Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2013-09-17 09:34:14 -0400
committerAnthony G. Basile <blueness@gentoo.org>2013-09-17 09:34:14 -0400
commit270bc433bd40feb82a97a84611edb02fd4c1e4f3 (patch)
treeaf568d3b2d8fad45549d1b8abc2c54c72582e4d9
parentClean up line numbers (diff)
downloadhardened-patchset-270bc433bd40feb82a97a84611edb02fd4c1e4f3.tar.gz
hardened-patchset-270bc433bd40feb82a97a84611edb02fd4c1e4f3.tar.bz2
hardened-patchset-270bc433bd40feb82a97a84611edb02fd4c1e4f3.zip
Grsec/PaX: 2.9.1-{3.2.51,3.11.1}-201309162121
Diffstat
-rw-r--r--3.11.1/0000_README2
-rw-r--r--3.11.1/4420_grsecurity-2.9.1-3.11.1-201309162121.patch (renamed from 3.11.1/4420_grsecurity-2.9.1-3.11.1-201309151124.patch)219
-rw-r--r--3.2.51/0000_README2
-rw-r--r--3.2.51/4420_grsecurity-2.9.1-3.2.51-201309162119.patch (renamed from 3.2.51/4420_grsecurity-2.9.1-3.2.51-201309142348.patch)424
4 files changed, 434 insertions, 213 deletions
diff --git a/3.11.1/0000_README b/3.11.1/0000_README
index 53a2f00..babb272 100644
--- a/3.11.1/0000_README
+++ b/3.11.1/0000_README
@@ -6,7 +6,7 @@ Patch: 1000_linux-3.11.1.patch
From: http://www.kernel.org
Desc: Linux 3.11.1
-Patch: 4420_grsecurity-2.9.1-3.11.1-201309151124.patch
+Patch: 4420_grsecurity-2.9.1-3.11.1-201309162121.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.11.1/4420_grsecurity-2.9.1-3.11.1-201309151124.patch b/3.11.1/4420_grsecurity-2.9.1-3.11.1-201309162121.patch
index c6067c6..147d172 100644
--- a/3.11.1/4420_grsecurity-2.9.1-3.11.1-201309151124.patch
+++ b/3.11.1/4420_grsecurity-2.9.1-3.11.1-201309162121.patch
@@ -3353,7 +3353,7 @@ index 5306de3..aed6d03 100644
.const_udelay = __loop_const_udelay,
.udelay = __loop_udelay,
diff --git a/arch/arm/lib/uaccess_with_memcpy.c b/arch/arm/lib/uaccess_with_memcpy.c
-index 025f742..8432b08 100644
+index 025f742..a9e5b3b 100644
--- a/arch/arm/lib/uaccess_with_memcpy.c
+++ b/arch/arm/lib/uaccess_with_memcpy.c
@@ -104,7 +104,7 @@ out:
@@ -3365,6 +3365,15 @@ index 025f742..8432b08 100644
{
/*
* This test is stubbed out of the main function above to keep
+@@ -155,7 +155,7 @@ out:
+ return n;
+ }
+
+-unsigned long __clear_user(void __user *addr, unsigned long n)
++unsigned long ___clear_user(void __user *addr, unsigned long n)
+ {
+ /* See rational for this in __copy_to_user() above. */
+ if (n < 64)
diff --git a/arch/arm/mach-kirkwood/common.c b/arch/arm/mach-kirkwood/common.c
index e9238b5..6ed904a 100644
--- a/arch/arm/mach-kirkwood/common.c
@@ -14650,10 +14659,10 @@ index 4fa687a..60f2d39 100644
#ifdef CONFIG_X86_64
#define MIN_KERNEL_ALIGN_LG2 PMD_SHIFT
diff --git a/arch/x86/include/asm/cache.h b/arch/x86/include/asm/cache.h
-index 48f99f1..d78ebf9 100644
+index 48f99f1..d4765f9 100644
--- a/arch/x86/include/asm/cache.h
+++ b/arch/x86/include/asm/cache.h
-@@ -5,12 +5,13 @@
+@@ -5,12 +5,17 @@
/* L1 cache line size */
#define L1_CACHE_SHIFT (CONFIG_X86_L1_CACHE_SHIFT)
@@ -14661,7 +14670,11 @@ index 48f99f1..d78ebf9 100644
+#define L1_CACHE_BYTES (_AC(1,UL) << L1_CACHE_SHIFT)
#define __read_mostly __attribute__((__section__(".data..read_mostly")))
++#ifdef MODULE
++#define __read_only __attribute__((__section__(".rodata")))
++#else
+#define __read_only __attribute__((__section__(".data..read_only")))
++#endif
#define INTERNODE_CACHE_SHIFT CONFIG_X86_INTERNODE_CACHE_SHIFT
-#define INTERNODE_CACHE_BYTES (1 << INTERNODE_CACHE_SHIFT)
@@ -37202,7 +37215,7 @@ index e59afaa..a53a3ff 100644
cpufreq_unregister_notifier(cs_ops->notifier_block,
CPUFREQ_TRANSITION_NOTIFIER);
diff --git a/drivers/cpufreq/cpufreq_governor.h b/drivers/cpufreq/cpufreq_governor.h
-index d5f12b4..421daae 100644
+index d5f12b4..eb30af1 100644
--- a/drivers/cpufreq/cpufreq_governor.h
+++ b/drivers/cpufreq/cpufreq_governor.h
@@ -204,7 +204,7 @@ struct common_dbs_data {
@@ -37214,10 +37227,28 @@ index d5f12b4..421daae 100644
};
/* Governer Per policy data */
+@@ -224,7 +224,7 @@ struct od_ops {
+ unsigned int (*powersave_bias_target)(struct cpufreq_policy *policy,
+ unsigned int freq_next, unsigned int relation);
+ void (*freq_increase)(struct cpufreq_policy *p, unsigned int freq);
+-};
++} __no_const;
+
+ struct cs_ops {
+ struct notifier_block *notifier_block;
diff --git a/drivers/cpufreq/cpufreq_ondemand.c b/drivers/cpufreq/cpufreq_ondemand.c
-index c087347..dad6268 100644
+index c087347..989aa2e 100644
--- a/drivers/cpufreq/cpufreq_ondemand.c
+++ b/drivers/cpufreq/cpufreq_ondemand.c
+@@ -560,7 +560,7 @@ static void od_exit(struct dbs_data *dbs_data)
+
+ define_get_cpu_dbs_routines(od_cpu_dbs_info);
+
+-static struct od_ops od_ops = {
++static struct od_ops od_ops __read_only = {
+ .powersave_bias_init_cpu = ondemand_powersave_bias_init_cpu,
+ .powersave_bias_target = generic_powersave_bias_target,
+ .freq_increase = dbs_freq_increase,
@@ -615,14 +615,18 @@ void od_register_powersave_bias_handler(unsigned int (*f)
(struct cpufreq_policy *, unsigned int, unsigned int),
unsigned int powersave_bias)
@@ -58370,7 +58401,7 @@ index 9e38daf..5727cae 100644
"inode 0x%lx or driver bug.", vdir->i_ino);
goto err_out;
diff --git a/fs/ntfs/file.c b/fs/ntfs/file.c
-index c5670b8..2b43d9b 100644
+index c5670b8..d590213 100644
--- a/fs/ntfs/file.c
+++ b/fs/ntfs/file.c
@@ -1282,7 +1282,7 @@ static inline size_t ntfs_copy_from_user(struct page **pages,
@@ -58382,15 +58413,6 @@ index c5670b8..2b43d9b 100644
do {
len = PAGE_CACHE_SIZE - ofs;
-@@ -2241,6 +2241,6 @@ const struct inode_operations ntfs_file_inode_ops = {
- #endif /* NTFS_RW */
- };
-
--const struct file_operations ntfs_empty_file_ops = {};
-+const struct file_operations ntfs_empty_file_ops __read_only;
-
--const struct inode_operations ntfs_empty_inode_ops = {};
-+const struct inode_operations ntfs_empty_inode_ops __read_only;
diff --git a/fs/ntfs/super.c b/fs/ntfs/super.c
index 82650d5..db37dcf 100644
--- a/fs/ntfs/super.c
@@ -74584,17 +74606,13 @@ index aff7ad8..3942bbd 100644
extern int register_pppox_proto(int proto_num, const struct pppox_proto *pp);
extern void unregister_pppox_proto(int proto_num);
diff --git a/include/linux/init.h b/include/linux/init.h
-index e73f2b7..3a5082b 100644
+index e73f2b7..cc996e0 100644
--- a/include/linux/init.h
+++ b/include/linux/init.h
-@@ -39,9 +39,22 @@
+@@ -39,9 +39,17 @@
* Also note, that this data cannot be "const".
*/
-+#ifdef MODULE
-+#define add_init_latent_entropy
-+#define add_meminit_latent_entropy
-+#else
+#define add_init_latent_entropy __latent_entropy
+
+#ifdef CONFIG_MEMORY_HOTPLUG
@@ -74602,7 +74620,6 @@ index e73f2b7..3a5082b 100644
+#else
+#define add_meminit_latent_entropy __latent_entropy
+#endif
-+#endif
+
/* These are for everybody (although not all archs will actually
discard it in modules) */
@@ -74611,7 +74628,7 @@ index e73f2b7..3a5082b 100644
#define __initdata __section(.init.data)
#define __initconst __constsection(.init.rodata)
#define __exitdata __section(.exit.data)
-@@ -102,7 +115,7 @@
+@@ -102,7 +110,7 @@
#define __cpuexitconst
/* Used for MEMORY_HOTPLUG */
@@ -78196,10 +78213,18 @@ index d198005..c974a393 100644
#define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0]))
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
-index e823786..55bf641 100644
+index e823786..53b0608 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
-@@ -305,7 +305,7 @@ struct xfrm_policy_afinfo {
+@@ -287,7 +287,6 @@ struct xfrm_dst;
+ struct xfrm_policy_afinfo {
+ unsigned short family;
+ struct dst_ops *dst_ops;
+- void (*garbage_collect)(struct net *net);
+ struct dst_entry *(*dst_lookup)(struct net *net, int tos,
+ const xfrm_address_t *saddr,
+ const xfrm_address_t *daddr);
+@@ -305,7 +304,7 @@ struct xfrm_policy_afinfo {
struct net_device *dev,
const struct flowi *fl);
struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig);
@@ -78208,7 +78233,7 @@ index e823786..55bf641 100644
extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);
extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo);
-@@ -342,7 +342,7 @@ struct xfrm_state_afinfo {
+@@ -342,7 +341,7 @@ struct xfrm_state_afinfo {
int (*transport_finish)(struct sk_buff *skb,
int async);
void (*local_error)(struct sk_buff *skb, u32 mtu);
@@ -78217,7 +78242,7 @@ index e823786..55bf641 100644
extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo);
extern int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo);
-@@ -427,7 +427,7 @@ struct xfrm_mode {
+@@ -427,7 +426,7 @@ struct xfrm_mode {
struct module *owner;
unsigned int encap;
int flags;
@@ -78226,7 +78251,7 @@ index e823786..55bf641 100644
/* Flags for xfrm_mode. */
enum {
-@@ -524,7 +524,7 @@ struct xfrm_policy {
+@@ -524,7 +523,7 @@ struct xfrm_policy {
struct timer_list timer;
struct flow_cache_object flo;
@@ -78235,6 +78260,24 @@ index e823786..55bf641 100644
u32 priority;
u32 index;
struct xfrm_mark mark;
+@@ -1164,6 +1163,7 @@ static inline void xfrm_sk_free_policy(struct sock *sk)
+ }
+
+ extern void xfrm_garbage_collect(struct net *net);
++extern void xfrm_garbage_collect_deferred(struct net *net);
+
+ #else
+
+@@ -1202,6 +1202,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir,
+ static inline void xfrm_garbage_collect(struct net *net)
+ {
+ }
++static inline void xfrm_garbage_collect_deferred(struct net *net)
++{
++}
+ #endif
+
+ static __inline__
diff --git a/include/rdma/iw_cm.h b/include/rdma/iw_cm.h
index 1a046b1..ee0bef0 100644
--- a/include/rdma/iw_cm.h
@@ -79075,7 +79118,7 @@ index a67ef9d..2d17ed9 100644
#ifdef CONFIG_BLK_DEV_RAM
int fd;
diff --git a/init/main.c b/init/main.c
-index d03d2ec..665fac3 100644
+index d03d2ec..9fc4737 100644
--- a/init/main.c
+++ b/init/main.c
@@ -101,6 +101,8 @@ static inline void mark_rodata_ro(void) { }
@@ -79162,7 +79205,7 @@ index d03d2ec..665fac3 100644
static const char * argv_init[MAX_INIT_ARGS+2] = { "init", NULL, };
const char * envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, };
static const char *panic_later, *panic_param;
-@@ -679,24 +749,22 @@ int __init_or_module do_one_initcall(initcall_t fn)
+@@ -679,25 +749,24 @@ int __init_or_module do_one_initcall(initcall_t fn)
{
int count = preempt_count();
int ret;
@@ -79189,33 +79232,11 @@ index d03d2ec..665fac3 100644
- WARN(msgbuf[0], "initcall %pF returned with %s\n", fn, msgbuf);
+ WARN(*msg1 || *msg2, "initcall %pF returned with%s%s\n", fn, msg1, msg2);
++ add_latent_entropy();
return ret;
}
-@@ -749,8 +817,10 @@ static void __init do_initcall_level(int level)
- level, level,
- &repair_env_string);
-- for (fn = initcall_levels[level]; fn < initcall_levels[level+1]; fn++)
-+ for (fn = initcall_levels[level]; fn < initcall_levels[level+1]; fn++) {
- do_one_initcall(*fn);
-+ add_latent_entropy();
-+ }
- }
-
- static void __init do_initcalls(void)
-@@ -784,8 +854,10 @@ static void __init do_pre_smp_initcalls(void)
- {
- initcall_t *fn;
-
-- for (fn = __initcall_start; fn < __initcall0_start; fn++)
-+ for (fn = __initcall_start; fn < __initcall0_start; fn++) {
- do_one_initcall(*fn);
-+ add_latent_entropy();
-+ }
- }
-
- /*
-@@ -803,8 +875,8 @@ static int run_init_process(const char *init_filename)
+@@ -803,8 +872,8 @@ static int run_init_process(const char *init_filename)
{
argv_init[0] = init_filename;
return do_execve(init_filename,
@@ -79226,7 +79247,7 @@ index d03d2ec..665fac3 100644
}
static noinline void __init kernel_init_freeable(void);
-@@ -881,7 +953,7 @@ static noinline void __init kernel_init_freeable(void)
+@@ -881,7 +950,7 @@ static noinline void __init kernel_init_freeable(void)
do_basic_setup();
/* Open the /dev/console on the rootfs, this should never fail */
@@ -79235,7 +79256,7 @@ index d03d2ec..665fac3 100644
pr_err("Warning: unable to open an initial console.\n");
(void) sys_dup(0);
-@@ -894,11 +966,13 @@ static noinline void __init kernel_init_freeable(void)
+@@ -894,11 +963,13 @@ static noinline void __init kernel_init_freeable(void)
if (!ramdisk_execute_command)
ramdisk_execute_command = "/init";
@@ -88940,7 +88961,7 @@ index 3f0c895..60cd104 100644
unsigned long bg_thresh,
unsigned long dirty,
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
-index b100255..a59b444 100644
+index b100255..fba1254 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -60,6 +60,7 @@
@@ -88984,7 +89005,7 @@ index b100255..a59b444 100644
arch_free_page(page, order);
kernel_map_pages(page, 1 << order, 0);
-@@ -747,6 +758,19 @@ static void __free_pages_ok(struct page *page, unsigned int order)
+@@ -747,6 +758,20 @@ static void __free_pages_ok(struct page *page, unsigned int order)
local_irq_restore(flags);
}
@@ -88999,12 +89020,13 @@ index b100255..a59b444 100644
+early_param("pax_extra_latent_entropy", setup_pax_extra_latent_entropy);
+
+volatile u64 latent_entropy;
++EXPORT_SYMBOL(latent_entropy);
+#endif
+
void __init __free_pages_bootmem(struct page *page, unsigned int order)
{
unsigned int nr_pages = 1 << order;
-@@ -762,6 +786,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order)
+@@ -762,6 +787,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order)
set_page_count(p, 0);
}
@@ -89024,7 +89046,7 @@ index b100255..a59b444 100644
page_zone(page)->managed_pages += 1 << order;
set_page_refcounted(page);
__free_pages(page, order);
-@@ -867,8 +904,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags)
+@@ -867,8 +905,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags)
arch_alloc_page(page, order);
kernel_map_pages(page, 1 << order, 1);
@@ -93066,9 +93088,23 @@ index 766e6ba..aff2f8d 100644
int udp4_seq_show(struct seq_file *seq, void *v)
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
-index 9a459be..086b866 100644
+index 9a459be..c7bc04c 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
+@@ -181,11 +181,11 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
+ fl4->flowi4_tos = iph->tos;
+ }
+
+-static inline int xfrm4_garbage_collect(struct dst_ops *ops)
++static int xfrm4_garbage_collect(struct dst_ops *ops)
+ {
+ struct net *net = container_of(ops, struct net, xfrm.xfrm4_dst_ops);
+
+- xfrm4_policy_afinfo.garbage_collect(net);
++ xfrm_garbage_collect_deferred(net);
+ return (dst_entries_get_slow(ops) > ops->gc_thresh * 2);
+ }
+
@@ -264,19 +264,18 @@ static struct ctl_table xfrm4_policy_table[] = {
static int __net_init xfrm4_net_init(struct net *net)
@@ -93733,9 +93769,23 @@ index f405815..45a68a6 100644
kfree_skb(skb);
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
-index 23ed03d..465a71d 100644
+index 23ed03d..6532e67 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
+@@ -207,11 +207,11 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse)
+ }
+ }
+
+-static inline int xfrm6_garbage_collect(struct dst_ops *ops)
++static int xfrm6_garbage_collect(struct dst_ops *ops)
+ {
+ struct net *net = container_of(ops, struct net, xfrm.xfrm6_dst_ops);
+
+- xfrm6_policy_afinfo.garbage_collect(net);
++ xfrm_garbage_collect_deferred(net);
+ return dst_entries_get_fast(ops) > ops->gc_thresh * 2;
+ }
+
@@ -324,19 +324,19 @@ static struct ctl_table xfrm6_policy_table[] = {
static int __net_init xfrm6_net_init(struct net *net)
@@ -96331,7 +96381,7 @@ index c8717c1..08539f5 100644
iwp->length += essid_compat;
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
-index f77c371..84e752a 100644
+index f77c371..e412fa6 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -332,7 +332,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy)
@@ -96388,7 +96438,21 @@ index f77c371..84e752a 100644
return xdst;
}
-@@ -2611,7 +2611,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
+@@ -2557,11 +2557,12 @@ void xfrm_garbage_collect(struct net *net)
+ }
+ EXPORT_SYMBOL(xfrm_garbage_collect);
+
+-static void xfrm_garbage_collect_deferred(struct net *net)
++void xfrm_garbage_collect_deferred(struct net *net)
+ {
+ flow_cache_flush_deferred();
+ __xfrm_garbage_collect(net);
+ }
++EXPORT_SYMBOL(xfrm_garbage_collect_deferred);
+
+ static void xfrm_init_pmtu(struct dst_entry *dst)
+ {
+@@ -2611,7 +2612,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
if (xdst->xfrm_genid != dst->xfrm->genid)
return 0;
if (xdst->num_pols > 0 &&
@@ -96397,32 +96461,24 @@ index f77c371..84e752a 100644
return 0;
mtu = dst_mtu(dst->child);
-@@ -2699,8 +2699,11 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
+@@ -2699,8 +2700,6 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
dst_ops->link_failure = xfrm_link_failure;
if (likely(dst_ops->neigh_lookup == NULL))
dst_ops->neigh_lookup = xfrm_neigh_lookup;
- if (likely(afinfo->garbage_collect == NULL))
- afinfo->garbage_collect = xfrm_garbage_collect_deferred;
-+ if (likely(afinfo->garbage_collect == NULL)) {
-+ pax_open_kernel();
-+ *(void **)&afinfo->garbage_collect = xfrm_garbage_collect_deferred;
-+ pax_close_kernel();
-+ }
rcu_assign_pointer(xfrm_policy_afinfo[afinfo->family], afinfo);
}
spin_unlock(&xfrm_policy_afinfo_lock);
-@@ -2754,7 +2757,9 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
+@@ -2754,7 +2753,6 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
dst_ops->check = NULL;
dst_ops->negative_advice = NULL;
dst_ops->link_failure = NULL;
- afinfo->garbage_collect = NULL;
-+ pax_open_kernel();
-+ *(void **)&afinfo->garbage_collect = NULL;
-+ pax_close_kernel();
}
return err;
}
-@@ -3137,7 +3142,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
+@@ -3137,7 +3135,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
sizeof(pol->xfrm_vec[i].saddr));
pol->xfrm_vec[i].encap_family = mp->new_family;
/* flush bundles */
@@ -96552,6 +96608,19 @@ index 05a6e3d..6716ec9 100644
__xfrm_sysctl_init(net);
+diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
+index 3f565e4..4b26cee 100644
+--- a/net/xfrm/xfrm_user.c
++++ b/net/xfrm/xfrm_user.c
+@@ -1856,7 +1856,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
+ if (x->km.state != XFRM_STATE_VALID)
+ goto out;
+
+- err = xfrm_replay_verify_len(x->replay_esn, rp);
++ err = xfrm_replay_verify_len(x->replay_esn, re);
+ if (err)
+ goto out;
+
diff --git a/scripts/Makefile.build b/scripts/Makefile.build
index d5d859c..781cbcb 100644
--- a/scripts/Makefile.build
diff --git a/3.2.51/0000_README b/3.2.51/0000_README
index e6c614e..f4cebcc 100644
--- a/3.2.51/0000_README
+++ b/3.2.51/0000_README
@@ -122,7 +122,7 @@ Patch: 1050_linux-3.2.51.patch
From: http://www.kernel.org
Desc: Linux 3.2.51
-Patch: 4420_grsecurity-2.9.1-3.2.51-201309142348.patch
+Patch: 4420_grsecurity-2.9.1-3.2.51-201309162119.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.51/4420_grsecurity-2.9.1-3.2.51-201309142348.patch b/3.2.51/4420_grsecurity-2.9.1-3.2.51-201309162119.patch
index 1e50463..509d13a 100644
--- a/3.2.51/4420_grsecurity-2.9.1-3.2.51-201309142348.patch
+++ b/3.2.51/4420_grsecurity-2.9.1-3.2.51-201309162119.patch
@@ -11312,10 +11312,10 @@ index 5e1a2ee..c9f9533 100644
#ifdef CONFIG_X86_64
#define MIN_KERNEL_ALIGN_LG2 PMD_SHIFT
diff --git a/arch/x86/include/asm/cache.h b/arch/x86/include/asm/cache.h
-index 48f99f1..d78ebf9 100644
+index 48f99f1..d4765f9 100644
--- a/arch/x86/include/asm/cache.h
+++ b/arch/x86/include/asm/cache.h
-@@ -5,12 +5,13 @@
+@@ -5,12 +5,17 @@
/* L1 cache line size */
#define L1_CACHE_SHIFT (CONFIG_X86_L1_CACHE_SHIFT)
@@ -11323,7 +11323,11 @@ index 48f99f1..d78ebf9 100644
+#define L1_CACHE_BYTES (_AC(1,UL) << L1_CACHE_SHIFT)
#define __read_mostly __attribute__((__section__(".data..read_mostly")))
++#ifdef MODULE
++#define __read_only __attribute__((__section__(".rodata")))
++#else
+#define __read_only __attribute__((__section__(".data..read_only")))
++#endif
#define INTERNODE_CACHE_SHIFT CONFIG_X86_INTERNODE_CACHE_SHIFT
-#define INTERNODE_CACHE_BYTES (1 << INTERNODE_CACHE_SHIFT)
@@ -55349,7 +55353,7 @@ index 9680cef..36c9152 100644
out:
return len;
diff --git a/fs/namespace.c b/fs/namespace.c
-index ca4913a..4d493ac 100644
+index ca4913a..8eb2439 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1327,6 +1327,9 @@ static int do_umount(struct vfsmount *mnt, int flags)
@@ -55417,6 +55421,15 @@ index ca4913a..4d493ac 100644
return retval;
}
+@@ -2389,7 +2408,7 @@ void mnt_make_shortterm(struct vfsmount *mnt)
+ * Allocate a new namespace structure and populate it with contents
+ * copied from the namespace of the passed in task structure.
+ */
+-static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
++static __latent_entropy struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
+ struct fs_struct *fs)
+ {
+ struct mnt_namespace *new_ns;
@@ -2518,8 +2537,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name)
}
EXPORT_SYMBOL(mount_subtree);
@@ -55859,7 +55872,7 @@ index 99e3610..02c1068 100644
"inode 0x%lx or driver bug.", vdir->i_ino);
goto err_out;
diff --git a/fs/ntfs/file.c b/fs/ntfs/file.c
-index c587e2d..5189f0f 100644
+index c587e2d..48a16cd 100644
--- a/fs/ntfs/file.c
+++ b/fs/ntfs/file.c
@@ -1281,7 +1281,7 @@ static inline size_t ntfs_copy_from_user(struct page **pages,
@@ -55871,15 +55884,6 @@ index c587e2d..5189f0f 100644
do {
len = PAGE_CACHE_SIZE - ofs;
-@@ -2229,6 +2229,6 @@ const struct inode_operations ntfs_file_inode_ops = {
- #endif /* NTFS_RW */
- };
-
--const struct file_operations ntfs_empty_file_ops = {};
-+const struct file_operations ntfs_empty_file_ops __read_only;
-
--const struct inode_operations ntfs_empty_inode_ops = {};
-+const struct inode_operations ntfs_empty_inode_ops __read_only;
diff --git a/fs/ntfs/super.c b/fs/ntfs/super.c
index b52706d..b9a9f9d 100644
--- a/fs/ntfs/super.c
@@ -69978,20 +69982,28 @@ index 810431d..0ec4804f 100644
* (puds are folded into pgds so this doesn't get actually called,
* but the define is needed for a generic inline function.)
diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h
-index bc00876..5aee0d9 100644
+index bc00876..9aa9b1f 100644
--- a/include/asm-generic/pgtable.h
+++ b/include/asm-generic/pgtable.h
-@@ -530,6 +530,14 @@ static inline int pmd_trans_unstable(pmd_t *pmd)
+@@ -530,6 +530,22 @@ static inline int pmd_trans_unstable(pmd_t *pmd)
#endif
}
+#ifndef __HAVE_ARCH_PAX_OPEN_KERNEL
++#ifdef CONFIG_PAX_KERNEXEC
++#error KERNEXEC requires pax_open_kernel
++#else
+static inline unsigned long pax_open_kernel(void) { return 0; }
+#endif
++#endif
+
+#ifndef __HAVE_ARCH_PAX_CLOSE_KERNEL
++#ifdef CONFIG_PAX_KERNEXEC
++#error KERNEXEC requires pax_close_kernel
++#else
+static inline unsigned long pax_close_kernel(void) { return 0; }
+#endif
++#endif
+
#endif /* CONFIG_MMU */
@@ -70986,6 +70998,19 @@ index 73845ce..e5678a7 100644
#ifdef CONFIG_FB_TILEBLITTING
#define FB_TILE_CURSOR_NONE 0
+diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h
+index 82163c4..c4b3b50 100644
+--- a/include/linux/fdtable.h
++++ b/include/linux/fdtable.h
+@@ -101,7 +101,7 @@ struct files_struct *get_files_struct(struct task_struct *);
+ void put_files_struct(struct files_struct *fs);
+ void reset_files_struct(struct files_struct *);
+ int unshare_files(struct files_struct **);
+-struct files_struct *dup_fd(struct files_struct *, int *);
++struct files_struct *dup_fd(struct files_struct *, int *) __latent_entropy;
+
+ extern struct kmem_cache *files_cachep;
+
diff --git a/include/linux/filter.h b/include/linux/filter.h
index 8eeb205..d59bfa2 100644
--- a/include/linux/filter.h
@@ -72575,19 +72600,13 @@ index 732c962..61c3f70 100644
extern int register_pppox_proto(int proto_num, const struct pppox_proto *pp);
extern void unregister_pppox_proto(int proto_num);
diff --git a/include/linux/init.h b/include/linux/init.h
-index 9146f39..23fa1ea 100644
+index 9146f39..536519a 100644
--- a/include/linux/init.h
+++ b/include/linux/init.h
-@@ -38,9 +38,36 @@
+@@ -38,9 +38,29 @@
* Also note, that this data cannot be "const".
*/
-+#ifdef MODULE
-+#define add_init_latent_entropy
-+#define add_devinit_latent_entropy
-+#define add_cpuinit_latent_entropy
-+#define add_meminit_latent_entropy
-+#else
+#define add_init_latent_entropy __latent_entropy
+
+#ifdef CONFIG_HOTPLUG
@@ -72607,7 +72626,6 @@ index 9146f39..23fa1ea 100644
+#else
+#define add_meminit_latent_entropy __latent_entropy
+#endif
-+#endif
+
/* These are for everybody (although not all archs will actually
discard it in modules) */
@@ -72616,7 +72634,7 @@ index 9146f39..23fa1ea 100644
#define __initdata __section(.init.data)
#define __initconst __section(.init.rodata)
#define __exitdata __section(.exit.data)
-@@ -82,7 +109,7 @@
+@@ -82,7 +102,7 @@
#define __exit __section(.exit.text) __exitused __cold notrace
/* Used for HOTPLUG */
@@ -72625,7 +72643,7 @@ index 9146f39..23fa1ea 100644
#define __devinitdata __section(.devinit.data)
#define __devinitconst __section(.devinit.rodata)
#define __devexit __section(.devexit.text) __exitused __cold notrace
-@@ -90,7 +117,7 @@
+@@ -90,7 +110,7 @@
#define __devexitconst __section(.devexit.rodata)
/* Used for HOTPLUG_CPU */
@@ -72634,7 +72652,7 @@ index 9146f39..23fa1ea 100644
#define __cpuinitdata __section(.cpuinit.data)
#define __cpuinitconst __section(.cpuinit.rodata)
#define __cpuexit __section(.cpuexit.text) __exitused __cold notrace
-@@ -98,7 +125,7 @@
+@@ -98,7 +118,7 @@
#define __cpuexitconst __section(.cpuexit.rodata)
/* Used for MEMORY_HOTPLUG */
@@ -74015,10 +74033,27 @@ index 800f113..12c82ec 100644
}
diff --git a/include/linux/random.h b/include/linux/random.h
-index 29e217a..1dee1dd 100644
+index 29e217a..a2b27bc 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
-@@ -71,12 +71,17 @@ void srandom32(u32 seed);
+@@ -51,6 +51,16 @@ struct rnd_state {
+ extern void rand_initialize_irq(int irq);
+
+ extern void add_device_randomness(const void *, unsigned int);
++
++static inline void add_latent_entropy(void)
++{
++
++#ifdef LATENT_ENTROPY_PLUGIN
++ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy));
++#endif
++
++}
++
+ extern void add_input_randomness(unsigned int type, unsigned int code,
+ unsigned int value);
+ extern void add_interrupt_randomness(int irq, int irq_flags);
+@@ -71,12 +81,17 @@ void srandom32(u32 seed);
u32 prandom32(struct rnd_state *);
@@ -74507,7 +74542,7 @@ index 899fbb4..1cb4138 100644
#define VIDEO_TYPE_MDA 0x10 /* Monochrome Text Display */
diff --git a/include/linux/security.h b/include/linux/security.h
-index e8c619d..a06aa39 100644
+index e8c619d..ff41b06 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -37,6 +37,7 @@
@@ -74518,7 +74553,16 @@ index e8c619d..a06aa39 100644
#include <net/flow.h>
/* Maximum number of letters for an LSM name string */
-@@ -1676,6 +1677,8 @@ int security_capset(struct cred *new, const struct cred *old,
+@@ -98,8 +99,6 @@ struct seq_file;
+ extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
+ extern int cap_netlink_recv(struct sk_buff *skb, int cap);
+
+-void reset_security_ops(void);
+-
+ #ifdef CONFIG_MMU
+ extern unsigned long mmap_min_addr;
+ extern unsigned long dac_mmap_min_addr;
+@@ -1676,6 +1675,8 @@ int security_capset(struct cred *new, const struct cred *old,
const kernel_cap_t *permitted);
int security_capable(struct user_namespace *ns, const struct cred *cred,
int cap);
@@ -74527,7 +74571,7 @@ index e8c619d..a06aa39 100644
int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,
int cap);
int security_real_capable_noaudit(struct task_struct *tsk,
-@@ -1880,6 +1883,12 @@ static inline int security_capable(struct user_namespace *ns,
+@@ -1880,6 +1881,12 @@ static inline int security_capable(struct user_namespace *ns,
return cap_capable(current, cred, ns, cap, SECURITY_CAP_AUDIT);
}
@@ -76304,10 +76348,18 @@ index fe46019..1422c5a 100644
#define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0]))
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
-index 921f627..4ec32de 100644
+index 921f627..3744fe8 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
-@@ -298,7 +298,7 @@ struct xfrm_policy_afinfo {
+@@ -282,7 +282,6 @@ struct xfrm_dst;
+ struct xfrm_policy_afinfo {
+ unsigned short family;
+ struct dst_ops *dst_ops;
+- void (*garbage_collect)(struct net *net);
+ struct dst_entry *(*dst_lookup)(struct net *net, int tos,
+ const xfrm_address_t *saddr,
+ const xfrm_address_t *daddr);
+@@ -298,7 +297,7 @@ struct xfrm_policy_afinfo {
struct net_device *dev,
const struct flowi *fl);
struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig);
@@ -76316,7 +76368,7 @@ index 921f627..4ec32de 100644
extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo);
extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo);
-@@ -334,7 +334,7 @@ struct xfrm_state_afinfo {
+@@ -334,7 +333,7 @@ struct xfrm_state_afinfo {
struct sk_buff *skb);
int (*transport_finish)(struct sk_buff *skb,
int async);
@@ -76325,7 +76377,7 @@ index 921f627..4ec32de 100644
extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo);
extern int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo);
-@@ -417,7 +417,7 @@ struct xfrm_mode {
+@@ -417,7 +416,7 @@ struct xfrm_mode {
struct module *owner;
unsigned int encap;
int flags;
@@ -76334,7 +76386,7 @@ index 921f627..4ec32de 100644
/* Flags for xfrm_mode. */
enum {
-@@ -508,7 +508,7 @@ struct xfrm_policy {
+@@ -508,7 +507,7 @@ struct xfrm_policy {
struct timer_list timer;
struct flow_cache_object flo;
@@ -76343,6 +76395,25 @@ index 921f627..4ec32de 100644
u32 priority;
u32 index;
struct xfrm_mark mark;
+@@ -1141,6 +1140,8 @@ static inline void xfrm_sk_free_policy(struct sock *sk)
+ }
+ }
+
++extern void xfrm_garbage_collect_deferred(struct net *net);
++
+ #else
+
+ static inline void xfrm_sk_free_policy(struct sock *sk) {}
+@@ -1175,6 +1176,9 @@ static inline int xfrm6_policy_check_reverse(struct sock *sk, int dir,
+ {
+ return 1;
+ }
++static inline void xfrm_garbage_collect_deferred(struct net *net)
++{
++}
+ #endif
+
+ static __inline__
diff --git a/include/rdma/iw_cm.h b/include/rdma/iw_cm.h
index 1a046b1..ee0bef0 100644
--- a/include/rdma/iw_cm.h
@@ -76912,7 +76983,7 @@ index 2531811..4f036c4 100644
#ifdef CONFIG_BLK_DEV_RAM
int fd;
diff --git a/init/main.c b/init/main.c
-index 5d0eb1d..19ff85b 100644
+index 5d0eb1d..8255113 100644
--- a/init/main.c
+++ b/init/main.c
@@ -96,6 +96,8 @@ static inline void mark_rodata_ro(void) { }
@@ -76997,7 +77068,7 @@ index 5d0eb1d..19ff85b 100644
if (initcall_debug)
ret = do_one_initcall_debug(fn);
-@@ -690,15 +751,15 @@ int __init_or_module do_one_initcall(initcall_t fn)
+@@ -690,17 +751,18 @@ int __init_or_module do_one_initcall(initcall_t fn)
sprintf(msgbuf, "error code %d ", ret);
if (preempt_count() != count) {
@@ -77016,40 +77087,11 @@ index 5d0eb1d..19ff85b 100644
+ printk("initcall %pF returned with %s%s%s\n", fn, msgbuf, msg1, msg2);
}
++ add_latent_entropy();
return ret;
-@@ -711,8 +772,14 @@ static void __init do_initcalls(void)
- {
- initcall_t *fn;
-
-- for (fn = __early_initcall_end; fn < __initcall_end; fn++)
-+ for (fn = __early_initcall_end; fn < __initcall_end; fn++) {
- do_one_initcall(*fn);
-+
-+#ifdef LATENT_ENTROPY_PLUGIN
-+ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy));
-+#endif
-+
-+ }
- }
-
- /*
-@@ -738,8 +805,14 @@ static void __init do_pre_smp_initcalls(void)
- {
- initcall_t *fn;
-
-- for (fn = __initcall_start; fn < __early_initcall_end; fn++)
-+ for (fn = __initcall_start; fn < __early_initcall_end; fn++) {
- do_one_initcall(*fn);
-+
-+#ifdef LATENT_ENTROPY_PLUGIN
-+ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy));
-+#endif
-+
-+ }
}
- static void run_init_process(const char *init_filename)
-@@ -821,7 +894,7 @@ static int __init kernel_init(void * unused)
+@@ -821,7 +883,7 @@ static int __init kernel_init(void * unused)
do_basic_setup();
/* Open the /dev/console on the rootfs, this should never fail */
@@ -77058,7 +77100,7 @@ index 5d0eb1d..19ff85b 100644
printk(KERN_WARNING "Warning: unable to open an initial console.\n");
(void) sys_dup(0);
-@@ -834,11 +907,13 @@ static int __init kernel_init(void * unused)
+@@ -834,11 +896,13 @@ static int __init kernel_init(void * unused)
if (!ramdisk_execute_command)
ramdisk_execute_command = "/init";
@@ -78110,7 +78152,7 @@ index 234e152..0ae0243 100644
{
struct signal_struct *sig = current->signal;
diff --git a/kernel/fork.c b/kernel/fork.c
-index ce0c182..16fd1e0 100644
+index ce0c182..360568a 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -270,19 +270,24 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
@@ -78146,11 +78188,15 @@ index ce0c182..16fd1e0 100644
}
#ifdef CONFIG_MMU
+-static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+static struct vm_area_struct *dup_vma(struct mm_struct *mm, struct vm_area_struct *mpnt)
-+{
+ {
+- struct vm_area_struct *mpnt, *tmp, *prev, **pprev;
+- struct rb_node **rb_link, *rb_parent;
+- int retval;
+ struct vm_area_struct *tmp;
-+ unsigned long charge;
-+ struct mempolicy *pol;
+ unsigned long charge;
+ struct mempolicy *pol;
+ struct file *file;
+
+ charge = 0;
@@ -78213,13 +78259,11 @@ index ce0c182..16fd1e0 100644
+ return NULL;
+}
+
- static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
- {
- struct vm_area_struct *mpnt, *tmp, *prev, **pprev;
- struct rb_node **rb_link, *rb_parent;
- int retval;
-- unsigned long charge;
-- struct mempolicy *pol;
++static __latent_entropy int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
++{
++ struct vm_area_struct *mpnt, *tmp, *prev, **pprev;
++ struct rb_node **rb_link, *rb_parent;
++ int retval;
down_write(&oldmm->mmap_sem);
flush_cache_dup_mm(oldmm);
@@ -78399,6 +78443,15 @@ index ce0c182..16fd1e0 100644
return 0;
}
+@@ -1047,7 +1114,7 @@ static void posix_cpu_timers_init(struct task_struct *tsk)
+ * parts of the process environment (as per the clone
+ * flags). The actual kick-off is left to the caller.
+ */
+-static struct task_struct *copy_process(unsigned long clone_flags,
++static __latent_entropy struct task_struct *copy_process(unsigned long clone_flags,
+ unsigned long stack_start,
+ struct pt_regs *regs,
+ unsigned long stack_size,
@@ -1104,10 +1171,13 @@ static struct task_struct *copy_process(unsigned long clone_flags,
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
#endif
@@ -78436,7 +78489,15 @@ index ce0c182..16fd1e0 100644
return ERR_PTR(retval);
}
-@@ -1521,6 +1598,8 @@ long do_fork(unsigned long clone_flags,
+@@ -1507,6 +1584,7 @@ long do_fork(unsigned long clone_flags,
+
+ p = copy_process(clone_flags, stack_start, regs, stack_size,
+ child_tidptr, NULL, trace);
++ add_latent_entropy();
+ /*
+ * Do this prior waking up the new thread - the thread pointer
+ * might get invalid after that point, if the thread exits quickly.
+@@ -1521,6 +1599,8 @@ long do_fork(unsigned long clone_flags,
if (clone_flags & CLONE_PARENT_SETTID)
put_user(nr, parent_tidptr);
@@ -78445,7 +78506,7 @@ index ce0c182..16fd1e0 100644
if (clone_flags & CLONE_VFORK) {
p->vfork_done = &vfork;
init_completion(&vfork);
-@@ -1591,7 +1670,7 @@ void __init proc_caches_init(void)
+@@ -1591,7 +1671,7 @@ void __init proc_caches_init(void)
mm_cachep = kmem_cache_create("mm_struct",
sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,
SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL);
@@ -78454,7 +78515,7 @@ index ce0c182..16fd1e0 100644
mmap_init();
nsproxy_cache_init();
}
-@@ -1630,7 +1709,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
+@@ -1630,7 +1710,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
return 0;
/* don't need lock here; in the worst case we'll do useless copy */
@@ -78463,7 +78524,7 @@ index ce0c182..16fd1e0 100644
return 0;
*new_fsp = copy_fs_struct(fs);
-@@ -1719,7 +1798,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
+@@ -1719,7 +1799,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
fs = current->fs;
spin_lock(&fs->lock);
current->fs = new_fs;
@@ -86882,10 +86943,30 @@ index 5a688a2..fffb9f6 100644
if (nstart < prev->vm_end)
diff --git a/mm/mremap.c b/mm/mremap.c
-index d6959cb..c9e1e45 100644
+index d6959cb..51051b9 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
-@@ -106,6 +106,12 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd,
+@@ -23,6 +23,7 @@
+ #include <asm/uaccess.h>
+ #include <asm/cacheflush.h>
+ #include <asm/tlbflush.h>
++#include <asm/pgalloc.h>
+
+ #include "internal.h"
+
+@@ -60,8 +61,10 @@ static pmd_t *alloc_new_pmd(struct mm_struct *mm, struct vm_area_struct *vma,
+ return NULL;
+
+ pmd = pmd_alloc(mm, pud, addr);
+- if (!pmd)
++ if (!pmd) {
++ pud_free(mm, pud);
+ return NULL;
++ }
+
+ VM_BUG_ON(pmd_trans_huge(*pmd));
+
+@@ -106,6 +109,12 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd,
continue;
pte = ptep_get_and_clear(mm, old_addr, old_pte);
pte = move_pte(pte, new_vma->vm_page_prot, old_addr, new_addr);
@@ -86898,7 +86979,7 @@ index d6959cb..c9e1e45 100644
set_pte_at(mm, new_addr, new_pte, pte);
}
-@@ -251,7 +257,6 @@ static unsigned long move_vma(struct vm_area_struct *vma,
+@@ -251,7 +260,6 @@ static unsigned long move_vma(struct vm_area_struct *vma,
* If this were a serious issue, we'd add a flag to do_munmap().
*/
hiwater_vm = mm->hiwater_vm;
@@ -86906,7 +86987,7 @@ index d6959cb..c9e1e45 100644
vm_stat_account(mm, vma->vm_flags, vma->vm_file, new_len>>PAGE_SHIFT);
if (do_munmap(mm, old_addr, old_len) < 0) {
-@@ -290,6 +295,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
+@@ -290,6 +298,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
if (is_vm_hugetlb_page(vma))
goto Einval;
@@ -86918,7 +86999,7 @@ index d6959cb..c9e1e45 100644
/* We can't remap across vm area boundaries */
if (old_len > vma->vm_end - addr)
goto Efault;
-@@ -346,20 +356,25 @@ static unsigned long mremap_to(unsigned long addr,
+@@ -346,20 +359,25 @@ static unsigned long mremap_to(unsigned long addr,
unsigned long ret = -EINVAL;
unsigned long charged = 0;
unsigned long map_flags;
@@ -86949,7 +87030,7 @@ index d6959cb..c9e1e45 100644
goto out;
ret = security_file_mmap(NULL, 0, 0, 0, new_addr, 1);
-@@ -431,6 +446,7 @@ unsigned long do_mremap(unsigned long addr,
+@@ -431,6 +449,7 @@ unsigned long do_mremap(unsigned long addr,
struct vm_area_struct *vma;
unsigned long ret = -EINVAL;
unsigned long charged = 0;
@@ -86957,7 +87038,7 @@ index d6959cb..c9e1e45 100644
if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE))
goto out;
-@@ -449,6 +465,17 @@ unsigned long do_mremap(unsigned long addr,
+@@ -449,6 +468,17 @@ unsigned long do_mremap(unsigned long addr,
if (!new_len)
goto out;
@@ -86975,7 +87056,7 @@ index d6959cb..c9e1e45 100644
if (flags & MREMAP_FIXED) {
if (flags & MREMAP_MAYMOVE)
ret = mremap_to(addr, old_len, new_addr, new_len);
-@@ -490,7 +517,6 @@ unsigned long do_mremap(unsigned long addr,
+@@ -490,7 +520,6 @@ unsigned long do_mremap(unsigned long addr,
goto out;
}
@@ -86983,7 +87064,7 @@ index d6959cb..c9e1e45 100644
vm_stat_account(mm, vma->vm_flags, vma->vm_file, pages);
if (vma->vm_flags & VM_LOCKED) {
mm->locked_vm += pages;
-@@ -498,6 +524,7 @@ unsigned long do_mremap(unsigned long addr,
+@@ -498,6 +527,7 @@ unsigned long do_mremap(unsigned long addr,
addr + new_len);
}
ret = addr;
@@ -86991,7 +87072,7 @@ index d6959cb..c9e1e45 100644
goto out;
}
}
-@@ -524,7 +551,13 @@ unsigned long do_mremap(unsigned long addr,
+@@ -524,7 +554,13 @@ unsigned long do_mremap(unsigned long addr,
ret = security_file_mmap(NULL, 0, 0, 0, new_addr, 1);
if (ret)
goto out;
@@ -87132,7 +87213,7 @@ index ea3f83b..001a216 100644
.next = NULL,
};
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
-index b5afea2..fb9fd83 100644
+index b5afea2..762ffa1 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -57,6 +57,7 @@
@@ -87176,7 +87257,7 @@ index b5afea2..fb9fd83 100644
arch_free_page(page, order);
kernel_map_pages(page, 1 << order, 0);
-@@ -692,6 +703,19 @@ static void __free_pages_ok(struct page *page, unsigned int order)
+@@ -692,6 +703,20 @@ static void __free_pages_ok(struct page *page, unsigned int order)
local_irq_restore(flags);
}
@@ -87191,12 +87272,13 @@ index b5afea2..fb9fd83 100644
+early_param("pax_extra_latent_entropy", setup_pax_extra_latent_entropy);
+
+volatile u64 latent_entropy;
++EXPORT_SYMBOL(latent_entropy);
+#endif
+
/*
* permit the bootmem allocator to evade page validation on high-order frees
*/
-@@ -715,6 +739,19 @@ void __meminit __free_pages_bootmem(struct page *page, unsigned int order)
+@@ -715,6 +740,19 @@ void __meminit __free_pages_bootmem(struct page *page, unsigned int order)
set_page_count(p, 0);
}
@@ -87216,7 +87298,7 @@ index b5afea2..fb9fd83 100644
set_page_refcounted(page);
__free_pages(page, order);
}
-@@ -784,8 +821,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags)
+@@ -784,8 +822,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags)
arch_alloc_page(page, order);
kernel_map_pages(page, 1 << order, 1);
@@ -91776,6 +91858,24 @@ index 5decc93..79830d4 100644
}
int udp4_seq_show(struct seq_file *seq, void *v)
+diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
+index a0b4c5d..a5818a1 100644
+--- a/net/ipv4/xfrm4_policy.c
++++ b/net/ipv4/xfrm4_policy.c
+@@ -190,11 +190,11 @@ _decode_session4(struct sk_buff *skb, struct flowi *fl, int reverse)
+ fl4->flowi4_tos = iph->tos;
+ }
+
+-static inline int xfrm4_garbage_collect(struct dst_ops *ops)
++static int xfrm4_garbage_collect(struct dst_ops *ops)
+ {
+ struct net *net = container_of(ops, struct net, xfrm.xfrm4_dst_ops);
+
+- xfrm4_policy_afinfo.garbage_collect(net);
++ xfrm_garbage_collect_deferred(net);
+ return (dst_entries_get_slow(ops) > ops->gc_thresh * 2);
+ }
+
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 314bda2..19a815f 100644
--- a/net/ipv6/addrconf.c
@@ -92307,6 +92407,24 @@ index f9e496b..729da61 100644
}
int udp6_seq_show(struct seq_file *seq, void *v)
+diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
+index db78e7d..c88f974 100644
+--- a/net/ipv6/xfrm6_policy.c
++++ b/net/ipv6/xfrm6_policy.c
+@@ -202,11 +202,11 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse)
+ }
+ }
+
+-static inline int xfrm6_garbage_collect(struct dst_ops *ops)
++static int xfrm6_garbage_collect(struct dst_ops *ops)
+ {
+ struct net *net = container_of(ops, struct net, xfrm.xfrm6_dst_ops);
+
+- xfrm6_policy_afinfo.garbage_collect(net);
++ xfrm_garbage_collect_deferred(net);
+ return dst_entries_get_fast(ops) > ops->gc_thresh * 2;
+ }
+
diff --git a/net/irda/ircomm/ircomm_tty.c b/net/irda/ircomm/ircomm_tty.c
index 253695d..9481ce8 100644
--- a/net/irda/ircomm/ircomm_tty.c
@@ -94125,7 +94243,7 @@ index 7635107..4670276 100644
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len);
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
-index 8104278..7aed9a7 100644
+index 8104278..c969717 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -205,45 +205,23 @@ out:
@@ -94175,7 +94293,7 @@ index 8104278..7aed9a7 100644
skb->local_df = 1;
- return ip6_xmit(sk, skb, &fl6, np->opt, np->tclass);
-+ SCTP_INC_STATS(sock_net(sk), SCTP_MIB_OUTSCTPPACKS);
++ SCTP_INC_STATS(SCTP_MIB_OUTSCTPPACKS);
+
+ return ip6_xmit(sk, skb, fl6, np->opt, np->tclass);
}
@@ -95673,7 +95791,7 @@ index 0af7f54..c916d2f 100644
iwp->length += essid_compat;
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
-index 113d20e..16d8f04 100644
+index 113d20e..2bb5a4e 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -299,7 +299,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy)
@@ -95730,7 +95848,21 @@ index 113d20e..16d8f04 100644
return xdst;
}
-@@ -2348,7 +2348,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
+@@ -2297,11 +2297,12 @@ static void xfrm_garbage_collect(struct net *net)
+ __xfrm_garbage_collect(net);
+ }
+
+-static void xfrm_garbage_collect_deferred(struct net *net)
++void xfrm_garbage_collect_deferred(struct net *net)
+ {
+ flow_cache_flush_deferred();
+ __xfrm_garbage_collect(net);
+ }
++EXPORT_SYMBOL(xfrm_garbage_collect_deferred);
+
+ static void xfrm_init_pmtu(struct dst_entry *dst)
+ {
+@@ -2348,7 +2349,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
if (xdst->xfrm_genid != dst->xfrm->genid)
return 0;
if (xdst->num_pols > 0 &&
@@ -95739,32 +95871,24 @@ index 113d20e..16d8f04 100644
return 0;
mtu = dst_mtu(dst->child);
-@@ -2434,8 +2434,11 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
+@@ -2434,8 +2435,6 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
dst_ops->link_failure = xfrm_link_failure;
if (likely(dst_ops->neigh_lookup == NULL))
dst_ops->neigh_lookup = xfrm_neigh_lookup;
- if (likely(afinfo->garbage_collect == NULL))
- afinfo->garbage_collect = xfrm_garbage_collect_deferred;
-+ if (likely(afinfo->garbage_collect == NULL)) {
-+ pax_open_kernel();
-+ *(void **)&afinfo->garbage_collect = xfrm_garbage_collect_deferred;
-+ pax_close_kernel();
-+ }
xfrm_policy_afinfo[afinfo->family] = afinfo;
}
write_unlock_bh(&xfrm_policy_afinfo_lock);
-@@ -2482,7 +2485,9 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
+@@ -2482,7 +2481,6 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo)
dst_ops->check = NULL;
dst_ops->negative_advice = NULL;
dst_ops->link_failure = NULL;
- afinfo->garbage_collect = NULL;
-+ pax_open_kernel();
-+ *(void **)&afinfo->garbage_collect = NULL;
-+ pax_close_kernel();
}
}
write_unlock_bh(&xfrm_policy_afinfo_lock);
-@@ -2692,7 +2697,7 @@ static void __net_exit xfrm_net_exit(struct net *net)
+@@ -2692,7 +2690,7 @@ static void __net_exit xfrm_net_exit(struct net *net)
xfrm_statistics_fini(net);
}
@@ -95773,7 +95897,7 @@ index 113d20e..16d8f04 100644
.init = xfrm_net_init,
.exit = xfrm_net_exit,
};
-@@ -2885,7 +2890,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
+@@ -2885,7 +2883,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
sizeof(pol->xfrm_vec[i].saddr));
pol->xfrm_vec[i].encap_family = mp->new_family;
/* flush bundles */
@@ -95912,6 +96036,19 @@ index 05640bc..b67eaaa 100644
__xfrm_sysctl_init(net);
+diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
+index ede01a8..d7fdd07 100644
+--- a/net/xfrm/xfrm_user.c
++++ b/net/xfrm/xfrm_user.c
+@@ -1816,7 +1816,7 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
+ if (x->km.state != XFRM_STATE_VALID)
+ goto out;
+
+- err = xfrm_replay_verify_len(x->replay_esn, rp);
++ err = xfrm_replay_verify_len(x->replay_esn, re);
+ if (err)
+ goto out;
+
diff --git a/scripts/Makefile.build b/scripts/Makefile.build
index d2b366c..2d5a6f8 100644
--- a/scripts/Makefile.build
@@ -98596,7 +98733,7 @@ index f728728..6457a0c 100644
/*
diff --git a/security/security.c b/security/security.c
-index e2f684a..57eb484 100644
+index e2f684a..1649b69 100644
--- a/security/security.c
+++ b/security/security.c
@@ -26,8 +26,8 @@
@@ -98605,30 +98742,24 @@ index e2f684a..57eb484 100644
-static struct security_operations *security_ops;
-static struct security_operations default_security_ops = {
-+static struct security_operations *security_ops __read_only;
-+static struct security_operations default_security_ops __read_only = {
++struct security_operations *security_ops __read_only;
++struct security_operations default_security_ops __read_only = {
.name = "default",
};
-@@ -66,11 +66,17 @@ int __init security_init(void)
+@@ -66,11 +66,6 @@ int __init security_init(void)
return 0;
}
-+#ifdef CONFIG_SECURITY_SELINUX_DISABLE
-+
- void reset_security_ops(void)
- {
-+ pax_open_kernel();
- security_ops = &default_security_ops;
-+ pax_close_kernel();
- }
-
-+#endif
-+
+-void reset_security_ops(void)
+-{
+- security_ops = &default_security_ops;
+-}
+-
/* Save user chosen LSM */
static int __init choose_lsm(char *str)
{
-@@ -162,6 +168,13 @@ int security_capable(struct user_namespace *ns, const struct cred *cred,
+@@ -162,6 +157,13 @@ int security_capable(struct user_namespace *ns, const struct cred *cred,
SECURITY_CAP_AUDIT);
}
@@ -98674,7 +98805,7 @@ index dca1c22..4fa4591 100644
lock = &avc_cache.slots_lock[hvalue];
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
-index 1126c10..effb32b 100644
+index 1126c10..3684fc7 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -94,8 +94,6 @@
@@ -98695,6 +98826,27 @@ index 1126c10..effb32b 100644
.name = "selinux",
.ptrace_access_check = selinux_ptrace_access_check,
+@@ -5795,6 +5793,9 @@ static void selinux_nf_ip_exit(void)
+ #ifdef CONFIG_SECURITY_SELINUX_DISABLE
+ static int selinux_disabled;
+
++extern struct security_operations *security_ops;
++extern struct security_operations default_security_ops;
++
+ int selinux_disable(void)
+ {
+ if (ss_initialized) {
+@@ -5812,7 +5813,9 @@ int selinux_disable(void)
+ selinux_disabled = 1;
+ selinux_enabled = 0;
+
+- reset_security_ops();
++ pax_open_kernel();
++ security_ops = &default_security_ops;
++ pax_close_kernel();
+
+ /* Try to destroy the avc node cache */
+ avc_disable();
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h
index b43813c..74be837 100644
--- a/security/selinux/include/xfrm.h
@@ -100537,7 +100689,7 @@ index 0000000..568b360
+}
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c
new file mode 100644
-index 0000000..257529f
+index 0000000..698da67
--- /dev/null
+++ b/tools/gcc/kernexec_plugin.c
@@ -0,0 +1,471 @@
@@ -100808,9 +100960,9 @@ index 0000000..257529f
+ new_fptr = make_ssa_name(new_fptr, NULL);
+
+ // build asm volatile("orq %%r10, %0\n\t" : "=r"(new_fptr) : "0"(old_fptr));
-+ input = build_tree_list(NULL_TREE, build_string(2, "0"));
++ input = build_tree_list(NULL_TREE, build_string(1, "0"));
+ input = chainon(NULL_TREE, build_tree_list(input, old_fptr));
-+ output = build_tree_list(NULL_TREE, build_string(3, "=r"));
++ output = build_tree_list(NULL_TREE, build_string(2, "=r"));
+ output = chainon(NULL_TREE, build_tree_list(output, new_fptr));
+#if BUILDING_GCC_VERSION <= 4007
+ VEC_safe_push(tree, gc, inputs, input);