diff options
| author |   Anthony G. Basile <basile@opensource.dyc.edu> | 2010-07-15 16:34:13 -0400 |
|---|---|---|
| committer | Anthony G. Basile <basile@opensource.dyc.edu> | 2010-07-15 16:34:13 -0400 |
| commit | b36881c9ae94bb23c68da8049eb21d04ebf767d5 (patch) | |
| tree | 4d3e96fadbc453671a30688810f12311c6312dad /2.6.34 | |
| parent | Updated to Grsec/PaX (diff) | |
| download | hardened-patchset-b36881c9ae94bb23c68da8049eb21d04ebf767d5.tar.gz hardened-patchset-b36881c9ae94bb23c68da8049eb21d04ebf767d5.tar.bz2 hardened-patchset-b36881c9ae94bb23c68da8049eb21d04ebf767d5.zip | |
Updated to Grsec/PaX20100714
2.2.0-2.6.34.1-201007141116 for kernel 2.6.34.1
Diffstat (limited to '2.6.34')
| -rw-r--r-- | 2.6.34/0000_README | 2 | ||||
| -rw-r--r-- | 2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007141116.patch (renamed from 2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007112149.patch) | 433 |
2 files changed, 299 insertions, 136 deletions
diff --git a/2.6.34/0000_README b/2.6.34/0000_README index ec40435..2f6fa7d 100644 --- a/2.6.34/0000_README +++ b/2.6.34/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.0-2.6.34.1-201007112149.patch +Patch: 4420_grsecurity-2.2.0-2.6.34.1-201007141116.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007112149.patch b/2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007141116.patch index ff422b2..e3758ba 100644 --- a/2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007112149.patch +++ b/2.6.34/4420_grsecurity-2.2.0-2.6.34.1-201007141116.patch @@ -8047,7 +8047,7 @@ diff -urNp linux-2.6.34.1/arch/x86/include/asm/pgtable.h linux-2.6.34.1/arch/x86 #endif /* __ASSEMBLY__ */ diff -urNp linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h --- linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h 2010-07-09 14:51:52.000000000 -0400 ++++ linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h 2010-07-13 21:34:25.000000000 -0400 @@ -16,12 +16,11 @@ #define _PAGE_BIT_PSE 7 /* 4 MB (or 2MB) page */ #define _PAGE_BIT_PAT 7 /* on 4KB pages */ @@ -8115,7 +8115,43 @@ diff -urNp linux-2.6.34.1/arch/x86/include/asm/pgtable_types.h linux-2.6.34.1/ar #define PGD_IDENT_ATTR 0x001 /* PRESENT (no other attributes) */ #endif -@@ -278,7 +281,6 @@ typedef struct page *pgtable_t; +@@ -202,7 +205,17 @@ static inline pgdval_t pgd_flags(pgd_t p + { + return native_pgd_val(pgd) & PTE_FLAGS_MASK; + } ++#endif + ++#if PAGETABLE_LEVELS == 3 ++#include <asm-generic/pgtable-nopud.h> ++#endif ++ ++#if PAGETABLE_LEVELS == 2 ++#include <asm-generic/pgtable-nopmd.h> ++#endif ++ ++#ifndef __ASSEMBLY__ + #if PAGETABLE_LEVELS > 3 + typedef struct { pudval_t pud; } pud_t; + +@@ -216,8 +229,6 @@ static inline pudval_t native_pud_val(pu + return pud.pud; + } + #else +-#include <asm-generic/pgtable-nopud.h> +- + static inline pudval_t native_pud_val(pud_t pud) + { + return native_pgd_val(pud.pgd); +@@ -237,8 +248,6 @@ static inline pmdval_t native_pmd_val(pm + return pmd.pmd; + } + #else +-#include <asm-generic/pgtable-nopmd.h> +- + static inline pmdval_t native_pmd_val(pmd_t pmd) + { + return native_pgd_val(pmd.pud.pgd); +@@ -278,7 +287,6 @@ typedef struct page *pgtable_t; extern pteval_t __supported_pte_mask; extern void set_nx(void); @@ -9414,8 +9450,18 @@ diff -urNp linux-2.6.34.1/arch/x86/include/asm/xsave.h linux-2.6.34.1/arch/x86/i ".section .fixup,\"ax\"\n" diff -urNp linux-2.6.34.1/arch/x86/Kconfig linux-2.6.34.1/arch/x86/Kconfig --- linux-2.6.34.1/arch/x86/Kconfig 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/Kconfig 2010-07-09 14:51:52.000000000 -0400 -@@ -1123,7 +1123,7 @@ config PAGE_OFFSET ++++ linux-2.6.34.1/arch/x86/Kconfig 2010-07-14 11:15:49.000000000 -0400 +@@ -582,7 +582,8 @@ config PARAVIRT_DEBUG + a paravirt_op is missing when it is called. + + config NO_BOOTMEM +- default y ++ default n ++ depends on BROKEN + bool "Disable Bootmem code" + ---help--- + Use early_res directly instead of bootmem before slab is ready. +@@ -1123,7 +1124,7 @@ config PAGE_OFFSET hex default 0xB0000000 if VMSPLIT_3G_OPT default 0x80000000 if VMSPLIT_2G @@ -9424,7 +9470,7 @@ diff -urNp linux-2.6.34.1/arch/x86/Kconfig linux-2.6.34.1/arch/x86/Kconfig default 0x40000000 if VMSPLIT_1G default 0xC0000000 depends on X86_32 -@@ -1457,7 +1457,7 @@ config ARCH_USES_PG_UNCACHED +@@ -1457,7 +1458,7 @@ config ARCH_USES_PG_UNCACHED config EFI bool "EFI runtime service support" @@ -9433,7 +9479,7 @@ diff -urNp linux-2.6.34.1/arch/x86/Kconfig linux-2.6.34.1/arch/x86/Kconfig ---help--- This enables the kernel to use EFI runtime services that are available (such as the EFI variable services). -@@ -1544,6 +1544,7 @@ config KEXEC_JUMP +@@ -1544,6 +1545,7 @@ config KEXEC_JUMP config PHYSICAL_START hex "Physical address where the kernel is loaded" if (EMBEDDED || CRASH_DUMP) default "0x1000000" @@ -9441,7 +9487,7 @@ diff -urNp linux-2.6.34.1/arch/x86/Kconfig linux-2.6.34.1/arch/x86/Kconfig ---help--- This gives the physical address where the kernel is loaded. -@@ -1608,6 +1609,7 @@ config PHYSICAL_ALIGN +@@ -1608,6 +1610,7 @@ config PHYSICAL_ALIGN hex prompt "Alignment value to which kernel should be aligned" if X86_32 default "0x1000000" @@ -9449,7 +9495,7 @@ diff -urNp linux-2.6.34.1/arch/x86/Kconfig linux-2.6.34.1/arch/x86/Kconfig range 0x2000 0x1000000 ---help--- This value puts the alignment restrictions on physical address -@@ -1639,9 +1641,10 @@ config HOTPLUG_CPU +@@ -1639,9 +1642,10 @@ config HOTPLUG_CPU Say N if you want to disable CPU hotplug. config COMPAT_VDSO @@ -14132,22 +14178,13 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmi_32.c linux-2.6.34.1/arch/x86/kerne local_irq_save(flags); diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S --- linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S 2010-07-10 08:25:32.000000000 -0400 -@@ -26,6 +26,22 @@ ++++ linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S 2010-07-13 21:19:47.000000000 -0400 +@@ -26,6 +26,13 @@ #include <asm/page_types.h> #include <asm/cache.h> #include <asm/boot.h> +#include <asm/segment.h> + -+#undef PMD_SIZE -+#undef PMD_SHIFT -+#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE) -+#define PMD_SHIFT 21 -+#else -+#define PMD_SHIFT 22 -+#endif -+#define PMD_SIZE (1 << PMD_SHIFT) -+ +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC) +#define __KERNEL_TEXT_OFFSET (LOAD_OFFSET + ____LOAD_PHYSICAL_ADDR) +#else @@ -14156,7 +14193,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ #undef i386 /* in case the preprocessor is a 32bit one */ -@@ -34,13 +50,13 @@ OUTPUT_FORMAT(CONFIG_OUTPUT_FORMAT, CONF +@@ -34,13 +41,13 @@ OUTPUT_FORMAT(CONFIG_OUTPUT_FORMAT, CONF #ifdef CONFIG_X86_32 OUTPUT_ARCH(i386) ENTRY(phys_startup_32) @@ -14172,7 +14209,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ #if defined(CONFIG_X86_64) && defined(CONFIG_DEBUG_RODATA) /* * On 64-bit, align RODATA to 2MB so that even with CONFIG_DEBUG_RODATA -@@ -69,31 +85,46 @@ jiffies_64 = jiffies; +@@ -69,31 +76,46 @@ jiffies_64 = jiffies; PHDRS { text PT_LOAD FLAGS(5); /* R_E */ @@ -14227,7 +14264,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ HEAD_TEXT #ifdef CONFIG_X86_32 . = ALIGN(PAGE_SIZE); -@@ -108,13 +139,50 @@ SECTIONS +@@ -108,13 +130,50 @@ SECTIONS IRQENTRY_TEXT *(.fixup) *(.gnu.warning) @@ -14237,8 +14274,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ - NOTES :text :note + . += __KERNEL_TEXT_OFFSET; - -- EXCEPTION_TABLE(16) :text = 0x9090 ++ +#ifdef CONFIG_X86_32 + . = ALIGN(PAGE_SIZE); + .vmi.rom : AT(ADDR(.vmi.rom) - LOAD_OFFSET) { @@ -14277,12 +14313,13 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ + + . = ALIGN(PAGE_SIZE); + NOTES :rodata :note -+ + +- EXCEPTION_TABLE(16) :text = 0x9090 + EXCEPTION_TABLE(16) :rodata X64_ALIGN_DEBUG_RODATA_BEGIN RO_DATA(PAGE_SIZE) -@@ -122,16 +190,20 @@ SECTIONS +@@ -122,16 +181,20 @@ SECTIONS /* Data */ .data : AT(ADDR(.data) - LOAD_OFFSET) { @@ -14306,7 +14343,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ PAGE_ALIGNED_DATA(PAGE_SIZE) -@@ -194,12 +266,6 @@ SECTIONS +@@ -194,12 +257,6 @@ SECTIONS } vgetcpu_mode = VVIRT(.vgetcpu_mode); @@ -14319,7 +14356,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ .vsyscall_3 ADDR(.vsyscall_0) + 3072: AT(VLOAD(.vsyscall_3)) { *(.vsyscall_3) } -@@ -215,12 +281,19 @@ SECTIONS +@@ -215,12 +272,19 @@ SECTIONS #endif /* CONFIG_X86_64 */ /* Init code and data - will be freed after init */ @@ -14342,7 +14379,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ /* * percpu offsets are zero-based on SMP. PERCPU_VADDR() changes the * output PHDR, so the next output section - .init.text - should -@@ -229,12 +302,27 @@ SECTIONS +@@ -229,12 +293,27 @@ SECTIONS PERCPU_VADDR(0, :percpu) #endif @@ -14358,8 +14395,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ + VMLINUX_SYMBOL(_einittext) = .; + . = ALIGN(PAGE_SIZE); + } :text.init - -- INIT_DATA_SECTION(16) ++ + /* + * .exit.text is discard at runtime, not link time, to deal with + * references from .altinstructions and .eh_frame @@ -14369,13 +14405,14 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ + . = ALIGN(16); + } :text.exit + . = init_begin + SIZEOF(.init.text) + SIZEOF(.exit.text); -+ + +- INIT_DATA_SECTION(16) + . = ALIGN(PAGE_SIZE); + INIT_DATA_SECTION(16) :init .x86_cpu_dev.init : AT(ADDR(.x86_cpu_dev.init) - LOAD_OFFSET) { __x86_cpu_dev_start = .; -@@ -260,19 +348,11 @@ SECTIONS +@@ -260,19 +339,11 @@ SECTIONS *(.altinstr_replacement) } @@ -14396,7 +14433,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ PERCPU(PAGE_SIZE) #endif -@@ -291,16 +371,10 @@ SECTIONS +@@ -291,16 +362,10 @@ SECTIONS .smp_locks : AT(ADDR(.smp_locks) - LOAD_OFFSET) { __smp_locks = .; *(.smp_locks) @@ -14414,7 +14451,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ /* BSS */ . = ALIGN(PAGE_SIZE); .bss : AT(ADDR(.bss) - LOAD_OFFSET) { -@@ -316,6 +390,7 @@ SECTIONS +@@ -316,6 +381,7 @@ SECTIONS __brk_base = .; . += 64 * 1024; /* 64k alignment slop space */ *(.brk_reservation) /* areas brk users have reserved */ @@ -14422,7 +14459,7 @@ diff -urNp linux-2.6.34.1/arch/x86/kernel/vmlinux.lds.S linux-2.6.34.1/arch/x86/ __brk_limit = .; } -@@ -342,13 +417,12 @@ SECTIONS +@@ -342,13 +408,12 @@ SECTIONS * for the boot processor. */ #define INIT_PER_CPU(x) init_per_cpu__##x = x + __per_cpu_load @@ -15610,7 +15647,7 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/mmx_32.c linux-2.6.34.1/arch/x86/lib/mmx_ to += 64; diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/putuser.S --- linux-2.6.34.1/arch/x86/lib/putuser.S 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/lib/putuser.S 2010-07-09 14:51:52.000000000 -0400 ++++ linux-2.6.34.1/arch/x86/lib/putuser.S 2010-07-13 21:19:01.000000000 -0400 @@ -15,7 +15,8 @@ #include <asm/thread_info.h> #include <asm/errno.h> @@ -15621,7 +15658,7 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put /* * __put_user_X -@@ -29,59 +30,156 @@ +@@ -29,59 +30,162 @@ * as they get called from within inline assembly. */ @@ -15631,6 +15668,12 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put #define EXIT ret ; \ CFI_ENDPROC ++#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) ++#define _DEST %_ASM_CX,%_ASM_BX ++#else ++#define _DEST %_ASM_CX ++#endif ++ .text ENTRY(__put_user_1) ENTER @@ -15642,18 +15685,19 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put + GET_THREAD_INFO(%_ASM_BX) cmp TI_addr_limit(%_ASM_BX),%_ASM_CX jae bad_put_user +-1: movb %al,(%_ASM_CX) + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + mov $PAX_USER_SHADOW_BASE,%_ASM_BX + cmp %_ASM_BX,%_ASM_CX -+ jae 1234f -+ add %_ASM_BX,%_ASM_CX ++ jb 1234f ++ xor %ebx,%ebx +1234: +#endif + +#endif + - 1: movb %al,(%_ASM_CX) ++1: movb %al,(_DEST) + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) + pushl %ss @@ -15676,18 +15720,19 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put sub $1,%_ASM_BX cmp %_ASM_BX,%_ASM_CX jae bad_put_user +-2: movw %ax,(%_ASM_CX) + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + mov $PAX_USER_SHADOW_BASE,%_ASM_BX + cmp %_ASM_BX,%_ASM_CX -+ jae 1234f -+ add %_ASM_BX,%_ASM_CX ++ jb 1234f ++ xor %ebx,%ebx +1234: +#endif + +#endif + - 2: movw %ax,(%_ASM_CX) ++2: movw %ax,(_DEST) + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) + pushl %ss @@ -15710,18 +15755,19 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put sub $3,%_ASM_BX cmp %_ASM_BX,%_ASM_CX jae bad_put_user +-3: movl %eax,(%_ASM_CX) + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + mov $PAX_USER_SHADOW_BASE,%_ASM_BX + cmp %_ASM_BX,%_ASM_CX -+ jae 1234f -+ add %_ASM_BX,%_ASM_CX ++ jb 1234f ++ xor %ebx,%ebx +1234: +#endif + +#endif + - 3: movl %eax,(%_ASM_CX) ++3: movl %eax,(_DEST) + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) + pushl %ss @@ -15744,20 +15790,22 @@ diff -urNp linux-2.6.34.1/arch/x86/lib/putuser.S linux-2.6.34.1/arch/x86/lib/put sub $7,%_ASM_BX cmp %_ASM_BX,%_ASM_CX jae bad_put_user +-4: mov %_ASM_AX,(%_ASM_CX) + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + mov $PAX_USER_SHADOW_BASE,%_ASM_BX + cmp %_ASM_BX,%_ASM_CX -+ jae 1234f -+ add %_ASM_BX,%_ASM_CX ++ jb 1234f ++ xor %ebx,%ebx +1234: +#endif + +#endif + - 4: mov %_ASM_AX,(%_ASM_CX) ++4: mov %_ASM_AX,(_DEST) #ifdef CONFIG_X86_32 - 5: movl %edx,4(%_ASM_CX) +-5: movl %edx,4(%_ASM_CX) ++5: movl %edx,4(_DEST) #endif + +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) @@ -18039,7 +18087,7 @@ diff -urNp linux-2.6.34.1/arch/x86/mm/init_32.c linux-2.6.34.1/arch/x86/mm/init_ size >> 10); diff -urNp linux-2.6.34.1/arch/x86/mm/init_64.c linux-2.6.34.1/arch/x86/mm/init_64.c --- linux-2.6.34.1/arch/x86/mm/init_64.c 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/mm/init_64.c 2010-07-09 14:51:52.000000000 -0400 ++++ linux-2.6.34.1/arch/x86/mm/init_64.c 2010-07-13 22:23:37.000000000 -0400 @@ -50,7 +50,6 @@ #include <asm/numa.h> #include <asm/cacheflush.h> @@ -18500,7 +18548,7 @@ diff -urNp linux-2.6.34.1/arch/x86/mm/pageattr-test.c linux-2.6.34.1/arch/x86/mm struct split_state { diff -urNp linux-2.6.34.1/arch/x86/mm/pat.c linux-2.6.34.1/arch/x86/mm/pat.c --- linux-2.6.34.1/arch/x86/mm/pat.c 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/arch/x86/mm/pat.c 2010-07-09 14:51:52.000000000 -0400 ++++ linux-2.6.34.1/arch/x86/mm/pat.c 2010-07-13 21:19:01.000000000 -0400 @@ -259,7 +259,7 @@ chk_conflict(struct memtype *new, struct conflict: @@ -18519,6 +18567,17 @@ diff -urNp linux-2.6.34.1/arch/x86/mm/pat.c linux-2.6.34.1/arch/x86/mm/pat.c } dprintk("free_memtype request 0x%Lx-0x%Lx\n", start, end); +@@ -685,8 +685,8 @@ static inline int range_is_allowed(unsig + while (cursor < to) { + if (!devmem_is_allowed(pfn)) { + printk(KERN_INFO +- "Program %s tried to access /dev/mem between %Lx->%Lx.\n", +- current->comm, from, to); ++ "Program %s tried to access /dev/mem between %Lx->%Lx (%Lx).\n", ++ current->comm, from, to, cursor); + return 0; + } + cursor += PAGE_SIZE; @@ -750,7 +750,7 @@ int kernel_map_sync_memtype(u64 base, un printk(KERN_INFO "%s:%d ioremap_change_attr failed %s " @@ -19854,7 +19913,7 @@ diff -urNp linux-2.6.34.1/crypto/lrw.c linux-2.6.34.1/crypto/lrw.c crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK); diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/dontdiff --- linux-2.6.34.1/Documentation/dontdiff 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/Documentation/dontdiff 2010-07-09 14:51:52.000000000 -0400 ++++ linux-2.6.34.1/Documentation/dontdiff 2010-07-13 21:18:55.000000000 -0400 @@ -3,6 +3,7 @@ *.bin *.cpio @@ -19863,15 +19922,18 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do *.dsp *.dvi *.elf -@@ -40,6 +41,7 @@ +@@ -38,8 +39,10 @@ + *.tab.h + *.tex *.ver ++*.vim *.xml *_MODULES +*_reg_safe.h *_vga16.c *~ *.9 -@@ -49,11 +51,16 @@ +@@ -49,11 +52,16 @@ 53c700_d.h CVS ChangeSet @@ -19888,7 +19950,7 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do SCCS System.map* TAGS -@@ -76,7 +83,10 @@ btfixupprep +@@ -76,7 +84,10 @@ btfixupprep build bvmlinux bzImage* @@ -19899,7 +19961,7 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do comp*.log compile.h* conf -@@ -106,13 +116,15 @@ generated +@@ -106,13 +117,15 @@ generated genheaders genksyms *_gray256.c @@ -19916,7 +19978,7 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do keywords.c ksym.c* ksym.h* -@@ -136,10 +148,13 @@ mkboot +@@ -136,10 +149,13 @@ mkboot mkbugboot mkcpustr mkdep @@ -19930,7 +19992,7 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do modules.order modversions.h* ncscope.* -@@ -152,6 +167,7 @@ patches* +@@ -152,6 +168,7 @@ patches* pca200e.bin pca200e_ecd.bin2 piggy.gz @@ -19938,7 +20000,14 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do piggyback pnmtologo ppc_defs.h* -@@ -166,6 +182,7 @@ setup +@@ -160,12 +177,14 @@ qconf + raid6altivec*.c + raid6int*.c + raid6tables.c ++regdb.c + relocs + series + setup setup.bin setup.elf sImage @@ -19946,7 +20015,7 @@ diff -urNp linux-2.6.34.1/Documentation/dontdiff linux-2.6.34.1/Documentation/do sm_tbl* split-include syscalltab.h -@@ -189,14 +206,20 @@ version.h* +@@ -189,14 +208,20 @@ version.h* vmlinux vmlinux-* vmlinux.aout @@ -27465,6 +27534,18 @@ diff -urNp linux-2.6.34.1/drivers/uwb/wlp/messages.c linux-2.6.34.1/drivers/uwb/ enum wlp_assc_error assc_err; char enonce_buf[WLP_WSS_NONCE_STRSIZE]; char rnonce_buf[WLP_WSS_NONCE_STRSIZE]; +diff -urNp linux-2.6.34.1/drivers/vhost/vhost.c linux-2.6.34.1/drivers/vhost/vhost.c +--- linux-2.6.34.1/drivers/vhost/vhost.c 2010-07-05 14:24:10.000000000 -0400 ++++ linux-2.6.34.1/drivers/vhost/vhost.c 2010-07-13 21:19:01.000000000 -0400 +@@ -358,7 +358,7 @@ static int init_used(struct vhost_virtqu + return get_user(vq->last_used_idx, &used->idx); + } + +-static long vhost_set_vring(struct vhost_dev *d, int ioctl, void __user *argp) ++static long vhost_set_vring(struct vhost_dev *d, unsigned int ioctl, void __user *argp) + { + struct file *eventfp, *filep = NULL, + *pollstart = NULL, *pollstop = NULL; diff -urNp linux-2.6.34.1/drivers/video/atmel_lcdfb.c linux-2.6.34.1/drivers/video/atmel_lcdfb.c --- linux-2.6.34.1/drivers/video/atmel_lcdfb.c 2010-07-05 14:24:10.000000000 -0400 +++ linux-2.6.34.1/drivers/video/atmel_lcdfb.c 2010-07-09 14:51:53.000000000 -0400 @@ -42906,6 +42987,78 @@ diff -urNp linux-2.6.34.1/include/asm-generic/pgtable.h linux-2.6.34.1/include/a #endif /* !__ASSEMBLY__ */ #endif /* _ASM_GENERIC_PGTABLE_H */ +diff -urNp linux-2.6.34.1/include/asm-generic/pgtable-nopmd.h linux-2.6.34.1/include/asm-generic/pgtable-nopmd.h +--- linux-2.6.34.1/include/asm-generic/pgtable-nopmd.h 2010-07-05 14:24:10.000000000 -0400 ++++ linux-2.6.34.1/include/asm-generic/pgtable-nopmd.h 2010-07-13 21:19:01.000000000 -0400 +@@ -1,14 +1,19 @@ + #ifndef _PGTABLE_NOPMD_H + #define _PGTABLE_NOPMD_H + +-#ifndef __ASSEMBLY__ +- + #include <asm-generic/pgtable-nopud.h> + +-struct mm_struct; +- + #define __PAGETABLE_PMD_FOLDED + ++#define PMD_SHIFT PUD_SHIFT ++#define PTRS_PER_PMD 1 ++#define PMD_SIZE (_AC(1,UL) << PMD_SHIFT) ++#define PMD_MASK (~(PMD_SIZE-1)) ++ ++#ifndef __ASSEMBLY__ ++ ++struct mm_struct; ++ + /* + * Having the pmd type consist of a pud gets the size right, and allows + * us to conceptually access the pud entry that this pmd is folded into +@@ -16,11 +21,6 @@ struct mm_struct; + */ + typedef struct { pud_t pud; } pmd_t; + +-#define PMD_SHIFT PUD_SHIFT +-#define PTRS_PER_PMD 1 +-#define PMD_SIZE (1UL << PMD_SHIFT) +-#define PMD_MASK (~(PMD_SIZE-1)) +- + /* + * The "pud_xxx()" functions here are trivial for a folded two-level + * setup: the pmd is never bad, and a pmd always exists (as it's folded +diff -urNp linux-2.6.34.1/include/asm-generic/pgtable-nopud.h linux-2.6.34.1/include/asm-generic/pgtable-nopud.h +--- linux-2.6.34.1/include/asm-generic/pgtable-nopud.h 2010-07-05 14:24:10.000000000 -0400 ++++ linux-2.6.34.1/include/asm-generic/pgtable-nopud.h 2010-07-13 21:19:01.000000000 -0400 +@@ -1,10 +1,15 @@ + #ifndef _PGTABLE_NOPUD_H + #define _PGTABLE_NOPUD_H + +-#ifndef __ASSEMBLY__ +- + #define __PAGETABLE_PUD_FOLDED + ++#define PUD_SHIFT PGDIR_SHIFT ++#define PTRS_PER_PUD 1 ++#define PUD_SIZE (_AC(1,UL) << PUD_SHIFT) ++#define PUD_MASK (~(PUD_SIZE-1)) ++ ++#ifndef __ASSEMBLY__ ++ + /* + * Having the pud type consist of a pgd gets the size right, and allows + * us to conceptually access the pgd entry that this pud is folded into +@@ -12,11 +17,6 @@ + */ + typedef struct { pgd_t pgd; } pud_t; + +-#define PUD_SHIFT PGDIR_SHIFT +-#define PTRS_PER_PUD 1 +-#define PUD_SIZE (1UL << PUD_SHIFT) +-#define PUD_MASK (~(PUD_SIZE-1)) +- + /* + * The "pgd_xxx()" functions here are trivial for a folded two-level + * setup: the pud is never bad, and a pud always exists (as it's folded diff -urNp linux-2.6.34.1/include/asm-generic/vmlinux.lds.h linux-2.6.34.1/include/asm-generic/vmlinux.lds.h --- linux-2.6.34.1/include/asm-generic/vmlinux.lds.h 2010-07-05 14:24:10.000000000 -0400 +++ linux-2.6.34.1/include/asm-generic/vmlinux.lds.h 2010-07-09 14:51:53.000000000 -0400 @@ -49886,7 +50039,7 @@ diff -urNp linux-2.6.34.1/mm/mlock.c linux-2.6.34.1/mm/mlock.c ret = do_mlockall(flags); diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c --- linux-2.6.34.1/mm/mmap.c 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/mm/mmap.c 2010-07-09 14:51:54.000000000 -0400 ++++ linux-2.6.34.1/mm/mmap.c 2010-07-13 21:19:01.000000000 -0400 @@ -44,6 +44,16 @@ #define arch_rebalance_pgtables(addr, len) (addr) #endif @@ -50102,22 +50255,18 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (addr & ~PAGE_MASK) return addr; -@@ -993,6 +1069,26 @@ unsigned long do_mmap_pgoff(struct file +@@ -993,6 +1069,22 @@ unsigned long do_mmap_pgoff(struct file vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; -+#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) -+ if (mm->pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { -+ +#ifdef CONFIG_PAX_MPROTECT -+ if (mm->pax_flags & MF_PAX_MPROTECT) { -+ if ((prot & (PROT_WRITE | PROT_EXEC)) != PROT_EXEC) -+ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); -+ else -+ vm_flags &= ~(VM_WRITE | VM_MAYWRITE); -+ } -+#endif -+ ++ if (mm->pax_flags & MF_PAX_MPROTECT) { ++ if ((prot & (PROT_WRITE | PROT_EXEC)) == (PROT_WRITE | PROT_EXEC)) ++ return -EPERM; ++ if (!(prot & PROT_EXEC)) ++ vm_flags &= ~VM_MAYEXEC; ++ else ++ vm_flags &= ~VM_MAYWRITE; + } +#endif + @@ -50129,7 +50278,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (flags & MAP_LOCKED) if (!can_do_mlock()) return -EPERM; -@@ -1004,6 +1100,7 @@ unsigned long do_mmap_pgoff(struct file +@@ -1004,6 +1096,7 @@ unsigned long do_mmap_pgoff(struct file locked += mm->locked_vm; lock_limit = rlimit(RLIMIT_MEMLOCK); lock_limit >>= PAGE_SHIFT; @@ -50137,7 +50286,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (locked > lock_limit && !capable(CAP_IPC_LOCK)) return -EAGAIN; } -@@ -1074,6 +1171,9 @@ unsigned long do_mmap_pgoff(struct file +@@ -1074,6 +1167,9 @@ unsigned long do_mmap_pgoff(struct file if (error) return error; @@ -50147,7 +50296,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return mmap_region(file, addr, len, flags, vm_flags, pgoff); } EXPORT_SYMBOL(do_mmap_pgoff); -@@ -1150,10 +1250,10 @@ SYSCALL_DEFINE1(old_mmap, struct mmap_ar +@@ -1150,10 +1246,10 @@ SYSCALL_DEFINE1(old_mmap, struct mmap_ar */ int vma_wants_writenotify(struct vm_area_struct *vma) { @@ -50160,7 +50309,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return 0; /* The backer wishes to know when pages are first written to? */ -@@ -1202,14 +1302,24 @@ unsigned long mmap_region(struct file *f +@@ -1202,14 +1298,24 @@ unsigned long mmap_region(struct file *f unsigned long charged = 0; struct inode *inode = file ? file->f_path.dentry->d_inode : NULL; @@ -50187,7 +50336,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c } /* Check against address space limit. */ -@@ -1258,6 +1368,16 @@ munmap_back: +@@ -1258,6 +1364,16 @@ munmap_back: goto unacct_error; } @@ -50204,7 +50353,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c vma->vm_mm = mm; vma->vm_start = addr; vma->vm_end = addr + len; -@@ -1281,6 +1401,19 @@ munmap_back: +@@ -1281,6 +1397,19 @@ munmap_back: error = file->f_op->mmap(file, vma); if (error) goto unmap_and_free_vma; @@ -50224,7 +50373,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (vm_flags & VM_EXECUTABLE) added_exe_file_vma(mm); -@@ -1316,6 +1449,11 @@ munmap_back: +@@ -1316,6 +1445,11 @@ munmap_back: vma_link(mm, vma, prev, rb_link, rb_parent); file = vma->vm_file; @@ -50236,7 +50385,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* Once vma denies write, undo our temporary denial count */ if (correct_wcount) atomic_inc(&inode->i_writecount); -@@ -1324,6 +1462,7 @@ out: +@@ -1324,6 +1458,7 @@ out: mm->total_vm += len >> PAGE_SHIFT; vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); @@ -50244,7 +50393,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (vm_flags & VM_LOCKED) { if (!mlock_vma_pages_range(vma, addr, addr + len)) mm->locked_vm += (len >> PAGE_SHIFT); -@@ -1341,6 +1480,12 @@ unmap_and_free_vma: +@@ -1341,6 +1476,12 @@ unmap_and_free_vma: unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); charged = 0; free_vma: @@ -50257,7 +50406,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c kmem_cache_free(vm_area_cachep, vma); unacct_error: if (charged) -@@ -1374,6 +1519,10 @@ arch_get_unmapped_area(struct file *filp +@@ -1374,6 +1515,10 @@ arch_get_unmapped_area(struct file *filp if (flags & MAP_FIXED) return addr; @@ -50268,7 +50417,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (addr) { addr = PAGE_ALIGN(addr); vma = find_vma(mm, addr); -@@ -1382,10 +1531,10 @@ arch_get_unmapped_area(struct file *filp +@@ -1382,10 +1527,10 @@ arch_get_unmapped_area(struct file *filp return addr; } if (len > mm->cached_hole_size) { @@ -50282,7 +50431,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c } full_search: -@@ -1396,9 +1545,8 @@ full_search: +@@ -1396,9 +1541,8 @@ full_search: * Start a new search - just in case we missed * some holes. */ @@ -50294,7 +50443,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c mm->cached_hole_size = 0; goto full_search; } -@@ -1420,10 +1568,16 @@ full_search: +@@ -1420,10 +1564,16 @@ full_search: void arch_unmap_area(struct mm_struct *mm, unsigned long addr) { @@ -50312,7 +50461,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c mm->free_area_cache = addr; mm->cached_hole_size = ~0UL; } -@@ -1441,7 +1595,7 @@ arch_get_unmapped_area_topdown(struct fi +@@ -1441,7 +1591,7 @@ arch_get_unmapped_area_topdown(struct fi { struct vm_area_struct *vma; struct mm_struct *mm = current->mm; @@ -50321,7 +50470,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* requested length too big for entire address space */ if (len > TASK_SIZE) -@@ -1450,6 +1604,10 @@ arch_get_unmapped_area_topdown(struct fi +@@ -1450,6 +1600,10 @@ arch_get_unmapped_area_topdown(struct fi if (flags & MAP_FIXED) return addr; @@ -50332,7 +50481,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* requesting a specific address */ if (addr) { addr = PAGE_ALIGN(addr); -@@ -1507,13 +1665,21 @@ bottomup: +@@ -1507,13 +1661,21 @@ bottomup: * can happen with large stack limits and large mmap() * allocations. */ @@ -50356,7 +50505,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c mm->cached_hole_size = ~0UL; return addr; -@@ -1522,6 +1688,12 @@ bottomup: +@@ -1522,6 +1684,12 @@ bottomup: void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) { @@ -50369,7 +50518,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * Is this a new hole at the highest possible address? */ -@@ -1529,8 +1701,10 @@ void arch_unmap_area_topdown(struct mm_s +@@ -1529,8 +1697,10 @@ void arch_unmap_area_topdown(struct mm_s mm->free_area_cache = addr; /* dont allow allocations above current base */ @@ -50381,7 +50530,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c } unsigned long -@@ -1638,6 +1812,27 @@ out: +@@ -1638,6 +1808,27 @@ out: return prev ? prev->vm_next : vma; } @@ -50409,7 +50558,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * Verify that the stack growth is acceptable and * update accounting. This is shared with both the -@@ -1654,6 +1849,7 @@ static int acct_stack_growth(struct vm_a +@@ -1654,6 +1845,7 @@ static int acct_stack_growth(struct vm_a return -ENOMEM; /* Stack limit test */ @@ -50417,7 +50566,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) return -ENOMEM; -@@ -1664,6 +1860,7 @@ static int acct_stack_growth(struct vm_a +@@ -1664,6 +1856,7 @@ static int acct_stack_growth(struct vm_a locked = mm->locked_vm + grow; limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); limit >>= PAGE_SHIFT; @@ -50425,7 +50574,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (locked > limit && !capable(CAP_IPC_LOCK)) return -ENOMEM; } -@@ -1699,35 +1896,40 @@ static +@@ -1699,35 +1892,40 @@ static #endif int expand_upwards(struct vm_area_struct *vma, unsigned long address) { @@ -50476,7 +50625,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c unsigned long size, grow; size = address - vma->vm_start; -@@ -1737,6 +1939,8 @@ int expand_upwards(struct vm_area_struct +@@ -1737,6 +1935,8 @@ int expand_upwards(struct vm_area_struct if (!error) vma->vm_end = address; } @@ -50485,7 +50634,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c anon_vma_unlock(vma); return error; } -@@ -1748,7 +1952,8 @@ int expand_upwards(struct vm_area_struct +@@ -1748,7 +1948,8 @@ int expand_upwards(struct vm_area_struct static int expand_downwards(struct vm_area_struct *vma, unsigned long address) { @@ -50495,7 +50644,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * We must make sure the anon_vma is allocated -@@ -1762,6 +1967,15 @@ static int expand_downwards(struct vm_ar +@@ -1762,6 +1963,15 @@ static int expand_downwards(struct vm_ar if (error) return error; @@ -50511,7 +50660,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c anon_vma_lock(vma); /* -@@ -1771,9 +1985,15 @@ static int expand_downwards(struct vm_ar +@@ -1771,9 +1981,15 @@ static int expand_downwards(struct vm_ar */ /* Somebody else might have raced and expanded it already */ @@ -50528,7 +50677,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c size = vma->vm_end - address; grow = (vma->vm_start - address) >> PAGE_SHIFT; -@@ -1781,9 +2001,20 @@ static int expand_downwards(struct vm_ar +@@ -1781,9 +1997,20 @@ static int expand_downwards(struct vm_ar if (!error) { vma->vm_start = address; vma->vm_pgoff -= grow; @@ -50549,7 +50698,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return error; } -@@ -1857,6 +2088,13 @@ static void remove_vma_list(struct mm_st +@@ -1857,6 +2084,13 @@ static void remove_vma_list(struct mm_st do { long nrpages = vma_pages(vma); @@ -50563,7 +50712,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c mm->total_vm -= nrpages; vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); vma = remove_vma(vma); -@@ -1901,6 +2139,16 @@ detach_vmas_to_be_unmapped(struct mm_str +@@ -1901,6 +2135,16 @@ detach_vmas_to_be_unmapped(struct mm_str insertion_point = (prev ? &prev->vm_next : &mm->mmap); do { @@ -50580,7 +50729,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c rb_erase(&vma->vm_rb, &mm->mm_rb); mm->map_count--; tail_vma = vma; -@@ -1927,14 +2175,33 @@ static int __split_vma(struct mm_struct +@@ -1927,14 +2171,33 @@ static int __split_vma(struct mm_struct struct vm_area_struct *new; int err = -ENOMEM; @@ -50614,7 +50763,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* most fields are the same, copy all, and then fixup */ *new = *vma; -@@ -1947,6 +2214,22 @@ static int __split_vma(struct mm_struct +@@ -1947,6 +2210,22 @@ static int __split_vma(struct mm_struct new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); } @@ -50637,7 +50786,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c pol = mpol_dup(vma_policy(vma)); if (IS_ERR(pol)) { err = PTR_ERR(pol); -@@ -1972,6 +2255,42 @@ static int __split_vma(struct mm_struct +@@ -1972,6 +2251,42 @@ static int __split_vma(struct mm_struct else err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); @@ -50680,7 +50829,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* Success. */ if (!err) return 0; -@@ -1987,6 +2306,15 @@ static int __split_vma(struct mm_struct +@@ -1987,6 +2302,15 @@ static int __split_vma(struct mm_struct out_free_mpol: mpol_put(pol); out_free_vma: @@ -50696,7 +50845,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c kmem_cache_free(vm_area_cachep, new); out_err: return err; -@@ -1999,6 +2327,15 @@ static int __split_vma(struct mm_struct +@@ -1999,6 +2323,15 @@ static int __split_vma(struct mm_struct int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, unsigned long addr, int new_below) { @@ -50712,7 +50861,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (mm->map_count >= sysctl_max_map_count) return -ENOMEM; -@@ -2010,11 +2347,30 @@ int split_vma(struct mm_struct *mm, stru +@@ -2010,11 +2343,30 @@ int split_vma(struct mm_struct *mm, stru * work. This now handles partial unmappings. * Jeremy Fitzhardinge <jeremy@goop.org> */ @@ -50743,7 +50892,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) return -EINVAL; -@@ -2088,6 +2444,8 @@ int do_munmap(struct mm_struct *mm, unsi +@@ -2088,6 +2440,8 @@ int do_munmap(struct mm_struct *mm, unsi /* Fix up all other VM information */ remove_vma_list(mm, vma); @@ -50752,7 +50901,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return 0; } -@@ -2100,22 +2458,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a +@@ -2100,22 +2454,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a profile_munmap(addr); @@ -50781,7 +50930,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * this is really a simplified "do_mmap". it only handles * anonymous maps. eventually we may be able to do some -@@ -2129,6 +2483,7 @@ unsigned long do_brk(unsigned long addr, +@@ -2129,6 +2479,7 @@ unsigned long do_brk(unsigned long addr, struct rb_node ** rb_link, * rb_parent; pgoff_t pgoff = addr >> PAGE_SHIFT; int error; @@ -50789,7 +50938,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c len = PAGE_ALIGN(len); if (!len) -@@ -2140,16 +2495,30 @@ unsigned long do_brk(unsigned long addr, +@@ -2140,16 +2491,30 @@ unsigned long do_brk(unsigned long addr, flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; @@ -50821,7 +50970,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c locked += mm->locked_vm; lock_limit = rlimit(RLIMIT_MEMLOCK); lock_limit >>= PAGE_SHIFT; -@@ -2166,22 +2535,22 @@ unsigned long do_brk(unsigned long addr, +@@ -2166,22 +2531,22 @@ unsigned long do_brk(unsigned long addr, /* * Clear old maps. this also does some error checking for us */ @@ -50848,7 +50997,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return -ENOMEM; /* Can we just expand an old private anonymous mapping? */ -@@ -2195,7 +2564,7 @@ unsigned long do_brk(unsigned long addr, +@@ -2195,7 +2560,7 @@ unsigned long do_brk(unsigned long addr, */ vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); if (!vma) { @@ -50857,7 +51006,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return -ENOMEM; } -@@ -2208,11 +2577,12 @@ unsigned long do_brk(unsigned long addr, +@@ -2208,11 +2573,12 @@ unsigned long do_brk(unsigned long addr, vma->vm_page_prot = vm_get_page_prot(flags); vma_link(mm, vma, prev, rb_link, rb_parent); out: @@ -50872,7 +51021,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return addr; } -@@ -2259,8 +2629,10 @@ void exit_mmap(struct mm_struct *mm) +@@ -2259,8 +2625,10 @@ void exit_mmap(struct mm_struct *mm) * Walk the list again, actually closing and freeing it, * with preemption enabled, without holding any MM locks. */ @@ -50884,7 +51033,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c BUG_ON(mm->nr_ptes > (FIRST_USER_ADDRESS+PMD_SIZE-1)>>PMD_SHIFT); } -@@ -2274,6 +2646,10 @@ int insert_vm_struct(struct mm_struct * +@@ -2274,6 +2642,10 @@ int insert_vm_struct(struct mm_struct * struct vm_area_struct * __vma, * prev; struct rb_node ** rb_link, * rb_parent; @@ -50895,7 +51044,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * The vm_pgoff of a purely anonymous vma should be irrelevant * until its first write fault, when page's anon_vma and index -@@ -2296,7 +2672,22 @@ int insert_vm_struct(struct mm_struct * +@@ -2296,7 +2668,22 @@ int insert_vm_struct(struct mm_struct * if ((vma->vm_flags & VM_ACCOUNT) && security_vm_enough_memory_mm(mm, vma_pages(vma))) return -ENOMEM; @@ -50918,7 +51067,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c return 0; } -@@ -2314,6 +2705,8 @@ struct vm_area_struct *copy_vma(struct v +@@ -2314,6 +2701,8 @@ struct vm_area_struct *copy_vma(struct v struct rb_node **rb_link, *rb_parent; struct mempolicy *pol; @@ -50927,7 +51076,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * If anonymous vma has not yet been faulted, update new pgoff * to match new location, to increase its chance of merging. -@@ -2363,6 +2756,39 @@ struct vm_area_struct *copy_vma(struct v +@@ -2363,6 +2752,39 @@ struct vm_area_struct *copy_vma(struct v kmem_cache_free(vm_area_cachep, new_vma); return NULL; } @@ -50967,7 +51116,7 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c /* * Return true if the calling process may expand its vm space by the passed -@@ -2374,7 +2800,7 @@ int may_expand_vm(struct mm_struct *mm, +@@ -2374,7 +2796,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long lim; lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; @@ -50976,16 +51125,18 @@ diff -urNp linux-2.6.34.1/mm/mmap.c linux-2.6.34.1/mm/mmap.c if (cur + npages > lim) return 0; return 1; -@@ -2444,6 +2870,15 @@ int install_special_mapping(struct mm_st +@@ -2444,6 +2866,17 @@ int install_special_mapping(struct mm_st vma->vm_start = addr; vma->vm_end = addr + len; +#ifdef CONFIG_PAX_MPROTECT + if (mm->pax_flags & MF_PAX_MPROTECT) { -+ if ((vm_flags & (VM_WRITE | VM_EXEC)) != VM_EXEC) -+ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); ++ if ((vm_flags & (VM_WRITE | VM_EXEC)) == (VM_WRITE | VM_EXEC)) ++ return -EPERM; ++ if (!(vm_flags & VM_EXEC)) ++ vm_flags &= ~VM_MAYEXEC; + else -+ vm_flags &= ~(VM_WRITE | VM_MAYWRITE); ++ vm_flags &= ~VM_MAYWRITE; + } +#endif + @@ -51399,7 +51550,7 @@ diff -urNp linux-2.6.34.1/mm/percpu.c linux-2.6.34.1/mm/percpu.c static const int *pcpu_unit_map __read_mostly; /* cpu -> unit */ diff -urNp linux-2.6.34.1/mm/rmap.c linux-2.6.34.1/mm/rmap.c --- linux-2.6.34.1/mm/rmap.c 2010-07-05 14:24:10.000000000 -0400 -+++ linux-2.6.34.1/mm/rmap.c 2010-07-09 14:51:54.000000000 -0400 ++++ linux-2.6.34.1/mm/rmap.c 2010-07-13 21:19:01.000000000 -0400 @@ -116,15 +116,29 @@ int anon_vma_prepare(struct vm_area_stru struct anon_vma *anon_vma = vma->anon_vma; struct anon_vma_chain *avc; @@ -51430,10 +51581,10 @@ diff -urNp linux-2.6.34.1/mm/rmap.c linux-2.6.34.1/mm/rmap.c anon_vma = find_mergeable_anon_vma(vma); allocated = NULL; if (!anon_vma) { -@@ -143,6 +157,20 @@ int anon_vma_prepare(struct vm_area_stru - avc->vma = vma; - list_add(&avc->same_vma, &vma->anon_vma_chain); - list_add(&avc->same_anon_vma, &anon_vma->head); +@@ -138,6 +152,20 @@ int anon_vma_prepare(struct vm_area_stru + /* page_table_lock to protect against threads */ + spin_lock(&mm->page_table_lock); + if (likely(!vma->anon_vma)) { + +#ifdef CONFIG_PAX_SEGMEXEC + vma_m = pax_find_mirror_vma(vma); @@ -51448,9 +51599,9 @@ diff -urNp linux-2.6.34.1/mm/rmap.c linux-2.6.34.1/mm/rmap.c + } +#endif + - allocated = NULL; - avc = NULL; - } + vma->anon_vma = anon_vma; + avc->anon_vma = anon_vma; + avc->vma = vma; @@ -151,12 +179,24 @@ int anon_vma_prepare(struct vm_area_stru if (unlikely(allocated)) @@ -53424,6 +53575,18 @@ diff -urNp linux-2.6.34.1/net/unix/af_unix.c linux-2.6.34.1/net/unix/af_unix.c list = &unix_socket_table[addr->hash]; } else { list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)]; +diff -urNp linux-2.6.34.1/net/wireless/reg.c linux-2.6.34.1/net/wireless/reg.c +--- linux-2.6.34.1/net/wireless/reg.c 2010-07-05 14:24:10.000000000 -0400 ++++ linux-2.6.34.1/net/wireless/reg.c 2010-07-13 21:19:01.000000000 -0400 +@@ -50,7 +50,7 @@ + printk(KERN_DEBUG format , ## args); \ + } while (0) + #else +-#define REG_DBG_PRINT(args...) ++#define REG_DBG_PRINT(args...) do {} while (0) + #endif + + /* Receipt of information from last regulatory request */ diff -urNp linux-2.6.34.1/net/wireless/wext-core.c linux-2.6.34.1/net/wireless/wext-core.c --- linux-2.6.34.1/net/wireless/wext-core.c 2010-07-05 14:24:10.000000000 -0400 +++ linux-2.6.34.1/net/wireless/wext-core.c 2010-07-09 14:51:54.000000000 -0400 |