aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'kernel')
-rw-r--r--kernel/cgroup.c1
-rw-r--r--kernel/futex.c27
-rw-r--r--kernel/kfifo.c107
-rw-r--r--kernel/kmod.c12
-rw-r--r--kernel/module.c17
-rw-r--r--kernel/signal.c3
-rw-r--r--kernel/smp.c2
-rw-r--r--kernel/trace/ftrace.c6
-rw-r--r--kernel/trace/ring_buffer.c4
-rw-r--r--kernel/trace/trace_events_filter.c29
10 files changed, 132 insertions, 76 deletions
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 0249f4be9b5c..1fbcc748044a 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -2468,7 +2468,6 @@ static struct cgroup_pidlist *cgroup_pidlist_find(struct cgroup *cgrp,
2468 /* make sure l doesn't vanish out from under us */ 2468 /* make sure l doesn't vanish out from under us */
2469 down_write(&l->mutex); 2469 down_write(&l->mutex);
2470 mutex_unlock(&cgrp->pidlist_mutex); 2470 mutex_unlock(&cgrp->pidlist_mutex);
2471 l->use_count++;
2472 return l; 2471 return l;
2473 } 2472 }
2474 } 2473 }
diff --git a/kernel/futex.c b/kernel/futex.c
index 8e3c3ffe1b9a..d9b3a2228f9d 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -203,8 +203,6 @@ static void drop_futex_key_refs(union futex_key *key)
203 * @uaddr: virtual address of the futex 203 * @uaddr: virtual address of the futex
204 * @fshared: 0 for a PROCESS_PRIVATE futex, 1 for PROCESS_SHARED 204 * @fshared: 0 for a PROCESS_PRIVATE futex, 1 for PROCESS_SHARED
205 * @key: address where result is stored. 205 * @key: address where result is stored.
206 * @rw: mapping needs to be read/write (values: VERIFY_READ,
207 * VERIFY_WRITE)
208 * 206 *
209 * Returns a negative error code or 0 207 * Returns a negative error code or 0
210 * The key words are stored in *key on success. 208 * The key words are stored in *key on success.
@@ -216,7 +214,7 @@ static void drop_futex_key_refs(union futex_key *key)
216 * lock_page() might sleep, the caller should not hold a spinlock. 214 * lock_page() might sleep, the caller should not hold a spinlock.
217 */ 215 */
218static int 216static int
219get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw) 217get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key)
220{ 218{
221 unsigned long address = (unsigned long)uaddr; 219 unsigned long address = (unsigned long)uaddr;
222 struct mm_struct *mm = current->mm; 220 struct mm_struct *mm = current->mm;
@@ -239,7 +237,7 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
239 * but access_ok() should be faster than find_vma() 237 * but access_ok() should be faster than find_vma()
240 */ 238 */
241 if (!fshared) { 239 if (!fshared) {
242 if (unlikely(!access_ok(rw, uaddr, sizeof(u32)))) 240 if (unlikely(!access_ok(VERIFY_WRITE, uaddr, sizeof(u32))))
243 return -EFAULT; 241 return -EFAULT;
244 key->private.mm = mm; 242 key->private.mm = mm;
245 key->private.address = address; 243 key->private.address = address;
@@ -248,7 +246,7 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
248 } 246 }
249 247
250again: 248again:
251 err = get_user_pages_fast(address, 1, rw == VERIFY_WRITE, &page); 249 err = get_user_pages_fast(address, 1, 1, &page);
252 if (err < 0) 250 if (err < 0)
253 return err; 251 return err;
254 252
@@ -867,7 +865,7 @@ static int futex_wake(u32 __user *uaddr, int fshared, int nr_wake, u32 bitset)
867 if (!bitset) 865 if (!bitset)
868 return -EINVAL; 866 return -EINVAL;
869 867
870 ret = get_futex_key(uaddr, fshared, &key, VERIFY_READ); 868 ret = get_futex_key(uaddr, fshared, &key);
871 if (unlikely(ret != 0)) 869 if (unlikely(ret != 0))
872 goto out; 870 goto out;
873 871
@@ -913,10 +911,10 @@ futex_wake_op(u32 __user *uaddr1, int fshared, u32 __user *uaddr2,
913 int ret, op_ret; 911 int ret, op_ret;
914 912
915retry: 913retry:
916 ret = get_futex_key(uaddr1, fshared, &key1, VERIFY_READ); 914 ret = get_futex_key(uaddr1, fshared, &key1);
917 if (unlikely(ret != 0)) 915 if (unlikely(ret != 0))
918 goto out; 916 goto out;
919 ret = get_futex_key(uaddr2, fshared, &key2, VERIFY_WRITE); 917 ret = get_futex_key(uaddr2, fshared, &key2);
920 if (unlikely(ret != 0)) 918 if (unlikely(ret != 0))
921 goto out_put_key1; 919 goto out_put_key1;
922 920
@@ -1175,11 +1173,10 @@ retry:
1175 pi_state = NULL; 1173 pi_state = NULL;
1176 } 1174 }
1177 1175
1178 ret = get_futex_key(uaddr1, fshared, &key1, VERIFY_READ); 1176 ret = get_futex_key(uaddr1, fshared, &key1);
1179 if (unlikely(ret != 0)) 1177 if (unlikely(ret != 0))
1180 goto out; 1178 goto out;
1181 ret = get_futex_key(uaddr2, fshared, &key2, 1179 ret = get_futex_key(uaddr2, fshared, &key2);
1182 requeue_pi ? VERIFY_WRITE : VERIFY_READ);
1183 if (unlikely(ret != 0)) 1180 if (unlikely(ret != 0))
1184 goto out_put_key1; 1181 goto out_put_key1;
1185 1182
@@ -1738,7 +1735,7 @@ static int futex_wait_setup(u32 __user *uaddr, u32 val, int fshared,
1738 */ 1735 */
1739retry: 1736retry:
1740 q->key = FUTEX_KEY_INIT; 1737 q->key = FUTEX_KEY_INIT;
1741 ret = get_futex_key(uaddr, fshared, &q->key, VERIFY_READ); 1738 ret = get_futex_key(uaddr, fshared, &q->key);
1742 if (unlikely(ret != 0)) 1739 if (unlikely(ret != 0))
1743 return ret; 1740 return ret;
1744 1741
@@ -1904,7 +1901,7 @@ static int futex_lock_pi(u32 __user *uaddr, int fshared,
1904 q.requeue_pi_key = NULL; 1901 q.requeue_pi_key = NULL;
1905retry: 1902retry:
1906 q.key = FUTEX_KEY_INIT; 1903 q.key = FUTEX_KEY_INIT;
1907 ret = get_futex_key(uaddr, fshared, &q.key, VERIFY_WRITE); 1904 ret = get_futex_key(uaddr, fshared, &q.key);
1908 if (unlikely(ret != 0)) 1905 if (unlikely(ret != 0))
1909 goto out; 1906 goto out;
1910 1907
@@ -2023,7 +2020,7 @@ retry:
2023 if ((uval & FUTEX_TID_MASK) != task_pid_vnr(current)) 2020 if ((uval & FUTEX_TID_MASK) != task_pid_vnr(current))
2024 return -EPERM; 2021 return -EPERM;
2025 2022
2026 ret = get_futex_key(uaddr, fshared, &key, VERIFY_WRITE); 2023 ret = get_futex_key(uaddr, fshared, &key);
2027 if (unlikely(ret != 0)) 2024 if (unlikely(ret != 0))
2028 goto out; 2025 goto out;
2029 2026
@@ -2215,7 +2212,7 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, int fshared,
2215 rt_waiter.task = NULL; 2212 rt_waiter.task = NULL;
2216 2213
2217 key2 = FUTEX_KEY_INIT; 2214 key2 = FUTEX_KEY_INIT;
2218 ret = get_futex_key(uaddr2, fshared, &key2, VERIFY_WRITE); 2215 ret = get_futex_key(uaddr2, fshared, &key2);
2219 if (unlikely(ret != 0)) 2216 if (unlikely(ret != 0))
2220 goto out; 2217 goto out;
2221 2218
diff --git a/kernel/kfifo.c b/kernel/kfifo.c
index e92d519f93b1..32c5c15d750d 100644
--- a/kernel/kfifo.c
+++ b/kernel/kfifo.c
@@ -28,7 +28,7 @@
28#include <linux/log2.h> 28#include <linux/log2.h>
29#include <linux/uaccess.h> 29#include <linux/uaccess.h>
30 30
31static void _kfifo_init(struct kfifo *fifo, unsigned char *buffer, 31static void _kfifo_init(struct kfifo *fifo, void *buffer,
32 unsigned int size) 32 unsigned int size)
33{ 33{
34 fifo->buffer = buffer; 34 fifo->buffer = buffer;
@@ -41,10 +41,10 @@ static void _kfifo_init(struct kfifo *fifo, unsigned char *buffer,
41 * kfifo_init - initialize a FIFO using a preallocated buffer 41 * kfifo_init - initialize a FIFO using a preallocated buffer
42 * @fifo: the fifo to assign the buffer 42 * @fifo: the fifo to assign the buffer
43 * @buffer: the preallocated buffer to be used. 43 * @buffer: the preallocated buffer to be used.
44 * @size: the size of the internal buffer, this have to be a power of 2. 44 * @size: the size of the internal buffer, this has to be a power of 2.
45 * 45 *
46 */ 46 */
47void kfifo_init(struct kfifo *fifo, unsigned char *buffer, unsigned int size) 47void kfifo_init(struct kfifo *fifo, void *buffer, unsigned int size)
48{ 48{
49 /* size must be a power of 2 */ 49 /* size must be a power of 2 */
50 BUG_ON(!is_power_of_2(size)); 50 BUG_ON(!is_power_of_2(size));
@@ -159,8 +159,9 @@ static inline void __kfifo_out_data(struct kfifo *fifo,
159 memcpy(to + l, fifo->buffer, len - l); 159 memcpy(to + l, fifo->buffer, len - l);
160} 160}
161 161
162static inline unsigned int __kfifo_from_user_data(struct kfifo *fifo, 162static inline int __kfifo_from_user_data(struct kfifo *fifo,
163 const void __user *from, unsigned int len, unsigned int off) 163 const void __user *from, unsigned int len, unsigned int off,
164 unsigned *lenout)
164{ 165{
165 unsigned int l; 166 unsigned int l;
166 int ret; 167 int ret;
@@ -177,16 +178,20 @@ static inline unsigned int __kfifo_from_user_data(struct kfifo *fifo,
177 /* first put the data starting from fifo->in to buffer end */ 178 /* first put the data starting from fifo->in to buffer end */
178 l = min(len, fifo->size - off); 179 l = min(len, fifo->size - off);
179 ret = copy_from_user(fifo->buffer + off, from, l); 180 ret = copy_from_user(fifo->buffer + off, from, l);
180 181 if (unlikely(ret)) {
181 if (unlikely(ret)) 182 *lenout = ret;
182 return ret + len - l; 183 return -EFAULT;
184 }
185 *lenout = l;
183 186
184 /* then put the rest (if any) at the beginning of the buffer */ 187 /* then put the rest (if any) at the beginning of the buffer */
185 return copy_from_user(fifo->buffer, from + l, len - l); 188 ret = copy_from_user(fifo->buffer, from + l, len - l);
189 *lenout += ret ? ret : len - l;
190 return ret ? -EFAULT : 0;
186} 191}
187 192
188static inline unsigned int __kfifo_to_user_data(struct kfifo *fifo, 193static inline int __kfifo_to_user_data(struct kfifo *fifo,
189 void __user *to, unsigned int len, unsigned int off) 194 void __user *to, unsigned int len, unsigned int off, unsigned *lenout)
190{ 195{
191 unsigned int l; 196 unsigned int l;
192 int ret; 197 int ret;
@@ -203,12 +208,21 @@ static inline unsigned int __kfifo_to_user_data(struct kfifo *fifo,
203 /* first get the data from fifo->out until the end of the buffer */ 208 /* first get the data from fifo->out until the end of the buffer */
204 l = min(len, fifo->size - off); 209 l = min(len, fifo->size - off);
205 ret = copy_to_user(to, fifo->buffer + off, l); 210 ret = copy_to_user(to, fifo->buffer + off, l);
206 211 *lenout = l;
207 if (unlikely(ret)) 212 if (unlikely(ret)) {
208 return ret + len - l; 213 *lenout -= ret;
214 return -EFAULT;
215 }
209 216
210 /* then get the rest (if any) from the beginning of the buffer */ 217 /* then get the rest (if any) from the beginning of the buffer */
211 return copy_to_user(to + l, fifo->buffer, len - l); 218 len -= l;
219 ret = copy_to_user(to + l, fifo->buffer, len);
220 if (unlikely(ret)) {
221 *lenout += len - ret;
222 return -EFAULT;
223 }
224 *lenout += len;
225 return 0;
212} 226}
213 227
214unsigned int __kfifo_in_n(struct kfifo *fifo, 228unsigned int __kfifo_in_n(struct kfifo *fifo,
@@ -235,7 +249,7 @@ EXPORT_SYMBOL(__kfifo_in_n);
235 * Note that with only one concurrent reader and one concurrent 249 * Note that with only one concurrent reader and one concurrent
236 * writer, you don't need extra locking to use these functions. 250 * writer, you don't need extra locking to use these functions.
237 */ 251 */
238unsigned int kfifo_in(struct kfifo *fifo, const unsigned char *from, 252unsigned int kfifo_in(struct kfifo *fifo, const void *from,
239 unsigned int len) 253 unsigned int len)
240{ 254{
241 len = min(kfifo_avail(fifo), len); 255 len = min(kfifo_avail(fifo), len);
@@ -277,7 +291,7 @@ EXPORT_SYMBOL(__kfifo_out_n);
277 * Note that with only one concurrent reader and one concurrent 291 * Note that with only one concurrent reader and one concurrent
278 * writer, you don't need extra locking to use these functions. 292 * writer, you don't need extra locking to use these functions.
279 */ 293 */
280unsigned int kfifo_out(struct kfifo *fifo, unsigned char *to, unsigned int len) 294unsigned int kfifo_out(struct kfifo *fifo, void *to, unsigned int len)
281{ 295{
282 len = min(kfifo_len(fifo), len); 296 len = min(kfifo_len(fifo), len);
283 297
@@ -288,6 +302,27 @@ unsigned int kfifo_out(struct kfifo *fifo, unsigned char *to, unsigned int len)
288} 302}
289EXPORT_SYMBOL(kfifo_out); 303EXPORT_SYMBOL(kfifo_out);
290 304
305/**
306 * kfifo_out_peek - copy some data from the FIFO, but do not remove it
307 * @fifo: the fifo to be used.
308 * @to: where the data must be copied.
309 * @len: the size of the destination buffer.
310 * @offset: offset into the fifo
311 *
312 * This function copies at most @len bytes at @offset from the FIFO
313 * into the @to buffer and returns the number of copied bytes.
314 * The data is not removed from the FIFO.
315 */
316unsigned int kfifo_out_peek(struct kfifo *fifo, void *to, unsigned int len,
317 unsigned offset)
318{
319 len = min(kfifo_len(fifo), len + offset);
320
321 __kfifo_out_data(fifo, to, len, offset);
322 return len;
323}
324EXPORT_SYMBOL(kfifo_out_peek);
325
291unsigned int __kfifo_out_generic(struct kfifo *fifo, 326unsigned int __kfifo_out_generic(struct kfifo *fifo,
292 void *to, unsigned int len, unsigned int recsize, 327 void *to, unsigned int len, unsigned int recsize,
293 unsigned int *total) 328 unsigned int *total)
@@ -299,10 +334,13 @@ EXPORT_SYMBOL(__kfifo_out_generic);
299unsigned int __kfifo_from_user_n(struct kfifo *fifo, 334unsigned int __kfifo_from_user_n(struct kfifo *fifo,
300 const void __user *from, unsigned int len, unsigned int recsize) 335 const void __user *from, unsigned int len, unsigned int recsize)
301{ 336{
337 unsigned total;
338
302 if (kfifo_avail(fifo) < len + recsize) 339 if (kfifo_avail(fifo) < len + recsize)
303 return len + 1; 340 return len + 1;
304 341
305 return __kfifo_from_user_data(fifo, from, len, recsize); 342 __kfifo_from_user_data(fifo, from, len, recsize, &total);
343 return total;
306} 344}
307EXPORT_SYMBOL(__kfifo_from_user_n); 345EXPORT_SYMBOL(__kfifo_from_user_n);
308 346
@@ -313,18 +351,21 @@ EXPORT_SYMBOL(__kfifo_from_user_n);
313 * @len: the length of the data to be added. 351 * @len: the length of the data to be added.
314 * 352 *
315 * This function copies at most @len bytes from the @from into the 353 * This function copies at most @len bytes from the @from into the
316 * FIFO depending and returns the number of copied bytes. 354 * FIFO depending and returns -EFAULT/0.
317 * 355 *
318 * Note that with only one concurrent reader and one concurrent 356 * Note that with only one concurrent reader and one concurrent
319 * writer, you don't need extra locking to use these functions. 357 * writer, you don't need extra locking to use these functions.
320 */ 358 */
321unsigned int kfifo_from_user(struct kfifo *fifo, 359int kfifo_from_user(struct kfifo *fifo,
322 const void __user *from, unsigned int len) 360 const void __user *from, unsigned int len, unsigned *total)
323{ 361{
362 int ret;
324 len = min(kfifo_avail(fifo), len); 363 len = min(kfifo_avail(fifo), len);
325 len -= __kfifo_from_user_data(fifo, from, len, 0); 364 ret = __kfifo_from_user_data(fifo, from, len, 0, total);
365 if (ret)
366 return ret;
326 __kfifo_add_in(fifo, len); 367 __kfifo_add_in(fifo, len);
327 return len; 368 return 0;
328} 369}
329EXPORT_SYMBOL(kfifo_from_user); 370EXPORT_SYMBOL(kfifo_from_user);
330 371
@@ -339,17 +380,17 @@ unsigned int __kfifo_to_user_n(struct kfifo *fifo,
339 void __user *to, unsigned int len, unsigned int reclen, 380 void __user *to, unsigned int len, unsigned int reclen,
340 unsigned int recsize) 381 unsigned int recsize)
341{ 382{
342 unsigned int ret; 383 unsigned int ret, total;
343 384
344 if (kfifo_len(fifo) < reclen + recsize) 385 if (kfifo_len(fifo) < reclen + recsize)
345 return len; 386 return len;
346 387
347 ret = __kfifo_to_user_data(fifo, to, reclen, recsize); 388 ret = __kfifo_to_user_data(fifo, to, reclen, recsize, &total);
348 389
349 if (likely(ret == 0)) 390 if (likely(ret == 0))
350 __kfifo_add_out(fifo, reclen + recsize); 391 __kfifo_add_out(fifo, reclen + recsize);
351 392
352 return ret; 393 return total;
353} 394}
354EXPORT_SYMBOL(__kfifo_to_user_n); 395EXPORT_SYMBOL(__kfifo_to_user_n);
355 396
@@ -358,20 +399,22 @@ EXPORT_SYMBOL(__kfifo_to_user_n);
358 * @fifo: the fifo to be used. 399 * @fifo: the fifo to be used.
359 * @to: where the data must be copied. 400 * @to: where the data must be copied.
360 * @len: the size of the destination buffer. 401 * @len: the size of the destination buffer.
402 @ @lenout: pointer to output variable with copied data
361 * 403 *
362 * This function copies at most @len bytes from the FIFO into the 404 * This function copies at most @len bytes from the FIFO into the
363 * @to buffer and returns the number of copied bytes. 405 * @to buffer and 0 or -EFAULT.
364 * 406 *
365 * Note that with only one concurrent reader and one concurrent 407 * Note that with only one concurrent reader and one concurrent
366 * writer, you don't need extra locking to use these functions. 408 * writer, you don't need extra locking to use these functions.
367 */ 409 */
368unsigned int kfifo_to_user(struct kfifo *fifo, 410int kfifo_to_user(struct kfifo *fifo,
369 void __user *to, unsigned int len) 411 void __user *to, unsigned int len, unsigned *lenout)
370{ 412{
413 int ret;
371 len = min(kfifo_len(fifo), len); 414 len = min(kfifo_len(fifo), len);
372 len -= __kfifo_to_user_data(fifo, to, len, 0); 415 ret = __kfifo_to_user_data(fifo, to, len, 0, lenout);
373 __kfifo_add_out(fifo, len); 416 __kfifo_add_out(fifo, *lenout);
374 return len; 417 return ret;
375} 418}
376EXPORT_SYMBOL(kfifo_to_user); 419EXPORT_SYMBOL(kfifo_to_user);
377 420
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 25b103190364..bf0e231d9702 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -520,13 +520,15 @@ int call_usermodehelper_pipe(char *path, char **argv, char **envp,
520 return -ENOMEM; 520 return -ENOMEM;
521 521
522 ret = call_usermodehelper_stdinpipe(sub_info, filp); 522 ret = call_usermodehelper_stdinpipe(sub_info, filp);
523 if (ret < 0) 523 if (ret < 0) {
524 goto out; 524 call_usermodehelper_freeinfo(sub_info);
525 return ret;
526 }
525 527
526 return call_usermodehelper_exec(sub_info, UMH_WAIT_EXEC); 528 ret = call_usermodehelper_exec(sub_info, UMH_WAIT_EXEC);
529 if (ret < 0) /* Failed to execute helper, close pipe */
530 filp_close(*filp, NULL);
527 531
528 out:
529 call_usermodehelper_freeinfo(sub_info);
530 return ret; 532 return ret;
531} 533}
532EXPORT_SYMBOL(call_usermodehelper_pipe); 534EXPORT_SYMBOL(call_usermodehelper_pipe);
diff --git a/kernel/module.c b/kernel/module.c
index e96b8ed1cb6a..f82386bd9ee9 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1010,6 +1010,12 @@ static const struct kernel_symbol *resolve_symbol(Elf_Shdr *sechdrs,
1010 * J. Corbet <corbet@lwn.net> 1010 * J. Corbet <corbet@lwn.net>
1011 */ 1011 */
1012#if defined(CONFIG_KALLSYMS) && defined(CONFIG_SYSFS) 1012#if defined(CONFIG_KALLSYMS) && defined(CONFIG_SYSFS)
1013
1014static inline bool sect_empty(const Elf_Shdr *sect)
1015{
1016 return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0;
1017}
1018
1013struct module_sect_attr 1019struct module_sect_attr
1014{ 1020{
1015 struct module_attribute mattr; 1021 struct module_attribute mattr;
@@ -1051,8 +1057,7 @@ static void add_sect_attrs(struct module *mod, unsigned int nsect,
1051 1057
1052 /* Count loaded sections and allocate structures */ 1058 /* Count loaded sections and allocate structures */
1053 for (i = 0; i < nsect; i++) 1059 for (i = 0; i < nsect; i++)
1054 if (sechdrs[i].sh_flags & SHF_ALLOC 1060 if (!sect_empty(&sechdrs[i]))
1055 && sechdrs[i].sh_size)
1056 nloaded++; 1061 nloaded++;
1057 size[0] = ALIGN(sizeof(*sect_attrs) 1062 size[0] = ALIGN(sizeof(*sect_attrs)
1058 + nloaded * sizeof(sect_attrs->attrs[0]), 1063 + nloaded * sizeof(sect_attrs->attrs[0]),
@@ -1070,9 +1075,7 @@ static void add_sect_attrs(struct module *mod, unsigned int nsect,
1070 sattr = &sect_attrs->attrs[0]; 1075 sattr = &sect_attrs->attrs[0];
1071 gattr = &sect_attrs->grp.attrs[0]; 1076 gattr = &sect_attrs->grp.attrs[0];
1072 for (i = 0; i < nsect; i++) { 1077 for (i = 0; i < nsect; i++) {
1073 if (! (sechdrs[i].sh_flags & SHF_ALLOC)) 1078 if (sect_empty(&sechdrs[i]))
1074 continue;
1075 if (!sechdrs[i].sh_size)
1076 continue; 1079 continue;
1077 sattr->address = sechdrs[i].sh_addr; 1080 sattr->address = sechdrs[i].sh_addr;
1078 sattr->name = kstrdup(secstrings + sechdrs[i].sh_name, 1081 sattr->name = kstrdup(secstrings + sechdrs[i].sh_name,
@@ -1156,7 +1159,7 @@ static void add_notes_attrs(struct module *mod, unsigned int nsect,
1156 /* Count notes sections and allocate structures. */ 1159 /* Count notes sections and allocate structures. */
1157 notes = 0; 1160 notes = 0;
1158 for (i = 0; i < nsect; i++) 1161 for (i = 0; i < nsect; i++)
1159 if ((sechdrs[i].sh_flags & SHF_ALLOC) && 1162 if (!sect_empty(&sechdrs[i]) &&
1160 (sechdrs[i].sh_type == SHT_NOTE)) 1163 (sechdrs[i].sh_type == SHT_NOTE))
1161 ++notes; 1164 ++notes;
1162 1165
@@ -1172,7 +1175,7 @@ static void add_notes_attrs(struct module *mod, unsigned int nsect,
1172 notes_attrs->notes = notes; 1175 notes_attrs->notes = notes;
1173 nattr = &notes_attrs->attrs[0]; 1176 nattr = &notes_attrs->attrs[0];
1174 for (loaded = i = 0; i < nsect; ++i) { 1177 for (loaded = i = 0; i < nsect; ++i) {
1175 if (!(sechdrs[i].sh_flags & SHF_ALLOC)) 1178 if (sect_empty(&sechdrs[i]))
1176 continue; 1179 continue;
1177 if (sechdrs[i].sh_type == SHT_NOTE) { 1180 if (sechdrs[i].sh_type == SHT_NOTE) {
1178 nattr->attr.name = mod->sect_attrs->attrs[loaded].name; 1181 nattr->attr.name = mod->sect_attrs->attrs[loaded].name;
diff --git a/kernel/signal.c b/kernel/signal.c
index d09692b40376..934ae5e687b9 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -979,7 +979,8 @@ static void print_fatal_signal(struct pt_regs *regs, int signr)
979 for (i = 0; i < 16; i++) { 979 for (i = 0; i < 16; i++) {
980 unsigned char insn; 980 unsigned char insn;
981 981
982 __get_user(insn, (unsigned char *)(regs->ip + i)); 982 if (get_user(insn, (unsigned char *)(regs->ip + i)))
983 break;
983 printk("%02x ", insn); 984 printk("%02x ", insn);
984 } 985 }
985 } 986 }
diff --git a/kernel/smp.c b/kernel/smp.c
index de735a6637d0..f10408422444 100644
--- a/kernel/smp.c
+++ b/kernel/smp.c
@@ -347,7 +347,7 @@ int smp_call_function_any(const struct cpumask *mask,
347 goto call; 347 goto call;
348 348
349 /* Try for same node. */ 349 /* Try for same node. */
350 nodemask = cpumask_of_node(cpu); 350 nodemask = cpumask_of_node(cpu_to_node(cpu));
351 for (cpu = cpumask_first_and(nodemask, mask); cpu < nr_cpu_ids; 351 for (cpu = cpumask_first_and(nodemask, mask); cpu < nr_cpu_ids;
352 cpu = cpumask_next_and(cpu, nodemask, mask)) { 352 cpu = cpumask_next_and(cpu, nodemask, mask)) {
353 if (cpu_online(cpu)) 353 if (cpu_online(cpu))
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
index 7968762c8167..1e6640f80454 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -1690,7 +1690,7 @@ ftrace_regex_lseek(struct file *file, loff_t offset, int origin)
1690static int ftrace_match(char *str, char *regex, int len, int type) 1690static int ftrace_match(char *str, char *regex, int len, int type)
1691{ 1691{
1692 int matched = 0; 1692 int matched = 0;
1693 char *ptr; 1693 int slen;
1694 1694
1695 switch (type) { 1695 switch (type) {
1696 case MATCH_FULL: 1696 case MATCH_FULL:
@@ -1706,8 +1706,8 @@ static int ftrace_match(char *str, char *regex, int len, int type)
1706 matched = 1; 1706 matched = 1;
1707 break; 1707 break;
1708 case MATCH_END_ONLY: 1708 case MATCH_END_ONLY:
1709 ptr = strstr(str, regex); 1709 slen = strlen(str);
1710 if (ptr && (ptr[len] == 0)) 1710 if (slen >= len && memcmp(str + slen - len, regex, len) == 0)
1711 matched = 1; 1711 matched = 1;
1712 break; 1712 break;
1713 } 1713 }
diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
index 2326b04c95c4..edefe3b2801b 100644
--- a/kernel/trace/ring_buffer.c
+++ b/kernel/trace/ring_buffer.c
@@ -2869,7 +2869,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
2869 * Splice the empty reader page into the list around the head. 2869 * Splice the empty reader page into the list around the head.
2870 */ 2870 */
2871 reader = rb_set_head_page(cpu_buffer); 2871 reader = rb_set_head_page(cpu_buffer);
2872 cpu_buffer->reader_page->list.next = reader->list.next; 2872 cpu_buffer->reader_page->list.next = rb_list_head(reader->list.next);
2873 cpu_buffer->reader_page->list.prev = reader->list.prev; 2873 cpu_buffer->reader_page->list.prev = reader->list.prev;
2874 2874
2875 /* 2875 /*
@@ -2906,7 +2906,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
2906 * 2906 *
2907 * Now make the new head point back to the reader page. 2907 * Now make the new head point back to the reader page.
2908 */ 2908 */
2909 reader->list.next->prev = &cpu_buffer->reader_page->list; 2909 rb_list_head(reader->list.next)->prev = &cpu_buffer->reader_page->list;
2910 rb_inc_page(cpu_buffer, &cpu_buffer->head_page); 2910 rb_inc_page(cpu_buffer, &cpu_buffer->head_page);
2911 2911
2912 /* Finally update the reader page to the new head */ 2912 /* Finally update the reader page to the new head */
diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c
index 50504cb228de..e42af9aad69f 100644
--- a/kernel/trace/trace_events_filter.c
+++ b/kernel/trace/trace_events_filter.c
@@ -211,8 +211,9 @@ static int filter_pred_pchar(struct filter_pred *pred, void *event,
211{ 211{
212 char **addr = (char **)(event + pred->offset); 212 char **addr = (char **)(event + pred->offset);
213 int cmp, match; 213 int cmp, match;
214 int len = strlen(*addr) + 1; /* including tailing '\0' */
214 215
215 cmp = pred->regex.match(*addr, &pred->regex, pred->regex.field_len); 216 cmp = pred->regex.match(*addr, &pred->regex, len);
216 217
217 match = cmp ^ pred->not; 218 match = cmp ^ pred->not;
218 219
@@ -251,7 +252,18 @@ static int filter_pred_none(struct filter_pred *pred, void *event,
251 return 0; 252 return 0;
252} 253}
253 254
254/* Basic regex callbacks */ 255/*
256 * regex_match_foo - Basic regex callbacks
257 *
258 * @str: the string to be searched
259 * @r: the regex structure containing the pattern string
260 * @len: the length of the string to be searched (including '\0')
261 *
262 * Note:
263 * - @str might not be NULL-terminated if it's of type DYN_STRING
264 * or STATIC_STRING
265 */
266
255static int regex_match_full(char *str, struct regex *r, int len) 267static int regex_match_full(char *str, struct regex *r, int len)
256{ 268{
257 if (strncmp(str, r->pattern, len) == 0) 269 if (strncmp(str, r->pattern, len) == 0)
@@ -261,23 +273,24 @@ static int regex_match_full(char *str, struct regex *r, int len)
261 273
262static int regex_match_front(char *str, struct regex *r, int len) 274static int regex_match_front(char *str, struct regex *r, int len)
263{ 275{
264 if (strncmp(str, r->pattern, len) == 0) 276 if (strncmp(str, r->pattern, r->len) == 0)
265 return 1; 277 return 1;
266 return 0; 278 return 0;
267} 279}
268 280
269static int regex_match_middle(char *str, struct regex *r, int len) 281static int regex_match_middle(char *str, struct regex *r, int len)
270{ 282{
271 if (strstr(str, r->pattern)) 283 if (strnstr(str, r->pattern, len))
272 return 1; 284 return 1;
273 return 0; 285 return 0;
274} 286}
275 287
276static int regex_match_end(char *str, struct regex *r, int len) 288static int regex_match_end(char *str, struct regex *r, int len)
277{ 289{
278 char *ptr = strstr(str, r->pattern); 290 int strlen = len - 1;
279 291
280 if (ptr && (ptr[r->len] == 0)) 292 if (strlen >= r->len &&
293 memcmp(str + strlen - r->len, r->pattern, r->len) == 0)
281 return 1; 294 return 1;
282 return 0; 295 return 0;
283} 296}
@@ -781,10 +794,8 @@ static int filter_add_pred(struct filter_parse_state *ps,
781 pred->regex.field_len = field->size; 794 pred->regex.field_len = field->size;
782 } else if (field->filter_type == FILTER_DYN_STRING) 795 } else if (field->filter_type == FILTER_DYN_STRING)
783 fn = filter_pred_strloc; 796 fn = filter_pred_strloc;
784 else { 797 else
785 fn = filter_pred_pchar; 798 fn = filter_pred_pchar;
786 pred->regex.field_len = strlen(pred->regex.pattern);
787 }
788 } else { 799 } else {
789 if (field->is_signed) 800 if (field->is_signed)
790 ret = strict_strtoll(pred->regex.pattern, 0, &val); 801 ret = strict_strtoll(pred->regex.pattern, 0, &val);