Annotation of /trunk/kernel26-alx/patches-2.6.27-r3/0126-2.6.27.27-all-fixes.patch
Parent Directory | Revision Log
Revision 1176 -
(hide annotations)
(download)
Thu Oct 14 15:11:06 2010 UTC (13 years, 11 months ago) by niro
File size: 17113 byte(s)
Thu Oct 14 15:11:06 2010 UTC (13 years, 11 months ago) by niro
File size: 17113 byte(s)
-2.6.27-alx-r3: new magellan 0.5.2 kernel
1 | niro | 1176 | diff --git a/Makefile b/Makefile |
2 | index 90764ee..387a5fd 100644 | ||
3 | --- a/Makefile | ||
4 | +++ b/Makefile | ||
5 | @@ -340,7 +340,8 @@ KBUILD_CPPFLAGS := -D__KERNEL__ $(LINUXINCLUDE) | ||
6 | |||
7 | KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \ | ||
8 | -fno-strict-aliasing -fno-common \ | ||
9 | - -Werror-implicit-function-declaration | ||
10 | + -Werror-implicit-function-declaration \ | ||
11 | + -fno-delete-null-pointer-checks | ||
12 | KBUILD_AFLAGS := -D__ASSEMBLY__ | ||
13 | |||
14 | # Read KERNELRELEASE from include/config/kernel.release (if it exists) | ||
15 | @@ -556,7 +557,7 @@ KBUILD_CFLAGS += $(call cc-option,-Wdeclaration-after-statement,) | ||
16 | KBUILD_CFLAGS += $(call cc-option,-Wno-pointer-sign,) | ||
17 | |||
18 | # disable invalid "can't wrap" optimzations for signed / pointers | ||
19 | -KBUILD_CFLAGS += $(call cc-option,-fwrapv) | ||
20 | +KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow) | ||
21 | |||
22 | # Add user supplied CPPFLAGS, AFLAGS and CFLAGS as the last assignments | ||
23 | # But warn user when we do so | ||
24 | diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c | ||
25 | index 615fcd3..5900f76 100644 | ||
26 | --- a/drivers/block/floppy.c | ||
27 | +++ b/drivers/block/floppy.c | ||
28 | @@ -3320,7 +3320,10 @@ static inline int set_geometry(unsigned int cmd, struct floppy_struct *g, | ||
29 | if (!capable(CAP_SYS_ADMIN)) | ||
30 | return -EPERM; | ||
31 | mutex_lock(&open_lock); | ||
32 | - LOCK_FDC(drive, 1); | ||
33 | + if (lock_fdc(drive, 1)) { | ||
34 | + mutex_unlock(&open_lock); | ||
35 | + return -EINTR; | ||
36 | + } | ||
37 | floppy_type[type] = *g; | ||
38 | floppy_type[type].name = "user format"; | ||
39 | for (cnt = type << 2; cnt < (type << 2) + 4; cnt++) | ||
40 | diff --git a/drivers/md/dm.c b/drivers/md/dm.c | ||
41 | index 925efaf..ace998c 100644 | ||
42 | --- a/drivers/md/dm.c | ||
43 | +++ b/drivers/md/dm.c | ||
44 | @@ -265,10 +265,6 @@ static int dm_blk_open(struct inode *inode, struct file *file) | ||
45 | goto out; | ||
46 | } | ||
47 | |||
48 | - if (test_bit(DMF_FREEING, &md->flags) || | ||
49 | - test_bit(DMF_DELETING, &md->flags)) | ||
50 | - return NULL; | ||
51 | - | ||
52 | dm_get(md); | ||
53 | atomic_inc(&md->open_count); | ||
54 | |||
55 | diff --git a/drivers/net/tulip/interrupt.c b/drivers/net/tulip/interrupt.c | ||
56 | index c6bad98..7faf84f 100644 | ||
57 | --- a/drivers/net/tulip/interrupt.c | ||
58 | +++ b/drivers/net/tulip/interrupt.c | ||
59 | @@ -140,6 +140,7 @@ int tulip_poll(struct napi_struct *napi, int budget) | ||
60 | /* If we own the next entry, it is a new packet. Send it up. */ | ||
61 | while ( ! (tp->rx_ring[entry].status & cpu_to_le32(DescOwned))) { | ||
62 | s32 status = le32_to_cpu(tp->rx_ring[entry].status); | ||
63 | + short pkt_len; | ||
64 | |||
65 | if (tp->dirty_rx + RX_RING_SIZE == tp->cur_rx) | ||
66 | break; | ||
67 | @@ -151,8 +152,28 @@ int tulip_poll(struct napi_struct *napi, int budget) | ||
68 | if (++work_done >= budget) | ||
69 | goto not_done; | ||
70 | |||
71 | - if ((status & 0x38008300) != 0x0300) { | ||
72 | - if ((status & 0x38000300) != 0x0300) { | ||
73 | + /* | ||
74 | + * Omit the four octet CRC from the length. | ||
75 | + * (May not be considered valid until we have | ||
76 | + * checked status for RxLengthOver2047 bits) | ||
77 | + */ | ||
78 | + pkt_len = ((status >> 16) & 0x7ff) - 4; | ||
79 | + | ||
80 | + /* | ||
81 | + * Maximum pkt_len is 1518 (1514 + vlan header) | ||
82 | + * Anything higher than this is always invalid | ||
83 | + * regardless of RxLengthOver2047 bits | ||
84 | + */ | ||
85 | + | ||
86 | + if ((status & (RxLengthOver2047 | | ||
87 | + RxDescCRCError | | ||
88 | + RxDescCollisionSeen | | ||
89 | + RxDescRunt | | ||
90 | + RxDescDescErr | | ||
91 | + RxWholePkt)) != RxWholePkt | ||
92 | + || pkt_len > 1518) { | ||
93 | + if ((status & (RxLengthOver2047 | | ||
94 | + RxWholePkt)) != RxWholePkt) { | ||
95 | /* Ingore earlier buffers. */ | ||
96 | if ((status & 0xffff) != 0x7fff) { | ||
97 | if (tulip_debug > 1) | ||
98 | @@ -161,30 +182,23 @@ int tulip_poll(struct napi_struct *napi, int budget) | ||
99 | dev->name, status); | ||
100 | tp->stats.rx_length_errors++; | ||
101 | } | ||
102 | - } else if (status & RxDescFatalErr) { | ||
103 | + } else { | ||
104 | /* There was a fatal error. */ | ||
105 | if (tulip_debug > 2) | ||
106 | printk(KERN_DEBUG "%s: Receive error, Rx status %8.8x.\n", | ||
107 | dev->name, status); | ||
108 | tp->stats.rx_errors++; /* end of a packet.*/ | ||
109 | - if (status & 0x0890) tp->stats.rx_length_errors++; | ||
110 | + if (pkt_len > 1518 || | ||
111 | + (status & RxDescRunt)) | ||
112 | + tp->stats.rx_length_errors++; | ||
113 | + | ||
114 | if (status & 0x0004) tp->stats.rx_frame_errors++; | ||
115 | if (status & 0x0002) tp->stats.rx_crc_errors++; | ||
116 | if (status & 0x0001) tp->stats.rx_fifo_errors++; | ||
117 | } | ||
118 | } else { | ||
119 | - /* Omit the four octet CRC from the length. */ | ||
120 | - short pkt_len = ((status >> 16) & 0x7ff) - 4; | ||
121 | struct sk_buff *skb; | ||
122 | |||
123 | -#ifndef final_version | ||
124 | - if (pkt_len > 1518) { | ||
125 | - printk(KERN_WARNING "%s: Bogus packet size of %d (%#x).\n", | ||
126 | - dev->name, pkt_len, pkt_len); | ||
127 | - pkt_len = 1518; | ||
128 | - tp->stats.rx_length_errors++; | ||
129 | - } | ||
130 | -#endif | ||
131 | /* Check if the packet is long enough to accept without copying | ||
132 | to a minimally-sized skbuff. */ | ||
133 | if (pkt_len < tulip_rx_copybreak | ||
134 | @@ -357,14 +371,35 @@ static int tulip_rx(struct net_device *dev) | ||
135 | /* If we own the next entry, it is a new packet. Send it up. */ | ||
136 | while ( ! (tp->rx_ring[entry].status & cpu_to_le32(DescOwned))) { | ||
137 | s32 status = le32_to_cpu(tp->rx_ring[entry].status); | ||
138 | + short pkt_len; | ||
139 | |||
140 | if (tulip_debug > 5) | ||
141 | printk(KERN_DEBUG "%s: In tulip_rx(), entry %d %8.8x.\n", | ||
142 | dev->name, entry, status); | ||
143 | if (--rx_work_limit < 0) | ||
144 | break; | ||
145 | - if ((status & 0x38008300) != 0x0300) { | ||
146 | - if ((status & 0x38000300) != 0x0300) { | ||
147 | + | ||
148 | + /* | ||
149 | + Omit the four octet CRC from the length. | ||
150 | + (May not be considered valid until we have | ||
151 | + checked status for RxLengthOver2047 bits) | ||
152 | + */ | ||
153 | + pkt_len = ((status >> 16) & 0x7ff) - 4; | ||
154 | + /* | ||
155 | + Maximum pkt_len is 1518 (1514 + vlan header) | ||
156 | + Anything higher than this is always invalid | ||
157 | + regardless of RxLengthOver2047 bits | ||
158 | + */ | ||
159 | + | ||
160 | + if ((status & (RxLengthOver2047 | | ||
161 | + RxDescCRCError | | ||
162 | + RxDescCollisionSeen | | ||
163 | + RxDescRunt | | ||
164 | + RxDescDescErr | | ||
165 | + RxWholePkt)) != RxWholePkt | ||
166 | + || pkt_len > 1518) { | ||
167 | + if ((status & (RxLengthOver2047 | | ||
168 | + RxWholePkt)) != RxWholePkt) { | ||
169 | /* Ingore earlier buffers. */ | ||
170 | if ((status & 0xffff) != 0x7fff) { | ||
171 | if (tulip_debug > 1) | ||
172 | @@ -373,31 +408,22 @@ static int tulip_rx(struct net_device *dev) | ||
173 | dev->name, status); | ||
174 | tp->stats.rx_length_errors++; | ||
175 | } | ||
176 | - } else if (status & RxDescFatalErr) { | ||
177 | + } else { | ||
178 | /* There was a fatal error. */ | ||
179 | if (tulip_debug > 2) | ||
180 | printk(KERN_DEBUG "%s: Receive error, Rx status %8.8x.\n", | ||
181 | dev->name, status); | ||
182 | tp->stats.rx_errors++; /* end of a packet.*/ | ||
183 | - if (status & 0x0890) tp->stats.rx_length_errors++; | ||
184 | + if (pkt_len > 1518 || | ||
185 | + (status & RxDescRunt)) | ||
186 | + tp->stats.rx_length_errors++; | ||
187 | if (status & 0x0004) tp->stats.rx_frame_errors++; | ||
188 | if (status & 0x0002) tp->stats.rx_crc_errors++; | ||
189 | if (status & 0x0001) tp->stats.rx_fifo_errors++; | ||
190 | } | ||
191 | } else { | ||
192 | - /* Omit the four octet CRC from the length. */ | ||
193 | - short pkt_len = ((status >> 16) & 0x7ff) - 4; | ||
194 | struct sk_buff *skb; | ||
195 | |||
196 | -#ifndef final_version | ||
197 | - if (pkt_len > 1518) { | ||
198 | - printk(KERN_WARNING "%s: Bogus packet size of %d (%#x).\n", | ||
199 | - dev->name, pkt_len, pkt_len); | ||
200 | - pkt_len = 1518; | ||
201 | - tp->stats.rx_length_errors++; | ||
202 | - } | ||
203 | -#endif | ||
204 | - | ||
205 | /* Check if the packet is long enough to accept without copying | ||
206 | to a minimally-sized skbuff. */ | ||
207 | if (pkt_len < tulip_rx_copybreak | ||
208 | diff --git a/drivers/net/tulip/tulip.h b/drivers/net/tulip/tulip.h | ||
209 | index 19abbc3..0afa2d4 100644 | ||
210 | --- a/drivers/net/tulip/tulip.h | ||
211 | +++ b/drivers/net/tulip/tulip.h | ||
212 | @@ -201,8 +201,38 @@ enum desc_status_bits { | ||
213 | DescStartPkt = 0x20000000, | ||
214 | DescEndRing = 0x02000000, | ||
215 | DescUseLink = 0x01000000, | ||
216 | - RxDescFatalErr = 0x008000, | ||
217 | + | ||
218 | + /* | ||
219 | + * Error summary flag is logical or of 'CRC Error', 'Collision Seen', | ||
220 | + * 'Frame Too Long', 'Runt' and 'Descriptor Error' flags generated | ||
221 | + * within tulip chip. | ||
222 | + */ | ||
223 | + RxDescErrorSummary = 0x8000, | ||
224 | + RxDescCRCError = 0x0002, | ||
225 | + RxDescCollisionSeen = 0x0040, | ||
226 | + | ||
227 | + /* | ||
228 | + * 'Frame Too Long' flag is set if packet length including CRC exceeds | ||
229 | + * 1518. However, a full sized VLAN tagged frame is 1522 bytes | ||
230 | + * including CRC. | ||
231 | + * | ||
232 | + * The tulip chip does not block oversized frames, and if this flag is | ||
233 | + * set on a receive descriptor it does not indicate the frame has been | ||
234 | + * truncated. The receive descriptor also includes the actual length. | ||
235 | + * Therefore we can safety ignore this flag and check the length | ||
236 | + * ourselves. | ||
237 | + */ | ||
238 | + RxDescFrameTooLong = 0x0080, | ||
239 | + RxDescRunt = 0x0800, | ||
240 | + RxDescDescErr = 0x4000, | ||
241 | RxWholePkt = 0x00000300, | ||
242 | + /* | ||
243 | + * Top three bits of 14 bit frame length (status bits 27-29) should | ||
244 | + * never be set as that would make frame over 2047 bytes. The Receive | ||
245 | + * Watchdog flag (bit 4) may indicate the length is over 2048 and the | ||
246 | + * length field is invalid. | ||
247 | + */ | ||
248 | + RxLengthOver2047 = 0x38000010 | ||
249 | }; | ||
250 | |||
251 | |||
252 | diff --git a/drivers/pci/iova.c b/drivers/pci/iova.c | ||
253 | index 3ef4ac0..078bf8b 100644 | ||
254 | --- a/drivers/pci/iova.c | ||
255 | +++ b/drivers/pci/iova.c | ||
256 | @@ -1,9 +1,19 @@ | ||
257 | /* | ||
258 | - * Copyright (c) 2006, Intel Corporation. | ||
259 | + * Copyright © 2006-2009, Intel Corporation. | ||
260 | * | ||
261 | - * This file is released under the GPLv2. | ||
262 | + * This program is free software; you can redistribute it and/or modify it | ||
263 | + * under the terms and conditions of the GNU General Public License, | ||
264 | + * version 2, as published by the Free Software Foundation. | ||
265 | + * | ||
266 | + * This program is distributed in the hope it will be useful, but WITHOUT | ||
267 | + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
268 | + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | ||
269 | + * more details. | ||
270 | + * | ||
271 | + * You should have received a copy of the GNU General Public License along with | ||
272 | + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple | ||
273 | + * Place - Suite 330, Boston, MA 02111-1307 USA. | ||
274 | * | ||
275 | - * Copyright (C) 2006-2008 Intel Corporation | ||
276 | * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> | ||
277 | */ | ||
278 | |||
279 | @@ -123,7 +133,15 @@ move_left: | ||
280 | /* Insert the new_iova into domain rbtree by holding writer lock */ | ||
281 | /* Add new node and rebalance tree. */ | ||
282 | { | ||
283 | - struct rb_node **entry = &((prev)), *parent = NULL; | ||
284 | + struct rb_node **entry, *parent = NULL; | ||
285 | + | ||
286 | + /* If we have 'prev', it's a valid place to start the | ||
287 | + insertion. Otherwise, start from the root. */ | ||
288 | + if (prev) | ||
289 | + entry = &prev; | ||
290 | + else | ||
291 | + entry = &iovad->rbroot.rb_node; | ||
292 | + | ||
293 | /* Figure out where to put new node */ | ||
294 | while (*entry) { | ||
295 | struct iova *this = container_of(*entry, | ||
296 | diff --git a/include/linux/mm.h b/include/linux/mm.h | ||
297 | index ae9775d..eeb7e56 100644 | ||
298 | --- a/include/linux/mm.h | ||
299 | +++ b/include/linux/mm.h | ||
300 | @@ -572,12 +572,10 @@ static inline void set_page_links(struct page *page, enum zone_type zone, | ||
301 | */ | ||
302 | static inline unsigned long round_hint_to_min(unsigned long hint) | ||
303 | { | ||
304 | -#ifdef CONFIG_SECURITY | ||
305 | hint &= PAGE_MASK; | ||
306 | if (((void *)hint != NULL) && | ||
307 | (hint < mmap_min_addr)) | ||
308 | return PAGE_ALIGN(mmap_min_addr); | ||
309 | -#endif | ||
310 | return hint; | ||
311 | } | ||
312 | |||
313 | diff --git a/include/linux/personality.h b/include/linux/personality.h | ||
314 | index a84e9ff..1261208 100644 | ||
315 | --- a/include/linux/personality.h | ||
316 | +++ b/include/linux/personality.h | ||
317 | @@ -40,7 +40,10 @@ enum { | ||
318 | * Security-relevant compatibility flags that must be | ||
319 | * cleared upon setuid or setgid exec: | ||
320 | */ | ||
321 | -#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE) | ||
322 | +#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC | \ | ||
323 | + ADDR_NO_RANDOMIZE | \ | ||
324 | + ADDR_COMPAT_LAYOUT | \ | ||
325 | + MMAP_PAGE_ZERO) | ||
326 | |||
327 | /* | ||
328 | * Personality types. | ||
329 | diff --git a/include/linux/security.h b/include/linux/security.h | ||
330 | index 80c4d00..1638afd 100644 | ||
331 | --- a/include/linux/security.h | ||
332 | +++ b/include/linux/security.h | ||
333 | @@ -2134,6 +2134,8 @@ static inline int security_file_mmap(struct file *file, unsigned long reqprot, | ||
334 | unsigned long addr, | ||
335 | unsigned long addr_only) | ||
336 | { | ||
337 | + if ((addr < mmap_min_addr) && !capable(CAP_SYS_RAWIO)) | ||
338 | + return -EACCES; | ||
339 | return 0; | ||
340 | } | ||
341 | |||
342 | diff --git a/kernel/resource.c b/kernel/resource.c | ||
343 | index 03d796c..87f675a 100644 | ||
344 | --- a/kernel/resource.c | ||
345 | +++ b/kernel/resource.c | ||
346 | @@ -741,7 +741,7 @@ static int __init reserve_setup(char *str) | ||
347 | static struct resource reserve[MAXRESERVE]; | ||
348 | |||
349 | for (;;) { | ||
350 | - int io_start, io_num; | ||
351 | + unsigned int io_start, io_num; | ||
352 | int x = reserved; | ||
353 | |||
354 | if (get_option (&str, &io_start) != 2) | ||
355 | diff --git a/kernel/sysctl.c b/kernel/sysctl.c | ||
356 | index 6816e6d..1228d65 100644 | ||
357 | --- a/kernel/sysctl.c | ||
358 | +++ b/kernel/sysctl.c | ||
359 | @@ -1132,7 +1132,6 @@ static struct ctl_table vm_table[] = { | ||
360 | .strategy = &sysctl_jiffies, | ||
361 | }, | ||
362 | #endif | ||
363 | -#ifdef CONFIG_SECURITY | ||
364 | { | ||
365 | .ctl_name = CTL_UNNUMBERED, | ||
366 | .procname = "mmap_min_addr", | ||
367 | @@ -1141,7 +1140,6 @@ static struct ctl_table vm_table[] = { | ||
368 | .mode = 0644, | ||
369 | .proc_handler = &proc_doulongvec_minmax, | ||
370 | }, | ||
371 | -#endif | ||
372 | #ifdef CONFIG_NUMA | ||
373 | { | ||
374 | .ctl_name = CTL_UNNUMBERED, | ||
375 | diff --git a/mm/Kconfig b/mm/Kconfig | ||
376 | index 0bd9c2d..07b4ec4 100644 | ||
377 | --- a/mm/Kconfig | ||
378 | +++ b/mm/Kconfig | ||
379 | @@ -208,3 +208,21 @@ config VIRT_TO_BUS | ||
380 | |||
381 | config MMU_NOTIFIER | ||
382 | bool | ||
383 | + | ||
384 | +config DEFAULT_MMAP_MIN_ADDR | ||
385 | + int "Low address space to protect from user allocation" | ||
386 | + default 4096 | ||
387 | + help | ||
388 | + This is the portion of low virtual memory which should be protected | ||
389 | + from userspace allocation. Keeping a user from writing to low pages | ||
390 | + can help reduce the impact of kernel NULL pointer bugs. | ||
391 | + | ||
392 | + For most ia64, ppc64 and x86 users with lots of address space | ||
393 | + a value of 65536 is reasonable and should cause no problems. | ||
394 | + On arm and other archs it should not be higher than 32768. | ||
395 | + Programs which use vm86 functionality would either need additional | ||
396 | + permissions from either the LSM or the capabilities module or have | ||
397 | + this protection disabled. | ||
398 | + | ||
399 | + This value can be changed after boot using the | ||
400 | + /proc/sys/vm/mmap_min_addr tunable. | ||
401 | diff --git a/mm/mmap.c b/mm/mmap.c | ||
402 | index 2ae093e..d330758 100644 | ||
403 | --- a/mm/mmap.c | ||
404 | +++ b/mm/mmap.c | ||
405 | @@ -86,6 +86,9 @@ int sysctl_overcommit_ratio = 50; /* default is 50% */ | ||
406 | int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT; | ||
407 | atomic_long_t vm_committed_space = ATOMIC_LONG_INIT(0); | ||
408 | |||
409 | +/* amount of vm to protect from userspace access */ | ||
410 | +unsigned long mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR; | ||
411 | + | ||
412 | /* | ||
413 | * Check that a process has enough memory to allocate a new virtual | ||
414 | * mapping. 0 means there is enough memory for the allocation to | ||
415 | diff --git a/security/Kconfig b/security/Kconfig | ||
416 | index 5592939..38411dd 100644 | ||
417 | --- a/security/Kconfig | ||
418 | +++ b/security/Kconfig | ||
419 | @@ -92,28 +92,8 @@ config SECURITY_ROOTPLUG | ||
420 | |||
421 | See <http://www.linuxjournal.com/article.php?sid=6279> for | ||
422 | more information about this module. | ||
423 | - | ||
424 | - If you are unsure how to answer this question, answer N. | ||
425 | - | ||
426 | -config SECURITY_DEFAULT_MMAP_MIN_ADDR | ||
427 | - int "Low address space to protect from user allocation" | ||
428 | - depends on SECURITY | ||
429 | - default 0 | ||
430 | - help | ||
431 | - This is the portion of low virtual memory which should be protected | ||
432 | - from userspace allocation. Keeping a user from writing to low pages | ||
433 | - can help reduce the impact of kernel NULL pointer bugs. | ||
434 | - | ||
435 | - For most ia64, ppc64 and x86 users with lots of address space | ||
436 | - a value of 65536 is reasonable and should cause no problems. | ||
437 | - On arm and other archs it should not be higher than 32768. | ||
438 | - Programs which use vm86 functionality would either need additional | ||
439 | - permissions from either the LSM or the capabilities module or have | ||
440 | - this protection disabled. | ||
441 | - | ||
442 | - This value can be changed after boot using the | ||
443 | - /proc/sys/vm/mmap_min_addr tunable. | ||
444 | |||
445 | + If you are unsure how to answer this question, answer N. | ||
446 | |||
447 | source security/selinux/Kconfig | ||
448 | source security/smack/Kconfig | ||
449 | diff --git a/security/security.c b/security/security.c | ||
450 | index 3a4b4f5..27a315d 100644 | ||
451 | --- a/security/security.c | ||
452 | +++ b/security/security.c | ||
453 | @@ -26,9 +26,6 @@ extern void security_fixup_ops(struct security_operations *ops); | ||
454 | |||
455 | struct security_operations *security_ops; /* Initialized to NULL */ | ||
456 | |||
457 | -/* amount of vm to protect from userspace access */ | ||
458 | -unsigned long mmap_min_addr = CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR; | ||
459 | - | ||
460 | static inline int verify(struct security_operations *ops) | ||
461 | { | ||
462 | /* verify the security_operations structure exists */ |