Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2014-01-29 08:38:35 -0500
committerAnthony G. Basile <blueness@gentoo.org>2014-01-29 08:38:35 -0500
commitb20249069b74137fd484e147e3ce91898f956db4 (patch)
tree192f2bfc3a2ced33d832fe9960acdaac5d6c5408
parent3.13.0: clean up line numbers (diff)
downloadhardened-patchset-b20249069b74137fd484e147e3ce91898f956db4.tar.gz
hardened-patchset-b20249069b74137fd484e147e3ce91898f956db4.tar.bz2
hardened-patchset-b20249069b74137fd484e147e3ce91898f956db4.zip
Grsec/PaX: 3.0-{3.2.54,3.13.0}-20140128185020140128
Diffstat
-rw-r--r--3.13.0/0000_README2
-rw-r--r--3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch (renamed from 3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch)240
-rw-r--r--3.2.54/0000_README2
-rw-r--r--3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch (renamed from 3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch)141
-rw-r--r--3.2.54/4475_emutramp_default_on.patch2
5 files changed, 269 insertions, 118 deletions
diff --git a/3.13.0/0000_README b/3.13.0/0000_README
index 5bc7414..d5c2b2c 100644
--- a/3.13.0/0000_README
+++ b/3.13.0/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.13.0-201401272348.patch
+Patch: 4420_grsecurity-3.0-3.13.0-201401281848.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch b/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
index fd68ab8..93699a6 100644
--- a/3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch
+++ b/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
@@ -22109,7 +22109,7 @@ index a2a4f46..6cab058 100644
/*
diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
-index 1e96c36..86f2033 100644
+index 1e96c36..3ff710a 100644
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -59,6 +59,8 @@
@@ -22704,7 +22704,26 @@ index 1e96c36..86f2033 100644
je 1f
SWAPGS
/*
-@@ -514,9 +927,52 @@ ENTRY(save_paranoid)
+@@ -483,6 +896,18 @@ ENDPROC(native_usergs_sysret64)
+ 0x06 /* DW_OP_deref */, \
+ 0x08 /* DW_OP_const1u */, SS+8-RBP, \
+ 0x22 /* DW_OP_plus */
++
++#ifdef CONFIG_PAX_MEMORY_UDEREF
++ testb $3, CS(%rdi)
++ jnz 1f
++ pax_enter_kernel
++ jmp 2f
++1: pax_enter_kernel_user
++2:
++#else
++ pax_enter_kernel
++#endif
++
+ /* We entered an interrupt context - irqs are off: */
+ TRACE_IRQS_OFF
+ .endm
+@@ -514,9 +939,52 @@ ENTRY(save_paranoid)
js 1f /* negative -> in kernel */
SWAPGS
xorl %ebx,%ebx
@@ -22759,7 +22778,7 @@ index 1e96c36..86f2033 100644
.popsection
/*
-@@ -538,7 +994,7 @@ ENTRY(ret_from_fork)
+@@ -538,7 +1006,7 @@ ENTRY(ret_from_fork)
RESTORE_REST
@@ -22768,7 +22787,7 @@ index 1e96c36..86f2033 100644
jz 1f
testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
-@@ -548,15 +1004,13 @@ ENTRY(ret_from_fork)
+@@ -548,15 +1016,13 @@ ENTRY(ret_from_fork)
jmp ret_from_sys_call # go to the SYSRET fastpath
1:
@@ -22785,7 +22804,7 @@ index 1e96c36..86f2033 100644
/*
* System call entry. Up to 6 arguments in registers are supported.
-@@ -593,7 +1047,7 @@ END(ret_from_fork)
+@@ -593,7 +1059,7 @@ END(ret_from_fork)
ENTRY(system_call)
CFI_STARTPROC simple
CFI_SIGNAL_FRAME
@@ -22794,7 +22813,7 @@ index 1e96c36..86f2033 100644
CFI_REGISTER rip,rcx
/*CFI_REGISTER rflags,r11*/
SWAPGS_UNSAFE_STACK
-@@ -606,16 +1060,23 @@ GLOBAL(system_call_after_swapgs)
+@@ -606,16 +1072,23 @@ GLOBAL(system_call_after_swapgs)
movq %rsp,PER_CPU_VAR(old_rsp)
movq PER_CPU_VAR(kernel_stack),%rsp
@@ -22820,7 +22839,7 @@ index 1e96c36..86f2033 100644
jnz tracesys
system_call_fastpath:
#if __SYSCALL_MASK == ~0
-@@ -639,10 +1100,13 @@ sysret_check:
+@@ -639,10 +1112,13 @@ sysret_check:
LOCKDEP_SYS_EXIT
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF
@@ -22835,7 +22854,7 @@ index 1e96c36..86f2033 100644
/*
* sysretq will re-enable interrupts:
*/
-@@ -701,6 +1165,9 @@ auditsys:
+@@ -701,6 +1177,9 @@ auditsys:
movq %rax,%rsi /* 2nd arg: syscall number */
movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */
call __audit_syscall_entry
@@ -22845,7 +22864,7 @@ index 1e96c36..86f2033 100644
LOAD_ARGS 0 /* reload call-clobbered registers */
jmp system_call_fastpath
-@@ -722,7 +1189,7 @@ sysret_audit:
+@@ -722,7 +1201,7 @@ sysret_audit:
/* Do syscall tracing */
tracesys:
#ifdef CONFIG_AUDITSYSCALL
@@ -22854,7 +22873,7 @@ index 1e96c36..86f2033 100644
jz auditsys
#endif
SAVE_REST
-@@ -730,12 +1197,15 @@ tracesys:
+@@ -730,12 +1209,15 @@ tracesys:
FIXUP_TOP_OF_STACK %rdi
movq %rsp,%rdi
call syscall_trace_enter
@@ -22871,7 +22890,7 @@ index 1e96c36..86f2033 100644
RESTORE_REST
#if __SYSCALL_MASK == ~0
cmpq $__NR_syscall_max,%rax
-@@ -765,7 +1235,9 @@ GLOBAL(int_with_check)
+@@ -765,7 +1247,9 @@ GLOBAL(int_with_check)
andl %edi,%edx
jnz int_careful
andl $~TS_COMPAT,TI_status(%rcx)
@@ -22882,7 +22901,7 @@ index 1e96c36..86f2033 100644
/* Either reschedule or signal or syscall exit tracking needed. */
/* First do a reschedule test. */
-@@ -811,7 +1283,7 @@ int_restore_rest:
+@@ -811,7 +1295,7 @@ int_restore_rest:
TRACE_IRQS_OFF
jmp int_with_check
CFI_ENDPROC
@@ -22891,7 +22910,7 @@ index 1e96c36..86f2033 100644
.macro FORK_LIKE func
ENTRY(stub_\func)
-@@ -824,9 +1296,10 @@ ENTRY(stub_\func)
+@@ -824,9 +1308,10 @@ ENTRY(stub_\func)
DEFAULT_FRAME 0 8 /* offset 8: return address */
call sys_\func
RESTORE_TOP_OF_STACK %r11, 8
@@ -22904,7 +22923,7 @@ index 1e96c36..86f2033 100644
.endm
.macro FIXED_FRAME label,func
-@@ -836,9 +1309,10 @@ ENTRY(\label)
+@@ -836,9 +1321,10 @@ ENTRY(\label)
FIXUP_TOP_OF_STACK %r11, 8-ARGOFFSET
call \func
RESTORE_TOP_OF_STACK %r11, 8-ARGOFFSET
@@ -22916,7 +22935,7 @@ index 1e96c36..86f2033 100644
.endm
FORK_LIKE clone
-@@ -846,19 +1320,6 @@ END(\label)
+@@ -846,19 +1332,6 @@ END(\label)
FORK_LIKE vfork
FIXED_FRAME stub_iopl, sys_iopl
@@ -22936,7 +22955,7 @@ index 1e96c36..86f2033 100644
ENTRY(stub_execve)
CFI_STARTPROC
addq $8, %rsp
-@@ -870,7 +1331,7 @@ ENTRY(stub_execve)
+@@ -870,7 +1343,7 @@ ENTRY(stub_execve)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -22945,7 +22964,7 @@ index 1e96c36..86f2033 100644
/*
* sigreturn is special because it needs to restore all registers on return.
-@@ -887,7 +1348,7 @@ ENTRY(stub_rt_sigreturn)
+@@ -887,7 +1360,7 @@ ENTRY(stub_rt_sigreturn)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -22954,7 +22973,7 @@ index 1e96c36..86f2033 100644
#ifdef CONFIG_X86_X32_ABI
ENTRY(stub_x32_rt_sigreturn)
-@@ -901,7 +1362,7 @@ ENTRY(stub_x32_rt_sigreturn)
+@@ -901,7 +1374,7 @@ ENTRY(stub_x32_rt_sigreturn)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -22963,7 +22982,7 @@ index 1e96c36..86f2033 100644
ENTRY(stub_x32_execve)
CFI_STARTPROC
-@@ -915,7 +1376,7 @@ ENTRY(stub_x32_execve)
+@@ -915,7 +1388,7 @@ ENTRY(stub_x32_execve)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -22972,7 +22991,7 @@ index 1e96c36..86f2033 100644
#endif
-@@ -952,7 +1413,7 @@ vector=vector+1
+@@ -952,7 +1425,7 @@ vector=vector+1
2: jmp common_interrupt
.endr
CFI_ENDPROC
@@ -22981,7 +23000,7 @@ index 1e96c36..86f2033 100644
.previous
END(interrupt)
-@@ -969,9 +1430,19 @@ END(interrupt)
+@@ -969,8 +1442,8 @@ END(interrupt)
/* 0(%rsp): ~(interrupt number) */
.macro interrupt func
/* reserve pt_regs for scratch regs and rbp */
@@ -22990,20 +23009,9 @@ index 1e96c36..86f2033 100644
+ subq $ORIG_RAX, %rsp
+ CFI_ADJUST_CFA_OFFSET ORIG_RAX
SAVE_ARGS_IRQ
-+#ifdef CONFIG_PAX_MEMORY_UDEREF
-+ testb $3, CS(%rdi)
-+ jnz 1f
-+ pax_enter_kernel
-+ jmp 2f
-+1: pax_enter_kernel_user
-+2:
-+#else
-+ pax_enter_kernel
-+#endif
call \func
.endm
-
-@@ -997,14 +1468,14 @@ ret_from_intr:
+@@ -997,14 +1470,14 @@ ret_from_intr:
/* Restore saved previous stack */
popq %rsi
@@ -23022,7 +23030,7 @@ index 1e96c36..86f2033 100644
je retint_kernel
/* Interrupt came from user space */
-@@ -1026,12 +1497,16 @@ retint_swapgs: /* return to user-space */
+@@ -1026,12 +1499,16 @@ retint_swapgs: /* return to user-space */
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
@@ -23039,7 +23047,7 @@ index 1e96c36..86f2033 100644
/*
* The iretq could re-enable interrupts:
*/
-@@ -1112,7 +1587,7 @@ ENTRY(retint_kernel)
+@@ -1112,7 +1589,7 @@ ENTRY(retint_kernel)
#endif
CFI_ENDPROC
@@ -23048,7 +23056,7 @@ index 1e96c36..86f2033 100644
/*
* End of kprobes section
*/
-@@ -1130,7 +1605,7 @@ ENTRY(\sym)
+@@ -1130,7 +1607,7 @@ ENTRY(\sym)
interrupt \do_sym
jmp ret_from_intr
CFI_ENDPROC
@@ -23057,7 +23065,7 @@ index 1e96c36..86f2033 100644
.endm
#ifdef CONFIG_TRACING
-@@ -1218,7 +1693,7 @@ ENTRY(\sym)
+@@ -1218,7 +1695,7 @@ ENTRY(\sym)
call \do_sym
jmp error_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -23066,7 +23074,7 @@ index 1e96c36..86f2033 100644
.endm
.macro paranoidzeroentry sym do_sym
-@@ -1236,10 +1711,10 @@ ENTRY(\sym)
+@@ -1236,10 +1713,10 @@ ENTRY(\sym)
call \do_sym
jmp paranoid_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -23079,7 +23087,7 @@ index 1e96c36..86f2033 100644
.macro paranoidzeroentry_ist sym do_sym ist
ENTRY(\sym)
INTR_FRAME
-@@ -1252,12 +1727,18 @@ ENTRY(\sym)
+@@ -1252,12 +1729,18 @@ ENTRY(\sym)
TRACE_IRQS_OFF_DEBUG
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
@@ -23099,7 +23107,7 @@ index 1e96c36..86f2033 100644
.endm
.macro errorentry sym do_sym
-@@ -1275,7 +1756,7 @@ ENTRY(\sym)
+@@ -1275,7 +1758,7 @@ ENTRY(\sym)
call \do_sym
jmp error_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -23108,7 +23116,7 @@ index 1e96c36..86f2033 100644
.endm
#ifdef CONFIG_TRACING
-@@ -1306,7 +1787,7 @@ ENTRY(\sym)
+@@ -1306,7 +1789,7 @@ ENTRY(\sym)
call \do_sym
jmp paranoid_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -23117,7 +23125,7 @@ index 1e96c36..86f2033 100644
.endm
zeroentry divide_error do_divide_error
-@@ -1336,9 +1817,10 @@ gs_change:
+@@ -1336,9 +1819,10 @@ gs_change:
2: mfence /* workaround */
SWAPGS
popfq_cfi
@@ -23129,7 +23137,7 @@ index 1e96c36..86f2033 100644
_ASM_EXTABLE(gs_change,bad_gs)
.section .fixup,"ax"
-@@ -1366,9 +1848,10 @@ ENTRY(do_softirq_own_stack)
+@@ -1366,9 +1850,10 @@ ENTRY(do_softirq_own_stack)
CFI_DEF_CFA_REGISTER rsp
CFI_ADJUST_CFA_OFFSET -8
decl PER_CPU_VAR(irq_count)
@@ -23141,7 +23149,7 @@ index 1e96c36..86f2033 100644
#ifdef CONFIG_XEN
zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
-@@ -1406,7 +1889,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
+@@ -1406,7 +1891,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
decl PER_CPU_VAR(irq_count)
jmp error_exit
CFI_ENDPROC
@@ -23150,7 +23158,7 @@ index 1e96c36..86f2033 100644
/*
* Hypervisor uses this for application faults while it executes.
-@@ -1465,7 +1948,7 @@ ENTRY(xen_failsafe_callback)
+@@ -1465,7 +1950,7 @@ ENTRY(xen_failsafe_callback)
SAVE_ALL
jmp error_exit
CFI_ENDPROC
@@ -23159,7 +23167,7 @@ index 1e96c36..86f2033 100644
apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \
xen_hvm_callback_vector xen_evtchn_do_upcall
-@@ -1517,18 +2000,33 @@ ENTRY(paranoid_exit)
+@@ -1517,18 +2002,33 @@ ENTRY(paranoid_exit)
DEFAULT_FRAME
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF_DEBUG
@@ -23195,7 +23203,7 @@ index 1e96c36..86f2033 100644
jmp irq_return
paranoid_userspace:
GET_THREAD_INFO(%rcx)
-@@ -1557,7 +2055,7 @@ paranoid_schedule:
+@@ -1557,7 +2057,7 @@ paranoid_schedule:
TRACE_IRQS_OFF
jmp paranoid_userspace
CFI_ENDPROC
@@ -23204,7 +23212,7 @@ index 1e96c36..86f2033 100644
/*
* Exception entry point. This expects an error code/orig_rax on the stack.
-@@ -1584,12 +2082,23 @@ ENTRY(error_entry)
+@@ -1584,12 +2084,23 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
@@ -23229,7 +23237,7 @@ index 1e96c36..86f2033 100644
ret
/*
-@@ -1616,7 +2125,7 @@ bstep_iret:
+@@ -1616,7 +2127,7 @@ bstep_iret:
movq %rcx,RIP+8(%rsp)
jmp error_swapgs
CFI_ENDPROC
@@ -23238,7 +23246,7 @@ index 1e96c36..86f2033 100644
/* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
-@@ -1627,7 +2136,7 @@ ENTRY(error_exit)
+@@ -1627,7 +2138,7 @@ ENTRY(error_exit)
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF
GET_THREAD_INFO(%rcx)
@@ -23247,7 +23255,7 @@ index 1e96c36..86f2033 100644
jne retint_kernel
LOCKDEP_SYS_EXIT_IRQ
movl TI_flags(%rcx),%edx
-@@ -1636,7 +2145,7 @@ ENTRY(error_exit)
+@@ -1636,7 +2147,7 @@ ENTRY(error_exit)
jnz retint_careful
jmp retint_swapgs
CFI_ENDPROC
@@ -23256,7 +23264,7 @@ index 1e96c36..86f2033 100644
/*
* Test if a given stack is an NMI stack or not.
-@@ -1694,9 +2203,11 @@ ENTRY(nmi)
+@@ -1694,9 +2205,11 @@ ENTRY(nmi)
* If %cs was not the kernel segment, then the NMI triggered in user
* space, which means it is definitely not nested.
*/
@@ -23269,7 +23277,7 @@ index 1e96c36..86f2033 100644
/*
* Check the special variable on the stack to see if NMIs are
* executing.
-@@ -1730,8 +2241,7 @@ nested_nmi:
+@@ -1730,8 +2243,7 @@ nested_nmi:
1:
/* Set up the interrupted NMIs stack to jump to repeat_nmi */
@@ -23279,7 +23287,7 @@ index 1e96c36..86f2033 100644
CFI_ADJUST_CFA_OFFSET 1*8
leaq -10*8(%rsp), %rdx
pushq_cfi $__KERNEL_DS
-@@ -1749,6 +2259,7 @@ nested_nmi_out:
+@@ -1749,6 +2261,7 @@ nested_nmi_out:
CFI_RESTORE rdx
/* No need to check faults here */
@@ -23287,7 +23295,7 @@ index 1e96c36..86f2033 100644
INTERRUPT_RETURN
CFI_RESTORE_STATE
-@@ -1845,13 +2356,13 @@ end_repeat_nmi:
+@@ -1845,13 +2358,13 @@ end_repeat_nmi:
subq $ORIG_RAX-R15, %rsp
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
/*
@@ -23303,7 +23311,7 @@ index 1e96c36..86f2033 100644
DEFAULT_FRAME 0
/*
-@@ -1861,9 +2372,9 @@ end_repeat_nmi:
+@@ -1861,9 +2374,9 @@ end_repeat_nmi:
* NMI itself takes a page fault, the page fault that was preempted
* will read the information from the NMI page fault and not the
* origin fault. Save it off and restore it if it changes.
@@ -23315,7 +23323,7 @@ index 1e96c36..86f2033 100644
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
-@@ -1872,31 +2383,36 @@ end_repeat_nmi:
+@@ -1872,31 +2385,36 @@ end_repeat_nmi:
/* Did the NMI take a page fault? Restore cr2 if it did */
movq %cr2, %rcx
@@ -60888,6 +60896,81 @@ index 00ad1c2..2fde15e 100644
}
void nfs_fattr_init(struct nfs_fattr *fattr)
+diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
+index b4a160a..2b9bfba 100644
+--- a/fs/nfs/nfs4client.c
++++ b/fs/nfs/nfs4client.c
+@@ -409,13 +409,11 @@ struct nfs_client *nfs4_init_client(struct nfs_client *clp,
+ error = nfs4_discover_server_trunking(clp, &old);
+ if (error < 0)
+ goto error;
+- nfs_put_client(clp);
+- if (clp != old) {
++
++ if (clp != old)
+ clp->cl_preserve_clid = true;
+- clp = old;
+- }
+-
+- return clp;
++ nfs_put_client(clp);
++ return old;
+
+ error:
+ nfs_mark_client_ready(clp, error);
+@@ -493,9 +491,10 @@ int nfs40_walk_client_list(struct nfs_client *new,
+ prev = pos;
+
+ status = nfs_wait_client_init_complete(pos);
+- spin_lock(&nn->nfs_client_lock);
+ if (status < 0)
+- continue;
++ goto out;
++ status = -NFS4ERR_STALE_CLIENTID;
++ spin_lock(&nn->nfs_client_lock);
+ }
+ if (pos->cl_cons_state != NFS_CS_READY)
+ continue;
+@@ -633,7 +632,8 @@ int nfs41_walk_client_list(struct nfs_client *new,
+ }
+ spin_lock(&nn->nfs_client_lock);
+ if (status < 0)
+- continue;
++ break;
++ status = -NFS4ERR_STALE_CLIENTID;
+ }
+ if (pos->cl_cons_state != NFS_CS_READY)
+ continue;
+diff --git a/fs/nfs/write.c b/fs/nfs/write.c
+index c1d5482..6a85038 100644
+--- a/fs/nfs/write.c
++++ b/fs/nfs/write.c
+@@ -922,19 +922,20 @@ out:
+ * extend the write to cover the entire page in order to avoid fragmentation
+ * inefficiencies.
+ *
+- * If the file is opened for synchronous writes or if we have a write delegation
+- * from the server then we can just skip the rest of the checks.
++ * If the file is opened for synchronous writes then we can just skip the rest
++ * of the checks.
+ */
+ static int nfs_can_extend_write(struct file *file, struct page *page, struct inode *inode)
+ {
+ if (file->f_flags & O_DSYNC)
+ return 0;
++ if (!nfs_write_pageuptodate(page, inode))
++ return 0;
+ if (NFS_PROTO(inode)->have_delegation(inode, FMODE_WRITE))
+ return 1;
+- if (nfs_write_pageuptodate(page, inode) && (inode->i_flock == NULL ||
+- (inode->i_flock->fl_start == 0 &&
++ if (inode->i_flock == NULL || (inode->i_flock->fl_start == 0 &&
+ inode->i_flock->fl_end == OFFSET_MAX &&
+- inode->i_flock->fl_type != F_RDLCK)))
++ inode->i_flock->fl_type != F_RDLCK))
+ return 1;
+ return 0;
+ }
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 419572f..5414a23 100644
--- a/fs/nfsd/nfs4proc.c
@@ -61054,7 +61137,7 @@ index e7bc1d7..06bd4bb 100644
}
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
-index e44cb64..4807084 100644
+index e44cb64..7668ca4 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -253,8 +253,8 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
@@ -61068,6 +61151,18 @@ index e44cb64..4807084 100644
goto out_close_fd;
ret = prepare_for_access_response(group, event, fd);
+@@ -888,9 +888,9 @@ COMPAT_SYSCALL_DEFINE6(fanotify_mark,
+ {
+ return sys_fanotify_mark(fanotify_fd, flags,
+ #ifdef __BIG_ENDIAN
+- ((__u64)mask1 << 32) | mask0,
+-#else
+ ((__u64)mask0 << 32) | mask1,
++#else
++ ((__u64)mask1 << 32) | mask0,
+ #endif
+ dfd, pathname);
+ }
diff --git a/fs/notify/notification.c b/fs/notify/notification.c
index 7b51b05..5ea5ef6 100644
--- a/fs/notify/notification.c
@@ -80321,7 +80416,7 @@ index 429c199..4d42e38 100644
/* shm_mode upper byte flags */
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
-index 6f69b3f..335b9b1 100644
+index 6f69b3f..71ac613 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -643,7 +643,7 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from,
@@ -80360,6 +80455,15 @@ index 6f69b3f..335b9b1 100644
}
/**
+@@ -1686,7 +1686,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb)
+ return skb->inner_transport_header - skb->inner_network_header;
+ }
+
+-static inline int skb_network_offset(const struct sk_buff *skb)
++static inline int __intentional_overflow(0) skb_network_offset(const struct sk_buff *skb)
+ {
+ return skb_network_header(skb) - skb->data;
+ }
@@ -1746,7 +1746,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
*/
@@ -100164,7 +100268,7 @@ index 008cdad..6f17474 100644
/* make a copy for the caller */
*handle = ctxh;
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
-index f09b7db..262b98a 100644
+index f09b7db..393c39e 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -1415,7 +1415,9 @@ call_start(struct rpc_task *task)
@@ -100178,6 +100282,22 @@ index f09b7db..262b98a 100644
clnt->cl_stats->rpccnt++;
task->tk_action = call_reserve;
}
+@@ -1529,9 +1531,13 @@ call_refreshresult(struct rpc_task *task)
+ task->tk_action = call_refresh;
+ switch (status) {
+ case 0:
+- if (rpcauth_uptodatecred(task))
++ if (rpcauth_uptodatecred(task)) {
+ task->tk_action = call_allocate;
+- return;
++ return;
++ }
++ /* Use rate-limiting and a max number of retries if refresh
++ * had status 0 but failed to update the cred.
++ */
+ case -ETIMEDOUT:
+ rpc_delay(task, 3*HZ);
+ case -EAGAIN:
diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
index ff3cc4b..7612a9e 100644
--- a/net/sunrpc/sched.c
diff --git a/3.2.54/0000_README b/3.2.54/0000_README
index 2c130eb..1673fee 100644
--- a/3.2.54/0000_README
+++ b/3.2.54/0000_README
@@ -134,7 +134,7 @@ Patch: 1053_linux-3.2.54.patch
From: http://www.kernel.org
Desc: Linux 3.2.54
-Patch: 4420_grsecurity-3.0-3.2.54-201401272346.patch
+Patch: 4420_grsecurity-3.0-3.2.54-201401281850.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch b/3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch
index 3607efc..70f1c6f 100644
--- a/3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch
+++ b/3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch
@@ -18505,7 +18505,7 @@ index d2d488b8..a4f589f 100644
/*
diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
-index 6274f5f..5eb09cb 100644
+index 6274f5f..7b23dca 100644
--- a/arch/x86/kernel/entry_64.S
+++ b/arch/x86/kernel/entry_64.S
@@ -55,6 +55,8 @@
@@ -18918,7 +18918,24 @@ index 6274f5f..5eb09cb 100644
je 1f
SWAPGS
/*
-@@ -345,19 +633,22 @@ ENDPROC(native_usergs_sysret64)
+@@ -340,24 +628,39 @@ ENDPROC(native_usergs_sysret64)
+ 0x06 /* DW_OP_deref */, \
+ 0x08 /* DW_OP_const1u */, SS+8-RBP, \
+ 0x22 /* DW_OP_plus */
++
++#ifdef CONFIG_PAX_MEMORY_UDEREF
++ testb $3, CS(%rdi)
++ jnz 1f
++ pax_enter_kernel
++ jmp 2f
++1: pax_enter_kernel_user
++2:
++#else
++ pax_enter_kernel
++#endif
++
+ /* We entered an interrupt context - irqs are off: */
+ TRACE_IRQS_OFF
.endm
ENTRY(save_rest)
@@ -18945,7 +18962,7 @@ index 6274f5f..5eb09cb 100644
/* save complete stack frame */
.pushsection .kprobes.text, "ax"
-@@ -386,10 +677,21 @@ ENTRY(save_paranoid)
+@@ -386,10 +689,21 @@ ENTRY(save_paranoid)
js 1f /* negative -> in kernel */
SWAPGS
xorl %ebx,%ebx
@@ -18970,7 +18987,7 @@ index 6274f5f..5eb09cb 100644
/*
* A newly forked process directly context switches into this address.
-@@ -410,7 +712,7 @@ ENTRY(ret_from_fork)
+@@ -410,7 +724,7 @@ ENTRY(ret_from_fork)
RESTORE_REST
@@ -18979,7 +18996,7 @@ index 6274f5f..5eb09cb 100644
je int_ret_from_sys_call
testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
-@@ -420,7 +722,7 @@ ENTRY(ret_from_fork)
+@@ -420,7 +734,7 @@ ENTRY(ret_from_fork)
jmp ret_from_sys_call # go to the SYSRET fastpath
CFI_ENDPROC
@@ -18988,7 +19005,7 @@ index 6274f5f..5eb09cb 100644
/*
* System call entry. Up to 6 arguments in registers are supported.
-@@ -456,7 +758,7 @@ END(ret_from_fork)
+@@ -456,7 +770,7 @@ END(ret_from_fork)
ENTRY(system_call)
CFI_STARTPROC simple
CFI_SIGNAL_FRAME
@@ -18997,7 +19014,7 @@ index 6274f5f..5eb09cb 100644
CFI_REGISTER rip,rcx
/*CFI_REGISTER rflags,r11*/
SWAPGS_UNSAFE_STACK
-@@ -469,12 +771,18 @@ ENTRY(system_call_after_swapgs)
+@@ -469,12 +783,18 @@ ENTRY(system_call_after_swapgs)
movq %rsp,PER_CPU_VAR(old_rsp)
movq PER_CPU_VAR(kernel_stack),%rsp
@@ -19017,7 +19034,7 @@ index 6274f5f..5eb09cb 100644
movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
movq %rcx,RIP-ARGOFFSET(%rsp)
CFI_REL_OFFSET rip,RIP-ARGOFFSET
-@@ -503,6 +811,8 @@ sysret_check:
+@@ -503,6 +823,8 @@ sysret_check:
andl %edi,%edx
jnz sysret_careful
CFI_REMEMBER_STATE
@@ -19026,7 +19043,7 @@ index 6274f5f..5eb09cb 100644
/*
* sysretq will re-enable interrupts:
*/
-@@ -561,6 +871,9 @@ auditsys:
+@@ -561,6 +883,9 @@ auditsys:
movq %rax,%rsi /* 2nd arg: syscall number */
movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */
call audit_syscall_entry
@@ -19036,7 +19053,7 @@ index 6274f5f..5eb09cb 100644
LOAD_ARGS 0 /* reload call-clobbered registers */
jmp system_call_fastpath
-@@ -591,12 +904,15 @@ tracesys:
+@@ -591,12 +916,15 @@ tracesys:
FIXUP_TOP_OF_STACK %rdi
movq %rsp,%rdi
call syscall_trace_enter
@@ -19053,7 +19070,7 @@ index 6274f5f..5eb09cb 100644
RESTORE_REST
cmpq $__NR_syscall_max,%rax
ja int_ret_from_sys_call /* RAX(%rsp) set to -ENOSYS above */
-@@ -612,7 +928,7 @@ tracesys:
+@@ -612,7 +940,7 @@ tracesys:
GLOBAL(int_ret_from_sys_call)
DISABLE_INTERRUPTS(CLBR_NONE)
TRACE_IRQS_OFF
@@ -19062,7 +19079,7 @@ index 6274f5f..5eb09cb 100644
je retint_restore_args
movl $_TIF_ALLWORK_MASK,%edi
/* edi: mask to check */
-@@ -623,7 +939,9 @@ GLOBAL(int_with_check)
+@@ -623,7 +951,9 @@ GLOBAL(int_with_check)
andl %edi,%edx
jnz int_careful
andl $~TS_COMPAT,TI_status(%rcx)
@@ -19073,7 +19090,7 @@ index 6274f5f..5eb09cb 100644
/* Either reschedule or signal or syscall exit tracking needed. */
/* First do a reschedule test. */
-@@ -669,7 +987,7 @@ int_restore_rest:
+@@ -669,7 +999,7 @@ int_restore_rest:
TRACE_IRQS_OFF
jmp int_with_check
CFI_ENDPROC
@@ -19082,7 +19099,7 @@ index 6274f5f..5eb09cb 100644
/*
* Certain special system calls that need to save a complete full stack frame.
-@@ -677,15 +995,13 @@ END(system_call)
+@@ -677,15 +1007,13 @@ END(system_call)
.macro PTREGSCALL label,func,arg
ENTRY(\label)
PARTIAL_FRAME 1 8 /* offset 8: return address */
@@ -19099,7 +19116,7 @@ index 6274f5f..5eb09cb 100644
.endm
PTREGSCALL stub_clone, sys_clone, %r8
-@@ -700,12 +1016,17 @@ ENTRY(ptregscall_common)
+@@ -700,12 +1028,17 @@ ENTRY(ptregscall_common)
movq_cfi_restore R15+8, r15
movq_cfi_restore R14+8, r14
movq_cfi_restore R13+8, r13
@@ -19119,7 +19136,7 @@ index 6274f5f..5eb09cb 100644
ENTRY(stub_execve)
CFI_STARTPROC
-@@ -720,7 +1041,7 @@ ENTRY(stub_execve)
+@@ -720,7 +1053,7 @@ ENTRY(stub_execve)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -19128,7 +19145,7 @@ index 6274f5f..5eb09cb 100644
/*
* sigreturn is special because it needs to restore all registers on return.
-@@ -738,7 +1059,7 @@ ENTRY(stub_rt_sigreturn)
+@@ -738,7 +1071,7 @@ ENTRY(stub_rt_sigreturn)
RESTORE_REST
jmp int_ret_from_sys_call
CFI_ENDPROC
@@ -19137,7 +19154,7 @@ index 6274f5f..5eb09cb 100644
/*
* Build the entry stubs and pointer table with some assembler magic.
-@@ -773,7 +1094,7 @@ vector=vector+1
+@@ -773,7 +1106,7 @@ vector=vector+1
2: jmp common_interrupt
.endr
CFI_ENDPROC
@@ -19146,7 +19163,7 @@ index 6274f5f..5eb09cb 100644
.previous
END(interrupt)
-@@ -790,9 +1111,19 @@ END(interrupt)
+@@ -790,8 +1123,8 @@ END(interrupt)
/* 0(%rsp): ~(interrupt number) */
.macro interrupt func
/* reserve pt_regs for scratch regs and rbp */
@@ -19155,20 +19172,9 @@ index 6274f5f..5eb09cb 100644
+ subq $ORIG_RAX, %rsp
+ CFI_ADJUST_CFA_OFFSET ORIG_RAX
SAVE_ARGS_IRQ
-+#ifdef CONFIG_PAX_MEMORY_UDEREF
-+ testb $3, CS(%rdi)
-+ jnz 1f
-+ pax_enter_kernel
-+ jmp 2f
-+1: pax_enter_kernel_user
-+2:
-+#else
-+ pax_enter_kernel
-+#endif
call \func
.endm
-
-@@ -818,13 +1149,13 @@ ret_from_intr:
+@@ -818,13 +1151,13 @@ ret_from_intr:
/* Restore saved previous stack */
popq %rsi
CFI_DEF_CFA_REGISTER rsi
@@ -19185,7 +19191,7 @@ index 6274f5f..5eb09cb 100644
je retint_kernel
/* Interrupt came from user space */
-@@ -846,12 +1177,16 @@ retint_swapgs: /* return to user-space */
+@@ -846,12 +1179,16 @@ retint_swapgs: /* return to user-space */
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
@@ -19202,7 +19208,7 @@ index 6274f5f..5eb09cb 100644
/*
* The iretq could re-enable interrupts:
*/
-@@ -940,7 +1275,7 @@ ENTRY(retint_kernel)
+@@ -940,7 +1277,7 @@ ENTRY(retint_kernel)
#endif
CFI_ENDPROC
@@ -19211,7 +19217,7 @@ index 6274f5f..5eb09cb 100644
/*
* End of kprobes section
*/
-@@ -956,7 +1291,7 @@ ENTRY(\sym)
+@@ -956,7 +1293,7 @@ ENTRY(\sym)
interrupt \do_sym
jmp ret_from_intr
CFI_ENDPROC
@@ -19220,7 +19226,7 @@ index 6274f5f..5eb09cb 100644
.endm
#ifdef CONFIG_SMP
-@@ -1026,7 +1361,7 @@ ENTRY(\sym)
+@@ -1026,7 +1363,7 @@ ENTRY(\sym)
call \do_sym
jmp error_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -19229,7 +19235,7 @@ index 6274f5f..5eb09cb 100644
.endm
.macro paranoidzeroentry sym do_sym
-@@ -1043,10 +1378,10 @@ ENTRY(\sym)
+@@ -1043,10 +1380,10 @@ ENTRY(\sym)
call \do_sym
jmp paranoid_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -19242,7 +19248,7 @@ index 6274f5f..5eb09cb 100644
.macro paranoidzeroentry_ist sym do_sym ist
ENTRY(\sym)
INTR_FRAME
-@@ -1058,12 +1393,18 @@ ENTRY(\sym)
+@@ -1058,12 +1395,18 @@ ENTRY(\sym)
TRACE_IRQS_OFF
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
@@ -19262,7 +19268,7 @@ index 6274f5f..5eb09cb 100644
.endm
.macro errorentry sym do_sym
-@@ -1080,7 +1421,7 @@ ENTRY(\sym)
+@@ -1080,7 +1423,7 @@ ENTRY(\sym)
call \do_sym
jmp error_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -19271,7 +19277,7 @@ index 6274f5f..5eb09cb 100644
.endm
/* error code is on the stack already */
-@@ -1099,7 +1440,7 @@ ENTRY(\sym)
+@@ -1099,7 +1442,7 @@ ENTRY(\sym)
call \do_sym
jmp paranoid_exit /* %ebx: no swapgs flag */
CFI_ENDPROC
@@ -19280,7 +19286,7 @@ index 6274f5f..5eb09cb 100644
.endm
zeroentry divide_error do_divide_error
-@@ -1129,9 +1470,10 @@ gs_change:
+@@ -1129,9 +1472,10 @@ gs_change:
2: mfence /* workaround */
SWAPGS
popfq_cfi
@@ -19292,7 +19298,7 @@ index 6274f5f..5eb09cb 100644
.section __ex_table,"a"
.align 8
-@@ -1153,13 +1495,14 @@ ENTRY(kernel_thread_helper)
+@@ -1153,13 +1497,14 @@ ENTRY(kernel_thread_helper)
* Here we are in the child and the registers are set as they were
* at kernel_thread() invocation in the parent.
*/
@@ -19308,7 +19314,7 @@ index 6274f5f..5eb09cb 100644
/*
* execve(). This function needs to use IRET, not SYSRET, to set up all state properly.
-@@ -1186,11 +1529,11 @@ ENTRY(kernel_execve)
+@@ -1186,11 +1531,11 @@ ENTRY(kernel_execve)
RESTORE_REST
testq %rax,%rax
je int_ret_from_sys_call
@@ -19322,7 +19328,7 @@ index 6274f5f..5eb09cb 100644
/* Call softirq on interrupt stack. Interrupts are off. */
ENTRY(call_softirq)
-@@ -1208,9 +1551,10 @@ ENTRY(call_softirq)
+@@ -1208,9 +1553,10 @@ ENTRY(call_softirq)
CFI_DEF_CFA_REGISTER rsp
CFI_ADJUST_CFA_OFFSET -8
decl PER_CPU_VAR(irq_count)
@@ -19334,7 +19340,7 @@ index 6274f5f..5eb09cb 100644
#ifdef CONFIG_XEN
zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
-@@ -1248,7 +1592,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
+@@ -1248,7 +1594,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
decl PER_CPU_VAR(irq_count)
jmp error_exit
CFI_ENDPROC
@@ -19343,7 +19349,7 @@ index 6274f5f..5eb09cb 100644
/*
* Hypervisor uses this for application faults while it executes.
-@@ -1307,7 +1651,7 @@ ENTRY(xen_failsafe_callback)
+@@ -1307,7 +1653,7 @@ ENTRY(xen_failsafe_callback)
SAVE_ALL
jmp error_exit
CFI_ENDPROC
@@ -19352,7 +19358,7 @@ index 6274f5f..5eb09cb 100644
apicinterrupt XEN_HVM_EVTCHN_CALLBACK \
xen_hvm_callback_vector xen_evtchn_do_upcall
-@@ -1356,16 +1700,31 @@ ENTRY(paranoid_exit)
+@@ -1356,16 +1702,31 @@ ENTRY(paranoid_exit)
TRACE_IRQS_OFF
testl %ebx,%ebx /* swapgs needed? */
jnz paranoid_restore
@@ -19385,7 +19391,7 @@ index 6274f5f..5eb09cb 100644
jmp irq_return
paranoid_userspace:
GET_THREAD_INFO(%rcx)
-@@ -1394,7 +1753,7 @@ paranoid_schedule:
+@@ -1394,7 +1755,7 @@ paranoid_schedule:
TRACE_IRQS_OFF
jmp paranoid_userspace
CFI_ENDPROC
@@ -19394,7 +19400,7 @@ index 6274f5f..5eb09cb 100644
/*
* Exception entry point. This expects an error code/orig_rax on the stack.
-@@ -1421,12 +1780,23 @@ ENTRY(error_entry)
+@@ -1421,12 +1782,23 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
@@ -19419,7 +19425,7 @@ index 6274f5f..5eb09cb 100644
ret
/*
-@@ -1453,7 +1823,7 @@ bstep_iret:
+@@ -1453,7 +1825,7 @@ bstep_iret:
movq %rcx,RIP+8(%rsp)
jmp error_swapgs
CFI_ENDPROC
@@ -19428,7 +19434,7 @@ index 6274f5f..5eb09cb 100644
/* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
-@@ -1473,7 +1843,7 @@ ENTRY(error_exit)
+@@ -1473,7 +1845,7 @@ ENTRY(error_exit)
jnz retint_careful
jmp retint_swapgs
CFI_ENDPROC
@@ -19437,7 +19443,7 @@ index 6274f5f..5eb09cb 100644
/* runs on exception stack */
-@@ -1485,6 +1855,7 @@ ENTRY(nmi)
+@@ -1485,6 +1857,7 @@ ENTRY(nmi)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
DEFAULT_FRAME 0
@@ -19445,7 +19451,7 @@ index 6274f5f..5eb09cb 100644
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
movq $-1,%rsi
-@@ -1495,12 +1866,28 @@ ENTRY(nmi)
+@@ -1495,12 +1868,28 @@ ENTRY(nmi)
DISABLE_INTERRUPTS(CLBR_NONE)
testl %ebx,%ebx /* swapgs needed? */
jnz nmi_restore
@@ -19475,7 +19481,7 @@ index 6274f5f..5eb09cb 100644
jmp irq_return
nmi_userspace:
GET_THREAD_INFO(%rcx)
-@@ -1529,14 +1916,14 @@ nmi_schedule:
+@@ -1529,14 +1918,14 @@ nmi_schedule:
jmp paranoid_exit
CFI_ENDPROC
#endif
@@ -78391,7 +78397,7 @@ index 92808b8..c28cac4 100644
/* shm_mode upper byte flags */
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
-index 85180bf..cc75886 100644
+index 85180bf..78919aa 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -538,7 +538,7 @@ extern void consume_skb(struct sk_buff *skb);
@@ -78430,6 +78436,15 @@ index 85180bf..cc75886 100644
}
/**
+@@ -1506,7 +1506,7 @@ static inline u32 skb_network_header_len(const struct sk_buff *skb)
+ return skb->transport_header - skb->network_header;
+ }
+
+-static inline int skb_network_offset(const struct sk_buff *skb)
++static inline int __intentional_overflow(0) skb_network_offset(const struct sk_buff *skb)
+ {
+ return skb_network_header(skb) - skb->data;
+ }
@@ -1561,7 +1561,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
*/
@@ -100385,7 +100400,7 @@ index d4faade..1c51abc 100644
set_fs(KERNEL_DS);
if (level == SOL_SOCKET)
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
-index b2250da..db374b7 100644
+index b2250da..2680674 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -163,10 +163,8 @@ static struct rpc_clnt * rpc_new_client(const struct rpc_create_args *args, stru
@@ -100423,6 +100438,22 @@ index b2250da..db374b7 100644
clnt->cl_stats->rpccnt++;
task->tk_action = call_reserve;
}
+@@ -1002,9 +1001,13 @@ call_refreshresult(struct rpc_task *task)
+ task->tk_action = call_refresh;
+ switch (status) {
+ case 0:
+- if (rpcauth_uptodatecred(task))
++ if (rpcauth_uptodatecred(task)) {
+ task->tk_action = call_allocate;
+- return;
++ return;
++ }
++ /* Use rate-limiting and a max number of retries if refresh
++ * had status 0 but failed to update the cred.
++ */
+ case -ETIMEDOUT:
+ rpc_delay(task, 3*HZ);
+ case -EAGAIN:
diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
index bfddd68..567429b 100644
--- a/net/sunrpc/rpc_pipe.c
diff --git a/3.2.54/4475_emutramp_default_on.patch b/3.2.54/4475_emutramp_default_on.patch
index cfde6f8..df700e6 100644
--- a/3.2.54/4475_emutramp_default_on.patch
+++ b/3.2.54/4475_emutramp_default_on.patch
@@ -10,7 +10,7 @@ See bug:
diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig
--- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400
+++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400
-@@ -427,7 +427,7 @@
+@@ -426,7 +426,7 @@
config PAX_EMUTRAMP
bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86)