From: Michael Tremer Date: Mon, 18 Mar 2013 22:20:02 +0000 (+0100) Subject: kernel: Update to 3.8.3. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2652a1fed890b14ad44ce7764e51b398eb15c02e;p=people%2Fms%2Fipfire-3.x.git kernel: Update to 3.8.3. --- diff --git a/kernel/kernel.nm b/kernel/kernel.nm index 8165f2a26..b9215c470 100644 --- a/kernel/kernel.nm +++ b/kernel/kernel.nm @@ -4,8 +4,8 @@ ############################################################################### name = kernel -version = 3.8.2 -release = 0.1 +version = 3.8.3 +release = 1 thisapp = linux-%{version} maintainer = Arne Fitzenreiter diff --git a/kernel/patches/grsecurity-2.9.1-3.8.2-201303041742.patch b/kernel/patches/grsecurity-2.9.1-3.8.3-201303142235.patch similarity index 93% rename from kernel/patches/grsecurity-2.9.1-3.8.2-201303041742.patch rename to kernel/patches/grsecurity-2.9.1-3.8.3-201303142235.patch index c57c85df6..ef25e2b46 100644 --- a/kernel/patches/grsecurity-2.9.1-3.8.2-201303041742.patch +++ b/kernel/patches/grsecurity-2.9.1-3.8.3-201303142235.patch @@ -1,5 +1,5 @@ diff --git a/Documentation/dontdiff b/Documentation/dontdiff -index b89a739..dba90c5 100644 +index b89a739..b47493f 100644 --- a/Documentation/dontdiff +++ b/Documentation/dontdiff @@ -2,9 +2,11 @@ @@ -172,10 +172,11 @@ index b89a739..dba90c5 100644 relocs rlim_names.h rn50_reg_safe.h -@@ -213,8 +238,11 @@ series +@@ -213,8 +238,12 @@ series setup setup.bin setup.elf ++signing_key* +size_overflow_hash.h sImage +slabinfo @@ -184,7 +185,7 @@ index b89a739..dba90c5 100644 split-include syscalltab.h tables.c -@@ -224,6 +252,7 @@ tftpboot.img +@@ -224,6 +253,7 @@ tftpboot.img timeconst.h times.h* trix_boot.h @@ -192,7 +193,7 @@ index b89a739..dba90c5 100644 utsrelease.h* vdso-syms.lds vdso.lds -@@ -235,13 +264,17 @@ vdso32.lds +@@ -235,13 +265,17 @@ vdso32.lds vdso32.so.dbg vdso64.lds vdso64.so.dbg @@ -210,7 +211,7 @@ index b89a739..dba90c5 100644 vmlinuz voffset.h vsyscall.lds -@@ -249,9 +282,11 @@ vsyscall_32.lds +@@ -249,9 +283,12 @@ vsyscall_32.lds wanxlfw.inc uImage unifdef @@ -218,12 +219,13 @@ index b89a739..dba90c5 100644 wakeup.bin wakeup.elf wakeup.lds ++x509* zImage* zconf.hash.c +zconf.lex.c zoffset.h diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt -index 986614d..0afd461 100644 +index 986614d..e8bfedc 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -922,6 +922,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. @@ -237,7 +239,7 @@ index 986614d..0afd461 100644 hashdist= [KNL,NUMA] Large hashes allocated during boot are distributed across NUMA nodes. Defaults on for 64-bit NUMA, off otherwise. -@@ -2121,6 +2125,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2121,6 +2125,18 @@ bytes respectively. Such letter suffixes can also be entirely omitted. the specified number of seconds. This is to be used if your oopses keep scrolling off the screen. @@ -247,12 +249,17 @@ index 986614d..0afd461 100644 + page table updates on X86-64. + + pax_softmode= 0/1 to disable/enable PaX softmode on boot already. ++ ++ pax_extra_latent_entropy ++ Enable a very simple form of latent entropy extraction ++ from the first 4GB of memory as the bootmem allocator ++ passes the memory pages to the buddy allocator. + pcbit= [HW,ISDN] pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 20d5318..19c7540 100644 +index 8c49fc9b..9a2af09 100644 --- a/Makefile +++ b/Makefile @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -278,7 +285,7 @@ index 20d5318..19c7540 100644 $(Q)$(MAKE) $(build)=scripts/basic $(Q)rm -f .tmp_quiet_recordmcount -@@ -575,6 +576,64 @@ else +@@ -575,6 +576,62 @@ else KBUILD_CFLAGS += -O2 endif @@ -289,11 +296,9 @@ index 20d5318..19c7540 100644 +PLUGINCC := $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(HOSTCXX)" "$(CC)") +endif +ifneq ($(PLUGINCC),) -+ifndef DISABLE_PAX_CONSTIFY_PLUGIN +ifndef CONFIG_UML +CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN +endif -+endif +ifdef CONFIG_PAX_MEMORY_STACKLEAK +STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN +STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 @@ -343,7 +348,7 @@ index 20d5318..19c7540 100644 include $(srctree)/arch/$(SRCARCH)/Makefile ifdef CONFIG_READABLE_ASM -@@ -731,7 +790,7 @@ export mod_sign_cmd +@@ -731,7 +788,7 @@ export mod_sign_cmd ifeq ($(KBUILD_EXTMOD),) @@ -352,7 +357,7 @@ index 20d5318..19c7540 100644 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -@@ -778,6 +837,8 @@ endif +@@ -778,6 +835,8 @@ endif # The actual objects are generated when descending, # make sure no implicit rule kicks in @@ -361,7 +366,7 @@ index 20d5318..19c7540 100644 $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Handle descending into subdirectories listed in $(vmlinux-dirs) -@@ -787,7 +848,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; +@@ -787,7 +846,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; # Error messages still appears in the original language PHONY += $(vmlinux-dirs) @@ -370,7 +375,7 @@ index 20d5318..19c7540 100644 $(Q)$(MAKE) $(build)=$@ # Store (new) KERNELRELASE string in include/config/kernel.release -@@ -831,6 +892,7 @@ prepare0: archprepare FORCE +@@ -831,6 +890,7 @@ prepare0: archprepare FORCE $(Q)$(MAKE) $(build)=. # All the preparing.. @@ -378,7 +383,7 @@ index 20d5318..19c7540 100644 prepare: prepare0 # Generate some files -@@ -938,6 +1000,8 @@ all: modules +@@ -938,6 +998,8 @@ all: modules # using awk while concatenating to the final file. PHONY += modules @@ -387,7 +392,7 @@ index 20d5318..19c7540 100644 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order @$(kecho) ' Building modules, stage 2.'; -@@ -953,7 +1017,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) +@@ -953,7 +1015,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) # Target to prepare building external modules PHONY += modules_prepare @@ -396,7 +401,7 @@ index 20d5318..19c7540 100644 # Target to install modules PHONY += modules_install -@@ -1019,7 +1083,7 @@ MRPROPER_FILES += .config .config.old .version .old_version $(version_h) \ +@@ -1019,7 +1081,7 @@ MRPROPER_FILES += .config .config.old .version .old_version $(version_h) \ Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \ signing_key.priv signing_key.x509 x509.genkey \ extra_certificates signing_key.x509.keyid \ @@ -405,7 +410,7 @@ index 20d5318..19c7540 100644 # clean - Delete most, but leave enough to build external modules # -@@ -1059,6 +1123,7 @@ distclean: mrproper +@@ -1059,6 +1121,7 @@ distclean: mrproper \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ -o -name '.*.rej' \ @@ -413,7 +418,7 @@ index 20d5318..19c7540 100644 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ -type f -print | xargs rm -f -@@ -1219,6 +1284,8 @@ PHONY += $(module-dirs) modules +@@ -1219,6 +1282,8 @@ PHONY += $(module-dirs) modules $(module-dirs): crmodverdir $(objtree)/Module.symvers $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) @@ -422,7 +427,7 @@ index 20d5318..19c7540 100644 modules: $(module-dirs) @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost -@@ -1355,17 +1422,21 @@ else +@@ -1355,17 +1420,21 @@ else target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) endif @@ -448,7 +453,7 @@ index 20d5318..19c7540 100644 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) %.symtypes: %.c prepare scripts FORCE $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) -@@ -1375,11 +1446,15 @@ endif +@@ -1375,11 +1444,15 @@ endif $(cmd_crmodverdir) $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ $(build)=$(build-dir) @@ -810,6 +815,28 @@ index 67874b8..0e40765 100644 default y if CPU_FEROCEON help Implement faster copy_to_user and clear_user methods for CPU +diff --git a/arch/arm/common/gic.c b/arch/arm/common/gic.c +index 87dfa902..3a523fc 100644 +--- a/arch/arm/common/gic.c ++++ b/arch/arm/common/gic.c +@@ -81,7 +81,7 @@ static u8 gic_cpu_map[NR_GIC_CPU_IF] __read_mostly; + * Supported arch specific GIC irq extension. + * Default make them NULL. + */ +-struct irq_chip gic_arch_extn = { ++irq_chip_no_const gic_arch_extn __read_only = { + .irq_eoi = NULL, + .irq_mask = NULL, + .irq_unmask = NULL, +@@ -329,7 +329,7 @@ static void gic_handle_cascade_irq(unsigned int irq, struct irq_desc *desc) + chained_irq_exit(chip, desc); + } + +-static struct irq_chip gic_chip = { ++static irq_chip_no_const gic_chip __read_only = { + .name = "GIC", + .irq_mask = gic_mask_irq, + .irq_unmask = gic_unmask_irq, diff --git a/arch/arm/include/asm/atomic.h b/arch/arm/include/asm/atomic.h index c79f61f..9ac0642 100644 --- a/arch/arm/include/asm/atomic.h @@ -1513,13 +1540,13 @@ index 7eb18c1..e38b6d2 100644 #include diff --git a/arch/arm/include/asm/delay.h b/arch/arm/include/asm/delay.h -index ab98fdd..6b19938 100644 +index 720799f..2f67631 100644 --- a/arch/arm/include/asm/delay.h +++ b/arch/arm/include/asm/delay.h -@@ -24,9 +24,9 @@ extern struct arm_delay_ops { - void (*delay)(unsigned long); +@@ -25,9 +25,9 @@ extern struct arm_delay_ops { void (*const_udelay)(unsigned long); void (*udelay)(unsigned long); + bool const_clock; -} arm_delay_ops; +} *arm_delay_ops; @@ -1528,7 +1555,7 @@ index ab98fdd..6b19938 100644 /* * This function intentionally does not exist; if you see references to -@@ -47,8 +47,8 @@ extern void __bad_udelay(void); +@@ -48,8 +48,8 @@ extern void __bad_udelay(void); * first constant multiplications gets optimized away if the delay is * a constant) */ @@ -1540,7 +1567,7 @@ index ab98fdd..6b19938 100644 #define udelay(n) \ (__builtin_constant_p(n) ? \ diff --git a/arch/arm/include/asm/domain.h b/arch/arm/include/asm/domain.h -index 6ddbe44..758b5f2 100644 +index 6ddbe44..b5e38b1 100644 --- a/arch/arm/include/asm/domain.h +++ b/arch/arm/include/asm/domain.h @@ -48,18 +48,37 @@ @@ -1552,7 +1579,7 @@ index 6ddbe44..758b5f2 100644 +#define DOMAIN_USERCLIENT 1 +#define DOMAIN_KERNELCLIENT 1 #define DOMAIN_MANAGER 3 -+#define DOMAIN_VECTORS DOMAIN_USER ++#define DOMAIN_VECTORS DOMAIN_USER #else + +#ifdef CONFIG_PAX_KERNEXEC @@ -1699,6 +1726,22 @@ index e42cf59..7b94b8f 100644 pagefault_enable(); /* subsumes preempt_enable() */ if (!ret) { +diff --git a/arch/arm/include/asm/hardware/gic.h b/arch/arm/include/asm/hardware/gic.h +index 4b1ce6c..bea3f73 100644 +--- a/arch/arm/include/asm/hardware/gic.h ++++ b/arch/arm/include/asm/hardware/gic.h +@@ -34,9 +34,10 @@ + + #ifndef __ASSEMBLY__ + #include ++#include + struct device_node; + +-extern struct irq_chip gic_arch_extn; ++extern irq_chip_no_const gic_arch_extn; + + void gic_init_bases(unsigned int, int, void __iomem *, void __iomem *, + u32 offset, struct device_node *); diff --git a/arch/arm/include/asm/kmap_types.h b/arch/arm/include/asm/kmap_types.h index 83eb2f7..ed77159 100644 --- a/arch/arm/include/asm/kmap_types.h @@ -1934,7 +1977,7 @@ index a3f3792..7b932a6 100644 #define L_PTE_DIRTY_HIGH (1 << (55 - 32)) diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h -index 9c82f988..514705a 100644 +index c094749..fd8272e 100644 --- a/arch/arm/include/asm/pgtable.h +++ b/arch/arm/include/asm/pgtable.h @@ -30,6 +30,9 @@ @@ -2019,12 +2062,13 @@ index 9c82f988..514705a 100644 */ #define _L_PTE_DEFAULT L_PTE_PRESENT | L_PTE_YOUNG -@@ -240,7 +290,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } +@@ -240,8 +290,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } static inline pte_t pte_modify(pte_t pte, pgprot_t newprot) { -- const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | L_PTE_NONE; -+ const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | L_PTE_NONE | __supported_pte_mask; +- const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | +- L_PTE_NONE | L_PTE_VALID; ++ const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | L_PTE_NONE | L_PTE_VALID | __supported_pte_mask; pte_val(pte) = (pte_val(pte) & ~mask) | (pgprot_val(newprot) & mask); return pte; } @@ -2680,7 +2724,7 @@ index 2adda11..7fbe958 100644 flush_icache_range(0xffff001c, 0xffff001c + length); if (!vectors_high()) diff --git a/arch/arm/kernel/head.S b/arch/arm/kernel/head.S -index 486a15a..2d6880e 100644 +index e0eb9a1..c7d74a3 100644 --- a/arch/arm/kernel/head.S +++ b/arch/arm/kernel/head.S @@ -52,7 +52,9 @@ @@ -2694,7 +2738,7 @@ index 486a15a..2d6880e 100644 .endm /* -@@ -416,7 +418,7 @@ __enable_mmu: +@@ -434,7 +436,7 @@ __enable_mmu: mov r5, #(domain_val(DOMAIN_USER, DOMAIN_MANAGER) | \ domain_val(DOMAIN_KERNEL, DOMAIN_MANAGER) | \ domain_val(DOMAIN_TABLE, DOMAIN_MANAGER) | \ @@ -2760,6 +2804,26 @@ index 1e9be5d..03edbc2 100644 #endif int +diff --git a/arch/arm/kernel/patch.c b/arch/arm/kernel/patch.c +index 07314af..c46655c 100644 +--- a/arch/arm/kernel/patch.c ++++ b/arch/arm/kernel/patch.c +@@ -18,6 +18,7 @@ void __kprobes __patch_text(void *addr, unsigned int insn) + bool thumb2 = IS_ENABLED(CONFIG_THUMB2_KERNEL); + int size; + ++ pax_open_kernel(); + if (thumb2 && __opcode_is_thumb16(insn)) { + *(u16 *)addr = __opcode_to_mem_thumb16(insn); + size = sizeof(u16); +@@ -39,6 +40,7 @@ void __kprobes __patch_text(void *addr, unsigned int insn) + *(u32 *)addr = insn; + size = sizeof(u32); + } ++ pax_close_kernel(); + + flush_icache_range((uintptr_t)(addr), + (uintptr_t)(addr) + size); diff --git a/arch/arm/kernel/perf_event_cpu.c b/arch/arm/kernel/perf_event_cpu.c index 5f66206..dce492f 100644 --- a/arch/arm/kernel/perf_event_cpu.c @@ -2904,7 +2968,7 @@ index 3f6cbb2..6d856f5 100644 #ifdef MULTI_TLB cpu_tlb = *list->tlb; diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c -index 84f4cbf..672f5b8 100644 +index 58af91c..343ce99 100644 --- a/arch/arm/kernel/smp.c +++ b/arch/arm/kernel/smp.c @@ -70,7 +70,7 @@ enum ipi_msg_type { @@ -3133,7 +3197,7 @@ index 7d08b43..f7ca7ea 100644 #include "csumpartialcopygeneric.S" diff --git a/arch/arm/lib/delay.c b/arch/arm/lib/delay.c -index 0dc5385..45833ef 100644 +index 6b93f6a..88d9b64 100644 --- a/arch/arm/lib/delay.c +++ b/arch/arm/lib/delay.c @@ -28,12 +28,14 @@ @@ -3152,7 +3216,7 @@ index 0dc5385..45833ef 100644 static const struct delay_timer *delay_timer; static bool delay_calibrated; -@@ -67,6 +69,12 @@ static void __timer_udelay(unsigned long usecs) +@@ -67,6 +69,13 @@ static void __timer_udelay(unsigned long usecs) __timer_const_udelay(usecs * UDELAY_MULT); } @@ -3160,18 +3224,20 @@ index 0dc5385..45833ef 100644 + .delay = __timer_delay, + .const_udelay = __timer_const_udelay, + .udelay = __timer_udelay, ++ .const_clock = true, +}; + void __init register_current_timer_delay(const struct delay_timer *timer) { if (!delay_calibrated) { -@@ -74,9 +82,7 @@ void __init register_current_timer_delay(const struct delay_timer *timer) +@@ -74,10 +83,7 @@ void __init register_current_timer_delay(const struct delay_timer *timer) delay_timer = timer; lpj_fine = timer->freq / HZ; loops_per_jiffy = lpj_fine; - arm_delay_ops.delay = __timer_delay; - arm_delay_ops.const_udelay = __timer_const_udelay; - arm_delay_ops.udelay = __timer_udelay; +- arm_delay_ops.const_clock = true; + arm_delay_ops = &arm_timer_delay_ops; delay_calibrated = true; } else { @@ -3239,6 +3305,53 @@ index 0abb30f..54064da 100644 .late_init = n8x0_menelaus_late_init, }; +diff --git a/arch/arm/mach-omap2/gpmc.c b/arch/arm/mach-omap2/gpmc.c +index 8033cb7..2f7cb62 100644 +--- a/arch/arm/mach-omap2/gpmc.c ++++ b/arch/arm/mach-omap2/gpmc.c +@@ -139,7 +139,6 @@ struct omap3_gpmc_regs { + }; + + static struct gpmc_client_irq gpmc_client_irq[GPMC_NR_IRQ]; +-static struct irq_chip gpmc_irq_chip; + static unsigned gpmc_irq_start; + + static struct resource gpmc_mem_root; +@@ -700,6 +699,18 @@ static void gpmc_irq_noop(struct irq_data *data) { } + + static unsigned int gpmc_irq_noop_ret(struct irq_data *data) { return 0; } + ++static struct irq_chip gpmc_irq_chip = { ++ .name = "gpmc", ++ .irq_startup = gpmc_irq_noop_ret, ++ .irq_enable = gpmc_irq_enable, ++ .irq_disable = gpmc_irq_disable, ++ .irq_shutdown = gpmc_irq_noop, ++ .irq_ack = gpmc_irq_noop, ++ .irq_mask = gpmc_irq_noop, ++ .irq_unmask = gpmc_irq_noop, ++ ++}; ++ + static int gpmc_setup_irq(void) + { + int i; +@@ -714,15 +725,6 @@ static int gpmc_setup_irq(void) + return gpmc_irq_start; + } + +- gpmc_irq_chip.name = "gpmc"; +- gpmc_irq_chip.irq_startup = gpmc_irq_noop_ret; +- gpmc_irq_chip.irq_enable = gpmc_irq_enable; +- gpmc_irq_chip.irq_disable = gpmc_irq_disable; +- gpmc_irq_chip.irq_shutdown = gpmc_irq_noop; +- gpmc_irq_chip.irq_ack = gpmc_irq_noop; +- gpmc_irq_chip.irq_mask = gpmc_irq_noop; +- gpmc_irq_chip.irq_unmask = gpmc_irq_noop; +- + gpmc_client_irq[0].bitmask = GPMC_IRQ_FIFOEVENTENABLE; + gpmc_client_irq[1].bitmask = GPMC_IRQ_COUNT_EVENT; + diff --git a/arch/arm/mach-omap2/omap-wakeupgen.c b/arch/arm/mach-omap2/omap-wakeupgen.c index 5d3b4f4..ddba3c0 100644 --- a/arch/arm/mach-omap2/omap-wakeupgen.c @@ -3252,6 +3365,49 @@ index 5d3b4f4..ddba3c0 100644 .notifier_call = irq_cpu_hotplug_notify, }; +diff --git a/arch/arm/mach-omap2/omap_device.c b/arch/arm/mach-omap2/omap_device.c +index e065daa..7b1ad9b 100644 +--- a/arch/arm/mach-omap2/omap_device.c ++++ b/arch/arm/mach-omap2/omap_device.c +@@ -686,7 +686,7 @@ void omap_device_delete(struct omap_device *od) + * passes along the return value of omap_device_build_ss(). + */ + struct platform_device __init *omap_device_build(const char *pdev_name, int pdev_id, +- struct omap_hwmod *oh, void *pdata, ++ struct omap_hwmod *oh, const void *pdata, + int pdata_len, + struct omap_device_pm_latency *pm_lats, + int pm_lats_cnt, int is_early_device) +@@ -720,7 +720,7 @@ struct platform_device __init *omap_device_build(const char *pdev_name, int pdev + */ + struct platform_device __init *omap_device_build_ss(const char *pdev_name, int pdev_id, + struct omap_hwmod **ohs, int oh_cnt, +- void *pdata, int pdata_len, ++ const void *pdata, int pdata_len, + struct omap_device_pm_latency *pm_lats, + int pm_lats_cnt, int is_early_device) + { +diff --git a/arch/arm/mach-omap2/omap_device.h b/arch/arm/mach-omap2/omap_device.h +index 0933c59..42b8e2d 100644 +--- a/arch/arm/mach-omap2/omap_device.h ++++ b/arch/arm/mach-omap2/omap_device.h +@@ -91,14 +91,14 @@ int omap_device_shutdown(struct platform_device *pdev); + /* Core code interface */ + + struct platform_device *omap_device_build(const char *pdev_name, int pdev_id, +- struct omap_hwmod *oh, void *pdata, ++ struct omap_hwmod *oh, const void *pdata, + int pdata_len, + struct omap_device_pm_latency *pm_lats, + int pm_lats_cnt, int is_early_device); + + struct platform_device *omap_device_build_ss(const char *pdev_name, int pdev_id, + struct omap_hwmod **oh, int oh_cnt, +- void *pdata, int pdata_len, ++ const void *pdata, int pdata_len, + struct omap_device_pm_latency *pm_lats, + int pm_lats_cnt, int is_early_device); + diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c index 4653efb..8c60bf7 100644 --- a/arch/arm/mach-omap2/omap_hwmod.c @@ -4055,19 +4211,6 @@ index a5bc92d..0bb4730 100644 omap_sram_size - omap_sram_skip); + pax_close_kernel(); } -diff --git a/arch/arm/plat-orion/include/plat/addr-map.h b/arch/arm/plat-orion/include/plat/addr-map.h -index b76c065..b6e766b 100644 ---- a/arch/arm/plat-orion/include/plat/addr-map.h -+++ b/arch/arm/plat-orion/include/plat/addr-map.h -@@ -27,7 +27,7 @@ struct orion_addr_map_cfg { - value in bridge_virt_base */ - void __iomem *(*win_cfg_base) (const struct orion_addr_map_cfg *cfg, - const int win); --}; -+} __no_const; - - /* - * Information needed to setup one address mapping. diff --git a/arch/arm/plat-samsung/include/plat/dma-ops.h b/arch/arm/plat-samsung/include/plat/dma-ops.h index f5144cd..71f6d1f 100644 --- a/arch/arm/plat-samsung/include/plat/dma-ops.h @@ -13099,6 +13242,19 @@ index eb92a6e..b98b2f4 100644 /* EISA */ extern void eisa_set_level_irq(unsigned int irq); +diff --git a/arch/x86/include/asm/i8259.h b/arch/x86/include/asm/i8259.h +index a203659..9889f1c 100644 +--- a/arch/x86/include/asm/i8259.h ++++ b/arch/x86/include/asm/i8259.h +@@ -62,7 +62,7 @@ struct legacy_pic { + void (*init)(int auto_eoi); + int (*irq_pending)(unsigned int irq); + void (*make_irq)(unsigned int irq); +-}; ++} __do_const; + + extern struct legacy_pic *legacy_pic; + extern struct legacy_pic null_legacy_pic; diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h index d8e8eef..15b1179 100644 --- a/arch/x86/include/asm/io.h @@ -13598,6 +13754,33 @@ index e3b7819..b257c64 100644 +#define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY MODULE_PAX_KERNEXEC MODULE_PAX_UDEREF + #endif /* _ASM_X86_MODULE_H */ +diff --git a/arch/x86/include/asm/nmi.h b/arch/x86/include/asm/nmi.h +index c0fa356..07a498a 100644 +--- a/arch/x86/include/asm/nmi.h ++++ b/arch/x86/include/asm/nmi.h +@@ -42,11 +42,11 @@ struct nmiaction { + nmi_handler_t handler; + unsigned long flags; + const char *name; +-}; ++} __do_const; + + #define register_nmi_handler(t, fn, fg, n, init...) \ + ({ \ +- static struct nmiaction init fn##_na = { \ ++ static const struct nmiaction init fn##_na = { \ + .handler = (fn), \ + .name = (n), \ + .flags = (fg), \ +@@ -54,7 +54,7 @@ struct nmiaction { + __register_nmi_handler((t), &fn##_na); \ + }) + +-int __register_nmi_handler(unsigned int, struct nmiaction *); ++int __register_nmi_handler(unsigned int, const struct nmiaction *); + + void unregister_nmi_handler(unsigned int, const char *); + diff --git a/arch/x86/include/asm/page_64_types.h b/arch/x86/include/asm/page_64_types.h index 320f7bb..e89f8f8 100644 --- a/arch/x86/include/asm/page_64_types.h @@ -16055,6 +16238,28 @@ index 34e923a..0c6bb6e 100644 obj-$(CONFIG_X86_64) += sys_x86_64.o x8664_ksyms_64.o obj-y += syscall_$(BITS).o obj-$(CONFIG_X86_64) += vsyscall_64.o +diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c +index bacf4b0..4ede72e 100644 +--- a/arch/x86/kernel/acpi/boot.c ++++ b/arch/x86/kernel/acpi/boot.c +@@ -1358,7 +1358,7 @@ static int __init dmi_ignore_irq0_timer_override(const struct dmi_system_id *d) + * If your system is blacklisted here, but you find that acpi=force + * works for you, please contact linux-acpi@vger.kernel.org + */ +-static struct dmi_system_id __initdata acpi_dmi_table[] = { ++static const struct dmi_system_id __initconst acpi_dmi_table[] = { + /* + * Boxes that need ACPI disabled + */ +@@ -1433,7 +1433,7 @@ static struct dmi_system_id __initdata acpi_dmi_table[] = { + }; + + /* second table for DMI checks that should run after early-quirks */ +-static struct dmi_system_id __initdata acpi_dmi_table_late[] = { ++static const struct dmi_system_id __initconst acpi_dmi_table_late[] = { + /* + * HP laptops which use a DSDT reporting as HP/SB400/10000, + * which includes some code which overrides all temperature diff --git a/arch/x86/kernel/acpi/sleep.c b/arch/x86/kernel/acpi/sleep.c index d5e0d71..6533e08 100644 --- a/arch/x86/kernel/acpi/sleep.c @@ -16273,6 +16478,19 @@ index 00c77cf..2dc6a2d 100644 .name = "physical flat", .probe = physflat_probe, +diff --git a/arch/x86/kernel/apic/apic_noop.c b/arch/x86/kernel/apic/apic_noop.c +index e145f28..2752888 100644 +--- a/arch/x86/kernel/apic/apic_noop.c ++++ b/arch/x86/kernel/apic/apic_noop.c +@@ -119,7 +119,7 @@ static void noop_apic_write(u32 reg, u32 v) + WARN_ON_ONCE(cpu_has_apic && !disable_apic); + } + +-struct apic apic_noop = { ++struct apic apic_noop __read_only = { + .name = "noop", + .probe = noop_probe, + .acpi_madt_oem_check = NULL, diff --git a/arch/x86/kernel/apic/bigsmp_32.c b/arch/x86/kernel/apic/bigsmp_32.c index d50e364..543bee3 100644 --- a/arch/x86/kernel/apic/bigsmp_32.c @@ -16287,7 +16505,7 @@ index d50e364..543bee3 100644 .name = "bigsmp", .probe = probe_bigsmp, diff --git a/arch/x86/kernel/apic/es7000_32.c b/arch/x86/kernel/apic/es7000_32.c -index 0874799..24a836e 100644 +index 0874799..a7a7892 100644 --- a/arch/x86/kernel/apic/es7000_32.c +++ b/arch/x86/kernel/apic/es7000_32.c @@ -608,8 +608,7 @@ static int es7000_mps_oem_check_cluster(struct mpc_table *mpc, char *oem, @@ -16305,12 +16523,12 @@ index 0874799..24a836e 100644 }; -static struct apic __refdata apic_es7000 = { -+static struct apic __refdata apic_es7000 __read_only = { ++static struct apic apic_es7000 __read_only = { .name = "es7000", .probe = probe_es7000, diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c -index b739d39..6e4f1db 100644 +index b739d39..aebc14c 100644 --- a/arch/x86/kernel/apic/io_apic.c +++ b/arch/x86/kernel/apic/io_apic.c @@ -1084,7 +1084,7 @@ int IO_APIC_get_PCI_irq_vector(int bus, int slot, int pin, @@ -16349,6 +16567,24 @@ index b739d39..6e4f1db 100644 eoi_ioapic_irq(irq, cfg); } +@@ -2567,11 +2567,13 @@ static void ir_print_prefix(struct irq_data *data, struct seq_file *p) + + static void irq_remap_modify_chip_defaults(struct irq_chip *chip) + { +- chip->irq_print_chip = ir_print_prefix; +- chip->irq_ack = ir_ack_apic_edge; +- chip->irq_eoi = ir_ack_apic_level; ++ pax_open_kernel(); ++ *(void **)&chip->irq_print_chip = ir_print_prefix; ++ *(void **)&chip->irq_ack = ir_ack_apic_edge; ++ *(void **)&chip->irq_eoi = ir_ack_apic_level; + +- chip->irq_set_affinity = set_remapped_irq_affinity; ++ *(void **)&chip->irq_set_affinity = set_remapped_irq_affinity; ++ pax_close_kernel(); + } + #endif /* CONFIG_IRQ_REMAP */ + diff --git a/arch/x86/kernel/apic/numaq_32.c b/arch/x86/kernel/apic/numaq_32.c index d661ee9..791fd33 100644 --- a/arch/x86/kernel/apic/numaq_32.c @@ -16850,7 +17086,7 @@ index 84c1309..39b7224 100644 }; diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c -index 80dbda8..b45ebad 100644 +index 80dbda8..be16652 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -45,6 +45,7 @@ @@ -16974,6 +17210,15 @@ index 80dbda8..b45ebad 100644 .notifier_call = mce_cpu_callback, }; +@@ -2382,7 +2385,7 @@ static __init void mce_init_banks(void) + + for (i = 0; i < mca_cfg.banks; i++) { + struct mce_bank *b = &mce_banks[i]; +- struct device_attribute *a = &b->attr; ++ device_attribute_no_const *a = &b->attr; + + sysfs_attr_init(&a->attr); + a->attr.name = b->attrname; @@ -2450,7 +2453,7 @@ struct dentry *mce_get_debugfs_dir(void) static void mce_reset(void) { @@ -17067,9 +17312,36 @@ index df5e41f..816c719 100644 extern int generic_get_free_region(unsigned long base, unsigned long size, int replace_reg); diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c -index 6774c17..a691911 100644 +index 6774c17..72c1b22 100644 --- a/arch/x86/kernel/cpu/perf_event.c +++ b/arch/x86/kernel/cpu/perf_event.c +@@ -1305,7 +1305,7 @@ static void __init pmu_check_apic(void) + pr_info("no hardware sampling interrupt available.\n"); + } + +-static struct attribute_group x86_pmu_format_group = { ++static attribute_group_no_const x86_pmu_format_group = { + .name = "format", + .attrs = NULL, + }; +@@ -1313,7 +1313,7 @@ static struct attribute_group x86_pmu_format_group = { + struct perf_pmu_events_attr { + struct device_attribute attr; + u64 id; +-}; ++} __do_const; + + /* + * Remove all undefined events (x86_pmu.event_map(id) == 0) +@@ -1381,7 +1381,7 @@ static struct attribute *events_attr[] = { + NULL, + }; + +-static struct attribute_group x86_pmu_events_group = { ++static attribute_group_no_const x86_pmu_events_group = { + .name = "events", + .attrs = events_attr, + }; @@ -1880,7 +1880,7 @@ static unsigned long get_segment_base(unsigned int segment) if (idx > GDT_ENTRIES) return 0; @@ -17107,9 +17379,18 @@ index 4914e94..60b06e3 100644 intel_ds_init(); diff --git a/arch/x86/kernel/cpu/perf_event_intel_uncore.c b/arch/x86/kernel/cpu/perf_event_intel_uncore.c -index b43200d..62cddfe 100644 +index b43200d..7fdcdbb 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_uncore.c +++ b/arch/x86/kernel/cpu/perf_event_intel_uncore.c +@@ -2428,7 +2428,7 @@ static void __init uncore_types_exit(struct intel_uncore_type **types) + static int __init uncore_type_init(struct intel_uncore_type *type) + { + struct intel_uncore_pmu *pmus; +- struct attribute_group *events_group; ++ attribute_group_no_const *events_group; + struct attribute **attrs; + int i, j; + @@ -2826,7 +2826,7 @@ static int return NOTIFY_OK; } @@ -17119,6 +17400,19 @@ index b43200d..62cddfe 100644 .notifier_call = uncore_cpu_notifier, /* * to migrate uncore events, our notifier should be executed +diff --git a/arch/x86/kernel/cpu/perf_event_intel_uncore.h b/arch/x86/kernel/cpu/perf_event_intel_uncore.h +index e68a455..975a932 100644 +--- a/arch/x86/kernel/cpu/perf_event_intel_uncore.h ++++ b/arch/x86/kernel/cpu/perf_event_intel_uncore.h +@@ -428,7 +428,7 @@ struct intel_uncore_box { + struct uncore_event_desc { + struct kobj_attribute attr; + const char *config; +-}; ++} __do_const; + + #define INTEL_UNCORE_EVENT_DESC(_name, _config) \ + { \ diff --git a/arch/x86/kernel/cpuid.c b/arch/x86/kernel/cpuid.c index 60c7891..9e911d3 100644 --- a/arch/x86/kernel/cpuid.c @@ -20191,7 +20485,7 @@ index 245a71d..89d9ce4 100644 /* diff --git a/arch/x86/kernel/i8259.c b/arch/x86/kernel/i8259.c -index 9a5c460..dc4374d 100644 +index 9a5c460..b332a4b 100644 --- a/arch/x86/kernel/i8259.c +++ b/arch/x86/kernel/i8259.c @@ -209,7 +209,7 @@ spurious_8259A_irq: @@ -20203,6 +20497,38 @@ index 9a5c460..dc4374d 100644 /* * Theoretically we do not have to handle this IRQ, * but in Linux this does not cause problems and is +@@ -333,14 +333,16 @@ static void init_8259A(int auto_eoi) + /* (slave's support for AEOI in flat mode is to be investigated) */ + outb_pic(SLAVE_ICW4_DEFAULT, PIC_SLAVE_IMR); + ++ pax_open_kernel(); + if (auto_eoi) + /* + * In AEOI mode we just have to mask the interrupt + * when acking. + */ +- i8259A_chip.irq_mask_ack = disable_8259A_irq; ++ *(void **)&i8259A_chip.irq_mask_ack = disable_8259A_irq; + else +- i8259A_chip.irq_mask_ack = mask_and_ack_8259A; ++ *(void **)&i8259A_chip.irq_mask_ack = mask_and_ack_8259A; ++ pax_close_kernel(); + + udelay(100); /* wait for 8259A to initialize */ + +diff --git a/arch/x86/kernel/io_delay.c b/arch/x86/kernel/io_delay.c +index a979b5b..1d6db75 100644 +--- a/arch/x86/kernel/io_delay.c ++++ b/arch/x86/kernel/io_delay.c +@@ -58,7 +58,7 @@ static int __init dmi_io_delay_0xed_port(const struct dmi_system_id *id) + * Quirk table for systems that misbehave (lock up, etc.) if port + * 0x80 is used: + */ +-static struct dmi_system_id __initdata io_delay_0xed_port_dmi_table[] = { ++static const struct dmi_system_id __initconst io_delay_0xed_port_dmi_table[] = { + { + .callback = dmi_io_delay_0xed_port, + .ident = "Compaq Presario V6000", diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c index 8c96897..be66bfa 100644 --- a/arch/x86/kernel/ioport.c @@ -21021,9 +21347,39 @@ index 4929502..686c291 100644 }; diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c -index f84f5c5..e27e54b 100644 +index f84f5c5..f404e81 100644 --- a/arch/x86/kernel/nmi.c +++ b/arch/x86/kernel/nmi.c +@@ -105,7 +105,7 @@ static int __kprobes nmi_handle(unsigned int type, struct pt_regs *regs, bool b2 + return handled; + } + +-int __register_nmi_handler(unsigned int type, struct nmiaction *action) ++int __register_nmi_handler(unsigned int type, const struct nmiaction *action) + { + struct nmi_desc *desc = nmi_to_desc(type); + unsigned long flags; +@@ -129,9 +129,9 @@ int __register_nmi_handler(unsigned int type, struct nmiaction *action) + * event confuses some handlers (kdump uses this flag) + */ + if (action->flags & NMI_FLAG_FIRST) +- list_add_rcu(&action->list, &desc->head); ++ pax_list_add_rcu((struct list_head *)&action->list, &desc->head); + else +- list_add_tail_rcu(&action->list, &desc->head); ++ pax_list_add_tail_rcu((struct list_head *)&action->list, &desc->head); + + spin_unlock_irqrestore(&desc->lock, flags); + return 0; +@@ -154,7 +154,7 @@ void unregister_nmi_handler(unsigned int type, const char *name) + if (!strcmp(n->name, name)) { + WARN(in_nmi(), + "Trying to free NMI (%s) from NMI context!\n", n->name); +- list_del_rcu(&n->list); ++ pax_list_del_rcu((struct list_head *)&n->list); + break; + } + } @@ -479,6 +479,17 @@ static inline void nmi_nesting_postprocess(void) dotraplinkage notrace __kprobes void do_nmi(struct pt_regs *regs, long error_code) @@ -21042,6 +21398,28 @@ index f84f5c5..e27e54b 100644 nmi_nesting_preprocess(regs); nmi_enter(); +diff --git a/arch/x86/kernel/nmi_selftest.c b/arch/x86/kernel/nmi_selftest.c +index 6d9582e..f746287 100644 +--- a/arch/x86/kernel/nmi_selftest.c ++++ b/arch/x86/kernel/nmi_selftest.c +@@ -43,7 +43,7 @@ static void __init init_nmi_testsuite(void) + { + /* trap all the unknown NMIs we may generate */ + register_nmi_handler(NMI_UNKNOWN, nmi_unk_cb, 0, "nmi_selftest_unk", +- __initdata); ++ __initconst); + } + + static void __init cleanup_nmi_testsuite(void) +@@ -66,7 +66,7 @@ static void __init test_nmi_ipi(struct cpumask *mask) + unsigned long timeout; + + if (register_nmi_handler(NMI_LOCAL, test_nmi_ipi_callback, +- NMI_FLAG_FIRST, "nmi_selftest", __initdata)) { ++ NMI_FLAG_FIRST, "nmi_selftest", __initconst)) { + nmi_fail = FAILURE; + return; + } diff --git a/arch/x86/kernel/paravirt-spinlocks.c b/arch/x86/kernel/paravirt-spinlocks.c index 676b8c7..870ba04 100644 --- a/arch/x86/kernel/paravirt-spinlocks.c @@ -21203,6 +21581,19 @@ index 35ccf75..7a15747 100644 #define DEBUG 1 +diff --git a/arch/x86/kernel/pci-swiotlb.c b/arch/x86/kernel/pci-swiotlb.c +index 6c483ba..d10ce2f 100644 +--- a/arch/x86/kernel/pci-swiotlb.c ++++ b/arch/x86/kernel/pci-swiotlb.c +@@ -32,7 +32,7 @@ static void x86_swiotlb_free_coherent(struct device *dev, size_t size, + void *vaddr, dma_addr_t dma_addr, + struct dma_attrs *attrs) + { +- swiotlb_free_coherent(dev, size, vaddr, dma_addr); ++ swiotlb_free_coherent(dev, size, vaddr, dma_addr, attrs); + } + + static struct dma_map_ops swiotlb_dma_ops = { diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c index 2ed787f..f70c9f6 100644 --- a/arch/x86/kernel/process.c @@ -21611,7 +22002,7 @@ index b629bbe..0fa615a 100644 if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) diff --git a/arch/x86/kernel/pvclock.c b/arch/x86/kernel/pvclock.c -index 85c3959..76b89f9 100644 +index 2cb9470..ff1fd80 100644 --- a/arch/x86/kernel/pvclock.c +++ b/arch/x86/kernel/pvclock.c @@ -43,11 +43,11 @@ unsigned long pvclock_tsc_khz(struct pvclock_vcpu_time_info *src) @@ -22042,10 +22433,10 @@ index 9b4d51d..5d28b58 100644 switch (opcode[i]) { diff --git a/arch/x86/kernel/sys_i386_32.c b/arch/x86/kernel/sys_i386_32.c new file mode 100644 -index 0000000..26bb1af +index 0000000..207bec6 --- /dev/null +++ b/arch/x86/kernel/sys_i386_32.c -@@ -0,0 +1,249 @@ +@@ -0,0 +1,250 @@ +/* + * This file contains various random system calls that + * have a non-standard calling sequence on the Linux/i386 @@ -22081,8 +22472,9 @@ index 0000000..26bb1af + pax_task_size = SEGMEXEC_TASK_SIZE; +#endif + -+ if (len > pax_task_size || addr > pax_task_size - len) -+ return -EINVAL; ++ if (flags & MAP_FIXED) ++ if (len > pax_task_size || addr > pax_task_size - len) ++ return -EINVAL; + + return 0; +} @@ -29017,6 +29409,89 @@ index d6aa6e8..266395a 100644 unsigned long stack = kernel_stack_pointer(regs); if (depth) dump_trace(NULL, regs, (unsigned long *)stack, 0, +diff --git a/arch/x86/oprofile/nmi_int.c b/arch/x86/oprofile/nmi_int.c +index 48768df..ba9143c 100644 +--- a/arch/x86/oprofile/nmi_int.c ++++ b/arch/x86/oprofile/nmi_int.c +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + #include "op_counter.h" + #include "op_x86_model.h" +@@ -774,8 +775,11 @@ int __init op_nmi_init(struct oprofile_operations *ops) + if (ret) + return ret; + +- if (!model->num_virt_counters) +- model->num_virt_counters = model->num_counters; ++ if (!model->num_virt_counters) { ++ pax_open_kernel(); ++ *(unsigned int *)&model->num_virt_counters = model->num_counters; ++ pax_close_kernel(); ++ } + + mux_init(ops); + +diff --git a/arch/x86/oprofile/op_model_amd.c b/arch/x86/oprofile/op_model_amd.c +index b2b9443..be58856 100644 +--- a/arch/x86/oprofile/op_model_amd.c ++++ b/arch/x86/oprofile/op_model_amd.c +@@ -519,9 +519,11 @@ static int op_amd_init(struct oprofile_operations *ops) + num_counters = AMD64_NUM_COUNTERS; + } + +- op_amd_spec.num_counters = num_counters; +- op_amd_spec.num_controls = num_counters; +- op_amd_spec.num_virt_counters = max(num_counters, NUM_VIRT_COUNTERS); ++ pax_open_kernel(); ++ *(unsigned int *)&op_amd_spec.num_counters = num_counters; ++ *(unsigned int *)&op_amd_spec.num_controls = num_counters; ++ *(unsigned int *)&op_amd_spec.num_virt_counters = max(num_counters, NUM_VIRT_COUNTERS); ++ pax_close_kernel(); + + return 0; + } +diff --git a/arch/x86/oprofile/op_model_ppro.c b/arch/x86/oprofile/op_model_ppro.c +index d90528e..0127e2b 100644 +--- a/arch/x86/oprofile/op_model_ppro.c ++++ b/arch/x86/oprofile/op_model_ppro.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + + #include "op_x86_model.h" + #include "op_counter.h" +@@ -221,8 +222,10 @@ static void arch_perfmon_setup_counters(void) + + num_counters = min((int)eax.split.num_counters, OP_MAX_COUNTER); + +- op_arch_perfmon_spec.num_counters = num_counters; +- op_arch_perfmon_spec.num_controls = num_counters; ++ pax_open_kernel(); ++ *(unsigned int *)&op_arch_perfmon_spec.num_counters = num_counters; ++ *(unsigned int *)&op_arch_perfmon_spec.num_controls = num_counters; ++ pax_close_kernel(); + } + + static int arch_perfmon_init(struct oprofile_operations *ignore) +diff --git a/arch/x86/oprofile/op_x86_model.h b/arch/x86/oprofile/op_x86_model.h +index 71e8a67..6a313bb 100644 +--- a/arch/x86/oprofile/op_x86_model.h ++++ b/arch/x86/oprofile/op_x86_model.h +@@ -52,7 +52,7 @@ struct op_x86_model_spec { + void (*switch_ctrl)(struct op_x86_model_spec const *model, + struct op_msrs const * const msrs); + #endif +-}; ++} __do_const; + + struct op_counter_config; + diff --git a/arch/x86/pci/amd_bus.c b/arch/x86/pci/amd_bus.c index e9e6ed5..e47ae67 100644 --- a/arch/x86/pci/amd_bus.c @@ -29030,6 +29505,46 @@ index e9e6ed5..e47ae67 100644 .notifier_call = amd_cpu_notify, }; +diff --git a/arch/x86/pci/irq.c b/arch/x86/pci/irq.c +index 372e9b8..e775a6c 100644 +--- a/arch/x86/pci/irq.c ++++ b/arch/x86/pci/irq.c +@@ -50,7 +50,7 @@ struct irq_router { + struct irq_router_handler { + u16 vendor; + int (*probe)(struct irq_router *r, struct pci_dev *router, u16 device); +-}; ++} __do_const; + + int (*pcibios_enable_irq)(struct pci_dev *dev) = pirq_enable_irq; + void (*pcibios_disable_irq)(struct pci_dev *dev) = NULL; +@@ -794,7 +794,7 @@ static __init int pico_router_probe(struct irq_router *r, struct pci_dev *router + return 0; + } + +-static __initdata struct irq_router_handler pirq_routers[] = { ++static __initconst const struct irq_router_handler pirq_routers[] = { + { PCI_VENDOR_ID_INTEL, intel_router_probe }, + { PCI_VENDOR_ID_AL, ali_router_probe }, + { PCI_VENDOR_ID_ITE, ite_router_probe }, +@@ -821,7 +821,7 @@ static struct pci_dev *pirq_router_dev; + static void __init pirq_find_router(struct irq_router *r) + { + struct irq_routing_table *rt = pirq_table; +- struct irq_router_handler *h; ++ const struct irq_router_handler *h; + + #ifdef CONFIG_PCI_BIOS + if (!rt->signature) { +@@ -1094,7 +1094,7 @@ static int __init fix_acer_tm360_irqrouting(const struct dmi_system_id *d) + return 0; + } + +-static struct dmi_system_id __initdata pciirq_dmi_table[] = { ++static const struct dmi_system_id __initconst pciirq_dmi_table[] = { + { + .callback = fix_broken_hp_bios_irq9, + .ident = "HP Pavilion N5400 Series Laptop", diff --git a/arch/x86/pci/mrst.c b/arch/x86/pci/mrst.c index 6eb18c4..20d83de 100644 --- a/arch/x86/pci/mrst.c @@ -30130,10 +30645,10 @@ index 431e875..cbb23f3 100644 -} -__setup("vdso=", vdso_setup); diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index e014092..c76ab69 100644 +index 2262003..f229ced 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c -@@ -99,8 +99,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); +@@ -100,8 +100,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); struct shared_info xen_dummy_shared_info; @@ -30142,7 +30657,7 @@ index e014092..c76ab69 100644 RESERVE_BRK(shared_info_page_brk, PAGE_SIZE); __read_mostly int xen_have_vector_callback; EXPORT_SYMBOL_GPL(xen_have_vector_callback); -@@ -495,8 +493,7 @@ static void xen_load_gdt(const struct desc_ptr *dtr) +@@ -496,8 +494,7 @@ static void xen_load_gdt(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; @@ -30152,7 +30667,7 @@ index e014092..c76ab69 100644 int f; /* -@@ -544,8 +541,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) +@@ -545,8 +542,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; @@ -30162,7 +30677,7 @@ index e014092..c76ab69 100644 int f; /* -@@ -938,7 +934,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) +@@ -939,7 +935,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) return 0; } @@ -30171,7 +30686,7 @@ index e014092..c76ab69 100644 { apic->read = xen_apic_read; apic->write = xen_apic_write; -@@ -1244,30 +1240,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { +@@ -1245,30 +1241,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { #endif }; @@ -30209,7 +30724,7 @@ index e014092..c76ab69 100644 { if (pm_power_off) pm_power_off(); -@@ -1369,7 +1365,17 @@ asmlinkage void __init xen_start_kernel(void) +@@ -1370,7 +1366,17 @@ asmlinkage void __init xen_start_kernel(void) __userpte_alloc_gfp &= ~__GFP_HIGHMEM; /* Work out if we support NX */ @@ -30228,7 +30743,7 @@ index e014092..c76ab69 100644 xen_setup_features(); -@@ -1398,14 +1404,7 @@ asmlinkage void __init xen_start_kernel(void) +@@ -1399,14 +1405,7 @@ asmlinkage void __init xen_start_kernel(void) pv_mmu_ops.ptep_modify_prot_commit = xen_ptep_modify_prot_commit; } @@ -30244,7 +30759,7 @@ index e014092..c76ab69 100644 xen_smp_init(); -@@ -1590,7 +1589,7 @@ static int __cpuinit xen_hvm_cpu_notify(struct notifier_block *self, +@@ -1598,7 +1597,7 @@ static int __cpuinit xen_hvm_cpu_notify(struct notifier_block *self, return NOTIFY_OK; } @@ -30655,93 +31170,6 @@ index 9a87daa..fb17486 100644 if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len)) goto error; -diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c -index 533de95..7d4a8d2 100644 ---- a/crypto/ablkcipher.c -+++ b/crypto/ablkcipher.c -@@ -388,9 +388,9 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_blkcipher rblkcipher; - -- snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "ablkcipher"); -- snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s", -- alg->cra_ablkcipher.geniv ?: ""); -+ strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type)); -+ strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "", -+ sizeof(rblkcipher.geniv)); - - rblkcipher.blocksize = alg->cra_blocksize; - rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; -@@ -469,9 +469,9 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_blkcipher rblkcipher; - -- snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "givcipher"); -- snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s", -- alg->cra_ablkcipher.geniv ?: ""); -+ strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type)); -+ strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "", -+ sizeof(rblkcipher.geniv)); - - rblkcipher.blocksize = alg->cra_blocksize; - rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; -diff --git a/crypto/aead.c b/crypto/aead.c -index 0b8121e..27bc487 100644 ---- a/crypto/aead.c -+++ b/crypto/aead.c -@@ -117,9 +117,8 @@ static int crypto_aead_report(struct sk_buff *skb, struct crypto_alg *alg) - struct crypto_report_aead raead; - struct aead_alg *aead = &alg->cra_aead; - -- snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "aead"); -- snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s", -- aead->geniv ?: ""); -+ strncpy(raead.type, "aead", sizeof(raead.type)); -+ strncpy(raead.geniv, aead->geniv ?: "", sizeof(raead.geniv)); - - raead.blocksize = alg->cra_blocksize; - raead.maxauthsize = aead->maxauthsize; -@@ -203,8 +202,8 @@ static int crypto_nivaead_report(struct sk_buff *skb, struct crypto_alg *alg) - struct crypto_report_aead raead; - struct aead_alg *aead = &alg->cra_aead; - -- snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "nivaead"); -- snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s", aead->geniv); -+ strncpy(raead.type, "nivaead", sizeof(raead.type)); -+ strncpy(raead.geniv, aead->geniv, sizeof(raead.geniv)); - - raead.blocksize = alg->cra_blocksize; - raead.maxauthsize = aead->maxauthsize; -diff --git a/crypto/ahash.c b/crypto/ahash.c -index 3887856..793a27f 100644 ---- a/crypto/ahash.c -+++ b/crypto/ahash.c -@@ -404,7 +404,7 @@ static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_hash rhash; - -- snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "ahash"); -+ strncpy(rhash.type, "ahash", sizeof(rhash.type)); - - rhash.blocksize = alg->cra_blocksize; - rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize; -diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c -index a8d85a1..c44e014 100644 ---- a/crypto/blkcipher.c -+++ b/crypto/blkcipher.c -@@ -499,9 +499,9 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_blkcipher rblkcipher; - -- snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "blkcipher"); -- snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s", -- alg->cra_blkcipher.geniv ?: ""); -+ strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type)); -+ strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "", -+ sizeof(rblkcipher.geniv)); - - rblkcipher.blocksize = alg->cra_blocksize; - rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize; diff --git a/crypto/cryptd.c b/crypto/cryptd.c index 7bdd61b..afec999 100644 --- a/crypto/cryptd.c @@ -30765,7 +31193,7 @@ index 7bdd61b..afec999 100644 static void cryptd_queue_worker(struct work_struct *work); diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c -index 35d700a..dfd511f 100644 +index f6d9baf..dfd511f 100644 --- a/crypto/crypto_user.c +++ b/crypto/crypto_user.c @@ -30,6 +30,8 @@ @@ -30777,55 +31205,6 @@ index 35d700a..dfd511f 100644 static DEFINE_MUTEX(crypto_cfg_mutex); /* The crypto netlink socket */ -@@ -75,7 +77,7 @@ static int crypto_report_cipher(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_cipher rcipher; - -- snprintf(rcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "cipher"); -+ strncpy(rcipher.type, "cipher", sizeof(rcipher.type)); - - rcipher.blocksize = alg->cra_blocksize; - rcipher.min_keysize = alg->cra_cipher.cia_min_keysize; -@@ -94,8 +96,7 @@ static int crypto_report_comp(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_comp rcomp; - -- snprintf(rcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "compression"); -- -+ strncpy(rcomp.type, "compression", sizeof(rcomp.type)); - if (nla_put(skb, CRYPTOCFGA_REPORT_COMPRESS, - sizeof(struct crypto_report_comp), &rcomp)) - goto nla_put_failure; -@@ -108,12 +109,14 @@ nla_put_failure: - static int crypto_report_one(struct crypto_alg *alg, - struct crypto_user_alg *ualg, struct sk_buff *skb) - { -- memcpy(&ualg->cru_name, &alg->cra_name, sizeof(ualg->cru_name)); -- memcpy(&ualg->cru_driver_name, &alg->cra_driver_name, -- sizeof(ualg->cru_driver_name)); -- memcpy(&ualg->cru_module_name, module_name(alg->cra_module), -- CRYPTO_MAX_ALG_NAME); -+ strncpy(ualg->cru_name, alg->cra_name, sizeof(ualg->cru_name)); -+ strncpy(ualg->cru_driver_name, alg->cra_driver_name, -+ sizeof(ualg->cru_driver_name)); -+ strncpy(ualg->cru_module_name, module_name(alg->cra_module), -+ sizeof(ualg->cru_module_name)); - -+ ualg->cru_type = 0; -+ ualg->cru_mask = 0; - ualg->cru_flags = alg->cra_flags; - ualg->cru_refcnt = atomic_read(&alg->cra_refcnt); - -@@ -122,8 +125,7 @@ static int crypto_report_one(struct crypto_alg *alg, - if (alg->cra_flags & CRYPTO_ALG_LARVAL) { - struct crypto_report_larval rl; - -- snprintf(rl.type, CRYPTO_MAX_ALG_NAME, "%s", "larval"); -- -+ strncpy(rl.type, "larval", sizeof(rl.type)); - if (nla_put(skb, CRYPTOCFGA_REPORT_LARVAL, - sizeof(struct crypto_report_larval), &rl)) - goto nla_put_failure; @@ -196,7 +198,10 @@ static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, struct crypto_dump_info info; int err; @@ -30868,47 +31247,19 @@ index 35d700a..dfd511f 100644 if (strlen(p->cru_driver_name)) exact = 1; -diff --git a/crypto/pcompress.c b/crypto/pcompress.c -index 04e083f..7140fe7 100644 ---- a/crypto/pcompress.c -+++ b/crypto/pcompress.c -@@ -53,8 +53,7 @@ static int crypto_pcomp_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_comp rpcomp; - -- snprintf(rpcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "pcomp"); -- -+ strncpy(rpcomp.type, "pcomp", sizeof(rpcomp.type)); - if (nla_put(skb, CRYPTOCFGA_REPORT_COMPRESS, - sizeof(struct crypto_report_comp), &rpcomp)) - goto nla_put_failure; -diff --git a/crypto/rng.c b/crypto/rng.c -index f3b7894..e0a25c2 100644 ---- a/crypto/rng.c -+++ b/crypto/rng.c -@@ -65,7 +65,7 @@ static int crypto_rng_report(struct sk_buff *skb, struct crypto_alg *alg) - { - struct crypto_report_rng rrng; - -- snprintf(rrng.type, CRYPTO_MAX_ALG_NAME, "%s", "rng"); -+ strncpy(rrng.type, "rng", sizeof(rrng.type)); - - rrng.seedsize = alg->cra_rng.seedsize; - -diff --git a/crypto/shash.c b/crypto/shash.c -index f426330f..929058a 100644 ---- a/crypto/shash.c -+++ b/crypto/shash.c -@@ -530,7 +530,8 @@ static int crypto_shash_report(struct sk_buff *skb, struct crypto_alg *alg) - struct crypto_report_hash rhash; - struct shash_alg *salg = __crypto_shash_alg(alg); - -- snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "shash"); -+ strncpy(rhash.type, "shash", sizeof(rhash.type)); -+ - rhash.blocksize = alg->cra_blocksize; - rhash.digestsize = salg->digestsize; +diff --git a/drivers/acpi/apei/apei-internal.h b/drivers/acpi/apei/apei-internal.h +index f220d64..d359ad6 100644 +--- a/drivers/acpi/apei/apei-internal.h ++++ b/drivers/acpi/apei/apei-internal.h +@@ -20,7 +20,7 @@ typedef int (*apei_exec_ins_func_t)(struct apei_exec_context *ctx, + struct apei_exec_ins_type { + u32 flags; + apei_exec_ins_func_t run; +-}; ++} __do_const; + struct apei_exec_context { + u32 ip; diff --git a/drivers/acpi/apei/cper.c b/drivers/acpi/apei/cper.c index e6defd8..c26a225 100644 --- a/drivers/acpi/apei/cper.c @@ -30930,6 +31281,45 @@ index e6defd8..c26a225 100644 } EXPORT_SYMBOL_GPL(cper_next_record_id); +diff --git a/drivers/acpi/bgrt.c b/drivers/acpi/bgrt.c +index be60399..778b33e8 100644 +--- a/drivers/acpi/bgrt.c ++++ b/drivers/acpi/bgrt.c +@@ -87,8 +87,10 @@ static int __init bgrt_init(void) + return -ENODEV; + + sysfs_bin_attr_init(&image_attr); +- image_attr.private = bgrt_image; +- image_attr.size = bgrt_image_size; ++ pax_open_kernel(); ++ *(void **)&image_attr.private = bgrt_image; ++ *(size_t *)&image_attr.size = bgrt_image_size; ++ pax_close_kernel(); + + bgrt_kobj = kobject_create_and_add("bgrt", acpi_kobj); + if (!bgrt_kobj) +diff --git a/drivers/acpi/blacklist.c b/drivers/acpi/blacklist.c +index cb96296..b81293b 100644 +--- a/drivers/acpi/blacklist.c ++++ b/drivers/acpi/blacklist.c +@@ -52,7 +52,7 @@ struct acpi_blacklist_item { + u32 is_critical_error; + }; + +-static struct dmi_system_id acpi_osi_dmi_table[] __initdata; ++static const struct dmi_system_id acpi_osi_dmi_table[] __initconst; + + /* + * POLICY: If *anything* doesn't work, put it on the blacklist. +@@ -193,7 +193,7 @@ static int __init dmi_disable_osi_win7(const struct dmi_system_id *d) + return 0; + } + +-static struct dmi_system_id acpi_osi_dmi_table[] __initdata = { ++static const struct dmi_system_id acpi_osi_dmi_table[] __initconst = { + { + .callback = dmi_disable_osi_vista, + .ident = "Fujitsu Siemens", diff --git a/drivers/acpi/ec_sys.c b/drivers/acpi/ec_sys.c index 7586544..636a2f0 100644 --- a/drivers/acpi/ec_sys.c @@ -30996,6 +31386,37 @@ index e83311b..142b5cc 100644 /* * Buggy BIOS check +diff --git a/drivers/acpi/processor_idle.c b/drivers/acpi/processor_idle.c +index ed9a1cc..f4a354c 100644 +--- a/drivers/acpi/processor_idle.c ++++ b/drivers/acpi/processor_idle.c +@@ -1005,7 +1005,7 @@ static int acpi_processor_setup_cpuidle_states(struct acpi_processor *pr) + { + int i, count = CPUIDLE_DRIVER_STATE_START; + struct acpi_processor_cx *cx; +- struct cpuidle_state *state; ++ cpuidle_state_no_const *state; + struct cpuidle_driver *drv = &acpi_idle_driver; + + if (!pr->flags.power_setup_done) +diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c +index ea61ca9..3fdd70d 100644 +--- a/drivers/acpi/sysfs.c ++++ b/drivers/acpi/sysfs.c +@@ -420,11 +420,11 @@ static u32 num_counters; + static struct attribute **all_attrs; + static u32 acpi_gpe_count; + +-static struct attribute_group interrupt_stats_attr_group = { ++static attribute_group_no_const interrupt_stats_attr_group = { + .name = "interrupts", + }; + +-static struct kobj_attribute *counter_attrs; ++static kobj_attribute_no_const *counter_attrs; + + static void delete_gpe_attr_array(void) + { diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c index 46cd3f4..0871ad0 100644 --- a/drivers/ata/libata-core.c @@ -32048,6 +32469,28 @@ index 969c3c2..9b72956 100644 wake_up(&zatm_vcc->tx_wait); } +diff --git a/drivers/base/bus.c b/drivers/base/bus.c +index 6856303..0602d70 100644 +--- a/drivers/base/bus.c ++++ b/drivers/base/bus.c +@@ -1163,7 +1163,7 @@ int subsys_interface_register(struct subsys_interface *sif) + return -EINVAL; + + mutex_lock(&subsys->p->mutex); +- list_add_tail(&sif->node, &subsys->p->interfaces); ++ pax_list_add_tail((struct list_head *)&sif->node, &subsys->p->interfaces); + if (sif->add_dev) { + subsys_dev_iter_init(&iter, subsys, NULL, NULL); + while ((dev = subsys_dev_iter_next(&iter))) +@@ -1188,7 +1188,7 @@ void subsys_interface_unregister(struct subsys_interface *sif) + subsys = sif->subsys; + + mutex_lock(&subsys->p->mutex); +- list_del_init(&sif->node); ++ pax_list_del_init((struct list_head *)&sif->node); + if (sif->remove_dev) { + subsys_dev_iter_init(&iter, subsys, NULL, NULL); + while ((dev = subsys_dev_iter_next(&iter))) diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c index 17cf7ca..7e553e1 100644 --- a/drivers/base/devtmpfs.c @@ -32061,6 +32504,41 @@ index 17cf7ca..7e553e1 100644 if (err) printk(KERN_INFO "devtmpfs: error mounting %i\n", err); else +diff --git a/drivers/base/node.c b/drivers/base/node.c +index fac124a..66bd4ab 100644 +--- a/drivers/base/node.c ++++ b/drivers/base/node.c +@@ -625,7 +625,7 @@ static ssize_t print_nodes_state(enum node_states state, char *buf) + struct node_attr { + struct device_attribute attr; + enum node_states state; +-}; ++} __do_const; + + static ssize_t show_node_state(struct device *dev, + struct device_attribute *attr, char *buf) +diff --git a/drivers/base/power/domain.c b/drivers/base/power/domain.c +index acc3a8d..981c236 100644 +--- a/drivers/base/power/domain.c ++++ b/drivers/base/power/domain.c +@@ -1851,7 +1851,7 @@ int pm_genpd_attach_cpuidle(struct generic_pm_domain *genpd, int state) + { + struct cpuidle_driver *cpuidle_drv; + struct gpd_cpu_data *cpu_data; +- struct cpuidle_state *idle_state; ++ cpuidle_state_no_const *idle_state; + int ret = 0; + + if (IS_ERR_OR_NULL(genpd) || state < 0) +@@ -1919,7 +1919,7 @@ int pm_genpd_name_attach_cpuidle(const char *name, int state) + int pm_genpd_detach_cpuidle(struct generic_pm_domain *genpd) + { + struct gpd_cpu_data *cpu_data; +- struct cpuidle_state *idle_state; ++ cpuidle_state_no_const *idle_state; + int ret = 0; + + if (IS_ERR_OR_NULL(genpd)) diff --git a/drivers/base/power/wakeup.c b/drivers/base/power/wakeup.c index e6ee5e8..98ad7fc 100644 --- a/drivers/base/power/wakeup.c @@ -32100,6 +32578,28 @@ index e6ee5e8..98ad7fc 100644 trace_wakeup_source_deactivate(ws->name, cec); split_counters(&cnt, &inpr); +diff --git a/drivers/base/syscore.c b/drivers/base/syscore.c +index e8d11b6..7b1b36f 100644 +--- a/drivers/base/syscore.c ++++ b/drivers/base/syscore.c +@@ -21,7 +21,7 @@ static DEFINE_MUTEX(syscore_ops_lock); + void register_syscore_ops(struct syscore_ops *ops) + { + mutex_lock(&syscore_ops_lock); +- list_add_tail(&ops->node, &syscore_ops_list); ++ pax_list_add_tail((struct list_head *)&ops->node, &syscore_ops_list); + mutex_unlock(&syscore_ops_lock); + } + EXPORT_SYMBOL_GPL(register_syscore_ops); +@@ -33,7 +33,7 @@ EXPORT_SYMBOL_GPL(register_syscore_ops); + void unregister_syscore_ops(struct syscore_ops *ops) + { + mutex_lock(&syscore_ops_lock); +- list_del(&ops->node); ++ pax_list_del((struct list_head *)&ops->node); + mutex_unlock(&syscore_ops_lock); + } + EXPORT_SYMBOL_GPL(unregister_syscore_ops); diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c index ade58bc..867143d 100644 --- a/drivers/block/cciss.c @@ -32438,7 +32938,7 @@ index 8c13eeb..217adee 100644 idr_destroy(&tconn->volumes); diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c -index a9eccfc..68e4533 100644 +index a9eccfc..f5efe87 100644 --- a/drivers/block/drbd/drbd_receiver.c +++ b/drivers/block/drbd/drbd_receiver.c @@ -833,7 +833,7 @@ int drbd_connected(struct drbd_conf *mdev) @@ -32509,6 +33009,15 @@ index a9eccfc..68e4533 100644 atomic_inc(&peer_req->epoch->active); spin_unlock(&tconn->epoch_lock); +@@ -4346,7 +4346,7 @@ struct data_cmd { + int expect_payload; + size_t pkt_size; + int (*fn)(struct drbd_tconn *, struct packet_info *); +-}; ++} __do_const; + + static struct data_cmd drbd_cmd_handler[] = { + [P_DATA] = { 1, sizeof(struct p_data), receive_Data }, @@ -4466,7 +4466,7 @@ static void conn_disconnect(struct drbd_tconn *tconn) if (!list_empty(&tconn->current_epoch->list)) conn_err(tconn, "ASSERTION FAILED: tconn->current_epoch->list not empty\n"); @@ -32518,6 +33027,15 @@ index a9eccfc..68e4533 100644 tconn->send.seen_any_write_yet = false; conn_info(tconn, "Connection closed\n"); +@@ -5222,7 +5222,7 @@ static int tconn_finish_peer_reqs(struct drbd_tconn *tconn) + struct asender_cmd { + size_t pkt_size; + int (*fn)(struct drbd_tconn *tconn, struct packet_info *); +-}; ++} __do_const; + + static struct asender_cmd asender_tbl[] = { + [P_PING] = { 0, got_Ping }, diff --git a/drivers/block/loop.c b/drivers/block/loop.c index ae12512..37fa397 100644 --- a/drivers/block/loop.c @@ -32930,7 +33448,7 @@ index b66eaa0..2619d1b 100644 if (cmd != SIOCWANDEV) diff --git a/drivers/char/random.c b/drivers/char/random.c -index 85e81ec..bce8b97 100644 +index 57d4b15..253207b 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -272,8 +272,13 @@ @@ -32976,7 +33494,7 @@ index 85e81ec..bce8b97 100644 smp_wmb(); if (out) -@@ -1020,7 +1032,7 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, +@@ -1024,7 +1036,7 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, extract_buf(r, tmp); i = min_t(int, nbytes, EXTRACT_SIZE); @@ -32985,7 +33503,7 @@ index 85e81ec..bce8b97 100644 ret = -EFAULT; break; } -@@ -1356,7 +1368,7 @@ EXPORT_SYMBOL(generate_random_uuid); +@@ -1360,7 +1372,7 @@ EXPORT_SYMBOL(generate_random_uuid); #include static int min_read_thresh = 8, min_write_thresh; @@ -32994,6 +33512,15 @@ index 85e81ec..bce8b97 100644 static int max_write_thresh = INPUT_POOL_WORDS * 32; static char sysctl_bootid[16]; +@@ -1376,7 +1388,7 @@ static char sysctl_bootid[16]; + static int proc_do_uuid(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- ctl_table fake_table; ++ ctl_table_no_const fake_table; + unsigned char buf[64], tmp_uuid[16], *uuid; + + uuid = table->data; diff --git a/drivers/char/sonypi.c b/drivers/char/sonypi.c index d780295..b29f3a8 100644 --- a/drivers/char/sonypi.c @@ -33134,8 +33661,60 @@ index 8ae1a61..9c00613 100644 .notifier_call = arch_timer_cpu_notify, }; +diff --git a/drivers/cpufreq/acpi-cpufreq.c b/drivers/cpufreq/acpi-cpufreq.c +index 7b0d49d..134fac9 100644 +--- a/drivers/cpufreq/acpi-cpufreq.c ++++ b/drivers/cpufreq/acpi-cpufreq.c +@@ -172,7 +172,7 @@ static ssize_t show_global_boost(struct kobject *kobj, + return sprintf(buf, "%u\n", boost_enabled); + } + +-static struct global_attr global_boost = __ATTR(boost, 0644, ++static global_attr_no_const global_boost = __ATTR(boost, 0644, + show_global_boost, + store_global_boost); + +@@ -712,8 +712,11 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) + data->acpi_data = per_cpu_ptr(acpi_perf_data, cpu); + per_cpu(acfreq_data, cpu) = data; + +- if (cpu_has(c, X86_FEATURE_CONSTANT_TSC)) +- acpi_cpufreq_driver.flags |= CPUFREQ_CONST_LOOPS; ++ if (cpu_has(c, X86_FEATURE_CONSTANT_TSC)) { ++ pax_open_kernel(); ++ *(u8 *)&acpi_cpufreq_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); ++ } + + result = acpi_processor_register_performance(data->acpi_data, cpu); + if (result) +@@ -835,7 +838,9 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) + policy->cur = acpi_cpufreq_guess_freq(data, policy->cpu); + break; + case ACPI_ADR_SPACE_FIXED_HARDWARE: +- acpi_cpufreq_driver.get = get_cur_freq_on_cpu; ++ pax_open_kernel(); ++ *(void **)&acpi_cpufreq_driver.get = get_cur_freq_on_cpu; ++ pax_close_kernel(); + policy->cur = get_cur_freq_on_cpu(cpu); + break; + default: +@@ -846,8 +851,11 @@ static int acpi_cpufreq_cpu_init(struct cpufreq_policy *policy) + acpi_processor_notify_smm(THIS_MODULE); + + /* Check for APERF/MPERF support in hardware */ +- if (boot_cpu_has(X86_FEATURE_APERFMPERF)) +- acpi_cpufreq_driver.getavg = cpufreq_get_measured_perf; ++ if (boot_cpu_has(X86_FEATURE_APERFMPERF)) { ++ pax_open_kernel(); ++ *(void **)&acpi_cpufreq_driver.getavg = cpufreq_get_measured_perf; ++ pax_close_kernel(); ++ } + + pr_debug("CPU%u - ACPI performance management activated.\n", cpu); + for (i = 0; i < perf->state_count; i++) diff --git a/drivers/cpufreq/cpufreq.c b/drivers/cpufreq/cpufreq.c -index 1f93dbd..edf95ff 100644 +index 1f93dbd..305cef1 100644 --- a/drivers/cpufreq/cpufreq.c +++ b/drivers/cpufreq/cpufreq.c @@ -1843,7 +1843,7 @@ static int __cpuinit cpufreq_cpu_callback(struct notifier_block *nfb, @@ -33147,6 +33726,73 @@ index 1f93dbd..edf95ff 100644 .notifier_call = cpufreq_cpu_callback, }; +@@ -1875,8 +1875,11 @@ int cpufreq_register_driver(struct cpufreq_driver *driver_data) + + pr_debug("trying to register driver %s\n", driver_data->name); + +- if (driver_data->setpolicy) +- driver_data->flags |= CPUFREQ_CONST_LOOPS; ++ if (driver_data->setpolicy) { ++ pax_open_kernel(); ++ *(u8 *)&driver_data->flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); ++ } + + spin_lock_irqsave(&cpufreq_driver_lock, flags); + if (cpufreq_driver) { +diff --git a/drivers/cpufreq/cpufreq_governor.c b/drivers/cpufreq/cpufreq_governor.c +index 6c5f1d3..c7e2f35e 100644 +--- a/drivers/cpufreq/cpufreq_governor.c ++++ b/drivers/cpufreq/cpufreq_governor.c +@@ -243,7 +243,7 @@ int cpufreq_governor_dbs(struct dbs_data *dbs_data, + * governor, thus we are bound to jiffes/HZ + */ + if (dbs_data->governor == GOV_CONSERVATIVE) { +- struct cs_ops *ops = dbs_data->gov_ops; ++ const struct cs_ops *ops = dbs_data->gov_ops; + + cpufreq_register_notifier(ops->notifier_block, + CPUFREQ_TRANSITION_NOTIFIER); +@@ -251,7 +251,7 @@ int cpufreq_governor_dbs(struct dbs_data *dbs_data, + dbs_data->min_sampling_rate = MIN_SAMPLING_RATE_RATIO * + jiffies_to_usecs(10); + } else { +- struct od_ops *ops = dbs_data->gov_ops; ++ const struct od_ops *ops = dbs_data->gov_ops; + + od_tuners->io_is_busy = ops->io_busy(); + } +@@ -268,7 +268,7 @@ second_time: + cs_dbs_info->enable = 1; + cs_dbs_info->requested_freq = policy->cur; + } else { +- struct od_ops *ops = dbs_data->gov_ops; ++ const struct od_ops *ops = dbs_data->gov_ops; + od_dbs_info->rate_mult = 1; + od_dbs_info->sample_type = OD_NORMAL_SAMPLE; + ops->powersave_bias_init_cpu(cpu); +@@ -289,7 +289,7 @@ second_time: + mutex_destroy(&cpu_cdbs->timer_mutex); + dbs_data->enable--; + if (!dbs_data->enable) { +- struct cs_ops *ops = dbs_data->gov_ops; ++ const struct cs_ops *ops = dbs_data->gov_ops; + + sysfs_remove_group(cpufreq_global_kobject, + dbs_data->attr_group); +diff --git a/drivers/cpufreq/cpufreq_governor.h b/drivers/cpufreq/cpufreq_governor.h +index f661654..6c8e638 100644 +--- a/drivers/cpufreq/cpufreq_governor.h ++++ b/drivers/cpufreq/cpufreq_governor.h +@@ -142,7 +142,7 @@ struct dbs_data { + void (*gov_check_cpu)(int cpu, unsigned int load); + + /* Governor specific ops, see below */ +- void *gov_ops; ++ const void *gov_ops; + }; + + /* Governor specific ops, will be passed to dbs_data->gov_ops */ diff --git a/drivers/cpufreq/cpufreq_stats.c b/drivers/cpufreq/cpufreq_stats.c index 9d7732b..0b1a793 100644 --- a/drivers/cpufreq/cpufreq_stats.c @@ -33160,6 +33806,126 @@ index 9d7732b..0b1a793 100644 .notifier_call = cpufreq_stat_cpu_callback, .priority = 1, }; +diff --git a/drivers/cpufreq/p4-clockmod.c b/drivers/cpufreq/p4-clockmod.c +index 827629c9..0bc6a03 100644 +--- a/drivers/cpufreq/p4-clockmod.c ++++ b/drivers/cpufreq/p4-clockmod.c +@@ -167,10 +167,14 @@ static unsigned int cpufreq_p4_get_frequency(struct cpuinfo_x86 *c) + case 0x0F: /* Core Duo */ + case 0x16: /* Celeron Core */ + case 0x1C: /* Atom */ +- p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_open_kernel(); ++ *(u8 *)&p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); + return speedstep_get_frequency(SPEEDSTEP_CPU_PCORE); + case 0x0D: /* Pentium M (Dothan) */ +- p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_open_kernel(); ++ *(u8 *)&p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); + /* fall through */ + case 0x09: /* Pentium M (Banias) */ + return speedstep_get_frequency(SPEEDSTEP_CPU_PM); +@@ -182,7 +186,9 @@ static unsigned int cpufreq_p4_get_frequency(struct cpuinfo_x86 *c) + + /* on P-4s, the TSC runs with constant frequency independent whether + * throttling is active or not. */ +- p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_open_kernel(); ++ *(u8 *)&p4clockmod_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); + + if (speedstep_detect_processor() == SPEEDSTEP_CPU_P4M) { + printk(KERN_WARNING PFX "Warning: Pentium 4-M detected. " +diff --git a/drivers/cpufreq/speedstep-centrino.c b/drivers/cpufreq/speedstep-centrino.c +index 3a953d5..f5993f6 100644 +--- a/drivers/cpufreq/speedstep-centrino.c ++++ b/drivers/cpufreq/speedstep-centrino.c +@@ -353,8 +353,11 @@ static int centrino_cpu_init(struct cpufreq_policy *policy) + !cpu_has(cpu, X86_FEATURE_EST)) + return -ENODEV; + +- if (cpu_has(cpu, X86_FEATURE_CONSTANT_TSC)) +- centrino_driver.flags |= CPUFREQ_CONST_LOOPS; ++ if (cpu_has(cpu, X86_FEATURE_CONSTANT_TSC)) { ++ pax_open_kernel(); ++ *(u8 *)¢rino_driver.flags |= CPUFREQ_CONST_LOOPS; ++ pax_close_kernel(); ++ } + + if (policy->cpu != 0) + return -ENODEV; +diff --git a/drivers/cpuidle/cpuidle.c b/drivers/cpuidle/cpuidle.c +index e1f6860..f8de20b 100644 +--- a/drivers/cpuidle/cpuidle.c ++++ b/drivers/cpuidle/cpuidle.c +@@ -279,7 +279,7 @@ static int poll_idle(struct cpuidle_device *dev, + + static void poll_idle_init(struct cpuidle_driver *drv) + { +- struct cpuidle_state *state = &drv->states[0]; ++ cpuidle_state_no_const *state = &drv->states[0]; + + snprintf(state->name, CPUIDLE_NAME_LEN, "POLL"); + snprintf(state->desc, CPUIDLE_DESC_LEN, "CPUIDLE CORE POLL IDLE"); +diff --git a/drivers/cpuidle/governor.c b/drivers/cpuidle/governor.c +index ea2f8e7..70ac501 100644 +--- a/drivers/cpuidle/governor.c ++++ b/drivers/cpuidle/governor.c +@@ -87,7 +87,7 @@ int cpuidle_register_governor(struct cpuidle_governor *gov) + mutex_lock(&cpuidle_lock); + if (__cpuidle_find_governor(gov->name) == NULL) { + ret = 0; +- list_add_tail(&gov->governor_list, &cpuidle_governors); ++ pax_list_add_tail((struct list_head *)&gov->governor_list, &cpuidle_governors); + if (!cpuidle_curr_governor || + cpuidle_curr_governor->rating < gov->rating) + cpuidle_switch_governor(gov); +@@ -135,7 +135,7 @@ void cpuidle_unregister_governor(struct cpuidle_governor *gov) + new_gov = cpuidle_replace_governor(gov->rating); + cpuidle_switch_governor(new_gov); + } +- list_del(&gov->governor_list); ++ pax_list_del((struct list_head *)&gov->governor_list); + mutex_unlock(&cpuidle_lock); + } + +diff --git a/drivers/cpuidle/sysfs.c b/drivers/cpuidle/sysfs.c +index 428754a..8bdf9cc 100644 +--- a/drivers/cpuidle/sysfs.c ++++ b/drivers/cpuidle/sysfs.c +@@ -131,7 +131,7 @@ static struct attribute *cpuidle_switch_attrs[] = { + NULL + }; + +-static struct attribute_group cpuidle_attr_group = { ++static attribute_group_no_const cpuidle_attr_group = { + .attrs = cpuidle_default_attrs, + .name = "cpuidle", + }; +diff --git a/drivers/devfreq/devfreq.c b/drivers/devfreq/devfreq.c +index 3b36797..289c16a 100644 +--- a/drivers/devfreq/devfreq.c ++++ b/drivers/devfreq/devfreq.c +@@ -588,7 +588,7 @@ int devfreq_add_governor(struct devfreq_governor *governor) + goto err_out; + } + +- list_add(&governor->node, &devfreq_governor_list); ++ pax_list_add((struct list_head *)&governor->node, &devfreq_governor_list); + + list_for_each_entry(devfreq, &devfreq_list, node) { + int ret = 0; +@@ -676,7 +676,7 @@ int devfreq_remove_governor(struct devfreq_governor *governor) + } + } + +- list_del(&governor->node); ++ pax_list_del((struct list_head *)&governor->node); + err_out: + mutex_unlock(&devfreq_list_lock); + diff --git a/drivers/dma/sh/shdma.c b/drivers/dma/sh/shdma.c index b70709b..1d8d02a 100644 --- a/drivers/dma/sh/shdma.c @@ -33173,8 +33939,21 @@ index b70709b..1d8d02a 100644 .notifier_call = sh_dmae_nmi_handler, /* Run before NMI debug handler and KGDB */ +diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c +index 0ca1ca7..6e6f454 100644 +--- a/drivers/edac/edac_mc_sysfs.c ++++ b/drivers/edac/edac_mc_sysfs.c +@@ -148,7 +148,7 @@ static const char *edac_caps[] = { + struct dev_ch_attribute { + struct device_attribute attr; + int channel; +-}; ++} __do_const; + + #define DEVICE_CHANNEL(_name, _mode, _show, _store, _var) \ + struct dev_ch_attribute dev_attr_legacy_##_name = \ diff --git a/drivers/edac/edac_pci_sysfs.c b/drivers/edac/edac_pci_sysfs.c -index 0056c4d..725934f 100644 +index 0056c4d..23b54d9 100644 --- a/drivers/edac/edac_pci_sysfs.c +++ b/drivers/edac/edac_pci_sysfs.c @@ -26,8 +26,8 @@ static int edac_pci_log_pe = 1; /* log PCI parity errors */ @@ -33188,6 +33967,15 @@ index 0056c4d..725934f 100644 static struct kobject *edac_pci_top_main_kobj; static atomic_t edac_pci_sysfs_refcount = ATOMIC_INIT(0); +@@ -235,7 +235,7 @@ struct edac_pci_dev_attribute { + void *value; + ssize_t(*show) (void *, char *); + ssize_t(*store) (void *, const char *, size_t); +-}; ++} __do_const; + + /* Set of show/store abstract level functions for PCI Parity object */ + static ssize_t edac_pci_dev_show(struct kobject *kobj, struct attribute *attr, @@ -579,7 +579,7 @@ static void edac_pci_dev_parity_test(struct pci_dev *dev) edac_printk(KERN_CRIT, EDAC_PCI, "Signaled System Error on %s\n", @@ -33300,6 +34088,19 @@ index f8d2287..5aaf4db 100644 return -EINVAL; r = kmalloc(sizeof(*r), GFP_KERNEL); +diff --git a/drivers/firewire/core-device.c b/drivers/firewire/core-device.c +index af3e8aa..eb2f227 100644 +--- a/drivers/firewire/core-device.c ++++ b/drivers/firewire/core-device.c +@@ -232,7 +232,7 @@ EXPORT_SYMBOL(fw_device_enable_phys_dma); + struct config_rom_attribute { + struct device_attribute attr; + u32 key; +-}; ++} __do_const; + + static ssize_t show_immediate(struct device *dev, + struct device_attribute *dattr, char *buf) diff --git a/drivers/firewire/core-transaction.c b/drivers/firewire/core-transaction.c index 28a94c7..58da63a 100644 --- a/drivers/firewire/core-transaction.c @@ -33324,11 +34125,24 @@ index 515a42c..5ecf3ba 100644 void fw_card_initialize(struct fw_card *card, const struct fw_card_driver *driver, struct device *device); +diff --git a/drivers/firmware/dmi-id.c b/drivers/firmware/dmi-id.c +index 94a58a0..f5eba42 100644 +--- a/drivers/firmware/dmi-id.c ++++ b/drivers/firmware/dmi-id.c +@@ -16,7 +16,7 @@ + struct dmi_device_attribute{ + struct device_attribute dev_attr; + int field; +-}; ++} __do_const; + #define to_dmi_dev_attr(_dev_attr) \ + container_of(_dev_attr, struct dmi_device_attribute, dev_attr) + diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c -index 982f1f5..d21e5da 100644 +index 4cd392d..4b629e1 100644 --- a/drivers/firmware/dmi_scan.c +++ b/drivers/firmware/dmi_scan.c -@@ -491,11 +491,6 @@ void __init dmi_scan_machine(void) +@@ -490,11 +490,6 @@ void __init dmi_scan_machine(void) } } else { @@ -33340,7 +34154,7 @@ index 982f1f5..d21e5da 100644 p = dmi_ioremap(0xF0000, 0x10000); if (p == NULL) goto error; -@@ -770,7 +765,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), +@@ -769,7 +764,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), if (buf == NULL) return -1; @@ -33350,7 +34164,7 @@ index 982f1f5..d21e5da 100644 iounmap(buf); return 0; diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c -index bcb201c..f9782e5 100644 +index 2a2e145..73745e79 100644 --- a/drivers/firmware/efivars.c +++ b/drivers/firmware/efivars.c @@ -133,7 +133,7 @@ struct efivar_attribute { @@ -33362,6 +34176,43 @@ index bcb201c..f9782e5 100644 #define PSTORE_EFI_ATTRIBUTES \ (EFI_VARIABLE_NON_VOLATILE | \ +@@ -1798,7 +1798,7 @@ efivar_create_sysfs_entry(struct efivars *efivars, + static int + create_efivars_bin_attributes(struct efivars *efivars) + { +- struct bin_attribute *attr; ++ bin_attribute_no_const *attr; + int error; + + /* new_var */ +diff --git a/drivers/firmware/google/memconsole.c b/drivers/firmware/google/memconsole.c +index 2a90ba6..07f3733 100644 +--- a/drivers/firmware/google/memconsole.c ++++ b/drivers/firmware/google/memconsole.c +@@ -147,7 +147,9 @@ static int __init memconsole_init(void) + if (!found_memconsole()) + return -ENODEV; + +- memconsole_bin_attr.size = memconsole_length; ++ pax_open_kernel(); ++ *(size_t *)&memconsole_bin_attr.size = memconsole_length; ++ pax_close_kernel(); + + ret = sysfs_create_bin_file(firmware_kobj, &memconsole_bin_attr); + +diff --git a/drivers/gpio/gpio-ich.c b/drivers/gpio/gpio-ich.c +index 6f2306d..af9476a 100644 +--- a/drivers/gpio/gpio-ich.c ++++ b/drivers/gpio/gpio-ich.c +@@ -69,7 +69,7 @@ struct ichx_desc { + /* Some chipsets have quirks, let these use their own request/get */ + int (*request)(struct gpio_chip *chip, unsigned offset); + int (*get)(struct gpio_chip *chip, unsigned offset); +-}; ++} __do_const; + + static struct { + spinlock_t lock; diff --git a/drivers/gpio/gpio-vr41xx.c b/drivers/gpio/gpio-vr41xx.c index 9902732..64b62dd 100644 --- a/drivers/gpio/gpio-vr41xx.c @@ -33389,7 +34240,7 @@ index 7b2d378..cc947ea 100644 dev = crtc->dev; diff --git a/drivers/gpu/drm/drm_drv.c b/drivers/gpu/drm/drm_drv.c -index be174ca..0bcbb71 100644 +index be174ca..7f38143 100644 --- a/drivers/gpu/drm/drm_drv.c +++ b/drivers/gpu/drm/drm_drv.c @@ -307,7 +307,7 @@ module_exit(drm_core_exit); @@ -33401,6 +34252,15 @@ index be174ca..0bcbb71 100644 { int len; +@@ -377,7 +377,7 @@ long drm_ioctl(struct file *filp, + struct drm_file *file_priv = filp->private_data; + struct drm_device *dev; + struct drm_ioctl_desc *ioctl; +- drm_ioctl_t *func; ++ drm_ioctl_no_const_t func; + unsigned int nr = DRM_IOCTL_NR(cmd); + int retcode = -EINVAL; + char stack_kdata[128]; @@ -390,7 +390,7 @@ long drm_ioctl(struct file *filp, return -ENODEV; @@ -33589,7 +34449,7 @@ index d4b20ce..77a8d41 100644 #if defined(__i386__) pgprot = pgprot_val(vma->vm_page_prot); diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c -index 2f4c434..764794b 100644 +index 2f4c434..dd12cd2 100644 --- a/drivers/gpu/drm/drm_ioc32.c +++ b/drivers/gpu/drm/drm_ioc32.c @@ -457,7 +457,7 @@ static int compat_drm_infobufs(struct file *file, unsigned int cmd, @@ -33610,6 +34470,36 @@ index 2f4c434..764794b 100644 if (__put_user(count, &request->count) || __put_user(list, &request->list)) +@@ -1016,7 +1016,7 @@ static int compat_drm_wait_vblank(struct file *file, unsigned int cmd, + return 0; + } + +-drm_ioctl_compat_t *drm_compat_ioctls[] = { ++drm_ioctl_compat_t drm_compat_ioctls[] = { + [DRM_IOCTL_NR(DRM_IOCTL_VERSION32)] = compat_drm_version, + [DRM_IOCTL_NR(DRM_IOCTL_GET_UNIQUE32)] = compat_drm_getunique, + [DRM_IOCTL_NR(DRM_IOCTL_GET_MAP32)] = compat_drm_getmap, +@@ -1062,7 +1062,6 @@ drm_ioctl_compat_t *drm_compat_ioctls[] = { + long drm_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn; + int ret; + + /* Assume that ioctls without an explicit compat routine will just +@@ -1072,10 +1071,8 @@ long drm_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + if (nr >= ARRAY_SIZE(drm_compat_ioctls)) + return drm_ioctl(filp, cmd, arg); + +- fn = drm_compat_ioctls[nr]; +- +- if (fn != NULL) +- ret = (*fn) (filp, cmd, arg); ++ if (drm_compat_ioctls[nr] != NULL) ++ ret = (*drm_compat_ioctls[nr]) (filp, cmd, arg); + else + ret = drm_ioctl(filp, cmd, arg); + diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index e77bd8b..1571b85 100644 --- a/drivers/gpu/drm/drm_ioctl.c @@ -33713,7 +34603,7 @@ index 8a7c48b..72effc2 100644 if (IS_GEN6(dev) || IS_GEN7(dev)) { seq_printf(m, diff --git a/drivers/gpu/drm/i915/i915_dma.c b/drivers/gpu/drm/i915/i915_dma.c -index 99daa89..84ebd44 100644 +index 5206f24..7af0a0a 100644 --- a/drivers/gpu/drm/i915/i915_dma.c +++ b/drivers/gpu/drm/i915/i915_dma.c @@ -1253,7 +1253,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) @@ -33726,7 +34616,7 @@ index 99daa89..84ebd44 100644 return can_switch; } diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h -index 7339a4b..445aaba 100644 +index 66ad64f..a865871 100644 --- a/drivers/gpu/drm/i915/i915_drv.h +++ b/drivers/gpu/drm/i915/i915_drv.h @@ -656,7 +656,7 @@ typedef struct drm_i915_private { @@ -33738,7 +34628,7 @@ index 7339a4b..445aaba 100644 /* protects the irq masks */ spinlock_t irq_lock; -@@ -1102,7 +1102,7 @@ struct drm_i915_gem_object { +@@ -1103,7 +1103,7 @@ struct drm_i915_gem_object { * will be page flipped away on the next vblank. When it * reaches 0, dev_priv->pending_flip_queue will be woken up. */ @@ -33747,7 +34637,7 @@ index 7339a4b..445aaba 100644 }; #define to_gem_object(obj) (&((struct drm_i915_gem_object *)(obj))->base) -@@ -1633,7 +1633,7 @@ extern struct i2c_adapter *intel_gmbus_get_adapter( +@@ -1634,7 +1634,7 @@ extern struct i2c_adapter *intel_gmbus_get_adapter( struct drm_i915_private *dev_priv, unsigned port); extern void intel_gmbus_set_speed(struct i2c_adapter *adapter, int speed); extern void intel_gmbus_force_bit(struct i2c_adapter *adapter, bool force_bit); @@ -33781,11 +34671,46 @@ index 26d08bb..fccb984 100644 for (i = 0; i < count; i++) { char __user *ptr = (char __user *)(uintptr_t)exec[i].relocs_ptr; +diff --git a/drivers/gpu/drm/i915/i915_ioc32.c b/drivers/gpu/drm/i915/i915_ioc32.c +index 3c59584..500f2e9 100644 +--- a/drivers/gpu/drm/i915/i915_ioc32.c ++++ b/drivers/gpu/drm/i915/i915_ioc32.c +@@ -181,7 +181,7 @@ static int compat_i915_alloc(struct file *file, unsigned int cmd, + (unsigned long)request); + } + +-static drm_ioctl_compat_t *i915_compat_ioctls[] = { ++static drm_ioctl_compat_t i915_compat_ioctls[] = { + [DRM_I915_BATCHBUFFER] = compat_i915_batchbuffer, + [DRM_I915_CMDBUFFER] = compat_i915_cmdbuffer, + [DRM_I915_GETPARAM] = compat_i915_getparam, +@@ -202,18 +202,15 @@ static drm_ioctl_compat_t *i915_compat_ioctls[] = { + long i915_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn = NULL; + int ret; + + if (nr < DRM_COMMAND_BASE) + return drm_compat_ioctl(filp, cmd, arg); + +- if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(i915_compat_ioctls)) +- fn = i915_compat_ioctls[nr - DRM_COMMAND_BASE]; +- +- if (fn != NULL) ++ if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(i915_compat_ioctls)) { ++ drm_ioctl_compat_t fn = i915_compat_ioctls[nr - DRM_COMMAND_BASE]; + ret = (*fn) (filp, cmd, arg); +- else ++ } else + ret = drm_ioctl(filp, cmd, arg); + + return ret; diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c -index fe84338..a863190 100644 +index 3c00403..5a5c6c9 100644 --- a/drivers/gpu/drm/i915/i915_irq.c +++ b/drivers/gpu/drm/i915/i915_irq.c -@@ -535,7 +535,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) +@@ -539,7 +539,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) u32 pipe_stats[I915_MAX_PIPES]; bool blc_event; @@ -33794,7 +34719,7 @@ index fe84338..a863190 100644 while (true) { iir = I915_READ(VLV_IIR); -@@ -688,7 +688,7 @@ static irqreturn_t ivybridge_irq_handler(int irq, void *arg) +@@ -692,7 +692,7 @@ static irqreturn_t ivybridge_irq_handler(int irq, void *arg) irqreturn_t ret = IRQ_NONE; int i; @@ -33803,7 +34728,7 @@ index fe84338..a863190 100644 /* disable master interrupt before clearing iir */ de_ier = I915_READ(DEIER); -@@ -760,7 +760,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) +@@ -764,7 +764,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) int ret = IRQ_NONE; u32 de_iir, gt_iir, de_ier, pch_iir, pm_iir; @@ -33812,7 +34737,7 @@ index fe84338..a863190 100644 /* disable master interrupt before clearing iir */ de_ier = I915_READ(DEIER); -@@ -1787,7 +1787,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) +@@ -1791,7 +1791,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) { drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; @@ -33821,7 +34746,7 @@ index fe84338..a863190 100644 I915_WRITE(HWSTAM, 0xeffe); -@@ -1813,7 +1813,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) +@@ -1817,7 +1817,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -33830,7 +34755,7 @@ index fe84338..a863190 100644 /* VLV magic */ I915_WRITE(VLV_IMR, 0); -@@ -2108,7 +2108,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) +@@ -2112,7 +2112,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -33839,7 +34764,7 @@ index fe84338..a863190 100644 for_each_pipe(pipe) I915_WRITE(PIPESTAT(pipe), 0); -@@ -2159,7 +2159,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) +@@ -2163,7 +2163,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT | I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; @@ -33848,7 +34773,7 @@ index fe84338..a863190 100644 iir = I915_READ16(IIR); if (iir == 0) -@@ -2244,7 +2244,7 @@ static void i915_irq_preinstall(struct drm_device * dev) +@@ -2248,7 +2248,7 @@ static void i915_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -33857,7 +34782,7 @@ index fe84338..a863190 100644 if (I915_HAS_HOTPLUG(dev)) { I915_WRITE(PORT_HOTPLUG_EN, 0); -@@ -2339,7 +2339,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) +@@ -2343,7 +2343,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) }; int pipe, ret = IRQ_NONE; @@ -33866,7 +34791,7 @@ index fe84338..a863190 100644 iir = I915_READ(IIR); do { -@@ -2465,7 +2465,7 @@ static void i965_irq_preinstall(struct drm_device * dev) +@@ -2469,7 +2469,7 @@ static void i965_irq_preinstall(struct drm_device * dev) drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; int pipe; @@ -33875,7 +34800,7 @@ index fe84338..a863190 100644 I915_WRITE(PORT_HOTPLUG_EN, 0); I915_WRITE(PORT_HOTPLUG_STAT, I915_READ(PORT_HOTPLUG_STAT)); -@@ -2572,7 +2572,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) +@@ -2576,7 +2576,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) int irq_received; int ret = IRQ_NONE, pipe; @@ -33885,7 +34810,7 @@ index fe84338..a863190 100644 iir = I915_READ(IIR); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index 80aa1fc..1ede041 100644 +index 80aa1fc..85cfce3 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c @@ -2255,7 +2255,7 @@ intel_finish_fb(struct drm_framebuffer *old_fb) @@ -33925,6 +34850,53 @@ index 80aa1fc..1ede041 100644 drm_gem_object_unreference(&work->old_fb_obj->base); drm_gem_object_unreference(&obj->base); mutex_unlock(&dev->struct_mutex); +@@ -8849,13 +8848,13 @@ struct intel_quirk { + int subsystem_vendor; + int subsystem_device; + void (*hook)(struct drm_device *dev); +-}; ++} __do_const; + + /* For systems that don't have a meaningful PCI subdevice/subvendor ID */ + struct intel_dmi_quirk { + void (*hook)(struct drm_device *dev); + const struct dmi_system_id (*dmi_id_list)[]; +-}; ++} __do_const; + + static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) + { +@@ -8863,18 +8862,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) + return 1; + } + ++static const struct dmi_system_id intel_dmi_quirks_table[] = { ++ { ++ .callback = intel_dmi_reverse_brightness, ++ .ident = "NCR Corporation", ++ .matches = {DMI_MATCH(DMI_SYS_VENDOR, "NCR Corporation"), ++ DMI_MATCH(DMI_PRODUCT_NAME, ""), ++ }, ++ }, ++ { } /* terminating entry */ ++}; ++ + static const struct intel_dmi_quirk intel_dmi_quirks[] = { + { +- .dmi_id_list = &(const struct dmi_system_id[]) { +- { +- .callback = intel_dmi_reverse_brightness, +- .ident = "NCR Corporation", +- .matches = {DMI_MATCH(DMI_SYS_VENDOR, "NCR Corporation"), +- DMI_MATCH(DMI_PRODUCT_NAME, ""), +- }, +- }, +- { } /* terminating entry */ +- }, ++ .dmi_id_list = &intel_dmi_quirks_table, + .hook = quirk_invert_brightness, + }, + }; diff --git a/drivers/gpu/drm/mga/mga_drv.h b/drivers/gpu/drm/mga/mga_drv.h index 54558a0..2d97005 100644 --- a/drivers/gpu/drm/mga/mga_drv.h @@ -33941,6 +34913,41 @@ index 54558a0..2d97005 100644 u32 next_fence_to_post; unsigned int fb_cpp; +diff --git a/drivers/gpu/drm/mga/mga_ioc32.c b/drivers/gpu/drm/mga/mga_ioc32.c +index 709e90d..89a1c0d 100644 +--- a/drivers/gpu/drm/mga/mga_ioc32.c ++++ b/drivers/gpu/drm/mga/mga_ioc32.c +@@ -189,7 +189,7 @@ static int compat_mga_dma_bootstrap(struct file *file, unsigned int cmd, + return 0; + } + +-drm_ioctl_compat_t *mga_compat_ioctls[] = { ++drm_ioctl_compat_t mga_compat_ioctls[] = { + [DRM_MGA_INIT] = compat_mga_init, + [DRM_MGA_GETPARAM] = compat_mga_getparam, + [DRM_MGA_DMA_BOOTSTRAP] = compat_mga_dma_bootstrap, +@@ -207,18 +207,15 @@ drm_ioctl_compat_t *mga_compat_ioctls[] = { + long mga_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn = NULL; + int ret; + + if (nr < DRM_COMMAND_BASE) + return drm_compat_ioctl(filp, cmd, arg); + +- if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(mga_compat_ioctls)) +- fn = mga_compat_ioctls[nr - DRM_COMMAND_BASE]; +- +- if (fn != NULL) ++ if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(mga_compat_ioctls)) { ++ drm_ioctl_compat_t fn = mga_compat_ioctls[nr - DRM_COMMAND_BASE]; + ret = (*fn) (filp, cmd, arg); +- else ++ } else + ret = drm_ioctl(filp, cmd, arg); + + return ret; diff --git a/drivers/gpu/drm/mga/mga_irq.c b/drivers/gpu/drm/mga/mga_irq.c index 598c281..60d590e 100644 --- a/drivers/gpu/drm/mga/mga_irq.c @@ -34033,6 +35040,19 @@ index 8bf695c..9fbc90a 100644 retry: if (++trycnt > 100000) { NV_ERROR(drm, "%s failed and gave up.\n", __func__); +diff --git a/drivers/gpu/drm/nouveau/nouveau_ioc32.c b/drivers/gpu/drm/nouveau/nouveau_ioc32.c +index 08214bc..9208577 100644 +--- a/drivers/gpu/drm/nouveau/nouveau_ioc32.c ++++ b/drivers/gpu/drm/nouveau/nouveau_ioc32.c +@@ -50,7 +50,7 @@ long nouveau_compat_ioctl(struct file *filp, unsigned int cmd, + unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn = NULL; ++ drm_ioctl_compat_t fn = NULL; + int ret; + + if (nr < DRM_COMMAND_BASE) diff --git a/drivers/gpu/drm/nouveau/nouveau_vga.c b/drivers/gpu/drm/nouveau/nouveau_vga.c index 25d3495..d81aaf6 100644 --- a/drivers/gpu/drm/nouveau/nouveau_vga.c @@ -34080,6 +35100,41 @@ index 930c71b..499aded 100644 u32 color_fmt; unsigned int front_offset; +diff --git a/drivers/gpu/drm/r128/r128_ioc32.c b/drivers/gpu/drm/r128/r128_ioc32.c +index a954c54..9cc595c 100644 +--- a/drivers/gpu/drm/r128/r128_ioc32.c ++++ b/drivers/gpu/drm/r128/r128_ioc32.c +@@ -177,7 +177,7 @@ static int compat_r128_getparam(struct file *file, unsigned int cmd, + return drm_ioctl(file, DRM_IOCTL_R128_GETPARAM, (unsigned long)getparam); + } + +-drm_ioctl_compat_t *r128_compat_ioctls[] = { ++drm_ioctl_compat_t r128_compat_ioctls[] = { + [DRM_R128_INIT] = compat_r128_init, + [DRM_R128_DEPTH] = compat_r128_depth, + [DRM_R128_STIPPLE] = compat_r128_stipple, +@@ -196,18 +196,15 @@ drm_ioctl_compat_t *r128_compat_ioctls[] = { + long r128_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn = NULL; + int ret; + + if (nr < DRM_COMMAND_BASE) + return drm_compat_ioctl(filp, cmd, arg); + +- if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(r128_compat_ioctls)) +- fn = r128_compat_ioctls[nr - DRM_COMMAND_BASE]; +- +- if (fn != NULL) ++ if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(r128_compat_ioctls)) { ++ drm_ioctl_compat_t fn = r128_compat_ioctls[nr - DRM_COMMAND_BASE]; + ret = (*fn) (filp, cmd, arg); +- else ++ } else + ret = drm_ioctl(filp, cmd, arg); + + return ret; diff --git a/drivers/gpu/drm/r128/r128_irq.c b/drivers/gpu/drm/r128/r128_irq.c index 2ea4f09..d391371 100644 --- a/drivers/gpu/drm/r128/r128_irq.c @@ -34167,7 +35222,7 @@ index e7fdf16..f4f6490 100644 uint32_t irq_enable_reg; uint32_t r500_disp_irq_reg; diff --git a/drivers/gpu/drm/radeon/radeon_ioc32.c b/drivers/gpu/drm/radeon/radeon_ioc32.c -index c180df8..cd80dd2d 100644 +index c180df8..5fd8186 100644 --- a/drivers/gpu/drm/radeon/radeon_ioc32.c +++ b/drivers/gpu/drm/radeon/radeon_ioc32.c @@ -358,7 +358,7 @@ static int compat_radeon_cp_setparam(struct file *file, unsigned int cmd, @@ -34179,6 +35234,37 @@ index c180df8..cd80dd2d 100644 &request->value)) return -EFAULT; +@@ -368,7 +368,7 @@ static int compat_radeon_cp_setparam(struct file *file, unsigned int cmd, + #define compat_radeon_cp_setparam NULL + #endif /* X86_64 || IA64 */ + +-static drm_ioctl_compat_t *radeon_compat_ioctls[] = { ++static drm_ioctl_compat_t radeon_compat_ioctls[] = { + [DRM_RADEON_CP_INIT] = compat_radeon_cp_init, + [DRM_RADEON_CLEAR] = compat_radeon_cp_clear, + [DRM_RADEON_STIPPLE] = compat_radeon_cp_stipple, +@@ -393,18 +393,15 @@ static drm_ioctl_compat_t *radeon_compat_ioctls[] = { + long radeon_compat_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + { + unsigned int nr = DRM_IOCTL_NR(cmd); +- drm_ioctl_compat_t *fn = NULL; + int ret; + + if (nr < DRM_COMMAND_BASE) + return drm_compat_ioctl(filp, cmd, arg); + +- if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(radeon_compat_ioctls)) +- fn = radeon_compat_ioctls[nr - DRM_COMMAND_BASE]; +- +- if (fn != NULL) ++ if (nr < DRM_COMMAND_BASE + DRM_ARRAY_SIZE(radeon_compat_ioctls)) { ++ drm_ioctl_compat_t fn = radeon_compat_ioctls[nr - DRM_COMMAND_BASE]; + ret = (*fn) (filp, cmd, arg); +- else ++ } else + ret = drm_ioctl(filp, cmd, arg); + + return ret; diff --git a/drivers/gpu/drm/radeon/radeon_irq.c b/drivers/gpu/drm/radeon/radeon_irq.c index e771033..a0bc6b3 100644 --- a/drivers/gpu/drm/radeon/radeon_irq.c @@ -34226,7 +35312,7 @@ index 8e9057b..af6dacb 100644 DRM_DEBUG("pid=%d\n", DRM_CURRENTPID); diff --git a/drivers/gpu/drm/radeon/radeon_ttm.c b/drivers/gpu/drm/radeon/radeon_ttm.c -index 93f760e..33d9839 100644 +index 93f760e..8088227 100644 --- a/drivers/gpu/drm/radeon/radeon_ttm.c +++ b/drivers/gpu/drm/radeon/radeon_ttm.c @@ -782,7 +782,7 @@ void radeon_ttm_set_active_vram_size(struct radeon_device *rdev, u64 size) @@ -34249,6 +35335,54 @@ index 93f760e..33d9839 100644 } vma->vm_ops = &radeon_ttm_vm_ops; return 0; +@@ -862,28 +864,33 @@ static int radeon_ttm_debugfs_init(struct radeon_device *rdev) + sprintf(radeon_mem_types_names[i], "radeon_vram_mm"); + else + sprintf(radeon_mem_types_names[i], "radeon_gtt_mm"); +- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; +- radeon_mem_types_list[i].show = &radeon_mm_dump_table; +- radeon_mem_types_list[i].driver_features = 0; ++ pax_open_kernel(); ++ *(const char **)&radeon_mem_types_list[i].name = radeon_mem_types_names[i]; ++ *(void **)&radeon_mem_types_list[i].show = &radeon_mm_dump_table; ++ *(u32 *)&radeon_mem_types_list[i].driver_features = 0; + if (i == 0) +- radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_VRAM].priv; ++ *(void **)&radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_VRAM].priv; + else +- radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_TT].priv; +- ++ *(void **)&radeon_mem_types_list[i].data = rdev->mman.bdev.man[TTM_PL_TT].priv; ++ pax_close_kernel(); + } + /* Add ttm page pool to debugfs */ + sprintf(radeon_mem_types_names[i], "ttm_page_pool"); +- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; +- radeon_mem_types_list[i].show = &ttm_page_alloc_debugfs; +- radeon_mem_types_list[i].driver_features = 0; +- radeon_mem_types_list[i++].data = NULL; ++ pax_open_kernel(); ++ *(const char **)&radeon_mem_types_list[i].name = radeon_mem_types_names[i]; ++ *(void **)&radeon_mem_types_list[i].show = &ttm_page_alloc_debugfs; ++ *(u32 *)&radeon_mem_types_list[i].driver_features = 0; ++ *(void **)&radeon_mem_types_list[i++].data = NULL; ++ pax_close_kernel(); + #ifdef CONFIG_SWIOTLB + if (swiotlb_nr_tbl()) { + sprintf(radeon_mem_types_names[i], "ttm_dma_page_pool"); +- radeon_mem_types_list[i].name = radeon_mem_types_names[i]; +- radeon_mem_types_list[i].show = &ttm_dma_page_alloc_debugfs; +- radeon_mem_types_list[i].driver_features = 0; +- radeon_mem_types_list[i++].data = NULL; ++ pax_open_kernel(); ++ *(const char **)&radeon_mem_types_list[i].name = radeon_mem_types_names[i]; ++ *(void **)&radeon_mem_types_list[i].show = &ttm_dma_page_alloc_debugfs; ++ *(u32 *)&radeon_mem_types_list[i].driver_features = 0; ++ *(void **)&radeon_mem_types_list[i++].data = NULL; ++ pax_close_kernel(); + } + #endif + return radeon_debugfs_add_files(rdev, radeon_mem_types_list, i); diff --git a/drivers/gpu/drm/radeon/rs690.c b/drivers/gpu/drm/radeon/rs690.c index 5706d2a..17aedaa 100644 --- a/drivers/gpu/drm/radeon/rs690.c @@ -34282,6 +35416,18 @@ index bd2a3b4..122d9ad 100644 struct ttm_page_pool *pool; int shrink_pages = sc->nr_to_scan; +diff --git a/drivers/gpu/drm/udl/udl_fb.c b/drivers/gpu/drm/udl/udl_fb.c +index 1eb060c..188b1fc 100644 +--- a/drivers/gpu/drm/udl/udl_fb.c ++++ b/drivers/gpu/drm/udl/udl_fb.c +@@ -367,7 +367,6 @@ static int udl_fb_release(struct fb_info *info, int user) + fb_deferred_io_cleanup(info); + kfree(info->fbdefio); + info->fbdefio = NULL; +- info->fbops->fb_mmap = udl_fb_mmap; + } + + pr_warn("released /dev/fb%d user=%d count=%d\n", diff --git a/drivers/gpu/drm/via/via_drv.h b/drivers/gpu/drm/via/via_drv.h index 893a650..6190d3b 100644 --- a/drivers/gpu/drm/via/via_drv.h @@ -34559,6 +35705,69 @@ index 8e1a9ec..4687821 100644 child_device_obj->device.bus = &hv_bus; child_device_obj->device.parent = &hv_acpi_dev->dev; +diff --git a/drivers/hwmon/acpi_power_meter.c b/drivers/hwmon/acpi_power_meter.c +index 1672e2a..4a6297c 100644 +--- a/drivers/hwmon/acpi_power_meter.c ++++ b/drivers/hwmon/acpi_power_meter.c +@@ -117,7 +117,7 @@ struct sensor_template { + struct device_attribute *devattr, + const char *buf, size_t count); + int index; +-}; ++} __do_const; + + /* Averaging interval */ + static int update_avg_interval(struct acpi_power_meter_resource *resource) +@@ -629,7 +629,7 @@ static int register_attrs(struct acpi_power_meter_resource *resource, + struct sensor_template *attrs) + { + struct device *dev = &resource->acpi_dev->dev; +- struct sensor_device_attribute *sensors = ++ sensor_device_attribute_no_const *sensors = + &resource->sensors[resource->num_sensors]; + int res = 0; + +diff --git a/drivers/hwmon/applesmc.c b/drivers/hwmon/applesmc.c +index b41baff..4953e4d 100644 +--- a/drivers/hwmon/applesmc.c ++++ b/drivers/hwmon/applesmc.c +@@ -1084,7 +1084,7 @@ static int applesmc_create_nodes(struct applesmc_node_group *groups, int num) + { + struct applesmc_node_group *grp; + struct applesmc_dev_attr *node; +- struct attribute *attr; ++ attribute_no_const *attr; + int ret, i; + + for (grp = groups; grp->format; grp++) { +diff --git a/drivers/hwmon/asus_atk0110.c b/drivers/hwmon/asus_atk0110.c +index 56dbcfb..9874bf1 100644 +--- a/drivers/hwmon/asus_atk0110.c ++++ b/drivers/hwmon/asus_atk0110.c +@@ -152,10 +152,10 @@ MODULE_DEVICE_TABLE(acpi, atk_ids); + struct atk_sensor_data { + struct list_head list; + struct atk_data *data; +- struct device_attribute label_attr; +- struct device_attribute input_attr; +- struct device_attribute limit1_attr; +- struct device_attribute limit2_attr; ++ device_attribute_no_const label_attr; ++ device_attribute_no_const input_attr; ++ device_attribute_no_const limit1_attr; ++ device_attribute_no_const limit2_attr; + char label_attr_name[ATTR_NAME_SIZE]; + char input_attr_name[ATTR_NAME_SIZE]; + char limit1_attr_name[ATTR_NAME_SIZE]; +@@ -275,7 +275,7 @@ static ssize_t atk_name_show(struct device *dev, + static struct device_attribute atk_name_attr = + __ATTR(name, 0444, atk_name_show, NULL); + +-static void atk_init_attribute(struct device_attribute *attr, char *name, ++static void atk_init_attribute(device_attribute_no_const *attr, char *name, + sysfs_show_func show) + { + sysfs_attr_init(&attr->attr); diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c index d64923d..72591e8 100644 --- a/drivers/hwmon/coretemp.c @@ -34572,8 +35781,34 @@ index d64923d..72591e8 100644 .notifier_call = coretemp_cpu_callback, }; +diff --git a/drivers/hwmon/ibmaem.c b/drivers/hwmon/ibmaem.c +index a14f634..2916ee2 100644 +--- a/drivers/hwmon/ibmaem.c ++++ b/drivers/hwmon/ibmaem.c +@@ -925,7 +925,7 @@ static int aem_register_sensors(struct aem_data *data, + struct aem_rw_sensor_template *rw) + { + struct device *dev = &data->pdev->dev; +- struct sensor_device_attribute *sensors = data->sensors; ++ sensor_device_attribute_no_const *sensors = data->sensors; + int err; + + /* Set up read-only sensors */ +diff --git a/drivers/hwmon/pmbus/pmbus_core.c b/drivers/hwmon/pmbus/pmbus_core.c +index 7d19b1b..8fdaaac 100644 +--- a/drivers/hwmon/pmbus/pmbus_core.c ++++ b/drivers/hwmon/pmbus/pmbus_core.c +@@ -811,7 +811,7 @@ static ssize_t pmbus_show_label(struct device *dev, + + #define PMBUS_ADD_ATTR(data, _name, _idx, _mode, _type, _show, _set) \ + do { \ +- struct sensor_device_attribute *a \ ++ sensor_device_attribute_no_const *a \ + = &data->_type##s[data->num_##_type##s].attribute; \ + BUG_ON(data->num_attributes >= data->max_attributes); \ + sysfs_attr_init(&a->dev_attr.attr); \ diff --git a/drivers/hwmon/sht15.c b/drivers/hwmon/sht15.c -index 1c85d39..55ed3cf 100644 +index 8047fed..1e956f0 100644 --- a/drivers/hwmon/sht15.c +++ b/drivers/hwmon/sht15.c @@ -169,7 +169,7 @@ struct sht15_data { @@ -34676,6 +35911,19 @@ index 8126824..55a2798 100644 drive->dma = 0; } } +diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c +index 8848f16..f8e6dd8 100644 +--- a/drivers/iio/industrialio-core.c ++++ b/drivers/iio/industrialio-core.c +@@ -506,7 +506,7 @@ static ssize_t iio_write_channel_info(struct device *dev, + } + + static +-int __iio_device_attr_init(struct device_attribute *dev_attr, ++int __iio_device_attr_init(device_attribute_no_const *dev_attr, + const char *postfix, + struct iio_chan_spec const *chan, + ssize_t (*readfunc)(struct device *dev, diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c index 394fea2..c833880 100644 --- a/drivers/infiniband/core/cm.c @@ -35468,6 +36716,19 @@ index d6cbfe9..6225402 100644 snprintf(led->name, sizeof(led->name), "xpad%ld", led_no); led->xpad = xpad; +diff --git a/drivers/input/mouse/psmouse.h b/drivers/input/mouse/psmouse.h +index fe1df23..5b710f3 100644 +--- a/drivers/input/mouse/psmouse.h ++++ b/drivers/input/mouse/psmouse.h +@@ -115,7 +115,7 @@ struct psmouse_attribute { + ssize_t (*set)(struct psmouse *psmouse, void *data, + const char *buf, size_t count); + bool protect; +-}; ++} __do_const; + #define to_psmouse_attr(a) container_of((a), struct psmouse_attribute, dattr) + + ssize_t psmouse_attr_show_helper(struct device *dev, struct device_attribute *attr, diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c index 4c842c3..590b0bf 100644 --- a/drivers/input/mousedev.c @@ -35503,6 +36764,19 @@ index 25fc597..558bf3b 100644 serio->dev.bus = &serio_bus; serio->dev.release = serio_release_port; serio->dev.groups = serio_device_attr_groups; +diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c +index ddbdaca..be18a78 100644 +--- a/drivers/iommu/iommu.c ++++ b/drivers/iommu/iommu.c +@@ -554,7 +554,7 @@ static struct notifier_block iommu_bus_nb = { + static void iommu_bus_init(struct bus_type *bus, struct iommu_ops *ops) + { + bus_register_notifier(bus, &iommu_bus_nb); +- bus_for_each_dev(bus, NULL, ops, add_iommu_group); ++ bus_for_each_dev(bus, NULL, (void *)ops, add_iommu_group); + } + + /** diff --git a/drivers/isdn/capi/capi.c b/drivers/isdn/capi/capi.c index 89562a8..218999b 100644 --- a/drivers/isdn/capi/capi.c @@ -35672,6 +36946,32 @@ index e74df7c..03a03ba 100644 return -EFAULT; } else memcpy(msg, buf, count); +diff --git a/drivers/leds/leds-clevo-mail.c b/drivers/leds/leds-clevo-mail.c +index 6a8405d..0bd1c7e 100644 +--- a/drivers/leds/leds-clevo-mail.c ++++ b/drivers/leds/leds-clevo-mail.c +@@ -40,7 +40,7 @@ static int __init clevo_mail_led_dmi_callback(const struct dmi_system_id *id) + * detected as working, but in reality it is not) as low as + * possible. + */ +-static struct dmi_system_id __initdata clevo_mail_led_dmi_table[] = { ++static const struct dmi_system_id __initconst clevo_mail_led_dmi_table[] = { + { + .callback = clevo_mail_led_dmi_callback, + .ident = "Clevo D410J", +diff --git a/drivers/leds/leds-ss4200.c b/drivers/leds/leds-ss4200.c +index ec9b287..65c9bf4 100644 +--- a/drivers/leds/leds-ss4200.c ++++ b/drivers/leds/leds-ss4200.c +@@ -92,7 +92,7 @@ MODULE_PARM_DESC(nodetect, "Skip DMI-based hardware detection"); + * detected as working, but in reality it is not) as low as + * possible. + */ +-static struct dmi_system_id __initdata nas_led_whitelist[] = { ++static const struct dmi_system_id __initconst nas_led_whitelist[] = { + { + .callback = ss4200_led_dmi_callback, + .ident = "Intel SS4200-E", diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c index a5ebc00..982886f 100644 --- a/drivers/lguest/core.c @@ -35824,10 +37124,10 @@ index 7155945..4bcc562 100644 seq_printf(seq, "\n"); diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c -index 0666b5d..ed82cb4 100644 +index eee353d..74504c4 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c -@@ -1628,7 +1628,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param) +@@ -1632,7 +1632,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param) cmd == DM_LIST_VERSIONS_CMD) return 0; @@ -35837,7 +37137,7 @@ index 0666b5d..ed82cb4 100644 DMWARN("name not supplied when creating device"); return -EINVAL; diff --git a/drivers/md/dm-raid1.c b/drivers/md/dm-raid1.c -index fa51918..c26253c 100644 +index 7f24190..0e18099 100644 --- a/drivers/md/dm-raid1.c +++ b/drivers/md/dm-raid1.c @@ -40,7 +40,7 @@ enum dm_raid1_error { @@ -35913,7 +37213,7 @@ index fa51918..c26253c 100644 return (test_bit(DM_RAID1_FLUSH_ERROR, &(m->error_type))) ? 'F' : diff --git a/drivers/md/dm-stripe.c b/drivers/md/dm-stripe.c -index c89cde8..9d184cf 100644 +index aaecefa..23b3026 100644 --- a/drivers/md/dm-stripe.c +++ b/drivers/md/dm-stripe.c @@ -20,7 +20,7 @@ struct stripe { @@ -35934,7 +37234,7 @@ index c89cde8..9d184cf 100644 } ti->private = sc; -@@ -325,7 +325,7 @@ static int stripe_status(struct dm_target *ti, status_type_t type, +@@ -325,7 +325,7 @@ static void stripe_status(struct dm_target *ti, status_type_t type, DMEMIT("%d ", sc->stripes); for (i = 0; i < sc->stripes; i++) { DMEMIT("%s ", sc->stripe[i].dev->name); @@ -35943,7 +37243,7 @@ index c89cde8..9d184cf 100644 'D' : 'A'; } buffer[i] = '\0'; -@@ -371,8 +371,8 @@ static int stripe_end_io(struct dm_target *ti, struct bio *bio, int error) +@@ -370,8 +370,8 @@ static int stripe_end_io(struct dm_target *ti, struct bio *bio, int error) */ for (i = 0; i < sc->stripes; i++) if (!strcmp(sc->stripe[i].dev->name, major_minor)) { @@ -35990,7 +37290,7 @@ index 4d6e853..a234157 100644 pmd->bl_info.value_type.inc = data_block_inc; pmd->bl_info.value_type.dec = data_block_dec; diff --git a/drivers/md/dm.c b/drivers/md/dm.c -index 314a0e2..1376406 100644 +index 0d8f086..f5a91d5 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -170,9 +170,9 @@ struct mapped_device { @@ -36016,7 +37316,7 @@ index 314a0e2..1376406 100644 INIT_LIST_HEAD(&md->uevent_list); spin_lock_init(&md->uevent_lock); -@@ -2014,7 +2014,7 @@ static void event_callback(void *context) +@@ -2026,7 +2026,7 @@ static void event_callback(void *context) dm_send_uevents(&uevents, &disk_to_dev(md->disk)->kobj); @@ -36025,7 +37325,7 @@ index 314a0e2..1376406 100644 wake_up(&md->eventq); } -@@ -2669,18 +2669,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, +@@ -2683,18 +2683,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, uint32_t dm_next_uevent_seq(struct mapped_device *md) { @@ -36048,7 +37348,7 @@ index 314a0e2..1376406 100644 void dm_uevent_add(struct mapped_device *md, struct list_head *elist) diff --git a/drivers/md/md.c b/drivers/md/md.c -index 3db3d1b..9487468 100644 +index f363135..9b38815 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -240,10 +240,10 @@ EXPORT_SYMBOL_GPL(md_trim_bio); @@ -36073,7 +37373,7 @@ index 3db3d1b..9487468 100644 wake_up(&md_event_waiters); } -@@ -1503,7 +1503,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ +@@ -1507,7 +1507,7 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ if ((le32_to_cpu(sb->feature_map) & MD_FEATURE_RESHAPE_ACTIVE) && (le32_to_cpu(sb->feature_map) & MD_FEATURE_NEW_OFFSET)) rdev->new_data_offset += (s32)le32_to_cpu(sb->new_offset); @@ -36082,7 +37382,7 @@ index 3db3d1b..9487468 100644 rdev->sb_size = le32_to_cpu(sb->max_dev) * 2 + 256; bmask = queue_logical_block_size(rdev->bdev->bd_disk->queue)-1; -@@ -1747,7 +1747,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) +@@ -1751,7 +1751,7 @@ static void super_1_sync(struct mddev *mddev, struct md_rdev *rdev) else sb->resync_offset = cpu_to_le64(0); @@ -36091,7 +37391,7 @@ index 3db3d1b..9487468 100644 sb->raid_disks = cpu_to_le32(mddev->raid_disks); sb->size = cpu_to_le64(mddev->dev_sectors); -@@ -2747,7 +2747,7 @@ __ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store); +@@ -2751,7 +2751,7 @@ __ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store); static ssize_t errors_show(struct md_rdev *rdev, char *page) { @@ -36100,7 +37400,7 @@ index 3db3d1b..9487468 100644 } static ssize_t -@@ -2756,7 +2756,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) +@@ -2760,7 +2760,7 @@ errors_store(struct md_rdev *rdev, const char *buf, size_t len) char *e; unsigned long n = simple_strtoul(buf, &e, 10); if (*buf && (*e == 0 || *e == '\n')) { @@ -36109,7 +37409,7 @@ index 3db3d1b..9487468 100644 return len; } return -EINVAL; -@@ -3203,8 +3203,8 @@ int md_rdev_init(struct md_rdev *rdev) +@@ -3210,8 +3210,8 @@ int md_rdev_init(struct md_rdev *rdev) rdev->sb_loaded = 0; rdev->bb_page = NULL; atomic_set(&rdev->nr_pending, 0); @@ -36120,7 +37420,7 @@ index 3db3d1b..9487468 100644 INIT_LIST_HEAD(&rdev->same_set); init_waitqueue_head(&rdev->blocked_wait); -@@ -6980,7 +6980,7 @@ static int md_seq_show(struct seq_file *seq, void *v) +@@ -6987,7 +6987,7 @@ static int md_seq_show(struct seq_file *seq, void *v) spin_unlock(&pers_lock); seq_printf(seq, "\n"); @@ -36129,7 +37429,7 @@ index 3db3d1b..9487468 100644 return 0; } if (v == (void*)2) { -@@ -7083,7 +7083,7 @@ static int md_seq_open(struct inode *inode, struct file *file) +@@ -7090,7 +7090,7 @@ static int md_seq_open(struct inode *inode, struct file *file) return error; seq = file->private_data; @@ -36138,7 +37438,7 @@ index 3db3d1b..9487468 100644 return error; } -@@ -7097,7 +7097,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) +@@ -7104,7 +7104,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) /* always allow read */ mask = POLLIN | POLLRDNORM; @@ -36147,7 +37447,7 @@ index 3db3d1b..9487468 100644 mask |= POLLERR | POLLPRI; return mask; } -@@ -7141,7 +7141,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) +@@ -7148,7 +7148,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) struct gendisk *disk = rdev->bdev->bd_contains->bd_disk; curr_events = (int)part_stat_read(&disk->part0, sectors[0]) + (int)part_stat_read(&disk->part0, sectors[1]) - @@ -36198,10 +37498,10 @@ index 1cbfc6b..56e1dbb 100644 /*----------------------------------------------------------------*/ diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c -index d5bddfc..b079b4b 100644 +index 75b1f89..00ba344 100644 --- a/drivers/md/raid1.c +++ b/drivers/md/raid1.c -@@ -1818,7 +1818,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) +@@ -1819,7 +1819,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) if (r1_sync_page_io(rdev, sect, s, bio->bi_io_vec[idx].bv_page, READ) != 0) @@ -36210,7 +37510,7 @@ index d5bddfc..b079b4b 100644 } sectors -= s; sect += s; -@@ -2040,7 +2040,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, +@@ -2041,7 +2041,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, test_bit(In_sync, &rdev->flags)) { if (r1_sync_page_io(rdev, sect, s, conf->tmppage, READ)) { @@ -36220,10 +37520,10 @@ index d5bddfc..b079b4b 100644 "md/raid1:%s: read error corrected " "(%d sectors at %llu on %s)\n", diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c -index 64d4824..8b9ea57 100644 +index 8d925dc..11d674f 100644 --- a/drivers/md/raid10.c +++ b/drivers/md/raid10.c -@@ -1877,7 +1877,7 @@ static void end_sync_read(struct bio *bio, int error) +@@ -1878,7 +1878,7 @@ static void end_sync_read(struct bio *bio, int error) /* The write handler will notice the lack of * R10BIO_Uptodate and record any errors etc */ @@ -36232,7 +37532,7 @@ index 64d4824..8b9ea57 100644 &conf->mirrors[d].rdev->corrected_errors); /* for reconstruct, we always reschedule after a read. -@@ -2226,7 +2226,7 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) +@@ -2227,7 +2227,7 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) { struct timespec cur_time_mon; unsigned long hours_since_last; @@ -36241,7 +37541,7 @@ index 64d4824..8b9ea57 100644 ktime_get_ts(&cur_time_mon); -@@ -2248,9 +2248,9 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) +@@ -2249,9 +2249,9 @@ static void check_decay_read_errors(struct mddev *mddev, struct md_rdev *rdev) * overflowing the shift of read_errors by hours_since_last. */ if (hours_since_last >= 8 * sizeof(read_errors)) @@ -36253,7 +37553,7 @@ index 64d4824..8b9ea57 100644 } static int r10_sync_page_io(struct md_rdev *rdev, sector_t sector, -@@ -2304,8 +2304,8 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2305,8 +2305,8 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 return; check_decay_read_errors(mddev, rdev); @@ -36264,7 +37564,7 @@ index 64d4824..8b9ea57 100644 char b[BDEVNAME_SIZE]; bdevname(rdev->bdev, b); -@@ -2313,7 +2313,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2314,7 +2314,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 "md/raid10:%s: %s: Raid device exceeded " "read_error threshold [cur %d:max %d]\n", mdname(mddev), b, @@ -36273,7 +37573,7 @@ index 64d4824..8b9ea57 100644 printk(KERN_NOTICE "md/raid10:%s: %s: Failing raid device\n", mdname(mddev), b); -@@ -2468,7 +2468,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 +@@ -2469,7 +2469,7 @@ static void fix_read_error(struct r10conf *conf, struct mddev *mddev, struct r10 sect + choose_data_offset(r10_bio, rdev)), bdevname(rdev->bdev, b)); @@ -36583,6 +37883,29 @@ index 9382895..ac8093c 100644 /* debug */ static int dvb_usb_dw2102_debug; +diff --git a/drivers/media/v4l2-core/v4l2-ioctl.c b/drivers/media/v4l2-core/v4l2-ioctl.c +index aa6e7c7..4cd8061 100644 +--- a/drivers/media/v4l2-core/v4l2-ioctl.c ++++ b/drivers/media/v4l2-core/v4l2-ioctl.c +@@ -1923,7 +1923,8 @@ struct v4l2_ioctl_info { + struct file *file, void *fh, void *p); + } u; + void (*debug)(const void *arg, bool write_only); +-}; ++} __do_const; ++typedef struct v4l2_ioctl_info __no_const v4l2_ioctl_info_no_const; + + /* This control needs a priority check */ + #define INFO_FL_PRIO (1 << 0) +@@ -2108,7 +2109,7 @@ static long __video_do_ioctl(struct file *file, + struct video_device *vfd = video_devdata(file); + const struct v4l2_ioctl_ops *ops = vfd->ioctl_ops; + bool write_only = false; +- struct v4l2_ioctl_info default_info; ++ v4l2_ioctl_info_no_const default_info; + const struct v4l2_ioctl_info *info; + void *fh = file->private_data; + struct v4l2_fh *vfh = NULL; diff --git a/drivers/memstick/host/r592.c b/drivers/memstick/host/r592.c index 29b2172..a7c5b31 100644 --- a/drivers/memstick/host/r592.c @@ -36874,6 +38197,70 @@ index 45ece11..8efa218 100644 #include #include #include +diff --git a/drivers/mfd/twl4030-irq.c b/drivers/mfd/twl4030-irq.c +index a5f9888..1c0ed56 100644 +--- a/drivers/mfd/twl4030-irq.c ++++ b/drivers/mfd/twl4030-irq.c +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + + #include "twl-core.h" + +@@ -728,10 +729,12 @@ int twl4030_init_irq(struct device *dev, int irq_num) + * Install an irq handler for each of the SIH modules; + * clone dummy irq_chip since PIH can't *do* anything + */ +- twl4030_irq_chip = dummy_irq_chip; +- twl4030_irq_chip.name = "twl4030"; ++ pax_open_kernel(); ++ memcpy((void *)&twl4030_irq_chip, &dummy_irq_chip, sizeof twl4030_irq_chip); ++ *(const char **)&twl4030_irq_chip.name = "twl4030"; + +- twl4030_sih_irq_chip.irq_ack = dummy_irq_chip.irq_ack; ++ *(void **)&twl4030_sih_irq_chip.irq_ack = dummy_irq_chip.irq_ack; ++ pax_close_kernel(); + + for (i = irq_base; i < irq_end; i++) { + irq_set_chip_and_handler(i, &twl4030_irq_chip, +diff --git a/drivers/mfd/twl6030-irq.c b/drivers/mfd/twl6030-irq.c +index 277a8db..0e0b754 100644 +--- a/drivers/mfd/twl6030-irq.c ++++ b/drivers/mfd/twl6030-irq.c +@@ -387,10 +387,12 @@ int twl6030_init_irq(struct device *dev, int irq_num) + * install an irq handler for each of the modules; + * clone dummy irq_chip since PIH can't *do* anything + */ +- twl6030_irq_chip = dummy_irq_chip; +- twl6030_irq_chip.name = "twl6030"; +- twl6030_irq_chip.irq_set_type = NULL; +- twl6030_irq_chip.irq_set_wake = twl6030_irq_set_wake; ++ pax_open_kernel(); ++ memcpy((void *)&twl6030_irq_chip, &dummy_irq_chip, sizeof twl6030_irq_chip); ++ *(const char **)&twl6030_irq_chip.name = "twl6030"; ++ *(void **)&twl6030_irq_chip.irq_set_type = NULL; ++ *(void **)&twl6030_irq_chip.irq_set_wake = twl6030_irq_set_wake; ++ pax_close_kernel(); + + for (i = irq_base; i < irq_end; i++) { + irq_set_chip_and_handler(i, &twl6030_irq_chip, +diff --git a/drivers/misc/c2port/core.c b/drivers/misc/c2port/core.c +index f428d86..274c368 100644 +--- a/drivers/misc/c2port/core.c ++++ b/drivers/misc/c2port/core.c +@@ -924,7 +924,9 @@ struct c2port_device *c2port_device_register(char *name, + mutex_init(&c2dev->mutex); + + /* Create binary file */ +- c2port_bin_attrs.size = ops->blocks_num * ops->block_size; ++ pax_open_kernel(); ++ *(size_t *)&c2port_bin_attrs.size = ops->blocks_num * ops->block_size; ++ pax_close_kernel(); + ret = device_create_bin_file(c2dev->dev, &c2port_bin_attrs); + if (unlikely(ret)) + goto error_device_create_bin_file; diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c index 3aa9a96..59cf685 100644 --- a/drivers/misc/kgdbts.c @@ -37308,6 +38695,32 @@ index 51b9d6a..52af9a7 100644 #include #include #include +diff --git a/drivers/mtd/sm_ftl.c b/drivers/mtd/sm_ftl.c +index 8dd6ba5..419cc1d 100644 +--- a/drivers/mtd/sm_ftl.c ++++ b/drivers/mtd/sm_ftl.c +@@ -56,7 +56,7 @@ ssize_t sm_attr_show(struct device *dev, struct device_attribute *attr, + #define SM_CIS_VENDOR_OFFSET 0x59 + struct attribute_group *sm_create_sysfs_attributes(struct sm_ftl *ftl) + { +- struct attribute_group *attr_group; ++ attribute_group_no_const *attr_group; + struct attribute **attributes; + struct sm_sysfs_attribute *vendor_attribute; + +diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c +index b7d45f3..b5c89d9 100644 +--- a/drivers/net/bonding/bond_main.c ++++ b/drivers/net/bonding/bond_main.c +@@ -4861,7 +4861,7 @@ static unsigned int bond_get_num_tx_queues(void) + return tx_queues; + } + +-static struct rtnl_link_ops bond_link_ops __read_mostly = { ++static struct rtnl_link_ops bond_link_ops = { + .kind = "bond", + .priv_size = sizeof(struct bonding), + .setup = bond_setup, diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c index 70dba5d..11a0919 100644 --- a/drivers/net/ethernet/8390/ax88796.c @@ -37609,10 +39022,33 @@ index 1e9cb0b..7839125 100644 priv = netdev_priv(dev); priv->phy = phy; diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c -index d3fb97d..e229d3e 100644 +index d3fb97d..19520c7 100644 --- a/drivers/net/macvlan.c +++ b/drivers/net/macvlan.c -@@ -913,7 +913,7 @@ static int macvlan_device_event(struct notifier_block *unused, +@@ -851,13 +851,15 @@ static const struct nla_policy macvlan_policy[IFLA_MACVLAN_MAX + 1] = { + int macvlan_link_register(struct rtnl_link_ops *ops) + { + /* common fields */ +- ops->priv_size = sizeof(struct macvlan_dev); +- ops->validate = macvlan_validate; +- ops->maxtype = IFLA_MACVLAN_MAX; +- ops->policy = macvlan_policy; +- ops->changelink = macvlan_changelink; +- ops->get_size = macvlan_get_size; +- ops->fill_info = macvlan_fill_info; ++ pax_open_kernel(); ++ *(size_t *)&ops->priv_size = sizeof(struct macvlan_dev); ++ *(void **)&ops->validate = macvlan_validate; ++ *(int *)&ops->maxtype = IFLA_MACVLAN_MAX; ++ *(const void **)&ops->policy = macvlan_policy; ++ *(void **)&ops->changelink = macvlan_changelink; ++ *(void **)&ops->get_size = macvlan_get_size; ++ *(void **)&ops->fill_info = macvlan_fill_info; ++ pax_close_kernel(); + + return rtnl_link_register(ops); + }; +@@ -913,7 +915,7 @@ static int macvlan_device_event(struct notifier_block *unused, return NOTIFY_DONE; } @@ -37795,6 +39231,19 @@ index cd8ccb2..cff5144 100644 result = hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); +diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c +index 656230e..15525a8 100644 +--- a/drivers/net/vxlan.c ++++ b/drivers/net/vxlan.c +@@ -1428,7 +1428,7 @@ nla_put_failure: + return -EMSGSIZE; + } + +-static struct rtnl_link_ops vxlan_link_ops __read_mostly = { ++static struct rtnl_link_ops vxlan_link_ops = { + .kind = "vxlan", + .maxtype = IFLA_VXLAN_MAX, + .policy = vxlan_policy, diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c index 8d78253..bebbb68 100644 --- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c @@ -38489,6 +39938,21 @@ index 3f56bc0..707d642 100644 } #endif /* IEEE1284.3 support. */ +diff --git a/drivers/pci/hotplug/acpiphp_ibm.c b/drivers/pci/hotplug/acpiphp_ibm.c +index c35e8ad..fc33beb 100644 +--- a/drivers/pci/hotplug/acpiphp_ibm.c ++++ b/drivers/pci/hotplug/acpiphp_ibm.c +@@ -464,7 +464,9 @@ static int __init ibm_acpiphp_init(void) + goto init_cleanup; + } + +- ibm_apci_table_attr.size = ibm_get_table_from_acpi(NULL); ++ pax_open_kernel(); ++ *(size_t *)&ibm_apci_table_attr.size = ibm_get_table_from_acpi(NULL); ++ pax_close_kernel(); + retval = sysfs_create_bin_file(sysdir, &ibm_apci_table_attr); + + return retval; diff --git a/drivers/pci/hotplug/cpcihp_generic.c b/drivers/pci/hotplug/cpcihp_generic.c index a6a71c4..c91097b 100644 --- a/drivers/pci/hotplug/cpcihp_generic.c @@ -38583,6 +40047,80 @@ index 76ba8a1..20ca857 100644 dbg("int15 entry = %p\n", compaq_int15_entry_point); /* initialize our int15 lock */ +diff --git a/drivers/pci/hotplug/pci_hotplug_core.c b/drivers/pci/hotplug/pci_hotplug_core.c +index 202f4a9..8ee47d0 100644 +--- a/drivers/pci/hotplug/pci_hotplug_core.c ++++ b/drivers/pci/hotplug/pci_hotplug_core.c +@@ -448,8 +448,10 @@ int __pci_hp_register(struct hotplug_slot *slot, struct pci_bus *bus, + return -EINVAL; + } + +- slot->ops->owner = owner; +- slot->ops->mod_name = mod_name; ++ pax_open_kernel(); ++ *(struct module **)&slot->ops->owner = owner; ++ *(const char **)&slot->ops->mod_name = mod_name; ++ pax_close_kernel(); + + mutex_lock(&pci_hp_mutex); + /* +diff --git a/drivers/pci/hotplug/pciehp_core.c b/drivers/pci/hotplug/pciehp_core.c +index 939bd1d..a1459c9 100644 +--- a/drivers/pci/hotplug/pciehp_core.c ++++ b/drivers/pci/hotplug/pciehp_core.c +@@ -91,7 +91,7 @@ static int init_slot(struct controller *ctrl) + struct slot *slot = ctrl->slot; + struct hotplug_slot *hotplug = NULL; + struct hotplug_slot_info *info = NULL; +- struct hotplug_slot_ops *ops = NULL; ++ hotplug_slot_ops_no_const *ops = NULL; + char name[SLOT_NAME_SIZE]; + int retval = -ENOMEM; + +diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c +index 9c6e9bb..2916736 100644 +--- a/drivers/pci/pci-sysfs.c ++++ b/drivers/pci/pci-sysfs.c +@@ -1071,7 +1071,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) + { + /* allocate attribute structure, piggyback attribute name */ + int name_len = write_combine ? 13 : 10; +- struct bin_attribute *res_attr; ++ bin_attribute_no_const *res_attr; + int retval; + + res_attr = kzalloc(sizeof(*res_attr) + name_len, GFP_ATOMIC); +@@ -1256,7 +1256,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor + static int pci_create_capabilities_sysfs(struct pci_dev *dev) + { + int retval; +- struct bin_attribute *attr; ++ bin_attribute_no_const *attr; + + /* If the device has VPD, try to expose it in sysfs. */ + if (dev->vpd) { +@@ -1303,7 +1303,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) + { + int retval; + int rom_size = 0; +- struct bin_attribute *attr; ++ bin_attribute_no_const *attr; + + if (!sysfs_initialized) + return -EACCES; +diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h +index e851829..a1a7196 100644 +--- a/drivers/pci/pci.h ++++ b/drivers/pci/pci.h +@@ -98,7 +98,7 @@ struct pci_vpd_ops { + struct pci_vpd { + unsigned int len; + const struct pci_vpd_ops *ops; +- struct bin_attribute *attr; /* descriptor for sysfs VPD entry */ ++ bin_attribute_no_const *attr; /* descriptor for sysfs VPD entry */ + }; + + extern int pci_vpd_pci22_init(struct pci_dev *dev); diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c index 8474b6a..ee81993 100644 --- a/drivers/pci/pcie/aspm.c @@ -38634,6 +40172,44 @@ index 9b8505c..f00870a 100644 proc_create("devices", 0, proc_bus_pci_dir, &proc_bus_pci_dev_operations); proc_initialized = 1; +diff --git a/drivers/platform/x86/msi-laptop.c b/drivers/platform/x86/msi-laptop.c +index 2111dbb..79e434b 100644 +--- a/drivers/platform/x86/msi-laptop.c ++++ b/drivers/platform/x86/msi-laptop.c +@@ -820,12 +820,14 @@ static int __init load_scm_model_init(struct platform_device *sdev) + int result; + + /* allow userland write sysfs file */ +- dev_attr_bluetooth.store = store_bluetooth; +- dev_attr_wlan.store = store_wlan; +- dev_attr_threeg.store = store_threeg; +- dev_attr_bluetooth.attr.mode |= S_IWUSR; +- dev_attr_wlan.attr.mode |= S_IWUSR; +- dev_attr_threeg.attr.mode |= S_IWUSR; ++ pax_open_kernel(); ++ *(void **)&dev_attr_bluetooth.store = store_bluetooth; ++ *(void **)&dev_attr_wlan.store = store_wlan; ++ *(void **)&dev_attr_threeg.store = store_threeg; ++ *(umode_t *)&dev_attr_bluetooth.attr.mode |= S_IWUSR; ++ *(umode_t *)&dev_attr_wlan.attr.mode |= S_IWUSR; ++ *(umode_t *)&dev_attr_threeg.attr.mode |= S_IWUSR; ++ pax_close_kernel(); + + /* disable hardware control by fn key */ + result = ec_read(MSI_STANDARD_EC_SCM_LOAD_ADDRESS, &data); +diff --git a/drivers/platform/x86/sony-laptop.c b/drivers/platform/x86/sony-laptop.c +index 0fe987f..6f3d5c3 100644 +--- a/drivers/platform/x86/sony-laptop.c ++++ b/drivers/platform/x86/sony-laptop.c +@@ -2356,7 +2356,7 @@ static void sony_nc_lid_resume_cleanup(struct platform_device *pd) + } + + /* High speed charging function */ +-static struct device_attribute *hsc_handle; ++static device_attribute_no_const *hsc_handle; + + static ssize_t sony_nc_highspeed_charging_store(struct device *dev, + struct device_attribute *attr, diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c index f946ca7..f25c833 100644 --- a/drivers/platform/x86/thinkpad_acpi.c @@ -38873,6 +40449,73 @@ index 7df7c5f..bd48c47 100644 ret = usb_register_notifier(transceiver, &otg_nb); if (ret) { dev_err(dev, "failure to register otg notifier\n"); +diff --git a/drivers/power/power_supply.h b/drivers/power/power_supply.h +index cc439fd..8fa30df 100644 +--- a/drivers/power/power_supply.h ++++ b/drivers/power/power_supply.h +@@ -16,12 +16,12 @@ struct power_supply; + + #ifdef CONFIG_SYSFS + +-extern void power_supply_init_attrs(struct device_type *dev_type); ++extern void power_supply_init_attrs(void); + extern int power_supply_uevent(struct device *dev, struct kobj_uevent_env *env); + + #else + +-static inline void power_supply_init_attrs(struct device_type *dev_type) {} ++static inline void power_supply_init_attrs(void) {} + #define power_supply_uevent NULL + + #endif /* CONFIG_SYSFS */ +diff --git a/drivers/power/power_supply_core.c b/drivers/power/power_supply_core.c +index 8a7cfb3..493e0a2 100644 +--- a/drivers/power/power_supply_core.c ++++ b/drivers/power/power_supply_core.c +@@ -24,7 +24,10 @@ + struct class *power_supply_class; + EXPORT_SYMBOL_GPL(power_supply_class); + +-static struct device_type power_supply_dev_type; ++extern const struct attribute_group *power_supply_attr_groups[]; ++static struct device_type power_supply_dev_type = { ++ .groups = power_supply_attr_groups, ++}; + + static int __power_supply_changed_work(struct device *dev, void *data) + { +@@ -393,7 +396,6 @@ static int __init power_supply_class_init(void) + return PTR_ERR(power_supply_class); + + power_supply_class->dev_uevent = power_supply_uevent; +- power_supply_init_attrs(&power_supply_dev_type); + + return 0; + } +diff --git a/drivers/power/power_supply_sysfs.c b/drivers/power/power_supply_sysfs.c +index 40fa3b7..d9c2e0e 100644 +--- a/drivers/power/power_supply_sysfs.c ++++ b/drivers/power/power_supply_sysfs.c +@@ -229,17 +229,15 @@ static struct attribute_group power_supply_attr_group = { + .is_visible = power_supply_attr_is_visible, + }; + +-static const struct attribute_group *power_supply_attr_groups[] = { ++const struct attribute_group *power_supply_attr_groups[] = { + &power_supply_attr_group, + NULL, + }; + +-void power_supply_init_attrs(struct device_type *dev_type) ++void power_supply_init_attrs(void) + { + int i; + +- dev_type->groups = power_supply_attr_groups; +- + for (i = 0; i < ARRAY_SIZE(power_supply_attrs); i++) + __power_supply_attrs[i] = &power_supply_attrs[i].attr; + } diff --git a/drivers/regulator/max8660.c b/drivers/regulator/max8660.c index 4d7c635..9860196 100644 --- a/drivers/regulator/max8660.c @@ -38928,6 +40571,21 @@ index 0d84b1f..c2da6ac 100644 mc13xxx_data = mc13xxx_parse_regulators_dt(pdev, mc13892_regulators, ARRAY_SIZE(mc13892_regulators)); +diff --git a/drivers/rtc/rtc-cmos.c b/drivers/rtc/rtc-cmos.c +index 16630aa..6afc992 100644 +--- a/drivers/rtc/rtc-cmos.c ++++ b/drivers/rtc/rtc-cmos.c +@@ -724,7 +724,9 @@ cmos_do_probe(struct device *dev, struct resource *ports, int rtc_irq) + hpet_rtc_timer_init(); + + /* export at least the first block of NVRAM */ +- nvram.size = address_space - NVRAM_OFFSET; ++ pax_open_kernel(); ++ *(size_t *)&nvram.size = address_space - NVRAM_OFFSET; ++ pax_close_kernel(); + retval = sysfs_create_bin_file(&dev->kobj, &nvram); + if (retval < 0) { + dev_dbg(dev, "can't create nvram file? %d\n", retval); diff --git a/drivers/rtc/rtc-dev.c b/drivers/rtc/rtc-dev.c index 9a86b4b..3a383dc 100644 --- a/drivers/rtc/rtc-dev.c @@ -38949,19 +40607,34 @@ index 9a86b4b..3a383dc 100644 return rtc_set_time(rtc, &tm); case RTC_PIE_ON: -diff --git a/drivers/scsi/bfa/bfa.h b/drivers/scsi/bfa/bfa.h -index 4ad7e36..d004679 100644 ---- a/drivers/scsi/bfa/bfa.h -+++ b/drivers/scsi/bfa/bfa.h -@@ -196,7 +196,7 @@ struct bfa_hwif_s { - u32 *end); - int cpe_vec_q0; - int rme_vec_q0; --}; -+} __no_const; - typedef void (*bfa_cb_iocfc_t) (void *cbarg, enum bfa_status status); +diff --git a/drivers/rtc/rtc-ds1307.c b/drivers/rtc/rtc-ds1307.c +index e0d0ba4..3c65868 100644 +--- a/drivers/rtc/rtc-ds1307.c ++++ b/drivers/rtc/rtc-ds1307.c +@@ -106,7 +106,7 @@ struct ds1307 { + u8 offset; /* register's offset */ + u8 regs[11]; + u16 nvram_offset; +- struct bin_attribute *nvram; ++ bin_attribute_no_const *nvram; + enum ds_type type; + unsigned long flags; + #define HAS_NVRAM 0 /* bit 0 == sysfs file active */ +diff --git a/drivers/rtc/rtc-m48t59.c b/drivers/rtc/rtc-m48t59.c +index 130f29a..6179d03 100644 +--- a/drivers/rtc/rtc-m48t59.c ++++ b/drivers/rtc/rtc-m48t59.c +@@ -482,7 +482,9 @@ static int m48t59_rtc_probe(struct platform_device *pdev) + goto out; + } + +- m48t59_nvram_attr.size = pdata->offset; ++ pax_open_kernel(); ++ *(size_t *)&m48t59_nvram_attr.size = pdata->offset; ++ pax_close_kernel(); - struct bfa_faa_cbfn_s { + ret = sysfs_create_bin_file(&pdev->dev.kobj, &m48t59_nvram_attr); + if (ret) { diff --git a/drivers/scsi/bfa/bfa_fcpim.h b/drivers/scsi/bfa/bfa_fcpim.h index e693af6..2e525b6 100644 --- a/drivers/scsi/bfa/bfa_fcpim.h @@ -39912,6 +41585,19 @@ index 19ee901..6e8c2ef 100644 static u8 *buf; +diff --git a/drivers/staging/iio/iio_hwmon.c b/drivers/staging/iio/iio_hwmon.c +index c7a5f97..71ecd35 100644 +--- a/drivers/staging/iio/iio_hwmon.c ++++ b/drivers/staging/iio/iio_hwmon.c +@@ -72,7 +72,7 @@ static void iio_hwmon_free_attrs(struct iio_hwmon_state *st) + static int iio_hwmon_probe(struct platform_device *pdev) + { + struct iio_hwmon_state *st; +- struct sensor_device_attribute *a; ++ sensor_device_attribute_no_const *a; + int ret, i; + int in_i = 1, temp_i = 1, curr_i = 1; + enum iio_chan_type type; diff --git a/drivers/staging/octeon/ethernet-rx.c b/drivers/staging/octeon/ethernet-rx.c index 34afc16..ffe44dd 100644 --- a/drivers/staging/octeon/ethernet-rx.c @@ -41750,6 +43436,75 @@ index 35f10bf..6a38a0b 100644 if (!left--) { if (instance->disconnected) +diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c +index 5f0cb41..122d056 100644 +--- a/drivers/usb/class/cdc-wdm.c ++++ b/drivers/usb/class/cdc-wdm.c +@@ -56,6 +56,7 @@ MODULE_DEVICE_TABLE (usb, wdm_ids); + #define WDM_RESPONDING 7 + #define WDM_SUSPENDING 8 + #define WDM_RESETTING 9 ++#define WDM_OVERFLOW 10 + + #define WDM_MAX 16 + +@@ -155,6 +156,7 @@ static void wdm_in_callback(struct urb *urb) + { + struct wdm_device *desc = urb->context; + int status = urb->status; ++ int length = urb->actual_length; + + spin_lock(&desc->iuspin); + clear_bit(WDM_RESPONDING, &desc->flags); +@@ -185,9 +187,17 @@ static void wdm_in_callback(struct urb *urb) + } + + desc->rerr = status; +- desc->reslength = urb->actual_length; +- memmove(desc->ubuf + desc->length, desc->inbuf, desc->reslength); +- desc->length += desc->reslength; ++ if (length + desc->length > desc->wMaxCommand) { ++ /* The buffer would overflow */ ++ set_bit(WDM_OVERFLOW, &desc->flags); ++ } else { ++ /* we may already be in overflow */ ++ if (!test_bit(WDM_OVERFLOW, &desc->flags)) { ++ memmove(desc->ubuf + desc->length, desc->inbuf, length); ++ desc->length += length; ++ desc->reslength = length; ++ } ++ } + skip_error: + wake_up(&desc->wait); + +@@ -435,6 +445,11 @@ retry: + rv = -ENODEV; + goto err; + } ++ if (test_bit(WDM_OVERFLOW, &desc->flags)) { ++ clear_bit(WDM_OVERFLOW, &desc->flags); ++ rv = -ENOBUFS; ++ goto err; ++ } + i++; + if (file->f_flags & O_NONBLOCK) { + if (!test_bit(WDM_READ, &desc->flags)) { +@@ -478,6 +493,7 @@ retry: + spin_unlock_irq(&desc->iuspin); + goto retry; + } ++ + if (!desc->reslength) { /* zero length read */ + dev_dbg(&desc->intf->dev, "%s: zero length - clearing WDM_READ\n", __func__); + clear_bit(WDM_READ, &desc->flags); +@@ -1004,6 +1020,7 @@ static int wdm_post_reset(struct usb_interface *intf) + struct wdm_device *desc = wdm_find_device(intf); + int rv; + ++ clear_bit(WDM_OVERFLOW, &desc->flags); + clear_bit(WDM_RESETTING, &desc->flags); + rv = recover_from_urb_loss(desc); + mutex_unlock(&desc->wlock); diff --git a/drivers/usb/core/devices.c b/drivers/usb/core/devices.c index cbacea9..246cccd 100644 --- a/drivers/usb/core/devices.c @@ -41986,6 +43741,19 @@ index 5f3bcd3..bfca43f 100644 usb_autopm_put_interface(serial->interface); error_get_interface: usb_serial_put(serial); +diff --git a/drivers/usb/storage/usb.h b/drivers/usb/storage/usb.h +index 75f70f0..d467e1a 100644 +--- a/drivers/usb/storage/usb.h ++++ b/drivers/usb/storage/usb.h +@@ -63,7 +63,7 @@ struct us_unusual_dev { + __u8 useProtocol; + __u8 useTransport; + int (*initFunction)(struct us_data *); +-}; ++} __do_const; + + + /* Dynamic bitflag definitions (us->dflags): used in set_bit() etc. */ diff --git a/drivers/usb/wusbcore/wa-hc.h b/drivers/usb/wusbcore/wa-hc.h index d6bea3e..60b250e 100644 --- a/drivers/usb/wusbcore/wa-hc.h @@ -42034,6 +43802,87 @@ index 8c55011..eed4ae1a 100644 "AGP", "PCI", "PRO AGP", +diff --git a/drivers/video/aty/atyfb_base.c b/drivers/video/aty/atyfb_base.c +index 4f27fdc..d3537e6 100644 +--- a/drivers/video/aty/atyfb_base.c ++++ b/drivers/video/aty/atyfb_base.c +@@ -1325,10 +1325,14 @@ static int atyfb_set_par(struct fb_info *info) + par->accel_flags = var->accel_flags; /* hack */ + + if (var->accel_flags) { +- info->fbops->fb_sync = atyfb_sync; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_sync = atyfb_sync; ++ pax_close_kernel(); + info->flags &= ~FBINFO_HWACCEL_DISABLED; + } else { +- info->fbops->fb_sync = NULL; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_sync = NULL; ++ pax_close_kernel(); + info->flags |= FBINFO_HWACCEL_DISABLED; + } + +diff --git a/drivers/video/aty/mach64_cursor.c b/drivers/video/aty/mach64_cursor.c +index 95ec042..e6affdd 100644 +--- a/drivers/video/aty/mach64_cursor.c ++++ b/drivers/video/aty/mach64_cursor.c +@@ -7,6 +7,7 @@ + #include + + #include ++#include + + #ifdef __sparc__ + #include +@@ -208,7 +209,9 @@ int aty_init_cursor(struct fb_info *info) + info->sprite.buf_align = 16; /* and 64 lines tall. */ + info->sprite.flags = FB_PIXMAP_IO; + +- info->fbops->fb_cursor = atyfb_cursor; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_cursor = atyfb_cursor; ++ pax_close_kernel(); + + return 0; + } +diff --git a/drivers/video/backlight/kb3886_bl.c b/drivers/video/backlight/kb3886_bl.c +index 6c5ed6b..b727c88 100644 +--- a/drivers/video/backlight/kb3886_bl.c ++++ b/drivers/video/backlight/kb3886_bl.c +@@ -78,7 +78,7 @@ static struct kb3886bl_machinfo *bl_machinfo; + static unsigned long kb3886bl_flags; + #define KB3886BL_SUSPENDED 0x01 + +-static struct dmi_system_id __initdata kb3886bl_device_table[] = { ++static const struct dmi_system_id __initconst kb3886bl_device_table[] = { + { + .ident = "Sahara Touch-iT", + .matches = { +diff --git a/drivers/video/fb_defio.c b/drivers/video/fb_defio.c +index 88cad6b..dd746c7 100644 +--- a/drivers/video/fb_defio.c ++++ b/drivers/video/fb_defio.c +@@ -206,7 +206,9 @@ void fb_deferred_io_init(struct fb_info *info) + + BUG_ON(!fbdefio); + mutex_init(&fbdefio->lock); +- info->fbops->fb_mmap = fb_deferred_io_mmap; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_mmap = fb_deferred_io_mmap; ++ pax_close_kernel(); + INIT_DELAYED_WORK(&info->deferred_work, fb_deferred_io_work); + INIT_LIST_HEAD(&fbdefio->pagelist); + if (fbdefio->delay == 0) /* set a default of 1 s */ +@@ -237,7 +239,7 @@ void fb_deferred_io_cleanup(struct fb_info *info) + page->mapping = NULL; + } + +- info->fbops->fb_mmap = NULL; ++ *(void **)&info->fbops->fb_mmap = NULL; + mutex_destroy(&fbdefio->lock); + } + EXPORT_SYMBOL_GPL(fb_deferred_io_cleanup); diff --git a/drivers/video/fbcmap.c b/drivers/video/fbcmap.c index 5c3960d..15cf8fc 100644 --- a/drivers/video/fbcmap.c @@ -44820,8 +46669,119 @@ index 3c14e43..eafa544 100644 +4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 +4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 +4 4 4 4 4 4 +diff --git a/drivers/video/mb862xx/mb862xxfb_accel.c b/drivers/video/mb862xx/mb862xxfb_accel.c +index fe92eed..106e085 100644 +--- a/drivers/video/mb862xx/mb862xxfb_accel.c ++++ b/drivers/video/mb862xx/mb862xxfb_accel.c +@@ -312,14 +312,18 @@ void mb862xxfb_init_accel(struct fb_info *info, int xres) + struct mb862xxfb_par *par = info->par; + + if (info->var.bits_per_pixel == 32) { +- info->fbops->fb_fillrect = cfb_fillrect; +- info->fbops->fb_copyarea = cfb_copyarea; +- info->fbops->fb_imageblit = cfb_imageblit; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_fillrect = cfb_fillrect; ++ *(void **)&info->fbops->fb_copyarea = cfb_copyarea; ++ *(void **)&info->fbops->fb_imageblit = cfb_imageblit; ++ pax_close_kernel(); + } else { + outreg(disp, GC_L0EM, 3); +- info->fbops->fb_fillrect = mb86290fb_fillrect; +- info->fbops->fb_copyarea = mb86290fb_copyarea; +- info->fbops->fb_imageblit = mb86290fb_imageblit; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_fillrect = mb86290fb_fillrect; ++ *(void **)&info->fbops->fb_copyarea = mb86290fb_copyarea; ++ *(void **)&info->fbops->fb_imageblit = mb86290fb_imageblit; ++ pax_close_kernel(); + } + outreg(draw, GDC_REG_DRAW_BASE, 0); + outreg(draw, GDC_REG_MODE_MISC, 0x8000); +diff --git a/drivers/video/nvidia/nvidia.c b/drivers/video/nvidia/nvidia.c +index ff22871..b129bed 100644 +--- a/drivers/video/nvidia/nvidia.c ++++ b/drivers/video/nvidia/nvidia.c +@@ -669,19 +669,23 @@ static int nvidiafb_set_par(struct fb_info *info) + info->fix.line_length = (info->var.xres_virtual * + info->var.bits_per_pixel) >> 3; + if (info->var.accel_flags) { +- info->fbops->fb_imageblit = nvidiafb_imageblit; +- info->fbops->fb_fillrect = nvidiafb_fillrect; +- info->fbops->fb_copyarea = nvidiafb_copyarea; +- info->fbops->fb_sync = nvidiafb_sync; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_imageblit = nvidiafb_imageblit; ++ *(void **)&info->fbops->fb_fillrect = nvidiafb_fillrect; ++ *(void **)&info->fbops->fb_copyarea = nvidiafb_copyarea; ++ *(void **)&info->fbops->fb_sync = nvidiafb_sync; ++ pax_close_kernel(); + info->pixmap.scan_align = 4; + info->flags &= ~FBINFO_HWACCEL_DISABLED; + info->flags |= FBINFO_READS_FAST; + NVResetGraphics(info); + } else { +- info->fbops->fb_imageblit = cfb_imageblit; +- info->fbops->fb_fillrect = cfb_fillrect; +- info->fbops->fb_copyarea = cfb_copyarea; +- info->fbops->fb_sync = NULL; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_imageblit = cfb_imageblit; ++ *(void **)&info->fbops->fb_fillrect = cfb_fillrect; ++ *(void **)&info->fbops->fb_copyarea = cfb_copyarea; ++ *(void **)&info->fbops->fb_sync = NULL; ++ pax_close_kernel(); + info->pixmap.scan_align = 1; + info->flags |= FBINFO_HWACCEL_DISABLED; + info->flags &= ~FBINFO_READS_FAST; +@@ -1173,8 +1177,11 @@ static int nvidia_set_fbinfo(struct fb_info *info) + info->pixmap.size = 8 * 1024; + info->pixmap.flags = FB_PIXMAP_SYSTEM; + +- if (!hwcur) +- info->fbops->fb_cursor = NULL; ++ if (!hwcur) { ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_cursor = NULL; ++ pax_close_kernel(); ++ } + + info->var.accel_flags = (!noaccel); + +diff --git a/drivers/video/s1d13xxxfb.c b/drivers/video/s1d13xxxfb.c +index 76d9053..dec2bfd 100644 +--- a/drivers/video/s1d13xxxfb.c ++++ b/drivers/video/s1d13xxxfb.c +@@ -881,8 +881,10 @@ static int s1d13xxxfb_probe(struct platform_device *pdev) + + switch(prod_id) { + case S1D13506_PROD_ID: /* activate acceleration */ +- s1d13xxxfb_fbops.fb_fillrect = s1d13xxxfb_bitblt_solidfill; +- s1d13xxxfb_fbops.fb_copyarea = s1d13xxxfb_bitblt_copyarea; ++ pax_open_kernel(); ++ *(void **)&s1d13xxxfb_fbops.fb_fillrect = s1d13xxxfb_bitblt_solidfill; ++ *(void **)&s1d13xxxfb_fbops.fb_copyarea = s1d13xxxfb_bitblt_copyarea; ++ pax_close_kernel(); + info->flags = FBINFO_DEFAULT | FBINFO_HWACCEL_YPAN | + FBINFO_HWACCEL_FILLRECT | FBINFO_HWACCEL_COPYAREA; + break; +diff --git a/drivers/video/smscufx.c b/drivers/video/smscufx.c +index 97bd662..39fab85 100644 +--- a/drivers/video/smscufx.c ++++ b/drivers/video/smscufx.c +@@ -1171,7 +1171,9 @@ static int ufx_ops_release(struct fb_info *info, int user) + fb_deferred_io_cleanup(info); + kfree(info->fbdefio); + info->fbdefio = NULL; +- info->fbops->fb_mmap = ufx_ops_mmap; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_mmap = ufx_ops_mmap; ++ pax_close_kernel(); + } + + pr_debug("released /dev/fb%d user=%d count=%d", diff --git a/drivers/video/udlfb.c b/drivers/video/udlfb.c -index 86d449e..af6a7f7 100644 +index 86d449e..8e04dc5 100644 --- a/drivers/video/udlfb.c +++ b/drivers/video/udlfb.c @@ -619,11 +619,11 @@ int dlfb_handle_damage(struct dlfb_data *dev, int x, int y, @@ -44856,7 +46816,18 @@ index 86d449e..af6a7f7 100644 >> 10)), /* Kcycles */ &dev->cpu_kcycles_used); } -@@ -1372,7 +1372,7 @@ static ssize_t metrics_bytes_rendered_show(struct device *fbdev, +@@ -989,7 +989,9 @@ static int dlfb_ops_release(struct fb_info *info, int user) + fb_deferred_io_cleanup(info); + kfree(info->fbdefio); + info->fbdefio = NULL; +- info->fbops->fb_mmap = dlfb_ops_mmap; ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_mmap = dlfb_ops_mmap; ++ pax_close_kernel(); + } + + pr_warn("released /dev/fb%d user=%d count=%d\n", +@@ -1372,7 +1374,7 @@ static ssize_t metrics_bytes_rendered_show(struct device *fbdev, struct fb_info *fb_info = dev_get_drvdata(fbdev); struct dlfb_data *dev = fb_info->par; return snprintf(buf, PAGE_SIZE, "%u\n", @@ -44865,7 +46836,7 @@ index 86d449e..af6a7f7 100644 } static ssize_t metrics_bytes_identical_show(struct device *fbdev, -@@ -1380,7 +1380,7 @@ static ssize_t metrics_bytes_identical_show(struct device *fbdev, +@@ -1380,7 +1382,7 @@ static ssize_t metrics_bytes_identical_show(struct device *fbdev, struct fb_info *fb_info = dev_get_drvdata(fbdev); struct dlfb_data *dev = fb_info->par; return snprintf(buf, PAGE_SIZE, "%u\n", @@ -44874,7 +46845,7 @@ index 86d449e..af6a7f7 100644 } static ssize_t metrics_bytes_sent_show(struct device *fbdev, -@@ -1388,7 +1388,7 @@ static ssize_t metrics_bytes_sent_show(struct device *fbdev, +@@ -1388,7 +1390,7 @@ static ssize_t metrics_bytes_sent_show(struct device *fbdev, struct fb_info *fb_info = dev_get_drvdata(fbdev); struct dlfb_data *dev = fb_info->par; return snprintf(buf, PAGE_SIZE, "%u\n", @@ -44883,7 +46854,7 @@ index 86d449e..af6a7f7 100644 } static ssize_t metrics_cpu_kcycles_used_show(struct device *fbdev, -@@ -1396,7 +1396,7 @@ static ssize_t metrics_cpu_kcycles_used_show(struct device *fbdev, +@@ -1396,7 +1398,7 @@ static ssize_t metrics_cpu_kcycles_used_show(struct device *fbdev, struct fb_info *fb_info = dev_get_drvdata(fbdev); struct dlfb_data *dev = fb_info->par; return snprintf(buf, PAGE_SIZE, "%u\n", @@ -44892,7 +46863,7 @@ index 86d449e..af6a7f7 100644 } static ssize_t edid_show( -@@ -1456,10 +1456,10 @@ static ssize_t metrics_reset_store(struct device *fbdev, +@@ -1456,10 +1458,10 @@ static ssize_t metrics_reset_store(struct device *fbdev, struct fb_info *fb_info = dev_get_drvdata(fbdev); struct dlfb_data *dev = fb_info->par; @@ -44908,7 +46879,7 @@ index 86d449e..af6a7f7 100644 return count; } diff --git a/drivers/video/uvesafb.c b/drivers/video/uvesafb.c -index b75db01..5631c6d 100644 +index b75db01..ad2f34a 100644 --- a/drivers/video/uvesafb.c +++ b/drivers/video/uvesafb.c @@ -19,6 +19,7 @@ @@ -44969,7 +46940,35 @@ index b75db01..5631c6d 100644 } #else /* The protected mode interface is not available on non-x86. */ -@@ -1836,6 +1860,11 @@ out: +@@ -1457,8 +1481,11 @@ static void uvesafb_init_info(struct fb_info *info, struct vbe_mode_ib *mode) + info->fix.ywrapstep = (par->ypan > 1) ? 1 : 0; + + /* Disable blanking if the user requested so. */ +- if (!blank) +- info->fbops->fb_blank = NULL; ++ if (!blank) { ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_blank = NULL; ++ pax_close_kernel(); ++ } + + /* + * Find out how much IO memory is required for the mode with +@@ -1534,8 +1561,11 @@ static void uvesafb_init_info(struct fb_info *info, struct vbe_mode_ib *mode) + info->flags = FBINFO_FLAG_DEFAULT | + (par->ypan ? FBINFO_HWACCEL_YPAN : 0); + +- if (!par->ypan) +- info->fbops->fb_pan_display = NULL; ++ if (!par->ypan) { ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_pan_display = NULL; ++ pax_close_kernel(); ++ } + } + + static void uvesafb_init_mtrr(struct fb_info *info) +@@ -1836,6 +1866,11 @@ out: if (par->vbe_modes) kfree(par->vbe_modes); @@ -44981,7 +46980,7 @@ index b75db01..5631c6d 100644 framebuffer_release(info); return err; } -@@ -1862,6 +1891,12 @@ static int uvesafb_remove(struct platform_device *dev) +@@ -1862,6 +1897,12 @@ static int uvesafb_remove(struct platform_device *dev) kfree(par->vbe_state_orig); if (par->vbe_state_saved) kfree(par->vbe_state_saved); @@ -44995,7 +46994,7 @@ index b75db01..5631c6d 100644 framebuffer_release(info); diff --git a/drivers/video/vesafb.c b/drivers/video/vesafb.c -index 501b340..86bd4cf 100644 +index 501b340..d80aa17 100644 --- a/drivers/video/vesafb.c +++ b/drivers/video/vesafb.c @@ -9,6 +9,7 @@ @@ -45088,7 +47087,21 @@ index 501b340..86bd4cf 100644 printk(KERN_INFO "vesafb: pmi: set display start = %p, set palette = %p\n",pmi_start,pmi_pal); if (pmi_base[3]) { printk(KERN_INFO "vesafb: pmi: ports = "); -@@ -488,6 +514,11 @@ static int __init vesafb_probe(struct platform_device *dev) +@@ -472,8 +498,11 @@ static int __init vesafb_probe(struct platform_device *dev) + info->flags = FBINFO_FLAG_DEFAULT | FBINFO_MISC_FIRMWARE | + (ypan ? FBINFO_HWACCEL_YPAN : 0); + +- if (!ypan) +- info->fbops->fb_pan_display = NULL; ++ if (!ypan) { ++ pax_open_kernel(); ++ *(void **)&info->fbops->fb_pan_display = NULL; ++ pax_close_kernel(); ++ } + + if (fb_alloc_cmap(&info->cmap, 256, 0) < 0) { + err = -ENOMEM; +@@ -488,6 +517,11 @@ static int __init vesafb_probe(struct platform_device *dev) info->node, info->fix.id); return 0; err: @@ -45345,7 +47358,7 @@ index 6043567..16a9239 100644 fd_offset + ex.a_text); if (error != N_DATADDR(ex)) { diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c -index 0c42cdb..f4be023 100644 +index 0c42cdb..9551bb8 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -33,6 +33,7 @@ @@ -45842,7 +47855,7 @@ index 0c42cdb..f4be023 100644 loc = kmalloc(sizeof(*loc), GFP_KERNEL); if (!loc) { -@@ -715,11 +1050,81 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -715,11 +1050,82 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; /* OK, This is the point of no return */ @@ -45863,6 +47876,7 @@ index 0c42cdb..f4be023 100644 +#ifdef CONFIG_PAX_ASLR + current->mm->delta_mmap = 0UL; + current->mm->delta_stack = 0UL; ++ current->mm->aslr_gap = 0UL; +#endif + + current->mm->def_flags = 0; @@ -45925,7 +47939,7 @@ index 0c42cdb..f4be023 100644 if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -810,6 +1215,20 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -810,6 +1216,20 @@ static int load_elf_binary(struct linux_binprm *bprm) #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #endif @@ -45946,7 +47960,7 @@ index 0c42cdb..f4be023 100644 } error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, -@@ -842,9 +1261,9 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -842,9 +1262,9 @@ static int load_elf_binary(struct linux_binprm *bprm) * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -45959,7 +47973,7 @@ index 0c42cdb..f4be023 100644 /* set_brk can never work. Avoid overflows. */ send_sig(SIGKILL, current, 0); retval = -EINVAL; -@@ -883,17 +1302,44 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -883,17 +1303,44 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; } if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -45985,7 +47999,7 @@ index 0c42cdb..f4be023 100644 + unsigned long prot = PROT_NONE; + + up_read(¤t->mm->mmap_sem); -+ current->mm->brk_gap = PAGE_ALIGN(size) >> PAGE_SHIFT; ++ current->mm->aslr_gap += PAGE_ALIGN(size) >> PAGE_SHIFT; +// if (current->personality & ADDR_NO_RANDOMIZE) +// prot = PROT_READ; + start = vm_mmap(NULL, start, size, prot, MAP_ANONYMOUS | MAP_FIXED | MAP_PRIVATE, 0); @@ -46010,7 +48024,7 @@ index 0c42cdb..f4be023 100644 load_bias); if (!IS_ERR((void *)elf_entry)) { /* -@@ -1115,7 +1561,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) +@@ -1115,7 +1562,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -46019,7 +48033,7 @@ index 0c42cdb..f4be023 100644 { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1152,7 +1598,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, +@@ -1152,7 +1599,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, if (vma->vm_file == NULL) return 0; @@ -46028,7 +48042,7 @@ index 0c42cdb..f4be023 100644 goto whole; /* -@@ -1374,9 +1820,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) +@@ -1374,9 +1821,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -46040,7 +48054,7 @@ index 0c42cdb..f4be023 100644 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -2006,14 +2452,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, +@@ -2006,14 +2453,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, } static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma, @@ -46057,7 +48071,7 @@ index 0c42cdb..f4be023 100644 return size; } -@@ -2107,7 +2553,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2107,7 +2554,7 @@ static int elf_core_dump(struct coredump_params *cprm) dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); @@ -46066,7 +48080,7 @@ index 0c42cdb..f4be023 100644 offset += elf_core_extra_data_size(); e_shoff = offset; -@@ -2121,10 +2567,12 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2121,10 +2568,12 @@ static int elf_core_dump(struct coredump_params *cprm) offset = dataoff; size += sizeof(*elf); @@ -46079,7 +48093,7 @@ index 0c42cdb..f4be023 100644 if (size > cprm->limit || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note))) goto end_coredump; -@@ -2138,7 +2586,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2138,7 +2587,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; @@ -46088,7 +48102,7 @@ index 0c42cdb..f4be023 100644 phdr.p_memsz = vma->vm_end - vma->vm_start; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; -@@ -2149,6 +2597,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2149,6 +2598,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_align = ELF_EXEC_PAGESIZE; size += sizeof(phdr); @@ -46096,7 +48110,7 @@ index 0c42cdb..f4be023 100644 if (size > cprm->limit || !dump_write(cprm->file, &phdr, sizeof(phdr))) goto end_coredump; -@@ -2173,7 +2622,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2173,7 +2623,7 @@ static int elf_core_dump(struct coredump_params *cprm) unsigned long addr; unsigned long end; @@ -46105,7 +48119,7 @@ index 0c42cdb..f4be023 100644 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { struct page *page; -@@ -2182,6 +2631,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2182,6 +2632,7 @@ static int elf_core_dump(struct coredump_params *cprm) page = get_dump_page(addr); if (page) { void *kaddr = kmap(page); @@ -46113,7 +48127,7 @@ index 0c42cdb..f4be023 100644 stop = ((size += PAGE_SIZE) > cprm->limit) || !dump_write(cprm->file, kaddr, PAGE_SIZE); -@@ -2199,6 +2649,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2199,6 +2650,7 @@ static int elf_core_dump(struct coredump_params *cprm) if (e_phnum == PN_XNUM) { size += sizeof(*shdr4extnum); @@ -46121,7 +48135,7 @@ index 0c42cdb..f4be023 100644 if (size > cprm->limit || !dump_write(cprm->file, shdr4extnum, sizeof(*shdr4extnum))) -@@ -2219,6 +2670,97 @@ out: +@@ -2219,6 +2671,97 @@ out: #endif /* CONFIG_ELF_CORE */ @@ -46320,10 +48334,10 @@ index eea5da7..88fead70 100644 WARN_ON(trans->transid != btrfs_header_generation(parent)); diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c -index cc93b23..f3c42bf 100644 +index 659ea81..0f63c1a 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c -@@ -7296,7 +7296,7 @@ fail: +@@ -7300,7 +7300,7 @@ fail: return -ENOMEM; } @@ -46332,7 +48346,7 @@ index cc93b23..f3c42bf 100644 struct dentry *dentry, struct kstat *stat) { struct inode *inode = dentry->d_inode; -@@ -7310,6 +7310,14 @@ static int btrfs_getattr(struct vfsmount *mnt, +@@ -7314,6 +7314,14 @@ static int btrfs_getattr(struct vfsmount *mnt, return 0; } @@ -46613,10 +48627,10 @@ index d9ea6ed..1e6c8ac 100644 server->ops->print_stats(m, tcon); } diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c -index de7f916..6cb22a9 100644 +index e328339..322228b 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c -@@ -997,7 +997,7 @@ cifs_init_request_bufs(void) +@@ -1002,7 +1002,7 @@ cifs_init_request_bufs(void) /* cERROR(1, "CIFSMaxBufSize %d 0x%x",CIFSMaxBufSize,CIFSMaxBufSize); */ cifs_req_cachep = kmem_cache_create("cifs_request", CIFSMaxBufSize + max_hdr_size, 0, @@ -46625,7 +48639,7 @@ index de7f916..6cb22a9 100644 if (cifs_req_cachep == NULL) return -ENOMEM; -@@ -1024,7 +1024,7 @@ cifs_init_request_bufs(void) +@@ -1029,7 +1029,7 @@ cifs_init_request_bufs(void) efficient to alloc 1 per page off the slab compared to 17K (5page) alloc of large cifs buffers even when page debugging is on */ cifs_sm_req_cachep = kmem_cache_create("cifs_small_rq", @@ -46634,7 +48648,7 @@ index de7f916..6cb22a9 100644 NULL); if (cifs_sm_req_cachep == NULL) { mempool_destroy(cifs_req_poolp); -@@ -1109,8 +1109,8 @@ init_cifs(void) +@@ -1114,8 +1114,8 @@ init_cifs(void) atomic_set(&bufAllocCount, 0); atomic_set(&smBufAllocCount, 0); #ifdef CONFIG_CIFS_STATS2 @@ -46874,7 +48888,7 @@ index 47bc5a8..10decbe 100644 } diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c -index c9c7aa7..065056a 100644 +index bceffe7..cd1ae59 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -274,8 +274,8 @@ smb2_clear_stats(struct cifs_tcon *tcon) @@ -47058,9 +49072,18 @@ index 958ae0e..505c9d0 100644 return hit; diff --git a/fs/compat.c b/fs/compat.c -index 015e1e1..5ce8e54 100644 +index a06dcbc..dacb6d3 100644 --- a/fs/compat.c +++ b/fs/compat.c +@@ -54,7 +54,7 @@ + #include + #include "internal.h" + +-int compat_log = 1; ++int compat_log = 0; + + int compat_printk(const char *fmt, ...) + { @@ -490,7 +490,7 @@ compat_sys_io_setup(unsigned nr_reqs, u32 __user *ctx32p) set_fs(KERNEL_DS); @@ -47079,7 +49102,7 @@ index 015e1e1..5ce8e54 100644 goto out; if (nr_segs > fast_segs) { ret = -ENOMEM; -@@ -831,6 +831,7 @@ struct compat_old_linux_dirent { +@@ -835,6 +835,7 @@ struct compat_old_linux_dirent { struct compat_readdir_callback { struct compat_old_linux_dirent __user *dirent; @@ -47087,7 +49110,7 @@ index 015e1e1..5ce8e54 100644 int result; }; -@@ -848,6 +849,10 @@ static int compat_fillonedir(void *__buf, const char *name, int namlen, +@@ -852,6 +853,10 @@ static int compat_fillonedir(void *__buf, const char *name, int namlen, buf->result = -EOVERFLOW; return -EOVERFLOW; } @@ -47098,7 +49121,7 @@ index 015e1e1..5ce8e54 100644 buf->result++; dirent = buf->dirent; if (!access_ok(VERIFY_WRITE, dirent, -@@ -878,6 +883,7 @@ asmlinkage long compat_sys_old_readdir(unsigned int fd, +@@ -882,6 +887,7 @@ asmlinkage long compat_sys_old_readdir(unsigned int fd, buf.result = 0; buf.dirent = dirent; @@ -47106,7 +49129,7 @@ index 015e1e1..5ce8e54 100644 error = vfs_readdir(f.file, compat_fillonedir, &buf); if (buf.result) -@@ -897,6 +903,7 @@ struct compat_linux_dirent { +@@ -901,6 +907,7 @@ struct compat_linux_dirent { struct compat_getdents_callback { struct compat_linux_dirent __user *current_dir; struct compat_linux_dirent __user *previous; @@ -47114,7 +49137,7 @@ index 015e1e1..5ce8e54 100644 int count; int error; }; -@@ -918,6 +925,10 @@ static int compat_filldir(void *__buf, const char *name, int namlen, +@@ -922,6 +929,10 @@ static int compat_filldir(void *__buf, const char *name, int namlen, buf->error = -EOVERFLOW; return -EOVERFLOW; } @@ -47125,7 +49148,7 @@ index 015e1e1..5ce8e54 100644 dirent = buf->previous; if (dirent) { if (__put_user(offset, &dirent->d_off)) -@@ -963,6 +974,7 @@ asmlinkage long compat_sys_getdents(unsigned int fd, +@@ -967,6 +978,7 @@ asmlinkage long compat_sys_getdents(unsigned int fd, buf.previous = NULL; buf.count = count; buf.error = 0; @@ -47133,7 +49156,7 @@ index 015e1e1..5ce8e54 100644 error = vfs_readdir(f.file, compat_filldir, &buf); if (error >= 0) -@@ -983,6 +995,7 @@ asmlinkage long compat_sys_getdents(unsigned int fd, +@@ -987,6 +999,7 @@ asmlinkage long compat_sys_getdents(unsigned int fd, struct compat_getdents_callback64 { struct linux_dirent64 __user *current_dir; struct linux_dirent64 __user *previous; @@ -47141,7 +49164,7 @@ index 015e1e1..5ce8e54 100644 int count; int error; }; -@@ -999,6 +1012,10 @@ static int compat_filldir64(void * __buf, const char * name, int namlen, loff_t +@@ -1003,6 +1016,10 @@ static int compat_filldir64(void * __buf, const char * name, int namlen, loff_t buf->error = -EINVAL; /* only used if we fail.. */ if (reclen > buf->count) return -EINVAL; @@ -47152,7 +49175,7 @@ index 015e1e1..5ce8e54 100644 dirent = buf->previous; if (dirent) { -@@ -1048,13 +1065,14 @@ asmlinkage long compat_sys_getdents64(unsigned int fd, +@@ -1052,13 +1069,14 @@ asmlinkage long compat_sys_getdents64(unsigned int fd, buf.previous = NULL; buf.count = count; buf.error = 0; @@ -47469,7 +49492,7 @@ index b2a34a1..162fa69 100644 return rc; } diff --git a/fs/exec.c b/fs/exec.c -index 20df02c..5af5d91 100644 +index 20df02c..81c9e78 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -55,6 +55,17 @@ @@ -47509,6 +49532,26 @@ index 20df02c..5af5d91 100644 int suid_dumpable = 0; static LIST_HEAD(formats); +@@ -75,8 +98,8 @@ void __register_binfmt(struct linux_binfmt * fmt, int insert) + { + BUG_ON(!fmt); + write_lock(&binfmt_lock); +- insert ? list_add(&fmt->lh, &formats) : +- list_add_tail(&fmt->lh, &formats); ++ insert ? pax_list_add((struct list_head *)&fmt->lh, &formats) : ++ pax_list_add_tail((struct list_head *)&fmt->lh, &formats); + write_unlock(&binfmt_lock); + } + +@@ -85,7 +108,7 @@ EXPORT_SYMBOL(__register_binfmt); + void unregister_binfmt(struct linux_binfmt * fmt) + { + write_lock(&binfmt_lock); +- list_del(&fmt->lh); ++ pax_list_del((struct list_head *)&fmt->lh); + write_unlock(&binfmt_lock); + } + @@ -180,18 +203,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, int write) { @@ -47714,7 +49757,7 @@ index 20df02c..5af5d91 100644 /* mprotect_fixup is overkill to remove the temporary stack flags */ vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; -@@ -737,6 +776,27 @@ int setup_arg_pages(struct linux_binprm *bprm, +@@ -737,6 +776,30 @@ int setup_arg_pages(struct linux_binprm *bprm, #endif current->mm->start_stack = bprm->p; ret = expand_stack(vma, stack_base); @@ -47731,8 +49774,11 @@ index 20df02c..5af5d91 100644 + +#ifdef CONFIG_X86 + if (!ret) { ++ current->mm->aslr_gap += size >> PAGE_SHIFT; + size = mmap_min_addr + ((mm->delta_mmap ^ mm->delta_stack) & (0xFFUL << PAGE_SHIFT)); + ret = 0 != mmap_region(NULL, 0, size, flags, vm_flags, 0); ++ if (!ret) ++ current->mm->aslr_gap += size >> PAGE_SHIFT; + } +#endif + @@ -47742,7 +49788,7 @@ index 20df02c..5af5d91 100644 if (ret) ret = -EFAULT; -@@ -772,6 +832,8 @@ struct file *open_exec(const char *name) +@@ -772,6 +835,8 @@ struct file *open_exec(const char *name) fsnotify_open(file); @@ -47751,7 +49797,7 @@ index 20df02c..5af5d91 100644 err = deny_write_access(file); if (err) goto exit; -@@ -795,7 +857,7 @@ int kernel_read(struct file *file, loff_t offset, +@@ -795,7 +860,7 @@ int kernel_read(struct file *file, loff_t offset, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -47760,7 +49806,7 @@ index 20df02c..5af5d91 100644 set_fs(old_fs); return result; } -@@ -1247,7 +1309,7 @@ static int check_unsafe_exec(struct linux_binprm *bprm) +@@ -1247,7 +1312,7 @@ static int check_unsafe_exec(struct linux_binprm *bprm) } rcu_read_unlock(); @@ -47769,7 +49815,7 @@ index 20df02c..5af5d91 100644 bprm->unsafe |= LSM_UNSAFE_SHARE; } else { res = -EAGAIN; -@@ -1447,6 +1509,28 @@ int search_binary_handler(struct linux_binprm *bprm) +@@ -1447,6 +1512,28 @@ int search_binary_handler(struct linux_binprm *bprm) EXPORT_SYMBOL(search_binary_handler); @@ -47798,7 +49844,7 @@ index 20df02c..5af5d91 100644 /* * sys_execve() executes a new program. */ -@@ -1454,6 +1538,11 @@ static int do_execve_common(const char *filename, +@@ -1454,6 +1541,11 @@ static int do_execve_common(const char *filename, struct user_arg_ptr argv, struct user_arg_ptr envp) { @@ -47810,7 +49856,7 @@ index 20df02c..5af5d91 100644 struct linux_binprm *bprm; struct file *file; struct files_struct *displaced; -@@ -1461,6 +1550,8 @@ static int do_execve_common(const char *filename, +@@ -1461,6 +1553,8 @@ static int do_execve_common(const char *filename, int retval; const struct cred *cred = current_cred(); @@ -47819,7 +49865,7 @@ index 20df02c..5af5d91 100644 /* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs -@@ -1501,12 +1592,27 @@ static int do_execve_common(const char *filename, +@@ -1501,12 +1595,27 @@ static int do_execve_common(const char *filename, if (IS_ERR(file)) goto out_unmark; @@ -47847,7 +49893,7 @@ index 20df02c..5af5d91 100644 retval = bprm_mm_init(bprm); if (retval) goto out_file; -@@ -1523,24 +1629,65 @@ static int do_execve_common(const char *filename, +@@ -1523,24 +1632,65 @@ static int do_execve_common(const char *filename, if (retval < 0) goto out; @@ -47917,7 +49963,7 @@ index 20df02c..5af5d91 100644 current->fs->in_exec = 0; current->in_execve = 0; acct_update_integrals(current); -@@ -1549,6 +1696,14 @@ static int do_execve_common(const char *filename, +@@ -1549,6 +1699,14 @@ static int do_execve_common(const char *filename, put_files_struct(displaced); return retval; @@ -47932,7 +49978,7 @@ index 20df02c..5af5d91 100644 out: if (bprm->mm) { acct_arg_size(bprm, 0); -@@ -1697,3 +1852,253 @@ asmlinkage long compat_sys_execve(const char __user * filename, +@@ -1697,3 +1855,253 @@ asmlinkage long compat_sys_execve(const char __user * filename, return error; } #endif @@ -48221,7 +50267,7 @@ index 22548f5..41521d8 100644 } return 1; diff --git a/fs/ext4/balloc.c b/fs/ext4/balloc.c -index 2f2e0da..89b113a 100644 +index 92e68b3..115d987 100644 --- a/fs/ext4/balloc.c +++ b/fs/ext4/balloc.c @@ -505,8 +505,8 @@ static int ext4_has_free_clusters(struct ext4_sb_info *sbi, @@ -48270,7 +50316,7 @@ index 8462eb3..4a71af6 100644 /* locality groups */ diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c -index 061727a..7622abf 100644 +index 28bbf9b..75ca7c1 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1747,7 +1747,7 @@ void ext4_mb_simple_scan_group(struct ext4_allocation_context *ac, @@ -48386,6 +50432,19 @@ index 061727a..7622abf 100644 trace_ext4_mballoc_discard(sb, NULL, group, bit, pa->pa_len); return 0; +diff --git a/fs/ext4/super.c b/fs/ext4/super.c +index 5fa223d..12fa738 100644 +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -2429,7 +2429,7 @@ struct ext4_attr { + ssize_t (*store)(struct ext4_attr *, struct ext4_sb_info *, + const char *, size_t); + int offset; +-}; ++} __do_const; + + static int parse_strtoul(const char *buf, + unsigned long max, unsigned long *value) diff --git a/fs/fcntl.c b/fs/fcntl.c index 71a600a..20d87b1 100644 --- a/fs/fcntl.c @@ -50176,9 +52235,27 @@ index a6597d6..41b30ec 100644 /* diff --git a/fs/jfs/super.c b/fs/jfs/super.c -index 1a543be..d803c40 100644 +index 1a543be..a4e1363 100644 --- a/fs/jfs/super.c +++ b/fs/jfs/super.c +@@ -225,7 +225,7 @@ static const match_table_t tokens = { + static int parse_options(char *options, struct super_block *sb, s64 *newLVSize, + int *flag) + { +- void *nls_map = (void *)-1; /* -1: no change; NULL: none */ ++ const void *nls_map = (const void *)-1; /* -1: no change; NULL: none */ + char *p; + struct jfs_sb_info *sbi = JFS_SBI(sb); + +@@ -253,7 +253,7 @@ static int parse_options(char *options, struct super_block *sb, s64 *newLVSize, + /* Don't do anything ;-) */ + break; + case Opt_iocharset: +- if (nls_map && nls_map != (void *) -1) ++ if (nls_map && nls_map != (const void *) -1) + unload_nls(nls_map); + if (!strcmp(args[0].from, "none")) + nls_map = NULL; @@ -855,7 +855,7 @@ static int __init init_jfs_fs(void) jfs_inode_cachep = @@ -50260,7 +52337,7 @@ index a94e331..060bce3 100644 lock_flocks(); diff --git a/fs/namei.c b/fs/namei.c -index 43a97ee..4e585fd 100644 +index ec97aef..eedf4fe 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) @@ -50314,7 +52391,7 @@ index 43a97ee..4e585fd 100644 return -EACCES; } -@@ -826,7 +834,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -824,7 +832,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) { struct dentry *dentry = link->dentry; int error; @@ -50323,7 +52400,7 @@ index 43a97ee..4e585fd 100644 BUG_ON(nd->flags & LOOKUP_RCU); -@@ -847,6 +855,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) +@@ -845,6 +853,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) if (error) goto out_put_nd_path; @@ -50336,7 +52413,7 @@ index 43a97ee..4e585fd 100644 nd->last_type = LAST_BIND; *p = dentry->d_inode->i_op->follow_link(dentry, nd); error = PTR_ERR(*p); -@@ -1596,6 +1610,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) +@@ -1594,6 +1608,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) break; res = walk_component(nd, path, &nd->last, nd->last_type, LOOKUP_FOLLOW); @@ -50345,7 +52422,7 @@ index 43a97ee..4e585fd 100644 put_link(nd, &link, cookie); } while (res > 0); -@@ -1694,7 +1710,7 @@ EXPORT_SYMBOL(full_name_hash); +@@ -1692,7 +1708,7 @@ EXPORT_SYMBOL(full_name_hash); static inline unsigned long hash_name(const char *name, unsigned int *hashp) { unsigned long a, b, adata, bdata, mask, hash, len; @@ -50354,7 +52431,7 @@ index 43a97ee..4e585fd 100644 hash = a = 0; len = -sizeof(unsigned long); -@@ -1979,6 +1995,8 @@ static int path_lookupat(int dfd, const char *name, +@@ -1977,6 +1993,8 @@ static int path_lookupat(int dfd, const char *name, if (err) break; err = lookup_last(nd, &path); @@ -50363,7 +52440,7 @@ index 43a97ee..4e585fd 100644 put_link(nd, &link, cookie); } } -@@ -1986,6 +2004,19 @@ static int path_lookupat(int dfd, const char *name, +@@ -1984,6 +2002,19 @@ static int path_lookupat(int dfd, const char *name, if (!err) err = complete_walk(nd); @@ -50383,7 +52460,7 @@ index 43a97ee..4e585fd 100644 if (!err && nd->flags & LOOKUP_DIRECTORY) { if (!nd->inode->i_op->lookup) { path_put(&nd->path); -@@ -2013,8 +2044,17 @@ static int filename_lookup(int dfd, struct filename *name, +@@ -2011,8 +2042,17 @@ static int filename_lookup(int dfd, struct filename *name, retval = path_lookupat(dfd, name->name, flags | LOOKUP_REVAL, nd); @@ -50402,7 +52479,7 @@ index 43a97ee..4e585fd 100644 return retval; } -@@ -2392,6 +2432,13 @@ static int may_open(struct path *path, int acc_mode, int flag) +@@ -2390,6 +2430,13 @@ static int may_open(struct path *path, int acc_mode, int flag) if (flag & O_NOATIME && !inode_owner_or_capable(inode)) return -EPERM; @@ -50416,7 +52493,7 @@ index 43a97ee..4e585fd 100644 return 0; } -@@ -2613,7 +2660,7 @@ looked_up: +@@ -2611,7 +2658,7 @@ looked_up: * cleared otherwise prior to returning. */ static int lookup_open(struct nameidata *nd, struct path *path, @@ -50425,7 +52502,7 @@ index 43a97ee..4e585fd 100644 const struct open_flags *op, bool got_write, int *opened) { -@@ -2648,6 +2695,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2646,6 +2693,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, /* Negative dentry, just create the file */ if (!dentry->d_inode && (op->open_flag & O_CREAT)) { umode_t mode = op->mode; @@ -50443,7 +52520,7 @@ index 43a97ee..4e585fd 100644 if (!IS_POSIXACL(dir->d_inode)) mode &= ~current_umask(); /* -@@ -2669,6 +2727,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, +@@ -2667,6 +2725,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, nd->flags & LOOKUP_EXCL); if (error) goto out_dput; @@ -50452,7 +52529,7 @@ index 43a97ee..4e585fd 100644 } out_no_open: path->dentry = dentry; -@@ -2683,7 +2743,7 @@ out_dput: +@@ -2681,7 +2741,7 @@ out_dput: /* * Handle the last step of open() */ @@ -50461,7 +52538,7 @@ index 43a97ee..4e585fd 100644 struct file *file, const struct open_flags *op, int *opened, struct filename *name) { -@@ -2712,16 +2772,44 @@ static int do_last(struct nameidata *nd, struct path *path, +@@ -2710,16 +2770,44 @@ static int do_last(struct nameidata *nd, struct path *path, error = complete_walk(nd); if (error) return error; @@ -50506,7 +52583,7 @@ index 43a97ee..4e585fd 100644 audit_inode(name, dir, 0); goto finish_open; } -@@ -2770,7 +2858,7 @@ retry_lookup: +@@ -2768,7 +2856,7 @@ retry_lookup: */ } mutex_lock(&dir->d_inode->i_mutex); @@ -50515,7 +52592,7 @@ index 43a97ee..4e585fd 100644 mutex_unlock(&dir->d_inode->i_mutex); if (error <= 0) { -@@ -2794,11 +2882,28 @@ retry_lookup: +@@ -2792,11 +2880,28 @@ retry_lookup: goto finish_open_created; } @@ -50545,7 +52622,7 @@ index 43a97ee..4e585fd 100644 /* * If atomic_open() acquired write access it is dropped now due to -@@ -2839,6 +2944,11 @@ finish_lookup: +@@ -2837,6 +2942,11 @@ finish_lookup: } } BUG_ON(inode != path->dentry->d_inode); @@ -50557,7 +52634,7 @@ index 43a97ee..4e585fd 100644 return 1; } -@@ -2848,7 +2958,6 @@ finish_lookup: +@@ -2846,7 +2956,6 @@ finish_lookup: save_parent.dentry = nd->path.dentry; save_parent.mnt = mntget(path->mnt); nd->path.dentry = path->dentry; @@ -50565,7 +52642,7 @@ index 43a97ee..4e585fd 100644 } nd->inode = inode; /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ -@@ -2857,6 +2966,22 @@ finish_lookup: +@@ -2855,6 +2964,22 @@ finish_lookup: path_put(&save_parent); return error; } @@ -50588,7 +52665,7 @@ index 43a97ee..4e585fd 100644 error = -EISDIR; if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode)) goto out; -@@ -2955,7 +3080,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -2953,7 +3078,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, if (unlikely(error)) goto out; @@ -50597,7 +52674,7 @@ index 43a97ee..4e585fd 100644 while (unlikely(error > 0)) { /* trailing symlink */ struct path link = path; void *cookie; -@@ -2973,7 +3098,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, +@@ -2971,7 +3096,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, error = follow_link(&link, nd, &cookie); if (unlikely(error)) break; @@ -50606,7 +52683,7 @@ index 43a97ee..4e585fd 100644 put_link(nd, &link, cookie); } out: -@@ -3073,8 +3198,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname, +@@ -3071,8 +3196,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname, goto unlock; error = -EEXIST; @@ -50620,7 +52697,7 @@ index 43a97ee..4e585fd 100644 /* * Special case - lookup gave negative, but... we had foo/bar/ * From the vfs_mknod() POV we just have a negative dentry - -@@ -3126,6 +3255,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, +@@ -3124,6 +3253,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, } EXPORT_SYMBOL(user_path_create); @@ -50641,7 +52718,7 @@ index 43a97ee..4e585fd 100644 int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { int error = may_create(dir, dentry); -@@ -3188,6 +3331,17 @@ retry: +@@ -3186,6 +3329,17 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -50659,7 +52736,7 @@ index 43a97ee..4e585fd 100644 error = security_path_mknod(&path, dentry, mode, dev); if (error) goto out; -@@ -3204,6 +3358,8 @@ retry: +@@ -3202,6 +3356,8 @@ retry: break; } out: @@ -50668,7 +52745,7 @@ index 43a97ee..4e585fd 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3256,9 +3412,16 @@ retry: +@@ -3254,9 +3410,16 @@ retry: if (!IS_POSIXACL(path.dentry->d_inode)) mode &= ~current_umask(); @@ -50685,7 +52762,7 @@ index 43a97ee..4e585fd 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3339,6 +3502,8 @@ static long do_rmdir(int dfd, const char __user *pathname) +@@ -3337,6 +3500,8 @@ static long do_rmdir(int dfd, const char __user *pathname) struct filename *name; struct dentry *dentry; struct nameidata nd; @@ -50694,7 +52771,7 @@ index 43a97ee..4e585fd 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3371,10 +3536,21 @@ retry: +@@ -3369,10 +3534,21 @@ retry: error = -ENOENT; goto exit3; } @@ -50716,7 +52793,7 @@ index 43a97ee..4e585fd 100644 exit3: dput(dentry); exit2: -@@ -3440,6 +3616,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) +@@ -3438,6 +3614,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) struct dentry *dentry; struct nameidata nd; struct inode *inode = NULL; @@ -50725,7 +52802,7 @@ index 43a97ee..4e585fd 100644 unsigned int lookup_flags = 0; retry: name = user_path_parent(dfd, pathname, &nd, lookup_flags); -@@ -3466,10 +3644,22 @@ retry: +@@ -3464,10 +3642,22 @@ retry: if (!inode) goto slashes; ihold(inode); @@ -50748,7 +52825,7 @@ index 43a97ee..4e585fd 100644 exit2: dput(dentry); } -@@ -3547,9 +3737,17 @@ retry: +@@ -3545,9 +3735,17 @@ retry: if (IS_ERR(dentry)) goto out_putname; @@ -50766,7 +52843,7 @@ index 43a97ee..4e585fd 100644 done_path_create(&path, dentry); if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; -@@ -3623,6 +3821,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, +@@ -3621,6 +3819,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, { struct dentry *new_dentry; struct path old_path, new_path; @@ -50774,7 +52851,7 @@ index 43a97ee..4e585fd 100644 int how = 0; int error; -@@ -3646,7 +3845,7 @@ retry: +@@ -3644,7 +3843,7 @@ retry: if (error) return error; @@ -50783,7 +52860,7 @@ index 43a97ee..4e585fd 100644 (how & LOOKUP_REVAL)); error = PTR_ERR(new_dentry); if (IS_ERR(new_dentry)) -@@ -3658,11 +3857,28 @@ retry: +@@ -3656,11 +3855,28 @@ retry: error = may_linkat(&old_path); if (unlikely(error)) goto out_dput; @@ -50812,7 +52889,7 @@ index 43a97ee..4e585fd 100644 done_path_create(&new_path, new_dentry); if (retry_estale(error, how)) { how |= LOOKUP_REVAL; -@@ -3908,12 +4124,21 @@ retry: +@@ -3906,12 +4122,21 @@ retry: if (new_dentry == trap) goto exit5; @@ -50834,7 +52911,7 @@ index 43a97ee..4e585fd 100644 exit5: dput(new_dentry); exit4: -@@ -3945,6 +4170,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna +@@ -3943,6 +4168,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) { @@ -50843,7 +52920,7 @@ index 43a97ee..4e585fd 100644 int len; len = PTR_ERR(link); -@@ -3954,7 +4181,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c +@@ -3952,7 +4179,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c len = strlen(link); if (len > (unsigned) buflen) len = buflen; @@ -50931,6 +53008,19 @@ index a51054f..f9b53e5 100644 return -EINVAL; get_mnt_ns(mnt_ns); +diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c +index 59461c9..b17c57e 100644 +--- a/fs/nfs/callback_xdr.c ++++ b/fs/nfs/callback_xdr.c +@@ -51,7 +51,7 @@ struct callback_op { + callback_decode_arg_t decode_args; + callback_encode_res_t encode_res; + long res_maxsize; +-}; ++} __do_const; + + static struct callback_op callback_ops[]; + diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index ebeb94c..ff35337 100644 --- a/fs/nfs/inode.c @@ -50955,6 +53045,50 @@ index ebeb94c..ff35337 100644 } void nfs_fattr_init(struct nfs_fattr *fattr) +diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c +index 9d1c5db..1e13db8 100644 +--- a/fs/nfsd/nfs4proc.c ++++ b/fs/nfsd/nfs4proc.c +@@ -1097,7 +1097,7 @@ struct nfsd4_operation { + nfsd4op_rsize op_rsize_bop; + stateid_getter op_get_currentstateid; + stateid_setter op_set_currentstateid; +-}; ++} __do_const; + + static struct nfsd4_operation nfsd4_ops[]; + +diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c +index 0dc1158..ccf0338 100644 +--- a/fs/nfsd/nfs4xdr.c ++++ b/fs/nfsd/nfs4xdr.c +@@ -1456,7 +1456,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) + + typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); + +-static nfsd4_dec nfsd4_dec_ops[] = { ++static const nfsd4_dec nfsd4_dec_ops[] = { + [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, + [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, + [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, +@@ -1496,7 +1496,7 @@ static nfsd4_dec nfsd4_dec_ops[] = { + [OP_RELEASE_LOCKOWNER] = (nfsd4_dec)nfsd4_decode_release_lockowner, + }; + +-static nfsd4_dec nfsd41_dec_ops[] = { ++static const nfsd4_dec nfsd41_dec_ops[] = { + [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, + [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, + [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, +@@ -1558,7 +1558,7 @@ static nfsd4_dec nfsd41_dec_ops[] = { + }; + + struct nfsd4_minorversion_ops { +- nfsd4_dec *decoders; ++ const nfsd4_dec *decoders; + int nops; + }; + diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index d586117..143d568 100644 --- a/fs/nfsd/vfs.c @@ -50986,6 +53120,89 @@ index d586117..143d568 100644 set_fs(oldfs); if (host_err < 0) +diff --git a/fs/nls/nls_base.c b/fs/nls/nls_base.c +index fea6bd5..8ee9d81 100644 +--- a/fs/nls/nls_base.c ++++ b/fs/nls/nls_base.c +@@ -234,20 +234,22 @@ EXPORT_SYMBOL(utf16s_to_utf8s); + + int register_nls(struct nls_table * nls) + { +- struct nls_table ** tmp = &tables; ++ struct nls_table *tmp = tables; + + if (nls->next) + return -EBUSY; + + spin_lock(&nls_lock); +- while (*tmp) { +- if (nls == *tmp) { ++ while (tmp) { ++ if (nls == tmp) { + spin_unlock(&nls_lock); + return -EBUSY; + } +- tmp = &(*tmp)->next; ++ tmp = tmp->next; + } +- nls->next = tables; ++ pax_open_kernel(); ++ *(struct nls_table **)&nls->next = tables; ++ pax_close_kernel(); + tables = nls; + spin_unlock(&nls_lock); + return 0; +@@ -255,12 +257,14 @@ int register_nls(struct nls_table * nls) + + int unregister_nls(struct nls_table * nls) + { +- struct nls_table ** tmp = &tables; ++ struct nls_table * const * tmp = &tables; + + spin_lock(&nls_lock); + while (*tmp) { + if (nls == *tmp) { +- *tmp = nls->next; ++ pax_open_kernel(); ++ *(struct nls_table **)tmp = nls->next; ++ pax_close_kernel(); + spin_unlock(&nls_lock); + return 0; + } +diff --git a/fs/nls/nls_euc-jp.c b/fs/nls/nls_euc-jp.c +index 7424929..35f6be5 100644 +--- a/fs/nls/nls_euc-jp.c ++++ b/fs/nls/nls_euc-jp.c +@@ -561,8 +561,10 @@ static int __init init_nls_euc_jp(void) + p_nls = load_nls("cp932"); + + if (p_nls) { +- table.charset2upper = p_nls->charset2upper; +- table.charset2lower = p_nls->charset2lower; ++ pax_open_kernel(); ++ *(const unsigned char **)&table.charset2upper = p_nls->charset2upper; ++ *(const unsigned char **)&table.charset2lower = p_nls->charset2lower; ++ pax_close_kernel(); + return register_nls(&table); + } + +diff --git a/fs/nls/nls_koi8-ru.c b/fs/nls/nls_koi8-ru.c +index e7bc1d7..06bd4bb 100644 +--- a/fs/nls/nls_koi8-ru.c ++++ b/fs/nls/nls_koi8-ru.c +@@ -63,8 +63,10 @@ static int __init init_nls_koi8_ru(void) + p_nls = load_nls("koi8-u"); + + if (p_nls) { +- table.charset2upper = p_nls->charset2upper; +- table.charset2lower = p_nls->charset2lower; ++ pax_open_kernel(); ++ *(const unsigned char **)&table.charset2upper = p_nls->charset2upper; ++ *(const unsigned char **)&table.charset2lower = p_nls->charset2lower; ++ pax_close_kernel(); + return register_nls(&table); + } + diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 9ff4a5e..deb1f0f 100644 --- a/fs/notify/fanotify/fanotify_user.c @@ -51293,7 +53510,7 @@ index 9b33c0c..2ffcca2 100644 } putname(tmp); diff --git a/fs/pipe.c b/fs/pipe.c -index bd3479d..fb92c4d 100644 +index 8e2e73f..1ef1048 100644 --- a/fs/pipe.c +++ b/fs/pipe.c @@ -438,9 +438,9 @@ redo: @@ -51388,7 +53605,7 @@ index bd3479d..fb92c4d 100644 } mutex_unlock(&inode->i_mutex); -@@ -868,9 +868,9 @@ pipe_rdwr_open(struct inode *inode, struct file *filp) +@@ -871,9 +871,9 @@ pipe_rdwr_open(struct inode *inode, struct file *filp) if (inode->i_pipe) { ret = 0; if (filp->f_mode & FMODE_READ) @@ -51400,7 +53617,7 @@ index bd3479d..fb92c4d 100644 } mutex_unlock(&inode->i_mutex); -@@ -962,7 +962,7 @@ void free_pipe_info(struct inode *inode) +@@ -965,7 +965,7 @@ void free_pipe_info(struct inode *inode) inode->i_pipe = NULL; } @@ -51409,7 +53626,7 @@ index bd3479d..fb92c4d 100644 /* * pipefs_dname() is called from d_path(). -@@ -992,7 +992,8 @@ static struct inode * get_pipe_inode(void) +@@ -995,7 +995,8 @@ static struct inode * get_pipe_inode(void) goto fail_iput; inode->i_pipe = pipe; @@ -52256,7 +54473,7 @@ index fe72cd0..21b52ff 100644 rcu_read_lock(); task = pid_task(proc_pid(dir), PIDTYPE_PID); diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c -index 1827d88..9a60b01 100644 +index 1827d88..43b0279 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -12,11 +12,15 @@ @@ -52373,6 +54590,75 @@ index 1827d88..9a60b01 100644 .lookup = proc_sys_lookup, .permission = proc_sys_permission, .setattr = proc_sys_setattr, +@@ -854,7 +887,7 @@ static struct ctl_dir *find_subdir(struct ctl_dir *dir, + static struct ctl_dir *new_dir(struct ctl_table_set *set, + const char *name, int namelen) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + struct ctl_dir *new; + struct ctl_node *node; + char *new_name; +@@ -866,7 +899,7 @@ static struct ctl_dir *new_dir(struct ctl_table_set *set, + return NULL; + + node = (struct ctl_node *)(new + 1); +- table = (struct ctl_table *)(node + 1); ++ table = (ctl_table_no_const *)(node + 1); + new_name = (char *)(table + 2); + memcpy(new_name, name, namelen); + new_name[namelen] = '\0'; +@@ -1035,7 +1068,8 @@ static int sysctl_check_table(const char *path, struct ctl_table *table) + static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table *table, + struct ctl_table_root *link_root) + { +- struct ctl_table *link_table, *entry, *link; ++ ctl_table_no_const *link_table, *link; ++ struct ctl_table *entry; + struct ctl_table_header *links; + struct ctl_node *node; + char *link_name; +@@ -1058,7 +1092,7 @@ static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table + return NULL; + + node = (struct ctl_node *)(links + 1); +- link_table = (struct ctl_table *)(node + nr_entries); ++ link_table = (ctl_table_no_const *)(node + nr_entries); + link_name = (char *)&link_table[nr_entries + 1]; + + for (link = link_table, entry = table; entry->procname; link++, entry++) { +@@ -1306,8 +1340,8 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, + struct ctl_table_header ***subheader, struct ctl_table_set *set, + struct ctl_table *table) + { +- struct ctl_table *ctl_table_arg = NULL; +- struct ctl_table *entry, *files; ++ ctl_table_no_const *ctl_table_arg = NULL, *files = NULL; ++ struct ctl_table *entry; + int nr_files = 0; + int nr_dirs = 0; + int err = -ENOMEM; +@@ -1319,10 +1353,9 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, + nr_files++; + } + +- files = table; + /* If there are mixed files and directories we need a new table */ + if (nr_dirs && nr_files) { +- struct ctl_table *new; ++ ctl_table_no_const *new; + files = kzalloc(sizeof(struct ctl_table) * (nr_files + 1), + GFP_KERNEL); + if (!files) +@@ -1340,7 +1373,7 @@ static int register_leaf_sysctl_tables(const char *path, char *pos, + /* Register everything except a directory full of subdirectories */ + if (nr_files || !nr_dirs) { + struct ctl_table_header *header; +- header = __register_sysctl_table(set, path, files); ++ header = __register_sysctl_table(set, path, files ? files : table); + if (!header) { + kfree(ctl_table_arg); + goto out; diff --git a/fs/proc/root.c b/fs/proc/root.c index c6e9fac..a740964 100644 --- a/fs/proc/root.c @@ -54400,7 +56686,7 @@ index 0000000..1b9afa9 +endif diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c new file mode 100644 -index 0000000..6b7b8f7 +index 0000000..0767b2e --- /dev/null +++ b/grsecurity/gracl.c @@ -0,0 +1,4067 @@ @@ -56994,7 +59280,7 @@ index 0000000..6b7b8f7 + task->is_writable = 1; + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Set role label for (%s:%d): role:%s, subject:%s\n", task->comm, task->pid, task->role->rolename, task->acl->filename); ++ printk(KERN_ALERT "Set role label for (%s:%d): role:%s, subject:%s\n", task->comm, task_pid_nr(task), task->role->rolename, task->acl->filename); +#endif + + gr_set_proc_res(task); @@ -57069,7 +59355,7 @@ index 0000000..6b7b8f7 + gr_set_proc_res(task); + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Set subject label for (%s:%d): role:%s, subject:%s\n", task->comm, task->pid, task->role->rolename, task->acl->filename); ++ printk(KERN_ALERT "Set subject label for (%s:%d): role:%s, subject:%s\n", task->comm, task_pid_nr(task), task->role->rolename, task->acl->filename); +#endif + return 0; +} @@ -57483,7 +59769,7 @@ index 0000000..6b7b8f7 + tsk->is_writable = 1; + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "Assigning special role:%s subject:%s to process (%s:%d)\n", tsk->role->rolename, tsk->acl->filename, tsk->comm, tsk->pid); ++ printk(KERN_ALERT "Assigning special role:%s subject:%s to process (%s:%d)\n", tsk->role->rolename, tsk->acl->filename, tsk->comm, task_pid_nr(tsk)); +#endif + +out_unlock: @@ -57537,7 +59823,7 @@ index 0000000..6b7b8f7 + if (file && S_ISCHR(file->f_path.dentry->d_inode->i_mode) && + file->f_path.dentry->d_inode->i_rdev == our_file->f_path.dentry->d_inode->i_rdev) { + p3 = task; -+ while (p3->pid > 0) { ++ while (task_pid_nr(p3) > 0) { + if (p3 == p) + break; + p3 = p3->real_parent; @@ -57628,7 +59914,7 @@ index 0000000..6b7b8f7 + + if (gr_usermode->mode != GR_SPROLE && gr_usermode->mode != GR_STATUS && + gr_usermode->mode != GR_UNSPROLE && gr_usermode->mode != GR_SPROLEPAM && -+ !uid_eq(current_uid(), GLOBAL_ROOT_UID)) { ++ gr_is_global_nonroot(current_uid())) { + error = -EPERM; + goto out; + } @@ -57867,7 +60153,7 @@ index 0000000..6b7b8f7 + gr_set_proc_res(task); + +#ifdef CONFIG_GRKERNSEC_RBAC_DEBUG -+ printk(KERN_ALERT "gr_set_acls for (%s:%d): role:%s, subject:%s\n", task->comm, task->pid, task->role->rolename, task->acl->filename); ++ printk(KERN_ALERT "gr_set_acls for (%s:%d): role:%s, subject:%s\n", task->comm, task_pid_nr(task), task->role->rolename, task->acl->filename); +#endif + } else { + return 1; @@ -57908,7 +60194,7 @@ index 0000000..6b7b8f7 + read_unlock(&grsec_exec_file_lock); + read_unlock(&tasklist_lock); + rcu_read_unlock(); -+ gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_DEFACL_MSG, task->comm, task->pid); ++ gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_DEFACL_MSG, task->comm, task_pid_nr(task)); + return ret; + } + } else { @@ -58056,13 +60342,13 @@ index 0000000..6b7b8f7 + read_lock(&grsec_exec_file_lock); + filp = task->exec_file; + -+ while (tmp->pid > 0) { ++ while (task_pid_nr(tmp) > 0) { + if (tmp == curtemp) + break; + tmp = tmp->real_parent; + } + -+ if (!filp || (tmp->pid == 0 && ((grsec_enable_harden_ptrace && !uid_eq(current_uid(), GLOBAL_ROOT_UID) && !(gr_status & GR_READY)) || ++ if (!filp || (task_pid_nr(tmp) == 0 && ((grsec_enable_harden_ptrace && gr_is_global_nonroot(current_uid()) && !(gr_status & GR_READY)) || + ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE))))) { + read_unlock(&grsec_exec_file_lock); + read_unlock(&tasklist_lock); @@ -58086,7 +60372,7 @@ index 0000000..6b7b8f7 + + if (!(current->acl->mode & GR_POVERRIDE) && !(current->role->roletype & GR_ROLE_GOD) + && (current->acl != task->acl || (current->acl != current->role->root_label -+ && current->pid != task->pid))) ++ && task_pid_nr(current) != task_pid_nr(task)))) + return 1; + + return 0; @@ -58118,13 +60404,13 @@ index 0000000..6b7b8f7 +#endif + if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) { + read_lock(&tasklist_lock); -+ while (tmp->pid > 0) { ++ while (task_pid_nr(tmp) > 0) { + if (tmp == curtemp) + break; + tmp = tmp->real_parent; + } + -+ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && !uid_eq(current_uid(), GLOBAL_ROOT_UID) && !(gr_status & GR_READY)) || ++ if (task_pid_nr(tmp) == 0 && ((grsec_enable_harden_ptrace && gr_is_global_nonroot(current_uid()) && !(gr_status & GR_READY)) || + ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { + read_unlock(&tasklist_lock); + gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); @@ -58336,10 +60622,10 @@ index 0000000..6b7b8f7 +#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) + cred = __task_cred(task); +#ifdef CONFIG_GRKERNSEC_PROC_USER -+ if (!uid_eq(cred->uid, GLOBAL_ROOT_UID)) ++ if (gr_is_global_nonroot(cred->uid)) + ret = -EACCES; +#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP) -+ if (!uid_eq(cred->uid, GLOBAL_ROOT_UID) && !groups_search(cred->group_info, grsec_proc_gid)) ++ if (gr_is_global_nonroot(cred->uid) && !groups_search(cred->group_info, grsec_proc_gid)) + ret = -EACCES; +#endif +#endif @@ -59814,7 +62100,7 @@ index 0000000..39645c9 +} diff --git a/grsecurity/gracl_segv.c b/grsecurity/gracl_segv.c new file mode 100644 -index 0000000..10398db +index 0000000..8c8fc9d --- /dev/null +++ b/grsecurity/gracl_segv.c @@ -0,0 +1,303 @@ @@ -60032,7 +62318,7 @@ index 0000000..10398db + time_after(curr->expires, get_seconds())) { + rcu_read_lock(); + cred = __task_cred(task); -+ if (!uid_eq(cred->uid, GLOBAL_ROOT_UID) && proc_is_setxid(cred)) { ++ if (gr_is_global_nonroot(cred->uid) && proc_is_setxid(cred)) { + gr_log_crash1(GR_DONT_AUDIT, GR_SEGVSTART_ACL_MSG, task, curr->res[GR_CRASH_RES].rlim_max); + spin_lock(&gr_uid_lock); + gr_insert_uid(cred->uid, curr->expires); @@ -60123,7 +62409,7 @@ index 0000000..10398db +} diff --git a/grsecurity/gracl_shm.c b/grsecurity/gracl_shm.c new file mode 100644 -index 0000000..120978a +index 0000000..98011b0 --- /dev/null +++ b/grsecurity/gracl_shm.c @@ -0,0 +1,40 @@ @@ -60154,7 +62440,7 @@ index 0000000..120978a + task = find_task_by_vpid(shm_lapid); + + if (unlikely(task && (time_before_eq((unsigned long)task->start_time.tv_sec, (unsigned long)shm_createtime) || -+ (task->pid == shm_lapid)) && ++ (task_pid_nr(task) == shm_lapid)) && + (task->acl->mode & GR_PROTSHM) && + (task->acl != current->acl))) { + read_unlock(&tasklist_lock); @@ -60194,7 +62480,7 @@ index 0000000..bc0be01 +} diff --git a/grsecurity/grsec_chroot.c b/grsecurity/grsec_chroot.c new file mode 100644 -index 0000000..70fe0ae +index 0000000..6d2de57 --- /dev/null +++ b/grsecurity/grsec_chroot.c @@ -0,0 +1,357 @@ @@ -60212,7 +62498,7 @@ index 0000000..70fe0ae +void gr_set_chroot_entries(struct task_struct *task, struct path *path) +{ +#ifdef CONFIG_GRKERNSEC -+ if (task->pid > 1 && path->dentry != init_task.fs->root.dentry && ++ if (task_pid_nr(task) > 1 && path->dentry != init_task.fs->root.dentry && + path->dentry != task->nsproxy->mnt_ns->root->mnt.mnt_root) + task->gr_is_chrooted = 1; + else @@ -60277,7 +62563,7 @@ index 0000000..70fe0ae +#ifdef CONFIG_GRKERNSEC_CHROOT_NICE + if (grsec_enable_chroot_nice && (niceval < task_nice(p)) + && proc_is_chrooted(current)) { -+ gr_log_str_int(GR_DONT_AUDIT, GR_PRIORITY_CHROOT_MSG, p->comm, p->pid); ++ gr_log_str_int(GR_DONT_AUDIT, GR_PRIORITY_CHROOT_MSG, p->comm, task_pid_nr(p)); + return -EACCES; + } +#endif @@ -61525,7 +63811,7 @@ index 0000000..a862e9f +} diff --git a/grsecurity/grsec_link.c b/grsecurity/grsec_link.c new file mode 100644 -index 0000000..6095407 +index 0000000..5e05e20 --- /dev/null +++ b/grsecurity/grsec_link.c @@ -0,0 +1,58 @@ @@ -61542,7 +63828,7 @@ index 0000000..6095407 + + if (grsec_enable_symlinkown && in_group_p(grsec_symlinkown_gid) && + /* ignore root-owned links, e.g. /proc/self */ -+ !uid_eq(link_inode->i_uid, GLOBAL_ROOT_UID) && target && ++ gr_is_global_nonroot(link_inode->i_uid) && target && + !uid_eq(link_inode->i_uid, target->i_uid)) { + gr_log_fs_int2(GR_DONT_AUDIT, GR_SYMLINKOWNER_MSG, link->dentry, link->mnt, link_inode->i_uid, target->i_uid); + return 1; @@ -61580,7 +63866,7 @@ index 0000000..6095407 + if (grsec_enable_link && !uid_eq(cred->fsuid, inode->i_uid) && + (!S_ISREG(mode) || is_privileged_binary(dentry) || + (inode_permission(inode, MAY_READ | MAY_WRITE))) && -+ !capable(CAP_FOWNER) && !uid_eq(cred->uid, GLOBAL_ROOT_UID)) { ++ !capable(CAP_FOWNER) && gr_is_global_nonroot(cred->uid)) { + gr_log_fs_int2_str(GR_DONT_AUDIT, GR_HARDLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid, to->name); + return -EPERM; + } @@ -62113,7 +64399,7 @@ index 0000000..f7f29aa +} diff --git a/grsecurity/grsec_sig.c b/grsecurity/grsec_sig.c new file mode 100644 -index 0000000..5c00416 +index 0000000..e09715a --- /dev/null +++ b/grsecurity/grsec_sig.c @@ -0,0 +1,222 @@ @@ -62137,7 +64423,7 @@ index 0000000..5c00416 +#ifdef CONFIG_GRKERNSEC_SIGNAL + if (grsec_enable_signal && ((sig == SIGSEGV) || (sig == SIGILL) || + (sig == SIGABRT) || (sig == SIGBUS))) { -+ if (t->pid == current->pid) { ++ if (task_pid_nr(t) == task_pid_nr(current)) { + gr_log_sig_addr(GR_DONT_AUDIT_GOOD, GR_UNISIGLOG_MSG, signames[sig], addr); + } else { + gr_log_sig_task(GR_DONT_AUDIT_GOOD, GR_DUALSIGLOG_MSG, t, sig); @@ -62152,7 +64438,7 @@ index 0000000..5c00416 +{ +#ifdef CONFIG_GRKERNSEC + /* ignore the 0 signal for protected task checks */ -+ if (current->pid > 1 && sig && gr_check_protected_task(p)) { ++ if (task_pid_nr(current) > 1 && sig && gr_check_protected_task(p)) { + gr_log_sig_task(GR_DONT_AUDIT, GR_SIG_ACL_MSG, p, sig); + return -EPERM; + } else if (gr_pid_is_chrooted((struct task_struct *)p)) { @@ -62226,7 +64512,7 @@ index 0000000..5c00416 + const struct cred *cred = __task_cred(p), *cred2; + struct task_struct *tsk, *tsk2; + -+ if (!__get_dumpable(mm_flags) && !uid_eq(cred->uid, GLOBAL_ROOT_UID)) { ++ if (!__get_dumpable(mm_flags) && gr_is_global_nonroot(cred->uid)) { + struct user_struct *user; + + uid = cred->uid; @@ -62252,9 +64538,9 @@ index 0000000..5c00416 + read_unlock(&tasklist_lock); + rcu_read_unlock(); + -+ if (!uid_eq(uid, GLOBAL_ROOT_UID)) ++ if (gr_is_global_nonroot(uid)) + printk(KERN_ALERT "grsec: bruteforce prevention initiated against uid %u, banning for %d minutes\n", -+ from_kuid_munged(&init_user_ns, uid), GR_USER_BAN_TIME / 60); ++ GR_GLOBAL_UID(uid), GR_USER_BAN_TIME / 60); + else if (daemon) + gr_log_noargs(GR_DONT_AUDIT, GR_BRUTE_DAEMON_MSG); + @@ -62290,7 +64576,7 @@ index 0000000..5c00416 + + uid = current_uid(); + -+ if (uid_eq(uid, GLOBAL_ROOT_UID)) ++ if (gr_is_global_root(uid)) + panic("grsec: halting the system due to suspicious kernel crash caused by root"); + else { + /* kill all the processes of this user, hold a reference @@ -62298,7 +64584,7 @@ index 0000000..5c00416 + another process until system reset + */ + printk(KERN_ALERT "grsec: banning user with uid %u until system restart for suspicious kernel crash\n", -+ from_kuid_munged(&init_user_ns, uid)); ++ GR_GLOBAL_UID(uid)); + /* we intentionally leak this ref */ + user = get_uid(current->cred->user); + if (user) { @@ -63088,7 +65374,7 @@ index 0000000..0dc13c3 +EXPORT_SYMBOL(gr_log_timechange); diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c new file mode 100644 -index 0000000..ac20d7f +index 0000000..ee57dcf --- /dev/null +++ b/grsecurity/grsec_tpe.c @@ -0,0 +1,73 @@ @@ -63110,7 +65396,7 @@ index 0000000..ac20d7f + char *msg2 = NULL; + + // never restrict root -+ if (uid_eq(cred->uid, GLOBAL_ROOT_UID)) ++ if (gr_is_global_root(cred->uid)) + return 1; + + if (grsec_enable_tpe) { @@ -63131,7 +65417,7 @@ index 0000000..ac20d7f + if (!msg) + goto next_check; + -+ if (!uid_eq(inode->i_uid, GLOBAL_ROOT_UID)) ++ if (gr_is_global_nonroot(inode->i_uid)) + msg2 = "file in non-root-owned directory"; + else if (inode->i_mode & S_IWOTH) + msg2 = "file in world-writable directory"; @@ -63150,7 +65436,7 @@ index 0000000..ac20d7f + if (!grsec_enable_tpe || !grsec_enable_tpe_all) + return 1; + -+ if (!uid_eq(inode->i_uid, GLOBAL_ROOT_UID) && !uid_eq(inode->i_uid, cred->uid)) ++ if (gr_is_global_nonroot(inode->i_uid) && !uid_eq(inode->i_uid, cred->uid)) + msg = "directory not owned by user"; + else if (inode->i_mode & S_IWOTH) + msg = "file in world-writable directory"; @@ -63868,7 +66154,7 @@ index 418d270..bfd2794 100644 struct crypto_instance { struct crypto_alg alg; diff --git a/include/drm/drmP.h b/include/drm/drmP.h -index fad21c9..3fff955 100644 +index fad21c9..ab858bc 100644 --- a/include/drm/drmP.h +++ b/include/drm/drmP.h @@ -72,6 +72,7 @@ @@ -63879,7 +66165,43 @@ index fad21c9..3fff955 100644 #include #include -@@ -1068,7 +1069,7 @@ struct drm_device { +@@ -293,10 +294,12 @@ do { \ + * \param cmd command. + * \param arg argument. + */ +-typedef int drm_ioctl_t(struct drm_device *dev, void *data, ++typedef int (* const drm_ioctl_t)(struct drm_device *dev, void *data, ++ struct drm_file *file_priv); ++typedef int (* drm_ioctl_no_const_t)(struct drm_device *dev, void *data, + struct drm_file *file_priv); + +-typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, ++typedef int (* const drm_ioctl_compat_t)(struct file *filp, unsigned int cmd, + unsigned long arg); + + #define DRM_IOCTL_NR(n) _IOC_NR(n) +@@ -311,9 +314,9 @@ typedef int drm_ioctl_compat_t(struct file *filp, unsigned int cmd, + struct drm_ioctl_desc { + unsigned int cmd; + int flags; +- drm_ioctl_t *func; ++ drm_ioctl_t func; + unsigned int cmd_drv; +-}; ++} __do_const; + + /** + * Creates a driver or general drm_ioctl_desc array entry for the given +@@ -995,7 +998,7 @@ struct drm_info_list { + int (*show)(struct seq_file*, void*); /** show callback */ + u32 driver_features; /**< Required driver features for this entry */ + void *data; +-}; ++} __do_const; + + /** + * debugfs node structure. This structure represents a debugfs file. +@@ -1068,7 +1071,7 @@ struct drm_device { /** \name Usage Counters */ /*@{ */ @@ -63888,7 +66210,7 @@ index fad21c9..3fff955 100644 atomic_t ioctl_count; /**< Outstanding IOCTLs pending */ atomic_t vma_count; /**< Outstanding vma areas open */ int buf_use; /**< Buffers in use -- cannot alloc */ -@@ -1079,7 +1080,7 @@ struct drm_device { +@@ -1079,7 +1082,7 @@ struct drm_device { /*@{ */ unsigned long counters; enum drm_stat_type types[15]; @@ -63923,8 +66245,21 @@ index 72dcbe8..8db58d7 100644 /** * struct ttm_mem_global - Global memory accounting structure. +diff --git a/include/keys/asymmetric-subtype.h b/include/keys/asymmetric-subtype.h +index 4b840e8..155d235 100644 +--- a/include/keys/asymmetric-subtype.h ++++ b/include/keys/asymmetric-subtype.h +@@ -37,7 +37,7 @@ struct asymmetric_key_subtype { + /* Verify the signature on a key of this subtype (optional) */ + int (*verify_signature)(const struct key *key, + const struct public_key_signature *sig); +-}; ++} __do_const; + + /** + * asymmetric_key_subtype - Get the subtype from an asymmetric key diff --git a/include/linux/atmdev.h b/include/linux/atmdev.h -index c1da539..4db35ec 100644 +index c1da539..1dcec55 100644 --- a/include/linux/atmdev.h +++ b/include/linux/atmdev.h @@ -28,7 +28,7 @@ struct compat_atm_iobuf { @@ -63936,17 +66271,29 @@ index c1da539..4db35ec 100644 __AAL_STAT_ITEMS #undef __HANDLE_ITEM }; +@@ -200,7 +200,7 @@ struct atmdev_ops { /* only send is required */ + int (*change_qos)(struct atm_vcc *vcc,struct atm_qos *qos,int flags); + int (*proc_read)(struct atm_dev *dev,loff_t *pos,char *page); + struct module *owner; +-}; ++} __do_const ; + + struct atmphy_ops { + int (*start)(struct atm_dev *dev); diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h -index 0530b98..b127a9e 100644 +index 0530b98..96a8ac0 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h -@@ -73,6 +73,7 @@ struct linux_binfmt { +@@ -73,8 +73,9 @@ struct linux_binfmt { int (*load_binary)(struct linux_binprm *); int (*load_shlib)(struct file *); int (*core_dump)(struct coredump_params *cprm); + void (*handle_mprotect)(struct vm_area_struct *vma, unsigned long newflags); unsigned long min_coredump; /* minimal dump size */ - }; +-}; ++} __do_const; + + extern void __register_binfmt(struct linux_binfmt *fmt, int insert); diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h index f94bc83..62b9cfe 100644 @@ -64207,6 +66554,19 @@ index dd852b7..72924c0 100644 +#define ACCESS_ONCE_RW(x) (*(volatile typeof(x) *)&(x)) #endif /* __LINUX_COMPILER_H */ +diff --git a/include/linux/configfs.h b/include/linux/configfs.h +index 34025df..d94bbbc 100644 +--- a/include/linux/configfs.h ++++ b/include/linux/configfs.h +@@ -125,7 +125,7 @@ struct configfs_attribute { + const char *ca_name; + struct module *ca_owner; + umode_t ca_mode; +-}; ++} __do_const; + + /* + * Users often need to create attribute structures for their configurable diff --git a/include/linux/cpu.h b/include/linux/cpu.h index ce7a074..01ab8ac 100644 --- a/include/linux/cpu.h @@ -64220,6 +66580,50 @@ index ce7a074..01ab8ac 100644 { .notifier_call = fn, .priority = pri }; \ register_cpu_notifier(&fn##_nb); \ } +diff --git a/include/linux/cpufreq.h b/include/linux/cpufreq.h +index a55b88e..fba90c5 100644 +--- a/include/linux/cpufreq.h ++++ b/include/linux/cpufreq.h +@@ -240,7 +240,7 @@ struct cpufreq_driver { + int (*suspend) (struct cpufreq_policy *policy); + int (*resume) (struct cpufreq_policy *policy); + struct freq_attr **attr; +-}; ++} __do_const; + + /* flags */ + +@@ -299,6 +299,7 @@ struct global_attr { + ssize_t (*store)(struct kobject *a, struct attribute *b, + const char *c, size_t count); + }; ++typedef struct global_attr __no_const global_attr_no_const; + + #define define_one_global_ro(_name) \ + static struct global_attr _name = \ +diff --git a/include/linux/cpuidle.h b/include/linux/cpuidle.h +index 24cd1037..20a63aae 100644 +--- a/include/linux/cpuidle.h ++++ b/include/linux/cpuidle.h +@@ -54,7 +54,8 @@ struct cpuidle_state { + int index); + + int (*enter_dead) (struct cpuidle_device *dev, int index); +-}; ++} __do_const; ++typedef struct cpuidle_state __no_const cpuidle_state_no_const; + + /* Idle State Flags */ + #define CPUIDLE_FLAG_TIME_VALID (0x01) /* is residency time measurable? */ +@@ -216,7 +217,7 @@ struct cpuidle_governor { + void (*reflect) (struct cpuidle_device *dev, int index); + + struct module *owner; +-}; ++} __do_const; + + #ifdef CONFIG_CPU_IDLE + diff --git a/include/linux/cred.h b/include/linux/cred.h index 04421e8..6bce4ef 100644 --- a/include/linux/cred.h @@ -64276,6 +66680,55 @@ index 7925bf0..d5143d2 100644 #define free(a) kfree(a) #define large_malloc(a) vmalloc(a) +diff --git a/include/linux/devfreq.h b/include/linux/devfreq.h +index e83ef39..33e0eb3 100644 +--- a/include/linux/devfreq.h ++++ b/include/linux/devfreq.h +@@ -114,7 +114,7 @@ struct devfreq_governor { + int (*get_target_freq)(struct devfreq *this, unsigned long *freq); + int (*event_handler)(struct devfreq *devfreq, + unsigned int event, void *data); +-}; ++} __do_const; + + /** + * struct devfreq - Device devfreq structure +diff --git a/include/linux/device.h b/include/linux/device.h +index 43dcda9..7a1fb65 100644 +--- a/include/linux/device.h ++++ b/include/linux/device.h +@@ -294,7 +294,7 @@ struct subsys_interface { + struct list_head node; + int (*add_dev)(struct device *dev, struct subsys_interface *sif); + int (*remove_dev)(struct device *dev, struct subsys_interface *sif); +-}; ++} __do_const; + + int subsys_interface_register(struct subsys_interface *sif); + void subsys_interface_unregister(struct subsys_interface *sif); +@@ -474,7 +474,7 @@ struct device_type { + void (*release)(struct device *dev); + + const struct dev_pm_ops *pm; +-}; ++} __do_const; + + /* interface for exporting device attributes */ + struct device_attribute { +@@ -484,11 +484,12 @@ struct device_attribute { + ssize_t (*store)(struct device *dev, struct device_attribute *attr, + const char *buf, size_t count); + }; ++typedef struct device_attribute __no_const device_attribute_no_const; + + struct dev_ext_attribute { + struct device_attribute attr; + void *var; +-}; ++} __do_const; + + ssize_t device_show_ulong(struct device *dev, struct device_attribute *attr, + char *buf); diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h index 94af418..b1ca7a2 100644 --- a/include/linux/dma-mapping.h @@ -64337,6 +66790,32 @@ index 8c9048e..16a4665 100644 #endif +diff --git a/include/linux/extcon.h b/include/linux/extcon.h +index fcb51c8..bdafcf6 100644 +--- a/include/linux/extcon.h ++++ b/include/linux/extcon.h +@@ -134,7 +134,7 @@ struct extcon_dev { + /* /sys/class/extcon/.../mutually_exclusive/... */ + struct attribute_group attr_g_muex; + struct attribute **attrs_muex; +- struct device_attribute *d_attrs_muex; ++ device_attribute_no_const *d_attrs_muex; + }; + + /** +diff --git a/include/linux/fb.h b/include/linux/fb.h +index c7a9571..02eeffe 100644 +--- a/include/linux/fb.h ++++ b/include/linux/fb.h +@@ -302,7 +302,7 @@ struct fb_ops { + /* called at KDB enter and leave time to prepare the console */ + int (*fb_debug_enter)(struct fb_info *info); + int (*fb_debug_leave)(struct fb_info *info); +-}; ++} __do_const; + + #ifdef CONFIG_FB_TILEBLITTING + #define FB_TILE_CURSOR_NONE 0 diff --git a/include/linux/filter.h b/include/linux/filter.h index c45eabc..baa0be5 100644 --- a/include/linux/filter.h @@ -64436,6 +66915,19 @@ index 5dfa0aa..6acf322 100644 op->processor = processor; op->release = release; INIT_LIST_HEAD(&op->pend_link); +diff --git a/include/linux/fscache.h b/include/linux/fscache.h +index 7a08623..4c07b0f 100644 +--- a/include/linux/fscache.h ++++ b/include/linux/fscache.h +@@ -152,7 +152,7 @@ struct fscache_cookie_def { + * - this is mandatory for any object that may have data + */ + void (*now_uncached)(void *cookie_netfs_data); +-}; ++} __do_const; + + /* + * fscache cached network filesystem type diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 0fbfb46..508eb0d 100644 --- a/include/linux/fsnotify.h @@ -64495,6 +66987,19 @@ index 79b8bba..86b539e 100644 struct disk_events *ev; #ifdef CONFIG_BLK_DEV_INTEGRITY struct blk_integrity *integrity; +diff --git a/include/linux/genl_magic_func.h b/include/linux/genl_magic_func.h +index 023bc34..b02b46a 100644 +--- a/include/linux/genl_magic_func.h ++++ b/include/linux/genl_magic_func.h +@@ -246,7 +246,7 @@ const char *CONCAT_(GENL_MAGIC_FAMILY, _genl_cmd_to_str)(__u8 cmd) + }, + + #define ZZZ_genl_ops CONCAT_(GENL_MAGIC_FAMILY, _genl_ops) +-static struct genl_ops ZZZ_genl_ops[] __read_mostly = { ++static struct genl_ops ZZZ_genl_ops[] = { + #include GENL_MAGIC_INCLUDE_FILE + }; + diff --git a/include/linux/gfp.h b/include/linux/gfp.h index 0f615eb..5c3832f 100644 --- a/include/linux/gfp.h @@ -65674,6 +68179,29 @@ index ef788b5..ac41b7b 100644 static inline void zero_user_segments(struct page *page, unsigned start1, unsigned end1, unsigned start2, unsigned end2) +diff --git a/include/linux/hwmon-sysfs.h b/include/linux/hwmon-sysfs.h +index 1c7b89a..7f52502 100644 +--- a/include/linux/hwmon-sysfs.h ++++ b/include/linux/hwmon-sysfs.h +@@ -25,7 +25,8 @@ + struct sensor_device_attribute{ + struct device_attribute dev_attr; + int index; +-}; ++} __do_const; ++typedef struct sensor_device_attribute __no_const sensor_device_attribute_no_const; + #define to_sensor_dev_attr(_dev_attr) \ + container_of(_dev_attr, struct sensor_device_attribute, dev_attr) + +@@ -41,7 +42,7 @@ struct sensor_device_attribute_2 { + struct device_attribute dev_attr; + u8 index; + u8 nr; +-}; ++} __do_const; + #define to_sensor_dev_attr_2(_dev_attr) \ + container_of(_dev_attr, struct sensor_device_attribute_2, dev_attr) + diff --git a/include/linux/i2c.h b/include/linux/i2c.h index d0c4db7..61b3577 100644 --- a/include/linux/i2c.h @@ -65826,6 +68354,33 @@ index 5fa5afe..ac55b25 100644 extern void softirq_init(void); extern void __raise_softirq_irqoff(unsigned int nr); +diff --git a/include/linux/iommu.h b/include/linux/iommu.h +index f3b99e1..9b73cee 100644 +--- a/include/linux/iommu.h ++++ b/include/linux/iommu.h +@@ -101,7 +101,7 @@ struct iommu_ops { + int (*domain_set_attr)(struct iommu_domain *domain, + enum iommu_attr attr, void *data); + unsigned long pgsize_bitmap; +-}; ++} __do_const; + + #define IOMMU_GROUP_NOTIFY_ADD_DEVICE 1 /* Device added */ + #define IOMMU_GROUP_NOTIFY_DEL_DEVICE 2 /* Pre Device removed */ +diff --git a/include/linux/irq.h b/include/linux/irq.h +index fdf2c4a..5332486 100644 +--- a/include/linux/irq.h ++++ b/include/linux/irq.h +@@ -328,7 +328,8 @@ struct irq_chip { + void (*irq_print_chip)(struct irq_data *data, struct seq_file *p); + + unsigned long flags; +-}; ++} __do_const; ++typedef struct irq_chip __no_const irq_chip_no_const; + + /* + * irq_chip specific flags diff --git a/include/linux/kallsyms.h b/include/linux/kallsyms.h index 6883e19..06992b1 100644 --- a/include/linux/kallsyms.h @@ -65858,6 +68413,19 @@ index 6883e19..06992b1 100644 /* This macro allows us to keep printk typechecking */ static __printf(1, 2) +diff --git a/include/linux/key-type.h b/include/linux/key-type.h +index 518a53a..5e28358 100644 +--- a/include/linux/key-type.h ++++ b/include/linux/key-type.h +@@ -125,7 +125,7 @@ struct key_type { + /* internal fields */ + struct list_head link; /* link in types list */ + struct lock_class_key lock_class; /* key->sem lock class */ +-}; ++} __do_const; + + extern struct key_type key_type_keyring; + diff --git a/include/linux/kgdb.h b/include/linux/kgdb.h index 4dff0c6..1ca9b72 100644 --- a/include/linux/kgdb.h @@ -65903,7 +68471,7 @@ index 5398d58..5883a34 100644 #define request_module_nowait(mod...) __request_module(false, mod) #define try_then_request_module(x, mod...) \ diff --git a/include/linux/kobject.h b/include/linux/kobject.h -index 939b112..90b7f44 100644 +index 939b112..ed6ed51 100644 --- a/include/linux/kobject.h +++ b/include/linux/kobject.h @@ -111,7 +111,7 @@ struct kobj_type { @@ -65915,6 +68483,27 @@ index 939b112..90b7f44 100644 struct kobj_uevent_env { char *envp[UEVENT_NUM_ENVP]; +@@ -134,6 +134,7 @@ struct kobj_attribute { + ssize_t (*store)(struct kobject *kobj, struct kobj_attribute *attr, + const char *buf, size_t count); + }; ++typedef struct kobj_attribute __no_const kobj_attribute_no_const; + + extern const struct sysfs_ops kobj_sysfs_ops; + +diff --git a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h +index f66b065..c2c29b4 100644 +--- a/include/linux/kobject_ns.h ++++ b/include/linux/kobject_ns.h +@@ -43,7 +43,7 @@ struct kobj_ns_type_operations { + const void *(*netlink_ns)(struct sock *sk); + const void *(*initial_ns)(void); + void (*drop_ns)(void *); +-}; ++} __do_const; + + int kobj_ns_type_register(const struct kobj_ns_type_operations *ops); + int kobj_ns_type_registered(enum kobj_ns_type type); diff --git a/include/linux/kref.h b/include/linux/kref.h index 4972e6e..de4d19b 100644 --- a/include/linux/kref.h @@ -65964,19 +68553,38 @@ index 649e5f8..ead5194 100644 struct ata_port_info { unsigned long flags; diff --git a/include/linux/list.h b/include/linux/list.h -index cc6d2aa..71febca 100644 +index cc6d2aa..c10ee83 100644 --- a/include/linux/list.h +++ b/include/linux/list.h -@@ -112,6 +112,9 @@ extern void __list_del_entry(struct list_head *entry); +@@ -112,6 +112,19 @@ extern void __list_del_entry(struct list_head *entry); extern void list_del(struct list_head *entry); #endif -+extern void pax_list_add_tail(struct list_head *new, struct list_head *head); ++extern void __pax_list_add(struct list_head *new, ++ struct list_head *prev, ++ struct list_head *next); ++static inline void pax_list_add(struct list_head *new, struct list_head *head) ++{ ++ __pax_list_add(new, head, head->next); ++} ++static inline void pax_list_add_tail(struct list_head *new, struct list_head *head) ++{ ++ __pax_list_add(new, head->prev, head); ++} +extern void pax_list_del(struct list_head *entry); + /** * list_replace - replace old entry by new one * @old : the element to be replaced +@@ -145,6 +158,8 @@ static inline void list_del_init(struct list_head *entry) + INIT_LIST_HEAD(entry); + } + ++extern void pax_list_del_init(struct list_head *entry); ++ + /** + * list_move - delete from one list and add as another's head + * @list: the entry to move diff --git a/include/linux/mm.h b/include/linux/mm.h index 66e2f7c..ea88001 100644 --- a/include/linux/mm.h @@ -66165,7 +68773,7 @@ index 66e2f7c..ea88001 100644 #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */ diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h -index f8f5162..6276a36 100644 +index f8f5162..a039af9 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -288,6 +288,8 @@ struct vm_area_struct { @@ -66182,7 +68790,7 @@ index f8f5162..6276a36 100644 unsigned long nr_ptes; /* Page table pages */ unsigned long start_code, end_code, start_data, end_data; - unsigned long start_brk, brk, start_stack; -+ unsigned long brk_gap, start_brk, brk, start_stack; ++ unsigned long aslr_gap, start_brk, brk, start_stack; unsigned long arg_start, arg_end, env_start, env_end; unsigned long saved_auxv[AT_VECTOR_SIZE]; /* for /proc/PID/auxv */ @@ -66247,7 +68855,7 @@ index 73b64a3..6562925 100644 /* * The target ratio of ACTIVE_ANON to INACTIVE_ANON pages on diff --git a/include/linux/mod_devicetable.h b/include/linux/mod_devicetable.h -index fed3def..7cc3f93 100644 +index fed3def..c933f99 100644 --- a/include/linux/mod_devicetable.h +++ b/include/linux/mod_devicetable.h @@ -12,7 +12,7 @@ @@ -66268,8 +68876,17 @@ index fed3def..7cc3f93 100644 #define HID_BUS_ANY 0xffff #define HID_GROUP_ANY 0x0000 +@@ -498,7 +498,7 @@ struct dmi_system_id { + const char *ident; + struct dmi_strmatch matches[4]; + void *driver_data; +-}; ++} __do_const; + /* + * struct dmi_device_id appears during expansion of + * "MODULE_DEVICE_TABLE(dmi, x)". Compiler doesn't look inside it diff --git a/include/linux/module.h b/include/linux/module.h -index 1375ee3..d631af0 100644 +index 1375ee3..ced8177 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -17,9 +17,11 @@ @@ -66284,7 +68901,31 @@ index 1375ee3..d631af0 100644 /* In stripped ARM and x86-64 modules, ~ is surprisingly rare. */ #define MODULE_SIG_STRING "~Module signature appended~\n" -@@ -281,19 +283,16 @@ struct module +@@ -54,12 +56,13 @@ struct module_attribute { + int (*test)(struct module *); + void (*free)(struct module *); + }; ++typedef struct module_attribute __no_const module_attribute_no_const; + + struct module_version_attribute { + struct module_attribute mattr; + const char *module_name; + const char *version; +-} __attribute__ ((__aligned__(sizeof(void *)))); ++} __do_const __attribute__ ((__aligned__(sizeof(void *)))); + + extern ssize_t __modver_version_show(struct module_attribute *, + struct module_kobject *, char *); +@@ -232,7 +235,7 @@ struct module + + /* Sysfs stuff. */ + struct module_kobject mkobj; +- struct module_attribute *modinfo_attrs; ++ module_attribute_no_const *modinfo_attrs; + const char *version; + const char *srcversion; + struct kobject *holders_dir; +@@ -281,19 +284,16 @@ struct module int (*init)(void); /* If this is non-NULL, vfree after init() returns */ @@ -66308,7 +68949,7 @@ index 1375ee3..d631af0 100644 /* Arch-specific module values */ struct mod_arch_specific arch; -@@ -349,6 +348,10 @@ struct module +@@ -349,6 +349,10 @@ struct module #ifdef CONFIG_EVENT_TRACING struct ftrace_event_call **trace_events; unsigned int num_trace_events; @@ -66319,7 +68960,7 @@ index 1375ee3..d631af0 100644 #endif #ifdef CONFIG_FTRACE_MCOUNT_RECORD unsigned int num_ftrace_callsites; -@@ -396,16 +399,46 @@ bool is_module_address(unsigned long addr); +@@ -396,16 +400,46 @@ bool is_module_address(unsigned long addr); bool is_module_percpu_address(unsigned long addr); bool is_module_text_address(unsigned long addr); @@ -66469,6 +69110,19 @@ index 5a5ff57..5ae5070 100644 { return nd->saved_names[nd->depth]; } +diff --git a/include/linux/net.h b/include/linux/net.h +index aa16731..514b875 100644 +--- a/include/linux/net.h ++++ b/include/linux/net.h +@@ -183,7 +183,7 @@ struct net_proto_family { + int (*create)(struct net *net, struct socket *sock, + int protocol, int kern); + struct module *owner; +-}; ++} __do_const; + + struct iovec; + struct kvec; diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 9ef07d0..130a5d9 100644 --- a/include/linux/netdevice.h @@ -66490,6 +69144,19 @@ index 9ef07d0..130a5d9 100644 * Do not use this in drivers. */ +diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h +index ee14284..bc65d63 100644 +--- a/include/linux/netfilter.h ++++ b/include/linux/netfilter.h +@@ -82,7 +82,7 @@ struct nf_sockopt_ops { + #endif + /* Use the module struct to lock set/get code in place */ + struct module *owner; +-}; ++} __do_const; + + /* Function to register/unregister hook points. */ + int nf_register_hook(struct nf_hook_ops *reg); diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h index 7958e84..ed74d7a 100644 --- a/include/linux/netfilter/ipset/ip_set.h @@ -66531,6 +69198,19 @@ index 0000000..33f4af8 +}; + +#endif +diff --git a/include/linux/nls.h b/include/linux/nls.h +index 5dc635f..35f5e11 100644 +--- a/include/linux/nls.h ++++ b/include/linux/nls.h +@@ -31,7 +31,7 @@ struct nls_table { + const unsigned char *charset2upper; + struct module *owner; + struct nls_table *next; +-}; ++} __do_const; + + /* this value hold the maximum octet of charset */ + #define NLS_MAX_CHARSET_SIZE 6 /* for UTF-8 */ diff --git a/include/linux/notifier.h b/include/linux/notifier.h index d65746e..62e72c2 100644 --- a/include/linux/notifier.h @@ -66561,6 +69241,20 @@ index a4c5624..79d6d88 100644 /** create a directory */ struct dentry * oprofilefs_mkdir(struct super_block * sb, struct dentry * root, +diff --git a/include/linux/pci_hotplug.h b/include/linux/pci_hotplug.h +index 45fc162..01a4068 100644 +--- a/include/linux/pci_hotplug.h ++++ b/include/linux/pci_hotplug.h +@@ -80,7 +80,8 @@ struct hotplug_slot_ops { + int (*get_attention_status) (struct hotplug_slot *slot, u8 *value); + int (*get_latch_status) (struct hotplug_slot *slot, u8 *value); + int (*get_adapter_status) (struct hotplug_slot *slot, u8 *value); +-}; ++} __do_const; ++typedef struct hotplug_slot_ops __no_const hotplug_slot_ops_no_const; + + /** + * struct hotplug_slot_info - used to notify the hotplug pci core of the state of the slot diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h index 6bfb2faa..e5bc5e5 100644 --- a/include/linux/perf_event.h @@ -66626,6 +69320,32 @@ index 5f28cae..3d23723 100644 extern void s5p_ehci_set_platdata(struct s5p_ehci_platdata *pd); +diff --git a/include/linux/platform_data/usb-exynos.h b/include/linux/platform_data/usb-exynos.h +index c256c59..8ea94c7 100644 +--- a/include/linux/platform_data/usb-exynos.h ++++ b/include/linux/platform_data/usb-exynos.h +@@ -14,7 +14,7 @@ + struct exynos4_ohci_platdata { + int (*phy_init)(struct platform_device *pdev, int type); + int (*phy_exit)(struct platform_device *pdev, int type); +-}; ++} __no_const; + + extern void exynos4_ohci_set_platdata(struct exynos4_ohci_platdata *pd); + +diff --git a/include/linux/pm_domain.h b/include/linux/pm_domain.h +index 7c1d252..c5c773e 100644 +--- a/include/linux/pm_domain.h ++++ b/include/linux/pm_domain.h +@@ -48,7 +48,7 @@ struct gpd_dev_ops { + + struct gpd_cpu_data { + unsigned int saved_exit_latency; +- struct cpuidle_state *idle_state; ++ cpuidle_state_no_const *idle_state; + }; + + struct generic_pm_domain { diff --git a/include/linux/pm_runtime.h b/include/linux/pm_runtime.h index f271860..6b3bec5 100644 --- a/include/linux/pm_runtime.h @@ -66639,6 +69359,19 @@ index f271860..6b3bec5 100644 } #else /* !CONFIG_PM_RUNTIME */ +diff --git a/include/linux/pnp.h b/include/linux/pnp.h +index 195aafc..49a7bc2 100644 +--- a/include/linux/pnp.h ++++ b/include/linux/pnp.h +@@ -297,7 +297,7 @@ static inline void pnp_set_drvdata(struct pnp_dev *pdev, void *data) + struct pnp_fixup { + char id[7]; + void (*quirk_function) (struct pnp_dev * dev); /* fixup function */ +-}; ++} __do_const; + + /* config parameters */ + #define PNP_CONFIG_NORMAL 0x0001 diff --git a/include/linux/poison.h b/include/linux/poison.h index 2110a81..13a11bb 100644 --- a/include/linux/poison.h @@ -66667,6 +69400,19 @@ index c0f44c2..1572583 100644 /** * struct omap_sr_nvalue_table - Smartreflex n-target value info +diff --git a/include/linux/ppp-comp.h b/include/linux/ppp-comp.h +index 4ea1d37..80f4b33 100644 +--- a/include/linux/ppp-comp.h ++++ b/include/linux/ppp-comp.h +@@ -84,7 +84,7 @@ struct compressor { + struct module *owner; + /* Extra skb space needed by the compressor algorithm */ + unsigned int comp_extra; +-}; ++} __do_const; + + /* + * The return value from decompress routine is the length of the diff --git a/include/linux/printk.h b/include/linux/printk.h index 9afc01e..92c32e8 100644 --- a/include/linux/printk.h @@ -66727,6 +69473,54 @@ index d984608..d6f0042 100644 /* * Handle minimum values for seeds */ +diff --git a/include/linux/rculist.h b/include/linux/rculist.h +index c92dd28..08f4eab 100644 +--- a/include/linux/rculist.h ++++ b/include/linux/rculist.h +@@ -44,6 +44,9 @@ extern void __list_add_rcu(struct list_head *new, + struct list_head *prev, struct list_head *next); + #endif + ++extern void __pax_list_add_rcu(struct list_head *new, ++ struct list_head *prev, struct list_head *next); ++ + /** + * list_add_rcu - add a new entry to rcu-protected list + * @new: new entry to be added +@@ -65,6 +68,11 @@ static inline void list_add_rcu(struct list_head *new, struct list_head *head) + __list_add_rcu(new, head, head->next); + } + ++static inline void pax_list_add_rcu(struct list_head *new, struct list_head *head) ++{ ++ __pax_list_add_rcu(new, head, head->next); ++} ++ + /** + * list_add_tail_rcu - add a new entry to rcu-protected list + * @new: new entry to be added +@@ -87,6 +95,12 @@ static inline void list_add_tail_rcu(struct list_head *new, + __list_add_rcu(new, head->prev, head); + } + ++static inline void pax_list_add_tail_rcu(struct list_head *new, ++ struct list_head *head) ++{ ++ __pax_list_add_rcu(new, head->prev, head); ++} ++ + /** + * list_del_rcu - deletes entry from list without re-initialization + * @entry: the element to delete from the list. +@@ -117,6 +131,8 @@ static inline void list_del_rcu(struct list_head *entry) + entry->prev = LIST_POISON2; + } + ++extern void pax_list_del_rcu(struct list_head *entry); ++ + /** + * hlist_del_init_rcu - deletes entry from hash list with re-initialization + * @n: the element to delete from the hash list. diff --git a/include/linux/reboot.h b/include/linux/reboot.h index 23b3630..e1bc12b 100644 --- a/include/linux/reboot.h @@ -66822,7 +69616,7 @@ index c20635c..2f5def4 100644 static inline void anon_vma_merge(struct vm_area_struct *vma, struct vm_area_struct *next) diff --git a/include/linux/sched.h b/include/linux/sched.h -index d211247..d64a165 100644 +index d211247..a5cbf38b 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -61,6 +61,7 @@ struct bio_list; @@ -66887,6 +69681,15 @@ index d211247..d64a165 100644 /* Hash table maintenance information */ struct hlist_node uidhash_node; kuid_t uid; +@@ -1116,7 +1146,7 @@ struct sched_class { + #ifdef CONFIG_FAIR_GROUP_SCHED + void (*task_move_group) (struct task_struct *p, int on_rq); + #endif +-}; ++} __do_const; + + struct load_weight { + unsigned long weight, inv_weight; @@ -1360,8 +1390,8 @@ struct task_struct { struct list_head thread_group; @@ -67018,6 +69821,15 @@ index d211247..d64a165 100644 /* Future-safe accessor for struct task_struct's cpus_allowed. */ #define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) +@@ -1696,7 +1799,7 @@ struct pid_namespace; + pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type, + struct pid_namespace *ns); + +-static inline pid_t task_pid_nr(struct task_struct *tsk) ++static inline pid_t task_pid_nr(const struct task_struct *tsk) + { + return tsk->pid; + } @@ -2155,7 +2258,9 @@ void yield(void); extern struct exec_domain default_exec_domain; @@ -67405,6 +70217,19 @@ index 9db4825..ed42fb5 100644 void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node); #ifdef CONFIG_TRACING +diff --git a/include/linux/sock_diag.h b/include/linux/sock_diag.h +index e8d702e..0a56eb4 100644 +--- a/include/linux/sock_diag.h ++++ b/include/linux/sock_diag.h +@@ -10,7 +10,7 @@ struct sock; + struct sock_diag_handler { + __u8 family; + int (*dump)(struct sk_buff *skb, struct nlmsghdr *nlh); +-}; ++} __do_const; + + int sock_diag_register(const struct sock_diag_handler *h); + void sock_diag_unregister(const struct sock_diag_handler *h); diff --git a/include/linux/sonet.h b/include/linux/sonet.h index 680f9a3..f13aeb0 100644 --- a/include/linux/sonet.h @@ -67419,9 +70244,18 @@ index 680f9a3..f13aeb0 100644 #undef __HANDLE_ITEM }; diff --git a/include/linux/sunrpc/clnt.h b/include/linux/sunrpc/clnt.h -index 34206b8..f019e06 100644 +index 34206b8..3db7f1c 100644 --- a/include/linux/sunrpc/clnt.h +++ b/include/linux/sunrpc/clnt.h +@@ -96,7 +96,7 @@ struct rpc_procinfo { + unsigned int p_timer; /* Which RTT timer to use */ + u32 p_statidx; /* Which procedure to account */ + const char * p_name; /* name of procedure */ +-}; ++} __do_const; + + #ifdef __KERNEL__ + @@ -176,9 +176,9 @@ static inline unsigned short rpc_get_port(const struct sockaddr *sap) { switch (sap->sa_family) { @@ -67452,6 +70286,19 @@ index 34206b8..f019e06 100644 } #endif /* __KERNEL__ */ +diff --git a/include/linux/sunrpc/svc.h b/include/linux/sunrpc/svc.h +index 676ddf5..4c519a1 100644 +--- a/include/linux/sunrpc/svc.h ++++ b/include/linux/sunrpc/svc.h +@@ -410,7 +410,7 @@ struct svc_procedure { + unsigned int pc_count; /* call count */ + unsigned int pc_cachetype; /* cache info (NFS) */ + unsigned int pc_xdrressize; /* maximum size of XDR reply */ +-}; ++} __do_const; + + /* + * Function prototypes. diff --git a/include/linux/sunrpc/svc_rdma.h b/include/linux/sunrpc/svc_rdma.h index 0b8e3e6..33e0a01 100644 --- a/include/linux/sunrpc/svc_rdma.h @@ -67481,11 +70328,58 @@ index 0b8e3e6..33e0a01 100644 #define RPCRDMA_VERSION 1 +diff --git a/include/linux/sunrpc/svcauth.h b/include/linux/sunrpc/svcauth.h +index dd74084a..7f509d5 100644 +--- a/include/linux/sunrpc/svcauth.h ++++ b/include/linux/sunrpc/svcauth.h +@@ -109,7 +109,7 @@ struct auth_ops { + int (*release)(struct svc_rqst *rq); + void (*domain_release)(struct auth_domain *); + int (*set_client)(struct svc_rqst *rq); +-}; ++} __do_const; + + #define SVC_GARBAGE 1 + #define SVC_SYSERR 2 +diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h +index 071d62c..4ccc7ac 100644 +--- a/include/linux/swiotlb.h ++++ b/include/linux/swiotlb.h +@@ -59,7 +59,8 @@ extern void + + extern void + swiotlb_free_coherent(struct device *hwdev, size_t size, +- void *vaddr, dma_addr_t dma_handle); ++ void *vaddr, dma_addr_t dma_handle, ++ struct dma_attrs *attrs); + + extern dma_addr_t swiotlb_map_page(struct device *dev, struct page *page, + unsigned long offset, size_t size, +diff --git a/include/linux/syscore_ops.h b/include/linux/syscore_ops.h +index 27b3b0b..e093dd9 100644 +--- a/include/linux/syscore_ops.h ++++ b/include/linux/syscore_ops.h +@@ -16,7 +16,7 @@ struct syscore_ops { + int (*suspend)(void); + void (*resume)(void); + void (*shutdown)(void); +-}; ++} __do_const; + + extern void register_syscore_ops(struct syscore_ops *ops); + extern void unregister_syscore_ops(struct syscore_ops *ops); diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h -index 14a8ff2..21fe4c7 100644 +index 14a8ff2..af52bad 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h -@@ -41,6 +41,8 @@ typedef int proc_handler (struct ctl_table *ctl, int write, +@@ -34,13 +34,13 @@ struct ctl_table_root; + struct ctl_table_header; + struct ctl_dir; + +-typedef struct ctl_table ctl_table; +- + typedef int proc_handler (struct ctl_table *ctl, int write, + void __user *buffer, size_t *lenp, loff_t *ppos); extern int proc_dostring(struct ctl_table *, int, void __user *, size_t *, loff_t *); @@ -67494,19 +70388,67 @@ index 14a8ff2..21fe4c7 100644 extern int proc_dointvec(struct ctl_table *, int, void __user *, size_t *, loff_t *); extern int proc_dointvec_minmax(struct ctl_table *, int, +@@ -115,7 +115,9 @@ struct ctl_table + struct ctl_table_poll *poll; + void *extra1; + void *extra2; +-}; ++} __do_const; ++typedef struct ctl_table __no_const ctl_table_no_const; ++typedef struct ctl_table ctl_table; + + struct ctl_node { + struct rb_node node; +diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h +index 381f06d..dc16cc7 100644 +--- a/include/linux/sysfs.h ++++ b/include/linux/sysfs.h +@@ -31,7 +31,8 @@ struct attribute { + struct lock_class_key *key; + struct lock_class_key skey; + #endif +-}; ++} __do_const; ++typedef struct attribute __no_const attribute_no_const; + + /** + * sysfs_attr_init - initialize a dynamically allocated sysfs attribute +@@ -59,8 +60,8 @@ struct attribute_group { + umode_t (*is_visible)(struct kobject *, + struct attribute *, int); + struct attribute **attrs; +-}; +- ++} __do_const; ++typedef struct attribute_group __no_const attribute_group_no_const; + + + /** +@@ -107,7 +108,8 @@ struct bin_attribute { + char *, loff_t, size_t); + int (*mmap)(struct file *, struct kobject *, struct bin_attribute *attr, + struct vm_area_struct *vma); +-}; ++} __do_const; ++typedef struct bin_attribute __no_const bin_attribute_no_const; + + /** + * sysfs_bin_attr_init - initialize a dynamically allocated bin_attribute diff --git a/include/linux/sysrq.h b/include/linux/sysrq.h -index 7faf933..c1ad32c 100644 +index 7faf933..4657127 100644 --- a/include/linux/sysrq.h +++ b/include/linux/sysrq.h -@@ -15,6 +15,7 @@ +@@ -15,7 +15,9 @@ #define _LINUX_SYSRQ_H #include +#include #include ++#include /* Enable/disable SYSRQ support by default (0==no, 1==yes). */ -@@ -36,7 +37,7 @@ struct sysrq_key_op { + #define SYSRQ_DEFAULT_ENABLE 1 +@@ -36,7 +38,7 @@ struct sysrq_key_op { char *help_msg; char *action_msg; int enable_mask; @@ -67634,15 +70576,17 @@ index 5ca0951..ab496a5 100644 }) diff --git a/include/linux/uidgid.h b/include/linux/uidgid.h -index 8e522cbc..1b67af5 100644 +index 8e522cbc..aa8572d 100644 --- a/include/linux/uidgid.h +++ b/include/linux/uidgid.h -@@ -197,4 +197,7 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) +@@ -197,4 +197,9 @@ static inline bool kgid_has_mapping(struct user_namespace *ns, kgid_t gid) #endif /* CONFIG_USER_NS */ +#define GR_GLOBAL_UID(x) from_kuid_munged(&init_user_ns, (x)) +#define GR_GLOBAL_GID(x) from_kgid_munged(&init_user_ns, (x)) ++#define gr_is_global_root(x) uid_eq((x), GLOBAL_ROOT_UID) ++#define gr_is_global_nonroot(x) (!uid_eq((x), GLOBAL_ROOT_UID)) + #endif /* _LINUX_UIDGID_H */ diff --git a/include/linux/unaligned/access_ok.h b/include/linux/unaligned/access_ok.h @@ -67894,6 +70838,19 @@ index a13291f..af51fa3 100644 } static inline void __dec_zone_page_state(struct page *page, +diff --git a/include/linux/xattr.h b/include/linux/xattr.h +index fdbafc6..b7ffd47 100644 +--- a/include/linux/xattr.h ++++ b/include/linux/xattr.h +@@ -28,7 +28,7 @@ struct xattr_handler { + size_t size, int handler_flags); + int (*set)(struct dentry *dentry, const char *name, const void *buffer, + size_t size, int flags, int handler_flags); +-}; ++} __do_const; + + struct xattr { + char *name; diff --git a/include/media/v4l2-dev.h b/include/media/v4l2-dev.h index 95d1c91..6798cca 100644 --- a/include/media/v4l2-dev.h @@ -67919,6 +70876,32 @@ index 4118ad1..cb7e25f 100644 /* v4l debugging and diagnostics */ /* Debug bitmask flags to be used on V4L2 */ +diff --git a/include/net/9p/transport.h b/include/net/9p/transport.h +index adcbb20..62c2559 100644 +--- a/include/net/9p/transport.h ++++ b/include/net/9p/transport.h +@@ -57,7 +57,7 @@ struct p9_trans_module { + int (*cancel) (struct p9_client *, struct p9_req_t *req); + int (*zc_request)(struct p9_client *, struct p9_req_t *, + char *, char *, int , int, int, int); +-}; ++} __do_const; + + void v9fs_register_trans(struct p9_trans_module *m); + void v9fs_unregister_trans(struct p9_trans_module *m); +diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h +index 7588ef4..e62d35f 100644 +--- a/include/net/bluetooth/l2cap.h ++++ b/include/net/bluetooth/l2cap.h +@@ -552,7 +552,7 @@ struct l2cap_ops { + void (*defer) (struct l2cap_chan *chan); + struct sk_buff *(*alloc_skb) (struct l2cap_chan *chan, + unsigned long len, int nb); +-}; ++} __do_const; + + struct l2cap_conn { + struct hci_conn *hcon; diff --git a/include/net/caif/cfctrl.h b/include/net/caif/cfctrl.h index 9e5425b..8136ffc 100644 --- a/include/net/caif/cfctrl.h @@ -67955,6 +70938,19 @@ index 628e11b..4c475df 100644 +extern atomic_unchecked_t flow_cache_genid; #endif +diff --git a/include/net/genetlink.h b/include/net/genetlink.h +index bdfbe68..4402ebe 100644 +--- a/include/net/genetlink.h ++++ b/include/net/genetlink.h +@@ -118,7 +118,7 @@ struct genl_ops { + struct netlink_callback *cb); + int (*done)(struct netlink_callback *cb); + struct list_head ops_list; +-}; ++} __do_const; + + extern int genl_register_family(struct genl_family *family); + extern int genl_register_family_with_ops(struct genl_family *family, diff --git a/include/net/gro_cells.h b/include/net/gro_cells.h index e5062c9..48a9a4b 100644 --- a/include/net/gro_cells.h @@ -68021,6 +71017,19 @@ index 53f464d..ba76aaa 100644 return new; } +diff --git a/include/net/ip.h b/include/net/ip.h +index a68f838..74518ab 100644 +--- a/include/net/ip.h ++++ b/include/net/ip.h +@@ -202,7 +202,7 @@ extern struct local_ports { + } sysctl_local_ports; + extern void inet_get_local_port_range(int *low, int *high); + +-extern unsigned long *sysctl_local_reserved_ports; ++extern unsigned long sysctl_local_reserved_ports[65536 / 8 / sizeof(unsigned long)]; + static inline int inet_is_reserved_local_port(int port) + { + return test_bit(port, sysctl_local_reserved_ports); diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h index 9497be1..5a4fafe 100644 --- a/include/net/ip_fib.h @@ -68035,7 +71044,7 @@ index 9497be1..5a4fafe 100644 fib_info_update_nh_saddr((net), &FIB_RES_NH(res))) #define FIB_RES_GW(res) (FIB_RES_NH(res).nh_gw) diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h -index 68c69d5..2ee192b 100644 +index 68c69d5..bdab192 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -599,7 +599,7 @@ struct ip_vs_conn { @@ -68056,6 +71065,20 @@ index 68c69d5..2ee192b 100644 atomic_t weight; /* server weight */ atomic_t refcnt; /* reference counter */ +@@ -980,11 +980,11 @@ struct netns_ipvs { + /* ip_vs_lblc */ + int sysctl_lblc_expiration; + struct ctl_table_header *lblc_ctl_header; +- struct ctl_table *lblc_ctl_table; ++ ctl_table_no_const *lblc_ctl_table; + /* ip_vs_lblcr */ + int sysctl_lblcr_expiration; + struct ctl_table_header *lblcr_ctl_header; +- struct ctl_table *lblcr_ctl_table; ++ ctl_table_no_const *lblcr_ctl_table; + /* ip_vs_est */ + struct list_head est_list; /* estimator list */ + spinlock_t est_lock; diff --git a/include/net/irda/ircomm_tty.h b/include/net/irda/ircomm_tty.h index 80ffde3..968b0f4 100644 --- a/include/net/irda/ircomm_tty.h @@ -68081,6 +71104,86 @@ index cc7c197..9f2da2a 100644 }; unsigned int iucv_sock_poll(struct file *file, struct socket *sock, +diff --git a/include/net/llc_c_ac.h b/include/net/llc_c_ac.h +index df83f69..9b640b8 100644 +--- a/include/net/llc_c_ac.h ++++ b/include/net/llc_c_ac.h +@@ -87,7 +87,7 @@ + #define LLC_CONN_AC_STOP_SENDACK_TMR 70 + #define LLC_CONN_AC_START_SENDACK_TMR_IF_NOT_RUNNING 71 + +-typedef int (*llc_conn_action_t)(struct sock *sk, struct sk_buff *skb); ++typedef int (* const llc_conn_action_t)(struct sock *sk, struct sk_buff *skb); + + extern int llc_conn_ac_clear_remote_busy(struct sock *sk, struct sk_buff *skb); + extern int llc_conn_ac_conn_ind(struct sock *sk, struct sk_buff *skb); +diff --git a/include/net/llc_c_ev.h b/include/net/llc_c_ev.h +index 6ca3113..f8026dd 100644 +--- a/include/net/llc_c_ev.h ++++ b/include/net/llc_c_ev.h +@@ -125,8 +125,8 @@ static __inline__ struct llc_conn_state_ev *llc_conn_ev(struct sk_buff *skb) + return (struct llc_conn_state_ev *)skb->cb; + } + +-typedef int (*llc_conn_ev_t)(struct sock *sk, struct sk_buff *skb); +-typedef int (*llc_conn_ev_qfyr_t)(struct sock *sk, struct sk_buff *skb); ++typedef int (* const llc_conn_ev_t)(struct sock *sk, struct sk_buff *skb); ++typedef int (* const llc_conn_ev_qfyr_t)(struct sock *sk, struct sk_buff *skb); + + extern int llc_conn_ev_conn_req(struct sock *sk, struct sk_buff *skb); + extern int llc_conn_ev_data_req(struct sock *sk, struct sk_buff *skb); +diff --git a/include/net/llc_c_st.h b/include/net/llc_c_st.h +index 0e79cfb..f46db31 100644 +--- a/include/net/llc_c_st.h ++++ b/include/net/llc_c_st.h +@@ -37,7 +37,7 @@ struct llc_conn_state_trans { + u8 next_state; + llc_conn_ev_qfyr_t *ev_qualifiers; + llc_conn_action_t *ev_actions; +-}; ++} __do_const; + + struct llc_conn_state { + u8 current_state; +diff --git a/include/net/llc_s_ac.h b/include/net/llc_s_ac.h +index 37a3bbd..55a4241 100644 +--- a/include/net/llc_s_ac.h ++++ b/include/net/llc_s_ac.h +@@ -23,7 +23,7 @@ + #define SAP_ACT_TEST_IND 9 + + /* All action functions must look like this */ +-typedef int (*llc_sap_action_t)(struct llc_sap *sap, struct sk_buff *skb); ++typedef int (* const llc_sap_action_t)(struct llc_sap *sap, struct sk_buff *skb); + + extern int llc_sap_action_unitdata_ind(struct llc_sap *sap, + struct sk_buff *skb); +diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h +index 567c681..cd73ac0 100644 +--- a/include/net/llc_s_st.h ++++ b/include/net/llc_s_st.h +@@ -20,7 +20,7 @@ struct llc_sap_state_trans { + llc_sap_ev_t ev; + u8 next_state; + llc_sap_action_t *ev_actions; +-}; ++} __do_const; + + struct llc_sap_state { + u8 curr_state; +diff --git a/include/net/mac80211.h b/include/net/mac80211.h +index ee50c5e..1bc3b1a 100644 +--- a/include/net/mac80211.h ++++ b/include/net/mac80211.h +@@ -3996,7 +3996,7 @@ struct rate_control_ops { + void (*add_sta_debugfs)(void *priv, void *priv_sta, + struct dentry *dir); + void (*remove_sta_debugfs)(void *priv, void *priv_sta); +-}; ++} __do_const; + + static inline int rate_supported(struct ieee80211_sta *sta, + enum ieee80211_band band, diff --git a/include/net/neighbour.h b/include/net/neighbour.h index 0dab173..1b76af0 100644 --- a/include/net/neighbour.h @@ -68095,7 +71198,7 @@ index 0dab173..1b76af0 100644 struct pneigh_entry { struct pneigh_entry *next; diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h -index de644bc..666aed3 100644 +index de644bc..351fd4e 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -115,7 +115,7 @@ struct net { @@ -68107,6 +71210,15 @@ index de644bc..666aed3 100644 }; /* +@@ -282,7 +282,7 @@ struct pernet_operations { + void (*exit_batch)(struct list_head *net_exit_list); + int *id; + size_t size; +-}; ++} __do_const; + + /* + * Use these carefully. If you implement a network device and it @@ -330,12 +330,12 @@ static inline void unregister_net_sysctl_table(struct ctl_table_header *header) static inline int rt_genid(struct net *net) @@ -68148,6 +71260,32 @@ index 9690b0f..87aded7 100644 } /** +diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h +index 923cb20..deae816 100644 +--- a/include/net/netns/conntrack.h ++++ b/include/net/netns/conntrack.h +@@ -12,10 +12,10 @@ struct nf_conntrack_ecache; + struct nf_proto_net { + #ifdef CONFIG_SYSCTL + struct ctl_table_header *ctl_table_header; +- struct ctl_table *ctl_table; ++ ctl_table_no_const *ctl_table; + #ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT + struct ctl_table_header *ctl_compat_header; +- struct ctl_table *ctl_compat_table; ++ ctl_table_no_const *ctl_compat_table; + #endif + #endif + unsigned int users; +@@ -58,7 +58,7 @@ struct nf_ip_net { + struct nf_icmp_net icmpv6; + #if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT) + struct ctl_table_header *ctl_table_header; +- struct ctl_table *ctl_table; ++ ctl_table_no_const *ctl_table; + #endif + }; + diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index 2ae2b83..dbdc85e 100644 --- a/include/net/netns/ipv4.h @@ -68183,6 +71321,19 @@ index 047c047..b9dad15 100644 #define INET6_PROTO_NOPOLICY 0x1 #define INET6_PROTO_FINAL 0x2 +diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h +index 5a15fab..d799ea7 100644 +--- a/include/net/rtnetlink.h ++++ b/include/net/rtnetlink.h +@@ -81,7 +81,7 @@ struct rtnl_link_ops { + const struct net_device *dev); + unsigned int (*get_num_tx_queues)(void); + unsigned int (*get_num_rx_queues)(void); +-}; ++} __do_const; + + extern int __rtnl_link_register(struct rtnl_link_ops *ops); + extern void __rtnl_link_unregister(struct rtnl_link_ops *ops); diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h index 7fdf298..197e9f7 100644 --- a/include/net/sctp/sctp.h @@ -68200,19 +71351,32 @@ index 7fdf298..197e9f7 100644 #define SCTP_ENABLE_DEBUG #define SCTP_DISABLE_DEBUG #define SCTP_ASSERT(expr, str, func) +diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h +index 2a82d13..62a31c2 100644 +--- a/include/net/sctp/sm.h ++++ b/include/net/sctp/sm.h +@@ -87,7 +87,7 @@ typedef void (sctp_timer_event_t) (unsigned long); + typedef struct { + sctp_state_fn_t *fn; + const char *name; +-} sctp_sm_table_entry_t; ++} __do_const sctp_sm_table_entry_t; + + /* A naming convention of "sctp_sf_xxx" applies to all the state functions + * currently in use. +@@ -299,7 +299,7 @@ __u32 sctp_generate_tag(const struct sctp_endpoint *); + __u32 sctp_generate_tsn(const struct sctp_endpoint *); + + /* Extern declarations for major data structures. */ +-extern sctp_timer_event_t *sctp_timer_events[SCTP_NUM_TIMEOUT_TYPES]; ++extern sctp_timer_event_t * const sctp_timer_events[SCTP_NUM_TIMEOUT_TYPES]; + + + /* Get the size of a DATA chunk payload. */ diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h -index fdeb85a..0c554d5 100644 +index fdeb85a..1329d95 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h -@@ -497,7 +497,7 @@ struct sctp_af { - int sockaddr_len; - sa_family_t sa_family; - struct list_head list; --}; -+} __do_const; - - struct sctp_af *sctp_get_af_specific(sa_family_t); - int sctp_register_af(struct sctp_af *); @@ -517,7 +517,7 @@ struct sctp_pf { struct sctp_association *asoc); void (*addr_v4map) (struct sctp_sock *, union sctp_addr *); @@ -68287,9 +71451,27 @@ index aed42c7..43890c6 100644 #define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0])) diff --git a/include/net/xfrm.h b/include/net/xfrm.h -index 63445ed..74ef61d 100644 +index 63445ed..d6fc34f 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h +@@ -304,7 +304,7 @@ struct xfrm_policy_afinfo { + struct net_device *dev, + const struct flowi *fl); + struct dst_entry *(*blackhole_route)(struct net *net, struct dst_entry *orig); +-}; ++} __do_const; + + extern int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo); + extern int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo); +@@ -340,7 +340,7 @@ struct xfrm_state_afinfo { + struct sk_buff *skb); + int (*transport_finish)(struct sk_buff *skb, + int async); +-}; ++} __do_const; + + extern int xfrm_state_register_afinfo(struct xfrm_state_afinfo *afinfo); + extern int xfrm_state_unregister_afinfo(struct xfrm_state_afinfo *afinfo); @@ -423,7 +423,7 @@ struct xfrm_mode { struct module *owner; unsigned int encap; @@ -69075,7 +72257,7 @@ index 84c6bf1..8899338 100644 next_state = Reset; return 0; diff --git a/init/main.c b/init/main.c -index cee4b5c..9c267d9 100644 +index cee4b5c..6a3402b 100644 --- a/init/main.c +++ b/init/main.c @@ -96,6 +96,8 @@ static inline void mark_rodata_ro(void) { } @@ -69177,18 +72359,7 @@ index cee4b5c..9c267d9 100644 } return ret; -@@ -743,6 +801,10 @@ static char *initcall_level_names[] __initdata = { - "late", - }; - -+#ifdef CONFIG_PAX_LATENT_ENTROPY -+u64 latent_entropy; -+#endif -+ - static void __init do_initcall_level(int level) - { - extern const struct kernel_param __start___param[], __stop___param[]; -@@ -755,8 +817,14 @@ static void __init do_initcall_level(int level) +@@ -755,8 +813,14 @@ static void __init do_initcall_level(int level) level, level, &repair_env_string); @@ -69197,14 +72368,14 @@ index cee4b5c..9c267d9 100644 do_one_initcall(*fn); + +#ifdef CONFIG_PAX_LATENT_ENTROPY -+ add_device_randomness(&latent_entropy, sizeof(latent_entropy)); ++ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy)); +#endif + + } } static void __init do_initcalls(void) -@@ -790,8 +858,14 @@ static void __init do_pre_smp_initcalls(void) +@@ -790,8 +854,14 @@ static void __init do_pre_smp_initcalls(void) { initcall_t *fn; @@ -69213,14 +72384,14 @@ index cee4b5c..9c267d9 100644 do_one_initcall(*fn); + +#ifdef CONFIG_PAX_LATENT_ENTROPY -+ add_device_randomness(&latent_entropy, sizeof(latent_entropy)); ++ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy)); +#endif + + } } static int run_init_process(const char *init_filename) -@@ -877,7 +951,7 @@ static noinline void __init kernel_init_freeable(void) +@@ -877,7 +947,7 @@ static noinline void __init kernel_init_freeable(void) do_basic_setup(); /* Open the /dev/console on the rootfs, this should never fail */ @@ -69229,7 +72400,7 @@ index cee4b5c..9c267d9 100644 printk(KERN_WARNING "Warning: unable to open an initial console.\n"); (void) sys_dup(0); -@@ -890,11 +964,13 @@ static noinline void __init kernel_init_freeable(void) +@@ -890,11 +960,13 @@ static noinline void __init kernel_init_freeable(void) if (!ramdisk_execute_command) ramdisk_execute_command = "/init"; @@ -69244,6 +72415,68 @@ index cee4b5c..9c267d9 100644 /* * Ok, we have completed the initial bootup, and * we're essentially up and running. Get rid of the +diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c +index 130dfec..cc88451 100644 +--- a/ipc/ipc_sysctl.c ++++ b/ipc/ipc_sysctl.c +@@ -30,7 +30,7 @@ static void *get_ipc(ctl_table *table) + static int proc_ipc_dointvec(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table ipc_table; ++ ctl_table_no_const ipc_table; + + memcpy(&ipc_table, table, sizeof(ipc_table)); + ipc_table.data = get_ipc(table); +@@ -41,7 +41,7 @@ static int proc_ipc_dointvec(ctl_table *table, int write, + static int proc_ipc_dointvec_minmax(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table ipc_table; ++ ctl_table_no_const ipc_table; + + memcpy(&ipc_table, table, sizeof(ipc_table)); + ipc_table.data = get_ipc(table); +@@ -65,7 +65,7 @@ static int proc_ipc_dointvec_minmax_orphans(ctl_table *table, int write, + static int proc_ipc_callback_dointvec(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table ipc_table; ++ ctl_table_no_const ipc_table; + size_t lenp_bef = *lenp; + int rc; + +@@ -88,7 +88,7 @@ static int proc_ipc_callback_dointvec(ctl_table *table, int write, + static int proc_ipc_doulongvec_minmax(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table ipc_table; ++ ctl_table_no_const ipc_table; + memcpy(&ipc_table, table, sizeof(ipc_table)); + ipc_table.data = get_ipc(table); + +@@ -122,7 +122,7 @@ static void ipc_auto_callback(int val) + static int proc_ipcauto_dointvec_minmax(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table ipc_table; ++ ctl_table_no_const ipc_table; + size_t lenp_bef = *lenp; + int oldval; + int rc; +diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c +index 383d638..943fdbb 100644 +--- a/ipc/mq_sysctl.c ++++ b/ipc/mq_sysctl.c +@@ -25,7 +25,7 @@ static void *get_mq(ctl_table *table) + static int proc_mq_dointvec_minmax(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table mq_table; ++ ctl_table_no_const mq_table; + memcpy(&mq_table, table, sizeof(mq_table)); + mq_table.data = get_mq(table); + diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 71a3ca1..cc330ee 100644 --- a/ipc/mqueue.c @@ -69257,7 +72490,7 @@ index 71a3ca1..cc330ee 100644 if (u->mq_bytes + mq_bytes < u->mq_bytes || u->mq_bytes + mq_bytes > rlimit(RLIMIT_MSGQUEUE)) { diff --git a/ipc/msg.c b/ipc/msg.c -index 950572f..266c15f 100644 +index 31cd1bf..362ea07 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -309,18 +309,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg) @@ -70165,7 +73398,7 @@ index b4df219..f13c02d 100644 { struct signal_struct *sig = current->signal; diff --git a/kernel/fork.c b/kernel/fork.c -index c535f33..1d768f9 100644 +index 5630e52..0cee608 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -318,7 +318,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) @@ -70414,7 +73647,7 @@ index c535f33..1d768f9 100644 return 0; } -@@ -1193,6 +1243,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1196,6 +1246,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); #endif retval = -EAGAIN; @@ -70424,7 +73657,7 @@ index c535f33..1d768f9 100644 if (atomic_read(&p->real_cred->user->processes) >= task_rlimit(p, RLIMIT_NPROC)) { if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) && -@@ -1432,6 +1485,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1435,6 +1488,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, goto bad_fork_free_pid; } @@ -70436,7 +73669,7 @@ index c535f33..1d768f9 100644 if (clone_flags & CLONE_THREAD) { current->signal->nr_threads++; atomic_inc(¤t->signal->live); -@@ -1515,6 +1573,8 @@ bad_fork_cleanup_count: +@@ -1518,6 +1576,8 @@ bad_fork_cleanup_count: bad_fork_free: free_task(p); fork_out: @@ -70445,7 +73678,7 @@ index c535f33..1d768f9 100644 return ERR_PTR(retval); } -@@ -1565,6 +1625,23 @@ long do_fork(unsigned long clone_flags, +@@ -1568,6 +1628,23 @@ long do_fork(unsigned long clone_flags, return -EINVAL; } @@ -70469,7 +73702,7 @@ index c535f33..1d768f9 100644 /* * Determine whether and which event to report to ptracer. When * called from kernel_thread or CLONE_UNTRACED is explicitly -@@ -1599,6 +1676,8 @@ long do_fork(unsigned long clone_flags, +@@ -1602,6 +1679,8 @@ long do_fork(unsigned long clone_flags, if (clone_flags & CLONE_PARENT_SETTID) put_user(nr, parent_tidptr); @@ -70478,7 +73711,7 @@ index c535f33..1d768f9 100644 if (clone_flags & CLONE_VFORK) { p->vfork_done = &vfork; init_completion(&vfork); -@@ -1752,7 +1831,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) +@@ -1755,7 +1834,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) return 0; /* don't need lock here; in the worst case we'll do useless copy */ @@ -70487,7 +73720,7 @@ index c535f33..1d768f9 100644 return 0; *new_fsp = copy_fs_struct(fs); -@@ -1866,7 +1945,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -1869,7 +1948,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) fs = current->fs; spin_lock(&fs->lock); current->fs = new_fs; @@ -70767,7 +74000,7 @@ index 5e4bd78..00c5b91 100644 /* Don't allow clients that don't understand the native diff --git a/kernel/kmod.c b/kernel/kmod.c -index 0023a87..b893e79 100644 +index 0023a87..9c0c068 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -74,7 +74,7 @@ static void free_modprobe_argv(struct subprocess_info *info) @@ -70904,6 +74137,15 @@ index 0023a87..b893e79 100644 /* * If ret is 0, either ____call_usermodehelper failed and the +@@ -635,7 +688,7 @@ EXPORT_SYMBOL(call_usermodehelper_fns); + static int proc_cap_handler(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table t; ++ ctl_table_no_const t; + unsigned long cap_array[_KERNEL_CAPABILITY_U32S]; + kernel_cap_t new_cap; + int err, i; diff --git a/kernel/kprobes.c b/kernel/kprobes.c index 098f396..fe85ff1 100644 --- a/kernel/kprobes.c @@ -70959,7 +74201,7 @@ index 098f396..fe85ff1 100644 head = &kprobe_table[i]; preempt_disable(); diff --git a/kernel/ksysfs.c b/kernel/ksysfs.c -index 6ada93c..55baf4d 100644 +index 6ada93c..dce7d5d 100644 --- a/kernel/ksysfs.c +++ b/kernel/ksysfs.c @@ -46,6 +46,8 @@ static ssize_t uevent_helper_store(struct kobject *kobj, @@ -70971,6 +74213,15 @@ index 6ada93c..55baf4d 100644 memcpy(uevent_helper, buf, count); uevent_helper[count] = '\0'; if (count && uevent_helper[count-1] == '\n') +@@ -172,7 +174,7 @@ static ssize_t notes_read(struct file *filp, struct kobject *kobj, + return count; + } + +-static struct bin_attribute notes_attr = { ++static bin_attribute_no_const notes_attr __read_only = { + .attr = { + .name = "notes", + .mode = S_IRUGO, diff --git a/kernel/lockdep.c b/kernel/lockdep.c index 7981e5b..7f2105c 100644 --- a/kernel/lockdep.c @@ -71053,7 +74304,7 @@ index b2c71c5..7b88d63 100644 seq_printf(m, "%40s %14lu %29s %pS\n", name, stats->contending_point[i], diff --git a/kernel/module.c b/kernel/module.c -index eab0827..75ede66 100644 +index eab0827..f488603 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -61,6 +61,7 @@ @@ -71128,6 +74379,24 @@ index eab0827..75ede66 100644 static inline bool sect_empty(const Elf_Shdr *sect) { return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0; +@@ -1451,7 +1453,7 @@ static void add_notes_attrs(struct module *mod, const struct load_info *info) + { + unsigned int notes, loaded, i; + struct module_notes_attrs *notes_attrs; +- struct bin_attribute *nattr; ++ bin_attribute_no_const *nattr; + + /* failed to create section attributes, so can't create notes */ + if (!mod->sect_attrs) +@@ -1563,7 +1565,7 @@ static void del_usage_links(struct module *mod) + static int module_add_modinfo_attrs(struct module *mod) + { + struct module_attribute *attr; +- struct module_attribute *temp_attr; ++ module_attribute_no_const *temp_attr; + int error = 0; + int i; + @@ -1777,21 +1779,21 @@ static void set_section_ro_nx(void *base, static void unset_module_core_ro_nx(struct module *mod) @@ -72050,6 +75319,19 @@ index f2c6a68..4922d97 100644 struct pid *get_task_pid(struct task_struct *task, enum pid_type type) { struct pid *pid; +diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c +index c1c3dc1..bbeaf31 100644 +--- a/kernel/pid_namespace.c ++++ b/kernel/pid_namespace.c +@@ -248,7 +248,7 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { + struct pid_namespace *pid_ns = task_active_pid_ns(current); +- struct ctl_table tmp = *table; ++ ctl_table_no_const tmp = *table; + + if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) + return -EPERM; diff --git a/kernel/posix-cpu-timers.c b/kernel/posix-cpu-timers.c index 942ca27..111e609 100644 --- a/kernel/posix-cpu-timers.c @@ -72915,7 +76197,7 @@ index 4b69291..704c92e 100644 unsigned long jiffies_force_qs; /* Time at which to invoke */ /* force_quiescent_state(). */ diff --git a/kernel/rcutree_plugin.h b/kernel/rcutree_plugin.h -index c1cc7e1..5043e0e 100644 +index c1cc7e1..f62e436 100644 --- a/kernel/rcutree_plugin.h +++ b/kernel/rcutree_plugin.h @@ -892,7 +892,7 @@ void synchronize_rcu_expedited(void) @@ -72927,6 +76209,15 @@ index c1cc7e1..5043e0e 100644 unlock_mb_ret: mutex_unlock(&sync_rcu_preempt_exp_mutex); mb_ret: +@@ -1440,7 +1440,7 @@ static void rcu_boost_kthread_setaffinity(struct rcu_node *rnp, int outgoingcpu) + free_cpumask_var(cm); + } + +-static struct smp_hotplug_thread rcu_cpu_thread_spec = { ++static struct smp_hotplug_thread rcu_cpu_thread_spec __read_only = { + .store = &rcu_cpu_kthread_task, + .thread_should_run = rcu_cpu_kthread_should_run, + .thread_fn = rcu_cpu_kthread, @@ -2072,7 +2072,7 @@ static void print_cpu_stall_info(struct rcu_state *rsp, int cpu) print_cpu_stall_fast_no_hz(fast_no_hz, cpu); printk(KERN_ERR "\t%d: (%lu %s) idle=%03x/%llx/%d %s\n", @@ -73162,7 +76453,7 @@ index 0984a21..939f183 100644 #ifdef CONFIG_RT_GROUP_SCHED /* diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index 26058d0..06f15dd 100644 +index 26058d0..f9d3c76 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -3631,6 +3631,8 @@ int can_nice(const struct task_struct *p, const int nice) @@ -73192,7 +76483,121 @@ index 26058d0..06f15dd 100644 /* can't set/change the rt policy */ if (policy != p->policy && !rlim_rtprio) return -EPERM; -@@ -5162,7 +5166,7 @@ migration_call(struct notifier_block *nfb, unsigned long action, void *hcpu) +@@ -4901,7 +4905,7 @@ static void migrate_tasks(unsigned int dead_cpu) + + #if defined(CONFIG_SCHED_DEBUG) && defined(CONFIG_SYSCTL) + +-static struct ctl_table sd_ctl_dir[] = { ++static ctl_table_no_const sd_ctl_dir[] __read_only = { + { + .procname = "sched_domain", + .mode = 0555, +@@ -4918,17 +4922,17 @@ static struct ctl_table sd_ctl_root[] = { + {} + }; + +-static struct ctl_table *sd_alloc_ctl_entry(int n) ++static ctl_table_no_const *sd_alloc_ctl_entry(int n) + { +- struct ctl_table *entry = ++ ctl_table_no_const *entry = + kcalloc(n, sizeof(struct ctl_table), GFP_KERNEL); + + return entry; + } + +-static void sd_free_ctl_entry(struct ctl_table **tablep) ++static void sd_free_ctl_entry(ctl_table_no_const *tablep) + { +- struct ctl_table *entry; ++ ctl_table_no_const *entry; + + /* + * In the intermediate directories, both the child directory and +@@ -4936,22 +4940,25 @@ static void sd_free_ctl_entry(struct ctl_table **tablep) + * will always be set. In the lowest directory the names are + * static strings and all have proc handlers. + */ +- for (entry = *tablep; entry->mode; entry++) { +- if (entry->child) +- sd_free_ctl_entry(&entry->child); ++ for (entry = tablep; entry->mode; entry++) { ++ if (entry->child) { ++ sd_free_ctl_entry(entry->child); ++ pax_open_kernel(); ++ entry->child = NULL; ++ pax_close_kernel(); ++ } + if (entry->proc_handler == NULL) + kfree(entry->procname); + } + +- kfree(*tablep); +- *tablep = NULL; ++ kfree(tablep); + } + + static int min_load_idx = 0; + static int max_load_idx = CPU_LOAD_IDX_MAX; + + static void +-set_table_entry(struct ctl_table *entry, ++set_table_entry(ctl_table_no_const *entry, + const char *procname, void *data, int maxlen, + umode_t mode, proc_handler *proc_handler, + bool load_idx) +@@ -4971,7 +4978,7 @@ set_table_entry(struct ctl_table *entry, + static struct ctl_table * + sd_alloc_ctl_domain_table(struct sched_domain *sd) + { +- struct ctl_table *table = sd_alloc_ctl_entry(13); ++ ctl_table_no_const *table = sd_alloc_ctl_entry(13); + + if (table == NULL) + return NULL; +@@ -5006,9 +5013,9 @@ sd_alloc_ctl_domain_table(struct sched_domain *sd) + return table; + } + +-static ctl_table *sd_alloc_ctl_cpu_table(int cpu) ++static ctl_table_no_const *sd_alloc_ctl_cpu_table(int cpu) + { +- struct ctl_table *entry, *table; ++ ctl_table_no_const *entry, *table; + struct sched_domain *sd; + int domain_num = 0, i; + char buf[32]; +@@ -5035,11 +5042,13 @@ static struct ctl_table_header *sd_sysctl_header; + static void register_sched_domain_sysctl(void) + { + int i, cpu_num = num_possible_cpus(); +- struct ctl_table *entry = sd_alloc_ctl_entry(cpu_num + 1); ++ ctl_table_no_const *entry = sd_alloc_ctl_entry(cpu_num + 1); + char buf[32]; + + WARN_ON(sd_ctl_dir[0].child); ++ pax_open_kernel(); + sd_ctl_dir[0].child = entry; ++ pax_close_kernel(); + + if (entry == NULL) + return; +@@ -5062,8 +5071,12 @@ static void unregister_sched_domain_sysctl(void) + if (sd_sysctl_header) + unregister_sysctl_table(sd_sysctl_header); + sd_sysctl_header = NULL; +- if (sd_ctl_dir[0].child) +- sd_free_ctl_entry(&sd_ctl_dir[0].child); ++ if (sd_ctl_dir[0].child) { ++ sd_free_ctl_entry(sd_ctl_dir[0].child); ++ pax_open_kernel(); ++ sd_ctl_dir[0].child = NULL; ++ pax_close_kernel(); ++ } + } + #else + static void register_sched_domain_sysctl(void) +@@ -5162,7 +5175,7 @@ migration_call(struct notifier_block *nfb, unsigned long action, void *hcpu) * happens before everything else. This has to be lower priority than * the notifier in the perf_event subsystem, though. */ @@ -73265,7 +76670,7 @@ index 81fa536..6ccf96a 100644 int this_cpu = smp_processor_id(); struct rq *this_rq = cpu_rq(this_cpu); diff --git a/kernel/signal.c b/kernel/signal.c -index 3d09cf6..a67d2c6 100644 +index 3d09cf6..8988390 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -50,12 +50,12 @@ static struct kmem_cache *sigqueue_cachep; @@ -73302,7 +76707,17 @@ index 3d09cf6..a67d2c6 100644 if (override_rlimit || atomic_read(&user->sigpending) <= task_rlimit(t, RLIMIT_SIGPENDING)) { -@@ -492,7 +495,7 @@ flush_signal_handlers(struct task_struct *t, int force_default) +@@ -485,6 +488,9 @@ flush_signal_handlers(struct task_struct *t, int force_default) + if (force_default || ka->sa.sa_handler != SIG_IGN) + ka->sa.sa_handler = SIG_DFL; + ka->sa.sa_flags = 0; ++#ifdef SA_RESTORER ++ ka->sa.sa_restorer = NULL; ++#endif + sigemptyset(&ka->sa.sa_mask); + ka++; + } +@@ -492,7 +498,7 @@ flush_signal_handlers(struct task_struct *t, int force_default) int unhandled_signal(struct task_struct *tsk, int sig) { @@ -73311,7 +76726,7 @@ index 3d09cf6..a67d2c6 100644 if (is_global_init(tsk)) return 1; if (handler != SIG_IGN && handler != SIG_DFL) -@@ -812,6 +815,13 @@ static int check_kill_permission(int sig, struct siginfo *info, +@@ -812,6 +818,13 @@ static int check_kill_permission(int sig, struct siginfo *info, } } @@ -73325,7 +76740,7 @@ index 3d09cf6..a67d2c6 100644 return security_task_kill(t, info, sig, 0); } -@@ -1194,7 +1204,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -1194,7 +1207,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) return send_signal(sig, info, p, 1); } @@ -73334,7 +76749,7 @@ index 3d09cf6..a67d2c6 100644 specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) { return send_signal(sig, info, t, 0); -@@ -1231,6 +1241,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1231,6 +1244,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) unsigned long int flags; int ret, blocked, ignored; struct k_sigaction *action; @@ -73342,7 +76757,7 @@ index 3d09cf6..a67d2c6 100644 spin_lock_irqsave(&t->sighand->siglock, flags); action = &t->sighand->action[sig-1]; -@@ -1245,9 +1256,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1245,9 +1259,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) } if (action->sa.sa_handler == SIG_DFL) t->signal->flags &= ~SIGNAL_UNKILLABLE; @@ -73361,7 +76776,7 @@ index 3d09cf6..a67d2c6 100644 return ret; } -@@ -1314,8 +1334,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -1314,8 +1337,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) ret = check_kill_permission(sig, info, p); rcu_read_unlock(); @@ -73374,7 +76789,7 @@ index 3d09cf6..a67d2c6 100644 return ret; } -@@ -2852,7 +2875,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) +@@ -2852,7 +2878,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) int error = -ESRCH; rcu_read_lock(); @@ -73391,7 +76806,7 @@ index 3d09cf6..a67d2c6 100644 if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) { error = check_kill_permission(sig, info, p); /* -@@ -3135,8 +3166,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, +@@ -3135,8 +3169,8 @@ COMPAT_SYSCALL_DEFINE2(sigaltstack, } seg = get_fs(); set_fs(KERNEL_DS); @@ -73415,8 +76830,30 @@ index 69f38bd..77bbf12 100644 .notifier_call = hotplug_cfd, }; +diff --git a/kernel/smpboot.c b/kernel/smpboot.c +index d6c5fc0..530560c 100644 +--- a/kernel/smpboot.c ++++ b/kernel/smpboot.c +@@ -275,7 +275,7 @@ int smpboot_register_percpu_thread(struct smp_hotplug_thread *plug_thread) + } + smpboot_unpark_thread(plug_thread, cpu); + } +- list_add(&plug_thread->list, &hotplug_threads); ++ pax_list_add(&plug_thread->list, &hotplug_threads); + out: + mutex_unlock(&smpboot_threads_lock); + return ret; +@@ -292,7 +292,7 @@ void smpboot_unregister_percpu_thread(struct smp_hotplug_thread *plug_thread) + { + get_online_cpus(); + mutex_lock(&smpboot_threads_lock); +- list_del(&plug_thread->list); ++ pax_list_del(&plug_thread->list); + smpboot_destroy_threads(plug_thread); + mutex_unlock(&smpboot_threads_lock); + put_online_cpus(); diff --git a/kernel/softirq.c b/kernel/softirq.c -index ed567ba..dc61b61 100644 +index ed567ba..e71dabf 100644 --- a/kernel/softirq.c +++ b/kernel/softirq.c @@ -53,11 +53,11 @@ irq_cpustat_t irq_stat[NR_CPUS] ____cacheline_aligned; @@ -73478,7 +76915,7 @@ index ed567ba..dc61b61 100644 .notifier_call = remote_softirq_cpu_notify, }; -@@ -835,7 +835,7 @@ static int __cpuinit cpu_callback(struct notifier_block *nfb, +@@ -835,11 +835,11 @@ static int __cpuinit cpu_callback(struct notifier_block *nfb, return NOTIFY_OK; } @@ -73487,6 +76924,11 @@ index ed567ba..dc61b61 100644 .notifier_call = cpu_callback }; +-static struct smp_hotplug_thread softirq_threads = { ++static struct smp_hotplug_thread softirq_threads __read_only = { + .store = &ksoftirqd, + .thread_should_run = ksoftirqd_should_run, + .thread_fn = run_ksoftirqd, diff --git a/kernel/srcu.c b/kernel/srcu.c index 2b85982..d52ab26 100644 --- a/kernel/srcu.c @@ -73685,7 +77127,7 @@ index 265b376..4e42ef5 100644 break; } diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index c88878d..99d321b 100644 +index c88878d..e4fa5d1 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -92,7 +92,6 @@ @@ -73831,6 +77273,15 @@ index c88878d..99d321b 100644 if (copy_to_user(*buf, tmp, len)) return -EFAULT; *size -= len; +@@ -1985,7 +2037,7 @@ int proc_dointvec(struct ctl_table *table, int write, + static int proc_taint(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table t; ++ ctl_table_no_const t; + unsigned long tmptaint = get_taint(); + int err; + @@ -2013,7 +2065,6 @@ static int proc_taint(struct ctl_table *table, int write, return err; } @@ -74739,10 +78190,10 @@ index 33acb5e..57ebfd4 100644 .group = GLOBAL_ROOT_GID, .proc_inum = PROC_USER_INIT_INO, diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c -index 2b042c4..24f8ec3 100644 +index dbfe36a7..6d36e9a 100644 --- a/kernel/user_namespace.c +++ b/kernel/user_namespace.c -@@ -78,7 +78,7 @@ int create_user_ns(struct cred *new) +@@ -79,7 +79,7 @@ int create_user_ns(struct cred *new) return ret; } @@ -74751,7 +78202,7 @@ index 2b042c4..24f8ec3 100644 /* Leave the new->user_ns reference with the new user namespace. */ ns->parent = parent_ns; ns->owner = owner; -@@ -104,15 +104,16 @@ int unshare_userns(unsigned long unshare_flags, struct cred **new_cred) +@@ -105,15 +105,16 @@ int unshare_userns(unsigned long unshare_flags, struct cred **new_cred) return create_user_ns(cred); } @@ -74775,10 +78226,63 @@ index 2b042c4..24f8ec3 100644 } EXPORT_SYMBOL(free_user_ns); +diff --git a/kernel/utsname_sysctl.c b/kernel/utsname_sysctl.c +index 63da38c..639904e 100644 +--- a/kernel/utsname_sysctl.c ++++ b/kernel/utsname_sysctl.c +@@ -46,7 +46,7 @@ static void put_uts(ctl_table *table, int write, void *which) + static int proc_do_uts_string(ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- struct ctl_table uts_table; ++ ctl_table_no_const uts_table; + int r; + memcpy(&uts_table, table, sizeof(uts_table)); + uts_table.data = get_uts(table, write); +diff --git a/kernel/watchdog.c b/kernel/watchdog.c +index 75a2ab3..5961da7 100644 +--- a/kernel/watchdog.c ++++ b/kernel/watchdog.c +@@ -527,7 +527,7 @@ int proc_dowatchdog(struct ctl_table *table, int write, + } + #endif /* CONFIG_SYSCTL */ + +-static struct smp_hotplug_thread watchdog_threads = { ++static struct smp_hotplug_thread watchdog_threads __read_only = { + .store = &softlockup_watchdog, + .thread_should_run = watchdog_should_run, + .thread_fn = watchdog, diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index 67604e5..3ebb003 100644 +index 67604e5..fe94fb1 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug +@@ -550,7 +550,7 @@ config DEBUG_MUTEXES + + config DEBUG_LOCK_ALLOC + bool "Lock debugging: detect incorrect freeing of live locks" +- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT ++ depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT && !PAX_CONSTIFY_PLUGIN + select DEBUG_SPINLOCK + select DEBUG_MUTEXES + select LOCKDEP +@@ -564,7 +564,7 @@ config DEBUG_LOCK_ALLOC + + config PROVE_LOCKING + bool "Lock debugging: prove locking correctness" +- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT ++ depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT && !PAX_CONSTIFY_PLUGIN + select LOCKDEP + select DEBUG_SPINLOCK + select DEBUG_MUTEXES +@@ -670,7 +670,7 @@ config LOCKDEP + + config LOCK_STAT + bool "Lock usage statistics" +- depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT ++ depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT && !PAX_CONSTIFY_PLUGIN + select LOCKDEP + select DEBUG_SPINLOCK + select DEBUG_MUTEXES @@ -1278,6 +1278,7 @@ config LATENCYTOP depends on DEBUG_KERNEL depends on STACKTRACE_SUPPORT @@ -74977,8 +78481,24 @@ index bd2bea9..6b3c95e 100644 if (atomic_read(&task->signal->live) != 1) return false; +diff --git a/lib/kobject.c b/lib/kobject.c +index e07ee1f..998489d 100644 +--- a/lib/kobject.c ++++ b/lib/kobject.c +@@ -852,9 +852,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); + + + static DEFINE_SPINLOCK(kobj_ns_type_lock); +-static const struct kobj_ns_type_operations *kobj_ns_ops_tbl[KOBJ_NS_TYPES]; ++static const struct kobj_ns_type_operations *kobj_ns_ops_tbl[KOBJ_NS_TYPES] __read_only; + +-int kobj_ns_type_register(const struct kobj_ns_type_operations *ops) ++int __init kobj_ns_type_register(const struct kobj_ns_type_operations *ops) + { + enum kobj_ns_type type = ops->type; + int error; diff --git a/lib/list_debug.c b/lib/list_debug.c -index c24c2f7..3fc5da0 100644 +index c24c2f7..0475b78 100644 --- a/lib/list_debug.c +++ b/lib/list_debug.c @@ -11,7 +11,9 @@ @@ -75060,20 +78580,17 @@ index c24c2f7..3fc5da0 100644 } EXPORT_SYMBOL(__list_del_entry); -@@ -86,15 +106,54 @@ EXPORT_SYMBOL(list_del); +@@ -86,15 +106,85 @@ EXPORT_SYMBOL(list_del); void __list_add_rcu(struct list_head *new, struct list_head *prev, struct list_head *next) { - WARN(next->prev != prev, -+ if (WARN(next->prev != prev, - "list_add_rcu corruption. next->prev should be prev (%p), but was %p. (next=%p).\n", +- "list_add_rcu corruption. next->prev should be prev (%p), but was %p. (next=%p).\n", - prev, next->prev, next); - WARN(prev->next != next, -+ prev, next->prev, next) || -+ WARN(prev->next != next, - "list_add_rcu corruption. prev->next should be next (%p), but was %p. (prev=%p).\n", +- "list_add_rcu corruption. prev->next should be next (%p), but was %p. (prev=%p).\n", - next, prev->next, prev); -+ next, prev->next, prev)) ++ if (!__list_add_debug(new, prev, next)) + return; + new->next = next; @@ -75084,13 +78601,8 @@ index c24c2f7..3fc5da0 100644 EXPORT_SYMBOL(__list_add_rcu); +#endif + -+void pax_list_add_tail(struct list_head *new, struct list_head *head) ++void __pax_list_add(struct list_head *new, struct list_head *prev, struct list_head *next) +{ -+ struct list_head *prev, *next; -+ -+ prev = head->prev; -+ next = head; -+ +#ifdef CONFIG_DEBUG_LIST + if (!__list_add_debug(new, prev, next)) + return; @@ -75103,7 +78615,7 @@ index c24c2f7..3fc5da0 100644 + prev->next = new; + pax_close_kernel(); +} -+EXPORT_SYMBOL(pax_list_add_tail); ++EXPORT_SYMBOL(__pax_list_add); + +void pax_list_del(struct list_head *entry) +{ @@ -75119,6 +78631,47 @@ index c24c2f7..3fc5da0 100644 + pax_close_kernel(); +} +EXPORT_SYMBOL(pax_list_del); ++ ++void pax_list_del_init(struct list_head *entry) ++{ ++ pax_open_kernel(); ++ __list_del(entry->prev, entry->next); ++ INIT_LIST_HEAD(entry); ++ pax_close_kernel(); ++} ++EXPORT_SYMBOL(pax_list_del_init); ++ ++void __pax_list_add_rcu(struct list_head *new, ++ struct list_head *prev, struct list_head *next) ++{ ++#ifdef CONFIG_DEBUG_LIST ++ if (!__list_add_debug(new, prev, next)) ++ return; ++#endif ++ ++ pax_open_kernel(); ++ new->next = next; ++ new->prev = prev; ++ rcu_assign_pointer(list_next_rcu(prev), new); ++ next->prev = new; ++ pax_close_kernel(); ++} ++EXPORT_SYMBOL(__pax_list_add_rcu); ++ ++void pax_list_del_rcu(struct list_head *entry) ++{ ++#ifdef CONFIG_DEBUG_LIST ++ if (!__list_del_entry_debug(entry)) ++ return; ++#endif ++ ++ pax_open_kernel(); ++ __list_del(entry->prev, entry->next); ++ entry->next = LIST_POISON1; ++ entry->prev = LIST_POISON2; ++ pax_close_kernel(); ++} ++EXPORT_SYMBOL(pax_list_del_rcu); diff --git a/lib/radix-tree.c b/lib/radix-tree.c index e796429..6e38f9f 100644 --- a/lib/radix-tree.c @@ -75158,6 +78711,19 @@ index a28df52..3d55877 100644 long align, res = 0; unsigned long c; +diff --git a/lib/swiotlb.c b/lib/swiotlb.c +index 196b069..358f342 100644 +--- a/lib/swiotlb.c ++++ b/lib/swiotlb.c +@@ -642,7 +642,7 @@ EXPORT_SYMBOL(swiotlb_alloc_coherent); + + void + swiotlb_free_coherent(struct device *hwdev, size_t size, void *vaddr, +- dma_addr_t dev_addr) ++ dma_addr_t dev_addr, struct dma_attrs *attrs) + { + phys_addr_t paddr = dma_to_phys(hwdev, dev_addr); + diff --git a/lib/vsprintf.c b/lib/vsprintf.c index fab33a9..3b5fe68 100644 --- a/lib/vsprintf.c @@ -75386,10 +78952,52 @@ index b32b70c..e512eb0 100644 set_page_address(page, (void *)vaddr); diff --git a/mm/hugetlb.c b/mm/hugetlb.c -index 546db81..01d5c53 100644 +index 546db81..34830af 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c -@@ -2511,6 +2511,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2008,15 +2008,17 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, + struct hstate *h = &default_hstate; + unsigned long tmp; + int ret; ++ ctl_table_no_const hugetlb_table; + + tmp = h->max_huge_pages; + + if (write && h->order >= MAX_ORDER) + return -EINVAL; + +- table->data = &tmp; +- table->maxlen = sizeof(unsigned long); +- ret = proc_doulongvec_minmax(table, write, buffer, length, ppos); ++ hugetlb_table = *table; ++ hugetlb_table.data = &tmp; ++ hugetlb_table.maxlen = sizeof(unsigned long); ++ ret = proc_doulongvec_minmax(&hugetlb_table, write, buffer, length, ppos); + if (ret) + goto out; + +@@ -2073,15 +2075,17 @@ int hugetlb_overcommit_handler(struct ctl_table *table, int write, + struct hstate *h = &default_hstate; + unsigned long tmp; + int ret; ++ ctl_table_no_const hugetlb_table; + + tmp = h->nr_overcommit_huge_pages; + + if (write && h->order >= MAX_ORDER) + return -EINVAL; + +- table->data = &tmp; +- table->maxlen = sizeof(unsigned long); +- ret = proc_doulongvec_minmax(table, write, buffer, length, ppos); ++ hugetlb_table = *table; ++ hugetlb_table.data = &tmp; ++ hugetlb_table.maxlen = sizeof(unsigned long); ++ ret = proc_doulongvec_minmax(&hugetlb_table, write, buffer, length, ppos); + if (ret) + goto out; + +@@ -2511,6 +2515,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, return 1; } @@ -75417,7 +79025,7 @@ index 546db81..01d5c53 100644 /* * Hugetlb_cow() should be called with page lock of the original hugepage held. * Called with hugetlb_instantiation_mutex held and pte_page locked so we -@@ -2629,6 +2650,11 @@ retry_avoidcopy: +@@ -2629,6 +2654,11 @@ retry_avoidcopy: make_huge_pte(vma, new_page, 1)); page_remove_rmap(old_page); hugepage_add_new_anon_rmap(new_page, vma, address); @@ -75429,7 +79037,7 @@ index 546db81..01d5c53 100644 /* Make the old page be freed below */ new_page = old_page; } -@@ -2788,6 +2814,10 @@ retry: +@@ -2788,6 +2818,10 @@ retry: && (vma->vm_flags & VM_SHARED))); set_huge_pte_at(mm, address, ptep, new_pte); @@ -75440,7 +79048,7 @@ index 546db81..01d5c53 100644 if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { /* Optimization, do the COW without a second fault */ ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page); -@@ -2817,6 +2847,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2817,6 +2851,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, static DEFINE_MUTEX(hugetlb_instantiation_mutex); struct hstate *h = hstate_vma(vma); @@ -75451,7 +79059,7 @@ index 546db81..01d5c53 100644 address &= huge_page_mask(h); ptep = huge_pte_offset(mm, address); -@@ -2830,6 +2864,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, +@@ -2830,6 +2868,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, VM_FAULT_SET_HINDEX(hstate_index(h)); } @@ -75615,7 +79223,7 @@ index 03dfa5c..b032917 100644 if (end == start) goto out; diff --git a/mm/memory-failure.c b/mm/memory-failure.c -index c6e4dd3..fdb2ca6 100644 +index c6e4dd3..1f41988 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; @@ -75636,6 +79244,15 @@ index c6e4dd3..fdb2ca6 100644 #ifdef __ARCH_SI_TRAPNO si.si_trapno = trapno; #endif +@@ -760,7 +760,7 @@ static struct page_state { + unsigned long res; + char *msg; + int (*action)(struct page *p, unsigned long pfn); +-} error_states[] = { ++} __do_const error_states[] = { + { reserved, reserved, "reserved kernel", me_kernel }, + /* + * free pages are specially detected outside this table: @@ -1040,7 +1040,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) } @@ -76342,7 +79959,7 @@ index bb1369f..efb96b5 100644 return 0; } diff --git a/mm/mempolicy.c b/mm/mempolicy.c -index e2df1c1..1e31d57 100644 +index 3df6d12..a11056a 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -721,6 +721,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, @@ -76508,7 +80125,7 @@ index c9bd528..da8d069 100644 capable(CAP_IPC_LOCK)) ret = do_mlockall(flags); diff --git a/mm/mmap.c b/mm/mmap.c -index 8832b87..7d36e4f 100644 +index 8832b87..20500c1 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -32,6 +32,7 @@ @@ -77674,7 +81291,7 @@ index 8832b87..7d36e4f 100644 +#ifdef CONFIG_PAX_RANDMMAP + if (mm->pax_flags & MF_PAX_RANDMMAP) -+ cur -= mm->brk_gap; ++ cur -= mm->aslr_gap; +#endif + + gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1); @@ -78092,10 +81709,18 @@ index 0713bfb..e3774e0 100644 .next = NULL, }; diff --git a/mm/page_alloc.c b/mm/page_alloc.c -index 6a83cd3..bc2dcb6 100644 +index 6a83cd3..3ab04ef 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c -@@ -338,7 +338,7 @@ out: +@@ -58,6 +58,7 @@ + #include + #include + #include ++#include + + #include + #include +@@ -338,7 +339,7 @@ out: * This usage means that zero-order pages may not be compound. */ @@ -78104,7 +81729,7 @@ index 6a83cd3..bc2dcb6 100644 { __free_pages_ok(page, compound_order(page)); } -@@ -693,6 +693,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -693,6 +694,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) int i; int bad = 0; @@ -78115,7 +81740,7 @@ index 6a83cd3..bc2dcb6 100644 trace_mm_page_free(page, order); kmemcheck_free_shadow(page, order); -@@ -708,6 +712,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -708,6 +713,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) debug_check_no_obj_freed(page_address(page), PAGE_SIZE << order); } @@ -78128,7 +81753,47 @@ index 6a83cd3..bc2dcb6 100644 arch_free_page(page, order); kernel_map_pages(page, 1 << order, 0); -@@ -861,8 +871,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) +@@ -730,6 +741,19 @@ static void __free_pages_ok(struct page *page, unsigned int order) + local_irq_restore(flags); + } + ++#ifdef CONFIG_PAX_LATENT_ENTROPY ++bool __meminitdata extra_latent_entropy; ++ ++static int __init setup_pax_extra_latent_entropy(char *str) ++{ ++ extra_latent_entropy = true; ++ return 0; ++} ++early_param("pax_extra_latent_entropy", setup_pax_extra_latent_entropy); ++ ++volatile u64 latent_entropy; ++#endif ++ + /* + * Read access to zone->managed_pages is safe because it's unsigned long, + * but we still need to serialize writers. Currently all callers of +@@ -752,6 +776,19 @@ void __meminit __free_pages_bootmem(struct page *page, unsigned int order) + set_page_count(p, 0); + } + ++#ifdef CONFIG_PAX_LATENT_ENTROPY ++ if (extra_latent_entropy && !PageHighMem(page) && page_to_pfn(page) < 0x100000) { ++ u64 hash = 0; ++ size_t index, end = PAGE_SIZE * nr_pages / sizeof hash; ++ const u64 *data = lowmem_page_address(page); ++ ++ for (index = 0; index < end; index++) ++ hash ^= hash + data[index]; ++ latent_entropy ^= hash; ++ add_device_randomness((const void *)&latent_entropy, sizeof(latent_entropy)); ++ } ++#endif ++ + page_zone(page)->managed_pages += 1 << order; + set_page_refcounted(page); + __free_pages(page, order); +@@ -861,8 +898,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) arch_alloc_page(page, order); kernel_map_pages(page, 1 << order, 1); @@ -78139,7 +81804,7 @@ index 6a83cd3..bc2dcb6 100644 if (order && (gfp_flags & __GFP_COMP)) prep_compound_page(page, order); -@@ -3752,7 +3764,13 @@ static int pageblock_is_reserved(unsigned long start_pfn, unsigned long end_pfn) +@@ -3752,7 +3791,13 @@ static int pageblock_is_reserved(unsigned long start_pfn, unsigned long end_pfn) unsigned long pfn; for (pfn = start_pfn; pfn < end_pfn; pfn++) { @@ -78167,7 +81832,7 @@ index 8c8e08f..73a5cda 100644 static const int *pcpu_unit_map __read_mostly; /* cpu -> unit */ diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c -index 926b466..b23df53 100644 +index fd26d04..0cea1b0 100644 --- a/mm/process_vm_access.c +++ b/mm/process_vm_access.c @@ -13,6 +13,7 @@ @@ -78591,9 +82256,18 @@ index 34a98d6..73633d1 100644 if (slab_equal_or_root(cachep, s)) return cachep; diff --git a/mm/slab_common.c b/mm/slab_common.c -index 3f3cd97..e050794 100644 +index 3f3cd97..93b0236 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c +@@ -22,7 +22,7 @@ + + #include "slab.h" + +-enum slab_state slab_state; ++enum slab_state slab_state __read_only; + LIST_HEAD(slab_caches); + DEFINE_MUTEX(slab_mutex); + struct kmem_cache *kmem_cache; @@ -209,7 +209,7 @@ kmem_cache_create_memcg(struct mem_cgroup *memcg, const char *name, size_t size, err = __kmem_cache_create(s, flags); @@ -79674,6 +83348,28 @@ index a292e80..785ee68 100644 struct vlan_net *vn; vn = net_generic(net, vlan_net_id); +diff --git a/net/9p/mod.c b/net/9p/mod.c +index 6ab36ae..6f1841b 100644 +--- a/net/9p/mod.c ++++ b/net/9p/mod.c +@@ -84,7 +84,7 @@ static LIST_HEAD(v9fs_trans_list); + void v9fs_register_trans(struct p9_trans_module *m) + { + spin_lock(&v9fs_trans_lock); +- list_add_tail(&m->list, &v9fs_trans_list); ++ pax_list_add_tail((struct list_head *)&m->list, &v9fs_trans_list); + spin_unlock(&v9fs_trans_lock); + } + EXPORT_SYMBOL(v9fs_register_trans); +@@ -97,7 +97,7 @@ EXPORT_SYMBOL(v9fs_register_trans); + void v9fs_unregister_trans(struct p9_trans_module *m) + { + spin_lock(&v9fs_trans_lock); +- list_del_init(&m->list); ++ pax_list_del_init((struct list_head *)&m->list); + spin_unlock(&v9fs_trans_lock); + } + EXPORT_SYMBOL(v9fs_unregister_trans); diff --git a/net/9p/trans_fd.c b/net/9p/trans_fd.c index 02efb25..41541a9 100644 --- a/net/9p/trans_fd.c @@ -79779,6 +83475,19 @@ index 0447d5d..3cf4728 100644 __AAL_STAT_ITEMS #undef __HANDLE_ITEM } +diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c +index d5744b7..506bae3 100644 +--- a/net/ax25/sysctl_net_ax25.c ++++ b/net/ax25/sysctl_net_ax25.c +@@ -152,7 +152,7 @@ int ax25_register_dev_sysctl(ax25_dev *ax25_dev) + { + char path[sizeof("net/ax25/") + IFNAMSIZ]; + int k; +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(ax25_param_table, sizeof(ax25_param_table), GFP_KERNEL); + if (!table) diff --git a/net/batman-adv/bat_iv_ogm.c b/net/batman-adv/bat_iv_ogm.c index 7d02ebd..4d4cc01 100644 --- a/net/batman-adv/bat_iv_ogm.c @@ -80043,6 +83752,42 @@ index bd6fd0f..6492cba 100644 spin_unlock_irqrestore(&dev->port.lock, flags); if (dev->tty_dev->parent) device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST); +diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c +index acc9f4c..2897e40 100644 +--- a/net/bridge/br_mdb.c ++++ b/net/bridge/br_mdb.c +@@ -82,6 +82,7 @@ static int br_mdb_fill_info(struct sk_buff *skb, struct netlink_callback *cb, + port = p->port; + if (port) { + struct br_mdb_entry e; ++ memset(&e, 0, sizeof(e)); + e.ifindex = port->dev->ifindex; + e.state = p->state; + if (p->addr.proto == htons(ETH_P_IP)) +@@ -138,6 +139,7 @@ static int br_mdb_dump(struct sk_buff *skb, struct netlink_callback *cb) + break; + + bpm = nlmsg_data(nlh); ++ memset(bpm, 0, sizeof(*bpm)); + bpm->ifindex = dev->ifindex; + if (br_mdb_fill_info(skb, cb, dev) < 0) + goto out; +@@ -173,6 +175,7 @@ static int nlmsg_populate_mdb_fill(struct sk_buff *skb, + return -EMSGSIZE; + + bpm = nlmsg_data(nlh); ++ memset(bpm, 0, sizeof(*bpm)); + bpm->family = AF_BRIDGE; + bpm->ifindex = dev->ifindex; + nest = nla_nest_start(skb, MDBA_MDB); +@@ -230,6 +233,7 @@ void br_mdb_notify(struct net_device *dev, struct net_bridge_port *port, + { + struct br_mdb_entry entry; + ++ memset(&entry, 0, sizeof(entry)); + entry.ifindex = port->dev->ifindex; + entry.addr.proto = group->proto; + entry.addr.u.ip4 = group->u.ip4; diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 5fe2ff3..121d696 100644 --- a/net/bridge/netfilter/ebtables.c @@ -80480,8 +84225,74 @@ index 7e7aeb0..2a998cb 100644 return -EFAULT; m->msg_iov = iov; +diff --git a/net/core/neighbour.c b/net/core/neighbour.c +index c815f28..e6403f2 100644 +--- a/net/core/neighbour.c ++++ b/net/core/neighbour.c +@@ -2776,7 +2776,7 @@ static int proc_unres_qlen(ctl_table *ctl, int write, void __user *buffer, + size_t *lenp, loff_t *ppos) + { + int size, ret; +- ctl_table tmp = *ctl; ++ ctl_table_no_const tmp = *ctl; + + tmp.extra1 = &zero; + tmp.extra2 = &unres_qlen_max; +diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c +index 28c5f5a..7edf2e2 100644 +--- a/net/core/net-sysfs.c ++++ b/net/core/net-sysfs.c +@@ -1455,7 +1455,7 @@ void netdev_class_remove_file(struct class_attribute *class_attr) + } + EXPORT_SYMBOL(netdev_class_remove_file); + +-int netdev_kobject_init(void) ++int __init netdev_kobject_init(void) + { + kobj_ns_type_register(&net_ns_type_operations); + return class_register(&net_class); +diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c +index 8acce01..2e306bb 100644 +--- a/net/core/net_namespace.c ++++ b/net/core/net_namespace.c +@@ -442,7 +442,7 @@ static int __register_pernet_operations(struct list_head *list, + int error; + LIST_HEAD(net_exit_list); + +- list_add_tail(&ops->list, list); ++ pax_list_add_tail((struct list_head *)&ops->list, list); + if (ops->init || (ops->id && ops->size)) { + for_each_net(net) { + error = ops_init(ops, net); +@@ -455,7 +455,7 @@ static int __register_pernet_operations(struct list_head *list, + + out_undo: + /* If I have an error cleanup all namespaces I initialized */ +- list_del(&ops->list); ++ pax_list_del((struct list_head *)&ops->list); + ops_exit_list(ops, &net_exit_list); + ops_free_list(ops, &net_exit_list); + return error; +@@ -466,7 +466,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops) + struct net *net; + LIST_HEAD(net_exit_list); + +- list_del(&ops->list); ++ pax_list_del((struct list_head *)&ops->list); + for_each_net(net) + list_add_tail(&net->exit_list, &net_exit_list); + ops_exit_list(ops, &net_exit_list); +@@ -600,7 +600,7 @@ int register_pernet_device(struct pernet_operations *ops) + mutex_lock(&net_mutex); + error = register_pernet_operations(&pernet_list, ops); + if (!error && (first_device == &pernet_list)) +- first_device = &ops->list; ++ first_device = (struct list_head *)&ops->list; + mutex_unlock(&net_mutex); + return error; + } diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index 1868625..5f4de62 100644 +index 1868625..e2261f5 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -58,7 +58,7 @@ struct rtnl_link { @@ -80493,6 +84304,40 @@ index 1868625..5f4de62 100644 static DEFINE_MUTEX(rtnl_mutex); +@@ -299,10 +299,13 @@ int __rtnl_link_register(struct rtnl_link_ops *ops) + if (rtnl_link_ops_get(ops->kind)) + return -EEXIST; + +- if (!ops->dellink) +- ops->dellink = unregister_netdevice_queue; ++ if (!ops->dellink) { ++ pax_open_kernel(); ++ *(void **)&ops->dellink = unregister_netdevice_queue; ++ pax_close_kernel(); ++ } + +- list_add_tail(&ops->list, &link_ops); ++ pax_list_add_tail((struct list_head *)&ops->list, &link_ops); + return 0; + } + EXPORT_SYMBOL_GPL(__rtnl_link_register); +@@ -349,7 +352,7 @@ void __rtnl_link_unregister(struct rtnl_link_ops *ops) + for_each_net(net) { + __rtnl_kill_links(net, ops); + } +- list_del(&ops->list); ++ pax_list_del((struct list_head *)&ops->list); + } + EXPORT_SYMBOL_GPL(__rtnl_link_unregister); + +@@ -976,6 +979,7 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, + * report anything. + */ + ivi.spoofchk = -1; ++ memset(ivi.mac, 0, sizeof(ivi.mac)); + if (dev->netdev_ops->ndo_get_vf_config(dev, i, &ivi)) + break; + vf_mac.vf = diff --git a/net/core/scm.c b/net/core/scm.c index 905dcc6..14ee2d6 100644 --- a/net/core/scm.c @@ -80631,10 +84476,17 @@ index bc131d4..029e378 100644 EXPORT_SYMBOL(sock_init_data); diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c -index 750f44f..0a699b1 100644 +index 750f44f..922399c 100644 --- a/net/core/sock_diag.c +++ b/net/core/sock_diag.c -@@ -15,20 +15,27 @@ static DEFINE_MUTEX(sock_diag_table_mutex); +@@ -9,26 +9,33 @@ + #include + #include + +-static const struct sock_diag_handler *sock_diag_handlers[AF_MAX]; ++static const struct sock_diag_handler *sock_diag_handlers[AF_MAX] __read_only; + static int (*inet_rcv_compat)(struct sk_buff *skb, struct nlmsghdr *nlh); + static DEFINE_MUTEX(sock_diag_table_mutex); int sock_diag_check_cookie(void *sk, __u32 *cookie) { @@ -80662,7 +84514,27 @@ index 750f44f..0a699b1 100644 } EXPORT_SYMBOL_GPL(sock_diag_save_cookie); -@@ -97,21 +104,6 @@ void sock_diag_unregister(const struct sock_diag_handler *hnld) +@@ -75,8 +82,11 @@ int sock_diag_register(const struct sock_diag_handler *hndl) + mutex_lock(&sock_diag_table_mutex); + if (sock_diag_handlers[hndl->family]) + err = -EBUSY; +- else ++ else { ++ pax_open_kernel(); + sock_diag_handlers[hndl->family] = hndl; ++ pax_close_kernel(); ++ } + mutex_unlock(&sock_diag_table_mutex); + + return err; +@@ -92,26 +102,13 @@ void sock_diag_unregister(const struct sock_diag_handler *hnld) + + mutex_lock(&sock_diag_table_mutex); + BUG_ON(sock_diag_handlers[family] != hnld); ++ pax_open_kernel(); + sock_diag_handlers[family] = NULL; ++ pax_close_kernel(); + mutex_unlock(&sock_diag_table_mutex); } EXPORT_SYMBOL_GPL(sock_diag_unregister); @@ -80684,7 +84556,7 @@ index 750f44f..0a699b1 100644 static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) { int err; -@@ -124,12 +116,17 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -124,12 +121,17 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) if (req->sdiag_family >= AF_MAX) return -EINVAL; @@ -80704,6 +84576,145 @@ index 750f44f..0a699b1 100644 return err; } +diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c +index d1b0804..4aed0a5 100644 +--- a/net/core/sysctl_net_core.c ++++ b/net/core/sysctl_net_core.c +@@ -26,7 +26,7 @@ static int rps_sock_flow_sysctl(ctl_table *table, int write, + { + unsigned int orig_size, size; + int ret, i; +- ctl_table tmp = { ++ ctl_table_no_const tmp = { + .data = &size, + .maxlen = sizeof(size), + .mode = table->mode +@@ -205,13 +205,12 @@ static struct ctl_table netns_core_table[] = { + + static __net_init int sysctl_core_net_init(struct net *net) + { +- struct ctl_table *tbl; ++ ctl_table_no_const *tbl = NULL; + + net->core.sysctl_somaxconn = SOMAXCONN; + +- tbl = netns_core_table; + if (!net_eq(net, &init_net)) { +- tbl = kmemdup(tbl, sizeof(netns_core_table), GFP_KERNEL); ++ tbl = kmemdup(netns_core_table, sizeof(netns_core_table), GFP_KERNEL); + if (tbl == NULL) + goto err_dup; + +@@ -221,16 +220,16 @@ static __net_init int sysctl_core_net_init(struct net *net) + if (net->user_ns != &init_user_ns) { + tbl[0].procname = NULL; + } +- } +- +- net->core.sysctl_hdr = register_net_sysctl(net, "net/core", tbl); ++ net->core.sysctl_hdr = register_net_sysctl(net, "net/core", tbl); ++ } else ++ net->core.sysctl_hdr = register_net_sysctl(net, "net/core", netns_core_table); + if (net->core.sysctl_hdr == NULL) + goto err_reg; + + return 0; + + err_reg: +- if (tbl != netns_core_table) ++ if (tbl) + kfree(tbl); + err_dup: + return -ENOMEM; +@@ -246,7 +245,7 @@ static __net_exit void sysctl_core_net_exit(struct net *net) + kfree(tbl); + } + +-static __net_initdata struct pernet_operations sysctl_core_ops = { ++static __net_initconst struct pernet_operations sysctl_core_ops = { + .init = sysctl_core_net_init, + .exit = sysctl_core_net_exit, + }; +diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c +index 1b588e2..21291f1 100644 +--- a/net/dcb/dcbnl.c ++++ b/net/dcb/dcbnl.c +@@ -284,6 +284,7 @@ static int dcbnl_getperm_hwaddr(struct net_device *netdev, struct nlmsghdr *nlh, + if (!netdev->dcbnl_ops->getpermhwaddr) + return -EOPNOTSUPP; + ++ memset(perm_addr, 0, sizeof(perm_addr)); + netdev->dcbnl_ops->getpermhwaddr(netdev, perm_addr); + + return nla_put(skb, DCB_ATTR_PERM_HWADDR, sizeof(perm_addr), perm_addr); +@@ -1042,6 +1043,7 @@ static int dcbnl_ieee_fill(struct sk_buff *skb, struct net_device *netdev) + + if (ops->ieee_getets) { + struct ieee_ets ets; ++ memset(&ets, 0, sizeof(ets)); + err = ops->ieee_getets(netdev, &ets); + if (!err && + nla_put(skb, DCB_ATTR_IEEE_ETS, sizeof(ets), &ets)) +@@ -1050,6 +1052,7 @@ static int dcbnl_ieee_fill(struct sk_buff *skb, struct net_device *netdev) + + if (ops->ieee_getmaxrate) { + struct ieee_maxrate maxrate; ++ memset(&maxrate, 0, sizeof(maxrate)); + err = ops->ieee_getmaxrate(netdev, &maxrate); + if (!err) { + err = nla_put(skb, DCB_ATTR_IEEE_MAXRATE, +@@ -1061,6 +1064,7 @@ static int dcbnl_ieee_fill(struct sk_buff *skb, struct net_device *netdev) + + if (ops->ieee_getpfc) { + struct ieee_pfc pfc; ++ memset(&pfc, 0, sizeof(pfc)); + err = ops->ieee_getpfc(netdev, &pfc); + if (!err && + nla_put(skb, DCB_ATTR_IEEE_PFC, sizeof(pfc), &pfc)) +@@ -1094,6 +1098,7 @@ static int dcbnl_ieee_fill(struct sk_buff *skb, struct net_device *netdev) + /* get peer info if available */ + if (ops->ieee_peer_getets) { + struct ieee_ets ets; ++ memset(&ets, 0, sizeof(ets)); + err = ops->ieee_peer_getets(netdev, &ets); + if (!err && + nla_put(skb, DCB_ATTR_IEEE_PEER_ETS, sizeof(ets), &ets)) +@@ -1102,6 +1107,7 @@ static int dcbnl_ieee_fill(struct sk_buff *skb, struct net_device *netdev) + + if (ops->ieee_peer_getpfc) { + struct ieee_pfc pfc; ++ memset(&pfc, 0, sizeof(pfc)); + err = ops->ieee_peer_getpfc(netdev, &pfc); + if (!err && + nla_put(skb, DCB_ATTR_IEEE_PEER_PFC, sizeof(pfc), &pfc)) +@@ -1280,6 +1286,7 @@ static int dcbnl_cee_fill(struct sk_buff *skb, struct net_device *netdev) + /* peer info if available */ + if (ops->cee_peer_getpg) { + struct cee_pg pg; ++ memset(&pg, 0, sizeof(pg)); + err = ops->cee_peer_getpg(netdev, &pg); + if (!err && + nla_put(skb, DCB_ATTR_CEE_PEER_PG, sizeof(pg), &pg)) +@@ -1288,6 +1295,7 @@ static int dcbnl_cee_fill(struct sk_buff *skb, struct net_device *netdev) + + if (ops->cee_peer_getpfc) { + struct cee_pfc pfc; ++ memset(&pfc, 0, sizeof(pfc)); + err = ops->cee_peer_getpfc(netdev, &pfc); + if (!err && + nla_put(skb, DCB_ATTR_CEE_PEER_PFC, sizeof(pfc), &pfc)) +diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c +index 307c322..78a4c6f 100644 +--- a/net/decnet/af_decnet.c ++++ b/net/decnet/af_decnet.c +@@ -468,6 +468,7 @@ static struct proto dn_proto = { + .sysctl_rmem = sysctl_decnet_rmem, + .max_header = DN_MAX_NSP_DATA_HEADER + 64, + .obj_size = sizeof(struct dn_sock), ++ .slab_flags = SLAB_USERCOPY, + }; + + static struct sock *dn_alloc_sock(struct net *net, struct socket *sock, gfp_t gfp) diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c index a55eecc..dd8428c 100644 --- a/net/decnet/sysctl_net_decnet.c @@ -80726,6 +84737,34 @@ index a55eecc..dd8428c 100644 return -EFAULT; *lenp = len; +diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c +index fcf104e..95552d4 100644 +--- a/net/ipv4/af_inet.c ++++ b/net/ipv4/af_inet.c +@@ -1717,13 +1717,9 @@ static int __init inet_init(void) + + BUILD_BUG_ON(sizeof(struct inet_skb_parm) > sizeof(dummy_skb->cb)); + +- sysctl_local_reserved_ports = kzalloc(65536 / 8, GFP_KERNEL); +- if (!sysctl_local_reserved_ports) +- goto out; +- + rc = proto_register(&tcp_prot, 1); + if (rc) +- goto out_free_reserved_ports; ++ goto out; + + rc = proto_register(&udp_prot, 1); + if (rc) +@@ -1832,8 +1828,6 @@ out_unregister_udp_proto: + proto_unregister(&udp_prot); + out_unregister_tcp_proto: + proto_unregister(&tcp_prot); +-out_free_reserved_ports: +- kfree(sysctl_local_reserved_ports); + goto out; + } + diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index a69b4e4..dbccba5 100644 --- a/net/ipv4/ah4.c @@ -80739,6 +84778,59 @@ index a69b4e4..dbccba5 100644 rt_genid_bump(net); ipv4_update_pmtu(skb, net, info, 0, 0, IPPROTO_AH, 0); +diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c +index a8e4f26..25e5f40 100644 +--- a/net/ipv4/devinet.c ++++ b/net/ipv4/devinet.c +@@ -1763,7 +1763,7 @@ static int ipv4_doint_and_flush(ctl_table *ctl, int write, + #define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \ + DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush) + +-static struct devinet_sysctl_table { ++static const struct devinet_sysctl_table { + struct ctl_table_header *sysctl_header; + struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX]; + } devinet_sysctl = { +@@ -1881,7 +1881,7 @@ static __net_init int devinet_init_net(struct net *net) + int err; + struct ipv4_devconf *all, *dflt; + #ifdef CONFIG_SYSCTL +- struct ctl_table *tbl = ctl_forward_entry; ++ ctl_table_no_const *tbl = NULL; + struct ctl_table_header *forw_hdr; + #endif + +@@ -1899,7 +1899,7 @@ static __net_init int devinet_init_net(struct net *net) + goto err_alloc_dflt; + + #ifdef CONFIG_SYSCTL +- tbl = kmemdup(tbl, sizeof(ctl_forward_entry), GFP_KERNEL); ++ tbl = kmemdup(ctl_forward_entry, sizeof(ctl_forward_entry), GFP_KERNEL); + if (tbl == NULL) + goto err_alloc_ctl; + +@@ -1919,7 +1919,10 @@ static __net_init int devinet_init_net(struct net *net) + goto err_reg_dflt; + + err = -ENOMEM; +- forw_hdr = register_net_sysctl(net, "net/ipv4", tbl); ++ if (!net_eq(net, &init_net)) ++ forw_hdr = register_net_sysctl(net, "net/ipv4", tbl); ++ else ++ forw_hdr = register_net_sysctl(net, "net/ipv4", ctl_forward_entry); + if (forw_hdr == NULL) + goto err_reg_ctl; + net->ipv4.forw_hdr = forw_hdr; +@@ -1935,8 +1938,7 @@ err_reg_ctl: + err_reg_dflt: + __devinet_sysctl_unregister(all); + err_reg_all: +- if (tbl != ctl_forward_entry) +- kfree(tbl); ++ kfree(tbl); + err_alloc_ctl: + #endif + if (dflt != &ipv4_devconf_dflt) diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 3b4f0cd..8cb864c 100644 --- a/net/ipv4/esp4.c @@ -80793,6 +84885,19 @@ index 4797a80..2bd54e9 100644 return nh->nh_saddr; } +diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c +index d0670f0..744ac80 100644 +--- a/net/ipv4/inet_connection_sock.c ++++ b/net/ipv4/inet_connection_sock.c +@@ -37,7 +37,7 @@ struct local_ports sysctl_local_ports __read_mostly = { + .range = { 32768, 61000 }, + }; + +-unsigned long *sysctl_local_reserved_ports; ++unsigned long sysctl_local_reserved_ports[65536 / 8 / sizeof(unsigned long)]; + EXPORT_SYMBOL(sysctl_local_reserved_ports); + + void inet_get_local_port_range(int *low, int *high) diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index fa3ae81..0dbe6b8 100644 --- a/net/ipv4/inet_hashtables.c @@ -80838,7 +84943,7 @@ index 000e3d2..5472da3 100644 secure_ip_id(daddr->addr.a4) : secure_ipv6_id(daddr->addr.a6)); diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c -index eb9d63a..50babc1 100644 +index eb9d63a..31c5372 100644 --- a/net/ipv4/ip_fragment.c +++ b/net/ipv4/ip_fragment.c @@ -322,7 +322,7 @@ static inline int ip_frag_too_far(struct ipq *qp) @@ -80850,6 +84955,75 @@ index eb9d63a..50babc1 100644 qp->rid = end; rc = qp->q.fragments && (end - start) > max; +@@ -789,12 +789,11 @@ static struct ctl_table ip4_frags_ctl_table[] = { + + static int __net_init ip4_frags_ns_ctl_register(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table = NULL; + struct ctl_table_header *hdr; + +- table = ip4_frags_ns_ctl_table; + if (!net_eq(net, &init_net)) { +- table = kmemdup(table, sizeof(ip4_frags_ns_ctl_table), GFP_KERNEL); ++ table = kmemdup(ip4_frags_ns_ctl_table, sizeof(ip4_frags_ns_ctl_table), GFP_KERNEL); + if (table == NULL) + goto err_alloc; + +@@ -805,9 +804,10 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) + /* Don't export sysctls to unprivileged users */ + if (net->user_ns != &init_user_ns) + table[0].procname = NULL; +- } ++ hdr = register_net_sysctl(net, "net/ipv4", table); ++ } else ++ hdr = register_net_sysctl(net, "net/ipv4", ip4_frags_ns_ctl_table); + +- hdr = register_net_sysctl(net, "net/ipv4", table); + if (hdr == NULL) + goto err_reg; + +@@ -815,8 +815,7 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net) + return 0; + + err_reg: +- if (!net_eq(net, &init_net)) +- kfree(table); ++ kfree(table); + err_alloc: + return -ENOMEM; + } +diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c +index e81b1ca..6f3b5b9 100644 +--- a/net/ipv4/ip_gre.c ++++ b/net/ipv4/ip_gre.c +@@ -124,7 +124,7 @@ static bool log_ecn_error = true; + module_param(log_ecn_error, bool, 0644); + MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); + +-static struct rtnl_link_ops ipgre_link_ops __read_mostly; ++static struct rtnl_link_ops ipgre_link_ops; + static int ipgre_tunnel_init(struct net_device *dev); + static void ipgre_tunnel_setup(struct net_device *dev); + static int ipgre_tunnel_bind_dev(struct net_device *dev); +@@ -1756,7 +1756,7 @@ static const struct nla_policy ipgre_policy[IFLA_GRE_MAX + 1] = { + [IFLA_GRE_PMTUDISC] = { .type = NLA_U8 }, + }; + +-static struct rtnl_link_ops ipgre_link_ops __read_mostly = { ++static struct rtnl_link_ops ipgre_link_ops = { + .kind = "gre", + .maxtype = IFLA_GRE_MAX, + .policy = ipgre_policy, +@@ -1769,7 +1769,7 @@ static struct rtnl_link_ops ipgre_link_ops __read_mostly = { + .fill_info = ipgre_fill_info, + }; + +-static struct rtnl_link_ops ipgre_tap_ops __read_mostly = { ++static struct rtnl_link_ops ipgre_tap_ops = { + .kind = "gretap", + .maxtype = IFLA_GRE_MAX, + .policy = ipgre_policy, diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index d9c4f11..02b82db 100644 --- a/net/ipv4/ip_sockglue.c @@ -80873,6 +85047,28 @@ index d9c4f11..02b82db 100644 msg.msg_controllen = len; msg.msg_flags = flags; +diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c +index c3a4233..1412161 100644 +--- a/net/ipv4/ip_vti.c ++++ b/net/ipv4/ip_vti.c +@@ -47,7 +47,7 @@ + #define HASH_SIZE 16 + #define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&(HASH_SIZE-1)) + +-static struct rtnl_link_ops vti_link_ops __read_mostly; ++static struct rtnl_link_ops vti_link_ops; + + static int vti_net_id __read_mostly; + struct vti_net { +@@ -886,7 +886,7 @@ static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = { + [IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) }, + }; + +-static struct rtnl_link_ops vti_link_ops __read_mostly = { ++static struct rtnl_link_ops vti_link_ops = { + .kind = "vti", + .maxtype = IFLA_VTI_MAX, + .policy = vti_policy, diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c index 9a46dae..5f793a0 100644 --- a/net/ipv4/ipcomp.c @@ -80917,6 +85113,28 @@ index a2e50ae..e152b7c 100644 set_fs(oldfs); return res; } +diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c +index 191fc24..1b3b804 100644 +--- a/net/ipv4/ipip.c ++++ b/net/ipv4/ipip.c +@@ -138,7 +138,7 @@ struct ipip_net { + static int ipip_tunnel_init(struct net_device *dev); + static void ipip_tunnel_setup(struct net_device *dev); + static void ipip_dev_free(struct net_device *dev); +-static struct rtnl_link_ops ipip_link_ops __read_mostly; ++static struct rtnl_link_ops ipip_link_ops; + + static struct rtnl_link_stats64 *ipip_get_stats64(struct net_device *dev, + struct rtnl_link_stats64 *tot) +@@ -972,7 +972,7 @@ static const struct nla_policy ipip_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 }, + }; + +-static struct rtnl_link_ops ipip_link_ops __read_mostly = { ++static struct rtnl_link_ops ipip_link_ops = { + .kind = "ipip", + .maxtype = IFLA_IPTUN_MAX, + .policy = ipip_policy, diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 3ea4127..849297b 100644 --- a/net/ipv4/netfilter/arp_tables.c @@ -81084,9 +85302,52 @@ index 6f08991..55867ad 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index a0fcc47..5949bba1 100644 +index a0fcc47..32e2c89 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c +@@ -2552,34 +2552,34 @@ static struct ctl_table ipv4_route_flush_table[] = { + .maxlen = sizeof(int), + .mode = 0200, + .proc_handler = ipv4_sysctl_rtcache_flush, ++ .extra1 = &init_net, + }, + { }, + }; + + static __net_init int sysctl_route_net_init(struct net *net) + { +- struct ctl_table *tbl; ++ ctl_table_no_const *tbl = NULL; + +- tbl = ipv4_route_flush_table; + if (!net_eq(net, &init_net)) { +- tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL); ++ tbl = kmemdup(ipv4_route_flush_table, sizeof(ipv4_route_flush_table), GFP_KERNEL); + if (tbl == NULL) + goto err_dup; + + /* Don't export sysctls to unprivileged users */ + if (net->user_ns != &init_user_ns) + tbl[0].procname = NULL; +- } +- tbl[0].extra1 = net; ++ tbl[0].extra1 = net; ++ net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl); ++ } else ++ net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", ipv4_route_flush_table); + +- net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl); + if (net->ipv4.route_hdr == NULL) + goto err_reg; + return 0; + + err_reg: +- if (tbl != ipv4_route_flush_table) +- kfree(tbl); ++ kfree(tbl); + err_dup: + return -ENOMEM; + } @@ -2602,7 +2602,7 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) @@ -81096,6 +85357,146 @@ index a0fcc47..5949bba1 100644 get_random_bytes(&net->ipv4.dev_addr_genid, sizeof(net->ipv4.dev_addr_genid)); return 0; +diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c +index d84400b..62e066e 100644 +--- a/net/ipv4/sysctl_net_ipv4.c ++++ b/net/ipv4/sysctl_net_ipv4.c +@@ -54,7 +54,7 @@ static int ipv4_local_port_range(ctl_table *table, int write, + { + int ret; + int range[2]; +- ctl_table tmp = { ++ ctl_table_no_const tmp = { + .data = &range, + .maxlen = sizeof(range), + .mode = table->mode, +@@ -107,7 +107,7 @@ static int ipv4_ping_group_range(ctl_table *table, int write, + int ret; + gid_t urange[2]; + kgid_t low, high; +- ctl_table tmp = { ++ ctl_table_no_const tmp = { + .data = &urange, + .maxlen = sizeof(urange), + .mode = table->mode, +@@ -138,7 +138,7 @@ static int proc_tcp_congestion_control(ctl_table *ctl, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { + char val[TCP_CA_NAME_MAX]; +- ctl_table tbl = { ++ ctl_table_no_const tbl = { + .data = val, + .maxlen = TCP_CA_NAME_MAX, + }; +@@ -157,7 +157,7 @@ static int proc_tcp_available_congestion_control(ctl_table *ctl, + void __user *buffer, size_t *lenp, + loff_t *ppos) + { +- ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, }; ++ ctl_table_no_const tbl = { .maxlen = TCP_CA_BUF_MAX, }; + int ret; + + tbl.data = kmalloc(tbl.maxlen, GFP_USER); +@@ -174,7 +174,7 @@ static int proc_allowed_congestion_control(ctl_table *ctl, + void __user *buffer, size_t *lenp, + loff_t *ppos) + { +- ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX }; ++ ctl_table_no_const tbl = { .maxlen = TCP_CA_BUF_MAX }; + int ret; + + tbl.data = kmalloc(tbl.maxlen, GFP_USER); +@@ -200,15 +200,17 @@ static int ipv4_tcp_mem(ctl_table *ctl, int write, + struct mem_cgroup *memcg; + #endif + +- ctl_table tmp = { ++ ctl_table_no_const tmp = { + .data = &vec, + .maxlen = sizeof(vec), + .mode = ctl->mode, + }; + + if (!write) { +- ctl->data = &net->ipv4.sysctl_tcp_mem; +- return proc_doulongvec_minmax(ctl, write, buffer, lenp, ppos); ++ ctl_table_no_const tcp_mem = *ctl; ++ ++ tcp_mem.data = &net->ipv4.sysctl_tcp_mem; ++ return proc_doulongvec_minmax(&tcp_mem, write, buffer, lenp, ppos); + } + + ret = proc_doulongvec_minmax(&tmp, write, buffer, lenp, ppos); +@@ -235,7 +237,7 @@ static int ipv4_tcp_mem(ctl_table *ctl, int write, + int proc_tcp_fastopen_key(ctl_table *ctl, int write, void __user *buffer, + size_t *lenp, loff_t *ppos) + { +- ctl_table tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) }; ++ ctl_table_no_const tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) }; + struct tcp_fastopen_context *ctxt; + int ret; + u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */ +@@ -476,7 +478,7 @@ static struct ctl_table ipv4_table[] = { + }, + { + .procname = "ip_local_reserved_ports", +- .data = NULL, /* initialized in sysctl_ipv4_init */ ++ .data = sysctl_local_reserved_ports, + .maxlen = 65536, + .mode = 0644, + .proc_handler = proc_do_large_bitmap, +@@ -860,11 +862,10 @@ static struct ctl_table ipv4_net_table[] = { + + static __net_init int ipv4_sysctl_init_net(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table = NULL; + +- table = ipv4_net_table; + if (!net_eq(net, &init_net)) { +- table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL); ++ table = kmemdup(ipv4_net_table, sizeof(ipv4_net_table), GFP_KERNEL); + if (table == NULL) + goto err_alloc; + +@@ -897,15 +898,17 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) + + tcp_init_mem(net); + +- net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", table); ++ if (!net_eq(net, &init_net)) ++ net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", table); ++ else ++ net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", ipv4_net_table); + if (net->ipv4.ipv4_hdr == NULL) + goto err_reg; + + return 0; + + err_reg: +- if (!net_eq(net, &init_net)) +- kfree(table); ++ kfree(table); + err_alloc: + return -ENOMEM; + } +@@ -927,16 +930,6 @@ static __net_initdata struct pernet_operations ipv4_sysctl_ops = { + static __init int sysctl_ipv4_init(void) + { + struct ctl_table_header *hdr; +- struct ctl_table *i; +- +- for (i = ipv4_table; i->procname; i++) { +- if (strcmp(i->procname, "ip_local_reserved_ports") == 0) { +- i->data = sysctl_local_reserved_ports; +- break; +- } +- } +- if (!i->procname) +- return -EINVAL; + + hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table); + if (hdr == NULL) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index ad70a96..50cb55b 100644 --- a/net/ipv4/tcp_input.c @@ -81381,7 +85782,7 @@ index 1f4d405..3524677 100644 int udp4_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index 1b5d8cb..2e8c2d9 100644 +index 1b5d8cb..ffb0833 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -2272,7 +2272,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) @@ -81393,10 +85794,50 @@ index 1b5d8cb..2e8c2d9 100644 if (ops->ndo_do_ioctl) { mm_segment_t oldfs = get_fs(); +@@ -4388,7 +4388,7 @@ int addrconf_sysctl_forward(ctl_table *ctl, int write, + int *valp = ctl->data; + int val = *valp; + loff_t pos = *ppos; +- ctl_table lctl; ++ ctl_table_no_const lctl; + int ret; + + /* +@@ -4470,7 +4470,7 @@ int addrconf_sysctl_disable(ctl_table *ctl, int write, + int *valp = ctl->data; + int val = *valp; + loff_t pos = *ppos; +- ctl_table lctl; ++ ctl_table_no_const lctl; + int ret; + + /* +diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c +index fff5bdd..15194fb 100644 +--- a/net/ipv6/icmp.c ++++ b/net/ipv6/icmp.c +@@ -973,7 +973,7 @@ ctl_table ipv6_icmp_table_template[] = { + + struct ctl_table * __net_init ipv6_icmp_sysctl_init(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(ipv6_icmp_table_template, + sizeof(ipv6_icmp_table_template), diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index 131dd09..7647ada 100644 +index 131dd09..f7ed64f 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c +@@ -73,7 +73,7 @@ struct ip6gre_net { + struct net_device *fb_tunnel_dev; + }; + +-static struct rtnl_link_ops ip6gre_link_ops __read_mostly; ++static struct rtnl_link_ops ip6gre_link_ops; + static int ip6gre_tunnel_init(struct net_device *dev); + static void ip6gre_tunnel_setup(struct net_device *dev); + static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t); @@ -1337,7 +1337,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) } @@ -81406,6 +85847,46 @@ index 131dd09..7647ada 100644 .handler = ip6gre_rcv, .err_handler = ip6gre_err, .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, +@@ -1671,7 +1671,7 @@ static const struct nla_policy ip6gre_policy[IFLA_GRE_MAX + 1] = { + [IFLA_GRE_FLAGS] = { .type = NLA_U32 }, + }; + +-static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { ++static struct rtnl_link_ops ip6gre_link_ops = { + .kind = "ip6gre", + .maxtype = IFLA_GRE_MAX, + .policy = ip6gre_policy, +@@ -1684,7 +1684,7 @@ static struct rtnl_link_ops ip6gre_link_ops __read_mostly = { + .fill_info = ip6gre_fill_info, + }; + +-static struct rtnl_link_ops ip6gre_tap_ops __read_mostly = { ++static struct rtnl_link_ops ip6gre_tap_ops = { + .kind = "ip6gretap", + .maxtype = IFLA_GRE_MAX, + .policy = ip6gre_policy, +diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c +index a14f28b..b4b8956 100644 +--- a/net/ipv6/ip6_tunnel.c ++++ b/net/ipv6/ip6_tunnel.c +@@ -87,7 +87,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) + + static int ip6_tnl_dev_init(struct net_device *dev); + static void ip6_tnl_dev_setup(struct net_device *dev); +-static struct rtnl_link_ops ip6_link_ops __read_mostly; ++static struct rtnl_link_ops ip6_link_ops; + + static int ip6_tnl_net_id __read_mostly; + struct ip6_tnl_net { +@@ -1686,7 +1686,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = { + [IFLA_IPTUN_PROTO] = { .type = NLA_U8 }, + }; + +-static struct rtnl_link_ops ip6_link_ops __read_mostly = { ++static struct rtnl_link_ops ip6_link_ops = { + .kind = "ip6tnl", + .maxtype = IFLA_IPTUN_MAX, + .policy = ip6_tnl_policy, diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index d1e2e8e..51c19ae 100644 --- a/net/ipv6/ipv6_sockglue.c @@ -81468,6 +85949,48 @@ index 125a90d..2a11f36 100644 break; case IP6T_SO_GET_ENTRIES: +diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c +index 3dacecc..2939087 100644 +--- a/net/ipv6/netfilter/nf_conntrack_reasm.c ++++ b/net/ipv6/netfilter/nf_conntrack_reasm.c +@@ -87,12 +87,11 @@ static struct ctl_table nf_ct_frag6_sysctl_table[] = { + + static int nf_ct_frag6_sysctl_register(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table = NULL; + struct ctl_table_header *hdr; + +- table = nf_ct_frag6_sysctl_table; + if (!net_eq(net, &init_net)) { +- table = kmemdup(table, sizeof(nf_ct_frag6_sysctl_table), ++ table = kmemdup(nf_ct_frag6_sysctl_table, sizeof(nf_ct_frag6_sysctl_table), + GFP_KERNEL); + if (table == NULL) + goto err_alloc; +@@ -100,9 +99,9 @@ static int nf_ct_frag6_sysctl_register(struct net *net) + table[0].data = &net->ipv6.frags.high_thresh; + table[1].data = &net->ipv6.frags.low_thresh; + table[2].data = &net->ipv6.frags.timeout; +- } +- +- hdr = register_net_sysctl(net, "net/netfilter", table); ++ hdr = register_net_sysctl(net, "net/netfilter", table); ++ } else ++ hdr = register_net_sysctl(net, "net/netfilter", nf_ct_frag6_sysctl_table); + if (hdr == NULL) + goto err_reg; + +@@ -110,8 +109,7 @@ static int nf_ct_frag6_sysctl_register(struct net *net) + return 0; + + err_reg: +- if (!net_eq(net, &init_net)) +- kfree(table); ++ kfree(table); + err_alloc: + return -ENOMEM; + } diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c index 70fa814..d70c28c 100644 --- a/net/ipv6/raw.c @@ -81552,6 +86075,96 @@ index 70fa814..d70c28c 100644 } static int raw6_seq_show(struct seq_file *seq, void *v) +diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c +index e5253ec..0410257 100644 +--- a/net/ipv6/reassembly.c ++++ b/net/ipv6/reassembly.c +@@ -604,12 +604,11 @@ static struct ctl_table ip6_frags_ctl_table[] = { + + static int __net_init ip6_frags_ns_sysctl_register(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table = NULL; + struct ctl_table_header *hdr; + +- table = ip6_frags_ns_ctl_table; + if (!net_eq(net, &init_net)) { +- table = kmemdup(table, sizeof(ip6_frags_ns_ctl_table), GFP_KERNEL); ++ table = kmemdup(ip6_frags_ns_ctl_table, sizeof(ip6_frags_ns_ctl_table), GFP_KERNEL); + if (table == NULL) + goto err_alloc; + +@@ -620,9 +619,10 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net) + /* Don't export sysctls to unprivileged users */ + if (net->user_ns != &init_user_ns) + table[0].procname = NULL; +- } ++ hdr = register_net_sysctl(net, "net/ipv6", table); ++ } else ++ hdr = register_net_sysctl(net, "net/ipv6", ip6_frags_ns_ctl_table); + +- hdr = register_net_sysctl(net, "net/ipv6", table); + if (hdr == NULL) + goto err_reg; + +@@ -630,8 +630,7 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net) + return 0; + + err_reg: +- if (!net_eq(net, &init_net)) +- kfree(table); ++ kfree(table); + err_alloc: + return -ENOMEM; + } +diff --git a/net/ipv6/route.c b/net/ipv6/route.c +index 6f9f7b6..2306d63 100644 +--- a/net/ipv6/route.c ++++ b/net/ipv6/route.c +@@ -2965,7 +2965,7 @@ ctl_table ipv6_route_table_template[] = { + + struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(ipv6_route_table_template, + sizeof(ipv6_route_table_template), +diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c +index cfba99b..20ca511 100644 +--- a/net/ipv6/sit.c ++++ b/net/ipv6/sit.c +@@ -72,7 +72,7 @@ MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); + static int ipip6_tunnel_init(struct net_device *dev); + static void ipip6_tunnel_setup(struct net_device *dev); + static void ipip6_dev_free(struct net_device *dev); +-static struct rtnl_link_ops sit_link_ops __read_mostly; ++static struct rtnl_link_ops sit_link_ops; + + static int sit_net_id __read_mostly; + struct sit_net { +@@ -1463,7 +1463,7 @@ static const struct nla_policy ipip6_policy[IFLA_IPTUN_MAX + 1] = { + #endif + }; + +-static struct rtnl_link_ops sit_link_ops __read_mostly = { ++static struct rtnl_link_ops sit_link_ops = { + .kind = "sit", + .maxtype = IFLA_IPTUN_MAX, + .policy = ipip6_policy, +diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c +index e85c48b..b8268d3 100644 +--- a/net/ipv6/sysctl_net_ipv6.c ++++ b/net/ipv6/sysctl_net_ipv6.c +@@ -40,7 +40,7 @@ static ctl_table ipv6_rotable[] = { + + static int __net_init ipv6_sysctl_net_init(struct net *net) + { +- struct ctl_table *ipv6_table; ++ ctl_table_no_const *ipv6_table; + struct ctl_table *ipv6_route_table; + struct ctl_table *ipv6_icmp_table; + int err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 4f435371..5de9da7 100644 --- a/net/ipv6/tcp_ipv6.c @@ -81749,6 +86362,24 @@ index a68c88c..d55b0c5 100644 seq_printf(m, "Max data size: %d\n", self->max_data_size); seq_printf(m, "Max header size: %d\n", self->max_header_size); +diff --git a/net/irda/iriap.c b/net/irda/iriap.c +index e71e85b..29340a9 100644 +--- a/net/irda/iriap.c ++++ b/net/irda/iriap.c +@@ -495,8 +495,11 @@ static void iriap_getvaluebyclass_confirm(struct iriap_cb *self, + /* case CS_ISO_8859_9: */ + /* case CS_UNICODE: */ + default: +- IRDA_DEBUG(0, "%s(), charset %s, not supported\n", +- __func__, ias_charset_types[charset]); ++ IRDA_DEBUG(0, "%s(), charset [%d] %s, not supported\n", ++ __func__, charset, ++ charset < ARRAY_SIZE(ias_charset_types) ? ++ ias_charset_types[charset] : ++ "(unknown)"); + + /* Aborting, close connection! */ + iriap_disconnect_request(self); diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c index cd6f7a9..e63fe89 100644 --- a/net/iucv/af_iucv.c @@ -81796,6 +86427,18 @@ index 5b426a6..970032b 100644 } while (!res); return res; } +diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +index 716605c..044e9e1 100644 +--- a/net/l2tp/l2tp_ppp.c ++++ b/net/l2tp/l2tp_ppp.c +@@ -355,6 +355,7 @@ static int pppol2tp_sendmsg(struct kiocb *iocb, struct socket *sock, struct msgh + l2tp_xmit_skb(session, skb, session->hdr_len); + + sock_put(ps->tunnel_sock); ++ sock_put(sk); + + return error; + diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index 0479c64..d031db6 100644 --- a/net/mac80211/cfg.c @@ -82022,6 +86665,19 @@ index 3259697..54d5393 100644 obj-$(CONFIG_NETFILTER_XT_MATCH_HASHLIMIT) += xt_hashlimit.o obj-$(CONFIG_NETFILTER_XT_MATCH_HELPER) += xt_helper.o obj-$(CONFIG_NETFILTER_XT_MATCH_HL) += xt_hl.o +diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c +index 6d6d8f2..a676749 100644 +--- a/net/netfilter/ipset/ip_set_core.c ++++ b/net/netfilter/ipset/ip_set_core.c +@@ -1800,7 +1800,7 @@ done: + return ret; + } + +-static struct nf_sockopt_ops so_set __read_mostly = { ++static struct nf_sockopt_ops so_set = { + .pf = PF_INET, + .get_optmin = SO_IP_SET, + .get_optmax = SO_IP_SET + 1, diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c index 30e764a..c3b6a9d 100644 --- a/net/netfilter/ipvs/ip_vs_conn.c @@ -82076,7 +86732,7 @@ index 47edf5a..235b07d 100644 if (ipvs->sync_state & IP_VS_STATE_MASTER) ip_vs_sync_conn(net, cp, pkts); diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c -index ec664cb..cd576ab 100644 +index ec664cb..7f34a77 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -787,7 +787,7 @@ __ip_vs_update_dest(struct ip_vs_service *svc, struct ip_vs_dest *dest, @@ -82088,6 +86744,15 @@ index ec664cb..cd576ab 100644 /* bind the service */ if (!dest->svc) { +@@ -1688,7 +1688,7 @@ proc_do_sync_ports(ctl_table *table, int write, + * align with netns init in ip_vs_control_net_init() + */ + +-static struct ctl_table vs_vars[] = { ++static ctl_table_no_const vs_vars[] __read_only = { + { + .procname = "amemthresh", + .maxlen = sizeof(int), @@ -2081,7 +2081,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) " %-7s %-6d %-10d %-10d\n", &dest->addr.in6, @@ -82124,6 +86789,41 @@ index ec664cb..cd576ab 100644 IP_VS_CONN_F_FWD_MASK)) || nla_put_u32(skb, IPVS_DEST_ATTR_WEIGHT, atomic_read(&dest->weight)) || +@@ -3688,7 +3688,7 @@ static int __net_init ip_vs_control_net_init_sysctl(struct net *net) + { + int idx; + struct netns_ipvs *ipvs = net_ipvs(net); +- struct ctl_table *tbl; ++ ctl_table_no_const *tbl; + + atomic_set(&ipvs->dropentry, 0); + spin_lock_init(&ipvs->dropentry_lock); +diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c +index fdd89b9..bd96aa9 100644 +--- a/net/netfilter/ipvs/ip_vs_lblc.c ++++ b/net/netfilter/ipvs/ip_vs_lblc.c +@@ -115,7 +115,7 @@ struct ip_vs_lblc_table { + * IPVS LBLC sysctl table + */ + #ifdef CONFIG_SYSCTL +-static ctl_table vs_vars_table[] = { ++static ctl_table_no_const vs_vars_table[] __read_only = { + { + .procname = "lblc_expiration", + .data = NULL, +diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c +index c03b6a3..8ce3681 100644 +--- a/net/netfilter/ipvs/ip_vs_lblcr.c ++++ b/net/netfilter/ipvs/ip_vs_lblcr.c +@@ -288,7 +288,7 @@ struct ip_vs_lblcr_table { + * IPVS LBLCR sysctl table + */ + +-static ctl_table vs_vars_table[] = { ++static ctl_table_no_const vs_vars_table[] __read_only = { + { + .procname = "lblcr_expiration", + .data = NULL, diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c index 44fd10c..2a163b3 100644 --- a/net/netfilter/ipvs/ip_vs_sync.c @@ -82177,6 +86877,19 @@ index ee6b7a9..f9a89f6 100644 goto out; } +diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c +index 7df424e..a527b02 100644 +--- a/net/netfilter/nf_conntrack_acct.c ++++ b/net/netfilter/nf_conntrack_acct.c +@@ -60,7 +60,7 @@ static struct nf_ct_ext_type acct_extend __read_mostly = { + #ifdef CONFIG_SYSCTL + static int nf_conntrack_acct_init_sysctl(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(acct_sysctl_table, sizeof(acct_sysctl_table), + GFP_KERNEL); diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index e4a0c4f..c263f28 100644 --- a/net/netfilter/nf_conntrack_core.c @@ -82204,6 +86917,126 @@ index e4a0c4f..c263f28 100644 if (!net->ct.slabname) { ret = -ENOMEM; goto err_slabname; +diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c +index faa978f..1afb18f 100644 +--- a/net/netfilter/nf_conntrack_ecache.c ++++ b/net/netfilter/nf_conntrack_ecache.c +@@ -186,7 +186,7 @@ static struct nf_ct_ext_type event_extend __read_mostly = { + #ifdef CONFIG_SYSCTL + static int nf_conntrack_event_init_sysctl(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(event_sysctl_table, sizeof(event_sysctl_table), + GFP_KERNEL); +diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c +index 884f2b3..d53b33a 100644 +--- a/net/netfilter/nf_conntrack_helper.c ++++ b/net/netfilter/nf_conntrack_helper.c +@@ -55,7 +55,7 @@ static struct ctl_table helper_sysctl_table[] = { + + static int nf_conntrack_helper_init_sysctl(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(helper_sysctl_table, sizeof(helper_sysctl_table), + GFP_KERNEL); +diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c +index 51e928d..72a413a 100644 +--- a/net/netfilter/nf_conntrack_proto.c ++++ b/net/netfilter/nf_conntrack_proto.c +@@ -51,7 +51,7 @@ nf_ct_register_sysctl(struct net *net, + + static void + nf_ct_unregister_sysctl(struct ctl_table_header **header, +- struct ctl_table **table, ++ ctl_table_no_const **table, + unsigned int users) + { + if (users > 0) +diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c +index e7185c6..4ad6c9c 100644 +--- a/net/netfilter/nf_conntrack_standalone.c ++++ b/net/netfilter/nf_conntrack_standalone.c +@@ -470,7 +470,7 @@ static ctl_table nf_ct_netfilter_table[] = { + + static int nf_conntrack_standalone_init_sysctl(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + if (net_eq(net, &init_net)) { + nf_ct_netfilter_header = +diff --git a/net/netfilter/nf_conntrack_timestamp.c b/net/netfilter/nf_conntrack_timestamp.c +index 7ea8026..bc9512d 100644 +--- a/net/netfilter/nf_conntrack_timestamp.c ++++ b/net/netfilter/nf_conntrack_timestamp.c +@@ -42,7 +42,7 @@ static struct nf_ct_ext_type tstamp_extend __read_mostly = { + #ifdef CONFIG_SYSCTL + static int nf_conntrack_tstamp_init_sysctl(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(tstamp_sysctl_table, sizeof(tstamp_sysctl_table), + GFP_KERNEL); +diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c +index 9e31269..bc4c1b7 100644 +--- a/net/netfilter/nf_log.c ++++ b/net/netfilter/nf_log.c +@@ -215,7 +215,7 @@ static const struct file_operations nflog_file_ops = { + + #ifdef CONFIG_SYSCTL + static char nf_log_sysctl_fnames[NFPROTO_NUMPROTO-NFPROTO_UNSPEC][3]; +-static struct ctl_table nf_log_sysctl_table[NFPROTO_NUMPROTO+1]; ++static ctl_table_no_const nf_log_sysctl_table[NFPROTO_NUMPROTO+1] __read_only; + static struct ctl_table_header *nf_log_dir_header; + + static int nf_log_proc_dostring(ctl_table *table, int write, +@@ -246,14 +246,16 @@ static int nf_log_proc_dostring(ctl_table *table, int write, + rcu_assign_pointer(nf_loggers[tindex], logger); + mutex_unlock(&nf_log_mutex); + } else { ++ ctl_table_no_const nf_log_table = *table; ++ + mutex_lock(&nf_log_mutex); + logger = rcu_dereference_protected(nf_loggers[tindex], + lockdep_is_held(&nf_log_mutex)); + if (!logger) +- table->data = "NONE"; ++ nf_log_table.data = "NONE"; + else +- table->data = logger->name; +- r = proc_dostring(table, write, buffer, lenp, ppos); ++ nf_log_table.data = logger->name; ++ r = proc_dostring(&nf_log_table, write, buffer, lenp, ppos); + mutex_unlock(&nf_log_mutex); + } + +diff --git a/net/netfilter/nf_sockopt.c b/net/netfilter/nf_sockopt.c +index f042ae5..30ea486 100644 +--- a/net/netfilter/nf_sockopt.c ++++ b/net/netfilter/nf_sockopt.c +@@ -45,7 +45,7 @@ int nf_register_sockopt(struct nf_sockopt_ops *reg) + } + } + +- list_add(®->list, &nf_sockopts); ++ pax_list_add((struct list_head *)®->list, &nf_sockopts); + out: + mutex_unlock(&nf_sockopt_mutex); + return ret; +@@ -55,7 +55,7 @@ EXPORT_SYMBOL(nf_register_sockopt); + void nf_unregister_sockopt(struct nf_sockopt_ops *reg) + { + mutex_lock(&nf_sockopt_mutex); +- list_del(®->list); ++ pax_list_del((struct list_head *)®->list); + mutex_unlock(&nf_sockopt_mutex); + } + EXPORT_SYMBOL(nf_unregister_sockopt); diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 92fd8ec..3f6ea4b 100644 --- a/net/netfilter/nfnetlink_log.c @@ -82339,6 +87172,48 @@ index c0353d5..fcb0270 100644 sock_i_ino(s) ); +diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c +index f2aabb6..2e5e66e 100644 +--- a/net/netlink/genetlink.c ++++ b/net/netlink/genetlink.c +@@ -295,18 +295,20 @@ int genl_register_ops(struct genl_family *family, struct genl_ops *ops) + goto errout; + } + ++ pax_open_kernel(); + if (ops->dumpit) +- ops->flags |= GENL_CMD_CAP_DUMP; ++ *(unsigned int *)&ops->flags |= GENL_CMD_CAP_DUMP; + if (ops->doit) +- ops->flags |= GENL_CMD_CAP_DO; ++ *(unsigned int *)&ops->flags |= GENL_CMD_CAP_DO; + if (ops->policy) +- ops->flags |= GENL_CMD_CAP_HASPOL; ++ *(unsigned int *)&ops->flags |= GENL_CMD_CAP_HASPOL; ++ pax_close_kernel(); + + genl_lock(); +- list_add_tail(&ops->ops_list, &family->ops_list); ++ pax_list_add_tail((struct list_head *)&ops->ops_list, &family->ops_list); + genl_unlock(); + +- genl_ctrl_event(CTRL_CMD_NEWOPS, ops); ++ genl_ctrl_event(CTRL_CMD_NEWOPS, (void *)ops); + err = 0; + errout: + return err; +@@ -336,9 +338,9 @@ int genl_unregister_ops(struct genl_family *family, struct genl_ops *ops) + genl_lock(); + list_for_each_entry(rc, &family->ops_list, ops_list) { + if (rc == ops) { +- list_del(&ops->ops_list); ++ pax_list_del((struct list_head *)&ops->ops_list); + genl_unlock(); +- genl_ctrl_event(CTRL_CMD_DELOPS, ops); ++ genl_ctrl_event(CTRL_CMD_DELOPS, (void *)ops); + return 0; + } + } diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c index 7261eb8..44e8ac6 100644 --- a/net/netrom/af_netrom.c @@ -82484,6 +87359,19 @@ index b7e9827..c264c85 100644 } seq_printf(seq, "%*s\n", 127 - len, ""); return 0; +diff --git a/net/phonet/sysctl.c b/net/phonet/sysctl.c +index d6bbbbd..61561e4 100644 +--- a/net/phonet/sysctl.c ++++ b/net/phonet/sysctl.c +@@ -67,7 +67,7 @@ static int proc_local_port_range(ctl_table *table, int write, + { + int ret; + int range[2] = {local_port_range[0], local_port_range[1]}; +- ctl_table tmp = { ++ ctl_table_no_const tmp = { + .data = &range, + .maxlen = sizeof(range), + .mode = table->mode, diff --git a/net/rds/cong.c b/net/rds/cong.c index e5b65ac..f3b6fb7 100644 --- a/net/rds/cong.c @@ -82611,6 +87499,33 @@ index 4503335..db566b4 100644 } #endif +diff --git a/net/rds/message.c b/net/rds/message.c +index f0a4658..aff589c 100644 +--- a/net/rds/message.c ++++ b/net/rds/message.c +@@ -197,6 +197,9 @@ struct rds_message *rds_message_alloc(unsigned int extra_len, gfp_t gfp) + { + struct rds_message *rm; + ++ if (extra_len > KMALLOC_MAX_SIZE - sizeof(struct rds_message)) ++ return NULL; ++ + rm = kzalloc(sizeof(struct rds_message) + extra_len, gfp); + if (!rm) + goto out; +diff --git a/net/rds/rds.h b/net/rds/rds.h +index ec1d731..90a3a8d 100644 +--- a/net/rds/rds.h ++++ b/net/rds/rds.h +@@ -449,7 +449,7 @@ struct rds_transport { + void (*sync_mr)(void *trans_private, int direction); + void (*free_mr)(void *trans_private, int invalidate); + void (*flush_mrs)(void); +-}; ++} __do_const; + + struct rds_sock { + struct sock rs_sk; diff --git a/net/rds/tcp.c b/net/rds/tcp.c index edac9ef..16bcb98 100644 --- a/net/rds/tcp.c @@ -82898,15 +87813,33 @@ index f226709..0e735a8 100644 ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c -index 391a245..8f6a898 100644 +index 391a245..296b3d7 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c +@@ -981,7 +981,7 @@ static const struct inet6_protocol sctpv6_protocol = { + .flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL, + }; + +-static struct sctp_af sctp_af_inet6 = { ++static struct sctp_af sctp_af_inet6 __read_only = { + .sa_family = AF_INET6, + .sctp_xmit = sctp_v6_xmit, + .setsockopt = ipv6_setsockopt, +@@ -1013,7 +1013,7 @@ static struct sctp_af sctp_af_inet6 = { + #endif + }; + +-static struct sctp_pf sctp_pf_inet6 = { ++static struct sctp_pf sctp_pf_inet6 __read_only = { + .event_msgname = sctp_inet6_event_msgname, + .skb_msgname = sctp_inet6_skb_msgname, + .af_supported = sctp_inet6_af_supported, @@ -1038,7 +1038,7 @@ void sctp_v6_pf_init(void) void sctp_v6_pf_exit(void) { - list_del(&sctp_af_inet6.list); -+ pax_list_del((struct list_head *)&sctp_af_inet6.list); ++ pax_list_del(&sctp_af_inet6.list); } /* Initialize IPv6 support and register with socket layer. */ @@ -82925,33 +87858,63 @@ index 8c19e97..16264b8 100644 assoc->assoc_id, assoc->sndbuf_used, diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c -index f898b1c..60bf8f2 100644 +index f898b1c..a2d0fe8 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -834,8 +834,10 @@ int sctp_register_af(struct sctp_af *af) return 0; } -- INIT_LIST_HEAD(&af->list); -- list_add_tail(&af->list, &sctp_address_families); + pax_open_kernel(); -+ INIT_LIST_HEAD((struct list_head *)&af->list); + INIT_LIST_HEAD(&af->list); +- list_add_tail(&af->list, &sctp_address_families); + pax_close_kernel(); -+ pax_list_add_tail((struct list_head *)&af->list, &sctp_address_families); ++ pax_list_add_tail(&af->list, &sctp_address_families); return 1; } +@@ -966,7 +968,7 @@ static inline int sctp_v4_xmit(struct sk_buff *skb, + + static struct sctp_af sctp_af_inet; + +-static struct sctp_pf sctp_pf_inet = { ++static struct sctp_pf sctp_pf_inet __read_only = { + .event_msgname = sctp_inet_event_msgname, + .skb_msgname = sctp_inet_skb_msgname, + .af_supported = sctp_inet_af_supported, +@@ -1037,7 +1039,7 @@ static const struct net_protocol sctp_protocol = { + }; + + /* IPv4 address related functions. */ +-static struct sctp_af sctp_af_inet = { ++static struct sctp_af sctp_af_inet __read_only = { + .sa_family = AF_INET, + .sctp_xmit = sctp_v4_xmit, + .setsockopt = ip_setsockopt, @@ -1122,7 +1124,7 @@ static void sctp_v4_pf_init(void) static void sctp_v4_pf_exit(void) { - list_del(&sctp_af_inet.list); -+ pax_list_del((struct list_head *)&sctp_af_inet.list); ++ pax_list_del(&sctp_af_inet.list); } static int sctp_v4_protosw_init(void) +diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c +index c957775..6d4593a 100644 +--- a/net/sctp/sm_sideeffect.c ++++ b/net/sctp/sm_sideeffect.c +@@ -447,7 +447,7 @@ static void sctp_generate_sack_event(unsigned long data) + sctp_generate_timeout_event(asoc, SCTP_EVENT_TIMEOUT_SACK); + } + +-sctp_timer_event_t *sctp_timer_events[SCTP_NUM_TIMEOUT_TYPES] = { ++sctp_timer_event_t * const sctp_timer_events[SCTP_NUM_TIMEOUT_TYPES] = { + NULL, + sctp_generate_t1_cookie_event, + sctp_generate_t1_init_event, diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index cedd9bf..b1fddeb 100644 +index cedd9bf..d577d71 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4665,6 +4665,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, @@ -82963,6 +87926,88 @@ index cedd9bf..b1fddeb 100644 if (copy_to_user(to, &temp, addrlen)) return -EFAULT; to += addrlen; +@@ -5653,6 +5655,9 @@ static int sctp_getsockopt_assoc_stats(struct sock *sk, int len, + if (len < sizeof(sctp_assoc_t)) + return -EINVAL; + ++ /* Allow the struct to grow and fill in as much as possible */ ++ len = min_t(size_t, len, sizeof(sas)); ++ + if (copy_from_user(&sas, optval, len)) + return -EFAULT; + +@@ -5686,9 +5691,6 @@ static int sctp_getsockopt_assoc_stats(struct sock *sk, int len, + /* Mark beginning of a new observation period */ + asoc->stats.max_obs_rto = asoc->rto_min; + +- /* Allow the struct to grow and fill in as much as possible */ +- len = min_t(size_t, len, sizeof(sas)); +- + if (put_user(len, optlen)) + return -EFAULT; + +diff --git a/net/sctp/ssnmap.c b/net/sctp/ssnmap.c +index 442ad4e..825ea94 100644 +--- a/net/sctp/ssnmap.c ++++ b/net/sctp/ssnmap.c +@@ -41,8 +41,6 @@ + #include + #include + +-#define MAX_KMALLOC_SIZE 131072 +- + static struct sctp_ssnmap *sctp_ssnmap_init(struct sctp_ssnmap *map, __u16 in, + __u16 out); + +@@ -65,7 +63,7 @@ struct sctp_ssnmap *sctp_ssnmap_new(__u16 in, __u16 out, + int size; + + size = sctp_ssnmap_size(in, out); +- if (size <= MAX_KMALLOC_SIZE) ++ if (size <= KMALLOC_MAX_SIZE) + retval = kmalloc(size, gfp); + else + retval = (struct sctp_ssnmap *) +@@ -82,7 +80,7 @@ struct sctp_ssnmap *sctp_ssnmap_new(__u16 in, __u16 out, + return retval; + + fail_map: +- if (size <= MAX_KMALLOC_SIZE) ++ if (size <= KMALLOC_MAX_SIZE) + kfree(retval); + else + free_pages((unsigned long)retval, get_order(size)); +@@ -124,7 +122,7 @@ void sctp_ssnmap_free(struct sctp_ssnmap *map) + int size; + + size = sctp_ssnmap_size(map->in.len, map->out.len); +- if (size <= MAX_KMALLOC_SIZE) ++ if (size <= KMALLOC_MAX_SIZE) + kfree(map); + else + free_pages((unsigned long)map, get_order(size)); +diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c +index bf3c6e8..376d8d0 100644 +--- a/net/sctp/sysctl.c ++++ b/net/sctp/sysctl.c +@@ -307,7 +307,7 @@ static int proc_sctp_do_hmac_alg(ctl_table *ctl, + { + struct net *net = current->nsproxy->net_ns; + char tmp[8]; +- ctl_table tbl; ++ ctl_table_no_const tbl; + int ret; + int changed = 0; + char *none = "none"; +@@ -350,7 +350,7 @@ static int proc_sctp_do_hmac_alg(ctl_table *ctl, + + int sctp_sysctl_net_register(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + int i; + + table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); diff --git a/net/socket.c b/net/socket.c index 2ca51c7..45d0b31 100644 --- a/net/socket.c @@ -83225,6 +88270,21 @@ index 2ca51c7..45d0b31 100644 set_fs(KERNEL_DS); if (level == SOL_SOCKET) +diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c +index 507b5e8..049e64a 100644 +--- a/net/sunrpc/clnt.c ++++ b/net/sunrpc/clnt.c +@@ -1272,7 +1272,9 @@ call_start(struct rpc_task *task) + (RPC_IS_ASYNC(task) ? "async" : "sync")); + + /* Increment call count */ +- task->tk_msg.rpc_proc->p_count++; ++ pax_open_kernel(); ++ (*(unsigned int *)&task->tk_msg.rpc_proc->p_count)++; ++ pax_close_kernel(); + clnt->cl_stats->rpccnt++; + task->tk_action = call_reserve; + } diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c index fb20f25..e3ba316 100644 --- a/net/sunrpc/sched.c @@ -83241,6 +88301,21 @@ index fb20f25..e3ba316 100644 } #else static inline void rpc_task_set_debuginfo(struct rpc_task *task) +diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c +index 2d34b6b..e2d584d 100644 +--- a/net/sunrpc/svc.c ++++ b/net/sunrpc/svc.c +@@ -1156,7 +1156,9 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) + svc_putnl(resv, RPC_SUCCESS); + + /* Bump per-procedure stats counter */ +- procp->pc_count++; ++ pax_open_kernel(); ++ (*(unsigned int *)&procp->pc_count)++; ++ pax_close_kernel(); + + /* Initialize storage for argp and resp */ + memset(rqstp->rq_argp, 0, procp->pc_argsize); diff --git a/net/sunrpc/xprtrdma/svc_rdma.c b/net/sunrpc/xprtrdma/svc_rdma.c index 8343737..677025e 100644 --- a/net/sunrpc/xprtrdma/svc_rdma.c @@ -83516,7 +88591,7 @@ index 6b42d47..2ac24d5 100644 sub->evt.event = htohl(event, sub->swap); diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index 5b5c876..3127bf7 100644 +index 5b5c876..6713b81 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -786,6 +786,12 @@ static struct sock *unix_find_other(struct net *net, @@ -83565,6 +88640,47 @@ index 5b5c876..3127bf7 100644 done_path_create(&path, dentry); return err; } +@@ -2326,9 +2345,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) + seq_puts(seq, "Num RefCount Protocol Flags Type St " + "Inode Path\n"); + else { +- struct sock *s = v; ++ struct sock *s = v, *peer; + struct unix_sock *u = unix_sk(s); + unix_state_lock(s); ++ peer = unix_peer(s); ++ unix_state_unlock(s); ++ ++ unix_state_double_lock(s, peer); + + seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", + s, +@@ -2355,8 +2378,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) + } + for ( ; i < len; i++) + seq_putc(seq, u->addr->name->sun_path[i]); +- } +- unix_state_unlock(s); ++ } else if (peer) ++ seq_printf(seq, " P%lu", sock_i_ino(peer)); ++ ++ unix_state_double_unlock(s, peer); + seq_putc(seq, '\n'); + } + +diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c +index 8800604..0526440 100644 +--- a/net/unix/sysctl_net_unix.c ++++ b/net/unix/sysctl_net_unix.c +@@ -28,7 +28,7 @@ static ctl_table unix_table[] = { + + int __net_init unix_sysctl_register(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + table = kmemdup(unix_table, sizeof(unix_table), GFP_KERNEL); + if (table == NULL) diff --git a/net/wireless/wext-core.c b/net/wireless/wext-core.c index c8717c1..08539f5 100644 --- a/net/wireless/wext-core.c @@ -83603,7 +88719,7 @@ index c8717c1..08539f5 100644 iwp->length += essid_compat; diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c -index 07c5857..edc6dc0 100644 +index 07c5857..fde4018 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -317,7 +317,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy) @@ -83669,7 +88785,32 @@ index 07c5857..edc6dc0 100644 return 0; mtu = dst_mtu(dst->child); -@@ -2896,7 +2896,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol, +@@ -2457,8 +2457,11 @@ int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo) + dst_ops->link_failure = xfrm_link_failure; + if (likely(dst_ops->neigh_lookup == NULL)) + dst_ops->neigh_lookup = xfrm_neigh_lookup; +- if (likely(afinfo->garbage_collect == NULL)) +- afinfo->garbage_collect = xfrm_garbage_collect_deferred; ++ if (likely(afinfo->garbage_collect == NULL)) { ++ pax_open_kernel(); ++ *(void **)&afinfo->garbage_collect = xfrm_garbage_collect_deferred; ++ pax_close_kernel(); ++ } + rcu_assign_pointer(xfrm_policy_afinfo[afinfo->family], afinfo); + } + spin_unlock(&xfrm_policy_afinfo_lock); +@@ -2512,7 +2515,9 @@ int xfrm_policy_unregister_afinfo(struct xfrm_policy_afinfo *afinfo) + dst_ops->check = NULL; + dst_ops->negative_advice = NULL; + dst_ops->link_failure = NULL; +- afinfo->garbage_collect = NULL; ++ pax_open_kernel(); ++ *(void **)&afinfo->garbage_collect = NULL; ++ pax_close_kernel(); + } + return err; + } +@@ -2896,7 +2901,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol, sizeof(pol->xfrm_vec[i].saddr)); pol->xfrm_vec[i].encap_family = mp->new_family; /* flush bundles */ @@ -83679,20 +88820,110 @@ index 07c5857..edc6dc0 100644 } diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c -index 3459692..eefb515 100644 +index 3459692..e7cdb1a 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c -@@ -278,7 +278,9 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) +@@ -194,11 +194,13 @@ int xfrm_register_type(const struct xfrm_type *type, unsigned short family) + + if (unlikely(afinfo == NULL)) + return -EAFNOSUPPORT; +- typemap = afinfo->type_map; ++ typemap = (const struct xfrm_type **)afinfo->type_map; + +- if (likely(typemap[type->proto] == NULL)) ++ if (likely(typemap[type->proto] == NULL)) { ++ pax_open_kernel(); + typemap[type->proto] = type; +- else ++ pax_close_kernel(); ++ } else + err = -EEXIST; + xfrm_state_unlock_afinfo(afinfo); + return err; +@@ -213,12 +215,15 @@ int xfrm_unregister_type(const struct xfrm_type *type, unsigned short family) + + if (unlikely(afinfo == NULL)) + return -EAFNOSUPPORT; +- typemap = afinfo->type_map; ++ typemap = (const struct xfrm_type **)afinfo->type_map; + + if (unlikely(typemap[type->proto] != type)) + err = -ENOENT; +- else ++ else { ++ pax_open_kernel(); + typemap[type->proto] = NULL; ++ pax_close_kernel(); ++ } + xfrm_state_unlock_afinfo(afinfo); + return err; + } +@@ -227,7 +232,6 @@ EXPORT_SYMBOL(xfrm_unregister_type); + static const struct xfrm_type *xfrm_get_type(u8 proto, unsigned short family) + { + struct xfrm_state_afinfo *afinfo; +- const struct xfrm_type **typemap; + const struct xfrm_type *type; + int modload_attempted = 0; + +@@ -235,9 +239,8 @@ retry: + afinfo = xfrm_state_get_afinfo(family); + if (unlikely(afinfo == NULL)) + return NULL; +- typemap = afinfo->type_map; + +- type = typemap[proto]; ++ type = afinfo->type_map[proto]; + if (unlikely(type && !try_module_get(type->owner))) + type = NULL; + if (!type && !modload_attempted) { +@@ -270,7 +273,7 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) + return -EAFNOSUPPORT; + + err = -EEXIST; +- modemap = afinfo->mode_map; ++ modemap = (struct xfrm_mode **)afinfo->mode_map; + if (modemap[mode->encap]) + goto out; + +@@ -278,8 +281,10 @@ int xfrm_register_mode(struct xfrm_mode *mode, int family) if (!try_module_get(afinfo->owner)) goto out; - mode->afinfo = afinfo; + pax_open_kernel(); -+ *(void **)&mode->afinfo = afinfo; -+ pax_close_kernel(); ++ *(const void **)&mode->afinfo = afinfo; modemap[mode->encap] = mode; ++ pax_close_kernel(); err = 0; + out: +@@ -302,9 +307,11 @@ int xfrm_unregister_mode(struct xfrm_mode *mode, int family) + return -EAFNOSUPPORT; + + err = -ENOENT; +- modemap = afinfo->mode_map; ++ modemap = (struct xfrm_mode **)afinfo->mode_map; + if (likely(modemap[mode->encap] == mode)) { ++ pax_open_kernel(); + modemap[mode->encap] = NULL; ++ pax_close_kernel(); + module_put(mode->afinfo->owner); + err = 0; + } +diff --git a/net/xfrm/xfrm_sysctl.c b/net/xfrm/xfrm_sysctl.c +index 05a6e3d..6716ec9 100644 +--- a/net/xfrm/xfrm_sysctl.c ++++ b/net/xfrm/xfrm_sysctl.c +@@ -42,7 +42,7 @@ static struct ctl_table xfrm_table[] = { + + int __net_init xfrm_sysctl_init(struct net *net) + { +- struct ctl_table *table; ++ ctl_table_no_const *table; + + __xfrm_sysctl_init(net); + diff --git a/scripts/Makefile.build b/scripts/Makefile.build index 0e801c3..5c8ad3b 100644 --- a/scripts/Makefile.build @@ -84087,11 +89318,28 @@ index 68bb4ef..2f419e1 100644 logoname); write_hex_cnt = 0; for (i = 0; i < logo_clutsize; i++) { +diff --git a/scripts/sortextable.h b/scripts/sortextable.h +index e4fd45b..2eeb5c4 100644 +--- a/scripts/sortextable.h ++++ b/scripts/sortextable.h +@@ -106,9 +106,9 @@ do_func(Elf_Ehdr *ehdr, char const *const fname, table_sort_t custom_sort) + const char *secstrtab; + const char *strtab; + char *extab_image; +- int extab_index = 0; +- int i; +- int idx; ++ unsigned int extab_index = 0; ++ unsigned int i; ++ unsigned int idx; + + shdr = (Elf_Shdr *)((char *)ehdr + _r(&ehdr->e_shoff)); + shstrtab_sec = shdr + r2(&ehdr->e_shstrndx); diff --git a/security/Kconfig b/security/Kconfig -index e9c6ac7..ab9590d 100644 +index e9c6ac7..952353c 100644 --- a/security/Kconfig +++ b/security/Kconfig -@@ -4,6 +4,902 @@ +@@ -4,6 +4,925 @@ menu "Security options" @@ -84909,6 +90157,24 @@ index e9c6ac7..ab9590d 100644 + Since this has a negligible performance impact, you should enable + this feature. + ++config PAX_CONSTIFY_PLUGIN ++ bool "Automatically constify eligible structures" ++ default y ++ depends on !UML ++ help ++ By saying Y here the compiler will automatically constify a class ++ of types that contain only function pointers. This reduces the ++ kernel's attack surface and also produces a better memory layout. ++ ++ Note that the implementation requires a gcc with plugin support, ++ i.e., gcc 4.5 or newer. You may need to install the supporting ++ headers explicitly in addition to the normal gcc package. ++ ++ Note that if some code really has to modify constified variables ++ then the source code will have to be patched to allow it. Examples ++ can be found in PaX itself (the no_const attribute) and for some ++ out-of-tree modules at http://www.grsecurity.net/~paxguy1/ . ++ +config PAX_USERCOPY + bool "Harden heap object copies between kernel and userland" + default y if GRKERNSEC_CONFIG_AUTO @@ -84974,6 +90240,11 @@ index e9c6ac7..ab9590d 100644 + there is little 'natural' source of entropy normally. The cost + is some slowdown of the boot process. + ++ When pax_extra_latent_entropy is passed on the kernel command line, ++ entropy will be extracted from up to the first 4GB of RAM while the ++ runtime memory allocator is being initialized. This costs even more ++ slowdown of the boot process. ++ + Note that the implementation requires a gcc with plugin support, + i.e., gcc 4.5 or newer. You may need to install the supporting + headers explicitly in addition to the normal gcc package. @@ -84994,7 +90265,7 @@ index e9c6ac7..ab9590d 100644 source security/keys/Kconfig config SECURITY_DMESG_RESTRICT -@@ -103,7 +999,7 @@ config INTEL_TXT +@@ -103,7 +1022,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX @@ -85124,7 +90395,7 @@ index 55a6271..ad829c3 100644 hlist_add_head_rcu(&qe->hnext, &ima_htable.queue[key]); return 0; diff --git a/security/keys/compat.c b/security/keys/compat.c -index 1c26176..64a1ba2 100644 +index d65fa7f..cbfe366 100644 --- a/security/keys/compat.c +++ b/security/keys/compat.c @@ -44,7 +44,7 @@ static long compat_keyctl_instantiate_key_iov( @@ -85133,9 +90404,66 @@ index 1c26176..64a1ba2 100644 - ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid); + ret = keyctl_instantiate_key_common(id, (const struct iovec __force_user *)iov, ioc, ret, ringid); - + err: if (iov != iovstack) kfree(iov); +diff --git a/security/keys/key.c b/security/keys/key.c +index 8fb7c7b..ba3610d 100644 +--- a/security/keys/key.c ++++ b/security/keys/key.c +@@ -284,7 +284,7 @@ struct key *key_alloc(struct key_type *type, const char *desc, + + atomic_set(&key->usage, 1); + init_rwsem(&key->sem); +- lockdep_set_class(&key->sem, &type->lock_class); ++ lockdep_set_class(&key->sem, (struct lock_class_key *)&type->lock_class); + key->type = type; + key->user = user; + key->quotalen = quotalen; +@@ -1032,7 +1032,9 @@ int register_key_type(struct key_type *ktype) + struct key_type *p; + int ret; + +- memset(&ktype->lock_class, 0, sizeof(ktype->lock_class)); ++ pax_open_kernel(); ++ memset((void *)&ktype->lock_class, 0, sizeof(ktype->lock_class)); ++ pax_close_kernel(); + + ret = -EEXIST; + down_write(&key_types_sem); +@@ -1044,7 +1046,7 @@ int register_key_type(struct key_type *ktype) + } + + /* store the type */ +- list_add(&ktype->link, &key_types_list); ++ pax_list_add((struct list_head *)&ktype->link, &key_types_list); + + pr_notice("Key type %s registered\n", ktype->name); + ret = 0; +@@ -1066,7 +1068,7 @@ EXPORT_SYMBOL(register_key_type); + void unregister_key_type(struct key_type *ktype) + { + down_write(&key_types_sem); +- list_del_init(&ktype->link); ++ pax_list_del_init((struct list_head *)&ktype->link); + downgrade_write(&key_types_sem); + key_gc_keytype(ktype); + pr_notice("Key type %s unregistered\n", ktype->name); +@@ -1084,10 +1086,10 @@ void __init key_init(void) + 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); + + /* add the special key types */ +- list_add_tail(&key_type_keyring.link, &key_types_list); +- list_add_tail(&key_type_dead.link, &key_types_list); +- list_add_tail(&key_type_user.link, &key_types_list); +- list_add_tail(&key_type_logon.link, &key_types_list); ++ pax_list_add_tail((struct list_head *)&key_type_keyring.link, &key_types_list); ++ pax_list_add_tail((struct list_head *)&key_type_dead.link, &key_types_list); ++ pax_list_add_tail((struct list_head *)&key_type_user.link, &key_types_list); ++ pax_list_add_tail((struct list_head *)&key_type_logon.link, &key_types_list); + + /* record the root user tracking */ + rb_link_node(&root_key_user.node, diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index 4b5c948..2054dc1 100644 --- a/security/keys/keyctl.c @@ -85341,6 +90669,56 @@ index 20ef514..4182bed 100644 select SECURITYFS select SECURITY_PATH default n +diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c +index 23414b9..b92b314 100644 +--- a/security/yama/yama_lsm.c ++++ b/security/yama/yama_lsm.c +@@ -367,7 +367,7 @@ int yama_ptrace_traceme(struct task_struct *parent) + } + + #ifndef CONFIG_SECURITY_YAMA_STACKED +-static struct security_operations yama_ops = { ++static struct security_operations yama_ops __read_only = { + .name = "yama", + + .ptrace_access_check = yama_ptrace_access_check, +@@ -378,28 +378,24 @@ static struct security_operations yama_ops = { + #endif + + #ifdef CONFIG_SYSCTL ++static int zero __read_only; ++static int max_scope __read_only = YAMA_SCOPE_NO_ATTACH; ++ + static int yama_dointvec_minmax(struct ctl_table *table, int write, + void __user *buffer, size_t *lenp, loff_t *ppos) + { +- int rc; ++ ctl_table_no_const yama_table; + + if (write && !capable(CAP_SYS_PTRACE)) + return -EPERM; + +- rc = proc_dointvec_minmax(table, write, buffer, lenp, ppos); +- if (rc) +- return rc; +- ++ yama_table = *table; + /* Lock the max value if it ever gets set. */ +- if (write && *(int *)table->data == *(int *)table->extra2) +- table->extra1 = table->extra2; +- +- return rc; ++ if (ptrace_scope == max_scope) ++ yama_table.extra1 = &max_scope; ++ return proc_dointvec_minmax(&yama_table, write, buffer, lenp, ppos); + } + +-static int zero; +-static int max_scope = YAMA_SCOPE_NO_ATTACH; +- + struct ctl_path yama_sysctl_path[] = { + { .procname = "kernel", }, + { .procname = "yama", }, diff --git a/sound/aoa/codecs/onyx.c b/sound/aoa/codecs/onyx.c index 4cedc69..e59d8a3 100644 --- a/sound/aoa/codecs/onyx.c @@ -85854,7 +91232,7 @@ index 0000000..50f2f2f +size_overflow_hash.h diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile new file mode 100644 -index 0000000..1d09b7e +index 0000000..6920fb3 --- /dev/null +++ b/tools/gcc/Makefile @@ -0,0 +1,43 @@ @@ -85866,10 +91244,10 @@ index 0000000..1d09b7e + +ifeq ($(PLUGINCC),$(HOSTCC)) +HOSTLIBS := hostlibs -+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu99 -ggdb ++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 -ggdb +else +HOSTLIBS := hostcxxlibs -+HOST_EXTRACXXFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu++98 -ggdb -Wno-unused-parameter ++HOST_EXTRACXXFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu++98 -ggdb -Wno-unused-parameter +endif + +$(HOSTLIBS)-y := constify_plugin.so @@ -86237,10 +91615,10 @@ index 0000000..414fe5e +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..8bd6f995 +index 0000000..43e86d6 --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,359 @@ +@@ -0,0 +1,512 @@ +/* + * Copyright 2011 by Emese Revfy + * Copyright 2011-2013 by PaX Team @@ -86275,36 +91653,136 @@ index 0000000..8bd6f995 +#include "rtl.h" +#include "emit-rtl.h" +#include "tree-flow.h" ++#include "target.h" + ++// should come from c-tree.h if only it were installed for gcc 4.5... +#define C_TYPE_FIELDS_READONLY(TYPE) TREE_LANG_FLAG_1(TYPE) + ++// unused type flag in all versions 4.5-4.8 ++#define TYPE_CONSTIFY_VISITED(TYPE) TYPE_LANG_FLAG_4(TYPE) ++ +int plugin_is_GPL_compatible; + +static struct plugin_info const_plugin_info = { -+ .version = "201302112000", ++ .version = "201303070020", + .help = "no-constify\tturn off constification\n", +}; + -+static tree get_field_type(tree field) ++typedef struct { ++ bool has_fptr_field; ++ bool has_writable_field; ++ bool has_do_const_field; ++ bool has_no_const_field; ++} constify_info; ++ ++static const_tree get_field_type(const_tree field) +{ + return strip_array_types(TREE_TYPE(field)); +} + -+static bool walk_struct(tree node, bool all); ++static bool is_fptr(const_tree field) ++{ ++ const_tree ptr = get_field_type(field); ++ ++ if (TREE_CODE(ptr) != POINTER_TYPE) ++ return false; ++ ++ return TREE_CODE(TREE_TYPE(ptr)) == FUNCTION_TYPE; ++} ++ ++/* ++ * determine whether the given structure type meets the requirements for automatic constification, ++ * including the constification attributes on nested structure types ++ */ ++static void constifiable(const_tree node, constify_info *cinfo) ++{ ++ const_tree field; ++ ++ gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE); ++ ++ // e.g., pointer to structure fields while still constructing the structure type ++ if (TYPE_FIELDS(node) == NULL_TREE) ++ return; ++ ++ for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) { ++ const_tree type = get_field_type(field); ++ enum tree_code code = TREE_CODE(type); ++ ++ if (node == type) ++ continue; ++ ++ if (is_fptr(field)) ++ cinfo->has_fptr_field = true; ++ else if (!TREE_READONLY(field)) ++ cinfo->has_writable_field = true; ++ ++ if (code == RECORD_TYPE || code == UNION_TYPE) { ++ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) ++ cinfo->has_do_const_field = true; ++ else if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) ++ cinfo->has_no_const_field = true; ++ else ++ constifiable(type, cinfo); ++ } ++ } ++} ++ ++static bool constified(const_tree node) ++{ ++ constify_info cinfo = { ++ .has_fptr_field = false, ++ .has_writable_field = false, ++ .has_do_const_field = false, ++ .has_no_const_field = false ++ }; ++ ++ gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE); ++ ++ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(node))) { ++ gcc_assert(!TYPE_READONLY(node)); ++ return false; ++ } ++ ++ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(node))) { ++ gcc_assert(TYPE_READONLY(node)); ++ return true; ++ } ++ ++ constifiable(node, &cinfo); ++ if ((!cinfo.has_fptr_field || cinfo.has_writable_field) && !cinfo.has_do_const_field) ++ return false; ++ ++ return TYPE_READONLY(node); ++} ++ +static void deconstify_tree(tree node); + +static void deconstify_type(tree type) +{ + tree field; + ++ gcc_assert(TREE_CODE(type) == RECORD_TYPE || TREE_CODE(type) == UNION_TYPE); ++ + for (field = TYPE_FIELDS(type); field; field = TREE_CHAIN(field)) { -+ tree fieldtype = get_field_type(field); ++ const_tree fieldtype = get_field_type(field); + -+ if (TREE_CODE(fieldtype) != RECORD_TYPE && TREE_CODE(fieldtype) != UNION_TYPE) ++ // special case handling of simple ptr-to-same-array-type members ++ if (TREE_CODE(TREE_TYPE(field)) == POINTER_TYPE) { ++ const_tree ptrtype = TREE_TYPE(TREE_TYPE(field)); ++ ++ if (TREE_CODE(ptrtype) != RECORD_TYPE && TREE_CODE(ptrtype) != UNION_TYPE) ++ continue; ++ if (TREE_TYPE(TREE_TYPE(field)) == type) ++ continue; ++ if (TYPE_MAIN_VARIANT(ptrtype) == TYPE_MAIN_VARIANT(type)) { ++ TREE_TYPE(field) = copy_node(TREE_TYPE(field)); ++ TREE_TYPE(TREE_TYPE(field)) = type; ++ } + continue; -+ if (!TYPE_READONLY(fieldtype)) ++ } ++ if (TREE_CODE(fieldtype) != RECORD_TYPE && TREE_CODE(fieldtype) != UNION_TYPE) + continue; -+ if (!walk_struct(fieldtype, true)) ++ if (!constified(fieldtype)) + continue; + + deconstify_tree(field); @@ -86312,16 +91790,17 @@ index 0000000..8bd6f995 + } + TYPE_READONLY(type) = 0; + C_TYPE_FIELDS_READONLY(type) = 0; ++ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) ++ TYPE_ATTRIBUTES(type) = remove_attribute("do_const", TYPE_ATTRIBUTES(type)); +} + +static void deconstify_tree(tree node) +{ + tree old_type, new_type, field; + -+// TREE_READONLY(node) = 0; + old_type = TREE_TYPE(node); + while (TREE_CODE(old_type) == ARRAY_TYPE && TREE_CODE(TREE_TYPE(old_type)) != ARRAY_TYPE) { -+ node = old_type; ++ node = TREE_TYPE(node) = copy_node(old_type); + old_type = TREE_TYPE(old_type); + } + @@ -86341,6 +91820,12 @@ index 0000000..8bd6f995 +static tree handle_no_const_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) +{ + tree type; ++ constify_info cinfo = { ++ .has_fptr_field = false, ++ .has_writable_field = false, ++ .has_do_const_field = false, ++ .has_no_const_field = false ++ }; + + *no_add_attrs = true; + if (TREE_CODE(*node) == FUNCTION_DECL) { @@ -86348,21 +91833,24 @@ index 0000000..8bd6f995 + return NULL_TREE; + } + ++ if (TREE_CODE(*node) == PARM_DECL) { ++ error("%qE attribute does not apply to function parameters", name); ++ return NULL_TREE; ++ } ++ + if (TREE_CODE(*node) == VAR_DECL) { + error("%qE attribute does not apply to variables", name); + return NULL_TREE; + } + + if (TYPE_P(*node)) { -+ if (TREE_CODE(*node) == RECORD_TYPE || TREE_CODE(*node) == UNION_TYPE) -+ *no_add_attrs = false; -+ else -+ error("%qE attribute applies to struct and union types only", name); -+ return NULL_TREE; ++ *no_add_attrs = false; ++ type = *node; ++ } else { ++ gcc_assert(TREE_CODE(*node) == TYPE_DECL); ++ type = TREE_TYPE(*node); + } + -+ type = TREE_TYPE(*node); -+ + if (TREE_CODE(type) != RECORD_TYPE && TREE_CODE(type) != UNION_TYPE) { + error("%qE attribute applies to struct and union types only", name); + return NULL_TREE; @@ -86373,16 +91861,20 @@ index 0000000..8bd6f995 + return NULL_TREE; + } + -+ if (TREE_CODE(*node) == TYPE_DECL && !TYPE_READONLY(type)) { -+ error("%qE attribute used on type that is not constified", name); ++ if (TYPE_P(*node)) { ++ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) ++ error("%qE attribute is incompatible with 'do_const'", name); + return NULL_TREE; + } + -+ if (TREE_CODE(*node) == TYPE_DECL) { ++ constifiable(type, &cinfo); ++ if ((cinfo.has_fptr_field && !cinfo.has_writable_field) || lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) { + deconstify_tree(*node); ++ TYPE_CONSTIFY_VISITED(TREE_TYPE(*node)) = 1; + return NULL_TREE; + } + ++ error("%qE attribute used on type that is not constified", name); + return NULL_TREE; +} + @@ -86390,6 +91882,8 @@ index 0000000..8bd6f995 +{ + TYPE_READONLY(type) = 1; + C_TYPE_FIELDS_READONLY(type) = 1; ++ TYPE_CONSTIFY_VISITED(type) = 1; ++// TYPE_ATTRIBUTES(type) = tree_cons(get_identifier("do_const"), NULL_TREE, TYPE_ATTRIBUTES(type)); +} + +static tree handle_do_const_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) @@ -86405,8 +91899,17 @@ index 0000000..8bd6f995 + return NULL_TREE; + } + ++ if (lookup_attribute(IDENTIFIER_POINTER(name), TYPE_ATTRIBUTES(*node))) { ++ error("%qE attribute is already applied to the type", name); ++ return NULL_TREE; ++ } ++ ++ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(*node))) { ++ error("%qE attribute is incompatible with 'no_const'", name); ++ return NULL_TREE; ++ } ++ + *no_add_attrs = false; -+ constify_type(*node); + return NULL_TREE; +} + @@ -86442,61 +91945,54 @@ index 0000000..8bd6f995 + register_attribute(&do_const_attr); +} + -+static bool is_fptr(tree field) ++static void finish_type(void *event_data, void *data) +{ -+ tree ptr = get_field_type(field); -+ -+ if (TREE_CODE(ptr) != POINTER_TYPE) -+ return false; -+ -+ return TREE_CODE(TREE_TYPE(ptr)) == FUNCTION_TYPE; -+} ++ tree type = (tree)event_data; ++ constify_info cinfo = { ++ .has_fptr_field = false, ++ .has_writable_field = false, ++ .has_do_const_field = false, ++ .has_no_const_field = false ++ }; + -+static bool walk_struct(tree node, bool all) -+{ -+ tree field; ++ if (type == NULL_TREE || type == error_mark_node) ++ return; + -+ if (TYPE_FIELDS(node) == NULL_TREE) -+ return false; ++ if (TYPE_FIELDS(type) == NULL_TREE || TYPE_CONSTIFY_VISITED(type)) ++ return; + -+ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(node))) -+ return true; ++ constifiable(type, &cinfo); + -+ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(node))) { -+ gcc_assert(!TYPE_READONLY(node)); -+ deconstify_type(node); -+ return false; ++ if (TYPE_READONLY(type) && C_TYPE_FIELDS_READONLY(type)) { ++ if (!lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) ++ return; ++ if (cinfo.has_writable_field) ++ return; ++ error("'do_const' attribute used on type that is%sconstified", cinfo.has_fptr_field ? " " : " not "); ++ return; + } + -+ for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) { -+ tree type = get_field_type(field); -+ enum tree_code code = TREE_CODE(type); -+ -+ if (node == type) -+ return false; -+ if (code == RECORD_TYPE || code == UNION_TYPE) { -+ if (!(walk_struct(type, all))) -+ return false; -+ } else if (!is_fptr(field) && (!all || !TREE_READONLY(field))) -+ return false; ++ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) { ++ if ((cinfo.has_fptr_field && !cinfo.has_writable_field) || cinfo.has_do_const_field) { ++ deconstify_type(type); ++ TYPE_CONSTIFY_VISITED(type) = 1; ++ } else ++ error("'no_const' attribute used on type that is not constified"); ++ return; + } -+ return true; -+} + -+static void finish_type(void *event_data, void *data) -+{ -+ tree type = (tree)event_data; -+ -+ if (type == NULL_TREE || type == error_mark_node) ++ if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) { ++ constify_type(type); + return; ++ } + -+ if (TYPE_READONLY(type)) ++ if (cinfo.has_fptr_field && !cinfo.has_writable_field) { ++ constify_type(type); + return; ++ } + -+ if (walk_struct(type, true)) -+ constify_type(type); -+ else -+ deconstify_type(type); ++ deconstify_type(type); ++ TYPE_CONSTIFY_VISITED(type) = 1; +} + +static unsigned int check_local_variables(void) @@ -86525,24 +92021,19 @@ index 0000000..8bd6f995 + if (TREE_CODE(type) != RECORD_TYPE && TREE_CODE(type) != UNION_TYPE) + continue; + -+ if (!TYPE_READONLY(type)) ++ if (!TYPE_READONLY(type) || !C_TYPE_FIELDS_READONLY(type)) + continue; + -+// if (lookup_attribute("no_const", DECL_ATTRIBUTES(var))) -+// continue; -+ -+ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) ++ if (!TYPE_CONSTIFY_VISITED(type)) + continue; + -+ if (walk_struct(type, false)) { -+ error_at(DECL_SOURCE_LOCATION(var), "constified variable %qE cannot be local", var); -+ ret = 1; -+ } ++ error_at(DECL_SOURCE_LOCATION(var), "constified variable %qE cannot be local", var); ++ ret = 1; + } + return ret; +} + -+struct gimple_opt_pass pass_local_variable = { ++static struct gimple_opt_pass pass_local_variable = { + { + .type = GIMPLE_PASS, + .name = "check_local_variables", @@ -86563,6 +92054,45 @@ index 0000000..8bd6f995 + } +}; + ++static struct { ++ const char *name; ++ const char *asm_op; ++} sections[] = { ++ {".init.rodata", "\t.section\t.init.rodata,\"a\""}, ++ {".ref.rodata", "\t.section\t.ref.rodata,\"a\""}, ++ {".devinit.rodata", "\t.section\t.devinit.rodata,\"a\""}, ++ {".devexit.rodata", "\t.section\t.devexit.rodata,\"a\""}, ++ {".cpuinit.rodata", "\t.section\t.cpuinit.rodata,\"a\""}, ++ {".cpuexit.rodata", "\t.section\t.cpuexit.rodata,\"a\""}, ++ {".meminit.rodata", "\t.section\t.meminit.rodata,\"a\""}, ++ {".memexit.rodata", "\t.section\t.memexit.rodata,\"a\""}, ++ {".data..read_only", "\t.section\t.data..read_only,\"a\""}, ++}; ++ ++static unsigned int (*old_section_type_flags)(tree decl, const char *name, int reloc); ++ ++static unsigned int constify_section_type_flags(tree decl, const char *name, int reloc) ++{ ++ size_t i; ++ ++ for (i = 0; i < ARRAY_SIZE(sections); i++) ++ if (!strcmp(sections[i].name, name)) ++ return 0; ++ return old_section_type_flags(decl, name, reloc); ++} ++ ++static void constify_start_unit(void *gcc_data, void *user_data) ++{ ++// size_t i; ++ ++// for (i = 0; i < ARRAY_SIZE(sections); i++) ++// sections[i].section = get_unnamed_section(0, output_section_asm_op, sections[i].asm_op); ++// sections[i].section = get_section(sections[i].name, 0, NULL); ++ ++ old_section_type_flags = targetm.section_type_flags; ++ targetm.section_type_flags = constify_section_type_flags; ++} ++ +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) +{ + const char * const plugin_name = plugin_info->base_name; @@ -86595,6 +92125,7 @@ index 0000000..8bd6f995 + if (constify) { + register_callback(plugin_name, PLUGIN_FINISH_TYPE, finish_type, NULL); + register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &local_variable_pass_info); ++ register_callback(plugin_name, PLUGIN_START_UNIT, constify_start_unit, NULL); + } + register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); + @@ -87349,10 +92880,10 @@ index 0000000..0408e06 +} diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c new file mode 100644 -index 0000000..1276616 +index 0000000..b5395ba --- /dev/null +++ b/tools/gcc/latent_entropy_plugin.c -@@ -0,0 +1,321 @@ +@@ -0,0 +1,327 @@ +/* + * Copyright 2012-2013 by the PaX Team + * Licensed under the GPL v2 @@ -87393,6 +92924,7 @@ index 0000000..1276616 +#include "rtl.h" +#include "emit-rtl.h" +#include "tree-flow.h" ++#include "langhooks.h" + +#if BUILDING_GCC_VERSION >= 4008 +#define TODO_dump_func 0 @@ -87403,7 +92935,7 @@ index 0000000..1276616 +static tree latent_entropy_decl; + +static struct plugin_info latent_entropy_plugin_info = { -+ .version = "201302112000", ++ .version = "201303102320", + .help = NULL +}; + @@ -87627,6 +93159,8 @@ index 0000000..1276616 + +static void start_unit_callback(void *gcc_data, void *user_data) +{ ++ tree latent_entropy_type; ++ +#if BUILDING_GCC_VERSION >= 4007 + seed = get_random_seed(false); +#else @@ -87637,16 +93171,19 @@ index 0000000..1276616 + if (in_lto_p) + return; + -+ // extern u64 latent_entropy -+ latent_entropy_decl = build_decl(UNKNOWN_LOCATION, VAR_DECL, get_identifier("latent_entropy"), unsigned_intDI_type_node); ++ // extern volatile u64 latent_entropy ++ gcc_assert(TYPE_PRECISION(long_long_unsigned_type_node) == 64); ++ latent_entropy_type = build_qualified_type(long_long_unsigned_type_node, TYPE_QUALS(long_long_unsigned_type_node) | TYPE_QUAL_VOLATILE); ++ latent_entropy_decl = build_decl(UNKNOWN_LOCATION, VAR_DECL, get_identifier("latent_entropy"), latent_entropy_type); + + TREE_STATIC(latent_entropy_decl) = 1; + TREE_PUBLIC(latent_entropy_decl) = 1; + TREE_USED(latent_entropy_decl) = 1; + TREE_THIS_VOLATILE(latent_entropy_decl) = 1; + DECL_EXTERNAL(latent_entropy_decl) = 1; -+ DECL_ARTIFICIAL(latent_entropy_decl) = 0; ++ DECL_ARTIFICIAL(latent_entropy_decl) = 1; + DECL_INITIAL(latent_entropy_decl) = NULL; ++ lang_hooks.decls.pushdecl(latent_entropy_decl); +// DECL_ASSEMBLER_NAME(latent_entropy_decl); +// varpool_finalize_decl(latent_entropy_decl); +// varpool_mark_needed_node(latent_entropy_decl); @@ -91395,10 +96932,10 @@ index 0000000..5921fd7 +atyfb_setup_generic_49151 atyfb_setup_generic 3 49151 NULL diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c new file mode 100644 -index 0000000..d52f2ee +index 0000000..838ea58 --- /dev/null +++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,1941 @@ +@@ -0,0 +1,1936 @@ +/* + * Copyright 2011, 2012 by Emese Revfy + * Licensed under the GPL v2, or (at your option) v3 @@ -91429,15 +96966,10 @@ index 0000000..d52f2ee +#include "tree-flow.h" +#include "plugin.h" +#include "gimple.h" -+#include "c-common.h" +#include "diagnostic.h" +#include "cfgloop.h" + -+#if BUILDING_GCC_VERSION >= 4007 -+#include "c-tree.h" -+#else -+#define C_DECL_IMPLICIT(EXP) DECL_LANG_FLAG_2 (EXP) -+#endif ++#define C_DECL_IMPLICIT(EXP) DECL_LANG_FLAG_2(EXP) + +#if BUILDING_GCC_VERSION >= 4008 +#define TODO_dump_func 0 diff --git a/kernel/patches/linux-exynos-ohci.diff b/kernel/patches/linux-exynos-ohci.diff deleted file mode 100644 index a98a7fdfe..000000000 --- a/kernel/patches/linux-exynos-ohci.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- a/include/linux/platform_data/usb-exynos.h.orig 2012-12-21 16:18:59.426700698 +0000 -+++ b/include/linux/platform_data/usb-exynos.h 2012-12-21 16:19:09.887637974 +0000 -@@ -14,7 +14,7 @@ - struct exynos4_ohci_platdata { - int (*phy_init)(struct platform_device *pdev, int type); - int (*phy_exit)(struct platform_device *pdev, int type); --}; -+} __no_const; - - extern void exynos4_ohci_set_platdata(struct exynos4_ohci_platdata *pd); -