summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--2.6.32/0000_README2
-rw-r--r--2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105182052.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105111839.patch)3117
-rw-r--r--2.6.32/4422_grsec-mute-warnings.patch8
-rw-r--r--2.6.38/0000_README2
-rw-r--r--2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105182052.patch (renamed from 2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105111839.patch)3703
-rw-r--r--2.6.38/4422_grsec-mute-warnings.patch10
6 files changed, 6118 insertions, 724 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index f11f999..671630b 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.2-2.6.32.40-201105111839.patch
+Patch: 4420_grsecurity-2.2.2-2.6.32.40-201105182052.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105111839.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105182052.patch
index 21584b3..684a24c 100644
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105111839.patch
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.40-201105182052.patch
@@ -3552,6 +3552,18 @@ diff -urNp linux-2.6.32.40/arch/sparc/include/asm/atomic_64.h linux-2.6.32.40/ar
}
#define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0)
+diff -urNp linux-2.6.32.40/arch/sparc/include/asm/cache.h linux-2.6.32.40/arch/sparc/include/asm/cache.h
+--- linux-2.6.32.40/arch/sparc/include/asm/cache.h 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/arch/sparc/include/asm/cache.h 2011-05-17 19:26:34.000000000 -0400
+@@ -8,7 +8,7 @@
+ #define _SPARC_CACHE_H
+
+ #define L1_CACHE_SHIFT 5
+-#define L1_CACHE_BYTES 32
++#define L1_CACHE_BYTES 32U
+ #define L1_CACHE_ALIGN(x) ((((x)+(L1_CACHE_BYTES-1))&~(L1_CACHE_BYTES-1)))
+
+ #ifdef CONFIG_SPARC32
diff -urNp linux-2.6.32.40/arch/sparc/include/asm/dma-mapping.h linux-2.6.32.40/arch/sparc/include/asm/dma-mapping.h
--- linux-2.6.32.40/arch/sparc/include/asm/dma-mapping.h 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/arch/sparc/include/asm/dma-mapping.h 2011-04-17 15:56:46.000000000 -0400
@@ -4613,6 +4625,18 @@ diff -urNp linux-2.6.32.40/arch/sparc/lib/ksyms.c linux-2.6.32.40/arch/sparc/lib
EXPORT_SYMBOL(atomic64_sub_ret);
/* Atomic bit operations. */
+diff -urNp linux-2.6.32.40/arch/sparc/lib/Makefile linux-2.6.32.40/arch/sparc/lib/Makefile
+--- linux-2.6.32.40/arch/sparc/lib/Makefile 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/arch/sparc/lib/Makefile 2011-05-17 19:26:34.000000000 -0400
+@@ -2,7 +2,7 @@
+ #
+
+ asflags-y := -ansi -DST_DIV0=0x02
+-ccflags-y := -Werror
++#ccflags-y := -Werror
+
+ lib-$(CONFIG_SPARC32) += mul.o rem.o sdiv.o udiv.o umul.o urem.o ashrdi3.o
+ lib-$(CONFIG_SPARC32) += memcpy.o memset.o
diff -urNp linux-2.6.32.40/arch/sparc/lib/rwsem_64.S linux-2.6.32.40/arch/sparc/lib/rwsem_64.S
--- linux-2.6.32.40/arch/sparc/lib/rwsem_64.S 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/arch/sparc/lib/rwsem_64.S 2011-04-17 15:56:46.000000000 -0400
@@ -6246,7 +6270,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32_aout.c linux-2.6.32.40/arch/x86/ia
return has_dumped;
diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia32/ia32entry.S
--- linux-2.6.32.40/arch/x86/ia32/ia32entry.S 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/ia32/ia32entry.S 2011-05-11 18:25:12.000000000 -0400
++++ linux-2.6.32.40/arch/x86/ia32/ia32entry.S 2011-05-16 21:46:57.000000000 -0400
@@ -13,6 +13,7 @@
#include <asm/thread_info.h>
#include <asm/segment.h>
@@ -6255,7 +6279,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
#include <linux/linkage.h>
/* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
-@@ -93,6 +94,28 @@ ENTRY(native_irq_enable_sysexit)
+@@ -93,6 +94,26 @@ ENTRY(native_irq_enable_sysexit)
ENDPROC(native_irq_enable_sysexit)
#endif
@@ -6270,21 +6294,19 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
+ call pax_exit_kernel_user
+#endif
+#ifdef CONFIG_PAX_RANDKSTACK
-+ push %rax
++ pushq %rax
+ call pax_randomize_kstack
-+ pop %rax
++ popq %rax
+#endif
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ push %rax
+ call pax_erase_kstack
-+ pop %rax
+#endif
+ .endm
+
/*
* 32bit SYSENTER instruction entry.
*
-@@ -119,7 +142,7 @@ ENTRY(ia32_sysenter_target)
+@@ -119,7 +140,7 @@ ENTRY(ia32_sysenter_target)
CFI_REGISTER rsp,rbp
SWAPGS_UNSAFE_STACK
movq PER_CPU_VAR(kernel_stack), %rsp
@@ -6293,7 +6315,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
/*
* No need to follow this irqs on/off section: the syscall
* disabled irqs, here we enable it straight after entry:
-@@ -135,7 +158,8 @@ ENTRY(ia32_sysenter_target)
+@@ -135,7 +156,8 @@ ENTRY(ia32_sysenter_target)
pushfq
CFI_ADJUST_CFA_OFFSET 8
/*CFI_REL_OFFSET rflags,0*/
@@ -6303,7 +6325,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
CFI_REGISTER rip,r10
pushq $__USER32_CS
CFI_ADJUST_CFA_OFFSET 8
-@@ -150,6 +174,12 @@ ENTRY(ia32_sysenter_target)
+@@ -150,6 +172,12 @@ ENTRY(ia32_sysenter_target)
SAVE_ARGS 0,0,1
/* no need to do an access_ok check here because rbp has been
32bit zero extended */
@@ -6316,7 +6338,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
1: movl (%rbp),%ebp
.section __ex_table,"a"
.quad 1b,ia32_badarg
-@@ -172,6 +202,7 @@ sysenter_dispatch:
+@@ -172,6 +200,7 @@ sysenter_dispatch:
testl $_TIF_ALLWORK_MASK,TI_flags(%r10)
jnz sysexit_audit
sysexit_from_sys_call:
@@ -6324,7 +6346,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
andl $~TS_COMPAT,TI_status(%r10)
/* clear IF, that popfq doesn't enable interrupts early */
andl $~0x200,EFLAGS-R11(%rsp)
-@@ -283,19 +314,24 @@ ENDPROC(ia32_sysenter_target)
+@@ -283,19 +312,24 @@ ENDPROC(ia32_sysenter_target)
ENTRY(ia32_cstar_target)
CFI_STARTPROC32 simple
CFI_SIGNAL_FRAME
@@ -6351,7 +6373,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
movl %eax,%eax /* zero extension */
movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
movq %rcx,RIP-ARGOFFSET(%rsp)
-@@ -311,6 +347,12 @@ ENTRY(ia32_cstar_target)
+@@ -311,6 +345,12 @@ ENTRY(ia32_cstar_target)
/* no need to do an access_ok check here because r8 has been
32bit zero extended */
/* hardware stack frame is complete now */
@@ -6364,7 +6386,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
1: movl (%r8),%r9d
.section __ex_table,"a"
.quad 1b,ia32_badarg
-@@ -333,6 +375,7 @@ cstar_dispatch:
+@@ -333,6 +373,7 @@ cstar_dispatch:
testl $_TIF_ALLWORK_MASK,TI_flags(%r10)
jnz sysretl_audit
sysretl_from_sys_call:
@@ -6372,7 +6394,7 @@ diff -urNp linux-2.6.32.40/arch/x86/ia32/ia32entry.S linux-2.6.32.40/arch/x86/ia
andl $~TS_COMPAT,TI_status(%r10)
RESTORE_ARGS 1,-ARG_SKIP,1,1,1
movl RIP-ARGOFFSET(%rsp),%ecx
-@@ -415,6 +458,7 @@ ENTRY(ia32_syscall)
+@@ -415,6 +456,7 @@ ENTRY(ia32_syscall)
CFI_REL_OFFSET rip,RIP-RIP
PARAVIRT_ADJUST_EXCEPTION_FRAME
SWAPGS
@@ -9837,7 +9859,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/system.h linux-2.6.32.40/arch/x8
void default_idle(void);
diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/arch/x86/include/asm/thread_info.h
--- linux-2.6.32.40/arch/x86/include/asm/thread_info.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/include/asm/thread_info.h 2011-05-04 17:56:20.000000000 -0400
++++ linux-2.6.32.40/arch/x86/include/asm/thread_info.h 2011-05-17 19:26:34.000000000 -0400
@@ -10,6 +10,7 @@
#include <linux/compiler.h>
#include <asm/page.h>
@@ -9854,7 +9876,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
struct exec_domain *exec_domain; /* execution domain */
__u32 flags; /* low level flags */
__u32 status; /* thread synchronous flags */
-@@ -34,18 +34,11 @@ struct thread_info {
+@@ -34,18 +34,12 @@ struct thread_info {
mm_segment_t addr_limit;
struct restart_block restart_block;
void __user *sysenter_return;
@@ -9864,6 +9886,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
- */
- __u8 supervisor_stack[0];
-#endif
++ unsigned long lowest_stack;
int uaccess_err;
};
@@ -9874,7 +9897,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
.exec_domain = &default_exec_domain, \
.flags = 0, \
.cpu = 0, \
-@@ -56,7 +49,7 @@ struct thread_info {
+@@ -56,7 +50,7 @@ struct thread_info {
}, \
}
@@ -9883,7 +9906,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
#define init_stack (init_thread_union.stack)
#else /* !__ASSEMBLY__ */
-@@ -163,6 +156,23 @@ struct thread_info {
+@@ -163,6 +157,23 @@ struct thread_info {
#define alloc_thread_info(tsk) \
((struct thread_info *)__get_free_pages(THREAD_FLAGS, THREAD_ORDER))
@@ -9907,7 +9930,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
#ifdef CONFIG_X86_32
#define STACK_WARN (THREAD_SIZE/8)
-@@ -173,35 +183,13 @@ struct thread_info {
+@@ -173,35 +184,13 @@ struct thread_info {
*/
#ifndef __ASSEMBLY__
@@ -9943,7 +9966,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
/*
* macros/functions for gaining access to the thread information structure
* preempt_count needs to be 1 initially, until the scheduler is functional.
-@@ -209,21 +197,6 @@ static inline struct thread_info *curren
+@@ -209,21 +198,8 @@ static inline struct thread_info *curren
#ifndef __ASSEMBLY__
DECLARE_PER_CPU(unsigned long, kernel_stack);
@@ -9962,10 +9985,12 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
- movq PER_CPU_VAR(kernel_stack),reg ; \
- subq $(THREAD_SIZE-KERNEL_STACK_OFFSET),reg
-
++/* how to get the current stack pointer from C */
++register unsigned long current_stack_pointer asm("rsp") __used;
#endif
#endif /* !X86_32 */
-@@ -260,5 +233,16 @@ extern void arch_task_cache_init(void);
+@@ -260,5 +236,16 @@ extern void arch_task_cache_init(void);
extern void free_thread_info(struct thread_info *ti);
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src);
#define arch_task_cache_init arch_task_cache_init
@@ -9984,18 +10009,20 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/thread_info.h linux-2.6.32.40/ar
#endif /* _ASM_X86_THREAD_INFO_H */
diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h
--- linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h 2011-04-17 15:56:46.000000000 -0400
-@@ -44,6 +44,9 @@ unsigned long __must_check __copy_from_u
++++ linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h 2011-05-16 21:46:57.000000000 -0400
+@@ -44,6 +44,11 @@ unsigned long __must_check __copy_from_u
static __always_inline unsigned long __must_check
__copy_to_user_inatomic(void __user *to, const void *from, unsigned long n)
{
++ pax_track_stack();
++
+ if ((long)n < 0)
+ return n;
+
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -62,6 +65,8 @@ __copy_to_user_inatomic(void __user *to,
+@@ -62,6 +67,8 @@ __copy_to_user_inatomic(void __user *to,
return ret;
}
}
@@ -10004,7 +10031,14 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arc
return __copy_to_user_ll(to, from, n);
}
-@@ -89,6 +94,9 @@ __copy_to_user(void __user *to, const vo
+@@ -83,12 +90,16 @@ static __always_inline unsigned long __m
+ __copy_to_user(void __user *to, const void *from, unsigned long n)
+ {
+ might_fault();
++
+ return __copy_to_user_inatomic(to, from, n);
+ }
+
static __always_inline unsigned long
__copy_from_user_inatomic(void *to, const void __user *from, unsigned long n)
{
@@ -10014,18 +10048,20 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arc
/* Avoid zeroing the tail if the copy fails..
* If 'n' is constant and 1, 2, or 4, we do still zero on a failure,
* but as the zeroing behaviour is only significant when n is not
-@@ -138,6 +146,10 @@ static __always_inline unsigned long
+@@ -138,6 +149,12 @@ static __always_inline unsigned long
__copy_from_user(void *to, const void __user *from, unsigned long n)
{
might_fault();
+
++ pax_track_stack();
++
+ if ((long)n < 0)
+ return n;
+
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -153,6 +165,8 @@ __copy_from_user(void *to, const void __
+@@ -153,6 +170,8 @@ __copy_from_user(void *to, const void __
return ret;
}
}
@@ -10034,7 +10070,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arc
return __copy_from_user_ll(to, from, n);
}
-@@ -160,6 +174,10 @@ static __always_inline unsigned long __c
+@@ -160,6 +179,10 @@ static __always_inline unsigned long __c
const void __user *from, unsigned long n)
{
might_fault();
@@ -10045,7 +10081,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arc
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -182,14 +200,62 @@ static __always_inline unsigned long
+@@ -182,14 +205,62 @@ static __always_inline unsigned long
__copy_from_user_inatomic_nocache(void *to, const void __user *from,
unsigned long n)
{
@@ -10116,7 +10152,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_32.h linux-2.6.32.40/arc
long __must_check __strncpy_from_user(char *dst,
diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h
--- linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h 2011-05-04 17:56:20.000000000 -0400
++++ linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h 2011-05-16 21:46:57.000000000 -0400
@@ -9,6 +9,9 @@
#include <linux/prefetch.h>
#include <linux/lockdep.h>
@@ -10127,7 +10163,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
/*
* Copy To/From Userspace
-@@ -19,113 +22,199 @@ __must_check unsigned long
+@@ -19,113 +22,203 @@ __must_check unsigned long
copy_user_generic(void *to, const void *from, unsigned len);
__must_check unsigned long
@@ -10227,6 +10263,8 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
might_fault();
- if (!__builtin_constant_p(size))
+
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
+
@@ -10329,6 +10367,8 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
might_fault();
- if (!__builtin_constant_p(size))
+
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
+
@@ -10360,7 +10400,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
ret, "b", "b", "=q", 1);
if (likely(!ret))
__put_user_asm(tmp, (u8 __user *)dst,
-@@ -134,7 +223,7 @@ int __copy_in_user(void __user *dst, con
+@@ -134,7 +227,7 @@ int __copy_in_user(void __user *dst, con
}
case 2: {
u16 tmp;
@@ -10369,7 +10409,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
ret, "w", "w", "=r", 2);
if (likely(!ret))
__put_user_asm(tmp, (u16 __user *)dst,
-@@ -144,7 +233,7 @@ int __copy_in_user(void __user *dst, con
+@@ -144,7 +237,7 @@ int __copy_in_user(void __user *dst, con
case 4: {
u32 tmp;
@@ -10378,7 +10418,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
ret, "l", "k", "=r", 4);
if (likely(!ret))
__put_user_asm(tmp, (u32 __user *)dst,
-@@ -153,7 +242,7 @@ int __copy_in_user(void __user *dst, con
+@@ -153,7 +246,7 @@ int __copy_in_user(void __user *dst, con
}
case 8: {
u64 tmp;
@@ -10387,7 +10427,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
ret, "q", "", "=r", 8);
if (likely(!ret))
__put_user_asm(tmp, (u64 __user *)dst,
-@@ -161,8 +250,16 @@ int __copy_in_user(void __user *dst, con
+@@ -161,8 +254,16 @@ int __copy_in_user(void __user *dst, con
return ret;
}
default:
@@ -10405,7 +10445,7 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
}
}
-@@ -176,33 +273,73 @@ __must_check long strlen_user(const char
+@@ -176,33 +277,75 @@ __must_check long strlen_user(const char
__must_check unsigned long clear_user(void __user *mem, unsigned long len);
__must_check unsigned long __clear_user(void __user *mem, unsigned long len);
@@ -10414,6 +10454,8 @@ diff -urNp linux-2.6.32.40/arch/x86/include/asm/uaccess_64.h linux-2.6.32.40/arc
+static __must_check __always_inline unsigned long
+__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size)
+{
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
@@ -11095,7 +11137,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/amd_iommu.c linux-2.6.32.40/arch/x86/
.map_page = map_page,
diff -urNp linux-2.6.32.40/arch/x86/kernel/apic/apic.c linux-2.6.32.40/arch/x86/kernel/apic/apic.c
--- linux-2.6.32.40/arch/x86/kernel/apic/apic.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/apic/apic.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/apic/apic.c 2011-05-16 21:46:57.000000000 -0400
@@ -1794,7 +1794,7 @@ void smp_error_interrupt(struct pt_regs
apic_write(APIC_ESR, 0);
v1 = apic_read(APIC_ESR);
@@ -11105,6 +11147,15 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/apic/apic.c linux-2.6.32.40/arch/x86/
/*
* Here is what the APIC error bits mean:
+@@ -2184,6 +2184,8 @@ static int __cpuinit apic_cluster_num(vo
+ u16 *bios_cpu_apicid;
+ DECLARE_BITMAP(clustermap, NUM_APIC_CLUSTERS);
+
++ pax_track_stack();
++
+ bios_cpu_apicid = early_per_cpu_ptr(x86_bios_cpu_apicid);
+ bitmap_zero(clustermap, NUM_APIC_CLUSTERS);
+
diff -urNp linux-2.6.32.40/arch/x86/kernel/apic/io_apic.c linux-2.6.32.40/arch/x86/kernel/apic/io_apic.c
--- linux-2.6.32.40/arch/x86/kernel/apic/io_apic.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/arch/x86/kernel/apic/io_apic.c 2011-05-04 17:56:20.000000000 -0400
@@ -11247,7 +11298,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/apm_32.c linux-2.6.32.40/arch/x86/ker
diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c
--- linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c 2011-05-11 18:25:24.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c 2011-05-16 21:46:57.000000000 -0400
@@ -51,7 +51,6 @@ void foo(void)
OFFSET(CPUINFO_x86_vendor_id, cpuinfo_x86, x86_vendor_id);
BLANK();
@@ -11256,7 +11307,16 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c linux-2.6.32.40/arch
OFFSET(TI_exec_domain, thread_info, exec_domain);
OFFSET(TI_flags, thread_info, flags);
OFFSET(TI_status, thread_info, status);
-@@ -99,6 +98,7 @@ void foo(void)
+@@ -60,6 +59,8 @@ void foo(void)
+ OFFSET(TI_restart_block, thread_info, restart_block);
+ OFFSET(TI_sysenter_return, thread_info, sysenter_return);
+ OFFSET(TI_cpu, thread_info, cpu);
++ OFFSET(TI_lowest_stack, thread_info, lowest_stack);
++ DEFINE(TI_task_thread_sp0, offsetof(struct task_struct, thread.sp0) - offsetof(struct task_struct, tinfo));
+ BLANK();
+
+ OFFSET(GDS_size, desc_ptr, size);
+@@ -99,6 +100,7 @@ void foo(void)
DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
DEFINE(PAGE_SHIFT_asm, PAGE_SHIFT);
@@ -11264,7 +11324,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c linux-2.6.32.40/arch
DEFINE(PTRS_PER_PTE, PTRS_PER_PTE);
DEFINE(PTRS_PER_PMD, PTRS_PER_PMD);
DEFINE(PTRS_PER_PGD, PTRS_PER_PGD);
-@@ -115,6 +115,11 @@ void foo(void)
+@@ -115,6 +117,11 @@ void foo(void)
OFFSET(PV_CPU_iret, pv_cpu_ops, iret);
OFFSET(PV_CPU_irq_enable_sysexit, pv_cpu_ops, irq_enable_sysexit);
OFFSET(PV_CPU_read_cr0, pv_cpu_ops, read_cr0);
@@ -11278,8 +11338,17 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_32.c linux-2.6.32.40/arch
#ifdef CONFIG_XEN
diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c
--- linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c 2011-05-04 17:56:20.000000000 -0400
-@@ -63,6 +63,18 @@ int main(void)
++++ linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c 2011-05-16 21:46:57.000000000 -0400
+@@ -44,6 +44,8 @@ int main(void)
+ ENTRY(addr_limit);
+ ENTRY(preempt_count);
+ ENTRY(status);
++ ENTRY(lowest_stack);
++ DEFINE(TI_task_thread_sp0, offsetof(struct task_struct, thread.sp0) - offsetof(struct task_struct, tinfo));
+ #ifdef CONFIG_IA32_EMULATION
+ ENTRY(sysenter_return);
+ #endif
+@@ -63,6 +65,18 @@ int main(void)
OFFSET(PV_CPU_irq_enable_sysexit, pv_cpu_ops, irq_enable_sysexit);
OFFSET(PV_CPU_swapgs, pv_cpu_ops, swapgs);
OFFSET(PV_MMU_read_cr2, pv_mmu_ops, read_cr2);
@@ -11298,7 +11367,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c linux-2.6.32.40/arch
#endif
-@@ -115,6 +127,7 @@ int main(void)
+@@ -115,6 +129,7 @@ int main(void)
ENTRY(cr8);
BLANK();
#undef ENTRY
@@ -11306,7 +11375,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/asm-offsets_64.c linux-2.6.32.40/arch
DEFINE(TSS_ist, offsetof(struct tss_struct, x86_tss.ist));
BLANK();
DEFINE(crypto_tfm_ctx_offset, offsetof(struct crypto_tfm, __crt_ctx));
-@@ -130,6 +143,7 @@ int main(void)
+@@ -130,6 +145,7 @@ int main(void)
BLANK();
DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
@@ -12138,6 +12207,26 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/e820.c linux-2.6.32.40/arch/x86/kerne
};
static int __init find_overlapped_early(u64 start, u64 end)
+diff -urNp linux-2.6.32.40/arch/x86/kernel/early_printk.c linux-2.6.32.40/arch/x86/kernel/early_printk.c
+--- linux-2.6.32.40/arch/x86/kernel/early_printk.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/early_printk.c 2011-05-16 21:46:57.000000000 -0400
+@@ -7,6 +7,7 @@
+ #include <linux/pci_regs.h>
+ #include <linux/pci_ids.h>
+ #include <linux/errno.h>
++#include <linux/sched.h>
+ #include <asm/io.h>
+ #include <asm/processor.h>
+ #include <asm/fcntl.h>
+@@ -170,6 +171,8 @@ asmlinkage void early_printk(const char
+ int n;
+ va_list ap;
+
++ pax_track_stack();
++
+ va_start(ap, fmt);
+ n = vscnprintf(buf, sizeof(buf), fmt, ap);
+ early_console->write(early_console, buf, n);
diff -urNp linux-2.6.32.40/arch/x86/kernel/efi_32.c linux-2.6.32.40/arch/x86/kernel/efi_32.c
--- linux-2.6.32.40/arch/x86/kernel/efi_32.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/arch/x86/kernel/efi_32.c 2011-04-17 15:56:46.000000000 -0400
@@ -12324,8 +12413,8 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/efi_stub_32.S linux-2.6.32.40/arch/x8
efi_rt_function_ptr:
diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/kernel/entry_32.S
--- linux-2.6.32.40/arch/x86/kernel/entry_32.S 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/entry_32.S 2011-05-10 21:27:27.000000000 -0400
-@@ -185,13 +185,139 @@
++++ linux-2.6.32.40/arch/x86/kernel/entry_32.S 2011-05-16 22:11:55.000000000 -0400
+@@ -185,13 +185,146 @@
/*CFI_REL_OFFSET gs, PT_GS*/
.endm
.macro SET_KERNEL_GS reg
@@ -12359,7 +12448,8 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+#ifdef CONFIG_PAX_KERNEXEC
+ENTRY(pax_enter_kernel)
+#ifdef CONFIG_PARAVIRT
-+ push %eax; push %ecx
++ pushl %eax
++ pushl %ecx
+ call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
+ mov %eax, %esi
+#else
@@ -12381,14 +12471,16 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+#endif
+3:
+#ifdef CONFIG_PARAVIRT
-+ pop %ecx; pop %eax
++ popl %ecx
++ popl %eax
+#endif
+ ret
+ENDPROC(pax_enter_kernel)
+
+ENTRY(pax_exit_kernel)
+#ifdef CONFIG_PARAVIRT
-+ push %eax; push %ecx
++ pushl %eax
++ pushl %ecx
+#endif
+ mov %cs, %esi
+ cmp $__KERNEXEC_KERNEL_CS, %esi
@@ -12410,7 +12502,8 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+#endif
+2:
+#ifdef CONFIG_PARAVIRT
-+ pop %ecx; pop %eax
++ popl %ecx
++ popl %eax
+#endif
+ ret
+ENDPROC(pax_exit_kernel)
@@ -12423,41 +12516,44 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+.endm
+
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++/*
++ * ebp: thread_info
++ * ecx, edx: can be clobbered
++ */
+ENTRY(pax_erase_kstack)
-+ push %edi
++ pushl %edi
++ pushl %eax
+
-+ lea -64(%esp), %edi
-+ and $-64, %edi
++ mov TI_lowest_stack(%ebp), %edi
+ mov $-0xBEEF, %eax
+ std
-+1:
-+ mov %edi, %ecx
++
++1: mov %edi, %ecx
+ and $THREAD_SIZE_asm - 1, %ecx
+ shr $2, %ecx
+ repne scasl
+ jecxz 2f
+
-+ and $-64, %edi
-+ and $-16, %ecx
-+
-+ sub $128, %ecx
++ cmp $2*16, %ecx
+ jc 2f
-+ mov $16, %ecx
-+ repe scasl
-+ jne 1b
-+ sub $(512 - 64), %edi
-+ mov $16, %ecx
++
++ mov $2*16, %ecx
+ repe scasl
+ jecxz 2f
+ jne 1b
-+2:
-+ cld
++
++2: cld
+ mov %esp, %ecx
+ sub %edi, %ecx
+ shr $2, %ecx
+ rep stosl
+
-+ pop %edi
++ mov TI_task_thread_sp0(%ebp), %edi
++ sub $128, %edi
++ mov %edi, TI_lowest_stack(%ebp)
++
++ popl %eax
++ popl %edi
+ ret
+ENDPROC(pax_erase_kstack)
+#endif
@@ -12466,7 +12562,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
cld
PUSH_GS
pushl %fs
-@@ -224,7 +350,7 @@
+@@ -224,7 +357,7 @@
pushl %ebx
CFI_ADJUST_CFA_OFFSET 4
CFI_REL_OFFSET ebx, 0
@@ -12475,7 +12571,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
movl %edx, %ds
movl %edx, %es
movl $(__KERNEL_PERCPU), %edx
-@@ -232,6 +358,15 @@
+@@ -232,6 +365,15 @@
SET_KERNEL_GS %edx
.endm
@@ -12491,7 +12587,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
.macro RESTORE_INT_REGS
popl %ebx
CFI_ADJUST_CFA_OFFSET -4
-@@ -352,7 +487,15 @@ check_userspace:
+@@ -352,7 +494,15 @@ check_userspace:
movb PT_CS(%esp), %al
andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax
cmpl $USER_RPL, %eax
@@ -12507,7 +12603,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
ENTRY(resume_userspace)
LOCKDEP_SYS_EXIT
-@@ -414,25 +557,36 @@ sysenter_past_esp:
+@@ -414,25 +564,36 @@ sysenter_past_esp:
/*CFI_REL_OFFSET cs, 0*/
/*
* Push current_thread_info()->sysenter_return to the stack.
@@ -12547,7 +12643,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
movl %ebp,PT_EBP(%esp)
.section __ex_table,"a"
.align 4
-@@ -455,12 +609,27 @@ sysenter_do_call:
+@@ -455,12 +616,23 @@ sysenter_do_call:
testl $_TIF_ALLWORK_MASK, %ecx
jne sysexit_audit
sysenter_exit:
@@ -12558,11 +12654,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+ popl_cfi %eax
+#endif
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ pushl_cfi %eax
-+ call pax_erase_kstack
-+ popl_cfi %eax
-+#endif
++ pax_erase_kstack
+
/* if something modifies registers it must also disable sysexit */
movl PT_EIP(%esp), %edx
@@ -12575,7 +12667,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
PTGS_TO_GS
ENABLE_INTERRUPTS_SYSEXIT
-@@ -504,11 +673,17 @@ sysexit_audit:
+@@ -504,11 +676,17 @@ sysexit_audit:
CFI_ENDPROC
.pushsection .fixup,"ax"
@@ -12595,7 +12687,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
.popsection
PTGS_TO_GS_EX
ENDPROC(ia32_sysenter_target)
-@@ -538,6 +713,14 @@ syscall_exit:
+@@ -538,6 +716,12 @@ syscall_exit:
testl $_TIF_ALLWORK_MASK, %ecx # current->work
jne syscall_exit_work
@@ -12603,14 +12695,12 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
+ call pax_randomize_kstack
+#endif
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
+ pax_erase_kstack
-+#endif
+
restore_all:
TRACE_IRQS_IRET
restore_all_notrace:
-@@ -602,7 +785,13 @@ ldt_ss:
+@@ -602,7 +786,13 @@ ldt_ss:
mov PT_OLDESP(%esp), %eax /* load userspace esp */
mov %dx, %ax /* eax: new kernel esp */
sub %eax, %edx /* offset (low word is 0) */
@@ -12625,7 +12715,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
shr $16, %edx
mov %dl, GDT_ENTRY_ESPFIX_SS * 8 + 4(%ebx) /* bits 16..23 */
mov %dh, GDT_ENTRY_ESPFIX_SS * 8 + 7(%ebx) /* bits 24..31 */
-@@ -642,25 +831,19 @@ work_resched:
+@@ -642,25 +832,19 @@ work_resched:
work_notifysig: # deal with pending signals and
# notify-resume requests
@@ -12654,7 +12744,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
#endif
xorl %edx, %edx
call do_notify_resume
-@@ -695,6 +878,10 @@ END(syscall_exit_work)
+@@ -695,6 +879,10 @@ END(syscall_exit_work)
RING0_INT_FRAME # can't unwind into user space anyway
syscall_fault:
@@ -12665,7 +12755,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
GET_THREAD_INFO(%ebp)
movl $-EFAULT,PT_EAX(%esp)
jmp resume_userspace
-@@ -726,6 +913,33 @@ PTREGSCALL(rt_sigreturn)
+@@ -726,6 +914,33 @@ PTREGSCALL(rt_sigreturn)
PTREGSCALL(vm86)
PTREGSCALL(vm86old)
@@ -12699,7 +12789,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
.macro FIXUP_ESPFIX_STACK
/*
* Switch back for ESPFIX stack to the normal zerobased stack
-@@ -735,7 +949,13 @@ PTREGSCALL(vm86old)
+@@ -735,7 +950,13 @@ PTREGSCALL(vm86old)
* normal stack and adjusts ESP with the matching offset.
*/
/* fixup the stack */
@@ -12714,7 +12804,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
mov GDT_ENTRY_ESPFIX_SS * 8 + 4(%ebx), %al /* bits 16..23 */
mov GDT_ENTRY_ESPFIX_SS * 8 + 7(%ebx), %ah /* bits 24..31 */
shl $16, %eax
-@@ -1198,7 +1418,6 @@ return_to_handler:
+@@ -1198,7 +1419,6 @@ return_to_handler:
ret
#endif
@@ -12722,7 +12812,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
#include "syscall_table_32.S"
syscall_table_size=(.-sys_call_table)
-@@ -1255,9 +1474,12 @@ error_code:
+@@ -1255,9 +1475,12 @@ error_code:
movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart
REG_TO_PTGS %ecx
SET_KERNEL_GS %ecx
@@ -12736,7 +12826,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
TRACE_IRQS_OFF
movl %esp,%eax # pt_regs pointer
call *%edi
-@@ -1351,6 +1573,9 @@ nmi_stack_correct:
+@@ -1351,6 +1574,9 @@ nmi_stack_correct:
xorl %edx,%edx # zero error code
movl %esp,%eax # pt_regs pointer
call do_nmi
@@ -12746,7 +12836,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
jmp restore_all_notrace
CFI_ENDPROC
-@@ -1391,6 +1616,9 @@ nmi_espfix_stack:
+@@ -1391,6 +1617,9 @@ nmi_espfix_stack:
FIXUP_ESPFIX_STACK # %eax == %esp
xorl %edx,%edx # zero error code
call do_nmi
@@ -12758,7 +12848,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_32.S linux-2.6.32.40/arch/x86/k
CFI_ADJUST_CFA_OFFSET -24
diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/kernel/entry_64.S
--- linux-2.6.32.40/arch/x86/kernel/entry_64.S 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/entry_64.S 2011-05-10 21:29:37.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/entry_64.S 2011-05-18 20:09:36.000000000 -0400
@@ -53,6 +53,7 @@
#include <asm/paravirt.h>
#include <asm/ftrace.h>
@@ -12767,7 +12857,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
/* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
#include <linux/elf-em.h>
-@@ -174,6 +175,251 @@ ENTRY(native_usergs_sysret64)
+@@ -174,6 +175,253 @@ ENTRY(native_usergs_sysret64)
ENDPROC(native_usergs_sysret64)
#endif /* CONFIG_PARAVIRT */
@@ -12779,8 +12869,8 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ 1234: .quad \off; .word \sel
+ .popsection
+#else
-+ push $\sel
-+ push $\off
++ pushq $\sel
++ pushq $\off
+ lretq
+#endif
+ .endm
@@ -12799,7 +12889,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+
+#ifdef CONFIG_PAX_KERNEXEC
+ENTRY(pax_enter_kernel)
-+ push %rdi
++ pushq %rdi
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12820,12 +12910,12 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ PV_RESTORE_REGS(CLBR_RDI)
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_enter_kernel)
+
+ENTRY(pax_exit_kernel)
-+ push %rdi
++ pushq %rdi
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12844,7 +12934,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ PV_RESTORE_REGS(CLBR_RDI);
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_exit_kernel)
+#endif
@@ -12865,16 +12955,14 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ pop %rax
+#endif
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ push %rax
+ call pax_erase_kstack
-+ pop %rax
+#endif
+ .endm
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ENTRY(pax_enter_kernel_user)
-+ push %rdi
-+ push %rbx
++ pushq %rdi
++ pushq %rbx
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12886,7 +12974,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ sub phys_base(%rip),%rbx
+
+#ifdef CONFIG_PARAVIRT
-+ push %rdi
++ pushq %rdi
+ cmpl $0, pv_info+PARAVIRT_enabled
+ jz 1f
+ i = 0
@@ -12908,7 +12996,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ .endr
+
+#ifdef CONFIG_PARAVIRT
-+2: pop %rdi
++2: popq %rdi
+#endif
+ SET_RDI_INTO_CR3
+
@@ -12922,8 +13010,8 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ PV_RESTORE_REGS(CLBR_RDI)
+#endif
+
-+ pop %rbx
-+ pop %rdi
++ popq %rbx
++ popq %rdi
+ retq
+ENDPROC(pax_enter_kernel_user)
+
@@ -12931,7 +13019,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+ push %rdi
+
+#ifdef CONFIG_PARAVIRT
-+ push %rbx
++ pushq %rbx
+ PV_SAVE_REGS(CLBR_RDI)
+#endif
+
@@ -12969,57 +13057,61 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
+
+#ifdef CONFIG_PARAVIRT
+2: PV_RESTORE_REGS(CLBR_RDI)
-+ pop %rbx
++ popq %rbx
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_exit_kernel_user)
+#endif
+
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++/*
++ * r10: thread_info
++ * rcx, rdx: can be clobbered
++ */
+ENTRY(pax_erase_kstack)
-+ push %rdi
++ pushq %rdi
++ pushq %rax
+
-+ lea -128(%rsp), %rdi
-+ and $-64, %rdi
++ GET_THREAD_INFO(%r10)
++ mov TI_lowest_stack(%r10), %rdi
+ mov $-0xBEEF, %rax
+ std
-+1:
-+ mov %edi, %ecx
++
++1: mov %edi, %ecx
+ and $THREAD_SIZE_asm - 1, %ecx
+ shr $3, %ecx
+ repne scasq
+ jecxz 2f
+
-+ and $-64, %rdi
-+ and $-8, %ecx
-+
-+ sub $64, %ecx
++ cmp $2*8, %ecx
+ jc 2f
-+ mov $8, %ecx
-+ repe scasq
-+ jne 1b
-+ sub $(512 - 64), %rdi
-+ mov $8, %ecx
++
++ mov $2*8, %ecx
+ repe scasq
+ jecxz 2f
+ jne 1b
-+2:
-+ cld
++
++2: cld
+ mov %esp, %ecx
+ sub %edi, %ecx
+ shr $3, %ecx
+ rep stosq
+
-+ pop %rdi
++ mov TI_task_thread_sp0(%r10), %rdi
++ sub $256, %rdi
++ mov %rdi, TI_lowest_stack(%r10)
++
++ popq %rax
++ popq %rdi
+ ret
+ENDPROC(pax_erase_kstack)
+#endif
.macro TRACE_IRQS_IRETQ offset=ARGOFFSET
#ifdef CONFIG_TRACE_IRQFLAGS
-@@ -317,7 +563,7 @@ ENTRY(save_args)
+@@ -317,7 +565,7 @@ ENTRY(save_args)
leaq -ARGOFFSET+16(%rsp),%rdi /* arg1 for handler */
movq_cfi rbp, 8 /* push %rbp */
leaq 8(%rsp), %rbp /* mov %rsp, %ebp */
@@ -13028,7 +13120,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
je 1f
SWAPGS
/*
-@@ -409,7 +655,7 @@ ENTRY(ret_from_fork)
+@@ -409,7 +657,7 @@ ENTRY(ret_from_fork)
RESTORE_REST
@@ -13037,7 +13129,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
je int_ret_from_sys_call
testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
-@@ -455,7 +701,7 @@ END(ret_from_fork)
+@@ -455,7 +703,7 @@ END(ret_from_fork)
ENTRY(system_call)
CFI_STARTPROC simple
CFI_SIGNAL_FRAME
@@ -13046,7 +13138,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
CFI_REGISTER rip,rcx
/*CFI_REGISTER rflags,r11*/
SWAPGS_UNSAFE_STACK
-@@ -468,12 +714,13 @@ ENTRY(system_call_after_swapgs)
+@@ -468,12 +716,13 @@ ENTRY(system_call_after_swapgs)
movq %rsp,PER_CPU_VAR(old_rsp)
movq PER_CPU_VAR(kernel_stack),%rsp
@@ -13061,7 +13153,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
movq %rcx,RIP-ARGOFFSET(%rsp)
CFI_REL_OFFSET rip,RIP-ARGOFFSET
-@@ -502,6 +749,7 @@ sysret_check:
+@@ -502,6 +751,7 @@ sysret_check:
andl %edi,%edx
jnz sysret_careful
CFI_REMEMBER_STATE
@@ -13069,7 +13161,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
/*
* sysretq will re-enable interrupts:
*/
-@@ -613,7 +861,7 @@ tracesys:
+@@ -613,7 +863,7 @@ tracesys:
GLOBAL(int_ret_from_sys_call)
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF
@@ -13078,7 +13170,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
je retint_restore_args
movl $_TIF_ALLWORK_MASK,%edi
/* edi: mask to check */
-@@ -800,6 +1048,16 @@ END(interrupt)
+@@ -800,6 +1050,16 @@ END(interrupt)
CFI_ADJUST_CFA_OFFSET 10*8
call save_args
PARTIAL_FRAME 0
@@ -13095,7 +13187,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
call \func
.endm
-@@ -822,7 +1080,7 @@ ret_from_intr:
+@@ -822,7 +1082,7 @@ ret_from_intr:
CFI_ADJUST_CFA_OFFSET -8
exit_intr:
GET_THREAD_INFO(%rcx)
@@ -13104,7 +13196,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
je retint_kernel
/* Interrupt came from user space */
-@@ -844,12 +1102,14 @@ retint_swapgs: /* return to user-space
+@@ -844,12 +1104,14 @@ retint_swapgs: /* return to user-space
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
@@ -13119,7 +13211,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
/*
* The iretq could re-enable interrupts:
*/
-@@ -1032,6 +1292,16 @@ ENTRY(\sym)
+@@ -1032,6 +1294,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET 15*8
call error_entry
DEFAULT_FRAME 0
@@ -13136,7 +13228,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1049,6 +1319,16 @@ ENTRY(\sym)
+@@ -1049,6 +1321,16 @@ ENTRY(\sym)
subq $15*8, %rsp
call save_paranoid
TRACE_IRQS_OFF
@@ -13153,7 +13245,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1066,9 +1346,24 @@ ENTRY(\sym)
+@@ -1066,9 +1348,24 @@ ENTRY(\sym)
subq $15*8, %rsp
call save_paranoid
TRACE_IRQS_OFF
@@ -13179,7 +13271,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
subq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
call \do_sym
addq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
-@@ -1085,6 +1380,16 @@ ENTRY(\sym)
+@@ -1085,6 +1382,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET 15*8
call error_entry
DEFAULT_FRAME 0
@@ -13196,7 +13288,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1104,6 +1409,16 @@ ENTRY(\sym)
+@@ -1104,6 +1411,16 @@ ENTRY(\sym)
call save_paranoid
DEFAULT_FRAME 0
TRACE_IRQS_OFF
@@ -13213,7 +13305,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1405,14 +1720,27 @@ ENTRY(paranoid_exit)
+@@ -1405,14 +1722,27 @@ ENTRY(paranoid_exit)
TRACE_IRQS_OFF
testl %ebx,%ebx /* swapgs needed? */
jnz paranoid_restore
@@ -13242,7 +13334,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
TRACE_IRQS_IRETQ 0
RESTORE_ALL 8
jmp irq_return
-@@ -1470,7 +1798,7 @@ ENTRY(error_entry)
+@@ -1470,7 +1800,7 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
@@ -13251,7 +13343,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
je error_kernelspace
error_swapgs:
SWAPGS
-@@ -1529,6 +1857,16 @@ ENTRY(nmi)
+@@ -1529,6 +1859,16 @@ ENTRY(nmi)
CFI_ADJUST_CFA_OFFSET 15*8
call save_paranoid
DEFAULT_FRAME 0
@@ -13268,7 +13360,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/entry_64.S linux-2.6.32.40/arch/x86/k
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
movq $-1,%rsi
-@@ -1539,11 +1877,25 @@ ENTRY(nmi)
+@@ -1539,11 +1879,25 @@ ENTRY(nmi)
DISABLE_INTERRUPTS(CLBR_NONE)
testl %ebx,%ebx /* swapgs needed? */
jnz nmi_restore
@@ -14886,7 +14978,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/module.c linux-2.6.32.40/arch/x86/ker
goto overflow;
diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/kernel/paravirt.c
--- linux-2.6.32.40/arch/x86/kernel/paravirt.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/paravirt.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/paravirt.c 2011-05-16 21:46:57.000000000 -0400
@@ -122,7 +122,7 @@ unsigned paravirt_patch_jmp(void *insnbu
* corresponding structure. */
static void *get_call_destination(u8 type)
@@ -14896,7 +14988,17 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
.pv_init_ops = pv_init_ops,
.pv_time_ops = pv_time_ops,
.pv_cpu_ops = pv_cpu_ops,
-@@ -145,14 +145,14 @@ unsigned paravirt_patch_default(u8 type,
+@@ -133,6 +133,9 @@ static void *get_call_destination(u8 typ
+ .pv_lock_ops = pv_lock_ops,
+ #endif
+ };
++
++ pax_track_stack();
++
+ return *((void **)&tmpl + type);
+ }
+
+@@ -145,14 +148,14 @@ unsigned paravirt_patch_default(u8 type,
if (opfunc == NULL)
/* If there's no function, patch it with a ud2a (BUG) */
ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a));
@@ -14914,7 +15016,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
ret = paravirt_patch_ident_64(insnbuf, len);
else if (type == PARAVIRT_PATCH(pv_cpu_ops.iret) ||
-@@ -178,7 +178,7 @@ unsigned paravirt_patch_insns(void *insn
+@@ -178,7 +181,7 @@ unsigned paravirt_patch_insns(void *insn
if (insn_len > len || start == NULL)
insn_len = len;
else
@@ -14923,7 +15025,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
return insn_len;
}
-@@ -294,22 +294,22 @@ void arch_flush_lazy_mmu_mode(void)
+@@ -294,22 +297,22 @@ void arch_flush_lazy_mmu_mode(void)
preempt_enable();
}
@@ -14950,7 +15052,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
.save_fl = __PV_IS_CALLEE_SAVE(native_save_fl),
.restore_fl = __PV_IS_CALLEE_SAVE(native_restore_fl),
.irq_disable = __PV_IS_CALLEE_SAVE(native_irq_disable),
-@@ -321,7 +321,7 @@ struct pv_irq_ops pv_irq_ops = {
+@@ -321,7 +324,7 @@ struct pv_irq_ops pv_irq_ops = {
#endif
};
@@ -14959,7 +15061,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
.cpuid = native_cpuid,
.get_debugreg = native_get_debugreg,
.set_debugreg = native_set_debugreg,
-@@ -382,7 +382,7 @@ struct pv_cpu_ops pv_cpu_ops = {
+@@ -382,7 +385,7 @@ struct pv_cpu_ops pv_cpu_ops = {
.end_context_switch = paravirt_nop,
};
@@ -14968,7 +15070,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
#ifdef CONFIG_X86_LOCAL_APIC
.startup_ipi_hook = paravirt_nop,
#endif
-@@ -396,7 +396,7 @@ struct pv_apic_ops pv_apic_ops = {
+@@ -396,7 +399,7 @@ struct pv_apic_ops pv_apic_ops = {
#define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_64)
#endif
@@ -14977,7 +15079,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/paravirt.c linux-2.6.32.40/arch/x86/k
.read_cr2 = native_read_cr2,
.write_cr2 = native_write_cr2,
-@@ -467,6 +467,12 @@ struct pv_mmu_ops pv_mmu_ops = {
+@@ -467,6 +470,12 @@ struct pv_mmu_ops pv_mmu_ops = {
},
.set_fixmap = native_set_fixmap,
@@ -15073,7 +15175,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/pci-swiotlb.c linux-2.6.32.40/arch/x8
.free_coherent = swiotlb_free_coherent,
diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86/kernel/process_32.c
--- linux-2.6.32.40/arch/x86/kernel/process_32.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/process_32.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/process_32.c 2011-05-16 21:46:57.000000000 -0400
@@ -67,6 +67,7 @@ asmlinkage void ret_from_fork(void) __as
unsigned long thread_saved_pc(struct task_struct *tsk)
{
@@ -15114,7 +15216,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
regs.orig_ax = -1;
regs.ip = (unsigned long) kernel_thread_helper;
regs.cs = __KERNEL_CS | get_kernel_rpl();
-@@ -247,7 +247,7 @@ int copy_thread(unsigned long clone_flag
+@@ -247,13 +247,14 @@ int copy_thread(unsigned long clone_flag
struct task_struct *tsk;
int err;
@@ -15123,7 +15225,14 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
*childregs = *regs;
childregs->ax = 0;
childregs->sp = sp;
-@@ -346,7 +346,7 @@ __switch_to(struct task_struct *prev_p,
+
+ p->thread.sp = (unsigned long) childregs;
+ p->thread.sp0 = (unsigned long) (childregs+1);
++ p->tinfo.lowest_stack = (unsigned long)task_stack_page(p);
+
+ p->thread.ip = (unsigned long) ret_from_fork;
+
+@@ -346,7 +347,7 @@ __switch_to(struct task_struct *prev_p,
struct thread_struct *prev = &prev_p->thread,
*next = &next_p->thread;
int cpu = smp_processor_id();
@@ -15132,7 +15241,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
bool preload_fpu;
/* never put a printk in __switch_to... printk() calls wake_up*() indirectly */
-@@ -381,6 +381,10 @@ __switch_to(struct task_struct *prev_p,
+@@ -381,6 +382,10 @@ __switch_to(struct task_struct *prev_p,
*/
lazy_save_gs(prev->gs);
@@ -15143,7 +15252,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
/*
* Load the per-thread Thread-Local Storage descriptor.
*/
-@@ -416,6 +420,9 @@ __switch_to(struct task_struct *prev_p,
+@@ -416,6 +421,9 @@ __switch_to(struct task_struct *prev_p,
*/
arch_end_context_switch(next_p);
@@ -15153,7 +15262,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
if (preload_fpu)
__math_state_restore();
-@@ -425,8 +432,6 @@ __switch_to(struct task_struct *prev_p,
+@@ -425,8 +433,6 @@ __switch_to(struct task_struct *prev_p,
if (prev->gs | next->gs)
lazy_load_gs(next->gs);
@@ -15162,14 +15271,14 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_32.c linux-2.6.32.40/arch/x86
return prev_p;
}
-@@ -496,4 +501,3 @@ unsigned long get_wchan(struct task_stru
+@@ -496,4 +502,3 @@ unsigned long get_wchan(struct task_stru
} while (count++ < 16);
return 0;
}
-
diff -urNp linux-2.6.32.40/arch/x86/kernel/process_64.c linux-2.6.32.40/arch/x86/kernel/process_64.c
--- linux-2.6.32.40/arch/x86/kernel/process_64.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/arch/x86/kernel/process_64.c 2011-05-11 18:25:15.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kernel/process_64.c 2011-05-16 21:46:57.000000000 -0400
@@ -91,7 +91,7 @@ static void __exit_idle(void)
void exit_idle(void)
{
@@ -15198,7 +15307,15 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_64.c linux-2.6.32.40/arch/x86
*childregs = *regs;
childregs->ax = 0;
-@@ -380,7 +379,7 @@ __switch_to(struct task_struct *prev_p,
+@@ -292,6 +291,7 @@ int copy_thread(unsigned long clone_flag
+ p->thread.sp = (unsigned long) childregs;
+ p->thread.sp0 = (unsigned long) (childregs+1);
+ p->thread.usersp = me->thread.usersp;
++ p->tinfo.lowest_stack = (unsigned long)task_stack_page(p);
+
+ set_tsk_thread_flag(p, TIF_FORK);
+
+@@ -380,7 +380,7 @@ __switch_to(struct task_struct *prev_p,
struct thread_struct *prev = &prev_p->thread;
struct thread_struct *next = &next_p->thread;
int cpu = smp_processor_id();
@@ -15207,7 +15324,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_64.c linux-2.6.32.40/arch/x86
unsigned fsindex, gsindex;
bool preload_fpu;
-@@ -476,10 +475,9 @@ __switch_to(struct task_struct *prev_p,
+@@ -476,10 +476,9 @@ __switch_to(struct task_struct *prev_p,
prev->usersp = percpu_read(old_rsp);
percpu_write(old_rsp, next->usersp);
percpu_write(current_task, next_p);
@@ -15220,7 +15337,7 @@ diff -urNp linux-2.6.32.40/arch/x86/kernel/process_64.c linux-2.6.32.40/arch/x86
/*
* Now maybe reload the debug registers and handle I/O bitmaps
-@@ -560,12 +558,11 @@ unsigned long get_wchan(struct task_stru
+@@ -560,12 +559,11 @@ unsigned long get_wchan(struct task_stru
if (!p || p == current || p->state == TASK_RUNNING)
return 0;
stack = (unsigned long)task_stack_page(p);
@@ -17138,6 +17255,18 @@ diff -urNp linux-2.6.32.40/arch/x86/kvm/lapic.c linux-2.6.32.40/arch/x86/kvm/lap
#define APIC_LVT_NUM 6
/* 14 is the version for Xeon and Pentium 8.4.8*/
+diff -urNp linux-2.6.32.40/arch/x86/kvm/paging_tmpl.h linux-2.6.32.40/arch/x86/kvm/paging_tmpl.h
+--- linux-2.6.32.40/arch/x86/kvm/paging_tmpl.h 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/arch/x86/kvm/paging_tmpl.h 2011-05-16 21:46:57.000000000 -0400
+@@ -416,6 +416,8 @@ static int FNAME(page_fault)(struct kvm_
+ int level = PT_PAGE_TABLE_LEVEL;
+ unsigned long mmu_seq;
+
++ pax_track_stack();
++
+ pgprintk("%s: addr %lx err %x\n", __func__, addr, error_code);
+ kvm_mmu_audit(vcpu, "pre page fault");
+
diff -urNp linux-2.6.32.40/arch/x86/kvm/svm.c linux-2.6.32.40/arch/x86/kvm/svm.c
--- linux-2.6.32.40/arch/x86/kvm/svm.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/arch/x86/kvm/svm.c 2011-04-17 15:56:46.000000000 -0400
@@ -22534,18 +22663,39 @@ diff -urNp linux-2.6.32.40/block/scsi_ioctl.c linux-2.6.32.40/block/scsi_ioctl.c
if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len))
goto error;
+diff -urNp linux-2.6.32.40/crypto/serpent.c linux-2.6.32.40/crypto/serpent.c
+--- linux-2.6.32.40/crypto/serpent.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/crypto/serpent.c 2011-05-16 21:46:57.000000000 -0400
+@@ -224,6 +224,8 @@ static int serpent_setkey(struct crypto_
+ u32 r0,r1,r2,r3,r4;
+ int i;
+
++ pax_track_stack();
++
+ /* Copy key, add padding */
+
+ for (i = 0; i < keylen; ++i)
diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/dontdiff
--- linux-2.6.32.40/Documentation/dontdiff 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/Documentation/dontdiff 2011-04-17 15:56:45.000000000 -0400
-@@ -3,6 +3,7 @@
++++ linux-2.6.32.40/Documentation/dontdiff 2011-05-18 20:09:36.000000000 -0400
+@@ -1,13 +1,16 @@
+ *.a
+ *.aux
*.bin
++*.cis
*.cpio
*.csp
+*.dbg
*.dsp
*.dvi
*.elf
-@@ -38,8 +39,10 @@
+ *.eps
+ *.fw
++*.gcno
+ *.gen.S
+ *.gif
+ *.grep
+@@ -38,8 +41,10 @@
*.tab.h
*.tex
*.ver
@@ -22556,7 +22706,7 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
*_vga16.c
*~
*.9
-@@ -49,11 +52,16 @@
+@@ -49,11 +54,16 @@
53c700_d.h
CVS
ChangeSet
@@ -22573,10 +22723,11 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
SCCS
System.map*
TAGS
-@@ -76,7 +84,10 @@ btfixupprep
+@@ -76,7 +86,11 @@ btfixupprep
build
bvmlinux
bzImage*
++capability_names.h
+capflags.c
classlist.h*
+clut_vga16.c
@@ -22584,7 +22735,7 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
comp*.log
compile.h*
conf
-@@ -103,13 +114,14 @@ gen_crc32table
+@@ -103,13 +117,14 @@ gen_crc32table
gen_init_cpio
genksyms
*_gray256.c
@@ -22600,7 +22751,7 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
keywords.c
ksym.c*
ksym.h*
-@@ -133,7 +145,9 @@ mkboot
+@@ -133,7 +148,9 @@ mkboot
mkbugboot
mkcpustr
mkdep
@@ -22610,7 +22761,7 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
mktables
mktree
modpost
-@@ -149,6 +163,7 @@ patches*
+@@ -149,6 +166,7 @@ patches*
pca200e.bin
pca200e_ecd.bin2
piggy.gz
@@ -22618,12 +22769,13 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
piggyback
pnmtologo
ppc_defs.h*
-@@ -157,12 +172,14 @@ qconf
+@@ -157,12 +175,15 @@ qconf
raid6altivec*.c
raid6int*.c
raid6tables.c
+regdb.c
relocs
++rlim_names.h
series
setup
setup.bin
@@ -22633,7 +22785,7 @@ diff -urNp linux-2.6.32.40/Documentation/dontdiff linux-2.6.32.40/Documentation/
sm_tbl*
split-include
syscalltab.h
-@@ -186,14 +203,20 @@ version.h*
+@@ -186,14 +207,20 @@ version.h*
vmlinux
vmlinux-*
vmlinux.aout
@@ -23033,8 +23185,17 @@ diff -urNp linux-2.6.32.40/drivers/ata/libata-core.c linux-2.6.32.40/drivers/ata
.error_handler = ata_dummy_error_handler,
diff -urNp linux-2.6.32.40/drivers/ata/libata-eh.c linux-2.6.32.40/drivers/ata/libata-eh.c
--- linux-2.6.32.40/drivers/ata/libata-eh.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/ata/libata-eh.c 2011-04-17 15:56:46.000000000 -0400
-@@ -3590,7 +3590,7 @@ void ata_do_eh(struct ata_port *ap, ata_
++++ linux-2.6.32.40/drivers/ata/libata-eh.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2423,6 +2423,8 @@ void ata_eh_report(struct ata_port *ap)
+ {
+ struct ata_link *link;
+
++ pax_track_stack();
++
+ ata_for_each_link(link, ap, HOST_FIRST)
+ ata_eh_link_report(link);
+ }
+@@ -3590,7 +3592,7 @@ void ata_do_eh(struct ata_port *ap, ata_
*/
void ata_std_error_handler(struct ata_port *ap)
{
@@ -25286,7 +25447,7 @@ diff -urNp linux-2.6.32.40/drivers/atm/nicstar.c linux-2.6.32.40/drivers/atm/nic
diff -urNp linux-2.6.32.40/drivers/atm/solos-pci.c linux-2.6.32.40/drivers/atm/solos-pci.c
--- linux-2.6.32.40/drivers/atm/solos-pci.c 2011-04-17 17:00:52.000000000 -0400
-+++ linux-2.6.32.40/drivers/atm/solos-pci.c 2011-04-17 17:03:05.000000000 -0400
++++ linux-2.6.32.40/drivers/atm/solos-pci.c 2011-05-16 21:46:57.000000000 -0400
@@ -708,7 +708,7 @@ void solos_bh(unsigned long card_arg)
}
atm_charge(vcc, skb->truesize);
@@ -25296,7 +25457,16 @@ diff -urNp linux-2.6.32.40/drivers/atm/solos-pci.c linux-2.6.32.40/drivers/atm/s
break;
case PKT_STATUS:
-@@ -1023,7 +1023,7 @@ static uint32_t fpga_tx(struct solos_car
+@@ -914,6 +914,8 @@ static int print_buffer(struct sk_buff *
+ char msg[500];
+ char item[10];
+
++ pax_track_stack();
++
+ len = buf->len;
+ for (i = 0; i < len; i++){
+ if(i % 8 == 0)
+@@ -1023,7 +1025,7 @@ static uint32_t fpga_tx(struct solos_car
vcc = SKB_CB(oldskb)->vcc;
if (vcc) {
@@ -25504,6 +25674,51 @@ diff -urNp linux-2.6.32.40/drivers/block/cciss.c linux-2.6.32.40/drivers/block/c
err = 0;
err |=
copy_from_user(&arg64.LUN_info, &arg32->LUN_info,
+diff -urNp linux-2.6.32.40/drivers/block/cpqarray.c linux-2.6.32.40/drivers/block/cpqarray.c
+--- linux-2.6.32.40/drivers/block/cpqarray.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/block/cpqarray.c 2011-05-16 21:46:57.000000000 -0400
+@@ -896,6 +896,8 @@ static void do_ida_request(struct reques
+ struct scatterlist tmp_sg[SG_MAX];
+ int i, dir, seg;
+
++ pax_track_stack();
++
+ if (blk_queue_plugged(q))
+ goto startio;
+
+diff -urNp linux-2.6.32.40/drivers/block/DAC960.c linux-2.6.32.40/drivers/block/DAC960.c
+--- linux-2.6.32.40/drivers/block/DAC960.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/block/DAC960.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1973,6 +1973,8 @@ static bool DAC960_V1_ReadDeviceConfigur
+ unsigned long flags;
+ int Channel, TargetID;
+
++ pax_track_stack();
++
+ if (!init_dma_loaf(Controller->PCIDevice, &local_dma,
+ DAC960_V1_MaxChannels*(sizeof(DAC960_V1_DCDB_T) +
+ sizeof(DAC960_SCSI_Inquiry_T) +
+diff -urNp linux-2.6.32.40/drivers/block/nbd.c linux-2.6.32.40/drivers/block/nbd.c
+--- linux-2.6.32.40/drivers/block/nbd.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/block/nbd.c 2011-05-16 21:46:57.000000000 -0400
+@@ -155,6 +155,8 @@ static int sock_xmit(struct nbd_device *
+ struct kvec iov;
+ sigset_t blocked, oldset;
+
++ pax_track_stack();
++
+ if (unlikely(!sock)) {
+ printk(KERN_ERR "%s: Attempted %s on closed socket in sock_xmit\n",
+ lo->disk->disk_name, (send ? "send" : "recv"));
+@@ -569,6 +571,8 @@ static void do_nbd_request(struct reques
+ static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *lo,
+ unsigned int cmd, unsigned long arg)
+ {
++ pax_track_stack();
++
+ switch (cmd) {
+ case NBD_DISCONNECT: {
+ struct request sreq;
diff -urNp linux-2.6.32.40/drivers/block/pktcdvd.c linux-2.6.32.40/drivers/block/pktcdvd.c
--- linux-2.6.32.40/drivers/block/pktcdvd.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/block/pktcdvd.c 2011-04-17 15:56:46.000000000 -0400
@@ -25865,7 +26080,7 @@ diff -urNp linux-2.6.32.40/drivers/char/hvc_xen.c linux-2.6.32.40/drivers/char/h
.notifier_add = notifier_add_irq,
diff -urNp linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c
--- linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c 2011-05-16 21:46:57.000000000 -0400
@@ -414,7 +414,7 @@ struct ipmi_smi {
struct proc_dir_entry *proc_dir;
char proc_dir_name[10];
@@ -25896,6 +26111,15 @@ diff -urNp linux-2.6.32.40/drivers/char/ipmi/ipmi_msghandler.c linux-2.6.32.40/d
intf->proc_dir = NULL;
+@@ -4160,6 +4160,8 @@ static void send_panic_events(char *str)
+ struct ipmi_smi_msg smi_msg;
+ struct ipmi_recv_msg recv_msg;
+
++ pax_track_stack();
++
+ si = (struct ipmi_system_interface_addr *) &addr;
+ si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
+ si->channel = IPMI_BMC_CHANNEL;
diff -urNp linux-2.6.32.40/drivers/char/ipmi/ipmi_si_intf.c linux-2.6.32.40/drivers/char/ipmi/ipmi_si_intf.c
--- linux-2.6.32.40/drivers/char/ipmi/ipmi_si_intf.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/char/ipmi/ipmi_si_intf.c 2011-04-17 15:56:46.000000000 -0400
@@ -25931,7 +26155,7 @@ diff -urNp linux-2.6.32.40/drivers/char/ipmi/ipmi_si_intf.c linux-2.6.32.40/driv
atomic_set(&new_smi->stop_operation, 0);
diff -urNp linux-2.6.32.40/drivers/char/istallion.c linux-2.6.32.40/drivers/char/istallion.c
--- linux-2.6.32.40/drivers/char/istallion.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/char/istallion.c 2011-04-22 22:18:05.000000000 -0400
++++ linux-2.6.32.40/drivers/char/istallion.c 2011-05-16 21:46:57.000000000 -0400
@@ -187,7 +187,6 @@ static struct ktermios stli_deftermios
* re-used for each stats call.
*/
@@ -25948,6 +26172,24 @@ diff -urNp linux-2.6.32.40/drivers/char/istallion.c linux-2.6.32.40/drivers/char
if (copy_from_user(&stli_brdstats, bp, sizeof(combrd_t)))
return -EFAULT;
+@@ -4269,6 +4269,8 @@ static int stli_getportstruct(struct stl
+ struct stliport stli_dummyport;
+ struct stliport *portp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stli_dummyport, arg, sizeof(struct stliport)))
+ return -EFAULT;
+ portp = stli_getport(stli_dummyport.brdnr, stli_dummyport.panelnr,
+@@ -4291,6 +4293,8 @@ static int stli_getbrdstruct(struct stli
+ struct stlibrd stli_dummybrd;
+ struct stlibrd *brdp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stli_dummybrd, arg, sizeof(struct stlibrd)))
+ return -EFAULT;
+ if (stli_dummybrd.brdnr >= STL_MAXBRDS)
diff -urNp linux-2.6.32.40/drivers/char/Kconfig linux-2.6.32.40/drivers/char/Kconfig
--- linux-2.6.32.40/drivers/char/Kconfig 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/char/Kconfig 2011-04-18 19:20:15.000000000 -0400
@@ -26344,6 +26586,18 @@ diff -urNp linux-2.6.32.40/drivers/char/random.c linux-2.6.32.40/drivers/char/ra
static int max_write_thresh = INPUT_POOL_WORDS * 32;
static char sysctl_bootid[16];
+diff -urNp linux-2.6.32.40/drivers/char/rocket.c linux-2.6.32.40/drivers/char/rocket.c
+--- linux-2.6.32.40/drivers/char/rocket.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/char/rocket.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1266,6 +1266,8 @@ static int get_ports(struct r_port *info
+ struct rocket_ports tmp;
+ int board;
+
++ pax_track_stack();
++
+ if (!retports)
+ return -EFAULT;
+ memset(&tmp, 0, sizeof (tmp));
diff -urNp linux-2.6.32.40/drivers/char/sonypi.c linux-2.6.32.40/drivers/char/sonypi.c
--- linux-2.6.32.40/drivers/char/sonypi.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/char/sonypi.c 2011-04-17 15:56:46.000000000 -0400
@@ -26385,6 +26639,18 @@ diff -urNp linux-2.6.32.40/drivers/char/sonypi.c linux-2.6.32.40/drivers/char/so
mutex_unlock(&sonypi_device.lock);
unlock_kernel();
return 0;
+diff -urNp linux-2.6.32.40/drivers/char/stallion.c linux-2.6.32.40/drivers/char/stallion.c
+--- linux-2.6.32.40/drivers/char/stallion.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/char/stallion.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2448,6 +2448,8 @@ static int stl_getportstruct(struct stlp
+ struct stlport stl_dummyport;
+ struct stlport *portp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stl_dummyport, arg, sizeof(struct stlport)))
+ return -EFAULT;
+ portp = stl_getport(stl_dummyport.brdnr, stl_dummyport.panelnr,
diff -urNp linux-2.6.32.40/drivers/char/tpm/tpm_bios.c linux-2.6.32.40/drivers/char/tpm/tpm_bios.c
--- linux-2.6.32.40/drivers/char/tpm/tpm_bios.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/char/tpm/tpm_bios.c 2011-04-17 15:56:46.000000000 -0400
@@ -26430,7 +26696,7 @@ diff -urNp linux-2.6.32.40/drivers/char/tpm/tpm_bios.c linux-2.6.32.40/drivers/c
diff -urNp linux-2.6.32.40/drivers/char/tpm/tpm.c linux-2.6.32.40/drivers/char/tpm/tpm.c
--- linux-2.6.32.40/drivers/char/tpm/tpm.c 2011-04-17 17:00:52.000000000 -0400
-+++ linux-2.6.32.40/drivers/char/tpm/tpm.c 2011-04-17 17:03:05.000000000 -0400
++++ linux-2.6.32.40/drivers/char/tpm/tpm.c 2011-05-16 21:46:57.000000000 -0400
@@ -402,7 +402,7 @@ static ssize_t tpm_transmit(struct tpm_c
chip->vendor.req_complete_val)
goto out_recv;
@@ -26440,6 +26706,15 @@ diff -urNp linux-2.6.32.40/drivers/char/tpm/tpm.c linux-2.6.32.40/drivers/char/t
dev_err(chip->dev, "Operation Canceled\n");
rc = -ECANCELED;
goto out;
+@@ -821,6 +821,8 @@ ssize_t tpm_show_pubek(struct device *de
+
+ struct tpm_chip *chip = dev_get_drvdata(dev);
+
++ pax_track_stack();
++
+ tpm_cmd.header.in = tpm_readpubek_header;
+ err = transmit_cmd(chip, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
+ "attempting to read the PUBEK");
diff -urNp linux-2.6.32.40/drivers/char/tty_io.c linux-2.6.32.40/drivers/char/tty_io.c
--- linux-2.6.32.40/drivers/char/tty_io.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/char/tty_io.c 2011-04-17 15:56:46.000000000 -0400
@@ -26740,6 +27015,30 @@ diff -urNp linux-2.6.32.40/drivers/cpuidle/sysfs.c linux-2.6.32.40/drivers/cpuid
{
kobject_put(&device->kobjs[i]->kobj);
wait_for_completion(&device->kobjs[i]->kobj_unregister);
+diff -urNp linux-2.6.32.40/drivers/crypto/hifn_795x.c linux-2.6.32.40/drivers/crypto/hifn_795x.c
+--- linux-2.6.32.40/drivers/crypto/hifn_795x.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/crypto/hifn_795x.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1655,6 +1655,8 @@ static int hifn_test(struct hifn_device
+ 0xCA, 0x34, 0x2B, 0x2E};
+ struct scatterlist sg;
+
++ pax_track_stack();
++
+ memset(src, 0, sizeof(src));
+ memset(ctx.key, 0, sizeof(ctx.key));
+
+diff -urNp linux-2.6.32.40/drivers/crypto/padlock-aes.c linux-2.6.32.40/drivers/crypto/padlock-aes.c
+--- linux-2.6.32.40/drivers/crypto/padlock-aes.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/crypto/padlock-aes.c 2011-05-16 21:46:57.000000000 -0400
+@@ -108,6 +108,8 @@ static int aes_set_key(struct crypto_tfm
+ struct crypto_aes_ctx gen_aes;
+ int cpu;
+
++ pax_track_stack();
++
+ if (key_len % 8) {
+ *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+ return -EINVAL;
diff -urNp linux-2.6.32.40/drivers/dma/ioat/dma.c linux-2.6.32.40/drivers/dma/ioat/dma.c
--- linux-2.6.32.40/drivers/dma/ioat/dma.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/dma/ioat/dma.c 2011-04-17 15:56:46.000000000 -0400
@@ -26932,6 +27231,26 @@ diff -urNp linux-2.6.32.40/drivers/firewire/core-cdev.c linux-2.6.32.40/drivers/
return -EINVAL;
r = kmalloc(sizeof(*r), GFP_KERNEL);
+diff -urNp linux-2.6.32.40/drivers/firewire/core-transaction.c linux-2.6.32.40/drivers/firewire/core-transaction.c
+--- linux-2.6.32.40/drivers/firewire/core-transaction.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/firewire/core-transaction.c 2011-05-16 21:46:57.000000000 -0400
+@@ -36,6 +36,7 @@
+ #include <linux/string.h>
+ #include <linux/timer.h>
+ #include <linux/types.h>
++#include <linux/sched.h>
+
+ #include <asm/byteorder.h>
+
+@@ -344,6 +345,8 @@ int fw_run_transaction(struct fw_card *c
+ struct transaction_callback_data d;
+ struct fw_transaction t;
+
++ pax_track_stack();
++
+ init_completion(&d.done);
+ d.payload = payload;
+ fw_send_request(card, &t, tcode, destination_id, generation, speed,
diff -urNp linux-2.6.32.40/drivers/firmware/dmi_scan.c linux-2.6.32.40/drivers/firmware/dmi_scan.c
--- linux-2.6.32.40/drivers/firmware/dmi_scan.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/firmware/dmi_scan.c 2011-04-17 15:56:46.000000000 -0400
@@ -27009,7 +27328,7 @@ diff -urNp linux-2.6.32.40/drivers/gpio/vr41xx_giu.c linux-2.6.32.40/drivers/gpi
}
diff -urNp linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c
--- linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c 2011-05-16 21:46:57.000000000 -0400
@@ -573,7 +573,7 @@ static bool drm_encoder_crtc_ok(struct d
struct drm_crtc *tmp;
int crtc_mask = 1;
@@ -27019,6 +27338,15 @@ diff -urNp linux-2.6.32.40/drivers/gpu/drm/drm_crtc_helper.c linux-2.6.32.40/dri
dev = crtc->dev;
+@@ -642,6 +642,8 @@ bool drm_crtc_helper_set_mode(struct drm
+
+ adjusted_mode = drm_mode_duplicate(dev, mode);
+
++ pax_track_stack();
++
+ crtc->enabled = drm_helper_crtc_in_use(crtc);
+
+ if (!crtc->enabled)
diff -urNp linux-2.6.32.40/drivers/gpu/drm/drm_drv.c linux-2.6.32.40/drivers/gpu/drm/drm_drv.c
--- linux-2.6.32.40/drivers/gpu/drm/drm_drv.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/gpu/drm/drm_drv.c 2011-04-17 15:56:46.000000000 -0400
@@ -27707,6 +28035,18 @@ diff -urNp linux-2.6.32.40/drivers/gpu/drm/r128/r128_state.c linux-2.6.32.40/dri
}
}
+diff -urNp linux-2.6.32.40/drivers/gpu/drm/radeon/atom.c linux-2.6.32.40/drivers/gpu/drm/radeon/atom.c
+--- linux-2.6.32.40/drivers/gpu/drm/radeon/atom.c 2011-05-10 22:12:01.000000000 -0400
++++ linux-2.6.32.40/drivers/gpu/drm/radeon/atom.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1115,6 +1115,8 @@ struct atom_context *atom_parse(struct c
+ char name[512];
+ int i;
+
++ pax_track_stack();
++
+ ctx->card = card;
+ ctx->bios = bios;
+
diff -urNp linux-2.6.32.40/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.32.40/drivers/gpu/drm/radeon/mkregtable.c
--- linux-2.6.32.40/drivers/gpu/drm/radeon/mkregtable.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/gpu/drm/radeon/mkregtable.c 2011-04-17 15:56:46.000000000 -0400
@@ -27729,8 +28069,17 @@ diff -urNp linux-2.6.32.40/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.32.40/d
(&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) {
diff -urNp linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c
--- linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c 2011-04-17 15:56:46.000000000 -0400
-@@ -520,13 +520,13 @@ static uint16_t atombios_get_connector_o
++++ linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c 2011-05-16 21:46:57.000000000 -0400
+@@ -275,6 +275,8 @@ bool radeon_get_atom_connector_info_from
+ bool linkb;
+ struct radeon_i2c_bus_rec ddc_bus;
+
++ pax_track_stack();
++
+ atom_parse_data_header(ctx, index, &size, &frev, &crev, &data_offset);
+
+ if (data_offset == 0)
+@@ -520,13 +522,13 @@ static uint16_t atombios_get_connector_o
}
}
@@ -27746,7 +28095,7 @@ diff -urNp linux-2.6.32.40/drivers/gpu/drm/radeon/radeon_atombios.c linux-2.6.32
bool radeon_get_atom_connector_info_from_supported_devices_table(struct
drm_device
-@@ -542,7 +542,6 @@ bool radeon_get_atom_connector_info_from
+@@ -542,7 +544,6 @@ bool radeon_get_atom_connector_info_from
uint8_t dac;
union atom_supported_devices *supported_devices;
int i, j;
@@ -28290,6 +28639,30 @@ diff -urNp linux-2.6.32.40/drivers/ide/ide-cd.c linux-2.6.32.40/drivers/ide/ide-
drive->dma = 0;
}
}
+diff -urNp linux-2.6.32.40/drivers/ide/ide-floppy.c linux-2.6.32.40/drivers/ide/ide-floppy.c
+--- linux-2.6.32.40/drivers/ide/ide-floppy.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/ide/ide-floppy.c 2011-05-16 21:46:57.000000000 -0400
+@@ -373,6 +373,8 @@ static int ide_floppy_get_capacity(ide_d
+ u8 pc_buf[256], header_len, desc_cnt;
+ int i, rc = 1, blocks, length;
+
++ pax_track_stack();
++
+ ide_debug_log(IDE_DBG_FUNC, "enter");
+
+ drive->bios_cyl = 0;
+diff -urNp linux-2.6.32.40/drivers/ide/setup-pci.c linux-2.6.32.40/drivers/ide/setup-pci.c
+--- linux-2.6.32.40/drivers/ide/setup-pci.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/ide/setup-pci.c 2011-05-16 21:46:57.000000000 -0400
+@@ -542,6 +542,8 @@ int ide_pci_init_two(struct pci_dev *dev
+ int ret, i, n_ports = dev2 ? 4 : 2;
+ struct ide_hw hw[4], *hws[] = { NULL, NULL, NULL, NULL };
+
++ pax_track_stack();
++
+ for (i = 0; i < n_ports / 2; i++) {
+ ret = ide_setup_pci_controller(pdev[i], d, !i);
+ if (ret < 0)
diff -urNp linux-2.6.32.40/drivers/ieee1394/dv1394.c linux-2.6.32.40/drivers/ieee1394/dv1394.c
--- linux-2.6.32.40/drivers/ieee1394/dv1394.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/ieee1394/dv1394.c 2011-04-23 12:56:11.000000000 -0400
@@ -28613,6 +28986,18 @@ diff -urNp linux-2.6.32.40/drivers/infiniband/core/uverbs_marshall.c linux-2.6.3
}
EXPORT_SYMBOL(ib_copy_qp_attr_to_user);
+diff -urNp linux-2.6.32.40/drivers/infiniband/hw/ipath/ipath_fs.c linux-2.6.32.40/drivers/infiniband/hw/ipath/ipath_fs.c
+--- linux-2.6.32.40/drivers/infiniband/hw/ipath/ipath_fs.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/infiniband/hw/ipath/ipath_fs.c 2011-05-16 21:46:57.000000000 -0400
+@@ -110,6 +110,8 @@ static ssize_t atomic_counters_read(stru
+ struct infinipath_counters counters;
+ struct ipath_devdata *dd;
+
++ pax_track_stack();
++
+ dd = file->f_path.dentry->d_inode->i_private;
+ dd->ipath_f_read_counters(dd, &counters);
+
diff -urNp linux-2.6.32.40/drivers/infiniband/hw/nes/nes.c linux-2.6.32.40/drivers/infiniband/hw/nes/nes.c
--- linux-2.6.32.40/drivers/infiniband/hw/nes/nes.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/infiniband/hw/nes/nes.c 2011-05-04 17:56:28.000000000 -0400
@@ -28982,6 +29367,26 @@ diff -urNp linux-2.6.32.40/drivers/input/input.c linux-2.6.32.40/drivers/input/i
error = device_add(&dev->dev);
if (error)
+diff -urNp linux-2.6.32.40/drivers/input/joystick/sidewinder.c linux-2.6.32.40/drivers/input/joystick/sidewinder.c
+--- linux-2.6.32.40/drivers/input/joystick/sidewinder.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/input/joystick/sidewinder.c 2011-05-18 20:09:36.000000000 -0400
+@@ -30,6 +30,7 @@
+ #include <linux/kernel.h>
+ #include <linux/module.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+ #include <linux/init.h>
+ #include <linux/input.h>
+ #include <linux/gameport.h>
+@@ -428,6 +429,8 @@ static int sw_read(struct sw *sw)
+ unsigned char buf[SW_LENGTH];
+ int i;
+
++ pax_track_stack();
++
+ i = sw_read_packet(sw->gameport, buf, sw->length, 0);
+
+ if (sw->type == SW_ID_3DP && sw->length == 66 && i != 66) { /* Broken packet, try to fix */
diff -urNp linux-2.6.32.40/drivers/input/joystick/xpad.c linux-2.6.32.40/drivers/input/joystick/xpad.c
--- linux-2.6.32.40/drivers/input/joystick/xpad.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/input/joystick/xpad.c 2011-05-04 17:56:28.000000000 -0400
@@ -29167,6 +29572,128 @@ diff -urNp linux-2.6.32.40/drivers/isdn/hardware/avm/b1.c linux-2.6.32.40/driver
return -EFAULT;
} else {
memcpy(buf, dp, left);
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/capidtmf.c linux-2.6.32.40/drivers/isdn/hardware/eicon/capidtmf.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/capidtmf.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/capidtmf.c 2011-05-16 21:46:57.000000000 -0400
+@@ -498,6 +498,7 @@ void capidtmf_recv_block (t_capidtmf_sta
+ byte goertzel_result_buffer[CAPIDTMF_RECV_TOTAL_FREQUENCY_COUNT];
+ short windowed_sample_buffer[CAPIDTMF_RECV_WINDOWED_SAMPLES];
+
++ pax_track_stack();
+
+ if (p_state->recv.state & CAPIDTMF_RECV_STATE_DTMF_ACTIVE)
+ {
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/capifunc.c linux-2.6.32.40/drivers/isdn/hardware/eicon/capifunc.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/capifunc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/capifunc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1055,6 +1055,8 @@ static int divacapi_connect_didd(void)
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/diddfunc.c linux-2.6.32.40/drivers/isdn/hardware/eicon/diddfunc.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/diddfunc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/diddfunc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -54,6 +54,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/divasfunc.c linux-2.6.32.40/drivers/isdn/hardware/eicon/divasfunc.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/divasfunc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/divasfunc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -161,6 +161,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/idifunc.c linux-2.6.32.40/drivers/isdn/hardware/eicon/idifunc.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/idifunc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/idifunc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -188,6 +188,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/message.c linux-2.6.32.40/drivers/isdn/hardware/eicon/message.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/message.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/message.c 2011-05-16 21:46:57.000000000 -0400
+@@ -4889,6 +4889,8 @@ static void sig_ind(PLCI *plci)
+ dword d;
+ word w;
+
++ pax_track_stack();
++
+ a = plci->adapter;
+ Id = ((word)plci->Id<<8)|a->Id;
+ PUT_WORD(&SS_Ind[4],0x0000);
+@@ -7484,6 +7486,8 @@ static word add_b1(PLCI *plci, API_PARSE
+ word j, n, w;
+ dword d;
+
++ pax_track_stack();
++
+
+ for(i=0;i<8;i++) bp_parms[i].length = 0;
+ for(i=0;i<2;i++) global_config[i].length = 0;
+@@ -7958,6 +7962,8 @@ static word add_b23(PLCI *plci, API_PARS
+ const byte llc3[] = {4,3,2,2,6,6,0};
+ const byte header[] = {0,2,3,3,0,0,0};
+
++ pax_track_stack();
++
+ for(i=0;i<8;i++) bp_parms[i].length = 0;
+ for(i=0;i<6;i++) b2_config_parms[i].length = 0;
+ for(i=0;i<5;i++) b3_config_parms[i].length = 0;
+@@ -14761,6 +14767,8 @@ static void group_optimization(DIVA_CAPI
+ word appl_number_group_type[MAX_APPL];
+ PLCI *auxplci;
+
++ pax_track_stack();
++
+ set_group_ind_mask (plci); /* all APPLs within this inc. call are allowed to dial in */
+
+ if(!a->group_optimization_enabled)
+diff -urNp linux-2.6.32.40/drivers/isdn/hardware/eicon/mntfunc.c linux-2.6.32.40/drivers/isdn/hardware/eicon/mntfunc.c
+--- linux-2.6.32.40/drivers/isdn/hardware/eicon/mntfunc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/hardware/eicon/mntfunc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -79,6 +79,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.32.40/drivers/isdn/i4l/isdn_common.c linux-2.6.32.40/drivers/isdn/i4l/isdn_common.c
+--- linux-2.6.32.40/drivers/isdn/i4l/isdn_common.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/isdn/i4l/isdn_common.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1290,6 +1290,8 @@ isdn_ioctl(struct inode *inode, struct f
+ } iocpar;
+ void __user *argp = (void __user *)arg;
+
++ pax_track_stack();
++
+ #define name iocpar.name
+ #define bname iocpar.bname
+ #define iocts iocpar.iocts
diff -urNp linux-2.6.32.40/drivers/isdn/icn/icn.c linux-2.6.32.40/drivers/isdn/icn/icn.c
--- linux-2.6.32.40/drivers/isdn/icn/icn.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/isdn/icn/icn.c 2011-04-17 15:56:46.000000000 -0400
@@ -29826,7 +30353,7 @@ diff -urNp linux-2.6.32.40/drivers/md/raid1.c linux-2.6.32.40/drivers/md/raid1.c
"(%d sectors at %llu on %s)\n",
diff -urNp linux-2.6.32.40/drivers/md/raid5.c linux-2.6.32.40/drivers/md/raid5.c
--- linux-2.6.32.40/drivers/md/raid5.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/md/raid5.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/drivers/md/raid5.c 2011-05-16 21:46:57.000000000 -0400
@@ -482,7 +482,7 @@ static void ops_run_io(struct stripe_hea
bi->bi_next = NULL;
if (rw == WRITE &&
@@ -29864,6 +30391,47 @@ diff -urNp linux-2.6.32.40/drivers/md/raid5.c linux-2.6.32.40/drivers/md/raid5.c
> conf->max_nr_stripes)
printk(KERN_WARNING
"raid5:%s: Too many read errors, failing device %s.\n",
+@@ -1870,6 +1870,7 @@ static sector_t compute_blocknr(struct s
+ sector_t r_sector;
+ struct stripe_head sh2;
+
++ pax_track_stack();
+
+ chunk_offset = sector_div(new_sector, sectors_per_chunk);
+ stripe = new_sector;
+diff -urNp linux-2.6.32.40/drivers/media/common/saa7146_hlp.c linux-2.6.32.40/drivers/media/common/saa7146_hlp.c
+--- linux-2.6.32.40/drivers/media/common/saa7146_hlp.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/common/saa7146_hlp.c 2011-05-16 21:46:57.000000000 -0400
+@@ -353,6 +353,8 @@ static void calculate_clipping_registers
+
+ int x[32], y[32], w[32], h[32];
+
++ pax_track_stack();
++
+ /* clear out memory */
+ memset(&line_list[0], 0x00, sizeof(u32)*32);
+ memset(&pixel_list[0], 0x00, sizeof(u32)*32);
+diff -urNp linux-2.6.32.40/drivers/media/dvb/dvb-core/dvb_ca_en50221.c linux-2.6.32.40/drivers/media/dvb/dvb-core/dvb_ca_en50221.c
+--- linux-2.6.32.40/drivers/media/dvb/dvb-core/dvb_ca_en50221.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/dvb/dvb-core/dvb_ca_en50221.c 2011-05-16 21:46:57.000000000 -0400
+@@ -590,6 +590,8 @@ static int dvb_ca_en50221_read_data(stru
+ u8 buf[HOST_LINK_BUF_SIZE];
+ int i;
+
++ pax_track_stack();
++
+ dprintk("%s\n", __func__);
+
+ /* check if we have space for a link buf in the rx_buffer */
+@@ -1285,6 +1287,8 @@ static ssize_t dvb_ca_en50221_io_write(s
+ unsigned long timeout;
+ int written;
+
++ pax_track_stack();
++
+ dprintk("%s\n", __func__);
+
+ /* Incoming packet has a 2 byte header. hdr[0] = slot_id, hdr[1] = connection_id */
diff -urNp linux-2.6.32.40/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.32.40/drivers/media/dvb/dvb-core/dvbdev.c
--- linux-2.6.32.40/drivers/media/dvb/dvb-core/dvbdev.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/media/dvb/dvb-core/dvbdev.c 2011-04-17 15:56:46.000000000 -0400
@@ -29875,6 +30443,30 @@ diff -urNp linux-2.6.32.40/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.32.40/d
struct file_operations *dvbdevfops;
struct device *clsdev;
int minor;
+diff -urNp linux-2.6.32.40/drivers/media/dvb/dvb-usb/dib0700_core.c linux-2.6.32.40/drivers/media/dvb/dvb-usb/dib0700_core.c
+--- linux-2.6.32.40/drivers/media/dvb/dvb-usb/dib0700_core.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/dvb/dvb-usb/dib0700_core.c 2011-05-16 21:46:57.000000000 -0400
+@@ -332,6 +332,8 @@ int dib0700_download_firmware(struct usb
+
+ u8 buf[260];
+
++ pax_track_stack();
++
+ while ((ret = dvb_usb_get_hexline(fw, &hx, &pos)) > 0) {
+ deb_fwdata("writing to address 0x%08x (buffer: 0x%02x %02x)\n",hx.addr, hx.len, hx.chk);
+
+diff -urNp linux-2.6.32.40/drivers/media/dvb/frontends/or51211.c linux-2.6.32.40/drivers/media/dvb/frontends/or51211.c
+--- linux-2.6.32.40/drivers/media/dvb/frontends/or51211.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/dvb/frontends/or51211.c 2011-05-16 21:46:57.000000000 -0400
+@@ -113,6 +113,8 @@ static int or51211_load_firmware (struct
+ u8 tudata[585];
+ int i;
+
++ pax_track_stack();
++
+ dprintk("Firmware is %zd bytes\n",fw->size);
+
+ /* Get eprom data */
diff -urNp linux-2.6.32.40/drivers/media/radio/radio-cadet.c linux-2.6.32.40/drivers/media/radio/radio-cadet.c
--- linux-2.6.32.40/drivers/media/radio/radio-cadet.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/media/radio/radio-cadet.c 2011-04-17 15:56:46.000000000 -0400
@@ -29889,7 +30481,7 @@ diff -urNp linux-2.6.32.40/drivers/media/radio/radio-cadet.c linux-2.6.32.40/dri
}
diff -urNp linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c
--- linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c 2011-05-16 21:46:57.000000000 -0400
@@ -56,7 +56,7 @@ static struct pci_device_id cx18_pci_tbl
MODULE_DEVICE_TABLE(pci, cx18_pci_tbl);
@@ -29899,7 +30491,16 @@ diff -urNp linux-2.6.32.40/drivers/media/video/cx18/cx18-driver.c linux-2.6.32.4
/* Parameter declarations */
static int cardtype[CX18_MAX_CARDS];
-@@ -800,7 +800,7 @@ static int __devinit cx18_probe(struct p
+@@ -288,6 +288,8 @@ void cx18_read_eeprom(struct cx18 *cx, s
+ struct i2c_client c;
+ u8 eedata[256];
+
++ pax_track_stack();
++
+ memset(&c, 0, sizeof(c));
+ strlcpy(c.name, "cx18 tveeprom tmp", sizeof(c.name));
+ c.adapter = &cx->i2c_adap[0];
+@@ -800,7 +802,7 @@ static int __devinit cx18_probe(struct p
struct cx18 *cx;
/* FIXME - module parameter arrays constrain max instances */
@@ -29944,6 +30545,51 @@ diff -urNp linux-2.6.32.40/drivers/media/video/omap24xxcam.h linux-2.6.32.40/dri
/* accessing cam here doesn't need serialisation: it's constant */
struct omap24xxcam_device *cam;
};
+diff -urNp linux-2.6.32.40/drivers/media/video/pvrusb2/pvrusb2-eeprom.c linux-2.6.32.40/drivers/media/video/pvrusb2/pvrusb2-eeprom.c
+--- linux-2.6.32.40/drivers/media/video/pvrusb2/pvrusb2-eeprom.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/pvrusb2/pvrusb2-eeprom.c 2011-05-16 21:46:57.000000000 -0400
+@@ -119,6 +119,8 @@ int pvr2_eeprom_analyze(struct pvr2_hdw
+ u8 *eeprom;
+ struct tveeprom tvdata;
+
++ pax_track_stack();
++
+ memset(&tvdata,0,sizeof(tvdata));
+
+ eeprom = pvr2_eeprom_fetch(hdw);
+diff -urNp linux-2.6.32.40/drivers/media/video/saa7134/saa6752hs.c linux-2.6.32.40/drivers/media/video/saa7134/saa6752hs.c
+--- linux-2.6.32.40/drivers/media/video/saa7134/saa6752hs.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/saa7134/saa6752hs.c 2011-05-16 21:46:57.000000000 -0400
+@@ -683,6 +683,8 @@ static int saa6752hs_init(struct v4l2_su
+ unsigned char localPAT[256];
+ unsigned char localPMT[256];
+
++ pax_track_stack();
++
+ /* Set video format - must be done first as it resets other settings */
+ set_reg8(client, 0x41, h->video_format);
+
+diff -urNp linux-2.6.32.40/drivers/media/video/saa7164/saa7164-cmd.c linux-2.6.32.40/drivers/media/video/saa7164/saa7164-cmd.c
+--- linux-2.6.32.40/drivers/media/video/saa7164/saa7164-cmd.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/saa7164/saa7164-cmd.c 2011-05-16 21:46:57.000000000 -0400
+@@ -87,6 +87,8 @@ int saa7164_irq_dequeue(struct saa7164_d
+ wait_queue_head_t *q = 0;
+ dprintk(DBGLVL_CMD, "%s()\n", __func__);
+
++ pax_track_stack();
++
+ /* While any outstand message on the bus exists... */
+ do {
+
+@@ -126,6 +128,8 @@ int saa7164_cmd_dequeue(struct saa7164_d
+ u8 tmp[512];
+ dprintk(DBGLVL_CMD, "%s()\n", __func__);
+
++ pax_track_stack();
++
+ while (loop) {
+
+ tmComResInfo_t tRsp = { 0, 0, 0, 0, 0, 0 };
diff -urNp linux-2.6.32.40/drivers/media/video/usbvideo/konicawc.c linux-2.6.32.40/drivers/media/video/usbvideo/konicawc.c
--- linux-2.6.32.40/drivers/media/video/usbvideo/konicawc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/media/video/usbvideo/konicawc.c 2011-04-17 15:56:46.000000000 -0400
@@ -29968,6 +30614,18 @@ diff -urNp linux-2.6.32.40/drivers/media/video/usbvideo/quickcam_messenger.c lin
cam->input = input_dev = input_allocate_device();
if (!input_dev) {
+diff -urNp linux-2.6.32.40/drivers/media/video/usbvision/usbvision-core.c linux-2.6.32.40/drivers/media/video/usbvision/usbvision-core.c
+--- linux-2.6.32.40/drivers/media/video/usbvision/usbvision-core.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/usbvision/usbvision-core.c 2011-05-16 21:46:57.000000000 -0400
+@@ -820,6 +820,8 @@ static enum ParseState usbvision_parse_c
+ unsigned char rv, gv, bv;
+ static unsigned char *Y, *U, *V;
+
++ pax_track_stack();
++
+ frame = usbvision->curFrame;
+ imageSize = frame->frmwidth * frame->frmheight;
+ if ( (frame->v4l2_format.format == V4L2_PIX_FMT_YUV422P) ||
diff -urNp linux-2.6.32.40/drivers/media/video/v4l2-device.c linux-2.6.32.40/drivers/media/video/v4l2-device.c
--- linux-2.6.32.40/drivers/media/video/v4l2-device.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/media/video/v4l2-device.c 2011-05-04 17:56:28.000000000 -0400
@@ -29983,6 +30641,18 @@ diff -urNp linux-2.6.32.40/drivers/media/video/v4l2-device.c linux-2.6.32.40/dri
int len = strlen(basename);
if (basename[len - 1] >= '0' && basename[len - 1] <= '9')
+diff -urNp linux-2.6.32.40/drivers/media/video/videobuf-dma-sg.c linux-2.6.32.40/drivers/media/video/videobuf-dma-sg.c
+--- linux-2.6.32.40/drivers/media/video/videobuf-dma-sg.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/media/video/videobuf-dma-sg.c 2011-05-16 21:46:57.000000000 -0400
+@@ -693,6 +693,8 @@ void *videobuf_sg_alloc(size_t size)
+ {
+ struct videobuf_queue q;
+
++ pax_track_stack();
++
+ /* Required to make generic handler to call __videobuf_alloc */
+ q.int_ops = &sg_ops;
+
diff -urNp linux-2.6.32.40/drivers/message/fusion/mptbase.c linux-2.6.32.40/drivers/message/fusion/mptbase.c
--- linux-2.6.32.40/drivers/message/fusion/mptbase.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/message/fusion/mptbase.c 2011-04-17 15:56:46.000000000 -0400
@@ -30080,6 +30750,18 @@ diff -urNp linux-2.6.32.40/drivers/message/fusion/mptscsih.c linux-2.6.32.40/dri
return h->info_kbuf;
}
+diff -urNp linux-2.6.32.40/drivers/message/i2o/i2o_config.c linux-2.6.32.40/drivers/message/i2o/i2o_config.c
+--- linux-2.6.32.40/drivers/message/i2o/i2o_config.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/message/i2o/i2o_config.c 2011-05-16 21:46:57.000000000 -0400
+@@ -787,6 +787,8 @@ static int i2o_cfg_passthru(unsigned lon
+ struct i2o_message *msg;
+ unsigned int iop;
+
++ pax_track_stack();
++
+ if (get_user(iop, &cmd->iop) || get_user(user_msg, &cmd->msg))
+ return -EFAULT;
+
diff -urNp linux-2.6.32.40/drivers/message/i2o/i2o_proc.c linux-2.6.32.40/drivers/message/i2o/i2o_proc.c
--- linux-2.6.32.40/drivers/message/i2o/i2o_proc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/message/i2o/i2o_proc.c 2011-04-17 15:56:46.000000000 -0400
@@ -30195,6 +30877,18 @@ diff -urNp linux-2.6.32.40/drivers/message/i2o/iop.c linux-2.6.32.40/drivers/mes
INIT_LIST_HEAD(&c->context_list);
#endif
+diff -urNp linux-2.6.32.40/drivers/mfd/wm8350-i2c.c linux-2.6.32.40/drivers/mfd/wm8350-i2c.c
+--- linux-2.6.32.40/drivers/mfd/wm8350-i2c.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mfd/wm8350-i2c.c 2011-05-16 21:46:57.000000000 -0400
+@@ -43,6 +43,8 @@ static int wm8350_i2c_write_device(struc
+ u8 msg[(WM8350_MAX_REGISTER << 1) + 1];
+ int ret;
+
++ pax_track_stack();
++
+ if (bytes > ((WM8350_MAX_REGISTER << 1) + 1))
+ return -EINVAL;
+
diff -urNp linux-2.6.32.40/drivers/misc/kgdbts.c linux-2.6.32.40/drivers/misc/kgdbts.c
--- linux-2.6.32.40/drivers/misc/kgdbts.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/misc/kgdbts.c 2011-04-17 15:56:46.000000000 -0400
@@ -30442,6 +31136,84 @@ diff -urNp linux-2.6.32.40/drivers/misc/sgi-gru/grutables.h linux-2.6.32.40/driv
} while (0)
#ifdef CONFIG_SGI_GRU_DEBUG
+diff -urNp linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0001.c linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0001.c
+--- linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0001.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0001.c 2011-05-16 21:46:57.000000000 -0400
+@@ -743,6 +743,8 @@ static int chip_ready (struct map_info *
+ struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
+ unsigned long timeo = jiffies + HZ;
+
++ pax_track_stack();
++
+ /* Prevent setting state FL_SYNCING for chip in suspended state. */
+ if (mode == FL_SYNCING && chip->oldstate != FL_READY)
+ goto sleep;
+@@ -1642,6 +1644,8 @@ static int __xipram do_write_buffer(stru
+ unsigned long initial_adr;
+ int initial_len = len;
+
++ pax_track_stack();
++
+ wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
+ adr += chip->start;
+ initial_adr = adr;
+@@ -1860,6 +1864,8 @@ static int __xipram do_erase_oneblock(st
+ int retries = 3;
+ int ret;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ retry:
+diff -urNp linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0020.c linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0020.c
+--- linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0020.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/chips/cfi_cmdset_0020.c 2011-05-16 21:46:57.000000000 -0400
+@@ -255,6 +255,8 @@ static inline int do_read_onechip(struct
+ unsigned long cmd_addr;
+ struct cfi_private *cfi = map->fldrv_priv;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Ensure cmd read/writes are aligned. */
+@@ -428,6 +430,8 @@ static inline int do_write_buffer(struct
+ DECLARE_WAITQUEUE(wait, current);
+ int wbufsize, z;
+
++ pax_track_stack();
++
+ /* M58LW064A requires bus alignment for buffer wriets -- saw */
+ if (adr & (map_bankwidth(map)-1))
+ return -EINVAL;
+@@ -742,6 +746,8 @@ static inline int do_erase_oneblock(stru
+ DECLARE_WAITQUEUE(wait, current);
+ int ret = 0;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
+@@ -1047,6 +1053,8 @@ static inline int do_lock_oneblock(struc
+ unsigned long timeo = jiffies + HZ;
+ DECLARE_WAITQUEUE(wait, current);
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
+@@ -1196,6 +1204,8 @@ static inline int do_unlock_oneblock(str
+ unsigned long timeo = jiffies + HZ;
+ DECLARE_WAITQUEUE(wait, current);
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
diff -urNp linux-2.6.32.40/drivers/mtd/devices/doc2000.c linux-2.6.32.40/drivers/mtd/devices/doc2000.c
--- linux-2.6.32.40/drivers/mtd/devices/doc2000.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/mtd/devices/doc2000.c 2011-04-17 15:56:46.000000000 -0400
@@ -30466,6 +31238,98 @@ diff -urNp linux-2.6.32.40/drivers/mtd/devices/doc2001.c linux-2.6.32.40/drivers
return -EINVAL;
/* Don't allow a single read to cross a 512-byte block boundary */
+diff -urNp linux-2.6.32.40/drivers/mtd/ftl.c linux-2.6.32.40/drivers/mtd/ftl.c
+--- linux-2.6.32.40/drivers/mtd/ftl.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/ftl.c 2011-05-16 21:46:57.000000000 -0400
+@@ -474,6 +474,8 @@ static int copy_erase_unit(partition_t *
+ loff_t offset;
+ uint16_t srcunitswap = cpu_to_le16(srcunit);
+
++ pax_track_stack();
++
+ eun = &part->EUNInfo[srcunit];
+ xfer = &part->XferInfo[xferunit];
+ DEBUG(2, "ftl_cs: copying block 0x%x to 0x%x\n",
+diff -urNp linux-2.6.32.40/drivers/mtd/inftlcore.c linux-2.6.32.40/drivers/mtd/inftlcore.c
+--- linux-2.6.32.40/drivers/mtd/inftlcore.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/inftlcore.c 2011-05-16 21:46:57.000000000 -0400
+@@ -260,6 +260,8 @@ static u16 INFTL_foldchain(struct INFTLr
+ struct inftl_oob oob;
+ size_t retlen;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_foldchain(inftl=%p,thisVUC=%d,"
+ "pending=%d)\n", inftl, thisVUC, pendingblock);
+
+diff -urNp linux-2.6.32.40/drivers/mtd/inftlmount.c linux-2.6.32.40/drivers/mtd/inftlmount.c
+--- linux-2.6.32.40/drivers/mtd/inftlmount.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/inftlmount.c 2011-05-16 21:46:57.000000000 -0400
+@@ -54,6 +54,8 @@ static int find_boot_record(struct INFTL
+ struct INFTLPartition *ip;
+ size_t retlen;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL3, "INFTL: find_boot_record(inftl=%p)\n", inftl);
+
+ /*
+diff -urNp linux-2.6.32.40/drivers/mtd/lpddr/qinfo_probe.c linux-2.6.32.40/drivers/mtd/lpddr/qinfo_probe.c
+--- linux-2.6.32.40/drivers/mtd/lpddr/qinfo_probe.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/lpddr/qinfo_probe.c 2011-05-16 21:46:57.000000000 -0400
+@@ -106,6 +106,8 @@ static int lpddr_pfow_present(struct map
+ {
+ map_word pfow_val[4];
+
++ pax_track_stack();
++
+ /* Check identification string */
+ pfow_val[0] = map_read(map, map->pfow_base + PFOW_QUERY_STRING_P);
+ pfow_val[1] = map_read(map, map->pfow_base + PFOW_QUERY_STRING_F);
+diff -urNp linux-2.6.32.40/drivers/mtd/mtdchar.c linux-2.6.32.40/drivers/mtd/mtdchar.c
+--- linux-2.6.32.40/drivers/mtd/mtdchar.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/mtdchar.c 2011-05-16 21:46:57.000000000 -0400
+@@ -460,6 +460,8 @@ static int mtd_ioctl(struct inode *inode
+ u_long size;
+ struct mtd_info_user info;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL0, "MTD_ioctl\n");
+
+ size = (cmd & IOCSIZE_MASK) >> IOCSIZE_SHIFT;
+diff -urNp linux-2.6.32.40/drivers/mtd/nftlcore.c linux-2.6.32.40/drivers/mtd/nftlcore.c
+--- linux-2.6.32.40/drivers/mtd/nftlcore.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/nftlcore.c 2011-05-16 21:46:57.000000000 -0400
+@@ -254,6 +254,8 @@ static u16 NFTL_foldchain (struct NFTLre
+ int inplace = 1;
+ size_t retlen;
+
++ pax_track_stack();
++
+ memset(BlockMap, 0xff, sizeof(BlockMap));
+ memset(BlockFreeFound, 0, sizeof(BlockFreeFound));
+
+diff -urNp linux-2.6.32.40/drivers/mtd/nftlmount.c linux-2.6.32.40/drivers/mtd/nftlmount.c
+--- linux-2.6.32.40/drivers/mtd/nftlmount.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/mtd/nftlmount.c 2011-05-18 20:09:37.000000000 -0400
+@@ -23,6 +23,7 @@
+ #include <asm/errno.h>
+ #include <linux/delay.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+ #include <linux/mtd/mtd.h>
+ #include <linux/mtd/nand.h>
+ #include <linux/mtd/nftl.h>
+@@ -44,6 +45,8 @@ static int find_boot_record(struct NFTLr
+ struct mtd_info *mtd = nftl->mbd.mtd;
+ unsigned int i;
+
++ pax_track_stack();
++
+ /* Assume logical EraseSize == physical erasesize for starting the scan.
+ We'll sort it out later if we find a MediaHeader which says otherwise */
+ /* Actually, we won't. The new DiskOnChip driver has already scanned
diff -urNp linux-2.6.32.40/drivers/mtd/ubi/build.c linux-2.6.32.40/drivers/mtd/ubi/build.c
--- linux-2.6.32.40/drivers/mtd/ubi/build.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/mtd/ubi/build.c 2011-04-17 15:56:46.000000000 -0400
@@ -30508,6 +31372,30 @@ diff -urNp linux-2.6.32.40/drivers/mtd/ubi/build.c linux-2.6.32.40/drivers/mtd/u
}
/**
+diff -urNp linux-2.6.32.40/drivers/net/bnx2.c linux-2.6.32.40/drivers/net/bnx2.c
+--- linux-2.6.32.40/drivers/net/bnx2.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/bnx2.c 2011-05-16 21:46:57.000000000 -0400
+@@ -5809,6 +5809,8 @@ bnx2_test_nvram(struct bnx2 *bp)
+ int rc = 0;
+ u32 magic, csum;
+
++ pax_track_stack();
++
+ if ((rc = bnx2_nvram_read(bp, 0, data, 4)) != 0)
+ goto test_nvram_done;
+
+diff -urNp linux-2.6.32.40/drivers/net/cxgb3/t3_hw.c linux-2.6.32.40/drivers/net/cxgb3/t3_hw.c
+--- linux-2.6.32.40/drivers/net/cxgb3/t3_hw.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/cxgb3/t3_hw.c 2011-05-16 21:46:57.000000000 -0400
+@@ -699,6 +699,8 @@ static int get_vpd_params(struct adapter
+ int i, addr, ret;
+ struct t3_vpd vpd;
+
++ pax_track_stack();
++
+ /*
+ * Card information is normally at VPD_BASE but some early cards had
+ * it at 0.
diff -urNp linux-2.6.32.40/drivers/net/e1000e/82571.c linux-2.6.32.40/drivers/net/e1000e/82571.c
--- linux-2.6.32.40/drivers/net/e1000e/82571.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/e1000e/82571.c 2011-04-17 15:56:46.000000000 -0400
@@ -30710,6 +31598,18 @@ diff -urNp linux-2.6.32.40/drivers/net/e1000e/ich8lan.c linux-2.6.32.40/drivers/
.acquire_nvm = e1000_acquire_nvm_ich8lan,
.read_nvm = e1000_read_nvm_ich8lan,
.release_nvm = e1000_release_nvm_ich8lan,
+diff -urNp linux-2.6.32.40/drivers/net/hamradio/6pack.c linux-2.6.32.40/drivers/net/hamradio/6pack.c
+--- linux-2.6.32.40/drivers/net/hamradio/6pack.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/hamradio/6pack.c 2011-05-16 21:46:57.000000000 -0400
+@@ -461,6 +461,8 @@ static void sixpack_receive_buf(struct t
+ unsigned char buf[512];
+ int count1;
+
++ pax_track_stack();
++
+ if (!count)
+ return;
+
diff -urNp linux-2.6.32.40/drivers/net/ibmveth.c linux-2.6.32.40/drivers/net/ibmveth.c
--- linux-2.6.32.40/drivers/net/ibmveth.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/ibmveth.c 2011-04-17 15:56:46.000000000 -0400
@@ -30799,6 +31699,63 @@ diff -urNp linux-2.6.32.40/drivers/net/iseries_veth.c linux-2.6.32.40/drivers/ne
.show = veth_port_attribute_show
};
+diff -urNp linux-2.6.32.40/drivers/net/ixgb/ixgb_main.c linux-2.6.32.40/drivers/net/ixgb/ixgb_main.c
+--- linux-2.6.32.40/drivers/net/ixgb/ixgb_main.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/ixgb/ixgb_main.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1052,6 +1052,8 @@ ixgb_set_multi(struct net_device *netdev
+ u32 rctl;
+ int i;
+
++ pax_track_stack();
++
+ /* Check for Promiscuous and All Multicast modes */
+
+ rctl = IXGB_READ_REG(hw, RCTL);
+diff -urNp linux-2.6.32.40/drivers/net/ixgb/ixgb_param.c linux-2.6.32.40/drivers/net/ixgb/ixgb_param.c
+--- linux-2.6.32.40/drivers/net/ixgb/ixgb_param.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/ixgb/ixgb_param.c 2011-05-16 21:46:57.000000000 -0400
+@@ -260,6 +260,9 @@ void __devinit
+ ixgb_check_options(struct ixgb_adapter *adapter)
+ {
+ int bd = adapter->bd_number;
++
++ pax_track_stack();
++
+ if (bd >= IXGB_MAX_NIC) {
+ printk(KERN_NOTICE
+ "Warning: no configuration for board #%i\n", bd);
+diff -urNp linux-2.6.32.40/drivers/net/mlx4/main.c linux-2.6.32.40/drivers/net/mlx4/main.c
+--- linux-2.6.32.40/drivers/net/mlx4/main.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/mlx4/main.c 2011-05-18 20:09:37.000000000 -0400
+@@ -38,6 +38,7 @@
+ #include <linux/errno.h>
+ #include <linux/pci.h>
+ #include <linux/dma-mapping.h>
++#include <linux/sched.h>
+
+ #include <linux/mlx4/device.h>
+ #include <linux/mlx4/doorbell.h>
+@@ -730,6 +731,8 @@ static int mlx4_init_hca(struct mlx4_dev
+ u64 icm_size;
+ int err;
+
++ pax_track_stack();
++
+ err = mlx4_QUERY_FW(dev);
+ if (err) {
+ if (err == -EACCES)
+diff -urNp linux-2.6.32.40/drivers/net/niu.c linux-2.6.32.40/drivers/net/niu.c
+--- linux-2.6.32.40/drivers/net/niu.c 2011-05-10 22:12:01.000000000 -0400
++++ linux-2.6.32.40/drivers/net/niu.c 2011-05-16 21:46:57.000000000 -0400
+@@ -9128,6 +9128,8 @@ static void __devinit niu_try_msix(struc
+ int i, num_irqs, err;
+ u8 first_ldg;
+
++ pax_track_stack();
++
+ first_ldg = (NIU_NUM_LDG / parent->num_ports) * np->port;
+ for (i = 0; i < (NIU_NUM_LDG / parent->num_ports); i++)
+ ldg_num_map[i] = first_ldg + i;
diff -urNp linux-2.6.32.40/drivers/net/pcnet32.c linux-2.6.32.40/drivers/net/pcnet32.c
--- linux-2.6.32.40/drivers/net/pcnet32.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/pcnet32.c 2011-04-17 15:56:46.000000000 -0400
@@ -30822,6 +31779,18 @@ diff -urNp linux-2.6.32.40/drivers/net/tg3.h linux-2.6.32.40/drivers/net/tg3.h
#define CHIPREV_ID_5750_C2 0x4202
#define CHIPREV_ID_5752_A0_HW 0x5000
#define CHIPREV_ID_5752_A0 0x6000
+diff -urNp linux-2.6.32.40/drivers/net/tulip/de2104x.c linux-2.6.32.40/drivers/net/tulip/de2104x.c
+--- linux-2.6.32.40/drivers/net/tulip/de2104x.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/tulip/de2104x.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1785,6 +1785,8 @@ static void __devinit de21041_get_srom_i
+ struct de_srom_info_leaf *il;
+ void *bufp;
+
++ pax_track_stack();
++
+ /* download entire eeprom */
+ for (i = 0; i < DE_EEPROM_WORDS; i++)
+ ((__le16 *)ee_data)[i] =
diff -urNp linux-2.6.32.40/drivers/net/tulip/de4x5.c linux-2.6.32.40/drivers/net/tulip/de4x5.c
--- linux-2.6.32.40/drivers/net/tulip/de4x5.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/tulip/de4x5.c 2011-04-17 15:56:46.000000000 -0400
@@ -30933,6 +31902,150 @@ diff -urNp linux-2.6.32.40/drivers/net/usb/hso.c linux-2.6.32.40/drivers/net/usb
result =
hso_start_serial_device(serial_table[i], GFP_NOIO);
hso_kick_transmit(dev2ser(serial_table[i]));
+diff -urNp linux-2.6.32.40/drivers/net/vxge/vxge-main.c linux-2.6.32.40/drivers/net/vxge/vxge-main.c
+--- linux-2.6.32.40/drivers/net/vxge/vxge-main.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/vxge/vxge-main.c 2011-05-16 21:46:57.000000000 -0400
+@@ -93,6 +93,8 @@ static inline void VXGE_COMPLETE_VPATH_T
+ struct sk_buff *completed[NR_SKB_COMPLETED];
+ int more;
+
++ pax_track_stack();
++
+ do {
+ more = 0;
+ skb_ptr = completed;
+@@ -1779,6 +1781,8 @@ static enum vxge_hw_status vxge_rth_conf
+ u8 mtable[256] = {0}; /* CPU to vpath mapping */
+ int index;
+
++ pax_track_stack();
++
+ /*
+ * Filling
+ * - itable with bucket numbers
+diff -urNp linux-2.6.32.40/drivers/net/wan/cycx_x25.c linux-2.6.32.40/drivers/net/wan/cycx_x25.c
+--- linux-2.6.32.40/drivers/net/wan/cycx_x25.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wan/cycx_x25.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1017,6 +1017,8 @@ static void hex_dump(char *msg, unsigned
+ unsigned char hex[1024],
+ * phex = hex;
+
++ pax_track_stack();
++
+ if (len >= (sizeof(hex) / 2))
+ len = (sizeof(hex) / 2) - 1;
+
+diff -urNp linux-2.6.32.40/drivers/net/wimax/i2400m/usb-fw.c linux-2.6.32.40/drivers/net/wimax/i2400m/usb-fw.c
+--- linux-2.6.32.40/drivers/net/wimax/i2400m/usb-fw.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wimax/i2400m/usb-fw.c 2011-05-16 21:46:57.000000000 -0400
+@@ -263,6 +263,8 @@ ssize_t i2400mu_bus_bm_wait_for_ack(stru
+ int do_autopm = 1;
+ DECLARE_COMPLETION_ONSTACK(notif_completion);
+
++ pax_track_stack();
++
+ d_fnstart(8, dev, "(i2400m %p ack %p size %zu)\n",
+ i2400m, ack, ack_size);
+ BUG_ON(_ack == i2400m->bm_ack_buf);
+diff -urNp linux-2.6.32.40/drivers/net/wireless/airo.c linux-2.6.32.40/drivers/net/wireless/airo.c
+--- linux-2.6.32.40/drivers/net/wireless/airo.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/airo.c 2011-05-16 21:46:57.000000000 -0400
+@@ -3003,6 +3003,8 @@ static void airo_process_scan_results (s
+ BSSListElement * loop_net;
+ BSSListElement * tmp_net;
+
++ pax_track_stack();
++
+ /* Blow away current list of scan results */
+ list_for_each_entry_safe (loop_net, tmp_net, &ai->network_list, list) {
+ list_move_tail (&loop_net->list, &ai->network_free_list);
+@@ -3783,6 +3785,8 @@ static u16 setup_card(struct airo_info *
+ WepKeyRid wkr;
+ int rc;
+
++ pax_track_stack();
++
+ memset( &mySsid, 0, sizeof( mySsid ) );
+ kfree (ai->flash);
+ ai->flash = NULL;
+@@ -4758,6 +4762,8 @@ static int proc_stats_rid_open( struct i
+ __le32 *vals = stats.vals;
+ int len;
+
++ pax_track_stack();
++
+ if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
+ return -ENOMEM;
+ data = (struct proc_data *)file->private_data;
+@@ -5487,6 +5493,8 @@ static int proc_BSSList_open( struct ino
+ /* If doLoseSync is not 1, we won't do a Lose Sync */
+ int doLoseSync = -1;
+
++ pax_track_stack();
++
+ if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
+ return -ENOMEM;
+ data = (struct proc_data *)file->private_data;
+@@ -7193,6 +7201,8 @@ static int airo_get_aplist(struct net_de
+ int i;
+ int loseSync = capable(CAP_NET_ADMIN) ? 1: -1;
+
++ pax_track_stack();
++
+ qual = kmalloc(IW_MAX_AP * sizeof(*qual), GFP_KERNEL);
+ if (!qual)
+ return -ENOMEM;
+@@ -7753,6 +7763,8 @@ static void airo_read_wireless_stats(str
+ CapabilityRid cap_rid;
+ __le32 *vals = stats_rid.vals;
+
++ pax_track_stack();
++
+ /* Get stats out of the card */
+ clear_bit(JOB_WSTATS, &local->jobs);
+ if (local->power.event) {
+diff -urNp linux-2.6.32.40/drivers/net/wireless/ath/ath5k/debug.c linux-2.6.32.40/drivers/net/wireless/ath/ath5k/debug.c
+--- linux-2.6.32.40/drivers/net/wireless/ath/ath5k/debug.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/ath/ath5k/debug.c 2011-05-16 21:46:57.000000000 -0400
+@@ -205,6 +205,8 @@ static ssize_t read_file_beacon(struct f
+ unsigned int v;
+ u64 tsf;
+
++ pax_track_stack();
++
+ v = ath5k_hw_reg_read(sc->ah, AR5K_BEACON);
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "%-24s0x%08x\tintval: %d\tTIM: 0x%x\n",
+@@ -318,6 +320,8 @@ static ssize_t read_file_debug(struct fi
+ unsigned int len = 0;
+ unsigned int i;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "DEBUG LEVEL: 0x%08x\n\n", sc->debug.level);
+
+diff -urNp linux-2.6.32.40/drivers/net/wireless/ath/ath9k/debug.c linux-2.6.32.40/drivers/net/wireless/ath/ath9k/debug.c
+--- linux-2.6.32.40/drivers/net/wireless/ath/ath9k/debug.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/ath/ath9k/debug.c 2011-05-16 21:46:57.000000000 -0400
+@@ -220,6 +220,8 @@ static ssize_t read_file_interrupt(struc
+ char buf[512];
+ unsigned int len = 0;
+
++ pax_track_stack();
++
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "%8s: %10u\n", "RX", sc->debug.stats.istats.rxok);
+ len += snprintf(buf + len, sizeof(buf) - len,
+@@ -360,6 +362,8 @@ static ssize_t read_file_wiphy(struct fi
+ int i;
+ u8 addr[ETH_ALEN];
+
++ pax_track_stack();
++
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "primary: %s (%s chan=%d ht=%d)\n",
+ wiphy_name(sc->pri_wiphy->hw->wiphy),
diff -urNp linux-2.6.32.40/drivers/net/wireless/b43/debugfs.c linux-2.6.32.40/drivers/net/wireless/b43/debugfs.c
--- linux-2.6.32.40/drivers/net/wireless/b43/debugfs.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/wireless/b43/debugfs.c 2011-04-17 15:56:46.000000000 -0400
@@ -30957,6 +32070,39 @@ diff -urNp linux-2.6.32.40/drivers/net/wireless/b43legacy/debugfs.c linux-2.6.32
/* Offset of struct b43legacy_dfs_file in struct b43legacy_dfsentry */
size_t file_struct_offset;
/* Take wl->irq_lock before calling read/write? */
+diff -urNp linux-2.6.32.40/drivers/net/wireless/ipw2x00/ipw2100.c linux-2.6.32.40/drivers/net/wireless/ipw2x00/ipw2100.c
+--- linux-2.6.32.40/drivers/net/wireless/ipw2x00/ipw2100.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/ipw2x00/ipw2100.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2014,6 +2014,8 @@ static int ipw2100_set_essid(struct ipw2
+ int err;
+ DECLARE_SSID_BUF(ssid);
+
++ pax_track_stack();
++
+ IPW_DEBUG_HC("SSID: '%s'\n", print_ssid(ssid, essid, ssid_len));
+
+ if (ssid_len)
+@@ -5380,6 +5382,8 @@ static int ipw2100_set_key(struct ipw210
+ struct ipw2100_wep_key *wep_key = (void *)cmd.host_command_parameters;
+ int err;
+
++ pax_track_stack();
++
+ IPW_DEBUG_HC("WEP_KEY_INFO: index = %d, len = %d/%d\n",
+ idx, keylen, len);
+
+diff -urNp linux-2.6.32.40/drivers/net/wireless/ipw2x00/libipw_rx.c linux-2.6.32.40/drivers/net/wireless/ipw2x00/libipw_rx.c
+--- linux-2.6.32.40/drivers/net/wireless/ipw2x00/libipw_rx.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/ipw2x00/libipw_rx.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1566,6 +1566,8 @@ static void libipw_process_probe_respons
+ unsigned long flags;
+ DECLARE_SSID_BUF(ssid);
+
++ pax_track_stack();
++
+ LIBIPW_DEBUG_SCAN("'%s' (%pM"
+ "): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n",
+ print_ssid(ssid, info_element->data, info_element->len),
diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-1000.c linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-1000.c
--- linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-1000.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-1000.c 2011-04-17 15:56:46.000000000 -0400
@@ -31025,6 +32171,48 @@ diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-6000.c linux-2.6.32.
.ucode = &iwl5000_ucode,
.lib = &iwl6000_lib,
.hcmd = &iwl5000_hcmd,
+diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-agn-rs.c linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-agn-rs.c
+--- linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-agn-rs.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-agn-rs.c 2011-05-16 21:46:57.000000000 -0400
+@@ -857,6 +857,8 @@ static void rs_tx_status(void *priv_r, s
+ u8 active_index = 0;
+ s32 tpt = 0;
+
++ pax_track_stack();
++
+ IWL_DEBUG_RATE_LIMIT(priv, "get frame ack response, update rate scale window\n");
+
+ if (!ieee80211_is_data(hdr->frame_control) ||
+@@ -2722,6 +2724,8 @@ static void rs_fill_link_cmd(struct iwl_
+ u8 valid_tx_ant = 0;
+ struct iwl_link_quality_cmd *lq_cmd = &lq_sta->lq;
+
++ pax_track_stack();
++
+ /* Override starting rate (index 0) if needed for debug purposes */
+ rs_dbgfs_set_mcs(lq_sta, &new_rate, index);
+
+diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debugfs.c linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debugfs.c
+--- linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debugfs.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debugfs.c 2011-05-16 21:46:57.000000000 -0400
+@@ -524,6 +524,8 @@ static ssize_t iwl_dbgfs_status_read(str
+ int pos = 0;
+ const size_t bufsz = sizeof(buf);
+
++ pax_track_stack();
++
+ pos += scnprintf(buf + pos, bufsz - pos, "STATUS_HCMD_ACTIVE:\t %d\n",
+ test_bit(STATUS_HCMD_ACTIVE, &priv->status));
+ pos += scnprintf(buf + pos, bufsz - pos, "STATUS_HCMD_SYNC_ACTIVE: %d\n",
+@@ -658,6 +660,8 @@ static ssize_t iwl_dbgfs_qos_read(struct
+ const size_t bufsz = sizeof(buf);
+ ssize_t ret;
+
++ pax_track_stack();
++
+ for (i = 0; i < AC_NUM; i++) {
+ pos += scnprintf(buf + pos, bufsz - pos,
+ "\tcw_min\tcw_max\taifsn\ttxop\n");
diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debug.h linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debug.h
--- linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debug.h 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-debug.h 2011-04-17 15:56:46.000000000 -0400
@@ -31051,6 +32239,18 @@ diff -urNp linux-2.6.32.40/drivers/net/wireless/iwlwifi/iwl-dev.h linux-2.6.32.4
extern struct iwl_ucode_ops iwl5000_ucode;
extern struct iwl_lib_ops iwl5000_lib;
extern struct iwl_hcmd_ops iwl5000_hcmd;
+diff -urNp linux-2.6.32.40/drivers/net/wireless/iwmc3200wifi/debugfs.c linux-2.6.32.40/drivers/net/wireless/iwmc3200wifi/debugfs.c
+--- linux-2.6.32.40/drivers/net/wireless/iwmc3200wifi/debugfs.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/net/wireless/iwmc3200wifi/debugfs.c 2011-05-16 21:46:57.000000000 -0400
+@@ -299,6 +299,8 @@ static ssize_t iwm_debugfs_fw_err_read(s
+ int buf_len = 512;
+ size_t len = 0;
+
++ pax_track_stack();
++
+ if (*ppos != 0)
+ return 0;
+ if (count < sizeof(buf))
diff -urNp linux-2.6.32.40/drivers/net/wireless/libertas/debugfs.c linux-2.6.32.40/drivers/net/wireless/libertas/debugfs.c
--- linux-2.6.32.40/drivers/net/wireless/libertas/debugfs.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/net/wireless/libertas/debugfs.c 2011-04-17 15:56:46.000000000 -0400
@@ -31812,6 +33012,17 @@ diff -urNp linux-2.6.32.40/drivers/s390/cio/qdio_perf.h linux-2.6.32.40/drivers/
}
int qdio_setup_perf_stats(void);
+diff -urNp linux-2.6.32.40/drivers/scsi/aacraid/commctrl.c linux-2.6.32.40/drivers/scsi/aacraid/commctrl.c
+--- linux-2.6.32.40/drivers/scsi/aacraid/commctrl.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/aacraid/commctrl.c 2011-05-16 21:46:57.000000000 -0400
+@@ -481,6 +481,7 @@ static int aac_send_raw_srb(struct aac_d
+ u32 actual_fibsize64, actual_fibsize = 0;
+ int i;
+
++ pax_track_stack();
+
+ if (dev->in_reset) {
+ dprintk((KERN_DEBUG"aacraid: send raw srb -EBUSY\n"));
diff -urNp linux-2.6.32.40/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.32.40/drivers/scsi/aic94xx/aic94xx_init.c
--- linux-2.6.32.40/drivers/scsi/aic94xx/aic94xx_init.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/scsi/aic94xx/aic94xx_init.c 2011-04-17 15:56:46.000000000 -0400
@@ -31824,6 +33035,125 @@ diff -urNp linux-2.6.32.40/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.32.40/d
asd_show_update_bios, asd_store_update_bios);
static int asd_create_dev_attrs(struct asd_ha_struct *asd_ha)
+diff -urNp linux-2.6.32.40/drivers/scsi/BusLogic.c linux-2.6.32.40/drivers/scsi/BusLogic.c
+--- linux-2.6.32.40/drivers/scsi/BusLogic.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/BusLogic.c 2011-05-16 21:46:57.000000000 -0400
+@@ -961,6 +961,8 @@ static int __init BusLogic_InitializeFla
+ static void __init BusLogic_InitializeProbeInfoList(struct BusLogic_HostAdapter
+ *PrototypeHostAdapter)
+ {
++ pax_track_stack();
++
+ /*
+ If a PCI BIOS is present, interrogate it for MultiMaster and FlashPoint
+ Host Adapters; otherwise, default to the standard ISA MultiMaster probe.
+diff -urNp linux-2.6.32.40/drivers/scsi/dpt_i2o.c linux-2.6.32.40/drivers/scsi/dpt_i2o.c
+--- linux-2.6.32.40/drivers/scsi/dpt_i2o.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/dpt_i2o.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1804,6 +1804,8 @@ static int adpt_i2o_passthru(adpt_hba* p
+ dma_addr_t addr;
+ ulong flags = 0;
+
++ pax_track_stack();
++
+ memset(&msg, 0, MAX_MESSAGE_SIZE*4);
+ // get user msg size in u32s
+ if(get_user(size, &user_msg[0])){
+@@ -2297,6 +2299,8 @@ static s32 adpt_scsi_to_i2o(adpt_hba* pH
+ s32 rcode;
+ dma_addr_t addr;
+
++ pax_track_stack();
++
+ memset(msg, 0 , sizeof(msg));
+ len = scsi_bufflen(cmd);
+ direction = 0x00000000;
+diff -urNp linux-2.6.32.40/drivers/scsi/eata.c linux-2.6.32.40/drivers/scsi/eata.c
+--- linux-2.6.32.40/drivers/scsi/eata.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/eata.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1087,6 +1087,8 @@ static int port_detect(unsigned long por
+ struct hostdata *ha;
+ char name[16];
+
++ pax_track_stack();
++
+ sprintf(name, "%s%d", driver_name, j);
+
+ if (!request_region(port_base, REGION_SIZE, driver_name)) {
+diff -urNp linux-2.6.32.40/drivers/scsi/fcoe/libfcoe.c linux-2.6.32.40/drivers/scsi/fcoe/libfcoe.c
+--- linux-2.6.32.40/drivers/scsi/fcoe/libfcoe.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/fcoe/libfcoe.c 2011-05-16 21:46:57.000000000 -0400
+@@ -809,6 +809,8 @@ static void fcoe_ctlr_recv_els(struct fc
+ size_t rlen;
+ size_t dlen;
+
++ pax_track_stack();
++
+ fiph = (struct fip_header *)skb->data;
+ sub = fiph->fip_subcode;
+ if (sub != FIP_SC_REQ && sub != FIP_SC_REP)
+diff -urNp linux-2.6.32.40/drivers/scsi/gdth.c linux-2.6.32.40/drivers/scsi/gdth.c
+--- linux-2.6.32.40/drivers/scsi/gdth.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/gdth.c 2011-05-16 21:46:57.000000000 -0400
+@@ -4102,6 +4102,8 @@ static int ioc_lockdrv(void __user *arg)
+ ulong flags;
+ gdth_ha_str *ha;
+
++ pax_track_stack();
++
+ if (copy_from_user(&ldrv, arg, sizeof(gdth_ioctl_lockdrv)))
+ return -EFAULT;
+ ha = gdth_find_ha(ldrv.ionode);
+@@ -4134,6 +4136,8 @@ static int ioc_resetdrv(void __user *arg
+ gdth_ha_str *ha;
+ int rval;
+
++ pax_track_stack();
++
+ if (copy_from_user(&res, arg, sizeof(gdth_ioctl_reset)) ||
+ res.number >= MAX_HDRIVES)
+ return -EFAULT;
+@@ -4169,6 +4173,8 @@ static int ioc_general(void __user *arg,
+ gdth_ha_str *ha;
+ int rval;
+
++ pax_track_stack();
++
+ if (copy_from_user(&gen, arg, sizeof(gdth_ioctl_general)))
+ return -EFAULT;
+ ha = gdth_find_ha(gen.ionode);
+@@ -4625,6 +4631,9 @@ static void gdth_flush(gdth_ha_str *ha)
+ int i;
+ gdth_cmd_str gdtcmd;
+ char cmnd[MAX_COMMAND_SIZE];
++
++ pax_track_stack();
++
+ memset(cmnd, 0xff, MAX_COMMAND_SIZE);
+
+ TRACE2(("gdth_flush() hanum %d\n", ha->hanum));
+diff -urNp linux-2.6.32.40/drivers/scsi/gdth_proc.c linux-2.6.32.40/drivers/scsi/gdth_proc.c
+--- linux-2.6.32.40/drivers/scsi/gdth_proc.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/gdth_proc.c 2011-05-16 21:46:57.000000000 -0400
+@@ -46,6 +46,9 @@ static int gdth_set_asc_info(struct Scsi
+ ulong64 paddr;
+
+ char cmnd[MAX_COMMAND_SIZE];
++
++ pax_track_stack();
++
+ memset(cmnd, 0xff, 12);
+ memset(&gdtcmd, 0, sizeof(gdth_cmd_str));
+
+@@ -174,6 +177,8 @@ static int gdth_get_info(char *buffer,ch
+ gdth_hget_str *phg;
+ char cmnd[MAX_COMMAND_SIZE];
+
++ pax_track_stack();
++
+ gdtcmd = kmalloc(sizeof(*gdtcmd), GFP_KERNEL);
+ estr = kmalloc(sizeof(*estr), GFP_KERNEL);
+ if (!gdtcmd || !estr)
diff -urNp linux-2.6.32.40/drivers/scsi/hosts.c linux-2.6.32.40/drivers/scsi/hosts.c
--- linux-2.6.32.40/drivers/scsi/hosts.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/scsi/hosts.c 2011-05-04 17:56:28.000000000 -0400
@@ -31995,7 +33325,7 @@ diff -urNp linux-2.6.32.40/drivers/scsi/libsas/sas_ata.c linux-2.6.32.40/drivers
.qc_defer = ata_std_qc_defer,
diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c
--- linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c 2011-05-16 21:46:57.000000000 -0400
@@ -124,7 +124,7 @@ struct lpfc_debug {
int len;
};
@@ -32023,7 +33353,16 @@ diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.32.40/driv
(lpfc_debugfs_max_slow_ring_trc - 1);
for (i = index; i < lpfc_debugfs_max_slow_ring_trc; i++) {
dtp = phba->slow_ring_trc + i;
-@@ -634,14 +634,14 @@ lpfc_debugfs_disc_trc(struct lpfc_vport
+@@ -397,6 +397,8 @@ lpfc_debugfs_dumpHBASlim_data(struct lpf
+ uint32_t *ptr;
+ char buffer[1024];
+
++ pax_track_stack();
++
+ off = 0;
+ spin_lock_irq(&phba->hbalock);
+
+@@ -634,14 +636,14 @@ lpfc_debugfs_disc_trc(struct lpfc_vport
!vport || !vport->disc_trc)
return;
@@ -32040,7 +33379,7 @@ diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.32.40/driv
dtp->jif = jiffies;
#endif
return;
-@@ -672,14 +672,14 @@ lpfc_debugfs_slow_ring_trc(struct lpfc_h
+@@ -672,14 +674,14 @@ lpfc_debugfs_slow_ring_trc(struct lpfc_h
!phba || !phba->slow_ring_trc)
return;
@@ -32057,7 +33396,7 @@ diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.32.40/driv
dtp->jif = jiffies;
#endif
return;
-@@ -1364,7 +1364,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
+@@ -1364,7 +1366,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
"slow_ring buffer\n");
goto debug_failed;
}
@@ -32066,7 +33405,7 @@ diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.32.40/driv
memset(phba->slow_ring_trc, 0,
(sizeof(struct lpfc_debugfs_trc) *
lpfc_debugfs_max_slow_ring_trc));
-@@ -1410,7 +1410,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
+@@ -1410,7 +1412,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
"buffer\n");
goto debug_failed;
}
@@ -32161,6 +33500,30 @@ diff -urNp linux-2.6.32.40/drivers/scsi/lpfc/lpfc_scsi.c linux-2.6.32.40/drivers
}
/**
+diff -urNp linux-2.6.32.40/drivers/scsi/megaraid/megaraid_mbox.c linux-2.6.32.40/drivers/scsi/megaraid/megaraid_mbox.c
+--- linux-2.6.32.40/drivers/scsi/megaraid/megaraid_mbox.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/megaraid/megaraid_mbox.c 2011-05-16 21:46:57.000000000 -0400
+@@ -3503,6 +3503,8 @@ megaraid_cmm_register(adapter_t *adapter
+ int rval;
+ int i;
+
++ pax_track_stack();
++
+ // Allocate memory for the base list of scb for management module.
+ adapter->uscb_list = kcalloc(MBOX_MAX_USER_CMDS, sizeof(scb_t), GFP_KERNEL);
+
+diff -urNp linux-2.6.32.40/drivers/scsi/osd/osd_initiator.c linux-2.6.32.40/drivers/scsi/osd/osd_initiator.c
+--- linux-2.6.32.40/drivers/scsi/osd/osd_initiator.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/osd/osd_initiator.c 2011-05-16 21:46:57.000000000 -0400
+@@ -94,6 +94,8 @@ static int _osd_print_system_info(struct
+ int nelem = ARRAY_SIZE(get_attrs), a = 0;
+ int ret;
+
++ pax_track_stack();
++
+ or = osd_start_request(od, GFP_KERNEL);
+ if (!or)
+ return -ENOMEM;
diff -urNp linux-2.6.32.40/drivers/scsi/pmcraid.c linux-2.6.32.40/drivers/scsi/pmcraid.c
--- linux-2.6.32.40/drivers/scsi/pmcraid.c 2011-05-10 22:12:01.000000000 -0400
+++ linux-2.6.32.40/drivers/scsi/pmcraid.c 2011-05-10 22:12:33.000000000 -0400
@@ -32301,6 +33664,27 @@ diff -urNp linux-2.6.32.40/drivers/scsi/scsi.c linux-2.6.32.40/drivers/scsi/scsi
/* check if the device is still usable */
if (unlikely(cmd->device->sdev_state == SDEV_DEL)) {
+diff -urNp linux-2.6.32.40/drivers/scsi/scsi_debug.c linux-2.6.32.40/drivers/scsi/scsi_debug.c
+--- linux-2.6.32.40/drivers/scsi/scsi_debug.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/scsi_debug.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1395,6 +1395,8 @@ static int resp_mode_select(struct scsi_
+ unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
+ unsigned char *cmd = (unsigned char *)scp->cmnd;
+
++ pax_track_stack();
++
+ if ((errsts = check_readiness(scp, 1, devip)))
+ return errsts;
+ memset(arr, 0, sizeof(arr));
+@@ -1492,6 +1494,8 @@ static int resp_log_sense(struct scsi_cm
+ unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
+ unsigned char *cmd = (unsigned char *)scp->cmnd;
+
++ pax_track_stack();
++
+ if ((errsts = check_readiness(scp, 1, devip)))
+ return errsts;
+ memset(arr, 0, sizeof(arr));
diff -urNp linux-2.6.32.40/drivers/scsi/scsi_lib.c linux-2.6.32.40/drivers/scsi/scsi_lib.c
--- linux-2.6.32.40/drivers/scsi/scsi_lib.c 2011-05-10 22:12:01.000000000 -0400
+++ linux-2.6.32.40/drivers/scsi/scsi_lib.c 2011-05-10 22:12:33.000000000 -0400
@@ -32448,6 +33832,18 @@ diff -urNp linux-2.6.32.40/drivers/scsi/sg.c linux-2.6.32.40/drivers/scsi/sg.c
sg_proc_sgp = proc_mkdir(sg_proc_sg_dirname, NULL);
if (!sg_proc_sgp)
+diff -urNp linux-2.6.32.40/drivers/scsi/sym53c8xx_2/sym_glue.c linux-2.6.32.40/drivers/scsi/sym53c8xx_2/sym_glue.c
+--- linux-2.6.32.40/drivers/scsi/sym53c8xx_2/sym_glue.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/scsi/sym53c8xx_2/sym_glue.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1754,6 +1754,8 @@ static int __devinit sym2_probe(struct p
+ int do_iounmap = 0;
+ int do_disable_device = 1;
+
++ pax_track_stack();
++
+ memset(&sym_dev, 0, sizeof(sym_dev));
+ memset(&nvram, 0, sizeof(nvram));
+ sym_dev.pdev = pdev;
diff -urNp linux-2.6.32.40/drivers/serial/kgdboc.c linux-2.6.32.40/drivers/serial/kgdboc.c
--- linux-2.6.32.40/drivers/serial/kgdboc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/serial/kgdboc.c 2011-04-17 15:56:46.000000000 -0400
@@ -33075,6 +34471,18 @@ diff -urNp linux-2.6.32.40/drivers/staging/vme/devices/vme_user.c linux-2.6.32.4
.open = vme_user_open,
.release = vme_user_release,
.read = vme_user_read,
+diff -urNp linux-2.6.32.40/drivers/telephony/ixj.c linux-2.6.32.40/drivers/telephony/ixj.c
+--- linux-2.6.32.40/drivers/telephony/ixj.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/drivers/telephony/ixj.c 2011-05-16 21:46:57.000000000 -0400
+@@ -4976,6 +4976,8 @@ static int ixj_daa_cid_read(IXJ *j)
+ bool mContinue;
+ char *pIn, *pOut;
+
++ pax_track_stack();
++
+ if (!SCI_Prepare(j))
+ return 0;
+
diff -urNp linux-2.6.32.40/drivers/uio/uio.c linux-2.6.32.40/drivers/uio/uio.c
--- linux-2.6.32.40/drivers/uio/uio.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/drivers/uio/uio.c 2011-05-04 17:56:20.000000000 -0400
@@ -33731,7 +35139,7 @@ diff -urNp linux-2.6.32.40/drivers/video/fbcmap.c linux-2.6.32.40/drivers/video/
}
diff -urNp linux-2.6.32.40/drivers/video/fbmem.c linux-2.6.32.40/drivers/video/fbmem.c
--- linux-2.6.32.40/drivers/video/fbmem.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/drivers/video/fbmem.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/drivers/video/fbmem.c 2011-05-16 21:46:57.000000000 -0400
@@ -403,7 +403,7 @@ static void fb_do_show_logo(struct fb_in
image->dx += image->width + 8;
}
@@ -33750,7 +35158,25 @@ diff -urNp linux-2.6.32.40/drivers/video/fbmem.c linux-2.6.32.40/drivers/video/f
info->fbops->fb_imageblit(info, image);
image->dy -= image->height + 8;
}
-@@ -1119,7 +1119,7 @@ static long do_fb_ioctl(struct fb_info *
+@@ -915,6 +915,8 @@ fb_set_var(struct fb_info *info, struct
+ int flags = info->flags;
+ int ret = 0;
+
++ pax_track_stack();
++
+ if (var->activate & FB_ACTIVATE_INV_MODE) {
+ struct fb_videomode mode1, mode2;
+
+@@ -1040,6 +1042,8 @@ static long do_fb_ioctl(struct fb_info *
+ void __user *argp = (void __user *)arg;
+ long ret = 0;
+
++ pax_track_stack();
++
+ switch (cmd) {
+ case FBIOGET_VSCREENINFO:
+ if (!lock_fb_info(info))
+@@ -1119,7 +1123,7 @@ static long do_fb_ioctl(struct fb_info *
return -EFAULT;
if (con2fb.console < 1 || con2fb.console > MAX_NR_CONSOLES)
return -EINVAL;
@@ -34004,7 +35430,7 @@ diff -urNp linux-2.6.32.40/fs/9p/vfs_inode.c linux-2.6.32.40/fs/9p/vfs_inode.c
IS_ERR(s) ? "<error>" : s);
diff -urNp linux-2.6.32.40/fs/aio.c linux-2.6.32.40/fs/aio.c
--- linux-2.6.32.40/fs/aio.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/aio.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/fs/aio.c 2011-05-16 21:46:57.000000000 -0400
@@ -115,7 +115,7 @@ static int aio_setup_ring(struct kioctx
size += sizeof(struct io_event) * nr_events;
nr_pages = (size + PAGE_SIZE-1) >> PAGE_SHIFT;
@@ -34014,6 +35440,15 @@ diff -urNp linux-2.6.32.40/fs/aio.c linux-2.6.32.40/fs/aio.c
return -EINVAL;
nr_events = (PAGE_SIZE * nr_pages - sizeof(struct aio_ring)) / sizeof(struct io_event);
+@@ -1089,6 +1089,8 @@ static int read_events(struct kioctx *ct
+ struct aio_timeout to;
+ int retry = 0;
+
++ pax_track_stack();
++
+ /* needed to zero any padding within an entry (there shouldn't be
+ * any, but C is fun!
+ */
diff -urNp linux-2.6.32.40/fs/attr.c linux-2.6.32.40/fs/attr.c
--- linux-2.6.32.40/fs/attr.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/attr.c 2011-04-17 15:56:46.000000000 -0400
@@ -34154,7 +35589,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_aout.c linux-2.6.32.40/fs/binfmt_aout.c
up_write(&current->mm->mmap_sem);
diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
--- linux-2.6.32.40/fs/binfmt_elf.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/binfmt_elf.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/fs/binfmt_elf.c 2011-05-16 21:46:57.000000000 -0400
@@ -50,6 +50,10 @@ static int elf_core_dump(long signr, str
#define elf_core_dump NULL
#endif
@@ -34196,7 +35631,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
return 0;
}
-@@ -148,12 +159,13 @@ create_elf_tables(struct linux_binprm *b
+@@ -148,12 +159,15 @@ create_elf_tables(struct linux_binprm *b
elf_addr_t __user *u_rand_bytes;
const char *k_platform = ELF_PLATFORM;
const char *k_base_platform = ELF_BASE_PLATFORM;
@@ -34208,10 +35643,12 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
const struct cred *cred = current_cred();
struct vm_area_struct *vma;
+ unsigned long saved_auxv[AT_VECTOR_SIZE];
++
++ pax_track_stack();
/*
* In some cases (e.g. Hyper-Threading), we want to avoid L1
-@@ -195,8 +207,12 @@ create_elf_tables(struct linux_binprm *b
+@@ -195,8 +209,12 @@ create_elf_tables(struct linux_binprm *b
* Generate 16 random bytes for userspace PRNG seeding.
*/
get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
@@ -34226,7 +35663,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
return -EFAULT;
-@@ -308,9 +324,11 @@ create_elf_tables(struct linux_binprm *b
+@@ -308,9 +326,11 @@ create_elf_tables(struct linux_binprm *b
return -EFAULT;
current->mm->env_end = p;
@@ -34239,7 +35676,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
return -EFAULT;
return 0;
}
-@@ -385,10 +403,10 @@ static unsigned long load_elf_interp(str
+@@ -385,10 +405,10 @@ static unsigned long load_elf_interp(str
{
struct elf_phdr *elf_phdata;
struct elf_phdr *eppnt;
@@ -34252,7 +35689,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
unsigned long total_size;
int retval, i, size;
-@@ -434,6 +452,11 @@ static unsigned long load_elf_interp(str
+@@ -434,6 +454,11 @@ static unsigned long load_elf_interp(str
goto out_close;
}
@@ -34264,7 +35701,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
eppnt = elf_phdata;
for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
if (eppnt->p_type == PT_LOAD) {
-@@ -477,8 +500,8 @@ static unsigned long load_elf_interp(str
+@@ -477,8 +502,8 @@ static unsigned long load_elf_interp(str
k = load_addr + eppnt->p_vaddr;
if (BAD_ADDR(k) ||
eppnt->p_filesz > eppnt->p_memsz ||
@@ -34275,7 +35712,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
error = -ENOMEM;
goto out_close;
}
-@@ -532,6 +555,194 @@ out:
+@@ -532,6 +557,194 @@ out:
return error;
}
@@ -34470,7 +35907,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
/*
* These are the functions used to load ELF style executables and shared
* libraries. There is no binary dependent code anywhere else.
-@@ -548,6 +759,11 @@ static unsigned long randomize_stack_top
+@@ -548,6 +761,11 @@ static unsigned long randomize_stack_top
{
unsigned int random_variable = 0;
@@ -34482,7 +35919,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
if ((current->flags & PF_RANDOMIZE) &&
!(current->personality & ADDR_NO_RANDOMIZE)) {
random_variable = get_random_int() & STACK_RND_MASK;
-@@ -566,7 +782,7 @@ static int load_elf_binary(struct linux_
+@@ -566,7 +784,7 @@ static int load_elf_binary(struct linux_
unsigned long load_addr = 0, load_bias = 0;
int load_addr_set = 0;
char * elf_interpreter = NULL;
@@ -34491,7 +35928,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
struct elf_phdr *elf_ppnt, *elf_phdata;
unsigned long elf_bss, elf_brk;
int retval, i;
-@@ -576,11 +792,11 @@ static int load_elf_binary(struct linux_
+@@ -576,11 +794,11 @@ static int load_elf_binary(struct linux_
unsigned long start_code, end_code, start_data, end_data;
unsigned long reloc_func_desc = 0;
int executable_stack = EXSTACK_DEFAULT;
@@ -34504,7 +35941,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
loc = kmalloc(sizeof(*loc), GFP_KERNEL);
if (!loc) {
-@@ -718,11 +934,80 @@ static int load_elf_binary(struct linux_
+@@ -718,11 +936,80 @@ static int load_elf_binary(struct linux_
/* OK, This is the point of no return */
current->flags &= ~PF_FORKNOEXEC;
@@ -34586,7 +36023,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
if (elf_read_implies_exec(loc->elf_ex, executable_stack))
current->personality |= READ_IMPLIES_EXEC;
-@@ -804,6 +1089,20 @@ static int load_elf_binary(struct linux_
+@@ -804,6 +1091,20 @@ static int load_elf_binary(struct linux_
#else
load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
#endif
@@ -34607,7 +36044,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
}
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
-@@ -836,9 +1135,9 @@ static int load_elf_binary(struct linux_
+@@ -836,9 +1137,9 @@ static int load_elf_binary(struct linux_
* allowed task size. Note that p_filesz must always be
* <= p_memsz so it is only necessary to check p_memsz.
*/
@@ -34620,7 +36057,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
/* set_brk can never work. Avoid overflows. */
send_sig(SIGKILL, current, 0);
retval = -EINVAL;
-@@ -866,6 +1165,11 @@ static int load_elf_binary(struct linux_
+@@ -866,6 +1167,11 @@ static int load_elf_binary(struct linux_
start_data += load_bias;
end_data += load_bias;
@@ -34632,7 +36069,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
/* Calling set_brk effectively mmaps the pages that we need
* for the bss and break sections. We must do this before
* mapping in the interpreter, to make sure it doesn't wind
-@@ -877,9 +1181,11 @@ static int load_elf_binary(struct linux_
+@@ -877,9 +1183,11 @@ static int load_elf_binary(struct linux_
goto out_free_dentry;
}
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
@@ -34647,7 +36084,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
}
if (elf_interpreter) {
-@@ -1112,8 +1418,10 @@ static int dump_seek(struct file *file,
+@@ -1112,8 +1420,10 @@ static int dump_seek(struct file *file,
unsigned long n = off;
if (n > PAGE_SIZE)
n = PAGE_SIZE;
@@ -34659,7 +36096,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
off -= n;
}
free_page((unsigned long)buf);
-@@ -1125,7 +1433,7 @@ static int dump_seek(struct file *file,
+@@ -1125,7 +1435,7 @@ static int dump_seek(struct file *file,
* Decide what to dump of a segment, part, all or none.
*/
static unsigned long vma_dump_size(struct vm_area_struct *vma,
@@ -34668,7 +36105,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
{
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
-@@ -1159,7 +1467,7 @@ static unsigned long vma_dump_size(struc
+@@ -1159,7 +1469,7 @@ static unsigned long vma_dump_size(struc
if (vma->vm_file == NULL)
return 0;
@@ -34677,7 +36114,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
goto whole;
/*
-@@ -1255,8 +1563,11 @@ static int writenote(struct memelfnote *
+@@ -1255,8 +1565,11 @@ static int writenote(struct memelfnote *
#undef DUMP_WRITE
#define DUMP_WRITE(addr, nr) \
@@ -34690,7 +36127,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
static void fill_elf_header(struct elfhdr *elf, int segs,
u16 machine, u32 flags, u8 osabi)
-@@ -1385,9 +1696,9 @@ static void fill_auxv_note(struct memelf
+@@ -1385,9 +1698,9 @@ static void fill_auxv_note(struct memelf
{
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
int i = 0;
@@ -34702,7 +36139,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
}
-@@ -1973,7 +2284,7 @@ static int elf_core_dump(long signr, str
+@@ -1973,7 +2286,7 @@ static int elf_core_dump(long signr, str
phdr.p_offset = offset;
phdr.p_vaddr = vma->vm_start;
phdr.p_paddr = 0;
@@ -34711,7 +36148,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
phdr.p_memsz = vma->vm_end - vma->vm_start;
offset += phdr.p_filesz;
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
-@@ -2006,7 +2317,7 @@ static int elf_core_dump(long signr, str
+@@ -2006,7 +2319,7 @@ static int elf_core_dump(long signr, str
unsigned long addr;
unsigned long end;
@@ -34720,7 +36157,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
struct page *page;
-@@ -2015,6 +2326,7 @@ static int elf_core_dump(long signr, str
+@@ -2015,6 +2328,7 @@ static int elf_core_dump(long signr, str
page = get_dump_page(addr);
if (page) {
void *kaddr = kmap(page);
@@ -34728,7 +36165,7 @@ diff -urNp linux-2.6.32.40/fs/binfmt_elf.c linux-2.6.32.40/fs/binfmt_elf.c
stop = ((size += PAGE_SIZE) > limit) ||
!dump_write(file, kaddr, PAGE_SIZE);
kunmap(page);
-@@ -2042,6 +2354,97 @@ out:
+@@ -2042,6 +2356,97 @@ out:
#endif /* USE_ELF_CORE_DUMP */
@@ -35499,7 +36936,7 @@ diff -urNp linux-2.6.32.40/fs/compat_binfmt_elf.c linux-2.6.32.40/fs/compat_binf
/*
diff -urNp linux-2.6.32.40/fs/compat.c linux-2.6.32.40/fs/compat.c
--- linux-2.6.32.40/fs/compat.c 2011-04-17 17:00:52.000000000 -0400
-+++ linux-2.6.32.40/fs/compat.c 2011-04-23 13:29:24.000000000 -0400
++++ linux-2.6.32.40/fs/compat.c 2011-05-16 21:46:57.000000000 -0400
@@ -830,6 +830,7 @@ struct compat_old_linux_dirent {
struct compat_readdir_callback {
@@ -35679,6 +37116,15 @@ diff -urNp linux-2.6.32.40/fs/compat.c linux-2.6.32.40/fs/compat.c
out:
if (bprm->mm) {
acct_arg_size(bprm, 0);
+@@ -1711,6 +1786,8 @@ int compat_core_sys_select(int n, compat
+ struct fdtable *fdt;
+ long stack_fds[SELECT_STACK_ALLOC/sizeof(long)];
+
++ pax_track_stack();
++
+ if (n < 0)
+ goto out_nofds;
+
diff -urNp linux-2.6.32.40/fs/compat_ioctl.c linux-2.6.32.40/fs/compat_ioctl.c
--- linux-2.6.32.40/fs/compat_ioctl.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/compat_ioctl.c 2011-04-23 12:56:11.000000000 -0400
@@ -36411,7 +37857,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/ext4.h linux-2.6.32.40/fs/ext4/ext4.h
/* locality groups */
diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
--- linux-2.6.32.40/fs/ext4/mballoc.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/ext4/mballoc.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/fs/ext4/mballoc.c 2011-05-16 21:46:57.000000000 -0400
@@ -1753,7 +1753,7 @@ void ext4_mb_simple_scan_group(struct ex
BUG_ON(ac->ac_b_ex.fe_len != ac->ac_g_ex.fe_len);
@@ -36430,7 +37876,16 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
goto repeat;
}
}
-@@ -2532,25 +2532,25 @@ int ext4_mb_release(struct super_block *
+@@ -2172,6 +2172,8 @@ static int ext4_mb_seq_groups_show(struc
+ ext4_grpblk_t counters[16];
+ } sg;
+
++ pax_track_stack();
++
+ group--;
+ if (group == 0)
+ seq_printf(seq, "#%-5s: %-5s %-5s %-5s "
+@@ -2532,25 +2534,25 @@ int ext4_mb_release(struct super_block *
if (sbi->s_mb_stats) {
printk(KERN_INFO
"EXT4-fs: mballoc: %u blocks %u reqs (%u success)\n",
@@ -36466,7 +37921,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
}
free_percpu(sbi->s_locality_groups);
-@@ -3032,16 +3032,16 @@ static void ext4_mb_collect_stats(struct
+@@ -3032,16 +3034,16 @@ static void ext4_mb_collect_stats(struct
struct ext4_sb_info *sbi = EXT4_SB(ac->ac_sb);
if (sbi->s_mb_stats && ac->ac_g_ex.fe_len > 1) {
@@ -36489,7 +37944,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
}
if (ac->ac_op == EXT4_MB_HISTORY_ALLOC)
-@@ -3441,7 +3441,7 @@ ext4_mb_new_inode_pa(struct ext4_allocat
+@@ -3441,7 +3443,7 @@ ext4_mb_new_inode_pa(struct ext4_allocat
trace_ext4_mb_new_inode_pa(ac, pa);
ext4_mb_use_inode_pa(ac, pa);
@@ -36498,7 +37953,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
ei = EXT4_I(ac->ac_inode);
grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group);
-@@ -3501,7 +3501,7 @@ ext4_mb_new_group_pa(struct ext4_allocat
+@@ -3501,7 +3503,7 @@ ext4_mb_new_group_pa(struct ext4_allocat
trace_ext4_mb_new_group_pa(ac, pa);
ext4_mb_use_group_pa(ac, pa);
@@ -36507,7 +37962,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group);
lg = ac->ac_lg;
-@@ -3605,7 +3605,7 @@ ext4_mb_release_inode_pa(struct ext4_bud
+@@ -3605,7 +3607,7 @@ ext4_mb_release_inode_pa(struct ext4_bud
* from the bitmap and continue.
*/
}
@@ -36516,7 +37971,7 @@ diff -urNp linux-2.6.32.40/fs/ext4/mballoc.c linux-2.6.32.40/fs/ext4/mballoc.c
return err;
}
-@@ -3624,7 +3624,7 @@ ext4_mb_release_group_pa(struct ext4_bud
+@@ -3624,7 +3626,7 @@ ext4_mb_release_group_pa(struct ext4_bud
ext4_get_group_no_and_offset(sb, pa->pa_pstart, &group, &bit);
BUG_ON(group != e4b->bd_group && pa->pa_len != 0);
mb_free_blocks(pa->pa_inode, e4b, bit, pa->pa_len);
@@ -38251,6 +39706,18 @@ diff -urNp linux-2.6.32.40/fs/fuse/fuse_i.h linux-2.6.32.40/fs/fuse/fuse_i.h
/**
* Inode to nodeid comparison.
*/
+diff -urNp linux-2.6.32.40/fs/gfs2/ops_inode.c linux-2.6.32.40/fs/gfs2/ops_inode.c
+--- linux-2.6.32.40/fs/gfs2/ops_inode.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/gfs2/ops_inode.c 2011-05-16 21:46:57.000000000 -0400
+@@ -752,6 +752,8 @@ static int gfs2_rename(struct inode *odi
+ unsigned int x;
+ int error;
+
++ pax_track_stack();
++
+ if (ndentry->d_inode) {
+ nip = GFS2_I(ndentry->d_inode);
+ if (ip == nip)
diff -urNp linux-2.6.32.40/fs/gfs2/sys.c linux-2.6.32.40/fs/gfs2/sys.c
--- linux-2.6.32.40/fs/gfs2/sys.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/gfs2/sys.c 2011-04-17 15:56:46.000000000 -0400
@@ -38272,6 +39739,102 @@ diff -urNp linux-2.6.32.40/fs/gfs2/sys.c linux-2.6.32.40/fs/gfs2/sys.c
.uevent = gfs2_uevent,
};
+diff -urNp linux-2.6.32.40/fs/hfsplus/catalog.c linux-2.6.32.40/fs/hfsplus/catalog.c
+--- linux-2.6.32.40/fs/hfsplus/catalog.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/hfsplus/catalog.c 2011-05-16 21:46:57.000000000 -0400
+@@ -157,6 +157,8 @@ int hfsplus_find_cat(struct super_block
+ int err;
+ u16 type;
+
++ pax_track_stack();
++
+ hfsplus_cat_build_key(sb, fd->search_key, cnid, NULL);
+ err = hfs_brec_read(fd, &tmp, sizeof(hfsplus_cat_entry));
+ if (err)
+@@ -186,6 +188,8 @@ int hfsplus_create_cat(u32 cnid, struct
+ int entry_size;
+ int err;
+
++ pax_track_stack();
++
+ dprint(DBG_CAT_MOD, "create_cat: %s,%u(%d)\n", str->name, cnid, inode->i_nlink);
+ sb = dir->i_sb;
+ hfs_find_init(HFSPLUS_SB(sb).cat_tree, &fd);
+@@ -318,6 +322,8 @@ int hfsplus_rename_cat(u32 cnid,
+ int entry_size, type;
+ int err = 0;
+
++ pax_track_stack();
++
+ dprint(DBG_CAT_MOD, "rename_cat: %u - %lu,%s - %lu,%s\n", cnid, src_dir->i_ino, src_name->name,
+ dst_dir->i_ino, dst_name->name);
+ sb = src_dir->i_sb;
+diff -urNp linux-2.6.32.40/fs/hfsplus/dir.c linux-2.6.32.40/fs/hfsplus/dir.c
+--- linux-2.6.32.40/fs/hfsplus/dir.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/hfsplus/dir.c 2011-05-16 21:46:57.000000000 -0400
+@@ -121,6 +121,8 @@ static int hfsplus_readdir(struct file *
+ struct hfsplus_readdir_data *rd;
+ u16 type;
+
++ pax_track_stack();
++
+ if (filp->f_pos >= inode->i_size)
+ return 0;
+
+diff -urNp linux-2.6.32.40/fs/hfsplus/inode.c linux-2.6.32.40/fs/hfsplus/inode.c
+--- linux-2.6.32.40/fs/hfsplus/inode.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/hfsplus/inode.c 2011-05-16 21:46:57.000000000 -0400
+@@ -399,6 +399,8 @@ int hfsplus_cat_read_inode(struct inode
+ int res = 0;
+ u16 type;
+
++ pax_track_stack();
++
+ type = hfs_bnode_read_u16(fd->bnode, fd->entryoffset);
+
+ HFSPLUS_I(inode).dev = 0;
+@@ -461,6 +463,8 @@ int hfsplus_cat_write_inode(struct inode
+ struct hfs_find_data fd;
+ hfsplus_cat_entry entry;
+
++ pax_track_stack();
++
+ if (HFSPLUS_IS_RSRC(inode))
+ main_inode = HFSPLUS_I(inode).rsrc_inode;
+
+diff -urNp linux-2.6.32.40/fs/hfsplus/ioctl.c linux-2.6.32.40/fs/hfsplus/ioctl.c
+--- linux-2.6.32.40/fs/hfsplus/ioctl.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/hfsplus/ioctl.c 2011-05-16 21:46:57.000000000 -0400
+@@ -101,6 +101,8 @@ int hfsplus_setxattr(struct dentry *dent
+ struct hfsplus_cat_file *file;
+ int res;
+
++ pax_track_stack();
++
+ if (!S_ISREG(inode->i_mode) || HFSPLUS_IS_RSRC(inode))
+ return -EOPNOTSUPP;
+
+@@ -143,6 +145,8 @@ ssize_t hfsplus_getxattr(struct dentry *
+ struct hfsplus_cat_file *file;
+ ssize_t res = 0;
+
++ pax_track_stack();
++
+ if (!S_ISREG(inode->i_mode) || HFSPLUS_IS_RSRC(inode))
+ return -EOPNOTSUPP;
+
+diff -urNp linux-2.6.32.40/fs/hfsplus/super.c linux-2.6.32.40/fs/hfsplus/super.c
+--- linux-2.6.32.40/fs/hfsplus/super.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/hfsplus/super.c 2011-05-16 21:46:57.000000000 -0400
+@@ -312,6 +312,8 @@ static int hfsplus_fill_super(struct sup
+ struct nls_table *nls = NULL;
+ int err = -EINVAL;
+
++ pax_track_stack();
++
+ sbi = kzalloc(sizeof(*sbi), GFP_KERNEL);
+ if (!sbi)
+ return -ENOMEM;
diff -urNp linux-2.6.32.40/fs/hugetlbfs/inode.c linux-2.6.32.40/fs/hugetlbfs/inode.c
--- linux-2.6.32.40/fs/hugetlbfs/inode.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/hugetlbfs/inode.c 2011-04-17 15:56:46.000000000 -0400
@@ -38314,6 +39877,51 @@ diff -urNp linux-2.6.32.40/fs/ioctl.c linux-2.6.32.40/fs/ioctl.c
error = -EFAULT;
return error;
+diff -urNp linux-2.6.32.40/fs/jbd/checkpoint.c linux-2.6.32.40/fs/jbd/checkpoint.c
+--- linux-2.6.32.40/fs/jbd/checkpoint.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/jbd/checkpoint.c 2011-05-16 21:46:57.000000000 -0400
+@@ -348,6 +348,8 @@ int log_do_checkpoint(journal_t *journal
+ tid_t this_tid;
+ int result;
+
++ pax_track_stack();
++
+ jbd_debug(1, "Start checkpoint\n");
+
+ /*
+diff -urNp linux-2.6.32.40/fs/jffs2/compr_rtime.c linux-2.6.32.40/fs/jffs2/compr_rtime.c
+--- linux-2.6.32.40/fs/jffs2/compr_rtime.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/jffs2/compr_rtime.c 2011-05-16 21:46:57.000000000 -0400
+@@ -37,6 +37,8 @@ static int jffs2_rtime_compress(unsigned
+ int outpos = 0;
+ int pos=0;
+
++ pax_track_stack();
++
+ memset(positions,0,sizeof(positions));
+
+ while (pos < (*sourcelen) && outpos <= (*dstlen)-2) {
+@@ -79,6 +81,8 @@ static int jffs2_rtime_decompress(unsign
+ int outpos = 0;
+ int pos=0;
+
++ pax_track_stack();
++
+ memset(positions,0,sizeof(positions));
+
+ while (outpos<destlen) {
+diff -urNp linux-2.6.32.40/fs/jffs2/compr_rubin.c linux-2.6.32.40/fs/jffs2/compr_rubin.c
+--- linux-2.6.32.40/fs/jffs2/compr_rubin.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/jffs2/compr_rubin.c 2011-05-16 21:46:57.000000000 -0400
+@@ -314,6 +314,8 @@ static int jffs2_dynrubin_compress(unsig
+ int ret;
+ uint32_t mysrclen, mydstlen;
+
++ pax_track_stack();
++
+ mysrclen = *sourcelen;
+ mydstlen = *dstlen - 8;
+
diff -urNp linux-2.6.32.40/fs/jffs2/erase.c linux-2.6.32.40/fs/jffs2/erase.c
--- linux-2.6.32.40/fs/jffs2/erase.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/jffs2/erase.c 2011-04-17 15:56:46.000000000 -0400
@@ -38340,6 +39948,18 @@ diff -urNp linux-2.6.32.40/fs/jffs2/wbuf.c linux-2.6.32.40/fs/jffs2/wbuf.c
};
/*
+diff -urNp linux-2.6.32.40/fs/jffs2/xattr.c linux-2.6.32.40/fs/jffs2/xattr.c
+--- linux-2.6.32.40/fs/jffs2/xattr.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/jffs2/xattr.c 2011-05-16 21:46:57.000000000 -0400
+@@ -773,6 +773,8 @@ void jffs2_build_xattr_subsystem(struct
+
+ BUG_ON(!(c->flags & JFFS2_SB_FLAG_BUILDING));
+
++ pax_track_stack();
++
+ /* Phase.1 : Merge same xref */
+ for (i=0; i < XREF_TMPHASH_SIZE; i++)
+ xref_tmphash[i] = NULL;
diff -urNp linux-2.6.32.40/fs/Kconfig.binfmt linux-2.6.32.40/fs/Kconfig.binfmt
--- linux-2.6.32.40/fs/Kconfig.binfmt 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/Kconfig.binfmt 2011-04-17 15:56:46.000000000 -0400
@@ -38379,7 +39999,7 @@ diff -urNp linux-2.6.32.40/fs/libfs.c linux-2.6.32.40/fs/libfs.c
dt_type(next->d_inode)) < 0)
diff -urNp linux-2.6.32.40/fs/lockd/clntproc.c linux-2.6.32.40/fs/lockd/clntproc.c
--- linux-2.6.32.40/fs/lockd/clntproc.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/lockd/clntproc.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/fs/lockd/clntproc.c 2011-05-16 21:46:57.000000000 -0400
@@ -36,11 +36,11 @@ static const struct rpc_call_ops nlmclnt
/*
* Cookie counter for NLM requests
@@ -38394,6 +40014,15 @@ diff -urNp linux-2.6.32.40/fs/lockd/clntproc.c linux-2.6.32.40/fs/lockd/clntproc
memcpy(c->data, &cookie, 4);
c->len=4;
+@@ -621,6 +621,8 @@ nlmclnt_reclaim(struct nlm_host *host, s
+ struct nlm_rqst reqst, *req;
+ int status;
+
++ pax_track_stack();
++
+ req = &reqst;
+ memset(req, 0, sizeof(*req));
+ locks_init_lock(&req->a_args.lock.fl);
diff -urNp linux-2.6.32.40/fs/lockd/svc.c linux-2.6.32.40/fs/lockd/svc.c
--- linux-2.6.32.40/fs/lockd/svc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/lockd/svc.c 2011-04-17 15:56:46.000000000 -0400
@@ -38432,7 +40061,7 @@ diff -urNp linux-2.6.32.40/fs/locks.c linux-2.6.32.40/fs/locks.c
lock_kernel();
diff -urNp linux-2.6.32.40/fs/namei.c linux-2.6.32.40/fs/namei.c
--- linux-2.6.32.40/fs/namei.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/namei.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/fs/namei.c 2011-05-16 21:46:57.000000000 -0400
@@ -224,14 +224,6 @@ int generic_permission(struct inode *ino
return ret;
@@ -38811,7 +40440,16 @@ diff -urNp linux-2.6.32.40/fs/namei.c linux-2.6.32.40/fs/namei.c
out_drop_write:
mnt_drop_write(nd.path.mnt);
out_dput:
-@@ -2764,6 +2916,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -2708,6 +2860,8 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+ char *to;
+ int error;
+
++ pax_track_stack();
++
+ error = user_path_parent(olddfd, oldname, &oldnd, &from);
+ if (error)
+ goto exit;
+@@ -2764,6 +2918,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
if (new_dentry == trap)
goto exit5;
@@ -38824,7 +40462,7 @@ diff -urNp linux-2.6.32.40/fs/namei.c linux-2.6.32.40/fs/namei.c
error = mnt_want_write(oldnd.path.mnt);
if (error)
goto exit5;
-@@ -2773,6 +2931,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -2773,6 +2933,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
goto exit6;
error = vfs_rename(old_dir->d_inode, old_dentry,
new_dir->d_inode, new_dentry);
@@ -38834,7 +40472,7 @@ diff -urNp linux-2.6.32.40/fs/namei.c linux-2.6.32.40/fs/namei.c
exit6:
mnt_drop_write(oldnd.path.mnt);
exit5:
-@@ -2798,6 +2959,8 @@ SYSCALL_DEFINE2(rename, const char __use
+@@ -2798,6 +2961,8 @@ SYSCALL_DEFINE2(rename, const char __use
int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
{
@@ -38843,7 +40481,7 @@ diff -urNp linux-2.6.32.40/fs/namei.c linux-2.6.32.40/fs/namei.c
int len;
len = PTR_ERR(link);
-@@ -2807,7 +2970,14 @@ int vfs_readlink(struct dentry *dentry,
+@@ -2807,7 +2972,14 @@ int vfs_readlink(struct dentry *dentry,
len = strlen(link);
if (len > (unsigned) buflen)
len = buflen;
@@ -38922,6 +40560,80 @@ diff -urNp linux-2.6.32.40/fs/namespace.c linux-2.6.32.40/fs/namespace.c
read_lock(&current->fs->lock);
root = current->fs->root;
path_get(&current->fs->root);
+diff -urNp linux-2.6.32.40/fs/ncpfs/dir.c linux-2.6.32.40/fs/ncpfs/dir.c
+--- linux-2.6.32.40/fs/ncpfs/dir.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/ncpfs/dir.c 2011-05-16 21:46:57.000000000 -0400
+@@ -275,6 +275,8 @@ __ncp_lookup_validate(struct dentry *den
+ int res, val = 0, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ parent = dget_parent(dentry);
+ dir = parent->d_inode;
+
+@@ -799,6 +801,8 @@ static struct dentry *ncp_lookup(struct
+ int error, res, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ lock_kernel();
+ error = -EIO;
+ if (!ncp_conn_valid(server))
+@@ -883,10 +887,12 @@ int ncp_create_new(struct inode *dir, st
+ int error, result, len;
+ int opmode;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+-
++
+ PPRINTK("ncp_create_new: creating %s/%s, mode=%x\n",
+ dentry->d_parent->d_name.name, dentry->d_name.name, mode);
+
++ pax_track_stack();
++
+ error = -EIO;
+ lock_kernel();
+ if (!ncp_conn_valid(server))
+@@ -952,6 +958,8 @@ static int ncp_mkdir(struct inode *dir,
+ int error, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ DPRINTK("ncp_mkdir: making %s/%s\n",
+ dentry->d_parent->d_name.name, dentry->d_name.name);
+
+@@ -960,6 +968,8 @@ static int ncp_mkdir(struct inode *dir,
+ if (!ncp_conn_valid(server))
+ goto out;
+
++ pax_track_stack();
++
+ ncp_age_dentry(server, dentry);
+ len = sizeof(__name);
+ error = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+@@ -1114,6 +1124,8 @@ static int ncp_rename(struct inode *old_
+ int old_len, new_len;
+ __u8 __old_name[NCP_MAXPATHLEN + 1], __new_name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ DPRINTK("ncp_rename: %s/%s to %s/%s\n",
+ old_dentry->d_parent->d_name.name, old_dentry->d_name.name,
+ new_dentry->d_parent->d_name.name, new_dentry->d_name.name);
+diff -urNp linux-2.6.32.40/fs/ncpfs/inode.c linux-2.6.32.40/fs/ncpfs/inode.c
+--- linux-2.6.32.40/fs/ncpfs/inode.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/ncpfs/inode.c 2011-05-16 21:46:57.000000000 -0400
+@@ -445,6 +445,8 @@ static int ncp_fill_super(struct super_b
+ #endif
+ struct ncp_entry_info finfo;
+
++ pax_track_stack();
++
+ data.wdog_pid = NULL;
+ server = kzalloc(sizeof(struct ncp_server), GFP_KERNEL);
+ if (!server)
diff -urNp linux-2.6.32.40/fs/nfs/inode.c linux-2.6.32.40/fs/nfs/inode.c
--- linux-2.6.32.40/fs/nfs/inode.c 2011-05-10 22:12:01.000000000 -0400
+++ linux-2.6.32.40/fs/nfs/inode.c 2011-05-10 22:12:33.000000000 -0400
@@ -38957,6 +40669,30 @@ diff -urNp linux-2.6.32.40/fs/nfsd/lockd.c linux-2.6.32.40/fs/nfsd/lockd.c
.fopen = nlm_fopen, /* open file for locking */
.fclose = nlm_fclose, /* close file */
};
+diff -urNp linux-2.6.32.40/fs/nfsd/nfs4state.c linux-2.6.32.40/fs/nfsd/nfs4state.c
+--- linux-2.6.32.40/fs/nfsd/nfs4state.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/nfsd/nfs4state.c 2011-05-16 21:46:57.000000000 -0400
+@@ -3457,6 +3457,8 @@ nfsd4_lock(struct svc_rqst *rqstp, struc
+ unsigned int cmd;
+ int err;
+
++ pax_track_stack();
++
+ dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
+ (long long) lock->lk_offset,
+ (long long) lock->lk_length);
+diff -urNp linux-2.6.32.40/fs/nfsd/nfs4xdr.c linux-2.6.32.40/fs/nfsd/nfs4xdr.c
+--- linux-2.6.32.40/fs/nfsd/nfs4xdr.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/nfsd/nfs4xdr.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1751,6 +1751,8 @@ nfsd4_encode_fattr(struct svc_fh *fhp, s
+ struct nfsd4_compoundres *resp = rqstp->rq_resp;
+ u32 minorversion = resp->cstate.minorversion;
+
++ pax_track_stack();
++
+ BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1);
+ BUG_ON(bmval0 & ~nfsd_suppattrs0(minorversion));
+ BUG_ON(bmval1 & ~nfsd_suppattrs1(minorversion));
diff -urNp linux-2.6.32.40/fs/nfsd/vfs.c linux-2.6.32.40/fs/nfsd/vfs.c
--- linux-2.6.32.40/fs/nfsd/vfs.c 2011-05-10 22:12:01.000000000 -0400
+++ linux-2.6.32.40/fs/nfsd/vfs.c 2011-05-10 22:12:33.000000000 -0400
@@ -39080,6 +40816,18 @@ diff -urNp linux-2.6.32.40/fs/ocfs2/localalloc.c linux-2.6.32.40/fs/ocfs2/locala
status = 0;
bail:
+diff -urNp linux-2.6.32.40/fs/ocfs2/namei.c linux-2.6.32.40/fs/ocfs2/namei.c
+--- linux-2.6.32.40/fs/ocfs2/namei.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/ocfs2/namei.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1043,6 +1043,8 @@ static int ocfs2_rename(struct inode *ol
+ struct ocfs2_dir_lookup_result orphan_insert = { NULL, };
+ struct ocfs2_dir_lookup_result target_insert = { NULL, };
+
++ pax_track_stack();
++
+ /* At some point it might be nice to break this function up a
+ * bit. */
+
diff -urNp linux-2.6.32.40/fs/ocfs2/ocfs2.h linux-2.6.32.40/fs/ocfs2/ocfs2.h
--- linux-2.6.32.40/fs/ocfs2/ocfs2.h 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/ocfs2/ocfs2.h 2011-04-17 15:56:46.000000000 -0400
@@ -39536,7 +41284,7 @@ diff -urNp linux-2.6.32.40/fs/pipe.c linux-2.6.32.40/fs/pipe.c
/*
diff -urNp linux-2.6.32.40/fs/proc/array.c linux-2.6.32.40/fs/proc/array.c
--- linux-2.6.32.40/fs/proc/array.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/proc/array.c 2011-05-10 21:30:39.000000000 -0400
++++ linux-2.6.32.40/fs/proc/array.c 2011-05-16 21:46:57.000000000 -0400
@@ -60,6 +60,7 @@
#include <linux/tty.h>
#include <linux/string.h>
@@ -39592,7 +41340,7 @@ diff -urNp linux-2.6.32.40/fs/proc/array.c linux-2.6.32.40/fs/proc/array.c
static int do_task_stat(struct seq_file *m, struct pid_namespace *ns,
struct pid *pid, struct task_struct *task, int whole)
{
-@@ -358,7 +389,7 @@ static int do_task_stat(struct seq_file
+@@ -358,9 +389,11 @@ static int do_task_stat(struct seq_file
cputime_t cutime, cstime, utime, stime;
cputime_t cgtime, gtime;
unsigned long rsslim = 0;
@@ -39600,8 +41348,12 @@ diff -urNp linux-2.6.32.40/fs/proc/array.c linux-2.6.32.40/fs/proc/array.c
+ char tcomm[sizeof(task->comm)] = { 0 };
unsigned long flags;
++ pax_track_stack();
++
state = *get_task_state(task);
-@@ -433,6 +464,19 @@ static int do_task_stat(struct seq_file
+ vsize = eip = esp = 0;
+ permitted = ptrace_may_access(task, PTRACE_MODE_READ);
+@@ -433,6 +466,19 @@ static int do_task_stat(struct seq_file
gtime = task_gtime(task);
}
@@ -39621,7 +41373,7 @@ diff -urNp linux-2.6.32.40/fs/proc/array.c linux-2.6.32.40/fs/proc/array.c
/* scale priority and nice values from timeslices to -20..20 */
/* to make it look like a "normal" Unix priority/nice value */
priority = task_prio(task);
-@@ -473,9 +517,15 @@ static int do_task_stat(struct seq_file
+@@ -473,9 +519,15 @@ static int do_task_stat(struct seq_file
vsize,
mm ? get_mm_rss(mm) : 0,
rsslim,
@@ -39637,7 +41389,7 @@ diff -urNp linux-2.6.32.40/fs/proc/array.c linux-2.6.32.40/fs/proc/array.c
esp,
eip,
/* The signal information here is obsolete.
-@@ -528,3 +578,18 @@ int proc_pid_statm(struct seq_file *m, s
+@@ -528,3 +580,18 @@ int proc_pid_statm(struct seq_file *m, s
return 0;
}
@@ -40174,8 +41926,17 @@ diff -urNp linux-2.6.32.40/fs/proc/Kconfig linux-2.6.32.40/fs/proc/Kconfig
Various /proc files exist to monitor process memory utilization:
diff -urNp linux-2.6.32.40/fs/proc/kcore.c linux-2.6.32.40/fs/proc/kcore.c
--- linux-2.6.32.40/fs/proc/kcore.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/proc/kcore.c 2011-04-17 15:56:46.000000000 -0400
-@@ -477,9 +477,10 @@ read_kcore(struct file *file, char __use
++++ linux-2.6.32.40/fs/proc/kcore.c 2011-05-16 21:46:57.000000000 -0400
+@@ -320,6 +320,8 @@ static void elf_kcore_store_hdr(char *bu
+ off_t offset = 0;
+ struct kcore_list *m;
+
++ pax_track_stack();
++
+ /* setup ELF header */
+ elf = (struct elfhdr *) bufp;
+ bufp += sizeof(struct elfhdr);
+@@ -477,9 +479,10 @@ read_kcore(struct file *file, char __use
* the addresses in the elf_phdr on our list.
*/
start = kc_offset_to_vaddr(*fpos - elf_buflen);
@@ -40188,7 +41949,7 @@ diff -urNp linux-2.6.32.40/fs/proc/kcore.c linux-2.6.32.40/fs/proc/kcore.c
while (buflen) {
struct kcore_list *m;
-@@ -508,20 +509,23 @@ read_kcore(struct file *file, char __use
+@@ -508,20 +511,23 @@ read_kcore(struct file *file, char __use
kfree(elf_buf);
} else {
if (kern_addr_valid(start)) {
@@ -40223,7 +41984,7 @@ diff -urNp linux-2.6.32.40/fs/proc/kcore.c linux-2.6.32.40/fs/proc/kcore.c
} else {
if (clear_user(buffer, tsz))
return -EFAULT;
-@@ -541,6 +545,9 @@ read_kcore(struct file *file, char __use
+@@ -541,6 +547,9 @@ read_kcore(struct file *file, char __use
static int open_kcore(struct inode *inode, struct file *filp)
{
@@ -40235,8 +41996,17 @@ diff -urNp linux-2.6.32.40/fs/proc/kcore.c linux-2.6.32.40/fs/proc/kcore.c
if (kcore_need_update)
diff -urNp linux-2.6.32.40/fs/proc/meminfo.c linux-2.6.32.40/fs/proc/meminfo.c
--- linux-2.6.32.40/fs/proc/meminfo.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/proc/meminfo.c 2011-05-11 18:25:06.000000000 -0400
-@@ -149,7 +149,7 @@ static int meminfo_proc_show(struct seq_
++++ linux-2.6.32.40/fs/proc/meminfo.c 2011-05-16 21:46:57.000000000 -0400
+@@ -29,6 +29,8 @@ static int meminfo_proc_show(struct seq_
+ unsigned long pages[NR_LRU_LISTS];
+ int lru;
+
++ pax_track_stack();
++
+ /*
+ * display in kilobytes.
+ */
+@@ -149,7 +151,7 @@ static int meminfo_proc_show(struct seq_
vmi.used >> 10,
vmi.largest_chunk >> 10
#ifdef CONFIG_MEMORY_FAILURE
@@ -40600,6 +42370,18 @@ diff -urNp linux-2.6.32.40/fs/readdir.c linux-2.6.32.40/fs/readdir.c
buf.count = count;
buf.error = 0;
+diff -urNp linux-2.6.32.40/fs/reiserfs/dir.c linux-2.6.32.40/fs/reiserfs/dir.c
+--- linux-2.6.32.40/fs/reiserfs/dir.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/dir.c 2011-05-16 21:46:57.000000000 -0400
+@@ -66,6 +66,8 @@ int reiserfs_readdir_dentry(struct dentr
+ struct reiserfs_dir_entry de;
+ int ret = 0;
+
++ pax_track_stack();
++
+ reiserfs_write_lock(inode->i_sb);
+
+ reiserfs_check_lock_depth(inode->i_sb, "readdir");
diff -urNp linux-2.6.32.40/fs/reiserfs/do_balan.c linux-2.6.32.40/fs/reiserfs/do_balan.c
--- linux-2.6.32.40/fs/reiserfs/do_balan.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/reiserfs/do_balan.c 2011-04-17 15:56:46.000000000 -0400
@@ -40669,9 +42451,33 @@ diff -urNp linux-2.6.32.40/fs/reiserfs/item_ops.c linux-2.6.32.40/fs/reiserfs/it
&stat_data_ops,
&indirect_ops,
&direct_ops,
+diff -urNp linux-2.6.32.40/fs/reiserfs/journal.c linux-2.6.32.40/fs/reiserfs/journal.c
+--- linux-2.6.32.40/fs/reiserfs/journal.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/journal.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2329,6 +2329,8 @@ static struct buffer_head *reiserfs_brea
+ struct buffer_head *bh;
+ int i, j;
+
++ pax_track_stack();
++
+ bh = __getblk(dev, block, bufsize);
+ if (buffer_uptodate(bh))
+ return (bh);
+diff -urNp linux-2.6.32.40/fs/reiserfs/namei.c linux-2.6.32.40/fs/reiserfs/namei.c
+--- linux-2.6.32.40/fs/reiserfs/namei.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/namei.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1214,6 +1214,8 @@ static int reiserfs_rename(struct inode
+ unsigned long savelink = 1;
+ struct timespec ctime;
+
++ pax_track_stack();
++
+ /* three balancings: (1) old name removal, (2) new name insertion
+ and (3) maybe "save" link insertion
+ stat data updates: (1) old directory,
diff -urNp linux-2.6.32.40/fs/reiserfs/procfs.c linux-2.6.32.40/fs/reiserfs/procfs.c
--- linux-2.6.32.40/fs/reiserfs/procfs.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/reiserfs/procfs.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/procfs.c 2011-05-16 21:46:57.000000000 -0400
@@ -123,7 +123,7 @@ static int show_super(struct seq_file *m
"SMALL_TAILS " : "NO_TAILS ",
replay_only(sb) ? "REPLAY_ONLY " : "",
@@ -40681,9 +42487,78 @@ diff -urNp linux-2.6.32.40/fs/reiserfs/procfs.c linux-2.6.32.40/fs/reiserfs/proc
SF(s_disk_reads), SF(s_disk_writes), SF(s_fix_nodes),
SF(s_do_balance), SF(s_unneeded_left_neighbor),
SF(s_good_search_by_key_reada), SF(s_bmaps),
+@@ -309,6 +309,8 @@ static int show_journal(struct seq_file
+ struct journal_params *jp = &rs->s_v1.s_journal;
+ char b[BDEVNAME_SIZE];
+
++ pax_track_stack();
++
+ seq_printf(m, /* on-disk fields */
+ "jp_journal_1st_block: \t%i\n"
+ "jp_journal_dev: \t%s[%x]\n"
+diff -urNp linux-2.6.32.40/fs/reiserfs/stree.c linux-2.6.32.40/fs/reiserfs/stree.c
+--- linux-2.6.32.40/fs/reiserfs/stree.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/stree.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1159,6 +1159,8 @@ int reiserfs_delete_item(struct reiserfs
+ int iter = 0;
+ #endif
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ init_tb_struct(th, &s_del_balance, sb, path,
+@@ -1296,6 +1298,8 @@ void reiserfs_delete_solid_item(struct r
+ int retval;
+ int quota_cut_bytes = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ le_key2cpu_key(&cpu_key, key);
+@@ -1525,6 +1529,8 @@ int reiserfs_cut_from_item(struct reiser
+ int quota_cut_bytes;
+ loff_t tail_pos = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ init_tb_struct(th, &s_cut_balance, inode->i_sb, path,
+@@ -1920,6 +1926,8 @@ int reiserfs_paste_into_item(struct reis
+ int retval;
+ int fs_gen;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ fs_gen = get_generation(inode->i_sb);
+@@ -2007,6 +2015,8 @@ int reiserfs_insert_item(struct reiserfs
+ int fs_gen = 0;
+ int quota_bytes = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ if (inode) { /* Do we count quotas for item? */
+diff -urNp linux-2.6.32.40/fs/reiserfs/super.c linux-2.6.32.40/fs/reiserfs/super.c
+--- linux-2.6.32.40/fs/reiserfs/super.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/reiserfs/super.c 2011-05-16 21:46:57.000000000 -0400
+@@ -912,6 +912,8 @@ static int reiserfs_parse_options(struct
+ {.option_name = NULL}
+ };
+
++ pax_track_stack();
++
+ *blocks = 0;
+ if (!options || !*options)
+ /* use default configuration: create tails, journaling on, no
diff -urNp linux-2.6.32.40/fs/select.c linux-2.6.32.40/fs/select.c
--- linux-2.6.32.40/fs/select.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/select.c 2011-05-11 18:26:03.000000000 -0400
++++ linux-2.6.32.40/fs/select.c 2011-05-16 21:46:57.000000000 -0400
@@ -20,6 +20,7 @@
#include <linux/module.h>
#include <linux/slab.h>
@@ -40696,17 +42571,25 @@ diff -urNp linux-2.6.32.40/fs/select.c linux-2.6.32.40/fs/select.c
int retval, i, timed_out = 0;
unsigned long slack = 0;
-+ stackleak_probe(table);
++ pax_track_stack();
+
rcu_read_lock();
retval = max_select_fd(n, fds);
rcu_read_unlock();
-@@ -821,6 +824,10 @@ int do_sys_poll(struct pollfd __user *uf
+@@ -529,6 +532,8 @@ int core_sys_select(int n, fd_set __user
+ /* Allocate small arguments on the stack to save memory and be faster */
+ long stack_fds[SELECT_STACK_ALLOC/sizeof(long)];
+
++ pax_track_stack();
++
+ ret = -EINVAL;
+ if (n < 0)
+ goto out_nofds;
+@@ -821,6 +826,9 @@ int do_sys_poll(struct pollfd __user *uf
struct poll_list *walk = head;
unsigned long todo = nfds;
-+ stackleak_probe(table);
-+ stackleak_probe(stack_pps);
++ pax_track_stack();
+
+ gr_learn_resource(current, RLIMIT_NOFILE, nfds, 1);
if (nfds > current->signal->rlim[RLIMIT_NOFILE].rlim_cur)
@@ -40769,7 +42652,7 @@ diff -urNp linux-2.6.32.40/fs/smbfs/symlink.c linux-2.6.32.40/fs/smbfs/symlink.c
}
diff -urNp linux-2.6.32.40/fs/splice.c linux-2.6.32.40/fs/splice.c
--- linux-2.6.32.40/fs/splice.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/fs/splice.c 2011-05-11 18:25:15.000000000 -0400
++++ linux-2.6.32.40/fs/splice.c 2011-05-16 21:46:57.000000000 -0400
@@ -185,7 +185,7 @@ ssize_t splice_to_pipe(struct pipe_inode
pipe_lock(pipe);
@@ -40795,7 +42678,7 @@ diff -urNp linux-2.6.32.40/fs/splice.c linux-2.6.32.40/fs/splice.c
.spd_release = spd_release_page,
};
-+ stackleak_probe(partial);
++ pax_track_stack();
+
index = *ppos >> PAGE_CACHE_SHIFT;
loff = *ppos & ~PAGE_CACHE_MASK;
@@ -40822,7 +42705,7 @@ diff -urNp linux-2.6.32.40/fs/splice.c linux-2.6.32.40/fs/splice.c
.spd_release = spd_release_page,
};
-+ stackleak_probe(partial);
++ pax_track_stack();
+
index = *ppos >> PAGE_CACHE_SHIFT;
offset = *ppos & ~PAGE_CACHE_MASK;
@@ -40862,7 +42745,7 @@ diff -urNp linux-2.6.32.40/fs/splice.c linux-2.6.32.40/fs/splice.c
.spd_release = spd_release_page,
};
-+ stackleak_probe(partial);
++ pax_track_stack();
+
pipe = pipe_info(file->f_path.dentry->d_inode);
if (!pipe)
@@ -41071,6 +42954,18 @@ diff -urNp linux-2.6.32.40/fs/udf/balloc.c linux-2.6.32.40/fs/udf/balloc.c
udf_debug("%d < %d || %d + %d > %d\n",
bloc.logicalBlockNum, 0, bloc.logicalBlockNum, count,
partmap->s_partition_len);
+diff -urNp linux-2.6.32.40/fs/udf/inode.c linux-2.6.32.40/fs/udf/inode.c
+--- linux-2.6.32.40/fs/udf/inode.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/fs/udf/inode.c 2011-05-16 21:46:57.000000000 -0400
+@@ -484,6 +484,8 @@ static struct buffer_head *inode_getblk(
+ int goal = 0, pgoal = iinfo->i_location.logicalBlockNum;
+ int lastblock = 0;
+
++ pax_track_stack();
++
+ prev_epos.offset = udf_file_entry_alloc_offset(inode);
+ prev_epos.block = iinfo->i_location;
+ prev_epos.bh = NULL;
diff -urNp linux-2.6.32.40/fs/udf/misc.c linux-2.6.32.40/fs/udf/misc.c
--- linux-2.6.32.40/fs/udf/misc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/fs/udf/misc.c 2011-04-23 12:56:11.000000000 -0400
@@ -41382,8 +43277,8 @@ diff -urNp linux-2.6.32.40/grsecurity/gracl_alloc.c linux-2.6.32.40/grsecurity/g
+}
diff -urNp linux-2.6.32.40/grsecurity/gracl.c linux-2.6.32.40/grsecurity/gracl.c
--- linux-2.6.32.40/grsecurity/gracl.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.40/grsecurity/gracl.c 2011-04-17 15:56:46.000000000 -0400
-@@ -0,0 +1,4050 @@
++++ linux-2.6.32.40/grsecurity/gracl.c 2011-05-17 17:29:53.000000000 -0400
+@@ -0,0 +1,4074 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -43642,6 +45537,8 @@ diff -urNp linux-2.6.32.40/grsecurity/gracl.c linux-2.6.32.40/grsecurity/gracl.c
+ return;
+}
+
++extern int __gr_process_user_ban(struct user_struct *user);
++
+int
+gr_check_user_change(int real, int effective, int fs)
+{
@@ -43653,6 +45550,28 @@ diff -urNp linux-2.6.32.40/grsecurity/gracl.c linux-2.6.32.40/grsecurity/gracl.c
+ int effectiveok = 0;
+ int fsok = 0;
+
++#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
++ struct user_struct *user;
++
++ if (real == -1)
++ goto skipit;
++
++ user = find_user(real);
++ if (user == NULL)
++ goto skipit;
++
++ if (__gr_process_user_ban(user)) {
++ /* for find_user */
++ free_uid(user);
++ return 1;
++ }
++
++ /* for find_user */
++ free_uid(user);
++
++skipit:
++#endif
++
+ if (unlikely(!(gr_status & GR_READY)))
+ return 0;
+
@@ -48893,8 +50812,8 @@ diff -urNp linux-2.6.32.40/grsecurity/grsec_ptrace.c linux-2.6.32.40/grsecurity/
+}
diff -urNp linux-2.6.32.40/grsecurity/grsec_sig.c linux-2.6.32.40/grsecurity/grsec_sig.c
--- linux-2.6.32.40/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.40/grsecurity/grsec_sig.c 2011-04-17 15:56:46.000000000 -0400
-@@ -0,0 +1,196 @@
++++ linux-2.6.32.40/grsecurity/grsec_sig.c 2011-05-17 17:30:04.000000000 -0400
+@@ -0,0 +1,202 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
+#include <linux/delay.h>
@@ -49075,11 +50994,10 @@ diff -urNp linux-2.6.32.40/grsecurity/grsec_sig.c linux-2.6.32.40/grsecurity/grs
+#endif
+}
+
-+int gr_process_user_ban(void)
++int __gr_process_user_ban(struct user_struct *user)
+{
+#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
-+ if (unlikely(current->cred->user->banned)) {
-+ struct user_struct *user = current->cred->user;
++ if (unlikely(user->banned)) {
+ if (user->ban_expires != ~0UL && time_after_eq(get_seconds(), user->ban_expires)) {
+ user->banned = 0;
+ user->ban_expires = 0;
@@ -49091,6 +51009,13 @@ diff -urNp linux-2.6.32.40/grsecurity/grsec_sig.c linux-2.6.32.40/grsecurity/grs
+ return 0;
+}
+
++int gr_process_user_ban(void)
++{
++#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
++ return __gr_process_user_ban(current->cred->user);
++#endif
++ return 0;
++}
diff -urNp linux-2.6.32.40/grsecurity/grsec_sock.c linux-2.6.32.40/grsecurity/grsec_sock.c
--- linux-2.6.32.40/grsecurity/grsec_sock.c 1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.32.40/grsecurity/grsec_sock.c 2011-04-17 15:56:46.000000000 -0400
@@ -51097,7 +53022,7 @@ diff -urNp linux-2.6.32.40/include/acpi/acpi_drivers.h linux-2.6.32.40/include/a
return -ENODEV;
diff -urNp linux-2.6.32.40/include/asm-generic/atomic-long.h linux-2.6.32.40/include/asm-generic/atomic-long.h
--- linux-2.6.32.40/include/asm-generic/atomic-long.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/include/asm-generic/atomic-long.h 2011-05-04 17:56:20.000000000 -0400
++++ linux-2.6.32.40/include/asm-generic/atomic-long.h 2011-05-16 21:46:57.000000000 -0400
@@ -22,6 +22,12 @@
typedef atomic64_t atomic_long_t;
@@ -51348,7 +53273,7 @@ diff -urNp linux-2.6.32.40/include/asm-generic/atomic-long.h linux-2.6.32.40/inc
+#define atomic_add_unchecked(i, v) atomic_add((i), (v))
+#define atomic_sub_unchecked(i, v) atomic_sub((i), (v))
+#define atomic_inc_unchecked(v) atomic_inc(v)
-+#define atomic_inc_and_test_unchecked(v) atomic_inc(v)
++#define atomic_inc_and_test_unchecked(v) atomic_inc_and_test(v)
+#define atomic_inc_return_unchecked(v) atomic_inc_return(v)
+#define atomic_add_return_unchecked(i, v) atomic_add_return((i), (v))
+#define atomic_dec_unchecked(v) atomic_dec(v)
@@ -53485,32 +55410,21 @@ diff -urNp linux-2.6.32.40/include/linux/i2o.h linux-2.6.32.40/include/linux/i2o
#endif
diff -urNp linux-2.6.32.40/include/linux/init_task.h linux-2.6.32.40/include/linux/init_task.h
--- linux-2.6.32.40/include/linux/init_task.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/include/linux/init_task.h 2011-04-30 17:52:14.000000000 -0400
-@@ -83,6 +83,14 @@ extern struct group_info init_groups;
++++ linux-2.6.32.40/include/linux/init_task.h 2011-05-18 20:44:59.000000000 -0400
+@@ -83,6 +83,12 @@ extern struct group_info init_groups;
#define INIT_IDS
#endif
+#ifdef CONFIG_X86
+#define INIT_TASK_THREAD_INFO .tinfo = INIT_THREAD_INFO,
-+#define INIT_TASK_STACK .stack = &init_thread_union,
+#else
+#define INIT_TASK_THREAD_INFO
-+#define INIT_TASK_STACK .stack = &init_thread_info,
+#endif
+
#ifdef CONFIG_SECURITY_FILE_CAPABILITIES
/*
* Because of the reduced scope of CAP_SETPCAP when filesystem
-@@ -122,7 +130,7 @@ extern struct cred init_cred;
- #define INIT_TASK(tsk) \
- { \
- .state = 0, \
-- .stack = &init_thread_info, \
-+ INIT_TASK_STACK \
- .usage = ATOMIC_INIT(2), \
- .flags = PF_KTHREAD, \
- .lock_depth = -1, \
-@@ -156,6 +164,7 @@ extern struct cred init_cred;
+@@ -156,6 +162,7 @@ extern struct cred init_cred;
__MUTEX_INITIALIZER(tsk.cred_guard_mutex), \
.comm = "swapper", \
.thread = INIT_THREAD, \
@@ -54349,7 +56263,7 @@ diff -urNp linux-2.6.32.40/include/linux/reiserfs_fs_sb.h linux-2.6.32.40/includ
on-disk FS format */
diff -urNp linux-2.6.32.40/include/linux/sched.h linux-2.6.32.40/include/linux/sched.h
--- linux-2.6.32.40/include/linux/sched.h 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/include/linux/sched.h 2011-05-11 18:38:56.000000000 -0400
++++ linux-2.6.32.40/include/linux/sched.h 2011-05-18 20:09:37.000000000 -0400
@@ -101,6 +101,7 @@ struct bio;
struct fs_struct;
struct bts_context;
@@ -54496,7 +56410,7 @@ diff -urNp linux-2.6.32.40/include/linux/sched.h linux-2.6.32.40/include/linux/s
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
/* Index of current stored adress in ret_stack */
int curr_ret_stack;
-@@ -1542,6 +1582,67 @@ struct task_struct {
+@@ -1542,6 +1582,63 @@ struct task_struct {
#endif /* CONFIG_TRACING */
};
@@ -54545,26 +56459,22 @@ diff -urNp linux-2.6.32.40/include/linux/sched.h linux-2.6.32.40/include/linux/s
+void pax_report_refcount_overflow(struct pt_regs *regs);
+void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type);
+
++static inline void pax_track_stack(void)
++{
++
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+#define stackleak_probe(var) \
-+ do { \
-+ size_t maxidx = sizeof(var) / sizeof(long); \
-+ long *p = (long *)&var; \
-+ unsigned int i; \
-+ \
-+ BUILD_BUG_ON(sizeof(var) < 64); \
-+ \
-+ for (i = 0; i < maxidx; i += 64 / sizeof(long)) \
-+ p[i] = 0; \
-+ } while (0)
-+#else
-+#define stackleak_probe(var) do { } while (0)
++ unsigned long sp = current_stack_pointer;
++ if (current_thread_info()->lowest_stack > sp &&
++ (unsigned long)task_stack_page(current) < sp)
++ current_thread_info()->lowest_stack = sp;
+#endif
+
++}
++
/* Future-safe accessor for struct task_struct's cpus_allowed. */
#define tsk_cpumask(tsk) (&(tsk)->cpus_allowed)
-@@ -1978,7 +2079,9 @@ void yield(void);
+@@ -1978,7 +2075,9 @@ void yield(void);
extern struct exec_domain default_exec_domain;
union thread_union {
@@ -54574,7 +56484,7 @@ diff -urNp linux-2.6.32.40/include/linux/sched.h linux-2.6.32.40/include/linux/s
unsigned long stack[THREAD_SIZE/sizeof(long)];
};
-@@ -2155,7 +2258,7 @@ extern void __cleanup_sighand(struct sig
+@@ -2155,7 +2254,7 @@ extern void __cleanup_sighand(struct sig
extern void exit_itimers(struct signal_struct *);
extern void flush_itimer_signals(void);
@@ -54583,7 +56493,7 @@ diff -urNp linux-2.6.32.40/include/linux/sched.h linux-2.6.32.40/include/linux/s
extern void daemonize(const char *, ...);
extern int allow_signal(int);
-@@ -2284,13 +2387,17 @@ static inline unsigned long *end_of_stac
+@@ -2284,13 +2383,17 @@ static inline unsigned long *end_of_stac
#endif
@@ -56124,12 +58034,12 @@ diff -urNp linux-2.6.32.40/ipc/mqueue.c linux-2.6.32.40/ipc/mqueue.c
u->mq_bytes + mq_bytes >
diff -urNp linux-2.6.32.40/ipc/sem.c linux-2.6.32.40/ipc/sem.c
--- linux-2.6.32.40/ipc/sem.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/ipc/sem.c 2011-05-11 18:25:15.000000000 -0400
++++ linux-2.6.32.40/ipc/sem.c 2011-05-16 21:46:57.000000000 -0400
@@ -671,6 +671,8 @@ static int semctl_main(struct ipc_namesp
ushort* sem_io = fast_sem_io;
int nsems;
-+ stackleak_probe(fast_sem_io);
++ pax_track_stack();
+
sma = sem_lock_check(ns, semid);
if (IS_ERR(sma))
@@ -56138,7 +58048,7 @@ diff -urNp linux-2.6.32.40/ipc/sem.c linux-2.6.32.40/ipc/sem.c
unsigned long jiffies_left = 0;
struct ipc_namespace *ns;
-+ stackleak_probe(fast_sops);
++ pax_track_stack();
+
ns = current->nsproxy->ipc_ns;
@@ -56314,6 +58224,18 @@ diff -urNp linux-2.6.32.40/kernel/capability.c linux-2.6.32.40/kernel/capability
+
EXPORT_SYMBOL(capable);
+EXPORT_SYMBOL(capable_nolog);
+diff -urNp linux-2.6.32.40/kernel/cgroup.c linux-2.6.32.40/kernel/cgroup.c
+--- linux-2.6.32.40/kernel/cgroup.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/kernel/cgroup.c 2011-05-16 21:46:57.000000000 -0400
+@@ -536,6 +536,8 @@ static struct css_set *find_css_set(
+ struct hlist_head *hhead;
+ struct cg_cgroup_link *link;
+
++ pax_track_stack();
++
+ /* First see if we already have a cgroup group that matches
+ * the desired set */
+ read_lock(&css_set_lock);
diff -urNp linux-2.6.32.40/kernel/configs.c linux-2.6.32.40/kernel/configs.c
--- linux-2.6.32.40/kernel/configs.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/kernel/configs.c 2011-04-17 15:56:46.000000000 -0400
@@ -56351,8 +58273,80 @@ diff -urNp linux-2.6.32.40/kernel/cpu.c linux-2.6.32.40/kernel/cpu.c
* Should always be manipulated under cpu_add_remove_lock
diff -urNp linux-2.6.32.40/kernel/cred.c linux-2.6.32.40/kernel/cred.c
--- linux-2.6.32.40/kernel/cred.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/kernel/cred.c 2011-04-17 15:56:46.000000000 -0400
-@@ -544,6 +544,8 @@ int commit_creds(struct cred *new)
++++ linux-2.6.32.40/kernel/cred.c 2011-05-17 19:26:34.000000000 -0400
+@@ -160,6 +160,8 @@ static void put_cred_rcu(struct rcu_head
+ */
+ void __put_cred(struct cred *cred)
+ {
++ pax_track_stack();
++
+ kdebug("__put_cred(%p{%d,%d})", cred,
+ atomic_read(&cred->usage),
+ read_cred_subscribers(cred));
+@@ -184,6 +186,8 @@ void exit_creds(struct task_struct *tsk)
+ {
+ struct cred *cred;
+
++ pax_track_stack();
++
+ kdebug("exit_creds(%u,%p,%p,{%d,%d})", tsk->pid, tsk->real_cred, tsk->cred,
+ atomic_read(&tsk->cred->usage),
+ read_cred_subscribers(tsk->cred));
+@@ -222,6 +226,8 @@ const struct cred *get_task_cred(struct
+ {
+ const struct cred *cred;
+
++ pax_track_stack();
++
+ rcu_read_lock();
+
+ do {
+@@ -241,6 +247,8 @@ struct cred *cred_alloc_blank(void)
+ {
+ struct cred *new;
+
++ pax_track_stack();
++
+ new = kmem_cache_zalloc(cred_jar, GFP_KERNEL);
+ if (!new)
+ return NULL;
+@@ -289,6 +297,8 @@ struct cred *prepare_creds(void)
+ const struct cred *old;
+ struct cred *new;
+
++ pax_track_stack();
++
+ validate_process_creds();
+
+ new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
+@@ -335,6 +345,8 @@ struct cred *prepare_exec_creds(void)
+ struct thread_group_cred *tgcred = NULL;
+ struct cred *new;
+
++ pax_track_stack();
++
+ #ifdef CONFIG_KEYS
+ tgcred = kmalloc(sizeof(*tgcred), GFP_KERNEL);
+ if (!tgcred)
+@@ -441,6 +453,8 @@ int copy_creds(struct task_struct *p, un
+ struct cred *new;
+ int ret;
+
++ pax_track_stack();
++
+ mutex_init(&p->cred_guard_mutex);
+
+ if (
+@@ -528,6 +542,8 @@ int commit_creds(struct cred *new)
+ struct task_struct *task = current;
+ const struct cred *old = task->real_cred;
+
++ pax_track_stack();
++
+ kdebug("commit_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -544,6 +560,8 @@ int commit_creds(struct cred *new)
get_cred(new); /* we will require a ref for the subj creds too */
@@ -56361,6 +58355,60 @@ diff -urNp linux-2.6.32.40/kernel/cred.c linux-2.6.32.40/kernel/cred.c
/* dumpability changes */
if (old->euid != new->euid ||
old->egid != new->egid ||
+@@ -606,6 +624,8 @@ EXPORT_SYMBOL(commit_creds);
+ */
+ void abort_creds(struct cred *new)
+ {
++ pax_track_stack();
++
+ kdebug("abort_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -629,6 +649,8 @@ const struct cred *override_creds(const
+ {
+ const struct cred *old = current->cred;
+
++ pax_track_stack();
++
+ kdebug("override_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -658,6 +680,8 @@ void revert_creds(const struct cred *old
+ {
+ const struct cred *override = current->cred;
+
++ pax_track_stack();
++
+ kdebug("revert_creds(%p{%d,%d})", old,
+ atomic_read(&old->usage),
+ read_cred_subscribers(old));
+@@ -704,6 +728,8 @@ struct cred *prepare_kernel_cred(struct
+ const struct cred *old;
+ struct cred *new;
+
++ pax_track_stack();
++
+ new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
+ if (!new)
+ return NULL;
+@@ -758,6 +784,8 @@ EXPORT_SYMBOL(prepare_kernel_cred);
+ */
+ int set_security_override(struct cred *new, u32 secid)
+ {
++ pax_track_stack();
++
+ return security_kernel_act_as(new, secid);
+ }
+ EXPORT_SYMBOL(set_security_override);
+@@ -777,6 +805,8 @@ int set_security_override_from_ctx(struc
+ u32 secid;
+ int ret;
+
++ pax_track_stack();
++
+ ret = security_secctx_to_secid(secctx, strlen(secctx), &secid);
+ if (ret < 0)
+ return ret;
diff -urNp linux-2.6.32.40/kernel/exit.c linux-2.6.32.40/kernel/exit.c
--- linux-2.6.32.40/kernel/exit.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/kernel/exit.c 2011-04-17 15:56:46.000000000 -0400
@@ -56635,7 +58683,7 @@ diff -urNp linux-2.6.32.40/kernel/fork.c linux-2.6.32.40/kernel/fork.c
new_fs = fs;
diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
--- linux-2.6.32.40/kernel/futex.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/kernel/futex.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/kernel/futex.c 2011-05-16 21:46:57.000000000 -0400
@@ -54,6 +54,7 @@
#include <linux/mount.h>
#include <linux/pagemap.h>
@@ -56656,7 +58704,16 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
/*
* The futex address must be "naturally" aligned.
*/
-@@ -1841,7 +1847,7 @@ retry:
+@@ -1789,6 +1795,8 @@ static int futex_wait(u32 __user *uaddr,
+ struct futex_q q;
+ int ret;
+
++ pax_track_stack();
++
+ if (!bitset)
+ return -EINVAL;
+
+@@ -1841,7 +1849,7 @@ retry:
restart = &current_thread_info()->restart_block;
restart->fn = futex_wait_restart;
@@ -56665,7 +58722,16 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
restart->futex.val = val;
restart->futex.time = abs_time->tv64;
restart->futex.bitset = bitset;
-@@ -2377,7 +2383,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
+@@ -2203,6 +2211,8 @@ static int futex_wait_requeue_pi(u32 __u
+ struct futex_q q;
+ int res, ret;
+
++ pax_track_stack();
++
+ if (!bitset)
+ return -EINVAL;
+
+@@ -2377,7 +2387,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
{
struct robust_list_head __user *head;
unsigned long ret;
@@ -56675,7 +58741,7 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
if (!futex_cmpxchg_enabled)
return -ENOSYS;
-@@ -2393,11 +2401,16 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
+@@ -2393,11 +2405,16 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
if (!p)
goto err_unlock;
ret = -EPERM;
@@ -56692,7 +58758,7 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
head = p->robust_list;
rcu_read_unlock();
}
-@@ -2459,7 +2472,7 @@ retry:
+@@ -2459,7 +2476,7 @@ retry:
*/
static inline int fetch_robust_entry(struct robust_list __user **entry,
struct robust_list __user * __user *head,
@@ -56701,7 +58767,7 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
{
unsigned long uentry;
-@@ -2640,6 +2653,7 @@ static int __init futex_init(void)
+@@ -2640,6 +2657,7 @@ static int __init futex_init(void)
{
u32 curval;
int i;
@@ -56709,7 +58775,7 @@ diff -urNp linux-2.6.32.40/kernel/futex.c linux-2.6.32.40/kernel/futex.c
/*
* This will fail and we want it. Some arch implementations do
-@@ -2651,7 +2665,10 @@ static int __init futex_init(void)
+@@ -2651,7 +2669,10 @@ static int __init futex_init(void)
* implementation, the non functional ones will return
* -ENOSYS.
*/
@@ -58314,7 +60380,7 @@ diff -urNp linux-2.6.32.40/kernel/posix-cpu-timers.c linux-2.6.32.40/kernel/posi
#include <trace/events/timer.h>
diff -urNp linux-2.6.32.40/kernel/posix-timers.c linux-2.6.32.40/kernel/posix-timers.c
--- linux-2.6.32.40/kernel/posix-timers.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/kernel/posix-timers.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/kernel/posix-timers.c 2011-05-16 21:46:57.000000000 -0400
@@ -42,6 +42,7 @@
#include <linux/compiler.h>
#include <linux/idr.h>
@@ -58323,7 +60389,16 @@ diff -urNp linux-2.6.32.40/kernel/posix-timers.c linux-2.6.32.40/kernel/posix-ti
#include <linux/syscalls.h>
#include <linux/wait.h>
#include <linux/workqueue.h>
-@@ -948,6 +949,13 @@ SYSCALL_DEFINE2(clock_settime, const clo
+@@ -296,6 +297,8 @@ static __init int init_posix_timers(void
+ .nsleep = no_nsleep,
+ };
+
++ pax_track_stack();
++
+ register_posix_clock(CLOCK_REALTIME, &clock_realtime);
+ register_posix_clock(CLOCK_MONOTONIC, &clock_monotonic);
+ register_posix_clock(CLOCK_MONOTONIC_RAW, &clock_monotonic_raw);
+@@ -948,6 +951,13 @@ SYSCALL_DEFINE2(clock_settime, const clo
if (copy_from_user(&new_tp, tp, sizeof (*tp)))
return -EFAULT;
@@ -58840,7 +60915,7 @@ diff -urNp linux-2.6.32.40/kernel/rcutree_plugin.h linux-2.6.32.40/kernel/rcutre
}
diff -urNp linux-2.6.32.40/kernel/relay.c linux-2.6.32.40/kernel/relay.c
--- linux-2.6.32.40/kernel/relay.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/kernel/relay.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/kernel/relay.c 2011-05-16 21:46:57.000000000 -0400
@@ -1222,7 +1222,7 @@ static int subbuf_splice_actor(struct fi
unsigned int flags,
int *nonpad_ret)
@@ -58850,11 +60925,13 @@ diff -urNp linux-2.6.32.40/kernel/relay.c linux-2.6.32.40/kernel/relay.c
struct rchan_buf *rbuf = in->private_data;
unsigned int subbuf_size = rbuf->chan->subbuf_size;
uint64_t pos = (uint64_t) *ppos;
-@@ -1241,6 +1241,7 @@ static int subbuf_splice_actor(struct fi
+@@ -1241,6 +1241,9 @@ static int subbuf_splice_actor(struct fi
.ops = &relay_pipe_buf_ops,
.spd_release = relay_page_release,
};
+ ssize_t ret;
++
++ pax_track_stack();
if (rbuf->subbufs_produced == rbuf->subbufs_consumed)
return 0;
@@ -59922,8 +61999,26 @@ diff -urNp linux-2.6.32.40/kernel/trace/ring_buffer.c linux-2.6.32.40/kernel/tra
{
diff -urNp linux-2.6.32.40/kernel/trace/trace.c linux-2.6.32.40/kernel/trace/trace.c
--- linux-2.6.32.40/kernel/trace/trace.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/kernel/trace/trace.c 2011-04-17 15:56:46.000000000 -0400
-@@ -3816,10 +3816,9 @@ static const struct file_operations trac
++++ linux-2.6.32.40/kernel/trace/trace.c 2011-05-16 21:46:57.000000000 -0400
+@@ -3193,6 +3193,8 @@ static ssize_t tracing_splice_read_pipe(
+ size_t rem;
+ unsigned int i;
+
++ pax_track_stack();
++
+ /* copy the tracer to avoid using a global lock all around */
+ mutex_lock(&trace_types_lock);
+ if (unlikely(old_tracer != current_trace && current_trace)) {
+@@ -3659,6 +3661,8 @@ tracing_buffers_splice_read(struct file
+ int entries, size, i;
+ size_t ret;
+
++ pax_track_stack();
++
+ if (*ppos & (PAGE_SIZE - 1)) {
+ WARN_ONCE(1, "Ftrace: previous read must page-align\n");
+ return -EINVAL;
+@@ -3816,10 +3820,9 @@ static const struct file_operations trac
};
#endif
@@ -59935,7 +62030,7 @@ diff -urNp linux-2.6.32.40/kernel/trace/trace.c linux-2.6.32.40/kernel/trace/tra
static int once;
if (d_tracer)
-@@ -3839,10 +3838,9 @@ struct dentry *tracing_init_dentry(void)
+@@ -3839,10 +3842,9 @@ struct dentry *tracing_init_dentry(void)
return d_tracer;
}
@@ -60335,14 +62430,14 @@ diff -urNp linux-2.6.32.40/localversion-grsec linux-2.6.32.40/localversion-grsec
+-grsec
diff -urNp linux-2.6.32.40/Makefile linux-2.6.32.40/Makefile
--- linux-2.6.32.40/Makefile 2011-05-10 22:12:01.000000000 -0400
-+++ linux-2.6.32.40/Makefile 2011-05-10 22:12:26.000000000 -0400
++++ linux-2.6.32.40/Makefile 2011-05-16 22:06:44.000000000 -0400
@@ -221,8 +221,8 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH"
HOSTCC = gcc
HOSTCXX = g++
-HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer
-HOSTCXXFLAGS = -O2
-+HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
++HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
+HOSTCXXFLAGS = -O2 -fno-delete-null-pointer-checks
# Decide whether to build built-in, modular, or both.
@@ -61292,8 +63387,17 @@ diff -urNp linux-2.6.32.40/mm/mempolicy.c linux-2.6.32.40/mm/mempolicy.c
} else if (vma->vm_start <= mm->start_stack &&
diff -urNp linux-2.6.32.40/mm/migrate.c linux-2.6.32.40/mm/migrate.c
--- linux-2.6.32.40/mm/migrate.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/mm/migrate.c 2011-04-17 15:56:46.000000000 -0400
-@@ -1106,6 +1106,14 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
++++ linux-2.6.32.40/mm/migrate.c 2011-05-16 21:46:57.000000000 -0400
+@@ -916,6 +916,8 @@ static int do_pages_move(struct mm_struc
+ unsigned long chunk_start;
+ int err;
+
++ pax_track_stack();
++
+ task_nodes = cpuset_mems_allowed(task);
+
+ err = -ENOMEM;
+@@ -1106,6 +1108,14 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
if (!mm)
return -EINVAL;
@@ -61308,7 +63412,7 @@ diff -urNp linux-2.6.32.40/mm/migrate.c linux-2.6.32.40/mm/migrate.c
/*
* Check if this process has the right to modify the specified
* process. The right exists if the process has administrative
-@@ -1115,8 +1123,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
+@@ -1115,8 +1125,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
rcu_read_lock();
tcred = __task_cred(task);
if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
@@ -63011,7 +65115,7 @@ diff -urNp linux-2.6.32.40/mm/nommu.c linux-2.6.32.40/mm/nommu.c
*/
diff -urNp linux-2.6.32.40/mm/page_alloc.c linux-2.6.32.40/mm/page_alloc.c
--- linux-2.6.32.40/mm/page_alloc.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/mm/page_alloc.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/mm/page_alloc.c 2011-05-16 21:46:57.000000000 -0400
@@ -587,6 +587,10 @@ static void __free_pages_ok(struct page
int bad = 0;
int wasMlocked = __TestClearPageMlocked(page);
@@ -63059,7 +65163,16 @@ diff -urNp linux-2.6.32.40/mm/page_alloc.c linux-2.6.32.40/mm/page_alloc.c
arch_free_page(page, 0);
kernel_map_pages(page, 1, 0);
-@@ -3736,7 +3753,7 @@ static void __init setup_usemap(struct p
+@@ -2179,6 +2196,8 @@ void show_free_areas(void)
+ int cpu;
+ struct zone *zone;
+
++ pax_track_stack();
++
+ for_each_populated_zone(zone) {
+ show_node(zone);
+ printk("%s per-cpu:\n", zone->name);
+@@ -3736,7 +3755,7 @@ static void __init setup_usemap(struct p
zone->pageblock_flags = alloc_bootmem_node(pgdat, usemapsize);
}
#else
@@ -63103,7 +65216,7 @@ diff -urNp linux-2.6.32.40/mm/rmap.c linux-2.6.32.40/mm/rmap.c
allocated = NULL;
diff -urNp linux-2.6.32.40/mm/shmem.c linux-2.6.32.40/mm/shmem.c
--- linux-2.6.32.40/mm/shmem.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/mm/shmem.c 2011-05-04 17:56:20.000000000 -0400
++++ linux-2.6.32.40/mm/shmem.c 2011-05-18 20:09:37.000000000 -0400
@@ -31,7 +31,7 @@
#include <linux/swap.h>
#include <linux/ima.h>
@@ -63122,16 +65235,25 @@ diff -urNp linux-2.6.32.40/mm/shmem.c linux-2.6.32.40/mm/shmem.c
if (entry->val) {
/*
* The more uptodate page coming down from a stacked
-@@ -1962,7 +1964,7 @@ static int shmem_symlink(struct inode *d
+@@ -1144,6 +1146,8 @@ static struct page *shmem_swapin(swp_ent
+ struct vm_area_struct pvma;
+ struct page *page;
+
++ pax_track_stack();
++
+ spol = mpol_cond_copy(&mpol,
+ mpol_shared_policy_lookup(&info->policy, idx));
+
+@@ -1962,7 +1966,7 @@ static int shmem_symlink(struct inode *d
info = SHMEM_I(inode);
inode->i_size = len-1;
- if (len <= (char *)inode - (char *)info) {
-+ if (len <= min((char *)inode - (char *)info, 64)) {
++ if (len <= (char *)inode - (char *)info && len <= 64) {
/* do it inline */
memcpy(info, symname, len);
inode->i_op = &shmem_symlink_inline_operations;
-@@ -2310,8 +2312,7 @@ int shmem_fill_super(struct super_block
+@@ -2310,8 +2314,7 @@ int shmem_fill_super(struct super_block
int err = -ENOMEM;
/* Round up to L1_CACHE_BYTES to resist false sharing */
@@ -64201,6 +66323,18 @@ diff -urNp linux-2.6.32.40/net/atm/atm_misc.c linux-2.6.32.40/net/atm/atm_misc.c
__SONET_ITEMS
#undef __HANDLE_ITEM
}
+diff -urNp linux-2.6.32.40/net/atm/mpoa_caches.c linux-2.6.32.40/net/atm/mpoa_caches.c
+--- linux-2.6.32.40/net/atm/mpoa_caches.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/atm/mpoa_caches.c 2011-05-16 21:46:57.000000000 -0400
+@@ -498,6 +498,8 @@ static void clear_expired(struct mpoa_cl
+ struct timeval now;
+ struct k_message msg;
+
++ pax_track_stack();
++
+ do_gettimeofday(&now);
+
+ write_lock_irq(&client->egress_lock);
diff -urNp linux-2.6.32.40/net/atm/proc.c linux-2.6.32.40/net/atm/proc.c
--- linux-2.6.32.40/net/atm/proc.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/atm/proc.c 2011-04-17 15:56:46.000000000 -0400
@@ -64299,6 +66433,18 @@ diff -urNp linux-2.6.32.40/net/bridge/br_sysfs_if.c linux-2.6.32.40/net/bridge/b
.show = brport_show,
.store = brport_store,
};
+diff -urNp linux-2.6.32.40/net/bridge/netfilter/ebtables.c linux-2.6.32.40/net/bridge/netfilter/ebtables.c
+--- linux-2.6.32.40/net/bridge/netfilter/ebtables.c 2011-04-17 17:00:52.000000000 -0400
++++ linux-2.6.32.40/net/bridge/netfilter/ebtables.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1337,6 +1337,8 @@ static int copy_everything_to_user(struc
+ unsigned int entries_size, nentries;
+ char *entries;
+
++ pax_track_stack();
++
+ if (cmd == EBT_SO_GET_ENTRIES) {
+ entries_size = t->private->entries_size;
+ nentries = t->private->nentries;
diff -urNp linux-2.6.32.40/net/can/bcm.c linux-2.6.32.40/net/can/bcm.c
--- linux-2.6.32.40/net/can/bcm.c 2011-05-10 22:12:01.000000000 -0400
+++ linux-2.6.32.40/net/can/bcm.c 2011-05-10 22:12:34.000000000 -0400
@@ -64416,6 +66562,18 @@ diff -urNp linux-2.6.32.40/net/core/flow.c linux-2.6.32.40/net/core/flow.c
if (!fle->object || fle->genid == genid)
continue;
+diff -urNp linux-2.6.32.40/net/core/skbuff.c linux-2.6.32.40/net/core/skbuff.c
+--- linux-2.6.32.40/net/core/skbuff.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/core/skbuff.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1544,6 +1544,8 @@ int skb_splice_bits(struct sk_buff *skb,
+ struct sk_buff *frag_iter;
+ struct sock *sk = skb->sk;
+
++ pax_track_stack();
++
+ /*
+ * __skb_splice_bits() only fails if the output has no room left,
+ * so no point in going over the frag_list for the error case.
diff -urNp linux-2.6.32.40/net/core/sock.c linux-2.6.32.40/net/core/sock.c
--- linux-2.6.32.40/net/core/sock.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/core/sock.c 2011-05-04 17:56:20.000000000 -0400
@@ -64594,8 +66752,17 @@ diff -urNp linux-2.6.32.40/net/ipv4/inet_hashtables.c linux-2.6.32.40/net/ipv4/i
inet_twsk_put(tw);
diff -urNp linux-2.6.32.40/net/ipv4/inetpeer.c linux-2.6.32.40/net/ipv4/inetpeer.c
--- linux-2.6.32.40/net/ipv4/inetpeer.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/ipv4/inetpeer.c 2011-04-17 15:56:46.000000000 -0400
-@@ -389,7 +389,7 @@ struct inet_peer *inet_getpeer(__be32 da
++++ linux-2.6.32.40/net/ipv4/inetpeer.c 2011-05-16 21:46:57.000000000 -0400
+@@ -366,6 +366,8 @@ struct inet_peer *inet_getpeer(__be32 da
+ struct inet_peer *p, *n;
+ struct inet_peer **stack[PEER_MAXDEPTH], ***stackptr;
+
++ pax_track_stack();
++
+ /* Look up for the address quickly. */
+ read_lock_bh(&peer_pool_lock);
+ p = lookup(daddr, NULL);
+@@ -389,7 +391,7 @@ struct inet_peer *inet_getpeer(__be32 da
return NULL;
n->v4daddr = daddr;
atomic_set(&n->refcnt, 1);
@@ -64616,6 +66783,18 @@ diff -urNp linux-2.6.32.40/net/ipv4/ip_fragment.c linux-2.6.32.40/net/ipv4/ip_fr
qp->rid = end;
rc = qp->q.fragments && (end - start) > max;
+diff -urNp linux-2.6.32.40/net/ipv4/ip_sockglue.c linux-2.6.32.40/net/ipv4/ip_sockglue.c
+--- linux-2.6.32.40/net/ipv4/ip_sockglue.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/ipv4/ip_sockglue.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1015,6 +1015,8 @@ static int do_ip_getsockopt(struct sock
+ int val;
+ int len;
+
++ pax_track_stack();
++
+ if (level != SOL_IP)
+ return -EOPNOTSUPP;
+
diff -urNp linux-2.6.32.40/net/ipv4/netfilter/arp_tables.c linux-2.6.32.40/net/ipv4/netfilter/arp_tables.c
--- linux-2.6.32.40/net/ipv4/netfilter/arp_tables.c 2011-04-17 17:00:52.000000000 -0400
+++ linux-2.6.32.40/net/ipv4/netfilter/arp_tables.c 2011-04-17 17:04:18.000000000 -0400
@@ -64751,6 +66930,27 @@ diff -urNp linux-2.6.32.40/net/ipv4/route.c linux-2.6.32.40/net/ipv4/route.c
(int) ((num_physpages ^ (num_physpages>>8)) ^
(jiffies ^ (jiffies >> 7))));
+diff -urNp linux-2.6.32.40/net/ipv4/tcp.c linux-2.6.32.40/net/ipv4/tcp.c
+--- linux-2.6.32.40/net/ipv4/tcp.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/ipv4/tcp.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2085,6 +2085,8 @@ static int do_tcp_setsockopt(struct sock
+ int val;
+ int err = 0;
+
++ pax_track_stack();
++
+ /* This is a string value all the others are int's */
+ if (optname == TCP_CONGESTION) {
+ char name[TCP_CA_NAME_MAX];
+@@ -2355,6 +2357,8 @@ static int do_tcp_getsockopt(struct sock
+ struct tcp_sock *tp = tcp_sk(sk);
+ int val, len;
+
++ pax_track_stack();
++
+ if (get_user(len, optlen))
+ return -EFAULT;
+
diff -urNp linux-2.6.32.40/net/ipv4/tcp_ipv4.c linux-2.6.32.40/net/ipv4/tcp_ipv4.c
--- linux-2.6.32.40/net/ipv4/tcp_ipv4.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/ipv4/tcp_ipv4.c 2011-04-17 15:56:46.000000000 -0400
@@ -64874,6 +67074,18 @@ diff -urNp linux-2.6.32.40/net/ipv4/tcp_minisocks.c linux-2.6.32.40/net/ipv4/tcp
if (!(flg & TCP_FLAG_RST))
req->rsk_ops->send_reset(sk, skb);
+diff -urNp linux-2.6.32.40/net/ipv4/tcp_output.c linux-2.6.32.40/net/ipv4/tcp_output.c
+--- linux-2.6.32.40/net/ipv4/tcp_output.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/ipv4/tcp_output.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2234,6 +2234,8 @@ struct sk_buff *tcp_make_synack(struct s
+ __u8 *md5_hash_location;
+ int mss;
+
++ pax_track_stack();
++
+ skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15, 1, GFP_ATOMIC);
+ if (skb == NULL)
+ return NULL;
diff -urNp linux-2.6.32.40/net/ipv4/tcp_probe.c linux-2.6.32.40/net/ipv4/tcp_probe.c
--- linux-2.6.32.40/net/ipv4/tcp_probe.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/ipv4/tcp_probe.c 2011-04-17 15:56:46.000000000 -0400
@@ -65044,6 +67256,27 @@ diff -urNp linux-2.6.32.40/net/ipv6/inet6_hashtables.c linux-2.6.32.40/net/ipv6/
const unsigned short hnum,
const struct in6_addr *daddr,
const int dif)
+diff -urNp linux-2.6.32.40/net/ipv6/ipv6_sockglue.c linux-2.6.32.40/net/ipv6/ipv6_sockglue.c
+--- linux-2.6.32.40/net/ipv6/ipv6_sockglue.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/ipv6/ipv6_sockglue.c 2011-05-16 21:46:57.000000000 -0400
+@@ -130,6 +130,8 @@ static int do_ipv6_setsockopt(struct soc
+ int val, valbool;
+ int retv = -ENOPROTOOPT;
+
++ pax_track_stack();
++
+ if (optval == NULL)
+ val=0;
+ else {
+@@ -881,6 +883,8 @@ static int do_ipv6_getsockopt(struct soc
+ int len;
+ int val;
+
++ pax_track_stack();
++
+ if (ip6_mroute_opt(optname))
+ return ip6_mroute_getsockopt(sk, optname, optval, optlen);
+
diff -urNp linux-2.6.32.40/net/ipv6/netfilter/ip6_tables.c linux-2.6.32.40/net/ipv6/netfilter/ip6_tables.c
--- linux-2.6.32.40/net/ipv6/netfilter/ip6_tables.c 2011-04-17 17:00:52.000000000 -0400
+++ linux-2.6.32.40/net/ipv6/netfilter/ip6_tables.c 2011-04-17 17:04:18.000000000 -0400
@@ -65057,7 +67290,7 @@ diff -urNp linux-2.6.32.40/net/ipv6/netfilter/ip6_tables.c linux-2.6.32.40/net/i
sizeof(info.hook_entry));
diff -urNp linux-2.6.32.40/net/ipv6/raw.c linux-2.6.32.40/net/ipv6/raw.c
--- linux-2.6.32.40/net/ipv6/raw.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/ipv6/raw.c 2011-05-04 17:58:00.000000000 -0400
++++ linux-2.6.32.40/net/ipv6/raw.c 2011-05-16 21:46:57.000000000 -0400
@@ -375,14 +375,14 @@ static inline int rawv6_rcv_skb(struct s
{
if ((raw6_sk(sk)->checksum || sk->sk_filter) &&
@@ -65111,7 +67344,16 @@ diff -urNp linux-2.6.32.40/net/ipv6/raw.c linux-2.6.32.40/net/ipv6/raw.c
struct flowi *fl, struct rt6_info *rt,
unsigned int flags)
{
-@@ -916,12 +916,17 @@ do_confirm:
+@@ -738,6 +738,8 @@ static int rawv6_sendmsg(struct kiocb *i
+ u16 proto;
+ int err;
+
++ pax_track_stack();
++
+ /* Rough check on arithmetic overflow,
+ better check is made in ip6_append_data().
+ */
+@@ -916,12 +918,17 @@ do_confirm:
static int rawv6_seticmpfilter(struct sock *sk, int level, int optname,
char __user *optval, int optlen)
{
@@ -65130,7 +67372,7 @@ diff -urNp linux-2.6.32.40/net/ipv6/raw.c linux-2.6.32.40/net/ipv6/raw.c
return 0;
default:
return -ENOPROTOOPT;
-@@ -933,6 +938,7 @@ static int rawv6_seticmpfilter(struct so
+@@ -933,6 +940,7 @@ static int rawv6_seticmpfilter(struct so
static int rawv6_geticmpfilter(struct sock *sk, int level, int optname,
char __user *optval, int __user *optlen)
{
@@ -65138,7 +67380,7 @@ diff -urNp linux-2.6.32.40/net/ipv6/raw.c linux-2.6.32.40/net/ipv6/raw.c
int len;
switch (optname) {
-@@ -945,7 +951,8 @@ static int rawv6_geticmpfilter(struct so
+@@ -945,7 +953,8 @@ static int rawv6_geticmpfilter(struct so
len = sizeof(struct icmp6_filter);
if (put_user(len, optlen))
return -EFAULT;
@@ -65148,7 +67390,7 @@ diff -urNp linux-2.6.32.40/net/ipv6/raw.c linux-2.6.32.40/net/ipv6/raw.c
return -EFAULT;
return 0;
default:
-@@ -1241,7 +1248,13 @@ static void raw6_sock_seq_show(struct se
+@@ -1241,7 +1250,13 @@ static void raw6_sock_seq_show(struct se
0, 0L, 0,
sock_i_uid(sp), 0,
sock_i_ino(sp),
@@ -65457,8 +67699,17 @@ diff -urNp linux-2.6.32.40/net/iucv/af_iucv.c linux-2.6.32.40/net/iucv/af_iucv.c
write_unlock_bh(&iucv_sk_list.lock);
diff -urNp linux-2.6.32.40/net/key/af_key.c linux-2.6.32.40/net/key/af_key.c
--- linux-2.6.32.40/net/key/af_key.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/key/af_key.c 2011-04-17 15:56:46.000000000 -0400
-@@ -3660,7 +3660,11 @@ static int pfkey_seq_show(struct seq_fil
++++ linux-2.6.32.40/net/key/af_key.c 2011-05-16 21:46:57.000000000 -0400
+@@ -2489,6 +2489,8 @@ static int pfkey_migrate(struct sock *sk
+ struct xfrm_migrate m[XFRM_MAX_DEPTH];
+ struct xfrm_kmaddress k;
+
++ pax_track_stack();
++
+ if (!present_and_same_family(ext_hdrs[SADB_EXT_ADDRESS_SRC - 1],
+ ext_hdrs[SADB_EXT_ADDRESS_DST - 1]) ||
+ !ext_hdrs[SADB_X_EXT_POLICY - 1]) {
+@@ -3660,7 +3662,11 @@ static int pfkey_seq_show(struct seq_fil
seq_printf(f ,"sk RefCnt Rmem Wmem User Inode\n");
else
seq_printf(f ,"%p %-6d %-6u %-6u %-6u %-6lu\n",
@@ -65511,6 +67762,18 @@ diff -urNp linux-2.6.32.40/net/mac80211/debugfs_key.c linux-2.6.32.40/net/mac802
for (i = 0; i < key->conf.keylen; i++)
p += scnprintf(p, bufsize + buf - p, "%02x", key->conf.key[i]);
+diff -urNp linux-2.6.32.40/net/mac80211/debugfs_sta.c linux-2.6.32.40/net/mac80211/debugfs_sta.c
+--- linux-2.6.32.40/net/mac80211/debugfs_sta.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/mac80211/debugfs_sta.c 2011-05-16 21:46:57.000000000 -0400
+@@ -124,6 +124,8 @@ static ssize_t sta_agg_status_read(struc
+ int i;
+ struct sta_info *sta = file->private_data;
+
++ pax_track_stack();
++
+ spin_lock_bh(&sta->lock);
+ p += scnprintf(p, sizeof(buf)+buf-p, "next dialog_token is %#02x\n",
+ sta->ampdu_mlme.dialog_token_allocator + 1);
diff -urNp linux-2.6.32.40/net/mac80211/ieee80211_i.h linux-2.6.32.40/net/mac80211/ieee80211_i.h
--- linux-2.6.32.40/net/mac80211/ieee80211_i.h 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/mac80211/ieee80211_i.h 2011-04-17 15:56:46.000000000 -0400
@@ -65600,6 +67863,18 @@ diff -urNp linux-2.6.32.40/net/mac80211/main.c linux-2.6.32.40/net/mac80211/main
ret = drv_config(local, changed);
/*
* Goal:
+diff -urNp linux-2.6.32.40/net/mac80211/mlme.c linux-2.6.32.40/net/mac80211/mlme.c
+--- linux-2.6.32.40/net/mac80211/mlme.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/mac80211/mlme.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1438,6 +1438,8 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee
+ bool have_higher_than_11mbit = false, newsta = false;
+ u16 ap_ht_cap_flags;
+
++ pax_track_stack();
++
+ /*
+ * AssocResp and ReassocResp have identical structure, so process both
+ * of them in this function.
diff -urNp linux-2.6.32.40/net/mac80211/pm.c linux-2.6.32.40/net/mac80211/pm.c
--- linux-2.6.32.40/net/mac80211/pm.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/mac80211/pm.c 2011-04-17 15:56:46.000000000 -0400
@@ -65648,9 +67923,21 @@ diff -urNp linux-2.6.32.40/net/mac80211/util.c linux-2.6.32.40/net/mac80211/util
/*
* Upon resume hardware can sometimes be goofy due to
* various platform / driver / bus issues, so restarting
+diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_app.c linux-2.6.32.40/net/netfilter/ipvs/ip_vs_app.c
+--- linux-2.6.32.40/net/netfilter/ipvs/ip_vs_app.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/netfilter/ipvs/ip_vs_app.c 2011-05-17 19:26:34.000000000 -0400
+@@ -564,7 +564,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_app_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+ #endif
+
diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c
--- linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c 2011-05-17 19:26:34.000000000 -0400
@@ -453,10 +453,10 @@ ip_vs_bind_dest(struct ip_vs_conn *cp, s
/* if the connection is not template and is created
* by sync, preserve the activity flag.
@@ -65673,6 +67960,24 @@ diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_conn.c linux-2.6.32.40/net/n
atomic_inc(&ip_vs_conn_count);
if (flags & IP_VS_CONN_F_NO_CPORT)
+@@ -871,7 +871,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_conn_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+
+ static const char *ip_vs_origin_name(unsigned flags)
+@@ -934,7 +934,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_conn_sync_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+
+ #endif
@@ -961,7 +961,7 @@ static inline int todrop_entry(struct ip
/* Don't drop the entry if its number of incoming packets is not
@@ -65705,7 +68010,7 @@ diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_core.c linux-2.6.32.40/net/n
(((cp->protocol != IPPROTO_TCP ||
diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c
--- linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c 2011-05-17 19:26:34.000000000 -0400
@@ -792,7 +792,7 @@ __ip_vs_update_dest(struct ip_vs_service
ip_vs_rs_hash(dest);
write_unlock_bh(&__ip_vs_rs_lock);
@@ -65733,6 +68038,24 @@ diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.32.40/net/ne
atomic_read(&dest->weight),
atomic_read(&dest->activeconns),
atomic_read(&dest->inactconns));
+@@ -1927,7 +1927,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_info_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release_private,
++ .release = seq_release_net,
+ };
+
+ #endif
+@@ -1976,7 +1976,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_stats_seq_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = single_release,
++ .release = single_release_net,
+ };
+
+ #endif
@@ -2292,7 +2292,7 @@ __ip_vs_get_dest_entries(const struct ip
entry.addr = dest->addr.ip;
@@ -65742,7 +68065,16 @@ diff -urNp linux-2.6.32.40/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.32.40/net/ne
entry.weight = atomic_read(&dest->weight);
entry.u_threshold = dest->u_threshold;
entry.l_threshold = dest->l_threshold;
-@@ -2802,7 +2802,7 @@ static int ip_vs_genl_fill_dest(struct s
+@@ -2353,6 +2353,8 @@ do_ip_vs_get_ctl(struct sock *sk, int cm
+ unsigned char arg[128];
+ int ret = 0;
+
++ pax_track_stack();
++
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+
+@@ -2802,7 +2804,7 @@ static int ip_vs_genl_fill_dest(struct s
NLA_PUT_U16(skb, IPVS_DEST_ATTR_PORT, dest->port);
NLA_PUT_U32(skb, IPVS_DEST_ATTR_FWD_METHOD,
@@ -66083,6 +68415,18 @@ diff -urNp linux-2.6.32.40/net/rds/cong.c linux-2.6.32.40/net/rds/cong.c
if (likely(*recent == gen))
return 0;
+diff -urNp linux-2.6.32.40/net/rds/iw_rdma.c linux-2.6.32.40/net/rds/iw_rdma.c
+--- linux-2.6.32.40/net/rds/iw_rdma.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/rds/iw_rdma.c 2011-05-16 21:46:57.000000000 -0400
+@@ -181,6 +181,8 @@ int rds_iw_update_cm_id(struct rds_iw_de
+ struct rdma_cm_id *pcm_id;
+ int rc;
+
++ pax_track_stack();
++
+ src_addr = (struct sockaddr_in *)&cm_id->route.addr.src_addr;
+ dst_addr = (struct sockaddr_in *)&cm_id->route.addr.dst_addr;
+
diff -urNp linux-2.6.32.40/net/rds/Kconfig linux-2.6.32.40/net/rds/Kconfig
--- linux-2.6.32.40/net/rds/Kconfig 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/rds/Kconfig 2011-04-17 15:56:46.000000000 -0400
@@ -66109,7 +68453,7 @@ diff -urNp linux-2.6.32.40/net/rxrpc/af_rxrpc.c linux-2.6.32.40/net/rxrpc/af_rxr
atomic_t rxrpc_n_skbs;
diff -urNp linux-2.6.32.40/net/rxrpc/ar-ack.c linux-2.6.32.40/net/rxrpc/ar-ack.c
--- linux-2.6.32.40/net/rxrpc/ar-ack.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/rxrpc/ar-ack.c 2011-05-04 17:56:28.000000000 -0400
++++ linux-2.6.32.40/net/rxrpc/ar-ack.c 2011-05-16 21:46:57.000000000 -0400
@@ -174,7 +174,7 @@ static void rxrpc_resend(struct rxrpc_ca
_enter("{%d,%d,%d,%d},",
@@ -66146,7 +68490,16 @@ diff -urNp linux-2.6.32.40/net/rxrpc/ar-ack.c linux-2.6.32.40/net/rxrpc/ar-ack.c
_proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
latest,
-@@ -1159,7 +1159,7 @@ void rxrpc_process_call(struct work_stru
+@@ -840,6 +840,8 @@ void rxrpc_process_call(struct work_stru
+ u32 abort_code = RX_PROTOCOL_ERROR;
+ u8 *acks = NULL;
+
++ pax_track_stack();
++
+ //printk("\n--------------------\n");
+ _enter("{%d,%s,%lx} [%lu]",
+ call->debug_id, rxrpc_call_states[call->state], call->events,
+@@ -1159,7 +1161,7 @@ void rxrpc_process_call(struct work_stru
goto maybe_reschedule;
send_ACK_with_skew:
@@ -66155,7 +68508,7 @@ diff -urNp linux-2.6.32.40/net/rxrpc/ar-ack.c linux-2.6.32.40/net/rxrpc/ar-ack.c
ntohl(ack.serial));
send_ACK:
mtu = call->conn->trans->peer->if_mtu;
-@@ -1171,7 +1171,7 @@ send_ACK:
+@@ -1171,7 +1173,7 @@ send_ACK:
ackinfo.rxMTU = htonl(5692);
ackinfo.jumbo_max = htonl(4);
@@ -66164,7 +68517,7 @@ diff -urNp linux-2.6.32.40/net/rxrpc/ar-ack.c linux-2.6.32.40/net/rxrpc/ar-ack.c
_proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
ntohl(hdr.serial),
ntohs(ack.maxSkew),
-@@ -1189,7 +1189,7 @@ send_ACK:
+@@ -1189,7 +1191,7 @@ send_ACK:
send_message:
_debug("send message");
@@ -66353,8 +68706,26 @@ diff -urNp linux-2.6.32.40/net/rxrpc/ar-transport.c linux-2.6.32.40/net/rxrpc/ar
switch (peer->srx.transport_type) {
diff -urNp linux-2.6.32.40/net/rxrpc/rxkad.c linux-2.6.32.40/net/rxrpc/rxkad.c
--- linux-2.6.32.40/net/rxrpc/rxkad.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/rxrpc/rxkad.c 2011-05-04 17:56:28.000000000 -0400
-@@ -609,7 +609,7 @@ static int rxkad_issue_challenge(struct
++++ linux-2.6.32.40/net/rxrpc/rxkad.c 2011-05-16 21:46:57.000000000 -0400
+@@ -210,6 +210,8 @@ static int rxkad_secure_packet_encrypt(c
+ u16 check;
+ int nsg;
+
++ pax_track_stack();
++
+ sp = rxrpc_skb(skb);
+
+ _enter("");
+@@ -337,6 +339,8 @@ static int rxkad_verify_packet_auth(cons
+ u16 check;
+ int nsg;
+
++ pax_track_stack();
++
+ _enter("");
+
+ sp = rxrpc_skb(skb);
+@@ -609,7 +613,7 @@ static int rxkad_issue_challenge(struct
len = iov[0].iov_len + iov[1].iov_len;
@@ -66363,7 +68734,7 @@ diff -urNp linux-2.6.32.40/net/rxrpc/rxkad.c linux-2.6.32.40/net/rxrpc/rxkad.c
_proto("Tx CHALLENGE %%%u", ntohl(hdr.serial));
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 2, len);
-@@ -659,7 +659,7 @@ static int rxkad_send_response(struct rx
+@@ -659,7 +663,7 @@ static int rxkad_send_response(struct rx
len = iov[0].iov_len + iov[1].iov_len + iov[2].iov_len;
@@ -66416,7 +68787,7 @@ diff -urNp linux-2.6.32.40/net/sctp/socket.c linux-2.6.32.40/net/sctp/socket.c
if (pp->fastreuse && sk->sk_reuse &&
diff -urNp linux-2.6.32.40/net/socket.c linux-2.6.32.40/net/socket.c
--- linux-2.6.32.40/net/socket.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.40/net/socket.c 2011-04-17 15:56:46.000000000 -0400
++++ linux-2.6.32.40/net/socket.c 2011-05-16 21:46:57.000000000 -0400
@@ -87,6 +87,7 @@
#include <linux/wireless.h>
#include <linux/nsproxy.h>
@@ -66580,6 +68951,15 @@ diff -urNp linux-2.6.32.40/net/socket.c linux-2.6.32.40/net/socket.c
err =
security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
if (err)
+@@ -1882,6 +1955,8 @@ SYSCALL_DEFINE3(sendmsg, int, fd, struct
+ int err, ctl_len, iov_size, total_len;
+ int fput_needed;
+
++ pax_track_stack();
++
+ err = -EFAULT;
+ if (MSG_CMSG_COMPAT & flags) {
+ if (get_compat_msghdr(&msg_sys, msg_compat))
diff -urNp linux-2.6.32.40/net/sunrpc/sched.c linux-2.6.32.40/net/sunrpc/sched.c
--- linux-2.6.32.40/net/sunrpc/sched.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/net/sunrpc/sched.c 2011-04-17 15:56:46.000000000 -0400
@@ -67009,6 +69389,27 @@ diff -urNp linux-2.6.32.40/net/xfrm/xfrm_policy.c linux-2.6.32.40/net/xfrm/xfrm_
xfrm_pols_put(pols, npols);
goto restart;
}
+diff -urNp linux-2.6.32.40/net/xfrm/xfrm_user.c linux-2.6.32.40/net/xfrm/xfrm_user.c
+--- linux-2.6.32.40/net/xfrm/xfrm_user.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/net/xfrm/xfrm_user.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1169,6 +1169,8 @@ static int copy_to_user_tmpl(struct xfrm
+ struct xfrm_user_tmpl vec[XFRM_MAX_DEPTH];
+ int i;
+
++ pax_track_stack();
++
+ if (xp->xfrm_nr == 0)
+ return 0;
+
+@@ -1784,6 +1786,8 @@ static int xfrm_do_migrate(struct sk_buf
+ int err;
+ int n = 0;
+
++ pax_track_stack();
++
+ if (attrs[XFRMA_MIGRATE] == NULL)
+ return -EINVAL;
+
diff -urNp linux-2.6.32.40/samples/kobject/kset-example.c linux-2.6.32.40/samples/kobject/kset-example.c
--- linux-2.6.32.40/samples/kobject/kset-example.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/samples/kobject/kset-example.c 2011-04-17 15:56:46.000000000 -0400
@@ -68004,6 +70405,30 @@ diff -urNp linux-2.6.32.40/security/selinux/hooks.c linux-2.6.32.40/security/sel
/* Unregister netfilter hooks. */
selinux_nf_ip_exit();
+diff -urNp linux-2.6.32.40/security/selinux/include/xfrm.h linux-2.6.32.40/security/selinux/include/xfrm.h
+--- linux-2.6.32.40/security/selinux/include/xfrm.h 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/security/selinux/include/xfrm.h 2011-05-18 20:09:37.000000000 -0400
+@@ -48,7 +48,7 @@ int selinux_xfrm_decode_session(struct s
+
+ static inline void selinux_xfrm_notify_policyload(void)
+ {
+- atomic_inc(&flow_cache_genid);
++ atomic_inc_unchecked(&flow_cache_genid);
+ }
+ #else
+ static inline int selinux_xfrm_enabled(void)
+diff -urNp linux-2.6.32.40/security/selinux/ss/services.c linux-2.6.32.40/security/selinux/ss/services.c
+--- linux-2.6.32.40/security/selinux/ss/services.c 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.40/security/selinux/ss/services.c 2011-05-16 21:46:57.000000000 -0400
+@@ -1715,6 +1715,8 @@ int security_load_policy(void *data, siz
+ int rc = 0;
+ struct policy_file file = { data, len }, *fp = &file;
+
++ pax_track_stack();
++
+ if (!ss_initialized) {
+ avtab_cache_init();
+ if (policydb_read(&policydb, fp)) {
diff -urNp linux-2.6.32.40/security/smack/smack_lsm.c linux-2.6.32.40/security/smack/smack_lsm.c
--- linux-2.6.32.40/security/smack/smack_lsm.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.40/security/smack/smack_lsm.c 2011-04-17 15:56:46.000000000 -0400
diff --git a/2.6.32/4422_grsec-mute-warnings.patch b/2.6.32/4422_grsec-mute-warnings.patch
index e1915d9..c53f71f 100644
--- a/2.6.32/4422_grsec-mute-warnings.patch
+++ b/2.6.32/4422_grsec-mute-warnings.patch
@@ -29,14 +29,14 @@ warning flags of vanilla kernel versions.
Acked-by: Christian Heim <phreak@gentoo.org>
---
---- a/Makefile 2011-04-27 22:52:14.000000000 -0400
-+++ b/Makefile 2011-04-27 23:01:48.000000000 -0400
+--- a/Makefile 2011-05-20 08:34:33.000000000 -0400
++++ b/Makefile 2011-05-20 08:43:48.000000000 -0400
@@ -221,7 +221,7 @@
HOSTCC = gcc
HOSTCXX = g++
--HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
-+HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
+-HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
++HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
HOSTCXXFLAGS = -O2 -fno-delete-null-pointer-checks
# Decide whether to build built-in, modular, or both.
diff --git a/2.6.38/0000_README b/2.6.38/0000_README
index fb776db..57b3200 100644
--- a/2.6.38/0000_README
+++ b/2.6.38/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.2-2.6.38.6-201105111839.patch
+Patch: 4420_grsecurity-2.2.2-2.6.38.6-201105182052.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105111839.patch b/2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105182052.patch
index 20cbc55..707cf4c 100644
--- a/2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105111839.patch
+++ b/2.6.38/4420_grsecurity-2.2.2-2.6.38.6-201105182052.patch
@@ -3780,6 +3780,18 @@ diff -urNp linux-2.6.38.6/arch/sparc/include/asm/atomic_64.h linux-2.6.38.6/arch
}
#define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0)
+diff -urNp linux-2.6.38.6/arch/sparc/include/asm/cache.h linux-2.6.38.6/arch/sparc/include/asm/cache.h
+--- linux-2.6.38.6/arch/sparc/include/asm/cache.h 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/arch/sparc/include/asm/cache.h 2011-05-17 19:31:43.000000000 -0400
+@@ -10,7 +10,7 @@
+ #define ARCH_SLAB_MINALIGN __alignof__(unsigned long long)
+
+ #define L1_CACHE_SHIFT 5
+-#define L1_CACHE_BYTES 32
++#define L1_CACHE_BYTES 32U
+
+ #ifdef CONFIG_SPARC32
+ #define SMP_CACHE_BYTES_SHIFT 5
diff -urNp linux-2.6.38.6/arch/sparc/include/asm/dma-mapping.h linux-2.6.38.6/arch/sparc/include/asm/dma-mapping.h
--- linux-2.6.38.6/arch/sparc/include/asm/dma-mapping.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/arch/sparc/include/asm/dma-mapping.h 2011-04-28 19:34:14.000000000 -0400
@@ -4861,6 +4873,18 @@ diff -urNp linux-2.6.38.6/arch/sparc/lib/ksyms.c linux-2.6.38.6/arch/sparc/lib/k
EXPORT_SYMBOL(atomic64_sub_ret);
/* Atomic bit operations. */
+diff -urNp linux-2.6.38.6/arch/sparc/lib/Makefile linux-2.6.38.6/arch/sparc/lib/Makefile
+--- linux-2.6.38.6/arch/sparc/lib/Makefile 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/arch/sparc/lib/Makefile 2011-05-17 19:31:43.000000000 -0400
+@@ -2,7 +2,7 @@
+ #
+
+ asflags-y := -ansi -DST_DIV0=0x02
+-ccflags-y := -Werror
++#ccflags-y := -Werror
+
+ lib-$(CONFIG_SPARC32) += mul.o rem.o sdiv.o udiv.o umul.o urem.o ashrdi3.o
+ lib-$(CONFIG_SPARC32) += memcpy.o memset.o
diff -urNp linux-2.6.38.6/arch/sparc/Makefile linux-2.6.38.6/arch/sparc/Makefile
--- linux-2.6.38.6/arch/sparc/Makefile 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/arch/sparc/Makefile 2011-04-28 19:34:14.000000000 -0400
@@ -6362,7 +6386,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32_aout.c linux-2.6.38.6/arch/x86/ia32
has_dumped = 1;
diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32/ia32entry.S
--- linux-2.6.38.6/arch/x86/ia32/ia32entry.S 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/ia32/ia32entry.S 2011-05-11 18:34:57.000000000 -0400
++++ linux-2.6.38.6/arch/x86/ia32/ia32entry.S 2011-05-16 21:47:08.000000000 -0400
@@ -13,6 +13,7 @@
#include <asm/thread_info.h>
#include <asm/segment.h>
@@ -6371,7 +6395,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
#include <linux/linkage.h>
/* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
-@@ -93,6 +94,28 @@ ENTRY(native_irq_enable_sysexit)
+@@ -93,6 +94,26 @@ ENTRY(native_irq_enable_sysexit)
ENDPROC(native_irq_enable_sysexit)
#endif
@@ -6386,21 +6410,19 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
+ call pax_exit_kernel_user
+#endif
+#ifdef CONFIG_PAX_RANDKSTACK
-+ push %rax
++ pushq %rax
+ call pax_randomize_kstack
-+ pop %rax
++ popq %rax
+#endif
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ push %rax
+ call pax_erase_kstack
-+ pop %rax
+#endif
+ .endm
+
/*
* 32bit SYSENTER instruction entry.
*
-@@ -119,7 +142,7 @@ ENTRY(ia32_sysenter_target)
+@@ -119,7 +140,7 @@ ENTRY(ia32_sysenter_target)
CFI_REGISTER rsp,rbp
SWAPGS_UNSAFE_STACK
movq PER_CPU_VAR(kernel_stack), %rsp
@@ -6409,7 +6431,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
/*
* No need to follow this irqs on/off section: the syscall
* disabled irqs, here we enable it straight after entry:
-@@ -135,7 +158,8 @@ ENTRY(ia32_sysenter_target)
+@@ -135,7 +156,8 @@ ENTRY(ia32_sysenter_target)
pushfq
CFI_ADJUST_CFA_OFFSET 8
/*CFI_REL_OFFSET rflags,0*/
@@ -6419,7 +6441,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
CFI_REGISTER rip,r10
pushq $__USER32_CS
CFI_ADJUST_CFA_OFFSET 8
-@@ -150,6 +174,12 @@ ENTRY(ia32_sysenter_target)
+@@ -150,6 +172,12 @@ ENTRY(ia32_sysenter_target)
SAVE_ARGS 0,0,1
/* no need to do an access_ok check here because rbp has been
32bit zero extended */
@@ -6432,7 +6454,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
1: movl (%rbp),%ebp
.section __ex_table,"a"
.quad 1b,ia32_badarg
-@@ -172,6 +202,7 @@ sysenter_dispatch:
+@@ -172,6 +200,7 @@ sysenter_dispatch:
testl $_TIF_ALLWORK_MASK,TI_flags(%r10)
jnz sysexit_audit
sysexit_from_sys_call:
@@ -6440,7 +6462,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
andl $~TS_COMPAT,TI_status(%r10)
/* clear IF, that popfq doesn't enable interrupts early */
andl $~0x200,EFLAGS-R11(%rsp)
-@@ -283,19 +314,24 @@ ENDPROC(ia32_sysenter_target)
+@@ -283,19 +312,24 @@ ENDPROC(ia32_sysenter_target)
ENTRY(ia32_cstar_target)
CFI_STARTPROC32 simple
CFI_SIGNAL_FRAME
@@ -6467,7 +6489,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
movl %eax,%eax /* zero extension */
movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
movq %rcx,RIP-ARGOFFSET(%rsp)
-@@ -311,6 +347,12 @@ ENTRY(ia32_cstar_target)
+@@ -311,6 +345,12 @@ ENTRY(ia32_cstar_target)
/* no need to do an access_ok check here because r8 has been
32bit zero extended */
/* hardware stack frame is complete now */
@@ -6480,7 +6502,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
1: movl (%r8),%r9d
.section __ex_table,"a"
.quad 1b,ia32_badarg
-@@ -333,6 +375,7 @@ cstar_dispatch:
+@@ -333,6 +373,7 @@ cstar_dispatch:
testl $_TIF_ALLWORK_MASK,TI_flags(%r10)
jnz sysretl_audit
sysretl_from_sys_call:
@@ -6488,7 +6510,7 @@ diff -urNp linux-2.6.38.6/arch/x86/ia32/ia32entry.S linux-2.6.38.6/arch/x86/ia32
andl $~TS_COMPAT,TI_status(%r10)
RESTORE_ARGS 1,-ARG_SKIP,1,1,1
movl RIP-ARGOFFSET(%rsp),%ecx
-@@ -415,6 +458,7 @@ ENTRY(ia32_syscall)
+@@ -415,6 +456,7 @@ ENTRY(ia32_syscall)
CFI_REL_OFFSET rip,RIP-RIP
PARAVIRT_ADJUST_EXCEPTION_FRAME
SWAPGS
@@ -6735,7 +6757,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/atomic64_32.h linux-2.6.38.6/arch
* @v: pointer to type atomic64_t
diff -urNp linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h
--- linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h 2011-04-28 19:34:14.000000000 -0400
++++ linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h 2011-05-16 21:47:08.000000000 -0400
@@ -18,7 +18,19 @@
*/
static inline long atomic64_read(const atomic64_t *v)
@@ -7010,7 +7032,19 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/atomic64_64.h linux-2.6.38.6/arch
#define atomic64_dec_return(v) (atomic64_sub_return(1, (v)))
static inline long atomic64_cmpxchg(atomic64_t *v, long old, long new)
-@@ -206,17 +380,30 @@ static inline long atomic64_xchg(atomic6
+@@ -190,6 +364,11 @@ static inline long atomic64_cmpxchg(atom
+ return cmpxchg(&v->counter, old, new);
+ }
+
++static inline long atomic64_cmpxchg_unchecked(atomic64_unchecked_t *v, long old, long new)
++{
++ return cmpxchg(&v->counter, old, new);
++}
++
+ static inline long atomic64_xchg(atomic64_t *v, long new)
+ {
+ return xchg(&v->counter, new);
+@@ -206,17 +385,30 @@ static inline long atomic64_xchg(atomic6
*/
static inline int atomic64_add_unless(atomic64_t *v, long a, long u)
{
@@ -9689,7 +9723,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/system.h linux-2.6.38.6/arch/x86/
void default_idle(void);
diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch/x86/include/asm/thread_info.h
--- linux-2.6.38.6/arch/x86/include/asm/thread_info.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/include/asm/thread_info.h 2011-04-30 19:58:48.000000000 -0400
++++ linux-2.6.38.6/arch/x86/include/asm/thread_info.h 2011-05-17 19:31:43.000000000 -0400
@@ -10,6 +10,7 @@
#include <linux/compiler.h>
#include <asm/page.h>
@@ -9706,7 +9740,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
struct exec_domain *exec_domain; /* execution domain */
__u32 flags; /* low level flags */
__u32 status; /* thread synchronous flags */
-@@ -34,18 +34,11 @@ struct thread_info {
+@@ -34,18 +34,12 @@ struct thread_info {
mm_segment_t addr_limit;
struct restart_block restart_block;
void __user *sysenter_return;
@@ -9716,6 +9750,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
- */
- __u8 supervisor_stack[0];
-#endif
++ unsigned long lowest_stack;
int uaccess_err;
};
@@ -9726,7 +9761,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
.exec_domain = &default_exec_domain, \
.flags = 0, \
.cpu = 0, \
-@@ -56,7 +49,7 @@ struct thread_info {
+@@ -56,7 +50,7 @@ struct thread_info {
}, \
}
@@ -9735,7 +9770,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
#define init_stack (init_thread_union.stack)
#else /* !__ASSEMBLY__ */
-@@ -164,6 +157,23 @@ struct thread_info {
+@@ -164,6 +158,23 @@ struct thread_info {
#define alloc_thread_info(tsk) \
((struct thread_info *)__get_free_pages(THREAD_FLAGS, THREAD_ORDER))
@@ -9759,7 +9794,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
#ifdef CONFIG_X86_32
#define STACK_WARN (THREAD_SIZE/8)
-@@ -174,35 +184,13 @@ struct thread_info {
+@@ -174,35 +185,13 @@ struct thread_info {
*/
#ifndef __ASSEMBLY__
@@ -9795,7 +9830,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
/*
* macros/functions for gaining access to the thread information structure
* preempt_count needs to be 1 initially, until the scheduler is functional.
-@@ -210,21 +198,6 @@ static inline struct thread_info *curren
+@@ -210,21 +199,8 @@ static inline struct thread_info *curren
#ifndef __ASSEMBLY__
DECLARE_PER_CPU(unsigned long, kernel_stack);
@@ -9814,10 +9849,12 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
- movq PER_CPU_VAR(kernel_stack),reg ; \
- subq $(THREAD_SIZE-KERNEL_STACK_OFFSET),reg
-
++/* how to get the current stack pointer from C */
++register unsigned long current_stack_pointer asm("rsp") __used;
#endif
#endif /* !X86_32 */
-@@ -260,5 +233,16 @@ extern void arch_task_cache_init(void);
+@@ -260,5 +236,16 @@ extern void arch_task_cache_init(void);
extern void free_thread_info(struct thread_info *ti);
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src);
#define arch_task_cache_init arch_task_cache_init
@@ -9836,18 +9873,20 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/thread_info.h linux-2.6.38.6/arch
#endif /* _ASM_X86_THREAD_INFO_H */
diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h
--- linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h 2011-04-28 19:34:14.000000000 -0400
-@@ -44,6 +44,9 @@ unsigned long __must_check __copy_from_u
++++ linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h 2011-05-16 21:47:08.000000000 -0400
+@@ -44,6 +44,11 @@ unsigned long __must_check __copy_from_u
static __always_inline unsigned long __must_check
__copy_to_user_inatomic(void __user *to, const void *from, unsigned long n)
{
++ pax_track_stack();
++
+ if ((long)n < 0)
+ return n;
+
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -62,6 +65,8 @@ __copy_to_user_inatomic(void __user *to,
+@@ -62,6 +67,8 @@ __copy_to_user_inatomic(void __user *to,
return ret;
}
}
@@ -9856,7 +9895,14 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
return __copy_to_user_ll(to, from, n);
}
-@@ -89,6 +94,9 @@ __copy_to_user(void __user *to, const vo
+@@ -83,12 +90,16 @@ static __always_inline unsigned long __m
+ __copy_to_user(void __user *to, const void *from, unsigned long n)
+ {
+ might_fault();
++
+ return __copy_to_user_inatomic(to, from, n);
+ }
+
static __always_inline unsigned long
__copy_from_user_inatomic(void *to, const void __user *from, unsigned long n)
{
@@ -9866,18 +9912,20 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
/* Avoid zeroing the tail if the copy fails..
* If 'n' is constant and 1, 2, or 4, we do still zero on a failure,
* but as the zeroing behaviour is only significant when n is not
-@@ -138,6 +146,10 @@ static __always_inline unsigned long
+@@ -138,6 +149,12 @@ static __always_inline unsigned long
__copy_from_user(void *to, const void __user *from, unsigned long n)
{
might_fault();
+
++ pax_track_stack();
++
+ if ((long)n < 0)
+ return n;
+
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -153,6 +165,8 @@ __copy_from_user(void *to, const void __
+@@ -153,6 +170,8 @@ __copy_from_user(void *to, const void __
return ret;
}
}
@@ -9886,7 +9934,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
return __copy_from_user_ll(to, from, n);
}
-@@ -160,6 +174,10 @@ static __always_inline unsigned long __c
+@@ -160,6 +179,10 @@ static __always_inline unsigned long __c
const void __user *from, unsigned long n)
{
might_fault();
@@ -9897,7 +9945,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
if (__builtin_constant_p(n)) {
unsigned long ret;
-@@ -182,15 +200,19 @@ static __always_inline unsigned long
+@@ -182,15 +205,19 @@ static __always_inline unsigned long
__copy_from_user_inatomic_nocache(void *to, const void __user *from,
unsigned long n)
{
@@ -9924,7 +9972,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
extern void copy_from_user_overflow(void)
#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
-@@ -200,17 +222,61 @@ extern void copy_from_user_overflow(void
+@@ -200,17 +227,61 @@ extern void copy_from_user_overflow(void
#endif
;
@@ -9995,7 +10043,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_32.h linux-2.6.38.6/arch/
diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h
--- linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h 2011-05-16 21:47:08.000000000 -0400
@@ -11,6 +11,9 @@
#include <asm/alternative.h>
#include <asm/cpufeature.h>
@@ -10046,7 +10094,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
return n;
}
-@@ -65,110 +68,194 @@ int copy_to_user(void __user *dst, const
+@@ -65,110 +68,198 @@ int copy_to_user(void __user *dst, const
{
might_fault();
@@ -10068,6 +10116,8 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
- if (!__builtin_constant_p(size))
- return copy_user_generic(dst, (__force void *)src, size);
+
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
+
@@ -10155,6 +10205,8 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
might_fault();
- if (!__builtin_constant_p(size))
+
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
+
@@ -10271,7 +10323,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
ret, "b", "b", "=q", 1);
if (likely(!ret))
__put_user_asm(tmp, (u8 __user *)dst,
-@@ -177,7 +264,7 @@ int __copy_in_user(void __user *dst, con
+@@ -177,7 +268,7 @@ int __copy_in_user(void __user *dst, con
}
case 2: {
u16 tmp;
@@ -10280,7 +10332,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
ret, "w", "w", "=r", 2);
if (likely(!ret))
__put_user_asm(tmp, (u16 __user *)dst,
-@@ -187,7 +274,7 @@ int __copy_in_user(void __user *dst, con
+@@ -187,7 +278,7 @@ int __copy_in_user(void __user *dst, con
case 4: {
u32 tmp;
@@ -10289,7 +10341,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
ret, "l", "k", "=r", 4);
if (likely(!ret))
__put_user_asm(tmp, (u32 __user *)dst,
-@@ -196,7 +283,7 @@ int __copy_in_user(void __user *dst, con
+@@ -196,7 +287,7 @@ int __copy_in_user(void __user *dst, con
}
case 8: {
u64 tmp;
@@ -10298,7 +10350,7 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
ret, "q", "", "=r", 8);
if (likely(!ret))
__put_user_asm(tmp, (u64 __user *)dst,
-@@ -204,8 +291,16 @@ int __copy_in_user(void __user *dst, con
+@@ -204,8 +295,16 @@ int __copy_in_user(void __user *dst, con
return ret;
}
default:
@@ -10316,10 +10368,12 @@ diff -urNp linux-2.6.38.6/arch/x86/include/asm/uaccess_64.h linux-2.6.38.6/arch/
}
}
-@@ -222,33 +317,70 @@ __must_check unsigned long __clear_user(
+@@ -222,33 +321,72 @@ __must_check unsigned long __clear_user(
static __must_check __always_inline int
__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size)
{
++ pax_track_stack();
++
+ if ((int)size < 0)
+ return size;
+
@@ -10995,7 +11049,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/amd_iommu.c linux-2.6.38.6/arch/x86/ke
.map_page = map_page,
diff -urNp linux-2.6.38.6/arch/x86/kernel/apic/apic.c linux-2.6.38.6/arch/x86/kernel/apic/apic.c
--- linux-2.6.38.6/arch/x86/kernel/apic/apic.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/apic/apic.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/apic/apic.c 2011-05-16 21:47:08.000000000 -0400
@@ -1819,7 +1819,7 @@ void smp_error_interrupt(struct pt_regs
apic_write(APIC_ESR, 0);
v1 = apic_read(APIC_ESR);
@@ -11005,6 +11059,15 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/apic/apic.c linux-2.6.38.6/arch/x86/ke
/*
* Here is what the APIC error bits mean:
+@@ -2209,6 +2209,8 @@ static int __cpuinit apic_cluster_num(vo
+ u16 *bios_cpu_apicid;
+ DECLARE_BITMAP(clustermap, NUM_APIC_CLUSTERS);
+
++ pax_track_stack();
++
+ bios_cpu_apicid = early_per_cpu_ptr(x86_bios_cpu_apicid);
+ bitmap_zero(clustermap, NUM_APIC_CLUSTERS);
+
diff -urNp linux-2.6.38.6/arch/x86/kernel/apic/io_apic.c linux-2.6.38.6/arch/x86/kernel/apic/io_apic.c
--- linux-2.6.38.6/arch/x86/kernel/apic/io_apic.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/arch/x86/kernel/apic/io_apic.c 2011-04-28 19:57:25.000000000 -0400
@@ -11147,7 +11210,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/apm_32.c linux-2.6.38.6/arch/x86/kerne
diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c
--- linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c 2011-04-28 19:34:14.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c 2011-05-16 21:47:08.000000000 -0400
@@ -51,7 +51,6 @@ void foo(void)
OFFSET(CPUINFO_x86_vendor_id, cpuinfo_x86, x86_vendor_id);
BLANK();
@@ -11156,7 +11219,16 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c linux-2.6.38.6/arch/x
OFFSET(TI_exec_domain, thread_info, exec_domain);
OFFSET(TI_flags, thread_info, flags);
OFFSET(TI_status, thread_info, status);
-@@ -113,6 +112,11 @@ void foo(void)
+@@ -60,6 +59,8 @@ void foo(void)
+ OFFSET(TI_restart_block, thread_info, restart_block);
+ OFFSET(TI_sysenter_return, thread_info, sysenter_return);
+ OFFSET(TI_cpu, thread_info, cpu);
++ OFFSET(TI_lowest_stack, thread_info, lowest_stack);
++ DEFINE(TI_task_thread_sp0, offsetof(struct task_struct, thread.sp0) - offsetof(struct task_struct, tinfo));
+ BLANK();
+
+ OFFSET(GDS_size, desc_ptr, size);
+@@ -113,6 +114,11 @@ void foo(void)
OFFSET(PV_CPU_iret, pv_cpu_ops, iret);
OFFSET(PV_CPU_irq_enable_sysexit, pv_cpu_ops, irq_enable_sysexit);
OFFSET(PV_CPU_read_cr0, pv_cpu_ops, read_cr0);
@@ -11170,8 +11242,17 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_32.c linux-2.6.38.6/arch/x
#ifdef CONFIG_XEN
diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c
--- linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c 2011-04-30 11:45:06.000000000 -0400
-@@ -63,6 +63,18 @@ int main(void)
++++ linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c 2011-05-16 21:47:08.000000000 -0400
+@@ -44,6 +44,8 @@ int main(void)
+ ENTRY(addr_limit);
+ ENTRY(preempt_count);
+ ENTRY(status);
++ ENTRY(lowest_stack);
++ DEFINE(TI_task_thread_sp0, offsetof(struct task_struct, thread.sp0) - offsetof(struct task_struct, tinfo));
+ #ifdef CONFIG_IA32_EMULATION
+ ENTRY(sysenter_return);
+ #endif
+@@ -63,6 +65,18 @@ int main(void)
OFFSET(PV_CPU_irq_enable_sysexit, pv_cpu_ops, irq_enable_sysexit);
OFFSET(PV_CPU_swapgs, pv_cpu_ops, swapgs);
OFFSET(PV_MMU_read_cr2, pv_mmu_ops, read_cr2);
@@ -11190,7 +11271,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c linux-2.6.38.6/arch/x
#endif
-@@ -115,6 +127,7 @@ int main(void)
+@@ -115,6 +129,7 @@ int main(void)
ENTRY(cr8);
BLANK();
#undef ENTRY
@@ -11198,7 +11279,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/asm-offsets_64.c linux-2.6.38.6/arch/x
DEFINE(TSS_ist, offsetof(struct tss_struct, x86_tss.ist));
BLANK();
DEFINE(crypto_tfm_ctx_offset, offsetof(struct crypto_tfm, __crt_ctx));
-@@ -130,6 +143,7 @@ int main(void)
+@@ -130,6 +145,7 @@ int main(void)
BLANK();
DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
@@ -11550,8 +11631,17 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/cpu/mtrr/mtrr.h linux-2.6.38.6/arch/x8
extern int generic_get_free_region(unsigned long base, unsigned long size,
diff -urNp linux-2.6.38.6/arch/x86/kernel/cpu/perf_event.c linux-2.6.38.6/arch/x86/kernel/cpu/perf_event.c
--- linux-2.6.38.6/arch/x86/kernel/cpu/perf_event.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/cpu/perf_event.c 2011-04-28 19:34:14.000000000 -0400
-@@ -1781,7 +1781,7 @@ perf_callchain_user(struct perf_callchai
++++ linux-2.6.38.6/arch/x86/kernel/cpu/perf_event.c 2011-05-16 21:47:08.000000000 -0400
+@@ -674,6 +674,8 @@ static int x86_schedule_events(struct cp
+ int i, j, w, wmax, num = 0;
+ struct hw_perf_event *hwc;
+
++ pax_track_stack();
++
+ bitmap_zero(used_mask, X86_PMC_IDX_MAX);
+
+ for (i = 0; i < n; i++) {
+@@ -1781,7 +1783,7 @@ perf_callchain_user(struct perf_callchai
break;
perf_callchain_store(entry, frame.return_address);
@@ -11882,10 +11972,30 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/dumpstack.c linux-2.6.38.6/arch/x86/ke
report_bug(regs->ip, regs);
if (__die(str, regs, err))
+diff -urNp linux-2.6.38.6/arch/x86/kernel/early_printk.c linux-2.6.38.6/arch/x86/kernel/early_printk.c
+--- linux-2.6.38.6/arch/x86/kernel/early_printk.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/early_printk.c 2011-05-16 21:47:08.000000000 -0400
+@@ -7,6 +7,7 @@
+ #include <linux/pci_regs.h>
+ #include <linux/pci_ids.h>
+ #include <linux/errno.h>
++#include <linux/sched.h>
+ #include <asm/io.h>
+ #include <asm/processor.h>
+ #include <asm/fcntl.h>
+@@ -179,6 +180,8 @@ asmlinkage void early_printk(const char
+ int n;
+ va_list ap;
+
++ pax_track_stack();
++
+ va_start(ap, fmt);
+ n = vscnprintf(buf, sizeof(buf), fmt, ap);
+ early_console->write(early_console, buf, n);
diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/kernel/entry_32.S
--- linux-2.6.38.6/arch/x86/kernel/entry_32.S 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/entry_32.S 2011-05-10 21:13:12.000000000 -0400
-@@ -183,13 +183,139 @@
++++ linux-2.6.38.6/arch/x86/kernel/entry_32.S 2011-05-18 20:23:44.000000000 -0400
+@@ -183,13 +183,146 @@
/*CFI_REL_OFFSET gs, PT_GS*/
.endm
.macro SET_KERNEL_GS reg
@@ -11919,7 +12029,8 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+#ifdef CONFIG_PAX_KERNEXEC
+ENTRY(pax_enter_kernel)
+#ifdef CONFIG_PARAVIRT
-+ push %eax; push %ecx
++ pushl %eax
++ pushl %ecx
+ call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
+ mov %eax, %esi
+#else
@@ -11941,14 +12052,16 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+#endif
+3:
+#ifdef CONFIG_PARAVIRT
-+ pop %ecx; pop %eax
++ popl %ecx
++ popl %eax
+#endif
+ ret
+ENDPROC(pax_enter_kernel)
+
+ENTRY(pax_exit_kernel)
+#ifdef CONFIG_PARAVIRT
-+ push %eax; push %ecx
++ pushl %eax
++ pushl %ecx
+#endif
+ mov %cs, %esi
+ cmp $__KERNEXEC_KERNEL_CS, %esi
@@ -11970,7 +12083,8 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+#endif
+2:
+#ifdef CONFIG_PARAVIRT
-+ pop %ecx; pop %eax
++ popl %ecx
++ popl %eax
+#endif
+ ret
+ENDPROC(pax_exit_kernel)
@@ -11983,41 +12097,44 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+.endm
+
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++/*
++ * ebp: thread_info
++ * ecx, edx: can be clobbered
++ */
+ENTRY(pax_erase_kstack)
-+ push %edi
++ pushl %edi
++ pushl %eax
+
-+ lea -64(%esp), %edi
-+ and $-64, %edi
++ mov TI_lowest_stack(%ebp), %edi
+ mov $-0xBEEF, %eax
+ std
-+1:
-+ mov %edi, %ecx
++
++1: mov %edi, %ecx
+ and $THREAD_SIZE_asm - 1, %ecx
+ shr $2, %ecx
+ repne scasl
+ jecxz 2f
+
-+ and $-64, %edi
-+ and $-16, %ecx
-+
-+ sub $128, %ecx
++ cmp $2*16, %ecx
+ jc 2f
-+ mov $16, %ecx
-+ repe scasl
-+ jne 1b
-+ sub $(512 - 64), %edi
-+ mov $16, %ecx
++
++ mov $2*16, %ecx
+ repe scasl
+ jecxz 2f
+ jne 1b
-+2:
-+ cld
++
++2: cld
+ mov %esp, %ecx
+ sub %edi, %ecx
+ shr $2, %ecx
+ rep stosl
+
-+ pop %edi
++ mov TI_task_thread_sp0(%ebp), %edi
++ sub $128, %edi
++ mov %edi, TI_lowest_stack(%ebp)
++
++ popl %eax
++ popl %edi
+ ret
+ENDPROC(pax_erase_kstack)
+#endif
@@ -12026,7 +12143,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
cld
PUSH_GS
pushl_cfi %fs
-@@ -212,7 +338,7 @@
+@@ -212,7 +345,7 @@
CFI_REL_OFFSET ecx, 0
pushl_cfi %ebx
CFI_REL_OFFSET ebx, 0
@@ -12035,7 +12152,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
movl %edx, %ds
movl %edx, %es
movl $(__KERNEL_PERCPU), %edx
-@@ -220,6 +346,15 @@
+@@ -220,6 +353,15 @@
SET_KERNEL_GS %edx
.endm
@@ -12051,7 +12168,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
.macro RESTORE_INT_REGS
popl_cfi %ebx
CFI_RESTORE ebx
-@@ -330,7 +465,15 @@ check_userspace:
+@@ -330,7 +472,15 @@ check_userspace:
movb PT_CS(%esp), %al
andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax
cmpl $USER_RPL, %eax
@@ -12067,7 +12184,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
ENTRY(resume_userspace)
LOCKDEP_SYS_EXIT
-@@ -392,23 +535,34 @@ sysenter_past_esp:
+@@ -392,23 +542,34 @@ sysenter_past_esp:
/*CFI_REL_OFFSET cs, 0*/
/*
* Push current_thread_info()->sysenter_return to the stack.
@@ -12105,7 +12222,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
movl %ebp,PT_EBP(%esp)
.section __ex_table,"a"
.align 4
-@@ -431,12 +585,27 @@ sysenter_do_call:
+@@ -431,12 +592,23 @@ sysenter_do_call:
testl $_TIF_ALLWORK_MASK, %ecx
jne sysexit_audit
sysenter_exit:
@@ -12116,11 +12233,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+ popl_cfi %eax
+#endif
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ pushl_cfi %eax
-+ call pax_erase_kstack
-+ popl_cfi %eax
-+#endif
++ pax_erase_kstack
+
/* if something modifies registers it must also disable sysexit */
movl PT_EIP(%esp), %edx
@@ -12133,7 +12246,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
PTGS_TO_GS
ENABLE_INTERRUPTS_SYSEXIT
-@@ -479,11 +648,17 @@ sysexit_audit:
+@@ -479,11 +651,17 @@ sysexit_audit:
CFI_ENDPROC
.pushsection .fixup,"ax"
@@ -12153,7 +12266,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
.popsection
PTGS_TO_GS_EX
ENDPROC(ia32_sysenter_target)
-@@ -516,6 +691,14 @@ syscall_exit:
+@@ -516,6 +694,12 @@ syscall_exit:
testl $_TIF_ALLWORK_MASK, %ecx # current->work
jne syscall_exit_work
@@ -12161,14 +12274,12 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
+ call pax_randomize_kstack
+#endif
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
+ pax_erase_kstack
-+#endif
+
restore_all:
TRACE_IRQS_IRET
restore_all_notrace:
-@@ -575,14 +758,21 @@ ldt_ss:
+@@ -575,14 +759,21 @@ ldt_ss:
* compensating for the offset by changing to the ESPFIX segment with
* a base address that matches for the difference.
*/
@@ -12193,7 +12304,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
pushl_cfi $__ESPFIX_SS
pushl_cfi %eax /* new kernel esp */
/* Disable interrupts, but do not irqtrace this section: we
-@@ -617,23 +807,17 @@ work_resched:
+@@ -617,23 +808,17 @@ work_resched:
work_notifysig: # deal with pending signals and
# notify-resume requests
@@ -12220,7 +12331,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
#endif
xorl %edx, %edx
call do_notify_resume
-@@ -668,6 +852,10 @@ END(syscall_exit_work)
+@@ -668,6 +853,10 @@ END(syscall_exit_work)
RING0_INT_FRAME # can't unwind into user space anyway
syscall_fault:
@@ -12231,7 +12342,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
GET_THREAD_INFO(%ebp)
movl $-EFAULT,PT_EAX(%esp)
jmp resume_userspace
-@@ -750,6 +938,36 @@ ptregs_clone:
+@@ -750,6 +939,36 @@ ptregs_clone:
CFI_ENDPROC
ENDPROC(ptregs_clone)
@@ -12268,7 +12379,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
.macro FIXUP_ESPFIX_STACK
/*
* Switch back for ESPFIX stack to the normal zerobased stack
-@@ -759,8 +977,15 @@ ENDPROC(ptregs_clone)
+@@ -759,8 +978,15 @@ ENDPROC(ptregs_clone)
* normal stack and adjusts ESP with the matching offset.
*/
/* fixup the stack */
@@ -12286,7 +12397,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
shl $16, %eax
addl %esp, %eax /* the adjusted stack pointer */
pushl_cfi $__KERNEL_DS
-@@ -1211,7 +1436,6 @@ return_to_handler:
+@@ -1211,7 +1437,6 @@ return_to_handler:
jmp *%ecx
#endif
@@ -12294,7 +12405,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
#include "syscall_table_32.S"
syscall_table_size=(.-sys_call_table)
-@@ -1257,9 +1481,12 @@ error_code:
+@@ -1257,9 +1482,12 @@ error_code:
movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart
REG_TO_PTGS %ecx
SET_KERNEL_GS %ecx
@@ -12308,7 +12419,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
TRACE_IRQS_OFF
movl %esp,%eax # pt_regs pointer
call *%edi
-@@ -1344,6 +1571,9 @@ nmi_stack_correct:
+@@ -1344,6 +1572,9 @@ nmi_stack_correct:
xorl %edx,%edx # zero error code
movl %esp,%eax # pt_regs pointer
call do_nmi
@@ -12318,7 +12429,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
jmp restore_all_notrace
CFI_ENDPROC
-@@ -1380,6 +1610,9 @@ nmi_espfix_stack:
+@@ -1380,6 +1611,9 @@ nmi_espfix_stack:
FIXUP_ESPFIX_STACK # %eax == %esp
xorl %edx,%edx # zero error code
call do_nmi
@@ -12330,7 +12441,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_32.S linux-2.6.38.6/arch/x86/ker
CFI_ADJUST_CFA_OFFSET -24
diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/kernel/entry_64.S
--- linux-2.6.38.6/arch/x86/kernel/entry_64.S 2011-04-18 17:27:13.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/entry_64.S 2011-05-10 21:12:16.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/entry_64.S 2011-05-18 20:23:44.000000000 -0400
@@ -53,6 +53,7 @@
#include <asm/paravirt.h>
#include <asm/ftrace.h>
@@ -12339,7 +12450,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
/* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
#include <linux/elf-em.h>
-@@ -174,6 +175,251 @@ ENTRY(native_usergs_sysret64)
+@@ -174,6 +175,253 @@ ENTRY(native_usergs_sysret64)
ENDPROC(native_usergs_sysret64)
#endif /* CONFIG_PARAVIRT */
@@ -12351,8 +12462,8 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ 1234: .quad \off; .word \sel
+ .popsection
+#else
-+ push $\sel
-+ push $\off
++ pushq $\sel
++ pushq $\off
+ lretq
+#endif
+ .endm
@@ -12371,7 +12482,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+
+#ifdef CONFIG_PAX_KERNEXEC
+ENTRY(pax_enter_kernel)
-+ push %rdi
++ pushq %rdi
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12392,12 +12503,12 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ PV_RESTORE_REGS(CLBR_RDI)
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_enter_kernel)
+
+ENTRY(pax_exit_kernel)
-+ push %rdi
++ pushq %rdi
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12416,7 +12527,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ PV_RESTORE_REGS(CLBR_RDI);
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_exit_kernel)
+#endif
@@ -12437,56 +12548,14 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ pop %rax
+#endif
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ push %rax
+ call pax_erase_kstack
-+ pop %rax
+#endif
+ .endm
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+ENTRY(pax_erase_kstack)
-+ push %rdi
-+
-+ lea -128(%rsp), %rdi
-+ and $-64, %rdi
-+ mov $-0xBEEF, %rax
-+ std
-+1:
-+ mov %edi, %ecx
-+ and $THREAD_SIZE_asm - 1, %ecx
-+ shr $3, %ecx
-+ repne scasq
-+ jecxz 2f
-+
-+ and $-64, %rdi
-+ and $-8, %ecx
-+
-+ sub $64, %ecx
-+ jc 2f
-+ mov $8, %ecx
-+ repe scasq
-+ jne 1b
-+ sub $(512 - 64), %rdi
-+ mov $8, %ecx
-+ repe scasq
-+ jecxz 2f
-+ jne 1b
-+2:
-+ cld
-+ mov %esp, %ecx
-+ sub %edi, %ecx
-+ shr $3, %ecx
-+ rep stosq
-+
-+ pop %rdi
-+ ret
-+ENDPROC(pax_erase_kstack)
-+#endif
-+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ENTRY(pax_enter_kernel_user)
-+ push %rdi
-+ push %rbx
++ pushq %rdi
++ pushq %rbx
+
+#ifdef CONFIG_PARAVIRT
+ PV_SAVE_REGS(CLBR_RDI)
@@ -12498,7 +12567,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ sub phys_base(%rip),%rbx
+
+#ifdef CONFIG_PARAVIRT
-+ push %rdi
++ pushq %rdi
+ cmpl $0, pv_info+PARAVIRT_enabled
+ jz 1f
+ i = 0
@@ -12520,7 +12589,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ .endr
+
+#ifdef CONFIG_PARAVIRT
-+2: pop %rdi
++2: popq %rdi
+#endif
+ SET_RDI_INTO_CR3
+
@@ -12534,8 +12603,8 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ PV_RESTORE_REGS(CLBR_RDI)
+#endif
+
-+ pop %rbx
-+ pop %rdi
++ popq %rbx
++ popq %rdi
+ retq
+ENDPROC(pax_enter_kernel_user)
+
@@ -12543,7 +12612,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+ push %rdi
+
+#ifdef CONFIG_PARAVIRT
-+ push %rbx
++ pushq %rbx
+ PV_SAVE_REGS(CLBR_RDI)
+#endif
+
@@ -12581,17 +12650,61 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
+
+#ifdef CONFIG_PARAVIRT
+2: PV_RESTORE_REGS(CLBR_RDI)
-+ pop %rbx
++ popq %rbx
+#endif
+
-+ pop %rdi
++ popq %rdi
+ retq
+ENDPROC(pax_exit_kernel_user)
+#endif
++
++#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++/*
++ * r10: thread_info
++ * rcx, rdx: can be clobbered
++ */
++ENTRY(pax_erase_kstack)
++ pushq %rdi
++ pushq %rax
++
++ GET_THREAD_INFO(%r10)
++ mov TI_lowest_stack(%r10), %rdi
++ mov $-0xBEEF, %rax
++ std
++
++1: mov %edi, %ecx
++ and $THREAD_SIZE_asm - 1, %ecx
++ shr $3, %ecx
++ repne scasq
++ jecxz 2f
++
++ cmp $2*8, %ecx
++ jc 2f
++
++ mov $2*8, %ecx
++ repe scasq
++ jecxz 2f
++ jne 1b
++
++2: cld
++ mov %esp, %ecx
++ sub %edi, %ecx
++ shr $3, %ecx
++ rep stosq
++
++ mov TI_task_thread_sp0(%r10), %rdi
++ sub $256, %rdi
++ mov %rdi, TI_lowest_stack(%r10)
++
++ popq %rax
++ popq %rdi
++ ret
++ENDPROC(pax_erase_kstack)
++#endif
.macro TRACE_IRQS_IRETQ offset=ARGOFFSET
#ifdef CONFIG_TRACE_IRQFLAGS
-@@ -316,7 +562,7 @@ ENTRY(save_args)
+@@ -316,7 +564,7 @@ ENTRY(save_args)
leaq -RBP+8(%rsp),%rdi /* arg1 for handler */
movq_cfi rbp, 8 /* push %rbp */
leaq 8(%rsp), %rbp /* mov %rsp, %ebp */
@@ -12600,7 +12713,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
je 1f
SWAPGS
/*
-@@ -407,7 +653,7 @@ ENTRY(ret_from_fork)
+@@ -407,7 +655,7 @@ ENTRY(ret_from_fork)
RESTORE_REST
@@ -12609,7 +12722,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
je int_ret_from_sys_call
testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
-@@ -453,7 +699,7 @@ END(ret_from_fork)
+@@ -453,7 +701,7 @@ END(ret_from_fork)
ENTRY(system_call)
CFI_STARTPROC simple
CFI_SIGNAL_FRAME
@@ -12618,7 +12731,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
CFI_REGISTER rip,rcx
/*CFI_REGISTER rflags,r11*/
SWAPGS_UNSAFE_STACK
-@@ -466,12 +712,13 @@ ENTRY(system_call_after_swapgs)
+@@ -466,12 +714,13 @@ ENTRY(system_call_after_swapgs)
movq %rsp,PER_CPU_VAR(old_rsp)
movq PER_CPU_VAR(kernel_stack),%rsp
@@ -12633,7 +12746,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
movq %rcx,RIP-ARGOFFSET(%rsp)
CFI_REL_OFFSET rip,RIP-ARGOFFSET
-@@ -500,6 +747,7 @@ sysret_check:
+@@ -500,6 +749,7 @@ sysret_check:
andl %edi,%edx
jnz sysret_careful
CFI_REMEMBER_STATE
@@ -12641,7 +12754,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
/*
* sysretq will re-enable interrupts:
*/
-@@ -609,7 +857,7 @@ tracesys:
+@@ -609,7 +859,7 @@ tracesys:
GLOBAL(int_ret_from_sys_call)
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF
@@ -12650,7 +12763,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
je retint_restore_args
movl $_TIF_ALLWORK_MASK,%edi
/* edi: mask to check */
-@@ -791,6 +1039,16 @@ END(interrupt)
+@@ -791,6 +1041,16 @@ END(interrupt)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-RBP
call save_args
PARTIAL_FRAME 0
@@ -12667,7 +12780,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
call \func
.endm
-@@ -823,7 +1081,7 @@ ret_from_intr:
+@@ -823,7 +1083,7 @@ ret_from_intr:
CFI_ADJUST_CFA_OFFSET -8
exit_intr:
GET_THREAD_INFO(%rcx)
@@ -12676,7 +12789,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
je retint_kernel
/* Interrupt came from user space */
-@@ -845,12 +1103,14 @@ retint_swapgs: /* return to user-space
+@@ -845,12 +1105,14 @@ retint_swapgs: /* return to user-space
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
@@ -12691,7 +12804,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
/*
* The iretq could re-enable interrupts:
*/
-@@ -1022,6 +1282,16 @@ ENTRY(\sym)
+@@ -1022,6 +1284,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
@@ -12708,7 +12821,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1039,6 +1309,16 @@ ENTRY(\sym)
+@@ -1039,6 +1311,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
@@ -12725,7 +12838,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1047,7 +1327,7 @@ ENTRY(\sym)
+@@ -1047,7 +1329,7 @@ ENTRY(\sym)
END(\sym)
.endm
@@ -12734,7 +12847,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
.macro paranoidzeroentry_ist sym do_sym ist
ENTRY(\sym)
INTR_FRAME
-@@ -1057,8 +1337,24 @@ ENTRY(\sym)
+@@ -1057,8 +1339,24 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
@@ -12759,7 +12872,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
subq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
call \do_sym
addq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
-@@ -1075,6 +1371,16 @@ ENTRY(\sym)
+@@ -1075,6 +1373,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
@@ -12776,7 +12889,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1094,6 +1400,16 @@ ENTRY(\sym)
+@@ -1094,6 +1402,16 @@ ENTRY(\sym)
call save_paranoid
DEFAULT_FRAME 0
TRACE_IRQS_OFF
@@ -12793,7 +12906,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1356,14 +1672,27 @@ ENTRY(paranoid_exit)
+@@ -1356,14 +1674,27 @@ ENTRY(paranoid_exit)
TRACE_IRQS_OFF
testl %ebx,%ebx /* swapgs needed? */
jnz paranoid_restore
@@ -12822,7 +12935,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
TRACE_IRQS_IRETQ 0
RESTORE_ALL 8
jmp irq_return
-@@ -1421,7 +1750,7 @@ ENTRY(error_entry)
+@@ -1421,7 +1752,7 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
@@ -12831,7 +12944,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
je error_kernelspace
error_swapgs:
SWAPGS
-@@ -1485,6 +1814,16 @@ ENTRY(nmi)
+@@ -1485,6 +1816,16 @@ ENTRY(nmi)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
DEFAULT_FRAME 0
@@ -12848,7 +12961,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/entry_64.S linux-2.6.38.6/arch/x86/ker
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
movq $-1,%rsi
-@@ -1495,11 +1834,25 @@ ENTRY(nmi)
+@@ -1495,11 +1836,25 @@ ENTRY(nmi)
DISABLE_INTERRUPTS(CLBR_NONE)
testl %ebx,%ebx /* swapgs needed? */
jnz nmi_restore
@@ -14444,7 +14557,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/module.c linux-2.6.38.6/arch/x86/kerne
goto overflow;
diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/kernel/paravirt.c
--- linux-2.6.38.6/arch/x86/kernel/paravirt.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/paravirt.c 2011-04-28 19:34:14.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/paravirt.c 2011-05-16 21:47:08.000000000 -0400
@@ -122,7 +122,7 @@ unsigned paravirt_patch_jmp(void *insnbu
* corresponding structure. */
static void *get_call_destination(u8 type)
@@ -14454,7 +14567,17 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
.pv_init_ops = pv_init_ops,
.pv_time_ops = pv_time_ops,
.pv_cpu_ops = pv_cpu_ops,
-@@ -145,14 +145,14 @@ unsigned paravirt_patch_default(u8 type,
+@@ -133,6 +133,9 @@ static void *get_call_destination(u8 typ
+ .pv_lock_ops = pv_lock_ops,
+ #endif
+ };
++
++ pax_track_stack();
++
+ return *((void **)&tmpl + type);
+ }
+
+@@ -145,14 +148,14 @@ unsigned paravirt_patch_default(u8 type,
if (opfunc == NULL)
/* If there's no function, patch it with a ud2a (BUG) */
ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a));
@@ -14472,7 +14595,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
ret = paravirt_patch_ident_64(insnbuf, len);
else if (type == PARAVIRT_PATCH(pv_cpu_ops.iret) ||
-@@ -178,7 +178,7 @@ unsigned paravirt_patch_insns(void *insn
+@@ -178,7 +181,7 @@ unsigned paravirt_patch_insns(void *insn
if (insn_len > len || start == NULL)
insn_len = len;
else
@@ -14481,7 +14604,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
return insn_len;
}
-@@ -294,22 +294,22 @@ void arch_flush_lazy_mmu_mode(void)
+@@ -294,22 +297,22 @@ void arch_flush_lazy_mmu_mode(void)
preempt_enable();
}
@@ -14508,7 +14631,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
.save_fl = __PV_IS_CALLEE_SAVE(native_save_fl),
.restore_fl = __PV_IS_CALLEE_SAVE(native_restore_fl),
.irq_disable = __PV_IS_CALLEE_SAVE(native_irq_disable),
-@@ -321,7 +321,7 @@ struct pv_irq_ops pv_irq_ops = {
+@@ -321,7 +324,7 @@ struct pv_irq_ops pv_irq_ops = {
#endif
};
@@ -14517,7 +14640,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
.cpuid = native_cpuid,
.get_debugreg = native_get_debugreg,
.set_debugreg = native_set_debugreg,
-@@ -382,7 +382,7 @@ struct pv_cpu_ops pv_cpu_ops = {
+@@ -382,7 +385,7 @@ struct pv_cpu_ops pv_cpu_ops = {
.end_context_switch = paravirt_nop,
};
@@ -14526,7 +14649,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
#ifdef CONFIG_X86_LOCAL_APIC
.startup_ipi_hook = paravirt_nop,
#endif
-@@ -396,7 +396,7 @@ struct pv_apic_ops pv_apic_ops = {
+@@ -396,7 +399,7 @@ struct pv_apic_ops pv_apic_ops = {
#define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_64)
#endif
@@ -14535,7 +14658,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/paravirt.c linux-2.6.38.6/arch/x86/ker
.read_cr2 = native_read_cr2,
.write_cr2 = native_write_cr2,
-@@ -465,6 +465,12 @@ struct pv_mmu_ops pv_mmu_ops = {
+@@ -465,6 +468,12 @@ struct pv_mmu_ops pv_mmu_ops = {
},
.set_fixmap = native_set_fixmap,
@@ -14605,6 +14728,27 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/pci-gart_64.c linux-2.6.38.6/arch/x86/
.map_sg = gart_map_sg,
.unmap_sg = gart_unmap_sg,
.map_page = gart_map_page,
+diff -urNp linux-2.6.38.6/arch/x86/kernel/pci-iommu_table.c linux-2.6.38.6/arch/x86/kernel/pci-iommu_table.c
+--- linux-2.6.38.6/arch/x86/kernel/pci-iommu_table.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/pci-iommu_table.c 2011-05-16 21:47:08.000000000 -0400
+@@ -2,7 +2,7 @@
+ #include <asm/iommu_table.h>
+ #include <linux/string.h>
+ #include <linux/kallsyms.h>
+-
++#include <linux/sched.h>
+
+ #define DEBUG 1
+
+@@ -53,6 +53,8 @@ void __init check_iommu_entries(struct i
+ char sym_p[KSYM_SYMBOL_LEN];
+ char sym_q[KSYM_SYMBOL_LEN];
+
++ pax_track_stack();
++
+ /* Simple cyclic dependency checker. */
+ for (p = start; p < finish; p++) {
+ q = find_dependents_of(start, finish, p);
diff -urNp linux-2.6.38.6/arch/x86/kernel/pci-nommu.c linux-2.6.38.6/arch/x86/kernel/pci-nommu.c
--- linux-2.6.38.6/arch/x86/kernel/pci-nommu.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/arch/x86/kernel/pci-nommu.c 2011-04-28 19:34:14.000000000 -0400
@@ -14631,7 +14775,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/pci-swiotlb.c linux-2.6.38.6/arch/x86/
.free_coherent = swiotlb_free_coherent,
diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/kernel/process_32.c
--- linux-2.6.38.6/arch/x86/kernel/process_32.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/process_32.c 2011-04-28 19:34:14.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/process_32.c 2011-05-16 21:47:08.000000000 -0400
@@ -65,6 +65,7 @@ asmlinkage void ret_from_fork(void) __as
unsigned long thread_saved_pc(struct task_struct *tsk)
{
@@ -14658,7 +14802,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
show_regs_common();
-@@ -196,7 +196,7 @@ int copy_thread(unsigned long clone_flag
+@@ -196,13 +196,14 @@ int copy_thread(unsigned long clone_flag
struct task_struct *tsk;
int err;
@@ -14667,7 +14811,14 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
*childregs = *regs;
childregs->ax = 0;
childregs->sp = sp;
-@@ -293,7 +293,7 @@ __switch_to(struct task_struct *prev_p,
+
+ p->thread.sp = (unsigned long) childregs;
+ p->thread.sp0 = (unsigned long) (childregs+1);
++ p->tinfo.lowest_stack = (unsigned long)task_stack_page(p);
+
+ p->thread.ip = (unsigned long) ret_from_fork;
+
+@@ -293,7 +294,7 @@ __switch_to(struct task_struct *prev_p,
struct thread_struct *prev = &prev_p->thread,
*next = &next_p->thread;
int cpu = smp_processor_id();
@@ -14676,7 +14827,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
bool preload_fpu;
/* never put a printk in __switch_to... printk() calls wake_up*() indirectly */
-@@ -328,6 +328,10 @@ __switch_to(struct task_struct *prev_p,
+@@ -328,6 +329,10 @@ __switch_to(struct task_struct *prev_p,
*/
lazy_save_gs(prev->gs);
@@ -14687,7 +14838,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
/*
* Load the per-thread Thread-Local Storage descriptor.
*/
-@@ -363,6 +367,9 @@ __switch_to(struct task_struct *prev_p,
+@@ -363,6 +368,9 @@ __switch_to(struct task_struct *prev_p,
*/
arch_end_context_switch(next_p);
@@ -14697,7 +14848,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
if (preload_fpu)
__math_state_restore();
-@@ -372,8 +379,6 @@ __switch_to(struct task_struct *prev_p,
+@@ -372,8 +380,6 @@ __switch_to(struct task_struct *prev_p,
if (prev->gs | next->gs)
lazy_load_gs(next->gs);
@@ -14706,14 +14857,14 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_32.c linux-2.6.38.6/arch/x86/k
return prev_p;
}
-@@ -403,4 +408,3 @@ unsigned long get_wchan(struct task_stru
+@@ -403,4 +409,3 @@ unsigned long get_wchan(struct task_stru
} while (count++ < 16);
return 0;
}
-
diff -urNp linux-2.6.38.6/arch/x86/kernel/process_64.c linux-2.6.38.6/arch/x86/kernel/process_64.c
--- linux-2.6.38.6/arch/x86/kernel/process_64.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kernel/process_64.c 2011-05-11 18:34:57.000000000 -0400
++++ linux-2.6.38.6/arch/x86/kernel/process_64.c 2011-05-16 21:47:08.000000000 -0400
@@ -87,7 +87,7 @@ static void __exit_idle(void)
void exit_idle(void)
{
@@ -14733,7 +14884,15 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_64.c linux-2.6.38.6/arch/x86/k
*childregs = *regs;
childregs->ax = 0;
-@@ -376,7 +375,7 @@ __switch_to(struct task_struct *prev_p,
+@@ -273,6 +272,7 @@ int copy_thread(unsigned long clone_flag
+ p->thread.sp = (unsigned long) childregs;
+ p->thread.sp0 = (unsigned long) (childregs+1);
+ p->thread.usersp = me->thread.usersp;
++ p->tinfo.lowest_stack = (unsigned long)task_stack_page(p);
+
+ set_tsk_thread_flag(p, TIF_FORK);
+
+@@ -376,7 +376,7 @@ __switch_to(struct task_struct *prev_p,
struct thread_struct *prev = &prev_p->thread;
struct thread_struct *next = &next_p->thread;
int cpu = smp_processor_id();
@@ -14742,7 +14901,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_64.c linux-2.6.38.6/arch/x86/k
unsigned fsindex, gsindex;
bool preload_fpu;
-@@ -472,10 +471,9 @@ __switch_to(struct task_struct *prev_p,
+@@ -472,10 +472,9 @@ __switch_to(struct task_struct *prev_p,
prev->usersp = percpu_read(old_rsp);
percpu_write(old_rsp, next->usersp);
percpu_write(current_task, next_p);
@@ -14755,7 +14914,7 @@ diff -urNp linux-2.6.38.6/arch/x86/kernel/process_64.c linux-2.6.38.6/arch/x86/k
/*
* Now maybe reload the debug registers and handle I/O bitmaps
-@@ -529,12 +527,11 @@ unsigned long get_wchan(struct task_stru
+@@ -529,12 +528,11 @@ unsigned long get_wchan(struct task_stru
if (!p || p == current || p->state == TASK_RUNNING)
return 0;
stack = (unsigned long)task_stack_page(p);
@@ -16491,8 +16650,17 @@ diff -urNp linux-2.6.38.6/arch/x86/kvm/mmu.c linux-2.6.38.6/arch/x86/kvm/mmu.c
kvm_mmu_free_some_pages(vcpu);
diff -urNp linux-2.6.38.6/arch/x86/kvm/paging_tmpl.h linux-2.6.38.6/arch/x86/kvm/paging_tmpl.h
--- linux-2.6.38.6/arch/x86/kvm/paging_tmpl.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/arch/x86/kvm/paging_tmpl.h 2011-04-28 19:57:25.000000000 -0400
-@@ -674,7 +674,7 @@ static void FNAME(invlpg)(struct kvm_vcp
++++ linux-2.6.38.6/arch/x86/kvm/paging_tmpl.h 2011-05-16 21:47:08.000000000 -0400
+@@ -554,6 +554,8 @@ static int FNAME(page_fault)(struct kvm_
+ unsigned long mmu_seq;
+ bool map_writable;
+
++ pax_track_stack();
++
+ pgprintk("%s: addr %lx err %x\n", __func__, addr, error_code);
+
+ r = mmu_topup_memory_caches(vcpu);
+@@ -674,7 +676,7 @@ static void FNAME(invlpg)(struct kvm_vcp
if (need_flush)
kvm_flush_remote_tlbs(vcpu->kvm);
@@ -21712,6 +21880,18 @@ diff -urNp linux-2.6.38.6/arch/x86/platform/efi/efi_stub_32.S linux-2.6.38.6/arc
saved_return_addr:
.long 0
efi_rt_function_ptr:
+diff -urNp linux-2.6.38.6/arch/x86/platform/uv/tlb_uv.c linux-2.6.38.6/arch/x86/platform/uv/tlb_uv.c
+--- linux-2.6.38.6/arch/x86/platform/uv/tlb_uv.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/arch/x86/platform/uv/tlb_uv.c 2011-05-16 21:47:08.000000000 -0400
+@@ -341,6 +341,8 @@ static void uv_reset_with_ipi(struct bau
+ cpumask_t mask;
+ struct reset_args reset_args;
+
++ pax_track_stack();
++
+ reset_args.sender = sender;
+
+ cpus_clear(mask);
diff -urNp linux-2.6.38.6/arch/x86/power/cpu.c linux-2.6.38.6/arch/x86/power/cpu.c
--- linux-2.6.38.6/arch/x86/power/cpu.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/arch/x86/power/cpu.c 2011-04-28 19:34:15.000000000 -0400
@@ -22300,18 +22480,39 @@ diff -urNp linux-2.6.38.6/block/scsi_ioctl.c linux-2.6.38.6/block/scsi_ioctl.c
if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len))
goto error;
+diff -urNp linux-2.6.38.6/crypto/serpent.c linux-2.6.38.6/crypto/serpent.c
+--- linux-2.6.38.6/crypto/serpent.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/crypto/serpent.c 2011-05-16 21:47:08.000000000 -0400
+@@ -224,6 +224,8 @@ static int serpent_setkey(struct crypto_
+ u32 r0,r1,r2,r3,r4;
+ int i;
+
++ pax_track_stack();
++
+ /* Copy key, add padding */
+
+ for (i = 0; i < keylen; ++i)
diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/dontdiff
--- linux-2.6.38.6/Documentation/dontdiff 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/Documentation/dontdiff 2011-04-28 19:34:15.000000000 -0400
-@@ -3,6 +3,7 @@
++++ linux-2.6.38.6/Documentation/dontdiff 2011-05-18 20:23:44.000000000 -0400
+@@ -1,13 +1,16 @@
+ *.a
+ *.aux
*.bin
++*.cis
*.cpio
*.csp
+*.dbg
*.dsp
*.dvi
*.elf
-@@ -38,8 +39,10 @@
+ *.eps
+ *.fw
++*.gcno
+ *.gen.S
+ *.gif
+ *.grep
+@@ -38,8 +41,10 @@
*.tab.h
*.tex
*.ver
@@ -22322,7 +22523,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
*_vga16.c
*~
*.9
-@@ -49,11 +52,16 @@
+@@ -49,11 +54,16 @@
53c700_d.h
CVS
ChangeSet
@@ -22339,8 +22540,11 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
SCCS
System.map*
TAGS
-@@ -82,6 +90,8 @@ bvmlinux
+@@ -80,8 +90,11 @@ btfixupprep
+ build
+ bvmlinux
bzImage*
++capability_names.h
capflags.c
classlist.h*
+clut_vga16.c
@@ -22348,7 +22552,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
comp*.log
compile.h*
conf
-@@ -106,16 +116,19 @@ fore200e_mkfirm
+@@ -106,16 +119,19 @@ fore200e_mkfirm
fore200e_pca_fw.c*
gconf
gen-devlist
@@ -22368,7 +22572,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
initramfs_data.cpio.gz
initramfs_list
int16.c
-@@ -125,7 +138,6 @@ int32.c
+@@ -125,7 +141,6 @@ int32.c
int4.c
int8.c
kallsyms
@@ -22376,7 +22580,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
keywords.c
ksym.c*
ksym.h*
-@@ -149,7 +161,9 @@ mkboot
+@@ -149,7 +164,9 @@ mkboot
mkbugboot
mkcpustr
mkdep
@@ -22386,7 +22590,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
mktables
mktree
modpost
-@@ -165,6 +179,7 @@ parse.h
+@@ -165,6 +182,7 @@ parse.h
patches*
pca200e.bin
pca200e_ecd.bin2
@@ -22394,15 +22598,17 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
piggy.gz
piggyback
piggy.S
-@@ -180,6 +195,7 @@ r600_reg_safe.h
+@@ -180,7 +198,9 @@ r600_reg_safe.h
raid6altivec*.c
raid6int*.c
raid6tables.c
+regdb.c
relocs
++rlim_names.h
rn50_reg_safe.h
rs600_reg_safe.h
-@@ -189,6 +205,7 @@ setup
+ rv515_reg_safe.h
+@@ -189,6 +209,7 @@ setup
setup.bin
setup.elf
sImage
@@ -22410,7 +22616,7 @@ diff -urNp linux-2.6.38.6/Documentation/dontdiff linux-2.6.38.6/Documentation/do
sm_tbl*
split-include
syscalltab.h
-@@ -213,13 +230,17 @@ version.h*
+@@ -213,13 +234,17 @@ version.h*
vmlinux
vmlinux-*
vmlinux.aout
@@ -22798,8 +23004,26 @@ diff -urNp linux-2.6.38.6/drivers/ata/libata-core.c linux-2.6.38.6/drivers/ata/l
.error_handler = ata_dummy_error_handler,
diff -urNp linux-2.6.38.6/drivers/ata/libata-eh.c linux-2.6.38.6/drivers/ata/libata-eh.c
--- linux-2.6.38.6/drivers/ata/libata-eh.c 2011-05-10 22:06:27.000000000 -0400
-+++ linux-2.6.38.6/drivers/ata/libata-eh.c 2011-05-10 22:06:52.000000000 -0400
-@@ -3882,7 +3882,7 @@ void ata_do_eh(struct ata_port *ap, ata_
++++ linux-2.6.38.6/drivers/ata/libata-eh.c 2011-05-17 19:31:43.000000000 -0400
+@@ -2478,6 +2478,8 @@ void ata_eh_report(struct ata_port *ap)
+ {
+ struct ata_link *link;
+
++ pax_track_stack();
++
+ ata_for_each_link(link, ap, HOST_FIRST)
+ ata_eh_link_report(link);
+ }
+@@ -3276,7 +3278,7 @@ static int ata_eh_set_lpm(struct ata_lin
+ struct ata_eh_context *ehc = &link->eh_context;
+ struct ata_device *dev, *link_dev = NULL, *lpm_dev = NULL;
+ enum ata_lpm_policy old_policy = link->lpm_policy;
+- bool no_dipm = ap->flags & ATA_FLAG_NO_DIPM;
++ bool no_dipm = link->ap->flags & ATA_FLAG_NO_DIPM;
+ unsigned int hints = ATA_LPM_EMPTY | ATA_LPM_HIPM;
+ unsigned int err_mask;
+ int rc;
+@@ -3882,7 +3884,7 @@ void ata_do_eh(struct ata_port *ap, ata_
*/
void ata_std_error_handler(struct ata_port *ap)
{
@@ -25129,7 +25353,7 @@ diff -urNp linux-2.6.38.6/drivers/atm/nicstar.c linux-2.6.38.6/drivers/atm/nicst
diff -urNp linux-2.6.38.6/drivers/atm/solos-pci.c linux-2.6.38.6/drivers/atm/solos-pci.c
--- linux-2.6.38.6/drivers/atm/solos-pci.c 2011-04-18 17:27:18.000000000 -0400
-+++ linux-2.6.38.6/drivers/atm/solos-pci.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/atm/solos-pci.c 2011-05-16 21:47:08.000000000 -0400
@@ -715,7 +715,7 @@ void solos_bh(unsigned long card_arg)
}
atm_charge(vcc, skb->truesize);
@@ -25139,7 +25363,16 @@ diff -urNp linux-2.6.38.6/drivers/atm/solos-pci.c linux-2.6.38.6/drivers/atm/sol
break;
case PKT_STATUS:
-@@ -1009,7 +1009,7 @@ static uint32_t fpga_tx(struct solos_car
+@@ -900,6 +900,8 @@ static int print_buffer(struct sk_buff *
+ char msg[500];
+ char item[10];
+
++ pax_track_stack();
++
+ len = buf->len;
+ for (i = 0; i < len; i++){
+ if(i % 8 == 0)
+@@ -1009,7 +1011,7 @@ static uint32_t fpga_tx(struct solos_car
vcc = SKB_CB(oldskb)->vcc;
if (vcc) {
@@ -25299,6 +25532,30 @@ diff -urNp linux-2.6.38.6/drivers/block/cciss.c linux-2.6.38.6/drivers/block/cci
err = 0;
err |=
copy_from_user(&arg64.LUN_info, &arg32->LUN_info,
+diff -urNp linux-2.6.38.6/drivers/block/cpqarray.c linux-2.6.38.6/drivers/block/cpqarray.c
+--- linux-2.6.38.6/drivers/block/cpqarray.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/block/cpqarray.c 2011-05-16 21:47:08.000000000 -0400
+@@ -911,6 +911,8 @@ static void do_ida_request(struct reques
+ struct scatterlist tmp_sg[SG_MAX];
+ int i, dir, seg;
+
++ pax_track_stack();
++
+ if (blk_queue_plugged(q))
+ goto startio;
+
+diff -urNp linux-2.6.38.6/drivers/block/DAC960.c linux-2.6.38.6/drivers/block/DAC960.c
+--- linux-2.6.38.6/drivers/block/DAC960.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/block/DAC960.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1979,6 +1979,8 @@ static bool DAC960_V1_ReadDeviceConfigur
+ unsigned long flags;
+ int Channel, TargetID;
+
++ pax_track_stack();
++
+ if (!init_dma_loaf(Controller->PCIDevice, &local_dma,
+ DAC960_V1_MaxChannels*(sizeof(DAC960_V1_DCDB_T) +
+ sizeof(DAC960_SCSI_Inquiry_T) +
diff -urNp linux-2.6.38.6/drivers/block/drbd/drbd_int.h linux-2.6.38.6/drivers/block/drbd/drbd_int.h
--- linux-2.6.38.6/drivers/block/drbd/drbd_int.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/block/drbd/drbd_int.h 2011-04-28 19:57:25.000000000 -0400
@@ -25506,6 +25763,27 @@ diff -urNp linux-2.6.38.6/drivers/block/drbd/drbd_receiver.c linux-2.6.38.6/driv
D_ASSERT(list_empty(&mdev->current_epoch->list));
}
+diff -urNp linux-2.6.38.6/drivers/block/nbd.c linux-2.6.38.6/drivers/block/nbd.c
+--- linux-2.6.38.6/drivers/block/nbd.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/block/nbd.c 2011-05-16 21:47:08.000000000 -0400
+@@ -157,6 +157,8 @@ static int sock_xmit(struct nbd_device *
+ struct kvec iov;
+ sigset_t blocked, oldset;
+
++ pax_track_stack();
++
+ if (unlikely(!sock)) {
+ printk(KERN_ERR "%s: Attempted %s on closed socket in sock_xmit\n",
+ lo->disk->disk_name, (send ? "send" : "recv"));
+@@ -571,6 +573,8 @@ static void do_nbd_request(struct reques
+ static int __nbd_ioctl(struct block_device *bdev, struct nbd_device *lo,
+ unsigned int cmd, unsigned long arg)
+ {
++ pax_track_stack();
++
+ switch (cmd) {
+ case NBD_DISCONNECT: {
+ struct request sreq;
diff -urNp linux-2.6.38.6/drivers/char/agp/frontend.c linux-2.6.38.6/drivers/char/agp/frontend.c
--- linux-2.6.38.6/drivers/char/agp/frontend.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/char/agp/frontend.c 2011-04-28 19:34:15.000000000 -0400
@@ -25587,7 +25865,7 @@ diff -urNp linux-2.6.38.6/drivers/char/hpet.c linux-2.6.38.6/drivers/char/hpet.c
struct hpet_timer __iomem *timer;
diff -urNp linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c
--- linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c 2011-05-16 21:47:08.000000000 -0400
@@ -414,7 +414,7 @@ struct ipmi_smi {
struct proc_dir_entry *proc_dir;
char proc_dir_name[10];
@@ -25618,6 +25896,15 @@ diff -urNp linux-2.6.38.6/drivers/char/ipmi/ipmi_msghandler.c linux-2.6.38.6/dri
intf->proc_dir = NULL;
+@@ -4196,6 +4196,8 @@ static void send_panic_events(char *str)
+ struct ipmi_smi_msg smi_msg;
+ struct ipmi_recv_msg recv_msg;
+
++ pax_track_stack();
++
+ si = (struct ipmi_system_interface_addr *) &addr;
+ si->addr_type = IPMI_SYSTEM_INTERFACE_ADDR_TYPE;
+ si->channel = IPMI_BMC_CHANNEL;
diff -urNp linux-2.6.38.6/drivers/char/ipmi/ipmi_si_intf.c linux-2.6.38.6/drivers/char/ipmi/ipmi_si_intf.c
--- linux-2.6.38.6/drivers/char/ipmi/ipmi_si_intf.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/char/ipmi/ipmi_si_intf.c 2011-04-28 19:34:15.000000000 -0400
@@ -25653,7 +25940,7 @@ diff -urNp linux-2.6.38.6/drivers/char/ipmi/ipmi_si_intf.c linux-2.6.38.6/driver
atomic_set(&new_smi->stop_operation, 0);
diff -urNp linux-2.6.38.6/drivers/char/istallion.c linux-2.6.38.6/drivers/char/istallion.c
--- linux-2.6.38.6/drivers/char/istallion.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/char/istallion.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/char/istallion.c 2011-05-16 21:47:08.000000000 -0400
@@ -186,7 +186,6 @@ static struct ktermios stli_deftermios
* re-used for each stats call.
*/
@@ -25670,6 +25957,24 @@ diff -urNp linux-2.6.38.6/drivers/char/istallion.c linux-2.6.38.6/drivers/char/i
if (copy_from_user(&stli_brdstats, bp, sizeof(combrd_t)))
return -EFAULT;
+@@ -4226,6 +4226,8 @@ static int stli_getportstruct(struct stl
+ struct stliport stli_dummyport;
+ struct stliport *portp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stli_dummyport, arg, sizeof(struct stliport)))
+ return -EFAULT;
+ portp = stli_getport(stli_dummyport.brdnr, stli_dummyport.panelnr,
+@@ -4248,6 +4250,8 @@ static int stli_getbrdstruct(struct stli
+ struct stlibrd stli_dummybrd;
+ struct stlibrd *brdp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stli_dummybrd, arg, sizeof(struct stlibrd)))
+ return -EFAULT;
+ if (stli_dummybrd.brdnr >= STL_MAXBRDS)
diff -urNp linux-2.6.38.6/drivers/char/Kconfig linux-2.6.38.6/drivers/char/Kconfig
--- linux-2.6.38.6/drivers/char/Kconfig 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/char/Kconfig 2011-04-28 19:34:15.000000000 -0400
@@ -26016,6 +26321,18 @@ diff -urNp linux-2.6.38.6/drivers/char/random.c linux-2.6.38.6/drivers/char/rand
static int max_write_thresh = INPUT_POOL_WORDS * 32;
static char sysctl_bootid[16];
+diff -urNp linux-2.6.38.6/drivers/char/rocket.c linux-2.6.38.6/drivers/char/rocket.c
+--- linux-2.6.38.6/drivers/char/rocket.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/char/rocket.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1277,6 +1277,8 @@ static int get_ports(struct r_port *info
+ struct rocket_ports tmp;
+ int board;
+
++ pax_track_stack();
++
+ if (!retports)
+ return -EFAULT;
+ memset(&tmp, 0, sizeof (tmp));
diff -urNp linux-2.6.38.6/drivers/char/sonypi.c linux-2.6.38.6/drivers/char/sonypi.c
--- linux-2.6.38.6/drivers/char/sonypi.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/char/sonypi.c 2011-04-28 19:34:15.000000000 -0400
@@ -26057,6 +26374,18 @@ diff -urNp linux-2.6.38.6/drivers/char/sonypi.c linux-2.6.38.6/drivers/char/sony
mutex_unlock(&sonypi_device.lock);
return 0;
+diff -urNp linux-2.6.38.6/drivers/char/stallion.c linux-2.6.38.6/drivers/char/stallion.c
+--- linux-2.6.38.6/drivers/char/stallion.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/char/stallion.c 2011-05-16 21:47:08.000000000 -0400
+@@ -2407,6 +2407,8 @@ static int stl_getportstruct(struct stlp
+ struct stlport stl_dummyport;
+ struct stlport *portp;
+
++ pax_track_stack();
++
+ if (copy_from_user(&stl_dummyport, arg, sizeof(struct stlport)))
+ return -EFAULT;
+ portp = stl_getport(stl_dummyport.brdnr, stl_dummyport.panelnr,
diff -urNp linux-2.6.38.6/drivers/char/tpm/tpm_bios.c linux-2.6.38.6/drivers/char/tpm/tpm_bios.c
--- linux-2.6.38.6/drivers/char/tpm/tpm_bios.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/char/tpm/tpm_bios.c 2011-04-28 19:34:15.000000000 -0400
@@ -26102,7 +26431,7 @@ diff -urNp linux-2.6.38.6/drivers/char/tpm/tpm_bios.c linux-2.6.38.6/drivers/cha
diff -urNp linux-2.6.38.6/drivers/char/tpm/tpm.c linux-2.6.38.6/drivers/char/tpm/tpm.c
--- linux-2.6.38.6/drivers/char/tpm/tpm.c 2011-04-18 17:27:18.000000000 -0400
-+++ linux-2.6.38.6/drivers/char/tpm/tpm.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/char/tpm/tpm.c 2011-05-16 21:47:08.000000000 -0400
@@ -411,7 +411,7 @@ static ssize_t tpm_transmit(struct tpm_c
chip->vendor.req_complete_val)
goto out_recv;
@@ -26112,6 +26441,15 @@ diff -urNp linux-2.6.38.6/drivers/char/tpm/tpm.c linux-2.6.38.6/drivers/char/tpm
dev_err(chip->dev, "Operation Canceled\n");
rc = -ECANCELED;
goto out;
+@@ -844,6 +844,8 @@ ssize_t tpm_show_pubek(struct device *de
+
+ struct tpm_chip *chip = dev_get_drvdata(dev);
+
++ pax_track_stack();
++
+ tpm_cmd.header.in = tpm_readpubek_header;
+ err = transmit_cmd(chip, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
+ "attempting to read the PUBEK");
diff -urNp linux-2.6.38.6/drivers/cpuidle/sysfs.c linux-2.6.38.6/drivers/cpuidle/sysfs.c
--- linux-2.6.38.6/drivers/cpuidle/sysfs.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/cpuidle/sysfs.c 2011-04-28 19:34:15.000000000 -0400
@@ -26124,6 +26462,30 @@ diff -urNp linux-2.6.38.6/drivers/cpuidle/sysfs.c linux-2.6.38.6/drivers/cpuidle
{
kobject_put(&device->kobjs[i]->kobj);
wait_for_completion(&device->kobjs[i]->kobj_unregister);
+diff -urNp linux-2.6.38.6/drivers/crypto/hifn_795x.c linux-2.6.38.6/drivers/crypto/hifn_795x.c
+--- linux-2.6.38.6/drivers/crypto/hifn_795x.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/crypto/hifn_795x.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1655,6 +1655,8 @@ static int hifn_test(struct hifn_device
+ 0xCA, 0x34, 0x2B, 0x2E};
+ struct scatterlist sg;
+
++ pax_track_stack();
++
+ memset(src, 0, sizeof(src));
+ memset(ctx.key, 0, sizeof(ctx.key));
+
+diff -urNp linux-2.6.38.6/drivers/crypto/padlock-aes.c linux-2.6.38.6/drivers/crypto/padlock-aes.c
+--- linux-2.6.38.6/drivers/crypto/padlock-aes.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/crypto/padlock-aes.c 2011-05-16 21:47:08.000000000 -0400
+@@ -109,6 +109,8 @@ static int aes_set_key(struct crypto_tfm
+ struct crypto_aes_ctx gen_aes;
+ int cpu;
+
++ pax_track_stack();
++
+ if (key_len % 8) {
+ *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+ return -EINVAL;
diff -urNp linux-2.6.38.6/drivers/edac/edac_mc_sysfs.c linux-2.6.38.6/drivers/edac/edac_mc_sysfs.c
--- linux-2.6.38.6/drivers/edac/edac_mc_sysfs.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/edac/edac_mc_sysfs.c 2011-04-28 19:34:15.000000000 -0400
@@ -26235,6 +26597,26 @@ diff -urNp linux-2.6.38.6/drivers/firewire/core-cdev.c linux-2.6.38.6/drivers/fi
return -EINVAL;
r = kmalloc(sizeof(*r), GFP_KERNEL);
+diff -urNp linux-2.6.38.6/drivers/firewire/core-transaction.c linux-2.6.38.6/drivers/firewire/core-transaction.c
+--- linux-2.6.38.6/drivers/firewire/core-transaction.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/firewire/core-transaction.c 2011-05-16 21:47:08.000000000 -0400
+@@ -36,6 +36,7 @@
+ #include <linux/string.h>
+ #include <linux/timer.h>
+ #include <linux/types.h>
++#include <linux/sched.h>
+
+ #include <asm/byteorder.h>
+
+@@ -420,6 +421,8 @@ int fw_run_transaction(struct fw_card *c
+ struct transaction_callback_data d;
+ struct fw_transaction t;
+
++ pax_track_stack();
++
+ init_timer_on_stack(&t.split_timeout_timer);
+ init_completion(&d.done);
+ d.payload = payload;
diff -urNp linux-2.6.38.6/drivers/firmware/dmi_scan.c linux-2.6.38.6/drivers/firmware/dmi_scan.c
--- linux-2.6.38.6/drivers/firmware/dmi_scan.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/firmware/dmi_scan.c 2011-04-28 19:34:15.000000000 -0400
@@ -26264,7 +26646,7 @@ diff -urNp linux-2.6.38.6/drivers/gpio/vr41xx_giu.c linux-2.6.38.6/drivers/gpio/
}
diff -urNp linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c
--- linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c 2011-05-16 21:47:08.000000000 -0400
@@ -276,7 +276,7 @@ static bool drm_encoder_crtc_ok(struct d
struct drm_crtc *tmp;
int crtc_mask = 1;
@@ -26274,6 +26656,15 @@ diff -urNp linux-2.6.38.6/drivers/gpu/drm/drm_crtc_helper.c linux-2.6.38.6/drive
dev = crtc->dev;
+@@ -343,6 +343,8 @@ bool drm_crtc_helper_set_mode(struct drm
+ struct drm_encoder *encoder;
+ bool ret = true;
+
++ pax_track_stack();
++
+ crtc->enabled = drm_helper_crtc_in_use(crtc);
+ if (!crtc->enabled)
+ return true;
diff -urNp linux-2.6.38.6/drivers/gpu/drm/drm_drv.c linux-2.6.38.6/drivers/gpu/drm/drm_drv.c
--- linux-2.6.38.6/drivers/gpu/drm/drm_drv.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/gpu/drm/drm_drv.c 2011-04-28 19:34:15.000000000 -0400
@@ -27019,6 +27410,18 @@ diff -urNp linux-2.6.38.6/drivers/gpu/drm/r128/r128_state.c linux-2.6.38.6/drive
}
#endif
+diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/atom.c linux-2.6.38.6/drivers/gpu/drm/radeon/atom.c
+--- linux-2.6.38.6/drivers/gpu/drm/radeon/atom.c 2011-05-10 22:06:27.000000000 -0400
++++ linux-2.6.38.6/drivers/gpu/drm/radeon/atom.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1245,6 +1245,8 @@ struct atom_context *atom_parse(struct c
+ char name[512];
+ int i;
+
++ pax_track_stack();
++
+ ctx->card = card;
+ ctx->bios = bios;
+
diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.38.6/drivers/gpu/drm/radeon/mkregtable.c
--- linux-2.6.38.6/drivers/gpu/drm/radeon/mkregtable.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/gpu/drm/radeon/mkregtable.c 2011-04-28 19:34:15.000000000 -0400
@@ -27039,6 +27442,18 @@ diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.38.6/dri
if (regcomp
(&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) {
+diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_atombios.c linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_atombios.c
+--- linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_atombios.c 2011-05-10 22:06:29.000000000 -0400
++++ linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_atombios.c 2011-05-16 21:47:08.000000000 -0400
+@@ -545,6 +545,8 @@ bool radeon_get_atom_connector_info_from
+ struct radeon_gpio_rec gpio;
+ struct radeon_hpd hpd;
+
++ pax_track_stack();
++
+ if (!atom_parse_data_header(ctx, index, &size, &frev, &crev, &data_offset))
+ return false;
+
diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_device.c linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_device.c
--- linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_device.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_device.c 2011-04-28 19:34:15.000000000 -0400
@@ -27051,6 +27466,18 @@ diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_device.c linux-2.6.38.6/
spin_unlock(&dev->count_lock);
return can_switch;
}
+diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_display.c linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_display.c
+--- linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_display.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_display.c 2011-05-16 21:47:08.000000000 -0400
+@@ -934,6 +934,8 @@ void radeon_compute_pll_legacy(struct ra
+ uint32_t post_div;
+ u32 pll_out_min, pll_out_max;
+
++ pax_track_stack();
++
+ DRM_DEBUG_KMS("PLL freq %llu %u %u\n", freq, pll->min_ref_div, pll->max_ref_div);
+ freq = freq * 1000;
+
diff -urNp linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_drv.h linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_drv.h
--- linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_drv.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/gpu/drm/radeon/radeon_drv.h 2011-04-28 19:57:25.000000000 -0400
@@ -27645,6 +28072,30 @@ diff -urNp linux-2.6.38.6/drivers/ide/ide-cd.c linux-2.6.38.6/drivers/ide/ide-cd
drive->dma = 0;
}
}
+diff -urNp linux-2.6.38.6/drivers/ide/ide-floppy.c linux-2.6.38.6/drivers/ide/ide-floppy.c
+--- linux-2.6.38.6/drivers/ide/ide-floppy.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/ide/ide-floppy.c 2011-05-16 21:47:08.000000000 -0400
+@@ -379,6 +379,8 @@ static int ide_floppy_get_capacity(ide_d
+ u8 pc_buf[256], header_len, desc_cnt;
+ int i, rc = 1, blocks, length;
+
++ pax_track_stack();
++
+ ide_debug_log(IDE_DBG_FUNC, "enter");
+
+ drive->bios_cyl = 0;
+diff -urNp linux-2.6.38.6/drivers/ide/setup-pci.c linux-2.6.38.6/drivers/ide/setup-pci.c
+--- linux-2.6.38.6/drivers/ide/setup-pci.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/ide/setup-pci.c 2011-05-16 21:47:08.000000000 -0400
+@@ -542,6 +542,8 @@ int ide_pci_init_two(struct pci_dev *dev
+ int ret, i, n_ports = dev2 ? 4 : 2;
+ struct ide_hw hw[4], *hws[] = { NULL, NULL, NULL, NULL };
+
++ pax_track_stack();
++
+ for (i = 0; i < n_ports / 2; i++) {
+ ret = ide_setup_pci_controller(pdev[i], d, !i);
+ if (ret < 0)
diff -urNp linux-2.6.38.6/drivers/infiniband/core/cm.c linux-2.6.38.6/drivers/infiniband/core/cm.c
--- linux-2.6.38.6/drivers/infiniband/core/cm.c 2011-04-18 17:27:14.000000000 -0400
+++ linux-2.6.38.6/drivers/infiniband/core/cm.c 2011-04-28 19:34:15.000000000 -0400
@@ -27878,6 +28329,18 @@ diff -urNp linux-2.6.38.6/drivers/infiniband/hw/cxgb4/mem.c linux-2.6.38.6/drive
}
PDBG("%s stag_state 0x%0x type 0x%0x pdid 0x%0x, stag_idx 0x%x\n",
__func__, stag_state, type, pdid, stag_idx);
+diff -urNp linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_fs.c linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_fs.c
+--- linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_fs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_fs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -113,6 +113,8 @@ static ssize_t atomic_counters_read(stru
+ struct infinipath_counters counters;
+ struct ipath_devdata *dd;
+
++ pax_track_stack();
++
+ dd = file->f_path.dentry->d_inode->i_private;
+ dd->ipath_f_read_counters(dd, &counters);
+
diff -urNp linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_rc.c linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_rc.c
--- linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_rc.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/infiniband/hw/ipath/ipath_rc.c 2011-05-11 18:35:16.000000000 -0400
@@ -28343,6 +28806,26 @@ diff -urNp linux-2.6.38.6/drivers/input/input.c linux-2.6.38.6/drivers/input/inp
error = device_add(&dev->dev);
if (error)
+diff -urNp linux-2.6.38.6/drivers/input/joystick/sidewinder.c linux-2.6.38.6/drivers/input/joystick/sidewinder.c
+--- linux-2.6.38.6/drivers/input/joystick/sidewinder.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/input/joystick/sidewinder.c 2011-05-18 20:23:44.000000000 -0400
+@@ -30,6 +30,7 @@
+ #include <linux/kernel.h>
+ #include <linux/module.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+ #include <linux/init.h>
+ #include <linux/input.h>
+ #include <linux/gameport.h>
+@@ -428,6 +429,8 @@ static int sw_read(struct sw *sw)
+ unsigned char buf[SW_LENGTH];
+ int i;
+
++ pax_track_stack();
++
+ i = sw_read_packet(sw->gameport, buf, sw->length, 0);
+
+ if (sw->type == SW_ID_3DP && sw->length == 66 && i != 66) { /* Broken packet, try to fix */
diff -urNp linux-2.6.38.6/drivers/input/joystick/xpad.c linux-2.6.38.6/drivers/input/joystick/xpad.c
--- linux-2.6.38.6/drivers/input/joystick/xpad.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/input/joystick/xpad.c 2011-04-28 19:57:25.000000000 -0400
@@ -28580,6 +29063,128 @@ diff -urNp linux-2.6.38.6/drivers/isdn/hardware/avm/b1.c linux-2.6.38.6/drivers/
return -EFAULT;
} else {
memcpy(buf, dp, left);
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/capidtmf.c linux-2.6.38.6/drivers/isdn/hardware/eicon/capidtmf.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/capidtmf.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/capidtmf.c 2011-05-16 21:47:08.000000000 -0400
+@@ -498,6 +498,7 @@ void capidtmf_recv_block (t_capidtmf_sta
+ byte goertzel_result_buffer[CAPIDTMF_RECV_TOTAL_FREQUENCY_COUNT];
+ short windowed_sample_buffer[CAPIDTMF_RECV_WINDOWED_SAMPLES];
+
++ pax_track_stack();
+
+ if (p_state->recv.state & CAPIDTMF_RECV_STATE_DTMF_ACTIVE)
+ {
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/capifunc.c linux-2.6.38.6/drivers/isdn/hardware/eicon/capifunc.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/capifunc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/capifunc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1055,6 +1055,8 @@ static int divacapi_connect_didd(void)
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/diddfunc.c linux-2.6.38.6/drivers/isdn/hardware/eicon/diddfunc.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/diddfunc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/diddfunc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -54,6 +54,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/divasfunc.c linux-2.6.38.6/drivers/isdn/hardware/eicon/divasfunc.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/divasfunc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/divasfunc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -161,6 +161,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/idifunc.c linux-2.6.38.6/drivers/isdn/hardware/eicon/idifunc.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/idifunc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/idifunc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -188,6 +188,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/message.c linux-2.6.38.6/drivers/isdn/hardware/eicon/message.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/message.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/message.c 2011-05-16 21:47:08.000000000 -0400
+@@ -4889,6 +4889,8 @@ static void sig_ind(PLCI *plci)
+ dword d;
+ word w;
+
++ pax_track_stack();
++
+ a = plci->adapter;
+ Id = ((word)plci->Id<<8)|a->Id;
+ PUT_WORD(&SS_Ind[4],0x0000);
+@@ -7484,6 +7486,8 @@ static word add_b1(PLCI *plci, API_PARSE
+ word j, n, w;
+ dword d;
+
++ pax_track_stack();
++
+
+ for(i=0;i<8;i++) bp_parms[i].length = 0;
+ for(i=0;i<2;i++) global_config[i].length = 0;
+@@ -7958,6 +7962,8 @@ static word add_b23(PLCI *plci, API_PARS
+ const byte llc3[] = {4,3,2,2,6,6,0};
+ const byte header[] = {0,2,3,3,0,0,0};
+
++ pax_track_stack();
++
+ for(i=0;i<8;i++) bp_parms[i].length = 0;
+ for(i=0;i<6;i++) b2_config_parms[i].length = 0;
+ for(i=0;i<5;i++) b3_config_parms[i].length = 0;
+@@ -14760,6 +14766,8 @@ static void group_optimization(DIVA_CAPI
+ word appl_number_group_type[MAX_APPL];
+ PLCI *auxplci;
+
++ pax_track_stack();
++
+ set_group_ind_mask (plci); /* all APPLs within this inc. call are allowed to dial in */
+
+ if(!a->group_optimization_enabled)
+diff -urNp linux-2.6.38.6/drivers/isdn/hardware/eicon/mntfunc.c linux-2.6.38.6/drivers/isdn/hardware/eicon/mntfunc.c
+--- linux-2.6.38.6/drivers/isdn/hardware/eicon/mntfunc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/hardware/eicon/mntfunc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -79,6 +79,8 @@ static int DIVA_INIT_FUNCTION connect_di
+ IDI_SYNC_REQ req;
+ DESCRIPTOR DIDD_Table[MAX_DESCRIPTORS];
+
++ pax_track_stack();
++
+ DIVA_DIDD_Read(DIDD_Table, sizeof(DIDD_Table));
+
+ for (x = 0; x < MAX_DESCRIPTORS; x++) {
+diff -urNp linux-2.6.38.6/drivers/isdn/i4l/isdn_common.c linux-2.6.38.6/drivers/isdn/i4l/isdn_common.c
+--- linux-2.6.38.6/drivers/isdn/i4l/isdn_common.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/isdn/i4l/isdn_common.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1292,6 +1292,8 @@ isdn_ioctl(struct file *file, uint cmd,
+ } iocpar;
+ void __user *argp = (void __user *)arg;
+
++ pax_track_stack();
++
+ #define name iocpar.name
+ #define bname iocpar.bname
+ #define iocts iocpar.iocts
diff -urNp linux-2.6.38.6/drivers/isdn/icn/icn.c linux-2.6.38.6/drivers/isdn/icn/icn.c
--- linux-2.6.38.6/drivers/isdn/icn/icn.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/isdn/icn/icn.c 2011-04-28 19:34:15.000000000 -0400
@@ -29145,7 +29750,7 @@ diff -urNp linux-2.6.38.6/drivers/md/raid1.c linux-2.6.38.6/drivers/md/raid1.c
"(%d sectors at %llu on %s)\n",
diff -urNp linux-2.6.38.6/drivers/md/raid5.c linux-2.6.38.6/drivers/md/raid5.c
--- linux-2.6.38.6/drivers/md/raid5.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/md/raid5.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/drivers/md/raid5.c 2011-05-16 21:47:08.000000000 -0400
@@ -555,7 +555,7 @@ static void ops_run_io(struct stripe_hea
bi->bi_next = NULL;
if (rw == WRITE &&
@@ -29183,6 +29788,47 @@ diff -urNp linux-2.6.38.6/drivers/md/raid5.c linux-2.6.38.6/drivers/md/raid5.c
> conf->max_nr_stripes)
printk(KERN_WARNING
"md/raid:%s: Too many read errors, failing device %s.\n",
+@@ -1953,6 +1953,7 @@ static sector_t compute_blocknr(struct s
+ sector_t r_sector;
+ struct stripe_head sh2;
+
++ pax_track_stack();
+
+ chunk_offset = sector_div(new_sector, sectors_per_chunk);
+ stripe = new_sector;
+diff -urNp linux-2.6.38.6/drivers/media/common/saa7146_hlp.c linux-2.6.38.6/drivers/media/common/saa7146_hlp.c
+--- linux-2.6.38.6/drivers/media/common/saa7146_hlp.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/common/saa7146_hlp.c 2011-05-16 21:47:08.000000000 -0400
+@@ -353,6 +353,8 @@ static void calculate_clipping_registers
+
+ int x[32], y[32], w[32], h[32];
+
++ pax_track_stack();
++
+ /* clear out memory */
+ memset(&line_list[0], 0x00, sizeof(u32)*32);
+ memset(&pixel_list[0], 0x00, sizeof(u32)*32);
+diff -urNp linux-2.6.38.6/drivers/media/dvb/dvb-core/dvb_ca_en50221.c linux-2.6.38.6/drivers/media/dvb/dvb-core/dvb_ca_en50221.c
+--- linux-2.6.38.6/drivers/media/dvb/dvb-core/dvb_ca_en50221.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/dvb/dvb-core/dvb_ca_en50221.c 2011-05-16 21:47:08.000000000 -0400
+@@ -590,6 +590,8 @@ static int dvb_ca_en50221_read_data(stru
+ u8 buf[HOST_LINK_BUF_SIZE];
+ int i;
+
++ pax_track_stack();
++
+ dprintk("%s\n", __func__);
+
+ /* check if we have space for a link buf in the rx_buffer */
+@@ -1285,6 +1287,8 @@ static ssize_t dvb_ca_en50221_io_write(s
+ unsigned long timeout;
+ int written;
+
++ pax_track_stack();
++
+ dprintk("%s\n", __func__);
+
+ /* Incoming packet has a 2 byte header. hdr[0] = slot_id, hdr[1] = connection_id */
diff -urNp linux-2.6.38.6/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.38.6/drivers/media/dvb/dvb-core/dvbdev.c
--- linux-2.6.38.6/drivers/media/dvb/dvb-core/dvbdev.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/media/dvb/dvb-core/dvbdev.c 2011-04-28 19:34:15.000000000 -0400
@@ -29195,6 +29841,62 @@ diff -urNp linux-2.6.38.6/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.38.6/dri
struct device *clsdev;
int minor;
int id;
+diff -urNp linux-2.6.38.6/drivers/media/dvb/dvb-usb/dib0700_core.c linux-2.6.38.6/drivers/media/dvb/dvb-usb/dib0700_core.c
+--- linux-2.6.38.6/drivers/media/dvb/dvb-usb/dib0700_core.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/dvb/dvb-usb/dib0700_core.c 2011-05-16 21:47:08.000000000 -0400
+@@ -366,6 +366,8 @@ int dib0700_download_firmware(struct usb
+
+ u8 buf[260];
+
++ pax_track_stack();
++
+ while ((ret = dvb_usb_get_hexline(fw, &hx, &pos)) > 0) {
+ deb_fwdata("writing to address 0x%08x (buffer: 0x%02x %02x)\n",
+ hx.addr, hx.len, hx.chk);
+diff -urNp linux-2.6.38.6/drivers/media/dvb/dvb-usb/lmedm04.c linux-2.6.38.6/drivers/media/dvb/dvb-usb/lmedm04.c
+--- linux-2.6.38.6/drivers/media/dvb/dvb-usb/lmedm04.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/dvb/dvb-usb/lmedm04.c 2011-05-16 21:47:08.000000000 -0400
+@@ -611,6 +611,7 @@ static int lme2510_download_firmware(str
+ packet_size = 0x31;
+ len_in = 1;
+
++ pax_track_stack();
+
+ info("FRM Starting Firmware Download");
+
+@@ -666,6 +667,8 @@ static void lme_coldreset(struct usb_dev
+ int ret = 0, len_in;
+ u8 data[512] = {0};
+
++ pax_track_stack();
++
+ data[0] = 0x0a;
+ len_in = 1;
+ info("FRM Firmware Cold Reset");
+diff -urNp linux-2.6.38.6/drivers/media/dvb/frontends/mb86a16.c linux-2.6.38.6/drivers/media/dvb/frontends/mb86a16.c
+--- linux-2.6.38.6/drivers/media/dvb/frontends/mb86a16.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/dvb/frontends/mb86a16.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1060,6 +1060,8 @@ static int mb86a16_set_fe(struct mb86a16
+ int ret = -1;
+ int sync;
+
++ pax_track_stack();
++
+ dprintk(verbose, MB86A16_INFO, 1, "freq=%d Mhz, symbrt=%d Ksps", state->frequency, state->srate);
+
+ fcp = 3000;
+diff -urNp linux-2.6.38.6/drivers/media/dvb/frontends/or51211.c linux-2.6.38.6/drivers/media/dvb/frontends/or51211.c
+--- linux-2.6.38.6/drivers/media/dvb/frontends/or51211.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/dvb/frontends/or51211.c 2011-05-16 21:47:08.000000000 -0400
+@@ -113,6 +113,8 @@ static int or51211_load_firmware (struct
+ u8 tudata[585];
+ int i;
+
++ pax_track_stack();
++
+ dprintk("Firmware is %zd bytes\n",fw->size);
+
+ /* Get eprom data */
diff -urNp linux-2.6.38.6/drivers/media/radio/radio-cadet.c linux-2.6.38.6/drivers/media/radio/radio-cadet.c
--- linux-2.6.38.6/drivers/media/radio/radio-cadet.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/media/radio/radio-cadet.c 2011-04-28 19:34:15.000000000 -0400
@@ -29254,7 +29956,7 @@ diff -urNp linux-2.6.38.6/drivers/media/rc/rc-main.c linux-2.6.38.6/drivers/medi
rc = device_add(&dev->dev);
diff -urNp linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c
--- linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c 2011-05-16 21:47:08.000000000 -0400
@@ -60,7 +60,7 @@ static struct pci_device_id cx18_pci_tbl
MODULE_DEVICE_TABLE(pci, cx18_pci_tbl);
@@ -29264,7 +29966,16 @@ diff -urNp linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c linux-2.6.38.6/
/* Parameter declarations */
static int cardtype[CX18_MAX_CARDS];
-@@ -884,7 +884,7 @@ static int __devinit cx18_probe(struct p
+@@ -326,6 +326,8 @@ void cx18_read_eeprom(struct cx18 *cx, s
+ struct i2c_client c;
+ u8 eedata[256];
+
++ pax_track_stack();
++
+ memset(&c, 0, sizeof(c));
+ strlcpy(c.name, "cx18 tveeprom tmp", sizeof(c.name));
+ c.adapter = &cx->i2c_adap[0];
+@@ -884,7 +886,7 @@ static int __devinit cx18_probe(struct p
struct cx18 *cx;
/* FIXME - module parameter arrays constrain max instances */
@@ -29273,6 +29984,18 @@ diff -urNp linux-2.6.38.6/drivers/media/video/cx18/cx18-driver.c linux-2.6.38.6/
if (i >= CX18_MAX_CARDS) {
printk(KERN_ERR "cx18: cannot manage card %d, driver has a "
"limit of 0 - %d\n", i, CX18_MAX_CARDS - 1);
+diff -urNp linux-2.6.38.6/drivers/media/video/cx23885/cx23885-input.c linux-2.6.38.6/drivers/media/video/cx23885/cx23885-input.c
+--- linux-2.6.38.6/drivers/media/video/cx23885/cx23885-input.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/cx23885/cx23885-input.c 2011-05-16 21:47:08.000000000 -0400
+@@ -53,6 +53,8 @@ static void cx23885_input_process_measur
+ bool handle = false;
+ struct ir_raw_event ir_core_event[64];
+
++ pax_track_stack();
++
+ do {
+ num = 0;
+ v4l2_subdev_call(dev->sd_ir, ir, rx_read, (u8 *) ir_core_event,
diff -urNp linux-2.6.38.6/drivers/media/video/ivtv/ivtv-driver.c linux-2.6.38.6/drivers/media/video/ivtv/ivtv-driver.c
--- linux-2.6.38.6/drivers/media/video/ivtv/ivtv-driver.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/media/video/ivtv/ivtv-driver.c 2011-04-28 19:57:25.000000000 -0400
@@ -29309,6 +30032,63 @@ diff -urNp linux-2.6.38.6/drivers/media/video/omap24xxcam.h linux-2.6.38.6/drive
/* accessing cam here doesn't need serialisation: it's constant */
struct omap24xxcam_device *cam;
};
+diff -urNp linux-2.6.38.6/drivers/media/video/pvrusb2/pvrusb2-eeprom.c linux-2.6.38.6/drivers/media/video/pvrusb2/pvrusb2-eeprom.c
+--- linux-2.6.38.6/drivers/media/video/pvrusb2/pvrusb2-eeprom.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/pvrusb2/pvrusb2-eeprom.c 2011-05-16 21:47:08.000000000 -0400
+@@ -120,6 +120,8 @@ int pvr2_eeprom_analyze(struct pvr2_hdw
+ u8 *eeprom;
+ struct tveeprom tvdata;
+
++ pax_track_stack();
++
+ memset(&tvdata,0,sizeof(tvdata));
+
+ eeprom = pvr2_eeprom_fetch(hdw);
+diff -urNp linux-2.6.38.6/drivers/media/video/saa7134/saa6752hs.c linux-2.6.38.6/drivers/media/video/saa7134/saa6752hs.c
+--- linux-2.6.38.6/drivers/media/video/saa7134/saa6752hs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/saa7134/saa6752hs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -682,6 +682,8 @@ static int saa6752hs_init(struct v4l2_su
+ unsigned char localPAT[256];
+ unsigned char localPMT[256];
+
++ pax_track_stack();
++
+ /* Set video format - must be done first as it resets other settings */
+ set_reg8(client, 0x41, h->video_format);
+
+diff -urNp linux-2.6.38.6/drivers/media/video/saa7164/saa7164-cmd.c linux-2.6.38.6/drivers/media/video/saa7164/saa7164-cmd.c
+--- linux-2.6.38.6/drivers/media/video/saa7164/saa7164-cmd.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/saa7164/saa7164-cmd.c 2011-05-16 21:47:08.000000000 -0400
+@@ -88,6 +88,8 @@ int saa7164_irq_dequeue(struct saa7164_d
+ u8 tmp[512];
+ dprintk(DBGLVL_CMD, "%s()\n", __func__);
+
++ pax_track_stack();
++
+ /* While any outstand message on the bus exists... */
+ do {
+
+@@ -141,6 +143,8 @@ int saa7164_cmd_dequeue(struct saa7164_d
+ u8 tmp[512];
+ dprintk(DBGLVL_CMD, "%s()\n", __func__);
+
++ pax_track_stack();
++
+ while (loop) {
+
+ struct tmComResInfo tRsp = { 0, 0, 0, 0, 0, 0 };
+diff -urNp linux-2.6.38.6/drivers/media/video/usbvision/usbvision-core.c linux-2.6.38.6/drivers/media/video/usbvision/usbvision-core.c
+--- linux-2.6.38.6/drivers/media/video/usbvision/usbvision-core.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/usbvision/usbvision-core.c 2011-05-16 21:47:08.000000000 -0400
+@@ -799,6 +799,8 @@ static enum parse_state usbvision_parse_
+ unsigned char rv, gv, bv;
+ static unsigned char *Y, *U, *V;
+
++ pax_track_stack();
++
+ frame = usbvision->cur_frame;
+ image_size = frame->frmwidth * frame->frmheight;
+ if ((frame->v4l2_format.format == V4L2_PIX_FMT_YUV422P) ||
diff -urNp linux-2.6.38.6/drivers/media/video/v4l2-device.c linux-2.6.38.6/drivers/media/video/v4l2-device.c
--- linux-2.6.38.6/drivers/media/video/v4l2-device.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/media/video/v4l2-device.c 2011-04-28 19:57:25.000000000 -0400
@@ -29324,6 +30104,18 @@ diff -urNp linux-2.6.38.6/drivers/media/video/v4l2-device.c linux-2.6.38.6/drive
int len = strlen(basename);
if (basename[len - 1] >= '0' && basename[len - 1] <= '9')
+diff -urNp linux-2.6.38.6/drivers/media/video/videobuf-dma-sg.c linux-2.6.38.6/drivers/media/video/videobuf-dma-sg.c
+--- linux-2.6.38.6/drivers/media/video/videobuf-dma-sg.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/media/video/videobuf-dma-sg.c 2011-05-16 21:47:08.000000000 -0400
+@@ -606,6 +606,8 @@ void *videobuf_sg_alloc(size_t size)
+ {
+ struct videobuf_queue q;
+
++ pax_track_stack();
++
+ /* Required to make generic handler to call __videobuf_alloc */
+ q.int_ops = &sg_ops;
+
diff -urNp linux-2.6.38.6/drivers/message/fusion/mptbase.c linux-2.6.38.6/drivers/message/fusion/mptbase.c
--- linux-2.6.38.6/drivers/message/fusion/mptbase.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/message/fusion/mptbase.c 2011-04-28 19:34:15.000000000 -0400
@@ -29420,6 +30212,18 @@ diff -urNp linux-2.6.38.6/drivers/message/fusion/mptscsih.c linux-2.6.38.6/drive
return h->info_kbuf;
}
+diff -urNp linux-2.6.38.6/drivers/message/i2o/i2o_config.c linux-2.6.38.6/drivers/message/i2o/i2o_config.c
+--- linux-2.6.38.6/drivers/message/i2o/i2o_config.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/message/i2o/i2o_config.c 2011-05-16 21:47:08.000000000 -0400
+@@ -781,6 +781,8 @@ static int i2o_cfg_passthru(unsigned lon
+ struct i2o_message *msg;
+ unsigned int iop;
+
++ pax_track_stack();
++
+ if (get_user(iop, &cmd->iop) || get_user(user_msg, &cmd->msg))
+ return -EFAULT;
+
diff -urNp linux-2.6.38.6/drivers/message/i2o/i2o_proc.c linux-2.6.38.6/drivers/message/i2o/i2o_proc.c
--- linux-2.6.38.6/drivers/message/i2o/i2o_proc.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/message/i2o/i2o_proc.c 2011-04-28 19:34:15.000000000 -0400
@@ -29546,6 +30350,18 @@ diff -urNp linux-2.6.38.6/drivers/mfd/janz-cmodio.c linux-2.6.38.6/drivers/mfd/j
#include <linux/init.h>
#include <linux/pci.h>
#include <linux/interrupt.h>
+diff -urNp linux-2.6.38.6/drivers/mfd/wm8350-i2c.c linux-2.6.38.6/drivers/mfd/wm8350-i2c.c
+--- linux-2.6.38.6/drivers/mfd/wm8350-i2c.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mfd/wm8350-i2c.c 2011-05-16 21:47:08.000000000 -0400
+@@ -44,6 +44,8 @@ static int wm8350_i2c_write_device(struc
+ u8 msg[(WM8350_MAX_REGISTER << 1) + 1];
+ int ret;
+
++ pax_track_stack();
++
+ if (bytes > ((WM8350_MAX_REGISTER << 1) + 1))
+ return -EINVAL;
+
diff -urNp linux-2.6.38.6/drivers/misc/kgdbts.c linux-2.6.38.6/drivers/misc/kgdbts.c
--- linux-2.6.38.6/drivers/misc/kgdbts.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/misc/kgdbts.c 2011-04-28 19:34:15.000000000 -0400
@@ -29789,6 +30605,84 @@ diff -urNp linux-2.6.38.6/drivers/misc/sgi-gru/grutables.h linux-2.6.38.6/driver
} while (0)
#ifdef CONFIG_SGI_GRU_DEBUG
+diff -urNp linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0001.c linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0001.c
+--- linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0001.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0001.c 2011-05-16 21:47:08.000000000 -0400
+@@ -757,6 +757,8 @@ static int chip_ready (struct map_info *
+ struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
+ unsigned long timeo = jiffies + HZ;
+
++ pax_track_stack();
++
+ /* Prevent setting state FL_SYNCING for chip in suspended state. */
+ if (mode == FL_SYNCING && chip->oldstate != FL_READY)
+ goto sleep;
+@@ -1657,6 +1659,8 @@ static int __xipram do_write_buffer(stru
+ unsigned long initial_adr;
+ int initial_len = len;
+
++ pax_track_stack();
++
+ wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
+ adr += chip->start;
+ initial_adr = adr;
+@@ -1875,6 +1879,8 @@ static int __xipram do_erase_oneblock(st
+ int retries = 3;
+ int ret;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ retry:
+diff -urNp linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0020.c linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0020.c
+--- linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0020.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/chips/cfi_cmdset_0020.c 2011-05-16 21:47:08.000000000 -0400
+@@ -255,6 +255,8 @@ static inline int do_read_onechip(struct
+ unsigned long cmd_addr;
+ struct cfi_private *cfi = map->fldrv_priv;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Ensure cmd read/writes are aligned. */
+@@ -428,6 +430,8 @@ static inline int do_write_buffer(struct
+ DECLARE_WAITQUEUE(wait, current);
+ int wbufsize, z;
+
++ pax_track_stack();
++
+ /* M58LW064A requires bus alignment for buffer wriets -- saw */
+ if (adr & (map_bankwidth(map)-1))
+ return -EINVAL;
+@@ -742,6 +746,8 @@ static inline int do_erase_oneblock(stru
+ DECLARE_WAITQUEUE(wait, current);
+ int ret = 0;
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
+@@ -1047,6 +1053,8 @@ static inline int do_lock_oneblock(struc
+ unsigned long timeo = jiffies + HZ;
+ DECLARE_WAITQUEUE(wait, current);
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
+@@ -1196,6 +1204,8 @@ static inline int do_unlock_oneblock(str
+ unsigned long timeo = jiffies + HZ;
+ DECLARE_WAITQUEUE(wait, current);
+
++ pax_track_stack();
++
+ adr += chip->start;
+
+ /* Let's determine this according to the interleave only once */
diff -urNp linux-2.6.38.6/drivers/mtd/devices/doc2000.c linux-2.6.38.6/drivers/mtd/devices/doc2000.c
--- linux-2.6.38.6/drivers/mtd/devices/doc2000.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/mtd/devices/doc2000.c 2011-04-28 19:34:15.000000000 -0400
@@ -29813,6 +30707,66 @@ diff -urNp linux-2.6.38.6/drivers/mtd/devices/doc2001.c linux-2.6.38.6/drivers/m
return -EINVAL;
/* Don't allow a single read to cross a 512-byte block boundary */
+diff -urNp linux-2.6.38.6/drivers/mtd/ftl.c linux-2.6.38.6/drivers/mtd/ftl.c
+--- linux-2.6.38.6/drivers/mtd/ftl.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/ftl.c 2011-05-16 21:47:08.000000000 -0400
+@@ -474,6 +474,8 @@ static int copy_erase_unit(partition_t *
+ loff_t offset;
+ uint16_t srcunitswap = cpu_to_le16(srcunit);
+
++ pax_track_stack();
++
+ eun = &part->EUNInfo[srcunit];
+ xfer = &part->XferInfo[xferunit];
+ DEBUG(2, "ftl_cs: copying block 0x%x to 0x%x\n",
+diff -urNp linux-2.6.38.6/drivers/mtd/inftlcore.c linux-2.6.38.6/drivers/mtd/inftlcore.c
+--- linux-2.6.38.6/drivers/mtd/inftlcore.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/inftlcore.c 2011-05-16 21:47:08.000000000 -0400
+@@ -259,6 +259,8 @@ static u16 INFTL_foldchain(struct INFTLr
+ struct inftl_oob oob;
+ size_t retlen;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_foldchain(inftl=%p,thisVUC=%d,"
+ "pending=%d)\n", inftl, thisVUC, pendingblock);
+
+diff -urNp linux-2.6.38.6/drivers/mtd/inftlmount.c linux-2.6.38.6/drivers/mtd/inftlmount.c
+--- linux-2.6.38.6/drivers/mtd/inftlmount.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/inftlmount.c 2011-05-16 21:47:08.000000000 -0400
+@@ -53,6 +53,8 @@ static int find_boot_record(struct INFTL
+ struct INFTLPartition *ip;
+ size_t retlen;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL3, "INFTL: find_boot_record(inftl=%p)\n", inftl);
+
+ /*
+diff -urNp linux-2.6.38.6/drivers/mtd/lpddr/qinfo_probe.c linux-2.6.38.6/drivers/mtd/lpddr/qinfo_probe.c
+--- linux-2.6.38.6/drivers/mtd/lpddr/qinfo_probe.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/lpddr/qinfo_probe.c 2011-05-16 21:47:08.000000000 -0400
+@@ -106,6 +106,8 @@ static int lpddr_pfow_present(struct map
+ {
+ map_word pfow_val[4];
+
++ pax_track_stack();
++
+ /* Check identification string */
+ pfow_val[0] = map_read(map, map->pfow_base + PFOW_QUERY_STRING_P);
+ pfow_val[1] = map_read(map, map->pfow_base + PFOW_QUERY_STRING_F);
+diff -urNp linux-2.6.38.6/drivers/mtd/mtdchar.c linux-2.6.38.6/drivers/mtd/mtdchar.c
+--- linux-2.6.38.6/drivers/mtd/mtdchar.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/mtdchar.c 2011-05-16 21:47:08.000000000 -0400
+@@ -560,6 +560,8 @@ static int mtd_ioctl(struct file *file,
+ u_long size;
+ struct mtd_info_user info;
+
++ pax_track_stack();
++
+ DEBUG(MTD_DEBUG_LEVEL0, "MTD_ioctl\n");
+
+ size = (cmd & IOCSIZE_MASK) >> IOCSIZE_SHIFT;
diff -urNp linux-2.6.38.6/drivers/mtd/nand/denali.c linux-2.6.38.6/drivers/mtd/nand/denali.c
--- linux-2.6.38.6/drivers/mtd/nand/denali.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/mtd/nand/denali.c 2011-04-28 19:34:15.000000000 -0400
@@ -29824,6 +30778,38 @@ diff -urNp linux-2.6.38.6/drivers/mtd/nand/denali.c linux-2.6.38.6/drivers/mtd/n
#include "denali.h"
+diff -urNp linux-2.6.38.6/drivers/mtd/nftlcore.c linux-2.6.38.6/drivers/mtd/nftlcore.c
+--- linux-2.6.38.6/drivers/mtd/nftlcore.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/nftlcore.c 2011-05-16 21:47:08.000000000 -0400
+@@ -264,6 +264,8 @@ static u16 NFTL_foldchain (struct NFTLre
+ int inplace = 1;
+ size_t retlen;
+
++ pax_track_stack();
++
+ memset(BlockMap, 0xff, sizeof(BlockMap));
+ memset(BlockFreeFound, 0, sizeof(BlockFreeFound));
+
+diff -urNp linux-2.6.38.6/drivers/mtd/nftlmount.c linux-2.6.38.6/drivers/mtd/nftlmount.c
+--- linux-2.6.38.6/drivers/mtd/nftlmount.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/mtd/nftlmount.c 2011-05-18 20:23:44.000000000 -0400
+@@ -24,6 +24,7 @@
+ #include <asm/errno.h>
+ #include <linux/delay.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+ #include <linux/mtd/mtd.h>
+ #include <linux/mtd/nand.h>
+ #include <linux/mtd/nftl.h>
+@@ -45,6 +46,8 @@ static int find_boot_record(struct NFTLr
+ struct mtd_info *mtd = nftl->mbd.mtd;
+ unsigned int i;
+
++ pax_track_stack();
++
+ /* Assume logical EraseSize == physical erasesize for starting the scan.
+ We'll sort it out later if we find a MediaHeader which says otherwise */
+ /* Actually, we won't. The new DiskOnChip driver has already scanned
diff -urNp linux-2.6.38.6/drivers/mtd/ubi/build.c linux-2.6.38.6/drivers/mtd/ubi/build.c
--- linux-2.6.38.6/drivers/mtd/ubi/build.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/mtd/ubi/build.c 2011-04-28 19:34:15.000000000 -0400
@@ -29866,6 +30852,54 @@ diff -urNp linux-2.6.38.6/drivers/mtd/ubi/build.c linux-2.6.38.6/drivers/mtd/ubi
}
/**
+diff -urNp linux-2.6.38.6/drivers/net/bnx2.c linux-2.6.38.6/drivers/net/bnx2.c
+--- linux-2.6.38.6/drivers/net/bnx2.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/bnx2.c 2011-05-16 21:47:08.000000000 -0400
+@@ -5826,6 +5826,8 @@ bnx2_test_nvram(struct bnx2 *bp)
+ int rc = 0;
+ u32 magic, csum;
+
++ pax_track_stack();
++
+ if ((rc = bnx2_nvram_read(bp, 0, data, 4)) != 0)
+ goto test_nvram_done;
+
+diff -urNp linux-2.6.38.6/drivers/net/bnx2x/bnx2x_ethtool.c linux-2.6.38.6/drivers/net/bnx2x/bnx2x_ethtool.c
+--- linux-2.6.38.6/drivers/net/bnx2x/bnx2x_ethtool.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/bnx2x/bnx2x_ethtool.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1788,6 +1788,8 @@ static int bnx2x_test_nvram(struct bnx2x
+ int i, rc;
+ u32 magic, crc;
+
++ pax_track_stack();
++
+ if (BP_NOMCP(bp))
+ return 0;
+
+diff -urNp linux-2.6.38.6/drivers/net/cxgb4/cxgb4_main.c linux-2.6.38.6/drivers/net/cxgb4/cxgb4_main.c
+--- linux-2.6.38.6/drivers/net/cxgb4/cxgb4_main.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/cxgb4/cxgb4_main.c 2011-05-16 21:47:08.000000000 -0400
+@@ -3429,6 +3429,8 @@ static int __devinit enable_msix(struct
+ unsigned int nchan = adap->params.nports;
+ struct msix_entry entries[MAX_INGQ + 1];
+
++ pax_track_stack();
++
+ for (i = 0; i < ARRAY_SIZE(entries); ++i)
+ entries[i].entry = i;
+
+diff -urNp linux-2.6.38.6/drivers/net/cxgb4/t4_hw.c linux-2.6.38.6/drivers/net/cxgb4/t4_hw.c
+--- linux-2.6.38.6/drivers/net/cxgb4/t4_hw.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/cxgb4/t4_hw.c 2011-05-16 21:47:08.000000000 -0400
+@@ -362,6 +362,8 @@ static int get_vpd_params(struct adapter
+ u8 vpd[VPD_LEN], csum;
+ unsigned int vpdr_len, kw_offset, id_len;
+
++ pax_track_stack();
++
+ ret = pci_read_vpd(adapter->pdev, VPD_BASE, sizeof(vpd), vpd);
+ if (ret < 0)
+ return ret;
diff -urNp linux-2.6.38.6/drivers/net/e1000e/82571.c linux-2.6.38.6/drivers/net/e1000e/82571.c
--- linux-2.6.38.6/drivers/net/e1000e/82571.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/e1000e/82571.c 2011-04-28 19:34:15.000000000 -0400
@@ -30052,6 +31086,18 @@ diff -urNp linux-2.6.38.6/drivers/net/e1000e/ich8lan.c linux-2.6.38.6/drivers/ne
.acquire = e1000_acquire_nvm_ich8lan,
.read = e1000_read_nvm_ich8lan,
.release = e1000_release_nvm_ich8lan,
+diff -urNp linux-2.6.38.6/drivers/net/hamradio/6pack.c linux-2.6.38.6/drivers/net/hamradio/6pack.c
+--- linux-2.6.38.6/drivers/net/hamradio/6pack.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/hamradio/6pack.c 2011-05-16 21:47:08.000000000 -0400
+@@ -463,6 +463,8 @@ static void sixpack_receive_buf(struct t
+ unsigned char buf[512];
+ int count1;
+
++ pax_track_stack();
++
+ if (!count)
+ return;
+
diff -urNp linux-2.6.38.6/drivers/net/igb/e1000_82575.c linux-2.6.38.6/drivers/net/igb/e1000_82575.c
--- linux-2.6.38.6/drivers/net/igb/e1000_82575.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/igb/e1000_82575.c 2011-04-28 19:34:15.000000000 -0400
@@ -30141,6 +31187,75 @@ diff -urNp linux-2.6.38.6/drivers/net/igbvf/vf.h linux-2.6.38.6/drivers/net/igbv
struct e1000_mac_operations ops;
u8 addr[6];
u8 perm_addr[6];
+diff -urNp linux-2.6.38.6/drivers/net/ixgb/ixgb_main.c linux-2.6.38.6/drivers/net/ixgb/ixgb_main.c
+--- linux-2.6.38.6/drivers/net/ixgb/ixgb_main.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/ixgb/ixgb_main.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1072,6 +1072,8 @@ ixgb_set_multi(struct net_device *netdev
+ u32 rctl;
+ int i;
+
++ pax_track_stack();
++
+ /* Check for Promiscuous and All Multicast modes */
+
+ rctl = IXGB_READ_REG(hw, RCTL);
+diff -urNp linux-2.6.38.6/drivers/net/ixgb/ixgb_param.c linux-2.6.38.6/drivers/net/ixgb/ixgb_param.c
+--- linux-2.6.38.6/drivers/net/ixgb/ixgb_param.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/ixgb/ixgb_param.c 2011-05-16 21:47:08.000000000 -0400
+@@ -261,6 +261,9 @@ void __devinit
+ ixgb_check_options(struct ixgb_adapter *adapter)
+ {
+ int bd = adapter->bd_number;
++
++ pax_track_stack();
++
+ if (bd >= IXGB_MAX_NIC) {
+ pr_notice("Warning: no configuration for board #%i\n", bd);
+ pr_notice("Using defaults for all values\n");
+diff -urNp linux-2.6.38.6/drivers/net/ksz884x.c linux-2.6.38.6/drivers/net/ksz884x.c
+--- linux-2.6.38.6/drivers/net/ksz884x.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/ksz884x.c 2011-05-16 21:47:08.000000000 -0400
+@@ -6536,6 +6536,8 @@ static void netdev_get_ethtool_stats(str
+ int rc;
+ u64 counter[TOTAL_PORT_COUNTER_NUM];
+
++ pax_track_stack();
++
+ mutex_lock(&hw_priv->lock);
+ n = SWITCH_PORT_NUM;
+ for (i = 0, p = port->first_port; i < port->mib_port_cnt; i++, p++) {
+diff -urNp linux-2.6.38.6/drivers/net/mlx4/main.c linux-2.6.38.6/drivers/net/mlx4/main.c
+--- linux-2.6.38.6/drivers/net/mlx4/main.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/mlx4/main.c 2011-05-18 20:23:44.000000000 -0400
+@@ -39,6 +39,7 @@
+ #include <linux/pci.h>
+ #include <linux/dma-mapping.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+
+ #include <linux/mlx4/device.h>
+ #include <linux/mlx4/doorbell.h>
+@@ -737,6 +738,8 @@ static int mlx4_init_hca(struct mlx4_dev
+ u64 icm_size;
+ int err;
+
++ pax_track_stack();
++
+ err = mlx4_QUERY_FW(dev);
+ if (err) {
+ if (err == -EACCES)
+diff -urNp linux-2.6.38.6/drivers/net/niu.c linux-2.6.38.6/drivers/net/niu.c
+--- linux-2.6.38.6/drivers/net/niu.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/niu.c 2011-05-16 21:47:08.000000000 -0400
+@@ -9067,6 +9067,8 @@ static void __devinit niu_try_msix(struc
+ int i, num_irqs, err;
+ u8 first_ldg;
+
++ pax_track_stack();
++
+ first_ldg = (NIU_NUM_LDG / parent->num_ports) * np->port;
+ for (i = 0; i < (NIU_NUM_LDG / parent->num_ports); i++)
+ ldg_num_map[i] = first_ldg + i;
diff -urNp linux-2.6.38.6/drivers/net/pcnet32.c linux-2.6.38.6/drivers/net/pcnet32.c
--- linux-2.6.38.6/drivers/net/pcnet32.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/pcnet32.c 2011-04-28 19:34:15.000000000 -0400
@@ -30197,6 +31312,18 @@ diff -urNp linux-2.6.38.6/drivers/net/tg3.h linux-2.6.38.6/drivers/net/tg3.h
#define CHIPREV_ID_5750_C2 0x4202
#define CHIPREV_ID_5752_A0_HW 0x5000
#define CHIPREV_ID_5752_A0 0x6000
+diff -urNp linux-2.6.38.6/drivers/net/tulip/de2104x.c linux-2.6.38.6/drivers/net/tulip/de2104x.c
+--- linux-2.6.38.6/drivers/net/tulip/de2104x.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/tulip/de2104x.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1817,6 +1817,8 @@ static void __devinit de21041_get_srom_i
+ struct de_srom_info_leaf *il;
+ void *bufp;
+
++ pax_track_stack();
++
+ /* download entire eeprom */
+ for (i = 0; i < DE_EEPROM_WORDS; i++)
+ ((__le16 *)ee_data)[i] =
diff -urNp linux-2.6.38.6/drivers/net/tulip/de4x5.c linux-2.6.38.6/drivers/net/tulip/de4x5.c
--- linux-2.6.38.6/drivers/net/tulip/de4x5.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/tulip/de4x5.c 2011-04-28 19:34:15.000000000 -0400
@@ -30330,6 +31457,258 @@ diff -urNp linux-2.6.38.6/drivers/net/vmxnet3/vmxnet3_ethtool.c linux-2.6.38.6/d
return -EINVAL;
}
+diff -urNp linux-2.6.38.6/drivers/net/vxge/vxge-main.c linux-2.6.38.6/drivers/net/vxge/vxge-main.c
+--- linux-2.6.38.6/drivers/net/vxge/vxge-main.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/vxge/vxge-main.c 2011-05-16 21:47:08.000000000 -0400
+@@ -97,6 +97,8 @@ static inline void VXGE_COMPLETE_VPATH_T
+ struct sk_buff *completed[NR_SKB_COMPLETED];
+ int more;
+
++ pax_track_stack();
++
+ do {
+ more = 0;
+ skb_ptr = completed;
+@@ -1889,6 +1891,8 @@ static enum vxge_hw_status vxge_rth_conf
+ u8 mtable[256] = {0}; /* CPU to vpath mapping */
+ int index;
+
++ pax_track_stack();
++
+ /*
+ * Filling
+ * - itable with bucket numbers
+diff -urNp linux-2.6.38.6/drivers/net/wan/cycx_x25.c linux-2.6.38.6/drivers/net/wan/cycx_x25.c
+--- linux-2.6.38.6/drivers/net/wan/cycx_x25.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wan/cycx_x25.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1018,6 +1018,8 @@ static void hex_dump(char *msg, unsigned
+ unsigned char hex[1024],
+ * phex = hex;
+
++ pax_track_stack();
++
+ if (len >= (sizeof(hex) / 2))
+ len = (sizeof(hex) / 2) - 1;
+
+diff -urNp linux-2.6.38.6/drivers/net/wimax/i2400m/usb-fw.c linux-2.6.38.6/drivers/net/wimax/i2400m/usb-fw.c
+--- linux-2.6.38.6/drivers/net/wimax/i2400m/usb-fw.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wimax/i2400m/usb-fw.c 2011-05-16 21:47:08.000000000 -0400
+@@ -287,6 +287,8 @@ ssize_t i2400mu_bus_bm_wait_for_ack(stru
+ int do_autopm = 1;
+ DECLARE_COMPLETION_ONSTACK(notif_completion);
+
++ pax_track_stack();
++
+ d_fnstart(8, dev, "(i2400m %p ack %p size %zu)\n",
+ i2400m, ack, ack_size);
+ BUG_ON(_ack == i2400m->bm_ack_buf);
+diff -urNp linux-2.6.38.6/drivers/net/wireless/airo.c linux-2.6.38.6/drivers/net/wireless/airo.c
+--- linux-2.6.38.6/drivers/net/wireless/airo.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/airo.c 2011-05-16 21:47:08.000000000 -0400
+@@ -3001,6 +3001,8 @@ static void airo_process_scan_results (s
+ BSSListElement * loop_net;
+ BSSListElement * tmp_net;
+
++ pax_track_stack();
++
+ /* Blow away current list of scan results */
+ list_for_each_entry_safe (loop_net, tmp_net, &ai->network_list, list) {
+ list_move_tail (&loop_net->list, &ai->network_free_list);
+@@ -3792,6 +3794,8 @@ static u16 setup_card(struct airo_info *
+ WepKeyRid wkr;
+ int rc;
+
++ pax_track_stack();
++
+ memset( &mySsid, 0, sizeof( mySsid ) );
+ kfree (ai->flash);
+ ai->flash = NULL;
+@@ -4760,6 +4764,8 @@ static int proc_stats_rid_open( struct i
+ __le32 *vals = stats.vals;
+ int len;
+
++ pax_track_stack();
++
+ if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
+ return -ENOMEM;
+ data = file->private_data;
+@@ -5483,6 +5489,8 @@ static int proc_BSSList_open( struct ino
+ /* If doLoseSync is not 1, we won't do a Lose Sync */
+ int doLoseSync = -1;
+
++ pax_track_stack();
++
+ if ((file->private_data = kzalloc(sizeof(struct proc_data ), GFP_KERNEL)) == NULL)
+ return -ENOMEM;
+ data = file->private_data;
+@@ -7190,6 +7198,8 @@ static int airo_get_aplist(struct net_de
+ int i;
+ int loseSync = capable(CAP_NET_ADMIN) ? 1: -1;
+
++ pax_track_stack();
++
+ qual = kmalloc(IW_MAX_AP * sizeof(*qual), GFP_KERNEL);
+ if (!qual)
+ return -ENOMEM;
+@@ -7750,6 +7760,8 @@ static void airo_read_wireless_stats(str
+ CapabilityRid cap_rid;
+ __le32 *vals = stats_rid.vals;
+
++ pax_track_stack();
++
+ /* Get stats out of the card */
+ clear_bit(JOB_WSTATS, &local->jobs);
+ if (local->power.event) {
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ath/ath5k/debug.c linux-2.6.38.6/drivers/net/wireless/ath/ath5k/debug.c
+--- linux-2.6.38.6/drivers/net/wireless/ath/ath5k/debug.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ath/ath5k/debug.c 2011-05-16 21:47:08.000000000 -0400
+@@ -204,6 +204,8 @@ static ssize_t read_file_beacon(struct f
+ unsigned int v;
+ u64 tsf;
+
++ pax_track_stack();
++
+ v = ath5k_hw_reg_read(sc->ah, AR5K_BEACON);
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "%-24s0x%08x\tintval: %d\tTIM: 0x%x\n",
+@@ -325,6 +327,8 @@ static ssize_t read_file_debug(struct fi
+ unsigned int len = 0;
+ unsigned int i;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "DEBUG LEVEL: 0x%08x\n\n", sc->debug.level);
+
+@@ -386,6 +390,8 @@ static ssize_t read_file_antenna(struct
+ unsigned int i;
+ unsigned int v;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len, "antenna mode\t%d\n",
+ sc->ah->ah_ant_mode);
+ len += snprintf(buf+len, sizeof(buf)-len, "default antenna\t%d\n",
+@@ -496,6 +502,8 @@ static ssize_t read_file_misc(struct fil
+ unsigned int len = 0;
+ u32 filt = ath5k_hw_get_rx_filter(sc->ah);
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len, "bssid-mask: %pM\n",
+ sc->bssidmask);
+ len += snprintf(buf+len, sizeof(buf)-len, "filter-flags: 0x%x ",
+@@ -552,6 +560,8 @@ static ssize_t read_file_frameerrors(str
+ unsigned int len = 0;
+ int i;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "RX\n---------------------\n");
+ len += snprintf(buf+len, sizeof(buf)-len, "CRC\t%u\t(%u%%)\n",
+@@ -669,6 +679,8 @@ static ssize_t read_file_ani(struct file
+ char buf[700];
+ unsigned int len = 0;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "HW has PHY error counters:\t%s\n",
+ sc->ah->ah_capabilities.cap_has_phyerr_counters ?
+@@ -829,6 +841,8 @@ static ssize_t read_file_queue(struct fi
+ struct ath5k_buf *bf, *bf0;
+ int i, n;
+
++ pax_track_stack();
++
+ len += snprintf(buf+len, sizeof(buf)-len,
+ "available txbuffers: %d\n", sc->txbuf_len);
+
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_calib.c linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_calib.c
+--- linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_calib.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_calib.c 2011-05-16 21:47:08.000000000 -0400
+@@ -734,6 +734,8 @@ static void ar9003_hw_tx_iq_cal(struct a
+ s32 i, j, ip, im, nmeasurement;
+ u8 nchains = get_streams(common->tx_chainmask);
+
++ pax_track_stack();
++
+ for (ip = 0; ip < MPASS; ip++) {
+ REG_RMW_FIELD(ah, AR_PHY_TX_IQCAL_CONTROL_1,
+ AR_PHY_TX_IQCAQL_CONTROL_1_IQCORR_I_Q_COFF_DELPT,
+@@ -856,6 +858,8 @@ static void ar9003_hw_tx_iq_cal_post_pro
+ int i, ip, im, j;
+ int nmeasurement;
+
++ pax_track_stack();
++
+ for (i = 0; i < AR9300_MAX_CHAINS; i++) {
+ if (ah->txchainmask & (1 << i))
+ num_chains++;
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_paprd.c linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_paprd.c
+--- linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_paprd.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ath/ath9k/ar9003_paprd.c 2011-05-16 21:47:08.000000000 -0400
+@@ -356,6 +356,8 @@ static bool create_pa_curve(u32 *data_L,
+ int theta_low_bin = 0;
+ int i;
+
++ pax_track_stack();
++
+ /* disregard any bin that contains <= 16 samples */
+ thresh_accum_cnt = 16;
+ scale_factor = 5;
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ath/ath9k/debug.c linux-2.6.38.6/drivers/net/wireless/ath/ath9k/debug.c
+--- linux-2.6.38.6/drivers/net/wireless/ath/ath9k/debug.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ath/ath9k/debug.c 2011-05-16 21:47:08.000000000 -0400
+@@ -321,6 +321,8 @@ static ssize_t read_file_interrupt(struc
+ char buf[512];
+ unsigned int len = 0;
+
++ pax_track_stack();
++
+ if (sc->sc_ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) {
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "%8s: %10u\n", "RXLP", sc->debug.stats.istats.rxlp);
+@@ -410,6 +412,8 @@ static ssize_t read_file_wiphy(struct fi
+ u8 addr[ETH_ALEN];
+ u32 tmp;
+
++ pax_track_stack();
++
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "primary: %s (%s chan=%d ht=%d)\n",
+ wiphy_name(sc->pri_wiphy->hw->wiphy),
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ath/ath9k/htc_drv_main.c linux-2.6.38.6/drivers/net/wireless/ath/ath9k/htc_drv_main.c
+--- linux-2.6.38.6/drivers/net/wireless/ath/ath9k/htc_drv_main.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ath/ath9k/htc_drv_main.c 2011-05-16 21:47:08.000000000 -0400
+@@ -620,6 +620,8 @@ static ssize_t read_file_tgt_stats(struc
+ unsigned int len = 0;
+ int ret = 0;
+
++ pax_track_stack();
++
+ memset(&cmd_rsp, 0, sizeof(cmd_rsp));
+
+ WMI_CMD(WMI_TGT_STATS_CMDID);
+@@ -665,6 +667,8 @@ static ssize_t read_file_xmit(struct fil
+ char buf[512];
+ unsigned int len = 0;
+
++ pax_track_stack();
++
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "%20s : %10u\n", "Buffers queued",
+ priv->debug.tx_stats.buf_queued);
+@@ -714,6 +718,8 @@ static ssize_t read_file_recv(struct fil
+ char buf[512];
+ unsigned int len = 0;
+
++ pax_track_stack();
++
+ len += snprintf(buf + len, sizeof(buf) - len,
+ "%20s : %10u\n", "SKBs allocated",
+ priv->debug.rx_stats.skb_allocated);
diff -urNp linux-2.6.38.6/drivers/net/wireless/b43/debugfs.c linux-2.6.38.6/drivers/net/wireless/b43/debugfs.c
--- linux-2.6.38.6/drivers/net/wireless/b43/debugfs.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/wireless/b43/debugfs.c 2011-04-28 19:34:15.000000000 -0400
@@ -30354,6 +31733,81 @@ diff -urNp linux-2.6.38.6/drivers/net/wireless/b43legacy/debugfs.c linux-2.6.38.
/* Offset of struct b43legacy_dfs_file in struct b43legacy_dfsentry */
size_t file_struct_offset;
/* Take wl->irq_lock before calling read/write? */
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ipw2x00/ipw2100.c linux-2.6.38.6/drivers/net/wireless/ipw2x00/ipw2100.c
+--- linux-2.6.38.6/drivers/net/wireless/ipw2x00/ipw2100.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ipw2x00/ipw2100.c 2011-05-16 21:47:08.000000000 -0400
+@@ -2101,6 +2101,8 @@ static int ipw2100_set_essid(struct ipw2
+ int err;
+ DECLARE_SSID_BUF(ssid);
+
++ pax_track_stack();
++
+ IPW_DEBUG_HC("SSID: '%s'\n", print_ssid(ssid, essid, ssid_len));
+
+ if (ssid_len)
+@@ -5455,6 +5457,8 @@ static int ipw2100_set_key(struct ipw210
+ struct ipw2100_wep_key *wep_key = (void *)cmd.host_command_parameters;
+ int err;
+
++ pax_track_stack();
++
+ IPW_DEBUG_HC("WEP_KEY_INFO: index = %d, len = %d/%d\n",
+ idx, keylen, len);
+
+diff -urNp linux-2.6.38.6/drivers/net/wireless/ipw2x00/libipw_rx.c linux-2.6.38.6/drivers/net/wireless/ipw2x00/libipw_rx.c
+--- linux-2.6.38.6/drivers/net/wireless/ipw2x00/libipw_rx.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/ipw2x00/libipw_rx.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1565,6 +1565,8 @@ static void libipw_process_probe_respons
+ unsigned long flags;
+ DECLARE_SSID_BUF(ssid);
+
++ pax_track_stack();
++
+ LIBIPW_DEBUG_SCAN("'%s' (%pM"
+ "): %c%c%c%c %c%c%c%c-%c%c%c%c %c%c%c%c\n",
+ print_ssid(ssid, info_element->data, info_element->len),
+diff -urNp linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-agn-rs.c linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-agn-rs.c
+--- linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-agn-rs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-agn-rs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -883,6 +883,8 @@ static void rs_tx_status(void *priv_r, s
+ struct iwl_station_priv *sta_priv = (void *)sta->drv_priv;
+ struct iwl_rxon_context *ctx = sta_priv->common.ctx;
+
++ pax_track_stack();
++
+ IWL_DEBUG_RATE_LIMIT(priv, "get frame ack response, update rate scale window\n");
+
+ /* Treat uninitialized rate scaling data same as non-existing. */
+@@ -2892,6 +2894,8 @@ static void rs_fill_link_cmd(struct iwl_
+ u8 valid_tx_ant = 0;
+ struct iwl_link_quality_cmd *lq_cmd = &lq_sta->lq;
+
++ pax_track_stack();
++
+ /* Override starting rate (index 0) if needed for debug purposes */
+ rs_dbgfs_set_mcs(lq_sta, &new_rate, index);
+
+diff -urNp linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debugfs.c linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debugfs.c
+--- linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debugfs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debugfs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -518,6 +518,8 @@ static ssize_t iwl_dbgfs_status_read(str
+ int pos = 0;
+ const size_t bufsz = sizeof(buf);
+
++ pax_track_stack();
++
+ pos += scnprintf(buf + pos, bufsz - pos, "STATUS_HCMD_ACTIVE:\t %d\n",
+ test_bit(STATUS_HCMD_ACTIVE, &priv->status));
+ pos += scnprintf(buf + pos, bufsz - pos, "STATUS_INT_ENABLED:\t %d\n",
+@@ -650,6 +652,8 @@ static ssize_t iwl_dbgfs_qos_read(struct
+ char buf[256 * NUM_IWL_RXON_CTX];
+ const size_t bufsz = sizeof(buf);
+
++ pax_track_stack();
++
+ for_each_context(priv, ctx) {
+ pos += scnprintf(buf + pos, bufsz - pos, "context %d:\n",
+ ctx->ctxid);
diff -urNp linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debug.h linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debug.h
--- linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debug.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debug.h 2011-04-28 19:34:15.000000000 -0400
@@ -30368,6 +31822,18 @@ diff -urNp linux-2.6.38.6/drivers/net/wireless/iwlwifi/iwl-debug.h linux-2.6.38.
static inline void iwl_print_hex_dump(struct iwl_priv *priv, int level,
const void *p, u32 len)
{}
+diff -urNp linux-2.6.38.6/drivers/net/wireless/iwmc3200wifi/debugfs.c linux-2.6.38.6/drivers/net/wireless/iwmc3200wifi/debugfs.c
+--- linux-2.6.38.6/drivers/net/wireless/iwmc3200wifi/debugfs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/iwmc3200wifi/debugfs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -327,6 +327,8 @@ static ssize_t iwm_debugfs_fw_err_read(s
+ int buf_len = 512;
+ size_t len = 0;
+
++ pax_track_stack();
++
+ if (*ppos != 0)
+ return 0;
+ if (count < sizeof(buf))
diff -urNp linux-2.6.38.6/drivers/net/wireless/libertas/debugfs.c linux-2.6.38.6/drivers/net/wireless/libertas/debugfs.c
--- linux-2.6.38.6/drivers/net/wireless/libertas/debugfs.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/net/wireless/libertas/debugfs.c 2011-04-28 19:34:15.000000000 -0400
@@ -30392,6 +31858,30 @@ diff -urNp linux-2.6.38.6/drivers/net/wireless/rndis_wlan.c linux-2.6.38.6/drive
rts_threshold = 2347;
tmp = cpu_to_le32(rts_threshold);
+diff -urNp linux-2.6.38.6/drivers/net/wireless/rtlwifi/rtl8192ce/phy.c linux-2.6.38.6/drivers/net/wireless/rtlwifi/rtl8192ce/phy.c
+--- linux-2.6.38.6/drivers/net/wireless/rtlwifi/rtl8192ce/phy.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/rtlwifi/rtl8192ce/phy.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1277,6 +1277,8 @@ static bool _rtl92c_phy_sw_chnl_step_by_
+ u8 rfpath;
+ u8 num_total_rfpath = rtlphy->num_total_rfpath;
+
++ pax_track_stack();
++
+ precommoncmdcnt = 0;
+ _rtl92c_phy_set_sw_chnl_cmdarray(precommoncmd, precommoncmdcnt++,
+ MAX_PRECMD_CNT,
+diff -urNp linux-2.6.38.6/drivers/net/wireless/wl12xx/spi.c linux-2.6.38.6/drivers/net/wireless/wl12xx/spi.c
+--- linux-2.6.38.6/drivers/net/wireless/wl12xx/spi.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/net/wireless/wl12xx/spi.c 2011-05-16 21:47:08.000000000 -0400
+@@ -279,6 +279,8 @@ static void wl1271_spi_raw_write(struct
+ u32 chunk_len;
+ int i;
+
++ pax_track_stack();
++
+ WARN_ON(len > WL1271_AGGR_BUFFER_SIZE);
+
+ spi_message_init(&m);
diff -urNp linux-2.6.38.6/drivers/oprofile/buffer_sync.c linux-2.6.38.6/drivers/oprofile/buffer_sync.c
--- linux-2.6.38.6/drivers/oprofile/buffer_sync.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/oprofile/buffer_sync.c 2011-04-28 19:34:15.000000000 -0400
@@ -30633,6 +32123,54 @@ diff -urNp linux-2.6.38.6/drivers/pci/proc.c linux-2.6.38.6/drivers/pci/proc.c
proc_create("devices", 0, proc_bus_pci_dir,
&proc_bus_pci_dev_operations);
proc_initialized = 1;
+diff -urNp linux-2.6.38.6/drivers/pci/xen-pcifront.c linux-2.6.38.6/drivers/pci/xen-pcifront.c
+--- linux-2.6.38.6/drivers/pci/xen-pcifront.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/pci/xen-pcifront.c 2011-05-16 21:47:08.000000000 -0400
+@@ -187,6 +187,8 @@ static int pcifront_bus_read(struct pci_
+ struct pcifront_sd *sd = bus->sysdata;
+ struct pcifront_device *pdev = pcifront_get_pdev(sd);
+
++ pax_track_stack();
++
+ if (verbose_request)
+ dev_info(&pdev->xdev->dev,
+ "read dev=%04x:%02x:%02x.%01x - offset %x size %d\n",
+@@ -226,6 +228,8 @@ static int pcifront_bus_write(struct pci
+ struct pcifront_sd *sd = bus->sysdata;
+ struct pcifront_device *pdev = pcifront_get_pdev(sd);
+
++ pax_track_stack();
++
+ if (verbose_request)
+ dev_info(&pdev->xdev->dev,
+ "write dev=%04x:%02x:%02x.%01x - "
+@@ -258,6 +262,8 @@ static int pci_frontend_enable_msix(stru
+ struct pcifront_device *pdev = pcifront_get_pdev(sd);
+ struct msi_desc *entry;
+
++ pax_track_stack();
++
+ if (nvec > SH_INFO_MAX_VEC) {
+ dev_err(&dev->dev, "too much vector for pci frontend: %x."
+ " Increase SH_INFO_MAX_VEC.\n", nvec);
+@@ -303,6 +309,8 @@ static void pci_frontend_disable_msix(st
+ struct pcifront_sd *sd = dev->bus->sysdata;
+ struct pcifront_device *pdev = pcifront_get_pdev(sd);
+
++ pax_track_stack();
++
+ err = do_pci_op(pdev, &op);
+
+ /* What should do for error ? */
+@@ -322,6 +330,8 @@ static int pci_frontend_enable_msi(struc
+ struct pcifront_sd *sd = dev->bus->sysdata;
+ struct pcifront_device *pdev = pcifront_get_pdev(sd);
+
++ pax_track_stack();
++
+ err = do_pci_op(pdev, &op);
+ if (likely(!err)) {
+ *(*vector) = op.value;
diff -urNp linux-2.6.38.6/drivers/platform/x86/asus-laptop.c linux-2.6.38.6/drivers/platform/x86/asus-laptop.c
--- linux-2.6.38.6/drivers/platform/x86/asus-laptop.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/platform/x86/asus-laptop.c 2011-04-28 19:34:15.000000000 -0400
@@ -30756,6 +32294,17 @@ diff -urNp linux-2.6.38.6/drivers/s390/cio/qdio_debug.c linux-2.6.38.6/drivers/s
.owner = THIS_MODULE,
.open = qperf_seq_open,
.read = seq_read,
+diff -urNp linux-2.6.38.6/drivers/scsi/aacraid/commctrl.c linux-2.6.38.6/drivers/scsi/aacraid/commctrl.c
+--- linux-2.6.38.6/drivers/scsi/aacraid/commctrl.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/aacraid/commctrl.c 2011-05-16 21:47:08.000000000 -0400
+@@ -481,6 +481,7 @@ static int aac_send_raw_srb(struct aac_d
+ u32 actual_fibsize64, actual_fibsize = 0;
+ int i;
+
++ pax_track_stack();
+
+ if (dev->in_reset) {
+ dprintk((KERN_DEBUG"aacraid: send raw srb -EBUSY\n"));
diff -urNp linux-2.6.38.6/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.38.6/drivers/scsi/aic94xx/aic94xx_init.c
--- linux-2.6.38.6/drivers/scsi/aic94xx/aic94xx_init.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/scsi/aic94xx/aic94xx_init.c 2011-04-28 19:34:15.000000000 -0400
@@ -30768,6 +32317,170 @@ diff -urNp linux-2.6.38.6/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.38.6/dri
asd_show_update_bios, asd_store_update_bios);
static int asd_create_dev_attrs(struct asd_ha_struct *asd_ha)
+diff -urNp linux-2.6.38.6/drivers/scsi/bfa/bfad.c linux-2.6.38.6/drivers/scsi/bfa/bfad.c
+--- linux-2.6.38.6/drivers/scsi/bfa/bfad.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/bfa/bfad.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1027,6 +1027,8 @@ bfad_start_ops(struct bfad_s *bfad) {
+ struct bfad_vport_s *vport, *vport_new;
+ struct bfa_fcs_driver_info_s driver_info;
+
++ pax_track_stack();
++
+ /* Fill the driver_info info to fcs*/
+ memset(&driver_info, 0, sizeof(driver_info));
+ strncpy(driver_info.version, BFAD_DRIVER_VERSION,
+diff -urNp linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_lport.c linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_lport.c
+--- linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_lport.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_lport.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1559,6 +1559,8 @@ bfa_fcs_lport_fdmi_build_rhba_pyld(struc
+ u16 len, count;
+ u16 templen;
+
++ pax_track_stack();
++
+ /*
+ * get hba attributes
+ */
+@@ -1836,6 +1838,8 @@ bfa_fcs_lport_fdmi_build_portattr_block(
+ u8 count = 0;
+ u16 templen;
+
++ pax_track_stack();
++
+ /*
+ * get port attributes
+ */
+diff -urNp linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_rport.c linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_rport.c
+--- linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_rport.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/bfa/bfa_fcs_rport.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1844,6 +1844,8 @@ bfa_fcs_rport_process_rpsc(struct bfa_fc
+ struct fc_rpsc_speed_info_s speeds;
+ struct bfa_port_attr_s pport_attr;
+
++ pax_track_stack();
++
+ bfa_trc(port->fcs, rx_fchs->s_id);
+ bfa_trc(port->fcs, rx_fchs->d_id);
+
+diff -urNp linux-2.6.38.6/drivers/scsi/BusLogic.c linux-2.6.38.6/drivers/scsi/BusLogic.c
+--- linux-2.6.38.6/drivers/scsi/BusLogic.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/BusLogic.c 2011-05-16 21:47:08.000000000 -0400
+@@ -962,6 +962,8 @@ static int __init BusLogic_InitializeFla
+ static void __init BusLogic_InitializeProbeInfoList(struct BusLogic_HostAdapter
+ *PrototypeHostAdapter)
+ {
++ pax_track_stack();
++
+ /*
+ If a PCI BIOS is present, interrogate it for MultiMaster and FlashPoint
+ Host Adapters; otherwise, default to the standard ISA MultiMaster probe.
+diff -urNp linux-2.6.38.6/drivers/scsi/dpt_i2o.c linux-2.6.38.6/drivers/scsi/dpt_i2o.c
+--- linux-2.6.38.6/drivers/scsi/dpt_i2o.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/dpt_i2o.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1811,6 +1811,8 @@ static int adpt_i2o_passthru(adpt_hba* p
+ dma_addr_t addr;
+ ulong flags = 0;
+
++ pax_track_stack();
++
+ memset(&msg, 0, MAX_MESSAGE_SIZE*4);
+ // get user msg size in u32s
+ if(get_user(size, &user_msg[0])){
+@@ -2317,6 +2319,8 @@ static s32 adpt_scsi_to_i2o(adpt_hba* pH
+ s32 rcode;
+ dma_addr_t addr;
+
++ pax_track_stack();
++
+ memset(msg, 0 , sizeof(msg));
+ len = scsi_bufflen(cmd);
+ direction = 0x00000000;
+diff -urNp linux-2.6.38.6/drivers/scsi/eata.c linux-2.6.38.6/drivers/scsi/eata.c
+--- linux-2.6.38.6/drivers/scsi/eata.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/eata.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1087,6 +1087,8 @@ static int port_detect(unsigned long por
+ struct hostdata *ha;
+ char name[16];
+
++ pax_track_stack();
++
+ sprintf(name, "%s%d", driver_name, j);
+
+ if (!request_region(port_base, REGION_SIZE, driver_name)) {
+diff -urNp linux-2.6.38.6/drivers/scsi/fcoe/libfcoe.c linux-2.6.38.6/drivers/scsi/fcoe/libfcoe.c
+--- linux-2.6.38.6/drivers/scsi/fcoe/libfcoe.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/fcoe/libfcoe.c 2011-05-16 21:47:08.000000000 -0400
+@@ -2484,6 +2484,8 @@ static int fcoe_ctlr_vn_recv(struct fcoe
+ } buf;
+ int rc;
+
++ pax_track_stack();
++
+ fiph = (struct fip_header *)skb->data;
+ sub = fiph->fip_subcode;
+
+diff -urNp linux-2.6.38.6/drivers/scsi/gdth.c linux-2.6.38.6/drivers/scsi/gdth.c
+--- linux-2.6.38.6/drivers/scsi/gdth.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/gdth.c 2011-05-16 21:47:08.000000000 -0400
+@@ -4107,6 +4107,8 @@ static int ioc_lockdrv(void __user *arg)
+ unsigned long flags;
+ gdth_ha_str *ha;
+
++ pax_track_stack();
++
+ if (copy_from_user(&ldrv, arg, sizeof(gdth_ioctl_lockdrv)))
+ return -EFAULT;
+ ha = gdth_find_ha(ldrv.ionode);
+@@ -4139,6 +4141,8 @@ static int ioc_resetdrv(void __user *arg
+ gdth_ha_str *ha;
+ int rval;
+
++ pax_track_stack();
++
+ if (copy_from_user(&res, arg, sizeof(gdth_ioctl_reset)) ||
+ res.number >= MAX_HDRIVES)
+ return -EFAULT;
+@@ -4174,6 +4178,8 @@ static int ioc_general(void __user *arg,
+ gdth_ha_str *ha;
+ int rval;
+
++ pax_track_stack();
++
+ if (copy_from_user(&gen, arg, sizeof(gdth_ioctl_general)))
+ return -EFAULT;
+ ha = gdth_find_ha(gen.ionode);
+@@ -4642,6 +4648,9 @@ static void gdth_flush(gdth_ha_str *ha)
+ int i;
+ gdth_cmd_str gdtcmd;
+ char cmnd[MAX_COMMAND_SIZE];
++
++ pax_track_stack();
++
+ memset(cmnd, 0xff, MAX_COMMAND_SIZE);
+
+ TRACE2(("gdth_flush() hanum %d\n", ha->hanum));
+diff -urNp linux-2.6.38.6/drivers/scsi/gdth_proc.c linux-2.6.38.6/drivers/scsi/gdth_proc.c
+--- linux-2.6.38.6/drivers/scsi/gdth_proc.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/gdth_proc.c 2011-05-16 21:47:08.000000000 -0400
+@@ -47,6 +47,9 @@ static int gdth_set_asc_info(struct Scsi
+ u64 paddr;
+
+ char cmnd[MAX_COMMAND_SIZE];
++
++ pax_track_stack();
++
+ memset(cmnd, 0xff, 12);
+ memset(&gdtcmd, 0, sizeof(gdth_cmd_str));
+
+@@ -175,6 +178,8 @@ static int gdth_get_info(char *buffer,ch
+ gdth_hget_str *phg;
+ char cmnd[MAX_COMMAND_SIZE];
+
++ pax_track_stack();
++
+ gdtcmd = kmalloc(sizeof(*gdtcmd), GFP_KERNEL);
+ estr = kmalloc(sizeof(*estr), GFP_KERNEL);
+ if (!gdtcmd || !estr)
diff -urNp linux-2.6.38.6/drivers/scsi/hosts.c linux-2.6.38.6/drivers/scsi/hosts.c
--- linux-2.6.38.6/drivers/scsi/hosts.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/scsi/hosts.c 2011-04-28 19:57:25.000000000 -0400
@@ -30951,7 +32664,7 @@ diff -urNp linux-2.6.38.6/drivers/scsi/libsas/sas_ata.c linux-2.6.38.6/drivers/s
.qc_defer = ata_std_qc_defer,
diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c
--- linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c 2011-05-16 21:47:08.000000000 -0400
@@ -125,7 +125,7 @@ struct lpfc_debug {
int len;
};
@@ -30979,7 +32692,16 @@ diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.38.6/driver
(lpfc_debugfs_max_slow_ring_trc - 1);
for (i = index; i < lpfc_debugfs_max_slow_ring_trc; i++) {
dtp = phba->slow_ring_trc + i;
-@@ -635,14 +635,14 @@ lpfc_debugfs_disc_trc(struct lpfc_vport
+@@ -398,6 +398,8 @@ lpfc_debugfs_dumpHBASlim_data(struct lpf
+ uint32_t *ptr;
+ char buffer[1024];
+
++ pax_track_stack();
++
+ off = 0;
+ spin_lock_irq(&phba->hbalock);
+
+@@ -635,14 +637,14 @@ lpfc_debugfs_disc_trc(struct lpfc_vport
!vport || !vport->disc_trc)
return;
@@ -30996,7 +32718,7 @@ diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.38.6/driver
dtp->jif = jiffies;
#endif
return;
-@@ -673,14 +673,14 @@ lpfc_debugfs_slow_ring_trc(struct lpfc_h
+@@ -673,14 +675,14 @@ lpfc_debugfs_slow_ring_trc(struct lpfc_h
!phba || !phba->slow_ring_trc)
return;
@@ -31013,7 +32735,7 @@ diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.38.6/driver
dtp->jif = jiffies;
#endif
return;
-@@ -1365,7 +1365,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
+@@ -1365,7 +1367,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
"slow_ring buffer\n");
goto debug_failed;
}
@@ -31022,7 +32744,7 @@ diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_debugfs.c linux-2.6.38.6/driver
memset(phba->slow_ring_trc, 0,
(sizeof(struct lpfc_debugfs_trc) *
lpfc_debugfs_max_slow_ring_trc));
-@@ -1411,7 +1411,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
+@@ -1411,7 +1413,7 @@ lpfc_debugfs_initialize(struct lpfc_vpor
"buffer\n");
goto debug_failed;
}
@@ -31117,6 +32839,30 @@ diff -urNp linux-2.6.38.6/drivers/scsi/lpfc/lpfc_scsi.c linux-2.6.38.6/drivers/s
}
/**
+diff -urNp linux-2.6.38.6/drivers/scsi/megaraid/megaraid_mbox.c linux-2.6.38.6/drivers/scsi/megaraid/megaraid_mbox.c
+--- linux-2.6.38.6/drivers/scsi/megaraid/megaraid_mbox.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/megaraid/megaraid_mbox.c 2011-05-16 21:47:08.000000000 -0400
+@@ -3510,6 +3510,8 @@ megaraid_cmm_register(adapter_t *adapter
+ int rval;
+ int i;
+
++ pax_track_stack();
++
+ // Allocate memory for the base list of scb for management module.
+ adapter->uscb_list = kcalloc(MBOX_MAX_USER_CMDS, sizeof(scb_t), GFP_KERNEL);
+
+diff -urNp linux-2.6.38.6/drivers/scsi/osd/osd_initiator.c linux-2.6.38.6/drivers/scsi/osd/osd_initiator.c
+--- linux-2.6.38.6/drivers/scsi/osd/osd_initiator.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/osd/osd_initiator.c 2011-05-16 21:47:08.000000000 -0400
+@@ -97,6 +97,8 @@ static int _osd_get_print_system_info(st
+ int nelem = ARRAY_SIZE(get_attrs), a = 0;
+ int ret;
+
++ pax_track_stack();
++
+ or = osd_start_request(od, GFP_KERNEL);
+ if (!or)
+ return -ENOMEM;
diff -urNp linux-2.6.38.6/drivers/scsi/pmcraid.c linux-2.6.38.6/drivers/scsi/pmcraid.c
--- linux-2.6.38.6/drivers/scsi/pmcraid.c 2011-05-10 22:06:29.000000000 -0400
+++ linux-2.6.38.6/drivers/scsi/pmcraid.c 2011-05-10 22:08:57.000000000 -0400
@@ -31298,6 +33044,27 @@ diff -urNp linux-2.6.38.6/drivers/scsi/scsi.c linux-2.6.38.6/drivers/scsi/scsi.c
/* check if the device is still usable */
if (unlikely(cmd->device->sdev_state == SDEV_DEL)) {
+diff -urNp linux-2.6.38.6/drivers/scsi/scsi_debug.c linux-2.6.38.6/drivers/scsi/scsi_debug.c
+--- linux-2.6.38.6/drivers/scsi/scsi_debug.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/scsi_debug.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1476,6 +1476,8 @@ static int resp_mode_select(struct scsi_
+ unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
+ unsigned char *cmd = (unsigned char *)scp->cmnd;
+
++ pax_track_stack();
++
+ if ((errsts = check_readiness(scp, 1, devip)))
+ return errsts;
+ memset(arr, 0, sizeof(arr));
+@@ -1573,6 +1575,8 @@ static int resp_log_sense(struct scsi_cm
+ unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
+ unsigned char *cmd = (unsigned char *)scp->cmnd;
+
++ pax_track_stack();
++
+ if ((errsts = check_readiness(scp, 1, devip)))
+ return errsts;
+ memset(arr, 0, sizeof(arr));
diff -urNp linux-2.6.38.6/drivers/scsi/scsi_lib.c linux-2.6.38.6/drivers/scsi/scsi_lib.c
--- linux-2.6.38.6/drivers/scsi/scsi_lib.c 2011-05-10 22:06:29.000000000 -0400
+++ linux-2.6.38.6/drivers/scsi/scsi_lib.c 2011-05-10 22:08:57.000000000 -0400
@@ -31454,6 +33221,30 @@ diff -urNp linux-2.6.38.6/drivers/scsi/sg.c linux-2.6.38.6/drivers/scsi/sg.c
sg_proc_sgp = proc_mkdir(sg_proc_sg_dirname, NULL);
if (!sg_proc_sgp)
+diff -urNp linux-2.6.38.6/drivers/scsi/sym53c8xx_2/sym_glue.c linux-2.6.38.6/drivers/scsi/sym53c8xx_2/sym_glue.c
+--- linux-2.6.38.6/drivers/scsi/sym53c8xx_2/sym_glue.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/sym53c8xx_2/sym_glue.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1756,6 +1756,8 @@ static int __devinit sym2_probe(struct p
+ int do_iounmap = 0;
+ int do_disable_device = 1;
+
++ pax_track_stack();
++
+ memset(&sym_dev, 0, sizeof(sym_dev));
+ memset(&nvram, 0, sizeof(nvram));
+ sym_dev.pdev = pdev;
+diff -urNp linux-2.6.38.6/drivers/scsi/vmw_pvscsi.c linux-2.6.38.6/drivers/scsi/vmw_pvscsi.c
+--- linux-2.6.38.6/drivers/scsi/vmw_pvscsi.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/scsi/vmw_pvscsi.c 2011-05-16 21:47:08.000000000 -0400
+@@ -447,6 +447,8 @@ static void pvscsi_setup_all_rings(const
+ dma_addr_t base;
+ unsigned i;
+
++ pax_track_stack();
++
+ cmd.ringsStatePPN = adapter->ringStatePA >> PAGE_SHIFT;
+ cmd.reqRingNumPages = adapter->req_pages;
+ cmd.cmpRingNumPages = adapter->cmp_pages;
diff -urNp linux-2.6.38.6/drivers/spi/spi.c linux-2.6.38.6/drivers/spi/spi.c
--- linux-2.6.38.6/drivers/spi/spi.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/spi/spi.c 2011-05-11 18:34:57.000000000 -0400
@@ -31950,6 +33741,81 @@ diff -urNp linux-2.6.38.6/drivers/staging/westbridge/astoria/block/cyasblkdev_bl
.open = cyasblkdev_blk_open,
.release = cyasblkdev_blk_release,
.ioctl = cyasblkdev_blk_ioctl,
+diff -urNp linux-2.6.38.6/drivers/target/target_core_alua.c linux-2.6.38.6/drivers/target/target_core_alua.c
+--- linux-2.6.38.6/drivers/target/target_core_alua.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/target/target_core_alua.c 2011-05-16 21:47:08.000000000 -0400
+@@ -675,6 +675,8 @@ static int core_alua_update_tpg_primary_
+ char path[ALUA_METADATA_PATH_LEN];
+ int len;
+
++ pax_track_stack();
++
+ memset(path, 0, ALUA_METADATA_PATH_LEN);
+
+ len = snprintf(md_buf, tg_pt_gp->tg_pt_gp_md_buf_len,
+@@ -938,6 +940,8 @@ static int core_alua_update_tpg_secondar
+ char path[ALUA_METADATA_PATH_LEN], wwn[ALUA_SECONDARY_METADATA_WWN_LEN];
+ int len;
+
++ pax_track_stack();
++
+ memset(path, 0, ALUA_METADATA_PATH_LEN);
+ memset(wwn, 0, ALUA_SECONDARY_METADATA_WWN_LEN);
+
+diff -urNp linux-2.6.38.6/drivers/target/target_core_cdb.c linux-2.6.38.6/drivers/target/target_core_cdb.c
+--- linux-2.6.38.6/drivers/target/target_core_cdb.c 2011-04-18 17:27:14.000000000 -0400
++++ linux-2.6.38.6/drivers/target/target_core_cdb.c 2011-05-16 21:47:08.000000000 -0400
+@@ -838,6 +838,8 @@ target_emulate_modesense(struct se_cmd *
+ int length = 0;
+ unsigned char buf[SE_MODE_PAGE_BUF];
+
++ pax_track_stack();
++
+ memset(buf, 0, SE_MODE_PAGE_BUF);
+
+ switch (cdb[2] & 0x3f) {
+diff -urNp linux-2.6.38.6/drivers/target/target_core_configfs.c linux-2.6.38.6/drivers/target/target_core_configfs.c
+--- linux-2.6.38.6/drivers/target/target_core_configfs.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/target/target_core_configfs.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1279,6 +1279,8 @@ static ssize_t target_core_dev_pr_show_a
+ ssize_t len = 0;
+ int reg_count = 0, prf_isid;
+
++ pax_track_stack();
++
+ if (!(su_dev->se_dev_ptr))
+ return -ENODEV;
+
+diff -urNp linux-2.6.38.6/drivers/target/target_core_pr.c linux-2.6.38.6/drivers/target/target_core_pr.c
+--- linux-2.6.38.6/drivers/target/target_core_pr.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/target/target_core_pr.c 2011-05-16 21:47:08.000000000 -0400
+@@ -918,6 +918,8 @@ static int __core_scsi3_check_aptpl_regi
+ unsigned char t_port[PR_APTPL_MAX_TPORT_LEN];
+ u16 tpgt;
+
++ pax_track_stack();
++
+ memset(i_port, 0, PR_APTPL_MAX_IPORT_LEN);
+ memset(t_port, 0, PR_APTPL_MAX_TPORT_LEN);
+ /*
+@@ -1861,6 +1863,8 @@ static int __core_scsi3_update_aptpl_buf
+ ssize_t len = 0;
+ int reg_count = 0;
+
++ pax_track_stack();
++
+ memset(buf, 0, pr_aptpl_buf_len);
+ /*
+ * Called to clear metadata once APTPL has been deactivated.
+@@ -1983,6 +1987,8 @@ static int __core_scsi3_write_aptpl_to_f
+ char path[512];
+ int ret;
+
++ pax_track_stack();
++
+ memset(iov, 0, sizeof(struct iovec));
+ memset(path, 0, 512);
+
diff -urNp linux-2.6.38.6/drivers/target/target_core_tmr.c linux-2.6.38.6/drivers/target/target_core_tmr.c
--- linux-2.6.38.6/drivers/target/target_core_tmr.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/target/target_core_tmr.c 2011-04-28 19:57:25.000000000 -0400
@@ -32058,6 +33924,18 @@ diff -urNp linux-2.6.38.6/drivers/target/target_core_transport.c linux-2.6.38.6/
atomic_read(&T_TASK(cmd)->t_transport_active),
atomic_read(&T_TASK(cmd)->t_transport_stop),
atomic_read(&T_TASK(cmd)->t_transport_sent));
+diff -urNp linux-2.6.38.6/drivers/telephony/ixj.c linux-2.6.38.6/drivers/telephony/ixj.c
+--- linux-2.6.38.6/drivers/telephony/ixj.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/telephony/ixj.c 2011-05-16 21:47:08.000000000 -0400
+@@ -4976,6 +4976,8 @@ static int ixj_daa_cid_read(IXJ *j)
+ bool mContinue;
+ char *pIn, *pOut;
+
++ pax_track_stack();
++
+ if (!SCI_Prepare(j))
+ return 0;
+
diff -urNp linux-2.6.38.6/drivers/tty/hvc/hvc_console.h linux-2.6.38.6/drivers/tty/hvc/hvc_console.h
--- linux-2.6.38.6/drivers/tty/hvc/hvc_console.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/tty/hvc/hvc_console.h 2011-04-28 19:34:15.000000000 -0400
@@ -32292,6 +34170,18 @@ diff -urNp linux-2.6.38.6/drivers/tty/serial/kgdboc.c linux-2.6.38.6/drivers/tty
.name = "kgdboc",
.read_char = kgdboc_get_char,
.write_char = kgdboc_put_char,
+diff -urNp linux-2.6.38.6/drivers/tty/serial/mrst_max3110.c linux-2.6.38.6/drivers/tty/serial/mrst_max3110.c
+--- linux-2.6.38.6/drivers/tty/serial/mrst_max3110.c 2011-04-18 17:27:14.000000000 -0400
++++ linux-2.6.38.6/drivers/tty/serial/mrst_max3110.c 2011-05-16 21:47:08.000000000 -0400
+@@ -393,6 +393,8 @@ static void max3110_con_receive(struct u
+ int loop = 1, num, total = 0;
+ u8 recv_buf[512], *pbuf;
+
++ pax_track_stack();
++
+ pbuf = recv_buf;
+ do {
+ num = max3110_read_multi(max, pbuf);
diff -urNp linux-2.6.38.6/drivers/tty/tty_io.c linux-2.6.38.6/drivers/tty/tty_io.c
--- linux-2.6.38.6/drivers/tty/tty_io.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/tty/tty_io.c 2011-04-28 19:34:15.000000000 -0400
@@ -32829,6 +34719,18 @@ diff -urNp linux-2.6.38.6/drivers/usb/early/ehci-dbgp.c linux-2.6.38.6/drivers/u
.name = "kgdbdbgp",
.read_char = kgdbdbgp_read_char,
.write_char = kgdbdbgp_write_char,
+diff -urNp linux-2.6.38.6/drivers/usb/host/xhci-mem.c linux-2.6.38.6/drivers/usb/host/xhci-mem.c
+--- linux-2.6.38.6/drivers/usb/host/xhci-mem.c 2011-04-22 19:20:59.000000000 -0400
++++ linux-2.6.38.6/drivers/usb/host/xhci-mem.c 2011-05-16 21:47:08.000000000 -0400
+@@ -1616,6 +1616,8 @@ static int xhci_check_trb_in_td_math(str
+ unsigned int num_tests;
+ int i, ret;
+
++ pax_track_stack();
++
+ num_tests = ARRAY_SIZE(simple_test_vector);
+ for (i = 0; i < num_tests; i++) {
+ ret = xhci_test_trb_in_td(xhci,
diff -urNp linux-2.6.38.6/drivers/usb/mon/mon_main.c linux-2.6.38.6/drivers/usb/mon/mon_main.c
--- linux-2.6.38.6/drivers/usb/mon/mon_main.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/drivers/usb/mon/mon_main.c 2011-04-28 19:34:15.000000000 -0400
@@ -32901,7 +34803,7 @@ diff -urNp linux-2.6.38.6/drivers/video/fbcmap.c linux-2.6.38.6/drivers/video/fb
}
diff -urNp linux-2.6.38.6/drivers/video/fbmem.c linux-2.6.38.6/drivers/video/fbmem.c
--- linux-2.6.38.6/drivers/video/fbmem.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/drivers/video/fbmem.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/drivers/video/fbmem.c 2011-05-16 21:47:08.000000000 -0400
@@ -403,7 +403,7 @@ static void fb_do_show_logo(struct fb_in
image->dx += image->width + 8;
}
@@ -32920,7 +34822,25 @@ diff -urNp linux-2.6.38.6/drivers/video/fbmem.c linux-2.6.38.6/drivers/video/fbm
info->fbops->fb_imageblit(info, image);
image->dy -= image->height + 8;
}
-@@ -1101,7 +1101,7 @@ static long do_fb_ioctl(struct fb_info *
+@@ -897,6 +897,8 @@ fb_set_var(struct fb_info *info, struct
+ int flags = info->flags;
+ int ret = 0;
+
++ pax_track_stack();
++
+ if (var->activate & FB_ACTIVATE_INV_MODE) {
+ struct fb_videomode mode1, mode2;
+
+@@ -1022,6 +1024,8 @@ static long do_fb_ioctl(struct fb_info *
+ void __user *argp = (void __user *)arg;
+ long ret = 0;
+
++ pax_track_stack();
++
+ switch (cmd) {
+ case FBIOGET_VSCREENINFO:
+ if (!lock_fb_info(info))
+@@ -1101,7 +1105,7 @@ static long do_fb_ioctl(struct fb_info *
return -EFAULT;
if (con2fb.console < 1 || con2fb.console > MAX_NR_CONSOLES)
return -EINVAL;
@@ -33222,6 +35142,18 @@ diff -urNp linux-2.6.38.6/drivers/video/vesafb.c linux-2.6.38.6/drivers/video/ve
if (info->screen_base)
iounmap(info->screen_base);
framebuffer_release(info);
+diff -urNp linux-2.6.38.6/drivers/virtio/virtio_balloon.c linux-2.6.38.6/drivers/virtio/virtio_balloon.c
+--- linux-2.6.38.6/drivers/virtio/virtio_balloon.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/drivers/virtio/virtio_balloon.c 2011-05-16 21:47:08.000000000 -0400
+@@ -176,6 +176,8 @@ static void update_balloon_stats(struct
+ struct sysinfo i;
+ int idx = 0;
+
++ pax_track_stack();
++
+ all_vm_events(events);
+ si_meminfo(&i);
+
diff -urNp linux-2.6.38.6/fs/9p/vfs_inode.c linux-2.6.38.6/fs/9p/vfs_inode.c
--- linux-2.6.38.6/fs/9p/vfs_inode.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/9p/vfs_inode.c 2011-04-28 19:34:15.000000000 -0400
@@ -33236,7 +35168,7 @@ diff -urNp linux-2.6.38.6/fs/9p/vfs_inode.c linux-2.6.38.6/fs/9p/vfs_inode.c
IS_ERR(s) ? "<error>" : s);
diff -urNp linux-2.6.38.6/fs/aio.c linux-2.6.38.6/fs/aio.c
--- linux-2.6.38.6/fs/aio.c 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/fs/aio.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/fs/aio.c 2011-05-16 21:47:08.000000000 -0400
@@ -130,7 +130,7 @@ static int aio_setup_ring(struct kioctx
size += sizeof(struct io_event) * nr_events;
nr_pages = (size + PAGE_SIZE-1) >> PAGE_SHIFT;
@@ -33246,6 +35178,15 @@ diff -urNp linux-2.6.38.6/fs/aio.c linux-2.6.38.6/fs/aio.c
return -EINVAL;
nr_events = (PAGE_SIZE * nr_pages - sizeof(struct aio_ring)) / sizeof(struct io_event);
+@@ -1099,6 +1099,8 @@ static int read_events(struct kioctx *ct
+ struct aio_timeout to;
+ int retry = 0;
+
++ pax_track_stack();
++
+ /* needed to zero any padding within an entry (there shouldn't be
+ * any, but C is fun!
+ */
diff -urNp linux-2.6.38.6/fs/attr.c linux-2.6.38.6/fs/attr.c
--- linux-2.6.38.6/fs/attr.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/attr.c 2011-04-28 19:34:15.000000000 -0400
@@ -33350,7 +35291,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_aout.c linux-2.6.38.6/fs/binfmt_aout.c
up_write(&current->mm->mmap_sem);
diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
--- linux-2.6.38.6/fs/binfmt_elf.c 2011-04-22 19:20:59.000000000 -0400
-+++ linux-2.6.38.6/fs/binfmt_elf.c 2011-05-02 19:07:09.000000000 -0400
++++ linux-2.6.38.6/fs/binfmt_elf.c 2011-05-16 21:47:08.000000000 -0400
@@ -51,6 +51,10 @@ static int elf_core_dump(struct coredump
#define elf_core_dump NULL
#endif
@@ -33392,7 +35333,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
return 0;
}
-@@ -148,12 +159,13 @@ create_elf_tables(struct linux_binprm *b
+@@ -148,12 +159,15 @@ create_elf_tables(struct linux_binprm *b
elf_addr_t __user *u_rand_bytes;
const char *k_platform = ELF_PLATFORM;
const char *k_base_platform = ELF_BASE_PLATFORM;
@@ -33404,10 +35345,12 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
const struct cred *cred = current_cred();
struct vm_area_struct *vma;
+ unsigned long saved_auxv[AT_VECTOR_SIZE];
++
++ pax_track_stack();
/*
* In some cases (e.g. Hyper-Threading), we want to avoid L1
-@@ -195,8 +207,12 @@ create_elf_tables(struct linux_binprm *b
+@@ -195,8 +209,12 @@ create_elf_tables(struct linux_binprm *b
* Generate 16 random bytes for userspace PRNG seeding.
*/
get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
@@ -33422,7 +35365,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
return -EFAULT;
-@@ -308,9 +324,11 @@ create_elf_tables(struct linux_binprm *b
+@@ -308,9 +326,11 @@ create_elf_tables(struct linux_binprm *b
return -EFAULT;
current->mm->env_end = p;
@@ -33435,7 +35378,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
return -EFAULT;
return 0;
}
-@@ -381,10 +399,10 @@ static unsigned long load_elf_interp(str
+@@ -381,10 +401,10 @@ static unsigned long load_elf_interp(str
{
struct elf_phdr *elf_phdata;
struct elf_phdr *eppnt;
@@ -33448,7 +35391,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
unsigned long total_size;
int retval, i, size;
-@@ -430,6 +448,11 @@ static unsigned long load_elf_interp(str
+@@ -430,6 +450,11 @@ static unsigned long load_elf_interp(str
goto out_close;
}
@@ -33460,7 +35403,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
eppnt = elf_phdata;
for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
if (eppnt->p_type == PT_LOAD) {
-@@ -473,8 +496,8 @@ static unsigned long load_elf_interp(str
+@@ -473,8 +498,8 @@ static unsigned long load_elf_interp(str
k = load_addr + eppnt->p_vaddr;
if (BAD_ADDR(k) ||
eppnt->p_filesz > eppnt->p_memsz ||
@@ -33471,7 +35414,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
error = -ENOMEM;
goto out_close;
}
-@@ -528,6 +551,193 @@ out:
+@@ -528,6 +553,193 @@ out:
return error;
}
@@ -33665,7 +35608,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
/*
* These are the functions used to load ELF style executables and shared
* libraries. There is no binary dependent code anywhere else.
-@@ -544,6 +754,11 @@ static unsigned long randomize_stack_top
+@@ -544,6 +756,11 @@ static unsigned long randomize_stack_top
{
unsigned int random_variable = 0;
@@ -33677,7 +35620,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if ((current->flags & PF_RANDOMIZE) &&
!(current->personality & ADDR_NO_RANDOMIZE)) {
random_variable = get_random_int() & STACK_RND_MASK;
-@@ -562,7 +777,7 @@ static int load_elf_binary(struct linux_
+@@ -562,7 +779,7 @@ static int load_elf_binary(struct linux_
unsigned long load_addr = 0, load_bias = 0;
int load_addr_set = 0;
char * elf_interpreter = NULL;
@@ -33686,7 +35629,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
struct elf_phdr *elf_ppnt, *elf_phdata;
unsigned long elf_bss, elf_brk;
int retval, i;
-@@ -572,11 +787,11 @@ static int load_elf_binary(struct linux_
+@@ -572,11 +789,11 @@ static int load_elf_binary(struct linux_
unsigned long start_code, end_code, start_data, end_data;
unsigned long reloc_func_desc = 0;
int executable_stack = EXSTACK_DEFAULT;
@@ -33699,7 +35642,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
loc = kmalloc(sizeof(*loc), GFP_KERNEL);
if (!loc) {
-@@ -714,11 +929,81 @@ static int load_elf_binary(struct linux_
+@@ -714,11 +931,81 @@ static int load_elf_binary(struct linux_
/* OK, This is the point of no return */
current->flags &= ~PF_FORKNOEXEC;
@@ -33782,7 +35725,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if (elf_read_implies_exec(loc->elf_ex, executable_stack))
current->personality |= READ_IMPLIES_EXEC;
-@@ -800,6 +1085,20 @@ static int load_elf_binary(struct linux_
+@@ -800,6 +1087,20 @@ static int load_elf_binary(struct linux_
#else
load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
#endif
@@ -33803,7 +35746,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
}
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
-@@ -832,9 +1131,9 @@ static int load_elf_binary(struct linux_
+@@ -832,9 +1133,9 @@ static int load_elf_binary(struct linux_
* allowed task size. Note that p_filesz must always be
* <= p_memsz so it is only necessary to check p_memsz.
*/
@@ -33816,7 +35759,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
/* set_brk can never work. Avoid overflows. */
send_sig(SIGKILL, current, 0);
retval = -EINVAL;
-@@ -862,6 +1161,11 @@ static int load_elf_binary(struct linux_
+@@ -862,6 +1163,11 @@ static int load_elf_binary(struct linux_
start_data += load_bias;
end_data += load_bias;
@@ -33828,7 +35771,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
/* Calling set_brk effectively mmaps the pages that we need
* for the bss and break sections. We must do this before
* mapping in the interpreter, to make sure it doesn't wind
-@@ -873,9 +1177,11 @@ static int load_elf_binary(struct linux_
+@@ -873,9 +1179,11 @@ static int load_elf_binary(struct linux_
goto out_free_dentry;
}
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
@@ -33843,7 +35786,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
}
if (elf_interpreter) {
-@@ -1090,7 +1396,7 @@ out:
+@@ -1090,7 +1398,7 @@ out:
* Decide what to dump of a segment, part, all or none.
*/
static unsigned long vma_dump_size(struct vm_area_struct *vma,
@@ -33852,7 +35795,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
{
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
-@@ -1124,7 +1430,7 @@ static unsigned long vma_dump_size(struc
+@@ -1124,7 +1432,7 @@ static unsigned long vma_dump_size(struc
if (vma->vm_file == NULL)
return 0;
@@ -33861,7 +35804,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
goto whole;
/*
-@@ -1346,9 +1652,9 @@ static void fill_auxv_note(struct memelf
+@@ -1346,9 +1654,9 @@ static void fill_auxv_note(struct memelf
{
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
int i = 0;
@@ -33873,7 +35816,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
}
-@@ -1854,14 +2160,14 @@ static void fill_extnum_info(struct elfh
+@@ -1854,14 +2162,14 @@ static void fill_extnum_info(struct elfh
}
static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
@@ -33890,7 +35833,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
return size;
}
-@@ -1955,7 +2261,7 @@ static int elf_core_dump(struct coredump
+@@ -1955,7 +2263,7 @@ static int elf_core_dump(struct coredump
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
@@ -33899,7 +35842,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
offset += elf_core_extra_data_size();
e_shoff = offset;
-@@ -1969,10 +2275,12 @@ static int elf_core_dump(struct coredump
+@@ -1969,10 +2277,12 @@ static int elf_core_dump(struct coredump
offset = dataoff;
size += sizeof(*elf);
@@ -33912,7 +35855,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if (size > cprm->limit
|| !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
goto end_coredump;
-@@ -1986,7 +2294,7 @@ static int elf_core_dump(struct coredump
+@@ -1986,7 +2296,7 @@ static int elf_core_dump(struct coredump
phdr.p_offset = offset;
phdr.p_vaddr = vma->vm_start;
phdr.p_paddr = 0;
@@ -33921,7 +35864,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
phdr.p_memsz = vma->vm_end - vma->vm_start;
offset += phdr.p_filesz;
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
-@@ -1997,6 +2305,7 @@ static int elf_core_dump(struct coredump
+@@ -1997,6 +2307,7 @@ static int elf_core_dump(struct coredump
phdr.p_align = ELF_EXEC_PAGESIZE;
size += sizeof(phdr);
@@ -33929,7 +35872,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if (size > cprm->limit
|| !dump_write(cprm->file, &phdr, sizeof(phdr)))
goto end_coredump;
-@@ -2021,7 +2330,7 @@ static int elf_core_dump(struct coredump
+@@ -2021,7 +2332,7 @@ static int elf_core_dump(struct coredump
unsigned long addr;
unsigned long end;
@@ -33938,7 +35881,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
struct page *page;
-@@ -2030,6 +2339,7 @@ static int elf_core_dump(struct coredump
+@@ -2030,6 +2341,7 @@ static int elf_core_dump(struct coredump
page = get_dump_page(addr);
if (page) {
void *kaddr = kmap(page);
@@ -33946,7 +35889,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
stop = ((size += PAGE_SIZE) > cprm->limit) ||
!dump_write(cprm->file, kaddr,
PAGE_SIZE);
-@@ -2047,6 +2357,7 @@ static int elf_core_dump(struct coredump
+@@ -2047,6 +2359,7 @@ static int elf_core_dump(struct coredump
if (e_phnum == PN_XNUM) {
size += sizeof(*shdr4extnum);
@@ -33954,7 +35897,7 @@ diff -urNp linux-2.6.38.6/fs/binfmt_elf.c linux-2.6.38.6/fs/binfmt_elf.c
if (size > cprm->limit
|| !dump_write(cprm->file, shdr4extnum,
sizeof(*shdr4extnum)))
-@@ -2067,6 +2378,97 @@ out:
+@@ -2067,6 +2380,97 @@ out:
#endif /* CONFIG_ELF_CORE */
@@ -34747,7 +36690,7 @@ diff -urNp linux-2.6.38.6/fs/compat_binfmt_elf.c linux-2.6.38.6/fs/compat_binfmt
/*
diff -urNp linux-2.6.38.6/fs/compat.c linux-2.6.38.6/fs/compat.c
--- linux-2.6.38.6/fs/compat.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/compat.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/fs/compat.c 2011-05-16 21:47:08.000000000 -0400
@@ -594,7 +594,7 @@ ssize_t compat_rw_copy_check_uvector(int
goto out;
@@ -34927,6 +36870,15 @@ diff -urNp linux-2.6.38.6/fs/compat.c linux-2.6.38.6/fs/compat.c
out:
if (bprm->mm) {
acct_arg_size(bprm, 0);
+@@ -1712,6 +1787,8 @@ int compat_core_sys_select(int n, compat
+ struct fdtable *fdt;
+ long stack_fds[SELECT_STACK_ALLOC/sizeof(long)];
+
++ pax_track_stack();
++
+ if (n < 0)
+ goto out_nofds;
+
diff -urNp linux-2.6.38.6/fs/compat_ioctl.c linux-2.6.38.6/fs/compat_ioctl.c
--- linux-2.6.38.6/fs/compat_ioctl.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/compat_ioctl.c 2011-04-28 19:34:15.000000000 -0400
@@ -35707,7 +37659,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/ext4.h linux-2.6.38.6/fs/ext4/ext4.h
/* locality groups */
diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
--- linux-2.6.38.6/fs/ext4/mballoc.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/ext4/mballoc.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/fs/ext4/mballoc.c 2011-05-16 21:47:08.000000000 -0400
@@ -1846,7 +1846,7 @@ void ext4_mb_simple_scan_group(struct ex
BUG_ON(ac->ac_b_ex.fe_len != ac->ac_g_ex.fe_len);
@@ -35726,7 +37678,16 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
goto repeat;
}
}
-@@ -2606,25 +2606,25 @@ int ext4_mb_release(struct super_block *
+@@ -2183,6 +2183,8 @@ static int ext4_mb_seq_groups_show(struc
+ ext4_grpblk_t counters[16];
+ } sg;
+
++ pax_track_stack();
++
+ group--;
+ if (group == 0)
+ seq_printf(seq, "#%-5s: %-5s %-5s %-5s "
+@@ -2606,25 +2608,25 @@ int ext4_mb_release(struct super_block *
if (sbi->s_mb_stats) {
printk(KERN_INFO
"EXT4-fs: mballoc: %u blocks %u reqs (%u success)\n",
@@ -35762,7 +37723,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
}
free_percpu(sbi->s_locality_groups);
-@@ -3100,16 +3100,16 @@ static void ext4_mb_collect_stats(struct
+@@ -3100,16 +3102,16 @@ static void ext4_mb_collect_stats(struct
struct ext4_sb_info *sbi = EXT4_SB(ac->ac_sb);
if (sbi->s_mb_stats && ac->ac_g_ex.fe_len > 1) {
@@ -35785,7 +37746,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
}
if (ac->ac_op == EXT4_MB_HISTORY_ALLOC)
-@@ -3507,7 +3507,7 @@ ext4_mb_new_inode_pa(struct ext4_allocat
+@@ -3507,7 +3509,7 @@ ext4_mb_new_inode_pa(struct ext4_allocat
trace_ext4_mb_new_inode_pa(ac, pa);
ext4_mb_use_inode_pa(ac, pa);
@@ -35794,7 +37755,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
ei = EXT4_I(ac->ac_inode);
grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group);
-@@ -3567,7 +3567,7 @@ ext4_mb_new_group_pa(struct ext4_allocat
+@@ -3567,7 +3569,7 @@ ext4_mb_new_group_pa(struct ext4_allocat
trace_ext4_mb_new_group_pa(ac, pa);
ext4_mb_use_group_pa(ac, pa);
@@ -35803,7 +37764,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group);
lg = ac->ac_lg;
-@@ -3654,7 +3654,7 @@ ext4_mb_release_inode_pa(struct ext4_bud
+@@ -3654,7 +3656,7 @@ ext4_mb_release_inode_pa(struct ext4_bud
* from the bitmap and continue.
*/
}
@@ -35812,7 +37773,7 @@ diff -urNp linux-2.6.38.6/fs/ext4/mballoc.c linux-2.6.38.6/fs/ext4/mballoc.c
return err;
}
-@@ -3672,7 +3672,7 @@ ext4_mb_release_group_pa(struct ext4_bud
+@@ -3672,7 +3674,7 @@ ext4_mb_release_group_pa(struct ext4_bud
ext4_get_group_no_and_offset(sb, pa->pa_pstart, &group, &bit);
BUG_ON(group != e4b->bd_group && pa->pa_len != 0);
mb_free_blocks(pa->pa_inode, e4b, bit, pa->pa_len);
@@ -37539,8 +39500,17 @@ diff -urNp linux-2.6.38.6/fs/fuse/fuse_i.h linux-2.6.38.6/fs/fuse/fuse_i.h
*/
diff -urNp linux-2.6.38.6/fs/gfs2/ops_inode.c linux-2.6.38.6/fs/gfs2/ops_inode.c
--- linux-2.6.38.6/fs/gfs2/ops_inode.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/gfs2/ops_inode.c 2011-05-11 18:34:57.000000000 -0400
-@@ -1019,7 +1019,7 @@ out:
++++ linux-2.6.38.6/fs/gfs2/ops_inode.c 2011-05-16 21:47:08.000000000 -0400
+@@ -740,6 +740,8 @@ static int gfs2_rename(struct inode *odi
+ unsigned int x;
+ int error;
+
++ pax_track_stack();
++
+ if (ndentry->d_inode) {
+ nip = GFS2_I(ndentry->d_inode);
+ if (ip == nip)
+@@ -1019,7 +1021,7 @@ out:
static void gfs2_put_link(struct dentry *dentry, struct nameidata *nd, void *p)
{
@@ -37549,6 +39519,102 @@ diff -urNp linux-2.6.38.6/fs/gfs2/ops_inode.c linux-2.6.38.6/fs/gfs2/ops_inode.c
if (!IS_ERR(s))
kfree(s);
}
+diff -urNp linux-2.6.38.6/fs/hfsplus/catalog.c linux-2.6.38.6/fs/hfsplus/catalog.c
+--- linux-2.6.38.6/fs/hfsplus/catalog.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/hfsplus/catalog.c 2011-05-16 21:47:08.000000000 -0400
+@@ -179,6 +179,8 @@ int hfsplus_find_cat(struct super_block
+ int err;
+ u16 type;
+
++ pax_track_stack();
++
+ hfsplus_cat_build_key(sb, fd->search_key, cnid, NULL);
+ err = hfs_brec_read(fd, &tmp, sizeof(hfsplus_cat_entry));
+ if (err)
+@@ -210,6 +212,8 @@ int hfsplus_create_cat(u32 cnid, struct
+ int entry_size;
+ int err;
+
++ pax_track_stack();
++
+ dprint(DBG_CAT_MOD, "create_cat: %s,%u(%d)\n",
+ str->name, cnid, inode->i_nlink);
+ hfs_find_init(HFSPLUS_SB(sb)->cat_tree, &fd);
+@@ -349,6 +353,8 @@ int hfsplus_rename_cat(u32 cnid,
+ int entry_size, type;
+ int err = 0;
+
++ pax_track_stack();
++
+ dprint(DBG_CAT_MOD, "rename_cat: %u - %lu,%s - %lu,%s\n",
+ cnid, src_dir->i_ino, src_name->name,
+ dst_dir->i_ino, dst_name->name);
+diff -urNp linux-2.6.38.6/fs/hfsplus/dir.c linux-2.6.38.6/fs/hfsplus/dir.c
+--- linux-2.6.38.6/fs/hfsplus/dir.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/hfsplus/dir.c 2011-05-16 21:47:08.000000000 -0400
+@@ -129,6 +129,8 @@ static int hfsplus_readdir(struct file *
+ struct hfsplus_readdir_data *rd;
+ u16 type;
+
++ pax_track_stack();
++
+ if (filp->f_pos >= inode->i_size)
+ return 0;
+
+diff -urNp linux-2.6.38.6/fs/hfsplus/inode.c linux-2.6.38.6/fs/hfsplus/inode.c
+--- linux-2.6.38.6/fs/hfsplus/inode.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/hfsplus/inode.c 2011-05-16 21:47:08.000000000 -0400
+@@ -491,6 +491,8 @@ int hfsplus_cat_read_inode(struct inode
+ int res = 0;
+ u16 type;
+
++ pax_track_stack();
++
+ type = hfs_bnode_read_u16(fd->bnode, fd->entryoffset);
+
+ HFSPLUS_I(inode)->linkid = 0;
+@@ -554,6 +556,8 @@ int hfsplus_cat_write_inode(struct inode
+ struct hfs_find_data fd;
+ hfsplus_cat_entry entry;
+
++ pax_track_stack();
++
+ if (HFSPLUS_IS_RSRC(inode))
+ main_inode = HFSPLUS_I(inode)->rsrc_inode;
+
+diff -urNp linux-2.6.38.6/fs/hfsplus/ioctl.c linux-2.6.38.6/fs/hfsplus/ioctl.c
+--- linux-2.6.38.6/fs/hfsplus/ioctl.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/hfsplus/ioctl.c 2011-05-16 21:47:08.000000000 -0400
+@@ -122,6 +122,8 @@ int hfsplus_setxattr(struct dentry *dent
+ struct hfsplus_cat_file *file;
+ int res;
+
++ pax_track_stack();
++
+ if (!S_ISREG(inode->i_mode) || HFSPLUS_IS_RSRC(inode))
+ return -EOPNOTSUPP;
+
+@@ -166,6 +168,8 @@ ssize_t hfsplus_getxattr(struct dentry *
+ struct hfsplus_cat_file *file;
+ ssize_t res = 0;
+
++ pax_track_stack();
++
+ if (!S_ISREG(inode->i_mode) || HFSPLUS_IS_RSRC(inode))
+ return -EOPNOTSUPP;
+
+diff -urNp linux-2.6.38.6/fs/hfsplus/super.c linux-2.6.38.6/fs/hfsplus/super.c
+--- linux-2.6.38.6/fs/hfsplus/super.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/hfsplus/super.c 2011-05-16 21:47:08.000000000 -0400
+@@ -340,6 +340,8 @@ static int hfsplus_fill_super(struct sup
+ struct nls_table *nls = NULL;
+ int err;
+
++ pax_track_stack();
++
+ err = -EINVAL;
+ sbi = kzalloc(sizeof(*sbi), GFP_KERNEL);
+ if (!sbi)
diff -urNp linux-2.6.38.6/fs/hugetlbfs/inode.c linux-2.6.38.6/fs/hugetlbfs/inode.c
--- linux-2.6.38.6/fs/hugetlbfs/inode.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/hugetlbfs/inode.c 2011-04-28 19:34:15.000000000 -0400
@@ -37575,6 +39641,51 @@ diff -urNp linux-2.6.38.6/fs/inode.c linux-2.6.38.6/fs/inode.c
res = next - LAST_INO_BATCH;
}
+diff -urNp linux-2.6.38.6/fs/jbd/checkpoint.c linux-2.6.38.6/fs/jbd/checkpoint.c
+--- linux-2.6.38.6/fs/jbd/checkpoint.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/jbd/checkpoint.c 2011-05-16 21:47:08.000000000 -0400
+@@ -350,6 +350,8 @@ int log_do_checkpoint(journal_t *journal
+ tid_t this_tid;
+ int result;
+
++ pax_track_stack();
++
+ jbd_debug(1, "Start checkpoint\n");
+
+ /*
+diff -urNp linux-2.6.38.6/fs/jffs2/compr_rtime.c linux-2.6.38.6/fs/jffs2/compr_rtime.c
+--- linux-2.6.38.6/fs/jffs2/compr_rtime.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/jffs2/compr_rtime.c 2011-05-16 21:47:08.000000000 -0400
+@@ -37,6 +37,8 @@ static int jffs2_rtime_compress(unsigned
+ int outpos = 0;
+ int pos=0;
+
++ pax_track_stack();
++
+ memset(positions,0,sizeof(positions));
+
+ while (pos < (*sourcelen) && outpos <= (*dstlen)-2) {
+@@ -78,6 +80,8 @@ static int jffs2_rtime_decompress(unsign
+ int outpos = 0;
+ int pos=0;
+
++ pax_track_stack();
++
+ memset(positions,0,sizeof(positions));
+
+ while (outpos<destlen) {
+diff -urNp linux-2.6.38.6/fs/jffs2/compr_rubin.c linux-2.6.38.6/fs/jffs2/compr_rubin.c
+--- linux-2.6.38.6/fs/jffs2/compr_rubin.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/jffs2/compr_rubin.c 2011-05-16 21:47:08.000000000 -0400
+@@ -314,6 +314,8 @@ static int jffs2_dynrubin_compress(unsig
+ int ret;
+ uint32_t mysrclen, mydstlen;
+
++ pax_track_stack();
++
+ mysrclen = *sourcelen;
+ mydstlen = *dstlen - 8;
+
diff -urNp linux-2.6.38.6/fs/jffs2/erase.c linux-2.6.38.6/fs/jffs2/erase.c
--- linux-2.6.38.6/fs/jffs2/erase.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/jffs2/erase.c 2011-04-28 19:34:15.000000000 -0400
@@ -37601,6 +39712,18 @@ diff -urNp linux-2.6.38.6/fs/jffs2/wbuf.c linux-2.6.38.6/fs/jffs2/wbuf.c
};
/*
+diff -urNp linux-2.6.38.6/fs/jffs2/xattr.c linux-2.6.38.6/fs/jffs2/xattr.c
+--- linux-2.6.38.6/fs/jffs2/xattr.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/jffs2/xattr.c 2011-05-16 21:47:08.000000000 -0400
+@@ -773,6 +773,8 @@ void jffs2_build_xattr_subsystem(struct
+
+ BUG_ON(!(c->flags & JFFS2_SB_FLAG_BUILDING));
+
++ pax_track_stack();
++
+ /* Phase.1 : Merge same xref */
+ for (i=0; i < XREF_TMPHASH_SIZE; i++)
+ xref_tmphash[i] = NULL;
diff -urNp linux-2.6.38.6/fs/Kconfig.binfmt linux-2.6.38.6/fs/Kconfig.binfmt
--- linux-2.6.38.6/fs/Kconfig.binfmt 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/Kconfig.binfmt 2011-04-28 19:34:15.000000000 -0400
@@ -37642,7 +39765,7 @@ diff -urNp linux-2.6.38.6/fs/libfs.c linux-2.6.38.6/fs/libfs.c
dt_type(next->d_inode)) < 0)
diff -urNp linux-2.6.38.6/fs/lockd/clntproc.c linux-2.6.38.6/fs/lockd/clntproc.c
--- linux-2.6.38.6/fs/lockd/clntproc.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/lockd/clntproc.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/fs/lockd/clntproc.c 2011-05-16 21:47:08.000000000 -0400
@@ -36,11 +36,11 @@ static const struct rpc_call_ops nlmclnt
/*
* Cookie counter for NLM requests
@@ -37657,6 +39780,15 @@ diff -urNp linux-2.6.38.6/fs/lockd/clntproc.c linux-2.6.38.6/fs/lockd/clntproc.c
memcpy(c->data, &cookie, 4);
c->len=4;
+@@ -620,6 +620,8 @@ nlmclnt_reclaim(struct nlm_host *host, s
+ struct nlm_rqst reqst, *req;
+ int status;
+
++ pax_track_stack();
++
+ req = &reqst;
+ memset(req, 0, sizeof(*req));
+ locks_init_lock(&req->a_args.lock.fl);
diff -urNp linux-2.6.38.6/fs/lockd/svc.c linux-2.6.38.6/fs/lockd/svc.c
--- linux-2.6.38.6/fs/lockd/svc.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/lockd/svc.c 2011-04-28 19:34:15.000000000 -0400
@@ -37693,9 +39825,21 @@ diff -urNp linux-2.6.38.6/fs/locks.c linux-2.6.38.6/fs/locks.c
}
lock_flocks();
+diff -urNp linux-2.6.38.6/fs/logfs/super.c linux-2.6.38.6/fs/logfs/super.c
+--- linux-2.6.38.6/fs/logfs/super.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/logfs/super.c 2011-05-16 21:47:08.000000000 -0400
+@@ -266,6 +266,8 @@ static int logfs_recover_sb(struct super
+ struct logfs_disk_super _ds1, *ds1 = &_ds1;
+ int err, valid0, valid1;
+
++ pax_track_stack();
++
+ /* read first superblock */
+ err = wbuf_read(sb, super->s_sb_ofs[0], sizeof(*ds0), ds0);
+ if (err)
diff -urNp linux-2.6.38.6/fs/namei.c linux-2.6.38.6/fs/namei.c
--- linux-2.6.38.6/fs/namei.c 2011-04-22 19:20:59.000000000 -0400
-+++ linux-2.6.38.6/fs/namei.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/fs/namei.c 2011-05-16 21:47:08.000000000 -0400
@@ -226,14 +226,6 @@ int generic_permission(struct inode *ino
return ret;
@@ -38131,7 +40275,16 @@ diff -urNp linux-2.6.38.6/fs/namei.c linux-2.6.38.6/fs/namei.c
out_drop_write:
mnt_drop_write(nd.path.mnt);
out_dput:
-@@ -3404,6 +3556,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -3348,6 +3500,8 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+ char *to;
+ int error;
+
++ pax_track_stack();
++
+ error = user_path_parent(olddfd, oldname, &oldnd, &from);
+ if (error)
+ goto exit;
+@@ -3404,6 +3558,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
if (new_dentry == trap)
goto exit5;
@@ -38144,7 +40297,7 @@ diff -urNp linux-2.6.38.6/fs/namei.c linux-2.6.38.6/fs/namei.c
error = mnt_want_write(oldnd.path.mnt);
if (error)
goto exit5;
-@@ -3413,6 +3571,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -3413,6 +3573,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
goto exit6;
error = vfs_rename(old_dir->d_inode, old_dentry,
new_dir->d_inode, new_dentry);
@@ -38154,7 +40307,7 @@ diff -urNp linux-2.6.38.6/fs/namei.c linux-2.6.38.6/fs/namei.c
exit6:
mnt_drop_write(oldnd.path.mnt);
exit5:
-@@ -3438,6 +3599,8 @@ SYSCALL_DEFINE2(rename, const char __use
+@@ -3438,6 +3601,8 @@ SYSCALL_DEFINE2(rename, const char __use
int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
{
@@ -38163,7 +40316,7 @@ diff -urNp linux-2.6.38.6/fs/namei.c linux-2.6.38.6/fs/namei.c
int len;
len = PTR_ERR(link);
-@@ -3447,7 +3610,14 @@ int vfs_readlink(struct dentry *dentry,
+@@ -3447,7 +3612,14 @@ int vfs_readlink(struct dentry *dentry,
len = strlen(link);
if (len > (unsigned) buflen)
len = buflen;
@@ -38242,6 +40395,66 @@ diff -urNp linux-2.6.38.6/fs/namespace.c linux-2.6.38.6/fs/namespace.c
get_fs_root(current->fs, &root);
down_write(&namespace_sem);
mutex_lock(&old.dentry->d_inode->i_mutex);
+diff -urNp linux-2.6.38.6/fs/ncpfs/dir.c linux-2.6.38.6/fs/ncpfs/dir.c
+--- linux-2.6.38.6/fs/ncpfs/dir.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/ncpfs/dir.c 2011-05-16 21:47:09.000000000 -0400
+@@ -299,6 +299,8 @@ ncp_lookup_validate(struct dentry *dentr
+ int res, val = 0, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ if (dentry == dentry->d_sb->s_root)
+ return 1;
+
+@@ -844,6 +846,8 @@ static struct dentry *ncp_lookup(struct
+ int error, res, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ error = -EIO;
+ if (!ncp_conn_valid(server))
+ goto finished;
+@@ -931,6 +935,8 @@ int ncp_create_new(struct inode *dir, st
+ PPRINTK("ncp_create_new: creating %s/%s, mode=%x\n",
+ dentry->d_parent->d_name.name, dentry->d_name.name, mode);
+
++ pax_track_stack();
++
+ ncp_age_dentry(server, dentry);
+ len = sizeof(__name);
+ error = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+@@ -992,6 +998,8 @@ static int ncp_mkdir(struct inode *dir,
+ int error, len;
+ __u8 __name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ DPRINTK("ncp_mkdir: making %s/%s\n",
+ dentry->d_parent->d_name.name, dentry->d_name.name);
+
+@@ -1135,6 +1143,8 @@ static int ncp_rename(struct inode *old_
+ int old_len, new_len;
+ __u8 __old_name[NCP_MAXPATHLEN + 1], __new_name[NCP_MAXPATHLEN + 1];
+
++ pax_track_stack();
++
+ DPRINTK("ncp_rename: %s/%s to %s/%s\n",
+ old_dentry->d_parent->d_name.name, old_dentry->d_name.name,
+ new_dentry->d_parent->d_name.name, new_dentry->d_name.name);
+diff -urNp linux-2.6.38.6/fs/ncpfs/inode.c linux-2.6.38.6/fs/ncpfs/inode.c
+--- linux-2.6.38.6/fs/ncpfs/inode.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/ncpfs/inode.c 2011-05-16 21:47:09.000000000 -0400
+@@ -461,6 +461,8 @@ static int ncp_fill_super(struct super_b
+ #endif
+ struct ncp_entry_info finfo;
+
++ pax_track_stack();
++
+ data.wdog_pid = NULL;
+ server = kzalloc(sizeof(struct ncp_server), GFP_KERNEL);
+ if (!server)
diff -urNp linux-2.6.38.6/fs/nfs/inode.c linux-2.6.38.6/fs/nfs/inode.c
--- linux-2.6.38.6/fs/nfs/inode.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/nfs/inode.c 2011-04-28 19:34:15.000000000 -0400
@@ -38277,6 +40490,30 @@ diff -urNp linux-2.6.38.6/fs/nfsd/lockd.c linux-2.6.38.6/fs/nfsd/lockd.c
.fopen = nlm_fopen, /* open file for locking */
.fclose = nlm_fclose, /* close file */
};
+diff -urNp linux-2.6.38.6/fs/nfsd/nfs4state.c linux-2.6.38.6/fs/nfsd/nfs4state.c
+--- linux-2.6.38.6/fs/nfsd/nfs4state.c 2011-05-10 22:06:27.000000000 -0400
++++ linux-2.6.38.6/fs/nfsd/nfs4state.c 2011-05-16 21:47:09.000000000 -0400
+@@ -3783,6 +3783,8 @@ nfsd4_lock(struct svc_rqst *rqstp, struc
+ unsigned int strhashval;
+ int err;
+
++ pax_track_stack();
++
+ dprintk("NFSD: nfsd4_lock: start=%Ld length=%Ld\n",
+ (long long) lock->lk_offset,
+ (long long) lock->lk_length);
+diff -urNp linux-2.6.38.6/fs/nfsd/nfs4xdr.c linux-2.6.38.6/fs/nfsd/nfs4xdr.c
+--- linux-2.6.38.6/fs/nfsd/nfs4xdr.c 2011-04-18 17:27:16.000000000 -0400
++++ linux-2.6.38.6/fs/nfsd/nfs4xdr.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1793,6 +1793,8 @@ nfsd4_encode_fattr(struct svc_fh *fhp, s
+ .dentry = dentry,
+ };
+
++ pax_track_stack();
++
+ BUG_ON(bmval1 & NFSD_WRITEONLY_ATTRS_WORD1);
+ BUG_ON(bmval0 & ~nfsd_suppattrs0(minorversion));
+ BUG_ON(bmval1 & ~nfsd_suppattrs1(minorversion));
diff -urNp linux-2.6.38.6/fs/nfsd/nfsctl.c linux-2.6.38.6/fs/nfsd/nfsctl.c
--- linux-2.6.38.6/fs/nfsd/nfsctl.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/nfsd/nfsctl.c 2011-04-28 19:34:15.000000000 -0400
@@ -38388,6 +40625,18 @@ diff -urNp linux-2.6.38.6/fs/ocfs2/localalloc.c linux-2.6.38.6/fs/ocfs2/localall
bail:
if (handle)
+diff -urNp linux-2.6.38.6/fs/ocfs2/namei.c linux-2.6.38.6/fs/ocfs2/namei.c
+--- linux-2.6.38.6/fs/ocfs2/namei.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/ocfs2/namei.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1064,6 +1064,8 @@ static int ocfs2_rename(struct inode *ol
+ struct ocfs2_dir_lookup_result orphan_insert = { NULL, };
+ struct ocfs2_dir_lookup_result target_insert = { NULL, };
+
++ pax_track_stack();
++
+ /* At some point it might be nice to break this function up a
+ * bit. */
+
diff -urNp linux-2.6.38.6/fs/ocfs2/ocfs2.h linux-2.6.38.6/fs/ocfs2/ocfs2.h
--- linux-2.6.38.6/fs/ocfs2/ocfs2.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/ocfs2/ocfs2.h 2011-04-28 19:34:15.000000000 -0400
@@ -38802,7 +41051,7 @@ diff -urNp linux-2.6.38.6/fs/pipe.c linux-2.6.38.6/fs/pipe.c
/*
diff -urNp linux-2.6.38.6/fs/proc/array.c linux-2.6.38.6/fs/proc/array.c
--- linux-2.6.38.6/fs/proc/array.c 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/fs/proc/array.c 2011-05-10 21:34:42.000000000 -0400
++++ linux-2.6.38.6/fs/proc/array.c 2011-05-16 21:47:08.000000000 -0400
@@ -60,6 +60,7 @@
#include <linux/tty.h>
#include <linux/string.h>
@@ -38858,7 +41107,7 @@ diff -urNp linux-2.6.38.6/fs/proc/array.c linux-2.6.38.6/fs/proc/array.c
static int do_task_stat(struct seq_file *m, struct pid_namespace *ns,
struct pid *pid, struct task_struct *task, int whole)
{
-@@ -375,7 +406,7 @@ static int do_task_stat(struct seq_file
+@@ -375,9 +406,11 @@ static int do_task_stat(struct seq_file
cputime_t cutime, cstime, utime, stime;
cputime_t cgtime, gtime;
unsigned long rsslim = 0;
@@ -38866,8 +41115,12 @@ diff -urNp linux-2.6.38.6/fs/proc/array.c linux-2.6.38.6/fs/proc/array.c
+ char tcomm[sizeof(task->comm)] = { 0 };
unsigned long flags;
++ pax_track_stack();
++
state = *get_task_state(task);
-@@ -449,6 +480,19 @@ static int do_task_stat(struct seq_file
+ vsize = eip = esp = 0;
+ permitted = ptrace_may_access(task, PTRACE_MODE_READ);
+@@ -449,6 +482,19 @@ static int do_task_stat(struct seq_file
gtime = task->gtime;
}
@@ -38887,7 +41140,7 @@ diff -urNp linux-2.6.38.6/fs/proc/array.c linux-2.6.38.6/fs/proc/array.c
/* scale priority and nice values from timeslices to -20..20 */
/* to make it look like a "normal" Unix priority/nice value */
priority = task_prio(task);
-@@ -489,9 +533,15 @@ static int do_task_stat(struct seq_file
+@@ -489,9 +535,15 @@ static int do_task_stat(struct seq_file
vsize,
mm ? get_mm_rss(mm) : 0,
rsslim,
@@ -38903,7 +41156,7 @@ diff -urNp linux-2.6.38.6/fs/proc/array.c linux-2.6.38.6/fs/proc/array.c
esp,
eip,
/* The signal information here is obsolete.
-@@ -544,3 +594,18 @@ int proc_pid_statm(struct seq_file *m, s
+@@ -544,3 +596,18 @@ int proc_pid_statm(struct seq_file *m, s
return 0;
}
@@ -39443,8 +41696,17 @@ diff -urNp linux-2.6.38.6/fs/proc/Kconfig linux-2.6.38.6/fs/proc/Kconfig
Various /proc files exist to monitor process memory utilization:
diff -urNp linux-2.6.38.6/fs/proc/kcore.c linux-2.6.38.6/fs/proc/kcore.c
--- linux-2.6.38.6/fs/proc/kcore.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/proc/kcore.c 2011-04-28 19:34:15.000000000 -0400
-@@ -478,9 +478,10 @@ read_kcore(struct file *file, char __use
++++ linux-2.6.38.6/fs/proc/kcore.c 2011-05-16 21:47:08.000000000 -0400
+@@ -321,6 +321,8 @@ static void elf_kcore_store_hdr(char *bu
+ off_t offset = 0;
+ struct kcore_list *m;
+
++ pax_track_stack();
++
+ /* setup ELF header */
+ elf = (struct elfhdr *) bufp;
+ bufp += sizeof(struct elfhdr);
+@@ -478,9 +480,10 @@ read_kcore(struct file *file, char __use
* the addresses in the elf_phdr on our list.
*/
start = kc_offset_to_vaddr(*fpos - elf_buflen);
@@ -39457,7 +41719,7 @@ diff -urNp linux-2.6.38.6/fs/proc/kcore.c linux-2.6.38.6/fs/proc/kcore.c
while (buflen) {
struct kcore_list *m;
-@@ -509,20 +510,23 @@ read_kcore(struct file *file, char __use
+@@ -509,20 +512,23 @@ read_kcore(struct file *file, char __use
kfree(elf_buf);
} else {
if (kern_addr_valid(start)) {
@@ -39492,7 +41754,7 @@ diff -urNp linux-2.6.38.6/fs/proc/kcore.c linux-2.6.38.6/fs/proc/kcore.c
} else {
if (clear_user(buffer, tsz))
return -EFAULT;
-@@ -542,6 +546,9 @@ read_kcore(struct file *file, char __use
+@@ -542,6 +548,9 @@ read_kcore(struct file *file, char __use
static int open_kcore(struct inode *inode, struct file *filp)
{
@@ -39504,8 +41766,17 @@ diff -urNp linux-2.6.38.6/fs/proc/kcore.c linux-2.6.38.6/fs/proc/kcore.c
if (kcore_need_update)
diff -urNp linux-2.6.38.6/fs/proc/meminfo.c linux-2.6.38.6/fs/proc/meminfo.c
--- linux-2.6.38.6/fs/proc/meminfo.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/proc/meminfo.c 2011-05-11 18:34:07.000000000 -0400
-@@ -157,7 +157,7 @@ static int meminfo_proc_show(struct seq_
++++ linux-2.6.38.6/fs/proc/meminfo.c 2011-05-16 21:47:08.000000000 -0400
+@@ -29,6 +29,8 @@ static int meminfo_proc_show(struct seq_
+ unsigned long pages[NR_LRU_LISTS];
+ int lru;
+
++ pax_track_stack();
++
+ /*
+ * display in kilobytes.
+ */
+@@ -157,7 +159,7 @@ static int meminfo_proc_show(struct seq_
vmi.used >> 10,
vmi.largest_chunk >> 10
#ifdef CONFIG_MEMORY_FAILURE
@@ -39894,6 +42165,18 @@ diff -urNp linux-2.6.38.6/fs/readdir.c linux-2.6.38.6/fs/readdir.c
buf.count = count;
buf.error = 0;
+diff -urNp linux-2.6.38.6/fs/reiserfs/dir.c linux-2.6.38.6/fs/reiserfs/dir.c
+--- linux-2.6.38.6/fs/reiserfs/dir.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/dir.c 2011-05-16 21:47:09.000000000 -0400
+@@ -66,6 +66,8 @@ int reiserfs_readdir_dentry(struct dentr
+ struct reiserfs_dir_entry de;
+ int ret = 0;
+
++ pax_track_stack();
++
+ reiserfs_write_lock(inode->i_sb);
+
+ reiserfs_check_lock_depth(inode->i_sb, "readdir");
diff -urNp linux-2.6.38.6/fs/reiserfs/do_balan.c linux-2.6.38.6/fs/reiserfs/do_balan.c
--- linux-2.6.38.6/fs/reiserfs/do_balan.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/reiserfs/do_balan.c 2011-04-28 19:34:15.000000000 -0400
@@ -39963,9 +42246,33 @@ diff -urNp linux-2.6.38.6/fs/reiserfs/item_ops.c linux-2.6.38.6/fs/reiserfs/item
&stat_data_ops,
&indirect_ops,
&direct_ops,
+diff -urNp linux-2.6.38.6/fs/reiserfs/journal.c linux-2.6.38.6/fs/reiserfs/journal.c
+--- linux-2.6.38.6/fs/reiserfs/journal.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/journal.c 2011-05-16 21:47:09.000000000 -0400
+@@ -2299,6 +2299,8 @@ static struct buffer_head *reiserfs_brea
+ struct buffer_head *bh;
+ int i, j;
+
++ pax_track_stack();
++
+ bh = __getblk(dev, block, bufsize);
+ if (buffer_uptodate(bh))
+ return (bh);
+diff -urNp linux-2.6.38.6/fs/reiserfs/namei.c linux-2.6.38.6/fs/reiserfs/namei.c
+--- linux-2.6.38.6/fs/reiserfs/namei.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/namei.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1228,6 +1228,8 @@ static int reiserfs_rename(struct inode
+ unsigned long savelink = 1;
+ struct timespec ctime;
+
++ pax_track_stack();
++
+ /* three balancings: (1) old name removal, (2) new name insertion
+ and (3) maybe "save" link insertion
+ stat data updates: (1) old directory,
diff -urNp linux-2.6.38.6/fs/reiserfs/procfs.c linux-2.6.38.6/fs/reiserfs/procfs.c
--- linux-2.6.38.6/fs/reiserfs/procfs.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/reiserfs/procfs.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/procfs.c 2011-05-16 21:47:08.000000000 -0400
@@ -113,7 +113,7 @@ static int show_super(struct seq_file *m
"SMALL_TAILS " : "NO_TAILS ",
replay_only(sb) ? "REPLAY_ONLY " : "",
@@ -39975,9 +42282,78 @@ diff -urNp linux-2.6.38.6/fs/reiserfs/procfs.c linux-2.6.38.6/fs/reiserfs/procfs
SF(s_disk_reads), SF(s_disk_writes), SF(s_fix_nodes),
SF(s_do_balance), SF(s_unneeded_left_neighbor),
SF(s_good_search_by_key_reada), SF(s_bmaps),
+@@ -299,6 +299,8 @@ static int show_journal(struct seq_file
+ struct journal_params *jp = &rs->s_v1.s_journal;
+ char b[BDEVNAME_SIZE];
+
++ pax_track_stack();
++
+ seq_printf(m, /* on-disk fields */
+ "jp_journal_1st_block: \t%i\n"
+ "jp_journal_dev: \t%s[%x]\n"
+diff -urNp linux-2.6.38.6/fs/reiserfs/stree.c linux-2.6.38.6/fs/reiserfs/stree.c
+--- linux-2.6.38.6/fs/reiserfs/stree.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/stree.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1196,6 +1196,8 @@ int reiserfs_delete_item(struct reiserfs
+ int iter = 0;
+ #endif
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ init_tb_struct(th, &s_del_balance, sb, path,
+@@ -1333,6 +1335,8 @@ void reiserfs_delete_solid_item(struct r
+ int retval;
+ int quota_cut_bytes = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ le_key2cpu_key(&cpu_key, key);
+@@ -1562,6 +1566,8 @@ int reiserfs_cut_from_item(struct reiser
+ int quota_cut_bytes;
+ loff_t tail_pos = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ init_tb_struct(th, &s_cut_balance, inode->i_sb, path,
+@@ -1957,6 +1963,8 @@ int reiserfs_paste_into_item(struct reis
+ int retval;
+ int fs_gen;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ fs_gen = get_generation(inode->i_sb);
+@@ -2045,6 +2053,8 @@ int reiserfs_insert_item(struct reiserfs
+ int fs_gen = 0;
+ int quota_bytes = 0;
+
++ pax_track_stack();
++
+ BUG_ON(!th->t_trans_id);
+
+ if (inode) { /* Do we count quotas for item? */
+diff -urNp linux-2.6.38.6/fs/reiserfs/super.c linux-2.6.38.6/fs/reiserfs/super.c
+--- linux-2.6.38.6/fs/reiserfs/super.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/reiserfs/super.c 2011-05-16 21:47:09.000000000 -0400
+@@ -927,6 +927,8 @@ static int reiserfs_parse_options(struct
+ {.option_name = NULL}
+ };
+
++ pax_track_stack();
++
+ *blocks = 0;
+ if (!options || !*options)
+ /* use default configuration: create tails, journaling on, no
diff -urNp linux-2.6.38.6/fs/select.c linux-2.6.38.6/fs/select.c
--- linux-2.6.38.6/fs/select.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/select.c 2011-05-11 18:35:37.000000000 -0400
++++ linux-2.6.38.6/fs/select.c 2011-05-16 21:47:08.000000000 -0400
@@ -20,6 +20,7 @@
#include <linux/module.h>
#include <linux/slab.h>
@@ -39990,17 +42366,25 @@ diff -urNp linux-2.6.38.6/fs/select.c linux-2.6.38.6/fs/select.c
int retval, i, timed_out = 0;
unsigned long slack = 0;
-+ stackleak_probe(table);
++ pax_track_stack();
+
rcu_read_lock();
retval = max_select_fd(n, fds);
rcu_read_unlock();
-@@ -840,6 +843,10 @@ int do_sys_poll(struct pollfd __user *uf
+@@ -531,6 +534,8 @@ int core_sys_select(int n, fd_set __user
+ /* Allocate small arguments on the stack to save memory and be faster */
+ long stack_fds[SELECT_STACK_ALLOC/sizeof(long)];
+
++ pax_track_stack();
++
+ ret = -EINVAL;
+ if (n < 0)
+ goto out_nofds;
+@@ -840,6 +845,9 @@ int do_sys_poll(struct pollfd __user *uf
struct poll_list *walk = head;
unsigned long todo = nfds;
-+ stackleak_probe(table);
-+ stackleak_probe(stack_pps);
++ pax_track_stack();
+
+ gr_learn_resource(current, RLIMIT_NOFILE, nfds, 1);
if (nfds > rlimit(RLIMIT_NOFILE))
@@ -40051,7 +42435,7 @@ diff -urNp linux-2.6.38.6/fs/seq_file.c linux-2.6.38.6/fs/seq_file.c
m->count = 0;
diff -urNp linux-2.6.38.6/fs/splice.c linux-2.6.38.6/fs/splice.c
--- linux-2.6.38.6/fs/splice.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/fs/splice.c 2011-05-11 18:34:57.000000000 -0400
++++ linux-2.6.38.6/fs/splice.c 2011-05-16 21:47:08.000000000 -0400
@@ -186,7 +186,7 @@ ssize_t splice_to_pipe(struct pipe_inode
pipe_lock(pipe);
@@ -40077,7 +42461,7 @@ diff -urNp linux-2.6.38.6/fs/splice.c linux-2.6.38.6/fs/splice.c
.spd_release = spd_release_page,
};
-+ stackleak_probe(partial);
++ pax_track_stack();
+
if (splice_grow_spd(pipe, &spd))
return -ENOMEM;
@@ -40104,7 +42488,7 @@ diff -urNp linux-2.6.38.6/fs/splice.c linux-2.6.38.6/fs/splice.c
.spd_release = spd_release_page,
};
-+ stackleak_probe(partial);
++ pax_track_stack();
+
if (splice_grow_spd(pipe, &spd))
return -ENOMEM;
@@ -40144,7 +42528,7 @@ diff -urNp linux-2.6.38.6/fs/splice.c linux-2.6.38.6/fs/splice.c
};
long ret;
-+ stackleak_probe(partial);
++ pax_track_stack();
+
pipe = get_pipe_info(file);
if (!pipe)
@@ -40292,6 +42676,18 @@ diff -urNp linux-2.6.38.6/fs/sysfs/symlink.c linux-2.6.38.6/fs/sysfs/symlink.c
if (!IS_ERR(page))
free_page((unsigned long)page);
}
+diff -urNp linux-2.6.38.6/fs/udf/inode.c linux-2.6.38.6/fs/udf/inode.c
+--- linux-2.6.38.6/fs/udf/inode.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/fs/udf/inode.c 2011-05-16 21:47:09.000000000 -0400
+@@ -477,6 +477,8 @@ static struct buffer_head *inode_getblk(
+ int goal = 0, pgoal = iinfo->i_location.logicalBlockNum;
+ int lastblock = 0;
+
++ pax_track_stack();
++
+ prev_epos.offset = udf_file_entry_alloc_offset(inode);
+ prev_epos.block = iinfo->i_location;
+ prev_epos.bh = NULL;
diff -urNp linux-2.6.38.6/fs/udf/misc.c linux-2.6.38.6/fs/udf/misc.c
--- linux-2.6.38.6/fs/udf/misc.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/fs/udf/misc.c 2011-04-28 19:34:15.000000000 -0400
@@ -40585,8 +42981,8 @@ diff -urNp linux-2.6.38.6/grsecurity/gracl_alloc.c linux-2.6.38.6/grsecurity/gra
+}
diff -urNp linux-2.6.38.6/grsecurity/gracl.c linux-2.6.38.6/grsecurity/gracl.c
--- linux-2.6.38.6/grsecurity/gracl.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.38.6/grsecurity/gracl.c 2011-04-28 19:34:15.000000000 -0400
-@@ -0,0 +1,4074 @@
++++ linux-2.6.38.6/grsecurity/gracl.c 2011-05-17 17:30:19.000000000 -0400
+@@ -0,0 +1,4098 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -42870,6 +45266,8 @@ diff -urNp linux-2.6.38.6/grsecurity/gracl.c linux-2.6.38.6/grsecurity/gracl.c
+ return;
+}
+
++extern int __gr_process_user_ban(struct user_struct *user);
++
+int
+gr_check_user_change(int real, int effective, int fs)
+{
@@ -42881,6 +45279,28 @@ diff -urNp linux-2.6.38.6/grsecurity/gracl.c linux-2.6.38.6/grsecurity/gracl.c
+ int effectiveok = 0;
+ int fsok = 0;
+
++#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
++ struct user_struct *user;
++
++ if (real == -1)
++ goto skipit;
++
++ user = find_user(real);
++ if (user == NULL)
++ goto skipit;
++
++ if (__gr_process_user_ban(user)) {
++ /* for find_user */
++ free_uid(user);
++ return 1;
++ }
++
++ /* for find_user */
++ free_uid(user);
++
++skipit:
++#endif
++
+ if (unlikely(!(gr_status & GR_READY)))
+ return 0;
+
@@ -48097,8 +50517,8 @@ diff -urNp linux-2.6.38.6/grsecurity/grsec_ptrace.c linux-2.6.38.6/grsecurity/gr
+}
diff -urNp linux-2.6.38.6/grsecurity/grsec_sig.c linux-2.6.38.6/grsecurity/grsec_sig.c
--- linux-2.6.38.6/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.38.6/grsecurity/grsec_sig.c 2011-04-28 19:34:15.000000000 -0400
-@@ -0,0 +1,197 @@
++++ linux-2.6.38.6/grsecurity/grsec_sig.c 2011-05-17 17:30:33.000000000 -0400
+@@ -0,0 +1,203 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
+#include <linux/delay.h>
@@ -48280,11 +50700,10 @@ diff -urNp linux-2.6.38.6/grsecurity/grsec_sig.c linux-2.6.38.6/grsecurity/grsec
+#endif
+}
+
-+int gr_process_user_ban(void)
++int __gr_process_user_ban(struct user_struct *user)
+{
+#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
-+ if (unlikely(current->cred->user->banned)) {
-+ struct user_struct *user = current->cred->user;
++ if (unlikely(user->banned)) {
+ if (user->ban_expires != ~0UL && time_after_eq(get_seconds(), user->ban_expires)) {
+ user->banned = 0;
+ user->ban_expires = 0;
@@ -48294,7 +50713,14 @@ diff -urNp linux-2.6.38.6/grsecurity/grsec_sig.c linux-2.6.38.6/grsecurity/grsec
+ }
+#endif
+ return 0;
++}
+
++int gr_process_user_ban(void)
++{
++#if defined(CONFIG_GRKERNSEC_KERN_LOCKOUT) || defined(CONFIG_GRKERNSEC_BRUTE)
++ return __gr_process_user_ban(current->cred->user);
++#endif
++ return 0;
+}
diff -urNp linux-2.6.38.6/grsecurity/grsec_sock.c linux-2.6.38.6/grsecurity/grsec_sock.c
--- linux-2.6.38.6/grsecurity/grsec_sock.c 1969-12-31 19:00:00.000000000 -0500
@@ -50256,7 +52682,7 @@ diff -urNp linux-2.6.38.6/include/acpi/acpi_drivers.h linux-2.6.38.6/include/acp
return -ENODEV;
diff -urNp linux-2.6.38.6/include/asm-generic/atomic-long.h linux-2.6.38.6/include/asm-generic/atomic-long.h
--- linux-2.6.38.6/include/asm-generic/atomic-long.h 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/include/asm-generic/atomic-long.h 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/include/asm-generic/atomic-long.h 2011-05-16 21:47:08.000000000 -0400
@@ -22,6 +22,12 @@
typedef atomic64_t atomic_long_t;
@@ -50540,7 +52966,7 @@ diff -urNp linux-2.6.38.6/include/asm-generic/atomic-long.h linux-2.6.38.6/inclu
+#define atomic_add_unchecked(i, v) atomic_add((i), (v))
+#define atomic_sub_unchecked(i, v) atomic_sub((i), (v))
+#define atomic_inc_unchecked(v) atomic_inc(v)
-+#define atomic_inc_and_test_unchecked(v) atomic_inc(v)
++#define atomic_inc_and_test_unchecked(v) atomic_inc_and_test(v)
+#define atomic_inc_return_unchecked(v) atomic_inc_return(v)
+#define atomic_add_return_unchecked(i, v) atomic_add_return((i), (v))
+#define atomic_dec_unchecked(v) atomic_dec(v)
@@ -53441,7 +55867,7 @@ diff -urNp linux-2.6.38.6/include/linux/rmap.h linux-2.6.38.6/include/linux/rmap
diff -urNp linux-2.6.38.6/include/linux/sched.h linux-2.6.38.6/include/linux/sched.h
--- linux-2.6.38.6/include/linux/sched.h 2011-04-22 19:20:59.000000000 -0400
-+++ linux-2.6.38.6/include/linux/sched.h 2011-05-11 18:39:40.000000000 -0400
++++ linux-2.6.38.6/include/linux/sched.h 2011-05-18 20:23:44.000000000 -0400
@@ -99,6 +99,7 @@ struct robust_list_head;
struct bio_list;
struct fs_struct;
@@ -53579,7 +56005,7 @@ diff -urNp linux-2.6.38.6/include/linux/sched.h linux-2.6.38.6/include/linux/sch
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
/* Index of current stored address in ret_stack */
int curr_ret_stack;
-@@ -1533,6 +1574,67 @@ struct task_struct {
+@@ -1533,6 +1574,63 @@ struct task_struct {
#endif
};
@@ -53628,26 +56054,22 @@ diff -urNp linux-2.6.38.6/include/linux/sched.h linux-2.6.38.6/include/linux/sch
+void pax_report_refcount_overflow(struct pt_regs *regs);
+void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type);
+
++static inline void pax_track_stack(void)
++{
++
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+#define stackleak_probe(var) \
-+ do { \
-+ size_t maxidx = sizeof(var) / sizeof(long); \
-+ long *p = (long *)&var; \
-+ unsigned int i; \
-+ \
-+ BUILD_BUG_ON(sizeof(var) < 64); \
-+ \
-+ for (i = 0; i < maxidx; i += 64 / sizeof(long)) \
-+ p[i] = 0; \
-+ } while (0)
-+#else
-+#define stackleak_probe(var) do { } while (0)
++ unsigned long sp = current_stack_pointer;
++ if (current_thread_info()->lowest_stack > sp &&
++ (unsigned long)task_stack_page(current) < sp)
++ current_thread_info()->lowest_stack = sp;
+#endif
+
++}
++
/* Future-safe accessor for struct task_struct's cpus_allowed. */
#define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed)
-@@ -2002,7 +2104,9 @@ void yield(void);
+@@ -2002,7 +2100,9 @@ void yield(void);
extern struct exec_domain default_exec_domain;
union thread_union {
@@ -53657,7 +56079,7 @@ diff -urNp linux-2.6.38.6/include/linux/sched.h linux-2.6.38.6/include/linux/sch
unsigned long stack[THREAD_SIZE/sizeof(long)];
};
-@@ -2172,7 +2276,7 @@ extern void __cleanup_sighand(struct sig
+@@ -2172,7 +2272,7 @@ extern void __cleanup_sighand(struct sig
extern void exit_itimers(struct signal_struct *);
extern void flush_itimer_signals(void);
@@ -53666,7 +56088,7 @@ diff -urNp linux-2.6.38.6/include/linux/sched.h linux-2.6.38.6/include/linux/sch
extern void daemonize(const char *, ...);
extern int allow_signal(int);
-@@ -2313,13 +2417,17 @@ static inline unsigned long *end_of_stac
+@@ -2313,13 +2413,17 @@ static inline unsigned long *end_of_stac
#endif
@@ -55177,12 +57599,12 @@ diff -urNp linux-2.6.38.6/ipc/mqueue.c linux-2.6.38.6/ipc/mqueue.c
u->mq_bytes + mq_bytes >
diff -urNp linux-2.6.38.6/ipc/sem.c linux-2.6.38.6/ipc/sem.c
--- linux-2.6.38.6/ipc/sem.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/ipc/sem.c 2011-05-11 18:34:57.000000000 -0400
++++ linux-2.6.38.6/ipc/sem.c 2011-05-16 21:47:08.000000000 -0400
@@ -854,6 +854,8 @@ static int semctl_main(struct ipc_namesp
int nsems;
struct list_head tasks;
-+ stackleak_probe(fast_sem_io);
++ pax_track_stack();
+
sma = sem_lock_check(ns, semid);
if (IS_ERR(sma))
@@ -55191,7 +57613,7 @@ diff -urNp linux-2.6.38.6/ipc/sem.c linux-2.6.38.6/ipc/sem.c
struct ipc_namespace *ns;
struct list_head tasks;
-+ stackleak_probe(fast_sops);
++ pax_track_stack();
+
ns = current->nsproxy->ipc_ns;
@@ -55373,6 +57795,18 @@ diff -urNp linux-2.6.38.6/kernel/capability.c linux-2.6.38.6/kernel/capability.c
+
EXPORT_SYMBOL(capable);
+EXPORT_SYMBOL(capable_nolog);
+diff -urNp linux-2.6.38.6/kernel/cgroup.c linux-2.6.38.6/kernel/cgroup.c
+--- linux-2.6.38.6/kernel/cgroup.c 2011-04-18 17:27:16.000000000 -0400
++++ linux-2.6.38.6/kernel/cgroup.c 2011-05-16 21:47:09.000000000 -0400
+@@ -598,6 +598,8 @@ static struct css_set *find_css_set(
+ struct hlist_head *hhead;
+ struct cg_cgroup_link *link;
+
++ pax_track_stack();
++
+ /* First see if we already have a cgroup group that matches
+ * the desired set */
+ read_lock(&css_set_lock);
diff -urNp linux-2.6.38.6/kernel/compat.c linux-2.6.38.6/kernel/compat.c
--- linux-2.6.38.6/kernel/compat.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/kernel/compat.c 2011-04-28 19:34:15.000000000 -0400
@@ -55409,8 +57843,80 @@ diff -urNp linux-2.6.38.6/kernel/configs.c linux-2.6.38.6/kernel/configs.c
diff -urNp linux-2.6.38.6/kernel/cred.c linux-2.6.38.6/kernel/cred.c
--- linux-2.6.38.6/kernel/cred.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/kernel/cred.c 2011-04-28 19:34:15.000000000 -0400
-@@ -483,6 +483,8 @@ int commit_creds(struct cred *new)
++++ linux-2.6.38.6/kernel/cred.c 2011-05-17 19:31:43.000000000 -0400
+@@ -157,6 +157,8 @@ static void put_cred_rcu(struct rcu_head
+ */
+ void __put_cred(struct cred *cred)
+ {
++ pax_track_stack();
++
+ kdebug("__put_cred(%p{%d,%d})", cred,
+ atomic_read(&cred->usage),
+ read_cred_subscribers(cred));
+@@ -181,6 +183,8 @@ void exit_creds(struct task_struct *tsk)
+ {
+ struct cred *cred;
+
++ pax_track_stack();
++
+ kdebug("exit_creds(%u,%p,%p,{%d,%d})", tsk->pid, tsk->real_cred, tsk->cred,
+ atomic_read(&tsk->cred->usage),
+ read_cred_subscribers(tsk->cred));
+@@ -219,6 +223,8 @@ const struct cred *get_task_cred(struct
+ {
+ const struct cred *cred;
+
++ pax_track_stack();
++
+ rcu_read_lock();
+
+ do {
+@@ -238,6 +244,8 @@ struct cred *cred_alloc_blank(void)
+ {
+ struct cred *new;
+
++ pax_track_stack();
++
+ new = kmem_cache_zalloc(cred_jar, GFP_KERNEL);
+ if (!new)
+ return NULL;
+@@ -286,6 +294,8 @@ struct cred *prepare_creds(void)
+ const struct cred *old;
+ struct cred *new;
+
++ pax_track_stack();
++
+ validate_process_creds();
+
+ new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
+@@ -332,6 +342,8 @@ struct cred *prepare_exec_creds(void)
+ struct thread_group_cred *tgcred = NULL;
+ struct cred *new;
+
++ pax_track_stack();
++
+ #ifdef CONFIG_KEYS
+ tgcred = kmalloc(sizeof(*tgcred), GFP_KERNEL);
+ if (!tgcred)
+@@ -384,6 +396,8 @@ int copy_creds(struct task_struct *p, un
+ struct cred *new;
+ int ret;
+
++ pax_track_stack();
++
+ if (
+ #ifdef CONFIG_KEYS
+ !p->cred->thread_keyring &&
+@@ -469,6 +483,8 @@ int commit_creds(struct cred *new)
+ struct task_struct *task = current;
+ const struct cred *old = task->real_cred;
+
++ pax_track_stack();
++
+ kdebug("commit_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -483,6 +499,8 @@ int commit_creds(struct cred *new)
get_cred(new); /* we will require a ref for the subj creds too */
@@ -55419,6 +57925,60 @@ diff -urNp linux-2.6.38.6/kernel/cred.c linux-2.6.38.6/kernel/cred.c
/* dumpability changes */
if (old->euid != new->euid ||
old->egid != new->egid ||
+@@ -545,6 +563,8 @@ EXPORT_SYMBOL(commit_creds);
+ */
+ void abort_creds(struct cred *new)
+ {
++ pax_track_stack();
++
+ kdebug("abort_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -568,6 +588,8 @@ const struct cred *override_creds(const
+ {
+ const struct cred *old = current->cred;
+
++ pax_track_stack();
++
+ kdebug("override_creds(%p{%d,%d})", new,
+ atomic_read(&new->usage),
+ read_cred_subscribers(new));
+@@ -597,6 +619,8 @@ void revert_creds(const struct cred *old
+ {
+ const struct cred *override = current->cred;
+
++ pax_track_stack();
++
+ kdebug("revert_creds(%p{%d,%d})", old,
+ atomic_read(&old->usage),
+ read_cred_subscribers(old));
+@@ -643,6 +667,8 @@ struct cred *prepare_kernel_cred(struct
+ const struct cred *old;
+ struct cred *new;
+
++ pax_track_stack();
++
+ new = kmem_cache_alloc(cred_jar, GFP_KERNEL);
+ if (!new)
+ return NULL;
+@@ -697,6 +723,8 @@ EXPORT_SYMBOL(prepare_kernel_cred);
+ */
+ int set_security_override(struct cred *new, u32 secid)
+ {
++ pax_track_stack();
++
+ return security_kernel_act_as(new, secid);
+ }
+ EXPORT_SYMBOL(set_security_override);
+@@ -716,6 +744,8 @@ int set_security_override_from_ctx(struc
+ u32 secid;
+ int ret;
+
++ pax_track_stack();
++
+ ret = security_secctx_to_secid(secctx, strlen(secctx), &secid);
+ if (ret < 0)
+ return ret;
diff -urNp linux-2.6.38.6/kernel/debug/debug_core.c linux-2.6.38.6/kernel/debug/debug_core.c
--- linux-2.6.38.6/kernel/debug/debug_core.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/kernel/debug/debug_core.c 2011-04-28 19:57:25.000000000 -0400
@@ -55953,7 +58513,7 @@ diff -urNp linux-2.6.38.6/kernel/fork.c linux-2.6.38.6/kernel/fork.c
new_fs = fs;
diff -urNp linux-2.6.38.6/kernel/futex.c linux-2.6.38.6/kernel/futex.c
--- linux-2.6.38.6/kernel/futex.c 2011-04-22 19:20:59.000000000 -0400
-+++ linux-2.6.38.6/kernel/futex.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/kernel/futex.c 2011-05-16 21:47:08.000000000 -0400
@@ -54,6 +54,7 @@
#include <linux/mount.h>
#include <linux/pagemap.h>
@@ -55974,7 +58534,25 @@ diff -urNp linux-2.6.38.6/kernel/futex.c linux-2.6.38.6/kernel/futex.c
/*
* The futex address must be "naturally" aligned.
*/
-@@ -2404,7 +2410,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
+@@ -1833,6 +1839,8 @@ static int futex_wait(u32 __user *uaddr,
+ struct futex_q q = futex_q_init;
+ int ret;
+
++ pax_track_stack();
++
+ if (!bitset)
+ return -EINVAL;
+ q.bitset = bitset;
+@@ -2232,6 +2240,8 @@ static int futex_wait_requeue_pi(u32 __u
+ struct futex_q q = futex_q_init;
+ int res, ret;
+
++ pax_track_stack();
++
+ if (!bitset)
+ return -EINVAL;
+
+@@ -2404,7 +2414,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
{
struct robust_list_head __user *head;
unsigned long ret;
@@ -55984,7 +58562,7 @@ diff -urNp linux-2.6.38.6/kernel/futex.c linux-2.6.38.6/kernel/futex.c
if (!futex_cmpxchg_enabled)
return -ENOSYS;
-@@ -2420,11 +2428,16 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
+@@ -2420,11 +2432,16 @@ SYSCALL_DEFINE3(get_robust_list, int, pi
if (!p)
goto err_unlock;
ret = -EPERM;
@@ -56001,7 +58579,7 @@ diff -urNp linux-2.6.38.6/kernel/futex.c linux-2.6.38.6/kernel/futex.c
head = p->robust_list;
rcu_read_unlock();
}
-@@ -2667,6 +2680,7 @@ static int __init futex_init(void)
+@@ -2667,6 +2684,7 @@ static int __init futex_init(void)
{
u32 curval;
int i;
@@ -56009,7 +58587,7 @@ diff -urNp linux-2.6.38.6/kernel/futex.c linux-2.6.38.6/kernel/futex.c
/*
* This will fail and we want it. Some arch implementations do
-@@ -2678,7 +2692,10 @@ static int __init futex_init(void)
+@@ -2678,7 +2696,10 @@ static int __init futex_init(void)
* implementation, the non-functional ones will return
* -ENOSYS.
*/
@@ -57452,7 +60030,7 @@ diff -urNp linux-2.6.38.6/kernel/posix-cpu-timers.c linux-2.6.38.6/kernel/posix-
#include <trace/events/timer.h>
diff -urNp linux-2.6.38.6/kernel/posix-timers.c linux-2.6.38.6/kernel/posix-timers.c
--- linux-2.6.38.6/kernel/posix-timers.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/kernel/posix-timers.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/kernel/posix-timers.c 2011-05-16 21:47:09.000000000 -0400
@@ -42,6 +42,7 @@
#include <linux/compiler.h>
#include <linux/idr.h>
@@ -57461,7 +60039,16 @@ diff -urNp linux-2.6.38.6/kernel/posix-timers.c linux-2.6.38.6/kernel/posix-time
#include <linux/syscalls.h>
#include <linux/wait.h>
#include <linux/workqueue.h>
-@@ -955,6 +956,13 @@ SYSCALL_DEFINE2(clock_settime, const clo
+@@ -302,6 +303,8 @@ static __init int init_posix_timers(void
+ .nsleep = no_nsleep,
+ };
+
++ pax_track_stack();
++
+ register_posix_clock(CLOCK_REALTIME, &clock_realtime);
+ register_posix_clock(CLOCK_MONOTONIC, &clock_monotonic);
+ register_posix_clock(CLOCK_MONOTONIC_RAW, &clock_monotonic_raw);
+@@ -955,6 +958,13 @@ SYSCALL_DEFINE2(clock_settime, const clo
if (copy_from_user(&new_tp, tp, sizeof (*tp)))
return -EFAULT;
@@ -58002,6 +60589,18 @@ diff -urNp linux-2.6.38.6/kernel/rcutree_plugin.h linux-2.6.38.6/kernel/rcutree_
put_online_cpus();
}
+diff -urNp linux-2.6.38.6/kernel/relay.c linux-2.6.38.6/kernel/relay.c
+--- linux-2.6.38.6/kernel/relay.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/kernel/relay.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1236,6 +1236,8 @@ static ssize_t subbuf_splice_actor(struc
+ };
+ ssize_t ret;
+
++ pax_track_stack();
++
+ if (rbuf->subbufs_produced == rbuf->subbufs_consumed)
+ return 0;
+ if (splice_grow_spd(pipe, &spd))
diff -urNp linux-2.6.38.6/kernel/resource.c linux-2.6.38.6/kernel/resource.c
--- linux-2.6.38.6/kernel/resource.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/kernel/resource.c 2011-04-28 19:34:15.000000000 -0400
@@ -59018,8 +61617,26 @@ diff -urNp linux-2.6.38.6/kernel/trace/ring_buffer.c linux-2.6.38.6/kernel/trace
{
diff -urNp linux-2.6.38.6/kernel/trace/trace.c linux-2.6.38.6/kernel/trace/trace.c
--- linux-2.6.38.6/kernel/trace/trace.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/kernel/trace/trace.c 2011-04-28 19:34:15.000000000 -0400
-@@ -3967,10 +3967,9 @@ static const struct file_operations trac
++++ linux-2.6.38.6/kernel/trace/trace.c 2011-05-16 21:47:08.000000000 -0400
+@@ -3316,6 +3316,8 @@ static ssize_t tracing_splice_read_pipe(
+ size_t rem;
+ unsigned int i;
+
++ pax_track_stack();
++
+ if (splice_grow_spd(pipe, &spd))
+ return -ENOMEM;
+
+@@ -3799,6 +3801,8 @@ tracing_buffers_splice_read(struct file
+ int entries, size, i;
+ size_t ret;
+
++ pax_track_stack();
++
+ if (splice_grow_spd(pipe, &spd))
+ return -ENOMEM;
+
+@@ -3967,10 +3971,9 @@ static const struct file_operations trac
};
#endif
@@ -59031,7 +61648,7 @@ diff -urNp linux-2.6.38.6/kernel/trace/trace.c linux-2.6.38.6/kernel/trace/trace
static int once;
if (d_tracer)
-@@ -3990,10 +3989,9 @@ struct dentry *tracing_init_dentry(void)
+@@ -3990,10 +3993,9 @@ struct dentry *tracing_init_dentry(void)
return d_tracer;
}
@@ -59340,14 +61957,14 @@ diff -urNp linux-2.6.38.6/localversion-grsec linux-2.6.38.6/localversion-grsec
+-grsec
diff -urNp linux-2.6.38.6/Makefile linux-2.6.38.6/Makefile
--- linux-2.6.38.6/Makefile 2011-05-10 22:06:29.000000000 -0400
-+++ linux-2.6.38.6/Makefile 2011-05-10 22:08:57.000000000 -0400
++++ linux-2.6.38.6/Makefile 2011-05-16 21:47:08.000000000 -0400
@@ -233,8 +233,8 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH"
HOSTCC = gcc
HOSTCXX = g++
-HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer
-HOSTCXXFLAGS = -O2
-+HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
++HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
+HOSTCXXFLAGS = -O2 -fno-delete-null-pointer-checks
# Decide whether to build built-in, modular, or both.
@@ -60441,8 +63058,17 @@ diff -urNp linux-2.6.38.6/mm/mempolicy.c linux-2.6.38.6/mm/mempolicy.c
} else if (vma->vm_start <= mm->start_stack &&
diff -urNp linux-2.6.38.6/mm/migrate.c linux-2.6.38.6/mm/migrate.c
--- linux-2.6.38.6/mm/migrate.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/mm/migrate.c 2011-04-28 19:34:15.000000000 -0400
-@@ -1299,6 +1299,14 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
++++ linux-2.6.38.6/mm/migrate.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1115,6 +1115,8 @@ static int do_pages_move(struct mm_struc
+ unsigned long chunk_start;
+ int err;
+
++ pax_track_stack();
++
+ task_nodes = cpuset_mems_allowed(task);
+
+ err = -ENOMEM;
+@@ -1299,6 +1301,14 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
if (!mm)
return -EINVAL;
@@ -60457,7 +63083,7 @@ diff -urNp linux-2.6.38.6/mm/migrate.c linux-2.6.38.6/mm/migrate.c
/*
* Check if this process has the right to modify the specified
* process. The right exists if the process has administrative
-@@ -1308,8 +1316,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
+@@ -1308,8 +1318,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid,
rcu_read_lock();
tcred = __task_cred(task);
if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
@@ -62181,7 +64807,7 @@ diff -urNp linux-2.6.38.6/mm/nommu.c linux-2.6.38.6/mm/nommu.c
diff -urNp linux-2.6.38.6/mm/page_alloc.c linux-2.6.38.6/mm/page_alloc.c
--- linux-2.6.38.6/mm/page_alloc.c 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/mm/page_alloc.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/mm/page_alloc.c 2011-05-16 21:47:08.000000000 -0400
@@ -644,6 +644,10 @@ static bool free_pages_prepare(struct pa
int i;
int bad = 0;
@@ -62217,6 +64843,15 @@ diff -urNp linux-2.6.38.6/mm/page_alloc.c linux-2.6.38.6/mm/page_alloc.c
if (order && (gfp_flags & __GFP_COMP))
prep_compound_page(page, order);
+@@ -2423,6 +2435,8 @@ void show_free_areas(void)
+ int cpu;
+ struct zone *zone;
+
++ pax_track_stack();
++
+ for_each_populated_zone(zone) {
+ show_node(zone);
+ printk("%s per-cpu:\n", zone->name);
diff -urNp linux-2.6.38.6/mm/percpu.c linux-2.6.38.6/mm/percpu.c
--- linux-2.6.38.6/mm/percpu.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/mm/percpu.c 2011-04-28 19:34:15.000000000 -0400
@@ -62323,7 +64958,7 @@ diff -urNp linux-2.6.38.6/mm/rmap.c linux-2.6.38.6/mm/rmap.c
struct anon_vma *anon_vma;
diff -urNp linux-2.6.38.6/mm/shmem.c linux-2.6.38.6/mm/shmem.c
--- linux-2.6.38.6/mm/shmem.c 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/mm/shmem.c 2011-05-11 18:34:57.000000000 -0400
++++ linux-2.6.38.6/mm/shmem.c 2011-05-18 20:23:44.000000000 -0400
@@ -31,7 +31,7 @@
#include <linux/percpu_counter.h>
#include <linux/swap.h>
@@ -62342,16 +64977,25 @@ diff -urNp linux-2.6.38.6/mm/shmem.c linux-2.6.38.6/mm/shmem.c
if (entry->val) {
/*
* The more uptodate page coming down from a stacked
-@@ -1995,7 +1997,7 @@ static int shmem_symlink(struct inode *d
+@@ -1153,6 +1155,8 @@ static struct page *shmem_swapin(swp_ent
+ struct vm_area_struct pvma;
+ struct page *page;
+
++ pax_track_stack();
++
+ spol = mpol_cond_copy(&mpol,
+ mpol_shared_policy_lookup(&info->policy, idx));
+
+@@ -1995,7 +1999,7 @@ static int shmem_symlink(struct inode *d
info = SHMEM_I(inode);
inode->i_size = len-1;
- if (len <= (char *)inode - (char *)info) {
-+ if (len <= min((char *)inode - (char *)info, 64)) {
++ if (len <= (char *)inode - (char *)info && len <= 64) {
/* do it inline */
memcpy(info, symname, len);
inode->i_op = &shmem_symlink_inline_operations;
-@@ -2341,8 +2343,7 @@ int shmem_fill_super(struct super_block
+@@ -2341,8 +2345,7 @@ int shmem_fill_super(struct super_block
int err = -ENOMEM;
/* Round up to L1_CACHE_BYTES to resist false sharing */
@@ -63439,6 +66083,18 @@ diff -urNp linux-2.6.38.6/net/atm/atm_misc.c linux-2.6.38.6/net/atm/atm_misc.c
__SONET_ITEMS
#undef __HANDLE_ITEM
}
+diff -urNp linux-2.6.38.6/net/atm/mpoa_caches.c linux-2.6.38.6/net/atm/mpoa_caches.c
+--- linux-2.6.38.6/net/atm/mpoa_caches.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/atm/mpoa_caches.c 2011-05-16 21:47:09.000000000 -0400
+@@ -255,6 +255,8 @@ static void check_resolving_entries(stru
+ struct timeval now;
+ struct k_message msg;
+
++ pax_track_stack();
++
+ do_gettimeofday(&now);
+
+ read_lock_bh(&client->ingress_lock);
diff -urNp linux-2.6.38.6/net/atm/proc.c linux-2.6.38.6/net/atm/proc.c
--- linux-2.6.38.6/net/atm/proc.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/atm/proc.c 2011-04-28 19:34:15.000000000 -0400
@@ -63621,7 +66277,7 @@ diff -urNp linux-2.6.38.6/net/bridge/br_multicast.c linux-2.6.38.6/net/bridge/br
/* Okay, we found ICMPv6 header */
diff -urNp linux-2.6.38.6/net/bridge/netfilter/ebtables.c linux-2.6.38.6/net/bridge/netfilter/ebtables.c
--- linux-2.6.38.6/net/bridge/netfilter/ebtables.c 2011-04-18 17:27:18.000000000 -0400
-+++ linux-2.6.38.6/net/bridge/netfilter/ebtables.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/net/bridge/netfilter/ebtables.c 2011-05-16 21:47:08.000000000 -0400
@@ -1512,7 +1512,7 @@ static int do_ebt_get_ctl(struct sock *s
tmp.valid_hooks = t->table->valid_hooks;
}
@@ -63631,6 +66287,15 @@ diff -urNp linux-2.6.38.6/net/bridge/netfilter/ebtables.c linux-2.6.38.6/net/bri
BUGPRINT("c2u Didn't work\n");
ret = -EFAULT;
break;
+@@ -1779,6 +1779,8 @@ static int compat_copy_everything_to_use
+ int ret;
+ void __user *pos;
+
++ pax_track_stack();
++
+ memset(&tinfo, 0, sizeof(tinfo));
+
+ if (cmd == EBT_SO_GET_ENTRIES) {
diff -urNp linux-2.6.38.6/net/caif/caif_socket.c linux-2.6.38.6/net/caif/caif_socket.c
--- linux-2.6.38.6/net/caif/caif_socket.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/caif/caif_socket.c 2011-04-28 19:57:25.000000000 -0400
@@ -63753,8 +66418,16 @@ diff -urNp linux-2.6.38.6/net/caif/caif_socket.c linux-2.6.38.6/net/caif/caif_so
debugfs_remove_recursive(cf_sk->debugfs_socket_dir);
diff -urNp linux-2.6.38.6/net/caif/cfctrl.c linux-2.6.38.6/net/caif/cfctrl.c
--- linux-2.6.38.6/net/caif/cfctrl.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/caif/cfctrl.c 2011-04-28 19:57:25.000000000 -0400
-@@ -46,8 +46,8 @@ struct cflayer *cfctrl_create(void)
++++ linux-2.6.38.6/net/caif/cfctrl.c 2011-05-16 21:47:08.000000000 -0400
+@@ -9,6 +9,7 @@
+ #include <linux/stddef.h>
+ #include <linux/spinlock.h>
+ #include <linux/slab.h>
++#include <linux/sched.h>
+ #include <net/caif/caif_layer.h>
+ #include <net/caif/cfpkt.h>
+ #include <net/caif/cfctrl.h>
+@@ -46,8 +47,8 @@ struct cflayer *cfctrl_create(void)
dev_info.id = 0xff;
memset(this, 0, sizeof(*this));
cfsrvl_init(&this->serv, 0, &dev_info, false);
@@ -63765,7 +66438,7 @@ diff -urNp linux-2.6.38.6/net/caif/cfctrl.c linux-2.6.38.6/net/caif/cfctrl.c
this->serv.layer.receive = cfctrl_recv;
sprintf(this->serv.layer.name, "ctrl");
this->serv.layer.ctrlcmd = cfctrl_ctrlcmd;
-@@ -116,8 +116,8 @@ void cfctrl_insert_req(struct cfctrl *ct
+@@ -116,8 +117,8 @@ void cfctrl_insert_req(struct cfctrl *ct
struct cfctrl_request_info *req)
{
spin_lock(&ctrl->info_list_lock);
@@ -63776,7 +66449,7 @@ diff -urNp linux-2.6.38.6/net/caif/cfctrl.c linux-2.6.38.6/net/caif/cfctrl.c
list_add_tail(&req->list, &ctrl->list);
spin_unlock(&ctrl->info_list_lock);
}
-@@ -136,7 +136,7 @@ struct cfctrl_request_info *cfctrl_remov
+@@ -136,7 +137,7 @@ struct cfctrl_request_info *cfctrl_remov
if (p != first)
pr_warn("Requests are not received in order\n");
@@ -63785,6 +66458,14 @@ diff -urNp linux-2.6.38.6/net/caif/cfctrl.c linux-2.6.38.6/net/caif/cfctrl.c
p->sequence_no);
list_del(&p->list);
goto out;
+@@ -385,6 +386,7 @@ static int cfctrl_recv(struct cflayer *l
+ struct cfctrl *cfctrl = container_obj(layer);
+ struct cfctrl_request_info rsp, *req;
+
++ pax_track_stack();
+
+ cfpkt_extr_head(pkt, &cmdrsp, 1);
+ cmd = cmdrsp & CFCTRL_CMD_MASK;
diff -urNp linux-2.6.38.6/net/can/bcm.c linux-2.6.38.6/net/can/bcm.c
--- linux-2.6.38.6/net/can/bcm.c 2011-05-10 22:06:29.000000000 -0400
+++ linux-2.6.38.6/net/can/bcm.c 2011-05-10 22:09:01.000000000 -0400
@@ -63891,6 +66572,18 @@ diff -urNp linux-2.6.38.6/net/core/flow.c linux-2.6.38.6/net/core/flow.c
if (!IS_ERR(flo))
fle->object = flo;
else
+diff -urNp linux-2.6.38.6/net/core/skbuff.c linux-2.6.38.6/net/core/skbuff.c
+--- linux-2.6.38.6/net/core/skbuff.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/core/skbuff.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1543,6 +1543,8 @@ int skb_splice_bits(struct sk_buff *skb,
+ struct sock *sk = skb->sk;
+ int ret = 0;
+
++ pax_track_stack();
++
+ if (splice_grow_spd(pipe, &spd))
+ return -ENOMEM;
+
diff -urNp linux-2.6.38.6/net/core/sock.c linux-2.6.38.6/net/core/sock.c
--- linux-2.6.38.6/net/core/sock.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/core/sock.c 2011-04-28 19:57:25.000000000 -0400
@@ -64092,8 +66785,17 @@ diff -urNp linux-2.6.38.6/net/ipv4/inet_hashtables.c linux-2.6.38.6/net/ipv4/ine
while (twrefcnt) {
diff -urNp linux-2.6.38.6/net/ipv4/inetpeer.c linux-2.6.38.6/net/ipv4/inetpeer.c
--- linux-2.6.38.6/net/ipv4/inetpeer.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/ipv4/inetpeer.c 2011-04-28 19:34:15.000000000 -0400
-@@ -509,8 +509,8 @@ struct inet_peer *inet_getpeer(struct in
++++ linux-2.6.38.6/net/ipv4/inetpeer.c 2011-05-16 21:47:08.000000000 -0400
+@@ -478,6 +478,8 @@ struct inet_peer *inet_getpeer(struct in
+ struct inet_peer_base *base = family_to_base(daddr->family);
+ struct inet_peer *p;
+
++ pax_track_stack();
++
+ /* Look up for the address quickly, lockless.
+ * Because of a concurrent writer, we might not find an existing entry.
+ */
+@@ -509,8 +511,8 @@ struct inet_peer *inet_getpeer(struct in
if (p) {
p->daddr = *daddr;
atomic_set(&p->refcnt, 1);
@@ -64116,6 +66818,18 @@ diff -urNp linux-2.6.38.6/net/ipv4/ip_fragment.c linux-2.6.38.6/net/ipv4/ip_frag
qp->rid = end;
rc = qp->q.fragments && (end - start) > max;
+diff -urNp linux-2.6.38.6/net/ipv4/ip_sockglue.c linux-2.6.38.6/net/ipv4/ip_sockglue.c
+--- linux-2.6.38.6/net/ipv4/ip_sockglue.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/ipv4/ip_sockglue.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1064,6 +1064,8 @@ static int do_ip_getsockopt(struct sock
+ int val;
+ int len;
+
++ pax_track_stack();
++
+ if (level != SOL_IP)
+ return -EOPNOTSUPP;
+
diff -urNp linux-2.6.38.6/net/ipv4/netfilter/nf_nat_snmp_basic.c linux-2.6.38.6/net/ipv4/netfilter/nf_nat_snmp_basic.c
--- linux-2.6.38.6/net/ipv4/netfilter/nf_nat_snmp_basic.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/ipv4/netfilter/nf_nat_snmp_basic.c 2011-04-28 19:34:15.000000000 -0400
@@ -64217,6 +66931,27 @@ diff -urNp linux-2.6.38.6/net/ipv4/route.c linux-2.6.38.6/net/ipv4/route.c
if (rt->peer->tcp_ts_stamp) {
ts = rt->peer->tcp_ts;
tsage = get_seconds() - rt->peer->tcp_ts_stamp;
+diff -urNp linux-2.6.38.6/net/ipv4/tcp.c linux-2.6.38.6/net/ipv4/tcp.c
+--- linux-2.6.38.6/net/ipv4/tcp.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/ipv4/tcp.c 2011-05-16 21:47:09.000000000 -0400
+@@ -2121,6 +2121,8 @@ static int do_tcp_setsockopt(struct sock
+ int val;
+ int err = 0;
+
++ pax_track_stack();
++
+ /* These are data/string values, all the others are ints */
+ switch (optname) {
+ case TCP_CONGESTION: {
+@@ -2500,6 +2502,8 @@ static int do_tcp_getsockopt(struct sock
+ struct tcp_sock *tp = tcp_sk(sk);
+ int val, len;
+
++ pax_track_stack();
++
+ if (get_user(len, optlen))
+ return -EFAULT;
+
diff -urNp linux-2.6.38.6/net/ipv4/tcp_ipv4.c linux-2.6.38.6/net/ipv4/tcp_ipv4.c
--- linux-2.6.38.6/net/ipv4/tcp_ipv4.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/ipv4/tcp_ipv4.c 2011-04-28 19:34:15.000000000 -0400
@@ -64340,6 +67075,18 @@ diff -urNp linux-2.6.38.6/net/ipv4/tcp_minisocks.c linux-2.6.38.6/net/ipv4/tcp_m
if (!(flg & TCP_FLAG_RST))
req->rsk_ops->send_reset(sk, skb);
+diff -urNp linux-2.6.38.6/net/ipv4/tcp_output.c linux-2.6.38.6/net/ipv4/tcp_output.c
+--- linux-2.6.38.6/net/ipv4/tcp_output.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/ipv4/tcp_output.c 2011-05-16 21:47:09.000000000 -0400
+@@ -2420,6 +2420,8 @@ struct sk_buff *tcp_make_synack(struct s
+ int mss;
+ int s_data_desired = 0;
+
++ pax_track_stack();
++
+ if (cvp != NULL && cvp->s_data_constant && cvp->s_data_desired)
+ s_data_desired = cvp->s_data_desired;
+ skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15 + s_data_desired, 1, GFP_ATOMIC);
diff -urNp linux-2.6.38.6/net/ipv4/tcp_probe.c linux-2.6.38.6/net/ipv4/tcp_probe.c
--- linux-2.6.38.6/net/ipv4/tcp_probe.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/ipv4/tcp_probe.c 2011-04-28 19:34:15.000000000 -0400
@@ -64528,9 +67275,30 @@ diff -urNp linux-2.6.38.6/net/ipv6/inet6_hashtables.c linux-2.6.38.6/net/ipv6/in
const unsigned short hnum,
const struct in6_addr *daddr,
const int dif)
+diff -urNp linux-2.6.38.6/net/ipv6/ipv6_sockglue.c linux-2.6.38.6/net/ipv6/ipv6_sockglue.c
+--- linux-2.6.38.6/net/ipv6/ipv6_sockglue.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/ipv6/ipv6_sockglue.c 2011-05-16 21:47:09.000000000 -0400
+@@ -129,6 +129,8 @@ static int do_ipv6_setsockopt(struct soc
+ int val, valbool;
+ int retv = -ENOPROTOOPT;
+
++ pax_track_stack();
++
+ if (optval == NULL)
+ val=0;
+ else {
+@@ -919,6 +921,8 @@ static int do_ipv6_getsockopt(struct soc
+ int len;
+ int val;
+
++ pax_track_stack();
++
+ if (ip6_mroute_opt(optname))
+ return ip6_mroute_getsockopt(sk, optname, optval, optlen);
+
diff -urNp linux-2.6.38.6/net/ipv6/raw.c linux-2.6.38.6/net/ipv6/raw.c
--- linux-2.6.38.6/net/ipv6/raw.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/ipv6/raw.c 2011-04-28 20:08:36.000000000 -0400
++++ linux-2.6.38.6/net/ipv6/raw.c 2011-05-16 21:47:08.000000000 -0400
@@ -376,7 +376,7 @@ static inline int rawv6_rcv_skb(struct s
{
if ((raw6_sk(sk)->checksum || rcu_dereference_raw(sk->sk_filter)) &&
@@ -64567,7 +67335,16 @@ diff -urNp linux-2.6.38.6/net/ipv6/raw.c linux-2.6.38.6/net/ipv6/raw.c
struct flowi *fl, struct dst_entry **dstp,
unsigned int flags)
{
-@@ -919,12 +919,15 @@ do_confirm:
+@@ -743,6 +743,8 @@ static int rawv6_sendmsg(struct kiocb *i
+ u16 proto;
+ int err;
+
++ pax_track_stack();
++
+ /* Rough check on arithmetic overflow,
+ better check is made in ip6_append_data().
+ */
+@@ -919,12 +921,15 @@ do_confirm:
static int rawv6_seticmpfilter(struct sock *sk, int level, int optname,
char __user *optval, int optlen)
{
@@ -64584,7 +67361,7 @@ diff -urNp linux-2.6.38.6/net/ipv6/raw.c linux-2.6.38.6/net/ipv6/raw.c
return 0;
default:
return -ENOPROTOOPT;
-@@ -936,6 +939,7 @@ static int rawv6_seticmpfilter(struct so
+@@ -936,6 +941,7 @@ static int rawv6_seticmpfilter(struct so
static int rawv6_geticmpfilter(struct sock *sk, int level, int optname,
char __user *optval, int __user *optlen)
{
@@ -64592,7 +67369,7 @@ diff -urNp linux-2.6.38.6/net/ipv6/raw.c linux-2.6.38.6/net/ipv6/raw.c
int len;
switch (optname) {
-@@ -948,7 +952,8 @@ static int rawv6_geticmpfilter(struct so
+@@ -948,7 +954,8 @@ static int rawv6_geticmpfilter(struct so
len = sizeof(struct icmp6_filter);
if (put_user(len, optlen))
return -EFAULT;
@@ -64602,7 +67379,7 @@ diff -urNp linux-2.6.38.6/net/ipv6/raw.c linux-2.6.38.6/net/ipv6/raw.c
return -EFAULT;
return 0;
default:
-@@ -1262,7 +1267,13 @@ static void raw6_sock_seq_show(struct se
+@@ -1262,7 +1269,13 @@ static void raw6_sock_seq_show(struct se
0, 0L, 0,
sock_i_uid(sp), 0,
sock_i_ino(sp),
@@ -64929,8 +67706,17 @@ diff -urNp linux-2.6.38.6/net/iucv/af_iucv.c linux-2.6.38.6/net/iucv/af_iucv.c
write_unlock_bh(&iucv_sk_list.lock);
diff -urNp linux-2.6.38.6/net/key/af_key.c linux-2.6.38.6/net/key/af_key.c
--- linux-2.6.38.6/net/key/af_key.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/key/af_key.c 2011-04-28 19:57:25.000000000 -0400
-@@ -3003,10 +3003,10 @@ static int pfkey_send_policy_notify(stru
++++ linux-2.6.38.6/net/key/af_key.c 2011-05-16 21:47:08.000000000 -0400
+@@ -2470,6 +2470,8 @@ static int pfkey_migrate(struct sock *sk
+ struct xfrm_migrate m[XFRM_MAX_DEPTH];
+ struct xfrm_kmaddress k;
+
++ pax_track_stack();
++
+ if (!present_and_same_family(ext_hdrs[SADB_EXT_ADDRESS_SRC - 1],
+ ext_hdrs[SADB_EXT_ADDRESS_DST - 1]) ||
+ !ext_hdrs[SADB_X_EXT_POLICY - 1]) {
+@@ -3003,10 +3005,10 @@ static int pfkey_send_policy_notify(stru
static u32 get_acqseq(void)
{
u32 res;
@@ -64943,7 +67729,7 @@ diff -urNp linux-2.6.38.6/net/key/af_key.c linux-2.6.38.6/net/key/af_key.c
} while (!res);
return res;
}
-@@ -3644,7 +3644,11 @@ static int pfkey_seq_show(struct seq_fil
+@@ -3644,7 +3646,11 @@ static int pfkey_seq_show(struct seq_fil
seq_printf(f ,"sk RefCnt Rmem Wmem User Inode\n");
else
seq_printf(f ,"%p %-6d %-6u %-6u %-6u %-6lu\n",
@@ -64978,6 +67764,27 @@ diff -urNp linux-2.6.38.6/net/mac80211/cfg.h linux-2.6.38.6/net/mac80211/cfg.h
+extern const struct cfg80211_ops mac80211_config_ops;
#endif /* __CFG_H */
+diff -urNp linux-2.6.38.6/net/mac80211/debugfs_sta.c linux-2.6.38.6/net/mac80211/debugfs_sta.c
+--- linux-2.6.38.6/net/mac80211/debugfs_sta.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/mac80211/debugfs_sta.c 2011-05-16 21:47:09.000000000 -0400
+@@ -115,6 +115,8 @@ static ssize_t sta_agg_status_read(struc
+ struct tid_ampdu_rx *tid_rx;
+ struct tid_ampdu_tx *tid_tx;
+
++ pax_track_stack();
++
+ rcu_read_lock();
+
+ p += scnprintf(p, sizeof(buf) + buf - p, "next dialog_token: %#02x\n",
+@@ -215,6 +217,8 @@ static ssize_t sta_ht_capa_read(struct f
+ struct sta_info *sta = file->private_data;
+ struct ieee80211_sta_ht_cap *htc = &sta->sta.ht_cap;
+
++ pax_track_stack();
++
+ p += scnprintf(p, sizeof(buf) + buf - p, "ht %ssupported\n",
+ htc->ht_supported ? "" : "not ");
+ if (htc->ht_supported) {
diff -urNp linux-2.6.38.6/net/mac80211/ieee80211_i.h linux-2.6.38.6/net/mac80211/ieee80211_i.h
--- linux-2.6.38.6/net/mac80211/ieee80211_i.h 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/mac80211/ieee80211_i.h 2011-04-28 19:34:15.000000000 -0400
@@ -65067,6 +67874,18 @@ diff -urNp linux-2.6.38.6/net/mac80211/main.c linux-2.6.38.6/net/mac80211/main.c
ret = drv_config(local, changed);
/*
* Goal:
+diff -urNp linux-2.6.38.6/net/mac80211/mlme.c linux-2.6.38.6/net/mac80211/mlme.c
+--- linux-2.6.38.6/net/mac80211/mlme.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/mac80211/mlme.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1356,6 +1356,8 @@ static bool ieee80211_assoc_success(stru
+ bool have_higher_than_11mbit = false;
+ u16 ap_ht_cap_flags;
+
++ pax_track_stack();
++
+ /* AssocResp and ReassocResp have identical structure */
+
+ aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
diff -urNp linux-2.6.38.6/net/mac80211/pm.c linux-2.6.38.6/net/mac80211/pm.c
--- linux-2.6.38.6/net/mac80211/pm.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/mac80211/pm.c 2011-04-28 19:34:15.000000000 -0400
@@ -65127,9 +67946,21 @@ diff -urNp linux-2.6.38.6/net/mac80211/util.c linux-2.6.38.6/net/mac80211/util.c
/*
* Upon resume hardware can sometimes be goofy due to
* various platform / driver / bus issues, so restarting
+diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_app.c linux-2.6.38.6/net/netfilter/ipvs/ip_vs_app.c
+--- linux-2.6.38.6/net/netfilter/ipvs/ip_vs_app.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/netfilter/ipvs/ip_vs_app.c 2011-05-17 19:31:43.000000000 -0400
+@@ -565,7 +565,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_app_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+ #endif
+
diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c
--- linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c 2011-05-17 19:31:43.000000000 -0400
@@ -553,7 +553,7 @@ ip_vs_bind_dest(struct ip_vs_conn *cp, s
/* Increase the refcnt counter of the dest */
atomic_inc(&dest->refcnt);
@@ -65148,6 +67979,24 @@ diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_conn.c linux-2.6.38.6/net/net
atomic_inc(&ip_vs_conn_count);
if (flags & IP_VS_CONN_F_NO_CPORT)
+@@ -1012,7 +1012,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_conn_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+
+ static const char *ip_vs_origin_name(unsigned flags)
+@@ -1075,7 +1075,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_conn_sync_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release,
++ .release = seq_release_net,
+ };
+
+ #endif
@@ -1102,7 +1102,7 @@ static inline int todrop_entry(struct ip
/* Don't drop the entry if its number of incoming packets is not
@@ -65180,7 +68029,7 @@ diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_core.c linux-2.6.38.6/net/net
if ((cp->state == IP_VS_SCTP_S_ESTABLISHED &&
diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c
--- linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c 2011-05-17 19:31:43.000000000 -0400
@@ -787,7 +787,7 @@ __ip_vs_update_dest(struct ip_vs_service
ip_vs_rs_hash(dest);
write_unlock_bh(&__ip_vs_rs_lock);
@@ -65208,6 +68057,24 @@ diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.38.6/net/netf
atomic_read(&dest->weight),
atomic_read(&dest->activeconns),
atomic_read(&dest->inactconns));
+@@ -1944,7 +1944,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_info_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = seq_release_private,
++ .release = seq_release_net,
+ };
+
+ #endif
+@@ -1993,7 +1993,7 @@ static const struct file_operations ip_v
+ .open = ip_vs_stats_seq_open,
+ .read = seq_read,
+ .llseek = seq_lseek,
+- .release = single_release,
++ .release = single_release_net,
+ };
+
+ #endif
@@ -2315,7 +2315,7 @@ __ip_vs_get_dest_entries(const struct ip
entry.addr = dest->addr.ip;
@@ -65217,7 +68084,16 @@ diff -urNp linux-2.6.38.6/net/netfilter/ipvs/ip_vs_ctl.c linux-2.6.38.6/net/netf
entry.weight = atomic_read(&dest->weight);
entry.u_threshold = dest->u_threshold;
entry.l_threshold = dest->l_threshold;
-@@ -2831,7 +2831,7 @@ static int ip_vs_genl_fill_dest(struct s
+@@ -2376,6 +2376,8 @@ do_ip_vs_get_ctl(struct sock *sk, int cm
+ int ret = 0;
+ unsigned int copylen;
+
++ pax_track_stack();
++
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+
+@@ -2831,7 +2833,7 @@ static int ip_vs_genl_fill_dest(struct s
NLA_PUT_U16(skb, IPVS_DEST_ATTR_PORT, dest->port);
NLA_PUT_U32(skb, IPVS_DEST_ATTR_FWD_METHOD,
@@ -65707,6 +68583,18 @@ diff -urNp linux-2.6.38.6/net/rds/iw.h linux-2.6.38.6/net/rds/iw.h
#else
spinlock_t i_ack_lock; /* protect i_ack_next */
u64 i_ack_next; /* next ACK to send */
+diff -urNp linux-2.6.38.6/net/rds/iw_rdma.c linux-2.6.38.6/net/rds/iw_rdma.c
+--- linux-2.6.38.6/net/rds/iw_rdma.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/rds/iw_rdma.c 2011-05-16 21:47:09.000000000 -0400
+@@ -182,6 +182,8 @@ int rds_iw_update_cm_id(struct rds_iw_de
+ struct rdma_cm_id *pcm_id;
+ int rc;
+
++ pax_track_stack();
++
+ src_addr = (struct sockaddr_in *)&cm_id->route.addr.src_addr;
+ dst_addr = (struct sockaddr_in *)&cm_id->route.addr.dst_addr;
+
diff -urNp linux-2.6.38.6/net/rds/iw_recv.c linux-2.6.38.6/net/rds/iw_recv.c
--- linux-2.6.38.6/net/rds/iw_recv.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/net/rds/iw_recv.c 2011-05-11 18:35:16.000000000 -0400
@@ -65742,7 +68630,7 @@ diff -urNp linux-2.6.38.6/net/rxrpc/af_rxrpc.c linux-2.6.38.6/net/rxrpc/af_rxrpc
atomic_t rxrpc_n_skbs;
diff -urNp linux-2.6.38.6/net/rxrpc/ar-ack.c linux-2.6.38.6/net/rxrpc/ar-ack.c
--- linux-2.6.38.6/net/rxrpc/ar-ack.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/rxrpc/ar-ack.c 2011-04-28 19:57:25.000000000 -0400
++++ linux-2.6.38.6/net/rxrpc/ar-ack.c 2011-05-16 21:47:08.000000000 -0400
@@ -175,7 +175,7 @@ static void rxrpc_resend(struct rxrpc_ca
_enter("{%d,%d,%d,%d},",
@@ -65779,7 +68667,16 @@ diff -urNp linux-2.6.38.6/net/rxrpc/ar-ack.c linux-2.6.38.6/net/rxrpc/ar-ack.c
_proto("Rx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
latest,
-@@ -1163,7 +1163,7 @@ void rxrpc_process_call(struct work_stru
+@@ -844,6 +844,8 @@ void rxrpc_process_call(struct work_stru
+ u32 abort_code = RX_PROTOCOL_ERROR;
+ u8 *acks = NULL;
+
++ pax_track_stack();
++
+ //printk("\n--------------------\n");
+ _enter("{%d,%s,%lx} [%lu]",
+ call->debug_id, rxrpc_call_states[call->state], call->events,
+@@ -1163,7 +1165,7 @@ void rxrpc_process_call(struct work_stru
goto maybe_reschedule;
send_ACK_with_skew:
@@ -65788,7 +68685,7 @@ diff -urNp linux-2.6.38.6/net/rxrpc/ar-ack.c linux-2.6.38.6/net/rxrpc/ar-ack.c
ntohl(ack.serial));
send_ACK:
mtu = call->conn->trans->peer->if_mtu;
-@@ -1175,7 +1175,7 @@ send_ACK:
+@@ -1175,7 +1177,7 @@ send_ACK:
ackinfo.rxMTU = htonl(5692);
ackinfo.jumbo_max = htonl(4);
@@ -65797,7 +68694,7 @@ diff -urNp linux-2.6.38.6/net/rxrpc/ar-ack.c linux-2.6.38.6/net/rxrpc/ar-ack.c
_proto("Tx ACK %%%u { m=%hu f=#%u p=#%u s=%%%u r=%s n=%u }",
ntohl(hdr.serial),
ntohs(ack.maxSkew),
-@@ -1193,7 +1193,7 @@ send_ACK:
+@@ -1193,7 +1195,7 @@ send_ACK:
send_message:
_debug("send message");
@@ -65956,8 +68853,26 @@ diff -urNp linux-2.6.38.6/net/rxrpc/ar-transport.c linux-2.6.38.6/net/rxrpc/ar-t
switch (peer->srx.transport_type) {
diff -urNp linux-2.6.38.6/net/rxrpc/rxkad.c linux-2.6.38.6/net/rxrpc/rxkad.c
--- linux-2.6.38.6/net/rxrpc/rxkad.c 2011-03-14 21:20:32.000000000 -0400
-+++ linux-2.6.38.6/net/rxrpc/rxkad.c 2011-04-28 19:57:25.000000000 -0400
-@@ -610,7 +610,7 @@ static int rxkad_issue_challenge(struct
++++ linux-2.6.38.6/net/rxrpc/rxkad.c 2011-05-16 21:47:08.000000000 -0400
+@@ -211,6 +211,8 @@ static int rxkad_secure_packet_encrypt(c
+ u16 check;
+ int nsg;
+
++ pax_track_stack();
++
+ sp = rxrpc_skb(skb);
+
+ _enter("");
+@@ -338,6 +340,8 @@ static int rxkad_verify_packet_auth(cons
+ u16 check;
+ int nsg;
+
++ pax_track_stack();
++
+ _enter("");
+
+ sp = rxrpc_skb(skb);
+@@ -610,7 +614,7 @@ static int rxkad_issue_challenge(struct
len = iov[0].iov_len + iov[1].iov_len;
@@ -65966,7 +68881,7 @@ diff -urNp linux-2.6.38.6/net/rxrpc/rxkad.c linux-2.6.38.6/net/rxrpc/rxkad.c
_proto("Tx CHALLENGE %%%u", ntohl(hdr.serial));
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 2, len);
-@@ -660,7 +660,7 @@ static int rxkad_send_response(struct rx
+@@ -660,7 +664,7 @@ static int rxkad_send_response(struct rx
len = iov[0].iov_len + iov[1].iov_len + iov[2].iov_len;
@@ -66020,7 +68935,7 @@ diff -urNp linux-2.6.38.6/net/sctp/socket.c linux-2.6.38.6/net/sctp/socket.c
cnt++;
diff -urNp linux-2.6.38.6/net/socket.c linux-2.6.38.6/net/socket.c
--- linux-2.6.38.6/net/socket.c 2011-04-18 17:27:16.000000000 -0400
-+++ linux-2.6.38.6/net/socket.c 2011-04-28 19:34:15.000000000 -0400
++++ linux-2.6.38.6/net/socket.c 2011-05-16 21:47:09.000000000 -0400
@@ -88,6 +88,7 @@
#include <linux/nsproxy.h>
#include <linux/magic.h>
@@ -66171,6 +69086,15 @@ diff -urNp linux-2.6.38.6/net/socket.c linux-2.6.38.6/net/socket.c
err =
security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
if (err)
+@@ -1877,6 +1937,8 @@ SYSCALL_DEFINE3(sendmsg, int, fd, struct
+ int err, ctl_len, iov_size, total_len;
+ int fput_needed;
+
++ pax_track_stack();
++
+ err = -EFAULT;
+ if (MSG_CMSG_COMPAT & flags) {
+ if (get_compat_msghdr(&msg_sys, msg_compat))
diff -urNp linux-2.6.38.6/net/sunrpc/sched.c linux-2.6.38.6/net/sunrpc/sched.c
--- linux-2.6.38.6/net/sunrpc/sched.c 2011-04-18 17:27:14.000000000 -0400
+++ linux-2.6.38.6/net/sunrpc/sched.c 2011-04-28 19:34:15.000000000 -0400
@@ -66582,6 +69506,27 @@ diff -urNp linux-2.6.38.6/net/xfrm/xfrm_policy.c linux-2.6.38.6/net/xfrm/xfrm_po
}
}
+diff -urNp linux-2.6.38.6/net/xfrm/xfrm_user.c linux-2.6.38.6/net/xfrm/xfrm_user.c
+--- linux-2.6.38.6/net/xfrm/xfrm_user.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/net/xfrm/xfrm_user.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1309,6 +1309,8 @@ static int copy_to_user_tmpl(struct xfrm
+ struct xfrm_user_tmpl vec[XFRM_MAX_DEPTH];
+ int i;
+
++ pax_track_stack();
++
+ if (xp->xfrm_nr == 0)
+ return 0;
+
+@@ -1957,6 +1959,8 @@ static int xfrm_do_migrate(struct sk_buf
+ int err;
+ int n = 0;
+
++ pax_track_stack();
++
+ if (attrs[XFRMA_MIGRATE] == NULL)
+ return -EINVAL;
+
diff -urNp linux-2.6.38.6/scripts/basic/fixdep.c linux-2.6.38.6/scripts/basic/fixdep.c
--- linux-2.6.38.6/scripts/basic/fixdep.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/scripts/basic/fixdep.c 2011-04-28 19:34:15.000000000 -0400
@@ -67544,6 +70489,30 @@ diff -urNp linux-2.6.38.6/security/selinux/hooks.c linux-2.6.38.6/security/selin
.name = "selinux",
.ptrace_access_check = selinux_ptrace_access_check,
+diff -urNp linux-2.6.38.6/security/selinux/include/xfrm.h linux-2.6.38.6/security/selinux/include/xfrm.h
+--- linux-2.6.38.6/security/selinux/include/xfrm.h 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/security/selinux/include/xfrm.h 2011-05-18 20:23:44.000000000 -0400
+@@ -48,7 +48,7 @@ int selinux_xfrm_decode_session(struct s
+
+ static inline void selinux_xfrm_notify_policyload(void)
+ {
+- atomic_inc(&flow_cache_genid);
++ atomic_inc_unchecked(&flow_cache_genid);
+ }
+ #else
+ static inline int selinux_xfrm_enabled(void)
+diff -urNp linux-2.6.38.6/security/selinux/ss/services.c linux-2.6.38.6/security/selinux/ss/services.c
+--- linux-2.6.38.6/security/selinux/ss/services.c 2011-03-14 21:20:32.000000000 -0400
++++ linux-2.6.38.6/security/selinux/ss/services.c 2011-05-16 21:47:09.000000000 -0400
+@@ -1769,6 +1769,8 @@ int security_load_policy(void *data, siz
+ int rc = 0;
+ struct policy_file file = { data, len }, *fp = &file;
+
++ pax_track_stack();
++
+ if (!ss_initialized) {
+ avtab_cache_init();
+ rc = policydb_read(&policydb, fp);
diff -urNp linux-2.6.38.6/security/smack/smack_lsm.c linux-2.6.38.6/security/smack/smack_lsm.c
--- linux-2.6.38.6/security/smack/smack_lsm.c 2011-03-14 21:20:32.000000000 -0400
+++ linux-2.6.38.6/security/smack/smack_lsm.c 2011-04-28 19:34:15.000000000 -0400
diff --git a/2.6.38/4422_grsec-mute-warnings.patch b/2.6.38/4422_grsec-mute-warnings.patch
index 765b7b9..dc7c90f 100644
--- a/2.6.38/4422_grsec-mute-warnings.patch
+++ b/2.6.38/4422_grsec-mute-warnings.patch
@@ -1,5 +1,5 @@
From: Anthony G. Basile <blueness@gentoo.org>
-Updated patch for 2.6.32.39.
+Updated patch for 2.6.38.6
The credits/description from the original version of this patch remain accurate
and are included below.
@@ -29,14 +29,14 @@ warning flags of vanilla kernel versions.
Acked-by: Christian Heim <phreak@gentoo.org>
---
---- a/Makefile 2011-04-27 22:52:14.000000000 -0400
-+++ b/Makefile 2011-04-27 23:01:48.000000000 -0400
+--- a/Makefile 2011-05-20 08:12:41.000000000 -0400
++++ b/Makefile 2011-05-20 08:18:18.000000000 -0400
@@ -233,7 +233,7 @@
HOSTCC = gcc
HOSTCXX = g++
--HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
-+HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-missing-field-initializers -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
+-HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
++HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-empty-body -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks
HOSTCXXFLAGS = -O2 -fno-delete-null-pointer-checks
# Decide whether to build built-in, modular, or both.