1 diff --git a/Documentation/dontdiff b/Documentation/dontdiff
2 index 9de9813..1462492 100644
3 --- a/Documentation/dontdiff
4 +++ b/Documentation/dontdiff
44 @@ -72,9 +78,11 @@ Image
56 @@ -83,6 +91,7 @@ aic7*seq.h*
64 @@ -95,32 +104,40 @@ bounds.h
92 +devicetable-offsets.h
101 +exception_policy.conf
105 @@ -128,12 +145,15 @@ fore200e_pca_fw.c*
121 @@ -148,14 +168,14 @@ int32.c
138 @@ -165,14 +185,15 @@ mach-types.h
155 @@ -188,6 +209,8 @@ oui.c*
164 @@ -197,6 +220,7 @@ perf-archive
172 @@ -206,7 +230,12 @@ r200_reg_safe.h
176 +randomize_layout_hash.h
177 +randomize_layout_seed.h
185 @@ -216,8 +245,12 @@ series
190 +size_overflow_hash.h
198 @@ -227,6 +260,7 @@ tftpboot.img
206 @@ -238,13 +272,17 @@ vdso32.lds
224 @@ -252,9 +290,12 @@ vsyscall_32.lds
237 diff --git a/Documentation/kbuild/makefiles.txt b/Documentation/kbuild/makefiles.txt
238 index 74b6c6d..eac0e77 100644
239 --- a/Documentation/kbuild/makefiles.txt
240 +++ b/Documentation/kbuild/makefiles.txt
241 @@ -23,10 +23,11 @@ This document describes the Linux kernel Makefiles.
242 === 4 Host Program support
243 --- 4.1 Simple Host Program
244 --- 4.2 Composite Host Programs
245 - --- 4.3 Using C++ for host programs
246 - --- 4.4 Controlling compiler options for host programs
247 - --- 4.5 When host programs are actually built
248 - --- 4.6 Using hostprogs-$(CONFIG_FOO)
249 + --- 4.3 Defining shared libraries
250 + --- 4.4 Using C++ for host programs
251 + --- 4.5 Controlling compiler options for host programs
252 + --- 4.6 When host programs are actually built
253 + --- 4.7 Using hostprogs-$(CONFIG_FOO)
255 === 5 Kbuild clean infrastructure
257 @@ -643,7 +644,29 @@ Both possibilities are described in the following.
258 Finally, the two .o files are linked to the executable, lxdialog.
259 Note: The syntax <executable>-y is not permitted for host-programs.
261 ---- 4.3 Using C++ for host programs
262 +--- 4.3 Defining shared libraries
264 + Objects with extension .so are considered shared libraries, and
265 + will be compiled as position independent objects.
266 + Kbuild provides support for shared libraries, but the usage
267 + shall be restricted.
268 + In the following example the libkconfig.so shared library is used
269 + to link the executable conf.
272 + #scripts/kconfig/Makefile
273 + hostprogs-y := conf
274 + conf-objs := conf.o libkconfig.so
275 + libkconfig-objs := expr.o type.o
277 + Shared libraries always require a corresponding -objs line, and
278 + in the example above the shared library libkconfig is composed by
279 + the two objects expr.o and type.o.
280 + expr.o and type.o will be built as position independent code and
281 + linked as a shared library libkconfig.so. C++ is not supported for
284 +--- 4.4 Using C++ for host programs
286 kbuild offers support for host programs written in C++. This was
287 introduced solely to support kconfig, and is not recommended
288 @@ -666,7 +689,7 @@ Both possibilities are described in the following.
289 qconf-cxxobjs := qconf.o
290 qconf-objs := check.o
292 ---- 4.4 Controlling compiler options for host programs
293 +--- 4.5 Controlling compiler options for host programs
295 When compiling host programs, it is possible to set specific flags.
296 The programs will always be compiled utilising $(HOSTCC) passed
297 @@ -694,7 +717,7 @@ Both possibilities are described in the following.
298 When linking qconf, it will be passed the extra option
301 ---- 4.5 When host programs are actually built
302 +--- 4.6 When host programs are actually built
304 Kbuild will only build host-programs when they are referenced
306 @@ -725,7 +748,7 @@ Both possibilities are described in the following.
307 This will tell kbuild to build lxdialog even if not referenced in
310 ---- 4.6 Using hostprogs-$(CONFIG_FOO)
311 +--- 4.7 Using hostprogs-$(CONFIG_FOO)
313 A typical pattern in a Kbuild file looks like this:
315 diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
316 index 4d68ec8..9546b75 100644
317 --- a/Documentation/kernel-parameters.txt
318 +++ b/Documentation/kernel-parameters.txt
319 @@ -1203,6 +1203,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
320 Format: <unsigned int> such that (rxsize & ~0x1fffc0) == 0.
323 + grsec_proc_gid= [GRKERNSEC_PROC_USERGROUP] Chooses GID to
324 + ignore grsecurity's /proc restrictions
326 + grsec_sysfs_restrict= Format: 0 | 1
328 + Disables GRKERNSEC_SYSFS_RESTRICT if enabled in config
330 hashdist= [KNL,NUMA] Large hashes allocated during boot
331 are distributed across NUMA nodes. Defaults on
332 for 64-bit NUMA, off otherwise.
333 @@ -2300,6 +2307,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
334 noexec=on: enable non-executable mappings (default)
335 noexec=off: disable non-executable mappings
338 + Disable PCID (Process-Context IDentifier) even if it
339 + is supported by the processor.
342 Disable SMAP (Supervisor Mode Access Prevention)
343 even if it is supported by processor.
344 @@ -2601,6 +2612,30 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
345 the specified number of seconds. This is to be used if
346 your oopses keep scrolling off the screen.
348 + pax_nouderef [X86] disables UDEREF. Most likely needed under certain
349 + virtualization environments that don't cope well with the
350 + expand down segment used by UDEREF on X86-32 or the frequent
351 + page table updates on X86-64.
354 + Format: { 0 | 1 | off | fast | full }
355 + Options '0' and '1' are only provided for backward
356 + compatibility, 'off' or 'fast' should be used instead.
357 + 0|off : disable slab object sanitization
358 + 1|fast: enable slab object sanitization excluding
359 + whitelisted slabs (default)
360 + full : sanitize all slabs, even the whitelisted ones
362 + pax_softmode= 0/1 to disable/enable PaX softmode on boot already.
364 + pax_extra_latent_entropy
365 + Enable a very simple form of latent entropy extraction
366 + from the first 4GB of memory as the bootmem allocator
367 + passes the memory pages to the buddy allocator.
369 + pax_weakuderef [X86-64] enables the weaker but faster form of UDEREF
370 + when the processor supports PCID.
375 diff --git a/Makefile b/Makefile
376 index af6da04..22820aa 100644
379 @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
382 HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89
384 +HOSTCFLAGS = -W -Wno-unused-parameter -Wno-missing-field-initializers -fno-delete-null-pointer-checks
385 +HOSTCFLAGS += $(call cc-option, -Wno-empty-body)
386 +HOSTCXXFLAGS = -O2 -Wall -W -Wno-array-bounds
388 ifeq ($(shell $(HOSTCC) -v 2>&1 | grep -c "clang version"), 1)
389 HOSTCFLAGS += -Wno-unused-value -Wno-unused-parameter \
390 @@ -446,8 +448,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \
391 # Rules shared between *config targets and build targets
393 # Basic helpers built in scripts/
394 -PHONY += scripts_basic
396 +PHONY += scripts_basic gcc-plugins
397 +scripts_basic: gcc-plugins
398 $(Q)$(MAKE) $(build)=scripts/basic
399 $(Q)rm -f .tmp_quiet_recordmcount
401 @@ -622,6 +624,74 @@ endif
402 # Tell gcc to never replace conditional load with a non-conditional one
403 KBUILD_CFLAGS += $(call cc-option,--param=allow-store-data-races=0)
405 +ifndef DISABLE_PAX_PLUGINS
406 +ifeq ($(call cc-ifversion, -ge, 0408, y), y)
407 +PLUGINCC := $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCXX)" "$(HOSTCXX)" "$(CC)")
409 +PLUGINCC := $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(HOSTCXX)" "$(CC)")
411 +ifneq ($(PLUGINCC),)
412 +ifdef CONFIG_PAX_CONSTIFY_PLUGIN
413 +CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
415 +ifdef CONFIG_PAX_MEMORY_STACKLEAK
416 +STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
417 +STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
419 +ifdef CONFIG_KALLOCSTAT_PLUGIN
420 +KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
422 +ifdef CONFIG_PAX_KERNEXEC_PLUGIN
423 +KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
424 +KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN
425 +KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN
427 +ifdef CONFIG_GRKERNSEC_RANDSTRUCT
428 +RANDSTRUCT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/randomize_layout_plugin.so -DRANDSTRUCT_PLUGIN
429 +ifdef CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE
430 +RANDSTRUCT_PLUGIN_CFLAGS += -fplugin-arg-randomize_layout_plugin-performance-mode
433 +ifdef CONFIG_CHECKER_PLUGIN
434 +ifeq ($(call cc-ifversion, -ge, 0406, y), y)
435 +CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
438 +COLORIZE_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/colorize_plugin.so
439 +ifdef CONFIG_PAX_SIZE_OVERFLOW
440 +SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN
442 +ifdef CONFIG_PAX_LATENT_ENTROPY
443 +LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN
445 +ifdef CONFIG_PAX_MEMORY_STRUCTLEAK
446 +STRUCTLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/structleak_plugin.so -DSTRUCTLEAK_PLUGIN
448 +INITIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/initify_plugin.so -DINITIFY_PLUGIN
449 +GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS)
450 +GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS)
451 +GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY_PLUGIN_CFLAGS) $(STRUCTLEAK_PLUGIN_CFLAGS)
452 +GCC_PLUGINS_CFLAGS += $(INITIFY_PLUGIN_CFLAGS)
453 +GCC_PLUGINS_CFLAGS += $(RANDSTRUCT_PLUGIN_CFLAGS)
454 +GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
455 +export PLUGINCC GCC_PLUGINS_CFLAGS GCC_PLUGINS_AFLAGS CONSTIFY_PLUGIN LATENT_ENTROPY_PLUGIN_CFLAGS
456 +ifeq ($(KBUILD_EXTMOD),)
458 + $(Q)$(MAKE) $(build)=tools/gcc
464 +ifeq ($(call cc-ifversion, -ge, 0405, y), y)
465 + $(error Your gcc installation does not support plugins. If the necessary headers for plugin support are missing, they should be installed. On Debian, apt-get install gcc-<ver>-plugin-dev. If you choose to ignore this error and lessen the improvements provided by this patch, re-run make with the DISABLE_PAX_PLUGINS=y argument.))
467 + $(Q)echo "warning, your gcc version does not support plugins, you should upgrade it to gcc 4.5 at least"
469 + $(Q)echo "PAX_MEMORY_STACKLEAK, constification, PAX_LATENT_ENTROPY and other features will be less secure. PAX_SIZE_OVERFLOW will not be active."
473 ifdef CONFIG_READABLE_ASM
474 # Disable optimizations that make assembler listings hard to read.
475 # reorder blocks reorders the control in the function
476 @@ -714,7 +784,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g)
480 -KBUILD_AFLAGS += -Wa,-gdwarf-2
481 +KBUILD_AFLAGS += -Wa,--gdwarf-2
483 ifdef CONFIG_DEBUG_INFO_DWARF4
484 KBUILD_CFLAGS += $(call cc-option, -gdwarf-4,)
485 @@ -884,7 +954,7 @@ export mod_sign_cmd
488 ifeq ($(KBUILD_EXTMOD),)
489 -core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/
490 +core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/
492 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
493 $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
494 @@ -934,6 +1004,8 @@ endif
496 # The actual objects are generated when descending,
497 # make sure no implicit rule kicks in
498 +$(filter-out $(init-y),$(vmlinux-deps)): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
499 +$(filter-out $(init-y),$(vmlinux-deps)): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
500 $(sort $(vmlinux-deps)): $(vmlinux-dirs) ;
502 # Handle descending into subdirectories listed in $(vmlinux-dirs)
503 @@ -943,7 +1015,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ;
504 # Error messages still appears in the original language
506 PHONY += $(vmlinux-dirs)
507 -$(vmlinux-dirs): prepare scripts
508 +$(vmlinux-dirs): gcc-plugins prepare scripts
509 $(Q)$(MAKE) $(build)=$@
511 define filechk_kernel.release
512 @@ -986,10 +1058,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \
514 archprepare: archheaders archscripts prepare1 scripts_basic
516 +prepare0: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
517 +prepare0: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
518 prepare0: archprepare FORCE
519 $(Q)$(MAKE) $(build)=.
521 # All the preparing..
522 +prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS))
525 # Generate some files
526 @@ -1103,6 +1178,8 @@ all: modules
527 # using awk while concatenating to the final file.
530 +modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
531 +modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
532 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
533 $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
534 @$(kecho) ' Building modules, stage 2.';
535 @@ -1118,7 +1195,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
537 # Target to prepare building external modules
538 PHONY += modules_prepare
539 -modules_prepare: prepare scripts
540 +modules_prepare: gcc-plugins prepare scripts
542 # Target to install modules
543 PHONY += modules_install
544 @@ -1184,7 +1261,10 @@ MRPROPER_FILES += .config .config.old .version .old_version \
545 Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \
546 signing_key.priv signing_key.x509 x509.genkey \
547 extra_certificates signing_key.x509.keyid \
548 - signing_key.x509.signer vmlinux-gdb.py
549 + signing_key.x509.signer vmlinux-gdb.py \
550 + tools/gcc/size_overflow_plugin/size_overflow_hash_aux.h \
551 + tools/gcc/size_overflow_plugin/size_overflow_hash.h \
552 + tools/gcc/randomize_layout_seed.h
554 # clean - Delete most, but leave enough to build external modules
556 @@ -1223,7 +1303,7 @@ distclean: mrproper
557 @find $(srctree) $(RCS_FIND_IGNORE) \
558 \( -name '*.orig' -o -name '*.rej' -o -name '*~' \
559 -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
560 - -o -name '.*.rej' -o -name '*%' -o -name 'core' \) \
561 + -o -name '.*.rej' -o -name '*.so' -o -name '*%' -o -name 'core' \) \
562 -type f -print | xargs rm -f
565 @@ -1389,6 +1469,8 @@ PHONY += $(module-dirs) modules
566 $(module-dirs): crmodverdir $(objtree)/Module.symvers
567 $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
569 +modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
570 +modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
571 modules: $(module-dirs)
572 @$(kecho) ' Building modules, stage 2.';
573 $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
574 @@ -1529,17 +1611,21 @@ else
575 target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
578 -%.s: %.c prepare scripts FORCE
579 +%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
580 +%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
581 +%.s: %.c gcc-plugins prepare scripts FORCE
582 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
583 %.i: %.c prepare scripts FORCE
584 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
585 -%.o: %.c prepare scripts FORCE
586 +%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
587 +%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
588 +%.o: %.c gcc-plugins prepare scripts FORCE
589 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
590 %.lst: %.c prepare scripts FORCE
591 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
592 -%.s: %.S prepare scripts FORCE
593 +%.s: %.S gcc-plugins prepare scripts FORCE
594 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
595 -%.o: %.S prepare scripts FORCE
596 +%.o: %.S gcc-plugins prepare scripts FORCE
597 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
598 %.symtypes: %.c prepare scripts FORCE
599 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
600 @@ -1551,11 +1637,15 @@ endif
601 $(build)=$(build-dir)
602 # Make sure the latest headers are built for Documentation
603 Documentation/: headers_install
604 -%/: prepare scripts FORCE
605 +%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
606 +%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
607 +%/: gcc-plugins prepare scripts FORCE
609 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
610 $(build)=$(build-dir)
611 -%.ko: prepare scripts FORCE
612 +%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
613 +%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
614 +%.ko: gcc-plugins prepare scripts FORCE
616 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
617 $(build)=$(build-dir) $(@:.ko=.o)
618 diff --git a/arch/alpha/include/asm/atomic.h b/arch/alpha/include/asm/atomic.h
619 index 8f8eafb..3405f46 100644
620 --- a/arch/alpha/include/asm/atomic.h
621 +++ b/arch/alpha/include/asm/atomic.h
622 @@ -239,4 +239,14 @@ static inline long atomic64_dec_if_positive(atomic64_t *v)
623 #define atomic_dec(v) atomic_sub(1,(v))
624 #define atomic64_dec(v) atomic64_sub(1,(v))
626 +#define atomic64_read_unchecked(v) atomic64_read(v)
627 +#define atomic64_set_unchecked(v, i) atomic64_set((v), (i))
628 +#define atomic64_add_unchecked(a, v) atomic64_add((a), (v))
629 +#define atomic64_add_return_unchecked(a, v) atomic64_add_return((a), (v))
630 +#define atomic64_sub_unchecked(a, v) atomic64_sub((a), (v))
631 +#define atomic64_inc_unchecked(v) atomic64_inc(v)
632 +#define atomic64_inc_return_unchecked(v) atomic64_inc_return(v)
633 +#define atomic64_dec_unchecked(v) atomic64_dec(v)
634 +#define atomic64_cmpxchg_unchecked(v, o, n) atomic64_cmpxchg((v), (o), (n))
636 #endif /* _ALPHA_ATOMIC_H */
637 diff --git a/arch/alpha/include/asm/cache.h b/arch/alpha/include/asm/cache.h
638 index ad368a9..fbe0f25 100644
639 --- a/arch/alpha/include/asm/cache.h
640 +++ b/arch/alpha/include/asm/cache.h
642 #ifndef __ARCH_ALPHA_CACHE_H
643 #define __ARCH_ALPHA_CACHE_H
645 +#include <linux/const.h>
647 /* Bytes per L1 (data) cache line. */
648 #if defined(CONFIG_ALPHA_GENERIC) || defined(CONFIG_ALPHA_EV6)
649 -# define L1_CACHE_BYTES 64
650 # define L1_CACHE_SHIFT 6
652 /* Both EV4 and EV5 are write-through, read-allocate,
653 direct-mapped, physical.
655 -# define L1_CACHE_BYTES 32
656 # define L1_CACHE_SHIFT 5
659 +#define L1_CACHE_BYTES (_AC(1,UL) << L1_CACHE_SHIFT)
660 #define SMP_CACHE_BYTES L1_CACHE_BYTES
663 diff --git a/arch/alpha/include/asm/elf.h b/arch/alpha/include/asm/elf.h
664 index 968d999..d36b2df 100644
665 --- a/arch/alpha/include/asm/elf.h
666 +++ b/arch/alpha/include/asm/elf.h
667 @@ -91,6 +91,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_NFPREG];
669 #define ELF_ET_DYN_BASE (TASK_UNMAPPED_BASE + 0x1000000)
671 +#ifdef CONFIG_PAX_ASLR
672 +#define PAX_ELF_ET_DYN_BASE (current->personality & ADDR_LIMIT_32BIT ? 0x10000 : 0x120000000UL)
674 +#define PAX_DELTA_MMAP_LEN (current->personality & ADDR_LIMIT_32BIT ? 14 : 28)
675 +#define PAX_DELTA_STACK_LEN (current->personality & ADDR_LIMIT_32BIT ? 14 : 19)
678 /* $0 is set by ld.so to a pointer to a function which might be
679 registered using atexit. This provides a mean for the dynamic
680 linker to call DT_FINI functions for shared libraries that have
681 diff --git a/arch/alpha/include/asm/pgalloc.h b/arch/alpha/include/asm/pgalloc.h
682 index aab14a0..b4fa3e7 100644
683 --- a/arch/alpha/include/asm/pgalloc.h
684 +++ b/arch/alpha/include/asm/pgalloc.h
685 @@ -29,6 +29,12 @@ pgd_populate(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmd)
690 +pgd_populate_kernel(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmd)
692 + pgd_populate(mm, pgd, pmd);
695 extern pgd_t *pgd_alloc(struct mm_struct *mm);
698 diff --git a/arch/alpha/include/asm/pgtable.h b/arch/alpha/include/asm/pgtable.h
699 index a9a1195..e9b8417 100644
700 --- a/arch/alpha/include/asm/pgtable.h
701 +++ b/arch/alpha/include/asm/pgtable.h
702 @@ -101,6 +101,17 @@ struct vm_area_struct;
703 #define PAGE_SHARED __pgprot(_PAGE_VALID | __ACCESS_BITS)
704 #define PAGE_COPY __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW)
705 #define PAGE_READONLY __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW)
707 +#ifdef CONFIG_PAX_PAGEEXEC
708 +# define PAGE_SHARED_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOE)
709 +# define PAGE_COPY_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW | _PAGE_FOE)
710 +# define PAGE_READONLY_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW | _PAGE_FOE)
712 +# define PAGE_SHARED_NOEXEC PAGE_SHARED
713 +# define PAGE_COPY_NOEXEC PAGE_COPY
714 +# define PAGE_READONLY_NOEXEC PAGE_READONLY
717 #define PAGE_KERNEL __pgprot(_PAGE_VALID | _PAGE_ASM | _PAGE_KRE | _PAGE_KWE)
719 #define _PAGE_NORMAL(x) __pgprot(_PAGE_VALID | __ACCESS_BITS | (x))
720 diff --git a/arch/alpha/kernel/module.c b/arch/alpha/kernel/module.c
721 index 2fd00b7..cfd5069 100644
722 --- a/arch/alpha/kernel/module.c
723 +++ b/arch/alpha/kernel/module.c
724 @@ -160,7 +160,7 @@ apply_relocate_add(Elf64_Shdr *sechdrs, const char *strtab,
726 /* The small sections were sorted to the end of the segment.
727 The following should definitely cover them. */
728 - gp = (u64)me->module_core + me->core_size - 0x8000;
729 + gp = (u64)me->module_core_rw + me->core_size_rw - 0x8000;
730 got = sechdrs[me->arch.gotsecindex].sh_addr;
732 for (i = 0; i < n; i++) {
733 diff --git a/arch/alpha/kernel/osf_sys.c b/arch/alpha/kernel/osf_sys.c
734 index e51f578..16c64a3 100644
735 --- a/arch/alpha/kernel/osf_sys.c
736 +++ b/arch/alpha/kernel/osf_sys.c
737 @@ -1296,10 +1296,11 @@ SYSCALL_DEFINE1(old_adjtimex, struct timex32 __user *, txc_p)
738 generic version except that we know how to honor ADDR_LIMIT_32BIT. */
741 -arch_get_unmapped_area_1(unsigned long addr, unsigned long len,
742 - unsigned long limit)
743 +arch_get_unmapped_area_1(struct file *filp, unsigned long addr, unsigned long len,
744 + unsigned long limit, unsigned long flags)
746 struct vm_unmapped_area_info info;
747 + unsigned long offset = gr_rand_threadstack_offset(current->mm, filp, flags);
751 @@ -1307,6 +1308,7 @@ arch_get_unmapped_area_1(unsigned long addr, unsigned long len,
752 info.high_limit = limit;
754 info.align_offset = 0;
755 + info.threadstack_offset = offset;
756 return vm_unmapped_area(&info);
759 @@ -1339,20 +1341,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr,
760 merely specific addresses, but regions of memory -- perhaps
761 this feature should be incorporated into all ports? */
763 +#ifdef CONFIG_PAX_RANDMMAP
764 + if (!(current->mm->pax_flags & MF_PAX_RANDMMAP))
768 - addr = arch_get_unmapped_area_1 (PAGE_ALIGN(addr), len, limit);
769 + addr = arch_get_unmapped_area_1 (filp, PAGE_ALIGN(addr), len, limit, flags);
770 if (addr != (unsigned long) -ENOMEM)
774 /* Next, try allocating at TASK_UNMAPPED_BASE. */
775 - addr = arch_get_unmapped_area_1 (PAGE_ALIGN(TASK_UNMAPPED_BASE),
777 + addr = arch_get_unmapped_area_1 (filp, PAGE_ALIGN(current->mm->mmap_base), len, limit, flags);
779 if (addr != (unsigned long) -ENOMEM)
782 /* Finally, try allocating in low memory. */
783 - addr = arch_get_unmapped_area_1 (PAGE_SIZE, len, limit);
784 + addr = arch_get_unmapped_area_1 (filp, PAGE_SIZE, len, limit, flags);
788 diff --git a/arch/alpha/mm/fault.c b/arch/alpha/mm/fault.c
789 index 9d0ac09..479a962 100644
790 --- a/arch/alpha/mm/fault.c
791 +++ b/arch/alpha/mm/fault.c
792 @@ -53,6 +53,124 @@ __load_new_mm_context(struct mm_struct *next_mm)
793 __reload_thread(pcb);
796 +#ifdef CONFIG_PAX_PAGEEXEC
798 + * PaX: decide what to do with offenders (regs->pc = fault address)
800 + * returns 1 when task should be killed
801 + * 2 when patched PLT trampoline was detected
802 + * 3 when unpatched PLT trampoline was detected
804 +static int pax_handle_fetch_fault(struct pt_regs *regs)
807 +#ifdef CONFIG_PAX_EMUPLT
810 + do { /* PaX: patched PLT emulation #1 */
811 + unsigned int ldah, ldq, jmp;
813 + err = get_user(ldah, (unsigned int *)regs->pc);
814 + err |= get_user(ldq, (unsigned int *)(regs->pc+4));
815 + err |= get_user(jmp, (unsigned int *)(regs->pc+8));
820 + if ((ldah & 0xFFFF0000U) == 0x277B0000U &&
821 + (ldq & 0xFFFF0000U) == 0xA77B0000U &&
822 + jmp == 0x6BFB0000U)
824 + unsigned long r27, addr;
825 + unsigned long addrh = (ldah | 0xFFFFFFFFFFFF0000UL) << 16;
826 + unsigned long addrl = ldq | 0xFFFFFFFFFFFF0000UL;
828 + addr = regs->r27 + ((addrh ^ 0x80000000UL) + 0x80000000UL) + ((addrl ^ 0x8000UL) + 0x8000UL);
829 + err = get_user(r27, (unsigned long *)addr);
839 + do { /* PaX: patched PLT emulation #2 */
840 + unsigned int ldah, lda, br;
842 + err = get_user(ldah, (unsigned int *)regs->pc);
843 + err |= get_user(lda, (unsigned int *)(regs->pc+4));
844 + err |= get_user(br, (unsigned int *)(regs->pc+8));
849 + if ((ldah & 0xFFFF0000U) == 0x277B0000U &&
850 + (lda & 0xFFFF0000U) == 0xA77B0000U &&
851 + (br & 0xFFE00000U) == 0xC3E00000U)
853 + unsigned long addr = br | 0xFFFFFFFFFFE00000UL;
854 + unsigned long addrh = (ldah | 0xFFFFFFFFFFFF0000UL) << 16;
855 + unsigned long addrl = lda | 0xFFFFFFFFFFFF0000UL;
857 + regs->r27 += ((addrh ^ 0x80000000UL) + 0x80000000UL) + ((addrl ^ 0x8000UL) + 0x8000UL);
858 + regs->pc += 12 + (((addr ^ 0x00100000UL) + 0x00100000UL) << 2);
863 + do { /* PaX: unpatched PLT emulation */
866 + err = get_user(br, (unsigned int *)regs->pc);
868 + if (!err && (br & 0xFFE00000U) == 0xC3800000U) {
869 + unsigned int br2, ldq, nop, jmp;
870 + unsigned long addr = br | 0xFFFFFFFFFFE00000UL, resolver;
872 + addr = regs->pc + 4 + (((addr ^ 0x00100000UL) + 0x00100000UL) << 2);
873 + err = get_user(br2, (unsigned int *)addr);
874 + err |= get_user(ldq, (unsigned int *)(addr+4));
875 + err |= get_user(nop, (unsigned int *)(addr+8));
876 + err |= get_user(jmp, (unsigned int *)(addr+12));
877 + err |= get_user(resolver, (unsigned long *)(addr+16));
882 + if (br2 == 0xC3600000U &&
883 + ldq == 0xA77B000CU &&
884 + nop == 0x47FF041FU &&
885 + jmp == 0x6B7B0000U)
887 + regs->r28 = regs->pc+4;
888 + regs->r27 = addr+16;
889 + regs->pc = resolver;
899 +void pax_report_insns(struct pt_regs *regs, void *pc, void *sp)
903 + printk(KERN_ERR "PAX: bytes at PC: ");
904 + for (i = 0; i < 5; i++) {
906 + if (get_user(c, (unsigned int *)pc+i))