68 Commits

Author	SHA1	Message	Date
Raghavendra Rao Ananta	5bd75403be	Merge remote-tracking branch 'remotes/origin/tmp-f686d9f' into msm-lahaina ... * remotes/origin/tmp-f686d9f: ANDROID: update abi_gki_aarch64.xml for 5.2-rc6 Linux 5.2-rc6 Revert "iommu/vt-d: Fix lock inversion between iommu->lock and device_domain_lock" Bluetooth: Fix regression with minimum encryption key size alignment tcp: refine memory limit test in tcp_fragment() x86/vdso: Prevent segfaults due to hoisted vclock reads SUNRPC: Fix a credential refcount leak Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE" net :sunrpc :clnt :Fix xps refcount imbalance on the error path NFS4: Only set creation opendata if O_CREAT ANDROID: gki_defconfig: workaround to enable configs ANDROID: gki_defconfig: more configs for partners ARM: 8867/1: vdso: pass --be8 to linker if necessary KVM: nVMX: reorganize initial steps of vmx_set_nested_state KVM: PPC: Book3S HV: Invalidate ERAT when flushing guest TLB entries habanalabs: use u64_to_user_ptr() for reading user pointers nfsd: replace Jeff by Chuck as nfsd co-maintainer inet: clear num_timeout reqsk_alloc() PCI/P2PDMA: Ignore root complex whitelist when an IOMMU is present net: mvpp2: debugfs: Add pmap to fs dump ipv6: Default fib6_type to RTN_UNICAST when not set net: hns3: Fix inconsistent indenting net/af_iucv: always register net_device notifier net/af_iucv: build proper skbs for HiperTransport net/af_iucv: remove GFP_DMA restriction for HiperTransport doc: fix documentation about UIO_MEM_LOGICAL using MAINTAINERS / Documentation: Thorsten Scherer is the successor of Gavin Schenk docs: fb: Add TER16x32 to the available font names MAINTAINERS: fpga: hand off maintainership to Moritz treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 507 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 506 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 504 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 503 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 502 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 501 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 499 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 498 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 496 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 495 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 491 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 490 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 489 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 488 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 487 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 486 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 485 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 482 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 481 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 480 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 479 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 477 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 475 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 474 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 473 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 472 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 471 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 469 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 468 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 467 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 466 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 465 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 464 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 463 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 462 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 461 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 460 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 459 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 457 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 456 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 455 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 454 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 452 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 451 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 250 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 248 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 247 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 246 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 245 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 244 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 243 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 239 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 238 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 237 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 235 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 233 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 232 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 231 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 226 KVM: arm/arm64: Fix emulated ptimer irq injection net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() tests: kvm: Check for a kernel warning kvm: tests: Sort tests in the Makefile alphabetically KVM: x86/mmu: Allocate PAE root array when using SVM's 32-bit NPT KVM: x86: Modify struct kvm_nested_state to have explicit fields for data fanotify: update connector fsid cache on add mark quota: fix a problem about transfer quota drm/i915: Don't clobber M/N values during fastset check powerpc: enable a 30-bit ZONE_DMA for 32-bit pmac ovl: make i_ino consistent with st_ino in more cases scsi: qla2xxx: Fix hardlockup in abort command during driver remove scsi: ufs: Avoid runtime suspend possibly being blocked forever scsi: qedi: update driver version to 8.37.0.20 scsi: qedi: Check targetname while finding boot target information hvsock: fix epollout hang from race condition net/udp_gso: Allow TX timestamp with UDP GSO net: netem: fix use after free and double free with packet corruption net: netem: fix backlog accounting for corrupted GSO frames net: lio_core: fix potential sign-extension overflow on large shift tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL apparmor: reset pos on failure to unpack for various functions apparmor: enforce nullbyte at end of tag string apparmor: fix PROFILE_MEDIATES for untrusted input RDMA/efa: Handle mmap insertions overflow tun: wake up waitqueues after IFF_UP is set drm: return -EFAULT if copy_to_user() fails net: remove duplicate fetch in sock_getsockopt tipc: fix issues with early FAILOVER_MSG from peer bnx2x: Check if transceiver implements DDM before access xhci: detect USB 3.2 capable host controllers correctly usb: xhci: Don't try to recover an endpoint if port is in error state. KVM: fix typo in documentation drm/panfrost: Make sure a BO is only unmapped when appropriate md: fix for divide error in status_resync soc: ixp4xx: npe: Fix an IS_ERR() vs NULL check in probe arm64/mm: don't initialize pgd_cache twice MAINTAINERS: Update my email address arm64/sve: <uapi/asm/ptrace.h> should not depend on <uapi/linux/prctl.h> ovl: fix typo in MODULE_PARM_DESC ovl: fix bogus -Wmaybe-unitialized warning ovl: don't fail with disconnected lower NFS mmc: core: Prevent processing SDIO IRQs when the card is suspended mmc: sdhci: sdhci-pci-o2micro: Correctly set bus width when tuning brcmfmac: sdio: Don't tune while the card is off mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() brcmfmac: sdio: Disable auto-tuning around commands expected to fail mmc: core: API to temporarily disable retuning for SDIO CRC errors Revert "brcmfmac: disable command decode in sdio_aos" ARM: ixp4xx: include irqs.h where needed ARM: ixp4xx: mark ixp4xx_irq_setup as __init ARM: ixp4xx: don't select SERIAL_OF_PLATFORM firmware: trusted_foundations: add ARMv7 dependency usb: dwc2: Use generic PHY width in params setup RDMA/efa: Fix success return value in case of error IB/hfi1: Handle port down properly in pio IB/hfi1: Handle wakeup of orphaned QPs for pio IB/hfi1: Wakeup QPs orphaned on wait list after flush IB/hfi1: Use aborts to trigger RC throttling IB/hfi1: Create inline to get extended headers IB/hfi1: Silence txreq allocation warnings IB/hfi1: Avoid hardlockup with flushlist_lock KVM: PPC: Book3S HV: Only write DAWR[X] when handling h_set_dawr in real mode KVM: PPC: Book3S HV: Fix r3 corruption in h_set_dabr() fs/namespace: fix unprivileged mount propagation vfs: fsmount: add missing mntget() cifs: fix GlobalMid_Lock bug in cifs_reconnect SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write staging: erofs: add requirements field in superblock arm64: ssbd: explicitly depend on <linux/prctl.h> block: fix page leak when merging to same page block: return from __bio_try_merge_page if merging occured in the same page Btrfs: fix failure to persist compression property xattr deletion on fsync riscv: remove unused barrier defines usb: chipidea: udc: workaround for endpoint conflict issue MAINTAINERS: Change QCOM repo location mmc: mediatek: fix SDIO IRQ detection issue mmc: mediatek: fix SDIO IRQ interrupt handle flow mmc: core: complete HS400 before checking status riscv: mm: synchronize MMU after pte change MAINTAINERS: Update my email address to use @kernel.org ANDROID: update abi_gki_aarch64.xml for 5.2-rc5 riscv: dts: add initial board data for the SiFive HiFive Unleashed riscv: dts: add initial support for the SiFive FU540-C000 SoC dt-bindings: riscv: convert cpu binding to json-schema dt-bindings: riscv: sifive: add YAML documentation for the SiFive FU540 arch: riscv: add support for building DTB files from DT source data drm/i915/gvt: ignore unexpected pvinfo write lapb: fixed leak of control-blocks. tipc: purge deferredq list for each grp member in tipc_group_delete ax25: fix inconsistent lock state in ax25_destroy_timer neigh: fix use-after-free read in pneigh_get_next tcp: fix compile error if !CONFIG_SYSCTL hv_sock: Suppress bogus "may be used uninitialized" warnings be2net: Fix number of Rx queues used for flow hashing net: handle 802.1P vlan 0 packets properly Linux 5.2-rc5 tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() tcp: add tcp_min_snd_mss sysctl tcp: tcp_fragment() should apply sane memory limits tcp: limit payload size of sacked skbs Revert "net: phylink: set the autoneg state in phylink_phy_change" bpf: fix nested bpf tracepoints with per-cpu data bpf: Fix out of bounds memory access in bpf_sk_storage vsock/virtio: set SOCK_DONE on peer shutdown net: dsa: rtl8366: Fix up VLAN filtering net: phylink: set the autoneg state in phylink_phy_change powerpc/32: fix build failure on book3e with KVM powerpc/booke: fix fast syscall entry on SMP powerpc/32s: fix initial setup of segment registers on secondary CPU x86/microcode, cpuhotplug: Add a microcode loader CPU hotplug callback net: add high_order_alloc_disable sysctl/static key tcp: add tcp_tx_skb_cache sysctl tcp: add tcp_rx_skb_cache sysctl sysctl: define proc_do_static_key() hv_netvsc: Set probe mode to sync net: sched: flower: don't call synchronize_rcu() on mask creation net: dsa: fix warning same module names sctp: Free cookie before we memdup a new one net: dsa: microchip: Don't try to read stats for unused ports qmi_wwan: extend permitted QMAP mux_id value range qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode qmi_wwan: add network device usage statistics for qmimux devices qmi_wwan: add support for QMAP padding in the RX path bpf, x64: fix stack layout of JITed bpf code Smack: Restore the smackfsdef mount option and add missing prefixes bpf, devmap: Add missing RCU read lock on flush bpf, devmap: Add missing bulk queue free bpf, devmap: Fix premature entry free on destroying map ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() module: Fix livepatch/ftrace module text permissions race tracing/uprobe: Fix obsolete comment on trace_uprobe_create() tracing/uprobe: Fix NULL pointer dereference in trace_uprobe_create() tracing: Make two symbols static tracing: avoid build warning with HAVE_NOP_MCOUNT tracing: Fix out-of-range read in trace_stack_print() gfs2: Fix rounding error in gfs2_iomap_page_prepare net: phylink: further mac_config documentation improvements nfc: Ensure presence of required attributes in the deactivate_target handler btrfs: start readahead also in seed devices x86/kasan: Fix boot with 5-level paging and KASAN cfg80211: report measurement start TSF correctly cfg80211: fix memory leak of wiphy device name cfg80211: util: fix bit count off by one mac80211: do not start any work during reconfigure flow cfg80211: use BIT_ULL in cfg80211_parse_mbssid_data() mac80211: only warn once on chanctx_conf being NULL mac80211: drop robust management frames from unknown TA gpu: ipu-v3: image-convert: Fix image downsize coefficients gpu: ipu-v3: image-convert: Fix input bytesperline for packed formats gpu: ipu-v3: image-convert: Fix input bytesperline width/height align thunderbolt: Implement CIO reset correctly for Titan Ridge ARM: davinci: da8xx: specify dma_coherent_mask for lcdc ARM: davinci: da850-evm: call regulator_has_full_constraints() timekeeping: Repair ktime_get_coarse*() granularity Revert "ALSA: hda/realtek - Improve the headset mic for Acer Aspire laptops" ANDROID: update abi_gki_aarch64.xml mm/devm_memremap_pages: fix final page put race PCI/P2PDMA: track pgmap references per resource, not globally lib/genalloc: introduce chunk owners PCI/P2PDMA: fix the gen_pool_add_virt() failure path mm/devm_memremap_pages: introduce devm_memunmap_pages drivers/base/devres: introduce devm_release_action() mm/vmscan.c: fix trying to reclaim unevictable LRU page coredump: fix race condition between collapse_huge_page() and core dumping mm/mlock.c: change count_mm_mlocked_page_nr return type mm: mmu_gather: remove __tlb_reset_range() for force flush fs/ocfs2: fix race in ocfs2_dentry_attach_lock() mm/vmscan.c: fix recent_rotated history mm/mlock.c: mlockall error for flag MCL_ONFAULT scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node mm: memcontrol: don't batch updates of local VM stats and events PCI: PM: Skip devices in D0 for suspend-to-idle ANDROID: Removed extraneous configs from gki powerpc/bpf: use unsigned division instruction for 64-bit operations bpf: fix div64 overflow tests to properly detect errors bpf: sync BPF_FIB_LOOKUP flag changes with BPF uapi bpf: simplify definition of BPF_FIB_LOOKUP related flags cifs: add spinlock for the openFileList to cifsInodeInfo cifs: fix panic in smb2_reconnect x86/fpu: Don't use current->mm to check for a kthread KVM: nVMX: use correct clean fields when copying from eVMCS vfio-ccw: Destroy kmem cache region on module exit block/ps3vram: Use %llu to format sector_t after LBDAF removal libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached bcache: fix stack corruption by PRECEDING_KEY() arm64/sve: Fix missing SVE/FPSIMD endianness conversions blk-mq: remove WARN_ON(!q->elevator) from blk_mq_sched_free_requests blkio-controller.txt: Remove references to CFQ block/switching-sched.txt: Update to blk-mq schedulers null_blk: remove duplicate check for report zone blk-mq: no need to check return value of debugfs_create functions io_uring: fix memory leak of UNIX domain socket inode block: force select mq-deadline for zoned block devices binder: fix possible UAF when freeing buffer drm/amdgpu: return 0 by default in amdgpu_pm_load_smu_firmware drm/amdgpu: Fix bounds checking in amdgpu_ras_is_supported() ANDROID: x86 gki_defconfig: enable DMA_CMA ANDROID: Fixed x86 regression ANDROID: gki_defconfig: enable DMA_CMA Input: synaptics - enable SMBus on ThinkPad E480 and E580 net: mvpp2: prs: Use the correct helpers when removing all VID filters net: mvpp2: prs: Fix parser range for VID filtering mlxsw: spectrum: Disallow prio-tagged packets when PVID is removed mlxsw: spectrum_buffers: Reduce pool size on Spectrum-2 selftests: tc_flower: Add TOS matching test mlxsw: spectrum_flower: Fix TOS matching selftests: mlxsw: Test nexthop offload indication mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead mlxsw: spectrum: Use different seeds for ECMP and LAG hash net: tls, correctly account for copied bytes with multiple sk_msgs vrf: Increment Icmp6InMsgs on the original netdev cpuset: restore sanity to cpuset_cpus_allowed_fallback() net: ethtool: Allow matching on vlan DEI bit linux-next: DOC: RDS: Fix a typo in rds.txt x86/kgdb: Return 0 from kgdb_arch_set_breakpoint() mpls: fix af_mpls dependencies for real selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts() selinux: fix a missing-check bug in selinux_add_mnt_opt( ) arm64: tlbflush: Ensure start/end of address range are aligned to stride usb: typec: Make sure an alt mode exist before getting its partner KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST KVM: arm64: Implement vq_present() as a macro xdp: check device pointer before clearing bpf: net: Set sk_bpf_storage back to NULL for cloned sk Btrfs: fix race between block group removal and block group allocation clocksource/drivers/arm_arch_timer: Don't trace count reader functions i2c: pca-platform: Fix GPIO lookup code thunderbolt: Make sure device runtime resume completes before taking domain lock drm: add fallback override/firmware EDID modes workaround i2c: acorn: fix i2c warning arm64: Don't unconditionally add -Wno-psabi to KBUILD_CFLAGS drm/edid: abstract override/firmware EDID retrieval platform/mellanox: mlxreg-hotplug: Add devm_free_irq call to remove flow platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device registration platform/x86: intel-vbtn: Report switch events when event wakes device platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi ARM: mvebu_v7_defconfig: fix Ethernet on Clearfog x86/resctrl: Prevent NULL pointer dereference when local MBM is disabled x86/resctrl: Don't stop walking closids when a locksetup group is found iommu/arm-smmu: Avoid constant zero in TLBI writes drm/i915/perf: fix whitelist on Gen10+ drm/i915/sdvo: Implement proper HDMI audio support for SDVO drm/i915: Fix per-pixel alpha with CCS drm/i915/dmc: protect against reading random memory drm/i915/dsi: Use a fuzzy check for burst mode clock check Input: imx_keypad - make sure keyboard can always wake up system selinux: log raw contexts as untrusted strings ptrace: restore smp_rmb() in __ptrace_may_access() IB/hfi1: Correct tid qp rcd to match verbs context IB/hfi1: Close PSM sdma_progress sleep window IB/hfi1: Validate fault injection opcode user input geneve: Don't assume linear buffers in error handler vxlan: Don't assume linear buffers in error handler net: openvswitch: do not free vport if register_netdevice() is failed. net: correct udp zerocopy refcnt also when zerocopy only on append drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls riscv: Fix udelay in RV32. drm/vmwgfx: fix a warning due to missing dma_parms riscv: export pm_power_off again drm/vmwgfx: Honor the sg list segment size limitation RISC-V: defconfig: enable clocks, serial console drm/vmwgfx: Use the backdoor port if the HB port is not available bpf: lpm_trie: check left child of last leftmost node for NULL Revert "fuse: require /dev/fuse reads to have enough buffer capacity" ALSA: ice1712: Check correct return value to snd_i2c_sendbytes (EWS/DMX 6Fire) ALSA: oxfw: allow PCM capture for Stanton SCS.1m ALSA: firewire-motu: fix destruction of data for isochronous resources s390/ctl_reg: mark __ctl_set_bit and __ctl_clear_bit as __always_inline s390/boot: disable address-of-packed-member warning ANDROID: update gki aarch64 ABI representation cgroup: Fix css_task_iter_advance_css_set() cset skip condition drm/panfrost: Require the simple_ondemand governor drm/panfrost: make devfreq optional again drm/gem_shmem: Use a writecombine mapping for ->vaddr mmc: sdhi: disallow HS400 for M3-W ES1.2, RZ/G2M, and V3H ASoC: Intel: sst: fix kmalloc call with wrong flags ASoC: core: Fix deadlock in snd_soc_instantiate_card() cgroup/bfq: revert bfq.weight symlink change ARM: dts: am335x phytec boards: Fix cd-gpios active level ARM: dts: dra72x: Disable usb4_tm target module nfp: ensure skb network header is set for packet redirect tcp: fix undo spurious SYNACK in passive Fast Open mpls: fix af_mpls dependencies ibmvnic: Fix unchecked return codes of memory allocations ibmvnic: Refresh device multicast list after reset ibmvnic: Do not close unopened driver during reset mpls: fix warning with multi-label encap net: phy: rename Asix Electronics PHY driver ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero net: ipv4: fib_semantics: fix uninitialized variable Input: iqs5xx - get axis info before calling input_mt_init_slots() Linux 5.2-rc4 drm: panel-orientation-quirks: Add quirk for GPD MicroPC drm: panel-orientation-quirks: Add quirk for GPD pocket2 counter/ftm-quaddec: Add missing dependencies in Kconfig staging: iio: adt7316: Fix build errors when GPIOLIB is not set x86/fpu: Update kernel's FPU state before using for the fsave header MAINTAINERS: Karthikeyan Ramasubramanian is MIA i2c: xiic: Add max_read_len quirk ANDROID: update ABI representation gpio: pca953x: hack to fix 24 bit gpio expanders net/mlx5e: Support tagged tunnel over bond net/mlx5e: Avoid detaching non-existing netdev under switchdev mode net/mlx5e: Fix source port matching in fdb peer flow rule net/mlx5e: Replace reciprocal_scale in TX select queue function net/mlx5e: Add ndo_set_feature for uplink representor net/mlx5: Avoid reloading already removed devices net/mlx5: Update pci error handler entries and command translation RAS/CEC: Convert the timer callback to a workqueue RAS/CEC: Fix binary search function x86/mm/KASLR: Compute the size of the vmemmap section properly can: purge socket error queue on sock destruct can: flexcan: Remove unneeded registration message can: af_can: Fix error path of can_init() can: m_can: implement errata "Needless activation of MRAF irq" can: mcp251x: add support for mcp25625 dt-bindings: can: mcp251x: add mcp25625 support can: xilinx_can: use correct bittiming_const for CAN FD core can: flexcan: fix timeout when set small bitrate can: usb: Kconfig: Remove duplicate menu entry lockref: Limit number of cmpxchg loop retries uaccess: add noop untagged_addr definition x86/insn-eval: Fix use-after-free access to LDT entry kbuild: use more portable 'command -v' for cc-cross-prefix s390/unwind: correct stack switching during unwind scsi: hpsa: correct ioaccel2 chaining btrfs: Always trim all unallocated space in btrfs_trim_free_extents netfilter: ipv6: nf_defrag: accept duplicate fragments again powerpc/32s: fix booting with CONFIG_PPC_EARLY_DEBUG_BOOTX drm/meson: fix G12A primary plane disabling drm/meson: fix primary plane disabling drm/meson: fix G12A HDMI PLL settings for 4K60 1000/1001 variations block, bfq: add weight symlink to the bfq.weight cgroup parameter cgroup: let a symlink too be created with a cftype file powerpc/64s: __find_linux_pte() synchronization vs pmdp_invalidate() powerpc/64s: Fix THP PMD collapse serialisation powerpc: Fix kexec failure on book3s/32 drm/nouveau/secboot/gp10[2467]: support newer FW to fix SEC2 failures on some boards drm/nouveau/secboot: enable loading of versioned LS PMU/SEC2 ACR msgqueue FW drm/nouveau/secboot: split out FW version-specific LS function pointers drm/nouveau/secboot: pass max supported FW version to LS load funcs drm/nouveau/core: support versioned firmware loading drm/nouveau/core: pass subdev into nvkm_firmware_get, rather than device block: free sched's request pool in blk_cleanup_queue bpf: expand section tests for test_section_names bpf: more msg_name rewrite tests to test_sock_addr bpf, bpftool: enable recvmsg attach types bpf, libbpf: enable recvmsg attach types bpf: sync tooling uapi header bpf: fix unconnected udp hooks vfio/mdev: Synchronize device create/remove with parent removal vfio/mdev: Avoid creating sysfs remove file on stale device removal pktgen: do not sleep with the thread lock held. net: mvpp2: Use strscpy to handle stat strings net: rds: fix memory leak in rds_ib_flush_mr_pool ipv6: fix EFAULT on sendto with icmpv6 and hdrincl ipv6: use READ_ONCE() for inet->hdrincl as in ipv4 soundwire: intel: set dai min and max channels correctly soundwire: stream: fix bad unlock balance x86/fpu: Use fault_in_pages_writeable() for pre-faulting nvme-rdma: use dynamic dma mapping per command nvme: Fix u32 overflow in the number of namespace list calculation vfio/mdev: Improve the create/remove sequence SoC: rt274: Fix internal jack assignment in set_jack callback ALSA: hdac: fix memory release for SST and SOF drivers ASoC: SOF: Intel: hda: use the defined ppcap functions ASoC: core: move DAI pre-links initiation to snd_soc_instantiate_card ASoC: Intel: cht_bsw_rt5672: fix kernel oops with platform_name override ASoC: Intel: cht_bsw_nau8824: fix kernel oops with platform_name override ASoC: Intel: bytcht_es8316: fix kernel oops with platform_name override ASoC: Intel: cht_bsw_max98090: fix kernel oops with platform_name override Revert "gfs2: Replace gl_revokes with a GLF flag" arm64: Silence gcc warnings about arch ABI drift parisc: Fix crash due alternative coding for NP iopdir_fdc bit parisc: Use lpa instruction to load physical addresses in driver code parisc: configs: Remove useless UEVENT_HELPER_PATH parisc: Use implicit space register selection for loading the coherence index of I/O pdirs usb: gadget: udc: lpc32xx: fix return value check in lpc32xx_udc_probe() usb: gadget: dwc2: fix zlp handling usb: dwc2: Set actual frame number for completed ISOC transfer for none DDMA usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i] usb: phy: mxs: Disable external charger detect in mxs_phy_hw_init() usb: dwc2: Fix DMA cache alignment issues usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) ARM64: trivial: s/TIF_SECOMP/TIF_SECCOMP/ comment typo fix drm/komeda: Potential error pointer dereference drm/komeda: remove set but not used variable 'kcrtc' x86/CPU: Add more Icelake model numbers hwmon: (pmbus/core) Treat parameters as paged if on multiple pages hwmon: (pmbus/core) mutex_lock write in pmbus_set_samples hwmon: (core) add thermal sensors only if dev->of_node is present Revert "fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied" net: aquantia: fix wol configuration not applied sometimes ethtool: fix potential userspace buffer overflow Fix memory leak in sctp_process_init net: rds: fix memory leak when unload rds_rdma ipv6: fix the check before getting the cookie in rt6_get_cookie ipv4: not do cache for local delivery if bc_forwarding is enabled selftests: vm: Fix test build failure when built by itself tools: bpftool: Fix JSON output when lookup fails mmc: also set max_segment_size in the device mtip32xx: also set max_segment_size in the device rsxx: don't call dma_set_max_seg_size nvme-pci: don't limit DMA segement size s390/qeth: handle error when updating TX queue count s390/qeth: fix VLAN attribute in bridge_hostnotify udev event s390/qeth: check dst entry before use s390/qeth: handle limited IPv4 broadcast in L3 TX path ceph: fix error handling in ceph_get_caps() ceph: avoid iput_final() while holding mutex or in dispatch thread ceph: single workqueue for inode related works cgroup: css_task_iter_skip()'d iterators must be advanced before accessed drm/amd/amdgpu: add RLC firmware to support raven1 refresh drm/amd/powerplay: add set_power_profile_mode for raven1_refresh drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 450 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 449 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 448 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 446 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 445 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 444 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 443 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 442 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 440 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 438 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 437 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 436 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 435 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 434 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 433 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 432 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 431 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 430 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 429 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 428 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 426 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 424 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 423 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 422 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 421 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 420 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 419 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 418 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 417 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 416 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 414 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 412 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 411 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 410 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 409 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 408 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 407 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 406 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 405 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 404 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 403 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 402 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 401 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 400 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 399 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 397 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 396 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 395 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 394 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 393 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 392 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 391 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 390 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 389 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 388 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 387 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 380 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 378 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 377 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 376 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 375 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 373 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 371 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 370 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 367 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 365 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 364 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 363 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 362 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 354 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 353 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 352 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 351 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 350 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 349 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 348 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 347 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 346 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 345 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 344 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 343 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 342 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 341 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 340 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 339 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 338 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 335 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 334 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 332 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 330 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 328 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 326 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 325 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 324 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 323 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 322 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 321 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 320 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 316 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 315 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 314 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 313 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 312 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 311 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 310 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 309 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 308 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 307 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 305 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 301 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 300 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 299 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 297 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 296 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 294 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 292 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 291 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 290 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 289 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 287 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 286 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 285 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 284 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 283 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 281 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 280 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 278 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 277 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 276 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 275 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 274 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 273 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 272 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 271 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 270 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 269 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 268 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 267 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 266 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 265 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 264 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 263 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 262 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 260 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 258 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 257 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 256 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 254 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 253 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 252 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 251 lib/test_stackinit: Handle Clang auto-initialization pattern block: Drop unlikely before IS_ERR(_OR_NULL) xen/swiotlb: don't initialize swiotlb twice on arm64 s390/mm: fix address space detection in exception handling HID: logitech-dj: Fix 064d:c52f receiver support Revert "HID: core: Call request_module before doing device_add" Revert "HID: core: Do not call request_module() in async context" Revert "HID: Increase maximum report size allowed by hid_field_extract()" tests: fix pidfd-test compilation signal: improve comments samples: fix pidfd-metadata compilation arm64: arch_timer: mark functions as __always_inline arm64: smp: Moved cpu_logical_map[] to smp.h arm64: cpufeature: Fix missing ZFR0 in __read_sysreg_by_encoding() selftests/bpf: move test_lirc_mode2_user to TEST_GEN_PROGS_EXTENDED USB: Fix chipmunk-like voice when using Logitech C270 for recording audio. USB: usb-storage: Add new ID to ums-realtek udmabuf: actually unmap the scatterlist net: fix indirect calls helpers for ptype list hooks. net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous() scsi: ufs: Check that space was properly alloced in copy_query_response udp: only choose unbound UDP socket for multicast when not in a VRF net/tls: replace the sleeping lock around RX resync with a bit lock Revert "net/tls: avoid NULL-deref on resync during device removal" block: aoe: no need to check return value of debugfs_create functions net: dsa: sja1105: Fix link speed not working at 100 Mbps and below net: phylink: avoid reducing support mask scripts/checkstack.pl: Fix arm64 wrong or unknown architecture kbuild: tar-pkg: enable communication with jobserver kconfig: tests: fix recursive inclusion unit test kbuild: teach kselftest-merge to find nested config files nvmet: fix data_len to 0 for bdev-backed write_zeroes MAINTAINERS: Hand over skd maintainership ASoC: sun4i-i2s: Add offset to RX channel select ASoC: sun4i-i2s: Fix sun8i tx channel offset mask ASoC: max98090: remove 24-bit format support if RJ is 0 ASoC: da7219: Fix build error without CONFIG_I2C ASoC: SOF: Intel: hda: Fix COMPILE_TEST build error drm/arm/hdlcd: Allow a bit of clock tolerance drm/arm/hdlcd: Actually validate CRTC modes drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times drm/komeda: fixing of DMA mapping sg segment warning netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments habanalabs: Read upper bits of trace buffer from RWPHI arm64: arch_k3: Fix kconfig dependency warning drm: don't block fb changes for async plane updates drm/vc4: fix fb references in async update drm/msm: fix fb references in async update drm/amd: fix fb references in async update drm/rockchip: fix fb references in async update xen-blkfront: switch kcalloc to kvcalloc for large array allocation drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable() drm/mediatek: clear num_pipes when unbind driver drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver drm/mediatek: unbind components in mtk_drm_unbind() drm/mediatek: fix unbind functions net: sfp: read eeprom in maximum 16 byte increments selftests: set sysctl bc_forwarding properly in router_broadcast.sh ANDROID: update gki aarch64 ABI representation net: ethernet: mediatek: Use NET_IP_ALIGN to judge if HW RX_2BYTE_OFFSET is enabled net: ethernet: mediatek: Use hw_feature to judge if HWLRO is supported net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set ANDROID: gki_defconfig: Enable CMA, SLAB_FREELIST (RANDOM and HARDENED) on x86 bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err rcu: locking and unlocking need to always be at least barriers ANDROID: gki_defconfig: enable SLAB_FREELIST_RANDOM, SLAB_FREELIST_HARDENED ANDROID: gki_defconfig: enable CMA and increase CMA_AREAS ASoC: SOF: fix DSP oops definitions in FW ABI ASoC: hda: fix unbalanced codec dev refcount for HDA_DEV_ASOC ASoC: SOF: ipc: replace fw ready bitfield with explicit bit ordering ASoC: SOF: bump to ABI 3.6 ASoC: SOF: soundwire: add initial soundwire support ASoC: SOF: uapi: mirror firmware changes ASoC: Intel: Baytrail: add quirk for Aegex 10 (RU2) tablet xfs: inode btree scrubber should calculate im_boffset correctly mmc: sdhci_am654: Fix SLOTTYPE write usb: typec: ucsi: ccg: fix memory leak in do_flash ANDROID: update gki aarch64 ABI representation habanalabs: Fix virtual address access via debugfs for 2MB pages drm/komeda: Constify the usage of komeda_component/pipeline/dev_funcs x86/power: Fix 'nosmt' vs hibernation triple fault during resume mm/vmalloc: Avoid rare case of flushing TLB with weird arguments mm/vmalloc: Fix calculation of direct map addr range PM: sleep: Add kerneldoc comments to some functions drm/i915/gvt: save RING_HEAD into vreg when vgpu switched out sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD mdesc: fix a missing-check bug in get_vdev_port_node_info() drm/i915/gvt: add F_CMD_ACCESS flag for wa regs sparc64: Fix regression in non-hypervisor TLB flush xcall packet: unconditionally free po->rollover Update my email address net: hns: Fix loopback test failed at copper ports Linux 5.2-rc3 net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 mm, compaction: make sure we isolate a valid PFN include/linux/generic-radix-tree.h: fix kerneldoc comment kernel/signal.c: trace_signal_deliver when signal_group_exit drivers/iommu/intel-iommu.c: fix variable 'iommu' set but not used spdxcheck.py: fix directory structures kasan: initialize tag to 0xff in __kasan_kmalloc z3fold: fix sheduling while atomic scripts/gdb: fix invocation when CONFIG_COMMON_CLK is not set mm/gup: continue VM_FAULT_RETRY processing even for pre-faults ocfs2: fix error path kobject memory leak memcg: make it work on sparse non-0-node systems mm, memcg: consider subtrees in memory.events prctl_set_mm: downgrade mmap_sem to read lock prctl_set_mm: refactor checks from validate_prctl_map kernel/fork.c: make max_threads symbol static arch/arm/boot/compressed/decompress.c: fix build error due to lz4 changes arch/parisc/configs/c8000_defconfig: remove obsoleted CONFIG_DEBUG_SLAB_LEAK mm/vmalloc.c: fix typo in comment lib/sort.c: fix kernel-doc notation warnings mm: fix Documentation/vm/hmm.rst Sphinx warnings treewide: fix typos of SPDX-License-Identifier crypto: ux500 - fix license comment syntax error MAINTAINERS: add I2C DT bindings to ARM platforms MAINTAINERS: add DT bindings to i2c drivers mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() iwlwifi: mvm: change TLC config cmd sent by rs to be async iwlwifi: Fix double-free problems in iwl_req_fw_callback() iwlwifi: fix AX201 killer sku loading firmware issue iwlwifi: print fseq info upon fw assert iwlwifi: clear persistence bit according to device family iwlwifi: fix load in rfkill flow for unified firmware iwlwifi: mvm: remove d3_sram debugfs file bpf, riscv: clear high 32 bits for ALU32 add/sub/neg/lsh/rsh/arsh libbpf: Return btf_fd for load_sk_storage_btf HID: a4tech: fix horizontal scrolling HID: hyperv: Add a module description line net: dsa: sja1105: Don't store frame type in skb->cb block: print offending values when cloned rq limits are exceeded blk-mq: Document the blk_mq_hw_queue_to_node() arguments blk-mq: Fix spelling in a source code comment block: Fix bsg_setup_queue() kernel-doc header block: Fix rq_qos_wait() kernel-doc header block: Fix blk_mq_*_map_queues() kernel-doc headers block: Fix throtl_pending_timer_fn() kernel-doc header block: Convert blk_invalidate_devt() header into a non-kernel-doc header block/partitions/ldm: Convert a kernel-doc header into a non-kernel-doc header leds: avoid flush_work in atomic context cgroup: Include dying leaders with live threads in PROCS iterations cgroup: Implement css_task_iter_skip() cgroup: Call cgroup_release() before __exit_signal() netfilter: nf_tables: fix module autoload with inet family Revert "lockd: Show pid of lockd for remote locks" ALSA: hda/realtek - Update headset mode for ALC256 fs/adfs: fix filename fixup handling for "/" and "//" names fs/adfs: move append_filetype_suffix() into adfs_object_fixup() fs/adfs: remove truncated filename hashing fs/adfs: factor out filename fixup fs/adfs: factor out object fixups fs/adfs: factor out filename case lowering fs/adfs: factor out filename comparison ovl: doc: add non-standard corner cases pstore/ram: Run without kernel crash dump region MAINTAINERS: add Vasily Gorbik and Christian Borntraeger for s390 MAINTAINERS: Farewell Martin Schwidefsky pstore: Set tfm to NULL on free_buf_for_compression nds32: add new emulations for floating point instruction nds32: Avoid IEX status being incorrectly modified math-emu: Use statement expressions to fix Wshift-count-overflow warning net: correct zerocopy refcnt with udp MSG_MORE ethtool: Check for vlan etype or vlan tci when parsing flow_rule net: don't clear sock->sk early to avoid trouble in strparser net-gro: fix use-after-free read in napi_gro_frags() net: dsa: tag_8021q: Create a stable binary format net: dsa: tag_8021q: Change order of rx_vid setup net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value docs cgroups: add another example size for hugetlb NFSv4.1: Fix bug only first CB_NOTIFY_LOCK is handled NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter ipv4: tcp_input: fix stack out of bounds when parsing TCP options. mlxsw: spectrum: Prevent force of 56G mlxsw: spectrum_acl: Avoid warning after identical rules insertion SUNRPC: Fix a use after free when a server rejects the RPCSEC_GSS credential net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT SUNRPC fix regression in umount of a secure mount r8169: fix MAC address being lost in PCI D3 treewide: Add SPDX license identifier - Kbuild treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 225 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 224 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 223 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 222 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 221 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 220 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 218 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 217 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 216 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 215 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 214 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 213 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 211 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 210 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 209 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 207 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 206 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 203 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 200 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 199 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 198 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 197 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 195 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 193 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 191 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 190 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 188 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 185 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 183 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 182 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 180 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 179 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 178 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 177 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 176 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 175 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 173 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 172 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 171 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 170 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 167 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 166 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 165 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 162 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 161 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 160 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 159 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 158 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 155 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 154 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 153 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 151 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 150 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 148 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 147 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 145 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 144 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 143 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 142 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 140 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 139 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 138 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 137 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 136 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 135 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 133 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 132 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 131 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 130 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 129 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 128 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 127 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 126 net: core: support XDP generic on stacked devices. netvsc: unshare skb in VF rx handler udp: Avoid post-GRO UDP checksum recalculation nvme-tcp: fix queue mapping when queue count is limited nvme-rdma: fix queue mapping when queue count is limited fpga: zynqmp-fpga: Correctly handle error pointer selftests: vm: install test_vmalloc.sh for run_vmtests userfaultfd: selftest: fix compiler warning kselftest/cgroup: fix incorrect test_core skip kselftest/cgroup: fix unexpected testing failure on test_core kselftest/cgroup: fix unexpected testing failure on test_memcontrol xtensa: Fix section mismatch between memblock_reserve and mem_reserve signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO mwifiex: Abort at too short BSS descriptor element mwifiex: Fix possible buffer overflows at parsing bss descriptor drm/i915/gvt: Assign NULL to the pointer after memory free. drm/i915/gvt: Check if cur_pt_type is valid x86: intel_epb: Do not build when CONFIG_PM is unset crypto: hmac - fix memory leak in hmac_init_tfm() crypto: jitterentropy - change back to module_init() ARM: dts: Drop bogus CLKSEL for timer12 on dra7 KVM: PPC: Book3S HV: Restore SPRG3 in kvmhv_p9_guest_entry() KVM: PPC: Book3S HV: Fix lockdep warning when entering guest on POWER9 KVM: PPC: Book3S HV: XIVE: Fix page offset when clearing ESB pages KVM: PPC: Book3S HV: XIVE: Take the srcu read lock when accessing memslots KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts KVM: PPC: Book3S HV: XIVE: Introduce a new mutex for the XIVE device drm/i915/gvt: Fix cmd length of VEB_DI_IECP drm/i915/gvt: refine ggtt range validation drm/i915/gvt: Fix vGPU CSFE_CHICKEN1_REG mmio handler drm/i915/gvt: Fix GFX_MODE handling drm/i915/gvt: Update force-to-nonpriv register whitelist drm/i915/gvt: Initialize intel_gvt_gtt_entry in stack ima: show rules with IMA_INMASK correctly evm: check hash algorithm passed to init_desc() scsi: libsas: delete sas port if expander discover failed scsi: libsas: only clear phy->in_shutdown after shutdown event done scsi: scsi_dh_alua: Fix possible null-ptr-deref scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() net: phy: dp83867: Set up RGMII TX delay net: phy: dp83867: do not call config_init twice net: phy: dp83867: increase SGMII autoneg timer duration net: phy: dp83867: fix speed 10 in sgmii mode net: phy: marvell10g: report if the PHY fails to boot firmware net: phylink: ensure consistent phy interface mode cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() blk-mq: Fix memory leak in error handling usbip: usbip_host: fix stub_dev lock context imbalance regression net: sh_eth: fix mdio access in sh_eth_close() for R-Car Gen2 and RZ/A1 SoCs MIPS: uprobes: remove set but not used variable 'epc' s390/crypto: fix possible sleep during spinlock aquired MIPS: pistachio: Build uImage.gz by default MIPS: Make virt_addr_valid() return bool MIPS: Bounds check virt_addr_valid CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM RDMA/efa: Remove MAYEXEC flag check from mmap flow mlx5: avoid 64-bit division IB/hfi1: Validate page aligned for a given virtual address IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value IB/hfi1: Insure freeze_work work_struct is canceled on shutdown IB/rdmavt: Fix alloc_qpn() WARN_ON() ASoC: sun4i-codec: fix first delay on Speaker drm/amdgpu: reserve stollen vram for raven series media: venus: hfi_parser: fix a regression in parser selftests: bpf: fix compiler warning in flow_dissector test arm64: use the correct function type for __arm64_sys_ni_syscall arm64: use the correct function type in SYSCALL_DEFINE0 arm64: fix syscall_fn_t type block: don't protect generic_make_request_checks with blk_queue_enter block: move blk_exit_queue into __blk_release_queue selftests: bpf: complete sub-register zero extension checks selftests: bpf: move sub-register zero extension checks into subreg.c ovl: detect overlapping layers drm/i915/icl: Add WaDisableBankHangMode ALSA: fireface: Use ULL suffixes for 64-bit constants signal/arm64: Use force_sig not force_sig_fault for SIGKILL nl80211: fill all policy .type entries mac80211: free peer keys before vif down in mesh ANDROID: ABI out: Use the extension .xml rather then .out drm/mediatek: respect page offset for PRIME mmap calls drm/mediatek: adjust ddp clock control flow ALSA: hda/realtek - Improve the headset mic for Acer Aspire laptops KVM: PPC: Book3S HV: XIVE: Fix the enforced limit on the vCPU identifier KVM: PPC: Book3S HV: XIVE: Do not test the EQ flag validity when resetting KVM: PPC: Book3S HV: XIVE: Clear file mapping when device is released KVM: PPC: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list KVM: PPC: Book3S HV: Use new mutex to synchronize MMU setup KVM: PPC: Book3S HV: Avoid touching arch.mmu_ready in XIVE release functions Revert "drivers: thermal: tsens: Add new operation to check if a sensor is enabled" net/mlx5e: Disable rxhash when CQE compress is enabled net/mlx5e: restrict the real_dev of vlan device is the same as uplink device net/mlx5: Allocate root ns memory using kzalloc to match kfree net/mlx5: Avoid double free in fs init error unwinding path net/mlx5: Avoid double free of root ns in the error flow path net/mlx5: Fix error handling in mlx5_load() Documentation: net-sysfs: Remove duplicate PHY device documentation llc: fix skb leak in llc_build_and_send_ui_pkt() selftests: pmtu: Fix encapsulating device in pmtu_vti6_link_change_mtu dfs_cache: fix a wrong use of kfree in flush_cache_ent() fs/cifs/smb2pdu.c: fix buffer free in SMB2_ioctl_free cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case xenbus: Avoid deadlock during suspend due to open transactions xen/pvcalls: Remove set but not used variable tracing: Avoid memory leak in predicate_parse() habanalabs: fix bug in checking huge page optimization mmc: sdhci: Fix SDIO IRQ thread deadlock dpaa_eth: use only online CPU portals net: mvneta: Fix err code path of probe net: stmmac: Do not output error on deferred probe Btrfs: fix race updating log root item during fsync Btrfs: fix wrong ctime and mtime of a directory after log replay ARC: [plat-hsdk] Get rid of inappropriate PHY settings ARC: [plat-hsdk]: Add support of Vivante GPU ARC: [plat-hsdk]: enable creg-gpio controller Btrfs: fix fsync not persisting changed attributes of a directory btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() Btrfs: incremental send, fix emission of invalid clone operations Btrfs: incremental send, fix file corruption when no-holes feature is enabled btrfs: correct zstd workspace manager lock to use spin_lock_bh() btrfs: Ensure replaced device doesn't have pending chunk allocation ia64: fix build errors by exporting paddr_to_nid() ASoC: SOF: Intel: hda: fix the hda init chip ASoC: SOF: ipc: fix a race, leading to IPC timeouts ASoC: SOF: control: correct the copy size for bytes kcontrol put ASoC: SOF: pcm: remove warning - initialize workqueue on open ASoC: SOF: pcm: clear hw_params_upon_resume flag correctly ASoC: SOF: core: fix error handling with the probe workqueue ASoC: SOF: core: remove snd_soc_unregister_component in case of error ASoC: SOF: core: remove DSP after unregistering machine driver ASoC: soc-core: fixup references at soc_cleanup_card_resources() arm64/module: revert to unsigned interpretation of ABS16/32 relocations KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID kvm: fix compile on s390 part 2 xprtrdma: Use struct_size() in kzalloc() tools headers UAPI: Sync kvm.h headers with the kernel sources perf record: Fix s390 missing module symbol and warning for non-root users perf machine: Read also the end of the kernel perf test vmlinux-kallsyms: Ignore aliases to _etext when searching on kallsyms perf session: Add missing swap ops for namespace events perf namespace: Protect reading thread's namespace tools headers UAPI: Sync drm/drm.h with the kernel s390/crypto: fix gcm-aes-s390 selftest failures s390/zcrypt: Fix wrong dispatching for control domain CPRBs s390/pci: fix assignment of bus resources s390/pci: fix struct definition for set PCI function s390: mark __cpacf_check_opcode() and cpacf_query_func() as __always_inline s390: add unreachable() to dump_fault_info() to fix -Wmaybe-uninitialized tools headers UAPI: Sync drm/i915_drm.h with the kernel tools headers UAPI: Sync linux/fs.h with the kernel tools headers UAPI: Sync linux/sched.h with the kernel tools arch x86: Sync asm/cpufeatures.h with the with the kernel tools include UAPI: Update copy of files related to new fspick, fsmount, fsconfig, fsopen, move_mount and open_tree syscalls perf arm64: Fix mksyscalltbl when system kernel headers are ahead of the kernel perf data: Fix 'strncat may truncate' build failure with recent gcc arm64: Fix the arm64_personality() syscall wrapper redirection rtw88: Make some symbols static rtw88: avoid circular locking between local->iflist_mtx and rtwdev->mutex rsi: Properly initialize data in rsi_sdio_ta_reset rtw88: fix unassigned rssi_level in rtw_sta_info rtw88: fix subscript above array bounds compiler warning fuse: extract helper for range writeback fuse: fix copy_file_range() in the writeback case mmc: meson-gx: fix irq ack mmc: tmio: fix SCC error handling to avoid false positive CRC error mmc: tegra: Fix a warning message memstick: mspro_block: Fix an error code in mspro_block_issue_req() mac80211: mesh: fix RCU warning nl80211: fix station_info pertid memory leak mac80211: Do not use stack memory with scatterlist for GMAC ALSA: line6: Assure canceling delayed work at disconnection configfs: Fix use-after-free when accessing sd->s_dentry ALSA: hda - Force polling mode on CNL for fixing codec communication i2c: synquacer: fix synquacer_i2c_doxfer() return value i2c: mlxcpld: Fix wrong initialization order in probe i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr RDMA/core: Fix panic when port_data isn't initialized RDMA/uverbs: Pass udata on uverbs error unwind RDMA/core: Clear out the udata before error unwind net: aquantia: tcp checksum 0xffff being handled incorrectly net: aquantia: fix LRO with FCS error net: aquantia: check rx csum for all packets in LRO session net: aquantia: tx clean budget logic error vhost: scsi: add weight support vhost: vsock: add weight support vhost_net: fix possible infinite loop vhost: introduce vhost_exceeds_weight() virtio: Fix indentation of VIRTIO_MMIO virtio: add unlikely() to WARN_ON_ONCE() iommu/vt-d: Set the right field for Page Walk Snoop iommu/vt-d: Fix lock inversion between iommu->lock and device_domain_lock iommu: Add missing new line for dma type drm/etnaviv: lock MMU while dumping core block: Don't revalidate bdev of hidden gendisk loop: Don't change loop device under exclusive opener drm/imx: ipuv3-plane: fix atomic update status query for non-plus i.MX6Q drm/qxl: drop WARN_ONCE() iio: temperature: mlx90632 Relax the compatibility check iio: imu: st_lsm6dsx: fix PM support for st_lsm6dsx i2c controller staging:iio:ad7150: fix threshold mode config bit fuse: add FUSE_WRITE_KILL_PRIV fuse: fallocate: fix return with locked inode PCI: PM: Avoid possible suspend-to-idle issue ACPI: PM: Call pm_set_suspend_via_firmware() during hibernation ACPI/PCI: PM: Add missing wakeup.flags.valid checks ovl: support the FS_IOC_FS[SG]ETXATTR ioctls soundwire: stream: fix out of boundary access on port properties net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() selftests/tls: add test for sleeping even though there is data net/tls: fix no wakeup on partial reads selftests/tls: test for lowat overshoot with multiple records net/tls: fix lowat calculation if some data came from previous record dpaa2-eth: Make constant 64-bit long dpaa2-eth: Use PTR_ERR_OR_ZERO where appropriate dpaa2-eth: Fix potential spectre issue bonding/802.3ad: fix slave link initialization transition states io_uring: Fix __io_uring_register() false success net: ethtool: Document get_rxfh_context and set_rxfh_context ethtool ops net: stmmac: dwmac-mediatek: modify csr_clk value to fix mdio read/write fail net: stmmac: fix csr_clk can't be zero issue net: stmmac: update rx tail pointer register to fix rx dma hang issue. ip_sockglue: Fix missing-check bug in ip_ra_control() ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() efi: Allow the number of EFI configuration tables entries to be zero efi/x86/Add missing error handling to old_memmap 1:1 mapping code parisc: Fix compiler warnings in float emulation code parisc/slab: cleanup after /proc/slab_allocators removal bpf: sockmap, fix use after free from sleep in psock backlog workqueue net: sched: don't use tc_action->order during action dump cxgb4: Revert "cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size" net: fec: fix the clk mismatch in failed_reset path habanalabs: Avoid using a non-initialized MMU cache mutex habanalabs: fix debugfs code uapi/habanalabs: add opcode for enable/disable device debug mode habanalabs: halt debug engines on user process close selftests: rtc: rtctest: specify timeouts selftests/harness: Allow test to configure timeout selftests/ftrace: Add checkbashisms meta-testcase selftests/ftrace: Make a script checkbashisms clean media: smsusb: better handle optional alignment test_firmware: Use correct snprintf() limit genwqe: Prevent an integer overflow in the ioctl parport: Fix mem leak in parport_register_dev_model fpga: dfl: expand minor range when registering chrdev region fpga: dfl: Add lockdep classes for pdata->lock fpga: dfl: afu: Pass the correct device to dma_mapping_error() fpga: stratix10-soc: fix use-after-free on s10_init() w1: ds2408: Fix typo after 49695ac468 (reset on output_write retry with readback) kheaders: Do not regenerate archive if config is not changed kheaders: Move from proc to sysfs drm/amd/display: Don't load DMCU for Raven 1 (v2) drm/i915: Maintain consistent documentation subsection ordering scripts/sphinx-pre-install: make it handle Sphinx versions docs: Fix conf.py for Sphinx 2.0 vt/fbcon: deinitialize resources in visual_init() after failed memory allocation xfs: fix broken log reservation debugging clocksource/drivers/timer-ti-dm: Change to new style declaration ASoC: core: lock client_mutex while removing link components ASoC: simple-card: Restore original configuration of DAI format {nl,mac}80211: allow 4addr AP operation on crypto controlled devices mac80211_hwsim: mark expected switch fall-through mac80211: fix rate reporting inside cfg80211_calculate_bitrate_he() mac80211: remove set but not used variable 'old' mac80211: handle deauthentication/disassociation from TDLS peer gpio: fix gpio-adp5588 build errors pinctrl: stmfx: Fix compile issue when CONFIG_OF_GPIO is not defined staging: kpc2000: Add dependency on MFD_CORE to kconfig symbol 'KPC2000' perf/ring-buffer: Use regular variables for nesting perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data perf/ring_buffer: Add ordering to rb->nest increment perf/ring_buffer: Fix exposing a temporarily decreased data_head x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor x86/boot: Provide KASAN compatible aliases for string routines ALSA: hda/realtek - Enable micmute LED for Huawei laptops Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD Input: silead - add MSSL0017 to acpi_device_id cxgb4: offload VLAN flows regardless of VLAN ethtype hsr: fix don't prune the master node from the node_db net: mvpp2: cls: Fix leaked ethtool_rx_flow_rule docs: fix multiple doc build warnings in enumeration.rst lib/list_sort: fix kerneldoc build error docs: fix numaperf.rst and add it to the doc tree doc: Cope with the deprecation of AutoReporter doc: Cope with Sphinx logging deprecations bpf: sockmap, restore sk_write_space when psock gets dropped selftests: bpf: add zero extend checks for ALU32 and/or/xor bpf, riscv: clear target register high 32-bits for and/or/xor on ALU32 spi: abort spi_sync if failed to prepare_transfer_hardware ALSA: hda/realtek - Set default power save node to 0 ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST powerpc/kexec: Fix loading of kernel + initramfs with kexec_file_load() MIPS: TXx9: Fix boot crash in free_initmem() MIPS: remove a space after -I to cope with header search paths for VDSO MIPS: mark ginvt() as __always_inline ipv4/igmp: fix another memory leak in igmpv3_del_delrec() bnxt_en: Device serial number is supported only for PFs. bnxt_en: Reduce memory usage when running in kdump kernel. bnxt_en: Fix possible BUG() condition when calling pci_disable_msix(). bnxt_en: Fix aggregation buffer leak under OOM condition. ipv6: Fix redirect with VRF net: stmmac: fix reset gpio free missing mISDN: make sure device name is NUL terminated net: macb: save/restore the remaining registers and features media: dvb: warning about dvb frequency limits produces too much noise net/tls: don't ignore netdev notifications if no TLS features net/tls: fix state removal with feature flags off net/tls: avoid NULL-deref on resync during device removal Documentation: add TLS offload documentation Documentation: tls: RSTify the ktls documentation Documentation: net: move device drivers docs to a submenu mISDN: Fix indenting in dsp_cmx.c ocelot: Dont allocate another multicast list, use __dev_mc_sync Validate required parameters in inet6_validate_link_af xhci: Use %zu for printing size_t type xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic() xhci: Fix immediate data transfer if buffer is already DMA mapped usb: xhci: avoid null pointer deref when bos field is NULL usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() xhci: update bounce buffer with correct sg num media: usb: siano: Fix false-positive "uninitialized variable" warning spi: spi-fsl-spi: call spi_finalize_current_message() at the end ALSA: hda/realtek - Check headset type by unplug and resume powerpc/perf: Fix MMCRA corruption by bhrb_filter powerpc/powernv: Return for invalid IMC domain HID: logitech-hidpp: Add support for the S510 remote control HID: multitouch: handle faulty Elo touch device selftests: netfilter: add flowtable test script netfilter: nft_flow_offload: IPCB is only valid for ipv4 family netfilter: nft_flow_offload: don't offload when sequence numbers need adjustment netfilter: nft_flow_offload: set liberal tracking mode for tcp netfilter: nf_flow_table: ignore DF bit setting ASoC: Intel: sof-rt5682: fix AMP quirk support ASoC: Intel: sof-rt5682: fix for codec button mapping clk: ti: clkctrl: Fix clkdm_clk handling clk: imx: imx8mm: fix int pll clk gate clk: sifive: restrict Kconfig scope for the FU540 PRCI driver RDMA/hns: Fix PD memory leak for internal allocation netfilter: nat: fix udp checksum corruption selftests: netfilter: missing error check when setting up veth interface RDMA/srp: Rename SRP sysfs name after IB device rename trigger ipvs: Fix use-after-free in ip_vs_in ARC: [plat-hsdk]: Add missing FIFO size entry in GMAC node ARC: [plat-hsdk]: Add missing multicast filter bins number to GMAC node samples, bpf: suppress compiler warning samples, bpf: fix to change the buffer size for read() bpf: Check sk_fullsock() before returning from bpf_sk_lookup() bpf: fix out-of-bounds read in __bpf_skc_lookup Documentation/networking: fix af_xdp.rst Sphinx warnings netfilter: nft_fib: Fix existence check support netfilter: nf_queue: fix reinject verdict handling dmaengine: sprd: Add interrupt support for 2-stage transfer dmaengine: sprd: Fix the right place to configure 2-stage transfer dmaengine: sprd: Fix block length overflow dmaengine: sprd: Fix the incorrect start for 2-stage destination channels dmaengine: sprd: Add validation of current descriptor in irq handler dmaengine: sprd: Fix the possible crash when getting descriptor status tty: max310x: Fix external crystal register setup serial: sh-sci: disable DMA for uart_console serial: imx: remove log spamming error message tty: serial: msm_serial: Fix XON/XOFF USB: serial: option: add Telit 0x1260 and 0x1261 compositions USB: serial: pl2303: add Allied Telesis VT-Kit3 USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode dmaengine: tegra210-adma: Fix spelling dmaengine: tegra210-adma: Fix channel FIFO configuration dmaengine: tegra210-adma: Fix crash during probe dmaengine: mediatek-cqdma: sleeping in atomic context dmaengine: dw-axi-dmac: fix null dereference when pointer first is null perf/x86/intel/ds: Fix EVENT vs. UEVENT PEBS constraints USB: rio500: update Documentation USB: rio500: simplify locking USB: rio500: fix memory leak in close after disconnect USB: rio500: refuse more than one device at a time usbip: usbip_host: fix BUG: sleeping function called from invalid context USB: sisusbvga: fix oops in error path of sisusb_probe USB: Add LPM quirk for Surface Dock GigE adapter media: usb: siano: Fix general protection fault in smsusb usb: mtu3: fix up undefined reference to usb_debug_root USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor Input: elantech - enable middle button support on 2 ThinkPads dmaengine: fsl-qdma: Add improvement dmaengine: jz4780: Fix transfers being ACKed too soon gcc-plugins: Fix build failures under Darwin host MAINTAINERS: Update Stefan Wahren email address netfilter: nf_tables: fix oops during rule dump ARC: mm: SIGSEGV userspace trying to access kernel virtual memory ARC: fix build warnings ARM: dts: bcm: Add missing device_type = "memory" property soc: bcm: brcmstb: biuctrl: Register writes require a barrier soc: brcmstb: Fix error path for unsupported CPUs ARM: dts: dra71x: Disable usb4_tm target module ARM: dts: dra71x: Disable rtc target module ARM: dts: dra76x: Disable usb4_tm target module ARM: dts: dra76x: Disable rtc target module ASoC: simple-card: Fix configuration of DAI format ASoC: Intel: soc-acpi: Fix machine selection order ASoC: rt5677-spi: Handle over reading when flipping bytes ASoC: soc-dpm: fixup DAI active unbalance pinctrl: intel: Clear interrupt status in mask/unmask callback pinctrl: intel: Use GENMASK() consistently parisc: Allow building 64-bit kernel without -mlong-calls compiler option parisc: Kconfig: remove ARCH_DISCARD_MEMBLOCK staging: wilc1000: Fix some double unlock bugs in wilc_wlan_cleanup() staging: vc04_services: prevent integer overflow in create_pagelist() Staging: vc04_services: Fix a couple error codes staging: wlan-ng: fix adapter initialization failure staging: kpc2000: double unlock in error handling in kpc_dma_transfer() staging: kpc2000: Fix build error without CONFIG_UIO staging: kpc2000: fix build error on xtensa staging: erofs: set sb->s_root to NULL when failing from __getname() ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX firmware: imx: SCU irq should ONLY be enabled after SCU IPC is ready arm64: imx: Fix build error without CONFIG_SOC_BUS ima: fix wrong signed policy requirement when not appraising x86/ima: Check EFI_RUNTIME_SERVICES before using stacktrace: Unbreak stack_trace_save_tsk_reliable() HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact HID: wacom: Don't report anything prior to the tool entering range HID: wacom: Don't set tool type until we're in range ASoC: cs42xx8: Add regcache mask dirty regulator: tps6507x: Fix boot regression due to testing wrong init_data pointer ASoC: fsl_asrc: Fix the issue about unsupported rate spi: bitbang: Fix NULL pointer dereference in spi_unregister_master Input: elan_i2c - increment wakeup count if wake source wireless: Skip directory when generating certificates ASoC: ak4458: rstn_control - return a non-zero on error only ASoC: soc-pcm: BE dai needs prepare when pause release after resume ASoC: ak4458: add return value for ak4458_probe ASoC : cs4265 : readable register too low ASoC: SOF: fix error in verbose ipc command parsing ASoC: SOF: fix race in FW boot timeout handling ASoC: SOF: nocodec: fix undefined reference iio: adc: ti-ads8688: fix timestamp is not updated in buffer iio: dac: ds4422/ds4424 fix chip verification HID: rmi: Use SET_REPORT request on control endpoint for Acer Switch 3 and 5 HID: logitech-hidpp: add support for the MX5500 keyboard HID: logitech-dj: add support for the Logitech MX5500's Bluetooth Mini-Receiver HID: i2c-hid: add iBall Aer3 to descriptor override spi: Fix Raspberry Pi breakage ARM: dts: dra76x: Update MMC2_HS200_MANUAL1 iodelay values ARM: dts: am57xx-idk: Remove support for voltage switching for SD card bus: ti-sysc: Handle devices with no control registers ARM: dts: Configure osc clock for d_can on am335x iio: imu: mpu6050: Fix FIFO layout for ICM20602 lkdtm/bugs: Adjust recursion test to avoid elision lkdtm/usercopy: Moves the KERNEL_DS test to non-canonical iio: adc: ads124: avoid buffer overflow iio: adc: modify NPCM ADC read reference voltage Change-Id: I98c823993370027391cc21dfb239c3049f025136 Signed-off-by: Raghavendra Rao Ananta <rananta@codeaurora.org>	2019-07-01 17:41:24 -07:00
Hari Bathini	e422267322	perf: Add PERF_RECORD_NAMESPACES to include namespaces related info ... With the advert of container technologies like docker, that depend on namespaces for isolation, there is a need for tracing support for namespaces. This patch introduces new PERF_RECORD_NAMESPACES event for recording namespaces related info. By recording info for every namespace, it is left to userspace to take a call on the definition of a container and trace containers by updating perf tool accordingly. Each namespace has a combination of device and inode numbers. Though every namespace has the same device number currently, that may change in future to avoid the need for a namespace of namespaces. Considering such possibility, record both device and inode numbers separately for each namespace. Signed-off-by: Hari Bathini <hbathini@linux.vnet.ibm.com> Acked-by: Jiri Olsa <jolsa@kernel.org> Acked-by: Peter Zijlstra <peterz@infradead.org> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Alexei Starovoitov <ast@fb.com> Cc: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com> Cc: Aravinda Prasad <aravinda@linux.vnet.ibm.com> Cc: Brendan Gregg <brendan.d.gregg@gmail.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Eric Biederman <ebiederm@xmission.com> Cc: Sargun Dhillon <sargun@sargun.me> Cc: Steven Rostedt <rostedt@goodmis.org> Link: http://lkml.kernel.org/r/148891929686.25309.2827618988917007768.stgit@hbathini.in.ibm.com Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>	2017-03-13 15:57:41 -03:00
Aditya Kali	a79a908fd2	cgroup: introduce cgroup namespaces ... Introduce the ability to create new cgroup namespace. The newly created cgroup namespace remembers the cgroup of the process at the point of creation of the cgroup namespace (referred as cgroupns-root). The main purpose of cgroup namespace is to virtualize the contents of /proc/self/cgroup file. Processes inside a cgroup namespace are only able to see paths relative to their namespace root (unless they are moved outside of their cgroupns-root, at which point they will see a relative path from their cgroupns-root). For a correctly setup container this enables container-tools (like libcontainer, lxc, lmctfy, etc.) to create completely virtualized containers without leaking system level cgroup hierarchy to the task. This patch only implements the 'unshare' part of the cgroupns. Signed-off-by: Aditya Kali <adityakali@google.com> Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Tejun Heo <tj@kernel.org>	2016-02-16 13:04:58 -05:00
Al Viro	f77c80142e	bury struct proc_ns in fs/proc ... a) make get_proc_ns() return a pointer to struct ns_common b) mirror ns_ops in dentry->d_fsdata of ns dentries, so that is_mnt_ns_file() could get away with fewer dereferences. That way struct proc_ns becomes invisible outside of fs/proc/*.c Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>	2014-12-04 14:34:54 -05:00
Al Viro	33c429405a	copy address of proc_ns_ops into ns_common ... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>	2014-12-04 14:34:47 -05:00
Eric W. Biederman	728dba3a39	namespaces: Use task_lock and not rcu to protect nsproxy ... The synchronous syncrhonize_rcu in switch_task_namespaces makes setns a sufficiently expensive system call that people have complained. Upon inspect nsproxy no longer needs rcu protection for remote reads. remote reads are rare. So optimize for same process reads and write by switching using rask_lock instead. This yields a simpler to understand lock, and a faster setns system call. In particular this fixes a performance regression observed by Rafael David Tinoco <rafael.tinoco@canonical.com>. This is effectively a revert of Pavel Emelyanov's commit cf7b708c8d Make access to task's nsproxy lighter from 2007. The race this originialy fixed no longer exists as do_notify_parent uses task_active_pid_ns(parent) instead of parent->nsproxy. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2014-07-29 18:08:50 -07:00
Linus Torvalds	c7c4591db6	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace ... Pull namespace changes from Eric Biederman: "This is an assorted mishmash of small cleanups, enhancements and bug fixes. The major theme is user namespace mount restrictions. nsown_capable is killed as it encourages not thinking about details that need to be considered. A very hard to hit pid namespace exiting bug was finally tracked and fixed. A couple of cleanups to the basic namespace infrastructure. Finally there is an enhancement that makes per user namespace capabilities usable as capabilities, and an enhancement that allows the per userns root to nice other processes in the user namespace" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: userns: Kill nsown_capable it makes the wrong thing easy capabilities: allow nice if we are privileged pidns: Don't have unshare(CLONE_NEWPID) imply CLONE_THREAD userns: Allow PR_CAPBSET_DROP in a user namespace. namespaces: Simplify copy_namespaces so it is clear what is going on. pidns: Fix hang in zap_pid_ns_processes by sending a potentially extra wakeup sysfs: Restrict mounting sysfs userns: Better restrictions on when proc and sysfs can be mounted vfs: Don't copy mount bind mounts of /proc/<pid>/ns/mnt between namespaces kernel/nsproxy.c: Improving a snippet of code. proc: Restrict mounting the proc filesystem vfs: Lock in place mounts from more privileged users	2013-09-07 14:35:32 -07:00
Eric W. Biederman	dbef0c1c4c	namespaces: Simplify copy_namespaces so it is clear what is going on. ... Remove the test for the impossible case where tsk->nsproxy == NULL. Fork will never be called with tsk->nsproxy == NULL. Only call get_nsproxy when we don't need to generate a new_nsproxy, and mark the case where we don't generate a new nsproxy as likely. Remove the code to drop an unnecessarily acquired nsproxy value. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2013-08-30 17:30:38 -07:00
Andy Lutomirski	c2b1df2eb4	Rename nsproxy.pid_ns to nsproxy.pid_ns_for_children ... nsproxy.pid_ns is *not* the task's pid namespace. The name should clarify that. This makes it more obvious that setns on a pid namespace is weird -- it won't change the pid namespace shown in procfs. Signed-off-by: Andy Lutomirski <luto@amacapital.net> Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>	2013-08-27 13:52:52 -04:00
Raphael S.Carvalho	21e851943e	kernel/nsproxy.c: Improving a snippet of code. ... It seems GCC generates a better code in that way, so I changed that statement. Btw, they have the same semantic, so I'm sending this patch due to performance issues. Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: Raphael S.Carvalho <raphael.scarv@gmail.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>	2013-08-26 17:45:56 -07:00
David Howells	0bb80f2405	proc: Split the namespace stuff out into linux/proc_ns.h ... Split the proc namespace stuff out into linux/proc_ns.h. Signed-off-by: David Howells <dhowells@redhat.com> cc: netdev@vger.kernel.org cc: Serge E. Hallyn <serge.hallyn@ubuntu.com> cc: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>	2013-05-01 17:29:39 -04:00
Linus Torvalds	d895cb1af1	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs ... Pull vfs pile (part one) from Al Viro: "Assorted stuff - cleaning namei.c up a bit, fixing ->d_name/->d_parent locking violations, etc. The most visible changes here are death of FS_REVAL_DOT (replaced with "has ->d_weak_revalidate()") and a new helper getting from struct file to inode. Some bits of preparation to xattr method interface changes. Misc patches by various people sent this cycle *and* ocfs2 fixes from several cycles ago that should've been upstream right then. PS: the next vfs pile will be xattr stuff." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (46 commits) saner proc_get_inode() calling conventions proc: avoid extra pde_put() in proc_fill_super() fs: change return values from -EACCES to -EPERM fs/exec.c: make bprm_mm_init() static ocfs2/dlm: use GFP_ATOMIC inside a spin_lock ocfs2: fix possible use-after-free with AIO ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code path get_empty_filp()/alloc_file() leave both ->f_pos and ->f_version zero target: writev() on single-element vector is pointless export kernel_write(), convert open-coded instances fs: encode_fh: return FILEID_INVALID if invalid fid_type kill f_vfsmnt vfs: kill FS_REVAL_DOT by adding a d_weak_revalidate dentry op nfsd: handle vfs_getattr errors in acl protocol switch vfs_getattr() to struct path default SET_PERSONALITY() in linux/elf.h ceph: prepopulate inodes only when request is aborted d_hash_and_lookup(): export, switch open-coded instances 9p: switch v9fs_set_create_acl() to inode+fid, do it before d_instantiate() 9p: split dropping the acls from v9fs_set_create_acl() ...	2013-02-26 20:16:07 -08:00
Al Viro	496ad9aa8e	new helper: file_inode(file) ... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>	2013-02-22 23:31:31 -05:00
Yuanhan Liu	d7d48f6216	kernel/nsproxy.c: remove duplicate task_cred_xxx for user_ns ... We can use user_ns, which is also assigned from task_cred_xxx(tsk, user_ns), at the beginning of copy_namespaces(). Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com> Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2013-02-21 17:22:26 -08:00
Eric W. Biederman	b2e0d98705	userns: Implement unshare of the user namespace ... - Add CLONE_THREAD to the unshare flags if CLONE_NEWUSER is selected As changing user namespaces is only valid if all there is only a single thread. - Restore the code to add CLONE_VM if CLONE_THREAD is selected and the code to addCLONE_SIGHAND if CLONE_VM is selected. Making the constraints in the code clear. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-20 04:18:14 -08:00
Eric W. Biederman	bcf58e725d	userns: Make create_new_namespaces take a user_ns parameter ... Modify create_new_namespaces to explicitly take a user namespace parameter, instead of implicitly through the task_struct. This allows an implementation of unshare(CLONE_NEWUSER) where the new user namespace is not stored onto the current task_struct until after all of the namespaces are created. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-20 04:17:43 -08:00
Eric W. Biederman	142e1d1d5f	userns: Allow unprivileged use of setns. ... - Push the permission check from the core setns syscall into the setns install methods where the user namespace of the target namespace can be determined, and used in a ns_capable call. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-20 04:17:42 -08:00
Eric W. Biederman	b33c77ef23	userns: Allow unprivileged users to create new namespaces ... If an unprivileged user has the appropriate capabilities in their current user namespace allow the creation of new namespaces. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-20 04:17:41 -08:00
Eric W. Biederman	771b137168	vfs: Add a user namespace reference from struct mnt_namespace ... This will allow for support for unprivileged mounts in a new user namespace. Acked-by: "Serge E. Hallyn" <serge@hallyn.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-19 05:59:19 -08:00
Eric W. Biederman	50804fe373	pidns: Support unsharing the pid namespace. ... Unsharing of the pid namespace unlike unsharing of other namespaces does not take affect immediately. Instead it affects the children created with fork and clone. The first of these children becomes the init process of the new pid namespace, the rest become oddball children of pid 0. From the point of view of the new pid namespace the process that created it is pid 0, as it's pid does not map. A couple of different semantics were considered but this one was settled on because it is easy to implement and it is usable from pam modules. The core reasons for the existence of unshare. I took a survey of the callers of pam modules and the following appears to be a representative sample of their logic. { setup stuff include pam child = fork(); if (!child) { setuid() exec /bin/bash } waitpid(child); pam and other cleanup } As you can see there is a fork to create the unprivileged user space process. Which means that the unprivileged user space process will appear as pid 1 in the new pid namespace. Further most login processes do not cope with extraneous children which means shifting the duty of reaping extraneous child process to the creator of those extraneous children makes the system more comprehensible. The practical reason for this set of pid namespace semantics is that it is simple to implement and verify they work correctly. Whereas an implementation that requres changing the struct pid on a process comes with a lot more races and pain. Not the least of which is that glibc caches getpid(). These semantics are implemented by having two notions of the pid namespace of a proces. There is task_active_pid_ns which is the pid namspace the process was created with and the pid namespace that all pids are presented to that process in. The task_active_pid_ns is stored in the struct pid of the task. Then there is the pid namespace that will be used for children that pid namespace is stored in task->nsproxy->pid_ns. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>	2012-11-19 05:59:16 -08:00
Eric W. Biederman	17cf22c33e	pidns: Use task_active_pid_ns where appropriate ... The expressions tsk->nsproxy->pid_ns and task_active_pid_ns aka ns_of_pid(task_pid(tsk)) should have the same number of cache line misses with the practical difference that ns_of_pid(task_pid(tsk)) is released later in a processes life. Furthermore by using task_active_pid_ns it becomes trivial to write an unshare implementation for the the pid namespace. So I have used task_active_pid_ns everywhere I can. In fork since the pid has not yet been attached to the process I use ns_of_pid, to achieve the same effect. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>	2012-11-19 05:59:09 -08:00
Eric W. Biederman	49f4d8b93c	pidns: Capture the user namespace and filter ns_last_pid ... - Capture the the user namespace that creates the pid namespace - Use that user namespace to test if it is ok to write to /proc/sys/kernel/ns_last_pid. Zhao Hongjiang <zhaohongjiang@huawei.com> noticed I was missing a put_user_ns in when destroying a pid_ns. I have foloded his patch into this one so that bisects will work properly. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>	2012-11-19 05:57:31 -08:00
Eric W. Biederman	038e7332b8	userns: make each net (net_ns) belong to a user_ns ... The user namespace which creates a new network namespace owns that namespace and all resources created in it. This way we can target capability checks for privileged operations against network resources to the user_ns which created the network namespace in which the resource lives. Privilege to the user namespace which owns the network namespace, or any parent user namespace thereof, provides the same privilege to the network resource. This patch is reworked from a version originally by Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>	2012-11-18 22:46:23 -08:00
Paul Gortmaker	9984de1a5a	kernel: Map most files to use export.h instead of module.h ... The changed files were only including linux/module.h for the EXPORT_SYMBOL infrastructure, and nothing else. Revector them onto the isolated export header for faster compile times. Nothing to see here but a whole lot of instances of: -#include <linux/module.h> +#include <linux/export.h> This commit is only changing the kernel dir; next targets will probably be mm, fs, the arch dirs, etc. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>	2011-10-31 09:20:12 -04:00
Al Viro	6657719390	make sure that nsproxy_cache is initialized early enough ... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>	2011-07-20 01:44:07 -04:00
Daniel Lezcano	a77aea9201	cgroup: remove the ns_cgroup ... The ns_cgroup is an annoying cgroup at the namespace / cgroup frontier and leads to some problems: * cgroup creation is out-of-control * cgroup name can conflict when pids are looping * it is not possible to have a single process handling a lot of namespaces without falling in a exponential creation time * we may want to create a namespace without creating a cgroup The ns_cgroup was replaced by a compatibility flag 'clone_children', where a newly created cgroup will copy the parent cgroup values. The userspace has to manually create a cgroup and add a task to the 'tasks' file. This patch removes the ns_cgroup as suggested in the following thread: https://lists.linux-foundation.org/pipermail/containers/2009-June/018616.html The 'cgroup_clone' function is removed because it is no longer used. This is a userspace-visible change. Commit 45531757b4 ("cgroup: notify ns_cgroup deprecated") (merged into 2.6.27) caused the kernel to emit a printk warning users that the feature is planned for removal. Since that time we have heard from XXX users who were affected by this. Signed-off-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Jamal Hadi Salim <hadi@cyberus.ca> Reviewed-by: Li Zefan <lizf@cn.fujitsu.com> Acked-by: Paul Menage <menage@google.com> Acked-by: Matt Helsley <matthltc@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2011-05-26 17:12:34 -07:00
Eric W. Biederman	0663c6f8fa	ns: Introduce the setns syscall ... With the networking stack today there is demand to handle multiple network stacks at a time. Not in the context of containers but in the context of people doing interesting things with routing. There is also demand in the context of containers to have an efficient way to execute some code in the container itself. If nothing else it is very useful ad a debugging technique. Both problems can be solved by starting some form of login daemon in the namespaces people want access to, or you can play games by ptracing a process and getting the traced process to do things you want it to do. However it turns out that a login daemon or a ptrace puppet controller are more code, they are more prone to failure, and generally they are less efficient than simply changing the namespace of a process to a specified one. Pieces of this puzzle can also be solved by instead of coming up with a general purpose system call coming up with targed system calls perhaps socketat that solve a subset of the larger problem. Overall that appears to be more work for less reward. int setns(int fd, int nstype); The fd argument is a file descriptor referring to a proc file of the namespace you want to switch the process to. In the setns system call the nstype is 0 or specifies an clone flag of the namespace you intend to change to prevent changing a namespace unintentionally. v2: Most of the architecture support added by Daniel Lezcano <dlezcano@fr.ibm.com> v3: ported to v2.6.36-rc4 by: Eric W. Biederman <ebiederm@xmission.com> v4: Moved wiring up of the system call to another patch v5: Cleaned up the system call arguments - Changed the order. - Modified nstype to take the standard clone flags. v6: Added missing error handling as pointed out by Matt Helsley <matthltc@us.ibm.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>	2011-05-10 14:32:56 -07:00
Serge E. Hallyn	b0e77598f8	userns: user namespaces: convert several capable() calls ... CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(), because the resource comes from current's own ipc namespace. setuid/setgid are to uids in own namespace, so again checks can be against current_user_ns(). Changelog: Jan 11: Use task_ns_capable() in place of sched_capable(). Jan 11: Use nsown_capable() as suggested by Bastian Blank. Jan 11: Clarify (hopefully) some logic in futex and sched.c Feb 15: use ns_capable for ipc, not nsown_capable Feb 23: let copy_ipcs handle setting ipc_ns->user_ns Feb 23: pass ns down rather than taking it from current [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2011-03-23 19:47:08 -07:00
Serge E. Hallyn	b515498f5b	userns: add a user namespace owner of ipc ns ... Changelog: Feb 15: Don't set new ipc->user_ns if we didn't create a new ipc_ns. Feb 23: Move extern declaration to ipc_namespace.h, and group fwd declarations at top. Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2011-03-23 19:47:07 -07:00
Serge E. Hallyn	bb96a6f50b	userns: allow sethostname in a container ... Changelog: Feb 23: let clone_uts_ns() handle setting uts->user_ns To do so we need to pass in the task_struct who'll get the utsname, so we can get its user_ns. Feb 23: As per Oleg's coment, just pass in tsk, instead of two of its members. Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2011-03-23 19:47:03 -07:00
Serge E. Hallyn	59607db367	userns: add a user_namespace as creator/owner of uts_namespace ... The expected course of development for user namespaces targeted capabilities is laid out at https://wiki.ubuntu.com/UserNamespace. Goals: - Make it safe for an unprivileged user to unshare namespaces. They will be privileged with respect to the new namespace, but this should only include resources which the unprivileged user already owns. - Provide separate limits and accounting for userids in different namespaces. Status: Currently (as of 2.6.38) you can clone with the CLONE_NEWUSER flag to get a new user namespace if you have the CAP_SYS_ADMIN, CAP_SETUID, and CAP_SETGID capabilities. What this gets you is a whole new set of userids, meaning that user 500 will have a different 'struct user' in your namespace than in other namespaces. So any accounting information stored in struct user will be unique to your namespace. However, throughout the kernel there are checks which - simply check for a capability. Since root in a child namespace has all capabilities, this means that a child namespace is not constrained. - simply compare uid1 == uid2. Since these are the integer uids, uid 500 in namespace 1 will be said to be equal to uid 500 in namespace 2. As a result, the lxc implementation at lxc.sf.net does not use user namespaces. This is actually helpful because it leaves us free to develop user namespaces in such a way that, for some time, user namespaces may be unuseful. Bugs aside, this patchset is supposed to not at all affect systems which are not actively using user namespaces, and only restrict what tasks in child user namespace can do. They begin to limit privilege to a user namespace, so that root in a container cannot kill or ptrace tasks in the parent user namespace, and can only get world access rights to files. Since all files currently belong to the initila user namespace, that means that child user namespaces can only get world access rights to *all* files. While this temporarily makes user namespaces bad for system containers, it starts to get useful for some sandboxing. I've run the 'runltplite.sh' with and without this patchset and found no difference. This patch: copy_process() handles CLONE_NEWUSER before the rest of the namespaces. So in the case of clone(CLONE_NEWUSER|CLONE_NEWUTS) the new uts namespace will have the new user namespace as its owner. That is what we want, since we want root in that new userns to be able to have privilege over it. Changelog: Feb 15: don't set uts_ns->user_ns if we didn't create a new uts_ns. Feb 23: Move extern init_user_ns declaration from init/version.c to utsname.h. Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2011-03-23 19:46:59 -07:00
Tejun Heo	5a0e3ad6af	include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h ... percpu.h is included by sched.h and module.h and thus ends up being included when building most .c files. percpu.h includes slab.h which in turn includes gfp.h making everything defined by the two files universally available and complicating inclusion dependencies. percpu.h -> slab.h dependency is about to be removed. Prepare for this change by updating users of gfp and slab facilities include those headers directly instead of assuming availability. As this conversion needs to touch large number of source files, the following script is used as the basis of conversion. http://userweb.kernel.org/~tj/misc/slabh-sweep.py The script does the followings. * Scan files for gfp and slab usages and update includes such that only the necessary includes are there. ie. if only gfp is used, gfp.h, if slab is used, slab.h. * When the script inserts a new include, it looks at the include blocks and try to put the new include such that its order conforms to its surrounding. It's put in the include block which contains core kernel includes, in the same order that the rest are ordered - alphabetical, Christmas tree, rev-Xmas-tree or at the end if there doesn't seem to be any matching order. * If the script can't find a place to put a new include (mostly because the file doesn't have fitting include block), it prints out an error message indicating which .h file needs to be added to the file. The conversion was done in the following steps. 1. The initial automatic conversion of all .c files updated slightly over 4000 files, deleting around 700 includes and adding ~480 gfp.h and ~3000 slab.h inclusions. The script emitted errors for ~400 files. 2. Each error was manually checked. Some didn't need the inclusion, some needed manual addition while adding it to implementation .h or embedding .c file was more appropriate for others. This step added inclusions to around 150 files. 3. The script was run again and the output was compared to the edits from #2 to make sure no file was left behind. 4. Several build tests were done and a couple of problems were fixed. e.g. lib/decompress_*.c used malloc/free() wrappers around slab APIs requiring slab.h to be added manually. 5. The script was run on all .h files but without automatically editing them as sprinkling gfp.h and slab.h inclusions around .h files could easily lead to inclusion dependency hell. Most gfp.h inclusion directives were ignored as stuff from gfp.h was usually wildly available and often used in preprocessor macros. Each slab.h inclusion directive was examined and added manually as necessary. 6. percpu.h was updated not to include slab.h. 7. Build test were done on the following configurations and failures were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my distributed build env didn't work with gcov compiles) and a few more options had to be turned off depending on archs to make things build (like ipr on powerpc/64 which failed due to missing writeq). * x86 and x86_64 UP and SMP allmodconfig and a custom test config. * powerpc and powerpc64 SMP allmodconfig * sparc and sparc64 SMP allmodconfig * ia64 SMP allmodconfig * s390 SMP allmodconfig * alpha SMP allmodconfig * um on x86_64 SMP allmodconfig 8. percpu.h modifications were reverted so that it could be applied as a separate patch and serve as bisection point. Given the fact that I had only a couple of failures from tests on step 6, I'm fairly confident about the coverage of this conversion patch. If there is a breakage, it's likely to be something in one of the arch headers which should be easily discoverable easily on most builds of the specific arch. Signed-off-by: Tejun Heo <tj@kernel.org> Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>	2010-03-30 22:02:32 +09:00
Alexey Dobriyan	8467005da3	nsproxy: remove INIT_NSPROXY() ... Remove INIT_NSPROXY(), use C99 initializer. Remove INIT_IPC_NS(), INIT_NET_NS() while I'm at it. Note: headers trim will be done later, now it's quite pointless because results will be invalidated by merge window. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2010-03-12 15:52:40 -08:00
Alexey Dobriyan	90af90d7d3	nsproxy: extract create_nsproxy() ... clone_nsproxy() does useless copying of old nsproxy -- every pointer will be rewritten to new ns or to old ns. Remove copying, rename clone_nsproxy(), create_nsproxy() will be used by C/R code to create fresh nsproxy on restart. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2009-06-18 13:03:56 -07:00
Serge Hallyn	18b6e0414e	User namespaces: set of cleanups (v2) ... The user_ns is moved from nsproxy to user_struct, so that a struct cred by itself is sufficient to determine access (which it otherwise would not be). Corresponding ecryptfs fixes (by David Howells) are here as well. Fix refcounting. The following rules now apply: 1. The task pins the user struct. 2. The user struct pins its user namespace. 3. The user namespace pins the struct user which created it. User namespaces are cloned during copy_creds(). Unsharing a new user_ns is no longer possible. (We could re-add that, but it'll cause code duplication and doesn't seem useful if PAM doesn't need to clone user namespaces). When a user namespace is created, its first user (uid 0) gets empty keyrings and a clean group_info. This incorporates a previous patch by David Howells. Here is his original patch description: >I suggest adding the attached incremental patch. It makes the following >changes: > > (1) Provides a current_user_ns() macro to wrap accesses to current's user > namespace. > > (2) Fixes eCryptFS. > > (3) Renames create_new_userns() to create_user_ns() to be more consistent > with the other associated functions and because the 'new' in the name is > superfluous. > > (4) Moves the argument and permission checks made for CLONE_NEWUSER to the > beginning of do_fork() so that they're done prior to making any attempts > at allocation. > > (5) Calls create_user_ns() after prepare_creds(), and gives it the new creds > to fill in rather than have it return the new root user. I don't imagine > the new root user being used for anything other than filling in a cred > struct. > > This also permits me to get rid of a get_uid() and a free_uid(), as the > reference the creds were holding on the old user_struct can just be > transferred to the new namespace's creator pointer. > > (6) Makes create_user_ns() reset the UIDs and GIDs of the creds under > preparation rather than doing it in copy_creds(). > >David >Signed-off-by: David Howells <dhowells@redhat.com> Changelog: Oct 20: integrate dhowells comments 1. leave thread_keyring alone 2. use current_user_ns() in set_user() Signed-off-by: Serge Hallyn <serue@us.ibm.com>	2008-11-24 18:57:41 -05:00
Adrian Bunk	7a8fc9b248	removed unused #include <linux/version.h>'s ... This patch lets the files using linux/version.h match the files that #include it. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2008-08-23 12:14:12 -07:00
Serge E. Hallyn	e885dcde75	cgroup_clone: use pid of newly created task for new cgroup ... cgroup_clone creates a new cgroup with the pid of the task. This works correctly for unshare, but for clone cgroup_clone is called from copy_namespaces inside copy_process, which happens before the new pid is created. As a result, the new cgroup was created with current's pid. This patch: 1. Moves the call inside copy_process to after the new pid is created 2. Passes the struct pid into ns_cgroup_clone (as it is not yet attached to the task) 3. Passes a name from ns_cgroup_clone() into cgroup_clone() so as to keep cgroup_clone() itself simpler 4. Uses pid_vnr() to get the process id value, so that the pid used to name the new cgroup is always the pid as it would be known to the task which did the cloning or unsharing. I think that is the most intuitive thing to do. This way, task t1 does clone(CLONE_NEWPID) to get t2, which does clone(CLONE_NEWPID) to get t3, then the cgroup for t3 will be named for the pid by which t2 knows t3. (Thanks to Dan Smith for finding the main bug) Changelog: June 11: Incorporate Paul Menage's feedback: don't pass NULL to ns_cgroup_clone from unshare, and reduce patch size by using 'nodename' in cgroup_clone. June 10: Original version [akpm@linux-foundation.org: build fix] [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Serge Hallyn <serge@us.ibm.com> Acked-by: Paul Menage <menage@google.com> Tested-by: Dan Smith <danms@us.ibm.com> Cc: Balbir Singh <balbir@in.ibm.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2008-07-25 10:53:37 -07:00
Serge E. Hallyn	02fdb36ae7	ipc: sysvsem: refuse clone(CLONE_SYSVSEM|CLONE_NEWIPC) ... CLONE_NEWIPC|CLONE_SYSVSEM interaction isn't handled properly. This can cause a kernel memory corruption. CLONE_NEWIPC must detach from the existing undo lists. Fix, part 3: refuse clone(CLONE_SYSVSEM|CLONE_NEWIPC). With unshare, specifying CLONE_SYSVSEM means unshare the sysvsem. So it seems reasonable that CLONE_NEWIPC without CLONE_SYSVSEM would just imply CLONE_SYSVSEM. However with clone, specifying CLONE_SYSVSEM means *share* the sysvsem. So calling clone(CLONE_SYSVSEM|CLONE_NEWIPC) is explicitly asking for something we can't allow. So return -EINVAL in that case. [akpm@linux-foundation.org: cleanups] Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Cc: Manfred Spraul <manfred@colorfullife.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: Michael Kerrisk <mtk.manpages@googlemail.com> Cc: Pierre Peiffer <peifferp@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2008-04-29 08:06:14 -07:00
Pavel Emelyanov	ae5e1b22f1	namespaces: move the IPC namespace under IPC_NS option ... Currently the IPC namespace management code is spread over the ipc/*.c files. I moved this code into ipc/namespace.c file which is compiled out when needed. The linux/ipc_namespace.h file is used to store the prototypes of the functions in namespace.c and the stubs for NAMESPACES=n case. This is done so, because the stub for copy_ipc_namespace requires the knowledge of the CLONE_NEWIPC flag, which is in sched.h. But the linux/ipc.h file itself in included into many many .c files via the sys.h->sem.h sequence so adding the sched.h into it will make all these .c depend on sched.h which is not that good. On the other hand the knowledge about the namespaces stuff is required in 4 .c files only. Besides, this patch compiles out some auxiliary functions from ipc/sem.c, msg.c and shm.c files. It turned out that moving these functions into namespaces.c is not that easy because they use many other calls and macros from the original file. Moving them would make this patch complicated. On the other hand all these functions can be consolidated, so I will send a separate patch doing this a bit later. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Cedric Le Goater <clg@fr.ibm.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Kirill Korotaev <dev@sw.ru> Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2008-02-08 09:22:23 -08:00
Pavel Emelyanov	30e49c263e	pid namespaces: allow cloning of new namespace ... When clone() is invoked with CLONE_NEWPID, create a new pid namespace and then create a new struct pid for the new process. Allocate pid_t's for the new process in the new pid namespace and all ancestor pid namespaces. Make the newly cloned process the session and process group leader. Since the active pid namespace is special and expected to be the first entry in pid->upid_list, preserve the order of pid namespaces. The size of 'struct pid' is dependent on the the number of pid namespaces the process exists in, so we use multiple pid-caches'. Only one pid cache is created during system startup and this used by processes that exist only in init_pid_ns. When a process clones its pid namespace, we create additional pid caches as necessary and use the pid cache to allocate 'struct pids' for that depth. Note, that with this patch the newly created namespace won't work, since the rest of the kernel still uses global pids, but this is to be fixed soon. Init pid namespace still works. [oleg@tv-sign.ru: merge fix] Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Sukadev Bhattiprolu <sukadev@us.ibm.com> Cc: Paul Menage <menage@google.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-10-19 11:53:39 -07:00
Pavel Emelyanov	cf7b708c8d	Make access to task's nsproxy lighter ... When someone wants to deal with some other taks's namespaces it has to lock the task and then to get the desired namespace if the one exists. This is slow on read-only paths and may be impossible in some cases. E.g. Oleg recently noticed a race between unshare() and the (sent for review in cgroups) pid namespaces - when the task notifies the parent it has to know the parent's namespace, but taking the task_lock() is impossible there - the code is under write locked tasklist lock. On the other hand switching the namespace on task (daemonize) and releasing the namespace (after the last task exit) is rather rare operation and we can sacrifice its speed to solve the issues above. The access to other task namespaces is proposed to be performed like this: rcu_read_lock(); nsproxy = task_nsproxy(tsk); if (nsproxy != NULL) { / * * work with the namespaces here * e.g. get the reference on one of them * / } / * * NULL task_nsproxy() means that this task is * almost dead (zombie) * / rcu_read_unlock(); This patch has passed the review by Eric and Oleg :) and, of course, tested. [clg@fr.ibm.com: fix unshare()] [ebiederm@xmission.com: Update get_net_ns_by_pid] Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-10-19 11:53:37 -07:00
Sukadev Bhattiprolu	2894d650cd	pid namespaces: define and use task_active_pid_ns() wrapper ... With multiple pid namespaces, a process is known by some pid_t in every ancestor pid namespace. Every time the process forks, the child process also gets a pid_t in every ancestor pid namespace. While a process is visible in >=1 pid namespaces, it can see pid_t's in only one pid namespace. We call this pid namespace it's "active pid namespace", and it is always the youngest pid namespace in which the process is known. This patch defines and uses a wrapper to find the active pid namespace of a process. The implementation of the wrapper will be changed in when support for multiple pid namespaces are added. Changelog: 2.6.22-rc4-mm2-pidns1: - [Pavel Emelianov, Alexey Dobriyan] Back out the change to use task_active_pid_ns() in child_reaper() since task->nsproxy can be NULL during task exit (so child_reaper() continues to use init_pid_ns). to implement child_reaper() since init_pid_ns.child_reaper to implement child_reaper() since tsk->nsproxy can be NULL during exit. 2.6.21-rc6-mm1: - Rename task_pid_ns() to task_active_pid_ns() to reflect that a process can have multiple pid namespaces. Signed-off-by: Sukadev Bhattiprolu <sukadev@us.ibm.com> Acked-by: Pavel Emelianov <xemul@openvz.org> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Cedric Le Goater <clg@fr.ibm.com> Cc: Dave Hansen <haveblue@us.ibm.com> Cc: Serge Hallyn <serue@us.ibm.com> Cc: Herbert Poetzel <herbert@13thfloor.at> Cc: Kirill Korotaev <dev@sw.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-10-19 11:53:37 -07:00
Serge E. Hallyn	858d72ead4	cgroups: implement namespace tracking subsystem ... When a task enters a new namespace via a clone() or unshare(), a new cgroup is created and the task moves into it. This version names cgroups which are automatically created using cgroup_clone() as "node_<pid>" where pid is the pid of the unsharing or cloned process. (Thanks Pavel for the idea) This is safe because if the process unshares again, it will create /cgroups/(...)/node_<pid>/node_<pid> The only possibilities (AFAICT) for a -EEXIST on unshare are 1. pid wraparound 2. a process fails an unshare, then tries again. Case 1 is unlikely enough that I ignore it (at least for now). In case 2, the node_<pid> will be empty and can be rmdir'ed to make the subsequent unshare() succeed. Changelog: Name cloned cgroups as "node_<pid>". [clg@fr.ibm.com: fix order of cgroup subsystems in init/Kconfig] Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Cc: Paul Menage <menage@google.com> Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-10-19 11:53:37 -07:00
Pavel Emelyanov	db8906da59	Use KMEM_CACHE macro to create the nsproxy cache ... The blessed way for standard caches is to use it. Besides, this may give this cache a better alignment. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Cedric Le Goater <clg@fr.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-10-17 08:42:59 -07:00
Eric W. Biederman	9dd776b6d7	[NET]: Add network namespace clone & unshare support. ... This patch allows you to create a new network namespace using sys_clone, or sys_unshare. As the network namespace is still experimental and under development clone and unshare support is only made available when CONFIG_NET_NS is selected at compile time. As this patch introduces network namespace support into code paths that exist when the CONFIG_NET is not selected there are a few additions made to net_namespace.h to allow a few more functions to be used when the networking stack is not compiled in. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>	2007-10-10 16:52:46 -07:00
Paul Mundt	20c2df83d2	mm: Remove slab destructors from kmem_cache_create(). ... Slab destructors were no longer supported after Christoph's c59def9f22 change. They've been BUGs for both slab and slub, and slob never supported them either. This rips out support for the dtor pointer from kmem_cache_create() completely and fixes up every single callsite in the kernel (there were about 224, not including the slab allocator definitions themselves, or the documentation references). Signed-off-by: Paul Mundt <lethal@linux-sh.org>	2007-07-20 10:11:58 +09:00
Eric W. Biederman	213dd266d4	namespace: ensure clone_flags are always stored in an unsigned long ... While working on unshare support for the network namespace I noticed we were putting clone flags in an int. Which is weird because the syscall uses unsigned long and we at least need an unsigned to properly hold all of the unshare flags. So to make the code consistent, this patch updates the code to use unsigned long instead of int for the clone flags in those places where we get it wrong today. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Cedric Le Goater <clg@fr.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-07-16 09:05:48 -07:00
Cedric Le Goater	98c0d07cbf	add a kmem_cache for nsproxy objects ... It should improve performance in some scenarii where a lot of these nsproxy objects are created by unsharing namespaces. This is a typical use of virtual servers that are being created or entered. This is also a good tool to find leaks and gather statistics on namespace usage. Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Pavel Emelianov <xemul@openvz.org> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-07-16 09:05:47 -07:00
Cedric Le Goater	467e9f4b50	fix create_new_namespaces() return value ... dup_mnt_ns() and clone_uts_ns() return NULL on failure. This is wrong, create_new_namespaces() uses ERR_PTR() to catch an error. This means that the subsequent create_new_namespaces() will hit BUG_ON() in copy_mnt_ns() or copy_utsname(). Modify create_new_namespaces() to also use the errors returned by the copy_*_ns routines and not to systematically return ENOMEM. [oleg@tv-sign.ru: better changelog] Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Cc: Serge E. Hallyn <serue@us.ibm.com> Cc: Badari Pulavarty <pbadari@us.ibm.com> Cc: Pavel Emelianov <xemul@openvz.org> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-07-16 09:05:47 -07:00
Serge E. Hallyn	77ec739d8d	user namespace: add unshare ... This patch enables the unshare of user namespaces. It adds a new clone flag CLONE_NEWUSER and implements copy_user_ns() which resets the current user_struct and adds a new root user (uid == 0) For now, unsharing the user namespace allows a process to reset its user_struct accounting and uid 0 in the new user namespace should be contained using appropriate means, for instance selinux The plan, when the full support is complete (all uid checks covered), is to keep the original user's rights in the original namespace, and let a process become uid 0 in the new namespace, with full capabilities to the new namespace. Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Acked-by: Pavel Emelianov <xemul@openvz.org> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Kirill Korotaev <dev@sw.ru> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Cc: Andrew Morgan <agm@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2007-07-16 09:05:47 -07:00