sys-kernel/linux-{image,sources}-redcore-lts : version bump

author: V3n3RiX <venerix@redcorelinux.org> 2019-06-19 20:04:14 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2019-06-19 20:04:14 +0100
commit: aab9bd8042722604df21892025dbbabd598cee10 (patch)
tree: 1d3940917d064be3a939c937e9a8c648587e8c41 /sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
parent: c8d5bd24241b4ba8b471c0e69c619aa92db19b06 (diff)
1 files changed, 112 insertions, 108 deletions
diff --git a/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch b/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
index 42ba2084..3cba43ca 100644
--- a/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
+++ b/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
@@ -1,5 +1,5 @@
 diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
-index f5acf35c712f..191e7eb6b9ce 100644
+index a29301d6e6c6..d3a259e762fa 100644
 --- a/Documentation/admin-guide/kernel-parameters.txt
 +++ b/Documentation/admin-guide/kernel-parameters.txt
 @@ -496,16 +496,6 @@
@@ -19,7 +19,7 @@ index f5acf35c712f..191e7eb6b9ce 100644
  	cio_ignore=	[S390]
  			See Documentation/s390/CommonIO for details.
  	clk_ignore_unused
-@@ -3105,6 +3095,11 @@
+@@ -3165,6 +3155,11 @@
  			the specified number of seconds.  This is to be used if
  			your oopses keep scrolling off the screen.
  
@@ -71,10 +71,10 @@ index 37a679501ddc..59b747920f4d 100644
  
  The value in this file affects behavior of handling NMI. When the
 diff --git a/Makefile b/Makefile
-index f1859811dca1..432040e2d299 100644
+index f7e7e365e2ff..7c69091b65a0 100644
 --- a/Makefile
 +++ b/Makefile
-@@ -698,6 +698,9 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG)      := -fstack-protector-strong
+@@ -693,6 +693,9 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG)      := -fstack-protector-strong
  KBUILD_CFLAGS += $(stackp-flags-y)
  
  ifeq ($(cc-name),clang)
@@ -85,10 +85,10 @@ index f1859811dca1..432040e2d299 100644
  KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
  KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
 diff --git a/arch/Kconfig b/arch/Kconfig
-index 6801123932a5..d331769f18cd 100644
+index a336548487e6..bbe821420e7a 100644
 --- a/arch/Kconfig
 +++ b/arch/Kconfig
-@@ -598,7 +598,7 @@ config ARCH_MMAP_RND_BITS
+@@ -599,7 +599,7 @@ config ARCH_MMAP_RND_BITS
  	int "Number of bits to use for ASLR of mmap base address" if EXPERT
  	range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX
  	default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT
@@ -97,7 +97,7 @@ index 6801123932a5..d331769f18cd 100644
  	depends on HAVE_ARCH_MMAP_RND_BITS
  	help
  	  This value can be used to select the number of bits to use to
-@@ -632,7 +632,7 @@ config ARCH_MMAP_RND_COMPAT_BITS
+@@ -633,7 +633,7 @@ config ARCH_MMAP_RND_COMPAT_BITS
  	int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT
  	range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX
  	default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT
@@ -106,7 +106,7 @@ index 6801123932a5..d331769f18cd 100644
  	depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS
  	help
  	  This value can be used to select the number of bits to use to
-@@ -837,6 +837,7 @@ config ARCH_HAS_REFCOUNT
+@@ -838,6 +838,7 @@ config ARCH_HAS_REFCOUNT
  
  config REFCOUNT_FULL
  	bool "Perform full reference count validation at the expense of speed"
@@ -115,10 +115,10 @@ index 6801123932a5..d331769f18cd 100644
  	  Enabling this switches the refcounting infrastructure from a fast
  	  unchecked atomic_t implementation to a fully state checked
 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
-index 1b1a0e95c751..2397d505747f 100644
+index 8790a29d0af4..265c6edd859f 100644
 --- a/arch/arm64/Kconfig
 +++ b/arch/arm64/Kconfig
-@@ -1013,6 +1013,7 @@ endif
+@@ -1031,6 +1031,7 @@ endif
  
  config ARM64_SW_TTBR0_PAN
  	bool "Emulate Privileged Access Never using TTBR0_EL1 switching"
@@ -126,7 +126,7 @@ index 1b1a0e95c751..2397d505747f 100644
  	help
  	  Enabling this option prevents the kernel from accessing
  	  user-space memory directly by pointing TTBR0_EL1 to a reserved
-@@ -1188,6 +1189,7 @@ config RANDOMIZE_BASE
+@@ -1206,6 +1207,7 @@ config RANDOMIZE_BASE
  	bool "Randomize the address of the kernel image"
  	select ARM64_MODULE_PLTS if MODULES
  	select RELOCATABLE
@@ -203,7 +203,7 @@ index 7f1628effe6d..38bd2f95a961 100644
  
  /*
 diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 44c6a82b7ce5..62aba195aae8 100644
+index e76d16ac2776..07dcedbb271e 100644
 --- a/arch/x86/Kconfig
 +++ b/arch/x86/Kconfig
 @@ -1189,8 +1189,7 @@ config VM86
@@ -216,7 +216,7 @@ index 44c6a82b7ce5..62aba195aae8 100644
  	depends on MODIFY_LDT_SYSCALL
  	---help---
  	  This option is required by programs like Wine to run 16-bit
-@@ -2280,7 +2279,7 @@ config COMPAT_VDSO
+@@ -2274,7 +2273,7 @@ config COMPAT_VDSO
  choice
  	prompt "vsyscall table for legacy applications"
  	depends on X86_64
@@ -225,7 +225,7 @@ index 44c6a82b7ce5..62aba195aae8 100644
  	help
  	  Legacy user code that does not know how to find the vDSO expects
  	  to be able to issue three syscalls by calling fixed addresses in
-@@ -2361,8 +2360,7 @@ config CMDLINE_OVERRIDE
+@@ -2355,8 +2354,7 @@ config CMDLINE_OVERRIDE
  	  be set to 'N' under normal conditions.
  
  config MODIFY_LDT_SYSCALL
@@ -403,10 +403,10 @@ index 79ec7add5f98..2950448e00ac 100644
  	native_write_cr4(cr4 ^ X86_CR4_PGE);
  	/* write old PGE again and flush TLBs */
 diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
-index 44c4ef3d989b..05943ca7b59a 100644
+index 1073118b9bf0..2e34aede5c36 100644
 --- a/arch/x86/kernel/cpu/common.c
 +++ b/arch/x86/kernel/cpu/common.c
-@@ -1730,7 +1730,6 @@ void cpu_init(void)
+@@ -1748,7 +1748,6 @@ void cpu_init(void)
  	wrmsrl(MSR_KERNEL_GS_BASE, 0);
  	barrier();
  
@@ -415,7 +415,7 @@ index 44c4ef3d989b..05943ca7b59a 100644
  
  	/*
 diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
-index 7d31192296a8..4f87550d814c 100644
+index b8b08e61ac73..42f763e0adf3 100644
 --- a/arch/x86/kernel/process.c
 +++ b/arch/x86/kernel/process.c
 @@ -39,6 +39,8 @@
@@ -427,7 +427,7 @@ index 7d31192296a8..4f87550d814c 100644
  
  #include "process.h"
  
-@@ -779,7 +781,10 @@ unsigned long arch_align_stack(unsigned long sp)
+@@ -783,7 +785,10 @@ unsigned long arch_align_stack(unsigned long sp)
  
  unsigned long arch_randomize_brk(struct mm_struct *mm)
  {
@@ -567,10 +567,10 @@ index 15c1f5e12eb8..ff72cccec5b8 100644
  	struct list_head *cpu_list, local_list;
  
 diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
-index b8c3f9e6af89..bf65bc091cb6 100644
+index adf28788cab5..cd4b3501eda9 100644
 --- a/drivers/ata/libata-core.c
 +++ b/drivers/ata/libata-core.c
-@@ -5157,7 +5157,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
+@@ -5158,7 +5158,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
  	struct ata_port *ap;
  	unsigned int tag;
  
@@ -579,7 +579,7 @@ index b8c3f9e6af89..bf65bc091cb6 100644
  	ap = qc->ap;
  
  	qc->flags = 0;
-@@ -5174,7 +5174,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
+@@ -5175,7 +5175,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
  	struct ata_port *ap;
  	struct ata_link *link;
  
@@ -589,7 +589,7 @@ index b8c3f9e6af89..bf65bc091cb6 100644
  	ap = qc->ap;
  	link = qc->dev->link;
 diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
-index 40728491f37b..b4f3ccfa2993 100644
+index 1df9cb8e659e..eb71148a4a69 100644
 --- a/drivers/char/Kconfig
 +++ b/drivers/char/Kconfig
 @@ -9,7 +9,6 @@ source "drivers/tty/Kconfig"
@@ -609,7 +609,7 @@ index 40728491f37b..b4f3ccfa2993 100644
  	  Say Y here if you want to support the /dev/port device. The /dev/port
  	  device is similar to /dev/mem, but for I/O ports.
 diff --git a/drivers/tty/Kconfig b/drivers/tty/Kconfig
-index 0840d27381ea..ae292fcedaca 100644
+index e0a04bfc873e..ec93f827c599 100644
 --- a/drivers/tty/Kconfig
 +++ b/drivers/tty/Kconfig
 @@ -122,7 +122,6 @@ config UNIX98_PTYS
@@ -621,7 +621,7 @@ index 0840d27381ea..ae292fcedaca 100644
  	  A pseudo terminal (PTY) is a software device consisting of two
  	  halves: a master and a slave. The slave device behaves identical to
 diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
-index e7d192ebecd7..1c682abd31ca 100644
+index ac8025cd4a1f..a89e48f53fba 100644
 --- a/drivers/tty/tty_io.c
 +++ b/drivers/tty/tty_io.c
 @@ -172,6 +172,7 @@ static void free_tty_struct(struct tty_struct *tty)
@@ -632,7 +632,7 @@ index e7d192ebecd7..1c682abd31ca 100644
  	kfree(tty);
  }
  
-@@ -2175,11 +2176,19 @@ static int tty_fasync(int fd, struct file *filp, int on)
+@@ -2177,11 +2178,19 @@ static int tty_fasync(int fd, struct file *filp, int on)
   *	FIXME: may race normal receive processing
   */
  
@@ -652,7 +652,7 @@ index e7d192ebecd7..1c682abd31ca 100644
  	if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
  		return -EPERM;
  	if (get_user(ch, p))
-@@ -2863,6 +2872,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
+@@ -2865,6 +2874,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
  	tty->index = idx;
  	tty_line_name(driver, idx, tty->name);
  	tty->dev = tty_get_device(tty);
@@ -661,7 +661,7 @@ index e7d192ebecd7..1c682abd31ca 100644
  	return tty;
  }
 diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
-index cc62707c0251..21d78ae4b4ae 100644
+index eb24ec0e160d..68c93697cae9 100644
 --- a/drivers/usb/core/hub.c
 +++ b/drivers/usb/core/hub.c
 @@ -41,6 +41,8 @@
@@ -673,7 +673,7 @@ index cc62707c0251..21d78ae4b4ae 100644
  /* Protect struct usb_device->state and ->children members
   * Note: Both are also protected by ->dev.sem, except that ->state can
   * change to USB_STATE_NOTATTACHED even when the semaphore isn't held. */
-@@ -4933,6 +4935,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
+@@ -4940,6 +4942,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
  			goto done;
  		return;
  	}
@@ -687,7 +687,7 @@ index cc62707c0251..21d78ae4b4ae 100644
  		unit_load = 150;
  	else
 diff --git a/fs/exec.c b/fs/exec.c
-index 1ebf6e5a521d..73b8d839927c 100644
+index 433b1257694a..f86201f25a4c 100644
 --- a/fs/exec.c
 +++ b/fs/exec.c
 @@ -62,6 +62,7 @@
@@ -822,10 +822,10 @@ index f640dcbc880c..2b4f5d651f19 100644
  {
  	return true;
 diff --git a/include/linux/fs.h b/include/linux/fs.h
-index 7b6084854bfe..cee4467da4a7 100644
+index d4e1b43a53c3..c925cbdd1d95 100644
 --- a/include/linux/fs.h
 +++ b/include/linux/fs.h
-@@ -3456,4 +3456,15 @@ extern void inode_nohighmem(struct inode *inode);
+@@ -3466,4 +3466,15 @@ extern void inode_nohighmem(struct inode *inode);
  extern int vfs_fadvise(struct file *file, loff_t offset, loff_t len,
  		       int advice);
  
@@ -935,7 +935,7 @@ index 069aa2ebef90..cb9e3637a620 100644
  const struct kobj_ns_type_operations *kobj_child_ns_ops(struct kobject *parent);
  const struct kobj_ns_type_operations *kobj_ns_ops(struct kobject *kobj);
 diff --git a/include/linux/mm.h b/include/linux/mm.h
-index e899460f1bc5..bca0cbed3269 100644
+index bdec425c8e14..58409dee149a 100644
 --- a/include/linux/mm.h
 +++ b/include/linux/mm.h
 @@ -571,7 +571,7 @@ static inline int is_vmalloc_or_module_addr(const void *x)
@@ -972,10 +972,10 @@ index 70b7123f38c7..09f3019489b2 100644
  extern phys_addr_t per_cpu_ptr_to_phys(void *addr);
  
 diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h
-index 53c500f0ca79..15c236b8aba3 100644
+index 42fc852bf512..a6c5cacee3b5 100644
 --- a/include/linux/perf_event.h
 +++ b/include/linux/perf_event.h
-@@ -1179,6 +1179,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write,
+@@ -1184,6 +1184,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write,
  int perf_event_max_stack_handler(struct ctl_table *table, int write,
  				 void __user *buffer, size_t *lenp, loff_t *ppos);
  
@@ -988,10 +988,10 @@ index 53c500f0ca79..15c236b8aba3 100644
  {
  	return sysctl_perf_event_paranoid > -1;
 diff --git a/include/linux/slab.h b/include/linux/slab.h
-index ed9cbddeb4a6..e76e18c7165f 100644
+index d6393413ef09..f11e06e87a29 100644
 --- a/include/linux/slab.h
 +++ b/include/linux/slab.h
-@@ -178,8 +178,8 @@ void memcg_destroy_kmem_caches(struct mem_cgroup *);
+@@ -180,8 +180,8 @@ void memcg_destroy_kmem_caches(struct mem_cgroup *);
  /*
   * Common kmalloc functions provided by all allocators
   */
@@ -1002,7 +1002,7 @@ index ed9cbddeb4a6..e76e18c7165f 100644
  void kfree(const void *);
  void kzfree(const void *);
  size_t ksize(const void *);
-@@ -352,7 +352,7 @@ static __always_inline unsigned int kmalloc_index(size_t size)
+@@ -354,7 +354,7 @@ static __always_inline unsigned int kmalloc_index(size_t size)
  }
  #endif /* !CONFIG_SLOB */
  
@@ -1011,7 +1011,7 @@ index ed9cbddeb4a6..e76e18c7165f 100644
  void *kmem_cache_alloc(struct kmem_cache *, gfp_t flags) __assume_slab_alignment __malloc;
  void kmem_cache_free(struct kmem_cache *, void *);
  
-@@ -376,7 +376,7 @@ static __always_inline void kfree_bulk(size_t size, void **p)
+@@ -378,7 +378,7 @@ static __always_inline void kfree_bulk(size_t size, void **p)
  }
  
  #ifdef CONFIG_NUMA
@@ -1020,7 +1020,7 @@ index ed9cbddeb4a6..e76e18c7165f 100644
  void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node) __assume_slab_alignment __malloc;
  #else
  static __always_inline void *__kmalloc_node(size_t size, gfp_t flags, int node)
-@@ -498,7 +498,7 @@ static __always_inline void *kmalloc_large(size_t size, gfp_t flags)
+@@ -500,7 +500,7 @@ static __always_inline void *kmalloc_large(size_t size, gfp_t flags)
   * for general use, and so are not documented here. For a full list of
   * potential flags, always refer to linux/gfp.h.
   */
@@ -1029,7 +1029,7 @@ index ed9cbddeb4a6..e76e18c7165f 100644
  {
  	if (__builtin_constant_p(size)) {
  		if (size > KMALLOC_MAX_CACHE_SIZE)
-@@ -538,7 +538,7 @@ static __always_inline unsigned int kmalloc_size(unsigned int n)
+@@ -540,7 +540,7 @@ static __always_inline unsigned int kmalloc_size(unsigned int n)
  	return 0;
  }
  
@@ -1055,10 +1055,10 @@ index 3a1a1dbc6f49..ff38fec9eb76 100644
  	/*
  	 * Defragmentation by allocating from a remote node.
 diff --git a/include/linux/string.h b/include/linux/string.h
-index 4a5a0eb7df51..be86cf21d0ce 100644
+index f58e1ef76572..516caa40676e 100644
 --- a/include/linux/string.h
 +++ b/include/linux/string.h
-@@ -235,10 +235,16 @@ void __read_overflow2(void) __compiletime_error("detected read beyond size of ob
+@@ -238,10 +238,16 @@ void __read_overflow2(void) __compiletime_error("detected read beyond size of ob
  void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter");
  void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter");
  
@@ -1076,7 +1076,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  	if (__builtin_constant_p(size) && p_size < size)
  		__write_overflow();
  	if (p_size < size)
-@@ -248,7 +254,7 @@ __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size)
+@@ -251,7 +257,7 @@ __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size)
  
  __FORTIFY_INLINE char *strcat(char *p, const char *q)
  {
@@ -1085,7 +1085,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  	if (p_size == (size_t)-1)
  		return __builtin_strcat(p, q);
  	if (strlcat(p, q, p_size) >= p_size)
-@@ -259,7 +265,7 @@ __FORTIFY_INLINE char *strcat(char *p, const char *q)
+@@ -262,7 +268,7 @@ __FORTIFY_INLINE char *strcat(char *p, const char *q)
  __FORTIFY_INLINE __kernel_size_t strlen(const char *p)
  {
  	__kernel_size_t ret;
@@ -1094,7 +1094,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  
  	/* Work around gcc excess stack consumption issue */
  	if (p_size == (size_t)-1 ||
-@@ -274,7 +280,7 @@ __FORTIFY_INLINE __kernel_size_t strlen(const char *p)
+@@ -277,7 +283,7 @@ __FORTIFY_INLINE __kernel_size_t strlen(const char *p)
  extern __kernel_size_t __real_strnlen(const char *, __kernel_size_t) __RENAME(strnlen);
  __FORTIFY_INLINE __kernel_size_t strnlen(const char *p, __kernel_size_t maxlen)
  {
@@ -1103,7 +1103,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  	__kernel_size_t ret = __real_strnlen(p, maxlen < p_size ? maxlen : p_size);
  	if (p_size <= ret && maxlen != ret)
  		fortify_panic(__func__);
-@@ -286,8 +292,8 @@ extern size_t __real_strlcpy(char *, const char *, size_t) __RENAME(strlcpy);
+@@ -289,8 +295,8 @@ extern size_t __real_strlcpy(char *, const char *, size_t) __RENAME(strlcpy);
  __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size)
  {
  	size_t ret;
@@ -1114,7 +1114,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  	if (p_size == (size_t)-1 && q_size == (size_t)-1)
  		return __real_strlcpy(p, q, size);
  	ret = strlen(q);
-@@ -307,8 +313,8 @@ __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size)
+@@ -310,8 +316,8 @@ __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size)
  __FORTIFY_INLINE char *strncat(char *p, const char *q, __kernel_size_t count)
  {
  	size_t p_len, copy_len;
@@ -1125,7 +1125,7 @@ index 4a5a0eb7df51..be86cf21d0ce 100644
  	if (p_size == (size_t)-1 && q_size == (size_t)-1)
  		return __builtin_strncat(p, q, count);
  	p_len = strlen(p);
-@@ -421,8 +427,8 @@ __FORTIFY_INLINE void *kmemdup(const void *p, size_t size, gfp_t gfp)
+@@ -424,8 +430,8 @@ __FORTIFY_INLINE void *kmemdup(const void *p, size_t size, gfp_t gfp)
  /* defined after fortified strlen and memcpy to reuse them */
  __FORTIFY_INLINE char *strcpy(char *p, const char *q)
  {
@@ -1200,10 +1200,10 @@ index 398e9c95cd61..baab7195306a 100644
  extern void *__vmalloc_node_flags(unsigned long size, int node, gfp_t flags);
  static inline void *__vmalloc_node_flags_caller(unsigned long size, int node,
 diff --git a/init/Kconfig b/init/Kconfig
-index 864af10bb1b9..643bb9448bb9 100644
+index 47035b5a46f6..63b30636fdc0 100644
 --- a/init/Kconfig
 +++ b/init/Kconfig
-@@ -323,6 +323,7 @@ config USELIB
+@@ -326,6 +326,7 @@ config USELIB
  config AUDIT
  	bool "Auditing support"
  	depends on NET
@@ -1211,7 +1211,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	help
  	  Enable auditing infrastructure that can be used with another
  	  kernel subsystem, such as SELinux (which requires this for
-@@ -1088,6 +1089,12 @@ config CC_OPTIMIZE_FOR_SIZE
+@@ -1091,6 +1092,12 @@ config CC_OPTIMIZE_FOR_SIZE
  
  endchoice
  
@@ -1224,7 +1224,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  config HAVE_LD_DEAD_CODE_DATA_ELIMINATION
  	bool
  	help
-@@ -1374,8 +1381,7 @@ config SHMEM
+@@ -1377,8 +1384,7 @@ config SHMEM
  	  which may be appropriate on small systems without swap.
  
  config AIO
@@ -1234,7 +1234,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	help
  	  This option enables POSIX asynchronous I/O which may by used
  	  by some high performance threaded applications. Disabling
-@@ -1592,7 +1598,7 @@ config VM_EVENT_COUNTERS
+@@ -1595,7 +1601,7 @@ config VM_EVENT_COUNTERS
  
  config SLUB_DEBUG
  	default y
@@ -1243,7 +1243,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	depends on SLUB && SYSFS
  	help
  	  SLUB has extensive debug support features. Disabling these can
-@@ -1616,7 +1622,6 @@ config SLUB_MEMCG_SYSFS_ON
+@@ -1619,7 +1625,6 @@ config SLUB_MEMCG_SYSFS_ON
  
  config COMPAT_BRK
  	bool "Disable heap randomization"
@@ -1251,7 +1251,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	help
  	  Randomizing heap placement makes heap exploits harder, but it
  	  also breaks ancient binaries (including anything libc5 based).
-@@ -1663,7 +1668,6 @@ endchoice
+@@ -1666,7 +1671,6 @@ endchoice
  
  config SLAB_MERGE_DEFAULT
  	bool "Allow slab caches to be merged"
@@ -1259,7 +1259,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	help
  	  For reduced kernel memory fragmentation, slab caches can be
  	  merged when they share the same size and other characteristics.
-@@ -1676,9 +1680,9 @@ config SLAB_MERGE_DEFAULT
+@@ -1679,9 +1683,9 @@ config SLAB_MERGE_DEFAULT
  	  command line.
  
  config SLAB_FREELIST_RANDOM
@@ -1270,7 +1270,7 @@ index 864af10bb1b9..643bb9448bb9 100644
  	help
  	  Randomizes the freelist order used on creating new pages. This
  	  security feature reduces the predictability of the kernel slab
-@@ -1687,12 +1691,56 @@ config SLAB_FREELIST_RANDOM
+@@ -1690,12 +1694,56 @@ config SLAB_FREELIST_RANDOM
  config SLAB_FREELIST_HARDENED
  	bool "Harden slab freelist metadata"
  	depends on SLUB
@@ -1342,20 +1342,20 @@ index 2a8058764aa6..14e7a763db43 100644
  		pr_err("audit: error setting audit state (%d)\n",
  		       audit_default);
 diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
-index 474525e3a9db..644a87f6ad28 100644
+index bad9985b8a08..453be8764a8c 100644
 --- a/kernel/bpf/core.c
 +++ b/kernel/bpf/core.c
-@@ -368,7 +368,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp)
- #ifdef CONFIG_BPF_JIT
+@@ -370,7 +370,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp)
+ 
  /* All BPF JIT sysctl knobs here. */
  int bpf_jit_enable   __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_ALWAYS_ON);
 -int bpf_jit_harden   __read_mostly;
 +int bpf_jit_harden   __read_mostly = 2;
  int bpf_jit_kallsyms __read_mostly;
+ int bpf_jit_limit    __read_mostly = BPF_JIT_LIMIT_DEFAULT;
  
- static __always_inline void
 diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
-index 382c09dddf93..11f436e79170 100644
+index ede82382dd32..98591574df41 100644
 --- a/kernel/bpf/syscall.c
 +++ b/kernel/bpf/syscall.c
 @@ -48,7 +48,7 @@ static DEFINE_SPINLOCK(prog_idr_lock);
@@ -1385,7 +1385,7 @@ index 1e1c0236f55b..452062fe45ce 100644
  
  /**
 diff --git a/kernel/events/core.c b/kernel/events/core.c
-index 5a97f34bc14c..a4a4fc1e1586 100644
+index 171b83ebed4a..c38d8bf68b6b 100644
 --- a/kernel/events/core.c
 +++ b/kernel/events/core.c
 @@ -397,8 +397,13 @@ static cpumask_var_t perf_online_mask;
@@ -1402,7 +1402,7 @@ index 5a97f34bc14c..a4a4fc1e1586 100644
  
  /* Minimum for 512 kiB + 1 user control page */
  int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */
-@@ -10410,6 +10415,9 @@ SYSCALL_DEFINE5(perf_event_open,
+@@ -10462,6 +10467,9 @@ SYSCALL_DEFINE5(perf_event_open,
  	if (flags & ~PERF_FLAG_ALL)
  		return -EINVAL;
  
@@ -1413,7 +1413,7 @@ index 5a97f34bc14c..a4a4fc1e1586 100644
  	if (err)
  		return err;
 diff --git a/kernel/fork.c b/kernel/fork.c
-index 64ef113e387e..42d257e43e04 100644
+index 69874db3fba8..44f666f2b7b7 100644
 --- a/kernel/fork.c
 +++ b/kernel/fork.c
 @@ -103,6 +103,11 @@
@@ -1428,7 +1428,7 @@ index 64ef113e387e..42d257e43e04 100644
  
  /*
   * Minimum number of threads to boot the kernel
-@@ -1649,6 +1654,10 @@ static __latent_entropy struct task_struct *copy_process(
+@@ -1674,6 +1679,10 @@ static __latent_entropy struct task_struct *copy_process(
  	if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
  		return ERR_PTR(-EINVAL);
  
@@ -1439,7 +1439,7 @@ index 64ef113e387e..42d257e43e04 100644
  	/*
  	 * Thread groups must share signals as well, and detached threads
  	 * can only be started up within the thread group.
-@@ -2476,6 +2485,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -2503,6 +2512,12 @@ int ksys_unshare(unsigned long unshare_flags)
  	if (unshare_flags & CLONE_NEWNS)
  		unshare_flags |= CLONE_FS;
  
@@ -1488,10 +1488,10 @@ index befc9321a89c..61e19256560c 100644
  	__rcu_process_callbacks(&rcu_sched_ctrlblk);
  	__rcu_process_callbacks(&rcu_bh_ctrlblk);
 diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c
-index 15301ed19da6..2a799dea7016 100644
+index f7e89c989df7..527c170810fc 100644
 --- a/kernel/rcu/tree.c
 +++ b/kernel/rcu/tree.c
-@@ -2862,7 +2862,7 @@ __rcu_process_callbacks(struct rcu_state *rsp)
+@@ -2870,7 +2870,7 @@ __rcu_process_callbacks(struct rcu_state *rsp)
  /*
   * Do RCU core processing for the current CPU.
   */
@@ -1501,10 +1501,10 @@ index 15301ed19da6..2a799dea7016 100644
  	struct rcu_state *rsp;
  
 diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
-index 7137bc343b4a..104e0855a018 100644
+index 4a433608ba74..41d9b1656818 100644
 --- a/kernel/sched/fair.c
 +++ b/kernel/sched/fair.c
-@@ -9593,7 +9593,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf)
+@@ -9627,7 +9627,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf)
   * run_rebalance_domains is triggered when needed from the scheduler tick.
   * Also triggered for nohz idle balancing (with nohz_balancing_kick set).
   */
@@ -1574,7 +1574,7 @@ index 6f584861d329..1943fe60f3b9 100644
  
  void tasklet_init(struct tasklet_struct *t,
 diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index cc02050fd0c4..cca161854186 100644
+index 9a85c7ae7362..20221265a603 100644
 --- a/kernel/sysctl.c
 +++ b/kernel/sysctl.c
 @@ -67,6 +67,7 @@
@@ -1605,7 +1605,7 @@ index cc02050fd0c4..cca161854186 100644
  extern int pid_max;
  extern int pid_max_min, pid_max_max;
  extern int percpu_pagelist_fraction;
-@@ -116,33 +124,33 @@ extern int sysctl_nr_trim_pages;
+@@ -116,35 +124,35 @@ extern int sysctl_nr_trim_pages;
  
  /* Constants used for minimum and  maximum */
  #ifdef CONFIG_LOCKUP_DETECTOR
@@ -1620,13 +1620,17 @@ index cc02050fd0c4..cca161854186 100644
 -static int __maybe_unused one = 1;
 -static int __maybe_unused two = 2;
 -static int __maybe_unused four = 4;
+-static unsigned long zero_ul;
 -static unsigned long one_ul = 1;
+-static unsigned long long_max = LONG_MAX;
 -static int one_hundred = 100;
 -static int one_thousand = 1000;
 +static int __maybe_unused one __read_only = 1;
 +static int __maybe_unused two __read_only = 2;
 +static int __maybe_unused four __read_only = 4;
++static unsigned long zero_ul __read_only;
 +static unsigned long one_ul __read_only = 1;
++static unsigned long long_max __read_only = LONG_MAX;
 +static int one_hundred __read_only = 100;
 +static int one_thousand __read_only = 1000;
  #ifdef CONFIG_PRINTK
@@ -1653,7 +1657,7 @@ index cc02050fd0c4..cca161854186 100644
  static const int cap_last_cap = CAP_LAST_CAP;
  
  /*
-@@ -150,9 +158,12 @@ static const int cap_last_cap = CAP_LAST_CAP;
+@@ -152,9 +160,12 @@ static const int cap_last_cap = CAP_LAST_CAP;
   * and hung_task_check_interval_secs
   */
  #ifdef CONFIG_DETECT_HUNG_TASK
@@ -1667,7 +1671,7 @@ index cc02050fd0c4..cca161854186 100644
  #ifdef CONFIG_INOTIFY_USER
  #include <linux/inotify.h>
  #endif
-@@ -296,19 +307,19 @@ static struct ctl_table sysctl_base_table[] = {
+@@ -298,19 +309,19 @@ static struct ctl_table sysctl_base_table[] = {
  };
  
  #ifdef CONFIG_SCHED_DEBUG
@@ -1695,7 +1699,7 @@ index cc02050fd0c4..cca161854186 100644
  #endif
  
  static struct ctl_table kern_table[] = {
-@@ -514,6 +525,15 @@ static struct ctl_table kern_table[] = {
+@@ -516,6 +527,15 @@ static struct ctl_table kern_table[] = {
  		.proc_handler	= proc_dointvec,
  	},
  #endif
@@ -1711,7 +1715,7 @@ index cc02050fd0c4..cca161854186 100644
  #ifdef CONFIG_PROC_SYSCTL
  	{
  		.procname	= "tainted",
-@@ -862,6 +882,37 @@ static struct ctl_table kern_table[] = {
+@@ -864,6 +884,37 @@ static struct ctl_table kern_table[] = {
  		.extra1		= &zero,
  		.extra2		= &two,
  	},
@@ -1790,7 +1794,7 @@ index 923414a246e9..6b9dbc257e34 100644
  static DEFINE_MUTEX(userns_state_mutex);
  
 diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
-index 4966c4fbe7f7..7a685272c155 100644
+index 3dea52f7be9c..9074878fe25b 100644
 --- a/lib/Kconfig.debug
 +++ b/lib/Kconfig.debug
 @@ -950,6 +950,7 @@ endmenu # "Debug lockups and hangs"
@@ -1818,7 +1822,7 @@ index 4966c4fbe7f7..7a685272c155 100644
  	help
  	  Enable this to turn on extended checks in the linked-list
  	  walking routines.
-@@ -1982,6 +1984,7 @@ config MEMTEST
+@@ -1983,6 +1985,7 @@ config MEMTEST
  config BUG_ON_DATA_CORRUPTION
  	bool "Trigger a BUG when data corruption is detected"
  	select DEBUG_LIST
@@ -1826,7 +1830,7 @@ index 4966c4fbe7f7..7a685272c155 100644
  	help
  	  Select this option if the kernel should BUG when it encounters
  	  data corruption in kernel memory structures when they get checked
-@@ -2021,6 +2024,7 @@ config STRICT_DEVMEM
+@@ -2022,6 +2025,7 @@ config STRICT_DEVMEM
  config IO_STRICT_DEVMEM
  	bool "Filter I/O access to /dev/mem"
  	depends on STRICT_DEVMEM
@@ -1904,10 +1908,10 @@ index de64ea658716..8bff017856eb 100644
  	  This is the portion of low virtual memory which should be protected
  	  from userspace allocation.  Keeping a user from writing to low pages
 diff --git a/mm/mmap.c b/mm/mmap.c
-index f7cd9cb966c0..fda49841f4f2 100644
+index 1480880ff814..0145114c44b4 100644
 --- a/mm/mmap.c
 +++ b/mm/mmap.c
-@@ -229,6 +229,13 @@ SYSCALL_DEFINE1(brk, unsigned long, brk)
+@@ -230,6 +230,13 @@ SYSCALL_DEFINE1(brk, unsigned long, brk)
  
  	newbrk = PAGE_ALIGN(brk);
  	oldbrk = PAGE_ALIGN(mm->brk);
@@ -1922,7 +1926,7 @@ index f7cd9cb966c0..fda49841f4f2 100644
  		goto set_brk;
  
 diff --git a/mm/page_alloc.c b/mm/page_alloc.c
-index 9e45553cabd6..f5ec01e1498c 100644
+index 8e6932a140b8..1f9c55809c56 100644
 --- a/mm/page_alloc.c
 +++ b/mm/page_alloc.c
 @@ -66,6 +66,7 @@
@@ -1949,7 +1953,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
  #ifdef CONFIG_GCC_PLUGIN_LATENT_ENTROPY
  volatile unsigned long latent_entropy __latent_entropy;
  EXPORT_SYMBOL(latent_entropy);
-@@ -1027,6 +1037,13 @@ static __always_inline bool free_pages_prepare(struct page *page,
+@@ -1055,6 +1065,13 @@ static __always_inline bool free_pages_prepare(struct page *page,
  		debug_check_no_obj_freed(page_address(page),
  					   PAGE_SIZE << order);
  	}
@@ -1963,7 +1967,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
  	arch_free_page(page, order);
  	kernel_poison_pages(page, 1 << order, 0);
  	kernel_map_pages(page, 1 << order, 0);
-@@ -1267,6 +1284,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
+@@ -1295,6 +1312,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
  	__ClearPageReserved(p);
  	set_page_count(p, 0);
  
@@ -1985,7 +1989,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
  	page_zone(page)->managed_pages += nr_pages;
  	set_page_refcounted(page);
  	__free_pages(page, order);
-@@ -1855,8 +1887,8 @@ static inline int check_new_page(struct page *page)
+@@ -1876,8 +1908,8 @@ static inline int check_new_page(struct page *page)
  
  static inline bool free_pages_prezeroed(void)
  {
@@ -1996,7 +2000,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
  }
  
  #ifdef CONFIG_DEBUG_VM
-@@ -1913,6 +1945,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags
+@@ -1934,6 +1966,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags
  
  	post_alloc_hook(page, order, gfp_flags);
  
@@ -2009,10 +2013,10 @@ index 9e45553cabd6..f5ec01e1498c 100644
  		for (i = 0; i < (1 << order); i++)
  			clear_highpage(page + i);
 diff --git a/mm/slab.h b/mm/slab.h
-index 58c6c1c2a78e..86d7a6e7ad25 100644
+index 9632772e14be..802ff9ee8172 100644
 --- a/mm/slab.h
 +++ b/mm/slab.h
-@@ -313,7 +313,11 @@ static inline bool is_root_cache(struct kmem_cache *s)
+@@ -314,7 +314,11 @@ static inline bool is_root_cache(struct kmem_cache *s)
  static inline bool slab_equal_or_root(struct kmem_cache *s,
  				      struct kmem_cache *p)
  {
@@ -2024,7 +2028,7 @@ index 58c6c1c2a78e..86d7a6e7ad25 100644
  }
  
  static inline const char *cache_name(struct kmem_cache *s)
-@@ -365,18 +369,26 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x)
+@@ -366,18 +370,26 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x)
  	 * to not do even the assignment. In that case, slab_equal_or_root
  	 * will also be a constant.
  	 */
@@ -2052,7 +2056,7 @@ index 58c6c1c2a78e..86d7a6e7ad25 100644
  	return s;
  }
  
-@@ -401,7 +413,7 @@ static inline size_t slab_ksize(const struct kmem_cache *s)
+@@ -402,7 +414,7 @@ static inline size_t slab_ksize(const struct kmem_cache *s)
  	 * back there or track user information then we can
  	 * only use the space before that information.
  	 */
@@ -2062,7 +2066,7 @@ index 58c6c1c2a78e..86d7a6e7ad25 100644
  	/*
  	 * Else we can use all the padding etc for the allocation
 diff --git a/mm/slab_common.c b/mm/slab_common.c
-index 3a7ac4f15194..a567cc1807ae 100644
+index 4d3c2e76d1ba..7e943cb1eccd 100644
 --- a/mm/slab_common.c
 +++ b/mm/slab_common.c
 @@ -27,10 +27,10 @@
@@ -2088,7 +2092,7 @@ index 3a7ac4f15194..a567cc1807ae 100644
  static int __init setup_slab_nomerge(char *str)
  {
 diff --git a/mm/slub.c b/mm/slub.c
-index 8da34a8af53d..f05bc9ca8489 100644
+index 09c0e24a06d8..26e8c45a889a 100644
 --- a/mm/slub.c
 +++ b/mm/slub.c
 @@ -124,6 +124,16 @@ static inline int kmem_cache_debug(struct kmem_cache *s)
@@ -2325,7 +2329,7 @@ index 8da34a8af53d..f05bc9ca8489 100644
  #ifdef CONFIG_SLUB_DEBUG
  	if (flags & SLAB_STORE_USER)
  		/*
-@@ -3559,6 +3661,10 @@ static int kmem_cache_open(struct kmem_cache *s, slab_flags_t flags)
+@@ -3562,6 +3664,10 @@ static int kmem_cache_open(struct kmem_cache *s, slab_flags_t flags)
  #ifdef CONFIG_SLAB_FREELIST_HARDENED
  	s->random = get_random_long();
  #endif
@@ -2336,7 +2340,7 @@ index 8da34a8af53d..f05bc9ca8489 100644
  
  	if (!calculate_sizes(s, -1))
  		goto error;
-@@ -3835,6 +3941,8 @@ void __check_heap_object(const void *ptr, unsigned long n, struct page *page,
+@@ -3838,6 +3944,8 @@ void __check_heap_object(const void *ptr, unsigned long n, struct page *page,
  		offset -= s->red_left_pad;
  	}
  
@@ -2345,7 +2349,7 @@ index 8da34a8af53d..f05bc9ca8489 100644
  	/* Allow address range falling entirely within usercopy region. */
  	if (offset >= s->useroffset &&
  	    offset - s->useroffset <= s->usersize &&
-@@ -3868,7 +3976,11 @@ static size_t __ksize(const void *object)
+@@ -3871,7 +3979,11 @@ static size_t __ksize(const void *object)
  	page = virt_to_head_page(object);
  
  	if (unlikely(!PageSlab(page))) {
@@ -2357,7 +2361,7 @@ index 8da34a8af53d..f05bc9ca8489 100644
  		return PAGE_SIZE << compound_order(page);
  	}
  
-@@ -4728,7 +4840,7 @@ enum slab_stat_type {
+@@ -4731,7 +4843,7 @@ enum slab_stat_type {
  #define SO_TOTAL	(1 << SL_TOTAL)
  
  #ifdef CONFIG_MEMCG
@@ -2367,7 +2371,7 @@ index 8da34a8af53d..f05bc9ca8489 100644
  static int __init setup_slub_memcg_sysfs(char *str)
  {
 diff --git a/mm/swap.c b/mm/swap.c
-index 26fc9b5f1b6c..7c9312ca8982 100644
+index a3fc028e338e..4a1a899e430c 100644
 --- a/mm/swap.c
 +++ b/mm/swap.c
 @@ -93,6 +93,13 @@ static void __put_compound_page(struct page *page)
@@ -2385,10 +2389,10 @@ index 26fc9b5f1b6c..7c9312ca8982 100644
  }
  
 diff --git a/net/core/dev.c b/net/core/dev.c
-index af097ca9cb4f..fda1753e5b65 100644
+index 138951d28643..efc5c650c9d7 100644
 --- a/net/core/dev.c
 +++ b/net/core/dev.c
-@@ -4519,7 +4519,7 @@ int netif_rx_ni(struct sk_buff *skb)
+@@ -4533,7 +4533,7 @@ int netif_rx_ni(struct sk_buff *skb)
  }
  EXPORT_SYMBOL(netif_rx_ni);
  
@@ -2397,7 +2401,7 @@ index af097ca9cb4f..fda1753e5b65 100644
  {
  	struct softnet_data *sd = this_cpu_ptr(&softnet_data);
  
-@@ -6302,7 +6302,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll)
+@@ -6318,7 +6318,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll)
  	return work;
  }
  
@@ -2435,7 +2439,7 @@ index cb0c889e13aa..305f52f58c1a 100644
  	  secure!
  
 diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
-index 5a5b3780456f..01eac2c6e7eb 100644
+index 858cbe56b100..61ade07a967a 100644
 --- a/scripts/mod/modpost.c
 +++ b/scripts/mod/modpost.c
 @@ -35,6 +35,7 @@ static int vmlinux_section_warnings = 1;
@@ -2467,9 +2471,9 @@ index 5a5b3780456f..01eac2c6e7eb 100644
  }
  };
  
-@@ -1229,10 +1237,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
+@@ -1255,10 +1263,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
  			continue;
- 		if (ELF_ST_TYPE(sym->st_info) == STT_SECTION)
+ 		if (!is_valid_name(elf, sym))
  			continue;
 -		if (sym->st_value == addr)
 -			return sym;
@@ -2480,7 +2484,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
  		if (d < 0)
  			d = addr - sym->st_value;
  		if (d < distance) {
-@@ -1391,7 +1399,11 @@ static void report_sec_mismatch(const char *modname,
+@@ -1393,7 +1401,11 @@ static void report_sec_mismatch(const char *modname,
  	char *prl_from;
  	char *prl_to;
  
@@ -2493,7 +2497,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
  	if (!sec_mismatch_verbose)
  		return;
  
-@@ -1515,6 +1527,14 @@ static void report_sec_mismatch(const char *modname,
+@@ -1517,6 +1529,14 @@ static void report_sec_mismatch(const char *modname,
  		fatal("There's a special handler for this mismatch type, "
  		      "we should never get here.");
  		break;
@@ -2508,7 +2512,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
  	}
  	fprintf(stderr, "\n");
  }
-@@ -2526,6 +2546,14 @@ int main(int argc, char **argv)
+@@ -2528,6 +2548,14 @@ int main(int argc, char **argv)
  		}
  	}
  	free(buf.p);
@@ -2670,7 +2674,7 @@ index 8af7a690eb40..6539694b0fd3 100644
 -
 -	  If you are unsure how to answer this question, answer 0.
 diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
-index 3c3878f0d2fa..553e52f19f28 100644
+index 70bad15ed7a0..a157a3d57cdd 100644
 --- a/security/selinux/hooks.c
 +++ b/security/selinux/hooks.c
 @@ -135,18 +135,7 @@ __setup("selinux=", selinux_enabled_setup);
author	V3n3RiX <venerix@redcorelinux.org>	2019-06-19 20:04:14 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2019-06-19 20:04:14 +0100
commit	aab9bd8042722604df21892025dbbabd598cee10 (patch)
tree	1d3940917d064be3a939c937e9a8c648587e8c41 /sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
parent	c8d5bd24241b4ba8b471c0e69c619aa92db19b06 (diff)