Contents of /trunk/kernel26-alx/patches-2.6.27-r3/0126-2.6.27.27-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 1176 -
(show annotations)
(download)
Thu Oct 14 15:11:06 2010 UTC (13 years, 7 months ago) by niro
File size: 17113 byte(s)
Thu Oct 14 15:11:06 2010 UTC (13 years, 7 months ago) by niro
File size: 17113 byte(s)
-2.6.27-alx-r3: new magellan 0.5.2 kernel
| 1 | diff --git a/Makefile b/Makefile |
| 2 | index 90764ee..387a5fd 100644 |
| 3 | --- a/Makefile |
| 4 | +++ b/Makefile |
| 5 | @@ -340,7 +340,8 @@ KBUILD_CPPFLAGS := -D__KERNEL__ $(LINUXINCLUDE) |
| 6 | |
| 7 | KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \ |
| 8 | -fno-strict-aliasing -fno-common \ |
| 9 | - -Werror-implicit-function-declaration |
| 10 | + -Werror-implicit-function-declaration \ |
| 11 | + -fno-delete-null-pointer-checks |
| 12 | KBUILD_AFLAGS := -D__ASSEMBLY__ |
| 13 | |
| 14 | # Read KERNELRELEASE from include/config/kernel.release (if it exists) |
| 15 | @@ -556,7 +557,7 @@ KBUILD_CFLAGS += $(call cc-option,-Wdeclaration-after-statement,) |
| 16 | KBUILD_CFLAGS += $(call cc-option,-Wno-pointer-sign,) |
| 17 | |
| 18 | # disable invalid "can't wrap" optimzations for signed / pointers |
| 19 | -KBUILD_CFLAGS += $(call cc-option,-fwrapv) |
| 20 | +KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow) |
| 21 | |
| 22 | # Add user supplied CPPFLAGS, AFLAGS and CFLAGS as the last assignments |
| 23 | # But warn user when we do so |
| 24 | diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c |
| 25 | index 615fcd3..5900f76 100644 |
| 26 | --- a/drivers/block/floppy.c |
| 27 | +++ b/drivers/block/floppy.c |
| 28 | @@ -3320,7 +3320,10 @@ static inline int set_geometry(unsigned int cmd, struct floppy_struct *g, |
| 29 | if (!capable(CAP_SYS_ADMIN)) |
| 30 | return -EPERM; |
| 31 | mutex_lock(&open_lock); |
| 32 | - LOCK_FDC(drive, 1); |
| 33 | + if (lock_fdc(drive, 1)) { |
| 34 | + mutex_unlock(&open_lock); |
| 35 | + return -EINTR; |
| 36 | + } |
| 37 | floppy_type[type] = *g; |
| 38 | floppy_type[type].name = "user format"; |
| 39 | for (cnt = type << 2; cnt < (type << 2) + 4; cnt++) |
| 40 | diff --git a/drivers/md/dm.c b/drivers/md/dm.c |
| 41 | index 925efaf..ace998c 100644 |
| 42 | --- a/drivers/md/dm.c |
| 43 | +++ b/drivers/md/dm.c |
| 44 | @@ -265,10 +265,6 @@ static int dm_blk_open(struct inode *inode, struct file *file) |
| 45 | goto out; |
| 46 | } |
| 47 | |
| 48 | - if (test_bit(DMF_FREEING, &md->flags) || |
| 49 | - test_bit(DMF_DELETING, &md->flags)) |
| 50 | - return NULL; |
| 51 | - |
| 52 | dm_get(md); |
| 53 | atomic_inc(&md->open_count); |
| 54 | |
| 55 | diff --git a/drivers/net/tulip/interrupt.c b/drivers/net/tulip/interrupt.c |
| 56 | index c6bad98..7faf84f 100644 |
| 57 | --- a/drivers/net/tulip/interrupt.c |
| 58 | +++ b/drivers/net/tulip/interrupt.c |
| 59 | @@ -140,6 +140,7 @@ int tulip_poll(struct napi_struct *napi, int budget) |
| 60 | /* If we own the next entry, it is a new packet. Send it up. */ |
| 61 | while ( ! (tp->rx_ring[entry].status & cpu_to_le32(DescOwned))) { |
| 62 | s32 status = le32_to_cpu(tp->rx_ring[entry].status); |
| 63 | + short pkt_len; |
| 64 | |
| 65 | if (tp->dirty_rx + RX_RING_SIZE == tp->cur_rx) |
| 66 | break; |
| 67 | @@ -151,8 +152,28 @@ int tulip_poll(struct napi_struct *napi, int budget) |
| 68 | if (++work_done >= budget) |
| 69 | goto not_done; |
| 70 | |
| 71 | - if ((status & 0x38008300) != 0x0300) { |
| 72 | - if ((status & 0x38000300) != 0x0300) { |
| 73 | + /* |
| 74 | + * Omit the four octet CRC from the length. |
| 75 | + * (May not be considered valid until we have |
| 76 | + * checked status for RxLengthOver2047 bits) |
| 77 | + */ |
| 78 | + pkt_len = ((status >> 16) & 0x7ff) - 4; |
| 79 | + |
| 80 | + /* |
| 81 | + * Maximum pkt_len is 1518 (1514 + vlan header) |
| 82 | + * Anything higher than this is always invalid |
| 83 | + * regardless of RxLengthOver2047 bits |
| 84 | + */ |
| 85 | + |
| 86 | + if ((status & (RxLengthOver2047 | |
| 87 | + RxDescCRCError | |
| 88 | + RxDescCollisionSeen | |
| 89 | + RxDescRunt | |
| 90 | + RxDescDescErr | |
| 91 | + RxWholePkt)) != RxWholePkt |
| 92 | + || pkt_len > 1518) { |
| 93 | + if ((status & (RxLengthOver2047 | |
| 94 | + RxWholePkt)) != RxWholePkt) { |
| 95 | /* Ingore earlier buffers. */ |
| 96 | if ((status & 0xffff) != 0x7fff) { |
| 97 | if (tulip_debug > 1) |
| 98 | @@ -161,30 +182,23 @@ int tulip_poll(struct napi_struct *napi, int budget) |
| 99 | dev->name, status); |
| 100 | tp->stats.rx_length_errors++; |
| 101 | } |
| 102 | - } else if (status & RxDescFatalErr) { |
| 103 | + } else { |
| 104 | /* There was a fatal error. */ |
| 105 | if (tulip_debug > 2) |
| 106 | printk(KERN_DEBUG "%s: Receive error, Rx status %8.8x.\n", |
| 107 | dev->name, status); |
| 108 | tp->stats.rx_errors++; /* end of a packet.*/ |
| 109 | - if (status & 0x0890) tp->stats.rx_length_errors++; |
| 110 | + if (pkt_len > 1518 || |
| 111 | + (status & RxDescRunt)) |
| 112 | + tp->stats.rx_length_errors++; |
| 113 | + |
| 114 | if (status & 0x0004) tp->stats.rx_frame_errors++; |
| 115 | if (status & 0x0002) tp->stats.rx_crc_errors++; |
| 116 | if (status & 0x0001) tp->stats.rx_fifo_errors++; |
| 117 | } |
| 118 | } else { |
| 119 | - /* Omit the four octet CRC from the length. */ |
| 120 | - short pkt_len = ((status >> 16) & 0x7ff) - 4; |
| 121 | struct sk_buff *skb; |
| 122 | |
| 123 | -#ifndef final_version |
| 124 | - if (pkt_len > 1518) { |
| 125 | - printk(KERN_WARNING "%s: Bogus packet size of %d (%#x).\n", |
| 126 | - dev->name, pkt_len, pkt_len); |
| 127 | - pkt_len = 1518; |
| 128 | - tp->stats.rx_length_errors++; |
| 129 | - } |
| 130 | -#endif |
| 131 | /* Check if the packet is long enough to accept without copying |
| 132 | to a minimally-sized skbuff. */ |
| 133 | if (pkt_len < tulip_rx_copybreak |
| 134 | @@ -357,14 +371,35 @@ static int tulip_rx(struct net_device *dev) |
| 135 | /* If we own the next entry, it is a new packet. Send it up. */ |
| 136 | while ( ! (tp->rx_ring[entry].status & cpu_to_le32(DescOwned))) { |
| 137 | s32 status = le32_to_cpu(tp->rx_ring[entry].status); |
| 138 | + short pkt_len; |
| 139 | |
| 140 | if (tulip_debug > 5) |
| 141 | printk(KERN_DEBUG "%s: In tulip_rx(), entry %d %8.8x.\n", |
| 142 | dev->name, entry, status); |
| 143 | if (--rx_work_limit < 0) |
| 144 | break; |
| 145 | - if ((status & 0x38008300) != 0x0300) { |
| 146 | - if ((status & 0x38000300) != 0x0300) { |
| 147 | + |
| 148 | + /* |
| 149 | + Omit the four octet CRC from the length. |
| 150 | + (May not be considered valid until we have |
| 151 | + checked status for RxLengthOver2047 bits) |
| 152 | + */ |
| 153 | + pkt_len = ((status >> 16) & 0x7ff) - 4; |
| 154 | + /* |
| 155 | + Maximum pkt_len is 1518 (1514 + vlan header) |
| 156 | + Anything higher than this is always invalid |
| 157 | + regardless of RxLengthOver2047 bits |
| 158 | + */ |
| 159 | + |
| 160 | + if ((status & (RxLengthOver2047 | |
| 161 | + RxDescCRCError | |
| 162 | + RxDescCollisionSeen | |
| 163 | + RxDescRunt | |
| 164 | + RxDescDescErr | |
| 165 | + RxWholePkt)) != RxWholePkt |
| 166 | + || pkt_len > 1518) { |
| 167 | + if ((status & (RxLengthOver2047 | |
| 168 | + RxWholePkt)) != RxWholePkt) { |
| 169 | /* Ingore earlier buffers. */ |
| 170 | if ((status & 0xffff) != 0x7fff) { |
| 171 | if (tulip_debug > 1) |
| 172 | @@ -373,31 +408,22 @@ static int tulip_rx(struct net_device *dev) |
| 173 | dev->name, status); |
| 174 | tp->stats.rx_length_errors++; |
| 175 | } |
| 176 | - } else if (status & RxDescFatalErr) { |
| 177 | + } else { |
| 178 | /* There was a fatal error. */ |
| 179 | if (tulip_debug > 2) |
| 180 | printk(KERN_DEBUG "%s: Receive error, Rx status %8.8x.\n", |
| 181 | dev->name, status); |
| 182 | tp->stats.rx_errors++; /* end of a packet.*/ |
| 183 | - if (status & 0x0890) tp->stats.rx_length_errors++; |
| 184 | + if (pkt_len > 1518 || |
| 185 | + (status & RxDescRunt)) |
| 186 | + tp->stats.rx_length_errors++; |
| 187 | if (status & 0x0004) tp->stats.rx_frame_errors++; |
| 188 | if (status & 0x0002) tp->stats.rx_crc_errors++; |
| 189 | if (status & 0x0001) tp->stats.rx_fifo_errors++; |
| 190 | } |
| 191 | } else { |
| 192 | - /* Omit the four octet CRC from the length. */ |
| 193 | - short pkt_len = ((status >> 16) & 0x7ff) - 4; |
| 194 | struct sk_buff *skb; |
| 195 | |
| 196 | -#ifndef final_version |
| 197 | - if (pkt_len > 1518) { |
| 198 | - printk(KERN_WARNING "%s: Bogus packet size of %d (%#x).\n", |
| 199 | - dev->name, pkt_len, pkt_len); |
| 200 | - pkt_len = 1518; |
| 201 | - tp->stats.rx_length_errors++; |
| 202 | - } |
| 203 | -#endif |
| 204 | - |
| 205 | /* Check if the packet is long enough to accept without copying |
| 206 | to a minimally-sized skbuff. */ |
| 207 | if (pkt_len < tulip_rx_copybreak |
| 208 | diff --git a/drivers/net/tulip/tulip.h b/drivers/net/tulip/tulip.h |
| 209 | index 19abbc3..0afa2d4 100644 |
| 210 | --- a/drivers/net/tulip/tulip.h |
| 211 | +++ b/drivers/net/tulip/tulip.h |
| 212 | @@ -201,8 +201,38 @@ enum desc_status_bits { |
| 213 | DescStartPkt = 0x20000000, |
| 214 | DescEndRing = 0x02000000, |
| 215 | DescUseLink = 0x01000000, |
| 216 | - RxDescFatalErr = 0x008000, |
| 217 | + |
| 218 | + /* |
| 219 | + * Error summary flag is logical or of 'CRC Error', 'Collision Seen', |
| 220 | + * 'Frame Too Long', 'Runt' and 'Descriptor Error' flags generated |
| 221 | + * within tulip chip. |
| 222 | + */ |
| 223 | + RxDescErrorSummary = 0x8000, |
| 224 | + RxDescCRCError = 0x0002, |
| 225 | + RxDescCollisionSeen = 0x0040, |
| 226 | + |
| 227 | + /* |
| 228 | + * 'Frame Too Long' flag is set if packet length including CRC exceeds |
| 229 | + * 1518. However, a full sized VLAN tagged frame is 1522 bytes |
| 230 | + * including CRC. |
| 231 | + * |
| 232 | + * The tulip chip does not block oversized frames, and if this flag is |
| 233 | + * set on a receive descriptor it does not indicate the frame has been |
| 234 | + * truncated. The receive descriptor also includes the actual length. |
| 235 | + * Therefore we can safety ignore this flag and check the length |
| 236 | + * ourselves. |
| 237 | + */ |
| 238 | + RxDescFrameTooLong = 0x0080, |
| 239 | + RxDescRunt = 0x0800, |
| 240 | + RxDescDescErr = 0x4000, |
| 241 | RxWholePkt = 0x00000300, |
| 242 | + /* |
| 243 | + * Top three bits of 14 bit frame length (status bits 27-29) should |
| 244 | + * never be set as that would make frame over 2047 bytes. The Receive |
| 245 | + * Watchdog flag (bit 4) may indicate the length is over 2048 and the |
| 246 | + * length field is invalid. |
| 247 | + */ |
| 248 | + RxLengthOver2047 = 0x38000010 |
| 249 | }; |
| 250 | |
| 251 | |
| 252 | diff --git a/drivers/pci/iova.c b/drivers/pci/iova.c |
| 253 | index 3ef4ac0..078bf8b 100644 |
| 254 | --- a/drivers/pci/iova.c |
| 255 | +++ b/drivers/pci/iova.c |
| 256 | @@ -1,9 +1,19 @@ |
| 257 | /* |
| 258 | - * Copyright (c) 2006, Intel Corporation. |
| 259 | + * Copyright © 2006-2009, Intel Corporation. |
| 260 | * |
| 261 | - * This file is released under the GPLv2. |
| 262 | + * This program is free software; you can redistribute it and/or modify it |
| 263 | + * under the terms and conditions of the GNU General Public License, |
| 264 | + * version 2, as published by the Free Software Foundation. |
| 265 | + * |
| 266 | + * This program is distributed in the hope it will be useful, but WITHOUT |
| 267 | + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 268 | + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for |
| 269 | + * more details. |
| 270 | + * |
| 271 | + * You should have received a copy of the GNU General Public License along with |
| 272 | + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple |
| 273 | + * Place - Suite 330, Boston, MA 02111-1307 USA. |
| 274 | * |
| 275 | - * Copyright (C) 2006-2008 Intel Corporation |
| 276 | * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> |
| 277 | */ |
| 278 | |
| 279 | @@ -123,7 +133,15 @@ move_left: |
| 280 | /* Insert the new_iova into domain rbtree by holding writer lock */ |
| 281 | /* Add new node and rebalance tree. */ |
| 282 | { |
| 283 | - struct rb_node **entry = &((prev)), *parent = NULL; |
| 284 | + struct rb_node **entry, *parent = NULL; |
| 285 | + |
| 286 | + /* If we have 'prev', it's a valid place to start the |
| 287 | + insertion. Otherwise, start from the root. */ |
| 288 | + if (prev) |
| 289 | + entry = &prev; |
| 290 | + else |
| 291 | + entry = &iovad->rbroot.rb_node; |
| 292 | + |
| 293 | /* Figure out where to put new node */ |
| 294 | while (*entry) { |
| 295 | struct iova *this = container_of(*entry, |
| 296 | diff --git a/include/linux/mm.h b/include/linux/mm.h |
| 297 | index ae9775d..eeb7e56 100644 |
| 298 | --- a/include/linux/mm.h |
| 299 | +++ b/include/linux/mm.h |
| 300 | @@ -572,12 +572,10 @@ static inline void set_page_links(struct page *page, enum zone_type zone, |
| 301 | */ |
| 302 | static inline unsigned long round_hint_to_min(unsigned long hint) |
| 303 | { |
| 304 | -#ifdef CONFIG_SECURITY |
| 305 | hint &= PAGE_MASK; |
| 306 | if (((void *)hint != NULL) && |
| 307 | (hint < mmap_min_addr)) |
| 308 | return PAGE_ALIGN(mmap_min_addr); |
| 309 | -#endif |
| 310 | return hint; |
| 311 | } |
| 312 | |
| 313 | diff --git a/include/linux/personality.h b/include/linux/personality.h |
| 314 | index a84e9ff..1261208 100644 |
| 315 | --- a/include/linux/personality.h |
| 316 | +++ b/include/linux/personality.h |
| 317 | @@ -40,7 +40,10 @@ enum { |
| 318 | * Security-relevant compatibility flags that must be |
| 319 | * cleared upon setuid or setgid exec: |
| 320 | */ |
| 321 | -#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE) |
| 322 | +#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC | \ |
| 323 | + ADDR_NO_RANDOMIZE | \ |
| 324 | + ADDR_COMPAT_LAYOUT | \ |
| 325 | + MMAP_PAGE_ZERO) |
| 326 | |
| 327 | /* |
| 328 | * Personality types. |
| 329 | diff --git a/include/linux/security.h b/include/linux/security.h |
| 330 | index 80c4d00..1638afd 100644 |
| 331 | --- a/include/linux/security.h |
| 332 | +++ b/include/linux/security.h |
| 333 | @@ -2134,6 +2134,8 @@ static inline int security_file_mmap(struct file *file, unsigned long reqprot, |
| 334 | unsigned long addr, |
| 335 | unsigned long addr_only) |
| 336 | { |
| 337 | + if ((addr < mmap_min_addr) && !capable(CAP_SYS_RAWIO)) |
| 338 | + return -EACCES; |
| 339 | return 0; |
| 340 | } |
| 341 | |
| 342 | diff --git a/kernel/resource.c b/kernel/resource.c |
| 343 | index 03d796c..87f675a 100644 |
| 344 | --- a/kernel/resource.c |
| 345 | +++ b/kernel/resource.c |
| 346 | @@ -741,7 +741,7 @@ static int __init reserve_setup(char *str) |
| 347 | static struct resource reserve[MAXRESERVE]; |
| 348 | |
| 349 | for (;;) { |
| 350 | - int io_start, io_num; |
| 351 | + unsigned int io_start, io_num; |
| 352 | int x = reserved; |
| 353 | |
| 354 | if (get_option (&str, &io_start) != 2) |
| 355 | diff --git a/kernel/sysctl.c b/kernel/sysctl.c |
| 356 | index 6816e6d..1228d65 100644 |
| 357 | --- a/kernel/sysctl.c |
| 358 | +++ b/kernel/sysctl.c |
| 359 | @@ -1132,7 +1132,6 @@ static struct ctl_table vm_table[] = { |
| 360 | .strategy = &sysctl_jiffies, |
| 361 | }, |
| 362 | #endif |
| 363 | -#ifdef CONFIG_SECURITY |
| 364 | { |
| 365 | .ctl_name = CTL_UNNUMBERED, |
| 366 | .procname = "mmap_min_addr", |
| 367 | @@ -1141,7 +1140,6 @@ static struct ctl_table vm_table[] = { |
| 368 | .mode = 0644, |
| 369 | .proc_handler = &proc_doulongvec_minmax, |
| 370 | }, |
| 371 | -#endif |
| 372 | #ifdef CONFIG_NUMA |
| 373 | { |
| 374 | .ctl_name = CTL_UNNUMBERED, |
| 375 | diff --git a/mm/Kconfig b/mm/Kconfig |
| 376 | index 0bd9c2d..07b4ec4 100644 |
| 377 | --- a/mm/Kconfig |
| 378 | +++ b/mm/Kconfig |
| 379 | @@ -208,3 +208,21 @@ config VIRT_TO_BUS |
| 380 | |
| 381 | config MMU_NOTIFIER |
| 382 | bool |
| 383 | + |
| 384 | +config DEFAULT_MMAP_MIN_ADDR |
| 385 | + int "Low address space to protect from user allocation" |
| 386 | + default 4096 |
| 387 | + help |
| 388 | + This is the portion of low virtual memory which should be protected |
| 389 | + from userspace allocation. Keeping a user from writing to low pages |
| 390 | + can help reduce the impact of kernel NULL pointer bugs. |
| 391 | + |
| 392 | + For most ia64, ppc64 and x86 users with lots of address space |
| 393 | + a value of 65536 is reasonable and should cause no problems. |
| 394 | + On arm and other archs it should not be higher than 32768. |
| 395 | + Programs which use vm86 functionality would either need additional |
| 396 | + permissions from either the LSM or the capabilities module or have |
| 397 | + this protection disabled. |
| 398 | + |
| 399 | + This value can be changed after boot using the |
| 400 | + /proc/sys/vm/mmap_min_addr tunable. |
| 401 | diff --git a/mm/mmap.c b/mm/mmap.c |
| 402 | index 2ae093e..d330758 100644 |
| 403 | --- a/mm/mmap.c |
| 404 | +++ b/mm/mmap.c |
| 405 | @@ -86,6 +86,9 @@ int sysctl_overcommit_ratio = 50; /* default is 50% */ |
| 406 | int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT; |
| 407 | atomic_long_t vm_committed_space = ATOMIC_LONG_INIT(0); |
| 408 | |
| 409 | +/* amount of vm to protect from userspace access */ |
| 410 | +unsigned long mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR; |
| 411 | + |
| 412 | /* |
| 413 | * Check that a process has enough memory to allocate a new virtual |
| 414 | * mapping. 0 means there is enough memory for the allocation to |
| 415 | diff --git a/security/Kconfig b/security/Kconfig |
| 416 | index 5592939..38411dd 100644 |
| 417 | --- a/security/Kconfig |
| 418 | +++ b/security/Kconfig |
| 419 | @@ -92,28 +92,8 @@ config SECURITY_ROOTPLUG |
| 420 | |
| 421 | See <http://www.linuxjournal.com/article.php?sid=6279> for |
| 422 | more information about this module. |
| 423 | - |
| 424 | - If you are unsure how to answer this question, answer N. |
| 425 | - |
| 426 | -config SECURITY_DEFAULT_MMAP_MIN_ADDR |
| 427 | - int "Low address space to protect from user allocation" |
| 428 | - depends on SECURITY |
| 429 | - default 0 |
| 430 | - help |
| 431 | - This is the portion of low virtual memory which should be protected |
| 432 | - from userspace allocation. Keeping a user from writing to low pages |
| 433 | - can help reduce the impact of kernel NULL pointer bugs. |
| 434 | - |
| 435 | - For most ia64, ppc64 and x86 users with lots of address space |
| 436 | - a value of 65536 is reasonable and should cause no problems. |
| 437 | - On arm and other archs it should not be higher than 32768. |
| 438 | - Programs which use vm86 functionality would either need additional |
| 439 | - permissions from either the LSM or the capabilities module or have |
| 440 | - this protection disabled. |
| 441 | - |
| 442 | - This value can be changed after boot using the |
| 443 | - /proc/sys/vm/mmap_min_addr tunable. |
| 444 | |
| 445 | + If you are unsure how to answer this question, answer N. |
| 446 | |
| 447 | source security/selinux/Kconfig |
| 448 | source security/smack/Kconfig |
| 449 | diff --git a/security/security.c b/security/security.c |
| 450 | index 3a4b4f5..27a315d 100644 |
| 451 | --- a/security/security.c |
| 452 | +++ b/security/security.c |
| 453 | @@ -26,9 +26,6 @@ extern void security_fixup_ops(struct security_operations *ops); |
| 454 | |
| 455 | struct security_operations *security_ops; /* Initialized to NULL */ |
| 456 | |
| 457 | -/* amount of vm to protect from userspace access */ |
| 458 | -unsigned long mmap_min_addr = CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR; |
| 459 | - |
| 460 | static inline int verify(struct security_operations *ops) |
| 461 | { |
| 462 | /* verify the security_operations structure exists */ |