--- /dev/null
+From 4c696ba7982501d43dea11dbbaabd2aa8a19cc42 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:53 +0100
+Subject: [PATCH 01/44] [CVE-2009-0029] Move compat system call declarations to compat header file
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 4c696ba7982501d43dea11dbbaabd2aa8a19cc42 upstream.
+
+Move declarations to correct header file.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ include/linux/compat.h | 13 +++++++++++++
+ include/linux/syscalls.h | 12 ------------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+--- a/include/linux/compat.h
++++ b/include/linux/compat.h
+@@ -278,5 +278,18 @@ asmlinkage long compat_sys_timerfd_setti
+ asmlinkage long compat_sys_timerfd_gettime(int ufd,
+ struct compat_itimerspec __user *otmr);
+
++asmlinkage long compat_sys_move_pages(pid_t pid, unsigned long nr_page,
++ __u32 __user *pages,
++ const int __user *nodes,
++ int __user *status,
++ int flags);
++asmlinkage long compat_sys_futimesat(unsigned int dfd, char __user *filename,
++ struct compat_timeval __user *t);
++asmlinkage long compat_sys_newfstatat(unsigned int dfd, char __user * filename,
++ struct compat_stat __user *statbuf,
++ int flag);
++asmlinkage long compat_sys_openat(unsigned int dfd, const char __user *filename,
++ int flags, int mode);
++
+ #endif /* CONFIG_COMPAT */
+ #endif /* _LINUX_COMPAT_H */
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -531,11 +531,6 @@ asmlinkage long sys_move_pages(pid_t pid
+ const int __user *nodes,
+ int __user *status,
+ int flags);
+-asmlinkage long compat_sys_move_pages(pid_t pid, unsigned long nr_page,
+- __u32 __user *pages,
+- const int __user *nodes,
+- int __user *status,
+- int flags);
+ asmlinkage long sys_mbind(unsigned long start, unsigned long len,
+ unsigned long mode,
+ unsigned long __user *nmask,
+@@ -584,13 +579,6 @@ asmlinkage long sys_readlinkat(int dfd,
+ int bufsiz);
+ asmlinkage long sys_utimensat(int dfd, char __user *filename,
+ struct timespec __user *utimes, int flags);
+-asmlinkage long compat_sys_futimesat(unsigned int dfd, char __user *filename,
+- struct compat_timeval __user *t);
+-asmlinkage long compat_sys_newfstatat(unsigned int dfd, char __user * filename,
+- struct compat_stat __user *statbuf,
+- int flag);
+-asmlinkage long compat_sys_openat(unsigned int dfd, const char __user *filename,
+- int flags, int mode);
+ asmlinkage long sys_unshare(unsigned long unshare_flags);
+
+ asmlinkage long sys_splice(int fd_in, loff_t __user *off_in,
--- /dev/null
+From 2ed7c03ec17779afb4fcfa3b8c61df61bd4879ba Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:54 +0100
+Subject: [PATCH 02/44] [CVE-2009-0029] Convert all system calls to return a long
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 2ed7c03ec17779afb4fcfa3b8c61df61bd4879ba upstream.
+
+Convert all system calls to return a long. This should be a NOP since all
+converted types should have the same size anyway.
+With the exception of sys_exit_group which returned void. But that doesn't
+matter since the system call doesn't return.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/read_write.c | 18 +++++-----
+ fs/xattr.c | 12 +++----
+ include/linux/syscalls.h | 79 +++++++++++++++++++++++------------------------
+ ipc/mqueue.c | 2 -
+ kernel/exit.c | 4 +-
+ kernel/signal.c | 2 -
+ kernel/timer.c | 2 -
+ mm/filemap.c | 2 -
+ mm/mmap.c | 2 -
+ mm/mremap.c | 2 -
+ mm/nommu.c | 2 -
+ 11 files changed, 64 insertions(+), 63 deletions(-)
+
+--- a/fs/read_write.c
++++ b/fs/read_write.c
+@@ -112,7 +112,7 @@ loff_t vfs_llseek(struct file *file, lof
+ }
+ EXPORT_SYMBOL(vfs_llseek);
+
+-asmlinkage off_t sys_lseek(unsigned int fd, off_t offset, unsigned int origin)
++asmlinkage long sys_lseek(unsigned int fd, off_t offset, unsigned int origin)
+ {
+ off_t retval;
+ struct file * file;
+@@ -334,7 +334,7 @@ static inline void file_pos_write(struct
+ file->f_pos = pos;
+ }
+
+-asmlinkage ssize_t sys_read(unsigned int fd, char __user * buf, size_t count)
++asmlinkage long sys_read(unsigned int fd, char __user * buf, size_t count)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -351,7 +351,7 @@ asmlinkage ssize_t sys_read(unsigned int
+ return ret;
+ }
+
+-asmlinkage ssize_t sys_write(unsigned int fd, const char __user * buf, size_t count)
++asmlinkage long sys_write(unsigned int fd, const char __user * buf, size_t count)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -368,7 +368,7 @@ asmlinkage ssize_t sys_write(unsigned in
+ return ret;
+ }
+
+-asmlinkage ssize_t sys_pread64(unsigned int fd, char __user *buf,
++asmlinkage long sys_pread64(unsigned int fd, char __user *buf,
+ size_t count, loff_t pos)
+ {
+ struct file *file;
+@@ -389,7 +389,7 @@ asmlinkage ssize_t sys_pread64(unsigned
+ return ret;
+ }
+
+-asmlinkage ssize_t sys_pwrite64(unsigned int fd, const char __user *buf,
++asmlinkage long sys_pwrite64(unsigned int fd, const char __user *buf,
+ size_t count, loff_t pos)
+ {
+ struct file *file;
+@@ -637,7 +637,7 @@ ssize_t vfs_writev(struct file *file, co
+
+ EXPORT_SYMBOL(vfs_writev);
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_readv(unsigned long fd, const struct iovec __user *vec, unsigned long vlen)
+ {
+ struct file *file;
+@@ -658,7 +658,7 @@ sys_readv(unsigned long fd, const struct
+ return ret;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_writev(unsigned long fd, const struct iovec __user *vec, unsigned long vlen)
+ {
+ struct file *file;
+@@ -777,7 +777,7 @@ out:
+ return retval;
+ }
+
+-asmlinkage ssize_t sys_sendfile(int out_fd, int in_fd, off_t __user *offset, size_t count)
++asmlinkage long sys_sendfile(int out_fd, int in_fd, off_t __user *offset, size_t count)
+ {
+ loff_t pos;
+ off_t off;
+@@ -796,7 +796,7 @@ asmlinkage ssize_t sys_sendfile(int out_
+ return do_sendfile(out_fd, in_fd, NULL, count, 0);
+ }
+
+-asmlinkage ssize_t sys_sendfile64(int out_fd, int in_fd, loff_t __user *offset, size_t count)
++asmlinkage long sys_sendfile64(int out_fd, int in_fd, loff_t __user *offset, size_t count)
+ {
+ loff_t pos;
+ ssize_t ret;
+--- a/fs/xattr.c
++++ b/fs/xattr.c
+@@ -349,7 +349,7 @@ getxattr(struct dentry *d, const char __
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_getxattr(const char __user *pathname, const char __user *name,
+ void __user *value, size_t size)
+ {
+@@ -364,7 +364,7 @@ sys_getxattr(const char __user *pathname
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_lgetxattr(const char __user *pathname, const char __user *name, void __user *value,
+ size_t size)
+ {
+@@ -379,7 +379,7 @@ sys_lgetxattr(const char __user *pathnam
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_fgetxattr(int fd, const char __user *name, void __user *value, size_t size)
+ {
+ struct file *f;
+@@ -424,7 +424,7 @@ listxattr(struct dentry *d, char __user
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_listxattr(const char __user *pathname, char __user *list, size_t size)
+ {
+ struct path path;
+@@ -438,7 +438,7 @@ sys_listxattr(const char __user *pathnam
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_llistxattr(const char __user *pathname, char __user *list, size_t size)
+ {
+ struct path path;
+@@ -452,7 +452,7 @@ sys_llistxattr(const char __user *pathna
+ return error;
+ }
+
+-asmlinkage ssize_t
++asmlinkage long
+ sys_flistxattr(int fd, char __user *list, size_t size)
+ {
+ struct file *f;
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -77,7 +77,7 @@ asmlinkage long sys_times(struct tms __u
+
+ asmlinkage long sys_gettid(void);
+ asmlinkage long sys_nanosleep(struct timespec __user *rqtp, struct timespec __user *rmtp);
+-asmlinkage unsigned long sys_alarm(unsigned int seconds);
++asmlinkage long sys_alarm(unsigned int seconds);
+ asmlinkage long sys_getpid(void);
+ asmlinkage long sys_getppid(void);
+ asmlinkage long sys_getuid(void);
+@@ -166,7 +166,7 @@ asmlinkage long sys_kexec_load(unsigned
+ unsigned long flags);
+
+ asmlinkage long sys_exit(int error_code);
+-asmlinkage void sys_exit_group(int error_code);
++asmlinkage long sys_exit_group(int error_code);
+ asmlinkage long sys_wait4(pid_t pid, int __user *stat_addr,
+ int options, struct rusage __user *ru);
+ asmlinkage long sys_waitid(int which, pid_t pid,
+@@ -196,7 +196,7 @@ asmlinkage long sys_tkill(int pid, int s
+ asmlinkage long sys_rt_sigqueueinfo(int pid, int sig, siginfo_t __user *uinfo);
+ asmlinkage long sys_sgetmask(void);
+ asmlinkage long sys_ssetmask(int newmask);
+-asmlinkage unsigned long sys_signal(int sig, __sighandler_t handler);
++asmlinkage long sys_signal(int sig, __sighandler_t handler);
+ asmlinkage long sys_pause(void);
+
+ asmlinkage long sys_sync(void);
+@@ -246,29 +246,29 @@ asmlinkage long sys_lsetxattr(const char
+ const void __user *value, size_t size, int flags);
+ asmlinkage long sys_fsetxattr(int fd, const char __user *name,
+ const void __user *value, size_t size, int flags);
+-asmlinkage ssize_t sys_getxattr(const char __user *path, const char __user *name,
+- void __user *value, size_t size);
+-asmlinkage ssize_t sys_lgetxattr(const char __user *path, const char __user *name,
+- void __user *value, size_t size);
+-asmlinkage ssize_t sys_fgetxattr(int fd, const char __user *name,
+- void __user *value, size_t size);
+-asmlinkage ssize_t sys_listxattr(const char __user *path, char __user *list,
+- size_t size);
+-asmlinkage ssize_t sys_llistxattr(const char __user *path, char __user *list,
+- size_t size);
+-asmlinkage ssize_t sys_flistxattr(int fd, char __user *list, size_t size);
++asmlinkage long sys_getxattr(const char __user *path, const char __user *name,
++ void __user *value, size_t size);
++asmlinkage long sys_lgetxattr(const char __user *path, const char __user *name,
++ void __user *value, size_t size);
++asmlinkage long sys_fgetxattr(int fd, const char __user *name,
++ void __user *value, size_t size);
++asmlinkage long sys_listxattr(const char __user *path, char __user *list,
++ size_t size);
++asmlinkage long sys_llistxattr(const char __user *path, char __user *list,
++ size_t size);
++asmlinkage long sys_flistxattr(int fd, char __user *list, size_t size);
+ asmlinkage long sys_removexattr(const char __user *path,
+ const char __user *name);
+ asmlinkage long sys_lremovexattr(const char __user *path,
+ const char __user *name);
+ asmlinkage long sys_fremovexattr(int fd, const char __user *name);
+
+-asmlinkage unsigned long sys_brk(unsigned long brk);
++asmlinkage long sys_brk(unsigned long brk);
+ asmlinkage long sys_mprotect(unsigned long start, size_t len,
+ unsigned long prot);
+-asmlinkage unsigned long sys_mremap(unsigned long addr,
+- unsigned long old_len, unsigned long new_len,
+- unsigned long flags, unsigned long new_addr);
++asmlinkage long sys_mremap(unsigned long addr,
++ unsigned long old_len, unsigned long new_len,
++ unsigned long flags, unsigned long new_addr);
+ asmlinkage long sys_remap_file_pages(unsigned long start, unsigned long size,
+ unsigned long prot, unsigned long pgoff,
+ unsigned long flags);
+@@ -321,10 +321,10 @@ asmlinkage long sys_io_submit(aio_contex
+ struct iocb __user * __user *);
+ asmlinkage long sys_io_cancel(aio_context_t ctx_id, struct iocb __user *iocb,
+ struct io_event __user *result);
+-asmlinkage ssize_t sys_sendfile(int out_fd, int in_fd,
+- off_t __user *offset, size_t count);
+-asmlinkage ssize_t sys_sendfile64(int out_fd, int in_fd,
+- loff_t __user *offset, size_t count);
++asmlinkage long sys_sendfile(int out_fd, int in_fd,
++ off_t __user *offset, size_t count);
++asmlinkage long sys_sendfile64(int out_fd, int in_fd,
++ loff_t __user *offset, size_t count);
+ asmlinkage long sys_readlink(const char __user *path,
+ char __user *buf, int bufsiz);
+ asmlinkage long sys_creat(const char __user *pathname, int mode);
+@@ -368,26 +368,25 @@ asmlinkage long sys_utime(char __user *f
+ struct utimbuf __user *times);
+ asmlinkage long sys_utimes(char __user *filename,
+ struct timeval __user *utimes);
+-asmlinkage off_t sys_lseek(unsigned int fd, off_t offset,
+- unsigned int origin);
++asmlinkage long sys_lseek(unsigned int fd, off_t offset,
++ unsigned int origin);
+ asmlinkage long sys_llseek(unsigned int fd, unsigned long offset_high,
+ unsigned long offset_low, loff_t __user *result,
+ unsigned int origin);
+-asmlinkage ssize_t sys_read(unsigned int fd, char __user *buf,
+- size_t count);
+-asmlinkage ssize_t sys_readahead(int fd, loff_t offset, size_t count);
+-asmlinkage ssize_t sys_readv(unsigned long fd,
+- const struct iovec __user *vec,
+- unsigned long vlen);
+-asmlinkage ssize_t sys_write(unsigned int fd, const char __user *buf,
+- size_t count);
+-asmlinkage ssize_t sys_writev(unsigned long fd,
+- const struct iovec __user *vec,
+- unsigned long vlen);
+-asmlinkage ssize_t sys_pread64(unsigned int fd, char __user *buf,
+- size_t count, loff_t pos);
+-asmlinkage ssize_t sys_pwrite64(unsigned int fd, const char __user *buf,
+- size_t count, loff_t pos);
++asmlinkage long sys_read(unsigned int fd, char __user *buf, size_t count);
++asmlinkage long sys_readahead(int fd, loff_t offset, size_t count);
++asmlinkage long sys_readv(unsigned long fd,
++ const struct iovec __user *vec,
++ unsigned long vlen);
++asmlinkage long sys_write(unsigned int fd, const char __user *buf,
++ size_t count);
++asmlinkage long sys_writev(unsigned long fd,
++ const struct iovec __user *vec,
++ unsigned long vlen);
++asmlinkage long sys_pread64(unsigned int fd, char __user *buf,
++ size_t count, loff_t pos);
++asmlinkage long sys_pwrite64(unsigned int fd, const char __user *buf,
++ size_t count, loff_t pos);
+ asmlinkage long sys_getcwd(char __user *buf, unsigned long size);
+ asmlinkage long sys_mkdir(const char __user *pathname, int mode);
+ asmlinkage long sys_chdir(const char __user *filename);
+@@ -477,7 +476,7 @@ asmlinkage long sys_shmctl(int shmid, in
+ asmlinkage long sys_mq_open(const char __user *name, int oflag, mode_t mode, struct mq_attr __user *attr);
+ asmlinkage long sys_mq_unlink(const char __user *name);
+ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *msg_ptr, size_t msg_len, unsigned int msg_prio, const struct timespec __user *abs_timeout);
+-asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *msg_ptr, size_t msg_len, unsigned int __user *msg_prio, const struct timespec __user *abs_timeout);
++asmlinkage long sys_mq_timedreceive(mqd_t mqdes, char __user *msg_ptr, size_t msg_len, unsigned int __user *msg_prio, const struct timespec __user *abs_timeout);
+ asmlinkage long sys_mq_notify(mqd_t mqdes, const struct sigevent __user *notification);
+ asmlinkage long sys_mq_getsetattr(mqd_t mqdes, const struct mq_attr __user *mqstat, struct mq_attr __user *omqstat);
+
+--- a/ipc/mqueue.c
++++ b/ipc/mqueue.c
+@@ -896,7 +896,7 @@ out:
+ return ret;
+ }
+
+-asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
++asmlinkage long sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
+ size_t msg_len, unsigned int __user *u_msg_prio,
+ const struct timespec __user *u_abs_timeout)
+ {
+--- a/kernel/exit.c
++++ b/kernel/exit.c
+@@ -1186,9 +1186,11 @@ do_group_exit(int exit_code)
+ * wait4()-ing process will get the correct exit code - even if this
+ * thread is not the thread group leader.
+ */
+-asmlinkage void sys_exit_group(int error_code)
++asmlinkage long sys_exit_group(int error_code)
+ {
+ do_group_exit((error_code & 0xff) << 8);
++ /* NOTREACHED */
++ return 0;
+ }
+
+ static struct pid *task_pid_type(struct task_struct *task, enum pid_type type)
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -2534,7 +2534,7 @@ sys_ssetmask(int newmask)
+ /*
+ * For backwards compatibility. Functionality superseded by sigaction.
+ */
+-asmlinkage unsigned long
++asmlinkage long
+ sys_signal(int sig, __sighandler_t handler)
+ {
+ struct k_sigaction new_sa, old_sa;
+--- a/kernel/timer.c
++++ b/kernel/timer.c
+@@ -1074,7 +1074,7 @@ void do_timer(unsigned long ticks)
+ * For backwards compatibility? This can be done in libc so Alpha
+ * and all newer ports shouldn't need it.
+ */
+-asmlinkage unsigned long sys_alarm(unsigned int seconds)
++asmlinkage long sys_alarm(unsigned int seconds)
+ {
+ return alarm_setitimer(seconds);
+ }
+--- a/mm/filemap.c
++++ b/mm/filemap.c
+@@ -1353,7 +1353,7 @@ do_readahead(struct address_space *mappi
+ return 0;
+ }
+
+-asmlinkage ssize_t sys_readahead(int fd, loff_t offset, size_t count)
++asmlinkage long sys_readahead(int fd, loff_t offset, size_t count)
+ {
+ ssize_t ret;
+ struct file *file;
+--- a/mm/mmap.c
++++ b/mm/mmap.c
+@@ -244,7 +244,7 @@ static struct vm_area_struct *remove_vma
+ return next;
+ }
+
+-asmlinkage unsigned long sys_brk(unsigned long brk)
++asmlinkage long sys_brk(unsigned long brk)
+ {
+ unsigned long rlim, retval;
+ unsigned long newbrk, oldbrk;
+--- a/mm/mremap.c
++++ b/mm/mremap.c
+@@ -418,7 +418,7 @@ out_nc:
+ return ret;
+ }
+
+-asmlinkage unsigned long sys_mremap(unsigned long addr,
++asmlinkage long sys_mremap(unsigned long addr,
+ unsigned long old_len, unsigned long new_len,
+ unsigned long flags, unsigned long new_addr)
+ {
+--- a/mm/nommu.c
++++ b/mm/nommu.c
+@@ -355,7 +355,7 @@ EXPORT_SYMBOL(vm_insert_page);
+ * to a regular file. in this case, the unmapping will need
+ * to invoke file system routines that need the global lock.
+ */
+-asmlinkage unsigned long sys_brk(unsigned long brk)
++asmlinkage long sys_brk(unsigned long brk)
+ {
+ struct mm_struct *mm = current->mm;
+
--- /dev/null
+From e55380edf68796d75bf41391a781c68ee678587d Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:55 +0100
+Subject: [PATCH 03/44] [CVE-2009-0029] Rename old_readdir to sys_old_readdir
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit e55380edf68796d75bf41391a781c68ee678587d upstream.
+
+This way it matches the generic system call name convention.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/arm/kernel/calls.S | 2 +-
+ arch/cris/arch-v10/kernel/entry.S | 2 +-
+ arch/cris/arch-v32/kernel/entry.S | 2 +-
+ arch/h8300/kernel/syscalls.S | 2 +-
+ arch/m68k/kernel/entry.S | 2 +-
+ arch/m68knommu/kernel/syscalltable.S | 2 +-
+ arch/mips/kernel/scall32-o32.S | 2 +-
+ arch/mn10300/kernel/entry.S | 2 +-
+ arch/powerpc/include/asm/systbl.h | 2 +-
+ arch/sh/kernel/syscalls_32.S | 2 +-
+ arch/sh/kernel/syscalls_64.S | 2 +-
+ arch/sparc/kernel/systbls.S | 2 +-
+ arch/x86/kernel/syscall_table_32.S | 2 +-
+ fs/readdir.c | 2 +-
+ include/linux/syscalls.h | 2 ++
+ 15 files changed, 16 insertions(+), 14 deletions(-)
+
+--- a/arch/arm/kernel/calls.S
++++ b/arch/arm/kernel/calls.S
+@@ -98,7 +98,7 @@
+ CALL(sys_uselib)
+ CALL(sys_swapon)
+ CALL(sys_reboot)
+- CALL(OBSOLETE(old_readdir)) /* used by libc4 */
++ CALL(OBSOLETE(sys_old_readdir)) /* used by libc4 */
+ /* 90 */ CALL(OBSOLETE(old_mmap)) /* used by libc4 */
+ CALL(sys_munmap)
+ CALL(sys_truncate)
+--- a/arch/cris/arch-v10/kernel/entry.S
++++ b/arch/cris/arch-v10/kernel/entry.S
+@@ -691,7 +691,7 @@ sys_call_table:
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/cris/arch-v32/kernel/entry.S
++++ b/arch/cris/arch-v32/kernel/entry.S
+@@ -614,7 +614,7 @@ sys_call_table:
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/h8300/kernel/syscalls.S
++++ b/arch/h8300/kernel/syscalls.S
+@@ -103,7 +103,7 @@ SYMBOL_NAME_LABEL(sys_call_table)
+ .long SYMBOL_NAME(sys_uselib)
+ .long SYMBOL_NAME(sys_swapon)
+ .long SYMBOL_NAME(sys_reboot)
+- .long SYMBOL_NAME(old_readdir)
++ .long SYMBOL_NAME(sys_old_readdir)
+ .long SYMBOL_NAME(old_mmap) /* 90 */
+ .long SYMBOL_NAME(sys_munmap)
+ .long SYMBOL_NAME(sys_truncate)
+--- a/arch/m68k/kernel/entry.S
++++ b/arch/m68k/kernel/entry.S
+@@ -513,7 +513,7 @@ sys_call_table:
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/m68knommu/kernel/syscalltable.S
++++ b/arch/m68knommu/kernel/syscalltable.S
+@@ -107,7 +107,7 @@ ENTRY(sys_call_table)
+ .long sys_uselib
+ .long sys_ni_syscall /* sys_swapon */
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/mips/kernel/scall32-o32.S
++++ b/arch/mips/kernel/scall32-o32.S
+@@ -401,7 +401,7 @@ einval: li v0, -EINVAL
+ sys sys_uselib 1
+ sys sys_swapon 2
+ sys sys_reboot 3
+- sys old_readdir 3
++ sys sys_old_readdir 3
+ sys old_mmap 6 /* 4090 */
+ sys sys_munmap 2
+ sys sys_truncate 2
+--- a/arch/mn10300/kernel/entry.S
++++ b/arch/mn10300/kernel/entry.S
+@@ -477,7 +477,7 @@ ENTRY(sys_call_table)
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/powerpc/include/asm/systbl.h
++++ b/arch/powerpc/include/asm/systbl.h
+@@ -92,7 +92,7 @@ COMPAT_SYS_SPU(readlink)
+ SYSCALL(uselib)
+ SYSCALL(swapon)
+ SYSCALL(reboot)
+-SYSX(sys_ni_syscall,compat_sys_old_readdir,old_readdir)
++SYSX(sys_ni_syscall,compat_sys_old_readdir,sys_old_readdir)
+ SYSCALL_SPU(mmap)
+ SYSCALL_SPU(munmap)
+ SYSCALL_SPU(truncate)
+--- a/arch/sh/kernel/syscalls_32.S
++++ b/arch/sh/kernel/syscalls_32.S
+@@ -105,7 +105,7 @@ ENTRY(sys_call_table)
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/sh/kernel/syscalls_64.S
++++ b/arch/sh/kernel/syscalls_64.S
+@@ -109,7 +109,7 @@ sys_call_table:
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/arch/sparc/kernel/systbls.S
++++ b/arch/sparc/kernel/systbls.S
+@@ -56,7 +56,7 @@ sys_call_table:
+ /*185*/ .long sys_setpgid, sys_fremovexattr, sys_tkill, sys_exit_group, sys_newuname
+ /*190*/ .long sys_init_module, sys_personality, sparc_remap_file_pages, sys_epoll_create, sys_epoll_ctl
+ /*195*/ .long sys_epoll_wait, sys_ioprio_set, sys_getppid, sparc_sigaction, sys_sgetmask
+-/*200*/ .long sys_ssetmask, sys_sigsuspend, sys_newlstat, sys_uselib, old_readdir
++/*200*/ .long sys_ssetmask, sys_sigsuspend, sys_newlstat, sys_uselib, sys_old_readdir
+ /*205*/ .long sys_readahead, sys_socketcall, sys_syslog, sys_lookup_dcookie, sys_fadvise64
+ /*210*/ .long sys_fadvise64_64, sys_tgkill, sys_waitpid, sys_swapoff, sys_sysinfo
+ /*215*/ .long sys_ipc, sys_sigreturn, sys_clone, sys_ioprio_get, sys_adjtimex
+--- a/arch/x86/kernel/syscall_table_32.S
++++ b/arch/x86/kernel/syscall_table_32.S
+@@ -88,7 +88,7 @@ ENTRY(sys_call_table)
+ .long sys_uselib
+ .long sys_swapon
+ .long sys_reboot
+- .long old_readdir
++ .long sys_old_readdir
+ .long old_mmap /* 90 */
+ .long sys_munmap
+ .long sys_truncate
+--- a/fs/readdir.c
++++ b/fs/readdir.c
+@@ -102,7 +102,7 @@ efault:
+ return -EFAULT;
+ }
+
+-asmlinkage long old_readdir(unsigned int fd, struct old_linux_dirent __user * dirent, unsigned int count)
++asmlinkage long sys_old_readdir(unsigned int fd, struct old_linux_dirent __user * dirent, unsigned int count)
+ {
+ int error;
+ struct file * file;
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -54,6 +54,7 @@ struct compat_stat;
+ struct compat_timeval;
+ struct robust_list_head;
+ struct getcpu_cache;
++struct old_linux_dirent;
+
+ #include <linux/types.h>
+ #include <linux/aio_abi.h>
+@@ -609,6 +610,7 @@ asmlinkage long sys_timerfd_gettime(int
+ asmlinkage long sys_eventfd(unsigned int count);
+ asmlinkage long sys_eventfd2(unsigned int count, int flags);
+ asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len);
++asmlinkage long sys_old_readdir(unsigned int, struct old_linux_dirent __user *, unsigned int);
+
+ int kernel_execve(const char *filename, char *const argv[], char *const envp[]);
+
--- /dev/null
+From 1134723e96f6e2abcf8bfd7a2d1c96fcc323ef35 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:56 +0100
+Subject: [PATCH 04/44] [CVE-2009-0029] Remove __attribute__((weak)) from sys_pipe/sys_pipe2
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 1134723e96f6e2abcf8bfd7a2d1c96fcc323ef35 upstream.
+
+Remove __attribute__((weak)) from common code sys_pipe implemantation.
+IA64, ALPHA, SUPERH (32bit) and SPARC (32bit) have own implemantations
+with the same name. Just rename them.
+For sys_pipe2 there is no architecture specific implementation.
+
+Cc: Richard Henderson <rth@twiddle.net>
+Cc: David S. Miller <davem@davemloft.net>
+Cc: Paul Mundt <lethal@linux-sh.org>
+Cc: Tony Luck <tony.luck@intel.com>
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/alpha/kernel/entry.S | 8 ++++----
+ arch/alpha/kernel/systbls.S | 2 +-
+ arch/ia64/ia32/ia32_entry.S | 2 +-
+ arch/ia64/include/asm/unistd.h | 2 +-
+ arch/ia64/kernel/entry.S | 2 +-
+ arch/ia64/kernel/sys_ia64.c | 2 +-
+ arch/s390/kernel/entry.h | 1 -
+ arch/sh/kernel/sys_sh32.c | 2 +-
+ arch/sh/kernel/syscalls_32.S | 2 +-
+ arch/sparc/kernel/entry.S | 4 ++--
+ arch/sparc/kernel/systbls.S | 2 +-
+ arch/sparc64/kernel/syscalls.S | 2 +-
+ arch/sparc64/kernel/systbls.S | 4 ++--
+ fs/pipe.c | 4 ++--
+ 14 files changed, 19 insertions(+), 20 deletions(-)
+
+--- a/arch/alpha/kernel/entry.S
++++ b/arch/alpha/kernel/entry.S
+@@ -894,9 +894,9 @@ sys_getxpid:
+ .end sys_getxpid
+
+ .align 4
+- .globl sys_pipe
+- .ent sys_pipe
+-sys_pipe:
++ .globl sys_alpha_pipe
++ .ent sys_alpha_pipe
++sys_alpha_pipe:
+ lda $sp, -16($sp)
+ stq $26, 0($sp)
+ .prologue 0
+@@ -914,7 +914,7 @@ sys_pipe:
+ stq $1, 80+16($sp)
+ 1: lda $sp, 16($sp)
+ ret
+-.end sys_pipe
++.end sys_alpha_pipe
+
+ .align 4
+ .globl sys_execve
+--- a/arch/alpha/kernel/systbls.S
++++ b/arch/alpha/kernel/systbls.S
+@@ -52,7 +52,7 @@ sys_call_table:
+ .quad sys_setpgid
+ .quad alpha_ni_syscall /* 40 */
+ .quad sys_dup
+- .quad sys_pipe
++ .quad sys_alpha_pipe
+ .quad osf_set_program_attributes
+ .quad alpha_ni_syscall
+ .quad sys_open /* 45 */
+--- a/arch/ia64/ia32/ia32_entry.S
++++ b/arch/ia64/ia32/ia32_entry.S
+@@ -215,7 +215,7 @@ ia32_syscall_table:
+ data8 sys_mkdir
+ data8 sys_rmdir /* 40 */
+ data8 sys_dup
+- data8 sys32_pipe
++ data8 sys_ia64_pipe
+ data8 compat_sys_times
+ data8 sys_ni_syscall /* old prof syscall holder */
+ data8 sys32_brk /* 45 */
+--- a/arch/ia64/include/asm/unistd.h
++++ b/arch/ia64/include/asm/unistd.h
+@@ -363,7 +363,7 @@ struct pt_regs;
+ struct sigaction;
+ long sys_execve(char __user *filename, char __user * __user *argv,
+ char __user * __user *envp, struct pt_regs *regs);
+-asmlinkage long sys_pipe(void);
++asmlinkage long sys_ia64_pipe(void);
+ asmlinkage long sys_rt_sigaction(int sig,
+ const struct sigaction __user *act,
+ struct sigaction __user *oact,
+--- a/arch/ia64/kernel/entry.S
++++ b/arch/ia64/kernel/entry.S
+@@ -1436,7 +1436,7 @@ sys_call_table:
+ data8 sys_mkdir // 1055
+ data8 sys_rmdir
+ data8 sys_dup
+- data8 sys_pipe
++ data8 sys_ia64_pipe
+ data8 sys_times
+ data8 ia64_brk // 1060
+ data8 sys_setgid
+--- a/arch/ia64/kernel/sys_ia64.c
++++ b/arch/ia64/kernel/sys_ia64.c
+@@ -154,7 +154,7 @@ out:
+ * and r9) as this is faster than doing a copy_to_user().
+ */
+ asmlinkage long
+-sys_pipe (void)
++sys_ia64_pipe (void)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ int fd[2];
+--- a/arch/s390/kernel/entry.h
++++ b/arch/s390/kernel/entry.h
+@@ -30,7 +30,6 @@ struct fadvise64_64_args;
+ struct old_sigaction;
+ struct sel_arg_struct;
+
+-long sys_pipe(unsigned long __user *fildes);
+ long sys_mmap2(struct mmap_arg_struct __user *arg);
+ long old_mmap(struct mmap_arg_struct __user *arg);
+ long sys_ipc(uint call, int first, unsigned long second,
+--- a/arch/sh/kernel/syscalls_32.S
++++ b/arch/sh/kernel/syscalls_32.S
+@@ -58,7 +58,7 @@ ENTRY(sys_call_table)
+ .long sys_mkdir
+ .long sys_rmdir /* 40 */
+ .long sys_dup
+- .long sys_pipe
++ .long sys_sh_pipe
+ .long sys_times
+ .long sys_ni_syscall /* old prof syscall holder */
+ .long sys_brk /* 45 */
+--- a/arch/sh/kernel/sys_sh32.c
++++ b/arch/sh/kernel/sys_sh32.c
+@@ -21,7 +21,7 @@
+ * sys_pipe() is the normal C calling standard for creating
+ * a pipe. It's not the way Unix traditionally does this, though.
+ */
+-asmlinkage int sys_pipe(unsigned long r4, unsigned long r5,
++asmlinkage int sys_sh_pipe(unsigned long r4, unsigned long r5,
+ unsigned long r6, unsigned long r7,
+ struct pt_regs __regs)
+ {
+--- a/arch/sparc64/kernel/syscalls.S
++++ b/arch/sparc64/kernel/syscalls.S
+@@ -20,7 +20,7 @@ execve_merge:
+ add %sp, PTREGS_OFF, %o0
+
+ .align 32
+-sys_pipe:
++sys_sparc_pipe:
+ ba,pt %xcc, sparc_pipe
+ add %sp, PTREGS_OFF, %o0
+ sys_nis_syscall:
+--- a/arch/sparc64/kernel/systbls.S
++++ b/arch/sparc64/kernel/systbls.S
+@@ -26,7 +26,7 @@ sys_call_table32:
+ /*25*/ .word sys32_vmsplice, compat_sys_ptrace, sys_alarm, sys32_sigaltstack, sys32_pause
+ /*30*/ .word compat_sys_utime, sys_lchown, sys_fchown, sys32_access, sys32_nice
+ .word sys_chown, sys_sync, sys32_kill, compat_sys_newstat, sys32_sendfile
+-/*40*/ .word compat_sys_newlstat, sys_dup, sys_pipe, compat_sys_times, sys_getuid
++/*40*/ .word compat_sys_newlstat, sys_dup, sys_sparc_pipe, compat_sys_times, sys_getuid
+ .word sys32_umount, sys_setgid16, sys_getgid16, sys32_signal, sys_geteuid16
+ /*50*/ .word sys_getegid16, sys_acct, sys_nis_syscall, sys_getgid, compat_sys_ioctl
+ .word sys32_reboot, sys32_mmap2, sys_symlink, sys32_readlink, sys32_execve
+@@ -100,7 +100,7 @@ sys_call_table:
+ /*25*/ .word sys_vmsplice, sys_ptrace, sys_alarm, sys_sigaltstack, sys_nis_syscall
+ /*30*/ .word sys_utime, sys_nis_syscall, sys_nis_syscall, sys_access, sys_nice
+ .word sys_nis_syscall, sys_sync, sys_kill, sys_newstat, sys_sendfile64
+-/*40*/ .word sys_newlstat, sys_dup, sys_pipe, sys_times, sys_nis_syscall
++/*40*/ .word sys_newlstat, sys_dup, sys_sparc_pipe, sys_times, sys_nis_syscall
+ .word sys_umount, sys_setgid, sys_getgid, sys_signal, sys_geteuid
+ /*50*/ .word sys_getegid, sys_acct, sys_memory_ordering, sys_nis_syscall, sys_ioctl
+ .word sys_reboot, sys_nis_syscall, sys_symlink, sys_readlink, sys_execve
+--- a/arch/sparc/kernel/entry.S
++++ b/arch/sparc/kernel/entry.S
+@@ -1142,8 +1142,8 @@ sunos_execv:
+ ld [%sp + STACKFRAME_SZ + PT_I0], %o0
+
+ .align 4
+- .globl sys_pipe
+-sys_pipe:
++ .globl sys_sparc_pipe
++sys_sparc_pipe:
+ mov %o7, %l5
+ add %sp, STACKFRAME_SZ, %o0 ! pt_regs *regs arg
+ call sparc_pipe
+--- a/arch/sparc/kernel/systbls.S
++++ b/arch/sparc/kernel/systbls.S
+@@ -24,7 +24,7 @@ sys_call_table:
+ /*25*/ .long sys_vmsplice, sys_ptrace, sys_alarm, sys_sigaltstack, sys_pause
+ /*30*/ .long sys_utime, sys_lchown, sys_fchown, sys_access, sys_nice
+ /*35*/ .long sys_chown, sys_sync, sys_kill, sys_newstat, sys_sendfile
+-/*40*/ .long sys_newlstat, sys_dup, sys_pipe, sys_times, sys_getuid
++/*40*/ .long sys_newlstat, sys_dup, sys_sparc_pipe, sys_times, sys_getuid
+ /*45*/ .long sys_umount, sys_setgid16, sys_getgid16, sys_signal, sys_geteuid16
+ /*50*/ .long sys_getegid16, sys_acct, sys_nis_syscall, sys_getgid, sys_ioctl
+ /*55*/ .long sys_reboot, sys_mmap2, sys_symlink, sys_readlink, sys_execve
+--- a/fs/pipe.c
++++ b/fs/pipe.c
+@@ -1051,7 +1051,7 @@ int do_pipe(int *fd)
+ * sys_pipe() is the normal C calling standard for creating
+ * a pipe. It's not the way Unix traditionally does this, though.
+ */
+-asmlinkage long __weak sys_pipe2(int __user *fildes, int flags)
++asmlinkage long sys_pipe2(int __user *fildes, int flags)
+ {
+ int fd[2];
+ int error;
+@@ -1067,7 +1067,7 @@ asmlinkage long __weak sys_pipe2(int __u
+ return error;
+ }
+
+-asmlinkage long __weak sys_pipe(int __user *fildes)
++asmlinkage long sys_pipe(int __user *fildes)
+ {
+ return sys_pipe2(fildes, 0);
+ }
--- /dev/null
+From c9da9f2129d6a421c32e334a83770a9e67f7feac Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:57 +0100
+Subject: [PATCH 05/44] [CVE-2009-0029] Make sys_pselect7 static
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit c9da9f2129d6a421c32e334a83770a9e67f7feac upstream.
+
+Not a single architecture has wired up sys_pselect7 plus it is the
+only system call with seven parameters. Just make it static and
+rename it to do_pselect which will do the work for sys_pselect6.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/compat.c | 6 +++---
+ fs/select.c | 8 ++++----
+ 2 files changed, 7 insertions(+), 7 deletions(-)
+
+--- a/fs/compat.c
++++ b/fs/compat.c
+@@ -1640,7 +1640,7 @@ sticky:
+ }
+
+ #ifdef HAVE_SET_RESTORE_SIGMASK
+-asmlinkage long compat_sys_pselect7(int n, compat_ulong_t __user *inp,
++static long do_compat_pselect(int n, compat_ulong_t __user *inp,
+ compat_ulong_t __user *outp, compat_ulong_t __user *exp,
+ struct compat_timespec __user *tsp, compat_sigset_t __user *sigmask,
+ compat_size_t sigsetsize)
+@@ -1748,8 +1748,8 @@ asmlinkage long compat_sys_pselect6(int
+ (compat_size_t __user *)(sig+sizeof(up))))
+ return -EFAULT;
+ }
+- return compat_sys_pselect7(n, inp, outp, exp, tsp, compat_ptr(up),
+- sigsetsize);
++ return do_compat_pselect(n, inp, outp, exp, tsp, compat_ptr(up),
++ sigsetsize);
+ }
+
+ asmlinkage long compat_sys_ppoll(struct pollfd __user *ufds,
+--- a/fs/select.c
++++ b/fs/select.c
+@@ -427,9 +427,9 @@ sticky:
+ }
+
+ #ifdef HAVE_SET_RESTORE_SIGMASK
+-asmlinkage long sys_pselect7(int n, fd_set __user *inp, fd_set __user *outp,
+- fd_set __user *exp, struct timespec __user *tsp,
+- const sigset_t __user *sigmask, size_t sigsetsize)
++static long do_pselect(int n, fd_set __user *inp, fd_set __user *outp,
++ fd_set __user *exp, struct timespec __user *tsp,
++ const sigset_t __user *sigmask, size_t sigsetsize)
+ {
+ s64 timeout = MAX_SCHEDULE_TIMEOUT;
+ sigset_t ksigmask, sigsaved;
+@@ -527,7 +527,7 @@ asmlinkage long sys_pselect6(int n, fd_s
+ return -EFAULT;
+ }
+
+- return sys_pselect7(n, inp, outp, exp, tsp, up, sigsetsize);
++ return do_pselect(n, inp, outp, exp, tsp, up, sigsetsize);
+ }
+ #endif /* HAVE_SET_RESTORE_SIGMASK */
+
--- /dev/null
+From f627a741d24f12955fa2d9f8831c3b12860635bd Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:58 +0100
+Subject: [PATCH 06/44] [CVE-2009-0029] Make sys_syslog a conditional system call
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit f627a741d24f12955fa2d9f8831c3b12860635bd upstream.
+
+Remove the -ENOSYS implementation for !CONFIG_PRINTK and use
+the cond_syscall infrastructure instead.
+
+Acked-by: Kyle McMartin <kyle@redhat.com>
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/printk.c | 5 -----
+ kernel/sys_ni.c | 1 +
+ 2 files changed, 1 insertion(+), 5 deletions(-)
+
+--- a/kernel/printk.c
++++ b/kernel/printk.c
+@@ -782,11 +782,6 @@ EXPORT_SYMBOL(vprintk);
+
+ #else
+
+-asmlinkage long sys_syslog(int type, char __user *buf, int len)
+-{
+- return -ENOSYS;
+-}
+-
+ static void call_console_drivers(unsigned start, unsigned end)
+ {
+ }
+--- a/kernel/sys_ni.c
++++ b/kernel/sys_ni.c
+@@ -125,6 +125,7 @@ cond_syscall(sys_vm86old);
+ cond_syscall(sys_vm86);
+ cond_syscall(compat_sys_ipc);
+ cond_syscall(compat_sys_sysctl);
++cond_syscall(sys_syslog);
+
+ /* arch-specific weak syscall entries */
+ cond_syscall(sys_pciconfig_read);
--- /dev/null
+From 1a94bc34768e463a93cb3751819709ab0ea80a01 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:13:59 +0100
+Subject: [PATCH 07/44] [CVE-2009-0029] System call wrapper infrastructure
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 1a94bc34768e463a93cb3751819709ab0ea80a01 upstream.
+
+From: Martin Schwidefsky <schwidefsky@de.ibm.com>
+
+By selecting HAVE_SYSCALL_WRAPPERS architectures can activate
+system call wrappers in order to sign extend system call arguments.
+
+All architectures where the ABI defines that the caller of a function
+has to perform sign extension probably need this.
+
+Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
+Acked-by: Ralf Baechle <ralf@linux-mips.org>
+Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/Kconfig | 3 ++
+ include/linux/syscalls.h | 62 +++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 65 insertions(+)
+
+--- a/arch/Kconfig
++++ b/arch/Kconfig
+@@ -46,6 +46,9 @@ config HAVE_EFFICIENT_UNALIGNED_ACCESS
+ See Documentation/unaligned-memory-access.txt for more
+ information on the topic of unaligned memory accesses.
+
++config HAVE_SYSCALL_WRAPPERS
++ bool
++
+ config KRETPROBES
+ def_bool y
+ depends on KPROBES && HAVE_KRETPROBES
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -66,6 +66,68 @@ struct old_linux_dirent;
+ #include <linux/quota.h>
+ #include <linux/key.h>
+
++#define __SC_DECL1(t1, a1) t1 a1
++#define __SC_DECL2(t2, a2, ...) t2 a2, __SC_DECL1(__VA_ARGS__)
++#define __SC_DECL3(t3, a3, ...) t3 a3, __SC_DECL2(__VA_ARGS__)
++#define __SC_DECL4(t4, a4, ...) t4 a4, __SC_DECL3(__VA_ARGS__)
++#define __SC_DECL5(t5, a5, ...) t5 a5, __SC_DECL4(__VA_ARGS__)
++#define __SC_DECL6(t6, a6, ...) t6 a6, __SC_DECL5(__VA_ARGS__)
++
++#define __SC_LONG1(t1, a1) long a1
++#define __SC_LONG2(t2, a2, ...) long a2, __SC_LONG1(__VA_ARGS__)
++#define __SC_LONG3(t3, a3, ...) long a3, __SC_LONG2(__VA_ARGS__)
++#define __SC_LONG4(t4, a4, ...) long a4, __SC_LONG3(__VA_ARGS__)
++#define __SC_LONG5(t5, a5, ...) long a5, __SC_LONG4(__VA_ARGS__)
++#define __SC_LONG6(t6, a6, ...) long a6, __SC_LONG5(__VA_ARGS__)
++
++#define __SC_CAST1(t1, a1) (t1) a1
++#define __SC_CAST2(t2, a2, ...) (t2) a2, __SC_CAST1(__VA_ARGS__)
++#define __SC_CAST3(t3, a3, ...) (t3) a3, __SC_CAST2(__VA_ARGS__)
++#define __SC_CAST4(t4, a4, ...) (t4) a4, __SC_CAST3(__VA_ARGS__)
++#define __SC_CAST5(t5, a5, ...) (t5) a5, __SC_CAST4(__VA_ARGS__)
++#define __SC_CAST6(t6, a6, ...) (t6) a6, __SC_CAST5(__VA_ARGS__)
++
++#define __SC_TEST(type) BUILD_BUG_ON(sizeof(type) > sizeof(long))
++#define __SC_TEST1(t1, a1) __SC_TEST(t1)
++#define __SC_TEST2(t2, a2, ...) __SC_TEST(t2); __SC_TEST1(__VA_ARGS__)
++#define __SC_TEST3(t3, a3, ...) __SC_TEST(t3); __SC_TEST2(__VA_ARGS__)
++#define __SC_TEST4(t4, a4, ...) __SC_TEST(t4); __SC_TEST3(__VA_ARGS__)
++#define __SC_TEST5(t5, a5, ...) __SC_TEST(t5); __SC_TEST4(__VA_ARGS__)
++#define __SC_TEST6(t6, a6, ...) __SC_TEST(t6); __SC_TEST5(__VA_ARGS__)
++
++#define SYSCALL_DEFINE0(name) asmlinkage long sys_##name(void)
++#define SYSCALL_DEFINE1(...) SYSCALL_DEFINEx(1, __VA_ARGS__)
++#define SYSCALL_DEFINE2(...) SYSCALL_DEFINEx(2, __VA_ARGS__)
++#define SYSCALL_DEFINE3(...) SYSCALL_DEFINEx(3, __VA_ARGS__)
++#define SYSCALL_DEFINE4(...) SYSCALL_DEFINEx(4, __VA_ARGS__)
++#define SYSCALL_DEFINE5(...) SYSCALL_DEFINEx(5, __VA_ARGS__)
++#define SYSCALL_DEFINE6(...) SYSCALL_DEFINEx(6, __VA_ARGS__)
++
++#define SYSCALL_ALIAS(alias, name) \
++ asm ("\t.globl " #alias "\n\t.set " #alias ", " #name)
++
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++
++#define SYSCALL_DEFINE(name) static inline long SYSC_##name
++#define SYSCALL_DEFINEx(x, name, ...) \
++ asmlinkage long sys_##name(__SC_DECL##x(__VA_ARGS__)); \
++ static inline long SYSC_##name(__SC_DECL##x(__VA_ARGS__)); \
++ asmlinkage long SyS_##name(__SC_LONG##x(__VA_ARGS__)) \
++ { \
++ __SC_TEST##x(__VA_ARGS__); \
++ return (long) SYSC_##name(__SC_CAST##x(__VA_ARGS__)); \
++ } \
++ SYSCALL_ALIAS(sys_##name, SyS_##name); \
++ static inline long SYSC_##name(__SC_DECL##x(__VA_ARGS__))
++
++#else /* CONFIG_HAVE_SYSCALL_WRAPPERS */
++
++#define SYSCALL_DEFINE(name) asmlinkage long sys_##name
++#define SYSCALL_DEFINEx(x, name, ...) \
++ asmlinkage long sys_##name(__SC_DECL##x(__VA_ARGS__))
++
++#endif /* CONFIG_HAVE_SYSCALL_WRAPPERS */
++
+ asmlinkage long sys_time(time_t __user *tloc);
+ asmlinkage long sys_stime(time_t __user *tptr);
+ asmlinkage long sys_gettimeofday(struct timeval __user *tv,
--- /dev/null
+From ee6a093222549ac0c72cfd296c69fa5e7d6daa34 Mon Sep 17 00:00:00 2001
+From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Date: Wed, 14 Jan 2009 14:14:00 +0100
+Subject: [PATCH 08/44] [CVE-2009-0029] powerpc: Enable syscall wrappers for 64-bit
+
+From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+
+commit ee6a093222549ac0c72cfd296c69fa5e7d6daa34 upstream.
+
+This enables the use of syscall wrappers to do proper sign extension
+for 64-bit programs.
+
+Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/powerpc/Kconfig | 1 +
+ include/linux/syscalls.h | 6 ++++++
+ 2 files changed, 7 insertions(+)
+
+--- a/arch/powerpc/Kconfig
++++ b/arch/powerpc/Kconfig
+@@ -122,6 +122,7 @@ config PPC
+ select HAVE_DMA_ATTRS if PPC64
+ select USE_GENERIC_SMP_HELPERS if SMP
+ select HAVE_OPROFILE
++ select HAVE_SYSCALL_WRAPPERS if PPC64
+
+ config EARLY_PRINTK
+ bool
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -103,8 +103,14 @@ struct old_linux_dirent;
+ #define SYSCALL_DEFINE5(...) SYSCALL_DEFINEx(5, __VA_ARGS__)
+ #define SYSCALL_DEFINE6(...) SYSCALL_DEFINEx(6, __VA_ARGS__)
+
++#ifdef CONFIG_PPC64
++#define SYSCALL_ALIAS(alias, name) \
++ asm ("\t.globl " #alias "\n\t.set " #alias ", " #name "\n" \
++ "\t.globl ." #alias "\n\t.set ." #alias ", ." #name)
++#else
+ #define SYSCALL_ALIAS(alias, name) \
+ asm ("\t.globl " #alias "\n\t.set " #alias ", " #name)
++#endif
+
+ #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
+
--- /dev/null
+From ed6bb6194350dc6ae97a65dbf2d621a3dbe6bbe9 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:01 +0100
+Subject: [PATCH 09/44] [CVE-2009-0029] s390: enable system call wrappers
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit ed6bb6194350dc6ae97a65dbf2d621a3dbe6bbe9 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/s390/Kconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/s390/Kconfig
++++ b/arch/s390/Kconfig
+@@ -70,6 +70,7 @@ mainmenu "Linux Kernel Configuration"
+
+ config S390
+ def_bool y
++ select HAVE_SYSCALL_WRAPPERS
+ select HAVE_OPROFILE
+ select HAVE_KPROBES
+ select HAVE_KRETPROBES
--- /dev/null
+From 6673e0c3fbeaed2cd08e2fd4a4aa97382d6fedb0 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:02 +0100
+Subject: [PATCH 10/44] [CVE-2009-0029] System call wrapper special cases
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 6673e0c3fbeaed2cd08e2fd4a4aa97382d6fedb0 upstream.
+
+System calls with an unsigned long long argument can't be converted with
+the standard wrappers since that would include a cast to long, which in
+turn means that we would lose the upper 32 bit on 32 bit architectures.
+Also semctl can't use the standard wrapper since it has a 'union'
+parameter.
+
+So we handle them as special case and add some extra wrappers instead.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/dcookies.c | 10 ++++++++--
+ fs/open.c | 27 ++++++++++++++++++++++++---
+ fs/read_write.c | 24 ++++++++++++++++++++----
+ fs/sync.c | 26 ++++++++++++++++++++++----
+ ipc/sem.c | 9 ++++++++-
+ mm/fadvise.c | 18 ++++++++++++++++--
+ mm/filemap.c | 9 ++++++++-
+ 7 files changed, 106 insertions(+), 17 deletions(-)
+
+--- a/fs/dcookies.c
++++ b/fs/dcookies.c
+@@ -140,7 +140,7 @@ out:
+ /* And here is where the userspace process can look up the cookie value
+ * to retrieve the path.
+ */
+-asmlinkage long sys_lookup_dcookie(u64 cookie64, char __user * buf, size_t len)
++SYSCALL_DEFINE(lookup_dcookie)(u64 cookie64, char __user * buf, size_t len)
+ {
+ unsigned long cookie = (unsigned long)cookie64;
+ int err = -EINVAL;
+@@ -193,7 +193,13 @@ out:
+ mutex_unlock(&dcookie_mutex);
+ return err;
+ }
+-
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_lookup_dcookie(u64 cookie64, long buf, long len)
++{
++ return SYSC_lookup_dcookie(cookie64, (char __user *) buf, (size_t) len);
++}
++SYSCALL_ALIAS(sys_lookup_dcookie, SyS_lookup_dcookie);
++#endif
+
+ static int dcookie_init(void)
+ {
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -346,21 +346,35 @@ asmlinkage long sys_ftruncate(unsigned i
+
+ /* LFS versions of truncate are only needed on 32 bit machines */
+ #if BITS_PER_LONG == 32
+-asmlinkage long sys_truncate64(const char __user * path, loff_t length)
++SYSCALL_DEFINE(truncate64)(const char __user * path, loff_t length)
+ {
+ return do_sys_truncate(path, length);
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_truncate64(long path, loff_t length)
++{
++ return SYSC_truncate64((const char __user *) path, length);
++}
++SYSCALL_ALIAS(sys_truncate64, SyS_truncate64);
++#endif
+
+-asmlinkage long sys_ftruncate64(unsigned int fd, loff_t length)
++SYSCALL_DEFINE(ftruncate64)(unsigned int fd, loff_t length)
+ {
+ long ret = do_sys_ftruncate(fd, length, 0);
+ /* avoid REGPARM breakage on x86: */
+ asmlinkage_protect(2, ret, fd, length);
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_ftruncate64(long fd, loff_t length)
++{
++ return SYSC_ftruncate64((unsigned int) fd, length);
++}
++SYSCALL_ALIAS(sys_ftruncate64, SyS_ftruncate64);
+ #endif
++#endif /* BITS_PER_LONG == 32 */
+
+-asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len)
++SYSCALL_DEFINE(fallocate)(int fd, int mode, loff_t offset, loff_t len)
+ {
+ struct file *file;
+ struct inode *inode;
+@@ -417,6 +431,13 @@ out_fput:
+ out:
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_fallocate(long fd, long mode, loff_t offset, loff_t len)
++{
++ return SYSC_fallocate((int)fd, (int)mode, offset, len);
++}
++SYSCALL_ALIAS(sys_fallocate, SyS_fallocate);
++#endif
+
+ /*
+ * access() needs to use the real uid/gid, not the effective uid/gid.
+--- a/fs/read_write.c
++++ b/fs/read_write.c
+@@ -368,8 +368,8 @@ asmlinkage long sys_write(unsigned int f
+ return ret;
+ }
+
+-asmlinkage long sys_pread64(unsigned int fd, char __user *buf,
+- size_t count, loff_t pos)
++SYSCALL_DEFINE(pread64)(unsigned int fd, char __user *buf,
++ size_t count, loff_t pos)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -388,9 +388,17 @@ asmlinkage long sys_pread64(unsigned int
+
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_pread64(long fd, long buf, long count, loff_t pos)
++{
++ return SYSC_pread64((unsigned int) fd, (char __user *) buf,
++ (size_t) count, pos);
++}
++SYSCALL_ALIAS(sys_pread64, SyS_pread64);
++#endif
+
+-asmlinkage long sys_pwrite64(unsigned int fd, const char __user *buf,
+- size_t count, loff_t pos)
++SYSCALL_DEFINE(pwrite64)(unsigned int fd, const char __user *buf,
++ size_t count, loff_t pos)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -409,6 +417,14 @@ asmlinkage long sys_pwrite64(unsigned in
+
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_pwrite64(long fd, long buf, long count, loff_t pos)
++{
++ return SYSC_pwrite64((unsigned int) fd, (const char __user *) buf,
++ (size_t) count, pos);
++}
++SYSCALL_ALIAS(sys_pwrite64, SyS_pwrite64);
++#endif
+
+ /*
+ * Reduce an iovec's length in-place. Return the resulting number of segments
+--- a/fs/sync.c
++++ b/fs/sync.c
+@@ -175,8 +175,8 @@ asmlinkage long sys_fdatasync(unsigned i
+ * already-instantiated disk blocks, there are no guarantees here that the data
+ * will be available after a crash.
+ */
+-asmlinkage long sys_sync_file_range(int fd, loff_t offset, loff_t nbytes,
+- unsigned int flags)
++SYSCALL_DEFINE(sync_file_range)(int fd, loff_t offset, loff_t nbytes,
++ unsigned int flags)
+ {
+ int ret;
+ struct file *file;
+@@ -236,14 +236,32 @@ out_put:
+ out:
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_sync_file_range(long fd, loff_t offset, loff_t nbytes,
++ long flags)
++{
++ return SYSC_sync_file_range((int) fd, offset, nbytes,
++ (unsigned int) flags);
++}
++SYSCALL_ALIAS(sys_sync_file_range, SyS_sync_file_range);
++#endif
+
+ /* It would be nice if people remember that not all the world's an i386
+ when they introduce new system calls */
+-asmlinkage long sys_sync_file_range2(int fd, unsigned int flags,
+- loff_t offset, loff_t nbytes)
++SYSCALL_DEFINE(sync_file_range2)(int fd, unsigned int flags,
++ loff_t offset, loff_t nbytes)
+ {
+ return sys_sync_file_range(fd, offset, nbytes, flags);
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_sync_file_range2(long fd, long flags,
++ loff_t offset, loff_t nbytes)
++{
++ return SYSC_sync_file_range2((int) fd, (unsigned int) flags,
++ offset, nbytes);
++}
++SYSCALL_ALIAS(sys_sync_file_range2, SyS_sync_file_range2);
++#endif
+
+ /*
+ * `endbyte' is inclusive
+--- a/ipc/sem.c
++++ b/ipc/sem.c
+@@ -887,7 +887,7 @@ out_up:
+ return err;
+ }
+
+-asmlinkage long sys_semctl (int semid, int semnum, int cmd, union semun arg)
++SYSCALL_DEFINE(semctl)(int semid, int semnum, int cmd, union semun arg)
+ {
+ int err = -EINVAL;
+ int version;
+@@ -923,6 +923,13 @@ asmlinkage long sys_semctl (int semid, i
+ return -EINVAL;
+ }
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_semctl(int semid, int semnum, int cmd, union semun arg)
++{
++ return SYSC_semctl((int) semid, (int) semnum, (int) cmd, arg);
++}
++SYSCALL_ALIAS(sys_semctl, SyS_semctl);
++#endif
+
+ /* If the task doesn't already have a undo_list, then allocate one
+ * here. We guarantee there is only one thread using this undo list,
+--- a/mm/fadvise.c
++++ b/mm/fadvise.c
+@@ -24,7 +24,7 @@
+ * POSIX_FADV_WILLNEED could set PG_Referenced, and POSIX_FADV_NOREUSE could
+ * deactivate the pages and clear PG_Referenced.
+ */
+-asmlinkage long sys_fadvise64_64(int fd, loff_t offset, loff_t len, int advice)
++SYSCALL_DEFINE(fadvise64_64)(int fd, loff_t offset, loff_t len, int advice)
+ {
+ struct file *file = fget(fd);
+ struct address_space *mapping;
+@@ -126,12 +126,26 @@ out:
+ fput(file);
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_fadvise64_64(long fd, loff_t offset, loff_t len, long advice)
++{
++ return SYSC_fadvise64_64((int) fd, offset, len, (int) advice);
++}
++SYSCALL_ALIAS(sys_fadvise64_64, SyS_fadvise64_64);
++#endif
+
+ #ifdef __ARCH_WANT_SYS_FADVISE64
+
+-asmlinkage long sys_fadvise64(int fd, loff_t offset, size_t len, int advice)
++SYSCALL_DEFINE(fadvise64)(int fd, loff_t offset, size_t len, int advice)
+ {
+ return sys_fadvise64_64(fd, offset, len, advice);
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_fadvise64(long fd, loff_t offset, long len, long advice)
++{
++ return SYSC_fadvise64((int) fd, offset, (size_t)len, (int)advice);
++}
++SYSCALL_ALIAS(sys_fadvise64, SyS_fadvise64);
++#endif
+
+ #endif
+--- a/mm/filemap.c
++++ b/mm/filemap.c
+@@ -1353,7 +1353,7 @@ do_readahead(struct address_space *mappi
+ return 0;
+ }
+
+-asmlinkage long sys_readahead(int fd, loff_t offset, size_t count)
++SYSCALL_DEFINE(readahead)(int fd, loff_t offset, size_t count)
+ {
+ ssize_t ret;
+ struct file *file;
+@@ -1372,6 +1372,13 @@ asmlinkage long sys_readahead(int fd, lo
+ }
+ return ret;
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_readahead(long fd, loff_t offset, long count)
++{
++ return SYSC_readahead((int) fd, offset, (size_t) count);
++}
++SYSCALL_ALIAS(sys_readahead, SyS_readahead);
++#endif
+
+ #ifdef CONFIG_MMU
+ /**
--- /dev/null
+From 58fd3aa288939d3097fa04505b25c2f5e6e144d1 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:03 +0100
+Subject: [PATCH 11/44] [CVE-2009-0029] System call wrappers part 01
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 58fd3aa288939d3097fa04505b25c2f5e6e144d1 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/hrtimer.c | 4 ++--
+ kernel/sys.c | 2 +-
+ kernel/time.c | 14 +++++++-------
+ kernel/timer.c | 6 +++---
+ 4 files changed, 13 insertions(+), 13 deletions(-)
+
+--- a/kernel/hrtimer.c
++++ b/kernel/hrtimer.c
+@@ -1560,8 +1560,8 @@ out:
+ return ret;
+ }
+
+-asmlinkage long
+-sys_nanosleep(struct timespec __user *rqtp, struct timespec __user *rmtp)
++SYSCALL_DEFINE2(nanosleep, struct timespec __user *, rqtp,
++ struct timespec __user *, rmtp)
+ {
+ struct timespec tu;
+
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -853,7 +853,7 @@ asmlinkage long sys_setfsgid(gid_t gid)
+ return old_fsgid;
+ }
+
+-asmlinkage long sys_times(struct tms __user * tbuf)
++SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
+ {
+ /*
+ * In the SMP world we might just be unlucky and have one of
+--- a/kernel/time.c
++++ b/kernel/time.c
+@@ -59,7 +59,7 @@ EXPORT_SYMBOL(sys_tz);
+ * why not move it into the appropriate arch directory (for those
+ * architectures that need it).
+ */
+-asmlinkage long sys_time(time_t __user * tloc)
++SYSCALL_DEFINE1(time, time_t __user *, tloc)
+ {
+ time_t i = get_seconds();
+
+@@ -77,7 +77,7 @@ asmlinkage long sys_time(time_t __user *
+ * architectures that need it).
+ */
+
+-asmlinkage long sys_stime(time_t __user *tptr)
++SYSCALL_DEFINE1(stime, time_t __user *, tptr)
+ {
+ struct timespec tv;
+ int err;
+@@ -97,8 +97,8 @@ asmlinkage long sys_stime(time_t __user
+
+ #endif /* __ARCH_WANT_SYS_TIME */
+
+-asmlinkage long sys_gettimeofday(struct timeval __user *tv,
+- struct timezone __user *tz)
++SYSCALL_DEFINE2(gettimeofday, struct timeval __user *, tv,
++ struct timezone __user *, tz)
+ {
+ if (likely(tv != NULL)) {
+ struct timeval ktv;
+@@ -182,8 +182,8 @@ int do_sys_settimeofday(struct timespec
+ return 0;
+ }
+
+-asmlinkage long sys_settimeofday(struct timeval __user *tv,
+- struct timezone __user *tz)
++SYSCALL_DEFINE2(settimeofday, struct timeval __user *, tv,
++ struct timezone __user *, tz)
+ {
+ struct timeval user_tv;
+ struct timespec new_ts;
+@@ -203,7 +203,7 @@ asmlinkage long sys_settimeofday(struct
+ return do_sys_settimeofday(tv ? &new_ts : NULL, tz ? &new_tz : NULL);
+ }
+
+-asmlinkage long sys_adjtimex(struct timex __user *txc_p)
++SYSCALL_DEFINE1(adjtimex, struct timex __user *, txc_p)
+ {
+ struct timex txc; /* Local copy of parameter */
+ int ret;
+--- a/kernel/timer.c
++++ b/kernel/timer.c
+@@ -1074,7 +1074,7 @@ void do_timer(unsigned long ticks)
+ * For backwards compatibility? This can be done in libc so Alpha
+ * and all newer ports shouldn't need it.
+ */
+-asmlinkage long sys_alarm(unsigned int seconds)
++SYSCALL_DEFINE1(alarm, unsigned int, seconds)
+ {
+ return alarm_setitimer(seconds);
+ }
+@@ -1097,7 +1097,7 @@ asmlinkage long sys_alarm(unsigned int s
+ *
+ * This is SMP safe as current->tgid does not change.
+ */
+-asmlinkage long sys_getpid(void)
++SYSCALL_DEFINE0(getpid)
+ {
+ return task_tgid_vnr(current);
+ }
+@@ -1253,7 +1253,7 @@ signed long __sched schedule_timeout_uni
+ EXPORT_SYMBOL(schedule_timeout_uninterruptible);
+
+ /* Thread ID - the internal kernel "pid" */
+-asmlinkage long sys_gettid(void)
++SYSCALL_DEFINE0(gettid)
+ {
+ return task_pid_vnr(current);
+ }
--- /dev/null
+From dbf040d9d1cbf1ef6250bdb095c5c118950bcde8 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:04 +0100
+Subject: [PATCH 12/44] [CVE-2009-0029] System call wrappers part 02
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit dbf040d9d1cbf1ef6250bdb095c5c118950bcde8 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/sys.c | 10 +++++-----
+ kernel/timer.c | 10 +++++-----
+ 2 files changed, 10 insertions(+), 10 deletions(-)
+
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -733,7 +733,7 @@ asmlinkage long sys_setresuid(uid_t ruid
+ return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
+ }
+
+-asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid)
++SYSCALL_DEFINE3(getresuid, uid_t __user *, ruid, uid_t __user *, euid, uid_t __user *, suid)
+ {
+ int retval;
+
+@@ -784,7 +784,7 @@ asmlinkage long sys_setresgid(gid_t rgid
+ return 0;
+ }
+
+-asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid)
++SYSCALL_DEFINE3(getresgid, gid_t __user *, rgid, gid_t __user *, egid, gid_t __user *, sgid)
+ {
+ int retval;
+
+@@ -974,7 +974,7 @@ out:
+ return err;
+ }
+
+-asmlinkage long sys_getpgid(pid_t pid)
++SYSCALL_DEFINE1(getpgid, pid_t, pid)
+ {
+ struct task_struct *p;
+ struct pid *grp;
+@@ -1004,14 +1004,14 @@ out:
+
+ #ifdef __ARCH_WANT_SYS_GETPGRP
+
+-asmlinkage long sys_getpgrp(void)
++SYSCALL_DEFINE0(getpgrp)
+ {
+ return sys_getpgid(0);
+ }
+
+ #endif
+
+-asmlinkage long sys_getsid(pid_t pid)
++SYSCALL_DEFINE1(getsid, pid_t, pid)
+ {
+ struct task_struct *p;
+ struct pid *sid;
+--- a/kernel/timer.c
++++ b/kernel/timer.c
+@@ -1108,7 +1108,7 @@ SYSCALL_DEFINE0(getpid)
+ * value of ->real_parent under rcu_read_lock(), see
+ * release_task()->call_rcu(delayed_put_task_struct).
+ */
+-asmlinkage long sys_getppid(void)
++SYSCALL_DEFINE0(getppid)
+ {
+ int pid;
+
+@@ -1119,25 +1119,25 @@ asmlinkage long sys_getppid(void)
+ return pid;
+ }
+
+-asmlinkage long sys_getuid(void)
++SYSCALL_DEFINE0(getuid)
+ {
+ /* Only we change this so SMP safe */
+ return current->uid;
+ }
+
+-asmlinkage long sys_geteuid(void)
++SYSCALL_DEFINE0(geteuid)
+ {
+ /* Only we change this so SMP safe */
+ return current->euid;
+ }
+
+-asmlinkage long sys_getgid(void)
++SYSCALL_DEFINE0(getgid)
+ {
+ /* Only we change this so SMP safe */
+ return current->gid;
+ }
+
+-asmlinkage long sys_getegid(void)
++SYSCALL_DEFINE0(getegid)
+ {
+ /* Only we change this so SMP safe */
+ return current->egid;
--- /dev/null
+From ae1251ab785f6da87219df8352ffdac68bba23e4 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:05 +0100
+Subject: [PATCH 13/44] [CVE-2009-0029] System call wrappers part 03
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit ae1251ab785f6da87219df8352ffdac68bba23e4 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/sys.c | 18 +++++++++---------
+ 1 file changed, 9 insertions(+), 9 deletions(-)
+
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -470,7 +470,7 @@ void ctrl_alt_del(void)
+ * SMP: There are not races, the GIDs are checked only by filesystem
+ * operations (as far as semantic preservation is concerned).
+ */
+-asmlinkage long sys_setregid(gid_t rgid, gid_t egid)
++SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid)
+ {
+ int old_rgid = current->gid;
+ int old_egid = current->egid;
+@@ -519,7 +519,7 @@ asmlinkage long sys_setregid(gid_t rgid,
+ *
+ * SMP: Same implicit races as above.
+ */
+-asmlinkage long sys_setgid(gid_t gid)
++SYSCALL_DEFINE1(setgid, gid_t, gid)
+ {
+ int old_egid = current->egid;
+ int retval;
+@@ -589,7 +589,7 @@ static int set_user(uid_t new_ruid, int
+ * 100% compatible with BSD. A program which uses just setuid() will be
+ * 100% compatible with POSIX with saved IDs.
+ */
+-asmlinkage long sys_setreuid(uid_t ruid, uid_t euid)
++SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid)
+ {
+ int old_ruid, old_euid, old_suid, new_ruid, new_euid;
+ int retval;
+@@ -651,7 +651,7 @@ asmlinkage long sys_setreuid(uid_t ruid,
+ * will allow a root program to temporarily drop privileges and be able to
+ * regain them by swapping the real and effective uid.
+ */
+-asmlinkage long sys_setuid(uid_t uid)
++SYSCALL_DEFINE1(setuid, uid_t, uid)
+ {
+ int old_euid = current->euid;
+ int old_ruid, old_suid, new_suid;
+@@ -690,7 +690,7 @@ asmlinkage long sys_setuid(uid_t uid)
+ * This function implements a generic ability to update ruid, euid,
+ * and suid. This allows you to implement the 4.4 compatible seteuid().
+ */
+-asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid)
++SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid)
+ {
+ int old_ruid = current->uid;
+ int old_euid = current->euid;
+@@ -747,7 +747,7 @@ SYSCALL_DEFINE3(getresuid, uid_t __user
+ /*
+ * Same as above, but for rgid, egid, sgid.
+ */
+-asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
++SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid)
+ {
+ int retval;
+
+@@ -802,7 +802,7 @@ SYSCALL_DEFINE3(getresgid, gid_t __user
+ * whatever uid it wants to). It normally shadows "euid", except when
+ * explicitly set by setfsuid() or for access..
+ */
+-asmlinkage long sys_setfsuid(uid_t uid)
++SYSCALL_DEFINE1(setfsuid, uid_t, uid)
+ {
+ int old_fsuid;
+
+@@ -831,7 +831,7 @@ asmlinkage long sys_setfsuid(uid_t uid)
+ /*
+ * Samma på svenska..
+ */
+-asmlinkage long sys_setfsgid(gid_t gid)
++SYSCALL_DEFINE1(setfsgid, gid_t, gid)
+ {
+ int old_fsgid;
+
+@@ -1245,7 +1245,7 @@ int set_current_groups(struct group_info
+
+ EXPORT_SYMBOL(set_current_groups);
+
+-asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist)
++SYSCALL_DEFINE2(getgroups, int, gidsetsize, gid_t __user *, grouplist)
+ {
+ int i = 0;
+
--- /dev/null
+From b290ebe2c46d01b742b948ce03f09e8a3efb9a92 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:06 +0100
+Subject: [PATCH 14/44] [CVE-2009-0029] System call wrappers part 04
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit b290ebe2c46d01b742b948ce03f09e8a3efb9a92 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/acct.c | 2 +-
+ kernel/capability.c | 4 ++--
+ kernel/exec_domain.c | 3 +--
+ kernel/itimer.c | 2 +-
+ kernel/signal.c | 7 +++----
+ kernel/sys.c | 6 +++---
+ 6 files changed, 11 insertions(+), 13 deletions(-)
+
+--- a/kernel/acct.c
++++ b/kernel/acct.c
+@@ -277,7 +277,7 @@ static int acct_on(char *name)
+ * should be written. If the filename is NULL, accounting will be
+ * shutdown.
+ */
+-asmlinkage long sys_acct(const char __user *name)
++SYSCALL_DEFINE1(acct, const char __user *, name)
+ {
+ int error;
+
+--- a/kernel/capability.c
++++ b/kernel/capability.c
+@@ -348,7 +348,7 @@ EXPORT_SYMBOL(cap_set_effective);
+ *
+ * Returns 0 on success and < 0 on error.
+ */
+-asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr)
++SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr)
+ {
+ int ret = 0;
+ pid_t pid;
+@@ -425,7 +425,7 @@ asmlinkage long sys_capget(cap_user_head
+ *
+ * Returns 0 on success and < 0 on error.
+ */
+-asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
++SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data)
+ {
+ struct __user_cap_data_struct kdata[_KERNEL_CAPABILITY_U32S];
+ unsigned i, tocopy;
+--- a/kernel/exec_domain.c
++++ b/kernel/exec_domain.c
+@@ -188,8 +188,7 @@ get_exec_domain_list(char *page)
+ return (len);
+ }
+
+-asmlinkage long
+-sys_personality(u_long personality)
++SYSCALL_DEFINE1(personality, u_long, personality)
+ {
+ u_long old = current->personality;
+
+--- a/kernel/itimer.c
++++ b/kernel/itimer.c
+@@ -109,7 +109,7 @@ int do_getitimer(int which, struct itime
+ return 0;
+ }
+
+-asmlinkage long sys_getitimer(int which, struct itimerval __user *value)
++SYSCALL_DEFINE2(getitimer, int, which, struct itimerval __user *, value)
+ {
+ int error = -EFAULT;
+ struct itimerval get_buffer;
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -2409,8 +2409,7 @@ out:
+
+ #ifdef __ARCH_WANT_SYS_SIGPENDING
+
+-asmlinkage long
+-sys_sigpending(old_sigset_t __user *set)
++SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, set)
+ {
+ return do_sigpending(set, sizeof(*set));
+ }
+@@ -2421,8 +2420,8 @@ sys_sigpending(old_sigset_t __user *set)
+ /* Some platforms have their own version with special arguments others
+ support only sys_rt_sigprocmask. */
+
+-asmlinkage long
+-sys_sigprocmask(int how, old_sigset_t __user *set, old_sigset_t __user *oset)
++SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, set,
++ old_sigset_t __user *, oset)
+ {
+ int error;
+ old_sigset_t old_set, new_set;
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -903,7 +903,7 @@ SYSCALL_DEFINE1(times, struct tms __user
+ * Auch. Had to add the 'did_exec' flag to conform completely to POSIX.
+ * LBT 04.03.94
+ */
+-asmlinkage long sys_setpgid(pid_t pid, pid_t pgid)
++SYSCALL_DEFINE2(setpgid, pid_t, pid, pid_t, pgid)
+ {
+ struct task_struct *p;
+ struct task_struct *group_leader = current->group_leader;
+@@ -1039,7 +1039,7 @@ out:
+ return retval;
+ }
+
+-asmlinkage long sys_setsid(void)
++SYSCALL_DEFINE0(setsid)
+ {
+ struct task_struct *group_leader = current->group_leader;
+ struct pid *sid = task_pid(group_leader);
+@@ -1278,7 +1278,7 @@ out:
+ * without another task interfering.
+ */
+
+-asmlinkage long sys_setgroups(int gidsetsize, gid_t __user *grouplist)
++SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist)
+ {
+ struct group_info *group_info;
+ int retval;
--- /dev/null
+From 362e9c07c7220c0a78c88826fc0d2bf7e4a4bb68 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:07 +0100
+Subject: [PATCH 15/44] [CVE-2009-0029] System call wrappers part 05
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 362e9c07c7220c0a78c88826fc0d2bf7e4a4bb68 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/itimer.c | 5 ++---
+ kernel/posix-timers.c | 43 +++++++++++++++++++------------------------
+ 2 files changed, 21 insertions(+), 27 deletions(-)
+
+--- a/kernel/itimer.c
++++ b/kernel/itimer.c
+@@ -273,9 +273,8 @@ unsigned int alarm_setitimer(unsigned in
+ return it_old.it_value.tv_sec;
+ }
+
+-asmlinkage long sys_setitimer(int which,
+- struct itimerval __user *value,
+- struct itimerval __user *ovalue)
++SYSCALL_DEFINE3(setitimer, int, which, struct itimerval __user *, value,
++ struct itimerval __user *, ovalue)
+ {
+ struct itimerval set_buffer, get_buffer;
+ int error;
+--- a/kernel/posix-timers.c
++++ b/kernel/posix-timers.c
+@@ -463,10 +463,9 @@ static void release_posix_timer(struct k
+
+ /* Create a POSIX.1b interval timer. */
+
+-asmlinkage long
+-sys_timer_create(const clockid_t which_clock,
+- struct sigevent __user *timer_event_spec,
+- timer_t __user * created_timer_id)
++SYSCALL_DEFINE3(timer_create, const clockid_t, which_clock,
++ struct sigevent __user *, timer_event_spec,
++ timer_t __user *, created_timer_id)
+ {
+ int error = 0;
+ struct k_itimer *new_timer = NULL;
+@@ -682,8 +681,8 @@ common_timer_get(struct k_itimer *timr,
+ }
+
+ /* Get the time remaining on a POSIX.1b interval timer. */
+-asmlinkage long
+-sys_timer_gettime(timer_t timer_id, struct itimerspec __user *setting)
++SYSCALL_DEFINE2(timer_gettime, timer_t, timer_id,
++ struct itimerspec __user *, setting)
+ {
+ struct k_itimer *timr;
+ struct itimerspec cur_setting;
+@@ -712,8 +711,7 @@ sys_timer_gettime(timer_t timer_id, stru
+ * the call back to do_schedule_next_timer(). So all we need to do is
+ * to pick up the frozen overrun.
+ */
+-asmlinkage long
+-sys_timer_getoverrun(timer_t timer_id)
++SYSCALL_DEFINE1(timer_getoverrun, timer_t, timer_id)
+ {
+ struct k_itimer *timr;
+ int overrun;
+@@ -783,10 +781,9 @@ common_timer_set(struct k_itimer *timr,
+ }
+
+ /* Set a POSIX.1b interval timer */
+-asmlinkage long
+-sys_timer_settime(timer_t timer_id, int flags,
+- const struct itimerspec __user *new_setting,
+- struct itimerspec __user *old_setting)
++SYSCALL_DEFINE4(timer_settime, timer_t, timer_id, int, flags,
++ const struct itimerspec __user *, new_setting,
++ struct itimerspec __user *, old_setting)
+ {
+ struct k_itimer *timr;
+ struct itimerspec new_spec, old_spec;
+@@ -839,8 +836,7 @@ static inline int timer_delete_hook(stru
+ }
+
+ /* Delete a POSIX.1b interval timer. */
+-asmlinkage long
+-sys_timer_delete(timer_t timer_id)
++SYSCALL_DEFINE1(timer_delete, timer_t, timer_id)
+ {
+ struct k_itimer *timer;
+ unsigned long flags;
+@@ -930,8 +926,8 @@ int do_posix_clock_nonanosleep(const clo
+ }
+ EXPORT_SYMBOL_GPL(do_posix_clock_nonanosleep);
+
+-asmlinkage long sys_clock_settime(const clockid_t which_clock,
+- const struct timespec __user *tp)
++SYSCALL_DEFINE2(clock_settime, const clockid_t, which_clock,
++ const struct timespec __user *, tp)
+ {
+ struct timespec new_tp;
+
+@@ -943,8 +939,8 @@ asmlinkage long sys_clock_settime(const
+ return CLOCK_DISPATCH(which_clock, clock_set, (which_clock, &new_tp));
+ }
+
+-asmlinkage long
+-sys_clock_gettime(const clockid_t which_clock, struct timespec __user *tp)
++SYSCALL_DEFINE2(clock_gettime, const clockid_t, which_clock,
++ struct timespec __user *,tp)
+ {
+ struct timespec kernel_tp;
+ int error;
+@@ -960,8 +956,8 @@ sys_clock_gettime(const clockid_t which_
+
+ }
+
+-asmlinkage long
+-sys_clock_getres(const clockid_t which_clock, struct timespec __user *tp)
++SYSCALL_DEFINE2(clock_getres, const clockid_t, which_clock,
++ struct timespec __user *, tp)
+ {
+ struct timespec rtn_tp;
+ int error;
+@@ -990,10 +986,9 @@ static int common_nsleep(const clockid_t
+ which_clock);
+ }
+
+-asmlinkage long
+-sys_clock_nanosleep(const clockid_t which_clock, int flags,
+- const struct timespec __user *rqtp,
+- struct timespec __user *rmtp)
++SYSCALL_DEFINE4(clock_nanosleep, const clockid_t, which_clock, int, flags,
++ const struct timespec __user *, rqtp,
++ struct timespec __user *, rmtp)
+ {
+ struct timespec t;
+
--- /dev/null
+From 5add95d4f7cf08f6f62510f19576992912387501 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:08 +0100
+Subject: [PATCH 16/44] [CVE-2009-0029] System call wrappers part 06
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 5add95d4f7cf08f6f62510f19576992912387501 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/sched.c | 26 +++++++++++++-------------
+ 1 file changed, 13 insertions(+), 13 deletions(-)
+
+--- a/kernel/sched.c
++++ b/kernel/sched.c
+@@ -4942,7 +4942,7 @@ int can_nice(const struct task_struct *p
+ * sys_setpriority is a more generic, but much slower function that
+ * does similar things.
+ */
+-asmlinkage long sys_nice(int increment)
++SYSCALL_DEFINE1(nice, int, increment)
+ {
+ long nice, retval;
+
+@@ -5233,8 +5233,8 @@ do_sched_setscheduler(pid_t pid, int pol
+ * @policy: new policy.
+ * @param: structure containing the new RT priority.
+ */
+-asmlinkage long
+-sys_sched_setscheduler(pid_t pid, int policy, struct sched_param __user *param)
++SYSCALL_DEFINE3(sched_setscheduler, pid_t, pid, int, policy,
++ struct sched_param __user *, param)
+ {
+ /* negative values for policy are not valid */
+ if (policy < 0)
+@@ -5248,7 +5248,7 @@ sys_sched_setscheduler(pid_t pid, int po
+ * @pid: the pid in question.
+ * @param: structure containing the new RT priority.
+ */
+-asmlinkage long sys_sched_setparam(pid_t pid, struct sched_param __user *param)
++SYSCALL_DEFINE2(sched_setparam, pid_t, pid, struct sched_param __user *, param)
+ {
+ return do_sched_setscheduler(pid, -1, param);
+ }
+@@ -5257,7 +5257,7 @@ asmlinkage long sys_sched_setparam(pid_t
+ * sys_sched_getscheduler - get the policy (scheduling class) of a thread
+ * @pid: the pid in question.
+ */
+-asmlinkage long sys_sched_getscheduler(pid_t pid)
++SYSCALL_DEFINE1(sched_getscheduler, pid_t, pid)
+ {
+ struct task_struct *p;
+ int retval;
+@@ -5282,7 +5282,7 @@ asmlinkage long sys_sched_getscheduler(p
+ * @pid: the pid in question.
+ * @param: structure containing the RT priority.
+ */
+-asmlinkage long sys_sched_getparam(pid_t pid, struct sched_param __user *param)
++SYSCALL_DEFINE2(sched_getparam, pid_t, pid, struct sched_param __user *, param)
+ {
+ struct sched_param lp;
+ struct task_struct *p;
+@@ -5390,8 +5390,8 @@ static int get_user_cpu_mask(unsigned lo
+ * @len: length in bytes of the bitmask pointed to by user_mask_ptr
+ * @user_mask_ptr: user-space pointer to the new cpu mask
+ */
+-asmlinkage long sys_sched_setaffinity(pid_t pid, unsigned int len,
+- unsigned long __user *user_mask_ptr)
++SYSCALL_DEFINE3(sched_setaffinity, pid_t, pid, unsigned int, len,
++ unsigned long __user *, user_mask_ptr)
+ {
+ cpumask_t new_mask;
+ int retval;
+@@ -5435,8 +5435,8 @@ out_unlock:
+ * @len: length in bytes of the bitmask pointed to by user_mask_ptr
+ * @user_mask_ptr: user-space pointer to hold the current cpu mask
+ */
+-asmlinkage long sys_sched_getaffinity(pid_t pid, unsigned int len,
+- unsigned long __user *user_mask_ptr)
++SYSCALL_DEFINE3(sched_getaffinity, pid_t, pid, unsigned int, len,
++ unsigned long __user *, user_mask_ptr)
+ {
+ int ret;
+ cpumask_t mask;
+@@ -5460,7 +5460,7 @@ asmlinkage long sys_sched_getaffinity(pi
+ * This function yields the current CPU to other tasks. If there are no
+ * other threads running on this CPU then this function will return.
+ */
+-asmlinkage long sys_sched_yield(void)
++SYSCALL_DEFINE0(sched_yield)
+ {
+ struct rq *rq = this_rq_lock();
+
+@@ -5601,7 +5601,7 @@ long __sched io_schedule_timeout(long ti
+ * this syscall returns the maximum rt_priority that can be used
+ * by a given scheduling class.
+ */
+-asmlinkage long sys_sched_get_priority_max(int policy)
++SYSCALL_DEFINE1(sched_get_priority_max, int, policy)
+ {
+ int ret = -EINVAL;
+
+@@ -5626,7 +5626,7 @@ asmlinkage long sys_sched_get_priority_m
+ * this syscall returns the minimum rt_priority that can be used
+ * by a given scheduling class.
+ */
+-asmlinkage long sys_sched_get_priority_min(int policy)
++SYSCALL_DEFINE1(sched_get_priority_min, int, policy)
+ {
+ int ret = -EINVAL;
+
--- /dev/null
+From 754fe8d297bfae7b77f7ce866e2fb0c5fb186506 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:09 +0100
+Subject: [PATCH 17/44] [CVE-2009-0029] System call wrappers part 07
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 754fe8d297bfae7b77f7ce866e2fb0c5fb186506 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/exit.c | 8 ++++----
+ kernel/kexec.c | 5 ++---
+ kernel/sched.c | 4 ++--
+ kernel/signal.c | 2 +-
+ kernel/sys.c | 7 ++++---
+ net/socket.c | 2 +-
+ 6 files changed, 14 insertions(+), 14 deletions(-)
+
+--- a/kernel/exit.c
++++ b/kernel/exit.c
+@@ -1145,7 +1145,7 @@ NORET_TYPE void complete_and_exit(struct
+
+ EXPORT_SYMBOL(complete_and_exit);
+
+-asmlinkage long sys_exit(int error_code)
++SYSCALL_DEFINE1(exit, int, error_code)
+ {
+ do_exit((error_code&0xff)<<8);
+ }
+@@ -1186,7 +1186,7 @@ do_group_exit(int exit_code)
+ * wait4()-ing process will get the correct exit code - even if this
+ * thread is not the thread group leader.
+ */
+-asmlinkage long sys_exit_group(int error_code)
++SYSCALL_DEFINE1(exit_group, int, error_code)
+ {
+ do_group_exit((error_code & 0xff) << 8);
+ /* NOTREACHED */
+@@ -1792,8 +1792,8 @@ asmlinkage long sys_waitid(int which, pi
+ return ret;
+ }
+
+-asmlinkage long sys_wait4(pid_t upid, int __user *stat_addr,
+- int options, struct rusage __user *ru)
++SYSCALL_DEFINE4(wait4, pid_t, upid, int __user *, stat_addr,
++ int, options, struct rusage __user *, ru)
+ {
+ struct pid *pid = NULL;
+ enum pid_type type;
+--- a/kernel/kexec.c
++++ b/kernel/kexec.c
+@@ -933,9 +933,8 @@ struct kimage *kexec_crash_image;
+
+ static DEFINE_MUTEX(kexec_mutex);
+
+-asmlinkage long sys_kexec_load(unsigned long entry, unsigned long nr_segments,
+- struct kexec_segment __user *segments,
+- unsigned long flags)
++SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
++ struct kexec_segment __user *, segments, unsigned long, flags)
+ {
+ struct kimage **dest_image, *image;
+ int result;
+--- a/kernel/sched.c
++++ b/kernel/sched.c
+@@ -5651,8 +5651,8 @@ SYSCALL_DEFINE1(sched_get_priority_min,
+ * this syscall writes the default timeslice value of a given process
+ * into the user-space timespec buffer. A value of '0' means infinity.
+ */
+-asmlinkage
+-long sys_sched_rr_get_interval(pid_t pid, struct timespec __user *interval)
++SYSCALL_DEFINE4(sched_rr_get_interval, pid_t, pid,
++ struct timespec __user *, interval)
+ {
+ struct task_struct *p;
+ unsigned int time_slice;
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -1936,7 +1936,7 @@ EXPORT_SYMBOL(unblock_all_signals);
+ * System call entry points.
+ */
+
+-asmlinkage long sys_restart_syscall(void)
++SYSCALL_DEFINE0(restart_syscall)
+ {
+ struct restart_block *restart = ¤t_thread_info()->restart_block;
+ return restart->fn(restart);
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -137,7 +137,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_setpriority(int which, int who, int niceval)
++SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
+ {
+ struct task_struct *g, *p;
+ struct user_struct *user;
+@@ -201,7 +201,7 @@ out:
+ * has been offset by 20 (ie it returns 40..1 instead of -20..19)
+ * to stay compatible.
+ */
+-asmlinkage long sys_getpriority(int which, int who)
++SYSCALL_DEFINE2(getpriority, int, which, int, who)
+ {
+ struct task_struct *g, *p;
+ struct user_struct *user;
+@@ -347,7 +347,8 @@ EXPORT_SYMBOL_GPL(kernel_power_off);
+ *
+ * reboot doesn't sync: do that yourself before calling this.
+ */
+-asmlinkage long sys_reboot(int magic1, int magic2, unsigned int cmd, void __user * arg)
++SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
++ void __user *, arg)
+ {
+ char buffer[256];
+
+--- a/net/socket.c
++++ b/net/socket.c
+@@ -1854,7 +1854,7 @@ out_put:
+ * Shutdown a socket.
+ */
+
+-asmlinkage long sys_shutdown(int fd, int how)
++SYSCALL_DEFINE2(shutdown, int, fd, int, how)
+ {
+ int err, fput_needed;
+ struct socket *sock;
--- /dev/null
+From 17da2bd90abf428523de0fb98f7075e00e3ed42e Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:10 +0100
+Subject: [PATCH 18/44] [CVE-2009-0029] System call wrappers part 08
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 17da2bd90abf428523de0fb98f7075e00e3ed42e upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/exit.c | 7 +++----
+ kernel/fork.c | 2 +-
+ kernel/futex.c | 6 +++---
+ kernel/module.c | 10 ++++------
+ kernel/sched.c | 2 +-
+ kernel/signal.c | 18 +++++++-----------
+ 6 files changed, 19 insertions(+), 26 deletions(-)
+
+--- a/kernel/exit.c
++++ b/kernel/exit.c
+@@ -1751,9 +1751,8 @@ end:
+ return retval;
+ }
+
+-asmlinkage long sys_waitid(int which, pid_t upid,
+- struct siginfo __user *infop, int options,
+- struct rusage __user *ru)
++SYSCALL_DEFINE5(waitid, int, which, pid_t, upid, struct siginfo __user *,
++ infop, int, options, struct rusage __user *, ru)
+ {
+ struct pid *pid = NULL;
+ enum pid_type type;
+@@ -1830,7 +1829,7 @@ SYSCALL_DEFINE4(wait4, pid_t, upid, int
+ * sys_waitpid() remains for compatibility. waitpid() should be
+ * implemented by calling sys_wait4() from libc.a.
+ */
+-asmlinkage long sys_waitpid(pid_t pid, int __user *stat_addr, int options)
++SYSCALL_DEFINE3(waitpid, pid_t, pid, int __user *, stat_addr, int, options)
+ {
+ return sys_wait4(pid, stat_addr, options, NULL);
+ }
+--- a/kernel/fork.c
++++ b/kernel/fork.c
+@@ -865,7 +865,7 @@ static void copy_flags(unsigned long clo
+ clear_freeze_flag(p);
+ }
+
+-asmlinkage long sys_set_tid_address(int __user *tidptr)
++SYSCALL_DEFINE1(set_tid_address, int __user *, tidptr)
+ {
+ current->clear_child_tid = tidptr;
+
+--- a/kernel/futex.c
++++ b/kernel/futex.c
+@@ -2036,9 +2036,9 @@ long do_futex(u32 __user *uaddr, int op,
+ }
+
+
+-asmlinkage long sys_futex(u32 __user *uaddr, int op, u32 val,
+- struct timespec __user *utime, u32 __user *uaddr2,
+- u32 val3)
++SYSCALL_DEFINE6(futex, u32 __user *, uaddr, int, op, u32, val,
++ struct timespec __user *, utime, u32 __user *, uaddr2,
++ u32, val3)
+ {
+ struct timespec ts;
+ ktime_t t, *tp = NULL;
+--- a/kernel/module.c
++++ b/kernel/module.c
+@@ -715,8 +715,8 @@ static void wait_for_zero_refcount(struc
+ mutex_lock(&module_mutex);
+ }
+
+-asmlinkage long
+-sys_delete_module(const char __user *name_user, unsigned int flags)
++SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
++ unsigned int, flags)
+ {
+ struct module *mod;
+ char name[MODULE_NAME_LEN];
+@@ -2257,10 +2257,8 @@ static noinline struct module *load_modu
+ }
+
+ /* This is where the real work happens */
+-asmlinkage long
+-sys_init_module(void __user *umod,
+- unsigned long len,
+- const char __user *uargs)
++SYSCALL_DEFINE3(init_module, void __user *, umod,
++ unsigned long, len, const char __user *, uargs)
+ {
+ struct module *mod;
+ int ret = 0;
+--- a/kernel/sched.c
++++ b/kernel/sched.c
+@@ -5651,7 +5651,7 @@ SYSCALL_DEFINE1(sched_get_priority_min,
+ * this syscall writes the default timeslice value of a given process
+ * into the user-space timespec buffer. A value of '0' means infinity.
+ */
+-SYSCALL_DEFINE4(sched_rr_get_interval, pid_t, pid,
++SYSCALL_DEFINE2(sched_rr_get_interval, pid_t, pid,
+ struct timespec __user *, interval)
+ {
+ struct task_struct *p;
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -1989,8 +1989,8 @@ int sigprocmask(int how, sigset_t *set,
+ return error;
+ }
+
+-asmlinkage long
+-sys_rt_sigprocmask(int how, sigset_t __user *set, sigset_t __user *oset, size_t sigsetsize)
++SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, set,
++ sigset_t __user *, oset, size_t, sigsetsize)
+ {
+ int error = -EINVAL;
+ sigset_t old_set, new_set;
+@@ -2049,8 +2049,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long
+-sys_rt_sigpending(sigset_t __user *set, size_t sigsetsize)
++SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, set, size_t, sigsetsize)
+ {
+ return do_sigpending(set, sigsetsize);
+ }
+@@ -2121,11 +2120,9 @@ int copy_siginfo_to_user(siginfo_t __use
+
+ #endif
+
+-asmlinkage long
+-sys_rt_sigtimedwait(const sigset_t __user *uthese,
+- siginfo_t __user *uinfo,
+- const struct timespec __user *uts,
+- size_t sigsetsize)
++SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese,
++ siginfo_t __user *, uinfo, const struct timespec __user *, uts,
++ size_t, sigsetsize)
+ {
+ int ret, sig;
+ sigset_t these;
+@@ -2198,8 +2195,7 @@ sys_rt_sigtimedwait(const sigset_t __use
+ return ret;
+ }
+
+-asmlinkage long
+-sys_kill(pid_t pid, int sig)
++SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
+ {
+ struct siginfo info;
+
--- /dev/null
+From a5f8fa9e9ba5ef3305e147f41ad6e1e84ac1f0bd Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:11 +0100
+Subject: [PATCH 19/44] [CVE-2009-0029] System call wrappers part 09
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit a5f8fa9e9ba5ef3305e147f41ad6e1e84ac1f0bd upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/sync.c | 6 +++---
+ kernel/signal.c | 21 ++++++++-------------
+ 2 files changed, 11 insertions(+), 16 deletions(-)
+
+--- a/fs/sync.c
++++ b/fs/sync.c
+@@ -36,7 +36,7 @@ static void do_sync(unsigned long wait)
+ laptop_sync_completion();
+ }
+
+-asmlinkage long sys_sync(void)
++SYSCALL_DEFINE0(sync)
+ {
+ do_sync(1);
+ return 0;
+@@ -118,12 +118,12 @@ static long __do_fsync(unsigned int fd,
+ return ret;
+ }
+
+-asmlinkage long sys_fsync(unsigned int fd)
++SYSCALL_DEFINE1(fsync, unsigned int, fd)
+ {
+ return __do_fsync(fd, 0);
+ }
+
+-asmlinkage long sys_fdatasync(unsigned int fd)
++SYSCALL_DEFINE1(fdatasync, unsigned int, fd)
+ {
+ return __do_fsync(fd, 1);
+ }
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -2254,7 +2254,7 @@ static int do_tkill(pid_t tgid, pid_t pi
+ * exists but it's not belonging to the target process anymore. This
+ * method solves the problem of threads exiting and PIDs getting reused.
+ */
+-asmlinkage long sys_tgkill(pid_t tgid, pid_t pid, int sig)
++SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig)
+ {
+ /* This is only valid for single tasks */
+ if (pid <= 0 || tgid <= 0)
+@@ -2266,8 +2266,7 @@ asmlinkage long sys_tgkill(pid_t tgid, p
+ /*
+ * Send a signal to only one task, even if it's a CLONE_THREAD task.
+ */
+-asmlinkage long
+-sys_tkill(pid_t pid, int sig)
++SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig)
+ {
+ /* This is only valid for single tasks */
+ if (pid <= 0)
+@@ -2276,8 +2275,8 @@ sys_tkill(pid_t pid, int sig)
+ return do_tkill(0, pid, sig);
+ }
+
+-asmlinkage long
+-sys_rt_sigqueueinfo(pid_t pid, int sig, siginfo_t __user *uinfo)
++SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig,
++ siginfo_t __user *, uinfo)
+ {
+ siginfo_t info;
+
+@@ -2501,15 +2500,13 @@ out:
+ /*
+ * For backwards compatibility. Functionality superseded by sigprocmask.
+ */
+-asmlinkage long
+-sys_sgetmask(void)
++SYSCALL_DEFINE0(sgetmask)
+ {
+ /* SMP safe */
+ return current->blocked.sig[0];
+ }
+
+-asmlinkage long
+-sys_ssetmask(int newmask)
++SYSCALL_DEFINE1(ssetmask, int, newmask)
+ {
+ int old;
+
+@@ -2529,8 +2526,7 @@ sys_ssetmask(int newmask)
+ /*
+ * For backwards compatibility. Functionality superseded by sigaction.
+ */
+-asmlinkage long
+-sys_signal(int sig, __sighandler_t handler)
++SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler)
+ {
+ struct k_sigaction new_sa, old_sa;
+ int ret;
+@@ -2547,8 +2543,7 @@ sys_signal(int sig, __sighandler_t handl
+
+ #ifdef __ARCH_WANT_SYS_PAUSE
+
+-asmlinkage long
+-sys_pause(void)
++SYSCALL_DEFINE0(pause)
+ {
+ current->state = TASK_INTERRUPTIBLE;
+ schedule();
--- /dev/null
+From bdc480e3bef6eb0e7071770834cbdda7e30a5436 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:12 +0100
+Subject: [PATCH 20/44] [CVE-2009-0029] System call wrappers part 10
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit bdc480e3bef6eb0e7071770834cbdda7e30a5436 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/buffer.c | 2 +-
+ fs/namespace.c | 9 ++++-----
+ fs/open.c | 12 +++++-------
+ fs/stat.c | 2 +-
+ 4 files changed, 11 insertions(+), 14 deletions(-)
+
+--- a/fs/buffer.c
++++ b/fs/buffer.c
+@@ -3177,7 +3177,7 @@ void block_sync_page(struct page *page)
+ * Use of bdflush() is deprecated and will be removed in a future kernel.
+ * The `pdflush' kernel threads fully replace bdflush daemons and this call.
+ */
+-asmlinkage long sys_bdflush(int func, long data)
++SYSCALL_DEFINE2(bdflush, int, func, long, data)
+ {
+ static int msg_count;
+
+--- a/fs/namespace.c
++++ b/fs/namespace.c
+@@ -1128,7 +1128,7 @@ static int do_umount(struct vfsmount *mn
+ * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD
+ */
+
+-asmlinkage long sys_umount(char __user * name, int flags)
++SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
+ {
+ struct path path;
+ int retval;
+@@ -1160,7 +1160,7 @@ out:
+ /*
+ * The 2.0 compatible umount. No flags.
+ */
+-asmlinkage long sys_oldumount(char __user * name)
++SYSCALL_DEFINE1(oldumount, char __user *, name)
+ {
+ return sys_umount(name, 0);
+ }
+@@ -2053,9 +2053,8 @@ struct mnt_namespace *copy_mnt_ns(unsign
+ return new_ns;
+ }
+
+-asmlinkage long sys_mount(char __user * dev_name, char __user * dir_name,
+- char __user * type, unsigned long flags,
+- void __user * data)
++SYSCALL_DEFINE5(mount, char __user *, dev_name, char __user *, dir_name,
++ char __user *, type, unsigned long, flags, void __user *, data)
+ {
+ int retval;
+ unsigned long data_page;
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -122,7 +122,7 @@ static int vfs_statfs64(struct dentry *d
+ return 0;
+ }
+
+-asmlinkage long sys_statfs(const char __user *pathname, struct statfs __user * buf)
++SYSCALL_DEFINE2(statfs, const char __user *, pathname, struct statfs __user *, buf)
+ {
+ struct path path;
+ int error;
+@@ -138,8 +138,7 @@ asmlinkage long sys_statfs(const char __
+ return error;
+ }
+
+-
+-asmlinkage long sys_statfs64(const char __user *pathname, size_t sz, struct statfs64 __user *buf)
++SYSCALL_DEFINE3(statfs64, const char __user *, pathname, size_t, sz, struct statfs64 __user *, buf)
+ {
+ struct path path;
+ long error;
+@@ -157,8 +156,7 @@ asmlinkage long sys_statfs64(const char
+ return error;
+ }
+
+-
+-asmlinkage long sys_fstatfs(unsigned int fd, struct statfs __user * buf)
++SYSCALL_DEFINE2(fstatfs, unsigned int, fd, struct statfs __user *, buf)
+ {
+ struct file * file;
+ struct statfs tmp;
+@@ -287,7 +285,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_truncate(const char __user * path, unsigned long length)
++SYSCALL_DEFINE2(truncate, const char __user *, path, unsigned long, length)
+ {
+ /* on 32-bit boxen it will cut the range 2^31--2^32-1 off */
+ return do_sys_truncate(path, (long)length);
+@@ -336,7 +334,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length)
++SYSCALL_DEFINE2(ftruncate, unsigned int, fd, unsigned long, length)
+ {
+ long ret = do_sys_ftruncate(fd, length, 1);
+ /* avoid REGPARM breakage on x86: */
+--- a/fs/stat.c
++++ b/fs/stat.c
+@@ -152,7 +152,7 @@ static int cp_old_stat(struct kstat *sta
+ return copy_to_user(statbuf,&tmp,sizeof(tmp)) ? -EFAULT : 0;
+ }
+
+-asmlinkage long sys_stat(char __user * filename, struct __old_kernel_stat __user * statbuf)
++SYSCALL_DEFINE2(stat, char __user *, filename, struct __old_kernel_stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_stat_fd(AT_FDCWD, filename, &stat);
--- /dev/null
+From 257ac264d69017270fbc3cf5536953525db4076c Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:13 +0100
+Subject: [PATCH 21/44] [CVE-2009-0029] System call wrappers part 11
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 257ac264d69017270fbc3cf5536953525db4076c upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/open.c | 2 +-
+ fs/stat.c | 20 ++++++++++++--------
+ fs/super.c | 2 +-
+ 3 files changed, 14 insertions(+), 10 deletions(-)
+
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -174,7 +174,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_fstatfs64(unsigned int fd, size_t sz, struct statfs64 __user *buf)
++SYSCALL_DEFINE3(fstatfs64, unsigned int, fd, size_t, sz, struct statfs64 __user *, buf)
+ {
+ struct file * file;
+ struct statfs64 tmp;
+--- a/fs/stat.c
++++ b/fs/stat.c
+@@ -162,7 +162,8 @@ SYSCALL_DEFINE2(stat, char __user *, fil
+
+ return error;
+ }
+-asmlinkage long sys_lstat(char __user * filename, struct __old_kernel_stat __user * statbuf)
++
++SYSCALL_DEFINE2(lstat, char __user *, filename, struct __old_kernel_stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_lstat_fd(AT_FDCWD, filename, &stat);
+@@ -172,7 +173,8 @@ asmlinkage long sys_lstat(char __user *
+
+ return error;
+ }
+-asmlinkage long sys_fstat(unsigned int fd, struct __old_kernel_stat __user * statbuf)
++
++SYSCALL_DEFINE2(fstat, unsigned int, fd, struct __old_kernel_stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_fstat(fd, &stat);
+@@ -235,7 +237,7 @@ static int cp_new_stat(struct kstat *sta
+ return copy_to_user(statbuf,&tmp,sizeof(tmp)) ? -EFAULT : 0;
+ }
+
+-asmlinkage long sys_newstat(char __user *filename, struct stat __user *statbuf)
++SYSCALL_DEFINE2(newstat, char __user *, filename, struct stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_stat_fd(AT_FDCWD, filename, &stat);
+@@ -246,7 +248,7 @@ asmlinkage long sys_newstat(char __user
+ return error;
+ }
+
+-asmlinkage long sys_newlstat(char __user *filename, struct stat __user *statbuf)
++SYSCALL_DEFINE2(newlstat, char __user *, filename, struct stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_lstat_fd(AT_FDCWD, filename, &stat);
+@@ -280,7 +282,7 @@ out:
+ }
+ #endif
+
+-asmlinkage long sys_newfstat(unsigned int fd, struct stat __user *statbuf)
++SYSCALL_DEFINE2(newfstat, unsigned int, fd, struct stat __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_fstat(fd, &stat);
+@@ -365,7 +367,7 @@ static long cp_new_stat64(struct kstat *
+ return copy_to_user(statbuf,&tmp,sizeof(tmp)) ? -EFAULT : 0;
+ }
+
+-asmlinkage long sys_stat64(char __user * filename, struct stat64 __user * statbuf)
++SYSCALL_DEFINE2(stat64, char __user *, filename, struct stat64 __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_stat(filename, &stat);
+@@ -375,7 +377,8 @@ asmlinkage long sys_stat64(char __user *
+
+ return error;
+ }
+-asmlinkage long sys_lstat64(char __user * filename, struct stat64 __user * statbuf)
++
++SYSCALL_DEFINE2(lstat64, char __user *, filename, struct stat64 __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_lstat(filename, &stat);
+@@ -385,7 +388,8 @@ asmlinkage long sys_lstat64(char __user
+
+ return error;
+ }
+-asmlinkage long sys_fstat64(unsigned long fd, struct stat64 __user * statbuf)
++
++SYSCALL_DEFINE2(fstat64, unsigned long, fd, struct stat64 __user *, statbuf)
+ {
+ struct kstat stat;
+ int error = vfs_fstat(fd, &stat);
+--- a/fs/super.c
++++ b/fs/super.c
+@@ -534,7 +534,7 @@ rescan:
+ return NULL;
+ }
+
+-asmlinkage long sys_ustat(unsigned dev, struct ustat __user * ubuf)
++SYSCALL_DEFINE2(ustat, unsigned, dev, struct ustat __user *, ubuf)
+ {
+ struct super_block *s;
+ struct ustat tmp;
--- /dev/null
+From 64fd1de3d821659ac0a3004fd5ee1de59e64af30 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:14 +0100
+Subject: [PATCH 22/44] [CVE-2009-0029] System call wrappers part 12
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 64fd1de3d821659ac0a3004fd5ee1de59e64af30 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/xattr.c | 46 +++++++++++++++++++++-------------------------
+ 1 file changed, 21 insertions(+), 25 deletions(-)
+
+--- a/fs/xattr.c
++++ b/fs/xattr.c
+@@ -251,9 +251,9 @@ setxattr(struct dentry *d, const char __
+ return error;
+ }
+
+-asmlinkage long
+-sys_setxattr(const char __user *pathname, const char __user *name,
+- const void __user *value, size_t size, int flags)
++SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
++ const char __user *, name, const void __user *, value,
++ size_t, size, int, flags)
+ {
+ struct path path;
+ int error;
+@@ -270,9 +270,9 @@ sys_setxattr(const char __user *pathname
+ return error;
+ }
+
+-asmlinkage long
+-sys_lsetxattr(const char __user *pathname, const char __user *name,
+- const void __user *value, size_t size, int flags)
++SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
++ const char __user *, name, const void __user *, value,
++ size_t, size, int, flags)
+ {
+ struct path path;
+ int error;
+@@ -289,9 +289,8 @@ sys_lsetxattr(const char __user *pathnam
+ return error;
+ }
+
+-asmlinkage long
+-sys_fsetxattr(int fd, const char __user *name, const void __user *value,
+- size_t size, int flags)
++SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
++ const void __user *,value, size_t, size, int, flags)
+ {
+ struct file *f;
+ struct dentry *dentry;
+@@ -349,9 +348,8 @@ getxattr(struct dentry *d, const char __
+ return error;
+ }
+
+-asmlinkage long
+-sys_getxattr(const char __user *pathname, const char __user *name,
+- void __user *value, size_t size)
++SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
++ const char __user *, name, void __user *, value, size_t, size)
+ {
+ struct path path;
+ ssize_t error;
+@@ -364,9 +362,8 @@ sys_getxattr(const char __user *pathname
+ return error;
+ }
+
+-asmlinkage long
+-sys_lgetxattr(const char __user *pathname, const char __user *name, void __user *value,
+- size_t size)
++SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
++ const char __user *, name, void __user *, value, size_t, size)
+ {
+ struct path path;
+ ssize_t error;
+@@ -379,8 +376,8 @@ sys_lgetxattr(const char __user *pathnam
+ return error;
+ }
+
+-asmlinkage long
+-sys_fgetxattr(int fd, const char __user *name, void __user *value, size_t size)
++SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
++ void __user *, value, size_t, size)
+ {
+ struct file *f;
+ ssize_t error = -EBADF;
+@@ -424,8 +421,8 @@ listxattr(struct dentry *d, char __user
+ return error;
+ }
+
+-asmlinkage long
+-sys_listxattr(const char __user *pathname, char __user *list, size_t size)
++SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
++ size_t, size)
+ {
+ struct path path;
+ ssize_t error;
+@@ -438,8 +435,8 @@ sys_listxattr(const char __user *pathnam
+ return error;
+ }
+
+-asmlinkage long
+-sys_llistxattr(const char __user *pathname, char __user *list, size_t size)
++SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
++ size_t, size)
+ {
+ struct path path;
+ ssize_t error;
+@@ -452,8 +449,7 @@ sys_llistxattr(const char __user *pathna
+ return error;
+ }
+
+-asmlinkage long
+-sys_flistxattr(int fd, char __user *list, size_t size)
++SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
+ {
+ struct file *f;
+ ssize_t error = -EBADF;
+@@ -485,8 +481,8 @@ removexattr(struct dentry *d, const char
+ return vfs_removexattr(d, kname);
+ }
+
+-asmlinkage long
+-sys_removexattr(const char __user *pathname, const char __user *name)
++SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
++ const char __user *, name)
+ {
+ struct path path;
+ int error;
--- /dev/null
+From 6a6160a7b5c27b3c38651baef92a14fa7072b3c1 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:15 +0100
+Subject: [PATCH 23/44] [CVE-2009-0029] System call wrappers part 13
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 6a6160a7b5c27b3c38651baef92a14fa7072b3c1 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/xattr.c | 7 +++----
+ mm/fremap.c | 4 ++--
+ mm/mlock.c | 4 ++--
+ mm/mmap.c | 4 ++--
+ mm/mprotect.c | 4 ++--
+ mm/mremap.c | 6 +++---
+ mm/msync.c | 2 +-
+ mm/nommu.c | 10 +++++-----
+ 8 files changed, 20 insertions(+), 21 deletions(-)
+
+--- a/fs/xattr.c
++++ b/fs/xattr.c
+@@ -499,8 +499,8 @@ SYSCALL_DEFINE2(removexattr, const char
+ return error;
+ }
+
+-asmlinkage long
+-sys_lremovexattr(const char __user *pathname, const char __user *name)
++SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
++ const char __user *, name)
+ {
+ struct path path;
+ int error;
+@@ -517,8 +517,7 @@ sys_lremovexattr(const char __user *path
+ return error;
+ }
+
+-asmlinkage long
+-sys_fremovexattr(int fd, const char __user *name)
++SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
+ {
+ struct file *f;
+ struct dentry *dentry;
+--- a/mm/fremap.c
++++ b/mm/fremap.c
+@@ -118,8 +118,8 @@ static int populate_range(struct mm_stru
+ * and the vma's default protection is used. Arbitrary protections
+ * might be implemented in the future.
+ */
+-asmlinkage long sys_remap_file_pages(unsigned long start, unsigned long size,
+- unsigned long prot, unsigned long pgoff, unsigned long flags)
++SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
++ unsigned long, prot, unsigned long, pgoff, unsigned long, flags)
+ {
+ struct mm_struct *mm = current->mm;
+ struct address_space *mapping;
+--- a/mm/mlock.c
++++ b/mm/mlock.c
+@@ -130,7 +130,7 @@ static int do_mlock(unsigned long start,
+ return error;
+ }
+
+-asmlinkage long sys_mlock(unsigned long start, size_t len)
++SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len)
+ {
+ unsigned long locked;
+ unsigned long lock_limit;
+@@ -156,7 +156,7 @@ asmlinkage long sys_mlock(unsigned long
+ return error;
+ }
+
+-asmlinkage long sys_munlock(unsigned long start, size_t len)
++SYSCALL_DEFINE2(munlock, unsigned long, start, size_t, len)
+ {
+ int ret;
+
+--- a/mm/mmap.c
++++ b/mm/mmap.c
+@@ -244,7 +244,7 @@ static struct vm_area_struct *remove_vma
+ return next;
+ }
+
+-asmlinkage long sys_brk(unsigned long brk)
++SYSCALL_DEFINE1(brk, unsigned long, brk)
+ {
+ unsigned long rlim, retval;
+ unsigned long newbrk, oldbrk;
+@@ -1927,7 +1927,7 @@ int do_munmap(struct mm_struct *mm, unsi
+
+ EXPORT_SYMBOL(do_munmap);
+
+-asmlinkage long sys_munmap(unsigned long addr, size_t len)
++SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len)
+ {
+ int ret;
+ struct mm_struct *mm = current->mm;
+--- a/mm/mprotect.c
++++ b/mm/mprotect.c
+@@ -219,8 +219,8 @@ fail:
+ return error;
+ }
+
+-asmlinkage long
+-sys_mprotect(unsigned long start, size_t len, unsigned long prot)
++SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len,
++ unsigned long, prot)
+ {
+ unsigned long vm_flags, nstart, end, tmp, reqprot;
+ struct vm_area_struct *vma, *prev;
+--- a/mm/mremap.c
++++ b/mm/mremap.c
+@@ -418,9 +418,9 @@ out_nc:
+ return ret;
+ }
+
+-asmlinkage long sys_mremap(unsigned long addr,
+- unsigned long old_len, unsigned long new_len,
+- unsigned long flags, unsigned long new_addr)
++SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
++ unsigned long, new_len, unsigned long, flags,
++ unsigned long, new_addr)
+ {
+ unsigned long ret;
+
+--- a/mm/msync.c
++++ b/mm/msync.c
+@@ -28,7 +28,7 @@
+ * So by _not_ starting I/O in MS_ASYNC we provide complete flexibility to
+ * applications.
+ */
+-asmlinkage long sys_msync(unsigned long start, size_t len, int flags)
++SYSCALL_DEFINE3(msync, unsigned long, start, size_t, len, int, flags)
+ {
+ unsigned long end;
+ struct mm_struct *mm = current->mm;
+--- a/mm/nommu.c
++++ b/mm/nommu.c
+@@ -355,7 +355,7 @@ EXPORT_SYMBOL(vm_insert_page);
+ * to a regular file. in this case, the unmapping will need
+ * to invoke file system routines that need the global lock.
+ */
+-asmlinkage long sys_brk(unsigned long brk)
++SYSCALL_DEFINE1(brk, unsigned long, brk)
+ {
+ struct mm_struct *mm = current->mm;
+
+@@ -1170,7 +1170,7 @@ int do_munmap(struct mm_struct *mm, unsi
+ }
+ EXPORT_SYMBOL(do_munmap);
+
+-asmlinkage long sys_munmap(unsigned long addr, size_t len)
++SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len)
+ {
+ int ret;
+ struct mm_struct *mm = current->mm;
+@@ -1261,9 +1261,9 @@ unsigned long do_mremap(unsigned long ad
+ }
+ EXPORT_SYMBOL(do_mremap);
+
+-asmlinkage unsigned long sys_mremap(unsigned long addr,
+- unsigned long old_len, unsigned long new_len,
+- unsigned long flags, unsigned long new_addr)
++SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
++ unsigned long, new_len, unsigned long, flags,
++ unsigned long, new_addr)
+ {
+ unsigned long ret;
+
--- /dev/null
+From 3480b25743cb7404928d57efeaa3d085708b04c2 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:16 +0100
+Subject: [PATCH 24/44] [CVE-2009-0029] System call wrappers part 14
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 3480b25743cb7404928d57efeaa3d085708b04c2 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/namei.c | 8 ++++----
+ fs/namespace.c | 4 ++--
+ fs/open.c | 2 +-
+ mm/madvise.c | 2 +-
+ mm/mincore.c | 4 ++--
+ mm/mlock.c | 4 ++--
+ 6 files changed, 12 insertions(+), 12 deletions(-)
+
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -2041,7 +2041,7 @@ out_unlock:
+ return error;
+ }
+
+-asmlinkage long sys_mknod(const char __user *filename, int mode, unsigned dev)
++SYSCALL_DEFINE3(mknod, const char __user *, filename, int, mode, unsigned, dev)
+ {
+ return sys_mknodat(AT_FDCWD, filename, mode, dev);
+ }
+@@ -2308,7 +2308,7 @@ asmlinkage long sys_unlinkat(int dfd, co
+ return do_unlinkat(dfd, pathname);
+ }
+
+-asmlinkage long sys_unlink(const char __user *pathname)
++SYSCALL_DEFINE1(unlink, const char __user *, pathname)
+ {
+ return do_unlinkat(AT_FDCWD, pathname);
+ }
+@@ -2372,7 +2372,7 @@ out_putname:
+ return error;
+ }
+
+-asmlinkage long sys_symlink(const char __user *oldname, const char __user *newname)
++SYSCALL_DEFINE2(symlink, const char __user *, oldname, const char __user *, newname)
+ {
+ return sys_symlinkat(oldname, AT_FDCWD, newname);
+ }
+@@ -2471,7 +2471,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_link(const char __user *oldname, const char __user *newname)
++SYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname)
+ {
+ return sys_linkat(AT_FDCWD, oldname, AT_FDCWD, newname, 0);
+ }
+--- a/fs/namespace.c
++++ b/fs/namespace.c
+@@ -2179,8 +2179,8 @@ static void chroot_fs_refs(struct path *
+ * though, so you may need to say mount --bind /nfs/my_root /nfs/my_root
+ * first.
+ */
+-asmlinkage long sys_pivot_root(const char __user * new_root,
+- const char __user * put_old)
++SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
++ const char __user *, put_old)
+ {
+ struct vfsmount *tmp;
+ struct path new, old, parent_path, root_parent, root;
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -574,7 +574,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_chroot(const char __user * filename)
++SYSCALL_DEFINE1(chroot, const char __user *, filename)
+ {
+ struct path path;
+ int error;
+--- a/mm/madvise.c
++++ b/mm/madvise.c
+@@ -281,7 +281,7 @@ madvise_vma(struct vm_area_struct *vma,
+ * -EBADF - map exists, but area maps something that isn't a file.
+ * -EAGAIN - a kernel resource was temporarily unavailable.
+ */
+-asmlinkage long sys_madvise(unsigned long start, size_t len_in, int behavior)
++SYSCALL_DEFINE3(madvise, unsigned long, start, size_t, len_in, int, behavior)
+ {
+ unsigned long end, tmp;
+ struct vm_area_struct * vma, *prev;
+--- a/mm/mincore.c
++++ b/mm/mincore.c
+@@ -177,8 +177,8 @@ none_mapped:
+ * mapped
+ * -EAGAIN - A kernel resource was temporarily unavailable.
+ */
+-asmlinkage long sys_mincore(unsigned long start, size_t len,
+- unsigned char __user * vec)
++SYSCALL_DEFINE3(mincore, unsigned long, start, size_t, len,
++ unsigned char __user *, vec)
+ {
+ long retval;
+ unsigned long pages;
+--- a/mm/mlock.c
++++ b/mm/mlock.c
+@@ -193,7 +193,7 @@ out:
+ return 0;
+ }
+
+-asmlinkage long sys_mlockall(int flags)
++SYSCALL_DEFINE1(mlockall, int, flags)
+ {
+ unsigned long lock_limit;
+ int ret = -EINVAL;
+@@ -219,7 +219,7 @@ out:
+ return ret;
+ }
+
+-asmlinkage long sys_munlockall(void)
++SYSCALL_DEFINE0(munlockall)
+ {
+ int ret;
+
--- /dev/null
+From a26eab2400f0477bfac0255600552394855016f7 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:17 +0100
+Subject: [PATCH 25/44] [CVE-2009-0029] System call wrappers part 15
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit a26eab2400f0477bfac0255600552394855016f7 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/fcntl.c | 11 ++++++-----
+ fs/ioctl.c | 2 +-
+ fs/namei.c | 2 +-
+ fs/open.c | 4 ++--
+ 4 files changed, 10 insertions(+), 9 deletions(-)
+
+--- a/fs/fcntl.c
++++ b/fs/fcntl.c
+@@ -50,7 +50,7 @@ static int get_close_on_exec(unsigned in
+ return res;
+ }
+
+-asmlinkage long sys_dup3(unsigned int oldfd, unsigned int newfd, int flags)
++SYSCALL_DEFINE3(dup3, unsigned int, oldfd, unsigned int, newfd, int, flags)
+ {
+ int err = -EBADF;
+ struct file * file, *tofree;
+@@ -113,7 +113,7 @@ out_unlock:
+ return err;
+ }
+
+-asmlinkage long sys_dup2(unsigned int oldfd, unsigned int newfd)
++SYSCALL_DEFINE2(dup2, unsigned int, oldfd, unsigned int, newfd)
+ {
+ if (unlikely(newfd == oldfd)) { /* corner case */
+ struct files_struct *files = current->files;
+@@ -126,7 +126,7 @@ asmlinkage long sys_dup2(unsigned int ol
+ return sys_dup3(oldfd, newfd, 0);
+ }
+
+-asmlinkage long sys_dup(unsigned int fildes)
++SYSCALL_DEFINE1(dup, unsigned int, fildes)
+ {
+ int ret = -EBADF;
+ struct file *file = fget(fildes);
+@@ -334,7 +334,7 @@ static long do_fcntl(int fd, unsigned in
+ return err;
+ }
+
+-asmlinkage long sys_fcntl(unsigned int fd, unsigned int cmd, unsigned long arg)
++SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
+ {
+ struct file *filp;
+ long err = -EBADF;
+@@ -357,7 +357,8 @@ out:
+ }
+
+ #if BITS_PER_LONG == 32
+-asmlinkage long sys_fcntl64(unsigned int fd, unsigned int cmd, unsigned long arg)
++SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
++ unsigned long, arg)
+ {
+ struct file * filp;
+ long err;
+--- a/fs/ioctl.c
++++ b/fs/ioctl.c
+@@ -195,7 +195,7 @@ int do_vfs_ioctl(struct file *filp, unsi
+ return error;
+ }
+
+-asmlinkage long sys_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
++SYSCALL_DEFINE3(ioctl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
+ {
+ struct file *filp;
+ int error = -EBADF;
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -2707,7 +2707,7 @@ exit:
+ return error;
+ }
+
+-asmlinkage long sys_rename(const char __user *oldname, const char __user *newname)
++SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newname)
+ {
+ return sys_renameat(AT_FDCWD, oldname, AT_FDCWD, newname);
+ }
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -599,7 +599,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
++SYSCALL_DEFINE2(fchmod, unsigned int, fd, mode_t, mode)
+ {
+ struct inode * inode;
+ struct dentry * dentry;
+@@ -663,7 +663,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_chmod(const char __user *filename, mode_t mode)
++SYSCALL_DEFINE2(chmod, const char __user *, filename, mode_t, mode)
+ {
+ return sys_fchmodat(AT_FDCWD, filename, mode);
+ }
--- /dev/null
+From 002c8976ee537724b20a5e179d9b349309438836 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:18 +0100
+Subject: [PATCH 26/44] [CVE-2009-0029] System call wrappers part 16
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 002c8976ee537724b20a5e179d9b349309438836 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/aio.c | 22 +++++++++++-----------
+ fs/locks.c | 2 +-
+ fs/open.c | 2 +-
+ fs/read_write.c | 4 ++--
+ fs/stat.c | 4 ++--
+ 5 files changed, 17 insertions(+), 17 deletions(-)
+
+--- a/fs/aio.c
++++ b/fs/aio.c
+@@ -1258,7 +1258,7 @@ static void io_destroy(struct kioctx *io
+ * pointer is passed for ctxp. Will fail with -ENOSYS if not
+ * implemented.
+ */
+-asmlinkage long sys_io_setup(unsigned nr_events, aio_context_t __user *ctxp)
++SYSCALL_DEFINE2(io_setup, unsigned, nr_events, aio_context_t __user *, ctxp)
+ {
+ struct kioctx *ioctx = NULL;
+ unsigned long ctx;
+@@ -1296,7 +1296,7 @@ out:
+ * implemented. May fail with -EFAULT if the context pointed to
+ * is invalid.
+ */
+-asmlinkage long sys_io_destroy(aio_context_t ctx)
++SYSCALL_DEFINE1(io_destroy, aio_context_t, ctx)
+ {
+ struct kioctx *ioctx = lookup_ioctx(ctx);
+ if (likely(NULL != ioctx)) {
+@@ -1650,8 +1650,8 @@ out_put_req:
+ * are available to queue any iocbs. Will return 0 if nr is 0. Will
+ * fail with -ENOSYS if not implemented.
+ */
+-asmlinkage long sys_io_submit(aio_context_t ctx_id, long nr,
+- struct iocb __user * __user *iocbpp)
++SYSCALL_DEFINE3(io_submit, aio_context_t, ctx_id, long, nr,
++ struct iocb __user * __user *, iocbpp)
+ {
+ struct kioctx *ctx;
+ long ret = 0;
+@@ -1725,8 +1725,8 @@ static struct kiocb *lookup_kiocb(struct
+ * invalid. May fail with -EAGAIN if the iocb specified was not
+ * cancelled. Will fail with -ENOSYS if not implemented.
+ */
+-asmlinkage long sys_io_cancel(aio_context_t ctx_id, struct iocb __user *iocb,
+- struct io_event __user *result)
++SYSCALL_DEFINE3(io_cancel, aio_context_t, ctx_id, struct iocb __user *, iocb,
++ struct io_event __user *, result)
+ {
+ int (*cancel)(struct kiocb *iocb, struct io_event *res);
+ struct kioctx *ctx;
+@@ -1787,11 +1787,11 @@ asmlinkage long sys_io_cancel(aio_contex
+ * will be updated if not NULL and the operation blocks. Will fail
+ * with -ENOSYS if not implemented.
+ */
+-asmlinkage long sys_io_getevents(aio_context_t ctx_id,
+- long min_nr,
+- long nr,
+- struct io_event __user *events,
+- struct timespec __user *timeout)
++SYSCALL_DEFINE5(io_getevents, aio_context_t, ctx_id,
++ long, min_nr,
++ long, nr,
++ struct io_event __user *, events,
++ struct timespec __user *, timeout)
+ {
+ struct kioctx *ioctx = lookup_ioctx(ctx_id);
+ long ret = -EINVAL;
+--- a/fs/locks.c
++++ b/fs/locks.c
+@@ -1564,7 +1564,7 @@ EXPORT_SYMBOL(flock_lock_file_wait);
+ * %LOCK_MAND can be combined with %LOCK_READ or %LOCK_WRITE to allow other
+ * processes read and write access respectively.
+ */
+-asmlinkage long sys_flock(unsigned int fd, unsigned int cmd)
++SYSCALL_DEFINE2(flock, unsigned int, fd, unsigned int, cmd)
+ {
+ struct file *filp;
+ struct file_lock *lock;
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -1081,7 +1081,7 @@ asmlinkage long sys_openat(int dfd, cons
+ * For backward compatibility? Maybe this should be moved
+ * into arch/i386 instead?
+ */
+-asmlinkage long sys_creat(const char __user * pathname, int mode)
++SYSCALL_DEFINE2(creat, const char __user *, pathname, int, mode)
+ {
+ return sys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode);
+ }
+--- a/fs/read_write.c
++++ b/fs/read_write.c
+@@ -793,7 +793,7 @@ out:
+ return retval;
+ }
+
+-asmlinkage long sys_sendfile(int out_fd, int in_fd, off_t __user *offset, size_t count)
++SYSCALL_DEFINE4(sendfile, int, out_fd, int, in_fd, off_t __user *, offset, size_t, count)
+ {
+ loff_t pos;
+ off_t off;
+@@ -812,7 +812,7 @@ asmlinkage long sys_sendfile(int out_fd,
+ return do_sendfile(out_fd, in_fd, NULL, count, 0);
+ }
+
+-asmlinkage long sys_sendfile64(int out_fd, int in_fd, loff_t __user *offset, size_t count)
++SYSCALL_DEFINE4(sendfile64, int, out_fd, int, in_fd, loff_t __user *, offset, size_t, count)
+ {
+ loff_t pos;
+ ssize_t ret;
+--- a/fs/stat.c
++++ b/fs/stat.c
+@@ -320,8 +320,8 @@ asmlinkage long sys_readlinkat(int dfd,
+ return error;
+ }
+
+-asmlinkage long sys_readlink(const char __user *path, char __user *buf,
+- int bufsiz)
++SYSCALL_DEFINE3(readlink, const char __user *, path, char __user *, buf,
++ int, bufsiz)
+ {
+ return sys_readlinkat(AT_FDCWD, path, buf, bufsiz);
+ }
--- /dev/null
+From ca013e945b1ba5828b151ee646946f1297b67a4c Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:19 +0100
+Subject: [PATCH 27/44] [CVE-2009-0029] System call wrappers part 17
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit ca013e945b1ba5828b151ee646946f1297b67a4c upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/open.c | 16 +++++++---------
+ kernel/uid16.c | 6 +++---
+ 2 files changed, 10 insertions(+), 12 deletions(-)
+
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -522,7 +522,7 @@ out:
+ return res;
+ }
+
+-asmlinkage long sys_access(const char __user *filename, int mode)
++SYSCALL_DEFINE2(access, const char __user *, filename, int, mode)
+ {
+ return sys_faccessat(AT_FDCWD, filename, mode);
+ }
+@@ -693,7 +693,7 @@ static int chown_common(struct dentry *
+ return error;
+ }
+
+-asmlinkage long sys_chown(const char __user * filename, uid_t user, gid_t group)
++SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group)
+ {
+ struct path path;
+ int error;
+@@ -737,7 +737,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_lchown(const char __user * filename, uid_t user, gid_t group)
++SYSCALL_DEFINE3(lchown, const char __user *, filename, uid_t, user, gid_t, group)
+ {
+ struct path path;
+ int error;
+@@ -756,8 +756,7 @@ out:
+ return error;
+ }
+
+-
+-asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
++SYSCALL_DEFINE3(fchown, unsigned int, fd, uid_t, user, gid_t, group)
+ {
+ struct file * file;
+ int error = -EBADF;
+@@ -1048,7 +1047,7 @@ long do_sys_open(int dfd, const char __u
+ return fd;
+ }
+
+-asmlinkage long sys_open(const char __user *filename, int flags, int mode)
++SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, int, mode)
+ {
+ long ret;
+
+@@ -1117,7 +1116,7 @@ EXPORT_SYMBOL(filp_close);
+ * releasing the fd. This ensures that one clone task can't release
+ * an fd while another clone is opening it.
+ */
+-asmlinkage long sys_close(unsigned int fd)
++SYSCALL_DEFINE1(close, unsigned int, fd)
+ {
+ struct file * filp;
+ struct files_struct *files = current->files;
+@@ -1150,14 +1149,13 @@ out_unlock:
+ spin_unlock(&files->file_lock);
+ return -EBADF;
+ }
+-
+ EXPORT_SYMBOL(sys_close);
+
+ /*
+ * This routine simulates a hangup on the tty, to arrange that users
+ * are given clean terminals at login time.
+ */
+-asmlinkage long sys_vhangup(void)
++SYSCALL_DEFINE0(vhangup)
+ {
+ if (capable(CAP_SYS_TTY_CONFIG)) {
+ /* XXX: this needs locking */
+--- a/kernel/uid16.c
++++ b/kernel/uid16.c
+@@ -17,7 +17,7 @@
+
+ #include <asm/uaccess.h>
+
+-asmlinkage long sys_chown16(const char __user * filename, old_uid_t user, old_gid_t group)
++SYSCALL_DEFINE3(chown16, const char __user *, filename, old_uid_t, user, old_gid_t, group)
+ {
+ long ret = sys_chown(filename, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
+@@ -25,7 +25,7 @@ asmlinkage long sys_chown16(const char _
+ return ret;
+ }
+
+-asmlinkage long sys_lchown16(const char __user * filename, old_uid_t user, old_gid_t group)
++SYSCALL_DEFINE3(lchown16, const char __user *, filename, old_uid_t, user, old_gid_t, group)
+ {
+ long ret = sys_lchown(filename, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
+@@ -33,7 +33,7 @@ asmlinkage long sys_lchown16(const char
+ return ret;
+ }
+
+-asmlinkage long sys_fchown16(unsigned int fd, old_uid_t user, old_gid_t group)
++SYSCALL_DEFINE3(fchown16, unsigned int, fd, old_uid_t, user, old_gid_t, group)
+ {
+ long ret = sys_fchown(fd, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
--- /dev/null
+From a6b42e83f249aad723589b2bdf6d1dfb2b0997c8 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:20 +0100
+Subject: [PATCH 28/44] [CVE-2009-0029] System call wrappers part 18
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit a6b42e83f249aad723589b2bdf6d1dfb2b0997c8 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ kernel/uid16.c | 21 +++++++++++----------
+ 1 file changed, 11 insertions(+), 10 deletions(-)
+
+--- a/kernel/uid16.c
++++ b/kernel/uid16.c
+@@ -41,7 +41,7 @@ SYSCALL_DEFINE3(fchown16, unsigned int,
+ return ret;
+ }
+
+-asmlinkage long sys_setregid16(old_gid_t rgid, old_gid_t egid)
++SYSCALL_DEFINE2(setregid16, old_gid_t, rgid, old_gid_t, egid)
+ {
+ long ret = sys_setregid(low2highgid(rgid), low2highgid(egid));
+ /* avoid REGPARM breakage on x86: */
+@@ -49,7 +49,7 @@ asmlinkage long sys_setregid16(old_gid_t
+ return ret;
+ }
+
+-asmlinkage long sys_setgid16(old_gid_t gid)
++SYSCALL_DEFINE1(setgid16, old_gid_t, gid)
+ {
+ long ret = sys_setgid(low2highgid(gid));
+ /* avoid REGPARM breakage on x86: */
+@@ -57,7 +57,7 @@ asmlinkage long sys_setgid16(old_gid_t g
+ return ret;
+ }
+
+-asmlinkage long sys_setreuid16(old_uid_t ruid, old_uid_t euid)
++SYSCALL_DEFINE2(setreuid16, old_uid_t, ruid, old_uid_t, euid)
+ {
+ long ret = sys_setreuid(low2highuid(ruid), low2highuid(euid));
+ /* avoid REGPARM breakage on x86: */
+@@ -65,7 +65,7 @@ asmlinkage long sys_setreuid16(old_uid_t
+ return ret;
+ }
+
+-asmlinkage long sys_setuid16(old_uid_t uid)
++SYSCALL_DEFINE1(setuid16, old_uid_t, uid)
+ {
+ long ret = sys_setuid(low2highuid(uid));
+ /* avoid REGPARM breakage on x86: */
+@@ -73,7 +73,7 @@ asmlinkage long sys_setuid16(old_uid_t u
+ return ret;
+ }
+
+-asmlinkage long sys_setresuid16(old_uid_t ruid, old_uid_t euid, old_uid_t suid)
++SYSCALL_DEFINE3(setresuid16, old_uid_t, ruid, old_uid_t, euid, old_uid_t, suid)
+ {
+ long ret = sys_setresuid(low2highuid(ruid), low2highuid(euid),
+ low2highuid(suid));
+@@ -82,7 +82,7 @@ asmlinkage long sys_setresuid16(old_uid_
+ return ret;
+ }
+
+-asmlinkage long sys_getresuid16(old_uid_t __user *ruid, old_uid_t __user *euid, old_uid_t __user *suid)
++SYSCALL_DEFINE3(getresuid16, old_uid_t __user *, ruid, old_uid_t __user *, euid, old_uid_t __user *, suid)
+ {
+ int retval;
+
+@@ -93,7 +93,7 @@ asmlinkage long sys_getresuid16(old_uid_
+ return retval;
+ }
+
+-asmlinkage long sys_setresgid16(old_gid_t rgid, old_gid_t egid, old_gid_t sgid)
++SYSCALL_DEFINE3(setresgid16, old_gid_t, rgid, old_gid_t, egid, old_gid_t, sgid)
+ {
+ long ret = sys_setresgid(low2highgid(rgid), low2highgid(egid),
+ low2highgid(sgid));
+@@ -102,7 +102,8 @@ asmlinkage long sys_setresgid16(old_gid_
+ return ret;
+ }
+
+-asmlinkage long sys_getresgid16(old_gid_t __user *rgid, old_gid_t __user *egid, old_gid_t __user *sgid)
++
++SYSCALL_DEFINE3(getresgid16, old_gid_t __user *, rgid, old_gid_t __user *, egid, old_gid_t __user *, sgid)
+ {
+ int retval;
+
+@@ -113,7 +114,7 @@ asmlinkage long sys_getresgid16(old_gid_
+ return retval;
+ }
+
+-asmlinkage long sys_setfsuid16(old_uid_t uid)
++SYSCALL_DEFINE1(setfsuid16, old_uid_t, uid)
+ {
+ long ret = sys_setfsuid(low2highuid(uid));
+ /* avoid REGPARM breakage on x86: */
+@@ -121,7 +122,7 @@ asmlinkage long sys_setfsuid16(old_uid_t
+ return ret;
+ }
+
+-asmlinkage long sys_setfsgid16(old_gid_t gid)
++SYSCALL_DEFINE1(setfsgid16, old_gid_t, gid)
+ {
+ long ret = sys_setfsgid(low2highgid(gid));
+ /* avoid REGPARM breakage on x86: */
--- /dev/null
+From 003d7ab479168132a2b2c6700fe682b08f08ab0c Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:21 +0100
+Subject: [PATCH 29/44] [CVE-2009-0029] System call wrappers part 19
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 003d7ab479168132a2b2c6700fe682b08f08ab0c upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/read_write.c | 8 ++++----
+ fs/utimes.c | 5 +++--
+ kernel/uid16.c | 12 ++++++------
+ 3 files changed, 13 insertions(+), 12 deletions(-)
+
+--- a/fs/read_write.c
++++ b/fs/read_write.c
+@@ -112,7 +112,7 @@ loff_t vfs_llseek(struct file *file, lof
+ }
+ EXPORT_SYMBOL(vfs_llseek);
+
+-asmlinkage long sys_lseek(unsigned int fd, off_t offset, unsigned int origin)
++SYSCALL_DEFINE3(lseek, unsigned int, fd, off_t, offset, unsigned int, origin)
+ {
+ off_t retval;
+ struct file * file;
+@@ -136,9 +136,9 @@ bad:
+ }
+
+ #ifdef __ARCH_WANT_SYS_LLSEEK
+-asmlinkage long sys_llseek(unsigned int fd, unsigned long offset_high,
+- unsigned long offset_low, loff_t __user * result,
+- unsigned int origin)
++SYSCALL_DEFINE5(llseek, unsigned int, fd, unsigned long, offset_high,
++ unsigned long, offset_low, loff_t __user *, result,
++ unsigned int, origin)
+ {
+ int retval;
+ struct file * file;
+--- a/fs/utimes.c
++++ b/fs/utimes.c
+@@ -24,7 +24,7 @@
+ * must be owner or have write permission.
+ * Else, update from *times, must be owner or super user.
+ */
+-asmlinkage long sys_utime(char __user *filename, struct utimbuf __user *times)
++SYSCALL_DEFINE2(utime, char __user *, filename, struct utimbuf __user *, times)
+ {
+ struct timespec tv[2];
+
+@@ -214,7 +214,8 @@ asmlinkage long sys_futimesat(int dfd, c
+ return do_utimes(dfd, filename, utimes ? tstimes : NULL, 0);
+ }
+
+-asmlinkage long sys_utimes(char __user *filename, struct timeval __user *utimes)
++SYSCALL_DEFINE2(utimes, char __user *, filename,
++ struct timeval __user *, utimes)
+ {
+ return sys_futimesat(AT_FDCWD, filename, utimes);
+ }
+--- a/kernel/uid16.c
++++ b/kernel/uid16.c
+@@ -160,7 +160,7 @@ static int groups16_from_user(struct gro
+ return 0;
+ }
+
+-asmlinkage long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
++SYSCALL_DEFINE2(getgroups16, int, gidsetsize, old_gid_t __user *, grouplist)
+ {
+ int i = 0;
+
+@@ -184,7 +184,7 @@ out:
+ return i;
+ }
+
+-asmlinkage long sys_setgroups16(int gidsetsize, old_gid_t __user *grouplist)
++SYSCALL_DEFINE2(setgroups16, int, gidsetsize, old_gid_t __user *, grouplist)
+ {
+ struct group_info *group_info;
+ int retval;
+@@ -209,22 +209,22 @@ asmlinkage long sys_setgroups16(int gids
+ return retval;
+ }
+
+-asmlinkage long sys_getuid16(void)
++SYSCALL_DEFINE0(getuid16)
+ {
+ return high2lowuid(current->uid);
+ }
+
+-asmlinkage long sys_geteuid16(void)
++SYSCALL_DEFINE0(geteuid16)
+ {
+ return high2lowuid(current->euid);
+ }
+
+-asmlinkage long sys_getgid16(void)
++SYSCALL_DEFINE0(getgid16)
+ {
+ return high2lowgid(current->gid);
+ }
+
+-asmlinkage long sys_getegid16(void)
++SYSCALL_DEFINE0(getegid16)
+ {
+ return high2lowgid(current->egid);
+ }
--- /dev/null
+From 3cdad42884bbd95d5aa01297e8236ea1bad70053 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:22 +0100
+Subject: [PATCH 30/44] [CVE-2009-0029] System call wrappers part 20
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 3cdad42884bbd95d5aa01297e8236ea1bad70053 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/dcache.c | 2 +-
+ fs/namei.c | 4 ++--
+ fs/open.c | 4 ++--
+ fs/quota.c | 3 ++-
+ fs/read_write.c | 13 +++++++------
+ 5 files changed, 14 insertions(+), 12 deletions(-)
+
+--- a/fs/dcache.c
++++ b/fs/dcache.c
+@@ -2085,7 +2085,7 @@ Elong:
+ * return NULL;
+ * }
+ */
+-asmlinkage long sys_getcwd(char __user *buf, unsigned long size)
++SYSCALL_DEFINE2(getcwd, char __user *, buf, unsigned long, size)
+ {
+ int error;
+ struct path pwd, root;
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -2101,7 +2101,7 @@ out_err:
+ return error;
+ }
+
+-asmlinkage long sys_mkdir(const char __user *pathname, int mode)
++SYSCALL_DEFINE2(mkdir, const char __user *, pathname, int, mode)
+ {
+ return sys_mkdirat(AT_FDCWD, pathname, mode);
+ }
+@@ -2208,7 +2208,7 @@ exit1:
+ return error;
+ }
+
+-asmlinkage long sys_rmdir(const char __user *pathname)
++SYSCALL_DEFINE1(rmdir, const char __user *, pathname)
+ {
+ return do_rmdir(AT_FDCWD, pathname);
+ }
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -527,7 +527,7 @@ SYSCALL_DEFINE2(access, const char __use
+ return sys_faccessat(AT_FDCWD, filename, mode);
+ }
+
+-asmlinkage long sys_chdir(const char __user * filename)
++SYSCALL_DEFINE1(chdir, const char __user *, filename)
+ {
+ struct path path;
+ int error;
+@@ -548,7 +548,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_fchdir(unsigned int fd)
++SYSCALL_DEFINE1(fchdir, unsigned int, fd)
+ {
+ struct file *file;
+ struct inode *inode;
+--- a/fs/quota.c
++++ b/fs/quota.c
+@@ -368,7 +368,8 @@ static inline struct super_block *quotac
+ * calls. Maybe we need to add the process quotas etc. in the future,
+ * but we probably should use rlimits for that.
+ */
+-asmlinkage long sys_quotactl(unsigned int cmd, const char __user *special, qid_t id, void __user *addr)
++SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special,
++ qid_t, id, void __user *, addr)
+ {
+ uint cmds, type;
+ struct super_block *sb = NULL;
+--- a/fs/read_write.c
++++ b/fs/read_write.c
+@@ -334,7 +334,7 @@ static inline void file_pos_write(struct
+ file->f_pos = pos;
+ }
+
+-asmlinkage long sys_read(unsigned int fd, char __user * buf, size_t count)
++SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -351,7 +351,8 @@ asmlinkage long sys_read(unsigned int fd
+ return ret;
+ }
+
+-asmlinkage long sys_write(unsigned int fd, const char __user * buf, size_t count)
++SYSCALL_DEFINE3(write, unsigned int, fd, const char __user *, buf,
++ size_t, count)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -653,8 +654,8 @@ ssize_t vfs_writev(struct file *file, co
+
+ EXPORT_SYMBOL(vfs_writev);
+
+-asmlinkage long
+-sys_readv(unsigned long fd, const struct iovec __user *vec, unsigned long vlen)
++SYSCALL_DEFINE3(readv, unsigned long, fd, const struct iovec __user *, vec,
++ unsigned long, vlen)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
+@@ -674,8 +675,8 @@ sys_readv(unsigned long fd, const struct
+ return ret;
+ }
+
+-asmlinkage long
+-sys_writev(unsigned long fd, const struct iovec __user *vec, unsigned long vlen)
++SYSCALL_DEFINE3(writev, unsigned long, fd, const struct iovec __user *, vec,
++ unsigned long, vlen)
+ {
+ struct file *file;
+ ssize_t ret = -EBADF;
--- /dev/null
+From 20f37034fb966a1c35894f9fe529fda0b6440101 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:23 +0100
+Subject: [PATCH 31/44] [CVE-2009-0029] System call wrappers part 21
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 20f37034fb966a1c35894f9fe529fda0b6440101 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/readdir.c | 6 ++++--
+ net/socket.c | 26 +++++++++++++-------------
+ 2 files changed, 17 insertions(+), 15 deletions(-)
+
+--- a/fs/readdir.c
++++ b/fs/readdir.c
+@@ -187,7 +187,8 @@ efault:
+ return -EFAULT;
+ }
+
+-asmlinkage long sys_getdents(unsigned int fd, struct linux_dirent __user * dirent, unsigned int count)
++SYSCALL_DEFINE3(getdents, unsigned int, fd,
++ struct linux_dirent __user *, dirent, unsigned int, count)
+ {
+ struct file * file;
+ struct linux_dirent __user * lastdirent;
+@@ -271,7 +272,8 @@ efault:
+ return -EFAULT;
+ }
+
+-asmlinkage long sys_getdents64(unsigned int fd, struct linux_dirent64 __user * dirent, unsigned int count)
++SYSCALL_DEFINE3(getdents64, unsigned int, fd,
++ struct linux_dirent64 __user *, dirent, unsigned int, count)
+ {
+ struct file * file;
+ struct linux_dirent64 __user * lastdirent;
+--- a/net/socket.c
++++ b/net/socket.c
+@@ -1365,7 +1365,7 @@ out_fd:
+ * the protocol layer (having also checked the address is ok).
+ */
+
+-asmlinkage long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen)
++SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
+ {
+ struct socket *sock;
+ struct sockaddr_storage address;
+@@ -1567,8 +1567,8 @@ asmlinkage long sys_paccept(int fd, stru
+ #endif
+ #endif
+
+-asmlinkage long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr,
+- int __user *upeer_addrlen)
++SYSCALL_DEFINE3(accept, int, fd, struct sockaddr __user *, upeer_sockaddr,
++ int __user *, upeer_addrlen)
+ {
+ return do_accept(fd, upeer_sockaddr, upeer_addrlen, 0);
+ }
+@@ -1585,8 +1585,8 @@ asmlinkage long sys_accept(int fd, struc
+ * include the -EINPROGRESS status for such sockets.
+ */
+
+-asmlinkage long sys_connect(int fd, struct sockaddr __user *uservaddr,
+- int addrlen)
++SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
++ int, addrlen)
+ {
+ struct socket *sock;
+ struct sockaddr_storage address;
+@@ -1617,8 +1617,8 @@ out:
+ * name to user space.
+ */
+
+-asmlinkage long sys_getsockname(int fd, struct sockaddr __user *usockaddr,
+- int __user *usockaddr_len)
++SYSCALL_DEFINE3(getsockname, int, fd, struct sockaddr __user *, usockaddr,
++ int __user *, usockaddr_len)
+ {
+ struct socket *sock;
+ struct sockaddr_storage address;
+@@ -1648,8 +1648,8 @@ out:
+ * name to user space.
+ */
+
+-asmlinkage long sys_getpeername(int fd, struct sockaddr __user *usockaddr,
+- int __user *usockaddr_len)
++SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
++ int __user *, usockaddr_len)
+ {
+ struct socket *sock;
+ struct sockaddr_storage address;
+@@ -1790,8 +1790,8 @@ asmlinkage long sys_recv(int fd, void __
+ * to pass the user mode parameter for the protocols to sort out.
+ */
+
+-asmlinkage long sys_setsockopt(int fd, int level, int optname,
+- char __user *optval, int optlen)
++SYSCALL_DEFINE5(setsockopt, int, fd, int, level, int, optname,
++ char __user *, optval, int, optlen)
+ {
+ int err, fput_needed;
+ struct socket *sock;
+@@ -1824,8 +1824,8 @@ out_put:
+ * to pass a user mode parameter for the protocols to sort out.
+ */
+
+-asmlinkage long sys_getsockopt(int fd, int level, int optname,
+- char __user *optval, int __user *optlen)
++SYSCALL_DEFINE5(getsockopt, int, fd, int, level, int, optname,
++ char __user *, optval, int __user *, optlen)
+ {
+ int err, fput_needed;
+ struct socket *sock;
--- /dev/null
+From 3e0fa65f8ba4fd24b3dcfaf14d5b15eaab0fdc61 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:24 +0100
+Subject: [PATCH 32/44] [CVE-2009-0029] System call wrappers part 22
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 3e0fa65f8ba4fd24b3dcfaf14d5b15eaab0fdc61 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ net/socket.c | 31 ++++++++++++++++---------------
+ 1 file changed, 16 insertions(+), 15 deletions(-)
+
+--- a/net/socket.c
++++ b/net/socket.c
+@@ -1216,7 +1216,7 @@ int sock_create_kern(int family, int typ
+ return __sock_create(&init_net, family, type, protocol, res, 1);
+ }
+
+-asmlinkage long sys_socket(int family, int type, int protocol)
++SYSCALL_DEFINE3(socket, int, family, int, type, int, protocol)
+ {
+ int retval;
+ struct socket *sock;
+@@ -1257,8 +1257,8 @@ out_release:
+ * Create a pair of connected sockets.
+ */
+
+-asmlinkage long sys_socketpair(int family, int type, int protocol,
+- int __user *usockvec)
++SYSCALL_DEFINE4(socketpair, int, family, int, type, int, protocol,
++ int __user *, usockvec)
+ {
+ struct socket *sock1, *sock2;
+ int fd1, fd2, err;
+@@ -1394,7 +1394,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct so
+ * ready for listening.
+ */
+
+-asmlinkage long sys_listen(int fd, int backlog)
++SYSCALL_DEFINE2(listen, int, fd, int, backlog)
+ {
+ struct socket *sock;
+ int err, fput_needed;
+@@ -1680,9 +1680,9 @@ SYSCALL_DEFINE3(getpeername, int, fd, st
+ * the protocol.
+ */
+
+-asmlinkage long sys_sendto(int fd, void __user *buff, size_t len,
+- unsigned flags, struct sockaddr __user *addr,
+- int addr_len)
++SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
++ unsigned, flags, struct sockaddr __user *, addr,
++ int, addr_len)
+ {
+ struct socket *sock;
+ struct sockaddr_storage address;
+@@ -1725,7 +1725,8 @@ out:
+ * Send a datagram down a socket.
+ */
+
+-asmlinkage long sys_send(int fd, void __user *buff, size_t len, unsigned flags)
++SYSCALL_DEFINE4(send, int, fd, void __user *, buff, size_t, len,
++ unsigned, flags)
+ {
+ return sys_sendto(fd, buff, len, flags, NULL, 0);
+ }
+@@ -1736,9 +1737,9 @@ asmlinkage long sys_send(int fd, void __
+ * sender address from kernel to user space.
+ */
+
+-asmlinkage long sys_recvfrom(int fd, void __user *ubuf, size_t size,
+- unsigned flags, struct sockaddr __user *addr,
+- int __user *addr_len)
++SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
++ unsigned, flags, struct sockaddr __user *, addr,
++ int __user *, addr_len)
+ {
+ struct socket *sock;
+ struct iovec iov;
+@@ -1880,7 +1881,7 @@ SYSCALL_DEFINE2(shutdown, int, fd, int,
+ * BSD sendmsg interface
+ */
+
+-asmlinkage long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags)
++SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned, flags)
+ {
+ struct compat_msghdr __user *msg_compat =
+ (struct compat_msghdr __user *)msg;
+@@ -1986,8 +1987,8 @@ out:
+ * BSD recvmsg interface
+ */
+
+-asmlinkage long sys_recvmsg(int fd, struct msghdr __user *msg,
+- unsigned int flags)
++SYSCALL_DEFINE3(recvmsg, int, fd, struct msghdr __user *, msg,
++ unsigned int, flags)
+ {
+ struct compat_msghdr __user *msg_compat =
+ (struct compat_msghdr __user *)msg;
+@@ -2110,7 +2111,7 @@ static const unsigned char nargs[19]={
+ * it is set by the callees.
+ */
+
+-asmlinkage long sys_socketcall(int call, unsigned long __user *args)
++SYSCALL_DEFINE2(socketcall, int, call, unsigned long __user *, args)
+ {
+ unsigned long a[6];
+ unsigned long a0, a1;
--- /dev/null
+From 5a8a82b1d306a325d899b67715618413657efda4 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:25 +0100
+Subject: [PATCH 33/44] [CVE-2009-0029] System call wrappers part 23
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 5a8a82b1d306a325d899b67715618413657efda4 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/eventpoll.c | 18 +++++++++---------
+ fs/select.c | 8 ++++----
+ kernel/sys.c | 6 +++---
+ 3 files changed, 16 insertions(+), 16 deletions(-)
+
+--- a/fs/eventpoll.c
++++ b/fs/eventpoll.c
+@@ -1106,7 +1106,7 @@ retry:
+ /*
+ * Open an eventpoll file descriptor.
+ */
+-asmlinkage long sys_epoll_create1(int flags)
++SYSCALL_DEFINE1(epoll_create1, int, flags)
+ {
+ int error, fd = -1;
+ struct eventpoll *ep;
+@@ -1146,7 +1146,7 @@ error_return:
+ return fd;
+ }
+
+-asmlinkage long sys_epoll_create(int size)
++SYSCALL_DEFINE1(epoll_create, int, size)
+ {
+ if (size < 0)
+ return -EINVAL;
+@@ -1159,8 +1159,8 @@ asmlinkage long sys_epoll_create(int siz
+ * the eventpoll file that enables the insertion/removal/change of
+ * file descriptors inside the interest set.
+ */
+-asmlinkage long sys_epoll_ctl(int epfd, int op, int fd,
+- struct epoll_event __user *event)
++SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd,
++ struct epoll_event __user *, event)
+ {
+ int error;
+ struct file *file, *tfile;
+@@ -1257,8 +1257,8 @@ error_return:
+ * Implement the event wait interface for the eventpoll file. It is the kernel
+ * part of the user space epoll_wait(2).
+ */
+-asmlinkage long sys_epoll_wait(int epfd, struct epoll_event __user *events,
+- int maxevents, int timeout)
++SYSCALL_DEFINE4(epoll_wait, int, epfd, struct epoll_event __user *, events,
++ int, maxevents, int, timeout)
+ {
+ int error;
+ struct file *file;
+@@ -1315,9 +1315,9 @@ error_return:
+ * Implement the event wait interface for the eventpoll file. It is the kernel
+ * part of the user space epoll_pwait(2).
+ */
+-asmlinkage long sys_epoll_pwait(int epfd, struct epoll_event __user *events,
+- int maxevents, int timeout, const sigset_t __user *sigmask,
+- size_t sigsetsize)
++SYSCALL_DEFINE6(epoll_pwait, int, epfd, struct epoll_event __user *, events,
++ int, maxevents, int, timeout, const sigset_t __user *, sigmask,
++ size_t, sigsetsize)
+ {
+ int error;
+ sigset_t ksigmask, sigsaved;
+--- a/fs/select.c
++++ b/fs/select.c
+@@ -374,8 +374,8 @@ out_nofds:
+ return ret;
+ }
+
+-asmlinkage long sys_select(int n, fd_set __user *inp, fd_set __user *outp,
+- fd_set __user *exp, struct timeval __user *tvp)
++SYSCALL_DEFINE5(select, int, n, fd_set __user *, inp, fd_set __user *, outp,
++ fd_set __user *, exp, struct timeval __user *, tvp)
+ {
+ s64 timeout = -1;
+ struct timeval tv;
+@@ -727,8 +727,8 @@ static long do_restart_poll(struct resta
+ return ret;
+ }
+
+-asmlinkage long sys_poll(struct pollfd __user *ufds, unsigned int nfds,
+- long timeout_msecs)
++SYSCALL_DEFINE3(poll, struct pollfd __user *, ufds, unsigned int, nfds,
++ long, timeout_msecs)
+ {
+ s64 timeout_jiffies;
+ int ret;
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -1340,7 +1340,7 @@ asmlinkage long sys_newuname(struct new_
+ return errno;
+ }
+
+-asmlinkage long sys_sethostname(char __user *name, int len)
++SYSCALL_DEFINE2(sethostname, char __user *, name, int, len)
+ {
+ int errno;
+ char tmp[__NEW_UTS_LEN];
+@@ -1362,7 +1362,7 @@ asmlinkage long sys_sethostname(char __u
+
+ #ifdef __ARCH_WANT_SYS_GETHOSTNAME
+
+-asmlinkage long sys_gethostname(char __user *name, int len)
++SYSCALL_DEFINE2(gethostname, char __user *, name, int, len)
+ {
+ int i, errno;
+
+@@ -1385,7 +1385,7 @@ asmlinkage long sys_gethostname(char __u
+ * Only setdomainname; getdomainname can be implemented by calling
+ * uname()
+ */
+-asmlinkage long sys_setdomainname(char __user *name, int len)
++SYSCALL_DEFINE2(setdomainname, char __user *, name, int, len)
+ {
+ int errno;
+ char tmp[__NEW_UTS_LEN];
--- /dev/null
+From e48fbb699f82ef1e80bd7126046394d2dc9ca7e6 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:26 +0100
+Subject: [PATCH 34/44] [CVE-2009-0029] System call wrappers part 24
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit e48fbb699f82ef1e80bd7126046394d2dc9ca7e6 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ ipc/msg.c | 12 ++++++------
+ kernel/sys.c | 13 +++++++------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+--- a/ipc/msg.c
++++ b/ipc/msg.c
+@@ -309,7 +309,7 @@ static inline int msg_security(struct ke
+ return security_msg_queue_associate(msq, msgflg);
+ }
+
+-asmlinkage long sys_msgget(key_t key, int msgflg)
++SYSCALL_DEFINE2(msgget, key_t, key, int, msgflg)
+ {
+ struct ipc_namespace *ns;
+ struct ipc_ops msg_ops;
+@@ -466,7 +466,7 @@ out_up:
+ return err;
+ }
+
+-asmlinkage long sys_msgctl(int msqid, int cmd, struct msqid_ds __user *buf)
++SYSCALL_DEFINE3(msgctl, int, msqid, int, cmd, struct msqid_ds __user *, buf)
+ {
+ struct msg_queue *msq;
+ int err, version;
+@@ -723,8 +723,8 @@ out_free:
+ return err;
+ }
+
+-asmlinkage long
+-sys_msgsnd(int msqid, struct msgbuf __user *msgp, size_t msgsz, int msgflg)
++SYSCALL_DEFINE4(msgsnd, int, msqid, struct msgbuf __user *, msgp, size_t, msgsz,
++ int, msgflg)
+ {
+ long mtype;
+
+@@ -904,8 +904,8 @@ out_unlock:
+ return msgsz;
+ }
+
+-asmlinkage long sys_msgrcv(int msqid, struct msgbuf __user *msgp, size_t msgsz,
+- long msgtyp, int msgflg)
++SYSCALL_DEFINE5(msgrcv, int, msqid, struct msgbuf __user *, msgp, size_t, msgsz,
++ long, msgtyp, int, msgflg)
+ {
+ long err, mtype;
+
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -1329,7 +1329,7 @@ EXPORT_SYMBOL(in_egroup_p);
+
+ DECLARE_RWSEM(uts_sem);
+
+-asmlinkage long sys_newuname(struct new_utsname __user * name)
++SYSCALL_DEFINE1(newuname, struct new_utsname __user *, name)
+ {
+ int errno = 0;
+
+@@ -1406,7 +1406,7 @@ SYSCALL_DEFINE2(setdomainname, char __us
+ return errno;
+ }
+
+-asmlinkage long sys_getrlimit(unsigned int resource, struct rlimit __user *rlim)
++SYSCALL_DEFINE2(getrlimit, unsigned int, resource, struct rlimit __user *, rlim)
+ {
+ if (resource >= RLIM_NLIMITS)
+ return -EINVAL;
+@@ -1425,7 +1425,8 @@ asmlinkage long sys_getrlimit(unsigned i
+ * Back compatibility for getrlimit. Needed for some apps.
+ */
+
+-asmlinkage long sys_old_getrlimit(unsigned int resource, struct rlimit __user *rlim)
++SYSCALL_DEFINE2(old_getrlimit, unsigned int, resource,
++ struct rlimit __user *, rlim)
+ {
+ struct rlimit x;
+ if (resource >= RLIM_NLIMITS)
+@@ -1443,7 +1444,7 @@ asmlinkage long sys_old_getrlimit(unsign
+
+ #endif
+
+-asmlinkage long sys_setrlimit(unsigned int resource, struct rlimit __user *rlim)
++SYSCALL_DEFINE2(setrlimit, unsigned int, resource, struct rlimit __user *, rlim)
+ {
+ struct rlimit new_rlim, *old_rlim;
+ unsigned long it_prof_secs;
+@@ -1619,7 +1620,7 @@ int getrusage(struct task_struct *p, int
+ return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
+ }
+
+-asmlinkage long sys_getrusage(int who, struct rusage __user *ru)
++SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
+ {
+ if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN &&
+ who != RUSAGE_THREAD)
+@@ -1627,7 +1628,7 @@ asmlinkage long sys_getrusage(int who, s
+ return getrusage(current, who, ru);
+ }
+
+-asmlinkage long sys_umask(int mask)
++SYSCALL_DEFINE1(umask, int, mask)
+ {
+ mask = xchg(¤t->fs->umask, mask & S_IRWXUGO);
+ return mask;
--- /dev/null
+From d5460c9974a321a194aded4a8c4daaac68ea8171 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:27 +0100
+Subject: [PATCH 35/44] [CVE-2009-0029] System call wrappers part 25
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit d5460c9974a321a194aded4a8c4daaac68ea8171 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ ipc/mqueue.c | 6 +++---
+ ipc/sem.c | 9 +++++----
+ ipc/shm.c | 8 ++++----
+ 3 files changed, 12 insertions(+), 11 deletions(-)
+
+--- a/ipc/mqueue.c
++++ b/ipc/mqueue.c
+@@ -647,8 +647,8 @@ static int oflag2acc[O_ACCMODE] = { MAY_
+ return dentry_open(dentry, mqueue_mnt, oflag);
+ }
+
+-asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
+- struct mq_attr __user *u_attr)
++SYSCALL_DEFINE4(mq_open, const char __user *, u_name, int, oflag, mode_t, mode,
++ struct mq_attr __user *, u_attr)
+ {
+ struct dentry *dentry;
+ struct file *filp;
+@@ -715,7 +715,7 @@ out_putname:
+ return fd;
+ }
+
+-asmlinkage long sys_mq_unlink(const char __user *u_name)
++SYSCALL_DEFINE1(mq_unlink, const char __user *, u_name)
+ {
+ int err;
+ char *name;
+--- a/ipc/sem.c
++++ b/ipc/sem.c
+@@ -308,7 +308,7 @@ static inline int sem_more_checks(struct
+ return 0;
+ }
+
+-asmlinkage long sys_semget(key_t key, int nsems, int semflg)
++SYSCALL_DEFINE3(semget, key_t, key, int, nsems, int, semflg)
+ {
+ struct ipc_namespace *ns;
+ struct ipc_ops sem_ops;
+@@ -1055,8 +1055,8 @@ out:
+ return un;
+ }
+
+-asmlinkage long sys_semtimedop(int semid, struct sembuf __user *tsops,
+- unsigned nsops, const struct timespec __user *timeout)
++SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops,
++ unsigned, nsops, const struct timespec __user *, timeout)
+ {
+ int error = -EINVAL;
+ struct sem_array *sma;
+@@ -1233,7 +1233,8 @@ out_free:
+ return error;
+ }
+
+-asmlinkage long sys_semop (int semid, struct sembuf __user *tsops, unsigned nsops)
++SYSCALL_DEFINE3(semop, int, semid, struct sembuf __user *, tsops,
++ unsigned, nsops)
+ {
+ return sys_semtimedop(semid, tsops, nsops, NULL);
+ }
+--- a/ipc/shm.c
++++ b/ipc/shm.c
+@@ -440,7 +440,7 @@ static inline int shm_more_checks(struct
+ return 0;
+ }
+
+-asmlinkage long sys_shmget (key_t key, size_t size, int shmflg)
++SYSCALL_DEFINE3(shmget, key_t, key, size_t, size, int, shmflg)
+ {
+ struct ipc_namespace *ns;
+ struct ipc_ops shm_ops;
+@@ -621,7 +621,7 @@ out_up:
+ return err;
+ }
+
+-asmlinkage long sys_shmctl(int shmid, int cmd, struct shmid_ds __user *buf)
++SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, struct shmid_ds __user *, buf)
+ {
+ struct shmid_kernel *shp;
+ int err, version;
+@@ -941,7 +941,7 @@ out_put_dentry:
+ goto out_nattch;
+ }
+
+-asmlinkage long sys_shmat(int shmid, char __user *shmaddr, int shmflg)
++SYSCALL_DEFINE3(shmat, int, shmid, char __user *, shmaddr, int, shmflg)
+ {
+ unsigned long ret;
+ long err;
+@@ -957,7 +957,7 @@ asmlinkage long sys_shmat(int shmid, cha
+ * detach and kill segment if marked destroyed.
+ * The work is done in shm_close.
+ */
+-asmlinkage long sys_shmdt(char __user *shmaddr)
++SYSCALL_DEFINE1(shmdt, char __user *, shmaddr)
+ {
+ struct mm_struct *mm = current->mm;
+ struct vm_area_struct *vma, *next;
--- /dev/null
+From c4ea37c26a691ad0b7e86aa5884aab27830e95c9 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:28 +0100
+Subject: [PATCH 36/44] [CVE-2009-0029] System call wrappers part 26
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit c4ea37c26a691ad0b7e86aa5884aab27830e95c9 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ drivers/pci/syscall.c | 12 ++++--------
+ ipc/mqueue.c | 22 +++++++++++-----------
+ kernel/sys.c | 4 ++--
+ mm/swapfile.c | 4 ++--
+ 4 files changed, 19 insertions(+), 23 deletions(-)
+
+--- a/drivers/pci/syscall.c
++++ b/drivers/pci/syscall.c
+@@ -14,10 +14,8 @@
+ #include <asm/uaccess.h>
+ #include "pci.h"
+
+-asmlinkage long
+-sys_pciconfig_read(unsigned long bus, unsigned long dfn,
+- unsigned long off, unsigned long len,
+- void __user *buf)
++SYSCALL_DEFINE5(pciconfig_read, unsigned long, bus, unsigned long, dfn,
++ unsigned long, off, unsigned long, len, void __user *, buf)
+ {
+ struct pci_dev *dev;
+ u8 byte;
+@@ -86,10 +84,8 @@ error:
+ return err;
+ }
+
+-asmlinkage long
+-sys_pciconfig_write(unsigned long bus, unsigned long dfn,
+- unsigned long off, unsigned long len,
+- void __user *buf)
++SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn,
++ unsigned long, off, unsigned long, len, void __user *, buf)
+ {
+ struct pci_dev *dev;
+ u8 byte;
+--- a/ipc/mqueue.c
++++ b/ipc/mqueue.c
+@@ -808,9 +808,9 @@ static inline void pipelined_receive(str
+ sender->state = STATE_READY;
+ }
+
+-asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
+- size_t msg_len, unsigned int msg_prio,
+- const struct timespec __user *u_abs_timeout)
++SYSCALL_DEFINE5(mq_timedsend, mqd_t, mqdes, const char __user *, u_msg_ptr,
++ size_t, msg_len, unsigned int, msg_prio,
++ const struct timespec __user *, u_abs_timeout)
+ {
+ struct file *filp;
+ struct inode *inode;
+@@ -896,9 +896,9 @@ out:
+ return ret;
+ }
+
+-asmlinkage long sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
+- size_t msg_len, unsigned int __user *u_msg_prio,
+- const struct timespec __user *u_abs_timeout)
++SYSCALL_DEFINE5(mq_timedreceive, mqd_t, mqdes, char __user *, u_msg_ptr,
++ size_t, msg_len, unsigned int __user *, u_msg_prio,
++ const struct timespec __user *, u_abs_timeout)
+ {
+ long timeout;
+ ssize_t ret;
+@@ -981,8 +981,8 @@ out:
+ * and he isn't currently owner of notification, will be silently discarded.
+ * It isn't explicitly defined in the POSIX.
+ */
+-asmlinkage long sys_mq_notify(mqd_t mqdes,
+- const struct sigevent __user *u_notification)
++SYSCALL_DEFINE2(mq_notify, mqd_t, mqdes,
++ const struct sigevent __user *, u_notification)
+ {
+ int ret;
+ struct file *filp;
+@@ -1107,9 +1107,9 @@ out:
+ return ret;
+ }
+
+-asmlinkage long sys_mq_getsetattr(mqd_t mqdes,
+- const struct mq_attr __user *u_mqstat,
+- struct mq_attr __user *u_omqstat)
++SYSCALL_DEFINE3(mq_getsetattr, mqd_t, mqdes,
++ const struct mq_attr __user *, u_mqstat,
++ struct mq_attr __user *, u_omqstat)
+ {
+ int ret;
+ struct mq_attr mqstat, omqstat;
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -1634,8 +1634,8 @@ SYSCALL_DEFINE1(umask, int, mask)
+ return mask;
+ }
+
+-asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3,
+- unsigned long arg4, unsigned long arg5)
++SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
++ unsigned long, arg4, unsigned long, arg5)
+ {
+ long error = 0;
+
+--- a/mm/swapfile.c
++++ b/mm/swapfile.c
+@@ -1204,7 +1204,7 @@ int page_queue_congested(struct page *pa
+ }
+ #endif
+
+-asmlinkage long sys_swapoff(const char __user * specialfile)
++SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
+ {
+ struct swap_info_struct * p = NULL;
+ unsigned short *swap_map;
+@@ -1448,7 +1448,7 @@ __initcall(procswaps_init);
+ *
+ * The swapon system call
+ */
+-asmlinkage long sys_swapon(const char __user * specialfile, int swap_flags)
++SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
+ {
+ struct swap_info_struct * p;
+ char *name = NULL;
--- /dev/null
+From 1e7bfb2134dfec37ce04fb3a4ca89299e892d10c Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:29 +0100
+Subject: [PATCH 37/44] [CVE-2009-0029] System call wrappers part 27
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 1e7bfb2134dfec37ce04fb3a4ca89299e892d10c upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/exec.c | 2 +-
+ fs/filesystems.c | 2 +-
+ fs/nfsctl.c | 4 ++--
+ kernel/printk.c | 2 +-
+ kernel/ptrace.c | 2 +-
+ kernel/sysctl.c | 4 ++--
+ kernel/timer.c | 2 +-
+ security/keys/keyctl.c | 18 +++++++++---------
+ 8 files changed, 18 insertions(+), 18 deletions(-)
+
+--- a/fs/exec.c
++++ b/fs/exec.c
+@@ -105,7 +105,7 @@ static inline void put_binfmt(struct lin
+ *
+ * Also note that we take the address to load from from the file itself.
+ */
+-asmlinkage long sys_uselib(const char __user * library)
++SYSCALL_DEFINE1(uselib, const char __user *, library)
+ {
+ struct file *file;
+ struct nameidata nd;
+--- a/fs/filesystems.c
++++ b/fs/filesystems.c
+@@ -177,7 +177,7 @@ static int fs_maxindex(void)
+ /*
+ * Whee.. Weird sysv syscall.
+ */
+-asmlinkage long sys_sysfs(int option, unsigned long arg1, unsigned long arg2)
++SYSCALL_DEFINE3(sysfs, int, option, unsigned long, arg1, unsigned long, arg2)
+ {
+ int retval = -EINVAL;
+
+--- a/fs/nfsctl.c
++++ b/fs/nfsctl.c
+@@ -82,8 +82,8 @@ static struct {
+ },
+ };
+
+-long
+-asmlinkage sys_nfsservctl(int cmd, struct nfsctl_arg __user *arg, void __user *res)
++SYSCALL_DEFINE3(nfsservctl, int, cmd, struct nfsctl_arg __user *, arg,
++ void __user *, res)
+ {
+ struct file *file;
+ void __user *p = &arg->u;
+--- a/kernel/printk.c
++++ b/kernel/printk.c
+@@ -421,7 +421,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_syslog(int type, char __user *buf, int len)
++SYSCALL_DEFINE3(syslog, int, type, char __user *, buf, int, len)
+ {
+ return do_syslog(type, buf, len);
+ }
+--- a/kernel/ptrace.c
++++ b/kernel/ptrace.c
+@@ -545,7 +545,7 @@ struct task_struct *ptrace_get_task_stru
+ #define arch_ptrace_attach(child) do { } while (0)
+ #endif
+
+-asmlinkage long sys_ptrace(long request, long pid, long addr, long data)
++SYSCALL_DEFINE4(ptrace, long, request, long, pid, long, addr, long, data)
+ {
+ struct task_struct *child;
+ long ret;
+--- a/kernel/sysctl.c
++++ b/kernel/sysctl.c
+@@ -1614,7 +1614,7 @@ int do_sysctl(int __user *name, int nlen
+ return error;
+ }
+
+-asmlinkage long sys_sysctl(struct __sysctl_args __user *args)
++SYSCALL_DEFINE1(sysctl, struct __sysctl_args __user *, args)
+ {
+ struct __sysctl_args tmp;
+ int error;
+@@ -2925,7 +2925,7 @@ int sysctl_ms_jiffies(struct ctl_table *
+ #else /* CONFIG_SYSCTL_SYSCALL */
+
+
+-asmlinkage long sys_sysctl(struct __sysctl_args __user *args)
++SYSCALL_DEFINE1(sysctl, struct __sysctl_args __user *, args)
+ {
+ struct __sysctl_args tmp;
+ int error;
+--- a/kernel/timer.c
++++ b/kernel/timer.c
+@@ -1345,7 +1345,7 @@ out:
+ return 0;
+ }
+
+-asmlinkage long sys_sysinfo(struct sysinfo __user *info)
++SYSCALL_DEFINE1(sysinfo, struct sysinfo __user *, info)
+ {
+ struct sysinfo val;
+
+--- a/security/keys/keyctl.c
++++ b/security/keys/keyctl.c
+@@ -54,11 +54,11 @@ static int key_get_type_from_user(char *
+ * - returns the new key's serial number
+ * - implements add_key()
+ */
+-asmlinkage long sys_add_key(const char __user *_type,
+- const char __user *_description,
+- const void __user *_payload,
+- size_t plen,
+- key_serial_t ringid)
++SYSCALL_DEFINE5(add_key, const char __user *, _type,
++ const char __user *, _description,
++ const void __user *, _payload,
++ size_t, plen,
++ key_serial_t, ringid)
+ {
+ key_ref_t keyring_ref, key_ref;
+ char type[32], *description;
+@@ -146,10 +146,10 @@ asmlinkage long sys_add_key(const char _
+ * - if the _callout_info string is empty, it will be rendered as "-"
+ * - implements request_key()
+ */
+-asmlinkage long sys_request_key(const char __user *_type,
+- const char __user *_description,
+- const char __user *_callout_info,
+- key_serial_t destringid)
++SYSCALL_DEFINE4(request_key, const char __user *, _type,
++ const char __user *, _description,
++ const char __user *, _callout_info,
++ key_serial_t, destringid)
+ {
+ struct key_type *ktype;
+ struct key *key;
--- /dev/null
+From 938bb9f5e840eddbf54e4f62f6c5ba9b3ae12c9d Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:30 +0100
+Subject: [PATCH 38/44] [CVE-2009-0029] System call wrappers part 28
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 938bb9f5e840eddbf54e4f62f6c5ba9b3ae12c9d upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/inotify_user.c | 4 ++--
+ fs/ioprio.c | 5 ++---
+ mm/mempolicy.c | 24 +++++++++++-------------
+ mm/migrate.c | 8 ++++----
+ security/keys/keyctl.c | 4 ++--
+ 5 files changed, 21 insertions(+), 24 deletions(-)
+
+--- a/fs/inotify_user.c
++++ b/fs/inotify_user.c
+@@ -579,7 +579,7 @@ static const struct inotify_operations i
+ .destroy_watch = free_inotify_user_watch,
+ };
+
+-asmlinkage long sys_inotify_init1(int flags)
++SYSCALL_DEFINE1(inotify_init1, int, flags)
+ {
+ struct inotify_device *dev;
+ struct inotify_handle *ih;
+@@ -658,7 +658,7 @@ out_put_fd:
+ return ret;
+ }
+
+-asmlinkage long sys_inotify_init(void)
++SYSCALL_DEFINE0(inotify_init)
+ {
+ return sys_inotify_init1(0);
+ }
+--- a/fs/ioprio.c
++++ b/fs/ioprio.c
+@@ -65,7 +65,7 @@ static int set_task_ioprio(struct task_s
+ return err;
+ }
+
+-asmlinkage long sys_ioprio_set(int which, int who, int ioprio)
++SYSCALL_DEFINE3(ioprio_set, int, which, int, who, int, ioprio)
+ {
+ int class = IOPRIO_PRIO_CLASS(ioprio);
+ int data = IOPRIO_PRIO_DATA(ioprio);
+@@ -181,7 +181,7 @@ int ioprio_best(unsigned short aprio, un
+ return aprio;
+ }
+
+-asmlinkage long sys_ioprio_get(int which, int who)
++SYSCALL_DEFINE2(ioprio_get, int, which, int, who)
+ {
+ struct task_struct *g, *p;
+ struct user_struct *user;
+@@ -245,4 +245,3 @@ asmlinkage long sys_ioprio_get(int which
+ read_unlock(&tasklist_lock);
+ return ret;
+ }
+-
+--- a/mm/mempolicy.c
++++ b/mm/mempolicy.c
+@@ -1059,10 +1059,9 @@ static int copy_nodes_to_user(unsigned l
+ return copy_to_user(mask, nodes_addr(*nodes), copy) ? -EFAULT : 0;
+ }
+
+-asmlinkage long sys_mbind(unsigned long start, unsigned long len,
+- unsigned long mode,
+- unsigned long __user *nmask, unsigned long maxnode,
+- unsigned flags)
++SYSCALL_DEFINE6(mbind, unsigned long, start, unsigned long, len,
++ unsigned long, mode, unsigned long __user *, nmask,
++ unsigned long, maxnode, unsigned, flags)
+ {
+ nodemask_t nodes;
+ int err;
+@@ -1082,8 +1081,8 @@ asmlinkage long sys_mbind(unsigned long
+ }
+
+ /* Set the process memory policy */
+-asmlinkage long sys_set_mempolicy(int mode, unsigned long __user *nmask,
+- unsigned long maxnode)
++SYSCALL_DEFINE3(set_mempolicy, int, mode, unsigned long __user *, nmask,
++ unsigned long, maxnode)
+ {
+ int err;
+ nodemask_t nodes;
+@@ -1101,9 +1100,9 @@ asmlinkage long sys_set_mempolicy(int mo
+ return do_set_mempolicy(mode, flags, &nodes);
+ }
+
+-asmlinkage long sys_migrate_pages(pid_t pid, unsigned long maxnode,
+- const unsigned long __user *old_nodes,
+- const unsigned long __user *new_nodes)
++SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode,
++ const unsigned long __user *, old_nodes,
++ const unsigned long __user *, new_nodes)
+ {
+ struct mm_struct *mm;
+ struct task_struct *task;
+@@ -1171,10 +1170,9 @@ out:
+
+
+ /* Retrieve NUMA policy */
+-asmlinkage long sys_get_mempolicy(int __user *policy,
+- unsigned long __user *nmask,
+- unsigned long maxnode,
+- unsigned long addr, unsigned long flags)
++SYSCALL_DEFINE5(get_mempolicy, int __user *, policy,
++ unsigned long __user *, nmask, unsigned long, maxnode,
++ unsigned long, addr, unsigned long, flags)
+ {
+ int err;
+ int uninitialized_var(pval);
+--- a/mm/migrate.c
++++ b/mm/migrate.c
+@@ -979,10 +979,10 @@ set_status:
+ * Move a list of pages in the address space of the currently executing
+ * process.
+ */
+-asmlinkage long sys_move_pages(pid_t pid, unsigned long nr_pages,
+- const void __user * __user *pages,
+- const int __user *nodes,
+- int __user *status, int flags)
++SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages,
++ const void __user * __user *, pages,
++ const int __user *, nodes,
++ int __user *, status, int, flags)
+ {
+ int err = 0;
+ int i;
+--- a/security/keys/keyctl.c
++++ b/security/keys/keyctl.c
+@@ -1152,8 +1152,8 @@ long keyctl_get_security(key_serial_t ke
+ /*
+ * the key control system call
+ */
+-asmlinkage long sys_keyctl(int option, unsigned long arg2, unsigned long arg3,
+- unsigned long arg4, unsigned long arg5)
++SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3,
++ unsigned long, arg4, unsigned long, arg5)
+ {
+ switch (option) {
+ case KEYCTL_GET_KEYRING_ID:
--- /dev/null
+From 2e4d0924eb0c403ce4014fa139d1d61bf2c44fee Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:31 +0100
+Subject: [PATCH 39/44] [CVE-2009-0029] System call wrappers part 29
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 2e4d0924eb0c403ce4014fa139d1d61bf2c44fee upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/inotify_user.c | 5 +++--
+ fs/namei.c | 21 ++++++++++-----------
+ 2 files changed, 13 insertions(+), 13 deletions(-)
+
+--- a/fs/inotify_user.c
++++ b/fs/inotify_user.c
+@@ -663,7 +663,8 @@ SYSCALL_DEFINE0(inotify_init)
+ return sys_inotify_init1(0);
+ }
+
+-asmlinkage long sys_inotify_add_watch(int fd, const char __user *pathname, u32 mask)
++SYSCALL_DEFINE3(inotify_add_watch, int, fd, const char __user *, pathname,
++ u32, mask)
+ {
+ struct inode *inode;
+ struct inotify_device *dev;
+@@ -707,7 +708,7 @@ fput_and_out:
+ return ret;
+ }
+
+-asmlinkage long sys_inotify_rm_watch(int fd, __s32 wd)
++SYSCALL_DEFINE2(inotify_rm_watch, int, fd, __s32, wd)
+ {
+ struct file *filp;
+ struct inotify_device *dev;
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -1990,8 +1990,8 @@ static int may_mknod(mode_t mode)
+ }
+ }
+
+-asmlinkage long sys_mknodat(int dfd, const char __user *filename, int mode,
+- unsigned dev)
++SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
++ unsigned, dev)
+ {
+ int error;
+ char *tmp;
+@@ -2068,7 +2068,7 @@ int vfs_mkdir(struct inode *dir, struct
+ return error;
+ }
+
+-asmlinkage long sys_mkdirat(int dfd, const char __user *pathname, int mode)
++SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode)
+ {
+ int error = 0;
+ char * tmp;
+@@ -2297,7 +2297,7 @@ slashes:
+ goto exit2;
+ }
+
+-asmlinkage long sys_unlinkat(int dfd, const char __user *pathname, int flag)
++SYSCALL_DEFINE3(unlinkat, int, dfd, const char __user *, pathname, int, flag)
+ {
+ if ((flag & ~AT_REMOVEDIR) != 0)
+ return -EINVAL;
+@@ -2334,8 +2334,8 @@ int vfs_symlink(struct inode *dir, struc
+ return error;
+ }
+
+-asmlinkage long sys_symlinkat(const char __user *oldname,
+- int newdfd, const char __user *newname)
++SYSCALL_DEFINE3(symlinkat, const char __user *, oldname,
++ int, newdfd, const char __user *, newname)
+ {
+ int error;
+ char *from;
+@@ -2424,9 +2424,8 @@ int vfs_link(struct dentry *old_dentry,
+ * with linux 2.0, and to avoid hard-linking to directories
+ * and other special files. --ADM
+ */
+-asmlinkage long sys_linkat(int olddfd, const char __user *oldname,
+- int newdfd, const char __user *newname,
+- int flags)
++SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
++ int, newdfd, const char __user *, newname, int, flags)
+ {
+ struct dentry *new_dentry;
+ struct nameidata nd;
+@@ -2622,8 +2621,8 @@ int vfs_rename(struct inode *old_dir, st
+ return error;
+ }
+
+-asmlinkage long sys_renameat(int olddfd, const char __user *oldname,
+- int newdfd, const char __user *newname)
++SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
++ int, newdfd, const char __user *, newname)
+ {
+ struct dentry *old_dir, *new_dir;
+ struct dentry *old_dentry, *new_dentry;
--- /dev/null
+From 6559eed8ca7db0531a207cd80be5e28cd6f213c5 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:32 +0100
+Subject: [PATCH 40/44] [CVE-2009-0029] System call wrappers part 30
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 6559eed8ca7db0531a207cd80be5e28cd6f213c5 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/open.c | 13 ++++++-------
+ fs/stat.c | 12 ++++++------
+ fs/utimes.c | 6 ++++--
+ kernel/fork.c | 2 +-
+ 4 files changed, 17 insertions(+), 16 deletions(-)
+
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -442,7 +442,7 @@ SYSCALL_ALIAS(sys_fallocate, SyS_falloca
+ * We do this by temporarily clearing all FS-related capabilities and
+ * switching the fsuid/fsgid around to the real ones.
+ */
+-asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
++SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
+ {
+ struct path path;
+ struct inode *inode;
+@@ -633,8 +633,7 @@ out:
+ return err;
+ }
+
+-asmlinkage long sys_fchmodat(int dfd, const char __user *filename,
+- mode_t mode)
++SYSCALL_DEFINE3(fchmodat, int, dfd, const char __user *, filename, mode_t, mode)
+ {
+ struct path path;
+ struct inode *inode;
+@@ -712,8 +711,8 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
+- gid_t group, int flag)
++SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user,
++ gid_t, group, int, flag)
+ {
+ struct path path;
+ int error = -EINVAL;
+@@ -1060,8 +1059,8 @@ SYSCALL_DEFINE3(open, const char __user
+ return ret;
+ }
+
+-asmlinkage long sys_openat(int dfd, const char __user *filename, int flags,
+- int mode)
++SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags,
++ int, mode)
+ {
+ long ret;
+
+--- a/fs/stat.c
++++ b/fs/stat.c
+@@ -260,8 +260,8 @@ SYSCALL_DEFINE2(newlstat, char __user *,
+ }
+
+ #if !defined(__ARCH_WANT_STAT64) || defined(__ARCH_WANT_SYS_NEWFSTATAT)
+-asmlinkage long sys_newfstatat(int dfd, char __user *filename,
+- struct stat __user *statbuf, int flag)
++SYSCALL_DEFINE4(newfstatat, int, dfd, char __user *, filename,
++ struct stat __user *, statbuf, int, flag)
+ {
+ struct kstat stat;
+ int error = -EINVAL;
+@@ -293,8 +293,8 @@ SYSCALL_DEFINE2(newfstat, unsigned int,
+ return error;
+ }
+
+-asmlinkage long sys_readlinkat(int dfd, const char __user *pathname,
+- char __user *buf, int bufsiz)
++SYSCALL_DEFINE4(readlinkat, int, dfd, const char __user *, pathname,
++ char __user *, buf, int, bufsiz)
+ {
+ struct path path;
+ int error;
+@@ -400,8 +400,8 @@ SYSCALL_DEFINE2(fstat64, unsigned long,
+ return error;
+ }
+
+-asmlinkage long sys_fstatat64(int dfd, char __user *filename,
+- struct stat64 __user *statbuf, int flag)
++SYSCALL_DEFINE4(fstatat64, int, dfd, char __user *, filename,
++ struct stat64 __user *, statbuf, int, flag)
+ {
+ struct kstat stat;
+ int error = -EINVAL;
+--- a/fs/utimes.c
++++ b/fs/utimes.c
+@@ -170,7 +170,8 @@ out:
+ return error;
+ }
+
+-asmlinkage long sys_utimensat(int dfd, char __user *filename, struct timespec __user *utimes, int flags)
++SYSCALL_DEFINE4(utimensat, int, dfd, char __user *, filename,
++ struct timespec __user *, utimes, int, flags)
+ {
+ struct timespec tstimes[2];
+
+@@ -187,7 +188,8 @@ asmlinkage long sys_utimensat(int dfd, c
+ return do_utimes(dfd, filename, utimes ? tstimes : NULL, flags);
+ }
+
+-asmlinkage long sys_futimesat(int dfd, char __user *filename, struct timeval __user *utimes)
++SYSCALL_DEFINE3(futimesat, int, dfd, char __user *, filename,
++ struct timeval __user *, utimes)
+ {
+ struct timeval times[2];
+ struct timespec tstimes[2];
+--- a/kernel/fork.c
++++ b/kernel/fork.c
+@@ -1561,7 +1561,7 @@ static int unshare_fd(unsigned long unsh
+ * constructed. Here we are modifying the current, active,
+ * task_struct.
+ */
+-asmlinkage long sys_unshare(unsigned long unshare_flags)
++SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
+ {
+ int err = 0;
+ struct fs_struct *fs, *new_fs = NULL;
--- /dev/null
+From 836f92adf121f806e9beb5b6b88bd5c9c4ea3f24 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:33 +0100
+Subject: [PATCH 41/44] [CVE-2009-0029] System call wrappers part 31
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 836f92adf121f806e9beb5b6b88bd5c9c4ea3f24 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/signalfd.c | 8 ++++----
+ fs/splice.c | 12 ++++++------
+ fs/timerfd.c | 8 ++++----
+ kernel/futex.c | 11 +++++------
+ kernel/sys.c | 4 ++--
+ 5 files changed, 21 insertions(+), 22 deletions(-)
+
+--- a/fs/signalfd.c
++++ b/fs/signalfd.c
+@@ -205,8 +205,8 @@ static const struct file_operations sign
+ .read = signalfd_read,
+ };
+
+-asmlinkage long sys_signalfd4(int ufd, sigset_t __user *user_mask,
+- size_t sizemask, int flags)
++SYSCALL_DEFINE4(signalfd4, int, ufd, sigset_t __user *, user_mask,
++ size_t, sizemask, int, flags)
+ {
+ sigset_t sigmask;
+ struct signalfd_ctx *ctx;
+@@ -259,8 +259,8 @@ asmlinkage long sys_signalfd4(int ufd, s
+ return ufd;
+ }
+
+-asmlinkage long sys_signalfd(int ufd, sigset_t __user *user_mask,
+- size_t sizemask)
++SYSCALL_DEFINE3(signalfd, int, ufd, sigset_t __user *, user_mask,
++ size_t, sizemask)
+ {
+ return sys_signalfd4(ufd, user_mask, sizemask, 0);
+ }
+--- a/fs/splice.c
++++ b/fs/splice.c
+@@ -1434,8 +1434,8 @@ static long vmsplice_to_pipe(struct file
+ * Currently we punt and implement it as a normal copy, see pipe_to_user().
+ *
+ */
+-asmlinkage long sys_vmsplice(int fd, const struct iovec __user *iov,
+- unsigned long nr_segs, unsigned int flags)
++SYSCALL_DEFINE4(vmsplice, int, fd, const struct iovec __user *, iov,
++ unsigned long, nr_segs, unsigned int, flags)
+ {
+ struct file *file;
+ long error;
+@@ -1460,9 +1460,9 @@ asmlinkage long sys_vmsplice(int fd, con
+ return error;
+ }
+
+-asmlinkage long sys_splice(int fd_in, loff_t __user *off_in,
+- int fd_out, loff_t __user *off_out,
+- size_t len, unsigned int flags)
++SYSCALL_DEFINE6(splice, int, fd_in, loff_t __user *, off_in,
++ int, fd_out, loff_t __user *, off_out,
++ size_t, len, unsigned int, flags)
+ {
+ long error;
+ struct file *in, *out;
+@@ -1684,7 +1684,7 @@ static long do_tee(struct file *in, stru
+ return ret;
+ }
+
+-asmlinkage long sys_tee(int fdin, int fdout, size_t len, unsigned int flags)
++SYSCALL_DEFINE4(tee, int, fdin, int, fdout, size_t, len, unsigned int, flags)
+ {
+ struct file *in;
+ int error, fput_in;
+--- a/fs/timerfd.c
++++ b/fs/timerfd.c
+@@ -179,7 +179,7 @@ static struct file *timerfd_fget(int fd)
+ return file;
+ }
+
+-asmlinkage long sys_timerfd_create(int clockid, int flags)
++SYSCALL_DEFINE2(timerfd_create, int, clockid, int, flags)
+ {
+ int ufd;
+ struct timerfd_ctx *ctx;
+@@ -210,9 +210,9 @@ asmlinkage long sys_timerfd_create(int c
+ return ufd;
+ }
+
+-asmlinkage long sys_timerfd_settime(int ufd, int flags,
+- const struct itimerspec __user *utmr,
+- struct itimerspec __user *otmr)
++SYSCALL_DEFINE4(timerfd_settime, int, ufd, int, flags,
++ const struct itimerspec __user *, utmr,
++ struct itimerspec __user *, otmr)
+ {
+ struct file *file;
+ struct timerfd_ctx *ctx;
+--- a/kernel/futex.c
++++ b/kernel/futex.c
+@@ -1797,9 +1797,8 @@ pi_faulted:
+ * @head: pointer to the list-head
+ * @len: length of the list-head, as userspace expects
+ */
+-asmlinkage long
+-sys_set_robust_list(struct robust_list_head __user *head,
+- size_t len)
++SYSCALL_DEFINE2(set_robust_list, struct robust_list_head __user *, head,
++ size_t, len)
+ {
+ if (!futex_cmpxchg_enabled)
+ return -ENOSYS;
+@@ -1820,9 +1819,9 @@ sys_set_robust_list(struct robust_list_h
+ * @head_ptr: pointer to a list-head pointer, the kernel fills it in
+ * @len_ptr: pointer to a length field, the kernel fills in the header size
+ */
+-asmlinkage long
+-sys_get_robust_list(int pid, struct robust_list_head __user * __user *head_ptr,
+- size_t __user *len_ptr)
++SYSCALL_DEFINE3(get_robust_list, int, pid,
++ struct robust_list_head __user * __user *, head_ptr,
++ size_t __user *, len_ptr)
+ {
+ struct robust_list_head __user *head;
+ unsigned long ret;
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -1736,8 +1736,8 @@ SYSCALL_DEFINE5(prctl, int, option, unsi
+ return error;
+ }
+
+-asmlinkage long sys_getcpu(unsigned __user *cpup, unsigned __user *nodep,
+- struct getcpu_cache __user *unused)
++SYSCALL_DEFINE3(getcpu, unsigned __user *, cpup, unsigned __user *, nodep,
++ struct getcpu_cache __user *, unused)
+ {
+ int err = 0;
+ int cpu = raw_smp_processor_id();
--- /dev/null
+From d4e82042c4cfa87a7d51710b71f568fe80132551 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:34 +0100
+Subject: [PATCH 42/44] [CVE-2009-0029] System call wrappers part 32
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit d4e82042c4cfa87a7d51710b71f568fe80132551 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/eventfd.c | 5 ++---
+ fs/pipe.c | 2 +-
+ fs/readdir.c | 3 ++-
+ fs/select.c | 11 ++++++-----
+ fs/timerfd.c | 2 +-
+ include/linux/syscalls.h | 7 +++++++
+ kernel/signal.c | 11 +++++------
+ 7 files changed, 24 insertions(+), 17 deletions(-)
+
+--- a/fs/eventfd.c
++++ b/fs/eventfd.c
+@@ -198,7 +198,7 @@ struct file *eventfd_fget(int fd)
+ return file;
+ }
+
+-asmlinkage long sys_eventfd2(unsigned int count, int flags)
++SYSCALL_DEFINE2(eventfd2, unsigned int, count, int, flags)
+ {
+ int fd;
+ struct eventfd_ctx *ctx;
+@@ -228,8 +228,7 @@ asmlinkage long sys_eventfd2(unsigned in
+ return fd;
+ }
+
+-asmlinkage long sys_eventfd(unsigned int count)
++SYSCALL_DEFINE1(eventfd, unsigned int, count)
+ {
+ return sys_eventfd2(count, 0);
+ }
+-
+--- a/fs/pipe.c
++++ b/fs/pipe.c
+@@ -1051,7 +1051,7 @@ int do_pipe(int *fd)
+ * sys_pipe() is the normal C calling standard for creating
+ * a pipe. It's not the way Unix traditionally does this, though.
+ */
+-asmlinkage long sys_pipe2(int __user *fildes, int flags)
++SYSCALL_DEFINE2(pipe2, int __user *, fildes, int, flags)
+ {
+ int fd[2];
+ int error;
+--- a/fs/readdir.c
++++ b/fs/readdir.c
+@@ -102,7 +102,8 @@ efault:
+ return -EFAULT;
+ }
+
+-asmlinkage long sys_old_readdir(unsigned int fd, struct old_linux_dirent __user * dirent, unsigned int count)
++SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
++ struct old_linux_dirent __user *, dirent, unsigned int, count)
+ {
+ int error;
+ struct file * file;
+--- a/fs/select.c
++++ b/fs/select.c
+@@ -513,8 +513,9 @@ sticky:
+ * which has a pointer to the sigset_t itself followed by a size_t containing
+ * the sigset size.
+ */
+-asmlinkage long sys_pselect6(int n, fd_set __user *inp, fd_set __user *outp,
+- fd_set __user *exp, struct timespec __user *tsp, void __user *sig)
++SYSCALL_DEFINE6(pselect6, int, n, fd_set __user *, inp, fd_set __user *, outp,
++ fd_set __user *, exp, struct timespec __user *, tsp,
++ void __user *, sig)
+ {
+ size_t sigsetsize = 0;
+ sigset_t __user *up = NULL;
+@@ -761,9 +762,9 @@ SYSCALL_DEFINE3(poll, struct pollfd __us
+ }
+
+ #ifdef HAVE_SET_RESTORE_SIGMASK
+-asmlinkage long sys_ppoll(struct pollfd __user *ufds, unsigned int nfds,
+- struct timespec __user *tsp, const sigset_t __user *sigmask,
+- size_t sigsetsize)
++SYSCALL_DEFINE5(ppoll, struct pollfd __user *, ufds, unsigned int, nfds,
++ struct timespec __user *, tsp, const sigset_t __user *, sigmask,
++ size_t, sigsetsize)
+ {
+ sigset_t ksigmask, sigsaved;
+ struct timespec ts;
+--- a/fs/timerfd.c
++++ b/fs/timerfd.c
+@@ -267,7 +267,7 @@ SYSCALL_DEFINE4(timerfd_settime, int, uf
+ return 0;
+ }
+
+-asmlinkage long sys_timerfd_gettime(int ufd, struct itimerspec __user *otmr)
++SYSCALL_DEFINE2(timerfd_gettime, int, ufd, struct itimerspec __user *, otmr)
+ {
+ struct file *file;
+ struct timerfd_ctx *ctx;
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -679,6 +679,13 @@ asmlinkage long sys_eventfd(unsigned int
+ asmlinkage long sys_eventfd2(unsigned int count, int flags);
+ asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len);
+ asmlinkage long sys_old_readdir(unsigned int, struct old_linux_dirent __user *, unsigned int);
++asmlinkage long sys_pselect6(int, fd_set __user *, fd_set __user *,
++ fd_set __user *, struct timespec __user *,
++ void __user *);
++asmlinkage long sys_ppoll(struct pollfd __user *, unsigned int,
++ struct timespec __user *, const sigset_t __user *,
++ size_t);
++asmlinkage long sys_pipe2(int __user *, int);
+
+ int kernel_execve(const char *filename, char *const argv[], char *const envp[]);
+
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -2466,11 +2466,10 @@ out:
+ #endif /* __ARCH_WANT_SYS_SIGPROCMASK */
+
+ #ifdef __ARCH_WANT_SYS_RT_SIGACTION
+-asmlinkage long
+-sys_rt_sigaction(int sig,
+- const struct sigaction __user *act,
+- struct sigaction __user *oact,
+- size_t sigsetsize)
++SYSCALL_DEFINE4(rt_sigaction, int, sig,
++ const struct sigaction __user *, act,
++ struct sigaction __user *, oact,
++ size_t, sigsetsize)
+ {
+ struct k_sigaction new_sa, old_sa;
+ int ret = -EINVAL;
+@@ -2553,7 +2552,7 @@ SYSCALL_DEFINE0(pause)
+ #endif
+
+ #ifdef __ARCH_WANT_SYS_RT_SIGSUSPEND
+-asmlinkage long sys_rt_sigsuspend(sigset_t __user *unewset, size_t sigsetsize)
++SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize)
+ {
+ sigset_t newset;
+
--- /dev/null
+From 2b66421995d2e93c9d1a0111acf2581f8529c6e5 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:35 +0100
+Subject: [PATCH 43/44] [CVE-2009-0029] System call wrappers part 33
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 2b66421995d2e93c9d1a0111acf2581f8529c6e5 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ fs/pipe.c | 2 +-
+ include/linux/syscalls.h | 1 +
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+--- a/fs/pipe.c
++++ b/fs/pipe.c
+@@ -1067,7 +1067,7 @@ SYSCALL_DEFINE2(pipe2, int __user *, fil
+ return error;
+ }
+
+-asmlinkage long sys_pipe(int __user *fildes)
++SYSCALL_DEFINE1(pipe, int __user *, fildes)
+ {
+ return sys_pipe2(fildes, 0);
+ }
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -686,6 +686,7 @@ asmlinkage long sys_ppoll(struct pollfd
+ struct timespec __user *, const sigset_t __user *,
+ size_t);
+ asmlinkage long sys_pipe2(int __user *, int);
++asmlinkage long sys_pipe(int __user *);
+
+ int kernel_execve(const char *filename, char *const argv[], char *const envp[]);
+
--- /dev/null
+From 26689452f5ca201add63b1b1ff0dbcf82d6885e7 Mon Sep 17 00:00:00 2001
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+Date: Wed, 14 Jan 2009 14:14:36 +0100
+Subject: [PATCH 44/44] [CVE-2009-0029] s390 specific system call wrappers
+
+From: Heiko Carstens <heiko.carstens@de.ibm.com>
+
+commit 26689452f5ca201add63b1b1ff0dbcf82d6885e7 upstream.
+
+Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+---
+ arch/s390/kernel/compat_wrapper.S | 4 ++--
+ arch/s390/kernel/entry.h | 15 ++++++++-------
+ arch/s390/kernel/process.c | 9 +++++----
+ arch/s390/kernel/signal.c | 19 ++++++++-----------
+ arch/s390/kernel/sys_s390.c | 35 +++++++++++++++++++++--------------
+ arch/s390/kernel/syscalls.S | 12 ++++++------
+ 6 files changed, 50 insertions(+), 44 deletions(-)
+
+--- a/arch/s390/kernel/compat_wrapper.S
++++ b/arch/s390/kernel/compat_wrapper.S
+@@ -549,7 +549,7 @@ sys32_setdomainname_wrapper:
+ .globl sys32_newuname_wrapper
+ sys32_newuname_wrapper:
+ llgtr %r2,%r2 # struct new_utsname *
+- jg s390x_newuname # branch to system call
++ jg sys_s390_newuname # branch to system call
+
+ .globl compat_sys_adjtimex_wrapper
+ compat_sys_adjtimex_wrapper:
+@@ -617,7 +617,7 @@ sys32_sysfs_wrapper:
+ .globl sys32_personality_wrapper
+ sys32_personality_wrapper:
+ llgfr %r2,%r2 # unsigned long
+- jg s390x_personality # branch to system call
++ jg sys_s390_personality # branch to system call
+
+ .globl sys32_setfsuid16_wrapper
+ sys32_setfsuid16_wrapper:
+--- a/arch/s390/kernel/entry.h
++++ b/arch/s390/kernel/entry.h
+@@ -31,21 +31,22 @@ struct old_sigaction;
+ struct sel_arg_struct;
+
+ long sys_mmap2(struct mmap_arg_struct __user *arg);
+-long old_mmap(struct mmap_arg_struct __user *arg);
++long sys_s390_old_mmap(struct mmap_arg_struct __user *arg);
+ long sys_ipc(uint call, int first, unsigned long second,
+ unsigned long third, void __user *ptr);
+-long s390x_newuname(struct new_utsname __user *name);
+-long s390x_personality(unsigned long personality);
+-long s390_fadvise64(int fd, u32 offset_high, u32 offset_low,
++long sys_s390_newuname(struct new_utsname __user *name);
++long sys_s390_personality(unsigned long personality);
++long sys_s390_fadvise64(int fd, u32 offset_high, u32 offset_low,
+ size_t len, int advice);
+-long s390_fadvise64_64(struct fadvise64_64_args __user *args);
+-long s390_fallocate(int fd, int mode, loff_t offset, u32 len_high, u32 len_low);
++long sys_s390_fadvise64_64(struct fadvise64_64_args __user *args);
++long sys_s390_fallocate(int fd, int mode, loff_t offset, u32 len_high,
++ u32 len_low);
+ long sys_fork(void);
+ long sys_clone(void);
+ long sys_vfork(void);
+ void execve_tail(void);
+ long sys_execve(void);
+-int sys_sigsuspend(int history0, int history1, old_sigset_t mask);
++long sys_sigsuspend(int history0, int history1, old_sigset_t mask);
+ long sys_sigaction(int sig, const struct old_sigaction __user *act,
+ struct old_sigaction __user *oact);
+ long sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss);
+--- a/arch/s390/kernel/process.c
++++ b/arch/s390/kernel/process.c
+@@ -38,6 +38,7 @@
+ #include <linux/utsname.h>
+ #include <linux/tick.h>
+ #include <linux/elfcore.h>
++#include <linux/syscalls.h>
+ #include <asm/uaccess.h>
+ #include <asm/pgtable.h>
+ #include <asm/system.h>
+@@ -257,13 +258,13 @@ int copy_thread(int nr, unsigned long cl
+ return 0;
+ }
+
+-asmlinkage long sys_fork(void)
++SYSCALL_DEFINE0(fork)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ return do_fork(SIGCHLD, regs->gprs[15], regs, 0, NULL, NULL);
+ }
+
+-asmlinkage long sys_clone(void)
++SYSCALL_DEFINE0(clone)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ unsigned long clone_flags;
+@@ -290,7 +291,7 @@ asmlinkage long sys_clone(void)
+ * do not have enough call-clobbered registers to hold all
+ * the information you need.
+ */
+-asmlinkage long sys_vfork(void)
++SYSCALL_DEFINE0(vfork)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ return do_fork(CLONE_VFORK | CLONE_VM | SIGCHLD,
+@@ -310,7 +311,7 @@ asmlinkage void execve_tail(void)
+ /*
+ * sys_execve() executes a new program.
+ */
+-asmlinkage long sys_execve(void)
++SYSCALL_DEFINE0(execve)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ char *filename;
+--- a/arch/s390/kernel/signal.c
++++ b/arch/s390/kernel/signal.c
+@@ -24,6 +24,7 @@
+ #include <linux/tty.h>
+ #include <linux/personality.h>
+ #include <linux/binfmts.h>
++#include <linux/syscalls.h>
+ #include <asm/ucontext.h>
+ #include <asm/uaccess.h>
+ #include <asm/lowcore.h>
+@@ -52,8 +53,7 @@ typedef struct
+ /*
+ * Atomically swap in the new signal mask, and wait for a signal.
+ */
+-asmlinkage int
+-sys_sigsuspend(int history0, int history1, old_sigset_t mask)
++SYSCALL_DEFINE3(sigsuspend, int, history0, int, history1, old_sigset_t, mask)
+ {
+ mask &= _BLOCKABLE;
+ spin_lock_irq(¤t->sighand->siglock);
+@@ -69,9 +69,8 @@ sys_sigsuspend(int history0, int history
+ return -ERESTARTNOHAND;
+ }
+
+-asmlinkage long
+-sys_sigaction(int sig, const struct old_sigaction __user *act,
+- struct old_sigaction __user *oact)
++SYSCALL_DEFINE3(sigaction, int, sig, const struct old_sigaction __user *, act,
++ struct old_sigaction __user *, oact)
+ {
+ struct k_sigaction new_ka, old_ka;
+ int ret;
+@@ -101,15 +100,13 @@ sys_sigaction(int sig, const struct old_
+ return ret;
+ }
+
+-asmlinkage long
+-sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss)
++SYSCALL_DEFINE2(sigaltstack, const stack_t __user *, uss,
++ stack_t __user *, uoss)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ return do_sigaltstack(uss, uoss, regs->gprs[15]);
+ }
+
+-
+-
+ /* Returns non-zero on fault. */
+ static int save_sigregs(struct pt_regs *regs, _sigregs __user *sregs)
+ {
+@@ -163,7 +160,7 @@ static int restore_sigregs(struct pt_reg
+ return 0;
+ }
+
+-asmlinkage long sys_sigreturn(void)
++SYSCALL_DEFINE0(sigreturn)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ sigframe __user *frame = (sigframe __user *)regs->gprs[15];
+@@ -190,7 +187,7 @@ badframe:
+ return 0;
+ }
+
+-asmlinkage long sys_rt_sigreturn(void)
++SYSCALL_DEFINE0(rt_sigreturn)
+ {
+ struct pt_regs *regs = task_pt_regs(current);
+ rt_sigframe __user *frame = (rt_sigframe __user *)regs->gprs[15];
+--- a/arch/s390/kernel/syscalls.S
++++ b/arch/s390/kernel/syscalls.S
+@@ -98,7 +98,7 @@ SYSCALL(sys_uselib,sys_uselib,sys32_usel
+ SYSCALL(sys_swapon,sys_swapon,sys32_swapon_wrapper)
+ SYSCALL(sys_reboot,sys_reboot,sys32_reboot_wrapper)
+ SYSCALL(sys_ni_syscall,sys_ni_syscall,old32_readdir_wrapper) /* old readdir syscall */
+-SYSCALL(old_mmap,old_mmap,old32_mmap_wrapper) /* 90 */
++SYSCALL(sys_s390_old_mmap,sys_s390_old_mmap,old32_mmap_wrapper) /* 90 */
+ SYSCALL(sys_munmap,sys_munmap,sys32_munmap_wrapper)
+ SYSCALL(sys_truncate,sys_truncate,sys32_truncate_wrapper)
+ SYSCALL(sys_ftruncate,sys_ftruncate,sys32_ftruncate_wrapper)
+@@ -130,7 +130,7 @@ SYSCALL(sys_fsync,sys_fsync,sys32_fsync_
+ SYSCALL(sys_sigreturn,sys_sigreturn,sys32_sigreturn)
+ SYSCALL(sys_clone,sys_clone,sys32_clone) /* 120 */
+ SYSCALL(sys_setdomainname,sys_setdomainname,sys32_setdomainname_wrapper)
+-SYSCALL(sys_newuname,s390x_newuname,sys32_newuname_wrapper)
++SYSCALL(sys_newuname,sys_s390_newuname,sys32_newuname_wrapper)
+ NI_SYSCALL /* modify_ldt for i386 */
+ SYSCALL(sys_adjtimex,sys_adjtimex,compat_sys_adjtimex_wrapper)
+ SYSCALL(sys_mprotect,sys_mprotect,sys32_mprotect_wrapper) /* 125 */
+@@ -144,7 +144,7 @@ SYSCALL(sys_getpgid,sys_getpgid,sys32_ge
+ SYSCALL(sys_fchdir,sys_fchdir,sys32_fchdir_wrapper)
+ SYSCALL(sys_bdflush,sys_bdflush,sys32_bdflush_wrapper)
+ SYSCALL(sys_sysfs,sys_sysfs,sys32_sysfs_wrapper) /* 135 */
+-SYSCALL(sys_personality,s390x_personality,sys32_personality_wrapper)
++SYSCALL(sys_personality,sys_s390_personality,sys32_personality_wrapper)
+ NI_SYSCALL /* for afs_syscall */
+ SYSCALL(sys_setfsuid16,sys_ni_syscall,sys32_setfsuid16_wrapper) /* old setfsuid16 syscall */
+ SYSCALL(sys_setfsgid16,sys_ni_syscall,sys32_setfsgid16_wrapper) /* old setfsgid16 syscall */
+@@ -261,7 +261,7 @@ SYSCALL(sys_epoll_create,sys_epoll_creat
+ SYSCALL(sys_epoll_ctl,sys_epoll_ctl,sys_epoll_ctl_wrapper) /* 250 */
+ SYSCALL(sys_epoll_wait,sys_epoll_wait,sys_epoll_wait_wrapper)
+ SYSCALL(sys_set_tid_address,sys_set_tid_address,sys32_set_tid_address_wrapper)
+-SYSCALL(s390_fadvise64,sys_fadvise64_64,sys32_fadvise64_wrapper)
++SYSCALL(sys_s390_fadvise64,sys_fadvise64_64,sys32_fadvise64_wrapper)
+ SYSCALL(sys_timer_create,sys_timer_create,sys32_timer_create_wrapper)
+ SYSCALL(sys_timer_settime,sys_timer_settime,sys32_timer_settime_wrapper) /* 255 */
+ SYSCALL(sys_timer_gettime,sys_timer_gettime,sys32_timer_gettime_wrapper)
+@@ -272,7 +272,7 @@ SYSCALL(sys_clock_gettime,sys_clock_gett
+ SYSCALL(sys_clock_getres,sys_clock_getres,sys32_clock_getres_wrapper)
+ SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,sys32_clock_nanosleep_wrapper)
+ NI_SYSCALL /* reserved for vserver */
+-SYSCALL(s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
++SYSCALL(sys_s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
+ SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64_wrapper)
+ SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64_wrapper)
+ SYSCALL(sys_remap_file_pages,sys_remap_file_pages,sys32_remap_file_pages_wrapper)
+@@ -322,7 +322,7 @@ NI_SYSCALL /* 310 sys_move_pages *
+ SYSCALL(sys_getcpu,sys_getcpu,sys_getcpu_wrapper)
+ SYSCALL(sys_epoll_pwait,sys_epoll_pwait,compat_sys_epoll_pwait_wrapper)
+ SYSCALL(sys_utimes,sys_utimes,compat_sys_utimes_wrapper)
+-SYSCALL(s390_fallocate,sys_fallocate,sys_fallocate_wrapper)
++SYSCALL(sys_s390_fallocate,sys_fallocate,sys_fallocate_wrapper)
+ SYSCALL(sys_utimensat,sys_utimensat,compat_sys_utimensat_wrapper) /* 315 */
+ SYSCALL(sys_signalfd,sys_signalfd,compat_sys_signalfd_wrapper)
+ NI_SYSCALL /* 317 old sys_timer_fd */
+--- a/arch/s390/kernel/sys_s390.c
++++ b/arch/s390/kernel/sys_s390.c
+@@ -29,6 +29,7 @@
+ #include <linux/personality.h>
+ #include <linux/unistd.h>
+ #include <linux/ipc.h>
++#include <linux/syscalls.h>
+ #include <asm/uaccess.h>
+ #include "entry.h"
+
+@@ -74,7 +75,7 @@ struct mmap_arg_struct {
+ unsigned long offset;
+ };
+
+-asmlinkage long sys_mmap2(struct mmap_arg_struct __user *arg)
++SYSCALL_DEFINE1(mmap2, struct mmap_arg_struct __user *, arg)
+ {
+ struct mmap_arg_struct a;
+ int error = -EFAULT;
+@@ -86,7 +87,7 @@ out:
+ return error;
+ }
+
+-asmlinkage long old_mmap(struct mmap_arg_struct __user *arg)
++SYSCALL_DEFINE1(s390_old_mmap, struct mmap_arg_struct __user *, arg)
+ {
+ struct mmap_arg_struct a;
+ long error = -EFAULT;
+@@ -127,8 +128,8 @@ asmlinkage long old_select(struct sel_ar
+ *
+ * This is really horribly ugly.
+ */
+-asmlinkage long sys_ipc(uint call, int first, unsigned long second,
+- unsigned long third, void __user *ptr)
++SYSCALL_DEFINE5(ipc, uint, call, int, first, unsigned long, second,
++ unsigned long, third, void __user *, ptr)
+ {
+ struct ipc_kludge tmp;
+ int ret;
+@@ -194,7 +195,7 @@ asmlinkage long sys_ipc(uint call, int f
+ }
+
+ #ifdef CONFIG_64BIT
+-asmlinkage long s390x_newuname(struct new_utsname __user *name)
++SYSCALL_DEFINE1(s390_newuname, struct new_utsname __user *, name)
+ {
+ int ret = sys_newuname(name);
+
+@@ -205,7 +206,7 @@ asmlinkage long s390x_newuname(struct ne
+ return ret;
+ }
+
+-asmlinkage long s390x_personality(unsigned long personality)
++SYSCALL_DEFINE1(s390_personality, unsigned long, personality)
+ {
+ int ret;
+
+@@ -224,15 +225,13 @@ asmlinkage long s390x_personality(unsign
+ */
+ #ifndef CONFIG_64BIT
+
+-asmlinkage long
+-s390_fadvise64(int fd, u32 offset_high, u32 offset_low, size_t len, int advice)
++SYSCALL_DEFINE5(s390_fadvise64, int, fd, u32, offset_high, u32, offset_low,
++ size_t, len, int, advice)
+ {
+ return sys_fadvise64(fd, (u64) offset_high << 32 | offset_low,
+ len, advice);
+ }
+
+-#endif
+-
+ struct fadvise64_64_args {
+ int fd;
+ long long offset;
+@@ -240,8 +239,7 @@ struct fadvise64_64_args {
+ int advice;
+ };
+
+-asmlinkage long
+-s390_fadvise64_64(struct fadvise64_64_args __user *args)
++SYSCALL_DEFINE1(s390_fadvise64_64, struct fadvise64_64_args __user *, args)
+ {
+ struct fadvise64_64_args a;
+
+@@ -250,7 +248,6 @@ s390_fadvise64_64(struct fadvise64_64_ar
+ return sys_fadvise64_64(a.fd, a.offset, a.len, a.advice);
+ }
+
+-#ifndef CONFIG_64BIT
+ /*
+ * This is a wrapper to call sys_fallocate(). For 31 bit s390 the last
+ * 64 bit argument "len" is split into the upper and lower 32 bits. The
+@@ -263,9 +260,19 @@ s390_fadvise64_64(struct fadvise64_64_ar
+ * to
+ * %r2: fd, %r3: mode, %r4/%r5: offset, 96(%r15)-103(%r15): len
+ */
+-asmlinkage long s390_fallocate(int fd, int mode, loff_t offset,
++SYSCALL_DEFINE(s390_fallocate)(int fd, int mode, loff_t offset,
+ u32 len_high, u32 len_low)
+ {
+ return sys_fallocate(fd, mode, offset, ((u64)len_high << 32) | len_low);
+ }
++#ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
++asmlinkage long SyS_s390_fallocate(long fd, long mode, loff_t offset,
++ long len_high, long len_low)
++{
++ return SYSC_s390_fallocate((int) fd, (int) mode, offset,
++ (u32) len_high, (u32) len_low);
++}
++SYSCALL_ALIAS(sys_s390_fallocate, SyS_s390_fallocate);
++#endif
++
+ #endif
--- /dev/null
+From 4ae8978cf92a96257cd8998a49e781be83571d64 Mon Sep 17 00:00:00 2001
+From: Michael Kerrisk <mtk.manpages@googlemail.com>
+Date: Mon, 5 Jan 2009 07:19:16 -0500
+Subject: inotify: fix type errors in interfaces
+
+From: Michael Kerrisk <mtk.manpages@googlemail.com>
+
+commit 4ae8978cf92a96257cd8998a49e781be83571d64 upstream.
+
+The problems lie in the types used for some inotify interfaces, both at the kernel level and at the glibc level. This mail addresses the kernel problem. I will follow up with some suggestions for glibc changes.
+
+For the sys_inotify_rm_watch() interface, the type of the 'wd' argument is
+currently 'u32', it should be '__s32' . That is Robert's suggestion, and
+is consistent with the other declarations of watch descriptors in the
+kernel source, in particular, the inotify_event structure in
+include/linux/inotify.h:
+
+struct inotify_event {
+ __s32 wd; /* watch descriptor */
+ __u32 mask; /* watch mask */
+ __u32 cookie; /* cookie to synchronize two events */
+ __u32 len; /* length (including nulls) of name */
+ char name[0]; /* stub for possible name */
+};
+
+The patch makes the changes needed for inotify_rm_watch().
+
+Signed-off-by: Michael Kerrisk <mtk.manpages@googlemail.com>
+Cc: Robert Love <rlove@google.com>
+Cc: Vegard Nossum <vegard.nossum@gmail.com>
+Cc: Ulrich Drepper <drepper@redhat.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/inotify_user.c | 2 +-
+ include/linux/syscalls.h | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+--- a/fs/inotify_user.c
++++ b/fs/inotify_user.c
+@@ -707,7 +707,7 @@ fput_and_out:
+ return ret;
+ }
+
+-asmlinkage long sys_inotify_rm_watch(int fd, u32 wd)
++asmlinkage long sys_inotify_rm_watch(int fd, __s32 wd)
+ {
+ struct file *filp;
+ struct inotify_device *dev;
+--- a/include/linux/syscalls.h
++++ b/include/linux/syscalls.h
+@@ -550,7 +550,7 @@ asmlinkage long sys_inotify_init(void);
+ asmlinkage long sys_inotify_init1(int flags);
+ asmlinkage long sys_inotify_add_watch(int fd, const char __user *path,
+ u32 mask);
+-asmlinkage long sys_inotify_rm_watch(int fd, u32 wd);
++asmlinkage long sys_inotify_rm_watch(int fd, __s32 wd);
+
+ asmlinkage long sys_spu_run(int fd, __u32 __user *unpc,
+ __u32 __user *ustatus);
x86-default-to-swiotlb-y-on-x86_64.patch
x86-fix-incorrect-__read_mostly-on-_boot_cpu_pda.patch
x86-uv-remove-erroneous-bau-initialization.patch
+inotify-fix-type-errors-in-interfaces.patch
+0001--CVE-2009-0029-Move-compat-system-call-declarations.patch
+0002--CVE-2009-0029-Convert-all-system-calls-to-return-a.patch
+0003--CVE-2009-0029-Rename-old_readdir-to-sys_old_readdi.patch
+0004--CVE-2009-0029-Remove-__attribute__-weak-from-sy.patch
+0005--CVE-2009-0029-Make-sys_pselect7-static.patch
+0006--CVE-2009-0029-Make-sys_syslog-a-conditional-system.patch
+0007--CVE-2009-0029-System-call-wrapper-infrastructure.patch
+0008--CVE-2009-0029-powerpc-Enable-syscall-wrappers-for.patch
+0009--CVE-2009-0029-s390-enable-system-call-wrappers.patch
+0010--CVE-2009-0029-System-call-wrapper-special-cases.patch
+0011--CVE-2009-0029-System-call-wrappers-part-01.patch
+0012--CVE-2009-0029-System-call-wrappers-part-02.patch
+0013--CVE-2009-0029-System-call-wrappers-part-03.patch
+0014--CVE-2009-0029-System-call-wrappers-part-04.patch
+0015--CVE-2009-0029-System-call-wrappers-part-05.patch
+0016--CVE-2009-0029-System-call-wrappers-part-06.patch
+0017--CVE-2009-0029-System-call-wrappers-part-07.patch
+0018--CVE-2009-0029-System-call-wrappers-part-08.patch
+0019--CVE-2009-0029-System-call-wrappers-part-09.patch
+0020--CVE-2009-0029-System-call-wrappers-part-10.patch
+0021--CVE-2009-0029-System-call-wrappers-part-11.patch
+0022--CVE-2009-0029-System-call-wrappers-part-12.patch
+0023--CVE-2009-0029-System-call-wrappers-part-13.patch
+0024--CVE-2009-0029-System-call-wrappers-part-14.patch
+0025--CVE-2009-0029-System-call-wrappers-part-15.patch
+0026--CVE-2009-0029-System-call-wrappers-part-16.patch
+0027--CVE-2009-0029-System-call-wrappers-part-17.patch
+0028--CVE-2009-0029-System-call-wrappers-part-18.patch
+0029--CVE-2009-0029-System-call-wrappers-part-19.patch
+0030--CVE-2009-0029-System-call-wrappers-part-20.patch
+0031--CVE-2009-0029-System-call-wrappers-part-21.patch
+0032--CVE-2009-0029-System-call-wrappers-part-22.patch
+0033--CVE-2009-0029-System-call-wrappers-part-23.patch
+0034--CVE-2009-0029-System-call-wrappers-part-24.patch
+0035--CVE-2009-0029-System-call-wrappers-part-25.patch
+0036--CVE-2009-0029-System-call-wrappers-part-26.patch
+0037--CVE-2009-0029-System-call-wrappers-part-27.patch
+0038--CVE-2009-0029-System-call-wrappers-part-28.patch
+0039--CVE-2009-0029-System-call-wrappers-part-29.patch
+0040--CVE-2009-0029-System-call-wrappers-part-30.patch
+0041--CVE-2009-0029-System-call-wrappers-part-31.patch
+0042--CVE-2009-0029-System-call-wrappers-part-32.patch
+0043--CVE-2009-0029-System-call-wrappers-part-33.patch
+0044--CVE-2009-0029-s390-specific-system-call-wrappers.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
