diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2011-11-19 07:30:51 -0500 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2011-11-19 07:30:51 -0500 |
commit | 357bf67d253758c99b4e8c8d65e25e8673fdd10a (patch) | |
tree | d848aec0887964902fc7fdb0893149b1c236d988 | |
parent | Grsec/PaX: 2.2.2-3.1.1-201111171911 (diff) | |
download | hardened-patchset-357bf67d253758c99b4e8c8d65e25e8673fdd10a.tar.gz hardened-patchset-357bf67d253758c99b4e8c8d65e25e8673fdd10a.tar.bz2 hardened-patchset-357bf67d253758c99b4e8c8d65e25e8673fdd10a.zip |
Grsec/PaX: 2.2.2-{2.6.32.48,3.1.1}-20111118190220111118
-rw-r--r-- | 2.6.32/0000_README | 2 | ||||
-rw-r--r-- | 2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111181902.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111161802.patch) | 2401 | ||||
-rw-r--r-- | 3.1.1/0000_README | 2 | ||||
-rw-r--r-- | 3.1.1/4420_grsecurity-2.2.2-3.1.1-201111181902.patch (renamed from 3.1.1/4420_grsecurity-2.2.2-3.1.1-201111171911.patch) | 152 |
4 files changed, 2223 insertions, 334 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index 09a7a03..f5436c2 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.2-2.6.32.48-201111161802.patch +Patch: 4420_grsecurity-2.2.2-2.6.32.48-201111181902.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111161802.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111181902.patch index 8c18994..5c9ddc8 100644 --- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111161802.patch +++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.48-201111181902.patch @@ -84,7 +84,7 @@ diff -urNp linux-2.6.32.48/arch/alpha/kernel/osf_sys.c linux-2.6.32.48/arch/alph diff -urNp linux-2.6.32.48/arch/alpha/mm/fault.c linux-2.6.32.48/arch/alpha/mm/fault.c --- linux-2.6.32.48/arch/alpha/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/alpha/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/alpha/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -54,6 +54,124 @@ __load_new_mm_context(struct mm_struct * __reload_thread(pcb); } @@ -192,7 +192,7 @@ diff -urNp linux-2.6.32.48/arch/alpha/mm/fault.c linux-2.6.32.48/arch/alpha/mm/f + return 1; +} + -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -594,7 +594,7 @@ diff -urNp linux-2.6.32.48/arch/arm/mach-sa1100/pm.c linux-2.6.32.48/arch/arm/ma }; diff -urNp linux-2.6.32.48/arch/arm/mm/fault.c linux-2.6.32.48/arch/arm/mm/fault.c --- linux-2.6.32.48/arch/arm/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/arm/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/arm/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -166,6 +166,13 @@ __do_user_fault(struct task_struct *tsk, } #endif @@ -614,7 +614,7 @@ diff -urNp linux-2.6.32.48/arch/arm/mm/fault.c linux-2.6.32.48/arch/arm/mm/fault #endif /* CONFIG_MMU */ +#ifdef CONFIG_PAX_PAGEEXEC -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + long i; + @@ -753,13 +753,13 @@ diff -urNp linux-2.6.32.48/arch/avr32/mach-at32ap/pm.c linux-2.6.32.48/arch/avr3 }; diff -urNp linux-2.6.32.48/arch/avr32/mm/fault.c linux-2.6.32.48/arch/avr32/mm/fault.c --- linux-2.6.32.48/arch/avr32/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/avr32/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/avr32/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -41,6 +41,23 @@ static inline int notify_page_fault(stru int exception_trace = 1; +#ifdef CONFIG_PAX_PAGEEXEC -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -1325,13 +1325,13 @@ diff -urNp linux-2.6.32.48/arch/ia64/kernel/vmlinux.lds.S linux-2.6.32.48/arch/i */ diff -urNp linux-2.6.32.48/arch/ia64/mm/fault.c linux-2.6.32.48/arch/ia64/mm/fault.c --- linux-2.6.32.48/arch/ia64/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/ia64/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/ia64/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -72,6 +72,23 @@ mapped_kernel_page_is_present (unsigned return pte_present(pte); } +#ifdef CONFIG_PAX_PAGEEXEC -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -1657,13 +1657,13 @@ diff -urNp linux-2.6.32.48/arch/mips/Makefile linux-2.6.32.48/arch/mips/Makefile vmlinux-32 = vmlinux diff -urNp linux-2.6.32.48/arch/mips/mm/fault.c linux-2.6.32.48/arch/mips/mm/fault.c --- linux-2.6.32.48/arch/mips/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/mips/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/mips/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -26,6 +26,23 @@ #include <asm/ptrace.h> #include <asm/highmem.h> /* For VMALLOC_END */ +#ifdef CONFIG_PAX_PAGEEXEC -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -1869,7 +1869,7 @@ diff -urNp linux-2.6.32.48/arch/parisc/kernel/traps.c linux-2.6.32.48/arch/paris diff -urNp linux-2.6.32.48/arch/parisc/mm/fault.c linux-2.6.32.48/arch/parisc/mm/fault.c --- linux-2.6.32.48/arch/parisc/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/parisc/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/parisc/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -15,6 +15,7 @@ #include <linux/sched.h> #include <linux/interrupt.h> @@ -1985,7 +1985,7 @@ diff -urNp linux-2.6.32.48/arch/parisc/mm/fault.c linux-2.6.32.48/arch/parisc/mm + return 1; +} + -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -2982,7 +2982,7 @@ diff -urNp linux-2.6.32.48/arch/powerpc/Makefile linux-2.6.32.48/arch/powerpc/Ma ifeq ($(CONFIG_PPC64),y) diff -urNp linux-2.6.32.48/arch/powerpc/mm/fault.c linux-2.6.32.48/arch/powerpc/mm/fault.c --- linux-2.6.32.48/arch/powerpc/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/powerpc/mm/fault.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/powerpc/mm/fault.c 2011-11-18 18:01:52.000000000 -0500 @@ -30,6 +30,10 @@ #include <linux/kprobes.h> #include <linux/kdebug.h> @@ -3017,7 +3017,7 @@ diff -urNp linux-2.6.32.48/arch/powerpc/mm/fault.c linux-2.6.32.48/arch/powerpc/ + return 1; +} + -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -5201,7 +5201,7 @@ diff -urNp linux-2.6.32.48/arch/sparc/Makefile linux-2.6.32.48/arch/sparc/Makefi diff -urNp linux-2.6.32.48/arch/sparc/mm/fault_32.c linux-2.6.32.48/arch/sparc/mm/fault_32.c --- linux-2.6.32.48/arch/sparc/mm/fault_32.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/sparc/mm/fault_32.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/sparc/mm/fault_32.c 2011-11-18 18:01:52.000000000 -0500 @@ -21,6 +21,9 @@ #include <linux/interrupt.h> #include <linux/module.h> @@ -5461,7 +5461,7 @@ diff -urNp linux-2.6.32.48/arch/sparc/mm/fault_32.c linux-2.6.32.48/arch/sparc/m + return 1; +} + -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -5507,7 +5507,7 @@ diff -urNp linux-2.6.32.48/arch/sparc/mm/fault_32.c linux-2.6.32.48/arch/sparc/m goto bad_area; diff -urNp linux-2.6.32.48/arch/sparc/mm/fault_64.c linux-2.6.32.48/arch/sparc/mm/fault_64.c --- linux-2.6.32.48/arch/sparc/mm/fault_64.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/sparc/mm/fault_64.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/sparc/mm/fault_64.c 2011-11-18 18:01:52.000000000 -0500 @@ -20,6 +20,9 @@ #include <linux/kprobes.h> #include <linux/kdebug.h> @@ -5965,7 +5965,7 @@ diff -urNp linux-2.6.32.48/arch/sparc/mm/fault_64.c linux-2.6.32.48/arch/sparc/m + return 1; +} + -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + unsigned long i; + @@ -6192,6 +6192,32 @@ diff -urNp linux-2.6.32.48/arch/um/kernel/process.c linux-2.6.32.48/arch/um/kern unsigned long get_wchan(struct task_struct *p) { unsigned long stack_page, sp, ip; +diff -urNp linux-2.6.32.48/arch/um/Makefile linux-2.6.32.48/arch/um/Makefile +--- linux-2.6.32.48/arch/um/Makefile 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/arch/um/Makefile 2011-11-18 18:01:52.000000000 -0500 +@@ -49,6 +49,10 @@ USER_CFLAGS = $(patsubst $(KERNEL_DEFINE + $(patsubst -I%,,$(KBUILD_CFLAGS)))) $(ARCH_INCLUDE) $(MODE_INCLUDE) \ + $(filter -I%,$(CFLAGS)) -D_FILE_OFFSET_BITS=64 + ++ifdef CONSTIFY_PLUGIN ++USER_CFLAGS += $(CONSTIFY_PLUGIN) -fplugin-arg-constify_plugin-no-constify ++endif ++ + include $(srctree)/$(ARCH_DIR)/Makefile-$(SUBARCH) + + #This will adjust *FLAGS accordingly to the platform. +diff -urNp linux-2.6.32.48/arch/um/sys-i386/shared/sysdep/system.h linux-2.6.32.48/arch/um/sys-i386/shared/sysdep/system.h +--- linux-2.6.32.48/arch/um/sys-i386/shared/sysdep/system.h 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/arch/um/sys-i386/shared/sysdep/system.h 2011-11-18 18:01:52.000000000 -0500 +@@ -17,7 +17,7 @@ + # define AT_VECTOR_SIZE_ARCH 1 + #endif + +-extern unsigned long arch_align_stack(unsigned long sp); ++#define arch_align_stack(x) ((x) & ~0xfUL) + + void default_idle(void); + diff -urNp linux-2.6.32.48/arch/um/sys-i386/syscalls.c linux-2.6.32.48/arch/um/sys-i386/syscalls.c --- linux-2.6.32.48/arch/um/sys-i386/syscalls.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/um/sys-i386/syscalls.c 2011-11-15 19:59:42.000000000 -0500 @@ -6217,6 +6243,18 @@ diff -urNp linux-2.6.32.48/arch/um/sys-i386/syscalls.c linux-2.6.32.48/arch/um/s /* * Perform the select(nd, in, out, ex, tv) and mmap() system * calls. Linux/i386 didn't use to be able to handle more than +diff -urNp linux-2.6.32.48/arch/um/sys-x86_64/shared/sysdep/system.h linux-2.6.32.48/arch/um/sys-x86_64/shared/sysdep/system.h +--- linux-2.6.32.48/arch/um/sys-x86_64/shared/sysdep/system.h 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/arch/um/sys-x86_64/shared/sysdep/system.h 2011-11-18 18:01:52.000000000 -0500 +@@ -17,7 +17,7 @@ + # define AT_VECTOR_SIZE_ARCH 1 + #endif + +-extern unsigned long arch_align_stack(unsigned long sp); ++#define arch_align_stack(x) ((x) & ~0xfUL) + + void default_idle(void); + diff -urNp linux-2.6.32.48/arch/x86/boot/bitops.h linux-2.6.32.48/arch/x86/boot/bitops.h --- linux-2.6.32.48/arch/x86/boot/bitops.h 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/x86/boot/bitops.h 2011-11-15 19:59:42.000000000 -0500 @@ -6831,16 +6869,18 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32_aout.c linux-2.6.32.48/arch/x86/ia return has_dumped; diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia32/ia32entry.S --- linux-2.6.32.48/arch/x86/ia32/ia32entry.S 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/ia32/ia32entry.S 2011-11-15 19:59:42.000000000 -0500 -@@ -13,6 +13,7 @@ ++++ linux-2.6.32.48/arch/x86/ia32/ia32entry.S 2011-11-18 18:01:52.000000000 -0500 +@@ -13,7 +13,9 @@ #include <asm/thread_info.h> #include <asm/segment.h> #include <asm/irqflags.h> +#include <asm/pgtable.h> #include <linux/linkage.h> ++#include <asm/alternative-asm.h> /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ -@@ -93,6 +94,29 @@ ENTRY(native_irq_enable_sysexit) + #include <linux/elf-em.h> +@@ -93,6 +95,29 @@ ENTRY(native_irq_enable_sysexit) ENDPROC(native_irq_enable_sysexit) #endif @@ -6870,7 +6910,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia /* * 32bit SYSENTER instruction entry. * -@@ -119,7 +143,7 @@ ENTRY(ia32_sysenter_target) +@@ -119,7 +144,7 @@ ENTRY(ia32_sysenter_target) CFI_REGISTER rsp,rbp SWAPGS_UNSAFE_STACK movq PER_CPU_VAR(kernel_stack), %rsp @@ -6879,7 +6919,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia /* * No need to follow this irqs on/off section: the syscall * disabled irqs, here we enable it straight after entry: -@@ -135,7 +159,8 @@ ENTRY(ia32_sysenter_target) +@@ -135,7 +160,8 @@ ENTRY(ia32_sysenter_target) pushfq CFI_ADJUST_CFA_OFFSET 8 /*CFI_REL_OFFSET rflags,0*/ @@ -6889,7 +6929,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia CFI_REGISTER rip,r10 pushq $__USER32_CS CFI_ADJUST_CFA_OFFSET 8 -@@ -150,6 +175,12 @@ ENTRY(ia32_sysenter_target) +@@ -150,6 +176,12 @@ ENTRY(ia32_sysenter_target) SAVE_ARGS 0,0,1 /* no need to do an access_ok check here because rbp has been 32bit zero extended */ @@ -6902,7 +6942,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia 1: movl (%rbp),%ebp .section __ex_table,"a" .quad 1b,ia32_badarg -@@ -172,6 +203,8 @@ sysenter_dispatch: +@@ -172,6 +204,8 @@ sysenter_dispatch: testl $_TIF_ALLWORK_MASK,TI_flags(%r10) jnz sysexit_audit sysexit_from_sys_call: @@ -6911,7 +6951,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia andl $~TS_COMPAT,TI_status(%r10) /* clear IF, that popfq doesn't enable interrupts early */ andl $~0x200,EFLAGS-R11(%rsp) -@@ -200,6 +233,9 @@ sysexit_from_sys_call: +@@ -200,6 +234,9 @@ sysexit_from_sys_call: movl %eax,%esi /* 2nd arg: syscall number */ movl $AUDIT_ARCH_I386,%edi /* 1st arg: audit arch */ call audit_syscall_entry @@ -6921,7 +6961,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall number */ cmpq $(IA32_NR_syscalls-1),%rax ja ia32_badsys -@@ -252,6 +288,9 @@ sysenter_tracesys: +@@ -252,6 +289,9 @@ sysenter_tracesys: movq $-ENOSYS,RAX(%rsp)/* ptrace can change this for a bad syscall */ movq %rsp,%rdi /* &pt_regs -> arg1 */ call syscall_trace_enter @@ -6931,7 +6971,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ RESTORE_REST cmpq $(IA32_NR_syscalls-1),%rax -@@ -283,19 +322,24 @@ ENDPROC(ia32_sysenter_target) +@@ -283,19 +323,24 @@ ENDPROC(ia32_sysenter_target) ENTRY(ia32_cstar_target) CFI_STARTPROC32 simple CFI_SIGNAL_FRAME @@ -6958,7 +6998,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia movl %eax,%eax /* zero extension */ movq %rax,ORIG_RAX-ARGOFFSET(%rsp) movq %rcx,RIP-ARGOFFSET(%rsp) -@@ -311,6 +355,12 @@ ENTRY(ia32_cstar_target) +@@ -311,6 +356,12 @@ ENTRY(ia32_cstar_target) /* no need to do an access_ok check here because r8 has been 32bit zero extended */ /* hardware stack frame is complete now */ @@ -6971,7 +7011,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia 1: movl (%r8),%r9d .section __ex_table,"a" .quad 1b,ia32_badarg -@@ -333,6 +383,8 @@ cstar_dispatch: +@@ -333,6 +384,8 @@ cstar_dispatch: testl $_TIF_ALLWORK_MASK,TI_flags(%r10) jnz sysretl_audit sysretl_from_sys_call: @@ -6980,7 +7020,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia andl $~TS_COMPAT,TI_status(%r10) RESTORE_ARGS 1,-ARG_SKIP,1,1,1 movl RIP-ARGOFFSET(%rsp),%ecx -@@ -370,6 +422,9 @@ cstar_tracesys: +@@ -370,6 +423,9 @@ cstar_tracesys: movq $-ENOSYS,RAX(%rsp) /* ptrace can change this for a bad syscall */ movq %rsp,%rdi /* &pt_regs -> arg1 */ call syscall_trace_enter @@ -6990,7 +7030,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia LOAD_ARGS32 ARGOFFSET, 1 /* reload args from stack in case ptrace changed it */ RESTORE_REST xchgl %ebp,%r9d -@@ -415,6 +470,7 @@ ENTRY(ia32_syscall) +@@ -415,6 +471,7 @@ ENTRY(ia32_syscall) CFI_REL_OFFSET rip,RIP-RIP PARAVIRT_ADJUST_EXCEPTION_FRAME SWAPGS @@ -6998,7 +7038,7 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia /* * No need to follow this irqs on/off section: the syscall * disabled irqs and here we enable it straight after entry: -@@ -448,6 +504,9 @@ ia32_tracesys: +@@ -448,6 +505,9 @@ ia32_tracesys: movq $-ENOSYS,RAX(%rsp) /* ptrace can change this for a bad syscall */ movq %rsp,%rdi /* &pt_regs -> arg1 */ call syscall_trace_enter @@ -7008,6 +7048,14 @@ diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32entry.S linux-2.6.32.48/arch/x86/ia LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ RESTORE_REST cmpq $(IA32_NR_syscalls-1),%rax +@@ -462,6 +522,7 @@ ia32_badsys: + + quiet_ni_syscall: + movq $-ENOSYS,%rax ++ pax_force_retaddr + ret + CFI_ENDPROC + diff -urNp linux-2.6.32.48/arch/x86/ia32/ia32_signal.c linux-2.6.32.48/arch/x86/ia32/ia32_signal.c --- linux-2.6.32.48/arch/x86/ia32/ia32_signal.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/x86/ia32/ia32_signal.c 2011-11-15 19:59:42.000000000 -0500 @@ -13045,7 +13093,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/doublefault_32.c linux-2.6.32.48/arch .__cr3 = __pa_nodebug(swapper_pg_dir), diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c --- linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c 2011-11-15 19:59:42.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c 2011-11-18 18:10:09.000000000 -0500 @@ -53,16 +53,12 @@ void dump_trace(struct task_struct *task #endif @@ -13103,7 +13151,23 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c linux-2.6.32.48/arch/x printk("<%02x> ", c); else printk("%02x ", c); -@@ -149,6 +146,7 @@ int is_valid_bugaddr(unsigned long ip) +@@ -145,10 +142,23 @@ void show_registers(struct pt_regs *regs + printk("\n"); + } + ++#ifdef CONFIG_PAX_MEMORY_STACKLEAK ++void pax_check_alloca(unsigned long size) ++{ ++ unsigned long sp = (unsigned long)&sp, stack_left; ++ ++ /* all kernel stacks are of the same size */ ++ stack_left = sp & (THREAD_SIZE - 1); ++ BUG_ON(stack_left < 256 || size >= stack_left - 256); ++} ++EXPORT_SYMBOL(pax_check_alloca); ++#endif ++ + int is_valid_bugaddr(unsigned long ip) { unsigned short ud2; @@ -13113,7 +13177,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack_32.c linux-2.6.32.48/arch/x if (probe_kernel_address((unsigned short *)ip, ud2)) diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c --- linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c 2011-11-18 18:01:52.000000000 -0500 @@ -116,8 +116,8 @@ void dump_trace(struct task_struct *task unsigned long *irq_stack_end = (unsigned long *)per_cpu(irq_stack_ptr, cpu); @@ -13164,6 +13228,57 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack_64.c linux-2.6.32.48/arch/x put_cpu(); } EXPORT_SYMBOL(dump_trace); +@@ -304,3 +305,50 @@ int is_valid_bugaddr(unsigned long ip) + return ud2 == 0x0b0f; + } + ++ ++#ifdef CONFIG_PAX_MEMORY_STACKLEAK ++void pax_check_alloca(unsigned long size) ++{ ++ unsigned long sp = (unsigned long)&sp, stack_start, stack_end; ++ unsigned cpu, used; ++ char *id; ++ ++ /* check the process stack first */ ++ stack_start = (unsigned long)task_stack_page(current); ++ stack_end = stack_start + THREAD_SIZE; ++ if (likely(stack_start <= sp && sp < stack_end)) { ++ unsigned long stack_left = sp & (THREAD_SIZE - 1); ++ BUG_ON(stack_left < 256 || size >= stack_left - 256); ++ return; ++ } ++ ++ cpu = get_cpu(); ++ ++ /* check the irq stacks */ ++ stack_end = (unsigned long)per_cpu(irq_stack_ptr, cpu); ++ stack_start = stack_end - IRQ_STACK_SIZE; ++ if (stack_start <= sp && sp < stack_end) { ++ unsigned long stack_left = sp & (IRQ_STACK_SIZE - 1); ++ put_cpu(); ++ BUG_ON(stack_left < 256 || size >= stack_left - 256); ++ return; ++ } ++ ++ /* check the exception stacks */ ++ used = 0; ++ stack_end = (unsigned long)in_exception_stack(cpu, sp, &used, &id); ++ stack_start = stack_end - EXCEPTION_STKSZ; ++ if (stack_end && stack_start <= sp && sp < stack_end) { ++ unsigned long stack_left = sp & (EXCEPTION_STKSZ - 1); ++ put_cpu(); ++ BUG_ON(stack_left < 256 || size >= stack_left - 256); ++ return; ++ } ++ ++ put_cpu(); ++ ++ /* unknown stack */ ++ BUG(); ++} ++EXPORT_SYMBOL(pax_check_alloca); ++#endif diff -urNp linux-2.6.32.48/arch/x86/kernel/dumpstack.c linux-2.6.32.48/arch/x86/kernel/dumpstack.c --- linux-2.6.32.48/arch/x86/kernel/dumpstack.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/x86/kernel/dumpstack.c 2011-11-15 19:59:43.000000000 -0500 @@ -13606,7 +13721,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/efi_stub_64.S linux-2.6.32.48/arch/x8 ENDPROC(efi_call6) diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/kernel/entry_32.S --- linux-2.6.32.48/arch/x86/kernel/entry_32.S 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kernel/entry_32.S 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kernel/entry_32.S 2011-11-18 18:01:52.000000000 -0500 @@ -185,13 +185,146 @@ /*CFI_REL_OFFSET gs, PT_GS*/ .endm @@ -13780,6 +13895,15 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k .macro RESTORE_INT_REGS popl %ebx CFI_ADJUST_CFA_OFFSET -4 +@@ -331,7 +473,7 @@ ENTRY(ret_from_fork) + CFI_ADJUST_CFA_OFFSET -4 + jmp syscall_exit + CFI_ENDPROC +-END(ret_from_fork) ++ENDPROC(ret_from_fork) + + /* + * Return to user mode is not as complex as all this looks, @@ -352,7 +494,15 @@ check_userspace: movb PT_CS(%esp), %al andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax @@ -13796,15 +13920,26 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k ENTRY(resume_userspace) LOCKDEP_SYS_EXIT -@@ -364,7 +514,7 @@ ENTRY(resume_userspace) +@@ -364,8 +514,8 @@ ENTRY(resume_userspace) andl $_TIF_WORK_MASK, %ecx # is there any work to be done on # int/exception return? jne work_pending - jmp restore_all +-END(ret_from_exception) + jmp restore_all_pax - END(ret_from_exception) ++ENDPROC(ret_from_exception) #ifdef CONFIG_PREEMPT + ENTRY(resume_kernel) +@@ -380,7 +530,7 @@ need_resched: + jz restore_all + call preempt_schedule_irq + jmp need_resched +-END(resume_kernel) ++ENDPROC(resume_kernel) + #endif + CFI_ENDPROC + @@ -414,25 +564,36 @@ sysenter_past_esp: /*CFI_REL_OFFSET cs, 0*/ /* @@ -13947,7 +14082,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k pushl $__ESPFIX_SS CFI_ADJUST_CFA_OFFSET 4 push %eax /* new kernel esp */ -@@ -636,31 +846,25 @@ work_resched: +@@ -636,36 +846,30 @@ work_resched: movl TI_flags(%ebp), %ecx andl $_TIF_WORK_MASK, %ecx # is there any work to be done other # than syscall tracing? @@ -13983,7 +14118,13 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k #endif xorl %edx, %edx call do_notify_resume -@@ -673,6 +877,9 @@ syscall_trace_entry: + jmp resume_userspace_sig +-END(work_pending) ++ENDPROC(work_pending) + + # perform syscall exit tracing + ALIGN +@@ -673,11 +877,14 @@ syscall_trace_entry: movl $-ENOSYS,PT_EAX(%esp) movl %esp, %eax call syscall_trace_enter @@ -13993,7 +14134,19 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k /* What it returned is what we'll actually use. */ cmpl $(nr_syscalls), %eax jnae syscall_call -@@ -695,6 +902,10 @@ END(syscall_exit_work) + jmp syscall_exit +-END(syscall_trace_entry) ++ENDPROC(syscall_trace_entry) + + # perform syscall exit tracing + ALIGN +@@ -690,20 +897,24 @@ syscall_exit_work: + movl %esp, %eax + call syscall_trace_leave + jmp resume_userspace +-END(syscall_exit_work) ++ENDPROC(syscall_exit_work) + CFI_ENDPROC RING0_INT_FRAME # can't unwind into user space anyway syscall_fault: @@ -14004,6 +14157,17 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k GET_THREAD_INFO(%ebp) movl $-EFAULT,PT_EAX(%esp) jmp resume_userspace +-END(syscall_fault) ++ENDPROC(syscall_fault) + + syscall_badsys: + movl $-ENOSYS,PT_EAX(%esp) + jmp resume_userspace +-END(syscall_badsys) ++ENDPROC(syscall_badsys) + CFI_ENDPROC + + /* @@ -726,6 +937,33 @@ PTREGSCALL(rt_sigreturn) PTREGSCALL(vm86) PTREGSCALL(vm86old) @@ -14053,6 +14217,192 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k mov GDT_ENTRY_ESPFIX_SS * 8 + 4(%ebx), %al /* bits 16..23 */ mov GDT_ENTRY_ESPFIX_SS * 8 + 7(%ebx), %ah /* bits 24..31 */ shl $16, %eax +@@ -793,7 +1037,7 @@ vector=vector+1 + .endr + 2: jmp common_interrupt + .endr +-END(irq_entries_start) ++ENDPROC(irq_entries_start) + + .previous + END(interrupt) +@@ -840,7 +1084,7 @@ ENTRY(coprocessor_error) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(coprocessor_error) ++ENDPROC(coprocessor_error) + + ENTRY(simd_coprocessor_error) + RING0_INT_FRAME +@@ -850,7 +1094,7 @@ ENTRY(simd_coprocessor_error) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(simd_coprocessor_error) ++ENDPROC(simd_coprocessor_error) + + ENTRY(device_not_available) + RING0_INT_FRAME +@@ -860,7 +1104,7 @@ ENTRY(device_not_available) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(device_not_available) ++ENDPROC(device_not_available) + + #ifdef CONFIG_PARAVIRT + ENTRY(native_iret) +@@ -869,12 +1113,12 @@ ENTRY(native_iret) + .align 4 + .long native_iret, iret_exc + .previous +-END(native_iret) ++ENDPROC(native_iret) + + ENTRY(native_irq_enable_sysexit) + sti + sysexit +-END(native_irq_enable_sysexit) ++ENDPROC(native_irq_enable_sysexit) + #endif + + ENTRY(overflow) +@@ -885,7 +1129,7 @@ ENTRY(overflow) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(overflow) ++ENDPROC(overflow) + + ENTRY(bounds) + RING0_INT_FRAME +@@ -895,7 +1139,7 @@ ENTRY(bounds) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(bounds) ++ENDPROC(bounds) + + ENTRY(invalid_op) + RING0_INT_FRAME +@@ -905,7 +1149,7 @@ ENTRY(invalid_op) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(invalid_op) ++ENDPROC(invalid_op) + + ENTRY(coprocessor_segment_overrun) + RING0_INT_FRAME +@@ -915,7 +1159,7 @@ ENTRY(coprocessor_segment_overrun) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(coprocessor_segment_overrun) ++ENDPROC(coprocessor_segment_overrun) + + ENTRY(invalid_TSS) + RING0_EC_FRAME +@@ -923,7 +1167,7 @@ ENTRY(invalid_TSS) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(invalid_TSS) ++ENDPROC(invalid_TSS) + + ENTRY(segment_not_present) + RING0_EC_FRAME +@@ -931,7 +1175,7 @@ ENTRY(segment_not_present) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(segment_not_present) ++ENDPROC(segment_not_present) + + ENTRY(stack_segment) + RING0_EC_FRAME +@@ -939,7 +1183,7 @@ ENTRY(stack_segment) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(stack_segment) ++ENDPROC(stack_segment) + + ENTRY(alignment_check) + RING0_EC_FRAME +@@ -947,7 +1191,7 @@ ENTRY(alignment_check) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(alignment_check) ++ENDPROC(alignment_check) + + ENTRY(divide_error) + RING0_INT_FRAME +@@ -957,7 +1201,7 @@ ENTRY(divide_error) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(divide_error) ++ENDPROC(divide_error) + + #ifdef CONFIG_X86_MCE + ENTRY(machine_check) +@@ -968,7 +1212,7 @@ ENTRY(machine_check) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(machine_check) ++ENDPROC(machine_check) + #endif + + ENTRY(spurious_interrupt_bug) +@@ -979,7 +1223,7 @@ ENTRY(spurious_interrupt_bug) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(spurious_interrupt_bug) ++ENDPROC(spurious_interrupt_bug) + + ENTRY(kernel_thread_helper) + pushl $0 # fake return address for unwinder +@@ -1095,7 +1339,7 @@ ENDPROC(xen_failsafe_callback) + + ENTRY(mcount) + ret +-END(mcount) ++ENDPROC(mcount) + + ENTRY(ftrace_caller) + cmpl $0, function_trace_stop +@@ -1124,7 +1368,7 @@ ftrace_graph_call: + .globl ftrace_stub + ftrace_stub: + ret +-END(ftrace_caller) ++ENDPROC(ftrace_caller) + + #else /* ! CONFIG_DYNAMIC_FTRACE */ + +@@ -1160,7 +1404,7 @@ trace: + popl %ecx + popl %eax + jmp ftrace_stub +-END(mcount) ++ENDPROC(mcount) + #endif /* CONFIG_DYNAMIC_FTRACE */ + #endif /* CONFIG_FUNCTION_TRACER */ + +@@ -1181,7 +1425,7 @@ ENTRY(ftrace_graph_caller) + popl %ecx + popl %eax + ret +-END(ftrace_graph_caller) ++ENDPROC(ftrace_graph_caller) + + .globl return_to_handler + return_to_handler: @@ -1198,7 +1442,6 @@ return_to_handler: ret #endif @@ -14061,7 +14411,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k #include "syscall_table_32.S" syscall_table_size=(.-sys_call_table) -@@ -1255,9 +1498,12 @@ error_code: +@@ -1255,15 +1498,18 @@ error_code: movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart REG_TO_PTGS %ecx SET_KERNEL_GS %ecx @@ -14075,6 +14425,22 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k TRACE_IRQS_OFF movl %esp,%eax # pt_regs pointer call *%edi + jmp ret_from_exception + CFI_ENDPROC +-END(page_fault) ++ENDPROC(page_fault) + + /* + * Debug traps and NMI can happen at the one SYSENTER instruction +@@ -1309,7 +1555,7 @@ debug_stack_correct: + call do_debug + jmp ret_from_exception + CFI_ENDPROC +-END(debug) ++ENDPROC(debug) + + /* + * NMI is doubly nasty. It can happen _while_ we're handling @@ -1351,6 +1597,9 @@ nmi_stack_correct: xorl %edx,%edx # zero error code movl %esp,%eax # pt_regs pointer @@ -14085,7 +14451,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k jmp restore_all_notrace CFI_ENDPROC -@@ -1391,6 +1640,9 @@ nmi_espfix_stack: +@@ -1391,12 +1640,15 @@ nmi_espfix_stack: FIXUP_ESPFIX_STACK # %eax == %esp xorl %edx,%edx # zero error code call do_nmi @@ -14095,9 +14461,34 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_32.S linux-2.6.32.48/arch/x86/k RESTORE_REGS lss 12+4(%esp), %esp # back to espfix stack CFI_ADJUST_CFA_OFFSET -24 + jmp irq_return + CFI_ENDPROC +-END(nmi) ++ENDPROC(nmi) + + ENTRY(int3) + RING0_INT_FRAME +@@ -1409,7 +1661,7 @@ ENTRY(int3) + call do_int3 + jmp ret_from_exception + CFI_ENDPROC +-END(int3) ++ENDPROC(int3) + + ENTRY(general_protection) + RING0_EC_FRAME +@@ -1417,7 +1669,7 @@ ENTRY(general_protection) + CFI_ADJUST_CFA_OFFSET 4 + jmp error_code + CFI_ENDPROC +-END(general_protection) ++ENDPROC(general_protection) + + /* + * End of kprobes section diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/kernel/entry_64.S --- linux-2.6.32.48/arch/x86/kernel/entry_64.S 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kernel/entry_64.S 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kernel/entry_64.S 2011-11-18 18:01:52.000000000 -0500 @@ -53,6 +53,8 @@ #include <asm/paravirt.h> #include <asm/ftrace.h> @@ -14107,22 +14498,28 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ #include <linux/elf-em.h> -@@ -64,6 +66,7 @@ +@@ -64,8 +66,9 @@ #ifdef CONFIG_FUNCTION_TRACER #ifdef CONFIG_DYNAMIC_FTRACE ENTRY(mcount) + pax_force_retaddr retq - END(mcount) +-END(mcount) ++ENDPROC(mcount) -@@ -88,6 +91,7 @@ GLOBAL(ftrace_graph_call) + ENTRY(ftrace_caller) + cmpl $0, function_trace_stop +@@ -88,8 +91,9 @@ GLOBAL(ftrace_graph_call) #endif GLOBAL(ftrace_stub) + pax_force_retaddr retq - END(ftrace_caller) +-END(ftrace_caller) ++ENDPROC(ftrace_caller) + #else /* ! CONFIG_DYNAMIC_FTRACE */ + ENTRY(mcount) @@ -108,6 +112,7 @@ ENTRY(mcount) #endif @@ -14131,7 +14528,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k retq trace: -@@ -117,6 +122,7 @@ trace: +@@ -117,12 +122,13 @@ trace: movq 8(%rbp), %rsi subq $MCOUNT_INSN_SIZE, %rdi @@ -14139,14 +14536,24 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k call *ftrace_trace_function MCOUNT_RESTORE_FRAME -@@ -142,6 +148,7 @@ ENTRY(ftrace_graph_caller) + + jmp ftrace_stub +-END(mcount) ++ENDPROC(mcount) + #endif /* CONFIG_DYNAMIC_FTRACE */ + #endif /* CONFIG_FUNCTION_TRACER */ + +@@ -142,8 +148,9 @@ ENTRY(ftrace_graph_caller) MCOUNT_RESTORE_FRAME + pax_force_retaddr retq - END(ftrace_graph_caller) +-END(ftrace_graph_caller) ++ENDPROC(ftrace_graph_caller) + GLOBAL(return_to_handler) + subq $24, %rsp @@ -159,6 +166,7 @@ GLOBAL(return_to_handler) movq 8(%rsp), %rdx movq (%rsp), %rax @@ -14434,23 +14841,31 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k je 1f SWAPGS /* -@@ -337,6 +608,7 @@ ENTRY(save_args) +@@ -337,9 +608,10 @@ ENTRY(save_args) * We entered an interrupt context - irqs are off: */ 2: TRACE_IRQS_OFF + pax_force_retaddr ret CFI_ENDPROC - END(save_args) -@@ -352,6 +624,7 @@ ENTRY(save_rest) +-END(save_args) ++ENDPROC(save_args) + + ENTRY(save_rest) + PARTIAL_FRAME 1 REST_SKIP+8 +@@ -352,9 +624,10 @@ ENTRY(save_rest) movq_cfi r15, R15+16 movq %r11, 8(%rsp) /* return address */ FIXUP_TOP_OF_STACK %r11, 16 + pax_force_retaddr ret CFI_ENDPROC - END(save_rest) -@@ -383,7 +656,8 @@ ENTRY(save_paranoid) +-END(save_rest) ++ENDPROC(save_rest) + + /* save complete stack frame */ + .pushsection .kprobes.text, "ax" +@@ -383,9 +656,10 @@ ENTRY(save_paranoid) js 1f /* negative -> in kernel */ SWAPGS xorl %ebx,%ebx @@ -14458,8 +14873,11 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k +1: pax_force_retaddr + ret CFI_ENDPROC - END(save_paranoid) +-END(save_paranoid) ++ENDPROC(save_paranoid) .popsection + + /* @@ -409,7 +683,7 @@ ENTRY(ret_from_fork) RESTORE_REST @@ -14469,6 +14887,15 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k je int_ret_from_sys_call testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET +@@ -419,7 +693,7 @@ ENTRY(ret_from_fork) + jmp ret_from_sys_call # go to the SYSRET fastpath + + CFI_ENDPROC +-END(ret_from_fork) ++ENDPROC(ret_from_fork) + + /* + * System call entry. Upto 6 arguments in registers are supported. @@ -455,7 +729,7 @@ END(ret_from_fork) ENTRY(system_call) CFI_STARTPROC simple @@ -14531,14 +14958,63 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k je retint_restore_args movl $_TIF_ALLWORK_MASK,%edi /* edi: mask to check */ -@@ -708,6 +991,7 @@ ENTRY(ptregscall_common) +@@ -674,7 +957,7 @@ int_restore_rest: + TRACE_IRQS_OFF + jmp int_with_check + CFI_ENDPROC +-END(system_call) ++ENDPROC(system_call) + + /* + * Certain special system calls that need to save a complete full stack frame. +@@ -690,7 +973,7 @@ ENTRY(\label) + call \func + jmp ptregscall_common + CFI_ENDPROC +-END(\label) ++ENDPROC(\label) + .endm + + PTREGSCALL stub_clone, sys_clone, %r8 +@@ -708,9 +991,10 @@ ENTRY(ptregscall_common) movq_cfi_restore R12+8, r12 movq_cfi_restore RBP+8, rbp movq_cfi_restore RBX+8, rbx + pax_force_retaddr ret $REST_SKIP /* pop extended registers */ CFI_ENDPROC - END(ptregscall_common) +-END(ptregscall_common) ++ENDPROC(ptregscall_common) + + ENTRY(stub_execve) + CFI_STARTPROC +@@ -726,7 +1010,7 @@ ENTRY(stub_execve) + RESTORE_REST + jmp int_ret_from_sys_call + CFI_ENDPROC +-END(stub_execve) ++ENDPROC(stub_execve) + + /* + * sigreturn is special because it needs to restore all registers on return. +@@ -744,7 +1028,7 @@ ENTRY(stub_rt_sigreturn) + RESTORE_REST + jmp int_ret_from_sys_call + CFI_ENDPROC +-END(stub_rt_sigreturn) ++ENDPROC(stub_rt_sigreturn) + + /* + * Build the entry stubs and pointer table with some assembler magic. +@@ -780,7 +1064,7 @@ vector=vector+1 + 2: jmp common_interrupt + .endr + CFI_ENDPROC +-END(irq_entries_start) ++ENDPROC(irq_entries_start) + + .previous + END(interrupt) @@ -800,6 +1084,16 @@ END(interrupt) CFI_ADJUST_CFA_OFFSET 10*8 call save_args @@ -14582,7 +15058,25 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k /* * The iretq could re-enable interrupts: */ -@@ -1032,6 +1330,16 @@ ENTRY(\sym) +@@ -940,7 +1238,7 @@ ENTRY(retint_kernel) + #endif + + CFI_ENDPROC +-END(common_interrupt) ++ENDPROC(common_interrupt) + + /* + * APIC interrupts. +@@ -953,7 +1251,7 @@ ENTRY(\sym) + interrupt \do_sym + jmp ret_from_intr + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + #ifdef CONFIG_SMP +@@ -1032,12 +1330,22 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET 15*8 call error_entry DEFAULT_FRAME 0 @@ -14599,7 +15093,14 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k movq %rsp,%rdi /* pt_regs pointer */ xorl %esi,%esi /* no error code */ call \do_sym -@@ -1049,6 +1357,16 @@ ENTRY(\sym) + jmp error_exit /* %ebx: no swapgs flag */ + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + .macro paranoidzeroentry sym do_sym +@@ -1049,12 +1357,22 @@ ENTRY(\sym) subq $15*8, %rsp call save_paranoid TRACE_IRQS_OFF @@ -14616,7 +15117,14 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k movq %rsp,%rdi /* pt_regs pointer */ xorl %esi,%esi /* no error code */ call \do_sym -@@ -1066,9 +1384,24 @@ ENTRY(\sym) + jmp paranoid_exit /* %ebx: no swapgs flag */ + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + .macro paranoidzeroentry_ist sym do_sym ist +@@ -1066,15 +1384,30 @@ ENTRY(\sym) subq $15*8, %rsp call save_paranoid TRACE_IRQS_OFF @@ -14642,7 +15150,14 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k subq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp) call \do_sym addq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp) -@@ -1085,6 +1418,16 @@ ENTRY(\sym) + jmp paranoid_exit /* %ebx: no swapgs flag */ + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + .macro errorentry sym do_sym +@@ -1085,13 +1418,23 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET 15*8 call error_entry DEFAULT_FRAME 0 @@ -14659,7 +15174,15 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k movq %rsp,%rdi /* pt_regs pointer */ movq ORIG_RAX(%rsp),%rsi /* get error code */ movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */ -@@ -1104,6 +1447,16 @@ ENTRY(\sym) + call \do_sym + jmp error_exit /* %ebx: no swapgs flag */ + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + /* error code is on the stack already */ +@@ -1104,13 +1447,23 @@ ENTRY(\sym) call save_paranoid DEFAULT_FRAME 0 TRACE_IRQS_OFF @@ -14676,23 +15199,39 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k movq %rsp,%rdi /* pt_regs pointer */ movq ORIG_RAX(%rsp),%rsi /* get error code */ movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */ -@@ -1141,6 +1494,7 @@ gs_change: + call \do_sym + jmp paranoid_exit /* %ebx: no swapgs flag */ + CFI_ENDPROC +-END(\sym) ++ENDPROC(\sym) + .endm + + zeroentry divide_error do_divide_error +@@ -1141,9 +1494,10 @@ gs_change: SWAPGS popf CFI_ADJUST_CFA_OFFSET -8 + pax_force_retaddr ret CFI_ENDPROC - END(native_load_gs_index) -@@ -1195,6 +1549,7 @@ ENTRY(kernel_thread) +-END(native_load_gs_index) ++ENDPROC(native_load_gs_index) + + .section __ex_table,"a" + .align 8 +@@ -1195,9 +1549,10 @@ ENTRY(kernel_thread) */ RESTORE_ALL UNFAKE_STACK_FRAME + pax_force_retaddr ret CFI_ENDPROC - END(kernel_thread) -@@ -1208,6 +1563,7 @@ ENTRY(child_rip) +-END(kernel_thread) ++ENDPROC(kernel_thread) + + ENTRY(child_rip) + pushq $0 # fake return address +@@ -1208,13 +1563,14 @@ ENTRY(child_rip) */ movq %rdi, %rax movq %rsi, %rdi @@ -14700,22 +15239,56 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k call *%rax # exit mov %eax, %edi -@@ -1243,6 +1599,7 @@ ENTRY(kernel_execve) + call do_exit + ud2 # padding for call trace + CFI_ENDPROC +-END(child_rip) ++ENDPROC(child_rip) + + /* + * execve(). This function needs to use IRET, not SYSRET, to set up all state properly. +@@ -1243,9 +1599,10 @@ ENTRY(kernel_execve) je int_ret_from_sys_call RESTORE_ARGS UNFAKE_STACK_FRAME + pax_force_retaddr ret CFI_ENDPROC - END(kernel_execve) -@@ -1263,6 +1620,7 @@ ENTRY(call_softirq) +-END(kernel_execve) ++ENDPROC(kernel_execve) + + /* Call softirq on interrupt stack. Interrupts are off. */ + ENTRY(call_softirq) +@@ -1263,9 +1620,10 @@ ENTRY(call_softirq) CFI_DEF_CFA_REGISTER rsp CFI_ADJUST_CFA_OFFSET -8 decl PER_CPU_VAR(irq_count) + pax_force_retaddr ret CFI_ENDPROC - END(call_softirq) +-END(call_softirq) ++ENDPROC(call_softirq) + + #ifdef CONFIG_XEN + zeroentry xen_hypervisor_callback xen_do_hypervisor_callback +@@ -1303,7 +1661,7 @@ ENTRY(xen_do_hypervisor_callback) # do + decl PER_CPU_VAR(irq_count) + jmp error_exit + CFI_ENDPROC +-END(xen_do_hypervisor_callback) ++ENDPROC(xen_do_hypervisor_callback) + + /* + * Hypervisor uses this for application faults while it executes. +@@ -1362,7 +1720,7 @@ ENTRY(xen_failsafe_callback) + SAVE_ALL + jmp error_exit + CFI_ENDPROC +-END(xen_failsafe_callback) ++ENDPROC(xen_failsafe_callback) + + #endif /* CONFIG_XEN */ + @@ -1405,16 +1763,31 @@ ENTRY(paranoid_exit) TRACE_IRQS_OFF testl %ebx,%ebx /* swapgs needed? */ @@ -14749,6 +15322,15 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k jmp irq_return paranoid_userspace: GET_THREAD_INFO(%rcx) +@@ -1443,7 +1816,7 @@ paranoid_schedule: + TRACE_IRQS_OFF + jmp paranoid_userspace + CFI_ENDPROC +-END(paranoid_exit) ++ENDPROC(paranoid_exit) + + /* + * Exception entry point. This expects an error code/orig_rax on the stack. @@ -1470,12 +1843,13 @@ ENTRY(error_entry) movq_cfi r14, R14+8 movq_cfi r15, R15+8 @@ -14764,6 +15346,24 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k ret CFI_ENDPROC +@@ -1497,7 +1871,7 @@ error_kernelspace: + cmpq $gs_change,RIP+8(%rsp) + je error_swapgs + jmp error_sti +-END(error_entry) ++ENDPROC(error_entry) + + + /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */ +@@ -1517,7 +1891,7 @@ ENTRY(error_exit) + jnz retint_careful + jmp retint_swapgs + CFI_ENDPROC +-END(error_exit) ++ENDPROC(error_exit) + + + /* runs on exception stack */ @@ -1529,6 +1903,16 @@ ENTRY(nmi) CFI_ADJUST_CFA_OFFSET 15*8 call save_paranoid @@ -14811,6 +15411,23 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/entry_64.S linux-2.6.32.48/arch/x86/k jmp irq_return nmi_userspace: GET_THREAD_INFO(%rcx) +@@ -1573,14 +1973,14 @@ nmi_schedule: + jmp paranoid_exit + CFI_ENDPROC + #endif +-END(nmi) ++ENDPROC(nmi) + + ENTRY(ignore_sysret) + CFI_STARTPROC + mov $-ENOSYS,%eax + sysret + CFI_ENDPROC +-END(ignore_sysret) ++ENDPROC(ignore_sysret) + + /* + * End of kprobes section diff -urNp linux-2.6.32.48/arch/x86/kernel/ftrace.c linux-2.6.32.48/arch/x86/kernel/ftrace.c --- linux-2.6.32.48/arch/x86/kernel/ftrace.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/x86/kernel/ftrace.c 2011-11-15 19:59:43.000000000 -0500 @@ -16038,7 +16655,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/kgdb.c linux-2.6.32.48/arch/x86/kerne .flags = KGDB_HW_BREAKPOINT, diff -urNp linux-2.6.32.48/arch/x86/kernel/kprobes.c linux-2.6.32.48/arch/x86/kernel/kprobes.c --- linux-2.6.32.48/arch/x86/kernel/kprobes.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kernel/kprobes.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kernel/kprobes.c 2011-11-18 18:01:52.000000000 -0500 @@ -168,9 +168,13 @@ static void __kprobes set_jmp_op(void *f char op; s32 raddr; @@ -16122,7 +16739,17 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/kprobes.c linux-2.6.32.48/arch/x86/ke /* * The breakpoint instruction was removed right * after we hit it. Another cpu has removed -@@ -777,7 +785,7 @@ static void __kprobes resume_execution(s +@@ -637,6 +645,9 @@ static void __used __kprobes kretprobe_t + /* Skip orig_ax, ip, cs */ + " addq $24, %rsp\n" + " popfq\n" ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN ++ " btsq $63,(%rsp)\n" ++#endif + #else + " pushf\n" + /* +@@ -777,7 +788,7 @@ static void __kprobes resume_execution(s struct pt_regs *regs, struct kprobe_ctlblk *kcb) { unsigned long *tos = stack_addr(regs); @@ -16131,7 +16758,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kernel/kprobes.c linux-2.6.32.48/arch/x86/ke unsigned long orig_ip = (unsigned long)p->addr; kprobe_opcode_t *insn = p->ainsn.insn; -@@ -960,7 +968,7 @@ int __kprobes kprobe_exceptions_notify(s +@@ -960,7 +971,7 @@ int __kprobes kprobe_exceptions_notify(s struct die_args *args = data; int ret = NOTIFY_DONE; @@ -19166,7 +19793,7 @@ diff -urNp linux-2.6.32.48/arch/x86/kvm/lapic.c linux-2.6.32.48/arch/x86/kvm/lap /* 14 is the version for Xeon and Pentium 8.4.8*/ diff -urNp linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h --- linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h 2011-11-18 18:01:55.000000000 -0500 @@ -416,6 +416,8 @@ static int FNAME(page_fault)(struct kvm_ int level = PT_PAGE_TABLE_LEVEL; unsigned long mmu_seq; @@ -19176,6 +19803,14 @@ diff -urNp linux-2.6.32.48/arch/x86/kvm/paging_tmpl.h linux-2.6.32.48/arch/x86/k pgprintk("%s: addr %lx err %x\n", __func__, addr, error_code); kvm_mmu_audit(vcpu, "pre page fault"); +@@ -461,6 +463,7 @@ static int FNAME(page_fault)(struct kvm_ + kvm_mmu_free_some_pages(vcpu); + sptep = FNAME(fetch)(vcpu, addr, &walker, user_fault, write_fault, + level, &write_pt, pfn); ++ (void)sptep; + pgprintk("%s: shadow pte %p %llx ptwrite %d\n", __func__, + sptep, *sptep, write_pt); + diff -urNp linux-2.6.32.48/arch/x86/kvm/svm.c linux-2.6.32.48/arch/x86/kvm/svm.c --- linux-2.6.32.48/arch/x86/kvm/svm.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/arch/x86/kvm/svm.c 2011-11-15 19:59:43.000000000 -0500 @@ -21687,7 +22322,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/extable.c linux-2.6.32.48/arch/x86/mm/ext pnp_bios_is_utter_crap = 1; diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault.c --- linux-2.6.32.48/arch/x86/mm/fault.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/mm/fault.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/mm/fault.c 2011-11-18 18:07:11.000000000 -0500 @@ -11,10 +11,19 @@ #include <linux/kprobes.h> /* __kprobes, ... */ #include <linux/mmiotrace.h> /* kmmio_handler, ... */ @@ -21741,10 +22376,14 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault break; instr++; -@@ -172,6 +187,30 @@ force_sig_info_fault(int si_signo, int s +@@ -172,6 +187,34 @@ force_sig_info_fault(int si_signo, int s force_sig_info(si_signo, &info, tsk); } ++#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) ++static bool pax_is_fetch_fault(struct pt_regs *regs, unsigned long error_code, unsigned long address); ++#endif ++ +#ifdef CONFIG_PAX_EMUTRAMP +static int pax_handle_fetch_fault(struct pt_regs *regs); +#endif @@ -21772,7 +22411,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault DEFINE_SPINLOCK(pgd_lock); LIST_HEAD(pgd_list); -@@ -224,11 +263,24 @@ void vmalloc_sync_all(void) +@@ -224,11 +267,24 @@ void vmalloc_sync_all(void) address += PMD_SIZE) { unsigned long flags; @@ -21798,7 +22437,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault break; } spin_unlock_irqrestore(&pgd_lock, flags); -@@ -258,6 +310,11 @@ static noinline int vmalloc_fault(unsign +@@ -258,6 +314,11 @@ static noinline int vmalloc_fault(unsign * an interrupt in the middle of a task switch.. */ pgd_paddr = read_cr3(); @@ -21810,7 +22449,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault pmd_k = vmalloc_sync_one(__va(pgd_paddr), address); if (!pmd_k) return -1; -@@ -332,15 +389,27 @@ void vmalloc_sync_all(void) +@@ -332,15 +393,27 @@ void vmalloc_sync_all(void) const pgd_t *pgd_ref = pgd_offset_k(address); unsigned long flags; @@ -21838,7 +22477,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault if (pgd_none(*pgd)) set_pgd(pgd, *pgd_ref); else -@@ -373,7 +442,14 @@ static noinline int vmalloc_fault(unsign +@@ -373,7 +446,14 @@ static noinline int vmalloc_fault(unsign * happen within a race in page table update. In the later * case just flush: */ @@ -21853,7 +22492,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault pgd_ref = pgd_offset_k(address); if (pgd_none(*pgd_ref)) return -1; -@@ -535,7 +611,7 @@ static int is_errata93(struct pt_regs *r +@@ -535,7 +615,7 @@ static int is_errata93(struct pt_regs *r static int is_errata100(struct pt_regs *regs, unsigned long address) { #ifdef CONFIG_X86_64 @@ -21862,7 +22501,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault return 1; #endif return 0; -@@ -562,7 +638,7 @@ static int is_f00f_bug(struct pt_regs *r +@@ -562,7 +642,7 @@ static int is_f00f_bug(struct pt_regs *r } static const char nx_warning[] = KERN_CRIT @@ -21871,7 +22510,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault static void show_fault_oops(struct pt_regs *regs, unsigned long error_code, -@@ -571,15 +647,26 @@ show_fault_oops(struct pt_regs *regs, un +@@ -571,15 +651,26 @@ show_fault_oops(struct pt_regs *regs, un if (!oops_may_print()) return; @@ -21900,15 +22539,13 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault printk(KERN_ALERT "BUG: unable to handle kernel "); if (address < PAGE_SIZE) printk(KERN_CONT "NULL pointer dereference"); -@@ -704,6 +791,70 @@ __bad_area_nosemaphore(struct pt_regs *r - unsigned long address, int si_code) +@@ -705,6 +796,23 @@ __bad_area_nosemaphore(struct pt_regs *r { struct task_struct *tsk = current; -+#if defined(CONFIG_X86_64) || defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) + ++#ifdef CONFIG_X86_64 + struct mm_struct *mm = tsk->mm; -+#endif + -+#ifdef CONFIG_X86_64 + if (mm && (error_code & PF_INSTR) && mm->context.vdso) { + if (regs->ip == (unsigned long)vgettimeofday) { + regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, fallback_gettimeofday); @@ -21923,36 +22560,15 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault + } +#endif + + /* User mode accesses just cause a SIGSEGV */ + if (error_code & PF_USER) { + /* +@@ -722,6 +830,21 @@ __bad_area_nosemaphore(struct pt_regs *r + if (is_errata100(regs, address)) + return; + +#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) -+ if (mm && (error_code & PF_USER)) { -+ unsigned long ip = regs->ip; -+ -+ if (v8086_mode(regs)) -+ ip = ((regs->cs & 0xffff) << 4) + (ip & 0xffff); -+ -+ /* -+ * It's possible to have interrupts off here: -+ */ -+ local_irq_enable(); -+ -+#ifdef CONFIG_PAX_PAGEEXEC -+ if ((mm->pax_flags & MF_PAX_PAGEEXEC) && -+ ((nx_enabled && (error_code & PF_INSTR)) || (!(error_code & (PF_PROT | PF_WRITE)) && ip == address))) { -+ -+#ifdef CONFIG_PAX_EMUTRAMP -+ switch (pax_handle_fetch_fault(regs)) { -+ case 2: -+ return; -+ } -+#endif -+ -+ pax_report_fault(regs, (void *)ip, (void *)regs->sp); -+ do_group_exit(SIGKILL); -+ } -+#endif -+ -+#ifdef CONFIG_PAX_SEGMEXEC -+ if ((mm->pax_flags & MF_PAX_SEGMEXEC) && !(error_code & (PF_PROT | PF_WRITE)) && (ip + SEGMEXEC_TASK_SIZE == address)) { ++ if (pax_is_fetch_fault(regs, error_code, address)) { + +#ifdef CONFIG_PAX_EMUTRAMP + switch (pax_handle_fetch_fault(regs)) { @@ -21961,17 +22577,24 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault + } +#endif + -+ pax_report_fault(regs, (void *)ip, (void *)regs->sp); ++ pax_report_fault(regs, (void *)regs->ip, (void *)regs->sp); + do_group_exit(SIGKILL); + } +#endif + -+ } -+#endif + if (unlikely(show_unhandled_signals)) + show_signal_msg(regs, error_code, address, tsk); - /* User mode accesses just cause a SIGSEGV */ - if (error_code & PF_USER) { -@@ -857,6 +1008,99 @@ static int spurious_fault_check(unsigned +@@ -818,7 +941,7 @@ do_sigbus(struct pt_regs *regs, unsigned + if (fault & VM_FAULT_HWPOISON) { + printk(KERN_ERR + "MCE: Killing %s:%d due to hardware memory corruption fault at %lx\n", +- tsk->comm, tsk->pid, address); ++ tsk->comm, task_pid_nr(tsk), address); + code = BUS_MCEERR_AR; + } + #endif +@@ -857,6 +980,99 @@ static int spurious_fault_check(unsigned return 1; } @@ -22071,7 +22694,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault /* * Handle a spurious fault caused by a stale TLB entry. * -@@ -923,6 +1167,9 @@ int show_unhandled_signals = 1; +@@ -923,6 +1139,9 @@ int show_unhandled_signals = 1; static inline int access_error(unsigned long error_code, int write, struct vm_area_struct *vma) { @@ -22081,7 +22704,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault if (write) { /* write, present and write, not present: */ if (unlikely(!(vma->vm_flags & VM_WRITE))) -@@ -956,17 +1203,31 @@ do_page_fault(struct pt_regs *regs, unsi +@@ -956,17 +1175,31 @@ do_page_fault(struct pt_regs *regs, unsi { struct vm_area_struct *vma; struct task_struct *tsk; @@ -22117,7 +22740,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault /* * Detect and handle instructions that would cause a page fault for * both a tracked kernel page and a userspace page. -@@ -1026,7 +1287,7 @@ do_page_fault(struct pt_regs *regs, unsi +@@ -1026,7 +1259,7 @@ do_page_fault(struct pt_regs *regs, unsi * User-mode registers count as a user access even for any * potential system fault or CPU buglet: */ @@ -22126,7 +22749,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault local_irq_enable(); error_code |= PF_USER; } else { -@@ -1080,6 +1341,11 @@ do_page_fault(struct pt_regs *regs, unsi +@@ -1080,6 +1313,11 @@ do_page_fault(struct pt_regs *regs, unsi might_sleep(); } @@ -22138,7 +22761,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault vma = find_vma(mm, address); if (unlikely(!vma)) { bad_area(regs, error_code, address); -@@ -1091,18 +1357,24 @@ do_page_fault(struct pt_regs *regs, unsi +@@ -1091,18 +1329,24 @@ do_page_fault(struct pt_regs *regs, unsi bad_area(regs, error_code, address); return; } @@ -22162,23 +22785,54 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault + if (unlikely(address + 65536 + 32 * sizeof(unsigned long) < task_pt_regs(tsk)->sp)) { + bad_area(regs, error_code, address); + return; - } ++ } + +#ifdef CONFIG_PAX_SEGMEXEC + if (unlikely((mm->pax_flags & MF_PAX_SEGMEXEC) && vma->vm_end - SEGMEXEC_TASK_SIZE - 1 < address - SEGMEXEC_TASK_SIZE - 1)) { + bad_area(regs, error_code, address); + return; -+ } + } +#endif + if (unlikely(expand_stack(vma, address))) { bad_area(regs, error_code, address); return; -@@ -1146,3 +1418,199 @@ good_area: +@@ -1146,3 +1390,240 @@ good_area: up_read(&mm->mmap_sem); } + ++#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) ++static bool pax_is_fetch_fault(struct pt_regs *regs, unsigned long error_code, unsigned long address) ++{ ++ struct mm_struct *mm = current->mm; ++ unsigned long ip = regs->ip; ++ ++ if (v8086_mode(regs)) ++ ip = ((regs->cs & 0xffff) << 4) + (ip & 0xffff); ++ ++#ifdef CONFIG_PAX_PAGEEXEC ++ if (mm->pax_flags & MF_PAX_PAGEEXEC) { ++ if ((__supported_pte_mask & _PAGE_NX) && (error_code & PF_INSTR)) ++ return true; ++ if (!(error_code & (PF_PROT | PF_WRITE)) && ip == address) ++ return true; ++ return false; ++ } ++#endif ++ ++#ifdef CONFIG_PAX_SEGMEXEC ++ if (mm->pax_flags & MF_PAX_SEGMEXEC) { ++ if (!(error_code & (PF_PROT | PF_WRITE)) && (ip + SEGMEXEC_TASK_SIZE == address)) ++ return true; ++ return false; ++ } ++#endif ++ ++ return false; ++} ++#endif ++ +#ifdef CONFIG_PAX_EMUTRAMP +static int pax_handle_fetch_fault_32(struct pt_regs *regs) +{ @@ -22320,7 +22974,7 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault +#endif + +#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC) -+void pax_report_insns(void *pc, void *sp) ++void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) +{ + long i; + @@ -22337,14 +22991,24 @@ diff -urNp linux-2.6.32.48/arch/x86/mm/fault.c linux-2.6.32.48/arch/x86/mm/fault + printk(KERN_ERR "PAX: bytes at SP-%lu: ", (unsigned long)sizeof(long)); + for (i = -1; i < 80 / (long)sizeof(long); i++) { + unsigned long c; -+ if (get_user(c, (unsigned long __force_user *)sp+i)) ++ if (get_user(c, (unsigned long __force_user *)sp+i)) { +#ifdef CONFIG_X86_32 + printk(KERN_CONT "???????? "); +#else -+ printk(KERN_CONT "???????????????? "); ++ if ((regs->cs == __USER32_CS || (regs->cs & SEGMENT_LDT))) ++ printk(KERN_CONT "???????? ???????? "); ++ else ++ printk(KERN_CONT "???????????????? "); +#endif -+ else -+ printk(KERN_CONT "%0*lx ", 2 * (int)sizeof(long), c); ++ } else { ++#ifdef CONFIG_X86_64 ++ if ((regs->cs == __USER32_CS || (regs->cs & SEGMENT_LDT))) { ++ printk(KERN_CONT "%08x ", (unsigned int)c); ++ printk(KERN_CONT "%08x ", (unsigned int)(c >> 32)); ++ } else ++#endif ++ printk(KERN_CONT "%0*lx ", 2 * (int)sizeof(long), c); ++ } + } + printk("\n"); +} @@ -24556,7 +25220,7 @@ diff -urNp linux-2.6.32.48/arch/x86/vdso/vextern.h linux-2.6.32.48/arch/x86/vdso VEXTERN(vsyscall_gtod_data) diff -urNp linux-2.6.32.48/arch/x86/vdso/vma.c linux-2.6.32.48/arch/x86/vdso/vma.c --- linux-2.6.32.48/arch/x86/vdso/vma.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/arch/x86/vdso/vma.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/arch/x86/vdso/vma.c 2011-11-18 18:01:52.000000000 -0500 @@ -17,8 +17,6 @@ #include "vextern.h" /* Just for VMAGIC. */ #undef VEXTERN @@ -24605,17 +25269,27 @@ diff -urNp linux-2.6.32.48/arch/x86/vdso/vma.c linux-2.6.32.48/arch/x86/vdso/vma } __initcall(init_vdso_vars); -@@ -105,9 +98,6 @@ int arch_setup_additional_pages(struct l - unsigned long addr; +@@ -102,13 +95,15 @@ static unsigned long vdso_addr(unsigned + int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) + { + struct mm_struct *mm = current->mm; +- unsigned long addr; ++ unsigned long addr = 0; int ret; - if (!vdso_enabled) - return 0; - down_write(&mm->mmap_sem); ++ ++#ifdef CONFIG_PAX_RANDMMAP ++ if (!(mm->pax_flags & MF_PAX_RANDMMAP)) ++#endif ++ addr = vdso_addr(mm->start_stack, vdso_size); addr = get_unmapped_area(NULL, addr, vdso_size, 0, 0); -@@ -116,7 +106,7 @@ int arch_setup_additional_pages(struct l + if (IS_ERR_VALUE(addr)) { +@@ -116,7 +111,7 @@ int arch_setup_additional_pages(struct l goto up_fail; } @@ -24624,7 +25298,7 @@ diff -urNp linux-2.6.32.48/arch/x86/vdso/vma.c linux-2.6.32.48/arch/x86/vdso/vma ret = install_special_mapping(mm, addr, vdso_size, VM_READ|VM_EXEC| -@@ -124,7 +114,7 @@ int arch_setup_additional_pages(struct l +@@ -124,7 +119,7 @@ int arch_setup_additional_pages(struct l VM_ALWAYSDUMP, vdso_pages); if (ret) { @@ -24633,7 +25307,7 @@ diff -urNp linux-2.6.32.48/arch/x86/vdso/vma.c linux-2.6.32.48/arch/x86/vdso/vma goto up_fail; } -@@ -132,10 +122,3 @@ up_fail: +@@ -132,10 +127,3 @@ up_fail: up_write(&mm->mmap_sem); return ret; } @@ -25154,7 +25828,7 @@ diff -urNp linux-2.6.32.48/crypto/serpent.c linux-2.6.32.48/crypto/serpent.c for (i = 0; i < keylen; ++i) diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/dontdiff --- linux-2.6.32.48/Documentation/dontdiff 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/Documentation/dontdiff 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/Documentation/dontdiff 2011-11-18 18:01:52.000000000 -0500 @@ -1,13 +1,16 @@ *.a *.aux @@ -25212,7 +25886,16 @@ diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/ comp*.log compile.h* conf -@@ -97,19 +111,21 @@ elfconfig.h* +@@ -84,6 +98,8 @@ config + config-* + config_data.h* + config_data.gz* ++config.c ++config.tmp + conmakehash + consolemap_deftbl.c* + cpustr.h +@@ -97,19 +113,22 @@ elfconfig.h* fixdep fore200e_mkfirm fore200e_pca_fw.c* @@ -25232,10 +25915,11 @@ diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/ initramfs_list kallsyms -kconfig ++kern_constants.h keywords.c ksym.c* ksym.h* -@@ -133,7 +149,9 @@ mkboot +@@ -133,7 +152,9 @@ mkboot mkbugboot mkcpustr mkdep @@ -25245,7 +25929,7 @@ diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/ mktables mktree modpost -@@ -149,6 +167,7 @@ patches* +@@ -149,6 +170,7 @@ patches* pca200e.bin pca200e_ecd.bin2 piggy.gz @@ -25253,7 +25937,7 @@ diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/ piggyback pnmtologo ppc_defs.h* -@@ -157,12 +176,15 @@ qconf +@@ -157,12 +179,15 @@ qconf raid6altivec*.c raid6int*.c raid6tables.c @@ -25269,7 +25953,15 @@ diff -urNp linux-2.6.32.48/Documentation/dontdiff linux-2.6.32.48/Documentation/ sm_tbl* split-include syscalltab.h -@@ -186,14 +208,20 @@ version.h* +@@ -171,6 +196,7 @@ tftpboot.img + timeconst.h + times.h* + trix_boot.h ++user_constants.h + utsrelease.h* + vdso-syms.lds + vdso.lds +@@ -186,14 +212,20 @@ version.h* vmlinux vmlinux-* vmlinux.aout @@ -27165,7 +27857,7 @@ diff -urNp linux-2.6.32.48/drivers/atm/atmtcp.c linux-2.6.32.48/drivers/atm/atmt else dev_kfree_skb(skb); diff -urNp linux-2.6.32.48/drivers/atm/eni.c linux-2.6.32.48/drivers/atm/eni.c --- linux-2.6.32.48/drivers/atm/eni.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/drivers/atm/eni.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/atm/eni.c 2011-11-18 18:01:52.000000000 -0500 @@ -525,7 +525,7 @@ static int rx_aal0(struct atm_vcc *vcc) DPRINTK(DEV_LABEL "(itf %d): trashing empty cell\n", vcc->dev->number); @@ -27211,6 +27903,15 @@ diff -urNp linux-2.6.32.48/drivers/atm/eni.c linux-2.6.32.48/drivers/atm/eni.c wake_up(&eni_dev->tx_wait); dma_complete++; } +@@ -1570,7 +1570,7 @@ tx_complete++; + /*--------------------------------- entries ---------------------------------*/ + + +-static const char *media_name[] __devinitdata = { ++static const char *media_name[] __devinitconst = { + "MMF", "SMF", "MMF", "03?", /* 0- 3 */ + "UTP", "05?", "06?", "07?", /* 4- 7 */ + "TAXI","09?", "10?", "11?", /* 8-11 */ diff -urNp linux-2.6.32.48/drivers/atm/firestream.c linux-2.6.32.48/drivers/atm/firestream.c --- linux-2.6.32.48/drivers/atm/firestream.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/atm/firestream.c 2011-11-15 19:59:43.000000000 -0500 @@ -28976,6 +29677,18 @@ diff -urNp linux-2.6.32.48/drivers/char/keyboard.c linux-2.6.32.48/drivers/char/ }; MODULE_DEVICE_TABLE(input, kbd_ids); +diff -urNp linux-2.6.32.48/drivers/char/mbcs.c linux-2.6.32.48/drivers/char/mbcs.c +--- linux-2.6.32.48/drivers/char/mbcs.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/char/mbcs.c 2011-11-18 18:01:55.000000000 -0500 +@@ -799,7 +799,7 @@ static int mbcs_remove(struct cx_dev *de + return 0; + } + +-static const struct cx_device_id __devinitdata mbcs_id_table[] = { ++static const struct cx_device_id __devinitconst mbcs_id_table[] = { + { + .part_num = MBCS_PART_NUM, + .mfg_num = MBCS_MFG_NUM, diff -urNp linux-2.6.32.48/drivers/char/mem.c linux-2.6.32.48/drivers/char/mem.c --- linux-2.6.32.48/drivers/char/mem.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/char/mem.c 2011-11-15 19:59:43.000000000 -0500 @@ -29706,6 +30419,72 @@ diff -urNp linux-2.6.32.48/drivers/dma/ioat/dma.h linux-2.6.32.48/drivers/dma/io extern struct ioat_sysfs_entry ioat_version_attr; extern struct ioat_sysfs_entry ioat_cap_attr; #endif /* IOATDMA_H */ +diff -urNp linux-2.6.32.48/drivers/dma/ioat/dma_v3.c linux-2.6.32.48/drivers/dma/ioat/dma_v3.c +--- linux-2.6.32.48/drivers/dma/ioat/dma_v3.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/dma/ioat/dma_v3.c 2011-11-18 18:01:55.000000000 -0500 +@@ -71,10 +71,10 @@ + /* provide a lookup table for setting the source address in the base or + * extended descriptor of an xor or pq descriptor + */ +-static const u8 xor_idx_to_desc __read_mostly = 0xd0; +-static const u8 xor_idx_to_field[] __read_mostly = { 1, 4, 5, 6, 7, 0, 1, 2 }; +-static const u8 pq_idx_to_desc __read_mostly = 0xf8; +-static const u8 pq_idx_to_field[] __read_mostly = { 1, 4, 5, 0, 1, 2, 4, 5 }; ++static const u8 xor_idx_to_desc = 0xd0; ++static const u8 xor_idx_to_field[] = { 1, 4, 5, 6, 7, 0, 1, 2 }; ++static const u8 pq_idx_to_desc = 0xf8; ++static const u8 pq_idx_to_field[] = { 1, 4, 5, 0, 1, 2, 4, 5 }; + + static dma_addr_t xor_get_src(struct ioat_raw_descriptor *descs[2], int idx) + { +diff -urNp linux-2.6.32.48/drivers/edac/amd64_edac.c linux-2.6.32.48/drivers/edac/amd64_edac.c +--- linux-2.6.32.48/drivers/edac/amd64_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/amd64_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -3099,7 +3099,7 @@ static void __devexit amd64_remove_one_i + * PCI core identifies what devices are on a system during boot, and then + * inquiry this table to see if this driver is for a given device found. + */ +-static const struct pci_device_id amd64_pci_table[] __devinitdata = { ++static const struct pci_device_id amd64_pci_table[] __devinitconst = { + { + .vendor = PCI_VENDOR_ID_AMD, + .device = PCI_DEVICE_ID_AMD_K8_NB_MEMCTL, +diff -urNp linux-2.6.32.48/drivers/edac/amd76x_edac.c linux-2.6.32.48/drivers/edac/amd76x_edac.c +--- linux-2.6.32.48/drivers/edac/amd76x_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/amd76x_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -322,7 +322,7 @@ static void __devexit amd76x_remove_one( + edac_mc_free(mci); + } + +-static const struct pci_device_id amd76x_pci_tbl[] __devinitdata = { ++static const struct pci_device_id amd76x_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(AMD, FE_GATE_700C), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + AMD762}, +diff -urNp linux-2.6.32.48/drivers/edac/e752x_edac.c linux-2.6.32.48/drivers/edac/e752x_edac.c +--- linux-2.6.32.48/drivers/edac/e752x_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/e752x_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -1282,7 +1282,7 @@ static void __devexit e752x_remove_one(s + edac_mc_free(mci); + } + +-static const struct pci_device_id e752x_pci_tbl[] __devinitdata = { ++static const struct pci_device_id e752x_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 7520_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + E7520}, +diff -urNp linux-2.6.32.48/drivers/edac/e7xxx_edac.c linux-2.6.32.48/drivers/edac/e7xxx_edac.c +--- linux-2.6.32.48/drivers/edac/e7xxx_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/e7xxx_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -526,7 +526,7 @@ static void __devexit e7xxx_remove_one(s + edac_mc_free(mci); + } + +-static const struct pci_device_id e7xxx_pci_tbl[] __devinitdata = { ++static const struct pci_device_id e7xxx_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 7205_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + E7205}, diff -urNp linux-2.6.32.48/drivers/edac/edac_device_sysfs.c linux-2.6.32.48/drivers/edac/edac_device_sysfs.c --- linux-2.6.32.48/drivers/edac/edac_device_sysfs.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/edac/edac_device_sysfs.c 2011-11-15 19:59:43.000000000 -0500 @@ -29861,6 +30640,138 @@ diff -urNp linux-2.6.32.48/drivers/edac/edac_pci_sysfs.c linux-2.6.32.48/drivers panic("EDAC: PCI Parity Error"); } } +diff -urNp linux-2.6.32.48/drivers/edac/i3000_edac.c linux-2.6.32.48/drivers/edac/i3000_edac.c +--- linux-2.6.32.48/drivers/edac/i3000_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i3000_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -471,7 +471,7 @@ static void __devexit i3000_remove_one(s + edac_mc_free(mci); + } + +-static const struct pci_device_id i3000_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i3000_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 3000_HB), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + I3000}, +diff -urNp linux-2.6.32.48/drivers/edac/i3200_edac.c linux-2.6.32.48/drivers/edac/i3200_edac.c +--- linux-2.6.32.48/drivers/edac/i3200_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i3200_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -444,7 +444,7 @@ static void __devexit i3200_remove_one(s + edac_mc_free(mci); + } + +-static const struct pci_device_id i3200_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i3200_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 3200_HB), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + I3200}, +diff -urNp linux-2.6.32.48/drivers/edac/i5000_edac.c linux-2.6.32.48/drivers/edac/i5000_edac.c +--- linux-2.6.32.48/drivers/edac/i5000_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i5000_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -1516,7 +1516,7 @@ static void __devexit i5000_remove_one(s + * + * The "E500P" device is the first device supported. + */ +-static const struct pci_device_id i5000_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i5000_pci_tbl[] __devinitconst = { + {PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_I5000_DEV16), + .driver_data = I5000P}, + +diff -urNp linux-2.6.32.48/drivers/edac/i5100_edac.c linux-2.6.32.48/drivers/edac/i5100_edac.c +--- linux-2.6.32.48/drivers/edac/i5100_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i5100_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -944,7 +944,7 @@ static void __devexit i5100_remove_one(s + edac_mc_free(mci); + } + +-static const struct pci_device_id i5100_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i5100_pci_tbl[] __devinitconst = { + /* Device 16, Function 0, Channel 0 Memory Map, Error Flag/Mask, ... */ + { PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_5100_16) }, + { 0, } +diff -urNp linux-2.6.32.48/drivers/edac/i5400_edac.c linux-2.6.32.48/drivers/edac/i5400_edac.c +--- linux-2.6.32.48/drivers/edac/i5400_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i5400_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -1383,7 +1383,7 @@ static void __devexit i5400_remove_one(s + * + * The "E500P" device is the first device supported. + */ +-static const struct pci_device_id i5400_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i5400_pci_tbl[] __devinitconst = { + {PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_5400_ERR)}, + {0,} /* 0 terminated list. */ + }; +diff -urNp linux-2.6.32.48/drivers/edac/i82443bxgx_edac.c linux-2.6.32.48/drivers/edac/i82443bxgx_edac.c +--- linux-2.6.32.48/drivers/edac/i82443bxgx_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i82443bxgx_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -381,7 +381,7 @@ static void __devexit i82443bxgx_edacmc_ + + EXPORT_SYMBOL_GPL(i82443bxgx_edacmc_remove_one); + +-static const struct pci_device_id i82443bxgx_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i82443bxgx_pci_tbl[] __devinitconst = { + {PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_82443BX_0)}, + {PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_82443BX_2)}, + {PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_82443GX_0)}, +diff -urNp linux-2.6.32.48/drivers/edac/i82860_edac.c linux-2.6.32.48/drivers/edac/i82860_edac.c +--- linux-2.6.32.48/drivers/edac/i82860_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i82860_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -271,7 +271,7 @@ static void __devexit i82860_remove_one( + edac_mc_free(mci); + } + +-static const struct pci_device_id i82860_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i82860_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 82860_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + I82860}, +diff -urNp linux-2.6.32.48/drivers/edac/i82875p_edac.c linux-2.6.32.48/drivers/edac/i82875p_edac.c +--- linux-2.6.32.48/drivers/edac/i82875p_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i82875p_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -512,7 +512,7 @@ static void __devexit i82875p_remove_one + edac_mc_free(mci); + } + +-static const struct pci_device_id i82875p_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i82875p_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 82875_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + I82875P}, +diff -urNp linux-2.6.32.48/drivers/edac/i82975x_edac.c linux-2.6.32.48/drivers/edac/i82975x_edac.c +--- linux-2.6.32.48/drivers/edac/i82975x_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/i82975x_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -586,7 +586,7 @@ static void __devexit i82975x_remove_one + edac_mc_free(mci); + } + +-static const struct pci_device_id i82975x_pci_tbl[] __devinitdata = { ++static const struct pci_device_id i82975x_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, 82975_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + I82975X +diff -urNp linux-2.6.32.48/drivers/edac/r82600_edac.c linux-2.6.32.48/drivers/edac/r82600_edac.c +--- linux-2.6.32.48/drivers/edac/r82600_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/r82600_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -374,7 +374,7 @@ static void __devexit r82600_remove_one( + edac_mc_free(mci); + } + +-static const struct pci_device_id r82600_pci_tbl[] __devinitdata = { ++static const struct pci_device_id r82600_pci_tbl[] __devinitconst = { + { + PCI_DEVICE(PCI_VENDOR_ID_RADISYS, R82600_BRIDGE_ID) + }, +diff -urNp linux-2.6.32.48/drivers/edac/x38_edac.c linux-2.6.32.48/drivers/edac/x38_edac.c +--- linux-2.6.32.48/drivers/edac/x38_edac.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/edac/x38_edac.c 2011-11-18 18:01:55.000000000 -0500 +@@ -441,7 +441,7 @@ static void __devexit x38_remove_one(str + edac_mc_free(mci); + } + +-static const struct pci_device_id x38_pci_tbl[] __devinitdata = { ++static const struct pci_device_id x38_pci_tbl[] __devinitconst = { + { + PCI_VEND_DEV(INTEL, X38_HB), PCI_ANY_ID, PCI_ANY_ID, 0, 0, + X38}, diff -urNp linux-2.6.32.48/drivers/firewire/core-card.c linux-2.6.32.48/drivers/firewire/core-card.c --- linux-2.6.32.48/drivers/firewire/core-card.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/firewire/core-card.c 2011-11-15 19:59:43.000000000 -0500 @@ -31456,6 +32367,225 @@ diff -urNp linux-2.6.32.48/drivers/i2c/busses/i2c-nforce2-s4985.c linux-2.6.32.4 /* Wrapper access functions for multiplexed SMBus */ static DEFINE_MUTEX(nforce2_lock); +diff -urNp linux-2.6.32.48/drivers/ide/aec62xx.c linux-2.6.32.48/drivers/ide/aec62xx.c +--- linux-2.6.32.48/drivers/ide/aec62xx.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/aec62xx.c 2011-11-18 18:01:55.000000000 -0500 +@@ -180,7 +180,7 @@ static const struct ide_port_ops atp86x_ + .cable_detect = atp86x_cable_detect, + }; + +-static const struct ide_port_info aec62xx_chipsets[] __devinitdata = { ++static const struct ide_port_info aec62xx_chipsets[] __devinitconst = { + { /* 0: AEC6210 */ + .name = DRV_NAME, + .init_chipset = init_chipset_aec62xx, +diff -urNp linux-2.6.32.48/drivers/ide/alim15x3.c linux-2.6.32.48/drivers/ide/alim15x3.c +--- linux-2.6.32.48/drivers/ide/alim15x3.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/alim15x3.c 2011-11-18 18:01:55.000000000 -0500 +@@ -509,7 +509,7 @@ static const struct ide_dma_ops ali_dma_ + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info ali15x3_chipset __devinitdata = { ++static const struct ide_port_info ali15x3_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_ali15x3, + .init_hwif = init_hwif_ali15x3, +diff -urNp linux-2.6.32.48/drivers/ide/amd74xx.c linux-2.6.32.48/drivers/ide/amd74xx.c +--- linux-2.6.32.48/drivers/ide/amd74xx.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/amd74xx.c 2011-11-18 18:01:55.000000000 -0500 +@@ -221,7 +221,7 @@ static const struct ide_port_ops amd_por + .udma_mask = udma, \ + } + +-static const struct ide_port_info amd74xx_chipsets[] __devinitdata = { ++static const struct ide_port_info amd74xx_chipsets[] __devinitconst = { + /* 0: AMD7401 */ DECLARE_AMD_DEV(0x00, ATA_UDMA2), + /* 1: AMD7409 */ DECLARE_AMD_DEV(ATA_SWDMA2, ATA_UDMA4), + /* 2: AMD7411/7441 */ DECLARE_AMD_DEV(ATA_SWDMA2, ATA_UDMA5), +diff -urNp linux-2.6.32.48/drivers/ide/atiixp.c linux-2.6.32.48/drivers/ide/atiixp.c +--- linux-2.6.32.48/drivers/ide/atiixp.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/atiixp.c 2011-11-18 18:01:55.000000000 -0500 +@@ -137,7 +137,7 @@ static const struct ide_port_ops atiixp_ + .cable_detect = atiixp_cable_detect, + }; + +-static const struct ide_port_info atiixp_pci_info[] __devinitdata = { ++static const struct ide_port_info atiixp_pci_info[] __devinitconst = { + { /* 0: IXP200/300/400/700 */ + .name = DRV_NAME, + .enablebits = {{0x48,0x01,0x00}, {0x48,0x08,0x00}}, +diff -urNp linux-2.6.32.48/drivers/ide/cmd64x.c linux-2.6.32.48/drivers/ide/cmd64x.c +--- linux-2.6.32.48/drivers/ide/cmd64x.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/cmd64x.c 2011-11-18 18:01:55.000000000 -0500 +@@ -372,7 +372,7 @@ static const struct ide_dma_ops cmd646_r + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info cmd64x_chipsets[] __devinitdata = { ++static const struct ide_port_info cmd64x_chipsets[] __devinitconst = { + { /* 0: CMD643 */ + .name = DRV_NAME, + .init_chipset = init_chipset_cmd64x, +diff -urNp linux-2.6.32.48/drivers/ide/cs5520.c linux-2.6.32.48/drivers/ide/cs5520.c +--- linux-2.6.32.48/drivers/ide/cs5520.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/cs5520.c 2011-11-18 18:01:55.000000000 -0500 +@@ -93,7 +93,7 @@ static const struct ide_port_ops cs5520_ + .set_dma_mode = cs5520_set_dma_mode, + }; + +-static const struct ide_port_info cyrix_chipset __devinitdata = { ++static const struct ide_port_info cyrix_chipset __devinitconst = { + .name = DRV_NAME, + .enablebits = { { 0x60, 0x01, 0x01 }, { 0x60, 0x02, 0x02 } }, + .port_ops = &cs5520_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/cs5530.c linux-2.6.32.48/drivers/ide/cs5530.c +--- linux-2.6.32.48/drivers/ide/cs5530.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/cs5530.c 2011-11-18 18:01:55.000000000 -0500 +@@ -244,7 +244,7 @@ static const struct ide_port_ops cs5530_ + .udma_filter = cs5530_udma_filter, + }; + +-static const struct ide_port_info cs5530_chipset __devinitdata = { ++static const struct ide_port_info cs5530_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_cs5530, + .init_hwif = init_hwif_cs5530, +diff -urNp linux-2.6.32.48/drivers/ide/cs5535.c linux-2.6.32.48/drivers/ide/cs5535.c +--- linux-2.6.32.48/drivers/ide/cs5535.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/cs5535.c 2011-11-18 18:01:55.000000000 -0500 +@@ -170,7 +170,7 @@ static const struct ide_port_ops cs5535_ + .cable_detect = cs5535_cable_detect, + }; + +-static const struct ide_port_info cs5535_chipset __devinitdata = { ++static const struct ide_port_info cs5535_chipset __devinitconst = { + .name = DRV_NAME, + .port_ops = &cs5535_port_ops, + .host_flags = IDE_HFLAG_SINGLE | IDE_HFLAG_POST_SET_MODE, +diff -urNp linux-2.6.32.48/drivers/ide/cy82c693.c linux-2.6.32.48/drivers/ide/cy82c693.c +--- linux-2.6.32.48/drivers/ide/cy82c693.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/cy82c693.c 2011-11-18 18:01:55.000000000 -0500 +@@ -288,7 +288,7 @@ static const struct ide_port_ops cy82c69 + .set_dma_mode = cy82c693_set_dma_mode, + }; + +-static const struct ide_port_info cy82c693_chipset __devinitdata = { ++static const struct ide_port_info cy82c693_chipset __devinitconst = { + .name = DRV_NAME, + .init_iops = init_iops_cy82c693, + .port_ops = &cy82c693_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/hpt366.c linux-2.6.32.48/drivers/ide/hpt366.c +--- linux-2.6.32.48/drivers/ide/hpt366.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/hpt366.c 2011-11-18 18:01:55.000000000 -0500 +@@ -507,7 +507,7 @@ static struct hpt_timings hpt37x_timings + } + }; + +-static const struct hpt_info hpt36x __devinitdata = { ++static const struct hpt_info hpt36x __devinitconst = { + .chip_name = "HPT36x", + .chip_type = HPT36x, + .udma_mask = HPT366_ALLOW_ATA66_3 ? (HPT366_ALLOW_ATA66_4 ? ATA_UDMA4 : ATA_UDMA3) : ATA_UDMA2, +@@ -515,7 +515,7 @@ static const struct hpt_info hpt36x __de + .timings = &hpt36x_timings + }; + +-static const struct hpt_info hpt370 __devinitdata = { ++static const struct hpt_info hpt370 __devinitconst = { + .chip_name = "HPT370", + .chip_type = HPT370, + .udma_mask = HPT370_ALLOW_ATA100_5 ? ATA_UDMA5 : ATA_UDMA4, +@@ -523,7 +523,7 @@ static const struct hpt_info hpt370 __de + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt370a __devinitdata = { ++static const struct hpt_info hpt370a __devinitconst = { + .chip_name = "HPT370A", + .chip_type = HPT370A, + .udma_mask = HPT370_ALLOW_ATA100_5 ? ATA_UDMA5 : ATA_UDMA4, +@@ -531,7 +531,7 @@ static const struct hpt_info hpt370a __d + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt374 __devinitdata = { ++static const struct hpt_info hpt374 __devinitconst = { + .chip_name = "HPT374", + .chip_type = HPT374, + .udma_mask = ATA_UDMA5, +@@ -539,7 +539,7 @@ static const struct hpt_info hpt374 __de + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt372 __devinitdata = { ++static const struct hpt_info hpt372 __devinitconst = { + .chip_name = "HPT372", + .chip_type = HPT372, + .udma_mask = HPT372_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -547,7 +547,7 @@ static const struct hpt_info hpt372 __de + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt372a __devinitdata = { ++static const struct hpt_info hpt372a __devinitconst = { + .chip_name = "HPT372A", + .chip_type = HPT372A, + .udma_mask = HPT372_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -555,7 +555,7 @@ static const struct hpt_info hpt372a __d + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt302 __devinitdata = { ++static const struct hpt_info hpt302 __devinitconst = { + .chip_name = "HPT302", + .chip_type = HPT302, + .udma_mask = HPT302_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -563,7 +563,7 @@ static const struct hpt_info hpt302 __de + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt371 __devinitdata = { ++static const struct hpt_info hpt371 __devinitconst = { + .chip_name = "HPT371", + .chip_type = HPT371, + .udma_mask = HPT371_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -571,7 +571,7 @@ static const struct hpt_info hpt371 __de + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt372n __devinitdata = { ++static const struct hpt_info hpt372n __devinitconst = { + .chip_name = "HPT372N", + .chip_type = HPT372N, + .udma_mask = HPT372_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -579,7 +579,7 @@ static const struct hpt_info hpt372n __d + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt302n __devinitdata = { ++static const struct hpt_info hpt302n __devinitconst = { + .chip_name = "HPT302N", + .chip_type = HPT302N, + .udma_mask = HPT302_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -587,7 +587,7 @@ static const struct hpt_info hpt302n __d + .timings = &hpt37x_timings + }; + +-static const struct hpt_info hpt371n __devinitdata = { ++static const struct hpt_info hpt371n __devinitconst = { + .chip_name = "HPT371N", + .chip_type = HPT371N, + .udma_mask = HPT371_ALLOW_ATA133_6 ? ATA_UDMA6 : ATA_UDMA5, +@@ -1422,7 +1422,7 @@ static const struct ide_dma_ops hpt36x_d + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info hpt366_chipsets[] __devinitdata = { ++static const struct ide_port_info hpt366_chipsets[] __devinitconst = { + { /* 0: HPT36x */ + .name = DRV_NAME, + .init_chipset = init_chipset_hpt366, diff -urNp linux-2.6.32.48/drivers/ide/ide-cd.c linux-2.6.32.48/drivers/ide/ide-cd.c --- linux-2.6.32.48/drivers/ide/ide-cd.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/ide/ide-cd.c 2011-11-15 19:59:43.000000000 -0500 @@ -31480,6 +32610,174 @@ diff -urNp linux-2.6.32.48/drivers/ide/ide-floppy.c linux-2.6.32.48/drivers/ide/ ide_debug_log(IDE_DBG_FUNC, "enter"); drive->bios_cyl = 0; +diff -urNp linux-2.6.32.48/drivers/ide/ide-pci-generic.c linux-2.6.32.48/drivers/ide/ide-pci-generic.c +--- linux-2.6.32.48/drivers/ide/ide-pci-generic.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/ide-pci-generic.c 2011-11-18 18:01:55.000000000 -0500 +@@ -53,7 +53,7 @@ static const struct ide_port_ops netcell + .udma_mask = ATA_UDMA6, \ + } + +-static const struct ide_port_info generic_chipsets[] __devinitdata = { ++static const struct ide_port_info generic_chipsets[] __devinitconst = { + /* 0: Unknown */ + DECLARE_GENERIC_PCI_DEV(0), + +diff -urNp linux-2.6.32.48/drivers/ide/it8172.c linux-2.6.32.48/drivers/ide/it8172.c +--- linux-2.6.32.48/drivers/ide/it8172.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/it8172.c 2011-11-18 18:01:55.000000000 -0500 +@@ -115,7 +115,7 @@ static const struct ide_port_ops it8172_ + .set_dma_mode = it8172_set_dma_mode, + }; + +-static const struct ide_port_info it8172_port_info __devinitdata = { ++static const struct ide_port_info it8172_port_info __devinitconst = { + .name = DRV_NAME, + .port_ops = &it8172_port_ops, + .enablebits = { {0x41, 0x80, 0x80}, {0x00, 0x00, 0x00} }, +diff -urNp linux-2.6.32.48/drivers/ide/it8213.c linux-2.6.32.48/drivers/ide/it8213.c +--- linux-2.6.32.48/drivers/ide/it8213.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/it8213.c 2011-11-18 18:01:55.000000000 -0500 +@@ -156,7 +156,7 @@ static const struct ide_port_ops it8213_ + .cable_detect = it8213_cable_detect, + }; + +-static const struct ide_port_info it8213_chipset __devinitdata = { ++static const struct ide_port_info it8213_chipset __devinitconst = { + .name = DRV_NAME, + .enablebits = { {0x41, 0x80, 0x80} }, + .port_ops = &it8213_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/it821x.c linux-2.6.32.48/drivers/ide/it821x.c +--- linux-2.6.32.48/drivers/ide/it821x.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/it821x.c 2011-11-18 18:01:55.000000000 -0500 +@@ -627,7 +627,7 @@ static const struct ide_port_ops it821x_ + .cable_detect = it821x_cable_detect, + }; + +-static const struct ide_port_info it821x_chipset __devinitdata = { ++static const struct ide_port_info it821x_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_it821x, + .init_hwif = init_hwif_it821x, +diff -urNp linux-2.6.32.48/drivers/ide/jmicron.c linux-2.6.32.48/drivers/ide/jmicron.c +--- linux-2.6.32.48/drivers/ide/jmicron.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/jmicron.c 2011-11-18 18:01:55.000000000 -0500 +@@ -102,7 +102,7 @@ static const struct ide_port_ops jmicron + .cable_detect = jmicron_cable_detect, + }; + +-static const struct ide_port_info jmicron_chipset __devinitdata = { ++static const struct ide_port_info jmicron_chipset __devinitconst = { + .name = DRV_NAME, + .enablebits = { { 0x40, 0x01, 0x01 }, { 0x40, 0x10, 0x10 } }, + .port_ops = &jmicron_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/ns87415.c linux-2.6.32.48/drivers/ide/ns87415.c +--- linux-2.6.32.48/drivers/ide/ns87415.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/ns87415.c 2011-11-18 18:01:55.000000000 -0500 +@@ -293,7 +293,7 @@ static const struct ide_dma_ops ns87415_ + .dma_sff_read_status = superio_dma_sff_read_status, + }; + +-static const struct ide_port_info ns87415_chipset __devinitdata = { ++static const struct ide_port_info ns87415_chipset __devinitconst = { + .name = DRV_NAME, + .init_hwif = init_hwif_ns87415, + .tp_ops = &ns87415_tp_ops, +diff -urNp linux-2.6.32.48/drivers/ide/opti621.c linux-2.6.32.48/drivers/ide/opti621.c +--- linux-2.6.32.48/drivers/ide/opti621.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/opti621.c 2011-11-18 18:01:55.000000000 -0500 +@@ -202,7 +202,7 @@ static const struct ide_port_ops opti621 + .set_pio_mode = opti621_set_pio_mode, + }; + +-static const struct ide_port_info opti621_chipset __devinitdata = { ++static const struct ide_port_info opti621_chipset __devinitconst = { + .name = DRV_NAME, + .enablebits = { {0x45, 0x80, 0x00}, {0x40, 0x08, 0x00} }, + .port_ops = &opti621_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/pdc202xx_new.c linux-2.6.32.48/drivers/ide/pdc202xx_new.c +--- linux-2.6.32.48/drivers/ide/pdc202xx_new.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/pdc202xx_new.c 2011-11-18 18:01:55.000000000 -0500 +@@ -465,7 +465,7 @@ static const struct ide_port_ops pdcnew_ + .udma_mask = udma, \ + } + +-static const struct ide_port_info pdcnew_chipsets[] __devinitdata = { ++static const struct ide_port_info pdcnew_chipsets[] __devinitconst = { + /* 0: PDC202{68,70} */ DECLARE_PDCNEW_DEV(ATA_UDMA5), + /* 1: PDC202{69,71,75,76,77} */ DECLARE_PDCNEW_DEV(ATA_UDMA6), + }; +diff -urNp linux-2.6.32.48/drivers/ide/pdc202xx_old.c linux-2.6.32.48/drivers/ide/pdc202xx_old.c +--- linux-2.6.32.48/drivers/ide/pdc202xx_old.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/pdc202xx_old.c 2011-11-18 18:01:55.000000000 -0500 +@@ -285,7 +285,7 @@ static const struct ide_dma_ops pdc2026x + .max_sectors = sectors, \ + } + +-static const struct ide_port_info pdc202xx_chipsets[] __devinitdata = { ++static const struct ide_port_info pdc202xx_chipsets[] __devinitconst = { + { /* 0: PDC20246 */ + .name = DRV_NAME, + .init_chipset = init_chipset_pdc202xx, +diff -urNp linux-2.6.32.48/drivers/ide/piix.c linux-2.6.32.48/drivers/ide/piix.c +--- linux-2.6.32.48/drivers/ide/piix.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/piix.c 2011-11-18 18:01:55.000000000 -0500 +@@ -344,7 +344,7 @@ static const struct ide_port_ops ich_por + .udma_mask = udma, \ + } + +-static const struct ide_port_info piix_pci_info[] __devinitdata = { ++static const struct ide_port_info piix_pci_info[] __devinitconst = { + /* 0: MPIIX */ + { /* + * MPIIX actually has only a single IDE channel mapped to +diff -urNp linux-2.6.32.48/drivers/ide/rz1000.c linux-2.6.32.48/drivers/ide/rz1000.c +--- linux-2.6.32.48/drivers/ide/rz1000.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/rz1000.c 2011-11-18 18:01:55.000000000 -0500 +@@ -38,7 +38,7 @@ static int __devinit rz1000_disable_read + } + } + +-static const struct ide_port_info rz1000_chipset __devinitdata = { ++static const struct ide_port_info rz1000_chipset __devinitconst = { + .name = DRV_NAME, + .host_flags = IDE_HFLAG_NO_DMA, + }; +diff -urNp linux-2.6.32.48/drivers/ide/sc1200.c linux-2.6.32.48/drivers/ide/sc1200.c +--- linux-2.6.32.48/drivers/ide/sc1200.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/sc1200.c 2011-11-18 18:01:55.000000000 -0500 +@@ -290,7 +290,7 @@ static const struct ide_dma_ops sc1200_d + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info sc1200_chipset __devinitdata = { ++static const struct ide_port_info sc1200_chipset __devinitconst = { + .name = DRV_NAME, + .port_ops = &sc1200_port_ops, + .dma_ops = &sc1200_dma_ops, +diff -urNp linux-2.6.32.48/drivers/ide/scc_pata.c linux-2.6.32.48/drivers/ide/scc_pata.c +--- linux-2.6.32.48/drivers/ide/scc_pata.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/scc_pata.c 2011-11-18 18:01:55.000000000 -0500 +@@ -811,7 +811,7 @@ static const struct ide_dma_ops scc_dma_ + .dma_sff_read_status = scc_dma_sff_read_status, + }; + +-static const struct ide_port_info scc_chipset __devinitdata = { ++static const struct ide_port_info scc_chipset __devinitconst = { + .name = "sccIDE", + .init_iops = init_iops_scc, + .init_dma = scc_init_dma, +diff -urNp linux-2.6.32.48/drivers/ide/serverworks.c linux-2.6.32.48/drivers/ide/serverworks.c +--- linux-2.6.32.48/drivers/ide/serverworks.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/serverworks.c 2011-11-18 18:01:55.000000000 -0500 +@@ -353,7 +353,7 @@ static const struct ide_port_ops svwks_p + .cable_detect = svwks_cable_detect, + }; + +-static const struct ide_port_info serverworks_chipsets[] __devinitdata = { ++static const struct ide_port_info serverworks_chipsets[] __devinitconst = { + { /* 0: OSB4 */ + .name = DRV_NAME, + .init_chipset = init_chipset_svwks, diff -urNp linux-2.6.32.48/drivers/ide/setup-pci.c linux-2.6.32.48/drivers/ide/setup-pci.c --- linux-2.6.32.48/drivers/ide/setup-pci.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/ide/setup-pci.c 2011-11-15 19:59:43.000000000 -0500 @@ -31492,6 +32790,102 @@ diff -urNp linux-2.6.32.48/drivers/ide/setup-pci.c linux-2.6.32.48/drivers/ide/s for (i = 0; i < n_ports / 2; i++) { ret = ide_setup_pci_controller(pdev[i], d, !i); if (ret < 0) +diff -urNp linux-2.6.32.48/drivers/ide/siimage.c linux-2.6.32.48/drivers/ide/siimage.c +--- linux-2.6.32.48/drivers/ide/siimage.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/siimage.c 2011-11-18 18:01:55.000000000 -0500 +@@ -719,7 +719,7 @@ static const struct ide_dma_ops sil_dma_ + .udma_mask = ATA_UDMA6, \ + } + +-static const struct ide_port_info siimage_chipsets[] __devinitdata = { ++static const struct ide_port_info siimage_chipsets[] __devinitconst = { + /* 0: SiI680 */ DECLARE_SII_DEV(&sil_pata_port_ops), + /* 1: SiI3112 */ DECLARE_SII_DEV(&sil_sata_port_ops) + }; +diff -urNp linux-2.6.32.48/drivers/ide/sis5513.c linux-2.6.32.48/drivers/ide/sis5513.c +--- linux-2.6.32.48/drivers/ide/sis5513.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/sis5513.c 2011-11-18 18:01:55.000000000 -0500 +@@ -561,7 +561,7 @@ static const struct ide_port_ops sis_ata + .cable_detect = sis_cable_detect, + }; + +-static const struct ide_port_info sis5513_chipset __devinitdata = { ++static const struct ide_port_info sis5513_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_sis5513, + .enablebits = { {0x4a, 0x02, 0x02}, {0x4a, 0x04, 0x04} }, +diff -urNp linux-2.6.32.48/drivers/ide/sl82c105.c linux-2.6.32.48/drivers/ide/sl82c105.c +--- linux-2.6.32.48/drivers/ide/sl82c105.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/sl82c105.c 2011-11-18 18:01:55.000000000 -0500 +@@ -319,7 +319,7 @@ static const struct ide_dma_ops sl82c105 + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info sl82c105_chipset __devinitdata = { ++static const struct ide_port_info sl82c105_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_sl82c105, + .enablebits = {{0x40,0x01,0x01}, {0x40,0x10,0x10}}, +diff -urNp linux-2.6.32.48/drivers/ide/slc90e66.c linux-2.6.32.48/drivers/ide/slc90e66.c +--- linux-2.6.32.48/drivers/ide/slc90e66.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/slc90e66.c 2011-11-18 18:01:55.000000000 -0500 +@@ -131,7 +131,7 @@ static const struct ide_port_ops slc90e6 + .cable_detect = slc90e66_cable_detect, + }; + +-static const struct ide_port_info slc90e66_chipset __devinitdata = { ++static const struct ide_port_info slc90e66_chipset __devinitconst = { + .name = DRV_NAME, + .enablebits = { {0x41, 0x80, 0x80}, {0x43, 0x80, 0x80} }, + .port_ops = &slc90e66_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/tc86c001.c linux-2.6.32.48/drivers/ide/tc86c001.c +--- linux-2.6.32.48/drivers/ide/tc86c001.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/tc86c001.c 2011-11-18 18:01:55.000000000 -0500 +@@ -190,7 +190,7 @@ static const struct ide_dma_ops tc86c001 + .dma_sff_read_status = ide_dma_sff_read_status, + }; + +-static const struct ide_port_info tc86c001_chipset __devinitdata = { ++static const struct ide_port_info tc86c001_chipset __devinitconst = { + .name = DRV_NAME, + .init_hwif = init_hwif_tc86c001, + .port_ops = &tc86c001_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/triflex.c linux-2.6.32.48/drivers/ide/triflex.c +--- linux-2.6.32.48/drivers/ide/triflex.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/triflex.c 2011-11-18 18:01:55.000000000 -0500 +@@ -92,7 +92,7 @@ static const struct ide_port_ops triflex + .set_dma_mode = triflex_set_mode, + }; + +-static const struct ide_port_info triflex_device __devinitdata = { ++static const struct ide_port_info triflex_device __devinitconst = { + .name = DRV_NAME, + .enablebits = {{0x80, 0x01, 0x01}, {0x80, 0x02, 0x02}}, + .port_ops = &triflex_port_ops, +diff -urNp linux-2.6.32.48/drivers/ide/trm290.c linux-2.6.32.48/drivers/ide/trm290.c +--- linux-2.6.32.48/drivers/ide/trm290.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/trm290.c 2011-11-18 18:01:55.000000000 -0500 +@@ -324,7 +324,7 @@ static struct ide_dma_ops trm290_dma_ops + .dma_check = trm290_dma_check, + }; + +-static const struct ide_port_info trm290_chipset __devinitdata = { ++static const struct ide_port_info trm290_chipset __devinitconst = { + .name = DRV_NAME, + .init_hwif = init_hwif_trm290, + .tp_ops = &trm290_tp_ops, +diff -urNp linux-2.6.32.48/drivers/ide/via82cxxx.c linux-2.6.32.48/drivers/ide/via82cxxx.c +--- linux-2.6.32.48/drivers/ide/via82cxxx.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/ide/via82cxxx.c 2011-11-18 18:01:55.000000000 -0500 +@@ -374,7 +374,7 @@ static const struct ide_port_ops via_por + .cable_detect = via82cxxx_cable_detect, + }; + +-static const struct ide_port_info via82cxxx_chipset __devinitdata = { ++static const struct ide_port_info via82cxxx_chipset __devinitconst = { + .name = DRV_NAME, + .init_chipset = init_chipset_via82cxxx, + .enablebits = { { 0x40, 0x02, 0x02 }, { 0x40, 0x01, 0x01 } }, diff -urNp linux-2.6.32.48/drivers/ieee1394/dv1394.c linux-2.6.32.48/drivers/ieee1394/dv1394.c --- linux-2.6.32.48/drivers/ieee1394/dv1394.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/ieee1394/dv1394.c 2011-11-15 19:59:43.000000000 -0500 @@ -32750,6 +34144,18 @@ diff -urNp linux-2.6.32.48/drivers/lguest/x86/switcher_32.S linux-2.6.32.48/driv // Every interrupt can come to us here // But we must truly tell each apart. +diff -urNp linux-2.6.32.48/drivers/macintosh/macio_asic.c linux-2.6.32.48/drivers/macintosh/macio_asic.c +--- linux-2.6.32.48/drivers/macintosh/macio_asic.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/macintosh/macio_asic.c 2011-11-18 18:01:55.000000000 -0500 +@@ -701,7 +701,7 @@ static void __devexit macio_pci_remove(s + * MacIO is matched against any Apple ID, it's probe() function + * will then decide wether it applies or not + */ +-static const struct pci_device_id __devinitdata pci_ids [] = { { ++static const struct pci_device_id __devinitconst pci_ids [] = { { + .vendor = PCI_VENDOR_ID_APPLE, + .device = PCI_ANY_ID, + .subvendor = PCI_ANY_ID, diff -urNp linux-2.6.32.48/drivers/macintosh/via-pmu-backlight.c linux-2.6.32.48/drivers/macintosh/via-pmu-backlight.c --- linux-2.6.32.48/drivers/macintosh/via-pmu-backlight.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/macintosh/via-pmu-backlight.c 2011-11-15 19:59:43.000000000 -0500 @@ -33908,6 +35314,18 @@ diff -urNp linux-2.6.32.48/drivers/message/i2o/iop.c linux-2.6.32.48/drivers/mes INIT_LIST_HEAD(&c->context_list); #endif +diff -urNp linux-2.6.32.48/drivers/mfd/ab3100-core.c linux-2.6.32.48/drivers/mfd/ab3100-core.c +--- linux-2.6.32.48/drivers/mfd/ab3100-core.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/mfd/ab3100-core.c 2011-11-18 18:01:55.000000000 -0500 +@@ -777,7 +777,7 @@ struct ab_family_id { + char *name; + }; + +-static const struct ab_family_id ids[] __initdata = { ++static const struct ab_family_id ids[] __initconst = { + /* AB3100 */ + { + .id = 0xc0, diff -urNp linux-2.6.32.48/drivers/mfd/wm8350-i2c.c linux-2.6.32.48/drivers/mfd/wm8350-i2c.c --- linux-2.6.32.48/drivers/mfd/wm8350-i2c.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/mfd/wm8350-i2c.c 2011-11-15 19:59:43.000000000 -0500 @@ -34169,25 +35587,33 @@ diff -urNp linux-2.6.32.48/drivers/misc/sgi-gru/grutables.h linux-2.6.32.48/driv #ifdef CONFIG_SGI_GRU_DEBUG diff -urNp linux-2.6.32.48/drivers/misc/sgi-xp/xpc.h linux-2.6.32.48/drivers/misc/sgi-xp/xpc.h --- linux-2.6.32.48/drivers/misc/sgi-xp/xpc.h 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/drivers/misc/sgi-xp/xpc.h 2011-11-15 19:59:43.000000000 -0500 -@@ -876,7 +876,7 @@ extern struct xpc_registration xpc_regis ++++ linux-2.6.32.48/drivers/misc/sgi-xp/xpc.h 2011-11-18 18:05:51.000000000 -0500 +@@ -835,6 +835,7 @@ struct xpc_arch_operations { + void (*received_payload) (struct xpc_channel *, void *); + void (*notify_senders_of_disconnect) (struct xpc_channel *); + }; ++typedef struct xpc_arch_operations __no_const xpc_arch_operations_no_const; + + /* struct xpc_partition act_state values (for XPC HB) */ + +@@ -876,7 +877,7 @@ extern struct xpc_registration xpc_regis /* found in xpc_main.c */ extern struct device *xpc_part; extern struct device *xpc_chan; -extern struct xpc_arch_operations xpc_arch_ops; -+extern const struct xpc_arch_operations xpc_arch_ops; ++extern xpc_arch_operations_no_const xpc_arch_ops; extern int xpc_disengage_timelimit; extern int xpc_disengage_timedout; extern int xpc_activate_IRQ_rcvd; diff -urNp linux-2.6.32.48/drivers/misc/sgi-xp/xpc_main.c linux-2.6.32.48/drivers/misc/sgi-xp/xpc_main.c --- linux-2.6.32.48/drivers/misc/sgi-xp/xpc_main.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/drivers/misc/sgi-xp/xpc_main.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/misc/sgi-xp/xpc_main.c 2011-11-18 18:05:28.000000000 -0500 @@ -169,7 +169,7 @@ static struct notifier_block xpc_die_not .notifier_call = xpc_system_die, }; -struct xpc_arch_operations xpc_arch_ops; -+const struct xpc_arch_operations xpc_arch_ops; ++xpc_arch_operations_no_const xpc_arch_ops; /* * Timer function to enforce the timelimit on the partition disengage. @@ -34249,6 +35675,18 @@ diff -urNp linux-2.6.32.48/drivers/misc/sgi-xp/xp.h linux-2.6.32.48/drivers/misc extern struct xpc_interface xpc_interface; +diff -urNp linux-2.6.32.48/drivers/mmc/host/sdhci-pci.c linux-2.6.32.48/drivers/mmc/host/sdhci-pci.c +--- linux-2.6.32.48/drivers/mmc/host/sdhci-pci.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/mmc/host/sdhci-pci.c 2011-11-18 18:01:55.000000000 -0500 +@@ -297,7 +297,7 @@ static const struct sdhci_pci_fixes sdhc + .probe = via_probe, + }; + +-static const struct pci_device_id pci_ids[] __devinitdata = { ++static const struct pci_device_id pci_ids[] __devinitconst = { + { + .vendor = PCI_VENDOR_ID_RICOH, + .device = PCI_DEVICE_ID_RICOH_R5C822, diff -urNp linux-2.6.32.48/drivers/mtd/chips/cfi_cmdset_0001.c linux-2.6.32.48/drivers/mtd/chips/cfi_cmdset_0001.c --- linux-2.6.32.48/drivers/mtd/chips/cfi_cmdset_0001.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/mtd/chips/cfi_cmdset_0001.c 2011-11-15 19:59:43.000000000 -0500 @@ -34485,6 +35923,18 @@ diff -urNp linux-2.6.32.48/drivers/mtd/ubi/build.c linux-2.6.32.48/drivers/mtd/u } /** +diff -urNp linux-2.6.32.48/drivers/net/atlx/atl2.c linux-2.6.32.48/drivers/net/atlx/atl2.c +--- linux-2.6.32.48/drivers/net/atlx/atl2.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/atlx/atl2.c 2011-11-18 18:01:55.000000000 -0500 +@@ -2845,7 +2845,7 @@ static void atl2_force_ps(struct atl2_hw + */ + + #define ATL2_PARAM(X, desc) \ +- static const int __devinitdata X[ATL2_MAX_NIC + 1] = ATL2_PARAM_INIT; \ ++ static const int __devinitconst X[ATL2_MAX_NIC + 1] = ATL2_PARAM_INIT; \ + MODULE_PARM(X, "1-" __MODULE_STRING(ATL2_MAX_NIC) "i"); \ + MODULE_PARM_DESC(X, desc); + #else diff -urNp linux-2.6.32.48/drivers/net/bnx2.c linux-2.6.32.48/drivers/net/bnx2.c --- linux-2.6.32.48/drivers/net/bnx2.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/net/bnx2.c 2011-11-15 19:59:43.000000000 -0500 @@ -34712,6 +36162,18 @@ diff -urNp linux-2.6.32.48/drivers/net/e1000e/ich8lan.c linux-2.6.32.48/drivers/ .acquire_nvm = e1000_acquire_nvm_ich8lan, .read_nvm = e1000_read_nvm_ich8lan, .release_nvm = e1000_release_nvm_ich8lan, +diff -urNp linux-2.6.32.48/drivers/net/fealnx.c linux-2.6.32.48/drivers/net/fealnx.c +--- linux-2.6.32.48/drivers/net/fealnx.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/fealnx.c 2011-11-18 18:01:55.000000000 -0500 +@@ -151,7 +151,7 @@ struct chip_info { + int flags; + }; + +-static const struct chip_info skel_netdrv_tbl[] __devinitdata = { ++static const struct chip_info skel_netdrv_tbl[] __devinitconst = { + { "100/10M Ethernet PCI Adapter", HAS_MII_XCVR }, + { "100/10M Ethernet PCI Adapter", HAS_CHIP_XCVR }, + { "1000/100/10M Ethernet PCI Adapter", HAS_MII_XCVR }, diff -urNp linux-2.6.32.48/drivers/net/hamradio/6pack.c linux-2.6.32.48/drivers/net/hamradio/6pack.c --- linux-2.6.32.48/drivers/net/hamradio/6pack.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/net/hamradio/6pack.c 2011-11-15 19:59:43.000000000 -0500 @@ -35633,6 +37095,30 @@ diff -urNp linux-2.6.32.48/drivers/net/pcnet32.c linux-2.6.32.48/drivers/net/pcn } } else { if (netif_msg_link(lp)) +diff -urNp linux-2.6.32.48/drivers/net/sis190.c linux-2.6.32.48/drivers/net/sis190.c +--- linux-2.6.32.48/drivers/net/sis190.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/sis190.c 2011-11-18 18:01:55.000000000 -0500 +@@ -1598,7 +1598,7 @@ static int __devinit sis190_get_mac_addr + static int __devinit sis190_get_mac_addr_from_apc(struct pci_dev *pdev, + struct net_device *dev) + { +- static const u16 __devinitdata ids[] = { 0x0965, 0x0966, 0x0968 }; ++ static const u16 __devinitconst ids[] = { 0x0965, 0x0966, 0x0968 }; + struct sis190_private *tp = netdev_priv(dev); + struct pci_dev *isa_bridge; + u8 reg, tmp8; +diff -urNp linux-2.6.32.48/drivers/net/sundance.c linux-2.6.32.48/drivers/net/sundance.c +--- linux-2.6.32.48/drivers/net/sundance.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/sundance.c 2011-11-18 18:01:55.000000000 -0500 +@@ -225,7 +225,7 @@ enum { + struct pci_id_info { + const char *name; + }; +-static const struct pci_id_info pci_id_tbl[] __devinitdata = { ++static const struct pci_id_info pci_id_tbl[] __devinitconst = { + {"D-Link DFE-550TX FAST Ethernet Adapter"}, + {"D-Link DFE-550FX 100Mbps Fiber-optics Adapter"}, + {"D-Link DFE-580TX 4 port Server Adapter"}, diff -urNp linux-2.6.32.48/drivers/net/tg3.h linux-2.6.32.48/drivers/net/tg3.h --- linux-2.6.32.48/drivers/net/tg3.h 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/net/tg3.h 2011-11-15 19:59:43.000000000 -0500 @@ -35750,6 +37236,30 @@ diff -urNp linux-2.6.32.48/drivers/net/tulip/de4x5.c linux-2.6.32.48/drivers/net return -EFAULT; break; } +diff -urNp linux-2.6.32.48/drivers/net/tulip/eeprom.c linux-2.6.32.48/drivers/net/tulip/eeprom.c +--- linux-2.6.32.48/drivers/net/tulip/eeprom.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/tulip/eeprom.c 2011-11-18 18:01:55.000000000 -0500 +@@ -80,7 +80,7 @@ static struct eeprom_fixup eeprom_fixups + {NULL}}; + + +-static const char *block_name[] __devinitdata = { ++static const char *block_name[] __devinitconst = { + "21140 non-MII", + "21140 MII PHY", + "21142 Serial PHY", +diff -urNp linux-2.6.32.48/drivers/net/tulip/winbond-840.c linux-2.6.32.48/drivers/net/tulip/winbond-840.c +--- linux-2.6.32.48/drivers/net/tulip/winbond-840.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/net/tulip/winbond-840.c 2011-11-18 18:01:55.000000000 -0500 +@@ -235,7 +235,7 @@ struct pci_id_info { + int drv_flags; /* Driver use, intended as capability flags. */ + }; + +-static const struct pci_id_info pci_id_tbl[] __devinitdata = { ++static const struct pci_id_info pci_id_tbl[] __devinitconst = { + { /* Sometime a Level-One switch card. */ + "Winbond W89c840", CanHaveMII | HasBrokenTx | FDXOnNoMII}, + { "Winbond W89c840", CanHaveMII | HasBrokenTx}, diff -urNp linux-2.6.32.48/drivers/net/usb/hso.c linux-2.6.32.48/drivers/net/usb/hso.c --- linux-2.6.32.48/drivers/net/usb/hso.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/net/usb/hso.c 2011-11-15 19:59:43.000000000 -0500 @@ -37086,9 +38596,21 @@ diff -urNp linux-2.6.32.48/drivers/scsi/aacraid/commctrl.c linux-2.6.32.48/drive if (dev->in_reset) { dprintk((KERN_DEBUG"aacraid: send raw srb -EBUSY\n")); +diff -urNp linux-2.6.32.48/drivers/scsi/aacraid/linit.c linux-2.6.32.48/drivers/scsi/aacraid/linit.c +--- linux-2.6.32.48/drivers/scsi/aacraid/linit.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/scsi/aacraid/linit.c 2011-11-18 18:01:55.000000000 -0500 +@@ -91,7 +91,7 @@ static DECLARE_PCI_DEVICE_TABLE(aac_pci_ + #elif defined(__devinitconst) + static const struct pci_device_id aac_pci_tbl[] __devinitconst = { + #else +-static const struct pci_device_id aac_pci_tbl[] __devinitdata = { ++static const struct pci_device_id aac_pci_tbl[] __devinitconst = { + #endif + { 0x1028, 0x0001, 0x1028, 0x0001, 0, 0, 0 }, /* PERC 2/Si (Iguana/PERC2Si) */ + { 0x1028, 0x0002, 0x1028, 0x0002, 0, 0, 1 }, /* PERC 3/Di (Opal/PERC3Di) */ diff -urNp linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c --- linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c 2011-11-18 18:01:55.000000000 -0500 @@ -485,7 +485,7 @@ static ssize_t asd_show_update_bios(stru flash_error_table[i].reason); } @@ -37098,6 +38620,15 @@ diff -urNp linux-2.6.32.48/drivers/scsi/aic94xx/aic94xx_init.c linux-2.6.32.48/d asd_show_update_bios, asd_store_update_bios); static int asd_create_dev_attrs(struct asd_ha_struct *asd_ha) +@@ -1011,7 +1011,7 @@ static struct sas_domain_function_templa + .lldd_control_phy = asd_control_phy, + }; + +-static const struct pci_device_id aic94xx_pci_table[] __devinitdata = { ++static const struct pci_device_id aic94xx_pci_table[] __devinitconst = { + {PCI_DEVICE(PCI_VENDOR_ID_ADAPTEC2, 0x410),0, 0, 1}, + {PCI_DEVICE(PCI_VENDOR_ID_ADAPTEC2, 0x412),0, 0, 1}, + {PCI_DEVICE(PCI_VENDOR_ID_ADAPTEC2, 0x416),0, 0, 1}, diff -urNp linux-2.6.32.48/drivers/scsi/bfa/bfa_iocfc.h linux-2.6.32.48/drivers/scsi/bfa/bfa_iocfc.h --- linux-2.6.32.48/drivers/scsi/bfa/bfa_iocfc.h 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/scsi/bfa/bfa_iocfc.h 2011-11-15 19:59:43.000000000 -0500 @@ -38467,6 +39998,18 @@ diff -urNp linux-2.6.32.48/drivers/staging/octeon/ethernet-rx.c linux-2.6.32.48/ #endif dev_kfree_skb_irq(skb); } +diff -urNp linux-2.6.32.48/drivers/staging/otus/80211core/pub_zfi.h linux-2.6.32.48/drivers/staging/otus/80211core/pub_zfi.h +--- linux-2.6.32.48/drivers/staging/otus/80211core/pub_zfi.h 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/staging/otus/80211core/pub_zfi.h 2011-11-18 18:01:55.000000000 -0500 +@@ -531,7 +531,7 @@ struct zsCbFuncTbl + u8_t (*zfcbClassifyTxPacket)(zdev_t* dev, zbuf_t* buf); + + void (*zfcbHwWatchDogNotify)(zdev_t* dev); +-}; ++} __no_const; + + extern void zfZeroMemory(u8_t* va, u16_t length); + #define ZM_INIT_CB_FUNC_TABLE(p) zfZeroMemory((u8_t *)p, sizeof(struct zsCbFuncTbl)); diff -urNp linux-2.6.32.48/drivers/staging/panel/panel.c linux-2.6.32.48/drivers/staging/panel/panel.c --- linux-2.6.32.48/drivers/staging/panel/panel.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/staging/panel/panel.c 2011-11-15 19:59:43.000000000 -0500 @@ -39082,7 +40625,16 @@ diff -urNp linux-2.6.32.48/drivers/video/atmel_lcdfb.c linux-2.6.32.48/drivers/v }; diff -urNp linux-2.6.32.48/drivers/video/aty/aty128fb.c linux-2.6.32.48/drivers/video/aty/aty128fb.c --- linux-2.6.32.48/drivers/video/aty/aty128fb.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/drivers/video/aty/aty128fb.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/video/aty/aty128fb.c 2011-11-18 18:01:55.000000000 -0500 +@@ -149,7 +149,7 @@ enum { + }; + + /* Must match above enum */ +-static const char *r128_family[] __devinitdata = { ++static const char *r128_family[] __devinitconst = { + "AGP", + "PCI", + "PRO AGP", @@ -1787,7 +1787,7 @@ static int aty128_bl_get_brightness(stru return bd->props.brightness; } @@ -39417,6 +40969,39 @@ diff -urNp linux-2.6.32.48/drivers/video/fbmem.c linux-2.6.32.48/drivers/video/f return -EINVAL; if (!registered_fb[con2fb.framebuffer]) request_module("fb%d", con2fb.framebuffer); +diff -urNp linux-2.6.32.48/drivers/video/geode/gx1fb_core.c linux-2.6.32.48/drivers/video/geode/gx1fb_core.c +--- linux-2.6.32.48/drivers/video/geode/gx1fb_core.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/video/geode/gx1fb_core.c 2011-11-18 18:01:55.000000000 -0500 +@@ -30,7 +30,7 @@ static int crt_option = 1; + static char panel_option[32] = ""; + + /* Modes relevant to the GX1 (taken from modedb.c) */ +-static const struct fb_videomode __initdata gx1_modedb[] = { ++static const struct fb_videomode __initconst gx1_modedb[] = { + /* 640x480-60 VESA */ + { NULL, 60, 640, 480, 39682, 48, 16, 33, 10, 96, 2, + 0, FB_VMODE_NONINTERLACED, FB_MODE_IS_VESA }, +diff -urNp linux-2.6.32.48/drivers/video/gxt4500.c linux-2.6.32.48/drivers/video/gxt4500.c +--- linux-2.6.32.48/drivers/video/gxt4500.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/video/gxt4500.c 2011-11-18 18:01:55.000000000 -0500 +@@ -156,7 +156,7 @@ struct gxt4500_par { + static char *mode_option; + + /* default mode: 1280x1024 @ 60 Hz, 8 bpp */ +-static const struct fb_videomode defaultmode __devinitdata = { ++static const struct fb_videomode defaultmode __devinitconst = { + .refresh = 60, + .xres = 1280, + .yres = 1024, +@@ -581,7 +581,7 @@ static int gxt4500_blank(int blank, stru + return 0; + } + +-static const struct fb_fix_screeninfo gxt4500_fix __devinitdata = { ++static const struct fb_fix_screeninfo gxt4500_fix __devinitconst = { + .id = "IBM GXT4500P", + .type = FB_TYPE_PACKED_PIXELS, + .visual = FB_VISUAL_PSEUDOCOLOR, diff -urNp linux-2.6.32.48/drivers/video/i810/i810_accel.c linux-2.6.32.48/drivers/video/i810/i810_accel.c --- linux-2.6.32.48/drivers/video/i810/i810_accel.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/video/i810/i810_accel.c 2011-11-15 19:59:43.000000000 -0500 @@ -39428,6 +41013,18 @@ diff -urNp linux-2.6.32.48/drivers/video/i810/i810_accel.c linux-2.6.32.48/drive i810_report_error(mmio); par->dev_flags |= LOCKUP; info->pixmap.scan_align = 1; +diff -urNp linux-2.6.32.48/drivers/video/i810/i810_main.c linux-2.6.32.48/drivers/video/i810/i810_main.c +--- linux-2.6.32.48/drivers/video/i810/i810_main.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/drivers/video/i810/i810_main.c 2011-11-18 18:01:55.000000000 -0500 +@@ -97,7 +97,7 @@ static int i810fb_blank (int blank_ + static void i810fb_release_resource (struct fb_info *info, struct i810fb_par *par); + + /* PCI */ +-static const char *i810_pci_list[] __devinitdata = { ++static const char *i810_pci_list[] __devinitconst = { + "Intel(R) 810 Framebuffer Device" , + "Intel(R) 810-DC100 Framebuffer Device" , + "Intel(R) 810E Framebuffer Device" , diff -urNp linux-2.6.32.48/drivers/video/logo/logo_linux_clut224.ppm linux-2.6.32.48/drivers/video/logo/logo_linux_clut224.ppm --- linux-2.6.32.48/drivers/video/logo/logo_linux_clut224.ppm 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/drivers/video/logo/logo_linux_clut224.ppm 2011-11-15 19:59:43.000000000 -0500 @@ -42580,7 +44177,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_aout.c linux-2.6.32.48/fs/binfmt_aout.c up_write(¤t->mm->mmap_sem); diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c --- linux-2.6.32.48/fs/binfmt_elf.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/fs/binfmt_elf.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/fs/binfmt_elf.c 2011-11-18 18:51:56.000000000 -0500 @@ -50,6 +50,10 @@ static int elf_core_dump(long signr, str #define elf_core_dump NULL #endif @@ -43014,7 +44611,15 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -804,6 +1091,20 @@ static int load_elf_binary(struct linux_ +@@ -800,10 +1087,27 @@ static int load_elf_binary(struct linux_ + * might try to exec. This is because the brk will + * follow the loader, and is not movable. */ + #ifdef CONFIG_X86 +- load_bias = 0; ++ if (current->flags & PF_RANDOMIZE) ++ load_bias = 0; ++ else ++ load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #endif @@ -43035,7 +44640,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c } error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, -@@ -836,9 +1137,9 @@ static int load_elf_binary(struct linux_ +@@ -836,9 +1140,9 @@ static int load_elf_binary(struct linux_ * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -43048,7 +44653,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c /* set_brk can never work. Avoid overflows. */ send_sig(SIGKILL, current, 0); retval = -EINVAL; -@@ -866,6 +1167,11 @@ static int load_elf_binary(struct linux_ +@@ -866,6 +1170,11 @@ static int load_elf_binary(struct linux_ start_data += load_bias; end_data += load_bias; @@ -43060,7 +44665,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c /* Calling set_brk effectively mmaps the pages that we need * for the bss and break sections. We must do this before * mapping in the interpreter, to make sure it doesn't wind -@@ -877,9 +1183,11 @@ static int load_elf_binary(struct linux_ +@@ -877,9 +1186,11 @@ static int load_elf_binary(struct linux_ goto out_free_dentry; } if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -43075,7 +44680,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c } if (elf_interpreter) { -@@ -1112,8 +1420,10 @@ static int dump_seek(struct file *file, +@@ -1112,8 +1423,10 @@ static int dump_seek(struct file *file, unsigned long n = off; if (n > PAGE_SIZE) n = PAGE_SIZE; @@ -43087,7 +44692,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c off -= n; } free_page((unsigned long)buf); -@@ -1125,7 +1435,7 @@ static int dump_seek(struct file *file, +@@ -1125,7 +1438,7 @@ static int dump_seek(struct file *file, * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -43096,7 +44701,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1159,7 +1469,7 @@ static unsigned long vma_dump_size(struc +@@ -1159,7 +1472,7 @@ static unsigned long vma_dump_size(struc if (vma->vm_file == NULL) return 0; @@ -43105,7 +44710,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c goto whole; /* -@@ -1255,8 +1565,11 @@ static int writenote(struct memelfnote * +@@ -1255,8 +1568,11 @@ static int writenote(struct memelfnote * #undef DUMP_WRITE #define DUMP_WRITE(addr, nr) \ @@ -43118,7 +44723,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c static void fill_elf_header(struct elfhdr *elf, int segs, u16 machine, u32 flags, u8 osabi) -@@ -1385,9 +1698,9 @@ static void fill_auxv_note(struct memelf +@@ -1385,9 +1701,9 @@ static void fill_auxv_note(struct memelf { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -43130,7 +44735,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -1973,7 +2286,7 @@ static int elf_core_dump(long signr, str +@@ -1973,7 +2289,7 @@ static int elf_core_dump(long signr, str phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; @@ -43139,7 +44744,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c phdr.p_memsz = vma->vm_end - vma->vm_start; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; -@@ -2006,7 +2319,7 @@ static int elf_core_dump(long signr, str +@@ -2006,7 +2322,7 @@ static int elf_core_dump(long signr, str unsigned long addr; unsigned long end; @@ -43148,7 +44753,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { struct page *page; -@@ -2015,6 +2328,7 @@ static int elf_core_dump(long signr, str +@@ -2015,6 +2331,7 @@ static int elf_core_dump(long signr, str page = get_dump_page(addr); if (page) { void *kaddr = kmap(page); @@ -43156,7 +44761,7 @@ diff -urNp linux-2.6.32.48/fs/binfmt_elf.c linux-2.6.32.48/fs/binfmt_elf.c stop = ((size += PAGE_SIZE) > limit) || !dump_write(file, kaddr, PAGE_SIZE); kunmap(page); -@@ -2042,6 +2356,97 @@ out: +@@ -2042,6 +2359,97 @@ out: #endif /* USE_ELF_CORE_DUMP */ @@ -44381,7 +45986,7 @@ diff -urNp linux-2.6.32.48/fs/ecryptfs/inode.c linux-2.6.32.48/fs/ecryptfs/inode goto out_free; diff -urNp linux-2.6.32.48/fs/exec.c linux-2.6.32.48/fs/exec.c --- linux-2.6.32.48/fs/exec.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/fs/exec.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/fs/exec.c 2011-11-18 18:01:52.000000000 -0500 @@ -56,12 +56,24 @@ #include <linux/fsnotify.h> #include <linux/fs_struct.h> @@ -44812,7 +46417,7 @@ diff -urNp linux-2.6.32.48/fs/exec.c linux-2.6.32.48/fs/exec.c + task_uid(tsk), task_euid(tsk), pc, sp); + free_page((unsigned long)buffer_exec); + free_page((unsigned long)buffer_fault); -+ pax_report_insns(pc, sp); ++ pax_report_insns(regs, pc, sp); + do_coredump(SIGKILL, SIGKILL, regs); +} +#endif @@ -46861,6 +48466,61 @@ diff -urNp linux-2.6.32.48/fs/gfs2/sys.c linux-2.6.32.48/fs/gfs2/sys.c .uevent = gfs2_uevent, }; +diff -urNp linux-2.6.32.48/fs/hfs/btree.c linux-2.6.32.48/fs/hfs/btree.c +--- linux-2.6.32.48/fs/hfs/btree.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/fs/hfs/btree.c 2011-11-18 18:49:57.000000000 -0500 +@@ -45,11 +45,27 @@ struct hfs_btree *hfs_btree_open(struct + case HFS_EXT_CNID: + hfs_inode_read_fork(tree->inode, mdb->drXTExtRec, mdb->drXTFlSize, + mdb->drXTFlSize, be32_to_cpu(mdb->drXTClpSiz)); ++ ++ if (HFS_I(tree->inode)->alloc_blocks > ++ HFS_I(tree->inode)->first_blocks) { ++ printk(KERN_ERR "hfs: invalid btree extent records\n"); ++ unlock_new_inode(tree->inode); ++ goto free_inode; ++ } ++ + tree->inode->i_mapping->a_ops = &hfs_btree_aops; + break; + case HFS_CAT_CNID: + hfs_inode_read_fork(tree->inode, mdb->drCTExtRec, mdb->drCTFlSize, + mdb->drCTFlSize, be32_to_cpu(mdb->drCTClpSiz)); ++ ++ if (!HFS_I(tree->inode)->first_blocks) { ++ printk(KERN_ERR "hfs: invalid btree extent records " ++ "(0 size).\n"); ++ unlock_new_inode(tree->inode); ++ goto free_inode; ++ } ++ + tree->inode->i_mapping->a_ops = &hfs_btree_aops; + break; + default: +@@ -58,11 +74,6 @@ struct hfs_btree *hfs_btree_open(struct + } + unlock_new_inode(tree->inode); + +- if (!HFS_I(tree->inode)->first_blocks) { +- printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n"); +- goto free_inode; +- } +- + mapping = tree->inode->i_mapping; + page = read_mapping_page(mapping, 0, NULL); + if (IS_ERR(page)) +diff -urNp linux-2.6.32.48/fs/hfs/trans.c linux-2.6.32.48/fs/hfs/trans.c +--- linux-2.6.32.48/fs/hfs/trans.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/fs/hfs/trans.c 2011-11-18 18:37:06.000000000 -0500 +@@ -40,6 +40,8 @@ int hfs_mac2asc(struct super_block *sb, + + src = in->name; + srclen = in->len; ++ if (srclen > HFS_NAMELEN) ++ srclen = HFS_NAMELEN; + dst = out; + dstlen = HFS_MAX_NAMELEN; + if (nls_io) { diff -urNp linux-2.6.32.48/fs/hfsplus/catalog.c linux-2.6.32.48/fs/hfsplus/catalog.c --- linux-2.6.32.48/fs/hfsplus/catalog.c 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/fs/hfsplus/catalog.c 2011-11-15 19:59:43.000000000 -0500 @@ -49311,7 +50971,7 @@ diff -urNp linux-2.6.32.48/fs/proc/proc_net.c linux-2.6.32.48/fs/proc/proc_net.c task = pid_task(proc_pid(dir), PIDTYPE_PID); diff -urNp linux-2.6.32.48/fs/proc/proc_sysctl.c linux-2.6.32.48/fs/proc/proc_sysctl.c --- linux-2.6.32.48/fs/proc/proc_sysctl.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/fs/proc/proc_sysctl.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/fs/proc/proc_sysctl.c 2011-11-18 18:45:06.000000000 -0500 @@ -7,11 +7,13 @@ #include <linux/security.h> #include "internal.h" @@ -49378,7 +51038,12 @@ diff -urNp linux-2.6.32.48/fs/proc/proc_sysctl.c linux-2.6.32.48/fs/proc/proc_sy generic_fillattr(inode, stat); if (table) stat->mode = (stat->mode & S_IFMT) | table->mode; -@@ -362,13 +379,13 @@ static const struct file_operations proc +@@ -358,17 +375,18 @@ static const struct file_operations proc + }; + + static const struct file_operations proc_sys_dir_file_operations = { ++ .read = generic_read_dir, + .readdir = proc_sys_readdir, .llseek = generic_file_llseek, }; @@ -50524,6 +52189,30 @@ diff -urNp linux-2.6.32.48/fs/xfs/xfs_dir2_sf.c linux-2.6.32.48/fs/xfs/xfs_dir2_ off & 0x7fffffff, ino, DT_UNKNOWN)) { *offset = off & 0x7fffffff; return 0; +diff -urNp linux-2.6.32.48/fs/xfs/xfs_vnodeops.c linux-2.6.32.48/fs/xfs/xfs_vnodeops.c +--- linux-2.6.32.48/fs/xfs/xfs_vnodeops.c 2011-11-08 19:02:43.000000000 -0500 ++++ linux-2.6.32.48/fs/xfs/xfs_vnodeops.c 2011-11-18 18:59:38.000000000 -0500 +@@ -564,13 +564,17 @@ xfs_readlink( + + xfs_ilock(ip, XFS_ILOCK_SHARED); + +- ASSERT((ip->i_d.di_mode & S_IFMT) == S_IFLNK); +- ASSERT(ip->i_d.di_size <= MAXPATHLEN); +- + pathlen = ip->i_d.di_size; + if (!pathlen) + goto out; + ++ if (pathlen > MAXPATHLEN) { ++ xfs_fs_cmn_err(CE_ALERT, mp, "%s: inode (%llu) symlink length (%d) too long", ++ __func__, (unsigned long long)ip->i_ino, pathlen); ++ ASSERT(0); ++ return XFS_ERROR(EFSCORRUPTED); ++ } ++ + if (ip->i_df.if_flags & XFS_IFINLINE) { + memcpy(link, ip->i_df.if_u1.if_data, pathlen); + link[pathlen] = '\0'; diff -urNp linux-2.6.32.48/grsecurity/gracl_alloc.c linux-2.6.32.48/grsecurity/gracl_alloc.c --- linux-2.6.32.48/grsecurity/gracl_alloc.c 1969-12-31 19:00:00.000000000 -0500 +++ linux-2.6.32.48/grsecurity/gracl_alloc.c 2011-11-15 19:59:43.000000000 -0500 @@ -55989,8 +57678,8 @@ diff -urNp linux-2.6.32.48/grsecurity/gracl_res.c linux-2.6.32.48/grsecurity/gra +} diff -urNp linux-2.6.32.48/grsecurity/gracl_segv.c linux-2.6.32.48/grsecurity/gracl_segv.c --- linux-2.6.32.48/grsecurity/gracl_segv.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/grsecurity/gracl_segv.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,287 @@ ++++ linux-2.6.32.48/grsecurity/gracl_segv.c 2011-11-17 20:48:17.000000000 -0500 +@@ -0,0 +1,284 @@ +#include <linux/kernel.h> +#include <linux/mm.h> +#include <asm/uaccess.h> @@ -56157,7 +57846,6 @@ diff -urNp linux-2.6.32.48/grsecurity/gracl_segv.c linux-2.6.32.48/grsecurity/gr +gr_handle_crash(struct task_struct *task, const int sig) +{ + struct acl_subject_label *curr; -+ struct acl_subject_label *curr2; + struct task_struct *tsk, *tsk2; + const struct cred *cred; + const struct cred *cred2; @@ -56207,8 +57895,6 @@ diff -urNp linux-2.6.32.48/grsecurity/gracl_segv.c linux-2.6.32.48/grsecurity/gr + read_lock(&grsec_exec_file_lock); + do_each_thread(tsk2, tsk) { + if (likely(tsk != task)) { -+ curr2 = tsk->acl; -+ + // if this thread has the same subject as the one that triggered + // RES_CRASH and it's the same binary, kill it + if (tsk->acl == task->acl && tsk->exec_file == task->exec_file) @@ -63781,15 +65467,17 @@ diff -urNp linux-2.6.32.48/include/linux/oprofile.h linux-2.6.32.48/include/linu struct dentry * oprofilefs_mkdir(struct super_block * sb, struct dentry * root, diff -urNp linux-2.6.32.48/include/linux/pagemap.h linux-2.6.32.48/include/linux/pagemap.h --- linux-2.6.32.48/include/linux/pagemap.h 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/include/linux/pagemap.h 2011-11-15 19:59:43.000000000 -0500 -@@ -425,6 +425,7 @@ static inline int fault_in_pages_readabl ++++ linux-2.6.32.48/include/linux/pagemap.h 2011-11-18 18:01:55.000000000 -0500 +@@ -425,7 +425,9 @@ static inline int fault_in_pages_readabl if (((unsigned long)uaddr & PAGE_MASK) != ((unsigned long)end & PAGE_MASK)) ret = __get_user(c, end); + (void)c; } ++ (void)c; return ret; } + diff -urNp linux-2.6.32.48/include/linux/perf_event.h linux-2.6.32.48/include/linux/perf_event.h --- linux-2.6.32.48/include/linux/perf_event.h 2011-11-08 19:02:43.000000000 -0500 +++ linux-2.6.32.48/include/linux/perf_event.h 2011-11-15 19:59:43.000000000 -0500 @@ -64063,7 +65751,7 @@ diff -urNp linux-2.6.32.48/include/linux/rfkill.h linux-2.6.32.48/include/linux/ /** diff -urNp linux-2.6.32.48/include/linux/sched.h linux-2.6.32.48/include/linux/sched.h --- linux-2.6.32.48/include/linux/sched.h 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/include/linux/sched.h 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/include/linux/sched.h 2011-11-18 18:01:52.000000000 -0500 @@ -101,6 +101,7 @@ struct bio; struct fs_struct; struct bts_context; @@ -64255,7 +65943,7 @@ diff -urNp linux-2.6.32.48/include/linux/sched.h linux-2.6.32.48/include/linux/s +#endif + +extern void pax_report_fault(struct pt_regs *regs, void *pc, void *sp); -+extern void pax_report_insns(void *pc, void *sp); ++extern void pax_report_insns(struct pt_regs *regs, void *pc, void *sp); +extern void pax_report_refcount_overflow(struct pt_regs *regs); +extern NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) ATTRIB_NORET; + @@ -64913,8 +66601,8 @@ diff -urNp linux-2.6.32.48/include/linux/unaligned/access_ok.h linux-2.6.32.48/i static inline void put_unaligned_le16(u16 val, void *p) diff -urNp linux-2.6.32.48/include/linux/vermagic.h linux-2.6.32.48/include/linux/vermagic.h --- linux-2.6.32.48/include/linux/vermagic.h 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/include/linux/vermagic.h 2011-11-15 19:59:43.000000000 -0500 -@@ -26,9 +26,28 @@ ++++ linux-2.6.32.48/include/linux/vermagic.h 2011-11-18 18:09:44.000000000 -0500 +@@ -26,9 +26,35 @@ #define MODULE_ARCH_VERMAGIC "" #endif @@ -64930,6 +66618,12 @@ diff -urNp linux-2.6.32.48/include/linux/vermagic.h linux-2.6.32.48/include/linu +#define MODULE_CONSTIFY_PLUGIN "" +#endif + ++#ifdef STACKLEAK_PLUGIN ++#define MODULE_STACKLEAK_PLUGIN "STACKLEAK_PLUGIN " ++#else ++#define MODULE_STACKLEAK_PLUGIN "" ++#endif ++ +#ifdef CONFIG_GRKERNSEC +#define MODULE_GRSEC "GRSEC " +#else @@ -64942,7 +66636,8 @@ diff -urNp linux-2.6.32.48/include/linux/vermagic.h linux-2.6.32.48/include/linu MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \ - MODULE_ARCH_VERMAGIC + MODULE_ARCH_VERMAGIC \ -+ MODULE_PAX_REFCOUNT MODULE_CONSTIFY_PLUGIN MODULE_GRSEC ++ MODULE_PAX_REFCOUNT MODULE_CONSTIFY_PLUGIN MODULE_STACKLEAK_PLUGIN \ ++ MODULE_GRSEC diff -urNp linux-2.6.32.48/include/linux/vmalloc.h linux-2.6.32.48/include/linux/vmalloc.h --- linux-2.6.32.48/include/linux/vmalloc.h 2011-11-08 19:02:43.000000000 -0500 @@ -71117,7 +72812,7 @@ diff -urNp linux-2.6.32.48/localversion-grsec linux-2.6.32.48/localversion-grsec +-grsec diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile --- linux-2.6.32.48/Makefile 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/Makefile 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/Makefile 2011-11-18 18:07:45.000000000 -0500 @@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" HOSTCC = gcc @@ -71126,24 +72821,11 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile -HOSTCXXFLAGS = -O2 +HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks +HOSTCFLAGS += $(call cc-option, -Wno-empty-body) -+HOSTCXXFLAGS = -O2 -fno-delete-null-pointer-checks ++HOSTCXXFLAGS = -O2 -Wall -W -fno-delete-null-pointer-checks # Decide whether to build built-in, modular, or both. # Normally, just do built-in. -@@ -342,10 +343,12 @@ LINUXINCLUDE := -Iinclude \ - KBUILD_CPPFLAGS := -D__KERNEL__ - - KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \ -+ -W -Wno-unused-parameter -Wno-missing-field-initializers \ - -fno-strict-aliasing -fno-common \ - -Werror-implicit-function-declaration \ - -Wno-format-security \ - -fno-delete-null-pointer-checks -+KBUILD_CFLAGS += $(call cc-option, -Wno-empty-body) - KBUILD_AFLAGS := -D__ASSEMBLY__ - - # Read KERNELRELEASE from include/config/kernel.release (if it exists) -@@ -376,8 +379,8 @@ export RCS_TAR_IGNORE := --exclude SCCS +@@ -376,8 +377,8 @@ export RCS_TAR_IGNORE := --exclude SCCS # Rules shared between *config targets and build targets # Basic helpers built in scripts/ @@ -71154,7 +72836,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile $(Q)$(MAKE) $(build)=scripts/basic # To avoid any implicit rule to kick in, define an empty command. -@@ -403,7 +406,7 @@ endif +@@ -403,7 +404,7 @@ endif # of make so .config is not included in this case either (for *config). no-dot-config-targets := clean mrproper distclean \ @@ -71163,14 +72845,15 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile include/linux/version.h headers_% \ kernelrelease kernelversion -@@ -526,6 +529,36 @@ else +@@ -526,6 +527,37 @@ else KBUILD_CFLAGS += -O2 endif +ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y) +CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN +ifdef CONFIG_PAX_MEMORY_STACKLEAK -+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -fplugin-arg-stackleak_plugin-track-lowest-sp=100 ++STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN ++STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 +endif +ifdef CONFIG_KALLOCSTAT_PLUGIN +KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so @@ -71200,7 +72883,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile include $(srctree)/arch/$(SRCARCH)/Makefile ifneq ($(CONFIG_FRAME_WARN),0) -@@ -644,7 +677,7 @@ export mod_strip_cmd +@@ -644,7 +676,7 @@ export mod_strip_cmd ifeq ($(KBUILD_EXTMOD),) @@ -71209,7 +72892,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -@@ -865,6 +898,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-mai +@@ -865,6 +897,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-mai # The actual objects are generated when descending, # make sure no implicit rule kicks in @@ -71217,7 +72900,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; # Handle descending into subdirectories listed in $(vmlinux-dirs) -@@ -874,7 +908,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) +@@ -874,7 +907,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) # Error messages still appears in the original language PHONY += $(vmlinux-dirs) @@ -71226,7 +72909,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile $(Q)$(MAKE) $(build)=$@ # Build the kernel release string -@@ -983,6 +1017,7 @@ prepare0: archprepare FORCE +@@ -983,6 +1016,7 @@ prepare0: archprepare FORCE $(Q)$(MAKE) $(build)=. missing-syscalls # All the preparing.. @@ -71234,7 +72917,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile prepare: prepare0 # The asm symlink changes when $(ARCH) changes. -@@ -1124,6 +1159,7 @@ all: modules +@@ -1124,6 +1158,7 @@ all: modules # using awk while concatenating to the final file. PHONY += modules @@ -71242,7 +72925,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order @$(kecho) ' Building modules, stage 2.'; -@@ -1133,7 +1169,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_B +@@ -1133,7 +1168,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_B # Target to prepare building external modules PHONY += modules_prepare @@ -71251,7 +72934,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile # Target to install modules PHONY += modules_install -@@ -1198,7 +1234,7 @@ MRPROPER_FILES += .config .config.old in +@@ -1198,7 +1233,7 @@ MRPROPER_FILES += .config .config.old in include/linux/autoconf.h include/linux/version.h \ include/linux/utsrelease.h \ include/linux/bounds.h include/asm*/asm-offsets.h \ @@ -71260,7 +72943,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile # clean - Delete most, but leave enough to build external modules # -@@ -1242,7 +1278,7 @@ distclean: mrproper +@@ -1242,7 +1277,7 @@ distclean: mrproper @find $(srctree) $(RCS_FIND_IGNORE) \ \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ @@ -71269,7 +72952,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ -type f -print | xargs rm -f -@@ -1289,6 +1325,7 @@ help: +@@ -1289,6 +1324,7 @@ help: @echo ' modules_prepare - Set up for building external modules' @echo ' tags/TAGS - Generate tags file for editors' @echo ' cscope - Generate cscope index' @@ -71277,7 +72960,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile @echo ' kernelrelease - Output the release version string' @echo ' kernelversion - Output the version stored in Makefile' @echo ' headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH'; \ -@@ -1390,6 +1427,7 @@ PHONY += $(module-dirs) modules +@@ -1390,6 +1426,7 @@ PHONY += $(module-dirs) modules $(module-dirs): crmodverdir $(objtree)/Module.symvers $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) @@ -71285,7 +72968,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile modules: $(module-dirs) @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost -@@ -1445,7 +1483,7 @@ endif # KBUILD_EXTMOD +@@ -1445,7 +1482,7 @@ endif # KBUILD_EXTMOD quiet_cmd_tags = GEN $@ cmd_tags = $(CONFIG_SHELL) $(srctree)/scripts/tags.sh $@ @@ -71294,7 +72977,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile $(call cmd,tags) # Scripts to check various things for consistency -@@ -1510,17 +1548,19 @@ else +@@ -1510,17 +1547,19 @@ else target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) endif @@ -71318,7 +73001,7 @@ diff -urNp linux-2.6.32.48/Makefile linux-2.6.32.48/Makefile $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) %.symtypes: %.c prepare scripts FORCE $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) -@@ -1530,11 +1570,13 @@ endif +@@ -1530,11 +1569,13 @@ endif $(cmd_crmodverdir) $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ $(build)=$(build-dir) @@ -74197,7 +75880,7 @@ diff -urNp linux-2.6.32.48/mm/shmem.c linux-2.6.32.48/mm/shmem.c diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c --- linux-2.6.32.48/mm/slab.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/mm/slab.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/mm/slab.c 2011-11-18 18:01:52.000000000 -0500 @@ -174,7 +174,7 @@ /* Legal flag mask for kmem_cache_create(). */ @@ -74291,7 +75974,7 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c seq_printf(m, " : cpustat %6lu %6lu %6lu %6lu", allochit, allocmiss, freehit, freemiss); -@@ -4471,15 +4471,66 @@ static const struct file_operations proc +@@ -4471,15 +4471,70 @@ static const struct file_operations proc static int __init slab_proc_init(void) { @@ -74321,10 +76004,12 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c + struct slab *slabp; + unsigned int objnr; + unsigned long offset; ++ const char *type; + + if (!n) + return; + ++ type = "<null>"; + if (ZERO_OR_NULL_PTR(ptr)) + goto report; + @@ -74333,6 +76018,7 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c + + page = virt_to_head_page(ptr); + ++ type = "<process stack>"; + if (!PageSlab(page)) { + if (object_is_on_stack(ptr, n) == -1) + goto report; @@ -74340,6 +76026,7 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c + } + + cachep = page_get_cache(page); ++ type = cachep->name; + if (!(cachep->flags & SLAB_USERCOPY)) + goto report; + @@ -74351,7 +76038,7 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c + return; + +report: -+ pax_report_usercopy(ptr, n, to, cachep ? cachep->name : NULL); ++ pax_report_usercopy(ptr, n, to, type); +#endif + +} @@ -74362,7 +76049,7 @@ diff -urNp linux-2.6.32.48/mm/slab.c linux-2.6.32.48/mm/slab.c * @objp: Pointer to the object diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c --- linux-2.6.32.48/mm/slob.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/mm/slob.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/mm/slob.c 2011-11-18 18:01:52.000000000 -0500 @@ -29,7 +29,7 @@ * If kmalloc is asked for objects of PAGE_SIZE or larger, it calls * alloc_pages() directly, allocating compound pages so the page order @@ -74511,7 +76198,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c return ret; } EXPORT_SYMBOL(__kmalloc_node); -@@ -528,13 +542,88 @@ void kfree(const void *block) +@@ -528,13 +542,92 @@ void kfree(const void *block) sp = slob_page(block); if (is_slob_page(sp)) { int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); @@ -74537,16 +76224,19 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c + const slob_t *free; + const void *base; + unsigned long flags; ++ const char *type; + + if (!n) + return; + ++ type = "<null>"; + if (ZERO_OR_NULL_PTR(ptr)) + goto report; + + if (!virt_addr_valid(ptr)) + return; + ++ type = "<process stack>"; + sp = slob_page(ptr); + if (!PageSlab((struct page*)sp)) { + if (object_is_on_stack(ptr, n) == -1) @@ -74554,6 +76244,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c + return; + } + ++ type = "<slob>"; + if (sp->size) { + base = page_address(&sp->page); + if (base <= ptr && n <= sp->size - (ptr - base)) @@ -74594,7 +76285,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c + + spin_unlock_irqrestore(&slob_lock, flags); +report: -+ pax_report_usercopy(ptr, n, to, NULL); ++ pax_report_usercopy(ptr, n, to, type); +#endif + +} @@ -74603,7 +76294,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c /* can't use ksize for kmem_cache_alloc memory, only kmalloc */ size_t ksize(const void *block) { -@@ -547,10 +636,10 @@ size_t ksize(const void *block) +@@ -547,10 +640,10 @@ size_t ksize(const void *block) sp = slob_page(block); if (is_slob_page(sp)) { int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); @@ -74617,7 +76308,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c } EXPORT_SYMBOL(ksize); -@@ -566,8 +655,13 @@ struct kmem_cache *kmem_cache_create(con +@@ -566,8 +659,13 @@ struct kmem_cache *kmem_cache_create(con { struct kmem_cache *c; @@ -74631,7 +76322,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c if (c) { c->name = name; -@@ -605,17 +699,25 @@ void *kmem_cache_alloc_node(struct kmem_ +@@ -605,17 +703,25 @@ void *kmem_cache_alloc_node(struct kmem_ { void *b; @@ -74657,7 +76348,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c if (c->ctor) c->ctor(b); -@@ -627,10 +729,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); +@@ -627,10 +733,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); static void __kmem_cache_free(void *b, int size) { @@ -74676,7 +76367,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c } static void kmem_rcu_free(struct rcu_head *head) -@@ -643,18 +751,32 @@ static void kmem_rcu_free(struct rcu_hea +@@ -643,18 +755,32 @@ static void kmem_rcu_free(struct rcu_hea void kmem_cache_free(struct kmem_cache *c, void *b) { @@ -74714,7 +76405,7 @@ diff -urNp linux-2.6.32.48/mm/slob.c linux-2.6.32.48/mm/slob.c diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c --- linux-2.6.32.48/mm/slub.c 2011-11-08 19:02:43.000000000 -0500 -+++ linux-2.6.32.48/mm/slub.c 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/mm/slub.c 2011-11-18 18:01:52.000000000 -0500 @@ -201,7 +201,7 @@ struct track { enum track_item { TRACK_ALLOC, TRACK_FREE }; @@ -74785,7 +76476,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c /* * This function is called with IRQs disabled during early-boot on -@@ -2915,6 +2914,46 @@ void *__kmalloc_node(size_t size, gfp_t +@@ -2915,6 +2914,50 @@ void *__kmalloc_node(size_t size, gfp_t EXPORT_SYMBOL(__kmalloc_node); #endif @@ -74796,10 +76487,12 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c + struct page *page; + struct kmem_cache *s = NULL; + unsigned long offset; ++ const char *type; + + if (!n) + return; + ++ type = "<null>"; + if (ZERO_OR_NULL_PTR(ptr)) + goto report; + @@ -74808,6 +76501,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c + + page = get_object_page(ptr); + ++ type = "<process stack>"; + if (!page) { + if (object_is_on_stack(ptr, n) == -1) + goto report; @@ -74815,6 +76509,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c + } + + s = page->slab; ++ type = s->name; + if (!(s->flags & SLAB_USERCOPY)) + goto report; + @@ -74823,7 +76518,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c + return; + +report: -+ pax_report_usercopy(ptr, n, to, s ? s->name : NULL); ++ pax_report_usercopy(ptr, n, to, type); +#endif + +} @@ -74832,7 +76527,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c size_t ksize(const void *object) { struct page *page; -@@ -3185,8 +3224,8 @@ void __init kmem_cache_init(void) +@@ -3185,8 +3228,8 @@ void __init kmem_cache_init(void) * kmem_cache_open for slab_state == DOWN. */ create_kmalloc_cache(&kmalloc_caches[0], "kmem_cache_node", @@ -74843,7 +76538,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c caches++; hotplug_memory_notifier(slab_memory_callback, SLAB_CALLBACK_PRI); -@@ -3198,18 +3237,18 @@ void __init kmem_cache_init(void) +@@ -3198,18 +3241,18 @@ void __init kmem_cache_init(void) /* Caches that are not of the two-to-the-power-of size */ if (KMALLOC_MIN_SIZE <= 32) { create_kmalloc_cache(&kmalloc_caches[1], @@ -74865,7 +76560,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c caches++; } -@@ -3293,7 +3332,7 @@ static int slab_unmergeable(struct kmem_ +@@ -3293,7 +3336,7 @@ static int slab_unmergeable(struct kmem_ /* * We may have set a slab to be unmergeable during bootstrap. */ @@ -74874,7 +76569,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c return 1; return 0; -@@ -3353,7 +3392,7 @@ struct kmem_cache *kmem_cache_create(con +@@ -3353,7 +3396,7 @@ struct kmem_cache *kmem_cache_create(con if (s) { int cpu; @@ -74883,7 +76578,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c /* * Adjust the object sizes so that we clear * the complete object on kzalloc. -@@ -3372,7 +3411,7 @@ struct kmem_cache *kmem_cache_create(con +@@ -3372,7 +3415,7 @@ struct kmem_cache *kmem_cache_create(con if (sysfs_slab_alias(s, name)) { down_write(&slub_lock); @@ -74892,7 +76587,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c up_write(&slub_lock); goto err; } -@@ -4101,7 +4140,7 @@ SLAB_ATTR_RO(ctor); +@@ -4101,7 +4144,7 @@ SLAB_ATTR_RO(ctor); static ssize_t aliases_show(struct kmem_cache *s, char *buf) { @@ -74901,7 +76596,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c } SLAB_ATTR_RO(aliases); -@@ -4503,7 +4542,7 @@ static void kmem_cache_release(struct ko +@@ -4503,7 +4546,7 @@ static void kmem_cache_release(struct ko kfree(s); } @@ -74910,7 +76605,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c .show = slab_attr_show, .store = slab_attr_store, }; -@@ -4522,7 +4561,7 @@ static int uevent_filter(struct kset *ks +@@ -4522,7 +4565,7 @@ static int uevent_filter(struct kset *ks return 0; } @@ -74919,7 +76614,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c .filter = uevent_filter, }; -@@ -4564,6 +4603,7 @@ static char *create_unique_id(struct kme +@@ -4564,6 +4607,7 @@ static char *create_unique_id(struct kme return name; } @@ -74927,7 +76622,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c static int sysfs_slab_add(struct kmem_cache *s) { int err; -@@ -4619,6 +4659,7 @@ static void sysfs_slab_remove(struct kme +@@ -4619,6 +4663,7 @@ static void sysfs_slab_remove(struct kme kobject_del(&s->kobj); kobject_put(&s->kobj); } @@ -74935,7 +76630,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c /* * Need to buffer aliases during bootup until sysfs becomes -@@ -4632,6 +4673,7 @@ struct saved_alias { +@@ -4632,6 +4677,7 @@ struct saved_alias { static struct saved_alias *alias_list; @@ -74943,7 +76638,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c static int sysfs_slab_alias(struct kmem_cache *s, const char *name) { struct saved_alias *al; -@@ -4654,6 +4696,7 @@ static int sysfs_slab_alias(struct kmem_ +@@ -4654,6 +4700,7 @@ static int sysfs_slab_alias(struct kmem_ alias_list = al; return 0; } @@ -74951,7 +76646,7 @@ diff -urNp linux-2.6.32.48/mm/slub.c linux-2.6.32.48/mm/slub.c static int __init slab_sysfs_init(void) { -@@ -4785,7 +4828,13 @@ static const struct file_operations proc +@@ -4785,7 +4832,13 @@ static const struct file_operations proc static int __init slab_proc_init(void) { @@ -80939,8 +82634,8 @@ diff -urNp linux-2.6.32.48/sound/usb/usbaudio.c linux-2.6.32.48/sound/usb/usbaud } diff -urNp linux-2.6.32.48/tools/gcc/checker_plugin.c linux-2.6.32.48/tools/gcc/checker_plugin.c --- linux-2.6.32.48/tools/gcc/checker_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/checker_plugin.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,169 @@ ++++ linux-2.6.32.48/tools/gcc/checker_plugin.c 2011-11-18 18:01:52.000000000 -0500 +@@ -0,0 +1,171 @@ +/* + * Copyright 2011 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -80964,17 +82659,19 @@ diff -urNp linux-2.6.32.48/tools/gcc/checker_plugin.c linux-2.6.32.48/tools/gcc/ +#include "coretypes.h" +#include "tree.h" +#include "tree-pass.h" ++#include "flags.h" +#include "intl.h" ++#include "toplev.h" ++#include "plugin.h" ++//#include "expr.h" where are you... ++#include "diagnostic.h" +#include "plugin-version.h" +#include "tm.h" -+#include "toplev.h" ++#include "function.h" +#include "basic-block.h" +#include "gimple.h" -+//#include "expr.h" where are you... -+#include "diagnostic.h" +#include "rtl.h" +#include "emit-rtl.h" -+#include "function.h" +#include "tree-flow.h" +#include "target.h" + @@ -80991,7 +82688,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/checker_plugin.c linux-2.6.32.48/tools/gcc/ +int plugin_is_GPL_compatible; + +static struct plugin_info checker_plugin_info = { -+ .version = "201110031940", ++ .version = "201111150100", +}; + +#define ADDR_SPACE_KERNEL 0 @@ -81112,8 +82809,8 @@ diff -urNp linux-2.6.32.48/tools/gcc/checker_plugin.c linux-2.6.32.48/tools/gcc/ +} diff -urNp linux-2.6.32.48/tools/gcc/constify_plugin.c linux-2.6.32.48/tools/gcc/constify_plugin.c --- linux-2.6.32.48/tools/gcc/constify_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/constify_plugin.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,293 @@ ++++ linux-2.6.32.48/tools/gcc/constify_plugin.c 2011-11-18 18:01:52.000000000 -0500 +@@ -0,0 +1,303 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011 by PaX Team <pageexec@freemail.hu> @@ -81135,22 +82832,26 @@ diff -urNp linux-2.6.32.48/tools/gcc/constify_plugin.c linux-2.6.32.48/tools/gcc +#include "coretypes.h" +#include "tree.h" +#include "tree-pass.h" ++#include "flags.h" +#include "intl.h" ++#include "toplev.h" ++#include "plugin.h" ++#include "diagnostic.h" +#include "plugin-version.h" +#include "tm.h" -+#include "toplev.h" +#include "function.h" ++#include "basic-block.h" ++#include "gimple.h" ++#include "rtl.h" ++#include "emit-rtl.h" +#include "tree-flow.h" -+#include "plugin.h" -+#include "diagnostic.h" -+//#include "c-tree.h" + +#define C_TYPE_FIELDS_READONLY(TYPE) TREE_LANG_FLAG_1(TYPE) + +int plugin_is_GPL_compatible; + +static struct plugin_info const_plugin_info = { -+ .version = "20110826", ++ .version = "201111150100", + .help = "no-constify\tturn off constification\n", +}; + @@ -81244,7 +82945,10 @@ diff -urNp linux-2.6.32.48/tools/gcc/constify_plugin.c linux-2.6.32.48/tools/gcc + .decl_required = false, + .type_required = false, + .function_type_required = false, -+ .handler = handle_no_const_attribute ++ .handler = handle_no_const_attribute, ++#if __GNUC__ > 4 || __GNUC_MINOR__ >= 7 ++ .affects_type_identity = true ++#endif +}; + +static struct attribute_spec do_const_attr = { @@ -81254,7 +82958,10 @@ diff -urNp linux-2.6.32.48/tools/gcc/constify_plugin.c linux-2.6.32.48/tools/gcc + .decl_required = false, + .type_required = false, + .function_type_required = false, -+ .handler = handle_do_const_attribute ++ .handler = handle_do_const_attribute, ++#if __GNUC__ > 4 || __GNUC_MINOR__ >= 7 ++ .affects_type_identity = true ++#endif +}; + +static void register_attributes(void *event_data, void *data) @@ -81409,8 +83116,8 @@ diff -urNp linux-2.6.32.48/tools/gcc/constify_plugin.c linux-2.6.32.48/tools/gcc +} diff -urNp linux-2.6.32.48/tools/gcc/kallocstat_plugin.c linux-2.6.32.48/tools/gcc/kallocstat_plugin.c --- linux-2.6.32.48/tools/gcc/kallocstat_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/kallocstat_plugin.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,165 @@ ++++ linux-2.6.32.48/tools/gcc/kallocstat_plugin.c 2011-11-18 18:01:52.000000000 -0500 +@@ -0,0 +1,167 @@ +/* + * Copyright 2011 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -81433,17 +83140,19 @@ diff -urNp linux-2.6.32.48/tools/gcc/kallocstat_plugin.c linux-2.6.32.48/tools/g +#include "coretypes.h" +#include "tree.h" +#include "tree-pass.h" ++#include "flags.h" +#include "intl.h" ++#include "toplev.h" ++#include "plugin.h" ++//#include "expr.h" where are you... ++#include "diagnostic.h" +#include "plugin-version.h" +#include "tm.h" -+#include "toplev.h" ++#include "function.h" +#include "basic-block.h" +#include "gimple.h" -+//#include "expr.h" where are you... -+#include "diagnostic.h" +#include "rtl.h" +#include "emit-rtl.h" -+#include "function.h" + +extern void print_gimple_stmt(FILE *, gimple, int, int); + @@ -81462,7 +83171,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/kallocstat_plugin.c linux-2.6.32.48/tools/g +}; + +static struct plugin_info kallocstat_plugin_info = { -+ .version = "201109121100", ++ .version = "201111150100", +}; + +static unsigned int execute_kallocstat(void); @@ -81578,8 +83287,8 @@ diff -urNp linux-2.6.32.48/tools/gcc/kallocstat_plugin.c linux-2.6.32.48/tools/g +} diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc/kernexec_plugin.c --- linux-2.6.32.48/tools/gcc/kernexec_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/kernexec_plugin.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,273 @@ ++++ linux-2.6.32.48/tools/gcc/kernexec_plugin.c 2011-11-18 18:01:52.000000000 -0500 +@@ -0,0 +1,275 @@ +/* + * Copyright 2011 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -81602,17 +83311,19 @@ diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc +#include "coretypes.h" +#include "tree.h" +#include "tree-pass.h" ++#include "flags.h" +#include "intl.h" ++#include "toplev.h" ++#include "plugin.h" ++//#include "expr.h" where are you... ++#include "diagnostic.h" +#include "plugin-version.h" +#include "tm.h" -+#include "toplev.h" ++#include "function.h" +#include "basic-block.h" +#include "gimple.h" -+//#include "expr.h" where are you... -+#include "diagnostic.h" +#include "rtl.h" +#include "emit-rtl.h" -+#include "function.h" +#include "tree-flow.h" + +extern void print_gimple_stmt(FILE *, gimple, int, int); @@ -81621,7 +83332,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc +int plugin_is_GPL_compatible; + +static struct plugin_info kernexec_plugin_info = { -+ .version = "201110032145", ++ .version = "201111150100", +}; + +static unsigned int execute_kernexec_fptr(void); @@ -81671,7 +83382,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc + if (ix86_cmodel != CM_KERNEL) + return false; + -+ section = lookup_attribute("__section__", DECL_ATTRIBUTES(current_function_decl)); ++ section = lookup_attribute("section", DECL_ATTRIBUTES(current_function_decl)); + if (!section || !TREE_VALUE(section)) + return true; + @@ -81782,7 +83493,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc + line = expand_location(RTL_LOCATION(insn)).line; + btsq = gen_rtx_ASM_OPERANDS(VOIDmode, "btsq $63,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line); + MEM_VOLATILE_P(btsq) = 1; -+ RTX_FRAME_RELATED_P(btsq) = 1; ++// RTX_FRAME_RELATED_P(btsq) = 1; // not for ASM_OPERANDS + emit_insn_before(btsq, insn); +} + @@ -81855,12 +83566,12 @@ diff -urNp linux-2.6.32.48/tools/gcc/kernexec_plugin.c linux-2.6.32.48/tools/gcc +} diff -urNp linux-2.6.32.48/tools/gcc/Makefile linux-2.6.32.48/tools/gcc/Makefile --- linux-2.6.32.48/tools/gcc/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/Makefile 2011-11-15 19:59:43.000000000 -0500 ++++ linux-2.6.32.48/tools/gcc/Makefile 2011-11-18 18:08:04.000000000 -0500 @@ -0,0 +1,21 @@ +#CC := gcc +#PLUGIN_SOURCE_FILES := pax_plugin.c +#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) -+GCCPLUGINS_DIR := $(shell $(HOSTCC) -print-file-name=plugin) ++GCCPLUGINS_DIR := $(shell $(CC) -print-file-name=plugin) +#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W + +HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include @@ -81873,15 +83584,15 @@ diff -urNp linux-2.6.32.48/tools/gcc/Makefile linux-2.6.32.48/tools/gcc/Makefile + +always := $(hostlibs-y) + -+stackleak_plugin-objs := stackleak_plugin.o +constify_plugin-objs := constify_plugin.o ++stackleak_plugin-objs := stackleak_plugin.o +kallocstat_plugin-objs := kallocstat_plugin.o +kernexec_plugin-objs := kernexec_plugin.o +checker_plugin-objs := checker_plugin.o diff -urNp linux-2.6.32.48/tools/gcc/stackleak_plugin.c linux-2.6.32.48/tools/gcc/stackleak_plugin.c --- linux-2.6.32.48/tools/gcc/stackleak_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.48/tools/gcc/stackleak_plugin.c 2011-11-15 19:59:43.000000000 -0500 -@@ -0,0 +1,251 @@ ++++ linux-2.6.32.48/tools/gcc/stackleak_plugin.c 2011-11-18 18:01:52.000000000 -0500 +@@ -0,0 +1,291 @@ +/* + * Copyright 2011 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -81907,26 +83618,31 @@ diff -urNp linux-2.6.32.48/tools/gcc/stackleak_plugin.c linux-2.6.32.48/tools/gc +#include "coretypes.h" +#include "tree.h" +#include "tree-pass.h" ++#include "flags.h" +#include "intl.h" ++#include "toplev.h" ++#include "plugin.h" ++//#include "expr.h" where are you... ++#include "diagnostic.h" +#include "plugin-version.h" +#include "tm.h" -+#include "toplev.h" ++#include "function.h" +#include "basic-block.h" +#include "gimple.h" -+//#include "expr.h" where are you... -+#include "diagnostic.h" +#include "rtl.h" +#include "emit-rtl.h" -+#include "function.h" ++ ++extern void print_gimple_stmt(FILE *, gimple, int, int); + +int plugin_is_GPL_compatible; + +static int track_frame_size = -1; +static const char track_function[] = "pax_track_stack"; ++static const char check_function[] = "pax_check_alloca"; +static bool init_locals; + +static struct plugin_info stackleak_plugin_info = { -+ .version = "201109112100", ++ .version = "201111150100", + .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n" +// "initialize-locals\t\tforcibly initialize all stack frames\n" +}; @@ -81949,7 +83665,7 @@ diff -urNp linux-2.6.32.48/tools/gcc/stackleak_plugin.c linux-2.6.32.48/tools/gc + .properties_provided = 0, + .properties_destroyed = 0, + .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts, -+ .todo_flags_finish = TODO_verify_stmts | TODO_dump_func ++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa + } +}; + @@ -81976,63 +83692,94 @@ diff -urNp linux-2.6.32.48/tools/gcc/stackleak_plugin.c linux-2.6.32.48/tools/gc + return track_frame_size >= 0; +} + -+static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi, bool before) ++static void stackleak_check_alloca(gimple_stmt_iterator gsi) ++{ ++ gimple check_alloca; ++ tree fndecl, fntype, alloca_size; ++ ++ // insert call to void pax_check_alloca(unsigned long size) ++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE); ++ fndecl = build_fn_decl(check_function, fntype); ++ DECL_ASSEMBLER_NAME(fndecl); // for LTO ++ alloca_size = gimple_call_arg(gsi_stmt(gsi), 0); ++ check_alloca = gimple_build_call(fndecl, 1, alloca_size); ++ gsi_insert_before(&gsi, check_alloca, GSI_CONTINUE_LINKING); ++} ++ ++static void stackleak_add_instrumentation(gimple_stmt_iterator gsi) +{ -+ gimple call; -+ tree fndecl, type; ++ gimple track_stack; ++ tree fndecl, fntype; + + // insert call to void pax_track_stack(void) -+ type = build_function_type_list(void_type_node, NULL_TREE); -+ fndecl = build_fn_decl(track_function, type); ++ fntype = build_function_type_list(void_type_node, NULL_TREE); ++ fndecl = build_fn_decl(track_function, fntype); + DECL_ASSEMBLER_NAME(fndecl); // for LTO -+ call = gimple_build_call(fndecl, 0); -+ if (before) -+ gsi_insert_before(gsi, call, GSI_CONTINUE_LINKING); -+ else -+ gsi_insert_after(gsi, call, GSI_CONTINUE_LINKING); ++ track_stack = gimple_build_call(fndecl, 0); ++ gsi_insert_after(&gsi, track_stack, GSI_CONTINUE_LINKING); ++} ++ ++#if __GNUC__ == 4 && __GNUC_MINOR__ == 5 ++static bool gimple_call_builtin_p(gimple stmt, enum built_in_function code) ++{ ++ tree fndecl; ++ ++ if (!is_gimple_call(stmt)) ++ return false; ++ fndecl = gimple_call_fndecl(stmt); ++ if (!fndecl) ++ return false; ++ if (DECL_BUILT_IN_CLASS(fndecl) != BUILT_IN_NORMAL) ++ return false; ++// print_node(stderr, "pax", fndecl, 4); ++ return DECL_FUNCTION_CODE(fndecl) == code; ++} ++#endif ++ ++static bool is_alloca(gimple stmt) ++{ ++ if (gimple_call_builtin_p(stmt, BUILT_IN_ALLOCA)) ++ return true; ++ ++#if __GNUC__ > 4 || __GNUC_MINOR__ >= 7 ++ if (gimple_call_builtin_p(stmt, BUILT_IN_ALLOCA_WITH_ALIGN)) ++ return true; ++#endif ++ ++ return false; +} + +static unsigned int execute_stackleak_tree_instrument(void) +{ + basic_block bb, entry_bb; -+ gimple_stmt_iterator gsi; + bool prologue_instrumented = false; + + entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb; + + // 1. loop through BBs and GIMPLE statements + FOR_EACH_BB(bb) { ++ gimple_stmt_iterator gsi; + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { + // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450> -+ tree fndecl; -+ gimple stmt = gsi_stmt(gsi); -+ -+ if (!is_gimple_call(stmt)) -+ continue; -+ fndecl = gimple_call_fndecl(stmt); -+ if (!fndecl) -+ continue; -+ if (TREE_CODE(fndecl) != FUNCTION_DECL) -+ continue; -+ if (!DECL_BUILT_IN(fndecl)) -+ continue; -+ if (DECL_BUILT_IN_CLASS(fndecl) != BUILT_IN_NORMAL) -+ continue; -+ if (DECL_FUNCTION_CODE(fndecl) != BUILT_IN_ALLOCA) ++ if (!is_alloca(gsi_stmt(gsi))) + continue; + -+ // 2. insert track call after each __builtin_alloca call -+ stackleak_add_instrumentation(&gsi, false); ++ // 2. insert stack overflow check before each __builtin_alloca call ++ stackleak_check_alloca(gsi); ++ ++ // 3. insert track call after each __builtin_alloca call ++ stackleak_add_instrumentation(gsi); + if (bb == entry_bb) + prologue_instrumented = true; -+// print_node(stderr, "pax", fndecl, 4); + } + } + -+ // 3. insert track call at the beginning ++ // 4. insert track call at the beginning + if (!prologue_instrumented) { -+ gsi = gsi_start_bb(entry_bb); -+ stackleak_add_instrumentation(&gsi, true); ++ bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest; ++ if (dom_info_available_p(CDI_DOMINATORS)) ++ set_immediate_dominator(CDI_DOMINATORS, bb, ENTRY_BLOCK_PTR); ++ stackleak_add_instrumentation(gsi_start_bb(bb)); + } + + return 0; @@ -82069,7 +83816,11 @@ diff -urNp linux-2.6.32.48/tools/gcc/stackleak_plugin.c linux-2.6.32.48/tools/gc + continue; +// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size); + // 2. delete call -+ delete_insn_and_edges(insn); ++ insn = delete_insn_and_edges(insn); ++#if __GNUC__ > 4 || __GNUC_MINOR__ >= 7 ++ if (GET_CODE(insn) == NOTE && NOTE_KIND(insn) == NOTE_INSN_CALL_ARG_LOCATION) ++ insn = delete_insn_and_edges(insn); ++#endif + } + +// print_simple_rtl(stderr, get_insns()); diff --git a/3.1.1/0000_README b/3.1.1/0000_README index 2f63187..b04fd7b 100644 --- a/3.1.1/0000_README +++ b/3.1.1/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.2-3.1.1-201111171911.patch +Patch: 4420_grsecurity-2.2.2-3.1.1-201111181902.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.1.1/4420_grsecurity-2.2.2-3.1.1-201111171911.patch b/3.1.1/4420_grsecurity-2.2.2-3.1.1-201111181902.patch index 0a5ebc1..2b025b8 100644 --- a/3.1.1/4420_grsecurity-2.2.2-3.1.1-201111171911.patch +++ b/3.1.1/4420_grsecurity-2.2.2-3.1.1-201111181902.patch @@ -21973,9 +21973,13 @@ diff -urNp linux-3.1.1/arch/x86/mm/tlb.c linux-3.1.1/arch/x86/mm/tlb.c diff -urNp linux-3.1.1/arch/x86/net/bpf_jit_comp.c linux-3.1.1/arch/x86/net/bpf_jit_comp.c --- linux-3.1.1/arch/x86/net/bpf_jit_comp.c 2011-11-11 15:19:27.000000000 -0500 -+++ linux-3.1.1/arch/x86/net/bpf_jit_comp.c 2011-11-16 18:39:07.000000000 -0500 -@@ -589,7 +589,9 @@ cond_branch: f_offset = addrs[i + filt - module_free(NULL, image); ++++ linux-3.1.1/arch/x86/net/bpf_jit_comp.c 2011-11-18 17:57:33.000000000 -0500 +@@ -586,10 +586,12 @@ cond_branch: f_offset = addrs[i + filt + if (unlikely(proglen + ilen > oldproglen)) { + pr_err("bpb_jit_compile fatal error\n"); + kfree(addrs); +- module_free(NULL, image); ++ module_free_exec(NULL, image); return; } + pax_open_kernel(); @@ -21993,6 +21997,20 @@ diff -urNp linux-3.1.1/arch/x86/net/bpf_jit_comp.c linux-3.1.1/arch/x86/net/bpf_ proglen, sizeof(struct work_struct))); if (!image) +@@ -637,11 +639,11 @@ out: + + static void jit_free_defer(struct work_struct *arg) + { +- module_free(NULL, arg); ++ module_free_exec(NULL, arg); + } + + /* run from softirq, we must use a work_struct to call +- * module_free() from process context ++ * module_free_exec() from process context + */ + void bpf_jit_free(struct sk_filter *fp) + { diff -urNp linux-3.1.1/arch/x86/net/bpf_jit.S linux-3.1.1/arch/x86/net/bpf_jit.S --- linux-3.1.1/arch/x86/net/bpf_jit.S 2011-11-11 15:19:27.000000000 -0500 +++ linux-3.1.1/arch/x86/net/bpf_jit.S 2011-11-16 18:39:07.000000000 -0500 @@ -43824,6 +43842,61 @@ diff -urNp linux-3.1.1/fs/gfs2/inode.c linux-3.1.1/fs/gfs2/inode.c if (!IS_ERR(s)) kfree(s); } +diff -urNp linux-3.1.1/fs/hfs/btree.c linux-3.1.1/fs/hfs/btree.c +--- linux-3.1.1/fs/hfs/btree.c 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/fs/hfs/btree.c 2011-11-18 18:48:11.000000000 -0500 +@@ -46,11 +46,27 @@ struct hfs_btree *hfs_btree_open(struct + case HFS_EXT_CNID: + hfs_inode_read_fork(tree->inode, mdb->drXTExtRec, mdb->drXTFlSize, + mdb->drXTFlSize, be32_to_cpu(mdb->drXTClpSiz)); ++ ++ if (HFS_I(tree->inode)->alloc_blocks > ++ HFS_I(tree->inode)->first_blocks) { ++ printk(KERN_ERR "hfs: invalid btree extent records\n"); ++ unlock_new_inode(tree->inode); ++ goto free_inode; ++ } ++ + tree->inode->i_mapping->a_ops = &hfs_btree_aops; + break; + case HFS_CAT_CNID: + hfs_inode_read_fork(tree->inode, mdb->drCTExtRec, mdb->drCTFlSize, + mdb->drCTFlSize, be32_to_cpu(mdb->drCTClpSiz)); ++ ++ if (!HFS_I(tree->inode)->first_blocks) { ++ printk(KERN_ERR "hfs: invalid btree extent records " ++ "(0 size).\n"); ++ unlock_new_inode(tree->inode); ++ goto free_inode; ++ } ++ + tree->inode->i_mapping->a_ops = &hfs_btree_aops; + break; + default: +@@ -59,11 +75,6 @@ struct hfs_btree *hfs_btree_open(struct + } + unlock_new_inode(tree->inode); + +- if (!HFS_I(tree->inode)->first_blocks) { +- printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n"); +- goto free_inode; +- } +- + mapping = tree->inode->i_mapping; + page = read_mapping_page(mapping, 0, NULL); + if (IS_ERR(page)) +diff -urNp linux-3.1.1/fs/hfs/trans.c linux-3.1.1/fs/hfs/trans.c +--- linux-3.1.1/fs/hfs/trans.c 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/fs/hfs/trans.c 2011-11-18 18:37:38.000000000 -0500 +@@ -40,6 +40,8 @@ int hfs_mac2asc(struct super_block *sb, + + src = in->name; + srclen = in->len; ++ if (srclen > HFS_NAMELEN) ++ srclen = HFS_NAMELEN; + dst = out; + dstlen = HFS_MAX_NAMELEN; + if (nls_io) { diff -urNp linux-3.1.1/fs/hfsplus/catalog.c linux-3.1.1/fs/hfsplus/catalog.c --- linux-3.1.1/fs/hfsplus/catalog.c 2011-11-11 15:19:27.000000000 -0500 +++ linux-3.1.1/fs/hfsplus/catalog.c 2011-11-16 19:23:09.000000000 -0500 @@ -46070,7 +46143,7 @@ diff -urNp linux-3.1.1/fs/proc/proc_net.c linux-3.1.1/fs/proc/proc_net.c task = pid_task(proc_pid(dir), PIDTYPE_PID); diff -urNp linux-3.1.1/fs/proc/proc_sysctl.c linux-3.1.1/fs/proc/proc_sysctl.c --- linux-3.1.1/fs/proc/proc_sysctl.c 2011-11-11 15:19:27.000000000 -0500 -+++ linux-3.1.1/fs/proc/proc_sysctl.c 2011-11-16 18:40:29.000000000 -0500 ++++ linux-3.1.1/fs/proc/proc_sysctl.c 2011-11-18 18:45:33.000000000 -0500 @@ -8,11 +8,13 @@ #include <linux/namei.h> #include "internal.h" @@ -46132,7 +46205,12 @@ diff -urNp linux-3.1.1/fs/proc/proc_sysctl.c linux-3.1.1/fs/proc/proc_sysctl.c generic_fillattr(inode, stat); if (table) stat->mode = (stat->mode & S_IFMT) | table->mode; -@@ -374,13 +391,13 @@ static const struct file_operations proc +@@ -370,17 +387,18 @@ static const struct file_operations proc + }; + + static const struct file_operations proc_sys_dir_file_operations = { ++ .read = generic_read_dir, + .readdir = proc_sys_readdir, .llseek = generic_file_llseek, }; @@ -47098,6 +47176,30 @@ diff -urNp linux-3.1.1/fs/xfs/xfs_iops.c linux-3.1.1/fs/xfs/xfs_iops.c if (!IS_ERR(s)) kfree(s); +diff -urNp linux-3.1.1/fs/xfs/xfs_vnodeops.c linux-3.1.1/fs/xfs/xfs_vnodeops.c +--- linux-3.1.1/fs/xfs/xfs_vnodeops.c 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/fs/xfs/xfs_vnodeops.c 2011-11-18 18:54:56.000000000 -0500 +@@ -123,13 +123,17 @@ xfs_readlink( + + xfs_ilock(ip, XFS_ILOCK_SHARED); + +- ASSERT(S_ISLNK(ip->i_d.di_mode)); +- ASSERT(ip->i_d.di_size <= MAXPATHLEN); +- + pathlen = ip->i_d.di_size; + if (!pathlen) + goto out; + ++ if (pathlen > MAXPATHLEN) { ++ xfs_alert(mp, "%s: inode (%llu) symlink length (%d) too long", ++ __func__, (unsigned long long)ip->i_ino, pathlen); ++ ASSERT(0); ++ return XFS_ERROR(EFSCORRUPTED); ++ } ++ + if (ip->i_df.if_flags & XFS_IFINLINE) { + memcpy(link, ip->i_df.if_u1.if_data, pathlen); + link[pathlen] = '\0'; diff -urNp linux-3.1.1/grsecurity/gracl_alloc.c linux-3.1.1/grsecurity/gracl_alloc.c --- linux-3.1.1/grsecurity/gracl_alloc.c 1969-12-31 19:00:00.000000000 -0500 +++ linux-3.1.1/grsecurity/gracl_alloc.c 2011-11-16 18:40:31.000000000 -0500 @@ -69901,6 +70003,18 @@ diff -urNp linux-3.1.1/mm/nommu.c linux-3.1.1/mm/nommu.c *region = *vma->vm_region; new->vm_region = region; +diff -urNp linux-3.1.1/mm/oom_kill.c linux-3.1.1/mm/oom_kill.c +--- linux-3.1.1/mm/oom_kill.c 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/mm/oom_kill.c 2011-11-18 18:44:21.000000000 -0500 +@@ -162,7 +162,7 @@ static bool oom_unkillable_task(struct t + unsigned int oom_badness(struct task_struct *p, struct mem_cgroup *mem, + const nodemask_t *nodemask, unsigned long totalpages) + { +- int points; ++ long points; + + if (oom_unkillable_task(p, mem, nodemask)) + return 0; diff -urNp linux-3.1.1/mm/page_alloc.c linux-3.1.1/mm/page_alloc.c --- linux-3.1.1/mm/page_alloc.c 2011-11-11 15:19:27.000000000 -0500 +++ linux-3.1.1/mm/page_alloc.c 2011-11-16 18:40:44.000000000 -0500 @@ -73333,6 +73447,17 @@ diff -urNp linux-3.1.1/net/iucv/af_iucv.c linux-3.1.1/net/iucv/af_iucv.c } write_unlock_bh(&iucv_sk_list.lock); +diff -urNp linux-3.1.1/net/Kconfig linux-3.1.1/net/Kconfig +--- linux-3.1.1/net/Kconfig 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/net/Kconfig 2011-11-18 19:02:18.000000000 -0500 +@@ -239,6 +239,7 @@ config BPF_JIT + bool "enable BPF Just In Time compiler" + depends on HAVE_BPF_JIT + depends on MODULES ++ depends on !GRKERNSEC + ---help--- + Berkeley Packet Filter filtering capabilities are normally handled + by an interpreter. This option allows kernel to generate a native diff -urNp linux-3.1.1/net/key/af_key.c linux-3.1.1/net/key/af_key.c --- linux-3.1.1/net/key/af_key.c 2011-11-11 15:19:27.000000000 -0500 +++ linux-3.1.1/net/key/af_key.c 2011-11-16 18:40:44.000000000 -0500 @@ -76308,6 +76433,19 @@ diff -urNp linux-3.1.1/security/keys/keyring.c linux-3.1.1/security/keys/keyring goto error; buflen -= tmp; +diff -urNp linux-3.1.1/security/keys/user_defined.c linux-3.1.1/security/keys/user_defined.c +--- linux-3.1.1/security/keys/user_defined.c 2011-11-11 15:19:27.000000000 -0500 ++++ linux-3.1.1/security/keys/user_defined.c 2011-11-18 18:38:28.000000000 -0500 +@@ -102,7 +102,8 @@ int user_update(struct key *key, const v + key->expiry = 0; + } + +- kfree_rcu(zap, rcu); ++ if (zap) ++ kfree_rcu(zap, rcu); + + error: + return ret; diff -urNp linux-3.1.1/security/min_addr.c linux-3.1.1/security/min_addr.c --- linux-3.1.1/security/min_addr.c 2011-11-11 15:19:27.000000000 -0500 +++ linux-3.1.1/security/min_addr.c 2011-11-16 18:40:44.000000000 -0500 @@ -77620,7 +77758,7 @@ diff -urNp linux-3.1.1/tools/gcc/kallocstat_plugin.c linux-3.1.1/tools/gcc/kallo +} diff -urNp linux-3.1.1/tools/gcc/kernexec_plugin.c linux-3.1.1/tools/gcc/kernexec_plugin.c --- linux-3.1.1/tools/gcc/kernexec_plugin.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-3.1.1/tools/gcc/kernexec_plugin.c 2011-11-16 18:39:08.000000000 -0500 ++++ linux-3.1.1/tools/gcc/kernexec_plugin.c 2011-11-18 17:57:07.000000000 -0500 @@ -0,0 +1,275 @@ +/* + * Copyright 2011 by the PaX Team <pageexec@freemail.hu> @@ -77826,7 +77964,7 @@ diff -urNp linux-3.1.1/tools/gcc/kernexec_plugin.c linux-3.1.1/tools/gcc/kernexe + line = expand_location(RTL_LOCATION(insn)).line; + btsq = gen_rtx_ASM_OPERANDS(VOIDmode, "btsq $63,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line); + MEM_VOLATILE_P(btsq) = 1; -+ RTX_FRAME_RELATED_P(btsq) = 1; ++// RTX_FRAME_RELATED_P(btsq) = 1; // not for ASM_OPERANDS + emit_insn_before(btsq, insn); +} + |