_X86_32 @@ -27436,7 +27903,7 @@ index b857ed8..51ae4cb 100644 local_irq_enable(); handle_vm86_fault((struct kernel_vm86_regs *) regs, error_code); goto exit; -@@ -285,18 +297,42 @@ do_general_protection(struct pt_regs *regs, long error_code) +@@ -281,18 +298,42 @@ do_general_protection(struct pt_regs *regs, long error_code) #endif tsk = current; @@ -27481,7 +27948,7 @@ index b857ed8..51ae4cb 100644 tsk->thread.error_code = error_code; tsk->thread.trap_nr = X86_TRAP_GP; -@@ -457,7 +493,7 @@ dotraplinkage void __kprobes do_debug(struct pt_regs *regs, long error_code) +@@ -453,7 +494,7 @@ dotraplinkage void __kprobes do_debug(struct pt_regs *regs, long error_code) /* It's safe to allow irq's after DR6 has been saved */ preempt_conditional_sti(regs); @@ -27490,7 +27957,7 @@ index b857ed8..51ae4cb 100644 handle_vm86_trap((struct kernel_vm86_regs *) regs, error_code, X86_TRAP_DB); preempt_conditional_cli(regs); -@@ -472,7 +508,7 @@ dotraplinkage void __kprobes do_debug(struct pt_regs *regs, long error_code) +@@ -468,7 +509,7 @@ dotraplinkage void __kprobes do_debug(struct pt_regs *regs, long error_code) * We already checked v86 mode above, so we can check for kernel mode * by just checking the CPL of CS. */ @@ -27499,7 +27966,7 @@ index b857ed8..51ae4cb 100644 tsk->thread.debugreg6 &= ~DR_STEP; set_tsk_thread_flag(tsk, TIF_SINGLESTEP); regs->flags &= ~X86_EFLAGS_TF; -@@ -504,7 +540,7 @@ void math_error(struct pt_regs *regs, int error_code, int trapnr) +@@ -500,7 +541,7 @@ void math_error(struct pt_regs *regs, int error_code, int trapnr) return; conditional_sti(regs); @@ -27508,6 +27975,19 @@ index b857ed8..51ae4cb 100644 { if (!fixup_exception(regs)) { task->thread.error_code = error_code; +diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c +index cfbe99f..a6e8fa7 100644 +--- a/arch/x86/kernel/tsc.c ++++ b/arch/x86/kernel/tsc.c +@@ -150,7 +150,7 @@ static void cyc2ns_write_end(int cpu, struct cyc2ns_data *data) + */ + smp_wmb(); + +- ACCESS_ONCE(c2n->head) = data; ++ ACCESS_ONCE_RW(c2n->head) = data; + } + + /* diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c index 2ed8459..7cf329f 100644 --- a/arch/x86/kernel/uprobes.c @@ -27875,7 +28355,7 @@ index da6b35a..977e9cf 100644 #ifdef CONFIG_SMP diff --git a/arch/x86/kernel/vsyscall_64.c b/arch/x86/kernel/vsyscall_64.c -index 1f96f93..d5c8f7a 100644 +index 1f96f93..6f29be7 100644 --- a/arch/x86/kernel/vsyscall_64.c +++ b/arch/x86/kernel/vsyscall_64.c @@ -56,15 +56,13 @@ @@ -27895,6 +28375,15 @@ index 1f96f93..d5c8f7a 100644 else if (!strcmp("none", str)) vsyscall_mode = NONE; else +@@ -101,7 +99,7 @@ void update_vsyscall(struct timekeeper *tk) + vdata->monotonic_time_sec = tk->xtime_sec + + tk->wall_to_monotonic.tv_sec; + vdata->monotonic_time_snsec = tk->xtime_nsec +- + (tk->wall_to_monotonic.tv_nsec ++ + ((u64)tk->wall_to_monotonic.tv_nsec + << tk->shift); + while (vdata->monotonic_time_snsec >= + (((u64)NSEC_PER_SEC) << tk->shift)) { @@ -323,8 +321,7 @@ do_ret: return true; @@ -27939,7 +28428,7 @@ index 04068192..4d75aa6 100644 +EXPORT_SYMBOL(cpu_pgd); +#endif diff --git a/arch/x86/kernel/x86_init.c b/arch/x86/kernel/x86_init.c -index 021783b..6511282 100644 +index e48b674..a451dd9 100644 --- a/arch/x86/kernel/x86_init.c +++ b/arch/x86/kernel/x86_init.c @@ -93,7 +93,7 @@ struct x86_cpuinit_ops x86_cpuinit = { @@ -27970,7 +28459,7 @@ index 021783b..6511282 100644 .read = native_io_apic_read, .write = native_io_apic_write, diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c -index 422fd82..b2d262e 100644 +index a4b451c..8dfe1ad 100644 --- a/arch/x86/kernel/xsave.c +++ b/arch/x86/kernel/xsave.c @@ -164,18 +164,18 @@ static inline int save_xstate_epilog(void __user *buf, int ia32_frame) @@ -28072,7 +28561,7 @@ index c697625..a032162 100644 out: diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index d86ff15..e77b023 100644 +index 9736529..ab4f54c 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -55,7 +55,7 @@ @@ -28085,7 +28574,7 @@ index d86ff15..e77b023 100644 #define APIC_LVT_NUM 6 /* 14 is the version for Xeon and Pentium 8.4.8*/ diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h -index ad75d77..a679d32 100644 +index cba218a..1cc1bed 100644 --- a/arch/x86/kvm/paging_tmpl.h +++ b/arch/x86/kvm/paging_tmpl.h @@ -331,7 +331,7 @@ retry_walk: @@ -28098,10 +28587,10 @@ index ad75d77..a679d32 100644 goto error; walker->ptep_user[walker->level - 1] = ptep_user; diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 532add1..59eb241 100644 +index 2de1bc0..22251ee 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c -@@ -3495,7 +3495,11 @@ static void reload_tss(struct kvm_vcpu *vcpu) +@@ -3508,7 +3508,11 @@ static void reload_tss(struct kvm_vcpu *vcpu) int cpu = raw_smp_processor_id(); struct svm_cpu_data *sd = per_cpu(svm_data, cpu); @@ -28113,7 +28602,7 @@ index 532add1..59eb241 100644 load_TR_desc(); } -@@ -3898,6 +3902,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) +@@ -3911,6 +3915,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) #endif #endif @@ -28125,10 +28614,10 @@ index 532add1..59eb241 100644 local_irq_disable(); diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index dcc4de3..6bf73f4 100644 +index 3927528..fc19971 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c -@@ -1316,12 +1316,12 @@ static void vmcs_write64(unsigned long field, u64 value) +@@ -1320,12 +1320,12 @@ static void vmcs_write64(unsigned long field, u64 value) #endif } @@ -28143,7 +28632,7 @@ index dcc4de3..6bf73f4 100644 { vmcs_writel(field, vmcs_readl(field) | mask); } -@@ -1522,7 +1522,11 @@ static void reload_tss(void) +@@ -1585,7 +1585,11 @@ static void reload_tss(void) struct desc_struct *descs; descs = (void *)gdt->address; @@ -28155,7 +28644,7 @@ index dcc4de3..6bf73f4 100644 load_TR_desc(); } -@@ -1746,6 +1750,10 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) +@@ -1809,6 +1813,10 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) vmcs_writel(HOST_TR_BASE, kvm_read_tr_base()); /* 22.2.4 */ vmcs_writel(HOST_GDTR_BASE, gdt->address); /* 22.2.4 */ @@ -28166,7 +28655,7 @@ index dcc4de3..6bf73f4 100644 rdmsrl(MSR_IA32_SYSENTER_ESP, sysenter_esp); vmcs_writel(HOST_IA32_SYSENTER_ESP, sysenter_esp); /* 22.2.3 */ vmx->loaded_vmcs->cpu = cpu; -@@ -2033,7 +2041,7 @@ static void setup_msrs(struct vcpu_vmx *vmx) +@@ -2098,7 +2106,7 @@ static void setup_msrs(struct vcpu_vmx *vmx) * reads and returns guest's timestamp counter "register" * guest_tsc = host_tsc + tsc_offset -- 21.3 */ @@ -28175,7 +28664,7 @@ index dcc4de3..6bf73f4 100644 { u64 host_tsc, tsc_offset; -@@ -2987,8 +2995,11 @@ static __init int hardware_setup(void) +@@ -3024,8 +3032,11 @@ static __init int hardware_setup(void) if (!cpu_has_vmx_flexpriority()) flexpriority_enabled = 0; @@ -28189,7 +28678,7 @@ index dcc4de3..6bf73f4 100644 if (enable_ept && !cpu_has_vmx_ept_2m_page()) kvm_disable_largepages(); -@@ -2999,13 +3010,15 @@ static __init int hardware_setup(void) +@@ -3036,13 +3047,15 @@ static __init int hardware_setup(void) if (!cpu_has_vmx_apicv()) enable_apicv = 0; @@ -28209,7 +28698,7 @@ index dcc4de3..6bf73f4 100644 if (nested) nested_vmx_setup_ctls_msrs(); -@@ -4134,7 +4147,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4165,7 +4178,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */ vmcs_writel(HOST_CR4, read_cr4()); /* 22.2.3, 22.2.5 */ @@ -28220,7 +28709,7 @@ index dcc4de3..6bf73f4 100644 vmcs_write16(HOST_CS_SELECTOR, __KERNEL_CS); /* 22.2.4 */ #ifdef CONFIG_X86_64 -@@ -4156,7 +4172,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4187,7 +4203,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ vmx->host_idt_base = dt.address; @@ -28229,7 +28718,7 @@ index dcc4de3..6bf73f4 100644 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); vmcs_write32(HOST_IA32_SYSENTER_CS, low32); -@@ -7219,6 +7235,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -7265,6 +7281,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) "jmp 2f \n\t" "1: " __ex(ASM_VMX_VMRESUME) "\n\t" "2: " @@ -28242,7 +28731,7 @@ index dcc4de3..6bf73f4 100644 /* Save guest registers, load host registers, keep flags */ "mov %0, %c[wordsize](%%" _ASM_SP ") \n\t" "pop %0 \n\t" -@@ -7271,6 +7293,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -7317,6 +7339,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) #endif [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), [wordsize]"i"(sizeof(ulong)) @@ -28254,7 +28743,7 @@ index dcc4de3..6bf73f4 100644 : "cc", "memory" #ifdef CONFIG_X86_64 , "rax", "rbx", "rdi", "rsi" -@@ -7284,7 +7311,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -7330,7 +7357,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) if (debugctlmsr) update_debugctlmsr(debugctlmsr); @@ -28263,7 +28752,7 @@ index dcc4de3..6bf73f4 100644 /* * The sysexit path does not restore ds/es, so we must set them to * a reasonable value ourselves. -@@ -7293,8 +7320,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -7339,8 +7366,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) * may be executed in interrupt context, which saves and restore segments * around it, nullifying its effect. */ @@ -28285,10 +28774,10 @@ index dcc4de3..6bf73f4 100644 vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 4e33b85..fa94855 100644 +index ee0c3b5..773bb94 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -1791,8 +1791,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) +@@ -1776,8 +1776,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) { struct kvm *kvm = vcpu->kvm; int lm = is_long_mode(vcpu); @@ -28299,7 +28788,7 @@ index 4e33b85..fa94855 100644 u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64 : kvm->arch.xen_hvm_config.blob_size_32; u32 page_num = data & ~PAGE_MASK; -@@ -2676,6 +2676,8 @@ long kvm_arch_dev_ioctl(struct file *filp, +@@ -2688,6 +2688,8 @@ long kvm_arch_dev_ioctl(struct file *filp, if (n < msr_list.nmsrs) goto out; r = -EFAULT; @@ -28308,7 +28797,7 @@ index 4e33b85..fa94855 100644 if (copy_to_user(user_msr_list->indices, &msrs_to_save, num_msrs_to_save * sizeof(u32))) goto out; -@@ -5485,7 +5487,7 @@ static struct notifier_block pvclock_gtod_notifier = { +@@ -5502,7 +5504,7 @@ static struct notifier_block pvclock_gtod_notifier = { }; #endif @@ -28318,7 +28807,7 @@ index 4e33b85..fa94855 100644 int r; struct kvm_x86_ops *ops = opaque; diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c -index bdf8532..f63c587 100644 +index ad1fb5f..fe30b66 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c @@ -1206,9 +1206,10 @@ static __init int early_put_chars(u32 vtermno, const char *buf, int count) @@ -29203,7 +29692,7 @@ index 176cca6..e0d658e 100644 .byte (copy_page_rep - copy_page) - (2f - 1b) /* offset */ 2: diff --git a/arch/x86/lib/copy_user_64.S b/arch/x86/lib/copy_user_64.S -index a30ca15..407412b 100644 +index dee945d..a84067b 100644 --- a/arch/x86/lib/copy_user_64.S +++ b/arch/x86/lib/copy_user_64.S @@ -18,31 +18,7 @@ @@ -29315,28 +29804,27 @@ index a30ca15..407412b 100644 CFI_STARTPROC + ASM_PAX_OPEN_USERLAND ASM_STAC - andl %edx,%edx - jz 4f -@@ -251,6 +185,8 @@ ENTRY(copy_user_generic_string) + cmpl $8,%edx + jb 2f /* less than 8 bytes, go to byte copy loop */ +@@ -249,6 +183,8 @@ ENTRY(copy_user_generic_string) movsb - 4: xorl %eax,%eax + xorl %eax,%eax ASM_CLAC + ASM_PAX_CLOSE_USERLAND + pax_force_retaddr ret .section .fixup,"ax" -@@ -278,6 +214,7 @@ ENDPROC(copy_user_generic_string) +@@ -276,12 +212,15 @@ ENDPROC(copy_user_generic_string) */ ENTRY(copy_user_enhanced_fast_string) CFI_STARTPROC + ASM_PAX_OPEN_USERLAND ASM_STAC - andl %edx,%edx - jz 2f -@@ -286,6 +223,8 @@ ENTRY(copy_user_enhanced_fast_string) + movl %edx,%ecx + 1: rep movsb - 2: xorl %eax,%eax + xorl %eax,%eax ASM_CLAC + ASM_PAX_CLOSE_USERLAND + pax_force_retaddr @@ -31180,7 +31668,7 @@ index 903ec1e..c4166b2 100644 } diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c -index 6dea040..31e52ff 100644 +index a10c8c7..35a5abb 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -14,11 +14,18 @@ @@ -31553,9 +32041,9 @@ index 6dea040..31e52ff 100644 return false; return true; -@@ -1037,6 +1245,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) - /* Get the faulting address: */ - address = read_cr2(); +@@ -1038,6 +1246,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, + tsk = current; + mm = tsk->mm; +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + if (!user_mode(regs) && address < 2 * pax_user_shadow_base) { @@ -31576,7 +32064,7 @@ index 6dea040..31e52ff 100644 /* * Detect and handle instructions that would cause a page fault for * both a tracked kernel page and a userspace page. -@@ -1114,7 +1338,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) +@@ -1115,7 +1339,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, * User-mode registers count as a user access even for any * potential system fault or CPU buglet: */ @@ -31585,7 +32073,7 @@ index 6dea040..31e52ff 100644 local_irq_enable(); error_code |= PF_USER; flags |= FAULT_FLAG_USER; -@@ -1161,6 +1385,11 @@ retry: +@@ -1162,6 +1386,11 @@ retry: might_sleep(); } @@ -31597,7 +32085,7 @@ index 6dea040..31e52ff 100644 vma = find_vma(mm, address); if (unlikely(!vma)) { bad_area(regs, error_code, address); -@@ -1172,18 +1401,24 @@ retry: +@@ -1173,18 +1402,24 @@ retry: bad_area(regs, error_code, address); return; } @@ -31633,10 +32121,10 @@ index 6dea040..31e52ff 100644 if (unlikely(expand_stack(vma, address))) { bad_area(regs, error_code, address); return; -@@ -1277,3 +1512,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) - __do_page_fault(regs, error_code); +@@ -1296,3 +1531,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) exception_exit(prev_state); } + #endif /* CONFIG_TRACING */ + +#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) +static bool pax_is_fetch_fault(struct pt_regs *regs, unsigned long error_code, unsigned long address) @@ -31927,7 +32415,7 @@ index 6dea040..31e52ff 100644 + return ret ? -EFAULT : 0; +} diff --git a/arch/x86/mm/gup.c b/arch/x86/mm/gup.c -index 0596e8e..5626789 100644 +index 207d9aef..69030980 100644 --- a/arch/x86/mm/gup.c +++ b/arch/x86/mm/gup.c @@ -268,7 +268,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, @@ -31967,11 +32455,11 @@ index 4500142..53a363c 100644 return (void *)vaddr; diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c -index 9d980d8..6bbfacb 100644 +index 8c9f647..57cb402 100644 --- a/arch/x86/mm/hugetlbpage.c +++ b/arch/x86/mm/hugetlbpage.c -@@ -92,23 +92,30 @@ int pmd_huge_support(void) - #ifdef HAVE_ARCH_HUGETLB_UNMAPPED_AREA +@@ -90,23 +90,24 @@ int pmd_huge_support(void) + #ifdef CONFIG_HUGETLB_PAGE static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, unsigned long addr, unsigned long len, - unsigned long pgoff, unsigned long flags) @@ -31983,13 +32471,7 @@ index 9d980d8..6bbfacb 100644 + info.flags = 0; info.length = len; - info.low_limit = TASK_UNMAPPED_BASE; -+ -+#ifdef CONFIG_PAX_RANDMMAP -+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) -+ info.low_limit += current->mm->delta_mmap; -+#endif -+ + info.low_limit = current->mm->mmap_legacy_base; info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; @@ -32004,7 +32486,7 @@ index 9d980d8..6bbfacb 100644 { struct hstate *h = hstate_file(file); struct vm_unmapped_area_info info; -@@ -120,6 +127,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, +@@ -118,6 +119,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, info.high_limit = current->mm->mmap_base; info.align_mask = PAGE_MASK & ~huge_page_mask(h); info.align_offset = 0; @@ -32012,7 +32494,7 @@ index 9d980d8..6bbfacb 100644 addr = vm_unmapped_area(&info); /* -@@ -132,6 +140,12 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, +@@ -130,6 +132,12 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, VM_BUG_ON(addr != -ENOMEM); info.flags = 0; info.low_limit = TASK_UNMAPPED_BASE; @@ -32025,7 +32507,7 @@ index 9d980d8..6bbfacb 100644 info.high_limit = TASK_SIZE; addr = vm_unmapped_area(&info); } -@@ -146,10 +160,20 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -144,10 +152,20 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, struct hstate *h = hstate_file(file); struct mm_struct *mm = current->mm; struct vm_area_struct *vma; @@ -32047,7 +32529,7 @@ index 9d980d8..6bbfacb 100644 return -ENOMEM; if (flags & MAP_FIXED) { -@@ -158,19 +182,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, +@@ -156,19 +174,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, return addr; } @@ -32072,8 +32554,8 @@ index 9d980d8..6bbfacb 100644 - pgoff, flags); + pgoff, flags, offset); } + #endif /* CONFIG_HUGETLB_PAGE */ - #endif /*HAVE_ARCH_HUGETLB_UNMAPPED_AREA*/ diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index f971306..e83e0f6 100644 --- a/arch/x86/mm/init.c @@ -32275,7 +32757,7 @@ index f971306..e83e0f6 100644 (unsigned long)(&__init_begin), (unsigned long)(&__init_end)); diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c -index 4287f1f..3b99c71 100644 +index e395048..cd38278 100644 --- a/arch/x86/mm/init_32.c +++ b/arch/x86/mm/init_32.c @@ -62,33 +62,6 @@ static noinline int do_test_wp_bit(void); @@ -32375,13 +32857,13 @@ index 4287f1f..3b99c71 100644 - if (addr >= (unsigned long)_text && addr <= (unsigned long)__init_end) - return 1; - return 0; -+ if ((start > ktla_ktva((unsigned long)_etext) || ++ if ((start >= ktla_ktva((unsigned long)_etext) || + end <= ktla_ktva((unsigned long)_stext)) && -+ (start > ktla_ktva((unsigned long)_einittext) || ++ (start >= ktla_ktva((unsigned long)_einittext) || + end <= ktla_ktva((unsigned long)_sinittext)) && + +#ifdef CONFIG_ACPI_SLEEP -+ (start > (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) && ++ (start >= (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) && +#endif + + (start > (unsigned long)__va(0xfffff) || end <= (unsigned long)__va(0xc0000))) @@ -32503,7 +32985,7 @@ index 4287f1f..3b99c71 100644 ((unsigned long)&_etext - (unsigned long)&_text) >> 10); /* -@@ -880,6 +882,7 @@ void set_kernel_text_rw(void) +@@ -883,6 +885,7 @@ void set_kernel_text_rw(void) if (!kernel_set_to_readonly) return; @@ -32511,7 +32993,7 @@ index 4287f1f..3b99c71 100644 pr_debug("Set kernel text: %lx - %lx for read write\n", start, start+size); -@@ -894,6 +897,7 @@ void set_kernel_text_ro(void) +@@ -897,6 +900,7 @@ void set_kernel_text_ro(void) if (!kernel_set_to_readonly) return; @@ -32519,7 +33001,7 @@ index 4287f1f..3b99c71 100644 pr_debug("Set kernel text: %lx - %lx for read only\n", start, start+size); -@@ -922,6 +926,7 @@ void mark_rodata_ro(void) +@@ -925,6 +929,7 @@ void mark_rodata_ro(void) unsigned long start = PFN_ALIGN(_text); unsigned long size = PFN_ALIGN(_etext) - start; @@ -32528,7 +33010,7 @@ index 4287f1f..3b99c71 100644 printk(KERN_INFO "Write protecting the kernel text: %luk\n", size >> 10); diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c -index 104d56a..62ba13f1 100644 +index f35c66c..84b95ef 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -151,7 +151,7 @@ early_param("gbpages", parse_direct_gbpages_on); @@ -32892,10 +33374,10 @@ index 0057a7a..95c7edd 100644 might_sleep(); if (is_enabled()) /* recheck and proper locking in *_core() */ diff --git a/arch/x86/mm/numa.c b/arch/x86/mm/numa.c -index 24aec58..c39fe8b 100644 +index 27aa0455..0eb1406 100644 --- a/arch/x86/mm/numa.c +++ b/arch/x86/mm/numa.c -@@ -474,7 +474,7 @@ static bool __init numa_meminfo_cover_memory(const struct numa_meminfo *mi) +@@ -478,7 +478,7 @@ static bool __init numa_meminfo_cover_memory(const struct numa_meminfo *mi) return true; } @@ -32905,10 +33387,10 @@ index 24aec58..c39fe8b 100644 unsigned long uninitialized_var(pfn_align); int i, nid; diff --git a/arch/x86/mm/pageattr-test.c b/arch/x86/mm/pageattr-test.c -index d0b1773..4c3327c 100644 +index 461bc82..4e091a3 100644 --- a/arch/x86/mm/pageattr-test.c +++ b/arch/x86/mm/pageattr-test.c -@@ -36,7 +36,7 @@ enum { +@@ -35,7 +35,7 @@ enum { static int pte_testbit(pte_t pte) { @@ -32918,10 +33400,10 @@ index d0b1773..4c3327c 100644 struct split_state { diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c -index bb32480..75f2f5e 100644 +index a348868..3c64310 100644 --- a/arch/x86/mm/pageattr.c +++ b/arch/x86/mm/pageattr.c -@@ -261,7 +261,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -262,7 +262,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, */ #ifdef CONFIG_PCI_BIOS if (pcibios_enabled && within(pfn, BIOS_BEGIN >> PAGE_SHIFT, BIOS_END >> PAGE_SHIFT)) @@ -32930,7 +33412,7 @@ index bb32480..75f2f5e 100644 #endif /* -@@ -269,9 +269,10 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -270,9 +270,10 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, * Does not cover __inittext since that is gone later on. On * 64bit we do not enforce !NX on the low mapping */ @@ -32943,7 +33425,7 @@ index bb32480..75f2f5e 100644 /* * The .rodata section needs to be read-only. Using the pfn * catches all aliases. -@@ -279,6 +280,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -280,6 +281,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, if (within(pfn, __pa_symbol(__start_rodata) >> PAGE_SHIFT, __pa_symbol(__end_rodata) >> PAGE_SHIFT)) pgprot_val(forbidden) |= _PAGE_RW; @@ -32951,7 +33433,7 @@ index bb32480..75f2f5e 100644 #if defined(CONFIG_X86_64) && defined(CONFIG_DEBUG_RODATA) /* -@@ -317,6 +319,13 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, +@@ -318,6 +320,13 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address, } #endif @@ -32965,7 +33447,7 @@ index bb32480..75f2f5e 100644 prot = __pgprot(pgprot_val(prot) & ~pgprot_val(forbidden)); return prot; -@@ -400,23 +409,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); +@@ -416,23 +425,37 @@ EXPORT_SYMBOL_GPL(slow_virt_to_phys); static void __set_pmd_pte(pte_t *kpte, unsigned long address, pte_t pte) { /* change init_mm */ @@ -33468,7 +33950,7 @@ index 90555bf..f5f1828 100644 } diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c -index ae699b3..f1b2ad2 100644 +index dd8dda1..9e9b0f6 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -48,7 +48,11 @@ void leave_mm(int cpu) @@ -33527,7 +34009,7 @@ index 0000000..dace51c +EXPORT_SYMBOL(__pax_close_userland); +#endif diff --git a/arch/x86/net/bpf_jit.S b/arch/x86/net/bpf_jit.S -index 877b9a1..f746de8 100644 +index 0149575..f746de8 100644 --- a/arch/x86/net/bpf_jit.S +++ b/arch/x86/net/bpf_jit.S @@ -9,6 +9,7 @@ @@ -33601,15 +34083,6 @@ index 877b9a1..f746de8 100644 ret #define sk_negative_common(SIZE) \ -@@ -140,7 +149,7 @@ bpf_slow_path_byte_msh: - push %r9; \ - push SKBDATA; \ - /* rsi already has offset */ \ -- mov $SIZE,%ecx; /* size */ \ -+ mov $SIZE,%edx; /* size */ \ - call bpf_internal_load_pointer_neg_helper; \ - test %rax,%rax; \ - pop SKBDATA; \ @@ -157,6 +166,7 @@ sk_load_word_negative_offset: sk_negative_common(4) mov (%rax), %eax @@ -33649,7 +34122,7 @@ index 877b9a1..f746de8 100644 + pax_force_retaddr ret diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c -index 4ed75dd..3cf24f0b 100644 +index af2d431..3cf24f0b 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -50,13 +50,90 @@ static inline u8 *emit_code(u8 *ptr, u32 bytes, unsigned int len) @@ -33815,7 +34288,7 @@ index 4ed75dd..3cf24f0b 100644 + pax_close_kernel(); - header->pages = sz / PAGE_SIZE; -- hole = sz - (proglen + sizeof(*header)); +- hole = min(sz - (proglen + sizeof(*header)), PAGE_SIZE - sizeof(*header)); + hole = PAGE_SIZE - (proglen & ~PAGE_MASK); /* insert a random number of int3 instructions before BPF code */ @@ -34074,10 +34547,10 @@ index 71e8a67..6a313bb 100644 struct op_counter_config; diff --git a/arch/x86/pci/intel_mid_pci.c b/arch/x86/pci/intel_mid_pci.c -index 51384ca..a25f51e 100644 +index 84b9d67..260e5ff 100644 --- a/arch/x86/pci/intel_mid_pci.c +++ b/arch/x86/pci/intel_mid_pci.c -@@ -241,7 +241,7 @@ int __init intel_mid_pci_init(void) +@@ -245,7 +245,7 @@ int __init intel_mid_pci_init(void) pr_info("Intel MID platform detected, using MID PCI ops\n"); pci_mmcfg_late_init(); pcibios_enable_irq = intel_mid_pci_irq_enable; @@ -34429,10 +34902,10 @@ index c77b24a..c979855 100644 } EXPORT_SYMBOL(pcibios_set_irq_routing); diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c -index 40e4469..d915bf9 100644 +index 9ee3491..872192f 100644 --- a/arch/x86/platform/efi/efi_32.c +++ b/arch/x86/platform/efi/efi_32.c -@@ -44,11 +44,22 @@ void efi_call_phys_prelog(void) +@@ -59,11 +59,22 @@ void efi_call_phys_prelog(void) { struct desc_ptr gdt_descr; @@ -34455,7 +34928,7 @@ index 40e4469..d915bf9 100644 gdt_descr.address = __pa(get_cpu_gdt_table(0)); gdt_descr.size = GDT_SIZE - 1; load_gdt(&gdt_descr); -@@ -58,11 +69,24 @@ void efi_call_phys_epilog(void) +@@ -73,11 +84,24 @@ void efi_call_phys_epilog(void) { struct desc_ptr gdt_descr; @@ -34481,10 +34954,10 @@ index 40e4469..d915bf9 100644 local_irq_restore(efi_rt_eflags); diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c -index 39a0e7f1..872396e 100644 +index 666b74a..673d88f 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c -@@ -76,6 +76,11 @@ void __init efi_call_phys_prelog(void) +@@ -97,6 +97,11 @@ void __init efi_call_phys_prelog(void) vaddress = (unsigned long)__va(pgd * PGDIR_SIZE); set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress)); } @@ -34496,7 +34969,7 @@ index 39a0e7f1..872396e 100644 __flush_tlb_all(); } -@@ -89,6 +94,11 @@ void __init efi_call_phys_epilog(void) +@@ -114,6 +119,11 @@ void __init efi_call_phys_epilog(void) for (pgd = 0; pgd < n_pgds; pgd++) set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), save_pgd[pgd]); kfree(save_pgd); @@ -34638,7 +35111,7 @@ index fbe66e6..eae5e38 100644 .long 0 efi_rt_function_ptr: diff --git a/arch/x86/platform/efi/efi_stub_64.S b/arch/x86/platform/efi/efi_stub_64.S -index 4c07cca..2c8427d 100644 +index 88073b1..1cc2f53 100644 --- a/arch/x86/platform/efi/efi_stub_64.S +++ b/arch/x86/platform/efi/efi_stub_64.S @@ -7,6 +7,7 @@ @@ -34649,68 +35122,69 @@ index 4c07cca..2c8427d 100644 #define SAVE_XMM \ mov %rsp, %rax; \ -@@ -40,6 +41,7 @@ ENTRY(efi_call0) - call *%rdi +@@ -77,6 +78,7 @@ ENTRY(efi_call0) + RESTORE_PGT addq $32, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call0) -@@ -50,6 +52,7 @@ ENTRY(efi_call1) - call *%rdi +@@ -89,6 +91,7 @@ ENTRY(efi_call1) + RESTORE_PGT addq $32, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call1) -@@ -60,6 +63,7 @@ ENTRY(efi_call2) - call *%rdi +@@ -101,6 +104,7 @@ ENTRY(efi_call2) + RESTORE_PGT addq $32, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call2) -@@ -71,6 +75,7 @@ ENTRY(efi_call3) - call *%rdi +@@ -114,6 +118,7 @@ ENTRY(efi_call3) + RESTORE_PGT addq $32, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call3) -@@ -83,6 +88,7 @@ ENTRY(efi_call4) - call *%rdi +@@ -128,6 +133,7 @@ ENTRY(efi_call4) + RESTORE_PGT addq $32, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call4) -@@ -96,6 +102,7 @@ ENTRY(efi_call5) - call *%rdi +@@ -143,6 +149,7 @@ ENTRY(efi_call5) + RESTORE_PGT addq $48, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call5) -@@ -112,5 +119,6 @@ ENTRY(efi_call6) - call *%rdi +@@ -161,6 +168,7 @@ ENTRY(efi_call6) + RESTORE_PGT addq $48, %rsp RESTORE_XMM + pax_force_retaddr 0, 1 ret ENDPROC(efi_call6) + diff --git a/arch/x86/platform/intel-mid/intel-mid.c b/arch/x86/platform/intel-mid/intel-mid.c -index f90e290..435f0dd 100644 +index 1bbedc4..eb795b5 100644 --- a/arch/x86/platform/intel-mid/intel-mid.c +++ b/arch/x86/platform/intel-mid/intel-mid.c -@@ -65,9 +65,10 @@ static void intel_mid_power_off(void) +@@ -71,9 +71,10 @@ static void intel_mid_power_off(void) { - } + }; -static void intel_mid_reboot(void) +static void __noreturn intel_mid_reboot(void) @@ -34763,10 +35237,10 @@ index 424f4c9..f2a2988 100644 #endif load_TR_desc(); /* This does ltr */ diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c -index a44f457..9140171 100644 +index bad628a..a102610 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c -@@ -70,7 +70,13 @@ void __init setup_real_mode(void) +@@ -68,7 +68,13 @@ void __init setup_real_mode(void) __va(real_mode_header->trampoline_header); #ifdef CONFIG_X86_32 @@ -34781,7 +35255,7 @@ index a44f457..9140171 100644 trampoline_header->gdt_limit = __BOOT_DS + 7; trampoline_header->gdt_base = __pa_symbol(boot_gdt); #else -@@ -86,7 +92,7 @@ void __init setup_real_mode(void) +@@ -84,7 +90,7 @@ void __init setup_real_mode(void) *trampoline_cr4_features = read_cr4(); trampoline_pgd = (u64 *) __va(real_mode_header->trampoline_pgd); @@ -34791,13 +35265,13 @@ index a44f457..9140171 100644 #endif } diff --git a/arch/x86/realmode/rm/Makefile b/arch/x86/realmode/rm/Makefile -index 9cac825..4890b25 100644 +index 3497f14..cc73b92 100644 --- a/arch/x86/realmode/rm/Makefile +++ b/arch/x86/realmode/rm/Makefile -@@ -79,5 +79,8 @@ KBUILD_CFLAGS := $(LINUXINCLUDE) -m32 -g -Os -D_SETUP -D__KERNEL__ -D_WAKEUP \ - $(call cc-option, -fno-unit-at-a-time)) \ - $(call cc-option, -fno-stack-protector) \ - $(call cc-option, -mpreferred-stack-boundary=2) +@@ -66,5 +66,8 @@ $(obj)/realmode.relocs: $(obj)/realmode.elf FORCE + + KBUILD_CFLAGS := $(LINUXINCLUDE) $(REALMODE_CFLAGS) -D_SETUP -D_WAKEUP \ + -I$(srctree)/arch/x86/boot +ifdef CONSTIFY_PLUGIN +KBUILD_CFLAGS += -fplugin-arg-constify_plugin-no-constify +endif @@ -34819,10 +35293,10 @@ index a28221d..93c40f1 100644 #endif END(real_mode_header) diff --git a/arch/x86/realmode/rm/trampoline_32.S b/arch/x86/realmode/rm/trampoline_32.S -index c1b2791..f9e31c7 100644 +index 48ddd76..c26749f 100644 --- a/arch/x86/realmode/rm/trampoline_32.S +++ b/arch/x86/realmode/rm/trampoline_32.S -@@ -25,6 +25,12 @@ +@@ -24,6 +24,12 @@ #include <asm/page_types.h> #include "realmode.h" @@ -34835,7 +35309,7 @@ index c1b2791..f9e31c7 100644 .text .code16 -@@ -39,8 +45,6 @@ ENTRY(trampoline_start) +@@ -38,8 +44,6 @@ ENTRY(trampoline_start) cli # We should be safe anyway @@ -34844,7 +35318,7 @@ index c1b2791..f9e31c7 100644 movl $0xA5A5A5A5, trampoline_status # write marker for master knows we're running -@@ -56,7 +60,7 @@ ENTRY(trampoline_start) +@@ -55,7 +59,7 @@ ENTRY(trampoline_start) movw $1, %dx # protected mode (PE) bit lmsw %dx # into protected mode @@ -34853,7 +35327,7 @@ index c1b2791..f9e31c7 100644 .section ".text32","ax" .code32 -@@ -67,7 +71,7 @@ ENTRY(startup_32) # note: also used from wakeup_asm.S +@@ -66,7 +70,7 @@ ENTRY(startup_32) # note: also used from wakeup_asm.S .balign 8 GLOBAL(trampoline_header) tr_start: .space 4 @@ -34863,10 +35337,10 @@ index c1b2791..f9e31c7 100644 END(trampoline_header) diff --git a/arch/x86/realmode/rm/trampoline_64.S b/arch/x86/realmode/rm/trampoline_64.S -index bb360dc..d0fd8f8 100644 +index dac7b20..72dbaca 100644 --- a/arch/x86/realmode/rm/trampoline_64.S +++ b/arch/x86/realmode/rm/trampoline_64.S -@@ -94,6 +94,7 @@ ENTRY(startup_32) +@@ -93,6 +93,7 @@ ENTRY(startup_32) movl %edx, %gs movl pa_tr_cr4, %eax @@ -34874,7 +35348,7 @@ index bb360dc..d0fd8f8 100644 movl %eax, %cr4 # Enable PAE mode # Setup trampoline 4 level pagetables -@@ -107,7 +108,7 @@ ENTRY(startup_32) +@@ -106,7 +107,7 @@ ENTRY(startup_32) wrmsr # Enable paging and in turn activate Long Mode @@ -34883,6 +35357,24 @@ index bb360dc..d0fd8f8 100644 movl %eax, %cr0 /* +diff --git a/arch/x86/realmode/rm/wakeup_asm.S b/arch/x86/realmode/rm/wakeup_asm.S +index 9e7e147..25a4158 100644 +--- a/arch/x86/realmode/rm/wakeup_asm.S ++++ b/arch/x86/realmode/rm/wakeup_asm.S +@@ -126,11 +126,10 @@ ENTRY(wakeup_start) + lgdtl pmode_gdt + + /* This really couldn't... */ +- movl pmode_entry, %eax + movl pmode_cr0, %ecx + movl %ecx, %cr0 +- ljmpl $__KERNEL_CS, $pa_startup_32 +- /* -> jmp *%eax in trampoline_32.S */ ++ ++ ljmpl *pmode_entry + #else + jmp trampoline_start + #endif diff --git a/arch/x86/tools/Makefile b/arch/x86/tools/Makefile index e812034..c747134 100644 --- a/arch/x86/tools/Makefile @@ -34897,7 +35389,7 @@ index e812034..c747134 100644 relocs-objs := relocs_32.o relocs_64.o relocs_common.o relocs: $(obj)/relocs diff --git a/arch/x86/tools/relocs.c b/arch/x86/tools/relocs.c -index f7bab68..b6d9886 100644 +index cfbdbdb..1aa763c 100644 --- a/arch/x86/tools/relocs.c +++ b/arch/x86/tools/relocs.c @@ -1,5 +1,7 @@ @@ -35065,7 +35557,7 @@ index f7bab68..b6d9886 100644 struct section *sec = &secs[i]; if (sec->shdr.sh_type != SHT_REL_TYPE) { -@@ -812,6 +860,23 @@ static int do_reloc32(struct section *sec, Elf_Rel *rel, Elf_Sym *sym, +@@ -822,6 +870,23 @@ static int do_reloc32(struct section *sec, Elf_Rel *rel, Elf_Sym *sym, { unsigned r_type = ELF32_R_TYPE(rel->r_info); int shn_abs = (sym->st_shndx == SHN_ABS) && !is_reloc(S_REL, symname); @@ -35089,7 +35581,7 @@ index f7bab68..b6d9886 100644 switch (r_type) { case R_386_NONE: -@@ -950,7 +1015,7 @@ static int write32_as_text(uint32_t v, FILE *f) +@@ -960,7 +1025,7 @@ static int write32_as_text(uint32_t v, FILE *f) static void emit_relocs(int as_text, int use_real_mode) { @@ -35098,7 +35590,7 @@ index f7bab68..b6d9886 100644 int (*write_reloc)(uint32_t, FILE *) = write32; int (*do_reloc)(struct section *sec, Elf_Rel *rel, Elf_Sym *sym, const char *symname); -@@ -1026,10 +1091,11 @@ void process(FILE *fp, int use_real_mode, int as_text, +@@ -1060,10 +1125,11 @@ void process(FILE *fp, int use_real_mode, int as_text, { regex_init(use_real_mode); read_ehdr(fp); @@ -35138,7 +35630,7 @@ index fd14be1..e3c79c0 100644 # diff --git a/arch/x86/vdso/vdso32-setup.c b/arch/x86/vdso/vdso32-setup.c -index d6bfb87..876ee18 100644 +index d6bfb87..a75c5f7 100644 --- a/arch/x86/vdso/vdso32-setup.c +++ b/arch/x86/vdso/vdso32-setup.c @@ -25,6 +25,7 @@ @@ -35149,7 +35641,15 @@ index d6bfb87..876ee18 100644 enum { VDSO_DISABLED = 0, -@@ -226,7 +227,7 @@ static inline void map_compat_vdso(int map) +@@ -41,6 +42,7 @@ enum { + #ifdef CONFIG_X86_64 + #define vdso_enabled sysctl_vsyscall32 + #define arch_setup_additional_pages syscall32_setup_pages ++extern int sysctl_ldt16; + #endif + + /* +@@ -226,7 +228,7 @@ static inline void map_compat_vdso(int map) void enable_sep_cpu(void) { int cpu = get_cpu(); @@ -35158,7 +35658,7 @@ index d6bfb87..876ee18 100644 if (!boot_cpu_has(X86_FEATURE_SEP)) { put_cpu(); -@@ -249,7 +250,7 @@ static int __init gate_vma_init(void) +@@ -249,7 +251,7 @@ static int __init gate_vma_init(void) gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; @@ -35167,7 +35667,7 @@ index d6bfb87..876ee18 100644 return 0; } -@@ -330,14 +331,14 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) +@@ -330,14 +332,14 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) if (compat) addr = VDSO_HIGH_BASE; else { @@ -35184,7 +35684,7 @@ index d6bfb87..876ee18 100644 if (compat_uses_vma || !compat) { /* -@@ -353,11 +354,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) +@@ -353,11 +355,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) } current_thread_info()->sysenter_return = @@ -35198,7 +35698,21 @@ index d6bfb87..876ee18 100644 up_write(&mm->mmap_sem); -@@ -404,8 +405,14 @@ __initcall(ia32_binfmt_init); +@@ -380,6 +382,13 @@ static struct ctl_table abi_table2[] = { + .mode = 0644, + .proc_handler = proc_dointvec + }, ++ { ++ .procname = "ldt16", ++ .data = &sysctl_ldt16, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec ++ }, + {} + }; + +@@ -404,8 +413,14 @@ __initcall(ia32_binfmt_init); const char *arch_vma_name(struct vm_area_struct *vma) { @@ -35214,7 +35728,7 @@ index d6bfb87..876ee18 100644 return NULL; } -@@ -415,7 +422,7 @@ struct vm_area_struct *get_gate_vma(struct mm_struct *mm) +@@ -415,7 +430,7 @@ struct vm_area_struct *get_gate_vma(struct mm_struct *mm) * Check to see if the corresponding task was created in compat vdso * mode. */ @@ -35297,7 +35811,7 @@ index 431e875..cbb23f3 100644 -} -__setup("vdso=", vdso_setup); diff --git a/arch/x86/xen/Kconfig b/arch/x86/xen/Kconfig -index 1a3c765..3d2e8d1 100644 +index 01b9026..1e476df 100644 --- a/arch/x86/xen/Kconfig +++ b/arch/x86/xen/Kconfig @@ -9,6 +9,7 @@ config XEN @@ -35309,7 +35823,7 @@ index 1a3c765..3d2e8d1 100644 This is the Linux Xen port. Enabling this will allow the kernel to boot in a paravirtualized environment under the diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index fa6ade7..73da73a5 100644 +index 201d09a..e4723e5 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c @@ -123,8 +123,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); @@ -35321,7 +35835,7 @@ index fa6ade7..73da73a5 100644 RESERVE_BRK(shared_info_page_brk, PAGE_SIZE); __read_mostly int xen_have_vector_callback; EXPORT_SYMBOL_GPL(xen_have_vector_callback); -@@ -541,8 +539,7 @@ static void xen_load_gdt(const struct desc_ptr *dtr) +@@ -542,8 +540,7 @@ static void xen_load_gdt(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; @@ -35331,7 +35845,7 @@ index fa6ade7..73da73a5 100644 int f; /* -@@ -590,8 +587,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) +@@ -591,8 +588,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; @@ -35341,7 +35855,7 @@ index fa6ade7..73da73a5 100644 int f; /* -@@ -599,7 +595,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) +@@ -600,7 +596,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) * 8-byte entries, or 16 4k pages.. */ @@ -35350,7 +35864,7 @@ index fa6ade7..73da73a5 100644 BUG_ON(va & ~PAGE_MASK); for (f = 0; va < dtr->address + size; va += PAGE_SIZE, f++) { -@@ -988,7 +984,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) +@@ -989,7 +985,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) return 0; } @@ -35359,7 +35873,7 @@ index fa6ade7..73da73a5 100644 { apic->read = xen_apic_read; apic->write = xen_apic_write; -@@ -1293,30 +1289,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { +@@ -1295,30 +1291,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { #endif }; @@ -35397,7 +35911,7 @@ index fa6ade7..73da73a5 100644 { if (pm_power_off) pm_power_off(); -@@ -1467,7 +1463,17 @@ asmlinkage void __init xen_start_kernel(void) +@@ -1564,7 +1560,17 @@ asmlinkage void __init xen_start_kernel(void) __userpte_alloc_gfp &= ~__GFP_HIGHMEM; /* Work out if we support NX */ @@ -35414,9 +35928,9 @@ index fa6ade7..73da73a5 100644 + } +#endif - xen_setup_features(); - -@@ -1498,13 +1504,6 @@ asmlinkage void __init xen_start_kernel(void) + /* Get mfn list */ + xen_build_dynamic_phys_to_machine(); +@@ -1592,13 +1598,6 @@ asmlinkage void __init xen_start_kernel(void) machine_ops = xen_machine_ops; @@ -35431,7 +35945,7 @@ index fa6ade7..73da73a5 100644 #ifdef CONFIG_ACPI_NUMA diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c -index 3c76c3d..7871755 100644 +index 2423ef0..4f6fb5b 100644 --- a/arch/x86/xen/mmu.c +++ b/arch/x86/xen/mmu.c @@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) @@ -35441,32 +35955,32 @@ index 3c76c3d..7871755 100644 -static pteval_t pte_pfn_to_mfn(pteval_t val) +static pteval_t __intentional_overflow(-1) pte_pfn_to_mfn(pteval_t val) { - if (pteval_present(val)) { + if (val & _PAGE_PRESENT) { unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; -@@ -1894,6 +1894,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) - /* L3_k[510] -> level2_kernel_pgt - * L3_i[511] -> level2_fixmap_pgt */ - convert_pfn_mfn(level3_kernel_pgt); -+ convert_pfn_mfn(level3_vmalloc_start_pgt); -+ convert_pfn_mfn(level3_vmalloc_end_pgt); -+ convert_pfn_mfn(level3_vmemmap_pgt); - +@@ -1904,6 +1904,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) + /* L3_k[510] -> level2_kernel_pgt + * L3_i[511] -> level2_fixmap_pgt */ + convert_pfn_mfn(level3_kernel_pgt); ++ convert_pfn_mfn(level3_vmalloc_start_pgt); ++ convert_pfn_mfn(level3_vmalloc_end_pgt); ++ convert_pfn_mfn(level3_vmemmap_pgt); + } /* We get [511][511] and have Xen's version of level2_kernel_pgt */ l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd); -@@ -1923,8 +1926,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) - set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); -+ set_page_prot(level3_vmalloc_start_pgt, PAGE_KERNEL_RO); -+ set_page_prot(level3_vmalloc_end_pgt, PAGE_KERNEL_RO); -+ set_page_prot(level3_vmemmap_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); - set_page_prot(level2_ident_pgt, PAGE_KERNEL_RO); -+ set_page_prot(level2_vmemmap_pgt, PAGE_KERNEL_RO); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); - -@@ -2108,6 +2115,7 @@ static void __init xen_post_allocator_init(void) +@@ -1933,8 +1936,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) + set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); + set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); + set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); ++ set_page_prot(level3_vmalloc_start_pgt, PAGE_KERNEL_RO); ++ set_page_prot(level3_vmalloc_end_pgt, PAGE_KERNEL_RO); ++ set_page_prot(level3_vmemmap_pgt, PAGE_KERNEL_RO); + set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); + set_page_prot(level2_ident_pgt, PAGE_KERNEL_RO); ++ set_page_prot(level2_vmemmap_pgt, PAGE_KERNEL_RO); + set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); + set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); + +@@ -2123,6 +2130,7 @@ static void __init xen_post_allocator_init(void) pv_mmu_ops.set_pud = xen_set_pud; #if PAGETABLE_LEVELS == 4 pv_mmu_ops.set_pgd = xen_set_pgd; @@ -35474,7 +35988,7 @@ index 3c76c3d..7871755 100644 #endif /* This will work as long as patching hasn't happened yet -@@ -2186,6 +2194,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { +@@ -2201,6 +2209,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { .pud_val = PV_CALLEE_SAVE(xen_pud_val), .make_pud = PV_CALLEE_SAVE(xen_make_pud), .set_pgd = xen_set_pgd_hyper, @@ -35483,16 +35997,16 @@ index 3c76c3d..7871755 100644 .alloc_pud = xen_alloc_pmd_init, .release_pud = xen_release_pmd_init, diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c -index c36b325..b0f1518 100644 +index a18eadd..2e2f10e 100644 --- a/arch/x86/xen/smp.c +++ b/arch/x86/xen/smp.c -@@ -274,17 +274,13 @@ static void __init xen_smp_prepare_boot_cpu(void) - native_smp_prepare_boot_cpu(); +@@ -283,17 +283,13 @@ static void __init xen_smp_prepare_boot_cpu(void) if (xen_pv_domain()) { -- /* We've switched to the "real" per-cpu gdt, so make sure the -- old memory can be recycled */ -- make_lowmem_page_readwrite(xen_initial_gdt); + if (!xen_feature(XENFEAT_writable_page_tables)) +- /* We've switched to the "real" per-cpu gdt, so make +- * sure the old memory can be recycled. */ +- make_lowmem_page_readwrite(xen_initial_gdt); - #ifdef CONFIG_X86_32 /* @@ -35506,27 +36020,27 @@ index c36b325..b0f1518 100644 #endif xen_filter_cpu_maps(); -@@ -364,7 +360,7 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) - ctxt->user_regs.ss = __KERNEL_DS; +@@ -372,7 +368,7 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) #ifdef CONFIG_X86_32 + /* Note: PVH is not yet supported on x86_32. */ ctxt->user_regs.fs = __KERNEL_PERCPU; - ctxt->user_regs.gs = __KERNEL_STACK_CANARY; + savesegment(gs, ctxt->user_regs.gs); - #else - ctxt->gs_base_kernel = per_cpu_offset(cpu); #endif -@@ -374,8 +370,8 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) + ctxt->user_regs.eip = (unsigned long)cpu_bringup_and_idle; - { +@@ -381,8 +377,8 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) + if (!xen_feature(XENFEAT_auto_translated_physmap)) { + ctxt->flags = VGCF_IN_KERNEL; ctxt->user_regs.eflags = 0x1000; /* IOPL_RING1 */ - ctxt->user_regs.ds = __USER_DS; - ctxt->user_regs.es = __USER_DS; + ctxt->user_regs.ds = __KERNEL_DS; + ctxt->user_regs.es = __KERNEL_DS; + ctxt->user_regs.ss = __KERNEL_DS; xen_copy_trap_info(ctxt->trap_ctxt); - -@@ -420,13 +416,12 @@ static int xen_cpu_up(unsigned int cpu, struct task_struct *idle) +@@ -437,13 +433,12 @@ static int xen_cpu_up(unsigned int cpu, struct task_struct *idle) int rc; per_cpu(current_task, cpu) = idle; @@ -35542,7 +36056,7 @@ index c36b325..b0f1518 100644 #endif xen_setup_runstate_info(cpu); xen_setup_timer(cpu); -@@ -702,7 +697,7 @@ static const struct smp_ops xen_smp_ops __initconst = { +@@ -719,7 +714,7 @@ static const struct smp_ops xen_smp_ops __initconst = { void __init xen_smp_init(void) { @@ -35577,10 +36091,10 @@ index 33ca6e4..0ded929 100644 movl %ss:xen_vcpu, %eax #endif diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S -index 7faed58..ba4427c 100644 +index 485b695..fda3e7c 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S -@@ -19,6 +19,17 @@ ENTRY(startup_xen) +@@ -39,6 +39,17 @@ ENTRY(startup_xen) #ifdef CONFIG_X86_32 mov %esi,xen_start_info mov $init_thread_union+THREAD_SIZE,%esp @@ -35599,7 +36113,7 @@ index 7faed58..ba4427c 100644 mov %rsi,xen_start_info mov $init_thread_union+THREAD_SIZE,%rsp diff --git a/arch/x86/xen/xen-ops.h b/arch/x86/xen/xen-ops.h -index 95f8c61..611d6e8 100644 +index 1cb6f4c..9981524 100644 --- a/arch/x86/xen/xen-ops.h +++ b/arch/x86/xen/xen-ops.h @@ -10,8 +10,6 @@ @@ -35708,7 +36222,7 @@ index 1855bf5..af12b06 100644 struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); int rearm = 0, budget = blk_iopoll_budget; diff --git a/block/blk-map.c b/block/blk-map.c -index 623e1cd..ca1e109 100644 +index ae4ae10..c470b8d 100644 --- a/block/blk-map.c +++ b/block/blk-map.c @@ -302,7 +302,7 @@ int blk_rq_map_kern(struct request_queue *q, struct request *rq, void *kbuf, @@ -35844,7 +36358,7 @@ index dc51f46..d5446a8 100644 (u8 *) pte, count) < count) { kfree(pte); diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c -index 625e3e4..b5339f9 100644 +index 2648797..92ed21f 100644 --- a/block/scsi_ioctl.c +++ b/block/scsi_ioctl.c @@ -67,7 +67,7 @@ static int scsi_get_bus(struct request_queue *q, int __user *p) @@ -35878,7 +36392,7 @@ index 625e3e4..b5339f9 100644 if (blk_verify_command(rq->cmd, mode & FMODE_WRITE)) return -EPERM; -@@ -415,6 +427,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, +@@ -417,6 +429,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, int err; unsigned int in_len, out_len, bytes, opcode, cmdlen; char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE]; @@ -35887,7 +36401,7 @@ index 625e3e4..b5339f9 100644 if (!sic) return -EINVAL; -@@ -448,9 +462,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, +@@ -450,9 +464,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, */ err = -EFAULT; rq->cmd_len = cmdlen; @@ -35930,7 +36444,7 @@ index 7bdd61b..afec999 100644 static void cryptd_queue_worker(struct work_struct *work); diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c -index f8c920c..ab2cb5a 100644 +index 309d345..1632720 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -440,7 +440,7 @@ static int pcrypt_sysfs_add(struct padata_instance *pinst, const char *name) @@ -35965,10 +36479,10 @@ index 15dddc1..b61cf0c 100644 /* diff --git a/drivers/acpi/apei/apei-internal.h b/drivers/acpi/apei/apei-internal.h -index 21ba34a..cb05966 100644 +index e5bcd91..74f050d 100644 --- a/drivers/acpi/apei/apei-internal.h +++ b/drivers/acpi/apei/apei-internal.h -@@ -20,7 +20,7 @@ typedef int (*apei_exec_ins_func_t)(struct apei_exec_context *ctx, +@@ -19,7 +19,7 @@ typedef int (*apei_exec_ins_func_t)(struct apei_exec_context *ctx, struct apei_exec_ins_type { u32 flags; apei_exec_ins_func_t run; @@ -35978,10 +36492,10 @@ index 21ba34a..cb05966 100644 struct apei_exec_context { u32 ip; diff --git a/drivers/acpi/apei/ghes.c b/drivers/acpi/apei/ghes.c -index a30bc31..b91c4d5 100644 +index dab7cb7..f0d2994 100644 --- a/drivers/acpi/apei/ghes.c +++ b/drivers/acpi/apei/ghes.c -@@ -498,7 +498,7 @@ static void __ghes_print_estatus(const char *pfx, +@@ -500,7 +500,7 @@ static void __ghes_print_estatus(const char *pfx, const struct acpi_hest_generic *generic, const struct acpi_generic_status *estatus) { @@ -35990,7 +36504,7 @@ index a30bc31..b91c4d5 100644 unsigned int curr_seqno; char pfx_seq[64]; -@@ -509,7 +509,7 @@ static void __ghes_print_estatus(const char *pfx, +@@ -511,7 +511,7 @@ static void __ghes_print_estatus(const char *pfx, else pfx = KERN_ERR; } @@ -36017,10 +36531,10 @@ index a83e3c6..c3d617f 100644 bgrt_kobj = kobject_create_and_add("bgrt", acpi_kobj); if (!bgrt_kobj) diff --git a/drivers/acpi/blacklist.c b/drivers/acpi/blacklist.c -index 078c4f7..410e272 100644 +index afec452..c5d8b96 100644 --- a/drivers/acpi/blacklist.c +++ b/drivers/acpi/blacklist.c -@@ -52,7 +52,7 @@ struct acpi_blacklist_item { +@@ -51,7 +51,7 @@ struct acpi_blacklist_item { u32 is_critical_error; }; @@ -36029,7 +36543,7 @@ index 078c4f7..410e272 100644 /* * POLICY: If *anything* doesn't work, put it on the blacklist. -@@ -164,7 +164,7 @@ static int __init dmi_disable_osi_win8(const struct dmi_system_id *d) +@@ -163,7 +163,7 @@ static int __init dmi_disable_osi_win8(const struct dmi_system_id *d) return 0; } @@ -36039,7 +36553,7 @@ index 078c4f7..410e272 100644 .callback = dmi_disable_osi_vista, .ident = "Fujitsu Siemens", diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c -index 12b62f2..dc2aac8 100644 +index c68e724..e863008 100644 --- a/drivers/acpi/custom_method.c +++ b/drivers/acpi/custom_method.c @@ -29,6 +29,10 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, @@ -36054,10 +36568,10 @@ index 12b62f2..dc2aac8 100644 /* parse the table header to get the table length */ if (count <= sizeof(struct acpi_table_header)) diff --git a/drivers/acpi/processor_idle.c b/drivers/acpi/processor_idle.c -index 644516d..643937e 100644 +index 3dca36d..abaf070 100644 --- a/drivers/acpi/processor_idle.c +++ b/drivers/acpi/processor_idle.c -@@ -963,7 +963,7 @@ static int acpi_processor_setup_cpuidle_states(struct acpi_processor *pr) +@@ -952,7 +952,7 @@ static int acpi_processor_setup_cpuidle_states(struct acpi_processor *pr) { int i, count = CPUIDLE_DRIVER_STATE_START; struct acpi_processor_cx *cx; @@ -36067,7 +36581,7 @@ index 644516d..643937e 100644 if (!pr->flags.power_setup_done) diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c -index 6dbc3ca..b8b59a0 100644 +index 91a32ce..d77fcaf 100644 --- a/drivers/acpi/sysfs.c +++ b/drivers/acpi/sysfs.c @@ -425,11 +425,11 @@ static u32 num_counters; @@ -36085,7 +36599,7 @@ index 6dbc3ca..b8b59a0 100644 static void delete_gpe_attr_array(void) { diff --git a/drivers/ata/libahci.c b/drivers/ata/libahci.c -index c482f8c..c832240 100644 +index 36605ab..6ef6d4b 100644 --- a/drivers/ata/libahci.c +++ b/drivers/ata/libahci.c @@ -1239,7 +1239,7 @@ int ahci_kick_engine(struct ata_port *ap) @@ -36098,7 +36612,7 @@ index c482f8c..c832240 100644 unsigned long timeout_msec) { diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c -index 8cb2522..a815e54 100644 +index 0a79c54..c1b92ed 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -98,7 +98,7 @@ static unsigned int ata_dev_set_xfermode(struct ata_device *dev); @@ -36110,7 +36624,7 @@ index 8cb2522..a815e54 100644 struct ata_force_param { const char *name; -@@ -4851,7 +4851,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) +@@ -4858,7 +4858,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) struct ata_port *ap; unsigned int tag; @@ -36119,7 +36633,7 @@ index 8cb2522..a815e54 100644 ap = qc->ap; qc->flags = 0; -@@ -4867,7 +4867,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) +@@ -4874,7 +4874,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) struct ata_port *ap; struct ata_link *link; @@ -36128,7 +36642,7 @@ index 8cb2522..a815e54 100644 WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); ap = qc->ap; link = qc->dev->link; -@@ -5986,6 +5986,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -5993,6 +5993,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) return; spin_lock(&lock); @@ -36136,7 +36650,7 @@ index 8cb2522..a815e54 100644 for (cur = ops->inherits; cur; cur = cur->inherits) { void **inherit = (void **)cur; -@@ -5999,8 +6000,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -6006,8 +6007,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) if (IS_ERR(*pp)) *pp = NULL; @@ -36147,7 +36661,7 @@ index 8cb2522..a815e54 100644 spin_unlock(&lock); } -@@ -6193,7 +6195,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) +@@ -6200,7 +6202,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) /* give ports names and add SCSI hosts */ for (i = 0; i < host->n_ports; i++) { @@ -36450,10 +36964,10 @@ index 204814e..cede831 100644 fore200e->tx_sat++; DPRINTK(2, "tx queue of device %s is saturated, PDU dropped - heartbeat is %08x\n", diff --git a/drivers/atm/he.c b/drivers/atm/he.c -index 8557adc..3fb5d55 100644 +index aa6be26..f70a785 100644 --- a/drivers/atm/he.c +++ b/drivers/atm/he.c -@@ -1691,7 +1691,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) +@@ -1690,7 +1690,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) if (RBRQ_HBUF_ERR(he_dev->rbrq_head)) { hprintk("HBUF_ERR! (cid 0x%x)\n", cid); @@ -36462,7 +36976,7 @@ index 8557adc..3fb5d55 100644 goto return_host_buffers; } -@@ -1718,7 +1718,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) +@@ -1717,7 +1717,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) RBRQ_LEN_ERR(he_dev->rbrq_head) ? "LEN_ERR" : "", vcc->vpi, vcc->vci); @@ -36471,7 +36985,7 @@ index 8557adc..3fb5d55 100644 goto return_host_buffers; } -@@ -1770,7 +1770,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) +@@ -1769,7 +1769,7 @@ he_service_rbrq(struct he_dev *he_dev, int group) vcc->push(vcc, skb); spin_lock(&he_dev->global_lock); @@ -36480,7 +36994,7 @@ index 8557adc..3fb5d55 100644 return_host_buffers: ++pdus_assembled; -@@ -2096,7 +2096,7 @@ __enqueue_tpd(struct he_dev *he_dev, struct he_tpd *tpd, unsigned cid) +@@ -2095,7 +2095,7 @@ __enqueue_tpd(struct he_dev *he_dev, struct he_tpd *tpd, unsigned cid) tpd->vcc->pop(tpd->vcc, tpd->skb); else dev_kfree_skb_any(tpd->skb); @@ -36489,7 +37003,7 @@ index 8557adc..3fb5d55 100644 } pci_pool_free(he_dev->tpd_pool, tpd, TPD_ADDR(tpd->status)); return; -@@ -2508,7 +2508,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -2507,7 +2507,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) vcc->pop(vcc, skb); else dev_kfree_skb_any(skb); @@ -36498,7 +37012,7 @@ index 8557adc..3fb5d55 100644 return -EINVAL; } -@@ -2519,7 +2519,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -2518,7 +2518,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) vcc->pop(vcc, skb); else dev_kfree_skb_any(skb); @@ -36507,7 +37021,7 @@ index 8557adc..3fb5d55 100644 return -EINVAL; } #endif -@@ -2531,7 +2531,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -2530,7 +2530,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) vcc->pop(vcc, skb); else dev_kfree_skb_any(skb); @@ -36516,7 +37030,7 @@ index 8557adc..3fb5d55 100644 spin_unlock_irqrestore(&he_dev->global_lock, flags); return -ENOMEM; } -@@ -2573,7 +2573,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -2572,7 +2572,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) vcc->pop(vcc, skb); else dev_kfree_skb_any(skb); @@ -36525,7 +37039,7 @@ index 8557adc..3fb5d55 100644 spin_unlock_irqrestore(&he_dev->global_lock, flags); return -ENOMEM; } -@@ -2604,7 +2604,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) +@@ -2603,7 +2603,7 @@ he_send(struct atm_vcc *vcc, struct sk_buff *skb) __enqueue_tpd(he_dev, tpd, cid); spin_unlock_irqrestore(&he_dev->global_lock, flags); @@ -36873,7 +37387,7 @@ index fa7d701..1e404c7 100644 lvcc->rx.buf.ptr = &lvcc->rx.buf.start[SERVICE_GET_END(s) * 4]; cardvcc_write(lvcc, SERVICE_GET_END(s), vcc_rxreadptr); diff --git a/drivers/atm/nicstar.c b/drivers/atm/nicstar.c -index 5aca5f4..ce3a6b0 100644 +index 9587e95..b45c5cb 100644 --- a/drivers/atm/nicstar.c +++ b/drivers/atm/nicstar.c @@ -1640,7 +1640,7 @@ static int ns_send(struct atm_vcc *vcc, struct sk_buff *skb) @@ -37078,7 +37592,7 @@ index 5aca5f4..ce3a6b0 100644 } diff --git a/drivers/atm/solos-pci.c b/drivers/atm/solos-pci.c -index 32784d1..4a8434a 100644 +index e3fb496..d9646bf 100644 --- a/drivers/atm/solos-pci.c +++ b/drivers/atm/solos-pci.c @@ -838,7 +838,7 @@ void solos_bh(unsigned long card_arg) @@ -37194,10 +37708,10 @@ index 969c3c2..9b72956 100644 } diff --git a/drivers/base/bus.c b/drivers/base/bus.c -index 73f6c29..b0c0e13 100644 +index 59dc808..f10c74e 100644 --- a/drivers/base/bus.c +++ b/drivers/base/bus.c -@@ -1115,7 +1115,7 @@ int subsys_interface_register(struct subsys_interface *sif) +@@ -1124,7 +1124,7 @@ int subsys_interface_register(struct subsys_interface *sif) return -EINVAL; mutex_lock(&subsys->p->mutex); @@ -37206,7 +37720,7 @@ index 73f6c29..b0c0e13 100644 if (sif->add_dev) { subsys_dev_iter_init(&iter, subsys, NULL, NULL); while ((dev = subsys_dev_iter_next(&iter))) -@@ -1140,7 +1140,7 @@ void subsys_interface_unregister(struct subsys_interface *sif) +@@ -1149,7 +1149,7 @@ void subsys_interface_unregister(struct subsys_interface *sif) subsys = sif->subsys; mutex_lock(&subsys->p->mutex); @@ -37216,7 +37730,7 @@ index 73f6c29..b0c0e13 100644 subsys_dev_iter_init(&iter, subsys, NULL, NULL); while ((dev = subsys_dev_iter_next(&iter))) diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c -index 0f38201..6c2b444 100644 +index 25798db..15f130e 100644 --- a/drivers/base/devtmpfs.c +++ b/drivers/base/devtmpfs.c @@ -354,7 +354,7 @@ int devtmpfs_mount(const char *mntdir) @@ -37365,7 +37879,7 @@ index e8d11b6..7b1b36f 100644 } EXPORT_SYMBOL_GPL(unregister_syscore_ops); diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c -index b35fc4f..c902870 100644 +index 036e8ab..6221dec 100644 --- a/drivers/block/cciss.c +++ b/drivers/block/cciss.c @@ -3011,7 +3011,7 @@ static void start_io(ctlr_info_t *h) @@ -37720,7 +38234,7 @@ index 89c497c..9c736ae 100644 /** diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c -index 9e3818b..7b64c92 100644 +index 929468e..7d934eb 100644 --- a/drivers/block/drbd/drbd_main.c +++ b/drivers/block/drbd/drbd_main.c @@ -1317,7 +1317,7 @@ static int _drbd_send_ack(struct drbd_conf *mdev, enum drbd_packet cmd, @@ -37732,7 +38246,7 @@ index 9e3818b..7b64c92 100644 return drbd_send_command(mdev, sock, cmd, sizeof(*p), NULL, 0); } -@@ -1619,7 +1619,7 @@ int drbd_send_dblock(struct drbd_conf *mdev, struct drbd_request *req) +@@ -1622,7 +1622,7 @@ int drbd_send_dblock(struct drbd_conf *mdev, struct drbd_request *req) return -EIO; p->sector = cpu_to_be64(req->i.sector); p->block_id = (unsigned long)req; @@ -37741,7 +38255,7 @@ index 9e3818b..7b64c92 100644 dp_flags = bio_flags_to_wire(mdev, req->master_bio->bi_rw); if (mdev->state.conn >= C_SYNC_SOURCE && mdev->state.conn <= C_PAUSED_SYNC_T) -@@ -2574,8 +2574,8 @@ void conn_destroy(struct kref *kref) +@@ -2577,8 +2577,8 @@ void conn_destroy(struct kref *kref) { struct drbd_tconn *tconn = container_of(kref, struct drbd_tconn, kref); @@ -37775,7 +38289,7 @@ index c706d50..5e1b472 100644 if (!msg) goto failed; diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c -index 6fa6673..b7f97e9 100644 +index d073305..4998fea 100644 --- a/drivers/block/drbd/drbd_receiver.c +++ b/drivers/block/drbd/drbd_receiver.c @@ -834,7 +834,7 @@ int drbd_connected(struct drbd_conf *mdev) @@ -37828,7 +38342,7 @@ index 6fa6673..b7f97e9 100644 list_add(&epoch->list, &tconn->current_epoch->list); tconn->current_epoch = epoch; tconn->epochs++; -@@ -2163,7 +2163,7 @@ static int receive_Data(struct drbd_tconn *tconn, struct packet_info *pi) +@@ -2164,7 +2164,7 @@ static int receive_Data(struct drbd_tconn *tconn, struct packet_info *pi) err = wait_for_and_update_peer_seq(mdev, peer_seq); drbd_send_ack_dp(mdev, P_NEG_ACK, p, pi->size); @@ -37837,7 +38351,7 @@ index 6fa6673..b7f97e9 100644 err2 = drbd_drain_block(mdev, pi->size); if (!err) err = err2; -@@ -2197,7 +2197,7 @@ static int receive_Data(struct drbd_tconn *tconn, struct packet_info *pi) +@@ -2198,7 +2198,7 @@ static int receive_Data(struct drbd_tconn *tconn, struct packet_info *pi) spin_lock(&tconn->epoch_lock); peer_req->epoch = tconn->current_epoch; @@ -37846,7 +38360,7 @@ index 6fa6673..b7f97e9 100644 atomic_inc(&peer_req->epoch->active); spin_unlock(&tconn->epoch_lock); -@@ -4344,7 +4344,7 @@ struct data_cmd { +@@ -4345,7 +4345,7 @@ struct data_cmd { int expect_payload; size_t pkt_size; int (*fn)(struct drbd_tconn *, struct packet_info *); @@ -37855,7 +38369,7 @@ index 6fa6673..b7f97e9 100644 static struct data_cmd drbd_cmd_handler[] = { [P_DATA] = { 1, sizeof(struct p_data), receive_Data }, -@@ -4464,7 +4464,7 @@ static void conn_disconnect(struct drbd_tconn *tconn) +@@ -4465,7 +4465,7 @@ static void conn_disconnect(struct drbd_tconn *tconn) if (!list_empty(&tconn->current_epoch->list)) conn_err(tconn, "ASSERTION FAILED: tconn->current_epoch->list not empty\n"); /* ok, no more ee's on the fly, it is safe to reset the epoch_size */ @@ -37864,7 +38378,7 @@ index 6fa6673..b7f97e9 100644 tconn->send.seen_any_write_yet = false; conn_info(tconn, "Connection closed\n"); -@@ -5220,7 +5220,7 @@ static int tconn_finish_peer_reqs(struct drbd_tconn *tconn) +@@ -5221,7 +5221,7 @@ static int tconn_finish_peer_reqs(struct drbd_tconn *tconn) struct asender_cmd { size_t pkt_size; int (*fn)(struct drbd_tconn *tconn, struct packet_info *); @@ -37874,7 +38388,7 @@ index 6fa6673..b7f97e9 100644 static struct asender_cmd asender_tbl[] = { [P_PING] = { 0, got_Ping }, diff --git a/drivers/block/loop.c b/drivers/block/loop.c -index c8dac73..1800093 100644 +index 66e8c3b..9b68dd9 100644 --- a/drivers/block/loop.c +++ b/drivers/block/loop.c @@ -232,7 +232,7 @@ static int __do_lo_send_write(struct file *file, @@ -37887,10 +38401,10 @@ index c8dac73..1800093 100644 file_end_write(file); if (likely(bw == len)) diff --git a/drivers/block/null_blk.c b/drivers/block/null_blk.c -index 83a598e..2de5ce3 100644 +index 091b9ea..f5428f8 100644 --- a/drivers/block/null_blk.c +++ b/drivers/block/null_blk.c -@@ -407,14 +407,24 @@ static int null_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, +@@ -382,15 +382,25 @@ static int null_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, return 0; } @@ -37901,6 +38415,7 @@ index 83a598e..2de5ce3 100644 + .queue_rq = null_queue_rq, + .map_queue = blk_mq_map_queue, .init_hctx = null_init_hctx, + .complete = null_softirq_done_fn, + .alloc_hctx = blk_mq_alloc_single_hw_queue, + .free_hctx = blk_mq_free_single_hw_queue, +}; @@ -37919,7 +38434,7 @@ index 83a598e..2de5ce3 100644 .queue_depth = 64, .cmd_size = sizeof(struct nullb_cmd), .flags = BLK_MQ_F_SHOULD_MERGE, -@@ -545,13 +555,8 @@ static int null_add_dev(void) +@@ -521,13 +531,8 @@ static int null_add_dev(void) null_mq_reg.queue_depth = hw_queue_depth; null_mq_reg.nr_hw_queues = submit_queues; @@ -37936,7 +38451,7 @@ index 83a598e..2de5ce3 100644 nullb->q = blk_mq_init_queue(&null_mq_reg, nullb); } else if (queue_mode == NULL_Q_BIO) { diff --git a/drivers/block/pktcdvd.c b/drivers/block/pktcdvd.c -index ff8668c..f62167a 100644 +index a2af73d..c0b8f61 100644 --- a/drivers/block/pktcdvd.c +++ b/drivers/block/pktcdvd.c @@ -108,7 +108,7 @@ static int pkt_seq_show(struct seq_file *m, void *p); @@ -37948,7 +38463,7 @@ index ff8668c..f62167a 100644 } /* -@@ -1883,7 +1883,7 @@ static noinline_for_stack int pkt_probe_settings(struct pktcdvd_device *pd) +@@ -1888,7 +1888,7 @@ static noinline_for_stack int pkt_probe_settings(struct pktcdvd_device *pd) return -EROFS; } pd->settings.fp = ti.fp; @@ -38040,19 +38555,6 @@ index f038dba..bb74c08 100644 struct hci_dev *hdev; int err; -diff --git a/drivers/bus/arm-cci.c b/drivers/bus/arm-cci.c -index b6739cb..962fd35 100644 ---- a/drivers/bus/arm-cci.c -+++ b/drivers/bus/arm-cci.c -@@ -979,7 +979,7 @@ static int cci_probe(void) - - nb_cci_ports = cci_config->nb_ace + cci_config->nb_ace_lite; - -- ports = kcalloc(sizeof(*ports), nb_cci_ports, GFP_KERNEL); -+ ports = kcalloc(nb_cci_ports, sizeof(*ports), GFP_KERNEL); - if (!ports) - return -ENOMEM; - diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c index 8a3aff7..d7538c2 100644 --- a/drivers/cdrom/cdrom.c @@ -38106,7 +38608,7 @@ index 8a3aff7..d7538c2 100644 return 1; diff --git a/drivers/cdrom/gdrom.c b/drivers/cdrom/gdrom.c -index 5980cb9..6d7bd7e 100644 +index 51e75ad..39c4c76 100644 --- a/drivers/cdrom/gdrom.c +++ b/drivers/cdrom/gdrom.c @@ -491,7 +491,6 @@ static struct cdrom_device_ops gdrom_ops = { @@ -38118,7 +38620,7 @@ index 5980cb9..6d7bd7e 100644 static int gdrom_bdops_open(struct block_device *bdev, fmode_t mode) diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig -index fa3243d..8c98297 100644 +index 1386749..5430258 100644 --- a/drivers/char/Kconfig +++ b/drivers/char/Kconfig @@ -8,7 +8,8 @@ source "drivers/tty/Kconfig" @@ -38131,7 +38633,7 @@ index fa3243d..8c98297 100644 help Say Y here if you want to support the /dev/kmem device. The /dev/kmem device is rarely used, but can be used for certain -@@ -576,6 +577,7 @@ config DEVPORT +@@ -577,6 +578,7 @@ config DEVPORT bool depends on !M68K depends on ISA || PCI @@ -38153,10 +38655,18 @@ index a48e05b..6bac831 100644 kfree(usegment); kfree(ksegment); diff --git a/drivers/char/agp/frontend.c b/drivers/char/agp/frontend.c -index 1b19239..b87b143 100644 +index 1b19239..963967b 100644 --- a/drivers/char/agp/frontend.c +++ b/drivers/char/agp/frontend.c -@@ -819,7 +819,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg) +@@ -731,6 +731,7 @@ static int agpioc_info_wrap(struct agp_file_private *priv, void __user *arg) + + agp_copy_info(agp_bridge, &kerninfo); + ++ memset(&userinfo, 0, sizeof(userinfo)); + userinfo.version.major = kerninfo.version.major; + userinfo.version.minor = kerninfo.version.minor; + userinfo.bridge_id = kerninfo.device->vendor | +@@ -819,7 +820,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg) if (copy_from_user(&reserve, arg, sizeof(struct agp_region))) return -EFAULT; @@ -38165,7 +38675,7 @@ index 1b19239..b87b143 100644 return -EFAULT; client = agp_find_client_by_pid(reserve.pid); -@@ -849,7 +849,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg) +@@ -849,7 +850,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg) if (segment == NULL) return -ENOMEM; @@ -38187,10 +38697,10 @@ index 4f94375..413694e 100644 return -EINVAL; else diff --git a/drivers/char/hpet.c b/drivers/char/hpet.c -index 5d9c31d..c94ccb5 100644 +index d5d4cd8..22d561d 100644 --- a/drivers/char/hpet.c +++ b/drivers/char/hpet.c -@@ -578,7 +578,7 @@ static inline unsigned long hpet_time_div(struct hpets *hpets, +@@ -575,7 +575,7 @@ static inline unsigned long hpet_time_div(struct hpets *hpets, } static int @@ -38247,7 +38757,7 @@ index ec4e10f..f2a763b 100644 intf->proc_dir = NULL; diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c -index 15e4a60..b046093 100644 +index 03f4189..e79f5e0 100644 --- a/drivers/char/ipmi/ipmi_si_intf.c +++ b/drivers/char/ipmi/ipmi_si_intf.c @@ -280,7 +280,7 @@ struct smi_info { @@ -38271,7 +38781,7 @@ index 15e4a60..b046093 100644 #define SI_MAX_PARMS 4 -@@ -3324,7 +3324,7 @@ static int try_smi_init(struct smi_info *new_smi) +@@ -3339,7 +3339,7 @@ static int try_smi_init(struct smi_info *new_smi) atomic_set(&new_smi->req_events, 0); new_smi->run_to_completion = 0; for (i = 0; i < SI_NUM_STATS; i++) @@ -38281,7 +38791,7 @@ index 15e4a60..b046093 100644 new_smi->interrupt_disabled = 1; atomic_set(&new_smi->stop_operation, 0); diff --git a/drivers/char/mem.c b/drivers/char/mem.c -index f895a8c..2bc9147 100644 +index 92c5937..1be4e4d 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -18,6 +18,7 @@ @@ -38292,7 +38802,7 @@ index f895a8c..2bc9147 100644 #include <linux/ptrace.h> #include <linux/device.h> #include <linux/highmem.h> -@@ -37,6 +38,10 @@ +@@ -36,6 +37,10 @@ #define DEVPORT_MINOR 4 @@ -38303,7 +38813,7 @@ index f895a8c..2bc9147 100644 static inline unsigned long size_inside_page(unsigned long start, unsigned long size) { -@@ -68,9 +73,13 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size) +@@ -67,9 +72,13 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size) while (cursor < to) { if (!devmem_is_allowed(pfn)) { @@ -38317,7 +38827,7 @@ index f895a8c..2bc9147 100644 return 0; } cursor += PAGE_SIZE; -@@ -78,6 +87,11 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size) +@@ -77,6 +86,11 @@ static inline int range_is_allowed(unsigned long pfn, unsigned long size) } return 1; } @@ -38329,7 +38839,7 @@ index f895a8c..2bc9147 100644 #else static inline int range_is_allowed(unsigned long pfn, unsigned long size) { -@@ -120,6 +134,7 @@ static ssize_t read_mem(struct file *file, char __user *buf, +@@ -119,6 +133,7 @@ static ssize_t read_mem(struct file *file, char __user *buf, while (count > 0) { unsigned long remaining; @@ -38337,7 +38847,7 @@ index f895a8c..2bc9147 100644 sz = size_inside_page(p, count); -@@ -135,7 +150,23 @@ static ssize_t read_mem(struct file *file, char __user *buf, +@@ -134,7 +149,23 @@ static ssize_t read_mem(struct file *file, char __user *buf, if (!ptr) return -EFAULT; @@ -38362,7 +38872,7 @@ index f895a8c..2bc9147 100644 unxlate_dev_mem_ptr(p, ptr); if (remaining) return -EFAULT; -@@ -364,9 +395,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, +@@ -363,9 +394,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, size_t count, loff_t *ppos) { unsigned long p = *ppos; @@ -38373,7 +38883,7 @@ index f895a8c..2bc9147 100644 read = 0; if (p < (unsigned long) high_memory) { -@@ -388,6 +418,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, +@@ -387,6 +417,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, } #endif while (low_count > 0) { @@ -38382,7 +38892,7 @@ index f895a8c..2bc9147 100644 sz = size_inside_page(p, low_count); /* -@@ -397,7 +429,22 @@ static ssize_t read_kmem(struct file *file, char __user *buf, +@@ -396,7 +428,22 @@ static ssize_t read_kmem(struct file *file, char __user *buf, */ kbuf = xlate_dev_kmem_ptr((char *)p); @@ -38406,7 +38916,7 @@ index f895a8c..2bc9147 100644 return -EFAULT; buf += sz; p += sz; -@@ -822,6 +869,9 @@ static const struct memdev { +@@ -821,6 +868,9 @@ static const struct memdev { #ifdef CONFIG_PRINTK [11] = { "kmsg", 0644, &kmsg_fops, NULL }, #endif @@ -38416,7 +38926,7 @@ index f895a8c..2bc9147 100644 }; static int memory_open(struct inode *inode, struct file *filp) -@@ -893,7 +943,7 @@ static int __init chr_dev_init(void) +@@ -892,7 +942,7 @@ static int __init chr_dev_init(void) continue; device_create(mem_class, NULL, MKDEV(MEM_MAJOR, minor), @@ -38439,7 +38949,7 @@ index 9df78e2..01ba9ae 100644 *ppos = i; diff --git a/drivers/char/pcmcia/synclink_cs.c b/drivers/char/pcmcia/synclink_cs.c -index d39cca6..8c1e269 100644 +index 8320abd..ec48108 100644 --- a/drivers/char/pcmcia/synclink_cs.c +++ b/drivers/char/pcmcia/synclink_cs.c @@ -2345,9 +2345,9 @@ static void mgslpc_close(struct tty_struct *tty, struct file * filp) @@ -38677,7 +39187,7 @@ index 7cc1fe22..b602d6b 100644 return 0; diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c -index 64420b3..5c40b56 100644 +index b9a57fa..5bb9e38 100644 --- a/drivers/char/tpm/tpm_acpi.c +++ b/drivers/char/tpm/tpm_acpi.c @@ -98,11 +98,12 @@ int read_log(struct tpm_bios_log *log) @@ -38727,7 +39237,7 @@ index 59f7cb2..bac8b6d 100644 return 0; } diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c -index feea87c..18aefff 100644 +index 6928d09..ff6abe8 100644 --- a/drivers/char/virtio_console.c +++ b/drivers/char/virtio_console.c @@ -684,7 +684,7 @@ static ssize_t fill_readbuf(struct port *port, char *out_buf, size_t out_count, @@ -38749,10 +39259,10 @@ index feea87c..18aefff 100644 static int wait_port_writable(struct port *port, bool nonblock) diff --git a/drivers/clk/clk-composite.c b/drivers/clk/clk-composite.c -index a33f46f..a720eed 100644 +index 57a078e..c17cde8 100644 --- a/drivers/clk/clk-composite.c +++ b/drivers/clk/clk-composite.c -@@ -122,7 +122,7 @@ struct clk *clk_register_composite(struct device *dev, const char *name, +@@ -146,7 +146,7 @@ struct clk *clk_register_composite(struct device *dev, const char *name, struct clk *clk; struct clk_init_data init; struct clk_composite *composite; @@ -38762,7 +39272,7 @@ index a33f46f..a720eed 100644 composite = kzalloc(sizeof(*composite), GFP_KERNEL); if (!composite) { diff --git a/drivers/clk/socfpga/clk.c b/drivers/clk/socfpga/clk.c -index 81dd31a..ef5c542 100644 +index 5983a26..65d5f46 100644 --- a/drivers/clk/socfpga/clk.c +++ b/drivers/clk/socfpga/clk.c @@ -22,6 +22,7 @@ @@ -38773,7 +39283,7 @@ index 81dd31a..ef5c542 100644 /* Clock Manager offsets */ #define CLKMGR_CTRL 0x0 -@@ -152,8 +153,10 @@ static __init struct clk *socfpga_clk_init(struct device_node *node, +@@ -150,8 +151,10 @@ static __init struct clk *socfpga_clk_init(struct device_node *node, streq(clk_name, "periph_pll") || streq(clk_name, "sdram_pll")) { socfpga_clk->hw.bit_idx = SOCFPGA_PLL_EXT_ENA; @@ -38786,7 +39296,7 @@ index 81dd31a..ef5c542 100644 } clk = clk_register(NULL, &socfpga_clk->hw.hw); -@@ -244,7 +247,7 @@ static unsigned long socfpga_clk_recalc_rate(struct clk_hw *hwclk, +@@ -242,7 +245,7 @@ static unsigned long socfpga_clk_recalc_rate(struct clk_hw *hwclk, return parent_rate / div; } @@ -38796,19 +39306,10 @@ index 81dd31a..ef5c542 100644 .get_parent = socfpga_clk_get_parent, .set_parent = socfpga_clk_set_parent, diff --git a/drivers/cpufreq/acpi-cpufreq.c b/drivers/cpufreq/acpi-cpufreq.c -index caf41eb..223d27a 100644 +index 18448a7..d5fad43 100644 --- a/drivers/cpufreq/acpi-cpufreq.c +++ b/drivers/cpufreq/acpi-cpufreq.c -@@ -172,7 +172,7 @@ static ssize_t show_global_boost(struct kobject *kobj, - return sprintf(buf, "%u\n", boost_enabled); - } - --static struct global_attr global_boost = __ATTR(boost, 0644, -+static global_attr_no_const global_boost = __ATTR(boost, 0644, - show_global_boost, - store_global_boost); - -@@ -693,8 +693,11 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) +@@ -676,8 +676,11 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) data->acpi_data = per_cpu_ptr(acpi_perf_data, cpu); per_cpu(acfreq_data, cpu) = data; @@ -38822,7 +39323,7 @@ index caf41eb..223d27a 100644 result = acpi_processor_register_performance(data->acpi_data, cpu); if (result) -@@ -827,7 +830,9 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) +@@ -810,7 +813,9 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) policy->cur = acpi_cpufreq_guess_freq(data, policy->cpu); break; case ACPI_ADR_SPACE_FIXED_HARDWARE: @@ -38833,11 +39334,24 @@ index caf41eb..223d27a 100644 break; default: break; +@@ -905,8 +910,10 @@ static void __init acpi_cpufreq_boost_init(void) + if (!msrs) + return; + +- acpi_cpufreq_driver.boost_supported = true; +- acpi_cpufreq_driver.boost_enabled = boost_state(0); ++ pax_open_kernel(); ++ *(bool *)&acpi_cpufreq_driver.boost_supported = true; ++ *(bool *)&acpi_cpufreq_driver.boost_enabled = boost_state(0); ++ pax_close_kernel(); + get_online_cpus(); + + /* Force all MSRs to the same value */ diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c -index 99a443e..8cb6f02 100644 +index 199b52b..e3503bb 100644 --- a/drivers/cpufreq/cpufreq.c +++ b/drivers/cpufreq/cpufreq.c -@@ -1878,7 +1878,7 @@ void cpufreq_unregister_governor(struct cpufreq_governor *governor) +@@ -1970,7 +1970,7 @@ void cpufreq_unregister_governor(struct cpufreq_governor *governor) #endif mutex_lock(&cpufreq_governor_mutex); @@ -38846,7 +39360,7 @@ index 99a443e..8cb6f02 100644 mutex_unlock(&cpufreq_governor_mutex); return; } -@@ -2108,7 +2108,7 @@ static int cpufreq_cpu_callback(struct notifier_block *nfb, +@@ -2200,7 +2200,7 @@ static int cpufreq_cpu_callback(struct notifier_block *nfb, return NOTIFY_OK; } @@ -38855,7 +39369,27 @@ index 99a443e..8cb6f02 100644 .notifier_call = cpufreq_cpu_callback, }; -@@ -2141,8 +2141,11 @@ int cpufreq_register_driver(struct cpufreq_driver *driver_data) +@@ -2240,13 +2240,17 @@ int cpufreq_boost_trigger_state(int state) + return 0; + + write_lock_irqsave(&cpufreq_driver_lock, flags); +- cpufreq_driver->boost_enabled = state; ++ pax_open_kernel(); ++ *(bool *)&cpufreq_driver->boost_enabled = state; ++ pax_close_kernel(); + write_unlock_irqrestore(&cpufreq_driver_lock, flags); + + ret = cpufreq_driver->set_boost(state); + if (ret) { + write_lock_irqsave(&cpufreq_driver_lock, flags); +- cpufreq_driver->boost_enabled = !state; ++ pax_open_kernel(); ++ *(bool *)&cpufreq_driver->boost_enabled = !state; ++ pax_close_kernel(); + write_unlock_irqrestore(&cpufreq_driver_lock, flags); + + pr_err("%s: Cannot %s BOOST\n", __func__, +@@ -2300,8 +2304,11 @@ int cpufreq_register_driver(struct cpufreq_driver *driver_data) pr_debug("trying to register driver %s\n", driver_data->name); @@ -38869,11 +39403,25 @@ index 99a443e..8cb6f02 100644 write_lock_irqsave(&cpufreq_driver_lock, flags); if (cpufreq_driver) { +@@ -2316,8 +2323,11 @@ int cpufreq_register_driver(struct cpufreq_driver *driver_data) + * Check if driver provides function to enable boost - + * if not, use cpufreq_boost_set_sw as default + */ +- if (!cpufreq_driver->set_boost) +- cpufreq_driver->set_boost = cpufreq_boost_set_sw; ++ if (!cpufreq_driver->set_boost) { ++ pax_open_kernel(); ++ *(void **)&cpufreq_driver->set_boost = cpufreq_boost_set_sw; ++ pax_close_kernel(); ++ } + + ret = cpufreq_sysfs_create_file(&boost.attr); + if (ret) { diff --git a/drivers/cpufreq/cpufreq_governor.c b/drivers/cpufreq/cpufreq_governor.c -index e6be635..f8a90dc 100644 +index ba43991..23858ffb 100644 --- a/drivers/cpufreq/cpufreq_governor.c +++ b/drivers/cpufreq/cpufreq_governor.c -@@ -187,7 +187,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, +@@ -191,7 +191,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, struct dbs_data *dbs_data; struct od_cpu_dbs_info_s *od_dbs_info = NULL; struct cs_cpu_dbs_info_s *cs_dbs_info = NULL; @@ -38882,7 +39430,7 @@ index e6be635..f8a90dc 100644 struct od_dbs_tuners *od_tuners = NULL; struct cs_dbs_tuners *cs_tuners = NULL; struct cpu_dbs_common_info *cpu_cdbs; -@@ -253,7 +253,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, +@@ -257,7 +257,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, if ((cdata->governor == GOV_CONSERVATIVE) && (!policy->governor->initialized)) { @@ -38891,7 +39439,7 @@ index e6be635..f8a90dc 100644 cpufreq_register_notifier(cs_ops->notifier_block, CPUFREQ_TRANSITION_NOTIFIER); -@@ -273,7 +273,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, +@@ -277,7 +277,7 @@ int cpufreq_governor_dbs(struct cpufreq_policy *policy, if ((dbs_data->cdata->governor == GOV_CONSERVATIVE) && (policy->governor->initialized == 1)) { @@ -38901,7 +39449,7 @@ index e6be635..f8a90dc 100644 cpufreq_unregister_notifier(cs_ops->notifier_block, CPUFREQ_TRANSITION_NOTIFIER); diff --git a/drivers/cpufreq/cpufreq_governor.h b/drivers/cpufreq/cpufreq_governor.h -index b5f2b86..daa801b 100644 +index bfb9ae1..e1d3a7e 100644 --- a/drivers/cpufreq/cpufreq_governor.h +++ b/drivers/cpufreq/cpufreq_governor.h @@ -205,7 +205,7 @@ struct common_dbs_data { @@ -38956,24 +39504,11 @@ index 18d4091..434be15 100644 od_set_powersave_bias(0); } EXPORT_SYMBOL_GPL(od_unregister_powersave_bias_handler); -diff --git a/drivers/cpufreq/cpufreq_stats.c b/drivers/cpufreq/cpufreq_stats.c -index 4cf0d28..5830372 100644 ---- a/drivers/cpufreq/cpufreq_stats.c -+++ b/drivers/cpufreq/cpufreq_stats.c -@@ -352,7 +352,7 @@ static int cpufreq_stat_cpu_callback(struct notifier_block *nfb, - } - - /* priority=1 so this will get called before cpufreq_remove_dev */ --static struct notifier_block cpufreq_stat_cpu_notifier __refdata = { -+static struct notifier_block cpufreq_stat_cpu_notifier = { - .notifier_call = cpufreq_stat_cpu_callback, - .priority = 1, - }; diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c -index b687df8..ae733fc 100644 +index 2cd36b9..8f07fae 100644 --- a/drivers/cpufreq/intel_pstate.c +++ b/drivers/cpufreq/intel_pstate.c -@@ -123,10 +123,10 @@ struct pstate_funcs { +@@ -124,10 +124,10 @@ struct pstate_funcs { struct cpu_defaults { struct pstate_adjust_policy pid_policy; struct pstate_funcs funcs; @@ -38986,7 +39521,7 @@ index b687df8..ae733fc 100644 struct perf_limits { int no_turbo; -@@ -517,7 +517,7 @@ static void intel_pstate_set_pstate(struct cpudata *cpu, int pstate) +@@ -518,7 +518,7 @@ static void intel_pstate_set_pstate(struct cpudata *cpu, int pstate) cpu->pstate.current_pstate = pstate; @@ -38995,7 +39530,7 @@ index b687df8..ae733fc 100644 } static inline void intel_pstate_pstate_increase(struct cpudata *cpu, int steps) -@@ -539,12 +539,12 @@ static void intel_pstate_get_cpu_pstates(struct cpudata *cpu) +@@ -540,12 +540,12 @@ static void intel_pstate_get_cpu_pstates(struct cpudata *cpu) { sprintf(cpu->name, "Intel 2nd generation core"); @@ -39013,7 +39548,7 @@ index b687df8..ae733fc 100644 /* * goto max pstate so we don't slow up boot if we are built-in if we are -@@ -808,9 +808,9 @@ static int intel_pstate_msrs_not_valid(void) +@@ -832,9 +832,9 @@ static int intel_pstate_msrs_not_valid(void) rdmsrl(MSR_IA32_APERF, aperf); rdmsrl(MSR_IA32_MPERF, mperf); @@ -39026,7 +39561,7 @@ index b687df8..ae733fc 100644 return -ENODEV; rdmsrl(MSR_IA32_APERF, tmp); -@@ -824,7 +824,7 @@ static int intel_pstate_msrs_not_valid(void) +@@ -848,7 +848,7 @@ static int intel_pstate_msrs_not_valid(void) return 0; } @@ -39035,7 +39570,7 @@ index b687df8..ae733fc 100644 { pid_params.sample_rate_ms = policy->sample_rate_ms; pid_params.p_gain_pct = policy->p_gain_pct; -@@ -836,11 +836,7 @@ static void copy_pid_params(struct pstate_adjust_policy *policy) +@@ -860,11 +860,7 @@ static void copy_pid_params(struct pstate_adjust_policy *policy) static void copy_cpu_funcs(struct pstate_funcs *funcs) { @@ -39081,7 +39616,7 @@ index 3d1cba9..0ab21d2 100644 if (speedstep_detect_processor() == SPEEDSTEP_CPU_P4M) { printk(KERN_WARNING PFX "Warning: Pentium 4-M detected. " diff --git a/drivers/cpufreq/sparc-us3-cpufreq.c b/drivers/cpufreq/sparc-us3-cpufreq.c -index 724ffbd..ad83692 100644 +index 724ffbd..f06aaaa 100644 --- a/drivers/cpufreq/sparc-us3-cpufreq.c +++ b/drivers/cpufreq/sparc-us3-cpufreq.c @@ -18,14 +18,12 @@ @@ -39100,7 +39635,7 @@ index 724ffbd..ad83692 100644 /* UltraSPARC-III has three dividers: 1, 2, and 32. These are controlled * in the Safari config register. -@@ -156,14 +154,26 @@ static int __init us3_freq_cpu_init(struct cpufreq_policy *policy) +@@ -156,18 +154,28 @@ static int __init us3_freq_cpu_init(struct cpufreq_policy *policy) static int us3_freq_cpu_exit(struct cpufreq_policy *policy) { @@ -39123,7 +39658,6 @@ index 724ffbd..ad83692 100644 + .target_index = us3_freq_target, + .get = us3_freq_get, + .exit = us3_freq_cpu_exit, -+ .owner = THIS_MODULE, + .name = "UltraSPARC-III", + +}; @@ -39131,7 +39665,11 @@ index 724ffbd..ad83692 100644 static int __init us3_freq_init(void) { unsigned long manuf, impl, ver; -@@ -180,55 +190,15 @@ static int __init us3_freq_init(void) +- int ret; + + if (tlb_type != cheetah && tlb_type != cheetah_plus) + return -ENODEV; +@@ -180,55 +188,15 @@ static int __init us3_freq_init(void) (impl == CHEETAH_IMPL || impl == CHEETAH_PLUS_IMPL || impl == JAGUAR_IMPL || @@ -39291,6 +39829,21 @@ index a0b2f7e..1b6f028 100644 err_out: mutex_unlock(&devfreq_list_lock); +diff --git a/drivers/dma/sh/shdma-base.c b/drivers/dma/sh/shdma-base.c +index 2e7b394..1371a64 100644 +--- a/drivers/dma/sh/shdma-base.c ++++ b/drivers/dma/sh/shdma-base.c +@@ -267,8 +267,8 @@ static int shdma_alloc_chan_resources(struct dma_chan *chan) + schan->slave_id = -EINVAL; + } + +- schan->desc = kcalloc(NR_DESCS_PER_CHANNEL, +- sdev->desc_size, GFP_KERNEL); ++ schan->desc = kcalloc(sdev->desc_size, ++ NR_DESCS_PER_CHANNEL, GFP_KERNEL); + if (!schan->desc) { + ret = -ENOMEM; + goto edescalloc; diff --git a/drivers/dma/sh/shdmac.c b/drivers/dma/sh/shdmac.c index 0d765c0..60b7480 100644 --- a/drivers/dma/sh/shdmac.c @@ -39305,10 +39858,10 @@ index 0d765c0..60b7480 100644 /* Run before NMI debug handler and KGDB */ diff --git a/drivers/edac/edac_device.c b/drivers/edac/edac_device.c -index 1026743..80b081c 100644 +index 592af5f..bb1d583 100644 --- a/drivers/edac/edac_device.c +++ b/drivers/edac/edac_device.c -@@ -474,9 +474,9 @@ void edac_device_reset_delay_period(struct edac_device_ctl_info *edac_dev, +@@ -477,9 +477,9 @@ void edac_device_reset_delay_period(struct edac_device_ctl_info *edac_dev, */ int edac_device_alloc_index(void) { @@ -39321,7 +39874,7 @@ index 1026743..80b081c 100644 EXPORT_SYMBOL_GPL(edac_device_alloc_index); diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c -index e5bdf21..b8f9055 100644 +index b335c6a..db65b44 100644 --- a/drivers/edac/edac_mc_sysfs.c +++ b/drivers/edac/edac_mc_sysfs.c @@ -152,7 +152,7 @@ static const char * const edac_caps[] = { @@ -39524,7 +40077,7 @@ index 2c6d5e1..a2cca6b 100644 static ssize_t show_immediate(struct device *dev, struct device_attribute *dattr, char *buf) diff --git a/drivers/firewire/core-transaction.c b/drivers/firewire/core-transaction.c -index 0e79951..b180217 100644 +index eb6935c..3cc2bfa 100644 --- a/drivers/firewire/core-transaction.c +++ b/drivers/firewire/core-transaction.c @@ -38,6 +38,7 @@ @@ -39536,7 +40089,7 @@ index 0e79951..b180217 100644 #include <asm/byteorder.h> diff --git a/drivers/firewire/core.h b/drivers/firewire/core.h -index 515a42c..5ecf3ba 100644 +index c98764a..551b520 100644 --- a/drivers/firewire/core.h +++ b/drivers/firewire/core.h @@ -111,6 +111,7 @@ struct fw_card_driver { @@ -39547,6 +40100,34 @@ index 515a42c..5ecf3ba 100644 void fw_card_initialize(struct fw_card *card, const struct fw_card_driver *driver, struct device *device); +diff --git a/drivers/firewire/ohci.c b/drivers/firewire/ohci.c +index 8db6632..9bbc8ca 100644 +--- a/drivers/firewire/ohci.c ++++ b/drivers/firewire/ohci.c +@@ -2049,10 +2049,12 @@ static void bus_reset_work(struct work_struct *work) + be32_to_cpu(ohci->next_header)); + } + ++#ifndef CONFIG_GRKERNSEC + if (param_remote_dma) { + reg_write(ohci, OHCI1394_PhyReqFilterHiSet, ~0); + reg_write(ohci, OHCI1394_PhyReqFilterLoSet, ~0); + } ++#endif + + spin_unlock_irq(&ohci->lock); + +@@ -2584,8 +2586,10 @@ static int ohci_enable_phys_dma(struct fw_card *card, + unsigned long flags; + int n, ret = 0; + ++#ifndef CONFIG_GRKERNSEC + if (param_remote_dma) + return 0; ++#endif + + /* + * FIXME: Make sure this bitmask is cleared when we clear the busReset diff --git a/drivers/firmware/dmi-id.c b/drivers/firmware/dmi-id.c index 94a58a0..f5eba42 100644 --- a/drivers/firmware/dmi-id.c @@ -39561,7 +40142,7 @@ index 94a58a0..f5eba42 100644 container_of(_dev_attr, struct dmi_device_attribute, dev_attr) diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c -index c7e81ff..94a7401 100644 +index 17afc51..0ef90cd 100644 --- a/drivers/firmware/dmi_scan.c +++ b/drivers/firmware/dmi_scan.c @@ -835,7 +835,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), @@ -39571,7 +40152,7 @@ index c7e81ff..94a7401 100644 - dmi_table(buf, dmi_len, dmi_num, decode, private_data); + dmi_table((char __force_kernel *)buf, dmi_len, dmi_num, decode, private_data); - iounmap(buf); + dmi_unmap(buf); return 0; diff --git a/drivers/firmware/efi/cper.c b/drivers/firmware/efi/cper.c index 1491dd4..aa910db 100644 @@ -39595,10 +40176,10 @@ index 1491dd4..aa910db 100644 EXPORT_SYMBOL_GPL(cper_next_record_id); diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c -index 2e2fbde..7676c8b 100644 +index 4753bac..02861a2 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c -@@ -81,14 +81,16 @@ static struct attribute_group efi_subsys_attr_group = { +@@ -120,14 +120,16 @@ static struct attribute_group efi_subsys_attr_group = { }; static struct efivars generic_efivars; @@ -39649,10 +40230,10 @@ index 2a90ba6..07f3733 100644 ret = sysfs_create_bin_file(firmware_kobj, &memconsole_bin_attr); diff --git a/drivers/gpio/gpio-em.c b/drivers/gpio/gpio-em.c -index ec19036..8ffafc2 100644 +index 1e98a98..b444372 100644 --- a/drivers/gpio/gpio-em.c +++ b/drivers/gpio/gpio-em.c -@@ -257,7 +257,7 @@ static int em_gio_probe(struct platform_device *pdev) +@@ -278,7 +278,7 @@ static int em_gio_probe(struct platform_device *pdev) struct em_gio_priv *p; struct resource *io[2], *irq[2]; struct gpio_chip *gpio_chip; @@ -39662,7 +40243,7 @@ index ec19036..8ffafc2 100644 int ret; diff --git a/drivers/gpio/gpio-ich.c b/drivers/gpio/gpio-ich.c -index 814addb..0937d7f 100644 +index f5bf3c3..7baaa59 100644 --- a/drivers/gpio/gpio-ich.c +++ b/drivers/gpio/gpio-ich.c @@ -71,7 +71,7 @@ struct ichx_desc { @@ -39675,10 +40256,10 @@ index 814addb..0937d7f 100644 static struct { spinlock_t lock; diff --git a/drivers/gpio/gpio-rcar.c b/drivers/gpio/gpio-rcar.c -index 8b7e719..dc089dc 100644 +index ca76ce7..68b384b 100644 --- a/drivers/gpio/gpio-rcar.c +++ b/drivers/gpio/gpio-rcar.c -@@ -316,7 +316,7 @@ static int gpio_rcar_probe(struct platform_device *pdev) +@@ -355,7 +355,7 @@ static int gpio_rcar_probe(struct platform_device *pdev) struct gpio_rcar_priv *p; struct resource *io, *irq; struct gpio_chip *gpio_chip; @@ -39701,10 +40282,10 @@ index 9902732..64b62dd 100644 return -EINVAL; } diff --git a/drivers/gpu/drm/drm_crtc.c b/drivers/gpu/drm/drm_crtc.c -index d6cf77c..2842146 100644 +index 3b7d32d..05c2f74 100644 --- a/drivers/gpu/drm/drm_crtc.c +++ b/drivers/gpu/drm/drm_crtc.c -@@ -3102,7 +3102,7 @@ int drm_mode_getproperty_ioctl(struct drm_device *dev, +@@ -3123,7 +3123,7 @@ int drm_mode_getproperty_ioctl(struct drm_device *dev, goto done; } @@ -39713,21 +40294,8 @@ index d6cf77c..2842146 100644 &prop_enum->name, DRM_PROP_NAME_LEN)) { ret = -EFAULT; goto done; -diff --git a/drivers/gpu/drm/drm_crtc_helper.c b/drivers/gpu/drm/drm_crtc_helper.c -index 01361ab..891e821 100644 ---- a/drivers/gpu/drm/drm_crtc_helper.c -+++ b/drivers/gpu/drm/drm_crtc_helper.c -@@ -338,7 +338,7 @@ static bool drm_encoder_crtc_ok(struct drm_encoder *encoder, - struct drm_crtc *tmp; - int crtc_mask = 1; - -- WARN(!crtc, "checking null crtc?\n"); -+ BUG_ON(!crtc); - - dev = crtc->dev; - diff --git a/drivers/gpu/drm/drm_drv.c b/drivers/gpu/drm/drm_drv.c -index d9137e4..69b73a0 100644 +index 345be03..158368d 100644 --- a/drivers/gpu/drm/drm_drv.c +++ b/drivers/gpu/drm/drm_drv.c @@ -233,7 +233,7 @@ module_exit(drm_core_exit); @@ -39749,7 +40317,7 @@ index d9137e4..69b73a0 100644 int retcode = -EINVAL; char stack_kdata[128]; diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c -index c5b929c..8a3b8be 100644 +index 7f2af9a..1561914 100644 --- a/drivers/gpu/drm/drm_fops.c +++ b/drivers/gpu/drm/drm_fops.c @@ -97,7 +97,7 @@ int drm_open(struct inode *inode, struct file *filp) @@ -39770,7 +40338,7 @@ index c5b929c..8a3b8be 100644 return retcode; } EXPORT_SYMBOL(drm_open); -@@ -467,7 +467,7 @@ int drm_release(struct inode *inode, struct file *filp) +@@ -463,7 +463,7 @@ int drm_release(struct inode *inode, struct file *filp) mutex_lock(&drm_global_mutex); @@ -39779,7 +40347,7 @@ index c5b929c..8a3b8be 100644 if (dev->driver->preclose) dev->driver->preclose(dev, file_priv); -@@ -476,10 +476,10 @@ int drm_release(struct inode *inode, struct file *filp) +@@ -472,10 +472,10 @@ int drm_release(struct inode *inode, struct file *filp) * Begin inline drm_release */ @@ -39792,15 +40360,15 @@ index c5b929c..8a3b8be 100644 /* Release any auth tokens that might point to this file_priv, (do that under the drm_global_mutex) */ -@@ -577,7 +577,7 @@ int drm_release(struct inode *inode, struct file *filp) +@@ -573,7 +573,7 @@ int drm_release(struct inode *inode, struct file *filp) * End inline drm_release */ - if (!--dev->open_count) { + if (local_dec_and_test(&dev->open_count)) { - if (atomic_read(&dev->ioctl_count)) { - DRM_ERROR("Device busy: %d\n", - atomic_read(&dev->ioctl_count)); + retcode = drm_lastclose(dev); + if (drm_device_is_unplugged(dev)) + drm_put_dev(dev); diff --git a/drivers/gpu/drm/drm_global.c b/drivers/gpu/drm/drm_global.c index 3d2e91c..d31c4c9 100644 --- a/drivers/gpu/drm/drm_global.c @@ -39863,10 +40431,10 @@ index 3d2e91c..d31c4c9 100644 item->object = NULL; } diff --git a/drivers/gpu/drm/drm_info.c b/drivers/gpu/drm/drm_info.c -index 7d5a152..d7186da 100644 +index 7473035..a48b9c5 100644 --- a/drivers/gpu/drm/drm_info.c +++ b/drivers/gpu/drm/drm_info.c -@@ -75,10 +75,14 @@ int drm_vm_info(struct seq_file *m, void *data) +@@ -75,10 +75,13 @@ int drm_vm_info(struct seq_file *m, void *data) struct drm_local_map *map; struct drm_map_list *r_list; @@ -39880,12 +40448,11 @@ index 7d5a152..d7186da 100644 + [_DRM_SHM] = "SHM", + [_DRM_AGP] = "AGP", + [_DRM_SCATTER_GATHER] = "SG", -+ [_DRM_CONSISTENT] = "PCI", -+ [_DRM_GEM] = "GEM" }; ++ [_DRM_CONSISTENT] = "PCI"}; const char *type; int i; -@@ -89,7 +93,7 @@ int drm_vm_info(struct seq_file *m, void *data) +@@ -89,7 +92,7 @@ int drm_vm_info(struct seq_file *m, void *data) map = r_list->map; if (!map) continue; @@ -39894,7 +40461,7 @@ index 7d5a152..d7186da 100644 type = "??"; else type = types[map->type]; -@@ -257,7 +261,11 @@ int drm_vma_info(struct seq_file *m, void *data) +@@ -261,7 +264,11 @@ int drm_vma_info(struct seq_file *m, void *data) vma->vm_flags & VM_MAYSHARE ? 's' : 'p', vma->vm_flags & VM_LOCKED ? 'l' : '-', vma->vm_flags & VM_IO ? 'i' : '-', @@ -39959,10 +40526,10 @@ index 2f4c4343..dd12cd2 100644 ret = drm_ioctl(filp, cmd, arg); diff --git a/drivers/gpu/drm/drm_stub.c b/drivers/gpu/drm/drm_stub.c -index 66dd3a0..3bed6c4 100644 +index 98a33c580..8fd1c2b 100644 --- a/drivers/gpu/drm/drm_stub.c +++ b/drivers/gpu/drm/drm_stub.c -@@ -403,7 +403,7 @@ void drm_unplug_dev(struct drm_device *dev) +@@ -409,7 +409,7 @@ void drm_unplug_dev(struct drm_device *dev) drm_device_set_unplugged(dev); @@ -40000,10 +40567,10 @@ index d4d16ed..8fb0b51 100644 int front_offset; } drm_i810_private_t; diff --git a/drivers/gpu/drm/i915/i915_debugfs.c b/drivers/gpu/drm/i915/i915_debugfs.c -index 6ed45a9..eb6dc41 100644 +index b2b46c5..feb9fe7 100644 --- a/drivers/gpu/drm/i915/i915_debugfs.c +++ b/drivers/gpu/drm/i915/i915_debugfs.c -@@ -702,7 +702,7 @@ static int i915_interrupt_info(struct seq_file *m, void *data) +@@ -713,7 +713,7 @@ static int i915_interrupt_info(struct seq_file *m, void *data) I915_READ(GTIMR)); } seq_printf(m, "Interrupts received: %d\n", @@ -40013,10 +40580,10 @@ index 6ed45a9..eb6dc41 100644 if (INTEL_INFO(dev)->gen >= 6) { seq_printf(m, diff --git a/drivers/gpu/drm/i915/i915_dma.c b/drivers/gpu/drm/i915/i915_dma.c -index e02266a..e3411aa 100644 +index 15a74f9..4278889 100644 --- a/drivers/gpu/drm/i915/i915_dma.c +++ b/drivers/gpu/drm/i915/i915_dma.c -@@ -1271,7 +1271,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) +@@ -1273,7 +1273,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) bool can_switch; spin_lock(&dev->count_lock); @@ -40026,10 +40593,10 @@ index e02266a..e3411aa 100644 return can_switch; } diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h -index 221ac62..f56acc8 100644 +index 697f215..6f89b7f 100644 --- a/drivers/gpu/drm/i915/i915_drv.h +++ b/drivers/gpu/drm/i915/i915_drv.h -@@ -1326,7 +1326,7 @@ typedef struct drm_i915_private { +@@ -1362,7 +1362,7 @@ typedef struct drm_i915_private { drm_dma_handle_t *status_page_dmah; struct resource mch_res; @@ -40039,10 +40606,10 @@ index 221ac62..f56acc8 100644 /* protects the irq masks */ spinlock_t irq_lock; diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c -index a3ba9a8..ee52ddd 100644 +index d269ecf..6d857bc 100644 --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c -@@ -861,9 +861,9 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) +@@ -860,9 +860,9 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) static int validate_exec_list(struct drm_i915_gem_exec_object2 *exec, @@ -40090,10 +40657,10 @@ index 3c59584..500f2e9 100644 return ret; diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c -index a209177..842a89a 100644 +index d554169..f4426bb 100644 --- a/drivers/gpu/drm/i915/i915_irq.c +++ b/drivers/gpu/drm/i915/i915_irq.c -@@ -1419,7 +1419,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) +@@ -1438,7 +1438,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) int pipe; u32 pipe_stats[I915_MAX_PIPES]; @@ -40102,7 +40669,7 @@ index a209177..842a89a 100644 while (true) { iir = I915_READ(VLV_IIR); -@@ -1729,7 +1729,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) +@@ -1751,7 +1751,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) u32 de_iir, gt_iir, de_ier, sde_ier = 0; irqreturn_t ret = IRQ_NONE; @@ -40111,7 +40678,7 @@ index a209177..842a89a 100644 /* We get interrupts on unclaimed registers, so check for this before we * do any I915_{READ,WRITE}. */ -@@ -1799,7 +1799,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg) +@@ -1821,7 +1821,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg) uint32_t tmp = 0; enum pipe pipe; @@ -40120,7 +40687,7 @@ index a209177..842a89a 100644 master_ctl = I915_READ(GEN8_MASTER_IRQ); master_ctl &= ~GEN8_MASTER_IRQ_CONTROL; -@@ -2623,7 +2623,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) +@@ -2645,7 +2645,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) { drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; @@ -40129,7 +40696,7 @@ index a209177..842a89a 100644 I915_WRITE(HWSTAM, 0xeffe); -@@ -2641,7 +2641,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) +@@ -2663,7 +2663,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -40138,7 +40705,7 @@ index a209177..842a89a 100644 /* VLV magic */ I915_WRITE(VLV_IMR, 0); -@@ -2672,7 +2672,7 @@ static void gen8_irq_preinstall(struct drm_device *dev) +@@ -2694,7 +2694,7 @@ static void gen8_irq_preinstall(struct drm_device *dev) struct drm_i915_private *dev_priv = dev->dev_private; int pipe; @@ -40147,7 +40714,7 @@ index a209177..842a89a 100644 I915_WRITE(GEN8_MASTER_IRQ, 0); POSTING_READ(GEN8_MASTER_IRQ); -@@ -2998,7 +2998,7 @@ static void gen8_irq_uninstall(struct drm_device *dev) +@@ -3018,7 +3018,7 @@ static void gen8_irq_uninstall(struct drm_device *dev) if (!dev_priv) return; @@ -40156,7 +40723,7 @@ index a209177..842a89a 100644 I915_WRITE(GEN8_MASTER_IRQ, 0); -@@ -3092,7 +3092,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) +@@ -3112,7 +3112,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -40165,7 +40732,7 @@ index a209177..842a89a 100644 for_each_pipe(pipe) I915_WRITE(PIPESTAT(pipe), 0); -@@ -3178,7 +3178,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) +@@ -3198,7 +3198,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT | I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; @@ -40174,7 +40741,7 @@ index a209177..842a89a 100644 iir = I915_READ16(IIR); if (iir == 0) -@@ -3253,7 +3253,7 @@ static void i915_irq_preinstall(struct drm_device * dev) +@@ -3277,7 +3277,7 @@ static void i915_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -40183,7 +40750,7 @@ index a209177..842a89a 100644 if (I915_HAS_HOTPLUG(dev)) { I915_WRITE(PORT_HOTPLUG_EN, 0); -@@ -3360,7 +3360,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) +@@ -3384,7 +3384,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; int pipe, ret = IRQ_NONE; @@ -40192,7 +40759,7 @@ index a209177..842a89a 100644 iir = I915_READ(IIR); do { -@@ -3487,7 +3487,7 @@ static void i965_irq_preinstall(struct drm_device * dev) +@@ -3511,7 +3511,7 @@ static void i965_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -40201,7 +40768,7 @@ index a209177..842a89a 100644 I915_WRITE(PORT_HOTPLUG_EN, 0); I915_WRITE(PORT_HOTPLUG_STAT, I915_READ(PORT_HOTPLUG_STAT)); -@@ -3603,7 +3603,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) +@@ -3627,7 +3627,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT | I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; @@ -40211,10 +40778,10 @@ index a209177..842a89a 100644 iir = I915_READ(IIR); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index 3c5ff7a..ae759ca 100644 +index 963639d..ea0c0cb 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c -@@ -10506,13 +10506,13 @@ struct intel_quirk { +@@ -10787,13 +10787,13 @@ struct intel_quirk { int subsystem_vendor; int subsystem_device; void (*hook)(struct drm_device *dev); @@ -40230,7 +40797,7 @@ index 3c5ff7a..ae759ca 100644 static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) { -@@ -10520,18 +10520,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) +@@ -10801,18 +10801,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) return 1; } @@ -40262,7 +40829,7 @@ index 3c5ff7a..ae759ca 100644 }, }; diff --git a/drivers/gpu/drm/mga/mga_drv.h b/drivers/gpu/drm/mga/mga_drv.h -index ca4bc54..ee598a2 100644 +index fe45321..836fdca 100644 --- a/drivers/gpu/drm/mga/mga_drv.h +++ b/drivers/gpu/drm/mga/mga_drv.h @@ -120,9 +120,9 @@ typedef struct drm_mga_private { @@ -40278,10 +40845,10 @@ index ca4bc54..ee598a2 100644 unsigned int fb_cpp; diff --git a/drivers/gpu/drm/mga/mga_ioc32.c b/drivers/gpu/drm/mga/mga_ioc32.c -index 709e90d..89a1c0d 100644 +index 86b4bb8..ae237ad 100644 --- a/drivers/gpu/drm/mga/mga_ioc32.c +++ b/drivers/gpu/drm/mga/mga_ioc32.c -@@ -189,7 +189,7 @@ static int compat_mga_dma_bootstrap(struct file *file, unsigned int cmd, +@@ -190,7 +190,7 @@ static int compat_mga_dma_bootstrap(struct file *file, unsigned int cmd, return 0; } @@ -40290,7 +40857,7 @@ index 709e90d..89a1c0d 100644 [DRM_MGA_INIT] = compat_mga_init, [DRM_MGA_GETPARAM] = compat_mga_getparam, [DRM_MGA_DMA_BOOTSTRAP] = compat_mga_dma_bootstrap, -@@ -207,18 +207,15 @@ drm_ioctl_compat_t *mga_compat_ioctls[] = { +@@ -208,18 +208,15 @@ drm_ioctl_compat_t *mga_compat_ioctls[] = { long mga_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) { unsigned int nr = DRM_IOCTL_NR(cmd); @@ -40313,7 +40880,7 @@ index 709e90d..89a1c0d 100644 return ret; diff --git a/drivers/gpu/drm/mga/mga_irq.c b/drivers/gpu/drm/mga/mga_irq.c -index 2b0ceb8..517e99e 100644 +index 1b071b8..de8601a 100644 --- a/drivers/gpu/drm/mga/mga_irq.c +++ b/drivers/gpu/drm/mga/mga_irq.c @@ -43,7 +43,7 @@ u32 mga_get_vblank_counter(struct drm_device *dev, int crtc) @@ -40325,7 +40892,7 @@ index 2b0ceb8..517e99e 100644 } -@@ -59,7 +59,7 @@ irqreturn_t mga_driver_irq_handler(DRM_IRQ_ARGS) +@@ -59,7 +59,7 @@ irqreturn_t mga_driver_irq_handler(int irq, void *arg) /* VBLANK interrupt */ if (status & MGA_VLINEPEN) { MGA_WRITE(MGA_ICLEAR, MGA_VLINEICLR); @@ -40334,19 +40901,19 @@ index 2b0ceb8..517e99e 100644 drm_handle_vblank(dev, 0); handled = 1; } -@@ -78,7 +78,7 @@ irqreturn_t mga_driver_irq_handler(DRM_IRQ_ARGS) +@@ -78,7 +78,7 @@ irqreturn_t mga_driver_irq_handler(int irq, void *arg) if ((prim_start & ~0x03) != (prim_end & ~0x03)) MGA_WRITE(MGA_PRIMEND, prim_end); - atomic_inc(&dev_priv->last_fence_retired); + atomic_inc_unchecked(&dev_priv->last_fence_retired); - DRM_WAKEUP(&dev_priv->fence_queue); + wake_up(&dev_priv->fence_queue); handled = 1; } @@ -129,7 +129,7 @@ int mga_driver_fence_wait(struct drm_device *dev, unsigned int *sequence) * using fences. */ - DRM_WAIT_ON(ret, dev_priv->fence_queue, 3 * DRM_HZ, + DRM_WAIT_ON(ret, dev_priv->fence_queue, 3 * HZ, - (((cur_fence = atomic_read(&dev_priv->last_fence_retired)) + (((cur_fence = atomic_read_unchecked(&dev_priv->last_fence_retired)) - *sequence) <= (1 << 23))); @@ -40366,10 +40933,10 @@ index 4c3feaa..26391ce 100644 #define BIT_TABLE(id, funcid) ((struct bit_table){ id, parse_bit_##funcid##_tbl_entry }) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.h b/drivers/gpu/drm/nouveau/nouveau_drm.h -index 4b0fb6c..67667a9 100644 +index 23ca7a5..b6c955d 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.h +++ b/drivers/gpu/drm/nouveau/nouveau_drm.h -@@ -96,7 +96,6 @@ struct nouveau_drm { +@@ -97,7 +97,6 @@ struct nouveau_drm { struct drm_global_reference mem_global_ref; struct ttm_bo_global_ref bo_global_ref; struct ttm_bo_device bdev; @@ -40391,7 +40958,7 @@ index c1a7e5a..38b8539 100644 if (nr < DRM_COMMAND_BASE) diff --git a/drivers/gpu/drm/nouveau/nouveau_ttm.c b/drivers/gpu/drm/nouveau/nouveau_ttm.c -index 19e3757..ad16478 100644 +index d45d50d..72a5dd2 100644 --- a/drivers/gpu/drm/nouveau/nouveau_ttm.c +++ b/drivers/gpu/drm/nouveau/nouveau_ttm.c @@ -130,11 +130,11 @@ nouveau_vram_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) @@ -40411,7 +40978,7 @@ index 19e3757..ad16478 100644 }; static int -@@ -198,11 +198,11 @@ nouveau_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) +@@ -199,11 +199,11 @@ nouveau_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) } const struct ttm_mem_type_manager_func nouveau_gart_manager = { @@ -40428,7 +40995,7 @@ index 19e3757..ad16478 100644 }; #include <core/subdev/vm/nv04.h> -@@ -270,11 +270,11 @@ nv04_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) +@@ -271,11 +271,11 @@ nv04_gart_manager_debug(struct ttm_mem_type_manager *man, const char *prefix) } const struct ttm_mem_type_manager_func nv04_gart_manager = { @@ -40446,10 +41013,10 @@ index 19e3757..ad16478 100644 int diff --git a/drivers/gpu/drm/nouveau/nouveau_vga.c b/drivers/gpu/drm/nouveau/nouveau_vga.c -index 81638d7..2e45854 100644 +index 471347e..5adc6b9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_vga.c +++ b/drivers/gpu/drm/nouveau/nouveau_vga.c -@@ -65,7 +65,7 @@ nouveau_switcheroo_can_switch(struct pci_dev *pdev) +@@ -67,7 +67,7 @@ nouveau_switcheroo_can_switch(struct pci_dev *pdev) bool can_switch; spin_lock(&dev->count_lock); @@ -40516,7 +41083,7 @@ index c3c2bbd..bc3c0fb 100644 return 0; } diff --git a/drivers/gpu/drm/qxl/qxl_drv.h b/drivers/gpu/drm/qxl/qxl_drv.h -index 7bda32f..dd98fc5 100644 +index 36ed40b..0397633 100644 --- a/drivers/gpu/drm/qxl/qxl_drv.h +++ b/drivers/gpu/drm/qxl/qxl_drv.h @@ -290,10 +290,10 @@ struct qxl_device { @@ -40535,7 +41102,7 @@ index 7bda32f..dd98fc5 100644 wait_queue_head_t display_event; wait_queue_head_t cursor_event; diff --git a/drivers/gpu/drm/qxl/qxl_ioctl.c b/drivers/gpu/drm/qxl/qxl_ioctl.c -index 7b95c75..9cffb4f 100644 +index 0bb86e6..d41416d 100644 --- a/drivers/gpu/drm/qxl/qxl_ioctl.c +++ b/drivers/gpu/drm/qxl/qxl_ioctl.c @@ -181,7 +181,7 @@ static int qxl_process_single_command(struct qxl_device *qdev, @@ -40550,26 +41117,31 @@ index 7b95c75..9cffb4f 100644 @@ -201,7 +201,7 @@ static int qxl_process_single_command(struct qxl_device *qdev, struct drm_qxl_reloc reloc; - if (DRM_COPY_FROM_USER(&reloc, + if (copy_from_user(&reloc, - &((struct drm_qxl_reloc *)(uintptr_t)cmd->relocs)[i], + &((struct drm_qxl_reloc __force_user *)(uintptr_t)cmd->relocs)[i], sizeof(reloc))) { ret = -EFAULT; goto out_free_bos; -@@ -297,7 +297,7 @@ static int qxl_execbuffer_ioctl(struct drm_device *dev, void *data, - struct drm_qxl_command *commands = - (struct drm_qxl_command *)(uintptr_t)execbuffer->commands; +@@ -294,10 +294,10 @@ static int qxl_execbuffer_ioctl(struct drm_device *dev, void *data, + + for (cmd_num = 0; cmd_num < execbuffer->commands_num; ++cmd_num) { -- if (DRM_COPY_FROM_USER(&user_cmd, &commands[cmd_num], -+ if (DRM_COPY_FROM_USER(&user_cmd, (struct drm_qxl_command __force_user *)&commands[cmd_num], +- struct drm_qxl_command *commands = +- (struct drm_qxl_command *)(uintptr_t)execbuffer->commands; ++ struct drm_qxl_command __user *commands = ++ (struct drm_qxl_command __user *)(uintptr_t)execbuffer->commands; + +- if (copy_from_user(&user_cmd, &commands[cmd_num], ++ if (copy_from_user(&user_cmd, (struct drm_qxl_command __force_user *)&commands[cmd_num], sizeof(user_cmd))) return -EFAULT; diff --git a/drivers/gpu/drm/qxl/qxl_irq.c b/drivers/gpu/drm/qxl/qxl_irq.c -index 21393dc..329f3a9 100644 +index 28f84b4..fb3e224 100644 --- a/drivers/gpu/drm/qxl/qxl_irq.c +++ b/drivers/gpu/drm/qxl/qxl_irq.c -@@ -33,19 +33,19 @@ irqreturn_t qxl_irq_handler(DRM_IRQ_ARGS) +@@ -33,19 +33,19 @@ irqreturn_t qxl_irq_handler(int irq, void *arg) pending = xchg(&qdev->ram_header->int_pending, 0); @@ -40609,7 +41181,7 @@ index 21393dc..329f3a9 100644 ret = drm_irq_install(qdev->ddev); qdev->ram_header->int_mask = QXL_INTERRUPT_MASK; diff --git a/drivers/gpu/drm/qxl/qxl_ttm.c b/drivers/gpu/drm/qxl/qxl_ttm.c -index c7e7e65..7dddd4d 100644 +index c82c1d6a9..6158c02 100644 --- a/drivers/gpu/drm/qxl/qxl_ttm.c +++ b/drivers/gpu/drm/qxl/qxl_ttm.c @@ -103,7 +103,7 @@ static void qxl_ttm_global_fini(struct qxl_device *qdev) @@ -40632,7 +41204,7 @@ index c7e7e65..7dddd4d 100644 } vma->vm_ops = &qxl_ttm_vm_ops; return 0; -@@ -560,25 +562,23 @@ static int qxl_mm_dump_table(struct seq_file *m, void *data) +@@ -561,25 +563,23 @@ static int qxl_mm_dump_table(struct seq_file *m, void *data) static int qxl_ttm_debugfs_init(struct qxl_device *qdev) { #if defined(CONFIG_DEBUG_FS) @@ -40674,7 +41246,7 @@ index c7e7e65..7dddd4d 100644 return 0; #endif diff --git a/drivers/gpu/drm/r128/r128_cce.c b/drivers/gpu/drm/r128/r128_cce.c -index c451257..0ad2134 100644 +index 59459fe..be26b31 100644 --- a/drivers/gpu/drm/r128/r128_cce.c +++ b/drivers/gpu/drm/r128/r128_cce.c @@ -377,7 +377,7 @@ static int r128_do_init_cce(struct drm_device *dev, drm_r128_init_t *init) @@ -40687,7 +41259,7 @@ index c451257..0ad2134 100644 /* We don't support anything other than bus-mastering ring mode, * but the ring can be in either AGP or PCI space for the ring diff --git a/drivers/gpu/drm/r128/r128_drv.h b/drivers/gpu/drm/r128/r128_drv.h -index 56eb5e3..c4ec43d 100644 +index 5bf3f5f..7000661 100644 --- a/drivers/gpu/drm/r128/r128_drv.h +++ b/drivers/gpu/drm/r128/r128_drv.h @@ -90,14 +90,14 @@ typedef struct drm_r128_private { @@ -40708,10 +41280,10 @@ index 56eb5e3..c4ec43d 100644 u32 color_fmt; unsigned int front_offset; diff --git a/drivers/gpu/drm/r128/r128_ioc32.c b/drivers/gpu/drm/r128/r128_ioc32.c -index a954c54..9cc595c 100644 +index b0d0fd3..a6fbbe4 100644 --- a/drivers/gpu/drm/r128/r128_ioc32.c +++ b/drivers/gpu/drm/r128/r128_ioc32.c -@@ -177,7 +177,7 @@ static int compat_r128_getparam(struct file *file, unsigned int cmd, +@@ -178,7 +178,7 @@ static int compat_r128_getparam(struct file *file, unsigned int cmd, return drm_ioctl(file, DRM_IOCTL_R128_GETPARAM, (unsigned long)getparam); } @@ -40720,7 +41292,7 @@ index a954c54..9cc595c 100644 [DRM_R128_INIT] = compat_r128_init, [DRM_R128_DEPTH] = compat_r128_depth, [DRM_R128_STIPPLE] = compat_r128_stipple, -@@ -196,18 +196,15 @@ drm_ioctl_compat_t *r128_compat_ioctls[] = { +@@ -197,18 +197,15 @@ drm_ioctl_compat_t *r128_compat_ioctls[] = { long r128_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) { unsigned int nr = DRM_IOCTL_NR(cmd); @@ -40743,7 +41315,7 @@ index a954c54..9cc595c 100644 return ret; diff --git a/drivers/gpu/drm/r128/r128_irq.c b/drivers/gpu/drm/r128/r128_irq.c -index 2ea4f09..d391371 100644 +index c2ae496..30b5993 100644 --- a/drivers/gpu/drm/r128/r128_irq.c +++ b/drivers/gpu/drm/r128/r128_irq.c @@ -41,7 +41,7 @@ u32 r128_get_vblank_counter(struct drm_device *dev, int crtc) @@ -40754,8 +41326,8 @@ index 2ea4f09..d391371 100644 + return atomic_read_unchecked(&dev_priv->vbl_received); } - irqreturn_t r128_driver_irq_handler(DRM_IRQ_ARGS) -@@ -55,7 +55,7 @@ irqreturn_t r128_driver_irq_handler(DRM_IRQ_ARGS) + irqreturn_t r128_driver_irq_handler(int irq, void *arg) +@@ -55,7 +55,7 @@ irqreturn_t r128_driver_irq_handler(int irq, void *arg) /* VBLANK interrupt */ if (status & R128_CRTC_VBLANK_INT) { R128_WRITE(R128_GEN_INT_STATUS, R128_CRTC_VBLANK_INT_AK); @@ -40765,7 +41337,7 @@ index 2ea4f09..d391371 100644 return IRQ_HANDLED; } diff --git a/drivers/gpu/drm/r128/r128_state.c b/drivers/gpu/drm/r128/r128_state.c -index 01dd9ae..6352f04 100644 +index e806dac..f81d32f 100644 --- a/drivers/gpu/drm/r128/r128_state.c +++ b/drivers/gpu/drm/r128/r128_state.c @@ -320,10 +320,10 @@ static void r128_clear_box(drm_r128_private_t *dev_priv, @@ -40782,7 +41354,7 @@ index 01dd9ae..6352f04 100644 #endif diff --git a/drivers/gpu/drm/radeon/mkregtable.c b/drivers/gpu/drm/radeon/mkregtable.c -index af85299..ed9ac8d 100644 +index 4a85bb6..aaea819 100644 --- a/drivers/gpu/drm/radeon/mkregtable.c +++ b/drivers/gpu/drm/radeon/mkregtable.c @@ -624,14 +624,14 @@ static int parser_auth(struct table *t, const char *filename) @@ -40803,10 +41375,10 @@ index af85299..ed9ac8d 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index 39b033b..6efc056 100644 +index 044bc98..50ced9b 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c -@@ -1120,7 +1120,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) +@@ -1125,7 +1125,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) bool can_switch; spin_lock(&dev->count_lock); @@ -40816,7 +41388,7 @@ index 39b033b..6efc056 100644 return can_switch; } diff --git a/drivers/gpu/drm/radeon/radeon_drv.h b/drivers/gpu/drm/radeon/radeon_drv.h -index 00e0d44..08381a4 100644 +index dafd812..1bf20c7 100644 --- a/drivers/gpu/drm/radeon/radeon_drv.h +++ b/drivers/gpu/drm/radeon/radeon_drv.h @@ -262,7 +262,7 @@ typedef struct drm_radeon_private { @@ -40873,7 +41445,7 @@ index bdb0f93..5ff558f 100644 return ret; diff --git a/drivers/gpu/drm/radeon/radeon_irq.c b/drivers/gpu/drm/radeon/radeon_irq.c -index 8d68e97..9dcfed8 100644 +index 244b19b..c19226d 100644 --- a/drivers/gpu/drm/radeon/radeon_irq.c +++ b/drivers/gpu/drm/radeon/radeon_irq.c @@ -226,8 +226,8 @@ static int radeon_emit_irq(struct drm_device * dev) @@ -40893,19 +41465,19 @@ index 8d68e97..9dcfed8 100644 - atomic_set(&dev_priv->swi_emitted, 0); + atomic_set_unchecked(&dev_priv->swi_emitted, 0); - DRM_INIT_WAITQUEUE(&dev_priv->swi_queue); + init_waitqueue_head(&dev_priv->swi_queue); dev->max_vblank_count = 0x001fffff; diff --git a/drivers/gpu/drm/radeon/radeon_state.c b/drivers/gpu/drm/radeon/radeon_state.c -index 4d20910..6726b6d 100644 +index 956ab7f..fbd36d8 100644 --- a/drivers/gpu/drm/radeon/radeon_state.c +++ b/drivers/gpu/drm/radeon/radeon_state.c @@ -2168,7 +2168,7 @@ static int radeon_cp_clear(struct drm_device *dev, void *data, struct drm_file * if (sarea_priv->nbox > RADEON_NR_SAREA_CLIPRECTS) sarea_priv->nbox = RADEON_NR_SAREA_CLIPRECTS; -- if (DRM_COPY_FROM_USER(&depth_boxes, clear->depth_boxes, -+ if (sarea_priv->nbox > RADEON_NR_SAREA_CLIPRECTS || DRM_COPY_FROM_USER(&depth_boxes, clear->depth_boxes, +- if (copy_from_user(&depth_boxes, clear->depth_boxes, ++ if (sarea_priv->nbox > RADEON_NR_SAREA_CLIPRECTS || copy_from_user(&depth_boxes, clear->depth_boxes, sarea_priv->nbox * sizeof(depth_boxes[0]))) return -EFAULT; @@ -40919,10 +41491,10 @@ index 4d20910..6726b6d 100644 DRM_DEBUG("pid=%d\n", DRM_CURRENTPID); diff --git a/drivers/gpu/drm/radeon/radeon_ttm.c b/drivers/gpu/drm/radeon/radeon_ttm.c -index 84323c9..cf07baf 100644 +index 040a2a1..eae4e54 100644 --- a/drivers/gpu/drm/radeon/radeon_ttm.c +++ b/drivers/gpu/drm/radeon/radeon_ttm.c -@@ -787,7 +787,7 @@ void radeon_ttm_set_active_vram_size(struct radeon_device *rdev, u64 size) +@@ -790,7 +790,7 @@ void radeon_ttm_set_active_vram_size(struct radeon_device *rdev, u64 size) man->size = size >> PAGE_SHIFT; } @@ -40931,7 +41503,7 @@ index 84323c9..cf07baf 100644 static const struct vm_operations_struct *ttm_vm_ops = NULL; static int radeon_ttm_fault(struct vm_area_struct *vma, struct vm_fault *vmf) -@@ -828,8 +828,10 @@ int radeon_mmap(struct file *filp, struct vm_area_struct *vma) +@@ -831,8 +831,10 @@ int radeon_mmap(struct file *filp, struct vm_area_struct *vma) } if (unlikely(ttm_vm_ops == NULL)) { ttm_vm_ops = vma->vm_ops; @@ -40942,75 +41514,11 @@ index 84323c9..cf07baf 100644 } vma->vm_ops = &radeon_ttm_vm_ops; return 0; -@@ -858,38 +860,33 @@ static int radeon_mm_dump_table(struct seq_file *m, void *data) - static int radeon_ttm_debugfs_init(struct radeon_device *rdev) - { - #if defined(CONFIG_DEBUG_FS) -- static struct drm_info_list radeon_mem_types_list[RADEON_DEBUGFS_MEM_TYPES+2]; -- static char radeon_mem_types_names[RADEON_DEBUGFS_MEM_TYPES+2][32]; -- unsigned i; -+ static struct drm_info_list radeon_mem_types_list[RADEON_DEBUGFS_MEM_TYPES+2] = { -+ { -+ .name = "radeon_vram_mm", -+ .show = &radeon_mm_dump_table, -+ }, -+ { -+ .name = "radeon_gtt_mm", -+ .show = &radeon_mm_dump_table, -+ }, -+ { -+ .name = "ttm_page_pool", -+ .show = &ttm_page_alloc_debugfs, -+ }, -+ { -+ .name = "ttm_dma_page_pool", -+ .show = &ttm_dma_page_alloc_debugfs, -+ }, -+ }; -+ unsigned i = RADEON_DEBUGFS_MEM_TYPES + 1; - -- for (i = 0; i < RADEON_DEBUGFS_MEM_TYPES; i++) { -- if (i == 0) -- sprintf(radeon_mem_types_names[i], "radeon_vram_mm"); -- else -- sprintf(radeon_mem_types_names[i], "radeon_gtt_mm"); -- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; -- radeon_mem_types_list[i].show = &radeon_mm_dump_table; -- radeon_mem_types_list[i].driver_features = 0; -- if (i == 0) -- radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_VRAM].priv; -- else -- radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_TT].priv; -- -- } -- /* Add ttm page pool to debugfs */ -- sprintf(radeon_mem_types_names[i], "ttm_page_pool"); -- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; -- radeon_mem_types_list[i].show = &ttm_page_alloc_debugfs; -- radeon_mem_types_list[i].driver_features = 0; -- radeon_mem_types_list[i++].data = NULL; -+ pax_open_kernel(); -+ *(void **)&radeon_mem_types_list[0].data = rdev->mman.bdev.man[TTM_PL_VRAM].priv; -+ *(void **)&radeon_mem_types_list[1].data = rdev->mman.bdev.man[TTM_PL_TT].priv; -+ pax_close_kernel(); - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- sprintf(radeon_mem_types_names[i], "ttm_dma_page_pool"); -- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; -- radeon_mem_types_list[i].show = &ttm_dma_page_alloc_debugfs; -- radeon_mem_types_list[i].driver_features = 0; -- radeon_mem_types_list[i++].data = NULL; -- } -+ if (swiotlb_nr_tbl()) -+ i++; - #endif - return radeon_debugfs_add_files(rdev, radeon_mem_types_list, i); - diff --git a/drivers/gpu/drm/tegra/dc.c b/drivers/gpu/drm/tegra/dc.c -index ae1cb31..5b5b6b7c 100644 +index 9336006..ce78aa7 100644 --- a/drivers/gpu/drm/tegra/dc.c +++ b/drivers/gpu/drm/tegra/dc.c -@@ -1064,7 +1064,7 @@ static int tegra_dc_debugfs_init(struct tegra_dc *dc, struct drm_minor *minor) +@@ -1057,7 +1057,7 @@ static int tegra_dc_debugfs_init(struct tegra_dc *dc, struct drm_minor *minor) } for (i = 0; i < ARRAY_SIZE(debugfs_files); i++) @@ -41019,11 +41527,24 @@ index ae1cb31..5b5b6b7c 100644 err = drm_debugfs_create_files(dc->debugfs_files, ARRAY_SIZE(debugfs_files), +diff --git a/drivers/gpu/drm/tegra/dsi.c b/drivers/gpu/drm/tegra/dsi.c +index d452faab..f8cbc6a 100644 +--- a/drivers/gpu/drm/tegra/dsi.c ++++ b/drivers/gpu/drm/tegra/dsi.c +@@ -53,7 +53,7 @@ struct tegra_dsi { + struct clk *clk_lp; + struct clk *clk; + +- struct drm_info_list *debugfs_files; ++ drm_info_list_no_const *debugfs_files; + struct drm_minor *minor; + struct dentry *debugfs; + diff --git a/drivers/gpu/drm/tegra/hdmi.c b/drivers/gpu/drm/tegra/hdmi.c -index 0cd9bc2..9759be4 100644 +index 6928015..c9853e7 100644 --- a/drivers/gpu/drm/tegra/hdmi.c +++ b/drivers/gpu/drm/tegra/hdmi.c -@@ -57,7 +57,7 @@ struct tegra_hdmi { +@@ -59,7 +59,7 @@ struct tegra_hdmi { bool stereo; bool dvi; @@ -41091,7 +41612,7 @@ index 863bef9..cba15cf 100644 int shrink_pages = sc->nr_to_scan; unsigned long freed = 0; diff --git a/drivers/gpu/drm/udl/udl_fb.c b/drivers/gpu/drm/udl/udl_fb.c -index 97e9d61..bf23c461 100644 +index dbadd49..1b7457b 100644 --- a/drivers/gpu/drm/udl/udl_fb.c +++ b/drivers/gpu/drm/udl/udl_fb.c @@ -367,7 +367,6 @@ static int udl_fb_release(struct fb_info *info, int user) @@ -41103,7 +41624,7 @@ index 97e9d61..bf23c461 100644 pr_warn("released /dev/fb%d user=%d count=%d\n", diff --git a/drivers/gpu/drm/via/via_drv.h b/drivers/gpu/drm/via/via_drv.h -index a811ef2..ff99b05 100644 +index ad02732..144f5ed 100644 --- a/drivers/gpu/drm/via/via_drv.h +++ b/drivers/gpu/drm/via/via_drv.h @@ -51,7 +51,7 @@ typedef struct drm_via_ring_buffer { @@ -41125,7 +41646,7 @@ index a811ef2..ff99b05 100644 char pci_buf[VIA_PCI_BUF_SIZE]; const uint32_t *fire_offsets[VIA_FIRE_BUF_SIZE]; diff --git a/drivers/gpu/drm/via/via_irq.c b/drivers/gpu/drm/via/via_irq.c -index ac98964..5dbf512 100644 +index 1319433..a993b0c 100644 --- a/drivers/gpu/drm/via/via_irq.c +++ b/drivers/gpu/drm/via/via_irq.c @@ -101,7 +101,7 @@ u32 via_get_vblank_counter(struct drm_device *dev, int crtc) @@ -41136,8 +41657,8 @@ index ac98964..5dbf512 100644 + return atomic_read_unchecked(&dev_priv->vbl_received); } - irqreturn_t via_driver_irq_handler(DRM_IRQ_ARGS) -@@ -116,8 +116,8 @@ irqreturn_t via_driver_irq_handler(DRM_IRQ_ARGS) + irqreturn_t via_driver_irq_handler(int irq, void *arg) +@@ -116,8 +116,8 @@ irqreturn_t via_driver_irq_handler(int irq, void *arg) status = VIA_READ(VIA_REG_INTERRUPT); if (status & VIA_IRQ_VBLANK_PENDING) { @@ -41148,7 +41669,7 @@ index ac98964..5dbf512 100644 do_gettimeofday(&cur_vblank); if (dev_priv->last_vblank_valid) { dev_priv->usec_per_vblank = -@@ -127,7 +127,7 @@ irqreturn_t via_driver_irq_handler(DRM_IRQ_ARGS) +@@ -127,7 +127,7 @@ irqreturn_t via_driver_irq_handler(int irq, void *arg) dev_priv->last_vblank = cur_vblank; dev_priv->last_vblank_valid = 1; } @@ -41157,23 +41678,23 @@ index ac98964..5dbf512 100644 DRM_DEBUG("US per vblank is: %u\n", dev_priv->usec_per_vblank); } -@@ -137,7 +137,7 @@ irqreturn_t via_driver_irq_handler(DRM_IRQ_ARGS) +@@ -137,7 +137,7 @@ irqreturn_t via_driver_irq_handler(int irq, void *arg) for (i = 0; i < dev_priv->num_irqs; ++i) { if (status & cur_irq->pending_mask) { - atomic_inc(&cur_irq->irq_received); + atomic_inc_unchecked(&cur_irq->irq_received); - DRM_WAKEUP(&cur_irq->irq_queue); + wake_up(&cur_irq->irq_queue); handled = 1; if (dev_priv->irq_map[drm_via_irq_dma0_td] == i) @@ -242,11 +242,11 @@ via_driver_irq_wait(struct drm_device *dev, unsigned int irq, int force_sequence - DRM_WAIT_ON(ret, cur_irq->irq_queue, 3 * DRM_HZ, + DRM_WAIT_ON(ret, cur_irq->irq_queue, 3 * HZ, ((VIA_READ(masks[irq][2]) & masks[irq][3]) == masks[irq][4])); - cur_irq_sequence = atomic_read(&cur_irq->irq_received); + cur_irq_sequence = atomic_read_unchecked(&cur_irq->irq_received); } else { - DRM_WAIT_ON(ret, cur_irq->irq_queue, 3 * DRM_HZ, + DRM_WAIT_ON(ret, cur_irq->irq_queue, 3 * HZ, (((cur_irq_sequence = - atomic_read(&cur_irq->irq_received)) - + atomic_read_unchecked(&cur_irq->irq_received)) - @@ -41188,7 +41709,7 @@ index ac98964..5dbf512 100644 + atomic_set_unchecked(&cur_irq->irq_received, 0); cur_irq->enable_mask = dev_priv->irq_masks[i][0]; cur_irq->pending_mask = dev_priv->irq_masks[i][1]; - DRM_INIT_WAITQUEUE(&cur_irq->irq_queue); + init_waitqueue_head(&cur_irq->irq_queue); @@ -366,7 +366,7 @@ int via_wait_irq(struct drm_device *dev, void *data, struct drm_file *file_priv) switch (irqwait->request.type & ~VIA_IRQ_FLAGS_MASK) { case VIA_IRQ_RELATIVE: @@ -41199,10 +41720,10 @@ index ac98964..5dbf512 100644 case VIA_IRQ_ABSOLUTE: break; diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.h b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.h -index c0b73b9..f6f7f34 100644 +index 0783155..b29e18e 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.h +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.h -@@ -341,7 +341,7 @@ struct vmw_private { +@@ -437,7 +437,7 @@ struct vmw_private { * Fencing and IRQs. */ @@ -41212,10 +41733,10 @@ index c0b73b9..f6f7f34 100644 wait_queue_head_t fifo_queue; int fence_queue_waiters; /* Protected by hw_mutex */ diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c b/drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c -index 3eb1486..0a47ee9 100644 +index 6ccd993..618d592 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c -@@ -137,7 +137,7 @@ int vmw_fifo_init(struct vmw_private *dev_priv, struct vmw_fifo_state *fifo) +@@ -154,7 +154,7 @@ int vmw_fifo_init(struct vmw_private *dev_priv, struct vmw_fifo_state *fifo) (unsigned int) min, (unsigned int) fifo->capabilities); @@ -41224,7 +41745,7 @@ index 3eb1486..0a47ee9 100644 iowrite32(dev_priv->last_read_seqno, fifo_mem + SVGA_FIFO_FENCE); vmw_marker_queue_init(&fifo->marker_queue); return vmw_fifo_send_fence(dev_priv, &dummy); -@@ -355,7 +355,7 @@ void *vmw_fifo_reserve(struct vmw_private *dev_priv, uint32_t bytes) +@@ -372,7 +372,7 @@ void *vmw_fifo_reserve(struct vmw_private *dev_priv, uint32_t bytes) if (reserveable) iowrite32(bytes, fifo_mem + SVGA_FIFO_RESERVED); @@ -41233,7 +41754,7 @@ index 3eb1486..0a47ee9 100644 } else { need_bounce = true; } -@@ -475,7 +475,7 @@ int vmw_fifo_send_fence(struct vmw_private *dev_priv, uint32_t *seqno) +@@ -492,7 +492,7 @@ int vmw_fifo_send_fence(struct vmw_private *dev_priv, uint32_t *seqno) fm = vmw_fifo_reserve(dev_priv, bytes); if (unlikely(fm == NULL)) { @@ -41242,7 +41763,7 @@ index 3eb1486..0a47ee9 100644 ret = -ENOMEM; (void)vmw_fallback_wait(dev_priv, false, true, *seqno, false, 3*HZ); -@@ -483,7 +483,7 @@ int vmw_fifo_send_fence(struct vmw_private *dev_priv, uint32_t *seqno) +@@ -500,7 +500,7 @@ int vmw_fifo_send_fence(struct vmw_private *dev_priv, uint32_t *seqno) } do { @@ -41252,10 +41773,10 @@ index 3eb1486..0a47ee9 100644 if (!(fifo_state->capabilities & SVGA_FIFO_CAP_FENCE)) { diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c b/drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c -index c5c054a..46f0548 100644 +index b1273e8..9c274fd 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c -@@ -153,9 +153,9 @@ static void vmw_gmrid_man_debug(struct ttm_mem_type_manager *man, +@@ -164,9 +164,9 @@ static void vmw_gmrid_man_debug(struct ttm_mem_type_manager *man, } const struct ttm_mem_type_manager_func vmw_gmrid_manager_func = { @@ -41271,10 +41792,10 @@ index c5c054a..46f0548 100644 + .debug = vmw_gmrid_man_debug }; diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_ioctl.c b/drivers/gpu/drm/vmwgfx/vmwgfx_ioctl.c -index 45d5b5a..f3f5e4e 100644 +index 47b7094..698ba09 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_ioctl.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_ioctl.c -@@ -141,7 +141,7 @@ int vmw_present_ioctl(struct drm_device *dev, void *data, +@@ -236,7 +236,7 @@ int vmw_present_ioctl(struct drm_device *dev, void *data, int ret; num_clips = arg->num_clips; @@ -41283,7 +41804,7 @@ index 45d5b5a..f3f5e4e 100644 if (unlikely(num_clips == 0)) return 0; -@@ -225,7 +225,7 @@ int vmw_present_readback_ioctl(struct drm_device *dev, void *data, +@@ -320,7 +320,7 @@ int vmw_present_readback_ioctl(struct drm_device *dev, void *data, int ret; num_clips = arg->num_clips; @@ -41293,7 +41814,7 @@ index 45d5b5a..f3f5e4e 100644 if (unlikely(num_clips == 0)) return 0; diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_irq.c b/drivers/gpu/drm/vmwgfx/vmwgfx_irq.c -index 4640adb..e1384ed 100644 +index 0c42376..6febe77 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_irq.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_irq.c @@ -107,7 +107,7 @@ bool vmw_seqno_passed(struct vmw_private *dev_priv, @@ -41350,10 +41871,10 @@ index ec0ae2d..dc0780b 100644 /* copy over all the bus versions */ if (dev->bus && dev->bus->pm) { diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c -index 253fe23..0dfec5f 100644 +index 8a5384c..cf63c18 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c -@@ -2416,7 +2416,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); +@@ -2422,7 +2422,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); int hid_add_device(struct hid_device *hdev) { @@ -41362,7 +41883,7 @@ index 253fe23..0dfec5f 100644 int ret; if (WARN_ON(hdev->status & HID_STAT_ADDED)) -@@ -2450,7 +2450,7 @@ int hid_add_device(struct hid_device *hdev) +@@ -2456,7 +2456,7 @@ int hid_add_device(struct hid_device *hdev) /* XXX hack, any other cleaner solution after the driver core * is converted to allow more than 20 bytes as the device name? */ dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, @@ -41416,10 +41937,10 @@ index cedc6da..2c3da2a 100644 if (atomic_read(&uhid->report_done)) goto unlock; diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c -index cea623c..73011b0 100644 +index 69ea36f..8dbf4bb 100644 --- a/drivers/hv/channel.c +++ b/drivers/hv/channel.c -@@ -362,8 +362,8 @@ int vmbus_establish_gpadl(struct vmbus_channel *channel, void *kbuffer, +@@ -364,8 +364,8 @@ int vmbus_establish_gpadl(struct vmbus_channel *channel, void *kbuffer, int ret = 0; int t; @@ -41431,7 +41952,7 @@ index cea623c..73011b0 100644 ret = create_gpadl_header(kbuffer, size, &msginfo, &msgcount); if (ret) diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c -index f0c5e07..399256e 100644 +index bcb4950..61dba6c 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -112,7 +112,7 @@ static u64 do_hypercall(u64 control, void *input, void *output) @@ -41443,6 +41964,15 @@ index f0c5e07..399256e 100644 __asm__ __volatile__ ("call *%8" : "=d"(hv_status_hi), "=a"(hv_status_lo) : "d" (control_hi), +@@ -154,7 +154,7 @@ int hv_init(void) + /* See if the hypercall page is already set */ + rdmsrl(HV_X64_MSR_HYPERCALL, hypercall_msr.as_uint64); + +- virtaddr = __vmalloc(PAGE_SIZE, GFP_KERNEL, PAGE_KERNEL_EXEC); ++ virtaddr = __vmalloc(PAGE_SIZE, GFP_KERNEL, PAGE_KERNEL_RX); + + if (!virtaddr) + goto cleanup; diff --git a/drivers/hv/hv_balloon.c b/drivers/hv/hv_balloon.c index 7e17a54..a50a33d 100644 --- a/drivers/hv/hv_balloon.c @@ -41542,10 +42072,10 @@ index e055176..c22ff1f 100644 /* * Represents channel interrupts. Each bit position represents a diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c -index 48aad4f..c768fb2 100644 +index 077bb1b..d433d74 100644 --- a/drivers/hv/vmbus_drv.c +++ b/drivers/hv/vmbus_drv.c -@@ -846,10 +846,10 @@ int vmbus_device_register(struct hv_device *child_device_obj) +@@ -844,10 +844,10 @@ int vmbus_device_register(struct hv_device *child_device_obj) { int ret = 0; @@ -41559,10 +42089,10 @@ index 48aad4f..c768fb2 100644 child_device_obj->device.bus = &hv_bus; child_device_obj->device.parent = &hv_acpi_dev->dev; diff --git a/drivers/hwmon/acpi_power_meter.c b/drivers/hwmon/acpi_power_meter.c -index 6a34f7f..aa4c3a6 100644 +index 579bdf9..75118b5 100644 --- a/drivers/hwmon/acpi_power_meter.c +++ b/drivers/hwmon/acpi_power_meter.c -@@ -117,7 +117,7 @@ struct sensor_template { +@@ -116,7 +116,7 @@ struct sensor_template { struct device_attribute *devattr, const char *buf, size_t count); int index; @@ -41571,7 +42101,7 @@ index 6a34f7f..aa4c3a6 100644 /* Averaging interval */ static int update_avg_interval(struct acpi_power_meter_resource *resource) -@@ -632,7 +632,7 @@ static int register_attrs(struct acpi_power_meter_resource *resource, +@@ -631,7 +631,7 @@ static int register_attrs(struct acpi_power_meter_resource *resource, struct sensor_template *attrs) { struct device *dev = &resource->acpi_dev->dev; @@ -41594,10 +42124,10 @@ index 3288f13..71cfb4e 100644 for (grp = groups; grp->format; grp++) { diff --git a/drivers/hwmon/asus_atk0110.c b/drivers/hwmon/asus_atk0110.c -index dafc63c..4abb96c 100644 +index ae208f6..48b6c5b 100644 --- a/drivers/hwmon/asus_atk0110.c +++ b/drivers/hwmon/asus_atk0110.c -@@ -151,10 +151,10 @@ MODULE_DEVICE_TABLE(acpi, atk_ids); +@@ -147,10 +147,10 @@ MODULE_DEVICE_TABLE(acpi, atk_ids); struct atk_sensor_data { struct list_head list; struct atk_data *data; @@ -41612,7 +42142,7 @@ index dafc63c..4abb96c 100644 char label_attr_name[ATTR_NAME_SIZE]; char input_attr_name[ATTR_NAME_SIZE]; char limit1_attr_name[ATTR_NAME_SIZE]; -@@ -274,7 +274,7 @@ static ssize_t atk_name_show(struct device *dev, +@@ -270,7 +270,7 @@ static ssize_t atk_name_show(struct device *dev, static struct device_attribute atk_name_attr = __ATTR(name, 0444, atk_name_show, NULL); @@ -41622,10 +42152,10 @@ index dafc63c..4abb96c 100644 { sysfs_attr_init(&attr->attr); diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c -index 9425098..7646cc5 100644 +index bbb0b0d..9fe1332 100644 --- a/drivers/hwmon/coretemp.c +++ b/drivers/hwmon/coretemp.c -@@ -797,7 +797,7 @@ static int coretemp_cpu_callback(struct notifier_block *nfb, +@@ -823,7 +823,7 @@ static int coretemp_cpu_callback(struct notifier_block *nfb, return NOTIFY_OK; } @@ -41661,7 +42191,7 @@ index 708081b..fe2d4ab 100644 int in_i = 1, temp_i = 1, curr_i = 1; enum iio_chan_type type; diff --git a/drivers/hwmon/nct6775.c b/drivers/hwmon/nct6775.c -index cf811c1..4c17110 100644 +index 38d5a63..cf2c2ea 100644 --- a/drivers/hwmon/nct6775.c +++ b/drivers/hwmon/nct6775.c @@ -944,10 +944,10 @@ static struct attribute_group * @@ -41679,10 +42209,10 @@ index cf811c1..4c17110 100644 struct sensor_device_template **t; int i, count; diff --git a/drivers/hwmon/pmbus/pmbus_core.c b/drivers/hwmon/pmbus/pmbus_core.c -index 3cbf66e..8c5cc2a 100644 +index 291d11f..3f0dbbd 100644 --- a/drivers/hwmon/pmbus/pmbus_core.c +++ b/drivers/hwmon/pmbus/pmbus_core.c -@@ -782,7 +782,7 @@ static int pmbus_add_attribute(struct pmbus_data *data, struct attribute *attr) +@@ -783,7 +783,7 @@ static int pmbus_add_attribute(struct pmbus_data *data, struct attribute *attr) return 0; } @@ -41691,7 +42221,7 @@ index 3cbf66e..8c5cc2a 100644 const char *name, umode_t mode, ssize_t (*show)(struct device *dev, -@@ -799,7 +799,7 @@ static void pmbus_dev_attr_init(struct device_attribute *dev_attr, +@@ -800,7 +800,7 @@ static void pmbus_dev_attr_init(struct device_attribute *dev_attr, dev_attr->store = store; } @@ -41700,7 +42230,7 @@ index 3cbf66e..8c5cc2a 100644 const char *name, umode_t mode, ssize_t (*show)(struct device *dev, -@@ -821,7 +821,7 @@ static int pmbus_add_boolean(struct pmbus_data *data, +@@ -822,7 +822,7 @@ static int pmbus_add_boolean(struct pmbus_data *data, u16 reg, u8 mask) { struct pmbus_boolean *boolean; @@ -41709,7 +42239,7 @@ index 3cbf66e..8c5cc2a 100644 boolean = devm_kzalloc(data->dev, sizeof(*boolean), GFP_KERNEL); if (!boolean) -@@ -846,7 +846,7 @@ static struct pmbus_sensor *pmbus_add_sensor(struct pmbus_data *data, +@@ -847,7 +847,7 @@ static struct pmbus_sensor *pmbus_add_sensor(struct pmbus_data *data, bool update, bool readonly) { struct pmbus_sensor *sensor; @@ -41718,7 +42248,7 @@ index 3cbf66e..8c5cc2a 100644 sensor = devm_kzalloc(data->dev, sizeof(*sensor), GFP_KERNEL); if (!sensor) -@@ -877,7 +877,7 @@ static int pmbus_add_label(struct pmbus_data *data, +@@ -878,7 +878,7 @@ static int pmbus_add_label(struct pmbus_data *data, const char *lstring, int index) { struct pmbus_label *label; @@ -41793,7 +42323,7 @@ index 38944e9..ae9e5ed 100644 }; diff --git a/drivers/i2c/busses/i2c-amd756-s4882.c b/drivers/i2c/busses/i2c-amd756-s4882.c -index 07f01ac..d79ad3d 100644 +index 41fc683..a39cfea 100644 --- a/drivers/i2c/busses/i2c-amd756-s4882.c +++ b/drivers/i2c/busses/i2c-amd756-s4882.c @@ -43,7 +43,7 @@ @@ -41819,7 +42349,7 @@ index 721f7eb..0fd2a09 100644 int ret = 0; int actual; diff --git a/drivers/i2c/busses/i2c-nforce2-s4985.c b/drivers/i2c/busses/i2c-nforce2-s4985.c -index 2ca268d..c6acbdf 100644 +index b170bdf..3c76427 100644 --- a/drivers/i2c/busses/i2c-nforce2-s4985.c +++ b/drivers/i2c/busses/i2c-nforce2-s4985.c @@ -41,7 +41,7 @@ @@ -41858,10 +42388,10 @@ index 0b510ba..4fbb5085 100644 } } diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c -index 18f72e3..3722327 100644 +index acc911a..8700c3c 100644 --- a/drivers/iio/industrialio-core.c +++ b/drivers/iio/industrialio-core.c -@@ -521,7 +521,7 @@ static ssize_t iio_write_channel_info(struct device *dev, +@@ -527,7 +527,7 @@ static ssize_t iio_write_channel_info(struct device *dev, } static @@ -41871,10 +42401,10 @@ index 18f72e3..3722327 100644 struct iio_chan_spec const *chan, ssize_t (*readfunc)(struct device *dev, diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c -index f2ef7ef..743d02f 100644 +index c323917..6ddea8b 100644 --- a/drivers/infiniband/core/cm.c +++ b/drivers/infiniband/core/cm.c -@@ -114,7 +114,7 @@ static char const counter_group_names[CM_COUNTER_GROUPS] +@@ -115,7 +115,7 @@ static char const counter_group_names[CM_COUNTER_GROUPS] struct cm_counter_group { struct kobject obj; @@ -41883,7 +42413,7 @@ index f2ef7ef..743d02f 100644 }; struct cm_counter_attribute { -@@ -1392,7 +1392,7 @@ static void cm_dup_req_handler(struct cm_work *work, +@@ -1398,7 +1398,7 @@ static void cm_dup_req_handler(struct cm_work *work, struct ib_mad_send_buf *msg = NULL; int ret; @@ -41892,7 +42422,7 @@ index f2ef7ef..743d02f 100644 counter[CM_REQ_COUNTER]); /* Quick state check to discard duplicate REQs. */ -@@ -1776,7 +1776,7 @@ static void cm_dup_rep_handler(struct cm_work *work) +@@ -1785,7 +1785,7 @@ static void cm_dup_rep_handler(struct cm_work *work) if (!cm_id_priv) return; @@ -41901,7 +42431,7 @@ index f2ef7ef..743d02f 100644 counter[CM_REP_COUNTER]); ret = cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg); if (ret) -@@ -1943,7 +1943,7 @@ static int cm_rtu_handler(struct cm_work *work) +@@ -1952,7 +1952,7 @@ static int cm_rtu_handler(struct cm_work *work) if (cm_id_priv->id.state != IB_CM_REP_SENT && cm_id_priv->id.state != IB_CM_MRA_REP_RCVD) { spin_unlock_irq(&cm_id_priv->lock); @@ -41910,7 +42440,7 @@ index f2ef7ef..743d02f 100644 counter[CM_RTU_COUNTER]); goto out; } -@@ -2126,7 +2126,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2135,7 +2135,7 @@ static int cm_dreq_handler(struct cm_work *work) cm_id_priv = cm_acquire_id(dreq_msg->remote_comm_id, dreq_msg->local_comm_id); if (!cm_id_priv) { @@ -41919,7 +42449,7 @@ index f2ef7ef..743d02f 100644 counter[CM_DREQ_COUNTER]); cm_issue_drep(work->port, work->mad_recv_wc); return -EINVAL; -@@ -2151,7 +2151,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2160,7 +2160,7 @@ static int cm_dreq_handler(struct cm_work *work) case IB_CM_MRA_REP_RCVD: break; case IB_CM_TIMEWAIT: @@ -41928,7 +42458,7 @@ index f2ef7ef..743d02f 100644 counter[CM_DREQ_COUNTER]); if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) goto unlock; -@@ -2165,7 +2165,7 @@ static int cm_dreq_handler(struct cm_work *work) +@@ -2174,7 +2174,7 @@ static int cm_dreq_handler(struct cm_work *work) cm_free_msg(msg); goto deref; case IB_CM_DREQ_RCVD: @@ -41937,7 +42467,7 @@ index f2ef7ef..743d02f 100644 counter[CM_DREQ_COUNTER]); goto unlock; default: -@@ -2532,7 +2532,7 @@ static int cm_mra_handler(struct cm_work *work) +@@ -2541,7 +2541,7 @@ static int cm_mra_handler(struct cm_work *work) ib_modify_mad(cm_id_priv->av.port->mad_agent, cm_id_priv->msg, timeout)) { if (cm_id_priv->id.lap_state == IB_CM_MRA_LAP_RCVD) @@ -41946,7 +42476,7 @@ index f2ef7ef..743d02f 100644 counter_group[CM_RECV_DUPLICATES]. counter[CM_MRA_COUNTER]); goto out; -@@ -2541,7 +2541,7 @@ static int cm_mra_handler(struct cm_work *work) +@@ -2550,7 +2550,7 @@ static int cm_mra_handler(struct cm_work *work) break; case IB_CM_MRA_REQ_RCVD: case IB_CM_MRA_REP_RCVD: @@ -41955,7 +42485,7 @@ index f2ef7ef..743d02f 100644 counter[CM_MRA_COUNTER]); /* fall through */ default: -@@ -2703,7 +2703,7 @@ static int cm_lap_handler(struct cm_work *work) +@@ -2712,7 +2712,7 @@ static int cm_lap_handler(struct cm_work *work) case IB_CM_LAP_IDLE: break; case IB_CM_MRA_LAP_SENT: @@ -41964,7 +42494,7 @@ index f2ef7ef..743d02f 100644 counter[CM_LAP_COUNTER]); if (cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg)) goto unlock; -@@ -2719,7 +2719,7 @@ static int cm_lap_handler(struct cm_work *work) +@@ -2728,7 +2728,7 @@ static int cm_lap_handler(struct cm_work *work) cm_free_msg(msg); goto deref; case IB_CM_LAP_RCVD: @@ -41973,7 +42503,7 @@ index f2ef7ef..743d02f 100644 counter[CM_LAP_COUNTER]); goto unlock; default: -@@ -3003,7 +3003,7 @@ static int cm_sidr_req_handler(struct cm_work *work) +@@ -3012,7 +3012,7 @@ static int cm_sidr_req_handler(struct cm_work *work) cur_cm_id_priv = cm_insert_remote_sidr(cm_id_priv); if (cur_cm_id_priv) { spin_unlock_irq(&cm.lock); @@ -41982,7 +42512,7 @@ index f2ef7ef..743d02f 100644 counter[CM_SIDR_REQ_COUNTER]); goto out; /* Duplicate message. */ } -@@ -3215,10 +3215,10 @@ static void cm_send_handler(struct ib_mad_agent *mad_agent, +@@ -3224,10 +3224,10 @@ static void cm_send_handler(struct ib_mad_agent *mad_agent, if (!msg->context[0] && (attr_index != CM_REJ_COUNTER)) msg->retries = 1; @@ -41995,7 +42525,7 @@ index f2ef7ef..743d02f 100644 &port->counter_group[CM_XMIT_RETRIES]. counter[attr_index]); -@@ -3428,7 +3428,7 @@ static void cm_recv_handler(struct ib_mad_agent *mad_agent, +@@ -3437,7 +3437,7 @@ static void cm_recv_handler(struct ib_mad_agent *mad_agent, } attr_id = be16_to_cpu(mad_recv_wc->recv_buf.mad->mad_hdr.attr_id); @@ -42004,7 +42534,7 @@ index f2ef7ef..743d02f 100644 counter[attr_id - CM_ATTR_ID_OFFSET]); work = kmalloc(sizeof *work + sizeof(struct ib_sa_path_rec) * paths, -@@ -3633,7 +3633,7 @@ static ssize_t cm_show_counter(struct kobject *obj, struct attribute *attr, +@@ -3668,7 +3668,7 @@ static ssize_t cm_show_counter(struct kobject *obj, struct attribute *attr, cm_attr = container_of(attr, struct cm_counter_attribute, attr); return sprintf(buf, "%ld\n", @@ -42085,7 +42615,7 @@ index 9f5ad7c..588cd84 100644 } } diff --git a/drivers/infiniband/hw/cxgb4/mem.c b/drivers/infiniband/hw/cxgb4/mem.c -index 84e4500..2c9beeb 100644 +index 41b1195..27971a0 100644 --- a/drivers/infiniband/hw/cxgb4/mem.c +++ b/drivers/infiniband/hw/cxgb4/mem.c @@ -249,7 +249,7 @@ static int write_tpt_entry(struct c4iw_rdev *rdev, u32 reset_tpt_entry, @@ -42222,10 +42752,10 @@ index 25b2cdf..099ff97 100644 ctx->mcg_wq = create_singlethread_workqueue(name); if (!ctx->mcg_wq) diff --git a/drivers/infiniband/hw/mlx4/mlx4_ib.h b/drivers/infiniband/hw/mlx4/mlx4_ib.h -index 036b663..c9a8c73 100644 +index a230683..3723f2d 100644 --- a/drivers/infiniband/hw/mlx4/mlx4_ib.h +++ b/drivers/infiniband/hw/mlx4/mlx4_ib.h -@@ -404,7 +404,7 @@ struct mlx4_ib_demux_ctx { +@@ -408,7 +408,7 @@ struct mlx4_ib_demux_ctx { struct list_head mcg_mgid0_list; struct workqueue_struct *mcg_wq; struct mlx4_ib_demux_pv_ctx **tun; @@ -42319,10 +42849,10 @@ index ed9a989..6aa5dc2 100644 int list_len, u64 iova, u64 total_size, u32 access, struct mthca_mr *mr) diff --git a/drivers/infiniband/hw/mthca/mthca_provider.c b/drivers/infiniband/hw/mthca/mthca_provider.c -index 5b71d43..35a9e14 100644 +index 42dde06..1257310 100644 --- a/drivers/infiniband/hw/mthca/mthca_provider.c +++ b/drivers/infiniband/hw/mthca/mthca_provider.c -@@ -763,7 +763,7 @@ unlock: +@@ -764,7 +764,7 @@ unlock: return 0; } @@ -42332,7 +42862,7 @@ index 5b71d43..35a9e14 100644 struct mthca_dev *dev = to_mdev(ibcq->device); struct mthca_cq *cq = to_mcq(ibcq); diff --git a/drivers/infiniband/hw/nes/nes.c b/drivers/infiniband/hw/nes/nes.c -index 4291410..d2ab1fb 100644 +index 353c7b0..c6ce921 100644 --- a/drivers/infiniband/hw/nes/nes.c +++ b/drivers/infiniband/hw/nes/nes.c @@ -98,7 +98,7 @@ MODULE_PARM_DESC(limit_maxrdreqsz, "Limit max read request size to 256 Bytes"); @@ -42413,7 +42943,7 @@ index 33cc589..3bd6538 100644 extern u32 int_mod_timer_init; extern u32 int_mod_cq_depth_256; diff --git a/drivers/infiniband/hw/nes/nes_cm.c b/drivers/infiniband/hw/nes/nes_cm.c -index 6b29249..461d143 100644 +index 9c9f2f5..2559190 100644 --- a/drivers/infiniband/hw/nes/nes_cm.c +++ b/drivers/infiniband/hw/nes/nes_cm.c @@ -68,14 +68,14 @@ u32 cm_packets_dropped; @@ -42494,7 +43024,7 @@ index 6b29249..461d143 100644 } else { spin_unlock_irqrestore(&cm_core->listen_list_lock, flags); } -@@ -1466,7 +1466,7 @@ static struct nes_cm_node *make_cm_node(struct nes_cm_core *cm_core, +@@ -1465,7 +1465,7 @@ static struct nes_cm_node *make_cm_node(struct nes_cm_core *cm_core, cm_node->rem_mac); add_hte_node(cm_core, cm_node); @@ -42503,7 +43033,7 @@ index 6b29249..461d143 100644 return cm_node; } -@@ -1524,7 +1524,7 @@ static int rem_ref_cm_node(struct nes_cm_core *cm_core, +@@ -1523,7 +1523,7 @@ static int rem_ref_cm_node(struct nes_cm_core *cm_core, } atomic_dec(&cm_core->node_cnt); @@ -42512,7 +43042,7 @@ index 6b29249..461d143 100644 nesqp = cm_node->nesqp; if (nesqp) { nesqp->cm_node = NULL; -@@ -1588,7 +1588,7 @@ static int process_options(struct nes_cm_node *cm_node, u8 *optionsloc, +@@ -1587,7 +1587,7 @@ static int process_options(struct nes_cm_node *cm_node, u8 *optionsloc, static void drop_packet(struct sk_buff *skb) { @@ -42521,7 +43051,7 @@ index 6b29249..461d143 100644 dev_kfree_skb_any(skb); } -@@ -1651,7 +1651,7 @@ static void handle_rst_pkt(struct nes_cm_node *cm_node, struct sk_buff *skb, +@@ -1650,7 +1650,7 @@ static void handle_rst_pkt(struct nes_cm_node *cm_node, struct sk_buff *skb, { int reset = 0; /* whether to send reset in case of err.. */ @@ -42530,7 +43060,7 @@ index 6b29249..461d143 100644 nes_debug(NES_DBG_CM, "Received Reset, cm_node = %p, state = %u." " refcnt=%d\n", cm_node, cm_node->state, atomic_read(&cm_node->ref_count)); -@@ -2292,7 +2292,7 @@ static struct nes_cm_node *mini_cm_connect(struct nes_cm_core *cm_core, +@@ -2291,7 +2291,7 @@ static struct nes_cm_node *mini_cm_connect(struct nes_cm_core *cm_core, rem_ref_cm_node(cm_node->cm_core, cm_node); return NULL; } @@ -42539,7 +43069,7 @@ index 6b29249..461d143 100644 loopbackremotenode->loopbackpartner = cm_node; loopbackremotenode->tcp_cntxt.rcv_wscale = NES_CM_DEFAULT_RCV_WND_SCALE; -@@ -2567,7 +2567,7 @@ static int mini_cm_recv_pkt(struct nes_cm_core *cm_core, +@@ -2566,7 +2566,7 @@ static int mini_cm_recv_pkt(struct nes_cm_core *cm_core, nes_queue_mgt_skbs(skb, nesvnic, cm_node->nesqp); else { rem_ref_cm_node(cm_core, cm_node); @@ -42548,7 +43078,7 @@ index 6b29249..461d143 100644 dev_kfree_skb_any(skb); } break; -@@ -2875,7 +2875,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) +@@ -2874,7 +2874,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) if ((cm_id) && (cm_id->event_handler)) { if (issue_disconn) { @@ -42557,7 +43087,7 @@ index 6b29249..461d143 100644 cm_event.event = IW_CM_EVENT_DISCONNECT; cm_event.status = disconn_status; cm_event.local_addr = cm_id->local_addr; -@@ -2897,7 +2897,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) +@@ -2896,7 +2896,7 @@ static int nes_cm_disconn_true(struct nes_qp *nesqp) } if (issue_close) { @@ -42566,7 +43096,7 @@ index 6b29249..461d143 100644 nes_disconnect(nesqp, 1); cm_id->provider_data = nesqp; -@@ -3035,7 +3035,7 @@ int nes_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) +@@ -3034,7 +3034,7 @@ int nes_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) nes_debug(NES_DBG_CM, "QP%u, cm_node=%p, jiffies = %lu listener = %p\n", nesqp->hwqp.qp_id, cm_node, jiffies, cm_node->listener); @@ -42575,7 +43105,7 @@ index 6b29249..461d143 100644 nes_debug(NES_DBG_CM, "netdev refcnt = %u.\n", netdev_refcnt_read(nesvnic->netdev)); -@@ -3224,7 +3224,7 @@ int nes_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len) +@@ -3223,7 +3223,7 @@ int nes_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len) struct nes_cm_core *cm_core; u8 *start_buff; @@ -42584,7 +43114,7 @@ index 6b29249..461d143 100644 cm_node = (struct nes_cm_node *)cm_id->provider_data; loopback = cm_node->loopbackpartner; cm_core = cm_node->cm_core; -@@ -3286,7 +3286,7 @@ int nes_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) +@@ -3285,7 +3285,7 @@ int nes_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) ntohs(raddr->sin_port), ntohl(laddr->sin_addr.s_addr), ntohs(laddr->sin_port)); @@ -42593,7 +43123,7 @@ index 6b29249..461d143 100644 nesqp->active_conn = 1; /* cache the cm_id in the qp */ -@@ -3398,7 +3398,7 @@ int nes_create_listen(struct iw_cm_id *cm_id, int backlog) +@@ -3397,7 +3397,7 @@ int nes_create_listen(struct iw_cm_id *cm_id, int backlog) g_cm_core->api->stop_listener(g_cm_core, (void *)cm_node); return err; } @@ -42602,7 +43132,7 @@ index 6b29249..461d143 100644 } cm_id->add_ref(cm_id); -@@ -3505,7 +3505,7 @@ static void cm_event_connected(struct nes_cm_event *event) +@@ -3504,7 +3504,7 @@ static void cm_event_connected(struct nes_cm_event *event) if (nesqp->destroyed) return; @@ -42611,7 +43141,7 @@ index 6b29249..461d143 100644 nes_debug(NES_DBG_CM, "QP%u attempting to connect to 0x%08X:0x%04X on" " local port 0x%04X. jiffies = %lu.\n", nesqp->hwqp.qp_id, ntohl(raddr->sin_addr.s_addr), -@@ -3686,7 +3686,7 @@ static void cm_event_reset(struct nes_cm_event *event) +@@ -3685,7 +3685,7 @@ static void cm_event_reset(struct nes_cm_event *event) cm_id->add_ref(cm_id); ret = cm_id->event_handler(cm_id, &cm_event); @@ -42620,7 +43150,7 @@ index 6b29249..461d143 100644 cm_event.event = IW_CM_EVENT_CLOSE; cm_event.status = 0; cm_event.provider_data = cm_id->provider_data; -@@ -3726,7 +3726,7 @@ static void cm_event_mpa_req(struct nes_cm_event *event) +@@ -3725,7 +3725,7 @@ static void cm_event_mpa_req(struct nes_cm_event *event) return; cm_id = cm_node->cm_id; @@ -42629,7 +43159,7 @@ index 6b29249..461d143 100644 nes_debug(NES_DBG_CM, "cm_node = %p - cm_id = %p, jiffies = %lu\n", cm_node, cm_id, jiffies); -@@ -3770,7 +3770,7 @@ static void cm_event_mpa_reject(struct nes_cm_event *event) +@@ -3769,7 +3769,7 @@ static void cm_event_mpa_reject(struct nes_cm_event *event) return; cm_id = cm_node->cm_id; @@ -42736,7 +43266,7 @@ index 49eb511..a774366 100644 /** diff --git a/drivers/infiniband/hw/nes/nes_verbs.c b/drivers/infiniband/hw/nes/nes_verbs.c -index 8308e36..ae0d3b5 100644 +index eb62461..2b7fc71 100644 --- a/drivers/infiniband/hw/nes/nes_verbs.c +++ b/drivers/infiniband/hw/nes/nes_verbs.c @@ -46,9 +46,9 @@ @@ -42804,10 +43334,10 @@ index 24c41ba..102d71f 100644 gameport->dev.release = gameport_release_port; if (gameport->parent) diff --git a/drivers/input/input.c b/drivers/input/input.c -index d2965e4..f52b7d7 100644 +index 1c4c0db..6f7abe3 100644 --- a/drivers/input/input.c +++ b/drivers/input/input.c -@@ -1734,7 +1734,7 @@ EXPORT_SYMBOL_GPL(input_class); +@@ -1772,7 +1772,7 @@ EXPORT_SYMBOL_GPL(input_class); */ struct input_dev *input_allocate_device(void) { @@ -42816,7 +43346,7 @@ index d2965e4..f52b7d7 100644 struct input_dev *dev; dev = kzalloc(sizeof(struct input_dev), GFP_KERNEL); -@@ -1749,7 +1749,7 @@ struct input_dev *input_allocate_device(void) +@@ -1787,7 +1787,7 @@ struct input_dev *input_allocate_device(void) INIT_LIST_HEAD(&dev->node); dev_set_name(&dev->dev, "input%ld", @@ -42826,7 +43356,7 @@ index d2965e4..f52b7d7 100644 __module_get(THIS_MODULE); } diff --git a/drivers/input/joystick/sidewinder.c b/drivers/input/joystick/sidewinder.c -index 04c69af..5f92d00 100644 +index 4a95b22..874c182 100644 --- a/drivers/input/joystick/sidewinder.c +++ b/drivers/input/joystick/sidewinder.c @@ -30,6 +30,7 @@ @@ -42834,14 +43364,14 @@ index 04c69af..5f92d00 100644 #include <linux/module.h> #include <linux/slab.h> +#include <linux/sched.h> - #include <linux/init.h> #include <linux/input.h> #include <linux/gameport.h> + #include <linux/jiffies.h> diff --git a/drivers/input/joystick/xpad.c b/drivers/input/joystick/xpad.c -index 75e3b10..fb390fd 100644 +index 603fe0d..f63decc 100644 --- a/drivers/input/joystick/xpad.c +++ b/drivers/input/joystick/xpad.c -@@ -736,7 +736,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, +@@ -737,7 +737,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, static int xpad_led_probe(struct usb_xpad *xpad) { @@ -42850,7 +43380,7 @@ index 75e3b10..fb390fd 100644 long led_no; struct xpad_led *led; struct led_classdev *led_cdev; -@@ -749,7 +749,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) +@@ -750,7 +750,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) if (!led) return -ENOMEM; @@ -42895,10 +43425,10 @@ index 2f0b39d..7370f13 100644 ssize_t psmouse_attr_show_helper(struct device *dev, struct device_attribute *attr, diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c -index 4c842c3..590b0bf 100644 +index b604564..3f14ae4 100644 --- a/drivers/input/mousedev.c +++ b/drivers/input/mousedev.c -@@ -738,7 +738,7 @@ static ssize_t mousedev_read(struct file *file, char __user *buffer, +@@ -744,7 +744,7 @@ static ssize_t mousedev_read(struct file *file, char __user *buffer, spin_unlock_irq(&client->packet_lock); @@ -42930,10 +43460,10 @@ index 8f4c4ab..5fc8a45 100644 serio->dev.release = serio_release_port; serio->dev.groups = serio_device_attr_groups; diff --git a/drivers/input/serio/serio_raw.c b/drivers/input/serio/serio_raw.c -index 59df2e7..8f1cafb 100644 +index c9a02fe..0debc75 100644 --- a/drivers/input/serio/serio_raw.c +++ b/drivers/input/serio/serio_raw.c -@@ -293,7 +293,7 @@ static irqreturn_t serio_raw_interrupt(struct serio *serio, unsigned char data, +@@ -292,7 +292,7 @@ static irqreturn_t serio_raw_interrupt(struct serio *serio, unsigned char data, static int serio_raw_connect(struct serio *serio, struct serio_driver *drv) { @@ -42942,7 +43472,7 @@ index 59df2e7..8f1cafb 100644 struct serio_raw *serio_raw; int err; -@@ -304,7 +304,7 @@ static int serio_raw_connect(struct serio *serio, struct serio_driver *drv) +@@ -303,7 +303,7 @@ static int serio_raw_connect(struct serio *serio, struct serio_driver *drv) } snprintf(serio_raw->name, sizeof(serio_raw->name), @@ -42965,7 +43495,7 @@ index e5555fc..937986d 100644 /** diff --git a/drivers/iommu/irq_remapping.c b/drivers/iommu/irq_remapping.c -index 39f81ae..2660096 100644 +index 228632c9..edfe331 100644 --- a/drivers/iommu/irq_remapping.c +++ b/drivers/iommu/irq_remapping.c @@ -356,7 +356,7 @@ int setup_hpet_msi_remapped(unsigned int irq, unsigned int id) @@ -43016,6 +43546,19 @@ index 341c601..e5f407e 100644 .name = "GIC", .irq_mask = gic_mask_irq, .irq_unmask = gic_unmask_irq, +diff --git a/drivers/irqchip/irq-renesas-irqc.c b/drivers/irqchip/irq-renesas-irqc.c +index 8777065..a4a9967 100644 +--- a/drivers/irqchip/irq-renesas-irqc.c ++++ b/drivers/irqchip/irq-renesas-irqc.c +@@ -151,7 +151,7 @@ static int irqc_probe(struct platform_device *pdev) + struct irqc_priv *p; + struct resource *io; + struct resource *irq; +- struct irq_chip *irq_chip; ++ irq_chip_no_const *irq_chip; + const char *name = dev_name(&pdev->dev); + int ret; + int k; diff --git a/drivers/isdn/capi/capi.c b/drivers/isdn/capi/capi.c index ac6f72b..81150f2 100644 --- a/drivers/isdn/capi/capi.c @@ -43368,7 +43911,7 @@ index e2d4e58..40cd045 100644 /* error message helper function */ diff --git a/drivers/isdn/icn/icn.c b/drivers/isdn/icn/icn.c -index 53d487f..f020f41 100644 +index 53d487f..cae33fe 100644 --- a/drivers/isdn/icn/icn.c +++ b/drivers/isdn/icn/icn.c @@ -1045,7 +1045,7 @@ icn_writecmd(const u_char *buf, int len, int user, icn_card *card) @@ -43380,6 +43923,38 @@ index 53d487f..f020f41 100644 return -EFAULT; } else memcpy(msg, buf, count); +@@ -1155,7 +1155,7 @@ icn_command(isdn_ctrl *c, icn_card *card) + ulong a; + ulong flags; + int i; +- char cbuf[60]; ++ char cbuf[80]; + isdn_ctrl cmd; + icn_cdef cdef; + char __user *arg; +@@ -1309,7 +1309,6 @@ icn_command(isdn_ctrl *c, icn_card *card) + break; + if ((c->arg & 255) < ICN_BCH) { + char *p; +- char dial[50]; + char dcode[4]; + + a = c->arg; +@@ -1321,10 +1320,10 @@ icn_command(isdn_ctrl *c, icn_card *card) + } else + /* Normal Dial */ + strcpy(dcode, "CAL"); +- strcpy(dial, p); +- sprintf(cbuf, "%02d;D%s_R%s,%02d,%02d,%s\n", (int) (a + 1), +- dcode, dial, c->parm.setup.si1, +- c->parm.setup.si2, c->parm.setup.eazmsn); ++ snprintf(cbuf, sizeof(cbuf), ++ "%02d;D%s_R%s,%02d,%02d,%s\n", (int) (a + 1), ++ dcode, p, c->parm.setup.si1, ++ c->parm.setup.si2, c->parm.setup.eazmsn); + i = icn_writecmd(cbuf, strlen(cbuf), 0, card); + } + break; diff --git a/drivers/isdn/mISDN/dsp_cmx.c b/drivers/isdn/mISDN/dsp_cmx.c index a4f05c5..1433bc5 100644 --- a/drivers/isdn/mISDN/dsp_cmx.c @@ -43571,10 +44146,10 @@ index 40634b0..4f5855e 100644 // Every interrupt can come to us here // But we must truly tell each apart. diff --git a/drivers/md/bcache/closure.h b/drivers/md/bcache/closure.h -index 9762f1b..3e79734 100644 +index 7ef7461..5a09dac 100644 --- a/drivers/md/bcache/closure.h +++ b/drivers/md/bcache/closure.h -@@ -483,7 +483,7 @@ static inline void closure_queue(struct closure *cl) +@@ -238,7 +238,7 @@ static inline void closure_set_stopped(struct closure *cl) static inline void set_closure_fn(struct closure *cl, closure_fn *fn, struct workqueue_struct *wq) { @@ -43584,7 +44159,7 @@ index 9762f1b..3e79734 100644 cl->fn = fn; cl->wq = wq; diff --git a/drivers/md/bitmap.c b/drivers/md/bitmap.c -index 12dc29b..1596277 100644 +index 4195a01..42527ac 100644 --- a/drivers/md/bitmap.c +++ b/drivers/md/bitmap.c @@ -1779,7 +1779,7 @@ void bitmap_status(struct seq_file *seq, struct bitmap *bitmap) @@ -43610,7 +44185,7 @@ index 5152142..623d141 100644 DMWARN("name not supplied when creating device"); return -EINVAL; diff --git a/drivers/md/dm-raid1.c b/drivers/md/dm-raid1.c -index 9584443..9fc9ac9 100644 +index 7dfdb5c..4caada6 100644 --- a/drivers/md/dm-raid1.c +++ b/drivers/md/dm-raid1.c @@ -40,7 +40,7 @@ enum dm_raid1_error { @@ -43661,7 +44236,7 @@ index 9584443..9fc9ac9 100644 @@ -560,7 +560,7 @@ static void do_reads(struct mirror_set *ms, struct bio_list *reads) */ if (likely(region_in_sync(ms, region, 1))) - m = choose_mirror(ms, bio->bi_sector); + m = choose_mirror(ms, bio->bi_iter.bi_sector); - else if (m && atomic_read(&m->error_count)) + else if (m && atomic_read_unchecked(&m->error_count)) m = NULL; @@ -43676,7 +44251,7 @@ index 9584443..9fc9ac9 100644 ms->mirror[mirror].error_type = 0; ms->mirror[mirror].offset = offset; -@@ -1339,7 +1339,7 @@ static void mirror_resume(struct dm_target *ti) +@@ -1342,7 +1342,7 @@ static void mirror_resume(struct dm_target *ti) */ static char device_status_char(struct mirror *m) { @@ -43710,7 +44285,7 @@ index 28a9012..9c0f6a5 100644 rcu_read_lock(); diff --git a/drivers/md/dm-stripe.c b/drivers/md/dm-stripe.c -index 73c1712..7347292 100644 +index d1600d2..4c3af3a 100644 --- a/drivers/md/dm-stripe.c +++ b/drivers/md/dm-stripe.c @@ -21,7 +21,7 @@ struct stripe { @@ -43731,7 +44306,7 @@ index 73c1712..7347292 100644 } ti->private = sc; -@@ -327,7 +327,7 @@ static void stripe_status(struct dm_target *ti, status_type_t type, +@@ -330,7 +330,7 @@ static void stripe_status(struct dm_target *ti, status_type_t type, DMEMIT("%d ", sc->stripes); for (i = 0; i < sc->stripes; i++) { DMEMIT("%s ", sc->stripe[i].dev->name); @@ -43740,7 +44315,7 @@ index 73c1712..7347292 100644 'D' : 'A'; } buffer[i] = '\0'; -@@ -372,8 +372,8 @@ static int stripe_end_io(struct dm_target *ti, struct bio *bio, int error) +@@ -375,8 +375,8 @@ static int stripe_end_io(struct dm_target *ti, struct bio *bio, int error) */ for (i = 0; i < sc->stripes; i++) if (!strcmp(sc->stripe[i].dev->name, major_minor)) { @@ -43752,10 +44327,10 @@ index 73c1712..7347292 100644 schedule_work(&sc->trigger_event); } diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c -index 3ba6a38..b0fa9b0 100644 +index 6a7f2b8..fea0bde 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c -@@ -291,7 +291,7 @@ static struct dm_dev_internal *find_device(struct list_head *l, dev_t dev) +@@ -274,7 +274,7 @@ static struct dm_dev_internal *find_device(struct list_head *l, dev_t dev) static int open_dev(struct dm_dev_internal *d, dev_t dev, struct mapped_device *md) { @@ -43764,7 +44339,7 @@ index 3ba6a38..b0fa9b0 100644 struct block_device *bdev; int r; -@@ -359,7 +359,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, +@@ -342,7 +342,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, if (!dev_size) return 0; @@ -43774,10 +44349,10 @@ index 3ba6a38..b0fa9b0 100644 "start=%llu, len=%llu, dev_size=%llu", dm_device_name(ti->table->md), bdevname(bdev, b), diff --git a/drivers/md/dm-thin-metadata.c b/drivers/md/dm-thin-metadata.c -index 3bb4506..56e20cc 100644 +index b086a94..74cb67e 100644 --- a/drivers/md/dm-thin-metadata.c +++ b/drivers/md/dm-thin-metadata.c -@@ -397,7 +397,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) +@@ -404,7 +404,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) { pmd->info.tm = pmd->tm; pmd->info.levels = 2; @@ -43786,7 +44361,7 @@ index 3bb4506..56e20cc 100644 pmd->info.value_type.size = sizeof(__le64); pmd->info.value_type.inc = data_block_inc; pmd->info.value_type.dec = data_block_dec; -@@ -416,7 +416,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) +@@ -423,7 +423,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) pmd->bl_info.tm = pmd->tm; pmd->bl_info.levels = 1; @@ -43796,7 +44371,7 @@ index 3bb4506..56e20cc 100644 pmd->bl_info.value_type.inc = data_block_inc; pmd->bl_info.value_type.dec = data_block_dec; diff --git a/drivers/md/dm.c b/drivers/md/dm.c -index b49c762..c9503cf 100644 +index 8c53b09..f1fb2b0 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -185,9 +185,9 @@ struct mapped_device { @@ -43811,7 +44386,7 @@ index b49c762..c9503cf 100644 struct list_head uevent_list; spinlock_t uevent_lock; /* Protect access to uevent_list */ -@@ -2021,8 +2021,8 @@ static struct mapped_device *alloc_dev(int minor) +@@ -1888,8 +1888,8 @@ static struct mapped_device *alloc_dev(int minor) spin_lock_init(&md->deferred_lock); atomic_set(&md->holders, 1); atomic_set(&md->open_count, 0); @@ -43822,7 +44397,7 @@ index b49c762..c9503cf 100644 INIT_LIST_HEAD(&md->uevent_list); spin_lock_init(&md->uevent_lock); -@@ -2176,7 +2176,7 @@ static void event_callback(void *context) +@@ -2043,7 +2043,7 @@ static void event_callback(void *context) dm_send_uevents(&uevents, &disk_to_dev(md->disk)->kobj); @@ -43831,7 +44406,7 @@ index b49c762..c9503cf 100644 wake_up(&md->eventq); } -@@ -2869,18 +2869,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, +@@ -2736,18 +2736,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, uint32_t dm_next_uevent_seq(struct mapped_device *md) { @@ -43854,7 +44429,7 @@ index b49c762..c9503cf 100644 void dm_uevent_add(struct mapped_device *md, struct list_head *elist) diff --git a/drivers/md/md.c b/drivers/md/md.c -index 369d919..ba7049c 100644 +index 4ad5cc4..0f19664 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -194,10 +194,10 @@ EXPORT_SYMBOL_GPL(bio_clone_mddev); @@ -43879,7 +44454,7 @@ index 369d919..ba7049c 100644 wake_up(&md_event_waiters); } -@@ -1463,7 +1463,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ +@@ -1462,7 +1462,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ if ((le32_to_cpu(sb->feature_map) & MD_FEATURE_RESHAPE_ACTIVE) && (le32_to_cpu(sb->feature_map) & MD_FEATURE_NEW_OFFSET)) rdev->new_data_offset += (s32)le32_to_cpu(sb->new_offset); @@ -43888,7 +44463,7 @@ index 369d919..ba7049c 100644 rdev->sb_size = le32_to_cpu(sb->max_dev) * 2 + 256; bmask = queue_logical_block_size(rdev->bdev->bd_disk->queue)-1; -@@ -1710,7 +1710,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) +@@ -1713,7 +1713,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) else sb->resync_offset = cpu_to_le64(0); @@ -43897,7 +44472,7 @@ index 369d919..ba7049c 100644 sb->raid_disks = cpu_to_le32(mddev->raid_disks); sb->size = cpu_to_le64(mddev->dev_sectors); -@@ -2715,7 +2715,7 @@ __ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store); +@@ -2725,7 +2725,7 @@ __ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store); static ssize_t errors_show(struct md_rdev *rdev, char *page) { @@ -43906,7 +44481,7 @@ index 369d919..ba7049c 100644 } static ssize_t -@@ -2724,7 +2724,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) +@@ -2734,7 +2734,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) char *e; unsigned long n = simple_strtoul(buf, &e, 10); if (*buf && (*e == 0 || *e == '\n')) { @@ -43915,7 +44490,7 @@ index 369d919..ba7049c 100644 return len; } return -EINVAL; -@@ -3173,8 +3173,8 @@ int md_rdev_init(struct md_rdev *rdev) +@@ -3183,8 +3183,8 @@ int md_rdev_init(struct md_rdev *rdev) rdev->sb_loaded = 0; rdev->bb_page = NULL; atomic_set(&rdev->nr_pending, 0); @@ -43926,7 +44501,7 @@ index 369d919..ba7049c 100644 INIT_LIST_HEAD(&rdev->same_set); init_waitqueue_head(&rdev->blocked_wait); -@@ -7038,7 +7038,7 @@ static int md_seq_show(struct seq_file *seq, void *v) +@@ -7075,7 +7075,7 @@ static int md_seq_show(struct seq_file *seq, void *v) spin_unlock(&pers_lock); seq_printf(seq, "\n"); @@ -43935,7 +44510,7 @@ index 369d919..ba7049c 100644 return 0; } if (v == (void*)2) { -@@ -7141,7 +7141,7 @@ static int md_seq_open(struct inode *inode, struct file *file) +@@ -7178,7 +7178,7 @@ static int md_seq_open(struct inode *inode, struct file *file) return error; seq = file->private_data; @@ -43944,7 +44519,7 @@ index 369d919..ba7049c 100644 return error; } -@@ -7155,7 +7155,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) +@@ -7192,7 +7192,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) /* always allow read */ mask = POLLIN | POLLRDNORM; @@ -43953,7 +44528,7 @@ index 369d919..ba7049c 100644 mask |= POLLERR | POLLPRI; return mask; } -@@ -7199,7 +7199,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) +@@ -7236,7 +7236,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) struct gendisk *disk = rdev->bdev->bd_contains->bd_disk; curr_events = (int)part_stat_read(&disk->part0, sectors[0]) + (int)part_stat_read(&disk->part0, sectors[1]) - @@ -43963,7 +44538,7 @@ index 369d919..ba7049c 100644 * as sync_io is counted when a request starts, and * disk_stats is counted when it completes. diff --git a/drivers/md/md.h b/drivers/md/md.h -index 0095ec8..c89277a 100644 +index 07bba96..2d6788c 100644 --- a/drivers/md/md.h +++ b/drivers/md/md.h @@ -94,13 +94,13 @@ struct md_rdev { @@ -43991,6 +44566,28 @@ index 0095ec8..c89277a 100644 } struct md_personality +diff --git a/drivers/md/persistent-data/dm-space-map-metadata.c b/drivers/md/persistent-data/dm-space-map-metadata.c +index 786b689..ea8c956 100644 +--- a/drivers/md/persistent-data/dm-space-map-metadata.c ++++ b/drivers/md/persistent-data/dm-space-map-metadata.c +@@ -679,7 +679,7 @@ static int sm_metadata_extend(struct dm_space_map *sm, dm_block_t extra_blocks) + * Flick into a mode where all blocks get allocated in the new area. + */ + smm->begin = old_len; +- memcpy(sm, &bootstrap_ops, sizeof(*sm)); ++ memcpy((void *)sm, &bootstrap_ops, sizeof(*sm)); + + /* + * Extend. +@@ -710,7 +710,7 @@ out: + /* + * Switch back to normal behaviour. + */ +- memcpy(sm, &ops, sizeof(*sm)); ++ memcpy((void *)sm, &ops, sizeof(*sm)); + return r; + } + diff --git a/drivers/md/persistent-data/dm-space-map.h b/drivers/md/persistent-data/dm-space-map.h index 3e6d115..ffecdeb 100644 --- a/drivers/md/persistent-data/dm-space-map.h @@ -44004,10 +44601,10 @@ index 3e6d115..ffecdeb 100644 /*----------------------------------------------------------------*/ diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c -index 63b2e8d..225f16b 100644 +index 56e24c0..e1c8e1f 100644 --- a/drivers/md/raid1.c +++ b/drivers/md/raid1.c -@@ -1921,7 +1921,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) +@@ -1931,7 +1931,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) if (r1_sync_page_io(rdev, sect, s, bio->bi_io_vec[idx].bv_page, READ) != 0) @@ -44016,7 +44613,7 @@ index 63b2e8d..225f16b 100644 } sectors -= s; sect += s; -@@ -2155,7 +2155,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, +@@ -2165,7 +2165,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, test_bit(In_sync, &rdev->flags)) { if (r1_sync_page_io(rdev, sect, s, conf->tmppage, READ)) { @@ -44026,10 +44623,10 @@ index 63b2e8d..225f16b 100644 "md/raid1:%s: read error corrected " "(%d sectors at %llu on %s)\n", diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c -index 06eeb99..770613e 100644 +index 33fc408..fc61709 100644 --- a/drivers/md/raid10.c +++ b/drivers/md/raid10.c -@@ -1963,7 +1963,7 @@ static void end_sync_read(struct bio *bio, int error) +@@ -1948,7 +1948,7 @@ static void end_sync_read(struct bio *bio, int error) /* The write handler will notice the lack of * R10BIO_Uptodate and record any errors etc */ @@ -44038,7 +44635,7 @@ index 06eeb99..770613e 100644 &conf->mirrors[d].rdev->corrected_errors); /* for reconstruct, we always reschedule after a read. -@@ -2321,7 +2321,7 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) +@@ -2306,7 +2306,7 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) { struct timespec cur_time_mon; unsigned long hours_since_last; @@ -44047,7 +44644,7 @@ index 06eeb99..770613e 100644 ktime_get_ts(&cur_time_mon); -@@ -2343,9 +2343,9 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) +@@ -2328,9 +2328,9 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) * overflowing the shift of read_errors by hours_since_last. */ if (hours_since_last >= 8 * sizeof(read_errors)) @@ -44059,7 +44656,7 @@ index 06eeb99..770613e 100644 } static int r10_sync_page_io(struct md_rdev *rdev, sector_t sector, -@@ -2399,8 +2399,8 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2384,8 +2384,8 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 return; check_decay_read_errors(mddev, rdev); @@ -44070,7 +44667,7 @@ index 06eeb99..770613e 100644 char b[BDEVNAME_SIZE]; bdevname(rdev->bdev, b); -@@ -2408,7 +2408,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2393,7 +2393,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 "md/raid10:%s: %s: Raid device exceeded " "read_error threshold [cur %d:max %d]\n", mdname(mddev), b, @@ -44079,7 +44676,7 @@ index 06eeb99..770613e 100644 printk(KERN_NOTICE "md/raid10:%s: %s: Failing raid device\n", mdname(mddev), b); -@@ -2563,7 +2563,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2548,7 +2548,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 sect + choose_data_offset(r10_bio, rdev)), bdevname(rdev->bdev, b)); @@ -44089,7 +44686,7 @@ index 06eeb99..770613e 100644 rdev_dec_pending(rdev, mddev); diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c -index 48cdec8..c7726b1 100644 +index 16f5c21..4df20dc 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -1991,21 +1991,21 @@ static void raid5_end_read_request(struct bio * bi, int error) @@ -44153,6 +44750,18 @@ index 9b6c3bb..baeb5c7 100644 #if IS_ENABLED(CONFIG_DVB_DIB3000MB) extern struct dvb_frontend* dib3000mb_attach(const struct dib3000_config* config, +diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c +index d5a7a13..703560f 100644 +--- a/drivers/media/media-device.c ++++ b/drivers/media/media-device.c +@@ -93,6 +93,7 @@ static long media_device_enum_entities(struct media_device *mdev, + struct media_entity *ent; + struct media_entity_desc u_ent; + ++ memset(&u_ent, 0, sizeof(u_ent)); + if (copy_from_user(&u_ent.id, &uent->id, sizeof(u_ent.id))) + return -EFAULT; + diff --git a/drivers/media/pci/cx88/cx88-video.c b/drivers/media/pci/cx88/cx88-video.c index ed8cb90..5ef7f79 100644 --- a/drivers/media/pci/cx88/cx88-video.c @@ -44259,7 +44868,7 @@ index b713403..53cb5ad 100644 if (done && done != layer->shadow_buf) vb2_buffer_done(&done->vb, VB2_BUF_STATE_DONE); diff --git a/drivers/media/platform/s5p-tv/mixer_video.c b/drivers/media/platform/s5p-tv/mixer_video.c -index 81b97db..b089ccd 100644 +index c5059ba..2649f28 100644 --- a/drivers/media/platform/s5p-tv/mixer_video.c +++ b/drivers/media/platform/s5p-tv/mixer_video.c @@ -210,7 +210,7 @@ static void mxr_layer_default_geo(struct mxr_layer *layer) @@ -44460,33 +45069,11 @@ index 2fd9009..278cc1e 100644 radio = devm_kzalloc(&pdev->dev, sizeof(*radio), GFP_KERNEL); if (!radio) -diff --git a/drivers/media/rc/rc-main.c b/drivers/media/rc/rc-main.c -index 46da365..3ba4206 100644 ---- a/drivers/media/rc/rc-main.c -+++ b/drivers/media/rc/rc-main.c -@@ -1065,7 +1065,7 @@ EXPORT_SYMBOL_GPL(rc_free_device); - int rc_register_device(struct rc_dev *dev) - { - static bool raw_init = false; /* raw decoders loaded? */ -- static atomic_t devno = ATOMIC_INIT(0); -+ static atomic_unchecked_t devno = ATOMIC_INIT(0); - struct rc_map *rc_map; - const char *path; - int rc; -@@ -1096,7 +1096,7 @@ int rc_register_device(struct rc_dev *dev) - */ - mutex_lock(&dev->lock); - -- dev->devno = (unsigned long)(atomic_inc_return(&devno) - 1); -+ dev->devno = (unsigned long)(atomic_inc_return_unchecked(&devno) - 1); - dev_set_name(&dev->dev, "rc%ld", dev->devno); - dev_set_drvdata(&dev->dev, dev); - rc = device_add(&dev->dev); diff --git a/drivers/media/usb/dvb-usb/cxusb.c b/drivers/media/usb/dvb-usb/cxusb.c -index 20e345d..da56fe4 100644 +index a1c641e..3007da9 100644 --- a/drivers/media/usb/dvb-usb/cxusb.c +++ b/drivers/media/usb/dvb-usb/cxusb.c -@@ -1101,7 +1101,7 @@ static struct dib0070_config dib7070p_dib0070_config = { +@@ -1112,7 +1112,7 @@ static struct dib0070_config dib7070p_dib0070_config = { struct dib0700_adapter_state { int (*set_param_save) (struct dvb_frontend *); @@ -44496,10 +45083,10 @@ index 20e345d..da56fe4 100644 static int dib7070_set_param_override(struct dvb_frontend *fe) { diff --git a/drivers/media/usb/dvb-usb/dw2102.c b/drivers/media/usb/dvb-usb/dw2102.c -index c1a63b2..dbcbfb6 100644 +index ae0f56a..ec71784 100644 --- a/drivers/media/usb/dvb-usb/dw2102.c +++ b/drivers/media/usb/dvb-usb/dw2102.c -@@ -121,7 +121,7 @@ struct su3000_state { +@@ -118,7 +118,7 @@ struct su3000_state { struct s6x0_state { int (*old_set_voltage)(struct dvb_frontend *f, fe_sec_voltage_t v); @@ -44509,7 +45096,7 @@ index c1a63b2..dbcbfb6 100644 /* debug */ static int dvb_usb_dw2102_debug; diff --git a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c -index 8f7a6a4..eb0e1d4 100644 +index b63a5e5..b16a062 100644 --- a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c +++ b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c @@ -326,7 +326,7 @@ struct v4l2_buffer32 { @@ -44585,10 +45172,10 @@ index 8f7a6a4..eb0e1d4 100644 return 0; } diff --git a/drivers/media/v4l2-core/v4l2-ctrls.c b/drivers/media/v4l2-core/v4l2-ctrls.c -index fb46790..ae1f8fa 100644 +index 6ff002b..6b9316b 100644 --- a/drivers/media/v4l2-core/v4l2-ctrls.c +++ b/drivers/media/v4l2-core/v4l2-ctrls.c -@@ -1396,8 +1396,8 @@ static int validate_new(const struct v4l2_ctrl *ctrl, +@@ -1401,8 +1401,8 @@ static int validate_new(const struct v4l2_ctrl *ctrl, return 0; case V4L2_CTRL_TYPE_STRING: @@ -44616,10 +45203,10 @@ index 02d1b63..5fd6b16 100644 if (basename[len - 1] >= '0' && basename[len - 1] <= '9') diff --git a/drivers/media/v4l2-core/v4l2-ioctl.c b/drivers/media/v4l2-core/v4l2-ioctl.c -index 68e6b5e..8eb2aec 100644 +index 707aef7..93b8ac0 100644 --- a/drivers/media/v4l2-core/v4l2-ioctl.c +++ b/drivers/media/v4l2-core/v4l2-ioctl.c -@@ -1939,7 +1939,8 @@ struct v4l2_ioctl_info { +@@ -1942,7 +1942,8 @@ struct v4l2_ioctl_info { struct file *file, void *fh, void *p); } u; void (*debug)(const void *arg, bool write_only); @@ -44629,7 +45216,7 @@ index 68e6b5e..8eb2aec 100644 /* This control needs a priority check */ #define INFO_FL_PRIO (1 << 0) -@@ -2120,7 +2121,7 @@ static long __video_do_ioctl(struct file *file, +@@ -2123,7 +2124,7 @@ static long __video_do_ioctl(struct file *file, struct video_device *vfd = video_devdata(file); const struct v4l2_ioctl_ops *ops = vfd->ioctl_ops; bool write_only = false; @@ -44638,7 +45225,7 @@ index 68e6b5e..8eb2aec 100644 const struct v4l2_ioctl_info *info; void *fh = file->private_data; struct v4l2_fh *vfh = NULL; -@@ -2194,7 +2195,7 @@ done: +@@ -2197,7 +2198,7 @@ done: } static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, @@ -44647,7 +45234,7 @@ index 68e6b5e..8eb2aec 100644 { int ret = 0; -@@ -2210,7 +2211,7 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, +@@ -2213,7 +2214,7 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, ret = -EINVAL; break; } @@ -44656,7 +45243,7 @@ index 68e6b5e..8eb2aec 100644 *kernel_ptr = (void *)&buf->m.planes; *array_size = sizeof(struct v4l2_plane) * buf->length; ret = 1; -@@ -2245,7 +2246,7 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, +@@ -2248,7 +2249,7 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, ret = -EINVAL; break; } @@ -44665,8 +45252,8 @@ index 68e6b5e..8eb2aec 100644 *kernel_ptr = (void *)&ctrls->controls; *array_size = sizeof(struct v4l2_ext_control) * ctrls->count; -@@ -2340,7 +2341,7 @@ video_usercopy(struct file *file, unsigned int cmd, unsigned long arg, - err = -ENOTTY; +@@ -2349,7 +2350,7 @@ video_usercopy(struct file *file, unsigned int cmd, unsigned long arg, + } if (has_array_args) { - *kernel_ptr = user_ptr; @@ -44675,7 +45262,7 @@ index 68e6b5e..8eb2aec 100644 err = -EFAULT; goto out_array_args; diff --git a/drivers/message/fusion/mptbase.c b/drivers/message/fusion/mptbase.c -index 767ff4d..c69d259 100644 +index 570b18a..f880314 100644 --- a/drivers/message/fusion/mptbase.c +++ b/drivers/message/fusion/mptbase.c @@ -6755,8 +6755,13 @@ static int mpt_iocinfo_proc_show(struct seq_file *m, void *v) @@ -44705,7 +45292,7 @@ index 767ff4d..c69d259 100644 seq_printf(m, " {CurRepSz=%d} x {CurRepDepth=%d} = %d bytes ^= 0x%x\n", ioc->reply_sz, ioc->reply_depth, ioc->reply_sz*ioc->reply_depth, sz); diff --git a/drivers/message/fusion/mptsas.c b/drivers/message/fusion/mptsas.c -index dd239bd..689c4f7 100644 +index 00d339c..2ea899d 100644 --- a/drivers/message/fusion/mptsas.c +++ b/drivers/message/fusion/mptsas.c @@ -446,6 +446,23 @@ mptsas_is_end_device(struct mptsas_devinfo * attached) @@ -44977,7 +45564,7 @@ index a8c08f3..155fe3d 100644 #endif diff --git a/drivers/mfd/ab8500-debugfs.c b/drivers/mfd/ab8500-debugfs.c -index e33e385..28dfd23 100644 +index d1a22aa..d0f7bf7 100644 --- a/drivers/mfd/ab8500-debugfs.c +++ b/drivers/mfd/ab8500-debugfs.c @@ -100,7 +100,7 @@ static int irq_last; @@ -44990,7 +45577,7 @@ index e33e385..28dfd23 100644 static u8 avg_sample = SAMPLE_16; diff --git a/drivers/mfd/janz-cmodio.c b/drivers/mfd/janz-cmodio.c -index fcbb2e9..2635e11 100644 +index 81b7d88..95ae998 100644 --- a/drivers/mfd/janz-cmodio.c +++ b/drivers/mfd/janz-cmodio.c @@ -13,6 +13,7 @@ @@ -45002,7 +45589,7 @@ index fcbb2e9..2635e11 100644 #include <linux/pci.h> #include <linux/interrupt.h> diff --git a/drivers/mfd/max8925-i2c.c b/drivers/mfd/max8925-i2c.c -index 176aa26..27811b2 100644 +index a83eed5..62a58a9 100644 --- a/drivers/mfd/max8925-i2c.c +++ b/drivers/mfd/max8925-i2c.c @@ -152,7 +152,7 @@ static int max8925_probe(struct i2c_client *client, @@ -45015,7 +45602,7 @@ index 176aa26..27811b2 100644 if (node && !pdata) { diff --git a/drivers/mfd/tps65910.c b/drivers/mfd/tps65910.c -index c0f608e..286f8ec 100644 +index d657331..0d9a80f 100644 --- a/drivers/mfd/tps65910.c +++ b/drivers/mfd/tps65910.c @@ -230,7 +230,7 @@ static int tps65910_irq_init(struct tps65910 *tps65910, int irq, @@ -45476,19 +46063,6 @@ index 7b5424f..ed1d6ac 100644 err = -EFAULT; goto cmd_rel_host; } -diff --git a/drivers/mmc/card/queue.c b/drivers/mmc/card/queue.c -index 357bbc5..3e049c1 100644 ---- a/drivers/mmc/card/queue.c -+++ b/drivers/mmc/card/queue.c -@@ -197,7 +197,7 @@ int mmc_init_queue(struct mmc_queue *mq, struct mmc_card *card, - struct mmc_queue_req *mqrq_prev = &mq->mqrq[1]; - - if (mmc_dev(host)->dma_mask && *mmc_dev(host)->dma_mask) -- limit = dma_max_pfn(mmc_dev(host)) << PAGE_SHIFT; -+ limit = (u64)dma_max_pfn(mmc_dev(host)) << PAGE_SHIFT; - - mq->card = card; - mq->queue = blk_init_queue(mmc_request_fn, lock); diff --git a/drivers/mmc/core/mmc_ops.c b/drivers/mmc/core/mmc_ops.c index e5b5eeb..7bf2212 100644 --- a/drivers/mmc/core/mmc_ops.c @@ -45514,7 +46088,7 @@ index 6bf24ab..13d0293b 100644 +} __do_const; #endif /* _DW_MMC_H_ */ diff --git a/drivers/mmc/host/mmci.c b/drivers/mmc/host/mmci.c -index f320579..7b7ebac 100644 +index b931226..df6a085 100644 --- a/drivers/mmc/host/mmci.c +++ b/drivers/mmc/host/mmci.c @@ -1504,7 +1504,9 @@ static int mmci_probe(struct amba_device *dev, @@ -45529,11 +46103,11 @@ index f320579..7b7ebac 100644 } diff --git a/drivers/mmc/host/sdhci-esdhc-imx.c b/drivers/mmc/host/sdhci-esdhc-imx.c -index 1dcaf8a..025af25 100644 +index b841bb7..d82712f5 100644 --- a/drivers/mmc/host/sdhci-esdhc-imx.c +++ b/drivers/mmc/host/sdhci-esdhc-imx.c -@@ -1009,9 +1009,12 @@ static int sdhci_esdhc_imx_probe(struct platform_device *pdev) - host->quirks2 |= SDHCI_QUIRK2_PRESET_VALUE_BROKEN; +@@ -1031,9 +1031,12 @@ static int sdhci_esdhc_imx_probe(struct platform_device *pdev) + host->mmc->caps |= MMC_CAP_1_8V_DDR; } - if (imx_data->socdata->flags & ESDHC_FLAG_MAN_TUNING) @@ -45544,9 +46118,9 @@ index 1dcaf8a..025af25 100644 esdhc_executing_tuning; + pax_close_kernel(); + } - boarddata = &imx_data->boarddata; - if (sdhci_esdhc_imx_probe_dt(pdev, boarddata) < 0) { - if (!host->mmc->parent->platform_data) { + + if (imx_data->socdata->flags & ESDHC_FLAG_STD_TUNING) + writel(readl(host->ioaddr + ESDHC_TUNING_CTRL) | diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c index 6debda9..2ba7427 100644 --- a/drivers/mmc/host/sdhci-s3c.c @@ -45580,7 +46154,7 @@ index 096993f..f02c23b 100644 if (!ECCBUF_SIZE) { /* We should fall back to a general writev implementation. diff --git a/drivers/mtd/nand/denali.c b/drivers/mtd/nand/denali.c -index 370b9dd..1a1176b 100644 +index c07cd57..61c4fbd 100644 --- a/drivers/mtd/nand/denali.c +++ b/drivers/mtd/nand/denali.c @@ -24,6 +24,7 @@ @@ -45591,6 +46165,19 @@ index 370b9dd..1a1176b 100644 #include "denali.h" +diff --git a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c +index ca6369f..0ce9fed 100644 +--- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c ++++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c +@@ -369,7 +369,7 @@ void prepare_data_dma(struct gpmi_nand_data *this, enum dma_data_direction dr) + + /* first try to map the upper buffer directly */ + if (virt_addr_valid(this->upper_buf) && +- !object_is_on_stack(this->upper_buf)) { ++ !object_starts_on_stack(this->upper_buf)) { + sg_init_one(sgl, this->upper_buf, this->upper_len); + ret = dma_map_sg(this->dev, sgl, 1, dr); + if (ret == 0) diff --git a/drivers/mtd/nftlmount.c b/drivers/mtd/nftlmount.c index 51b9d6a..52af9a7 100644 --- a/drivers/mtd/nftlmount.c @@ -45604,7 +46191,7 @@ index 51b9d6a..52af9a7 100644 #include <linux/mtd/nand.h> #include <linux/mtd/nftl.h> diff --git a/drivers/mtd/sm_ftl.c b/drivers/mtd/sm_ftl.c -index 4b8e895..6b3c498 100644 +index cf49c22..971b133 100644 --- a/drivers/mtd/sm_ftl.c +++ b/drivers/mtd/sm_ftl.c @@ -56,7 +56,7 @@ static ssize_t sm_attr_show(struct device *dev, struct device_attribute *attr, @@ -45615,12 +46202,12 @@ index 4b8e895..6b3c498 100644 + attribute_group_no_const *attr_group; struct attribute **attributes; struct sm_sysfs_attribute *vendor_attribute; - + char *vendor; diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c -index 4b8c58b..a200546 100644 +index 91ec8cd..562ff5f 100644 --- a/drivers/net/bonding/bond_main.c +++ b/drivers/net/bonding/bond_main.c -@@ -4527,6 +4527,7 @@ static void __exit bonding_exit(void) +@@ -4552,6 +4552,7 @@ static void __exit bonding_exit(void) bond_netlink_fini(); unregister_pernet_subsys(&bond_net_ops); @@ -45629,10 +46216,10 @@ index 4b8c58b..a200546 100644 #ifdef CONFIG_NET_POLL_CONTROLLER /* diff --git a/drivers/net/bonding/bond_netlink.c b/drivers/net/bonding/bond_netlink.c -index 40e7b1c..6a70fff 100644 +index 70651f8..7eb1bdf 100644 --- a/drivers/net/bonding/bond_netlink.c +++ b/drivers/net/bonding/bond_netlink.c -@@ -102,7 +102,7 @@ nla_put_failure: +@@ -542,7 +542,7 @@ nla_put_failure: return -EMSGSIZE; } @@ -45642,7 +46229,7 @@ index 40e7b1c..6a70fff 100644 .priv_size = sizeof(struct bonding), .setup = bond_setup, diff --git a/drivers/net/can/Kconfig b/drivers/net/can/Kconfig -index 3c06947..fd0e5de 100644 +index 9e7d95d..d447b88 100644 --- a/drivers/net/can/Kconfig +++ b/drivers/net/can/Kconfig @@ -104,7 +104,7 @@ config CAN_JANZ_ICAN3 @@ -45655,10 +46242,10 @@ index 3c06947..fd0e5de 100644 Say Y here if you want to support for Freescale FlexCAN. diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c -index 36fa577..a158806 100644 +index 455d4c3..3353ee7 100644 --- a/drivers/net/ethernet/8390/ax88796.c +++ b/drivers/net/ethernet/8390/ax88796.c -@@ -872,9 +872,11 @@ static int ax_probe(struct platform_device *pdev) +@@ -889,9 +889,11 @@ static int ax_probe(struct platform_device *pdev) if (ax->plat->reg_offsets) ei_local->reg_offset = ax->plat->reg_offsets; else { @@ -45672,10 +46259,10 @@ index 36fa577..a158806 100644 if (!request_mem_region(mem->start, mem_size, pdev->name)) { diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h -index 41f3ca5a..1ee5364 100644 +index a89a40f..5a8a2ac 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.h -@@ -1139,7 +1139,7 @@ static inline u8 bnx2x_get_path_func_num(struct bnx2x *bp) +@@ -1062,7 +1062,7 @@ static inline u8 bnx2x_get_path_func_num(struct bnx2x *bp) static inline void bnx2x_init_bp_objs(struct bnx2x *bp) { /* RX_MODE controlling object */ @@ -45685,10 +46272,10 @@ index 41f3ca5a..1ee5364 100644 /* multicast configuration controlling object */ bnx2x_init_mcast_obj(bp, &bp->mcast_obj, bp->fp->cl_id, bp->fp->cid, diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c -index 18438a5..c923b8e 100644 +index 0fb6ff2..78fd55c 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c -@@ -2591,15 +2591,14 @@ int bnx2x_config_rx_mode(struct bnx2x *bp, +@@ -2329,15 +2329,14 @@ int bnx2x_config_rx_mode(struct bnx2x *bp, return rc; } @@ -45710,10 +46297,10 @@ index 18438a5..c923b8e 100644 } diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h -index 6a53c15..6e7d1e7 100644 +index 00d7f21..2cddec4 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h -@@ -1332,8 +1332,7 @@ int bnx2x_vlan_mac_move(struct bnx2x *bp, +@@ -1321,8 +1321,7 @@ int bnx2x_vlan_mac_move(struct bnx2x *bp, /********************* RX MODE ****************/ @@ -45724,7 +46311,7 @@ index 6a53c15..6e7d1e7 100644 /** * bnx2x_config_rx_mode - Send and RX_MODE ramrod according to the provided parameters. diff --git a/drivers/net/ethernet/broadcom/tg3.h b/drivers/net/ethernet/broadcom/tg3.h -index cf9917b..c658558 100644 +index 04321e5..b51cdc4 100644 --- a/drivers/net/ethernet/broadcom/tg3.h +++ b/drivers/net/ethernet/broadcom/tg3.h @@ -150,6 +150,7 @@ @@ -45736,7 +46323,7 @@ index cf9917b..c658558 100644 #define CHIPREV_ID_5752_A0_HW 0x5000 #define CHIPREV_ID_5752_A0 0x6000 diff --git a/drivers/net/ethernet/brocade/bna/bna_enet.c b/drivers/net/ethernet/brocade/bna/bna_enet.c -index 3ca77fa..fcc015f 100644 +index 13f9636..228040f 100644 --- a/drivers/net/ethernet/brocade/bna/bna_enet.c +++ b/drivers/net/ethernet/brocade/bna/bna_enet.c @@ -1690,10 +1690,10 @@ bna_cb_ioceth_reset(void *arg) @@ -45768,7 +46355,7 @@ index 8cffcdf..aadf043 100644 #define L2T_SKB_CB(skb) ((struct l2t_skb_cb *)(skb)->cb) diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c -index fff02ed..d421412 100644 +index 34e2488..07e2079 100644 --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c @@ -2120,7 +2120,7 @@ static void get_regs(struct net_device *dev, struct ethtool_regs *regs, @@ -45803,10 +46390,10 @@ index c05b66d..ed69872 100644 break; } diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c -index a37039d..a51d7e8 100644 +index 36c8061..ca5e1e0 100644 --- a/drivers/net/ethernet/emulex/benet/be_main.c +++ b/drivers/net/ethernet/emulex/benet/be_main.c -@@ -533,7 +533,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) +@@ -534,7 +534,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) if (wrapped) newacc += 65536; @@ -45816,10 +46403,10 @@ index a37039d..a51d7e8 100644 static void populate_erx_stats(struct be_adapter *adapter, diff --git a/drivers/net/ethernet/faraday/ftgmac100.c b/drivers/net/ethernet/faraday/ftgmac100.c -index 212f44b..fb69959 100644 +index c11ecbc..13bb299 100644 --- a/drivers/net/ethernet/faraday/ftgmac100.c +++ b/drivers/net/ethernet/faraday/ftgmac100.c -@@ -31,6 +31,8 @@ +@@ -30,6 +30,8 @@ #include <linux/netdevice.h> #include <linux/phy.h> #include <linux/platform_device.h> @@ -45841,6 +46428,19 @@ index 8be5b40..081bc1b 100644 #include "ftmac100.h" +diff --git a/drivers/net/ethernet/intel/i40e/i40e_ptp.c b/drivers/net/ethernet/intel/i40e/i40e_ptp.c +index e33ec6c..f54cfe7 100644 +--- a/drivers/net/ethernet/intel/i40e/i40e_ptp.c ++++ b/drivers/net/ethernet/intel/i40e/i40e_ptp.c +@@ -436,7 +436,7 @@ void i40e_ptp_set_increment(struct i40e_pf *pf) + wr32(hw, I40E_PRTTSYN_INC_H, incval >> 32); + + /* Update the base adjustement value. */ +- ACCESS_ONCE(pf->ptp_base_adj) = incval; ++ ACCESS_ONCE_RW(pf->ptp_base_adj) = incval; + smp_mb(); /* Force the above update. */ + } + diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c index 5184e2a..acb28c3 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c @@ -45855,7 +46455,7 @@ index 5184e2a..acb28c3 100644 /* need lock to prevent incorrect read while modifying cyclecounter */ diff --git a/drivers/net/ethernet/neterion/vxge/vxge-config.c b/drivers/net/ethernet/neterion/vxge/vxge-config.c -index fbe5363..266b4e3 100644 +index 089b713..28d87ae 100644 --- a/drivers/net/ethernet/neterion/vxge/vxge-config.c +++ b/drivers/net/ethernet/neterion/vxge/vxge-config.c @@ -3461,7 +3461,10 @@ __vxge_hw_fifo_create(struct __vxge_hw_vpath_handle *vp, @@ -45880,10 +46480,10 @@ index fbe5363..266b4e3 100644 __vxge_hw_mempool_create(vpath->hldev, fifo->config->memblock_size, diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c -index 918e18d..4ca3650 100644 +index 90a2dda..47e620e 100644 --- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c +++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_init.c -@@ -2086,7 +2086,9 @@ int qlcnic_83xx_configure_opmode(struct qlcnic_adapter *adapter) +@@ -2088,7 +2088,9 @@ int qlcnic_83xx_configure_opmode(struct qlcnic_adapter *adapter) adapter->max_tx_rings = QLCNIC_MAX_VNIC_TX_RINGS; } else if (ret == QLC_83XX_DEFAULT_OPMODE) { ahw->nic_mode = QLCNIC_DEFAULT_MODE; @@ -45895,7 +46495,7 @@ index 918e18d..4ca3650 100644 adapter->max_sds_rings = QLCNIC_MAX_SDS_RINGS; adapter->max_tx_rings = QLCNIC_MAX_TX_RINGS; diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_vnic.c b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_vnic.c -index 734d286..b017bf5 100644 +index be7d7a6..a8983f8 100644 --- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_vnic.c +++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_vnic.c @@ -207,17 +207,23 @@ int qlcnic_83xx_config_vnic_opmode(struct qlcnic_adapter *adapter) @@ -45939,10 +46539,10 @@ index 7763962..c3499a7 100644 struct qlcnic_hardware_context *ahw; void *temp_buffer; diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c -index c737f0e..32b8682 100644 +index 3ff7bc3..366091b 100644 --- a/drivers/net/ethernet/realtek/r8169.c +++ b/drivers/net/ethernet/realtek/r8169.c -@@ -759,22 +759,22 @@ struct rtl8169_private { +@@ -758,22 +758,22 @@ struct rtl8169_private { struct mdio_ops { void (*write)(struct rtl8169_private *, int, int); int (*read)(struct rtl8169_private *, int); @@ -45970,10 +46570,10 @@ index c737f0e..32b8682 100644 int (*set_speed)(struct net_device *, u8 aneg, u16 sp, u8 dpx, u32 adv); int (*get_settings)(struct net_device *, struct ethtool_cmd *); diff --git a/drivers/net/ethernet/sfc/ptp.c b/drivers/net/ethernet/sfc/ptp.c -index a124103..59c74f8 100644 +index d7a3682..9ce272a 100644 --- a/drivers/net/ethernet/sfc/ptp.c +++ b/drivers/net/ethernet/sfc/ptp.c -@@ -541,7 +541,7 @@ static int efx_ptp_synchronize(struct efx_nic *efx, unsigned int num_readings) +@@ -825,7 +825,7 @@ static int efx_ptp_synchronize(struct efx_nic *efx, unsigned int num_readings) ptp->start.dma_addr); /* Clear flag that signals MC ready */ @@ -45998,10 +46598,10 @@ index 50617c5..b13724c 100644 /* To mask all all interrupts.*/ diff --git a/drivers/net/hyperv/hyperv_net.h b/drivers/net/hyperv/hyperv_net.h -index e6fe0d8..2b7d752 100644 +index 7b594ce..1f6c5708 100644 --- a/drivers/net/hyperv/hyperv_net.h +++ b/drivers/net/hyperv/hyperv_net.h -@@ -101,7 +101,7 @@ struct rndis_device { +@@ -100,7 +100,7 @@ struct rndis_device { enum rndis_device_state state; bool link_state; @@ -46011,10 +46611,10 @@ index e6fe0d8..2b7d752 100644 spinlock_t request_lock; struct list_head req_list; diff --git a/drivers/net/hyperv/rndis_filter.c b/drivers/net/hyperv/rndis_filter.c -index 0775f0a..d4fb316 100644 +index b54fd25..9bd2bae 100644 --- a/drivers/net/hyperv/rndis_filter.c +++ b/drivers/net/hyperv/rndis_filter.c -@@ -104,7 +104,7 @@ static struct rndis_request *get_rndis_request(struct rndis_device *dev, +@@ -103,7 +103,7 @@ static struct rndis_request *get_rndis_request(struct rndis_device *dev, * template */ set = &rndis_msg->msg.set_req; @@ -46023,7 +46623,7 @@ index 0775f0a..d4fb316 100644 /* Add to the request list */ spin_lock_irqsave(&dev->request_lock, flags); -@@ -752,7 +752,7 @@ static void rndis_filter_halt_device(struct rndis_device *dev) +@@ -770,7 +770,7 @@ static void rndis_filter_halt_device(struct rndis_device *dev) /* Setup the rndis set */ halt = &request->request_msg.msg.halt_req; @@ -46046,10 +46646,10 @@ index bf0d55e..82bcfbd1 100644 priv = netdev_priv(dev); priv->phy = phy; diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c -index d7e2907..1f8bfee 100644 +index 20bb669..9a0e17e 100644 --- a/drivers/net/macvlan.c +++ b/drivers/net/macvlan.c -@@ -993,13 +993,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { +@@ -991,13 +991,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { int macvlan_link_register(struct rtnl_link_ops *ops) { /* common fields */ @@ -46072,7 +46672,7 @@ index d7e2907..1f8bfee 100644 return rtnl_link_register(ops); }; -@@ -1054,7 +1056,7 @@ static int macvlan_device_event(struct notifier_block *unused, +@@ -1052,7 +1054,7 @@ static int macvlan_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -46082,10 +46682,10 @@ index d7e2907..1f8bfee 100644 }; diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c -index 2a89da0..c17fe1d 100644 +index 3381c4f..dea5fd5 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c -@@ -1012,7 +1012,7 @@ static long macvtap_ioctl(struct file *file, unsigned int cmd, +@@ -1020,7 +1020,7 @@ static long macvtap_ioctl(struct file *file, unsigned int cmd, } ret = 0; @@ -46094,7 +46694,7 @@ index 2a89da0..c17fe1d 100644 put_user(q->flags, &ifr->ifr_flags)) ret = -EFAULT; macvtap_put_vlan(vlan); -@@ -1182,7 +1182,7 @@ static int macvtap_device_event(struct notifier_block *unused, +@@ -1190,7 +1190,7 @@ static int macvtap_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -46151,10 +46751,10 @@ index 1252d9c..80e660b 100644 /* We've got a compressed packet; read the change byte */ diff --git a/drivers/net/team/team.c b/drivers/net/team/team.c -index b75ae5b..953c157 100644 +index c8624a8..f0a4f6a 100644 --- a/drivers/net/team/team.c +++ b/drivers/net/team/team.c -@@ -2865,7 +2865,7 @@ static int team_device_event(struct notifier_block *unused, +@@ -2869,7 +2869,7 @@ static int team_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -46164,10 +46764,10 @@ index b75ae5b..953c157 100644 }; diff --git a/drivers/net/tun.c b/drivers/net/tun.c -index 55c9238..ebb6ee5 100644 +index 26f8635..c237839 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c -@@ -1841,7 +1841,7 @@ unlock: +@@ -1876,7 +1876,7 @@ unlock: } static long __tun_chr_ioctl(struct file *file, unsigned int cmd, @@ -46176,7 +46776,7 @@ index 55c9238..ebb6ee5 100644 { struct tun_file *tfile = file->private_data; struct tun_struct *tun; -@@ -1854,6 +1854,9 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, +@@ -1889,6 +1889,9 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, unsigned int ifindex; int ret; @@ -46187,7 +46787,7 @@ index 55c9238..ebb6ee5 100644 if (copy_from_user(&ifr, argp, ifreq_len)) return -EFAULT; diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c -index 1a48234..a555339 100644 +index 660bd5e..ac59452 100644 --- a/drivers/net/usb/hso.c +++ b/drivers/net/usb/hso.c @@ -71,7 +71,7 @@ @@ -46208,7 +46808,7 @@ index 1a48234..a555339 100644 count = put_rxbuf_data(urb, serial); if (count == -1) return; -@@ -1215,7 +1215,7 @@ static void hso_std_serial_read_bulk_callback(struct urb *urb) +@@ -1217,7 +1217,7 @@ static void hso_std_serial_read_bulk_callback(struct urb *urb) DUMP1(urb->transfer_buffer, urb->actual_length); /* Anyone listening? */ @@ -46216,8 +46816,8 @@ index 1a48234..a555339 100644 + if (atomic_read(&serial->port.count) == 0) return; - if (status == 0) { -@@ -1297,8 +1297,7 @@ static int hso_serial_open(struct tty_struct *tty, struct file *filp) + if (serial->parent->port_spec & HSO_INFO_CRC_BUG) +@@ -1287,8 +1287,7 @@ static int hso_serial_open(struct tty_struct *tty, struct file *filp) tty_port_tty_set(&serial->port, tty); /* check for port already opened, if not set the termios */ @@ -46227,7 +46827,7 @@ index 1a48234..a555339 100644 serial->rx_state = RX_IDLE; /* Force default termio settings */ _hso_serial_set_termios(tty, NULL); -@@ -1310,7 +1309,7 @@ static int hso_serial_open(struct tty_struct *tty, struct file *filp) +@@ -1300,7 +1299,7 @@ static int hso_serial_open(struct tty_struct *tty, struct file *filp) result = hso_start_serial_device(serial->parent, GFP_KERNEL); if (result) { hso_stop_serial_device(serial->parent); @@ -46236,7 +46836,7 @@ index 1a48234..a555339 100644 kref_put(&serial->parent->ref, hso_serial_ref_free); } } else { -@@ -1347,10 +1346,10 @@ static void hso_serial_close(struct tty_struct *tty, struct file *filp) +@@ -1337,10 +1336,10 @@ static void hso_serial_close(struct tty_struct *tty, struct file *filp) /* reset the rts and dtr */ /* do the actual close */ @@ -46250,7 +46850,7 @@ index 1a48234..a555339 100644 tty_port_tty_set(&serial->port, NULL); if (!usb_gone) hso_stop_serial_device(serial->parent); -@@ -1426,7 +1425,7 @@ static void hso_serial_set_termios(struct tty_struct *tty, struct ktermios *old) +@@ -1416,7 +1415,7 @@ static void hso_serial_set_termios(struct tty_struct *tty, struct ktermios *old) /* the actual setup */ spin_lock_irqsave(&serial->serial_lock, flags); @@ -46259,7 +46859,7 @@ index 1a48234..a555339 100644 _hso_serial_set_termios(tty, old); else tty->termios = *old; -@@ -1895,7 +1894,7 @@ static void intr_callback(struct urb *urb) +@@ -1885,7 +1884,7 @@ static void intr_callback(struct urb *urb) D1("Pending read interrupt on port %d\n", i); spin_lock(&serial->serial_lock); if (serial->rx_state == RX_IDLE && @@ -46268,7 +46868,7 @@ index 1a48234..a555339 100644 /* Setup and send a ctrl req read on * port i */ if (!serial->rx_urb_filled[0]) { -@@ -3071,7 +3070,7 @@ static int hso_resume(struct usb_interface *iface) +@@ -3061,7 +3060,7 @@ static int hso_resume(struct usb_interface *iface) /* Start all serial ports */ for (i = 0; i < HSO_SERIAL_TTY_MINORS; i++) { if (serial_table[i] && (serial_table[i]->interface == iface)) { @@ -46277,11 +46877,24 @@ index 1a48234..a555339 100644 result = hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); +diff --git a/drivers/net/usb/r8152.c b/drivers/net/usb/r8152.c +index adb12f3..48005ab 100644 +--- a/drivers/net/usb/r8152.c ++++ b/drivers/net/usb/r8152.c +@@ -513,7 +513,7 @@ struct r8152 { + void (*disable)(struct r8152 *); + void (*down)(struct r8152 *); + void (*unload)(struct r8152 *); +- } rtl_ops; ++ } __no_const rtl_ops; + + int intr_interval; + u32 msg_enable; diff --git a/drivers/net/usb/sierra_net.c b/drivers/net/usb/sierra_net.c -index a79e9d3..78cd4fa 100644 +index a2515887..6d13233 100644 --- a/drivers/net/usb/sierra_net.c +++ b/drivers/net/usb/sierra_net.c -@@ -52,7 +52,7 @@ static const char driver_name[] = "sierra_net"; +@@ -51,7 +51,7 @@ static const char driver_name[] = "sierra_net"; /* atomic counter partially included in MAC address to make sure 2 devices * do not end up with the same MAC - concept breaks in case of > 255 ifaces */ @@ -46290,7 +46903,7 @@ index a79e9d3..78cd4fa 100644 /* * SYNC Timer Delay definition used to set the expiry time -@@ -698,7 +698,7 @@ static int sierra_net_bind(struct usbnet *dev, struct usb_interface *intf) +@@ -697,7 +697,7 @@ static int sierra_net_bind(struct usbnet *dev, struct usb_interface *intf) dev->net->netdev_ops = &sierra_net_device_ops; /* change MAC addr to include, ifacenum, and to be unique */ @@ -46300,10 +46913,10 @@ index a79e9d3..78cd4fa 100644 /* we will have to manufacture ethernet headers, prepare template */ diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c -index 0247973..088193a 100644 +index d091e52..568bb179 100644 --- a/drivers/net/vxlan.c +++ b/drivers/net/vxlan.c -@@ -2615,7 +2615,7 @@ nla_put_failure: +@@ -2847,7 +2847,7 @@ nla_put_failure: return -EMSGSIZE; } @@ -46312,6 +46925,15 @@ index 0247973..088193a 100644 .kind = "vxlan", .maxtype = IFLA_VXLAN_MAX, .policy = vxlan_policy, +@@ -2894,7 +2894,7 @@ static int vxlan_lowerdev_event(struct notifier_block *unused, + return NOTIFY_DONE; + } + +-static struct notifier_block vxlan_notifier_block __read_mostly = { ++static struct notifier_block vxlan_notifier_block = { + .notifier_call = vxlan_lowerdev_event, + }; + diff --git a/drivers/net/wan/lmc/lmc_media.c b/drivers/net/wan/lmc/lmc_media.c index 5920c99..ff2e4a5 100644 --- a/drivers/net/wan/lmc/lmc_media.c @@ -46507,7 +47129,7 @@ index edf4b57..68b51c0 100644 /* Only super-user can write RIDs */ diff --git a/drivers/net/wireless/at76c50x-usb.c b/drivers/net/wireless/at76c50x-usb.c -index 34c8a33..3261fdc 100644 +index 99b3bfa..9559372 100644 --- a/drivers/net/wireless/at76c50x-usb.c +++ b/drivers/net/wireless/at76c50x-usb.c @@ -353,7 +353,7 @@ static int at76_dfu_get_state(struct usb_device *udev, u8 *state) @@ -46520,10 +47142,10 @@ index 34c8a33..3261fdc 100644 return msecs_to_jiffies((s->poll_timeout[2] << 16) | (s->poll_timeout[1] << 8) diff --git a/drivers/net/wireless/ath/ath10k/htc.c b/drivers/net/wireless/ath/ath10k/htc.c -index edae50b..b24278c 100644 +index edc57ab..ff49e0a 100644 --- a/drivers/net/wireless/ath/ath10k/htc.c +++ b/drivers/net/wireless/ath/ath10k/htc.c -@@ -842,7 +842,10 @@ void ath10k_htc_stop(struct ath10k_htc *htc) +@@ -831,7 +831,10 @@ void ath10k_htc_stop(struct ath10k_htc *htc) /* registered target arrival callback from the HIF layer */ int ath10k_htc_init(struct ath10k *ar) { @@ -46535,7 +47157,7 @@ index edae50b..b24278c 100644 struct ath10k_htc_ep *ep = NULL; struct ath10k_htc *htc = &ar->htc; -@@ -852,8 +855,6 @@ int ath10k_htc_init(struct ath10k *ar) +@@ -841,8 +844,6 @@ int ath10k_htc_init(struct ath10k *ar) ath10k_htc_reset_endpoint_states(htc); /* setup HIF layer callbacks */ @@ -46565,10 +47187,10 @@ index 4716d33..a688310 100644 /* service connection information */ struct ath10k_htc_svc_conn_req { diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c -index a366d6b..b6f28f8 100644 +index 741b38d..b7ae41b 100644 --- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c +++ b/drivers/net/wireless/ath/ath9k/ar9002_mac.c -@@ -218,8 +218,8 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -220,8 +220,8 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) ads->ds_txstatus6 = ads->ds_txstatus7 = 0; ads->ds_txstatus8 = ads->ds_txstatus9 = 0; @@ -46579,7 +47201,7 @@ index a366d6b..b6f28f8 100644 ctl1 = i->buf_len[0] | (i->is_last ? 0 : AR_TxMore); ctl6 = SM(i->keytype, AR_EncrType); -@@ -233,26 +233,26 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -235,26 +235,26 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) if ((i->is_first || i->is_last) && i->aggr != AGGR_BUF_MIDDLE && i->aggr != AGGR_BUF_LAST) { @@ -46613,7 +47235,7 @@ index a366d6b..b6f28f8 100644 return; } -@@ -277,7 +277,7 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -279,7 +279,7 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) break; } @@ -46622,7 +47244,7 @@ index a366d6b..b6f28f8 100644 | (i->flags & ATH9K_TXDESC_VMF ? AR_VirtMoreFrag : 0) | SM(i->txpower, AR_XmitPower) | (i->flags & ATH9K_TXDESC_VEOL ? AR_VEOL : 0) -@@ -287,19 +287,19 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -289,19 +289,19 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) | (i->flags & ATH9K_TXDESC_RTSENA ? AR_RTSEnable : (i->flags & ATH9K_TXDESC_CTSENA ? AR_CTSEnable : 0)); @@ -46648,7 +47270,7 @@ index a366d6b..b6f28f8 100644 | set11nRateFlags(i->rates, 2) | set11nRateFlags(i->rates, 3) diff --git a/drivers/net/wireless/ath/ath9k/ar9003_mac.c b/drivers/net/wireless/ath/ath9k/ar9003_mac.c -index f6c5c1b..6058354 100644 +index 729ffbf..49f50e3 100644 --- a/drivers/net/wireless/ath/ath9k/ar9003_mac.c +++ b/drivers/net/wireless/ath/ath9k/ar9003_mac.c @@ -39,47 +39,47 @@ ar9003_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) @@ -46770,10 +47392,10 @@ index f6c5c1b..6058354 100644 static u16 ar9003_calc_ptr_chksum(struct ar9003_txc *ads) diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h -index a2c9a5d..b52273e 100644 +index 0acd4b5..0591c91 100644 --- a/drivers/net/wireless/ath/ath9k/hw.h +++ b/drivers/net/wireless/ath/ath9k/hw.h -@@ -635,7 +635,7 @@ struct ath_hw_private_ops { +@@ -629,7 +629,7 @@ struct ath_hw_private_ops { /* ANI */ void (*ani_cache_ini_regs)(struct ath_hw *ah); @@ -46782,7 +47404,7 @@ index a2c9a5d..b52273e 100644 /** * struct ath_spec_scan - parameters for Atheros spectral scan -@@ -711,7 +711,7 @@ struct ath_hw_ops { +@@ -706,7 +706,7 @@ struct ath_hw_ops { #ifdef CONFIG_ATH9K_BTCOEX_SUPPORT void (*set_bt_ant_diversity)(struct ath_hw *hw, bool enable); #endif @@ -46805,10 +47427,10 @@ index 92190da..f3a4c4c 100644 u32 freqref, vco_freq, val1, val2, val3, timeout, timeoutref, count; u16 old_comm15, scale; diff --git a/drivers/net/wireless/iwlegacy/3945-mac.c b/drivers/net/wireless/iwlegacy/3945-mac.c -index dea3b50..543db99 100644 +index 0487461..fd9e84a 100644 --- a/drivers/net/wireless/iwlegacy/3945-mac.c +++ b/drivers/net/wireless/iwlegacy/3945-mac.c -@@ -3639,7 +3639,9 @@ il3945_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent) +@@ -3638,7 +3638,9 @@ il3945_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent) */ if (il3945_mod_params.disable_hw_scan) { D_INFO("Disabling hw_scan\n"); @@ -46820,7 +47442,7 @@ index dea3b50..543db99 100644 D_INFO("*** LOAD DRIVER ***\n"); diff --git a/drivers/net/wireless/iwlwifi/dvm/debugfs.c b/drivers/net/wireless/iwlwifi/dvm/debugfs.c -index d94f8ab..5b568c8 100644 +index d2fe259..0c4c682 100644 --- a/drivers/net/wireless/iwlwifi/dvm/debugfs.c +++ b/drivers/net/wireless/iwlwifi/dvm/debugfs.c @@ -188,7 +188,7 @@ static ssize_t iwl_dbgfs_sram_write(struct file *file, @@ -46956,10 +47578,10 @@ index d94f8ab..5b568c8 100644 memset(buf, 0, sizeof(buf)); buf_size = min(count, sizeof(buf) - 1); diff --git a/drivers/net/wireless/iwlwifi/dvm/main.c b/drivers/net/wireless/iwlwifi/dvm/main.c -index 7aad766..06addb4 100644 +index ea7e70c..bc0c45f 100644 --- a/drivers/net/wireless/iwlwifi/dvm/main.c +++ b/drivers/net/wireless/iwlwifi/dvm/main.c -@@ -1123,7 +1123,7 @@ static void iwl_option_config(struct iwl_priv *priv) +@@ -1127,7 +1127,7 @@ static void iwl_option_config(struct iwl_priv *priv) static int iwl_eeprom_init_hw_params(struct iwl_priv *priv) { struct iwl_nvm_data *data = priv->nvm_data; @@ -46968,7 +47590,7 @@ index 7aad766..06addb4 100644 if (data->sku_cap_11n_enable && !priv->cfg->ht_params) { -@@ -1137,7 +1137,6 @@ static int iwl_eeprom_init_hw_params(struct iwl_priv *priv) +@@ -1141,7 +1141,6 @@ static int iwl_eeprom_init_hw_params(struct iwl_priv *priv) return -EINVAL; } @@ -46977,10 +47599,10 @@ index 7aad766..06addb4 100644 data->sku_cap_band_24GHz_enable ? "" : "NOT", "enabled", data->sku_cap_band_52GHz_enable ? "" : "NOT", "enabled", diff --git a/drivers/net/wireless/iwlwifi/pcie/trans.c b/drivers/net/wireless/iwlwifi/pcie/trans.c -index f53ef83..5e34bcb 100644 +index f950780..be9df93 100644 --- a/drivers/net/wireless/iwlwifi/pcie/trans.c +++ b/drivers/net/wireless/iwlwifi/pcie/trans.c -@@ -1390,7 +1390,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, +@@ -1365,7 +1365,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, struct isr_statistics *isr_stats = &trans_pcie->isr_stats; char buf[8]; @@ -46989,7 +47611,7 @@ index f53ef83..5e34bcb 100644 u32 reset_flag; memset(buf, 0, sizeof(buf)); -@@ -1411,7 +1411,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, +@@ -1386,7 +1386,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, { struct iwl_trans *trans = file->private_data; char buf[8]; @@ -46999,53 +47621,49 @@ index f53ef83..5e34bcb 100644 memset(buf, 0, sizeof(buf)); diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c -index a1b32ee..94b3c3d 100644 +index 69d4c31..bd0b316 100644 --- a/drivers/net/wireless/mac80211_hwsim.c +++ b/drivers/net/wireless/mac80211_hwsim.c -@@ -2224,25 +2224,19 @@ static int __init init_mac80211_hwsim(void) - - if (channels > 1) { - hwsim_if_comb.num_different_channels = channels; -- mac80211_hwsim_ops.hw_scan = mac80211_hwsim_hw_scan; -- mac80211_hwsim_ops.cancel_hw_scan = -- mac80211_hwsim_cancel_hw_scan; -- mac80211_hwsim_ops.sw_scan_start = NULL; -- mac80211_hwsim_ops.sw_scan_complete = NULL; -- mac80211_hwsim_ops.remain_on_channel = -- mac80211_hwsim_roc; -- mac80211_hwsim_ops.cancel_remain_on_channel = -- mac80211_hwsim_croc; -- mac80211_hwsim_ops.add_chanctx = -- mac80211_hwsim_add_chanctx; -- mac80211_hwsim_ops.remove_chanctx = -- mac80211_hwsim_remove_chanctx; -- mac80211_hwsim_ops.change_chanctx = -- mac80211_hwsim_change_chanctx; -- mac80211_hwsim_ops.assign_vif_chanctx = -- mac80211_hwsim_assign_vif_chanctx; -- mac80211_hwsim_ops.unassign_vif_chanctx = -- mac80211_hwsim_unassign_vif_chanctx; -+ pax_open_kernel(); -+ *(void **)&mac80211_hwsim_ops.hw_scan = mac80211_hwsim_hw_scan; -+ *(void **)&mac80211_hwsim_ops.cancel_hw_scan = mac80211_hwsim_cancel_hw_scan; -+ *(void **)&mac80211_hwsim_ops.sw_scan_start = NULL; -+ *(void **)&mac80211_hwsim_ops.sw_scan_complete = NULL; -+ *(void **)&mac80211_hwsim_ops.remain_on_channel = mac80211_hwsim_roc; -+ *(void **)&mac80211_hwsim_ops.cancel_remain_on_channel = mac80211_hwsim_croc; -+ *(void **)&mac80211_hwsim_ops.add_chanctx = mac80211_hwsim_add_chanctx; -+ *(void **)&mac80211_hwsim_ops.remove_chanctx = mac80211_hwsim_remove_chanctx; -+ *(void **)&mac80211_hwsim_ops.change_chanctx = mac80211_hwsim_change_chanctx; -+ *(void **)&mac80211_hwsim_ops.assign_vif_chanctx = mac80211_hwsim_assign_vif_chanctx; -+ *(void **)&mac80211_hwsim_ops.unassign_vif_chanctx = mac80211_hwsim_unassign_vif_chanctx; -+ pax_close_kernel(); - } +@@ -2541,20 +2541,20 @@ static int __init init_mac80211_hwsim(void) + if (channels < 1) + return -EINVAL; + +- mac80211_hwsim_mchan_ops = mac80211_hwsim_ops; +- mac80211_hwsim_mchan_ops.hw_scan = mac80211_hwsim_hw_scan; +- mac80211_hwsim_mchan_ops.cancel_hw_scan = mac80211_hwsim_cancel_hw_scan; +- mac80211_hwsim_mchan_ops.sw_scan_start = NULL; +- mac80211_hwsim_mchan_ops.sw_scan_complete = NULL; +- mac80211_hwsim_mchan_ops.remain_on_channel = mac80211_hwsim_roc; +- mac80211_hwsim_mchan_ops.cancel_remain_on_channel = mac80211_hwsim_croc; +- mac80211_hwsim_mchan_ops.add_chanctx = mac80211_hwsim_add_chanctx; +- mac80211_hwsim_mchan_ops.remove_chanctx = mac80211_hwsim_remove_chanctx; +- mac80211_hwsim_mchan_ops.change_chanctx = mac80211_hwsim_change_chanctx; +- mac80211_hwsim_mchan_ops.assign_vif_chanctx = +- mac80211_hwsim_assign_vif_chanctx; +- mac80211_hwsim_mchan_ops.unassign_vif_chanctx = +- mac80211_hwsim_unassign_vif_chanctx; ++ pax_open_kernel(); ++ memcpy((void *)&mac80211_hwsim_mchan_ops, &mac80211_hwsim_ops, sizeof mac80211_hwsim_mchan_ops); ++ *(void **)&mac80211_hwsim_mchan_ops.hw_scan = mac80211_hwsim_hw_scan; ++ *(void **)&mac80211_hwsim_mchan_ops.cancel_hw_scan = mac80211_hwsim_cancel_hw_scan; ++ *(void **)&mac80211_hwsim_mchan_ops.sw_scan_start = NULL; ++ *(void **)&mac80211_hwsim_mchan_ops.sw_scan_complete = NULL; ++ *(void **)&mac80211_hwsim_mchan_ops.remain_on_channel = mac80211_hwsim_roc; ++ *(void **)&mac80211_hwsim_mchan_ops.cancel_remain_on_channel = mac80211_hwsim_croc; ++ *(void **)&mac80211_hwsim_mchan_ops.add_chanctx = mac80211_hwsim_add_chanctx; ++ *(void **)&mac80211_hwsim_mchan_ops.remove_chanctx = mac80211_hwsim_remove_chanctx; ++ *(void **)&mac80211_hwsim_mchan_ops.change_chanctx = mac80211_hwsim_change_chanctx; ++ *(void **)&mac80211_hwsim_mchan_ops.assign_vif_chanctx = mac80211_hwsim_assign_vif_chanctx; ++ *(void **)&mac80211_hwsim_mchan_ops.unassign_vif_chanctx = mac80211_hwsim_unassign_vif_chanctx; ++ pax_close_kernel(); spin_lock_init(&hwsim_radio_lock); + INIT_LIST_HEAD(&hwsim_radios); diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c -index 8169a85..7fa3b47 100644 +index 5028557..91cf394 100644 --- a/drivers/net/wireless/rndis_wlan.c +++ b/drivers/net/wireless/rndis_wlan.c -@@ -1238,7 +1238,7 @@ static int set_rts_threshold(struct usbnet *usbdev, u32 rts_threshold) +@@ -1236,7 +1236,7 @@ static int set_rts_threshold(struct usbnet *usbdev, u32 rts_threshold) netdev_dbg(usbdev->net, "%s(): %i\n", __func__, rts_threshold); @@ -47055,10 +47673,10 @@ index 8169a85..7fa3b47 100644 tmp = cpu_to_le32(rts_threshold); diff --git a/drivers/net/wireless/rt2x00/rt2x00.h b/drivers/net/wireless/rt2x00/rt2x00.h -index e4ba2ce..63d7417 100644 +index e3b885d..7a7de2f 100644 --- a/drivers/net/wireless/rt2x00/rt2x00.h +++ b/drivers/net/wireless/rt2x00/rt2x00.h -@@ -377,7 +377,7 @@ struct rt2x00_intf { +@@ -375,7 +375,7 @@ struct rt2x00_intf { * for hardware which doesn't support hardware * sequence counting. */ @@ -47068,10 +47686,10 @@ index e4ba2ce..63d7417 100644 static inline struct rt2x00_intf* vif_to_intf(struct ieee80211_vif *vif) diff --git a/drivers/net/wireless/rt2x00/rt2x00queue.c b/drivers/net/wireless/rt2x00/rt2x00queue.c -index a5d38e8..d3c24ea 100644 +index 5642ccc..01f03eb 100644 --- a/drivers/net/wireless/rt2x00/rt2x00queue.c +++ b/drivers/net/wireless/rt2x00/rt2x00queue.c -@@ -252,9 +252,9 @@ static void rt2x00queue_create_tx_descriptor_seq(struct rt2x00_dev *rt2x00dev, +@@ -250,9 +250,9 @@ static void rt2x00queue_create_tx_descriptor_seq(struct rt2x00_dev *rt2x00dev, * sequence counter given by mac80211. */ if (test_bit(ENTRY_TXD_FIRST_FRAGMENT, &txdesc->flags)) @@ -47153,10 +47771,10 @@ index ec37b16..7e34d66 100644 /* Enable 11a Band only if we have 5G antennas */ diff --git a/drivers/net/wireless/zd1211rw/zd_usb.c b/drivers/net/wireless/zd1211rw/zd_usb.c -index 84d94f5..bd6c61c 100644 +index a912dc0..a8225ba 100644 --- a/drivers/net/wireless/zd1211rw/zd_usb.c +++ b/drivers/net/wireless/zd1211rw/zd_usb.c -@@ -386,7 +386,7 @@ static inline void handle_regs_int(struct urb *urb) +@@ -385,7 +385,7 @@ static inline void handle_regs_int(struct urb *urb) { struct zd_usb *usb = urb->context; struct zd_usb_interrupt *intr = &usb->intr; @@ -47166,10 +47784,10 @@ index 84d94f5..bd6c61c 100644 ZD_ASSERT(in_interrupt()); diff --git a/drivers/nfc/nfcwilink.c b/drivers/nfc/nfcwilink.c -index 7130864..00e64de 100644 +index 683671a..4519fc2 100644 --- a/drivers/nfc/nfcwilink.c +++ b/drivers/nfc/nfcwilink.c -@@ -498,7 +498,7 @@ static struct nci_ops nfcwilink_ops = { +@@ -497,7 +497,7 @@ static struct nci_ops nfcwilink_ops = { static int nfcwilink_probe(struct platform_device *pdev) { @@ -47358,10 +47976,10 @@ index 92ed045..62d39bd7 100644 #endif /* IEEE1284.3 support. */ diff --git a/drivers/pci/hotplug/acpiphp_ibm.c b/drivers/pci/hotplug/acpiphp_ibm.c -index ecfac7e..41be7028 100644 +index 8dcccff..35d701d 100644 --- a/drivers/pci/hotplug/acpiphp_ibm.c +++ b/drivers/pci/hotplug/acpiphp_ibm.c -@@ -453,7 +453,9 @@ static int __init ibm_acpiphp_init(void) +@@ -452,7 +452,9 @@ static int __init ibm_acpiphp_init(void) goto init_cleanup; } @@ -47484,7 +48102,7 @@ index cfa92a9..29539c5 100644 mutex_lock(&pci_hp_mutex); /* diff --git a/drivers/pci/hotplug/pciehp_core.c b/drivers/pci/hotplug/pciehp_core.c -index bbd48bb..6907ef4 100644 +index 53b58de..4479896 100644 --- a/drivers/pci/hotplug/pciehp_core.c +++ b/drivers/pci/hotplug/pciehp_core.c @@ -92,7 +92,7 @@ static int init_slot(struct controller *ctrl) @@ -47496,11 +48114,35 @@ index bbd48bb..6907ef4 100644 char name[SLOT_NAME_SIZE]; int retval = -ENOMEM; +diff --git a/drivers/pci/msi.c b/drivers/pci/msi.c +index 955ab79..d1df9c7 100644 +--- a/drivers/pci/msi.c ++++ b/drivers/pci/msi.c +@@ -524,8 +524,8 @@ static int populate_msi_sysfs(struct pci_dev *pdev) + { + struct attribute **msi_attrs; + struct attribute *msi_attr; +- struct device_attribute *msi_dev_attr; +- struct attribute_group *msi_irq_group; ++ device_attribute_no_const *msi_dev_attr; ++ attribute_group_no_const *msi_irq_group; + const struct attribute_group **msi_irq_groups; + struct msi_desc *entry; + int ret = -ENOMEM; +@@ -589,7 +589,7 @@ error_attrs: + count = 0; + msi_attr = msi_attrs[count]; + while (msi_attr) { +- msi_dev_attr = container_of(msi_attr, struct device_attribute, attr); ++ msi_dev_attr = container_of(msi_attr, device_attribute_no_const, attr); + kfree(msi_attr->name); + kfree(msi_dev_attr); + ++count; diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c -index c91e6c1..5c723ef 100644 +index 276ef9c..1d33a36 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c -@@ -1117,7 +1117,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) +@@ -1112,7 +1112,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) { /* allocate attribute structure, piggyback attribute name */ int name_len = write_combine ? 13 : 10; @@ -47509,7 +48151,7 @@ index c91e6c1..5c723ef 100644 int retval; res_attr = kzalloc(sizeof(*res_attr) + name_len, GFP_ATOMIC); -@@ -1302,7 +1302,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor +@@ -1297,7 +1297,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor static int pci_create_capabilities_sysfs(struct pci_dev *dev) { int retval; @@ -47518,7 +48160,7 @@ index c91e6c1..5c723ef 100644 /* If the device has VPD, try to expose it in sysfs. */ if (dev->vpd) { -@@ -1349,7 +1349,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) +@@ -1344,7 +1344,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) { int retval; int rom_size = 0; @@ -47528,10 +48170,10 @@ index c91e6c1..5c723ef 100644 if (!sysfs_initialized) return -EACCES; diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h -index 9c91ecc..bda4796 100644 +index 4df38df..b6bb7fe 100644 --- a/drivers/pci/pci.h +++ b/drivers/pci/pci.h -@@ -95,7 +95,7 @@ struct pci_vpd_ops { +@@ -93,7 +93,7 @@ struct pci_vpd_ops { struct pci_vpd { unsigned int len; const struct pci_vpd_ops *ops; @@ -47541,7 +48183,7 @@ index 9c91ecc..bda4796 100644 int pci_vpd_pci22_init(struct pci_dev *dev); diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c -index f1272dc..e92a1ac 100644 +index e1e7026..d28dd33 100644 --- a/drivers/pci/pcie/aspm.c +++ b/drivers/pci/pcie/aspm.c @@ -27,9 +27,9 @@ @@ -47558,7 +48200,7 @@ index f1272dc..e92a1ac 100644 #define ASPM_STATE_ALL (ASPM_STATE_L0S | ASPM_STATE_L1) diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c -index 38e403d..a2ce55a 100644 +index 6e34498..9911975 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -175,7 +175,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, @@ -47592,23 +48234,23 @@ index 46d1378..30e452b 100644 &proc_bus_pci_dev_operations); proc_initialized = 1; diff --git a/drivers/platform/chrome/chromeos_laptop.c b/drivers/platform/chrome/chromeos_laptop.c -index 3e5b4497..dcdfb70 100644 +index 7f3aad0..7d604bb 100644 --- a/drivers/platform/chrome/chromeos_laptop.c +++ b/drivers/platform/chrome/chromeos_laptop.c -@@ -301,7 +301,7 @@ static int __init setup_tsl2563_als(const struct dmi_system_id *id) - return 0; - } +@@ -406,7 +406,7 @@ static struct chromeos_laptop cr48 = { + .callback = chromeos_laptop_dmi_matched, \ + .driver_data = (void *)&board_ --static struct dmi_system_id __initdata chromeos_laptop_dmi_table[] = { -+static struct dmi_system_id __initconst chromeos_laptop_dmi_table[] = { +-static struct dmi_system_id chromeos_laptop_dmi_table[] __initdata = { ++static struct dmi_system_id chromeos_laptop_dmi_table[] __initconst = { { - .ident = "Samsung Series 5 550 - Touchpad", + .ident = "Samsung Series 5 550", .matches = { diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c -index 19c313b..ed28b38 100644 +index c5e082f..d6307a0 100644 --- a/drivers/platform/x86/asus-wmi.c +++ b/drivers/platform/x86/asus-wmi.c -@@ -1618,6 +1618,10 @@ static int show_dsts(struct seq_file *m, void *data) +@@ -1595,6 +1595,10 @@ static int show_dsts(struct seq_file *m, void *data) int err; u32 retval = -1; @@ -47619,7 +48261,7 @@ index 19c313b..ed28b38 100644 err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval); if (err < 0) -@@ -1634,6 +1638,10 @@ static int show_devs(struct seq_file *m, void *data) +@@ -1611,6 +1615,10 @@ static int show_devs(struct seq_file *m, void *data) int err; u32 retval = -1; @@ -47630,7 +48272,7 @@ index 19c313b..ed28b38 100644 err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param, &retval); -@@ -1658,6 +1666,10 @@ static int show_call(struct seq_file *m, void *data) +@@ -1635,6 +1643,10 @@ static int show_call(struct seq_file *m, void *data) union acpi_object *obj; acpi_status status; @@ -47680,10 +48322,10 @@ index 70222f2..8c8ce66 100644 acpi_status status; diff --git a/drivers/platform/x86/sony-laptop.c b/drivers/platform/x86/sony-laptop.c -index fb233ae..23a325c 100644 +index 8f8551a..3ace3ca 100644 --- a/drivers/platform/x86/sony-laptop.c +++ b/drivers/platform/x86/sony-laptop.c -@@ -2453,7 +2453,7 @@ static void sony_nc_gfx_switch_cleanup(struct platform_device *pd) +@@ -2451,7 +2451,7 @@ static void sony_nc_gfx_switch_cleanup(struct platform_device *pd) } /* High speed charging function */ @@ -47693,10 +48335,10 @@ index fb233ae..23a325c 100644 static ssize_t sony_nc_highspeed_charging_store(struct device *dev, struct device_attribute *attr, diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c -index 58b0274..6704626 100644 +index e2a91c8..986cc9f 100644 --- a/drivers/platform/x86/thinkpad_acpi.c +++ b/drivers/platform/x86/thinkpad_acpi.c -@@ -2100,7 +2100,7 @@ static int hotkey_mask_get(void) +@@ -2094,7 +2094,7 @@ static int hotkey_mask_get(void) return 0; } @@ -47705,7 +48347,7 @@ index 58b0274..6704626 100644 { /* log only what the user can fix... */ const u32 wantedmask = hotkey_driver_mask & -@@ -2327,11 +2327,6 @@ static void hotkey_read_nvram(struct tp_nvram_state *n, const u32 m) +@@ -2321,11 +2321,6 @@ static void hotkey_read_nvram(struct tp_nvram_state *n, const u32 m) } } @@ -47717,7 +48359,7 @@ index 58b0274..6704626 100644 #define TPACPI_COMPARE_KEY(__scancode, __member) \ do { \ if ((event_mask & (1 << __scancode)) && \ -@@ -2345,36 +2340,42 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2339,36 +2334,42 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, tpacpi_hotkey_send_key(__scancode); \ } while (0) @@ -47784,7 +48426,7 @@ index 58b0274..6704626 100644 TPACPI_COMPARE_KEY(TP_ACPI_HOTKEYSCAN_THINKPAD, thinkpad_toggle); TPACPI_COMPARE_KEY(TP_ACPI_HOTKEYSCAN_FNSPACE, zoom_toggle); TPACPI_COMPARE_KEY(TP_ACPI_HOTKEYSCAN_FNF7, display_toggle); -@@ -2408,7 +2409,7 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2402,7 +2403,7 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, oldn->volume_level != newn->volume_level) { /* recently muted, or repeated mute keypress, or * multiple presses ending in mute */ @@ -47793,7 +48435,7 @@ index 58b0274..6704626 100644 TPACPI_MAY_SEND_KEY(TP_ACPI_HOTKEYSCAN_MUTE); } } else { -@@ -2418,7 +2419,7 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2412,7 +2413,7 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, TPACPI_MAY_SEND_KEY(TP_ACPI_HOTKEYSCAN_VOLUMEUP); } if (oldn->volume_level != newn->volume_level) { @@ -47802,7 +48444,7 @@ index 58b0274..6704626 100644 } else if (oldn->volume_toggle != newn->volume_toggle) { /* repeated vol up/down keypress at end of scale ? */ if (newn->volume_level == 0) -@@ -2431,7 +2432,8 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2425,7 +2426,8 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, /* handle brightness */ if (oldn->brightness_level != newn->brightness_level) { issue_brightnesschange(oldn->brightness_level, @@ -47812,7 +48454,7 @@ index 58b0274..6704626 100644 } else if (oldn->brightness_toggle != newn->brightness_toggle) { /* repeated key presses that didn't change state */ if (newn->brightness_level == 0) -@@ -2440,10 +2442,10 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, +@@ -2434,10 +2436,10 @@ static void hotkey_compare_and_issue_event(struct tp_nvram_state *oldn, && !tp_features.bright_unkfw) TPACPI_MAY_SEND_KEY(TP_ACPI_HOTKEYSCAN_FNHOME); } @@ -47885,7 +48527,7 @@ index 769d265..a3a05ca 100644 + pax_close_kernel(); } diff --git a/drivers/pnp/resource.c b/drivers/pnp/resource.c -index d95e101..67f0c3f 100644 +index bacddd1..65ea100 100644 --- a/drivers/pnp/resource.c +++ b/drivers/pnp/resource.c @@ -360,7 +360,7 @@ int pnp_check_irq(struct pnp_dev *dev, struct resource *res) @@ -47951,12 +48593,12 @@ index cc439fd..8fa30df 100644 #endif /* CONFIG_SYSFS */ diff --git a/drivers/power/power_supply_core.c b/drivers/power/power_supply_core.c -index 557af94..84dc1fe 100644 +index 2660664..75fcb04 100644 --- a/drivers/power/power_supply_core.c +++ b/drivers/power/power_supply_core.c -@@ -24,7 +24,10 @@ - struct class *power_supply_class; - EXPORT_SYMBOL_GPL(power_supply_class); +@@ -28,7 +28,10 @@ EXPORT_SYMBOL_GPL(power_supply_class); + ATOMIC_NOTIFIER_HEAD(power_supply_notifier); + EXPORT_SYMBOL_GPL(power_supply_notifier); -static struct device_type power_supply_dev_type; +extern const struct attribute_group *power_supply_attr_groups[]; @@ -47966,7 +48608,7 @@ index 557af94..84dc1fe 100644 static bool __power_supply_is_supplied_by(struct power_supply *supplier, struct power_supply *supply) -@@ -584,7 +587,7 @@ static int __init power_supply_class_init(void) +@@ -628,7 +631,7 @@ static int __init power_supply_class_init(void) return PTR_ERR(power_supply_class); power_supply_class->dev_uevent = power_supply_uevent; @@ -48189,10 +48831,10 @@ index 84419af..268ede8 100644 &dev_attr_energy_uj.attr; } diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c -index 75dffb79..df850cd 100644 +index afca1bc..86840b8 100644 --- a/drivers/regulator/core.c +++ b/drivers/regulator/core.c -@@ -3370,7 +3370,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3366,7 +3366,7 @@ regulator_register(const struct regulator_desc *regulator_desc, { const struct regulation_constraints *constraints = NULL; const struct regulator_init_data *init_data; @@ -48201,7 +48843,7 @@ index 75dffb79..df850cd 100644 struct regulator_dev *rdev; struct device *dev; int ret, i; -@@ -3440,7 +3440,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3436,7 +3436,7 @@ regulator_register(const struct regulator_desc *regulator_desc, rdev->dev.of_node = config->of_node; rdev->dev.parent = dev; dev_set_name(&rdev->dev, "regulator.%d", @@ -48247,7 +48889,7 @@ index 892aa1e..ebd1b9c 100644 if (pdata) { diff --git a/drivers/regulator/mc13892-regulator.c b/drivers/regulator/mc13892-regulator.c -index 96c9f80..90974ca 100644 +index f374fa5..26f0683 100644 --- a/drivers/regulator/mc13892-regulator.c +++ b/drivers/regulator/mc13892-regulator.c @@ -582,10 +582,12 @@ static int mc13892_regulator_probe(struct platform_device *pdev) @@ -48266,10 +48908,10 @@ index 96c9f80..90974ca 100644 mc13xxx_data = mc13xxx_parse_regulators_dt(pdev, mc13892_regulators, ARRAY_SIZE(mc13892_regulators)); diff --git a/drivers/rtc/rtc-cmos.c b/drivers/rtc/rtc-cmos.c -index a2325bc..04c549f 100644 +index cae212f..58a3980 100644 --- a/drivers/rtc/rtc-cmos.c +++ b/drivers/rtc/rtc-cmos.c -@@ -779,7 +779,9 @@ cmos_do_probe(struct device *dev, struct resource *ports, int rtc_irq) +@@ -777,7 +777,9 @@ cmos_do_probe(struct device *dev, struct resource *ports, int rtc_irq) hpet_rtc_timer_init(); /* export at least the first block of NVRAM */ @@ -48414,7 +49056,7 @@ index a3ab5cc..8143622 100644 /* diff --git a/drivers/scsi/bfa/bfa_fcs_lport.c b/drivers/scsi/bfa/bfa_fcs_lport.c -index f5e4e61..a0acaf6 100644 +index ff75ef8..2dfe00a 100644 --- a/drivers/scsi/bfa/bfa_fcs_lport.c +++ b/drivers/scsi/bfa/bfa_fcs_lport.c @@ -89,15 +89,26 @@ static struct { @@ -48454,7 +49096,7 @@ index f5e4e61..a0acaf6 100644 /* * fcs_port_sm FCS logical port state machine diff --git a/drivers/scsi/bfa/bfa_ioc.h b/drivers/scsi/bfa/bfa_ioc.h -index 90814fe..4384138 100644 +index 2e28392..9d865b6 100644 --- a/drivers/scsi/bfa/bfa_ioc.h +++ b/drivers/scsi/bfa/bfa_ioc.h @@ -258,7 +258,7 @@ struct bfa_ioc_cbfn_s { @@ -48543,7 +49185,7 @@ index 045c4e1..13de803 100644 error = bus_register(&fcoe_bus_type); if (error) diff --git a/drivers/scsi/hosts.c b/drivers/scsi/hosts.c -index f2c5005..db36c02 100644 +index f28ea07..34b16d3 100644 --- a/drivers/scsi/hosts.c +++ b/drivers/scsi/hosts.c @@ -42,7 +42,7 @@ @@ -48555,7 +49197,7 @@ index f2c5005..db36c02 100644 static void scsi_host_cls_release(struct device *dev) -@@ -367,7 +367,7 @@ struct Scsi_Host *scsi_host_alloc(struct scsi_host_template *sht, int privsize) +@@ -369,7 +369,7 @@ struct Scsi_Host *scsi_host_alloc(struct scsi_host_template *sht, int privsize) * subtract one because we increment first then return, but we need to * know what the next host number was before increment */ @@ -48565,10 +49207,10 @@ index f2c5005..db36c02 100644 /* These three are default values which can be overridden */ diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c -index 20a5e6e..8b23cea 100644 +index 868318a..e07ef3b 100644 --- a/drivers/scsi/hpsa.c +++ b/drivers/scsi/hpsa.c -@@ -578,7 +578,7 @@ static inline u32 next_command(struct ctlr_info *h, u8 q) +@@ -571,7 +571,7 @@ static inline u32 next_command(struct ctlr_info *h, u8 q) unsigned long flags; if (unlikely(!(h->transMethod & CFGTBL_Trans_Performant))) @@ -48577,16 +49219,16 @@ index 20a5e6e..8b23cea 100644 if ((rq->head[rq->current_entry] & 1) == rq->wraparound) { a = rq->head[rq->current_entry]; -@@ -3444,7 +3444,7 @@ static void start_io(struct ctlr_info *h) +@@ -3474,7 +3474,7 @@ static void start_io(struct ctlr_info *h) while (!list_empty(&h->reqQ)) { c = list_entry(h->reqQ.next, struct CommandList, list); /* can't do anything if fifo is full */ - if ((h->access.fifo_full(h))) { + if ((h->access->fifo_full(h))) { + h->fifo_recently_full = 1; dev_warn(&h->pdev->dev, "fifo full\n"); break; - } -@@ -3466,7 +3466,7 @@ static void start_io(struct ctlr_info *h) +@@ -3498,7 +3498,7 @@ static void start_io(struct ctlr_info *h) /* Tell the controller execute command */ spin_unlock_irqrestore(&h->lock, flags); @@ -48595,7 +49237,7 @@ index 20a5e6e..8b23cea 100644 spin_lock_irqsave(&h->lock, flags); } spin_unlock_irqrestore(&h->lock, flags); -@@ -3474,17 +3474,17 @@ static void start_io(struct ctlr_info *h) +@@ -3506,17 +3506,17 @@ static void start_io(struct ctlr_info *h) static inline unsigned long get_next_completion(struct ctlr_info *h, u8 q) { @@ -48616,7 +49258,7 @@ index 20a5e6e..8b23cea 100644 (h->interrupts_enabled == 0); } -@@ -4386,7 +4386,7 @@ static int hpsa_pci_init(struct ctlr_info *h) +@@ -4442,7 +4442,7 @@ static int hpsa_pci_init(struct ctlr_info *h) if (prod_index < 0) return -ENODEV; h->product_name = products[prod_index].product_name; @@ -48625,16 +49267,16 @@ index 20a5e6e..8b23cea 100644 pci_disable_link_state(h->pdev, PCIE_LINK_STATE_L0S | PCIE_LINK_STATE_L1 | PCIE_LINK_STATE_CLKPM); -@@ -4668,7 +4668,7 @@ static void controller_lockup_detected(struct ctlr_info *h) +@@ -4712,7 +4712,7 @@ static void controller_lockup_detected(struct ctlr_info *h) + { + unsigned long flags; - assert_spin_locked(&lockup_detector_lock); - remove_ctlr_from_lockup_detector_list(h); - h->access.set_intr_mask(h, HPSA_INTR_OFF); + h->access->set_intr_mask(h, HPSA_INTR_OFF); spin_lock_irqsave(&h->lock, flags); h->lockup_detected = readl(h->vaddr + SA5_SCRATCHPAD_OFFSET); spin_unlock_irqrestore(&h->lock, flags); -@@ -4845,7 +4845,7 @@ reinit_after_soft_reset: +@@ -4843,7 +4843,7 @@ reinit_after_soft_reset: } /* make sure the board interrupts are off */ @@ -48643,7 +49285,7 @@ index 20a5e6e..8b23cea 100644 if (hpsa_request_irq(h, do_hpsa_intr_msi, do_hpsa_intr_intx)) goto clean2; -@@ -4879,7 +4879,7 @@ reinit_after_soft_reset: +@@ -4877,7 +4877,7 @@ reinit_after_soft_reset: * fake ones to scoop up any residual completions. */ spin_lock_irqsave(&h->lock, flags); @@ -48652,7 +49294,7 @@ index 20a5e6e..8b23cea 100644 spin_unlock_irqrestore(&h->lock, flags); free_irqs(h); rc = hpsa_request_irq(h, hpsa_msix_discard_completions, -@@ -4898,9 +4898,9 @@ reinit_after_soft_reset: +@@ -4896,9 +4896,9 @@ reinit_after_soft_reset: dev_info(&h->pdev->dev, "Board READY.\n"); dev_info(&h->pdev->dev, "Waiting for stale completions to drain.\n"); @@ -48664,7 +49306,7 @@ index 20a5e6e..8b23cea 100644 rc = controller_reset_failed(h->cfgtable); if (rc) -@@ -4921,7 +4921,7 @@ reinit_after_soft_reset: +@@ -4919,7 +4919,7 @@ reinit_after_soft_reset: } /* Turn the interrupts on so we can service requests */ @@ -48673,7 +49315,7 @@ index 20a5e6e..8b23cea 100644 hpsa_hba_inquiry(h); hpsa_register_scsi(h); /* hook ourselves into SCSI subsystem */ -@@ -4976,7 +4976,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) +@@ -4988,7 +4988,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) * To write all data in the battery backed cache to disks */ hpsa_flush_cache(h); @@ -48682,7 +49324,7 @@ index 20a5e6e..8b23cea 100644 hpsa_free_irqs_and_disable_msix(h); } -@@ -5143,7 +5143,7 @@ static void hpsa_enter_performant_mode(struct ctlr_info *h, u32 use_short_tags) +@@ -5162,7 +5162,7 @@ static void hpsa_enter_performant_mode(struct ctlr_info *h, u32 use_short_tags) return; } /* Change the access methods to the performant access methods */ @@ -48692,7 +49334,7 @@ index 20a5e6e..8b23cea 100644 } diff --git a/drivers/scsi/hpsa.h b/drivers/scsi/hpsa.h -index bc85e72..d463049 100644 +index 01c3283..4655219 100644 --- a/drivers/scsi/hpsa.h +++ b/drivers/scsi/hpsa.h @@ -79,7 +79,7 @@ struct ctlr_info { @@ -48704,7 +49346,7 @@ index bc85e72..d463049 100644 /* queue and queue Info */ struct list_head reqQ; -@@ -381,19 +381,19 @@ static bool SA5_performant_intr_pending(struct ctlr_info *h) +@@ -388,19 +388,19 @@ static bool SA5_performant_intr_pending(struct ctlr_info *h) } static struct access_method SA5_access = { @@ -48926,7 +49568,7 @@ index 4e1b75c..0bbdfa9 100644 struct dentry *idiag_root; struct dentry *idiag_pci_cfg; diff --git a/drivers/scsi/lpfc/lpfc_debugfs.c b/drivers/scsi/lpfc/lpfc_debugfs.c -index 60084e6..0e2e700 100644 +index b800cc9..16b6a91 100644 --- a/drivers/scsi/lpfc/lpfc_debugfs.c +++ b/drivers/scsi/lpfc/lpfc_debugfs.c @@ -106,7 +106,7 @@ MODULE_PARM_DESC(lpfc_debugfs_mask_disc_trc, @@ -49081,7 +49723,7 @@ index b2ede05..aaf482ca 100644 /** diff --git a/drivers/scsi/mpt2sas/mpt2sas_scsih.c b/drivers/scsi/mpt2sas/mpt2sas_scsih.c -index 7f0af4f..193ac3e 100644 +index 6fd7d40..b444223 100644 --- a/drivers/scsi/mpt2sas/mpt2sas_scsih.c +++ b/drivers/scsi/mpt2sas/mpt2sas_scsih.c @@ -1557,7 +1557,7 @@ _scsih_get_resync(struct device *dev) @@ -49228,10 +49870,10 @@ index e1d150f..6c6df44 100644 /* To indicate add/delete/modify during CCN */ u8 change_detected; diff --git a/drivers/scsi/qla2xxx/qla_attr.c b/drivers/scsi/qla2xxx/qla_attr.c -index 5f174b8..98d32b0 100644 +index 4a0d7c9..3d658d7 100644 --- a/drivers/scsi/qla2xxx/qla_attr.c +++ b/drivers/scsi/qla2xxx/qla_attr.c -@@ -2040,7 +2040,7 @@ qla24xx_vport_disable(struct fc_vport *fc_vport, bool disable) +@@ -2038,7 +2038,7 @@ qla24xx_vport_disable(struct fc_vport *fc_vport, bool disable) return 0; } @@ -49240,7 +49882,7 @@ index 5f174b8..98d32b0 100644 .show_host_node_name = 1, .show_host_port_name = 1, -@@ -2088,7 +2088,7 @@ struct fc_function_template qla2xxx_transport_functions = { +@@ -2086,7 +2086,7 @@ struct fc_function_template qla2xxx_transport_functions = { .bsg_timeout = qla24xx_bsg_timeout, }; @@ -49250,10 +49892,10 @@ index 5f174b8..98d32b0 100644 .show_host_node_name = 1, .show_host_port_name = 1, diff --git a/drivers/scsi/qla2xxx/qla_gbl.h b/drivers/scsi/qla2xxx/qla_gbl.h -index 4446bf5..9a3574d 100644 +index 1f42662..bf9836c 100644 --- a/drivers/scsi/qla2xxx/qla_gbl.h +++ b/drivers/scsi/qla2xxx/qla_gbl.h -@@ -538,8 +538,8 @@ extern void qla2x00_get_sym_node_name(scsi_qla_host_t *, uint8_t *); +@@ -546,8 +546,8 @@ extern void qla2x00_get_sym_node_name(scsi_qla_host_t *, uint8_t *); struct device_attribute; extern struct device_attribute *qla2x00_host_attrs[]; struct fc_function_template; @@ -49262,13 +49904,13 @@ index 4446bf5..9a3574d 100644 +extern fc_function_template_no_const qla2xxx_transport_functions; +extern fc_function_template_no_const qla2xxx_transport_vport_functions; extern void qla2x00_alloc_sysfs_attr(scsi_qla_host_t *); - extern void qla2x00_free_sysfs_attr(scsi_qla_host_t *); + extern void qla2x00_free_sysfs_attr(scsi_qla_host_t *, bool); extern void qla2x00_init_host_attr(scsi_qla_host_t *); diff --git a/drivers/scsi/qla2xxx/qla_os.c b/drivers/scsi/qla2xxx/qla_os.c -index 52be35e..b933907 100644 +index 83cb612..9b7b08c 100644 --- a/drivers/scsi/qla2xxx/qla_os.c +++ b/drivers/scsi/qla2xxx/qla_os.c -@@ -1568,8 +1568,10 @@ qla2x00_config_dma_addressing(struct qla_hw_data *ha) +@@ -1491,8 +1491,10 @@ qla2x00_config_dma_addressing(struct qla_hw_data *ha) !pci_set_consistent_dma_mask(ha->pdev, DMA_BIT_MASK(64))) { /* Ok, a 64bit DMA mask is applicable. */ ha->flags.enable_64bit_addressing = 1; @@ -49282,10 +49924,10 @@ index 52be35e..b933907 100644 } } diff --git a/drivers/scsi/qla4xxx/ql4_def.h b/drivers/scsi/qla4xxx/ql4_def.h -index 084d1fd..9f939eb 100644 +index aa67bb9..06d0e2a 100644 --- a/drivers/scsi/qla4xxx/ql4_def.h +++ b/drivers/scsi/qla4xxx/ql4_def.h -@@ -296,7 +296,7 @@ struct ddb_entry { +@@ -303,7 +303,7 @@ struct ddb_entry { * (4000 only) */ atomic_t relogin_timer; /* Max Time to wait for * relogin to complete */ @@ -49295,10 +49937,10 @@ index 084d1fd..9f939eb 100644 uint32_t default_time2wait; /* Default Min time between * relogins (+aens) */ diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c -index cf174a4..128a420 100644 +index c21adc3..1b4155f 100644 --- a/drivers/scsi/qla4xxx/ql4_os.c +++ b/drivers/scsi/qla4xxx/ql4_os.c -@@ -3311,12 +3311,12 @@ static void qla4xxx_check_relogin_flash_ddb(struct iscsi_cls_session *cls_sess) +@@ -4463,12 +4463,12 @@ static void qla4xxx_check_relogin_flash_ddb(struct iscsi_cls_session *cls_sess) */ if (!iscsi_is_session_online(cls_sess)) { /* Reset retry relogin timer */ @@ -49313,7 +49955,7 @@ index cf174a4..128a420 100644 ddb_entry->default_time2wait + 4)); set_bit(DPC_RELOGIN_DEVICE, &ha->dpc_flags); atomic_set(&ddb_entry->retry_relogin_timer, -@@ -5458,7 +5458,7 @@ static void qla4xxx_setup_flash_ddb_entry(struct scsi_qla_host *ha, +@@ -6552,7 +6552,7 @@ static void qla4xxx_setup_flash_ddb_entry(struct scsi_qla_host *ha, atomic_set(&ddb_entry->retry_relogin_timer, INVALID_ENTRY); atomic_set(&ddb_entry->relogin_timer, 0); @@ -49323,10 +49965,10 @@ index cf174a4..128a420 100644 ddb_entry->default_relogin_timeout = (def_timeout > LOGIN_TOV) && (def_timeout < LOGIN_TOV * 10) ? diff --git a/drivers/scsi/scsi.c b/drivers/scsi/scsi.c -index fe0bcb1..c9255be 100644 +index d8afec8..3ec7152 100644 --- a/drivers/scsi/scsi.c +++ b/drivers/scsi/scsi.c -@@ -655,7 +655,7 @@ int scsi_dispatch_cmd(struct scsi_cmnd *cmd) +@@ -658,7 +658,7 @@ int scsi_dispatch_cmd(struct scsi_cmnd *cmd) struct Scsi_Host *host = cmd->device->host; int rtn = 0; @@ -49336,7 +49978,7 @@ index fe0bcb1..c9255be 100644 /* check if the device is still usable */ if (unlikely(cmd->device->sdev_state == SDEV_DEL)) { diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c -index 7bd7f0d..93159d8 100644 +index 62ec84b..93159d8 100644 --- a/drivers/scsi/scsi_lib.c +++ b/drivers/scsi/scsi_lib.c @@ -1474,7 +1474,7 @@ static void scsi_kill_request(struct request *req, struct request_queue *q) @@ -49360,20 +50002,11 @@ index 7bd7f0d..93159d8 100644 disposition = scsi_decide_disposition(cmd); if (disposition != SUCCESS && -@@ -1684,7 +1684,7 @@ u64 scsi_calculate_bounce_limit(struct Scsi_Host *shost) - - host_dev = scsi_get_device(shost); - if (host_dev && host_dev->dma_mask) -- bounce_limit = dma_max_pfn(host_dev) << PAGE_SHIFT; -+ bounce_limit = (u64)dma_max_pfn(host_dev) << PAGE_SHIFT; - - return bounce_limit; - } diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c -index 8ff62c2..693b6f7 100644 +index 665acbf..d18fab4 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c -@@ -725,7 +725,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \ +@@ -734,7 +734,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \ char *buf) \ { \ struct scsi_device *sdev = to_scsi_device(dev); \ @@ -49436,7 +50069,7 @@ index 4628fd5..a94a1c2 100644 /* * Check for overflow; dev_loss_tmo is u32 diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c -index 63a6ca4..5d5cadd 100644 +index fd8ffe6..fd0bebf 100644 --- a/drivers/scsi/scsi_transport_iscsi.c +++ b/drivers/scsi/scsi_transport_iscsi.c @@ -79,7 +79,7 @@ struct iscsi_internal { @@ -49448,7 +50081,7 @@ index 63a6ca4..5d5cadd 100644 static struct workqueue_struct *iscsi_eh_timer_workq; static DEFINE_IDA(iscsi_sess_ida); -@@ -1737,7 +1737,7 @@ int iscsi_add_session(struct iscsi_cls_session *session, unsigned int target_id) +@@ -2071,7 +2071,7 @@ int iscsi_add_session(struct iscsi_cls_session *session, unsigned int target_id) int err; ihost = shost->shost_data; @@ -49457,7 +50090,7 @@ index 63a6ca4..5d5cadd 100644 if (target_id == ISCSI_MAX_TARGET) { id = ida_simple_get(&iscsi_sess_ida, 0, 0, GFP_KERNEL); -@@ -4103,7 +4103,7 @@ static __init int iscsi_transport_init(void) +@@ -4511,7 +4511,7 @@ static __init int iscsi_transport_init(void) printk(KERN_INFO "Loading iSCSI transport class v%s.\n", ISCSI_TRANSPORT_VERSION); @@ -49467,7 +50100,7 @@ index 63a6ca4..5d5cadd 100644 err = class_register(&iscsi_transport_class); if (err) diff --git a/drivers/scsi/scsi_transport_srp.c b/drivers/scsi/scsi_transport_srp.c -index 2700a5a..752ec38 100644 +index d47ffc8..30f46a9 100644 --- a/drivers/scsi/scsi_transport_srp.c +++ b/drivers/scsi/scsi_transport_srp.c @@ -36,7 +36,7 @@ @@ -49479,7 +50112,7 @@ index 2700a5a..752ec38 100644 }; #define to_srp_host_attrs(host) ((struct srp_host_attrs *)(host)->shost_data) -@@ -94,7 +94,7 @@ static int srp_host_setup(struct transport_container *tc, struct device *dev, +@@ -101,7 +101,7 @@ static int srp_host_setup(struct transport_container *tc, struct device *dev, struct Scsi_Host *shost = dev_to_shost(dev); struct srp_host_attrs *srp_host = to_srp_host_attrs(shost); @@ -49488,7 +50121,7 @@ index 2700a5a..752ec38 100644 return 0; } -@@ -730,7 +730,7 @@ struct srp_rport *srp_rport_add(struct Scsi_Host *shost, +@@ -734,7 +734,7 @@ struct srp_rport *srp_rport_add(struct Scsi_Host *shost, rport_fast_io_fail_timedout); INIT_DELAYED_WORK(&rport->dev_loss_work, rport_dev_loss_timedout); @@ -49498,10 +50131,10 @@ index 2700a5a..752ec38 100644 transport_setup_device(&rport->dev); diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c -index 69725f7..03aaee1 100644 +index 36d1a23..3f33303 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c -@@ -2964,7 +2964,7 @@ static int sd_probe(struct device *dev) +@@ -2962,7 +2962,7 @@ static int sd_probe(struct device *dev) sdkp->disk = gd; sdkp->index = index; atomic_set(&sdkp->openers, 0); @@ -49524,10 +50157,10 @@ index df5e961..df6b97f 100644 return blk_trace_startstop(sdp->device->request_queue, 1); case BLKTRACESTOP: diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c -index 349ebba..ff2a249 100644 +index d0b28bb..a263613 100644 --- a/drivers/spi/spi.c +++ b/drivers/spi/spi.c -@@ -1945,7 +1945,7 @@ int spi_bus_unlock(struct spi_master *master) +@@ -1971,7 +1971,7 @@ int spi_bus_unlock(struct spi_master *master) EXPORT_SYMBOL_GPL(spi_bus_unlock); /* portable code must never pass more than 32 bytes */ @@ -49568,10 +50201,10 @@ index 2c61783..4d49e4e 100644 MKDEV(0, tdev->index), NULL, "%s", tdev->name); if (IS_ERR(tdev->dev)) diff --git a/drivers/staging/gdm724x/gdm_tty.c b/drivers/staging/gdm724x/gdm_tty.c -index c0f7cd7..5424212 100644 +index fe47cd3..19a1bd1 100644 --- a/drivers/staging/gdm724x/gdm_tty.c +++ b/drivers/staging/gdm724x/gdm_tty.c -@@ -45,7 +45,7 @@ +@@ -44,7 +44,7 @@ #define gdm_tty_send_control(n, r, v, d, l) (\ n->tty_dev->send_control(n->tty_dev->priv_dev, r, v, d, l)) @@ -49581,10 +50214,10 @@ index c0f7cd7..5424212 100644 static struct tty_driver *gdm_driver[TTY_MAX_COUNT]; static struct gdm *gdm_table[TTY_MAX_COUNT][GDM_TTY_MINOR]; diff --git a/drivers/staging/imx-drm/imx-drm-core.c b/drivers/staging/imx-drm/imx-drm-core.c -index 96e4eee..6d7c37e 100644 +index 236ed66..dd9cd74 100644 --- a/drivers/staging/imx-drm/imx-drm-core.c +++ b/drivers/staging/imx-drm/imx-drm-core.c -@@ -510,7 +510,7 @@ int imx_drm_add_crtc(struct drm_crtc *crtc, +@@ -488,7 +488,7 @@ int imx_drm_add_crtc(struct drm_crtc *crtc, goto err_busy; } @@ -49593,7 +50226,7 @@ index 96e4eee..6d7c37e 100644 ret = -EBUSY; goto err_busy; } -@@ -590,7 +590,7 @@ int imx_drm_add_encoder(struct drm_encoder *encoder, +@@ -576,7 +576,7 @@ int imx_drm_add_encoder(struct drm_encoder *encoder, mutex_lock(&imxdrm->mutex); @@ -49602,7 +50235,7 @@ index 96e4eee..6d7c37e 100644 ret = -EBUSY; goto err_busy; } -@@ -729,7 +729,7 @@ int imx_drm_add_connector(struct drm_connector *connector, +@@ -715,7 +715,7 @@ int imx_drm_add_connector(struct drm_connector *connector, mutex_lock(&imxdrm->mutex); @@ -49612,10 +50245,10 @@ index 96e4eee..6d7c37e 100644 goto err_busy; } diff --git a/drivers/staging/lustre/lnet/selftest/brw_test.c b/drivers/staging/lustre/lnet/selftest/brw_test.c -index b7613c8..c302392 100644 +index 3f8020c..649fded 100644 --- a/drivers/staging/lustre/lnet/selftest/brw_test.c +++ b/drivers/staging/lustre/lnet/selftest/brw_test.c -@@ -487,13 +487,11 @@ brw_server_handle(struct srpc_server_rpc *rpc) +@@ -488,13 +488,11 @@ brw_server_handle(struct srpc_server_rpc *rpc) return 0; } @@ -49635,7 +50268,7 @@ index b7613c8..c302392 100644 srpc_service_t brw_test_service; diff --git a/drivers/staging/lustre/lnet/selftest/framework.c b/drivers/staging/lustre/lnet/selftest/framework.c -index 483c785..e1a2a7b 100644 +index 050723a..fa6fdf1 100644 --- a/drivers/staging/lustre/lnet/selftest/framework.c +++ b/drivers/staging/lustre/lnet/selftest/framework.c @@ -1635,12 +1635,10 @@ static srpc_service_t sfw_services[] = @@ -49665,10 +50298,10 @@ index 483c785..e1a2a7b 100644 rc = sfw_register_test(&ping_test_service, &ping_test_client); LASSERT (rc == 0); diff --git a/drivers/staging/lustre/lnet/selftest/ping_test.c b/drivers/staging/lustre/lnet/selftest/ping_test.c -index f0f9194..b589047 100644 +index 750cac4..e4d751f 100644 --- a/drivers/staging/lustre/lnet/selftest/ping_test.c +++ b/drivers/staging/lustre/lnet/selftest/ping_test.c -@@ -210,14 +210,12 @@ ping_server_handle(struct srpc_server_rpc *rpc) +@@ -211,14 +211,12 @@ ping_server_handle(struct srpc_server_rpc *rpc) return 0; } @@ -49690,7 +50323,7 @@ index f0f9194..b589047 100644 srpc_service_t ping_test_service; void ping_init_test_service(void) diff --git a/drivers/staging/lustre/lustre/include/lustre_dlm.h b/drivers/staging/lustre/lustre/include/lustre_dlm.h -index bc2b82f..67fd598 100644 +index ec4bb5e..740c6dd 100644 --- a/drivers/staging/lustre/lustre/include/lustre_dlm.h +++ b/drivers/staging/lustre/lustre/include/lustre_dlm.h @@ -1141,7 +1141,7 @@ struct ldlm_callback_suite { @@ -49703,10 +50336,10 @@ index bc2b82f..67fd598 100644 /* ldlm_lockd.c */ int ldlm_del_waiting_lock(struct ldlm_lock *lock); diff --git a/drivers/staging/lustre/lustre/include/obd.h b/drivers/staging/lustre/lustre/include/obd.h -index d0aea15..7af68e1 100644 +index c3470ce..2bef527 100644 --- a/drivers/staging/lustre/lustre/include/obd.h +++ b/drivers/staging/lustre/lustre/include/obd.h -@@ -1417,7 +1417,7 @@ struct md_ops { +@@ -1426,7 +1426,7 @@ struct md_ops { * lprocfs_alloc_md_stats() in obdclass/lprocfs_status.c. Also, add a * wrapper function in include/linux/obd_class.h. */ @@ -49716,23 +50349,23 @@ index d0aea15..7af68e1 100644 struct lsm_operations { void (*lsm_free)(struct lov_stripe_md *); diff --git a/drivers/staging/lustre/lustre/ldlm/ldlm_flock.c b/drivers/staging/lustre/lustre/ldlm/ldlm_flock.c -index 39fcdac..222780f 100644 +index c9aae13..60ea292 100644 --- a/drivers/staging/lustre/lustre/ldlm/ldlm_flock.c +++ b/drivers/staging/lustre/lustre/ldlm/ldlm_flock.c -@@ -249,7 +249,7 @@ ldlm_process_flock_lock(struct ldlm_lock *req, __u64 *flags, int first_enq, +@@ -239,7 +239,7 @@ ldlm_process_flock_lock(struct ldlm_lock *req, __u64 *flags, int first_enq, int added = (mode == LCK_NL); int overlaps = 0; int splitted = 0; - const struct ldlm_callback_suite null_cbs = { NULL }; + const struct ldlm_callback_suite null_cbs = { }; - int rc; CDEBUG(D_DLMTRACE, "flags %#llx owner "LPU64" pid %u mode %u start " + LPU64" end "LPU64"\n", *flags, diff --git a/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c b/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c -index fc6c977..df1f956 100644 +index e947b91..f408990 100644 --- a/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c +++ b/drivers/staging/lustre/lustre/libcfs/linux/linux-proc.c -@@ -219,7 +219,7 @@ DECLARE_PROC_HANDLER(proc_debug_mb) +@@ -217,7 +217,7 @@ DECLARE_PROC_HANDLER(proc_debug_mb) int LL_PROC_PROTO(proc_console_max_delay_cs) { int rc, max_delay_cs; @@ -49741,7 +50374,7 @@ index fc6c977..df1f956 100644 cfs_duration_t d; dummy.data = &max_delay_cs; -@@ -250,7 +250,7 @@ int LL_PROC_PROTO(proc_console_max_delay_cs) +@@ -248,7 +248,7 @@ int LL_PROC_PROTO(proc_console_max_delay_cs) int LL_PROC_PROTO(proc_console_min_delay_cs) { int rc, min_delay_cs; @@ -49750,7 +50383,7 @@ index fc6c977..df1f956 100644 cfs_duration_t d; dummy.data = &min_delay_cs; -@@ -281,7 +281,7 @@ int LL_PROC_PROTO(proc_console_min_delay_cs) +@@ -279,7 +279,7 @@ int LL_PROC_PROTO(proc_console_min_delay_cs) int LL_PROC_PROTO(proc_console_backoff) { int rc, backoff; @@ -49760,10 +50393,10 @@ index fc6c977..df1f956 100644 dummy.data = &backoff; dummy.proc_handler = &proc_dointvec; diff --git a/drivers/staging/lustre/lustre/libcfs/module.c b/drivers/staging/lustre/lustre/libcfs/module.c -index f3108c7..cd4f9da 100644 +index 24ae26d..9d09cab 100644 --- a/drivers/staging/lustre/lustre/libcfs/module.c +++ b/drivers/staging/lustre/lustre/libcfs/module.c -@@ -348,11 +348,11 @@ out: +@@ -313,11 +313,11 @@ out: struct cfs_psdev_ops libcfs_psdev_ops = { @@ -49781,7 +50414,7 @@ index f3108c7..cd4f9da 100644 extern int insert_proc(void); diff --git a/drivers/staging/lustre/lustre/llite/dir.c b/drivers/staging/lustre/lustre/llite/dir.c -index a4e0472..05d854c 100644 +index 52b7731..d604da0 100644 --- a/drivers/staging/lustre/lustre/llite/dir.c +++ b/drivers/staging/lustre/lustre/llite/dir.c @@ -660,7 +660,7 @@ int ll_dir_setdirstripe(struct inode *dir, struct lmv_user_md *lump, @@ -49794,7 +50427,7 @@ index a4e0472..05d854c 100644 strlen(filename), mode, LUSTRE_OPC_MKDIR, lump); diff --git a/drivers/staging/media/solo6x10/solo6x10-core.c b/drivers/staging/media/solo6x10/solo6x10-core.c -index 3675020..e80d92c 100644 +index 480b7c4..6846324 100644 --- a/drivers/staging/media/solo6x10/solo6x10-core.c +++ b/drivers/staging/media/solo6x10/solo6x10-core.c @@ -434,7 +434,7 @@ static void solo_device_release(struct device *dev) @@ -49833,7 +50466,7 @@ index 7f2f247..d999137 100644 p2m_id = -p2m_id; } diff --git a/drivers/staging/media/solo6x10/solo6x10.h b/drivers/staging/media/solo6x10/solo6x10.h -index f1bbb8c..a73eaba 100644 +index 8964f8b..36eb087 100644 --- a/drivers/staging/media/solo6x10/solo6x10.h +++ b/drivers/staging/media/solo6x10/solo6x10.h @@ -237,7 +237,7 @@ struct solo_dev { @@ -49846,10 +50479,10 @@ index f1bbb8c..a73eaba 100644 unsigned int p2m_timeouts; diff --git a/drivers/staging/octeon/ethernet-rx.c b/drivers/staging/octeon/ethernet-rx.c -index 0315f60..ce93f406 100644 +index a0f4868..139f1fb 100644 --- a/drivers/staging/octeon/ethernet-rx.c +++ b/drivers/staging/octeon/ethernet-rx.c -@@ -418,11 +418,11 @@ static int cvm_oct_napi_poll(struct napi_struct *napi, int budget) +@@ -417,11 +417,11 @@ static int cvm_oct_napi_poll(struct napi_struct *napi, int budget) /* Increment RX stats for virtual ports */ if (work->ipprt >= CVMX_PIP_NUM_INPUT_PORTS) { #ifdef CONFIG_64BIT @@ -49865,7 +50498,7 @@ index 0315f60..ce93f406 100644 #endif } netif_receive_skb(skb); -@@ -433,9 +433,9 @@ static int cvm_oct_napi_poll(struct napi_struct *napi, int budget) +@@ -432,9 +432,9 @@ static int cvm_oct_napi_poll(struct napi_struct *napi, int budget) dev->name); */ #ifdef CONFIG_64BIT @@ -49878,10 +50511,10 @@ index 0315f60..ce93f406 100644 dev_kfree_skb_irq(skb); } diff --git a/drivers/staging/octeon/ethernet.c b/drivers/staging/octeon/ethernet.c -index bd6ca71..8f0961e 100644 +index 089dc4b..c9a687e 100644 --- a/drivers/staging/octeon/ethernet.c +++ b/drivers/staging/octeon/ethernet.c -@@ -254,11 +254,11 @@ static struct net_device_stats *cvm_oct_common_get_stats(struct net_device *dev) +@@ -253,11 +253,11 @@ static struct net_device_stats *cvm_oct_common_get_stats(struct net_device *dev) * since the RX tasklet also increments it. */ #ifdef CONFIG_64BIT @@ -49898,7 +50531,7 @@ index bd6ca71..8f0961e 100644 } diff --git a/drivers/staging/rtl8188eu/include/hal_intf.h b/drivers/staging/rtl8188eu/include/hal_intf.h -index 439c3c9..2d74293 100644 +index c274b34..f84de76 100644 --- a/drivers/staging/rtl8188eu/include/hal_intf.h +++ b/drivers/staging/rtl8188eu/include/hal_intf.h @@ -271,7 +271,7 @@ struct hal_ops { @@ -49911,11 +50544,11 @@ index 439c3c9..2d74293 100644 enum rt_eeprom_type { EEPROM_93C46, diff --git a/drivers/staging/rtl8188eu/include/rtw_io.h b/drivers/staging/rtl8188eu/include/rtw_io.h -index eb6f0e5..e6a0958 100644 +index 3d1dfcc..ff5620a 100644 --- a/drivers/staging/rtl8188eu/include/rtw_io.h +++ b/drivers/staging/rtl8188eu/include/rtw_io.h @@ -126,7 +126,7 @@ struct _io_ops { - u32 (*_write_scsi)(struct intf_hdl *pintfhdl,u32 cnt, u8 *pmem); + u32 (*_write_scsi)(struct intf_hdl *pintfhdl, u32 cnt, u8 *pmem); void (*_read_port_cancel)(struct intf_hdl *pintfhdl); void (*_write_port_cancel)(struct intf_hdl *pintfhdl); -}; @@ -49963,10 +50596,10 @@ index a863a98..d272795 100644 /* * NOTE: diff --git a/drivers/staging/usbip/vhci_hcd.c b/drivers/staging/usbip/vhci_hcd.c -index e810ad5..931336f 100644 +index 72391ef..7c6717a 100644 --- a/drivers/staging/usbip/vhci_hcd.c +++ b/drivers/staging/usbip/vhci_hcd.c -@@ -441,7 +441,7 @@ static void vhci_tx_urb(struct urb *urb) +@@ -440,7 +440,7 @@ static void vhci_tx_urb(struct urb *urb) spin_lock(&vdev->priv_lock); @@ -49975,7 +50608,7 @@ index e810ad5..931336f 100644 if (priv->seqnum == 0xffff) dev_info(&urb->dev->dev, "seqnum max\n"); -@@ -687,7 +687,7 @@ static int vhci_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status) +@@ -686,7 +686,7 @@ static int vhci_urb_dequeue(struct usb_hcd *hcd, struct urb *urb, int status) return -ENOMEM; } @@ -49984,7 +50617,7 @@ index e810ad5..931336f 100644 if (unlink->seqnum == 0xffff) pr_info("seqnum max\n"); -@@ -891,7 +891,7 @@ static int vhci_start(struct usb_hcd *hcd) +@@ -890,7 +890,7 @@ static int vhci_start(struct usb_hcd *hcd) vdev->rhport = rhport; } @@ -50007,7 +50640,7 @@ index d07fcb5..358e1e1 100644 return; } diff --git a/drivers/staging/vt6655/hostap.c b/drivers/staging/vt6655/hostap.c -index ab8b2ba..99184aa 100644 +index 6eecd53..29317c6 100644 --- a/drivers/staging/vt6655/hostap.c +++ b/drivers/staging/vt6655/hostap.c @@ -69,14 +69,13 @@ static int msglevel = MSG_LEVEL_INFO; @@ -50089,10 +50722,10 @@ index 24884ca..26c8220 100644 login->tgt_agt = sbp_target_agent_register(login); if (IS_ERR(login->tgt_agt)) { diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c -index d06de84..fd38c9b 100644 +index 65001e1..2ebfbb9 100644 --- a/drivers/target/target_core_device.c +++ b/drivers/target/target_core_device.c -@@ -1435,7 +1435,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) +@@ -1520,7 +1520,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) spin_lock_init(&dev->se_tmr_lock); spin_lock_init(&dev->qf_cmd_lock); sema_init(&dev->caw_sem, 1); @@ -50102,10 +50735,10 @@ index d06de84..fd38c9b 100644 spin_lock_init(&dev->t10_wwn.t10_vpd_lock); INIT_LIST_HEAD(&dev->t10_pr.registration_list); diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c -index dee2be1..f5fd8ca 100644 +index 2956250..b10f722 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c -@@ -1113,7 +1113,7 @@ transport_check_alloc_task_attr(struct se_cmd *cmd) +@@ -1136,7 +1136,7 @@ transport_check_alloc_task_attr(struct se_cmd *cmd) * Used to determine when ORDERED commands should go from * Dormant to Active status. */ @@ -50114,8 +50747,46 @@ index dee2be1..f5fd8ca 100644 smp_mb__after_atomic_inc(); pr_debug("Allocated se_ordered_id: %u for Task Attr: 0x%02x on %s\n", cmd->se_ordered_id, cmd->sam_task_attr, +diff --git a/drivers/thermal/of-thermal.c b/drivers/thermal/of-thermal.c +index 04b1be7..5eff86d 100644 +--- a/drivers/thermal/of-thermal.c ++++ b/drivers/thermal/of-thermal.c +@@ -30,6 +30,7 @@ + #include <linux/err.h> + #include <linux/export.h> + #include <linux/string.h> ++#include <linux/mm.h> + + #include "thermal_core.h" + +@@ -341,8 +342,10 @@ thermal_zone_of_add_sensor(struct device_node *zone, + tz->get_trend = get_trend; + tz->sensor_data = data; + +- tzd->ops->get_temp = of_thermal_get_temp; +- tzd->ops->get_trend = of_thermal_get_trend; ++ pax_open_kernel(); ++ *(void **)&tzd->ops->get_temp = of_thermal_get_temp; ++ *(void **)&tzd->ops->get_trend = of_thermal_get_trend; ++ pax_close_kernel(); + mutex_unlock(&tzd->lock); + + return tzd; +@@ -461,8 +464,10 @@ void thermal_zone_of_sensor_unregister(struct device *dev, + return; + + mutex_lock(&tzd->lock); +- tzd->ops->get_temp = NULL; +- tzd->ops->get_trend = NULL; ++ pax_open_kernel(); ++ *(void **)&tzd->ops->get_temp = NULL; ++ *(void **)&tzd->ops->get_trend = NULL; ++ pax_close_kernel(); + + tz->get_temp = NULL; + tz->get_trend = NULL; diff --git a/drivers/tty/cyclades.c b/drivers/tty/cyclades.c -index 33f83fe..d80f8e1 100644 +index a57bb5a..1f727d33 100644 --- a/drivers/tty/cyclades.c +++ b/drivers/tty/cyclades.c @@ -1570,10 +1570,10 @@ static int cy_open(struct tty_struct *tty, struct file *filp) @@ -50131,7 +50802,7 @@ index 33f83fe..d80f8e1 100644 #endif /* -@@ -3972,7 +3972,7 @@ static int cyclades_proc_show(struct seq_file *m, void *v) +@@ -3974,7 +3974,7 @@ static int cyclades_proc_show(struct seq_file *m, void *v) for (j = 0; j < cy_card[i].nports; j++) { info = &cy_card[i].ports[j]; @@ -50141,10 +50812,10 @@ index 33f83fe..d80f8e1 100644 struct tty_struct *tty; struct tty_ldisc *ld; diff --git a/drivers/tty/hvc/hvc_console.c b/drivers/tty/hvc/hvc_console.c -index 9eba119..5070303 100644 +index 0ff7fda..dbc7d52 100644 --- a/drivers/tty/hvc/hvc_console.c +++ b/drivers/tty/hvc/hvc_console.c -@@ -338,7 +338,7 @@ static int hvc_open(struct tty_struct *tty, struct file * filp) +@@ -342,7 +342,7 @@ static int hvc_open(struct tty_struct *tty, struct file * filp) spin_lock_irqsave(&hp->port.lock, flags); /* Check and then increment for fast path open. */ @@ -50153,7 +50824,7 @@ index 9eba119..5070303 100644 spin_unlock_irqrestore(&hp->port.lock, flags); hvc_kick(); return 0; -@@ -393,7 +393,7 @@ static void hvc_close(struct tty_struct *tty, struct file * filp) +@@ -397,7 +397,7 @@ static void hvc_close(struct tty_struct *tty, struct file * filp) spin_lock_irqsave(&hp->port.lock, flags); @@ -50162,7 +50833,7 @@ index 9eba119..5070303 100644 spin_unlock_irqrestore(&hp->port.lock, flags); /* We are done with the tty pointer now. */ tty_port_tty_set(&hp->port, NULL); -@@ -415,9 +415,9 @@ static void hvc_close(struct tty_struct *tty, struct file * filp) +@@ -419,9 +419,9 @@ static void hvc_close(struct tty_struct *tty, struct file * filp) */ tty_wait_until_sent_from_close(tty, HVC_CLOSE_WAIT); } else { @@ -50174,7 +50845,7 @@ index 9eba119..5070303 100644 spin_unlock_irqrestore(&hp->port.lock, flags); } } -@@ -447,12 +447,12 @@ static void hvc_hangup(struct tty_struct *tty) +@@ -451,12 +451,12 @@ static void hvc_hangup(struct tty_struct *tty) * open->hangup case this can be called after the final close so prevent * that from happening for now. */ @@ -50189,7 +50860,7 @@ index 9eba119..5070303 100644 spin_unlock_irqrestore(&hp->port.lock, flags); tty_port_tty_set(&hp->port, NULL); -@@ -500,7 +500,7 @@ static int hvc_write(struct tty_struct *tty, const unsigned char *buf, int count +@@ -504,7 +504,7 @@ static int hvc_write(struct tty_struct *tty, const unsigned char *buf, int count return -EPIPE; /* FIXME what's this (unprotected) check for? */ @@ -50393,10 +51064,10 @@ index 4190199..06d5bfa 100644 spin_unlock_irqrestore(&hp->lock, flags); } diff --git a/drivers/tty/hvc/hvsi_lib.c b/drivers/tty/hvc/hvsi_lib.c -index 347050e..14f8fbf 100644 +index 7ae6c29..05c6dba 100644 --- a/drivers/tty/hvc/hvsi_lib.c +++ b/drivers/tty/hvc/hvsi_lib.c -@@ -9,7 +9,7 @@ +@@ -8,7 +8,7 @@ static int hvsi_send_packet(struct hvsi_priv *pv, struct hvsi_header *packet) { @@ -50405,7 +51076,7 @@ index 347050e..14f8fbf 100644 /* Assumes that always succeeds, works in practice */ return pv->put_chars(pv->termno, (char *)packet, packet->len); -@@ -21,7 +21,7 @@ static void hvsi_start_handshake(struct hvsi_priv *pv) +@@ -20,7 +20,7 @@ static void hvsi_start_handshake(struct hvsi_priv *pv) /* Reset state */ pv->established = 0; @@ -50415,10 +51086,10 @@ index 347050e..14f8fbf 100644 pr_devel("HVSI@%x: Handshaking started\n", pv->termno); diff --git a/drivers/tty/ipwireless/tty.c b/drivers/tty/ipwireless/tty.c -index 8fd72ff..34a0bed 100644 +index 17ee3bf..8d2520d 100644 --- a/drivers/tty/ipwireless/tty.c +++ b/drivers/tty/ipwireless/tty.c -@@ -29,6 +29,7 @@ +@@ -28,6 +28,7 @@ #include <linux/tty_driver.h> #include <linux/tty_flip.h> #include <linux/uaccess.h> @@ -50426,7 +51097,7 @@ index 8fd72ff..34a0bed 100644 #include "tty.h" #include "network.h" -@@ -99,10 +100,10 @@ static int ipw_open(struct tty_struct *linux_tty, struct file *filp) +@@ -98,10 +99,10 @@ static int ipw_open(struct tty_struct *linux_tty, struct file *filp) mutex_unlock(&tty->ipw_tty_mutex); return -ENODEV; } @@ -50439,7 +51110,7 @@ index 8fd72ff..34a0bed 100644 tty->port.tty = linux_tty; linux_tty->driver_data = tty; -@@ -118,9 +119,7 @@ static int ipw_open(struct tty_struct *linux_tty, struct file *filp) +@@ -117,9 +118,7 @@ static int ipw_open(struct tty_struct *linux_tty, struct file *filp) static void do_ipw_close(struct ipw_tty *tty) { @@ -50450,7 +51121,7 @@ index 8fd72ff..34a0bed 100644 struct tty_struct *linux_tty = tty->port.tty; if (linux_tty != NULL) { -@@ -141,7 +140,7 @@ static void ipw_hangup(struct tty_struct *linux_tty) +@@ -140,7 +139,7 @@ static void ipw_hangup(struct tty_struct *linux_tty) return; mutex_lock(&tty->ipw_tty_mutex); @@ -50459,7 +51130,7 @@ index 8fd72ff..34a0bed 100644 mutex_unlock(&tty->ipw_tty_mutex); return; } -@@ -164,7 +163,7 @@ void ipwireless_tty_received(struct ipw_tty *tty, unsigned char *data, +@@ -163,7 +162,7 @@ void ipwireless_tty_received(struct ipw_tty *tty, unsigned char *data, mutex_lock(&tty->ipw_tty_mutex); @@ -50468,7 +51139,7 @@ index 8fd72ff..34a0bed 100644 mutex_unlock(&tty->ipw_tty_mutex); return; } -@@ -206,7 +205,7 @@ static int ipw_write(struct tty_struct *linux_tty, +@@ -202,7 +201,7 @@ static int ipw_write(struct tty_struct *linux_tty, return -ENODEV; mutex_lock(&tty->ipw_tty_mutex); @@ -50477,7 +51148,7 @@ index 8fd72ff..34a0bed 100644 mutex_unlock(&tty->ipw_tty_mutex); return -EINVAL; } -@@ -246,7 +245,7 @@ static int ipw_write_room(struct tty_struct *linux_tty) +@@ -242,7 +241,7 @@ static int ipw_write_room(struct tty_struct *linux_tty) if (!tty) return -ENODEV; @@ -50486,7 +51157,7 @@ index 8fd72ff..34a0bed 100644 return -EINVAL; room = IPWIRELESS_TX_QUEUE_SIZE - tty->tx_bytes_queued; -@@ -288,7 +287,7 @@ static int ipw_chars_in_buffer(struct tty_struct *linux_tty) +@@ -284,7 +283,7 @@ static int ipw_chars_in_buffer(struct tty_struct *linux_tty) if (!tty) return 0; @@ -50495,7 +51166,7 @@ index 8fd72ff..34a0bed 100644 return 0; return tty->tx_bytes_queued; -@@ -369,7 +368,7 @@ static int ipw_tiocmget(struct tty_struct *linux_tty) +@@ -365,7 +364,7 @@ static int ipw_tiocmget(struct tty_struct *linux_tty) if (!tty) return -ENODEV; @@ -50504,7 +51175,7 @@ index 8fd72ff..34a0bed 100644 return -EINVAL; return get_control_lines(tty); -@@ -385,7 +384,7 @@ ipw_tiocmset(struct tty_struct *linux_tty, +@@ -381,7 +380,7 @@ ipw_tiocmset(struct tty_struct *linux_tty, if (!tty) return -ENODEV; @@ -50513,7 +51184,7 @@ index 8fd72ff..34a0bed 100644 return -EINVAL; return set_control_lines(tty, set, clear); -@@ -399,7 +398,7 @@ static int ipw_ioctl(struct tty_struct *linux_tty, +@@ -395,7 +394,7 @@ static int ipw_ioctl(struct tty_struct *linux_tty, if (!tty) return -ENODEV; @@ -50522,7 +51193,7 @@ index 8fd72ff..34a0bed 100644 return -EINVAL; /* FIXME: Exactly how is the tty object locked here .. */ -@@ -555,7 +554,7 @@ void ipwireless_tty_free(struct ipw_tty *tty) +@@ -551,7 +550,7 @@ void ipwireless_tty_free(struct ipw_tty *tty) * are gone */ mutex_lock(&ttyj->ipw_tty_mutex); } @@ -50545,10 +51216,10 @@ index 1deaca4..c8582d4 100644 tty_port_tty_set(&ch->port, tty); mutex_lock(&ch->port.mutex); diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c -index 5056090..c80ca04 100644 +index 2ebe47b..3205833 100644 --- a/drivers/tty/n_gsm.c +++ b/drivers/tty/n_gsm.c -@@ -1643,7 +1643,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) +@@ -1644,7 +1644,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) spin_lock_init(&dlci->lock); mutex_init(&dlci->mutex); dlci->fifo = &dlci->_fifo; @@ -50557,20 +51228,20 @@ index 5056090..c80ca04 100644 kfree(dlci); return NULL; } -@@ -2946,7 +2946,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) +@@ -2954,7 +2954,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) struct gsm_dlci *dlci = tty->driver_data; struct tty_port *port = &dlci->port; - port->count++; + atomic_inc(&port->count); - dlci_get(dlci); - dlci_get(dlci->gsm->dlci[0]); - mux_get(dlci->gsm); + tty_port_tty_set(port, tty); + + dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index 4c10837..a40ec45 100644 +index e36d1f5..9938e3e 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c -@@ -114,7 +114,7 @@ struct n_tty_data { +@@ -115,7 +115,7 @@ struct n_tty_data { int minimum_to_wake; /* consumer-published */ @@ -50579,7 +51250,7 @@ index 4c10837..a40ec45 100644 size_t line_start; /* protected by output lock */ -@@ -2504,6 +2504,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -2519,6 +2519,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -50605,7 +51276,7 @@ index 25c9bc7..24077b7 100644 cdev_init(&ptmx_cdev, &ptmx_fops); if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || diff --git a/drivers/tty/rocket.c b/drivers/tty/rocket.c -index 354564e..fe50d9a 100644 +index 383c4c7..d408e21 100644 --- a/drivers/tty/rocket.c +++ b/drivers/tty/rocket.c @@ -914,7 +914,7 @@ static int rp_open(struct tty_struct *tty, struct file *filp) @@ -50795,7 +51466,7 @@ index b5d779c..3622cfe 100644 if (unlikely(pdev->id < 0 || pdev->id >= UART_NR)) return -ENXIO; diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c -index c1af04d..0815c8a 100644 +index 9cd706d..6ff2de7 100644 --- a/drivers/tty/serial/samsung.c +++ b/drivers/tty/serial/samsung.c @@ -463,11 +463,16 @@ static void s3c24xx_serial_shutdown(struct uart_port *port) @@ -50827,7 +51498,7 @@ index c1af04d..0815c8a 100644 if (cfg->uart_flags & UPF_CONS_FLOW) { diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c -index 0f02351..07c59c5 100644 +index ece2049..fba2524 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c @@ -1448,7 +1448,7 @@ static void uart_hangup(struct tty_struct *tty) @@ -50867,7 +51538,7 @@ index 0f02351..07c59c5 100644 goto end; } diff --git a/drivers/tty/synclink.c b/drivers/tty/synclink.c -index e1ce141..6d4ed80 100644 +index 5ae14b4..2c1288f 100644 --- a/drivers/tty/synclink.c +++ b/drivers/tty/synclink.c @@ -3090,7 +3090,7 @@ static void mgsl_close(struct tty_struct *tty, struct file * filp) @@ -50999,7 +51670,7 @@ index e1ce141..6d4ed80 100644 if (cmd != SIOCWANDEV) diff --git a/drivers/tty/synclink_gt.c b/drivers/tty/synclink_gt.c -index 1abf946..1ee34fc 100644 +index c359a91..959fc26 100644 --- a/drivers/tty/synclink_gt.c +++ b/drivers/tty/synclink_gt.c @@ -670,7 +670,7 @@ static int open(struct tty_struct *tty, struct file *filp) @@ -51117,7 +51788,7 @@ index 1abf946..1ee34fc 100644 if (!retval) diff --git a/drivers/tty/synclinkmp.c b/drivers/tty/synclinkmp.c -index dc6e969..5dc8786 100644 +index 144202e..4ccb07d 100644 --- a/drivers/tty/synclinkmp.c +++ b/drivers/tty/synclinkmp.c @@ -750,7 +750,7 @@ static int open(struct tty_struct *tty, struct file *filp) @@ -51269,10 +51940,10 @@ index ce396ec..04a37be 100644 if (get_user(c, buf)) diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c -index c74a00a..02cf211a 100644 +index d3448a9..28e8db0 100644 --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c -@@ -3474,7 +3474,7 @@ EXPORT_SYMBOL_GPL(get_current_tty); +@@ -3475,7 +3475,7 @@ EXPORT_SYMBOL_GPL(get_current_tty); void tty_default_fops(struct file_operations *fops) { @@ -51282,10 +51953,10 @@ index c74a00a..02cf211a 100644 /* diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c -index 6458e11..6cfc218 100644 +index 2d822aa..a566234 100644 --- a/drivers/tty/tty_ldisc.c +++ b/drivers/tty/tty_ldisc.c -@@ -72,7 +72,7 @@ int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc) +@@ -71,7 +71,7 @@ int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc) raw_spin_lock_irqsave(&tty_ldiscs_lock, flags); tty_ldiscs[disc] = new_ldisc; new_ldisc->num = disc; @@ -51294,7 +51965,7 @@ index 6458e11..6cfc218 100644 raw_spin_unlock_irqrestore(&tty_ldiscs_lock, flags); return ret; -@@ -100,7 +100,7 @@ int tty_unregister_ldisc(int disc) +@@ -99,7 +99,7 @@ int tty_unregister_ldisc(int disc) return -EINVAL; raw_spin_lock_irqsave(&tty_ldiscs_lock, flags); @@ -51303,7 +51974,7 @@ index 6458e11..6cfc218 100644 ret = -EBUSY; else tty_ldiscs[disc] = NULL; -@@ -121,7 +121,7 @@ static struct tty_ldisc_ops *get_ldops(int disc) +@@ -120,7 +120,7 @@ static struct tty_ldisc_ops *get_ldops(int disc) if (ldops) { ret = ERR_PTR(-EAGAIN); if (try_module_get(ldops->owner)) { @@ -51312,7 +51983,7 @@ index 6458e11..6cfc218 100644 ret = ldops; } } -@@ -134,7 +134,7 @@ static void put_ldops(struct tty_ldisc_ops *ldops) +@@ -133,7 +133,7 @@ static void put_ldops(struct tty_ldisc_ops *ldops) unsigned long flags; raw_spin_lock_irqsave(&tty_ldiscs_lock, flags); @@ -51322,10 +51993,10 @@ index 6458e11..6cfc218 100644 raw_spin_unlock_irqrestore(&tty_ldiscs_lock, flags); } diff --git a/drivers/tty/tty_port.c b/drivers/tty/tty_port.c -index c94d234..8210f2d 100644 +index 3f746c8..2f2fcaa 100644 --- a/drivers/tty/tty_port.c +++ b/drivers/tty/tty_port.c -@@ -236,7 +236,7 @@ void tty_port_hangup(struct tty_port *port) +@@ -235,7 +235,7 @@ void tty_port_hangup(struct tty_port *port) unsigned long flags; spin_lock_irqsave(&port->lock, flags); @@ -51334,7 +52005,7 @@ index c94d234..8210f2d 100644 port->flags &= ~ASYNC_NORMAL_ACTIVE; tty = port->tty; if (tty) -@@ -394,7 +394,7 @@ int tty_port_block_til_ready(struct tty_port *port, +@@ -393,7 +393,7 @@ int tty_port_block_til_ready(struct tty_port *port, /* The port lock protects the port counts */ spin_lock_irqsave(&port->lock, flags); if (!tty_hung_up_p(filp)) @@ -51343,7 +52014,7 @@ index c94d234..8210f2d 100644 port->blocked_open++; spin_unlock_irqrestore(&port->lock, flags); -@@ -436,7 +436,7 @@ int tty_port_block_til_ready(struct tty_port *port, +@@ -435,7 +435,7 @@ int tty_port_block_til_ready(struct tty_port *port, we must not mess that up further */ spin_lock_irqsave(&port->lock, flags); if (!tty_hung_up_p(filp)) @@ -51352,7 +52023,7 @@ index c94d234..8210f2d 100644 port->blocked_open--; if (retval == 0) port->flags |= ASYNC_NORMAL_ACTIVE; -@@ -470,19 +470,19 @@ int tty_port_close_start(struct tty_port *port, +@@ -469,19 +469,19 @@ int tty_port_close_start(struct tty_port *port, return 0; } @@ -51379,7 +52050,7 @@ index c94d234..8210f2d 100644 spin_unlock_irqrestore(&port->lock, flags); return 0; } -@@ -564,7 +564,7 @@ int tty_port_open(struct tty_port *port, struct tty_struct *tty, +@@ -563,7 +563,7 @@ int tty_port_open(struct tty_port *port, struct tty_struct *tty, { spin_lock_irq(&port->lock); if (!tty_hung_up_p(filp)) @@ -51540,10 +52211,10 @@ index a673e5b..36e5d32 100644 ret = uio_get_minor(idev); if (ret) diff --git a/drivers/usb/atm/cxacru.c b/drivers/usb/atm/cxacru.c -index 8a7eb77..c00402f 100644 +index 813d4d3..a71934f 100644 --- a/drivers/usb/atm/cxacru.c +++ b/drivers/usb/atm/cxacru.c -@@ -473,7 +473,7 @@ static ssize_t cxacru_sysfs_store_adsl_config(struct device *dev, +@@ -472,7 +472,7 @@ static ssize_t cxacru_sysfs_store_adsl_config(struct device *dev, ret = sscanf(buf + pos, "%x=%x%n", &index, &value, &tmp); if (ret < 2) return -EINVAL; @@ -51553,7 +52224,7 @@ index 8a7eb77..c00402f 100644 pos += tmp; diff --git a/drivers/usb/atm/usbatm.c b/drivers/usb/atm/usbatm.c -index 25a7bfc..57f3cf5 100644 +index dada014..1d0d517 100644 --- a/drivers/usb/atm/usbatm.c +++ b/drivers/usb/atm/usbatm.c @@ -331,7 +331,7 @@ static void usbatm_extract_one_cell(struct usbatm_data *instance, unsigned char @@ -51618,7 +52289,7 @@ index 25a7bfc..57f3cf5 100644 skb = skb_dequeue(&instance->sndqueue); } -@@ -756,11 +756,11 @@ static int usbatm_atm_proc_read(struct atm_dev *atm_dev, loff_t * pos, char *pag +@@ -756,11 +756,11 @@ static int usbatm_atm_proc_read(struct atm_dev *atm_dev, loff_t *pos, char *page if (!left--) return sprintf(page, "AAL5: tx %d ( %d err ), rx %d ( %d err, %d drop )\n", @@ -51667,7 +52338,7 @@ index 2a3bbdf..91d72cf 100644 file->f_version = event_count; return POLLIN | POLLRDNORM; diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c -index 967152a..16fa2e5 100644 +index 90e18f6..5eeda46 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -187,7 +187,7 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, @@ -51707,10 +52378,10 @@ index 967152a..16fa2e5 100644 dev->rawdescriptors[i] + (*ppos - pos), min(len, alloclen))) { diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c -index d39106c..bfe13a4 100644 +index 2518c32..1c201bb 100644 --- a/drivers/usb/core/hcd.c +++ b/drivers/usb/core/hcd.c -@@ -1549,7 +1549,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) +@@ -1550,7 +1550,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) */ usb_get_urb(urb); atomic_inc(&urb->use_count); @@ -51719,7 +52390,7 @@ index d39106c..bfe13a4 100644 usbmon_urb_submit(&hcd->self, urb); /* NOTE requirements on root-hub callers (usbfs and the hub -@@ -1576,7 +1576,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) +@@ -1577,7 +1577,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) urb->hcpriv = NULL; INIT_LIST_HEAD(&urb->urb_list); atomic_dec(&urb->use_count); @@ -51729,7 +52400,7 @@ index d39106c..bfe13a4 100644 wake_up(&usb_kill_urb_queue); usb_put_urb(urb); diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c -index ebcd3bf..be93a64 100644 +index d498d03..e26f959 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -27,6 +27,7 @@ @@ -51740,7 +52411,7 @@ index ebcd3bf..be93a64 100644 #include <asm/uaccess.h> #include <asm/byteorder.h> -@@ -4437,6 +4438,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1, +@@ -4472,6 +4473,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1, goto done; return; } @@ -51752,10 +52423,10 @@ index ebcd3bf..be93a64 100644 unit_load = 150; else diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c -index bb31597..6c5ef8b 100644 +index f829a1a..e6c334a 100644 --- a/drivers/usb/core/message.c +++ b/drivers/usb/core/message.c -@@ -129,7 +129,7 @@ static int usb_internal_control_msg(struct usb_device *usb_dev, +@@ -128,7 +128,7 @@ static int usb_internal_control_msg(struct usb_device *usb_dev, * Return: If successful, the number of bytes transferred. Otherwise, a negative * error number. */ @@ -51764,7 +52435,7 @@ index bb31597..6c5ef8b 100644 __u8 requesttype, __u16 value, __u16 index, void *data, __u16 size, int timeout) { -@@ -181,7 +181,7 @@ EXPORT_SYMBOL_GPL(usb_control_msg); +@@ -180,7 +180,7 @@ EXPORT_SYMBOL_GPL(usb_control_msg); * If successful, 0. Otherwise a negative error number. The number of actual * bytes transferred will be stored in the @actual_length paramater. */ @@ -51773,8 +52444,8 @@ index bb31597..6c5ef8b 100644 void *data, int len, int *actual_length, int timeout) { return usb_bulk_msg(usb_dev, pipe, data, len, actual_length, timeout); -@@ -221,7 +221,7 @@ EXPORT_SYMBOL_GPL(usb_interrupt_msg); - * bytes transferred will be stored in the @actual_length paramater. +@@ -220,7 +220,7 @@ EXPORT_SYMBOL_GPL(usb_interrupt_msg); + * bytes transferred will be stored in the @actual_length parameter. * */ -int usb_bulk_msg(struct usb_device *usb_dev, unsigned int pipe, @@ -51783,7 +52454,7 @@ index bb31597..6c5ef8b 100644 { struct urb *urb; diff --git a/drivers/usb/core/sysfs.c b/drivers/usb/core/sysfs.c -index 52a97ad..e73330f 100644 +index 1236c60..d47a51c 100644 --- a/drivers/usb/core/sysfs.c +++ b/drivers/usb/core/sysfs.c @@ -244,7 +244,7 @@ static ssize_t urbnum_show(struct device *dev, struct device_attribute *attr, @@ -51809,7 +52480,7 @@ index 4d11449..f4ccabf 100644 INIT_LIST_HEAD(&dev->ep0.urb_list); dev->ep0.desc.bLength = USB_DT_ENDPOINT_SIZE; diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c -index 02e44fc..3c4fe64 100644 +index 2da0a5a..4870e09 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -532,8 +532,6 @@ static int __dwc3_gadget_ep_enable(struct dwc3_ep *dep, @@ -51862,8 +52533,20 @@ index 8cfc319..4868255 100644 return 0; } +diff --git a/drivers/usb/gadget/f_uac1.c b/drivers/usb/gadget/f_uac1.c +index 2b4c82d..06a8ee6 100644 +--- a/drivers/usb/gadget/f_uac1.c ++++ b/drivers/usb/gadget/f_uac1.c +@@ -13,6 +13,7 @@ + #include <linux/kernel.h> + #include <linux/device.h> + #include <linux/atomic.h> ++#include <linux/module.h> + + #include "u_uac1.h" + diff --git a/drivers/usb/gadget/u_serial.c b/drivers/usb/gadget/u_serial.c -index b369292..9f3ba40 100644 +index ad0aca8..8ff84865 100644 --- a/drivers/usb/gadget/u_serial.c +++ b/drivers/usb/gadget/u_serial.c @@ -733,9 +733,9 @@ static int gs_open(struct tty_struct *tty, struct file *file) @@ -51947,8 +52630,20 @@ index b369292..9f3ba40 100644 gs_buf_free(&port->port_write_buf); gs_free_requests(gser->out, &port->read_pool, NULL); gs_free_requests(gser->out, &port->read_queue, NULL); +diff --git a/drivers/usb/gadget/u_uac1.c b/drivers/usb/gadget/u_uac1.c +index 7a55fea..cc0ed4f 100644 +--- a/drivers/usb/gadget/u_uac1.c ++++ b/drivers/usb/gadget/u_uac1.c +@@ -16,6 +16,7 @@ + #include <linux/ctype.h> + #include <linux/random.h> + #include <linux/syscalls.h> ++#include <linux/module.h> + + #include "u_uac1.h" + diff --git a/drivers/usb/host/ehci-hub.c b/drivers/usb/host/ehci-hub.c -index 1bb85be..29e28d9 100644 +index 7ae0c4d..35521b7 100644 --- a/drivers/usb/host/ehci-hub.c +++ b/drivers/usb/host/ehci-hub.c @@ -780,7 +780,7 @@ static struct urb *request_single_step_set_feature_urb( @@ -51992,10 +52687,10 @@ index ba6a5d6..f88f7f3 100644 props.type = BACKLIGHT_RAW; props.max_brightness = 0xff; diff --git a/drivers/usb/serial/console.c b/drivers/usb/serial/console.c -index c69bb50..215ef37 100644 +index 8d7fc48..01c4986 100644 --- a/drivers/usb/serial/console.c +++ b/drivers/usb/serial/console.c -@@ -124,7 +124,7 @@ static int usb_console_setup(struct console *co, char *options) +@@ -123,7 +123,7 @@ static int usb_console_setup(struct console *co, char *options) info->port = port; @@ -52004,7 +52699,7 @@ index c69bb50..215ef37 100644 if (!test_bit(ASYNCB_INITIALIZED, &port->port.flags)) { if (serial->type->set_termios) { /* -@@ -170,7 +170,7 @@ static int usb_console_setup(struct console *co, char *options) +@@ -167,7 +167,7 @@ static int usb_console_setup(struct console *co, char *options) } /* Now that any required fake tty operations are completed restore * the tty port count */ @@ -52013,7 +52708,7 @@ index c69bb50..215ef37 100644 /* The console is special in terms of closing the device so * indicate this port is now acting as a system console. */ port->port.console = 1; -@@ -183,7 +183,7 @@ static int usb_console_setup(struct console *co, char *options) +@@ -180,7 +180,7 @@ static int usb_console_setup(struct console *co, char *options) free_tty: kfree(tty); reset_open_count: @@ -52022,7 +52717,7 @@ index c69bb50..215ef37 100644 usb_autopm_put_interface(serial->interface); error_get_interface: usb_serial_put(serial); -@@ -194,7 +194,7 @@ static int usb_console_setup(struct console *co, char *options) +@@ -191,7 +191,7 @@ static int usb_console_setup(struct console *co, char *options) static void usb_console_write(struct console *co, const char *buf, unsigned count) { @@ -52045,7 +52740,7 @@ index 75f70f0..d467e1a 100644 /* Dynamic bitflag definitions (us->dflags): used in set_bit() etc. */ diff --git a/drivers/usb/wusbcore/wa-hc.h b/drivers/usb/wusbcore/wa-hc.h -index e614f02..3fd60e2 100644 +index a2ef84b..aa7c2b8 100644 --- a/drivers/usb/wusbcore/wa-hc.h +++ b/drivers/usb/wusbcore/wa-hc.h @@ -225,7 +225,7 @@ struct wahc { @@ -52067,7 +52762,7 @@ index e614f02..3fd60e2 100644 /** diff --git a/drivers/usb/wusbcore/wa-xfer.c b/drivers/usb/wusbcore/wa-xfer.c -index ed5abe8..7036400 100644 +index 3cd96e9..bd7c58d 100644 --- a/drivers/usb/wusbcore/wa-xfer.c +++ b/drivers/usb/wusbcore/wa-xfer.c @@ -312,7 +312,7 @@ static void wa_xfer_completion(struct wa_xfer *xfer) @@ -52080,10 +52775,10 @@ index ed5abe8..7036400 100644 /* Return the xfer's ID. */ diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c -index 1eab4ac..e21efc9 100644 +index 21271d8..45b55a0 100644 --- a/drivers/vfio/vfio.c +++ b/drivers/vfio/vfio.c -@@ -488,7 +488,7 @@ static int vfio_group_nb_add_dev(struct vfio_group *group, struct device *dev) +@@ -487,7 +487,7 @@ static int vfio_group_nb_add_dev(struct vfio_group *group, struct device *dev) return 0; /* TODO Prevent device auto probing */ @@ -52176,7 +52871,7 @@ index 1b0b233..6f34c2c 100644 err = -ENOSPC; } diff --git a/drivers/video/aty/aty128fb.c b/drivers/video/aty/aty128fb.c -index 12ca031..84a8a74 100644 +index 52108be..c7c110d 100644 --- a/drivers/video/aty/aty128fb.c +++ b/drivers/video/aty/aty128fb.c @@ -149,7 +149,7 @@ enum { @@ -52210,18 +52905,18 @@ index 28fafbf..ae91651 100644 } diff --git a/drivers/video/aty/mach64_cursor.c b/drivers/video/aty/mach64_cursor.c -index 95ec042..e6affdd 100644 +index 0fe02e2..ab01b26 100644 --- a/drivers/video/aty/mach64_cursor.c +++ b/drivers/video/aty/mach64_cursor.c -@@ -7,6 +7,7 @@ - #include <linux/string.h> +@@ -8,6 +8,7 @@ + #include "../fb_draw.h" #include <asm/io.h> +#include <asm/pgtable.h> #ifdef __sparc__ #include <asm/fbio.h> -@@ -208,7 +209,9 @@ int aty_init_cursor(struct fb_info *info) +@@ -218,7 +219,9 @@ int aty_init_cursor(struct fb_info *info) info->sprite.buf_align = 16; /* and 64 lines tall. */ info->sprite.flags = FB_PIXMAP_IO; @@ -52233,15 +52928,15 @@ index 95ec042..e6affdd 100644 return 0; } diff --git a/drivers/video/backlight/kb3886_bl.c b/drivers/video/backlight/kb3886_bl.c -index 7592cc2..92feb56 100644 +index 84a110a..96312c3 100644 --- a/drivers/video/backlight/kb3886_bl.c +++ b/drivers/video/backlight/kb3886_bl.c @@ -78,7 +78,7 @@ static struct kb3886bl_machinfo *bl_machinfo; static unsigned long kb3886bl_flags; #define KB3886BL_SUSPENDED 0x01 --static struct dmi_system_id __initdata kb3886bl_device_table[] = { -+static const struct dmi_system_id __initconst kb3886bl_device_table[] = { +-static struct dmi_system_id kb3886bl_device_table[] __initdata = { ++static const struct dmi_system_id kb3886bl_device_table[] __initconst = { { .ident = "Sahara Touch-iT", .matches = { @@ -52270,7 +52965,7 @@ index 900aa4e..6d49418 100644 } EXPORT_SYMBOL_GPL(fb_deferred_io_cleanup); diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c -index 010d191..7b8235a 100644 +index 7309ac7..be3c49c 100644 --- a/drivers/video/fbmem.c +++ b/drivers/video/fbmem.c @@ -433,7 +433,7 @@ static void fb_do_show_logo(struct fb_info *info, struct fb_image *image, @@ -55144,7 +55839,7 @@ index fe92eed..106e085 100644 outreg(draw, GDC_REG_DRAW_BASE, 0); outreg(draw, GDC_REG_MODE_MISC, 0x8000); diff --git a/drivers/video/nvidia/nvidia.c b/drivers/video/nvidia/nvidia.c -index ff22871..b129bed 100644 +index def0412..fed6529 100644 --- a/drivers/video/nvidia/nvidia.c +++ b/drivers/video/nvidia/nvidia.c @@ -669,19 +669,23 @@ static int nvidiafb_set_par(struct fb_info *info) @@ -55232,6 +55927,23 @@ index 83433cb..71e9b98 100644 info->flags = FBINFO_DEFAULT | FBINFO_HWACCEL_YPAN | FBINFO_HWACCEL_FILLRECT | FBINFO_HWACCEL_COPYAREA; break; +diff --git a/drivers/video/sh_mobile_lcdcfb.c b/drivers/video/sh_mobile_lcdcfb.c +index 2bcc84a..29dd1ea 100644 +--- a/drivers/video/sh_mobile_lcdcfb.c ++++ b/drivers/video/sh_mobile_lcdcfb.c +@@ -439,9 +439,9 @@ static unsigned long lcdc_sys_read_data(void *handle) + } + + static struct sh_mobile_lcdc_sys_bus_ops sh_mobile_lcdc_sys_bus_ops = { +- lcdc_sys_write_index, +- lcdc_sys_write_data, +- lcdc_sys_read_data, ++ .write_index = lcdc_sys_write_index, ++ .write_data = lcdc_sys_write_data, ++ .read_data = lcdc_sys_read_data, + }; + + static int sh_mobile_lcdc_sginit(struct fb_info *info, diff --git a/drivers/video/smscufx.c b/drivers/video/smscufx.c index d513ed6..90b0de9 100644 --- a/drivers/video/smscufx.c @@ -55248,7 +55960,7 @@ index d513ed6..90b0de9 100644 pr_debug("released /dev/fb%d user=%d count=%d", diff --git a/drivers/video/udlfb.c b/drivers/video/udlfb.c -index 025f14e..20eb4db 100644 +index 77b890e..458e666 100644 --- a/drivers/video/udlfb.c +++ b/drivers/video/udlfb.c @@ -623,11 +623,11 @@ static int dlfb_handle_damage(struct dlfb_data *dev, int x, int y, @@ -55611,7 +56323,7 @@ index fef20db..d28b1ab 100644 return -ENOMEM; return 0; diff --git a/fs/9p/vfs_addr.c b/fs/9p/vfs_addr.c -index 9ff073f..05cef23 100644 +index c71e886..61d3d44b 100644 --- a/fs/9p/vfs_addr.c +++ b/fs/9p/vfs_addr.c @@ -187,7 +187,7 @@ static int v9fs_vfs_writepage_locked(struct page *page) @@ -55624,10 +56336,10 @@ index 9ff073f..05cef23 100644 if (retval > 0) retval = 0; diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c -index 4e65aa9..043dc9a 100644 +index bb7991c..481e21a 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c -@@ -1306,7 +1306,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -1312,7 +1312,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd) void v9fs_vfs_put_link(struct dentry *dentry, struct nameidata *nd, void *p) { @@ -55649,6 +56361,19 @@ index 370b24c..ff0be7b 100644 ---help--- A.out (Assembler.OUTput) is a set of formats for libraries and executables used in the earliest versions of UNIX. Linux used +diff --git a/fs/affs/super.c b/fs/affs/super.c +index d098731..9a5b19d 100644 +--- a/fs/affs/super.c ++++ b/fs/affs/super.c +@@ -336,8 +336,6 @@ static int affs_fill_super(struct super_block *sb, void *data, int silent) + &blocksize,&sbi->s_prefix, + sbi->s_volume, &mount_flags)) { + printk(KERN_ERR "AFFS: Error parsing options\n"); +- kfree(sbi->s_prefix); +- kfree(sbi); + return -EINVAL; + } + /* N.B. after this point s_prefix must be released */ diff --git a/fs/afs/inode.c b/fs/afs/inode.c index ce25d75..dc09eeb 100644 --- a/fs/afs/inode.c @@ -55672,10 +56397,10 @@ index ce25d75..dc09eeb 100644 &data); if (!inode) { diff --git a/fs/aio.c b/fs/aio.c -index 062a5f6..e5618e0 100644 +index 12a3de0e..25949c1 100644 --- a/fs/aio.c +++ b/fs/aio.c -@@ -374,7 +374,7 @@ static int aio_setup_ring(struct kioctx *ctx) +@@ -375,7 +375,7 @@ static int aio_setup_ring(struct kioctx *ctx) size += sizeof(struct io_event) * nr_events; nr_pages = PFN_UP(size); @@ -55684,6 +56409,19 @@ index 062a5f6..e5618e0 100644 return -EINVAL; file = aio_private_file(ctx, nr_pages); +@@ -1299,10 +1299,8 @@ rw_common: + &iovec, compat) + : aio_setup_single_vector(req, rw, buf, &nr_segs, + iovec); +- if (ret) +- return ret; +- +- ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes); ++ if (!ret) ++ ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes); + if (ret < 0) { + if (iovec != &inline_vec) + kfree(iovec); diff --git a/fs/attr.c b/fs/attr.c index 5d4e59d..fd02418 100644 --- a/fs/attr.c @@ -55697,7 +56435,7 @@ index 5d4e59d..fd02418 100644 goto out_sig; if (offset > inode->i_sb->s_maxbytes) diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c -index 689e40d..515cac5 100644 +index 116fd38..c04182da 100644 --- a/fs/autofs4/waitq.c +++ b/fs/autofs4/waitq.c @@ -59,7 +59,7 @@ static int autofs4_write(struct autofs_sb_info *sbi, @@ -55720,7 +56458,7 @@ index 689e40d..515cac5 100644 int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, enum autofs_notify notify) { -@@ -373,7 +377,12 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, +@@ -385,7 +389,12 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, /* If this is a direct mount request create a dummy name */ if (IS_ROOT(dentry) && autofs_type_trigger(sbi->type)) @@ -55845,7 +56583,7 @@ index ca0ba15..0fa3257 100644 fd_offset + ex.a_text); if (error != N_DATADDR(ex)) { diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c -index 571a423..eed5754 100644 +index 67be295..83e2f86 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -34,6 +34,7 @@ @@ -56360,7 +57098,7 @@ index 571a423..eed5754 100644 /* * These are the functions used to load ELF style executables and shared * libraries. There is no binary dependent code anywhere else. -@@ -554,6 +915,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) +@@ -551,6 +912,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) { unsigned int random_variable = 0; @@ -56372,7 +57110,7 @@ index 571a423..eed5754 100644 if ((current->flags & PF_RANDOMIZE) && !(current->personality & ADDR_NO_RANDOMIZE)) { random_variable = get_random_int() & STACK_RND_MASK; -@@ -572,7 +938,7 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -569,7 +935,7 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long load_addr = 0, load_bias = 0; int load_addr_set = 0; char * elf_interpreter = NULL; @@ -56381,7 +57119,7 @@ index 571a423..eed5754 100644 struct elf_phdr *elf_ppnt, *elf_phdata; unsigned long elf_bss, elf_brk; int retval, i; -@@ -582,12 +948,12 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -579,12 +945,12 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long start_code, end_code, start_data, end_data; unsigned long reloc_func_desc __maybe_unused = 0; int executable_stack = EXSTACK_DEFAULT; @@ -56395,7 +57133,7 @@ index 571a423..eed5754 100644 loc = kmalloc(sizeof(*loc), GFP_KERNEL); if (!loc) { -@@ -723,11 +1089,82 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -720,11 +1086,82 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; /* OK, This is the point of no return */ @@ -56479,7 +57217,7 @@ index 571a423..eed5754 100644 if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -817,6 +1254,20 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -814,6 +1251,20 @@ static int load_elf_binary(struct linux_binprm *bprm) #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #endif @@ -56500,7 +57238,7 @@ index 571a423..eed5754 100644 } error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, -@@ -849,9 +1300,9 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -846,9 +1297,9 @@ static int load_elf_binary(struct linux_binprm *bprm) * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -56513,7 +57251,7 @@ index 571a423..eed5754 100644 /* set_brk can never work. Avoid overflows. */ send_sig(SIGKILL, current, 0); retval = -EINVAL; -@@ -890,17 +1341,45 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -887,17 +1338,45 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; } if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -56565,7 +57303,7 @@ index 571a423..eed5754 100644 load_bias); if (!IS_ERR((void *)elf_entry)) { /* -@@ -1122,7 +1601,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) +@@ -1119,7 +1598,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -56574,7 +57312,7 @@ index 571a423..eed5754 100644 { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1160,7 +1639,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, +@@ -1157,7 +1636,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, if (vma->vm_file == NULL) return 0; @@ -56583,7 +57321,7 @@ index 571a423..eed5754 100644 goto whole; /* -@@ -1367,9 +1846,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) +@@ -1364,9 +1843,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -56595,7 +57333,7 @@ index 571a423..eed5754 100644 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -1378,7 +1857,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, +@@ -1375,7 +1854,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, { mm_segment_t old_fs = get_fs(); set_fs(KERNEL_DS); @@ -56604,7 +57342,7 @@ index 571a423..eed5754 100644 set_fs(old_fs); fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata); } -@@ -2002,14 +2481,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, +@@ -1999,14 +2478,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, } static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma, @@ -56621,7 +57359,7 @@ index 571a423..eed5754 100644 return size; } -@@ -2100,7 +2579,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2097,7 +2576,7 @@ static int elf_core_dump(struct coredump_params *cprm) dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); @@ -56630,7 +57368,7 @@ index 571a423..eed5754 100644 offset += elf_core_extra_data_size(); e_shoff = offset; -@@ -2128,7 +2607,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2125,7 +2604,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; @@ -56639,7 +57377,7 @@ index 571a423..eed5754 100644 phdr.p_memsz = vma->vm_end - vma->vm_start; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; -@@ -2161,7 +2640,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2158,7 +2637,7 @@ static int elf_core_dump(struct coredump_params *cprm) unsigned long addr; unsigned long end; @@ -56648,7 +57386,7 @@ index 571a423..eed5754 100644 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { struct page *page; -@@ -2202,6 +2681,167 @@ out: +@@ -2199,6 +2678,167 @@ out: #endif /* CONFIG_ELF_CORE */ @@ -56816,47 +57554,11 @@ index 571a423..eed5754 100644 static int __init init_elf_binfmt(void) { register_binfmt(&elf_format); -diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c -index d50bbe5..af3b649 100644 ---- a/fs/binfmt_flat.c -+++ b/fs/binfmt_flat.c -@@ -566,7 +566,9 @@ static int load_flat_file(struct linux_binprm * bprm, - realdatastart = (unsigned long) -ENOMEM; - printk("Unable to allocate RAM for process data, errno %d\n", - (int)-realdatastart); -+ down_write(¤t->mm->mmap_sem); - vm_munmap(textpos, text_len); -+ up_write(¤t->mm->mmap_sem); - ret = realdatastart; - goto err; - } -@@ -590,8 +592,10 @@ static int load_flat_file(struct linux_binprm * bprm, - } - if (IS_ERR_VALUE(result)) { - printk("Unable to read data+bss, errno %d\n", (int)-result); -+ down_write(¤t->mm->mmap_sem); - vm_munmap(textpos, text_len); - vm_munmap(realdatastart, len); -+ up_write(¤t->mm->mmap_sem); - ret = result; - goto err; - } -@@ -653,8 +657,10 @@ static int load_flat_file(struct linux_binprm * bprm, - } - if (IS_ERR_VALUE(result)) { - printk("Unable to read code+data+bss, errno %d\n",(int)-result); -+ down_write(¤t->mm->mmap_sem); - vm_munmap(textpos, text_len + data_len + extra + - MAX_SHARED_LIBS * sizeof(unsigned long)); -+ up_write(¤t->mm->mmap_sem); - ret = result; - goto err; - } diff --git a/fs/bio.c b/fs/bio.c -index 33d79a4..c3c9893 100644 +index 8754e7b..0669094 100644 --- a/fs/bio.c +++ b/fs/bio.c -@@ -1106,7 +1106,7 @@ struct bio *bio_copy_user_iov(struct request_queue *q, +@@ -1145,7 +1145,7 @@ struct bio *bio_copy_user_iov(struct request_queue *q, /* * Overflow, abort */ @@ -56865,7 +57567,7 @@ index 33d79a4..c3c9893 100644 return ERR_PTR(-EINVAL); nr_pages += end - start; -@@ -1240,7 +1240,7 @@ static struct bio *__bio_map_user_iov(struct request_queue *q, +@@ -1279,7 +1279,7 @@ static struct bio *__bio_map_user_iov(struct request_queue *q, /* * Overflow, abort */ @@ -56874,7 +57576,7 @@ index 33d79a4..c3c9893 100644 return ERR_PTR(-EINVAL); nr_pages += end - start; -@@ -1502,7 +1502,7 @@ static void bio_copy_kern_endio(struct bio *bio, int err) +@@ -1541,7 +1541,7 @@ static void bio_copy_kern_endio(struct bio *bio, int err) const int read = bio_data_dir(bio) == READ; struct bio_map_data *bmd = bio->bi_private; int i; @@ -56897,10 +57599,10 @@ index 1e86823..8e34695 100644 else if (whole->bd_holder != NULL) return false; /* is a partition of a held device */ diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c -index 3de01b4..6547c39 100644 +index cbd3a7d6f..c6a2881 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c -@@ -1217,9 +1217,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, +@@ -1216,9 +1216,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, free_extent_buffer(buf); add_root_to_dirty_list(root); } else { @@ -56917,7 +57619,7 @@ index 3de01b4..6547c39 100644 WARN_ON(trans->transid != btrfs_header_generation(parent)); diff --git a/fs/btrfs/delayed-inode.c b/fs/btrfs/delayed-inode.c -index 8d292fb..bc205c2 100644 +index 451b00c..a2cccee 100644 --- a/fs/btrfs/delayed-inode.c +++ b/fs/btrfs/delayed-inode.c @@ -459,7 +459,7 @@ static int __btrfs_add_delayed_deletion_item(struct btrfs_delayed_node *node, @@ -56929,26 +57631,26 @@ index 8d292fb..bc205c2 100644 if ((atomic_dec_return(&delayed_root->items) < BTRFS_DELAYED_BACKGROUND || seq % BTRFS_DELAYED_BATCH == 0) && waitqueue_active(&delayed_root->wait)) -@@ -1379,7 +1379,7 @@ void btrfs_assert_delayed_root_empty(struct btrfs_root *root) - static int refs_newer(struct btrfs_delayed_root *delayed_root, - int seq, int count) +@@ -1409,7 +1409,7 @@ void btrfs_assert_delayed_root_empty(struct btrfs_root *root) + + static int could_end_wait(struct btrfs_delayed_root *delayed_root, int seq) { - int val = atomic_read(&delayed_root->items_seq); + int val = atomic_read_unchecked(&delayed_root->items_seq); - if (val < seq || val >= seq + count) + if (val < seq || val >= seq + BTRFS_DELAYED_BATCH) return 1; -@@ -1396,7 +1396,7 @@ void btrfs_balance_delayed_items(struct btrfs_root *root) - if (atomic_read(&delayed_root->items) < BTRFS_DELAYED_BACKGROUND) - return; +@@ -1433,7 +1433,7 @@ void btrfs_balance_delayed_items(struct btrfs_root *root) + int seq; + int ret; -- seq = atomic_read(&delayed_root->items_seq); -+ seq = atomic_read_unchecked(&delayed_root->items_seq); +- seq = atomic_read(&delayed_root->items_seq); ++ seq = atomic_read_unchecked(&delayed_root->items_seq); - if (atomic_read(&delayed_root->items) >= BTRFS_DELAYED_WRITEBACK) { - int ret; + ret = btrfs_wq_run_delayed_node(delayed_root, root, 0); + if (ret) diff --git a/fs/btrfs/delayed-inode.h b/fs/btrfs/delayed-inode.h -index a4b38f9..f86a509 100644 +index f70119f..ab5894d 100644 --- a/fs/btrfs/delayed-inode.h +++ b/fs/btrfs/delayed-inode.h @@ -43,7 +43,7 @@ struct btrfs_delayed_root { @@ -56960,7 +57662,7 @@ index a4b38f9..f86a509 100644 int nodes; /* for delayed nodes */ wait_queue_head_t wait; }; -@@ -87,7 +87,7 @@ static inline void btrfs_init_delayed_root( +@@ -90,7 +90,7 @@ static inline void btrfs_init_delayed_root( struct btrfs_delayed_root *delayed_root) { atomic_set(&delayed_root->items, 0); @@ -56970,10 +57672,10 @@ index a4b38f9..f86a509 100644 spin_lock_init(&delayed_root->lock); init_waitqueue_head(&delayed_root->wait); diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c -index 9f831bb..14afde5 100644 +index a6d8efa..2f062cf 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c -@@ -3457,9 +3457,12 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) +@@ -3491,9 +3491,12 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) for (i = 0; i < num_types; i++) { struct btrfs_space_info *tmp; @@ -56986,7 +57688,7 @@ index 9f831bb..14afde5 100644 info = NULL; rcu_read_lock(); list_for_each_entry_rcu(tmp, &root->fs_info->space_info, -@@ -3481,10 +3484,7 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) +@@ -3515,10 +3518,7 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) memcpy(dest, &space, sizeof(space)); dest++; space_args.total_spaces++; @@ -56998,10 +57700,10 @@ index 9f831bb..14afde5 100644 up_read(&info->groups_sem); } diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c -index d71a11d..384e2c4 100644 +index d04db81..96e54f1 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c -@@ -265,7 +265,7 @@ void __btrfs_abort_transaction(struct btrfs_trans_handle *trans, +@@ -268,7 +268,7 @@ void __btrfs_abort_transaction(struct btrfs_trans_handle *trans, function, line, errstr); return; } @@ -57010,8 +57712,21 @@ index d71a11d..384e2c4 100644 /* Wake up anybody who may be waiting on this transaction */ wake_up(&root->fs_info->transaction_wait); wake_up(&root->fs_info->transaction_blocked_wait); +diff --git a/fs/btrfs/sysfs.c b/fs/btrfs/sysfs.c +index 865f4cf..f321e86 100644 +--- a/fs/btrfs/sysfs.c ++++ b/fs/btrfs/sysfs.c +@@ -436,7 +436,7 @@ static int addrm_unknown_feature_attrs(struct btrfs_fs_info *fs_info, bool add) + for (set = 0; set < FEAT_MAX; set++) { + int i; + struct attribute *attrs[2]; +- struct attribute_group agroup = { ++ attribute_group_no_const agroup = { + .name = "features", + .attrs = attrs, + }; diff --git a/fs/buffer.c b/fs/buffer.c -index aeeea65..7651d590 100644 +index 27265a8..289f488 100644 --- a/fs/buffer.c +++ b/fs/buffer.c @@ -3428,7 +3428,7 @@ void __init buffer_init(void) @@ -57178,10 +57893,10 @@ index ebaff36..7e3ea26 100644 kunmap(page); file_end_write(file); diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c -index 2a0bcae..34ec24e 100644 +index 45eda6d..9126f7f 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c -@@ -240,7 +240,7 @@ static int ceph_readdir(struct file *file, struct dir_context *ctx) +@@ -248,7 +248,7 @@ static int ceph_readdir(struct file *file, struct dir_context *ctx) struct ceph_fs_client *fsc = ceph_inode_to_client(inode); struct ceph_mds_client *mdsc = fsc->mdsc; unsigned frag = fpos_frag(ctx->pos); @@ -57191,10 +57906,10 @@ index 2a0bcae..34ec24e 100644 u32 ftype; struct ceph_mds_reply_info_parsed *rinfo; diff --git a/fs/ceph/super.c b/fs/ceph/super.c -index 6a0951e..03fac6d 100644 +index 10a4ccb..92dbc5e 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c -@@ -870,7 +870,7 @@ static int ceph_compare_super(struct super_block *sb, void *data) +@@ -895,7 +895,7 @@ static int ceph_compare_super(struct super_block *sb, void *data) /* * construct our own bdi so we can control readahead, etc. */ @@ -57203,7 +57918,7 @@ index 6a0951e..03fac6d 100644 static int ceph_register_bdi(struct super_block *sb, struct ceph_fs_client *fsc) -@@ -887,7 +887,7 @@ static int ceph_register_bdi(struct super_block *sb, +@@ -912,7 +912,7 @@ static int ceph_register_bdi(struct super_block *sb, default_backing_dev_info.ra_pages; err = bdi_register(&fsc->backing_dev_info, NULL, "ceph-%ld", @@ -57257,10 +57972,10 @@ index f3ac415..3d2420c 100644 server->ops->print_stats(m, tcon); } diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c -index 849f613..eae6dec 100644 +index 7c6b73c..a8f0db2 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c -@@ -1056,7 +1056,7 @@ cifs_init_request_bufs(void) +@@ -1068,7 +1068,7 @@ cifs_init_request_bufs(void) */ cifs_req_cachep = kmem_cache_create("cifs_request", CIFSMaxBufSize + max_hdr_size, 0, @@ -57269,7 +57984,7 @@ index 849f613..eae6dec 100644 if (cifs_req_cachep == NULL) return -ENOMEM; -@@ -1083,7 +1083,7 @@ cifs_init_request_bufs(void) +@@ -1095,7 +1095,7 @@ cifs_init_request_bufs(void) efficient to alloc 1 per page off the slab compared to 17K (5page) alloc of large cifs buffers even when page debugging is on */ cifs_sm_req_cachep = kmem_cache_create("cifs_small_rq", @@ -57278,7 +57993,7 @@ index 849f613..eae6dec 100644 NULL); if (cifs_sm_req_cachep == NULL) { mempool_destroy(cifs_req_poolp); -@@ -1168,8 +1168,8 @@ init_cifs(void) +@@ -1180,8 +1180,8 @@ init_cifs(void) atomic_set(&bufAllocCount, 0); atomic_set(&smBufAllocCount, 0); #ifdef CONFIG_CIFS_STATS2 @@ -57290,10 +58005,10 @@ index 849f613..eae6dec 100644 atomic_set(&midCount, 0); diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h -index 579c6d5..95b6d03353 100644 +index 30f6e92..e915ba5 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h -@@ -797,35 +797,35 @@ struct cifs_tcon { +@@ -806,35 +806,35 @@ struct cifs_tcon { __u16 Flags; /* optional support bits */ enum statusEnum tidStatus; #ifdef CONFIG_CIFS_STATS @@ -57353,7 +58068,7 @@ index 579c6d5..95b6d03353 100644 } smb2_stats; #endif /* CONFIG_CIFS_SMB2 */ } stats; -@@ -1155,7 +1155,7 @@ convert_delimiter(char *path, char delim) +@@ -1170,7 +1170,7 @@ convert_delimiter(char *path, char delim) } #ifdef CONFIG_CIFS_STATS @@ -57362,7 +58077,7 @@ index 579c6d5..95b6d03353 100644 static inline void cifs_stats_bytes_written(struct cifs_tcon *tcon, unsigned int bytes) -@@ -1521,8 +1521,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; +@@ -1536,8 +1536,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; /* Various Debug counters */ GLOBAL_EXTERN atomic_t bufAllocCount; /* current number allocated */ #ifdef CONFIG_CIFS_STATS2 @@ -57374,7 +58089,7 @@ index 579c6d5..95b6d03353 100644 GLOBAL_EXTERN atomic_t smBufAllocCount; GLOBAL_EXTERN atomic_t midCount; diff --git a/fs/cifs/file.c b/fs/cifs/file.c -index a1c9ead..63e4c62 100644 +index 87c4dd0..a90f115 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -1900,10 +1900,14 @@ static int cifs_writepages(struct address_space *mapping, @@ -57396,7 +58111,7 @@ index a1c9ead..63e4c62 100644 } retry: diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c -index 2f9f379..43f8025 100644 +index 3b0c62e..f7d090c 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c @@ -170,7 +170,7 @@ cifs_buf_get(void) @@ -57418,10 +58133,10 @@ index 2f9f379..43f8025 100644 } diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c -index ffc9ef9..b3c992b 100644 +index d1fdfa8..94558f8 100644 --- a/fs/cifs/smb1ops.c +++ b/fs/cifs/smb1ops.c -@@ -609,27 +609,27 @@ static void +@@ -626,27 +626,27 @@ static void cifs_clear_stats(struct cifs_tcon *tcon) { #ifdef CONFIG_CIFS_STATS @@ -57470,7 +58185,7 @@ index ffc9ef9..b3c992b 100644 #endif } -@@ -638,36 +638,36 @@ cifs_print_stats(struct seq_file *m, struct cifs_tcon *tcon) +@@ -655,36 +655,36 @@ cifs_print_stats(struct seq_file *m, struct cifs_tcon *tcon) { #ifdef CONFIG_CIFS_STATS seq_printf(m, " Oplocks breaks: %d", @@ -57527,7 +58242,7 @@ index ffc9ef9..b3c992b 100644 } diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c -index 192f51a..539307e 100644 +index 35ddc3e..563e809 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -364,8 +364,8 @@ smb2_clear_stats(struct cifs_tcon *tcon) @@ -57648,10 +58363,10 @@ index 192f51a..539307e 100644 } diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c -index 787e171..31dcd0a 100644 +index 8603447..f9caeee 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c -@@ -2093,8 +2093,7 @@ SMB2_query_directory(const unsigned int xid, struct cifs_tcon *tcon, +@@ -2094,8 +2094,7 @@ SMB2_query_directory(const unsigned int xid, struct cifs_tcon *tcon, default: cifs_dbg(VFS, "info level %u isn't supported\n", srch_inf->info_level); @@ -57840,7 +58555,7 @@ index a81147e..20bf2b5 100644 /* diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c -index dc52e13..ec61057 100644 +index 3881610..ab3df0b 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c @@ -621,7 +621,7 @@ static int serial_struct_ioctl(unsigned fd, unsigned cmd, @@ -57852,7 +58567,7 @@ index dc52e13..ec61057 100644 if (__get_user(ss.iomem_reg_shift, &ss32->iomem_reg_shift) || __get_user(ss.port_high, &ss32->port_high)) return -EFAULT; -@@ -702,8 +702,8 @@ static int do_i2c_rdwr_ioctl(unsigned int fd, unsigned int cmd, +@@ -703,8 +703,8 @@ static int do_i2c_rdwr_ioctl(unsigned int fd, unsigned int cmd, for (i = 0; i < nmsgs; i++) { if (copy_in_user(&tmsgs[i].addr, &umsgs[i].addr, 3*sizeof(u16))) return -EFAULT; @@ -57863,7 +58578,7 @@ index dc52e13..ec61057 100644 return -EFAULT; } return sys_ioctl(fd, cmd, (unsigned long)tdata); -@@ -796,7 +796,7 @@ static int compat_ioctl_preallocate(struct file *file, +@@ -797,7 +797,7 @@ static int compat_ioctl_preallocate(struct file *file, copy_in_user(&p->l_len, &p32->l_len, sizeof(s64)) || copy_in_user(&p->l_sysid, &p32->l_sysid, sizeof(s32)) || copy_in_user(&p->l_pid, &p32->l_pid, sizeof(u32)) || @@ -57872,7 +58587,7 @@ index dc52e13..ec61057 100644 return -EFAULT; return ioctl_preallocate(file, p); -@@ -1616,8 +1616,8 @@ asmlinkage long compat_sys_ioctl(unsigned int fd, unsigned int cmd, +@@ -1617,8 +1617,8 @@ asmlinkage long compat_sys_ioctl(unsigned int fd, unsigned int cmd, static int __init init_sys32_ioctl_cmp(const void *p, const void *q) { unsigned int a, b; @@ -57912,10 +58627,27 @@ index e081acb..911df21 100644 /* * We'll have a dentry and an inode for diff --git a/fs/coredump.c b/fs/coredump.c -index bc3fbcd..6031650 100644 +index e3ad709..836c55f 100644 --- a/fs/coredump.c +++ b/fs/coredump.c -@@ -438,8 +438,8 @@ static void wait_for_dump_helpers(struct file *file) +@@ -73,10 +73,15 @@ static int expand_corename(struct core_name *cn, int size) + static int cn_vprintf(struct core_name *cn, const char *fmt, va_list arg) + { + int free, need; ++ va_list arg_copy; + + again: + free = cn->size - cn->used; +- need = vsnprintf(cn->corename + cn->used, free, fmt, arg); ++ ++ va_copy(arg_copy, arg); ++ need = vsnprintf(cn->corename + cn->used, free, fmt, arg_copy); ++ va_end(arg_copy); ++ + if (need < free) { + cn->used += need; + return 0; +@@ -437,8 +442,8 @@ static void wait_for_dump_helpers(struct file *file) struct pipe_inode_info *pipe = file->private_data; pipe_lock(pipe); @@ -57926,7 +58658,7 @@ index bc3fbcd..6031650 100644 wake_up_interruptible_sync(&pipe->wait); kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); pipe_unlock(pipe); -@@ -448,11 +448,11 @@ static void wait_for_dump_helpers(struct file *file) +@@ -447,11 +452,11 @@ static void wait_for_dump_helpers(struct file *file) * We actually want wait_event_freezable() but then we need * to clear TIF_SIGPENDING and improve dump_interrupted(). */ @@ -57941,7 +58673,7 @@ index bc3fbcd..6031650 100644 pipe_unlock(pipe); } -@@ -499,7 +499,9 @@ void do_coredump(const siginfo_t *siginfo) +@@ -498,7 +503,9 @@ void do_coredump(const siginfo_t *siginfo) struct files_struct *displaced; bool need_nonrelative = false; bool core_dumped = false; @@ -57952,7 +58684,7 @@ index bc3fbcd..6031650 100644 struct coredump_params cprm = { .siginfo = siginfo, .regs = signal_pt_regs(), -@@ -512,12 +514,17 @@ void do_coredump(const siginfo_t *siginfo) +@@ -511,12 +518,17 @@ void do_coredump(const siginfo_t *siginfo) .mm_flags = mm->flags, }; @@ -57972,7 +58704,7 @@ index bc3fbcd..6031650 100644 goto fail; cred = prepare_creds(); -@@ -536,7 +543,7 @@ void do_coredump(const siginfo_t *siginfo) +@@ -535,7 +547,7 @@ void do_coredump(const siginfo_t *siginfo) need_nonrelative = true; } @@ -57981,7 +58713,7 @@ index bc3fbcd..6031650 100644 if (retval < 0) goto fail_creds; -@@ -579,7 +586,7 @@ void do_coredump(const siginfo_t *siginfo) +@@ -578,7 +590,7 @@ void do_coredump(const siginfo_t *siginfo) } cprm.limit = RLIM_INFINITY; @@ -57990,7 +58722,7 @@ index bc3fbcd..6031650 100644 if (core_pipe_limit && (core_pipe_limit < dump_count)) { printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", task_tgid_vnr(current), current->comm); -@@ -611,6 +618,8 @@ void do_coredump(const siginfo_t *siginfo) +@@ -610,6 +622,8 @@ void do_coredump(const siginfo_t *siginfo) } else { struct inode *inode; @@ -57999,7 +58731,7 @@ index bc3fbcd..6031650 100644 if (cprm.limit < binfmt->min_coredump) goto fail_unlock; -@@ -669,7 +678,7 @@ close_fail: +@@ -668,7 +682,7 @@ close_fail: filp_close(cprm.file, NULL); fail_dropcount: if (ispipe) @@ -58008,7 +58740,7 @@ index bc3fbcd..6031650 100644 fail_unlock: kfree(cn.corename); coredump_finish(mm, core_dumped); -@@ -690,6 +699,8 @@ int dump_emit(struct coredump_params *cprm, const void *addr, int nr) +@@ -689,6 +703,8 @@ int dump_emit(struct coredump_params *cprm, const void *addr, int nr) struct file *file = cprm->file; loff_t pos = file->f_pos; ssize_t n; @@ -58018,7 +58750,7 @@ index bc3fbcd..6031650 100644 return 0; while (nr) { diff --git a/fs/dcache.c b/fs/dcache.c -index fdbe230..ba17c1f 100644 +index ca02c13..7e2b581 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -1495,7 +1495,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) @@ -58030,7 +58762,7 @@ index fdbe230..ba17c1f 100644 if (!dname) { kmem_cache_free(dentry_cache, dentry); return NULL; -@@ -3428,7 +3428,8 @@ void __init vfs_caches_init(unsigned long mempages) +@@ -3431,7 +3431,8 @@ void __init vfs_caches_init(unsigned long mempages) mempages -= reserve; names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0, @@ -58057,10 +58789,10 @@ index 9c0444c..628490c 100644 } EXPORT_SYMBOL_GPL(debugfs_create_dir); diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c -index c36c448..fc96710 100644 +index b167ca4..a224e19 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c -@@ -675,7 +675,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf, +@@ -673,7 +673,7 @@ static char *ecryptfs_readlink_lower(struct dentry *dentry, size_t *bufsiz) old_fs = get_fs(); set_fs(get_ds()); rc = lower_dentry->d_inode->i_op->readlink(lower_dentry, @@ -58083,7 +58815,7 @@ index e4141f2..d8263e8 100644 i += packet_length_size; if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) diff --git a/fs/exec.c b/fs/exec.c -index 7ea097f..0158d8a 100644 +index 3d78fcc..75b208f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -55,8 +55,20 @@ @@ -58107,7 +58839,7 @@ index 7ea097f..0158d8a 100644 #include <asm/mmu_context.h> #include <asm/tlb.h> -@@ -66,19 +78,34 @@ +@@ -65,19 +77,34 @@ #include <trace/events/sched.h> @@ -58144,7 +58876,7 @@ index 7ea097f..0158d8a 100644 write_unlock(&binfmt_lock); } -@@ -87,7 +114,7 @@ EXPORT_SYMBOL(__register_binfmt); +@@ -86,7 +113,7 @@ EXPORT_SYMBOL(__register_binfmt); void unregister_binfmt(struct linux_binfmt * fmt) { write_lock(&binfmt_lock); @@ -58153,7 +58885,7 @@ index 7ea097f..0158d8a 100644 write_unlock(&binfmt_lock); } -@@ -181,18 +208,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, +@@ -180,18 +207,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, int write) { struct page *page; @@ -58175,7 +58907,7 @@ index 7ea097f..0158d8a 100644 return NULL; if (write) { -@@ -208,6 +227,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, +@@ -207,6 +226,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, if (size <= ARG_MAX) return page; @@ -58193,7 +58925,7 @@ index 7ea097f..0158d8a 100644 /* * Limit to 1/4-th the stack size for the argv+env strings. * This ensures that: -@@ -267,6 +297,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) +@@ -266,6 +296,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) vma->vm_end = STACK_TOP_MAX; vma->vm_start = vma->vm_end - PAGE_SIZE; vma->vm_flags = VM_SOFTDIRTY | VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; @@ -58205,7 +58937,7 @@ index 7ea097f..0158d8a 100644 vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); INIT_LIST_HEAD(&vma->anon_vma_chain); -@@ -277,6 +312,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) +@@ -276,6 +311,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) mm->stack_vm = mm->total_vm = 1; up_write(&mm->mmap_sem); bprm->p = vma->vm_end - sizeof(void *); @@ -58218,7 +58950,7 @@ index 7ea097f..0158d8a 100644 return 0; err: up_write(&mm->mmap_sem); -@@ -397,7 +438,7 @@ struct user_arg_ptr { +@@ -396,7 +437,7 @@ struct user_arg_ptr { } ptr; }; @@ -58227,7 +58959,7 @@ index 7ea097f..0158d8a 100644 { const char __user *native; -@@ -406,14 +447,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) +@@ -405,14 +446,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) compat_uptr_t compat; if (get_user(compat, argv.ptr.compat + nr)) @@ -58244,7 +58976,7 @@ index 7ea097f..0158d8a 100644 return native; } -@@ -432,7 +473,7 @@ static int count(struct user_arg_ptr argv, int max) +@@ -431,7 +472,7 @@ static int count(struct user_arg_ptr argv, int max) if (!p) break; @@ -58253,7 +58985,7 @@ index 7ea097f..0158d8a 100644 return -EFAULT; if (i >= max) -@@ -467,7 +508,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, +@@ -466,7 +507,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, ret = -EFAULT; str = get_user_arg_ptr(argv, argc); @@ -58262,7 +58994,7 @@ index 7ea097f..0158d8a 100644 goto out; len = strnlen_user(str, MAX_ARG_STRLEN); -@@ -549,7 +590,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, +@@ -548,7 +589,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, int r; mm_segment_t oldfs = get_fs(); struct user_arg_ptr argv = { @@ -58271,7 +59003,7 @@ index 7ea097f..0158d8a 100644 }; set_fs(KERNEL_DS); -@@ -584,7 +625,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) +@@ -583,7 +624,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) unsigned long new_end = old_end - shift; struct mmu_gather tlb; @@ -58281,7 +59013,7 @@ index 7ea097f..0158d8a 100644 /* * ensure there are no vmas between where we want to go -@@ -593,6 +635,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) +@@ -592,6 +634,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) if (vma != find_vma(mm, new_start)) return -EFAULT; @@ -58292,7 +59024,7 @@ index 7ea097f..0158d8a 100644 /* * cover the whole range: [new_start, old_end) */ -@@ -673,10 +719,6 @@ int setup_arg_pages(struct linux_binprm *bprm, +@@ -672,10 +718,6 @@ int setup_arg_pages(struct linux_binprm *bprm, stack_top = arch_align_stack(stack_top); stack_top = PAGE_ALIGN(stack_top); @@ -58303,7 +59035,7 @@ index 7ea097f..0158d8a 100644 stack_shift = vma->vm_end - stack_top; bprm->p -= stack_shift; -@@ -688,8 +730,28 @@ int setup_arg_pages(struct linux_binprm *bprm, +@@ -687,8 +729,28 @@ int setup_arg_pages(struct linux_binprm *bprm, bprm->exec -= stack_shift; down_write(&mm->mmap_sem); @@ -58332,7 +59064,7 @@ index 7ea097f..0158d8a 100644 /* * Adjust stack execute permissions; explicitly enable for * EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone -@@ -708,13 +770,6 @@ int setup_arg_pages(struct linux_binprm *bprm, +@@ -707,13 +769,6 @@ int setup_arg_pages(struct linux_binprm *bprm, goto out_unlock; BUG_ON(prev != vma); @@ -58346,7 +59078,7 @@ index 7ea097f..0158d8a 100644 /* mprotect_fixup is overkill to remove the temporary stack flags */ vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; -@@ -738,6 +793,27 @@ int setup_arg_pages(struct linux_binprm *bprm, +@@ -737,6 +792,27 @@ int setup_arg_pages(struct linux_binprm *bprm, #endif current->mm->start_stack = bprm->p; ret = expand_stack(vma, stack_base); @@ -58374,16 +59106,16 @@ index 7ea097f..0158d8a 100644 if (ret) ret = -EFAULT; -@@ -774,6 +850,8 @@ struct file *open_exec(const char *name) +@@ -772,6 +848,8 @@ static struct file *do_open_exec(struct filename *name) fsnotify_open(file); -+ trace_open_exec(name); ++ trace_open_exec(name->name); + err = deny_write_access(file); if (err) goto exit; -@@ -797,7 +875,7 @@ int kernel_read(struct file *file, loff_t offset, +@@ -801,7 +879,7 @@ int kernel_read(struct file *file, loff_t offset, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -58392,16 +59124,24 @@ index 7ea097f..0158d8a 100644 set_fs(old_fs); return result; } -@@ -1253,7 +1331,7 @@ static int check_unsafe_exec(struct linux_binprm *bprm) +@@ -846,6 +924,7 @@ static int exec_mmap(struct mm_struct *mm) + tsk->mm = mm; + tsk->active_mm = mm; + activate_mm(active_mm, mm); ++ populate_stack(); + task_unlock(tsk); + if (old_mm) { + up_read(&old_mm->mmap_sem); +@@ -1258,7 +1337,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) } rcu_read_unlock(); -- if (p->fs->users > n_fs) { -+ if (atomic_read(&p->fs->users) > n_fs) { +- if (p->fs->users > n_fs) ++ if (atomic_read(&p->fs->users) > n_fs) bprm->unsafe |= LSM_UNSAFE_SHARE; - } else { - res = -EAGAIN; -@@ -1443,6 +1521,31 @@ static int exec_binprm(struct linux_binprm *bprm) + else + p->fs->in_exec = 1; +@@ -1434,6 +1513,31 @@ static int exec_binprm(struct linux_binprm *bprm) return ret; } @@ -58433,7 +59173,7 @@ index 7ea097f..0158d8a 100644 /* * sys_execve() executes a new program. */ -@@ -1450,12 +1553,19 @@ static int do_execve_common(const char *filename, +@@ -1441,6 +1545,11 @@ static int do_execve_common(struct filename *filename, struct user_arg_ptr argv, struct user_arg_ptr envp) { @@ -58445,38 +59185,38 @@ index 7ea097f..0158d8a 100644 struct linux_binprm *bprm; struct file *file; struct files_struct *displaced; - bool clear_in_exec; - int retval; +@@ -1449,6 +1558,8 @@ static int do_execve_common(struct filename *filename, + if (IS_ERR(filename)) + return PTR_ERR(filename); + gr_learn_resource(current, RLIMIT_NPROC, atomic_read(¤t_user()->processes), 1); + /* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs -@@ -1496,12 +1606,22 @@ static int do_execve_common(const char *filename, +@@ -1486,11 +1597,21 @@ static int do_execve_common(struct filename *filename, if (IS_ERR(file)) goto out_unmark; + if (gr_ptrace_readexec(file, bprm->unsafe)) { + retval = -EPERM; -+ goto out_file; ++ goto out_unmark; + } + sched_exec(); bprm->file = file; - bprm->filename = filename; - bprm->interp = filename; + bprm->filename = bprm->interp = filename->name; + if (!gr_acl_handle_execve(file->f_path.dentry, file->f_path.mnt)) { + retval = -EACCES; -+ goto out_file; ++ goto out_unmark; + } + retval = bprm_mm_init(bprm); if (retval) - goto out_file; -@@ -1518,24 +1638,70 @@ static int do_execve_common(const char *filename, + goto out_unmark; +@@ -1507,24 +1628,70 @@ static int do_execve_common(struct filename *filename, if (retval < 0) goto out; @@ -58551,7 +59291,7 @@ index 7ea097f..0158d8a 100644 current->fs->in_exec = 0; current->in_execve = 0; acct_update_integrals(current); -@@ -1545,6 +1711,14 @@ static int do_execve_common(const char *filename, +@@ -1535,6 +1702,14 @@ static int do_execve_common(struct filename *filename, put_files_struct(displaced); return retval; @@ -58566,8 +59306,8 @@ index 7ea097f..0158d8a 100644 out: if (bprm->mm) { acct_arg_size(bprm, 0); -@@ -1699,3 +1873,295 @@ asmlinkage long compat_sys_execve(const char __user * filename, - return error; +@@ -1626,3 +1801,311 @@ asmlinkage long compat_sys_execve(const char __user * filename, + return compat_do_execve(getname(filename), argv, envp); } #endif + @@ -58783,6 +59523,7 @@ index 7ea097f..0158d8a 100644 +#endif + +#ifdef CONFIG_PAX_USERCOPY ++ +static inline bool check_kernel_text_object(unsigned long low, unsigned long high) +{ +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) @@ -58800,25 +59541,38 @@ index 7ea097f..0158d8a 100644 +#ifdef CONFIG_X86_64 + /* check against linear mapping as well */ + if (high > (unsigned long)__va(__pa(textlow)) && -+ low <= (unsigned long)__va(__pa(texthigh))) ++ low < (unsigned long)__va(__pa(texthigh))) + return true; +#endif + +#endif + -+ if (high <= textlow || low > texthigh) ++ if (high <= textlow || low >= texthigh) + return false; + else + return true; +} +#endif + -+void __check_object_size(const void *ptr, unsigned long n, bool to_user) ++void __check_object_size(const void *ptr, unsigned long n, bool to_user, bool const_size) +{ -+ +#ifdef CONFIG_PAX_USERCOPY + const char *type; ++#endif ++ ++#ifndef CONFIG_STACK_GROWSUP ++ const void * stackstart = task_stack_page(current); ++ if (unlikely(current_stack_pointer < stackstart + 512 || ++ current_stack_pointer >= stackstart + THREAD_SIZE)) ++ BUG(); ++#endif ++ ++#ifndef CONFIG_PAX_USERCOPY_DEBUG ++ if (const_size) ++ return; ++#endif + ++#ifdef CONFIG_PAX_USERCOPY + if (!n) + return; + @@ -58849,6 +59603,8 @@ index 7ea097f..0158d8a 100644 + if (sp < current_thread_info()->lowest_stack && + sp > (unsigned long)task_stack_page(current)) + current_thread_info()->lowest_stack = sp; ++ if (unlikely((sp & ~(THREAD_SIZE - 1)) < (THREAD_SIZE/16))) ++ BUG(); +} +EXPORT_SYMBOL(pax_track_stack); +#endif @@ -58880,7 +59636,7 @@ index 9f9992b..8b59411 100644 } return 1; diff --git a/fs/ext2/xattr.c b/fs/ext2/xattr.c -index 2d7557d..14e38f94 100644 +index 9142614..97484fa 100644 --- a/fs/ext2/xattr.c +++ b/fs/ext2/xattr.c @@ -247,7 +247,7 @@ ext2_xattr_list(struct dentry *dentry, char *buffer, size_t buffer_size) @@ -58922,7 +59678,7 @@ index 22548f5..41521d8 100644 } return 1; diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c -index b1fc963..881228c 100644 +index c6874be..f8a6ae8 100644 --- a/fs/ext3/xattr.c +++ b/fs/ext3/xattr.c @@ -330,7 +330,7 @@ static int @@ -58962,7 +59718,7 @@ index 6ea7b14..8fa16d9 100644 if (free_clusters >= (nclusters + dirty_clusters + resv_clusters)) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h -index d3a534f..242c50a 100644 +index 3a603a8..9b868ba 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -1269,19 +1269,19 @@ struct ext4_sb_info { @@ -59148,7 +59904,7 @@ index 710fed2..a82e4e8 100644 static int parse_strtoull(const char *buf, unsigned long long max, unsigned long long *value) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c -index 1423c48..9c0c6dc 100644 +index 55e611c..cfad16d 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -381,7 +381,7 @@ static int @@ -59203,7 +59959,7 @@ index 999ff5c..41f4109 100644 sizeof(struct file_handle) + handle_bytes)) retval = -EFAULT; diff --git a/fs/file.c b/fs/file.c -index 9de2026..8e334ca 100644 +index eb56a13..ccee850 100644 --- a/fs/file.c +++ b/fs/file.c @@ -16,6 +16,7 @@ @@ -59232,7 +59988,7 @@ index 9de2026..8e334ca 100644 { struct fdtable *fdt; -@@ -828,6 +829,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) +@@ -807,6 +808,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) if (!file) return __close_fd(files, fd); @@ -59240,7 +59996,7 @@ index 9de2026..8e334ca 100644 if (fd >= rlimit(RLIMIT_NOFILE)) return -EBADF; -@@ -854,6 +856,7 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags) +@@ -833,6 +835,7 @@ SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags) if (unlikely(oldfd == newfd)) return -EINVAL; @@ -59248,7 +60004,7 @@ index 9de2026..8e334ca 100644 if (newfd >= rlimit(RLIMIT_NOFILE)) return -EBADF; -@@ -909,6 +912,7 @@ SYSCALL_DEFINE1(dup, unsigned int, fildes) +@@ -888,6 +891,7 @@ SYSCALL_DEFINE1(dup, unsigned int, fildes) int f_dupfd(unsigned int from, struct file *file, unsigned flags) { int err; @@ -59723,10 +60479,10 @@ index 4226f66..0fb3f45 100644 #endif diff --git a/fs/fscache/object.c b/fs/fscache/object.c -index 53d35c5..5d68ed4 100644 +index d3b4539..ed0c659 100644 --- a/fs/fscache/object.c +++ b/fs/fscache/object.c -@@ -451,7 +451,7 @@ static const struct fscache_state *fscache_look_up_object(struct fscache_object +@@ -454,7 +454,7 @@ static const struct fscache_state *fscache_look_up_object(struct fscache_object _debug("LOOKUP \"%s\" in \"%s\"", cookie->def->name, object->cache->tag->name); @@ -59735,7 +60491,7 @@ index 53d35c5..5d68ed4 100644 fscache_stat(&fscache_n_cop_lookup_object); ret = object->cache->ops->lookup_object(object); fscache_stat_d(&fscache_n_cop_lookup_object); -@@ -461,7 +461,7 @@ static const struct fscache_state *fscache_look_up_object(struct fscache_object +@@ -464,7 +464,7 @@ static const struct fscache_state *fscache_look_up_object(struct fscache_object if (ret == -ETIMEDOUT) { /* probably stuck behind another object, so move this one to * the back of the queue */ @@ -59744,7 +60500,7 @@ index 53d35c5..5d68ed4 100644 _leave(" [timeout]"); return NO_TRANSIT; } -@@ -489,7 +489,7 @@ void fscache_object_lookup_negative(struct fscache_object *object) +@@ -492,7 +492,7 @@ void fscache_object_lookup_negative(struct fscache_object *object) _enter("{OBJ%x,%s}", object->debug_id, object->state->name); if (!test_and_set_bit(FSCACHE_OBJECT_IS_LOOKED_UP, &object->flags)) { @@ -59753,7 +60509,7 @@ index 53d35c5..5d68ed4 100644 /* Allow write requests to begin stacking up and read requests to begin * returning ENODATA. -@@ -524,7 +524,7 @@ void fscache_obtained_object(struct fscache_object *object) +@@ -527,7 +527,7 @@ void fscache_obtained_object(struct fscache_object *object) /* if we were still looking up, then we must have a positive lookup * result, in which case there may be data available */ if (!test_and_set_bit(FSCACHE_OBJECT_IS_LOOKED_UP, &object->flags)) { @@ -59762,7 +60518,7 @@ index 53d35c5..5d68ed4 100644 /* We do (presumably) have data */ clear_bit_unlock(FSCACHE_COOKIE_NO_DATA_YET, &cookie->flags); -@@ -536,7 +536,7 @@ void fscache_obtained_object(struct fscache_object *object) +@@ -539,7 +539,7 @@ void fscache_obtained_object(struct fscache_object *object) clear_bit_unlock(FSCACHE_COOKIE_LOOKING_UP, &cookie->flags); wake_up_bit(&cookie->flags, FSCACHE_COOKIE_LOOKING_UP); } else { @@ -59771,7 +60527,7 @@ index 53d35c5..5d68ed4 100644 } set_bit(FSCACHE_OBJECT_IS_AVAILABLE, &object->flags); -@@ -572,7 +572,7 @@ static const struct fscache_state *fscache_object_available(struct fscache_objec +@@ -575,7 +575,7 @@ static const struct fscache_state *fscache_object_available(struct fscache_objec fscache_stat_d(&fscache_n_cop_lookup_complete); fscache_hist(fscache_obj_instantiate_histogram, object->lookup_jif); @@ -59780,7 +60536,7 @@ index 53d35c5..5d68ed4 100644 _leave(""); return transit_to(JUMPSTART_DEPS); -@@ -719,7 +719,7 @@ static const struct fscache_state *fscache_drop_object(struct fscache_object *ob +@@ -722,7 +722,7 @@ static const struct fscache_state *fscache_drop_object(struct fscache_object *ob /* this just shifts the object release to the work processor */ fscache_put_object(object); @@ -59789,7 +60545,7 @@ index 53d35c5..5d68ed4 100644 _leave(""); return transit_to(OBJECT_DEAD); -@@ -884,7 +884,7 @@ enum fscache_checkaux fscache_check_aux(struct fscache_object *object, +@@ -887,7 +887,7 @@ enum fscache_checkaux fscache_check_aux(struct fscache_object *object, enum fscache_checkaux result; if (!object->cookie->def->check_aux) { @@ -59798,7 +60554,7 @@ index 53d35c5..5d68ed4 100644 return FSCACHE_CHECKAUX_OKAY; } -@@ -893,17 +893,17 @@ enum fscache_checkaux fscache_check_aux(struct fscache_object *object, +@@ -896,17 +896,17 @@ enum fscache_checkaux fscache_check_aux(struct fscache_object *object, switch (result) { /* entry okay as is */ case FSCACHE_CHECKAUX_OKAY: @@ -59819,7 +60575,7 @@ index 53d35c5..5d68ed4 100644 break; default: -@@ -989,7 +989,7 @@ static const struct fscache_state *fscache_invalidate_object(struct fscache_obje +@@ -992,7 +992,7 @@ static const struct fscache_state *fscache_invalidate_object(struct fscache_obje { const struct fscache_state *s; @@ -59828,7 +60584,7 @@ index 53d35c5..5d68ed4 100644 fscache_stat(&fscache_n_cop_invalidate_object); s = _fscache_invalidate_object(object, event); fscache_stat_d(&fscache_n_cop_invalidate_object); -@@ -1004,7 +1004,7 @@ static const struct fscache_state *fscache_update_object(struct fscache_object * +@@ -1007,7 +1007,7 @@ static const struct fscache_state *fscache_update_object(struct fscache_object * { _enter("{OBJ%x},%d", object->debug_id, event); @@ -60768,7 +61524,7 @@ index b96a49b..9bfdc47 100644 cuse_class = class_create(THIS_MODULE, "cuse"); if (IS_ERR(cuse_class)) diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c -index fa8cb4b..4acb935 100644 +index 0a648bb..8d463f1 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -1323,7 +1323,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, @@ -60790,10 +61546,10 @@ index fa8cb4b..4acb935 100644 } diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c -index c3eb2c4..98007d4 100644 +index 1d1292c..bba17ea 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c -@@ -1408,7 +1408,7 @@ static char *read_link(struct dentry *dentry) +@@ -1418,7 +1418,7 @@ static char *read_link(struct dentry *dentry) return link; } @@ -60803,10 +61559,10 @@ index c3eb2c4..98007d4 100644 if (!IS_ERR(link)) free_page((unsigned long) link); diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c -index db23ce1..9e6cd9d 100644 +index fe649d3..c679164 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c -@@ -895,7 +895,7 @@ static void *hostfs_follow_link(struct dentry *dentry, struct nameidata *nd) +@@ -898,7 +898,7 @@ static void *hostfs_follow_link(struct dentry *dentry, struct nameidata *nd) static void hostfs_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie) { @@ -60909,10 +61665,10 @@ index a6597d6..41b30ec 100644 /* diff --git a/fs/jfs/super.c b/fs/jfs/super.c -index 6669aa2..36b033d 100644 +index e2b7483..855bca3 100644 --- a/fs/jfs/super.c +++ b/fs/jfs/super.c -@@ -882,7 +882,7 @@ static int __init init_jfs_fs(void) +@@ -884,7 +884,7 @@ static int __init init_jfs_fs(void) jfs_inode_cachep = kmem_cache_create("jfs_ip", sizeof(struct jfs_inode_info), 0, @@ -60921,6 +61677,97 @@ index 6669aa2..36b033d 100644 init_once); if (jfs_inode_cachep == NULL) return -ENOMEM; +diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c +index 39c0143..d54fad4 100644 +--- a/fs/kernfs/dir.c ++++ b/fs/kernfs/dir.c +@@ -28,7 +28,7 @@ DEFINE_MUTEX(kernfs_mutex); + * + * Returns 31 bit hash of ns + name (so it fits in an off_t ) + */ +-static unsigned int kernfs_name_hash(const char *name, const void *ns) ++static unsigned int kernfs_name_hash(const unsigned char *name, const void *ns) + { + unsigned long hash = init_name_hash(); + unsigned int len = strlen(name); +diff --git a/fs/kernfs/file.c b/fs/kernfs/file.c +index dbf397b..d624b48 100644 +--- a/fs/kernfs/file.c ++++ b/fs/kernfs/file.c +@@ -33,7 +33,7 @@ static DEFINE_MUTEX(kernfs_open_file_mutex); + + struct kernfs_open_node { + atomic_t refcnt; +- atomic_t event; ++ atomic_unchecked_t event; + wait_queue_head_t poll; + struct list_head files; /* goes through kernfs_open_file.list */ + }; +@@ -149,7 +149,7 @@ static int kernfs_seq_show(struct seq_file *sf, void *v) + { + struct kernfs_open_file *of = sf->private; + +- of->event = atomic_read(&of->kn->attr.open->event); ++ of->event = atomic_read_unchecked(&of->kn->attr.open->event); + + return of->kn->attr.ops->seq_show(sf, v); + } +@@ -353,12 +353,12 @@ static int kernfs_vma_page_mkwrite(struct vm_area_struct *vma, + return ret; + } + +-static int kernfs_vma_access(struct vm_area_struct *vma, unsigned long addr, +- void *buf, int len, int write) ++static ssize_t kernfs_vma_access(struct vm_area_struct *vma, unsigned long addr, ++ void *buf, size_t len, int write) + { + struct file *file = vma->vm_file; + struct kernfs_open_file *of = kernfs_of(file); +- int ret; ++ ssize_t ret; + + if (!of->vm_ops) + return -EINVAL; +@@ -557,7 +557,7 @@ static int kernfs_get_open_node(struct kernfs_node *kn, + return -ENOMEM; + + atomic_set(&new_on->refcnt, 0); +- atomic_set(&new_on->event, 1); ++ atomic_set_unchecked(&new_on->event, 1); + init_waitqueue_head(&new_on->poll); + INIT_LIST_HEAD(&new_on->files); + goto retry; +@@ -754,7 +754,7 @@ static unsigned int kernfs_fop_poll(struct file *filp, poll_table *wait) + + kernfs_put_active(kn); + +- if (of->event != atomic_read(&on->event)) ++ if (of->event != atomic_read_unchecked(&on->event)) + goto trigger; + + return DEFAULT_POLLMASK; +@@ -779,7 +779,7 @@ void kernfs_notify(struct kernfs_node *kn) + if (!WARN_ON(kernfs_type(kn) != KERNFS_FILE)) { + on = kn->attr.open; + if (on) { +- atomic_inc(&on->event); ++ atomic_inc_unchecked(&on->event); + wake_up_interruptible(&on->poll); + } + } +diff --git a/fs/kernfs/symlink.c b/fs/kernfs/symlink.c +index 4d45705..b35e0bd 100644 +--- a/fs/kernfs/symlink.c ++++ b/fs/kernfs/symlink.c +@@ -132,7 +132,7 @@ static void *kernfs_iop_follow_link(struct dentry *dentry, struct nameidata *nd) + static void kernfs_iop_put_link(struct dentry *dentry, struct nameidata *nd, + void *cookie) + { +- char *page = nd_get_link(nd); ++ const char *page = nd_get_link(nd); + if (!IS_ERR(page)) + free_page((unsigned long)page); + } diff --git a/fs/libfs.c b/fs/libfs.c index a184424..944ddce 100644 --- a/fs/libfs.c @@ -60977,10 +61824,10 @@ index acd3947..1f896e2 100644 memcpy(c->data, &cookie, 4); c->len=4; diff --git a/fs/locks.c b/fs/locks.c -index 92a0f0a..45a48f0 100644 +index 4dd39b9..12d6aaf 100644 --- a/fs/locks.c +++ b/fs/locks.c -@@ -2219,16 +2219,16 @@ void locks_remove_flock(struct file *filp) +@@ -2218,16 +2218,16 @@ void locks_remove_flock(struct file *filp) return; if (filp->f_op->flock) { @@ -61002,7 +61849,7 @@ index 92a0f0a..45a48f0 100644 spin_lock(&inode->i_lock); diff --git a/fs/mount.h b/fs/mount.h -index a17458c..e69fb5b 100644 +index b29e42f..5ea7fdf 100644 --- a/fs/mount.h +++ b/fs/mount.h @@ -11,7 +11,7 @@ struct mnt_namespace { @@ -61024,10 +61871,10 @@ index a17458c..e69fb5b 100644 #define MNT_NS_INTERNAL ERR_PTR(-EINVAL) /* distinct from any mnt_namespace */ diff --git a/fs/namei.c b/fs/namei.c -index cfe6608..f9deefc 100644 +index 4b491b4..a0166f9 100644 --- a/fs/namei.c +++ b/fs/namei.c -@@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) +@@ -330,16 +330,32 @@ int generic_permission(struct inode *inode, int mask) if (ret != -EACCES) return ret; @@ -61063,7 +61910,7 @@ index cfe6608..f9deefc 100644 * Read/write DACs are always overridable. * Executable DACs are overridable when there is * at least one exec bit set. -@@ -337,14 +353,6 @@ int generic_permission(struct inode *inode, int mask) +@@ -348,14 +364,6 @@ int generic_permission(struct inode *inode, int mask) if (inode_capable(inode, CAP_DAC_OVERRIDE)) return 0; @@ -61078,7 +61925,7 @@ index cfe6608..f9deefc 100644 return -EACCES; } -@@ -810,7 +818,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -821,7 +829,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) { struct dentry *dentry = link->dentry; int error; @@ -61087,7 +61934,7 @@ index cfe6608..f9deefc 100644 BUG_ON(nd->flags & LOOKUP_RCU); -@@ -831,6 +839,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -842,6 +850,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) if (error) goto out_put_nd_path; @@ -61100,7 +61947,7 @@ index cfe6608..f9deefc 100644 nd->last_type = LAST_BIND; *p = dentry->d_inode->i_op->follow_link(dentry, nd); error = PTR_ERR(*p); -@@ -1582,6 +1596,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) +@@ -1590,6 +1604,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) if (res) break; res = walk_component(nd, path, LOOKUP_FOLLOW); @@ -61109,7 +61956,7 @@ index cfe6608..f9deefc 100644 put_link(nd, &link, cookie); } while (res > 0); -@@ -1655,7 +1671,7 @@ EXPORT_SYMBOL(full_name_hash); +@@ -1663,7 +1679,7 @@ EXPORT_SYMBOL(full_name_hash); static inline unsigned long hash_name(const char *name, unsigned int *hashp) { unsigned long a, b, adata, bdata, mask, hash, len; @@ -61118,7 +61965,7 @@ index cfe6608..f9deefc 100644 hash = a = 0; len = -sizeof(unsigned long); -@@ -1939,6 +1955,8 @@ static int path_lookupat(int dfd, const char *name, +@@ -1947,6 +1963,8 @@ static int path_lookupat(int dfd, const char *name, if (err) break; err = lookup_last(nd, &path); @@ -61127,7 +61974,7 @@ index cfe6608..f9deefc 100644 put_link(nd, &link, cookie); } } -@@ -1946,6 +1964,13 @@ static int path_lookupat(int dfd, const char *name, +@@ -1954,6 +1972,13 @@ static int path_lookupat(int dfd, const char *name, if (!err) err = complete_walk(nd); @@ -61141,7 +61988,7 @@ index cfe6608..f9deefc 100644 if (!err && nd->flags & LOOKUP_DIRECTORY) { if (!d_is_directory(nd->path.dentry)) { path_put(&nd->path); -@@ -1973,8 +1998,15 @@ static int filename_lookup(int dfd, struct filename *name, +@@ -1981,8 +2006,15 @@ static int filename_lookup(int dfd, struct filename *name, retval = path_lookupat(dfd, name->name, flags | LOOKUP_REVAL, nd); @@ -61158,7 +62005,7 @@ index cfe6608..f9deefc 100644 return retval; } -@@ -2548,6 +2580,13 @@ static int may_open(struct path *path, int acc_mode, int flag) +@@ -2556,6 +2588,13 @@ static int may_open(struct path *path, int acc_mode, int flag) if (flag & O_NOATIME && !inode_owner_or_capable(inode)) return -EPERM; @@ -61172,7 +62019,7 @@ index cfe6608..f9deefc 100644 return 0; } -@@ -2779,7 +2818,7 @@ looked_up: +@@ -2787,7 +2826,7 @@ looked_up: * cleared otherwise prior to returning. */ static int lookup_open(struct nameidata *nd, struct path *path, @@ -61181,7 +62028,7 @@ index cfe6608..f9deefc 100644 const struct open_flags *op, bool got_write, int *opened) { -@@ -2814,6 +2853,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2822,6 +2861,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, /* Negative dentry, just create the file */ if (!dentry->d_inode && (op->open_flag & O_CREAT)) { umode_t mode = op->mode; @@ -61199,7 +62046,7 @@ index cfe6608..f9deefc 100644 if (!IS_POSIXACL(dir->d_inode)) mode &= ~current_umask(); /* -@@ -2835,6 +2885,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2843,6 +2893,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, nd->flags & LOOKUP_EXCL); if (error) goto out_dput; @@ -61208,7 +62055,7 @@ index cfe6608..f9deefc 100644 } out_no_open: path->dentry = dentry; -@@ -2849,7 +2901,7 @@ out_dput: +@@ -2857,7 +2909,7 @@ out_dput: /* * Handle the last step of open() */ @@ -61217,7 +62064,7 @@ index cfe6608..f9deefc 100644 struct file *file, const struct open_flags *op, int *opened, struct filename *name) { -@@ -2899,6 +2951,15 @@ static int do_last(struct nameidata *nd, struct path *path, +@@ -2907,6 +2959,15 @@ static int do_last(struct nameidata *nd, struct path *path, if (error) return error; @@ -61233,7 +62080,7 @@ index cfe6608..f9deefc 100644 audit_inode(name, dir, LOOKUP_PARENT); error = -EISDIR; /* trailing slashes? */ -@@ -2918,7 +2979,7 @@ retry_lookup: +@@ -2926,7 +2987,7 @@ retry_lookup: */ } mutex_lock(&dir->d_inode->i_mutex); @@ -61242,7 +62089,7 @@ index cfe6608..f9deefc 100644 mutex_unlock(&dir->d_inode->i_mutex); if (error <= 0) { -@@ -2942,11 +3003,28 @@ retry_lookup: +@@ -2950,11 +3011,28 @@ retry_lookup: goto finish_open_created; } @@ -61272,7 +62119,7 @@ index cfe6608..f9deefc 100644 /* * If atomic_open() acquired write access it is dropped now due to -@@ -2987,6 +3065,11 @@ finish_lookup: +@@ -2995,6 +3073,11 @@ finish_lookup: } } BUG_ON(inode != path->dentry->d_inode); @@ -61284,7 +62131,7 @@ index cfe6608..f9deefc 100644 return 1; } -@@ -2996,7 +3079,6 @@ finish_lookup: +@@ -3004,7 +3087,6 @@ finish_lookup: save_parent.dentry = nd->path.dentry; save_parent.mnt = mntget(path->mnt); nd->path.dentry = path->dentry; @@ -61292,7 +62139,7 @@ index cfe6608..f9deefc 100644 } nd->inode = inode; /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ -@@ -3006,7 +3088,18 @@ finish_open: +@@ -3014,7 +3096,18 @@ finish_open: path_put(&save_parent); return error; } @@ -61311,7 +62158,7 @@ index cfe6608..f9deefc 100644 error = -EISDIR; if ((open_flag & O_CREAT) && (d_is_directory(nd->path.dentry) || d_is_autodir(nd->path.dentry))) -@@ -3170,7 +3263,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -3178,7 +3271,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, if (unlikely(error)) goto out; @@ -61320,7 +62167,7 @@ index cfe6608..f9deefc 100644 while (unlikely(error > 0)) { /* trailing symlink */ struct path link = path; void *cookie; -@@ -3188,7 +3281,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -3196,7 +3289,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, error = follow_link(&link, nd, &cookie); if (unlikely(error)) break; @@ -61329,7 +62176,7 @@ index cfe6608..f9deefc 100644 put_link(nd, &link, cookie); } out: -@@ -3288,9 +3381,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, +@@ -3296,9 +3389,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, goto unlock; error = -EEXIST; @@ -61343,7 +62190,7 @@ index cfe6608..f9deefc 100644 /* * Special case - lookup gave negative, but... we had foo/bar/ * From the vfs_mknod() POV we just have a negative dentry - -@@ -3342,6 +3437,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, +@@ -3350,6 +3445,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, } EXPORT_SYMBOL(user_path_create); @@ -61364,7 +62211,7 @@ index cfe6608..f9deefc 100644 int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { int error = may_create(dir, dentry); -@@ -3404,6 +3513,17 @@ retry: +@@ -3412,6 +3521,17 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -61382,7 +62229,7 @@ index cfe6608..f9deefc 100644 error = security_path_mknod(&path, dentry, mode, dev); if (error) goto out; -@@ -3420,6 +3540,8 @@ retry: +@@ -3428,6 +3548,8 @@ retry: break; } out: @@ -61391,7 +62238,7 @@ index cfe6608..f9deefc 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3472,9 +3594,16 @@ retry: +@@ -3480,9 +3602,16 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -61408,7 +62255,7 @@ index cfe6608..f9deefc 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3555,6 +3684,8 @@ static long do_rmdir(int dfd, const char __user *pathname) +@@ -3563,6 +3692,8 @@ static long do_rmdir(int dfd, const char __user *pathname) struct filename *name; struct dentry *dentry; struct nameidata nd; @@ -61417,7 +62264,7 @@ index cfe6608..f9deefc 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3587,10 +3718,21 @@ retry: +@@ -3595,10 +3726,21 @@ retry: error = -ENOENT; goto exit3; } @@ -61439,7 +62286,7 @@ index cfe6608..f9deefc 100644 exit3: dput(dentry); exit2: -@@ -3680,6 +3822,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) +@@ -3688,6 +3830,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) struct nameidata nd; struct inode *inode = NULL; struct inode *delegated_inode = NULL; @@ -61448,7 +62295,7 @@ index cfe6608..f9deefc 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3706,10 +3850,22 @@ retry_deleg: +@@ -3714,10 +3858,22 @@ retry_deleg: if (d_is_negative(dentry)) goto slashes; ihold(inode); @@ -61471,7 +62318,7 @@ index cfe6608..f9deefc 100644 exit2: dput(dentry); } -@@ -3797,9 +3953,17 @@ retry: +@@ -3805,9 +3961,17 @@ retry: if (IS_ERR(dentry)) goto out_putname; @@ -61489,7 +62336,7 @@ index cfe6608..f9deefc 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3902,6 +4066,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, +@@ -3910,6 +4074,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, struct dentry *new_dentry; struct path old_path, new_path; struct inode *delegated_inode = NULL; @@ -61497,7 +62344,7 @@ index cfe6608..f9deefc 100644 int how = 0; int error; -@@ -3925,7 +4090,7 @@ retry: +@@ -3933,7 +4098,7 @@ retry: if (error) return error; @@ -61506,7 +62353,7 @@ index cfe6608..f9deefc 100644 (how & LOOKUP_REVAL)); error = PTR_ERR(new_dentry); if (IS_ERR(new_dentry)) -@@ -3937,11 +4102,28 @@ retry: +@@ -3945,11 +4110,28 @@ retry: error = may_linkat(&old_path); if (unlikely(error)) goto out_dput; @@ -61535,7 +62382,7 @@ index cfe6608..f9deefc 100644 done_path_create(&new_path, new_dentry); if (delegated_inode) { error = break_deleg_wait(&delegated_inode); -@@ -4228,6 +4410,12 @@ retry_deleg: +@@ -4236,6 +4418,12 @@ retry_deleg: if (new_dentry == trap) goto exit5; @@ -61548,7 +62395,7 @@ index cfe6608..f9deefc 100644 error = security_path_rename(&oldnd.path, old_dentry, &newnd.path, new_dentry); if (error) -@@ -4235,6 +4423,9 @@ retry_deleg: +@@ -4243,6 +4431,9 @@ retry_deleg: error = vfs_rename(old_dir->d_inode, old_dentry, new_dir->d_inode, new_dentry, &delegated_inode); @@ -61558,7 +62405,7 @@ index cfe6608..f9deefc 100644 exit5: dput(new_dentry); exit4: -@@ -4271,6 +4462,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna +@@ -4279,6 +4470,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) { @@ -61567,7 +62414,7 @@ index cfe6608..f9deefc 100644 int len; len = PTR_ERR(link); -@@ -4280,7 +4473,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c +@@ -4288,7 +4481,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c len = strlen(link); if (len > (unsigned) buflen) len = buflen; @@ -61584,10 +62431,10 @@ index cfe6608..f9deefc 100644 out: return len; diff --git a/fs/namespace.c b/fs/namespace.c -index be32ebc..c595734 100644 +index 65233a5..82ac953 100644 --- a/fs/namespace.c +++ b/fs/namespace.c -@@ -1293,6 +1293,9 @@ static int do_umount(struct mount *mnt, int flags) +@@ -1339,6 +1339,9 @@ static int do_umount(struct mount *mnt, int flags) if (!(sb->s_flags & MS_RDONLY)) retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); up_write(&sb->s_umount); @@ -61597,7 +62444,7 @@ index be32ebc..c595734 100644 return retval; } -@@ -1315,6 +1318,9 @@ static int do_umount(struct mount *mnt, int flags) +@@ -1361,6 +1364,9 @@ static int do_umount(struct mount *mnt, int flags) } unlock_mount_hash(); namespace_unlock(); @@ -61607,7 +62454,7 @@ index be32ebc..c595734 100644 return retval; } -@@ -1334,7 +1340,7 @@ static inline bool may_mount(void) +@@ -1380,7 +1386,7 @@ static inline bool may_mount(void) * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD */ @@ -61616,7 +62463,7 @@ index be32ebc..c595734 100644 { struct path path; struct mount *mnt; -@@ -1376,7 +1382,7 @@ out: +@@ -1422,7 +1428,7 @@ out: /* * The 2.0 compatible umount. No flags. */ @@ -61625,7 +62472,7 @@ index be32ebc..c595734 100644 { return sys_umount(name, 0); } -@@ -2379,6 +2385,16 @@ long do_mount(const char *dev_name, const char *dir_name, +@@ -2431,6 +2437,16 @@ long do_mount(const char *dev_name, const char *dir_name, MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | MS_STRICTATIME); @@ -61642,7 +62489,7 @@ index be32ebc..c595734 100644 if (flags & MS_REMOUNT) retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, data_page); -@@ -2393,6 +2409,9 @@ long do_mount(const char *dev_name, const char *dir_name, +@@ -2445,6 +2461,9 @@ long do_mount(const char *dev_name, const char *dir_name, dev_name, data_page); dput_out: path_put(&path); @@ -61652,7 +62499,7 @@ index be32ebc..c595734 100644 return retval; } -@@ -2410,7 +2429,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) +@@ -2462,7 +2481,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) * number incrementing at 10Ghz will take 12,427 years to wrap which * is effectively never, so we can ignore the possibility. */ @@ -61661,7 +62508,7 @@ index be32ebc..c595734 100644 static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) { -@@ -2425,7 +2444,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) +@@ -2477,7 +2496,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) kfree(new_ns); return ERR_PTR(ret); } @@ -61670,7 +62517,7 @@ index be32ebc..c595734 100644 atomic_set(&new_ns->count, 1); new_ns->root = NULL; INIT_LIST_HEAD(&new_ns->list); -@@ -2435,7 +2454,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) +@@ -2487,7 +2506,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) return new_ns; } @@ -61679,7 +62526,7 @@ index be32ebc..c595734 100644 struct user_namespace *user_ns, struct fs_struct *new_fs) { struct mnt_namespace *new_ns; -@@ -2556,8 +2575,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) +@@ -2608,8 +2627,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) } EXPORT_SYMBOL(mount_subtree); @@ -61690,7 +62537,7 @@ index be32ebc..c595734 100644 { int ret; char *kernel_type; -@@ -2670,6 +2689,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, +@@ -2722,6 +2741,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, if (error) goto out2; @@ -61702,7 +62549,7 @@ index be32ebc..c595734 100644 get_fs_root(current->fs, &root); old_mp = lock_mount(&old); error = PTR_ERR(old_mp); -@@ -2930,7 +2954,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns) +@@ -2990,7 +3014,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns) !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) return -EPERM; @@ -61725,10 +62572,10 @@ index f4ccfe6..a5cf064 100644 static struct callback_op callback_ops[]; diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c -index 5d94c02..630214f 100644 +index 360114a..ac6e265 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c -@@ -1153,16 +1153,16 @@ static int nfs_size_need_update(const struct inode *inode, const struct nfs_fatt +@@ -1189,16 +1189,16 @@ static int nfs_size_need_update(const struct inode *inode, const struct nfs_fatt return nfs_size_to_loff_t(fattr->size) > i_size_read(inode); } @@ -61749,10 +62596,10 @@ index 5d94c02..630214f 100644 void nfs_fattr_init(struct nfs_fattr *fattr) diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c -index 419572f..5414a23 100644 +index 9a914e8..e89c0ea 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c -@@ -1168,7 +1168,7 @@ struct nfsd4_operation { +@@ -1178,7 +1178,7 @@ struct nfsd4_operation { nfsd4op_rsize op_rsize_bop; stateid_getter op_get_currentstateid; stateid_setter op_set_currentstateid; @@ -61762,10 +62609,10 @@ index 419572f..5414a23 100644 static struct nfsd4_operation nfsd4_ops[]; diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c -index ee7237f..e3ae60a 100644 +index 16e8fa7..b0803f6 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c -@@ -1523,7 +1523,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) +@@ -1531,7 +1531,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); @@ -61775,10 +62622,10 @@ index ee7237f..e3ae60a 100644 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, diff --git a/fs/nfsd/nfscache.c b/fs/nfsd/nfscache.c -index b6af150..f6ec5e3 100644 +index f8f060f..c4ba09a 100644 --- a/fs/nfsd/nfscache.c +++ b/fs/nfsd/nfscache.c -@@ -547,14 +547,17 @@ nfsd_cache_update(struct svc_rqst *rqstp, int cachetype, __be32 *statp) +@@ -519,14 +519,17 @@ nfsd_cache_update(struct svc_rqst *rqstp, int cachetype, __be32 *statp) { struct svc_cacherep *rp = rqstp->rq_cacherep; struct kvec *resv = &rqstp->rq_res.head[0], *cachv; @@ -61800,10 +62647,10 @@ index b6af150..f6ec5e3 100644 /* Don't cache excessive amounts of data and XDR failures */ if (!statp || len > (256 >> 2)) { diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c -index 7eea63c..a35f4fb 100644 +index eea5ad1..5a84ac7 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c -@@ -993,7 +993,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, +@@ -843,7 +843,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, } else { oldfs = get_fs(); set_fs(KERNEL_DS); @@ -61812,7 +62659,7 @@ index 7eea63c..a35f4fb 100644 set_fs(oldfs); } -@@ -1084,7 +1084,7 @@ nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, +@@ -934,7 +934,7 @@ nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, /* Write the data. */ oldfs = get_fs(); set_fs(KERNEL_DS); @@ -61821,7 +62668,7 @@ index 7eea63c..a35f4fb 100644 set_fs(oldfs); if (host_err < 0) goto out_nfserr; -@@ -1629,7 +1629,7 @@ nfsd_readlink(struct svc_rqst *rqstp, struct svc_fh *fhp, char *buf, int *lenp) +@@ -1479,7 +1479,7 @@ nfsd_readlink(struct svc_rqst *rqstp, struct svc_fh *fhp, char *buf, int *lenp) */ oldfs = get_fs(); set_fs(KERNEL_DS); @@ -61831,12 +62678,12 @@ index 7eea63c..a35f4fb 100644 if (host_err < 0) diff --git a/fs/nls/nls_base.c b/fs/nls/nls_base.c -index fea6bd5..8ee9d81 100644 +index 52ccd34..43a53b1 100644 --- a/fs/nls/nls_base.c +++ b/fs/nls/nls_base.c -@@ -234,20 +234,22 @@ EXPORT_SYMBOL(utf16s_to_utf8s); +@@ -234,21 +234,25 @@ EXPORT_SYMBOL(utf16s_to_utf8s); - int register_nls(struct nls_table * nls) + int __register_nls(struct nls_table *nls, struct module *owner) { - struct nls_table ** tmp = &tables; + struct nls_table *tmp = tables; @@ -61844,6 +62691,10 @@ index fea6bd5..8ee9d81 100644 if (nls->next) return -EBUSY; +- nls->owner = owner; ++ pax_open_kernel(); ++ *(void **)&nls->owner = owner; ++ pax_close_kernel(); spin_lock(&nls_lock); - while (*tmp) { - if (nls == *tmp) { @@ -61862,7 +62713,7 @@ index fea6bd5..8ee9d81 100644 tables = nls; spin_unlock(&nls_lock); return 0; -@@ -255,12 +257,14 @@ int register_nls(struct nls_table * nls) +@@ -257,12 +261,14 @@ EXPORT_SYMBOL(__register_nls); int unregister_nls(struct nls_table * nls) { @@ -61880,10 +62731,10 @@ index fea6bd5..8ee9d81 100644 return 0; } diff --git a/fs/nls/nls_euc-jp.c b/fs/nls/nls_euc-jp.c -index 7424929..35f6be5 100644 +index 162b3f1..6076a7c 100644 --- a/fs/nls/nls_euc-jp.c +++ b/fs/nls/nls_euc-jp.c -@@ -561,8 +561,10 @@ static int __init init_nls_euc_jp(void) +@@ -560,8 +560,10 @@ static int __init init_nls_euc_jp(void) p_nls = load_nls("cp932"); if (p_nls) { @@ -61897,10 +62748,10 @@ index 7424929..35f6be5 100644 } diff --git a/fs/nls/nls_koi8-ru.c b/fs/nls/nls_koi8-ru.c -index e7bc1d7..06bd4bb 100644 +index a80a741..7b96e1b 100644 --- a/fs/nls/nls_koi8-ru.c +++ b/fs/nls/nls_koi8-ru.c -@@ -63,8 +63,10 @@ static int __init init_nls_koi8_ru(void) +@@ -62,8 +62,10 @@ static int __init init_nls_koi8_ru(void) p_nls = load_nls("koi8-u"); if (p_nls) { @@ -61914,10 +62765,10 @@ index e7bc1d7..06bd4bb 100644 } diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c -index 6663511..7668ca4 100644 +index 287a22c..4e56e4e 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c -@@ -253,8 +253,8 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group, +@@ -251,8 +251,8 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group, fd = fanotify_event_metadata.fd; ret = -EFAULT; @@ -61928,20 +62779,29 @@ index 6663511..7668ca4 100644 goto out_close_fd; ret = prepare_for_access_response(group, event, fd); +@@ -742,6 +742,8 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) + oevent->path.mnt = NULL; + oevent->path.dentry = NULL; + ++ if (force_o_largefile()) ++ event_f_flags |= O_LARGEFILE; + group->fanotify_data.f_flags = event_f_flags; + #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS + oevent->response = 0; diff --git a/fs/notify/notification.c b/fs/notify/notification.c -index 7b51b05..5ea5ef6 100644 +index 1e58402..bb2d6f4 100644 --- a/fs/notify/notification.c +++ b/fs/notify/notification.c -@@ -57,7 +57,7 @@ static struct kmem_cache *fsnotify_event_holder_cachep; - * get set to 0 so it will never get 'freed' - */ - static struct fsnotify_event *q_overflow_event; +@@ -48,7 +48,7 @@ + #include <linux/fsnotify_backend.h> + #include "fsnotify.h" + -static atomic_t fsnotify_sync_cookie = ATOMIC_INIT(0); +static atomic_unchecked_t fsnotify_sync_cookie = ATOMIC_INIT(0); /** * fsnotify_get_cookie - return a unique cookie for use in synchronizing events. -@@ -65,7 +65,7 @@ static atomic_t fsnotify_sync_cookie = ATOMIC_INIT(0); +@@ -56,7 +56,7 @@ static atomic_t fsnotify_sync_cookie = ATOMIC_INIT(0); */ u32 fsnotify_get_cookie(void) { @@ -61964,7 +62824,7 @@ index 9e38daf..5727cae 100644 "inode 0x%lx or driver bug.", vdir->i_ino); goto err_out; diff --git a/fs/ntfs/file.c b/fs/ntfs/file.c -index ea4ba9d..1e13d34 100644 +index db9bd8a..8338fb6 100644 --- a/fs/ntfs/file.c +++ b/fs/ntfs/file.c @@ -1282,7 +1282,7 @@ static inline size_t ntfs_copy_from_user(struct page **pages, @@ -62008,10 +62868,10 @@ index 82650d5..db37dcf 100644 if (bh_primary) brelse(bh_primary); diff --git a/fs/ocfs2/localalloc.c b/fs/ocfs2/localalloc.c -index cd5496b..26a1055 100644 +index 0440134..d52c93a 100644 --- a/fs/ocfs2/localalloc.c +++ b/fs/ocfs2/localalloc.c -@@ -1278,7 +1278,7 @@ static int ocfs2_local_alloc_slide_window(struct ocfs2_super *osb, +@@ -1320,7 +1320,7 @@ static int ocfs2_local_alloc_slide_window(struct ocfs2_super *osb, goto bail; } @@ -62021,7 +62881,7 @@ index cd5496b..26a1055 100644 bail: if (handle) diff --git a/fs/ocfs2/ocfs2.h b/fs/ocfs2/ocfs2.h -index 3a90347..c40bef8 100644 +index 553f53c..aaf5133 100644 --- a/fs/ocfs2/ocfs2.h +++ b/fs/ocfs2/ocfs2.h @@ -235,11 +235,11 @@ enum ocfs2_vol_state @@ -62042,10 +62902,10 @@ index 3a90347..c40bef8 100644 enum ocfs2_local_alloc_state diff --git a/fs/ocfs2/suballoc.c b/fs/ocfs2/suballoc.c -index 2c91452..77a3cd2 100644 +index 47ae266..6e8b793 100644 --- a/fs/ocfs2/suballoc.c +++ b/fs/ocfs2/suballoc.c -@@ -872,7 +872,7 @@ static int ocfs2_reserve_suballoc_bits(struct ocfs2_super *osb, +@@ -866,7 +866,7 @@ static int ocfs2_reserve_suballoc_bits(struct ocfs2_super *osb, mlog_errno(status); goto bail; } @@ -62054,7 +62914,7 @@ index 2c91452..77a3cd2 100644 /* You should never ask for this much metadata */ BUG_ON(bits_wanted > -@@ -2000,7 +2000,7 @@ int ocfs2_claim_metadata(handle_t *handle, +@@ -1992,7 +1992,7 @@ int ocfs2_claim_metadata(handle_t *handle, mlog_errno(status); goto bail; } @@ -62063,7 +62923,7 @@ index 2c91452..77a3cd2 100644 *suballoc_loc = res.sr_bg_blkno; *suballoc_bit_start = res.sr_bit_offset; -@@ -2164,7 +2164,7 @@ int ocfs2_claim_new_inode_at_loc(handle_t *handle, +@@ -2156,7 +2156,7 @@ int ocfs2_claim_new_inode_at_loc(handle_t *handle, trace_ocfs2_claim_new_inode_at_loc((unsigned long long)di_blkno, res->sr_bits); @@ -62072,7 +62932,7 @@ index 2c91452..77a3cd2 100644 BUG_ON(res->sr_bits != 1); -@@ -2206,7 +2206,7 @@ int ocfs2_claim_new_inode(handle_t *handle, +@@ -2198,7 +2198,7 @@ int ocfs2_claim_new_inode(handle_t *handle, mlog_errno(status); goto bail; } @@ -62081,7 +62941,7 @@ index 2c91452..77a3cd2 100644 BUG_ON(res.sr_bits != 1); -@@ -2310,7 +2310,7 @@ int __ocfs2_claim_clusters(handle_t *handle, +@@ -2302,7 +2302,7 @@ int __ocfs2_claim_clusters(handle_t *handle, cluster_start, num_clusters); if (!status) @@ -62090,7 +62950,7 @@ index 2c91452..77a3cd2 100644 } else { if (min_clusters > (osb->bitmap_cpg - 1)) { /* The only paths asking for contiguousness -@@ -2336,7 +2336,7 @@ int __ocfs2_claim_clusters(handle_t *handle, +@@ -2328,7 +2328,7 @@ int __ocfs2_claim_clusters(handle_t *handle, ocfs2_desc_bitmap_to_cluster_off(ac->ac_inode, res.sr_bg_blkno, res.sr_bit_offset); @@ -62100,7 +62960,7 @@ index 2c91452..77a3cd2 100644 } } diff --git a/fs/ocfs2/super.c b/fs/ocfs2/super.c -index c414929..5c9ee542 100644 +index 49d84f8..4807e0b 100644 --- a/fs/ocfs2/super.c +++ b/fs/ocfs2/super.c @@ -300,11 +300,11 @@ static int ocfs2_osb_dump(struct ocfs2_super *osb, char *buf, int len) @@ -62120,7 +62980,7 @@ index c414929..5c9ee542 100644 out += snprintf(buf + out, len - out, "%10s => State: %u Descriptor: %llu Size: %u bits " -@@ -2121,11 +2121,11 @@ static int ocfs2_initialize_super(struct super_block *sb, +@@ -2123,11 +2123,11 @@ static int ocfs2_initialize_super(struct super_block *sb, spin_lock_init(&osb->osb_xattr_lock); ocfs2_init_steal_slots(osb); @@ -62138,7 +62998,7 @@ index c414929..5c9ee542 100644 /* Copy the blockcheck stats from the superblock probe */ osb->osb_ecc_stats = *stats; diff --git a/fs/open.c b/fs/open.c -index 4b3e1ed..1c84599 100644 +index 2ed7325..4e77ac3 100644 --- a/fs/open.c +++ b/fs/open.c @@ -32,6 +32,8 @@ @@ -62242,7 +63102,7 @@ index 4b3e1ed..1c84599 100644 newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { if (!uid_valid(uid)) -@@ -990,6 +1027,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) +@@ -982,6 +1019,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) } else { fsnotify_open(f); fd_install(fd, f); @@ -62251,7 +63111,7 @@ index 4b3e1ed..1c84599 100644 } putname(tmp); diff --git a/fs/pipe.c b/fs/pipe.c -index 0e0752e..7cfdd50 100644 +index 78fd0d0..f71fc09 100644 --- a/fs/pipe.c +++ b/fs/pipe.c @@ -56,7 +56,7 @@ unsigned int pipe_min_size = PAGE_SIZE; @@ -62314,7 +63174,7 @@ index 0e0752e..7cfdd50 100644 } out: __pipe_unlock(pipe); -@@ -709,7 +709,7 @@ pipe_poll(struct file *filp, poll_table *wait) +@@ -710,7 +710,7 @@ pipe_poll(struct file *filp, poll_table *wait) mask = 0; if (filp->f_mode & FMODE_READ) { mask = (nrbufs > 0) ? POLLIN | POLLRDNORM : 0; @@ -62323,7 +63183,7 @@ index 0e0752e..7cfdd50 100644 mask |= POLLHUP; } -@@ -719,7 +719,7 @@ pipe_poll(struct file *filp, poll_table *wait) +@@ -720,7 +720,7 @@ pipe_poll(struct file *filp, poll_table *wait) * Most Unices do not set POLLERR for FIFOs but on Linux they * behave exactly like pipes for poll(). */ @@ -62332,7 +63192,7 @@ index 0e0752e..7cfdd50 100644 mask |= POLLERR; } -@@ -731,7 +731,7 @@ static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) +@@ -732,7 +732,7 @@ static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) int kill = 0; spin_lock(&inode->i_lock); @@ -62341,7 +63201,7 @@ index 0e0752e..7cfdd50 100644 inode->i_pipe = NULL; kill = 1; } -@@ -748,11 +748,11 @@ pipe_release(struct inode *inode, struct file *file) +@@ -749,11 +749,11 @@ pipe_release(struct inode *inode, struct file *file) __pipe_lock(pipe); if (file->f_mode & FMODE_READ) @@ -62356,7 +63216,7 @@ index 0e0752e..7cfdd50 100644 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP); kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); -@@ -817,7 +817,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) +@@ -818,7 +818,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) kfree(pipe); } @@ -62365,7 +63225,7 @@ index 0e0752e..7cfdd50 100644 /* * pipefs_dname() is called from d_path(). -@@ -847,8 +847,9 @@ static struct inode * get_pipe_inode(void) +@@ -848,8 +848,9 @@ static struct inode * get_pipe_inode(void) goto fail_iput; inode->i_pipe = pipe; @@ -62377,7 +63237,7 @@ index 0e0752e..7cfdd50 100644 inode->i_fop = &pipefifo_fops; /* -@@ -1027,17 +1028,17 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1028,17 +1029,17 @@ static int fifo_open(struct inode *inode, struct file *filp) spin_lock(&inode->i_lock); if (inode->i_pipe) { pipe = inode->i_pipe; @@ -62398,7 +63258,7 @@ index 0e0752e..7cfdd50 100644 spin_unlock(&inode->i_lock); free_pipe_info(pipe); pipe = inode->i_pipe; -@@ -1062,10 +1063,10 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1063,10 +1064,10 @@ static int fifo_open(struct inode *inode, struct file *filp) * opened, even when there is no process writing the FIFO. */ pipe->r_counter++; @@ -62411,7 +63271,7 @@ index 0e0752e..7cfdd50 100644 if ((filp->f_flags & O_NONBLOCK)) { /* suppress POLLHUP until we have * seen a writer */ -@@ -1084,14 +1085,14 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1085,14 +1086,14 @@ static int fifo_open(struct inode *inode, struct file *filp) * errno=ENXIO when there is no process reading the FIFO. */ ret = -ENXIO; @@ -62429,7 +63289,7 @@ index 0e0752e..7cfdd50 100644 if (wait_for_partner(pipe, &pipe->r_counter)) goto err_wr; } -@@ -1105,11 +1106,11 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1106,11 +1107,11 @@ static int fifo_open(struct inode *inode, struct file *filp) * the process can at least talk to itself. */ @@ -62444,7 +63304,7 @@ index 0e0752e..7cfdd50 100644 wake_up_partner(pipe); break; -@@ -1123,13 +1124,13 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1124,13 +1125,13 @@ static int fifo_open(struct inode *inode, struct file *filp) return 0; err_rd: @@ -62461,18 +63321,18 @@ index 0e0752e..7cfdd50 100644 ret = -ERESTARTSYS; goto err; diff --git a/fs/posix_acl.c b/fs/posix_acl.c -index 8bd2135..eab9adb 100644 +index 9e363e4..d936d15 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c -@@ -19,6 +19,7 @@ - #include <linux/sched.h> - #include <linux/posix_acl.h> +@@ -20,6 +20,7 @@ + #include <linux/xattr.h> #include <linux/export.h> + #include <linux/user_namespace.h> +#include <linux/grsecurity.h> - #include <linux/errno.h> - -@@ -183,7 +184,7 @@ posix_acl_equiv_mode(const struct posix_acl *acl, umode_t *mode_p) + struct posix_acl **acl_by_type(struct inode *inode, int type) + { +@@ -271,7 +272,7 @@ posix_acl_equiv_mode(const struct posix_acl *acl, umode_t *mode_p) } } if (mode_p) @@ -62480,8 +63340,8 @@ index 8bd2135..eab9adb 100644 + *mode_p = ((*mode_p & ~S_IRWXUGO) | mode) & ~gr_acl_umask(); return not_equiv; } - -@@ -331,7 +332,7 @@ static int posix_acl_create_masq(struct posix_acl *acl, umode_t *mode_p) + EXPORT_SYMBOL(posix_acl_equiv_mode); +@@ -421,7 +422,7 @@ static int posix_acl_create_masq(struct posix_acl *acl, umode_t *mode_p) mode &= (group_obj->e_perm << 3) | ~S_IRWXG; } @@ -62490,7 +63350,7 @@ index 8bd2135..eab9adb 100644 return not_equiv; } -@@ -389,6 +390,8 @@ posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) +@@ -479,6 +480,8 @@ __posix_acl_create(struct posix_acl **acl, gfp_t gfp, umode_t *mode_p) struct posix_acl *clone = posix_acl_clone(*acl, gfp); int err = -ENOMEM; if (clone) { @@ -62499,6 +63359,48 @@ index 8bd2135..eab9adb 100644 err = posix_acl_create_masq(clone, mode_p); if (err < 0) { posix_acl_release(clone); +@@ -653,11 +656,12 @@ struct posix_acl * + posix_acl_from_xattr(struct user_namespace *user_ns, + const void *value, size_t size) + { +- posix_acl_xattr_header *header = (posix_acl_xattr_header *)value; +- posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end; ++ const posix_acl_xattr_header *header = (const posix_acl_xattr_header *)value; ++ const posix_acl_xattr_entry *entry = (const posix_acl_xattr_entry *)(header+1), *end; + int count; + struct posix_acl *acl; + struct posix_acl_entry *acl_e; ++ umode_t umask = gr_acl_umask(); + + if (!value) + return NULL; +@@ -683,12 +687,18 @@ posix_acl_from_xattr(struct user_namespace *user_ns, + + switch(acl_e->e_tag) { + case ACL_USER_OBJ: ++ acl_e->e_perm &= ~((umask & S_IRWXU) >> 6); ++ break; + case ACL_GROUP_OBJ: + case ACL_MASK: ++ acl_e->e_perm &= ~((umask & S_IRWXG) >> 3); ++ break; + case ACL_OTHER: ++ acl_e->e_perm &= ~(umask & S_IRWXO); + break; + + case ACL_USER: ++ acl_e->e_perm &= ~((umask & S_IRWXU) >> 6); + acl_e->e_uid = + make_kuid(user_ns, + le32_to_cpu(entry->e_id)); +@@ -696,6 +706,7 @@ posix_acl_from_xattr(struct user_namespace *user_ns, + goto fail; + break; + case ACL_GROUP: ++ acl_e->e_perm &= ~((umask & S_IRWXG) >> 3); + acl_e->e_gid = + make_kgid(user_ns, + le32_to_cpu(entry->e_id)); diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig index 2183fcf..3c32a98 100644 --- a/fs/proc/Kconfig @@ -62535,7 +63437,7 @@ index 2183fcf..3c32a98 100644 help Various /proc files exist to monitor process memory utilization: diff --git a/fs/proc/array.c b/fs/proc/array.c -index 1bd2077..2f7cfd5 100644 +index 656e401..b5b86b9 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c @@ -60,6 +60,7 @@ @@ -62546,7 +63448,7 @@ index 1bd2077..2f7cfd5 100644 #include <linux/proc_fs.h> #include <linux/ioport.h> #include <linux/uaccess.h> -@@ -365,6 +366,21 @@ static void task_cpus_allowed(struct seq_file *m, struct task_struct *task) +@@ -356,6 +357,21 @@ static void task_cpus_allowed(struct seq_file *m, struct task_struct *task) seq_putc(m, '\n'); } @@ -62568,7 +63470,7 @@ index 1bd2077..2f7cfd5 100644 int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { -@@ -383,9 +399,24 @@ int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, +@@ -374,9 +390,24 @@ int proc_pid_status(struct seq_file *m, struct pid_namespace *ns, task_cpus_allowed(m, task); cpuset_task_status_allowed(m, task); task_context_switch_counts(m, task); @@ -62593,7 +63495,7 @@ index 1bd2077..2f7cfd5 100644 static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task, int whole) { -@@ -407,6 +438,13 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -398,6 +429,13 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, char tcomm[sizeof(task->comm)]; unsigned long flags; @@ -62607,7 +63509,7 @@ index 1bd2077..2f7cfd5 100644 state = *get_task_state(task); vsize = eip = esp = 0; permitted = ptrace_may_access(task, PTRACE_MODE_READ | PTRACE_MODE_NOAUDIT); -@@ -478,6 +516,19 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -468,6 +506,19 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, gtime = task_gtime(task); } @@ -62627,7 +63529,7 @@ index 1bd2077..2f7cfd5 100644 /* scale priority and nice values from timeslices to -20..20 */ /* to make it look like a "normal" Unix priority/nice value */ priority = task_prio(task); -@@ -514,9 +565,15 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -504,9 +555,15 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, seq_put_decimal_ull(m, ' ', vsize); seq_put_decimal_ull(m, ' ', mm ? get_mm_rss(mm) : 0); seq_put_decimal_ull(m, ' ', rsslim); @@ -62643,7 +63545,7 @@ index 1bd2077..2f7cfd5 100644 seq_put_decimal_ull(m, ' ', esp); seq_put_decimal_ull(m, ' ', eip); /* The signal information here is obsolete. -@@ -538,7 +595,11 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, +@@ -528,7 +585,11 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, seq_put_decimal_ull(m, ' ', cputime_to_clock_t(gtime)); seq_put_decimal_ll(m, ' ', cputime_to_clock_t(cgtime)); @@ -62656,7 +63558,7 @@ index 1bd2077..2f7cfd5 100644 seq_put_decimal_ull(m, ' ', mm->start_data); seq_put_decimal_ull(m, ' ', mm->end_data); seq_put_decimal_ull(m, ' ', mm->start_brk); -@@ -576,8 +637,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, +@@ -566,8 +627,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task) { unsigned long size = 0, resident = 0, shared = 0, text = 0, data = 0; @@ -62673,7 +63575,7 @@ index 1bd2077..2f7cfd5 100644 if (mm) { size = task_statm(mm, &shared, &text, &data, &resident); mmput(mm); -@@ -600,6 +668,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, +@@ -590,6 +658,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, return 0; } @@ -62688,7 +63590,7 @@ index 1bd2077..2f7cfd5 100644 static struct pid * get_children_pid(struct inode *inode, struct pid *pid_prev, loff_t pos) diff --git a/fs/proc/base.c b/fs/proc/base.c -index b59a34b..68a79e8 100644 +index b976062..584d0bc 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -113,6 +113,14 @@ struct pid_entry { @@ -62997,7 +63899,7 @@ index b59a34b..68a79e8 100644 rcu_read_unlock(); } else { inode->i_uid = GLOBAL_ROOT_UID; -@@ -2173,6 +2291,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, +@@ -2178,6 +2296,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, if (!task) goto out_no_task; @@ -63007,7 +63909,7 @@ index b59a34b..68a79e8 100644 /* * Yes, it does not scale. And it should not. Don't add * new entries into /proc/<tgid>/ without very good reasons. -@@ -2203,6 +2324,9 @@ static int proc_pident_readdir(struct file *file, struct dir_context *ctx, +@@ -2208,6 +2329,9 @@ static int proc_pident_readdir(struct file *file, struct dir_context *ctx, if (!task) return -ENOENT; @@ -63017,7 +63919,7 @@ index b59a34b..68a79e8 100644 if (!dir_emit_dots(file, ctx)) goto out; -@@ -2592,7 +2716,7 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2597,7 +2721,7 @@ static const struct pid_entry tgid_base_stuff[] = { REG("autogroup", S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations), #endif REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), @@ -63026,7 +63928,7 @@ index b59a34b..68a79e8 100644 INF("syscall", S_IRUGO, proc_pid_syscall), #endif INF("cmdline", S_IRUGO, proc_pid_cmdline), -@@ -2617,10 +2741,10 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2622,10 +2746,10 @@ static const struct pid_entry tgid_base_stuff[] = { #ifdef CONFIG_SECURITY DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), #endif @@ -63039,7 +63941,7 @@ index b59a34b..68a79e8 100644 ONE("stack", S_IRUGO, proc_pid_stack), #endif #ifdef CONFIG_SCHEDSTATS -@@ -2654,6 +2778,9 @@ static const struct pid_entry tgid_base_stuff[] = { +@@ -2659,6 +2783,9 @@ static const struct pid_entry tgid_base_stuff[] = { #ifdef CONFIG_HARDWALL INF("hardwall", S_IRUGO, proc_pid_hardwall), #endif @@ -63049,7 +63951,7 @@ index b59a34b..68a79e8 100644 #ifdef CONFIG_USER_NS REG("uid_map", S_IRUGO|S_IWUSR, proc_uid_map_operations), REG("gid_map", S_IRUGO|S_IWUSR, proc_gid_map_operations), -@@ -2784,7 +2911,14 @@ static int proc_pid_instantiate(struct inode *dir, +@@ -2789,7 +2916,14 @@ static int proc_pid_instantiate(struct inode *dir, if (!inode) goto out; @@ -63064,7 +63966,7 @@ index b59a34b..68a79e8 100644 inode->i_op = &proc_tgid_base_inode_operations; inode->i_fop = &proc_tgid_base_operations; inode->i_flags|=S_IMMUTABLE; -@@ -2822,7 +2956,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign +@@ -2827,7 +2961,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsign if (!task) goto out; @@ -63076,7 +63978,7 @@ index b59a34b..68a79e8 100644 put_task_struct(task); out: return ERR_PTR(result); -@@ -2928,7 +3066,7 @@ static const struct pid_entry tid_base_stuff[] = { +@@ -2933,7 +3071,7 @@ static const struct pid_entry tid_base_stuff[] = { REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations), #endif REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), @@ -63085,7 +63987,7 @@ index b59a34b..68a79e8 100644 INF("syscall", S_IRUGO, proc_pid_syscall), #endif INF("cmdline", S_IRUGO, proc_pid_cmdline), -@@ -2955,10 +3093,10 @@ static const struct pid_entry tid_base_stuff[] = { +@@ -2960,10 +3098,10 @@ static const struct pid_entry tid_base_stuff[] = { #ifdef CONFIG_SECURITY DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), #endif @@ -63099,7 +64001,7 @@ index b59a34b..68a79e8 100644 #endif #ifdef CONFIG_SCHEDSTATS diff --git a/fs/proc/cmdline.c b/fs/proc/cmdline.c -index 82676e3..5f8518a 100644 +index cbd82df..c0407d2 100644 --- a/fs/proc/cmdline.c +++ b/fs/proc/cmdline.c @@ -23,7 +23,11 @@ static const struct file_operations cmdline_proc_fops = { @@ -63113,9 +64015,9 @@ index 82676e3..5f8518a 100644 +#endif return 0; } - module_init(proc_cmdline_init); + fs_initcall(proc_cmdline_init); diff --git a/fs/proc/devices.c b/fs/proc/devices.c -index b143471..bb105e5 100644 +index 50493ed..248166b 100644 --- a/fs/proc/devices.c +++ b/fs/proc/devices.c @@ -64,7 +64,11 @@ static const struct file_operations proc_devinfo_operations = { @@ -63129,7 +64031,7 @@ index b143471..bb105e5 100644 +#endif return 0; } - module_init(proc_devices_init); + fs_initcall(proc_devices_init); diff --git a/fs/proc/fd.c b/fs/proc/fd.c index 985ea88..d118a0a 100644 --- a/fs/proc/fd.c @@ -63168,6 +64070,135 @@ index 985ea88..d118a0a 100644 return rv; } +diff --git a/fs/proc/generic.c b/fs/proc/generic.c +index b7f268e..3bea6b7 100644 +--- a/fs/proc/generic.c ++++ b/fs/proc/generic.c +@@ -23,6 +23,7 @@ + #include <linux/bitops.h> + #include <linux/spinlock.h> + #include <linux/completion.h> ++#include <linux/grsecurity.h> + #include <asm/uaccess.h> + + #include "internal.h" +@@ -207,6 +208,15 @@ struct dentry *proc_lookup(struct inode *dir, struct dentry *dentry, + return proc_lookup_de(PDE(dir), dir, dentry); + } + ++struct dentry *proc_lookup_restrict(struct inode *dir, struct dentry *dentry, ++ unsigned int flags) ++{ ++ if (gr_proc_is_restricted()) ++ return ERR_PTR(-EACCES); ++ ++ return proc_lookup_de(PDE(dir), dir, dentry); ++} ++ + /* + * This returns non-zero if at EOF, so that the /proc + * root directory can use this and check if it should +@@ -264,6 +274,16 @@ int proc_readdir(struct file *file, struct dir_context *ctx) + return proc_readdir_de(PDE(inode), file, ctx); + } + ++int proc_readdir_restrict(struct file *file, struct dir_context *ctx) ++{ ++ struct inode *inode = file_inode(file); ++ ++ if (gr_proc_is_restricted()) ++ return -EACCES; ++ ++ return proc_readdir_de(PDE(inode), file, ctx); ++} ++ + /* + * These are the generic /proc directory operations. They + * use the in-memory "struct proc_dir_entry" tree to parse +@@ -275,6 +295,12 @@ static const struct file_operations proc_dir_operations = { + .iterate = proc_readdir, + }; + ++static const struct file_operations proc_dir_restricted_operations = { ++ .llseek = generic_file_llseek, ++ .read = generic_read_dir, ++ .iterate = proc_readdir_restrict, ++}; ++ + /* + * proc directories can do almost nothing.. + */ +@@ -284,6 +310,12 @@ static const struct inode_operations proc_dir_inode_operations = { + .setattr = proc_notify_change, + }; + ++static const struct inode_operations proc_dir_restricted_inode_operations = { ++ .lookup = proc_lookup_restrict, ++ .getattr = proc_getattr, ++ .setattr = proc_notify_change, ++}; ++ + static int proc_register(struct proc_dir_entry * dir, struct proc_dir_entry * dp) + { + struct proc_dir_entry *tmp; +@@ -294,8 +326,13 @@ static int proc_register(struct proc_dir_entry * dir, struct proc_dir_entry * dp + return ret; + + if (S_ISDIR(dp->mode)) { +- dp->proc_fops = &proc_dir_operations; +- dp->proc_iops = &proc_dir_inode_operations; ++ if (dp->restricted) { ++ dp->proc_fops = &proc_dir_restricted_operations; ++ dp->proc_iops = &proc_dir_restricted_inode_operations; ++ } else { ++ dp->proc_fops = &proc_dir_operations; ++ dp->proc_iops = &proc_dir_inode_operations; ++ } + dir->nlink++; + } else if (S_ISLNK(dp->mode)) { + dp->proc_iops = &proc_link_inode_operations; +@@ -407,6 +444,27 @@ struct proc_dir_entry *proc_mkdir_data(const char *name, umode_t mode, + } + EXPORT_SYMBOL_GPL(proc_mkdir_data); + ++struct proc_dir_entry *proc_mkdir_data_restrict(const char *name, umode_t mode, ++ struct proc_dir_entry *parent, void *data) ++{ ++ struct proc_dir_entry *ent; ++ ++ if (mode == 0) ++ mode = S_IRUGO | S_IXUGO; ++ ++ ent = __proc_create(&parent, name, S_IFDIR | mode, 2); ++ if (ent) { ++ ent->data = data; ++ ent->restricted = 1; ++ if (proc_register(parent, ent) < 0) { ++ kfree(ent); ++ ent = NULL; ++ } ++ } ++ return ent; ++} ++EXPORT_SYMBOL_GPL(proc_mkdir_data_restrict); ++ + struct proc_dir_entry *proc_mkdir_mode(const char *name, umode_t mode, + struct proc_dir_entry *parent) + { +@@ -421,6 +479,13 @@ struct proc_dir_entry *proc_mkdir(const char *name, + } + EXPORT_SYMBOL(proc_mkdir); + ++struct proc_dir_entry *proc_mkdir_restrict(const char *name, ++ struct proc_dir_entry *parent) ++{ ++ return proc_mkdir_data_restrict(name, 0, parent, NULL); ++} ++EXPORT_SYMBOL(proc_mkdir_restrict); ++ + struct proc_dir_entry *proc_create_data(const char *name, umode_t mode, + struct proc_dir_entry *parent, + const struct file_operations *proc_fops, diff --git a/fs/proc/inode.c b/fs/proc/inode.c index 124fc43..8afbb02 100644 --- a/fs/proc/inode.c @@ -63217,11 +64248,14 @@ index 124fc43..8afbb02 100644 if (de->size) inode->i_size = de->size; diff --git a/fs/proc/internal.h b/fs/proc/internal.h -index 651d09a..3d7f0bf 100644 +index 651d09a..6a4b495 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h -@@ -48,7 +48,7 @@ struct proc_dir_entry { +@@ -46,9 +46,10 @@ struct proc_dir_entry { + struct completion *pde_unload_completion; + struct list_head pde_openers; /* who did ->open, but not ->release */ spinlock_t pde_unload_lock; /* proc_fops checks and pde_users bumps */ ++ u8 restricted; /* a directory in /proc/net that should be restricted via GRKERNSEC_PROC */ u8 namelen; char name[]; -}; @@ -63229,7 +64263,7 @@ index 651d09a..3d7f0bf 100644 union proc_op { int (*proc_get_link)(struct dentry *, struct path *); -@@ -67,7 +67,7 @@ struct proc_inode { +@@ -67,7 +68,7 @@ struct proc_inode { struct ctl_table *sysctl_entry; struct proc_ns ns; struct inode vfs_inode; @@ -63238,7 +64272,7 @@ index 651d09a..3d7f0bf 100644 /* * General functions -@@ -155,6 +155,9 @@ extern int proc_pid_status(struct seq_file *, struct pid_namespace *, +@@ -155,6 +156,9 @@ extern int proc_pid_status(struct seq_file *, struct pid_namespace *, struct pid *, struct task_struct *); extern int proc_pid_statm(struct seq_file *, struct pid_namespace *, struct pid *, struct task_struct *); @@ -63248,8 +64282,20 @@ index 651d09a..3d7f0bf 100644 /* * base.c +@@ -181,9 +185,11 @@ extern bool proc_fill_cache(struct file *, struct dir_context *, const char *, i + extern spinlock_t proc_subdir_lock; + + extern struct dentry *proc_lookup(struct inode *, struct dentry *, unsigned int); ++extern struct dentry *proc_lookup_restrict(struct inode *, struct dentry *, unsigned int); + extern struct dentry *proc_lookup_de(struct proc_dir_entry *, struct inode *, + struct dentry *); + extern int proc_readdir(struct file *, struct dir_context *); ++extern int proc_readdir_restrict(struct file *, struct dir_context *); + extern int proc_readdir_de(struct proc_dir_entry *, struct file *, struct dir_context *); + + static inline struct proc_dir_entry *pde_get(struct proc_dir_entry *pde) diff --git a/fs/proc/interrupts.c b/fs/proc/interrupts.c -index 05029c0..7ea1987 100644 +index a352d57..cb94a5c 100644 --- a/fs/proc/interrupts.c +++ b/fs/proc/interrupts.c @@ -47,7 +47,11 @@ static const struct file_operations proc_interrupts_operations = { @@ -63263,9 +64309,9 @@ index 05029c0..7ea1987 100644 +#endif return 0; } - module_init(proc_interrupts_init); + fs_initcall(proc_interrupts_init); diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c -index 5ed0e52..a1c1f2e 100644 +index 39e6ef3..2f9cb5e 100644 --- a/fs/proc/kcore.c +++ b/fs/proc/kcore.c @@ -483,9 +483,10 @@ read_kcore(struct file *file, char __user *buffer, size_t buflen, loff_t *fpos) @@ -63327,10 +64373,10 @@ index 5ed0e52..a1c1f2e 100644 return -EPERM; if (kcore_need_update) diff --git a/fs/proc/meminfo.c b/fs/proc/meminfo.c -index a77d2b2..a9153f0 100644 +index 136e548..1f88922 100644 --- a/fs/proc/meminfo.c +++ b/fs/proc/meminfo.c -@@ -150,7 +150,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v) +@@ -187,7 +187,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v) vmi.used >> 10, vmi.largest_chunk >> 10 #ifdef CONFIG_MEMORY_FAILURE @@ -63340,7 +64386,7 @@ index a77d2b2..a9153f0 100644 #ifdef CONFIG_TRANSPARENT_HUGEPAGE ,K(global_page_state(NR_ANON_TRANSPARENT_HUGEPAGES) * diff --git a/fs/proc/nommu.c b/fs/proc/nommu.c -index 5f9bc8a..5c35f08 100644 +index d4a3574..b421ce9 100644 --- a/fs/proc/nommu.c +++ b/fs/proc/nommu.c @@ -64,7 +64,7 @@ static int nommu_region_show(struct seq_file *m, struct vm_region *region) @@ -63353,7 +64399,7 @@ index 5f9bc8a..5c35f08 100644 seq_putc(m, '\n'); diff --git a/fs/proc/proc_net.c b/fs/proc/proc_net.c -index 4677bb7..408e936 100644 +index 4677bb7..94067cd 100644 --- a/fs/proc/proc_net.c +++ b/fs/proc/proc_net.c @@ -23,6 +23,7 @@ @@ -63364,24 +64410,36 @@ index 4677bb7..408e936 100644 #include "internal.h" -@@ -109,6 +110,17 @@ static struct net *get_proc_task_net(struct inode *dir) - struct task_struct *task; - struct nsproxy *ns; - struct net *net = NULL; -+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) -+ const struct cred *cred = current_cred(); -+#endif +@@ -36,6 +37,8 @@ static struct net *get_proc_net(const struct inode *inode) + return maybe_get_net(PDE_NET(PDE(inode))); + } + ++extern const struct seq_operations dev_seq_ops; + -+#ifdef CONFIG_GRKERNSEC_PROC_USER -+ if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID)) -+ return net; -+#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP) -+ if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID) && !in_group_p(grsec_proc_gid)) -+ return net; -+#endif + int seq_open_net(struct inode *ino, struct file *f, + const struct seq_operations *ops, int size) + { +@@ -44,6 +47,10 @@ int seq_open_net(struct inode *ino, struct file *f, - rcu_read_lock(); - task = pid_task(proc_pid(dir), PIDTYPE_PID); + BUG_ON(size < sizeof(*p)); + ++ /* only permit access to /proc/net/dev */ ++ if (ops != &dev_seq_ops && gr_proc_is_restricted()) ++ return -EACCES; ++ + net = get_proc_net(ino); + if (net == NULL) + return -ENXIO; +@@ -66,6 +73,9 @@ int single_open_net(struct inode *inode, struct file *file, + int err; + struct net *net; + ++ if (gr_proc_is_restricted()) ++ return -EACCES; ++ + err = -ENXIO; + net = get_proc_net(inode); + if (net == NULL) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 7129046..6914844 100644 --- a/fs/proc/proc_sysctl.c @@ -63601,7 +64659,7 @@ index 87dbcbe..55e1b4d 100644 } diff --git a/fs/proc/stat.c b/fs/proc/stat.c -index 1cf86c0..0ee1ca5 100644 +index 6f599c6..bd00271 100644 --- a/fs/proc/stat.c +++ b/fs/proc/stat.c @@ -11,6 +11,7 @@ @@ -63631,34 +64689,63 @@ index 1cf86c0..0ee1ca5 100644 user = nice = system = idle = iowait = irq = softirq = steal = 0; -@@ -94,6 +107,7 @@ static int show_stat(struct seq_file *p, void *v) - getboottime(&boottime); - jif = boottime.tv_sec; - -+ if (unrestricted) { - for_each_possible_cpu(i) { - user += kcpustat_cpu(i).cpustat[CPUTIME_USER]; +@@ -99,23 +112,25 @@ static int show_stat(struct seq_file *p, void *v) nice += kcpustat_cpu(i).cpustat[CPUTIME_NICE]; -@@ -116,6 +130,7 @@ static int show_stat(struct seq_file *p, void *v) + system += kcpustat_cpu(i).cpustat[CPUTIME_SYSTEM]; + idle += get_idle_time(i); +- iowait += get_iowait_time(i); +- irq += kcpustat_cpu(i).cpustat[CPUTIME_IRQ]; +- softirq += kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ]; +- steal += kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; +- guest += kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; +- guest_nice += kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; +- sum += kstat_cpu_irqs_sum(i); +- sum += arch_irq_stat_cpu(i); ++ if (unrestricted) { ++ iowait += get_iowait_time(i); ++ irq += kcpustat_cpu(i).cpustat[CPUTIME_IRQ]; ++ softirq += kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ]; ++ steal += kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; ++ guest += kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; ++ guest_nice += kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; ++ sum += kstat_cpu_irqs_sum(i); ++ sum += arch_irq_stat_cpu(i); ++ for (j = 0; j < NR_SOFTIRQS; j++) { ++ unsigned int softirq_stat = kstat_softirqs_cpu(j, i); + +- for (j = 0; j < NR_SOFTIRQS; j++) { +- unsigned int softirq_stat = kstat_softirqs_cpu(j, i); +- +- per_softirq_sums[j] += softirq_stat; +- sum_softirq += softirq_stat; ++ per_softirq_sums[j] += softirq_stat; ++ sum_softirq += softirq_stat; ++ } } } - sum += arch_irq_stat(); -+ } +- sum += arch_irq_stat(); ++ if (unrestricted) ++ sum += arch_irq_stat(); seq_puts(p, "cpu "); seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user)); -@@ -131,6 +146,7 @@ static int show_stat(struct seq_file *p, void *v) - seq_putc(p, '\n'); - - for_each_online_cpu(i) { -+ if (unrestricted) { - /* Copy values here to work around gcc-2.95.3, gcc-2.96 */ - user = kcpustat_cpu(i).cpustat[CPUTIME_USER]; +@@ -136,12 +151,14 @@ static int show_stat(struct seq_file *p, void *v) nice = kcpustat_cpu(i).cpustat[CPUTIME_NICE]; -@@ -142,6 +158,7 @@ static int show_stat(struct seq_file *p, void *v) - steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; - guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; - guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; + system = kcpustat_cpu(i).cpustat[CPUTIME_SYSTEM]; + idle = get_idle_time(i); +- iowait = get_iowait_time(i); +- irq = kcpustat_cpu(i).cpustat[CPUTIME_IRQ]; +- softirq = kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ]; +- steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; +- guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; +- guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; ++ if (unrestricted) { ++ iowait = get_iowait_time(i); ++ irq = kcpustat_cpu(i).cpustat[CPUTIME_IRQ]; ++ softirq = kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ]; ++ steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; ++ guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; ++ guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; + } seq_printf(p, "cpu%d", i); seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user)); @@ -63910,7 +64997,7 @@ index 678455d..ebd3245 100644 pid_t tid = vm_is_stack(priv->task, vma, is_pid); diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c -index 9100d69..51cd925 100644 +index 88d4585..c10bfeb 100644 --- a/fs/proc/vmcore.c +++ b/fs/proc/vmcore.c @@ -105,9 +105,13 @@ static ssize_t read_from_oldmem(char *buf, size_t count, @@ -64002,10 +65089,10 @@ index 72d2917..c917c12 100644 if (!msg_head) { printk(KERN_ERR diff --git a/fs/read_write.c b/fs/read_write.c -index cfa18df..c110979 100644 +index 28cc9c8..208e4fb 100644 --- a/fs/read_write.c +++ b/fs/read_write.c -@@ -438,7 +438,7 @@ ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t +@@ -450,7 +450,7 @@ ssize_t __kernel_write(struct file *file, const char *buf, size_t count, loff_t old_fs = get_fs(); set_fs(get_ds()); @@ -64108,10 +65195,10 @@ index 5b53d99..a6c3049 100644 if (error >= 0) error = buf.error; diff --git a/fs/reiserfs/do_balan.c b/fs/reiserfs/do_balan.c -index 2b7882b..1c5ef48 100644 +index 9a3c68c..767933e 100644 --- a/fs/reiserfs/do_balan.c +++ b/fs/reiserfs/do_balan.c -@@ -2051,7 +2051,7 @@ void do_balance(struct tree_balance *tb, /* tree_balance structure */ +@@ -1546,7 +1546,7 @@ void do_balance(struct tree_balance *tb, /* tree_balance structure */ return; } @@ -64155,7 +65242,7 @@ index ee382ef..f4eb6eb5 100644 ////////////////////////////////////////////////////////////////////////////// diff --git a/fs/reiserfs/procfs.c b/fs/reiserfs/procfs.c -index a958444..42b2323 100644 +index 02b0b7d..c85018b 100644 --- a/fs/reiserfs/procfs.c +++ b/fs/reiserfs/procfs.c @@ -114,7 +114,7 @@ static int show_super(struct seq_file *m, void *unused) @@ -64168,7 +65255,7 @@ index a958444..42b2323 100644 SF(s_do_balance), SF(s_unneeded_left_neighbor), SF(s_good_search_by_key_reada), SF(s_bmaps), diff --git a/fs/reiserfs/reiserfs.h b/fs/reiserfs/reiserfs.h -index f8adaee..0eeeeca 100644 +index 8d06adf..7e1c9f8 100644 --- a/fs/reiserfs/reiserfs.h +++ b/fs/reiserfs/reiserfs.h @@ -453,7 +453,7 @@ struct reiserfs_sb_info { @@ -64180,7 +65267,7 @@ index f8adaee..0eeeeca 100644 // tree gets re-balanced unsigned long s_properties; /* File system properties. Currently holds on-disk FS format */ -@@ -1982,7 +1982,7 @@ static inline loff_t max_reiserfs_offset(struct inode *inode) +@@ -1972,7 +1972,7 @@ static inline loff_t max_reiserfs_offset(struct inode *inode) #define REISERFS_USER_MEM 1 /* reiserfs user memory mode */ #define fs_generation(s) (REISERFS_SB(s)->s_generation_counter) @@ -64210,18 +65297,19 @@ index 467bb1c..cf9d65a 100644 return -EINVAL; diff --git a/fs/seq_file.c b/fs/seq_file.c -index 1d641bb..e600623 100644 +index 1d641bb..c2f4743 100644 --- a/fs/seq_file.c +++ b/fs/seq_file.c -@@ -10,6 +10,7 @@ +@@ -10,6 +10,8 @@ #include <linux/seq_file.h> #include <linux/slab.h> #include <linux/cred.h> +#include <linux/sched.h> ++#include <linux/grsecurity.h> #include <asm/uaccess.h> #include <asm/page.h> -@@ -60,6 +61,9 @@ int seq_open(struct file *file, const struct seq_operations *op) +@@ -60,6 +62,9 @@ int seq_open(struct file *file, const struct seq_operations *op) #ifdef CONFIG_USER_NS p->user_ns = file->f_cred->user_ns; #endif @@ -64231,7 +65319,24 @@ index 1d641bb..e600623 100644 /* * Wrappers around seq_open(e.g. swaps_open) need to be -@@ -96,7 +100,7 @@ static int traverse(struct seq_file *m, loff_t offset) +@@ -82,6 +87,16 @@ int seq_open(struct file *file, const struct seq_operations *op) + } + EXPORT_SYMBOL(seq_open); + ++ ++int seq_open_restrict(struct file *file, const struct seq_operations *op) ++{ ++ if (gr_proc_is_restricted()) ++ return -EACCES; ++ ++ return seq_open(file, op); ++} ++EXPORT_SYMBOL(seq_open_restrict); ++ + static int traverse(struct seq_file *m, loff_t offset) + { + loff_t pos = 0, index; +@@ -96,7 +111,7 @@ static int traverse(struct seq_file *m, loff_t offset) return 0; } if (!m->buf) { @@ -64240,7 +65345,7 @@ index 1d641bb..e600623 100644 if (!m->buf) return -ENOMEM; } -@@ -137,7 +141,7 @@ Eoverflow: +@@ -137,7 +152,7 @@ Eoverflow: m->op->stop(m, p); kfree(m->buf); m->count = 0; @@ -64249,7 +65354,7 @@ index 1d641bb..e600623 100644 return !m->buf ? -ENOMEM : -EAGAIN; } -@@ -153,7 +157,7 @@ Eoverflow: +@@ -153,7 +168,7 @@ Eoverflow: ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) { struct seq_file *m = file->private_data; @@ -64258,7 +65363,7 @@ index 1d641bb..e600623 100644 loff_t pos; size_t n; void *p; -@@ -192,7 +196,7 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) +@@ -192,7 +207,7 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) /* grab buffer if we didn't have one */ if (!m->buf) { @@ -64267,7 +65372,7 @@ index 1d641bb..e600623 100644 if (!m->buf) goto Enomem; } -@@ -234,7 +238,7 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) +@@ -234,7 +249,7 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) m->op->stop(m, p); kfree(m->buf); m->count = 0; @@ -64276,7 +65381,7 @@ index 1d641bb..e600623 100644 if (!m->buf) goto Enomem; m->version = 0; -@@ -584,7 +588,7 @@ static void single_stop(struct seq_file *p, void *v) +@@ -584,7 +599,7 @@ static void single_stop(struct seq_file *p, void *v) int single_open(struct file *file, int (*show)(struct seq_file *, void *), void *data) { @@ -64285,6 +65390,24 @@ index 1d641bb..e600623 100644 int res = -ENOMEM; if (op) { +@@ -620,6 +635,17 @@ int single_open_size(struct file *file, int (*show)(struct seq_file *, void *), + } + EXPORT_SYMBOL(single_open_size); + ++int single_open_restrict(struct file *file, int (*show)(struct seq_file *, void *), ++ void *data) ++{ ++ if (gr_proc_is_restricted()) ++ return -EACCES; ++ ++ return single_open(file, show, data); ++} ++EXPORT_SYMBOL(single_open_restrict); ++ ++ + int single_release(struct inode *inode, struct file *file) + { + const struct seq_operations *op = ((struct seq_file *)file->private_data)->op; diff --git a/fs/splice.c b/fs/splice.c index 12028fa..a6f2619 100644 --- a/fs/splice.c @@ -64493,115 +65616,71 @@ index ae0c3ce..9ee641c 100644 generic_fillattr(inode, stat); return 0; diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c -index 5e73d66..4f165fd 100644 +index ee0d761..b346c58 100644 --- a/fs/sysfs/dir.c +++ b/fs/sysfs/dir.c -@@ -40,7 +40,7 @@ static DEFINE_IDA(sysfs_ino_ida); - * - * Returns 31 bit hash of ns + name (so it fits in an off_t ) - */ --static unsigned int sysfs_name_hash(const char *name, const void *ns) -+static unsigned int sysfs_name_hash(const unsigned char *name, const void *ns) +@@ -62,9 +62,16 @@ void sysfs_warn_dup(struct kernfs_node *parent, const char *name) + int sysfs_create_dir_ns(struct kobject *kobj, const void *ns) { - unsigned long hash = init_name_hash(); - unsigned int len = strlen(name); -@@ -676,6 +676,18 @@ static int create_dir(struct kobject *kobj, struct sysfs_dirent *parent_sd, - struct sysfs_dirent *sd; - int rc; - + struct kernfs_node *parent, *kn; ++ const char *name; ++ umode_t mode = S_IRWXU | S_IRUGO | S_IXUGO; +#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT -+ const char *parent_name = parent_sd->s_name; ++ const char *parent_name; ++#endif + + BUG_ON(!kobj); + ++ name = kobject_name(kobj); + -+ mode = S_IFDIR | S_IRWXU; + if (kobj->parent) + parent = kobj->parent->sd; + else +@@ -73,11 +80,22 @@ int sysfs_create_dir_ns(struct kobject *kobj, const void *ns) + if (!parent) + return -ENOENT; + +- kn = kernfs_create_dir_ns(parent, kobject_name(kobj), +- S_IRWXU | S_IRUGO | S_IXUGO, kobj, ns); ++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT ++ parent_name = parent->name; ++ mode = S_IRWXU; + + if ((!strcmp(parent_name, "") && (!strcmp(name, "devices") || !strcmp(name, "fs"))) || + (!strcmp(parent_name, "devices") && !strcmp(name, "system")) || + (!strcmp(parent_name, "fs") && (!strcmp(name, "selinux") || !strcmp(name, "fuse") || !strcmp(name, "ecryptfs"))) || + (!strcmp(parent_name, "system") && !strcmp(name, "cpu"))) -+ mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO; ++ mode = S_IRWXU | S_IRUGO | S_IXUGO; +#endif + - /* allocate */ - sd = sysfs_new_dirent(name, mode, SYSFS_DIR); - if (!sd) ++ kn = kernfs_create_dir_ns(parent, name, ++ mode, kobj, ns); + if (IS_ERR(kn)) { + if (PTR_ERR(kn) == -EEXIST) +- sysfs_warn_dup(parent, kobject_name(kobj)); ++ sysfs_warn_dup(parent, name); + return PTR_ERR(kn); + } + diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c -index 35e7d08..4d6e676 100644 +index 810cf6e..5fd2bf1 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c -@@ -42,7 +42,7 @@ static DEFINE_MUTEX(sysfs_open_file_mutex); - - struct sysfs_open_dirent { - atomic_t refcnt; -- atomic_t event; -+ atomic_unchecked_t event; - wait_queue_head_t poll; - struct list_head files; /* goes through sysfs_open_file.list */ - }; -@@ -112,7 +112,7 @@ static int sysfs_seq_show(struct seq_file *sf, void *v) - return -ENODEV; +@@ -47,12 +47,13 @@ static int sysfs_kf_seq_show(struct seq_file *sf, void *v) + ssize_t count; + char *buf; + +- /* acquire buffer and ensure that it's >= PAGE_SIZE */ ++ /* acquire buffer and ensure that it's >= PAGE_SIZE and clear */ + count = seq_get_buf(sf, &buf); + if (count < PAGE_SIZE) { + seq_commit(sf, -1); + return 0; } - -- of->event = atomic_read(&of->sd->s_attr.open->event); -+ of->event = atomic_read_unchecked(&of->sd->s_attr.open->event); ++ memset(buf, 0, PAGE_SIZE); /* - * Lookup @ops and invoke show(). Control may reach here via seq -@@ -365,12 +365,12 @@ static int sysfs_bin_page_mkwrite(struct vm_area_struct *vma, - return ret; - } - --static int sysfs_bin_access(struct vm_area_struct *vma, unsigned long addr, -- void *buf, int len, int write) -+static ssize_t sysfs_bin_access(struct vm_area_struct *vma, unsigned long addr, -+ void *buf, size_t len, int write) - { - struct file *file = vma->vm_file; - struct sysfs_open_file *of = sysfs_of(file); -- int ret; -+ ssize_t ret; - - if (!of->vm_ops) - return -EINVAL; -@@ -564,7 +564,7 @@ static int sysfs_get_open_dirent(struct sysfs_dirent *sd, - return -ENOMEM; - - atomic_set(&new_od->refcnt, 0); -- atomic_set(&new_od->event, 1); -+ atomic_set_unchecked(&new_od->event, 1); - init_waitqueue_head(&new_od->poll); - INIT_LIST_HEAD(&new_od->files); - goto retry; -@@ -768,7 +768,7 @@ static unsigned int sysfs_poll(struct file *filp, poll_table *wait) - - sysfs_put_active(attr_sd); - -- if (of->event != atomic_read(&od->event)) -+ if (of->event != atomic_read_unchecked(&od->event)) - goto trigger; - - return DEFAULT_POLLMASK; -@@ -787,7 +787,7 @@ void sysfs_notify_dirent(struct sysfs_dirent *sd) - if (!WARN_ON(sysfs_type(sd) != SYSFS_KOBJ_ATTR)) { - od = sd->s_attr.open; - if (od) { -- atomic_inc(&od->event); -+ atomic_inc_unchecked(&od->event); - wake_up_interruptible(&od->poll); - } - } -diff --git a/fs/sysfs/symlink.c b/fs/sysfs/symlink.c -index 3ae3f1b..081a26c 100644 ---- a/fs/sysfs/symlink.c -+++ b/fs/sysfs/symlink.c -@@ -314,7 +314,7 @@ static void *sysfs_follow_link(struct dentry *dentry, struct nameidata *nd) - static void sysfs_put_link(struct dentry *dentry, struct nameidata *nd, - void *cookie) - { -- char *page = nd_get_link(nd); -+ const char *page = nd_get_link(nd); - if (!IS_ERR(page)) - free_page((unsigned long)page); - } + * Invoke show(). Control may reach here via seq file lseek even diff --git a/fs/sysv/sysv.h b/fs/sysv/sysv.h index 69d4889..a810bd4 100644 --- a/fs/sysv/sysv.h @@ -64840,62 +65919,8 @@ index 3377dff..f394815 100644 mnt_drop_write_file(f.file); } fdput(f); -diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c -index 9fbea87..417b3c2 100644 ---- a/fs/xattr_acl.c -+++ b/fs/xattr_acl.c -@@ -10,6 +10,7 @@ - #include <linux/posix_acl_xattr.h> - #include <linux/gfp.h> - #include <linux/user_namespace.h> -+#include <linux/grsecurity.h> - - /* - * Fix up the uids and gids in posix acl extended attributes in place. -@@ -76,11 +77,12 @@ struct posix_acl * - posix_acl_from_xattr(struct user_namespace *user_ns, - const void *value, size_t size) - { -- posix_acl_xattr_header *header = (posix_acl_xattr_header *)value; -- posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end; -+ const posix_acl_xattr_header *header = (const posix_acl_xattr_header *)value; -+ const posix_acl_xattr_entry *entry = (const posix_acl_xattr_entry *)(header+1), *end; - int count; - struct posix_acl *acl; - struct posix_acl_entry *acl_e; -+ umode_t umask = gr_acl_umask(); - - if (!value) - return NULL; -@@ -106,12 +108,18 @@ posix_acl_from_xattr(struct user_namespace *user_ns, - - switch(acl_e->e_tag) { - case ACL_USER_OBJ: -+ acl_e->e_perm &= ~((umask & S_IRWXU) >> 6); -+ break; - case ACL_GROUP_OBJ: - case ACL_MASK: -+ acl_e->e_perm &= ~((umask & S_IRWXG) >> 3); -+ break; - case ACL_OTHER: -+ acl_e->e_perm &= ~(umask & S_IRWXO); - break; - - case ACL_USER: -+ acl_e->e_perm &= ~((umask & S_IRWXU) >> 6); - acl_e->e_uid = - make_kuid(user_ns, - le32_to_cpu(entry->e_id)); -@@ -119,6 +127,7 @@ posix_acl_from_xattr(struct user_namespace *user_ns, - goto fail; - break; - case ACL_GROUP: -+ acl_e->e_perm &= ~((umask & S_IRWXG) >> 3); - acl_e->e_gid = - make_kgid(user_ns, - le32_to_cpu(entry->e_id)); diff --git a/fs/xfs/xfs_bmap.c b/fs/xfs/xfs_bmap.c -index 3b2c14b..de031fe 100644 +index 152543c..d80c361 100644 --- a/fs/xfs/xfs_bmap.c +++ b/fs/xfs/xfs_bmap.c @@ -584,7 +584,7 @@ xfs_bmap_validate_ret( @@ -64908,7 +65933,7 @@ index 3b2c14b..de031fe 100644 /* diff --git a/fs/xfs/xfs_dir2_readdir.c b/fs/xfs/xfs_dir2_readdir.c -index c4e50c6..8ba93e3 100644 +index aead369..0dfecfd 100644 --- a/fs/xfs/xfs_dir2_readdir.c +++ b/fs/xfs/xfs_dir2_readdir.c @@ -160,7 +160,12 @@ xfs_dir2_sf_getdents( @@ -64926,10 +65951,10 @@ index c4e50c6..8ba93e3 100644 return 0; sfep = dp->d_ops->sf_nextentry(sfp, sfep); diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c -index 33ad9a7..82c18ba 100644 +index bcfe612..aa399c0 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c -@@ -126,7 +126,7 @@ xfs_find_handle( +@@ -122,7 +122,7 @@ xfs_find_handle( } error = -EFAULT; @@ -64938,25 +65963,12 @@ index 33ad9a7..82c18ba 100644 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) goto out_put; -diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c -index 104455b..764c512 100644 ---- a/fs/xfs/xfs_iops.c -+++ b/fs/xfs/xfs_iops.c -@@ -397,7 +397,7 @@ xfs_vn_put_link( - struct nameidata *nd, - void *p) - { -- char *s = nd_get_link(nd); -+ const char *s = nd_get_link(nd); - - if (!IS_ERR(s)) - kfree(s); diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig new file mode 100644 -index 0000000..031e895 +index 0000000..a14eb52 --- /dev/null +++ b/grsecurity/Kconfig -@@ -0,0 +1,1157 @@ +@@ -0,0 +1,1174 @@ +# +# grecurity configuration +# @@ -64970,18 +65982,16 @@ index 0000000..031e895 + help + If you say Y here, /dev/kmem and /dev/mem won't be allowed to + be written to or read from to modify or leak the contents of the running -+ kernel. /dev/port will also not be allowed to be opened, and support -+ for /dev/cpu/*/msr and kexec will be removed. If you have module -+ support disabled, enabling this will close up six ways that are -+ currently used to insert malicious code into the running kernel. ++ kernel. /dev/port will also not be allowed to be opened, writing to ++ /dev/cpu/*/msr will be prevented, and support for kexec will be removed. ++ If you have module support disabled, enabling this will close up several ++ ways that are currently used to insert malicious code into the running ++ kernel. + + Even with this feature enabled, we still highly recommend that + you use the RBAC system, as it is still possible for an attacker to + modify the running kernel through other more obscure methods. + -+ Enabling this feature will prevent the "cpupower" and "powertop" tools -+ from working. -+ + It is highly recommended that you say Y here if you meet all the + conditions above. + @@ -65014,7 +66024,8 @@ index 0000000..031e895 + the most notable of which are XFree86 and hwclock. hwclock can be + remedied by having RTC support in the kernel, so real-time + clock support is enabled if this option is enabled, to ensure -+ that hwclock operates correctly. ++ that hwclock operates correctly. If hwclock still does not work, ++ either update udev or symlink /dev/rtc to /dev/rtc0. + + If you're using XFree86 or a version of Xorg from 2012 or earlier, + you may not be able to boot into a graphical environment with this @@ -65096,6 +66107,19 @@ index 0000000..031e895 + If you use PaX it is essential that you say Y here as it closes up + several holes that make full ASLR useless locally. + ++ ++config GRKERNSEC_KSTACKOVERFLOW ++ bool "Prevent kernel stack overflows" ++ default y if GRKERNSEC_CONFIG_AUTO ++ depends on !IA64 && 64BIT ++ help ++ If you say Y here, the kernel's process stacks will be allocated ++ with vmalloc instead of the kernel's default allocator. This ++ introduces guard pages that in combination with the alloca checking ++ of the STACKLEAK feature prevents all forms of kernel process stack ++ overflow abuse. Note that this is different from kernel stack ++ buffer overflows. ++ +config GRKERNSEC_BRUTE + bool "Deter exploit bruteforcing" + default y if GRKERNSEC_CONFIG_AUTO @@ -65439,6 +66463,11 @@ index 0000000..031e895 + encounter no software incompatibilities with the following options, it + is recommended that you enable each one. + ++ Note that the chroot restrictions are not intended to apply to "chroots" ++ to directories that are simple bind mounts of the global root filesystem. ++ For several other reasons, a user shouldn't expect any significant ++ security by performing such a chroot. ++ +config GRKERNSEC_CHROOT_MOUNT + bool "Deny mounts" + default y if GRKERNSEC_CONFIG_AUTO @@ -66116,7 +67145,7 @@ index 0000000..031e895 +endmenu diff --git a/grsecurity/Makefile b/grsecurity/Makefile new file mode 100644 -index 0000000..5307c8a +index 0000000..30ababb --- /dev/null +++ b/grsecurity/Makefile @@ -0,0 +1,54 @@ @@ -66143,7 +67172,7 @@ index 0000000..5307c8a +obj-y = grsec_chdir.o grsec_chroot.o grsec_exec.o grsec_fifo.o grsec_fork.o \ + grsec_mount.o grsec_sig.o grsec_sysctl.o \ + grsec_time.o grsec_tpe.o grsec_link.o grsec_pax.o grsec_ptrace.o \ -+ grsec_usb.o grsec_ipc.o ++ grsec_usb.o grsec_ipc.o grsec_proc.o + +obj-$(CONFIG_GRKERNSEC) += grsec_init.o grsum.o gracl.o gracl_segv.o \ + gracl_cap.o gracl_alloc.o gracl_shm.o grsec_mem.o gracl_fs.o \ @@ -74648,6 +75677,32 @@ index 0000000..6ee9d50 +#endif + return; +} +diff --git a/grsecurity/grsec_proc.c b/grsecurity/grsec_proc.c +new file mode 100644 +index 0000000..2005a3a +--- /dev/null ++++ b/grsecurity/grsec_proc.c +@@ -0,0 +1,20 @@ ++#include <linux/kernel.h> ++#include <linux/sched.h> ++#include <linux/grsecurity.h> ++#include <linux/grinternal.h> ++ ++int gr_proc_is_restricted(void) ++{ ++#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) ++ const struct cred *cred = current_cred(); ++#endif ++ ++#ifdef CONFIG_GRKERNSEC_PROC_USER ++ if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID)) ++ return -EACCES; ++#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP) ++ if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID) && !in_group_p(grsec_proc_gid)) ++ return -EACCES; ++#endif ++ return 0; ++} diff --git a/grsecurity/grsec_ptrace.c b/grsecurity/grsec_ptrace.c new file mode 100644 index 0000000..f7f29aa @@ -76475,10 +77530,10 @@ index 810431d..0ec4804f 100644 * (puds are folded into pgds so this doesn't get actually called, * but the define is needed for a generic inline function.) diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h -index 8e4f41d..c5e9afd 100644 +index 38a7437..47f62a4 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h -@@ -748,6 +748,22 @@ static inline pmd_t pmd_mknuma(pmd_t pmd) +@@ -802,6 +802,22 @@ static inline void pmdp_set_numa(struct mm_struct *mm, unsigned long addr, } #endif /* CONFIG_NUMA_BALANCING */ @@ -76502,7 +77557,7 @@ index 8e4f41d..c5e9afd 100644 #endif /* !__ASSEMBLY__ */ diff --git a/include/asm-generic/uaccess.h b/include/asm-generic/uaccess.h -index dc1269c..48a4f51 100644 +index 72d8803..cb9749c 100644 --- a/include/asm-generic/uaccess.h +++ b/include/asm-generic/uaccess.h @@ -343,4 +343,20 @@ clear_user(void __user *to, unsigned long n) @@ -76575,10 +77630,10 @@ index e73c19e..5b89e00 100644 struct crypto_instance { struct crypto_alg alg; diff --git a/include/drm/drmP.h b/include/drm/drmP.h -index 1d4a920..da65658 100644 +index 04a7f31..668d424 100644 --- a/include/drm/drmP.h +++ b/include/drm/drmP.h -@@ -66,6 +66,7 @@ +@@ -67,6 +67,7 @@ #include <linux/workqueue.h> #include <linux/poll.h> #include <asm/pgalloc.h> @@ -76586,7 +77641,7 @@ index 1d4a920..da65658 100644 #include <drm/drm.h> #include <drm/drm_sarea.h> #include <drm/drm_vma_manager.h> -@@ -278,10 +279,12 @@ do { \ +@@ -297,10 +298,12 @@ do { \ * \param cmd command. * \param arg argument. */ @@ -76601,7 +77656,7 @@ index 1d4a920..da65658 100644 unsigned long arg); #define DRM_IOCTL_NR(n) _IOC_NR(n) -@@ -297,10 +300,10 @@ typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, +@@ -316,10 +319,10 @@ typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, struct drm_ioctl_desc { unsigned int cmd; int flags; @@ -76614,7 +77669,7 @@ index 1d4a920..da65658 100644 /** * Creates a driver or general drm_ioctl_desc array entry for the given -@@ -1013,7 +1016,8 @@ struct drm_info_list { +@@ -1022,7 +1025,8 @@ struct drm_info_list { int (*show)(struct seq_file*, void*); /** show callback */ u32 driver_features; /**< Required driver features for this entry */ void *data; @@ -76624,17 +77679,17 @@ index 1d4a920..da65658 100644 /** * debugfs node structure. This structure represents a debugfs file. -@@ -1097,7 +1101,7 @@ struct drm_device { +@@ -1106,7 +1110,7 @@ struct drm_device { /** \name Usage Counters */ /*@{ */ - int open_count; /**< Outstanding files open */ + local_t open_count; /**< Outstanding files open */ - atomic_t ioctl_count; /**< Outstanding IOCTLs pending */ - atomic_t vma_count; /**< Outstanding vma areas open */ int buf_use; /**< Buffers in use -- cannot alloc */ + atomic_t buf_alloc; /**< Buffer allocation in progress */ + /*@} */ diff --git a/include/drm/drm_crtc_helper.h b/include/drm/drm_crtc_helper.h -index ef6ad3a..be34b16 100644 +index b1388b5..e1d1163 100644 --- a/include/drm/drm_crtc_helper.h +++ b/include/drm/drm_crtc_helper.h @@ -109,7 +109,7 @@ struct drm_encoder_helper_funcs { @@ -76673,10 +77728,10 @@ index 72dcbe8..8db58d7 100644 /** * struct ttm_mem_global - Global memory accounting structure. diff --git a/include/drm/ttm/ttm_page_alloc.h b/include/drm/ttm/ttm_page_alloc.h -index d1f61bf..2239439 100644 +index 49a8284..9643967 100644 --- a/include/drm/ttm/ttm_page_alloc.h +++ b/include/drm/ttm/ttm_page_alloc.h -@@ -78,6 +78,7 @@ void ttm_dma_page_alloc_fini(void); +@@ -80,6 +80,7 @@ void ttm_dma_page_alloc_fini(void); */ extern int ttm_dma_page_alloc_debugfs(struct seq_file *m, void *data); @@ -76720,10 +77775,10 @@ index c1da539..1dcec55 100644 struct atmphy_ops { int (*start)(struct atm_dev *dev); diff --git a/include/linux/audit.h b/include/linux/audit.h -index bf1ef22..2a55e1b 100644 +index ec1464d..833274b 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h -@@ -195,7 +195,7 @@ static inline void audit_ptrace(struct task_struct *t) +@@ -196,7 +196,7 @@ static inline void audit_ptrace(struct task_struct *t) extern unsigned int audit_serial(void); extern int auditsc_get_stamp(struct audit_context *ctx, struct timespec *t, unsigned int *serial); @@ -76733,9 +77788,18 @@ index bf1ef22..2a55e1b 100644 static inline kuid_t audit_get_loginuid(struct task_struct *tsk) { diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h -index fd8bf32..2cccd5a 100644 +index b4a745d..e3c0942 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h +@@ -45,7 +45,7 @@ struct linux_binprm { + unsigned interp_data; + unsigned long loader, exec; + char tcomm[TASK_COMM_LEN]; +-}; ++} __randomize_layout; + + #define BINPRM_FLAGS_ENFORCE_NONDUMP_BIT 0 + #define BINPRM_FLAGS_ENFORCE_NONDUMP (1 << BINPRM_FLAGS_ENFORCE_NONDUMP_BIT) @@ -74,8 +74,10 @@ struct linux_binfmt { int (*load_binary)(struct linux_binprm *); int (*load_shlib)(struct file *); @@ -76744,12 +77808,12 @@ index fd8bf32..2cccd5a 100644 + void (*handle_mmap)(struct file *); unsigned long min_coredump; /* minimal dump size */ -}; -+} __do_const; ++} __do_const __randomize_layout; extern void __register_binfmt(struct linux_binfmt *fmt, int insert); diff --git a/include/linux/bitops.h b/include/linux/bitops.h -index abc9ca7..e54ee27 100644 +index be5fd38..d71192a 100644 --- a/include/linux/bitops.h +++ b/include/linux/bitops.h @@ -102,7 +102,7 @@ static inline __u64 ror64(__u64 word, unsigned int shift) @@ -76780,10 +77844,10 @@ index abc9ca7..e54ee27 100644 if (sizeof(l) == 4) return fls(l); diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h -index 1b135d4..59fc876 100644 +index 4afa4f8..1ed7824 100644 --- a/include/linux/blkdev.h +++ b/include/linux/blkdev.h -@@ -1578,7 +1578,7 @@ struct block_device_operations { +@@ -1572,7 +1572,7 @@ struct block_device_operations { /* this callback is with swap_lock and sometimes page table lock held */ void (*swap_slot_free_notify) (struct block_device *, unsigned long); struct module *owner; @@ -76806,7 +77870,7 @@ index afc1343..9735539 100644 extern int blk_trace_ioctl(struct block_device *, unsigned, char __user *); diff --git a/include/linux/cache.h b/include/linux/cache.h -index 4c57065..40346da 100644 +index 17e7e82..1d7da26 100644 --- a/include/linux/cache.h +++ b/include/linux/cache.h @@ -16,6 +16,14 @@ @@ -76868,11 +77932,11 @@ index 4ce9056..86caac6 100644 extern struct cleancache_ops * cleancache_register_ops(struct cleancache_ops *ops); diff --git a/include/linux/clk-provider.h b/include/linux/clk-provider.h -index 7e59253..d6e4cae 100644 +index 939533d..cf0a57c 100644 --- a/include/linux/clk-provider.h +++ b/include/linux/clk-provider.h -@@ -141,6 +141,7 @@ struct clk_ops { - unsigned long); +@@ -166,6 +166,7 @@ struct clk_ops { + unsigned long parent_accuracy); void (*init)(struct clk_hw *hw); }; +typedef struct clk_ops __no_const clk_ops_no_const; @@ -76880,7 +77944,7 @@ index 7e59253..d6e4cae 100644 /** * struct clk_init_data - holds init data that's common to all clocks and is diff --git a/include/linux/compat.h b/include/linux/compat.h -index 19f6003..90b64f4 100644 +index 3f448c6..df3ce1d 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -313,7 +313,7 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, @@ -76941,7 +78005,7 @@ index 2507fd2..55203f8 100644 * Mark a position in code as unreachable. This can be used to * suppress control flow warnings after asm blocks that transfer diff --git a/include/linux/compiler.h b/include/linux/compiler.h -index 92669cd..cc564c0 100644 +index 2472740..4857634 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h @@ -5,11 +5,14 @@ @@ -77009,7 +78073,7 @@ index 92669cd..cc564c0 100644 #endif /* Indirect macros required for expanded argument pasting, eg. __LINE__. */ -@@ -275,6 +297,34 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); +@@ -279,6 +301,34 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); # define __attribute_const__ /* unimplemented */ #endif @@ -77044,7 +78108,7 @@ index 92669cd..cc564c0 100644 /* * Tell gcc if a function is cold. The compiler will assume any path * directly leading to the call is unlikely. -@@ -284,6 +334,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); +@@ -288,6 +338,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); #define __cold #endif @@ -77067,7 +78131,7 @@ index 92669cd..cc564c0 100644 /* Simple shorthand for a section definition */ #ifndef __section # define __section(S) __attribute__ ((__section__(#S))) -@@ -349,7 +415,8 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); +@@ -362,7 +428,8 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); * use is to mediate communication between process-level code and irq/NMI * handlers, all running on the same CPU. */ @@ -77118,10 +78182,10 @@ index 34025df..d94bbbc 100644 /* * Users often need to create attribute structures for their configurable diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h -index dc196bb..c55a50f 100644 +index 4d89e0e..5281847 100644 --- a/include/linux/cpufreq.h +++ b/include/linux/cpufreq.h -@@ -189,6 +189,7 @@ struct global_attr { +@@ -191,6 +191,7 @@ struct global_attr { ssize_t (*store)(struct kobject *a, struct attribute *b, const char *c, size_t count); }; @@ -77129,10 +78193,10 @@ index dc196bb..c55a50f 100644 #define define_one_global_ro(_name) \ static struct global_attr _name = \ -@@ -225,7 +226,7 @@ struct cpufreq_driver { - int (*suspend) (struct cpufreq_policy *policy); - int (*resume) (struct cpufreq_policy *policy); - struct freq_attr **attr; +@@ -232,7 +233,7 @@ struct cpufreq_driver { + bool boost_supported; + bool boost_enabled; + int (*set_boost) (int state); -}; +} __do_const; @@ -77214,7 +78278,7 @@ index d08e4d2..95fad61 100644 /** diff --git a/include/linux/cred.h b/include/linux/cred.h -index 04421e8..117e17a 100644 +index 04421e8..a85afd4 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -35,7 +35,7 @@ struct group_info { @@ -77245,6 +78309,14 @@ index 04421e8..117e17a 100644 #endif /** +@@ -322,6 +325,7 @@ static inline void put_cred(const struct cred *_cred) + + #define task_uid(task) (task_cred_xxx((task), uid)) + #define task_euid(task) (task_cred_xxx((task), euid)) ++#define task_securebits(task) (task_cred_xxx((task), securebits)) + + #define current_cred_xxx(xxx) \ + ({ \ diff --git a/include/linux/crypto.h b/include/linux/crypto.h index b92eadf..b4ecdc1 100644 --- a/include/linux/crypto.h @@ -77376,10 +78448,10 @@ index fd4aee2..1f28db9 100644 #define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1)) diff --git a/include/linux/dmaengine.h b/include/linux/dmaengine.h -index 41cf0c3..f3b771c 100644 +index c5c92d5..6a5c2b2 100644 --- a/include/linux/dmaengine.h +++ b/include/linux/dmaengine.h -@@ -1114,9 +1114,9 @@ struct dma_pinned_list { +@@ -1150,9 +1150,9 @@ struct dma_pinned_list { struct dma_pinned_list *dma_pin_iovec_pages(struct iovec *iov, size_t len); void dma_unpin_iovec_pages(struct dma_pinned_list* pinned_list); @@ -77392,10 +78464,10 @@ index 41cf0c3..f3b771c 100644 unsigned int offset, size_t len); diff --git a/include/linux/efi.h b/include/linux/efi.h -index 11ce678..7b8c69c 100644 +index 0a819e7..8ed47f1 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h -@@ -764,6 +764,7 @@ struct efivar_operations { +@@ -768,6 +768,7 @@ struct efivar_operations { efi_set_variable_t *set_variable; efi_query_variable_store_t *query_variable_store; }; @@ -77456,7 +78528,7 @@ index 21c59af..6057a03 100644 /** diff --git a/include/linux/fb.h b/include/linux/fb.h -index 70c4836..ff3daec 100644 +index fe6ac95..898d41d 100644 --- a/include/linux/fb.h +++ b/include/linux/fb.h @@ -304,7 +304,7 @@ struct fb_ops { @@ -77469,10 +78541,10 @@ index 70c4836..ff3daec 100644 #ifdef CONFIG_FB_TILEBLITTING #define FB_TILE_CURSOR_NONE 0 diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h -index 085197b..0fa6f0b 100644 +index 70e8e21..1939916 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h -@@ -95,7 +95,7 @@ struct files_struct *get_files_struct(struct task_struct *); +@@ -102,7 +102,7 @@ struct files_struct *get_files_struct(struct task_struct *); void put_files_struct(struct files_struct *fs); void reset_files_struct(struct files_struct *); int unshare_files(struct files_struct **); @@ -77495,10 +78567,10 @@ index 8293262..2b3b8bd 100644 extern bool frontswap_enabled; extern struct frontswap_ops * diff --git a/include/linux/fs.h b/include/linux/fs.h -index 121f11f..0f2a863 100644 +index 23b2a35..8764ab7 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h -@@ -423,7 +423,7 @@ struct address_space { +@@ -426,7 +426,7 @@ struct address_space { spinlock_t private_lock; /* for use by the address_space */ struct list_head private_list; /* ditto */ void *private_data; /* ditto */ @@ -77507,7 +78579,7 @@ index 121f11f..0f2a863 100644 /* * On most architectures that alignment is already the case; but * must be enforced here for CRIS, to let the least significant bit -@@ -466,7 +466,7 @@ struct block_device { +@@ -469,7 +469,7 @@ struct block_device { int bd_fsfreeze_count; /* Mutex for freeze */ struct mutex bd_fsfreeze_mutex; @@ -77516,7 +78588,7 @@ index 121f11f..0f2a863 100644 /* * Radix-tree tags, for tagging dirty and writeback pages within the pagecache -@@ -610,7 +610,7 @@ struct inode { +@@ -613,7 +613,7 @@ struct inode { atomic_t i_readcount; /* struct files open RO */ #endif void *i_private; /* fs or device private pointer */ @@ -77525,16 +78597,16 @@ index 121f11f..0f2a863 100644 static inline int inode_unhashed(struct inode *inode) { -@@ -808,7 +808,7 @@ struct file { +@@ -812,7 +812,7 @@ struct file { #ifdef CONFIG_DEBUG_WRITECOUNT unsigned long f_mnt_write_state; #endif --}; -+} __randomize_layout; +-} __attribute__((aligned(4))); /* lest something weird decides that 2 is OK */ ++} __attribute__((aligned(4))) __randomize_layout; /* lest something weird decides that 2 is OK */ struct file_handle { __u32 handle_bytes; -@@ -978,7 +978,7 @@ struct file_lock { +@@ -982,7 +982,7 @@ struct file_lock { int state; /* state of grant or error if -ve */ } afs; } fl_u; @@ -77543,7 +78615,7 @@ index 121f11f..0f2a863 100644 /* The following constant reflects the upper bound of the file/locking space */ #ifndef OFFSET_MAX -@@ -1325,7 +1325,7 @@ struct super_block { +@@ -1329,7 +1329,7 @@ struct super_block { struct list_lru s_dentry_lru ____cacheline_aligned_in_smp; struct list_lru s_inode_lru ____cacheline_aligned_in_smp; struct rcu_head rcu; @@ -77552,7 +78624,7 @@ index 121f11f..0f2a863 100644 extern struct timespec current_fs_time(struct super_block *sb); -@@ -1547,7 +1547,8 @@ struct file_operations { +@@ -1551,7 +1551,8 @@ struct file_operations { long (*fallocate)(struct file *file, int mode, loff_t offset, loff_t len); int (*show_fdinfo)(struct seq_file *m, struct file *f); @@ -77562,7 +78634,7 @@ index 121f11f..0f2a863 100644 struct inode_operations { struct dentry * (*lookup) (struct inode *,struct dentry *, unsigned int); -@@ -2808,4 +2809,14 @@ static inline bool dir_relax(struct inode *inode) +@@ -2820,4 +2821,14 @@ static inline bool dir_relax(struct inode *inode) return !IS_DEADDIR(inode); } @@ -77701,10 +78773,10 @@ index c0894dd..2fbf10c 100644 }; diff --git a/include/linux/gfp.h b/include/linux/gfp.h -index 9b4dd49..61fd41d 100644 +index 39b81dc..819dc51 100644 --- a/include/linux/gfp.h +++ b/include/linux/gfp.h -@@ -35,6 +35,13 @@ struct vm_area_struct; +@@ -36,6 +36,13 @@ struct vm_area_struct; #define ___GFP_NO_KSWAPD 0x400000u #define ___GFP_OTHER_NODE 0x800000u #define ___GFP_WRITE 0x1000000u @@ -77718,7 +78790,7 @@ index 9b4dd49..61fd41d 100644 /* If the above are modified, __GFP_BITS_SHIFT may need updating */ /* -@@ -92,6 +99,7 @@ struct vm_area_struct; +@@ -93,6 +100,7 @@ struct vm_area_struct; #define __GFP_OTHER_NODE ((__force gfp_t)___GFP_OTHER_NODE) /* On behalf of other node */ #define __GFP_KMEMCG ((__force gfp_t)___GFP_KMEMCG) /* Allocation comes from a memcg-accounted resource */ #define __GFP_WRITE ((__force gfp_t)___GFP_WRITE) /* Allocator intends to dirty page */ @@ -77726,7 +78798,7 @@ index 9b4dd49..61fd41d 100644 /* * This may seem redundant, but it's a way of annotating false positives vs. -@@ -99,7 +107,7 @@ struct vm_area_struct; +@@ -100,7 +108,7 @@ struct vm_area_struct; */ #define __GFP_NOTRACK_FALSE_POSITIVE (__GFP_NOTRACK) @@ -77735,7 +78807,7 @@ index 9b4dd49..61fd41d 100644 #define __GFP_BITS_MASK ((__force gfp_t)((1 << __GFP_BITS_SHIFT) - 1)) /* This equals 0, but use constants in case they ever change */ -@@ -153,6 +161,8 @@ struct vm_area_struct; +@@ -158,6 +166,8 @@ struct vm_area_struct; /* 4GB DMA on some platforms */ #define GFP_DMA32 __GFP_DMA32 @@ -78772,10 +79844,10 @@ index 0000000..ba93581 +#define GR_MSRWRITE_MSG "denied write to CPU MSR by " diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h new file mode 100644 -index 0000000..8108301 +index 0000000..f2d8c6c --- /dev/null +++ b/include/linux/grsecurity.h -@@ -0,0 +1,246 @@ +@@ -0,0 +1,248 @@ +#ifndef GR_SECURITY_H +#define GR_SECURITY_H +#include <linux/fs.h> @@ -78805,6 +79877,8 @@ index 0000000..8108301 + +char gr_roletype_to_char(void); + ++int gr_proc_is_restricted(void); ++ +int gr_acl_enable_at_secure(void); + +int gr_check_user_change(kuid_t real, kuid_t effective, kuid_t fs); @@ -79047,6 +80121,19 @@ index 0000000..e7ffaaf + const int protocol); + +#endif +diff --git a/include/linux/hash.h b/include/linux/hash.h +index bd1754c..8240892 100644 +--- a/include/linux/hash.h ++++ b/include/linux/hash.h +@@ -83,7 +83,7 @@ static inline u32 hash32_ptr(const void *ptr) + struct fast_hash_ops { + u32 (*hash)(const void *data, u32 len, u32 seed); + u32 (*hash2)(const u32 *data, u32 len, u32 seed); +-}; ++} __no_const; + + /** + * arch_fast_hash - Caclulates a hash over a given buffer that can have diff --git a/include/linux/highmem.h b/include/linux/highmem.h index 7fb31da..08b5114 100644 --- a/include/linux/highmem.h @@ -79095,10 +80182,10 @@ index 1c7b89a..7dda400 100644 container_of(_dev_attr, struct sensor_device_attribute_2, dev_attr) diff --git a/include/linux/i2c.h b/include/linux/i2c.h -index d9c8dbd3..def6e5a 100644 +index deddeb8..bcaf62d 100644 --- a/include/linux/i2c.h +++ b/include/linux/i2c.h -@@ -364,6 +364,7 @@ struct i2c_algorithm { +@@ -378,6 +378,7 @@ struct i2c_algorithm { /* To determine what the adapter supports */ u32 (*functionality) (struct i2c_adapter *); }; @@ -79133,7 +80220,7 @@ index aff7ad8..3942bbd 100644 extern int register_pppox_proto(int proto_num, const struct pppox_proto *pp); extern void unregister_pppox_proto(int proto_num); diff --git a/include/linux/init.h b/include/linux/init.h -index 8e68a64..3f977a0 100644 +index e168880..d9b489d 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -37,9 +37,17 @@ @@ -79165,10 +80252,10 @@ index 8e68a64..3f977a0 100644 #define __meminitconst __constsection(.meminit.rodata) #define __memexit __section(.memexit.text) __exitused __cold notrace diff --git a/include/linux/init_task.h b/include/linux/init_task.h -index b0ed422..d79ea23 100644 +index 6df7f9f..d0bf699 100644 --- a/include/linux/init_task.h +++ b/include/linux/init_task.h -@@ -154,6 +154,12 @@ extern struct task_group root_task_group; +@@ -156,6 +156,12 @@ extern struct task_group root_task_group; #define INIT_TASK_COMM "swapper" @@ -79178,10 +80265,10 @@ index b0ed422..d79ea23 100644 +#define INIT_TASK_THREAD_INFO +#endif + - /* - * INIT_TASK is used to set up the first task table, touch at - * your own risk!. Base=0, limit=0x1fffff (=2MB) -@@ -193,6 +199,7 @@ extern struct task_group root_task_group; + #ifdef CONFIG_RT_MUTEXES + # define INIT_RT_MUTEXES(tsk) \ + .pi_waiters = RB_ROOT, \ +@@ -203,6 +209,7 @@ extern struct task_group root_task_group; RCU_POINTER_INITIALIZER(cred, &init_cred), \ .comm = INIT_TASK_COMM, \ .thread = INIT_THREAD, \ @@ -79190,19 +80277,10 @@ index b0ed422..d79ea23 100644 .files = &init_files, \ .signal = &init_signals, \ diff --git a/include/linux/interrupt.h b/include/linux/interrupt.h -index db43b58..5d5084b 100644 +index a2678d3..e411b1b 100644 --- a/include/linux/interrupt.h +++ b/include/linux/interrupt.h -@@ -360,7 +360,7 @@ enum - /* map softirq index to softirq name. update 'softirq_to_name' in - * kernel/softirq.c when adding a new softirq. - */ --extern char *softirq_to_name[NR_SOFTIRQS]; -+extern const char * const softirq_to_name[NR_SOFTIRQS]; - - /* softirq mask and active fields moved to irq_cpustat_t in - * asm/hardirq.h to get better cache usage. KAO -@@ -368,8 +368,8 @@ extern char *softirq_to_name[NR_SOFTIRQS]; +@@ -373,8 +373,8 @@ extern const char * const softirq_to_name[NR_SOFTIRQS]; struct softirq_action { @@ -79213,7 +80291,7 @@ index db43b58..5d5084b 100644 asmlinkage void do_softirq(void); asmlinkage void __do_softirq(void); -@@ -383,7 +383,7 @@ static inline void do_softirq_own_stack(void) +@@ -388,7 +388,7 @@ static inline void do_softirq_own_stack(void) } #endif @@ -79223,10 +80301,10 @@ index db43b58..5d5084b 100644 extern void __raise_softirq_irqoff(unsigned int nr); diff --git a/include/linux/iommu.h b/include/linux/iommu.h -index a444c79..8c41ea9 100644 +index b96a5b2..2732d1c 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h -@@ -130,7 +130,7 @@ struct iommu_ops { +@@ -131,7 +131,7 @@ struct iommu_ops { u32 (*domain_get_windows)(struct iommu_domain *domain); unsigned long pgsize_bitmap; @@ -79249,10 +80327,10 @@ index 89b7c24..382af74 100644 return res->end - res->start + 1; } diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h -index d6ad91f..f10f279 100644 +index 35e7eca..6afb7ad 100644 --- a/include/linux/ipc_namespace.h +++ b/include/linux/ipc_namespace.h -@@ -70,7 +70,7 @@ struct ipc_namespace { +@@ -69,7 +69,7 @@ struct ipc_namespace { struct user_namespace *user_ns; unsigned int proc_inum; @@ -79276,10 +80354,10 @@ index 7dc1003..407327b 100644 /* * irq_chip specific flags diff --git a/include/linux/irqchip/arm-gic.h b/include/linux/irqchip/arm-gic.h -index cac496b..ffa0567 100644 +index 0ceb389..eed3fb8 100644 --- a/include/linux/irqchip/arm-gic.h +++ b/include/linux/irqchip/arm-gic.h -@@ -61,9 +61,11 @@ +@@ -73,9 +73,11 @@ #ifndef __ASSEMBLY__ @@ -79293,26 +80371,33 @@ index cac496b..ffa0567 100644 void gic_init_bases(unsigned int, int, void __iomem *, void __iomem *, u32 offset, struct device_node *); diff --git a/include/linux/jiffies.h b/include/linux/jiffies.h -index d235e88..8ccbe74 100644 +index 1f44466..b481806 100644 --- a/include/linux/jiffies.h +++ b/include/linux/jiffies.h -@@ -292,14 +292,14 @@ extern unsigned long preset_lpj; +@@ -292,20 +292,20 @@ extern unsigned long preset_lpj; /* * Convert various time units to each other: */ -extern unsigned int jiffies_to_msecs(const unsigned long j); -extern unsigned int jiffies_to_usecs(const unsigned long j); --extern unsigned long msecs_to_jiffies(const unsigned int m); --extern unsigned long usecs_to_jiffies(const unsigned int u); --extern unsigned long timespec_to_jiffies(const struct timespec *value); +extern unsigned int jiffies_to_msecs(const unsigned long j) __intentional_overflow(-1); +extern unsigned int jiffies_to_usecs(const unsigned long j) __intentional_overflow(-1); + +-static inline u64 jiffies_to_nsecs(const unsigned long j) ++static inline u64 __intentional_overflow(-1) jiffies_to_nsecs(const unsigned long j) + { + return (u64)jiffies_to_usecs(j) * NSEC_PER_USEC; + } + +-extern unsigned long msecs_to_jiffies(const unsigned int m); +-extern unsigned long usecs_to_jiffies(const unsigned int u); +extern unsigned long msecs_to_jiffies(const unsigned int m) __intentional_overflow(-1); +extern unsigned long usecs_to_jiffies(const unsigned int u) __intentional_overflow(-1); -+extern unsigned long timespec_to_jiffies(const struct timespec *value) __intentional_overflow(-1); + extern unsigned long timespec_to_jiffies(const struct timespec *value); extern void jiffies_to_timespec(const unsigned long jiffies, - struct timespec *value); +- struct timespec *value); -extern unsigned long timeval_to_jiffies(const struct timeval *value); ++ struct timespec *value) __intentional_overflow(-1); +extern unsigned long timeval_to_jiffies(const struct timeval *value) __intentional_overflow(-1); extern void jiffies_to_timeval(const unsigned long jiffies, struct timeval *value); @@ -79367,7 +80452,7 @@ index a74c3a8..28d3f21 100644 extern struct key_type key_type_keyring; diff --git a/include/linux/kgdb.h b/include/linux/kgdb.h -index dfb4f2f..7927e62 100644 +index 6b06d37..c134867 100644 --- a/include/linux/kgdb.h +++ b/include/linux/kgdb.h @@ -52,7 +52,7 @@ extern int kgdb_connected; @@ -79421,7 +80506,7 @@ index 0555cc6..40116ce 100644 char **envp; int wait; diff --git a/include/linux/kobject.h b/include/linux/kobject.h -index e7ba650..0af3acb 100644 +index 926afb6..58dd6e5 100644 --- a/include/linux/kobject.h +++ b/include/linux/kobject.h @@ -116,7 +116,7 @@ struct kobj_type { @@ -79477,10 +80562,10 @@ index 484604d..0f6c5b6 100644 if (atomic_sub_and_test((int) count, &kref->refcount)) { release(kref); diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h -index 9523d2a..16c0424 100644 +index b8e9a43..632678d 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h -@@ -457,7 +457,7 @@ static inline void kvm_irqfd_exit(void) +@@ -455,7 +455,7 @@ static inline void kvm_irqfd_exit(void) { } #endif @@ -79489,7 +80574,7 @@ index 9523d2a..16c0424 100644 struct module *module); void kvm_exit(void); -@@ -632,7 +632,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu, +@@ -621,7 +621,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu, struct kvm_guest_debug *dbg); int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run); @@ -79499,10 +80584,10 @@ index 9523d2a..16c0424 100644 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); diff --git a/include/linux/libata.h b/include/linux/libata.h -index bec6dbe..2873d64 100644 +index 3fee55e..42565b7 100644 --- a/include/linux/libata.h +++ b/include/linux/libata.h -@@ -975,7 +975,7 @@ struct ata_port_operations { +@@ -976,7 +976,7 @@ struct ata_port_operations { * fields must be pointers. */ const struct ata_port_operations *inherits; @@ -79512,10 +80597,10 @@ index bec6dbe..2873d64 100644 struct ata_port_info { unsigned long flags; diff --git a/include/linux/linkage.h b/include/linux/linkage.h -index d3e8ad2..a949f68 100644 +index a6a42dd..6c5ebce 100644 --- a/include/linux/linkage.h +++ b/include/linux/linkage.h -@@ -31,6 +31,7 @@ +@@ -36,6 +36,7 @@ #endif #define __page_aligned_data __section(.data..page_aligned) __aligned(PAGE_SIZE) @@ -79606,7 +80691,7 @@ index c45c089..298841c 100644 u32 remainder; return div_u64_rem(dividend, divisor, &remainder); diff --git a/include/linux/mempolicy.h b/include/linux/mempolicy.h -index 9fe426b..8148be6 100644 +index 5f1ea75..5125ac5 100644 --- a/include/linux/mempolicy.h +++ b/include/linux/mempolicy.h @@ -91,6 +91,10 @@ static inline struct mempolicy *mpol_dup(struct mempolicy *pol) @@ -79620,7 +80705,7 @@ index 9fe426b..8148be6 100644 static inline void mpol_get(struct mempolicy *pol) { -@@ -241,6 +245,9 @@ mpol_shared_policy_lookup(struct shared_policy *sp, unsigned long idx) +@@ -223,6 +227,9 @@ static inline void mpol_free_shared_policy(struct shared_policy *p) } #define vma_policy(vma) NULL @@ -79631,10 +80716,10 @@ index 9fe426b..8148be6 100644 static inline int vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst) diff --git a/include/linux/mm.h b/include/linux/mm.h -index 0ab5439..2859c61 100644 +index c1b7414..5ea2ad8 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h -@@ -117,6 +117,11 @@ extern unsigned int kobjsize(const void *objp); +@@ -127,6 +127,11 @@ extern unsigned int kobjsize(const void *objp); #define VM_HUGETLB 0x00400000 /* Huge TLB Page VM */ #define VM_NONLINEAR 0x00800000 /* Is non-linear (remap_file_pages) */ #define VM_ARCH_1 0x01000000 /* Architecture-specific flag */ @@ -79646,7 +80731,7 @@ index 0ab5439..2859c61 100644 #define VM_DONTDUMP 0x04000000 /* Do not include in the core dump */ #ifdef CONFIG_MEM_SOFT_DIRTY -@@ -219,8 +224,8 @@ struct vm_operations_struct { +@@ -229,8 +234,8 @@ struct vm_operations_struct { /* called by access_process_vm when get_user_pages() fails, typically * for use by special VMAs that can switch between memory and hardware */ @@ -79657,7 +80742,7 @@ index 0ab5439..2859c61 100644 #ifdef CONFIG_NUMA /* * set_policy() op must add a reference to any non-NULL @new mempolicy -@@ -250,6 +255,7 @@ struct vm_operations_struct { +@@ -260,6 +265,7 @@ struct vm_operations_struct { int (*remap_pages)(struct vm_area_struct *vma, unsigned long addr, unsigned long size, pgoff_t pgoff); }; @@ -79665,7 +80750,7 @@ index 0ab5439..2859c61 100644 struct mmu_gather; struct inode; -@@ -1064,8 +1070,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, +@@ -1112,8 +1118,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, unsigned long *pfn); int follow_phys(struct vm_area_struct *vma, unsigned long address, unsigned int flags, unsigned long *prot, resource_size_t *phys); @@ -79676,7 +80761,7 @@ index 0ab5439..2859c61 100644 static inline void unmap_shared_mapping_range(struct address_space *mapping, loff_t const holebegin, loff_t const holelen) -@@ -1104,9 +1110,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, +@@ -1152,9 +1158,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, } #endif @@ -79689,7 +80774,7 @@ index 0ab5439..2859c61 100644 long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, unsigned long start, unsigned long nr_pages, -@@ -1138,34 +1144,6 @@ int set_page_dirty(struct page *page); +@@ -1186,34 +1192,6 @@ int set_page_dirty(struct page *page); int set_page_dirty_lock(struct page *page); int clear_page_dirty_for_io(struct page *page); @@ -79724,7 +80809,7 @@ index 0ab5439..2859c61 100644 extern pid_t vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group); -@@ -1265,6 +1243,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) +@@ -1313,6 +1291,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) } #endif @@ -79740,7 +80825,7 @@ index 0ab5439..2859c61 100644 int vma_wants_writenotify(struct vm_area_struct *vma); extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr, -@@ -1283,8 +1270,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, +@@ -1331,8 +1318,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, { return 0; } @@ -79756,7 +80841,7 @@ index 0ab5439..2859c61 100644 #endif #ifdef __PAGETABLE_PMD_FOLDED -@@ -1293,8 +1287,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, +@@ -1341,8 +1335,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, { return 0; } @@ -79772,7 +80857,7 @@ index 0ab5439..2859c61 100644 #endif int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma, -@@ -1312,11 +1313,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a +@@ -1360,11 +1361,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a NULL: pud_offset(pgd, address); } @@ -79796,7 +80881,7 @@ index 0ab5439..2859c61 100644 #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ #if USE_SPLIT_PTE_PTLOCKS -@@ -1694,7 +1707,7 @@ extern int install_special_mapping(struct mm_struct *mm, +@@ -1754,7 +1767,7 @@ extern int install_special_mapping(struct mm_struct *mm, unsigned long addr, unsigned long len, unsigned long flags, struct page **pages); @@ -79805,7 +80890,7 @@ index 0ab5439..2859c61 100644 extern unsigned long mmap_region(struct file *file, unsigned long addr, unsigned long len, vm_flags_t vm_flags, unsigned long pgoff); -@@ -1702,6 +1715,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1762,6 +1775,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long pgoff, unsigned long *populate); extern int do_munmap(struct mm_struct *, unsigned long, size_t); @@ -79813,7 +80898,7 @@ index 0ab5439..2859c61 100644 #ifdef CONFIG_MMU extern int __mm_populate(unsigned long addr, unsigned long len, -@@ -1730,10 +1744,11 @@ struct vm_unmapped_area_info { +@@ -1790,10 +1804,11 @@ struct vm_unmapped_area_info { unsigned long high_limit; unsigned long align_mask; unsigned long align_offset; @@ -79827,7 +80912,7 @@ index 0ab5439..2859c61 100644 /* * Search for an unmapped address range. -@@ -1745,7 +1760,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); +@@ -1805,7 +1820,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); * - satisfies (begin_addr & align_mask) == (align_offset & align_mask) */ static inline unsigned long @@ -79836,7 +80921,7 @@ index 0ab5439..2859c61 100644 { if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN)) return unmapped_area(info); -@@ -1808,6 +1823,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add +@@ -1868,6 +1883,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, struct vm_area_struct **pprev); @@ -79847,7 +80932,7 @@ index 0ab5439..2859c61 100644 /* Look up the first VMA which intersects the interval start_addr..end_addr-1, NULL if none. Assume start_addr < end_addr. */ static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) -@@ -1836,15 +1855,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, +@@ -1896,15 +1915,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, return vma; } @@ -79860,10 +80945,10 @@ index 0ab5439..2859c61 100644 -} -#endif - - #ifdef CONFIG_ARCH_USES_NUMA_PROT_NONE + #ifdef CONFIG_NUMA_BALANCING unsigned long change_prot_numa(struct vm_area_struct *vma, unsigned long start, unsigned long end); -@@ -1896,6 +1906,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); +@@ -1956,6 +1966,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); static inline void vm_stat_account(struct mm_struct *mm, unsigned long flags, struct file *file, long pages) { @@ -79875,7 +80960,7 @@ index 0ab5439..2859c61 100644 mm->total_vm += pages; } #endif /* CONFIG_PROC_FS */ -@@ -1977,7 +1992,7 @@ extern int unpoison_memory(unsigned long pfn); +@@ -2037,7 +2052,7 @@ extern int unpoison_memory(unsigned long pfn); extern int sysctl_memory_failure_early_kill; extern int sysctl_memory_failure_recovery; extern void shake_page(struct page *p, int access); @@ -79883,8 +80968,8 @@ index 0ab5439..2859c61 100644 +extern atomic_long_unchecked_t num_poisoned_pages; extern int soft_offline_page(struct page *page, int flags); - extern void dump_page(struct page *page); -@@ -2014,5 +2029,11 @@ void __init setup_nr_node_ids(void); + #if defined(CONFIG_TRANSPARENT_HUGEPAGE) || defined(CONFIG_HUGETLBFS) +@@ -2072,5 +2087,11 @@ void __init setup_nr_node_ids(void); static inline void setup_nr_node_ids(void) {} #endif @@ -79961,7 +81046,7 @@ index c5d5278..f0b68c8 100644 } diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h -index bd791e4..8617c34f 100644 +index 9b61b9b..52147d6b 100644 --- a/include/linux/mmzone.h +++ b/include/linux/mmzone.h @@ -396,7 +396,7 @@ struct zone { @@ -80005,7 +81090,7 @@ index 45e9214..a7227d6 100644 * struct dmi_device_id appears during expansion of * "MODULE_DEVICE_TABLE(dmi, x)". Compiler doesn't look inside it diff --git a/include/linux/module.h b/include/linux/module.h -index 15cd6b1..f6e2e6a 100644 +index eaf60ff..641979a 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -17,9 +17,11 @@ @@ -80020,7 +81105,7 @@ index 15cd6b1..f6e2e6a 100644 /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ #define MODULE_SIG_STRING "~Module signature appended~\n" -@@ -43,7 +45,7 @@ struct module_kobject { +@@ -42,7 +44,7 @@ struct module_kobject { struct kobject *drivers_dir; struct module_param_attrs *mp; struct completion *kobj_completion; @@ -80029,7 +81114,7 @@ index 15cd6b1..f6e2e6a 100644 struct module_attribute { struct attribute attr; -@@ -55,12 +57,13 @@ struct module_attribute { +@@ -54,12 +56,13 @@ struct module_attribute { int (*test)(struct module *); void (*free)(struct module *); }; @@ -80044,7 +81129,7 @@ index 15cd6b1..f6e2e6a 100644 extern ssize_t __modver_version_show(struct module_attribute *, struct module_kobject *, char *); -@@ -238,7 +241,7 @@ struct module +@@ -238,7 +241,7 @@ struct module { /* Sysfs stuff. */ struct module_kobject mkobj; @@ -80053,7 +81138,7 @@ index 15cd6b1..f6e2e6a 100644 const char *version; const char *srcversion; struct kobject *holders_dir; -@@ -287,19 +290,16 @@ struct module +@@ -287,19 +290,16 @@ struct module { int (*init)(void); /* If this is non-NULL, vfree after init() returns */ @@ -80077,7 +81162,7 @@ index 15cd6b1..f6e2e6a 100644 /* Arch-specific module values */ struct mod_arch_specific arch; -@@ -355,6 +355,10 @@ struct module +@@ -355,6 +355,10 @@ struct module { #ifdef CONFIG_EVENT_TRACING struct ftrace_event_call **trace_events; unsigned int num_trace_events; @@ -80088,7 +81173,7 @@ index 15cd6b1..f6e2e6a 100644 #endif #ifdef CONFIG_FTRACE_MCOUNT_RECORD unsigned int num_ftrace_callsites; -@@ -378,7 +382,7 @@ struct module +@@ -378,7 +382,7 @@ struct module { ctor_fn_t *ctors; unsigned int num_ctors; #endif @@ -80217,10 +81302,10 @@ index c3eb102..073c4a6 100644 .ops = ¶m_ops_##type, \ .elemsize = sizeof(array[0]), .elem = array }; \ diff --git a/include/linux/mount.h b/include/linux/mount.h -index 371d346..fba2819 100644 +index 839bac2..a96b37c 100644 --- a/include/linux/mount.h +++ b/include/linux/mount.h -@@ -56,7 +56,7 @@ struct vfsmount { +@@ -59,7 +59,7 @@ struct vfsmount { struct dentry *mnt_root; /* root of the mounted tree */ struct super_block *mnt_sb; /* pointer to superblock */ int mnt_flags; @@ -80258,7 +81343,7 @@ index 492de72..1bddcd4 100644 return nd->saved_names[nd->depth]; } diff --git a/include/linux/net.h b/include/linux/net.h -index 69be3e6..0fb422d 100644 +index 17d8339..81656c0 100644 --- a/include/linux/net.h +++ b/include/linux/net.h @@ -192,7 +192,7 @@ struct net_proto_family { @@ -80271,18 +81356,18 @@ index 69be3e6..0fb422d 100644 struct iovec; struct kvec; diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h -index 2177a6b..67fc561 100644 +index 911718f..f673407 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h -@@ -1129,6 +1129,7 @@ struct net_device_ops { - struct net_device *dev, +@@ -1147,6 +1147,7 @@ struct net_device_ops { void *priv); + int (*ndo_get_lock_subclass)(struct net_device *dev); }; +typedef struct net_device_ops __no_const net_device_ops_no_const; /* * The DEVICE structure. -@@ -1211,7 +1212,7 @@ struct net_device { +@@ -1229,7 +1230,7 @@ struct net_device { int iflink; struct net_device_stats stats; @@ -80333,7 +81418,7 @@ index 0000000..33f4af8 + +#endif diff --git a/include/linux/nls.h b/include/linux/nls.h -index 5dc635f..35f5e11 100644 +index 520681b..1d67ed2 100644 --- a/include/linux/nls.h +++ b/include/linux/nls.h @@ -31,7 +31,7 @@ struct nls_table { @@ -80388,8 +81473,29 @@ index 4386946..f50c615 100644 struct padata_cpumask cpumask; spinlock_t lock ____cacheline_aligned; unsigned int processed; +diff --git a/include/linux/path.h b/include/linux/path.h +index d137218..be0c176 100644 +--- a/include/linux/path.h ++++ b/include/linux/path.h +@@ -1,13 +1,15 @@ + #ifndef _LINUX_PATH_H + #define _LINUX_PATH_H + ++#include <linux/compiler.h> ++ + struct dentry; + struct vfsmount; + + struct path { + struct vfsmount *mnt; + struct dentry *dentry; +-}; ++} __randomize_layout; + + extern void path_get(const struct path *); + extern void path_put(const struct path *); diff --git a/include/linux/pci_hotplug.h b/include/linux/pci_hotplug.h -index a2e2f1d..8a391d2 100644 +index 5f2e559..7d59314 100644 --- a/include/linux/pci_hotplug.h +++ b/include/linux/pci_hotplug.h @@ -71,7 +71,8 @@ struct hotplug_slot_ops { @@ -80403,10 +81509,10 @@ index a2e2f1d..8a391d2 100644 /** * struct hotplug_slot_info - used to notify the hotplug pci core of the state of the slot diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h -index 2e069d1..27054b8 100644 +index e56b07f..aef789b 100644 --- a/include/linux/perf_event.h +++ b/include/linux/perf_event.h -@@ -327,8 +327,8 @@ struct perf_event { +@@ -328,8 +328,8 @@ struct perf_event { enum perf_event_active_state state; unsigned int attach_state; @@ -80417,7 +81523,7 @@ index 2e069d1..27054b8 100644 /* * These are the total time in nanoseconds that the event -@@ -379,8 +379,8 @@ struct perf_event { +@@ -380,8 +380,8 @@ struct perf_event { * These accumulate total time (in nanoseconds) that children * events have been enabled and running, respectively. */ @@ -80428,7 +81534,7 @@ index 2e069d1..27054b8 100644 /* * Protect attach/detach and child_list: -@@ -707,7 +707,7 @@ static inline void perf_callchain_store(struct perf_callchain_entry *entry, u64 +@@ -708,7 +708,7 @@ static inline void perf_callchain_store(struct perf_callchain_entry *entry, u64 entry->ip[entry->nr++] = ip; } @@ -80437,7 +81543,7 @@ index 2e069d1..27054b8 100644 extern int sysctl_perf_event_mlock; extern int sysctl_perf_event_sample_rate; extern int sysctl_perf_cpu_time_max_percent; -@@ -722,19 +722,24 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, +@@ -723,19 +723,24 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, loff_t *ppos); @@ -80465,7 +81571,7 @@ index 2e069d1..27054b8 100644 } extern void perf_event_init(void); -@@ -850,7 +855,7 @@ struct perf_pmu_events_attr { +@@ -851,7 +856,7 @@ struct perf_pmu_events_attr { struct device_attribute attr; u64 id; const char *event_str; @@ -80507,10 +81613,10 @@ index ab57526..94598804 100644 unsigned int w_counter; struct page *tmp_page; diff --git a/include/linux/pm.h b/include/linux/pm.h -index a224c7f..92d8a97 100644 +index 8c6583a..febb84c 100644 --- a/include/linux/pm.h +++ b/include/linux/pm.h -@@ -576,6 +576,7 @@ extern int dev_pm_put_subsys_data(struct device *dev); +@@ -597,6 +597,7 @@ extern int dev_pm_put_subsys_data(struct device *dev); struct dev_pm_domain { struct dev_pm_ops ops; }; @@ -80537,10 +81643,10 @@ index 7c1d252..0e7061d 100644 struct generic_pm_domain { diff --git a/include/linux/pm_runtime.h b/include/linux/pm_runtime.h -index 6fa7cea..7bf6415 100644 +index 16c9a62..f9f0838 100644 --- a/include/linux/pm_runtime.h +++ b/include/linux/pm_runtime.h -@@ -103,7 +103,7 @@ static inline bool pm_runtime_callbacks_present(struct device *dev) +@@ -109,7 +109,7 @@ static inline bool pm_runtime_callbacks_present(struct device *dev) static inline void pm_runtime_mark_last_busy(struct device *dev) { @@ -80604,10 +81710,10 @@ index 4ea1d37..80f4b33 100644 /* * The return value from decompress routine is the length of the diff --git a/include/linux/preempt.h b/include/linux/preempt.h -index a3d9dc8..8af9922 100644 +index 1841b58..fbeebf8 100644 --- a/include/linux/preempt.h +++ b/include/linux/preempt.h -@@ -27,11 +27,16 @@ extern void preempt_count_sub(int val); +@@ -29,11 +29,16 @@ extern void preempt_count_sub(int val); #define preempt_count_dec_and_test() __preempt_count_dec_and_test() #endif @@ -80624,7 +81730,7 @@ index a3d9dc8..8af9922 100644 #ifdef CONFIG_PREEMPT_COUNT -@@ -41,6 +46,12 @@ do { \ +@@ -43,6 +48,12 @@ do { \ barrier(); \ } while (0) @@ -80637,7 +81743,7 @@ index a3d9dc8..8af9922 100644 #define sched_preempt_enable_no_resched() \ do { \ barrier(); \ -@@ -49,6 +60,12 @@ do { \ +@@ -51,6 +62,12 @@ do { \ #define preempt_enable_no_resched() sched_preempt_enable_no_resched() @@ -80650,7 +81756,7 @@ index a3d9dc8..8af9922 100644 #ifdef CONFIG_PREEMPT #define preempt_enable() \ do { \ -@@ -105,8 +122,10 @@ do { \ +@@ -115,8 +132,10 @@ do { \ * region. */ #define preempt_disable() barrier() @@ -80661,11 +81767,25 @@ index a3d9dc8..8af9922 100644 #define preempt_enable() barrier() #define preempt_check_resched() do { } while (0) +@@ -130,11 +149,13 @@ do { \ + /* + * Modules have no business playing preemption tricks. + */ ++#ifndef CONFIG_PAX_KERNEXEC + #undef sched_preempt_enable_no_resched + #undef preempt_enable_no_resched + #undef preempt_enable_no_resched_notrace + #undef preempt_check_resched + #endif ++#endif + + #define preempt_set_need_resched() \ + do { \ diff --git a/include/linux/printk.h b/include/linux/printk.h -index 6949258..7c4730e 100644 +index fa47e27..c08e034 100644 --- a/include/linux/printk.h +++ b/include/linux/printk.h -@@ -106,6 +106,8 @@ static inline __printf(1, 2) __cold +@@ -114,6 +114,8 @@ static inline __printf(1, 2) __cold void early_printk(const char *s, ...) { } #endif @@ -80674,7 +81794,7 @@ index 6949258..7c4730e 100644 #ifdef CONFIG_PRINTK asmlinkage __printf(5, 0) int vprintk_emit(int facility, int level, -@@ -140,7 +142,6 @@ extern bool printk_timed_ratelimit(unsigned long *caller_jiffies, +@@ -148,7 +150,6 @@ extern bool printk_timed_ratelimit(unsigned long *caller_jiffies, extern int printk_delay_msec; extern int dmesg_restrict; @@ -80683,10 +81803,22 @@ index 6949258..7c4730e 100644 extern void wake_up_klogd(void); diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h -index 608e60a..c26f864 100644 +index 608e60a..bbcb1a0 100644 --- a/include/linux/proc_fs.h +++ b/include/linux/proc_fs.h -@@ -34,6 +34,19 @@ static inline struct proc_dir_entry *proc_create( +@@ -17,8 +17,11 @@ extern void proc_flush_task(struct task_struct *); + extern struct proc_dir_entry *proc_symlink(const char *, + struct proc_dir_entry *, const char *); + extern struct proc_dir_entry *proc_mkdir(const char *, struct proc_dir_entry *); ++extern struct proc_dir_entry *proc_mkdir_restrict(const char *, struct proc_dir_entry *); + extern struct proc_dir_entry *proc_mkdir_data(const char *, umode_t, + struct proc_dir_entry *, void *); ++extern struct proc_dir_entry *proc_mkdir_data_restrict(const char *, umode_t, ++ struct proc_dir_entry *, void *); + extern struct proc_dir_entry *proc_mkdir_mode(const char *, umode_t, + struct proc_dir_entry *); + +@@ -34,6 +37,19 @@ static inline struct proc_dir_entry *proc_create( return proc_create_data(name, mode, parent, proc_fops, NULL); } @@ -80706,6 +81838,15 @@ index 608e60a..c26f864 100644 extern void proc_set_size(struct proc_dir_entry *, loff_t); extern void proc_set_user(struct proc_dir_entry *, kuid_t, kgid_t); extern void *PDE_DATA(const struct inode *); +@@ -73,7 +89,7 @@ static inline int remove_proc_subtree(const char *name, struct proc_dir_entry *p + static inline struct proc_dir_entry *proc_net_mkdir( + struct net *net, const char *name, struct proc_dir_entry *parent) + { +- return proc_mkdir_data(name, 0, parent, net); ++ return proc_mkdir_data_restrict(name, 0, parent, net); + } + + #endif /* _LINUX_PROC_FS_H */ diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index 34a1e10..70f6bde 100644 --- a/include/linux/proc_ns.h @@ -80733,11 +81874,11 @@ index cc7494a..1e27036 100644 extern bool qid_valid(struct kqid qid); diff --git a/include/linux/random.h b/include/linux/random.h -index 4002b3d..d5ad855 100644 +index 1cfce0e..b0b9235 100644 --- a/include/linux/random.h +++ b/include/linux/random.h -@@ -10,9 +10,19 @@ - +@@ -9,9 +9,19 @@ + #include <uapi/linux/random.h> extern void add_device_randomness(const void *, unsigned int); + @@ -80758,7 +81899,7 @@ index 4002b3d..d5ad855 100644 extern void get_random_bytes(void *buf, int nbytes); extern void get_random_bytes_arch(void *buf, int nbytes); -@@ -23,10 +33,10 @@ extern int random_int_secret_init(void); +@@ -22,10 +32,10 @@ extern int random_int_secret_init(void); extern const struct file_operations random_fops, urandom_fops; #endif @@ -80771,7 +81912,7 @@ index 4002b3d..d5ad855 100644 void prandom_bytes(void *buf, int nbytes); void prandom_seed(u32 seed); void prandom_reseed_late(void); -@@ -38,6 +48,11 @@ struct rnd_state { +@@ -37,6 +47,11 @@ struct rnd_state { u32 prandom_u32_state(struct rnd_state *state); void prandom_bytes_state(struct rnd_state *state, void *buf, int nbytes); @@ -80780,9 +81921,9 @@ index 4002b3d..d5ad855 100644 + return prandom_u32() + (sizeof(long) > 4 ? (unsigned long)prandom_u32() << 32 : 0); +} + - /* - * Handle minimum values for seeds - */ + /** + * prandom_u32_max - returns a pseudo-random number in interval [0, ep_ro) + * @ep_ro: right open interval endpoint diff --git a/include/linux/rbtree_augmented.h b/include/linux/rbtree_augmented.h index fea49b5..2ac22bb 100644 --- a/include/linux/rbtree_augmented.h @@ -80799,7 +81940,7 @@ index fea49b5..2ac22bb 100644 diff --git a/include/linux/rculist.h b/include/linux/rculist.h -index 45a0a9e..e83788e 100644 +index dbaf990..52e07b8 100644 --- a/include/linux/rculist.h +++ b/include/linux/rculist.h @@ -29,8 +29,8 @@ @@ -80813,12 +81954,12 @@ index 45a0a9e..e83788e 100644 } /* -@@ -59,6 +59,9 @@ extern void __list_add_rcu(struct list_head *new, - struct list_head *prev, struct list_head *next); +@@ -59,6 +59,9 @@ void __list_add_rcu(struct list_head *new, + struct list_head *prev, struct list_head *next); #endif -+extern void __pax_list_add_rcu(struct list_head *new, -+ struct list_head *prev, struct list_head *next); ++void __pax_list_add_rcu(struct list_head *new, ++ struct list_head *prev, struct list_head *next); + /** * list_add_rcu - add a new entry to rcu-protected list @@ -80857,6 +81998,19 @@ index 45a0a9e..e83788e 100644 /** * hlist_del_init_rcu - deletes entry from hash list with re-initialization * @n: the element to delete from the hash list. +diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h +index 72bf3a0..853347f 100644 +--- a/include/linux/rcupdate.h ++++ b/include/linux/rcupdate.h +@@ -588,7 +588,7 @@ static inline void rcu_preempt_sleep_check(void) + #define rcu_assign_pointer(p, v) \ + do { \ + smp_wmb(); \ +- ACCESS_ONCE(p) = RCU_INITIALIZER(v); \ ++ ACCESS_ONCE_RW(p) = RCU_INITIALIZER(v); \ + } while (0) + + diff --git a/include/linux/reboot.h b/include/linux/reboot.h index 9e7db9e..7d4fd72 100644 --- a/include/linux/reboot.h @@ -80937,7 +82091,7 @@ index b71d573..2f940bd 100644 #define RIO_RESOURCE_MEM 0x00000100 #define RIO_RESOURCE_DOORBELL 0x00000200 diff --git a/include/linux/rmap.h b/include/linux/rmap.h -index 6dacb93..6174423 100644 +index b66c211..13d2915 100644 --- a/include/linux/rmap.h +++ b/include/linux/rmap.h @@ -145,8 +145,8 @@ static inline void anon_vma_unlock_read(struct anon_vma *anon_vma) @@ -80952,18 +82106,18 @@ index 6dacb93..6174423 100644 static inline void anon_vma_merge(struct vm_area_struct *vma, struct vm_area_struct *next) diff --git a/include/linux/sched.h b/include/linux/sched.h -index 53f97eb..1d90705 100644 +index ccd0c6f..39c28a4 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h -@@ -63,6 +63,7 @@ struct bio_list; - struct fs_struct; +@@ -129,6 +129,7 @@ struct fs_struct; struct perf_event_context; struct blk_plug; + struct filename; +struct linux_binprm; /* * List of flags we want to share for kernel threads, -@@ -304,7 +305,7 @@ extern char __sched_text_start[], __sched_text_end[]; +@@ -369,7 +370,7 @@ extern char __sched_text_start[], __sched_text_end[]; extern int in_sched_functions(unsigned long addr); #define MAX_SCHEDULE_TIMEOUT LONG_MAX @@ -80972,7 +82126,7 @@ index 53f97eb..1d90705 100644 extern signed long schedule_timeout_interruptible(signed long timeout); extern signed long schedule_timeout_killable(signed long timeout); extern signed long schedule_timeout_uninterruptible(signed long timeout); -@@ -315,6 +316,19 @@ struct nsproxy; +@@ -380,6 +381,19 @@ struct nsproxy; struct user_namespace; #ifdef CONFIG_MMU @@ -80992,7 +82146,7 @@ index 53f97eb..1d90705 100644 extern void arch_pick_mmap_layout(struct mm_struct *mm); extern unsigned long arch_get_unmapped_area(struct file *, unsigned long, unsigned long, -@@ -600,6 +614,17 @@ struct signal_struct { +@@ -677,6 +691,17 @@ struct signal_struct { #ifdef CONFIG_TASKSTATS struct taskstats *stats; #endif @@ -81010,7 +82164,7 @@ index 53f97eb..1d90705 100644 #ifdef CONFIG_AUDIT unsigned audit_tty; unsigned audit_tty_log_passwd; -@@ -626,7 +651,7 @@ struct signal_struct { +@@ -703,7 +728,7 @@ struct signal_struct { struct mutex cred_guard_mutex; /* guard against foreign influences on * credential calculations * (notably. ptrace) */ @@ -81019,7 +82173,7 @@ index 53f97eb..1d90705 100644 /* * Bits in flags field of signal_struct. -@@ -680,6 +705,14 @@ struct user_struct { +@@ -757,6 +782,14 @@ struct user_struct { struct key *session_keyring; /* UID's default session keyring */ #endif @@ -81034,7 +82188,7 @@ index 53f97eb..1d90705 100644 /* Hash table maintenance information */ struct hlist_node uidhash_node; kuid_t uid; -@@ -687,7 +720,7 @@ struct user_struct { +@@ -764,7 +797,7 @@ struct user_struct { #ifdef CONFIG_PERF_EVENTS atomic_long_t locked_vm; #endif @@ -81043,8 +82197,8 @@ index 53f97eb..1d90705 100644 extern int uids_sysfs_init(void); -@@ -1162,8 +1195,8 @@ struct task_struct { - struct list_head thread_group; +@@ -1286,8 +1319,8 @@ struct task_struct { + struct list_head thread_node; struct completion *vfork_done; /* for vfork() */ - int __user *set_child_tid; /* CLONE_CHILD_SETTID */ @@ -81054,7 +82208,7 @@ index 53f97eb..1d90705 100644 cputime_t utime, stime, utimescaled, stimescaled; cputime_t gtime; -@@ -1188,11 +1221,6 @@ struct task_struct { +@@ -1312,11 +1345,6 @@ struct task_struct { struct task_cputime cputime_expires; struct list_head cpu_timers[3]; @@ -81066,7 +82220,7 @@ index 53f97eb..1d90705 100644 char comm[TASK_COMM_LEN]; /* executable name excluding path - access with [gs]et_task_comm (which lock it with task_lock()) -@@ -1209,6 +1237,10 @@ struct task_struct { +@@ -1333,6 +1361,10 @@ struct task_struct { #endif /* CPU-specific state of this task */ struct thread_struct thread; @@ -81077,7 +82231,7 @@ index 53f97eb..1d90705 100644 /* filesystem information */ struct fs_struct *fs; /* open file information */ -@@ -1282,6 +1314,10 @@ struct task_struct { +@@ -1409,6 +1441,10 @@ struct task_struct { gfp_t lockdep_reclaim_gfp; #endif @@ -81088,7 +82242,7 @@ index 53f97eb..1d90705 100644 /* journalling filesystem info */ void *journal_info; -@@ -1320,6 +1356,10 @@ struct task_struct { +@@ -1447,6 +1483,10 @@ struct task_struct { /* cg_list protected by css_set_lock and tsk->alloc_lock */ struct list_head cg_list; #endif @@ -81099,7 +82253,7 @@ index 53f97eb..1d90705 100644 #ifdef CONFIG_FUTEX struct robust_list_head __user *robust_list; #ifdef CONFIG_COMPAT -@@ -1454,7 +1494,78 @@ struct task_struct { +@@ -1581,7 +1621,78 @@ struct task_struct { unsigned int sequential_io; unsigned int sequential_io_avg; #endif @@ -81179,7 +82333,7 @@ index 53f97eb..1d90705 100644 /* Future-safe accessor for struct task_struct's cpus_allowed. */ #define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) -@@ -1531,7 +1642,7 @@ struct pid_namespace; +@@ -1658,7 +1769,7 @@ struct pid_namespace; pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type, struct pid_namespace *ns); @@ -81188,7 +82342,33 @@ index 53f97eb..1d90705 100644 { return tsk->pid; } -@@ -1981,7 +2092,9 @@ void yield(void); +@@ -2006,6 +2117,25 @@ extern u64 sched_clock_cpu(int cpu); + + extern void sched_clock_init(void); + ++#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW ++static inline void populate_stack(void) ++{ ++ struct task_struct *curtask = current; ++ int c; ++ int *ptr = curtask->stack; ++ int *end = curtask->stack + THREAD_SIZE; ++ ++ while (ptr < end) { ++ c = *(volatile int *)ptr; ++ ptr += PAGE_SIZE/sizeof(int); ++ } ++} ++#else ++static inline void populate_stack(void) ++{ ++} ++#endif ++ + #ifndef CONFIG_HAVE_UNSTABLE_SCHED_CLOCK + static inline void sched_clock_tick(void) + { +@@ -2130,7 +2260,9 @@ void yield(void); extern struct exec_domain default_exec_domain; union thread_union { @@ -81198,7 +82378,7 @@ index 53f97eb..1d90705 100644 unsigned long stack[THREAD_SIZE/sizeof(long)]; }; -@@ -2014,6 +2127,7 @@ extern struct pid_namespace init_pid_ns; +@@ -2163,6 +2295,7 @@ extern struct pid_namespace init_pid_ns; */ extern struct task_struct *find_task_by_vpid(pid_t nr); @@ -81206,7 +82386,7 @@ index 53f97eb..1d90705 100644 extern struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns); -@@ -2178,7 +2292,7 @@ extern void __cleanup_sighand(struct sighand_struct *); +@@ -2325,7 +2458,7 @@ extern void __cleanup_sighand(struct sighand_struct *); extern void exit_itimers(struct signal_struct *); extern void flush_itimer_signals(void); @@ -81215,7 +82395,7 @@ index 53f97eb..1d90705 100644 extern int allow_signal(int); extern int disallow_signal(int); -@@ -2369,9 +2483,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) +@@ -2526,9 +2659,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) #endif @@ -81228,7 +82408,7 @@ index 53f97eb..1d90705 100644 return (obj >= stack) && (obj < (stack + THREAD_SIZE)); } diff --git a/include/linux/sched/sysctl.h b/include/linux/sched/sysctl.h -index e3347c5..f682891 100644 +index 8045a55..c959cd5 100644 --- a/include/linux/sched/sysctl.h +++ b/include/linux/sched/sysctl.h @@ -30,6 +30,7 @@ enum { sysctl_hung_task_timeout_secs = 0 }; @@ -81240,7 +82420,7 @@ index e3347c5..f682891 100644 extern unsigned int sysctl_sched_latency; extern unsigned int sysctl_sched_min_granularity; diff --git a/include/linux/security.h b/include/linux/security.h -index 5623a7f..b352409 100644 +index 2fc42d1..4d802f2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -27,6 +27,7 @@ @@ -81260,6 +82440,15 @@ index 5623a7f..b352409 100644 #ifdef CONFIG_MMU extern unsigned long mmap_min_addr; extern unsigned long dac_mmap_min_addr; +@@ -1719,7 +1718,7 @@ struct security_operations { + struct audit_context *actx); + void (*audit_rule_free) (void *lsmrule); + #endif /* CONFIG_AUDIT */ +-}; ++} __randomize_layout; + + /* prototypes */ + extern int security_init(void); diff --git a/include/linux/semaphore.h b/include/linux/semaphore.h index dc368b8..e895209 100644 --- a/include/linux/semaphore.h @@ -81274,7 +82463,7 @@ index dc368b8..e895209 100644 extern int __must_check down_trylock(struct semaphore *sem); extern int __must_check down_timeout(struct semaphore *sem, long jiffies); diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h -index 52e0097..09625ef 100644 +index 52e0097..383f21d 100644 --- a/include/linux/seq_file.h +++ b/include/linux/seq_file.h @@ -27,6 +27,9 @@ struct seq_file { @@ -81295,8 +82484,24 @@ index 52e0097..09625ef 100644 #define SEQ_SKIP 1 +@@ -96,6 +100,7 @@ void seq_pad(struct seq_file *m, char c); + + char *mangle_path(char *s, const char *p, const char *esc); + int seq_open(struct file *, const struct seq_operations *); ++int seq_open_restrict(struct file *, const struct seq_operations *); + ssize_t seq_read(struct file *, char __user *, size_t, loff_t *); + loff_t seq_lseek(struct file *, loff_t, int); + int seq_release(struct inode *, struct file *); +@@ -138,6 +143,7 @@ static inline int seq_nodemask_list(struct seq_file *m, nodemask_t *mask) + } + + int single_open(struct file *, int (*)(struct seq_file *, void *), void *); ++int single_open_restrict(struct file *, int (*)(struct seq_file *, void *), void *); + int single_open_size(struct file *, int (*)(struct seq_file *, void *), void *, size_t); + int single_release(struct inode *, struct file *); + void *__seq_open_private(struct file *, const struct seq_operations *, int); diff --git a/include/linux/shm.h b/include/linux/shm.h -index 429c199..4d42e38 100644 +index 1e2cd2e..0288750 100644 --- a/include/linux/shm.h +++ b/include/linux/shm.h @@ -21,6 +21,10 @@ struct shmid_kernel /* private to the kernel */ @@ -81311,10 +82516,10 @@ index 429c199..4d42e38 100644 /* shm_mode upper byte flags */ diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h -index 37cb679..dbaebc0 100644 +index 15ede6a..80161c3 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h -@@ -643,7 +643,7 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from, +@@ -662,7 +662,7 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from, struct sk_buff *__alloc_skb(unsigned int size, gfp_t priority, int flags, int node); struct sk_buff *build_skb(void *data, unsigned int frag_size); @@ -81323,34 +82528,7 @@ index 37cb679..dbaebc0 100644 gfp_t priority) { return __alloc_skb(size, priority, 0, NUMA_NO_NODE); -@@ -750,7 +750,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) - */ - static inline int skb_queue_empty(const struct sk_buff_head *list) - { -- return list->next == (struct sk_buff *)list; -+ return list->next == (const struct sk_buff *)list; - } - - /** -@@ -763,7 +763,7 @@ static inline int skb_queue_empty(const struct sk_buff_head *list) - static inline bool skb_queue_is_last(const struct sk_buff_head *list, - const struct sk_buff *skb) - { -- return skb->next == (struct sk_buff *)list; -+ return skb->next == (const struct sk_buff *)list; - } - - /** -@@ -776,7 +776,7 @@ static inline bool skb_queue_is_last(const struct sk_buff_head *list, - static inline bool skb_queue_is_first(const struct sk_buff_head *list, - const struct sk_buff *skb) - { -- return skb->prev == (struct sk_buff *)list; -+ return skb->prev == (const struct sk_buff *)list; - } - - /** -@@ -1686,7 +1686,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb) +@@ -1768,7 +1768,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb) return skb->inner_transport_header - skb->inner_network_header; } @@ -81359,7 +82537,7 @@ index 37cb679..dbaebc0 100644 { return skb_network_header(skb) - skb->data; } -@@ -1746,7 +1746,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) +@@ -1828,7 +1828,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) */ #ifndef NET_SKB_PAD @@ -81368,7 +82546,7 @@ index 37cb679..dbaebc0 100644 #endif int ___pskb_trim(struct sk_buff *skb, unsigned int len); -@@ -2345,7 +2345,7 @@ struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, int noblock, +@@ -2427,7 +2427,7 @@ struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, int noblock, int *err); unsigned int datagram_poll(struct file *file, struct socket *sock, struct poll_table_struct *wait); @@ -81377,7 +82555,7 @@ index 37cb679..dbaebc0 100644 struct iovec *to, int size); int skb_copy_and_csum_datagram_iovec(struct sk_buff *skb, int hlen, struct iovec *iov); -@@ -2618,6 +2618,9 @@ static inline void nf_reset(struct sk_buff *skb) +@@ -2721,6 +2721,9 @@ static inline void nf_reset(struct sk_buff *skb) nf_bridge_put(skb->nf_bridge); skb->nf_bridge = NULL; #endif @@ -81388,7 +82566,7 @@ index 37cb679..dbaebc0 100644 static inline void nf_reset_trace(struct sk_buff *skb) diff --git a/include/linux/slab.h b/include/linux/slab.h -index 1e2f4fe..df49ca6 100644 +index b5b2df6..69f5734 100644 --- a/include/linux/slab.h +++ b/include/linux/slab.h @@ -14,15 +14,29 @@ @@ -81492,10 +82670,10 @@ index 1e2f4fe..df49ca6 100644 #else static __always_inline void *__kmalloc_node(size_t size, gfp_t flags, int node) diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h -index 09bfffb..4fc80fb 100644 +index 8235dfb..47ce586 100644 --- a/include/linux/slab_def.h +++ b/include/linux/slab_def.h -@@ -36,7 +36,7 @@ struct kmem_cache { +@@ -38,7 +38,7 @@ struct kmem_cache { /* 4) cache creation/removal */ const char *name; struct list_head list; @@ -81504,7 +82682,7 @@ index 09bfffb..4fc80fb 100644 int object_size; int align; -@@ -52,10 +52,14 @@ struct kmem_cache { +@@ -54,10 +54,14 @@ struct kmem_cache { unsigned long node_allocs; unsigned long node_frees; unsigned long node_overflow; @@ -81537,10 +82715,10 @@ index f56bfa9..8378a26 100644 int inuse; /* Offset to metadata */ int align; /* Alignment */ diff --git a/include/linux/smp.h b/include/linux/smp.h -index 5da22ee..71d8a28 100644 +index 6ae004e..2743532 100644 --- a/include/linux/smp.h +++ b/include/linux/smp.h -@@ -176,7 +176,9 @@ static inline void kick_all_cpus_sync(void) { } +@@ -180,7 +180,9 @@ static inline void kick_all_cpus_sync(void) { } #endif #define get_cpu() ({ preempt_disable(); smp_processor_id(); }) @@ -81551,7 +82729,7 @@ index 5da22ee..71d8a28 100644 /* * Callback to arch code if there's nosmp or maxcpus=0 on the diff --git a/include/linux/sock_diag.h b/include/linux/sock_diag.h -index 54f91d3..be2c379 100644 +index 302ab80..3233276 100644 --- a/include/linux/sock_diag.h +++ b/include/linux/sock_diag.h @@ -11,7 +11,7 @@ struct sock; @@ -81624,10 +82802,10 @@ index 8af2804..c7414ef 100644 #ifdef __KERNEL__ diff --git a/include/linux/sunrpc/svc.h b/include/linux/sunrpc/svc.h -index 6eecfc2..7ada79d 100644 +index 04e7632..2e2a8a3 100644 --- a/include/linux/sunrpc/svc.h +++ b/include/linux/sunrpc/svc.h -@@ -410,7 +410,7 @@ struct svc_procedure { +@@ -412,7 +412,7 @@ struct svc_procedure { unsigned int pc_count; /* call count */ unsigned int pc_cachetype; /* cache info (NFS) */ unsigned int pc_xdrressize; /* maximum size of XDR reply */ @@ -81693,10 +82871,10 @@ index a5ffd32..0935dea 100644 extern dma_addr_t swiotlb_map_page(struct device *dev, struct page *page, unsigned long offset, size_t size, diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h -index 94273bb..c2e05fc 100644 +index a747a77..9e14df7 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h -@@ -97,8 +97,14 @@ struct sigaltstack; +@@ -98,8 +98,14 @@ struct sigaltstack; #define __MAP(n,...) __MAP##n(__VA_ARGS__) #define __SC_DECL(t, a) t a @@ -81712,7 +82890,7 @@ index 94273bb..c2e05fc 100644 #define __SC_CAST(t, a) (t) a #define __SC_ARGS(t, a) a #define __SC_TEST(t, a) (void)BUILD_BUG_ON_ZERO(!__TYPE_IS_LL(t) && sizeof(t) > sizeof(long)) -@@ -363,11 +369,11 @@ asmlinkage long sys_sync(void); +@@ -371,11 +377,11 @@ asmlinkage long sys_sync(void); asmlinkage long sys_fsync(unsigned int fd); asmlinkage long sys_fdatasync(unsigned int fd); asmlinkage long sys_bdflush(int func, long data); @@ -81728,7 +82906,7 @@ index 94273bb..c2e05fc 100644 asmlinkage long sys_truncate(const char __user *path, long length); asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length); asmlinkage long sys_stat(const char __user *filename, -@@ -579,7 +585,7 @@ asmlinkage long sys_getsockname(int, struct sockaddr __user *, int __user *); +@@ -587,7 +593,7 @@ asmlinkage long sys_getsockname(int, struct sockaddr __user *, int __user *); asmlinkage long sys_getpeername(int, struct sockaddr __user *, int __user *); asmlinkage long sys_send(int, void __user *, size_t, unsigned); asmlinkage long sys_sendto(int, void __user *, size_t, unsigned, @@ -81782,10 +82960,10 @@ index 14a8ff2..fa95f3a 100644 struct ctl_node { struct rb_node node; diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h -index 6695040..3d4192d 100644 +index 30b2ebe..37412ef 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h -@@ -33,7 +33,8 @@ struct attribute { +@@ -34,7 +34,8 @@ struct attribute { struct lock_class_key *key; struct lock_class_key skey; #endif @@ -81795,7 +82973,7 @@ index 6695040..3d4192d 100644 /** * sysfs_attr_init - initialize a dynamically allocated sysfs attribute -@@ -62,7 +63,8 @@ struct attribute_group { +@@ -63,7 +64,8 @@ struct attribute_group { struct attribute *, int); struct attribute **attrs; struct bin_attribute **bin_attrs; @@ -81805,7 +82983,7 @@ index 6695040..3d4192d 100644 /** * Use these macros to make defining attributes easier. See include/linux/device.h -@@ -126,7 +128,8 @@ struct bin_attribute { +@@ -127,7 +129,8 @@ struct bin_attribute { char *, loff_t, size_t); int (*mmap)(struct file *, struct kobject *, struct bin_attribute *attr, struct vm_area_struct *vma); @@ -81837,30 +83015,28 @@ index 387fa7d..3fcde6b 100644 #ifdef CONFIG_MAGIC_SYSRQ diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h -index fddbe20..0312de8 100644 +index a629e4b..3fea3d9 100644 --- a/include/linux/thread_info.h +++ b/include/linux/thread_info.h -@@ -161,6 +161,15 @@ static inline bool test_and_clear_restore_sigmask(void) +@@ -159,6 +159,13 @@ static inline bool test_and_clear_restore_sigmask(void) #error "no set_restore_sigmask() provided and default one won't work" #endif -+extern void __check_object_size(const void *ptr, unsigned long n, bool to_user); ++extern void __check_object_size(const void *ptr, unsigned long n, bool to_user, bool const_size); ++ +static inline void check_object_size(const void *ptr, unsigned long n, bool to_user) +{ -+#ifndef CONFIG_PAX_USERCOPY_DEBUG -+ if (!__builtin_constant_p(n)) -+#endif -+ __check_object_size(ptr, n, to_user); ++ __check_object_size(ptr, n, to_user, __builtin_constant_p(n)); +} + #endif /* __KERNEL__ */ #endif /* _LINUX_THREAD_INFO_H */ diff --git a/include/linux/tty.h b/include/linux/tty.h -index 97d660e..6356755 100644 +index b90b5c2..e23a512 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h -@@ -196,7 +196,7 @@ struct tty_port { +@@ -202,7 +202,7 @@ struct tty_port { const struct tty_port_operations *ops; /* Port operations */ spinlock_t lock; /* Lock protecting tty field */ int blocked_open; /* Waiting to open */ @@ -81869,7 +83045,7 @@ index 97d660e..6356755 100644 wait_queue_head_t open_wait; /* Open waiters */ wait_queue_head_t close_wait; /* Close waiters */ wait_queue_head_t delta_msr_wait; /* Modem status change */ -@@ -278,7 +278,7 @@ struct tty_struct { +@@ -284,7 +284,7 @@ struct tty_struct { /* If the tty has a pending do_SAK, queue it here - akpm */ struct work_struct SAK_work; struct tty_port *port; @@ -81878,7 +83054,7 @@ index 97d660e..6356755 100644 /* Each of a tty's open files has private_data pointing to tty_file_private */ struct tty_file_private { -@@ -545,7 +545,7 @@ extern int tty_port_open(struct tty_port *port, +@@ -550,7 +550,7 @@ extern int tty_port_open(struct tty_port *port, struct tty_struct *tty, struct file *filp); static inline int tty_port_users(struct tty_port *port) { @@ -81888,7 +83064,7 @@ index 97d660e..6356755 100644 extern int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc); diff --git a/include/linux/tty_driver.h b/include/linux/tty_driver.h -index 756a609..f61242d 100644 +index 756a609..89db85e 100644 --- a/include/linux/tty_driver.h +++ b/include/linux/tty_driver.h @@ -285,7 +285,7 @@ struct tty_operations { @@ -81896,7 +83072,7 @@ index 756a609..f61242d 100644 #endif const struct file_operations *proc_fops; -}; -+} __do_const; ++} __do_const __randomize_layout; struct tty_driver { int magic; /* magic number for this structure */ @@ -81910,10 +83086,10 @@ index 756a609..f61242d 100644 extern struct list_head tty_drivers; diff --git a/include/linux/tty_ldisc.h b/include/linux/tty_ldisc.h -index f15c898..207b7d1 100644 +index b8347c2..85d8b0f 100644 --- a/include/linux/tty_ldisc.h +++ b/include/linux/tty_ldisc.h -@@ -211,7 +211,7 @@ struct tty_ldisc_ops { +@@ -213,7 +213,7 @@ struct tty_ldisc_ops { struct module *owner; @@ -81954,10 +83130,10 @@ index 4d118ba..c3ee9bf 100644 struct list_head { diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h -index 9d8cf05..0ed74dd 100644 +index ecd3319..8a36ded 100644 --- a/include/linux/uaccess.h +++ b/include/linux/uaccess.h -@@ -72,11 +72,11 @@ static inline unsigned long __copy_from_user_nocache(void *to, +@@ -75,11 +75,11 @@ static inline unsigned long __copy_from_user_nocache(void *to, long ret; \ mm_segment_t old_fs = get_fs(); \ \ @@ -81973,10 +83149,10 @@ index 9d8cf05..0ed74dd 100644 }) diff --git a/include/linux/uidgid.h b/include/linux/uidgid.h -index 8e522cbc..aa8572d 100644 +index 2d1f9b6..d7a9fce 100644 --- a/include/linux/uidgid.h +++ b/include/linux/uidgid.h -@@ -197,4 +197,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) +@@ -175,4 +175,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) #endif /* CONFIG_USER_NS */ @@ -82038,7 +83214,7 @@ index 99c1b4d..562e6f3 100644 static inline void put_unaligned_le16(u16 val, void *p) diff --git a/include/linux/usb.h b/include/linux/usb.h -index 7454865..29f4bfa 100644 +index 7f6eb85..656e806 100644 --- a/include/linux/usb.h +++ b/include/linux/usb.h @@ -563,7 +563,7 @@ struct usb_device { @@ -82050,7 +83226,7 @@ index 7454865..29f4bfa 100644 unsigned long active_duration; -@@ -1641,7 +1641,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, +@@ -1642,7 +1642,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, extern int usb_control_msg(struct usb_device *dev, unsigned int pipe, __u8 request, __u8 requesttype, __u16 value, __u16 index, @@ -82173,7 +83349,7 @@ index 502073a..a7de024 100644 #endif #endif /* _LINUX_VGA_SWITCHEROO_H_ */ diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h -index 4b8a891..cb8df6e 100644 +index 4b8a891..05f2361 100644 --- a/include/linux/vmalloc.h +++ b/include/linux/vmalloc.h @@ -16,6 +16,11 @@ struct vm_area_struct; /* vma defining user mapping in mm_types.h */ @@ -82188,7 +83364,15 @@ index 4b8a891..cb8df6e 100644 /* bits [20..32] reserved for arch specific ioremap internals */ /* -@@ -142,7 +147,7 @@ extern void free_vm_area(struct vm_struct *area); +@@ -72,6 +77,7 @@ extern void *vzalloc_node(unsigned long size, int node); + extern void *vmalloc_exec(unsigned long size); + extern void *vmalloc_32(unsigned long size); + extern void *vmalloc_32_user(unsigned long size); ++extern void *vmalloc_stack(int node); + extern void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot); + extern void *__vmalloc_node_range(unsigned long size, unsigned long align, + unsigned long start, unsigned long end, gfp_t gfp_mask, +@@ -142,7 +148,7 @@ extern void free_vm_area(struct vm_struct *area); /* for /dev/kmem */ extern long vread(char *buf, char *addr, unsigned long count); @@ -82198,10 +83382,10 @@ index 4b8a891..cb8df6e 100644 /* * Internals. Dont't use.. diff --git a/include/linux/vmstat.h b/include/linux/vmstat.h -index a67b384..f52a537 100644 +index 67ce70c..d540954 100644 --- a/include/linux/vmstat.h +++ b/include/linux/vmstat.h -@@ -90,18 +90,18 @@ static inline void vm_events_fold_cpu(int cpu) +@@ -98,18 +98,18 @@ static inline void vm_events_fold_cpu(int cpu) /* * Zone based page accounting with per cpu differentials. */ @@ -82225,7 +83409,7 @@ index a67b384..f52a537 100644 #ifdef CONFIG_SMP if (x < 0) x = 0; -@@ -109,10 +109,10 @@ static inline unsigned long global_page_state(enum zone_stat_item item) +@@ -117,10 +117,10 @@ static inline unsigned long global_page_state(enum zone_stat_item item) return x; } @@ -82238,7 +83422,7 @@ index a67b384..f52a537 100644 #ifdef CONFIG_SMP if (x < 0) x = 0; -@@ -129,7 +129,7 @@ static inline unsigned long zone_page_state(struct zone *zone, +@@ -137,7 +137,7 @@ static inline unsigned long zone_page_state(struct zone *zone, static inline unsigned long zone_page_state_snapshot(struct zone *zone, enum zone_stat_item item) { @@ -82247,7 +83431,7 @@ index a67b384..f52a537 100644 #ifdef CONFIG_SMP int cpu; -@@ -218,8 +218,8 @@ static inline void __mod_zone_page_state(struct zone *zone, +@@ -226,8 +226,8 @@ static inline void __mod_zone_page_state(struct zone *zone, static inline void __inc_zone_state(struct zone *zone, enum zone_stat_item item) { @@ -82258,7 +83442,7 @@ index a67b384..f52a537 100644 } static inline void __inc_zone_page_state(struct page *page, -@@ -230,8 +230,8 @@ static inline void __inc_zone_page_state(struct page *page, +@@ -238,8 +238,8 @@ static inline void __inc_zone_page_state(struct page *page, static inline void __dec_zone_state(struct zone *zone, enum zone_stat_item item) { @@ -82352,11 +83536,24 @@ index 9a36d92..0aafe2a 100644 void v9fs_register_trans(struct p9_trans_module *m); void v9fs_unregister_trans(struct p9_trans_module *m); +diff --git a/include/net/af_unix.h b/include/net/af_unix.h +index a175ba4..196eb82 100644 +--- a/include/net/af_unix.h ++++ b/include/net/af_unix.h +@@ -36,7 +36,7 @@ struct unix_skb_parms { + u32 secid; /* Security ID */ + #endif + u32 consumed; +-}; ++} __randomize_layout; + + #define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb)) + #define UNIXSID(skb) (&UNIXCB((skb)).secid) diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h -index c853b16d..37fccb7 100644 +index dbc4a89..4a59b5d 100644 --- a/include/net/bluetooth/l2cap.h +++ b/include/net/bluetooth/l2cap.h -@@ -557,7 +557,7 @@ struct l2cap_ops { +@@ -600,7 +600,7 @@ struct l2cap_ops { long (*get_sndtimeo) (struct l2cap_chan *chan); struct sk_buff *(*alloc_skb) (struct l2cap_chan *chan, unsigned long len, int nb); @@ -82390,10 +83587,10 @@ index f2ae33d..c457cf0 100644 /* Protects from simultaneous access to first_req list */ spinlock_t info_list_lock; diff --git a/include/net/flow.h b/include/net/flow.h -index 65ce471..b7bbe9b 100644 +index d23e7fa..e188307 100644 --- a/include/net/flow.h +++ b/include/net/flow.h -@@ -222,6 +222,6 @@ struct flow_cache_object *flow_cache_lookup(struct net *net, +@@ -221,6 +221,6 @@ struct flow_cache_object *flow_cache_lookup(struct net *net, void flow_cache_flush(void); void flow_cache_flush_deferred(void); @@ -82402,10 +83599,10 @@ index 65ce471..b7bbe9b 100644 #endif diff --git a/include/net/genetlink.h b/include/net/genetlink.h -index 1b177ed..a24a138 100644 +index 93695f0..766d71c 100644 --- a/include/net/genetlink.h +++ b/include/net/genetlink.h -@@ -118,7 +118,7 @@ struct genl_ops { +@@ -120,7 +120,7 @@ struct genl_ops { u8 cmd; u8 internal_flags; u8 flags; @@ -82441,7 +83638,7 @@ index c55aeed..b3393f4 100644 /** inet_connection_sock - INET connection oriented sock * diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h -index f4e127a..c3d5e9c 100644 +index 6efe73c..fa94270 100644 --- a/include/net/inetpeer.h +++ b/include/net/inetpeer.h @@ -47,8 +47,8 @@ struct inet_peer { @@ -82455,7 +83652,7 @@ index f4e127a..c3d5e9c 100644 }; struct rcu_head rcu; struct inet_peer *gc_next; -@@ -178,16 +178,13 @@ static inline void inet_peer_refcheck(const struct inet_peer *p) +@@ -177,16 +177,13 @@ static inline void inet_peer_refcheck(const struct inet_peer *p) /* can be called with or without local BH being disabled */ static inline int inet_getid(struct inet_peer *p, int more) { @@ -82478,10 +83675,10 @@ index f4e127a..c3d5e9c 100644 #endif /* _NET_INETPEER_H */ diff --git a/include/net/ip.h b/include/net/ip.h -index 5a25f36..2e73203 100644 +index 23be0fd..0cb3e2c 100644 --- a/include/net/ip.h +++ b/include/net/ip.h -@@ -219,7 +219,7 @@ static inline void snmp_mib_free(void __percpu *ptr[SNMP_ARRAY_SZ]) +@@ -214,7 +214,7 @@ static inline void snmp_mib_free(void __percpu *ptr[SNMP_ARRAY_SZ]) void inet_get_local_port_range(struct net *net, int *low, int *high); @@ -82540,10 +83737,10 @@ index 5679d92..2e7a690 100644 struct list_head est_list; /* estimator list */ spinlock_t est_lock; diff --git a/include/net/irda/ircomm_tty.h b/include/net/irda/ircomm_tty.h -index 0224402..dafaf94a 100644 +index 8d4f588..2e37ad2 100644 --- a/include/net/irda/ircomm_tty.h +++ b/include/net/irda/ircomm_tty.h -@@ -35,6 +35,7 @@ +@@ -33,6 +33,7 @@ #include <linux/termios.h> #include <linux/timer.h> #include <linux/tty.h> /* struct tty_struct */ @@ -82632,10 +83829,10 @@ index 567c681..cd73ac0 100644 struct llc_sap_state { u8 curr_state; diff --git a/include/net/mac80211.h b/include/net/mac80211.h -index 7ceed99..d3ffaa2 100644 +index f4ab2fb..71a85ba 100644 --- a/include/net/mac80211.h +++ b/include/net/mac80211.h -@@ -4407,7 +4407,7 @@ struct rate_control_ops { +@@ -4476,7 +4476,7 @@ struct rate_control_ops { void (*add_sta_debugfs)(void *priv, void *priv_sta, struct dentry *dir); void (*remove_sta_debugfs)(void *priv, void *priv_sta); @@ -82645,10 +83842,10 @@ index 7ceed99..d3ffaa2 100644 static inline int rate_supported(struct ieee80211_sta *sta, enum ieee80211_band band, diff --git a/include/net/neighbour.h b/include/net/neighbour.h -index 536501a..47b7982 100644 +index 7277caf..fd095bc 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h -@@ -123,7 +123,7 @@ struct neigh_ops { +@@ -163,7 +163,7 @@ struct neigh_ops { void (*error_report)(struct neighbour *, struct sk_buff *); int (*output)(struct neighbour *, struct sk_buff *); int (*connected_output)(struct neighbour *, struct sk_buff *); @@ -82657,7 +83854,7 @@ index 536501a..47b7982 100644 struct pneigh_entry { struct pneigh_entry *next; -@@ -163,7 +163,6 @@ struct neigh_table { +@@ -203,7 +203,6 @@ struct neigh_table { void (*proxy_redo)(struct sk_buff *skb); char *id; struct neigh_parms parms; @@ -82665,17 +83862,17 @@ index 536501a..47b7982 100644 int gc_interval; int gc_thresh1; int gc_thresh2; -@@ -178,7 +177,7 @@ struct neigh_table { +@@ -218,7 +217,7 @@ struct neigh_table { struct neigh_statistics __percpu *stats; struct neigh_hash_table __rcu *nht; struct pneigh_entry **phash_buckets; -}; +} __randomize_layout; - #define NEIGH_PRIV_ALIGN sizeof(long long) - #define NEIGH_ENTRY_SIZE(size) ALIGN((size), NEIGH_PRIV_ALIGN) + static inline int neigh_parms_family(struct neigh_parms *p) + { diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h -index da68c9a..c4a0720 100644 +index 991dcd9..ab58d00 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -124,8 +124,8 @@ struct net { @@ -82689,7 +83886,7 @@ index da68c9a..c4a0720 100644 /* * ifindex generation is per-net namespace, and loopback is -@@ -281,7 +281,11 @@ static inline struct net *read_pnet(struct net * const *pnet) +@@ -289,7 +289,11 @@ static inline struct net *read_pnet(struct net * const *pnet) #define __net_init __init #define __net_exit __exit_refok #define __net_initdata __initdata @@ -82701,7 +83898,7 @@ index da68c9a..c4a0720 100644 #endif struct pernet_operations { -@@ -291,7 +295,7 @@ struct pernet_operations { +@@ -299,7 +303,7 @@ struct pernet_operations { void (*exit_batch)(struct list_head *net_exit_list); int *id; size_t size; @@ -82710,7 +83907,7 @@ index da68c9a..c4a0720 100644 /* * Use these carefully. If you implement a network device and it -@@ -339,23 +343,23 @@ static inline void unregister_net_sysctl_table(struct ctl_table_header *header) +@@ -347,23 +351,23 @@ static inline void unregister_net_sysctl_table(struct ctl_table_header *header) static inline int rt_genid_ipv4(struct net *net) { @@ -82738,7 +83935,7 @@ index da68c9a..c4a0720 100644 } #else static inline int rt_genid_ipv6(struct net *net) -@@ -377,12 +381,12 @@ static inline void rt_genid_bump_all(struct net *net) +@@ -385,12 +389,12 @@ static inline void rt_genid_bump_all(struct net *net) static inline int fnhe_genid(struct net *net) { @@ -82780,7 +83977,7 @@ index 2b47eaa..6d5bcc2 100644 /** diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h -index c9c0c53..53f24c3 100644 +index fbcc7fa..03c7e51 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -12,10 +12,10 @@ struct nf_conntrack_ecache; @@ -82806,10 +84003,10 @@ index c9c0c53..53f24c3 100644 }; diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h -index ee520cb..9a0fd88 100644 +index 80f500a..f0c23c2 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h -@@ -72,7 +72,7 @@ struct netns_ipv4 { +@@ -74,7 +74,7 @@ struct netns_ipv4 { kgid_t sysctl_ping_group_range[2]; @@ -82818,7 +84015,7 @@ index ee520cb..9a0fd88 100644 #ifdef CONFIG_IP_MROUTE #ifndef CONFIG_IP_MROUTE_MULTIPLE_TABLES -@@ -82,6 +82,6 @@ struct netns_ipv4 { +@@ -84,6 +84,6 @@ struct netns_ipv4 { struct fib_rules_ops *mr_rules_ops; #endif #endif @@ -82827,10 +84024,10 @@ index ee520cb..9a0fd88 100644 }; #endif diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h -index 0fb2401..477d81c 100644 +index 21edaf1..4c5faae 100644 --- a/include/net/netns/ipv6.h +++ b/include/net/netns/ipv6.h -@@ -71,8 +71,8 @@ struct netns_ipv6 { +@@ -73,8 +73,8 @@ struct netns_ipv6 { struct fib_rules_ops *mr6_rules_ops; #endif #endif @@ -82842,12 +84039,12 @@ index 0fb2401..477d81c 100644 #if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6) diff --git a/include/net/ping.h b/include/net/ping.h -index 90f4841..74446a8 100644 +index 026479b..d9b2829 100644 --- a/include/net/ping.h +++ b/include/net/ping.h -@@ -56,7 +56,7 @@ struct ping_iter_state { +@@ -54,7 +54,7 @@ struct ping_iter_state { + extern struct proto ping_prot; - extern struct ping_table ping_table; #if IS_ENABLED(CONFIG_IPV6) -extern struct pingv6_ops pingv6_ops; +extern struct pingv6_ops *pingv6_ops; @@ -82855,19 +84052,19 @@ index 90f4841..74446a8 100644 struct pingfakehdr { diff --git a/include/net/protocol.h b/include/net/protocol.h -index fbf7676..a5e21c3 100644 +index a7e986b..dc67bce 100644 --- a/include/net/protocol.h +++ b/include/net/protocol.h -@@ -44,7 +44,7 @@ struct net_protocol { - void (*err_handler)(struct sk_buff *skb, u32 info); - unsigned int no_policy:1, - netns_ok:1; +@@ -49,7 +49,7 @@ struct net_protocol { + * socket lookup? + */ + icmp_strict_tag_validation:1; -}; +} __do_const; #if IS_ENABLED(CONFIG_IPV6) struct inet6_protocol { -@@ -57,7 +57,7 @@ struct inet6_protocol { +@@ -62,7 +62,7 @@ struct inet6_protocol { u8 type, u8 code, int offset, __be32 info); unsigned int flags; /* INET6_PROTO_xxx */ @@ -82877,23 +84074,23 @@ index fbf7676..a5e21c3 100644 #define INET6_PROTO_NOPOLICY 0x1 #define INET6_PROTO_FINAL 0x2 diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h -index bb13a18..e734116 100644 +index 661e45d..54c39df 100644 --- a/include/net/rtnetlink.h +++ b/include/net/rtnetlink.h -@@ -79,7 +79,7 @@ struct rtnl_link_ops { - const struct net_device *dev); - unsigned int (*get_num_tx_queues)(void); - unsigned int (*get_num_rx_queues)(void); +@@ -93,7 +93,7 @@ struct rtnl_link_ops { + int (*fill_slave_info)(struct sk_buff *skb, + const struct net_device *dev, + const struct net_device *slave_dev); -}; +} __do_const; int __rtnl_link_register(struct rtnl_link_ops *ops); void __rtnl_link_unregister(struct rtnl_link_ops *ops); diff --git a/include/net/sctp/checksum.h b/include/net/sctp/checksum.h -index 6bd44fe..96f364e 100644 +index 4a5b9a3..ca27d73 100644 --- a/include/net/sctp/checksum.h +++ b/include/net/sctp/checksum.h -@@ -62,8 +62,8 @@ static inline __le32 sctp_compute_cksum(const struct sk_buff *skb, +@@ -61,8 +61,8 @@ static inline __le32 sctp_compute_cksum(const struct sk_buff *skb, unsigned int offset) { struct sctphdr *sh = sctp_hdr(skb); @@ -82905,10 +84102,10 @@ index 6bd44fe..96f364e 100644 .combine = sctp_csum_combine, }; diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h -index 4ef75af..5aa073a 100644 +index 7f4eeb3..37e8fe1 100644 --- a/include/net/sctp/sm.h +++ b/include/net/sctp/sm.h -@@ -81,7 +81,7 @@ typedef void (sctp_timer_event_t) (unsigned long); +@@ -80,7 +80,7 @@ typedef void (sctp_timer_event_t) (unsigned long); typedef struct { sctp_state_fn_t *fn; const char *name; @@ -82917,7 +84114,7 @@ index 4ef75af..5aa073a 100644 /* A naming convention of "sctp_sf_xxx" applies to all the state functions * currently in use. -@@ -293,7 +293,7 @@ __u32 sctp_generate_tag(const struct sctp_endpoint *); +@@ -292,7 +292,7 @@ __u32 sctp_generate_tag(const struct sctp_endpoint *); __u32 sctp_generate_tsn(const struct sctp_endpoint *); /* Extern declarations for major data structures. */ @@ -82927,10 +84124,10 @@ index 4ef75af..5aa073a 100644 /* Get the size of a DATA chunk payload. */ diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h -index 0a248b3..4dcbe5c 100644 +index 0dfcc92..7967849 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h -@@ -508,7 +508,7 @@ struct sctp_pf { +@@ -507,7 +507,7 @@ struct sctp_pf { struct sctp_association *asoc); void (*addr_v4map) (struct sctp_sock *, union sctp_addr *); struct sctp_af *af; @@ -82940,7 +84137,7 @@ index 0a248b3..4dcbe5c 100644 /* Structure to track chunk fragments that have been acked, but peer diff --git a/include/net/sock.h b/include/net/sock.h -index 2ef3c3e..e02013e 100644 +index b9586a1..b2948c0 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -348,7 +348,7 @@ struct sock { @@ -82952,7 +84149,16 @@ index 2ef3c3e..e02013e 100644 int sk_rcvbuf; struct sk_filter __rcu *sk_filter; -@@ -1209,7 +1209,7 @@ static inline u64 memcg_memory_allocated_read(struct cg_proto *prot) +@@ -1036,7 +1036,7 @@ struct proto { + void (*destroy_cgroup)(struct mem_cgroup *memcg); + struct cg_proto *(*proto_cgroup)(struct mem_cgroup *memcg); + #endif +-}; ++} __randomize_layout; + + /* + * Bits in struct cg_proto.flags +@@ -1223,7 +1223,7 @@ static inline u64 memcg_memory_allocated_read(struct cg_proto *prot) return ret >> PAGE_SHIFT; } @@ -82961,7 +84167,16 @@ index 2ef3c3e..e02013e 100644 sk_memory_allocated(const struct sock *sk) { struct proto *prot = sk->sk_prot; -@@ -1813,7 +1813,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) +@@ -1368,7 +1368,7 @@ struct sock_iocb { + struct scm_cookie *scm; + struct msghdr *msg, async_msg; + struct kiocb *kiocb; +-}; ++} __randomize_layout; + + static inline struct sock_iocb *kiocb_to_siocb(struct kiocb *iocb) + { +@@ -1830,7 +1830,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) } static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, @@ -82970,7 +84185,7 @@ index 2ef3c3e..e02013e 100644 int copy, int offset) { if (skb->ip_summed == CHECKSUM_NONE) { -@@ -2075,7 +2075,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) +@@ -2092,7 +2092,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) } } @@ -82980,37 +84195,10 @@ index 2ef3c3e..e02013e 100644 /** * sk_page_frag - return an appropriate page_frag diff --git a/include/net/tcp.h b/include/net/tcp.h -index 9250d62..10a7f03 100644 +index 743acce..44a58b0 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h -@@ -480,20 +480,21 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, - #ifdef CONFIG_SYN_COOKIES - #include <linux/ktime.h> - --/* Syncookies use a monotonic timer which increments every 64 seconds. -+/* Syncookies use a monotonic timer which increments every 60 seconds. - * This counter is used both as a hash input and partially encoded into - * the cookie value. A cookie is only validated further if the delta - * between the current counter value and the encoded one is less than this, -- * i.e. a sent cookie is valid only at most for 128 seconds (or less if -+ * i.e. a sent cookie is valid only at most for 2*60 seconds (or less if - * the counter advances immediately after a cookie is generated). - */ - #define MAX_SYNCOOKIE_AGE 2 - - static inline u32 tcp_cookie_time(void) - { -- struct timespec now; -- getnstimeofday(&now); -- return now.tv_sec >> 6; /* 64 seconds granularity */ -+ u64 val = get_jiffies_64(); -+ -+ do_div(val, 60 * HZ); -+ return val; - } - - u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, -@@ -540,7 +541,7 @@ void tcp_retransmit_timer(struct sock *sk); +@@ -541,7 +541,7 @@ void tcp_retransmit_timer(struct sock *sk); void tcp_xmit_retransmit_queue(struct sock *); void tcp_simple_retransmit(struct sock *); int tcp_trim_head(struct sock *, struct sk_buff *, u32); @@ -83019,7 +84207,7 @@ index 9250d62..10a7f03 100644 void tcp_send_probe0(struct sock *); void tcp_send_partial(struct sock *); -@@ -711,8 +712,8 @@ struct tcp_skb_cb { +@@ -710,8 +710,8 @@ struct tcp_skb_cb { struct inet6_skb_parm h6; #endif } header; /* For incoming frames */ @@ -83030,7 +84218,7 @@ index 9250d62..10a7f03 100644 __u32 when; /* used to compute rtt's */ __u8 tcp_flags; /* TCP header flags. (tcp[13]) */ -@@ -726,7 +727,7 @@ struct tcp_skb_cb { +@@ -725,7 +725,7 @@ struct tcp_skb_cb { __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ /* 1 byte hole */ @@ -83040,10 +84228,10 @@ index 9250d62..10a7f03 100644 #define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0])) diff --git a/include/net/xfrm.h b/include/net/xfrm.h -index 6b82fdf..14d74d2 100644 +index fb5654a..4457522 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h -@@ -287,7 +287,6 @@ struct xfrm_dst; +@@ -286,7 +286,6 @@ struct xfrm_dst; struct xfrm_policy_afinfo { unsigned short family; struct dst_ops *dst_ops; @@ -83051,7 +84239,7 @@ index 6b82fdf..14d74d2 100644 struct dst_entry *(*dst_lookup)(struct net *net, int tos, const xfrm_address_t *saddr, const xfrm_address_t *daddr); -@@ -305,7 +304,7 @@ struct xfrm_policy_afinfo { +@@ -304,7 +303,7 @@ struct xfrm_policy_afinfo { struct net_device *dev, const struct flowi *fl); struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig); @@ -83060,7 +84248,7 @@ index 6b82fdf..14d74d2 100644 int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); -@@ -344,7 +343,7 @@ struct xfrm_state_afinfo { +@@ -343,7 +342,7 @@ struct xfrm_state_afinfo { int (*transport_finish)(struct sk_buff *skb, int async); void (*local_error)(struct sk_buff *skb, u32 mtu); @@ -83069,7 +84257,7 @@ index 6b82fdf..14d74d2 100644 int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo); -@@ -429,7 +428,7 @@ struct xfrm_mode { +@@ -428,7 +427,7 @@ struct xfrm_mode { struct module *owner; unsigned int encap; int flags; @@ -83078,7 +84266,7 @@ index 6b82fdf..14d74d2 100644 /* Flags for xfrm_mode. */ enum { -@@ -526,7 +525,7 @@ struct xfrm_policy { +@@ -525,7 +524,7 @@ struct xfrm_policy { struct timer_list timer; struct flow_cache_object flo; @@ -83087,7 +84275,7 @@ index 6b82fdf..14d74d2 100644 u32 priority; u32 index; struct xfrm_mark mark; -@@ -1166,6 +1165,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk) +@@ -1165,6 +1164,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk) } void xfrm_garbage_collect(struct net *net); @@ -83095,7 +84283,7 @@ index 6b82fdf..14d74d2 100644 #else -@@ -1204,6 +1204,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, +@@ -1203,6 +1203,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir, static inline void xfrm_garbage_collect(struct net *net) { } @@ -83140,7 +84328,7 @@ index 52beadf..598734c 100644 u8 qfull; enum fc_lport_state state; diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h -index d65fbec..f80fef2 100644 +index b4f1eff..7fdbd46 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -180,9 +180,9 @@ struct scsi_device { @@ -83184,10 +84372,10 @@ index ae6c3b8..fd748ac 100644 /** * struct snd_compr: Compressed device diff --git a/include/sound/soc.h b/include/sound/soc.h -index 1f741cb..8cefc08 100644 +index 9a00147..d814573 100644 --- a/include/sound/soc.h +++ b/include/sound/soc.h -@@ -763,7 +763,7 @@ struct snd_soc_codec_driver { +@@ -770,7 +770,7 @@ struct snd_soc_codec_driver { /* probe ordering - for components with runtime dependencies */ int probe_order; int remove_order; @@ -83196,7 +84384,7 @@ index 1f741cb..8cefc08 100644 /* SoC platform interface */ struct snd_soc_platform_driver { -@@ -809,7 +809,7 @@ struct snd_soc_platform_driver { +@@ -816,7 +816,7 @@ struct snd_soc_platform_driver { unsigned int (*read)(struct snd_soc_platform *, unsigned int); int (*write)(struct snd_soc_platform *, unsigned int, unsigned int); int (*bespoke_trigger)(struct snd_pcm_substream *, int); @@ -83206,10 +84394,10 @@ index 1f741cb..8cefc08 100644 struct snd_soc_platform { const char *name; diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h -index e3569f8..6544ffd 100644 +index 1772fad..282e3e2 100644 --- a/include/target/target_core_base.h +++ b/include/target/target_core_base.h -@@ -687,7 +687,7 @@ struct se_device { +@@ -754,7 +754,7 @@ struct se_device { atomic_long_t write_bytes; /* Active commands on this virtual SE device */ atomic_t simple_cmds; @@ -83318,6 +84506,29 @@ index 7caf44c..23c6f27 100644 #if !defined (N_MAGIC) #define N_MAGIC(exec) ((exec).a_info & 0xffff) #endif +diff --git a/include/uapi/linux/bcache.h b/include/uapi/linux/bcache.h +index 22b6ad3..aeba37e 100644 +--- a/include/uapi/linux/bcache.h ++++ b/include/uapi/linux/bcache.h +@@ -5,6 +5,7 @@ + * Bcache on disk data structures + */ + ++#include <linux/compiler.h> + #include <asm/types.h> + + #define BITMASK(name, type, field, offset, size) \ +@@ -20,8 +21,8 @@ static inline void SET_##name(type *k, __u64 v) \ + /* Btree keys - all units are in sectors */ + + struct bkey { +- __u64 high; +- __u64 low; ++ __u64 high __intentional_overflow(-1); ++ __u64 low __intentional_overflow(-1); + __u64 ptr[]; + }; + diff --git a/include/uapi/linux/byteorder/little_endian.h b/include/uapi/linux/byteorder/little_endian.h index d876736..ccce5c0 100644 --- a/include/uapi/linux/byteorder/little_endian.h @@ -83519,7 +84730,7 @@ index 6d67213..552fdd9 100644 enum { diff --git a/include/uapi/linux/videodev2.h b/include/uapi/linux/videodev2.h -index 437f1b0..0eeb38d 100644 +index fe94bb9..c9e51c2 100644 --- a/include/uapi/linux/videodev2.h +++ b/include/uapi/linux/videodev2.h @@ -1227,7 +1227,7 @@ struct v4l2_ext_control { @@ -83532,10 +84743,10 @@ index 437f1b0..0eeb38d 100644 } __attribute__ ((packed)); diff --git a/include/uapi/linux/xattr.h b/include/uapi/linux/xattr.h -index e4629b9..6958086 100644 +index c38355c..17a57bc 100644 --- a/include/uapi/linux/xattr.h +++ b/include/uapi/linux/xattr.h -@@ -63,5 +63,9 @@ +@@ -73,5 +73,9 @@ #define XATTR_POSIX_ACL_DEFAULT "posix_acl_default" #define XATTR_NAME_POSIX_ACL_DEFAULT XATTR_SYSTEM_PREFIX XATTR_POSIX_ACL_DEFAULT @@ -83577,7 +84788,7 @@ index 30f5362..8ed8ac9 100644 void *pmi_pal; u8 *vbe_state_orig; /* diff --git a/init/Kconfig b/init/Kconfig -index 4e5d96a..93cd8a1 100644 +index 93c5ef0..ac92caa 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1079,6 +1079,7 @@ endif # CGROUPS @@ -83588,7 +84799,7 @@ index 4e5d96a..93cd8a1 100644 default n help Enables additional kernel features in a sake of checkpoint/restore. -@@ -1550,7 +1551,7 @@ config SLUB_DEBUG +@@ -1545,7 +1546,7 @@ config SLUB_DEBUG config COMPAT_BRK bool "Disable heap randomization" @@ -83597,7 +84808,7 @@ index 4e5d96a..93cd8a1 100644 help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1838,7 +1839,7 @@ config INIT_ALL_POSSIBLE +@@ -1833,7 +1834,7 @@ config INIT_ALL_POSSIBLE config STOP_MACHINE bool default y @@ -83835,7 +85046,7 @@ index ba0a7f36..2bcf1d5 100644 { INIT_THREAD_INFO(init_task) }; +#endif diff --git a/init/initramfs.c b/init/initramfs.c -index a67ef9d..2d17ed9 100644 +index 93b6139..8d628b7 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -84,7 +84,7 @@ static void __init free_hash(void) @@ -83946,21 +85157,12 @@ index a67ef9d..2d17ed9 100644 state = SkipIt; next_state = Reset; return 0; -@@ -583,7 +583,7 @@ static int __init populate_rootfs(void) - { - char *err = unpack_to_rootfs(__initramfs_start, __initramfs_size); - if (err) -- panic(err); /* Failed to decompress INTERNAL initramfs */ -+ panic("%s", err); /* Failed to decompress INTERNAL initramfs */ - if (initrd_start) { - #ifdef CONFIG_BLK_DEV_RAM - int fd; diff --git a/init/main.c b/init/main.c -index febc511..f0851763 100644 +index 9c7fd4c..650b4f1 100644 --- a/init/main.c +++ b/init/main.c -@@ -103,6 +103,8 @@ static inline void mark_rodata_ro(void) { } - extern void tc_init(void); +@@ -97,6 +97,8 @@ extern void radix_tree_init(void); + static inline void mark_rodata_ro(void) { } #endif +extern void grsecurity_init(void); @@ -83968,7 +85170,7 @@ index febc511..f0851763 100644 /* * Debug helper: via this flag we know that we are in 'early bootup code' * where only the boot processor is running with IRQ disabled. This means -@@ -164,6 +166,75 @@ static int __init set_reset_devices(char *str) +@@ -158,6 +160,75 @@ static int __init set_reset_devices(char *str) __setup("reset_devices", set_reset_devices); @@ -84044,7 +85246,7 @@ index febc511..f0851763 100644 static const char * argv_init[MAX_INIT_ARGS+2] = { "init", NULL, }; const char * envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, }; static const char *panic_later, *panic_param; -@@ -691,25 +762,24 @@ int __init_or_module do_one_initcall(initcall_t fn) +@@ -688,25 +759,24 @@ int __init_or_module do_one_initcall(initcall_t fn) { int count = preempt_count(); int ret; @@ -84075,10 +85277,10 @@ index febc511..f0851763 100644 return ret; } -@@ -816,8 +886,8 @@ static int run_init_process(const char *init_filename) +@@ -813,8 +883,8 @@ static int run_init_process(const char *init_filename) { argv_init[0] = init_filename; - return do_execve(init_filename, + return do_execve(getname_kernel(init_filename), - (const char __user *const __user *)argv_init, - (const char __user *const __user *)envp_init); + (const char __user *const __force_user *)argv_init, @@ -84086,7 +85288,7 @@ index febc511..f0851763 100644 } static int try_to_run_init_process(const char *init_filename) -@@ -834,6 +904,10 @@ static int try_to_run_init_process(const char *init_filename) +@@ -831,6 +901,10 @@ static int try_to_run_init_process(const char *init_filename) return ret; } @@ -84097,7 +85299,7 @@ index febc511..f0851763 100644 static noinline void __init kernel_init_freeable(void); static int __ref kernel_init(void *unused) -@@ -858,6 +932,11 @@ static int __ref kernel_init(void *unused) +@@ -855,6 +929,11 @@ static int __ref kernel_init(void *unused) ramdisk_execute_command, ret); } @@ -84109,7 +85311,7 @@ index febc511..f0851763 100644 /* * We try each of these until one succeeds. * -@@ -913,7 +992,7 @@ static noinline void __init kernel_init_freeable(void) +@@ -910,7 +989,7 @@ static noinline void __init kernel_init_freeable(void) do_basic_setup(); /* Open the /dev/console on the rootfs, this should never fail */ @@ -84118,7 +85320,7 @@ index febc511..f0851763 100644 pr_err("Warning: unable to open an initial console.\n"); (void) sys_dup(0); -@@ -926,11 +1005,13 @@ static noinline void __init kernel_init_freeable(void) +@@ -923,11 +1002,13 @@ static noinline void __init kernel_init_freeable(void) if (!ramdisk_execute_command) ramdisk_execute_command = "/init"; @@ -84134,7 +85336,7 @@ index febc511..f0851763 100644 * Ok, we have completed the initial bootup, and * we're essentially up and running. Get rid of the diff --git a/ipc/compat.c b/ipc/compat.c -index 892f658..e7c6320 100644 +index f486b00..442867f 100644 --- a/ipc/compat.c +++ b/ipc/compat.c @@ -399,7 +399,7 @@ COMPAT_SYSCALL_DEFINE6(ipc, u32, call, int, first, int, second, @@ -84147,7 +85349,7 @@ index 892f658..e7c6320 100644 case SHMDT: return sys_shmdt(compat_ptr(ptr)); diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c -index b0e99de..09f385c 100644 +index 1702864..797fa84 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -30,7 +30,7 @@ static void *get_ipc(ctl_table *table) @@ -84218,7 +85420,7 @@ index 5bb8bfe..a38ec05 100644 mq_table.data = get_mq(table); diff --git a/ipc/mqueue.c b/ipc/mqueue.c -index b8d4aed..96a4fe8 100644 +index c3b3117..1efa933 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -278,6 +278,7 @@ static struct inode *mqueue_get_inode(struct super_block *sb, @@ -84230,10 +85432,10 @@ index b8d4aed..96a4fe8 100644 if (u->mq_bytes + mq_bytes < u->mq_bytes || u->mq_bytes + mq_bytes > rlimit(RLIMIT_MSGQUEUE)) { diff --git a/ipc/msg.c b/ipc/msg.c -index 52770bf..1c60a6f 100644 +index 6498531..b0ff3c8 100644 --- a/ipc/msg.c +++ b/ipc/msg.c -@@ -297,18 +297,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg) +@@ -303,18 +303,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg) return security_msg_queue_associate(msq, msgflg); } @@ -84259,10 +85461,10 @@ index 52770bf..1c60a6f 100644 msg_params.flg = msgflg; diff --git a/ipc/sem.c b/ipc/sem.c -index db9d241..bc8427c 100644 +index bee5554..e9af81dd 100644 --- a/ipc/sem.c +++ b/ipc/sem.c -@@ -562,10 +562,15 @@ static inline int sem_more_checks(struct kern_ipc_perm *ipcp, +@@ -561,10 +561,15 @@ static inline int sem_more_checks(struct kern_ipc_perm *ipcp, return 0; } @@ -84279,7 +85481,7 @@ index db9d241..bc8427c 100644 struct ipc_params sem_params; ns = current->nsproxy->ipc_ns; -@@ -573,10 +578,6 @@ SYSCALL_DEFINE3(semget, key_t, key, int, nsems, int, semflg) +@@ -572,10 +577,6 @@ SYSCALL_DEFINE3(semget, key_t, key, int, nsems, int, semflg) if (nsems < 0 || nsems > ns->sc_semmsl) return -EINVAL; @@ -84291,10 +85493,10 @@ index db9d241..bc8427c 100644 sem_params.flg = semflg; sem_params.u.nsems = nsems; diff --git a/ipc/shm.c b/ipc/shm.c -index 7a51443..3a257d8 100644 +index 7645961..afc7f02 100644 --- a/ipc/shm.c +++ b/ipc/shm.c -@@ -72,6 +72,14 @@ static void shm_destroy (struct ipc_namespace *ns, struct shmid_kernel *shp); +@@ -72,6 +72,14 @@ static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp); static int sysvipc_shm_proc_show(struct seq_file *s, void *it); #endif @@ -84309,7 +85511,7 @@ index 7a51443..3a257d8 100644 void shm_init_ns(struct ipc_namespace *ns) { ns->shm_ctlmax = SHMMAX; -@@ -554,6 +562,14 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) +@@ -553,6 +561,14 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) shp->shm_lprid = 0; shp->shm_atim = shp->shm_dtim = 0; shp->shm_ctim = get_seconds(); @@ -84324,7 +85526,7 @@ index 7a51443..3a257d8 100644 shp->shm_segsz = size; shp->shm_nattch = 0; shp->shm_file = file; -@@ -607,18 +623,19 @@ static inline int shm_more_checks(struct kern_ipc_perm *ipcp, +@@ -606,18 +622,19 @@ static inline int shm_more_checks(struct kern_ipc_perm *ipcp, return 0; } @@ -84349,7 +85551,7 @@ index 7a51443..3a257d8 100644 shm_params.key = key; shm_params.flg = shmflg; shm_params.u.size = size; -@@ -1089,6 +1106,12 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, +@@ -1088,6 +1105,12 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, f_mode = FMODE_READ | FMODE_WRITE; } if (shmflg & SHM_EXEC) { @@ -84362,7 +85564,7 @@ index 7a51443..3a257d8 100644 prot |= PROT_EXEC; acc_mode |= S_IXUGO; } -@@ -1113,6 +1136,15 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, +@@ -1112,6 +1135,15 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, if (err) goto out_unlock; @@ -84378,7 +85580,7 @@ index 7a51443..3a257d8 100644 ipc_lock_object(&shp->shm_perm); /* check if shm_destroy() is tearing down shp */ -@@ -1125,6 +1157,9 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, +@@ -1124,6 +1156,9 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, path = shp->shm_file->f_path; path_get(&path); shp->shm_nattch++; @@ -84389,7 +85591,7 @@ index 7a51443..3a257d8 100644 ipc_unlock_object(&shp->shm_perm); rcu_read_unlock(); diff --git a/ipc/util.c b/ipc/util.c -index 3ae17a4..d67c32f 100644 +index e1b4c6d..8174204 100644 --- a/ipc/util.c +++ b/ipc/util.c @@ -71,6 +71,8 @@ struct ipc_proc_iface { @@ -84401,7 +85603,7 @@ index 3ae17a4..d67c32f 100644 static void ipc_memory_notifier(struct work_struct *work) { ipcns_notify(IPCNS_MEMCHANGED); -@@ -558,6 +560,10 @@ int ipcperms(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp, short flag) +@@ -537,6 +539,10 @@ int ipcperms(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp, short flag) granted_mode >>= 6; else if (in_group_p(ipcp->cgid) || in_group_p(ipcp->gid)) granted_mode >>= 3; @@ -84426,10 +85628,10 @@ index 8d6e145..33e0b1e 100644 current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; set_fs(fs); diff --git a/kernel/audit.c b/kernel/audit.c -index 15ec13a..986322e 100644 +index d5f31c1..06646e1 100644 --- a/kernel/audit.c +++ b/kernel/audit.c -@@ -118,7 +118,7 @@ u32 audit_sig_sid = 0; +@@ -122,7 +122,7 @@ u32 audit_sig_sid = 0; 3) suppressed due to audit_rate_limit 4) suppressed due to audit_backlog_limit */ @@ -84438,7 +85640,7 @@ index 15ec13a..986322e 100644 /* The netlink socket. */ static struct sock *audit_sock; -@@ -251,7 +251,7 @@ void audit_log_lost(const char *message) +@@ -256,7 +256,7 @@ void audit_log_lost(const char *message) unsigned long now; int print; @@ -84447,35 +85649,26 @@ index 15ec13a..986322e 100644 print = (audit_failure == AUDIT_FAIL_PANIC || !audit_rate_limit); -@@ -270,7 +270,7 @@ void audit_log_lost(const char *message) - printk(KERN_WARNING - "audit: audit_lost=%d audit_rate_limit=%d " - "audit_backlog_limit=%d\n", +@@ -273,7 +273,7 @@ void audit_log_lost(const char *message) + if (print) { + if (printk_ratelimit()) + pr_warn("audit_lost=%u audit_rate_limit=%u audit_backlog_limit=%u\n", - atomic_read(&audit_lost), + atomic_read_unchecked(&audit_lost), audit_rate_limit, audit_backlog_limit); audit_panic(message); -@@ -766,7 +766,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) - status_set.pid = audit_pid; - status_set.rate_limit = audit_rate_limit; - status_set.backlog_limit = audit_backlog_limit; -- status_set.lost = atomic_read(&audit_lost); -+ status_set.lost = atomic_read_unchecked(&audit_lost); - status_set.backlog = skb_queue_len(&audit_skb_queue); - audit_send_reply(NETLINK_CB(skb).portid, seq, AUDIT_GET, 0, 0, - &status_set, sizeof(status_set)); -@@ -1359,7 +1359,7 @@ void audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, - int i, avail, new_len; - unsigned char *ptr; - struct sk_buff *skb; -- static const unsigned char *hex = "0123456789ABCDEF"; -+ static const unsigned char hex[] = "0123456789ABCDEF"; - - if (!ab) - return; +@@ -803,7 +803,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) + s.pid = audit_pid; + s.rate_limit = audit_rate_limit; + s.backlog_limit = audit_backlog_limit; +- s.lost = atomic_read(&audit_lost); ++ s.lost = atomic_read_unchecked(&audit_lost); + s.backlog = skb_queue_len(&audit_skb_queue); + s.version = AUDIT_VERSION_LATEST; + s.backlog_wait_time = audit_backlog_wait_time; diff --git a/kernel/auditsc.c b/kernel/auditsc.c -index ff32843..27fc708 100644 +index 3b29605..f6c85d0 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1945,7 +1945,7 @@ int auditsc_get_stamp(struct audit_context *ctx, @@ -84487,17 +85680,17 @@ index ff32843..27fc708 100644 static int audit_set_loginuid_perm(kuid_t loginuid) { -@@ -2011,7 +2011,7 @@ int audit_set_loginuid(kuid_t loginuid) +@@ -2014,7 +2014,7 @@ int audit_set_loginuid(kuid_t loginuid) /* are we setting or clearing? */ if (uid_valid(loginuid)) -- sessionid = atomic_inc_return(&session_id); -+ sessionid = atomic_inc_return_unchecked(&session_id); +- sessionid = (unsigned int)atomic_inc_return(&session_id); ++ sessionid = (unsigned int)atomic_inc_return_unchecked(&session_id); task->sessionid = sessionid; task->loginuid = loginuid; diff --git a/kernel/capability.c b/kernel/capability.c -index 4e66bf9..cdccecf 100644 +index 34019c5..363f279 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) @@ -84594,10 +85787,10 @@ index 4e66bf9..cdccecf 100644 +} +EXPORT_SYMBOL(inode_capable_nolog); diff --git a/kernel/cgroup.c b/kernel/cgroup.c -index 271acd8..54b70fe 100644 +index 0c753dd..dd7d3d6 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c -@@ -5609,7 +5609,7 @@ static int cgroup_css_links_read(struct cgroup_subsys_state *css, +@@ -5372,7 +5372,7 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) struct css_set *cset = link->cset; struct task_struct *task; int count = 0; @@ -84789,7 +85982,7 @@ index c18b1f1..b9a0132 100644 return -ENOMEM; diff --git a/kernel/cred.c b/kernel/cred.c -index e0573a4..3874e41 100644 +index e0573a4..20fb164 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -164,6 +164,16 @@ void exit_creds(struct task_struct *tsk) @@ -84827,7 +86020,7 @@ index e0573a4..3874e41 100644 /* dumpability changes */ if (!uid_eq(old->euid, new->euid) || !gid_eq(old->egid, new->egid) || -@@ -479,6 +491,102 @@ int commit_creds(struct cred *new) +@@ -479,6 +491,108 @@ int commit_creds(struct cred *new) put_cred(old); return 0; } @@ -84896,6 +86089,7 @@ index e0573a4..3874e41 100644 + int ret; + int schedule_it = 0; + struct task_struct *t; ++ unsigned oldsecurebits = current_cred()->securebits; + + /* we won't get called with tasklist_lock held for writing + and interrupts disabled as the cred struct in that case is @@ -84912,7 +86106,11 @@ index e0573a4..3874e41 100644 + read_lock(&tasklist_lock); + for (t = next_thread(current); t != current; + t = next_thread(t)) { -+ if (t->delayed_cred == NULL) { ++ /* we'll check if the thread has uid 0 in ++ * the delayed worker routine ++ */ ++ if (task_securebits(t) == oldsecurebits && ++ t->delayed_cred == NULL) { + t->delayed_cred = get_cred(new); + set_tsk_thread_flag(t, TIF_GRSEC_SETXID); + set_tsk_need_resched(t); @@ -84921,6 +86119,7 @@ index e0573a4..3874e41 100644 + read_unlock(&tasklist_lock); + rcu_read_unlock(); + } ++ + return ret; +#else + return __commit_creds(new); @@ -84931,7 +86130,7 @@ index e0573a4..3874e41 100644 /** diff --git a/kernel/debug/debug_core.c b/kernel/debug/debug_core.c -index 7d2f35e..1bafcd0 100644 +index 334b398..9145fb1 100644 --- a/kernel/debug/debug_core.c +++ b/kernel/debug/debug_core.c @@ -123,7 +123,7 @@ static DEFINE_RAW_SPINLOCK(dbg_slave_lock); @@ -84972,7 +86171,7 @@ index 7d2f35e..1bafcd0 100644 if (kgdb_info[sstep_cpu].task) kgdb_sstep_pid = kgdb_info[sstep_cpu].task->pid; else -@@ -916,18 +916,18 @@ static void kgdb_unregister_callbacks(void) +@@ -917,18 +917,18 @@ static void kgdb_unregister_callbacks(void) static void kgdb_tasklet_bpt(unsigned long ing) { kgdb_breakpoint(); @@ -85017,10 +86216,10 @@ index 0b097c8..11dd5c5 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index 6ed1163..f36346e 100644 +index fa0b2d4..67a1c7a 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c -@@ -157,8 +157,15 @@ static struct srcu_struct pmus_srcu; +@@ -158,8 +158,15 @@ static struct srcu_struct pmus_srcu; * 0 - disallow raw tracepoint access for unpriv * 1 - disallow cpu events for unpriv * 2 - disallow kernel profiling for unpriv @@ -85037,7 +86236,7 @@ index 6ed1163..f36346e 100644 /* Minimum for 512 kiB + 1 user control page */ int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */ -@@ -184,7 +191,7 @@ void update_perf_cpu_limits(void) +@@ -185,7 +192,7 @@ void update_perf_cpu_limits(void) tmp *= sysctl_perf_cpu_time_max_percent; do_div(tmp, 100); @@ -85046,7 +86245,7 @@ index 6ed1163..f36346e 100644 } static int perf_rotate_context(struct perf_cpu_context *cpuctx); -@@ -271,7 +278,7 @@ void perf_sample_event_took(u64 sample_len_ns) +@@ -272,7 +279,7 @@ void perf_sample_event_took(u64 sample_len_ns) update_perf_cpu_limits(); } @@ -85055,7 +86254,7 @@ index 6ed1163..f36346e 100644 static void cpu_ctx_sched_out(struct perf_cpu_context *cpuctx, enum event_type_t event_type); -@@ -2985,7 +2992,7 @@ static void __perf_event_read(void *info) +@@ -2986,7 +2993,7 @@ static void __perf_event_read(void *info) static inline u64 perf_event_count(struct perf_event *event) { @@ -85064,7 +86263,7 @@ index 6ed1163..f36346e 100644 } static u64 perf_event_read(struct perf_event *event) -@@ -3353,9 +3360,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) +@@ -3354,9 +3361,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) mutex_lock(&event->child_mutex); total += perf_event_read(event); *enabled += event->total_time_enabled + @@ -85076,7 +86275,7 @@ index 6ed1163..f36346e 100644 list_for_each_entry(child, &event->child_list, child_list) { total += perf_event_read(child); -@@ -3770,10 +3777,10 @@ void perf_event_update_userpage(struct perf_event *event) +@@ -3785,10 +3792,10 @@ void perf_event_update_userpage(struct perf_event *event) userpg->offset -= local64_read(&event->hw.prev_count); userpg->time_enabled = enabled + @@ -85089,7 +86288,7 @@ index 6ed1163..f36346e 100644 arch_perf_update_userpage(userpg, now); -@@ -4324,7 +4331,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, +@@ -4339,7 +4346,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, /* Data. */ sp = perf_user_stack_pointer(regs); @@ -85098,7 +86297,7 @@ index 6ed1163..f36346e 100644 dyn_size = dump_size - rem; perf_output_skip(handle, rem); -@@ -4415,11 +4422,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, +@@ -4430,11 +4437,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, values[n++] = perf_event_count(event); if (read_format & PERF_FORMAT_TOTAL_TIME_ENABLED) { values[n++] = enabled + @@ -85112,7 +86311,7 @@ index 6ed1163..f36346e 100644 } if (read_format & PERF_FORMAT_ID) values[n++] = primary_event_id(event); -@@ -6686,7 +6693,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, +@@ -6704,7 +6711,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, event->parent = parent_event; event->ns = get_pid_ns(task_active_pid_ns(current)); @@ -85121,7 +86320,7 @@ index 6ed1163..f36346e 100644 event->state = PERF_EVENT_STATE_INACTIVE; -@@ -6985,6 +6992,11 @@ SYSCALL_DEFINE5(perf_event_open, +@@ -7004,6 +7011,11 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -85133,7 +86332,7 @@ index 6ed1163..f36346e 100644 err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -@@ -7316,10 +7328,10 @@ static void sync_child_event(struct perf_event *child_event, +@@ -7339,10 +7351,10 @@ static void sync_child_event(struct perf_event *child_event, /* * Add back the child's count to the parent's count: */ @@ -85192,10 +86391,10 @@ index 569b2187..19940d9 100644 /* Callchain handling */ extern struct perf_callchain_entry * diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c -index 24b7d6c..40cf797 100644 +index 307d87c..6466cbe 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c -@@ -1640,7 +1640,7 @@ static int is_trap_at_addr(struct mm_struct *mm, unsigned long vaddr) +@@ -1666,7 +1666,7 @@ static int is_trap_at_addr(struct mm_struct *mm, unsigned long vaddr) { struct page *page; uprobe_opcode_t opcode; @@ -85205,10 +86404,10 @@ index 24b7d6c..40cf797 100644 pagefault_disable(); result = __copy_from_user_inatomic(&opcode, (void __user*)vaddr, diff --git a/kernel/exit.c b/kernel/exit.c -index a949819..a5f127d 100644 +index 81b3d67..ef189a4 100644 --- a/kernel/exit.c +++ b/kernel/exit.c -@@ -172,6 +172,10 @@ void release_task(struct task_struct * p) +@@ -173,6 +173,10 @@ void release_task(struct task_struct * p) struct task_struct *leader; int zap_leader; repeat: @@ -85219,7 +86418,7 @@ index a949819..a5f127d 100644 /* don't need to get the RCU readlock here - the process is dead and * can't be modifying its own credentials. But shut RCU-lockdep up */ rcu_read_lock(); -@@ -329,7 +333,7 @@ int allow_signal(int sig) +@@ -330,7 +334,7 @@ int allow_signal(int sig) * know it'll be handled, so that they don't get converted to * SIGKILL or just silently dropped. */ @@ -85228,7 +86427,7 @@ index a949819..a5f127d 100644 recalc_sigpending(); spin_unlock_irq(¤t->sighand->siglock); return 0; -@@ -698,6 +702,8 @@ void do_exit(long code) +@@ -706,6 +710,8 @@ void do_exit(long code) struct task_struct *tsk = current; int group_dead; @@ -85237,7 +86436,7 @@ index a949819..a5f127d 100644 profile_task_exit(tsk); WARN_ON(blk_needs_flush_plug(tsk)); -@@ -714,7 +720,6 @@ void do_exit(long code) +@@ -722,7 +728,6 @@ void do_exit(long code) * mm_release()->clear_child_tid() from writing to a user-controlled * kernel address. */ @@ -85245,7 +86444,7 @@ index a949819..a5f127d 100644 ptrace_event(PTRACE_EVENT_EXIT, code); -@@ -773,6 +778,9 @@ void do_exit(long code) +@@ -781,6 +786,9 @@ void do_exit(long code) tsk->exit_code = code; taskstats_exit(tsk, group_dead); @@ -85255,7 +86454,7 @@ index a949819..a5f127d 100644 exit_mm(tsk); if (group_dead) -@@ -894,7 +902,7 @@ SYSCALL_DEFINE1(exit, int, error_code) +@@ -900,7 +908,7 @@ SYSCALL_DEFINE1(exit, int, error_code) * Take down every thread in the group. This is called by fatal signals * as well as by sys_exit_group (below). */ @@ -85265,10 +86464,49 @@ index a949819..a5f127d 100644 { struct signal_struct *sig = current->signal; diff --git a/kernel/fork.c b/kernel/fork.c -index dfa736c..d170f9b 100644 +index a17621c..d9e4b37 100644 --- a/kernel/fork.c +++ b/kernel/fork.c -@@ -319,7 +319,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) +@@ -137,6 +137,18 @@ void __weak arch_release_thread_info(struct thread_info *ti) + { + } + ++#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW ++static struct thread_info *alloc_thread_info_node(struct task_struct *tsk, ++ int node) ++{ ++ return vmalloc_stack(node); ++} ++ ++static inline void free_thread_info(struct thread_info *ti) ++{ ++ vfree(ti); ++} ++#else + #ifndef CONFIG_ARCH_THREAD_INFO_ALLOCATOR + + /* +@@ -179,6 +191,7 @@ void thread_info_cache_init(void) + } + # endif + #endif ++#endif + + /* SLAB cache for signal_struct structures (tsk->signal) */ + static struct kmem_cache *signal_cachep; +@@ -200,9 +213,11 @@ static struct kmem_cache *mm_cachep; + + static void account_kernel_stack(struct thread_info *ti, int account) + { ++#ifndef CONFIG_GRKERNSEC_KSTACKOVERFLOW + struct zone *zone = page_zone(virt_to_page(ti)); + + mod_zone_page_state(zone, NR_KERNEL_STACK, account); ++#endif + } + + void free_task(struct task_struct *tsk) +@@ -319,7 +334,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) *stackend = STACK_END_MAGIC; /* for overflow detection */ #ifdef CONFIG_CC_STACKPROTECTOR @@ -85277,7 +86515,7 @@ index dfa736c..d170f9b 100644 #endif /* -@@ -345,12 +345,80 @@ free_tsk: +@@ -345,12 +360,80 @@ free_tsk: } #ifdef CONFIG_MMU @@ -85360,7 +86598,7 @@ index dfa736c..d170f9b 100644 uprobe_start_dup_mmap(); down_write(&oldmm->mmap_sem); -@@ -379,55 +447,15 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) +@@ -379,55 +462,15 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) prev = NULL; for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) { @@ -85420,7 +86658,7 @@ index dfa736c..d170f9b 100644 } /* -@@ -459,6 +487,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) +@@ -459,6 +502,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) if (retval) goto out; } @@ -85452,7 +86690,7 @@ index dfa736c..d170f9b 100644 /* a new mm has just been created */ arch_dup_mmap(oldmm, mm); retval = 0; -@@ -468,14 +521,6 @@ out: +@@ -468,14 +536,6 @@ out: up_write(&oldmm->mmap_sem); uprobe_end_dup_mmap(); return retval; @@ -85467,7 +86705,7 @@ index dfa736c..d170f9b 100644 } static inline int mm_alloc_pgd(struct mm_struct *mm) -@@ -689,8 +734,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) +@@ -689,8 +749,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) return ERR_PTR(err); mm = get_task_mm(task); @@ -85478,7 +86716,7 @@ index dfa736c..d170f9b 100644 mmput(mm); mm = ERR_PTR(-EACCES); } -@@ -909,13 +954,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) +@@ -906,13 +966,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) spin_unlock(&fs->lock); return -EAGAIN; } @@ -85500,7 +86738,7 @@ index dfa736c..d170f9b 100644 return 0; } -@@ -1126,7 +1178,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) +@@ -1130,7 +1197,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) * parts of the process environment (as per the clone * flags). The actual kick-off is left to the caller. */ @@ -85509,7 +86747,7 @@ index dfa736c..d170f9b 100644 unsigned long stack_start, unsigned long stack_size, int __user *child_tidptr, -@@ -1198,6 +1250,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1202,6 +1269,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); #endif retval = -EAGAIN; @@ -85519,7 +86757,7 @@ index dfa736c..d170f9b 100644 if (atomic_read(&p->real_cred->user->processes) >= task_rlimit(p, RLIMIT_NPROC)) { if (p->real_cred->user != INIT_USER && -@@ -1446,6 +1501,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1449,6 +1519,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, goto bad_fork_free_pid; } @@ -85531,7 +86769,7 @@ index dfa736c..d170f9b 100644 if (likely(p->pid)) { ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace); -@@ -1532,6 +1592,8 @@ bad_fork_cleanup_count: +@@ -1537,6 +1612,8 @@ bad_fork_cleanup_count: bad_fork_free: free_task(p); fork_out: @@ -85540,7 +86778,7 @@ index dfa736c..d170f9b 100644 return ERR_PTR(retval); } -@@ -1593,6 +1655,7 @@ long do_fork(unsigned long clone_flags, +@@ -1598,6 +1675,7 @@ long do_fork(unsigned long clone_flags, p = copy_process(clone_flags, stack_start, stack_size, child_tidptr, NULL, trace); @@ -85548,7 +86786,7 @@ index dfa736c..d170f9b 100644 /* * Do this prior waking up the new thread - the thread pointer * might get invalid after that point, if the thread exits quickly. -@@ -1607,6 +1670,8 @@ long do_fork(unsigned long clone_flags, +@@ -1612,6 +1690,8 @@ long do_fork(unsigned long clone_flags, if (clone_flags & CLONE_PARENT_SETTID) put_user(nr, parent_tidptr); @@ -85557,7 +86795,7 @@ index dfa736c..d170f9b 100644 if (clone_flags & CLONE_VFORK) { p->vfork_done = &vfork; init_completion(&vfork); -@@ -1723,7 +1788,7 @@ void __init proc_caches_init(void) +@@ -1728,7 +1808,7 @@ void __init proc_caches_init(void) mm_cachep = kmem_cache_create("mm_struct", sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL); @@ -85566,7 +86804,7 @@ index dfa736c..d170f9b 100644 mmap_init(); nsproxy_cache_init(); } -@@ -1763,7 +1828,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) +@@ -1768,7 +1848,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) return 0; /* don't need lock here; in the worst case we'll do useless copy */ @@ -85575,7 +86813,7 @@ index dfa736c..d170f9b 100644 return 0; *new_fsp = copy_fs_struct(fs); -@@ -1870,7 +1935,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -1875,7 +1955,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) fs = current->fs; spin_lock(&fs->lock); current->fs = new_fs; @@ -85586,7 +86824,7 @@ index dfa736c..d170f9b 100644 else new_fs = fs; diff --git a/kernel/futex.c b/kernel/futex.c -index f6ff019..ac53307 100644 +index 6801b37..bb6becca 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -54,6 +54,7 @@ @@ -85597,7 +86835,7 @@ index f6ff019..ac53307 100644 #include <linux/signal.h> #include <linux/export.h> #include <linux/magic.h> -@@ -243,6 +244,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw) +@@ -380,6 +381,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw) struct page *page, *page_head; int err, ro = 0; @@ -85609,7 +86847,7 @@ index f6ff019..ac53307 100644 /* * The futex address must be "naturally" aligned. */ -@@ -442,7 +448,7 @@ static int cmpxchg_futex_value_locked(u32 *curval, u32 __user *uaddr, +@@ -579,7 +585,7 @@ static int cmpxchg_futex_value_locked(u32 *curval, u32 __user *uaddr, static int get_futex_value_locked(u32 *dest, u32 __user *from) { @@ -85618,15 +86856,15 @@ index f6ff019..ac53307 100644 pagefault_disable(); ret = __copy_from_user_inatomic(dest, from, sizeof(u32)); -@@ -2735,6 +2741,7 @@ static int __init futex_init(void) +@@ -2886,6 +2892,7 @@ static void __init futex_detect_cmpxchg(void) { + #ifndef CONFIG_HAVE_FUTEX_CMPXCHG u32 curval; - int i; + mm_segment_t oldfs; /* * This will fail and we want it. Some arch implementations do -@@ -2746,8 +2753,11 @@ static int __init futex_init(void) +@@ -2897,8 +2904,11 @@ static void __init futex_detect_cmpxchg(void) * implementation, the non-functional ones will return * -ENOSYS. */ @@ -85635,9 +86873,9 @@ index f6ff019..ac53307 100644 if (cmpxchg_futex_value_locked(&curval, NULL, 0, 0) == -EFAULT) futex_cmpxchg_enabled = 1; + set_fs(oldfs); + #endif + } - for (i = 0; i < ARRAY_SIZE(futex_queues); i++) { - plist_head_init(&futex_queues[i].chain); diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c index f9f44fd..29885e4 100644 --- a/kernel/futex_compat.c @@ -85677,10 +86915,10 @@ index f45b75b..bfac6d5 100644 if (gcov_events_enabled) gcov_event(GCOV_REMOVE, info); diff --git a/kernel/hrtimer.c b/kernel/hrtimer.c -index 383319b..56ebb13 100644 +index 0909436..6037d22 100644 --- a/kernel/hrtimer.c +++ b/kernel/hrtimer.c -@@ -1438,7 +1438,7 @@ void hrtimer_peek_ahead_timers(void) +@@ -1439,7 +1439,7 @@ void hrtimer_peek_ahead_timers(void) local_irq_restore(flags); } @@ -85875,10 +87113,10 @@ index e30ac0f..3528cac 100644 /* diff --git a/kernel/kexec.c b/kernel/kexec.c -index 9c97016..df438f8 100644 +index 60bafbe..a120f4f 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c -@@ -1044,7 +1044,8 @@ asmlinkage long compat_sys_kexec_load(unsigned long entry, +@@ -1045,7 +1045,8 @@ asmlinkage long compat_sys_kexec_load(unsigned long entry, unsigned long flags) { struct compat_kexec_segment in; @@ -85889,7 +87127,7 @@ index 9c97016..df438f8 100644 /* Don't allow clients that don't understand the native diff --git a/kernel/kmod.c b/kernel/kmod.c -index b086006..b66f630 100644 +index 6b375af..eaff670 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -75,7 +75,7 @@ static void free_modprobe_argv(struct subprocess_info *info) @@ -86041,7 +87279,7 @@ index b086006..b66f630 100644 @@ -240,8 +307,8 @@ static int ____call_usermodehelper(void *data) commit_creds(new); - retval = do_execve(sub_info->path, + retval = do_execve(getname_kernel(sub_info->path), - (const char __user *const __user *)sub_info->argv, - (const char __user *const __user *)sub_info->envp); + (const char __user *const __force_user *)sub_info->argv, @@ -86135,7 +87373,7 @@ index ceeadfc..11c18b6 100644 if (!pp) diff --git a/kernel/ksysfs.c b/kernel/ksysfs.c -index 9659d38..bffd520 100644 +index d945a94..0b7f45f 100644 --- a/kernel/ksysfs.c +++ b/kernel/ksysfs.c @@ -46,6 +46,8 @@ static ssize_t uevent_helper_store(struct kobject *kobj, @@ -86157,10 +87395,10 @@ index 9659d38..bffd520 100644 .name = "notes", .mode = S_IRUGO, diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c -index 576ba75..7c256e4 100644 +index eb8a547..321d8e1 100644 --- a/kernel/locking/lockdep.c +++ b/kernel/locking/lockdep.c -@@ -596,6 +596,10 @@ static int static_obj(void *obj) +@@ -597,6 +597,10 @@ static int static_obj(void *obj) end = (unsigned long) &_end, addr = (unsigned long) obj; @@ -86171,7 +87409,7 @@ index 576ba75..7c256e4 100644 /* * static variable? */ -@@ -736,6 +740,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) +@@ -738,6 +742,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) if (!static_obj(lock->key)) { debug_locks_off(); printk("INFO: trying to register non-static key.\n"); @@ -86179,7 +87417,7 @@ index 576ba75..7c256e4 100644 printk("the code is fine but needs lockdep annotation.\n"); printk("turning off the locking correctness validator.\n"); dump_stack(); -@@ -3080,7 +3085,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, +@@ -3082,7 +3087,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, if (!class) return 0; } @@ -86238,7 +87476,7 @@ index ef43ac4..2720dfa 100644 seq_printf(m, "%40s %14lu %29s %pS\n", name, stats->contending_point[i], diff --git a/kernel/locking/mutex-debug.c b/kernel/locking/mutex-debug.c -index 7e3443f..b2a1e6b 100644 +index faf6f5b..dc9070a 100644 --- a/kernel/locking/mutex-debug.c +++ b/kernel/locking/mutex-debug.c @@ -49,21 +49,21 @@ void debug_mutex_free_waiter(struct mutex_waiter *waiter) @@ -86429,7 +87667,7 @@ index 1d96dd0..994ff19 100644 default: diff --git a/kernel/module.c b/kernel/module.c -index f5a3b1e..97ebb15 100644 +index d24fcf2..2af3fd9 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -61,6 +61,7 @@ @@ -86477,7 +87715,7 @@ index f5a3b1e..97ebb15 100644 pr_warn("%s: per-cpu alignment %li > %li\n", mod->name, align, PAGE_SIZE); align = PAGE_SIZE; -@@ -1064,7 +1066,7 @@ struct module_attribute module_uevent = +@@ -1062,7 +1064,7 @@ struct module_attribute module_uevent = static ssize_t show_coresize(struct module_attribute *mattr, struct module_kobject *mk, char *buffer) { @@ -86486,7 +87724,7 @@ index f5a3b1e..97ebb15 100644 } static struct module_attribute modinfo_coresize = -@@ -1073,7 +1075,7 @@ static struct module_attribute modinfo_coresize = +@@ -1071,7 +1073,7 @@ static struct module_attribute modinfo_coresize = static ssize_t show_initsize(struct module_attribute *mattr, struct module_kobject *mk, char *buffer) { @@ -86495,7 +87733,7 @@ index f5a3b1e..97ebb15 100644 } static struct module_attribute modinfo_initsize = -@@ -1165,12 +1167,29 @@ static int check_version(Elf_Shdr *sechdrs, +@@ -1163,12 +1165,29 @@ static int check_version(Elf_Shdr *sechdrs, goto bad_version; } @@ -86525,7 +87763,7 @@ index f5a3b1e..97ebb15 100644 return 0; } -@@ -1286,7 +1305,7 @@ resolve_symbol_wait(struct module *mod, +@@ -1284,7 +1303,7 @@ resolve_symbol_wait(struct module *mod, */ #ifdef CONFIG_SYSFS @@ -86534,7 +87772,7 @@ index f5a3b1e..97ebb15 100644 static inline bool sect_empty(const Elf_Shdr *sect) { return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0; -@@ -1426,7 +1445,7 @@ static void add_notes_attrs(struct module *mod, const struct load_info *info) +@@ -1424,7 +1443,7 @@ static void add_notes_attrs(struct module *mod, const struct load_info *info) { unsigned int notes, loaded, i; struct module_notes_attrs *notes_attrs; @@ -86543,7 +87781,7 @@ index f5a3b1e..97ebb15 100644 /* failed to create section attributes, so can't create notes */ if (!mod->sect_attrs) -@@ -1538,7 +1557,7 @@ static void del_usage_links(struct module *mod) +@@ -1536,7 +1555,7 @@ static void del_usage_links(struct module *mod) static int module_add_modinfo_attrs(struct module *mod) { struct module_attribute *attr; @@ -86552,7 +87790,7 @@ index f5a3b1e..97ebb15 100644 int error = 0; int i; -@@ -1759,21 +1778,21 @@ static void set_section_ro_nx(void *base, +@@ -1757,21 +1776,21 @@ static void set_section_ro_nx(void *base, static void unset_module_core_ro_nx(struct module *mod) { @@ -86582,7 +87820,7 @@ index f5a3b1e..97ebb15 100644 set_memory_rw); } -@@ -1786,14 +1805,14 @@ void set_all_modules_text_rw(void) +@@ -1784,14 +1803,14 @@ void set_all_modules_text_rw(void) list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; @@ -86603,7 +87841,7 @@ index f5a3b1e..97ebb15 100644 set_memory_rw); } } -@@ -1809,14 +1828,14 @@ void set_all_modules_text_ro(void) +@@ -1807,14 +1826,14 @@ void set_all_modules_text_ro(void) list_for_each_entry_rcu(mod, &modules, list) { if (mod->state == MODULE_STATE_UNFORMED) continue; @@ -86624,7 +87862,7 @@ index f5a3b1e..97ebb15 100644 set_memory_ro); } } -@@ -1867,16 +1886,19 @@ static void free_module(struct module *mod) +@@ -1865,16 +1884,19 @@ static void free_module(struct module *mod) /* This may be NULL, but that's OK */ unset_module_init_ro_nx(mod); @@ -86647,7 +87885,7 @@ index f5a3b1e..97ebb15 100644 #ifdef CONFIG_MPU update_protections(current->mm); -@@ -1945,9 +1967,31 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) +@@ -1943,9 +1965,31 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) int ret = 0; const struct kernel_symbol *ksym; @@ -86679,7 +87917,7 @@ index f5a3b1e..97ebb15 100644 switch (sym[i].st_shndx) { case SHN_COMMON: /* We compiled with -fno-common. These are not -@@ -1968,7 +2012,9 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) +@@ -1966,7 +2010,9 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) ksym = resolve_symbol_wait(mod, info, name); /* Ok if resolved. */ if (ksym && !IS_ERR(ksym)) { @@ -86689,7 +87927,7 @@ index f5a3b1e..97ebb15 100644 break; } -@@ -1987,11 +2033,20 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) +@@ -1985,11 +2031,20 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) secbase = (unsigned long)mod_percpu(mod); else secbase = info->sechdrs[sym[i].st_shndx].sh_addr; @@ -86710,7 +87948,7 @@ index f5a3b1e..97ebb15 100644 return ret; } -@@ -2075,22 +2130,12 @@ static void layout_sections(struct module *mod, struct load_info *info) +@@ -2073,22 +2128,12 @@ static void layout_sections(struct module *mod, struct load_info *info) || s->sh_entsize != ~0UL || strstarts(sname, ".init")) continue; @@ -86737,7 +87975,7 @@ index f5a3b1e..97ebb15 100644 } pr_debug("Init section allocation order:\n"); -@@ -2104,23 +2149,13 @@ static void layout_sections(struct module *mod, struct load_info *info) +@@ -2102,23 +2147,13 @@ static void layout_sections(struct module *mod, struct load_info *info) || s->sh_entsize != ~0UL || !strstarts(sname, ".init")) continue; @@ -86766,7 +88004,7 @@ index f5a3b1e..97ebb15 100644 } } -@@ -2293,7 +2328,7 @@ static void layout_symtab(struct module *mod, struct load_info *info) +@@ -2291,7 +2326,7 @@ static void layout_symtab(struct module *mod, struct load_info *info) /* Put symbol section at end of init part of module. */ symsect->sh_flags |= SHF_ALLOC; @@ -86775,7 +88013,7 @@ index f5a3b1e..97ebb15 100644 info->index.sym) | INIT_OFFSET_MASK; pr_debug("\t%s\n", info->secstrings + symsect->sh_name); -@@ -2310,13 +2345,13 @@ static void layout_symtab(struct module *mod, struct load_info *info) +@@ -2308,13 +2343,13 @@ static void layout_symtab(struct module *mod, struct load_info *info) } /* Append room for core symbols at end of core part. */ @@ -86793,7 +88031,7 @@ index f5a3b1e..97ebb15 100644 info->index.str) | INIT_OFFSET_MASK; pr_debug("\t%s\n", info->secstrings + strsect->sh_name); } -@@ -2334,12 +2369,14 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) +@@ -2332,12 +2367,14 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) /* Make sure we get permanent strtab: don't use info->strtab. */ mod->strtab = (void *)info->sechdrs[info->index.str].sh_addr; @@ -86810,7 +88048,7 @@ index f5a3b1e..97ebb15 100644 src = mod->symtab; for (ndst = i = 0; i < mod->num_symtab; i++) { if (i == 0 || -@@ -2351,6 +2388,8 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) +@@ -2349,6 +2386,8 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) } } mod->core_num_syms = ndst; @@ -86819,7 +88057,7 @@ index f5a3b1e..97ebb15 100644 } #else static inline void layout_symtab(struct module *mod, struct load_info *info) -@@ -2384,17 +2423,33 @@ void * __weak module_alloc(unsigned long size) +@@ -2382,17 +2421,33 @@ void * __weak module_alloc(unsigned long size) return vmalloc_exec(size); } @@ -86858,7 +88096,7 @@ index f5a3b1e..97ebb15 100644 mutex_unlock(&module_mutex); } return ret; -@@ -2651,7 +2706,15 @@ static struct module *setup_load_info(struct load_info *info, int flags) +@@ -2649,7 +2704,15 @@ static struct module *setup_load_info(struct load_info *info, int flags) mod = (void *)info->sechdrs[info->index.mod].sh_addr; if (info->index.sym == 0) { @@ -86874,7 +88112,7 @@ index f5a3b1e..97ebb15 100644 return ERR_PTR(-ENOEXEC); } -@@ -2667,8 +2730,14 @@ static struct module *setup_load_info(struct load_info *info, int flags) +@@ -2665,8 +2728,14 @@ static struct module *setup_load_info(struct load_info *info, int flags) static int check_modinfo(struct module *mod, struct load_info *info, int flags) { const char *modmagic = get_modinfo(info, "vermagic"); @@ -86889,7 +88127,7 @@ index f5a3b1e..97ebb15 100644 if (flags & MODULE_INIT_IGNORE_VERMAGIC) modmagic = NULL; -@@ -2693,7 +2762,7 @@ static int check_modinfo(struct module *mod, struct load_info *info, int flags) +@@ -2691,7 +2760,7 @@ static int check_modinfo(struct module *mod, struct load_info *info, int flags) } /* Set up license info based on the info section */ @@ -86898,7 +88136,7 @@ index f5a3b1e..97ebb15 100644 return 0; } -@@ -2787,7 +2856,7 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2785,7 +2854,7 @@ static int move_module(struct module *mod, struct load_info *info) void *ptr; /* Do the allocs. */ @@ -86907,7 +88145,7 @@ index f5a3b1e..97ebb15 100644 /* * The pointer to this block is stored in the module structure * which is inside the block. Just mark it as not being a -@@ -2797,11 +2866,11 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2795,11 +2864,11 @@ static int move_module(struct module *mod, struct load_info *info) if (!ptr) return -ENOMEM; @@ -86923,7 +88161,7 @@ index f5a3b1e..97ebb15 100644 /* * The pointer to this block is stored in the module structure * which is inside the block. This block doesn't need to be -@@ -2810,13 +2879,45 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2808,13 +2877,45 @@ static int move_module(struct module *mod, struct load_info *info) */ kmemleak_ignore(ptr); if (!ptr) { @@ -86973,7 +88211,7 @@ index f5a3b1e..97ebb15 100644 /* Transfer each section which specifies SHF_ALLOC */ pr_debug("final section addresses:\n"); -@@ -2827,16 +2928,45 @@ static int move_module(struct module *mod, struct load_info *info) +@@ -2825,16 +2926,45 @@ static int move_module(struct module *mod, struct load_info *info) if (!(shdr->sh_flags & SHF_ALLOC)) continue; @@ -87026,7 +88264,7 @@ index f5a3b1e..97ebb15 100644 pr_debug("\t0x%lx %s\n", (long)shdr->sh_addr, info->secstrings + shdr->sh_name); } -@@ -2893,12 +3023,12 @@ static void flush_module_icache(const struct module *mod) +@@ -2891,12 +3021,12 @@ static void flush_module_icache(const struct module *mod) * Do it before processing of module parameters, so the module * can provide parameter accessor functions of its own. */ @@ -87045,7 +88283,7 @@ index f5a3b1e..97ebb15 100644 set_fs(old_fs); } -@@ -2955,8 +3085,10 @@ static struct module *layout_and_allocate(struct load_info *info, int flags) +@@ -2953,8 +3083,10 @@ static struct module *layout_and_allocate(struct load_info *info, int flags) static void module_deallocate(struct module *mod, struct load_info *info) { percpu_modfree(mod); @@ -87058,7 +88296,7 @@ index f5a3b1e..97ebb15 100644 } int __weak module_finalize(const Elf_Ehdr *hdr, -@@ -2969,7 +3101,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, +@@ -2967,7 +3099,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, static int post_relocation(struct module *mod, const struct load_info *info) { /* Sort exception table now relocations are done. */ @@ -87068,7 +88306,7 @@ index f5a3b1e..97ebb15 100644 /* Copy relocated percpu area over. */ percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr, -@@ -3023,16 +3157,16 @@ static int do_init_module(struct module *mod) +@@ -3021,16 +3155,16 @@ static int do_init_module(struct module *mod) MODULE_STATE_COMING, mod); /* Set RO and NX regions for core */ @@ -87093,7 +88331,7 @@ index f5a3b1e..97ebb15 100644 do_mod_ctors(mod); /* Start the module */ -@@ -3093,11 +3227,12 @@ static int do_init_module(struct module *mod) +@@ -3091,11 +3225,12 @@ static int do_init_module(struct module *mod) mod->strtab = mod->core_strtab; #endif unset_module_init_ro_nx(mod); @@ -87111,7 +88349,7 @@ index f5a3b1e..97ebb15 100644 mutex_unlock(&module_mutex); wake_up_all(&module_wq); -@@ -3240,9 +3375,38 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3238,9 +3373,38 @@ static int load_module(struct load_info *info, const char __user *uargs, if (err) goto free_unload; @@ -87150,7 +88388,7 @@ index f5a3b1e..97ebb15 100644 /* Fix up syms, so that st_value is a pointer to location. */ err = simplify_symbols(mod, info); if (err < 0) -@@ -3258,13 +3422,6 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3256,13 +3420,6 @@ static int load_module(struct load_info *info, const char __user *uargs, flush_module_icache(mod); @@ -87164,7 +88402,7 @@ index f5a3b1e..97ebb15 100644 dynamic_debug_setup(info->debug, info->num_debug); /* Finally it's fully formed, ready to start executing. */ -@@ -3299,11 +3456,10 @@ static int load_module(struct load_info *info, const char __user *uargs, +@@ -3297,11 +3454,10 @@ static int load_module(struct load_info *info, const char __user *uargs, ddebug_cleanup: dynamic_debug_remove(info->debug); synchronize_sched(); @@ -87177,7 +88415,7 @@ index f5a3b1e..97ebb15 100644 free_unload: module_unload_free(mod); unlink_mod: -@@ -3386,10 +3542,16 @@ static const char *get_ksymbol(struct module *mod, +@@ -3384,10 +3540,16 @@ static const char *get_ksymbol(struct module *mod, unsigned long nextval; /* At worse, next value is at end of module */ @@ -87197,7 +88435,7 @@ index f5a3b1e..97ebb15 100644 /* Scan for closest preceding symbol, and next symbol. (ELF starts real symbols at 1). */ -@@ -3640,7 +3802,7 @@ static int m_show(struct seq_file *m, void *p) +@@ -3638,7 +3800,7 @@ static int m_show(struct seq_file *m, void *p) return 0; seq_printf(m, "%s %u", @@ -87206,7 +88444,7 @@ index f5a3b1e..97ebb15 100644 print_unload_info(m, mod); /* Informative for users. */ -@@ -3649,7 +3811,7 @@ static int m_show(struct seq_file *m, void *p) +@@ -3647,7 +3809,7 @@ static int m_show(struct seq_file *m, void *p) mod->state == MODULE_STATE_COMING ? "Loading": "Live"); /* Used by oprofile and other similar tools. */ @@ -87215,7 +88453,7 @@ index f5a3b1e..97ebb15 100644 /* Taints info */ if (mod->taints) -@@ -3685,7 +3847,17 @@ static const struct file_operations proc_modules_operations = { +@@ -3683,7 +3845,17 @@ static const struct file_operations proc_modules_operations = { static int __init proc_modules_init(void) { @@ -87233,7 +88471,7 @@ index f5a3b1e..97ebb15 100644 return 0; } module_init(proc_modules_init); -@@ -3746,14 +3918,14 @@ struct module *__module_address(unsigned long addr) +@@ -3744,14 +3916,14 @@ struct module *__module_address(unsigned long addr) { struct module *mod; @@ -87251,7 +88489,7 @@ index f5a3b1e..97ebb15 100644 return mod; } return NULL; -@@ -3788,11 +3960,20 @@ bool is_module_text_address(unsigned long addr) +@@ -3786,11 +3958,20 @@ bool is_module_text_address(unsigned long addr) */ struct module *__module_text_address(unsigned long addr) { @@ -87332,7 +88570,7 @@ index 2d5cc4c..d9ea600 100644 return -ENOENT; } diff --git a/kernel/padata.c b/kernel/padata.c -index 2abd25d..02c4faa 100644 +index 161402f..598814c 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -54,7 +54,7 @@ static int padata_cpu_hash(struct parallel_data *pd) @@ -87354,7 +88592,7 @@ index 2abd25d..02c4faa 100644 atomic_set(&pd->refcnt, 0); pd->pinst = pinst; diff --git a/kernel/panic.c b/kernel/panic.c -index c00b4ce..98c7d1a 100644 +index 6d63003..486a109 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -52,7 +52,7 @@ EXPORT_SYMBOL(panic_blink); @@ -87442,7 +88680,7 @@ index 9b9a266..c20ef80 100644 { struct pid *pid; diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c -index 06c62de..b08cc6c 100644 +index db95d8e..a0ca23f 100644 --- a/kernel/pid_namespace.c +++ b/kernel/pid_namespace.c @@ -253,7 +253,7 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write, @@ -87455,10 +88693,10 @@ index 06c62de..b08cc6c 100644 if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) return -EPERM; diff --git a/kernel/posix-cpu-timers.c b/kernel/posix-cpu-timers.c -index c7f31aa..2b44977 100644 +index 3b89464..5e38379 100644 --- a/kernel/posix-cpu-timers.c +++ b/kernel/posix-cpu-timers.c -@@ -1521,14 +1521,14 @@ struct k_clock clock_posix_cpu = { +@@ -1464,14 +1464,14 @@ struct k_clock clock_posix_cpu = { static __init int init_posix_cpu_timers(void) { @@ -87648,7 +88886,7 @@ index 06ec886..9dba35e 100644 if (pm_wakeup_pending()) { diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c -index be7c86b..b972b27 100644 +index 4dae9cb..039ffbb 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -385,6 +385,11 @@ static int check_syslog_permissions(int type, bool from_file) @@ -87663,24 +88901,8 @@ index be7c86b..b972b27 100644 if (syslog_action_restricted(type)) { if (capable(CAP_SYSLOG)) return 0; -@@ -1080,7 +1085,6 @@ static int syslog_print_all(char __user *buf, int size, bool clear) - next_seq = log_next_seq; - - len = 0; -- prev = 0; - while (len >= 0 && seq < next_seq) { - struct printk_log *msg = log_from_idx(idx); - int textlen; -@@ -2789,7 +2793,6 @@ bool kmsg_dump_get_buffer(struct kmsg_dumper *dumper, bool syslog, - next_idx = idx; - - l = 0; -- prev = 0; - while (seq < dumper->next_seq) { - struct printk_log *msg = log_from_idx(idx); - diff --git a/kernel/profile.c b/kernel/profile.c -index 6631e1e..310c266 100644 +index ebdd9c1..612ee05 100644 --- a/kernel/profile.c +++ b/kernel/profile.c @@ -37,7 +37,7 @@ struct profile_hit { @@ -87836,7 +89058,7 @@ index 1f4bcb3..99cf7ab 100644 } diff --git a/kernel/rcu/srcu.c b/kernel/rcu/srcu.c -index 01d5ccb..cdcbee6 100644 +index 3318d82..1a5b2d1 100644 --- a/kernel/rcu/srcu.c +++ b/kernel/rcu/srcu.c @@ -300,9 +300,9 @@ int __srcu_read_lock(struct srcu_struct *sp) @@ -87874,10 +89096,10 @@ index 1254f31..16258dc 100644 __rcu_process_callbacks(&rcu_sched_ctrlblk); __rcu_process_callbacks(&rcu_bh_ctrlblk); diff --git a/kernel/rcu/torture.c b/kernel/rcu/torture.c -index 3929cd4..421624d 100644 +index 732f8ae..42c1919 100644 --- a/kernel/rcu/torture.c +++ b/kernel/rcu/torture.c -@@ -176,12 +176,12 @@ static DEFINE_PER_CPU(long [RCU_TORTURE_PIPE_LEN + 1], rcu_torture_count) = +@@ -174,12 +174,12 @@ static DEFINE_PER_CPU(long [RCU_TORTURE_PIPE_LEN + 1], rcu_torture_count) = { 0 }; static DEFINE_PER_CPU(long [RCU_TORTURE_PIPE_LEN + 1], rcu_torture_batch) = { 0 }; @@ -87896,7 +89118,7 @@ index 3929cd4..421624d 100644 static long n_rcu_torture_barrier_error; static long n_rcu_torture_boost_ktrerror; static long n_rcu_torture_boost_rterror; -@@ -299,11 +299,11 @@ rcu_torture_alloc(void) +@@ -297,11 +297,11 @@ rcu_torture_alloc(void) spin_lock_bh(&rcu_torture_lock); if (list_empty(&rcu_torture_freelist)) { @@ -87910,7 +89132,7 @@ index 3929cd4..421624d 100644 p = rcu_torture_freelist.next; list_del_init(p); spin_unlock_bh(&rcu_torture_lock); -@@ -316,7 +316,7 @@ rcu_torture_alloc(void) +@@ -314,7 +314,7 @@ rcu_torture_alloc(void) static void rcu_torture_free(struct rcu_torture *p) { @@ -87919,7 +89141,7 @@ index 3929cd4..421624d 100644 spin_lock_bh(&rcu_torture_lock); list_add_tail(&p->rtort_free, &rcu_torture_freelist); spin_unlock_bh(&rcu_torture_lock); -@@ -437,7 +437,7 @@ rcu_torture_cb(struct rcu_head *p) +@@ -435,7 +435,7 @@ rcu_torture_cb(struct rcu_head *p) i = rp->rtort_pipe_count; if (i > RCU_TORTURE_PIPE_LEN) i = RCU_TORTURE_PIPE_LEN; @@ -87928,7 +89150,7 @@ index 3929cd4..421624d 100644 if (++rp->rtort_pipe_count >= RCU_TORTURE_PIPE_LEN) { rp->rtort_mbtest = 0; rcu_torture_free(rp); -@@ -827,7 +827,7 @@ rcu_torture_writer(void *arg) +@@ -823,7 +823,7 @@ rcu_torture_writer(void *arg) i = old_rp->rtort_pipe_count; if (i > RCU_TORTURE_PIPE_LEN) i = RCU_TORTURE_PIPE_LEN; @@ -87937,7 +89159,7 @@ index 3929cd4..421624d 100644 old_rp->rtort_pipe_count++; if (gp_normal == gp_exp) exp = !!(rcu_random(&rand) & 0x80); -@@ -845,7 +845,7 @@ rcu_torture_writer(void *arg) +@@ -841,7 +841,7 @@ rcu_torture_writer(void *arg) i = rp->rtort_pipe_count; if (i > RCU_TORTURE_PIPE_LEN) i = RCU_TORTURE_PIPE_LEN; @@ -87946,7 +89168,7 @@ index 3929cd4..421624d 100644 if (++rp->rtort_pipe_count >= RCU_TORTURE_PIPE_LEN) { rp->rtort_mbtest = 0; -@@ -944,7 +944,7 @@ static void rcu_torture_timer(unsigned long unused) +@@ -940,7 +940,7 @@ static void rcu_torture_timer(unsigned long unused) return; } if (p->rtort_mbtest == 0) @@ -87955,7 +89177,7 @@ index 3929cd4..421624d 100644 spin_lock(&rand_lock); cur_ops->read_delay(&rand); n_rcu_torture_timers++; -@@ -1014,7 +1014,7 @@ rcu_torture_reader(void *arg) +@@ -1010,7 +1010,7 @@ rcu_torture_reader(void *arg) continue; } if (p->rtort_mbtest == 0) @@ -87964,7 +89186,12 @@ index 3929cd4..421624d 100644 cur_ops->read_delay(&rand); preempt_disable(); pipe_count = p->rtort_pipe_count; -@@ -1077,11 +1077,11 @@ rcu_torture_printk(char *page) +@@ -1068,15 +1068,15 @@ rcu_torture_printk(char *page) + } + page += sprintf(page, "%s%s ", torture_type, TORTURE_FLAG); + page += sprintf(page, +- "rtc: %p ver: %lu tfle: %d rta: %d rtaf: %d rtf: %d ", ++ "rtc: %pP ver: %lu tfle: %d rta: %d rtaf: %d rtf: %d ", rcu_torture_current, rcu_torture_current_version, list_empty(&rcu_torture_freelist), @@ -87974,16 +89201,16 @@ index 3929cd4..421624d 100644 + atomic_read_unchecked(&n_rcu_torture_alloc), + atomic_read_unchecked(&n_rcu_torture_alloc_fail), + atomic_read_unchecked(&n_rcu_torture_free)); - cnt += sprintf(&page[cnt], "rtmbe: %d rtbke: %ld rtbre: %ld ", + page += sprintf(page, "rtmbe: %d rtbke: %ld rtbre: %ld ", - atomic_read(&n_rcu_torture_mberror), + atomic_read_unchecked(&n_rcu_torture_mberror), n_rcu_torture_boost_ktrerror, n_rcu_torture_boost_rterror); - cnt += sprintf(&page[cnt], "rtbf: %ld rtb: %ld nt: %ld ", -@@ -1100,14 +1100,14 @@ rcu_torture_printk(char *page) + page += sprintf(page, "rtbf: %ld rtb: %ld nt: %ld ", +@@ -1095,14 +1095,14 @@ rcu_torture_printk(char *page) n_barrier_attempts, n_rcu_torture_barrier_error); - cnt += sprintf(&page[cnt], "\n%s%s ", torture_type, TORTURE_FLAG); + page += sprintf(page, "\n%s%s ", torture_type, TORTURE_FLAG); - if (atomic_read(&n_rcu_torture_mberror) != 0 || + if (atomic_read_unchecked(&n_rcu_torture_mberror) != 0 || n_rcu_torture_barrier_error != 0 || @@ -87991,22 +89218,22 @@ index 3929cd4..421624d 100644 n_rcu_torture_boost_rterror != 0 || n_rcu_torture_boost_failure != 0 || i > 1) { - cnt += sprintf(&page[cnt], "!!! "); + page += sprintf(page, "!!! "); - atomic_inc(&n_rcu_torture_error); + atomic_inc_unchecked(&n_rcu_torture_error); WARN_ON_ONCE(1); } - cnt += sprintf(&page[cnt], "Reader Pipe: "); -@@ -1121,7 +1121,7 @@ rcu_torture_printk(char *page) - cnt += sprintf(&page[cnt], "Free-Block Circulation: "); + page += sprintf(page, "Reader Pipe: "); +@@ -1116,7 +1116,7 @@ rcu_torture_printk(char *page) + page += sprintf(page, "Free-Block Circulation: "); for (i = 0; i < RCU_TORTURE_PIPE_LEN + 1; i++) { - cnt += sprintf(&page[cnt], " %d", + page += sprintf(page, " %d", - atomic_read(&rcu_torture_wcount[i])); + atomic_read_unchecked(&rcu_torture_wcount[i])); } - cnt += sprintf(&page[cnt], "\n"); + page += sprintf(page, "\n"); if (cur_ops->stats) -@@ -1836,7 +1836,7 @@ rcu_torture_cleanup(void) +@@ -1839,7 +1839,7 @@ rcu_torture_cleanup(void) rcu_torture_stats_print(); /* -After- the stats thread is stopped! */ @@ -88015,7 +89242,7 @@ index 3929cd4..421624d 100644 rcu_torture_print_module_parms(cur_ops, "End of test: FAILURE"); else if (n_online_successes != n_online_attempts || n_offline_successes != n_offline_attempts) -@@ -1958,18 +1958,18 @@ rcu_torture_init(void) +@@ -1961,18 +1961,18 @@ rcu_torture_init(void) rcu_torture_current = NULL; rcu_torture_current_version = 0; @@ -88041,10 +89268,10 @@ index 3929cd4..421624d 100644 for (i = 0; i < RCU_TORTURE_PIPE_LEN + 1; i++) { per_cpu(rcu_torture_count, cpu)[i] = 0; diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c -index dd08198..5ccccbe 100644 +index b3d116c..ebf6598 100644 --- a/kernel/rcu/tree.c +++ b/kernel/rcu/tree.c -@@ -383,9 +383,9 @@ static void rcu_eqs_enter_common(struct rcu_dynticks *rdtp, long long oldval, +@@ -390,9 +390,9 @@ static void rcu_eqs_enter_common(struct rcu_dynticks *rdtp, long long oldval, rcu_prepare_for_idle(smp_processor_id()); /* CPUs seeing atomic_inc() must see prior RCU read-side crit sects */ smp_mb__before_atomic_inc(); /* See above. */ @@ -88056,7 +89283,7 @@ index dd08198..5ccccbe 100644 /* * It is illegal to enter an extended quiescent state while -@@ -502,10 +502,10 @@ static void rcu_eqs_exit_common(struct rcu_dynticks *rdtp, long long oldval, +@@ -510,10 +510,10 @@ static void rcu_eqs_exit_common(struct rcu_dynticks *rdtp, long long oldval, int user) { smp_mb__before_atomic_inc(); /* Force ordering w/previous sojourn. */ @@ -88069,7 +89296,7 @@ index dd08198..5ccccbe 100644 rcu_cleanup_after_idle(smp_processor_id()); trace_rcu_dyntick(TPS("End"), oldval, rdtp->dynticks_nesting); if (!user && !is_idle_task(current)) { -@@ -625,14 +625,14 @@ void rcu_nmi_enter(void) +@@ -634,14 +634,14 @@ void rcu_nmi_enter(void) struct rcu_dynticks *rdtp = this_cpu_ptr(&rcu_dynticks); if (rdtp->dynticks_nmi_nesting == 0 && @@ -88087,7 +89314,7 @@ index dd08198..5ccccbe 100644 } /** -@@ -651,9 +651,9 @@ void rcu_nmi_exit(void) +@@ -660,9 +660,9 @@ void rcu_nmi_exit(void) return; /* CPUs seeing atomic_inc() must see prior RCU read-side crit sects */ smp_mb__before_atomic_inc(); /* See above. */ @@ -88099,7 +89326,7 @@ index dd08198..5ccccbe 100644 } /** -@@ -666,7 +666,7 @@ void rcu_nmi_exit(void) +@@ -675,7 +675,7 @@ void rcu_nmi_exit(void) */ bool notrace __rcu_is_watching(void) { @@ -88108,7 +89335,7 @@ index dd08198..5ccccbe 100644 } /** -@@ -749,7 +749,7 @@ static int rcu_is_cpu_rrupt_from_idle(void) +@@ -758,7 +758,7 @@ static int rcu_is_cpu_rrupt_from_idle(void) static int dyntick_save_progress_counter(struct rcu_data *rdp, bool *isidle, unsigned long *maxj) { @@ -88117,7 +89344,7 @@ index dd08198..5ccccbe 100644 rcu_sysidle_check_cpu(rdp, isidle, maxj); return (rdp->dynticks_snap & 0x1) == 0; } -@@ -766,7 +766,7 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, +@@ -781,7 +781,7 @@ static int rcu_implicit_dynticks_qs(struct rcu_data *rdp, unsigned int curr; unsigned int snap; @@ -88126,7 +89353,7 @@ index dd08198..5ccccbe 100644 snap = (unsigned int)rdp->dynticks_snap; /* -@@ -1412,9 +1412,9 @@ static int rcu_gp_init(struct rcu_state *rsp) +@@ -1450,9 +1450,9 @@ static int rcu_gp_init(struct rcu_state *rsp) rdp = this_cpu_ptr(rsp->rda); rcu_preempt_check_blocked_tasks(rnp); rnp->qsmask = rnp->qsmaskinit; @@ -88138,16 +89365,16 @@ index dd08198..5ccccbe 100644 if (rnp == rdp->mynode) __note_gp_changes(rsp, rnp, rdp); rcu_preempt_boost_start_gp(rnp); -@@ -1505,7 +1505,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) - */ +@@ -1546,7 +1546,7 @@ static void rcu_gp_cleanup(struct rcu_state *rsp) rcu_for_each_node_breadth_first(rsp, rnp) { raw_spin_lock_irq(&rnp->lock); + smp_mb__after_unlock_lock(); - ACCESS_ONCE(rnp->completed) = rsp->gpnum; + ACCESS_ONCE_RW(rnp->completed) = rsp->gpnum; rdp = this_cpu_ptr(rsp->rda); if (rnp == rdp->mynode) __note_gp_changes(rsp, rnp, rdp); -@@ -1865,7 +1865,7 @@ rcu_send_cbs_to_orphanage(int cpu, struct rcu_state *rsp, +@@ -1912,7 +1912,7 @@ rcu_send_cbs_to_orphanage(int cpu, struct rcu_state *rsp, rsp->qlen += rdp->qlen; rdp->n_cbs_orphaned += rdp->qlen; rdp->qlen_lazy = 0; @@ -88156,7 +89383,7 @@ index dd08198..5ccccbe 100644 } /* -@@ -2111,7 +2111,7 @@ static void rcu_do_batch(struct rcu_state *rsp, struct rcu_data *rdp) +@@ -2159,7 +2159,7 @@ static void rcu_do_batch(struct rcu_state *rsp, struct rcu_data *rdp) } smp_mb(); /* List handling before counting for rcu_barrier(). */ rdp->qlen_lazy -= count_lazy; @@ -88165,7 +89392,7 @@ index dd08198..5ccccbe 100644 rdp->n_cbs_invoked += count; /* Reinstate batch limit if we have worked down the excess. */ -@@ -2308,7 +2308,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) +@@ -2362,7 +2362,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) /* * Do RCU core processing for the current CPU. */ @@ -88174,7 +89401,7 @@ index dd08198..5ccccbe 100644 { struct rcu_state *rsp; -@@ -2415,7 +2415,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), +@@ -2470,7 +2470,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), WARN_ON_ONCE((unsigned long)head & 0x3); /* Misaligned rcu_head! */ if (debug_rcu_head_queue(head)) { /* Probable double call_rcu(), so leak the callback. */ @@ -88183,7 +89410,7 @@ index dd08198..5ccccbe 100644 WARN_ONCE(1, "__call_rcu(): Leaked duplicate callback\n"); return; } -@@ -2443,7 +2443,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), +@@ -2498,7 +2498,7 @@ __call_rcu(struct rcu_head *head, void (*func)(struct rcu_head *rcu), local_irq_restore(flags); return; } @@ -88192,7 +89419,7 @@ index dd08198..5ccccbe 100644 if (lazy) rdp->qlen_lazy++; else -@@ -2652,11 +2652,11 @@ void synchronize_sched_expedited(void) +@@ -2707,11 +2707,11 @@ void synchronize_sched_expedited(void) * counter wrap on a 32-bit system. Quite a few more CPUs would of * course be required on a 64-bit system. */ @@ -88206,7 +89433,7 @@ index dd08198..5ccccbe 100644 return; } -@@ -2664,7 +2664,7 @@ void synchronize_sched_expedited(void) +@@ -2719,7 +2719,7 @@ void synchronize_sched_expedited(void) * Take a ticket. Note that atomic_inc_return() implies a * full memory barrier. */ @@ -88215,7 +89442,7 @@ index dd08198..5ccccbe 100644 firstsnap = snap; get_online_cpus(); WARN_ON_ONCE(cpu_is_offline(raw_smp_processor_id())); -@@ -2677,14 +2677,14 @@ void synchronize_sched_expedited(void) +@@ -2732,14 +2732,14 @@ void synchronize_sched_expedited(void) synchronize_sched_expedited_cpu_stop, NULL) == -EAGAIN) { put_online_cpus(); @@ -88232,7 +89459,7 @@ index dd08198..5ccccbe 100644 return; } -@@ -2693,7 +2693,7 @@ void synchronize_sched_expedited(void) +@@ -2748,7 +2748,7 @@ void synchronize_sched_expedited(void) udelay(trycount * num_online_cpus()); } else { wait_rcu_gp(call_rcu_sched); @@ -88241,7 +89468,7 @@ index dd08198..5ccccbe 100644 return; } -@@ -2702,7 +2702,7 @@ void synchronize_sched_expedited(void) +@@ -2757,7 +2757,7 @@ void synchronize_sched_expedited(void) if (ULONG_CMP_GE((ulong)s, (ulong)firstsnap)) { /* ensure test happens before caller kfree */ smp_mb__before_atomic_inc(); /* ^^^ */ @@ -88250,7 +89477,7 @@ index dd08198..5ccccbe 100644 return; } -@@ -2714,10 +2714,10 @@ void synchronize_sched_expedited(void) +@@ -2769,10 +2769,10 @@ void synchronize_sched_expedited(void) * period works for us. */ get_online_cpus(); @@ -88263,7 +89490,7 @@ index dd08198..5ccccbe 100644 /* * Everyone up to our most recent fetch is covered by our grace -@@ -2726,16 +2726,16 @@ void synchronize_sched_expedited(void) +@@ -2781,16 +2781,16 @@ void synchronize_sched_expedited(void) * than we did already did their update. */ do { @@ -88283,7 +89510,7 @@ index dd08198..5ccccbe 100644 put_online_cpus(); } -@@ -2931,7 +2931,7 @@ static void _rcu_barrier(struct rcu_state *rsp) +@@ -2996,7 +2996,7 @@ static void _rcu_barrier(struct rcu_state *rsp) * ACCESS_ONCE() to prevent the compiler from speculating * the increment to precede the early-exit check. */ @@ -88292,7 +89519,7 @@ index dd08198..5ccccbe 100644 WARN_ON_ONCE((rsp->n_barrier_done & 0x1) != 1); _rcu_barrier_trace(rsp, "Inc1", -1, rsp->n_barrier_done); smp_mb(); /* Order ->n_barrier_done increment with below mechanism. */ -@@ -2981,7 +2981,7 @@ static void _rcu_barrier(struct rcu_state *rsp) +@@ -3046,7 +3046,7 @@ static void _rcu_barrier(struct rcu_state *rsp) /* Increment ->n_barrier_done to prevent duplicate work. */ smp_mb(); /* Keep increment after above mechanism. */ @@ -88301,7 +89528,7 @@ index dd08198..5ccccbe 100644 WARN_ON_ONCE((rsp->n_barrier_done & 0x1) != 0); _rcu_barrier_trace(rsp, "Inc2", -1, rsp->n_barrier_done); smp_mb(); /* Keep increment before caller's subsequent code. */ -@@ -3026,10 +3026,10 @@ rcu_boot_init_percpu_data(int cpu, struct rcu_state *rsp) +@@ -3091,10 +3091,10 @@ rcu_boot_init_percpu_data(int cpu, struct rcu_state *rsp) rdp->grpmask = 1UL << (cpu - rdp->mynode->grplo); init_callback_list(rdp); rdp->qlen_lazy = 0; @@ -88314,7 +89541,7 @@ index dd08198..5ccccbe 100644 rdp->cpu = cpu; rdp->rsp = rsp; rcu_boot_init_nocb_percpu_data(rdp); -@@ -3063,8 +3063,8 @@ rcu_init_percpu_data(int cpu, struct rcu_state *rsp, int preemptible) +@@ -3128,8 +3128,8 @@ rcu_init_percpu_data(int cpu, struct rcu_state *rsp, int preemptible) init_callback_list(rdp); /* Re-enable callbacks on this CPU. */ rdp->dynticks->dynticks_nesting = DYNTICK_TASK_EXIT_IDLE; rcu_sysidle_init_percpu_data(rdp->dynticks); @@ -88326,7 +89553,7 @@ index dd08198..5ccccbe 100644 /* Add CPU to rcu_node bitmasks. */ diff --git a/kernel/rcu/tree.h b/kernel/rcu/tree.h -index 52be957..365ded3 100644 +index 8c19873..bf83c57 100644 --- a/kernel/rcu/tree.h +++ b/kernel/rcu/tree.h @@ -87,11 +87,11 @@ struct rcu_dynticks { @@ -88343,7 +89570,7 @@ index 52be957..365ded3 100644 /* "Idle" excludes userspace execution. */ unsigned long dynticks_idle_jiffies; /* End of last non-NMI non-idle period. */ -@@ -429,17 +429,17 @@ struct rcu_state { +@@ -431,17 +431,17 @@ struct rcu_state { /* _rcu_barrier(). */ /* End of fields guarded by barrier_mutex. */ @@ -88373,10 +89600,10 @@ index 52be957..365ded3 100644 unsigned long jiffies_force_qs; /* Time at which to invoke */ /* force_quiescent_state(). */ diff --git a/kernel/rcu/tree_plugin.h b/kernel/rcu/tree_plugin.h -index 08a7652..3598c7e 100644 +index 6e2ef4b..c15df94 100644 --- a/kernel/rcu/tree_plugin.h +++ b/kernel/rcu/tree_plugin.h -@@ -749,7 +749,7 @@ static int rcu_preempted_readers_exp(struct rcu_node *rnp) +@@ -758,7 +758,7 @@ static int rcu_preempted_readers_exp(struct rcu_node *rnp) static int sync_rcu_preempt_exp_done(struct rcu_node *rnp) { return !rcu_preempted_readers_exp(rnp) && @@ -88385,7 +89612,7 @@ index 08a7652..3598c7e 100644 } /* -@@ -905,7 +905,7 @@ void synchronize_rcu_expedited(void) +@@ -920,7 +920,7 @@ void synchronize_rcu_expedited(void) /* Clean up and exit. */ smp_mb(); /* ensure expedited GP seen before counter increment. */ @@ -88394,7 +89621,7 @@ index 08a7652..3598c7e 100644 unlock_mb_ret: mutex_unlock(&sync_rcu_preempt_exp_mutex); mb_ret: -@@ -1479,7 +1479,7 @@ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu) +@@ -1496,7 +1496,7 @@ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu) free_cpumask_var(cm); } @@ -88403,7 +89630,7 @@ index 08a7652..3598c7e 100644 .store = &rcu_cpu_kthread_task, .thread_should_run = rcu_cpu_kthread_should_run, .thread_fn = rcu_cpu_kthread, -@@ -1946,7 +1946,7 @@ static void print_cpu_stall_info(struct rcu_state *rsp, int cpu) +@@ -1965,7 +1965,7 @@ static void print_cpu_stall_info(struct rcu_state *rsp, int cpu) print_cpu_stall_fast_no_hz(fast_no_hz, cpu); pr_err("\t%d: (%lu %s) idle=%03x/%llx/%d softirq=%u/%u %s\n", cpu, ticks_value, ticks_title, @@ -88412,7 +89639,7 @@ index 08a7652..3598c7e 100644 rdtp->dynticks_nesting, rdtp->dynticks_nmi_nesting, rdp->softirq_snap, kstat_softirqs_cpu(RCU_SOFTIRQ, cpu), fast_no_hz); -@@ -2109,7 +2109,7 @@ static void __call_rcu_nocb_enqueue(struct rcu_data *rdp, +@@ -2129,7 +2129,7 @@ static void __call_rcu_nocb_enqueue(struct rcu_data *rdp, /* Enqueue the callback on the nocb list and update counts. */ old_rhpp = xchg(&rdp->nocb_tail, rhtp); @@ -88421,7 +89648,7 @@ index 08a7652..3598c7e 100644 atomic_long_add(rhcount, &rdp->nocb_q_count); atomic_long_add(rhcount_lazy, &rdp->nocb_q_count_lazy); -@@ -2272,12 +2272,12 @@ static int rcu_nocb_kthread(void *arg) +@@ -2302,12 +2302,12 @@ static int rcu_nocb_kthread(void *arg) * Extract queued callbacks, update counts, and wait * for a grace period to elapse. */ @@ -88437,7 +89664,7 @@ index 08a7652..3598c7e 100644 rcu_nocb_wait_gp(rdp); /* Each pass through the following loop invokes a callback. */ -@@ -2303,8 +2303,8 @@ static int rcu_nocb_kthread(void *arg) +@@ -2333,8 +2333,8 @@ static int rcu_nocb_kthread(void *arg) list = next; } trace_rcu_batch_end(rdp->rsp->name, c, !!list, 0, 0, 1); @@ -88448,7 +89675,16 @@ index 08a7652..3598c7e 100644 rdp->n_nocbs_invoked += c; } return 0; -@@ -2331,7 +2331,7 @@ static void __init rcu_spawn_nocb_kthreads(struct rcu_state *rsp) +@@ -2351,7 +2351,7 @@ static void do_nocb_deferred_wakeup(struct rcu_data *rdp) + { + if (!rcu_nocb_need_deferred_wakeup(rdp)) + return; +- ACCESS_ONCE(rdp->nocb_defer_wakeup) = false; ++ ACCESS_ONCE_RW(rdp->nocb_defer_wakeup) = false; + wake_up(&rdp->nocb_wq); + trace_rcu_nocb_wake(rdp->rsp->name, rdp->cpu, TPS("DeferredWakeEmpty")); + } +@@ -2377,7 +2377,7 @@ static void __init rcu_spawn_nocb_kthreads(struct rcu_state *rsp) t = kthread_run(rcu_nocb_kthread, rdp, "rcuo%c/%d", rsp->abbr, cpu); BUG_ON(IS_ERR(t)); @@ -88457,7 +89693,7 @@ index 08a7652..3598c7e 100644 } } -@@ -2457,11 +2457,11 @@ static void rcu_sysidle_enter(struct rcu_dynticks *rdtp, int irq) +@@ -2513,11 +2513,11 @@ static void rcu_sysidle_enter(struct rcu_dynticks *rdtp, int irq) /* Record start of fully idle period. */ j = jiffies; @@ -88472,7 +89708,7 @@ index 08a7652..3598c7e 100644 } /* -@@ -2526,9 +2526,9 @@ static void rcu_sysidle_exit(struct rcu_dynticks *rdtp, int irq) +@@ -2582,9 +2582,9 @@ static void rcu_sysidle_exit(struct rcu_dynticks *rdtp, int irq) /* Record end of idle period. */ smp_mb__before_atomic_inc(); @@ -88484,7 +89720,7 @@ index 08a7652..3598c7e 100644 /* * If we are the timekeeping CPU, we are permitted to be non-idle -@@ -2569,7 +2569,7 @@ static void rcu_sysidle_check_cpu(struct rcu_data *rdp, bool *isidle, +@@ -2625,7 +2625,7 @@ static void rcu_sysidle_check_cpu(struct rcu_data *rdp, bool *isidle, WARN_ON_ONCE(smp_processor_id() != tick_do_timer_cpu); /* Pick up current idle and NMI-nesting counter and check. */ @@ -88493,7 +89729,7 @@ index 08a7652..3598c7e 100644 if (cur & 0x1) { *isidle = false; /* We are not idle! */ return; -@@ -2632,7 +2632,7 @@ static void rcu_sysidle(unsigned long j) +@@ -2688,7 +2688,7 @@ static void rcu_sysidle(unsigned long j) case RCU_SYSIDLE_NOT: /* First time all are idle, so note a short idle period. */ @@ -88502,7 +89738,7 @@ index 08a7652..3598c7e 100644 break; case RCU_SYSIDLE_SHORT: -@@ -2669,7 +2669,7 @@ static void rcu_sysidle(unsigned long j) +@@ -2725,7 +2725,7 @@ static void rcu_sysidle(unsigned long j) static void rcu_sysidle_cancel(void) { smp_mb(); @@ -88511,7 +89747,7 @@ index 08a7652..3598c7e 100644 } /* -@@ -2717,7 +2717,7 @@ static void rcu_sysidle_cb(struct rcu_head *rhp) +@@ -2773,7 +2773,7 @@ static void rcu_sysidle_cb(struct rcu_head *rhp) smp_mb(); /* grace period precedes setting inuse. */ rshp = container_of(rhp, struct rcu_sysidle_head, rh); @@ -88521,7 +89757,7 @@ index 08a7652..3598c7e 100644 /* diff --git a/kernel/rcu/tree_trace.c b/kernel/rcu/tree_trace.c -index 3596797..f78391c 100644 +index 4def475..8ffddde 100644 --- a/kernel/rcu/tree_trace.c +++ b/kernel/rcu/tree_trace.c @@ -121,7 +121,7 @@ static void print_one_rcu_data(struct seq_file *m, struct rcu_data *rdp) @@ -88562,10 +89798,10 @@ index 3596797..f78391c 100644 } diff --git a/kernel/rcu/update.c b/kernel/rcu/update.c -index 6cb3dff..dc5710f 100644 +index c54609f..2e8829c 100644 --- a/kernel/rcu/update.c +++ b/kernel/rcu/update.c -@@ -318,10 +318,10 @@ int rcu_jiffies_till_stall_check(void) +@@ -312,10 +312,10 @@ int rcu_jiffies_till_stall_check(void) * for CONFIG_RCU_CPU_STALL_TIMEOUT. */ if (till_stall_check < 3) { @@ -88655,10 +89891,10 @@ index a63f4dc..349bbb0 100644 unsigned long timeout) { diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index c677510..132bb14 100644 +index f5c6635..7133356 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c -@@ -1768,7 +1768,7 @@ void set_numabalancing_state(bool enabled) +@@ -1775,7 +1775,7 @@ void set_numabalancing_state(bool enabled) int sysctl_numa_balancing(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -88667,7 +89903,19 @@ index c677510..132bb14 100644 int err; int state = numabalancing_enabled; -@@ -2893,6 +2893,8 @@ int can_nice(const struct task_struct *p, const int nice) +@@ -2251,8 +2251,10 @@ context_switch(struct rq *rq, struct task_struct *prev, + next->active_mm = oldmm; + atomic_inc(&oldmm->mm_count); + enter_lazy_tlb(oldmm, next); +- } else ++ } else { + switch_mm(oldmm, mm, next); ++ populate_stack(); ++ } + + if (!prev->mm) { + prev->active_mm = NULL; +@@ -3049,6 +3051,8 @@ int can_nice(const struct task_struct *p, const int nice) /* convert nice value [19,-20] to rlimit style value [1,40] */ int nice_rlim = 20 - nice; @@ -88676,7 +89924,7 @@ index c677510..132bb14 100644 return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || capable(CAP_SYS_NICE)); } -@@ -2926,7 +2928,8 @@ SYSCALL_DEFINE1(nice, int, increment) +@@ -3082,7 +3086,8 @@ SYSCALL_DEFINE1(nice, int, increment) if (nice > 19) nice = 19; @@ -88686,15 +89934,27 @@ index c677510..132bb14 100644 return -EPERM; retval = security_task_setnice(current, nice); -@@ -3088,6 +3091,7 @@ recheck: - unsigned long rlim_rtprio = - task_rlimit(p, RLIMIT_RTPRIO); - -+ gr_learn_resource(p, RLIMIT_RTPRIO, param->sched_priority, 1); - /* can't set/change the rt policy */ +@@ -3332,6 +3337,7 @@ recheck: if (policy != p->policy && !rlim_rtprio) return -EPERM; -@@ -4254,7 +4258,7 @@ static void migrate_tasks(unsigned int dead_cpu) + ++ gr_learn_resource(p, RLIMIT_RTPRIO, attr->sched_priority, 1); + /* can't increase priority */ + if (attr->sched_priority > p->rt_priority && + attr->sched_priority > rlim_rtprio) +@@ -4702,8 +4708,10 @@ void idle_task_exit(void) + + BUG_ON(cpu_online(smp_processor_id())); + +- if (mm != &init_mm) ++ if (mm != &init_mm) { + switch_mm(mm, &init_mm, current); ++ populate_stack(); ++ } + mmdrop(mm); + } + +@@ -4781,7 +4789,7 @@ static void migrate_tasks(unsigned int dead_cpu) #if defined(CONFIG_SCHED_DEBUG) && defined(CONFIG_SYSCTL) @@ -88703,7 +89963,7 @@ index c677510..132bb14 100644 { .procname = "sched_domain", .mode = 0555, -@@ -4271,17 +4275,17 @@ static struct ctl_table sd_ctl_root[] = { +@@ -4798,17 +4806,17 @@ static struct ctl_table sd_ctl_root[] = { {} }; @@ -88725,7 +89985,7 @@ index c677510..132bb14 100644 /* * In the intermediate directories, both the child directory and -@@ -4289,22 +4293,25 @@ static void sd_free_ctl_entry(struct ctl_table **tablep) +@@ -4816,22 +4824,25 @@ static void sd_free_ctl_entry(struct ctl_table **tablep) * will always be set. In the lowest directory the names are * static strings and all have proc handlers. */ @@ -88757,7 +90017,7 @@ index c677510..132bb14 100644 const char *procname, void *data, int maxlen, umode_t mode, proc_handler *proc_handler, bool load_idx) -@@ -4324,7 +4331,7 @@ set_table_entry(struct ctl_table *entry, +@@ -4851,7 +4862,7 @@ set_table_entry(struct ctl_table *entry, static struct ctl_table * sd_alloc_ctl_domain_table(struct sched_domain *sd) { @@ -88766,7 +90026,7 @@ index c677510..132bb14 100644 if (table == NULL) return NULL; -@@ -4359,9 +4366,9 @@ sd_alloc_ctl_domain_table(struct sched_domain *sd) +@@ -4886,9 +4897,9 @@ sd_alloc_ctl_domain_table(struct sched_domain *sd) return table; } @@ -88778,7 +90038,7 @@ index c677510..132bb14 100644 struct sched_domain *sd; int domain_num = 0, i; char buf[32]; -@@ -4388,11 +4395,13 @@ static struct ctl_table_header *sd_sysctl_header; +@@ -4915,11 +4926,13 @@ static struct ctl_table_header *sd_sysctl_header; static void register_sched_domain_sysctl(void) { int i, cpu_num = num_possible_cpus(); @@ -88793,7 +90053,7 @@ index c677510..132bb14 100644 if (entry == NULL) return; -@@ -4415,8 +4424,12 @@ static void unregister_sched_domain_sysctl(void) +@@ -4942,8 +4955,12 @@ static void unregister_sched_domain_sysctl(void) if (sd_sysctl_header) unregister_sysctl_table(sd_sysctl_header); sd_sysctl_header = NULL; @@ -88809,10 +90069,10 @@ index c677510..132bb14 100644 #else static void register_sched_domain_sysctl(void) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c -index ce501de..1805320 100644 +index 9b4c4f3..665489b 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c -@@ -1652,7 +1652,7 @@ void task_numa_fault(int last_cpupid, int node, int pages, int flags) +@@ -1647,7 +1647,7 @@ void task_numa_fault(int last_cpupid, int node, int pages, int flags) static void reset_ptenuma_scan(struct task_struct *p) { @@ -88821,20 +90081,20 @@ index ce501de..1805320 100644 p->mm->numa_scan_offset = 0; } -@@ -6863,7 +6863,7 @@ static void nohz_idle_balance(int this_cpu, enum cpu_idle_type idle) { } +@@ -6851,7 +6851,7 @@ static void nohz_idle_balance(struct rq *this_rq, enum cpu_idle_type idle) { } * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ -static void run_rebalance_domains(struct softirq_action *h) +static __latent_entropy void run_rebalance_domains(void) { - int this_cpu = smp_processor_id(); - struct rq *this_rq = cpu_rq(this_cpu); + struct rq *this_rq = this_rq(); + enum cpu_idle_type idle = this_rq->idle_balance ? diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h -index 88c85b2..a1dec86 100644 +index f964add..dcd823d 100644 --- a/kernel/sched/sched.h +++ b/kernel/sched/sched.h -@@ -1035,7 +1035,7 @@ struct sched_class { +@@ -1157,7 +1157,7 @@ struct sched_class { #ifdef CONFIG_FAIR_GROUP_SCHED void (*task_move_group) (struct task_struct *p, int on_rq); #endif @@ -88844,7 +90104,7 @@ index 88c85b2..a1dec86 100644 #define sched_class_highest (&stop_sched_class) #define for_each_class(class) \ diff --git a/kernel/signal.c b/kernel/signal.c -index 940b30e..7fd6041 100644 +index 52f881d..1e9f941 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -51,12 +51,12 @@ static struct kmem_cache *sigqueue_cachep; @@ -88970,7 +90230,7 @@ index 940b30e..7fd6041 100644 if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) { error = check_kill_permission(sig, info, p); /* -@@ -3240,8 +3271,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, +@@ -3239,8 +3270,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, } seg = get_fs(); set_fs(KERNEL_DS); @@ -89004,10 +90264,10 @@ index eb89e18..a4e6792 100644 mutex_unlock(&smpboot_threads_lock); put_online_cpus(); diff --git a/kernel/softirq.c b/kernel/softirq.c -index 11025cc..bc0e4dc 100644 +index 490fcbb..1e502c6 100644 --- a/kernel/softirq.c +++ b/kernel/softirq.c -@@ -50,11 +50,11 @@ irq_cpustat_t irq_stat[NR_CPUS] ____cacheline_aligned; +@@ -52,7 +52,7 @@ irq_cpustat_t irq_stat[NR_CPUS] ____cacheline_aligned; EXPORT_SYMBOL(irq_stat); #endif @@ -89016,21 +90276,16 @@ index 11025cc..bc0e4dc 100644 DEFINE_PER_CPU(struct task_struct *, ksoftirqd); --char *softirq_to_name[NR_SOFTIRQS] = { -+const char * const softirq_to_name[NR_SOFTIRQS] = { - "HI", "TIMER", "NET_TX", "NET_RX", "BLOCK", "BLOCK_IOPOLL", - "TASKLET", "SCHED", "HRTIMER", "RCU" - }; -@@ -250,7 +250,7 @@ restart: - kstat_incr_softirqs_this_cpu(vec_nr); - - trace_softirq_entry(vec_nr); -- h->action(h); -+ h->action(); - trace_softirq_exit(vec_nr); - if (unlikely(prev_count != preempt_count())) { - printk(KERN_ERR "huh, entered softirq %u %s %p" -@@ -419,7 +419,7 @@ void __raise_softirq_irqoff(unsigned int nr) +@@ -267,7 +267,7 @@ restart: + kstat_incr_softirqs_this_cpu(vec_nr); + + trace_softirq_entry(vec_nr); +- h->action(h); ++ h->action(); + trace_softirq_exit(vec_nr); + if (unlikely(prev_count != preempt_count())) { + pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n", +@@ -427,7 +427,7 @@ void __raise_softirq_irqoff(unsigned int nr) or_softirq_pending(1UL << nr); } @@ -89039,16 +90294,16 @@ index 11025cc..bc0e4dc 100644 { softirq_vec[nr].action = action; } -@@ -475,7 +475,7 @@ void __tasklet_hi_schedule_first(struct tasklet_struct *t) - +@@ -479,7 +479,7 @@ void __tasklet_hi_schedule_first(struct tasklet_struct *t) + } EXPORT_SYMBOL(__tasklet_hi_schedule_first); -static void tasklet_action(struct softirq_action *a) -+static __latent_entropy void tasklet_action(void) ++static void tasklet_action(void) { struct tasklet_struct *list; -@@ -510,7 +510,7 @@ static void tasklet_action(struct softirq_action *a) +@@ -515,7 +515,7 @@ static void tasklet_action(struct softirq_action *a) } } @@ -89057,7 +90312,7 @@ index 11025cc..bc0e4dc 100644 { struct tasklet_struct *list; -@@ -740,7 +740,7 @@ static struct notifier_block cpu_nfb = { +@@ -742,7 +742,7 @@ static struct notifier_block cpu_nfb = { .notifier_call = cpu_callback }; @@ -89067,7 +90322,7 @@ index 11025cc..bc0e4dc 100644 .thread_should_run = ksoftirqd_should_run, .thread_fn = run_ksoftirqd, diff --git a/kernel/sys.c b/kernel/sys.c -index c723113..46bf922 100644 +index c0a58be..784c618 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -148,6 +148,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) @@ -89190,7 +90445,7 @@ index c723113..46bf922 100644 abort_creds(new); return old_fsgid; -@@ -1168,19 +1204,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) +@@ -1167,19 +1203,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) return -EFAULT; down_read(&uts_sem); @@ -89215,7 +90470,7 @@ index c723113..46bf922 100644 __OLD_UTS_LEN); error |= __put_user(0, name->machine + __OLD_UTS_LEN); up_read(&uts_sem); -@@ -1382,6 +1418,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, +@@ -1381,6 +1417,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, */ new_rlim->rlim_cur = 1; } @@ -89230,18 +90485,18 @@ index c723113..46bf922 100644 if (!retval) { if (old_rlim) diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index 06962ba..a54d45e 100644 +index aae21e8..58d8c9a 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c -@@ -93,7 +93,6 @@ +@@ -94,7 +94,6 @@ #if defined(CONFIG_SYSCTL) - /* External variables not in a header file. */ - extern int sysctl_overcommit_memory; - extern int sysctl_overcommit_ratio; -@@ -119,17 +118,18 @@ extern int blk_iopoll_enabled; + extern int max_threads; + extern int suid_dumpable; +@@ -118,19 +117,18 @@ extern int blk_iopoll_enabled; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -89249,13 +90504,15 @@ index 06962ba..a54d45e 100644 +static int sixty __read_only = 60; #endif +-static int __maybe_unused neg_one = -1; +- -static int zero; -static int __maybe_unused one = 1; -static int __maybe_unused two = 2; -static int __maybe_unused three = 3; -static unsigned long one_ul = 1; -static int one_hundred = 100; -+static int neg_one __read_only = -1; ++static int __maybe_unused neg_one __read_only = -1; +static int zero __read_only = 0; +static int __maybe_unused one __read_only = 1; +static int __maybe_unused two __read_only = 2; @@ -89268,7 +90525,7 @@ index 06962ba..a54d45e 100644 #endif /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ -@@ -176,10 +176,8 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -182,10 +180,8 @@ static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif @@ -89279,7 +90536,7 @@ index 06962ba..a54d45e 100644 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); -@@ -210,6 +208,8 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, +@@ -216,6 +212,8 @@ static int sysrq_sysctl_handler(ctl_table *table, int write, #endif @@ -89288,7 +90545,7 @@ index 06962ba..a54d45e 100644 static struct ctl_table kern_table[]; static struct ctl_table vm_table[]; static struct ctl_table fs_table[]; -@@ -224,6 +224,20 @@ extern struct ctl_table epoll_table[]; +@@ -230,6 +228,20 @@ extern struct ctl_table epoll_table[]; int sysctl_legacy_va_layout; #endif @@ -89309,7 +90566,7 @@ index 06962ba..a54d45e 100644 /* The default sysctl tables: */ static struct ctl_table sysctl_base_table[] = { -@@ -272,6 +286,22 @@ static int max_extfrag_threshold = 1000; +@@ -278,6 +290,22 @@ static int max_extfrag_threshold = 1000; #endif static struct ctl_table kern_table[] = { @@ -89332,7 +90589,7 @@ index 06962ba..a54d45e 100644 { .procname = "sched_child_runs_first", .data = &sysctl_sched_child_runs_first, -@@ -629,7 +659,7 @@ static struct ctl_table kern_table[] = { +@@ -640,7 +668,7 @@ static struct ctl_table kern_table[] = { .data = &modprobe_path, .maxlen = KMOD_PATH_LEN, .mode = 0644, @@ -89341,7 +90598,7 @@ index 06962ba..a54d45e 100644 }, { .procname = "modules_disabled", -@@ -796,16 +826,20 @@ static struct ctl_table kern_table[] = { +@@ -807,16 +835,20 @@ static struct ctl_table kern_table[] = { .extra1 = &zero, .extra2 = &one, }, @@ -89363,7 +90620,7 @@ index 06962ba..a54d45e 100644 { .procname = "ngroups_max", .data = &ngroups_max, -@@ -1048,10 +1082,17 @@ static struct ctl_table kern_table[] = { +@@ -1061,10 +1093,17 @@ static struct ctl_table kern_table[] = { */ { .procname = "perf_event_paranoid", @@ -89384,7 +90641,7 @@ index 06962ba..a54d45e 100644 }, { .procname = "perf_event_mlock_kb", -@@ -1315,6 +1356,13 @@ static struct ctl_table vm_table[] = { +@@ -1335,6 +1374,13 @@ static struct ctl_table vm_table[] = { .proc_handler = proc_dointvec_minmax, .extra1 = &zero, }, @@ -89398,7 +90655,7 @@ index 06962ba..a54d45e 100644 #else { .procname = "nr_trim_pages", -@@ -1779,6 +1827,16 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -1799,6 +1845,16 @@ int proc_dostring(struct ctl_table *table, int write, buffer, lenp, ppos); } @@ -89415,7 +90672,7 @@ index 06962ba..a54d45e 100644 static size_t proc_skip_spaces(char **buf) { size_t ret; -@@ -1884,6 +1942,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, +@@ -1904,6 +1960,8 @@ static int proc_put_long(void __user **buf, size_t *size, unsigned long val, len = strlen(tmp); if (len > *size) len = *size; @@ -89424,7 +90681,7 @@ index 06962ba..a54d45e 100644 if (copy_to_user(*buf, tmp, len)) return -EFAULT; *size -= len; -@@ -2048,7 +2108,7 @@ int proc_dointvec(struct ctl_table *table, int write, +@@ -2068,7 +2126,7 @@ int proc_dointvec(struct ctl_table *table, int write, static int proc_taint(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -89433,7 +90690,7 @@ index 06962ba..a54d45e 100644 unsigned long tmptaint = get_taint(); int err; -@@ -2076,7 +2136,6 @@ static int proc_taint(struct ctl_table *table, int write, +@@ -2096,7 +2154,6 @@ static int proc_taint(struct ctl_table *table, int write, return err; } @@ -89441,7 +90698,7 @@ index 06962ba..a54d45e 100644 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2085,7 +2144,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, +@@ -2105,7 +2162,6 @@ static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, return proc_dointvec_minmax(table, write, buffer, lenp, ppos); } @@ -89449,7 +90706,7 @@ index 06962ba..a54d45e 100644 struct do_proc_dointvec_minmax_conv_param { int *min; -@@ -2632,6 +2690,12 @@ int proc_dostring(struct ctl_table *table, int write, +@@ -2652,6 +2708,12 @@ int proc_dostring(struct ctl_table *table, int write, return -ENOSYS; } @@ -89462,7 +90719,7 @@ index 06962ba..a54d45e 100644 int proc_dointvec(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { -@@ -2688,5 +2752,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); +@@ -2708,5 +2770,6 @@ EXPORT_SYMBOL(proc_dointvec_minmax); EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); @@ -89526,7 +90783,7 @@ index 88c9c65..7497ebc 100644 .clock_get = alarm_clock_get, .timer_create = alarm_timer_create, diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c -index b415457..c26876d 100644 +index 5b40279..81e58db 100644 --- a/kernel/time/timekeeping.c +++ b/kernel/time/timekeeping.c @@ -15,6 +15,7 @@ @@ -89537,7 +90794,7 @@ index b415457..c26876d 100644 #include <linux/syscore_ops.h> #include <linux/clocksource.h> #include <linux/jiffies.h> -@@ -500,6 +501,8 @@ int do_settimeofday(const struct timespec *tv) +@@ -501,6 +502,8 @@ int do_settimeofday(const struct timespec *tv) if (!timespec_valid_strict(tv)) return -EINVAL; @@ -89686,7 +90943,7 @@ index accfd24..e00f0c0 100644 struct timer_list timer; unsigned long expire; diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c -index f785aef..59f1b18 100644 +index 4f3a3c03..04b7886 100644 --- a/kernel/trace/blktrace.c +++ b/kernel/trace/blktrace.c @@ -328,7 +328,7 @@ static ssize_t blk_dropped_read(struct file *filp, char __user *buffer, @@ -89717,10 +90974,10 @@ index f785aef..59f1b18 100644 ret = -EIO; diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c -index 38463d2..68abe92 100644 +index cd7f76d..553c805 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c -@@ -1978,12 +1978,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) +@@ -1965,12 +1965,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) if (unlikely(ftrace_disabled)) return 0; @@ -89740,7 +90997,7 @@ index 38463d2..68abe92 100644 } /* -@@ -4190,8 +4195,10 @@ static int ftrace_process_locs(struct module *mod, +@@ -4177,8 +4182,10 @@ static int ftrace_process_locs(struct module *mod, if (!count) return 0; @@ -89751,7 +91008,7 @@ index 38463d2..68abe92 100644 start_pg = ftrace_allocate_pages(count); if (!start_pg) -@@ -4922,8 +4929,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write, +@@ -4909,8 +4916,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write, #ifdef CONFIG_FUNCTION_GRAPH_TRACER static int ftrace_graph_active; @@ -89760,7 +91017,7 @@ index 38463d2..68abe92 100644 int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace) { return 0; -@@ -5099,6 +5104,10 @@ static void update_function_graph_func(void) +@@ -5086,6 +5091,10 @@ static void update_function_graph_func(void) ftrace_graph_entry = ftrace_graph_entry_test; } @@ -89771,7 +91028,7 @@ index 38463d2..68abe92 100644 int register_ftrace_graph(trace_func_graph_ret_t retfunc, trace_func_graph_ent_t entryfunc) { -@@ -5112,7 +5121,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc, +@@ -5099,7 +5108,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc, goto out; } @@ -89780,7 +91037,7 @@ index 38463d2..68abe92 100644 ftrace_graph_active++; diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c -index 0e337ee..3370631 100644 +index fc4da2d..f3e800b 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -352,9 +352,9 @@ struct buffer_data_page { @@ -90058,10 +91315,10 @@ index 0e337ee..3370631 100644 *data_page = bpage; diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c -index 0a360ce..7bd800e 100644 +index 24c1f23..781fd73f 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c -@@ -3352,7 +3352,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) +@@ -3399,7 +3399,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) return 0; } @@ -90071,10 +91328,10 @@ index 0a360ce..7bd800e 100644 /* do nothing if flag is already set */ if (!!(trace_flags & mask) == !!enabled) diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h -index ea189e0..a5b48c4 100644 +index 02b592f..f971546 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h -@@ -1040,7 +1040,7 @@ extern const char *__stop___tracepoint_str[]; +@@ -1233,7 +1233,7 @@ extern const char *__stop___tracepoint_str[]; void trace_printk_init_buffers(void); void trace_printk_start_comm(void); int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set); @@ -90104,7 +91361,7 @@ index 26dc348..8708ca7 100644 + return atomic64_inc_return_unchecked(&trace_counter); } diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c -index 2e58196..fdd3d61 100644 +index 7b16d40..1b2875d 100644 --- a/kernel/trace/trace_events.c +++ b/kernel/trace/trace_events.c @@ -1681,7 +1681,6 @@ __trace_early_add_new_event(struct ftrace_event_call *call, @@ -90190,7 +91447,7 @@ index ed32284..884d6c3 100644 key = event->type & (EVENT_HASHSIZE - 1); diff --git a/kernel/trace/trace_stack.c b/kernel/trace/trace_stack.c -index b20428c..4845a10 100644 +index e6be585..d73ae5e 100644 --- a/kernel/trace/trace_stack.c +++ b/kernel/trace/trace_stack.c @@ -68,7 +68,7 @@ check_stack(unsigned long ip, unsigned long *stack) @@ -90203,7 +91460,7 @@ index b20428c..4845a10 100644 local_irq_save(flags); diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c -index 240fb62..583473e 100644 +index 80a57af..7f5a7ff 100644 --- a/kernel/user_namespace.c +++ b/kernel/user_namespace.c @@ -82,6 +82,21 @@ int create_user_ns(struct cred *new) @@ -90228,7 +91485,7 @@ index 240fb62..583473e 100644 ns = kmem_cache_zalloc(user_ns_cachep, GFP_KERNEL); if (!ns) return -ENOMEM; -@@ -866,7 +881,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns) +@@ -865,7 +880,7 @@ static int userns_install(struct nsproxy *nsproxy, void *ns) if (atomic_read(¤t->mm->mm_users) > 1) return -EINVAL; @@ -90264,7 +91521,7 @@ index 4431610..4265616 100644 .thread_should_run = watchdog_should_run, .thread_fn = watchdog, diff --git a/kernel/workqueue.c b/kernel/workqueue.c -index a8381cf..1ce1331 100644 +index 193e977..26dd63f 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c @@ -4678,7 +4678,7 @@ static void rebind_workers(struct worker_pool *pool) @@ -90277,10 +91534,10 @@ index a8381cf..1ce1331 100644 spin_unlock_irq(&pool->lock); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index db25707..8b16430 100644 +index a48abea..e108def 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug -@@ -845,7 +845,7 @@ config DEBUG_MUTEXES +@@ -854,7 +854,7 @@ config DEBUG_MUTEXES config DEBUG_WW_MUTEX_SLOWPATH bool "Wait/wound mutex debugging: Slowpath testing" @@ -90289,7 +91546,7 @@ index db25707..8b16430 100644 select DEBUG_LOCK_ALLOC select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -858,7 +858,7 @@ config DEBUG_WW_MUTEX_SLOWPATH +@@ -867,7 +867,7 @@ config DEBUG_WW_MUTEX_SLOWPATH config DEBUG_LOCK_ALLOC bool "Lock debugging: detect incorrect freeing of live locks" @@ -90298,7 +91555,7 @@ index db25707..8b16430 100644 select DEBUG_SPINLOCK select DEBUG_MUTEXES select LOCKDEP -@@ -872,7 +872,7 @@ config DEBUG_LOCK_ALLOC +@@ -881,7 +881,7 @@ config DEBUG_LOCK_ALLOC config PROVE_LOCKING bool "Lock debugging: prove locking correctness" @@ -90307,7 +91564,7 @@ index db25707..8b16430 100644 select LOCKDEP select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -923,7 +923,7 @@ config LOCKDEP +@@ -932,7 +932,7 @@ config LOCKDEP config LOCK_STAT bool "Lock usage statistics" @@ -90316,7 +91573,7 @@ index db25707..8b16430 100644 select LOCKDEP select DEBUG_SPINLOCK select DEBUG_MUTEXES -@@ -1385,6 +1385,7 @@ config LATENCYTOP +@@ -1394,6 +1394,7 @@ config LATENCYTOP depends on DEBUG_KERNEL depends on STACKTRACE_SUPPORT depends on PROC_FS @@ -90324,7 +91581,7 @@ index db25707..8b16430 100644 select FRAME_POINTER if !MIPS && !PPC && !S390 && !MICROBLAZE && !ARM_UNWIND && !ARC select KALLSYMS select KALLSYMS_ALL -@@ -1401,7 +1402,7 @@ config ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS +@@ -1410,7 +1411,7 @@ config ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS config DEBUG_STRICT_USER_COPY_CHECKS bool "Strict user copy size checks" depends on ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS @@ -90333,7 +91590,7 @@ index db25707..8b16430 100644 help Enabling this option turns a certain set of sanity checks for user copy operations into compile time failures. -@@ -1520,7 +1521,7 @@ endmenu # runtime tests +@@ -1529,7 +1530,7 @@ endmenu # runtime tests config PROVIDE_OHCI1394_DMA_INIT bool "Remote debugging over FireWire early on boot" @@ -90342,20 +91599,11 @@ index db25707..8b16430 100644 help If you want to debug problems which hang or crash the kernel early on boot and the crashing machine has a FireWire port, you can use -@@ -1549,7 +1550,7 @@ config PROVIDE_OHCI1394_DMA_INIT - - config FIREWIRE_OHCI_REMOTE_DMA - bool "Remote debugging over FireWire with firewire-ohci" -- depends on FIREWIRE_OHCI -+ depends on FIREWIRE_OHCI && !GRKERNSEC - help - This option lets you use the FireWire bus for remote debugging - with help of the firewire-ohci driver. It enables unfiltered diff --git a/lib/Makefile b/lib/Makefile -index 04944e9..f43eabe 100644 +index 48140e3..de854e5 100644 --- a/lib/Makefile +++ b/lib/Makefile -@@ -50,7 +50,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o +@@ -52,7 +52,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o obj-$(CONFIG_BTREE) += btree.o obj-$(CONFIG_ASSOCIATIVE_ARRAY) += assoc_array.o obj-$(CONFIG_DEBUG_PREEMPT) += smp_processor_id.o @@ -90364,6 +91612,19 @@ index 04944e9..f43eabe 100644 obj-$(CONFIG_DEBUG_OBJECTS) += debugobjects.o ifneq ($(CONFIG_HAVE_DEC_LOCK),y) +diff --git a/lib/average.c b/lib/average.c +index 114d1be..ab0350c 100644 +--- a/lib/average.c ++++ b/lib/average.c +@@ -55,7 +55,7 @@ struct ewma *ewma_add(struct ewma *avg, unsigned long val) + { + unsigned long internal = ACCESS_ONCE(avg->internal); + +- ACCESS_ONCE(avg->internal) = internal ? ++ ACCESS_ONCE_RW(avg->internal) = internal ? + (((internal << avg->weight) - internal) + + (val << avg->factor)) >> avg->weight : + (val << avg->factor); diff --git a/lib/bitmap.c b/lib/bitmap.c index 06f7e4f..f3cf2b0 100644 --- a/lib/bitmap.c @@ -90475,10 +91736,10 @@ index 4382ad7..08aa558 100644 u32 high = divisor >> 32; u64 quot; diff --git a/lib/dma-debug.c b/lib/dma-debug.c -index d87a17a..ac0d79a 100644 +index 98f2d7e..899da5c 100644 --- a/lib/dma-debug.c +++ b/lib/dma-debug.c -@@ -768,7 +768,7 @@ static int dma_debug_device_change(struct notifier_block *nb, unsigned long acti +@@ -971,7 +971,7 @@ static int dma_debug_device_change(struct notifier_block *nb, unsigned long acti void dma_debug_add_bus(struct bus_type *bus) { @@ -90487,7 +91748,7 @@ index d87a17a..ac0d79a 100644 if (global_disable) return; -@@ -945,7 +945,7 @@ static void check_unmap(struct dma_debug_entry *ref) +@@ -1148,7 +1148,7 @@ static void check_unmap(struct dma_debug_entry *ref) static void check_for_stack(struct device *dev, void *addr) { @@ -90496,6 +91757,19 @@ index d87a17a..ac0d79a 100644 err_printk(dev, NULL, "DMA-API: device driver maps memory from" "stack [addr=%p]\n", addr); } +diff --git a/lib/hash.c b/lib/hash.c +index fea973f..386626f 100644 +--- a/lib/hash.c ++++ b/lib/hash.c +@@ -14,7 +14,7 @@ + #include <linux/hash.h> + #include <linux/cache.h> + +-static struct fast_hash_ops arch_hash_ops __read_mostly = { ++static struct fast_hash_ops arch_hash_ops __read_only = { + .hash = jhash, + .hash2 = jhash2, + }; diff --git a/lib/inflate.c b/lib/inflate.c index 013a761..c28f3fc 100644 --- a/lib/inflate.c @@ -90546,10 +91820,10 @@ index bd2bea9..6b3c95e 100644 return false; diff --git a/lib/kobject.c b/lib/kobject.c -index 5b4b888..c2950f7 100644 +index cb14aea..8c53cdb 100644 --- a/lib/kobject.c +++ b/lib/kobject.c -@@ -957,9 +957,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); +@@ -931,9 +931,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -90783,7 +92057,7 @@ index c24c2f7..f0296f4 100644 +} +EXPORT_SYMBOL(pax_list_del_rcu); diff --git a/lib/percpu-refcount.c b/lib/percpu-refcount.c -index 1a53d49..ace934c 100644 +index 963b703..438bc51 100644 --- a/lib/percpu-refcount.c +++ b/lib/percpu-refcount.c @@ -29,7 +29,7 @@ @@ -90796,7 +92070,7 @@ index 1a53d49..ace934c 100644 /** * percpu_ref_init - initialize a percpu refcount diff --git a/lib/radix-tree.c b/lib/radix-tree.c -index 7811ed3..f80ca19 100644 +index bd4a8df..9e4804f 100644 --- a/lib/radix-tree.c +++ b/lib/radix-tree.c @@ -93,7 +93,7 @@ struct radix_tree_preload { @@ -90809,7 +92083,7 @@ index 7811ed3..f80ca19 100644 static inline void *ptr_to_indirect(void *ptr) { diff --git a/lib/random32.c b/lib/random32.c -index 1e5b2df..fb616c7 100644 +index 6148967..009bfe8 100644 --- a/lib/random32.c +++ b/lib/random32.c @@ -44,7 +44,7 @@ @@ -90836,6 +92110,18 @@ index 65f4eff..2cfa167 100644 }; void rb_insert_color(struct rb_node *node, struct rb_root *root) +diff --git a/lib/show_mem.c b/lib/show_mem.c +index 0922579..9d7adb9 100644 +--- a/lib/show_mem.c ++++ b/lib/show_mem.c +@@ -44,6 +44,6 @@ void show_mem(unsigned int filter) + quicklist_total_size()); + #endif + #ifdef CONFIG_MEMORY_FAILURE +- printk("%lu pages hwpoisoned\n", atomic_long_read(&num_poisoned_pages)); ++ printk("%lu pages hwpoisoned\n", atomic_long_read_unchecked(&num_poisoned_pages)); + #endif + } diff --git a/lib/strncpy_from_user.c b/lib/strncpy_from_user.c index bb2b201..46abaf9 100644 --- a/lib/strncpy_from_user.c @@ -90863,10 +92149,10 @@ index a28df52..3d55877 100644 unsigned long c; diff --git a/lib/swiotlb.c b/lib/swiotlb.c -index e4399fa..5e8b214 100644 +index b604b83..c0547f6 100644 --- a/lib/swiotlb.c +++ b/lib/swiotlb.c -@@ -668,7 +668,7 @@ EXPORT_SYMBOL(swiotlb_alloc_coherent); +@@ -674,7 +674,7 @@ EXPORT_SYMBOL(swiotlb_alloc_coherent); void swiotlb_free_coherent(struct device *hwdev, size_t size, void *vaddr, @@ -90890,7 +92176,7 @@ index 4f5b1dd..7cab418 100644 +} +EXPORT_SYMBOL(copy_to_user_overflow); diff --git a/lib/vsprintf.c b/lib/vsprintf.c -index 10909c5..653e1b8 100644 +index 185b6d3..823c48c 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -16,6 +16,9 @@ @@ -90903,8 +92189,8 @@ index 10909c5..653e1b8 100644 #include <stdarg.h> #include <linux/module.h> /* for KSYM_SYMBOL_LEN */ #include <linux/types.h> -@@ -1155,7 +1158,11 @@ char *netdev_feature_string(char *buf, char *end, const u8 *addr, - return number(buf, end, *(const netdev_features_t *)addr, spec); +@@ -1179,7 +1182,11 @@ char *address_val(char *buf, char *end, const void *addr, + return number(buf, end, num, spec); } +#ifdef CONFIG_GRKERNSEC_HIDESYM @@ -90915,7 +92201,7 @@ index 10909c5..653e1b8 100644 /* * Show a '%p' thing. A kernel extension is that the '%p' is followed -@@ -1168,6 +1175,7 @@ int kptr_restrict __read_mostly; +@@ -1192,6 +1199,7 @@ int kptr_restrict __read_mostly; * - 'f' For simple symbolic function names without offset * - 'S' For symbolic direct pointers with offset * - 's' For symbolic direct pointers without offset @@ -90923,7 +92209,7 @@ index 10909c5..653e1b8 100644 * - '[FfSs]R' as above with __builtin_extract_return_addr() translation * - 'B' For backtraced symbolic direct pointers with offset * - 'R' For decoded struct resource, e.g., [mem 0x0-0x1f 64bit pref] -@@ -1234,12 +1242,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1259,12 +1267,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, if (!ptr && *fmt != 'K') { /* @@ -90938,7 +92224,7 @@ index 10909c5..653e1b8 100644 } switch (*fmt) { -@@ -1249,6 +1257,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1274,6 +1282,12 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, /* Fallthrough */ case 'S': case 's': @@ -90951,7 +92237,7 @@ index 10909c5..653e1b8 100644 case 'B': return symbol_string(buf, end, ptr, spec, fmt); case 'R': -@@ -1304,6 +1318,8 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1329,6 +1343,8 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, va_end(va); return buf; } @@ -90960,7 +92246,7 @@ index 10909c5..653e1b8 100644 case 'K': /* * %pK cannot be used in IRQ context because its test -@@ -1365,6 +1381,21 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, +@@ -1386,6 +1402,21 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, ((const struct file *)ptr)->f_path.dentry, spec, fmt); } @@ -90982,7 +92268,7 @@ index 10909c5..653e1b8 100644 spec.flags |= SMALL; if (spec.field_width == -1) { spec.field_width = default_width; -@@ -2086,11 +2117,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -2107,11 +2138,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) typeof(type) value; \ if (sizeof(type) == 8) { \ args = PTR_ALIGN(args, sizeof(u32)); \ @@ -90997,7 +92283,7 @@ index 10909c5..653e1b8 100644 } \ args += sizeof(type); \ value; \ -@@ -2153,7 +2184,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -2174,7 +2205,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) case FORMAT_TYPE_STR: { const char *str_arg = args; args += strlen(str_arg) + 1; @@ -91014,7 +92300,7 @@ index 0000000..7cd6065 @@ -0,0 +1 @@ +-grsec diff --git a/mm/Kconfig b/mm/Kconfig -index 723bbe0..ea624b1 100644 +index 2888024..c15a810 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -326,10 +326,11 @@ config KSM @@ -91042,7 +92328,7 @@ index 723bbe0..ea624b1 100644 config NOMMU_INITIAL_TRIM_EXCESS diff --git a/mm/backing-dev.c b/mm/backing-dev.c -index ce682f7..1fb54f9 100644 +index 09d9591..165bb75 100644 --- a/mm/backing-dev.c +++ b/mm/backing-dev.c @@ -12,7 +12,7 @@ @@ -91054,7 +92340,7 @@ index ce682f7..1fb54f9 100644 struct backing_dev_info default_backing_dev_info = { .name = "default", -@@ -525,7 +525,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name, +@@ -533,7 +533,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name, return err; err = bdi_register(bdi, NULL, "%.28s-%ld", name, @@ -91064,10 +92350,24 @@ index ce682f7..1fb54f9 100644 bdi_destroy(bdi); return err; diff --git a/mm/filemap.c b/mm/filemap.c -index b7749a9..50d1123 100644 +index 7a13f6a..e31738b 100644 --- a/mm/filemap.c +++ b/mm/filemap.c -@@ -1768,7 +1768,7 @@ int generic_file_mmap(struct file * file, struct vm_area_struct * vma) +@@ -192,9 +192,11 @@ static int filemap_check_errors(struct address_space *mapping) + { + int ret = 0; + /* Check for outstanding write errors */ +- if (test_and_clear_bit(AS_ENOSPC, &mapping->flags)) ++ if (test_bit(AS_ENOSPC, &mapping->flags) && ++ test_and_clear_bit(AS_ENOSPC, &mapping->flags)) + ret = -ENOSPC; +- if (test_and_clear_bit(AS_EIO, &mapping->flags)) ++ if (test_bit(AS_EIO, &mapping->flags) && ++ test_and_clear_bit(AS_EIO, &mapping->flags)) + ret = -EIO; + return ret; + } +@@ -1766,7 +1768,7 @@ int generic_file_mmap(struct file * file, struct vm_area_struct * vma) struct address_space *mapping = file->f_mapping; if (!mapping->a_ops->readpage) @@ -91076,7 +92376,7 @@ index b7749a9..50d1123 100644 file_accessed(file); vma->vm_ops = &generic_file_vm_ops; return 0; -@@ -1950,7 +1950,7 @@ static size_t __iovec_copy_from_user_inatomic(char *vaddr, +@@ -1948,7 +1950,7 @@ static size_t __iovec_copy_from_user_inatomic(char *vaddr, while (bytes) { char __user *buf = iov->iov_base + base; @@ -91085,7 +92385,7 @@ index b7749a9..50d1123 100644 base = 0; left = __copy_from_user_inatomic(vaddr, buf, copy); -@@ -1979,7 +1979,7 @@ size_t iov_iter_copy_from_user_atomic(struct page *page, +@@ -1977,7 +1979,7 @@ size_t iov_iter_copy_from_user_atomic(struct page *page, BUG_ON(!in_atomic()); kaddr = kmap_atomic(page); if (likely(i->nr_segs == 1)) { @@ -91094,7 +92394,7 @@ index b7749a9..50d1123 100644 char __user *buf = i->iov->iov_base + i->iov_offset; left = __copy_from_user_inatomic(kaddr + offset, buf, bytes); copied = bytes - left; -@@ -2007,7 +2007,7 @@ size_t iov_iter_copy_from_user(struct page *page, +@@ -2005,7 +2007,7 @@ size_t iov_iter_copy_from_user(struct page *page, kaddr = kmap(page); if (likely(i->nr_segs == 1)) { @@ -91103,7 +92403,7 @@ index b7749a9..50d1123 100644 char __user *buf = i->iov->iov_base + i->iov_offset; left = __copy_from_user(kaddr + offset, buf, bytes); copied = bytes - left; -@@ -2037,7 +2037,7 @@ void iov_iter_advance(struct iov_iter *i, size_t bytes) +@@ -2035,7 +2037,7 @@ void iov_iter_advance(struct iov_iter *i, size_t bytes) * zero-length segments (without overruning the iovec). */ while (bytes || unlikely(i->count && !iov->iov_len)) { @@ -91112,7 +92412,7 @@ index b7749a9..50d1123 100644 copy = min(bytes, iov->iov_len - base); BUG_ON(!i->count || i->count < copy); -@@ -2108,6 +2108,7 @@ inline int generic_write_checks(struct file *file, loff_t *pos, size_t *count, i +@@ -2106,6 +2108,7 @@ inline int generic_write_checks(struct file *file, loff_t *pos, size_t *count, i *pos = i_size_read(inode); if (limit != RLIM_INFINITY) { @@ -91121,10 +92421,10 @@ index b7749a9..50d1123 100644 send_sig(SIGXFSZ, current, 0); return -EFBIG; diff --git a/mm/fremap.c b/mm/fremap.c -index bbc4d66..117b798 100644 +index 34feba6..315fe78 100644 --- a/mm/fremap.c +++ b/mm/fremap.c -@@ -163,6 +163,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, +@@ -179,6 +179,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, retry: vma = find_vma(mm, start); @@ -91165,10 +92465,10 @@ index b32b70c..e512eb0 100644 set_page_address(page, (void *)vaddr); diff --git a/mm/hugetlb.c b/mm/hugetlb.c -index dee6cf4..52b94f7 100644 +index 06a9bc0..cfbba83 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c -@@ -2077,15 +2077,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, +@@ -2070,15 +2070,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, struct hstate *h = &default_hstate; unsigned long tmp; int ret; @@ -91189,7 +92489,7 @@ index dee6cf4..52b94f7 100644 if (ret) goto out; -@@ -2130,15 +2132,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, +@@ -2123,15 +2125,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, struct hstate *h = &default_hstate; unsigned long tmp; int ret; @@ -91210,7 +92510,7 @@ index dee6cf4..52b94f7 100644 if (ret) goto out; -@@ -2596,6 +2600,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2600,6 +2604,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, return 1; } @@ -91238,7 +92538,7 @@ index dee6cf4..52b94f7 100644 /* * Hugetlb_cow() should be called with page lock of the original hugepage held. * Called with hugetlb_instantiation_mutex held and pte_page locked so we -@@ -2712,6 +2737,11 @@ retry_avoidcopy: +@@ -2716,6 +2741,11 @@ retry_avoidcopy: make_huge_pte(vma, new_page, 1)); page_remove_rmap(old_page); hugepage_add_new_anon_rmap(new_page, vma, address); @@ -91250,7 +92550,7 @@ index dee6cf4..52b94f7 100644 /* Make the old page be freed below */ new_page = old_page; } -@@ -2876,6 +2906,10 @@ retry: +@@ -2880,6 +2910,10 @@ retry: && (vma->vm_flags & VM_SHARED))); set_huge_pte_at(mm, address, ptep, new_pte); @@ -91261,7 +92561,7 @@ index dee6cf4..52b94f7 100644 if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { /* Optimization, do the COW without a second fault */ ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page, ptl); -@@ -2906,6 +2940,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2910,6 +2944,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, static DEFINE_MUTEX(hugetlb_instantiation_mutex); struct hstate *h = hstate_vma(vma); @@ -91272,7 +92572,7 @@ index dee6cf4..52b94f7 100644 address &= huge_page_mask(h); ptep = huge_pte_offset(mm, address); -@@ -2919,6 +2957,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2923,6 +2961,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, VM_FAULT_SET_HINDEX(hstate_index(h)); } @@ -91300,10 +92600,10 @@ index dee6cf4..52b94f7 100644 if (!ptep) return VM_FAULT_OOM; diff --git a/mm/internal.h b/mm/internal.h -index 8b6cfd6..ec809a6 100644 +index 3e91000..4741a60 100644 --- a/mm/internal.h +++ b/mm/internal.h -@@ -96,6 +96,7 @@ extern pmd_t *mm_find_pmd(struct mm_struct *mm, unsigned long address); +@@ -94,6 +94,7 @@ extern pmd_t *mm_find_pmd(struct mm_struct *mm, unsigned long address); * in mm/page_alloc.c */ extern void __free_pages_bootmem(struct page *page, unsigned int order); @@ -91311,7 +92611,7 @@ index 8b6cfd6..ec809a6 100644 extern void prep_compound_page(struct page *page, unsigned long order); #ifdef CONFIG_MEMORY_FAILURE extern bool is_free_buddy_page(struct page *page); -@@ -351,7 +352,7 @@ extern u32 hwpoison_filter_enable; +@@ -352,7 +353,7 @@ extern u32 hwpoison_filter_enable; extern unsigned long vm_mmap_pgoff(struct file *, unsigned long, unsigned long, unsigned long, @@ -91445,7 +92745,7 @@ index 539eeb9..e24a987 100644 if (end == start) return error; diff --git a/mm/memory-failure.c b/mm/memory-failure.c -index 90977ac..487ab84 100644 +index 90002ea..db1452d 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; @@ -91543,7 +92843,7 @@ index 90977ac..487ab84 100644 return 0; } -@@ -1610,7 +1610,7 @@ static int __soft_offline_page(struct page *page, int flags) +@@ -1616,7 +1616,7 @@ static int __soft_offline_page(struct page *page, int flags) if (!is_free_buddy_page(page)) pr_info("soft offline: %#lx: page leaked\n", pfn); @@ -91552,7 +92852,7 @@ index 90977ac..487ab84 100644 } } else { pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", -@@ -1684,11 +1684,11 @@ int soft_offline_page(struct page *page, int flags) +@@ -1690,11 +1690,11 @@ int soft_offline_page(struct page *page, int flags) if (PageHuge(page)) { set_page_hwpoison_huge_page(hpage); dequeue_hwpoisoned_huge_page(hpage); @@ -91567,10 +92867,10 @@ index 90977ac..487ab84 100644 } unset_migratetype_isolate(page, MIGRATE_MOVABLE); diff --git a/mm/memory.c b/mm/memory.c -index dda27b9..c56b9d6 100644 +index 22dfa61..90d7ec5 100644 --- a/mm/memory.c +++ b/mm/memory.c -@@ -402,6 +402,7 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, +@@ -403,6 +403,7 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, free_pte_range(tlb, pmd, addr); } while (pmd++, addr = next, addr != end); @@ -91578,7 +92878,7 @@ index dda27b9..c56b9d6 100644 start &= PUD_MASK; if (start < floor) return; -@@ -416,6 +417,8 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, +@@ -417,6 +418,8 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, pmd = pmd_offset(pud, start); pud_clear(pud); pmd_free_tlb(tlb, pmd, start); @@ -91587,7 +92887,7 @@ index dda27b9..c56b9d6 100644 } static inline void free_pud_range(struct mmu_gather *tlb, pgd_t *pgd, -@@ -435,6 +438,7 @@ static inline void free_pud_range(struct mmu_gather *tlb, pgd_t *pgd, +@@ -436,6 +439,7 @@ static inline void free_pud_range(struct mmu_gather *tlb, pgd_t *pgd, free_pmd_range(tlb, pud, addr, next, floor, ceiling); } while (pud++, addr = next, addr != end); @@ -91595,7 +92895,7 @@ index dda27b9..c56b9d6 100644 start &= PGDIR_MASK; if (start < floor) return; -@@ -449,6 +453,8 @@ static inline void free_pud_range(struct mmu_gather *tlb, pgd_t *pgd, +@@ -450,6 +454,8 @@ static inline void free_pud_range(struct mmu_gather *tlb, pgd_t *pgd, pud = pud_offset(pgd, start); pgd_clear(pgd); pud_free_tlb(tlb, pud, start); @@ -91604,7 +92904,7 @@ index dda27b9..c56b9d6 100644 } /* -@@ -1635,12 +1641,6 @@ no_page_table: +@@ -1636,12 +1642,6 @@ no_page_table: return page; } @@ -91617,7 +92917,7 @@ index dda27b9..c56b9d6 100644 /** * __get_user_pages() - pin user pages in memory * @tsk: task_struct of target task -@@ -1727,10 +1727,10 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, +@@ -1728,10 +1728,10 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, i = 0; @@ -91630,7 +92930,7 @@ index dda27b9..c56b9d6 100644 if (!vma && in_gate_area(mm, start)) { unsigned long pg = start & PAGE_MASK; pgd_t *pgd; -@@ -1779,7 +1779,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, +@@ -1780,7 +1780,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, goto next_page; } @@ -91639,7 +92939,7 @@ index dda27b9..c56b9d6 100644 (vma->vm_flags & (VM_IO | VM_PFNMAP)) || !(vm_flags & vma->vm_flags)) return i ? : -EFAULT; -@@ -1808,11 +1808,6 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, +@@ -1809,11 +1809,6 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, int ret; unsigned int fault_flags = 0; @@ -91651,7 +92951,7 @@ index dda27b9..c56b9d6 100644 if (foll_flags & FOLL_WRITE) fault_flags |= FAULT_FLAG_WRITE; if (nonblocking) -@@ -1892,7 +1887,7 @@ next_page: +@@ -1893,7 +1888,7 @@ next_page: start += page_increm * PAGE_SIZE; nr_pages -= page_increm; } while (nr_pages && start < vma->vm_end); @@ -91660,7 +92960,25 @@ index dda27b9..c56b9d6 100644 return i; } EXPORT_SYMBOL(__get_user_pages); -@@ -2099,6 +2094,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, +@@ -1929,12 +1924,17 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm, + unsigned long address, unsigned int fault_flags) + { + struct vm_area_struct *vma; ++ vm_flags_t vm_flags; + int ret; + + vma = find_extend_vma(mm, address); + if (!vma || address < vma->vm_start) + return -EFAULT; + ++ vm_flags = (fault_flags & FAULT_FLAG_WRITE) ? VM_WRITE : VM_READ; ++ if (!(vm_flags & vma->vm_flags)) ++ return -EFAULT; ++ + ret = handle_mm_fault(mm, vma, address, fault_flags); + if (ret & VM_FAULT_ERROR) { + if (ret & VM_FAULT_OOM) +@@ -2100,6 +2100,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, page_add_file_rmap(page); set_pte_at(mm, addr, pte, mk_pte(page, prot)); @@ -91671,7 +92989,7 @@ index dda27b9..c56b9d6 100644 retval = 0; pte_unmap_unlock(pte, ptl); return retval; -@@ -2143,9 +2142,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, +@@ -2144,9 +2148,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, if (!page_count(page)) return -EINVAL; if (!(vma->vm_flags & VM_MIXEDMAP)) { @@ -91693,7 +93011,7 @@ index dda27b9..c56b9d6 100644 } return insert_page(vma, addr, page, vma->vm_page_prot); } -@@ -2228,6 +2239,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, +@@ -2229,6 +2245,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, unsigned long pfn) { BUG_ON(!(vma->vm_flags & VM_MIXEDMAP)); @@ -91701,7 +93019,7 @@ index dda27b9..c56b9d6 100644 if (addr < vma->vm_start || addr >= vma->vm_end) return -EFAULT; -@@ -2475,7 +2487,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, +@@ -2476,7 +2493,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, BUG_ON(pud_huge(*pud)); @@ -91712,7 +93030,7 @@ index dda27b9..c56b9d6 100644 if (!pmd) return -ENOMEM; do { -@@ -2495,7 +2509,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, +@@ -2496,7 +2515,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, unsigned long next; int err; @@ -91723,7 +93041,7 @@ index dda27b9..c56b9d6 100644 if (!pud) return -ENOMEM; do { -@@ -2583,6 +2599,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo +@@ -2586,6 +2607,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo copy_user_highpage(dst, src, va, vma); } @@ -91910,7 +93228,7 @@ index dda27b9..c56b9d6 100644 /* * This routine handles present pages, when users try to write * to a shared page. It is done by copying the page to a new address -@@ -2807,6 +3003,12 @@ gotten: +@@ -2810,6 +3011,12 @@ gotten: */ page_table = pte_offset_map_lock(mm, pmd, address, &ptl); if (likely(pte_same(*page_table, orig_pte))) { @@ -91923,7 +93241,7 @@ index dda27b9..c56b9d6 100644 if (old_page) { if (!PageAnon(old_page)) { dec_mm_counter_fast(mm, MM_FILEPAGES); -@@ -2858,6 +3060,10 @@ gotten: +@@ -2861,6 +3068,10 @@ gotten: page_remove_rmap(old_page); } @@ -91934,7 +93252,7 @@ index dda27b9..c56b9d6 100644 /* Free the old page.. */ new_page = old_page; ret |= VM_FAULT_WRITE; -@@ -3135,6 +3341,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3138,6 +3349,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, swap_free(entry); if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) try_to_free_swap(page); @@ -91946,7 +93264,7 @@ index dda27b9..c56b9d6 100644 unlock_page(page); if (page != swapcache) { /* -@@ -3158,6 +3369,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3161,6 +3377,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, address, page_table); @@ -91958,7 +93276,7 @@ index dda27b9..c56b9d6 100644 unlock: pte_unmap_unlock(page_table, ptl); out: -@@ -3177,40 +3393,6 @@ out_release: +@@ -3180,40 +3401,6 @@ out_release: } /* @@ -91999,7 +93317,7 @@ index dda27b9..c56b9d6 100644 * We enter with non-exclusive mmap_sem (to exclude vma changes, * but allow concurrent faults), and pte mapped but not yet locked. * We return with mmap_sem still held, but pte unmapped and unlocked. -@@ -3219,27 +3401,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3222,27 +3409,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, unsigned long address, pte_t *page_table, pmd_t *pmd, unsigned int flags) { @@ -92032,7 +93350,7 @@ index dda27b9..c56b9d6 100644 if (unlikely(anon_vma_prepare(vma))) goto oom; page = alloc_zeroed_user_highpage_movable(vma, address); -@@ -3263,6 +3441,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3266,6 +3449,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, if (!pte_none(*page_table)) goto release; @@ -92044,7 +93362,7 @@ index dda27b9..c56b9d6 100644 inc_mm_counter_fast(mm, MM_ANONPAGES); page_add_new_anon_rmap(page, vma, address); setpte: -@@ -3270,6 +3453,12 @@ setpte: +@@ -3273,6 +3461,12 @@ setpte: /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, address, page_table); @@ -92057,7 +93375,7 @@ index dda27b9..c56b9d6 100644 unlock: pte_unmap_unlock(page_table, ptl); return 0; -@@ -3413,6 +3602,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3417,6 +3611,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, */ /* Only go through if we didn't race with anybody else... */ if (likely(pte_same(*page_table, orig_pte))) { @@ -92070,7 +93388,7 @@ index dda27b9..c56b9d6 100644 flush_icache_page(vma, page); entry = mk_pte(page, vma->vm_page_prot); if (flags & FAULT_FLAG_WRITE) -@@ -3434,6 +3629,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3438,6 +3638,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, /* no need to invalidate: a not-present page won't be cached */ update_mmu_cache(vma, address, page_table); @@ -92085,7 +93403,7 @@ index dda27b9..c56b9d6 100644 } else { if (cow_page) mem_cgroup_uncharge_page(cow_page); -@@ -3681,6 +3884,12 @@ static int handle_pte_fault(struct mm_struct *mm, +@@ -3685,6 +3893,12 @@ static int handle_pte_fault(struct mm_struct *mm, if (flags & FAULT_FLAG_WRITE) flush_tlb_fix_spurious_fault(vma, address); } @@ -92098,7 +93416,7 @@ index dda27b9..c56b9d6 100644 unlock: pte_unmap_unlock(pte, ptl); return 0; -@@ -3697,9 +3906,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -3701,9 +3915,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, pmd_t *pmd; pte_t *pte; @@ -92140,7 +93458,7 @@ index dda27b9..c56b9d6 100644 pgd = pgd_offset(mm, address); pud = pud_alloc(mm, pgd, address); if (!pud) -@@ -3830,6 +4071,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) +@@ -3834,6 +4080,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) spin_unlock(&mm->page_table_lock); return 0; } @@ -92164,7 +93482,7 @@ index dda27b9..c56b9d6 100644 #endif /* __PAGETABLE_PUD_FOLDED */ #ifndef __PAGETABLE_PMD_FOLDED -@@ -3860,6 +4118,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) +@@ -3864,6 +4127,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) spin_unlock(&mm->page_table_lock); return 0; } @@ -92195,7 +93513,7 @@ index dda27b9..c56b9d6 100644 #endif /* __PAGETABLE_PMD_FOLDED */ #if !defined(__HAVE_ARCH_GATE_AREA) -@@ -3873,7 +4155,7 @@ static int __init gate_vma_init(void) +@@ -3877,7 +4164,7 @@ static int __init gate_vma_init(void) gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; @@ -92204,7 +93522,7 @@ index dda27b9..c56b9d6 100644 return 0; } -@@ -4007,8 +4289,8 @@ out: +@@ -4011,8 +4298,8 @@ out: return ret; } @@ -92215,7 +93533,7 @@ index dda27b9..c56b9d6 100644 { resource_size_t phys_addr; unsigned long prot = 0; -@@ -4034,8 +4316,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); +@@ -4038,8 +4325,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); * Access another process' address space as given in mm. If non-NULL, use the * given task for page fault accounting. */ @@ -92226,7 +93544,7 @@ index dda27b9..c56b9d6 100644 { struct vm_area_struct *vma; void *old_buf = buf; -@@ -4043,7 +4325,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, +@@ -4047,7 +4334,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, down_read(&mm->mmap_sem); /* ignore errors, just check how much was successfully transferred */ while (len) { @@ -92235,7 +93553,7 @@ index dda27b9..c56b9d6 100644 void *maddr; struct page *page = NULL; -@@ -4102,8 +4384,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, +@@ -4106,8 +4393,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, * * The caller must hold a reference on @mm. */ @@ -92246,7 +93564,7 @@ index dda27b9..c56b9d6 100644 { return __access_remote_vm(NULL, mm, addr, buf, len, write); } -@@ -4113,11 +4395,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, +@@ -4117,11 +4404,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, * Source/target buffer must be kernel space, * Do not walk the page table directly, use get_user_pages */ @@ -92262,10 +93580,10 @@ index dda27b9..c56b9d6 100644 mm = get_task_mm(tsk); if (!mm) diff --git a/mm/mempolicy.c b/mm/mempolicy.c -index cb2f3dd..fb80468 100644 +index ae3c8f3..fa4ee8e 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c -@@ -747,6 +747,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, +@@ -746,6 +746,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, unsigned long vmstart; unsigned long vmend; @@ -92276,7 +93594,7 @@ index cb2f3dd..fb80468 100644 vma = find_vma(mm, start); if (!vma || vma->vm_start > start) return -EFAULT; -@@ -790,6 +794,16 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, +@@ -789,6 +793,16 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, err = vma_replace_policy(vma, new_pol); if (err) goto out; @@ -92293,7 +93611,7 @@ index cb2f3dd..fb80468 100644 } out: -@@ -1255,6 +1269,17 @@ static long do_mbind(unsigned long start, unsigned long len, +@@ -1252,6 +1266,17 @@ static long do_mbind(unsigned long start, unsigned long len, if (end < start) return -EINVAL; @@ -92311,7 +93629,7 @@ index cb2f3dd..fb80468 100644 if (end == start) return 0; -@@ -1483,8 +1508,7 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, +@@ -1480,8 +1505,7 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -92321,7 +93639,7 @@ index cb2f3dd..fb80468 100644 rcu_read_unlock(); err = -EPERM; goto out_put; -@@ -1515,6 +1539,15 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, +@@ -1512,6 +1536,15 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, goto out; } @@ -92338,10 +93656,10 @@ index cb2f3dd..fb80468 100644 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); diff --git a/mm/migrate.c b/mm/migrate.c -index 9194375..75c81e2 100644 +index bed4880..a493f67 100644 --- a/mm/migrate.c +++ b/mm/migrate.c -@@ -1464,8 +1464,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, +@@ -1485,8 +1485,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -92352,7 +93670,7 @@ index 9194375..75c81e2 100644 err = -EPERM; goto out; diff --git a/mm/mlock.c b/mm/mlock.c -index 192e6ee..b044449 100644 +index b1eb536..091d154 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -14,6 +14,7 @@ @@ -92363,7 +93681,7 @@ index 192e6ee..b044449 100644 #include <linux/sched.h> #include <linux/export.h> #include <linux/rmap.h> -@@ -588,7 +589,7 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -606,7 +607,7 @@ static int do_mlock(unsigned long start, size_t len, int on) { unsigned long nstart, end, tmp; struct vm_area_struct * vma, * prev; @@ -92372,7 +93690,7 @@ index 192e6ee..b044449 100644 VM_BUG_ON(start & ~PAGE_MASK); VM_BUG_ON(len != PAGE_ALIGN(len)); -@@ -597,6 +598,9 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -615,6 +616,9 @@ static int do_mlock(unsigned long start, size_t len, int on) return -EINVAL; if (end == start) return 0; @@ -92382,7 +93700,7 @@ index 192e6ee..b044449 100644 vma = find_vma(current->mm, start); if (!vma || vma->vm_start > start) return -ENOMEM; -@@ -608,6 +612,11 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -626,6 +630,11 @@ static int do_mlock(unsigned long start, size_t len, int on) for (nstart = start ; ; ) { vm_flags_t newflags; @@ -92394,15 +93712,15 @@ index 192e6ee..b044449 100644 /* Here we know that vma->vm_start <= nstart < vma->vm_end. */ newflags = vma->vm_flags & ~VM_LOCKED; -@@ -720,6 +729,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) - lock_limit >>= PAGE_SHIFT; +@@ -739,6 +748,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) + locked += current->mm->locked_vm; /* check against resource limits */ + gr_learn_resource(current, RLIMIT_MEMLOCK, (current->mm->locked_vm << PAGE_SHIFT) + len, 1); if ((locked <= lock_limit) || capable(CAP_IPC_LOCK)) error = do_mlock(start, len, 1); - up_write(¤t->mm->mmap_sem); -@@ -754,6 +764,11 @@ static int do_mlockall(int flags) + +@@ -776,6 +786,11 @@ static int do_mlockall(int flags) for (vma = current->mm->mmap; vma ; vma = prev->vm_next) { vm_flags_t newflags; @@ -92414,16 +93732,20 @@ index 192e6ee..b044449 100644 newflags = vma->vm_flags & ~VM_LOCKED; if (flags & MCL_CURRENT) newflags |= VM_LOCKED; -@@ -787,6 +802,7 @@ SYSCALL_DEFINE1(mlockall, int, flags) +@@ -807,8 +822,10 @@ SYSCALL_DEFINE1(mlockall, int, flags) lock_limit >>= PAGE_SHIFT; ret = -ENOMEM; ++ + gr_learn_resource(current, RLIMIT_MEMLOCK, current->mm->total_vm << PAGE_SHIFT, 1); ++ + down_write(¤t->mm->mmap_sem); +- if (!(flags & MCL_CURRENT) || (current->mm->total_vm <= lock_limit) || capable(CAP_IPC_LOCK)) ret = do_mlockall(flags); diff --git a/mm/mmap.c b/mm/mmap.c -index 546db74..650d1b9 100644 +index 20ff0c3..a9eda98 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -36,6 +36,7 @@ @@ -92480,7 +93802,7 @@ index 546db74..650d1b9 100644 } EXPORT_SYMBOL(vm_get_page_prot); -@@ -89,6 +109,7 @@ int sysctl_overcommit_ratio __read_mostly = 50; /* default is 50% */ +@@ -90,6 +110,7 @@ unsigned long sysctl_overcommit_kbytes __read_mostly; int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT; unsigned long sysctl_user_reserve_kbytes __read_mostly = 1UL << 17; /* 128MB */ unsigned long sysctl_admin_reserve_kbytes __read_mostly = 1UL << 13; /* 8MB */ @@ -92488,7 +93810,7 @@ index 546db74..650d1b9 100644 /* * Make sure vm_committed_as in one cacheline and not cacheline shared with * other variables. It can be updated by several CPUs frequently. -@@ -245,6 +266,7 @@ static struct vm_area_struct *remove_vma(struct vm_area_struct *vma) +@@ -246,6 +267,7 @@ static struct vm_area_struct *remove_vma(struct vm_area_struct *vma) struct vm_area_struct *next = vma->vm_next; might_sleep(); @@ -92496,7 +93818,7 @@ index 546db74..650d1b9 100644 if (vma->vm_ops && vma->vm_ops->close) vma->vm_ops->close(vma); if (vma->vm_file) -@@ -289,6 +311,7 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) +@@ -290,6 +312,7 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) * not page aligned -Ram Gupta */ rlim = rlimit(RLIMIT_DATA); @@ -92504,7 +93826,7 @@ index 546db74..650d1b9 100644 if (rlim < RLIM_INFINITY && (brk - mm->start_brk) + (mm->end_data - mm->start_data) > rlim) goto out; -@@ -939,6 +962,12 @@ static int +@@ -940,6 +963,12 @@ static int can_vma_merge_before(struct vm_area_struct *vma, unsigned long vm_flags, struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) { @@ -92517,7 +93839,7 @@ index 546db74..650d1b9 100644 if (is_mergeable_vma(vma, file, vm_flags) && is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { if (vma->vm_pgoff == vm_pgoff) -@@ -958,6 +987,12 @@ static int +@@ -959,6 +988,12 @@ static int can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) { @@ -92530,7 +93852,7 @@ index 546db74..650d1b9 100644 if (is_mergeable_vma(vma, file, vm_flags) && is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { pgoff_t vm_pglen; -@@ -1000,13 +1035,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, +@@ -1001,13 +1036,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, struct vm_area_struct *vma_merge(struct mm_struct *mm, struct vm_area_struct *prev, unsigned long addr, unsigned long end, unsigned long vm_flags, @@ -92552,7 +93874,7 @@ index 546db74..650d1b9 100644 /* * We later require that vma->vm_flags == vm_flags, * so this tests vma->vm_flags & VM_SPECIAL, too. -@@ -1022,6 +1064,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, +@@ -1023,6 +1065,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, if (next && next->vm_end == end) /* cases 6, 7, 8 */ next = next->vm_next; @@ -92568,7 +93890,7 @@ index 546db74..650d1b9 100644 /* * Can it merge with the predecessor? */ -@@ -1041,9 +1092,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, +@@ -1042,9 +1093,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, /* cases 1, 6 */ err = vma_adjust(prev, prev->vm_start, next->vm_end, prev->vm_pgoff, NULL); @@ -92594,7 +93916,7 @@ index 546db74..650d1b9 100644 if (err) return NULL; khugepaged_enter_vma_merge(prev); -@@ -1057,12 +1123,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, +@@ -1058,12 +1124,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, mpol_equal(policy, vma_policy(next)) && can_vma_merge_before(next, vm_flags, anon_vma, file, pgoff+pglen)) { @@ -92624,7 +93946,7 @@ index 546db74..650d1b9 100644 if (err) return NULL; khugepaged_enter_vma_merge(area); -@@ -1171,8 +1252,10 @@ none: +@@ -1172,8 +1253,10 @@ none: void vm_stat_account(struct mm_struct *mm, unsigned long flags, struct file *file, long pages) { @@ -92637,7 +93959,7 @@ index 546db74..650d1b9 100644 mm->total_vm += pages; -@@ -1180,7 +1263,7 @@ void vm_stat_account(struct mm_struct *mm, unsigned long flags, +@@ -1181,7 +1264,7 @@ void vm_stat_account(struct mm_struct *mm, unsigned long flags, mm->shared_vm += pages; if ((flags & (VM_EXEC|VM_WRITE)) == VM_EXEC) mm->exec_vm += pages; @@ -92646,7 +93968,15 @@ index 546db74..650d1b9 100644 mm->stack_vm += pages; } #endif /* CONFIG_PROC_FS */ -@@ -1218,7 +1301,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1211,6 +1294,7 @@ static inline int mlock_future_check(struct mm_struct *mm, + locked += mm->locked_vm; + lock_limit = rlimit(RLIMIT_MEMLOCK); + lock_limit >>= PAGE_SHIFT; ++ gr_learn_resource(current, RLIMIT_MEMLOCK, locked << PAGE_SHIFT, 1); + if (locked > lock_limit && !capable(CAP_IPC_LOCK)) + return -EAGAIN; + } +@@ -1237,7 +1321,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, * (the exception is when the underlying filesystem is noexec * mounted, in which case we dont add PROT_EXEC.) */ @@ -92655,7 +93985,7 @@ index 546db74..650d1b9 100644 if (!(file && (file->f_path.mnt->mnt_flags & MNT_NOEXEC))) prot |= PROT_EXEC; -@@ -1244,7 +1327,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1263,7 +1347,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, /* Obtain the address to map to. we verify (or select) it and ensure * that it represents a valid section of the address space. */ @@ -92664,7 +93994,7 @@ index 546db74..650d1b9 100644 if (addr & ~PAGE_MASK) return addr; -@@ -1255,6 +1338,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1274,6 +1358,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; @@ -92708,15 +94038,7 @@ index 546db74..650d1b9 100644 if (flags & MAP_LOCKED) if (!can_do_mlock()) return -EPERM; -@@ -1266,6 +1386,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, - locked += mm->locked_vm; - lock_limit = rlimit(RLIMIT_MEMLOCK); - lock_limit >>= PAGE_SHIFT; -+ gr_learn_resource(current, RLIMIT_MEMLOCK, locked << PAGE_SHIFT, 1); - if (locked > lock_limit && !capable(CAP_IPC_LOCK)) - return -EAGAIN; - } -@@ -1350,6 +1471,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, +@@ -1361,6 +1482,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, vm_flags |= VM_NORESERVE; } @@ -92726,7 +94048,7 @@ index 546db74..650d1b9 100644 addr = mmap_region(file, addr, len, vm_flags, pgoff); if (!IS_ERR_VALUE(addr) && ((vm_flags & VM_LOCKED) || -@@ -1443,7 +1567,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) +@@ -1454,7 +1578,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) vm_flags_t vm_flags = vma->vm_flags; /* If it was private or non-writable, the write bit is already clear */ @@ -92735,7 +94057,7 @@ index 546db74..650d1b9 100644 return 0; /* The backer wishes to know when pages are first written to? */ -@@ -1489,7 +1613,22 @@ unsigned long mmap_region(struct file *file, unsigned long addr, +@@ -1500,7 +1624,22 @@ unsigned long mmap_region(struct file *file, unsigned long addr, struct rb_node **rb_link, *rb_parent; unsigned long charged = 0; @@ -92758,7 +94080,7 @@ index 546db74..650d1b9 100644 if (!may_expand_vm(mm, len >> PAGE_SHIFT)) { unsigned long nr_pages; -@@ -1508,11 +1647,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, +@@ -1519,11 +1658,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, /* Clear old maps */ error = -ENOMEM; @@ -92771,7 +94093,7 @@ index 546db74..650d1b9 100644 } /* -@@ -1543,6 +1681,16 @@ munmap_back: +@@ -1554,6 +1692,16 @@ munmap_back: goto unacct_error; } @@ -92788,7 +94110,7 @@ index 546db74..650d1b9 100644 vma->vm_mm = mm; vma->vm_start = addr; vma->vm_end = addr + len; -@@ -1562,6 +1710,13 @@ munmap_back: +@@ -1573,6 +1721,13 @@ munmap_back: if (error) goto unmap_and_free_vma; @@ -92802,7 +94124,7 @@ index 546db74..650d1b9 100644 /* Can addr have changed?? * * Answer: Yes, several device drivers can do it in their -@@ -1595,6 +1750,12 @@ munmap_back: +@@ -1606,6 +1761,12 @@ munmap_back: } vma_link(mm, vma, prev, rb_link, rb_parent); @@ -92815,7 +94137,7 @@ index 546db74..650d1b9 100644 /* Once vma denies write, undo our temporary denial count */ if (vm_flags & VM_DENYWRITE) allow_write_access(file); -@@ -1603,6 +1764,7 @@ out: +@@ -1614,6 +1775,7 @@ out: perf_event_mmap(vma); vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); @@ -92823,7 +94145,7 @@ index 546db74..650d1b9 100644 if (vm_flags & VM_LOCKED) { if (!((vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm))) -@@ -1635,6 +1797,12 @@ unmap_and_free_vma: +@@ -1646,6 +1808,12 @@ unmap_and_free_vma: unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); charged = 0; free_vma: @@ -92836,7 +94158,7 @@ index 546db74..650d1b9 100644 kmem_cache_free(vm_area_cachep, vma); unacct_error: if (charged) -@@ -1642,7 +1810,63 @@ unacct_error: +@@ -1653,7 +1821,63 @@ unacct_error: return error; } @@ -92901,7 +94223,7 @@ index 546db74..650d1b9 100644 { /* * We implement the search by looking for an rbtree node that -@@ -1690,11 +1914,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) +@@ -1701,11 +1925,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) } } @@ -92932,7 +94254,7 @@ index 546db74..650d1b9 100644 if (gap_end >= low_limit && gap_end - gap_start >= length) goto found; -@@ -1744,7 +1986,7 @@ found: +@@ -1755,7 +1997,7 @@ found: return gap_start; } @@ -92941,7 +94263,7 @@ index 546db74..650d1b9 100644 { struct mm_struct *mm = current->mm; struct vm_area_struct *vma; -@@ -1798,6 +2040,24 @@ check_current: +@@ -1809,6 +2051,24 @@ check_current: gap_end = vma->vm_start; if (gap_end < low_limit) return -ENOMEM; @@ -92966,7 +94288,7 @@ index 546db74..650d1b9 100644 if (gap_start <= high_limit && gap_end - gap_start >= length) goto found; -@@ -1861,6 +2121,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1872,6 +2132,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, struct mm_struct *mm = current->mm; struct vm_area_struct *vma; struct vm_unmapped_area_info info; @@ -92974,7 +94296,7 @@ index 546db74..650d1b9 100644 if (len > TASK_SIZE - mmap_min_addr) return -ENOMEM; -@@ -1868,11 +2129,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1879,11 +2140,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, if (flags & MAP_FIXED) return addr; @@ -92991,7 +94313,7 @@ index 546db74..650d1b9 100644 return addr; } -@@ -1881,6 +2146,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -1892,6 +2157,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, info.low_limit = mm->mmap_base; info.high_limit = TASK_SIZE; info.align_mask = 0; @@ -92999,7 +94321,7 @@ index 546db74..650d1b9 100644 return vm_unmapped_area(&info); } #endif -@@ -1899,6 +2165,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1910,6 +2176,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, struct mm_struct *mm = current->mm; unsigned long addr = addr0; struct vm_unmapped_area_info info; @@ -93007,7 +94329,7 @@ index 546db74..650d1b9 100644 /* requested length too big for entire address space */ if (len > TASK_SIZE - mmap_min_addr) -@@ -1907,12 +2174,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1918,12 +2185,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, if (flags & MAP_FIXED) return addr; @@ -93025,7 +94347,7 @@ index 546db74..650d1b9 100644 return addr; } -@@ -1921,6 +2192,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1932,6 +2203,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.low_limit = max(PAGE_SIZE, mmap_min_addr); info.high_limit = mm->mmap_base; info.align_mask = 0; @@ -93033,7 +94355,7 @@ index 546db74..650d1b9 100644 addr = vm_unmapped_area(&info); /* -@@ -1933,6 +2205,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, +@@ -1944,6 +2216,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, VM_BUG_ON(addr != -ENOMEM); info.flags = 0; info.low_limit = TASK_UNMAPPED_BASE; @@ -93046,7 +94368,7 @@ index 546db74..650d1b9 100644 info.high_limit = TASK_SIZE; addr = vm_unmapped_area(&info); } -@@ -2034,6 +2312,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, +@@ -2045,6 +2323,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, return vma; } @@ -93075,7 +94397,7 @@ index 546db74..650d1b9 100644 /* * Verify that the stack growth is acceptable and * update accounting. This is shared with both the -@@ -2050,6 +2350,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2061,6 +2361,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns return -ENOMEM; /* Stack limit test */ @@ -93083,7 +94405,7 @@ index 546db74..650d1b9 100644 if (size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) return -ENOMEM; -@@ -2060,6 +2361,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2071,6 +2372,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns locked = mm->locked_vm + grow; limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); limit >>= PAGE_SHIFT; @@ -93091,7 +94413,7 @@ index 546db74..650d1b9 100644 if (locked > limit && !capable(CAP_IPC_LOCK)) return -ENOMEM; } -@@ -2089,37 +2391,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns +@@ -2100,37 +2402,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns * PA-RISC uses this for its stack; IA64 for its Register Backing Store. * vma is the last one with address > vma->vm_end. Have to extend vma. */ @@ -93149,7 +94471,7 @@ index 546db74..650d1b9 100644 unsigned long size, grow; size = address - vma->vm_start; -@@ -2154,6 +2467,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) +@@ -2165,6 +2478,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) } } } @@ -93158,7 +94480,7 @@ index 546db74..650d1b9 100644 vma_unlock_anon_vma(vma); khugepaged_enter_vma_merge(vma); validate_mm(vma->vm_mm); -@@ -2168,6 +2483,8 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2179,6 +2494,8 @@ int expand_downwards(struct vm_area_struct *vma, unsigned long address) { int error; @@ -93167,7 +94489,7 @@ index 546db74..650d1b9 100644 /* * We must make sure the anon_vma is allocated -@@ -2181,6 +2498,15 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2192,6 +2509,15 @@ int expand_downwards(struct vm_area_struct *vma, if (error) return error; @@ -93183,7 +94505,7 @@ index 546db74..650d1b9 100644 vma_lock_anon_vma(vma); /* -@@ -2190,9 +2516,17 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2201,9 +2527,17 @@ int expand_downwards(struct vm_area_struct *vma, */ /* Somebody else might have raced and expanded it already */ @@ -93202,7 +94524,7 @@ index 546db74..650d1b9 100644 size = vma->vm_end - address; grow = (vma->vm_start - address) >> PAGE_SHIFT; -@@ -2217,13 +2551,27 @@ int expand_downwards(struct vm_area_struct *vma, +@@ -2228,13 +2562,27 @@ int expand_downwards(struct vm_area_struct *vma, vma->vm_pgoff -= grow; anon_vma_interval_tree_post_update_vma(vma); vma_gap_update(vma); @@ -93230,7 +94552,7 @@ index 546db74..650d1b9 100644 khugepaged_enter_vma_merge(vma); validate_mm(vma->vm_mm); return error; -@@ -2321,6 +2669,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2332,6 +2680,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) do { long nrpages = vma_pages(vma); @@ -93244,7 +94566,7 @@ index 546db74..650d1b9 100644 if (vma->vm_flags & VM_ACCOUNT) nr_accounted += nrpages; vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); -@@ -2365,6 +2720,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2376,6 +2731,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, insertion_point = (prev ? &prev->vm_next : &mm->mmap); vma->vm_prev = NULL; do { @@ -93261,7 +94583,7 @@ index 546db74..650d1b9 100644 vma_rb_erase(vma, &mm->mm_rb); mm->map_count--; tail_vma = vma; -@@ -2390,14 +2755,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, +@@ -2401,14 +2766,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct *new; int err = -ENOMEM; @@ -93295,7 +94617,7 @@ index 546db74..650d1b9 100644 /* most fields are the same, copy all, and then fixup */ *new = *vma; -@@ -2410,6 +2794,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, +@@ -2421,6 +2805,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); } @@ -93318,7 +94640,7 @@ index 546db74..650d1b9 100644 err = vma_dup_policy(vma, new); if (err) goto out_free_vma; -@@ -2429,6 +2829,38 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, +@@ -2440,6 +2840,38 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, else err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); @@ -93357,7 +94679,7 @@ index 546db74..650d1b9 100644 /* Success. */ if (!err) return 0; -@@ -2438,10 +2870,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, +@@ -2449,10 +2881,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, new->vm_ops->close(new); if (new->vm_file) fput(new->vm_file); @@ -93377,7 +94699,7 @@ index 546db74..650d1b9 100644 kmem_cache_free(vm_area_cachep, new); out_err: return err; -@@ -2454,6 +2894,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, +@@ -2465,6 +2905,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, unsigned long addr, int new_below) { @@ -93393,7 +94715,7 @@ index 546db74..650d1b9 100644 if (mm->map_count >= sysctl_max_map_count) return -ENOMEM; -@@ -2465,11 +2914,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2476,11 +2925,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, * work. This now handles partial unmappings. * Jeremy Fitzhardinge <jeremy@goop.org> */ @@ -93424,7 +94746,7 @@ index 546db74..650d1b9 100644 if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) return -EINVAL; -@@ -2544,6 +3012,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) +@@ -2555,6 +3023,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) /* Fix up all other VM information */ remove_vma_list(mm, vma); @@ -93433,7 +94755,7 @@ index 546db74..650d1b9 100644 return 0; } -@@ -2552,6 +3022,13 @@ int vm_munmap(unsigned long start, size_t len) +@@ -2563,6 +3033,13 @@ int vm_munmap(unsigned long start, size_t len) int ret; struct mm_struct *mm = current->mm; @@ -93447,7 +94769,7 @@ index 546db74..650d1b9 100644 down_write(&mm->mmap_sem); ret = do_munmap(mm, start, len); up_write(&mm->mmap_sem); -@@ -2565,16 +3042,6 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) +@@ -2576,16 +3053,6 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) return vm_munmap(addr, len); } @@ -93464,7 +94786,7 @@ index 546db74..650d1b9 100644 /* * this is really a simplified "do_mmap". it only handles * anonymous maps. eventually we may be able to do some -@@ -2588,6 +3055,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2599,6 +3066,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) struct rb_node ** rb_link, * rb_parent; pgoff_t pgoff = addr >> PAGE_SHIFT; int error; @@ -93472,7 +94794,7 @@ index 546db74..650d1b9 100644 len = PAGE_ALIGN(len); if (!len) -@@ -2595,16 +3063,30 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2606,10 +3074,24 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; @@ -93494,17 +94816,10 @@ index 546db74..650d1b9 100644 + charged = len >> PAGE_SHIFT; + - /* - * mlock MCL_FUTURE? - */ - if (mm->def_flags & VM_LOCKED) { - unsigned long locked, lock_limit; -- locked = len >> PAGE_SHIFT; -+ locked = charged; - locked += mm->locked_vm; - lock_limit = rlimit(RLIMIT_MEMLOCK); - lock_limit >>= PAGE_SHIFT; -@@ -2621,21 +3103,20 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) + error = mlock_future_check(mm, mm->def_flags, len); + if (error) + return error; +@@ -2623,21 +3105,20 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) /* * Clear old maps. this also does some error checking for us */ @@ -93529,7 +94844,7 @@ index 546db74..650d1b9 100644 return -ENOMEM; /* Can we just expand an old private anonymous mapping? */ -@@ -2649,7 +3130,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2651,7 +3132,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) */ vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); if (!vma) { @@ -93538,7 +94853,7 @@ index 546db74..650d1b9 100644 return -ENOMEM; } -@@ -2663,10 +3144,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) +@@ -2665,10 +3146,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) vma_link(mm, vma, prev, rb_link, rb_parent); out: perf_event_mmap(vma); @@ -93552,7 +94867,7 @@ index 546db74..650d1b9 100644 return addr; } -@@ -2728,6 +3210,7 @@ void exit_mmap(struct mm_struct *mm) +@@ -2730,6 +3212,7 @@ void exit_mmap(struct mm_struct *mm) while (vma) { if (vma->vm_flags & VM_ACCOUNT) nr_accounted += vma_pages(vma); @@ -93560,7 +94875,7 @@ index 546db74..650d1b9 100644 vma = remove_vma(vma); } vm_unacct_memory(nr_accounted); -@@ -2745,6 +3228,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2747,6 +3230,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) struct vm_area_struct *prev; struct rb_node **rb_link, *rb_parent; @@ -93574,7 +94889,7 @@ index 546db74..650d1b9 100644 /* * The vm_pgoff of a purely anonymous vma should be irrelevant * until its first write fault, when page's anon_vma and index -@@ -2768,7 +3258,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) +@@ -2770,7 +3260,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) security_vm_enough_memory_mm(mm, vma_pages(vma))) return -ENOMEM; @@ -93596,7 +94911,7 @@ index 546db74..650d1b9 100644 return 0; } -@@ -2787,6 +3291,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, +@@ -2789,6 +3293,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, struct rb_node **rb_link, *rb_parent; bool faulted_in_anon_vma = true; @@ -93605,7 +94920,7 @@ index 546db74..650d1b9 100644 /* * If anonymous vma has not yet been faulted, update new pgoff * to match new location, to increase its chance of merging. -@@ -2851,6 +3357,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, +@@ -2853,6 +3359,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, return NULL; } @@ -93645,7 +94960,7 @@ index 546db74..650d1b9 100644 /* * Return true if the calling process may expand its vm space by the passed * number of pages -@@ -2862,6 +3401,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) +@@ -2864,6 +3403,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; @@ -93653,7 +94968,7 @@ index 546db74..650d1b9 100644 if (cur + npages > lim) return 0; return 1; -@@ -2932,6 +3472,22 @@ int install_special_mapping(struct mm_struct *mm, +@@ -2934,6 +3474,22 @@ int install_special_mapping(struct mm_struct *mm, vma->vm_start = addr; vma->vm_end = addr + len; @@ -93677,13 +94992,13 @@ index 546db74..650d1b9 100644 vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); diff --git a/mm/mprotect.c b/mm/mprotect.c -index bb53a65..249c052 100644 +index 769a67a..414d24f 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c -@@ -23,10 +23,18 @@ - #include <linux/mmu_notifier.h> +@@ -24,10 +24,18 @@ #include <linux/migrate.h> #include <linux/perf_event.h> + #include <linux/ksm.h> +#include <linux/sched/sysctl.h> + +#ifdef CONFIG_PAX_MPROTECT @@ -93699,7 +95014,7 @@ index bb53a65..249c052 100644 #ifndef pgprot_modify static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot) -@@ -222,6 +230,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, +@@ -214,6 +222,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, return pages; } @@ -93748,7 +95063,7 @@ index bb53a65..249c052 100644 int mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, unsigned long start, unsigned long end, unsigned long newflags) -@@ -234,11 +284,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, +@@ -226,11 +276,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, int error; int dirty_accountable = 0; @@ -93778,7 +95093,7 @@ index bb53a65..249c052 100644 /* * If we make a private mapping writable we increase our commit; * but (without finer accounting) cannot reduce our commit if we -@@ -255,6 +323,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, +@@ -247,6 +315,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, } } @@ -93821,7 +95136,7 @@ index bb53a65..249c052 100644 /* * First try to merge with previous and/or next vma. */ -@@ -285,9 +389,21 @@ success: +@@ -277,9 +381,21 @@ success: * vm_flags and vm_page_prot are protected by the mmap_sem * held in write mode. */ @@ -93844,7 +95159,7 @@ index bb53a65..249c052 100644 if (vma_wants_writenotify(vma)) { vma->vm_page_prot = vm_get_page_prot(newflags & ~VM_SHARED); -@@ -326,6 +442,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -318,6 +434,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, end = start + len; if (end <= start) return -ENOMEM; @@ -93862,7 +95177,7 @@ index bb53a65..249c052 100644 if (!arch_validate_prot(prot)) return -EINVAL; -@@ -333,7 +460,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -325,7 +452,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, /* * Does the application expect PROT_READ to imply PROT_EXEC: */ @@ -93871,7 +95186,7 @@ index bb53a65..249c052 100644 prot |= PROT_EXEC; vm_flags = calc_vm_prot_bits(prot); -@@ -365,6 +492,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -357,6 +484,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, if (start > vma->vm_start) prev = vma; @@ -93883,7 +95198,7 @@ index bb53a65..249c052 100644 for (nstart = start ; ; ) { unsigned long newflags; -@@ -375,6 +507,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -367,6 +499,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, /* newflags >> 4 shift VM_MAY% in place of VM_% */ if ((newflags & ~(newflags >> 4)) & (VM_READ | VM_WRITE | VM_EXEC)) { @@ -93898,7 +95213,7 @@ index bb53a65..249c052 100644 error = -EACCES; goto out; } -@@ -389,6 +529,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -381,6 +521,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); if (error) goto out; @@ -93909,7 +95224,7 @@ index bb53a65..249c052 100644 if (nstart < prev->vm_end) diff --git a/mm/mremap.c b/mm/mremap.c -index 0843feb..4f5b2e6 100644 +index 0843feb..c3cde48 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -144,6 +144,12 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd, @@ -93925,7 +95240,26 @@ index 0843feb..4f5b2e6 100644 pte = move_soft_dirty_pte(pte); set_pte_at(mm, new_addr, new_pte, pte); } -@@ -337,6 +343,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr, +@@ -194,10 +200,17 @@ unsigned long move_page_tables(struct vm_area_struct *vma, + break; + if (pmd_trans_huge(*old_pmd)) { + int err = 0; +- if (extent == HPAGE_PMD_SIZE) ++ if (extent == HPAGE_PMD_SIZE) { ++ VM_BUG_ON(vma->vm_file || !vma->anon_vma); ++ /* See comment in move_ptes() */ ++ if (need_rmap_locks) ++ anon_vma_lock_write(vma->anon_vma); + err = move_huge_pmd(vma, new_vma, old_addr, + new_addr, old_end, + old_pmd, new_pmd); ++ if (need_rmap_locks) ++ anon_vma_unlock_write(vma->anon_vma); ++ } + if (err > 0) { + need_flush = true; + continue; +@@ -337,6 +350,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr, if (is_vm_hugetlb_page(vma)) goto Einval; @@ -93937,7 +95271,7 @@ index 0843feb..4f5b2e6 100644 /* We can't remap across vm area boundaries */ if (old_len > vma->vm_end - addr) goto Efault; -@@ -392,20 +403,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, +@@ -392,20 +410,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, unsigned long ret = -EINVAL; unsigned long charged = 0; unsigned long map_flags; @@ -93968,7 +95302,7 @@ index 0843feb..4f5b2e6 100644 goto out; ret = do_munmap(mm, new_addr, new_len); -@@ -474,6 +490,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -474,6 +497,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, unsigned long ret = -EINVAL; unsigned long charged = 0; bool locked = false; @@ -93976,7 +95310,7 @@ index 0843feb..4f5b2e6 100644 if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE)) return ret; -@@ -495,6 +512,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -495,6 +519,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, if (!new_len) return ret; @@ -93994,7 +95328,7 @@ index 0843feb..4f5b2e6 100644 down_write(¤t->mm->mmap_sem); if (flags & MREMAP_FIXED) { -@@ -545,6 +573,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -545,6 +580,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, new_addr = addr; } ret = addr; @@ -94002,7 +95336,7 @@ index 0843feb..4f5b2e6 100644 goto out; } } -@@ -568,7 +597,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, +@@ -568,7 +604,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, goto out; } @@ -94016,10 +95350,10 @@ index 0843feb..4f5b2e6 100644 out: if (ret & ~PAGE_MASK) diff --git a/mm/nommu.c b/mm/nommu.c -index fec093a..8162f74 100644 +index 8740213..f87e25b 100644 --- a/mm/nommu.c +++ b/mm/nommu.c -@@ -64,7 +64,6 @@ int sysctl_max_map_count = DEFAULT_MAX_MAP_COUNT; +@@ -65,7 +65,6 @@ int sysctl_max_map_count = DEFAULT_MAX_MAP_COUNT; int sysctl_nr_trim_pages = CONFIG_NOMMU_INITIAL_TRIM_EXCESS; unsigned long sysctl_user_reserve_kbytes __read_mostly = 1UL << 17; /* 128MB */ unsigned long sysctl_admin_reserve_kbytes __read_mostly = 1UL << 13; /* 8MB */ @@ -94027,7 +95361,7 @@ index fec093a..8162f74 100644 atomic_long_t mmap_pages_allocated; -@@ -844,15 +843,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) +@@ -845,15 +844,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) EXPORT_SYMBOL(find_vma); /* @@ -94043,7 +95377,7 @@ index fec093a..8162f74 100644 * expand a stack to a given address * - not supported under NOMMU conditions */ -@@ -1563,6 +1553,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -1564,6 +1554,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, /* most fields are the same, copy all, and then fixup */ *new = *vma; @@ -94051,7 +95385,7 @@ index fec093a..8162f74 100644 *region = *vma->vm_region; new->vm_region = region; -@@ -1992,8 +1983,8 @@ int generic_file_remap_pages(struct vm_area_struct *vma, unsigned long addr, +@@ -1993,8 +1984,8 @@ int generic_file_remap_pages(struct vm_area_struct *vma, unsigned long addr, } EXPORT_SYMBOL(generic_file_remap_pages); @@ -94062,7 +95396,7 @@ index fec093a..8162f74 100644 { struct vm_area_struct *vma; -@@ -2034,8 +2025,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, +@@ -2035,8 +2026,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, * * The caller must hold a reference on @mm. */ @@ -94073,7 +95407,7 @@ index fec093a..8162f74 100644 { return __access_remote_vm(NULL, mm, addr, buf, len, write); } -@@ -2044,7 +2035,7 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, +@@ -2045,7 +2036,7 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, * Access another process' address space. * - source/target buffer must be kernel space */ @@ -94096,7 +95430,7 @@ index 7106cb1..0805f48 100644 unsigned long bg_thresh, unsigned long dirty, diff --git a/mm/page_alloc.c b/mm/page_alloc.c -index 56f268d..4d35ec4 100644 +index 7387a67..67105e4 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -61,6 +61,7 @@ @@ -94116,7 +95450,7 @@ index 56f268d..4d35ec4 100644 { __free_pages_ok(page, compound_order(page)); } -@@ -712,6 +713,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -728,6 +729,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) int i; int bad = 0; @@ -94127,7 +95461,7 @@ index 56f268d..4d35ec4 100644 trace_mm_page_free(page, order); kmemcheck_free_shadow(page, order); -@@ -728,6 +733,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -744,6 +749,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) debug_check_no_obj_freed(page_address(page), PAGE_SIZE << order); } @@ -94140,7 +95474,7 @@ index 56f268d..4d35ec4 100644 arch_free_page(page, order); kernel_map_pages(page, 1 << order, 0); -@@ -750,6 +761,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) +@@ -766,6 +777,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) local_irq_restore(flags); } @@ -94161,7 +95495,7 @@ index 56f268d..4d35ec4 100644 void __init __free_pages_bootmem(struct page *page, unsigned int order) { unsigned int nr_pages = 1 << order; -@@ -765,6 +790,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order) +@@ -781,6 +806,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order) __ClearPageReserved(p); set_page_count(p, 0); @@ -94181,7 +95515,7 @@ index 56f268d..4d35ec4 100644 page_zone(page)->managed_pages += nr_pages; set_page_refcounted(page); __free_pages(page, order); -@@ -870,8 +908,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) +@@ -897,8 +935,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) arch_alloc_page(page, order); kernel_map_pages(page, 1 << order, 1); @@ -94192,8 +95526,23 @@ index 56f268d..4d35ec4 100644 if (order && (gfp_flags & __GFP_COMP)) prep_compound_page(page, order); +@@ -2401,7 +2441,7 @@ static void reset_alloc_batches(struct zonelist *zonelist, + continue; + mod_zone_page_state(zone, NR_ALLOC_BATCH, + high_wmark_pages(zone) - low_wmark_pages(zone) - +- atomic_long_read(&zone->vm_stat[NR_ALLOC_BATCH])); ++ atomic_long_read_unchecked(&zone->vm_stat[NR_ALLOC_BATCH])); + } + } + +@@ -6565,4 +6605,4 @@ void dump_page(struct page *page, char *reason) + { + dump_page_badflags(page, reason, 0); + } +-EXPORT_SYMBOL_GPL(dump_page); ++EXPORT_SYMBOL(dump_page); diff --git a/mm/page_io.c b/mm/page_io.c -index 8c79a47..a689e0d 100644 +index 7c59ef6..1358905 100644 --- a/mm/page_io.c +++ b/mm/page_io.c @@ -260,7 +260,7 @@ int __swap_writepage(struct page *page, struct writeback_control *wbc, @@ -94206,7 +95555,7 @@ index 8c79a47..a689e0d 100644 }; diff --git a/mm/percpu.c b/mm/percpu.c -index 0d10def..6dc822d 100644 +index 036cfe0..980d0fa 100644 --- a/mm/percpu.c +++ b/mm/percpu.c @@ -122,7 +122,7 @@ static unsigned int pcpu_low_unit_cpu __read_mostly; @@ -94270,7 +95619,7 @@ index fd26d04..0cea1b0 100644 if (!mm || IS_ERR(mm)) { rc = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH; diff --git a/mm/rmap.c b/mm/rmap.c -index 068522d..f539f21 100644 +index d3cbac5..0788da4 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -163,6 +163,10 @@ int anon_vma_prepare(struct vm_area_struct *vma) @@ -94373,7 +95722,7 @@ index 068522d..f539f21 100644 /* diff --git a/mm/shmem.c b/mm/shmem.c -index 902a148..58f9d59 100644 +index 1f18c9d..3e03d33 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -33,7 +33,7 @@ @@ -94394,7 +95743,7 @@ index 902a148..58f9d59 100644 /* * shmem_fallocate and shmem_writepage communicate via inode->i_private -@@ -2232,6 +2232,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = { +@@ -2218,6 +2218,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = { static int shmem_xattr_validate(const char *name) { struct { const char *prefix; size_t len; } arr[] = { @@ -94406,7 +95755,7 @@ index 902a148..58f9d59 100644 { XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN }, { XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN } }; -@@ -2287,6 +2292,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name, +@@ -2273,6 +2278,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name, if (err) return err; @@ -94422,7 +95771,7 @@ index 902a148..58f9d59 100644 return simple_xattr_set(&info->xattrs, name, value, size, flags); } -@@ -2599,8 +2613,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent) +@@ -2585,8 +2599,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent) int err = -ENOMEM; /* Round up to L1_CACHE_BYTES to resist false sharing */ @@ -94433,7 +95782,7 @@ index 902a148..58f9d59 100644 return -ENOMEM; diff --git a/mm/slab.c b/mm/slab.c -index eb043bf..d82f5a8 100644 +index b264214..83872cd 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -300,10 +300,12 @@ static void kmem_cache_node_init(struct kmem_cache_node *parent) @@ -94615,7 +95964,7 @@ index eb043bf..d82f5a8 100644 * ksize - get the actual amount of memory allocated for a given object * @objp: Pointer to the object diff --git a/mm/slab.h b/mm/slab.h -index 0859c42..2f7b737 100644 +index 8184a7c..ab27737 100644 --- a/mm/slab.h +++ b/mm/slab.h @@ -32,6 +32,15 @@ extern struct list_head slab_caches; @@ -94644,7 +95993,7 @@ index 0859c42..2f7b737 100644 #if defined(CONFIG_DEBUG_SLAB) #define SLAB_DEBUG_FLAGS (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER) -@@ -233,6 +243,9 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) +@@ -257,6 +267,9 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) return s; page = virt_to_head_page(x); @@ -94655,7 +96004,7 @@ index 0859c42..2f7b737 100644 if (slab_equal_or_root(cachep, s)) return cachep; diff --git a/mm/slab_common.c b/mm/slab_common.c -index 0b7bb39..334c328 100644 +index 1ec3c61..2067c11 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -23,11 +23,22 @@ @@ -94682,16 +96031,16 @@ index 0b7bb39..334c328 100644 #ifdef CONFIG_DEBUG_VM static int kmem_cache_sanity_check(struct mem_cgroup *memcg, const char *name, size_t size) -@@ -212,7 +223,7 @@ kmem_cache_create_memcg(struct mem_cgroup *memcg, const char *name, size_t size, +@@ -225,7 +236,7 @@ kmem_cache_create_memcg(struct mem_cgroup *memcg, const char *name, size_t size, + if (err) + goto out_free_cache; - err = __kmem_cache_create(s, flags); - if (!err) { -- s->refcount = 1; -+ atomic_set(&s->refcount, 1); - list_add(&s->list, &slab_caches); - memcg_cache_list_add(memcg, s); - } else { -@@ -258,8 +269,7 @@ void kmem_cache_destroy(struct kmem_cache *s) +- s->refcount = 1; ++ atomic_set(&s->refcount, 1); + list_add(&s->list, &slab_caches); + memcg_register_cache(s); + +@@ -278,8 +289,7 @@ void kmem_cache_destroy(struct kmem_cache *s) get_online_cpus(); mutex_lock(&slab_mutex); @@ -94701,7 +96050,7 @@ index 0b7bb39..334c328 100644 list_del(&s->list); if (!__kmem_cache_shutdown(s)) { -@@ -305,7 +315,7 @@ void __init create_boot_cache(struct kmem_cache *s, const char *name, size_t siz +@@ -326,7 +336,7 @@ void __init create_boot_cache(struct kmem_cache *s, const char *name, size_t siz panic("Creation of kmalloc slab %s size=%zu failed. Reason %d\n", name, size, err); @@ -94710,7 +96059,7 @@ index 0b7bb39..334c328 100644 } struct kmem_cache *__init create_kmalloc_cache(const char *name, size_t size, -@@ -318,7 +328,7 @@ struct kmem_cache *__init create_kmalloc_cache(const char *name, size_t size, +@@ -339,7 +349,7 @@ struct kmem_cache *__init create_kmalloc_cache(const char *name, size_t size, create_boot_cache(s, name, size, flags); list_add(&s->list, &slab_caches); @@ -94719,7 +96068,7 @@ index 0b7bb39..334c328 100644 return s; } -@@ -330,6 +340,11 @@ struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; +@@ -351,6 +361,11 @@ struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; EXPORT_SYMBOL(kmalloc_dma_caches); #endif @@ -94731,7 +96080,7 @@ index 0b7bb39..334c328 100644 /* * Conversion table for small slabs sizes / 8 to the index in the * kmalloc array. This is necessary for slabs < 192 since we have non power -@@ -394,6 +409,13 @@ struct kmem_cache *kmalloc_slab(size_t size, gfp_t flags) +@@ -415,6 +430,13 @@ struct kmem_cache *kmalloc_slab(size_t size, gfp_t flags) return kmalloc_dma_caches[index]; #endif @@ -94745,7 +96094,7 @@ index 0b7bb39..334c328 100644 return kmalloc_caches[index]; } -@@ -450,7 +472,7 @@ void __init create_kmalloc_caches(unsigned long flags) +@@ -471,7 +493,7 @@ void __init create_kmalloc_caches(unsigned long flags) for (i = KMALLOC_SHIFT_LOW; i <= KMALLOC_SHIFT_HIGH; i++) { if (!kmalloc_caches[i]) { kmalloc_caches[i] = create_kmalloc_cache(NULL, @@ -94754,7 +96103,7 @@ index 0b7bb39..334c328 100644 } /* -@@ -459,10 +481,10 @@ void __init create_kmalloc_caches(unsigned long flags) +@@ -480,10 +502,10 @@ void __init create_kmalloc_caches(unsigned long flags) * earlier power of two caches */ if (KMALLOC_MIN_SIZE <= 32 && !kmalloc_caches[1] && i == 6) @@ -94767,7 +96116,7 @@ index 0b7bb39..334c328 100644 } /* Kmalloc array is now usable */ -@@ -495,6 +517,23 @@ void __init create_kmalloc_caches(unsigned long flags) +@@ -516,6 +538,23 @@ void __init create_kmalloc_caches(unsigned long flags) } } #endif @@ -94791,7 +96140,7 @@ index 0b7bb39..334c328 100644 } #endif /* !CONFIG_SLOB */ -@@ -535,6 +574,9 @@ void print_slabinfo_header(struct seq_file *m) +@@ -556,6 +595,9 @@ void print_slabinfo_header(struct seq_file *m) seq_puts(m, " : globalstat <listallocs> <maxobjs> <grown> <reaped> " "<error> <maxfreeable> <nodeallocs> <remotefrees> <alienoverflow>"); seq_puts(m, " : cpustat <allochit> <allocmiss> <freehit> <freemiss>"); @@ -95173,7 +96522,7 @@ index 4bf8809..98a6914 100644 EXPORT_SYMBOL(kmem_cache_free); diff --git a/mm/slub.c b/mm/slub.c -index 89490d9..c7b226a 100644 +index 25f14ad..c904f6f 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -207,7 +207,7 @@ struct track { @@ -95185,7 +96534,7 @@ index 89490d9..c7b226a 100644 static int sysfs_slab_add(struct kmem_cache *); static int sysfs_slab_alias(struct kmem_cache *, const char *); static void sysfs_slab_remove(struct kmem_cache *); -@@ -530,7 +530,7 @@ static void print_track(const char *s, struct track *t) +@@ -545,7 +545,7 @@ static void print_track(const char *s, struct track *t) if (!t->addr) return; @@ -95194,7 +96543,7 @@ index 89490d9..c7b226a 100644 s, (void *)t->addr, jiffies - t->when, t->cpu, t->pid); #ifdef CONFIG_STACKTRACE { -@@ -2643,6 +2643,14 @@ static __always_inline void slab_free(struct kmem_cache *s, +@@ -2666,6 +2666,14 @@ static __always_inline void slab_free(struct kmem_cache *s, slab_free_hook(s, x); @@ -95209,7 +96558,7 @@ index 89490d9..c7b226a 100644 redo: /* * Determine the currently cpus per cpu slab. -@@ -2710,7 +2718,7 @@ static int slub_min_objects; +@@ -2733,7 +2741,7 @@ static int slub_min_objects; * Merge control. If this is set then no merging of slab caches will occur. * (Could be removed. This was introduced to pacify the merge skeptics.) */ @@ -95218,7 +96567,7 @@ index 89490d9..c7b226a 100644 /* * Calculate the order of allocation given an slab object size. -@@ -2987,6 +2995,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) +@@ -3014,6 +3022,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) s->inuse = size; if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) || @@ -95228,7 +96577,7 @@ index 89490d9..c7b226a 100644 s->ctor)) { /* * Relocate free pointer after the object if it is not -@@ -3332,6 +3343,59 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) +@@ -3359,6 +3370,59 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) EXPORT_SYMBOL(__kmalloc_node); #endif @@ -95288,7 +96637,7 @@ index 89490d9..c7b226a 100644 size_t ksize(const void *object) { struct page *page; -@@ -3360,6 +3424,7 @@ void kfree(const void *x) +@@ -3387,6 +3451,7 @@ void kfree(const void *x) if (unlikely(ZERO_OR_NULL_PTR(x))) return; @@ -95296,7 +96645,7 @@ index 89490d9..c7b226a 100644 page = virt_to_head_page(x); if (unlikely(!PageSlab(page))) { BUG_ON(!PageCompound(page)); -@@ -3665,7 +3730,7 @@ static int slab_unmergeable(struct kmem_cache *s) +@@ -3692,7 +3757,7 @@ static int slab_unmergeable(struct kmem_cache *s) /* * We may have set a slab to be unmergeable during bootstrap. */ @@ -95305,7 +96654,7 @@ index 89490d9..c7b226a 100644 return 1; return 0; -@@ -3723,7 +3788,7 @@ __kmem_cache_alias(struct mem_cgroup *memcg, const char *name, size_t size, +@@ -3750,7 +3815,7 @@ __kmem_cache_alias(struct mem_cgroup *memcg, const char *name, size_t size, s = find_mergeable(memcg, size, align, flags, name, ctor); if (s) { @@ -95314,7 +96663,7 @@ index 89490d9..c7b226a 100644 /* * Adjust the object sizes so that we clear * the complete object on kzalloc. -@@ -3732,7 +3797,7 @@ __kmem_cache_alias(struct mem_cgroup *memcg, const char *name, size_t size, +@@ -3759,7 +3824,7 @@ __kmem_cache_alias(struct mem_cgroup *memcg, const char *name, size_t size, s->inuse = max_t(int, s->inuse, ALIGN(size, sizeof(void *))); if (sysfs_slab_alias(s, name)) { @@ -95323,7 +96672,7 @@ index 89490d9..c7b226a 100644 s = NULL; } } -@@ -3852,7 +3917,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, +@@ -3879,7 +3944,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, } #endif @@ -95332,7 +96681,19 @@ index 89490d9..c7b226a 100644 static int count_inuse(struct page *page) { return page->inuse; -@@ -4241,12 +4306,12 @@ static void resiliency_test(void) +@@ -4163,7 +4228,11 @@ static int list_locations(struct kmem_cache *s, char *buf, + len += sprintf(buf + len, "%7ld ", l->count); + + if (l->addr) ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ len += sprintf(buf + len, "%pS", NULL); ++#else + len += sprintf(buf + len, "%pS", (void *)l->addr); ++#endif + else + len += sprintf(buf + len, "<not-available>"); + +@@ -4268,12 +4337,12 @@ static void resiliency_test(void) validate_slab_cache(kmalloc_caches[9]); } #else @@ -95347,7 +96708,17 @@ index 89490d9..c7b226a 100644 enum slab_stat_type { SL_ALL, /* All slabs */ SL_PARTIAL, /* Only partially allocated slabs */ -@@ -4492,7 +4557,7 @@ SLAB_ATTR_RO(ctor); +@@ -4513,13 +4582,17 @@ static ssize_t ctor_show(struct kmem_cache *s, char *buf) + { + if (!s->ctor) + return 0; ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ return sprintf(buf, "%pS\n", NULL); ++#else + return sprintf(buf, "%pS\n", s->ctor); ++#endif + } + SLAB_ATTR_RO(ctor); static ssize_t aliases_show(struct kmem_cache *s, char *buf) { @@ -95356,7 +96727,7 @@ index 89490d9..c7b226a 100644 } SLAB_ATTR_RO(aliases); -@@ -4580,6 +4645,14 @@ static ssize_t cache_dma_show(struct kmem_cache *s, char *buf) +@@ -4607,6 +4680,14 @@ static ssize_t cache_dma_show(struct kmem_cache *s, char *buf) SLAB_ATTR_RO(cache_dma); #endif @@ -95371,7 +96742,7 @@ index 89490d9..c7b226a 100644 static ssize_t destroy_by_rcu_show(struct kmem_cache *s, char *buf) { return sprintf(buf, "%d\n", !!(s->flags & SLAB_DESTROY_BY_RCU)); -@@ -4914,6 +4987,9 @@ static struct attribute *slab_attrs[] = { +@@ -4941,6 +5022,9 @@ static struct attribute *slab_attrs[] = { #ifdef CONFIG_ZONE_DMA &cache_dma_attr.attr, #endif @@ -95381,7 +96752,7 @@ index 89490d9..c7b226a 100644 #ifdef CONFIG_NUMA &remote_node_defrag_ratio_attr.attr, #endif -@@ -5146,6 +5222,7 @@ static char *create_unique_id(struct kmem_cache *s) +@@ -5173,6 +5257,7 @@ static char *create_unique_id(struct kmem_cache *s) return name; } @@ -95389,16 +96760,7 @@ index 89490d9..c7b226a 100644 static int sysfs_slab_add(struct kmem_cache *s) { int err; -@@ -5169,7 +5246,7 @@ static int sysfs_slab_add(struct kmem_cache *s) - } - - s->kobj.kset = slab_kset; -- err = kobject_init_and_add(&s->kobj, &slab_ktype, NULL, name); -+ err = kobject_init_and_add(&s->kobj, &slab_ktype, NULL, "%s", name); - if (err) { - kobject_put(&s->kobj); - return err; -@@ -5203,6 +5280,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) +@@ -5230,6 +5315,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) kobject_del(&s->kobj); kobject_put(&s->kobj); } @@ -95406,7 +96768,7 @@ index 89490d9..c7b226a 100644 /* * Need to buffer aliases during bootup until sysfs becomes -@@ -5216,6 +5294,7 @@ struct saved_alias { +@@ -5243,6 +5329,7 @@ struct saved_alias { static struct saved_alias *alias_list; @@ -95414,7 +96776,7 @@ index 89490d9..c7b226a 100644 static int sysfs_slab_alias(struct kmem_cache *s, const char *name) { struct saved_alias *al; -@@ -5238,6 +5317,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) +@@ -5265,6 +5352,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) alias_list = al; return 0; } @@ -95423,10 +96785,10 @@ index 89490d9..c7b226a 100644 static int __init slab_sysfs_init(void) { diff --git a/mm/sparse-vmemmap.c b/mm/sparse-vmemmap.c -index 27eeab3..7c3f7f2 100644 +index 4cba9c2..b4f9fcc 100644 --- a/mm/sparse-vmemmap.c +++ b/mm/sparse-vmemmap.c -@@ -130,7 +130,7 @@ pud_t * __meminit vmemmap_pud_populate(pgd_t *pgd, unsigned long addr, int node) +@@ -131,7 +131,7 @@ pud_t * __meminit vmemmap_pud_populate(pgd_t *pgd, unsigned long addr, int node) void *p = vmemmap_alloc_block(PAGE_SIZE, node); if (!p) return NULL; @@ -95435,7 +96797,7 @@ index 27eeab3..7c3f7f2 100644 } return pud; } -@@ -142,7 +142,7 @@ pgd_t * __meminit vmemmap_pgd_populate(unsigned long addr, int node) +@@ -143,7 +143,7 @@ pgd_t * __meminit vmemmap_pgd_populate(unsigned long addr, int node) void *p = vmemmap_alloc_block(PAGE_SIZE, node); if (!p) return NULL; @@ -95445,10 +96807,10 @@ index 27eeab3..7c3f7f2 100644 return pgd; } diff --git a/mm/sparse.c b/mm/sparse.c -index 8cc7be0..d0f7d7a 100644 +index 63c3ea5..95c0858 100644 --- a/mm/sparse.c +++ b/mm/sparse.c -@@ -745,7 +745,7 @@ static void clear_hwpoisoned_pages(struct page *memmap, int nr_pages) +@@ -748,7 +748,7 @@ static void clear_hwpoisoned_pages(struct page *memmap, int nr_pages) for (i = 0; i < PAGES_PER_SECTION; i++) { if (PageHWPoison(&memmap[i])) { @@ -95458,10 +96820,18 @@ index 8cc7be0..d0f7d7a 100644 } } diff --git a/mm/swap.c b/mm/swap.c -index 84b26aa..ce39899 100644 +index 0092097..33361ff 100644 --- a/mm/swap.c +++ b/mm/swap.c -@@ -77,6 +77,8 @@ static void __put_compound_page(struct page *page) +@@ -31,6 +31,7 @@ + #include <linux/memcontrol.h> + #include <linux/gfp.h> + #include <linux/uio.h> ++#include <linux/hugetlb.h> + + #include "internal.h" + +@@ -76,6 +77,8 @@ static void __put_compound_page(struct page *page) __page_cache_release(page); dtor = get_compound_page_dtor(page); @@ -95471,7 +96841,7 @@ index 84b26aa..ce39899 100644 } diff --git a/mm/swapfile.c b/mm/swapfile.c -index 461fce2..363ae44 100644 +index 4a7f7e6..22cddf5 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c @@ -66,7 +66,7 @@ static DEFINE_MUTEX(swapon_mutex); @@ -95483,7 +96853,7 @@ index 461fce2..363ae44 100644 static inline unsigned char swap_count(unsigned char ent) { -@@ -1958,7 +1958,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) +@@ -1959,7 +1959,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) spin_unlock(&swap_lock); err = 0; @@ -95492,7 +96862,7 @@ index 461fce2..363ae44 100644 wake_up_interruptible(&proc_poll_wait); out_dput: -@@ -1975,8 +1975,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait) +@@ -1976,8 +1976,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait) poll_wait(file, &proc_poll_wait, wait); @@ -95503,7 +96873,7 @@ index 461fce2..363ae44 100644 return POLLIN | POLLRDNORM | POLLERR | POLLPRI; } -@@ -2074,7 +2074,7 @@ static int swaps_open(struct inode *inode, struct file *file) +@@ -2075,7 +2075,7 @@ static int swaps_open(struct inode *inode, struct file *file) return ret; seq = file->private_data; @@ -95512,7 +96882,7 @@ index 461fce2..363ae44 100644 return 0; } -@@ -2533,7 +2533,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags) +@@ -2534,7 +2534,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags) (frontswap_map) ? "FS" : ""); mutex_unlock(&swapon_mutex); @@ -95522,7 +96892,7 @@ index 461fce2..363ae44 100644 if (S_ISREG(inode->i_mode)) diff --git a/mm/util.c b/mm/util.c -index 808f375..e4764b5 100644 +index a24aa22..a0d41ae 100644 --- a/mm/util.c +++ b/mm/util.c @@ -297,6 +297,12 @@ done: @@ -95539,7 +96909,7 @@ index 808f375..e4764b5 100644 } #endif diff --git a/mm/vmalloc.c b/mm/vmalloc.c -index 0fdf968..d6686e8 100644 +index 0fdf968..2183ba3 100644 --- a/mm/vmalloc.c +++ b/mm/vmalloc.c @@ -59,8 +59,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) @@ -95685,7 +97055,20 @@ index 0fdf968..d6686e8 100644 area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNINITIALIZED, start, end, node, gfp_mask, caller); if (!area) -@@ -1810,10 +1868,9 @@ EXPORT_SYMBOL(vzalloc_node); +@@ -1701,6 +1759,12 @@ static inline void *__vmalloc_node_flags(unsigned long size, + node, __builtin_return_address(0)); + } + ++void *vmalloc_stack(int node) ++{ ++ return __vmalloc_node(THREAD_SIZE, THREAD_SIZE, THREADINFO_GFP, PAGE_KERNEL, ++ node, __builtin_return_address(0)); ++} ++ + /** + * vmalloc - allocate virtually contiguous memory + * @size: allocation size +@@ -1810,10 +1874,9 @@ EXPORT_SYMBOL(vzalloc_node); * For tight control over page level allocator and protection flags * use __vmalloc() instead. */ @@ -95697,7 +97080,7 @@ index 0fdf968..d6686e8 100644 NUMA_NO_NODE, __builtin_return_address(0)); } -@@ -2120,6 +2177,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, +@@ -2120,6 +2183,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, { struct vm_struct *area; @@ -95706,7 +97089,7 @@ index 0fdf968..d6686e8 100644 size = PAGE_ALIGN(size); if (!PAGE_ALIGNED(uaddr) || !PAGE_ALIGNED(kaddr)) -@@ -2602,7 +2661,11 @@ static int s_show(struct seq_file *m, void *p) +@@ -2602,7 +2667,11 @@ static int s_show(struct seq_file *m, void *p) v->addr, v->addr + v->size, v->size); if (v->caller) @@ -95719,7 +97102,7 @@ index 0fdf968..d6686e8 100644 if (v->nr_pages) seq_printf(m, " pages=%d", v->nr_pages); diff --git a/mm/vmstat.c b/mm/vmstat.c -index 7249614..2639fc7 100644 +index def5dd2..4ce55cec 100644 --- a/mm/vmstat.c +++ b/mm/vmstat.c @@ -20,6 +20,7 @@ @@ -95777,7 +97160,7 @@ index 7249614..2639fc7 100644 } } #endif -@@ -1148,10 +1149,22 @@ static void *vmstat_start(struct seq_file *m, loff_t *pos) +@@ -1150,10 +1151,22 @@ static void *vmstat_start(struct seq_file *m, loff_t *pos) stat_items_size += sizeof(struct vm_event_state); #endif @@ -95801,7 +97184,7 @@ index 7249614..2639fc7 100644 for (i = 0; i < NR_VM_ZONE_STAT_ITEMS; i++) v[i] = global_page_state(i); v += NR_VM_ZONE_STAT_ITEMS; -@@ -1300,10 +1313,16 @@ static int __init setup_vmstat(void) +@@ -1302,10 +1315,16 @@ static int __init setup_vmstat(void) put_online_cpus(); #endif #ifdef CONFIG_PROC_FS @@ -95823,10 +97206,10 @@ index 7249614..2639fc7 100644 return 0; } diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c -index b3d17d1..e8e4cdd 100644 +index 44ebd5c..1f732bae 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c -@@ -472,7 +472,7 @@ out: +@@ -475,7 +475,7 @@ out: return NOTIFY_DONE; } @@ -95835,7 +97218,7 @@ index b3d17d1..e8e4cdd 100644 .notifier_call = vlan_device_event, }; -@@ -547,8 +547,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) +@@ -550,8 +550,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) err = -EPERM; if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) break; @@ -95846,7 +97229,7 @@ index b3d17d1..e8e4cdd 100644 vn = net_generic(net, vlan_net_id); diff --git a/net/9p/client.c b/net/9p/client.c -index ee8fd6b..0469d50 100644 +index 9186550..e604a2f 100644 --- a/net/9p/client.c +++ b/net/9p/client.c @@ -588,7 +588,7 @@ static int p9_check_zc_errors(struct p9_client *c, struct p9_req_t *req, @@ -95858,7 +97241,7 @@ index ee8fd6b..0469d50 100644 if (err) { err = -EFAULT; goto out_err; -@@ -1563,7 +1563,7 @@ p9_client_read(struct p9_fid *fid, char *data, char __user *udata, u64 offset, +@@ -1560,7 +1560,7 @@ p9_client_read(struct p9_fid *fid, char *data, char __user *udata, u64 offset, kernel_buf = 1; indata = data; } else @@ -95867,7 +97250,7 @@ index ee8fd6b..0469d50 100644 /* * response header len is 11 * PDU Header(7) + IO Size (4) -@@ -1638,7 +1638,7 @@ p9_client_write(struct p9_fid *fid, char *data, const char __user *udata, +@@ -1635,7 +1635,7 @@ p9_client_write(struct p9_fid *fid, char *data, const char __user *udata, kernel_buf = 1; odata = data; } else @@ -95899,7 +97282,7 @@ index 6ab36ae..6f1841b 100644 } EXPORT_SYMBOL(v9fs_unregister_trans); diff --git a/net/9p/trans_fd.c b/net/9p/trans_fd.c -index 9321a77..ed2f256 100644 +index b7bd7f2..2498bf7 100644 --- a/net/9p/trans_fd.c +++ b/net/9p/trans_fd.c @@ -432,7 +432,7 @@ static int p9_fd_write(struct p9_client *client, void *v, int len) @@ -95911,6 +97294,19 @@ index 9321a77..ed2f256 100644 set_fs(oldfs); if (ret <= 0 && ret != -ERESTARTSYS && ret != -EAGAIN) +diff --git a/net/appletalk/atalk_proc.c b/net/appletalk/atalk_proc.c +index af46bc4..f9adfcd 100644 +--- a/net/appletalk/atalk_proc.c ++++ b/net/appletalk/atalk_proc.c +@@ -256,7 +256,7 @@ int __init atalk_proc_init(void) + struct proc_dir_entry *p; + int rc = -ENOMEM; + +- atalk_proc_dir = proc_mkdir("atalk", init_net.proc_net); ++ atalk_proc_dir = proc_mkdir_restrict("atalk", init_net.proc_net); + if (!atalk_proc_dir) + goto out; + diff --git a/net/atm/atm_misc.c b/net/atm/atm_misc.c index 876fbe8..8bbea9f 100644 --- a/net/atm/atm_misc.c @@ -95952,7 +97348,7 @@ index 876fbe8..8bbea9f 100644 #undef __HANDLE_ITEM } diff --git a/net/atm/lec.c b/net/atm/lec.c -index f23916b..dd4d26b 100644 +index 5a2f602..9396143 100644 --- a/net/atm/lec.c +++ b/net/atm/lec.c @@ -111,9 +111,9 @@ static inline void lec_arp_put(struct lec_arp_table *entry) @@ -96090,10 +97486,10 @@ index 919a5ce..cc6b444 100644 table = kmemdup(ax25_param_table, sizeof(ax25_param_table), GFP_KERNEL); if (!table) diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c -index f7270b9..cd0d879 100644 +index d074d06..ad3cfcf 100644 --- a/net/batman-adv/bat_iv_ogm.c +++ b/net/batman-adv/bat_iv_ogm.c -@@ -307,7 +307,7 @@ static int batadv_iv_ogm_iface_enable(struct batadv_hard_iface *hard_iface) +@@ -312,7 +312,7 @@ static int batadv_iv_ogm_iface_enable(struct batadv_hard_iface *hard_iface) /* randomize initial seqno to avoid collision */ get_random_bytes(&random_seqno, sizeof(random_seqno)); @@ -96102,7 +97498,7 @@ index f7270b9..cd0d879 100644 hard_iface->bat_iv.ogm_buff_len = BATADV_OGM_HLEN; ogm_buff = kmalloc(hard_iface->bat_iv.ogm_buff_len, GFP_ATOMIC); -@@ -894,9 +894,9 @@ static void batadv_iv_ogm_schedule(struct batadv_hard_iface *hard_iface) +@@ -917,9 +917,9 @@ static void batadv_iv_ogm_schedule(struct batadv_hard_iface *hard_iface) batadv_ogm_packet->tvlv_len = htons(tvlv_len); /* change sequence number to network order */ @@ -96113,21 +97509,21 @@ index f7270b9..cd0d879 100644 + atomic_inc_unchecked(&hard_iface->bat_iv.ogm_seqno); batadv_iv_ogm_slide_own_bcast_window(hard_iface); - batadv_iv_ogm_queue_add(bat_priv, hard_iface->bat_iv.ogm_buff, -@@ -1261,7 +1261,7 @@ static void batadv_iv_ogm_process(const struct ethhdr *ethhdr, + +@@ -1596,7 +1596,7 @@ static void batadv_iv_ogm_process(const struct sk_buff *skb, int ogm_offset, return; /* could be changed by schedule_own_packet() */ - if_incoming_seqno = atomic_read(&if_incoming->bat_iv.ogm_seqno); + if_incoming_seqno = atomic_read_unchecked(&if_incoming->bat_iv.ogm_seqno); - if (batadv_ogm_packet->flags & BATADV_DIRECTLINK) - has_directlink_flag = 1; + if (ogm_packet->flags & BATADV_DIRECTLINK) + has_directlink_flag = true; diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c -index 6ddb614..ca7e886 100644 +index cc1cfd6..7a68e022 100644 --- a/net/batman-adv/fragmentation.c +++ b/net/batman-adv/fragmentation.c -@@ -447,7 +447,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb, +@@ -446,7 +446,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb, frag_header.packet_type = BATADV_UNICAST_FRAG; frag_header.version = BATADV_COMPAT_VERSION; frag_header.ttl = BATADV_TTL; @@ -96137,10 +97533,10 @@ index 6ddb614..ca7e886 100644 frag_header.no = 0; frag_header.total_size = htons(skb->len); diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c -index a8f99d1..11797ef 100644 +index f82c267..0e56d32 100644 --- a/net/batman-adv/soft-interface.c +++ b/net/batman-adv/soft-interface.c -@@ -278,7 +278,7 @@ static int batadv_interface_tx(struct sk_buff *skb, +@@ -283,7 +283,7 @@ send: primary_if->net_dev->dev_addr, ETH_ALEN); /* set broadcast sequence number */ @@ -96149,7 +97545,7 @@ index a8f99d1..11797ef 100644 bcast_packet->seqno = htonl(seqno); batadv_add_bcast_packet_to_list(bat_priv, skb, brd_delay); -@@ -688,7 +688,7 @@ static int batadv_softif_init_late(struct net_device *dev) +@@ -707,7 +707,7 @@ static int batadv_softif_init_late(struct net_device *dev) atomic_set(&bat_priv->batman_queue_left, BATADV_BATMAN_QUEUE_LEN); atomic_set(&bat_priv->mesh_state, BATADV_MESH_INACTIVE); @@ -96158,7 +97554,7 @@ index a8f99d1..11797ef 100644 atomic_set(&bat_priv->tt.vn, 0); atomic_set(&bat_priv->tt.local_changes, 0); atomic_set(&bat_priv->tt.ogm_append_cnt, 0); -@@ -700,7 +700,7 @@ static int batadv_softif_init_late(struct net_device *dev) +@@ -721,7 +721,7 @@ static int batadv_softif_init_late(struct net_device *dev) /* randomize initial seqno to avoid collision */ get_random_bytes(&random_seqno, sizeof(random_seqno)); @@ -96168,10 +97564,10 @@ index a8f99d1..11797ef 100644 bat_priv->primary_if = NULL; bat_priv->num_ifaces = 0; diff --git a/net/batman-adv/types.h b/net/batman-adv/types.h -index 91dd369..9c25750 100644 +index 78370ab..1cb3614 100644 --- a/net/batman-adv/types.h +++ b/net/batman-adv/types.h -@@ -56,7 +56,7 @@ +@@ -66,7 +66,7 @@ enum batadv_dhcp_recipient { struct batadv_hard_iface_bat_iv { unsigned char *ogm_buff; int ogm_buff_len; @@ -96180,7 +97576,7 @@ index 91dd369..9c25750 100644 }; /** -@@ -673,7 +673,7 @@ struct batadv_priv { +@@ -714,7 +714,7 @@ struct batadv_priv { atomic_t bonding; atomic_t fragmentation; atomic_t packet_size_max; @@ -96189,10 +97585,10 @@ index 91dd369..9c25750 100644 #ifdef CONFIG_BATMAN_ADV_BLA atomic_t bridge_loop_avoidance; #endif -@@ -687,7 +687,7 @@ struct batadv_priv { - #ifdef CONFIG_BATMAN_ADV_DEBUG - atomic_t log_level; +@@ -730,7 +730,7 @@ struct batadv_priv { #endif + uint32_t isolation_mark; + uint32_t isolation_mark_mask; - atomic_t bcast_seqno; + atomic_unchecked_t bcast_seqno; atomic_t bcast_queue_left; @@ -96212,10 +97608,10 @@ index 7552f9e..074ce29 100644 err = -EFAULT; break; diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c -index 4af3821..f2ba46c 100644 +index b0ad2c7..96f6a5e 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c -@@ -3500,8 +3500,10 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, +@@ -3740,8 +3740,10 @@ static int l2cap_parse_conf_rsp(struct l2cap_chan *chan, void *rsp, int len, break; case L2CAP_CONF_RFC: @@ -96229,10 +97625,10 @@ index 4af3821..f2ba46c 100644 if (test_bit(CONF_STATE2_DEVICE, &chan->conf_state) && rfc.mode != chan->mode) diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c -index 7cc24d2..e83f531 100644 +index d58f76b..b69600a 100644 --- a/net/bluetooth/l2cap_sock.c +++ b/net/bluetooth/l2cap_sock.c -@@ -545,7 +545,8 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, +@@ -625,7 +625,8 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, struct sock *sk = sock->sk; struct l2cap_chan *chan = l2cap_pi(sk)->chan; struct l2cap_options opts; @@ -96242,7 +97638,7 @@ index 7cc24d2..e83f531 100644 u32 opt; BT_DBG("sk %p", sk); -@@ -567,7 +568,7 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, +@@ -652,7 +653,7 @@ static int l2cap_sock_setsockopt_old(struct socket *sock, int optname, opts.max_tx = chan->max_tx; opts.txwin_size = chan->tx_win; @@ -96251,7 +97647,7 @@ index 7cc24d2..e83f531 100644 if (copy_from_user((char *) &opts, optval, len)) { err = -EFAULT; break; -@@ -647,7 +648,8 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, +@@ -734,7 +735,8 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, struct bt_security sec; struct bt_power pwr; struct l2cap_conn *conn; @@ -96261,7 +97657,7 @@ index 7cc24d2..e83f531 100644 u32 opt; BT_DBG("sk %p", sk); -@@ -670,7 +672,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, +@@ -757,7 +759,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, sec.level = BT_SECURITY_LOW; @@ -96270,7 +97666,7 @@ index 7cc24d2..e83f531 100644 if (copy_from_user((char *) &sec, optval, len)) { err = -EFAULT; break; -@@ -770,7 +772,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, +@@ -857,7 +859,7 @@ static int l2cap_sock_setsockopt(struct socket *sock, int level, int optname, pwr.force_active = BT_POWER_FORCE_ACTIVE_ON; @@ -96302,10 +97698,10 @@ index 3c2d3e4..884855a 100644 err = -EFAULT; break; diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c -index 84fcf9f..e389b27 100644 +index f9c0980a..fcbbfeb 100644 --- a/net/bluetooth/rfcomm/tty.c +++ b/net/bluetooth/rfcomm/tty.c -@@ -684,7 +684,7 @@ static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) +@@ -717,7 +717,7 @@ static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) BT_DBG("tty %p id %d", tty, tty->index); BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst, @@ -96314,7 +97710,7 @@ index 84fcf9f..e389b27 100644 err = tty_port_open(&dev->port, tty, filp); if (err) -@@ -707,7 +707,7 @@ static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) +@@ -740,7 +740,7 @@ static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, @@ -96324,19 +97720,19 @@ index 84fcf9f..e389b27 100644 tty_port_close(&dev->port, tty, filp); } diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c -index ac78024..161a80c 100644 +index 1059ed3..d70846a 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c -@@ -1525,7 +1525,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1524,7 +1524,7 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) tmp.valid_hooks = t->table->valid_hooks; } mutex_unlock(&ebt_mutex); -- if (copy_to_user(user, &tmp, *len) != 0){ -+ if (*len > sizeof(tmp) || copy_to_user(user, &tmp, *len) != 0){ +- if (copy_to_user(user, &tmp, *len) != 0) { ++ if (*len > sizeof(tmp) || copy_to_user(user, &tmp, *len) != 0) { BUGPRINT("c2u Didn't work\n"); ret = -EFAULT; break; -@@ -2331,7 +2331,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, +@@ -2330,7 +2330,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, goto out; tmp.valid_hooks = t->valid_hooks; @@ -96345,7 +97741,7 @@ index ac78024..161a80c 100644 ret = -EFAULT; break; } -@@ -2342,7 +2342,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, +@@ -2341,7 +2341,7 @@ static int compat_do_ebt_get_ctl(struct sock *sk, int cmd, tmp.entries_size = t->table->entries_size; tmp.valid_hooks = t->table->valid_hooks; @@ -96410,8 +97806,21 @@ index a27f8aa..67174a3 100644 .notifier_call = can_notifier, }; +diff --git a/net/can/bcm.c b/net/can/bcm.c +index dcb75c0..24b1b43 100644 +--- a/net/can/bcm.c ++++ b/net/can/bcm.c +@@ -1624,7 +1624,7 @@ static int __init bcm_module_init(void) + } + + /* create /proc/net/can-bcm directory */ +- proc_dir = proc_mkdir("can-bcm", init_net.proc_net); ++ proc_dir = proc_mkdir_restrict("can-bcm", init_net.proc_net); + return 0; + } + diff --git a/net/can/gw.c b/net/can/gw.c -index 3f9b0f3..fc6d4fa 100644 +index ac31891..4799c17 100644 --- a/net/can/gw.c +++ b/net/can/gw.c @@ -80,7 +80,6 @@ MODULE_PARM_DESC(max_hops, @@ -96422,7 +97831,7 @@ index 3f9b0f3..fc6d4fa 100644 static struct kmem_cache *cgw_cache __read_mostly; -@@ -954,6 +953,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -947,6 +946,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh) return err; } @@ -96433,7 +97842,7 @@ index 3f9b0f3..fc6d4fa 100644 static __init int cgw_module_init(void) { /* sanitize given module parameter */ -@@ -969,7 +972,6 @@ static __init int cgw_module_init(void) +@@ -962,7 +965,6 @@ static __init int cgw_module_init(void) return -ENOMEM; /* set notifier */ @@ -96441,11 +97850,24 @@ index 3f9b0f3..fc6d4fa 100644 register_netdevice_notifier(¬ifier); if (__rtnl_register(PF_CAN, RTM_GETROUTE, NULL, cgw_dump_jobs, NULL)) { +diff --git a/net/can/proc.c b/net/can/proc.c +index b543470..d2ddae2 100644 +--- a/net/can/proc.c ++++ b/net/can/proc.c +@@ -468,7 +468,7 @@ static void can_remove_proc_readentry(const char *name) + void can_init_proc(void) + { + /* create /proc/net/can directory */ +- can_dir = proc_mkdir("can", init_net.proc_net); ++ can_dir = proc_mkdir_restrict("can", init_net.proc_net); + + if (!can_dir) { + printk(KERN_INFO "can: failed to create /proc/net/can . " diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c -index 4a5df7b..9ad1f1d 100644 +index 30efc5c..cfa1bbc 100644 --- a/net/ceph/messenger.c +++ b/net/ceph/messenger.c -@@ -186,7 +186,7 @@ static void con_fault(struct ceph_connection *con); +@@ -187,7 +187,7 @@ static void con_fault(struct ceph_connection *con); #define MAX_ADDR_STR_LEN 64 /* 54 is enough */ static char addr_str[ADDR_STR_COUNT][MAX_ADDR_STR_LEN]; @@ -96454,7 +97876,7 @@ index 4a5df7b..9ad1f1d 100644 static struct page *zero_page; /* used in certain error cases */ -@@ -197,7 +197,7 @@ const char *ceph_pr_addr(const struct sockaddr_storage *ss) +@@ -198,7 +198,7 @@ const char *ceph_pr_addr(const struct sockaddr_storage *ss) struct sockaddr_in *in4 = (struct sockaddr_in *) ss; struct sockaddr_in6 *in6 = (struct sockaddr_in6 *) ss; @@ -96617,10 +98039,10 @@ index a16ed7b..eb44d17 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 616eccf..31832d38 100644 +index fccc195..c8486ab 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -1684,14 +1684,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) +@@ -1688,14 +1688,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) { if (skb_shinfo(skb)->tx_flags & SKBTX_DEV_ZEROCOPY) { if (skb_copy_ubufs(skb, GFP_ATOMIC)) { @@ -96637,7 +98059,7 @@ index 616eccf..31832d38 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -2434,7 +2434,7 @@ static int illegal_highdma(const struct net_device *dev, struct sk_buff *skb) +@@ -2453,7 +2453,7 @@ static int illegal_highdma(const struct net_device *dev, struct sk_buff *skb) struct dev_gso_cb { void (*destructor)(struct sk_buff *skb); @@ -96646,7 +98068,7 @@ index 616eccf..31832d38 100644 #define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) -@@ -3224,7 +3224,7 @@ enqueue: +@@ -3227,7 +3227,7 @@ enqueue: local_irq_restore(flags); @@ -96655,7 +98077,7 @@ index 616eccf..31832d38 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -3296,7 +3296,7 @@ int netif_rx_ni(struct sk_buff *skb) +@@ -3308,7 +3308,7 @@ int netif_rx_ni(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_ni); @@ -96664,7 +98086,7 @@ index 616eccf..31832d38 100644 { struct softnet_data *sd = &__get_cpu_var(softnet_data); -@@ -3630,7 +3630,7 @@ ncls: +@@ -3645,7 +3645,7 @@ ncls: ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); } else { drop: @@ -96673,7 +98095,7 @@ index 616eccf..31832d38 100644 kfree_skb(skb); /* Jamal, now you will not able to escape explaining * me how you were going to use this. :-) -@@ -4290,7 +4290,7 @@ void netif_napi_del(struct napi_struct *napi) +@@ -4333,7 +4333,7 @@ void netif_napi_del(struct napi_struct *napi) } EXPORT_SYMBOL(netif_napi_del); @@ -96682,7 +98104,7 @@ index 616eccf..31832d38 100644 { struct softnet_data *sd = &__get_cpu_var(softnet_data); unsigned long time_limit = jiffies + 2; -@@ -6179,7 +6179,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, +@@ -6302,7 +6302,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, } else { netdev_stats_to_stats64(storage, &dev->stats); } @@ -96692,10 +98114,10 @@ index 616eccf..31832d38 100644 } EXPORT_SYMBOL(dev_get_stats); diff --git a/net/core/dev_ioctl.c b/net/core/dev_ioctl.c -index 5b7d0e1..cb960fc 100644 +index cf999e0..c59a975 100644 --- a/net/core/dev_ioctl.c +++ b/net/core/dev_ioctl.c -@@ -365,9 +365,13 @@ void dev_load(struct net *net, const char *name) +@@ -366,9 +366,13 @@ void dev_load(struct net *net, const char *name) if (no_module && capable(CAP_NET_ADMIN)) no_module = request_module("netdev-%s", name); if (no_module && capable(CAP_SYS_MODULE)) { @@ -96710,10 +98132,66 @@ index 5b7d0e1..cb960fc 100644 } EXPORT_SYMBOL(dev_load); diff --git a/net/core/filter.c b/net/core/filter.c -index ad30d62..c2757df 100644 +index ebce437..9fed9d0 100644 --- a/net/core/filter.c +++ b/net/core/filter.c -@@ -679,7 +679,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, +@@ -126,7 +126,7 @@ unsigned int sk_run_filter(const struct sk_buff *skb, + void *ptr; + u32 A = 0; /* Accumulator */ + u32 X = 0; /* Index Register */ +- u32 mem[BPF_MEMWORDS]; /* Scratch Memory Store */ ++ u32 mem[BPF_MEMWORDS] = {}; /* Scratch Memory Store */ + u32 tmp; + int k; + +@@ -292,10 +292,10 @@ load_b: + X = K; + continue; + case BPF_S_LD_MEM: +- A = mem[K]; ++ A = mem[K&15]; + continue; + case BPF_S_LDX_MEM: +- X = mem[K]; ++ X = mem[K&15]; + continue; + case BPF_S_MISC_TAX: + X = A; +@@ -308,10 +308,10 @@ load_b: + case BPF_S_RET_A: + return A; + case BPF_S_ST: +- mem[K] = A; ++ mem[K&15] = A; + continue; + case BPF_S_STX: +- mem[K] = X; ++ mem[K&15] = X; + continue; + case BPF_S_ANC_PROTOCOL: + A = ntohs(skb->protocol); +@@ -395,9 +395,10 @@ load_b: + continue; + #endif + default: +- WARN_RATELIMIT(1, "Unknown code:%u jt:%u tf:%u k:%u\n", ++ WARN(1, KERN_ALERT "Unknown sock filter code:%u jt:%u tf:%u k:%u\n", + fentry->code, fentry->jt, + fentry->jf, fentry->k); ++ BUG(); + return 0; + } + } +@@ -420,7 +421,7 @@ static int check_load_and_stores(struct sock_filter *filter, int flen) + u16 *masks, memvalid = 0; /* one bit per cell, 16 cells */ + int pc, ret = 0; + +- BUILD_BUG_ON(BPF_MEMWORDS > 16); ++ BUILD_BUG_ON(BPF_MEMWORDS != 16); + masks = kmalloc(flen * sizeof(*masks), GFP_KERNEL); + if (!masks) + return -ENOMEM; +@@ -683,7 +684,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, fp = kmalloc(sk_filter_size(fprog->len), GFP_KERNEL); if (!fp) return -ENOMEM; @@ -96785,10 +98263,10 @@ index b618694..192bbba 100644 m->msg_iov = iov; diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 43128dd..e4d4311 100644 +index 7d95f69..a6065de 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c -@@ -2775,7 +2775,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, +@@ -2824,7 +2824,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int size, ret; @@ -96797,7 +98275,16 @@ index 43128dd..e4d4311 100644 tmp.extra1 = &zero; tmp.extra2 = &unres_qlen_max; -@@ -2983,11 +2983,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, +@@ -2886,7 +2886,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, + void __user *buffer, + size_t *lenp, loff_t *ppos) + { +- struct ctl_table tmp = *ctl; ++ ctl_table_no_const tmp = *ctl; + int ret; + + tmp.extra1 = &zero; +@@ -3058,11 +3058,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0, sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL])); } else { @@ -96813,12 +98300,45 @@ index 43128dd..e4d4311 100644 + t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &ntable->gc_thresh3; } - + if (handler) { diff --git a/net/core/net-procfs.c b/net/core/net-procfs.c -index 2bf8329..7960607 100644 +index 2bf8329..2eb1423 100644 --- a/net/core/net-procfs.c +++ b/net/core/net-procfs.c -@@ -283,8 +283,13 @@ static int ptype_seq_show(struct seq_file *seq, void *v) +@@ -79,7 +79,13 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) + struct rtnl_link_stats64 temp; + const struct rtnl_link_stats64 *stats = dev_get_stats(dev, &temp); + +- seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu " ++ if (gr_proc_is_restricted()) ++ seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu " ++ "%8llu %7llu %4llu %4llu %4llu %5llu %7llu %10llu\n", ++ dev->name, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, ++ 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL); ++ else ++ seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu " + "%8llu %7llu %4llu %4llu %4llu %5llu %7llu %10llu\n", + dev->name, stats->rx_bytes, stats->rx_packets, + stats->rx_errors, +@@ -166,7 +172,7 @@ static int softnet_seq_show(struct seq_file *seq, void *v) + return 0; + } + +-static const struct seq_operations dev_seq_ops = { ++const struct seq_operations dev_seq_ops = { + .start = dev_seq_start, + .next = dev_seq_next, + .stop = dev_seq_stop, +@@ -196,7 +202,7 @@ static const struct seq_operations softnet_seq_ops = { + + static int softnet_seq_open(struct inode *inode, struct file *file) + { +- return seq_open(file, &softnet_seq_ops); ++ return seq_open_restrict(file, &softnet_seq_ops); + } + + static const struct file_operations softnet_seq_fops = { +@@ -283,8 +289,13 @@ static int ptype_seq_show(struct seq_file *seq, void *v) else seq_printf(seq, "%04x", ntohs(pt->type)); @@ -96832,21 +98352,8 @@ index 2bf8329..7960607 100644 } return 0; -diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c -index f3edf96..3cd8b40 100644 ---- a/net/core/net-sysfs.c -+++ b/net/core/net-sysfs.c -@@ -1358,7 +1358,7 @@ void netdev_class_remove_file_ns(struct class_attribute *class_attr, - } - EXPORT_SYMBOL(netdev_class_remove_file_ns); - --int netdev_kobject_init(void) -+int __init netdev_kobject_init(void) - { - kobj_ns_type_register(&net_ns_type_operations); - return class_register(&net_class); diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c -index 81d3a9a..a0bd7a8 100644 +index 7c8ffd9..0cb3687 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -443,7 +443,7 @@ static int __register_pernet_operations(struct list_head *list, @@ -96886,7 +98393,7 @@ index 81d3a9a..a0bd7a8 100644 return error; } diff --git a/net/core/netpoll.c b/net/core/netpoll.c -index 81975f2..9ef3531 100644 +index df9e6b1..6e68e4e 100644 --- a/net/core/netpoll.c +++ b/net/core/netpoll.c @@ -435,7 +435,7 @@ void netpoll_send_udp(struct netpoll *np, const char *msg, int len) @@ -96907,8 +98414,21 @@ index 81975f2..9ef3531 100644 iph->frag_off = 0; iph->ttl = 64; iph->protocol = IPPROTO_UDP; +diff --git a/net/core/pktgen.c b/net/core/pktgen.c +index fdac61c..e5e5b46 100644 +--- a/net/core/pktgen.c ++++ b/net/core/pktgen.c +@@ -3719,7 +3719,7 @@ static int __net_init pg_net_init(struct net *net) + pn->net = net; + INIT_LIST_HEAD(&pn->pktgen_threads); + pn->pktgen_exiting = false; +- pn->proc_dir = proc_mkdir(PG_PROC_DIR, pn->net->proc_net); ++ pn->proc_dir = proc_mkdir_restrict(PG_PROC_DIR, pn->net->proc_net); + if (!pn->proc_dir) { + pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR); + return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index cf67144..12bf94c 100644 +index 83b9d6a..cff1ce7 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -58,7 +58,7 @@ struct rtnl_link { @@ -96987,10 +98507,10 @@ index b442e7e..6f5b5a2 100644 { struct socket *sock; diff --git a/net/core/skbuff.c b/net/core/skbuff.c -index deffb37..213db0a 100644 +index e5ae776e..15c90cb 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c -@@ -2006,7 +2006,7 @@ EXPORT_SYMBOL(__skb_checksum); +@@ -2003,7 +2003,7 @@ EXPORT_SYMBOL(__skb_checksum); __wsum skb_checksum(const struct sk_buff *skb, int offset, int len, __wsum csum) { @@ -96999,7 +98519,7 @@ index deffb37..213db0a 100644 .update = csum_partial_ext, .combine = csum_block_add_ext, }; -@@ -3119,13 +3119,15 @@ void __init skb_init(void) +@@ -3220,13 +3220,15 @@ void __init skb_init(void) skbuff_head_cache = kmem_cache_create("skbuff_head_cache", sizeof(struct sk_buff), 0, @@ -97018,7 +98538,7 @@ index deffb37..213db0a 100644 } diff --git a/net/core/sock.c b/net/core/sock.c -index fbc5cfb..6d7e8c3 100644 +index c0fc6bd..51d8326 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -393,7 +393,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) @@ -97066,7 +98586,7 @@ index fbc5cfb..6d7e8c3 100644 goto discard_and_relse; } -@@ -950,12 +950,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -949,12 +949,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, struct timeval tm; } v; @@ -97082,7 +98602,7 @@ index fbc5cfb..6d7e8c3 100644 return -EINVAL; memset(&v, 0, sizeof(v)); -@@ -1107,11 +1107,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -1106,11 +1106,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, case SO_PEERNAME: { @@ -97096,7 +98616,7 @@ index fbc5cfb..6d7e8c3 100644 return -EINVAL; if (copy_to_user(optval, address, len)) return -EFAULT; -@@ -1188,7 +1188,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, +@@ -1191,7 +1191,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, if (len > lv) len = lv; @@ -97105,7 +98625,7 @@ index fbc5cfb..6d7e8c3 100644 return -EFAULT; lenout: if (put_user(len, optlen)) -@@ -2353,7 +2353,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) +@@ -2326,7 +2326,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) */ smp_wmb(); atomic_set(&sk->sk_refcnt, 1); @@ -97114,7 +98634,7 @@ index fbc5cfb..6d7e8c3 100644 } EXPORT_SYMBOL(sock_init_data); -@@ -2478,6 +2478,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) +@@ -2454,6 +2454,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, int level, int type) { @@ -97122,7 +98642,7 @@ index fbc5cfb..6d7e8c3 100644 struct sock_exterr_skb *serr; struct sk_buff *skb, *skb2; int copied, err; -@@ -2499,7 +2500,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, +@@ -2475,7 +2476,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, sock_recv_timestamp(msg, sk, skb); serr = SKB_EXT_ERR(skb); @@ -97133,7 +98653,7 @@ index fbc5cfb..6d7e8c3 100644 msg->msg_flags |= MSG_ERRQUEUE; err = copied; diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c -index a0e9cf6..ef7f9ed 100644 +index 6a7fae2..d7c22e6 100644 --- a/net/core/sock_diag.c +++ b/net/core/sock_diag.c @@ -9,26 +9,33 @@ @@ -97195,7 +98715,7 @@ index a0e9cf6..ef7f9ed 100644 } EXPORT_SYMBOL_GPL(sock_diag_unregister); diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c -index cca4441..5e616de 100644 +index cf9cd13..8b56af3 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -32,7 +32,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write, @@ -97207,7 +98727,7 @@ index cca4441..5e616de 100644 .data = &size, .maxlen = sizeof(size), .mode = table->mode -@@ -199,7 +199,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, +@@ -200,7 +200,7 @@ static int set_default_qdisc(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { char id[IFNAMSIZ]; @@ -97216,7 +98736,7 @@ index cca4441..5e616de 100644 .data = id, .maxlen = IFNAMSIZ, }; -@@ -378,13 +378,12 @@ static struct ctl_table netns_core_table[] = { +@@ -379,13 +379,12 @@ static struct ctl_table netns_core_table[] = { static __net_init int sysctl_core_net_init(struct net *net) { @@ -97232,7 +98752,7 @@ index cca4441..5e616de 100644 if (tbl == NULL) goto err_dup; -@@ -394,17 +393,16 @@ static __net_init int sysctl_core_net_init(struct net *net) +@@ -395,17 +394,16 @@ static __net_init int sysctl_core_net_init(struct net *net) if (net->user_ns != &init_user_ns) { tbl[0].procname = NULL; } @@ -97254,7 +98774,7 @@ index cca4441..5e616de 100644 err_dup: return -ENOMEM; } -@@ -419,7 +417,7 @@ static __net_exit void sysctl_core_net_exit(struct net *net) +@@ -420,7 +418,7 @@ static __net_exit void sysctl_core_net_exit(struct net *net) kfree(tbl); } @@ -97264,7 +98784,7 @@ index cca4441..5e616de 100644 .exit = sysctl_core_net_exit, }; diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c -index dd4d506..fb2fb87 100644 +index 4c04848..f575934 100644 --- a/net/decnet/af_decnet.c +++ b/net/decnet/af_decnet.c @@ -465,6 +465,7 @@ static struct proto dn_proto = { @@ -97276,7 +98796,7 @@ index dd4d506..fb2fb87 100644 static struct sock *dn_alloc_sock(struct net *net, struct socket *sock, gfp_t gfp) diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c -index dd0dfb2..fdbc764 100644 +index a603823..a36ee0b 100644 --- a/net/decnet/dn_dev.c +++ b/net/decnet/dn_dev.c @@ -200,7 +200,7 @@ static struct dn_dev_sysctl_table { @@ -97311,10 +98831,10 @@ index 5325b54..a0d4d69 100644 *lenp = len; diff --git a/net/ieee802154/dgram.c b/net/ieee802154/dgram.c -index 1865fdf..581a595 100644 +index 1846c1f..96d4a9f 100644 --- a/net/ieee802154/dgram.c +++ b/net/ieee802154/dgram.c -@@ -315,8 +315,9 @@ static int dgram_recvmsg(struct kiocb *iocb, struct sock *sk, +@@ -313,8 +313,9 @@ static int dgram_recvmsg(struct kiocb *iocb, struct sock *sk, if (saddr) { saddr->family = AF_IEEE802154; saddr->addr = mac_cb(skb)->sa; @@ -97326,10 +98846,10 @@ index 1865fdf..581a595 100644 if (flags & MSG_TRUNC) copied = skb->len; diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c -index e4d96d4..e1651da 100644 +index 19ab78a..bf575c9 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c -@@ -1686,13 +1686,9 @@ static int __init inet_init(void) +@@ -1703,13 +1703,9 @@ static int __init inet_init(void) BUILD_BUG_ON(sizeof(struct inet_skb_parm) > FIELD_SIZEOF(struct sk_buff, cb)); @@ -97344,7 +98864,7 @@ index e4d96d4..e1651da 100644 rc = proto_register(&udp_prot, 1); if (rc) -@@ -1799,8 +1795,6 @@ out_unregister_udp_proto: +@@ -1816,8 +1812,6 @@ out_unregister_udp_proto: proto_unregister(&udp_prot); out_unregister_tcp_proto: proto_unregister(&tcp_prot); @@ -97354,10 +98874,10 @@ index e4d96d4..e1651da 100644 } diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c -index f4b34d8..c54a163 100644 +index bdbf68b..deb4759 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c -@@ -1534,7 +1534,7 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) +@@ -1543,7 +1543,7 @@ static int inet_dump_ifaddr(struct sk_buff *skb, struct netlink_callback *cb) idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -97366,7 +98886,7 @@ index f4b34d8..c54a163 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -1845,7 +1845,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, +@@ -1861,7 +1861,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -97375,7 +98895,7 @@ index f4b34d8..c54a163 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -2070,7 +2070,7 @@ static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, +@@ -2096,7 +2096,7 @@ static int ipv4_doint_and_flush(struct ctl_table *ctl, int write, #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) @@ -97384,7 +98904,7 @@ index f4b34d8..c54a163 100644 struct ctl_table_header *sysctl_header; struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; } devinet_sysctl = { -@@ -2192,7 +2192,7 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2218,7 +2218,7 @@ static __net_init int devinet_init_net(struct net *net) int err; struct ipv4_devconf *all, *dflt; #ifdef CONFIG_SYSCTL @@ -97393,7 +98913,7 @@ index f4b34d8..c54a163 100644 struct ctl_table_header *forw_hdr; #endif -@@ -2210,7 +2210,7 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2236,7 +2236,7 @@ static __net_init int devinet_init_net(struct net *net) goto err_alloc_dflt; #ifdef CONFIG_SYSCTL @@ -97402,7 +98922,7 @@ index f4b34d8..c54a163 100644 if (tbl == NULL) goto err_alloc_ctl; -@@ -2230,7 +2230,10 @@ static __net_init int devinet_init_net(struct net *net) +@@ -2256,7 +2256,10 @@ static __net_init int devinet_init_net(struct net *net) goto err_reg_dflt; err = -ENOMEM; @@ -97414,7 +98934,7 @@ index f4b34d8..c54a163 100644 if (forw_hdr == NULL) goto err_reg_ctl; net->ipv4.forw_hdr = forw_hdr; -@@ -2246,8 +2249,7 @@ err_reg_ctl: +@@ -2272,8 +2275,7 @@ err_reg_ctl: err_reg_dflt: __devinet_sysctl_unregister(all); err_reg_all: @@ -97453,10 +98973,10 @@ index c7539e2..b455e51 100644 break; case NETDEV_DOWN: diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c -index e63f47a..e5c531d 100644 +index 9d43468..ffa28cc 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c -@@ -766,7 +766,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh) +@@ -767,7 +767,7 @@ __be32 fib_info_update_nh_saddr(struct net *net, struct fib_nh *nh) nh->nh_saddr = inet_select_addr(nh->nh_dev, nh->nh_gw, nh->nh_parent->fib_scope); @@ -97466,7 +98986,7 @@ index e63f47a..e5c531d 100644 return nh->nh_saddr; } diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c -index fc0e649..febfa65 100644 +index 0d1e2cb..4501a2c 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c @@ -29,7 +29,7 @@ const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n"; @@ -97478,23 +98998,6 @@ index fc0e649..febfa65 100644 EXPORT_SYMBOL(sysctl_local_reserved_ports); void inet_get_local_port_range(struct net *net, int *low, int *high) -diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c -index bb075fc..322dceb 100644 ---- a/net/ipv4/inet_fragment.c -+++ b/net/ipv4/inet_fragment.c -@@ -278,9 +278,10 @@ static struct inet_frag_queue *inet_frag_intern(struct netns_frags *nf, - - atomic_inc(&qp->refcnt); - hlist_add_head(&qp->list, &hb->chain); -- spin_unlock(&hb->chain_lock); -- read_unlock(&f->lock); - inet_frag_lru_add(nf, qp); -+ spin_unlock(&hb->chain_lock); -+ read_unlock(&f->lock); -+ - return qp; - } - diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index 8b9cf27..0d8d592 100644 --- a/net/ipv4/inet_hashtables.c @@ -97526,10 +99029,10 @@ index 8b9cf27..0d8d592 100644 inet_twsk_deschedule(tw, death_row); while (twrefcnt) { diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c -index 33d5537..da337a4 100644 +index 48f4244..f56d83a 100644 --- a/net/ipv4/inetpeer.c +++ b/net/ipv4/inetpeer.c -@@ -503,8 +503,8 @@ relookup: +@@ -496,8 +496,8 @@ relookup: if (p) { p->daddr = *daddr; atomic_set(&p->refcnt, 1); @@ -97541,7 +99044,7 @@ index 33d5537..da337a4 100644 secure_ip_id(daddr->addr.a4) : secure_ipv6_id(daddr->addr.a6)); diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c -index 2481993..2d9a7a7 100644 +index c10a3ce..dd71f84 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c @@ -283,7 +283,7 @@ static inline int ip_frag_too_far(struct ipq *qp) @@ -97592,7 +99095,7 @@ index 2481993..2d9a7a7 100644 return -ENOMEM; } diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c -index d306360..1c1a1f1 100644 +index 94213c8..8bdb342 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c @@ -115,7 +115,7 @@ static bool log_ecn_error = true; @@ -97623,10 +99126,10 @@ index d306360..1c1a1f1 100644 .maxtype = IFLA_GRE_MAX, .policy = ipgre_policy, diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c -index ddf32a6..3fdeea9 100644 +index 580dd96..9fcef7e 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c -@@ -1172,7 +1172,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, +@@ -1171,7 +1171,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, len = min_t(unsigned int, len, opt->optlen); if (put_user(len, optlen)) return -EFAULT; @@ -97636,7 +99139,7 @@ index ddf32a6..3fdeea9 100644 return -EFAULT; return 0; } -@@ -1303,7 +1304,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, +@@ -1302,7 +1303,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, if (sk->sk_type != SOCK_STREAM) return -ENOPROTOOPT; @@ -97646,7 +99149,7 @@ index ddf32a6..3fdeea9 100644 msg.msg_flags = flags; diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c -index 52b802a..b725179 100644 +index e4a8f76..dd8ad72 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c @@ -44,7 +44,7 @@ @@ -97668,7 +99171,7 @@ index 52b802a..b725179 100644 .maxtype = IFLA_VTI_MAX, .policy = vti_policy, diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c -index efa1138..20dbba0 100644 +index b3e86ea..18ce98c 100644 --- a/net/ipv4/ipconfig.c +++ b/net/ipv4/ipconfig.c @@ -334,7 +334,7 @@ static int __init ic_devinet_ioctl(unsigned int cmd, struct ifreq *arg) @@ -97699,7 +99202,7 @@ index efa1138..20dbba0 100644 return res; } diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c -index fe3e9f7..4956990 100644 +index 812b183..56cbe9c 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c @@ -124,7 +124,7 @@ MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); @@ -97721,7 +99224,7 @@ index fe3e9f7..4956990 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ipip_policy, diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c -index 59da7cd..e318de1 100644 +index f95b6f9..2ee2097 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -885,14 +885,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -97751,7 +99254,7 @@ index 59da7cd..e318de1 100644 ret = -EFAULT; else ret = 0; -@@ -1688,7 +1688,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, +@@ -1690,7 +1690,7 @@ static int compat_do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, switch (cmd) { case ARPT_SO_GET_INFO: @@ -97760,7 +99263,7 @@ index 59da7cd..e318de1 100644 break; case ARPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -1733,7 +1733,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len +@@ -1735,7 +1735,7 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len switch (cmd) { case ARPT_SO_GET_INFO: @@ -97770,7 +99273,7 @@ index 59da7cd..e318de1 100644 case ARPT_SO_GET_ENTRIES: diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c -index 718dfbd..cef4152 100644 +index 99e810f..3711b81 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -1073,14 +1073,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -97800,7 +99303,7 @@ index 718dfbd..cef4152 100644 ret = -EFAULT; else ret = 0; -@@ -1971,7 +1971,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1973,7 +1973,7 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -97809,7 +99312,7 @@ index 718dfbd..cef4152 100644 break; case IPT_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2018,7 +2018,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2020,7 +2020,7 @@ do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IPT_SO_GET_INFO: @@ -97818,20 +99321,42 @@ index 718dfbd..cef4152 100644 break; case IPT_SO_GET_ENTRIES: +diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c +index 2510c02..cfb34fa 100644 +--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c ++++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c +@@ -720,7 +720,7 @@ static int clusterip_net_init(struct net *net) + spin_lock_init(&cn->lock); + + #ifdef CONFIG_PROC_FS +- cn->procdir = proc_mkdir("ipt_CLUSTERIP", net->proc_net); ++ cn->procdir = proc_mkdir_restrict("ipt_CLUSTERIP", net->proc_net); + if (!cn->procdir) { + pr_err("Unable to proc dir entry\n"); + return -ENOMEM; diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c -index 242e7f4..a084e95 100644 +index e21934b..16f52a6 100644 --- a/net/ipv4/ping.c +++ b/net/ipv4/ping.c -@@ -55,7 +55,7 @@ - +@@ -59,7 +59,7 @@ struct ping_table { + }; - struct ping_table ping_table; + static struct ping_table ping_table; -struct pingv6_ops pingv6_ops; +struct pingv6_ops *pingv6_ops; EXPORT_SYMBOL_GPL(pingv6_ops); static u16 ping_port_rover; -@@ -334,7 +334,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, +@@ -259,7 +259,7 @@ int ping_init_sock(struct sock *sk) + + inet_get_ping_group_range_net(net, &low, &high); + if (gid_lte(low, group) && gid_lte(group, high)) +- return 0; ++ goto out_release_group; + + group_info = get_current_groups(); + count = group_info->ngroups; +@@ -348,7 +348,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, return -ENODEV; } } @@ -97840,7 +99365,7 @@ index 242e7f4..a084e95 100644 scoped); rcu_read_unlock(); -@@ -542,7 +542,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) +@@ -556,7 +556,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) } #if IS_ENABLED(CONFIG_IPV6) } else if (skb->protocol == htons(ETH_P_IPV6)) { @@ -97849,7 +99374,7 @@ index 242e7f4..a084e95 100644 #endif } -@@ -560,7 +560,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) +@@ -574,7 +574,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) info, (u8 *)icmph); #if IS_ENABLED(CONFIG_IPV6) } else if (family == AF_INET6) { @@ -97858,7 +99383,7 @@ index 242e7f4..a084e95 100644 info, (u8 *)icmph); #endif } -@@ -830,6 +830,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -844,6 +844,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, { struct inet_sock *isk = inet_sk(sk); int family = sk->sk_family; @@ -97867,7 +99392,7 @@ index 242e7f4..a084e95 100644 struct sk_buff *skb; int copied, err; -@@ -839,12 +841,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -853,12 +855,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, if (flags & MSG_OOB) goto out; @@ -97888,7 +99413,7 @@ index 242e7f4..a084e95 100644 addr_len); #endif } -@@ -876,7 +885,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -890,7 +899,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, sin->sin_port = 0 /* skb->h.uh->source */; sin->sin_addr.s_addr = ip_hdr(skb)->saddr; memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); @@ -97896,7 +99421,7 @@ index 242e7f4..a084e95 100644 } if (isk->cmsg_flags) -@@ -899,11 +907,10 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -912,14 +920,13 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, sin6->sin6_scope_id = ipv6_iface_scope_id(&sin6->sin6_addr, IP6CB(skb)->iif); @@ -97904,12 +99429,16 @@ index 242e7f4..a084e95 100644 } if (inet6_sk(sk)->rxopt.all) -- pingv6_ops.ip6_datagram_recv_ctl(sk, msg, skb); -+ pingv6_ops->ip6_datagram_recv_ctl(sk, msg, skb); +- pingv6_ops.ip6_datagram_recv_common_ctl(sk, msg, skb); ++ pingv6_ops->ip6_datagram_recv_common_ctl(sk, msg, skb); + if (skb->protocol == htons(ETH_P_IPV6) && + inet6_sk(sk)->rxopt.all) +- pingv6_ops.ip6_datagram_recv_specific_ctl(sk, msg, skb); ++ pingv6_ops->ip6_datagram_recv_specific_ctl(sk, msg, skb); + else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags) + ip_cmsg_recv(msg, skb); #endif - } else { - BUG(); -@@ -1093,7 +1100,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, +@@ -1111,7 +1118,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -97919,7 +99448,7 @@ index 242e7f4..a084e95 100644 static int ping_v4_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c -index 23c3e5b..cdb8b36 100644 +index c04518f..824ebe5 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c @@ -311,7 +311,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff *skb) @@ -97992,10 +99521,37 @@ index 23c3e5b..cdb8b36 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index e611651f..0c17263 100644 +index 1344373..02f339e 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -2621,34 +2621,34 @@ static struct ctl_table ipv4_route_flush_table[] = { +@@ -233,7 +233,7 @@ static const struct seq_operations rt_cache_seq_ops = { + + static int rt_cache_seq_open(struct inode *inode, struct file *file) + { +- return seq_open(file, &rt_cache_seq_ops); ++ return seq_open_restrict(file, &rt_cache_seq_ops); + } + + static const struct file_operations rt_cache_seq_fops = { +@@ -324,7 +324,7 @@ static const struct seq_operations rt_cpu_seq_ops = { + + static int rt_cpu_seq_open(struct inode *inode, struct file *file) + { +- return seq_open(file, &rt_cpu_seq_ops); ++ return seq_open_restrict(file, &rt_cpu_seq_ops); + } + + static const struct file_operations rt_cpu_seq_fops = { +@@ -362,7 +362,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v) + + static int rt_acct_proc_open(struct inode *inode, struct file *file) + { +- return single_open(file, rt_acct_proc_show, NULL); ++ return single_open_restrict(file, rt_acct_proc_show, NULL); + } + + static const struct file_operations rt_acct_proc_fops = { +@@ -2623,34 +2623,34 @@ static struct ctl_table ipv4_route_flush_table[] = { .maxlen = sizeof(int), .mode = 0200, .proc_handler = ipv4_sysctl_rtcache_flush, @@ -98038,7 +99594,7 @@ index e611651f..0c17263 100644 err_dup: return -ENOMEM; } -@@ -2671,8 +2671,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { +@@ -2673,8 +2673,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) { @@ -98050,7 +99606,7 @@ index e611651f..0c17263 100644 sizeof(net->ipv4.dev_addr_genid)); return 0; diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c -index 3d69ec8..57207b4 100644 +index 44eba05..b36864b 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -60,7 +60,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write, @@ -98107,7 +99663,7 @@ index 3d69ec8..57207b4 100644 struct tcp_fastopen_context *ctxt; int ret; u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */ -@@ -445,7 +445,7 @@ static struct ctl_table ipv4_table[] = { +@@ -438,7 +438,7 @@ static struct ctl_table ipv4_table[] = { }, { .procname = "ip_local_reserved_ports", @@ -98116,7 +99672,7 @@ index 3d69ec8..57207b4 100644 .maxlen = 65536, .mode = 0644, .proc_handler = proc_do_large_bitmap, -@@ -827,13 +827,12 @@ static struct ctl_table ipv4_net_table[] = { +@@ -843,13 +843,12 @@ static struct ctl_table ipv4_net_table[] = { static __net_init int ipv4_sysctl_init_net(struct net *net) { @@ -98132,7 +99688,7 @@ index 3d69ec8..57207b4 100644 if (table == NULL) goto err_alloc; -@@ -856,15 +855,17 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) +@@ -872,15 +871,17 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) net->ipv4.sysctl_local_ports.range[0] = 32768; net->ipv4.sysctl_local_ports.range[1] = 61000; @@ -98153,7 +99709,7 @@ index 3d69ec8..57207b4 100644 err_alloc: return -ENOMEM; } -@@ -886,16 +887,6 @@ static __net_initdata struct pernet_operations ipv4_sysctl_ops = { +@@ -902,16 +903,6 @@ static __net_initdata struct pernet_operations ipv4_sysctl_ops = { static __init int sysctl_ipv4_init(void) { struct ctl_table_header *hdr; @@ -98171,10 +99727,10 @@ index 3d69ec8..57207b4 100644 hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table); if (hdr == NULL) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c -index c53b7f3..a89aadd 100644 +index eeaac39..dc29942 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c -@@ -759,7 +759,7 @@ static void tcp_update_pacing_rate(struct sock *sk) +@@ -761,7 +761,7 @@ static void tcp_update_pacing_rate(struct sock *sk) * without any lock. We want to make sure compiler wont store * intermediate values in this location. */ @@ -98183,7 +99739,7 @@ index c53b7f3..a89aadd 100644 sk->sk_max_pacing_rate); } -@@ -4482,7 +4482,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, +@@ -4485,7 +4485,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, * simplifies code) */ static void @@ -98192,7 +99748,7 @@ index c53b7f3..a89aadd 100644 struct sk_buff *head, struct sk_buff *tail, u32 start, u32 end) { -@@ -5559,6 +5559,7 @@ discard: +@@ -5562,6 +5562,7 @@ discard: tcp_paws_reject(&tp->rx_opt, 0)) goto discard_and_undo; @@ -98200,7 +99756,7 @@ index c53b7f3..a89aadd 100644 if (th->syn) { /* We see SYN without ACK. It is attempt of * simultaneous connect with crossed SYNs. -@@ -5609,6 +5610,7 @@ discard: +@@ -5612,6 +5613,7 @@ discard: goto discard; #endif } @@ -98208,7 +99764,7 @@ index c53b7f3..a89aadd 100644 /* "fifth, if neither of the SYN or RST bits is set then * drop the segment and return." */ -@@ -5655,7 +5657,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, +@@ -5658,7 +5660,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, goto discard; if (th->syn) { @@ -98218,7 +99774,7 @@ index c53b7f3..a89aadd 100644 if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) return 1; diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c -index 0672139..cacc17d 100644 +index 1e4eac7..a66fa4a 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -91,6 +91,10 @@ int sysctl_tcp_low_latency __read_mostly; @@ -98232,7 +99788,7 @@ index 0672139..cacc17d 100644 #ifdef CONFIG_TCP_MD5SIG static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, __be32 daddr, __be32 saddr, const struct tcphdr *th); -@@ -1830,6 +1834,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) +@@ -1829,6 +1833,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; reset: @@ -98242,7 +99798,7 @@ index 0672139..cacc17d 100644 tcp_v4_send_reset(rsk, skb); discard: kfree_skb(skb); -@@ -1975,12 +1982,19 @@ int tcp_v4_rcv(struct sk_buff *skb) +@@ -1974,12 +1981,19 @@ int tcp_v4_rcv(struct sk_buff *skb) TCP_SKB_CB(skb)->sacked = 0; sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); @@ -98265,7 +99821,7 @@ index 0672139..cacc17d 100644 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); -@@ -2034,6 +2048,10 @@ csum_error: +@@ -2033,6 +2047,10 @@ csum_error: bad_packet: TCP_INC_STATS_BH(net, TCP_MIB_INERRS); } else { @@ -98277,7 +99833,7 @@ index 0672139..cacc17d 100644 } diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c -index 97b6841..0893357 100644 +index 7a436c5..1b05c59 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -27,6 +27,10 @@ @@ -98291,7 +99847,7 @@ index 97b6841..0893357 100644 int sysctl_tcp_syncookies __read_mostly = 1; EXPORT_SYMBOL(sysctl_tcp_syncookies); -@@ -708,7 +712,10 @@ embryonic_reset: +@@ -709,7 +713,10 @@ embryonic_reset: * avoid becoming vulnerable to outside attack aiming at * resetting legit local connections. */ @@ -98304,7 +99860,7 @@ index 97b6841..0893357 100644 reqsk_fastopen_remove(sk, req, true); tcp_reset(sk); diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c -index 8b97d71..9d7ccf5 100644 +index 1f2d376..01d18c4 100644 --- a/net/ipv4/tcp_probe.c +++ b/net/ipv4/tcp_probe.c @@ -238,7 +238,7 @@ static ssize_t tcpprobe_read(struct file *file, char __user *buf, @@ -98346,7 +99902,7 @@ index 64f0354..a81b39d 100644 syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) { /* Has it gone just too far? */ diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c -index a7e4729..2758946 100644 +index 77bd16f..5f7174a 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -87,6 +87,7 @@ @@ -98538,10 +100094,10 @@ index e1a6393..f634ce5 100644 return -ENOMEM; } diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index 9c05d77..9cfa714 100644 +index 6c7fa08..285086c 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c -@@ -589,7 +589,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, +@@ -598,7 +598,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, idx = 0; head = &net->dev_index_head[h]; rcu_read_lock(); @@ -98550,7 +100106,7 @@ index 9c05d77..9cfa714 100644 net->dev_base_seq; hlist_for_each_entry_rcu(dev, head, index_hlist) { if (idx < s_idx) -@@ -2334,7 +2334,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) +@@ -2395,7 +2395,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) p.iph.ihl = 5; p.iph.protocol = IPPROTO_IPV6; p.iph.ttl = 64; @@ -98559,7 +100115,7 @@ index 9c05d77..9cfa714 100644 if (ops->ndo_do_ioctl) { mm_segment_t oldfs = get_fs(); -@@ -3964,7 +3964,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, +@@ -4146,7 +4146,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, s_ip_idx = ip_idx = cb->args[2]; rcu_read_lock(); @@ -98568,7 +100124,7 @@ index 9c05d77..9cfa714 100644 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { idx = 0; head = &net->dev_index_head[h]; -@@ -4571,7 +4571,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) +@@ -4758,7 +4758,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) dst_free(&ifp->rt->dst); break; } @@ -98577,7 +100133,7 @@ index 9c05d77..9cfa714 100644 rt_genid_bump_ipv6(net); } -@@ -4592,7 +4592,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, +@@ -4779,7 +4779,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -98586,7 +100142,7 @@ index 9c05d77..9cfa714 100644 int ret; /* -@@ -4677,7 +4677,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, +@@ -4864,7 +4864,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -98596,23 +100152,23 @@ index 9c05d77..9cfa714 100644 /* diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c -index 4fbdb70..f6411f2 100644 +index d935889..2f64330 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -776,7 +776,7 @@ static int __net_init inet6_net_init(struct net *net) - net->ipv6.sysctl.bindv6only = 0; net->ipv6.sysctl.icmpv6_time = 1*HZ; + net->ipv6.sysctl.flowlabel_consistency = 1; - atomic_set(&net->ipv6.rt_genid, 0); + atomic_set_unchecked(&net->ipv6.rt_genid, 0); err = ipv6_init_mibs(net); if (err) diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c -index 93b1aa3..e902855 100644 +index c3bf2d2..1f00573 100644 --- a/net/ipv6/datagram.c +++ b/net/ipv6/datagram.c -@@ -906,5 +906,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp, +@@ -938,5 +938,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp, 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -98620,10 +100176,10 @@ index 93b1aa3..e902855 100644 + atomic_read_unchecked(&sp->sk_drops)); } diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c -index eef8d94..cfa1852 100644 +index 7b32652..0bc348b 100644 --- a/net/ipv6/icmp.c +++ b/net/ipv6/icmp.c -@@ -997,7 +997,7 @@ struct ctl_table ipv6_icmp_table_template[] = { +@@ -1005,7 +1005,7 @@ static struct ctl_table ipv6_icmp_table_template[] = { struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net) { @@ -98633,10 +100189,10 @@ index eef8d94..cfa1852 100644 table = kmemdup(ipv6_icmp_table_template, sizeof(ipv6_icmp_table_template), diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index 8acb286..840dd06 100644 +index 2465d18..bc5bf7f 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c -@@ -74,7 +74,7 @@ struct ip6gre_net { +@@ -71,7 +71,7 @@ struct ip6gre_net { struct net_device *fb_tunnel_dev; }; @@ -98645,7 +100201,7 @@ index 8acb286..840dd06 100644 static int ip6gre_tunnel_init(struct net_device *dev); static void ip6gre_tunnel_setup(struct net_device *dev); static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t); -@@ -1294,7 +1294,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) +@@ -1291,7 +1291,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) } @@ -98654,7 +100210,7 @@ index 8acb286..840dd06 100644 .handler = ip6gre_rcv, .err_handler = ip6gre_err, .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, -@@ -1637,7 +1637,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { +@@ -1643,7 +1643,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { [IFLA_GRE_FLAGS] = { .type = NLA_U32 }, }; @@ -98663,7 +100219,7 @@ index 8acb286..840dd06 100644 .kind = "ip6gre", .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, -@@ -1650,7 +1650,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { +@@ -1657,7 +1657,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { .fill_info = ip6gre_fill_info, }; @@ -98673,10 +100229,10 @@ index 8acb286..840dd06 100644 .maxtype = IFLA_GRE_MAX, .policy = ip6gre_policy, diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c -index 7881965..9cf62c4 100644 +index 0e51f68..1f501e1 100644 --- a/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c -@@ -89,7 +89,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) +@@ -85,7 +85,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) static int ip6_tnl_dev_init(struct net_device *dev); static void ip6_tnl_dev_setup(struct net_device *dev); @@ -98685,7 +100241,7 @@ index 7881965..9cf62c4 100644 static int ip6_tnl_net_id __read_mostly; struct ip6_tnl_net { -@@ -1717,7 +1717,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { +@@ -1714,7 +1714,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, }; @@ -98695,10 +100251,10 @@ index 7881965..9cf62c4 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ip6_tnl_policy, diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c -index 7b42d5e..1eff693 100644 +index 2d19272..3a46322 100644 --- a/net/ipv6/ip6_vti.c +++ b/net/ipv6/ip6_vti.c -@@ -63,7 +63,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) +@@ -62,7 +62,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) static int vti6_dev_init(struct net_device *dev); static void vti6_dev_setup(struct net_device *dev); @@ -98707,7 +100263,7 @@ index 7b42d5e..1eff693 100644 static int vti6_net_id __read_mostly; struct vti6_net { -@@ -902,7 +902,7 @@ static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = { +@@ -901,7 +901,7 @@ static const struct nla_policy vti6_policy[IFLA_VTI_MAX + 1] = { [IFLA_VTI_OKEY] = { .type = NLA_U32 }, }; @@ -98717,7 +100273,7 @@ index 7b42d5e..1eff693 100644 .maxtype = IFLA_VTI_MAX, .policy = vti6_policy, diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c -index 1c6ce31..299e566 100644 +index 0a00f44..bec42b2 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -991,7 +991,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, @@ -98730,7 +100286,7 @@ index 1c6ce31..299e566 100644 msg.msg_flags = flags; diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c -index 710238f..0fd1816 100644 +index e080fbb..412b3cf 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -1083,14 +1083,14 @@ static int compat_table_info(const struct xt_table_info *info, @@ -98760,7 +100316,7 @@ index 710238f..0fd1816 100644 ret = -EFAULT; else ret = 0; -@@ -1981,7 +1981,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -1983,7 +1983,7 @@ compat_do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -98769,7 +100325,7 @@ index 710238f..0fd1816 100644 break; case IP6T_SO_GET_ENTRIES: ret = compat_get_entries(sock_net(sk), user, len); -@@ -2028,7 +2028,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) +@@ -2030,7 +2030,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) switch (cmd) { case IP6T_SO_GET_INFO: @@ -98854,38 +100410,42 @@ index 827f795..7e28e82 100644 EXPORT_SYMBOL(ipv6_select_ident); diff --git a/net/ipv6/ping.c b/net/ipv6/ping.c -index a83243c..a1ca589 100644 +index bda7429..469b26b 100644 --- a/net/ipv6/ping.c +++ b/net/ipv6/ping.c -@@ -246,6 +246,22 @@ static struct pernet_operations ping_v6_net_ops = { +@@ -246,6 +246,24 @@ static struct pernet_operations ping_v6_net_ops = { }; #endif +static struct pingv6_ops real_pingv6_ops = { -+ .ipv6_recv_error = ipv6_recv_error, -+ .ip6_datagram_recv_ctl = ip6_datagram_recv_ctl, -+ .icmpv6_err_convert = icmpv6_err_convert, -+ .ipv6_icmp_error = ipv6_icmp_error, -+ .ipv6_chk_addr = ipv6_chk_addr, ++ .ipv6_recv_error = ipv6_recv_error, ++ .ip6_datagram_recv_common_ctl = ip6_datagram_recv_common_ctl, ++ .ip6_datagram_recv_specific_ctl = ip6_datagram_recv_specific_ctl, ++ .icmpv6_err_convert = icmpv6_err_convert, ++ .ipv6_icmp_error = ipv6_icmp_error, ++ .ipv6_chk_addr = ipv6_chk_addr, +}; + +static struct pingv6_ops dummy_pingv6_ops = { -+ .ipv6_recv_error = dummy_ipv6_recv_error, -+ .ip6_datagram_recv_ctl = dummy_ip6_datagram_recv_ctl, -+ .icmpv6_err_convert = dummy_icmpv6_err_convert, -+ .ipv6_icmp_error = dummy_ipv6_icmp_error, -+ .ipv6_chk_addr = dummy_ipv6_chk_addr, ++ .ipv6_recv_error = dummy_ipv6_recv_error, ++ .ip6_datagram_recv_common_ctl = dummy_ip6_datagram_recv_ctl, ++ .ip6_datagram_recv_specific_ctl = dummy_ip6_datagram_recv_ctl, ++ .icmpv6_err_convert = dummy_icmpv6_err_convert, ++ .ipv6_icmp_error = dummy_ipv6_icmp_error, ++ .ipv6_chk_addr = dummy_ipv6_chk_addr, +}; + int __init pingv6_init(void) { #ifdef CONFIG_PROC_FS -@@ -253,11 +269,7 @@ int __init pingv6_init(void) +@@ -253,13 +271,7 @@ int __init pingv6_init(void) if (ret) return ret; #endif - pingv6_ops.ipv6_recv_error = ipv6_recv_error; -- pingv6_ops.ip6_datagram_recv_ctl = ip6_datagram_recv_ctl; +- pingv6_ops.ip6_datagram_recv_common_ctl = ip6_datagram_recv_common_ctl; +- pingv6_ops.ip6_datagram_recv_specific_ctl = +- ip6_datagram_recv_specific_ctl; - pingv6_ops.icmpv6_err_convert = icmpv6_err_convert; - pingv6_ops.ipv6_icmp_error = ipv6_icmp_error; - pingv6_ops.ipv6_chk_addr = ipv6_chk_addr; @@ -98893,24 +100453,40 @@ index a83243c..a1ca589 100644 return inet6_register_protosw(&pingv6_protosw); } -@@ -266,11 +278,7 @@ int __init pingv6_init(void) +@@ -268,14 +280,9 @@ int __init pingv6_init(void) */ void pingv6_exit(void) { - pingv6_ops.ipv6_recv_error = dummy_ipv6_recv_error; -- pingv6_ops.ip6_datagram_recv_ctl = dummy_ip6_datagram_recv_ctl; +- pingv6_ops.ip6_datagram_recv_common_ctl = dummy_ip6_datagram_recv_ctl; +- pingv6_ops.ip6_datagram_recv_specific_ctl = dummy_ip6_datagram_recv_ctl; - pingv6_ops.icmpv6_err_convert = dummy_icmpv6_err_convert; - pingv6_ops.ipv6_icmp_error = dummy_ipv6_icmp_error; - pingv6_ops.ipv6_chk_addr = dummy_ipv6_chk_addr; -+ pingv6_ops = &dummy_pingv6_ops; #ifdef CONFIG_PROC_FS unregister_pernet_subsys(&ping_v6_net_ops); #endif ++ pingv6_ops = &dummy_pingv6_ops; + inet6_unregister_protosw(&pingv6_protosw); + } +diff --git a/net/ipv6/proc.c b/net/ipv6/proc.c +index 091d066..139d410 100644 +--- a/net/ipv6/proc.c ++++ b/net/ipv6/proc.c +@@ -309,7 +309,7 @@ static int __net_init ipv6_proc_init_net(struct net *net) + if (!proc_create("snmp6", S_IRUGO, net->proc_net, &snmp6_seq_fops)) + goto proc_snmp6_fail; + +- net->mib.proc_net_devsnmp6 = proc_mkdir("dev_snmp6", net->proc_net); ++ net->mib.proc_net_devsnmp6 = proc_mkdir_restrict("dev_snmp6", net->proc_net); + if (!net->mib.proc_net_devsnmp6) + goto proc_dev_snmp6_fail; + return 0; diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c -index b6bb87e..06cc9ed 100644 +index 1f29996..46fe0c7 100644 --- a/net/ipv6/raw.c +++ b/net/ipv6/raw.c -@@ -384,7 +384,7 @@ static inline int rawv6_rcv_skb(struct sock *sk, struct sk_buff *skb) +@@ -388,7 +388,7 @@ static inline int rawv6_rcv_skb(struct sock *sk, struct sk_buff *skb) { if ((raw6_sk(sk)->checksum || rcu_access_pointer(sk->sk_filter)) && skb_checksum_complete(skb)) { @@ -98919,7 +100495,7 @@ index b6bb87e..06cc9ed 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -412,7 +412,7 @@ int rawv6_rcv(struct sock *sk, struct sk_buff *skb) +@@ -416,7 +416,7 @@ int rawv6_rcv(struct sock *sk, struct sk_buff *skb) struct raw6_sock *rp = raw6_sk(sk); if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) { @@ -98928,7 +100504,7 @@ index b6bb87e..06cc9ed 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -436,7 +436,7 @@ int rawv6_rcv(struct sock *sk, struct sk_buff *skb) +@@ -440,7 +440,7 @@ int rawv6_rcv(struct sock *sk, struct sk_buff *skb) if (inet->hdrincl) { if (skb_checksum_complete(skb)) { @@ -98937,7 +100513,7 @@ index b6bb87e..06cc9ed 100644 kfree_skb(skb); return NET_RX_DROP; } -@@ -465,6 +465,9 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, +@@ -469,6 +469,9 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, if (flags & MSG_OOB) return -EOPNOTSUPP; @@ -98947,7 +100523,7 @@ index b6bb87e..06cc9ed 100644 if (flags & MSG_ERRQUEUE) return ipv6_recv_error(sk, msg, len, addr_len); -@@ -503,7 +506,6 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, +@@ -507,7 +510,6 @@ static int rawv6_recvmsg(struct kiocb *iocb, struct sock *sk, sin6->sin6_flowinfo = 0; sin6->sin6_scope_id = ipv6_iface_scope_id(&sin6->sin6_addr, IP6CB(skb)->iif); @@ -98955,7 +100531,7 @@ index b6bb87e..06cc9ed 100644 } sock_recv_ts_and_drops(msg, sk, skb); -@@ -606,7 +608,7 @@ out: +@@ -610,7 +612,7 @@ out: return err; } @@ -98964,7 +100540,7 @@ index b6bb87e..06cc9ed 100644 struct flowi6 *fl6, struct dst_entry **dstp, unsigned int flags) { -@@ -918,12 +920,15 @@ do_confirm: +@@ -922,12 +924,15 @@ do_confirm: static int rawv6_seticmpfilter(struct sock *sk, int level, int optname, char __user *optval, int optlen) { @@ -98981,7 +100557,7 @@ index b6bb87e..06cc9ed 100644 return 0; default: return -ENOPROTOOPT; -@@ -936,6 +941,7 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, +@@ -940,6 +945,7 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen) { int len; @@ -98989,7 +100565,7 @@ index b6bb87e..06cc9ed 100644 switch (optname) { case ICMPV6_FILTER: -@@ -947,7 +953,8 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, +@@ -951,7 +957,8 @@ static int rawv6_geticmpfilter(struct sock *sk, int level, int optname, len = sizeof(struct icmp6_filter); if (put_user(len, optlen)) return -EFAULT; @@ -99042,19 +100618,10 @@ index cc85a9b..526a133 100644 return -ENOMEM; } diff --git a/net/ipv6/route.c b/net/ipv6/route.c -index 4b4944c..d346b14 100644 +index 7cc1102..7785931 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c -@@ -1495,7 +1495,7 @@ int ip6_route_add(struct fib6_config *cfg) - if (!table) - goto out; - -- rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table); -+ rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table); - - if (!rt) { - err = -ENOMEM; -@@ -2954,7 +2954,7 @@ struct ctl_table ipv6_route_table_template[] = { +@@ -2973,7 +2973,7 @@ struct ctl_table ipv6_route_table_template[] = { struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) { @@ -99064,7 +100631,7 @@ index 4b4944c..d346b14 100644 table = kmemdup(ipv6_route_table_template, sizeof(ipv6_route_table_template), diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c -index d3005b3..b36df4a 100644 +index b4d74c8..b4f3fbe 100644 --- a/net/ipv6/sit.c +++ b/net/ipv6/sit.c @@ -74,7 +74,7 @@ static void ipip6_tunnel_setup(struct net_device *dev); @@ -99076,7 +100643,7 @@ index d3005b3..b36df4a 100644 static int sit_net_id __read_mostly; struct sit_net { -@@ -1664,7 +1664,7 @@ static void ipip6_dellink(struct net_device *dev, struct list_head *head) +@@ -1683,7 +1683,7 @@ static void ipip6_dellink(struct net_device *dev, struct list_head *head) unregister_netdevice_queue(dev, head); } @@ -99086,10 +100653,10 @@ index d3005b3..b36df4a 100644 .maxtype = IFLA_IPTUN_MAX, .policy = ipip6_policy, diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c -index 107b2f1..72741a9 100644 +index 7f405a1..eabef92 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c -@@ -40,7 +40,7 @@ static struct ctl_table ipv6_rotable[] = { +@@ -54,7 +54,7 @@ static struct ctl_table ipv6_rotable[] = { static int __net_init ipv6_sysctl_net_init(struct net *net) { @@ -99099,7 +100666,7 @@ index 107b2f1..72741a9 100644 struct ctl_table *ipv6_icmp_table; int err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c -index f67033b..6f974fc 100644 +index 889079b..a04512c 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) @@ -99113,7 +100680,7 @@ index f67033b..6f974fc 100644 static void tcp_v6_hash(struct sock *sk) { if (sk->sk_state != TCP_CLOSE) { -@@ -1397,6 +1401,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) +@@ -1412,6 +1416,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; reset: @@ -99123,7 +100690,7 @@ index f67033b..6f974fc 100644 tcp_v6_send_reset(sk, skb); discard: if (opt_skb) -@@ -1479,12 +1486,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) +@@ -1496,12 +1503,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) TCP_SKB_CB(skb)->sacked = 0; sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); @@ -99146,7 +100713,7 @@ index f67033b..6f974fc 100644 if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); -@@ -1536,6 +1551,10 @@ csum_error: +@@ -1553,6 +1568,10 @@ csum_error: bad_packet: TCP_INC_STATS_BH(net, TCP_MIB_INERRS); } else { @@ -99158,7 +100725,7 @@ index f67033b..6f974fc 100644 } diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c -index 089c741..cfee117 100644 +index 1e586d9..384a9c9 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -76,6 +76,10 @@ static unsigned int udp6_ehashfn(struct net *net, @@ -99191,16 +100758,16 @@ index 089c741..cfee117 100644 if (is_udp4) UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, -@@ -477,7 +484,7 @@ try_again: +@@ -475,7 +482,7 @@ try_again: ipv6_iface_scope_id(&sin6->sin6_addr, IP6CB(skb)->iif); } - *addr_len = sizeof(*sin6); + } - if (is_udp4) { - if (inet->cmsg_flags) -@@ -685,7 +692,7 @@ csum_error: + + if (np->rxopt.all) +@@ -690,7 +697,7 @@ csum_error: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -99209,7 +100776,7 @@ index 089c741..cfee117 100644 kfree_skb(skb); return -1; } -@@ -742,7 +749,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -747,7 +754,7 @@ static void flush_stack(struct sock **stack, unsigned int count, if (likely(skb1 == NULL)) skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -99218,7 +100785,7 @@ index 089c741..cfee117 100644 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -881,6 +888,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -886,6 +893,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -99281,11 +100848,24 @@ index 5f8e128..865d38e 100644 err_alloc: return -ENOMEM; } +diff --git a/net/ipx/ipx_proc.c b/net/ipx/ipx_proc.c +index e15c16a..7cf07aa 100644 +--- a/net/ipx/ipx_proc.c ++++ b/net/ipx/ipx_proc.c +@@ -289,7 +289,7 @@ int __init ipx_proc_init(void) + struct proc_dir_entry *p; + int rc = -ENOMEM; + +- ipx_proc_dir = proc_mkdir("ipx", init_net.proc_net); ++ ipx_proc_dir = proc_mkdir_restrict("ipx", init_net.proc_net); + + if (!ipx_proc_dir) + goto out; diff --git a/net/irda/ircomm/ircomm_tty.c b/net/irda/ircomm/ircomm_tty.c -index 41ac7938..75e3bb1 100644 +index 2ba8b97..6d33010 100644 --- a/net/irda/ircomm/ircomm_tty.c +++ b/net/irda/ircomm/ircomm_tty.c -@@ -319,11 +319,11 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, +@@ -317,11 +317,11 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, add_wait_queue(&port->open_wait, &wait); IRDA_DEBUG(2, "%s(%d):block_til_ready before block on %s open_count=%d\n", @@ -99299,7 +100879,7 @@ index 41ac7938..75e3bb1 100644 port->blocked_open++; spin_unlock_irqrestore(&port->lock, flags); -@@ -358,7 +358,7 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, +@@ -356,7 +356,7 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, } IRDA_DEBUG(1, "%s(%d):block_til_ready blocking on %s open_count=%d\n", @@ -99308,7 +100888,7 @@ index 41ac7938..75e3bb1 100644 schedule(); } -@@ -368,12 +368,12 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, +@@ -366,12 +366,12 @@ static int ircomm_tty_block_til_ready(struct ircomm_tty_cb *self, spin_lock_irqsave(&port->lock, flags); if (!tty_hung_up_p(filp)) @@ -99323,7 +100903,7 @@ index 41ac7938..75e3bb1 100644 if (!retval) port->flags |= ASYNC_NORMAL_ACTIVE; -@@ -447,12 +447,12 @@ static int ircomm_tty_open(struct tty_struct *tty, struct file *filp) +@@ -445,12 +445,12 @@ static int ircomm_tty_open(struct tty_struct *tty, struct file *filp) /* ++ is not atomic, so this should be protected - Jean II */ spin_lock_irqsave(&self->port.lock, flags); @@ -99338,7 +100918,7 @@ index 41ac7938..75e3bb1 100644 /* Not really used by us, but lets do it anyway */ self->port.low_latency = (self->port.flags & ASYNC_LOW_LATENCY) ? 1 : 0; -@@ -989,7 +989,7 @@ static void ircomm_tty_hangup(struct tty_struct *tty) +@@ -987,7 +987,7 @@ static void ircomm_tty_hangup(struct tty_struct *tty) tty_kref_put(port->tty); } port->tty = NULL; @@ -99347,7 +100927,7 @@ index 41ac7938..75e3bb1 100644 spin_unlock_irqrestore(&port->lock, flags); wake_up_interruptible(&port->open_wait); -@@ -1346,7 +1346,7 @@ static void ircomm_tty_line_info(struct ircomm_tty_cb *self, struct seq_file *m) +@@ -1344,7 +1344,7 @@ static void ircomm_tty_line_info(struct ircomm_tty_cb *self, struct seq_file *m) seq_putc(m, '\n'); seq_printf(m, "Role: %s\n", self->client ? "client" : "server"); @@ -99356,6 +100936,19 @@ index 41ac7938..75e3bb1 100644 seq_printf(m, "Max data size: %d\n", self->max_data_size); seq_printf(m, "Max header size: %d\n", self->max_header_size); +diff --git a/net/irda/irproc.c b/net/irda/irproc.c +index b9ac598..f88cc56 100644 +--- a/net/irda/irproc.c ++++ b/net/irda/irproc.c +@@ -66,7 +66,7 @@ void __init irda_proc_register(void) + { + int i; + +- proc_irda = proc_mkdir("irda", init_net.proc_net); ++ proc_irda = proc_mkdir_restrict("irda", init_net.proc_net); + if (proc_irda == NULL) + return; + diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c index c4b7218..3e83259 100644 --- a/net/iucv/af_iucv.c @@ -99387,10 +100980,10 @@ index cd5b8ec..f205e6b 100644 }; diff --git a/net/key/af_key.c b/net/key/af_key.c -index 545f047..9757a9d 100644 +index 7932697..a13d158 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c -@@ -3041,10 +3041,10 @@ static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, const struc +@@ -3052,10 +3052,10 @@ static int pfkey_send_policy_notify(struct xfrm_policy *xp, int dir, const struc static u32 get_acqseq(void) { u32 res; @@ -99404,7 +100997,7 @@ index 545f047..9757a9d 100644 return res; } diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c -index da1a1ce..571db8d 100644 +index 0b44d85..1a7f88b 100644 --- a/net/l2tp/l2tp_ip.c +++ b/net/l2tp/l2tp_ip.c @@ -518,6 +518,9 @@ static int l2tp_ip_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *m @@ -99425,11 +101018,24 @@ index da1a1ce..571db8d 100644 } if (inet->cmsg_flags) ip_cmsg_recv(msg, skb); +diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c +index 1a3c7e0..80f8b0c 100644 +--- a/net/llc/llc_proc.c ++++ b/net/llc/llc_proc.c +@@ -247,7 +247,7 @@ int __init llc_proc_init(void) + int rc = -ENOMEM; + struct proc_dir_entry *p; + +- llc_proc_dir = proc_mkdir("llc", init_net.proc_net); ++ llc_proc_dir = proc_mkdir_restrict("llc", init_net.proc_net); + if (!llc_proc_dir) + goto out; + diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c -index b4b61b2..ac84a257 100644 +index 453e974..b3a43a5 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c -@@ -826,7 +826,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, +@@ -839,7 +839,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, ret = ieee80211_vif_use_channel(sdata, chandef, IEEE80211_CHANCTX_EXCLUSIVE); } @@ -99438,7 +101044,7 @@ index b4b61b2..ac84a257 100644 local->_oper_chandef = *chandef; ieee80211_hw_config(local, 0); } -@@ -3311,7 +3311,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, +@@ -3356,7 +3356,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, else local->probe_req_reg--; @@ -99447,7 +101053,7 @@ index b4b61b2..ac84a257 100644 break; ieee80211_queue_work(&local->hw, &local->reconfig_filter); -@@ -3774,8 +3774,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, +@@ -3819,8 +3819,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, if (chanctx_conf) { *chandef = chanctx_conf->def; ret = 0; @@ -99459,7 +101065,7 @@ index b4b61b2..ac84a257 100644 if (local->use_chanctx) *chandef = local->monitor_chandef; diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h -index 4aea4e7..9e698d1 100644 +index 6bd4984..d8805c5 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -28,6 +28,7 @@ @@ -99470,7 +101076,7 @@ index 4aea4e7..9e698d1 100644 #include "key.h" #include "sta_info.h" #include "debug.h" -@@ -961,7 +962,7 @@ struct ieee80211_local { +@@ -994,7 +995,7 @@ struct ieee80211_local { /* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ spinlock_t queue_stop_reason_lock; @@ -99480,10 +101086,10 @@ index 4aea4e7..9e698d1 100644 /* number of interfaces with corresponding FIF_ flags */ int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss, fif_pspoll, diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c -index a075791..1d0027f 100644 +index ce1c443..6cd39e1 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c -@@ -519,7 +519,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -529,7 +529,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) break; } @@ -99492,7 +101098,7 @@ index a075791..1d0027f 100644 res = drv_start(local); if (res) goto err_del_bss; -@@ -566,7 +566,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -576,7 +576,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) res = drv_add_interface(local, sdata); if (res) goto err_stop; @@ -99501,7 +101107,7 @@ index a075791..1d0027f 100644 res = ieee80211_add_virtual_monitor(local); if (res) goto err_stop; -@@ -675,7 +675,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -685,7 +685,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) atomic_inc(&local->iff_promiscs); if (coming_up) @@ -99510,7 +101116,7 @@ index a075791..1d0027f 100644 if (hw_reconf_flags) ieee80211_hw_config(local, hw_reconf_flags); -@@ -713,7 +713,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) +@@ -723,7 +723,7 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up) err_del_interface: drv_remove_interface(local, sdata); err_stop: @@ -99519,7 +101125,7 @@ index a075791..1d0027f 100644 drv_stop(local); err_del_bss: sdata->bss = NULL; -@@ -856,7 +856,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -874,7 +874,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, } if (going_down) @@ -99528,7 +101134,7 @@ index a075791..1d0027f 100644 switch (sdata->vif.type) { case NL80211_IFTYPE_AP_VLAN: -@@ -923,7 +923,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -933,7 +933,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, } spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); @@ -99537,7 +101143,7 @@ index a075791..1d0027f 100644 ieee80211_clear_tx_pending(local); /* -@@ -963,7 +963,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -973,7 +973,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, ieee80211_recalc_ps(local, -1); @@ -99546,7 +101152,7 @@ index a075791..1d0027f 100644 ieee80211_stop_device(local); /* no reconfiguring after stop! */ -@@ -974,7 +974,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, +@@ -984,7 +984,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, ieee80211_configure_filter(local); ieee80211_hw_config(local, hw_reconf_flags); @@ -99556,10 +101162,10 @@ index a075791..1d0027f 100644 } diff --git a/net/mac80211/main.c b/net/mac80211/main.c -index 7d1c3ac..b62dd29 100644 +index c7a7a86..a74f57b 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c -@@ -172,7 +172,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) +@@ -174,7 +174,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) changed &= ~(IEEE80211_CONF_CHANGE_CHANNEL | IEEE80211_CONF_CHANGE_POWER); @@ -99569,7 +101175,7 @@ index 7d1c3ac..b62dd29 100644 /* * Goal: diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c -index 3401262..d5cd68d 100644 +index d478b88..8c8d157 100644 --- a/net/mac80211/pm.c +++ b/net/mac80211/pm.c @@ -12,7 +12,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) @@ -99581,7 +101187,7 @@ index 3401262..d5cd68d 100644 goto suspend; ieee80211_scan_cancel(local); -@@ -59,7 +59,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) +@@ -58,7 +58,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) cancel_work_sync(&local->dynamic_ps_enable_work); del_timer_sync(&local->dynamic_ps_timer); @@ -99590,7 +101196,7 @@ index 3401262..d5cd68d 100644 if (local->wowlan) { int err = drv_suspend(local, wowlan); if (err < 0) { -@@ -116,7 +116,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) +@@ -123,7 +123,7 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan) WARN_ON(!list_empty(&local->chanctx_list)); /* stop hardware - this must stop RX */ @@ -99626,10 +101232,10 @@ index 6ff1346..936ca9a 100644 return p; diff --git a/net/mac80211/util.c b/net/mac80211/util.c -index 9f9b9bd..d6fcf59 100644 +index b8700d4..89086d5 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c -@@ -1474,7 +1474,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -1483,7 +1483,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) } #endif /* everything else happens only if HW was up & running */ @@ -99638,7 +101244,7 @@ index 9f9b9bd..d6fcf59 100644 goto wake_up; /* -@@ -1699,7 +1699,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) +@@ -1708,7 +1708,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) local->in_reconfig = false; barrier(); @@ -99648,10 +101254,10 @@ index 9f9b9bd..d6fcf59 100644 /* diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig -index c3398cd..98ad3b4 100644 +index e9410d1..77b6378 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig -@@ -1002,6 +1002,16 @@ config NETFILTER_XT_MATCH_ESP +@@ -1081,6 +1081,16 @@ config NETFILTER_XT_MATCH_ESP To compile it as a module, choose M here. If unsure, say N. @@ -99669,10 +101275,10 @@ index c3398cd..98ad3b4 100644 tristate '"hashlimit" match support' depends on (IP6_NF_IPTABLES || IP6_NF_IPTABLES=n) diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile -index 394483b..ed51f2d 100644 +index bffdad7..f9317d1 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile -@@ -130,6 +130,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_DEVGROUP) += xt_devgroup.o +@@ -133,6 +133,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_DEVGROUP) += xt_devgroup.o obj-$(CONFIG_NETFILTER_XT_MATCH_DSCP) += xt_dscp.o obj-$(CONFIG_NETFILTER_XT_MATCH_ECN) += xt_ecn.o obj-$(CONFIG_NETFILTER_XT_MATCH_ESP) += xt_esp.o @@ -99681,10 +101287,10 @@ index 394483b..ed51f2d 100644 obj-$(CONFIG_NETFILTER_XT_MATCH_HELPER) += xt_helper.o obj-$(CONFIG_NETFILTER_XT_MATCH_HL) += xt_hl.o diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c -index bac7e01..1d7a31a 100644 +index de770ec..3fc49d2 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c -@@ -1950,7 +1950,7 @@ done: +@@ -1922,7 +1922,7 @@ done: return ret; } @@ -99694,7 +101300,7 @@ index bac7e01..1d7a31a 100644 .get_optmin = SO_IP_SET, .get_optmax = SO_IP_SET + 1, diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c -index 4c8e5c0..5a79b4d 100644 +index a8eb0a8..86f2de4 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c +++ b/net/netfilter/ipvs/ip_vs_conn.c @@ -556,7 +556,7 @@ ip_vs_bind_dest(struct ip_vs_conn *cp, struct ip_vs_dest *dest) @@ -99849,7 +101455,7 @@ index 3f21a2f..a112e85 100644 .procname = "lblcr_expiration", .data = NULL, diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c -index f63c238..1b87f8a 100644 +index db80126..ef7110e 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c +++ b/net/netfilter/ipvs/ip_vs_sync.c @@ -609,7 +609,7 @@ static void ip_vs_sync_conn_v0(struct net *net, struct ip_vs_conn *cp, @@ -99915,10 +101521,10 @@ index a4b5e2a..13b1de3 100644 table = kmemdup(acct_sysctl_table, sizeof(acct_sysctl_table), GFP_KERNEL); diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c -index 43549eb..0bbeace 100644 +index 356bef5..99932cb 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c -@@ -1605,6 +1605,10 @@ void nf_conntrack_init_end(void) +@@ -1627,6 +1627,10 @@ void nf_conntrack_init_end(void) #define DYING_NULLS_VAL ((1<<30)+1) #define TEMPLATE_NULLS_VAL ((1<<30)+2) @@ -99929,7 +101535,7 @@ index 43549eb..0bbeace 100644 int nf_conntrack_init_net(struct net *net) { int ret; -@@ -1619,7 +1623,11 @@ int nf_conntrack_init_net(struct net *net) +@@ -1641,7 +1645,11 @@ int nf_conntrack_init_net(struct net *net) goto err_stat; } @@ -99968,7 +101574,7 @@ index 974a2a4..52cc6ff 100644 table = kmemdup(helper_sysctl_table, sizeof(helper_sysctl_table), GFP_KERNEL); diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c -index ce30041..3861b5d 100644 +index b65d586..beec902 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -52,7 +52,7 @@ nf_ct_register_sysctl(struct net *net, @@ -99980,55 +101586,6 @@ index ce30041..3861b5d 100644 unsigned int users) { if (users > 0) -diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c -index a99b6c3..cb372f9 100644 ---- a/net/netfilter/nf_conntrack_proto_dccp.c -+++ b/net/netfilter/nf_conntrack_proto_dccp.c -@@ -428,7 +428,7 @@ static bool dccp_new(struct nf_conn *ct, const struct sk_buff *skb, - const char *msg; - u_int8_t state; - -- dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); -+ dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); - BUG_ON(dh == NULL); - - state = dccp_state_table[CT_DCCP_ROLE_CLIENT][dh->dccph_type][CT_DCCP_NONE]; -@@ -457,7 +457,7 @@ static bool dccp_new(struct nf_conn *ct, const struct sk_buff *skb, - out_invalid: - if (LOG_INVALID(net, IPPROTO_DCCP)) - nf_log_packet(net, nf_ct_l3num(ct), 0, skb, NULL, NULL, -- NULL, msg); -+ NULL, "%s", msg); - return false; - } - -@@ -486,7 +486,7 @@ static int dccp_packet(struct nf_conn *ct, const struct sk_buff *skb, - u_int8_t type, old_state, new_state; - enum ct_dccp_roles role; - -- dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); -+ dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); - BUG_ON(dh == NULL); - type = dh->dccph_type; - -@@ -577,7 +577,7 @@ static int dccp_error(struct net *net, struct nf_conn *tmpl, - unsigned int cscov; - const char *msg; - -- dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); -+ dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); - if (dh == NULL) { - msg = "nf_ct_dccp: short packet "; - goto out_invalid; -@@ -614,7 +614,7 @@ static int dccp_error(struct net *net, struct nf_conn *tmpl, - - out_invalid: - if (LOG_INVALID(net, IPPROTO_DCCP)) -- nf_log_packet(net, pf, 0, skb, NULL, NULL, NULL, msg); -+ nf_log_packet(net, pf, 0, skb, NULL, NULL, NULL, "%s", msg); - return -NF_ACCEPT; - } - diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index f641751..d3c5b51 100644 --- a/net/netfilter/nf_conntrack_standalone.c @@ -100110,6 +101667,21 @@ index f042ae5..30ea486 100644 mutex_unlock(&nf_sockopt_mutex); } EXPORT_SYMBOL(nf_unregister_sockopt); +diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c +index c68e5e0..8d52d50 100644 +--- a/net/netfilter/nf_tables_api.c ++++ b/net/netfilter/nf_tables_api.c +@@ -152,8 +152,8 @@ nf_tables_chain_type_lookup(const struct nft_af_info *afi, + #ifdef CONFIG_MODULES + if (autoload) { + nfnl_unlock(NFNL_SUBSYS_NFTABLES); +- request_module("nft-chain-%u-%*.s", afi->family, +- nla_len(nla)-1, (const char *)nla_data(nla)); ++ request_module("nft-chain-%u-%.*s", afi->family, ++ nla_len(nla), (const char *)nla_data(nla)); + nfnl_lock(NFNL_SUBSYS_NFTABLES); + type = __nf_tables_chain_type_lookup(afi->family, nla); + if (type != NULL) diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index a155d19..726b0f2 100644 --- a/net/netfilter/nfnetlink_log.c @@ -100133,7 +101705,7 @@ index a155d19..726b0f2 100644 if (data_len) { diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c -index da0c1f4..f79737a 100644 +index 82cb823..5685dd5 100644 --- a/net/netfilter/nft_compat.c +++ b/net/netfilter/nft_compat.c @@ -216,7 +216,7 @@ target_dump_info(struct sk_buff *skb, const struct xt_target *t, const void *in) @@ -100211,8 +101783,39 @@ index 0000000..c566332 +MODULE_LICENSE("GPL"); +MODULE_ALIAS("ipt_gradm"); +MODULE_ALIAS("ip6t_gradm"); +diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c +index a3910fc..2d2ba14 100644 +--- a/net/netfilter/xt_hashlimit.c ++++ b/net/netfilter/xt_hashlimit.c +@@ -870,11 +870,11 @@ static int __net_init hashlimit_proc_net_init(struct net *net) + { + struct hashlimit_net *hashlimit_net = hashlimit_pernet(net); + +- hashlimit_net->ipt_hashlimit = proc_mkdir("ipt_hashlimit", net->proc_net); ++ hashlimit_net->ipt_hashlimit = proc_mkdir_restrict("ipt_hashlimit", net->proc_net); + if (!hashlimit_net->ipt_hashlimit) + return -ENOMEM; + #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) +- hashlimit_net->ip6t_hashlimit = proc_mkdir("ip6t_hashlimit", net->proc_net); ++ hashlimit_net->ip6t_hashlimit = proc_mkdir_restrict("ip6t_hashlimit", net->proc_net); + if (!hashlimit_net->ip6t_hashlimit) { + remove_proc_entry("ipt_hashlimit", net->proc_net); + return -ENOMEM; +diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c +index 1e657cf..1eb1c34 100644 +--- a/net/netfilter/xt_recent.c ++++ b/net/netfilter/xt_recent.c +@@ -618,7 +618,7 @@ static int __net_init recent_proc_net_init(struct net *net) + { + struct recent_net *recent_net = recent_pernet(net); + +- recent_net->xt_recent = proc_mkdir("xt_recent", net->proc_net); ++ recent_net->xt_recent = proc_mkdir_restrict("xt_recent", net->proc_net); + if (!recent_net->xt_recent) + return -ENOMEM; + return 0; diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c -index 4fe4fb4..87a89e5 100644 +index 11de55e..f25e448 100644 --- a/net/netfilter/xt_statistic.c +++ b/net/netfilter/xt_statistic.c @@ -19,7 +19,7 @@ @@ -100246,10 +101849,10 @@ index 4fe4fb4..87a89e5 100644 return 0; } diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c -index bca50b9..782ec12 100644 +index 04748ab6..ca8f86f 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c -@@ -249,7 +249,7 @@ static void netlink_overrun(struct sock *sk) +@@ -257,7 +257,7 @@ static void netlink_overrun(struct sock *sk) sk->sk_error_report(sk); } } @@ -100258,18 +101861,7 @@ index bca50b9..782ec12 100644 } static void netlink_rcv_wake(struct sock *sk) -@@ -1481,8 +1481,8 @@ static int netlink_connect(struct socket *sock, struct sockaddr *addr, - if (addr->sa_family != AF_NETLINK) - return -EINVAL; - -- /* Only superuser is allowed to send multicasts */ -- if (nladdr->nl_groups && !netlink_capable(sock, NL_CFG_F_NONROOT_SEND)) -+ if ((nladdr->nl_groups || nladdr->nl_pid) && -+ !netlink_capable(sock, NL_CFG_F_NONROOT_SEND)) - return -EPERM; - - if (!nlk->portid) -@@ -2940,7 +2940,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) +@@ -2933,7 +2933,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) sk_wmem_alloc_get(s), nlk->cb_running, atomic_read(&s->sk_refcnt), @@ -100279,7 +101871,7 @@ index bca50b9..782ec12 100644 ); diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c -index 53c19a3..b0ac04a 100644 +index b74aa07..d41926e 100644 --- a/net/netrom/af_netrom.c +++ b/net/netrom/af_netrom.c @@ -850,7 +850,6 @@ static int nr_getname(struct socket *sock, struct sockaddr *uaddr, @@ -100291,10 +101883,10 @@ index 53c19a3..b0ac04a 100644 *uaddr_len = sizeof(struct sockaddr_ax25); } diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index 88cfbc1..05d73f5 100644 +index 48a6a93..0b0496e 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c -@@ -1720,7 +1720,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1845,7 +1845,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_packets++; @@ -100303,7 +101895,7 @@ index 88cfbc1..05d73f5 100644 __skb_queue_tail(&sk->sk_receive_queue, skb); spin_unlock(&sk->sk_receive_queue.lock); sk->sk_data_ready(sk, skb->len); -@@ -1729,7 +1729,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1854,7 +1854,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, drop_n_acct: spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_drops++; @@ -100312,7 +101904,7 @@ index 88cfbc1..05d73f5 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -3275,7 +3275,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3449,7 +3449,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -100321,7 +101913,7 @@ index 88cfbc1..05d73f5 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3318,7 +3318,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3495,7 +3495,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, len = lv; if (put_user(len, optlen)) return -EFAULT; @@ -100330,33 +101922,6 @@ index 88cfbc1..05d73f5 100644 return -EFAULT; return 0; } -diff --git a/net/phonet/datagram.c b/net/phonet/datagram.c -index 38946b2..12c30f3 100644 ---- a/net/phonet/datagram.c -+++ b/net/phonet/datagram.c -@@ -139,6 +139,9 @@ static int pn_recvmsg(struct kiocb *iocb, struct sock *sk, - MSG_CMSG_COMPAT)) - goto out_nofree; - -+ if (addr_len) -+ *addr_len = sizeof(sa); -+ - skb = skb_recv_datagram(sk, flags, noblock, &rval); - if (skb == NULL) - goto out_nofree; -@@ -159,10 +162,8 @@ static int pn_recvmsg(struct kiocb *iocb, struct sock *sk, - - rval = (flags & MSG_TRUNC) ? skb->len : copylen; - -- if (msg->msg_name != NULL) { -- memcpy(msg->msg_name, &sa, sizeof(sa)); -- *addr_len = sizeof(sa); -- } -+ if (msg->msg_name != NULL) -+ memcpy(msg->msg_name, &sa, sizeof(struct sockaddr_pn)); - - out: - skb_free_datagram(sk, skb); diff --git a/net/phonet/pep.c b/net/phonet/pep.c index e774117..900b8b7 100644 --- a/net/phonet/pep.c @@ -100594,10 +102159,10 @@ index e61aa60..f07cc89 100644 /* count of skbs currently in use */ atomic_t rxrpc_n_skbs; diff --git a/net/rxrpc/ar-ack.c b/net/rxrpc/ar-ack.c -index e4d9cbc..b229649 100644 +index cd97a0c..0041649 100644 --- a/net/rxrpc/ar-ack.c +++ b/net/rxrpc/ar-ack.c -@@ -175,7 +175,7 @@ static void rxrpc_resend(struct rxrpc_call *call) +@@ -182,7 +182,7 @@ static void rxrpc_resend(struct rxrpc_call *call) _enter("{%d,%d,%d,%d},", call->acks_hard, call->acks_unacked, @@ -100606,7 +102171,7 @@ index e4d9cbc..b229649 100644 CIRC_CNT(call->acks_head, call->acks_tail, call->acks_winsz)); stop = 0; -@@ -199,7 +199,7 @@ static void rxrpc_resend(struct rxrpc_call *call) +@@ -206,7 +206,7 @@ static void rxrpc_resend(struct rxrpc_call *call) /* each Tx packet has a new serial number */ sp->hdr.serial = @@ -100615,7 +102180,7 @@ index e4d9cbc..b229649 100644 hdr = (struct rxrpc_header *) txb->head; hdr->serial = sp->hdr.serial; -@@ -403,7 +403,7 @@ static void rxrpc_rotate_tx_window(struct rxrpc_call *call, u32 hard) +@@ -410,7 +410,7 @@ static void rxrpc_rotate_tx_window(struct rxrpc_call *call, u32 hard) */ static void rxrpc_clear_tx_window(struct rxrpc_call *call) { @@ -100624,7 +102189,7 @@ index e4d9cbc..b229649 100644 } /* -@@ -629,7 +629,7 @@ process_further: +@@ -636,7 +636,7 @@ process_further: latest = ntohl(sp->hdr.serial); hard = ntohl(ack.firstPacket); @@ -100633,7 +102198,7 @@ index e4d9cbc..b229649 100644 _proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }", latest, -@@ -1161,7 +1161,7 @@ void rxrpc_process_call(struct work_struct *work) +@@ -1168,7 +1168,7 @@ void rxrpc_process_call(struct work_struct *work) goto maybe_reschedule; send_ACK_with_skew: @@ -100642,7 +102207,7 @@ index e4d9cbc..b229649 100644 ntohl(ack.serial)); send_ACK: mtu = call->conn->trans->peer->if_mtu; -@@ -1173,7 +1173,7 @@ send_ACK: +@@ -1180,7 +1180,7 @@ send_ACK: ackinfo.rxMTU = htonl(5692); ackinfo.jumbo_max = htonl(4); @@ -100651,7 +102216,7 @@ index e4d9cbc..b229649 100644 _proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }", ntohl(hdr.serial), ntohs(ack.maxSkew), -@@ -1191,7 +1191,7 @@ send_ACK: +@@ -1198,7 +1198,7 @@ send_ACK: send_message: _debug("send message"); @@ -100674,7 +102239,7 @@ index a3bbb36..3341fb9 100644 memset(&call->sock_node, 0xed, sizeof(call->sock_node)); diff --git a/net/rxrpc/ar-connection.c b/net/rxrpc/ar-connection.c -index 4106ca9..a338d7a 100644 +index 7bf5b5b..4a3bf2c 100644 --- a/net/rxrpc/ar-connection.c +++ b/net/rxrpc/ar-connection.c @@ -206,7 +206,7 @@ static struct rxrpc_connection *rxrpc_alloc_connection(gfp_t gfp) @@ -100762,7 +102327,7 @@ index 87f7135..74d3703 100644 } diff --git a/net/rxrpc/ar-output.c b/net/rxrpc/ar-output.c -index e1ac183..b43e10e 100644 +index d0e8f1c..a3a1686 100644 --- a/net/rxrpc/ar-output.c +++ b/net/rxrpc/ar-output.c @@ -682,9 +682,9 @@ static int rxrpc_send_data(struct kiocb *iocb, @@ -100841,10 +102406,10 @@ index f226709..0e735a8 100644 ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c -index 7567e6f..299382b 100644 +index 2b1738e..a9d0fc9 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c -@@ -964,7 +964,7 @@ static const struct inet6_protocol sctpv6_protocol = { +@@ -966,7 +966,7 @@ static const struct inet6_protocol sctpv6_protocol = { .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL, }; @@ -100853,7 +102418,7 @@ index 7567e6f..299382b 100644 .sa_family = AF_INET6, .sctp_xmit = sctp_v6_xmit, .setsockopt = ipv6_setsockopt, -@@ -996,7 +996,7 @@ static struct sctp_af sctp_af_inet6 = { +@@ -998,7 +998,7 @@ static struct sctp_af sctp_af_inet6 = { #endif }; @@ -100862,7 +102427,7 @@ index 7567e6f..299382b 100644 .event_msgname = sctp_inet6_event_msgname, .skb_msgname = sctp_inet6_skb_msgname, .af_supported = sctp_inet6_af_supported, -@@ -1021,7 +1021,7 @@ void sctp_v6_pf_init(void) +@@ -1023,7 +1023,7 @@ void sctp_v6_pf_init(void) void sctp_v6_pf_exit(void) { @@ -100872,10 +102437,10 @@ index 7567e6f..299382b 100644 /* Initialize IPv6 support and register with socket layer. */ diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c -index 5e17092..19be1d4 100644 +index a62a215..0976540 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c -@@ -832,8 +832,10 @@ int sctp_register_af(struct sctp_af *af) +@@ -836,8 +836,10 @@ int sctp_register_af(struct sctp_af *af) return 0; } @@ -100887,7 +102452,7 @@ index 5e17092..19be1d4 100644 return 1; } -@@ -963,7 +965,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb, +@@ -967,7 +969,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb, static struct sctp_af sctp_af_inet; @@ -100896,7 +102461,7 @@ index 5e17092..19be1d4 100644 .event_msgname = sctp_inet_event_msgname, .skb_msgname = sctp_inet_skb_msgname, .af_supported = sctp_inet_af_supported, -@@ -1034,7 +1036,7 @@ static const struct net_protocol sctp_protocol = { +@@ -1039,7 +1041,7 @@ static const struct net_protocol sctp_protocol = { }; /* IPv4 address related functions. */ @@ -100905,7 +102470,7 @@ index 5e17092..19be1d4 100644 .sa_family = AF_INET, .sctp_xmit = sctp_v4_xmit, .setsockopt = ip_setsockopt, -@@ -1119,7 +1121,7 @@ static void sctp_v4_pf_init(void) +@@ -1124,7 +1126,7 @@ static void sctp_v4_pf_init(void) static void sctp_v4_pf_exit(void) { @@ -100915,10 +102480,10 @@ index 5e17092..19be1d4 100644 static int sctp_v4_protosw_init(void) diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c -index 1a6eef3..17e898f 100644 +index fef2acd..c705c4f 100644 --- a/net/sctp/sm_sideeffect.c +++ b/net/sctp/sm_sideeffect.c -@@ -440,7 +440,7 @@ static void sctp_generate_sack_event(unsigned long data) +@@ -439,7 +439,7 @@ static void sctp_generate_sack_event(unsigned long data) sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_SACK); } @@ -100928,10 +102493,10 @@ index 1a6eef3..17e898f 100644 sctp_generate_t1_cookie_event, sctp_generate_t1_init_event, diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 146b35d..1021a34 100644 +index 604a6ac..f87f0a3 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c -@@ -2176,11 +2176,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, +@@ -2175,11 +2175,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, { struct sctp_association *asoc; struct sctp_ulpevent *event; @@ -100946,7 +102511,7 @@ index 146b35d..1021a34 100644 /* * At the time when a user app subscribes to SCTP_SENDER_DRY_EVENT, -@@ -4252,13 +4254,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, +@@ -4259,13 +4261,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -100964,7 +102529,7 @@ index 146b35d..1021a34 100644 return -EFAULT; return 0; } -@@ -4276,6 +4281,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, +@@ -4283,6 +4288,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, */ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -100973,7 +102538,7 @@ index 146b35d..1021a34 100644 /* Applicable to UDP-style socket only */ if (sctp_style(sk, TCP)) return -EOPNOTSUPP; -@@ -4284,7 +4291,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv +@@ -4291,7 +4298,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv len = sizeof(int); if (put_user(len, optlen)) return -EFAULT; @@ -100983,7 +102548,7 @@ index 146b35d..1021a34 100644 return -EFAULT; return 0; } -@@ -4656,12 +4664,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, +@@ -4666,12 +4674,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, */ static int sctp_getsockopt_initmsg(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -101000,7 +102565,7 @@ index 146b35d..1021a34 100644 return -EFAULT; return 0; } -@@ -4702,6 +4713,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, +@@ -4712,6 +4723,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len; if (space_left < addrlen) return -ENOMEM; @@ -101010,10 +102575,10 @@ index 146b35d..1021a34 100644 return -EFAULT; to += addrlen; diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c -index b0565af..d135e6e 100644 +index c82fdc1..4ca1f95 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c -@@ -305,7 +305,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, +@@ -308,7 +308,7 @@ static int proc_sctp_do_hmac_alg(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; char tmp[8]; @@ -101022,7 +102587,7 @@ index b0565af..d135e6e 100644 int ret; int changed = 0; char *none = "none"; -@@ -352,7 +352,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, +@@ -355,7 +355,7 @@ static int proc_sctp_do_rto_min(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; int new_value; @@ -101031,7 +102596,7 @@ index b0565af..d135e6e 100644 unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; int ret; -@@ -379,7 +379,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +@@ -382,7 +382,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, { struct net *net = current->nsproxy->net_ns; int new_value; @@ -101040,17 +102605,38 @@ index b0565af..d135e6e 100644 unsigned int min = *(unsigned int *) ctl->extra1; unsigned int max = *(unsigned int *) ctl->extra2; int ret; -@@ -402,7 +402,7 @@ static int proc_sctp_do_rto_max(struct ctl_table *ctl, int write, +@@ -408,7 +408,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, + loff_t *ppos) + { + struct net *net = current->nsproxy->net_ns; +- struct ctl_table tbl; ++ ctl_table_no_const tbl; + int new_value, ret; + + memset(&tbl, 0, sizeof(struct ctl_table)); +@@ -436,7 +436,7 @@ static int proc_sctp_do_auth(struct ctl_table *ctl, int write, int sctp_sysctl_net_register(struct net *net) { -- struct ctl_table *table; -+ ctl_table_no_const *table; - int i; +- struct ctl_table *table = sctp_net_table; ++ ctl_table_no_const *table = NULL; + + if (!net_eq(net, &init_net)) { + int i; +@@ -449,7 +449,10 @@ int sctp_sysctl_net_register(struct net *net) + table[i].data += (char *)(&net->sctp) - (char *)&init_net.sctp; + } + +- net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", table); ++ if (!net_eq(net, &init_net)) ++ net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", table); ++ else ++ net->sctp.sysctl_header = register_net_sysctl(net, "net/sctp", sctp_net_table); + return 0; + } - table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); diff --git a/net/socket.c b/net/socket.c -index e83c416..f87df4c 100644 +index a19ae19..89554dc 100644 --- a/net/socket.c +++ b/net/socket.c @@ -88,6 +88,7 @@ @@ -101088,7 +102674,7 @@ index e83c416..f87df4c 100644 static struct file_system_type sock_fs_type = { .name = "sockfs", -@@ -1255,6 +1258,8 @@ int __sock_create(struct net *net, int family, int type, int protocol, +@@ -1256,6 +1259,8 @@ int __sock_create(struct net *net, int family, int type, int protocol, return -EAFNOSUPPORT; if (type < 0 || type >= SOCK_MAX) return -EINVAL; @@ -101097,7 +102683,7 @@ index e83c416..f87df4c 100644 /* Compatibility. -@@ -1275,6 +1280,20 @@ int __sock_create(struct net *net, int family, int type, int protocol, +@@ -1276,6 +1281,20 @@ int __sock_create(struct net *net, int family, int type, int protocol, if (err) return err; @@ -101118,7 +102704,7 @@ index e83c416..f87df4c 100644 /* * Allocate the socket and allow the family to set things up. if * the protocol is 0, the family is instructed to select an appropriate -@@ -1513,6 +1532,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) +@@ -1527,6 +1546,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) if (sock) { err = move_addr_to_kernel(umyaddr, addrlen, &address); if (err >= 0) { @@ -101133,7 +102719,7 @@ index e83c416..f87df4c 100644 err = security_socket_bind(sock, (struct sockaddr *)&address, addrlen); -@@ -1521,6 +1548,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) +@@ -1535,6 +1562,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen) (struct sockaddr *) &address, addrlen); } @@ -101141,7 +102727,7 @@ index e83c416..f87df4c 100644 fput_light(sock->file, fput_needed); } return err; -@@ -1544,10 +1572,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog) +@@ -1558,10 +1586,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog) if ((unsigned int)backlog > somaxconn) backlog = somaxconn; @@ -101162,7 +102748,7 @@ index e83c416..f87df4c 100644 fput_light(sock->file, fput_needed); } return err; -@@ -1591,6 +1629,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, +@@ -1605,6 +1643,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, newsock->type = sock->type; newsock->ops = sock->ops; @@ -101181,7 +102767,7 @@ index e83c416..f87df4c 100644 /* * We don't need try_module_get here, as the listening socket (sock) * has the protocol module (sock->ops->owner) held. -@@ -1636,6 +1686,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, +@@ -1650,6 +1700,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr, fd_install(newfd, newfile); err = newfd; @@ -101190,7 +102776,7 @@ index e83c416..f87df4c 100644 out_put: fput_light(sock->file, fput_needed); out: -@@ -1668,6 +1720,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, +@@ -1682,6 +1734,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, int, addrlen) { struct socket *sock; @@ -101198,7 +102784,7 @@ index e83c416..f87df4c 100644 struct sockaddr_storage address; int err, fput_needed; -@@ -1678,6 +1731,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, +@@ -1692,6 +1745,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr, if (err < 0) goto out_put; @@ -101216,7 +102802,7 @@ index e83c416..f87df4c 100644 err = security_socket_connect(sock, (struct sockaddr *)&address, addrlen); if (err) -@@ -1759,6 +1823,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr, +@@ -1773,6 +1837,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr, * the protocol. */ @@ -101225,18 +102811,16 @@ index e83c416..f87df4c 100644 SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, unsigned int, flags, struct sockaddr __user *, addr, int, addr_len) -@@ -1972,6 +2038,10 @@ static int copy_msghdr_from_user(struct msghdr *kmsg, - { - if (copy_from_user(kmsg, umsg, sizeof(struct msghdr))) - return -EFAULT; -+ -+ if (kmsg->msg_namelen < 0) -+ return -EINVAL; -+ - if (kmsg->msg_namelen > sizeof(struct sockaddr_storage)) - kmsg->msg_namelen = sizeof(struct sockaddr_storage); - return 0; -@@ -2047,7 +2117,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, +@@ -1839,7 +1905,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, + struct socket *sock; + struct iovec iov; + struct msghdr msg; +- struct sockaddr_storage address; ++ struct sockaddr_storage address = { }; + int err, err2; + int fput_needed; + +@@ -2065,7 +2131,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, * checking falls down on this. */ if (copy_from_user(ctl_buf, @@ -101245,7 +102829,16 @@ index e83c416..f87df4c 100644 ctl_len)) goto out_freectl; msg_sys->msg_control = ctl_buf; -@@ -2227,7 +2297,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, +@@ -2216,7 +2282,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, + int err, total_len, len; + + /* kernel mode address */ +- struct sockaddr_storage addr; ++ struct sockaddr_storage addr = { }; + + /* user mode address pointers */ + struct sockaddr __user *uaddr; +@@ -2245,7 +2311,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, /* Save the user-mode address (verify_iovec will change the * kernel msghdr to use the kernel address space) */ @@ -101254,7 +102847,7 @@ index e83c416..f87df4c 100644 uaddr_len = COMPAT_NAMELEN(msg); if (MSG_CMSG_COMPAT & flags) err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); -@@ -2871,7 +2941,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) +@@ -2889,7 +2955,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) ifr = compat_alloc_user_space(buf_size); rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8); @@ -101263,7 +102856,7 @@ index e83c416..f87df4c 100644 return -EFAULT; if (put_user(convert_in ? rxnfc : compat_ptr(data), -@@ -2985,14 +3055,14 @@ static int bond_ioctl(struct net *net, unsigned int cmd, +@@ -3000,7 +3066,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, old_fs = get_fs(); set_fs(KERNEL_DS); err = dev_ioctl(net, cmd, @@ -101272,15 +102865,7 @@ index e83c416..f87df4c 100644 set_fs(old_fs); return err; - case SIOCBONDSLAVEINFOQUERY: - case SIOCBONDINFOQUERY: - uifr = compat_alloc_user_space(sizeof(*uifr)); -- if (copy_in_user(&uifr->ifr_name, &ifr32->ifr_name, IFNAMSIZ)) -+ if (copy_in_user(uifr->ifr_name, ifr32->ifr_name, IFNAMSIZ)) - return -EFAULT; - - if (get_user(data, &ifr32->ifr_ifru.ifru_data)) -@@ -3094,7 +3164,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, +@@ -3093,7 +3159,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, old_fs = get_fs(); set_fs(KERNEL_DS); @@ -101289,7 +102874,7 @@ index e83c416..f87df4c 100644 set_fs(old_fs); if (cmd == SIOCGIFMAP && !err) { -@@ -3199,7 +3269,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, +@@ -3177,7 +3243,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, ret |= get_user(rtdev, &(ur4->rt_dev)); if (rtdev) { ret |= copy_from_user(devname, compat_ptr(rtdev), 15); @@ -101298,7 +102883,7 @@ index e83c416..f87df4c 100644 devname[15] = 0; } else r4.rt_dev = NULL; -@@ -3425,8 +3495,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, +@@ -3404,8 +3470,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, int __user *uoptlen; int err; @@ -101309,7 +102894,7 @@ index e83c416..f87df4c 100644 set_fs(KERNEL_DS); if (level == SOL_SOCKET) -@@ -3446,7 +3516,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, +@@ -3425,7 +3491,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, char __user *uoptval; int err; @@ -101318,26 +102903,8 @@ index e83c416..f87df4c 100644 set_fs(KERNEL_DS); if (level == SOL_SOCKET) -diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c -index a642fd616..1eebf22 100644 ---- a/net/sunrpc/auth_gss/auth_gss.c -+++ b/net/sunrpc/auth_gss/auth_gss.c -@@ -500,10 +500,12 @@ gss_alloc_msg(struct gss_auth *gss_auth, - default: - err = gss_encode_v1_msg(gss_msg, service_name, gss_auth->target_name); - if (err) -- goto err_free_msg; -+ goto err_put_pipe_version; - }; - kref_get(&gss_auth->kref); - return gss_msg; -+err_put_pipe_version: -+ put_pipe_version(gss_auth->net); - err_free_msg: - kfree(gss_msg); - err: diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c -index 1b94a9c..496f7f5 100644 +index 0f73f45..a96aa52 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -1140,7 +1140,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd, @@ -101358,40 +102925,21 @@ index 1b94a9c..496f7f5 100644 /* make a copy for the caller */ *handle = ctxh; -diff --git a/net/sunrpc/backchannel_rqst.c b/net/sunrpc/backchannel_rqst.c -index 890a299..e860d4f 100644 ---- a/net/sunrpc/backchannel_rqst.c -+++ b/net/sunrpc/backchannel_rqst.c -@@ -64,7 +64,6 @@ static void xprt_free_allocation(struct rpc_rqst *req) - free_page((unsigned long)xbufp->head[0].iov_base); - xbufp = &req->rq_snd_buf; - free_page((unsigned long)xbufp->head[0].iov_base); -- list_del(&req->rq_bc_pa_list); - kfree(req); - } - -@@ -168,8 +167,10 @@ out_free: - /* - * Memory allocation failed, free the temporary list - */ -- list_for_each_entry_safe(req, tmp, &tmp_list, rq_bc_pa_list) -+ list_for_each_entry_safe(req, tmp, &tmp_list, rq_bc_pa_list) { -+ list_del(&req->rq_bc_pa_list); - xprt_free_allocation(req); -+ } - - dprintk("RPC: setup backchannel transport failed\n"); - return -ENOMEM; -@@ -198,6 +199,7 @@ void xprt_destroy_backchannel(struct rpc_xprt *xprt, unsigned int max_reqs) - xprt_dec_alloc_count(xprt, max_reqs); - list_for_each_entry_safe(req, tmp, &xprt->bc_pa_list, rq_bc_pa_list) { - dprintk("RPC: req=%p\n", req); -+ list_del(&req->rq_bc_pa_list); - xprt_free_allocation(req); - if (--max_reqs == 0) - break; +diff --git a/net/sunrpc/cache.c b/net/sunrpc/cache.c +index ae333c1..18521f0 100644 +--- a/net/sunrpc/cache.c ++++ b/net/sunrpc/cache.c +@@ -1609,7 +1609,7 @@ static int create_cache_proc_entries(struct cache_detail *cd, struct net *net) + struct sunrpc_net *sn; + + sn = net_generic(net, sunrpc_net_id); +- cd->u.procfs.proc_ent = proc_mkdir(cd->name, sn->proc_net_rpc); ++ cd->u.procfs.proc_ent = proc_mkdir_restrict(cd->name, sn->proc_net_rpc); + if (cd->u.procfs.proc_ent == NULL) + goto out_nomem; + cd->u.procfs.channel_ent = NULL; diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c -index e726e16..393c39e 100644 +index 3ea5cda..bfb3e08 100644 --- a/net/sunrpc/clnt.c +++ b/net/sunrpc/clnt.c @@ -1415,7 +1415,9 @@ call_start(struct rpc_task *task) @@ -101421,11 +102969,24 @@ index ff3cc4b..7612a9e 100644 } #else static inline void rpc_task_set_debuginfo(struct rpc_task *task) +diff --git a/net/sunrpc/stats.c b/net/sunrpc/stats.c +index 5453049..465669a 100644 +--- a/net/sunrpc/stats.c ++++ b/net/sunrpc/stats.c +@@ -267,7 +267,7 @@ int rpc_proc_init(struct net *net) + + dprintk("RPC: registering /proc/net/rpc\n"); + sn = net_generic(net, sunrpc_net_id); +- sn->proc_net_rpc = proc_mkdir("rpc", net->proc_net); ++ sn->proc_net_rpc = proc_mkdir_restrict("rpc", net->proc_net); + if (sn->proc_net_rpc == NULL) + return -ENOMEM; + diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c -index e7fbe36..8052603 100644 +index 5de6801..b4e330d 100644 --- a/net/sunrpc/svc.c +++ b/net/sunrpc/svc.c -@@ -1158,7 +1158,9 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) +@@ -1167,7 +1167,9 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) svc_putnl(resv, RPC_SUCCESS); /* Bump per-procedure stats counter */ @@ -101676,23 +103237,23 @@ index e7000be..e3b0ba7 100644 int mode = (table->mode >> 6) & 7; return (mode << 6) | (mode << 3) | mode; diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c -index d38bb45..38d5df5 100644 +index 6424372..afd36e9 100644 --- a/net/tipc/subscr.c +++ b/net/tipc/subscr.c -@@ -98,7 +98,7 @@ static void subscr_send_event(struct tipc_subscription *sub, u32 found_lower, +@@ -97,7 +97,7 @@ static void subscr_send_event(struct tipc_subscription *sub, u32 found_lower, + struct tipc_subscriber *subscriber = sub->subscriber; struct kvec msg_sect; - int ret; - msg_sect.iov_base = (void *)&sub->evt; + msg_sect.iov_base = &sub->evt; msg_sect.iov_len = sizeof(struct tipc_event); - sub->evt.event = htohl(event, sub->swap); + sub->evt.found_lower = htohl(found_lower, sub->swap); diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index d7c1ac6..8e92764 100644 +index 94404f1..5782191 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c -@@ -789,6 +789,12 @@ static struct sock *unix_find_other(struct net *net, +@@ -791,6 +791,12 @@ static struct sock *unix_find_other(struct net *net, err = -ECONNREFUSED; if (!S_ISSOCK(inode->i_mode)) goto put_fail; @@ -101705,7 +103266,7 @@ index d7c1ac6..8e92764 100644 u = unix_find_socket_byinode(inode); if (!u) goto put_fail; -@@ -809,6 +815,13 @@ static struct sock *unix_find_other(struct net *net, +@@ -811,6 +817,13 @@ static struct sock *unix_find_other(struct net *net, if (u) { struct dentry *dentry; dentry = unix_sk(u)->path.dentry; @@ -101719,7 +103280,7 @@ index d7c1ac6..8e92764 100644 if (dentry) touch_atime(&unix_sk(u)->path); } else -@@ -842,12 +855,18 @@ static int unix_mknod(const char *sun_path, umode_t mode, struct path *res) +@@ -844,12 +857,18 @@ static int unix_mknod(const char *sun_path, umode_t mode, struct path *res) */ err = security_path_mknod(&path, dentry, mode, 0); if (!err) { @@ -101738,7 +103299,7 @@ index d7c1ac6..8e92764 100644 done_path_create(&path, dentry); return err; } -@@ -2335,9 +2354,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2344,9 +2363,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_puts(seq, "Num RefCount Protocol Flags Type St " "Inode Path\n"); else { @@ -101753,7 +103314,7 @@ index d7c1ac6..8e92764 100644 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", s, -@@ -2364,8 +2387,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2373,8 +2396,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) } for ( ; i < len; i++) seq_putc(seq, u->addr->name->sun_path[i]); @@ -101907,11 +103468,24 @@ index 4323952..a06dfe1 100644 }; void __init x25_register_sysctl(void) +diff --git a/net/x25/x25_proc.c b/net/x25/x25_proc.c +index 0917f04..f4e3d8c 100644 +--- a/net/x25/x25_proc.c ++++ b/net/x25/x25_proc.c +@@ -209,7 +209,7 @@ static const struct file_operations x25_seq_forward_fops = { + + int __init x25_proc_init(void) + { +- if (!proc_mkdir("x25", init_net.proc_net)) ++ if (!proc_mkdir_restrict("x25", init_net.proc_net)) + return -ENOMEM; + + if (!proc_create("x25/route", S_IRUGO, init_net.proc_net, diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c -index 9a91f74..502f6605 100644 +index 1d5c7bf..f762f1f 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c -@@ -332,7 +332,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy) +@@ -327,7 +327,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy) { policy->walk.dead = 1; @@ -101920,7 +103494,7 @@ index 9a91f74..502f6605 100644 if (del_timer(&policy->polq.hold_timer)) xfrm_pol_put(policy); -@@ -660,7 +660,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) +@@ -661,7 +661,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl) hlist_add_head(&policy->bydst, chain); xfrm_pol_hold(policy); net->xfrm.policy_count[dir]++; @@ -101929,43 +103503,16 @@ index 9a91f74..502f6605 100644 /* After previous checking, family can either be AF_INET or AF_INET6 */ if (policy->family == AF_INET) -@@ -1636,7 +1636,7 @@ free_dst: - goto out; - } - --static int inline -+static inline int - xfrm_dst_alloc_copy(void **target, const void *src, int size) - { - if (!*target) { -@@ -1648,7 +1648,7 @@ xfrm_dst_alloc_copy(void **target, const void *src, int size) - return 0; - } - --static int inline -+static inline int - xfrm_dst_update_parent(struct dst_entry *dst, const struct xfrm_selector *sel) - { - #ifdef CONFIG_XFRM_SUB_POLICY -@@ -1660,7 +1660,7 @@ xfrm_dst_update_parent(struct dst_entry *dst, const struct xfrm_selector *sel) - #endif - } - --static int inline -+static inline int - xfrm_dst_update_origin(struct dst_entry *dst, const struct flowi *fl) - { - #ifdef CONFIG_XFRM_SUB_POLICY -@@ -1754,7 +1754,7 @@ xfrm_resolve_and_create_bundle(struct xfrm_policy **pols, int num_pols, +@@ -1761,7 +1761,7 @@ xfrm_resolve_and_create_bundle(struct xfrm_policy **pols, int num_pols, xdst->num_pols = num_pols; - memcpy(xdst->pols, pols, sizeof(struct xfrm_policy*) * num_pols); + memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols); - xdst->policy_genid = atomic_read(&pols[0]->genid); + xdst->policy_genid = atomic_read_unchecked(&pols[0]->genid); return xdst; } -@@ -2582,11 +2582,12 @@ void xfrm_garbage_collect(struct net *net) +@@ -2572,11 +2572,12 @@ void xfrm_garbage_collect(struct net *net) } EXPORT_SYMBOL(xfrm_garbage_collect); @@ -101979,7 +103526,7 @@ index 9a91f74..502f6605 100644 static void xfrm_init_pmtu(struct dst_entry *dst) { -@@ -2636,7 +2637,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first) +@@ -2626,7 +2627,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first) if (xdst->xfrm_genid != dst->xfrm->genid) return 0; if (xdst->num_pols > 0 && @@ -101988,7 +103535,7 @@ index 9a91f74..502f6605 100644 return 0; mtu = dst_mtu(dst->child); -@@ -2724,8 +2725,6 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo) +@@ -2714,8 +2715,6 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo) dst_ops->link_failure = xfrm_link_failure; if (likely(dst_ops->neigh_lookup == NULL)) dst_ops->neigh_lookup = xfrm_neigh_lookup; @@ -101997,7 +103544,7 @@ index 9a91f74..502f6605 100644 rcu_assign_pointer(xfrm_policy_afinfo[afinfo->family], afinfo); } spin_unlock(&xfrm_policy_afinfo_lock); -@@ -2779,7 +2778,6 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo) +@@ -2769,7 +2768,6 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo) dst_ops->check = NULL; dst_ops->negative_advice = NULL; dst_ops->link_failure = NULL; @@ -102005,7 +103552,7 @@ index 9a91f74..502f6605 100644 } return err; } -@@ -3162,7 +3160,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol, +@@ -3159,7 +3157,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol, sizeof(pol->xfrm_vec[i].saddr)); pol->xfrm_vec[i].encap_family = mp->new_family; /* flush bundles */ @@ -102015,10 +103562,10 @@ index 9a91f74..502f6605 100644 } diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c -index 68c2f35..9eb05ca 100644 +index 40f1b3e..e33fdfa 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c -@@ -174,12 +174,14 @@ int xfrm_register_type(const struct xfrm_type *type, unsigned short family) +@@ -172,12 +172,14 @@ int xfrm_register_type(const struct xfrm_type *type, unsigned short family) if (unlikely(afinfo == NULL)) return -EAFNOSUPPORT; @@ -102036,7 +103583,7 @@ index 68c2f35..9eb05ca 100644 err = -EEXIST; spin_unlock_bh(&xfrm_type_lock); xfrm_state_put_afinfo(afinfo); -@@ -195,13 +197,16 @@ int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family) +@@ -193,13 +195,16 @@ int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family) if (unlikely(afinfo == NULL)) return -EAFNOSUPPORT; @@ -102055,7 +103602,7 @@ index 68c2f35..9eb05ca 100644 spin_unlock_bh(&xfrm_type_lock); xfrm_state_put_afinfo(afinfo); return err; -@@ -211,7 +216,6 @@ EXPORT_SYMBOL(xfrm_unregister_type); +@@ -209,7 +214,6 @@ EXPORT_SYMBOL(xfrm_unregister_type); static const struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family) { struct xfrm_state_afinfo *afinfo; @@ -102063,7 +103610,7 @@ index 68c2f35..9eb05ca 100644 const struct xfrm_type *type; int modload_attempted = 0; -@@ -219,9 +223,8 @@ retry: +@@ -217,9 +221,8 @@ retry: afinfo = xfrm_state_get_afinfo(family); if (unlikely(afinfo == NULL)) return NULL; @@ -102074,7 +103621,7 @@ index 68c2f35..9eb05ca 100644 if (unlikely(type && !try_module_get(type->owner))) type = NULL; if (!type && !modload_attempted) { -@@ -255,7 +258,7 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) +@@ -253,7 +256,7 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) return -EAFNOSUPPORT; err = -EEXIST; @@ -102083,7 +103630,7 @@ index 68c2f35..9eb05ca 100644 spin_lock_bh(&xfrm_mode_lock); if (modemap[mode->encap]) goto out; -@@ -264,8 +267,10 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) +@@ -262,8 +265,10 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) if (!try_module_get(afinfo->owner)) goto out; @@ -102095,7 +103642,7 @@ index 68c2f35..9eb05ca 100644 err = 0; out: -@@ -289,10 +294,12 @@ int xfrm_unregister_mode(struct xfrm_mode *mode, int family) +@@ -287,10 +292,12 @@ int xfrm_unregister_mode(struct xfrm_mode *mode, int family) return -EAFNOSUPPORT; err = -ENOENT; @@ -102109,7 +103656,7 @@ index 68c2f35..9eb05ca 100644 module_put(mode->afinfo->owner); err = 0; } -@@ -1486,10 +1493,10 @@ EXPORT_SYMBOL(xfrm_find_acq_byseq); +@@ -1512,10 +1519,10 @@ EXPORT_SYMBOL(xfrm_find_acq_byseq); u32 xfrm_get_acqseq(void) { u32 res; @@ -102292,26 +103839,25 @@ index 078fe1d..fbdb363 100644 fprintf(stderr, "fixdep: sizeof(int) != 4 or wrong endianness? %#x\n", diff --git a/scripts/gcc-plugin.sh b/scripts/gcc-plugin.sh new file mode 100644 -index 0000000..5e0222d +index 0000000..edcbc3a --- /dev/null +++ b/scripts/gcc-plugin.sh -@@ -0,0 +1,17 @@ +@@ -0,0 +1,16 @@ +#!/bin/bash -+plugincc=`$1 -E -shared - -o /dev/null -I\`$3 -print-file-name=plugin\`/include 2>&1 <<EOF -+#include "gcc-plugin.h" -+#include "tree.h" -+#include "tm.h" -+#include "rtl.h" -+#ifdef ENABLE_BUILD_WITH_CXX ++srctree=$(dirname "$0") ++gccplugins_dir=$($3 -print-file-name=plugin) ++plugincc=$($1 -E -shared - -o /dev/null -I${srctree}/../tools/gcc -I${gccplugins_dir}/include 2>&1 <<EOF ++#include "gcc-common.h" ++#if BUILDING_GCC_VERSION >= 4008 || defined(ENABLE_BUILD_WITH_CXX) +#warning $2 +#else +#warning $1 +#endif -+EOF` ++EOF ++) +if [ $? -eq 0 ] +then -+ [[ "$plugincc" =~ "$1" ]] && echo "$1" -+ [[ "$plugincc" =~ "$2" ]] && echo "$2" ++ ( [[ "$plugincc" =~ "$1" ]] && echo "$1" ) || ( [[ "$plugincc" =~ "$2" ]] && echo "$2" ) +fi diff --git a/scripts/headers_install.sh b/scripts/headers_install.sh index 5de5660..d3deb89 100644 @@ -102406,10 +103952,10 @@ index 25e5cb0..6e85821 100644 sprintf(alias, "dmi*"); diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c -index 1785576..5e8e06a 100644 +index 99a45fd..4b995a3 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c -@@ -941,6 +941,7 @@ enum mismatch { +@@ -945,6 +945,7 @@ enum mismatch { ANY_INIT_TO_ANY_EXIT, ANY_EXIT_TO_ANY_INIT, EXPORT_TO_INIT_EXIT, @@ -102417,7 +103963,7 @@ index 1785576..5e8e06a 100644 }; struct sectioncheck { -@@ -1027,6 +1028,12 @@ const struct sectioncheck sectioncheck[] = { +@@ -1031,6 +1032,12 @@ const struct sectioncheck sectioncheck[] = { .tosec = { INIT_SECTIONS, EXIT_SECTIONS, NULL }, .mismatch = EXPORT_TO_INIT_EXIT, .symbol_white_list = { DEFAULT_SYMBOL_WHITE_LIST, NULL }, @@ -102430,7 +103976,7 @@ index 1785576..5e8e06a 100644 } }; -@@ -1147,10 +1154,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, +@@ -1151,10 +1158,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, continue; if (ELF_ST_TYPE(sym->st_info) == STT_SECTION) continue; @@ -102443,7 +103989,7 @@ index 1785576..5e8e06a 100644 if (d < 0) d = addr - sym->st_value; if (d < distance) { -@@ -1428,6 +1435,14 @@ static void report_sec_mismatch(const char *modname, +@@ -1432,6 +1439,14 @@ static void report_sec_mismatch(const char *modname, tosym, prl_to, prl_to, tosym); free(prl_to); break; @@ -102458,7 +104004,7 @@ index 1785576..5e8e06a 100644 } fprintf(stderr, "\n"); } -@@ -1662,7 +1677,7 @@ static void section_rel(const char *modname, struct elf_info *elf, +@@ -1679,7 +1694,7 @@ static void section_rel(const char *modname, struct elf_info *elf, static void check_sec_ref(struct module *mod, const char *modname, struct elf_info *elf) { @@ -102467,7 +104013,7 @@ index 1785576..5e8e06a 100644 Elf_Shdr *sechdrs = elf->sechdrs; /* Walk through all sections */ -@@ -1781,7 +1796,7 @@ void __attribute__((format(printf, 2, 3))) buf_printf(struct buffer *buf, +@@ -1798,7 +1813,7 @@ void __attribute__((format(printf, 2, 3))) buf_printf(struct buffer *buf, va_end(ap); } @@ -102476,7 +104022,7 @@ index 1785576..5e8e06a 100644 { if (buf->size - buf->pos < len) { buf->size += len + SZ; -@@ -2000,7 +2015,7 @@ static void write_if_changed(struct buffer *b, const char *fname) +@@ -2017,7 +2032,7 @@ static void write_if_changed(struct buffer *b, const char *fname) if (fstat(fileno(file), &st) < 0) goto close_write; @@ -102537,10 +104083,10 @@ index 0865b3e..7235dd4 100644 __ksymtab_gpl : { *(SORT(___ksymtab_gpl+*)) } __ksymtab_unused : { *(SORT(___ksymtab_unused+*)) } diff --git a/scripts/package/builddeb b/scripts/package/builddeb -index 90e521f..e9eaf8f 100644 +index f46e4dd..090e168 100644 --- a/scripts/package/builddeb +++ b/scripts/package/builddeb -@@ -281,6 +281,7 @@ fi +@@ -291,6 +291,7 @@ fi (cd $srctree; find . -name Makefile\* -o -name Kconfig\* -o -name \*.pl > "$objtree/debian/hdrsrcfiles") (cd $srctree; find arch/$SRCARCH/include include scripts -type f >> "$objtree/debian/hdrsrcfiles") (cd $objtree; find arch/$SRCARCH/include Module.symvers include scripts -type f >> "$objtree/debian/hdrobjfiles") @@ -102596,7 +104142,7 @@ index 8fac3fd..32ff38d 100644 unsigned int secindex_strings; diff --git a/security/Kconfig b/security/Kconfig -index e9c6ac7..75578c4 100644 +index beb86b5..1ea5a01 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -4,6 +4,960 @@ @@ -103179,7 +104725,7 @@ index e9c6ac7..75578c4 100644 + +config PAX_KERNEXEC + bool "Enforce non-executable kernel pages" -+ default y if GRKERNSEC_CONFIG_AUTO && (GRKERNSEC_CONFIG_VIRT_NONE || (GRKERNSEC_CONFIG_VIRT_EPT && GRKERNSEC_CONFIG_VIRT_GUEST) || (GRKERNSEC_CONFIG_VIRT_EPT && GRKERNSEC_CONFIG_VIRT_KVM)) ++ default y if GRKERNSEC_CONFIG_AUTO && (!X86 || GRKERNSEC_CONFIG_VIRT_NONE || (GRKERNSEC_CONFIG_VIRT_EPT && GRKERNSEC_CONFIG_VIRT_GUEST) || (GRKERNSEC_CONFIG_VIRT_EPT && GRKERNSEC_CONFIG_VIRT_KVM)) + depends on (X86 || (ARM && (CPU_V6 || CPU_V6K || CPU_V7) && !(ARM_LPAE && MODULES))) && !XEN + select PAX_PER_CPU_PGD if X86_64 || (X86_32 && X86_PAE) + select PAX_KERNEXEC_PLUGIN if X86_64 @@ -103410,7 +104956,7 @@ index e9c6ac7..75578c4 100644 + +config PAX_MEMORY_UDEREF + bool "Prevent invalid userland pointer dereference" -+ default y if GRKERNSEC_CONFIG_AUTO && !(X86_64 && GRKERNSEC_CONFIG_PRIORITY_PERF) && (GRKERNSEC_CONFIG_VIRT_NONE || GRKERNSEC_CONFIG_VIRT_EPT) ++ default y if GRKERNSEC_CONFIG_AUTO && !(X86_64 && GRKERNSEC_CONFIG_PRIORITY_PERF) && (!X86 || GRKERNSEC_CONFIG_VIRT_NONE || GRKERNSEC_CONFIG_VIRT_EPT) + depends on (X86 || (ARM && (CPU_V6 || CPU_V6K || CPU_V7) && !ARM_LPAE)) && !UML_X86 && !XEN + select PAX_PER_CPU_PGD if X86_64 + help @@ -103564,15 +105110,59 @@ index e9c6ac7..75578c4 100644 config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX -- default 32768 if ARM -+ default 32768 if ALPHA || ARM || PARISC || SPARC32 +- default 32768 if ARM || (ARM64 && COMPAT) ++ default 32768 if ALPHA || ARM || (ARM64 && COMPAT) || PARISC || SPARC32 default 65536 help This is the portion of low virtual memory which should be protected +diff --git a/security/apparmor/file.c b/security/apparmor/file.c +index fdaa50c..2761dcb 100644 +--- a/security/apparmor/file.c ++++ b/security/apparmor/file.c +@@ -348,8 +348,8 @@ static inline bool xindex_is_subset(u32 link, u32 target) + int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry, + struct path *new_dir, struct dentry *new_dentry) + { +- struct path link = { new_dir->mnt, new_dentry }; +- struct path target = { new_dir->mnt, old_dentry }; ++ struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry }; ++ struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; + struct path_cond cond = { + old_dentry->d_inode->i_uid, + old_dentry->d_inode->i_mode diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c -index 4257b7e..f0c9438 100644 +index 4257b7e..2d0732d 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c +@@ -186,7 +186,7 @@ static int common_perm_dir_dentry(int op, struct path *dir, + struct dentry *dentry, u32 mask, + struct path_cond *cond) + { +- struct path path = { dir->mnt, dentry }; ++ struct path path = { .mnt = dir->mnt, .dentry = dentry }; + + return common_perm(op, &path, mask, cond); + } +@@ -203,7 +203,7 @@ static int common_perm_dir_dentry(int op, struct path *dir, + static int common_perm_mnt_dentry(int op, struct vfsmount *mnt, + struct dentry *dentry, u32 mask) + { +- struct path path = { mnt, dentry }; ++ struct path path = { .mnt = mnt, .dentry = dentry }; + struct path_cond cond = { dentry->d_inode->i_uid, + dentry->d_inode->i_mode + }; +@@ -325,8 +325,8 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, + + profile = aa_current_profile(); + if (!unconfined(profile)) { +- struct path old_path = { old_dir->mnt, old_dentry }; +- struct path new_path = { new_dir->mnt, new_dentry }; ++ struct path old_path = { .mnt = old_dir->mnt, .dentry = old_dentry }; ++ struct path new_path = { .mnt = new_dir->mnt, .dentry = new_dentry }; + struct path_cond cond = { old_dentry->d_inode->i_uid, + old_dentry->d_inode->i_mode + }; @@ -615,7 +615,7 @@ static int apparmor_task_setrlimit(struct task_struct *task, return error; } @@ -103630,7 +105220,7 @@ index b9d613e..f68305c 100644 if (bprm->cap_effective) return 1; diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h -index 0356e1d..72332ab 100644 +index f79fa8b..6161868 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -118,8 +118,8 @@ int ima_init_template(void); @@ -103658,7 +105248,7 @@ index c38bbce..f45133d 100644 result = ima_alloc_init_template(NULL, file, filename, NULL, 0, &entry); diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c -index db01125..61f6597 100644 +index 468a3ba..9af5cae 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -28,12 +28,12 @@ @@ -103812,23 +105402,6 @@ index cee72ce..e46074a 100644 err: if (iov != iovstack) kfree(iov); -diff --git a/security/keys/keyring.c b/security/keys/keyring.c -index d46cbc5..2fb2576 100644 ---- a/security/keys/keyring.c -+++ b/security/keys/keyring.c -@@ -1000,7 +1000,11 @@ static int keyring_detect_cycle_iterator(const void *object, - - kenter("{%d}", key->serial); - -- BUG_ON(key != ctx->match_data); -+ /* We might get a keyring with matching index-key that is nonetheless a -+ * different keyring. */ -+ if (key != ctx->match_data) -+ return 0; -+ - ctx->result = ERR_PTR(-EDEADLK); - return 1; - } diff --git a/security/min_addr.c b/security/min_addr.c index f728728..6457a0c 100644 --- a/security/min_addr.c @@ -103850,7 +105423,7 @@ index f728728..6457a0c 100644 /* diff --git a/security/security.c b/security/security.c -index 15b6928..60d03ec 100644 +index 919cad9..2127be1 100644 --- a/security/security.c +++ b/security/security.c @@ -33,8 +33,8 @@ @@ -103908,10 +105481,10 @@ index fc3e662..7844c60 100644 lock = &avc_cache.slots_lock[hvalue]; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 57b0b49..402063e 100644 +index e294b86..eda45c55 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c -@@ -96,8 +96,6 @@ +@@ -95,8 +95,6 @@ #include "audit.h" #include "avc_ss.h" @@ -103920,7 +105493,7 @@ index 57b0b49..402063e 100644 /* SECMARK reference count */ static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); -@@ -5745,7 +5743,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) +@@ -5759,7 +5757,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) #endif @@ -103929,7 +105502,7 @@ index 57b0b49..402063e 100644 .name = "selinux", .ptrace_access_check = selinux_ptrace_access_check, -@@ -6098,6 +6096,9 @@ static void selinux_nf_ip_exit(void) +@@ -6112,6 +6110,9 @@ static void selinux_nf_ip_exit(void) #ifdef CONFIG_SECURITY_SELINUX_DISABLE static int selinux_disabled; @@ -103939,7 +105512,7 @@ index 57b0b49..402063e 100644 int selinux_disable(void) { if (ss_initialized) { -@@ -6115,7 +6116,9 @@ int selinux_disable(void) +@@ -6129,7 +6130,9 @@ int selinux_disable(void) selinux_disabled = 1; selinux_enabled = 0; @@ -103951,10 +105524,10 @@ index 57b0b49..402063e 100644 /* Try to destroy the avc node cache */ avc_disable(); diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h -index 48c3cc9..8022cf7 100644 +index 9f05847..7933395 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h -@@ -45,7 +45,7 @@ static inline void selinux_xfrm_notify_policyload(void) +@@ -46,7 +46,7 @@ static inline void selinux_xfrm_notify_policyload(void) { struct net *net; @@ -103964,10 +105537,10 @@ index 48c3cc9..8022cf7 100644 for_each_net(net) rt_genid_bump_all(net); diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c -index b0be893..646bd94 100644 +index 14f52be..7352368 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c -@@ -3731,7 +3731,7 @@ static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) +@@ -3726,7 +3726,7 @@ static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) return 0; } @@ -103976,6 +105549,57 @@ index b0be893..646bd94 100644 .name = "smack", .ptrace_access_check = smack_ptrace_access_check, +diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c +index 4003907..13a2b55 100644 +--- a/security/tomoyo/file.c ++++ b/security/tomoyo/file.c +@@ -692,7 +692,7 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, + { + struct tomoyo_request_info r; + struct tomoyo_obj_info obj = { +- .path1 = *path, ++ .path1 = { .mnt = path->mnt, .dentry = path->dentry }, + }; + int error = -ENOMEM; + struct tomoyo_path_info buf; +@@ -740,7 +740,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, + struct tomoyo_path_info buf; + struct tomoyo_request_info r; + struct tomoyo_obj_info obj = { +- .path1 = *path, ++ .path1 = { .mnt = path->mnt, .dentry = path->dentry }, + }; + int idx; + +@@ -786,7 +786,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path, const char *target) + { + struct tomoyo_request_info r; + struct tomoyo_obj_info obj = { +- .path1 = *path, ++ .path1 = { .mnt = path->mnt, .dentry = path->dentry }, + }; + int error; + struct tomoyo_path_info buf; +@@ -843,7 +843,7 @@ int tomoyo_mkdev_perm(const u8 operation, struct path *path, + { + struct tomoyo_request_info r; + struct tomoyo_obj_info obj = { +- .path1 = *path, ++ .path1 = { .mnt = path->mnt, .dentry = path->dentry }, + }; + int error = -ENOMEM; + struct tomoyo_path_info buf; +@@ -890,8 +890,8 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, + struct tomoyo_path_info buf2; + struct tomoyo_request_info r; + struct tomoyo_obj_info obj = { +- .path1 = *path1, +- .path2 = *path2, ++ .path1 = { .mnt = path1->mnt, .dentry = path1->dentry }, ++ .path2 = { .mnt = path2->mnt, .dentry = path2->dentry } + }; + int idx; + diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index 390c646..f2f8db3 100644 --- a/security/tomoyo/mount.c @@ -103992,9 +105616,94 @@ index 390c646..f2f8db3 100644 if (!fstype) { error = -ENODEV; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c -index f0b756e..b129202 100644 +index f0b756e..8aa497b 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c +@@ -146,7 +146,7 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) + */ + static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) + { +- struct path path = { mnt, dentry }; ++ struct path path = { .mnt = mnt, .dentry = dentry }; + return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL); + } + +@@ -172,7 +172,7 @@ static int tomoyo_path_truncate(struct path *path) + */ + static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) + { +- struct path path = { parent->mnt, dentry }; ++ struct path path = { .mnt = parent->mnt, .dentry = dentry }; + return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL); + } + +@@ -188,7 +188,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) + static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, + umode_t mode) + { +- struct path path = { parent->mnt, dentry }; ++ struct path path = { .mnt = parent->mnt, .dentry = dentry }; + return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, + mode & S_IALLUGO); + } +@@ -203,7 +203,7 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, + */ + static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) + { +- struct path path = { parent->mnt, dentry }; ++ struct path path = { .mnt = parent->mnt, .dentry = dentry }; + return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL); + } + +@@ -219,7 +219,7 @@ static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) + static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, + const char *old_name) + { +- struct path path = { parent->mnt, dentry }; ++ struct path path = { .mnt = parent->mnt, .dentry = dentry }; + return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name); + } + +@@ -236,7 +236,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, + static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, + umode_t mode, unsigned int dev) + { +- struct path path = { parent->mnt, dentry }; ++ struct path path = { .mnt = parent->mnt, .dentry = dentry }; + int type = TOMOYO_TYPE_CREATE; + const unsigned int perm = mode & S_IALLUGO; + +@@ -275,8 +275,8 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, + static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir, + struct dentry *new_dentry) + { +- struct path path1 = { new_dir->mnt, old_dentry }; +- struct path path2 = { new_dir->mnt, new_dentry }; ++ struct path path1 = { .mnt = new_dir->mnt, .dentry = old_dentry }; ++ struct path path2 = { .mnt = new_dir->mnt, .dentry = new_dentry }; + return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2); + } + +@@ -295,8 +295,8 @@ static int tomoyo_path_rename(struct path *old_parent, + struct path *new_parent, + struct dentry *new_dentry) + { +- struct path path1 = { old_parent->mnt, old_dentry }; +- struct path path2 = { new_parent->mnt, new_dentry }; ++ struct path path1 = { .mnt = old_parent->mnt, .dentry = old_dentry }; ++ struct path path2 = { .mnt = new_parent->mnt, .dentry = new_dentry }; + return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2); + } + +@@ -424,7 +424,7 @@ static int tomoyo_sb_mount(const char *dev_name, struct path *path, + */ + static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) + { +- struct path path = { mnt, mnt->mnt_root }; ++ struct path path = { .mnt = mnt, .dentry = mnt->mnt_root }; + return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL); + } + @@ -503,7 +503,7 @@ static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, * tomoyo_security_ops is a "struct security_operations" which is used for * registering TOMOYO. @@ -104564,10 +106273,10 @@ index 048439a..3be9f6f 100644 userbuf+useroffs + p, locallen)) diff --git a/sound/oss/swarm_cs4297a.c b/sound/oss/swarm_cs4297a.c -index 7d8803a..559f8d0 100644 +index f851fd0..92576fb 100644 --- a/sound/oss/swarm_cs4297a.c +++ b/sound/oss/swarm_cs4297a.c -@@ -2621,7 +2621,6 @@ static int __init cs4297a_init(void) +@@ -2623,7 +2623,6 @@ static int __init cs4297a_init(void) { struct cs4297a_state *s; u32 pwr, id; @@ -104575,7 +106284,7 @@ index 7d8803a..559f8d0 100644 int rval; #ifndef CONFIG_BCM_CS4297A_CSWARM u64 cfg; -@@ -2711,22 +2710,23 @@ static int __init cs4297a_init(void) +@@ -2713,22 +2712,23 @@ static int __init cs4297a_init(void) if (!rval) { char *sb1250_duart_present; @@ -104617,10 +106326,10 @@ index 4c41c90..37f3631 100644 return snd_seq_device_register_driver(SNDRV_SEQ_DEV_ID_EMU10K1_SYNTH, &ops, sizeof(struct snd_emu10k1_synth_arg)); diff --git a/sound/pci/hda/hda_codec.c b/sound/pci/hda/hda_codec.c -index 69178c4..4493d52 100644 +index dafcf82..dd9356f 100644 --- a/sound/pci/hda/hda_codec.c +++ b/sound/pci/hda/hda_codec.c -@@ -976,14 +976,10 @@ find_codec_preset(struct hda_codec *codec) +@@ -983,14 +983,10 @@ find_codec_preset(struct hda_codec *codec) mutex_unlock(&preset_mutex); if (mod_requested < HDA_MODREQ_MAX_COUNT) { @@ -104637,7 +106346,7 @@ index 69178c4..4493d52 100644 mod_requested++; goto again; } -@@ -2668,7 +2664,7 @@ static int get_kctl_0dB_offset(struct snd_kcontrol *kctl, int *step_to_check) +@@ -2739,7 +2735,7 @@ static int get_kctl_0dB_offset(struct snd_kcontrol *kctl, int *step_to_check) /* FIXME: set_fs() hack for obtaining user-space TLV data */ mm_segment_t fs = get_fs(); set_fs(get_ds()); @@ -104704,23 +106413,41 @@ index d591c15..8cb8f94 100644 chip->pci = pci; chip->irq = -1; diff --git a/sound/soc/fsl/fsl_ssi.c b/sound/soc/fsl/fsl_ssi.c -index 35e2773..6d6ceee 100644 +index 5428a1f..474f651 100644 --- a/sound/soc/fsl/fsl_ssi.c +++ b/sound/soc/fsl/fsl_ssi.c -@@ -857,7 +857,7 @@ static int fsl_ssi_probe(struct platform_device *pdev) +@@ -1255,7 +1255,6 @@ static int fsl_ssi_probe(struct platform_device *pdev) { struct fsl_ssi_private *ssi_private; int ret = 0; - struct device_attribute *dev_attr = NULL; -+ device_attribute_no_const *dev_attr = NULL; struct device_node *np = pdev->dev.of_node; - const char *p, *sprop; - const uint32_t *iprop; + const struct of_device_id *of_id; + enum fsl_ssi_type hw_type; +@@ -1481,7 +1480,7 @@ static int fsl_ssi_probe(struct platform_device *pdev) + &ssi_private->cpu_dai_drv, 1); + if (ret) { + dev_err(&pdev->dev, "failed to register DAI: %d\n", ret); +- goto error_dev; ++ goto error_clk; + } + + ret = fsl_ssi_debugfs_create(ssi_private, &pdev->dev); +@@ -1562,9 +1561,6 @@ error_pcm: + error_dbgfs: + snd_soc_unregister_component(&pdev->dev); + +-error_dev: +- device_remove_file(&pdev->dev, dev_attr); +- + error_clk: + if (ssi_private->ssi_on_imx) { + if (!IS_ERR(ssi_private->baudclk)) diff --git a/sound/soc/soc-core.c b/sound/soc/soc-core.c -index a66783e..ed1d791 100644 +index fe1df50..09d3be6 100644 --- a/sound/soc/soc-core.c +++ b/sound/soc/soc-core.c -@@ -2253,8 +2253,10 @@ int snd_soc_set_ac97_ops_of_reset(struct snd_ac97_bus_ops *ops, +@@ -2254,8 +2254,10 @@ int snd_soc_set_ac97_ops_of_reset(struct snd_ac97_bus_ops *ops, if (ret) return ret; @@ -104760,18 +106487,18 @@ index 7778b8e..3d619fc 100644 diff --git a/tools/gcc/.gitignore b/tools/gcc/.gitignore new file mode 100644 -index 0000000..4c2c45c +index 0000000..60e7af2 --- /dev/null +++ b/tools/gcc/.gitignore @@ -0,0 +1,2 @@ +randomize_layout_seed.h -+size_overflow_hash.h ++randomize_layout_hash.h diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile new file mode 100644 -index 0000000..b198b6d +index 0000000..7b8921f --- /dev/null +++ b/tools/gcc/Makefile -@@ -0,0 +1,54 @@ +@@ -0,0 +1,52 @@ +#CC := gcc +#PLUGIN_SOURCE_FILES := pax_plugin.c +#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) @@ -104780,23 +106507,29 @@ index 0000000..b198b6d + +ifeq ($(PLUGINCC),$(HOSTCC)) +HOSTLIBS := hostlibs -+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 -ggdb ++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(src) -std=gnu99 -ggdb ++export HOST_EXTRACFLAGS +else +HOSTLIBS := hostcxxlibs -+HOST_EXTRACXXFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu++98 -fno-rtti -ggdb -Wno-unused-parameter -Wno-narrowing ++HOST_EXTRACXXFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(src) -std=gnu++98 -fno-rtti -ggdb -Wno-unused-parameter -Wno-narrowing -Wno-unused-variable ++export HOST_EXTRACXXFLAGS +endif + ++export GCCPLUGINS_DIR HOSTLIBS ++ +$(HOSTLIBS)-$(CONFIG_PAX_CONSTIFY_PLUGIN) := constify_plugin.so +$(HOSTLIBS)-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so +$(HOSTLIBS)-$(CONFIG_KALLOCSTAT_PLUGIN) += kallocstat_plugin.so +$(HOSTLIBS)-$(CONFIG_PAX_KERNEXEC_PLUGIN) += kernexec_plugin.so +$(HOSTLIBS)-$(CONFIG_CHECKER_PLUGIN) += checker_plugin.so +$(HOSTLIBS)-y += colorize_plugin.so -+$(HOSTLIBS)-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so +$(HOSTLIBS)-$(CONFIG_PAX_LATENT_ENTROPY) += latent_entropy_plugin.so +$(HOSTLIBS)-$(CONFIG_PAX_MEMORY_STRUCTLEAK) += structleak_plugin.so +$(HOSTLIBS)-$(CONFIG_GRKERNSEC_RANDSTRUCT) += randomize_layout_plugin.so + ++subdir-$(CONFIG_PAX_SIZE_OVERFLOW) := size_overflow_plugin ++subdir- += size_overflow_plugin ++ +always := $($(HOSTLIBS)-y) + +constify_plugin-objs := constify_plugin.o @@ -104805,27 +106538,19 @@ index 0000000..b198b6d +kernexec_plugin-objs := kernexec_plugin.o +checker_plugin-objs := checker_plugin.o +colorize_plugin-objs := colorize_plugin.o -+size_overflow_plugin-objs := size_overflow_plugin.o +latent_entropy_plugin-objs := latent_entropy_plugin.o +structleak_plugin-objs := structleak_plugin.o +randomize_layout_plugin-objs := randomize_layout_plugin.o + -+$(obj)/size_overflow_plugin.o: $(objtree)/$(obj)/size_overflow_hash.h +$(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h + -+quiet_cmd_build_size_overflow_hash = GENHASH $@ -+ cmd_build_size_overflow_hash = \ -+ $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -d $< -o $@ -+$(objtree)/$(obj)/size_overflow_hash.h: $(src)/size_overflow_hash.data FORCE -+ $(call if_changed,build_size_overflow_hash) -+ +quiet_cmd_create_randomize_layout_seed = GENSEED $@ + cmd_create_randomize_layout_seed = \ + $(CONFIG_SHELL) $(srctree)/$(src)/gen-random-seed.sh $@ $(objtree)/include/generated/randomize_layout_hash.h +$(objtree)/$(obj)/randomize_layout_seed.h: FORCE + $(call if_changed,create_randomize_layout_seed) + -+targets += size_overflow_hash.h randomize_layout_seed.h randomize_layout_hash.h ++targets += randomize_layout_seed.h randomize_layout_hash.h diff --git a/tools/gcc/checker_plugin.c b/tools/gcc/checker_plugin.c new file mode 100644 index 0000000..5452feea @@ -104984,10 +106709,10 @@ index 0000000..5452feea +} diff --git a/tools/gcc/colorize_plugin.c b/tools/gcc/colorize_plugin.c new file mode 100644 -index 0000000..06dcfda +index 0000000..54461af --- /dev/null +++ b/tools/gcc/colorize_plugin.c -@@ -0,0 +1,169 @@ +@@ -0,0 +1,210 @@ +/* + * Copyright 2012-2014 by PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -105006,20 +106731,20 @@ index 0000000..06dcfda +int plugin_is_GPL_compatible; + +static struct plugin_info colorize_plugin_info = { -+ .version = "201401260140", -+ .help = NULL, ++ .version = "201404202350", ++ .help = "color=[never|always|auto]\tdetermine when to colorize\n", +}; + -+#define GREEN "\033[32m\033[2m" -+#define LIGHTGREEN "\033[32m\033[1m" -+#define YELLOW "\033[33m\033[2m" -+#define LIGHTYELLOW "\033[33m\033[1m" -+#define RED "\033[31m\033[2m" -+#define LIGHTRED "\033[31m\033[1m" -+#define BLUE "\033[34m\033[2m" -+#define LIGHTBLUE "\033[34m\033[1m" -+#define BRIGHT "\033[m\033[1m" -+#define NORMAL "\033[m" ++#define GREEN "\033[32m\033[K" ++#define LIGHTGREEN "\033[1;32m\033[K" ++#define YELLOW "\033[33m\033[K" ++#define LIGHTYELLOW "\033[1;33m\033[K" ++#define RED "\033[31m\033[K" ++#define LIGHTRED "\033[1;31m\033[K" ++#define BLUE "\033[34m\033[K" ++#define LIGHTBLUE "\033[1;34m\033[K" ++#define BRIGHT "\033[1;m\033[K" ++#define NORMAL "\033[m\033[K" + +static diagnostic_starter_fn old_starter; +static diagnostic_finalizer_fn old_finalizer; @@ -105121,26 +106846,42 @@ index 0000000..06dcfda + unsigned int execute() { return execute_colorize_rearm(); } +}; +} -+#endif + -+static struct opt_pass *make_colorize_rearm_pass(void) ++static opt_pass *make_colorize_rearm_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new colorize_rearm_pass(); ++} +#else ++static struct opt_pass *make_colorize_rearm_pass(void) ++{ + return &colorize_rearm_pass.pass; -+#endif +} ++#endif + +static void colorize_start_unit(void *gcc_data, void *user_data) +{ + colorize_arm(); +} + ++static bool should_colorize(void) ++{ ++#if BUILDING_GCC_VERSION >= 4009 ++ return false; ++#else ++ char const *t = getenv("TERM"); ++ ++ return t && strcmp(t, "dumb") && isatty(STDERR_FILENO); ++#endif ++} ++ +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ + const char * const plugin_name = plugin_info->base_name; ++ const int argc = plugin_info->argc; ++ const struct plugin_argument * const argv = plugin_info->argv; ++ int i; + struct register_pass_info colorize_rearm_pass_info; ++ bool colorize; + + colorize_rearm_pass_info.pass = make_colorize_rearm_pass(); + colorize_rearm_pass_info.reference_pass_name = "*free_lang_data"; @@ -105153,16 +106894,41 @@ index 0000000..06dcfda + } + + register_callback(plugin_name, PLUGIN_INFO, NULL, &colorize_plugin_info); -+ register_callback(plugin_name, PLUGIN_START_UNIT, &colorize_start_unit, NULL); -+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &colorize_rearm_pass_info); ++ ++ colorize = getenv("GCC_COLORS") ? should_colorize() : false; ++ ++ for (i = 0; i < argc; ++i) { ++ if (!strcmp(argv[i].key, "color")) { ++ if (!argv[i].value) { ++ error(G_("no value supplied for option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); ++ continue; ++ } ++ if (!strcmp(argv[i].value, "always")) ++ colorize = true; ++ else if (!strcmp(argv[i].value, "never")) ++ colorize = false; ++ else if (!strcmp(argv[i].value, "auto")) ++ colorize = should_colorize(); ++ else ++ error(G_("invalid option argument '-fplugin-arg-%s-%s=%s'"), plugin_name, argv[i].key, argv[i].value); ++ continue; ++ } ++ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); ++ } ++ ++ if (colorize) { ++ // TODO: parse GCC_COLORS as used by gcc 4.9+ ++ register_callback(plugin_name, PLUGIN_START_UNIT, &colorize_start_unit, NULL); ++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &colorize_rearm_pass_info); ++ } + return 0; +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..4f67ac1 +index 0000000..82bc5a8 --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,552 @@ +@@ -0,0 +1,557 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2014 by PaX Team <pageexec@freemail.hu> @@ -105524,7 +107290,11 @@ index 0000000..4f67ac1 + +static void check_global_variables(void *event_data, void *data) +{ ++#if BUILDING_GCC_VERSION >= 4009 ++ varpool_node *node; ++#else + struct varpool_node *node; ++#endif + + FOR_EACH_VARIABLE(node) { + tree var = NODE_DECL(node); @@ -105621,16 +107391,17 @@ index 0000000..4f67ac1 + unsigned int execute() { return check_local_variables(); } +}; +} -+#endif + -+static struct opt_pass *make_check_local_variables_pass(void) ++static opt_pass *make_check_local_variables_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new check_local_variables_pass(); ++} +#else ++static struct opt_pass *make_check_local_variables_pass(void) ++{ + return &check_local_variables_pass.pass; -+#endif +} ++#endif + +static struct { + const char *name; @@ -105717,10 +107488,10 @@ index 0000000..4f67ac1 +} diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h new file mode 100644 -index 0000000..6dbb502 +index 0000000..e90c205 --- /dev/null +++ b/tools/gcc/gcc-common.h -@@ -0,0 +1,286 @@ +@@ -0,0 +1,295 @@ +#ifndef GCC_COMMON_H_INCLUDED +#define GCC_COMMON_H_INCLUDED + @@ -105791,7 +107562,6 @@ index 0000000..6dbb502 +#include "tree-pass.h" +//#include "df.h" +#include "predict.h" -+//#include "lto-streamer.h" +#include "ipa-utils.h" + +#if BUILDING_GCC_VERSION >= 4009 @@ -105806,6 +107576,7 @@ index 0000000..6dbb502 +#include "tree-ssanames.h" +#include "print-tree.h" +#include "tree-eh.h" ++#include "stmt.h" +#endif + +#include "gimple.h" @@ -105819,6 +107590,10 @@ index 0000000..6dbb502 +#include "ssa-iterators.h" +#endif + ++//#include "lto/lto.h" ++//#include "data-streamer.h" ++//#include "lto-compress.h" ++ +//#include "expr.h" where are you... +extern rtx emit_move_insn(rtx x, rtx y); + @@ -105830,11 +107605,14 @@ index 0000000..6dbb502 + +#define DECL_NAME_POINTER(node) IDENTIFIER_POINTER(DECL_NAME(node)) +#define DECL_NAME_LENGTH(node) IDENTIFIER_LENGTH(DECL_NAME(node)) ++#define TYPE_NAME_POINTER(node) IDENTIFIER_POINTER(TYPE_NAME(node)) ++#define TYPE_NAME_LENGTH(node) IDENTIFIER_LENGTH(TYPE_NAME(node)) + +#if BUILDING_GCC_VERSION == 4005 +#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I) +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE))) +#define FOR_EACH_VEC_ELT(T, V, I, P) for (I = 0; VEC_iterate(T, (V), (I), (P)); ++(I)) ++#define TODO_rebuild_cgraph_edges 0 + +static inline bool gimple_call_builtin_p(gimple stmt, enum built_in_function code) +{ @@ -105967,6 +107745,8 @@ index 0000000..6dbb502 +#if BUILDING_GCC_VERSION >= 4007 +#define cgraph_create_edge(caller, callee, call_stmt, count, freq, nest) \ + cgraph_create_edge((caller), (callee), (call_stmt), (count), (freq)) ++#define cgraph_create_edge_including_clones(caller, callee, old_call_stmt, call_stmt, count, freq, nest, reason) \ ++ cgraph_create_edge_including_clones((caller), (callee), (old_call_stmt), (call_stmt), (count), (freq), (reason)) +#endif + +#if BUILDING_GCC_VERSION <= 4008 @@ -106021,112 +107801,12 @@ index 0000000..7514850 + HASH=`echo -n "$SEED" | sha256sum | cut -d" " -f1 | tr -d ' \n'` + echo "#define RANDSTRUCT_HASHED_SEED \"$HASH\"" > "$2" +fi -diff --git a/tools/gcc/generate_size_overflow_hash.sh b/tools/gcc/generate_size_overflow_hash.sh -new file mode 100644 -index 0000000..e518932 ---- /dev/null -+++ b/tools/gcc/generate_size_overflow_hash.sh -@@ -0,0 +1,94 @@ -+#!/bin/bash -+ -+# This script generates the hash table (size_overflow_hash.h) for the size_overflow gcc plugin (size_overflow_plugin.c). -+ -+header1="size_overflow_hash.h" -+database="size_overflow_hash.data" -+n=65536 -+ -+usage() { -+cat <<EOF -+usage: $0 options -+OPTIONS: -+ -h|--help help -+ -o header file -+ -d database file -+ -n hash array size -+EOF -+ return 0 -+} -+ -+while true -+do -+ case "$1" in -+ -h|--help) usage && exit 0;; -+ -n) n=$2; shift 2;; -+ -o) header1="$2"; shift 2;; -+ -d) database="$2"; shift 2;; -+ --) shift 1; break ;; -+ *) break ;; -+ esac -+done -+ -+create_defines() { -+ for i in `seq 0 31` -+ do -+ echo -e "#define PARAM"$i" (1U << "$i")" >> "$header1" -+ done -+ echo >> "$header1" -+} -+ -+create_structs() { -+ rm -f "$header1" -+ -+ create_defines -+ -+ cat "$database" | while read data -+ do -+ data_array=($data) -+ struct_hash_name="${data_array[0]}" -+ funcn="${data_array[1]}" -+ params="${data_array[2]}" -+ next="${data_array[4]}" -+ -+ echo "const struct size_overflow_hash $struct_hash_name = {" >> "$header1" -+ -+ echo -e "\t.next\t= $next,\n\t.name\t= \"$funcn\"," >> "$header1" -+ echo -en "\t.param\t= " >> "$header1" -+ line= -+ for param_num in ${params//-/ }; -+ do -+ line="${line}PARAM"$param_num"|" -+ done -+ -+ echo -e "${line%?},\n};\n" >> "$header1" -+ done -+} -+ -+create_headers() { -+ echo "const struct size_overflow_hash * const size_overflow_hash[$n] = {" >> "$header1" -+} -+ -+create_array_elements() { -+ index=0 -+ grep -v "nohasharray" $database | sort -n -k 4 | while read data -+ do -+ data_array=($data) -+ i="${data_array[3]}" -+ hash="${data_array[0]}" -+ while [[ $index -lt $i ]] -+ do -+ echo -e "\t["$index"]\t= NULL," >> "$header1" -+ index=$(($index + 1)) -+ done -+ index=$(($index + 1)) -+ echo -e "\t["$i"]\t= &"$hash"," >> "$header1" -+ done -+ echo '};' >> $header1 -+} -+ -+create_structs -+create_headers -+create_array_elements -+ -+exit 0 diff --git a/tools/gcc/kallocstat_plugin.c b/tools/gcc/kallocstat_plugin.c new file mode 100644 -index 0000000..b559327 +index 0000000..d81c094 --- /dev/null +++ b/tools/gcc/kallocstat_plugin.c -@@ -0,0 +1,182 @@ +@@ -0,0 +1,183 @@ +/* + * Copyright 2011-2014 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -106278,16 +107958,17 @@ index 0000000..b559327 + unsigned int execute() { return execute_kallocstat(); } +}; +} -+#endif + -+static struct opt_pass *make_kallocstat_pass(void) ++static opt_pass *make_kallocstat_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new kallocstat_pass(); ++} +#else ++static struct opt_pass *make_kallocstat_pass(void) ++{ + return &kallocstat_pass.pass; -+#endif +} ++#endif + +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ @@ -106311,10 +107992,10 @@ index 0000000..b559327 +} diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c new file mode 100644 -index 0000000..dd73713 +index 0000000..89f256d --- /dev/null +++ b/tools/gcc/kernexec_plugin.c -@@ -0,0 +1,519 @@ +@@ -0,0 +1,522 @@ +/* + * Copyright 2011-2014 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -106741,34 +108422,37 @@ index 0000000..dd73713 + unsigned int execute() { return execute_kernexec_retaddr(); } +}; +} -+#endif + -+static struct opt_pass *make_kernexec_reload_pass(void) ++static opt_pass *make_kernexec_reload_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new kernexec_reload_pass(); ++} ++ ++static opt_pass *make_kernexec_fptr_pass(void) ++{ ++ return new kernexec_fptr_pass(); ++} ++ ++static opt_pass *make_kernexec_retaddr_pass(void) ++{ ++ return new kernexec_retaddr_pass(); ++} +#else ++static struct opt_pass *make_kernexec_reload_pass(void) ++{ + return &kernexec_reload_pass.pass; -+#endif +} + +static struct opt_pass *make_kernexec_fptr_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new kernexec_fptr_pass(); -+#else + return &kernexec_fptr_pass.pass; -+#endif +} + +static struct opt_pass *make_kernexec_retaddr_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new kernexec_retaddr_pass(); -+#else + return &kernexec_retaddr_pass.pass; -+#endif +} ++#endif + +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ @@ -106836,10 +108520,10 @@ index 0000000..dd73713 +} diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c new file mode 100644 -index 0000000..1a98bed +index 0000000..39d7cc7 --- /dev/null +++ b/tools/gcc/latent_entropy_plugin.c -@@ -0,0 +1,451 @@ +@@ -0,0 +1,462 @@ +/* + * Copyright 2012-2014 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -106868,7 +108552,7 @@ index 0000000..1a98bed +static tree latent_entropy_decl; + +static struct plugin_info latent_entropy_plugin_info = { -+ .version = "201402240545", ++ .version = "201403280150", + .help = NULL +}; + @@ -107040,6 +108724,10 @@ index 0000000..1a98bed + +static bool gate_latent_entropy(void) +{ ++ // don't bother with noreturn functions for now ++ if (TREE_THIS_VOLATILE(current_function_decl)) ++ return false; ++ + return lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)) != NULL_TREE; +} + @@ -107129,7 +108817,11 @@ index 0000000..1a98bed + tree local_entropy; + + if (!latent_entropy_decl) { ++#if BUILDING_GCC_VERSION >= 4009 ++ varpool_node *node; ++#else + struct varpool_node *node; ++#endif + + FOR_EACH_VARIABLE(node) { + tree var = NODE_DECL(node); @@ -107164,7 +108856,8 @@ index 0000000..1a98bed + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); +//debug_bb(bb); -+ bb = bb->next_bb; ++ gcc_assert(single_succ_p(bb)); ++ bb = single_succ(bb); + + // 3. instrument each BB with an operation on the local entropy variable + while (bb != EXIT_BLOCK_PTR_FOR_FN(cfun)) { @@ -107174,8 +108867,9 @@ index 0000000..1a98bed + }; + + // 4. mix local entropy into the global entropy variable -+ perturb_latent_entropy(EXIT_BLOCK_PTR_FOR_FN(cfun)->prev_bb, local_entropy); -+//debug_bb(EXIT_BLOCK_PTR_FOR_FN(cfun)->prev_bb); ++ gcc_assert(single_pred_p(EXIT_BLOCK_PTR_FOR_FN(cfun))); ++ perturb_latent_entropy(single_pred(EXIT_BLOCK_PTR_FOR_FN(cfun)), local_entropy); ++//debug_bb(single_pred(EXIT_BLOCK_PTR_FOR_FN(cfun))); + return 0; +} + @@ -107246,16 +108940,17 @@ index 0000000..1a98bed + unsigned int execute() { return execute_latent_entropy(); } +}; +} -+#endif + -+static struct opt_pass *make_latent_entropy_pass(void) ++static opt_pass *make_latent_entropy_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new latent_entropy_pass(); ++} +#else ++static struct opt_pass *make_latent_entropy_pass(void) ++{ + return &latent_entropy_pass.pass; -+#endif +} ++#endif + +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ @@ -108207,12 +109902,4344 @@ index 0000000..8dafb22 + + return 0; +} -diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data +diff --git a/tools/gcc/size_overflow_plugin/.gitignore b/tools/gcc/size_overflow_plugin/.gitignore +new file mode 100644 +index 0000000..92d3b0c +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/.gitignore +@@ -0,0 +1,2 @@ ++size_overflow_hash.h ++size_overflow_hash_aux.h +diff --git a/tools/gcc/size_overflow_plugin/Makefile b/tools/gcc/size_overflow_plugin/Makefile +new file mode 100644 +index 0000000..1ae2ed5 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/Makefile +@@ -0,0 +1,20 @@ ++$(HOSTLIBS)-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so ++always := $($(HOSTLIBS)-y) ++ ++size_overflow_plugin-objs := $(patsubst $(srctree)/$(src)/%.c,%.o,$(wildcard $(srctree)/$(src)/*.c)) ++ ++$(patsubst $(srctree)/$(src)/%.c,$(obj)/%.o,$(wildcard $(srctree)/$(src)/*.c)): $(objtree)/$(obj)/size_overflow_hash.h $(objtree)/$(obj)/size_overflow_hash_aux.h ++ ++quiet_cmd_build_size_overflow_hash = GENHASH $@ ++ cmd_build_size_overflow_hash = \ ++ $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -s size_overflow_hash -d $< -o $@ ++$(objtree)/$(obj)/size_overflow_hash.h: $(src)/size_overflow_hash.data FORCE ++ $(call if_changed,build_size_overflow_hash) ++ ++quiet_cmd_build_size_overflow_hash_aux = GENHASH $@ ++ cmd_build_size_overflow_hash_aux = \ ++ $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -s size_overflow_hash_aux -d $< -o $@ ++$(objtree)/$(obj)/size_overflow_hash_aux.h: $(src)/size_overflow_hash_aux.data FORCE ++ $(call if_changed,build_size_overflow_hash_aux) ++ ++targets += size_overflow_hash.h size_overflow_hash_aux.h +diff --git a/tools/gcc/size_overflow_plugin/generate_size_overflow_hash.sh b/tools/gcc/size_overflow_plugin/generate_size_overflow_hash.sh +new file mode 100644 +index 0000000..12b1e3b +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/generate_size_overflow_hash.sh +@@ -0,0 +1,102 @@ ++#!/bin/bash ++ ++# This script generates the hash table (size_overflow_hash.h) for the size_overflow gcc plugin (size_overflow_plugin.c). ++ ++header1="size_overflow_hash.h" ++database="size_overflow_hash.data" ++n=65536 ++hashtable_name="size_overflow_hash" ++ ++usage() { ++cat <<EOF ++usage: $0 options ++OPTIONS: ++ -h|--help help ++ -o header file ++ -d database file ++ -n hash array size ++ -s name of the hash table ++EOF ++ return 0 ++} ++ ++while true ++do ++ case "$1" in ++ -h|--help) usage && exit 0;; ++ -n) n=$2; shift 2;; ++ -o) header1="$2"; shift 2;; ++ -d) database="$2"; shift 2;; ++ -s) hashtable_name="$2"; shift 2;; ++ --) shift 1; break ;; ++ *) break ;; ++ esac ++done ++ ++create_defines() { ++ for i in `seq 0 31` ++ do ++ echo -e "#define PARAM"$i" (1U << "$i")" >> "$header1" ++ done ++ echo >> "$header1" ++} ++ ++create_structs() { ++ rm -f "$header1" ++ ++ create_defines ++ ++ cat "$database" | while read data ++ do ++ data_array=($data) ++ struct_hash_name="${data_array[0]}" ++ funcn="${data_array[1]}" ++ params="${data_array[2]}" ++ next="${data_array[4]}" ++ ++ echo "const struct size_overflow_hash $struct_hash_name = {" >> "$header1" ++ ++ echo -e "\t.next\t= $next,\n\t.name\t= \"$funcn\"," >> "$header1" ++ echo -en "\t.param\t= " >> "$header1" ++ line= ++ for param_num in ${params//-/ }; ++ do ++ line="${line}PARAM"$param_num"|" ++ done ++ ++ echo -e "${line%?},\n};\n" >> "$header1" ++ done ++} ++ ++create_headers() { ++ echo "const struct size_overflow_hash * const $hashtable_name[$n] = {" >> "$header1" ++} ++ ++create_array_elements() { ++ index=0 ++ grep -v "nohasharray" $database | sort -n -k 4 | while read data ++ do ++ data_array=($data) ++ i="${data_array[3]}" ++ hash="${data_array[0]}" ++ while [[ $index -lt $i ]] ++ do ++ echo -e "\t["$index"]\t= NULL," >> "$header1" ++ index=$(($index + 1)) ++ done ++ index=$(($index + 1)) ++ echo -e "\t["$i"]\t= &"$hash"," >> "$header1" ++ done ++ echo '};' >> $header1 ++} ++ ++size_overflow_plugin_dir=`dirname $header1` ++if [ "$size_overflow_plugin_dir" != '.' ]; then ++ mkdir -p "$size_overflow_plugin_dir" 2> /dev/null ++fi ++ ++create_structs ++create_headers ++create_array_elements ++ ++exit 0 +diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c +new file mode 100644 +index 0000000..3e8148c +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c +@@ -0,0 +1,790 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs); ++static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs); ++ ++// data for the size_overflow asm stmt ++struct asm_data { ++ gimple def_stmt; ++ tree input; ++ tree output; ++}; ++ ++#if BUILDING_GCC_VERSION <= 4007 ++static VEC(tree, gc) *create_asm_io_list(tree string, tree io) ++#else ++static vec<tree, va_gc> *create_asm_io_list(tree string, tree io) ++#endif ++{ ++ tree list; ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC(tree, gc) *vec_list = NULL; ++#else ++ vec<tree, va_gc> *vec_list = NULL; ++#endif ++ ++ list = build_tree_list(NULL_TREE, string); ++ list = chainon(NULL_TREE, build_tree_list(list, io)); ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC_safe_push(tree, gc, vec_list, list); ++#else ++ vec_safe_push(vec_list, list); ++#endif ++ return vec_list; ++} ++ ++static void create_asm_stmt(const char *str, tree str_input, tree str_output, struct asm_data *asm_data) ++{ ++ gimple asm_stmt; ++ gimple_stmt_iterator gsi; ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC(tree, gc) *input, *output = NULL; ++#else ++ vec<tree, va_gc> *input, *output = NULL; ++#endif ++ ++ input = create_asm_io_list(str_input, asm_data->input); ++ ++ if (asm_data->output) ++ output = create_asm_io_list(str_output, asm_data->output); ++ ++ asm_stmt = gimple_build_asm_vec(str, input, output, NULL, NULL); ++ gsi = gsi_for_stmt(asm_data->def_stmt); ++ gsi_insert_after(&gsi, asm_stmt, GSI_NEW_STMT); ++ ++ if (asm_data->output) ++ SSA_NAME_DEF_STMT(asm_data->output) = asm_stmt; ++} ++ ++static void replace_call_lhs(const struct asm_data *asm_data) ++{ ++ gimple_set_lhs(asm_data->def_stmt, asm_data->input); ++ update_stmt(asm_data->def_stmt); ++ SSA_NAME_DEF_STMT(asm_data->input) = asm_data->def_stmt; ++} ++ ++static enum mark search_intentional_phi(struct pointer_set_t *visited, const_tree result) ++{ ++ enum mark cur_fndecl_attr; ++ gimple phi = get_def_stmt(result); ++ unsigned int i, n = gimple_phi_num_args(phi); ++ ++ pointer_set_insert(visited, phi); ++ for (i = 0; i < n; i++) { ++ tree arg = gimple_phi_arg_def(phi, i); ++ ++ cur_fndecl_attr = search_intentional(visited, arg); ++ if (cur_fndecl_attr != MARK_NO) ++ return cur_fndecl_attr; ++ } ++ return MARK_NO; ++} ++ ++static enum mark search_intentional_binary(struct pointer_set_t *visited, const_tree lhs) ++{ ++ enum mark cur_fndecl_attr; ++ const_tree rhs1, rhs2; ++ gimple def_stmt = get_def_stmt(lhs); ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ ++ cur_fndecl_attr = search_intentional(visited, rhs1); ++ if (cur_fndecl_attr != MARK_NO) ++ return cur_fndecl_attr; ++ return search_intentional(visited, rhs2); ++} ++ ++// Look up the intentional_overflow attribute on the caller and the callee functions. ++static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs) ++{ ++ const_gimple def_stmt; ++ ++ if (TREE_CODE(lhs) != SSA_NAME) ++ return get_intentional_attr_type(lhs); ++ ++ def_stmt = get_def_stmt(lhs); ++ if (!def_stmt) ++ return MARK_NO; ++ ++ if (pointer_set_contains(visited, def_stmt)) ++ return MARK_NO; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ return search_intentional(visited, SSA_NAME_VAR(lhs)); ++ case GIMPLE_ASM: ++ if (is_size_overflow_intentional_asm_turn_off(def_stmt)) ++ return MARK_TURN_OFF; ++ return MARK_NO; ++ case GIMPLE_CALL: ++ return MARK_NO; ++ case GIMPLE_PHI: ++ return search_intentional_phi(visited, lhs); ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ return search_intentional(visited, gimple_assign_rhs1(def_stmt)); ++ case 3: ++ return search_intentional_binary(visited, lhs); ++ } ++ case GIMPLE_RETURN: ++ return MARK_NO; ++ default: ++ debug_gimple_stmt((gimple)def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ ++// Check the intentional_overflow attribute and create the asm comment string for the size_overflow asm stmt. ++static enum mark check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) ++{ ++ const_tree fndecl; ++ struct pointer_set_t *visited; ++ enum mark cur_fndecl_attr, decl_attr = MARK_NO; ++ ++ fndecl = get_interesting_orig_fndecl(stmt, argnum); ++ if (is_end_intentional_intentional_attr(fndecl, argnum)) ++ decl_attr = MARK_NOT_INTENTIONAL; ++ else if (is_yes_intentional_attr(fndecl, argnum)) ++ decl_attr = MARK_YES; ++ else if (is_turn_off_intentional_attr(fndecl) || is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { ++ return MARK_TURN_OFF; ++ } ++ ++ visited = pointer_set_create(); ++ cur_fndecl_attr = search_intentional(visited, arg); ++ pointer_set_destroy(visited); ++ ++ switch (cur_fndecl_attr) { ++ case MARK_NO: ++ case MARK_TURN_OFF: ++ return cur_fndecl_attr; ++ default: ++ print_missing_intentional(decl_attr, cur_fndecl_attr, fndecl, argnum); ++ return MARK_YES; ++ } ++} ++ ++static void check_missing_size_overflow_attribute(tree var) ++{ ++ tree orig_fndecl; ++ unsigned int num; ++ ++ if (is_a_return_check(var)) ++ orig_fndecl = DECL_ORIGIN(var); ++ else ++ orig_fndecl = DECL_ORIGIN(current_function_decl); ++ ++ num = get_function_num(var, orig_fndecl); ++ if (num == CANNOT_FIND_ARG) ++ return; ++ ++ is_missing_function(orig_fndecl, num); ++} ++ ++static void search_size_overflow_attribute_phi(struct pointer_set_t *visited, const_tree result) ++{ ++ gimple phi = get_def_stmt(result); ++ unsigned int i, n = gimple_phi_num_args(phi); ++ ++ pointer_set_insert(visited, phi); ++ for (i = 0; i < n; i++) { ++ tree arg = gimple_phi_arg_def(phi, i); ++ ++ search_size_overflow_attribute(visited, arg); ++ } ++} ++ ++static void search_size_overflow_attribute_binary(struct pointer_set_t *visited, const_tree lhs) ++{ ++ const_gimple def_stmt = get_def_stmt(lhs); ++ tree rhs1, rhs2; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ ++ search_size_overflow_attribute(visited, rhs1); ++ search_size_overflow_attribute(visited, rhs2); ++} ++ ++static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs) ++{ ++ const_gimple def_stmt; ++ ++ if (TREE_CODE(lhs) == PARM_DECL) { ++ check_missing_size_overflow_attribute(lhs); ++ return; ++ } ++ ++ def_stmt = get_def_stmt(lhs); ++ if (!def_stmt) ++ return; ++ ++ if (pointer_set_insert(visited, def_stmt)) ++ return; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ return search_size_overflow_attribute(visited, SSA_NAME_VAR(lhs)); ++ case GIMPLE_ASM: ++ return; ++ case GIMPLE_CALL: { ++ tree fndecl = gimple_call_fndecl(def_stmt); ++ ++ if (fndecl == NULL_TREE) ++ return; ++ check_missing_size_overflow_attribute(fndecl); ++ return; ++ } ++ case GIMPLE_PHI: ++ return search_size_overflow_attribute_phi(visited, lhs); ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ return search_size_overflow_attribute(visited, gimple_assign_rhs1(def_stmt)); ++ case 3: ++ return search_size_overflow_attribute_binary(visited, lhs); ++ } ++ default: ++ debug_gimple_stmt((gimple)def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ ++// Search missing entries in the hash table (invoked from the gimple pass) ++static void search_missing_size_overflow_attribute_gimple(const_gimple stmt, unsigned int num) ++{ ++ tree fndecl = NULL_TREE; ++ tree lhs; ++ struct pointer_set_t *visited; ++ ++ if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) ++ return; ++ ++ if (num == 0) { ++ gcc_assert(gimple_code(stmt) == GIMPLE_RETURN); ++ lhs = gimple_return_retval(stmt); ++ } else { ++ gcc_assert(is_gimple_call(stmt)); ++ lhs = gimple_call_arg(stmt, num - 1); ++ fndecl = gimple_call_fndecl(stmt); ++ } ++ ++ if (fndecl != NULL_TREE && is_turn_off_intentional_attr(DECL_ORIGIN(fndecl))) ++ return; ++ ++ visited = pointer_set_create(); ++ search_size_overflow_attribute(visited, lhs); ++ pointer_set_destroy(visited); ++} ++ ++static void create_output_from_phi(gimple stmt, unsigned int argnum, struct asm_data *asm_data) ++{ ++ gimple_stmt_iterator gsi; ++ gimple assign; ++ ++ assign = gimple_build_assign(asm_data->input, asm_data->output); ++ gsi = gsi_for_stmt(stmt); ++ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); ++ asm_data->def_stmt = assign; ++ ++ asm_data->output = create_new_var(TREE_TYPE(asm_data->output)); ++ asm_data->output = make_ssa_name(asm_data->output, stmt); ++ if (gimple_code(stmt) == GIMPLE_RETURN) ++ gimple_return_set_retval(stmt, asm_data->output); ++ else ++ gimple_call_set_arg(stmt, argnum - 1, asm_data->output); ++ update_stmt(stmt); ++} ++ ++static char *create_asm_comment(unsigned int argnum, const_gimple stmt , const char *mark_str) ++{ ++ const char *fn_name; ++ char *asm_comment; ++ unsigned int len; ++ ++ if (argnum == 0) ++ fn_name = DECL_NAME_POINTER(current_function_decl); ++ else ++ fn_name = DECL_NAME_POINTER(gimple_call_fndecl(stmt)); ++ ++ len = asprintf(&asm_comment, "%s %s %u", mark_str, fn_name, argnum); ++ gcc_assert(len > 0); ++ ++ return asm_comment; ++} ++ ++static const char *convert_mark_to_str(enum mark mark) ++{ ++ switch (mark) { ++ case MARK_NO: ++ return OK_ASM_STR; ++ case MARK_YES: ++ case MARK_NOT_INTENTIONAL: ++ return YES_ASM_STR; ++ case MARK_TURN_OFF: ++ return TURN_OFF_ASM_STR; ++ } ++ ++ gcc_unreachable(); ++} ++ ++/* Create the input of the size_overflow asm stmt. ++ * When the arg of the callee function is a parm_decl it creates this kind of size_overflow asm stmt: ++ * __asm__("# size_overflow MARK_YES" : : "rm" size_1(D)); ++ * The input field in asm_data will be empty if there is no need for further size_overflow asm stmt insertion. ++ * otherwise create the input (for a phi stmt the output too) of the asm stmt. ++ */ ++static void create_asm_input(gimple stmt, unsigned int argnum, struct asm_data *asm_data) ++{ ++ if (!asm_data->def_stmt) { ++ asm_data->input = NULL_TREE; ++ return; ++ } ++ ++ asm_data->input = create_new_var(TREE_TYPE(asm_data->output)); ++ asm_data->input = make_ssa_name(asm_data->input, asm_data->def_stmt); ++ ++ switch (gimple_code(asm_data->def_stmt)) { ++ case GIMPLE_ASSIGN: ++ case GIMPLE_CALL: ++ replace_call_lhs(asm_data); ++ break; ++ case GIMPLE_PHI: ++ create_output_from_phi(stmt, argnum, asm_data); ++ break; ++ case GIMPLE_NOP: { ++ enum mark mark; ++ const char *mark_str; ++ char *asm_comment; ++ ++ mark = check_intentional_attribute_gimple(asm_data->output, stmt, argnum); ++ ++ asm_data->input = asm_data->output; ++ asm_data->output = NULL; ++ asm_data->def_stmt = stmt; ++ ++ mark_str = convert_mark_to_str(mark); ++ asm_comment = create_asm_comment(argnum, stmt, mark_str); ++ ++ create_asm_stmt(asm_comment, build_string(3, "rm"), NULL, asm_data); ++ free(asm_comment); ++ asm_data->input = NULL_TREE; ++ break; ++ } ++ case GIMPLE_ASM: ++ if (is_size_overflow_asm(asm_data->def_stmt)) { ++ asm_data->input = NULL_TREE; ++ break; ++ } ++ default: ++ debug_gimple_stmt(asm_data->def_stmt); ++ gcc_unreachable(); ++ } ++} ++ ++/* This is the gimple part of searching for a missing size_overflow attribute. If the intentional_overflow attribute type ++ * is of the right kind create the appropriate size_overflow asm stmts: ++ * __asm__("# size_overflow" : =rm" D.3344_8 : "0" cicus.4_16); ++ * __asm__("# size_overflow MARK_YES" : : "rm" size_1(D)); ++ */ ++static void create_size_overflow_asm(gimple stmt, tree output_node, unsigned int argnum) ++{ ++ struct asm_data asm_data; ++ const char *mark_str; ++ char *asm_comment; ++ enum mark mark; ++ ++ if (is_gimple_constant(output_node)) ++ return; ++ ++ asm_data.output = output_node; ++ mark = check_intentional_attribute_gimple(asm_data.output, stmt, argnum); ++ if (mark != MARK_TURN_OFF) ++ search_missing_size_overflow_attribute_gimple(stmt, argnum); ++ ++ asm_data.def_stmt = get_def_stmt(asm_data.output); ++ if (is_size_overflow_intentional_asm_turn_off(asm_data.def_stmt)) ++ return; ++ ++ create_asm_input(stmt, argnum, &asm_data); ++ if (asm_data.input == NULL_TREE) ++ return; ++ ++ mark_str = convert_mark_to_str(mark); ++ asm_comment = create_asm_comment(argnum, stmt, mark_str); ++ create_asm_stmt(asm_comment, build_string(2, "0"), build_string(4, "=rm"), &asm_data); ++ free(asm_comment); ++} ++ ++// Insert an asm stmt with "MARK_TURN_OFF", "MARK_YES" or "MARK_NOT_INTENTIONAL". ++static bool create_mark_asm(gimple stmt, enum mark mark) ++{ ++ struct asm_data asm_data; ++ const char *asm_str; ++ ++ switch (mark) { ++ case MARK_TURN_OFF: ++ asm_str = TURN_OFF_ASM_STR; ++ break; ++ case MARK_NOT_INTENTIONAL: ++ case MARK_YES: ++ asm_str = YES_ASM_STR; ++ break; ++ default: ++ gcc_unreachable(); ++ } ++ ++ asm_data.def_stmt = stmt; ++ asm_data.output = gimple_call_lhs(stmt); ++ ++ if (asm_data.output == NULL_TREE) { ++ asm_data.input = gimple_call_arg(stmt, 0); ++ if (is_gimple_constant(asm_data.input)) ++ return false; ++ asm_data.output = NULL; ++ create_asm_stmt(asm_str, build_string(3, "rm"), NULL, &asm_data); ++ return true; ++ } ++ ++ create_asm_input(stmt, 0, &asm_data); ++ gcc_assert(asm_data.input != NULL_TREE); ++ ++ create_asm_stmt(asm_str, build_string(2, "0"), build_string(4, "=rm"), &asm_data); ++ return true; ++} ++ ++static bool is_from_cast(const_tree node) ++{ ++ gimple def_stmt = get_def_stmt(node); ++ ++ if (!def_stmt) ++ return false; ++ ++ if (gimple_assign_cast_p(def_stmt)) ++ return true; ++ ++ return false; ++} ++ ++// Skip duplication when there is a minus expr and the type of rhs1 or rhs2 is a pointer_type. ++static bool skip_ptr_minus(gimple stmt) ++{ ++ const_tree rhs1, rhs2, ptr1_rhs, ptr2_rhs; ++ ++ if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ if (!is_from_cast(rhs1)) ++ return false; ++ ++ rhs2 = gimple_assign_rhs2(stmt); ++ if (!is_from_cast(rhs2)) ++ return false; ++ ++ ptr1_rhs = gimple_assign_rhs1(get_def_stmt(rhs1)); ++ ptr2_rhs = gimple_assign_rhs1(get_def_stmt(rhs2)); ++ ++ if (TREE_CODE(TREE_TYPE(ptr1_rhs)) != POINTER_TYPE && TREE_CODE(TREE_TYPE(ptr2_rhs)) != POINTER_TYPE) ++ return false; ++ ++ create_mark_asm(stmt, MARK_YES); ++ return true; ++} ++ ++static void walk_use_def_ptr(struct pointer_set_t *visited, const_tree lhs) ++{ ++ gimple def_stmt; ++ ++ def_stmt = get_def_stmt(lhs); ++ if (!def_stmt) ++ return; ++ ++ if (pointer_set_insert(visited, def_stmt)) ++ return; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ case GIMPLE_ASM: ++ case GIMPLE_CALL: ++ break; ++ case GIMPLE_PHI: { ++ unsigned int i, n = gimple_phi_num_args(def_stmt); ++ ++ pointer_set_insert(visited, def_stmt); ++ ++ for (i = 0; i < n; i++) { ++ tree arg = gimple_phi_arg_def(def_stmt, i); ++ ++ walk_use_def_ptr(visited, arg); ++ } ++ } ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ return; ++ case 3: ++ if (skip_ptr_minus(def_stmt)) ++ return; ++ ++ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs2(def_stmt)); ++ return; ++ default: ++ return; ++ } ++ default: ++ debug_gimple_stmt((gimple)def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ ++// Look for a ptr - ptr expression (e.g., cpuset_common_file_read() s - page) ++static void insert_mark_not_intentional_asm_at_ptr(const_tree arg) ++{ ++ struct pointer_set_t *visited; ++ ++ visited = pointer_set_create(); ++ walk_use_def_ptr(visited, arg); ++ pointer_set_destroy(visited); ++} ++ ++// Determine the return value and insert the asm stmt to mark the return stmt. ++static void insert_asm_ret(gimple stmt) ++{ ++ tree ret; ++ ++ ret = gimple_return_retval(stmt); ++ create_size_overflow_asm(stmt, ret, 0); ++} ++ ++// Determine the correct arg index and arg and insert the asm stmt to mark the stmt. ++static void insert_asm_arg(gimple stmt, unsigned int orig_argnum) ++{ ++ tree arg; ++ unsigned int argnum; ++ ++ argnum = get_correct_arg_count(orig_argnum, gimple_call_fndecl(stmt)); ++ gcc_assert(argnum != 0); ++ if (argnum == CANNOT_FIND_ARG) ++ return; ++ ++ arg = gimple_call_arg(stmt, argnum - 1); ++ gcc_assert(arg != NULL_TREE); ++ ++ // skip all ptr - ptr expressions ++ insert_mark_not_intentional_asm_at_ptr(arg); ++ ++ create_size_overflow_asm(stmt, arg, argnum); ++} ++ ++// If a function arg or the return value is marked by the size_overflow attribute then set its index in the array. ++static void set_argnum_attribute(const_tree attr, bool *argnums) ++{ ++ unsigned int argnum; ++ tree attr_value; ++ ++ for (attr_value = TREE_VALUE(attr); attr_value; attr_value = TREE_CHAIN(attr_value)) { ++ argnum = TREE_INT_CST_LOW(TREE_VALUE(attr_value)); ++ argnums[argnum] = true; ++ } ++} ++ ++// If a function arg or the return value is in the hash table then set its index in the array. ++static void set_argnum_hash(tree fndecl, bool *argnums) ++{ ++ unsigned int num; ++ const struct size_overflow_hash *hash; ++ ++ hash = get_function_hash(DECL_ORIGIN(fndecl)); ++ if (!hash) ++ return; ++ ++ for (num = 0; num <= MAX_PARAM; num++) { ++ if (!(hash->param & (1U << num))) ++ continue; ++ ++ argnums[num] = true; ++ } ++} ++ ++static bool is_all_the_argnums_empty(bool *argnums) ++{ ++ unsigned int i; ++ ++ for (i = 0; i <= MAX_PARAM; i++) ++ if (argnums[i]) ++ return false; ++ return true; ++} ++ ++// Check whether the arguments or the return value of the function are in the hash table or are marked by the size_overflow attribute. ++static void search_interesting_args(tree fndecl, bool *argnums) ++{ ++ const_tree attr; ++ ++ set_argnum_hash(fndecl, argnums); ++ if (!is_all_the_argnums_empty(argnums)) ++ return; ++ ++ attr = lookup_attribute("size_overflow", DECL_ATTRIBUTES(fndecl)); ++ if (attr && TREE_VALUE(attr)) ++ set_argnum_attribute(attr, argnums); ++} ++ ++/* ++ * Look up the intentional_overflow attribute that turns off ipa based duplication ++ * on the callee function. ++ */ ++static bool is_mark_turn_off_attribute(gimple stmt) ++{ ++ enum mark mark; ++ const_tree fndecl = gimple_call_fndecl(stmt); ++ ++ mark = get_intentional_attr_type(DECL_ORIGIN(fndecl)); ++ if (mark == MARK_TURN_OFF) ++ return true; ++ return false; ++} ++ ++// If the argument(s) of the callee function is/are in the hash table or are marked by an attribute then mark the call stmt with an asm stmt ++static void handle_interesting_function(gimple stmt) ++{ ++ unsigned int argnum; ++ tree fndecl; ++ bool orig_argnums[MAX_PARAM + 1] = {false}; ++ ++ if (gimple_call_num_args(stmt) == 0) ++ return; ++ fndecl = gimple_call_fndecl(stmt); ++ if (fndecl == NULL_TREE) ++ return; ++ fndecl = DECL_ORIGIN(fndecl); ++ ++ if (is_mark_turn_off_attribute(stmt)) { ++ create_mark_asm(stmt, MARK_TURN_OFF); ++ return; ++ } ++ ++ search_interesting_args(fndecl, orig_argnums); ++ ++ for (argnum = 1; argnum < MAX_PARAM; argnum++) ++ if (orig_argnums[argnum]) ++ insert_asm_arg(stmt, argnum); ++} ++ ++// If the return value of the caller function is in hash table (its index is 0) then mark the return stmt with an asm stmt ++static void handle_interesting_ret(gimple stmt) ++{ ++ bool orig_argnums[MAX_PARAM + 1] = {false}; ++ ++ search_interesting_args(current_function_decl, orig_argnums); ++ ++ if (orig_argnums[0]) ++ insert_asm_ret(stmt); ++} ++ ++// Iterate over all the stmts and search for call and return stmts and mark them if they're in the hash table ++static unsigned int search_interesting_functions(void) ++{ ++ basic_block bb; ++ ++ FOR_ALL_BB_FN(bb, cfun) { ++ gimple_stmt_iterator gsi; ++ ++ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { ++ gimple stmt = gsi_stmt(gsi); ++ ++ if (is_size_overflow_asm(stmt)) ++ continue; ++ ++ if (is_gimple_call(stmt)) ++ handle_interesting_function(stmt); ++ else if (gimple_code(stmt) == GIMPLE_RETURN) ++ handle_interesting_ret(stmt); ++ } ++ } ++ return 0; ++} ++ ++/* ++ * A lot of functions get inlined before the ipa passes so after the build_ssa gimple pass ++ * this pass inserts asm stmts to mark the interesting args ++ * that the ipa pass will detect and insert the size overflow checks for. ++ */ ++#if BUILDING_GCC_VERSION >= 4009 ++static const struct pass_data insert_size_overflow_asm_pass_data = { ++#else ++static struct gimple_opt_pass insert_size_overflow_asm_pass = { ++ .pass = { ++#endif ++ .type = GIMPLE_PASS, ++ .name = "insert_size_overflow_asm", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif ++#if BUILDING_GCC_VERSION >= 4009 ++ .has_gate = false, ++ .has_execute = true, ++#else ++ .gate = NULL, ++ .execute = search_interesting_functions, ++ .sub = NULL, ++ .next = NULL, ++ .static_pass_number = 0, ++#endif ++ .tv_id = TV_NONE, ++ .properties_required = PROP_cfg, ++ .properties_provided = 0, ++ .properties_destroyed = 0, ++ .todo_flags_start = 0, ++ .todo_flags_finish = TODO_dump_func | TODO_verify_ssa | TODO_verify_stmts | TODO_remove_unused_locals | TODO_update_ssa_no_phi | TODO_cleanup_cfg | TODO_ggc_collect | TODO_verify_flow ++#if BUILDING_GCC_VERSION < 4009 ++ } ++#endif ++}; ++ ++#if BUILDING_GCC_VERSION >= 4009 ++namespace { ++class insert_size_overflow_asm_pass : public gimple_opt_pass { ++public: ++ insert_size_overflow_asm_pass() : gimple_opt_pass(insert_size_overflow_asm_pass_data, g) {} ++ unsigned int execute() { return search_interesting_functions(); } ++}; ++} ++#endif ++ ++struct opt_pass *make_insert_size_overflow_asm_pass(void) ++{ ++#if BUILDING_GCC_VERSION >= 4009 ++ return new insert_size_overflow_asm_pass(); ++#else ++ return &insert_size_overflow_asm_pass.pass; ++#endif ++} +diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c +new file mode 100644 +index 0000000..88469e9 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_core.c +@@ -0,0 +1,902 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++#define MIN_CHECK true ++#define MAX_CHECK false ++ ++static tree get_size_overflow_type(struct visited *visited, const_gimple stmt, const_tree node) ++{ ++ const_tree type; ++ tree new_type; ++ ++ gcc_assert(node != NULL_TREE); ++ ++ type = TREE_TYPE(node); ++ ++ if (pointer_set_contains(visited->my_stmts, stmt)) ++ return TREE_TYPE(node); ++ ++ switch (TYPE_MODE(type)) { ++ case QImode: ++ new_type = size_overflow_type_HI; ++ break; ++ case HImode: ++ new_type = size_overflow_type_SI; ++ break; ++ case SImode: ++ new_type = size_overflow_type_DI; ++ break; ++ case DImode: ++ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) ++ new_type = TYPE_UNSIGNED(type) ? unsigned_intDI_type_node : intDI_type_node; ++ else ++ new_type = size_overflow_type_TI; ++ break; ++ case TImode: ++ gcc_assert(!TYPE_UNSIGNED(type)); ++ new_type = size_overflow_type_TI; ++ break; ++ default: ++ debug_tree((tree)node); ++ error("%s: unsupported gcc configuration (%qE).", __func__, current_function_decl); ++ gcc_unreachable(); ++ } ++ ++ if (TYPE_QUALS(type) != 0) ++ return build_qualified_type(new_type, TYPE_QUALS(type)); ++ return new_type; ++} ++ ++static tree get_lhs(const_gimple stmt) ++{ ++ switch (gimple_code(stmt)) { ++ case GIMPLE_ASSIGN: ++ case GIMPLE_CALL: ++ return gimple_get_lhs(stmt); ++ case GIMPLE_PHI: ++ return gimple_phi_result(stmt); ++ default: ++ return NULL_TREE; ++ } ++} ++ ++static tree cast_to_new_size_overflow_type(struct visited *visited, gimple stmt, tree rhs, tree size_overflow_type, bool before) ++{ ++ gimple_stmt_iterator gsi; ++ tree lhs; ++ gimple new_stmt; ++ ++ if (rhs == NULL_TREE) ++ return NULL_TREE; ++ ++ gsi = gsi_for_stmt(stmt); ++ new_stmt = build_cast_stmt(visited, size_overflow_type, rhs, CREATE_NEW_VAR, &gsi, before, false); ++ pointer_set_insert(visited->my_stmts, new_stmt); ++ ++ lhs = get_lhs(new_stmt); ++ gcc_assert(lhs != NULL_TREE); ++ return lhs; ++} ++ ++tree create_assign(struct visited *visited, gimple oldstmt, tree rhs1, bool before) ++{ ++ tree lhs, dst_type; ++ gimple_stmt_iterator gsi; ++ ++ if (rhs1 == NULL_TREE) { ++ debug_gimple_stmt(oldstmt); ++ error("%s: rhs1 is NULL_TREE", __func__); ++ gcc_unreachable(); ++ } ++ ++ switch (gimple_code(oldstmt)) { ++ case GIMPLE_ASM: ++ lhs = rhs1; ++ break; ++ case GIMPLE_CALL: ++ case GIMPLE_ASSIGN: ++ lhs = gimple_get_lhs(oldstmt); ++ break; ++ default: ++ debug_gimple_stmt(oldstmt); ++ gcc_unreachable(); ++ } ++ ++ gsi = gsi_for_stmt(oldstmt); ++ pointer_set_insert(visited->stmts, oldstmt); ++ if (lookup_stmt_eh_lp(oldstmt) != 0) { ++ basic_block next_bb, cur_bb; ++ const_edge e; ++ ++ gcc_assert(before == false); ++ gcc_assert(stmt_can_throw_internal(oldstmt)); ++ gcc_assert(gimple_code(oldstmt) == GIMPLE_CALL); ++ gcc_assert(!gsi_end_p(gsi)); ++ ++ cur_bb = gimple_bb(oldstmt); ++ next_bb = cur_bb->next_bb; ++ e = find_edge(cur_bb, next_bb); ++ gcc_assert(e != NULL); ++ gcc_assert(e->flags & EDGE_FALLTHRU); ++ ++ gsi = gsi_after_labels(next_bb); ++ gcc_assert(!gsi_end_p(gsi)); ++ ++ before = true; ++ oldstmt = gsi_stmt(gsi); ++ } ++ ++ dst_type = get_size_overflow_type(visited, oldstmt, lhs); ++ ++ if (is_gimple_constant(rhs1)) ++ return cast_a_tree(dst_type, rhs1); ++ return cast_to_new_size_overflow_type(visited, oldstmt, rhs1, dst_type, before); ++} ++ ++tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) ++{ ++ gimple stmt; ++ gimple_stmt_iterator gsi; ++ tree size_overflow_type, new_var, lhs = gimple_assign_lhs(oldstmt); ++ ++ if (pointer_set_contains(visited->my_stmts, oldstmt)) ++ return lhs; ++ ++ if (gimple_num_ops(oldstmt) != 4 && rhs1 == NULL_TREE) { ++ rhs1 = gimple_assign_rhs1(oldstmt); ++ rhs1 = create_assign(visited, oldstmt, rhs1, BEFORE_STMT); ++ } ++ if (gimple_num_ops(oldstmt) == 3 && rhs2 == NULL_TREE) { ++ rhs2 = gimple_assign_rhs2(oldstmt); ++ rhs2 = create_assign(visited, oldstmt, rhs2, BEFORE_STMT); ++ } ++ ++ stmt = gimple_copy(oldstmt); ++ gimple_set_location(stmt, gimple_location(oldstmt)); ++ pointer_set_insert(visited->my_stmts, stmt); ++ ++ if (gimple_assign_rhs_code(oldstmt) == WIDEN_MULT_EXPR) ++ gimple_assign_set_rhs_code(stmt, MULT_EXPR); ++ ++ size_overflow_type = get_size_overflow_type(visited, oldstmt, node); ++ ++ new_var = create_new_var(size_overflow_type); ++ new_var = make_ssa_name(new_var, stmt); ++ gimple_assign_set_lhs(stmt, new_var); ++ ++ if (rhs1 != NULL_TREE) ++ gimple_assign_set_rhs1(stmt, rhs1); ++ ++ if (rhs2 != NULL_TREE) ++ gimple_assign_set_rhs2(stmt, rhs2); ++#if BUILDING_GCC_VERSION >= 4006 ++ if (rhs3 != NULL_TREE) ++ gimple_assign_set_rhs3(stmt, rhs3); ++#endif ++ gimple_set_vuse(stmt, gimple_vuse(oldstmt)); ++ gimple_set_vdef(stmt, gimple_vdef(oldstmt)); ++ ++ gsi = gsi_for_stmt(oldstmt); ++ gsi_insert_after(&gsi, stmt, GSI_SAME_STMT); ++ update_stmt(stmt); ++ pointer_set_insert(visited->stmts, oldstmt); ++ return gimple_assign_lhs(stmt); ++} ++ ++static tree cast_parm_decl(struct visited *visited, tree phi_ssa_name, tree arg, tree size_overflow_type, basic_block bb) ++{ ++ gimple assign; ++ gimple_stmt_iterator gsi; ++ basic_block first_bb; ++ ++ gcc_assert(SSA_NAME_IS_DEFAULT_DEF(arg)); ++ ++ if (bb->index == 0) { ++ first_bb = split_block_after_labels(ENTRY_BLOCK_PTR_FOR_FN(cfun))->dest; ++ gcc_assert(dom_info_available_p(CDI_DOMINATORS)); ++ set_immediate_dominator(CDI_DOMINATORS, first_bb, ENTRY_BLOCK_PTR_FOR_FN(cfun)); ++ bb = first_bb; ++ } ++ ++ gsi = gsi_after_labels(bb); ++ assign = build_cast_stmt(visited, size_overflow_type, arg, phi_ssa_name, &gsi, BEFORE_STMT, false); ++ pointer_set_insert(visited->my_stmts, assign); ++ ++ return gimple_assign_lhs(assign); ++} ++ ++static tree use_phi_ssa_name(struct visited *visited, tree ssa_name_var, tree new_arg) ++{ ++ gimple_stmt_iterator gsi; ++ gimple assign, def_stmt = get_def_stmt(new_arg); ++ ++ if (gimple_code(def_stmt) == GIMPLE_PHI) { ++ gsi = gsi_after_labels(gimple_bb(def_stmt)); ++ assign = build_cast_stmt(visited, TREE_TYPE(new_arg), new_arg, ssa_name_var, &gsi, BEFORE_STMT, true); ++ } else { ++ gsi = gsi_for_stmt(def_stmt); ++ assign = build_cast_stmt(visited, TREE_TYPE(new_arg), new_arg, ssa_name_var, &gsi, AFTER_STMT, true); ++ } ++ ++ pointer_set_insert(visited->my_stmts, assign); ++ return gimple_assign_lhs(assign); ++} ++ ++static tree cast_visited_phi_arg(struct visited *visited, tree ssa_name_var, tree arg, tree size_overflow_type) ++{ ++ basic_block bb; ++ gimple_stmt_iterator gsi; ++ const_gimple def_stmt; ++ gimple assign; ++ ++ def_stmt = get_def_stmt(arg); ++ bb = gimple_bb(def_stmt); ++ gcc_assert(bb->index != 0); ++ gsi = gsi_after_labels(bb); ++ ++ assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, BEFORE_STMT, false); ++ pointer_set_insert(visited->my_stmts, assign); ++ return gimple_assign_lhs(assign); ++} ++ ++static tree create_new_phi_arg(struct visited *visited, tree ssa_name_var, tree new_arg, gimple oldstmt, unsigned int i) ++{ ++ tree size_overflow_type; ++ tree arg; ++ const_gimple def_stmt; ++ ++ if (new_arg != NULL_TREE && is_gimple_constant(new_arg)) ++ return new_arg; ++ ++ arg = gimple_phi_arg_def(oldstmt, i); ++ def_stmt = get_def_stmt(arg); ++ gcc_assert(def_stmt != NULL); ++ size_overflow_type = get_size_overflow_type(visited, oldstmt, arg); ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_PHI: ++ return cast_visited_phi_arg(visited, ssa_name_var, arg, size_overflow_type); ++ case GIMPLE_NOP: { ++ basic_block bb; ++ ++ bb = gimple_phi_arg_edge(oldstmt, i)->src; ++ return cast_parm_decl(visited, ssa_name_var, arg, size_overflow_type, bb); ++ } ++ case GIMPLE_ASM: { ++ gimple_stmt_iterator gsi; ++ gimple assign, stmt = get_def_stmt(arg); ++ ++ gsi = gsi_for_stmt(stmt); ++ assign = build_cast_stmt(visited, size_overflow_type, arg, ssa_name_var, &gsi, AFTER_STMT, false); ++ pointer_set_insert(visited->my_stmts, assign); ++ return gimple_assign_lhs(assign); ++ } ++ default: ++ gcc_assert(new_arg != NULL_TREE); ++ gcc_assert(types_compatible_p(TREE_TYPE(new_arg), size_overflow_type)); ++ return use_phi_ssa_name(visited, ssa_name_var, new_arg); ++ } ++} ++ ++static gimple overflow_create_phi_node(struct visited *visited, gimple oldstmt, tree result) ++{ ++ basic_block bb; ++ gimple phi; ++ gimple_seq seq; ++ gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); ++ ++ bb = gsi_bb(gsi); ++ ++ if (result == NULL_TREE) { ++ tree old_result = gimple_phi_result(oldstmt); ++ tree size_overflow_type = get_size_overflow_type(visited, oldstmt, old_result); ++ ++ result = create_new_var(size_overflow_type); ++ } ++ ++ phi = create_phi_node(result, bb); ++ gimple_phi_set_result(phi, make_ssa_name(result, phi)); ++ seq = phi_nodes(bb); ++ gsi = gsi_last(seq); ++ gsi_remove(&gsi, false); ++ ++ gsi = gsi_for_stmt(oldstmt); ++ gsi_insert_after(&gsi, phi, GSI_NEW_STMT); ++ gimple_set_bb(phi, bb); ++ return phi; ++} ++ ++#if BUILDING_GCC_VERSION <= 4007 ++static tree create_new_phi_node(struct visited *visited, VEC(tree, heap) **args, tree ssa_name_var, gimple oldstmt) ++#else ++static tree create_new_phi_node(struct visited *visited, vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gimple oldstmt) ++#endif ++{ ++ gimple new_phi; ++ unsigned int i; ++ tree arg, result; ++ location_t loc = gimple_location(oldstmt); ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ gcc_assert(!VEC_empty(tree, *args)); ++#else ++ gcc_assert(!args->is_empty()); ++#endif ++ ++ new_phi = overflow_create_phi_node(visited, oldstmt, ssa_name_var); ++ result = gimple_phi_result(new_phi); ++ ssa_name_var = SSA_NAME_VAR(result); ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ FOR_EACH_VEC_ELT(tree, *args, i, arg) { ++#else ++ FOR_EACH_VEC_SAFE_ELT(args, i, arg) { ++#endif ++ arg = create_new_phi_arg(visited, ssa_name_var, arg, oldstmt, i); ++ add_phi_arg(new_phi, arg, gimple_phi_arg_edge(oldstmt, i), loc); ++ } ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC_free(tree, heap, *args); ++#else ++ vec_free(args); ++#endif ++ update_stmt(new_phi); ++ pointer_set_insert(visited->my_stmts, new_phi); ++ return result; ++} ++ ++static tree handle_phi(struct visited *visited, struct cgraph_node *caller_node, tree orig_result) ++{ ++ tree ssa_name_var = NULL_TREE; ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC(tree, heap) *args = NULL; ++#else ++ vec<tree, va_heap, vl_embed> *args = NULL; ++#endif ++ gimple oldstmt = get_def_stmt(orig_result); ++ unsigned int i, len = gimple_phi_num_args(oldstmt); ++ ++ pointer_set_insert(visited->stmts, oldstmt); ++ for (i = 0; i < len; i++) { ++ tree arg, new_arg; ++ ++ arg = gimple_phi_arg_def(oldstmt, i); ++ new_arg = expand(visited, caller_node, arg); ++ ++ if (ssa_name_var == NULL_TREE && new_arg != NULL_TREE) ++ ssa_name_var = SSA_NAME_VAR(new_arg); ++ ++ if (is_gimple_constant(arg)) { ++ tree size_overflow_type = get_size_overflow_type(visited, oldstmt, arg); ++ ++ new_arg = cast_a_tree(size_overflow_type, arg); ++ } ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC_safe_push(tree, heap, args, new_arg); ++#else ++ vec_safe_push(args, new_arg); ++#endif ++ } ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ return create_new_phi_node(visited, &args, ssa_name_var, oldstmt); ++#else ++ return create_new_phi_node(visited, args, ssa_name_var, oldstmt); ++#endif ++} ++ ++static tree create_cast_assign(struct visited *visited, gimple stmt) ++{ ++ tree rhs1 = gimple_assign_rhs1(stmt); ++ tree lhs = gimple_assign_lhs(stmt); ++ const_tree rhs1_type = TREE_TYPE(rhs1); ++ const_tree lhs_type = TREE_TYPE(lhs); ++ ++ if (TYPE_UNSIGNED(rhs1_type) == TYPE_UNSIGNED(lhs_type)) ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ return create_assign(visited, stmt, rhs1, AFTER_STMT); ++} ++ ++static bool skip_lhs_cast_check(const_gimple stmt) ++{ ++ const_tree rhs = gimple_assign_rhs1(stmt); ++ const_gimple def_stmt = get_def_stmt(rhs); ++ ++ // 3.8.2 kernel/futex_compat.c compat_exit_robust_list(): get_user() 64 ulong -> int (compat_long_t), int max ++ if (gimple_code(def_stmt) == GIMPLE_ASM) ++ return true; ++ ++ if (is_const_plus_unsigned_signed_truncation(rhs)) ++ return true; ++ ++ return false; ++} ++ ++static tree create_string_param(tree string) ++{ ++ tree i_type, a_type; ++ const int length = TREE_STRING_LENGTH(string); ++ ++ gcc_assert(length > 0); ++ ++ i_type = build_index_type(build_int_cst(NULL_TREE, length - 1)); ++ a_type = build_array_type(char_type_node, i_type); ++ ++ TREE_TYPE(string) = a_type; ++ TREE_CONSTANT(string) = 1; ++ TREE_READONLY(string) = 1; ++ ++ return build1(ADDR_EXPR, ptr_type_node, string); ++} ++ ++static void insert_cond(basic_block cond_bb, tree arg, enum tree_code cond_code, tree type_value) ++{ ++ gimple cond_stmt; ++ gimple_stmt_iterator gsi = gsi_last_bb(cond_bb); ++ ++ cond_stmt = gimple_build_cond(cond_code, arg, type_value, NULL_TREE, NULL_TREE); ++ gsi_insert_after(&gsi, cond_stmt, GSI_CONTINUE_LINKING); ++ update_stmt(cond_stmt); ++} ++ ++static void insert_cond_result(struct cgraph_node *caller_node, basic_block bb_true, const_gimple stmt, const_tree arg, bool min) ++{ ++ gimple func_stmt; ++ const_gimple def_stmt; ++ const_tree loc_line; ++ tree loc_file, ssa_name, current_func; ++ expanded_location xloc; ++ char *ssa_name_buf; ++ int len; ++ struct cgraph_edge *edge; ++ struct cgraph_node *callee_node; ++ int frequency; ++ gimple_stmt_iterator gsi = gsi_start_bb(bb_true); ++ ++ def_stmt = get_def_stmt(arg); ++ xloc = expand_location(gimple_location(def_stmt)); ++ ++ if (!gimple_has_location(def_stmt)) { ++ xloc = expand_location(gimple_location(stmt)); ++ if (!gimple_has_location(stmt)) ++ xloc = expand_location(DECL_SOURCE_LOCATION(current_function_decl)); ++ } ++ ++ loc_line = build_int_cstu(unsigned_type_node, xloc.line); ++ ++ loc_file = build_string(strlen(xloc.file) + 1, xloc.file); ++ loc_file = create_string_param(loc_file); ++ ++ current_func = build_string(DECL_NAME_LENGTH(current_function_decl) + 1, DECL_NAME_POINTER(current_function_decl)); ++ current_func = create_string_param(current_func); ++ ++ gcc_assert(DECL_NAME(SSA_NAME_VAR(arg)) != NULL); ++ call_count++; ++ len = asprintf(&ssa_name_buf, "%s_%u %s, count: %u\n", DECL_NAME_POINTER(SSA_NAME_VAR(arg)), SSA_NAME_VERSION(arg), min ? "min" : "max", call_count); ++ gcc_assert(len > 0); ++ ssa_name = build_string(len + 1, ssa_name_buf); ++ free(ssa_name_buf); ++ ssa_name = create_string_param(ssa_name); ++ ++ // void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name) ++ func_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); ++ gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING); ++ ++ callee_node = cgraph_get_create_node(report_size_overflow_decl); ++ frequency = compute_call_stmt_bb_frequency(current_function_decl, bb_true); ++ ++ edge = cgraph_create_edge(caller_node, callee_node, func_stmt, bb_true->count, frequency, bb_true->loop_depth); ++ gcc_assert(edge != NULL); ++} ++ ++static void insert_check_size_overflow(struct cgraph_node *caller_node, gimple stmt, enum tree_code cond_code, tree arg, tree type_value, bool before, bool min) ++{ ++ basic_block cond_bb, join_bb, bb_true; ++ edge e; ++ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); ++ ++ cond_bb = gimple_bb(stmt); ++ if (before) ++ gsi_prev(&gsi); ++ if (gsi_end_p(gsi)) ++ e = split_block_after_labels(cond_bb); ++ else ++ e = split_block(cond_bb, gsi_stmt(gsi)); ++ cond_bb = e->src; ++ join_bb = e->dest; ++ e->flags = EDGE_FALSE_VALUE; ++ e->probability = REG_BR_PROB_BASE; ++ ++ bb_true = create_empty_bb(cond_bb); ++ make_edge(cond_bb, bb_true, EDGE_TRUE_VALUE); ++ make_edge(cond_bb, join_bb, EDGE_FALSE_VALUE); ++ make_edge(bb_true, join_bb, EDGE_FALLTHRU); ++ ++ gcc_assert(dom_info_available_p(CDI_DOMINATORS)); ++ set_immediate_dominator(CDI_DOMINATORS, bb_true, cond_bb); ++ set_immediate_dominator(CDI_DOMINATORS, join_bb, cond_bb); ++ ++ if (current_loops != NULL) { ++ gcc_assert(cond_bb->loop_father == join_bb->loop_father); ++ add_bb_to_loop(bb_true, cond_bb->loop_father); ++ } ++ ++ insert_cond(cond_bb, arg, cond_code, type_value); ++ insert_cond_result(caller_node, bb_true, stmt, arg, min); ++ ++// print_the_code_insertions(stmt); ++} ++ ++void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before) ++{ ++ const_tree rhs_type = TREE_TYPE(rhs); ++ tree cast_rhs_type, type_max_type, type_min_type, type_max, type_min; ++ ++ gcc_assert(rhs_type != NULL_TREE); ++ if (TREE_CODE(rhs_type) == POINTER_TYPE) ++ return; ++ ++ gcc_assert(TREE_CODE(rhs_type) == INTEGER_TYPE || TREE_CODE(rhs_type) == ENUMERAL_TYPE); ++ ++ if (is_const_plus_unsigned_signed_truncation(rhs)) ++ return; ++ ++ type_max = cast_a_tree(size_overflow_type, TYPE_MAX_VALUE(rhs_type)); ++ // typemax (-1) < typemin (0) ++ if (TREE_OVERFLOW(type_max)) ++ return; ++ ++ type_min = cast_a_tree(size_overflow_type, TYPE_MIN_VALUE(rhs_type)); ++ ++ cast_rhs_type = TREE_TYPE(cast_rhs); ++ type_max_type = TREE_TYPE(type_max); ++ gcc_assert(types_compatible_p(cast_rhs_type, type_max_type)); ++ ++ insert_check_size_overflow(caller_node, stmt, GT_EXPR, cast_rhs, type_max, before, MAX_CHECK); ++ ++ // special case: get_size_overflow_type(), 32, u64->s ++ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && TYPE_UNSIGNED(size_overflow_type) && !TYPE_UNSIGNED(rhs_type)) ++ return; ++ ++ type_min_type = TREE_TYPE(type_min); ++ gcc_assert(types_compatible_p(type_max_type, type_min_type)); ++ insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK); ++} ++ ++static tree create_cast_overflow_check(struct visited *visited, struct cgraph_node *caller_node, tree new_rhs1, gimple stmt) ++{ ++ bool cast_lhs, cast_rhs; ++ tree lhs = gimple_assign_lhs(stmt); ++ tree rhs = gimple_assign_rhs1(stmt); ++ const_tree lhs_type = TREE_TYPE(lhs); ++ const_tree rhs_type = TREE_TYPE(rhs); ++ enum machine_mode lhs_mode = TYPE_MODE(lhs_type); ++ enum machine_mode rhs_mode = TYPE_MODE(rhs_type); ++ unsigned int lhs_size = GET_MODE_BITSIZE(lhs_mode); ++ unsigned int rhs_size = GET_MODE_BITSIZE(rhs_mode); ++ ++ static bool check_lhs[3][4] = { ++ // ss su us uu ++ { false, true, true, false }, // lhs > rhs ++ { false, false, false, false }, // lhs = rhs ++ { true, true, true, true }, // lhs < rhs ++ }; ++ ++ static bool check_rhs[3][4] = { ++ // ss su us uu ++ { true, false, true, true }, // lhs > rhs ++ { true, false, true, true }, // lhs = rhs ++ { true, false, true, true }, // lhs < rhs ++ }; ++ ++ // skip lhs check on signed SI -> HI cast or signed SI -> QI cast !!!! ++ if (rhs_mode == SImode && !TYPE_UNSIGNED(rhs_type) && (lhs_mode == HImode || lhs_mode == QImode)) ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ if (lhs_size > rhs_size) { ++ cast_lhs = check_lhs[0][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ cast_rhs = check_rhs[0][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ } else if (lhs_size == rhs_size) { ++ cast_lhs = check_lhs[1][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ cast_rhs = check_rhs[1][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ } else { ++ cast_lhs = check_lhs[2][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ cast_rhs = check_rhs[2][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; ++ } ++ ++ if (!cast_lhs && !cast_rhs) ++ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); ++ ++ if (cast_lhs && !skip_lhs_cast_check(stmt)) ++ check_size_overflow(caller_node, stmt, TREE_TYPE(new_rhs1), new_rhs1, lhs, BEFORE_STMT); ++ ++ if (cast_rhs) ++ check_size_overflow(caller_node, stmt, TREE_TYPE(new_rhs1), new_rhs1, rhs, BEFORE_STMT); ++ ++ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); ++} ++ ++static tree handle_unary_rhs(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++{ ++ enum tree_code rhs_code; ++ tree rhs1, new_rhs1, lhs = gimple_assign_lhs(stmt); ++ ++ if (pointer_set_contains(visited->my_stmts, stmt)) ++ return lhs; ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ if (TREE_CODE(TREE_TYPE(rhs1)) == POINTER_TYPE) ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ new_rhs1 = expand(visited, caller_node, rhs1); ++ ++ if (new_rhs1 == NULL_TREE) ++ return create_cast_assign(visited, stmt); ++ ++ if (pointer_set_contains(visited->no_cast_check, stmt)) ++ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); ++ ++ rhs_code = gimple_assign_rhs_code(stmt); ++ if (rhs_code == BIT_NOT_EXPR || rhs_code == NEGATE_EXPR) { ++ tree size_overflow_type = get_size_overflow_type(visited, stmt, rhs1); ++ ++ new_rhs1 = cast_to_new_size_overflow_type(visited, stmt, new_rhs1, size_overflow_type, BEFORE_STMT); ++ check_size_overflow(caller_node, stmt, size_overflow_type, new_rhs1, rhs1, BEFORE_STMT); ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ } ++ ++ if (!gimple_assign_cast_p(stmt)) ++ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); ++ ++ return create_cast_overflow_check(visited, caller_node, new_rhs1, stmt); ++} ++ ++static tree handle_unary_ops(struct visited *visited, struct cgraph_node *caller_node, gimple stmt) ++{ ++ tree rhs1, lhs = gimple_assign_lhs(stmt); ++ gimple def_stmt = get_def_stmt(lhs); ++ ++ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP); ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ ++ if (is_gimple_constant(rhs1)) ++ return create_assign(visited, def_stmt, lhs, AFTER_STMT); ++ ++ switch (TREE_CODE(rhs1)) { ++ case SSA_NAME: { ++ tree ret = handle_unary_rhs(visited, caller_node, def_stmt); ++ ++ if (gimple_assign_cast_p(stmt)) ++ unsigned_signed_cast_intentional_overflow(visited, stmt); ++ return ret; ++ } ++ case ARRAY_REF: ++ case BIT_FIELD_REF: ++ case ADDR_EXPR: ++ case COMPONENT_REF: ++ case INDIRECT_REF: ++#if BUILDING_GCC_VERSION >= 4006 ++ case MEM_REF: ++#endif ++ case TARGET_MEM_REF: ++ case VIEW_CONVERT_EXPR: ++ return create_assign(visited, def_stmt, lhs, AFTER_STMT); ++ case PARM_DECL: ++ case VAR_DECL: ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ default: ++ debug_gimple_stmt(def_stmt); ++ debug_tree(rhs1); ++ gcc_unreachable(); ++ } ++} ++ ++static void __unused print_the_code_insertions(const_gimple stmt) ++{ ++ location_t loc = gimple_location(stmt); ++ ++ inform(loc, "Integer size_overflow check applied here."); ++} ++ ++static tree handle_binary_ops(struct visited *visited, struct cgraph_node *caller_node, tree lhs) ++{ ++ enum intentional_overflow_type res; ++ tree rhs1, rhs2, new_lhs; ++ gimple def_stmt = get_def_stmt(lhs); ++ tree new_rhs1 = NULL_TREE; ++ tree new_rhs2 = NULL_TREE; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ ++ /* no DImode/TImode division in the 32/64 bit kernel */ ++ switch (gimple_assign_rhs_code(def_stmt)) { ++ case RDIV_EXPR: ++ case TRUNC_DIV_EXPR: ++ case CEIL_DIV_EXPR: ++ case FLOOR_DIV_EXPR: ++ case ROUND_DIV_EXPR: ++ case TRUNC_MOD_EXPR: ++ case CEIL_MOD_EXPR: ++ case FLOOR_MOD_EXPR: ++ case ROUND_MOD_EXPR: ++ case EXACT_DIV_EXPR: ++ case POINTER_PLUS_EXPR: ++ case BIT_AND_EXPR: ++ return create_assign(visited, def_stmt, lhs, AFTER_STMT); ++ default: ++ break; ++ } ++ ++ new_lhs = handle_integer_truncation(visited, caller_node, lhs); ++ if (new_lhs != NULL_TREE) ++ return new_lhs; ++ ++ if (TREE_CODE(rhs1) == SSA_NAME) ++ new_rhs1 = expand(visited, caller_node, rhs1); ++ if (TREE_CODE(rhs2) == SSA_NAME) ++ new_rhs2 = expand(visited, caller_node, rhs2); ++ ++ res = add_mul_intentional_overflow(def_stmt); ++ if (res != NO_INTENTIONAL_OVERFLOW) { ++ new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); ++ insert_cast_expr(visited, get_def_stmt(new_lhs), res); ++ return new_lhs; ++ } ++ ++ if (skip_expr_on_double_type(def_stmt)) { ++ new_lhs = dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); ++ insert_cast_expr(visited, get_def_stmt(new_lhs), NO_INTENTIONAL_OVERFLOW); ++ return new_lhs; ++ } ++ ++ if (is_a_neg_overflow(def_stmt, rhs2)) ++ return handle_intentional_overflow(visited, caller_node, true, def_stmt, new_rhs1, NULL_TREE); ++ if (is_a_neg_overflow(def_stmt, rhs1)) ++ return handle_intentional_overflow(visited, caller_node, true, def_stmt, new_rhs2, new_rhs2); ++ ++ ++ if (is_a_constant_overflow(def_stmt, rhs2)) ++ return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs1), def_stmt, new_rhs1, NULL_TREE); ++ if (is_a_constant_overflow(def_stmt, rhs1)) ++ return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs2), def_stmt, new_rhs2, new_rhs2); ++ ++ // the const is between 0 and (signed) MAX ++ if (is_gimple_constant(rhs1)) ++ new_rhs1 = create_assign(visited, def_stmt, rhs1, BEFORE_STMT); ++ if (is_gimple_constant(rhs2)) ++ new_rhs2 = create_assign(visited, def_stmt, rhs2, BEFORE_STMT); ++ ++ return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); ++} ++ ++#if BUILDING_GCC_VERSION >= 4006 ++static tree get_new_rhs(struct visited *visited, struct cgraph_node *caller_node, tree size_overflow_type, tree rhs) ++{ ++ if (is_gimple_constant(rhs)) ++ return cast_a_tree(size_overflow_type, rhs); ++ if (TREE_CODE(rhs) != SSA_NAME) ++ return NULL_TREE; ++ return expand(visited, caller_node, rhs); ++} ++ ++static tree handle_ternary_ops(struct visited *visited, struct cgraph_node *caller_node, tree lhs) ++{ ++ tree rhs1, rhs2, rhs3, new_rhs1, new_rhs2, new_rhs3, size_overflow_type; ++ gimple def_stmt = get_def_stmt(lhs); ++ ++ size_overflow_type = get_size_overflow_type(visited, def_stmt, lhs); ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ rhs3 = gimple_assign_rhs3(def_stmt); ++ new_rhs1 = get_new_rhs(visited, caller_node, size_overflow_type, rhs1); ++ new_rhs2 = get_new_rhs(visited, caller_node, size_overflow_type, rhs2); ++ new_rhs3 = get_new_rhs(visited, caller_node, size_overflow_type, rhs3); ++ ++ return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, new_rhs3); ++} ++#endif ++ ++static tree get_my_stmt_lhs(struct visited *visited, gimple stmt) ++{ ++ gimple_stmt_iterator gsi; ++ gimple next_stmt = NULL; ++ ++ gsi = gsi_for_stmt(stmt); ++ ++ do { ++ gsi_next(&gsi); ++ next_stmt = gsi_stmt(gsi); ++ ++ if (gimple_code(stmt) == GIMPLE_PHI && !pointer_set_contains(visited->my_stmts, next_stmt)) ++ return NULL_TREE; ++ ++ if (pointer_set_contains(visited->my_stmts, next_stmt) && !pointer_set_contains(visited->skip_expr_casts, next_stmt)) ++ break; ++ ++ gcc_assert(pointer_set_contains(visited->my_stmts, next_stmt)); ++ } while (!gsi_end_p(gsi)); ++ ++ gcc_assert(next_stmt); ++ return get_lhs(next_stmt); ++} ++ ++static tree expand_visited(struct visited *visited, gimple def_stmt) ++{ ++ gimple_stmt_iterator gsi; ++ enum gimple_code code = gimple_code(def_stmt); ++ ++ if (code == GIMPLE_ASM) ++ return NULL_TREE; ++ ++ gsi = gsi_for_stmt(def_stmt); ++ gsi_next(&gsi); ++ ++ if (gimple_code(def_stmt) == GIMPLE_PHI && gsi_end_p(gsi)) ++ return NULL_TREE; ++ return get_my_stmt_lhs(visited, def_stmt); ++} ++ ++tree expand(struct visited *visited, struct cgraph_node *caller_node, tree lhs) ++{ ++ gimple def_stmt; ++ ++ def_stmt = get_def_stmt(lhs); ++ ++ if (!def_stmt || gimple_code(def_stmt) == GIMPLE_NOP) ++ return NULL_TREE; ++ ++ if (pointer_set_contains(visited->my_stmts, def_stmt)) ++ return lhs; ++ ++ if (pointer_set_contains(visited->stmts, def_stmt)) ++ return expand_visited(visited, def_stmt); ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_PHI: ++ return handle_phi(visited, caller_node, lhs); ++ case GIMPLE_CALL: ++ case GIMPLE_ASM: ++ return create_assign(visited, def_stmt, lhs, AFTER_STMT); ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ return handle_unary_ops(visited, caller_node, def_stmt); ++ case 3: ++ return handle_binary_ops(visited, caller_node, lhs); ++#if BUILDING_GCC_VERSION >= 4006 ++ case 4: ++ return handle_ternary_ops(visited, caller_node, lhs); ++#endif ++ } ++ default: ++ debug_gimple_stmt(def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ +diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c +new file mode 100644 +index 0000000..f8f5dd5 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_check_ipa.c +@@ -0,0 +1,1133 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++#define VEC_LEN 128 ++#define RET_CHECK NULL_TREE ++#define WRONG_NODE 32 ++#define NOT_INTENTIONAL_ASM NULL ++ ++unsigned int call_count; ++ ++static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs); ++static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs); ++ ++struct visited_fns { ++ struct visited_fns *next; ++ const_tree fndecl; ++ unsigned int num; ++ const_gimple first_stmt; ++}; ++ ++struct next_cgraph_node { ++ struct next_cgraph_node *next; ++ struct cgraph_node *current_function; ++ tree callee_fndecl; ++ unsigned int num; ++}; ++ ++// Don't want to duplicate entries in next_cgraph_node ++static bool is_in_next_cgraph_node(struct next_cgraph_node *head, struct cgraph_node *node, const_tree fndecl, unsigned int num) ++{ ++ const_tree new_callee_fndecl; ++ struct next_cgraph_node *cur_node; ++ ++ if (fndecl == RET_CHECK) ++ new_callee_fndecl = NODE_DECL(node); ++ else ++ new_callee_fndecl = fndecl; ++ ++ for (cur_node = head; cur_node; cur_node = cur_node->next) { ++ if (!operand_equal_p(NODE_DECL(cur_node->current_function), NODE_DECL(node), 0)) ++ continue; ++ if (!operand_equal_p(cur_node->callee_fndecl, new_callee_fndecl, 0)) ++ continue; ++ if (num == cur_node->num) ++ return true; ++ } ++ return false; ++} ++ ++/* Add a next_cgraph_node into the list for handle_function(). ++ * handle_function() iterates over all the next cgraph nodes and ++ * starts the overflow check insertion process. ++ */ ++static struct next_cgraph_node *create_new_next_cgraph_node(struct next_cgraph_node *head, struct cgraph_node *node, tree fndecl, unsigned int num) ++{ ++ struct next_cgraph_node *new_node; ++ ++ if (is_in_next_cgraph_node(head, node, fndecl, num)) ++ return head; ++ ++ new_node = (struct next_cgraph_node *)xmalloc(sizeof(*new_node)); ++ new_node->current_function = node; ++ new_node->next = NULL; ++ new_node->num = num; ++ if (fndecl == RET_CHECK) ++ new_node->callee_fndecl = NODE_DECL(node); ++ else ++ new_node->callee_fndecl = fndecl; ++ ++ if (!head) ++ return new_node; ++ ++ new_node->next = head; ++ return new_node; ++} ++ ++static struct next_cgraph_node *create_new_next_cgraph_nodes(struct next_cgraph_node *head, struct cgraph_node *node, unsigned int num) ++{ ++ struct cgraph_edge *e; ++ ++ if (num == 0) ++ return create_new_next_cgraph_node(head, node, RET_CHECK, num); ++ ++ for (e = node->callers; e; e = e->next_caller) { ++ tree fndecl = gimple_call_fndecl(e->call_stmt); ++ ++ gcc_assert(fndecl != NULL_TREE); ++ head = create_new_next_cgraph_node(head, e->caller, fndecl, num); ++ } ++ ++ return head; ++} ++ ++struct missing_functions { ++ struct missing_functions *next; ++ const_tree node; ++ tree fndecl; ++}; ++ ++static struct missing_functions *create_new_missing_function(struct missing_functions *missing_fn_head, tree node) ++{ ++ struct missing_functions *new_function; ++ ++ new_function = (struct missing_functions *)xmalloc(sizeof(*new_function)); ++ new_function->node = node; ++ new_function->next = NULL; ++ ++ if (TREE_CODE(node) == FUNCTION_DECL) ++ new_function->fndecl = node; ++ else ++ new_function->fndecl = current_function_decl; ++ gcc_assert(new_function->fndecl); ++ ++ if (!missing_fn_head) ++ return new_function; ++ ++ new_function->next = missing_fn_head; ++ return new_function; ++} ++ ++/* If the function is missing from the hash table and it is a static function ++ * then create a next_cgraph_node from it for handle_function() ++ */ ++static struct next_cgraph_node *check_missing_overflow_attribute_and_create_next_node(struct next_cgraph_node *cnodes, struct missing_functions *missing_fn_head) ++{ ++ unsigned int num; ++ const_tree orig_fndecl; ++ struct cgraph_node *next_node = NULL; ++ ++ orig_fndecl = DECL_ORIGIN(missing_fn_head->fndecl); ++ ++ num = get_function_num(missing_fn_head->node, orig_fndecl); ++ if (num == CANNOT_FIND_ARG) ++ return cnodes; ++ ++ if (!is_missing_function(orig_fndecl, num)) ++ return cnodes; ++ ++ next_node = cgraph_get_node(missing_fn_head->fndecl); ++ if (next_node && next_node->local.local) ++ cnodes = create_new_next_cgraph_nodes(cnodes, next_node, num); ++ return cnodes; ++} ++ ++/* Search for missing size_overflow attributes on the last nodes in ipa and collect them ++ * into the next_cgraph_node list. They will be the next interesting returns or callees. ++ */ ++static struct next_cgraph_node *search_overflow_attribute(struct next_cgraph_node *cnodes, struct interesting_node *cur_node) ++{ ++ unsigned int i; ++ tree node; ++ struct missing_functions *cur, *missing_fn_head = NULL; ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, node) { ++#else ++ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, node) { ++#endif ++ switch (TREE_CODE(node)) { ++ case PARM_DECL: ++ if (TREE_CODE(TREE_TYPE(node)) != INTEGER_TYPE) ++ break; ++ case FUNCTION_DECL: ++ missing_fn_head = create_new_missing_function(missing_fn_head, node); ++ break; ++ default: ++ break; ++ } ++ } ++ ++ while (missing_fn_head) { ++ cnodes = check_missing_overflow_attribute_and_create_next_node(cnodes, missing_fn_head); ++ ++ cur = missing_fn_head->next; ++ free(missing_fn_head); ++ missing_fn_head = cur; ++ } ++ ++ return cnodes; ++} ++ ++static void walk_phi_set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree result) ++{ ++ gimple phi = get_def_stmt(result); ++ unsigned int i, n = gimple_phi_num_args(phi); ++ ++ pointer_set_insert(visited, phi); ++ for (i = 0; i < n; i++) { ++ const_tree arg = gimple_phi_arg_def(phi, i); ++ ++ set_conditions(visited, interesting_conditions, arg); ++ } ++} ++ ++enum conditions { ++ FROM_CONST, NOT_UNARY, CAST ++}; ++ ++// Search for constants, cast assignments and binary/ternary assignments ++static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs) ++{ ++ gimple def_stmt = get_def_stmt(lhs); ++ ++ if (is_gimple_constant(lhs)) { ++ interesting_conditions[FROM_CONST] = true; ++ return; ++ } ++ ++ if (!def_stmt) ++ return; ++ ++ if (pointer_set_contains(visited, def_stmt)) ++ return; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ case GIMPLE_CALL: ++ case GIMPLE_ASM: ++ return; ++ case GIMPLE_PHI: ++ return walk_phi_set_conditions(visited, interesting_conditions, lhs); ++ case GIMPLE_ASSIGN: ++ if (gimple_num_ops(def_stmt) == 2) { ++ const_tree rhs = gimple_assign_rhs1(def_stmt); ++ ++ if (gimple_assign_cast_p(def_stmt)) ++ interesting_conditions[CAST] = true; ++ ++ return set_conditions(visited, interesting_conditions, rhs); ++ } else { ++ interesting_conditions[NOT_UNARY] = true; ++ return; ++ } ++ default: ++ debug_gimple_stmt(def_stmt); ++ gcc_unreachable(); ++ } ++} ++ ++// determine whether duplication will be necessary or not. ++static void search_interesting_conditions(struct interesting_node *cur_node, bool *interesting_conditions) ++{ ++ struct pointer_set_t *visited; ++ ++ if (gimple_assign_cast_p(cur_node->first_stmt)) ++ interesting_conditions[CAST] = true; ++ else if (is_gimple_assign(cur_node->first_stmt) && gimple_num_ops(cur_node->first_stmt) > 2) ++ interesting_conditions[NOT_UNARY] = true; ++ ++ visited = pointer_set_create(); ++ set_conditions(visited, interesting_conditions, cur_node->node); ++ pointer_set_destroy(visited); ++} ++ ++// Remove the size_overflow asm stmt and create an assignment from the input and output of the asm ++static void replace_size_overflow_asm_with_assign(gimple asm_stmt, tree lhs, tree rhs) ++{ ++ gimple assign; ++ gimple_stmt_iterator gsi; ++ ++ // already removed ++ if (gimple_bb(asm_stmt) == NULL) ++ return; ++ gsi = gsi_for_stmt(asm_stmt); ++ ++ assign = gimple_build_assign(lhs, rhs); ++ gsi_insert_before(&gsi, assign, GSI_SAME_STMT); ++ SSA_NAME_DEF_STMT(lhs) = assign; ++ ++ gsi_remove(&gsi, true); ++} ++ ++/* Get the fndecl of an interesting stmt, the fndecl is the caller function if the interesting ++ * stmt is a return otherwise it is the callee function. ++ */ ++const_tree get_interesting_orig_fndecl(const_gimple stmt, unsigned int argnum) ++{ ++ const_tree fndecl; ++ ++ if (argnum == 0) ++ fndecl = current_function_decl; ++ else ++ fndecl = gimple_call_fndecl(stmt); ++ ++ if (fndecl == NULL_TREE) ++ return NULL_TREE; ++ ++ return DECL_ORIGIN(fndecl); ++} ++ ++// e.g., 3.8.2, 64, arch/x86/ia32/ia32_signal.c copy_siginfo_from_user32(): compat_ptr() u32 max ++static bool skip_asm(const_tree arg) ++{ ++ gimple def_stmt = get_def_stmt(arg); ++ ++ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) ++ return false; ++ ++ def_stmt = get_def_stmt(gimple_assign_rhs1(def_stmt)); ++ return def_stmt && gimple_code(def_stmt) == GIMPLE_ASM; ++} ++ ++static void walk_use_def_phi(struct pointer_set_t *visited, struct interesting_node *cur_node, tree result) ++{ ++ gimple phi = get_def_stmt(result); ++ unsigned int i, n = gimple_phi_num_args(phi); ++ ++ pointer_set_insert(visited, phi); ++ for (i = 0; i < n; i++) { ++ tree arg = gimple_phi_arg_def(phi, i); ++ ++ walk_use_def(visited, cur_node, arg); ++ } ++} ++ ++static void walk_use_def_binary(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++{ ++ gimple def_stmt = get_def_stmt(lhs); ++ tree rhs1, rhs2; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ ++ walk_use_def(visited, cur_node, rhs1); ++ walk_use_def(visited, cur_node, rhs2); ++} ++ ++static void insert_last_node(struct interesting_node *cur_node, tree node) ++{ ++ unsigned int i; ++ tree element; ++ enum tree_code code; ++ ++ gcc_assert(node != NULL_TREE); ++ ++ if (is_gimple_constant(node)) ++ return; ++ ++ code = TREE_CODE(node); ++ if (code == VAR_DECL) { ++ node = DECL_ORIGIN(node); ++ code = TREE_CODE(node); ++ } ++ ++ if (code != PARM_DECL && code != FUNCTION_DECL && code != COMPONENT_REF) ++ return; ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, element) { ++#else ++ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, element) { ++#endif ++ if (operand_equal_p(node, element, 0)) ++ return; ++ } ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ gcc_assert(VEC_length(tree, cur_node->last_nodes) < VEC_LEN); ++ VEC_safe_push(tree, gc, cur_node->last_nodes, node); ++#else ++ gcc_assert(cur_node->last_nodes->length() < VEC_LEN); ++ vec_safe_push(cur_node->last_nodes, node); ++#endif ++} ++ ++// a size_overflow asm stmt in the control flow doesn't stop the recursion ++static void handle_asm_stmt(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs, const_gimple stmt) ++{ ++ if (!is_size_overflow_asm(stmt)) ++ walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); ++} ++ ++/* collect the parm_decls and fndecls (for checking a missing size_overflow attribute (ret or arg) or intentional_overflow) ++ * and component refs (for checking the intentional_overflow attribute). ++ */ ++static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) ++{ ++ const_gimple def_stmt; ++ ++ if (TREE_CODE(lhs) != SSA_NAME) { ++ insert_last_node(cur_node, lhs); ++ return; ++ } ++ ++ def_stmt = get_def_stmt(lhs); ++ if (!def_stmt) ++ return; ++ ++ if (pointer_set_insert(visited, def_stmt)) ++ return; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ return walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); ++ case GIMPLE_ASM: ++ return handle_asm_stmt(visited, cur_node, lhs, def_stmt); ++ case GIMPLE_CALL: { ++ tree fndecl = gimple_call_fndecl(def_stmt); ++ ++ if (fndecl == NULL_TREE) ++ return; ++ insert_last_node(cur_node, fndecl); ++ return; ++ } ++ case GIMPLE_PHI: ++ return walk_use_def_phi(visited, cur_node, lhs); ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ return walk_use_def(visited, cur_node, gimple_assign_rhs1(def_stmt)); ++ case 3: ++ return walk_use_def_binary(visited, cur_node, lhs); ++ } ++ default: ++ debug_gimple_stmt((gimple)def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ ++// Collect all the last nodes for checking the intentional_overflow and size_overflow attributes ++static void set_last_nodes(struct interesting_node *cur_node) ++{ ++ struct pointer_set_t *visited; ++ ++ visited = pointer_set_create(); ++ walk_use_def(visited, cur_node, cur_node->node); ++ pointer_set_destroy(visited); ++} ++ ++enum precond { ++ NO_ATTRIBUTE_SEARCH, NO_CHECK_INSERT, NONE ++}; ++ ++/* If there is a mark_turn_off intentional attribute on the caller or the callee then there is no duplication and missing size_overflow attribute check anywhere. ++ * There is only missing size_overflow attribute checking if the intentional_overflow attribute is the mark_no type. ++ * Stmt duplication is unnecessary if there are no binary/ternary assignements or if the unary assignment isn't a cast. ++ * It skips the possible error codes too. If the def_stmts trace back to a constant and there are no binary/ternary assigments then we assume that it is some kind of error code. ++ */ ++static enum precond check_preconditions(struct interesting_node *cur_node) ++{ ++ bool interesting_conditions[3] = {false, false, false}; ++ ++ set_last_nodes(cur_node); ++ ++ check_intentional_attribute_ipa(cur_node); ++ if (cur_node->intentional_attr_decl == MARK_TURN_OFF || cur_node->intentional_attr_cur_fndecl == MARK_TURN_OFF) ++ return NO_ATTRIBUTE_SEARCH; ++ ++ search_interesting_conditions(cur_node, interesting_conditions); ++ ++ // error code ++ if (interesting_conditions[CAST] && interesting_conditions[FROM_CONST] && !interesting_conditions[NOT_UNARY]) ++ return NO_ATTRIBUTE_SEARCH; ++ ++ // unnecessary overflow check ++ if (!interesting_conditions[CAST] && !interesting_conditions[NOT_UNARY]) ++ return NO_CHECK_INSERT; ++ ++ if (cur_node->intentional_attr_cur_fndecl != MARK_NO) ++ return NO_CHECK_INSERT; ++ ++ return NONE; ++} ++ ++static tree cast_to_orig_type(struct visited *visited, gimple stmt, const_tree orig_node, tree new_node) ++{ ++ const_gimple assign; ++ tree orig_type = TREE_TYPE(orig_node); ++ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); ++ ++ assign = build_cast_stmt(visited, orig_type, new_node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); ++ return gimple_assign_lhs(assign); ++} ++ ++static void change_orig_node(struct visited *visited, struct interesting_node *cur_node, tree new_node) ++{ ++ void (*set_rhs)(gimple, tree); ++ gimple stmt = cur_node->first_stmt; ++ const_tree orig_node = cur_node->node; ++ ++ switch (gimple_code(stmt)) { ++ case GIMPLE_RETURN: ++ gimple_return_set_retval(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ break; ++ case GIMPLE_CALL: ++ gimple_call_set_arg(stmt, cur_node->num - 1, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ break; ++ case GIMPLE_ASSIGN: ++ switch (cur_node->num) { ++ case 1: ++ set_rhs = &gimple_assign_set_rhs1; ++ break; ++ case 2: ++ set_rhs = &gimple_assign_set_rhs2; ++ break; ++#if BUILDING_GCC_VERSION >= 4006 ++ case 3: ++ set_rhs = &gimple_assign_set_rhs3; ++ break; ++#endif ++ default: ++ gcc_unreachable(); ++ } ++ ++ set_rhs(stmt, cast_to_orig_type(visited, stmt, orig_node, new_node)); ++ break; ++ default: ++ debug_gimple_stmt(stmt); ++ gcc_unreachable(); ++ } ++ ++ update_stmt(stmt); ++} ++ ++static struct visited *create_visited(void) ++{ ++ struct visited *new_node; ++ ++ new_node = (struct visited *)xmalloc(sizeof(*new_node)); ++ new_node->stmts = pointer_set_create(); ++ new_node->my_stmts = pointer_set_create(); ++ new_node->skip_expr_casts = pointer_set_create(); ++ new_node->no_cast_check = pointer_set_create(); ++ return new_node; ++} ++ ++static void free_visited(struct visited *visited) ++{ ++ pointer_set_destroy(visited->stmts); ++ pointer_set_destroy(visited->my_stmts); ++ pointer_set_destroy(visited->skip_expr_casts); ++ pointer_set_destroy(visited->no_cast_check); ++ ++ free(visited); ++} ++ ++/* This function calls the main recursion function (expand) that duplicates the stmts. Before that it checks the intentional_overflow attribute and asm stmts, ++ * it decides whether the duplication is necessary or not and it searches for missing size_overflow attributes. After expand() it changes the orig node to the duplicated node ++ * in the original stmt (first stmt) and it inserts the overflow check for the arg of the callee or for the return value. ++ */ ++static struct next_cgraph_node *handle_interesting_stmt(struct visited *visited, struct next_cgraph_node *cnodes, struct interesting_node *cur_node, struct cgraph_node *caller_node) ++{ ++ enum precond ret; ++ tree new_node, orig_node = cur_node->node; ++ ++ ret = check_preconditions(cur_node); ++ if (ret == NO_ATTRIBUTE_SEARCH) ++ return cnodes; ++ ++ cnodes = search_overflow_attribute(cnodes, cur_node); ++ ++ if (ret == NO_CHECK_INSERT) ++ return cnodes; ++ ++ new_node = expand(visited, caller_node, orig_node); ++ if (new_node == NULL_TREE) ++ return cnodes; ++ ++ change_orig_node(visited, cur_node, new_node); ++ check_size_overflow(caller_node, cur_node->first_stmt, TREE_TYPE(new_node), new_node, orig_node, BEFORE_STMT); ++ ++ return cnodes; ++} ++ ++// Check visited_fns interesting nodes. ++static bool is_in_interesting_node(struct interesting_node *head, const_gimple first_stmt, const_tree node, unsigned int num) ++{ ++ struct interesting_node *cur; ++ ++ for (cur = head; cur; cur = cur->next) { ++ if (!operand_equal_p(node, cur->node, 0)) ++ continue; ++ if (num != cur->num) ++ continue; ++ if (first_stmt == cur->first_stmt) ++ return true; ++ } ++ return false; ++} ++ ++/* Create an interesting node. The ipa pass starts to duplicate from these stmts. ++ first_stmt: it is the call or assignment or ret stmt, change_orig_node() will change the original node (retval, or function arg) in this ++ last_nodes: they are the last stmts in the recursion (they haven't a def_stmt). They are useful in the missing size_overflow attribute check and ++ the intentional_overflow attribute check. They are collected by set_last_nodes(). ++ num: arg count of a call stmt or 0 when it is a ret ++ node: the recursion starts from here, it is a call arg or a return value ++ fndecl: the fndecl of the interesting node when the node is an arg. it is the fndecl of the callee function otherwise it is the fndecl of the caller (current_function_fndecl) function. ++ intentional_attr_decl: intentional_overflow attribute of the callee function ++ intentional_attr_cur_fndecl: intentional_overflow attribute of the caller function ++ intentional_mark_from_gimple: the intentional overflow type of size_overflow asm stmt from gimple if it exists ++ */ ++static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gimple asm_stmt) ++{ ++ struct interesting_node *new_node; ++ tree fndecl; ++ enum gimple_code code; ++ ++ gcc_assert(node != NULL_TREE); ++ code = gimple_code(first_stmt); ++ gcc_assert(code == GIMPLE_CALL || code == GIMPLE_ASM || code == GIMPLE_ASSIGN || code == GIMPLE_RETURN); ++ ++ if (num == CANNOT_FIND_ARG) ++ return head; ++ ++ if (skip_types(node)) ++ return head; ++ ++ if (skip_asm(node)) ++ return head; ++ ++ if (is_gimple_call(first_stmt)) ++ fndecl = gimple_call_fndecl(first_stmt); ++ else ++ fndecl = current_function_decl; ++ ++ if (fndecl == NULL_TREE) ++ return head; ++ ++ if (is_in_interesting_node(head, first_stmt, node, num)) ++ return head; ++ ++ new_node = (struct interesting_node *)xmalloc(sizeof(*new_node)); ++ ++ new_node->next = NULL; ++ new_node->first_stmt = first_stmt; ++#if BUILDING_GCC_VERSION <= 4007 ++ new_node->last_nodes = VEC_alloc(tree, gc, VEC_LEN); ++#else ++ vec_alloc(new_node->last_nodes, VEC_LEN); ++#endif ++ new_node->num = num; ++ new_node->node = node; ++ new_node->fndecl = fndecl; ++ new_node->intentional_attr_decl = MARK_NO; ++ new_node->intentional_attr_cur_fndecl = MARK_NO; ++ new_node->intentional_mark_from_gimple = asm_stmt; ++ ++ if (!head) ++ return new_node; ++ ++ new_node->next = head; ++ return new_node; ++} ++ ++/* Check the ret stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). ++ * If the ret stmt is in the next cgraph node list then it's an interesting ret. ++ */ ++static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++{ ++ struct next_cgraph_node *cur_node; ++ tree ret = gimple_return_retval(stmt); ++ ++ if (ret == NULL_TREE) ++ return head; ++ ++ for (cur_node = next_node; cur_node; cur_node = cur_node->next) { ++ if (!operand_equal_p(cur_node->callee_fndecl, DECL_ORIGIN(current_function_decl), 0)) ++ continue; ++ if (cur_node->num == 0) ++ head = create_new_interesting_node(head, stmt, ret, 0, NOT_INTENTIONAL_ASM); ++ } ++ ++ return head; ++} ++ ++/* Check the call stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). ++ * If the call stmt is in the next cgraph node list then it's an interesting call. ++ */ ++static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) ++{ ++ unsigned int argnum; ++ tree arg; ++ const_tree fndecl; ++ struct next_cgraph_node *cur_node; ++ ++ fndecl = gimple_call_fndecl(stmt); ++ if (fndecl == NULL_TREE) ++ return head; ++ ++ for (cur_node = next_node; cur_node; cur_node = cur_node->next) { ++ if (!operand_equal_p(cur_node->callee_fndecl, fndecl, 0)) ++ continue; ++ argnum = get_correct_arg_count(cur_node->num, fndecl); ++ gcc_assert(argnum != CANNOT_FIND_ARG); ++ if (argnum == 0) ++ continue; ++ ++ arg = gimple_call_arg(stmt, argnum - 1); ++ head = create_new_interesting_node(head, stmt, arg, argnum, NOT_INTENTIONAL_ASM); ++ } ++ ++ return head; ++} ++ ++static unsigned int check_ops(const_tree orig_node, const_tree node, unsigned int ret_count) ++{ ++ if (!operand_equal_p(orig_node, node, 0)) ++ return WRONG_NODE; ++ if (skip_types(node)) ++ return WRONG_NODE; ++ return ret_count; ++} ++ ++// Get the index of the rhs node in an assignment ++static unsigned int get_assign_ops_count(const_gimple stmt, tree node) ++{ ++ const_tree rhs1, rhs2; ++ unsigned int ret; ++ ++ gcc_assert(stmt); ++ gcc_assert(is_gimple_assign(stmt)); ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ gcc_assert(rhs1 != NULL_TREE); ++ ++ switch (gimple_num_ops(stmt)) { ++ case 2: ++ return check_ops(node, rhs1, 1); ++ case 3: ++ ret = check_ops(node, rhs1, 1); ++ if (ret != WRONG_NODE) ++ return ret; ++ ++ rhs2 = gimple_assign_rhs2(stmt); ++ gcc_assert(rhs2 != NULL_TREE); ++ return check_ops(node, rhs2, 2); ++ default: ++ gcc_unreachable(); ++ } ++} ++ ++// Find the correct arg number of a call stmt. It is needed when the interesting function is a cloned function. ++static unsigned int find_arg_number_gimple(const_tree arg, const_gimple stmt) ++{ ++ unsigned int i; ++ ++ if (gimple_call_fndecl(stmt) == NULL_TREE) ++ return CANNOT_FIND_ARG; ++ ++ for (i = 0; i < gimple_call_num_args(stmt); i++) { ++ tree node; ++ ++ node = gimple_call_arg(stmt, i); ++ if (!operand_equal_p(arg, node, 0)) ++ continue; ++ if (!skip_types(node)) ++ return i + 1; ++ } ++ ++ return CANNOT_FIND_ARG; ++} ++ ++/* starting from the size_overflow asm stmt collect interesting stmts. They can be ++ * any of return, call or assignment stmts (because of inlining). ++ */ ++static struct interesting_node *get_interesting_ret_or_call(struct pointer_set_t *visited, struct interesting_node *head, tree node, gimple intentional_asm) ++{ ++ use_operand_p use_p; ++ imm_use_iterator imm_iter; ++ unsigned int argnum; ++ ++ gcc_assert(TREE_CODE(node) == SSA_NAME); ++ ++ if (pointer_set_insert(visited, node)) ++ return head; ++ ++ FOR_EACH_IMM_USE_FAST(use_p, imm_iter, node) { ++ gimple stmt = USE_STMT(use_p); ++ ++ if (stmt == NULL) ++ return head; ++ if (is_gimple_debug(stmt)) ++ continue; ++ ++ switch (gimple_code(stmt)) { ++ case GIMPLE_CALL: ++ argnum = find_arg_number_gimple(node, stmt); ++ head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); ++ break; ++ case GIMPLE_RETURN: ++ head = create_new_interesting_node(head, stmt, node, 0, intentional_asm); ++ break; ++ case GIMPLE_ASSIGN: ++ argnum = get_assign_ops_count(stmt, node); ++ head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); ++ break; ++ case GIMPLE_PHI: { ++ tree result = gimple_phi_result(stmt); ++ head = get_interesting_ret_or_call(visited, head, result, intentional_asm); ++ break; ++ } ++ case GIMPLE_ASM: ++ if (gimple_asm_noutputs(stmt) != 0) ++ break; ++ if (!is_size_overflow_asm(stmt)) ++ break; ++ head = create_new_interesting_node(head, stmt, node, 1, intentional_asm); ++ break; ++ case GIMPLE_COND: ++ case GIMPLE_SWITCH: ++ break; ++ default: ++ debug_gimple_stmt(stmt); ++ gcc_unreachable(); ++ break; ++ } ++ } ++ return head; ++} ++ ++static void remove_size_overflow_asm(gimple stmt) ++{ ++ gimple_stmt_iterator gsi; ++ tree input, output; ++ ++ if (!is_size_overflow_asm(stmt)) ++ return; ++ ++ if (gimple_asm_noutputs(stmt) == 0) { ++ gsi = gsi_for_stmt(stmt); ++ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), stmt); ++ gsi_remove(&gsi, true); ++ return; ++ } ++ ++ input = gimple_asm_input_op(stmt, 0); ++ output = gimple_asm_output_op(stmt, 0); ++ replace_size_overflow_asm_with_assign(stmt, TREE_VALUE(output), TREE_VALUE(input)); ++} ++ ++/* handle the size_overflow asm stmts from the gimple pass and collect the interesting stmts. ++ * If the asm stmt is a parm_decl kind (noutputs == 0) then remove it. ++ * If it is a simple asm stmt then replace it with an assignment from the asm input to the asm output. ++ */ ++static struct interesting_node *handle_stmt_by_size_overflow_asm(gimple stmt, struct interesting_node *head) ++{ ++ const_tree output; ++ struct pointer_set_t *visited; ++ gimple intentional_asm = NOT_INTENTIONAL_ASM; ++ ++ if (!is_size_overflow_asm(stmt)) ++ return head; ++ ++ if (is_size_overflow_intentional_asm_yes(stmt) || is_size_overflow_intentional_asm_turn_off(stmt)) ++ intentional_asm = stmt; ++ ++ gcc_assert(gimple_asm_ninputs(stmt) == 1); ++ ++ if (gimple_asm_noutputs(stmt) == 0 && is_size_overflow_intentional_asm_turn_off(stmt)) ++ return head; ++ ++ if (gimple_asm_noutputs(stmt) == 0) { ++ const_tree input; ++ ++ if (!is_size_overflow_intentional_asm_turn_off(stmt)) ++ return head; ++ ++ input = gimple_asm_input_op(stmt, 0); ++ remove_size_overflow_asm(stmt); ++ if (is_gimple_constant(TREE_VALUE(input))) ++ return head; ++ visited = pointer_set_create(); ++ head = get_interesting_ret_or_call(visited, head, TREE_VALUE(input), intentional_asm); ++ pointer_set_destroy(visited); ++ return head; ++ } ++ ++ if (!is_size_overflow_intentional_asm_yes(stmt) && !is_size_overflow_intentional_asm_turn_off(stmt)) ++ remove_size_overflow_asm(stmt); ++ ++ visited = pointer_set_create(); ++ output = gimple_asm_output_op(stmt, 0); ++ head = get_interesting_ret_or_call(visited, head, TREE_VALUE(output), intentional_asm); ++ pointer_set_destroy(visited); ++ return head; ++} ++ ++/* Iterate over all the stmts of a function and look for the size_overflow asm stmts (they were created in the gimple pass) ++ * or a call stmt or a return stmt and store them in the interesting_node list ++ */ ++static struct interesting_node *collect_interesting_stmts(struct next_cgraph_node *next_node) ++{ ++ basic_block bb; ++ struct interesting_node *head = NULL; ++ ++ FOR_ALL_BB_FN(bb, cfun) { ++ gimple_stmt_iterator gsi; ++ ++ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { ++ enum gimple_code code; ++ gimple stmt = gsi_stmt(gsi); ++ ++ code = gimple_code(stmt); ++ ++ if (code == GIMPLE_ASM) ++ head = handle_stmt_by_size_overflow_asm(stmt, head); ++ ++ if (!next_node) ++ continue; ++ if (code == GIMPLE_CALL) ++ head = handle_stmt_by_cgraph_nodes_call(head, stmt, next_node); ++ if (code == GIMPLE_RETURN) ++ head = handle_stmt_by_cgraph_nodes_ret(head, stmt, next_node); ++ } ++ } ++ return head; ++} ++ ++static void free_interesting_node(struct interesting_node *head) ++{ ++ struct interesting_node *cur; ++ ++ while (head) { ++ cur = head->next; ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC_free(tree, gc, head->last_nodes); ++#else ++ vec_free(head->last_nodes); ++#endif ++ free(head); ++ head = cur; ++ } ++} ++ ++static struct visited_fns *insert_visited_fns_function(struct visited_fns *head, struct interesting_node *cur_node) ++{ ++ struct visited_fns *new_visited_fns; ++ ++ new_visited_fns = (struct visited_fns *)xmalloc(sizeof(*new_visited_fns)); ++ new_visited_fns->fndecl = cur_node->fndecl; ++ new_visited_fns->num = cur_node->num; ++ new_visited_fns->first_stmt = cur_node->first_stmt; ++ new_visited_fns->next = NULL; ++ ++ if (!head) ++ return new_visited_fns; ++ ++ new_visited_fns->next = head; ++ return new_visited_fns; ++} ++ ++/* Check whether the function was already visited_fns. If the fndecl, the arg count of the fndecl and the first_stmt (call or return) are same then ++ * it is a visited_fns function. ++ */ ++static bool is_visited_fns_function(struct visited_fns *head, struct interesting_node *cur_node) ++{ ++ struct visited_fns *cur; ++ ++ if (!head) ++ return false; ++ ++ for (cur = head; cur; cur = cur->next) { ++ if (cur_node->first_stmt != cur->first_stmt) ++ continue; ++ if (!operand_equal_p(cur_node->fndecl, cur->fndecl, 0)) ++ continue; ++ if (cur_node->num == cur->num) ++ return true; ++ } ++ return false; ++} ++ ++static void free_next_cgraph_node(struct next_cgraph_node *head) ++{ ++ struct next_cgraph_node *cur; ++ ++ while (head) { ++ cur = head->next; ++ free(head); ++ head = cur; ++ } ++} ++ ++static void remove_all_size_overflow_asm(void) ++{ ++ basic_block bb; ++ ++ FOR_ALL_BB_FN(bb, cfun) { ++ gimple_stmt_iterator si; ++ ++ for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si)) ++ remove_size_overflow_asm(gsi_stmt(si)); ++ } ++} ++ ++/* Main recursive walk of the ipa pass: iterate over the collected interesting stmts in a function ++ * (they are interesting if they have an associated size_overflow asm stmt) and recursively walk ++ * the newly collected interesting functions (they are interesting if there is control flow between ++ * the interesting stmts and them). ++ */ ++static struct visited_fns *handle_function(struct cgraph_node *node, struct next_cgraph_node *next_node, struct visited_fns *visited_fns) ++{ ++ struct visited *visited; ++ struct interesting_node *head, *cur_node; ++ struct next_cgraph_node *cur_cnodes, *cnodes_head = NULL; ++ ++ set_current_function_decl(NODE_DECL(node)); ++ call_count = 0; ++ ++ head = collect_interesting_stmts(next_node); ++ ++ visited = create_visited(); ++ for (cur_node = head; cur_node; cur_node = cur_node->next) { ++ if (is_visited_fns_function(visited_fns, cur_node)) ++ continue; ++ cnodes_head = handle_interesting_stmt(visited, cnodes_head, cur_node, node); ++ visited_fns = insert_visited_fns_function(visited_fns, cur_node); ++ } ++ ++ free_visited(visited); ++ free_interesting_node(head); ++ remove_all_size_overflow_asm(); ++ unset_current_function_decl(); ++ ++ for (cur_cnodes = cnodes_head; cur_cnodes; cur_cnodes = cur_cnodes->next) ++ visited_fns = handle_function(cur_cnodes->current_function, cur_cnodes, visited_fns); ++ ++ free_next_cgraph_node(cnodes_head); ++ return visited_fns; ++} ++ ++static void free_visited_fns(struct visited_fns *head) ++{ ++ struct visited_fns *cur; ++ ++ while (head) { ++ cur = head->next; ++ free(head); ++ head = cur; ++ } ++} ++ ++// Main entry point of the ipa pass: erases the plf flag of all stmts and iterates over all the functions ++unsigned int search_function(void) ++{ ++ struct cgraph_node *node; ++ struct visited_fns *visited_fns = NULL; ++ ++ FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { ++ gcc_assert(cgraph_function_flags_ready); ++#if BUILDING_GCC_VERSION <= 4007 ++ gcc_assert(node->reachable); ++#endif ++ ++ visited_fns = handle_function(node, NULL, visited_fns); ++ } ++ ++ free_visited_fns(visited_fns); ++ return 0; ++} ++ ++#if BUILDING_GCC_VERSION >= 4009 ++static const struct pass_data insert_size_overflow_check_data = { ++#else ++static struct ipa_opt_pass_d insert_size_overflow_check = { ++ .pass = { ++#endif ++ .type = SIMPLE_IPA_PASS, ++ .name = "size_overflow", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif ++#if BUILDING_GCC_VERSION >= 4009 ++ .has_gate = false, ++ .has_execute = true, ++#else ++ .gate = NULL, ++ .execute = search_function, ++ .sub = NULL, ++ .next = NULL, ++ .static_pass_number = 0, ++#endif ++ .tv_id = TV_NONE, ++ .properties_required = 0, ++ .properties_provided = 0, ++ .properties_destroyed = 0, ++ .todo_flags_start = 0, ++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_remove_unused_locals | TODO_ggc_collect | TODO_verify_flow | TODO_dump_cgraph | TODO_dump_func | TODO_update_ssa_no_phi, ++#if BUILDING_GCC_VERSION < 4009 ++ }, ++ .generate_summary = NULL, ++ .write_summary = NULL, ++ .read_summary = NULL, ++#if BUILDING_GCC_VERSION >= 4006 ++ .write_optimization_summary = NULL, ++ .read_optimization_summary = NULL, ++#endif ++ .stmt_fixup = NULL, ++ .function_transform_todo_flags_start = 0, ++ .function_transform = NULL, ++ .variable_transform = NULL, ++#endif ++}; ++ ++#if BUILDING_GCC_VERSION >= 4009 ++namespace { ++class insert_size_overflow_check : public ipa_opt_pass_d { ++public: ++ insert_size_overflow_check() : ipa_opt_pass_d(insert_size_overflow_check_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++ unsigned int execute() { return search_function(); } ++}; ++} ++#endif ++ ++struct opt_pass *make_insert_size_overflow_check(void) ++{ ++#if BUILDING_GCC_VERSION >= 4009 ++ return new insert_size_overflow_check(); ++#else ++ return &insert_size_overflow_check.pass; ++#endif ++} ++ +diff --git a/tools/gcc/size_overflow_plugin/intentional_overflow.c b/tools/gcc/size_overflow_plugin/intentional_overflow.c new file mode 100644 -index 0000000..9529806 +index 0000000..38904bc --- /dev/null -+++ b/tools/gcc/size_overflow_hash.data -@@ -0,0 +1,5709 @@ ++++ b/tools/gcc/size_overflow_plugin/intentional_overflow.c +@@ -0,0 +1,733 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++/* Get the param of the intentional_overflow attribute. ++ * * 0: MARK_NOT_INTENTIONAL ++ * * 1..MAX_PARAM: MARK_YES ++ * * -1: MARK_TURN_OFF ++ */ ++static tree get_attribute_param(const_tree decl) ++{ ++ const_tree attr; ++ ++ if (decl == NULL_TREE) ++ return NULL_TREE; ++ ++ attr = lookup_attribute("intentional_overflow", DECL_ATTRIBUTES(decl)); ++ if (!attr || !TREE_VALUE(attr)) ++ return NULL_TREE; ++ ++ return TREE_VALUE(attr); ++} ++ ++// MARK_TURN_OFF ++bool is_turn_off_intentional_attr(const_tree decl) ++{ ++ const_tree param_head; ++ ++ param_head = get_attribute_param(decl); ++ if (param_head == NULL_TREE) ++ return false; ++ ++ if (TREE_INT_CST_HIGH(TREE_VALUE(param_head)) == -1) ++ return true; ++ return false; ++} ++ ++// MARK_NOT_INTENTIONAL ++bool is_end_intentional_intentional_attr(const_tree decl, unsigned int argnum) ++{ ++ const_tree param_head; ++ ++ if (argnum == 0) ++ return false; ++ ++ param_head = get_attribute_param(decl); ++ if (param_head == NULL_TREE) ++ return false; ++ ++ if (!TREE_INT_CST_LOW(TREE_VALUE(param_head))) ++ return true; ++ return false; ++} ++ ++// MARK_YES ++bool is_yes_intentional_attr(const_tree decl, unsigned int argnum) ++{ ++ tree param, param_head; ++ ++ if (argnum == 0) ++ return false; ++ ++ param_head = get_attribute_param(decl); ++ for (param = param_head; param; param = TREE_CHAIN(param)) ++ if (argnum == TREE_INT_CST_LOW(TREE_VALUE(param))) ++ return true; ++ return false; ++} ++ ++void print_missing_intentional(enum mark callee_attr, enum mark caller_attr, const_tree decl, unsigned int argnum) ++{ ++ location_t loc; ++ ++ if (caller_attr == MARK_NO || caller_attr == MARK_NOT_INTENTIONAL || caller_attr == MARK_TURN_OFF) ++ return; ++ ++ if (callee_attr == MARK_NOT_INTENTIONAL || callee_attr == MARK_YES) ++ return; ++ ++ loc = DECL_SOURCE_LOCATION(decl); ++ inform(loc, "The intentional_overflow attribute is missing from +%s+%u+", DECL_NAME_POINTER(decl), argnum); ++} ++ ++// Get the field decl of a component ref for intentional_overflow checking ++static const_tree search_field_decl(const_tree comp_ref) ++{ ++ const_tree field = NULL_TREE; ++ unsigned int i, len = TREE_OPERAND_LENGTH(comp_ref); ++ ++ for (i = 0; i < len; i++) { ++ field = TREE_OPERAND(comp_ref, i); ++ if (TREE_CODE(field) == FIELD_DECL) ++ break; ++ } ++ gcc_assert(TREE_CODE(field) == FIELD_DECL); ++ return field; ++} ++ ++/* Get the type of the intentional_overflow attribute of a node ++ * * MARK_TURN_OFF ++ * * MARK_YES ++ * * MARK_NO ++ * * MARK_NOT_INTENTIONAL ++ */ ++enum mark get_intentional_attr_type(const_tree node) ++{ ++ const_tree cur_decl; ++ ++ if (node == NULL_TREE) ++ return MARK_NO; ++ ++ switch (TREE_CODE(node)) { ++ case COMPONENT_REF: ++ cur_decl = search_field_decl(node); ++ if (is_turn_off_intentional_attr(cur_decl)) ++ return MARK_TURN_OFF; ++ if (is_end_intentional_intentional_attr(cur_decl, 1)) ++ return MARK_YES; ++ break; ++ case PARM_DECL: { ++ unsigned int argnum; ++ ++ cur_decl = DECL_ORIGIN(current_function_decl); ++ argnum = find_arg_number_tree(node, cur_decl); ++ if (argnum == CANNOT_FIND_ARG) ++ return MARK_NO; ++ if (is_yes_intentional_attr(cur_decl, argnum)) ++ return MARK_YES; ++ if (is_end_intentional_intentional_attr(cur_decl, argnum)) ++ return MARK_NOT_INTENTIONAL; ++ break; ++ } ++ case FUNCTION_DECL: ++ if (is_turn_off_intentional_attr(DECL_ORIGIN(node))) ++ return MARK_TURN_OFF; ++ break; ++ default: ++ break; ++ } ++ return MARK_NO; ++} ++ ++// Search for the intentional_overflow attribute on the last nodes ++static enum mark search_last_nodes_intentional(struct interesting_node *cur_node) ++{ ++ unsigned int i; ++ tree last_node; ++ enum mark mark = MARK_NO; ++ ++#if BUILDING_GCC_VERSION <= 4007 ++ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, last_node) { ++#else ++ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, last_node) { ++#endif ++ mark = get_intentional_attr_type(last_node); ++ if (mark != MARK_NO) ++ break; ++ } ++ return mark; ++} ++ ++/* Check the intentional kind of size_overflow asm stmt (created by the gimple pass) and ++ * set the appropriate intentional_overflow type. Delete the asm stmt in the end. ++ */ ++static bool is_intentional_attribute_from_gimple(struct interesting_node *cur_node) ++{ ++ if (!cur_node->intentional_mark_from_gimple) ++ return false; ++ ++ if (is_size_overflow_intentional_asm_yes(cur_node->intentional_mark_from_gimple)) ++ cur_node->intentional_attr_cur_fndecl = MARK_YES; ++ else ++ cur_node->intentional_attr_cur_fndecl = MARK_TURN_OFF; ++ ++ // skip param decls ++ if (gimple_asm_noutputs(cur_node->intentional_mark_from_gimple) == 0) ++ return true; ++ return true; ++} ++ ++/* Search intentional_overflow attribute on caller and on callee too. ++ * 0</MARK_YES: no dup, search size_overflow and intentional_overflow attributes ++ * 0/MARK_NOT_INTENTIONAL: no dup, search size_overflow attribute (int) ++ * -1/MARK_TURN_OFF: no dup, no search, current_function_decl -> no dup ++*/ ++void check_intentional_attribute_ipa(struct interesting_node *cur_node) ++{ ++ const_tree fndecl; ++ ++ if (is_intentional_attribute_from_gimple(cur_node)) ++ return; ++ ++ if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { ++ cur_node->intentional_attr_cur_fndecl = MARK_TURN_OFF; ++ return; ++ } ++ ++ if (gimple_code(cur_node->first_stmt) == GIMPLE_ASM) { ++ cur_node->intentional_attr_cur_fndecl = MARK_NOT_INTENTIONAL; ++ return; ++ } ++ ++ if (gimple_code(cur_node->first_stmt) == GIMPLE_ASSIGN) ++ return; ++ ++ fndecl = get_interesting_orig_fndecl(cur_node->first_stmt, cur_node->num); ++ if (is_turn_off_intentional_attr(fndecl)) { ++ cur_node->intentional_attr_decl = MARK_TURN_OFF; ++ return; ++ } ++ ++ if (is_end_intentional_intentional_attr(fndecl, cur_node->num)) ++ cur_node->intentional_attr_decl = MARK_NOT_INTENTIONAL; ++ else if (is_yes_intentional_attr(fndecl, cur_node->num)) ++ cur_node->intentional_attr_decl = MARK_YES; ++ ++ cur_node->intentional_attr_cur_fndecl = search_last_nodes_intentional(cur_node); ++ print_missing_intentional(cur_node->intentional_attr_decl, cur_node->intentional_attr_cur_fndecl, cur_node->fndecl, cur_node->num); ++} ++ ++bool is_a_cast_and_const_overflow(const_tree no_const_rhs) ++{ ++ const_tree rhs1, lhs, rhs1_type, lhs_type; ++ enum machine_mode lhs_mode, rhs_mode; ++ gimple def_stmt = get_def_stmt(no_const_rhs); ++ ++ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ lhs = gimple_assign_lhs(def_stmt); ++ rhs1_type = TREE_TYPE(rhs1); ++ lhs_type = TREE_TYPE(lhs); ++ rhs_mode = TYPE_MODE(rhs1_type); ++ lhs_mode = TYPE_MODE(lhs_type); ++ if (TYPE_UNSIGNED(lhs_type) == TYPE_UNSIGNED(rhs1_type) || lhs_mode != rhs_mode) ++ return false; ++ ++ return true; ++} ++ ++static unsigned int uses_num(tree node) ++{ ++ imm_use_iterator imm_iter; ++ use_operand_p use_p; ++ unsigned int num = 0; ++ ++ FOR_EACH_IMM_USE_FAST(use_p, imm_iter, node) { ++ gimple use_stmt = USE_STMT(use_p); ++ ++ if (use_stmt == NULL) ++ return num; ++ if (is_gimple_debug(use_stmt)) ++ continue; ++ if (gimple_assign_cast_p(use_stmt) && is_size_overflow_type(gimple_assign_lhs(use_stmt))) ++ continue; ++ num++; ++ } ++ return num; ++} ++ ++static bool no_uses(tree node) ++{ ++ return !uses_num(node); ++} ++ ++// 3.8.5 mm/page-writeback.c __ilog2_u64(): ret, uint + uintmax; uint -> int; int max ++bool is_const_plus_unsigned_signed_truncation(const_tree lhs) ++{ ++ tree rhs1, lhs_type, rhs_type, rhs2, not_const_rhs; ++ gimple def_stmt = get_def_stmt(lhs); ++ ++ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs_type = TREE_TYPE(rhs1); ++ lhs_type = TREE_TYPE(lhs); ++ if (TYPE_UNSIGNED(lhs_type) || !TYPE_UNSIGNED(rhs_type)) ++ return false; ++ if (TYPE_MODE(lhs_type) != TYPE_MODE(rhs_type)) ++ return false; ++ ++ def_stmt = get_def_stmt(rhs1); ++ if (!def_stmt || !is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 3) ++ return false; ++ ++ if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ if (!is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) ++ return false; ++ ++ if (is_gimple_constant(rhs2)) ++ not_const_rhs = rhs1; ++ else ++ not_const_rhs = rhs2; ++ ++ return no_uses(not_const_rhs); ++} ++ ++static bool is_lt_signed_type_max(const_tree rhs) ++{ ++ const_tree new_type, type_max, type = TREE_TYPE(rhs); ++ ++ if (!TYPE_UNSIGNED(type)) ++ return true; ++ ++ switch (TYPE_MODE(type)) { ++ case QImode: ++ new_type = intQI_type_node; ++ break; ++ case HImode: ++ new_type = intHI_type_node; ++ break; ++ case SImode: ++ new_type = intSI_type_node; ++ break; ++ case DImode: ++ new_type = intDI_type_node; ++ break; ++ default: ++ debug_tree((tree)type); ++ gcc_unreachable(); ++ } ++ ++ type_max = TYPE_MAX_VALUE(new_type); ++ if (!tree_int_cst_lt(type_max, rhs)) ++ return true; ++ ++ return false; ++} ++ ++static bool is_gt_zero(const_tree rhs) ++{ ++ const_tree type = TREE_TYPE(rhs); ++ ++ if (TYPE_UNSIGNED(type)) ++ return true; ++ ++ if (!tree_int_cst_lt(rhs, integer_zero_node)) ++ return true; ++ ++ return false; ++} ++ ++bool is_a_constant_overflow(const_gimple stmt, const_tree rhs) ++{ ++ if (gimple_assign_rhs_code(stmt) == MIN_EXPR) ++ return false; ++ if (!is_gimple_constant(rhs)) ++ return false; ++ ++ // If the const is between 0 and the max value of the signed type of the same bitsize then there is no intentional overflow ++ if (is_lt_signed_type_max(rhs) && is_gt_zero(rhs)) ++ return false; ++ ++ return true; ++} ++ ++static tree change_assign_rhs(struct visited *visited, gimple stmt, const_tree orig_rhs, tree new_rhs) ++{ ++ gimple assign; ++ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); ++ tree origtype = TREE_TYPE(orig_rhs); ++ ++ gcc_assert(is_gimple_assign(stmt)); ++ ++ assign = build_cast_stmt(visited, origtype, new_rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); ++ pointer_set_insert(visited->my_stmts, assign); ++ return gimple_assign_lhs(assign); ++} ++ ++tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2) ++{ ++ tree new_rhs, orig_rhs; ++ void (*gimple_assign_set_rhs)(gimple, tree); ++ tree rhs1 = gimple_assign_rhs1(stmt); ++ tree rhs2 = gimple_assign_rhs2(stmt); ++ tree lhs = gimple_assign_lhs(stmt); ++ ++ if (!check_overflow) ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ if (change_rhs == NULL_TREE) ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++ ++ if (new_rhs2 == NULL_TREE) { ++ orig_rhs = rhs1; ++ gimple_assign_set_rhs = &gimple_assign_set_rhs1; ++ } else { ++ orig_rhs = rhs2; ++ gimple_assign_set_rhs = &gimple_assign_set_rhs2; ++ } ++ ++ check_size_overflow(caller_node, stmt, TREE_TYPE(change_rhs), change_rhs, orig_rhs, BEFORE_STMT); ++ ++ new_rhs = change_assign_rhs(visited, stmt, orig_rhs, change_rhs); ++ gimple_assign_set_rhs(stmt, new_rhs); ++ update_stmt(stmt); ++ ++ return create_assign(visited, stmt, lhs, AFTER_STMT); ++} ++ ++static bool is_subtraction_special(struct visited *visited, const_gimple stmt) ++{ ++ gimple rhs1_def_stmt, rhs2_def_stmt; ++ const_tree rhs1_def_stmt_rhs1, rhs2_def_stmt_rhs1, rhs1_def_stmt_lhs, rhs2_def_stmt_lhs; ++ enum machine_mode rhs1_def_stmt_rhs1_mode, rhs2_def_stmt_rhs1_mode, rhs1_def_stmt_lhs_mode, rhs2_def_stmt_lhs_mode; ++ const_tree rhs1 = gimple_assign_rhs1(stmt); ++ const_tree rhs2 = gimple_assign_rhs2(stmt); ++ ++ if (is_gimple_constant(rhs1) || is_gimple_constant(rhs2)) ++ return false; ++ ++ gcc_assert(TREE_CODE(rhs1) == SSA_NAME && TREE_CODE(rhs2) == SSA_NAME); ++ ++ if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) ++ return false; ++ ++ rhs1_def_stmt = get_def_stmt(rhs1); ++ rhs2_def_stmt = get_def_stmt(rhs2); ++ if (!gimple_assign_cast_p(rhs1_def_stmt) || !gimple_assign_cast_p(rhs2_def_stmt)) ++ return false; ++ ++ rhs1_def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); ++ rhs2_def_stmt_rhs1 = gimple_assign_rhs1(rhs2_def_stmt); ++ rhs1_def_stmt_lhs = gimple_assign_lhs(rhs1_def_stmt); ++ rhs2_def_stmt_lhs = gimple_assign_lhs(rhs2_def_stmt); ++ rhs1_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_rhs1)); ++ rhs2_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_rhs1)); ++ rhs1_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_lhs)); ++ rhs2_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_lhs)); ++ if (GET_MODE_BITSIZE(rhs1_def_stmt_rhs1_mode) <= GET_MODE_BITSIZE(rhs1_def_stmt_lhs_mode)) ++ return false; ++ if (GET_MODE_BITSIZE(rhs2_def_stmt_rhs1_mode) <= GET_MODE_BITSIZE(rhs2_def_stmt_lhs_mode)) ++ return false; ++ ++ pointer_set_insert(visited->no_cast_check, rhs1_def_stmt); ++ pointer_set_insert(visited->no_cast_check, rhs2_def_stmt); ++ return true; ++} ++ ++static gimple create_binary_assign(struct visited *visited, enum tree_code code, gimple stmt, tree rhs1, tree rhs2) ++{ ++ gimple assign; ++ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); ++ tree type = TREE_TYPE(rhs1); ++ tree lhs = create_new_var(type); ++ ++ gcc_assert(types_compatible_p(type, TREE_TYPE(rhs2))); ++ assign = gimple_build_assign_with_ops(code, lhs, rhs1, rhs2); ++ gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); ++ ++ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); ++ update_stmt(assign); ++ pointer_set_insert(visited->my_stmts, assign); ++ return assign; ++} ++ ++static tree cast_to_TI_type(struct visited *visited, gimple stmt, tree node) ++{ ++ gimple_stmt_iterator gsi; ++ gimple cast_stmt; ++ tree type = TREE_TYPE(node); ++ ++ if (types_compatible_p(type, intTI_type_node)) ++ return node; ++ ++ gsi = gsi_for_stmt(stmt); ++ cast_stmt = build_cast_stmt(visited, intTI_type_node, node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); ++ pointer_set_insert(visited->my_stmts, cast_stmt); ++ return gimple_assign_lhs(cast_stmt); ++} ++ ++static tree get_def_stmt_rhs(struct visited *visited, const_tree var) ++{ ++ tree rhs1, def_stmt_rhs1; ++ gimple rhs1_def_stmt, def_stmt_rhs1_def_stmt, def_stmt; ++ ++ def_stmt = get_def_stmt(var); ++ if (!gimple_assign_cast_p(def_stmt)) ++ return NULL_TREE; ++ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP && pointer_set_contains(visited->my_stmts, def_stmt) && gimple_assign_cast_p(def_stmt)); ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ rhs1_def_stmt = get_def_stmt(rhs1); ++ if (!gimple_assign_cast_p(rhs1_def_stmt)) ++ return rhs1; ++ ++ def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); ++ def_stmt_rhs1_def_stmt = get_def_stmt(def_stmt_rhs1); ++ ++ switch (gimple_code(def_stmt_rhs1_def_stmt)) { ++ case GIMPLE_CALL: ++ case GIMPLE_NOP: ++ case GIMPLE_ASM: ++ case GIMPLE_PHI: ++ return def_stmt_rhs1; ++ case GIMPLE_ASSIGN: ++ return rhs1; ++ default: ++ debug_gimple_stmt(def_stmt_rhs1_def_stmt); ++ gcc_unreachable(); ++ } ++} ++ ++tree handle_integer_truncation(struct visited *visited, struct cgraph_node *caller_node, const_tree lhs) ++{ ++ tree new_rhs1, new_rhs2; ++ tree new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1, new_lhs; ++ gimple assign, stmt = get_def_stmt(lhs); ++ tree rhs1 = gimple_assign_rhs1(stmt); ++ tree rhs2 = gimple_assign_rhs2(stmt); ++ ++ if (!is_subtraction_special(visited, stmt)) ++ return NULL_TREE; ++ ++ new_rhs1 = expand(visited, caller_node, rhs1); ++ new_rhs2 = expand(visited, caller_node, rhs2); ++ ++ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs1); ++ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(visited, new_rhs2); ++ ++ if (new_rhs1_def_stmt_rhs1 == NULL_TREE || new_rhs2_def_stmt_rhs1 == NULL_TREE) ++ return NULL_TREE; ++ ++ if (!types_compatible_p(TREE_TYPE(new_rhs1_def_stmt_rhs1), TREE_TYPE(new_rhs2_def_stmt_rhs1))) { ++ new_rhs1_def_stmt_rhs1 = cast_to_TI_type(visited, stmt, new_rhs1_def_stmt_rhs1); ++ new_rhs2_def_stmt_rhs1 = cast_to_TI_type(visited, stmt, new_rhs2_def_stmt_rhs1); ++ } ++ ++ assign = create_binary_assign(visited, MINUS_EXPR, stmt, new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1); ++ new_lhs = gimple_assign_lhs(assign); ++ check_size_overflow(caller_node, assign, TREE_TYPE(new_lhs), new_lhs, rhs1, AFTER_STMT); ++ ++ return dup_assign(visited, stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); ++} ++ ++bool is_a_neg_overflow(const_gimple stmt, const_tree rhs) ++{ ++ const_gimple def_stmt; ++ ++ if (TREE_CODE(rhs) != SSA_NAME) ++ return false; ++ ++ if (gimple_assign_rhs_code(stmt) != PLUS_EXPR) ++ return false; ++ ++ def_stmt = get_def_stmt(rhs); ++ if (!is_gimple_assign(def_stmt) || gimple_assign_rhs_code(def_stmt) != BIT_NOT_EXPR) ++ return false; ++ ++ return true; ++} ++ ++/* e.g., drivers/acpi/acpica/utids.c acpi_ut_execute_CID() ++ * ((count - 1) * sizeof(struct acpi_pnp_dee_id_list) -> (count + fffffff) * 16 ++ * fffffff * 16 > signed max -> truncate ++ */ ++static bool look_for_mult_and_add(const_gimple stmt) ++{ ++ const_tree res; ++ tree rhs1, rhs2, def_rhs1, def_rhs2, const_rhs, def_const_rhs; ++ const_gimple def_stmt; ++ ++ if (!stmt || gimple_code(stmt) == GIMPLE_NOP) ++ return false; ++ if (!is_gimple_assign(stmt)) ++ return false; ++ if (gimple_assign_rhs_code(stmt) != MULT_EXPR) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ rhs2 = gimple_assign_rhs2(stmt); ++ if (is_gimple_constant(rhs1)) { ++ const_rhs = rhs1; ++ def_stmt = get_def_stmt(rhs2); ++ } else if (is_gimple_constant(rhs2)) { ++ const_rhs = rhs2; ++ def_stmt = get_def_stmt(rhs1); ++ } else ++ return false; ++ ++ if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR && gimple_assign_rhs_code(def_stmt) != MINUS_EXPR) ++ return false; ++ ++ def_rhs1 = gimple_assign_rhs1(def_stmt); ++ def_rhs2 = gimple_assign_rhs2(def_stmt); ++ if (is_gimple_constant(def_rhs1)) ++ def_const_rhs = def_rhs1; ++ else if (is_gimple_constant(def_rhs2)) ++ def_const_rhs = def_rhs2; ++ else ++ return false; ++ ++ res = fold_binary_loc(gimple_location(def_stmt), MULT_EXPR, TREE_TYPE(const_rhs), const_rhs, def_const_rhs); ++ if (is_lt_signed_type_max(res) && is_gt_zero(res)) ++ return false; ++ return true; ++} ++ ++enum intentional_overflow_type add_mul_intentional_overflow(const_gimple stmt) ++{ ++ const_gimple def_stmt_1, def_stmt_2; ++ const_tree rhs1, rhs2; ++ bool add_mul_rhs1, add_mul_rhs2; ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ def_stmt_1 = get_def_stmt(rhs1); ++ add_mul_rhs1 = look_for_mult_and_add(def_stmt_1); ++ ++ rhs2 = gimple_assign_rhs2(stmt); ++ def_stmt_2 = get_def_stmt(rhs2); ++ add_mul_rhs2 = look_for_mult_and_add(def_stmt_2); ++ ++ if (add_mul_rhs1) ++ return RHS1_INTENTIONAL_OVERFLOW; ++ if (add_mul_rhs2) ++ return RHS2_INTENTIONAL_OVERFLOW; ++ return NO_INTENTIONAL_OVERFLOW; ++} ++ ++static gimple get_dup_stmt(struct visited *visited, gimple stmt) ++{ ++ gimple my_stmt; ++ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); ++ ++ gsi_next(&gsi); ++ my_stmt = gsi_stmt(gsi); ++ ++ gcc_assert(pointer_set_contains(visited->my_stmts, my_stmt)); ++ gcc_assert(gimple_assign_rhs_code(stmt) == gimple_assign_rhs_code(my_stmt)); ++ ++ return my_stmt; ++} ++ ++/* unsigned type -> unary or binary assign (rhs1 or rhs2 is constant) ++ * unsigned type cast to signed type, unsigned type: no more uses ++ * e.g., lib/vsprintf.c:simple_strtol() ++ * _10 = (unsigned long int) _9 ++ * _11 = -_10; ++ * _12 = (long int) _11; (_11_ no more uses) ++ */ ++static bool is_call_or_cast(gimple stmt) ++{ ++ return gimple_assign_cast_p(stmt) || is_gimple_call(stmt); ++} ++ ++static bool is_unsigned_cast_or_call_def_stmt(const_tree node) ++{ ++ const_tree rhs; ++ gimple def_stmt; ++ ++ if (node == NULL_TREE) ++ return true; ++ if (is_gimple_constant(node)) ++ return true; ++ ++ def_stmt = get_def_stmt(node); ++ if (!def_stmt) ++ return false; ++ ++ if (is_call_or_cast(def_stmt)) ++ return true; ++ ++ if (!is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 2) ++ return false; ++ rhs = gimple_assign_rhs1(def_stmt); ++ def_stmt = get_def_stmt(rhs); ++ if (!def_stmt) ++ return false; ++ return is_call_or_cast(def_stmt); ++} ++ ++void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt) ++{ ++ unsigned int use_num; ++ gimple so_stmt; ++ const_gimple def_stmt; ++ const_tree rhs1, rhs2; ++ tree rhs = gimple_assign_rhs1(stmt); ++ tree lhs_type = TREE_TYPE(gimple_assign_lhs(stmt)); ++ const_tree rhs_type = TREE_TYPE(rhs); ++ ++ if (!(TYPE_UNSIGNED(rhs_type) && !TYPE_UNSIGNED(lhs_type))) ++ return; ++ if (GET_MODE_BITSIZE(TYPE_MODE(rhs_type)) != GET_MODE_BITSIZE(TYPE_MODE(lhs_type))) ++ return; ++ use_num = uses_num(rhs); ++ if (use_num != 1) ++ return; ++ ++ def_stmt = get_def_stmt(rhs); ++ if (!def_stmt) ++ return; ++ if (!is_gimple_assign(def_stmt)) ++ return; ++ ++ rhs1 = gimple_assign_rhs1(def_stmt); ++ if (!is_unsigned_cast_or_call_def_stmt(rhs1)) ++ return; ++ ++ rhs2 = gimple_assign_rhs2(def_stmt); ++ if (!is_unsigned_cast_or_call_def_stmt(rhs2)) ++ return; ++ if (gimple_num_ops(def_stmt) == 3 && !is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) ++ return; ++ ++ so_stmt = get_dup_stmt(visited, stmt); ++ create_up_and_down_cast(visited, so_stmt, lhs_type, gimple_assign_rhs1(so_stmt)); ++} ++ +diff --git a/tools/gcc/size_overflow_plugin/misc.c b/tools/gcc/size_overflow_plugin/misc.c +new file mode 100644 +index 0000000..4bddad2 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/misc.c +@@ -0,0 +1,203 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++void set_current_function_decl(tree fndecl) ++{ ++ gcc_assert(fndecl != NULL_TREE); ++ ++ push_cfun(DECL_STRUCT_FUNCTION(fndecl)); ++ calculate_dominance_info(CDI_DOMINATORS); ++ current_function_decl = fndecl; ++} ++ ++void unset_current_function_decl(void) ++{ ++ free_dominance_info(CDI_DOMINATORS); ++ pop_cfun(); ++ current_function_decl = NULL_TREE; ++} ++ ++static bool is_bool(const_tree node) ++{ ++ const_tree type; ++ ++ if (node == NULL_TREE) ++ return false; ++ ++ type = TREE_TYPE(node); ++ if (!INTEGRAL_TYPE_P(type)) ++ return false; ++ if (TREE_CODE(type) == BOOLEAN_TYPE) ++ return true; ++ if (TYPE_PRECISION(type) == 1) ++ return true; ++ return false; ++} ++ ++bool skip_types(const_tree var) ++{ ++ tree type; ++ enum tree_code code; ++ ++ if (is_gimple_constant(var)) ++ return true; ++ ++ switch (TREE_CODE(var)) { ++ case ADDR_EXPR: ++#if BUILDING_GCC_VERSION >= 4006 ++ case MEM_REF: ++#endif ++ case ARRAY_REF: ++ case BIT_FIELD_REF: ++ case INDIRECT_REF: ++ case TARGET_MEM_REF: ++ case COMPONENT_REF: ++ case VAR_DECL: ++ case VIEW_CONVERT_EXPR: ++ return true; ++ default: ++ break; ++ } ++ ++ code = TREE_CODE(var); ++ gcc_assert(code == SSA_NAME || code == PARM_DECL); ++ ++ type = TREE_TYPE(var); ++ switch (TREE_CODE(type)) { ++ case INTEGER_TYPE: ++ case ENUMERAL_TYPE: ++ return false; ++ case BOOLEAN_TYPE: ++ return is_bool(var); ++ default: ++ return true; ++ } ++} ++ ++gimple get_def_stmt(const_tree node) ++{ ++ gcc_assert(node != NULL_TREE); ++ ++ if (skip_types(node)) ++ return NULL; ++ ++ if (TREE_CODE(node) != SSA_NAME) ++ return NULL; ++ return SSA_NAME_DEF_STMT(node); ++} ++ ++tree create_new_var(tree type) ++{ ++ tree new_var = create_tmp_var(type, "cicus"); ++ ++ add_referenced_var(new_var); ++ return new_var; ++} ++ ++static bool skip_cast(tree dst_type, const_tree rhs, bool force) ++{ ++ const_gimple def_stmt = get_def_stmt(rhs); ++ ++ if (force) ++ return false; ++ ++ if (is_gimple_constant(rhs)) ++ return false; ++ ++ if (!def_stmt || gimple_code(def_stmt) == GIMPLE_NOP) ++ return false; ++ ++ if (!types_compatible_p(dst_type, TREE_TYPE(rhs))) ++ return false; ++ ++ // DI type can be on 32 bit (from create_assign) but overflow type stays DI ++ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) ++ return false; ++ ++ return true; ++} ++ ++tree cast_a_tree(tree type, tree var) ++{ ++ gcc_assert(type != NULL_TREE); ++ gcc_assert(var != NULL_TREE); ++ gcc_assert(fold_convertible_p(type, var)); ++ ++ return fold_convert(type, var); ++} ++ ++gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force) ++{ ++ gimple assign, def_stmt; ++ ++ gcc_assert(dst_type != NULL_TREE && rhs != NULL_TREE); ++ gcc_assert(!is_gimple_constant(rhs)); ++ if (gsi_end_p(*gsi) && before == AFTER_STMT) ++ gcc_unreachable(); ++ ++ def_stmt = get_def_stmt(rhs); ++ if (def_stmt && gimple_code(def_stmt) != GIMPLE_NOP && skip_cast(dst_type, rhs, force) && pointer_set_contains(visited->my_stmts, def_stmt)) ++ return def_stmt; ++ ++ if (lhs == CREATE_NEW_VAR) ++ lhs = create_new_var(dst_type); ++ ++ assign = gimple_build_assign(lhs, cast_a_tree(dst_type, rhs)); ++ ++ if (!gsi_end_p(*gsi)) { ++ location_t loc = gimple_location(gsi_stmt(*gsi)); ++ gimple_set_location(assign, loc); ++ } ++ ++ gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); ++ ++ if (before) ++ gsi_insert_before(gsi, assign, GSI_NEW_STMT); ++ else ++ gsi_insert_after(gsi, assign, GSI_NEW_STMT); ++ update_stmt(assign); ++ return assign; ++} ++ ++bool is_size_overflow_type(const_tree var) ++{ ++ const char *name; ++ const_tree type_name, type; ++ ++ if (var == NULL_TREE) ++ return false; ++ ++ type = TREE_TYPE(var); ++ type_name = TYPE_NAME(type); ++ if (type_name == NULL_TREE) ++ return false; ++ ++ if (DECL_P(type_name)) ++ name = DECL_NAME_POINTER(type_name); ++ else ++ name = IDENTIFIER_POINTER(type_name); ++ ++ if (!strncmp(name, "size_overflow_type", 18)) ++ return true; ++ return false; ++} ++ +diff --git a/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c +new file mode 100644 +index 0000000..7c9e6d1 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c +@@ -0,0 +1,138 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++#include "size_overflow.h" ++ ++bool skip_expr_on_double_type(const_gimple stmt) ++{ ++ enum tree_code code = gimple_assign_rhs_code(stmt); ++ ++ switch (code) { ++ case RSHIFT_EXPR: ++ case TRUNC_DIV_EXPR: ++ case CEIL_DIV_EXPR: ++ case FLOOR_DIV_EXPR: ++ case ROUND_DIV_EXPR: ++ case EXACT_DIV_EXPR: ++ case RDIV_EXPR: ++ case TRUNC_MOD_EXPR: ++ case CEIL_MOD_EXPR: ++ case FLOOR_MOD_EXPR: ++ case ROUND_MOD_EXPR: ++ return true; ++ default: ++ return false; ++ } ++} ++ ++void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs) ++{ ++ const_tree orig_rhs1; ++ tree down_lhs, new_lhs, dup_type = TREE_TYPE(rhs); ++ gimple down_cast, up_cast; ++ gimple_stmt_iterator gsi = gsi_for_stmt(use_stmt); ++ ++ down_cast = build_cast_stmt(visited, orig_type, rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); ++ down_lhs = gimple_assign_lhs(down_cast); ++ ++ gsi = gsi_for_stmt(use_stmt); ++ up_cast = build_cast_stmt(visited, dup_type, down_lhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); ++ new_lhs = gimple_assign_lhs(up_cast); ++ ++ orig_rhs1 = gimple_assign_rhs1(use_stmt); ++ if (operand_equal_p(orig_rhs1, rhs, 0)) ++ gimple_assign_set_rhs1(use_stmt, new_lhs); ++ else ++ gimple_assign_set_rhs2(use_stmt, new_lhs); ++ update_stmt(use_stmt); ++ ++ pointer_set_insert(visited->my_stmts, up_cast); ++ pointer_set_insert(visited->my_stmts, down_cast); ++ pointer_set_insert(visited->skip_expr_casts, up_cast); ++ pointer_set_insert(visited->skip_expr_casts, down_cast); ++} ++ ++static tree get_proper_unsigned_half_type(const_tree node) ++{ ++ tree new_type, type; ++ ++ gcc_assert(is_size_overflow_type(node)); ++ ++ type = TREE_TYPE(node); ++ switch (TYPE_MODE(type)) { ++ case HImode: ++ new_type = unsigned_intQI_type_node; ++ break; ++ case SImode: ++ new_type = unsigned_intHI_type_node; ++ break; ++ case DImode: ++ new_type = unsigned_intSI_type_node; ++ break; ++ case TImode: ++ new_type = unsigned_intDI_type_node; ++ break; ++ default: ++ gcc_unreachable(); ++ } ++ ++ if (TYPE_QUALS(type) != 0) ++ return build_qualified_type(new_type, TYPE_QUALS(type)); ++ return new_type; ++} ++ ++static void insert_cast_rhs(struct visited *visited, gimple stmt, tree rhs) ++{ ++ tree type; ++ ++ if (rhs == NULL_TREE) ++ return; ++ if (!is_size_overflow_type(rhs)) ++ return; ++ ++ type = get_proper_unsigned_half_type(rhs); ++ if (is_gimple_constant(rhs)) ++ return; ++ create_up_and_down_cast(visited, stmt, type, rhs); ++} ++ ++static void insert_cast(struct visited *visited, gimple stmt, tree rhs) ++{ ++ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && !is_size_overflow_type(rhs)) ++ return; ++ gcc_assert(is_size_overflow_type(rhs)); ++ insert_cast_rhs(visited, stmt, rhs); ++} ++ ++void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type) ++{ ++ tree rhs1, rhs2; ++ ++ if (type == NO_INTENTIONAL_OVERFLOW || type == RHS1_INTENTIONAL_OVERFLOW) { ++ rhs1 = gimple_assign_rhs1(stmt); ++ insert_cast(visited, stmt, rhs1); ++ } ++ ++ if (type == NO_INTENTIONAL_OVERFLOW || type == RHS2_INTENTIONAL_OVERFLOW) { ++ rhs2 = gimple_assign_rhs2(stmt); ++ insert_cast(visited, stmt, rhs2); ++ } ++} ++ +diff --git a/tools/gcc/size_overflow_plugin/size_overflow.h b/tools/gcc/size_overflow_plugin/size_overflow.h +new file mode 100644 +index 0000000..e5b4e50 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/size_overflow.h +@@ -0,0 +1,127 @@ ++#ifndef SIZE_OVERFLOW_H ++#define SIZE_OVERFLOW_H ++ ++#define CREATE_NEW_VAR NULL_TREE ++#define CANNOT_FIND_ARG 32 ++#define MAX_PARAM 31 ++#define BEFORE_STMT true ++#define AFTER_STMT false ++ ++#define TURN_OFF_ASM_STR "# size_overflow MARK_TURN_OFF " ++#define YES_ASM_STR "# size_overflow MARK_YES " ++#define OK_ASM_STR "# size_overflow " ++ ++enum mark { ++ MARK_NO, MARK_YES, MARK_NOT_INTENTIONAL, MARK_TURN_OFF ++}; ++ ++enum intentional_overflow_type { ++ NO_INTENTIONAL_OVERFLOW, RHS1_INTENTIONAL_OVERFLOW, RHS2_INTENTIONAL_OVERFLOW ++}; ++ ++struct visited { ++ struct pointer_set_t *stmts; ++ struct pointer_set_t *my_stmts; ++ struct pointer_set_t *skip_expr_casts; ++ struct pointer_set_t *no_cast_check; ++}; ++ ++// size_overflow_plugin.c ++extern tree report_size_overflow_decl; ++extern tree size_overflow_type_HI; ++extern tree size_overflow_type_SI; ++extern tree size_overflow_type_DI; ++extern tree size_overflow_type_TI; ++ ++ ++// size_overflow_plugin_hash.c ++struct size_overflow_hash { ++ const struct size_overflow_hash * const next; ++ const char * const name; ++ const unsigned int param; ++}; ++ ++struct interesting_node { ++ struct interesting_node *next; ++ gimple first_stmt; ++ const_tree fndecl; ++ tree node; ++#if BUILDING_GCC_VERSION <= 4007 ++ VEC(tree, gc) *last_nodes; ++#else ++ vec<tree, va_gc> *last_nodes; ++#endif ++ unsigned int num; ++ enum mark intentional_attr_decl; ++ enum mark intentional_attr_cur_fndecl; ++ gimple intentional_mark_from_gimple; ++}; ++ ++extern bool is_size_overflow_asm(const_gimple stmt); ++extern unsigned int get_function_num(const_tree node, const_tree orig_fndecl); ++extern unsigned int get_correct_arg_count(unsigned int argnum, const_tree fndecl); ++extern bool is_missing_function(const_tree orig_fndecl, unsigned int num); ++extern bool is_a_return_check(const_tree node); ++extern const struct size_overflow_hash *get_function_hash(const_tree fndecl); ++extern unsigned int find_arg_number_tree(const_tree arg, const_tree func); ++ ++ ++// size_overflow_debug.c ++extern struct opt_pass *make_dump_pass(void); ++ ++ ++// intentional_overflow.c ++extern enum mark get_intentional_attr_type(const_tree node); ++extern bool is_size_overflow_intentional_asm_yes(const_gimple stmt); ++extern bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt); ++extern bool is_end_intentional_intentional_attr(const_tree decl, unsigned int argnum); ++extern bool is_yes_intentional_attr(const_tree decl, unsigned int argnum); ++extern bool is_turn_off_intentional_attr(const_tree decl); ++extern void print_missing_intentional(enum mark callee_attr, enum mark caller_attr, const_tree decl, unsigned int argnum); ++extern void check_intentional_attribute_ipa(struct interesting_node *cur_node); ++extern bool is_a_cast_and_const_overflow(const_tree no_const_rhs); ++extern bool is_const_plus_unsigned_signed_truncation(const_tree lhs); ++extern bool is_a_constant_overflow(const_gimple stmt, const_tree rhs); ++extern tree handle_intentional_overflow(struct visited *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2); ++extern tree handle_integer_truncation(struct visited *visited, struct cgraph_node *caller_node, const_tree lhs); ++extern bool is_a_neg_overflow(const_gimple stmt, const_tree rhs); ++extern enum intentional_overflow_type add_mul_intentional_overflow(const_gimple def_stmt); ++extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gimple stmt); ++ ++ ++// insert_size_overflow_check_ipa.c ++extern unsigned int search_function(void); ++extern unsigned int call_count; ++extern struct opt_pass *make_insert_size_overflow_check(void); ++extern const_tree get_interesting_orig_fndecl(const_gimple stmt, unsigned int argnum); ++ ++ ++// insert_size_overflow_asm.c ++extern struct opt_pass *make_insert_size_overflow_asm_pass(void); ++ ++ ++// misc.c ++extern void set_current_function_decl(tree fndecl); ++extern void unset_current_function_decl(void); ++extern gimple get_def_stmt(const_tree node); ++extern tree create_new_var(tree type); ++extern gimple build_cast_stmt(struct visited *visited, tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force); ++extern bool skip_types(const_tree var); ++extern tree cast_a_tree(tree type, tree var); ++extern bool is_size_overflow_type(const_tree var); ++ ++ ++// insert_size_overflow_check_core.c ++extern tree expand(struct visited *visited, struct cgraph_node *caller_node, tree lhs); ++extern void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before); ++extern tree dup_assign(struct visited *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); ++extern tree create_assign(struct visited *visited, gimple oldstmt, tree rhs1, bool before); ++ ++ ++// remove_unnecessary_dup.c ++extern struct opt_pass *make_remove_unnecessary_dup_pass(void); ++extern void insert_cast_expr(struct visited *visited, gimple stmt, enum intentional_overflow_type type); ++extern bool skip_expr_on_double_type(const_gimple stmt); ++extern void create_up_and_down_cast(struct visited *visited, gimple use_stmt, tree orig_type, tree rhs); ++ ++#endif +diff --git a/tools/gcc/size_overflow_plugin/size_overflow_debug.c b/tools/gcc/size_overflow_plugin/size_overflow_debug.c +new file mode 100644 +index 0000000..4378111 +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/size_overflow_debug.c +@@ -0,0 +1,116 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ ++ ++#include "gcc-common.h" ++ ++static unsigned int dump_functions(void) ++{ ++ struct cgraph_node *node; ++ ++ FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { ++ basic_block bb; ++ ++ push_cfun(DECL_STRUCT_FUNCTION(NODE_DECL(node))); ++ current_function_decl = NODE_DECL(node); ++ ++ fprintf(stderr, "-----------------------------------------\n%s\n-----------------------------------------\n", DECL_NAME_POINTER(current_function_decl)); ++ ++ FOR_ALL_BB_FN(bb, cfun) { ++ gimple_stmt_iterator si; ++ ++ fprintf(stderr, "<bb %u>:\n", bb->index); ++ for (si = gsi_start_phis(bb); !gsi_end_p(si); gsi_next(&si)) ++ debug_gimple_stmt(gsi_stmt(si)); ++ for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si)) ++ debug_gimple_stmt(gsi_stmt(si)); ++ fprintf(stderr, "\n"); ++ } ++ ++ fprintf(stderr, "-------------------------------------------------------------------------\n"); ++ ++ pop_cfun(); ++ current_function_decl = NULL_TREE; ++ } ++ ++ fprintf(stderr, "###############################################################################\n"); ++ ++ return 0; ++} ++ ++#if BUILDING_GCC_VERSION >= 4009 ++static const struct pass_data dump_pass_data = { ++#else ++static struct ipa_opt_pass_d dump_pass = { ++ .pass = { ++#endif ++ .type = SIMPLE_IPA_PASS, ++ .name = "dump", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif ++#if BUILDING_GCC_VERSION >= 4009 ++ .has_gate = false, ++ .has_execute = true, ++#else ++ .gate = NULL, ++ .execute = dump_functions, ++ .sub = NULL, ++ .next = NULL, ++ .static_pass_number = 0, ++#endif ++ .tv_id = TV_NONE, ++ .properties_required = 0, ++ .properties_provided = 0, ++ .properties_destroyed = 0, ++ .todo_flags_start = 0, ++ .todo_flags_finish = 0, ++#if BUILDING_GCC_VERSION < 4009 ++ }, ++ .generate_summary = NULL, ++ .write_summary = NULL, ++ .read_summary = NULL, ++#if BUILDING_GCC_VERSION >= 4006 ++ .write_optimization_summary = NULL, ++ .read_optimization_summary = NULL, ++#endif ++ .stmt_fixup = NULL, ++ .function_transform_todo_flags_start = 0, ++ .function_transform = NULL, ++ .variable_transform = NULL, ++#endif ++}; ++ ++#if BUILDING_GCC_VERSION >= 4009 ++namespace { ++class dump_pass : public ipa_opt_pass_d { ++public: ++ dump_pass() : ipa_opt_pass_d(dump_pass_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} ++ unsigned int execute() { return dump_functions(); } ++}; ++} ++#endif ++ ++struct opt_pass *make_dump_pass(void) ++{ ++#if BUILDING_GCC_VERSION >= 4009 ++ return new dump_pass(); ++#else ++ return &dump_pass.pass; ++#endif ++} +diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data +new file mode 100644 +index 0000000..72e9c0e +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data +@@ -0,0 +1,5986 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL +storvsc_connect_to_vsp_22 storvsc_connect_to_vsp 2 22 NULL @@ -108227,21 +114254,24 @@ index 0000000..9529806 +ipath_verbs_send_117 ipath_verbs_send 5-3 117 NULL +init_q_132 init_q 4 132 NULL +memstick_alloc_host_142 memstick_alloc_host 1 142 NULL ++gfs2_glock_get_147 gfs2_glock_get 0 147 NULL +hva_to_gfn_memslot_149 hva_to_gfn_memslot 0-1 149 NULL +ping_v6_sendmsg_152 ping_v6_sendmsg 4 152 NULL +ext4_ext_get_actual_len_153 ext4_ext_get_actual_len 0 153 NULL nohasharray +tracing_trace_options_write_153 tracing_trace_options_write 3 153 &ext4_ext_get_actual_len_153 +pci_request_selected_regions_169 pci_request_selected_regions 0 169 NULL +xfs_buf_item_get_format_189 xfs_buf_item_get_format 2 189 NULL ++xfs_bmap_btalloc_192 xfs_bmap_btalloc 0 192 NULL +iscsi_session_setup_196 iscsi_session_setup 4-5 196 NULL ++ll_xattr_cache_seq_write_250 ll_xattr_cache_seq_write 3 250 NULL +br_port_info_size_268 br_port_info_size 0 268 NULL +generic_file_direct_write_291 generic_file_direct_write 0 291 NULL +read_file_war_stats_292 read_file_war_stats 3 292 NULL ++xfs_zero_last_block_298 xfs_zero_last_block 0 298 NULL +SYSC_connect_304 SYSC_connect 3 304 NULL +syslog_print_307 syslog_print 2 307 NULL +dn_setsockopt_314 dn_setsockopt 5 314 NULL +mlx5_core_access_reg_361 mlx5_core_access_reg 3-5 361 NULL -+hw_device_state_409 hw_device_state 0 409 NULL +aio_read_events_ring_410 aio_read_events_ring 3-0 410 NULL +lbs_rdmac_read_418 lbs_rdmac_read 3 418 NULL +snd_ca0106_ptr_read_467 snd_ca0106_ptr_read 0 467 NULL @@ -108258,20 +114288,19 @@ index 0000000..9529806 +start_isoc_chain_565 start_isoc_chain 2 565 NULL nohasharray +dev_hard_header_565 dev_hard_header 0 565 &start_isoc_chain_565 +ocfs2_refcounted_xattr_delete_need_584 ocfs2_refcounted_xattr_delete_need 0 584 NULL -+osl_pktget_590 osl_pktget 2 590 NULL +smk_write_load_self2_591 smk_write_load_self2 3 591 NULL +btrfs_stack_file_extent_offset_607 btrfs_stack_file_extent_offset 0 607 NULL +ni_gpct_device_construct_610 ni_gpct_device_construct 5 610 NULL +fuse_request_alloc_nofs_617 fuse_request_alloc_nofs 1 617 NULL +ptlrpc_lprocfs_nrs_seq_write_621 ptlrpc_lprocfs_nrs_seq_write 3 621 NULL +viafb_dfpl_proc_write_627 viafb_dfpl_proc_write 3 627 NULL -+clone_split_bio_633 clone_split_bio 6 633 NULL +ceph_osdc_new_request_635 ceph_osdc_new_request 6 635 NULL +cfs_hash_bkt_size_643 cfs_hash_bkt_size 0 643 NULL +unlink_queued_645 unlink_queued 4 645 NULL +dtim_interval_read_654 dtim_interval_read 3 654 NULL +mem_rx_free_mem_blks_read_675 mem_rx_free_mem_blks_read 3 675 NULL +persistent_ram_vmap_709 persistent_ram_vmap 1-2 709 NULL ++xfs_bmap_eof_728 xfs_bmap_eof 0 728 NULL +sctp_setsockopt_peer_addr_params_734 sctp_setsockopt_peer_addr_params 3 734 NULL +dvb_video_write_754 dvb_video_write 3 754 NULL +cfs_trace_allocate_string_buffer_781 cfs_trace_allocate_string_buffer 2 781 NULL @@ -108285,6 +114314,8 @@ index 0000000..9529806 +carl9170_cmd_buf_950 carl9170_cmd_buf 3 950 NULL +__nodes_weight_956 __nodes_weight 2-0 956 NULL +bnx2x_fill_fw_str_968 bnx2x_fill_fw_str 3 968 NULL ++mnt_want_write_975 mnt_want_write 0 975 NULL ++usnic_ib_qp_grp_dump_hdr_989 usnic_ib_qp_grp_dump_hdr 2 989 NULL +memcmp_990 memcmp 0 990 NULL +readreg_1017 readreg 0-1 1017 NULL +smk_write_cipso2_1021 smk_write_cipso2 3 1021 NULL @@ -108293,7 +114324,6 @@ index 0000000..9529806 +agp_create_memory_1075 agp_create_memory 1 1075 NULL +_scsih_adjust_queue_depth_1083 _scsih_adjust_queue_depth 2 1083 NULL +llcp_sock_sendmsg_1092 llcp_sock_sendmsg 4 1092 NULL -+llc_mac_hdr_init_1094 llc_mac_hdr_init 0 1094 NULL +nfs4_init_nonuniform_client_string_1097 nfs4_init_nonuniform_client_string 3 1097 NULL +utf8s_to_utf16s_1115 utf8s_to_utf16s 0 1115 NULL +cfg80211_report_obss_beacon_1133 cfg80211_report_obss_beacon 3 1133 NULL @@ -108305,11 +114335,15 @@ index 0000000..9529806 +dgrp_dpa_read_1204 dgrp_dpa_read 3 1204 NULL +i2cdev_read_1206 i2cdev_read 3 1206 NULL +lov_ost_pool_init_1215 lov_ost_pool_init 2 1215 NULL ++fsync_buffers_list_1219 fsync_buffers_list 0 1219 NULL ++kernfs_file_direct_read_1238 kernfs_file_direct_read 3 1238 NULL +ocfs2_extend_file_1266 ocfs2_extend_file 3 1266 NULL +qla4xxx_change_queue_depth_1268 qla4xxx_change_queue_depth 2 1268 NULL +ioctl_private_iw_point_1273 ioctl_private_iw_point 7 1273 NULL +SyS_flistxattr_1287 SyS_flistxattr 3 1287 NULL +tx_frag_in_process_called_read_1290 tx_frag_in_process_called_read 3 1290 NULL ++posix_acl_xattr_set_1301 posix_acl_xattr_set 4 1301 NULL ++tcf_hash_create_1305 tcf_hash_create 4 1305 NULL +ffs_1322 ffs 0 1322 NULL +qlcnic_pci_sriov_configure_1327 qlcnic_pci_sriov_configure 2 1327 NULL +btrfs_submit_compressed_write_1347 btrfs_submit_compressed_write 5 1347 NULL @@ -108332,6 +114366,7 @@ index 0000000..9529806 +tomoyo_round2_1518 tomoyo_round2 0 1518 NULL +alloc_perm_bits_1532 alloc_perm_bits 2 1532 NULL +ath6kl_init_get_fwcaps_1557 ath6kl_init_get_fwcaps 3 1557 NULL ++ffs_mutex_lock_1564 ffs_mutex_lock 0 1564 NULL +ieee80211_if_read_dot11MeshHWMPnetDiameterTraversalTime_1589 ieee80211_if_read_dot11MeshHWMPnetDiameterTraversalTime 3 1589 NULL +ipath_ht_handle_hwerrors_1592 ipath_ht_handle_hwerrors 3 1592 NULL +packet_buffer_init_1607 packet_buffer_init 2 1607 NULL @@ -108343,8 +114378,10 @@ index 0000000..9529806 +configfs_read_file_1683 configfs_read_file 3 1683 NULL +pdu_write_u_1710 pdu_write_u 3 1710 NULL +coda_psdev_write_1711 coda_psdev_write 3 1711 NULL ++btrfs_dir_data_len_1714 btrfs_dir_data_len 0 1714 NULL +internal_create_group_1733 internal_create_group 0 1733 NULL +dev_irnet_read_1741 dev_irnet_read 3 1741 NULL ++usb_ep_align_maybe_1743 usb_ep_align_maybe 0-3 1743 NULL +tx_frag_called_read_1748 tx_frag_called_read 3 1748 NULL +cosa_write_1774 cosa_write 3 1774 NULL +fcoe_ctlr_device_add_1793 fcoe_ctlr_device_add 3 1793 NULL @@ -108359,11 +114396,13 @@ index 0000000..9529806 +ext3_fiemap_1936 ext3_fiemap 4 1936 NULL +cyttsp_probe_1940 cyttsp_probe 4 1940 NULL +ieee80211_if_fmt_dot11MeshConfirmTimeout_1945 ieee80211_if_fmt_dot11MeshConfirmTimeout 3 1945 NULL ++update_qd_1955 update_qd 0 1955 NULL +ivtv_v4l2_read_1964 ivtv_v4l2_read 3 1964 NULL +sel_read_avc_hash_stats_1984 sel_read_avc_hash_stats 3 1984 NULL +gpio_power_write_1991 gpio_power_write 3 1991 NULL +__alloc_bootmem_node_1992 __alloc_bootmem_node 2 1992 NULL +rx_rx_defrag_read_2010 rx_rx_defrag_read 3 2010 NULL ++xfs_mru_cache_insert_2013 xfs_mru_cache_insert 0 2013 NULL +ocfs2_global_qinit_alloc_2018 ocfs2_global_qinit_alloc 0 2018 NULL +write_flush_pipefs_2021 write_flush_pipefs 3 2021 NULL +BcmCopySection_2035 BcmCopySection 5 2035 NULL @@ -108374,19 +114413,22 @@ index 0000000..9529806 +iwl_dbgfs_current_sleep_command_read_2081 iwl_dbgfs_current_sleep_command_read 3 2081 NULL +idetape_chrdev_read_2097 idetape_chrdev_read 3 2097 NULL +audit_expand_2098 audit_expand 0 2098 NULL ++__set_print_fmt_2106 __set_print_fmt 0 2106 NULL +iwl_dbgfs_log_event_read_2107 iwl_dbgfs_log_event_read 3 2107 NULL +ecryptfs_encrypt_and_encode_filename_2109 ecryptfs_encrypt_and_encode_filename 6 2109 NULL ++btrfs_file_extent_inline_len_2116 btrfs_file_extent_inline_len 0 2116 NULL +enable_read_2117 enable_read 3 2117 NULL +pcf50633_write_block_2124 pcf50633_write_block 2-3 2124 NULL ++xfs_recover_inode_owner_change_2132 xfs_recover_inode_owner_change 0 2132 NULL +check_load_and_stores_2143 check_load_and_stores 2 2143 NULL +iov_iter_count_2152 iov_iter_count 0 2152 NULL +__copy_to_user_ll_2157 __copy_to_user_ll 0-3 2157 NULL +_ore_get_io_state_2166 _ore_get_io_state 3-4-5 2166 NULL +bio_integrity_alloc_2194 bio_integrity_alloc 3 2194 NULL +picolcd_debug_reset_write_2195 picolcd_debug_reset_write 3 2195 NULL ++xfs_inobt_update_2206 xfs_inobt_update 0 2206 NULL +u32_array_read_2219 u32_array_read 3 2219 NULL nohasharray +mei_dbgfs_read_meclients_2219 mei_dbgfs_read_meclients 3 2219 &u32_array_read_2219 -+vhci_write_2224 vhci_write 3 2224 NULL +__ocfs2_journal_access_2241 __ocfs2_journal_access 0 2241 NULL +ieee80211_if_read_dot11MeshHWMPRannInterval_2249 ieee80211_if_read_dot11MeshHWMPRannInterval 3 2249 NULL +netlbl_secattr_catmap_walk_2255 netlbl_secattr_catmap_walk 0-2 2255 NULL @@ -108394,6 +114436,7 @@ index 0000000..9529806 +do_update_counters_2259 do_update_counters 4 2259 NULL +ath6kl_wmi_bssinfo_event_rx_2275 ath6kl_wmi_bssinfo_event_rx 3 2275 NULL +debug_debug5_read_2291 debug_debug5_read 3 2291 NULL ++sr_read_cmd_2299 sr_read_cmd 5 2299 NULL +kvm_clear_guest_page_2308 kvm_clear_guest_page 4 2308 NULL +intel_sdvo_set_value_2311 intel_sdvo_set_value 4 2311 NULL +hfsplus_find_init_2318 hfsplus_find_init 0 2318 NULL nohasharray @@ -108401,9 +114444,9 @@ index 0000000..9529806 +dice_hwdep_read_2326 dice_hwdep_read 3 2326 NULL +__erst_read_to_erange_2341 __erst_read_to_erange 0 2341 NULL +zr364xx_read_2354 zr364xx_read 3 2354 NULL -+sysfs_add_file_mode_ns_2362 sysfs_add_file_mode_ns 0 2362 NULL ++ntfs_file_aio_write_nolock_2360 ntfs_file_aio_write_nolock 0 2360 NULL +viafb_iga2_odev_proc_write_2363 viafb_iga2_odev_proc_write 3 2363 NULL -+xfs_buf_map_from_irec_2368 xfs_buf_map_from_irec 5 2368 NULL nohasharray ++xfs_buf_map_from_irec_2368 xfs_buf_map_from_irec 5-0 2368 NULL nohasharray +rose_recvmsg_2368 rose_recvmsg 4 2368 &xfs_buf_map_from_irec_2368 +il_dbgfs_sensitivity_read_2370 il_dbgfs_sensitivity_read 3 2370 NULL +rxpipe_rx_prep_beacon_drop_read_2403 rxpipe_rx_prep_beacon_drop_read 3 2403 NULL @@ -108412,11 +114455,12 @@ index 0000000..9529806 +b43legacy_debugfs_read_2473 b43legacy_debugfs_read 3 2473 NULL +wiphy_new_2482 wiphy_new 2 2482 NULL +bio_alloc_bioset_2484 bio_alloc_bioset 2 2484 NULL -+hfsplus_user_setxattr_2485 hfsplus_user_setxattr 4 2485 NULL +squashfs_read_fragment_index_table_2506 squashfs_read_fragment_index_table 4 2506 NULL +v9fs_cached_file_read_2514 v9fs_cached_file_read 3 2514 NULL +ext4_get_inode_loc_2516 ext4_get_inode_loc 0 2516 NULL +batadv_tvlv_container_list_size_2524 batadv_tvlv_container_list_size 0 2524 NULL ++smk_write_syslog_2529 smk_write_syslog 3 2529 NULL ++__ceph_setxattr_2532 __ceph_setxattr 4 2532 NULL +gspca_dev_probe_2570 gspca_dev_probe 4 2570 NULL +pcm_sanity_check_2574 pcm_sanity_check 0 2574 NULL +mdc_max_rpcs_in_flight_seq_write_2594 mdc_max_rpcs_in_flight_seq_write 3 2594 NULL @@ -108430,8 +114474,10 @@ index 0000000..9529806 +nfc_llcp_send_ui_frame_2702 nfc_llcp_send_ui_frame 5 2702 NULL +memcpy_fromiovecend_2707 memcpy_fromiovecend 3-4 2707 NULL +lprocfs_stats_counter_size_2708 lprocfs_stats_counter_size 0 2708 NULL ++gfs2_glock_nq_num_2747 gfs2_glock_nq_num 0 2747 NULL +xfs_readdir_2767 xfs_readdir 3 2767 NULL +mon_bin_ioctl_2771 mon_bin_ioctl 3 2771 NULL ++set_msr_hyperv_pw_2785 set_msr_hyperv_pw 3 2785 NULL +device_add_attrs_2789 device_add_attrs 0 2789 NULL +iwl_dbgfs_clear_ucode_statistics_write_2804 iwl_dbgfs_clear_ucode_statistics_write 3 2804 NULL +sel_read_enforce_2828 sel_read_enforce 3 2828 NULL @@ -108449,12 +114495,15 @@ index 0000000..9529806 +i40e_dbg_prep_dump_buf_2951 i40e_dbg_prep_dump_buf 2 2951 NULL +set_fast_connectable_2952 set_fast_connectable 4 2952 NULL +free_area_init_core_2962 free_area_init_core 2-3 2962 NULL ++bio_setup_sector_2970 bio_setup_sector 3 2970 NULL +do_strnlen_user_2976 do_strnlen_user 0-2 2976 NULL +p9_nr_pages_2992 p9_nr_pages 0-2 2992 NULL ++_xfs_filestream_pick_ag_3007 _xfs_filestream_pick_ag 0 3007 NULL +lov_stripetype_seq_write_3013 lov_stripetype_seq_write 3 3013 NULL +do_dmabuf_dirty_sou_3017 do_dmabuf_dirty_sou 7 3017 NULL +depth_write_3021 depth_write 3 3021 NULL +snd_azf3328_codec_inl_3022 snd_azf3328_codec_inl 0 3022 NULL ++nvme_split_and_submit_3027 nvme_split_and_submit 3 3027 NULL +kvm_unmap_hva_3028 kvm_unmap_hva 2 3028 NULL +xfrm_dst_alloc_copy_3034 xfrm_dst_alloc_copy 3 3034 NULL +lpfc_idiag_mbxacc_write_3038 lpfc_idiag_mbxacc_write 3 3038 NULL nohasharray @@ -108465,14 +114514,14 @@ index 0000000..9529806 +__blk_end_bidi_request_3070 __blk_end_bidi_request 3-4 3070 NULL +dac960_user_command_proc_write_3071 dac960_user_command_proc_write 3 3071 NULL +read_file_antenna_diversity_3077 read_file_antenna_diversity 3 3077 NULL -+clone_bio_3100 clone_bio 6 3100 NULL nohasharray -+ttusb2_msg_3100 ttusb2_msg 4 3100 &clone_bio_3100 ++ttusb2_msg_3100 ttusb2_msg 4 3100 NULL +rb_alloc_3102 rb_alloc 1 3102 NULL +simple_write_to_buffer_3122 simple_write_to_buffer 5-2 3122 NULL +print_time_3132 print_time 0 3132 NULL +fill_write_buffer_3142 fill_write_buffer 3 3142 NULL +CIFSSMBSetPosixACL_3154 CIFSSMBSetPosixACL 5 3154 NULL +compat_sys_migrate_pages_3157 compat_sys_migrate_pages 2 3157 NULL ++gfs2_rindex_update_3165 gfs2_rindex_update 0 3165 NULL +uv_num_possible_blades_3177 uv_num_possible_blades 0 3177 NULL +uvc_video_stats_dump_3181 uvc_video_stats_dump 3 3181 NULL +compat_do_ip6t_set_ctl_3184 compat_do_ip6t_set_ctl 4 3184 NULL @@ -108488,10 +114537,11 @@ index 0000000..9529806 +ext3_xattr_find_entry_3237 ext3_xattr_find_entry 0 3237 NULL +key_key_read_3241 key_key_read 3 3241 NULL +__ilog2_u64_3284 __ilog2_u64 0 3284 NULL ++__set_extent_bit_3305 __set_extent_bit 0 3305 NULL +__iovec_copy_from_user_inatomic_3314 __iovec_copy_from_user_inatomic 0-4-3 3314 NULL ++_iwl_dbgfs_d3_sram_write_3315 _iwl_dbgfs_d3_sram_write 3 3315 NULL +dbDiscardAG_3322 dbDiscardAG 3 3322 NULL +compat_sys_setsockopt_3326 compat_sys_setsockopt 5 3326 NULL -+ocfs2_extend_xattr_bucket_3328 ocfs2_extend_xattr_bucket 4 3328 NULL +read_from_oldmem_3337 read_from_oldmem 2 3337 NULL +sysfs_create_group_3339 sysfs_create_group 0 3339 NULL +tty_port_register_device_attr_3341 tty_port_register_device_attr 3 3341 NULL @@ -108508,10 +114558,8 @@ index 0000000..9529806 +crystalhd_create_dio_pool_3427 crystalhd_create_dio_pool 2 3427 NULL +SyS_msgsnd_3436 SyS_msgsnd 3 3436 NULL +pipe_iov_copy_to_user_3447 pipe_iov_copy_to_user 3 3447 NULL -+s3fb_ddc_read_3451 s3fb_ddc_read 0 3451 NULL +softsynth_write_3455 softsynth_write 3 3455 NULL -+snd_pcm_lib_readv_transfer_3464 snd_pcm_lib_readv_transfer 5-4-2 3464 NULL nohasharray -+jffs2_acl_setxattr_3464 jffs2_acl_setxattr 4 3464 &snd_pcm_lib_readv_transfer_3464 ++snd_pcm_lib_readv_transfer_3464 snd_pcm_lib_readv_transfer 5-4-2 3464 NULL +security_context_to_sid_default_3492 security_context_to_sid_default 2 3492 NULL +xfrm_migrate_msgsize_3496 xfrm_migrate_msgsize 1 3496 NULL +mem_tx_free_mem_blks_read_3521 mem_tx_free_mem_blks_read 3 3521 NULL @@ -108529,9 +114577,10 @@ index 0000000..9529806 +aligned_kmalloc_3628 aligned_kmalloc 1 3628 NULL +ath6kl_disconnect_timeout_read_3650 ath6kl_disconnect_timeout_read 3 3650 NULL +i915_compat_ioctl_3656 i915_compat_ioctl 2 3656 NULL ++xfs_attr3_leaf_list_int_3661 xfs_attr3_leaf_list_int 0 3661 NULL ++_iwl_dbgfs_tx_flush_write_3675 _iwl_dbgfs_tx_flush_write 3 3675 NULL +snd_m3_assp_read_3703 snd_m3_assp_read 0 3703 NULL -+ci_ll_write_3740 ci_ll_write 4 3740 NULL nohasharray -+ath6kl_mgmt_tx_3740 ath6kl_mgmt_tx 7 3740 &ci_ll_write_3740 ++ci_ll_write_3740 ci_ll_write 4 3740 NULL +sctp_setsockopt_auth_key_3793 sctp_setsockopt_auth_key 3 3793 NULL +ncp_file_write_3813 ncp_file_write 3 3813 NULL +llc_ui_recvmsg_3826 llc_ui_recvmsg 4 3826 NULL @@ -108549,9 +114598,9 @@ index 0000000..9529806 +SyS_move_pages_3920 SyS_move_pages 2 3920 NULL +hdlc_irq_one_3944 hdlc_irq_one 2 3944 NULL +brcmf_debugfs_fws_stats_read_3947 brcmf_debugfs_fws_stats_read 3 3947 NULL -+ll_get_max_mdsize_3962 ll_get_max_mdsize 0 3962 NULL +mite_bytes_written_to_memory_lb_3987 mite_bytes_written_to_memory_lb 0 3987 NULL +do_add_counters_3992 do_add_counters 3 3992 NULL ++xfs_bmbt_lookup_eq_3997 xfs_bmbt_lookup_eq 0 3997 NULL +obd_alloc_memmd_4002 obd_alloc_memmd 0 4002 NULL +userspace_status_4004 userspace_status 4 4004 NULL +xfs_check_block_4005 xfs_check_block 4 4005 NULL nohasharray @@ -108559,10 +114608,10 @@ index 0000000..9529806 +snd_hdsp_capture_copy_4011 snd_hdsp_capture_copy 5 4011 NULL +blk_end_request_4024 blk_end_request 3 4024 NULL +ext4_xattr_find_entry_4025 ext4_xattr_find_entry 0 4025 NULL ++xfs_free_ag_extent_4036 xfs_free_ag_extent 0 4036 NULL +mtip_hw_read_registers_4037 mtip_hw_read_registers 3 4037 NULL +read_file_queues_4078 read_file_queues 3 4078 NULL +fbcon_do_set_font_4079 fbcon_do_set_font 2-3 4079 NULL -+C_SYSC_rt_sigpending_4114 C_SYSC_rt_sigpending 2 4114 NULL +tm6000_read_4151 tm6000_read 3 4151 NULL +mpt_raid_phys_disk_get_num_paths_4155 mpt_raid_phys_disk_get_num_paths 0 4155 NULL +msg_bits_4158 msg_bits 0-3-4 4158 NULL @@ -108577,11 +114626,11 @@ index 0000000..9529806 +ath6kl_force_roam_write_4282 ath6kl_force_roam_write 3 4282 NULL +goldfish_audio_write_4284 goldfish_audio_write 3 4284 NULL +__usbnet_read_cmd_4299 __usbnet_read_cmd 7 4299 NULL -+dvb_ringbuffer_pkt_read_user_4303 dvb_ringbuffer_pkt_read_user 3-2-5 4303 NULL ++dvb_ringbuffer_pkt_read_user_4303 dvb_ringbuffer_pkt_read_user 2-3-5 4303 NULL +count_strings_4315 count_strings 0 4315 NULL -+__sysfs_add_one_4326 __sysfs_add_one 0 4326 NULL +nouveau_fifo_create__4327 nouveau_fifo_create_ 5-6 4327 NULL +snd_rawmidi_kernel_read_4328 snd_rawmidi_kernel_read 3 4328 NULL ++ima_eventdigest_init_common_4338 ima_eventdigest_init_common 2 4338 NULL +__copy_from_user_inatomic_4365 __copy_from_user_inatomic 0-3 4365 NULL nohasharray +lookup_string_4365 lookup_string 0 4365 &__copy_from_user_inatomic_4365 +irda_sendmsg_4388 irda_sendmsg 4 4388 NULL @@ -108594,6 +114643,7 @@ index 0000000..9529806 +snd_seq_expand_var_event_4481 snd_seq_expand_var_event 5-0 4481 NULL +vmbus_establish_gpadl_4495 vmbus_establish_gpadl 3 4495 NULL +set_link_security_4502 set_link_security 4 4502 NULL ++xfs_btree_kill_root_4526 xfs_btree_kill_root 0 4526 NULL +ll_max_readahead_per_file_mb_seq_write_4531 ll_max_readahead_per_file_mb_seq_write 3 4531 NULL +tty_register_device_4544 tty_register_device 2 4544 NULL +btrfs_file_extent_inline_item_len_4575 btrfs_file_extent_inline_item_len 0 4575 NULL @@ -108655,8 +114705,10 @@ index 0000000..9529806 +cq_free_res_5355 cq_free_res 5 5355 NULL +ps_pspoll_utilization_read_5361 ps_pspoll_utilization_read 3 5361 NULL +cciss_allocate_sg_chain_blocks_5368 cciss_allocate_sg_chain_blocks 3-2 5368 NULL -+__split_bvec_across_targets_5454 __split_bvec_across_targets 3 5454 NULL ++xfs_free_extent_5411 xfs_free_extent 0 5411 NULL +xfs_efd_init_5463 xfs_efd_init 3 5463 NULL ++ll_xattr_cache_refill_5468 ll_xattr_cache_refill 0 5468 NULL ++kernfs_fop_write_5471 kernfs_fop_write 3 5471 NULL +xfs_efi_init_5476 xfs_efi_init 2 5476 NULL +cifs_security_flags_proc_write_5484 cifs_security_flags_proc_write 3 5484 NULL +tty_write_5494 tty_write 3 5494 NULL @@ -108667,8 +114719,11 @@ index 0000000..9529806 +get_entry_msg_len_5552 get_entry_msg_len 0 5552 NULL +le_readq_5557 le_readq 0 5557 NULL +inw_5558 inw 0 5558 NULL ++gfs2_extent_map_5561 gfs2_extent_map 0 5561 NULL +bioset_create_5580 bioset_create 1 5580 NULL +oz_ep_alloc_5587 oz_ep_alloc 1 5587 NULL ++__remove_suid_5618 __remove_suid 0 5618 NULL ++gfs2_unstuffer_page_5620 gfs2_unstuffer_page 0 5620 NULL +SYSC_fsetxattr_5639 SYSC_fsetxattr 4 5639 NULL +ext4_xattr_get_5661 ext4_xattr_get 0 5661 NULL +posix_clock_register_5662 posix_clock_register 2 5662 NULL @@ -108683,11 +114738,10 @@ index 0000000..9529806 +nv50_disp_pioc_create__5812 nv50_disp_pioc_create_ 5 5812 NULL +ceph_x_encrypt_buflen_5829 ceph_x_encrypt_buflen 0-1 5829 NULL +ceph_msg_new_5846 ceph_msg_new 2 5846 NULL -+setup_req_5848 setup_req 3-0 5848 NULL ++setup_req_5848 setup_req 3 5848 NULL +ria_page_count_5849 ria_page_count 0 5849 NULL +rx_filter_max_arp_queue_dep_read_5851 rx_filter_max_arp_queue_dep_read 3 5851 NULL +config_buf_5862 config_buf 0 5862 NULL -+iwl_dbgfs_scan_ant_rxchain_write_5877 iwl_dbgfs_scan_ant_rxchain_write 3 5877 NULL +lprocfs_fid_width_seq_write_5889 lprocfs_fid_width_seq_write 3 5889 NULL +port_show_regs_5904 port_show_regs 3 5904 NULL +rbd_segment_length_5907 rbd_segment_length 0-3-2 5907 NULL @@ -108698,15 +114752,16 @@ index 0000000..9529806 +ll_statahead_one_5962 ll_statahead_one 3 5962 NULL +__apu_get_register_5967 __apu_get_register 0 5967 NULL +ieee80211_if_fmt_rc_rateidx_mask_5ghz_5971 ieee80211_if_fmt_rc_rateidx_mask_5ghz 3 5971 NULL -+SyS_semop_5980 SyS_semop 3 5980 NULL +alloc_msg_6072 alloc_msg 1 6072 NULL +sctp_setsockopt_connectx_6073 sctp_setsockopt_connectx 3 6073 NULL +rts51x_ms_rw_multi_sector_6076 rts51x_ms_rw_multi_sector 3-4 6076 NULL ++__mnt_want_write_6091 __mnt_want_write 0 6091 NULL +ipmi_addr_length_6110 ipmi_addr_length 0 6110 NULL +dfs_global_file_write_6112 dfs_global_file_write 3 6112 NULL +nouveau_parent_create__6131 nouveau_parent_create_ 7 6131 NULL +ieee80211_if_fmt_beacon_timeout_6153 ieee80211_if_fmt_beacon_timeout 3 6153 NULL +ivtv_copy_buf_to_user_6159 ivtv_copy_buf_to_user 4 6159 NULL ++maybe_insert_hole_6167 maybe_insert_hole 3 6167 NULL +wl1251_cmd_template_set_6172 wl1251_cmd_template_set 4 6172 NULL +SyS_setgroups_6182 SyS_setgroups 1 6182 NULL +mxt_show_instance_6207 mxt_show_instance 2-0 6207 NULL @@ -108728,6 +114783,7 @@ index 0000000..9529806 +mei_dbgfs_read_devstate_6352 mei_dbgfs_read_devstate 3 6352 NULL +_proc_do_string_6376 _proc_do_string 2 6376 NULL +osd_req_read_sg_kern_6378 osd_req_read_sg_kern 5 6378 NULL ++xfs_bmap_extents_to_btree_6387 xfs_bmap_extents_to_btree 0 6387 NULL +posix_acl_fix_xattr_userns_6420 posix_acl_fix_xattr_userns 4 6420 NULL +add_transaction_credits_6422 add_transaction_credits 2-3 6422 NULL +ipr_change_queue_depth_6431 ipr_change_queue_depth 2 6431 NULL @@ -108742,8 +114798,8 @@ index 0000000..9529806 +dm_stats_create_6551 dm_stats_create 4-2-3 6551 NULL +fb_alloc_cmap_6554 fb_alloc_cmap 2 6554 NULL +SyS_semtimedop_6563 SyS_semtimedop 3 6563 NULL ++xfs_iozero_6573 xfs_iozero 0 6573 NULL +ecryptfs_filldir_6622 ecryptfs_filldir 3 6622 NULL -+xfs_do_div_6649 xfs_do_div 0-2 6649 NULL +process_rcvd_data_6679 process_rcvd_data 3 6679 NULL +btrfs_lookup_csums_range_6696 btrfs_lookup_csums_range 2-3 6696 NULL +ps_pspoll_max_apturn_read_6699 ps_pspoll_max_apturn_read 3 6699 NULL @@ -108757,11 +114813,13 @@ index 0000000..9529806 +ieee80211_if_read_6785 ieee80211_if_read 3 6785 NULL +zone_spanned_pages_in_node_6787 zone_spanned_pages_in_node 0-3-4 6787 NULL +hdlcdrv_register_6792 hdlcdrv_register 2 6792 NULL ++ll_xattr_cache_find_6798 ll_xattr_cache_find 0 6798 NULL +tx_tx_done_data_read_6799 tx_tx_done_data_read 3 6799 NULL +lbs_rdrf_write_6826 lbs_rdrf_write 3 6826 NULL +calc_pages_for_6838 calc_pages_for 0-1-2 6838 NULL +mon_bin_read_6841 mon_bin_read 3 6841 NULL +snd_cs4281_BA0_read_6847 snd_cs4281_BA0_read 5 6847 NULL ++xfs_rtany_summary_6851 xfs_rtany_summary 0 6851 NULL +perf_output_sample_ustack_6868 perf_output_sample_ustack 2 6868 NULL +dio_complete_6879 dio_complete 0-2-3 6879 NULL +raw_seticmpfilter_6888 raw_seticmpfilter 3 6888 NULL nohasharray @@ -108771,7 +114829,7 @@ index 0000000..9529806 +spi_show_regs_6911 spi_show_regs 3 6911 &proc_sessionid_read_6911 nohasharray +acm_alloc_minor_6911 acm_alloc_minor 0 6911 &spi_show_regs_6911 +__kfifo_dma_in_finish_r_6913 __kfifo_dma_in_finish_r 2-3 6913 NULL -+do_msgrcv_6921 do_msgrcv 3 6921 NULL ++lops_scan_elements_6916 lops_scan_elements 0 6916 NULL +cache_do_downcall_6926 cache_do_downcall 3 6926 NULL +ipath_verbs_send_dma_6929 ipath_verbs_send_dma 6 6929 NULL +qsfp_cks_6945 qsfp_cks 2-0 6945 NULL @@ -108786,6 +114844,7 @@ index 0000000..9529806 +tracing_cpumask_read_7010 tracing_cpumask_read 3 7010 NULL +ld_usb_write_7022 ld_usb_write 3 7022 NULL +wimax_msg_7030 wimax_msg 4 7030 NULL ++ceph_kvmalloc_7033 ceph_kvmalloc 1 7033 NULL +ipath_get_base_info_7043 ipath_get_base_info 3 7043 NULL +snd_pcm_oss_bytes_7051 snd_pcm_oss_bytes 2 7051 NULL +hci_sock_recvmsg_7072 hci_sock_recvmsg 4 7072 NULL @@ -108800,9 +114859,12 @@ index 0000000..9529806 +f_midi_start_ep_7270 f_midi_start_ep 0 7270 NULL +rx_rate_rx_frames_per_rates_read_7282 rx_rate_rx_frames_per_rates_read 3 7282 NULL +get_string_7302 get_string 0 7302 NULL ++security_inode_need_killpriv_7322 security_inode_need_killpriv 0 7322 NULL ++pci_vpd_info_field_size_7324 pci_vpd_info_field_size 0 7324 NULL +mgmt_control_7349 mgmt_control 3 7349 NULL +at_est2timeout_7365 at_est2timeout 0-1 7365 NULL +ieee80211_if_read_dot11MeshHWMPactivePathTimeout_7368 ieee80211_if_read_dot11MeshHWMPactivePathTimeout 3 7368 NULL ++xfs_btree_delete_7384 xfs_btree_delete 0 7384 NULL +ath10k_read_fw_stats_7387 ath10k_read_fw_stats 3 7387 NULL +hweight_long_7388 hweight_long 1-0 7388 NULL +sl_change_mtu_7396 sl_change_mtu 2 7396 NULL @@ -108828,6 +114890,7 @@ index 0000000..9529806 +groups_alloc_7614 groups_alloc 1 7614 NULL nohasharray +create_dir_7614 create_dir 0 7614 &groups_alloc_7614 +_rtw_zmalloc_7636 _rtw_zmalloc 1 7636 NULL ++xfs_bmap_btalloc_nullfb_7654 xfs_bmap_btalloc_nullfb 0 7654 NULL +fault_inject_write_7662 fault_inject_write 3 7662 NULL +acpi_ex_allocate_name_string_7685 acpi_ex_allocate_name_string 2-1 7685 NULL +acpi_ns_get_pathname_length_7699 acpi_ns_get_pathname_length 0 7699 NULL @@ -108840,9 +114903,11 @@ index 0000000..9529806 +bnx2_nvram_write_7790 bnx2_nvram_write 4-2 7790 NULL +diva_os_copy_from_user_7792 diva_os_copy_from_user 4 7792 NULL nohasharray +lustre_packed_msg_size_7792 lustre_packed_msg_size 0 7792 &diva_os_copy_from_user_7792 ++xfs_alloc_find_best_extent_7837 xfs_alloc_find_best_extent 0 7837 NULL +cfs_trace_dump_debug_buffer_usrstr_7861 cfs_trace_dump_debug_buffer_usrstr 2 7861 NULL +tipc_alloc_entry_7875 tipc_alloc_entry 2 7875 NULL +config_desc_7878 config_desc 0 7878 NULL ++gfs2_permission_7884 gfs2_permission 0 7884 NULL +dvb_dmxdev_read_sec_7892 dvb_dmxdev_read_sec 4 7892 NULL +xfs_trans_get_efi_7898 xfs_trans_get_efi 2 7898 NULL +libfc_host_alloc_7917 libfc_host_alloc 2 7917 NULL @@ -108858,7 +114923,6 @@ index 0000000..9529806 +qla4xxx_post_ping_evt_work_8074 qla4xxx_post_ping_evt_work 4 8074 NULL +venus_lookup_8121 venus_lookup 4 8121 NULL +ieee80211_if_fmt_num_buffered_multicast_8127 ieee80211_if_fmt_num_buffered_multicast 3 8127 NULL -+xfs_file_fallocate_8150 xfs_file_fallocate 3-4 8150 NULL +__sk_mem_schedule_8185 __sk_mem_schedule 2 8185 NULL +ieee80211_if_fmt_dot11MeshHoldingTimeout_8187 ieee80211_if_fmt_dot11MeshHoldingTimeout 3 8187 NULL +recent_mt_proc_write_8206 recent_mt_proc_write 3 8206 NULL @@ -108868,7 +114932,6 @@ index 0000000..9529806 +play_iframe_8219 play_iframe 3 8219 NULL +kvm_mmu_page_set_gfn_8225 kvm_mmu_page_set_gfn 2 8225 NULL +sctp_ssnmap_size_8228 sctp_ssnmap_size 0-1-2 8228 NULL -+ceph_sync_write_8233 ceph_sync_write 4 8233 NULL +check_xattr_ref_inode_8244 check_xattr_ref_inode 0 8244 NULL +t3_init_l2t_8261 t3_init_l2t 1 8261 NULL +init_cdev_8274 init_cdev 1 8274 NULL @@ -108898,10 +114961,10 @@ index 0000000..9529806 +tower_write_8580 tower_write 3 8580 NULL +cfs_cpt_number_8618 cfs_cpt_number 0 8618 NULL +shash_setkey_unaligned_8620 shash_setkey_unaligned 3 8620 NULL ++xfs_qm_dqattach_locked_8625 xfs_qm_dqattach_locked 0 8625 NULL +it821x_firmware_command_8628 it821x_firmware_command 3 8628 NULL +scsi_dma_map_8632 scsi_dma_map 0 8632 NULL +fuse_send_write_pages_8636 fuse_send_write_pages 0-5 8636 NULL -+generic_acl_set_8658 generic_acl_set 4 8658 NULL +mlx5_vzalloc_8663 mlx5_vzalloc 1 8663 NULL +dio_bio_alloc_8677 dio_bio_alloc 5 8677 NULL +lbs_bcnmiss_read_8678 lbs_bcnmiss_read 3 8678 NULL @@ -108924,12 +114987,16 @@ index 0000000..9529806 +paging32_prefetch_gpte_8783 paging32_prefetch_gpte 4 8783 NULL +ext4_try_to_write_inline_data_8785 ext4_try_to_write_inline_data 3-4 8785 NULL +__bitmap_weight_8796 __bitmap_weight 0-2 8796 NULL -+cpuset_common_file_read_8800 cpuset_common_file_read 5 8800 NULL ++gfs2_glock_nq_8808 gfs2_glock_nq 0 8808 NULL ++ntfs_commit_pages_after_write_8809 ntfs_commit_pages_after_write 0 8809 NULL +metronomefb_write_8823 metronomefb_write 3 8823 NULL +SyS_llistxattr_8824 SyS_llistxattr 3 8824 NULL ++extent_read_full_page_8826 extent_read_full_page 0 8826 NULL ++ll_xattr_cache_get_8829 ll_xattr_cache_get 0 8829 NULL +get_queue_depth_8833 get_queue_depth 0 8833 NULL +dvb_ringbuffer_pkt_next_8834 dvb_ringbuffer_pkt_next 0-2 8834 NULL +usb_ep_queue_8839 usb_ep_queue 0 8839 NULL ++iwl_rx_packet_len_8854 iwl_rx_packet_len 0 8854 NULL +debug_debug1_read_8856 debug_debug1_read 3 8856 NULL +wa_nep_queue_8858 wa_nep_queue 2 8858 NULL +radeon_drm_ioctl_8875 radeon_drm_ioctl 2 8875 NULL @@ -108951,9 +115018,12 @@ index 0000000..9529806 +bio_integrity_get_tag_8974 bio_integrity_get_tag 3 8974 NULL +jbd2_journal_blocks_per_page_9004 jbd2_journal_blocks_per_page 0 9004 NULL +il_dbgfs_clear_ucode_stats_write_9016 il_dbgfs_clear_ucode_stats_write 3 9016 NULL ++xfs_inobt_get_rec_9023 xfs_inobt_get_rec 0 9023 NULL +snd_emu10k1_ptr_read_9026 snd_emu10k1_ptr_read 0-2 9026 NULL +fd_ioctl_9028 fd_ioctl 3 9028 NULL +nla_put_9042 nla_put 3 9042 NULL ++ffs_func_revmap_intf_9043 ffs_func_revmap_intf 0 9043 NULL ++sta_tx_latency_stat_header_9050 sta_tx_latency_stat_header 0-3-4 9050 NULL +snd_emu10k1_synth_copy_from_user_9061 snd_emu10k1_synth_copy_from_user 3-5 9061 NULL +snd_gus_dram_peek_9062 snd_gus_dram_peek 4 9062 NULL +fib_info_hash_alloc_9075 fib_info_hash_alloc 1 9075 NULL @@ -108961,7 +115031,8 @@ index 0000000..9529806 +ftdi_prepare_write_buffer_9093 ftdi_prepare_write_buffer 3 9093 NULL +adxl34x_spi_read_block_9108 adxl34x_spi_read_block 3 9108 NULL +caif_stream_sendmsg_9110 caif_stream_sendmsg 4 9110 NULL nohasharray -+gfn_to_rmap_9110 gfn_to_rmap 3-2 9110 &caif_stream_sendmsg_9110 ++gfn_to_rmap_9110 gfn_to_rmap 3-2 9110 &caif_stream_sendmsg_9110 nohasharray ++jhead_scan_9110 jhead_scan 0 9110 &gfn_to_rmap_9110 +udf_direct_IO_9111 udf_direct_IO 4 9111 NULL +pmcraid_change_queue_depth_9116 pmcraid_change_queue_depth 2 9116 NULL +apei_resources_merge_9149 apei_resources_merge 0 9149 NULL @@ -108969,11 +115040,13 @@ index 0000000..9529806 +dbg_command_buf_9165 dbg_command_buf 2 9165 NULL +isr_irqs_read_9181 isr_irqs_read 3 9181 NULL +count_leading_zeros_9183 count_leading_zeros 0 9183 NULL ++xfs_btree_rshift_9187 xfs_btree_rshift 0 9187 NULL +altera_swap_ir_9194 altera_swap_ir 2 9194 NULL +snd_m3_get_pointer_9206 snd_m3_get_pointer 0 9206 NULL +virtqueue_add_9217 virtqueue_add 4-5 9217 NULL +tx_tx_prepared_descs_read_9221 tx_tx_prepared_descs_read 3 9221 NULL +sctp_getsockopt_delayed_ack_9232 sctp_getsockopt_delayed_ack 2 9232 NULL ++xfs_error_trap_9239 xfs_error_trap 0-1 9239 NULL +hfsplus_bnode_read_u16_9262 hfsplus_bnode_read_u16 0 9262 NULL +hdpvr_read_9273 hdpvr_read 3 9273 NULL +flakey_status_9274 flakey_status 5 9274 NULL @@ -108993,7 +115066,6 @@ index 0000000..9529806 +bm_realloc_pages_9431 bm_realloc_pages 2 9431 NULL +ffs_ep0_write_9438 ffs_ep0_write 3 9438 NULL +ieee80211_if_fmt_fwded_unicast_9454 ieee80211_if_fmt_fwded_unicast 3 9454 NULL -+ext3_xattr_set_acl_9467 ext3_xattr_set_acl 4 9467 NULL +agp_generic_alloc_user_9470 agp_generic_alloc_user 1 9470 NULL nohasharray +get_registers_9470 get_registers 4 9470 &agp_generic_alloc_user_9470 +crypt_status_9492 crypt_status 5 9492 NULL @@ -109004,12 +115076,14 @@ index 0000000..9529806 +ll_max_read_ahead_whole_mb_seq_write_9528 ll_max_read_ahead_whole_mb_seq_write 3 9528 NULL +read_file_dma_9530 read_file_dma 3 9530 NULL +iwl_dbgfs_bf_params_read_9542 iwl_dbgfs_bf_params_read 3 9542 NULL ++xfs_ialloc_read_agi_9545 xfs_ialloc_read_agi 0 9545 NULL +il_dbgfs_missed_beacon_write_9546 il_dbgfs_missed_beacon_write 3 9546 NULL +compat_SyS_pwritev64_9548 compat_SyS_pwritev64 3 9548 NULL +fw_node_create_9559 fw_node_create 2 9559 NULL +kobj_map_9566 kobj_map 2-3 9566 NULL +f2fs_read_data_pages_9574 f2fs_read_data_pages 4 9574 NULL +snd_emu10k1_fx8010_read_9605 snd_emu10k1_fx8010_read 5-6 9605 NULL ++xfs_qm_dqattach_one_9612 xfs_qm_dqattach_one 0 9612 NULL +lov_ost_pool_add_9626 lov_ost_pool_add 3 9626 NULL +saa7164_buffer_alloc_user_9627 saa7164_buffer_alloc_user 2 9627 NULL +ceph_copy_user_to_page_vector_9635 ceph_copy_user_to_page_vector 4-3 9635 NULL @@ -109030,16 +115104,16 @@ index 0000000..9529806 +SYSC_ppoll_9721 SYSC_ppoll 2 9721 NULL +nla_get_u8_9736 nla_get_u8 0 9736 NULL +ieee80211_if_fmt_num_mcast_sta_9738 ieee80211_if_fmt_num_mcast_sta 3 9738 NULL ++shmem_replace_page_9740 shmem_replace_page 0 9740 NULL +ddb_input_read_9743 ddb_input_read 3-0 9743 NULL +sta_last_ack_signal_read_9751 sta_last_ack_signal_read 3 9751 NULL +btrfs_super_root_9763 btrfs_super_root 0 9763 NULL +__blk_queue_init_tags_9778 __blk_queue_init_tags 2 9778 NULL -+snd_mem_proc_write_9786 snd_mem_proc_write 3 9786 NULL +kvm_age_hva_9795 kvm_age_hva 2 9795 NULL +parse_uac2_sample_rate_range_9801 parse_uac2_sample_rate_range 0 9801 NULL +tpm_data_in_9802 tpm_data_in 0 9802 NULL -+udpv6_recvmsg_9813 udpv6_recvmsg 4 9813 NULL nohasharray -+ieee80211_if_read_state_9813 ieee80211_if_read_state 3 9813 &udpv6_recvmsg_9813 ++ieee80211_if_read_state_9813 ieee80211_if_read_state 3 9813 NULL nohasharray ++udpv6_recvmsg_9813 udpv6_recvmsg 4 9813 &ieee80211_if_read_state_9813 +pmcraid_alloc_sglist_9864 pmcraid_alloc_sglist 1 9864 NULL +btrfs_free_reserved_extent_9867 btrfs_free_reserved_extent 2 9867 NULL +f1x_translate_sysaddr_to_cs_9868 f1x_translate_sysaddr_to_cs 2 9868 NULL @@ -109052,13 +115126,17 @@ index 0000000..9529806 +pstore_ftrace_knob_read_9947 pstore_ftrace_knob_read 3 9947 NULL +read_file_misc_9948 read_file_misc 3 9948 NULL +csum_partial_copy_fromiovecend_9957 csum_partial_copy_fromiovecend 3-4 9957 NULL ++xfs_buf_geterror_9959 xfs_buf_geterror 0 9959 NULL +SyS_gethostname_9964 SyS_gethostname 2 9964 NULL +get_free_serial_index_9969 get_free_serial_index 0 9969 NULL +btrfs_add_link_9973 btrfs_add_link 5 9973 NULL +gameport_read_9983 gameport_read 0 9983 NULL +SYSC_move_pages_9986 SYSC_move_pages 2 9986 NULL ++ceph_oloc_oid_to_pg_10003 ceph_oloc_oid_to_pg 0 10003 NULL +aat2870_dump_reg_10019 aat2870_dump_reg 0 10019 NULL +ieee80211_set_probe_resp_10077 ieee80211_set_probe_resp 3 10077 NULL ++xfs_attr_rmtval_get_10092 xfs_attr_rmtval_get 0 10092 NULL ++xfs_btree_check_lptr_10104 xfs_btree_check_lptr 0 10104 NULL +get_elem_size_10110 get_elem_size 0-2 10110 NULL nohasharray +dynamic_ps_timeout_read_10110 dynamic_ps_timeout_read 3 10110 &get_elem_size_10110 +gfs2_meta_read_10112 gfs2_meta_read 0 10112 NULL @@ -109070,6 +115148,8 @@ index 0000000..9529806 +kstrtol_from_user_10168 kstrtol_from_user 2 10168 NULL +proc_pid_attr_read_10173 proc_pid_attr_read 3 10173 NULL +jffs2_user_setxattr_10182 jffs2_user_setxattr 4 10182 NULL ++xfs_attr_rmtval_copyout_10222 xfs_attr_rmtval_copyout 0 10222 NULL nohasharray ++xfs_btree_read_buf_block_10222 xfs_btree_read_buf_block 0 10222 &xfs_attr_rmtval_copyout_10222 +hdlc_rpr_irq_10240 hdlc_rpr_irq 2 10240 NULL +cciss_proc_write_10259 cciss_proc_write 3 10259 NULL +__qlcnic_pci_sriov_enable_10281 __qlcnic_pci_sriov_enable 2 10281 NULL @@ -109103,6 +115183,7 @@ index 0000000..9529806 +otp_read_10594 otp_read 2-4-5 10594 NULL +supply_map_read_file_10608 supply_map_read_file 3 10608 NULL +ima_show_htable_violations_10619 ima_show_htable_violations 3 10619 NULL ++fq_alloc_node_10633 fq_alloc_node 1 10633 NULL +nfs_idmap_lookup_id_10660 nfs_idmap_lookup_id 2 10660 NULL +efx_max_tx_len_10662 efx_max_tx_len 0-2 10662 NULL +parport_write_10669 parport_write 0 10669 NULL @@ -109112,10 +115193,11 @@ index 0000000..9529806 +shash_async_setkey_10720 shash_async_setkey 3 10720 NULL nohasharray +pvr2_ioread_read_10720 pvr2_ioread_read 3 10720 &shash_async_setkey_10720 +spi_sync_10731 spi_sync 0 10731 NULL -+apu_get_register_10737 apu_get_register 0 10737 NULL nohasharray -+sctp_getsockopt_maxseg_10737 sctp_getsockopt_maxseg 2 10737 &apu_get_register_10737 ++sctp_getsockopt_maxseg_10737 sctp_getsockopt_maxseg 2 10737 NULL nohasharray ++apu_get_register_10737 apu_get_register 0 10737 &sctp_getsockopt_maxseg_10737 +SyS_io_getevents_10756 SyS_io_getevents 3 10756 NULL +vhost_add_used_n_10760 vhost_add_used_n 3 10760 NULL ++rd_build_prot_space_10761 rd_build_prot_space 2-3 10761 NULL +kvm_read_guest_atomic_10765 kvm_read_guest_atomic 4 10765 NULL +__qp_memcpy_to_queue_10779 __qp_memcpy_to_queue 2-4 10779 NULL +diva_set_trace_filter_10820 diva_set_trace_filter 0-1 10820 NULL @@ -109125,7 +115207,6 @@ index 0000000..9529806 +snd_pcm_oss_write1_10872 snd_pcm_oss_write1 3 10872 NULL +wiidebug_drm_write_10879 wiidebug_drm_write 3 10879 NULL +get_scq_10897 get_scq 2 10897 NULL -+cgroup_write_string_10900 cgroup_write_string 5 10900 NULL +tifm_alloc_adapter_10903 tifm_alloc_adapter 1 10903 NULL +lprocfs_wr_atomic_10912 lprocfs_wr_atomic 3 10912 NULL +__copy_from_user_10918 __copy_from_user 0-3 10918 NULL @@ -109136,18 +115217,17 @@ index 0000000..9529806 +sched_autogroup_write_10984 sched_autogroup_write 3 10984 NULL +xfrm_hash_alloc_10997 xfrm_hash_alloc 1 10997 NULL +rx_filter_accum_arp_pend_requests_read_11003 rx_filter_accum_arp_pend_requests_read 3 11003 NULL ++gfs2_dir_read_11017 gfs2_dir_read 0 11017 NULL +SetLineNumber_11023 SetLineNumber 0 11023 NULL +tda10048_writeregbulk_11050 tda10048_writeregbulk 4 11050 NULL +insert_inline_extent_backref_11063 insert_inline_extent_backref 8 11063 NULL +tcp_send_mss_11079 tcp_send_mss 0 11079 NULL +count_argc_11083 count_argc 0 11083 NULL -+ocfs2_blocks_per_xattr_bucket_11099 ocfs2_blocks_per_xattr_bucket 0 11099 NULL +kvm_write_guest_cached_11106 kvm_write_guest_cached 4 11106 NULL +tw_change_queue_depth_11116 tw_change_queue_depth 2 11116 NULL +page_offset_11120 page_offset 0 11120 NULL +cea_db_payload_len_11124 cea_db_payload_len 0 11124 NULL nohasharray +tracing_buffers_read_11124 tracing_buffers_read 3 11124 &cea_db_payload_len_11124 -+alloc_alien_cache_11127 alloc_alien_cache 2 11127 NULL +snd_gf1_pcm_playback_silence_11172 snd_gf1_pcm_playback_silence 4-3 11172 NULL +il_dbgfs_rx_queue_read_11221 il_dbgfs_rx_queue_read 3 11221 NULL +comedi_alloc_spriv_11234 comedi_alloc_spriv 2 11234 NULL @@ -109158,6 +115238,7 @@ index 0000000..9529806 +bcache_dev_sectors_dirty_add_11315 bcache_dev_sectors_dirty_add 3-4 11315 NULL +sk_filter_size_11316 sk_filter_size 0 11316 NULL nohasharray +tcp_send_rcvq_11316 tcp_send_rcvq 3 11316 &sk_filter_size_11316 ++shmem_radix_tree_replace_11325 shmem_radix_tree_replace 0 11325 NULL +construct_key_11329 construct_key 3 11329 NULL nohasharray +__kfifo_out_peek_11329 __kfifo_out_peek 0-3 11329 &construct_key_11329 +next_segment_11330 next_segment 0-2-1 11330 NULL @@ -109174,8 +115255,8 @@ index 0000000..9529806 +str_to_user_11411 str_to_user 2 11411 NULL +mem_fw_gen_free_mem_blks_read_11413 mem_fw_gen_free_mem_blks_read 3 11413 NULL +ath6kl_wmi_test_rx_11414 ath6kl_wmi_test_rx 3 11414 NULL -+adis16480_show_firmware_revision_11417 adis16480_show_firmware_revision 3 11417 NULL nohasharray -+import_sec_validate_get_11417 import_sec_validate_get 0 11417 &adis16480_show_firmware_revision_11417 ++xfs_btree_lookup_11417 xfs_btree_lookup 0 11417 NULL nohasharray ++adis16480_show_firmware_revision_11417 adis16480_show_firmware_revision 3 11417 &xfs_btree_lookup_11417 +trace_options_read_11419 trace_options_read 3 11419 NULL +i40e_dbg_command_write_11421 i40e_dbg_command_write 3 11421 NULL +xd_read_multiple_pages_11422 xd_read_multiple_pages 5-4 11422 NULL @@ -109184,11 +115265,13 @@ index 0000000..9529806 +do_blockdev_direct_IO_11455 do_blockdev_direct_IO 0-6 11455 NULL +pci_set_power_state_11479 pci_set_power_state 0 11479 NULL nohasharray +sca3000_read_first_n_hw_rb_11479 sca3000_read_first_n_hw_rb 2 11479 &pci_set_power_state_11479 -+xfs_file_buffered_aio_write_11492 xfs_file_buffered_aio_write 4 11492 NULL ++xfs_file_buffered_aio_write_11492 xfs_file_buffered_aio_write 4-0 11492 NULL +sd_do_mode_sense_11507 sd_do_mode_sense 5 11507 NULL +kmem_zalloc_11510 kmem_zalloc 1 11510 NULL +ll_direct_IO_26_seg_11518 ll_direct_IO_26_seg 0 11518 NULL +twl_direction_in_11527 twl_direction_in 2 11527 NULL ++xfs_rtcheck_alloc_range_11553 xfs_rtcheck_alloc_range 0 11553 NULL ++radix_tree_extend_11555 radix_tree_extend 0 11555 NULL +skb_cow_data_11565 skb_cow_data 0 11565 NULL +lpfc_idiag_ctlacc_write_11576 lpfc_idiag_ctlacc_write 3 11576 NULL +oprofilefs_ulong_to_user_11582 oprofilefs_ulong_to_user 3 11582 NULL @@ -109209,14 +115292,17 @@ index 0000000..9529806 +blk_rq_cur_bytes_11723 blk_rq_cur_bytes 0 11723 NULL +dm_bio_prison_create_11749 dm_bio_prison_create 1 11749 NULL +iwl_dbgfs_qos_read_11753 iwl_dbgfs_qos_read 3 11753 NULL ++ieee80211_get_num_supported_channels_11768 ieee80211_get_num_supported_channels 0 11768 NULL +ps_pspoll_timeouts_read_11776 ps_pspoll_timeouts_read 3 11776 NULL +btrfs_key_blockptr_11786 btrfs_key_blockptr 0 11786 NULL +pcpu_fc_alloc_11818 pcpu_fc_alloc 2 11818 NULL ++xfs_ialloc_11819 xfs_ialloc 0 11819 NULL +umc_device_register_11824 umc_device_register 0 11824 NULL +zerocopy_sg_from_iovec_11828 zerocopy_sg_from_iovec 3 11828 NULL +sctp_setsockopt_maxseg_11829 sctp_setsockopt_maxseg 3 11829 NULL +rts51x_read_status_11830 rts51x_read_status 4 11830 NULL +unix_stream_connect_11844 unix_stream_connect 3 11844 NULL ++xfs_file_aio_write_checks_11851 xfs_file_aio_write_checks 0 11851 NULL +ecryptfs_copy_filename_11868 ecryptfs_copy_filename 4 11868 NULL +ieee80211_rx_bss_info_11887 ieee80211_rx_bss_info 3 11887 NULL +mdc_rename_11899 mdc_rename 4-6 11899 NULL @@ -109235,6 +115321,7 @@ index 0000000..9529806 +ptc_proc_write_12076 ptc_proc_write 3 12076 NULL +batadv_tt_global_size_mod_12085 batadv_tt_global_size_mod 3 12085 NULL +rtw_malloc2d_12102 rtw_malloc2d 1-2-3 12102 NULL ++gfs2_find_jhead_12117 gfs2_find_jhead 0 12117 NULL +alloc_bulk_urbs_generic_12127 alloc_bulk_urbs_generic 5 12127 NULL +set_powered_12129 set_powered 4 12129 NULL +ramoops_init_prz_12134 ramoops_init_prz 5 12134 NULL @@ -109251,7 +115338,9 @@ index 0000000..9529806 +snd_pcm_kernel_ioctl_12219 snd_pcm_kernel_ioctl 0 12219 NULL +fuse_get_req_12221 fuse_get_req 2 12221 NULL nohasharray +aat2870_reg_read_file_12221 aat2870_reg_read_file 3 12221 &fuse_get_req_12221 ++xfs_attr3_leaf_read_12222 xfs_attr3_leaf_read 0 12222 NULL +__alloc_bootmem_low_nopanic_12235 __alloc_bootmem_low_nopanic 1 12235 NULL ++usnic_ib_qp_grp_dump_rows_12239 usnic_ib_qp_grp_dump_rows 3 12239 NULL +ib_uverbs_unmarshall_recv_12251 ib_uverbs_unmarshall_recv 5 12251 NULL +shash_compat_setkey_12267 shash_compat_setkey 3 12267 NULL +add_sctp_bind_addr_12269 add_sctp_bind_addr 3 12269 NULL @@ -109259,22 +115348,23 @@ index 0000000..9529806 +roundup_to_multiple_of_64_12288 roundup_to_multiple_of_64 0-1 12288 NULL nohasharray +il_dbgfs_nvm_read_12288 il_dbgfs_nvm_read 3 12288 &roundup_to_multiple_of_64_12288 +bt_sock_recvmsg_12316 bt_sock_recvmsg 4 12316 NULL ++usnic_transport_sock_to_str_12322 usnic_transport_sock_to_str 2-0 12322 NULL +pcbit_writecmd_12332 pcbit_writecmd 2 12332 NULL ++xfs_bmap_last_extent_12335 xfs_bmap_last_extent 0 12335 NULL +mptctl_ioctl_12355 mptctl_ioctl 2 12355 NULL +__nf_ct_ext_add_length_12364 __nf_ct_ext_add_length 3 12364 NULL +xfs_iext_inline_to_direct_12384 xfs_iext_inline_to_direct 2 12384 NULL -+btrfs_file_extent_ram_bytes_12391 btrfs_file_extent_ram_bytes 0 12391 NULL nohasharray -+populate_dir_12391 populate_dir 0 12391 &btrfs_file_extent_ram_bytes_12391 nohasharray ++populate_dir_12391 populate_dir 0 12391 NULL nohasharray +write_file_dump_12391 write_file_dump 3 12391 &populate_dir_12391 +hbucket_elem_add_12416 hbucket_elem_add 3 12416 NULL +ieee80211_if_read_num_mcast_sta_12419 ieee80211_if_read_num_mcast_sta 3 12419 NULL -+ptlrpc_set_wait_12426 ptlrpc_set_wait 0 12426 NULL +cfs_array_alloc_12441 cfs_array_alloc 2 12441 NULL +skb_do_copy_data_nocache_12465 skb_do_copy_data_nocache 5 12465 NULL +x25_sendmsg_12487 x25_sendmsg 4 12487 NULL +fnic_trace_ctrl_read_12497 fnic_trace_ctrl_read 3 12497 NULL ++__ceph_osdc_start_request_12502 __ceph_osdc_start_request 0 12502 NULL +qib_alloc_fast_reg_mr_12526 qib_alloc_fast_reg_mr 2 12526 NULL -+xfs_get_extsz_hint_12531 xfs_get_extsz_hint 0 12531 NULL ++write_inode_now_12565 write_inode_now 0 12565 NULL +hvc_alloc_12579 hvc_alloc 4 12579 NULL +pcpu_extend_area_map_12589 pcpu_extend_area_map 2 12589 NULL +tlbflush_write_file_12598 tlbflush_write_file 3 12598 NULL @@ -109286,10 +115376,8 @@ index 0000000..9529806 +nr_recvmsg_12649 nr_recvmsg 4 12649 NULL +rtw_android_get_link_speed_12655 rtw_android_get_link_speed 0 12655 NULL +ocfs2_read_block_12659 ocfs2_read_block 0 12659 NULL -+lustre_pack_request_v2_12665 lustre_pack_request_v2 0 12665 NULL +sel_read_class_12669 sel_read_class 3 12669 NULL nohasharray +sparse_mem_maps_populate_node_12669 sparse_mem_maps_populate_node 4 12669 &sel_read_class_12669 -+ext4_writepage_trans_blocks_12674 ext4_writepage_trans_blocks 0 12674 NULL +iwl_dbgfs_calib_disabled_write_12707 iwl_dbgfs_calib_disabled_write 3 12707 NULL +ieee80211_if_read_num_buffered_multicast_12716 ieee80211_if_read_num_buffered_multicast 3 12716 NULL +ivtv_write_12721 ivtv_write 3 12721 NULL @@ -109302,9 +115390,11 @@ index 0000000..9529806 +xfs_inumbers_fmt_12817 xfs_inumbers_fmt 3 12817 NULL +readq_12825 readq 0 12825 NULL +SyS_add_key_12834 SyS_add_key 4 12834 NULL ++gfs2_log_reserve_12835 gfs2_log_reserve 0 12835 NULL +TSS_authhmac_12839 TSS_authhmac 3 12839 NULL +spidev_sync_12842 spidev_sync 0 12842 NULL +spidev_ioctl_12846 spidev_ioctl 2 12846 NULL ++xfs_rtallocate_extent_exact_12865 xfs_rtallocate_extent_exact 0 12865 NULL +ath9k_dump_4k_modal_eeprom_12883 ath9k_dump_4k_modal_eeprom 3-2 12883 NULL +get_leb_cnt_12892 get_leb_cnt 0-2 12892 NULL +get_virtual_node_size_12908 get_virtual_node_size 0 12908 NULL @@ -109314,6 +115404,7 @@ index 0000000..9529806 +raid56_parity_recover_12987 raid56_parity_recover 5 12987 NULL +TransmitTcb_12989 TransmitTcb 4 12989 NULL +sk_peek_offset_12991 sk_peek_offset 0 12991 NULL ++bset_prev_bytes_13020 bset_prev_bytes 0 13020 NULL +subsystem_filter_write_13022 subsystem_filter_write 3 13022 NULL +generic_segment_checks_13041 generic_segment_checks 0 13041 NULL +ocfs2_write_begin_13045 ocfs2_write_begin 3-4 13045 NULL @@ -109322,11 +115413,9 @@ index 0000000..9529806 +biovec_create_pool_13079 biovec_create_pool 2 13079 NULL +xattr_getsecurity_13090 xattr_getsecurity 0 13090 NULL +ttm_dma_pool_alloc_new_pages_13105 ttm_dma_pool_alloc_new_pages 3 13105 NULL -+SyS_msgrcv_13109 SyS_msgrcv 3 13109 NULL +snd_rme96_playback_copy_13111 snd_rme96_playback_copy 5 13111 NULL +bfad_debugfs_read_13119 bfad_debugfs_read 3 13119 NULL +blk_update_request_13146 blk_update_request 3 13146 NULL -+ocfs2_quota_trans_credits_13150 ocfs2_quota_trans_credits 0 13150 NULL +caif_stream_recvmsg_13173 caif_stream_recvmsg 4 13173 NULL +pwr_disable_ps_read_13176 pwr_disable_ps_read 3 13176 NULL +ucs2_strlen_13178 ucs2_strlen 0 13178 NULL @@ -109337,18 +115426,21 @@ index 0000000..9529806 +mmc_ext_csd_read_13205 mmc_ext_csd_read 3 13205 NULL +svm_msrpm_offset_13220 svm_msrpm_offset 0-1 13220 NULL +fnic_trace_ctrl_write_13229 fnic_trace_ctrl_write 3 13229 NULL ++_iwl_dbgfs_disable_power_off_write_13243 _iwl_dbgfs_disable_power_off_write 3 13243 NULL +asix_read_cmd_13245 asix_read_cmd 5 13245 NULL +init_tid_tabs_13252 init_tid_tabs 2-3-4 13252 NULL -+bio_integrity_trim_13259 bio_integrity_trim 3 13259 NULL ++bio_integrity_trim_13259 bio_integrity_trim 3-2 13259 NULL +simple_attr_write_13260 simple_attr_write 3 13260 NULL +pmcraid_notify_aen_13274 pmcraid_notify_aen 3 13274 NULL -+il4965_stats_flag_13281 il4965_stats_flag 3-0 13281 NULL ++il4965_stats_flag_13281 il4965_stats_flag 0-3 13281 NULL +lpfc_idiag_mbxacc_get_setup_13282 lpfc_idiag_mbxacc_get_setup 0 13282 NULL +sd_major_13294 sd_major 0-1 13294 NULL +module_param_sysfs_setup_13296 module_param_sysfs_setup 0 13296 NULL -+__clone_and_map_data_bio_13334 __clone_and_map_data_bio 4-8 13334 NULL ++read_file_phy_err_13318 read_file_phy_err 3 13318 NULL +kvm_read_nested_guest_page_13337 kvm_read_nested_guest_page 5 13337 NULL ++round_event_name_len_13348 round_event_name_len 0 13348 NULL +hscx_empty_fifo_13360 hscx_empty_fifo 2 13360 NULL ++xfs_btree_delrec_13364 xfs_btree_delrec 0 13364 NULL +iso_sched_alloc_13377 iso_sched_alloc 1 13377 NULL nohasharray +wep_key_not_found_read_13377 wep_key_not_found_read 3 13377 &iso_sched_alloc_13377 +ext4_meta_trans_blocks_13380 ext4_meta_trans_blocks 0-3-2 13380 NULL @@ -109360,7 +115452,6 @@ index 0000000..9529806 +sb_init_dio_done_wq_13482 sb_init_dio_done_wq 0 13482 NULL +data_read_13494 data_read 3 13494 NULL +ioat_chansts_32_13506 ioat_chansts_32 0 13506 NULL -+ocfs2_align_bytes_to_blocks_13512 ocfs2_align_bytes_to_blocks 0-2 13512 NULL +core_status_13515 core_status 4 13515 NULL +smk_write_mapped_13519 smk_write_mapped 3 13519 NULL +bm_init_13529 bm_init 2 13529 NULL @@ -109371,12 +115462,12 @@ index 0000000..9529806 +cache_write_13589 cache_write 3 13589 NULL +Rd_Indx_13602 Rd_Indx 3-2 13602 NULL +wm8994_bulk_write_13615 wm8994_bulk_write 2-3 13615 NULL ++__ntfs_grab_cache_pages_13617 __ntfs_grab_cache_pages 0 13617 NULL +pmcraid_get_minor_13619 pmcraid_get_minor 0 13619 NULL +packet_snd_13634 packet_snd 3 13634 NULL +blk_msg_write_13655 blk_msg_write 3 13655 NULL +cache_downcall_13666 cache_downcall 3 13666 NULL +ext3_xattr_list_entries_13682 ext3_xattr_list_entries 0 13682 NULL -+nv94_aux_13689 nv94_aux 2-5 13689 NULL +usb_get_string_13693 usb_get_string 0 13693 NULL +fw_iso_buffer_alloc_13704 fw_iso_buffer_alloc 2 13704 NULL +audit_unpack_string_13748 audit_unpack_string 3 13748 NULL @@ -109398,20 +115489,22 @@ index 0000000..9529806 +ocfs2_xa_value_truncate_13940 ocfs2_xa_value_truncate 2 13940 &ieee80211_if_read_dot11MeshForwarding_13940 +iwl_dbgfs_protection_mode_read_13943 iwl_dbgfs_protection_mode_read 3 13943 NULL +ieee80211_if_read_min_discovery_timeout_13946 ieee80211_if_read_min_discovery_timeout 3 13946 NULL -+lpfc_idiag_queacc_read_13950 lpfc_idiag_queacc_read 3 13950 NULL ++lpfc_idiag_queacc_read_13950 lpfc_idiag_queacc_read 3 13950 NULL nohasharray ++pagecache_write_end_13950 pagecache_write_end 0 13950 &lpfc_idiag_queacc_read_13950 +osc_grant_shrink_interval_seq_write_13952 osc_grant_shrink_interval_seq_write 3 13952 NULL +ocfs2_refresh_slot_info_13957 ocfs2_refresh_slot_info 0 13957 NULL +snd_pcm_plug_slave_size_13967 snd_pcm_plug_slave_size 0-2 13967 NULL +qcam_read_13977 qcam_read 3 13977 NULL +dsp_read_13980 dsp_read 2 13980 NULL +dvb_demux_read_13981 dvb_demux_read 3 13981 NULL -+create_files_14003 create_files 0 14003 NULL +sddr09_write_data_14014 sddr09_write_data 3 14014 NULL +btrfs_get_blocks_direct_14016 btrfs_get_blocks_direct 2 14016 NULL +dmi_format_ids_14018 dmi_format_ids 2 14018 NULL +iscsi_create_flashnode_conn_14022 iscsi_create_flashnode_conn 4 14022 NULL ++pci_add_ext_cap_save_buffer_14032 pci_add_ext_cap_save_buffer 3 14032 NULL +dvb_usercopy_14036 dvb_usercopy 2 14036 NULL +read_def_modal_eeprom_14041 read_def_modal_eeprom 3 14041 NULL ++xfs_bmap_alloc_14044 xfs_bmap_alloc 0 14044 NULL +ieee80211_if_fmt_aid_14055 ieee80211_if_fmt_aid 3 14055 NULL +ovs_nla_alloc_flow_actions_14056 ovs_nla_alloc_flow_actions 1 14056 NULL +sta_agg_status_read_14058 sta_agg_status_read 3 14058 NULL @@ -109422,6 +115515,7 @@ index 0000000..9529806 +isku_sysfs_read_light_14140 isku_sysfs_read_light 6 14140 NULL +em_canid_change_14150 em_canid_change 3 14150 NULL +gsm_dlci_data_14155 gsm_dlci_data 3 14155 NULL ++midi_alloc_ep_req_14159 midi_alloc_ep_req 2 14159 NULL +print_input_mask_14168 print_input_mask 3-0 14168 NULL +ocfs2_xattr_value_truncate_14183 ocfs2_xattr_value_truncate 3 14183 NULL +datafab_read_data_14186 datafab_read_data 4 14186 NULL @@ -109430,19 +115524,24 @@ index 0000000..9529806 +ath6kl_regread_write_14220 ath6kl_regread_write 3 14220 NULL +ieee80211_if_write_uapsd_max_sp_len_14233 ieee80211_if_write_uapsd_max_sp_len 3 14233 NULL +dma_declare_coherent_memory_14244 dma_declare_coherent_memory 4 14244 NULL ++btrfs_token_file_extent_ram_bytes_14247 btrfs_token_file_extent_ram_bytes 0 14247 NULL +ath6kl_connect_event_14267 ath6kl_connect_event 7-8-9 14267 NULL +rr_status_14293 rr_status 5 14293 NULL +read_default_ldt_14302 read_default_ldt 2 14302 NULL ++update_rgrp_lvb_14303 update_rgrp_lvb 0 14303 NULL ++xfs_qm_qino_alloc_14309 xfs_qm_qino_alloc 0 14309 NULL +oo_objects_14319 oo_objects 0 14319 NULL +ll_get_user_pages_14328 ll_get_user_pages 3-2-0 14328 NULL +p9_client_zc_rpc_14345 p9_client_zc_rpc 7 14345 NULL +alloc_tx_struct_14349 alloc_tx_struct 1 14349 NULL +hash_ipportnet4_expire_14354 hash_ipportnet4_expire 4 14354 NULL +snd_pcm_lib_readv_14363 snd_pcm_lib_readv 0-3 14363 NULL ++lowpan_read_14369 lowpan_read 3 14369 NULL +ath6kl_regdump_read_14393 ath6kl_regdump_read 3 14393 NULL +smk_write_onlycap_14400 smk_write_onlycap 3 14400 NULL +mtd_concat_create_14416 mtd_concat_create 2 14416 NULL +get_kcore_size_14425 get_kcore_size 0 14425 NULL ++_iwl_dbgfs_sram_write_14439 _iwl_dbgfs_sram_write 3 14439 NULL +block_size_14443 block_size 0 14443 NULL +lmv_user_md_size_14456 lmv_user_md_size 0-1 14456 NULL +snd_emu10k1_proc_spdif_status_14457 snd_emu10k1_proc_spdif_status 4-5 14457 NULL @@ -109451,16 +115550,20 @@ index 0000000..9529806 +dma_transfer_size_14473 dma_transfer_size 0 14473 NULL +udplite_getfrag_14479 udplite_getfrag 3-4 14479 NULL +ieee80211_if_read_dot11MeshGateAnnouncementProtocol_14486 ieee80211_if_read_dot11MeshGateAnnouncementProtocol 3 14486 NULL ++split_state_14491 split_state 0 14491 NULL +ocfs2_debug_read_14507 ocfs2_debug_read 3 14507 NULL +ep0_write_14536 ep0_write 3 14536 NULL nohasharray +dataflash_read_user_otp_14536 dataflash_read_user_otp 3-2 14536 &ep0_write_14536 +picolcd_debug_eeprom_read_14549 picolcd_debug_eeprom_read 3 14549 NULL +qp_host_alloc_queue_14566 qp_host_alloc_queue 1 14566 NULL +SyS_setdomainname_14569 SyS_setdomainname 2 14569 NULL ++stuffed_readpage_14581 stuffed_readpage 0 14581 NULL +idmap_pipe_downcall_14591 idmap_pipe_downcall 3 14591 NULL +ceph_osdc_alloc_request_14597 ceph_osdc_alloc_request 3 14597 NULL +dbJoin_14644 dbJoin 0 14644 NULL +profile_replace_14652 profile_replace 3 14652 NULL ++usnic_vnic_dump_14662 usnic_vnic_dump 3 14662 NULL ++add_to_page_cache_locked_14668 add_to_page_cache_locked 0 14668 NULL +min_bytes_needed_14675 min_bytes_needed 0 14675 NULL +nvme_trans_log_info_exceptions_14677 nvme_trans_log_info_exceptions 3 14677 NULL +pipeline_enc_tx_stat_fifo_int_read_14680 pipeline_enc_tx_stat_fifo_int_read 3 14680 NULL @@ -109483,10 +115586,12 @@ index 0000000..9529806 +__kfifo_in_14797 __kfifo_in 3-0 14797 NULL +hpet_readl_14801 hpet_readl 0 14801 NULL nohasharray +snd_als300_gcr_read_14801 snd_als300_gcr_read 0 14801 &hpet_readl_14801 -+do_tune_cpucache_14828 do_tune_cpucache 2 14828 NULL ++security_inode_rename_14805 security_inode_rename 0 14805 NULL ++xfs_btree_kill_iroot_14824 xfs_btree_kill_iroot 0 14824 NULL +mrp_attr_create_14853 mrp_attr_create 3 14853 NULL +lcd_write_14857 lcd_write 3 14857 NULL +get_user_cpu_mask_14861 get_user_cpu_mask 2 14861 NULL ++xfs_bmapi_convert_unwritten_14886 xfs_bmapi_convert_unwritten 0 14886 NULL +gmux_index_read8_14890 gmux_index_read8 0 14890 NULL +acpi_os_allocate_14892 acpi_os_allocate 1 14892 NULL +SYSC_readv_14901 SYSC_readv 3 14901 NULL @@ -109499,20 +115604,19 @@ index 0000000..9529806 +mce_flush_rx_buffer_14976 mce_flush_rx_buffer 2 14976 NULL +setkey_14987 setkey 3 14987 NULL nohasharray +gpio_twl4030_write_14987 gpio_twl4030_write 1 14987 &setkey_14987 -+xfs_dinode_size_14996 xfs_dinode_size 0 14996 NULL +blk_integrity_tuple_size_15027 blk_integrity_tuple_size 0 15027 NULL ++read_file_node_aggr_15040 read_file_node_aggr 3 15040 NULL +cld_pipe_downcall_15058 cld_pipe_downcall 3 15058 NULL +ieee80211_if_read_uapsd_max_sp_len_15067 ieee80211_if_read_uapsd_max_sp_len 3 15067 NULL +nfs4_write_cached_acl_15070 nfs4_write_cached_acl 4 15070 NULL +ntfs_copy_from_user_15072 ntfs_copy_from_user 3-5-0 15072 NULL +pppoe_recvmsg_15073 pppoe_recvmsg 4 15073 NULL -+ceph_calc_ceph_pg_15075 ceph_calc_ceph_pg 0 15075 NULL +smscore_load_firmware_family2_15086 smscore_load_firmware_family2 3 15086 NULL -+compat_SyS_pwritev_15118 compat_SyS_pwritev 3 15118 NULL ++xfs_btree_insrec_15090 xfs_btree_insrec 0 15090 NULL ++btrfs_readpage_15094 btrfs_readpage 0 15094 NULL +hex_dump_to_buffer_15121 hex_dump_to_buffer 6 15121 NULL +start_port_15124 start_port 0 15124 NULL +ipwireless_ppp_mru_15153 ipwireless_ppp_mru 0 15153 NULL -+iwl_dbgfs_sta_drain_write_15167 iwl_dbgfs_sta_drain_write 3 15167 NULL +SYSC_setdomainname_15180 SYSC_setdomainname 2 15180 NULL +iscsi_create_endpoint_15193 iscsi_create_endpoint 1 15193 NULL +mtt_alloc_res_15211 mtt_alloc_res 5 15211 NULL @@ -109522,7 +115626,6 @@ index 0000000..9529806 +simple_strtol_15273 simple_strtol 0 15273 NULL +fw_realloc_buffer_15280 fw_realloc_buffer 2 15280 NULL +ocfs2_read_refcount_block_15305 ocfs2_read_refcount_block 0 15305 NULL -+xlog_ticket_alloc_15335 xlog_ticket_alloc 2 15335 NULL +kovaplus_sysfs_read_15337 kovaplus_sysfs_read 6 15337 NULL +ioread16_15342 ioread16 0 15342 NULL +ept_prefetch_gpte_15348 ept_prefetch_gpte 4 15348 NULL @@ -109553,28 +115656,27 @@ index 0000000..9529806 +pipeline_hs_tx_stat_fifo_int_read_15642 pipeline_hs_tx_stat_fifo_int_read 3 15642 &sk_memory_allocated_add_15642 +joydev_handle_JSIOCSBTNMAP_15643 joydev_handle_JSIOCSBTNMAP 3 15643 NULL +fs_path_add_15648 fs_path_add 3 15648 NULL ++__do_readpage_15652 __do_readpage 0 15652 NULL +xsd_read_15653 xsd_read 3 15653 NULL +unix_bind_15668 unix_bind 3 15668 NULL +dm_read_15674 dm_read 3 15674 NULL nohasharray +SyS_connect_15674 SyS_connect 3 15674 &dm_read_15674 +tracing_snapshot_write_15719 tracing_snapshot_write 3 15719 NULL +HiSax_readstatus_15752 HiSax_readstatus 2 15752 NULL -+bio_map_15794 bio_map 3-0 15794 NULL +smk_read_direct_15803 smk_read_direct 3 15803 NULL +nameseq_list_15817 nameseq_list 3-0 15817 NULL nohasharray +gnttab_expand_15817 gnttab_expand 1 15817 &nameseq_list_15817 +afs_proc_rootcell_write_15822 afs_proc_rootcell_write 3 15822 NULL -+brcmf_sdbrcm_died_dump_15841 brcmf_sdbrcm_died_dump 3 15841 NULL +table_size_15851 table_size 0-1-2 15851 NULL +write_file_tx99_15856 write_file_tx99 3 15856 NULL +media_entity_init_15870 media_entity_init 2-4 15870 NULL +__mptctl_ioctl_15875 __mptctl_ioctl 2 15875 NULL -+nfs_map_group_to_gid_15892 nfs_map_group_to_gid 3 15892 NULL +native_read_msr_15905 native_read_msr 0 15905 NULL +parse_audio_stream_data_15937 parse_audio_stream_data 3 15937 NULL +power_read_15939 power_read 3 15939 NULL +lpfc_idiag_drbacc_read_15948 lpfc_idiag_drbacc_read 3 15948 NULL +snd_pcm_lib_read_transfer_15952 snd_pcm_lib_read_transfer 5-2-4 15952 NULL ++memblock_virt_alloc_try_nid_15954 memblock_virt_alloc_try_nid 1 15954 NULL +viafb_vt1636_proc_write_16018 viafb_vt1636_proc_write 3 16018 NULL +dccp_recvmsg_16056 dccp_recvmsg 4 16056 NULL +read_file_spectral_period_16057 read_file_spectral_period 3 16057 NULL @@ -109582,6 +115684,7 @@ index 0000000..9529806 +isr_tx_exch_complete_read_16103 isr_tx_exch_complete_read 3 16103 NULL +isr_hw_pm_mode_changes_read_16110 isr_hw_pm_mode_changes_read 3 16110 NULL nohasharray +dma_tx_requested_read_16110 dma_tx_requested_read 3 16110 &isr_hw_pm_mode_changes_read_16110 ++gfs2_jdesc_check_16122 gfs2_jdesc_check 0 16122 NULL +snd_dma_pointer_16126 snd_dma_pointer 0-2 16126 NULL +compat_sys_select_16131 compat_sys_select 1 16131 NULL +fsm_init_16134 fsm_init 2 16134 NULL @@ -109615,7 +115718,10 @@ index 0000000..9529806 +kvm_handle_hva_range_16312 kvm_handle_hva_range 3-2 16312 NULL +sysfs_create_groups_16360 sysfs_create_groups 0 16360 NULL +total_ps_buffered_read_16365 total_ps_buffered_read 3 16365 NULL ++xfs_inobt_lookup_16367 xfs_inobt_lookup 0 16367 NULL +iscsi_tcp_conn_setup_16376 iscsi_tcp_conn_setup 2 16376 NULL ++gfs2_dinode_in_16378 gfs2_dinode_in 0 16378 NULL ++xfs_btree_check_block_16419 xfs_btree_check_block 0 16419 NULL +ieee80211_if_read_tsf_16420 ieee80211_if_read_tsf 3 16420 NULL +rxrpc_server_keyring_16431 rxrpc_server_keyring 3 16431 NULL +__bio_add_page_16435 __bio_add_page 0-4 16435 NULL @@ -109643,7 +115749,9 @@ index 0000000..9529806 +drm_malloc_ab_16831 drm_malloc_ab 1-2 16831 NULL +scsi_mode_sense_16835 scsi_mode_sense 5 16835 NULL +hfsplus_min_io_size_16859 hfsplus_min_io_size 0 16859 NULL -+alloc_idx_lebs_16872 alloc_idx_lebs 2 16872 NULL ++xfs_dialloc_ag_16868 xfs_dialloc_ag 0 16868 NULL ++alloc_idx_lebs_16872 alloc_idx_lebs 2 16872 NULL nohasharray ++xfs_iget_16872 xfs_iget 0 16872 &alloc_idx_lebs_16872 +carl9170_debugfs_ampdu_state_read_16873 carl9170_debugfs_ampdu_state_read 3 16873 NULL +st_write_16874 st_write 3 16874 NULL +__kfifo_peek_n_16877 __kfifo_peek_n 0 16877 NULL @@ -109687,7 +115795,6 @@ index 0000000..9529806 +hmac_sha256_17278 hmac_sha256 2 17278 NULL +neigh_hash_grow_17283 neigh_hash_grow 2 17283 NULL +minstrel_stats_read_17290 minstrel_stats_read 3 17290 NULL -+__ptlrpc_request_bufs_pack_17298 __ptlrpc_request_bufs_pack 0 17298 NULL +ieee80211_if_fmt_dot11MeshForwarding_17301 ieee80211_if_fmt_dot11MeshForwarding 3 17301 NULL +mb_cache_create_17307 mb_cache_create 2 17307 NULL +gnttab_map_frames_v2_17314 gnttab_map_frames_v2 2 17314 NULL @@ -109698,6 +115805,7 @@ index 0000000..9529806 +compat_sys_ppoll_17430 compat_sys_ppoll 2 17430 NULL +sta_connected_time_read_17435 sta_connected_time_read 3 17435 NULL +libcfs_ipif_enumerate_17445 libcfs_ipif_enumerate 0 17445 NULL ++xfs_btree_lshift_17448 xfs_btree_lshift 0 17448 NULL +nla_get_u32_17455 nla_get_u32 0 17455 NULL +__ref_totlen_17461 __ref_totlen 0 17461 NULL +probe_kernel_write_17481 probe_kernel_write 3 17481 NULL @@ -109712,20 +115820,20 @@ index 0000000..9529806 +osst_execute_17607 osst_execute 7-6 17607 NULL +ieee80211_if_read_dot11MeshHWMPactivePathToRootTimeout_17618 ieee80211_if_read_dot11MeshHWMPactivePathToRootTimeout 3 17618 NULL +dma_map_page_17628 dma_map_page 0 17628 NULL -+ocfs2_rotate_subtree_left_17634 ocfs2_rotate_subtree_left 5 17634 NULL +twl4030_set_gpio_direction_17645 twl4030_set_gpio_direction 1 17645 NULL +SYSC_migrate_pages_17657 SYSC_migrate_pages 2 17657 NULL +packet_setsockopt_17662 packet_setsockopt 5 17662 NULL +pwr_enable_ps_read_17686 pwr_enable_ps_read 3 17686 NULL ++filemap_fdatawait_17688 filemap_fdatawait 0 17688 NULL +venus_rename_17707 venus_rename 4-5 17707 NULL nohasharray +__einj_error_trigger_17707 __einj_error_trigger 0 17707 &venus_rename_17707 +exofs_read_lookup_dev_table_17733 exofs_read_lookup_dev_table 3 17733 NULL +sctpprobe_read_17741 sctpprobe_read 3 17741 NULL +dgap_do_fep_load_17765 dgap_do_fep_load 3 17765 NULL -+brcmf_sdio_chip_verifynvram_17776 brcmf_sdio_chip_verifynvram 4 17776 NULL +shrink_slab_node_17794 shrink_slab_node 3 17794 NULL +gnet_stats_copy_app_17821 gnet_stats_copy_app 3 17821 NULL +cipso_v4_gentag_rbm_17836 cipso_v4_gentag_rbm 0 17836 NULL ++em28xx_audio_ep_packet_size_17844 em28xx_audio_ep_packet_size 0 17844 NULL +dm_stats_message_17863 dm_stats_message 5 17863 NULL +sisusb_send_bulk_msg_17864 sisusb_send_bulk_msg 3 17864 NULL +alloc_sja1000dev_17868 alloc_sja1000dev 1 17868 NULL @@ -109737,6 +115845,7 @@ index 0000000..9529806 +ieee80211_if_fmt_dot11MeshMaxPeerLinks_17883 ieee80211_if_fmt_dot11MeshMaxPeerLinks 3 17883 NULL +ieee80211_if_fmt_dot11MeshHWMPRootMode_17890 ieee80211_if_fmt_dot11MeshHWMPRootMode 3 17890 NULL +xfs_buf_associate_memory_17915 xfs_buf_associate_memory 3 17915 NULL ++xfs_rtallocate_extent_near_17916 xfs_rtallocate_extent_near 0 17916 NULL +scsi_bufflen_17933 scsi_bufflen 0 17933 NULL +__mutex_lock_check_stamp_17947 __mutex_lock_check_stamp 0 17947 NULL +beacon_interval_write_17952 beacon_interval_write 3 17952 NULL @@ -109749,6 +115858,7 @@ index 0000000..9529806 +cpufreq_add_dev_symlink_18028 cpufreq_add_dev_symlink 0 18028 NULL +o2hb_highest_node_18034 o2hb_highest_node 0 18034 NULL +cryptd_alloc_instance_18048 cryptd_alloc_instance 2-3 18048 NULL ++__btrfs_drop_extents_18049 __btrfs_drop_extents 5 18049 NULL +ddebug_proc_write_18055 ddebug_proc_write 3 18055 NULL +lua_sysfs_read_18062 lua_sysfs_read 6 18062 NULL +fpregs_get_18066 fpregs_get 4 18066 NULL @@ -109760,10 +115870,12 @@ index 0000000..9529806 +dfs_file_read_18116 dfs_file_read 3 18116 NULL +svc_getnl_18120 svc_getnl 0 18120 NULL +paging32_gpte_to_gfn_lvl_18131 paging32_gpte_to_gfn_lvl 0-2-1 18131 NULL ++xfs_zero_eof_18134 xfs_zero_eof 0 18134 NULL +selinux_inode_setsecurity_18148 selinux_inode_setsecurity 4 18148 NULL +pccard_store_cis_18176 pccard_store_cis 6 18176 NULL +orinoco_add_extscan_result_18207 orinoco_add_extscan_result 3 18207 NULL +gsm_control_message_18209 gsm_control_message 4 18209 NULL ++read_rindex_entry_18213 read_rindex_entry 0 18213 NULL +do_ipv6_setsockopt_18215 do_ipv6_setsockopt 5 18215 NULL +gnttab_alloc_grant_references_18240 gnttab_alloc_grant_references 1 18240 NULL +alloc_trace_uprobe_18247 alloc_trace_uprobe 3 18247 NULL @@ -109788,10 +115900,12 @@ index 0000000..9529806 +SyS_process_vm_readv_18366 SyS_process_vm_readv 3-5 18366 NULL +ep_io_18367 ep_io 0 18367 NULL +qib_user_sdma_num_pages_18371 qib_user_sdma_num_pages 0 18371 NULL ++__ceph_getxattr_18386 __ceph_getxattr 0 18386 NULL +ci_role_write_18388 ci_role_write 3 18388 NULL +hdlc_empty_fifo_18397 hdlc_empty_fifo 2 18397 NULL +adis16136_show_serial_18402 adis16136_show_serial 3 18402 NULL +crystalhd_user_data_18407 crystalhd_user_data 3 18407 NULL ++memblock_virt_alloc_node_nopanic_18431 memblock_virt_alloc_node_nopanic 1 18431 NULL +iscsi_create_flashnode_sess_18433 iscsi_create_flashnode_sess 4 18433 NULL +snd_hda_get_connections_18437 snd_hda_get_connections 0 18437 NULL +flash_dev_cache_miss_18454 flash_dev_cache_miss 4 18454 NULL @@ -109802,6 +115916,7 @@ index 0000000..9529806 +udpv6_setsockopt_18487 udpv6_setsockopt 5 18487 NULL +btrfs_fiemap_18501 btrfs_fiemap 3 18501 NULL +__copy_user_zeroing_intel_18510 __copy_user_zeroing_intel 0-3 18510 NULL ++__block_write_begin_18511 __block_write_begin 0 18511 NULL +snd_vx_inb_18514 snd_vx_inb 0 18514 NULL +snd_gus_dram_poke_18525 snd_gus_dram_poke 4 18525 NULL +nouveau_fifo_channel_create__18530 nouveau_fifo_channel_create_ 9 18530 NULL @@ -109809,11 +115924,10 @@ index 0000000..9529806 +sas_change_queue_depth_18555 sas_change_queue_depth 2 18555 NULL +smk_write_rules_list_18565 smk_write_rules_list 3 18565 NULL +debug_output_18575 debug_output 3 18575 NULL -+filemap_fdatawait_range_18600 filemap_fdatawait_range 0 18600 NULL nohasharray -+slabinfo_write_18600 slabinfo_write 3 18600 &filemap_fdatawait_range_18600 ++xfs_btree_read_bufl_18597 xfs_btree_read_bufl 0 18597 NULL ++filemap_fdatawait_range_18600 filemap_fdatawait_range 0 18600 NULL +iowarrior_write_18604 iowarrior_write 3 18604 NULL -+nvc0_ram_create__18624 nvc0_ram_create_ 4 18624 NULL nohasharray -+audio_get_endpoint_req_18624 audio_get_endpoint_req 0 18624 &nvc0_ram_create__18624 ++nvc0_ram_create__18624 nvc0_ram_create_ 4 18624 NULL +from_buffer_18625 from_buffer 3 18625 NULL +snd_pcm_oss_write3_18657 snd_pcm_oss_write3 0-3 18657 NULL +ieee80211_if_fmt_rssi_threshold_18664 ieee80211_if_fmt_rssi_threshold 3 18664 NULL @@ -109831,7 +115945,6 @@ index 0000000..9529806 +ffs_epfile_read_18775 ffs_epfile_read 3 18775 NULL +SyS_lsetxattr_18776 SyS_lsetxattr 4 18776 NULL +alloc_fcdev_18780 alloc_fcdev 1 18780 NULL -+prealloc_18800 prealloc 0 18800 NULL +dm_stats_print_18815 dm_stats_print 7 18815 NULL +sys_modify_ldt_18824 sys_modify_ldt 3 18824 NULL +mtf_test_write_18844 mtf_test_write 3 18844 NULL @@ -109841,6 +115954,7 @@ index 0000000..9529806 +ceph_setxattr_18913 ceph_setxattr 4 18913 NULL +ieee80211_rx_mgmt_disassoc_18927 ieee80211_rx_mgmt_disassoc 3 18927 NULL +snapshot_write_next_18937 snapshot_write_next 0 18937 NULL ++clean_journal_18955 clean_journal 0 18955 NULL +__nla_reserve_18974 __nla_reserve 3 18974 NULL +__blockdev_direct_IO_18977 __blockdev_direct_IO 0-6 18977 NULL +layout_in_gaps_19006 layout_in_gaps 2 19006 NULL @@ -109850,12 +115964,11 @@ index 0000000..9529806 +revalidate_19043 revalidate 2 19043 NULL +afs_vnode_store_data_19048 afs_vnode_store_data 2-3-4-5 19048 NULL +osc_pinger_recov_seq_write_19056 osc_pinger_recov_seq_write 3 19056 NULL ++get_log_header_19063 get_log_header 0 19063 NULL +create_gpadl_header_19064 create_gpadl_header 2 19064 NULL -+ieee80211_key_alloc_19065 ieee80211_key_alloc 3 19065 NULL +ceph_create_snap_context_19082 ceph_create_snap_context 1 19082 NULL +sta_last_seq_ctrl_read_19106 sta_last_seq_ctrl_read 3 19106 NULL +cifs_readv_from_socket_19109 cifs_readv_from_socket 3 19109 NULL -+ATOMIC_SUB_RETURN_19115 ATOMIC_SUB_RETURN 2 19115 NULL +snd_als4k_iobase_readl_19136 snd_als4k_iobase_readl 0 19136 NULL +alloc_irdadev_19140 alloc_irdadev 1 19140 NULL +sleep_auth_read_19159 sleep_auth_read 3 19159 NULL @@ -109896,17 +116009,18 @@ index 0000000..9529806 +apei_exec_pre_map_gars_19529 apei_exec_pre_map_gars 0 19529 NULL nohasharray +cfc_write_array_to_buffer_19529 cfc_write_array_to_buffer 3 19529 &apei_exec_pre_map_gars_19529 +nfc_llcp_build_tlv_19536 nfc_llcp_build_tlv 3 19536 NULL -+howmany_64_19548 howmany_64 2 19548 NULL +gfn_to_index_19558 gfn_to_index 0-1-3-2 19558 NULL +ocfs2_control_message_19564 ocfs2_control_message 3 19564 NULL -+ieee80211_if_read_tkip_mic_test_19565 ieee80211_if_read_tkip_mic_test 3 19565 NULL +nfsd_read_19568 nfsd_read 5 19568 NULL -+cgroup_read_s64_19570 cgroup_read_s64 5 19570 NULL ++ieee80211_key_alloc_19575 ieee80211_key_alloc 3 19575 NULL ++mnt_want_write_file_19579 mnt_want_write_file 0 19579 NULL +bm_status_read_19583 bm_status_read 3 19583 NULL +load_xattr_datum_19594 load_xattr_datum 0 19594 NULL ++fallocate_chunk_19610 fallocate_chunk 0 19610 NULL +__mei_cl_recv_19636 __mei_cl_recv 3 19636 NULL +LoadBitmap_19658 LoadBitmap 2 19658 NULL -+iwl_dbgfs_pm_params_write_19660 iwl_dbgfs_pm_params_write 3 19660 NULL ++memblock_virt_alloc_low_nopanic_19714 memblock_virt_alloc_low_nopanic 1 19714 NULL ++ocfs2_control_get_this_node_19721 ocfs2_control_get_this_node 0 19721 NULL +read_reg_19723 read_reg 0 19723 NULL +wm8350_block_write_19727 wm8350_block_write 2-3 19727 NULL +memcpy_toiovecend_19736 memcpy_toiovecend 4-3 19736 NULL @@ -109916,11 +116030,9 @@ index 0000000..9529806 +ocfs2_readpages_19759 ocfs2_readpages 4 19759 NULL +jffs2_acl_from_medium_19762 jffs2_acl_from_medium 2 19762 NULL +readhscx_19769 readhscx 0 19769 NULL -+__set_print_fmt_19776 __set_print_fmt 0 19776 NULL -+iwl_dbgfs_disable_power_off_write_19823 iwl_dbgfs_disable_power_off_write 3 19823 NULL +irda_setsockopt_19824 irda_setsockopt 5 19824 NULL ++xfs_bmap_add_extent_hole_real_19828 xfs_bmap_add_extent_hole_real 0 19828 NULL +vfs_getxattr_19832 vfs_getxattr 0 19832 NULL -+security_context_to_sid_19839 security_context_to_sid 2 19839 NULL +crypt_alloc_buffer_19846 crypt_alloc_buffer 2 19846 NULL +cfg80211_mlme_register_mgmt_19852 cfg80211_mlme_register_mgmt 5 19852 NULL +__nla_put_19857 __nla_put 3 19857 NULL @@ -109932,12 +116044,13 @@ index 0000000..9529806 +guest_read_tsc_19931 guest_read_tsc 0 19931 NULL +iwl_dbgfs_rx_queue_read_19943 iwl_dbgfs_rx_queue_read 3 19943 NULL +cfg80211_rx_assoc_resp_19944 cfg80211_rx_assoc_resp 4 19944 NULL ++ll_xattr_cache_list_19954 ll_xattr_cache_list 0 19954 NULL +get_jack_mode_name_19976 get_jack_mode_name 4 19976 NULL +attach_hdlc_protocol_19986 attach_hdlc_protocol 3 19986 NULL +rtw_set_wps_probe_resp_19989 rtw_set_wps_probe_resp 3 19989 NULL -+lustre_pack_request_19992 lustre_pack_request 0 19992 NULL +diva_um_idi_read_20003 diva_um_idi_read 0 20003 NULL -+lov_stripe_md_size_20009 lov_stripe_md_size 0-1 20009 NULL ++lov_stripe_md_size_20009 lov_stripe_md_size 0-1 20009 NULL nohasharray ++event_trigger_write_20009 event_trigger_write 3 20009 &lov_stripe_md_size_20009 +tree_mod_log_eb_move_20011 tree_mod_log_eb_move 5 20011 NULL +SYSC_fgetxattr_20027 SYSC_fgetxattr 4 20027 NULL +split_scan_timeout_read_20029 split_scan_timeout_read 3 20029 NULL @@ -109949,12 +116062,12 @@ index 0000000..9529806 +aat2870_reg_write_file_20086 aat2870_reg_write_file 3 20086 NULL +team_options_register_20091 team_options_register 3 20091 NULL +qla2x00_adjust_sdev_qdepth_up_20097 qla2x00_adjust_sdev_qdepth_up 2 20097 NULL ++xfs_qm_dqget_20103 xfs_qm_dqget 0 20103 NULL +root_nfs_copy_20111 root_nfs_copy 3 20111 NULL +hptiop_adjust_disk_queue_depth_20122 hptiop_adjust_disk_queue_depth 2 20122 NULL +tomoyo_commit_ok_20167 tomoyo_commit_ok 2 20167 NULL +read_flush_pipefs_20171 read_flush_pipefs 3 20171 NULL +wep_addr_key_count_read_20174 wep_addr_key_count_read 3 20174 NULL -+create_trace_probe_20175 create_trace_probe 1 20175 NULL +crystalhd_map_dio_20181 crystalhd_map_dio 3 20181 NULL +pvr2_ctrl_value_to_sym_20229 pvr2_ctrl_value_to_sym 5 20229 NULL +rose_sendmsg_20249 rose_sendmsg 4 20249 NULL @@ -109972,7 +116085,6 @@ index 0000000..9529806 +read_7220_creg32_20394 read_7220_creg32 0 20394 &snd_nm256_readl_20394 +__kfifo_from_user_20399 __kfifo_from_user 3 20399 NULL nohasharray +SyS_get_mempolicy_20399 SyS_get_mempolicy 3 20399 &__kfifo_from_user_20399 -+nfs3_setxattr_20458 nfs3_setxattr 4 20458 NULL +compat_ipv6_setsockopt_20468 compat_ipv6_setsockopt 5 20468 NULL +read_buf_20469 read_buf 2 20469 NULL +bio_trim_20472 bio_trim 2 20472 NULL @@ -109984,6 +116096,7 @@ index 0000000..9529806 +venus_create_20555 venus_create 4 20555 NULL +btrfs_super_log_root_20565 btrfs_super_log_root 0 20565 NULL +crypto_ahash_reqsize_20569 crypto_ahash_reqsize 0 20569 NULL ++xfs_bmap_isaeof_20570 xfs_bmap_isaeof 0 20570 NULL +ocfs2_cluster_lock_20588 ocfs2_cluster_lock 0 20588 NULL +kvm_test_age_hva_20593 kvm_test_age_hva 2 20593 NULL +sync_timeline_create_20601 sync_timeline_create 2 20601 NULL @@ -109995,7 +116108,8 @@ index 0000000..9529806 +cpulist_scnprintf_20648 cpulist_scnprintf 2-0 20648 NULL +oz_add_farewell_20652 oz_add_farewell 5 20652 NULL +oz_cdev_read_20659 oz_cdev_read 3 20659 NULL -+snd_hdsp_playback_copy_20676 snd_hdsp_playback_copy 5 20676 NULL ++snd_hdsp_playback_copy_20676 snd_hdsp_playback_copy 5 20676 NULL nohasharray ++btrfs_qgroup_reserve_20676 btrfs_qgroup_reserve 0 20676 &snd_hdsp_playback_copy_20676 +dvb_dmxdev_buffer_read_20682 dvb_dmxdev_buffer_read 0-4 20682 NULL +cpumask_size_20683 cpumask_size 0 20683 NULL +btrfs_node_blockptr_20685 btrfs_node_blockptr 0 20685 NULL @@ -110008,13 +116122,16 @@ index 0000000..9529806 +fb_prepare_logo_20743 fb_prepare_logo 0 20743 NULL +vol_cdev_direct_write_20751 vol_cdev_direct_write 3 20751 NULL +ocfs2_align_bytes_to_clusters_20754 ocfs2_align_bytes_to_clusters 2 20754 NULL -+brcmf_p2p_escan_20763 brcmf_p2p_escan 2 20763 NULL ++brcmf_p2p_escan_20763 brcmf_p2p_escan 2 20763 NULL nohasharray ++mnt_clone_write_20763 mnt_clone_write 0 20763 &brcmf_p2p_escan_20763 +fb_alloc_cmap_gfp_20792 fb_alloc_cmap_gfp 2 20792 NULL +iwl_dbgfs_rxon_flags_read_20795 iwl_dbgfs_rxon_flags_read 3 20795 NULL -+strndup_user_20819 strndup_user 2 20819 NULL ++lowpan_write_20800 lowpan_write 3 20800 NULL ++strndup_user_20819 strndup_user 2 20819 NULL nohasharray ++do_glock_20819 do_glock 0 20819 &strndup_user_20819 +tipc_msg_build_20825 tipc_msg_build 3 20825 NULL +wl1271_format_buffer_20834 wl1271_format_buffer 2 20834 NULL -+uvc_alloc_entity_20836 uvc_alloc_entity 3-4 20836 NULL ++uvc_alloc_entity_20836 uvc_alloc_entity 4-3 20836 NULL +p9_tag_alloc_20845 p9_tag_alloc 3 20845 NULL +nvme_trans_supported_vpd_pages_20847 nvme_trans_supported_vpd_pages 4 20847 NULL +get_name_20855 get_name 4 20855 NULL @@ -110035,7 +116152,9 @@ index 0000000..9529806 +snd_rme9652_playback_copy_20970 snd_rme9652_playback_copy 5 20970 NULL +alg_setsockopt_20985 alg_setsockopt 5 20985 NULL +qib_verbs_send_20999 qib_verbs_send 5-3 20999 NULL ++btrfs_dirty_pages_21019 btrfs_dirty_pages 0 21019 NULL +btrfs_inode_ref_name_len_21024 btrfs_inode_ref_name_len 0 21024 NULL ++xfs_btree_new_root_21028 xfs_btree_new_root 0 21028 NULL +rx_defrag_tkip_called_read_21031 rx_defrag_tkip_called_read 3 21031 NULL +srp_change_queue_depth_21038 srp_change_queue_depth 2 21038 NULL +lbs_threshold_read_21046 lbs_threshold_read 5 21046 NULL @@ -110046,8 +116165,8 @@ index 0000000..9529806 +bl_add_page_to_bio_21094 bl_add_page_to_bio 2 21094 NULL nohasharray +multipath_status_21094 multipath_status 5 21094 &bl_add_page_to_bio_21094 +rate_control_pid_events_read_21099 rate_control_pid_events_read 3 21099 NULL -+ocfs2_extend_meta_needed_21104 ocfs2_extend_meta_needed 0 21104 NULL +ath6kl_send_go_probe_resp_21113 ath6kl_send_go_probe_resp 3 21113 NULL ++_efx_mcdi_rpc_async_21119 _efx_mcdi_rpc_async 4-5 21119 NULL +i2400m_rx_trace_21127 i2400m_rx_trace 3 21127 NULL +cx18_v4l2_read_21196 cx18_v4l2_read 3 21196 NULL +ipc_rcu_alloc_21208 ipc_rcu_alloc 1 21208 NULL @@ -110058,20 +116177,21 @@ index 0000000..9529806 +use_debug_keys_read_21251 use_debug_keys_read 3 21251 NULL +fru_length_21257 fru_length 0 21257 NULL +rtw_set_wps_beacon_21262 rtw_set_wps_beacon 3 21262 NULL -+ocfs2_blocks_for_bytes_21268 ocfs2_blocks_for_bytes 0-2 21268 NULL ++xfs_alloc_ag_vextent_size_21276 xfs_alloc_ag_vextent_size 0 21276 NULL +do_msg_fill_21307 do_msg_fill 3 21307 NULL +add_res_range_21310 add_res_range 4 21310 NULL +get_zeroed_page_21322 get_zeroed_page 0 21322 NULL +ftrace_profile_read_21327 ftrace_profile_read 3 21327 NULL +read_file_bool_bmps_21344 read_file_bool_bmps 3 21344 NULL -+ocfs2_find_subtree_root_21351 ocfs2_find_subtree_root 0 21351 NULL +gfs2_ea_get_copy_21353 gfs2_ea_get_copy 0 21353 NULL +alloc_orinocodev_21371 alloc_orinocodev 1 21371 NULL +SYSC_rt_sigpending_21379 SYSC_rt_sigpending 2 21379 NULL +video_ioctl2_21380 video_ioctl2 2 21380 NULL +insert_ptr_21386 insert_ptr 6 21386 NULL +diva_get_driver_dbg_mask_21399 diva_get_driver_dbg_mask 0 21399 NULL ++__clone_and_map_simple_bio_21404 __clone_and_map_simple_bio 4 21404 NULL +snd_m3_inw_21406 snd_m3_inw 0 21406 NULL ++usnic_ib_dump_vf_hdr_21423 usnic_ib_dump_vf_hdr 3 21423 NULL +snapshot_read_next_21426 snapshot_read_next 0 21426 NULL +tcp_bound_to_half_wnd_21429 tcp_bound_to_half_wnd 0-2 21429 NULL +tracing_saved_cmdlines_read_21434 tracing_saved_cmdlines_read 3 21434 NULL @@ -110090,12 +116210,14 @@ index 0000000..9529806 +snd_es18xx_mixer_read_21586 snd_es18xx_mixer_read 0 21586 NULL +ocfs2_acl_from_xattr_21604 ocfs2_acl_from_xattr 2 21604 NULL +filemap_get_page_21606 filemap_get_page 2 21606 NULL -+ocfs2_refcount_cow_hunk_21630 ocfs2_refcount_cow_hunk 3-4 21630 NULL ++gfs2_glock_nq_init_21624 gfs2_glock_nq_init 0 21624 NULL +__jfs_getxattr_21631 __jfs_getxattr 0 21631 NULL +atalk_sendmsg_21677 atalk_sendmsg 4 21677 NULL +ocfs2_xattr_get_nolock_21678 ocfs2_xattr_get_nolock 0 21678 NULL +rtllib_alloc_txb_21687 rtllib_alloc_txb 1 21687 NULL +evdev_ioctl_handler_21705 evdev_ioctl_handler 2 21705 NULL ++xfs_btree_insert_21712 xfs_btree_insert 0 21712 NULL ++update_time_21719 update_time 0 21719 NULL +unix_skb_len_21722 unix_skb_len 0 21722 NULL +lprocfs_wr_import_21728 lprocfs_wr_import 3 21728 NULL +mthca_alloc_init_21754 mthca_alloc_init 2 21754 NULL @@ -110104,6 +116226,7 @@ index 0000000..9529806 +xfs_da_grow_inode_int_21785 xfs_da_grow_inode_int 3 21785 NULL +dvb_generic_ioctl_21810 dvb_generic_ioctl 2 21810 NULL +__ocfs2_cluster_lock_21812 __ocfs2_cluster_lock 0 21812 NULL ++_iwl_dbgfs_sta_drain_write_21837 _iwl_dbgfs_sta_drain_write 3 21837 NULL +oom_adj_read_21847 oom_adj_read 3 21847 NULL +lpfc_idiag_extacc_avail_get_21865 lpfc_idiag_extacc_avail_get 0-3 21865 NULL +brcms_debugfs_hardware_read_21867 brcms_debugfs_hardware_read 3 21867 NULL @@ -110111,18 +116234,22 @@ index 0000000..9529806 +ldlm_lock_create_21888 ldlm_lock_create 7 21888 NULL +dbAllocCtl_21911 dbAllocCtl 0 21911 NULL +qsfp_1_read_21915 qsfp_1_read 3 21915 NULL ++__build_xattrs_21979 __build_xattrs 0 21979 NULL +SYSC_prctl_21980 SYSC_prctl 4 21980 NULL +compat_rw_copy_check_uvector_22001 compat_rw_copy_check_uvector 0-3 22001 NULL nohasharray +rxpipe_descr_host_int_trig_rx_data_read_22001 rxpipe_descr_host_int_trig_rx_data_read 3 22001 &compat_rw_copy_check_uvector_22001 +regcache_sync_block_raw_flush_22021 regcache_sync_block_raw_flush 3-4 22021 NULL +btrfs_get_16_22023 btrfs_get_16 0 22023 NULL +_sp2d_min_pg_22032 _sp2d_min_pg 0 22032 NULL ++lookup_metapath_22039 lookup_metapath 0 22039 NULL +zd_usb_read_fw_22049 zd_usb_read_fw 4 22049 NULL +ieee80211_if_fmt_dropped_frames_ttl_22054 ieee80211_if_fmt_dropped_frames_ttl 3 22054 NULL +btrfs_reloc_clone_csums_22077 btrfs_reloc_clone_csums 2-3 22077 NULL +mem_rw_22085 mem_rw 3 22085 NULL ++xfs_bmapi_reserve_delalloc_22086 xfs_bmapi_reserve_delalloc 0 22086 NULL +kstrtos32_from_user_22087 kstrtos32_from_user 2 22087 NULL +rt2x00debug_read_crypto_stats_22109 rt2x00debug_read_crypto_stats 3 22109 NULL ++shmem_add_to_page_cache_22121 shmem_add_to_page_cache 0 22121 NULL +snd_hda_codec_read_22130 snd_hda_codec_read 0 22130 NULL +SyS_sched_setaffinity_22148 SyS_sched_setaffinity 2 22148 NULL +do_tcp_sendpages_22155 do_tcp_sendpages 4 22155 NULL @@ -110134,28 +116261,23 @@ index 0000000..9529806 +compat_process_vm_rw_22254 compat_process_vm_rw 3-5 22254 NULL +ping_common_sendmsg_22261 ping_common_sendmsg 5 22261 NULL +add_res_tree_22263 add_res_tree 7 22263 NULL -+__btrfs_direct_write_22273 __btrfs_direct_write 4 22273 NULL ++__btrfs_direct_write_22273 __btrfs_direct_write 4-0 22273 NULL +queue_max_sectors_22280 queue_max_sectors 0 22280 NULL +__tun_chr_ioctl_22300 __tun_chr_ioctl 4 22300 NULL nohasharray +pci_vpd_srdt_size_22300 pci_vpd_srdt_size 0 22300 &__tun_chr_ioctl_22300 +mesh_table_alloc_22305 mesh_table_alloc 1 22305 NULL +lov_setstripe_22307 lov_setstripe 2 22307 NULL +udpv6_sendmsg_22316 udpv6_sendmsg 4 22316 NULL -+C_SYSC_msgrcv_22320 C_SYSC_msgrcv 3 22320 NULL +atomic_read_22342 atomic_read 0 22342 NULL +ll_lazystatfs_seq_write_22353 ll_lazystatfs_seq_write 3 22353 NULL -+memcg_size_22360 memcg_size 0 22360 NULL +snd_pcm_alsa_frames_22363 snd_pcm_alsa_frames 2 22363 NULL +evdev_ioctl_22371 evdev_ioctl 2 22371 NULL +alloc_large_system_hash_22391 alloc_large_system_hash 2 22391 NULL +zoran_write_22404 zoran_write 3 22404 NULL -+ATOMIC_ADD_RETURN_22413 ATOMIC_ADD_RETURN 2 22413 NULL +queue_reply_22416 queue_reply 3 22416 NULL +__set_enter_print_fmt_22431 __set_enter_print_fmt 0 22431 NULL +queue_max_segments_22441 queue_max_segments 0 22441 NULL +handle_received_packet_22457 handle_received_packet 3 22457 NULL -+mem_cgroup_read_22461 mem_cgroup_read 5 22461 NULL -+source_sink_start_ep_22472 source_sink_start_ep 0 22472 NULL +ecryptfs_write_22488 ecryptfs_write 4-3 22488 NULL +qib_user_sdma_alloc_header_22490 qib_user_sdma_alloc_header 2 22490 NULL +cache_write_procfs_22491 cache_write_procfs 3 22491 NULL @@ -110170,7 +116292,6 @@ index 0000000..9529806 +wl1271_rx_filter_get_fields_size_22638 wl1271_rx_filter_get_fields_size 0 22638 NULL +pwr_wake_on_timer_exp_read_22640 pwr_wake_on_timer_exp_read 3 22640 NULL +iwl_dbgfs_calib_disabled_read_22649 iwl_dbgfs_calib_disabled_read 3 22649 NULL -+compat_SyS_msgrcv_22661 compat_SyS_msgrcv 3 22661 NULL +ext4_ext_direct_IO_22679 ext4_ext_direct_IO 4 22679 NULL +l2tp_ip_recvmsg_22681 l2tp_ip_recvmsg 4 22681 NULL +bch_dump_read_22685 bch_dump_read 3 22685 NULL @@ -110179,35 +116300,40 @@ index 0000000..9529806 +cx18_copy_buf_to_user_22735 cx18_copy_buf_to_user 4-0 22735 NULL +ceph_decode_32_22738 ceph_decode_32 0 22738 NULL nohasharray +__mei_cl_send_22738 __mei_cl_send 3 22738 &ceph_decode_32_22738 ++__writeback_single_inode_22739 __writeback_single_inode 0 22739 NULL +iio_debugfs_write_reg_22742 iio_debugfs_write_reg 3 22742 NULL +qlcnic_sriov_init_22762 qlcnic_sriov_init 2 22762 NULL +print_frame_22769 print_frame 0 22769 NULL +ftrace_arch_read_dyn_info_22773 ftrace_arch_read_dyn_info 0 22773 NULL ++__break_lease_22777 __break_lease 0 22777 NULL ++vnic_dev_get_res_count_22791 vnic_dev_get_res_count 0 22791 NULL +pla_ocp_write_22802 pla_ocp_write 4 22802 NULL +__generic_copy_to_user_intel_22806 __generic_copy_to_user_intel 0-3 22806 NULL -+clone_bio_integrity_22842 clone_bio_integrity 4 22842 NULL +read_file_rcstat_22854 read_file_rcstat 3 22854 NULL +create_attr_set_22861 create_attr_set 1 22861 NULL +hash_ip6_expire_22867 hash_ip6_expire 4 22867 NULL +vmw_execbuf_process_22885 vmw_execbuf_process 5 22885 NULL +usblp_new_writeurb_22894 usblp_new_writeurb 2 22894 NULL +mdc800_device_read_22896 mdc800_device_read 3 22896 NULL -+policy_emit_config_values_22900 policy_emit_config_values 3 22900 NULL ++ion_handle_test_kernel_22900 ion_handle_test_kernel 4-3 22900 NULL nohasharray ++policy_emit_config_values_22900 policy_emit_config_values 3 22900 &ion_handle_test_kernel_22900 ++__set_xattr_22923 __set_xattr 0 22923 NULL +xstateregs_set_22932 xstateregs_set 4 22932 NULL +pcpu_mem_zalloc_22948 pcpu_mem_zalloc 1 22948 NULL +alloc_sglist_22960 alloc_sglist 2-3 22960 NULL +caif_seqpkt_sendmsg_22961 caif_seqpkt_sendmsg 4 22961 NULL +vme_get_size_22964 vme_get_size 0 22964 NULL +tx_frag_key_not_found_read_22971 tx_frag_key_not_found_read 3 22971 NULL ++cached_dev_cache_miss_22979 cached_dev_cache_miss 4 22979 NULL +usb_get_langid_22983 usb_get_langid 0 22983 NULL +remote_settings_file_write_22987 remote_settings_file_write 3 22987 NULL -+brcmf_sdio_chip_exit_download_23001 brcmf_sdio_chip_exit_download 4 23001 NULL +viafb_dvp0_proc_write_23023 viafb_dvp0_proc_write 3 23023 NULL +cifs_local_to_utf16_bytes_23025 cifs_local_to_utf16_bytes 0 23025 NULL -+ocfs2_refcount_cow_xattr_23029 ocfs2_refcount_cow_xattr 0-6-7 23029 NULL ++ocfs2_refcount_cow_xattr_23029 ocfs2_refcount_cow_xattr 0 23029 NULL +st_status_23032 st_status 5 23032 NULL +nv50_disp_chan_create__23056 nv50_disp_chan_create_ 5 23056 NULL +comedi_buf_write_n_available_23057 comedi_buf_write_n_available 0 23057 NULL ++security_inode_killpriv_23060 security_inode_killpriv 0 23060 NULL +reiserfs_add_entry_23062 reiserfs_add_entry 4 23062 NULL nohasharray +unix_seqpacket_recvmsg_23062 unix_seqpacket_recvmsg 4 23062 &reiserfs_add_entry_23062 +mei_cl_send_23068 mei_cl_send 3 23068 NULL @@ -110217,10 +116343,12 @@ index 0000000..9529806 +isr_tx_procs_read_23084 isr_tx_procs_read 3 23084 NULL +rt2x00debug_write_eeprom_23091 rt2x00debug_write_eeprom 3 23091 NULL +ntfs_ucstonls_23097 ntfs_ucstonls 3-5 23097 NULL ++xfs_dir_ialloc_23100 xfs_dir_ialloc 0 23100 NULL +pipe_iov_copy_from_user_23102 pipe_iov_copy_from_user 3 23102 NULL +dgram_recvmsg_23104 dgram_recvmsg 4 23104 NULL +mwl8k_cmd_set_beacon_23110 mwl8k_cmd_set_beacon 4 23110 NULL -+nl80211_send_rx_auth_23111 nl80211_send_rx_auth 4 23111 NULL ++nl80211_send_rx_auth_23111 nl80211_send_rx_auth 4 23111 NULL nohasharray ++bset_tree_bytes_23111 bset_tree_bytes 0 23111 &nl80211_send_rx_auth_23111 +__clear_user_23118 __clear_user 0-2 23118 NULL +drm_mode_create_tv_properties_23122 drm_mode_create_tv_properties 2 23122 NULL +ata_scsi_change_queue_depth_23126 ata_scsi_change_queue_depth 2 23126 NULL @@ -110242,14 +116370,16 @@ index 0000000..9529806 +__aa_kvmalloc_23320 __aa_kvmalloc 1 23320 NULL +page_readlink_23346 page_readlink 3 23346 NULL +kmem_zalloc_large_23351 kmem_zalloc_large 1 23351 NULL -+get_dst_timing_23358 get_dst_timing 0 23358 NULL ++get_dst_timing_23358 get_dst_timing 0 23358 NULL nohasharray ++write_inode_23358 write_inode 0 23358 &get_dst_timing_23358 +fd_setup_write_same_buf_23369 fd_setup_write_same_buf 3 23369 NULL +iscsi_change_queue_depth_23416 iscsi_change_queue_depth 2 23416 NULL +vga_mm_r_23419 vga_mm_r 0 23419 NULL +ocfs2_zero_tail_23447 ocfs2_zero_tail 3 23447 NULL +hidraw_send_report_23449 hidraw_send_report 3 23449 NULL +__ata_change_queue_depth_23484 __ata_change_queue_depth 3 23484 NULL -+linear_conf_23485 linear_conf 2 23485 NULL ++linear_conf_23485 linear_conf 2 23485 NULL nohasharray ++sync_mapping_buffers_23485 sync_mapping_buffers 0 23485 &linear_conf_23485 +event_filter_read_23494 event_filter_read 3 23494 NULL +lustre_acl_xattr_merge2ext_23502 lustre_acl_xattr_merge2ext 2 23502 NULL +devm_iio_device_alloc_23511 devm_iio_device_alloc 2 23511 NULL @@ -110262,6 +116392,7 @@ index 0000000..9529806 +xfpregs_get_23586 xfpregs_get 4 23586 NULL +snd_interval_min_23590 snd_interval_min 0 23590 NULL +islpci_mgt_transaction_23610 islpci_mgt_transaction 5 23610 NULL ++xfs_qm_dqread_23613 xfs_qm_dqread 0 23613 NULL +ocfs2_journal_access_23616 ocfs2_journal_access 0 23616 NULL +__i2400mu_send_barker_23652 __i2400mu_send_barker 3 23652 NULL +sInW_23663 sInW 0 23663 NULL @@ -110279,16 +116410,16 @@ index 0000000..9529806 +ocfs2_replace_cow_23803 ocfs2_replace_cow 0 23803 NULL +__earlyonly_bootmem_alloc_23824 __earlyonly_bootmem_alloc 2 23824 NULL +lustre_msg_buflen_23827 lustre_msg_buflen 0 23827 NULL -+ceph_copy_page_vector_to_user_23829 ceph_copy_page_vector_to_user 3-4 23829 NULL ++ceph_copy_page_vector_to_user_23829 ceph_copy_page_vector_to_user 0-4-3 23829 NULL +pgdat_end_pfn_23842 pgdat_end_pfn 0 23842 NULL +iwl_dbgfs_nvm_read_23845 iwl_dbgfs_nvm_read 3 23845 NULL +p54_init_common_23850 p54_init_common 1 23850 NULL +bin_to_hex_dup_23853 bin_to_hex_dup 2 23853 NULL +ocfs2_xattr_get_clusters_23857 ocfs2_xattr_get_clusters 0 23857 NULL +ieee80211_if_read_dot11MeshMaxPeerLinks_23878 ieee80211_if_read_dot11MeshMaxPeerLinks 3 23878 NULL -+nouveau_clock_create__23881 nouveau_clock_create_ 5 23881 NULL ++nouveau_clock_create__23881 nouveau_clock_create_ 5 23881 NULL nohasharray ++writeback_single_inode_23881 writeback_single_inode 0 23881 &nouveau_clock_create__23881 +tipc_snprintf_23893 tipc_snprintf 2-0 23893 NULL -+usbg_prepare_w_request_23895 usbg_prepare_w_request 0 23895 NULL +add_new_gdb_meta_bg_23911 add_new_gdb_meta_bg 3 23911 NULL nohasharray +ieee80211_if_read_hw_queues_23911 ieee80211_if_read_hw_queues 3 23911 &add_new_gdb_meta_bg_23911 +f2fs_getxattr_23917 f2fs_getxattr 0 23917 NULL @@ -110312,7 +116443,8 @@ index 0000000..9529806 +lov_brw_24122 lov_brw 4 24122 NULL +mpu401_read_24126 mpu401_read 3-0 24126 NULL +_picolcd_flash_write_24134 _picolcd_flash_write 4 24134 NULL -+irnet_ctrl_write_24139 irnet_ctrl_write 3 24139 NULL ++irnet_ctrl_write_24139 irnet_ctrl_write 3 24139 NULL nohasharray ++xfs_btree_increment_24139 xfs_btree_increment 0 24139 &irnet_ctrl_write_24139 +SyS_sethostname_24150 SyS_sethostname 2 24150 NULL +trim_bitmaps_24158 trim_bitmaps 3 24158 NULL +adu_read_24177 adu_read 3 24177 NULL @@ -110324,22 +116456,26 @@ index 0000000..9529806 +mei_amthif_read_24224 mei_amthif_read 4 24224 &pcpu_embed_first_chunk_24224 +pci_num_vf_24235 pci_num_vf 0 24235 NULL +sel_read_bool_24236 sel_read_bool 3 24236 NULL ++xfs_bmap_rtalloc_24237 xfs_bmap_rtalloc 0 24237 NULL +em28xx_alloc_urbs_24260 em28xx_alloc_urbs 4-6 24260 NULL +calculate_sizes_24273 calculate_sizes 2 24273 NULL +thin_status_24278 thin_status 5 24278 NULL +msg_size_24288 msg_size 0 24288 NULL +gserial_connect_24302 gserial_connect 0 24302 NULL +btmrvl_pscmd_read_24308 btmrvl_pscmd_read 3 24308 NULL ++reserve_metadata_bytes_24313 reserve_metadata_bytes 0 24313 NULL +ath6kl_add_bss_if_needed_24317 ath6kl_add_bss_if_needed 6 24317 NULL +si476x_radio_read_acf_blob_24336 si476x_radio_read_acf_blob 3 24336 NULL -+C_SYSC_pwritev_24345 C_SYSC_pwritev 3 24345 NULL ++prepare_pages_24349 prepare_pages 0 24349 NULL +kzalloc_node_24352 kzalloc_node 1 24352 NULL +qla2x00_handle_queue_full_24365 qla2x00_handle_queue_full 2 24365 NULL +cfi_read_pri_24366 cfi_read_pri 3 24366 NULL +btrfs_item_size_nr_24367 btrfs_item_size_nr 0 24367 NULL -+igetword_24373 igetword 0 24373 NULL ++igetword_24373 igetword 0 24373 NULL nohasharray ++break_deleg_24373 break_deleg 0 24373 &igetword_24373 +max_io_len_24384 max_io_len 0-1 24384 NULL +mpt_alloc_res_24387 mpt_alloc_res 5 24387 NULL ++xfs_bmapi_read_24392 xfs_bmapi_read 0 24392 NULL +osc_cur_grant_bytes_seq_write_24396 osc_cur_grant_bytes_seq_write 3 24396 NULL +getxattr_24398 getxattr 4 24398 NULL nohasharray +pvr2_v4l2_ioctl_24398 pvr2_v4l2_ioctl 2 24398 &getxattr_24398 @@ -110369,12 +116505,13 @@ index 0000000..9529806 +SyS_poll_24620 SyS_poll 2 24620 NULL +context_alloc_24645 context_alloc 3 24645 NULL +blk_rq_err_bytes_24650 blk_rq_err_bytes 0 24650 NULL ++xfs_log_commit_cil_24653 xfs_log_commit_cil 0 24653 NULL ++btrfs_check_data_free_space_24692 btrfs_check_data_free_space 0 24692 NULL +datafab_write_data_24696 datafab_write_data 4 24696 NULL +intelfbhw_get_p1p2_24703 intelfbhw_get_p1p2 2 24703 NULL +simple_attr_read_24738 simple_attr_read 3 24738 NULL +qla2x00_change_queue_depth_24742 qla2x00_change_queue_depth 2 24742 NULL +get_dma_residue_24749 get_dma_residue 0 24749 NULL -+ocfs2_cow_file_pos_24751 ocfs2_cow_file_pos 3 24751 NULL +kgdb_hex2mem_24755 kgdb_hex2mem 3 24755 NULL +ocfs2_read_blocks_24777 ocfs2_read_blocks 0 24777 NULL +datablob_hmac_verify_24786 datablob_hmac_verify 4 24786 NULL @@ -110389,14 +116526,15 @@ index 0000000..9529806 +l2cap_create_basic_pdu_24869 l2cap_create_basic_pdu 3 24869 &pnp_alloc_24869 +queues_read_24877 queues_read 3 24877 NULL +__vxge_hw_vp_initialize_24885 __vxge_hw_vp_initialize 2 24885 NULL ++xfs_qm_dqattach_24898 xfs_qm_dqattach 0 24898 NULL +codec_list_read_file_24910 codec_list_read_file 3 24910 NULL +v4l2_ctrl_new_24927 v4l2_ctrl_new 7 24927 NULL nohasharray +__btrfs_free_extent_24927 __btrfs_free_extent 7 24927 &v4l2_ctrl_new_24927 +ocfs2_fiemap_24949 ocfs2_fiemap 4-3 24949 NULL +packet_sendmsg_24954 packet_sendmsg 4 24954 NULL -+ll_layout_fetch_24961 ll_layout_fetch 0 24961 NULL +twl_i2c_write_u8_24976 twl_i2c_write_u8 3 24976 NULL +llc_ui_sendmsg_24987 llc_ui_sendmsg 4 24987 NULL ++slot_get_24999 slot_get 0 24999 NULL +key_conf_hw_key_idx_read_25003 key_conf_hw_key_idx_read 3 25003 NULL +il_dbgfs_channels_read_25005 il_dbgfs_channels_read 3 25005 NULL +ni_660x_num_counters_25031 ni_660x_num_counters 0 25031 NULL @@ -110406,10 +116544,10 @@ index 0000000..9529806 +gs_buf_alloc_25067 gs_buf_alloc 2 25067 NULL +ll_track_pid_seq_write_25068 ll_track_pid_seq_write 3 25068 NULL +SYSC_listxattr_25072 SYSC_listxattr 3 25072 NULL -+iwl_dbgfs_tx_flush_write_25091 iwl_dbgfs_tx_flush_write 3 25091 NULL +ima_appraise_measurement_25093 ima_appraise_measurement 6 25093 NULL +blkg_path_25099 blkg_path 3 25099 NULL +snd_rawmidi_kernel_write_25106 snd_rawmidi_kernel_write 3 25106 NULL ++gfs2_quota_check_25130 gfs2_quota_check 0 25130 NULL +ipath_init_qp_table_25167 ipath_init_qp_table 2 25167 NULL +kvm_mmu_notifier_change_pte_25169 kvm_mmu_notifier_change_pte 3 25169 NULL +sctp_getsockopt_local_addrs_25178 sctp_getsockopt_local_addrs 2 25178 NULL @@ -110425,24 +116563,27 @@ index 0000000..9529806 +unix_mkname_25368 unix_mkname 0-2 25368 NULL +sel_read_mls_25369 sel_read_mls 3 25369 NULL +vsp1_entity_init_25407 vsp1_entity_init 3 25407 NULL ++xfs_ialloc_pagi_init_25411 xfs_ialloc_pagi_init 0 25411 NULL +dai_list_read_file_25421 dai_list_read_file 3 25421 NULL -+generic_file_buffered_write_25464 generic_file_buffered_write 4 25464 NULL ++xfs_qm_dqtobp_25448 xfs_qm_dqtobp 0 25448 NULL ++generic_file_buffered_write_25464 generic_file_buffered_write 4-0-7 25464 NULL +ipath_decode_err_25468 ipath_decode_err 3 25468 NULL +crypto_hash_digestsize_25469 crypto_hash_digestsize 0 25469 NULL +ivtv_buf_copy_from_user_25502 ivtv_buf_copy_from_user 4-0 25502 NULL +snd_pcm_plugin_build_25505 snd_pcm_plugin_build 5 25505 NULL ++xfs_alloc_fix_freelist_25514 xfs_alloc_fix_freelist 0 25514 NULL +sb_permission_25523 sb_permission 0 25523 NULL +ext3_get_inode_loc_25542 ext3_get_inode_loc 0 25542 NULL +ieee80211_if_read_path_refresh_time_25545 ieee80211_if_read_path_refresh_time 3 25545 NULL +wimax_addr_scnprint_25548 wimax_addr_scnprint 2 25548 NULL -+ht_print_chan_25556 ht_print_chan 3-4-0 25556 NULL ++ht_print_chan_25556 ht_print_chan 0-3-4 25556 NULL +skb_tailroom_25567 skb_tailroom 0 25567 NULL +ping_recvmsg_25597 ping_recvmsg 4 25597 NULL +copy_user_generic_25611 copy_user_generic 0 25611 NULL +proc_coredump_filter_write_25625 proc_coredump_filter_write 3 25625 NULL +befs_utf2nls_25628 befs_utf2nls 3 25628 NULL nohasharray +__get_user_pages_25628 __get_user_pages 0 25628 &befs_utf2nls_25628 -+__direct_map_25647 __direct_map 6-5 25647 NULL ++__direct_map_25647 __direct_map 5-6 25647 NULL +aircable_prepare_write_buffer_25669 aircable_prepare_write_buffer 3 25669 NULL +lpfc_idiag_cmd_get_25672 lpfc_idiag_cmd_get 2 25672 NULL +sta_inactive_ms_read_25690 sta_inactive_ms_read 3 25690 NULL @@ -110453,6 +116594,7 @@ index 0000000..9529806 +cxgbi_device_portmap_create_25747 cxgbi_device_portmap_create 3 25747 NULL +event_rx_pool_read_25792 event_rx_pool_read 3 25792 NULL +sg_read_25799 sg_read 3 25799 NULL ++xfs_alloc_ag_vextent_exact_25810 xfs_alloc_ag_vextent_exact 0 25810 NULL +system_enable_read_25815 system_enable_read 3 25815 NULL +realloc_buffer_25816 realloc_buffer 2 25816 NULL +pwr_missing_bcns_read_25824 pwr_missing_bcns_read 3 25824 NULL @@ -110473,11 +116615,10 @@ index 0000000..9529806 +udp_setsockopt_25985 udp_setsockopt 5 25985 NULL +lustre_msg_buflen_v2_25997 lustre_msg_buflen_v2 0 25997 NULL +SyS_process_vm_readv_26019 SyS_process_vm_readv 3-5 26019 NULL -+xfs_xattr_acl_set_26028 xfs_xattr_acl_set 4 26028 NULL +mptscsih_change_queue_depth_26036 mptscsih_change_queue_depth 2 26036 NULL +selinux_inode_post_setxattr_26037 selinux_inode_post_setxattr 4 26037 NULL -+tun_do_read_26047 tun_do_read 5 26047 NULL +keyctl_update_key_26061 keyctl_update_key 3 26061 NULL ++btrfs_wait_ordered_range_26086 btrfs_wait_ordered_range 0 26086 NULL +rx_rx_wa_density_dropped_frame_read_26095 rx_rx_wa_density_dropped_frame_read 3 26095 NULL +read_sb_page_26119 read_sb_page 5 26119 NULL +ath9k_hw_name_26146 ath9k_hw_name 3 26146 NULL @@ -110492,12 +116633,12 @@ index 0000000..9529806 +mwifiex_regrdwr_write_26225 mwifiex_regrdwr_write 3 26225 NULL +_scsih_change_queue_depth_26230 _scsih_change_queue_depth 2 26230 NULL +rxrpc_recvmsg_26233 rxrpc_recvmsg 4 26233 NULL -+bio_split_26235 bio_split 2 26235 NULL ++simple_setattr_26234 simple_setattr 0 26234 NULL ++genwqe_ffdc_buff_size_26263 genwqe_ffdc_buff_size 0 26263 NULL +crypto_ctxsize_26278 crypto_ctxsize 0 26278 NULL +apei_resources_request_26279 apei_resources_request 0 26279 NULL +wacom_set_device_mode_26280 wacom_set_device_mode 3 26280 NULL -+snd_pcm_plug_client_channels_buf_26309 snd_pcm_plug_client_channels_buf 0-3 26309 NULL nohasharray -+pax_get_random_long_26309 pax_get_random_long 0 26309 &snd_pcm_plug_client_channels_buf_26309 ++snd_pcm_plug_client_channels_buf_26309 snd_pcm_plug_client_channels_buf 0-3 26309 NULL +pwr_wake_on_host_read_26321 pwr_wake_on_host_read 3 26321 NULL +check_can_nocow_26336 check_can_nocow 2 26336 NULL +snd_vx_check_reg_bit_26344 snd_vx_check_reg_bit 0 26344 NULL @@ -110516,15 +116657,19 @@ index 0000000..9529806 +uhid_char_write_26502 uhid_char_write 3 26502 NULL +vfio_pci_set_msi_trigger_26507 vfio_pci_set_msi_trigger 4-3 26507 NULL +iwl_dbgfs_rf_reset_read_26512 iwl_dbgfs_rf_reset_read 3 26512 NULL ++alloc_ep_req_26521 alloc_ep_req 3-2 26521 NULL +SyS_rt_sigpending_26538 SyS_rt_sigpending 2 26538 NULL +__vhost_add_used_n_26554 __vhost_add_used_n 3 26554 NULL +dio_new_bio_26562 dio_new_bio 0 26562 NULL +rts51x_read_mem_26577 rts51x_read_mem 4 26577 NULL ++xfs_rtcheck_range_26614 xfs_rtcheck_range 0 26614 NULL +pwr_fix_tsf_ps_read_26627 pwr_fix_tsf_ps_read 3 26627 NULL +irq_alloc_generic_chip_26650 irq_alloc_generic_chip 2 26650 NULL nohasharray +inb_p_26650 inb_p 0 26650 &irq_alloc_generic_chip_26650 +nouveau_volt_create__26654 nouveau_volt_create_ 4 26654 NULL +cipso_v4_map_cat_rbm_hton_26680 cipso_v4_map_cat_rbm_hton 0 26680 NULL ++flowinfo_read_26683 flowinfo_read 3 26683 NULL ++sysfs_add_file_26716 sysfs_add_file 0 26716 NULL +nouveau_namedb_create__26732 nouveau_namedb_create_ 7 26732 NULL +pipeline_tcp_rx_stat_fifo_int_read_26745 pipeline_tcp_rx_stat_fifo_int_read 3 26745 NULL +bos_desc_26752 bos_desc 0 26752 NULL @@ -110534,11 +116679,15 @@ index 0000000..9529806 +cipso_v4_genopt_26812 cipso_v4_genopt 0 26812 NULL +iwl_trans_read_mem32_26825 iwl_trans_read_mem32 0 26825 NULL +smk_write_load_26829 smk_write_load 3 26829 NULL ++xfs_alloc_pagf_init_26834 xfs_alloc_pagf_init 0 26834 NULL +scnprint_id_26842 scnprint_id 3-0 26842 NULL +ecryptfs_miscdev_write_26847 ecryptfs_miscdev_write 3 26847 NULL ++ss_alloc_ep_req_26848 ss_alloc_ep_req 2 26848 NULL +tipc_conn_sendmsg_26867 tipc_conn_sendmsg 5 26867 NULL +ath6kl_create_qos_write_26879 ath6kl_create_qos_write 3 26879 NULL +svc_print_xprts_26881 svc_print_xprts 0 26881 NULL ++skb_zerocopy_headlen_26910 skb_zerocopy_headlen 0 26910 NULL ++hhf_zalloc_26912 hhf_zalloc 1 26912 NULL +cfg80211_process_auth_26916 cfg80211_process_auth 3 26916 NULL +x25_asy_change_mtu_26928 x25_asy_change_mtu 2 26928 NULL +scsi_tgt_copy_sense_26933 scsi_tgt_copy_sense 3 26933 NULL @@ -110548,6 +116697,7 @@ index 0000000..9529806 +do_trimming_26952 do_trimming 3 26952 NULL nohasharray +extract_entropy_user_26952 extract_entropy_user 3 26952 &do_trimming_26952 +do_direct_IO_26979 do_direct_IO 0 26979 NULL ++xfs_filestream_associate_27030 xfs_filestream_associate 0 27030 NULL +__videobuf_alloc_vb_27062 __videobuf_alloc_vb 1 27062 NULL +ext4_convert_unwritten_extents_27064 ext4_convert_unwritten_extents 4-3-0 27064 NULL +snd_pcm_lib_period_bytes_27071 snd_pcm_lib_period_bytes 0 27071 NULL @@ -110577,9 +116727,10 @@ index 0000000..9529806 +seq_read_27411 seq_read 3 27411 NULL +ib_dma_map_sg_27413 ib_dma_map_sg 0 27413 NULL +ieee80211_if_read_smps_27416 ieee80211_if_read_smps 3 27416 NULL -+ocfs2_refcount_cal_cow_clusters_27422 ocfs2_refcount_cal_cow_clusters 0-3-4 27422 NULL ++ocfs2_refcount_cal_cow_clusters_27422 ocfs2_refcount_cal_cow_clusters 0 27422 NULL +cypress_write_27423 cypress_write 4 27423 NULL +sddr09_read_data_27447 sddr09_read_data 3 27447 NULL ++xfs_btree_lookup_get_block_27448 xfs_btree_lookup_get_block 0 27448 NULL +v4l2_ctrl_new_std_menu_items_27487 v4l2_ctrl_new_std_menu_items 4 27487 NULL +hcd_buffer_alloc_27495 hcd_buffer_alloc 2 27495 NULL +ip_set_get_h32_27498 ip_set_get_h32 0 27498 NULL @@ -110594,7 +116745,8 @@ index 0000000..9529806 +ocfs2_xattr_ibody_get_27642 ocfs2_xattr_ibody_get 0 27642 NULL nohasharray +nl80211_send_connect_result_27642 nl80211_send_connect_result 5-7 27642 &ocfs2_xattr_ibody_get_27642 nohasharray +read_flush_procfs_27642 read_flush_procfs 3 27642 &nl80211_send_connect_result_27642 nohasharray -+ocfs2_direct_IO_27642 ocfs2_direct_IO 4 27642 &read_flush_procfs_27642 ++ocfs2_direct_IO_27642 ocfs2_direct_IO 4 27642 &read_flush_procfs_27642 nohasharray ++xfs_alloc_vextent_27642 xfs_alloc_vextent 0 27642 &ocfs2_direct_IO_27642 +add_new_gdb_27643 add_new_gdb 3 27643 NULL +btrfs_fallocate_27647 btrfs_fallocate 3-4 27647 NULL +qnx6_readpages_27657 qnx6_readpages 4 27657 NULL @@ -110609,7 +116761,6 @@ index 0000000..9529806 +twl4030_set_gpio_dataout_27792 twl4030_set_gpio_dataout 1 27792 NULL +SyS_readv_27804 SyS_readv 3 27804 NULL +mpihelp_mul_27805 mpihelp_mul 5-3 27805 NULL -+fwtty_buffer_rx_27821 fwtty_buffer_rx 3 27821 NULL +hpt374_read_freq_27828 hpt374_read_freq 0 27828 NULL +init_header_complete_27833 init_header_complete 0 27833 NULL +read_profile_27859 read_profile 3 27859 NULL @@ -110617,13 +116768,17 @@ index 0000000..9529806 +ieee80211_if_read_dot11MeshHWMProotInterval_27873 ieee80211_if_read_dot11MeshHWMProotInterval 3 27873 NULL +unix_seqpacket_sendmsg_27893 unix_seqpacket_sendmsg 4 27893 NULL +check_mapped_name_27943 check_mapped_name 3 27943 NULL -+tracing_clock_write_27961 tracing_clock_write 3 27961 NULL ++bio_next_split_27961 bio_next_split 2 27961 NULL nohasharray ++tracing_clock_write_27961 tracing_clock_write 3 27961 &bio_next_split_27961 ++security_path_chown_27966 security_path_chown 0 27966 NULL +tipc_media_addr_printf_27971 tipc_media_addr_printf 2 27971 NULL +device_register_27972 device_register 0 27972 NULL nohasharray +mic_rx_pkts_read_27972 mic_rx_pkts_read 3 27972 &device_register_27972 -+pci_enable_device_flags_27977 pci_enable_device_flags 0 27977 NULL -+f2fs_bio_alloc_27983 f2fs_bio_alloc 2 27983 NULL ++xfs_alloc_fixup_trees_27975 xfs_alloc_fixup_trees 0 27975 NULL ++pci_enable_device_flags_27977 pci_enable_device_flags 0 27977 NULL nohasharray ++__kernfs_setattr_27977 __kernfs_setattr 0 27977 &pci_enable_device_flags_27977 +edt_ft5x06_debugfs_raw_data_read_28002 edt_ft5x06_debugfs_raw_data_read 3 28002 NULL ++seq_get_buf_28006 seq_get_buf 0 28006 NULL +snd_rawmidi_write_28008 snd_rawmidi_write 3 28008 NULL +powercap_register_zone_28028 powercap_register_zone 6 28028 NULL +sctp_setsockopt_maxburst_28041 sctp_setsockopt_maxburst 3 28041 NULL @@ -110636,6 +116791,7 @@ index 0000000..9529806 +mmc_test_alloc_mem_28102 mmc_test_alloc_mem 3-2 28102 NULL +rx_defrag_need_defrag_read_28117 rx_defrag_need_defrag_read 3 28117 NULL +vgacon_adjust_height_28124 vgacon_adjust_height 2 28124 NULL ++memblock_virt_alloc_from_nopanic_28146 memblock_virt_alloc_from_nopanic 1 28146 NULL +video_read_28148 video_read 3 28148 NULL +snd_midi_channel_alloc_set_28153 snd_midi_channel_alloc_set 1 28153 NULL +stats_dot11FCSErrorCount_read_28154 stats_dot11FCSErrorCount_read 3 28154 NULL @@ -110655,6 +116811,8 @@ index 0000000..9529806 +kstrtos16_from_user_28300 kstrtos16_from_user 2 28300 NULL +nouveau_compat_ioctl_28305 nouveau_compat_ioctl 2 28305 NULL +snd_pcm_oss_read_28317 snd_pcm_oss_read 3 28317 NULL ++security_inode_link_28327 security_inode_link 0 28327 NULL ++generic_write_checks_28329 generic_write_checks 0 28329 NULL +bm_entry_write_28338 bm_entry_write 3 28338 NULL +tcp_copy_to_iovec_28344 tcp_copy_to_iovec 3 28344 NULL +snapshot_write_28351 snapshot_write 3 28351 NULL @@ -110666,9 +116824,11 @@ index 0000000..9529806 +subdev_ioctl_28417 subdev_ioctl 2 28417 NULL +ksocknal_alloc_tx_28426 ksocknal_alloc_tx 2 28426 NULL +mpage_readpages_28436 mpage_readpages 3 28436 NULL ++xfs_rtfind_back_28450 xfs_rtfind_back 0 28450 NULL +snd_emu10k1_efx_read_28452 snd_emu10k1_efx_read 2 28452 NULL +key_mic_failures_read_28457 key_mic_failures_read 3 28457 NULL +alloc_irq_cpu_rmap_28459 alloc_irq_cpu_rmap 1 28459 NULL ++__filemap_fdatawrite_28485 __filemap_fdatawrite 0 28485 NULL +ps_poll_upsd_utilization_read_28519 ps_poll_upsd_utilization_read 3 28519 NULL +i2400m_tx_stats_read_28527 i2400m_tx_stats_read 3 28527 NULL +sel_read_policycap_28544 sel_read_policycap 3 28544 NULL @@ -110678,12 +116838,14 @@ index 0000000..9529806 +sysfs_create_bin_file_28551 sysfs_create_bin_file 0 28551 NULL +b43legacy_debugfs_write_28556 b43legacy_debugfs_write 3 28556 NULL +asymmetric_verify_28567 asymmetric_verify 3 28567 NULL ++gfs2_meta_indirect_buffer_28573 gfs2_meta_indirect_buffer 0 28573 NULL +oxygen_read32_28582 oxygen_read32 0 28582 NULL +extract_entropy_28604 extract_entropy 5-3 28604 NULL +kfifo_unused_28612 kfifo_unused 0 28612 NULL +snd_nm256_capture_copy_28622 snd_nm256_capture_copy 5-3 28622 NULL +setup_usemap_28636 setup_usemap 3-4 28636 NULL +qib_handle_6120_hwerrors_28642 qib_handle_6120_hwerrors 3 28642 NULL ++xfs_bmap_finish_28644 xfs_bmap_finish 0 28644 NULL +p9_fcall_alloc_28652 p9_fcall_alloc 1 28652 NULL +read_nic_io_byte_28654 read_nic_io_byte 0 28654 NULL +blk_queue_resize_tags_28670 blk_queue_resize_tags 2 28670 NULL @@ -110697,7 +116859,6 @@ index 0000000..9529806 +rpc_pipe_generic_upcall_28766 rpc_pipe_generic_upcall 4 28766 NULL +ath6kl_get_num_reg_28780 ath6kl_get_num_reg 0 28780 NULL +sel_write_member_28800 sel_write_member 3 28800 NULL -+cgroup_file_read_28804 cgroup_file_read 3 28804 NULL +iwl_dbgfs_rxon_filter_flags_read_28832 iwl_dbgfs_rxon_filter_flags_read 3 28832 NULL +vp_request_msix_vectors_28849 vp_request_msix_vectors 2 28849 NULL +ipv6_renew_options_28867 ipv6_renew_options 5 28867 NULL @@ -110707,9 +116868,11 @@ index 0000000..9529806 +ps_upsd_timeouts_read_28924 ps_upsd_timeouts_read 3 28924 NULL +iwl_dbgfs_sleep_level_override_write_28925 iwl_dbgfs_sleep_level_override_write 3 28925 NULL +push_rx_28939 push_rx 3 28939 NULL ++mxuport_prepare_write_buffer_28943 mxuport_prepare_write_buffer 3 28943 NULL +btrfs_trim_block_group_28963 btrfs_trim_block_group 3-4 28963 NULL +alloc_sched_domains_28972 alloc_sched_domains 1 28972 NULL +hash_net6_expire_28979 hash_net6_expire 4 28979 NULL ++xfs_alloc_update_28982 xfs_alloc_update 0 28982 NULL +hci_sock_setsockopt_28993 hci_sock_setsockopt 5 28993 NULL +bin_uuid_28999 bin_uuid 3 28999 NULL +fd_execute_rw_29004 fd_execute_rw 3 29004 NULL @@ -110717,11 +116880,12 @@ index 0000000..9529806 +rxrpc_sendmsg_29049 rxrpc_sendmsg 4 29049 NULL +btrfs_root_bytenr_29058 btrfs_root_bytenr 0 29058 NULL +iso_packets_buffer_init_29061 iso_packets_buffer_init 3-4 29061 NULL -+roundup_64_29066 roundup_64 2-0-1 29066 NULL +lpfc_idiag_extacc_drivr_get_29067 lpfc_idiag_extacc_drivr_get 0-3 29067 NULL +sctp_getsockopt_assoc_stats_29074 sctp_getsockopt_assoc_stats 2 29074 NULL ++xfs_alloc_ag_vextent_small_29084 xfs_alloc_ag_vextent_small 0 29084 NULL +iwl_dbgfs_log_event_write_29088 iwl_dbgfs_log_event_write 3 29088 NULL +i915_error_object_create_sized_29091 i915_error_object_create_sized 3 29091 NULL ++ccp_init_dm_workarea_29097 ccp_init_dm_workarea 3 29097 NULL +isdn_ppp_write_29109 isdn_ppp_write 4 29109 NULL +snprintf_29125 snprintf 0 29125 NULL +iov_shorten_29130 iov_shorten 0 29130 NULL @@ -110736,14 +116900,15 @@ index 0000000..9529806 +security_context_to_sid_core_29248 security_context_to_sid_core 2 29248 NULL +prism2_set_genericelement_29277 prism2_set_genericelement 3 29277 NULL +ext4_fiemap_29296 ext4_fiemap 4 29296 NULL ++xfs_bmap_btree_to_extents_29297 xfs_bmap_btree_to_extents 0 29297 NULL +sn9c102_read_29305 sn9c102_read 3 29305 NULL +__fuse_get_req_29315 __fuse_get_req 2 29315 NULL +lprocfs_write_helper_29323 lprocfs_write_helper 2 29323 NULL ++xfs_bmbt_change_owner_29325 xfs_bmbt_change_owner 0 29325 NULL +kvm_handle_hva_29326 kvm_handle_hva 2 29326 NULL +tun_put_user_29337 tun_put_user 5 29337 NULL +__alloc_ei_netdev_29338 __alloc_ei_netdev 1 29338 NULL +l2cap_sock_setsockopt_old_29346 l2cap_sock_setsockopt_old 4 29346 NULL -+mwifiex_cfg80211_mgmt_tx_29387 mwifiex_cfg80211_mgmt_tx 7 29387 NULL +read_file_tx99_power_29405 read_file_tx99_power 3 29405 NULL +mempool_create_29437 mempool_create 1 29437 NULL +crypto_ahash_alignmask_29445 crypto_ahash_alignmask 0 29445 NULL @@ -110754,19 +116919,23 @@ index 0000000..9529806 +simple_strtoul_29480 simple_strtoul 0 29480 NULL +btmrvl_pscmd_write_29504 btmrvl_pscmd_write 3 29504 NULL +btrfs_file_extent_disk_bytenr_29505 btrfs_file_extent_disk_bytenr 0 29505 NULL ++usnic_vnic_spec_dump_29508 usnic_vnic_spec_dump 2 29508 NULL +write_file_regidx_29517 write_file_regidx 3 29517 NULL +atk_debugfs_ggrp_read_29522 atk_debugfs_ggrp_read 3 29522 NULL ++add_to_page_cache_lru_29534 add_to_page_cache_lru 0 29534 NULL +ftrace_write_29551 ftrace_write 3 29551 NULL +idetape_queue_rw_tail_29562 idetape_queue_rw_tail 3 29562 NULL +leaf_dealloc_29566 leaf_dealloc 3 29566 NULL +kvm_read_guest_virt_system_29569 kvm_read_guest_virt_system 4-2 29569 NULL +lbs_lowsnr_read_29571 lbs_lowsnr_read 3 29571 NULL ++security_path_chmod_29578 security_path_chmod 0 29578 NULL +iwl_dbgfs_missed_beacon_write_29586 iwl_dbgfs_missed_beacon_write 3 29586 NULL +pvr2_hdw_report_unlocked_29589 pvr2_hdw_report_unlocked 4-0 29589 NULL +dio_set_defer_completion_29599 dio_set_defer_completion 0 29599 NULL +slots_per_page_29601 slots_per_page 0 29601 NULL +osc_cached_mb_seq_write_29610 osc_cached_mb_seq_write 3 29610 NULL +nla_get_u16_29624 nla_get_u16 0 29624 NULL ++gfs2_alloc_blocks_29630 gfs2_alloc_blocks 0 29630 NULL +tx_frag_cache_hit_read_29639 tx_frag_cache_hit_read 3 29639 NULL +sctp_make_abort_user_29654 sctp_make_abort_user 3 29654 NULL +sisusb_write_mem_bulk_29678 sisusb_write_mem_bulk 4 29678 NULL @@ -110781,40 +116950,45 @@ index 0000000..9529806 +__probe_kernel_write_29842 __probe_kernel_write 3 29842 NULL +kvm_read_hva_atomic_29848 kvm_read_hva_atomic 3 29848 NULL +count_partial_29850 count_partial 0 29850 NULL ++xfs_rtfind_forw_29866 xfs_rtfind_forw 0 29866 NULL +write_file_bool_bmps_29870 write_file_bool_bmps 3 29870 NULL +ipv6_setsockopt_29871 ipv6_setsockopt 5 29871 NULL +scsi_end_request_29876 scsi_end_request 3 29876 NULL +crypto_aead_alignmask_29885 crypto_aead_alignmask 0 29885 NULL ++xfs_alloc_read_agf_29893 xfs_alloc_read_agf 0 29893 NULL +lov_ost_pool_extend_29914 lov_ost_pool_extend 2 29914 NULL +write_file_queue_29922 write_file_queue 3 29922 NULL -+ext4_xattr_set_acl_29930 ext4_xattr_set_acl 4 29930 NULL +__btrfs_getxattr_29947 __btrfs_getxattr 0 29947 NULL nohasharray +ipv6_recv_error_29947 ipv6_recv_error 3 29947 &__btrfs_getxattr_29947 +dev_mem_write_30028 dev_mem_write 3 30028 NULL +alloc_netdev_mqs_30030 alloc_netdev_mqs 1 30030 NULL ++sysfs_add_file_mode_ns_30038 sysfs_add_file_mode_ns 0 30038 NULL +scsi_vpd_inquiry_30040 scsi_vpd_inquiry 4 30040 NULL +drp_wmove_30043 drp_wmove 4 30043 NULL ++mem_cgroup_charge_common_30047 mem_cgroup_charge_common 0 30047 NULL +__pci_request_selected_regions_30058 __pci_request_selected_regions 0 30058 NULL +cxgbi_ddp_reserve_30091 cxgbi_ddp_reserve 4 30091 NULL +snd_midi_channel_init_set_30092 snd_midi_channel_init_set 1 30092 NULL +rx_filter_data_filter_read_30098 rx_filter_data_filter_read 3 30098 NULL +defragment_dma_buffer_30113 defragment_dma_buffer 0 30113 NULL ++xfs_iget_cache_miss_30115 xfs_iget_cache_miss 0 30115 NULL +spi_async_locked_30117 spi_async_locked 0 30117 NULL +recv_stream_30138 recv_stream 4 30138 NULL +u_memcpya_30139 u_memcpya 3-2 30139 NULL ++dbg_port_buf_30145 dbg_port_buf 2 30145 NULL +elfcorehdr_read_30159 elfcorehdr_read 2 30159 NULL +alloc_switch_ctx_30165 alloc_switch_ctx 2 30165 NULL -+expand_inode_data_30169 expand_inode_data 2-3 30169 NULL ++expand_inode_data_30169 expand_inode_data 3-2 30169 NULL +mempool_create_page_pool_30189 mempool_create_page_pool 1 30189 NULL +drm_property_create_bitmask_30195 drm_property_create_bitmask 5 30195 NULL ++__genwqe_readq_30197 __genwqe_readq 0 30197 NULL +usblp_ioctl_30203 usblp_ioctl 2 30203 NULL +read_4k_modal_eeprom_30212 read_4k_modal_eeprom 3 30212 NULL -+SyS_semop_30227 SyS_semop 3 30227 NULL +bitmap_file_set_bit_30228 bitmap_file_set_bit 2 30228 NULL -+ocfs2_calc_bg_discontig_credits_30230 ocfs2_calc_bg_discontig_credits 0 30230 NULL ++shmem_unuse_inode_30263 shmem_unuse_inode 0 30263 NULL +rawv6_recvmsg_30265 rawv6_recvmsg 4 30265 NULL -+hfsplus_trusted_setxattr_30270 hfsplus_trusted_setxattr 4 30270 NULL -+isr_pci_pm_read_30271 isr_pci_pm_read 3 30271 NULL ++try_break_deleg_30271 try_break_deleg 0 30271 NULL nohasharray ++isr_pci_pm_read_30271 isr_pci_pm_read 3 30271 &try_break_deleg_30271 +compat_readv_30273 compat_readv 3 30273 NULL +skcipher_sendmsg_30290 skcipher_sendmsg 4 30290 NULL +pipeline_sec_frag_swi_read_30294 pipeline_sec_frag_swi_read 3 30294 NULL @@ -110824,7 +116998,9 @@ index 0000000..9529806 +i8254_read_30330 i8254_read 0 30330 NULL +resource_from_user_30341 resource_from_user 3 30341 NULL +o2nm_this_node_30342 o2nm_this_node 0 30342 NULL ++gfs2_trans_begin_30359 gfs2_trans_begin 0 30359 NULL +kstrtou32_from_user_30361 kstrtou32_from_user 2 30361 NULL ++pagecache_write_begin_30364 pagecache_write_begin 0 30364 NULL +C_SYSC_readv_30369 C_SYSC_readv 3 30369 NULL +blkdev_issue_zeroout_30392 blkdev_issue_zeroout 3 30392 NULL +c4iw_init_resource_30393 c4iw_init_resource 2-3 30393 NULL @@ -110840,6 +117016,8 @@ index 0000000..9529806 +adu_write_30487 adu_write 3 30487 NULL +dtim_interval_write_30489 dtim_interval_write 3 30489 NULL +batadv_send_tt_request_30493 batadv_send_tt_request 5 30493 NULL ++__send_duplicate_bios_30498 __send_duplicate_bios 4 30498 NULL ++memblock_virt_alloc_node_30515 memblock_virt_alloc_node 1 30515 NULL +dwc3_testmode_write_30516 dwc3_testmode_write 3 30516 NULL +set_config_30526 set_config 0 30526 NULL nohasharray +debug_debug2_read_30526 debug_debug2_read 3 30526 &set_config_30526 @@ -110847,10 +117025,7 @@ index 0000000..9529806 +disk_expand_part_tbl_30561 disk_expand_part_tbl 2 30561 NULL +set_le_30581 set_le 4 30581 NULL +blk_init_tags_30592 blk_init_tags 1 30592 NULL -+i2c_hid_get_report_length_30598 i2c_hid_get_report_length 0 30598 NULL -+sgl_map_user_pages_30610 sgl_map_user_pages 2 30610 NULL nohasharray -+cpufreq_get_global_kobject_30610 cpufreq_get_global_kobject 0 30610 &sgl_map_user_pages_30610 -+SyS_msgrcv_30611 SyS_msgrcv 3 30611 NULL ++sgl_map_user_pages_30610 sgl_map_user_pages 2 30610 NULL +macvtap_sendmsg_30629 macvtap_sendmsg 4 30629 NULL +ieee80211_if_read_dot11MeshAwakeWindowDuration_30631 ieee80211_if_read_dot11MeshAwakeWindowDuration 3 30631 NULL +compat_raw_setsockopt_30634 compat_raw_setsockopt 5 30634 NULL @@ -110858,18 +117033,23 @@ index 0000000..9529806 +SyS_listxattr_30647 SyS_listxattr 3 30647 NULL +jffs2_flash_read_30667 jffs2_flash_read 0 30667 NULL +ni_ai_fifo_read_30681 ni_ai_fifo_read 3 30681 NULL -+dccp_setsockopt_ccid_30701 dccp_setsockopt_ccid 4 30701 NULL ++dccp_setsockopt_ccid_30701 dccp_setsockopt_ccid 4 30701 NULL nohasharray ++xfs_bmap_add_extent_unwritten_real_30701 xfs_bmap_add_extent_unwritten_real 0 30701 &dccp_setsockopt_ccid_30701 +lbs_wrbbp_write_30712 lbs_wrbbp_write 3 30712 NULL +lbs_debugfs_read_30721 lbs_debugfs_read 3 30721 NULL +snd_nm256_playback_silence_30727 snd_nm256_playback_silence 4-3 30727 NULL +snapshot_status_30744 snapshot_status 5 30744 NULL +fuse_conn_limit_write_30777 fuse_conn_limit_write 3 30777 NULL ++__bio_alloc_30787 __bio_alloc 3 30787 NULL +smk_read_doi_30813 smk_read_doi 3 30813 NULL ++xlog_grant_head_wait_30829 xlog_grant_head_wait 0 30829 NULL +get_kobj_path_length_30831 get_kobj_path_length 0 30831 NULL ++ath10k_write_fw_dbglog_30835 ath10k_write_fw_dbglog 3 30835 NULL +sctp_setsockopt_auth_chunk_30843 sctp_setsockopt_auth_chunk 3 30843 NULL +wd_autoreset_write_30862 wd_autoreset_write 3 30862 NULL +ieee80211_if_fmt_dropped_frames_no_route_30884 ieee80211_if_fmt_dropped_frames_no_route 3 30884 NULL +pn_recvmsg_30887 pn_recvmsg 4 30887 NULL ++usnic_debugfs_buildinfo_read_30928 usnic_debugfs_buildinfo_read 3 30928 NULL +sctp_setsockopt_rtoinfo_30941 sctp_setsockopt_rtoinfo 3 30941 NULL +tty_insert_flip_string_flags_30969 tty_insert_flip_string_flags 4 30969 NULL +huge_page_mask_30981 huge_page_mask 0 30981 NULL @@ -110878,7 +117058,7 @@ index 0000000..9529806 +ima_eventsig_init_31022 ima_eventsig_init 5 31022 NULL +template_fmt_size_31033 template_fmt_size 0 31033 NULL +do_setup_msi_irqs_31043 do_setup_msi_irqs 2 31043 NULL -+stride_pg_count_31053 stride_pg_count 0-2-1-4-3-5 31053 NULL ++stride_pg_count_31053 stride_pg_count 0-3-2-1-4-5 31053 NULL +lbs_failcount_read_31063 lbs_failcount_read 3 31063 NULL +sctp_setsockopt_context_31091 sctp_setsockopt_context 3 31091 NULL +proc_gid_map_write_31093 proc_gid_map_write 3 31093 NULL @@ -110904,6 +117084,7 @@ index 0000000..9529806 +sisusbcon_scroll_31315 sisusbcon_scroll 5-2-3 31315 NULL +command_file_write_31318 command_file_write 3 31318 NULL +hwerr_crcbits_31334 hwerr_crcbits 4 31334 NULL ++radix_tree_insert_31336 radix_tree_insert 0 31336 NULL +em28xx_init_usb_xfer_31337 em28xx_init_usb_xfer 4-6 31337 NULL +outlen_write_31358 outlen_write 3 31358 NULL +ieee80211_rx_mgmt_auth_31366 ieee80211_rx_mgmt_auth 3 31366 NULL @@ -110930,7 +117111,9 @@ index 0000000..9529806 +snd_compr_get_avail_31584 snd_compr_get_avail 0 31584 NULL +iwl_dbgfs_ucode_tx_stats_read_31611 iwl_dbgfs_ucode_tx_stats_read 3 31611 NULL +mtd_get_user_prot_info_31616 mtd_get_user_prot_info 0 31616 NULL -+arvo_sysfs_read_31617 arvo_sysfs_read 6 31617 NULL ++arvo_sysfs_read_31617 arvo_sysfs_read 6 31617 NULL nohasharray ++memblock_virt_alloc_nopanic_31617 memblock_virt_alloc_nopanic 1 31617 &arvo_sysfs_read_31617 ++usnic_ib_dump_vf_31623 usnic_ib_dump_vf 3 31623 NULL +videobuf_read_one_31637 videobuf_read_one 3 31637 NULL +pod_alloc_sysex_buffer_31651 pod_alloc_sysex_buffer 3 31651 NULL +xfer_secondary_pool_31661 xfer_secondary_pool 2 31661 NULL @@ -110938,6 +117121,8 @@ index 0000000..9529806 +copy_from_user_nmi_31672 copy_from_user_nmi 3-0 31672 NULL +forced_ps_read_31685 forced_ps_read 3 31685 NULL +fst_recover_rx_error_31687 fst_recover_rx_error 3 31687 NULL ++gfs2_dir_check_31711 gfs2_dir_check 0 31711 NULL ++rs_pretty_print_rate_31727 rs_pretty_print_rate 0 31727 NULL +utf16s_to_utf8s_31735 utf16s_to_utf8s 0 31735 NULL nohasharray +lu_buf_check_and_grow_31735 lu_buf_check_and_grow 2 31735 &utf16s_to_utf8s_31735 +shmem_pwrite_slow_31741 shmem_pwrite_slow 3-2 31741 NULL @@ -110946,6 +117131,7 @@ index 0000000..9529806 +bcm_char_read_31750 bcm_char_read 3 31750 NULL +snd_seq_device_new_31753 snd_seq_device_new 4 31753 NULL +SyS_lsetxattr_31766 SyS_lsetxattr 4 31766 NULL ++osync_buffers_list_31789 osync_buffers_list 0 31789 NULL +usblp_cache_device_id_string_31790 usblp_cache_device_id_string 0 31790 NULL +ecryptfs_send_message_locked_31801 ecryptfs_send_message_locked 2 31801 NULL +isr_rx_procs_read_31804 isr_rx_procs_read 3 31804 NULL @@ -110953,7 +117139,9 @@ index 0000000..9529806 +SyS_msgsnd_31814 SyS_msgsnd 3 31814 NULL +strnlen_user_31815 strnlen_user 0-2 31815 NULL +sta_last_signal_read_31818 sta_last_signal_read 3 31818 NULL ++clone_bio_31854 clone_bio 4-3 31854 NULL +SyS_ppoll_31855 SyS_ppoll 2 31855 NULL ++foreach_descriptor_31873 foreach_descriptor 0 31873 NULL +iwl_dbgfs_disable_ht40_write_31876 iwl_dbgfs_disable_ht40_write 3 31876 NULL +drm_mode_crtc_set_gamma_size_31881 drm_mode_crtc_set_gamma_size 2 31881 NULL +ddb_output_write_31902 ddb_output_write 3-0 31902 NULL @@ -110967,6 +117155,7 @@ index 0000000..9529806 +vb2_write_31948 vb2_write 3 31948 NULL +pvr2_ctrl_get_valname_31951 pvr2_ctrl_get_valname 4 31951 NULL +regcache_rbtree_sync_31964 regcache_rbtree_sync 2 31964 NULL ++iwl_rx_packet_payload_len_31965 iwl_rx_packet_payload_len 0 31965 NULL +copy_from_user_toio_31966 copy_from_user_toio 3 31966 NULL +iblock_execute_rw_31982 iblock_execute_rw 3 31982 NULL nohasharray +vx_read_status_31982 vx_read_status 0 31982 &iblock_execute_rw_31982 @@ -110975,11 +117164,10 @@ index 0000000..9529806 +sysfs_create_file_31996 sysfs_create_file 0 31996 NULL +calc_hmac_32010 calc_hmac 3 32010 NULL +aead_len_32021 aead_len 0 32021 NULL -+posix_acl_set_32037 posix_acl_set 4 32037 NULL +stk_read_32038 stk_read 3 32038 NULL -+ocfs2_update_edge_lengths_32046 ocfs2_update_edge_lengths 3 32046 NULL +SYSC_llistxattr_32061 SYSC_llistxattr 3 32061 NULL +proc_scsi_devinfo_write_32064 proc_scsi_devinfo_write 3 32064 NULL ++xfs_buf_iowait_32068 xfs_buf_iowait 0 32068 NULL +cow_file_range_inline_32091 cow_file_range_inline 3 32091 NULL +bio_alloc_32095 bio_alloc 2 32095 NULL +ath6kl_fwlog_read_32101 ath6kl_fwlog_read 3 32101 NULL @@ -110989,6 +117177,7 @@ index 0000000..9529806 +do_writepages_32173 do_writepages 0 32173 NULL +del_ptr_32197 del_ptr 4 32197 NULL +wusb_ccm_mac_32199 wusb_ccm_mac 7 32199 NULL ++__mem_cgroup_try_charge_swapin_32204 __mem_cgroup_try_charge_swapin 0 32204 NULL +riva_get_cmap_len_32218 riva_get_cmap_len 0 32218 NULL +caif_seqpkt_recvmsg_32241 caif_seqpkt_recvmsg 4 32241 NULL +lbs_lowrssi_read_32242 lbs_lowrssi_read 3 32242 NULL @@ -110998,6 +117187,7 @@ index 0000000..9529806 +SyS_select_32319 SyS_select 1 32319 NULL +nouveau_bar_create__32332 nouveau_bar_create_ 4 32332 NULL +nl80211_send_mlme_event_32337 nl80211_send_mlme_event 4 32337 NULL ++xfs_bmap_extsize_align_32338 xfs_bmap_extsize_align 0 32338 NULL +t4_alloc_mem_32342 t4_alloc_mem 1 32342 NULL +dispatch_ioctl_32357 dispatch_ioctl 2 32357 NULL nohasharray +rx_streaming_always_write_32357 rx_streaming_always_write 3 32357 &dispatch_ioctl_32357 @@ -111007,6 +117197,7 @@ index 0000000..9529806 +ll_setxattr_common_32398 ll_setxattr_common 4 32398 NULL +xfs_iext_add_indirect_multi_32400 xfs_iext_add_indirect_multi 3 32400 NULL +vmci_qp_alloc_32405 vmci_qp_alloc 5-3 32405 NULL ++xfs_alloc_put_freelist_32437 xfs_alloc_put_freelist 0 32437 NULL +cache_status_32462 cache_status 5 32462 NULL +fill_readbuf_32464 fill_readbuf 3 32464 NULL +dgap_usertoboard_32490 dgap_usertoboard 4 32490 NULL @@ -111016,8 +117207,7 @@ index 0000000..9529806 +ctrl_std_val_to_sym_32516 ctrl_std_val_to_sym 5 32516 NULL +disconnect_32521 disconnect 4 32521 NULL +qsfp_read_32522 qsfp_read 0-2-4 32522 NULL -+ocfs2_refresh_qinfo_32524 ocfs2_refresh_qinfo 0 32524 NULL nohasharray -+audio_get_intf_req_32524 audio_get_intf_req 0 32524 &ocfs2_refresh_qinfo_32524 ++ocfs2_refresh_qinfo_32524 ocfs2_refresh_qinfo 0 32524 NULL +ilo_read_32531 ilo_read 3 32531 NULL +ieee80211_if_read_estab_plinks_32533 ieee80211_if_read_estab_plinks 3 32533 NULL +format_devstat_counter_32550 format_devstat_counter 3 32550 NULL @@ -111027,6 +117217,7 @@ index 0000000..9529806 +pipeline_tcp_tx_stat_fifo_int_read_32589 pipeline_tcp_tx_stat_fifo_int_read 3 32589 NULL +read_file_beacon_32595 read_file_beacon 3 32595 NULL +ieee80211_if_read_dropped_frames_congestion_32603 ieee80211_if_read_dropped_frames_congestion 3 32603 NULL ++xfs_bmap_last_offset_32614 xfs_bmap_last_offset 0 32614 NULL +irda_recvmsg_dgram_32631 irda_recvmsg_dgram 4 32631 NULL +cfg80211_roamed_32632 cfg80211_roamed 5-7 32632 NULL +kvmalloc_32646 kvmalloc 1 32646 NULL @@ -111034,24 +117225,26 @@ index 0000000..9529806 +generic_readlink_32654 generic_readlink 3 32654 NULL +move_addr_to_kernel_32673 move_addr_to_kernel 2 32673 NULL +apei_res_add_32674 apei_res_add 0 32674 NULL -+compat_SyS_preadv_32679 compat_SyS_preadv 3 32679 NULL +jfs_readpages_32702 jfs_readpages 4 32702 NULL ++xfs_filestream_new_ag_32711 xfs_filestream_new_ag 0 32711 NULL +rt2x00debug_read_queue_dump_32712 rt2x00debug_read_queue_dump 3 32712 NULL ++xfs_bmbt_update_32713 xfs_bmbt_update 0 32713 NULL +i40e_pci_sriov_enable_32742 i40e_pci_sriov_enable 2 32742 NULL +megasas_change_queue_depth_32747 megasas_change_queue_depth 2 32747 NULL +stats_read_ul_32751 stats_read_ul 3 32751 NULL +vmci_transport_dgram_dequeue_32775 vmci_transport_dgram_dequeue 4 32775 NULL +sctp_tsnmap_grow_32784 sctp_tsnmap_grow 2 32784 NULL ++xfs_trans_read_buf_32795 xfs_trans_read_buf 0 32795 NULL +rproc_name_read_32805 rproc_name_read 3 32805 NULL ++sta_tx_latency_stat_read_32862 sta_tx_latency_stat_read 3 32862 NULL +new_tape_buffer_32866 new_tape_buffer 2 32866 NULL +cifs_writedata_alloc_32880 cifs_writedata_alloc 1 32880 NULL nohasharray +ath6kl_usb_submit_ctrl_in_32880 ath6kl_usb_submit_ctrl_in 6 32880 &cifs_writedata_alloc_32880 -+vp702x_usb_inout_cmd_32884 vp702x_usb_inout_cmd 6-4 32884 NULL ++vp702x_usb_inout_cmd_32884 vp702x_usb_inout_cmd 4-6 32884 NULL +il_dbgfs_tx_stats_read_32913 il_dbgfs_tx_stats_read 3 32913 NULL +zlib_inflate_workspacesize_32927 zlib_inflate_workspacesize 0 32927 NULL +rmap_recycle_32938 rmap_recycle 3 32938 NULL -+xfs_log_reserve_32959 xfs_log_reserve 2 32959 NULL -+ocfs2_check_dir_trailer_32968 ocfs2_check_dir_trailer 0 32968 NULL ++xfs_log_reserve_32959 xfs_log_reserve 0 32959 NULL +compat_filldir_32999 compat_filldir 3 32999 NULL +SyS_syslog_33007 SyS_syslog 3 33007 NULL +br_multicast_set_hash_max_33012 br_multicast_set_hash_max 2 33012 NULL @@ -111066,8 +117259,9 @@ index 0000000..9529806 +alloc_tio_33077 alloc_tio 3 33077 NULL +acl_permission_check_33083 acl_permission_check 0 33083 NULL +fb_sys_write_33130 fb_sys_write 3 33130 NULL -+__len_within_target_33132 __len_within_target 0 33132 NULL ++notify_change_33143 notify_change 0 33143 NULL +SyS_poll_33152 SyS_poll 2 33152 NULL ++_pci_add_cap_save_buffer_33153 _pci_add_cap_save_buffer 4 33153 NULL +debug_debug6_read_33168 debug_debug6_read 3 33168 NULL +dataflash_read_fact_otp_33204 dataflash_read_fact_otp 3-2 33204 NULL +pp_read_33210 pp_read 3 33210 NULL @@ -111088,13 +117282,13 @@ index 0000000..9529806 +ocfs2_allocate_unwritten_extents_33394 ocfs2_allocate_unwritten_extents 3-2 33394 NULL +cfs_trace_copyin_string_33396 cfs_trace_copyin_string 4 33396 NULL +snd_pcm_capture_ioctl1_33408 snd_pcm_capture_ioctl1 0 33408 NULL ++filemap_fdatawrite_33415 filemap_fdatawrite 0 33415 NULL +hash_netiface6_expire_33421 hash_netiface6_expire 4 33421 NULL +dis_tap_write_33426 dis_tap_write 3 33426 NULL +message_stats_list_33440 message_stats_list 5 33440 NULL +ovs_vport_alloc_33475 ovs_vport_alloc 1 33475 NULL +create_entry_33479 create_entry 2 33479 NULL -+ip_setsockopt_33487 ip_setsockopt 5 33487 NULL nohasharray -+elf_map_33487 elf_map 0-2 33487 &ip_setsockopt_33487 ++ip_setsockopt_33487 ip_setsockopt 5 33487 NULL +res_counter_read_33499 res_counter_read 4 33499 NULL +hash_netnet4_expire_33500 hash_netnet4_expire 4 33500 NULL +fb_read_33506 fb_read 3 33506 NULL @@ -111110,17 +117304,20 @@ index 0000000..9529806 +xt_compat_target_offset_33608 xt_compat_target_offset 0 33608 NULL +usb_gstrings_attach_33615 usb_gstrings_attach 3 33615 NULL nohasharray +il_dbgfs_qos_read_33615 il_dbgfs_qos_read 3 33615 &usb_gstrings_attach_33615 ++xfs_btree_check_sblock_33618 xfs_btree_check_sblock 0 33618 NULL +stride_page_count_33641 stride_page_count 2 33641 NULL +irq_blk_threshold_read_33666 irq_blk_threshold_read 3 33666 NULL +inw_p_33668 inw_p 0 33668 NULL +arp_hdr_len_33671 arp_hdr_len 0 33671 NULL +i2c_hid_alloc_buffers_33673 i2c_hid_alloc_buffers 2 33673 NULL ++submit_one_bio_33683 submit_one_bio 0 33683 NULL +nv50_disp_dmac_create__33696 nv50_disp_dmac_create_ 6 33696 NULL +netlink_sendmsg_33708 netlink_sendmsg 4 33708 NULL +tipc_link_stats_33716 tipc_link_stats 3 33716 NULL +ext4_wb_update_i_disksize_33717 ext4_wb_update_i_disksize 2 33717 NULL +pvr2_stream_buffer_count_33719 pvr2_stream_buffer_count 2 33719 NULL +write_file_spectral_count_33723 write_file_spectral_count 3 33723 NULL ++read_file_node_recv_33729 read_file_node_recv 3 33729 NULL +__mutex_lock_interruptible_slowpath_33735 __mutex_lock_interruptible_slowpath 0 33735 NULL +vifs_state_read_33762 vifs_state_read 3 33762 NULL +hashtab_create_33769 hashtab_create 3 33769 NULL @@ -111131,18 +117328,20 @@ index 0000000..9529806 +ext4_journal_extend_33835 ext4_journal_extend 2 33835 NULL +oz_cdev_write_33852 oz_cdev_write 3 33852 NULL +get_user_pages_33908 get_user_pages 0 33908 NULL ++sg_nents_33909 sg_nents 0 33909 NULL +ath6kl_roam_mode_write_33912 ath6kl_roam_mode_write 3 33912 NULL +queue_logical_block_size_33918 queue_logical_block_size 0 33918 NULL +sel_read_avc_cache_threshold_33942 sel_read_avc_cache_threshold 3 33942 NULL +lpfc_idiag_ctlacc_read_33943 lpfc_idiag_ctlacc_read 3 33943 NULL +read_file_tgt_rx_stats_33944 read_file_tgt_rx_stats 3 33944 NULL -+hfsplus_osx_setxattr_33952 hfsplus_osx_setxattr 4 33952 NULL +__proc_dump_kernel_33954 __proc_dump_kernel 5 33954 NULL ++btrfs_delalloc_reserve_metadata_33963 btrfs_delalloc_reserve_metadata 0 33963 NULL +vga_switcheroo_debugfs_write_33984 vga_switcheroo_debugfs_write 3 33984 NULL +lbs_lowrssi_write_34025 lbs_lowrssi_write 3 34025 NULL +ppp_write_34034 ppp_write 3 34034 NULL +tty_insert_flip_string_34042 tty_insert_flip_string 3-0 34042 NULL +memcg_update_all_caches_34068 memcg_update_all_caches 1 34068 NULL ++xfs_dialloc_34078 xfs_dialloc 0 34078 NULL +pipeline_pipeline_fifo_full_read_34095 pipeline_pipeline_fifo_full_read 3 34095 NULL +__irq_domain_add_34101 __irq_domain_add 2 34101 NULL +proc_scsi_host_write_34107 proc_scsi_host_write 3 34107 NULL @@ -111152,8 +117351,8 @@ index 0000000..9529806 +shmem_pread_fast_34147 shmem_pread_fast 3 34147 NULL +ocfs2_xattr_list_entry_34165 ocfs2_xattr_list_entry 0 34165 NULL +skb_to_sgvec_34171 skb_to_sgvec 0 34171 NULL ++xfs_bmapi_write_34208 xfs_bmapi_write 0 34208 NULL +ext4_da_write_begin_34215 ext4_da_write_begin 3-4 34215 NULL -+sysfs_bin_read_34228 sysfs_bin_read 3 34228 NULL +bl_pipe_downcall_34264 bl_pipe_downcall 3 34264 NULL +ocfs2_dlm_lock_34265 ocfs2_dlm_lock 0 34265 NULL +device_private_init_34279 device_private_init 0 34279 NULL @@ -111172,11 +117371,11 @@ index 0000000..9529806 +ivtv_read_pos_34400 ivtv_read_pos 3 34400 &iwl_calib_set_34400 +wd_exp_mode_write_34407 wd_exp_mode_write 3 34407 NULL +nl80211_send_disassoc_34424 nl80211_send_disassoc 4 34424 NULL ++__extent_read_full_page_34437 __extent_read_full_page 0 34437 NULL +usbtest_alloc_urb_34446 usbtest_alloc_urb 3-5 34446 NULL +mwifiex_regrdwr_read_34472 mwifiex_regrdwr_read 3 34472 NULL +skcipher_sndbuf_34476 skcipher_sndbuf 0 34476 NULL +i2o_parm_field_get_34477 i2o_parm_field_get 5 34477 NULL -+ocfs2_mv_xattr_buckets_34484 ocfs2_mv_xattr_buckets 6 34484 NULL +security_inode_permission_34488 security_inode_permission 0 34488 NULL +SyS_pwritev_34494 SyS_pwritev 3 34494 NULL +qp_alloc_res_34496 qp_alloc_res 5 34496 NULL @@ -111191,7 +117390,7 @@ index 0000000..9529806 +inet6_ifla6_size_34591 inet6_ifla6_size 0 34591 NULL +ceph_msgpool_init_34599 ceph_msgpool_init 4 34599 NULL nohasharray +cw1200_queue_init_34599 cw1200_queue_init 4 34599 &ceph_msgpool_init_34599 -+brcmf_cfg80211_mgmt_tx_34608 brcmf_cfg80211_mgmt_tx 7 34608 NULL ++bio_integrity_bytes_34602 bio_integrity_bytes 2 34602 NULL +__jffs2_ref_totlen_34609 __jffs2_ref_totlen 0 34609 NULL +apei_get_nvs_resources_34616 apei_get_nvs_resources 0 34616 NULL +__cfg80211_disconnected_34622 __cfg80211_disconnected 3 34622 NULL @@ -111207,12 +117406,14 @@ index 0000000..9529806 +lsm_alloc_plain_34755 lsm_alloc_plain 1 34755 NULL +bootmode_store_34762 bootmode_store 4 34762 NULL +device_add_34766 device_add 0 34766 NULL ++xfs_iget_cache_hit_34767 xfs_iget_cache_hit 0 34767 NULL +qib_cdev_init_34778 qib_cdev_init 1 34778 NULL +SYSC_keyctl_34800 SYSC_keyctl 4 34800 NULL +can_nocow_extent_34801 can_nocow_extent 2 34801 NULL +drbd_get_max_capacity_34804 drbd_get_max_capacity 0 34804 NULL +ll_setxattr_34806 ll_setxattr 4 34806 NULL +file_page_index_34820 file_page_index 0-2 34820 NULL ++bio_segments_34832 bio_segments 0 34832 NULL +b43_debugfs_write_34838 b43_debugfs_write 3 34838 NULL +nl_portid_hash_zalloc_34843 nl_portid_hash_zalloc 1 34843 NULL +acpi_system_write_wakeup_device_34853 acpi_system_write_wakeup_device 3 34853 NULL @@ -111220,20 +117421,23 @@ index 0000000..9529806 +ieee80211_if_read_txpower_34871 ieee80211_if_read_txpower 3 34871 NULL +msg_print_text_34889 msg_print_text 0 34889 NULL +ieee80211_if_write_34894 ieee80211_if_write 3 34894 NULL ++gfs2_glock_wait_34913 gfs2_glock_wait 0 34913 NULL +si476x_radio_read_rsq_primary_blob_34916 si476x_radio_read_rsq_primary_blob 3 34916 NULL -+__inode_permission_34925 __inode_permission 0 34925 NULL nohasharray -+btrfs_super_chunk_root_34925 btrfs_super_chunk_root 0 34925 &__inode_permission_34925 ++btrfs_super_chunk_root_34925 btrfs_super_chunk_root 0 34925 NULL nohasharray ++__inode_permission_34925 __inode_permission 0 34925 &btrfs_super_chunk_root_34925 +ceph_aio_write_34930 ceph_aio_write 4 34930 NULL +sec_flags2str_34933 sec_flags2str 3 34933 NULL +snd_info_entry_read_34938 snd_info_entry_read 3 34938 NULL +i2c_transfer_34958 i2c_transfer 0 34958 NULL +do_add_page_to_bio_34974 do_add_page_to_bio 2-10 34974 NULL ++print_message_35000 print_message 0 35000 NULL +rx_rx_hdr_overflow_read_35002 rx_rx_hdr_overflow_read 3 35002 NULL +l2cap_skbuff_fromiovec_35003 l2cap_skbuff_fromiovec 4-3 35003 NULL +sisusb_copy_memory_35016 sisusb_copy_memory 4 35016 NULL +coda_psdev_read_35029 coda_psdev_read 3 35029 NULL -+brcmf_sdio_chip_writenvram_35042 brcmf_sdio_chip_writenvram 4 35042 NULL ++xfs_rtallocate_extent_35052 xfs_rtallocate_extent 0 35052 NULL +pwr_connection_out_of_sync_read_35061 pwr_connection_out_of_sync_read 3 35061 NULL ++ntfs_attr_extend_initialized_35084 ntfs_attr_extend_initialized 0 35084 NULL +__kfifo_uint_must_check_helper_35097 __kfifo_uint_must_check_helper 0-1 35097 NULL +capi_write_35104 capi_write 3 35104 NULL nohasharray +tx_tx_done_template_read_35104 tx_tx_done_template_read 3 35104 &capi_write_35104 @@ -111243,8 +117447,8 @@ index 0000000..9529806 +iscsi_conn_setup_35159 iscsi_conn_setup 2 35159 NULL +ieee80211_if_read_bssid_35161 ieee80211_if_read_bssid 3 35161 NULL +unix_stream_recvmsg_35210 unix_stream_recvmsg 4 35210 NULL -+security_key_getsecurity_35218 security_key_getsecurity 0 35218 NULL nohasharray -+striped_read_35218 striped_read 0-2 35218 &security_key_getsecurity_35218 ++striped_read_35218 striped_read 0-2 35218 NULL nohasharray ++security_key_getsecurity_35218 security_key_getsecurity 0 35218 &striped_read_35218 +rx_rx_cmplt_task_read_35226 rx_rx_cmplt_task_read 3 35226 NULL +set_fd_set_35249 set_fd_set 1 35249 NULL +ioapic_setup_resources_35255 ioapic_setup_resources 1 35255 NULL @@ -111254,9 +117458,11 @@ index 0000000..9529806 +irda_recvmsg_stream_35280 irda_recvmsg_stream 4 35280 NULL +i2o_block_end_request_35282 i2o_block_end_request 3 35282 NULL +isr_rx_rdys_read_35283 isr_rx_rdys_read 3 35283 NULL -+__btrfs_buffered_write_35311 __btrfs_buffered_write 3 35311 NULL nohasharray ++__btrfs_buffered_write_35311 __btrfs_buffered_write 3-0 35311 NULL nohasharray +brcmf_sdio_forensic_read_35311 brcmf_sdio_forensic_read 3 35311 &__btrfs_buffered_write_35311 +tracing_read_pipe_35312 tracing_read_pipe 3 35312 NULL ++sta_tx_latency_stat_write_35323 sta_tx_latency_stat_write 3 35323 NULL ++xfs_btree_check_lblock_35333 xfs_btree_check_lblock 0 35333 NULL +ieee80211_if_fmt_ap_power_level_35347 ieee80211_if_fmt_ap_power_level 3 35347 NULL +nouveau_devinit_create__35348 nouveau_devinit_create_ 4 35348 NULL +ieee80211_rx_mgmt_deauth_35351 ieee80211_rx_mgmt_deauth 3 35351 NULL @@ -111265,6 +117471,8 @@ index 0000000..9529806 +SyS_getxattr_35408 SyS_getxattr 4 35408 NULL +rawv6_send_hdrinc_35425 rawv6_send_hdrinc 3 35425 NULL +buffer_to_user_35439 buffer_to_user 3 35439 NULL ++efx_mcdi_rpc_async_quiet_35460 efx_mcdi_rpc_async_quiet 4-5 35460 NULL ++macvtap_do_read_35475 macvtap_do_read 3 35475 NULL +fiemap_prepare_and_copy_exts_35494 fiemap_prepare_and_copy_exts 5 35494 NULL +btrfs_prealloc_file_range_trans_35500 btrfs_prealloc_file_range_trans 4 35500 NULL +async_setkey_35521 async_setkey 3 35521 NULL @@ -111272,9 +117480,9 @@ index 0000000..9529806 +iwl_dbgfs_bt_traffic_read_35534 iwl_dbgfs_bt_traffic_read 3 35534 NULL +pstore_mkfile_35536 pstore_mkfile 7 35536 NULL +rxpipe_tx_xfr_host_int_trig_rx_data_read_35538 rxpipe_tx_xfr_host_int_trig_rx_data_read 3 35538 NULL ++ocfs2_write_zero_page_35539 ocfs2_write_zero_page 3 35539 NULL +ibnl_put_attr_35541 ibnl_put_attr 3 35541 NULL +ieee80211_if_write_smps_35550 ieee80211_if_write_smps 3 35550 NULL -+sysfs_create_subdir_35567 sysfs_create_subdir 0 35567 NULL +ext4_blocks_for_truncate_35579 ext4_blocks_for_truncate 0 35579 NULL +ext2_acl_from_disk_35580 ext2_acl_from_disk 2 35580 NULL +spk_msg_set_35586 spk_msg_set 3 35586 NULL @@ -111284,11 +117492,9 @@ index 0000000..9529806 +ptlrpcd_steal_rqset_35637 ptlrpcd_steal_rqset 0 35637 NULL +spi_register_board_info_35651 spi_register_board_info 2 35651 NULL +rdmaltWithLock_35669 rdmaltWithLock 0 35669 NULL -+compat_sys_kexec_load_35674 compat_sys_kexec_load 2 35674 NULL +SYSC_pwritev_35690 SYSC_pwritev 3 35690 NULL +rds_page_copy_user_35691 rds_page_copy_user 4 35691 NULL +md_super_write_35703 md_super_write 4 35703 NULL -+ocfs2_extent_recs_per_gd_35710 ocfs2_extent_recs_per_gd 0 35710 NULL +iwl_dbgfs_disable_ht40_read_35761 iwl_dbgfs_disable_ht40_read 3 35761 NULL +udf_alloc_i_data_35786 udf_alloc_i_data 2 35786 NULL +pvr2_hdw_cpufw_get_35824 pvr2_hdw_cpufw_get 0-4-2 35824 NULL @@ -111310,7 +117516,6 @@ index 0000000..9529806 +generic_ocp_read_35974 generic_ocp_read 3 35974 &ceph_buffer_new_35974 +acl_alloc_35979 acl_alloc 1 35979 NULL +device_add_class_symlinks_35985 device_add_class_symlinks 0 35985 NULL -+generic_file_aio_read_35987 generic_file_aio_read 0 35987 NULL +write_file_antenna_35998 write_file_antenna 3 35998 NULL nohasharray +kuc_alloc_35998 kuc_alloc 1 35998 &write_file_antenna_35998 +il3945_ucode_tx_stats_read_36016 il3945_ucode_tx_stats_read 3 36016 NULL @@ -111329,7 +117534,6 @@ index 0000000..9529806 +ext3_readpages_36144 ext3_readpages 4 36144 NULL +twl_set_36154 twl_set 2 36154 NULL +b1_alloc_card_36155 b1_alloc_card 1 36155 NULL -+btrfs_file_extent_inline_len_36158 btrfs_file_extent_inline_len 0 36158 NULL +snd_korg1212_copy_from_36169 snd_korg1212_copy_from 6 36169 NULL +SyS_kexec_load_36176 SyS_kexec_load 2 36176 NULL +ramoops_init_przs_36199 ramoops_init_przs 4 36199 NULL @@ -111359,24 +117563,25 @@ index 0000000..9529806 +tunables_read_36385 tunables_read 3 36385 NULL +afs_alloc_flat_call_36399 afs_alloc_flat_call 2-3 36399 NULL +sierra_write_36402 sierra_write 4 36402 NULL -+iwl_dbgfs_d3_sram_write_36403 iwl_dbgfs_d3_sram_write 3 36403 NULL ++qdsb_get_36409 qdsb_get 0 36409 NULL +SyS_sethostname_36417 SyS_sethostname 2 36417 NULL +ReadW6692B_36445 ReadW6692B 0 36445 NULL +sctp_tsnmap_init_36446 sctp_tsnmap_init 2 36446 NULL +alloc_etherdev_mqs_36450 alloc_etherdev_mqs 1 36450 NULL +SyS_process_vm_writev_36476 SyS_process_vm_writev 3-5 36476 NULL ++lock_and_cleanup_extent_if_need_36480 lock_and_cleanup_extent_if_need 0 36480 NULL +b43_nphy_load_samples_36481 b43_nphy_load_samples 3 36481 NULL -+tx_tx_checksum_result_read_36490 tx_tx_checksum_result_read 3 36490 NULL nohasharray -+ip6_append_data_36490 ip6_append_data 4 36490 &tx_tx_checksum_result_read_36490 ++ip6_append_data_36490 ip6_append_data 4 36490 NULL nohasharray ++tx_tx_checksum_result_read_36490 tx_tx_checksum_result_read 3 36490 &ip6_append_data_36490 +cmd_loop_36491 cmd_loop 0 36491 NULL +__hwahc_op_set_ptk_36510 __hwahc_op_set_ptk 5 36510 NULL +mcam_v4l_read_36513 mcam_v4l_read 3 36513 NULL ++_iwl_dbgfs_fw_nmi_write_36515 _iwl_dbgfs_fw_nmi_write 3 36515 NULL +get_param_l_36518 get_param_l 0 36518 NULL +ieee80211_if_read_fwded_frames_36520 ieee80211_if_read_fwded_frames 3 36520 NULL +crypto_aead_authsize_36537 crypto_aead_authsize 0 36537 NULL +cpu_type_read_36540 cpu_type_read 3 36540 NULL -+__kfifo_to_user_36555 __kfifo_to_user 3-0 36555 NULL nohasharray -+macvtap_do_read_36555 macvtap_do_read 4 36555 &__kfifo_to_user_36555 ++__kfifo_to_user_36555 __kfifo_to_user 3-0 36555 NULL +btrfs_get_token_64_36572 btrfs_get_token_64 0 36572 NULL +__erst_read_36579 __erst_read 0 36579 NULL +put_cmsg_36589 put_cmsg 4 36589 NULL @@ -111393,7 +117598,7 @@ index 0000000..9529806 +cxgbi_device_register_36746 cxgbi_device_register 1-2 36746 NULL +ps_poll_upsd_timeouts_read_36755 ps_poll_upsd_timeouts_read 3 36755 NULL +ptp_filter_init_36780 ptp_filter_init 2 36780 NULL -+i40e_init_lan_hmc_36796 i40e_init_lan_hmc 2-3-4-5 36796 NULL ++i40e_init_lan_hmc_36796 i40e_init_lan_hmc 5-4-3-2 36796 NULL +proc_fault_inject_read_36802 proc_fault_inject_read 3 36802 NULL +hiddev_ioctl_36816 hiddev_ioctl 2 36816 NULL +int_hardware_entry_36833 int_hardware_entry 3 36833 NULL @@ -111407,9 +117612,9 @@ index 0000000..9529806 +ib_ucm_alloc_data_36885 ib_ucm_alloc_data 3 36885 NULL +selinux_inode_notifysecctx_36896 selinux_inode_notifysecctx 3 36896 NULL +OS_kmalloc_36909 OS_kmalloc 1 36909 NULL -+audio_set_endpoint_req_36918 audio_set_endpoint_req 0 36918 NULL +crypto_blkcipher_ivsize_36944 crypto_blkcipher_ivsize 0 36944 NULL +il4965_rs_sta_dbgfs_scale_table_write_36979 il4965_rs_sta_dbgfs_scale_table_write 3 36979 NULL ++xfs_btree_check_sptr_36984 xfs_btree_check_sptr 0 36984 NULL +drbd_new_dev_size_36998 drbd_new_dev_size 0-3 36998 NULL +auok190xfb_write_37001 auok190xfb_write 3 37001 NULL +setxattr_37006 setxattr 4 37006 NULL @@ -111422,14 +117627,13 @@ index 0000000..9529806 +parse_command_37079 parse_command 2 37079 NULL +pipeline_cs_rx_packet_in_read_37089 pipeline_cs_rx_packet_in_read 3 37089 NULL +tun_get_user_37094 tun_get_user 5 37094 NULL ++xlog_grant_head_check_37116 xlog_grant_head_check 0 37116 NULL +has_wrprotected_page_37123 has_wrprotected_page 3-2 37123 NULL +snd_hda_get_conn_list_37132 snd_hda_get_conn_list 0 37132 NULL +mtt_free_res_37144 mtt_free_res 5 37144 NULL +msg_word_37164 msg_word 0 37164 NULL +f2fs_direct_IO_37167 f2fs_direct_IO 4 37167 NULL -+can_set_xattr_37182 can_set_xattr 4 37182 NULL +vcc_recvmsg_37198 vcc_recvmsg 4 37198 NULL -+sysfs_add_file_37200 sysfs_add_file 0 37200 NULL +forced_ps_write_37209 forced_ps_write 3 37209 NULL +crypto_shash_descsize_37212 crypto_shash_descsize 0 37212 NULL nohasharray +ext4_ind_direct_IO_37212 ext4_ind_direct_IO 0-4 37212 &crypto_shash_descsize_37212 @@ -111438,28 +117642,30 @@ index 0000000..9529806 +__do_replace_37227 __do_replace 5 37227 NULL +iwl_dbgfs_d3_sram_read_37237 iwl_dbgfs_d3_sram_read 3 37237 NULL +rx_filter_dup_filter_read_37238 rx_filter_dup_filter_read 3 37238 NULL ++xfs_reclaim_inode_37257 xfs_reclaim_inode 0 37257 NULL +exofs_max_io_pages_37263 exofs_max_io_pages 0-2 37263 NULL ++_iwl_dbgfs_fw_restart_write_37270 _iwl_dbgfs_fw_restart_write 3 37270 NULL +ieee80211_if_read_power_mode_37305 ieee80211_if_read_power_mode 3 37305 NULL +ext3_direct_IO_37308 ext3_direct_IO 4 37308 NULL -+ocfs2_calc_extend_credits_37310 ocfs2_calc_extend_credits 0 37310 NULL +jffs2_write_dirent_37311 jffs2_write_dirent 5 37311 NULL +send_msg_37323 send_msg 4 37323 NULL +l2cap_create_connless_pdu_37327 l2cap_create_connless_pdu 3 37327 NULL nohasharray +bnx2x_vf_fill_fw_str_37327 bnx2x_vf_fill_fw_str 3 37327 &l2cap_create_connless_pdu_37327 +scsi_mode_select_37330 scsi_mode_select 6 37330 NULL +rxrpc_server_sendmsg_37331 rxrpc_server_sendmsg 4 37331 NULL ++xfs_iomap_write_allocate_37336 xfs_iomap_write_allocate 0 37336 NULL +security_inode_getsecurity_37354 security_inode_getsecurity 0 37354 NULL +hci_sock_sendmsg_37420 hci_sock_sendmsg 4 37420 NULL +acpi_os_allocate_zeroed_37422 acpi_os_allocate_zeroed 1 37422 NULL +tty_insert_flip_string_fixed_flag_37428 tty_insert_flip_string_fixed_flag 4-0 37428 NULL -+iwl_print_last_event_logs_37433 iwl_print_last_event_logs 7-9-0 37433 NULL ++iwl_print_last_event_logs_37433 iwl_print_last_event_logs 0-7-9 37433 NULL +fru_alloc_37442 fru_alloc 1 37442 NULL +tcp_established_options_37450 tcp_established_options 0 37450 NULL nohasharray +tipc_send2port_37450 tipc_send2port 4 37450 &tcp_established_options_37450 ++xfs_btree_dec_cursor_37452 xfs_btree_dec_cursor 0 37452 NULL +brcmf_sdio_dump_console_37455 brcmf_sdio_dump_console 4 37455 NULL +get_est_timing_37484 get_est_timing 0 37484 NULL +kmem_realloc_37489 kmem_realloc 2 37489 NULL -+__hfsplus_setxattr_37499 __hfsplus_setxattr 4 37499 NULL +bitmap_dirty_bits_37503 bitmap_dirty_bits 2 37503 NULL +osc_active_seq_write_37514 osc_active_seq_write 3 37514 NULL +bdev_writeseg_37519 bdev_writeseg 2-3 37519 NULL @@ -111468,12 +117674,14 @@ index 0000000..9529806 +hdr_size_37536 hdr_size 0 37536 NULL +extent_map_end_37550 extent_map_end 0 37550 NULL +sep_create_dcb_dmatables_context_37551 sep_create_dcb_dmatables_context 6 37551 NULL ++fat_cont_expand_37552 fat_cont_expand 0 37552 NULL +ioat_chansts_37558 ioat_chansts 0 37558 NULL +xhci_alloc_streams_37586 xhci_alloc_streams 5 37586 NULL +qla2x00_debounce_register_37597 qla2x00_debounce_register 0 37597 NULL +kvm_read_guest_page_mmu_37611 kvm_read_guest_page_mmu 6 37611 NULL +SYSC_mbind_37622 SYSC_mbind 5 37622 NULL +SyS_mbind_37638 SyS_mbind 5 37638 NULL ++may_delete_37656 may_delete 0 37656 NULL +bio_copy_user_iov_37660 bio_copy_user_iov 4 37660 NULL +rfcomm_sock_sendmsg_37661 rfcomm_sock_sendmsg 4 37661 NULL nohasharray +vmw_framebuffer_dmabuf_dirty_37661 vmw_framebuffer_dmabuf_dirty 6 37661 &rfcomm_sock_sendmsg_37661 @@ -111481,11 +117689,11 @@ index 0000000..9529806 +__wa_seg_calculate_isoc_frame_count_37672 __wa_seg_calculate_isoc_frame_count 0 37672 NULL +ieee80211_if_read_rc_rateidx_mcs_mask_2ghz_37675 ieee80211_if_read_rc_rateidx_mcs_mask_2ghz 3 37675 NULL +regmap_map_read_file_37685 regmap_map_read_file 3 37685 NULL -+page_chain_free_37697 page_chain_free 0 37697 NULL +nametbl_header_37698 nametbl_header 2-0 37698 NULL +__le32_to_cpup_37702 __le32_to_cpup 0 37702 NULL +dynamic_ps_timeout_write_37713 dynamic_ps_timeout_write 3 37713 NULL +read_enabled_file_bool_37744 read_enabled_file_bool 3 37744 NULL ++xfs_read_agf_37749 xfs_read_agf 0 37749 NULL +ocfs2_control_cfu_37750 ocfs2_control_cfu 2 37750 NULL +ipath_cdev_init_37752 ipath_cdev_init 1 37752 NULL +dccp_setsockopt_cscov_37766 dccp_setsockopt_cscov 2 37766 NULL @@ -111532,12 +117740,13 @@ index 0000000..9529806 +cdev_add_38176 cdev_add 2-3 38176 NULL +rt2x00debug_write_rf_38195 rt2x00debug_write_rf 3 38195 NULL +get_ucode_user_38202 get_ucode_user 3 38202 NULL -+osd_req_list_partition_collections_38223 osd_req_list_partition_collections 5 38223 NULL ++osd_req_list_partition_collections_38223 osd_req_list_partition_collections 5 38223 NULL nohasharray ++xfs_rtallocate_range_38223 xfs_rtallocate_range 0 38223 &osd_req_list_partition_collections_38223 +ceph_decode_16_38239 ceph_decode_16 0 38239 NULL +_ipw_read_reg32_38245 _ipw_read_reg32 0 38245 NULL ++xfs_qm_dqrepair_38262 xfs_qm_dqrepair 0 38262 NULL +mthca_alloc_icm_table_38268 mthca_alloc_icm_table 4-3 38268 NULL nohasharray -+ieee80211_if_read_auto_open_plinks_38268 ieee80211_if_read_auto_open_plinks 3 38268 &mthca_alloc_icm_table_38268 nohasharray -+SYSC_msgrcv_38268 SYSC_msgrcv 3 38268 &ieee80211_if_read_auto_open_plinks_38268 ++ieee80211_if_read_auto_open_plinks_38268 ieee80211_if_read_auto_open_plinks 3 38268 &mthca_alloc_icm_table_38268 +xfs_bmbt_to_bmdr_38275 xfs_bmbt_to_bmdr 3 38275 NULL nohasharray +xfs_bmdr_to_bmbt_38275 xfs_bmdr_to_bmbt 5 38275 &xfs_bmbt_to_bmdr_38275 +ftdi_process_packet_38281 ftdi_process_packet 4 38281 NULL @@ -111546,11 +117755,11 @@ index 0000000..9529806 +ida_simple_get_38326 ida_simple_get 0 38326 NULL +__snd_gf1_look8_38333 __snd_gf1_look8 0 38333 NULL +btrfs_file_extent_disk_num_bytes_38363 btrfs_file_extent_disk_num_bytes 0 38363 NULL -+xfs_free_file_space_38383 xfs_free_file_space 2-3 38383 NULL +dn_sendmsg_38390 dn_sendmsg 4 38390 NULL +ieee80211_if_read_dtim_count_38419 ieee80211_if_read_dtim_count 3 38419 NULL +pmcraid_copy_sglist_38431 pmcraid_copy_sglist 3 38431 NULL +kvm_write_guest_38454 kvm_write_guest 4-2 38454 NULL ++_iwl_dbgfs_scan_ant_rxchain_write_38479 _iwl_dbgfs_scan_ant_rxchain_write 3 38479 NULL +blk_end_bidi_request_38482 blk_end_bidi_request 3-4 38482 NULL +dev_names_read_38509 dev_names_read 3 38509 NULL +iscsi_create_iface_38510 iscsi_create_iface 5 38510 NULL @@ -111563,6 +117772,7 @@ index 0000000..9529806 +_ipw_read32_38565 _ipw_read32 0 38565 NULL +snd_nm256_playback_copy_38567 snd_nm256_playback_copy 5-3 38567 NULL +copy_ctl_value_to_user_38587 copy_ctl_value_to_user 4 38587 NULL ++rd_allocate_sgl_table_38607 rd_allocate_sgl_table 3 38607 NULL +icn_writecmd_38629 icn_writecmd 2 38629 NULL +write_enabled_file_bool_38630 write_enabled_file_bool 3 38630 NULL +ext2_readpages_38640 ext2_readpages 4 38640 NULL @@ -111573,13 +117783,11 @@ index 0000000..9529806 +snd_es1371_wait_src_ready_38673 snd_es1371_wait_src_ready 0 38673 NULL +iscsit_dump_data_payload_38683 iscsit_dump_data_payload 2 38683 NULL +rbio_add_io_page_38700 rbio_add_io_page 6 38700 NULL -+alloc_trace_probe_38720 alloc_trace_probe 6 38720 NULL +w83977af_sir_interrupt_38738 w83977af_sir_interrupt 0 38738 NULL +udf_readpages_38761 udf_readpages 4 38761 NULL +iwl_dbgfs_thermal_throttling_read_38779 iwl_dbgfs_thermal_throttling_read 3 38779 NULL +bcache_device_init_38781 bcache_device_init 3 38781 NULL +snd_gus_dram_write_38784 snd_gus_dram_write 4 38784 NULL -+slab_order_38794 slab_order 0 38794 NULL +do_pci_enable_device_38802 do_pci_enable_device 0 38802 NULL +err_decode_38804 err_decode 2 38804 NULL +ipv6_renew_option_38813 ipv6_renew_option 3 38813 NULL @@ -111587,14 +117795,13 @@ index 0000000..9529806 +compat_udp_setsockopt_38840 compat_udp_setsockopt 5 38840 NULL +read_nic_io_word_38853 read_nic_io_word 0 38853 NULL +interfaces_38859 interfaces 2 38859 NULL -+pci_msix_table_size_38867 pci_msix_table_size 0 38867 NULL +dbgfs_state_38894 dbgfs_state 3 38894 NULL -+f2fs_xattr_set_acl_38895 f2fs_xattr_set_acl 4 38895 NULL +il_dbgfs_sram_write_38942 il_dbgfs_sram_write 3 38942 NULL +__ath6kl_wmi_send_mgmt_cmd_38971 __ath6kl_wmi_send_mgmt_cmd 7 38971 NULL +usb_maxpacket_38977 usb_maxpacket 0 38977 NULL nohasharray +C_SYSC_preadv64_38977 C_SYSC_preadv64 3 38977 &usb_maxpacket_38977 +OSDSetBlock_38986 OSDSetBlock 2-4 38986 NULL ++bio_clone_range_38997 bio_clone_range 2 38997 NULL +lpfc_idiag_extacc_write_38998 lpfc_idiag_extacc_write 3 38998 NULL +get_nodes_39012 get_nodes 3 39012 NULL +twl6030_interrupt_unmask_39013 twl6030_interrupt_unmask 2 39013 NULL @@ -111619,6 +117826,7 @@ index 0000000..9529806 +pwr_cont_miss_bcns_spread_read_39250 pwr_cont_miss_bcns_spread_read 3 39250 &r128_compat_ioctl_39250 +i915_error_state_read_39254 i915_error_state_read 3 39254 NULL +rx_filter_protection_filter_read_39282 rx_filter_protection_filter_read 3 39282 NULL ++_iwl_dbgfs_pm_params_write_39325 _iwl_dbgfs_pm_params_write 3 39325 NULL +__cfg80211_connect_result_39326 __cfg80211_connect_result 4-6 39326 NULL +insert_reserved_file_extent_39327 insert_reserved_file_extent 3 39327 NULL +wimax_msg_alloc_39343 wimax_msg_alloc 4 39343 NULL @@ -111629,6 +117837,8 @@ index 0000000..9529806 +fnic_trace_debugfs_read_39380 fnic_trace_debugfs_read 3 39380 NULL +ps_poll_ps_poll_utilization_read_39383 ps_poll_ps_poll_utilization_read 3 39383 NULL +__send_to_port_39386 __send_to_port 3 39386 NULL ++xfs_btree_dup_cursor_39394 xfs_btree_dup_cursor 0 39394 NULL ++gfs2_internal_read_39413 gfs2_internal_read 0 39413 NULL +user_power_read_39414 user_power_read 3 39414 NULL +alloc_agpphysmem_i8xx_39427 alloc_agpphysmem_i8xx 1 39427 NULL +mic_desc_size_39464 mic_desc_size 0 39464 NULL @@ -111637,14 +117847,15 @@ index 0000000..9529806 +ieee80211_if_fmt_dot11MeshHWMPmaxPREQretries_39499 ieee80211_if_fmt_dot11MeshHWMPmaxPREQretries 3 39499 NULL +cl_req_alloc_39523 cl_req_alloc 4 39523 NULL +int_proc_write_39542 int_proc_write 3 39542 NULL -+mdc_unpack_capa_39553 mdc_unpack_capa 0 39553 NULL +pp_write_39554 pp_write 3 39554 NULL +datablob_format_39571 datablob_format 2 39571 NULL nohasharray +ieee80211_if_read_fwded_mcast_39571 ieee80211_if_read_fwded_mcast 3 39571 &datablob_format_39571 ++memblock_virt_alloc_internal_39600 memblock_virt_alloc_internal 1 39600 NULL +ext_depth_39607 ext_depth 0 39607 NULL +batadv_tt_tvlv_generate_39615 batadv_tt_tvlv_generate 4 39615 NULL +nfs_idmap_get_key_39616 nfs_idmap_get_key 2 39616 NULL +sdio_readb_39618 sdio_readb 0 39618 NULL ++prepare_uptodate_page_39622 prepare_uptodate_page 0 39622 NULL +set_dev_class_39645 set_dev_class 4 39645 NULL +snd_rme32_capture_copy_39653 snd_rme32_capture_copy 5 39653 NULL +tcp_try_rmem_schedule_39657 tcp_try_rmem_schedule 3 39657 NULL @@ -111662,6 +117873,7 @@ index 0000000..9529806 +read_file_modal_eeprom_39909 read_file_modal_eeprom 3 39909 NULL +gen_pool_add_virt_39913 gen_pool_add_virt 4 39913 NULL +dw210x_op_rw_39915 dw210x_op_rw 6 39915 NULL ++__mnt_want_write_file_39917 __mnt_want_write_file 0 39917 NULL +aes_encrypt_interrupt_read_39919 aes_encrypt_interrupt_read 3 39919 NULL +exofs_read_kern_39921 exofs_read_kern 6 39921 NULL nohasharray +oom_score_adj_read_39921 oom_score_adj_read 3 39921 &exofs_read_kern_39921 @@ -111670,6 +117882,7 @@ index 0000000..9529806 +error_error_frame_read_39947 error_error_frame_read 3 39947 NULL +tty_prepare_flip_string_39955 tty_prepare_flip_string 3-0 39955 NULL +lstcon_group_list_39958 lstcon_group_list 2 39958 NULL ++bio_chain_clone_range_39967 bio_chain_clone_range 3 39967 NULL +dma_push_rx_39973 dma_push_rx 2 39973 NULL +broadsheetfb_write_39976 broadsheetfb_write 3 39976 NULL +mthca_array_init_39987 mthca_array_init 2 39987 NULL @@ -111683,6 +117896,7 @@ index 0000000..9529806 +l2cap_create_iframe_pdu_40055 l2cap_create_iframe_pdu 3 40055 NULL nohasharray +add_tty_40055 add_tty 1 40055 &l2cap_create_iframe_pdu_40055 +atomic_xchg_40070 atomic_xchg 0 40070 NULL ++xfs_rtbuf_get_40107 xfs_rtbuf_get 0 40107 NULL +sctp_setsockopt_delayed_ack_40129 sctp_setsockopt_delayed_ack 3 40129 NULL +dwc2_max_desc_num_40132 dwc2_max_desc_num 0 40132 NULL +rx_rx_frame_checksum_read_40140 rx_rx_frame_checksum_read 3 40140 NULL @@ -111696,8 +117910,7 @@ index 0000000..9529806 +compress_file_range_40225 compress_file_range 3-4 40225 NULL +osst_read_40237 osst_read 3 40237 NULL +lpage_info_slot_40243 lpage_info_slot 3-1 40243 NULL -+ocfs2_zero_extend_get_range_40248 ocfs2_zero_extend_get_range 4-3 40248 NULL -+ptlrpc_queue_wait_40252 ptlrpc_queue_wait 0 40252 NULL ++ocfs2_zero_extend_get_range_40248 ocfs2_zero_extend_get_range 4 40248 NULL +rs_sta_dbgfs_scale_table_read_40262 rs_sta_dbgfs_scale_table_read 3 40262 NULL +ext2_fiemap_40271 ext2_fiemap 4 40271 NULL +usbnet_read_cmd_40275 usbnet_read_cmd 7 40275 NULL @@ -111717,6 +117930,7 @@ index 0000000..9529806 +afs_fs_store_data_40484 afs_fs_store_data 3-4-5-6 40484 NULL +batadv_hash_new_40491 batadv_hash_new 1 40491 NULL +devcgroup_inode_permission_40492 devcgroup_inode_permission 0 40492 NULL ++xfs_iread_extents_40510 xfs_iread_extents 0 40510 NULL +__ethtool_get_sset_count_40511 __ethtool_get_sset_count 0 40511 NULL +TSS_checkhmac2_40520 TSS_checkhmac2 5-7 40520 NULL +ixgbe_dbg_reg_ops_read_40540 ixgbe_dbg_reg_ops_read 3 40540 NULL @@ -111734,12 +117948,14 @@ index 0000000..9529806 +pci_enable_resources_40680 pci_enable_resources 0 40680 NULL +nfc_hci_set_param_40697 nfc_hci_set_param 5 40697 NULL +__seq_open_private_40715 __seq_open_private 3 40715 NULL ++set_extent_bit_40719 set_extent_bit 0 40719 NULL +fuse_readpages_40737 fuse_readpages 4 40737 NULL +xfs_iext_remove_direct_40744 xfs_iext_remove_direct 3 40744 NULL +security_inode_listxattr_40752 security_inode_listxattr 0 40752 NULL +card_send_command_40757 card_send_command 3 40757 NULL +ad1889_readl_40765 ad1889_readl 0 40765 NULL +pg_write_40766 pg_write 3 40766 NULL ++kernfs_fop_read_40770 kernfs_fop_read 3 40770 NULL +show_list_40775 show_list 3-0 40775 NULL +kfifo_out_copy_r_40784 kfifo_out_copy_r 3-0 40784 NULL +bitmap_weight_40791 bitmap_weight 0-2 40791 NULL @@ -111765,7 +117981,6 @@ index 0000000..9529806 +mISDN_sock_sendmsg_41035 mISDN_sock_sendmsg 4 41035 NULL +ocfs2_xattr_index_block_find_41040 ocfs2_xattr_index_block_find 0 41040 NULL +lprocfs_write_frac_helper_41050 lprocfs_write_frac_helper 2 41050 NULL -+calculate_order_41061 calculate_order 0 41061 NULL +vfs_listxattr_41062 vfs_listxattr 0 41062 NULL nohasharray +beacon_filtering_write_41062 beacon_filtering_write 3 41062 &vfs_listxattr_41062 +cfg80211_inform_bss_frame_41078 cfg80211_inform_bss_frame 4 41078 NULL @@ -111775,11 +117990,9 @@ index 0000000..9529806 +provide_user_output_41105 provide_user_output 3 41105 NULL +f_audio_buffer_alloc_41110 f_audio_buffer_alloc 1 41110 NULL +ath10k_read_wmi_services_41112 ath10k_read_wmi_services 3 41112 NULL -+ocfs2_extend_trans_41116 ocfs2_extend_trans 2 41116 NULL +v4l2_ctrl_new_int_menu_41151 v4l2_ctrl_new_int_menu 4 41151 NULL +tx_frag_mpdu_alloc_failed_read_41167 tx_frag_mpdu_alloc_failed_read 3 41167 NULL +dvb_ca_write_41171 dvb_ca_write 3 41171 NULL -+dgap_driver_kzmalloc_41189 dgap_driver_kzmalloc 1 41189 NULL +compat_sys_process_vm_writev_41194 compat_sys_process_vm_writev 3-5 41194 NULL +dfs_file_write_41196 dfs_file_write 3 41196 NULL +nfs_page_array_len_41219 nfs_page_array_len 0-2-1 41219 NULL @@ -111790,6 +118003,7 @@ index 0000000..9529806 +o2hb_setup_one_bio_41341 o2hb_setup_one_bio 4 41341 NULL +twl_change_queue_depth_41342 twl_change_queue_depth 2 41342 NULL +rtw_android_set_block_41347 rtw_android_set_block 0 41347 NULL ++ceph_do_getattr_41349 ceph_do_getattr 0 41349 NULL +cnic_init_id_tbl_41354 cnic_init_id_tbl 2 41354 NULL +kmp_init_41373 kmp_init 2 41373 NULL +isr_commands_read_41398 isr_commands_read 3 41398 NULL @@ -111798,7 +118012,7 @@ index 0000000..9529806 +isdn_ppp_fill_rq_41428 isdn_ppp_fill_rq 2 41428 NULL +lbs_rdrf_read_41431 lbs_rdrf_read 3 41431 NULL +iio_device_alloc_41440 iio_device_alloc 1 41440 NULL -+ntfs_file_buffered_write_41442 ntfs_file_buffered_write 6-4 41442 NULL ++ntfs_file_buffered_write_41442 ntfs_file_buffered_write 6-4-0 41442 NULL +pcpu_build_alloc_info_41443 pcpu_build_alloc_info 1-2-3 41443 NULL +se_io_cb_41461 se_io_cb 3 41461 NULL +layout_leb_in_gaps_41470 layout_leb_in_gaps 0 41470 NULL @@ -111838,11 +118052,11 @@ index 0000000..9529806 +ixgbe_dbg_netdev_ops_read_41839 ixgbe_dbg_netdev_ops_read 3 41839 NULL +do_ip_setsockopt_41852 do_ip_setsockopt 5 41852 NULL +keyctl_instantiate_key_41855 keyctl_instantiate_key 3 41855 NULL ++xfs_rtget_summary_41864 xfs_rtget_summary 0 41864 NULL +pci_map_single_41869 pci_map_single 0 41869 NULL +usb_gadget_get_string_41871 usb_gadget_get_string 0 41871 NULL +v_APCI3120_InterruptDmaMoveBlock16bit_41914 v_APCI3120_InterruptDmaMoveBlock16bit 4 41914 NULL +get_fdb_entries_41916 get_fdb_entries 3 41916 NULL -+nfsd_getxattr_41934 nfsd_getxattr 0 41934 NULL +ext4_da_write_inline_data_begin_41935 ext4_da_write_inline_data_begin 3-4 41935 NULL +sci_rxfill_41945 sci_rxfill 0 41945 NULL +read_gssp_41947 read_gssp 3 41947 NULL @@ -111850,13 +118064,13 @@ index 0000000..9529806 +portnames_read_41958 portnames_read 3 41958 NULL +dst_mtu_41969 dst_mtu 0 41969 NULL +cx24116_writeregN_41975 cx24116_writeregN 4 41975 NULL ++xfs_qm_dqalloc_41985 xfs_qm_dqalloc 0 41985 NULL +pool_allocate_42012 pool_allocate 3 42012 NULL +spidev_sync_read_42014 spidev_sync_read 0 42014 NULL +rs_sta_dbgfs_scale_table_write_42017 rs_sta_dbgfs_scale_table_write 3 42017 NULL -+create_dir_42025 create_dir 0 42025 NULL +acpi_ut_create_buffer_object_42030 acpi_ut_create_buffer_object 1 42030 NULL -+__btrfs_drop_extents_42032 __btrfs_drop_extents 5 42032 NULL +__hwahc_op_set_gtk_42038 __hwahc_op_set_gtk 4 42038 NULL ++alloc_trace_kprobe_42041 alloc_trace_kprobe 6 42041 NULL +irda_sendmsg_ultra_42047 irda_sendmsg_ultra 4 42047 NULL +jffs2_do_link_42048 jffs2_do_link 6 42048 NULL +ps_poll_upsd_max_ap_turn_read_42050 ps_poll_upsd_max_ap_turn_read 3 42050 NULL @@ -111865,7 +118079,6 @@ index 0000000..9529806 +sk_chk_filter_42095 sk_chk_filter 2 42095 NULL +submit_inquiry_42108 submit_inquiry 3 42108 NULL +dw_dma_cyclic_prep_42113 dw_dma_cyclic_prep 3-4 42113 NULL -+obd_get_info_42156 obd_get_info 0 42156 NULL +blk_ioctl_zeroout_42160 blk_ioctl_zeroout 3 42160 NULL +mmc_align_data_size_42161 mmc_align_data_size 0-2 42161 NULL +read_file_base_eeprom_42168 read_file_base_eeprom 3 42168 NULL @@ -111873,9 +118086,11 @@ index 0000000..9529806 +write_file_beacon_42185 write_file_beacon 3 42185 NULL +get_znodes_to_commit_42201 get_znodes_to_commit 0 42201 NULL +pla_ocp_read_42235 pla_ocp_read 3 42235 NULL ++xfs_rtfree_range_42244 xfs_rtfree_range 0 42244 NULL +rx_defrag_need_decrypt_read_42253 rx_defrag_need_decrypt_read 3 42253 NULL +find_last_bit_42260 find_last_bit 0 42260 NULL +__pcpu_size_to_slot_42271 __pcpu_size_to_slot 0 42271 NULL ++__tty_buffer_request_room_42276 __tty_buffer_request_room 2-0 42276 NULL +snd_pcm_hw_param_value_max_42280 snd_pcm_hw_param_value_max 0 42280 NULL +__cpus_weight_42299 __cpus_weight 2-0 42299 NULL +sel_read_perm_42302 sel_read_perm 3 42302 NULL @@ -111892,7 +118107,6 @@ index 0000000..9529806 +krng_get_random_42420 krng_get_random 3 42420 NULL +gsm_data_alloc_42437 gsm_data_alloc 3 42437 NULL +key_conf_keyidx_read_42443 key_conf_keyidx_read 3 42443 NULL -+alloc_request_42448 alloc_request 0 42448 NULL +snd_pcm_action_group_42452 snd_pcm_action_group 0 42452 NULL +tcm_loop_change_queue_depth_42454 tcm_loop_change_queue_depth 2 42454 NULL +kuc_free_42455 kuc_free 2 42455 NULL @@ -111927,7 +118141,6 @@ index 0000000..9529806 +isku_sysfs_read_info_42781 isku_sysfs_read_info 6 42781 &cryptd_hash_setkey_42781 +elfcorehdr_read_notes_42786 elfcorehdr_read_notes 2 42786 NULL +koneplus_sysfs_read_42792 koneplus_sysfs_read 6 42792 NULL -+ptlrpc_request_bufs_pack_42793 ptlrpc_request_bufs_pack 0 42793 NULL +ntfs_attr_extend_allocation_42796 ntfs_attr_extend_allocation 0 42796 NULL +fw_device_op_compat_ioctl_42804 fw_device_op_compat_ioctl 2 42804 NULL +drm_ioctl_42813 drm_ioctl 2 42813 NULL @@ -111939,14 +118152,14 @@ index 0000000..9529806 +xpc_kmalloc_cacheline_aligned_42895 xpc_kmalloc_cacheline_aligned 1 42895 NULL +hd_end_request_42904 hd_end_request 2 42904 NULL +sta_last_rx_rate_read_42909 sta_last_rx_rate_read 3 42909 NULL -+sctp_getsockopt_maxburst_42941 sctp_getsockopt_maxburst 2 42941 NULL nohasharray -+mdc_unpack_acl_42941 mdc_unpack_acl 0 42941 &sctp_getsockopt_maxburst_42941 ++xfs_bmapi_allocate_42938 xfs_bmapi_allocate 0 42938 NULL ++sctp_getsockopt_maxburst_42941 sctp_getsockopt_maxburst 2 42941 NULL +vx_reset_chk_42946 vx_reset_chk 0 42946 NULL +blkdev_direct_IO_42962 blkdev_direct_IO 4 42962 NULL -+read_file_node_stat_42964 read_file_node_stat 3 42964 NULL +compat_udpv6_setsockopt_42981 compat_udpv6_setsockopt 5 42981 NULL +nfs_idmap_get_desc_42990 nfs_idmap_get_desc 4-2 42990 NULL nohasharray +rtw_os_xmit_resource_alloc_42990 rtw_os_xmit_resource_alloc 3 42990 &nfs_idmap_get_desc_42990 ++xfs_da_read_buf_43008 xfs_da_read_buf 0 43008 NULL +isr_rx_mem_overflow_read_43025 isr_rx_mem_overflow_read 3 43025 NULL +wep_default_key_count_read_43035 wep_default_key_count_read 3 43035 NULL +nouveau_gpuobj_create__43072 nouveau_gpuobj_create_ 9 43072 NULL @@ -111966,6 +118179,7 @@ index 0000000..9529806 +ath10k_p2p_calc_noa_ie_len_43209 ath10k_p2p_calc_noa_ie_len 0 43209 NULL +f2fs_acl_from_disk_43210 f2fs_acl_from_disk 2 43210 NULL +atomic_long_add_return_43217 atomic_long_add_return 1-0 43217 NULL ++inode_init_always_43225 inode_init_always 0 43225 NULL +batadv_tt_tvlv_unicast_handler_v1_43239 batadv_tt_tvlv_unicast_handler_v1 5 43239 NULL +vmemmap_alloc_block_43245 vmemmap_alloc_block 1 43245 NULL +ide_end_rq_43269 ide_end_rq 4 43269 NULL @@ -111974,11 +118188,15 @@ index 0000000..9529806 +evtchn_write_43278 evtchn_write 3 43278 &parport_pc_ecp_write_block_pio_43278 +filemap_write_and_wait_range_43279 filemap_write_and_wait_range 0 43279 NULL +mpage_alloc_43299 mpage_alloc 3 43299 NULL -+mmu_set_spte_43327 mmu_set_spte 7-6 43327 NULL ++mmu_set_spte_43327 mmu_set_spte 6-7 43327 NULL +__ext4_get_inode_loc_43332 __ext4_get_inode_loc 0 43332 NULL ++xfs_log_regrant_43350 xfs_log_regrant 0 43350 NULL ++gfs2_rgrp_bh_get_43375 gfs2_rgrp_bh_get 0 43375 NULL ++xfs_btree_new_iroot_43392 xfs_btree_new_iroot 0 43392 NULL +xenfb_write_43412 xenfb_write 3 43412 NULL +__alloc_bootmem_low_43423 __alloc_bootmem_low 1 43423 NULL +usb_alloc_urb_43436 usb_alloc_urb 1 43436 NULL ++cifs_writev_43437 cifs_writev 4 43437 NULL +ath6kl_wmi_roam_tbl_event_rx_43440 ath6kl_wmi_roam_tbl_event_rx 3 43440 NULL +usb_string_43443 usb_string 0 43443 NULL nohasharray +usemap_size_43443 usemap_size 0-2-1 43443 &usb_string_43443 @@ -112009,30 +118227,37 @@ index 0000000..9529806 +fuse_conn_congestion_threshold_write_43736 fuse_conn_congestion_threshold_write 3 43736 NULL +gigaset_initcs_43753 gigaset_initcs 2 43753 NULL +sctp_setsockopt_active_key_43755 sctp_setsockopt_active_key 3 43755 NULL ++xfs_alloc_lookup_eq_43775 xfs_alloc_lookup_eq 0 43775 NULL +ocfs2_xattr_get_value_outside_43787 ocfs2_xattr_get_value_outside 0 43787 NULL nohasharray +byte_pos_43787 byte_pos 0-2 43787 &ocfs2_xattr_get_value_outside_43787 ++xfs_trans_reserve_quota_bydquots_43797 xfs_trans_reserve_quota_bydquots 0 43797 NULL +btrfs_copy_from_user_43806 btrfs_copy_from_user 0-3-1 43806 NULL ++_xfs_filestream_update_ag_43824 _xfs_filestream_update_ag 0 43824 NULL +ieee80211_if_fmt_element_ttl_43825 ieee80211_if_fmt_element_ttl 3 43825 NULL +ieee80211_alloc_hw_43829 ieee80211_alloc_hw 1 43829 NULL +read_flush_43851 read_flush 3 43851 NULL +pm860x_bulk_write_43875 pm860x_bulk_write 2-3 43875 NULL +SendString_43928 SendString 3 43928 NULL +stats_dot11RTSFailureCount_read_43948 stats_dot11RTSFailureCount_read 3 43948 NULL ++xfs_trans_dqresv_43960 xfs_trans_dqresv 0 43960 NULL +__get_required_blob_size_43980 __get_required_blob_size 0-3-2 43980 NULL +nla_reserve_43984 nla_reserve 3 43984 NULL +__clkdev_alloc_43990 __clkdev_alloc 1 43990 NULL +scsi_command_size_43992 scsi_command_size 0 43992 NULL nohasharray +kvm_read_guest_virt_43992 kvm_read_guest_virt 4-2 43992 &scsi_command_size_43992 nohasharray +bcm_recvmsg_43992 bcm_recvmsg 4 43992 &kvm_read_guest_virt_43992 ++ulist_add_43994 ulist_add 0 43994 NULL +emit_flags_44006 emit_flags 4-3 44006 NULL +write_flush_procfs_44011 write_flush_procfs 3 44011 NULL +fru_strlen_44046 fru_strlen 0 44046 NULL +ath9k_def_dump_modal_eeprom_44078 ath9k_def_dump_modal_eeprom 3-2-0 44078 NULL +SYSC_add_key_44079 SYSC_add_key 4 44079 NULL -+__vxge_hw_vpath_tim_configure_44093 __vxge_hw_vpath_tim_configure 2 44093 NULL ++pci_msix_vec_count_44093 pci_msix_vec_count 0 44093 NULL nohasharray ++__vxge_hw_vpath_tim_configure_44093 __vxge_hw_vpath_tim_configure 2 44093 &pci_msix_vec_count_44093 +xlog_recover_add_to_cont_trans_44102 xlog_recover_add_to_cont_trans 4 44102 NULL +skb_frag_dma_map_44112 skb_frag_dma_map 0 44112 NULL -+tracing_set_trace_read_44122 tracing_set_trace_read 3 44122 NULL ++file_remove_suid_44122 file_remove_suid 0 44122 NULL nohasharray ++tracing_set_trace_read_44122 tracing_set_trace_read 3 44122 &file_remove_suid_44122 +SyS_process_vm_writev_44129 SyS_process_vm_writev 3-5 44129 NULL +ttm_get_pages_44142 ttm_get_pages 2 44142 NULL +scsi_get_resid_44147 scsi_get_resid 0 44147 NULL @@ -112048,10 +118273,11 @@ index 0000000..9529806 +ath6kl_keepalive_read_44303 ath6kl_keepalive_read 3 44303 NULL +bitmap_scnprintf_44318 bitmap_scnprintf 0-2 44318 NULL +dispatch_proc_write_44320 dispatch_proc_write 3 44320 NULL ++ccp_init_data_44324 ccp_init_data 5 44324 NULL +rs_init_44327 rs_init 1 44327 NULL ++radix_tree_maybe_preload_44346 radix_tree_maybe_preload 0 44346 NULL +blk_queue_init_tags_44355 blk_queue_init_tags 2 44355 NULL nohasharray +nfs_fscache_get_super_cookie_44355 nfs_fscache_get_super_cookie 3 44355 &blk_queue_init_tags_44355 -+alloc_requests_44372 alloc_requests 0 44372 NULL +rts_threshold_read_44384 rts_threshold_read 3 44384 NULL +mtip_hw_read_flags_44396 mtip_hw_read_flags 3 44396 NULL +aoedev_flush_44398 aoedev_flush 2 44398 NULL @@ -112059,7 +118285,7 @@ index 0000000..9529806 +drm_buffer_alloc_44405 drm_buffer_alloc 2 44405 NULL +osst_do_scsi_44410 osst_do_scsi 4 44410 NULL +ieee80211_if_read_rc_rateidx_mcs_mask_5ghz_44423 ieee80211_if_read_rc_rateidx_mcs_mask_5ghz 3 44423 NULL -+iwl_dbgfs_bf_params_write_44450 iwl_dbgfs_bf_params_write 3 44450 NULL ++xfs_mod_incore_sb_44439 xfs_mod_incore_sb 0 44439 NULL +write_file_debug_44476 write_file_debug 3 44476 NULL +btrfs_chunk_item_size_44478 btrfs_chunk_item_size 0-1 44478 NULL +sdio_align_size_44489 sdio_align_size 0-2 44489 NULL @@ -112072,21 +118298,22 @@ index 0000000..9529806 +SyS_io_getevents_44519 SyS_io_getevents 3 44519 NULL +ieee80211_rx_mgmt_assoc_resp_44525 ieee80211_rx_mgmt_assoc_resp 3 44525 NULL +comm_write_44537 comm_write 3 44537 NULL -+xfs_log_calc_unit_res_44540 xfs_log_calc_unit_res 0-2 44540 NULL +dgrp_config_proc_write_44571 dgrp_config_proc_write 3 44571 NULL ++btrfs_set_extent_delalloc_44587 btrfs_set_extent_delalloc 0 44587 NULL +nouveau_perfmon_create__44602 nouveau_perfmon_create_ 4 44602 NULL ++xfs_bmapi_delay_44630 xfs_bmapi_delay 0 44630 NULL +alloc_ctrl_packet_44667 alloc_ctrl_packet 1 44667 NULL +mpi_resize_44674 mpi_resize 2 44674 NULL +sysfs_create_link_44685 sysfs_create_link 0 44685 NULL +ts_read_44687 ts_read 3 44687 NULL +lov_emerg_alloc_44698 lov_emerg_alloc 1 44698 NULL -+__ocfs2_rotate_tree_left_44705 __ocfs2_rotate_tree_left 3 44705 NULL +xfer_to_user_44713 xfer_to_user 3 44713 NULL nohasharray +__generic_block_fiemap_44713 __generic_block_fiemap 4 44713 &xfer_to_user_44713 +_zd_iowrite32v_locked_44725 _zd_iowrite32v_locked 3 44725 NULL +clusterip_proc_write_44729 clusterip_proc_write 3 44729 NULL +fib_count_nexthops_44730 fib_count_nexthops 0 44730 NULL +key_tx_rx_count_read_44742 key_tx_rx_count_read 3 44742 NULL ++bch_bio_max_sectors_44755 bch_bio_max_sectors 0 44755 NULL +tnode_new_44757 tnode_new 3 44757 NULL nohasharray +pty_write_44757 pty_write 3 44757 &tnode_new_44757 +__videobuf_copy_stream_44769 __videobuf_copy_stream 4-0 44769 NULL @@ -112111,7 +118338,6 @@ index 0000000..9529806 +bytepos_delta_45017 bytepos_delta 0-2 45017 NULL +ptrace_writedata_45021 ptrace_writedata 4 45021 NULL +dm_kvzalloc_45025 dm_kvzalloc 1 45025 NULL -+vhci_get_user_45039 vhci_get_user 3 45039 NULL +sysfs_do_create_link_sd_45057 sysfs_do_create_link_sd 0 45057 NULL +sel_write_user_45060 sel_write_user 3 45060 NULL +snd_mixart_BA0_read_45069 snd_mixart_BA0_read 5 45069 NULL @@ -112122,11 +118348,12 @@ index 0000000..9529806 +cfs_trace_daemon_command_usrstr_45147 cfs_trace_daemon_command_usrstr 2 45147 NULL +gen_bitmask_string_45149 gen_bitmask_string 6 45149 NULL +device_write_45156 device_write 3 45156 NULL nohasharray -+ocfs2_remove_inode_range_45156 ocfs2_remove_inode_range 3-4 45156 &device_write_45156 ++ocfs2_remove_inode_range_45156 ocfs2_remove_inode_range 3 45156 &device_write_45156 +tomoyo_write_self_45161 tomoyo_write_self 3 45161 NULL +sta_agg_status_write_45164 sta_agg_status_write 3 45164 NULL +snd_sb_csp_load_user_45190 snd_sb_csp_load_user 3 45190 NULL nohasharray +sctp_pack_cookie_45190 sctp_pack_cookie 6 45190 &snd_sb_csp_load_user_45190 ++__radix_tree_preload_45197 __radix_tree_preload 0 45197 NULL +iso_alloc_urb_45206 iso_alloc_urb 4-5 45206 NULL +spi_alloc_master_45223 spi_alloc_master 2 45223 NULL +ieee80211_if_read_peer_45233 ieee80211_if_read_peer 3 45233 NULL @@ -112135,8 +118362,10 @@ index 0000000..9529806 +input_mt_init_slots_45279 input_mt_init_slots 2 45279 NULL +gfs2_fiemap_45282 gfs2_fiemap 4 45282 NULL +snd_pcm_oss_sync1_45298 snd_pcm_oss_sync1 2 45298 NULL ++xfs_alert_fsblock_zero_45304 xfs_alert_fsblock_zero 0 45304 NULL +e1000_tx_map_45309 e1000_tx_map 5 45309 NULL +copy_vm86_regs_from_user_45340 copy_vm86_regs_from_user 3 45340 NULL ++brcmf_sdio_died_dump_45359 brcmf_sdio_died_dump 3 45359 NULL +null_alloc_repbuf_45375 null_alloc_repbuf 3 45375 NULL +sock_recv_errqueue_45412 sock_recv_errqueue 3 45412 NULL +ieee80211_if_fmt_dot11MeshHWMProotInterval_45421 ieee80211_if_fmt_dot11MeshHWMProotInterval 3 45421 NULL @@ -112145,9 +118374,10 @@ index 0000000..9529806 +__node_remap_45458 __node_remap 4 45458 NULL +rds_ib_set_wr_signal_state_45463 rds_ib_set_wr_signal_state 0 45463 NULL +tracing_read_dyn_info_45468 tracing_read_dyn_info 3 45468 NULL ++__calc_request_pg_45470 __calc_request_pg 0 45470 NULL ++xfs_btree_block_change_owner_45476 xfs_btree_block_change_owner 0 45476 NULL +rds_message_copy_from_user_45510 rds_message_copy_from_user 3 45510 NULL +i40e_alloc_vfs_45511 i40e_alloc_vfs 2 45511 NULL -+cgroup_read_u64_45532 cgroup_read_u64 5 45532 NULL +copy_macs_45534 copy_macs 4 45534 NULL +nla_attr_size_45545 nla_attr_size 0-1 45545 NULL +v9fs_direct_read_45546 v9fs_direct_read 3 45546 NULL @@ -112178,16 +118408,17 @@ index 0000000..9529806 +ll_max_readahead_mb_seq_write_45815 ll_max_readahead_mb_seq_write 3 45815 NULL +memcg_update_cache_size_45828 memcg_update_cache_size 2 45828 NULL +ipv6_recv_rxpmtu_45830 ipv6_recv_rxpmtu 3 45830 NULL ++insert_state_45848 insert_state 0 45848 NULL +x509_process_extension_45854 x509_process_extension 5 45854 NULL +efx_tx_queue_insert_45859 efx_tx_queue_insert 2 45859 NULL +isdn_write_45863 isdn_write 3 45863 NULL +tpm_config_in_45880 tpm_config_in 0 45880 NULL +get_rdac_req_45882 get_rdac_req 3 45882 NULL -+ima_eventdigest_init_common_45889 ima_eventdigest_init_common 2 45889 NULL +ocfs2_xattr_block_find_45891 ocfs2_xattr_block_find 0 45891 NULL +cfs_cpt_weight_45903 cfs_cpt_weight 0 45903 NULL +wm_adsp_region_to_reg_45915 wm_adsp_region_to_reg 0-2 45915 NULL +dbgfs_frame_45917 dbgfs_frame 3 45917 NULL ++btree_keys_cachelines_45928 btree_keys_cachelines 0 45928 NULL +alloc_mr_45935 alloc_mr 1 45935 NULL +copy_to_45969 copy_to 3 45969 NULL +rb_simple_read_45972 rb_simple_read 3 45972 NULL @@ -112219,7 +118450,6 @@ index 0000000..9529806 +xen_setup_msi_irqs_46245 xen_setup_msi_irqs 2 46245 NULL +mpi_read_raw_data_46248 mpi_read_raw_data 2 46248 NULL +ReadReg_46277 ReadReg 0 46277 NULL -+sptlrpc_req_get_ctx_46303 sptlrpc_req_get_ctx 0 46303 NULL +sg_proc_write_dressz_46316 sg_proc_write_dressz 3 46316 NULL +__hwahc_dev_set_key_46328 __hwahc_dev_set_key 5 46328 NULL nohasharray +compat_SyS_readv_46328 compat_SyS_readv 3 46328 &__hwahc_dev_set_key_46328 @@ -112242,13 +118472,14 @@ index 0000000..9529806 +dn_current_mss_46574 dn_current_mss 0 46574 NULL +serverworks_create_gatt_pages_46582 serverworks_create_gatt_pages 1 46582 NULL +snd_compr_write_data_46592 snd_compr_write_data 3 46592 NULL -+il3945_stats_flag_46606 il3945_stats_flag 3-0 46606 NULL ++il3945_stats_flag_46606 il3945_stats_flag 0-3 46606 NULL +vscnprintf_46617 vscnprintf 0-2 46617 NULL +__kfifo_out_r_46623 __kfifo_out_r 3-0 46623 NULL +request_key_async_with_auxdata_46624 request_key_async_with_auxdata 4 46624 NULL +pci_enable_device_46642 pci_enable_device 0 46642 NULL +vfs_getxattr_alloc_46649 vfs_getxattr_alloc 0 46649 NULL +e1000_tx_map_46672 e1000_tx_map 4 46672 NULL ++l2cap_create_le_flowctl_pdu_46682 l2cap_create_le_flowctl_pdu 3 46682 NULL +alloc_data_packet_46698 alloc_data_packet 1 46698 NULL +__ilog2_u32_46706 __ilog2_u32 0 46706 NULL +erst_dbg_write_46715 erst_dbg_write 3 46715 NULL @@ -112273,38 +118504,41 @@ index 0000000..9529806 +wlcore_alloc_hw_46917 wlcore_alloc_hw 1-3 46917 NULL +fb_write_46924 fb_write 3 46924 NULL +__sctp_setsockopt_connectx_46949 __sctp_setsockopt_connectx 3 46949 NULL -+qla4xxx_post_aen_work_46953 qla4xxx_post_aen_work 3 46953 NULL ++qla4xxx_post_aen_work_46953 qla4xxx_post_aen_work 3 46953 NULL nohasharray ++ntfs_truncate_46953 ntfs_truncate 0 46953 &qla4xxx_post_aen_work_46953 +SYSC_poll_46965 SYSC_poll 2 46965 NULL +crypto_tfm_alg_alignmask_46971 crypto_tfm_alg_alignmask 0 46971 NULL +mgmt_pending_add_46976 mgmt_pending_add 5 46976 NULL +strlcat_46985 strlcat 3 46985 NULL +bitmap_file_clear_bit_46990 bitmap_file_clear_bit 2 46990 NULL -+sel_write_bool_46996 sel_write_bool 3 46996 NULL nohasharray -+gfs2_xattr_system_set_46996 gfs2_xattr_system_set 4 46996 &sel_write_bool_46996 ++sel_write_bool_46996 sel_write_bool 3 46996 NULL +blk_rq_map_kern_47004 blk_rq_map_kern 4 47004 NULL +cx231xx_init_bulk_47024 cx231xx_init_bulk 3-2-4 47024 NULL +fs_path_len_47060 fs_path_len 0 47060 NULL ++event_trigger_regex_write_47067 event_trigger_regex_write 3 47067 NULL +ext4_xattr_list_entries_47070 ext4_xattr_list_entries 0 47070 NULL +pipeline_dec_packet_in_read_47076 pipeline_dec_packet_in_read 3 47076 NULL +scsi_deactivate_tcq_47086 scsi_deactivate_tcq 2 47086 NULL +iwl_dump_nic_event_log_47089 iwl_dump_nic_event_log 0 47089 NULL +ptlrpc_lprocfs_threads_max_seq_write_47104 ptlrpc_lprocfs_threads_max_seq_write 3 47104 NULL +mousedev_read_47123 mousedev_read 3 47123 NULL ++upcall_msg_size_47141 upcall_msg_size 2 47141 NULL +acpi_ut_initialize_buffer_47143 acpi_ut_initialize_buffer 2 47143 NULL nohasharray +ses_recv_diag_47143 ses_recv_diag 4 47143 &acpi_ut_initialize_buffer_47143 +mxms_headerlen_47161 mxms_headerlen 0 47161 NULL +rs_sta_dbgfs_rate_scale_data_read_47165 rs_sta_dbgfs_rate_scale_data_read 3 47165 NULL +rts51x_ms_rw_47171 rts51x_ms_rw 3-4 47171 NULL -+can_set_system_xattr_47182 can_set_system_xattr 4 47182 NULL ++xfs_btree_get_buf_block_47197 xfs_btree_get_buf_block 0 47197 NULL +options_write_47243 options_write 3 47243 NULL +portcntrs_1_read_47253 portcntrs_1_read 3 47253 NULL +ablkcipher_next_slow_47274 ablkcipher_next_slow 4-3 47274 NULL +gfs2_readpages_47285 gfs2_readpages 4 47285 NULL +vsnprintf_47291 vsnprintf 0 47291 NULL -+SYSC_semop_47292 SYSC_semop 3 47292 NULL +tx_internal_desc_overflow_read_47300 tx_internal_desc_overflow_read 3 47300 NULL ++xfs_trans_reserve_quota_nblks_47313 xfs_trans_reserve_quota_nblks 0 47313 NULL +nouveau_fb_create__47316 nouveau_fb_create_ 4 47316 NULL +ieee80211_if_read_dot11MeshHoldingTimeout_47356 ieee80211_if_read_dot11MeshHoldingTimeout 3 47356 NULL ++gfs2_replay_read_block_47357 gfs2_replay_read_block 0 47357 NULL +avc_get_hash_stats_47359 avc_get_hash_stats 0 47359 NULL +kvm_arch_create_memslot_47364 kvm_arch_create_memslot 3 47364 NULL nohasharray +__output_copy_user_47364 __output_copy_user 3 47364 &kvm_arch_create_memslot_47364 @@ -112318,12 +118552,9 @@ index 0000000..9529806 +sta_vht_capa_read_47409 sta_vht_capa_read 3 47409 NULL +crypto_ablkcipher_alignmask_47410 crypto_ablkcipher_alignmask 0 47410 NULL +lbs_wrrf_write_47418 lbs_wrrf_write 3 47418 NULL -+posix_acl_from_disk_47445 posix_acl_from_disk 2 47445 NULL +nvme_trans_send_fw_cmd_47479 nvme_trans_send_fw_cmd 4 47479 NULL +newpart_47485 newpart 6-4 47485 NULL -+mcp23s17_read_regs_47491 mcp23s17_read_regs 4 47491 NULL +core_sys_select_47494 core_sys_select 1 47494 NULL -+alloc_arraycache_47505 alloc_arraycache 2 47505 NULL +unlink_simple_47506 unlink_simple 3 47506 NULL +pstore_decompress_47510 pstore_decompress 0 47510 NULL +__proc_lnet_portal_rotor_47529 __proc_lnet_portal_rotor 5 47529 NULL @@ -112338,6 +118569,7 @@ index 0000000..9529806 +sctp_ssnmap_new_47608 sctp_ssnmap_new 2-1 47608 NULL +cache_read_pipefs_47615 cache_read_pipefs 3 47615 NULL +twl4030_clear_set_47624 twl4030_clear_set 4 47624 NULL ++ccp_sha_setkey_47633 ccp_sha_setkey 3 47633 NULL +get_size_47644 get_size 1-2 47644 NULL +packet_recvmsg_47700 packet_recvmsg 4 47700 NULL nohasharray +ipath_format_hwmsg_47700 ipath_format_hwmsg 2 47700 &packet_recvmsg_47700 @@ -112377,6 +118609,7 @@ index 0000000..9529806 +palmas_bulk_write_48068 palmas_bulk_write 2-3-5 48068 NULL +disc_write_48070 disc_write 3 48070 NULL +mmc_alloc_host_48097 mmc_alloc_host 1 48097 NULL ++xfs_read_agi_48100 xfs_read_agi 0 48100 NULL +skb_copy_datagram_const_iovec_48102 skb_copy_datagram_const_iovec 4-2-5 48102 NULL +vmw_framebuffer_surface_dirty_48132 vmw_framebuffer_surface_dirty 6 48132 NULL +set_discoverable_48141 set_discoverable 4 48141 NULL @@ -112386,7 +118619,6 @@ index 0000000..9529806 +c4iw_id_table_alloc_48163 c4iw_id_table_alloc 3 48163 NULL +rbd_obj_method_sync_48170 rbd_obj_method_sync 8 48170 NULL +alloc_cc770dev_48186 alloc_cc770dev 1 48186 NULL -+brcmf_sdio_chip_cm3_exitdl_48192 brcmf_sdio_chip_cm3_exitdl 4 48192 NULL +cfg80211_process_deauth_48200 cfg80211_process_deauth 3 48200 NULL +ext4_index_trans_blocks_48205 ext4_index_trans_blocks 0-2 48205 NULL +snd_seq_dump_var_event_48209 snd_seq_dump_var_event 0 48209 NULL @@ -112404,7 +118636,6 @@ index 0000000..9529806 +lpfc_idiag_extacc_read_48301 lpfc_idiag_extacc_read 3 48301 NULL +timblogiw_read_48305 timblogiw_read 3 48305 NULL +hash_setkey_48310 hash_setkey 3 48310 NULL -+audio_set_intf_req_48319 audio_set_intf_req 0 48319 NULL +kvm_mmu_pte_write_48340 kvm_mmu_pte_write 2 48340 NULL +skb_add_data_48363 skb_add_data 3 48363 NULL +tx_frag_init_called_read_48377 tx_frag_init_called_read 3 48377 NULL @@ -112417,7 +118648,6 @@ index 0000000..9529806 +compat_SyS_preadv64_48469 compat_SyS_preadv64 3 48469 NULL +ipath_format_hwerrors_48487 ipath_format_hwerrors 5 48487 NULL +r8712_usbctrl_vendorreq_48489 r8712_usbctrl_vendorreq 6 48489 NULL -+ocfs2_refcount_cow_48495 ocfs2_refcount_cow 3 48495 NULL +send_control_msg_48498 send_control_msg 6 48498 NULL +count_masked_bytes_48507 count_masked_bytes 0-1 48507 NULL +diva_os_copy_to_user_48508 diva_os_copy_to_user 4 48508 NULL @@ -112431,6 +118661,7 @@ index 0000000..9529806 +mtd_read_48655 mtd_read 0 48655 NULL +aes_encrypt_packets_read_48666 aes_encrypt_packets_read 3 48666 NULL +sm501_create_subdev_48668 sm501_create_subdev 3-4 48668 NULL ++security_inode_setattr_48689 security_inode_setattr 0 48689 NULL +hysdn_log_write_48694 hysdn_log_write 3 48694 NULL +altera_drscan_48698 altera_drscan 2 48698 NULL +kvm_set_irq_routing_48704 kvm_set_irq_routing 3 48704 NULL @@ -112448,7 +118679,6 @@ index 0000000..9529806 +vc_do_resize_48842 vc_do_resize 3-4 48842 NULL +comedi_buf_write_alloc_48846 comedi_buf_write_alloc 0-2 48846 NULL +suspend_dtim_interval_write_48854 suspend_dtim_interval_write 3 48854 NULL -+sptlrpc_cli_alloc_reqbuf_48855 sptlrpc_cli_alloc_reqbuf 0 48855 NULL +C_SYSC_pwritev64_48864 C_SYSC_pwritev64 3 48864 NULL nohasharray +viafb_dvp1_proc_write_48864 viafb_dvp1_proc_write 3 48864 &C_SYSC_pwritev64_48864 +__ffs_ep0_read_events_48868 __ffs_ep0_read_events 3 48868 NULL @@ -112461,16 +118691,18 @@ index 0000000..9529806 +event_heart_beat_read_48961 event_heart_beat_read 3 48961 NULL +nand_ecc_test_run_48966 nand_ecc_test_run 1 48966 NULL +vmci_handle_arr_create_48971 vmci_handle_arr_create 1 48971 NULL ++xfs_trans_commit_48982 xfs_trans_commit 0 48982 NULL ++gfs2_dir_add_48987 gfs2_dir_add 0 48987 NULL +rds_rm_size_48996 rds_rm_size 0-2 48996 NULL +sel_write_enforce_48998 sel_write_enforce 3 48998 NULL +null_alloc_rs_49019 null_alloc_rs 2 49019 NULL +filemap_check_errors_49022 filemap_check_errors 0 49022 NULL -+aic_inb_49023 aic_inb 0 49023 NULL +transient_status_49027 transient_status 4 49027 NULL ++ll_xattr_cache_add_49032 ll_xattr_cache_add 4-0 49032 NULL +iwl_mvm_power_legacy_dbgfs_read_49038 iwl_mvm_power_legacy_dbgfs_read 4 49038 NULL -+aic7xxx_rem_scb_from_disc_list_49041 aic7xxx_rem_scb_from_disc_list 0 49041 NULL +scsi_register_49094 scsi_register 2 49094 NULL +compat_do_readv_writev_49102 compat_do_readv_writev 4 49102 NULL ++gfs2_diradd_alloc_required_49105 gfs2_diradd_alloc_required 0 49105 NULL +xfrm_replay_state_esn_len_49119 xfrm_replay_state_esn_len 0 49119 NULL +ll_max_cached_mb_seq_write_49122 ll_max_cached_mb_seq_write 3 49122 NULL +pt_read_49136 pt_read 3 49136 NULL @@ -112486,7 +118718,6 @@ index 0000000..9529806 +il4965_rs_sta_dbgfs_stats_table_read_49206 il4965_rs_sta_dbgfs_stats_table_read 3 49206 NULL +do_jffs2_getxattr_49210 do_jffs2_getxattr 0 49210 NULL +nouveau_therm_create__49228 nouveau_therm_create_ 4 49228 NULL -+hugetlb_cgroup_read_49259 hugetlb_cgroup_read 5 49259 NULL +ieee80211_if_read_rssi_threshold_49260 ieee80211_if_read_rssi_threshold 3 49260 NULL +isku_sysfs_read_keys_media_49268 isku_sysfs_read_keys_media 6 49268 NULL +ptlrpc_check_set_49277 ptlrpc_check_set 0 49277 NULL @@ -112506,7 +118737,7 @@ index 0000000..9529806 +compat_do_msg_fill_49440 compat_do_msg_fill 3 49440 NULL +__hfsplus_getxattr_49460 __hfsplus_getxattr 0 49460 NULL +agp_3_5_isochronous_node_enable_49465 agp_3_5_isochronous_node_enable 3 49465 NULL -+xfs_iformat_local_49472 xfs_iformat_local 4 49472 NULL ++xfs_iformat_local_49472 xfs_iformat_local 4-0 49472 NULL +isr_decrypt_done_read_49490 isr_decrypt_done_read 3 49490 NULL +iwl_dbgfs_disable_power_off_read_49517 iwl_dbgfs_disable_power_off_read 3 49517 NULL +SyS_listxattr_49519 SyS_listxattr 3 49519 NULL @@ -112514,8 +118745,9 @@ index 0000000..9529806 +smk_write_access_49561 smk_write_access 3 49561 NULL +alloc_chunk_49575 alloc_chunk 1 49575 NULL +sctp_setsockopt_default_send_param_49578 sctp_setsockopt_default_send_param 3 49578 NULL -+ptlrpc_request_pack_49581 ptlrpc_request_pack 0 49581 NULL +readfifo_49583 readfifo 1 49583 NULL ++gfs2_quota_lock_49587 gfs2_quota_lock 0 49587 NULL ++evm_inode_setattr_49594 evm_inode_setattr 0 49594 NULL +tap_write_49595 tap_write 3 49595 NULL +isr_wakeups_read_49607 isr_wakeups_read 3 49607 NULL +btrfs_mksubvol_49616 btrfs_mksubvol 3 49616 NULL @@ -112523,6 +118755,7 @@ index 0000000..9529806 +smk_write_doi_49621 smk_write_doi 3 49621 NULL +port_fops_read_49626 port_fops_read 3 49626 NULL +btrfsic_cmp_log_and_dev_bytenr_49628 btrfsic_cmp_log_and_dev_bytenr 2 49628 NULL ++xfs_ialloc_get_rec_49648 xfs_ialloc_get_rec 0 49648 NULL +aa_simple_write_to_buffer_49683 aa_simple_write_to_buffer 4-3 49683 NULL +SyS_pwritev_49688 SyS_pwritev 3 49688 NULL +__copy_from_user_nocheck_49699 __copy_from_user_nocheck 0-3 49699 NULL @@ -112546,15 +118779,18 @@ index 0000000..9529806 +timeradd_entry_49850 timeradd_entry 3 49850 NULL +fiemap_count_to_size_49869 fiemap_count_to_size 0-1 49869 NULL +sctp_setsockopt_bindx_49870 sctp_setsockopt_bindx 3 49870 NULL -+ceph_get_caps_49890 ceph_get_caps 0 49890 NULL +osc_brw_49896 osc_brw 4 49896 NULL +config_ep_by_speed_49939 config_ep_by_speed 0 49939 NULL ++xfs_ialloc_ag_alloc_49960 xfs_ialloc_ag_alloc 0 49960 NULL +ieee80211_if_fmt_dtim_count_49987 ieee80211_if_fmt_dtim_count 3 49987 NULL +drm_buffer_copy_from_user_49990 drm_buffer_copy_from_user 3 49990 NULL +l2cap_chan_send_49995 l2cap_chan_send 3 49995 NULL +dn_mss_from_pmtu_50011 dn_mss_from_pmtu 0-2 50011 NULL ++xfs_ialloc_inode_init_50015 xfs_ialloc_inode_init 0 50015 NULL ++security_context_to_sid_50019 security_context_to_sid 2 50019 NULL +isdn_read_50021 isdn_read 3 50021 NULL +mdc_rename_pack_50023 mdc_rename_pack 4-6 50023 NULL ++brcmf_debugfs_chipinfo_read_50033 brcmf_debugfs_chipinfo_read 3 50033 NULL +ioread8_50049 ioread8 0 50049 NULL +fuse_conn_max_background_write_50061 fuse_conn_max_background_write 3 50061 NULL +__kfifo_dma_in_prepare_50081 __kfifo_dma_in_prepare 4 50081 NULL @@ -112567,8 +118803,8 @@ index 0000000..9529806 +rx_streaming_interval_write_50120 rx_streaming_interval_write 3 50120 NULL +jfs_direct_IO_50125 jfs_direct_IO 4 50125 NULL +SYSC_preadv_50134 SYSC_preadv 3 50134 NULL -+copy_items_50140 copy_items 6 50140 NULL +tx_frag_need_fragmentation_read_50153 tx_frag_need_fragmentation_read 3 50153 NULL ++xfs_bwrite_50154 xfs_bwrite 0 50154 NULL +kmalloc_node_50163 kmalloc_node 1 50163 NULL +rx_filter_ibss_filter_read_50167 rx_filter_ibss_filter_read 3 50167 NULL +ahd_probe_stack_size_50168 ahd_probe_stack_size 0 50168 NULL @@ -112600,14 +118836,19 @@ index 0000000..9529806 +l2tp_ip_sendmsg_50411 l2tp_ip_sendmsg 4 50411 NULL +iscsi_create_conn_50425 iscsi_create_conn 2 50425 NULL +validate_acl_mac_addrs_50429 validate_acl_mac_addrs 0 50429 NULL ++xfs_alloc_update_counters_50441 xfs_alloc_update_counters 0 50441 NULL +btrfs_error_discard_extent_50444 btrfs_error_discard_extent 2 50444 NULL +pgctrl_write_50453 pgctrl_write 3 50453 NULL +device_create_sys_dev_entry_50458 device_create_sys_dev_entry 0 50458 NULL +cfs_size_round_50472 cfs_size_round 0-1 50472 NULL +cdrom_read_cdda_50478 cdrom_read_cdda 4 50478 NULL ++xfs_iformat_extents_50486 xfs_iformat_extents 0 50486 NULL ++gfs2_block_map_50492 gfs2_block_map 0 50492 NULL +mei_io_cb_alloc_req_buf_50493 mei_io_cb_alloc_req_buf 2 50493 NULL +pwr_rcvd_awake_beacons_read_50505 pwr_rcvd_awake_beacons_read 3 50505 NULL +ath6kl_set_ap_probe_resp_ies_50539 ath6kl_set_ap_probe_resp_ies 3 50539 NULL ++bh_get_50543 bh_get 0 50543 NULL ++gfs2_meta_inode_buffer_50544 gfs2_meta_inode_buffer 0 50544 NULL +usbat_flash_write_data_50553 usbat_flash_write_data 4 50553 NULL +fat_readpages_50582 fat_readpages 4 50582 NULL +iwl_dbgfs_missed_beacon_read_50584 iwl_dbgfs_missed_beacon_read 3 50584 NULL @@ -112615,6 +118856,7 @@ index 0000000..9529806 +rx_rx_checksum_result_read_50617 rx_rx_checksum_result_read 3 50617 NULL +sparse_early_usemaps_alloc_node_50623 sparse_early_usemaps_alloc_node 4 50623 NULL +simple_transaction_get_50633 simple_transaction_get 3 50633 NULL ++gfs2_unstuff_dinode_50644 gfs2_unstuff_dinode 0 50644 NULL +ath6kl_tm_rx_event_50664 ath6kl_tm_rx_event 3 50664 NULL +bnad_debugfs_read_50665 bnad_debugfs_read 3 50665 NULL +prism2_read_fid_reg_50689 prism2_read_fid_reg 0 50689 NULL @@ -112624,10 +118866,12 @@ index 0000000..9529806 +__ext3_get_inode_loc_50744 __ext3_get_inode_loc 0 50744 NULL +ocfs2_xattr_block_get_50773 ocfs2_xattr_block_get 0 50773 NULL +tm6000_read_write_usb_50774 tm6000_read_write_usb 7 50774 NULL -+bio_alloc_map_data_50782 bio_alloc_map_data 1-2 50782 NULL ++bio_alloc_map_data_50782 bio_alloc_map_data 2 50782 NULL +tpm_write_50798 tpm_write 3 50798 NULL ++tun_do_read_50800 tun_do_read 4 50800 NULL +write_flush_50803 write_flush 3 50803 NULL +dvb_play_50814 dvb_play 3 50814 NULL ++btrfs_stack_file_extent_disk_num_bytes_50825 btrfs_stack_file_extent_disk_num_bytes 0 50825 NULL +dpcm_show_state_50827 dpcm_show_state 0 50827 NULL +SetArea_50835 SetArea 4 50835 NULL +videobuf_dma_init_user_50839 videobuf_dma_init_user 4-3 50839 NULL @@ -112635,6 +118879,7 @@ index 0000000..9529806 +SyS_lgetxattr_50889 SyS_lgetxattr 4 50889 NULL +netlbl_secattr_catmap_walk_rng_50894 netlbl_secattr_catmap_walk_rng 0-2 50894 NULL +__bdev_writeseg_50903 __bdev_writeseg 4 50903 NULL ++xfs_alloc_get_freelist_50906 xfs_alloc_get_freelist 0 50906 NULL +xfs_iext_remove_50909 xfs_iext_remove 3 50909 NULL +blk_rq_cur_sectors_50910 blk_rq_cur_sectors 0 50910 NULL +hash_recvmsg_50924 hash_recvmsg 4 50924 NULL @@ -112644,7 +118889,7 @@ index 0000000..9529806 +virtio_cread16_50951 virtio_cread16 0 50951 NULL +sdio_uart_write_50954 sdio_uart_write 3 50954 NULL +SyS_setxattr_50957 SyS_setxattr 4 50957 NULL -+iwl_statistics_flag_50981 iwl_statistics_flag 3-0 50981 NULL ++iwl_statistics_flag_50981 iwl_statistics_flag 0-3 50981 NULL +timeout_write_50991 timeout_write 3 50991 NULL +proc_write_51003 proc_write 3 51003 NULL +jbd2_journal_extend_51012 jbd2_journal_extend 2 51012 NULL @@ -112659,8 +118904,6 @@ index 0000000..9529806 +jbd2_journal_init_revoke_51088 jbd2_journal_init_revoke 2 51088 NULL +__ocfs2_find_path_51096 __ocfs2_find_path 0 51096 NULL +ti_recv_51110 ti_recv 3 51110 NULL -+uasp_prepare_r_request_51124 uasp_prepare_r_request 0 51124 NULL -+nfs_map_name_to_uid_51132 nfs_map_name_to_uid 3 51132 NULL +alloc_rtllib_51136 alloc_rtllib 1 51136 NULL +simple_xattr_set_51140 simple_xattr_set 4 51140 NULL +xfs_trans_get_efd_51148 xfs_trans_get_efd 3 51148 NULL @@ -112682,10 +118925,10 @@ index 0000000..9529806 +ipw_get_event_log_len_51341 ipw_get_event_log_len 0 51341 NULL +ieee80211_if_fmt_estab_plinks_51370 ieee80211_if_fmt_estab_plinks 3 51370 NULL +radeon_kms_compat_ioctl_51371 radeon_kms_compat_ioctl 2 51371 NULL -+ceph_sync_read_51410 ceph_sync_read 3-0 51410 NULL +blk_register_region_51424 blk_register_region 1-2 51424 NULL +mwifiex_rdeeprom_read_51429 mwifiex_rdeeprom_read 3 51429 NULL +hfsplus_brec_read_51436 hfsplus_brec_read 0 51436 NULL ++xfs_mod_incore_sb_unlocked_51439 xfs_mod_incore_sb_unlocked 0 51439 NULL +ieee80211_if_read_dot11MeshHWMPRootMode_51441 ieee80211_if_read_dot11MeshHWMPRootMode 3 51441 NULL +print_devstats_dot11ACKFailureCount_51443 print_devstats_dot11ACKFailureCount 3 51443 NULL +____alloc_ei_netdev_51475 ____alloc_ei_netdev 1 51475 NULL @@ -112700,6 +118943,7 @@ index 0000000..9529806 +extent_fiemap_51621 extent_fiemap 3 51621 NULL +sctp_auth_create_key_51641 sctp_auth_create_key 1 51641 NULL +iscsi_create_session_51647 iscsi_create_session 3 51647 NULL ++xfs_iformat_btree_51651 xfs_iformat_btree 0 51651 NULL +ps_upsd_utilization_read_51669 ps_upsd_utilization_read 3 51669 NULL +sctp_setsockopt_associnfo_51684 sctp_setsockopt_associnfo 3 51684 NULL +host_mapping_level_51696 host_mapping_level 0 51696 NULL @@ -112732,6 +118976,7 @@ index 0000000..9529806 +snd_mask_min_51969 snd_mask_min 0 51969 NULL +__blkdev_get_51972 __blkdev_get 0 51972 NULL +get_zone_51981 get_zone 0-1 51981 NULL ++cifs_strict_writev_51984 cifs_strict_writev 4 51984 NULL +ath6kl_sdio_alloc_prep_scat_req_51986 ath6kl_sdio_alloc_prep_scat_req 2 51986 NULL +_c4iw_write_mem_dma_51991 _c4iw_write_mem_dma 3 51991 NULL +dwc3_mode_write_51997 dwc3_mode_write 3 51997 NULL @@ -112744,22 +118989,27 @@ index 0000000..9529806 +dvb_ringbuffer_avail_52057 dvb_ringbuffer_avail 0 52057 NULL +__fuse_request_alloc_52060 __fuse_request_alloc 1 52060 NULL +isofs_readpages_52067 isofs_readpages 4 52067 NULL ++mxuport_process_read_urb_data_52072 mxuport_process_read_urb_data 3 52072 NULL +nsm_get_handle_52089 nsm_get_handle 4 52089 NULL ++ulist_add_merge_52096 ulist_add_merge 0 52096 NULL +o2net_debug_read_52105 o2net_debug_read 3 52105 NULL +split_scan_timeout_write_52128 split_scan_timeout_write 3 52128 NULL +retry_count_read_52129 retry_count_read 3 52129 NULL ++xfs_btree_change_owner_52137 xfs_btree_change_owner 0 52137 NULL +gdm_usb_hci_send_52138 gdm_usb_hci_send 3 52138 NULL +sub_alloc_52140 sub_alloc 0 52140 NULL +hysdn_conf_write_52145 hysdn_conf_write 3 52145 NULL +htable_size_52148 htable_size 0-1 52148 NULL ++gfs2_rs_alloc_52152 gfs2_rs_alloc 0 52152 NULL +smk_write_load2_52155 smk_write_load2 3 52155 NULL +ieee80211_if_read_dot11MeshRetryTimeout_52168 ieee80211_if_read_dot11MeshRetryTimeout 3 52168 NULL +mga_compat_ioctl_52170 mga_compat_ioctl 2 52170 NULL +print_prefix_52176 print_prefix 0 52176 NULL +proc_pid_readlink_52186 proc_pid_readlink 3 52186 NULL ++reiserfs_posix_acl_from_disk_52191 reiserfs_posix_acl_from_disk 2 52191 NULL +vmci_qp_broker_alloc_52216 vmci_qp_broker_alloc 6-5 52216 NULL +fuse_request_alloc_52243 fuse_request_alloc 1 52243 NULL nohasharray -+xfs_iomap_eof_align_last_fsb_52243 xfs_iomap_eof_align_last_fsb 3 52243 &fuse_request_alloc_52243 ++xfs_iomap_eof_align_last_fsb_52243 xfs_iomap_eof_align_last_fsb 0 52243 &fuse_request_alloc_52243 +mdiobus_alloc_size_52259 mdiobus_alloc_size 1 52259 NULL +shrink_slab_52261 shrink_slab 2 52261 NULL +sisusbcon_do_font_op_52271 sisusbcon_do_font_op 9 52271 NULL @@ -112770,7 +119020,8 @@ index 0000000..9529806 +hwflags_read_52318 hwflags_read 3 52318 NULL +test_unaligned_bulk_52333 test_unaligned_bulk 3 52333 NULL +hur_len_52339 hur_len 0 52339 NULL -+bytes_to_frames_52362 bytes_to_frames 0-2 52362 NULL ++bytes_to_frames_52362 bytes_to_frames 0-2 52362 NULL nohasharray ++cap_inode_killpriv_52362 cap_inode_killpriv 0 52362 &bytes_to_frames_52362 +copy_entries_to_user_52367 copy_entries_to_user 1 52367 NULL +iwl_dump_fh_52371 iwl_dump_fh 0 52371 NULL +hfsplus_find_attr_52374 hfsplus_find_attr 0 52374 NULL @@ -112791,13 +119042,16 @@ index 0000000..9529806 +ocfs2_extend_no_holes_52483 ocfs2_extend_no_holes 3-4 52483 NULL +fd_do_rw_52495 fd_do_rw 3 52495 NULL +int_tasklet_entry_52500 int_tasklet_entry 3 52500 NULL ++xfs_alloc_get_rec_52502 xfs_alloc_get_rec 0 52502 NULL +lmv_get_easize_52504 lmv_get_easize 0 52504 NULL +pm_qos_power_write_52513 pm_qos_power_write 3 52513 NULL +bt_sock_stream_recvmsg_52518 bt_sock_stream_recvmsg 4 52518 NULL +dup_variable_bug_52525 dup_variable_bug 3 52525 NULL +raw_recvmsg_52529 raw_recvmsg 4 52529 NULL +dccpprobe_read_52549 dccpprobe_read 3 52549 NULL ++ntfs_prepare_pages_for_non_resident_write_52556 ntfs_prepare_pages_for_non_resident_write 0 52556 NULL +debug_level_proc_write_52572 debug_level_proc_write 3 52572 NULL ++kernfs_setattr_52583 kernfs_setattr 0 52583 NULL +isku_sysfs_read_macro_52587 isku_sysfs_read_macro 6 52587 NULL +SyS_setsockopt_52610 SyS_setsockopt 5 52610 NULL +ll_sa_entry_alloc_52611 ll_sa_entry_alloc 4 52611 NULL @@ -112816,7 +119070,7 @@ index 0000000..9529806 +ieee80211_if_read_beacon_timeout_52756 ieee80211_if_read_beacon_timeout 3 52756 NULL +nvme_trans_ext_inq_page_52776 nvme_trans_ext_inq_page 3 52776 NULL +pwr_rcvd_beacons_read_52836 pwr_rcvd_beacons_read 3 52836 NULL -+ext2_xattr_set_acl_52857 ext2_xattr_set_acl 4 52857 NULL ++lb_alloc_ep_req_52837 lb_alloc_ep_req 2 52837 NULL +mon_bin_get_event_52863 mon_bin_get_event 4-6 52863 NULL +twl6030_gpadc_write_52867 twl6030_gpadc_write 1 52867 NULL +qib_decode_6120_err_52876 qib_decode_6120_err 3 52876 NULL @@ -112832,10 +119086,9 @@ index 0000000..9529806 +ieee80211_if_fmt_fwded_mcast_52961 ieee80211_if_fmt_fwded_mcast 3 52961 NULL +tx_tx_exch_read_52986 tx_tx_exch_read 3 52986 NULL +num_node_state_52989 num_node_state 0 52989 NULL -+efivarfs_file_write_53000 efivarfs_file_write 3 53000 NULL -+uasp_alloc_stream_res_53015 uasp_alloc_stream_res 0 53015 NULL +btrfs_free_and_pin_reserved_extent_53016 btrfs_free_and_pin_reserved_extent 2 53016 NULL +tx_tx_exch_pending_read_53018 tx_tx_exch_pending_read 3 53018 NULL ++xfs_rtfree_extent_53024 xfs_rtfree_extent 0 53024 NULL +bio_cur_bytes_53037 bio_cur_bytes 0 53037 NULL +regcache_lzo_block_count_53056 regcache_lzo_block_count 0 53056 NULL +cfi_read_query_53066 cfi_read_query 0 53066 NULL @@ -112844,35 +119097,39 @@ index 0000000..9529806 +mic_virtio_copy_from_user_53107 mic_virtio_copy_from_user 3 53107 NULL +verity_status_53120 verity_status 5 53120 NULL +brcmf_usb_dl_cmd_53130 brcmf_usb_dl_cmd 4 53130 NULL -+ps_poll_ps_poll_max_ap_turn_read_53140 ps_poll_ps_poll_max_ap_turn_read 3 53140 NULL ++inode_newsize_ok_53140 inode_newsize_ok 0 53140 NULL nohasharray ++ps_poll_ps_poll_max_ap_turn_read_53140 ps_poll_ps_poll_max_ap_turn_read 3 53140 &inode_newsize_ok_53140 +ieee80211_bss_info_update_53170 ieee80211_bss_info_update 4 53170 NULL +btrfs_io_bio_alloc_53179 btrfs_io_bio_alloc 2 53179 NULL ++find_good_lh_53183 find_good_lh 0 53183 NULL +clear_capture_buf_53192 clear_capture_buf 2 53192 NULL ++xfs_btree_updkey_53195 xfs_btree_updkey 0 53195 NULL +tx_tx_start_data_read_53219 tx_tx_start_data_read 3 53219 NULL +ptlrpc_lprocfs_req_history_max_seq_write_53243 ptlrpc_lprocfs_req_history_max_seq_write 3 53243 NULL -+hfsplus_xattr_set_posix_acl_53249 hfsplus_xattr_set_posix_acl 4 53249 NULL -+xfs_trans_read_buf_map_53258 xfs_trans_read_buf_map 5 53258 NULL ++xfs_trans_read_buf_map_53258 xfs_trans_read_buf_map 5-0 53258 NULL +wil_write_file_ssid_53266 wil_write_file_ssid 3 53266 NULL +btrfs_file_extent_num_bytes_53269 btrfs_file_extent_num_bytes 0 53269 NULL +ftrace_profile_write_53327 ftrace_profile_write 3 53327 NULL +find_nr_power_limit_53330 find_nr_power_limit 0 53330 NULL +gsm_control_reply_53333 gsm_control_reply 4 53333 NULL -+vm_mmap_53339 vm_mmap 0 53339 NULL ++btree_keys_bytes_53348 btree_keys_bytes 0 53348 NULL +read_6120_creg32_53363 read_6120_creg32 0 53363 NULL +sock_setbindtodevice_53369 sock_setbindtodevice 3 53369 NULL +get_random_bytes_arch_53370 get_random_bytes_arch 2 53370 NULL ++xfs_imap_53389 xfs_imap 0 53389 NULL +isr_cmd_cmplt_read_53439 isr_cmd_cmplt_read 3 53439 NULL +mwifiex_info_read_53447 mwifiex_info_read 3 53447 NULL +apei_exec_run_optional_53452 apei_exec_run_optional 0 53452 NULL +paging64_prefetch_gpte_53468 paging64_prefetch_gpte 4 53468 NULL -+ima_write_template_field_data_53475 ima_write_template_field_data 2 53475 NULL ++ima_write_template_field_data_53475 ima_write_template_field_data 2 53475 NULL nohasharray ++create_trace_kprobe_53475 create_trace_kprobe 1 53475 &ima_write_template_field_data_53475 +iowarrior_read_53483 iowarrior_read 3 53483 NULL +osd_req_write_kern_53486 osd_req_write_kern 5 53486 NULL +do_verify_xattr_datum_53499 do_verify_xattr_datum 0 53499 NULL +snd_pcm_format_physical_width_53505 snd_pcm_format_physical_width 0 53505 NULL +dbAllocNext_53506 dbAllocNext 0 53506 NULL -+ocfs2_xattr_set_acl_53508 ocfs2_xattr_set_acl 4 53508 NULL +check_acl_53512 check_acl 0 53512 NULL ++ll_xattr_cache_update_53515 ll_xattr_cache_update 4 53515 NULL +nft_data_dump_53549 nft_data_dump 5 53549 NULL +SYSC_bind_53582 SYSC_bind 3 53582 NULL +cifs_utf16_bytes_53593 cifs_utf16_bytes 0 53593 NULL @@ -112887,11 +119144,11 @@ index 0000000..9529806 +bdev_logical_block_size_53690 bdev_logical_block_size 0 53690 NULL nohasharray +igb_alloc_q_vector_53690 igb_alloc_q_vector 4-6 53690 &bdev_logical_block_size_53690 +find_overflow_devnum_53711 find_overflow_devnum 0 53711 NULL -+bio_integrity_split_53714 bio_integrity_split 3 53714 NULL +__proc_debug_mb_53732 __proc_debug_mb 5 53732 NULL +wdm_write_53735 wdm_write 3 53735 NULL +amdtp_out_stream_get_max_payload_53755 amdtp_out_stream_get_max_payload 0 53755 NULL nohasharray +lpfc_idiag_queacc_read_qe_53755 lpfc_idiag_queacc_read_qe 0-2 53755 &amdtp_out_stream_get_max_payload_53755 ++wa_populate_buf_in_urb_53758 wa_populate_buf_in_urb 3-4 53758 NULL +ext2_acl_count_53773 ext2_acl_count 0-1 53773 NULL +__kfifo_dma_in_prepare_r_53792 __kfifo_dma_in_prepare_r 4-5 53792 NULL +qp_alloc_host_work_53798 qp_alloc_host_work 5-3 53798 NULL @@ -112902,6 +119159,7 @@ index 0000000..9529806 +pms_read_53873 pms_read 3 53873 NULL +ieee80211_if_fmt_dropped_frames_congestion_53883 ieee80211_if_fmt_dropped_frames_congestion 3 53883 NULL +SyS_setgroups_53900 SyS_setgroups 1 53900 NULL ++posix_acl_chmod_53904 posix_acl_chmod 0 53904 NULL +batadv_tt_tvlv_ogm_handler_v1_53909 batadv_tt_tvlv_ogm_handler_v1 5 53909 NULL +usb_serial_generic_write_53927 usb_serial_generic_write 4 53927 NULL +ocfs2_make_clusters_writable_53938 ocfs2_make_clusters_writable 0 53938 NULL @@ -112919,7 +119177,7 @@ index 0000000..9529806 +_malloc_54077 _malloc 1 54077 NULL +bitmap_bitremap_54096 bitmap_bitremap 4 54096 NULL +altera_set_ir_pre_54103 altera_set_ir_pre 2 54103 NULL nohasharray -+lustre_posix_acl_xattr_filter_54103 lustre_posix_acl_xattr_filter 2 54103 &altera_set_ir_pre_54103 ++lustre_posix_acl_xattr_filter_54103 lustre_posix_acl_xattr_filter 2-0 54103 &altera_set_ir_pre_54103 +__comedi_buf_write_alloc_54112 __comedi_buf_write_alloc 0-2 54112 NULL +strn_len_54122 strn_len 0 54122 NULL +isku_receive_54130 isku_receive 4 54130 NULL @@ -112931,7 +119189,6 @@ index 0000000..9529806 +do_sys_poll_54221 do_sys_poll 2 54221 NULL +__register_chrdev_54223 __register_chrdev 2-3 54223 NULL +pi_read_regr_54231 pi_read_regr 0 54231 NULL -+mcp23s08_read_regs_54246 mcp23s08_read_regs 4 54246 NULL +reada_add_block_54247 reada_add_block 2 54247 NULL +xfs_dir2_sf_addname_hard_54254 xfs_dir2_sf_addname_hard 3 54254 NULL +ceph_msgpool_get_54258 ceph_msgpool_get 2 54258 NULL @@ -112948,7 +119205,6 @@ index 0000000..9529806 +br_fdb_fillbuf_54339 br_fdb_fillbuf 0 54339 NULL +__alloc_dev_table_54343 __alloc_dev_table 2 54343 NULL +__get_free_pages_54352 __get_free_pages 0 54352 NULL -+tcf_hash_create_54360 tcf_hash_create 4 54360 NULL +read_file_credit_dist_stats_54367 read_file_credit_dist_stats 3 54367 NULL +vfs_readlink_54368 vfs_readlink 3 54368 NULL +do_dccp_setsockopt_54377 do_dccp_setsockopt 5 54377 NULL nohasharray @@ -112961,7 +119217,6 @@ index 0000000..9529806 +sparse_early_mem_maps_alloc_node_54485 sparse_early_mem_maps_alloc_node 4 54485 NULL +simple_strtoull_54493 simple_strtoull 0 54493 NULL +btrfs_ordered_sum_size_54509 btrfs_ordered_sum_size 0-2 54509 NULL -+cgroup_write_X64_54514 cgroup_write_X64 5 54514 NULL +rfc4106_set_key_54519 rfc4106_set_key 3 54519 NULL +vmci_transport_dgram_enqueue_54525 vmci_transport_dgram_enqueue 4 54525 NULL +viacam_read_54526 viacam_read 3 54526 NULL @@ -112992,22 +119247,22 @@ index 0000000..9529806 +iio_event_chrdev_read_54757 iio_event_chrdev_read 3 54757 NULL +adis16480_show_firmware_date_54762 adis16480_show_firmware_date 3 54762 NULL +ldsem_atomic_update_54774 ldsem_atomic_update 1 54774 NULL ++xfs_rtallocate_extent_block_54791 xfs_rtallocate_extent_block 0 54791 NULL +flexcop_device_kmalloc_54793 flexcop_device_kmalloc 1 54793 NULL +nfsd_write_54809 nfsd_write 6 54809 NULL +ar9287_dump_modal_eeprom_54814 ar9287_dump_modal_eeprom 3-2 54814 NULL +crypto_tfm_ctx_alignment_54815 crypto_tfm_ctx_alignment 0 54815 NULL nohasharray +kvzalloc_54815 kvzalloc 1 54815 &crypto_tfm_ctx_alignment_54815 nohasharray +aes_decrypt_fail_read_54815 aes_decrypt_fail_read 3 54815 &kvzalloc_54815 -+generic_perform_write_54832 generic_perform_write 3 54832 NULL ++generic_perform_write_54832 generic_perform_write 3-0 54832 NULL +write_rio_54837 write_rio 3 54837 NULL +ext3_acl_from_disk_54839 ext3_acl_from_disk 2 54839 NULL nohasharray +nouveau_engctx_create__54839 nouveau_engctx_create_ 8 54839 &ext3_acl_from_disk_54839 -+ll_layout_conf_54841 ll_layout_conf 0 54841 NULL +ufx_ops_write_54848 ufx_ops_write 3 54848 NULL +printer_read_54851 printer_read 3 54851 NULL -+alloc_ep_req_54860 alloc_ep_req 2 54860 NULL +broadsheet_spiflash_rewrite_sector_54864 broadsheet_spiflash_rewrite_sector 2 54864 NULL +prism_build_supp_rates_54865 prism_build_supp_rates 0 54865 NULL ++xfs_alloc_read_agfl_54879 xfs_alloc_read_agfl 0 54879 NULL +iscsi_pool_init_54913 iscsi_pool_init 2-4 54913 NULL nohasharray +kobject_set_name_vargs_54913 kobject_set_name_vargs 0 54913 &iscsi_pool_init_54913 +btrfs_stack_chunk_num_stripes_54923 btrfs_stack_chunk_num_stripes 0 54923 NULL @@ -113028,8 +119283,11 @@ index 0000000..9529806 +crypto_ahash_setkey_55134 crypto_ahash_setkey 3 55134 NULL +filldir_55137 filldir 3 55137 NULL +ocfs2_truncate_file_55148 ocfs2_truncate_file 3 55148 NULL -+npages_to_npools_55149 npages_to_npools 0-1 55149 NULL ++xfs_check_agi_freecount_55149 xfs_check_agi_freecount 0 55149 NULL nohasharray ++npages_to_npools_55149 npages_to_npools 0-1 55149 &xfs_check_agi_freecount_55149 +ieee80211_if_read_uapsd_queues_55150 ieee80211_if_read_uapsd_queues 3 55150 NULL ++xfs_icsb_modify_counters_55156 xfs_icsb_modify_counters 0 55156 NULL ++gfs2_ri_update_55185 gfs2_ri_update 0 55185 NULL +mtd_get_fact_prot_info_55186 mtd_get_fact_prot_info 0 55186 NULL +sel_write_relabel_55195 sel_write_relabel 3 55195 NULL +sched_feat_write_55202 sched_feat_write 3 55202 NULL @@ -113056,7 +119314,6 @@ index 0000000..9529806 +iwl_dbgfs_plcp_delta_read_55407 iwl_dbgfs_plcp_delta_read 3 55407 NULL +sysfs_chmod_file_55408 sysfs_chmod_file 0 55408 NULL +si476x_radio_read_rds_blckcnt_blob_55427 si476x_radio_read_rds_blckcnt_blob 3 55427 NULL -+sysfs_sd_setattr_55437 sysfs_sd_setattr 0 55437 NULL +__vxge_hw_channel_allocate_55462 __vxge_hw_channel_allocate 3 55462 NULL +cx23888_ir_rx_read_55473 cx23888_ir_rx_read 3 55473 NULL +snd_pcm_lib_write_55483 snd_pcm_lib_write 0-3 55483 NULL @@ -113064,6 +119321,7 @@ index 0000000..9529806 +batadv_tt_entries_55487 batadv_tt_entries 0-1 55487 NULL +ras_stride_increase_window_55501 ras_stride_increase_window 3 55501 NULL +tx_tx_done_int_template_read_55511 tx_tx_done_int_template_read 3 55511 NULL ++xfs_btree_split_55515 xfs_btree_split 0 55515 NULL +ea_get_55522 ea_get 3-0 55522 NULL +buffer_size_55534 buffer_size 0 55534 NULL +set_msr_interception_55538 set_msr_interception 2 55538 NULL @@ -113071,11 +119329,9 @@ index 0000000..9529806 +dgap_do_config_load_55548 dgap_do_config_load 2 55548 NULL +hash_ipport6_expire_55549 hash_ipport6_expire 4 55549 NULL +dm_stats_list_55551 dm_stats_list 4 55551 NULL -+__vdev_disk_physio_55568 __vdev_disk_physio 4 55568 NULL +add_partition_55588 add_partition 2 55588 NULL +kstrtou8_from_user_55599 kstrtou8_from_user 2 55599 NULL -+SyS_keyctl_55602 SyS_keyctl 4 55602 NULL nohasharray -+config_buf_55602 config_buf 0 55602 &SyS_keyctl_55602 ++SyS_keyctl_55602 SyS_keyctl 4 55602 NULL +macvtap_put_user_55609 macvtap_put_user 4 55609 NULL +selinux_setprocattr_55611 selinux_setprocattr 4 55611 NULL +edge_tty_recv_55622 edge_tty_recv 3 55622 NULL @@ -113087,7 +119343,6 @@ index 0000000..9529806 +il_dbgfs_tx_queue_read_55668 il_dbgfs_tx_queue_read 3 55668 NULL +get_info_55681 get_info 3 55681 NULL +iwl_dbgfs_plcp_delta_write_55682 iwl_dbgfs_plcp_delta_write 3 55682 NULL -+echo_big_lmm_get_55690 echo_big_lmm_get 0 55690 NULL +genl_allocate_reserve_groups_55705 genl_allocate_reserve_groups 1 55705 NULL +pm8001_store_update_fw_55716 pm8001_store_update_fw 4 55716 NULL +ocfs2_lock_refcount_tree_55719 ocfs2_lock_refcount_tree 0 55719 NULL @@ -113117,6 +119372,7 @@ index 0000000..9529806 +btrfs_clone_55977 btrfs_clone 5-3 55977 NULL +wa_xfer_create_subset_sg_55992 wa_xfer_create_subset_sg 3-2 55992 NULL +nvme_alloc_iod_56027 nvme_alloc_iod 1-2 56027 NULL ++usb_ocp_write_56047 usb_ocp_write 4 56047 NULL +dccp_sendmsg_56058 dccp_sendmsg 4 56058 NULL +pscsi_get_bio_56103 pscsi_get_bio 1 56103 NULL +add_sysfs_param_56108 add_sysfs_param 0 56108 NULL @@ -113142,6 +119398,7 @@ index 0000000..9529806 +snd_rawmidi_read_56337 snd_rawmidi_read 3 56337 NULL +vxge_os_dma_malloc_async_56348 vxge_os_dma_malloc_async 3 56348 NULL +mite_device_bytes_transferred_56355 mite_device_bytes_transferred 0 56355 NULL ++qd_get_56365 qd_get 0 56365 NULL +iov_iter_copy_from_user_atomic_56368 iov_iter_copy_from_user_atomic 4-0 56368 NULL +dev_read_56369 dev_read 3 56369 NULL +ath10k_read_simulate_fw_crash_56371 ath10k_read_simulate_fw_crash 3 56371 NULL @@ -113150,18 +119407,21 @@ index 0000000..9529806 +do_get_write_access_56410 do_get_write_access 0 56410 NULL +store_msg_56417 store_msg 3 56417 NULL +pppol2tp_sendmsg_56420 pppol2tp_sendmsg 4 56420 NULL ++l2cap_segment_le_sdu_56426 l2cap_segment_le_sdu 4 56426 NULL +fl_create_56435 fl_create 5 56435 NULL +gnttab_map_56439 gnttab_map 2 56439 NULL +cx231xx_init_isoc_56453 cx231xx_init_isoc 3-2-4 56453 NULL +set_connectable_56458 set_connectable 4 56458 NULL +osd_req_list_partition_objects_56464 osd_req_list_partition_objects 5 56464 NULL +putused_user_56467 putused_user 3 56467 NULL ++ocfs2_zero_extend_range_56468 ocfs2_zero_extend_range 3-2 56468 NULL +lbs_rdmac_write_56471 lbs_rdmac_write 3 56471 NULL +calc_linear_pos_56472 calc_linear_pos 0-3 56472 NULL +crypto_shash_alignmask_56486 crypto_shash_alignmask 0 56486 NULL +ieee80211_rx_mgmt_probe_beacon_56491 ieee80211_rx_mgmt_probe_beacon 3 56491 NULL ++memblock_virt_alloc_56501 memblock_virt_alloc 1 56501 NULL +init_map_ip_56508 init_map_ip 5 56508 NULL -+lustre_posix_acl_xattr_reduce_space_56512 lustre_posix_acl_xattr_reduce_space 3 56512 NULL ++lustre_posix_acl_xattr_reduce_space_56512 lustre_posix_acl_xattr_reduce_space 3-0-2 56512 NULL +cfg80211_connect_result_56515 cfg80211_connect_result 4-6 56515 NULL +ip_options_get_56538 ip_options_get 4 56538 NULL +ll_wr_track_id_56544 ll_wr_track_id 2 56544 NULL @@ -113179,11 +119439,13 @@ index 0000000..9529806 +dvb_ringbuffer_read_user_56702 dvb_ringbuffer_read_user 3-0 56702 NULL +sta_flags_read_56710 sta_flags_read 3 56710 NULL +ipv6_getsockopt_sticky_56711 ipv6_getsockopt_sticky 5 56711 NULL ++xfs_btree_decrement_56718 xfs_btree_decrement 0 56718 NULL +__wa_xfer_setup_segs_56725 __wa_xfer_setup_segs 2 56725 NULL +__copy_from_user_ll_56738 __copy_from_user_ll 0-3 56738 NULL +drm_agp_bind_pages_56748 drm_agp_bind_pages 3 56748 NULL +btrfsic_map_block_56751 btrfsic_map_block 2 56751 NULL +ttm_alloc_new_pages_56792 ttm_alloc_new_pages 5 56792 NULL ++ion_ioctl_56806 ion_ioctl 2 56806 NULL +do_syslog_56807 do_syslog 3 56807 NULL +mtdchar_write_56831 mtdchar_write 3 56831 NULL +snd_rawmidi_kernel_write1_56847 snd_rawmidi_kernel_write1 4-0 56847 NULL @@ -113193,10 +119455,10 @@ index 0000000..9529806 +debug_debug3_read_56894 debug_debug3_read 3 56894 NULL +batadv_tt_update_changes_56895 batadv_tt_update_changes 3 56895 NULL +hfsplus_find_cat_56899 hfsplus_find_cat 0 56899 NULL -+hfsplus_setxattr_56902 hfsplus_setxattr 4 56902 NULL +strcspn_56913 strcspn 0 56913 NULL +__kfifo_out_56927 __kfifo_out 0-3 56927 NULL +journal_init_revoke_56933 journal_init_revoke 2 56933 NULL ++xfs_alloc_ag_vextent_56943 xfs_alloc_ag_vextent 0 56943 NULL +nouveau_xtensa_create__56952 nouveau_xtensa_create_ 8 56952 NULL +diva_get_driver_info_56967 diva_get_driver_info 0 56967 NULL +nouveau_device_create__56984 nouveau_device_create_ 6 56984 NULL @@ -113215,18 +119477,19 @@ index 0000000..9529806 +altera_get_note_57099 altera_get_note 6 57099 NULL +hpfs_readpages_57106 hpfs_readpages 4 57106 NULL +crypto_compress_ctxsize_57109 crypto_compress_ctxsize 0 57109 NULL -+sysfs_write_file_57116 sysfs_write_file 3 57116 NULL +cipso_v4_gentag_loc_57119 cipso_v4_gentag_loc 0 57119 NULL +rds_ib_sub_signaled_57136 rds_ib_sub_signaled 2 57136 NULL nohasharray +nl80211_send_deauth_57136 nl80211_send_deauth 4 57136 &rds_ib_sub_signaled_57136 nohasharray +ima_show_htable_value_57136 ima_show_htable_value 2 57136 &nl80211_send_deauth_57136 +snd_sonicvibes_getdmac_57140 snd_sonicvibes_getdmac 0 57140 NULL ++_iwl_dbgfs_bf_params_write_57141 _iwl_dbgfs_bf_params_write 3 57141 NULL +udl_prime_create_57159 udl_prime_create 2 57159 NULL +stk_prepare_sio_buffers_57168 stk_prepare_sio_buffers 2 57168 NULL +rx_hw_stuck_read_57179 rx_hw_stuck_read 3 57179 NULL +hash_netnet6_expire_57191 hash_netnet6_expire 4 57191 NULL +tt3650_ci_msg_57219 tt3650_ci_msg 4 57219 NULL +dma_fifo_alloc_57236 dma_fifo_alloc 5-3-2 57236 NULL ++flush_space_57241 flush_space 0 57241 NULL +rsxx_cram_write_57244 rsxx_cram_write 3 57244 NULL +ieee80211_if_fmt_tsf_57249 ieee80211_if_fmt_tsf 3 57249 NULL +oprofilefs_ulong_from_user_57251 oprofilefs_ulong_from_user 3 57251 NULL @@ -113235,7 +119498,8 @@ index 0000000..9529806 +pstore_file_read_57288 pstore_file_read 3 57288 NULL +snd_pcm_read_57289 snd_pcm_read 3 57289 NULL +ftdi_elan_write_57309 ftdi_elan_write 3 57309 NULL -+write_file_regval_57313 write_file_regval 3 57313 NULL ++xfs_iread_57313 xfs_iread 0 57313 NULL nohasharray ++write_file_regval_57313 write_file_regval 3 57313 &xfs_iread_57313 +__mxt_write_reg_57326 __mxt_write_reg 3 57326 NULL +usblp_read_57342 usblp_read 3 57342 NULL +print_devstats_dot11RTSFailureCount_57347 print_devstats_dot11RTSFailureCount 3 57347 NULL @@ -113253,7 +119517,8 @@ index 0000000..9529806 +bnad_debugfs_write_regwr_57500 bnad_debugfs_write_regwr 3 57500 NULL +skb_headlen_57501 skb_headlen 0 57501 NULL +copy_in_user_57502 copy_in_user 3 57502 NULL -+ckhdid_printf_57505 ckhdid_printf 2 57505 NULL ++ckhdid_printf_57505 ckhdid_printf 2 57505 NULL nohasharray ++gfs2_quota_hold_57505 gfs2_quota_hold 0 57505 &ckhdid_printf_57505 +init_tag_map_57515 init_tag_map 3 57515 NULL +il_dbgfs_force_reset_read_57517 il_dbgfs_force_reset_read 3 57517 NULL nohasharray +wil_read_file_ssid_57517 wil_read_file_ssid 3 57517 &il_dbgfs_force_reset_read_57517 @@ -113271,6 +119536,7 @@ index 0000000..9529806 +tx_tx_retry_template_read_57623 tx_tx_retry_template_read 3 57623 NULL +sisusbcon_putcs_57630 sisusbcon_putcs 3 57630 NULL +mem_read_57631 mem_read 3 57631 NULL ++xfs_alloc_ag_vextent_near_57653 xfs_alloc_ag_vextent_near 0 57653 NULL +r3964_write_57662 r3964_write 4 57662 NULL +proc_ns_readlink_57664 proc_ns_readlink 3 57664 NULL +__lgwrite_57669 __lgwrite 4 57669 NULL @@ -113283,23 +119549,28 @@ index 0000000..9529806 +ieee80211_if_fmt_dot11MeshHWMPpreqMinInterval_57762 ieee80211_if_fmt_dot11MeshHWMPpreqMinInterval 3 57762 NULL +SYSC_process_vm_writev_57776 SYSC_process_vm_writev 3-5 57776 NULL +apei_exec_collect_resources_57788 apei_exec_collect_resources 0 57788 NULL ++security_inode_unlink_57791 security_inode_unlink 0 57791 NULL +ld2_57794 ld2 0 57794 NULL +ivtv_read_57796 ivtv_read 3 57796 NULL ++ion_test_ioctl_57799 ion_test_ioctl 2 57799 NULL +bfad_debugfs_read_regrd_57830 bfad_debugfs_read_regrd 3 57830 NULL +copy_to_user_57835 copy_to_user 3-0 57835 NULL -+flash_read_57843 flash_read 3 57843 NULL ++xfs_rtpick_extent_57843 xfs_rtpick_extent 0 57843 NULL nohasharray ++flash_read_57843 flash_read 3 57843 &xfs_rtpick_extent_57843 +kiblnd_create_tx_pool_57846 kiblnd_create_tx_pool 2 57846 NULL ++radeon_ttm_gtt_read_57879 radeon_ttm_gtt_read 3 57879 NULL +xt_alloc_table_info_57903 xt_alloc_table_info 1 57903 NULL +iio_read_first_n_kfifo_57910 iio_read_first_n_kfifo 2 57910 NULL ++ll_xattr_find_get_lock_57912 ll_xattr_find_get_lock 0 57912 NULL +memcg_caches_array_size_57918 memcg_caches_array_size 0-1 57918 NULL +twl_i2c_write_57923 twl_i2c_write 3-4 57923 NULL +__snd_gf1_look16_57925 __snd_gf1_look16 0 57925 NULL +sel_read_handle_unknown_57933 sel_read_handle_unknown 3 57933 NULL ++xfs_inode_item_format_convert_57937 xfs_inode_item_format_convert 0 57937 NULL +xfs_mru_cache_create_57943 xfs_mru_cache_create 3 57943 NULL +key_algorithm_read_57946 key_algorithm_read 3 57946 NULL +ip_set_alloc_57953 ip_set_alloc 1 57953 NULL nohasharray +ioat3_dca_count_dca_slots_57953 ioat3_dca_count_dca_slots 0 57953 &ip_set_alloc_57953 -+do_rx_dma_57996 do_rx_dma 5 57996 NULL +rx_reset_counter_read_58001 rx_reset_counter_read 3 58001 NULL +iwl_dbgfs_ucode_rx_stats_read_58023 iwl_dbgfs_ucode_rx_stats_read 3 58023 NULL +io_playback_transfer_58030 io_playback_transfer 4 58030 NULL @@ -113309,8 +119580,12 @@ index 0000000..9529806 +cm4040_write_58079 cm4040_write 3 58079 NULL +ipv6_flowlabel_opt_58135 ipv6_flowlabel_opt 3 58135 NULL nohasharray +slhc_init_58135 slhc_init 1-2 58135 &ipv6_flowlabel_opt_58135 ++rd_build_prot_space_58137 rd_build_prot_space 2 58137 NULL ++xfs_bmap_add_extent_delay_real_58151 xfs_bmap_add_extent_delay_real 0 58151 NULL ++xfs_btree_update_58167 xfs_btree_update 0 58167 NULL +garmin_write_bulk_58191 garmin_write_bulk 3 58191 NULL +ieee80211_if_fmt_flags_58205 ieee80211_if_fmt_flags 3 58205 NULL ++i40evf_allocate_virt_mem_d_58210 i40evf_allocate_virt_mem_d 3 58210 NULL +btrfsic_create_link_to_next_block_58246 btrfsic_create_link_to_next_block 4 58246 NULL +read_file_debug_58256 read_file_debug 3 58256 NULL +osc_max_dirty_mb_seq_write_58263 osc_max_dirty_mb_seq_write 3 58263 NULL @@ -113329,17 +119604,19 @@ index 0000000..9529806 +_drbd_md_sync_page_io_58403 _drbd_md_sync_page_io 6 58403 NULL +kvm_mmu_write_protect_pt_masked_58406 kvm_mmu_write_protect_pt_masked 3 58406 NULL nohasharray +idetape_pad_zeros_58406 idetape_pad_zeros 2 58406 &kvm_mmu_write_protect_pt_masked_58406 ++xfs_btree_get_rec_58410 xfs_btree_get_rec 0 58410 NULL +i2400m_pld_size_58415 i2400m_pld_size 0 58415 NULL +capabilities_read_58457 capabilities_read 3 58457 NULL ++usnic_vnic_get_resources_58462 usnic_vnic_get_resources 3 58462 NULL +lpfc_idiag_baracc_read_58466 lpfc_idiag_baracc_read 3 58466 NULL nohasharray +compat_do_ipt_set_ctl_58466 compat_do_ipt_set_ctl 4 58466 &lpfc_idiag_baracc_read_58466 +nv_rd08_58472 nv_rd08 0 58472 NULL +acpi_tables_sysfs_init_58477 acpi_tables_sysfs_init 0 58477 NULL +snd_gf1_read_addr_58483 snd_gf1_read_addr 0 58483 NULL +snd_rme96_capture_copy_58484 snd_rme96_capture_copy 5 58484 NULL -+btrfs_cont_expand_58498 btrfs_cont_expand 2-3 58498 NULL ++btrfs_cont_expand_58498 btrfs_cont_expand 0-2-3 58498 NULL ++gfs2_dir_get_new_buffer_58509 gfs2_dir_get_new_buffer 0 58509 NULL +rndis_add_response_58544 rndis_add_response 2 58544 NULL -+ldlm_srv_pool_shrink_58554 ldlm_srv_pool_shrink 0 58554 NULL +wep_decrypt_fail_read_58567 wep_decrypt_fail_read 3 58567 NULL +scnprint_mac_oui_58578 scnprint_mac_oui 3-0 58578 NULL +get_rhf_errstring_58582 get_rhf_errstring 3 58582 NULL @@ -113349,6 +119626,7 @@ index 0000000..9529806 +ecryptfs_write_end_58594 ecryptfs_write_end 5-3 58594 NULL +radeon_bo_size_58606 radeon_bo_size 0 58606 NULL +skb_copy_to_page_nocache_58624 skb_copy_to_page_nocache 6 58624 NULL ++filemap_fdatawrite_range_58630 filemap_fdatawrite_range 0 58630 NULL +tx_tx_start_fw_gen_read_58648 tx_tx_start_fw_gen_read 3 58648 NULL +iwl_dbgfs_rx_handlers_write_58655 iwl_dbgfs_rx_handlers_write 3 58655 NULL +find_zero_58685 find_zero 0-1 58685 NULL @@ -113370,10 +119648,11 @@ index 0000000..9529806 +lprocfs_wr_pinger_recov_58914 lprocfs_wr_pinger_recov 3 58914 NULL +print_devstats_dot11FCSErrorCount_58919 print_devstats_dot11FCSErrorCount 3 58919 NULL +pipeline_cs_rx_packet_out_read_58926 pipeline_cs_rx_packet_out_read 3 58926 NULL -+sptlrpc_import_sec_adapt_58948 sptlrpc_import_sec_adapt 0 58948 NULL ++xfs_bmap_read_extents_58936 xfs_bmap_read_extents 0 58936 NULL +wait_table_hash_nr_entries_58962 wait_table_hash_nr_entries 0 58962 NULL +ieee80211_if_fmt_dot11MeshHWMPactivePathToRootTimeout_58965 ieee80211_if_fmt_dot11MeshHWMPactivePathToRootTimeout 3 58965 NULL +crypto_aead_ivsize_58970 crypto_aead_ivsize 0 58970 NULL ++__mem_cgroup_try_charge_58976 __mem_cgroup_try_charge 0 58976 NULL +init_list_set_59005 init_list_set 3 59005 NULL +ep_write_59008 ep_write 3 59008 NULL +lpfc_idiag_baracc_write_59014 lpfc_idiag_baracc_write 3 59014 NULL @@ -113382,32 +119661,34 @@ index 0000000..9529806 +selinux_transaction_write_59038 selinux_transaction_write 3 59038 NULL +crypto_aead_reqsize_59039 crypto_aead_reqsize 0 59039 NULL +regmap_bulk_write_59049 regmap_bulk_write 2-4 59049 NULL -+sysfs_link_sibling_59078 sysfs_link_sibling 0 59078 NULL +mmc_sd_num_wr_blocks_59112 mmc_sd_num_wr_blocks 0 59112 NULL -+scsi_io_completion_59122 scsi_io_completion 2 59122 NULL ++scsi_io_completion_59122 scsi_io_completion 2 59122 NULL nohasharray ++sta_tx_latency_stat_table_59122 sta_tx_latency_stat_table 0-4-5 59122 &scsi_io_completion_59122 +nfc_llcp_send_i_frame_59130 nfc_llcp_send_i_frame 3 59130 NULL +print_devstats_dot11RTSSuccessCount_59145 print_devstats_dot11RTSSuccessCount 3 59145 NULL nohasharray +framebuffer_alloc_59145 framebuffer_alloc 1 59145 &print_devstats_dot11RTSSuccessCount_59145 +radeon_compat_ioctl_59150 radeon_compat_ioctl 2 59150 NULL +pvr2_hdw_report_clients_59152 pvr2_hdw_report_clients 3 59152 NULL -+md_getxattr_59161 md_getxattr 0 59161 NULL +ksize_59176 ksize 0 59176 NULL +setup_window_59178 setup_window 4-2-5-7 59178 NULL +ocfs2_move_extent_59187 ocfs2_move_extent 2-5 59187 NULL ++xfs_ialloc_next_rec_59193 xfs_ialloc_next_rec 0 59193 NULL +xfs_iext_realloc_indirect_59211 xfs_iext_realloc_indirect 2 59211 NULL +check_mapped_selector_name_59216 check_mapped_selector_name 5 59216 NULL +dt3155_read_59226 dt3155_read 3 59226 NULL +paging64_gpte_to_gfn_lvl_59229 paging64_gpte_to_gfn_lvl 0-1-2 59229 NULL -+tty_prepare_flip_string_flags_59240 tty_prepare_flip_string_flags 4 59240 NULL +nla_len_59258 nla_len 0 59258 NULL +drbd_bm_write_page_59290 drbd_bm_write_page 2 59290 NULL +btrfs_insert_dir_item_59304 btrfs_insert_dir_item 4 59304 NULL ++xfs_iformat_fork_59312 xfs_iformat_fork 0 59312 NULL +fd_copyout_59323 fd_copyout 3 59323 NULL +read_9287_modal_eeprom_59327 read_9287_modal_eeprom 3 59327 NULL +rx_defrag_in_process_called_read_59338 rx_defrag_in_process_called_read 3 59338 NULL -+xfs_attrmulti_attr_set_59346 xfs_attrmulti_attr_set 4 59346 NULL ++xfs_attrmulti_attr_set_59346 xfs_attrmulti_attr_set 4 59346 NULL nohasharray ++xfs_alloc_lookup_le_59346 xfs_alloc_lookup_le 0 59346 &xfs_attrmulti_attr_set_59346 +__map_request_59350 __map_request 0 59350 NULL -+f2fs_fallocate_59377 f2fs_fallocate 3-4 59377 NULL ++gfs2_quota_lock_check_59353 gfs2_quota_lock_check 0 59353 NULL ++f2fs_fallocate_59377 f2fs_fallocate 4-3 59377 NULL +pvr2_debugifc_print_info_59380 pvr2_debugifc_print_info 3 59380 NULL +journal_init_dev_59384 journal_init_dev 5 59384 NULL +__net_get_random_once_59389 __net_get_random_once 2 59389 NULL @@ -113420,6 +119701,7 @@ index 0000000..9529806 +mic_vringh_copy_59523 mic_vringh_copy 4 59523 NULL +mpi_get_nbits_59551 mpi_get_nbits 0 59551 NULL +tunables_write_59563 tunables_write 3 59563 NULL ++bio_split_59564 bio_split 2 59564 NULL +__copy_from_user_ll_nozero_59571 __copy_from_user_ll_nozero 0-3 59571 NULL +write_pbl_59583 write_pbl 4 59583 NULL +memdup_user_59590 memdup_user 2 59590 NULL @@ -113429,6 +119711,7 @@ index 0000000..9529806 +mtrr_write_59622 mtrr_write 3 59622 NULL +find_first_zero_bit_59636 find_first_zero_bit 0 59636 NULL +SyS_setdomainname_59646 SyS_setdomainname 2 59646 NULL ++file_update_time_59647 file_update_time 0 59647 NULL +hidraw_read_59650 hidraw_read 3 59650 NULL +v9fs_xattr_set_acl_59651 v9fs_xattr_set_acl 4 59651 NULL +__devcgroup_check_permission_59665 __devcgroup_check_permission 0 59665 NULL @@ -113442,10 +119725,10 @@ index 0000000..9529806 +qib_decode_7220_sdma_errs_59745 qib_decode_7220_sdma_errs 4 59745 NULL +strnlen_59746 strnlen 0 59746 NULL +ext3_acl_count_59754 ext3_acl_count 0-1 59754 NULL -+long_retry_limit_read_59766 long_retry_limit_read 3 59766 NULL ++long_retry_limit_read_59766 long_retry_limit_read 3 59766 NULL nohasharray ++cap_inode_need_killpriv_59766 cap_inode_need_killpriv 0 59766 &long_retry_limit_read_59766 +venus_remove_59781 venus_remove 4 59781 NULL +mei_nfc_recv_59784 mei_nfc_recv 3 59784 NULL -+C_SYSC_preadv_59801 C_SYSC_preadv 3 59801 NULL +ipw_write_59807 ipw_write 3 59807 NULL +scsi_init_shared_tag_map_59812 scsi_init_shared_tag_map 2 59812 NULL +ieee80211_if_read_dot11MeshHWMPmaxPREQretries_59829 ieee80211_if_read_dot11MeshHWMPmaxPREQretries 3 59829 NULL @@ -113454,9 +119737,8 @@ index 0000000..9529806 +pvr2_ioread_set_sync_key_59882 pvr2_ioread_set_sync_key 3 59882 NULL +l2cap_sock_recvmsg_59886 l2cap_sock_recvmsg 4 59886 NULL +ffs_prepare_buffer_59892 ffs_prepare_buffer 2 59892 NULL -+ocfs2_extend_rotate_transaction_59894 ocfs2_extend_rotate_transaction 2-3 59894 NULL -+aic7xxx_abort_waiting_scb_59932 aic7xxx_abort_waiting_scb 0 59932 NULL +kvm_mmu_notifier_invalidate_range_start_59944 kvm_mmu_notifier_invalidate_range_start 3-4 59944 NULL ++ath10k_read_dfs_stats_59949 ath10k_read_dfs_stats 3 59949 NULL +dapm_widget_power_read_file_59950 dapm_widget_power_read_file 3 59950 NULL nohasharray +il_dbgfs_rxon_flags_read_59950 il_dbgfs_rxon_flags_read 3 59950 &dapm_widget_power_read_file_59950 +il_dbgfs_missed_beacon_read_59956 il_dbgfs_missed_beacon_read 3 59956 NULL @@ -113464,10 +119746,12 @@ index 0000000..9529806 +osd_req_read_kern_59990 osd_req_read_kern 5 59990 NULL +ghash_async_setkey_60001 ghash_async_setkey 3 60001 NULL +ieee80211_if_fmt_dot11MeshAwakeWindowDuration_60006 ieee80211_if_fmt_dot11MeshAwakeWindowDuration 3 60006 NULL ++copy_items_60009 copy_items 7 60009 NULL +rawsock_sendmsg_60010 rawsock_sendmsg 4 60010 NULL +mthca_init_cq_60011 mthca_init_cq 2 60011 NULL +osd_req_list_dev_partitions_60027 osd_req_list_dev_partitions 4 60027 NULL +xlog_bread_offset_60030 xlog_bread_offset 3 60030 NULL ++xfs_imap_to_bp_60034 xfs_imap_to_bp 0 60034 NULL +bio_integrity_hw_sectors_60039 bio_integrity_hw_sectors 0-2 60039 NULL +do_ip6t_set_ctl_60040 do_ip6t_set_ctl 4 60040 NULL +vcs_size_60050 vcs_size 0 60050 NULL @@ -113507,10 +119791,13 @@ index 0000000..9529806 +snd_hda_get_num_raw_conns_60462 snd_hda_get_num_raw_conns 0 60462 NULL +crypto_shash_setkey_60483 crypto_shash_setkey 3 60483 NULL +lustre_msg_early_size_60496 lustre_msg_early_size 0 60496 NULL ++xfs_btree_make_block_unfull_60511 xfs_btree_make_block_unfull 0 60511 NULL +v9fs_fid_readn_60544 v9fs_fid_readn 4 60544 NULL +nonpaging_map_60551 nonpaging_map 4 60551 NULL +osc_lockless_truncate_seq_write_60553 osc_lockless_truncate_seq_write 3 60553 NULL +tracing_entries_write_60563 tracing_entries_write 3 60563 NULL ++memblock_virt_alloc_try_nid_nopanic_60604 memblock_virt_alloc_try_nid_nopanic 1 60604 NULL ++inode_change_ok_60614 inode_change_ok 0 60614 NULL +skb_transport_offset_60619 skb_transport_offset 0 60619 NULL +wl1273_fm_fops_write_60621 wl1273_fm_fops_write 3 60621 NULL +acl_alloc_stack_init_60630 acl_alloc_stack_init 1 60630 NULL @@ -113524,7 +119811,9 @@ index 0000000..9529806 +opticon_write_60775 opticon_write 4 60775 NULL +acl_alloc_num_60778 acl_alloc_num 1-2 60778 NULL +snd_pcm_oss_readv3_60792 snd_pcm_oss_readv3 3 60792 NULL ++gfs2_bmap_alloc_60822 gfs2_bmap_alloc 0 60822 NULL +pwr_tx_with_ps_read_60851 pwr_tx_with_ps_read 3 60851 NULL ++__clone_and_map_data_bio_60861 __clone_and_map_data_bio 4-3 60861 NULL +alloc_buf_60864 alloc_buf 3-2 60864 NULL +generic_writepages_60871 generic_writepages 0 60871 NULL +ext4_update_inline_data_60888 ext4_update_inline_data 3 60888 NULL @@ -113533,6 +119822,7 @@ index 0000000..9529806 +mgt_set_varlen_60916 mgt_set_varlen 4 60916 NULL +scrub_chunk_60926 scrub_chunk 5 60926 NULL +submit_extent_page_60928 submit_extent_page 5 60928 NULL ++xfs_rtallocate_extent_size_60939 xfs_rtallocate_extent_size 0 60939 NULL +pti_char_write_60960 pti_char_write 3 60960 NULL +mwifiex_alloc_sdio_mpa_buffers_60961 mwifiex_alloc_sdio_mpa_buffers 2-3 60961 NULL +__a2mp_build_60987 __a2mp_build 3 60987 NULL @@ -113545,20 +119835,21 @@ index 0000000..9529806 +fuse_send_write_61053 fuse_send_write 0-4 61053 NULL +bitmap_scnlistprintf_61062 bitmap_scnlistprintf 0-2 61062 NULL +ahash_align_buffer_size_61070 ahash_align_buffer_size 0-1-2 61070 NULL ++xfs_dabuf_map_61093 xfs_dabuf_map 0 61093 NULL +get_derived_key_61100 get_derived_key 4 61100 NULL -+i40e_calculate_l2fpm_size_61104 i40e_calculate_l2fpm_size 0-1-2-3-4 61104 NULL ++mem_cgroup_cache_charge_61101 mem_cgroup_cache_charge 0 61101 NULL ++i40e_calculate_l2fpm_size_61104 i40e_calculate_l2fpm_size 0-4-3-2-1 61104 NULL +alloc_chrdev_region_61112 alloc_chrdev_region 0 61112 NULL +__probe_kernel_read_61119 __probe_kernel_read 3 61119 NULL +vmemmap_alloc_block_buf_61126 vmemmap_alloc_block_buf 1 61126 NULL +afs_proc_cells_write_61139 afs_proc_cells_write 3 61139 NULL -+brcmf_sdio_chip_cr4_exitdl_61143 brcmf_sdio_chip_cr4_exitdl 4 61143 NULL -+osl_malloc_61156 osl_malloc 2 61156 NULL +pair_device_61175 pair_device 4 61175 NULL nohasharray +event_oom_late_read_61175 event_oom_late_read 3 61175 &pair_device_61175 +dio_bio_add_page_61178 dio_bio_add_page 0 61178 NULL +SyS_prctl_61202 SyS_prctl 4 61202 NULL +arch_hibernation_header_save_61212 arch_hibernation_header_save 0 61212 NULL +smk_read_ambient_61220 smk_read_ambient 3 61220 NULL ++v9fs_mmap_file_read_61262 v9fs_mmap_file_read 3 61262 NULL +btrfs_bio_alloc_61270 btrfs_bio_alloc 3 61270 NULL nohasharray +find_get_pages_tag_61270 find_get_pages_tag 0 61270 &btrfs_bio_alloc_61270 nohasharray +ifalias_store_61270 ifalias_store 4 61270 &find_get_pages_tag_61270 @@ -113575,7 +119866,6 @@ index 0000000..9529806 +f1x_map_sysaddr_to_csrow_61344 f1x_map_sysaddr_to_csrow 2 61344 NULL +debug_debug4_read_61367 debug_debug4_read 3 61367 NULL +system_enable_write_61396 system_enable_write 3 61396 NULL -+xfs_zero_remaining_bytes_61423 xfs_zero_remaining_bytes 3 61423 NULL +unix_stream_sendmsg_61455 unix_stream_sendmsg 4 61455 NULL +snd_pcm_lib_writev_transfer_61483 snd_pcm_lib_writev_transfer 5-4-2 61483 NULL +btrfs_item_size_61485 btrfs_item_size 0 61485 NULL @@ -113594,13 +119884,13 @@ index 0000000..9529806 +configfs_write_file_61621 configfs_write_file 3 61621 NULL +ieee80211_if_fmt_hw_queues_61629 ieee80211_if_fmt_hw_queues 3 61629 NULL +i2o_parm_table_get_61635 i2o_parm_table_get 6 61635 NULL -+snd_pcm_oss_read3_61643 snd_pcm_oss_read3 0-3 61643 NULL ++snd_pcm_oss_read3_61643 snd_pcm_oss_read3 0-3 61643 NULL nohasharray ++tcf_hashinfo_init_61643 tcf_hashinfo_init 2 61643 &snd_pcm_oss_read3_61643 +resize_stripes_61650 resize_stripes 2 61650 NULL +ttm_page_pool_free_61661 ttm_page_pool_free 2-0 61661 NULL +insert_one_name_61668 insert_one_name 7 61668 NULL +qib_format_hwmsg_61679 qib_format_hwmsg 2 61679 NULL +lock_loop_61681 lock_loop 1 61681 NULL -+__do_tune_cpucache_61684 __do_tune_cpucache 2 61684 NULL +filter_read_61692 filter_read 3 61692 NULL +iov_length_61716 iov_length 0 61716 NULL +fragmentation_threshold_read_61718 fragmentation_threshold_read 3 61718 NULL @@ -113608,6 +119898,8 @@ index 0000000..9529806 +read_file_interrupt_61742 read_file_interrupt 3 61742 NULL nohasharray +read_file_regval_61742 read_file_regval 3 61742 &read_file_interrupt_61742 +SyS_sendto_61763 SyS_sendto 6 61763 NULL ++gfs2_meta_wait_61773 gfs2_meta_wait 0 61773 NULL ++xfs_file_dio_aio_write_61801 xfs_file_dio_aio_write 0 61801 NULL +mls_compute_context_len_61812 mls_compute_context_len 0 61812 NULL +bfad_debugfs_write_regwr_61841 bfad_debugfs_write_regwr 3 61841 NULL +regcache_sync_block_61846 regcache_sync_block 5-4 61846 NULL @@ -113619,8 +119911,7 @@ index 0000000..9529806 +btrfs_ioctl_clone_61886 btrfs_ioctl_clone 3-4-5 61886 NULL +lprocfs_write_frac_u64_helper_61897 lprocfs_write_frac_u64_helper 2 61897 NULL +lov_mds_md_stripecnt_61899 lov_mds_md_stripecnt 0-1 61899 NULL -+clear_refs_write_61904 clear_refs_write 3 61904 NULL nohasharray -+import_sec_check_expire_61904 import_sec_check_expire 0 61904 &clear_refs_write_61904 ++clear_refs_write_61904 clear_refs_write 3 61904 NULL +rx_filter_arp_filter_read_61914 rx_filter_arp_filter_read 3 61914 NULL +au0828_init_isoc_61917 au0828_init_isoc 3-2-4 61917 NULL +sctp_sendmsg_61919 sctp_sendmsg 4 61919 NULL @@ -113629,9 +119920,9 @@ index 0000000..9529806 +il4965_ucode_rx_stats_read_61948 il4965_ucode_rx_stats_read 3 61948 NULL +squashfs_read_id_index_table_61961 squashfs_read_id_index_table 4 61961 NULL +fix_read_error_61965 fix_read_error 4 61965 NULL -+ocfs2_quota_write_61972 ocfs2_quota_write 4-5 61972 NULL +fd_locked_ioctl_61978 fd_locked_ioctl 3 61978 NULL +cow_file_range_61979 cow_file_range 3 61979 NULL ++set_extent_delalloc_61982 set_extent_delalloc 0 61982 NULL +dequeue_event_62000 dequeue_event 3 62000 NULL +xt_compat_match_offset_62011 xt_compat_match_offset 0 62011 NULL +SyS_setxattr_62019 SyS_setxattr 4 62019 NULL @@ -113641,6 +119932,8 @@ index 0000000..9529806 +sctp_user_addto_chunk_62047 sctp_user_addto_chunk 2-3 62047 NULL +do_pselect_62061 do_pselect 1 62061 NULL +pcpu_alloc_bootmem_62074 pcpu_alloc_bootmem 2 62074 NULL ++_xfs_log_force_lsn_62083 _xfs_log_force_lsn 0 62083 NULL ++fat_setattr_62084 fat_setattr 0 62084 NULL +jffs2_security_setxattr_62107 jffs2_security_setxattr 4 62107 NULL +btrfs_direct_IO_62114 btrfs_direct_IO 4 62114 NULL +ip_recv_error_62117 ip_recv_error 3 62117 NULL @@ -113655,17 +119948,16 @@ index 0000000..9529806 +prism54_wpa_bss_ie_get_62173 prism54_wpa_bss_ie_get 0 62173 NULL +write_file_dfs_62180 write_file_dfs 3 62180 NULL +alloc_upcall_62186 alloc_upcall 2 62186 NULL -+btrfs_xattr_acl_set_62203 btrfs_xattr_acl_set 4 62203 NULL +sock_kmalloc_62205 sock_kmalloc 2 62205 NULL ++smk_read_syslog_62227 smk_read_syslog 3 62227 NULL +SYSC_setgroups16_62232 SYSC_setgroups16 1 62232 NULL +nfsd_read_file_62241 nfsd_read_file 6 62241 NULL +subtract_dirty_62242 subtract_dirty 2-3 62242 NULL -+get_random_int_62279 get_random_int 0 62279 NULL ++ion_handle_test_dma_62262 ion_handle_test_dma 4-5 62262 NULL +il_dbgfs_sram_read_62296 il_dbgfs_sram_read 3 62296 NULL +sparse_early_usemaps_alloc_pgdat_section_62304 sparse_early_usemaps_alloc_pgdat_section 2 62304 NULL +subsystem_filter_read_62310 subsystem_filter_read 3 62310 NULL +Wb35Reg_BurstWrite_62327 Wb35Reg_BurstWrite 4 62327 NULL -+ocfs2_xattr_buckets_per_cluster_62330 ocfs2_xattr_buckets_per_cluster 0 62330 NULL +subseq_list_62332 subseq_list 3-0 62332 NULL +ll_statahead_max_seq_write_62333 ll_statahead_max_seq_write 3 62333 NULL +flash_write_62354 flash_write 3 62354 NULL @@ -113673,6 +119965,7 @@ index 0000000..9529806 +rx_rx_timeout_read_62389 rx_rx_timeout_read 3 62389 NULL +altera_irscan_62396 altera_irscan 2 62396 NULL +set_ssp_62411 set_ssp 4 62411 NULL ++udf_expand_file_adinicb_62470 udf_expand_file_adinicb 0 62470 NULL +ext_rts51x_sd_execute_read_data_62501 ext_rts51x_sd_execute_read_data 9 62501 NULL +pep_sendmsg_62524 pep_sendmsg 4 62524 NULL +test_iso_queue_62534 test_iso_queue 5 62534 NULL @@ -113680,19 +119973,19 @@ index 0000000..9529806 +sco_sock_sendmsg_62542 sco_sock_sendmsg 4 62542 NULL +qib_refresh_qsfp_cache_62547 qib_refresh_qsfp_cache 0 62547 NULL +link_send_sections_long_62557 link_send_sections_long 3 62557 NULL ++compute_bitstructs_62570 compute_bitstructs 0 62570 NULL +xfrm_user_policy_62573 xfrm_user_policy 4 62573 NULL -+compat_SyS_rt_sigpending_62580 compat_SyS_rt_sigpending 2 62580 NULL +get_subdir_62581 get_subdir 3 62581 NULL +nfsd_vfs_read_62605 nfsd_vfs_read 6 62605 NULL +tipc_port_recv_sections_62609 tipc_port_recv_sections 3 62609 NULL +dut_mode_write_62630 dut_mode_write 3 62630 NULL +vfs_fsync_range_62635 vfs_fsync_range 0 62635 NULL +lpfc_sli4_queue_alloc_62646 lpfc_sli4_queue_alloc 3 62646 NULL -+ocfs2_wait_for_mask_interruptible_62675 ocfs2_wait_for_mask_interruptible 0 62675 NULL +printer_req_alloc_62687 printer_req_alloc 2 62687 NULL +bioset_integrity_create_62708 bioset_integrity_create 2 62708 NULL +gfs2_log_write_62717 gfs2_log_write 3 62717 NULL +rdm_62719 rdm 0 62719 NULL ++add_to_page_cache_62724 add_to_page_cache 0 62724 NULL +obd_ioctl_popdata_62741 obd_ioctl_popdata 3 62741 NULL +key_replays_read_62746 key_replays_read 3 62746 NULL +lov_verify_lmm_62747 lov_verify_lmm 2 62747 NULL @@ -113708,6 +120001,7 @@ index 0000000..9529806 +rx_fcs_err_read_62844 rx_fcs_err_read 3 62844 NULL +read_nic_io_dword_62859 read_nic_io_dword 0 62859 NULL +l2tp_ip6_recvmsg_62874 l2tp_ip6_recvmsg 4 62874 NULL ++xfs_rtmodify_range_62877 xfs_rtmodify_range 0 62877 NULL +aoechr_write_62883 aoechr_write 3 62883 NULL +if_spi_host_to_card_62890 if_spi_host_to_card 4 62890 NULL +ocfs2_validate_gd_parent_62905 ocfs2_validate_gd_parent 0 62905 NULL @@ -113715,7 +120009,8 @@ index 0000000..9529806 +getdqbuf_62908 getdqbuf 1 62908 NULL +ll_statahead_agl_seq_write_62928 ll_statahead_agl_seq_write 3 62928 NULL +agp_create_user_memory_62955 agp_create_user_memory 1 62955 NULL -+kstrtoull_from_user_63026 kstrtoull_from_user 2 63026 NULL ++kstrtoull_from_user_63026 kstrtoull_from_user 2 63026 NULL nohasharray ++xfs_trans_reserve_63026 xfs_trans_reserve 0 63026 &kstrtoull_from_user_63026 +__vb2_perform_fileio_63033 __vb2_perform_fileio 3 63033 NULL +pipeline_defrag_to_csum_swi_read_63037 pipeline_defrag_to_csum_swi_read 3 63037 NULL +scsi_host_alloc_63041 scsi_host_alloc 2 63041 NULL @@ -113732,6 +120027,7 @@ index 0000000..9529806 +ptp_read_63251 ptp_read 4 63251 NULL +xfs_dir2_leaf_getdents_63262 xfs_dir2_leaf_getdents 3 63262 NULL +raid5_resize_63306 raid5_resize 2 63306 NULL ++ath10k_read_fw_dbglog_63323 ath10k_read_fw_dbglog 3 63323 NULL +proc_info_read_63344 proc_info_read 3 63344 NULL +ps_upsd_max_sptime_read_63362 ps_upsd_max_sptime_read 3 63362 NULL +idmouse_read_63374 idmouse_read 3 63374 NULL @@ -113747,13 +120043,15 @@ index 0000000..9529806 +read_kcore_63488 read_kcore 3 63488 NULL +snd_pcm_plug_write_transfer_63503 snd_pcm_plug_write_transfer 0-3 63503 NULL +efx_mcdi_rpc_async_63529 efx_mcdi_rpc_async 4-5 63529 NULL -+ubi_more_leb_change_data_63534 ubi_more_leb_change_data 4 63534 NULL ++ubi_more_leb_change_data_63534 ubi_more_leb_change_data 4 63534 NULL nohasharray ++generic_cont_expand_simple_63534 generic_cont_expand_simple 0 63534 &ubi_more_leb_change_data_63534 +write_file_spectral_period_63536 write_file_spectral_period 3 63536 NULL +if_sdio_read_scratch_63540 if_sdio_read_scratch 0 63540 NULL +append_to_buffer_63550 append_to_buffer 3 63550 NULL +kvm_write_guest_page_63555 kvm_write_guest_page 5 63555 NULL +rproc_alloc_63577 rproc_alloc 5 63577 NULL +write_debug_level_63613 write_debug_level 3 63613 NULL ++__spi_validate_63618 __spi_validate 0 63618 NULL +symbol_build_supp_rates_63634 symbol_build_supp_rates 0 63634 NULL +proc_loginuid_write_63648 proc_loginuid_write 3 63648 NULL +ValidateDSDParamsChecksum_63654 ValidateDSDParamsChecksum 3 63654 NULL @@ -113769,7 +120067,6 @@ index 0000000..9529806 +spidev_compat_ioctl_63778 spidev_compat_ioctl 2 63778 NULL +mwifiex_11n_create_rx_reorder_tbl_63806 mwifiex_11n_create_rx_reorder_tbl 4 63806 NULL +copy_nodes_to_user_63807 copy_nodes_to_user 2 63807 NULL -+prepare_copy_63826 prepare_copy 2 63826 NULL +sel_write_load_63830 sel_write_load 3 63830 NULL +ll_readlink_63836 ll_readlink 3 63836 NULL +proc_pid_attr_write_63845 proc_pid_attr_write 3 63845 NULL @@ -113779,21 +120076,23 @@ index 0000000..9529806 +afs_send_simple_reply_63940 afs_send_simple_reply 3 63940 NULL +__team_options_register_63941 __team_options_register 3 63941 NULL +macvtap_recvmsg_63949 macvtap_recvmsg 4 63949 NULL -+sysfs_add_one_63969 sysfs_add_one 0 63969 NULL ++xfs_iflush_63956 xfs_iflush 0 63956 NULL +set_bredr_63975 set_bredr 4 63975 NULL +construct_key_and_link_63985 construct_key_and_link 3 63985 NULL +rs_extent_to_bm_page_63996 rs_extent_to_bm_page 0-1 63996 NULL +read_file_frameerrors_64001 read_file_frameerrors 3 64001 NULL -+hfsplus_security_setxattr_64009 hfsplus_security_setxattr 4 64009 NULL +SyS_rt_sigpending_64018 SyS_rt_sigpending 2 64018 NULL +dbAllocDmapLev_64030 dbAllocDmapLev 0 64030 NULL +SyS_fsetxattr_64039 SyS_fsetxattr 4 64039 NULL ++__generic_file_aio_write_64049 __generic_file_aio_write 0 64049 NULL +get_u8_64076 get_u8 0 64076 NULL +xilly_malloc_64077 xilly_malloc 2 64077 NULL +sl_realloc_bufs_64086 sl_realloc_bufs 2 64086 NULL +vmci_handle_arr_get_size_64088 vmci_handle_arr_get_size 0 64088 NULL +lbs_highrssi_read_64089 lbs_highrssi_read 3 64089 NULL -+SyS_set_mempolicy_64096 SyS_set_mempolicy 3 64096 NULL ++gfs2_inplace_reserve_64096 gfs2_inplace_reserve 0 64096 NULL nohasharray ++SyS_set_mempolicy_64096 SyS_set_mempolicy 3 64096 &gfs2_inplace_reserve_64096 ++to_bytes_64103 to_bytes 0-1 64103 NULL +SyS_mq_timedsend_64107 SyS_mq_timedsend 3 64107 NULL +rdma_addr_size_64116 rdma_addr_size 0 64116 NULL +do_load_xattr_datum_64118 do_load_xattr_datum 0 64118 NULL @@ -113801,16 +120100,17 @@ index 0000000..9529806 +ext4_prepare_inline_data_64124 ext4_prepare_inline_data 3 64124 NULL +init_bch_64130 init_bch 1-2 64130 NULL +ablkcipher_copy_iv_64140 ablkcipher_copy_iv 3 64140 NULL -+read_div_64147 read_div 0 64147 NULL +dlfb_ops_write_64150 dlfb_ops_write 3 64150 NULL +cpumask_scnprintf_64170 cpumask_scnprintf 0-2 64170 NULL ++kernfs_iop_setxattr_64220 kernfs_iop_setxattr 4 64220 NULL +xfs_vm_direct_IO_64223 xfs_vm_direct_IO 4 64223 NULL +read_pulse_64227 read_pulse 0-3 64227 NULL +ea_len_64229 ea_len 0 64229 NULL ++xfs_rtmodify_summary_64265 xfs_rtmodify_summary 0 64265 NULL +io_capture_transfer_64276 io_capture_transfer 4 64276 NULL +btrfs_file_extent_offset_64278 btrfs_file_extent_offset 0 64278 NULL +sta_current_tx_rate_read_64286 sta_current_tx_rate_read 3 64286 NULL -+xfs_dir_cilookup_result_64288 xfs_dir_cilookup_result 3 64288 NULL nohasharray ++xfs_dir_cilookup_result_64288 xfs_dir_cilookup_result 3-0 64288 NULL nohasharray +event_id_read_64288 event_id_read 3 64288 &xfs_dir_cilookup_result_64288 +ocfs2_block_check_validate_bhs_64302 ocfs2_block_check_validate_bhs 0 64302 NULL +snd_hda_get_sub_nodes_64304 snd_hda_get_sub_nodes 0 64304 NULL @@ -113835,7 +120135,8 @@ index 0000000..9529806 +read_file_spectral_short_repeat_64431 read_file_spectral_short_repeat 3 64431 NULL +ax25_recvmsg_64441 ax25_recvmsg 4 64441 NULL +single_open_size_64483 single_open_size 4 64483 NULL -+p54_parse_rssical_64493 p54_parse_rssical 3 64493 NULL ++p54_parse_rssical_64493 p54_parse_rssical 3 64493 NULL nohasharray ++xfs_inode_ag_walk_64493 xfs_inode_ag_walk 0 64493 &p54_parse_rssical_64493 +msg_data_sz_64503 msg_data_sz 0 64503 NULL +remove_uuid_64505 remove_uuid 4 64505 NULL +crypto_blkcipher_alignmask_64520 crypto_blkcipher_alignmask 0 64520 NULL @@ -113858,7 +120159,6 @@ index 0000000..9529806 +efx_tsoh_get_buffer_64664 efx_tsoh_get_buffer 3 64664 NULL +rx_rx_out_of_mpdu_nodes_read_64668 rx_rx_out_of_mpdu_nodes_read 3 64668 NULL +nr_free_zone_pages_64680 nr_free_zone_pages 0 64680 NULL -+sec_bulk_write_64691 sec_bulk_write 2-3 64691 NULL +snd_pcm_oss_capture_position_fixup_64713 snd_pcm_oss_capture_position_fixup 0 64713 NULL +dapm_bias_read_file_64715 dapm_bias_read_file 3 64715 NULL +atomic_add_return_64720 atomic_add_return 0-1 64720 NULL @@ -113877,8 +120177,10 @@ index 0000000..9529806 +ecryptfs_send_miscdev_64816 ecryptfs_send_miscdev 2 64816 NULL +do_kimage_alloc_64827 do_kimage_alloc 3 64827 NULL +altera_set_dr_pre_64862 altera_set_dr_pre 2 64862 NULL ++pci_vc_do_save_buffer_64876 pci_vc_do_save_buffer 0 64876 NULL +lprocfs_write_u64_helper_64880 lprocfs_write_u64_helper 2 64880 NULL +ffs_epfile_io_64886 ffs_epfile_io 3 64886 NULL ++xfs_imap_lookup_64906 xfs_imap_lookup 0 64906 NULL +ieee80211_if_read_ave_beacon_64924 ieee80211_if_read_ave_beacon 3 64924 NULL +ip_options_get_from_user_64958 ip_options_get_from_user 4 64958 NULL +traceprobe_probes_write_64969 traceprobe_probes_write 3 64969 NULL @@ -113892,12 +120194,13 @@ index 0000000..9529806 +batadv_socket_write_65083 batadv_socket_write 3 65083 NULL +ocfs2_truncate_cluster_pages_65086 ocfs2_truncate_cluster_pages 2 65086 NULL +ath9k_dump_mci_btcoex_65090 ath9k_dump_mci_btcoex 3-0 65090 NULL -+uasp_alloc_cmd_65097 uasp_alloc_cmd 0 65097 NULL +generic_ocp_write_65107 generic_ocp_write 4 65107 NULL ++__xfs_bmapi_allocate_65142 __xfs_bmapi_allocate 0 65142 NULL +rx_rx_done_read_65217 rx_rx_done_read 3 65217 NULL +print_endpoint_stat_65232 print_endpoint_stat 3-4-0 65232 NULL +whci_n_caps_65247 whci_n_caps 0 65247 NULL +kmalloc_parameter_65279 kmalloc_parameter 1 65279 NULL ++xfs_btree_check_ptr_65281 xfs_btree_check_ptr 0 65281 NULL +compat_core_sys_select_65285 compat_core_sys_select 1 65285 NULL +mpi_set_buffer_65294 mpi_set_buffer 3 65294 NULL +redirected_tty_write_65297 redirected_tty_write 3 65297 NULL @@ -113918,16 +120221,115 @@ index 0000000..9529806 +usb_alloc_coherent_65444 usb_alloc_coherent 2 65444 NULL +il_dbgfs_wd_timeout_write_65464 il_dbgfs_wd_timeout_write 3 65464 NULL +clear_user_65470 clear_user 2 65470 NULL ++xfs_alloc_lookup_ge_65481 xfs_alloc_lookup_ge 0 65481 NULL +dpcm_state_read_file_65489 dpcm_state_read_file 3 65489 NULL +lookup_inline_extent_backref_65493 lookup_inline_extent_backref 9 65493 NULL +nvme_trans_standard_inquiry_page_65526 nvme_trans_standard_inquiry_page 4 65526 NULL +tree_mod_log_eb_copy_65535 tree_mod_log_eb_copy 6 65535 NULL -diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c +diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash_aux.data b/tools/gcc/size_overflow_plugin/size_overflow_hash_aux.data +new file mode 100644 +index 0000000..560cd7b +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/size_overflow_hash_aux.data +@@ -0,0 +1,92 @@ ++spa_set_aux_vdevs_746 spa_set_aux_vdevs 3 746 NULL ++zfs_lookup_2144 zfs_lookup 0 2144 NULL ++mappedread_2627 mappedread 2 2627 NULL ++vdev_disk_dio_alloc_2957 vdev_disk_dio_alloc 1 2957 NULL ++nv_alloc_pushpage_spl_4286 nv_alloc_pushpage_spl 2 4286 NULL ++zpl_xattr_get_4574 zpl_xattr_get 0 4574 NULL ++sa_replace_all_by_template_5699 sa_replace_all_by_template 3 5699 NULL ++dmu_write_6048 dmu_write 4-3 6048 NULL ++dmu_buf_hold_array_6095 dmu_buf_hold_array 4-3 6095 NULL ++update_pages_6225 update_pages 2-3 6225 NULL ++bio_nr_pages_7117 bio_nr_pages 0-2 7117 NULL ++dmu_buf_hold_array_by_bonus_8562 dmu_buf_hold_array_by_bonus 3-2 8562 NULL ++zpios_dmu_write_8858 zpios_dmu_write 4-5 8858 NULL ++ddi_copyout_9401 ddi_copyout 3 9401 NULL ++avl_numnodes_12384 avl_numnodes 0 12384 NULL ++dmu_write_uio_dnode_12473 dmu_write_uio_dnode 3 12473 NULL ++dmu_xuio_init_12866 dmu_xuio_init 2 12866 NULL ++zpl_read_common_14389 zpl_read_common 0 14389 NULL ++dmu_snapshot_realname_14632 dmu_snapshot_realname 4 14632 NULL ++kmem_alloc_debug_14852 kmem_alloc_debug 1 14852 NULL ++kmalloc_node_nofail_15151 kmalloc_node_nofail 1 15151 NULL ++dmu_write_uio_16351 dmu_write_uio 4 16351 NULL ++zfs_log_write_16524 zfs_log_write 6-5 16524 NULL ++sa_build_layouts_16910 sa_build_layouts 3 16910 NULL ++dsl_dir_namelen_17053 dsl_dir_namelen 0 17053 NULL ++kcopy_copy_to_user_17336 kcopy_copy_to_user 5 17336 NULL ++sa_add_layout_entry_17507 sa_add_layout_entry 3 17507 NULL ++sa_attr_table_setup_18029 sa_attr_table_setup 3 18029 NULL ++uiocopy_18680 uiocopy 2 18680 NULL ++dmu_buf_hold_array_by_dnode_19125 dmu_buf_hold_array_by_dnode 2-3 19125 NULL ++zpl_acl_from_xattr_21141 zpl_acl_from_xattr 2 21141 NULL ++dsl_pool_tx_assign_init_22518 dsl_pool_tx_assign_init 2 22518 NULL ++nvlist_lookup_byte_array_22527 nvlist_lookup_byte_array 0 22527 NULL ++sa_replace_all_by_template_locked_22533 sa_replace_all_by_template_locked 3 22533 NULL ++tsd_hash_table_init_22559 tsd_hash_table_init 1 22559 NULL ++spa_vdev_remove_aux_23966 spa_vdev_remove_aux 4 23966 NULL ++zpl_xattr_acl_set_access_24129 zpl_xattr_acl_set_access 4 24129 NULL ++dmu_assign_arcbuf_24622 dmu_assign_arcbuf 2 24622 NULL ++zap_lookup_norm_25166 zap_lookup_norm 9 25166 NULL ++dmu_prealloc_25456 dmu_prealloc 4-3 25456 NULL ++kmalloc_nofail_26347 kmalloc_nofail 1 26347 NULL ++zfsctl_snapshot_zpath_27578 zfsctl_snapshot_zpath 2 27578 NULL ++zpios_dmu_read_30015 zpios_dmu_read 4-5 30015 NULL ++splat_write_30943 splat_write 3 30943 NULL ++zpl_xattr_get_sa_31183 zpl_xattr_get_sa 0 31183 NULL ++dmu_read_uio_31467 dmu_read_uio 4 31467 NULL ++zfs_replay_fuids_31479 zfs_replay_fuids 4 31479 NULL ++spa_history_log_to_phys_31632 spa_history_log_to_phys 0-1 31632 NULL ++__zpl_xattr_get_32601 __zpl_xattr_get 0 32601 NULL ++proc_copyout_string_34049 proc_copyout_string 2 34049 NULL ++nv_alloc_sleep_spl_34544 nv_alloc_sleep_spl 2 34544 NULL ++nv_alloc_nosleep_spl_34761 nv_alloc_nosleep_spl 2 34761 NULL ++zap_leaf_array_match_36922 zap_leaf_array_match 4 36922 NULL ++copyinstr_36980 copyinstr 3 36980 NULL ++zpl_xattr_acl_set_default_37864 zpl_xattr_acl_set_default 4 37864 NULL ++splat_read_38116 splat_read 3 38116 NULL ++sa_setup_38756 sa_setup 4 38756 NULL ++vdev_disk_physio_39898 vdev_disk_physio 3 39898 NULL ++arc_buf_size_39982 arc_buf_size 0 39982 NULL ++kzalloc_nofail_40719 kzalloc_nofail 1 40719 NULL ++fuidstr_to_sid_40777 fuidstr_to_sid 4 40777 NULL ++vdev_raidz_matrix_reconstruct_40852 vdev_raidz_matrix_reconstruct 2-3 40852 NULL ++sa_find_layout_40892 sa_find_layout 4 40892 NULL ++zpl_xattr_get_dir_41918 zpl_xattr_get_dir 0 41918 NULL ++zfs_sa_get_xattr_42600 zfs_sa_get_xattr 0 42600 NULL ++zpl_xattr_acl_set_42808 zpl_xattr_acl_set 4 42808 NULL ++xdr_dec_array_43091 xdr_dec_array 5 43091 NULL ++dsl_dataset_namelen_43136 dsl_dataset_namelen 0 43136 NULL ++kcopy_write_43683 kcopy_write 3 43683 NULL ++uiomove_44355 uiomove 2 44355 NULL ++dmu_read_44418 dmu_read 4-3 44418 NULL ++ddi_copyin_44846 ddi_copyin 3 44846 NULL ++kcopy_do_get_45061 kcopy_do_get 5 45061 NULL ++copyin_45945 copyin 3 45945 NULL ++zil_itx_create_46555 zil_itx_create 2 46555 NULL ++dmu_write_uio_dbuf_48064 dmu_write_uio_dbuf 3 48064 NULL ++blk_rq_pos_48233 blk_rq_pos 0 48233 NULL ++spa_history_write_49650 spa_history_write 3 49650 NULL ++kcopy_copy_pages_to_user_49823 kcopy_copy_pages_to_user 3-4 49823 NULL ++zfs_log_write_50162 zfs_log_write 6-5 50162 NULL ++i_fm_alloc_51038 i_fm_alloc 2 51038 NULL ++copyout_51409 copyout 3 51409 NULL ++zvol_log_write_54898 zvol_log_write 4-3 54898 NULL ++zfs_acl_node_alloc_55641 zfs_acl_node_alloc 1 55641 NULL ++get_nvlist_56685 get_nvlist 2 56685 NULL ++zprop_get_numprops_56820 zprop_get_numprops 0 56820 NULL ++splat_taskq_test4_common_59829 splat_taskq_test4_common 5 59829 NULL ++zfs_replay_domain_cnt_61399 zfs_replay_domain_cnt 0 61399 NULL ++zpios_write_61823 zpios_write 3 61823 NULL ++proc_copyin_string_62019 proc_copyin_string 4 62019 NULL ++random_get_pseudo_bytes_64611 random_get_pseudo_bytes 2 64611 NULL ++zpios_read_64734 zpios_read 3 64734 NULL +diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c new file mode 100644 -index 0000000..fa0524c +index 0000000..e6fe17b --- /dev/null -+++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,4101 @@ ++++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c +@@ -0,0 +1,259 @@ +/* + * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -113943,99 +120345,27 @@ index 0000000..fa0524c + * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. + * + * Usage: -+ * $ # for 4.5/4.6/C based 4.7 -+ * $ gcc -I`gcc -print-file-name=plugin`/include -I`gcc -print-file-name=plugin`/include/c-family -fPIC -shared -O2 -std=gnu99 -ggdb -o size_overflow_plugin.so size_overflow_plugin.c -+ * $ # for C++ based 4.7/4.8+ -+ * $ g++ -I`g++ -print-file-name=plugin`/include -I`g++ -print-file-name=plugin`/include/c-family -fPIC -shared -O2 -std=gnu++98 -fno-rtti -ggdb -o size_overflow_plugin.so size_overflow_plugin.c -+ * -+ * $ gcc -fplugin=./size_overflow_plugin.so test.c -O2 ++ * $ make ++ * $ make run + */ + +#include "gcc-common.h" ++#include "size_overflow.h" + +int plugin_is_GPL_compatible; + -+static struct plugin_info size_overflow_plugin_info = { -+ .version = "20140317", -+ .help = "no-size-overflow\tturn off size overflow checking\n", -+}; ++tree report_size_overflow_decl; + -+#define BEFORE_STMT true -+#define AFTER_STMT false -+#define CREATE_NEW_VAR NULL_TREE -+#define CODES_LIMIT 32 -+#define MAX_PARAM 31 -+#define VEC_LEN 128 -+#define RET_CHECK NULL_TREE -+#define CANNOT_FIND_ARG 32 -+#define WRONG_NODE 32 -+#define NOT_INTENTIONAL_ASM NULL -+#define MIN_CHECK true -+#define MAX_CHECK false ++tree size_overflow_type_HI; ++tree size_overflow_type_SI; ++tree size_overflow_type_DI; ++tree size_overflow_type_TI; + -+#define TURN_OFF_ASM_STR "# size_overflow MARK_TURN_OFF " -+#define YES_ASM_STR "# size_overflow MARK_YES " -+#define OK_ASM_STR "# size_overflow " -+ -+struct size_overflow_hash { -+ const struct size_overflow_hash * const next; -+ const char * const name; -+ const unsigned int param; -+}; -+ -+#include "size_overflow_hash.h" -+ -+enum mark { -+ MARK_NO, MARK_YES, MARK_NOT_INTENTIONAL, MARK_TURN_OFF -+}; -+ -+static unsigned int call_count; -+ -+enum stmt_flags { -+ MY_STMT, NO_CAST_CHECK, VISITED_STMT, NO_FLAGS -+}; -+ -+struct visited { -+ struct visited *next; -+ const_tree fndecl; -+ unsigned int num; -+}; -+ -+struct next_cgraph_node { -+ struct next_cgraph_node *next; -+ struct cgraph_node *current_function; -+ tree callee_fndecl; -+ unsigned int num; -+}; -+ -+struct interesting_node { -+ struct interesting_node *next; -+ gimple first_stmt; -+ const_tree fndecl; -+ tree node; -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC(tree, gc) *last_nodes; -+#else -+ vec<tree, va_gc> *last_nodes; -+#endif -+ unsigned int num; -+ enum mark intentional_attr_decl; -+ enum mark intentional_attr_cur_fndecl; -+ gimple intentional_mark_from_gimple; ++static struct plugin_info size_overflow_plugin_info = { ++ .version = "20140517", ++ .help = "no-size-overflow\tturn off size overflow checking\n", +}; + -+static tree report_size_overflow_decl; -+ -+static tree expand(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree lhs); -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs); -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs); -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs); -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs); -+ -+static void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before); -+static tree get_size_overflow_type(gimple stmt, const_tree node); -+static tree dup_assign(struct pointer_set_t *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); -+ +static tree handle_size_overflow_attribute(tree *node, tree __unused name, tree args, int __unused flags, bool *no_add_attrs) +{ + unsigned int arg_count; @@ -114131,117 +120461,166 @@ index 0000000..fa0524c + register_attribute(&intentional_overflow_attr); +} + -+static enum stmt_flags get_stmt_flag(gimple stmt) ++static tree create_typedef(tree type, const char* ident) +{ -+ bool bit_1, bit_2; -+ -+ bit_1 = gimple_plf(stmt, GF_PLF_1); -+ bit_2 = gimple_plf(stmt, GF_PLF_2); ++ tree new_type, decl; + -+ if (!bit_1 && !bit_2) -+ return NO_FLAGS; -+ if (bit_1 && bit_2) -+ return MY_STMT; -+ if (!bit_1 && bit_2) -+ return VISITED_STMT; -+ return NO_CAST_CHECK; ++ new_type = build_variant_type_copy(type); ++ decl = build_decl(BUILTINS_LOCATION, TYPE_DECL, get_identifier(ident), new_type); ++ DECL_ORIGINAL_TYPE(decl) = type; ++ TYPE_NAME(new_type) = decl; ++ return new_type; +} + -+static void set_stmt_flag(gimple stmt, enum stmt_flags new_flag) ++// Create the noreturn report_size_overflow() function decl. ++static void size_overflow_start_unit(void __unused *gcc_data, void __unused *user_data) +{ -+ bool bit_1, bit_2; ++ tree const_char_ptr_type_node; ++ tree fntype; + -+ switch (new_flag) { -+ case NO_FLAGS: -+ bit_1 = bit_2 = false; -+ break; -+ case MY_STMT: -+ bit_1 = bit_2 = true; -+ break; -+ case VISITED_STMT: -+ bit_1 = false; -+ bit_2 = true; -+ break; -+ case NO_CAST_CHECK: -+ bit_1 = true; -+ bit_2 = false; -+ break; -+ default: -+ gcc_unreachable(); -+ } ++ const_char_ptr_type_node = build_pointer_type(build_type_variant(char_type_node, 1, 0)); ++ ++ size_overflow_type_HI = create_typedef(intHI_type_node, "size_overflow_type_HI"); ++ size_overflow_type_SI = create_typedef(intSI_type_node, "size_overflow_type_SI"); ++ size_overflow_type_DI = create_typedef(intDI_type_node, "size_overflow_type_DI"); ++ size_overflow_type_TI = create_typedef(intTI_type_node, "size_overflow_type_TI"); ++ ++ // void report_size_overflow(const char *loc_file, unsigned int loc_line, const char *current_func, const char *ssa_var) ++ fntype = build_function_type_list(void_type_node, ++ const_char_ptr_type_node, ++ unsigned_type_node, ++ const_char_ptr_type_node, ++ const_char_ptr_type_node, ++ NULL_TREE); ++ report_size_overflow_decl = build_fn_decl("report_size_overflow", fntype); + -+ gimple_set_plf(stmt, GF_PLF_1, bit_1); -+ gimple_set_plf(stmt, GF_PLF_2, bit_2); ++ DECL_ASSEMBLER_NAME(report_size_overflow_decl); ++ TREE_PUBLIC(report_size_overflow_decl) = 1; ++ DECL_EXTERNAL(report_size_overflow_decl) = 1; ++ DECL_ARTIFICIAL(report_size_overflow_decl) = 1; ++ TREE_THIS_VOLATILE(report_size_overflow_decl) = 1; +} + -+static bool is_bool(const_tree node) -+{ -+ const_tree type; + -+ if (node == NULL_TREE) -+ return false; ++extern struct gimple_opt_pass pass_dce; + -+ type = TREE_TYPE(node); -+ if (!INTEGRAL_TYPE_P(type)) -+ return false; -+ if (TREE_CODE(type) == BOOLEAN_TYPE) -+ return true; -+ if (TYPE_PRECISION(type) == 1) -+ return true; -+ return false; ++static struct opt_pass *make_dce_pass(void) ++{ ++#if BUILDING_GCC_VERSION >= 4009 ++ return make_pass_dce(g); ++#else ++ return &pass_dce.pass; ++#endif +} + -+static bool skip_types(const_tree var) ++ ++int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ -+ tree type; -+ enum tree_code code; ++ int i; ++ const char * const plugin_name = plugin_info->base_name; ++ const int argc = plugin_info->argc; ++ const struct plugin_argument * const argv = plugin_info->argv; ++ bool enable = true; ++ struct register_pass_info insert_size_overflow_asm_pass_info; ++ struct register_pass_info __unused dump_before_pass_info; ++ struct register_pass_info __unused dump_after_pass_info; ++ struct register_pass_info insert_size_overflow_check_info; ++ struct register_pass_info dce_pass_info; ++ static const struct ggc_root_tab gt_ggc_r_gt_size_overflow[] = { ++ { ++ .base = &report_size_overflow_decl, ++ .nelt = 1, ++ .stride = sizeof(report_size_overflow_decl), ++ .cb = >_ggc_mx_tree_node, ++ .pchw = >_pch_nx_tree_node ++ }, ++ LAST_GGC_ROOT_TAB ++ }; + -+ if (is_gimple_constant(var)) -+ return true; ++ insert_size_overflow_asm_pass_info.pass = make_insert_size_overflow_asm_pass(); ++ insert_size_overflow_asm_pass_info.reference_pass_name = "ssa"; ++ insert_size_overflow_asm_pass_info.ref_pass_instance_number = 1; ++ insert_size_overflow_asm_pass_info.pos_op = PASS_POS_INSERT_AFTER; + -+ switch (TREE_CODE(var)) { -+ case ADDR_EXPR: -+#if BUILDING_GCC_VERSION >= 4006 -+ case MEM_REF: -+#endif -+ case ARRAY_REF: -+ case BIT_FIELD_REF: -+ case INDIRECT_REF: -+ case TARGET_MEM_REF: -+ case COMPONENT_REF: -+ case VAR_DECL: -+ case VIEW_CONVERT_EXPR: -+ return true; -+ default: -+ break; ++ dump_before_pass_info.pass = make_dump_pass(); ++ dump_before_pass_info.reference_pass_name = "increase_alignment"; ++ dump_before_pass_info.ref_pass_instance_number = 1; ++ dump_before_pass_info.pos_op = PASS_POS_INSERT_BEFORE; ++ ++ insert_size_overflow_check_info.pass = make_insert_size_overflow_check(); ++ insert_size_overflow_check_info.reference_pass_name = "increase_alignment"; ++ insert_size_overflow_check_info.ref_pass_instance_number = 1; ++ insert_size_overflow_check_info.pos_op = PASS_POS_INSERT_BEFORE; ++ ++ dump_after_pass_info.pass = make_dump_pass(); ++ dump_after_pass_info.reference_pass_name = "increase_alignment"; ++ dump_after_pass_info.ref_pass_instance_number = 1; ++ dump_after_pass_info.pos_op = PASS_POS_INSERT_BEFORE; ++ ++ dce_pass_info.pass = make_dce_pass(); ++ dce_pass_info.reference_pass_name = "vrp"; ++ dce_pass_info.ref_pass_instance_number = 1; ++ dce_pass_info.pos_op = PASS_POS_INSERT_AFTER; ++ ++ if (!plugin_default_version_check(version, &gcc_version)) { ++ error(G_("incompatible gcc/plugin versions")); ++ return 1; + } + -+ code = TREE_CODE(var); -+ gcc_assert(code == SSA_NAME || code == PARM_DECL); ++ for (i = 0; i < argc; ++i) { ++ if (!strcmp(argv[i].key, "no-size-overflow")) { ++ enable = false; ++ continue; ++ } ++ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); ++ } + -+ type = TREE_TYPE(var); -+ switch (TREE_CODE(type)) { -+ case INTEGER_TYPE: -+ case ENUMERAL_TYPE: -+ return false; -+ case BOOLEAN_TYPE: -+ return is_bool(var); -+ default: -+ return true; ++ register_callback(plugin_name, PLUGIN_INFO, NULL, &size_overflow_plugin_info); ++ if (enable) { ++ register_callback(plugin_name, PLUGIN_START_UNIT, &size_overflow_start_unit, NULL); ++ register_callback(plugin_name, PLUGIN_REGISTER_GGC_ROOTS, NULL, (void *)>_ggc_r_gt_size_overflow); ++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &insert_size_overflow_asm_pass_info); ++// register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dump_before_pass_info); ++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &insert_size_overflow_check_info); ++// register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dump_after_pass_info); ++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dce_pass_info); + } ++ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); ++ ++ return 0; +} +diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c +new file mode 100644 +index 0000000..0888f6c +--- /dev/null ++++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin_hash.c +@@ -0,0 +1,364 @@ ++/* ++ * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> ++ * Licensed under the GPL v2, or (at your option) v3 ++ * ++ * Homepage: ++ * http://www.grsecurity.net/~ephox/overflow_plugin/ ++ * ++ * Documentation: ++ * http://forums.grsecurity.net/viewtopic.php?f=7&t=3043 ++ * ++ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute ++ * with double integer precision (DImode/TImode for 32/64 bit integer types). ++ * The recomputed argument is checked against TYPE_MAX and an event is logged on overflow and the triggering process is killed. ++ * ++ * Usage: ++ * $ make ++ * $ make run ++ */ + -+static inline gimple get_def_stmt(const_tree node) -+{ -+ gcc_assert(node != NULL_TREE); ++#include "gcc-common.h" ++#include "size_overflow.h" + -+ if (skip_types(node)) -+ return NULL; ++#include "size_overflow_hash.h" ++#include "size_overflow_hash_aux.h" + -+ if (TREE_CODE(node) != SSA_NAME) -+ return NULL; -+ return SSA_NAME_DEF_STMT(node); -+} ++#define CODES_LIMIT 32 + +static unsigned char get_tree_code(const_tree type) +{ @@ -114375,7 +120754,17 @@ index 0000000..fa0524c + set_node_codes(TREE_VALUE(arg), fn_hash_data); +} + -+static const struct size_overflow_hash *get_function_hash(const_tree fndecl) ++static const struct size_overflow_hash *get_proper_hash_chain(const struct size_overflow_hash *entry, const char *func_name) ++{ ++ while (entry) { ++ if (!strcmp(entry->name, func_name)) ++ return entry; ++ entry = entry->next; ++ } ++ return NULL; ++} ++ ++const struct size_overflow_hash *get_function_hash(const_tree fndecl) +{ + const struct size_overflow_hash *entry; + struct function_hash fn_hash_data; @@ -114395,13 +120784,11 @@ index 0000000..fa0524c + set_hash(func_name, &fn_hash_data); + + entry = size_overflow_hash[fn_hash_data.hash]; -+ -+ while (entry) { -+ if (!strcmp(entry->name, func_name)) -+ return entry; -+ entry = entry->next; -+ } -+ return NULL; ++ entry = get_proper_hash_chain(entry, func_name); ++ if (entry) ++ return entry; ++ entry = size_overflow_hash_aux[fn_hash_data.hash]; ++ return get_proper_hash_chain(entry, func_name); +} + +static void print_missing_msg(const_tree func, unsigned int argnum) @@ -114422,7 +120809,7 @@ index 0000000..fa0524c + inform(loc, "Function %s is missing from the size_overflow hash table +%s+%u+%u+", curfunc, curfunc, argnum, fn_hash_data.hash); +} + -+static unsigned int find_arg_number_tree(const_tree arg, const_tree func) ++unsigned int find_arg_number_tree(const_tree arg, const_tree func) +{ + tree var; + unsigned int argnum = 1; @@ -114440,1240 +120827,65 @@ index 0000000..fa0524c + return CANNOT_FIND_ARG; +} + -+static tree create_new_var(tree type) -+{ -+ tree new_var = create_tmp_var(type, "cicus"); -+ -+ add_referenced_var(new_var); -+ return new_var; -+} -+ -+static gimple create_binary_assign(enum tree_code code, gimple stmt, tree rhs1, tree rhs2) -+{ -+ gimple assign; -+ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); -+ tree type = TREE_TYPE(rhs1); -+ tree lhs = create_new_var(type); -+ -+ gcc_assert(types_compatible_p(type, TREE_TYPE(rhs2))); -+ assign = gimple_build_assign_with_ops(code, lhs, rhs1, rhs2); -+ gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); -+ -+ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); -+ update_stmt(assign); -+ set_stmt_flag(assign, MY_STMT); -+ return assign; -+} -+ -+static tree cast_a_tree(tree type, tree var) -+{ -+ gcc_assert(type != NULL_TREE); -+ gcc_assert(var != NULL_TREE); -+ gcc_assert(fold_convertible_p(type, var)); -+ -+ return fold_convert(type, var); -+} -+ -+static tree get_lhs(const_gimple stmt) -+{ -+ switch (gimple_code(stmt)) { -+ case GIMPLE_ASSIGN: -+ case GIMPLE_CALL: -+ return gimple_get_lhs(stmt); -+ case GIMPLE_PHI: -+ return gimple_phi_result(stmt); -+ default: -+ return NULL_TREE; -+ } -+} -+ -+static bool skip_cast(tree dst_type, const_tree rhs, bool force) -+{ -+ const_gimple def_stmt = get_def_stmt(rhs); -+ -+ if (force) -+ return false; -+ -+ if (is_gimple_constant(rhs)) -+ return false; -+ -+ if (!def_stmt || gimple_code(def_stmt) == GIMPLE_NOP) -+ return false; -+ -+ if (!types_compatible_p(dst_type, TREE_TYPE(rhs))) -+ return false; -+ -+ // DI type can be on 32 bit (from create_assign) but overflow type stays DI -+ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) -+ return false; -+ -+ return true; -+} -+ -+static gimple build_cast_stmt(tree dst_type, tree rhs, tree lhs, gimple_stmt_iterator *gsi, bool before, bool force) -+{ -+ gimple assign, def_stmt; -+ -+ gcc_assert(dst_type != NULL_TREE && rhs != NULL_TREE); -+ if (gsi_end_p(*gsi) && before == AFTER_STMT) -+ gcc_unreachable(); -+ -+ def_stmt = get_def_stmt(rhs); -+ if (def_stmt && gimple_code(def_stmt) != GIMPLE_NOP && skip_cast(dst_type, rhs, force) && get_stmt_flag(def_stmt) == MY_STMT) -+ return def_stmt; -+ -+ if (lhs == CREATE_NEW_VAR) -+ lhs = create_new_var(dst_type); -+ -+ assign = gimple_build_assign(lhs, cast_a_tree(dst_type, rhs)); -+ -+ if (!gsi_end_p(*gsi)) { -+ location_t loc = gimple_location(gsi_stmt(*gsi)); -+ gimple_set_location(assign, loc); -+ } -+ -+ gimple_assign_set_lhs(assign, make_ssa_name(lhs, assign)); -+ -+ if (before) -+ gsi_insert_before(gsi, assign, GSI_NEW_STMT); -+ else -+ gsi_insert_after(gsi, assign, GSI_NEW_STMT); -+ update_stmt(assign); -+ return assign; -+} -+ -+static tree cast_to_new_size_overflow_type(gimple stmt, tree rhs, tree size_overflow_type, bool before) -+{ -+ gimple_stmt_iterator gsi; -+ tree lhs; -+ gimple new_stmt; -+ -+ if (rhs == NULL_TREE) -+ return NULL_TREE; -+ -+ gsi = gsi_for_stmt(stmt); -+ new_stmt = build_cast_stmt(size_overflow_type, rhs, CREATE_NEW_VAR, &gsi, before, false); -+ set_stmt_flag(new_stmt, MY_STMT); -+ -+ lhs = get_lhs(new_stmt); -+ gcc_assert(lhs != NULL_TREE); -+ return lhs; -+} -+ -+static tree cast_to_TI_type(gimple stmt, tree node) -+{ -+ gimple_stmt_iterator gsi; -+ gimple cast_stmt; -+ tree type = TREE_TYPE(node); -+ -+ if (types_compatible_p(type, intTI_type_node)) -+ return node; -+ -+ gsi = gsi_for_stmt(stmt); -+ cast_stmt = build_cast_stmt(intTI_type_node, node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ set_stmt_flag(cast_stmt, MY_STMT); -+ return gimple_assign_lhs(cast_stmt); -+} -+ -+static tree create_assign(struct pointer_set_t *visited, gimple oldstmt, tree rhs1, bool before) -+{ -+ tree lhs, new_lhs; -+ gimple_stmt_iterator gsi; -+ -+ if (rhs1 == NULL_TREE) { -+ debug_gimple_stmt(oldstmt); -+ error("%s: rhs1 is NULL_TREE", __func__); -+ gcc_unreachable(); -+ } -+ -+ switch (gimple_code(oldstmt)) { -+ case GIMPLE_ASM: -+ lhs = rhs1; -+ break; -+ case GIMPLE_CALL: -+ case GIMPLE_ASSIGN: -+ lhs = gimple_get_lhs(oldstmt); -+ break; -+ default: -+ debug_gimple_stmt(oldstmt); -+ gcc_unreachable(); -+ } -+ -+ gsi = gsi_for_stmt(oldstmt); -+ pointer_set_insert(visited, oldstmt); -+ if (lookup_stmt_eh_lp(oldstmt) != 0) { -+ basic_block next_bb, cur_bb; -+ const_edge e; -+ -+ gcc_assert(before == false); -+ gcc_assert(stmt_can_throw_internal(oldstmt)); -+ gcc_assert(gimple_code(oldstmt) == GIMPLE_CALL); -+ gcc_assert(!gsi_end_p(gsi)); -+ -+ cur_bb = gimple_bb(oldstmt); -+ next_bb = cur_bb->next_bb; -+ e = find_edge(cur_bb, next_bb); -+ gcc_assert(e != NULL); -+ gcc_assert(e->flags & EDGE_FALLTHRU); -+ -+ gsi = gsi_after_labels(next_bb); -+ gcc_assert(!gsi_end_p(gsi)); -+ -+ before = true; -+ oldstmt = gsi_stmt(gsi); -+ } -+ -+ new_lhs = cast_to_new_size_overflow_type(oldstmt, rhs1, get_size_overflow_type(oldstmt, lhs), before); -+ return new_lhs; -+} -+ -+static tree dup_assign(struct pointer_set_t *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3) -+{ -+ gimple stmt; -+ gimple_stmt_iterator gsi; -+ tree size_overflow_type, new_var, lhs = gimple_assign_lhs(oldstmt); -+ -+ if (get_stmt_flag(oldstmt) == MY_STMT) -+ return lhs; -+ -+ if (gimple_num_ops(oldstmt) != 4 && rhs1 == NULL_TREE) { -+ rhs1 = gimple_assign_rhs1(oldstmt); -+ rhs1 = create_assign(visited, oldstmt, rhs1, BEFORE_STMT); -+ } -+ if (gimple_num_ops(oldstmt) == 3 && rhs2 == NULL_TREE) { -+ rhs2 = gimple_assign_rhs2(oldstmt); -+ rhs2 = create_assign(visited, oldstmt, rhs2, BEFORE_STMT); -+ } -+ -+ stmt = gimple_copy(oldstmt); -+ gimple_set_location(stmt, gimple_location(oldstmt)); -+ set_stmt_flag(stmt, MY_STMT); -+ -+ if (gimple_assign_rhs_code(oldstmt) == WIDEN_MULT_EXPR) -+ gimple_assign_set_rhs_code(stmt, MULT_EXPR); -+ -+ size_overflow_type = get_size_overflow_type(oldstmt, node); -+ -+ new_var = create_new_var(size_overflow_type); -+ new_var = make_ssa_name(new_var, stmt); -+ gimple_assign_set_lhs(stmt, new_var); -+ -+ if (rhs1 != NULL_TREE) -+ gimple_assign_set_rhs1(stmt, rhs1); -+ -+ if (rhs2 != NULL_TREE) -+ gimple_assign_set_rhs2(stmt, rhs2); -+#if BUILDING_GCC_VERSION >= 4006 -+ if (rhs3 != NULL_TREE) -+ gimple_assign_set_rhs3(stmt, rhs3); -+#endif -+ gimple_set_vuse(stmt, gimple_vuse(oldstmt)); -+ gimple_set_vdef(stmt, gimple_vdef(oldstmt)); -+ -+ gsi = gsi_for_stmt(oldstmt); -+ gsi_insert_after(&gsi, stmt, GSI_SAME_STMT); -+ update_stmt(stmt); -+ pointer_set_insert(visited, oldstmt); -+ return gimple_assign_lhs(stmt); -+} -+ -+static tree cast_parm_decl(tree phi_ssa_name, tree arg, tree size_overflow_type, basic_block bb) -+{ -+ gimple assign; -+ gimple_stmt_iterator gsi; -+ basic_block first_bb; -+ -+ gcc_assert(SSA_NAME_IS_DEFAULT_DEF(arg)); -+ -+ if (bb->index == 0) { -+ first_bb = split_block_after_labels(ENTRY_BLOCK_PTR_FOR_FN(cfun))->dest; -+ gcc_assert(dom_info_available_p(CDI_DOMINATORS)); -+ set_immediate_dominator(CDI_DOMINATORS, first_bb, ENTRY_BLOCK_PTR_FOR_FN(cfun)); -+ bb = first_bb; -+ } -+ -+ gsi = gsi_after_labels(bb); -+ assign = build_cast_stmt(size_overflow_type, arg, phi_ssa_name, &gsi, BEFORE_STMT, false); -+ set_stmt_flag(assign, MY_STMT); -+ -+ return gimple_assign_lhs(assign); -+} -+ -+static tree use_phi_ssa_name(tree ssa_name_var, tree new_arg) -+{ -+ gimple_stmt_iterator gsi; -+ gimple assign, def_stmt = get_def_stmt(new_arg); -+ -+ if (gimple_code(def_stmt) == GIMPLE_PHI) { -+ gsi = gsi_after_labels(gimple_bb(def_stmt)); -+ assign = build_cast_stmt(TREE_TYPE(new_arg), new_arg, ssa_name_var, &gsi, BEFORE_STMT, true); -+ } else { -+ gsi = gsi_for_stmt(def_stmt); -+ assign = build_cast_stmt(TREE_TYPE(new_arg), new_arg, ssa_name_var, &gsi, AFTER_STMT, true); -+ } -+ -+ set_stmt_flag(assign, MY_STMT); -+ return gimple_assign_lhs(assign); -+} -+ -+static tree cast_visited_phi_arg(tree ssa_name_var, tree arg, tree size_overflow_type) -+{ -+ basic_block bb; -+ gimple_stmt_iterator gsi; -+ const_gimple def_stmt; -+ gimple assign; -+ -+ def_stmt = get_def_stmt(arg); -+ bb = gimple_bb(def_stmt); -+ gcc_assert(bb->index != 0); -+ gsi = gsi_after_labels(bb); -+ -+ assign = build_cast_stmt(size_overflow_type, arg, ssa_name_var, &gsi, BEFORE_STMT, false); -+ set_stmt_flag(assign, MY_STMT); -+ return gimple_assign_lhs(assign); -+} -+ -+static tree create_new_phi_arg(tree ssa_name_var, tree new_arg, gimple oldstmt, unsigned int i) -+{ -+ tree size_overflow_type; -+ tree arg; -+ const_gimple def_stmt; -+ -+ if (new_arg != NULL_TREE && is_gimple_constant(new_arg)) -+ return new_arg; -+ -+ arg = gimple_phi_arg_def(oldstmt, i); -+ def_stmt = get_def_stmt(arg); -+ gcc_assert(def_stmt != NULL); -+ size_overflow_type = get_size_overflow_type(oldstmt, arg); -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_PHI: -+ return cast_visited_phi_arg(ssa_name_var, arg, size_overflow_type); -+ case GIMPLE_NOP: { -+ basic_block bb; -+ -+ bb = gimple_phi_arg_edge(oldstmt, i)->src; -+ return cast_parm_decl(ssa_name_var, arg, size_overflow_type, bb); -+ } -+ case GIMPLE_ASM: { -+ gimple_stmt_iterator gsi; -+ gimple assign, stmt = get_def_stmt(arg); -+ -+ gsi = gsi_for_stmt(stmt); -+ assign = build_cast_stmt(size_overflow_type, arg, ssa_name_var, &gsi, AFTER_STMT, false); -+ set_stmt_flag(assign, MY_STMT); -+ return gimple_assign_lhs(assign); -+ } -+ default: -+ gcc_assert(new_arg != NULL_TREE); -+ gcc_assert(types_compatible_p(TREE_TYPE(new_arg), size_overflow_type)); -+ return use_phi_ssa_name(ssa_name_var, new_arg); -+ } -+} -+ -+static gimple overflow_create_phi_node(gimple oldstmt, tree result) -+{ -+ basic_block bb; -+ gimple phi; -+ gimple_seq seq; -+ gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); -+ -+ bb = gsi_bb(gsi); -+ -+ if (result == NULL_TREE) { -+ tree old_result = gimple_phi_result(oldstmt); -+ tree size_overflow_type = get_size_overflow_type(oldstmt, old_result); -+ -+ result = create_new_var(size_overflow_type); -+ } -+ -+ phi = create_phi_node(result, bb); -+ gimple_phi_set_result(phi, make_ssa_name(result, phi)); -+ seq = phi_nodes(bb); -+ gsi = gsi_last(seq); -+ gsi_remove(&gsi, false); -+ -+ gsi = gsi_for_stmt(oldstmt); -+ gsi_insert_after(&gsi, phi, GSI_NEW_STMT); -+ gimple_set_bb(phi, bb); -+ set_stmt_flag(phi, MY_STMT); -+ return phi; -+} -+ -+#if BUILDING_GCC_VERSION <= 4007 -+static tree create_new_phi_node(VEC(tree, heap) **args, tree ssa_name_var, gimple oldstmt) -+#else -+static tree create_new_phi_node(vec<tree, va_heap, vl_embed> *&args, tree ssa_name_var, gimple oldstmt) -+#endif -+{ -+ gimple new_phi; -+ unsigned int i; -+ tree arg, result; -+ location_t loc = gimple_location(oldstmt); -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ gcc_assert(!VEC_empty(tree, *args)); -+#else -+ gcc_assert(!args->is_empty()); -+#endif -+ -+ new_phi = overflow_create_phi_node(oldstmt, ssa_name_var); -+ result = gimple_phi_result(new_phi); -+ ssa_name_var = SSA_NAME_VAR(result); -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ FOR_EACH_VEC_ELT(tree, *args, i, arg) { -+#else -+ FOR_EACH_VEC_SAFE_ELT(args, i, arg) { -+#endif -+ arg = create_new_phi_arg(ssa_name_var, arg, oldstmt, i); -+ add_phi_arg(new_phi, arg, gimple_phi_arg_edge(oldstmt, i), loc); -+ } -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC_free(tree, heap, *args); -+#else -+ vec_free(args); -+#endif -+ update_stmt(new_phi); -+ return result; -+} -+ -+static tree handle_phi(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree orig_result) -+{ -+ tree ssa_name_var = NULL_TREE; -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC(tree, heap) *args = NULL; -+#else -+ vec<tree, va_heap, vl_embed> *args = NULL; -+#endif -+ gimple oldstmt = get_def_stmt(orig_result); -+ unsigned int i, len = gimple_phi_num_args(oldstmt); -+ -+ pointer_set_insert(visited, oldstmt); -+ for (i = 0; i < len; i++) { -+ tree arg, new_arg; -+ -+ arg = gimple_phi_arg_def(oldstmt, i); -+ new_arg = expand(visited, caller_node, arg); -+ -+ if (ssa_name_var == NULL_TREE && new_arg != NULL_TREE) -+ ssa_name_var = SSA_NAME_VAR(new_arg); -+ -+ if (is_gimple_constant(arg)) { -+ tree size_overflow_type = get_size_overflow_type(oldstmt, arg); -+ -+ new_arg = cast_a_tree(size_overflow_type, arg); -+ } -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC_safe_push(tree, heap, args, new_arg); -+#else -+ vec_safe_push(args, new_arg); -+#endif -+ } -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ return create_new_phi_node(&args, ssa_name_var, oldstmt); -+#else -+ return create_new_phi_node(args, ssa_name_var, oldstmt); -+#endif -+} -+ -+static tree change_assign_rhs(gimple stmt, const_tree orig_rhs, tree new_rhs) ++static const char *get_asm_string(const_gimple stmt) +{ -+ gimple assign; -+ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); -+ tree origtype = TREE_TYPE(orig_rhs); -+ -+ gcc_assert(is_gimple_assign(stmt)); ++ if (!stmt) ++ return NULL; ++ if (gimple_code(stmt) != GIMPLE_ASM) ++ return NULL; + -+ assign = build_cast_stmt(origtype, new_rhs, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ set_stmt_flag(assign, MY_STMT); -+ return gimple_assign_lhs(assign); ++ return gimple_asm_string(stmt); +} + -+static bool is_a_cast_and_const_overflow(const_tree no_const_rhs) ++bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt) +{ -+ const_tree rhs1, lhs, rhs1_type, lhs_type; -+ enum machine_mode lhs_mode, rhs_mode; -+ gimple def_stmt = get_def_stmt(no_const_rhs); -+ -+ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) -+ return false; ++ const char *str; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ lhs = gimple_assign_lhs(def_stmt); -+ rhs1_type = TREE_TYPE(rhs1); -+ lhs_type = TREE_TYPE(lhs); -+ rhs_mode = TYPE_MODE(rhs1_type); -+ lhs_mode = TYPE_MODE(lhs_type); -+ if (TYPE_UNSIGNED(lhs_type) == TYPE_UNSIGNED(rhs1_type) || lhs_mode != rhs_mode) ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ -+ return true; -+} -+ -+static tree create_cast_assign(struct pointer_set_t *visited, gimple stmt) -+{ -+ tree rhs1 = gimple_assign_rhs1(stmt); -+ tree lhs = gimple_assign_lhs(stmt); -+ const_tree rhs1_type = TREE_TYPE(rhs1); -+ const_tree lhs_type = TREE_TYPE(lhs); -+ -+ if (TYPE_UNSIGNED(rhs1_type) == TYPE_UNSIGNED(lhs_type)) -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ return create_assign(visited, stmt, rhs1, AFTER_STMT); ++ return !strncmp(str, TURN_OFF_ASM_STR, sizeof(TURN_OFF_ASM_STR) - 1); +} + -+static bool no_uses(tree node) ++bool is_size_overflow_intentional_asm_yes(const_gimple stmt) +{ -+ imm_use_iterator imm_iter; -+ use_operand_p use_p; -+ -+ FOR_EACH_IMM_USE_FAST(use_p, imm_iter, node) { -+ const_gimple use_stmt = USE_STMT(use_p); ++ const char *str; + -+ if (use_stmt == NULL) -+ return true; -+ if (is_gimple_debug(use_stmt)) -+ continue; ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ } -+ return true; ++ return !strncmp(str, YES_ASM_STR, sizeof(YES_ASM_STR) - 1); +} + -+// 3.8.5 mm/page-writeback.c __ilog2_u64(): ret, uint + uintmax; uint -> int; int max -+static bool is_const_plus_unsigned_signed_truncation(const_tree lhs) ++bool is_size_overflow_asm(const_gimple stmt) +{ -+ tree rhs1, lhs_type, rhs_type, rhs2, not_const_rhs; -+ gimple def_stmt = get_def_stmt(lhs); -+ -+ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) -+ return false; -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs_type = TREE_TYPE(rhs1); -+ lhs_type = TREE_TYPE(lhs); -+ if (TYPE_UNSIGNED(lhs_type) || !TYPE_UNSIGNED(rhs_type)) -+ return false; -+ if (TYPE_MODE(lhs_type) != TYPE_MODE(rhs_type)) -+ return false; -+ -+ def_stmt = get_def_stmt(rhs1); -+ if (!def_stmt || !is_gimple_assign(def_stmt) || gimple_num_ops(def_stmt) != 3) -+ return false; -+ -+ if (gimple_assign_rhs_code(def_stmt) != PLUS_EXPR) -+ return false; ++ const char *str; + -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ if (!is_gimple_constant(rhs1) && !is_gimple_constant(rhs2)) ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ -+ if (is_gimple_constant(rhs2)) -+ not_const_rhs = rhs1; -+ else -+ not_const_rhs = rhs2; -+ -+ return no_uses(not_const_rhs); ++ return !strncmp(str, OK_ASM_STR, sizeof(OK_ASM_STR) - 1); +} + -+static bool skip_lhs_cast_check(const_gimple stmt) ++bool is_a_return_check(const_tree node) +{ -+ const_tree rhs = gimple_assign_rhs1(stmt); -+ const_gimple def_stmt = get_def_stmt(rhs); -+ -+ // 3.8.2 kernel/futex_compat.c compat_exit_robust_list(): get_user() 64 ulong -> int (compat_long_t), int max -+ if (gimple_code(def_stmt) == GIMPLE_ASM) -+ return true; -+ -+ if (is_const_plus_unsigned_signed_truncation(rhs)) ++ if (TREE_CODE(node) == FUNCTION_DECL) + return true; + ++ gcc_assert(TREE_CODE(node) == PARM_DECL); + return false; +} + -+static tree create_cast_overflow_check(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree new_rhs1, gimple stmt) -+{ -+ bool cast_lhs, cast_rhs; -+ tree lhs = gimple_assign_lhs(stmt); -+ tree rhs = gimple_assign_rhs1(stmt); -+ const_tree lhs_type = TREE_TYPE(lhs); -+ const_tree rhs_type = TREE_TYPE(rhs); -+ enum machine_mode lhs_mode = TYPE_MODE(lhs_type); -+ enum machine_mode rhs_mode = TYPE_MODE(rhs_type); -+ unsigned int lhs_size = GET_MODE_BITSIZE(lhs_mode); -+ unsigned int rhs_size = GET_MODE_BITSIZE(rhs_mode); -+ -+ static bool check_lhs[3][4] = { -+ // ss su us uu -+ { false, true, true, false }, // lhs > rhs -+ { false, false, false, false }, // lhs = rhs -+ { true, true, true, true }, // lhs < rhs -+ }; -+ -+ static bool check_rhs[3][4] = { -+ // ss su us uu -+ { true, false, true, true }, // lhs > rhs -+ { true, false, true, true }, // lhs = rhs -+ { true, false, true, true }, // lhs < rhs -+ }; -+ -+ // skip lhs check on signed SI -> HI cast or signed SI -> QI cast !!!! -+ if (rhs_mode == SImode && !TYPE_UNSIGNED(rhs_type) && (lhs_mode == HImode || lhs_mode == QImode)) -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ if (lhs_size > rhs_size) { -+ cast_lhs = check_lhs[0][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ cast_rhs = check_rhs[0][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ } else if (lhs_size == rhs_size) { -+ cast_lhs = check_lhs[1][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ cast_rhs = check_rhs[1][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ } else { -+ cast_lhs = check_lhs[2][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ cast_rhs = check_rhs[2][TYPE_UNSIGNED(rhs_type) + 2 * TYPE_UNSIGNED(lhs_type)]; -+ } -+ -+ if (!cast_lhs && !cast_rhs) -+ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); -+ -+ if (cast_lhs && !skip_lhs_cast_check(stmt)) -+ check_size_overflow(caller_node, stmt, TREE_TYPE(new_rhs1), new_rhs1, lhs, BEFORE_STMT); -+ -+ if (cast_rhs) -+ check_size_overflow(caller_node, stmt, TREE_TYPE(new_rhs1), new_rhs1, rhs, BEFORE_STMT); -+ -+ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); -+} -+ -+static tree handle_unary_rhs(struct pointer_set_t *visited, struct cgraph_node *caller_node, gimple stmt) -+{ -+ tree rhs1, new_rhs1, lhs = gimple_assign_lhs(stmt); -+ -+ if (get_stmt_flag(stmt) == MY_STMT) -+ return lhs; -+ -+ rhs1 = gimple_assign_rhs1(stmt); -+ if (TREE_CODE(TREE_TYPE(rhs1)) == POINTER_TYPE) -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ new_rhs1 = expand(visited, caller_node, rhs1); -+ -+ if (new_rhs1 == NULL_TREE) -+ return create_cast_assign(visited, stmt); -+ -+ if (get_stmt_flag(stmt) == NO_CAST_CHECK) -+ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); -+ -+ if (gimple_assign_rhs_code(stmt) == BIT_NOT_EXPR) { -+ tree size_overflow_type = get_size_overflow_type(stmt, rhs1); -+ -+ new_rhs1 = cast_to_new_size_overflow_type(stmt, new_rhs1, size_overflow_type, BEFORE_STMT); -+ check_size_overflow(caller_node, stmt, size_overflow_type, new_rhs1, rhs1, BEFORE_STMT); -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ } -+ -+ if (!gimple_assign_cast_p(stmt)) -+ return dup_assign(visited, stmt, lhs, new_rhs1, NULL_TREE, NULL_TREE); -+ -+ return create_cast_overflow_check(visited, caller_node, new_rhs1, stmt); -+} -+ -+static tree handle_unary_ops(struct pointer_set_t *visited, struct cgraph_node *caller_node, gimple stmt) -+{ -+ tree rhs1, lhs = gimple_assign_lhs(stmt); -+ gimple def_stmt = get_def_stmt(lhs); -+ -+ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP); -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ -+ if (is_gimple_constant(rhs1)) -+ return create_assign(visited, def_stmt, lhs, AFTER_STMT); -+ -+ switch (TREE_CODE(rhs1)) { -+ case SSA_NAME: -+ return handle_unary_rhs(visited, caller_node, def_stmt); -+ case ARRAY_REF: -+ case BIT_FIELD_REF: -+ case ADDR_EXPR: -+ case COMPONENT_REF: -+ case INDIRECT_REF: -+#if BUILDING_GCC_VERSION >= 4006 -+ case MEM_REF: -+#endif -+ case TARGET_MEM_REF: -+ case VIEW_CONVERT_EXPR: -+ return create_assign(visited, def_stmt, lhs, AFTER_STMT); -+ case PARM_DECL: -+ case VAR_DECL: -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ default: -+ debug_gimple_stmt(def_stmt); -+ debug_tree(rhs1); -+ gcc_unreachable(); -+ } -+} -+ -+static void insert_cond(basic_block cond_bb, tree arg, enum tree_code cond_code, tree type_value) -+{ -+ gimple cond_stmt; -+ gimple_stmt_iterator gsi = gsi_last_bb(cond_bb); -+ -+ cond_stmt = gimple_build_cond(cond_code, arg, type_value, NULL_TREE, NULL_TREE); -+ gsi_insert_after(&gsi, cond_stmt, GSI_CONTINUE_LINKING); -+ update_stmt(cond_stmt); -+} -+ -+static tree create_string_param(tree string) -+{ -+ tree i_type, a_type; -+ const int length = TREE_STRING_LENGTH(string); -+ -+ gcc_assert(length > 0); -+ -+ i_type = build_index_type(build_int_cst(NULL_TREE, length - 1)); -+ a_type = build_array_type(char_type_node, i_type); -+ -+ TREE_TYPE(string) = a_type; -+ TREE_CONSTANT(string) = 1; -+ TREE_READONLY(string) = 1; -+ -+ return build1(ADDR_EXPR, ptr_type_node, string); -+} -+ -+static void insert_cond_result(struct cgraph_node *caller_node, basic_block bb_true, const_gimple stmt, const_tree arg, bool min) -+{ -+ gimple func_stmt; -+ const_gimple def_stmt; -+ const_tree loc_line; -+ tree loc_file, ssa_name, current_func; -+ expanded_location xloc; -+ char *ssa_name_buf; -+ int len; -+ struct cgraph_edge *edge; -+ struct cgraph_node *callee_node; -+ int frequency; -+ gimple_stmt_iterator gsi = gsi_start_bb(bb_true); -+ -+ def_stmt = get_def_stmt(arg); -+ xloc = expand_location(gimple_location(def_stmt)); -+ -+ if (!gimple_has_location(def_stmt)) { -+ xloc = expand_location(gimple_location(stmt)); -+ if (!gimple_has_location(stmt)) -+ xloc = expand_location(DECL_SOURCE_LOCATION(current_function_decl)); -+ } -+ -+ loc_line = build_int_cstu(unsigned_type_node, xloc.line); -+ -+ loc_file = build_string(strlen(xloc.file) + 1, xloc.file); -+ loc_file = create_string_param(loc_file); -+ -+ current_func = build_string(DECL_NAME_LENGTH(current_function_decl) + 1, DECL_NAME_POINTER(current_function_decl)); -+ current_func = create_string_param(current_func); -+ -+ gcc_assert(DECL_NAME(SSA_NAME_VAR(arg)) != NULL); -+ call_count++; -+ len = asprintf(&ssa_name_buf, "%s_%u %s, count: %u\n", DECL_NAME_POINTER(SSA_NAME_VAR(arg)), SSA_NAME_VERSION(arg), min ? "min" : "max", call_count); -+ gcc_assert(len > 0); -+ ssa_name = build_string(len + 1, ssa_name_buf); -+ free(ssa_name_buf); -+ ssa_name = create_string_param(ssa_name); -+ -+ // void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name) -+ func_stmt = gimple_build_call(report_size_overflow_decl, 4, loc_file, loc_line, current_func, ssa_name); -+ gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING); -+ -+ callee_node = cgraph_get_create_node(report_size_overflow_decl); -+ frequency = compute_call_stmt_bb_frequency(current_function_decl, bb_true); -+ -+ edge = cgraph_create_edge(caller_node, callee_node, func_stmt, bb_true->count, frequency, bb_true->loop_depth); -+ gcc_assert(edge != NULL); -+} -+ -+static void __unused print_the_code_insertions(const_gimple stmt) -+{ -+ location_t loc = gimple_location(stmt); -+ -+ inform(loc, "Integer size_overflow check applied here."); -+} -+ -+static void insert_check_size_overflow(struct cgraph_node *caller_node, gimple stmt, enum tree_code cond_code, tree arg, tree type_value, bool before, bool min) ++// Get the argnum of a function decl, if node is a return then the argnum is 0 ++unsigned int get_function_num(const_tree node, const_tree orig_fndecl) +{ -+ basic_block cond_bb, join_bb, bb_true; -+ edge e; -+ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); -+ -+ cond_bb = gimple_bb(stmt); -+ if (before) -+ gsi_prev(&gsi); -+ if (gsi_end_p(gsi)) -+ e = split_block_after_labels(cond_bb); ++ if (is_a_return_check(node)) ++ return 0; + else -+ e = split_block(cond_bb, gsi_stmt(gsi)); -+ cond_bb = e->src; -+ join_bb = e->dest; -+ e->flags = EDGE_FALSE_VALUE; -+ e->probability = REG_BR_PROB_BASE; -+ -+ bb_true = create_empty_bb(cond_bb); -+ make_edge(cond_bb, bb_true, EDGE_TRUE_VALUE); -+ make_edge(cond_bb, join_bb, EDGE_FALSE_VALUE); -+ make_edge(bb_true, join_bb, EDGE_FALLTHRU); -+ -+ gcc_assert(dom_info_available_p(CDI_DOMINATORS)); -+ set_immediate_dominator(CDI_DOMINATORS, bb_true, cond_bb); -+ set_immediate_dominator(CDI_DOMINATORS, join_bb, cond_bb); -+ -+ if (current_loops != NULL) { -+ gcc_assert(cond_bb->loop_father == join_bb->loop_father); -+ add_bb_to_loop(bb_true, cond_bb->loop_father); -+ } -+ -+ insert_cond(cond_bb, arg, cond_code, type_value); -+ insert_cond_result(caller_node, bb_true, stmt, arg, min); -+ -+// print_the_code_insertions(stmt); -+} -+ -+static void check_size_overflow(struct cgraph_node *caller_node, gimple stmt, tree size_overflow_type, tree cast_rhs, tree rhs, bool before) -+{ -+ const_tree rhs_type = TREE_TYPE(rhs); -+ tree cast_rhs_type, type_max_type, type_min_type, type_max, type_min; -+ -+ gcc_assert(rhs_type != NULL_TREE); -+ if (TREE_CODE(rhs_type) == POINTER_TYPE) -+ return; -+ -+ gcc_assert(TREE_CODE(rhs_type) == INTEGER_TYPE || TREE_CODE(rhs_type) == ENUMERAL_TYPE); -+ -+ if (is_const_plus_unsigned_signed_truncation(rhs)) -+ return; -+ -+ type_max = cast_a_tree(size_overflow_type, TYPE_MAX_VALUE(rhs_type)); -+ // typemax (-1) < typemin (0) -+ if (TREE_OVERFLOW(type_max)) -+ return; -+ -+ type_min = cast_a_tree(size_overflow_type, TYPE_MIN_VALUE(rhs_type)); -+ -+ cast_rhs_type = TREE_TYPE(cast_rhs); -+ type_max_type = TREE_TYPE(type_max); -+ gcc_assert(types_compatible_p(cast_rhs_type, type_max_type)); -+ -+ insert_check_size_overflow(caller_node, stmt, GT_EXPR, cast_rhs, type_max, before, MAX_CHECK); -+ -+ // special case: get_size_overflow_type(), 32, u64->s -+ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && TYPE_UNSIGNED(size_overflow_type) && !TYPE_UNSIGNED(rhs_type)) -+ return; -+ -+ type_min_type = TREE_TYPE(type_min); -+ gcc_assert(types_compatible_p(type_max_type, type_min_type)); -+ insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK); -+} -+ -+static bool is_a_constant_overflow(const_gimple stmt, const_tree rhs) -+{ -+ if (gimple_assign_rhs_code(stmt) == MIN_EXPR) -+ return false; -+ if (!is_gimple_constant(rhs)) -+ return false; -+ return true; -+} -+ -+static tree get_def_stmt_rhs(const_tree var) -+{ -+ tree rhs1, def_stmt_rhs1; -+ gimple rhs1_def_stmt, def_stmt_rhs1_def_stmt, def_stmt; -+ -+ def_stmt = get_def_stmt(var); -+ if (!gimple_assign_cast_p(def_stmt)) -+ return NULL_TREE; -+ gcc_assert(gimple_code(def_stmt) != GIMPLE_NOP && get_stmt_flag(def_stmt) == MY_STMT && gimple_assign_cast_p(def_stmt)); -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs1_def_stmt = get_def_stmt(rhs1); -+ if (!gimple_assign_cast_p(rhs1_def_stmt)) -+ return rhs1; -+ -+ def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); -+ def_stmt_rhs1_def_stmt = get_def_stmt(def_stmt_rhs1); -+ -+ switch (gimple_code(def_stmt_rhs1_def_stmt)) { -+ case GIMPLE_CALL: -+ case GIMPLE_NOP: -+ case GIMPLE_ASM: -+ case GIMPLE_PHI: -+ return def_stmt_rhs1; -+ case GIMPLE_ASSIGN: -+ return rhs1; -+ default: -+ debug_gimple_stmt(def_stmt_rhs1_def_stmt); -+ gcc_unreachable(); -+ } -+} -+ -+static tree handle_intentional_overflow(struct pointer_set_t *visited, struct cgraph_node *caller_node, bool check_overflow, gimple stmt, tree change_rhs, tree new_rhs2) -+{ -+ tree new_rhs, orig_rhs; -+ void (*gimple_assign_set_rhs)(gimple, tree); -+ tree rhs1 = gimple_assign_rhs1(stmt); -+ tree rhs2 = gimple_assign_rhs2(stmt); -+ tree lhs = gimple_assign_lhs(stmt); -+ -+ if (!check_overflow) -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ if (change_rhs == NULL_TREE) -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+ -+ if (new_rhs2 == NULL_TREE) { -+ orig_rhs = rhs1; -+ gimple_assign_set_rhs = &gimple_assign_set_rhs1; -+ } else { -+ orig_rhs = rhs2; -+ gimple_assign_set_rhs = &gimple_assign_set_rhs2; -+ } -+ -+ check_size_overflow(caller_node, stmt, TREE_TYPE(change_rhs), change_rhs, orig_rhs, BEFORE_STMT); -+ -+ new_rhs = change_assign_rhs(stmt, orig_rhs, change_rhs); -+ gimple_assign_set_rhs(stmt, new_rhs); -+ update_stmt(stmt); -+ -+ return create_assign(visited, stmt, lhs, AFTER_STMT); -+} -+ -+static bool is_subtraction_special(const_gimple stmt) -+{ -+ gimple rhs1_def_stmt, rhs2_def_stmt; -+ const_tree rhs1_def_stmt_rhs1, rhs2_def_stmt_rhs1, rhs1_def_stmt_lhs, rhs2_def_stmt_lhs; -+ enum machine_mode rhs1_def_stmt_rhs1_mode, rhs2_def_stmt_rhs1_mode, rhs1_def_stmt_lhs_mode, rhs2_def_stmt_lhs_mode; -+ const_tree rhs1 = gimple_assign_rhs1(stmt); -+ const_tree rhs2 = gimple_assign_rhs2(stmt); -+ -+ if (is_gimple_constant(rhs1) || is_gimple_constant(rhs2)) -+ return false; -+ -+ gcc_assert(TREE_CODE(rhs1) == SSA_NAME && TREE_CODE(rhs2) == SSA_NAME); -+ -+ if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) -+ return false; -+ -+ rhs1_def_stmt = get_def_stmt(rhs1); -+ rhs2_def_stmt = get_def_stmt(rhs2); -+ if (!gimple_assign_cast_p(rhs1_def_stmt) || !gimple_assign_cast_p(rhs2_def_stmt)) -+ return false; -+ -+ rhs1_def_stmt_rhs1 = gimple_assign_rhs1(rhs1_def_stmt); -+ rhs2_def_stmt_rhs1 = gimple_assign_rhs1(rhs2_def_stmt); -+ rhs1_def_stmt_lhs = gimple_assign_lhs(rhs1_def_stmt); -+ rhs2_def_stmt_lhs = gimple_assign_lhs(rhs2_def_stmt); -+ rhs1_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_rhs1)); -+ rhs2_def_stmt_rhs1_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_rhs1)); -+ rhs1_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs1_def_stmt_lhs)); -+ rhs2_def_stmt_lhs_mode = TYPE_MODE(TREE_TYPE(rhs2_def_stmt_lhs)); -+ if (GET_MODE_BITSIZE(rhs1_def_stmt_rhs1_mode) <= GET_MODE_BITSIZE(rhs1_def_stmt_lhs_mode)) -+ return false; -+ if (GET_MODE_BITSIZE(rhs2_def_stmt_rhs1_mode) <= GET_MODE_BITSIZE(rhs2_def_stmt_lhs_mode)) -+ return false; -+ -+ set_stmt_flag(rhs1_def_stmt, NO_CAST_CHECK); -+ set_stmt_flag(rhs2_def_stmt, NO_CAST_CHECK); -+ return true; -+} -+ -+static tree handle_integer_truncation(struct pointer_set_t *visited, struct cgraph_node *caller_node, const_tree lhs) -+{ -+ tree new_rhs1, new_rhs2; -+ tree new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1, new_lhs; -+ gimple assign, stmt = get_def_stmt(lhs); -+ tree rhs1 = gimple_assign_rhs1(stmt); -+ tree rhs2 = gimple_assign_rhs2(stmt); -+ -+ if (!is_subtraction_special(stmt)) -+ return NULL_TREE; -+ -+ new_rhs1 = expand(visited, caller_node, rhs1); -+ new_rhs2 = expand(visited, caller_node, rhs2); -+ -+ new_rhs1_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs1); -+ new_rhs2_def_stmt_rhs1 = get_def_stmt_rhs(new_rhs2); -+ -+ if (new_rhs1_def_stmt_rhs1 == NULL_TREE || new_rhs2_def_stmt_rhs1 == NULL_TREE) -+ return NULL_TREE; -+ -+ if (!types_compatible_p(TREE_TYPE(new_rhs1_def_stmt_rhs1), TREE_TYPE(new_rhs2_def_stmt_rhs1))) { -+ new_rhs1_def_stmt_rhs1 = cast_to_TI_type(stmt, new_rhs1_def_stmt_rhs1); -+ new_rhs2_def_stmt_rhs1 = cast_to_TI_type(stmt, new_rhs2_def_stmt_rhs1); -+ } -+ -+ assign = create_binary_assign(MINUS_EXPR, stmt, new_rhs1_def_stmt_rhs1, new_rhs2_def_stmt_rhs1); -+ new_lhs = gimple_assign_lhs(assign); -+ check_size_overflow(caller_node, assign, TREE_TYPE(new_lhs), new_lhs, rhs1, AFTER_STMT); -+ -+ return dup_assign(visited, stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+} -+ -+static bool is_a_neg_overflow(const_gimple stmt, const_tree rhs) -+{ -+ const_gimple def_stmt; -+ -+ if (TREE_CODE(rhs) != SSA_NAME) -+ return false; -+ -+ if (gimple_assign_rhs_code(stmt) != PLUS_EXPR) -+ return false; -+ -+ def_stmt = get_def_stmt(rhs); -+ if (!is_gimple_assign(def_stmt) || gimple_assign_rhs_code(def_stmt) != BIT_NOT_EXPR) -+ return false; -+ -+ return true; -+} -+ -+static tree handle_binary_ops(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree lhs) -+{ -+ tree rhs1, rhs2, new_lhs; -+ gimple def_stmt = get_def_stmt(lhs); -+ tree new_rhs1 = NULL_TREE; -+ tree new_rhs2 = NULL_TREE; -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ -+ /* no DImode/TImode division in the 32/64 bit kernel */ -+ switch (gimple_assign_rhs_code(def_stmt)) { -+ case RDIV_EXPR: -+ case TRUNC_DIV_EXPR: -+ case CEIL_DIV_EXPR: -+ case FLOOR_DIV_EXPR: -+ case ROUND_DIV_EXPR: -+ case TRUNC_MOD_EXPR: -+ case CEIL_MOD_EXPR: -+ case FLOOR_MOD_EXPR: -+ case ROUND_MOD_EXPR: -+ case EXACT_DIV_EXPR: -+ case POINTER_PLUS_EXPR: -+ case BIT_AND_EXPR: -+ return create_assign(visited, def_stmt, lhs, AFTER_STMT); -+ default: -+ break; -+ } -+ -+ new_lhs = handle_integer_truncation(visited, caller_node, lhs); -+ if (new_lhs != NULL_TREE) -+ return new_lhs; -+ -+ if (TREE_CODE(rhs1) == SSA_NAME) -+ new_rhs1 = expand(visited, caller_node, rhs1); -+ if (TREE_CODE(rhs2) == SSA_NAME) -+ new_rhs2 = expand(visited, caller_node, rhs2); -+ -+ if (is_a_neg_overflow(def_stmt, rhs2)) -+ return handle_intentional_overflow(visited, caller_node, true, def_stmt, new_rhs1, NULL_TREE); -+ if (is_a_neg_overflow(def_stmt, rhs1)) -+ return handle_intentional_overflow(visited, caller_node, true, def_stmt, new_rhs2, new_rhs2); -+ -+ -+ if (is_a_constant_overflow(def_stmt, rhs2)) -+ return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs1), def_stmt, new_rhs1, NULL_TREE); -+ if (is_a_constant_overflow(def_stmt, rhs1)) -+ return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs2), def_stmt, new_rhs2, new_rhs2); -+ -+ return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE); -+} -+ -+#if BUILDING_GCC_VERSION >= 4006 -+static tree get_new_rhs(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree size_overflow_type, tree rhs) -+{ -+ if (is_gimple_constant(rhs)) -+ return cast_a_tree(size_overflow_type, rhs); -+ if (TREE_CODE(rhs) != SSA_NAME) -+ return NULL_TREE; -+ return expand(visited, caller_node, rhs); -+} -+ -+static tree handle_ternary_ops(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree lhs) -+{ -+ tree rhs1, rhs2, rhs3, new_rhs1, new_rhs2, new_rhs3, size_overflow_type; -+ gimple def_stmt = get_def_stmt(lhs); -+ -+ size_overflow_type = get_size_overflow_type(def_stmt, lhs); -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ rhs3 = gimple_assign_rhs3(def_stmt); -+ new_rhs1 = get_new_rhs(visited, caller_node, size_overflow_type, rhs1); -+ new_rhs2 = get_new_rhs(visited, caller_node, size_overflow_type, rhs2); -+ new_rhs3 = get_new_rhs(visited, caller_node, size_overflow_type, rhs3); -+ -+ return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, new_rhs3); -+} -+#endif -+ -+static tree get_size_overflow_type(gimple stmt, const_tree node) -+{ -+ const_tree type; -+ tree new_type; -+ -+ gcc_assert(node != NULL_TREE); -+ -+ type = TREE_TYPE(node); -+ -+ if (get_stmt_flag(stmt) == MY_STMT) -+ return TREE_TYPE(node); -+ -+ switch (TYPE_MODE(type)) { -+ case QImode: -+ new_type = intHI_type_node; -+ break; -+ case HImode: -+ new_type = intSI_type_node; -+ break; -+ case SImode: -+ new_type = intDI_type_node; -+ break; -+ case DImode: -+ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) -+ new_type = TYPE_UNSIGNED(type) ? unsigned_intDI_type_node : intDI_type_node; -+ else -+ new_type = intTI_type_node; -+ break; -+ case TImode: -+ gcc_assert(!TYPE_UNSIGNED(type)); -+ new_type = intTI_type_node; -+ break; -+ default: -+ debug_tree((tree)node); -+ error("%s: unsupported gcc configuration (%qE).", __func__, current_function_decl); -+ gcc_unreachable(); -+ } -+ -+ if (TYPE_QUALS(type) != 0) -+ return build_qualified_type(new_type, TYPE_QUALS(type)); -+ return new_type; -+} -+ -+static tree expand_visited(gimple def_stmt) -+{ -+ const_gimple next_stmt; -+ gimple_stmt_iterator gsi; -+ enum gimple_code code = gimple_code(def_stmt); -+ -+ if (code == GIMPLE_ASM) -+ return NULL_TREE; -+ -+ gsi = gsi_for_stmt(def_stmt); -+ gsi_next(&gsi); -+ -+ if (gimple_code(def_stmt) == GIMPLE_PHI && gsi_end_p(gsi)) -+ return NULL_TREE; -+ gcc_assert(!gsi_end_p(gsi)); -+ next_stmt = gsi_stmt(gsi); -+ -+ if (gimple_code(def_stmt) == GIMPLE_PHI && get_stmt_flag((gimple)next_stmt) != MY_STMT) -+ return NULL_TREE; -+ gcc_assert(get_stmt_flag((gimple)next_stmt) == MY_STMT); -+ -+ return get_lhs(next_stmt); -+} -+ -+static tree expand(struct pointer_set_t *visited, struct cgraph_node *caller_node, tree lhs) -+{ -+ gimple def_stmt; -+ -+ def_stmt = get_def_stmt(lhs); -+ -+ if (!def_stmt || gimple_code(def_stmt) == GIMPLE_NOP) -+ return NULL_TREE; -+ -+ if (get_stmt_flag(def_stmt) == MY_STMT) -+ return lhs; -+ -+ if (pointer_set_contains(visited, def_stmt)) -+ return expand_visited(def_stmt); -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_PHI: -+ return handle_phi(visited, caller_node, lhs); -+ case GIMPLE_CALL: -+ case GIMPLE_ASM: -+ return create_assign(visited, def_stmt, lhs, AFTER_STMT); -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { -+ case 2: -+ return handle_unary_ops(visited, caller_node, def_stmt); -+ case 3: -+ return handle_binary_ops(visited, caller_node, lhs); -+#if BUILDING_GCC_VERSION >= 4006 -+ case 4: -+ return handle_ternary_ops(visited, caller_node, lhs); -+#endif -+ } -+ default: -+ debug_gimple_stmt(def_stmt); -+ error("%s: unknown gimple code", __func__); -+ gcc_unreachable(); -+ } -+} -+ -+static tree cast_to_orig_type(gimple stmt, const_tree orig_node, tree new_node) -+{ -+ const_gimple assign; -+ tree orig_type = TREE_TYPE(orig_node); -+ gimple_stmt_iterator gsi = gsi_for_stmt(stmt); -+ -+ assign = build_cast_stmt(orig_type, new_node, CREATE_NEW_VAR, &gsi, BEFORE_STMT, false); -+ return gimple_assign_lhs(assign); -+} -+ -+static void change_orig_node(struct interesting_node *cur_node, tree new_node) -+{ -+ void (*set_rhs)(gimple, tree); -+ gimple stmt = cur_node->first_stmt; -+ const_tree orig_node = cur_node->node; -+ -+ switch (gimple_code(stmt)) { -+ case GIMPLE_RETURN: -+ gimple_return_set_retval(stmt, cast_to_orig_type(stmt, orig_node, new_node)); -+ break; -+ case GIMPLE_CALL: -+ gimple_call_set_arg(stmt, cur_node->num - 1, cast_to_orig_type(stmt, orig_node, new_node)); -+ break; -+ case GIMPLE_ASSIGN: -+ switch (cur_node->num) { -+ case 1: -+ set_rhs = &gimple_assign_set_rhs1; -+ break; -+ case 2: -+ set_rhs = &gimple_assign_set_rhs2; -+ break; -+#if BUILDING_GCC_VERSION >= 4006 -+ case 3: -+ set_rhs = &gimple_assign_set_rhs3; -+ break; -+#endif -+ default: -+ gcc_unreachable(); -+ } -+ -+ set_rhs(stmt, cast_to_orig_type(stmt, orig_node, new_node)); -+ break; -+ default: -+ debug_gimple_stmt(stmt); -+ gcc_unreachable(); -+ } -+ -+ update_stmt(stmt); ++ return find_arg_number_tree(node, orig_fndecl); +} + -+static unsigned int get_correct_arg_count(unsigned int argnum, const_tree fndecl) ++unsigned int get_correct_arg_count(unsigned int argnum, const_tree fndecl) +{ + const struct size_overflow_hash *hash; + unsigned int new_argnum; @@ -115706,81 +120918,6 @@ index 0000000..fa0524c + return CANNOT_FIND_ARG; +} + -+// Don't want to duplicate entries in next_cgraph_node -+static bool is_in_next_cgraph_node(struct next_cgraph_node *head, struct cgraph_node *node, const_tree fndecl, unsigned int num) -+{ -+ const_tree new_callee_fndecl; -+ struct next_cgraph_node *cur_node; -+ -+ if (fndecl == RET_CHECK) -+ new_callee_fndecl = NODE_DECL(node); -+ else -+ new_callee_fndecl = fndecl; -+ -+ for (cur_node = head; cur_node; cur_node = cur_node->next) { -+ if (!operand_equal_p(NODE_DECL(cur_node->current_function), NODE_DECL(node), 0)) -+ continue; -+ if (!operand_equal_p(cur_node->callee_fndecl, new_callee_fndecl, 0)) -+ continue; -+ if (num == cur_node->num) -+ return true; -+ } -+ return false; -+} -+ -+/* Add a next_cgraph_node into the list for handle_function(). -+ * handle_function() iterates over all the next cgraph nodes and -+ * starts the overflow check insertion process. -+ */ -+static struct next_cgraph_node *create_new_next_cgraph_node(struct next_cgraph_node *head, struct cgraph_node *node, tree fndecl, unsigned int num) -+{ -+ struct next_cgraph_node *new_node; -+ -+ if (is_in_next_cgraph_node(head, node, fndecl, num)) -+ return head; -+ -+ new_node = (struct next_cgraph_node *)xmalloc(sizeof(*new_node)); -+ new_node->current_function = node; -+ new_node->next = NULL; -+ new_node->num = num; -+ if (fndecl == RET_CHECK) -+ new_node->callee_fndecl = NODE_DECL(node); -+ else -+ new_node->callee_fndecl = fndecl; -+ -+ if (!head) -+ return new_node; -+ -+ new_node->next = head; -+ return new_node; -+} -+ -+static struct next_cgraph_node *create_new_next_cgraph_nodes(struct next_cgraph_node *head, struct cgraph_node *node, unsigned int num) -+{ -+ struct cgraph_edge *e; -+ -+ if (num == 0) -+ return create_new_next_cgraph_node(head, node, RET_CHECK, num); -+ -+ for (e = node->callers; e; e = e->next_caller) { -+ tree fndecl = gimple_call_fndecl(e->call_stmt); -+ -+ gcc_assert(fndecl != NULL_TREE); -+ head = create_new_next_cgraph_node(head, e->caller, fndecl, num); -+ } -+ -+ return head; -+} -+ -+static bool is_a_return_check(const_tree node) -+{ -+ if (TREE_CODE(node) == FUNCTION_DECL) -+ return true; -+ -+ gcc_assert(TREE_CODE(node) == PARM_DECL); -+ return false; -+} -+ +static bool is_in_hash_table(const_tree fndecl, unsigned int num) +{ + const struct size_overflow_hash *hash; @@ -115791,37 +120928,10 @@ index 0000000..fa0524c + return false; +} + -+struct missing_functions { -+ struct missing_functions *next; -+ const_tree node; -+ tree fndecl; -+}; -+ -+static struct missing_functions *create_new_missing_function(struct missing_functions *missing_fn_head, tree node) -+{ -+ struct missing_functions *new_function; -+ -+ new_function = (struct missing_functions *)xmalloc(sizeof(*new_function)); -+ new_function->node = node; -+ new_function->next = NULL; -+ -+ if (TREE_CODE(node) == FUNCTION_DECL) -+ new_function->fndecl = node; -+ else -+ new_function->fndecl = current_function_decl; -+ gcc_assert(new_function->fndecl); -+ -+ if (!missing_fn_head) -+ return new_function; -+ -+ new_function->next = missing_fn_head; -+ return new_function; -+} -+ +/* Check if the function has a size_overflow attribute or it is in the size_overflow hash table. + * If the function is missing everywhere then print the missing message into stderr. + */ -+static bool is_missing_function(const_tree orig_fndecl, unsigned int num) ++bool is_missing_function(const_tree orig_fndecl, unsigned int num) +{ + switch (DECL_FUNCTION_CODE(orig_fndecl)) { +#if BUILDING_GCC_VERSION >= 4008 @@ -115849,2192 +120959,12 @@ index 0000000..fa0524c + return true; +} + -+// Get the argnum of a function decl, if node is a return then the argnum is 0 -+static unsigned int get_function_num(const_tree node, const_tree orig_fndecl) -+{ -+ if (is_a_return_check(node)) -+ return 0; -+ else -+ return find_arg_number_tree(node, orig_fndecl); -+} -+ -+/* If the function is missing from the hash table and it is a static function -+ * then create a next_cgraph_node from it for handle_function() -+ */ -+static struct next_cgraph_node *check_missing_overflow_attribute_and_create_next_node(struct next_cgraph_node *cnodes, struct missing_functions *missing_fn_head) -+{ -+ unsigned int num; -+ const_tree orig_fndecl; -+ struct cgraph_node *next_node = NULL; -+ -+ orig_fndecl = DECL_ORIGIN(missing_fn_head->fndecl); -+ -+ num = get_function_num(missing_fn_head->node, orig_fndecl); -+ if (num == CANNOT_FIND_ARG) -+ return cnodes; -+ -+ if (!is_missing_function(orig_fndecl, num)) -+ return cnodes; -+ -+ next_node = cgraph_get_node(missing_fn_head->fndecl); -+ if (next_node && next_node->local.local) -+ cnodes = create_new_next_cgraph_nodes(cnodes, next_node, num); -+ return cnodes; -+} -+ -+/* Search for missing size_overflow attributes on the last nodes in ipa and collect them -+ * into the next_cgraph_node list. They will be the next interesting returns or callees. -+ */ -+static struct next_cgraph_node *search_overflow_attribute(struct next_cgraph_node *cnodes, struct interesting_node *cur_node) -+{ -+ unsigned int i; -+ tree node; -+ struct missing_functions *cur, *missing_fn_head = NULL; -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, node) { -+#else -+ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, node) { -+#endif -+ switch (TREE_CODE(node)) { -+ case PARM_DECL: -+ if (TREE_CODE(TREE_TYPE(node)) != INTEGER_TYPE) -+ break; -+ case FUNCTION_DECL: -+ missing_fn_head = create_new_missing_function(missing_fn_head, node); -+ break; -+ default: -+ break; -+ } -+ } -+ -+ while (missing_fn_head) { -+ cnodes = check_missing_overflow_attribute_and_create_next_node(cnodes, missing_fn_head); -+ -+ cur = missing_fn_head->next; -+ free(missing_fn_head); -+ missing_fn_head = cur; -+ } -+ -+ return cnodes; -+} -+ -+static void walk_phi_set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree result) -+{ -+ gimple phi = get_def_stmt(result); -+ unsigned int i, n = gimple_phi_num_args(phi); -+ -+ pointer_set_insert(visited, phi); -+ for (i = 0; i < n; i++) { -+ const_tree arg = gimple_phi_arg_def(phi, i); -+ -+ set_conditions(visited, interesting_conditions, arg); -+ } -+} -+ -+enum conditions { -+ FROM_CONST, NOT_UNARY, CAST -+}; -+ -+// Search for constants, cast assignments and binary/ternary assignments -+static void set_conditions(struct pointer_set_t *visited, bool *interesting_conditions, const_tree lhs) -+{ -+ gimple def_stmt = get_def_stmt(lhs); -+ -+ if (is_gimple_constant(lhs)) { -+ interesting_conditions[FROM_CONST] = true; -+ return; -+ } -+ -+ if (!def_stmt) -+ return; -+ -+ if (pointer_set_contains(visited, def_stmt)) -+ return; -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_NOP: -+ case GIMPLE_CALL: -+ case GIMPLE_ASM: -+ return; -+ case GIMPLE_PHI: -+ return walk_phi_set_conditions(visited, interesting_conditions, lhs); -+ case GIMPLE_ASSIGN: -+ if (gimple_num_ops(def_stmt) == 2) { -+ const_tree rhs = gimple_assign_rhs1(def_stmt); -+ -+ if (gimple_assign_cast_p(def_stmt)) -+ interesting_conditions[CAST] = true; -+ -+ return set_conditions(visited, interesting_conditions, rhs); -+ } else { -+ interesting_conditions[NOT_UNARY] = true; -+ return; -+ } -+ default: -+ debug_gimple_stmt(def_stmt); -+ gcc_unreachable(); -+ } -+} -+ -+// determine whether duplication will be necessary or not. -+static void search_interesting_conditions(struct interesting_node *cur_node, bool *interesting_conditions) -+{ -+ struct pointer_set_t *visited; -+ -+ if (gimple_assign_cast_p(cur_node->first_stmt)) -+ interesting_conditions[CAST] = true; -+ else if (is_gimple_assign(cur_node->first_stmt) && gimple_num_ops(cur_node->first_stmt) > 2) -+ interesting_conditions[NOT_UNARY] = true; -+ -+ visited = pointer_set_create(); -+ set_conditions(visited, interesting_conditions, cur_node->node); -+ pointer_set_destroy(visited); -+} -+ -+// Remove the size_overflow asm stmt and create an assignment from the input and output of the asm -+static void replace_size_overflow_asm_with_assign(gimple asm_stmt, tree lhs, tree rhs) -+{ -+ gimple assign; -+ gimple_stmt_iterator gsi; -+ -+ // already removed -+ if (gimple_bb(asm_stmt) == NULL) -+ return; -+ gsi = gsi_for_stmt(asm_stmt); -+ -+ assign = gimple_build_assign(lhs, rhs); -+ gsi_insert_before(&gsi, assign, GSI_SAME_STMT); -+ SSA_NAME_DEF_STMT(lhs) = assign; -+ -+ gsi_remove(&gsi, true); -+} -+ -+// Get the field decl of a component ref for intentional_overflow checking -+static const_tree search_field_decl(const_tree comp_ref) -+{ -+ const_tree field = NULL_TREE; -+ unsigned int i, len = TREE_OPERAND_LENGTH(comp_ref); -+ -+ for (i = 0; i < len; i++) { -+ field = TREE_OPERAND(comp_ref, i); -+ if (TREE_CODE(field) == FIELD_DECL) -+ break; -+ } -+ gcc_assert(TREE_CODE(field) == FIELD_DECL); -+ return field; -+} -+ -+/* Get the fndecl of an interesting stmt, the fndecl is the caller function if the interesting -+ * stmt is a return otherwise it is the callee function. -+ */ -+static const_tree get_interesting_orig_fndecl(const_gimple stmt, unsigned int argnum) -+{ -+ const_tree fndecl; -+ -+ if (argnum == 0) -+ fndecl = current_function_decl; -+ else -+ fndecl = gimple_call_fndecl(stmt); -+ -+ if (fndecl == NULL_TREE) -+ return NULL_TREE; -+ -+ return DECL_ORIGIN(fndecl); -+} -+ -+/* Get the param of the intentional_overflow attribute. -+ * * 0: MARK_NOT_INTENTIONAL -+ * * 1..MAX_PARAM: MARK_YES -+ * * -1: MARK_TURN_OFF -+ */ -+static tree get_attribute_param(const_tree decl) -+{ -+ const_tree attr; -+ -+ if (decl == NULL_TREE) -+ return NULL_TREE; -+ -+ attr = lookup_attribute("intentional_overflow", DECL_ATTRIBUTES(decl)); -+ if (!attr || !TREE_VALUE(attr)) -+ return NULL_TREE; -+ -+ return TREE_VALUE(attr); -+} -+ -+// MARK_TURN_OFF -+static bool is_turn_off_intentional_attr(const_tree decl) -+{ -+ const_tree param_head; -+ -+ param_head = get_attribute_param(decl); -+ if (param_head == NULL_TREE) -+ return false; -+ -+ if (TREE_INT_CST_HIGH(TREE_VALUE(param_head)) == -1) -+ return true; -+ return false; -+} -+ -+// MARK_NOT_INTENTIONAL -+static bool is_end_intentional_intentional_attr(const_tree decl, unsigned int argnum) -+{ -+ const_tree param_head; -+ -+ if (argnum == 0) -+ return false; -+ -+ param_head = get_attribute_param(decl); -+ if (param_head == NULL_TREE) -+ return false; -+ -+ if (!TREE_INT_CST_LOW(TREE_VALUE(param_head))) -+ return true; -+ return false; -+} -+ -+// MARK_YES -+static bool is_yes_intentional_attr(const_tree decl, unsigned int argnum) -+{ -+ tree param, param_head; -+ -+ if (argnum == 0) -+ return false; -+ -+ param_head = get_attribute_param(decl); -+ for (param = param_head; param; param = TREE_CHAIN(param)) -+ if (argnum == TREE_INT_CST_LOW(TREE_VALUE(param))) -+ return true; -+ return false; -+} -+ -+static const char *get_asm_string(const_gimple stmt) -+{ -+ if (!stmt) -+ return NULL; -+ if (gimple_code(stmt) != GIMPLE_ASM) -+ return NULL; -+ -+ return gimple_asm_string(stmt); -+} -+ -+static bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt) -+{ -+ const char *str; -+ -+ str = get_asm_string(stmt); -+ if (!str) -+ return false; -+ return !strncmp(str, TURN_OFF_ASM_STR, sizeof(TURN_OFF_ASM_STR) - 1); -+} -+ -+static bool is_size_overflow_intentional_asm_yes(const_gimple stmt) -+{ -+ const char *str; -+ -+ str = get_asm_string(stmt); -+ if (!str) -+ return false; -+ return !strncmp(str, YES_ASM_STR, sizeof(YES_ASM_STR) - 1); -+} -+ -+static bool is_size_overflow_asm(const_gimple stmt) -+{ -+ const char *str; -+ -+ str = get_asm_string(stmt); -+ if (!str) -+ return false; -+ return !strncmp(str, OK_ASM_STR, sizeof(OK_ASM_STR) - 1); -+} -+ -+static void print_missing_intentional(enum mark callee_attr, enum mark caller_attr, const_tree decl, unsigned int argnum) -+{ -+ location_t loc; -+ -+ if (caller_attr == MARK_NO || caller_attr == MARK_NOT_INTENTIONAL || caller_attr == MARK_TURN_OFF) -+ return; -+ -+ if (callee_attr == MARK_NOT_INTENTIONAL || callee_attr == MARK_YES) -+ return; -+ -+ loc = DECL_SOURCE_LOCATION(decl); -+ inform(loc, "The intentional_overflow attribute is missing from +%s+%u+", DECL_NAME_POINTER(decl), argnum); -+} -+ -+/* Get the type of the intentional_overflow attribute of a node -+ * * MARK_TURN_OFF -+ * * MARK_YES -+ * * MARK_NO -+ * * MARK_NOT_INTENTIONAL -+ */ -+static enum mark get_intentional_attr_type(const_tree node) -+{ -+ const_tree cur_decl; -+ -+ if (node == NULL_TREE) -+ return MARK_NO; -+ -+ switch (TREE_CODE(node)) { -+ case COMPONENT_REF: -+ cur_decl = search_field_decl(node); -+ if (is_turn_off_intentional_attr(cur_decl)) -+ return MARK_TURN_OFF; -+ if (is_end_intentional_intentional_attr(cur_decl, 1)) -+ return MARK_YES; -+ break; -+ case PARM_DECL: { -+ unsigned int argnum; -+ -+ cur_decl = DECL_ORIGIN(current_function_decl); -+ argnum = find_arg_number_tree(node, cur_decl); -+ if (argnum == CANNOT_FIND_ARG) -+ return MARK_NO; -+ if (is_yes_intentional_attr(cur_decl, argnum)) -+ return MARK_YES; -+ if (is_end_intentional_intentional_attr(cur_decl, argnum)) -+ return MARK_NOT_INTENTIONAL; -+ break; -+ } -+ case FUNCTION_DECL: -+ if (is_turn_off_intentional_attr(DECL_ORIGIN(node))) -+ return MARK_TURN_OFF; -+ break; -+ default: -+ break; -+ } -+ return MARK_NO; -+} -+ -+// Search for the intentional_overflow attribute on the last nodes -+static enum mark search_last_nodes_intentional(struct interesting_node *cur_node) -+{ -+ unsigned int i; -+ tree last_node; -+ enum mark mark = MARK_NO; -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, last_node) { -+#else -+ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, last_node) { -+#endif -+ mark = get_intentional_attr_type(last_node); -+ if (mark != MARK_NO) -+ break; -+ } -+ return mark; -+} -+ -+/* Check the intentional kind of size_overflow asm stmt (created by the gimple pass) and -+ * set the appropriate intentional_overflow type. Delete the asm stmt in the end. -+ */ -+static bool is_intentional_attribute_from_gimple(struct interesting_node *cur_node) -+{ -+ if (!cur_node->intentional_mark_from_gimple) -+ return false; -+ -+ if (is_size_overflow_intentional_asm_yes(cur_node->intentional_mark_from_gimple)) -+ cur_node->intentional_attr_cur_fndecl = MARK_YES; -+ else -+ cur_node->intentional_attr_cur_fndecl = MARK_TURN_OFF; -+ -+ // skip param decls -+ if (gimple_asm_noutputs(cur_node->intentional_mark_from_gimple) == 0) -+ return true; -+ return true; -+} -+ -+/* Search intentional_overflow attribute on caller and on callee too. -+ * 0</MARK_YES: no dup, search size_overflow and intentional_overflow attributes -+ * 0/MARK_NOT_INTENTIONAL: no dup, search size_overflow attribute (int) -+ * -1/MARK_TURN_OFF: no dup, no search, current_function_decl -> no dup -+*/ -+static void check_intentional_attribute_ipa(struct interesting_node *cur_node) -+{ -+ const_tree fndecl; -+ -+ if (is_intentional_attribute_from_gimple(cur_node)) -+ return; -+ -+ if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { -+ cur_node->intentional_attr_cur_fndecl = MARK_TURN_OFF; -+ return; -+ } -+ -+ if (gimple_code(cur_node->first_stmt) == GIMPLE_ASM) { -+ cur_node->intentional_attr_cur_fndecl = MARK_NOT_INTENTIONAL; -+ return; -+ } -+ -+ if (gimple_code(cur_node->first_stmt) == GIMPLE_ASSIGN) -+ return; -+ -+ fndecl = get_interesting_orig_fndecl(cur_node->first_stmt, cur_node->num); -+ if (is_turn_off_intentional_attr(fndecl)) { -+ cur_node->intentional_attr_decl = MARK_TURN_OFF; -+ return; -+ } -+ -+ if (is_end_intentional_intentional_attr(fndecl, cur_node->num)) -+ cur_node->intentional_attr_decl = MARK_NOT_INTENTIONAL; -+ else if (is_yes_intentional_attr(fndecl, cur_node->num)) -+ cur_node->intentional_attr_decl = MARK_YES; -+ -+ cur_node->intentional_attr_cur_fndecl = search_last_nodes_intentional(cur_node); -+ print_missing_intentional(cur_node->intentional_attr_decl, cur_node->intentional_attr_cur_fndecl, cur_node->fndecl, cur_node->num); -+} -+ -+// e.g., 3.8.2, 64, arch/x86/ia32/ia32_signal.c copy_siginfo_from_user32(): compat_ptr() u32 max -+static bool skip_asm(const_tree arg) -+{ -+ gimple def_stmt = get_def_stmt(arg); -+ -+ if (!def_stmt || !gimple_assign_cast_p(def_stmt)) -+ return false; -+ -+ def_stmt = get_def_stmt(gimple_assign_rhs1(def_stmt)); -+ return def_stmt && gimple_code(def_stmt) == GIMPLE_ASM; -+} -+ -+static void walk_use_def_phi(struct pointer_set_t *visited, struct interesting_node *cur_node, tree result) -+{ -+ gimple phi = get_def_stmt(result); -+ unsigned int i, n = gimple_phi_num_args(phi); -+ -+ pointer_set_insert(visited, phi); -+ for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(phi, i); -+ -+ walk_use_def(visited, cur_node, arg); -+ } -+} -+ -+static void walk_use_def_binary(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) -+{ -+ gimple def_stmt = get_def_stmt(lhs); -+ tree rhs1, rhs2; -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ -+ walk_use_def(visited, cur_node, rhs1); -+ walk_use_def(visited, cur_node, rhs2); -+} -+ -+static void insert_last_node(struct interesting_node *cur_node, tree node) -+{ -+ unsigned int i; -+ tree element; -+ enum tree_code code; -+ -+ gcc_assert(node != NULL_TREE); -+ -+ if (is_gimple_constant(node)) -+ return; -+ -+ code = TREE_CODE(node); -+ if (code == VAR_DECL) { -+ node = DECL_ORIGIN(node); -+ code = TREE_CODE(node); -+ } -+ -+ if (code != PARM_DECL && code != FUNCTION_DECL && code != COMPONENT_REF) -+ return; -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ FOR_EACH_VEC_ELT(tree, cur_node->last_nodes, i, element) { -+#else -+ FOR_EACH_VEC_ELT(*cur_node->last_nodes, i, element) { -+#endif -+ if (operand_equal_p(node, element, 0)) -+ return; -+ } -+ -+#if BUILDING_GCC_VERSION <= 4007 -+ gcc_assert(VEC_length(tree, cur_node->last_nodes) < VEC_LEN); -+ VEC_safe_push(tree, gc, cur_node->last_nodes, node); -+#else -+ gcc_assert(cur_node->last_nodes->length() < VEC_LEN); -+ vec_safe_push(cur_node->last_nodes, node); -+#endif -+} -+ -+// a size_overflow asm stmt in the control flow doesn't stop the recursion -+static void handle_asm_stmt(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs, const_gimple stmt) -+{ -+ if (!is_size_overflow_asm(stmt)) -+ walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); -+} -+ -+/* collect the parm_decls and fndecls (for checking a missing size_overflow attribute (ret or arg) or intentional_overflow) -+ * and component refs (for checking the intentional_overflow attribute). -+ */ -+static void walk_use_def(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs) -+{ -+ const_gimple def_stmt; -+ -+ if (TREE_CODE(lhs) != SSA_NAME) { -+ insert_last_node(cur_node, lhs); -+ return; -+ } -+ -+ def_stmt = get_def_stmt(lhs); -+ if (!def_stmt) -+ return; -+ -+ if (pointer_set_insert(visited, def_stmt)) -+ return; -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_NOP: -+ return walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); -+ case GIMPLE_ASM: -+ return handle_asm_stmt(visited, cur_node, lhs, def_stmt); -+ case GIMPLE_CALL: { -+ tree fndecl = gimple_call_fndecl(def_stmt); -+ -+ if (fndecl == NULL_TREE) -+ return; -+ insert_last_node(cur_node, fndecl); -+ return; -+ } -+ case GIMPLE_PHI: -+ return walk_use_def_phi(visited, cur_node, lhs); -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { -+ case 2: -+ return walk_use_def(visited, cur_node, gimple_assign_rhs1(def_stmt)); -+ case 3: -+ return walk_use_def_binary(visited, cur_node, lhs); -+ } -+ default: -+ debug_gimple_stmt((gimple)def_stmt); -+ error("%s: unknown gimple code", __func__); -+ gcc_unreachable(); -+ } -+} -+ -+// Collect all the last nodes for checking the intentional_overflow and size_overflow attributes -+static void set_last_nodes(struct interesting_node *cur_node) -+{ -+ struct pointer_set_t *visited; -+ -+ visited = pointer_set_create(); -+ walk_use_def(visited, cur_node, cur_node->node); -+ pointer_set_destroy(visited); -+} -+ -+enum precond { -+ NO_ATTRIBUTE_SEARCH, NO_CHECK_INSERT, NONE -+}; -+ -+/* If there is a mark_turn_off intentional attribute on the caller or the callee then there is no duplication and missing size_overflow attribute check anywhere. -+ * There is only missing size_overflow attribute checking if the intentional_overflow attribute is the mark_no type. -+ * Stmt duplication is unnecessary if there are no binary/ternary assignements or if the unary assignment isn't a cast. -+ * It skips the possible error codes too. If the def_stmts trace back to a constant and there are no binary/ternary assigments then we assume that it is some kind of error code. -+ */ -+static enum precond check_preconditions(struct interesting_node *cur_node) -+{ -+ bool interesting_conditions[3] = {false, false, false}; -+ -+ set_last_nodes(cur_node); -+ -+ check_intentional_attribute_ipa(cur_node); -+ if (cur_node->intentional_attr_decl == MARK_TURN_OFF || cur_node->intentional_attr_cur_fndecl == MARK_TURN_OFF) -+ return NO_ATTRIBUTE_SEARCH; -+ -+ search_interesting_conditions(cur_node, interesting_conditions); -+ -+ // error code -+ if (interesting_conditions[CAST] && interesting_conditions[FROM_CONST] && !interesting_conditions[NOT_UNARY]) -+ return NO_ATTRIBUTE_SEARCH; -+ -+ // unnecessary overflow check -+ if (!interesting_conditions[CAST] && !interesting_conditions[NOT_UNARY]) -+ return NO_CHECK_INSERT; -+ -+ if (cur_node->intentional_attr_cur_fndecl != MARK_NO) -+ return NO_CHECK_INSERT; -+ -+ return NONE; -+} -+ -+/* This function calls the main recursion function (expand) that duplicates the stmts. Before that it checks the intentional_overflow attribute and asm stmts, -+ * it decides whether the duplication is necessary or not and it searches for missing size_overflow attributes. After expand() it changes the orig node to the duplicated node -+ * in the original stmt (first stmt) and it inserts the overflow check for the arg of the callee or for the return value. -+ */ -+static struct next_cgraph_node *handle_interesting_stmt(struct next_cgraph_node *cnodes, struct interesting_node *cur_node, struct cgraph_node *caller_node) -+{ -+ enum precond ret; -+ struct pointer_set_t *visited; -+ tree new_node, orig_node = cur_node->node; -+ -+ ret = check_preconditions(cur_node); -+ if (ret == NO_ATTRIBUTE_SEARCH) -+ return cnodes; -+ -+ cnodes = search_overflow_attribute(cnodes, cur_node); -+ -+ if (ret == NO_CHECK_INSERT) -+ return cnodes; -+ -+ visited = pointer_set_create(); -+ new_node = expand(visited, caller_node, orig_node); -+ pointer_set_destroy(visited); -+ -+ if (new_node == NULL_TREE) -+ return cnodes; -+ -+ change_orig_node(cur_node, new_node); -+ check_size_overflow(caller_node, cur_node->first_stmt, TREE_TYPE(new_node), new_node, orig_node, BEFORE_STMT); -+ -+ return cnodes; -+} -+ -+// Check visited interesting nodes. -+static bool is_in_interesting_node(struct interesting_node *head, const_gimple first_stmt, const_tree node, unsigned int num) -+{ -+ struct interesting_node *cur; -+ -+ for (cur = head; cur; cur = cur->next) { -+ if (!operand_equal_p(node, cur->node, 0)) -+ continue; -+ if (num != cur->num) -+ continue; -+ if (first_stmt == cur->first_stmt) -+ return true; -+ } -+ return false; -+} -+ -+/* Create an interesting node. The ipa pass starts to duplicate from these stmts. -+ first_stmt: it is the call or assignment or ret stmt, change_orig_node() will change the original node (retval, or function arg) in this -+ last_nodes: they are the last stmts in the recursion (they haven't a def_stmt). They are useful in the missing size_overflow attribute check and -+ the intentional_overflow attribute check. They are collected by set_last_nodes(). -+ num: arg count of a call stmt or 0 when it is a ret -+ node: the recursion starts from here, it is a call arg or a return value -+ fndecl: the fndecl of the interesting node when the node is an arg. it is the fndecl of the callee function otherwise it is the fndecl of the caller (current_function_fndecl) function. -+ intentional_attr_decl: intentional_overflow attribute of the callee function -+ intentional_attr_cur_fndecl: intentional_overflow attribute of the caller function -+ intentional_mark_from_gimple: the intentional overflow type of size_overflow asm stmt from gimple if it exists -+ */ -+static struct interesting_node *create_new_interesting_node(struct interesting_node *head, gimple first_stmt, tree node, unsigned int num, gimple asm_stmt) -+{ -+ struct interesting_node *new_node; -+ tree fndecl; -+ enum gimple_code code; -+ -+ gcc_assert(node != NULL_TREE); -+ code = gimple_code(first_stmt); -+ gcc_assert(code == GIMPLE_CALL || code == GIMPLE_ASM || code == GIMPLE_ASSIGN || code == GIMPLE_RETURN); -+ -+ if (num == CANNOT_FIND_ARG) -+ return head; -+ -+ if (skip_types(node)) -+ return head; -+ -+ if (skip_asm(node)) -+ return head; -+ -+ if (is_gimple_call(first_stmt)) -+ fndecl = gimple_call_fndecl(first_stmt); -+ else -+ fndecl = current_function_decl; -+ -+ if (fndecl == NULL_TREE) -+ return head; -+ -+ if (is_in_interesting_node(head, first_stmt, node, num)) -+ return head; -+ -+ new_node = (struct interesting_node *)xmalloc(sizeof(*new_node)); -+ -+ new_node->next = NULL; -+ new_node->first_stmt = first_stmt; -+#if BUILDING_GCC_VERSION <= 4007 -+ new_node->last_nodes = VEC_alloc(tree, gc, VEC_LEN); -+#else -+ vec_alloc(new_node->last_nodes, VEC_LEN); -+#endif -+ new_node->num = num; -+ new_node->node = node; -+ new_node->fndecl = fndecl; -+ new_node->intentional_attr_decl = MARK_NO; -+ new_node->intentional_attr_cur_fndecl = MARK_NO; -+ new_node->intentional_mark_from_gimple = asm_stmt; -+ -+ if (!head) -+ return new_node; -+ -+ new_node->next = head; -+ return new_node; -+} -+ -+/* Check the ret stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). -+ * If the ret stmt is in the next cgraph node list then it's an interesting ret. -+ */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_ret(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) -+{ -+ struct next_cgraph_node *cur_node; -+ tree ret = gimple_return_retval(stmt); -+ -+ if (ret == NULL_TREE) -+ return head; -+ -+ for (cur_node = next_node; cur_node; cur_node = cur_node->next) { -+ if (!operand_equal_p(cur_node->callee_fndecl, DECL_ORIGIN(current_function_decl), 0)) -+ continue; -+ if (cur_node->num == 0) -+ head = create_new_interesting_node(head, stmt, ret, 0, NOT_INTENTIONAL_ASM); -+ } -+ -+ return head; -+} -+ -+/* Check the call stmts in the functions on the next cgraph node list (these functions will be in the hash table and they are reachable from ipa). -+ * If the call stmt is in the next cgraph node list then it's an interesting call. -+ */ -+static struct interesting_node *handle_stmt_by_cgraph_nodes_call(struct interesting_node *head, gimple stmt, struct next_cgraph_node *next_node) -+{ -+ unsigned int argnum; -+ tree arg; -+ const_tree fndecl; -+ struct next_cgraph_node *cur_node; -+ -+ fndecl = gimple_call_fndecl(stmt); -+ if (fndecl == NULL_TREE) -+ return head; -+ -+ for (cur_node = next_node; cur_node; cur_node = cur_node->next) { -+ if (!operand_equal_p(cur_node->callee_fndecl, fndecl, 0)) -+ continue; -+ argnum = get_correct_arg_count(cur_node->num, fndecl); -+ gcc_assert(argnum != CANNOT_FIND_ARG); -+ if (argnum == 0) -+ continue; -+ -+ arg = gimple_call_arg(stmt, argnum - 1); -+ head = create_new_interesting_node(head, stmt, arg, argnum, NOT_INTENTIONAL_ASM); -+ } -+ -+ return head; -+} -+ -+static unsigned int check_ops(const_tree orig_node, const_tree node, unsigned int ret_count) -+{ -+ if (!operand_equal_p(orig_node, node, 0)) -+ return WRONG_NODE; -+ if (skip_types(node)) -+ return WRONG_NODE; -+ return ret_count; -+} -+ -+// Get the index of the rhs node in an assignment -+static unsigned int get_assign_ops_count(const_gimple stmt, tree node) -+{ -+ const_tree rhs1, rhs2; -+ unsigned int ret; -+ -+ gcc_assert(stmt); -+ gcc_assert(is_gimple_assign(stmt)); -+ -+ rhs1 = gimple_assign_rhs1(stmt); -+ gcc_assert(rhs1 != NULL_TREE); -+ -+ switch (gimple_num_ops(stmt)) { -+ case 2: -+ return check_ops(node, rhs1, 1); -+ case 3: -+ ret = check_ops(node, rhs1, 1); -+ if (ret != WRONG_NODE) -+ return ret; -+ -+ rhs2 = gimple_assign_rhs2(stmt); -+ gcc_assert(rhs2 != NULL_TREE); -+ return check_ops(node, rhs2, 2); -+ default: -+ gcc_unreachable(); -+ } -+} -+ -+// Find the correct arg number of a call stmt. It is needed when the interesting function is a cloned function. -+static unsigned int find_arg_number_gimple(const_tree arg, const_gimple stmt) -+{ -+ unsigned int i; -+ -+ if (gimple_call_fndecl(stmt) == NULL_TREE) -+ return CANNOT_FIND_ARG; -+ -+ for (i = 0; i < gimple_call_num_args(stmt); i++) { -+ tree node; -+ -+ node = gimple_call_arg(stmt, i); -+ if (!operand_equal_p(arg, node, 0)) -+ continue; -+ if (!skip_types(node)) -+ return i + 1; -+ } -+ -+ return CANNOT_FIND_ARG; -+} -+ -+/* starting from the size_overflow asm stmt collect interesting stmts. They can be -+ * any of return, call or assignment stmts (because of inlining). -+ */ -+static struct interesting_node *get_interesting_ret_or_call(struct pointer_set_t *visited, struct interesting_node *head, tree node, gimple intentional_asm) -+{ -+ use_operand_p use_p; -+ imm_use_iterator imm_iter; -+ unsigned int argnum; -+ -+ gcc_assert(TREE_CODE(node) == SSA_NAME); -+ -+ if (pointer_set_insert(visited, node)) -+ return head; -+ -+ FOR_EACH_IMM_USE_FAST(use_p, imm_iter, node) { -+ gimple stmt = USE_STMT(use_p); -+ -+ if (stmt == NULL) -+ return head; -+ if (is_gimple_debug(stmt)) -+ continue; -+ -+ switch (gimple_code(stmt)) { -+ case GIMPLE_CALL: -+ argnum = find_arg_number_gimple(node, stmt); -+ head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); -+ break; -+ case GIMPLE_RETURN: -+ head = create_new_interesting_node(head, stmt, node, 0, intentional_asm); -+ break; -+ case GIMPLE_ASSIGN: -+ argnum = get_assign_ops_count(stmt, node); -+ head = create_new_interesting_node(head, stmt, node, argnum, intentional_asm); -+ break; -+ case GIMPLE_PHI: { -+ tree result = gimple_phi_result(stmt); -+ head = get_interesting_ret_or_call(visited, head, result, intentional_asm); -+ break; -+ } -+ case GIMPLE_ASM: -+ if (gimple_asm_noutputs(stmt) != 0) -+ break; -+ if (!is_size_overflow_asm(stmt)) -+ break; -+ head = create_new_interesting_node(head, stmt, node, 1, intentional_asm); -+ break; -+ case GIMPLE_COND: -+ case GIMPLE_SWITCH: -+ break; -+ default: -+ debug_gimple_stmt(stmt); -+ gcc_unreachable(); -+ break; -+ } -+ } -+ return head; -+} -+ -+static void remove_size_overflow_asm(gimple stmt) -+{ -+ gimple_stmt_iterator gsi; -+ tree input, output; -+ -+ if (!is_size_overflow_asm(stmt)) -+ return; -+ -+ if (gimple_asm_noutputs(stmt) == 0) { -+ gsi = gsi_for_stmt(stmt); -+ ipa_remove_stmt_references(cgraph_get_create_node(current_function_decl), stmt); -+ gsi_remove(&gsi, true); -+ return; -+ } -+ -+ input = gimple_asm_input_op(stmt, 0); -+ output = gimple_asm_output_op(stmt, 0); -+ replace_size_overflow_asm_with_assign(stmt, TREE_VALUE(output), TREE_VALUE(input)); -+} -+ -+/* handle the size_overflow asm stmts from the gimple pass and collect the interesting stmts. -+ * If the asm stmt is a parm_decl kind (noutputs == 0) then remove it. -+ * If it is a simple asm stmt then replace it with an assignment from the asm input to the asm output. -+ */ -+static struct interesting_node *handle_stmt_by_size_overflow_asm(gimple stmt, struct interesting_node *head) -+{ -+ const_tree output; -+ struct pointer_set_t *visited; -+ gimple intentional_asm = NOT_INTENTIONAL_ASM; -+ -+ if (!is_size_overflow_asm(stmt)) -+ return head; -+ -+ if (is_size_overflow_intentional_asm_yes(stmt) || is_size_overflow_intentional_asm_turn_off(stmt)) -+ intentional_asm = stmt; -+ -+ gcc_assert(gimple_asm_ninputs(stmt) == 1); -+ -+ if (gimple_asm_noutputs(stmt) == 0 && is_size_overflow_intentional_asm_turn_off(stmt)) -+ return head; -+ -+ if (gimple_asm_noutputs(stmt) == 0) { -+ const_tree input; -+ -+ if (!is_size_overflow_intentional_asm_turn_off(stmt)) -+ return head; -+ -+ input = gimple_asm_input_op(stmt, 0); -+ remove_size_overflow_asm(stmt); -+ if (is_gimple_constant(TREE_VALUE(input))) -+ return head; -+ visited = pointer_set_create(); -+ head = get_interesting_ret_or_call(visited, head, TREE_VALUE(input), intentional_asm); -+ pointer_set_destroy(visited); -+ return head; -+ } -+ -+ if (!is_size_overflow_intentional_asm_yes(stmt) && !is_size_overflow_intentional_asm_turn_off(stmt)) -+ remove_size_overflow_asm(stmt); -+ -+ visited = pointer_set_create(); -+ output = gimple_asm_output_op(stmt, 0); -+ head = get_interesting_ret_or_call(visited, head, TREE_VALUE(output), intentional_asm); -+ pointer_set_destroy(visited); -+ return head; -+} -+ -+/* Iterate over all the stmts of a function and look for the size_overflow asm stmts (they were created in the gimple pass) -+ * or a call stmt or a return stmt and store them in the interesting_node list -+ */ -+static struct interesting_node *collect_interesting_stmts(struct next_cgraph_node *next_node) -+{ -+ basic_block bb; -+ struct interesting_node *head = NULL; -+ -+ FOR_ALL_BB_FN(bb, cfun) { -+ gimple_stmt_iterator gsi; -+ -+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { -+ enum gimple_code code; -+ gimple stmt = gsi_stmt(gsi); -+ -+ code = gimple_code(stmt); -+ -+ if (code == GIMPLE_ASM) -+ head = handle_stmt_by_size_overflow_asm(stmt, head); -+ -+ if (!next_node) -+ continue; -+ if (code == GIMPLE_CALL) -+ head = handle_stmt_by_cgraph_nodes_call(head, stmt, next_node); -+ if (code == GIMPLE_RETURN) -+ head = handle_stmt_by_cgraph_nodes_ret(head, stmt, next_node); -+ } -+ } -+ return head; -+} -+ -+static void set_current_function_decl(tree fndecl) -+{ -+ gcc_assert(fndecl != NULL_TREE); -+ -+ push_cfun(DECL_STRUCT_FUNCTION(fndecl)); -+ calculate_dominance_info(CDI_DOMINATORS); -+ current_function_decl = fndecl; -+} -+ -+static void unset_current_function_decl(void) -+{ -+ free_dominance_info(CDI_DOMINATORS); -+ pop_cfun(); -+ current_function_decl = NULL_TREE; -+} -+ -+static void free_interesting_node(struct interesting_node *head) -+{ -+ struct interesting_node *cur; -+ -+ while (head) { -+ cur = head->next; -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC_free(tree, gc, head->last_nodes); -+#else -+ vec_free(head->last_nodes); -+#endif -+ free(head); -+ head = cur; -+ } -+} -+ -+static struct visited *insert_visited_function(struct visited *head, struct interesting_node *cur_node) -+{ -+ struct visited *new_visited; -+ -+ new_visited = (struct visited *)xmalloc(sizeof(*new_visited)); -+ new_visited->fndecl = cur_node->fndecl; -+ new_visited->num = cur_node->num; -+ new_visited->next = NULL; -+ -+ if (!head) -+ return new_visited; -+ -+ new_visited->next = head; -+ return new_visited; -+} -+ -+/* Check whether the function was already visited. If the fndecl, the arg count of the fndecl and the first_stmt (call or return) are same then -+ * it is a visited function. -+ */ -+static bool is_visited_function(struct visited *head, struct interesting_node *cur_node) -+{ -+ struct visited *cur; -+ -+ if (!head) -+ return false; -+ -+ if (get_stmt_flag(cur_node->first_stmt) != VISITED_STMT) -+ return false; -+ -+ for (cur = head; cur; cur = cur->next) { -+ if (!operand_equal_p(cur_node->fndecl, cur->fndecl, 0)) -+ continue; -+ if (cur_node->num == cur->num) -+ return true; -+ } -+ return false; -+} -+ -+static void free_next_cgraph_node(struct next_cgraph_node *head) -+{ -+ struct next_cgraph_node *cur; -+ -+ while (head) { -+ cur = head->next; -+ free(head); -+ head = cur; -+ } -+} -+ -+static void remove_all_size_overflow_asm(void) -+{ -+ basic_block bb; -+ -+ FOR_ALL_BB_FN(bb, cfun) { -+ gimple_stmt_iterator si; -+ -+ for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si)) -+ remove_size_overflow_asm(gsi_stmt(si)); -+ } -+} -+ -+/* Main recursive walk of the ipa pass: iterate over the collected interesting stmts in a function -+ * (they are interesting if they have an associated size_overflow asm stmt) and recursively walk -+ * the newly collected interesting functions (they are interesting if there is control flow between -+ * the interesting stmts and them). -+ */ -+static struct visited *handle_function(struct cgraph_node *node, struct next_cgraph_node *next_node, struct visited *visited) -+{ -+ struct interesting_node *head, *cur_node; -+ struct next_cgraph_node *cur_cnodes, *cnodes_head = NULL; -+ -+ set_current_function_decl(NODE_DECL(node)); -+ call_count = 0; -+ -+ head = collect_interesting_stmts(next_node); -+ -+ for (cur_node = head; cur_node; cur_node = cur_node->next) { -+ if (is_visited_function(visited, cur_node)) -+ continue; -+ cnodes_head = handle_interesting_stmt(cnodes_head, cur_node, node); -+ set_stmt_flag(cur_node->first_stmt, VISITED_STMT); -+ visited = insert_visited_function(visited, cur_node); -+ } -+ -+ free_interesting_node(head); -+ remove_all_size_overflow_asm(); -+ unset_current_function_decl(); -+ -+ for (cur_cnodes = cnodes_head; cur_cnodes; cur_cnodes = cur_cnodes->next) -+ visited = handle_function(cur_cnodes->current_function, cur_cnodes, visited); -+ -+ free_next_cgraph_node(cnodes_head); -+ return visited; -+} -+ -+static void free_visited(struct visited *head) -+{ -+ struct visited *cur; -+ -+ while (head) { -+ cur = head->next; -+ free(head); -+ head = cur; -+ } -+} -+ -+// erase the local flag -+static void set_plf_false(void) -+{ -+ basic_block bb; -+ -+ FOR_ALL_BB_FN(bb, cfun) { -+ gimple_stmt_iterator si; -+ -+ for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si)) -+ set_stmt_flag(gsi_stmt(si), NO_FLAGS); -+ for (si = gsi_start_phis(bb); !gsi_end_p(si); gsi_next(&si)) -+ set_stmt_flag(gsi_stmt(si), NO_FLAGS); -+ } -+} -+ -+// Main entry point of the ipa pass: erases the plf flag of all stmts and iterates over all the functions -+static unsigned int search_function(void) -+{ -+ struct cgraph_node *node; -+ struct visited *visited = NULL; -+ -+ FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { -+ set_current_function_decl(NODE_DECL(node)); -+ set_plf_false(); -+ unset_current_function_decl(); -+ } -+ -+ FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { -+ gcc_assert(cgraph_function_flags_ready); -+#if BUILDING_GCC_VERSION <= 4007 -+ gcc_assert(node->reachable); -+#endif -+ -+ visited = handle_function(node, NULL, visited); -+ } -+ -+ free_visited(visited); -+ return 0; -+} -+ -+#if BUILDING_GCC_VERSION >= 4009 -+static const struct pass_data ipa_pass_data = { -+#else -+static struct ipa_opt_pass_d ipa_pass = { -+ .pass = { -+#endif -+ .type = SIMPLE_IPA_PASS, -+ .name = "size_overflow", -+#if BUILDING_GCC_VERSION >= 4008 -+ .optinfo_flags = OPTGROUP_NONE, -+#endif -+#if BUILDING_GCC_VERSION >= 4009 -+ .has_gate = false, -+ .has_execute = true, -+#else -+ .gate = NULL, -+ .execute = search_function, -+ .sub = NULL, -+ .next = NULL, -+ .static_pass_number = 0, -+#endif -+ .tv_id = TV_NONE, -+ .properties_required = 0, -+ .properties_provided = 0, -+ .properties_destroyed = 0, -+ .todo_flags_start = 0, -+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_remove_unused_locals | TODO_ggc_collect | TODO_verify_flow | TODO_dump_cgraph | TODO_dump_func | TODO_update_ssa_no_phi, -+#if BUILDING_GCC_VERSION < 4009 -+ }, -+ .generate_summary = NULL, -+ .write_summary = NULL, -+ .read_summary = NULL, -+#if BUILDING_GCC_VERSION >= 4006 -+ .write_optimization_summary = NULL, -+ .read_optimization_summary = NULL, -+#endif -+ .stmt_fixup = NULL, -+ .function_transform_todo_flags_start = 0, -+ .function_transform = NULL, -+ .variable_transform = NULL, -+#endif -+}; -+ -+#if BUILDING_GCC_VERSION >= 4009 -+namespace { -+class ipa_pass : public ipa_opt_pass_d { -+public: -+ ipa_pass() : ipa_opt_pass_d(ipa_pass_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} -+ unsigned int execute() { return search_function(); } -+}; -+} -+#endif -+ -+static struct opt_pass *make_ipa_pass(void) -+{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new ipa_pass(); -+#else -+ return &ipa_pass.pass; -+#endif -+} -+ -+// data for the size_overflow asm stmt -+struct asm_data { -+ gimple def_stmt; -+ tree input; -+ tree output; -+}; -+ -+#if BUILDING_GCC_VERSION <= 4007 -+static VEC(tree, gc) *create_asm_io_list(tree string, tree io) -+#else -+static vec<tree, va_gc> *create_asm_io_list(tree string, tree io) -+#endif -+{ -+ tree list; -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC(tree, gc) *vec_list = NULL; -+#else -+ vec<tree, va_gc> *vec_list = NULL; -+#endif -+ -+ list = build_tree_list(NULL_TREE, string); -+ list = chainon(NULL_TREE, build_tree_list(list, io)); -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC_safe_push(tree, gc, vec_list, list); -+#else -+ vec_safe_push(vec_list, list); -+#endif -+ return vec_list; -+} -+ -+static void create_asm_stmt(const char *str, tree str_input, tree str_output, struct asm_data *asm_data) -+{ -+ gimple asm_stmt; -+ gimple_stmt_iterator gsi; -+#if BUILDING_GCC_VERSION <= 4007 -+ VEC(tree, gc) *input, *output = NULL; -+#else -+ vec<tree, va_gc> *input, *output = NULL; -+#endif -+ -+ input = create_asm_io_list(str_input, asm_data->input); -+ -+ if (asm_data->output) -+ output = create_asm_io_list(str_output, asm_data->output); -+ -+ asm_stmt = gimple_build_asm_vec(str, input, output, NULL, NULL); -+ gsi = gsi_for_stmt(asm_data->def_stmt); -+ gsi_insert_after(&gsi, asm_stmt, GSI_NEW_STMT); -+ -+ if (asm_data->output) -+ SSA_NAME_DEF_STMT(asm_data->output) = asm_stmt; -+} -+ -+static void replace_call_lhs(const struct asm_data *asm_data) -+{ -+ gimple_set_lhs(asm_data->def_stmt, asm_data->input); -+ update_stmt(asm_data->def_stmt); -+ SSA_NAME_DEF_STMT(asm_data->input) = asm_data->def_stmt; -+} -+ -+static enum mark search_intentional_phi(struct pointer_set_t *visited, const_tree result) -+{ -+ enum mark cur_fndecl_attr; -+ gimple phi = get_def_stmt(result); -+ unsigned int i, n = gimple_phi_num_args(phi); -+ -+ pointer_set_insert(visited, phi); -+ for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(phi, i); -+ -+ cur_fndecl_attr = search_intentional(visited, arg); -+ if (cur_fndecl_attr != MARK_NO) -+ return cur_fndecl_attr; -+ } -+ return MARK_NO; -+} -+ -+static enum mark search_intentional_binary(struct pointer_set_t *visited, const_tree lhs) -+{ -+ enum mark cur_fndecl_attr; -+ const_tree rhs1, rhs2; -+ gimple def_stmt = get_def_stmt(lhs); -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ -+ cur_fndecl_attr = search_intentional(visited, rhs1); -+ if (cur_fndecl_attr != MARK_NO) -+ return cur_fndecl_attr; -+ return search_intentional(visited, rhs2); -+} -+ -+// Look up the intentional_overflow attribute on the caller and the callee functions. -+static enum mark search_intentional(struct pointer_set_t *visited, const_tree lhs) -+{ -+ const_gimple def_stmt; -+ -+ if (TREE_CODE(lhs) != SSA_NAME) -+ return get_intentional_attr_type(lhs); -+ -+ def_stmt = get_def_stmt(lhs); -+ if (!def_stmt) -+ return MARK_NO; -+ -+ if (pointer_set_contains(visited, def_stmt)) -+ return MARK_NO; -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_NOP: -+ return search_intentional(visited, SSA_NAME_VAR(lhs)); -+ case GIMPLE_ASM: -+ if (is_size_overflow_intentional_asm_turn_off(def_stmt)) -+ return MARK_TURN_OFF; -+ return MARK_NO; -+ case GIMPLE_CALL: -+ return MARK_NO; -+ case GIMPLE_PHI: -+ return search_intentional_phi(visited, lhs); -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { -+ case 2: -+ return search_intentional(visited, gimple_assign_rhs1(def_stmt)); -+ case 3: -+ return search_intentional_binary(visited, lhs); -+ } -+ case GIMPLE_RETURN: -+ return MARK_NO; -+ default: -+ debug_gimple_stmt((gimple)def_stmt); -+ error("%s: unknown gimple code", __func__); -+ gcc_unreachable(); -+ } -+} -+ -+// Check the intentional_overflow attribute and create the asm comment string for the size_overflow asm stmt. -+static enum mark check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) -+{ -+ const_tree fndecl; -+ struct pointer_set_t *visited; -+ enum mark cur_fndecl_attr, decl_attr = MARK_NO; -+ -+ fndecl = get_interesting_orig_fndecl(stmt, argnum); -+ if (is_end_intentional_intentional_attr(fndecl, argnum)) -+ decl_attr = MARK_NOT_INTENTIONAL; -+ else if (is_yes_intentional_attr(fndecl, argnum)) -+ decl_attr = MARK_YES; -+ else if (is_turn_off_intentional_attr(fndecl) || is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { -+ return MARK_TURN_OFF; -+ } -+ -+ visited = pointer_set_create(); -+ cur_fndecl_attr = search_intentional(visited, arg); -+ pointer_set_destroy(visited); -+ -+ switch (cur_fndecl_attr) { -+ case MARK_NO: -+ case MARK_TURN_OFF: -+ return cur_fndecl_attr; -+ default: -+ print_missing_intentional(decl_attr, cur_fndecl_attr, fndecl, argnum); -+ return MARK_YES; -+ } -+} -+ -+static void check_missing_size_overflow_attribute(tree var) -+{ -+ tree orig_fndecl; -+ unsigned int num; -+ -+ if (is_a_return_check(var)) -+ orig_fndecl = DECL_ORIGIN(var); -+ else -+ orig_fndecl = DECL_ORIGIN(current_function_decl); -+ -+ num = get_function_num(var, orig_fndecl); -+ if (num == CANNOT_FIND_ARG) -+ return; -+ -+ is_missing_function(orig_fndecl, num); -+} -+ -+static void search_size_overflow_attribute_phi(struct pointer_set_t *visited, const_tree result) -+{ -+ gimple phi = get_def_stmt(result); -+ unsigned int i, n = gimple_phi_num_args(phi); -+ -+ pointer_set_insert(visited, phi); -+ for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(phi, i); -+ -+ search_size_overflow_attribute(visited, arg); -+ } -+} -+ -+static void search_size_overflow_attribute_binary(struct pointer_set_t *visited, const_tree lhs) -+{ -+ const_gimple def_stmt = get_def_stmt(lhs); -+ tree rhs1, rhs2; -+ -+ rhs1 = gimple_assign_rhs1(def_stmt); -+ rhs2 = gimple_assign_rhs2(def_stmt); -+ -+ search_size_overflow_attribute(visited, rhs1); -+ search_size_overflow_attribute(visited, rhs2); -+} -+ -+static void search_size_overflow_attribute(struct pointer_set_t *visited, tree lhs) -+{ -+ const_gimple def_stmt; -+ -+ if (TREE_CODE(lhs) == PARM_DECL) { -+ check_missing_size_overflow_attribute(lhs); -+ return; -+ } -+ -+ def_stmt = get_def_stmt(lhs); -+ if (!def_stmt) -+ return; -+ -+ if (pointer_set_insert(visited, def_stmt)) -+ return; -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_NOP: -+ return search_size_overflow_attribute(visited, SSA_NAME_VAR(lhs)); -+ case GIMPLE_ASM: -+ return; -+ case GIMPLE_CALL: { -+ tree fndecl = gimple_call_fndecl(def_stmt); -+ -+ if (fndecl == NULL_TREE) -+ return; -+ check_missing_size_overflow_attribute(fndecl); -+ return; -+ } -+ case GIMPLE_PHI: -+ return search_size_overflow_attribute_phi(visited, lhs); -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { -+ case 2: -+ return search_size_overflow_attribute(visited, gimple_assign_rhs1(def_stmt)); -+ case 3: -+ return search_size_overflow_attribute_binary(visited, lhs); -+ } -+ default: -+ debug_gimple_stmt((gimple)def_stmt); -+ error("%s: unknown gimple code", __func__); -+ gcc_unreachable(); -+ } -+} -+ -+// Search missing entries in the hash table (invoked from the gimple pass) -+static void search_missing_size_overflow_attribute_gimple(const_gimple stmt, unsigned int num) -+{ -+ tree fndecl = NULL_TREE; -+ tree lhs; -+ struct pointer_set_t *visited; -+ -+ if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) -+ return; -+ -+ if (num == 0) { -+ gcc_assert(gimple_code(stmt) == GIMPLE_RETURN); -+ lhs = gimple_return_retval(stmt); -+ } else { -+ gcc_assert(is_gimple_call(stmt)); -+ lhs = gimple_call_arg(stmt, num - 1); -+ fndecl = gimple_call_fndecl(stmt); -+ } -+ -+ if (fndecl != NULL_TREE && is_turn_off_intentional_attr(DECL_ORIGIN(fndecl))) -+ return; -+ -+ visited = pointer_set_create(); -+ search_size_overflow_attribute(visited, lhs); -+ pointer_set_destroy(visited); -+} -+ -+static void create_output_from_phi(gimple stmt, unsigned int argnum, struct asm_data *asm_data) -+{ -+ gimple_stmt_iterator gsi; -+ gimple assign; -+ -+ assign = gimple_build_assign(asm_data->input, asm_data->output); -+ gsi = gsi_for_stmt(stmt); -+ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); -+ asm_data->def_stmt = assign; -+ -+ asm_data->output = create_new_var(TREE_TYPE(asm_data->output)); -+ asm_data->output = make_ssa_name(asm_data->output, stmt); -+ if (gimple_code(stmt) == GIMPLE_RETURN) -+ gimple_return_set_retval(stmt, asm_data->output); -+ else -+ gimple_call_set_arg(stmt, argnum - 1, asm_data->output); -+ update_stmt(stmt); -+} -+ -+static char *create_asm_comment(unsigned int argnum, const_gimple stmt , const char *mark_str) -+{ -+ const char *fn_name; -+ char *asm_comment; -+ unsigned int len; -+ -+ if (argnum == 0) -+ fn_name = DECL_NAME_POINTER(current_function_decl); -+ else -+ fn_name = DECL_NAME_POINTER(gimple_call_fndecl(stmt)); -+ -+ len = asprintf(&asm_comment, "%s %s %u", mark_str, fn_name, argnum); -+ gcc_assert(len > 0); -+ -+ return asm_comment; -+} -+ -+static const char *convert_mark_to_str(enum mark mark) -+{ -+ switch (mark) { -+ case MARK_NO: -+ return OK_ASM_STR; -+ case MARK_YES: -+ case MARK_NOT_INTENTIONAL: -+ return YES_ASM_STR; -+ case MARK_TURN_OFF: -+ return TURN_OFF_ASM_STR; -+ } -+ -+ gcc_unreachable(); -+} -+ -+/* Create the input of the size_overflow asm stmt. -+ * When the arg of the callee function is a parm_decl it creates this kind of size_overflow asm stmt: -+ * __asm__("# size_overflow MARK_YES" : : "rm" size_1(D)); -+ * The input field in asm_data will be empty if there is no need for further size_overflow asm stmt insertion. -+ * otherwise create the input (for a phi stmt the output too) of the asm stmt. -+ */ -+static void create_asm_input(gimple stmt, unsigned int argnum, struct asm_data *asm_data) -+{ -+ if (!asm_data->def_stmt) { -+ asm_data->input = NULL_TREE; -+ return; -+ } -+ -+ asm_data->input = create_new_var(TREE_TYPE(asm_data->output)); -+ asm_data->input = make_ssa_name(asm_data->input, asm_data->def_stmt); -+ -+ switch (gimple_code(asm_data->def_stmt)) { -+ case GIMPLE_ASSIGN: -+ case GIMPLE_CALL: -+ replace_call_lhs(asm_data); -+ break; -+ case GIMPLE_PHI: -+ create_output_from_phi(stmt, argnum, asm_data); -+ break; -+ case GIMPLE_NOP: { -+ enum mark mark; -+ const char *mark_str; -+ char *asm_comment; -+ -+ mark = check_intentional_attribute_gimple(asm_data->output, stmt, argnum); -+ -+ asm_data->input = asm_data->output; -+ asm_data->output = NULL; -+ asm_data->def_stmt = stmt; -+ -+ mark_str = convert_mark_to_str(mark); -+ asm_comment = create_asm_comment(argnum, stmt, mark_str); -+ -+ create_asm_stmt(asm_comment, build_string(2, "rm"), NULL, asm_data); -+ free(asm_comment); -+ asm_data->input = NULL_TREE; -+ break; -+ } -+ case GIMPLE_ASM: -+ if (is_size_overflow_asm(asm_data->def_stmt)) { -+ asm_data->input = NULL_TREE; -+ break; -+ } -+ default: -+ debug_gimple_stmt(asm_data->def_stmt); -+ gcc_unreachable(); -+ } -+} -+ -+/* This is the gimple part of searching for a missing size_overflow attribute. If the intentional_overflow attribute type -+ * is of the right kind create the appropriate size_overflow asm stmts: -+ * __asm__("# size_overflow" : =rm" D.3344_8 : "0" cicus.4_16); -+ * __asm__("# size_overflow MARK_YES" : : "rm" size_1(D)); -+ */ -+static void create_size_overflow_asm(gimple stmt, tree output_node, unsigned int argnum) -+{ -+ struct asm_data asm_data; -+ const char *mark_str; -+ char *asm_comment; -+ enum mark mark; -+ -+ if (is_gimple_constant(output_node)) -+ return; -+ -+ asm_data.output = output_node; -+ mark = check_intentional_attribute_gimple(asm_data.output, stmt, argnum); -+ if (mark != MARK_TURN_OFF) -+ search_missing_size_overflow_attribute_gimple(stmt, argnum); -+ -+ asm_data.def_stmt = get_def_stmt(asm_data.output); -+ if (is_size_overflow_intentional_asm_turn_off(asm_data.def_stmt)) -+ return; -+ -+ create_asm_input(stmt, argnum, &asm_data); -+ if (asm_data.input == NULL_TREE) -+ return; -+ -+ mark_str = convert_mark_to_str(mark); -+ asm_comment = create_asm_comment(argnum, stmt, mark_str); -+ create_asm_stmt(asm_comment, build_string(1, "0"), build_string(3, "=rm"), &asm_data); -+ free(asm_comment); -+} -+ -+// Insert an asm stmt with "MARK_TURN_OFF", "MARK_YES" or "MARK_NOT_INTENTIONAL". -+static bool create_mark_asm(gimple stmt, enum mark mark) -+{ -+ struct asm_data asm_data; -+ const char *asm_str; -+ -+ switch (mark) { -+ case MARK_TURN_OFF: -+ asm_str = TURN_OFF_ASM_STR; -+ break; -+ case MARK_NOT_INTENTIONAL: -+ case MARK_YES: -+ asm_str = YES_ASM_STR; -+ break; -+ default: -+ gcc_unreachable(); -+ } -+ -+ asm_data.def_stmt = stmt; -+ asm_data.output = gimple_call_lhs(stmt); -+ -+ if (asm_data.output == NULL_TREE) { -+ asm_data.input = gimple_call_arg(stmt, 0); -+ if (is_gimple_constant(asm_data.input)) -+ return false; -+ asm_data.output = NULL; -+ create_asm_stmt(asm_str, build_string(2, "rm"), NULL, &asm_data); -+ return true; -+ } -+ -+ create_asm_input(stmt, 0, &asm_data); -+ gcc_assert(asm_data.input != NULL_TREE); -+ -+ create_asm_stmt(asm_str, build_string(1, "0"), build_string(3, "=rm"), &asm_data); -+ return true; -+} -+ -+static bool is_from_cast(const_tree node) -+{ -+ gimple def_stmt = get_def_stmt(node); -+ -+ if (!def_stmt) -+ return false; -+ -+ if (gimple_assign_cast_p(def_stmt)) -+ return true; -+ -+ return false; -+} -+ -+// Skip duplication when there is a minus expr and the type of rhs1 or rhs2 is a pointer_type. -+static bool skip_ptr_minus(gimple stmt) -+{ -+ const_tree rhs1, rhs2, ptr1_rhs, ptr2_rhs; -+ -+ if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) -+ return false; -+ -+ rhs1 = gimple_assign_rhs1(stmt); -+ if (!is_from_cast(rhs1)) -+ return false; -+ -+ rhs2 = gimple_assign_rhs2(stmt); -+ if (!is_from_cast(rhs2)) -+ return false; -+ -+ ptr1_rhs = gimple_assign_rhs1(get_def_stmt(rhs1)); -+ ptr2_rhs = gimple_assign_rhs1(get_def_stmt(rhs2)); -+ -+ if (TREE_CODE(TREE_TYPE(ptr1_rhs)) != POINTER_TYPE && TREE_CODE(TREE_TYPE(ptr2_rhs)) != POINTER_TYPE) -+ return false; -+ -+ create_mark_asm(stmt, MARK_YES); -+ return true; -+} -+ -+static void walk_use_def_ptr(struct pointer_set_t *visited, const_tree lhs) -+{ -+ gimple def_stmt; -+ -+ def_stmt = get_def_stmt(lhs); -+ if (!def_stmt) -+ return; -+ -+ if (pointer_set_insert(visited, def_stmt)) -+ return; -+ -+ switch (gimple_code(def_stmt)) { -+ case GIMPLE_NOP: -+ case GIMPLE_ASM: -+ case GIMPLE_CALL: -+ break; -+ case GIMPLE_PHI: { -+ unsigned int i, n = gimple_phi_num_args(def_stmt); -+ -+ pointer_set_insert(visited, def_stmt); -+ -+ for (i = 0; i < n; i++) { -+ tree arg = gimple_phi_arg_def(def_stmt, i); -+ -+ walk_use_def_ptr(visited, arg); -+ } -+ } -+ case GIMPLE_ASSIGN: -+ switch (gimple_num_ops(def_stmt)) { -+ case 2: -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); -+ return; -+ case 3: -+ if (skip_ptr_minus(def_stmt)) -+ return; -+ -+ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); -+ walk_use_def_ptr(visited, gimple_assign_rhs2(def_stmt)); -+ return; -+ default: -+ return; -+ } -+ default: -+ debug_gimple_stmt((gimple)def_stmt); -+ error("%s: unknown gimple code", __func__); -+ gcc_unreachable(); -+ } -+} -+ -+// Look for a ptr - ptr expression (e.g., cpuset_common_file_read() s - page) -+static void insert_mark_not_intentional_asm_at_ptr(const_tree arg) -+{ -+ struct pointer_set_t *visited; -+ -+ visited = pointer_set_create(); -+ walk_use_def_ptr(visited, arg); -+ pointer_set_destroy(visited); -+} -+ -+// Determine the return value and insert the asm stmt to mark the return stmt. -+static void insert_asm_ret(gimple stmt) -+{ -+ tree ret; -+ -+ ret = gimple_return_retval(stmt); -+ create_size_overflow_asm(stmt, ret, 0); -+} -+ -+// Determine the correct arg index and arg and insert the asm stmt to mark the stmt. -+static void insert_asm_arg(gimple stmt, unsigned int orig_argnum) -+{ -+ tree arg; -+ unsigned int argnum; -+ -+ argnum = get_correct_arg_count(orig_argnum, gimple_call_fndecl(stmt)); -+ gcc_assert(argnum != 0); -+ if (argnum == CANNOT_FIND_ARG) -+ return; -+ -+ arg = gimple_call_arg(stmt, argnum - 1); -+ gcc_assert(arg != NULL_TREE); -+ -+ // skip all ptr - ptr expressions -+ insert_mark_not_intentional_asm_at_ptr(arg); -+ -+ create_size_overflow_asm(stmt, arg, argnum); -+} -+ -+// If a function arg or the return value is marked by the size_overflow attribute then set its index in the array. -+static void set_argnum_attribute(const_tree attr, bool *argnums) -+{ -+ unsigned int argnum; -+ tree attr_value; -+ -+ for (attr_value = TREE_VALUE(attr); attr_value; attr_value = TREE_CHAIN(attr_value)) { -+ argnum = TREE_INT_CST_LOW(TREE_VALUE(attr_value)); -+ argnums[argnum] = true; -+ } -+} -+ -+// If a function arg or the return value is in the hash table then set its index in the array. -+static void set_argnum_hash(tree fndecl, bool *argnums) -+{ -+ unsigned int num; -+ const struct size_overflow_hash *hash; -+ -+ hash = get_function_hash(DECL_ORIGIN(fndecl)); -+ if (!hash) -+ return; -+ -+ for (num = 0; num <= MAX_PARAM; num++) { -+ if (!(hash->param & (1U << num))) -+ continue; -+ -+ argnums[num] = true; -+ } -+} -+ -+static bool is_all_the_argnums_empty(bool *argnums) -+{ -+ unsigned int i; -+ -+ for (i = 0; i <= MAX_PARAM; i++) -+ if (argnums[i]) -+ return false; -+ return true; -+} -+ -+// Check whether the arguments or the return value of the function are in the hash table or are marked by the size_overflow attribute. -+static void search_interesting_args(tree fndecl, bool *argnums) -+{ -+ const_tree attr; -+ -+ set_argnum_hash(fndecl, argnums); -+ if (!is_all_the_argnums_empty(argnums)) -+ return; -+ -+ attr = lookup_attribute("size_overflow", DECL_ATTRIBUTES(fndecl)); -+ if (attr && TREE_VALUE(attr)) -+ set_argnum_attribute(attr, argnums); -+} -+ -+/* -+ * Look up the intentional_overflow attribute that turns off ipa based duplication -+ * on the callee function. -+ */ -+static bool is_mark_turn_off_attribute(gimple stmt) -+{ -+ enum mark mark; -+ const_tree fndecl = gimple_call_fndecl(stmt); -+ -+ mark = get_intentional_attr_type(DECL_ORIGIN(fndecl)); -+ if (mark == MARK_TURN_OFF) -+ return true; -+ return false; -+} -+ -+// If the argument(s) of the callee function is/are in the hash table or are marked by an attribute then mark the call stmt with an asm stmt -+static void handle_interesting_function(gimple stmt) -+{ -+ unsigned int argnum; -+ tree fndecl; -+ bool orig_argnums[MAX_PARAM + 1] = {false}; -+ -+ if (gimple_call_num_args(stmt) == 0) -+ return; -+ fndecl = gimple_call_fndecl(stmt); -+ if (fndecl == NULL_TREE) -+ return; -+ fndecl = DECL_ORIGIN(fndecl); -+ -+ if (is_mark_turn_off_attribute(stmt)) { -+ create_mark_asm(stmt, MARK_TURN_OFF); -+ return; -+ } -+ -+ search_interesting_args(fndecl, orig_argnums); -+ -+ for (argnum = 1; argnum < MAX_PARAM; argnum++) -+ if (orig_argnums[argnum]) -+ insert_asm_arg(stmt, argnum); -+} -+ -+// If the return value of the caller function is in hash table (its index is 0) then mark the return stmt with an asm stmt -+static void handle_interesting_ret(gimple stmt) -+{ -+ bool orig_argnums[MAX_PARAM + 1] = {false}; -+ -+ search_interesting_args(current_function_decl, orig_argnums); -+ -+ if (orig_argnums[0]) -+ insert_asm_ret(stmt); -+} -+ -+// Iterate over all the stmts and search for call and return stmts and mark them if they're in the hash table -+static unsigned int search_interesting_functions(void) -+{ -+ basic_block bb; -+ -+ FOR_ALL_BB_FN(bb, cfun) { -+ gimple_stmt_iterator gsi; -+ -+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { -+ gimple stmt = gsi_stmt(gsi); -+ -+ if (is_size_overflow_asm(stmt)) -+ continue; -+ -+ if (is_gimple_call(stmt)) -+ handle_interesting_function(stmt); -+ else if (gimple_code(stmt) == GIMPLE_RETURN) -+ handle_interesting_ret(stmt); -+ } -+ } -+ return 0; -+} -+ -+/* -+ * A lot of functions get inlined before the ipa passes so after the build_ssa gimple pass -+ * this pass inserts asm stmts to mark the interesting args -+ * that the ipa pass will detect and insert the size overflow checks for. -+ */ -+#if BUILDING_GCC_VERSION >= 4009 -+static const struct pass_data insert_size_overflow_asm_pass_data = { -+#else -+static struct gimple_opt_pass insert_size_overflow_asm_pass = { -+ .pass = { -+#endif -+ .type = GIMPLE_PASS, -+ .name = "insert_size_overflow_asm", -+#if BUILDING_GCC_VERSION >= 4008 -+ .optinfo_flags = OPTGROUP_NONE, -+#endif -+#if BUILDING_GCC_VERSION >= 4009 -+ .has_gate = false, -+ .has_execute = true, -+#else -+ .gate = NULL, -+ .execute = search_interesting_functions, -+ .sub = NULL, -+ .next = NULL, -+ .static_pass_number = 0, -+#endif -+ .tv_id = TV_NONE, -+ .properties_required = PROP_cfg, -+ .properties_provided = 0, -+ .properties_destroyed = 0, -+ .todo_flags_start = 0, -+ .todo_flags_finish = TODO_dump_func | TODO_verify_ssa | TODO_verify_stmts | TODO_remove_unused_locals | TODO_update_ssa_no_phi | TODO_cleanup_cfg | TODO_ggc_collect | TODO_verify_flow -+#if BUILDING_GCC_VERSION < 4009 -+ } -+#endif -+}; -+ -+#if BUILDING_GCC_VERSION >= 4009 -+namespace { -+class insert_size_overflow_asm_pass : public gimple_opt_pass { -+public: -+ insert_size_overflow_asm_pass() : gimple_opt_pass(insert_size_overflow_asm_pass_data, g) {} -+ unsigned int execute() { return search_interesting_functions(); } -+}; -+} -+#endif -+ -+static struct opt_pass *make_insert_size_overflow_asm_pass(void) -+{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new insert_size_overflow_asm_pass(); -+#else -+ return &insert_size_overflow_asm_pass.pass; -+#endif -+} -+ -+// Create the noreturn report_size_overflow() function decl. -+static void size_overflow_start_unit(void __unused *gcc_data, void __unused *user_data) -+{ -+ tree const_char_ptr_type_node; -+ tree fntype; -+ -+ const_char_ptr_type_node = build_pointer_type(build_type_variant(char_type_node, 1, 0)); -+ -+ // void report_size_overflow(const char *loc_file, unsigned int loc_line, const char *current_func, const char *ssa_var) -+ fntype = build_function_type_list(void_type_node, -+ const_char_ptr_type_node, -+ unsigned_type_node, -+ const_char_ptr_type_node, -+ const_char_ptr_type_node, -+ NULL_TREE); -+ report_size_overflow_decl = build_fn_decl("report_size_overflow", fntype); -+ -+ DECL_ASSEMBLER_NAME(report_size_overflow_decl); -+ TREE_PUBLIC(report_size_overflow_decl) = 1; -+ DECL_EXTERNAL(report_size_overflow_decl) = 1; -+ DECL_ARTIFICIAL(report_size_overflow_decl) = 1; -+ TREE_THIS_VOLATILE(report_size_overflow_decl) = 1; -+} -+ -+static unsigned int dump_functions(void) -+{ -+ struct cgraph_node *node; -+ -+ FOR_EACH_FUNCTION_WITH_GIMPLE_BODY(node) { -+ basic_block bb; -+ -+ push_cfun(DECL_STRUCT_FUNCTION(NODE_DECL(node))); -+ current_function_decl = NODE_DECL(node); -+ -+ fprintf(stderr, "-----------------------------------------\n%s\n-----------------------------------------\n", DECL_NAME_POINTER(current_function_decl)); -+ -+ FOR_ALL_BB_FN(bb, cfun) { -+ gimple_stmt_iterator si; -+ -+ fprintf(stderr, "<bb %u>:\n", bb->index); -+ for (si = gsi_start_phis(bb); !gsi_end_p(si); gsi_next(&si)) -+ debug_gimple_stmt(gsi_stmt(si)); -+ for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si)) -+ debug_gimple_stmt(gsi_stmt(si)); -+ fprintf(stderr, "\n"); -+ } -+ -+ fprintf(stderr, "-------------------------------------------------------------------------\n"); -+ -+ pop_cfun(); -+ current_function_decl = NULL_TREE; -+ } -+ -+ fprintf(stderr, "###############################################################################\n"); -+ -+ return 0; -+} -+ -+#if BUILDING_GCC_VERSION >= 4009 -+static const struct pass_data dump_pass_data = { -+#else -+static struct ipa_opt_pass_d dump_pass = { -+ .pass = { -+#endif -+ .type = SIMPLE_IPA_PASS, -+ .name = "dump", -+#if BUILDING_GCC_VERSION >= 4008 -+ .optinfo_flags = OPTGROUP_NONE, -+#endif -+#if BUILDING_GCC_VERSION >= 4009 -+ .has_gate = false, -+ .has_execute = true, -+#else -+ .gate = NULL, -+ .execute = dump_functions, -+ .sub = NULL, -+ .next = NULL, -+ .static_pass_number = 0, -+#endif -+ .tv_id = TV_NONE, -+ .properties_required = 0, -+ .properties_provided = 0, -+ .properties_destroyed = 0, -+ .todo_flags_start = 0, -+ .todo_flags_finish = 0, -+#if BUILDING_GCC_VERSION < 4009 -+ }, -+ .generate_summary = NULL, -+ .write_summary = NULL, -+ .read_summary = NULL, -+#if BUILDING_GCC_VERSION >= 4006 -+ .write_optimization_summary = NULL, -+ .read_optimization_summary = NULL, -+#endif -+ .stmt_fixup = NULL, -+ .function_transform_todo_flags_start = 0, -+ .function_transform = NULL, -+ .variable_transform = NULL, -+#endif -+}; -+ -+#if BUILDING_GCC_VERSION >= 4009 -+namespace { -+class dump_pass : public ipa_opt_pass_d { -+public: -+ dump_pass() : ipa_opt_pass_d(dump_pass_data, g, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL) {} -+ unsigned int execute() { return dump_functions(); } -+}; -+} -+#endif -+ -+static struct opt_pass *make_dump_pass(void) -+{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new dump_pass(); -+#else -+ return &dump_pass.pass; -+#endif -+} -+ -+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) -+{ -+ int i; -+ const char * const plugin_name = plugin_info->base_name; -+ const int argc = plugin_info->argc; -+ const struct plugin_argument * const argv = plugin_info->argv; -+ bool enable = true; -+ struct register_pass_info insert_size_overflow_asm_pass_info; -+ struct register_pass_info __unused dump_before_pass_info; -+ struct register_pass_info __unused dump_after_pass_info; -+ struct register_pass_info ipa_pass_info; -+ static const struct ggc_root_tab gt_ggc_r_gt_size_overflow[] = { -+ { -+ .base = &report_size_overflow_decl, -+ .nelt = 1, -+ .stride = sizeof(report_size_overflow_decl), -+ .cb = >_ggc_mx_tree_node, -+ .pchw = >_pch_nx_tree_node -+ }, -+ LAST_GGC_ROOT_TAB -+ }; -+ -+ insert_size_overflow_asm_pass_info.pass = make_insert_size_overflow_asm_pass(); -+ insert_size_overflow_asm_pass_info.reference_pass_name = "ssa"; -+ insert_size_overflow_asm_pass_info.ref_pass_instance_number = 1; -+ insert_size_overflow_asm_pass_info.pos_op = PASS_POS_INSERT_AFTER; -+ -+ dump_before_pass_info.pass = make_dump_pass(); -+ dump_before_pass_info.reference_pass_name = "increase_alignment"; -+ dump_before_pass_info.ref_pass_instance_number = 1; -+ dump_before_pass_info.pos_op = PASS_POS_INSERT_BEFORE; -+ -+ ipa_pass_info.pass = make_ipa_pass(); -+ ipa_pass_info.reference_pass_name = "increase_alignment"; -+ ipa_pass_info.ref_pass_instance_number = 1; -+ ipa_pass_info.pos_op = PASS_POS_INSERT_BEFORE; -+ -+ dump_after_pass_info.pass = make_dump_pass(); -+ dump_after_pass_info.reference_pass_name = "increase_alignment"; -+ dump_after_pass_info.ref_pass_instance_number = 1; -+ dump_after_pass_info.pos_op = PASS_POS_INSERT_BEFORE; -+ -+ if (!plugin_default_version_check(version, &gcc_version)) { -+ error(G_("incompatible gcc/plugin versions")); -+ return 1; -+ } -+ -+ for (i = 0; i < argc; ++i) { -+ if (!strcmp(argv[i].key, "no-size-overflow")) { -+ enable = false; -+ continue; -+ } -+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); -+ } -+ -+ register_callback(plugin_name, PLUGIN_INFO, NULL, &size_overflow_plugin_info); -+ if (enable) { -+ register_callback(plugin_name, PLUGIN_START_UNIT, &size_overflow_start_unit, NULL); -+ register_callback(plugin_name, PLUGIN_REGISTER_GGC_ROOTS, NULL, (void *)>_ggc_r_gt_size_overflow); -+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &insert_size_overflow_asm_pass_info); -+// register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dump_before_pass_info); -+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &ipa_pass_info); -+// register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dump_after_pass_info); -+ } -+ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); -+ -+ return 0; -+} diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c new file mode 100644 -index 0000000..5c0b937 +index 0000000..dd94983 --- /dev/null +++ b/tools/gcc/stackleak_plugin.c -@@ -0,0 +1,374 @@ +@@ -0,0 +1,376 @@ +/* + * Copyright 2011-2014 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -118316,25 +121246,27 @@ index 0000000..5c0b937 + unsigned int execute() { return execute_stackleak_final(); } +}; +} -+#endif + -+static struct opt_pass *make_stackleak_tree_instrument_pass(void) ++static opt_pass *make_stackleak_tree_instrument_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new stackleak_tree_instrument_pass(); ++} ++ ++static opt_pass *make_stackleak_final_rtl_opt_pass(void) ++{ ++ return new stackleak_final_rtl_opt_pass(); ++} +#else ++static struct opt_pass *make_stackleak_tree_instrument_pass(void) ++{ + return &stackleak_tree_instrument_pass.pass; -+#endif +} + +static struct opt_pass *make_stackleak_final_rtl_opt_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 -+ return new stackleak_final_rtl_opt_pass(); -+#else + return &stackleak_final_rtl_opt_pass.pass; -+#endif +} ++#endif + +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ @@ -118411,10 +121343,10 @@ index 0000000..5c0b937 +} diff --git a/tools/gcc/structleak_plugin.c b/tools/gcc/structleak_plugin.c new file mode 100644 -index 0000000..796569a +index 0000000..4ee2231 --- /dev/null +++ b/tools/gcc/structleak_plugin.c -@@ -0,0 +1,273 @@ +@@ -0,0 +1,274 @@ +/* + * Copyright 2013-2014 by PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -118636,16 +121568,17 @@ index 0000000..796569a + unsigned int execute() { return handle_function(); } +}; +} -+#endif + -+static struct opt_pass *make_structleak_pass(void) ++static opt_pass *make_structleak_pass(void) +{ -+#if BUILDING_GCC_VERSION >= 4009 + return new structleak_pass(); ++} +#else ++static struct opt_pass *make_structleak_pass(void) ++{ + return &structleak_pass.pass; -+#endif +} ++#endif + +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ @@ -118688,13 +121621,30 @@ index 0000000..796569a + + return 0; +} -diff --git a/tools/lib/lk/Makefile b/tools/lib/lk/Makefile -index 3dba0a4..97175dc 100644 ---- a/tools/lib/lk/Makefile -+++ b/tools/lib/lk/Makefile -@@ -13,7 +13,7 @@ LIB_OBJS += $(OUTPUT)debugfs.o +diff --git a/tools/include/linux/compiler.h b/tools/include/linux/compiler.h +index fbc6665..5e9ce79 100644 +--- a/tools/include/linux/compiler.h ++++ b/tools/include/linux/compiler.h +@@ -35,4 +35,12 @@ + # define unlikely(x) __builtin_expect(!!(x), 0) + #endif + ++#ifndef __size_overflow ++# define __size_overflow(...) ++#endif ++ ++#ifndef __intentional_overflow ++# define __intentional_overflow(...) ++#endif ++ + #endif /* _TOOLS_LINUX_COMPILER_H */ +diff --git a/tools/lib/api/Makefile b/tools/lib/api/Makefile +index ed2f51e..cc2d8f6 100644 +--- a/tools/lib/api/Makefile ++++ b/tools/lib/api/Makefile +@@ -14,7 +14,7 @@ LIB_OBJS += $(OUTPUT)fs/debugfs.o - LIBFILE = liblk.a + LIBFILE = libapikfs.a -CFLAGS = -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -D_FORTIFY_SOURCE=2 $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) -fPIC +CFLAGS = -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $(EXTRA_WARNINGS) $(EXTRA_CFLAGS) -fPIC @@ -118702,7 +121652,7 @@ index 3dba0a4..97175dc 100644 ALL_CFLAGS = $(CFLAGS) $(BASIC_CFLAGS) -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 ALL_LDFLAGS = $(LDFLAGS) diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h -index 6789d78..4afd019e 100644 +index 6789d788..4afd019e 100644 --- a/tools/perf/util/include/asm/alternative-asm.h +++ b/tools/perf/util/include/asm/alternative-asm.h @@ -5,4 +5,7 @@ @@ -118713,25 +121663,8 @@ index 6789d78..4afd019e 100644 + .endm + #endif -diff --git a/tools/perf/util/include/linux/compiler.h b/tools/perf/util/include/linux/compiler.h -index b003ad7..c0a02f8 100644 ---- a/tools/perf/util/include/linux/compiler.h -+++ b/tools/perf/util/include/linux/compiler.h -@@ -27,4 +27,12 @@ - # define __weak __attribute__((weak)) - #endif - -+#ifndef __size_overflow -+# define __size_overflow(...) -+#endif -+ -+#ifndef __intentional_overflow -+# define __intentional_overflow(...) -+#endif -+ - #endif diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 4f588bc..a543c97 100644 +index 03a0381..8b31923 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -76,12 +76,17 @@ LIST_HEAD(vm_list); @@ -118754,7 +121687,7 @@ index 4f588bc..a543c97 100644 struct dentry *kvm_debugfs_dir; -@@ -751,7 +756,7 @@ int __kvm_set_memory_region(struct kvm *kvm, +@@ -758,7 +763,7 @@ int __kvm_set_memory_region(struct kvm *kvm, /* We can read the guest memory with __xxx_user() later on. */ if ((mem->slot < KVM_USER_MEM_SLOTS) && ((mem->userspace_addr & (PAGE_SIZE - 1)) || @@ -118783,7 +121716,7 @@ index 4f588bc..a543c97 100644 } EXPORT_SYMBOL_GPL(kvm_clear_guest_page); -@@ -1872,7 +1885,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) +@@ -1867,7 +1880,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) return 0; } @@ -118832,7 +121765,7 @@ index 4f588bc..a543c97 100644 hardware_disable_all_nolock(); r = -EBUSY; } -@@ -3148,7 +3161,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, +@@ -3121,7 +3134,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, kvm_arch_vcpu_put(vcpu); } @@ -118841,7 +121774,7 @@ index 4f588bc..a543c97 100644 struct module *module) { int r; -@@ -3195,7 +3208,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3168,7 +3181,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (!vcpu_align) vcpu_align = __alignof__(struct kvm_vcpu); kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, @@ -118850,7 +121783,7 @@ index 4f588bc..a543c97 100644 if (!kvm_vcpu_cache) { r = -ENOMEM; goto out_free_3; -@@ -3205,9 +3218,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3178,9 +3191,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (r) goto out_free; @@ -118862,7 +121795,7 @@ index 4f588bc..a543c97 100644 r = misc_register(&kvm_dev); if (r) { -@@ -3217,9 +3232,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3190,9 +3205,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, register_syscore_ops(&kvm_syscore_ops); diff --git a/main/linux-virt-grsec/kernelconfig.x86 b/main/linux-virt-grsec/kernelconfig.x86 index 9a85d39f1d..74e00d39d9 100644 --- a/main/linux-virt-grsec/kernelconfig.x86 +++ b/main/linux-virt-grsec/kernelconfig.x86 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.13.0 Kernel Configuration +# Linux/x86 3.14.5 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -149,7 +149,6 @@ CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y -CONFIG_UIDGID_STRICT_TYPE_CHECKS=y CONFIG_SCHED_AUTOGROUP=y # CONFIG_SYSFS_DEPRECATED is not set # CONFIG_RELAY is not set @@ -200,6 +199,7 @@ CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLUB_CPU_PARTIAL=y +# CONFIG_SYSTEM_TRUSTED_KEYRING is not set # CONFIG_PROFILING is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y @@ -233,6 +233,7 @@ CONFIG_HAVE_CMPXCHG_LOCAL=y CONFIG_HAVE_CMPXCHG_DOUBLE=y CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y +# CONFIG_CC_STACKPROTECTOR is not set CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y CONFIG_HAVE_ARCH_SOFT_DIRTY=y @@ -248,7 +249,6 @@ CONFIG_OLD_SIGACTION=y CONFIG_HAVE_GENERIC_DMA_COHERENT=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 -# CONFIG_SYSTEM_TRUSTED_KEYRING is not set CONFIG_MODULES=y # CONFIG_MODULE_FORCE_LOAD is not set CONFIG_MODULE_UNLOAD=y @@ -261,7 +261,7 @@ CONFIG_BLOCK=y CONFIG_LBDAF=y CONFIG_BLK_DEV_BSG=y CONFIG_BLK_DEV_BSGLIB=y -# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLK_DEV_INTEGRITY=y # CONFIG_BLK_DEV_THROTTLING is not set # CONFIG_BLK_CMDLINE_PARSER is not set @@ -394,7 +394,6 @@ CONFIG_MICROCODE=m CONFIG_MICROCODE_INTEL=y CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_OLD_INTERFACE=y -CONFIG_MICROCODE_INTEL_LIB=y # CONFIG_MICROCODE_INTEL_EARLY is not set # CONFIG_MICROCODE_AMD_EARLY is not set CONFIG_X86_MSR=m @@ -431,6 +430,7 @@ CONFIG_MIGRATION=y # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=1 CONFIG_BOUNCE=y +CONFIG_NEED_BOUNCE_POOL=y CONFIG_VIRT_TO_BUS=y CONFIG_MMU_NOTIFIER=y CONFIG_KSM=y @@ -441,6 +441,8 @@ CONFIG_CLEANCACHE=y # CONFIG_FRONTSWAP is not set # CONFIG_CMA is not set # CONFIG_ZBUD is not set +CONFIG_ZSMALLOC=y +# CONFIG_PGTABLE_MAPPING is not set # CONFIG_HIGHPTE is not set # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set CONFIG_X86_RESERVE_LOW=64 @@ -746,6 +748,7 @@ CONFIG_NF_NAT_SIP=m CONFIG_NF_NAT_TFTP=m CONFIG_NETFILTER_SYNPROXY=m CONFIG_NF_TABLES=m +CONFIG_NF_TABLES_INET=m CONFIG_NFT_EXTHDR=m CONFIG_NFT_META=m CONFIG_NFT_CT=m @@ -755,6 +758,9 @@ CONFIG_NFT_COUNTER=m CONFIG_NFT_LOG=m CONFIG_NFT_LIMIT=m CONFIG_NFT_NAT=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_REJECT_INET=m CONFIG_NFT_COMPAT=m CONFIG_NETFILTER_XTABLES=m @@ -797,6 +803,7 @@ CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m CONFIG_NETFILTER_XT_MATCH_CLUSTER=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m @@ -813,8 +820,10 @@ CONFIG_NETFILTER_XT_MATCH_ESP=m CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPCOMP=m CONFIG_NETFILTER_XT_MATCH_IPRANGE=m CONFIG_NETFILTER_XT_MATCH_IPVS=m +CONFIG_NETFILTER_XT_MATCH_L2TP=m CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m @@ -901,9 +910,9 @@ CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_NF_TABLES_IPV4=m -CONFIG_NFT_REJECT_IPV4=m CONFIG_NFT_CHAIN_ROUTE_IPV4=m CONFIG_NFT_CHAIN_NAT_IPV4=m +CONFIG_NFT_REJECT_IPV4=m CONFIG_NF_TABLES_ARP=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_AH=m @@ -939,6 +948,7 @@ CONFIG_NF_CONNTRACK_IPV6=m CONFIG_NF_TABLES_IPV6=m CONFIG_NFT_CHAIN_ROUTE_IPV6=m CONFIG_NFT_CHAIN_NAT_IPV6=m +CONFIG_NFT_REJECT_IPV6=m CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m @@ -1049,6 +1059,7 @@ CONFIG_LAPB=m CONFIG_PHONET=m CONFIG_IEEE802154=m CONFIG_IEEE802154_6LOWPAN=m +CONFIG_6LOWPAN_IPHC=m CONFIG_MAC802154=m CONFIG_NET_SCHED=y @@ -1076,6 +1087,8 @@ CONFIG_NET_SCH_QFQ=m CONFIG_NET_SCH_CODEL=m CONFIG_NET_SCH_FQ_CODEL=m CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_PIE=m CONFIG_NET_SCH_INGRESS=m # CONFIG_NET_SCH_PLUG is not set @@ -1131,7 +1144,8 @@ CONFIG_NET_MPLS_GSO=m CONFIG_RPS=y CONFIG_RFS_ACCEL=y CONFIG_XPS=y -CONFIG_NETPRIO_CGROUP=m +CONFIG_CGROUP_NET_PRIO=m +CONFIG_CGROUP_NET_CLASSID=y CONFIG_NET_RX_BUSY_POLL=y CONFIG_BQL=y CONFIG_NET_FLOW_LIMIT=y @@ -1206,6 +1220,8 @@ CONFIG_BLK_DEV=y CONFIG_BLK_DEV_FD=m # CONFIG_PARIDE is not set CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m +CONFIG_ZRAM=m +# CONFIG_ZRAM_DEBUG is not set # CONFIG_BLK_CPQ_CISS_DA is not set # CONFIG_BLK_DEV_DAC960 is not set # CONFIG_BLK_DEV_UMEM is not set @@ -1346,7 +1362,6 @@ CONFIG_ISCSI_BOOT_SYSFS=m # CONFIG_SCSI_ACARD is not set # CONFIG_SCSI_AACRAID is not set # CONFIG_SCSI_AIC7XXX is not set -# CONFIG_SCSI_AIC7XXX_OLD is not set # CONFIG_SCSI_AIC79XX is not set # CONFIG_SCSI_AIC94XX is not set # CONFIG_SCSI_MVSAS is not set @@ -1525,15 +1540,16 @@ CONFIG_MD_FAULTY=m CONFIG_BCACHE=m # CONFIG_BCACHE_DEBUG is not set # CONFIG_BCACHE_CLOSURES_DEBUG is not set +CONFIG_BLK_DEV_DM_BUILTIN=y CONFIG_BLK_DEV_DM=m # CONFIG_DM_DEBUG is not set CONFIG_DM_BUFIO=m CONFIG_DM_BIO_PRISON=m CONFIG_DM_PERSISTENT_DATA=m +# CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set CONFIG_DM_CRYPT=m CONFIG_DM_SNAPSHOT=m CONFIG_DM_THIN_PROVISIONING=m -# CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set CONFIG_DM_CACHE=m CONFIG_DM_CACHE_MQ=m CONFIG_DM_CACHE_CLEANER=m @@ -1669,6 +1685,7 @@ CONFIG_E1000=m # CONFIG_IXGBE is not set # CONFIG_IXGBEVF is not set # CONFIG_I40E is not set +# CONFIG_I40EVF is not set # CONFIG_NET_VENDOR_I825XX is not set # CONFIG_IP1000 is not set # CONFIG_JME is not set @@ -1856,6 +1873,7 @@ CONFIG_INPUT_MISC=y # Hardware I/O ports # CONFIG_SERIO=y +CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y CONFIG_SERIO_I8042=y # CONFIG_SERIO_SERPORT is not set # CONFIG_SERIO_CT82C710 is not set @@ -1999,6 +2017,7 @@ CONFIG_I2C_PIIX4=m # I2C system bus drivers (mostly embedded / system-on-chip) # # CONFIG_I2C_CBUS_GPIO is not set +# CONFIG_I2C_DESIGNWARE_PLATFORM is not set # CONFIG_I2C_DESIGNWARE_PCI is not set # CONFIG_I2C_EG20T is not set # CONFIG_I2C_GPIO is not set @@ -2014,6 +2033,7 @@ CONFIG_I2C_PIIX4=m # CONFIG_I2C_DIOLAN_U2C is not set # CONFIG_I2C_PARPORT is not set # CONFIG_I2C_PARPORT_LIGHT is not set +# CONFIG_I2C_ROBOTFUZZ_OSIF is not set # CONFIG_I2C_TAOS_EVM is not set # CONFIG_I2C_TINY_USB is not set @@ -2056,6 +2076,7 @@ CONFIG_GPIO_ACPI=y # CONFIG_GPIO_GENERIC_PLATFORM is not set # CONFIG_GPIO_IT8761E is not set # CONFIG_GPIO_F7188X is not set +# CONFIG_GPIO_SCH311X is not set # CONFIG_GPIO_TS5500 is not set # CONFIG_GPIO_SCH is not set # CONFIG_GPIO_ICH is not set @@ -2084,7 +2105,6 @@ CONFIG_GPIO_ACPI=y # # SPI GPIO expanders: # -# CONFIG_GPIO_MCP23S08 is not set # # AC97 GPIO expanders: @@ -2254,6 +2274,7 @@ CONFIG_THERMAL_GOV_STEP_WISE=y # CONFIG_THERMAL_GOV_USER_SPACE is not set # CONFIG_THERMAL_EMULATION is not set # CONFIG_INTEL_POWERCLAMP is not set +# CONFIG_ACPI_INT3403_THERMAL is not set # # Texas Instruments thermal drivers @@ -2266,6 +2287,7 @@ CONFIG_WATCHDOG_CORE=y # Watchdog Device Drivers # # CONFIG_SOFT_WATCHDOG is not set +# CONFIG_DW_WATCHDOG is not set # CONFIG_ACQUIRE_WDT is not set # CONFIG_ADVANTECH_WDT is not set # CONFIG_ALIM1535_WDT is not set @@ -2355,6 +2377,7 @@ CONFIG_MFD_CORE=m # CONFIG_ABX500_CORE is not set # CONFIG_MFD_SYSCON is not set # CONFIG_MFD_TI_AM335X_TSCADC is not set +# CONFIG_MFD_LP3943 is not set # CONFIG_TPS6105X is not set # CONFIG_TPS65010 is not set # CONFIG_TPS6507X is not set @@ -2383,6 +2406,7 @@ CONFIG_AGP_SIS=m # CONFIG_AGP_SWORKS is not set CONFIG_AGP_VIA=m # CONFIG_AGP_EFFICEON is not set +CONFIG_INTEL_GTT=m # CONFIG_VGA_ARB is not set # CONFIG_VGA_SWITCHEROO is not set CONFIG_DRM=m @@ -2407,6 +2431,7 @@ CONFIG_DRM_I915=m # CONFIG_DRM_I915_KMS is not set # CONFIG_DRM_I915_FBDEV is not set # CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set +# CONFIG_DRM_I915_UMS is not set CONFIG_DRM_MGA=m CONFIG_DRM_SIS=m CONFIG_DRM_VIA=m @@ -2421,6 +2446,7 @@ CONFIG_DRM_GMA3600=y CONFIG_DRM_MGAG200=m CONFIG_DRM_CIRRUS_QEMU=m CONFIG_DRM_QXL=m +# CONFIG_DRM_BOCHS is not set CONFIG_VGASTATE=m CONFIG_VIDEO_OUTPUT_CONTROL=m CONFIG_HDMI=y @@ -2455,6 +2481,7 @@ CONFIG_FB_VGA16=m CONFIG_FB_UVESA=m # CONFIG_FB_N411 is not set # CONFIG_FB_HGA is not set +# CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set # CONFIG_FB_RIVA is not set @@ -2612,20 +2639,20 @@ CONFIG_SND_HDA_INPUT_BEEP=y CONFIG_SND_HDA_INPUT_BEEP_MODE=0 CONFIG_SND_HDA_INPUT_JACK=y # CONFIG_SND_HDA_PATCH_LOADER is not set -CONFIG_SND_HDA_CODEC_REALTEK=y -CONFIG_SND_HDA_CODEC_ANALOG=y -CONFIG_SND_HDA_CODEC_SIGMATEL=y -CONFIG_SND_HDA_CODEC_VIA=y -CONFIG_SND_HDA_CODEC_HDMI=y +CONFIG_SND_HDA_CODEC_REALTEK=m +CONFIG_SND_HDA_CODEC_ANALOG=m +CONFIG_SND_HDA_CODEC_SIGMATEL=m +CONFIG_SND_HDA_CODEC_VIA=m +CONFIG_SND_HDA_CODEC_HDMI=m CONFIG_SND_HDA_I915=y -CONFIG_SND_HDA_CODEC_CIRRUS=y -CONFIG_SND_HDA_CODEC_CONEXANT=y -CONFIG_SND_HDA_CODEC_CA0110=y -CONFIG_SND_HDA_CODEC_CA0132=y +CONFIG_SND_HDA_CODEC_CIRRUS=m +CONFIG_SND_HDA_CODEC_CONEXANT=m +CONFIG_SND_HDA_CODEC_CA0110=m +CONFIG_SND_HDA_CODEC_CA0132=m # CONFIG_SND_HDA_CODEC_CA0132_DSP is not set -CONFIG_SND_HDA_CODEC_CMEDIA=y -CONFIG_SND_HDA_CODEC_SI3054=y -CONFIG_SND_HDA_GENERIC=y +CONFIG_SND_HDA_CODEC_CMEDIA=m +CONFIG_SND_HDA_CODEC_SI3054=m +CONFIG_SND_HDA_GENERIC=m CONFIG_SND_HDA_POWER_SAVE_DEFAULT=0 # CONFIG_SND_HDSP is not set # CONFIG_SND_HDSPM is not set @@ -2825,7 +2852,9 @@ CONFIG_USB_STORAGE_ENE_UB6250=m # # CONFIG_USB_MDC800 is not set # CONFIG_USB_MICROTEK is not set +# CONFIG_USB_MUSB_HDRC is not set # CONFIG_USB_DWC3 is not set +# CONFIG_USB_DWC2 is not set # CONFIG_USB_CHIPIDEA is not set # @@ -2866,6 +2895,7 @@ CONFIG_USB_STORAGE_ENE_UB6250=m # USB Physical Layer drivers # # CONFIG_USB_PHY is not set +# CONFIG_USB_OTG_FSM is not set # CONFIG_NOP_USB_XCEIV is not set # CONFIG_SAMSUNG_USB2PHY is not set # CONFIG_SAMSUNG_USB3PHY is not set @@ -2937,6 +2967,7 @@ CONFIG_RTC_DRV_MAX6900=m CONFIG_RTC_DRV_RS5C372=m CONFIG_RTC_DRV_ISL1208=m # CONFIG_RTC_DRV_ISL12022 is not set +# CONFIG_RTC_DRV_ISL12057 is not set CONFIG_RTC_DRV_X1205=m # CONFIG_RTC_DRV_PCF2127 is not set # CONFIG_RTC_DRV_PCF8523 is not set @@ -3036,11 +3067,11 @@ CONFIG_STAGING=y # CONFIG_COMEDI is not set # CONFIG_PANEL is not set # CONFIG_RTS5139 is not set +# CONFIG_RTS5208 is not set # CONFIG_TRANZPORT is not set # CONFIG_IDE_PHISON is not set # CONFIG_LINE6_USB is not set # CONFIG_DX_SEP is not set -# CONFIG_ZSMALLOC is not set # CONFIG_FB_SM7XX is not set # CONFIG_CRYSTALHD is not set # CONFIG_FB_XGI is not set @@ -3068,7 +3099,6 @@ CONFIG_STAGING=y # CONFIG_CED1401 is not set # CONFIG_DGRP is not set # CONFIG_FIREWIRE_SERIAL is not set -# CONFIG_USB_DWC2 is not set # CONFIG_LUSTRE_FS is not set # CONFIG_XILLYBUS is not set # CONFIG_DGNC is not set @@ -3125,6 +3155,7 @@ CONFIG_FIRMWARE_MEMMAP=y # CONFIG_DCDBAS is not set CONFIG_DMIID=y # CONFIG_DMI_SYSFS is not set +CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y # CONFIG_ISCSI_IBFT_FIND is not set # CONFIG_GOOGLE_FIRMWARE is not set CONFIG_UEFI_CPER=y @@ -3203,7 +3234,6 @@ CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=m CONFIG_FUSE_FS=m # CONFIG_CUSE is not set -CONFIG_GENERIC_ACL=y # # Caches @@ -3327,6 +3357,7 @@ CONFIG_RPCSEC_GSS_KRB5=m # CONFIG_SUNRPC_DEBUG is not set CONFIG_CEPH_FS=m CONFIG_CEPH_FSCACHE=y +# CONFIG_CEPH_FS_POSIX_ACL is not set CONFIG_CIFS=m # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set @@ -3464,6 +3495,7 @@ CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0 # CONFIG_DETECT_HUNG_TASK is not set # CONFIG_PANIC_ON_OOPS is not set CONFIG_PANIC_ON_OOPS_VALUE=0 +CONFIG_PANIC_TIMEOUT=0 CONFIG_SCHED_DEBUG=y CONFIG_SCHEDSTATS=y CONFIG_TIMER_STATS=y @@ -3531,6 +3563,8 @@ CONFIG_TRACING_SUPPORT=y # CONFIG_TEST_STRING_HELPERS is not set CONFIG_TEST_KSTRTOX=m # CONFIG_DMA_API_DEBUG is not set +# CONFIG_TEST_MODULE is not set +# CONFIG_TEST_USER_COPY is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set @@ -3874,6 +3908,9 @@ CONFIG_CRYPTO_DEV_PADLOCK_AES=m CONFIG_CRYPTO_DEV_PADLOCK_SHA=m CONFIG_CRYPTO_DEV_GEODE=m # CONFIG_CRYPTO_DEV_HIFN_795X is not set +CONFIG_CRYPTO_DEV_CCP=y +CONFIG_CRYPTO_DEV_CCP_DD=m +CONFIG_CRYPTO_DEV_CCP_CRYPTO=m CONFIG_ASYMMETRIC_KEY_TYPE=m CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=m CONFIG_PUBLIC_KEY_ALGO_RSA=m diff --git a/main/linux-virt-grsec/kernelconfig.x86_64 b/main/linux-virt-grsec/kernelconfig.x86_64 index 42c621b00b..5eab81d765 100644 --- a/main/linux-virt-grsec/kernelconfig.x86_64 +++ b/main/linux-virt-grsec/kernelconfig.x86_64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.13.0 Kernel Configuration +# Linux/x86 3.14.5 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -155,7 +155,6 @@ CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y -CONFIG_UIDGID_STRICT_TYPE_CHECKS=y CONFIG_SCHED_AUTOGROUP=y # CONFIG_SYSFS_DEPRECATED is not set # CONFIG_RELAY is not set @@ -204,6 +203,7 @@ CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLUB_CPU_PARTIAL=y +# CONFIG_SYSTEM_TRUSTED_KEYRING is not set # CONFIG_PROFILING is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y @@ -235,6 +235,11 @@ CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y CONFIG_HAVE_CMPXCHG_LOCAL=y CONFIG_HAVE_CMPXCHG_DOUBLE=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y +CONFIG_HAVE_CC_STACKPROTECTOR=y +CONFIG_CC_STACKPROTECTOR=y +# CONFIG_CC_STACKPROTECTOR_NONE is not set +CONFIG_CC_STACKPROTECTOR_REGULAR=y +# CONFIG_CC_STACKPROTECTOR_STRONG is not set CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y @@ -250,7 +255,6 @@ CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 -# CONFIG_SYSTEM_TRUSTED_KEYRING is not set CONFIG_MODULES=y # CONFIG_MODULE_FORCE_LOAD is not set CONFIG_MODULE_UNLOAD=y @@ -262,7 +266,7 @@ CONFIG_STOP_MACHINE=y CONFIG_BLOCK=y CONFIG_BLK_DEV_BSG=y CONFIG_BLK_DEV_BSGLIB=y -# CONFIG_BLK_DEV_INTEGRITY is not set +CONFIG_BLK_DEV_INTEGRITY=y # CONFIG_BLK_DEV_THROTTLING is not set # CONFIG_BLK_CMDLINE_PARSER is not set @@ -332,6 +336,7 @@ CONFIG_XEN_PVHVM=y CONFIG_XEN_MAX_DOMAIN_MEMORY=500 CONFIG_XEN_SAVE_RESTORE=y # CONFIG_XEN_DEBUG_FS is not set +CONFIG_XEN_PVH=y CONFIG_KVM_GUEST=y CONFIG_KVM_DEBUG_FS=y CONFIG_PARAVIRT_TIME_ACCOUNTING=y @@ -377,7 +382,6 @@ CONFIG_MICROCODE=m CONFIG_MICROCODE_INTEL=y CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_OLD_INTERFACE=y -CONFIG_MICROCODE_INTEL_LIB=y # CONFIG_MICROCODE_INTEL_EARLY is not set # CONFIG_MICROCODE_AMD_EARLY is not set CONFIG_X86_MSR=m @@ -416,6 +420,7 @@ CONFIG_MIGRATION=y CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=1 CONFIG_BOUNCE=y +CONFIG_NEED_BOUNCE_POOL=y CONFIG_VIRT_TO_BUS=y CONFIG_MMU_NOTIFIER=y CONFIG_KSM=y @@ -426,6 +431,7 @@ CONFIG_CLEANCACHE=y # CONFIG_FRONTSWAP is not set # CONFIG_CMA is not set # CONFIG_ZBUD is not set +# CONFIG_ZSMALLOC is not set # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set CONFIG_X86_RESERVE_LOW=64 CONFIG_MTRR=y @@ -438,7 +444,6 @@ CONFIG_ARCH_RANDOM=y # CONFIG_X86_SMAP is not set # CONFIG_EFI is not set # CONFIG_SECCOMP is not set -# CONFIG_CC_STACKPROTECTOR is not set CONFIG_HZ_100=y # CONFIG_HZ_250 is not set # CONFIG_HZ_300 is not set @@ -726,6 +731,7 @@ CONFIG_NF_NAT_SIP=m CONFIG_NF_NAT_TFTP=m CONFIG_NETFILTER_SYNPROXY=m CONFIG_NF_TABLES=m +CONFIG_NF_TABLES_INET=m CONFIG_NFT_EXTHDR=m CONFIG_NFT_META=m CONFIG_NFT_CT=m @@ -735,6 +741,9 @@ CONFIG_NFT_COUNTER=m CONFIG_NFT_LOG=m CONFIG_NFT_LIMIT=m CONFIG_NFT_NAT=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_REJECT_INET=m CONFIG_NFT_COMPAT=m CONFIG_NETFILTER_XTABLES=m @@ -777,6 +786,7 @@ CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m CONFIG_NETFILTER_XT_MATCH_CLUSTER=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m @@ -793,8 +803,10 @@ CONFIG_NETFILTER_XT_MATCH_ESP=m CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPCOMP=m CONFIG_NETFILTER_XT_MATCH_IPRANGE=m CONFIG_NETFILTER_XT_MATCH_IPVS=m +CONFIG_NETFILTER_XT_MATCH_L2TP=m CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m @@ -881,9 +893,9 @@ CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_NF_TABLES_IPV4=m -CONFIG_NFT_REJECT_IPV4=m CONFIG_NFT_CHAIN_ROUTE_IPV4=m CONFIG_NFT_CHAIN_NAT_IPV4=m +CONFIG_NFT_REJECT_IPV4=m CONFIG_NF_TABLES_ARP=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_AH=m @@ -919,6 +931,7 @@ CONFIG_NF_CONNTRACK_IPV6=m CONFIG_NF_TABLES_IPV6=m CONFIG_NFT_CHAIN_ROUTE_IPV6=m CONFIG_NFT_CHAIN_NAT_IPV6=m +CONFIG_NFT_REJECT_IPV6=m CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m @@ -1029,6 +1042,7 @@ CONFIG_LAPB=m CONFIG_PHONET=m CONFIG_IEEE802154=m CONFIG_IEEE802154_6LOWPAN=m +CONFIG_6LOWPAN_IPHC=m CONFIG_MAC802154=m CONFIG_NET_SCHED=y @@ -1056,6 +1070,8 @@ CONFIG_NET_SCH_QFQ=m CONFIG_NET_SCH_CODEL=m CONFIG_NET_SCH_FQ_CODEL=m CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_PIE=m CONFIG_NET_SCH_INGRESS=m # CONFIG_NET_SCH_PLUG is not set @@ -1111,7 +1127,8 @@ CONFIG_NET_MPLS_GSO=m CONFIG_RPS=y CONFIG_RFS_ACCEL=y CONFIG_XPS=y -CONFIG_NETPRIO_CGROUP=m +CONFIG_CGROUP_NET_PRIO=m +CONFIG_CGROUP_NET_CLASSID=y CONFIG_NET_RX_BUSY_POLL=y CONFIG_BQL=y CONFIG_BPF_JIT=y @@ -1276,6 +1293,7 @@ CONFIG_VMWARE_VMCI=m # Intel MIC Card Driver # # CONFIG_INTEL_MIC_CARD is not set +# CONFIG_GENWQE is not set CONFIG_HAVE_IDE=y # CONFIG_IDE is not set @@ -1333,7 +1351,6 @@ CONFIG_ISCSI_BOOT_SYSFS=m # CONFIG_SCSI_ACARD is not set # CONFIG_SCSI_AACRAID is not set # CONFIG_SCSI_AIC7XXX is not set -# CONFIG_SCSI_AIC7XXX_OLD is not set # CONFIG_SCSI_AIC79XX is not set # CONFIG_SCSI_AIC94XX is not set # CONFIG_SCSI_MVSAS is not set @@ -1510,15 +1527,16 @@ CONFIG_MD_FAULTY=m CONFIG_BCACHE=m # CONFIG_BCACHE_DEBUG is not set # CONFIG_BCACHE_CLOSURES_DEBUG is not set +CONFIG_BLK_DEV_DM_BUILTIN=y CONFIG_BLK_DEV_DM=m # CONFIG_DM_DEBUG is not set CONFIG_DM_BUFIO=m CONFIG_DM_BIO_PRISON=m CONFIG_DM_PERSISTENT_DATA=m +# CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set CONFIG_DM_CRYPT=m CONFIG_DM_SNAPSHOT=m CONFIG_DM_THIN_PROVISIONING=m -# CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set CONFIG_DM_CACHE=m CONFIG_DM_CACHE_MQ=m CONFIG_DM_CACHE_CLEANER=m @@ -1655,6 +1673,7 @@ CONFIG_E1000=m # CONFIG_IXGBE is not set # CONFIG_IXGBEVF is not set # CONFIG_I40E is not set +# CONFIG_I40EVF is not set # CONFIG_NET_VENDOR_I825XX is not set # CONFIG_IP1000 is not set # CONFIG_JME is not set @@ -1844,6 +1863,7 @@ CONFIG_INPUT_XEN_KBDDEV_FRONTEND=y # Hardware I/O ports # CONFIG_SERIO=y +CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y CONFIG_SERIO_I8042=y # CONFIG_SERIO_SERPORT is not set # CONFIG_SERIO_CT82C710 is not set @@ -1985,6 +2005,7 @@ CONFIG_I2C_PIIX4=m # I2C system bus drivers (mostly embedded / system-on-chip) # # CONFIG_I2C_CBUS_GPIO is not set +# CONFIG_I2C_DESIGNWARE_PLATFORM is not set # CONFIG_I2C_DESIGNWARE_PCI is not set # CONFIG_I2C_EG20T is not set # CONFIG_I2C_GPIO is not set @@ -2000,6 +2021,7 @@ CONFIG_I2C_PIIX4=m # CONFIG_I2C_DIOLAN_U2C is not set # CONFIG_I2C_PARPORT is not set # CONFIG_I2C_PARPORT_LIGHT is not set +# CONFIG_I2C_ROBOTFUZZ_OSIF is not set # CONFIG_I2C_TAOS_EVM is not set # CONFIG_I2C_TINY_USB is not set @@ -2041,6 +2063,7 @@ CONFIG_GPIO_ACPI=y # CONFIG_GPIO_GENERIC_PLATFORM is not set # CONFIG_GPIO_IT8761E is not set # CONFIG_GPIO_F7188X is not set +# CONFIG_GPIO_SCH311X is not set # CONFIG_GPIO_TS5500 is not set # CONFIG_GPIO_SCH is not set # CONFIG_GPIO_ICH is not set @@ -2069,7 +2092,6 @@ CONFIG_GPIO_ACPI=y # # SPI GPIO expanders: # -# CONFIG_GPIO_MCP23S08 is not set # # AC97 GPIO expanders: @@ -2239,6 +2261,7 @@ CONFIG_THERMAL_GOV_STEP_WISE=y # CONFIG_THERMAL_GOV_USER_SPACE is not set # CONFIG_THERMAL_EMULATION is not set # CONFIG_INTEL_POWERCLAMP is not set +# CONFIG_ACPI_INT3403_THERMAL is not set # # Texas Instruments thermal drivers @@ -2251,6 +2274,7 @@ CONFIG_WATCHDOG_CORE=y # Watchdog Device Drivers # # CONFIG_SOFT_WATCHDOG is not set +# CONFIG_DW_WATCHDOG is not set # CONFIG_ACQUIRE_WDT is not set # CONFIG_ADVANTECH_WDT is not set # CONFIG_ALIM1535_WDT is not set @@ -2339,6 +2363,7 @@ CONFIG_MFD_CORE=m # CONFIG_ABX500_CORE is not set # CONFIG_MFD_SYSCON is not set # CONFIG_MFD_TI_AM335X_TSCADC is not set +# CONFIG_MFD_LP3943 is not set # CONFIG_TPS6105X is not set # CONFIG_TPS65010 is not set # CONFIG_TPS6507X is not set @@ -2361,6 +2386,7 @@ CONFIG_AGP_AMD64=m CONFIG_AGP_INTEL=m CONFIG_AGP_SIS=m CONFIG_AGP_VIA=m +CONFIG_INTEL_GTT=m # CONFIG_VGA_ARB is not set # CONFIG_VGA_SWITCHEROO is not set CONFIG_DRM=m @@ -2385,6 +2411,7 @@ CONFIG_DRM_I915=m # CONFIG_DRM_I915_KMS is not set # CONFIG_DRM_I915_FBDEV is not set # CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set +# CONFIG_DRM_I915_UMS is not set CONFIG_DRM_MGA=m CONFIG_DRM_SIS=m CONFIG_DRM_VIA=m @@ -2399,6 +2426,7 @@ CONFIG_DRM_GMA3600=y CONFIG_DRM_MGAG200=m CONFIG_DRM_CIRRUS_QEMU=m CONFIG_DRM_QXL=m +# CONFIG_DRM_BOCHS is not set CONFIG_VGASTATE=m CONFIG_VIDEO_OUTPUT_CONTROL=m CONFIG_HDMI=y @@ -2433,6 +2461,7 @@ CONFIG_FB_VGA16=m CONFIG_FB_UVESA=m # CONFIG_FB_N411 is not set # CONFIG_FB_HGA is not set +# CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set # CONFIG_FB_RIVA is not set @@ -2589,20 +2618,20 @@ CONFIG_SND_HDA_INPUT_BEEP=y CONFIG_SND_HDA_INPUT_BEEP_MODE=0 CONFIG_SND_HDA_INPUT_JACK=y # CONFIG_SND_HDA_PATCH_LOADER is not set -CONFIG_SND_HDA_CODEC_REALTEK=y -CONFIG_SND_HDA_CODEC_ANALOG=y -CONFIG_SND_HDA_CODEC_SIGMATEL=y -CONFIG_SND_HDA_CODEC_VIA=y -CONFIG_SND_HDA_CODEC_HDMI=y +CONFIG_SND_HDA_CODEC_REALTEK=m +CONFIG_SND_HDA_CODEC_ANALOG=m +CONFIG_SND_HDA_CODEC_SIGMATEL=m +CONFIG_SND_HDA_CODEC_VIA=m +CONFIG_SND_HDA_CODEC_HDMI=m CONFIG_SND_HDA_I915=y -CONFIG_SND_HDA_CODEC_CIRRUS=y -CONFIG_SND_HDA_CODEC_CONEXANT=y -CONFIG_SND_HDA_CODEC_CA0110=y -CONFIG_SND_HDA_CODEC_CA0132=y +CONFIG_SND_HDA_CODEC_CIRRUS=m +CONFIG_SND_HDA_CODEC_CONEXANT=m +CONFIG_SND_HDA_CODEC_CA0110=m +CONFIG_SND_HDA_CODEC_CA0132=m # CONFIG_SND_HDA_CODEC_CA0132_DSP is not set -CONFIG_SND_HDA_CODEC_CMEDIA=y -CONFIG_SND_HDA_CODEC_SI3054=y -CONFIG_SND_HDA_GENERIC=y +CONFIG_SND_HDA_CODEC_CMEDIA=m +CONFIG_SND_HDA_CODEC_SI3054=m +CONFIG_SND_HDA_GENERIC=m CONFIG_SND_HDA_POWER_SAVE_DEFAULT=0 # CONFIG_SND_HDSP is not set # CONFIG_SND_HDSPM is not set @@ -2801,7 +2830,9 @@ CONFIG_USB_STORAGE_ENE_UB6250=m # # CONFIG_USB_MDC800 is not set # CONFIG_USB_MICROTEK is not set +# CONFIG_USB_MUSB_HDRC is not set # CONFIG_USB_DWC3 is not set +# CONFIG_USB_DWC2 is not set # CONFIG_USB_CHIPIDEA is not set # @@ -2842,6 +2873,7 @@ CONFIG_USB_STORAGE_ENE_UB6250=m # USB Physical Layer drivers # # CONFIG_USB_PHY is not set +# CONFIG_USB_OTG_FSM is not set # CONFIG_NOP_USB_XCEIV is not set # CONFIG_SAMSUNG_USB2PHY is not set # CONFIG_SAMSUNG_USB3PHY is not set @@ -2913,6 +2945,7 @@ CONFIG_RTC_DRV_MAX6900=m CONFIG_RTC_DRV_RS5C372=m CONFIG_RTC_DRV_ISL1208=m # CONFIG_RTC_DRV_ISL12022 is not set +# CONFIG_RTC_DRV_ISL12057 is not set CONFIG_RTC_DRV_X1205=m # CONFIG_RTC_DRV_PCF2127 is not set # CONFIG_RTC_DRV_PCF8523 is not set @@ -3033,11 +3066,11 @@ CONFIG_STAGING=y # CONFIG_COMEDI is not set # CONFIG_PANEL is not set # CONFIG_RTS5139 is not set +# CONFIG_RTS5208 is not set # CONFIG_TRANZPORT is not set # CONFIG_IDE_PHISON is not set # CONFIG_LINE6_USB is not set # CONFIG_DX_SEP is not set -# CONFIG_ZSMALLOC is not set # CONFIG_FB_SM7XX is not set # CONFIG_CRYSTALHD is not set # CONFIG_FB_XGI is not set @@ -3065,7 +3098,6 @@ CONFIG_STAGING=y # CONFIG_CED1401 is not set # CONFIG_DGRP is not set # CONFIG_FIREWIRE_SERIAL is not set -# CONFIG_USB_DWC2 is not set # CONFIG_LUSTRE_FS is not set # CONFIG_XILLYBUS is not set # CONFIG_DGNC is not set @@ -3123,6 +3155,7 @@ CONFIG_FIRMWARE_MEMMAP=y # CONFIG_DCDBAS is not set CONFIG_DMIID=y # CONFIG_DMI_SYSFS is not set +CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y # CONFIG_ISCSI_IBFT_FIND is not set # CONFIG_GOOGLE_FIRMWARE is not set CONFIG_UEFI_CPER=y @@ -3201,7 +3234,6 @@ CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=m CONFIG_FUSE_FS=m # CONFIG_CUSE is not set -CONFIG_GENERIC_ACL=y # # Caches @@ -3325,6 +3357,7 @@ CONFIG_RPCSEC_GSS_KRB5=m # CONFIG_SUNRPC_DEBUG is not set CONFIG_CEPH_FS=m CONFIG_CEPH_FSCACHE=y +# CONFIG_CEPH_FS_POSIX_ACL is not set CONFIG_CIFS=m # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set @@ -3461,6 +3494,7 @@ CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0 # CONFIG_DETECT_HUNG_TASK is not set # CONFIG_PANIC_ON_OOPS is not set CONFIG_PANIC_ON_OOPS_VALUE=0 +CONFIG_PANIC_TIMEOUT=0 CONFIG_SCHED_DEBUG=y CONFIG_SCHEDSTATS=y CONFIG_TIMER_STATS=y @@ -3529,6 +3563,8 @@ CONFIG_TRACING_SUPPORT=y # CONFIG_TEST_STRING_HELPERS is not set CONFIG_TEST_KSTRTOX=m # CONFIG_DMA_API_DEBUG is not set +# CONFIG_TEST_MODULE is not set +# CONFIG_TEST_USER_COPY is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set @@ -3630,6 +3666,7 @@ CONFIG_GRKERNSEC_JIT_HARDEN=y CONFIG_GRKERNSEC_PERF_HARDEN=y # CONFIG_GRKERNSEC_RAND_THREADSTACK is not set CONFIG_GRKERNSEC_PROC_MEMMAP=y +CONFIG_GRKERNSEC_KSTACKOVERFLOW=y # CONFIG_GRKERNSEC_BRUTE is not set # CONFIG_GRKERNSEC_MODHARDEN is not set # CONFIG_GRKERNSEC_HIDESYM is not set @@ -3882,6 +3919,9 @@ CONFIG_CRYPTO_HW=y CONFIG_CRYPTO_DEV_PADLOCK=m CONFIG_CRYPTO_DEV_PADLOCK_AES=m CONFIG_CRYPTO_DEV_PADLOCK_SHA=m +CONFIG_CRYPTO_DEV_CCP=y +CONFIG_CRYPTO_DEV_CCP_DD=m +CONFIG_CRYPTO_DEV_CCP_CRYPTO=m CONFIG_ASYMMETRIC_KEY_TYPE=m CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=m CONFIG_PUBLIC_KEY_ALGO_RSA=m |