diff options
-rw-r--r-- | 4.5.6/0000_README (renamed from 4.5.5/0000_README) | 2 | ||||
-rw-r--r-- | 4.5.6/4420_grsecurity-3.1-4.5.6-201606051644.patch (renamed from 4.5.5/4420_grsecurity-3.1-4.5.5-201605291201.patch) | 134 | ||||
-rw-r--r-- | 4.5.6/4425_grsec_remove_EI_PAX.patch (renamed from 4.5.5/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4427_force_XATTR_PAX_tmpfs.patch (renamed from 4.5.5/4427_force_XATTR_PAX_tmpfs.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4430_grsec-remove-localversion-grsec.patch (renamed from 4.5.5/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4435_grsec-mute-warnings.patch (renamed from 4.5.5/4435_grsec-mute-warnings.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4440_grsec-remove-protected-paths.patch (renamed from 4.5.5/4440_grsec-remove-protected-paths.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4450_grsec-kconfig-default-gids.patch (renamed from 4.5.5/4450_grsec-kconfig-default-gids.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 4.5.5/4465_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4470_disable-compat_vdso.patch (renamed from 4.5.5/4470_disable-compat_vdso.patch) | 0 | ||||
-rw-r--r-- | 4.5.6/4475_emutramp_default_on.patch (renamed from 4.5.5/4475_emutramp_default_on.patch) | 0 |
11 files changed, 71 insertions, 65 deletions
diff --git a/4.5.5/0000_README b/4.5.6/0000_README index 71dba33..48f38a5 100644 --- a/4.5.5/0000_README +++ b/4.5.6/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-4.5.5-201605291201.patch +Patch: 4420_grsecurity-3.1-4.5.6-201606051644.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.5.5/4420_grsecurity-3.1-4.5.5-201605291201.patch b/4.5.6/4420_grsecurity-3.1-4.5.6-201606051644.patch index 1fb08ce..d2dfe90 100644 --- a/4.5.5/4420_grsecurity-3.1-4.5.5-201605291201.patch +++ b/4.5.6/4420_grsecurity-3.1-4.5.6-201606051644.patch @@ -408,7 +408,7 @@ index a93b414..f50a50b 100644 A toggle value indicating if modules are allowed to be loaded diff --git a/Makefile b/Makefile -index a23df41..db4f30b 100644 +index 07a1786..7f359da 100644 --- a/Makefile +++ b/Makefile @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -456,7 +456,7 @@ index a23df41..db4f30b 100644 ifdef CONFIG_READABLE_ASM # Disable optimizations that make assembler listings hard to read. # reorder blocks reorders the control in the function -@@ -714,7 +727,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g) +@@ -715,7 +728,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g) else KBUILD_CFLAGS += -g endif @@ -465,7 +465,7 @@ index a23df41..db4f30b 100644 endif ifdef CONFIG_DEBUG_INFO_DWARF4 KBUILD_CFLAGS += $(call cc-option, -gdwarf-4,) -@@ -886,7 +899,7 @@ export mod_sign_cmd +@@ -887,7 +900,7 @@ export mod_sign_cmd ifeq ($(KBUILD_EXTMOD),) @@ -474,7 +474,7 @@ index a23df41..db4f30b 100644 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -@@ -989,7 +1002,7 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ +@@ -990,7 +1003,7 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ archprepare: archheaders archscripts prepare1 scripts_basic @@ -483,7 +483,7 @@ index a23df41..db4f30b 100644 $(Q)$(MAKE) $(build)=. # All the preparing.. -@@ -1184,7 +1197,11 @@ MRPROPER_FILES += .config .config.old .version .old_version \ +@@ -1185,7 +1198,11 @@ MRPROPER_FILES += .config .config.old .version .old_version \ Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \ signing_key.pem signing_key.priv signing_key.x509 \ x509.genkey extra_certificates signing_key.x509.keyid \ @@ -496,7 +496,7 @@ index a23df41..db4f30b 100644 # clean - Delete most, but leave enough to build external modules # -@@ -1223,7 +1240,7 @@ distclean: mrproper +@@ -1224,7 +1241,7 @@ distclean: mrproper @find $(srctree) $(RCS_FIND_IGNORE) \ \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ @@ -25822,7 +25822,7 @@ index 653f88d..11b6b78 100644 if (!insn.opcode.got) return X86_BR_ABORT; diff --git a/arch/x86/kernel/cpu/perf_event_intel_pt.c b/arch/x86/kernel/cpu/perf_event_intel_pt.c -index c0bbd10..53a5dc6 100644 +index a5286d0..79c220a 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_pt.c +++ b/arch/x86/kernel/cpu/perf_event_intel_pt.c @@ -133,14 +133,10 @@ static const struct attribute_group *pt_attr_groups[] = { @@ -25890,7 +25890,7 @@ index c0bbd10..53a5dc6 100644 } #define RTIT_CTL_CYC_PSB (RTIT_CTL_CYCLEACC | \ -@@ -997,7 +979,7 @@ static void pt_event_start(struct perf_event *event, int mode) +@@ -999,7 +981,7 @@ static void pt_event_start(struct perf_event *event, int mode) return; } @@ -25899,7 +25899,7 @@ index c0bbd10..53a5dc6 100644 event->hw.state = 0; pt_config_buffer(buf->cur->table, buf->cur_idx, -@@ -1013,7 +995,7 @@ static void pt_event_stop(struct perf_event *event, int mode) +@@ -1015,7 +997,7 @@ static void pt_event_stop(struct perf_event *event, int mode) * Protect against the PMI racing with disabling wrmsr, * see comment in intel_pt_interrupt(). */ @@ -31435,7 +31435,7 @@ index dad5fe9..ce5f4ba 100644 .disable = native_disable_io_apic, }; diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c -index 6525e92..28559d2 100644 +index 2e1fd58..cc6d3d7 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -206,15 +206,20 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu, @@ -31701,7 +31701,7 @@ index c13a64b..2075a7c 100644 .disabled_by_bios = is_disabled, .hardware_setup = svm_hardware_setup, diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 539062e..0aa69ab 100644 +index 60946a5..0ac3003 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -1575,14 +1575,14 @@ static __always_inline void vmcs_writel(unsigned long field, unsigned long value @@ -39745,10 +39745,10 @@ index c68e724..e863008 100644 /* parse the table header to get the table length */ if (count <= sizeof(struct acpi_table_header)) diff --git a/drivers/acpi/device_pm.c b/drivers/acpi/device_pm.c -index cd2c3d6..2031a4a 100644 +index 993fd31..cc15d14 100644 --- a/drivers/acpi/device_pm.c +++ b/drivers/acpi/device_pm.c -@@ -1025,6 +1025,8 @@ EXPORT_SYMBOL_GPL(acpi_subsys_freeze); +@@ -1026,6 +1026,8 @@ EXPORT_SYMBOL_GPL(acpi_subsys_freeze); #endif /* CONFIG_PM_SLEEP */ @@ -39757,7 +39757,7 @@ index cd2c3d6..2031a4a 100644 static struct dev_pm_domain acpi_general_pm_domain = { .ops = { .runtime_suspend = acpi_subsys_runtime_suspend, -@@ -1041,6 +1043,7 @@ static struct dev_pm_domain acpi_general_pm_domain = { +@@ -1042,6 +1044,7 @@ static struct dev_pm_domain acpi_general_pm_domain = { .restore_early = acpi_subsys_resume_early, #endif }, @@ -39765,7 +39765,7 @@ index cd2c3d6..2031a4a 100644 }; /** -@@ -1118,7 +1121,6 @@ int acpi_dev_pm_attach(struct device *dev, bool power_on) +@@ -1119,7 +1122,6 @@ int acpi_dev_pm_attach(struct device *dev, bool power_on) acpi_device_wakeup(adev, ACPI_STATE_S0, false); } @@ -51059,10 +51059,10 @@ index 8adaaea..99dab8e 100644 void ir_ack_apic_edge(struct irq_data *data) diff --git a/drivers/irqchip/irq-gic.c b/drivers/irqchip/irq-gic.c -index 8f9ebf7..e614150 100644 +index eef9500..71f7183 100644 --- a/drivers/irqchip/irq-gic.c +++ b/drivers/irqchip/irq-gic.c -@@ -379,7 +379,7 @@ static void gic_handle_cascade_irq(struct irq_desc *desc) +@@ -387,7 +387,7 @@ static void gic_handle_cascade_irq(struct irq_desc *desc) chained_irq_exit(chip, desc); } @@ -58214,10 +58214,10 @@ index 1deb8ff..4e2b0c1 100644 struct bfin_can_priv *priv = netdev_priv(dev); struct bfin_can_regs __iomem *reg = priv->membase; diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c -index 141c2a4..ca734ed 100644 +index 910c12e..b9c005d 100644 --- a/drivers/net/can/dev.c +++ b/drivers/net/can/dev.c -@@ -961,7 +961,7 @@ static int can_newlink(struct net *src_net, struct net_device *dev, +@@ -1008,7 +1008,7 @@ static int can_newlink(struct net *src_net, struct net_device *dev, return -EOPNOTSUPP; } @@ -71818,7 +71818,7 @@ index 8c6e318..1c58581 100644 /* check if the device is still usable */ if (unlikely(cmd->device->sdev_state == SDEV_DEL)) { diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c -index 00bc721..7a16d8a 100644 +index 9e5f893..2bf2da8 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -818,7 +818,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \ @@ -75713,7 +75713,7 @@ index 92982d7..758ecfe 100644 tty_port_tty_set(&ch->port, tty); mutex_lock(&ch->port.mutex); diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c -index c3fe026..66cd166 100644 +index 9aff371..2faef0d 100644 --- a/drivers/tty/n_gsm.c +++ b/drivers/tty/n_gsm.c @@ -1644,7 +1644,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) @@ -75725,7 +75725,7 @@ index c3fe026..66cd166 100644 kfree(dlci); return NULL; } -@@ -2665,7 +2665,7 @@ static inline void muxnet_put(struct gsm_mux_net *mux_net) +@@ -2667,7 +2667,7 @@ static inline void muxnet_put(struct gsm_mux_net *mux_net) kref_put(&mux_net->ref, net_free); } @@ -75734,7 +75734,7 @@ index c3fe026..66cd166 100644 struct net_device *net) { struct gsm_mux_net *mux_net = netdev_priv(net); -@@ -2957,7 +2957,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) +@@ -2959,7 +2959,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) struct gsm_dlci *dlci = tty->driver_data; struct tty_port *port = &dlci->port; @@ -75744,7 +75744,7 @@ index c3fe026..66cd166 100644 dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index b280abaa..3ccd7d1 100644 +index c12def7..4f1303d 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -1515,7 +1515,7 @@ n_tty_receive_char_lnext(struct tty_struct *tty, unsigned char c, char flag) @@ -75835,7 +75835,7 @@ index b280abaa..3ccd7d1 100644 n = min(count, room); if (!n) -@@ -2549,6 +2550,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -2545,6 +2546,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -75845,10 +75845,10 @@ index b280abaa..3ccd7d1 100644 } EXPORT_SYMBOL_GPL(n_tty_inherit_ops); diff --git a/drivers/tty/pty.c b/drivers/tty/pty.c -index 2348fa6..490e407 100644 +index 6427a39..4ee0796 100644 --- a/drivers/tty/pty.c +++ b/drivers/tty/pty.c -@@ -879,8 +879,10 @@ static void __init unix98_pty_init(void) +@@ -877,8 +877,10 @@ static void __init unix98_pty_init(void) panic("Couldn't register Unix98 pts driver"); /* Now create the /dev/ptmx special device */ @@ -75921,10 +75921,10 @@ index c9720a9..964f2d9 100644 if (share_irqs) irqflag = IRQF_SHARED; diff --git a/drivers/tty/serial/8250/8250_pci.c b/drivers/tty/serial/8250/8250_pci.c -index 7cd6f9a..d13ac0a 100644 +index c1d4a8f..a8e7167 100644 --- a/drivers/tty/serial/8250/8250_pci.c +++ b/drivers/tty/serial/8250/8250_pci.c -@@ -5656,7 +5656,7 @@ static struct pci_device_id serial_pci_tbl[] = { +@@ -5659,7 +5659,7 @@ static struct pci_device_id serial_pci_tbl[] = { }; static pci_ers_result_t serial8250_io_error_detected(struct pci_dev *dev, @@ -76143,7 +76143,7 @@ index dcde955..920693f 100644 if (unlikely(line < 0 || line >= UART_NR)) return -ENXIO; diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c -index d72cd73..aac0435 100644 +index 8320173..fd1160b 100644 --- a/drivers/tty/serial/samsung.c +++ b/drivers/tty/serial/samsung.c @@ -970,11 +970,16 @@ static void s3c24xx_serial_shutdown(struct uart_port *port) @@ -96727,7 +96727,7 @@ index 3525ed7..ac8afb7 100644 } diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c -index 42e1f44..017e7f6 100644 +index 8f38e33..90f716a 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -2388,8 +2388,7 @@ SMB2_query_directory(const unsigned int xid, struct cifs_tcon *tcon, @@ -122536,10 +122536,10 @@ index 0000000..39645c9 +} diff --git a/grsecurity/gracl_segv.c b/grsecurity/gracl_segv.c new file mode 100644 -index 0000000..10f1617 +index 0000000..02c5a2b --- /dev/null +++ b/grsecurity/gracl_segv.c -@@ -0,0 +1,304 @@ +@@ -0,0 +1,306 @@ +#include <linux/kernel.h> +#include <linux/mm.h> +#include <asm/uaccess.h> @@ -122752,9 +122752,11 @@ index 0000000..10f1617 + + if ((curr->crashes >= curr->res[GR_CRASH_RES].rlim_cur) && + time_after(curr->expires, get_seconds())) { ++ int is_priv = is_privileged_binary(task->mm->exe_file->f_path.dentry); ++ + rcu_read_lock(); + cred = __task_cred(task); -+ if (gr_is_global_nonroot(cred->uid) && is_privileged_binary(task->mm->exe_file->f_path.dentry)) { ++ if (gr_is_global_nonroot(cred->uid) && is_priv) { + gr_log_crash1(GR_DONT_AUDIT, GR_SEGVSTART_ACL_MSG, task, curr->res[GR_CRASH_RES].rlim_max); + spin_lock(&gr_uid_lock); + gr_insert_uid(cred->uid, curr->expires); @@ -125147,10 +125149,10 @@ index 0000000..304c518 +} diff --git a/grsecurity/grsec_sig.c b/grsecurity/grsec_sig.c new file mode 100644 -index 0000000..a2b8b8f +index 0000000..f072c9d --- /dev/null +++ b/grsecurity/grsec_sig.c -@@ -0,0 +1,245 @@ +@@ -0,0 +1,248 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/fs.h> @@ -125236,16 +125238,19 @@ index 0000000..a2b8b8f +#ifdef CONFIG_GRKERNSEC_BRUTE + struct task_struct *p = current; + kuid_t uid = GLOBAL_ROOT_UID; ++ int is_priv = 0; + int daemon = 0; + + if (!grsec_enable_brute) + return; + ++ if (is_privileged_binary(p->mm->exe_file->f_path.dentry)) ++ is_priv = 1; ++ + rcu_read_lock(); + read_lock(&tasklist_lock); + read_lock(&grsec_exec_file_lock); -+ if (p->real_parent && gr_is_same_file(p->real_parent->exec_file, p->exec_file) && -+ !is_privileged_binary(p->mm->exe_file->f_path.dentry)) { ++ if (!is_priv && p->real_parent && gr_is_same_file(p->real_parent->exec_file, p->exec_file)) { + p->real_parent->brute_expires = get_seconds() + GR_DAEMON_BRUTE_TIME; + p->real_parent->brute = 1; + daemon = 1; @@ -126173,7 +126178,7 @@ index 0000000..61b514e +EXPORT_SYMBOL_GPL(gr_log_timechange); diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c new file mode 100644 -index 0000000..9786671 +index 0000000..cbd2776 --- /dev/null +++ b/grsecurity/grsec_tpe.c @@ -0,0 +1,78 @@ @@ -126221,7 +126226,7 @@ index 0000000..9786671 + msg2 = "file in non-root-owned directory"; + else if (inode->i_mode & S_IWOTH) + msg2 = "file in world-writable directory"; -+ else if (inode->i_mode & S_IWGRP) ++ else if ((inode->i_mode & S_IWGRP) && gr_is_global_nonroot_gid(inode->i_gid)) + msg2 = "file in group-writable directory"; + else if (file_inode->i_mode & S_IWOTH) + msg2 = "file is world-writable"; @@ -126242,7 +126247,7 @@ index 0000000..9786671 + msg = "directory not owned by user"; + else if (inode->i_mode & S_IWOTH) + msg = "file in world-writable directory"; -+ else if (inode->i_mode & S_IWGRP) ++ else if ((inode->i_mode & S_IWGRP) && gr_is_global_nonroot_gid(inode->i_gid)) + msg = "file in group-writable directory"; + else if (file_inode->i_mode & S_IWOTH) + msg = "file is world-writable"; @@ -133221,10 +133226,10 @@ index 04e8818..af85805 100644 /* shm_mode upper byte flags */ #define SHM_DEST 01000 /* segment will be destroyed on last detach */ diff --git a/include/linux/signal.h b/include/linux/signal.h -index 92557bb..53fa513 100644 +index d80259a..41a639a 100644 --- a/include/linux/signal.h +++ b/include/linux/signal.h -@@ -288,7 +288,7 @@ static inline void allow_signal(int sig) +@@ -303,7 +303,7 @@ static inline void allow_signal(int sig) * know it'll be handled, so that they don't get converted to * SIGKILL or just silently dropped. */ @@ -134184,7 +134189,7 @@ index b4c2a48..0a13f65 100644 #endif /* _LINUX_THREAD_INFO_H */ diff --git a/include/linux/tty.h b/include/linux/tty.h -index 19199c2..e16a361 100644 +index e5b996d..65cd286 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -225,7 +225,7 @@ struct tty_port { @@ -134294,10 +134299,10 @@ index 3495578..f479218 100644 #ifndef user_access_begin #define user_access_begin() do { } while (0) diff --git a/include/linux/uidgid.h b/include/linux/uidgid.h -index 0383552..a0125dd 100644 +index 0383552..595969a 100644 --- a/include/linux/uidgid.h +++ b/include/linux/uidgid.h -@@ -187,4 +187,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) +@@ -187,4 +187,10 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) #endif /* CONFIG_USER_NS */ @@ -134305,6 +134310,7 @@ index 0383552..a0125dd 100644 +#define GR_GLOBAL_GID(x) from_kgid_munged(&init_user_ns, (x)) +#define gr_is_global_root(x) uid_eq((x), GLOBAL_ROOT_UID) +#define gr_is_global_nonroot(x) (!uid_eq((x), GLOBAL_ROOT_UID)) ++#define gr_is_global_nonroot_gid(x) (!gid_eq((x), GLOBAL_ROOT_GID)) + #endif /* _LINUX_UIDGID_H */ diff --git a/include/linux/uio_driver.h b/include/linux/uio_driver.h @@ -134372,7 +134378,7 @@ index 99c1b4d..562e6f3 100644 static inline void put_unaligned_le16(u16 val, void *p) diff --git a/include/linux/usb.h b/include/linux/usb.h -index 89533ba..78c419a 100644 +index f3dbc21..a59a42a 100644 --- a/include/linux/usb.h +++ b/include/linux/usb.h @@ -367,7 +367,7 @@ struct usb_bus { @@ -135825,7 +135831,7 @@ index 93d14da..734b3d8 100644 u8 qfull; enum fc_lport_state state; diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h -index ba93c0f..90acd4d 100644 +index a5d31f7..e5ee774 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -187,9 +187,9 @@ struct scsi_device { @@ -137969,7 +137975,7 @@ index 2a20c0d..3eb7d03 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index a0ef98b..c60fa0a 100644 +index 477fb6b..dcd02b5 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -350,8 +350,15 @@ static struct srcu_struct pmus_srcu; @@ -138018,7 +138024,7 @@ index a0ef98b..c60fa0a 100644 struct hrtimer *timer = &cpuctx->hrtimer; struct pmu *pmu = cpuctx->ctx.pmu; unsigned long flags; -@@ -2893,7 +2901,7 @@ void __perf_event_task_sched_in(struct task_struct *prev, +@@ -2894,7 +2902,7 @@ void __perf_event_task_sched_in(struct task_struct *prev, perf_pmu_sched_task(prev, task, true); } @@ -138027,7 +138033,7 @@ index a0ef98b..c60fa0a 100644 { u64 frequency = event->attr.sample_freq; u64 sec = NSEC_PER_SEC; -@@ -3944,9 +3952,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) +@@ -3935,9 +3943,9 @@ u64 perf_event_read_value(struct perf_event *event, u64 *enabled, u64 *running) total += perf_event_count(event); *enabled += event->total_time_enabled + @@ -138039,7 +138045,7 @@ index a0ef98b..c60fa0a 100644 list_for_each_entry(child, &event->child_list, child_list) { (void)perf_event_read(child, false); -@@ -3978,12 +3986,12 @@ static int __perf_read_group_add(struct perf_event *leader, +@@ -3969,12 +3977,12 @@ static int __perf_read_group_add(struct perf_event *leader, */ if (read_format & PERF_FORMAT_TOTAL_TIME_ENABLED) { values[n++] += leader->total_time_enabled + @@ -138054,7 +138060,7 @@ index a0ef98b..c60fa0a 100644 } /* -@@ -4485,10 +4493,10 @@ void perf_event_update_userpage(struct perf_event *event) +@@ -4476,10 +4484,10 @@ void perf_event_update_userpage(struct perf_event *event) userpg->offset -= local64_read(&event->hw.prev_count); userpg->time_enabled = enabled + @@ -138067,7 +138073,7 @@ index a0ef98b..c60fa0a 100644 arch_perf_update_userpage(event, userpg, now); -@@ -5163,7 +5171,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, +@@ -5154,7 +5162,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, /* Data. */ sp = perf_user_stack_pointer(regs); @@ -138076,7 +138082,7 @@ index a0ef98b..c60fa0a 100644 dyn_size = dump_size - rem; perf_output_skip(handle, rem); -@@ -5254,11 +5262,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, +@@ -5245,11 +5253,11 @@ static void perf_output_read_one(struct perf_output_handle *handle, values[n++] = perf_event_count(event); if (read_format & PERF_FORMAT_TOTAL_TIME_ENABLED) { values[n++] = enabled + @@ -138090,7 +138096,7 @@ index a0ef98b..c60fa0a 100644 } if (read_format & PERF_FORMAT_ID) values[n++] = primary_event_id(event); -@@ -7568,8 +7576,7 @@ perf_event_mux_interval_ms_store(struct device *dev, +@@ -7559,8 +7567,7 @@ perf_event_mux_interval_ms_store(struct device *dev, cpuctx = per_cpu_ptr(pmu->pmu_cpu_context, cpu); cpuctx->hrtimer_interval = ns_to_ktime(NSEC_PER_MSEC * timer); @@ -138100,7 +138106,7 @@ index a0ef98b..c60fa0a 100644 } put_online_cpus(); mutex_unlock(&mux_interval_mutex); -@@ -7938,7 +7945,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, +@@ -7929,7 +7936,7 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu, event->parent = parent_event; event->ns = get_pid_ns(task_active_pid_ns(current)); @@ -138109,7 +138115,7 @@ index a0ef98b..c60fa0a 100644 event->state = PERF_EVENT_STATE_INACTIVE; -@@ -8300,6 +8307,11 @@ SYSCALL_DEFINE5(perf_event_open, +@@ -8291,6 +8298,11 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -138121,7 +138127,7 @@ index a0ef98b..c60fa0a 100644 err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -@@ -8788,10 +8800,10 @@ static void sync_child_event(struct perf_event *child_event, +@@ -8805,10 +8817,10 @@ static void sync_child_event(struct perf_event *child_event, /* * Add back the child's count to the parent's count: */ @@ -143482,7 +143488,7 @@ index 57a6eea..168c21f 100644 /* make curr_ret_stack visible before we add the ret_stack */ smp_wmb(); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c -index 95181e3..3b49321 100644 +index 9c14373..5ddd763 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -296,9 +296,9 @@ struct buffer_data_page { @@ -143535,7 +143541,7 @@ index 95181e3..3b49321 100644 /* * No need to worry about races with clearing out the commit. -@@ -1411,12 +1411,12 @@ static void rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer); +@@ -1412,12 +1412,12 @@ static void rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer); static inline unsigned long rb_page_entries(struct buffer_page *bpage) { @@ -143550,7 +143556,7 @@ index 95181e3..3b49321 100644 } static int -@@ -1511,7 +1511,7 @@ rb_remove_pages(struct ring_buffer_per_cpu *cpu_buffer, unsigned int nr_pages) +@@ -1512,7 +1512,7 @@ rb_remove_pages(struct ring_buffer_per_cpu *cpu_buffer, unsigned long nr_pages) * bytes consumed in ring buffer from here. * Increment overrun to account for the lost events. */ @@ -160909,10 +160915,10 @@ index 55c96cb..e4e88ab 100644 __clean-files := $(filter-out $(no-clean-files), $(__clean-files)) diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn -index f9e47a7..b72022a 100644 +index 53449a6..c1fd180 100644 --- a/scripts/Makefile.extrawarn +++ b/scripts/Makefile.extrawarn -@@ -27,6 +27,10 @@ warning-1 += $(call cc-option, -Wunused-but-set-variable) +@@ -28,6 +28,10 @@ warning-1 += $(call cc-option, -Wunused-const-variable) warning-1 += $(call cc-disable-warning, missing-field-initializers) warning-1 += $(call cc-disable-warning, sign-compare) diff --git a/4.5.5/4425_grsec_remove_EI_PAX.patch b/4.5.6/4425_grsec_remove_EI_PAX.patch index 2a1aa6c..2a1aa6c 100644 --- a/4.5.5/4425_grsec_remove_EI_PAX.patch +++ b/4.5.6/4425_grsec_remove_EI_PAX.patch diff --git a/4.5.5/4427_force_XATTR_PAX_tmpfs.patch b/4.5.6/4427_force_XATTR_PAX_tmpfs.patch index aa2a091..aa2a091 100644 --- a/4.5.5/4427_force_XATTR_PAX_tmpfs.patch +++ b/4.5.6/4427_force_XATTR_PAX_tmpfs.patch diff --git a/4.5.5/4430_grsec-remove-localversion-grsec.patch b/4.5.6/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/4.5.5/4430_grsec-remove-localversion-grsec.patch +++ b/4.5.6/4430_grsec-remove-localversion-grsec.patch diff --git a/4.5.5/4435_grsec-mute-warnings.patch b/4.5.6/4435_grsec-mute-warnings.patch index b7564e4..b7564e4 100644 --- a/4.5.5/4435_grsec-mute-warnings.patch +++ b/4.5.6/4435_grsec-mute-warnings.patch diff --git a/4.5.5/4440_grsec-remove-protected-paths.patch b/4.5.6/4440_grsec-remove-protected-paths.patch index 741546d..741546d 100644 --- a/4.5.5/4440_grsec-remove-protected-paths.patch +++ b/4.5.6/4440_grsec-remove-protected-paths.patch diff --git a/4.5.5/4450_grsec-kconfig-default-gids.patch b/4.5.6/4450_grsec-kconfig-default-gids.patch index 79a866b..79a866b 100644 --- a/4.5.5/4450_grsec-kconfig-default-gids.patch +++ b/4.5.6/4450_grsec-kconfig-default-gids.patch diff --git a/4.5.5/4465_selinux-avc_audit-log-curr_ip.patch b/4.5.6/4465_selinux-avc_audit-log-curr_ip.patch index 7248385..7248385 100644 --- a/4.5.5/4465_selinux-avc_audit-log-curr_ip.patch +++ b/4.5.6/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/4.5.5/4470_disable-compat_vdso.patch b/4.5.6/4470_disable-compat_vdso.patch index 4aba080..4aba080 100644 --- a/4.5.5/4470_disable-compat_vdso.patch +++ b/4.5.6/4470_disable-compat_vdso.patch diff --git a/4.5.5/4475_emutramp_default_on.patch b/4.5.6/4475_emutramp_default_on.patch index afd6019..afd6019 100644 --- a/4.5.5/4475_emutramp_default_on.patch +++ b/4.5.6/4475_emutramp_default_on.patch |