android11-5.4
727 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
904c2c6cd7 |
Linux 5.4.129
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAmDcbxkACgkQ3qZv95d3 LNxZMBAArNPLhVYdEDDFosb6Y/5RGjjZ/79OGHH0p5YiTo8D+wBHi+wXRl5Jp0PA 3YVVU8lDTbeDm7E7uWeduWjFwEpsPBL8395scbhC6VR3PfnyunjarVXZgi6EHnMl p6HjXXtQ1jTrdDSziGDIhZVQT5FGb2/MMx9m69mfi5BTLjGfWy8chHFbC2GZszlp Znu9syjisUBbc4I4XHFgXw0hoQSSig6SUTZCrdTpIW/PZ0swfl8ZPxREh0CZNMpw Y2orRt+oHlkWPw1/sSkoTE1PRvXwNWFXyw5caOu846jAfhKtxO54SsqJqhM7VLHZ pdH4eb6q7AFyt0A62HkIqa5oabs5Vk9G24b8m5ggc2F/UTkHqgwUcMCud0d3DYL0 Q7OEAmThQzHHKJ+CeNRJLsiKqVBNHmeS24B+ELldlAiX22vLr9pUsIb342Au1ZjR S3BTnneAbYGBv4qUoV2yUF9wQ/LxsFMSl/vmjCBOxg7c3LbKYChUwskYnvd6EwWj ObCyLU6FK9HWXSBSp/X+irlF1CLla+HuOC+Aej2U5a8DtmHId4LHMeq/XOxZ9s/8 QUoX4rh5P+TJ8PIiTqXKrQo5rnR79MiYssIhUozKTdt9ZoMtXzI4mVLXN/yzAVD9 v4aWYx8m2x17Wq+ptaLMSTSed4m3c25uEl4MucLBmKQV8ClAxW8= =Sijo -----END PGP SIGNATURE----- Merge 5.4.129 into android11-5.4-lts Changes in 5.4.129 module: limit enabling module.sig_enforce Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue." Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell." drm/nouveau: wait for moving fence after pinning v2 drm/radeon: wait for moving fence after pinning ARM: 9081/1: fix gcc-10 thumb2-kernel regression mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk kbuild: add CONFIG_LD_IS_LLD arm64: link with -z norelro for LLD or aarch64-elf MIPS: generic: Update node names to avoid unit addresses spi: spi-nxp-fspi: move the register operation after the clock enable Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() mac80211: remove warning in ieee80211_get_sband() mac80211_hwsim: drop pending frames on stop cfg80211: call cfg80211_leave_ocb when switching away from OCB dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() dmaengine: mediatek: free the proper desc in desc_free handler dmaengine: mediatek: do not issue a new desc if one is still current dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma net: ipv4: Remove unneed BUG() function mac80211: drop multicast fragments net: ethtool: clear heap allocations for ethtool function ping: Check return value of function 'ping_queue_rcv_skb' inet: annotate date races around sk->sk_txhash net: phy: dp83867: perform soft reset and retain established link net: caif: fix memory leak in ldisc_open net/packet: annotate accesses to po->bind net/packet: annotate accesses to po->ifindex r8152: Avoid memcpy() over-reading of ETH_SS_STATS sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS r8169: Avoid memcpy() over-reading of ETH_SS_STATS KVM: selftests: Fix kvm_check_cap() assertion net: qed: Fix memcpy() overflow of qed_dcbx_params() recordmcount: Correct st_shndx handling PCI: Add AMD RS690 quirk to enable 64-bit DMA net: ll_temac: Add memory-barriers for TX BD access net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY pinctrl: stm32: fix the reported number of GPIO lines per bank nilfs2: fix memory leak in nilfs_sysfs_delete_device_group KVM: do not allow mapping valid but non-reference-counted pages i2c: robotfuzz-osif: fix control-request directions kthread_worker: split code for canceling the delayed work timer kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() mm: add VM_WARN_ON_ONCE_PAGE() macro mm/rmap: remove unneeded semicolon in page_not_mapped() mm/rmap: use page_not_mapped in try_to_unmap() mm, thp: use head page in __migration_entry_wait() mm/thp: fix __split_huge_pmd_locked() on shmem migration entry mm/thp: make is_huge_zero_pmd() safe and quicker mm/thp: try_to_unmap() use TTU_SYNC for safe splitting mm/thp: fix vma_address() if virtual address below file offset mm/thp: fix page_address_in_vma() on file THP tails mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split mm: page_vma_mapped_walk(): use page for pvmw->page mm: page_vma_mapped_walk(): settle PageHuge on entry mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block mm: page_vma_mapped_walk(): crossing page table boundary mm: page_vma_mapped_walk(): add a level of indentation mm: page_vma_mapped_walk(): use goto instead of while (1) mm: page_vma_mapped_walk(): get vma_address_end() earlier mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() mm, futex: fix shared futex pgoff on shmem huge page certs: Add wrapper function to check blacklisted binary hash x86/efi: move common keyring handler functions to new file certs: Add EFI_CERT_X509_GUID support for dbx entries certs: Move load_system_certificate_list to a common function Linux 5.4.129 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6ba417dfeb30d91ebc61345bc057f927beeee0a9 |
||
Eric Snowberg
|
e20b90e4f8 |
certs: Add EFI_CERT_X509_GUID support for dbx entries
[ Upstream commit 56c5812623f95313f6a46fbf0beee7fa17c68bbf ] This fixes CVE-2020-26541. The Secure Boot Forbidden Signature Database, dbx, contains a list of now revoked signatures and keys previously approved to boot with UEFI Secure Boot enabled. The dbx is capable of containing any number of EFI_CERT_X509_SHA256_GUID, EFI_CERT_SHA256_GUID, and EFI_CERT_X509_GUID entries. Currently when EFI_CERT_X509_GUID are contained in the dbx, the entries are skipped. Add support for EFI_CERT_X509_GUID dbx entries. When a EFI_CERT_X509_GUID is found, it is added as an asymmetrical key to the .blacklist keyring. Anytime the .platform keyring is used, the keys in the .blacklist keyring are referenced, if a matching key is found, the key will be rejected. [DH: Made the following changes: - Added to have a config option to enable the facility. This allows a Kconfig solution to make sure that pkcs7_validate_trust() is enabled.[1][2] - Moved the functions out from the middle of the blacklist functions. - Added kerneldoc comments.] Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> cc: Randy Dunlap <rdunlap@infradead.org> cc: Mickaël Salaün <mic@digikod.net> cc: Arnd Bergmann <arnd@kernel.org> cc: keyrings@vger.kernel.org Link: https://lore.kernel.org/r/20200901165143.10295-1-eric.snowberg@oracle.com/ # rfc Link: https://lore.kernel.org/r/20200909172736.73003-1-eric.snowberg@oracle.com/ # v2 Link: https://lore.kernel.org/r/20200911182230.62266-1-eric.snowberg@oracle.com/ # v3 Link: https://lore.kernel.org/r/20200916004927.64276-1-eric.snowberg@oracle.com/ # v4 Link: https://lore.kernel.org/r/20210122181054.32635-2-eric.snowberg@oracle.com/ # v5 Link: https://lore.kernel.org/r/161428672051.677100.11064981943343605138.stgit@warthog.procyon.org.uk/ Link: https://lore.kernel.org/r/161433310942.902181.4901864302675874242.stgit@warthog.procyon.org.uk/ # v2 Link: https://lore.kernel.org/r/161529605075.163428.14625520893961300757.stgit@warthog.procyon.org.uk/ # v3 Link: https://lore.kernel.org/r/bc2c24e3-ed68-2521-0bf4-a1f6be4a895d@infradead.org/ [1] Link: https://lore.kernel.org/r/20210225125638.1841436-1-arnd@kernel.org/ [2] Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Nayna Jain
|
06ab9df09e |
x86/efi: move common keyring handler functions to new file
[ Upstream commit ad723674d6758478829ee766e3f1a2a24d56236f ] The handlers to add the keys to the .platform keyring and blacklisted hashes to the .blacklist keyring is common for both the uefi and powerpc mechanisms of loading the keys/hashes from the firmware. This patch moves the common code from load_uefi.c to keyring_handler.c Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1573441836-3632-4-git-send-email-nayna@linux.ibm.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
0c438f72d3 |
This is the 5.4.109 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBjGy8ACgkQONu9yGCS aT6P4Q//RUTmWKIEvODK9Hyac0qfvd1CsIgebVR/1hkadYO8OVssIVjSZoyHvfgg B2rsjrY1+ywwPl+IYFe4V29SIEuy+YWNo7rjavAPP7W1ybYzhaUXog7KSapho8cy hqTlLyWq/TeSehdomz2Luv5vM794RgEV4NjgxnBsncfjUchx5smGQH80xbKRbWFB QNq2h1coPbABv3dj1cBb1v2jiCc58QD8rfJuguaHjAiGem2HaMat2iWYo8T2Qcre UDb1yrOxCbwltc8+aRRcXI4QuS/4edPz3ZH8H9zdqMQVoS5RX0Alse+w6+F26c1c fRZmtg6t70wsznIQ+Jn6ouMY3Ea1jtrF4oVjMCMnno+4V7BgDGW+A+CAqbCC90mt QTwaObNyJRjUYjlLmTml7t+S3GqW2YoC2jALs2P3hx/ht0wOl6TIt7YmHCh3/tnR wZjyofl+2ml/z+cPqP7/IWGJzzNCEwxreZNcvjgx+k/L/zeNri4q/+fLETe0VE0H LNU04JBl2oOOMpkyX8MJODH5Gm9sOg+GiQ3tEZWsgls0mwtxKMxRuu6zNPQvIY93 cGntM1kVTtQ8fzIUugZR0JgElnosg1xFup3nQKyoids+SEGDgDpC4O5pxYvNW8oo jThLWud1waFzhnVXGRGviI0irQPUeYh7Bfw///c7hPHbqw9+F0k= =6s9w -----END PGP SIGNATURE----- Merge 5.4.109 into android11-5.4-lts Changes in 5.4.109 hugetlbfs: hugetlb_fault_mutex_hash() cleanup net: fec: ptp: avoid register access when ipg clock is disabled powerpc/4xx: Fix build errors from mfdcr() atm: eni: dont release is never initialized atm: lanai: dont run lanai_dev_close if not open Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" ALSA: hda: ignore invalid NHLT table ixgbe: Fix memleak in ixgbe_configure_clsu32 net: tehuti: fix error return code in bdx_probe() net: intel: iavf: fix error return code of iavf_init_get_resources() sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count gianfar: fix jumbo packets+napi+rx overrun crash cifs: ask for more credit on async read/write code paths cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev gpiolib: acpi: Add missing IRQF_ONESHOT nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default NFS: Correct size calculation for create reply length net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() net: wan: fix error return code of uhdlc_init() net: davicom: Use platform_get_irq_optional() atm: uPD98402: fix incorrect allocation atm: idt77252: fix null-ptr-dereference cifs: change noisy error message to FYI irqchip/ingenic: Add support for the JZ4760 sparc64: Fix opcode filtering in handling of no fault loads habanalabs: Call put_pid() when releasing control device u64_stats,lockdep: Fix u64_stats_init() vs lockdep regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck drm/amd/display: Revert dram_clock_change_latency for DCN2.1 drm/amdgpu: fb BO should be ttm_bo_type_device drm/radeon: fix AGP dependency nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a nfs: we don't support removing system.nfs4_acl block: Suppress uevent for hidden device when removed ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign netsec: restore phy power state after controller reset platform/x86: intel-vbtn: Stop reporting SW_DOCK events squashfs: fix inode lookup sanity checks squashfs: fix xattr id and id lookup sanity checks kasan: fix per-page tags for non-page_alloc pages gcov: fix clang-11+ support ACPI: video: Add missing callback back for Sony VPCEH3U1E arm64: dts: ls1046a: mark crypto engine dma coherent arm64: dts: ls1012a: mark crypto engine dma coherent arm64: dts: ls1043a: mark crypto engine dma coherent ARM: dts: at91-sama5d27_som1: fix phy address to 7 integrity: double check iint_cache was initialized dm verity: fix DM_VERITY_OPTS_MAX value dm ioctl: fix out of bounds array access when no devices bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD veth: Store queue_mapping independently of XDP prog presence libbpf: Fix INSTALL flag order net/mlx5e: Don't match on Geneve options in case option masks are all zero ipv6: fix suspecious RCU usage warning macvlan: macvlan_count_rx() needs to be aware of preemption net: sched: validate stab values net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port igc: Fix Pause Frame Advertising igc: Fix Supported Pause Frame Link Setting e1000e: add rtnl_lock() to e1000_reset_task e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template ftgmac100: Restart MAC HW once selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed netfilter: ctnetlink: fix dump of the expect mask attribute tcp: relookup sock for RST+ACK packets handled by obsolete req sock can: peak_usb: add forgotten supported devices can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate can: kvaser_pciefd: Always disable bus load reporting can: c_can_pci: c_can_pci_remove(): fix use-after-free can: c_can: move runtime PM enable/disable to c_can_platform can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors mac80211: fix rate mask reset nfp: flower: fix pre_tun mask id allocation libbpf: Use SOCK_CLOEXEC when opening the netlink socket octeontx2-af: Fix irq free in rvu teardown octeontx2-af: fix infinite loop in unmapping NPC counter net: cdc-phonet: fix data-interface release on probe failure r8152: limit the RX buffer size of RTL8153A for USB 2.0 net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value libbpf: Fix BTF dump of pointer-to-array-of-struct drm/msm: fix shutdown hook in case GPU components failed to bind arm64: kdump: update ppos when reading elfcorehdr PM: runtime: Defer suspending suppliers net/mlx5e: Fix error path for ethtool set-priv-flag PM: EM: postpone creating the debugfs dir till fs_initcall RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs Revert "netfilter: x_tables: Switch synchronization to RCU" netfilter: x_tables: Use correct memory barriers. Revert "netfilter: x_tables: Update remaining dereference to RCU" ACPI: scan: Rearrange memory allocation in acpi_device_add() ACPI: scan: Use unique number for instance_no perf auxtrace: Fix auxtrace queue conflict block: recalculate segment count for multi-segment discards correctly scsi: Revert "qla2xxx: Make sure that aborted commands are freed" scsi: qedi: Fix error return code of qedi_alloc_global_queues() scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() locking/mutex: Fix non debug version of mutex_lock_io_nested() x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() can: dev: Move device back to init netns on owning netns delete net: dsa: b53: VLAN filtering is global to all users net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() mac80211: fix double free in ibss_leave ext4: add reclaim checks to xattr code can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" xen-blkback: don't leak persistent grants from xen_blkbk_map() Linux 5.4.109 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Iccbd7139d673f2def3675ef3f3d973ace2eb6e4d |
||
Mimi Zohar
|
752589cd4e |
integrity: double check iint_cache was initialized
commit 92063f3ca73aab794bd5408d3361fd5b5ea33079 upstream.
The kernel may be built with multiple LSMs, but only a subset may be
enabled on the boot command line by specifying "lsm=". Not including
"integrity" on the ordered LSM list may result in a NULL deref.
As reported by Dmitry Vyukov:
in qemu:
qemu-system-x86_64 -enable-kvm -machine q35,nvdimm -cpu
max,migratable=off -smp 4 -m 4G,slots=4,maxmem=16G -hda
wheezy.img -kernel arch/x86/boot/bzImage -nographic -vga std
-soundhw all -usb -usbdevice tablet -bt hci -bt device:keyboard
-net user,host=10.0.2.10,hostfwd=tcp::10022-:22 -net
nic,model=virtio-net-pci -object
memory-backend-file,id=pmem1,share=off,mem-path=/dev/zero,size=64M
-device nvdimm,id=nvdimm1,memdev=pmem1 -append "console=ttyS0
root=/dev/sda earlyprintk=serial rodata=n oops=panic panic_on_warn=1
panic=86400 lsm=smack numa=fake=2 nopcid dummy_hcd.num=8" -pidfile
vm_pid -m 2G -cpu host
But it crashes on NULL deref in integrity_inode_get during boot:
Run /sbin/init as init process
BUG: kernel NULL pointer dereference, address: 000000000000001c
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 3 PID: 1 Comm: swapper/0 Not tainted 5.12.0-rc2+ #97
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.13.0-44-g88ab0c15525c-prebuilt.qemu.org 04/01/2014
RIP: 0010:kmem_cache_alloc+0x2b/0x370 mm/slub.c:2920
Code: 57 41 56 41 55 41 54 41 89 f4 55 48 89 fd 53 48 83 ec 10 44 8b
3d d9 1f 90 0b 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 31 c0 <8b> 5f
1c 4cf
RSP: 0000:ffffc9000032f9d8 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888017fc4f00 RCX: 0000000000000000
RDX: ffff888040220000 RSI: 0000000000000c40 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: ffff888019263627
R10: ffffffff83937cd1 R11: 0000000000000000 R12: 0000000000000c40
R13: ffff888019263538 R14: 0000000000000000 R15: 0000000000ffffff
FS: 0000000000000000(0000) GS:ffff88802d180000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000001c CR3: 000000000b48e000 CR4: 0000000000750ee0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
integrity_inode_get+0x47/0x260 security/integrity/iint.c:105
process_measurement+0x33d/0x17e0 security/integrity/ima/ima_main.c:237
ima_bprm_check+0xde/0x210 security/integrity/ima/ima_main.c:474
security_bprm_check+0x7d/0xa0 security/security.c:845
search_binary_handler fs/exec.c:1708 [inline]
exec_binprm fs/exec.c:1761 [inline]
bprm_execve fs/exec.c:1830 [inline]
bprm_execve+0x764/0x19a0 fs/exec.c:1792
kernel_execve+0x370/0x460 fs/exec.c:1973
try_to_run_init_process+0x14/0x4e init/main.c:1366
kernel_init+0x11d/0x1b8 init/main.c:1477
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
Modules linked in:
CR2: 000000000000001c
---[ end trace 22d601a500de7d79 ]---
Since LSMs and IMA may be configured at build time, but not enabled at
run time, panic the system if "integrity" was not initialized before use.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
172cf44d0d |
This is the 5.4.102 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBAqDoACgkQONu9yGCS
aT7R4A//RC4/R+Uc+cX8I2al+B017epRXRtfMDz7cd/dO1SAAhgDi4zrebAxs1XP
6g/t37NuDZ0rjKxMBRzATSwizDLP9gKpeWCVQTtvlHGf+tm/5sn2bt7pckoPvXvo
GqXPT4YgUgZQSHE+YG5Rhjtv0xMcOEu9yNTsPNZJU6BDdYJylQX/D97MPVjJjbXJ
Sz+U98wHt0zIbwkg13/2FZvPMdEKL0z8Ub/SIKDaXfFSPJMDYb/5UcEfdnDctSbI
B3i2i1/IXa97EmNG/MNDi1zPI2l9+PtRrtIzpfLASRNx3ySceiC25EyDk0mp5JnZ
czxXJ0NxG9z9Pk9X6Isvaz6X5Nqv70LORTFeZRBEp0ohYbsxH/yBuPZ0T8bukjgU
MA/uZDQryfeNgBN1aEJlTRCAmGyyD6NIICsNPnetmmowgqYxhHXt0tVafMvWpH9F
vbM3eHcOfOfNejoQiPqTj5vX7NF0BZGQYa5LywKHeGe5q2nwaMj++Kffj9ERCo49
OZFylFPiQVdEjse07JJb5vGWQkvvTv1FDB+zb7GVgHwJNnb9Lswv2VQbjdZBS++h
YUuDSxkhEYR+vdKKLcFBbjAYkJXrpiSeXzywjR5N0c90OJdaBX1kpAbBHHXYiwo1
P39l5/hsxWljQ1ZJqbeFWr2ef27xDiEz7aPojLUlyjBRgBC4eYc=
=JSQX
-----END PGP SIGNATURE-----
Merge 5.4.102 into android11-5.4-lts
Changes in 5.4.102
vmlinux.lds.h: add DWARF v5 sections
kvm: x86: replace kvm_spec_ctrl_test_value with runtime test on the host
debugfs: be more robust at handling improper input in debugfs_lookup()
debugfs: do not attempt to create a new file before the filesystem is initalized
kdb: Make memory allocations more robust
PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064
PCI: Decline to resize resources if boot config must be preserved
virt: vbox: Do not use wait_event_interruptible when called from kernel context
bfq: Avoid false bfq queue merging
ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode
MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
random: fix the RNDRESEEDCRNG ioctl
ath10k: Fix error handling in case of CE pipe init failure
Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function
Bluetooth: hci_uart: Fix a race for write_work scheduling
Bluetooth: Fix initializing response id after clearing struct
ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family
arm64: dts: exynos: correct PMIC interrupt trigger level on TM2
arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops
bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h
bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args
arm64: dts: allwinner: A64: properly connect USB PHY to port 0
arm64: dts: allwinner: H6: properly connect USB PHY to port 0
arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card
arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency
arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz
cpufreq: brcmstb-avs-cpufreq: Free resources in error path
cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove()
ACPICA: Fix exception code class checks
usb: gadget: u_audio: Free requests only after callback
Bluetooth: drop HCI device reference before return
Bluetooth: Put HCI device if inquiry procedure interrupts
memory: ti-aemif: Drop child node when jumping out loop
ARM: dts: Configure missing thermal interrupt for 4430
usb: dwc2: Do not update data length if it is 0 on inbound transfers
usb: dwc2: Abort transaction after errors with unknown reason
usb: dwc2: Make "trimming xfer length" a debug message
staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules
ARM: dts: armada388-helios4: assign pinctrl to LEDs
ARM: dts: armada388-helios4: assign pinctrl to each fan
arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to a53-firmware
Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv
arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
ARM: s3c: fix fiq for clang IAS
soc: aspeed: snoop: Add clock control logic
bpf_lru_list: Read double-checked variable once without lock
ath9k: fix data bus crash when setting nf_override via debugfs
ibmvnic: Set to CLOSED state even on error
bnxt_en: reverse order of TX disable and carrier off
xen/netback: fix spurious event detection for common event case
mac80211: fix potential overflow when multiplying to u32 integers
bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx
tcp: fix SO_RCVLOWAT related hangs under mem pressure
net: axienet: Handle deferred probe on clock properly
cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds
b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
ibmvnic: add memory barrier to protect long term buffer
ibmvnic: skip send_request_unmap for timeout reset
net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
net: amd-xgbe: Reset link when the link never comes back
net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP
net: mvneta: Remove per-cpu queue mapping for Armada 3700
fbdev: aty: SPARC64 requires FB_ATY_CT
drm/gma500: Fix error return code in psb_driver_load()
gma500: clean up error handling in init
drm/fb-helper: Add missed unlocks in setcmap_legacy()
crypto: sun4i-ss - linearize buffers content must be kept
crypto: sun4i-ss - fix kmap usage
crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled
drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition
MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
media: i2c: ov5670: Fix PIXEL_RATE minimum value
media: imx: Unregister csc/scaler only if registered
media: imx: Fix csc/scaler unregister
media: camss: missing error code in msm_video_register()
media: vsp1: Fix an error handling path in the probe function
media: em28xx: Fix use-after-free in em28xx_alloc_urbs
media: media/pci: Fix memleak in empress_init
media: tm6000: Fix memleak in tm6000_start_stream
media: aspeed: fix error return code in aspeed_video_setup_video()
ASoC: cs42l56: fix up error handling in probe
evm: Fix memleak in init_desc
crypto: bcm - Rename struct device_private to bcm_device_private
drm/sun4i: tcon: fix inverted DCLK polarity
MIPS: properly stop .eh_frame generation
bsg: free the request before return error code
drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction.
drm/amd/display: Fix HDMI deep color output for DCE 6-11.
media: software_node: Fix refcounts in software_node_get_next_child()
media: lmedm04: Fix misuse of comma
media: qm1d1c0042: fix error return code in qm1d1c0042_init()
media: cx25821: Fix a bug when reallocating some dma memory
media: pxa_camera: declare variable when DEBUG is defined
media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
sched/eas: Don't update misfit status if the task is pinned
mtd: parser: imagetag: fix error codes in bcm963xx_parse_imagetag_partitions()
crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error)
drm/nouveau: bail out of nouveau_channel_new if channel init fails
ata: ahci_brcm: Add back regulators management
ASoC: cpcap: fix microphone timeslot mask
mtd: parsers: afs: Fix freeing the part name memory in failure
f2fs: fix to avoid inconsistent quota data
drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask()
f2fs: fix a wrong condition in __submit_bio
Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind()
ASoC: SOF: debug: Fix a potential issue on string buffer termination
btrfs: clarify error returns values in __load_free_space_cache
hwrng: timeriomem - Fix cooldown period calculation
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
ima: Free IMA measurement buffer on error
ima: Free IMA measurement buffer after kexec syscall
ASoC: simple-card-utils: Fix device module clock
fs/jfs: fix potential integer overflow on shift of a int
jffs2: fix use after free in jffs2_sum_write_data()
ubifs: Fix memleak in ubifs_init_authentication
ubifs: Fix error return code in alloc_wbufs()
capabilities: Don't allow writing ambiguous v3 file capabilities
HSI: Fix PM usage counter unbalance in ssi_hw_init
clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
clk: meson: clk-pll: make "ret" a signed integer
clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate()
selftests/powerpc: Make the test check in eeh-basic.sh posix compliant
quota: Fix memory leak when handling corrupted quota file
i2c: iproc: handle only slave interrupts which are enabled
i2c: iproc: update slave isr mask (ISR_MASK_SLAVE)
i2c: iproc: handle master read request
spi: cadence-quadspi: Abort read if dummy cycles required are too many
clk: sunxi-ng: h6: Fix CEC clock
HID: core: detect and skip invalid inputs to snto32()
RDMA/siw: Fix handling of zero-sized Read and Receive Queues.
dmaengine: fsldma: Fix a resource leak in the remove function
dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function
dmaengine: owl-dma: Fix a resource leak in the remove function
dmaengine: hsu: disable spurious interrupt
mfd: bd9571mwv: Use devm_mfd_add_devices()
fdt: Properly handle "no-map" field in the memory region
of/fdt: Make sure no-map does not remove already reserved regions
power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
rtc: s5m: select REGMAP_I2C
clocksource/drivers/ixp4xx: Select TIMER_OF when needed
clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined
RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation
clk: sunxi-ng: h6: Fix clock divider range on some clocks
regulator: axp20x: Fix reference cout leak
certs: Fix blacklist flag type confusion
regulator: s5m8767: Fix reference count leak
spi: atmel: Put allocated master before return
regulator: s5m8767: Drop regulators OF node reference
regulator: core: Avoid debugfs: Directory ... already present! error
isofs: release buffer head before return
auxdisplay: ht16k33: Fix refresh rate handling
objtool: Fix error handling for STD/CLD warnings
objtool: Fix ".cold" section suffix check for newer versions of GCC
IB/umad: Return EIO in case of when device disassociated
IB/umad: Return EPOLLERR in case of when device disassociated
KVM: PPC: Make the VMX instruction emulation routines static
powerpc/47x: Disable 256k page size
mmc: sdhci-sprd: Fix some resource leaks in the remove function
mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes
ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct
amba: Fix resource leak for drivers without .remove
IB/mlx5: Return appropriate error code instead of ENOMEM
IB/cm: Avoid a loop when device has 255 ports
tracepoint: Do not fail unregistering a probe due to memory failure
perf tools: Fix DSO filtering when not finding a map for a sampled address
perf vendor events arm64: Fix Ampere eMag event typo
RDMA/rxe: Fix coding error in rxe_recv.c
RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt
RDMA/rxe: Correct skb on loopback path
spi: stm32: properly handle 0 byte transfer
mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
powerpc/pseries/dlpar: handle ibm, configure-connector delay status
powerpc/8xx: Fix software emulation interrupt
clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs
RDMA/hns: Fixed wrong judgments in the goto branch
RDMA/siw: Fix calculation of tx_valid_cpus size
RDMA/hns: Fix type of sq_signal_bits
spi: pxa2xx: Fix the controller numbering for Wildcat Point
regulator: qcom-rpmh: fix pm8009 ldo7
clk: aspeed: Fix APLL calculate formula from ast2600-A2
nfsd: register pernet ops last, unregister first
RDMA/hns: Fixes missing error code of CMDQ
Input: sur40 - fix an error code in sur40_probe()
perf intel-pt: Fix missing CYC processing in PSB
perf intel-pt: Fix premature IPC
perf test: Fix unaligned access in sample parsing test
Input: elo - fix an error code in elo_connect()
sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
misc: eeprom_93xx46: Fix module alias to enable module autoprobe
phy: rockchip-emmc: emmc_phy_init() always return 0
misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users
soundwire: cadence: fix ACK/NAK handling
pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
VMCI: Use set_page_dirty_lock() when unregistering guest memory
PCI: Align checking of syscall user config accessors
mei: hbm: call mei_set_devstate() on hbm stop response
drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
drm/msm/mdp5: Fix wait-for-commit for cmd panels
vfio/iommu_type1: Fix some sanity checks in detach group
ext4: fix potential htree index checksum corruption
nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of()
nvmem: core: skip child nodes not matching binding
regmap: sdw: use _no_pm functions in regmap_read/write
i40e: Fix flow for IPv6 next header (extension header)
i40e: Add zero-initialization of AQ command structures
i40e: Fix overwriting flow control settings during driver loading
i40e: Fix addition of RX filters after enabling FW LLDP agent
i40e: Fix VFs not created
i40e: Fix add TC filter for IPv6
vfio/type1: Use follow_pte()
net/mlx4_core: Add missed mlx4_free_cmd_mailbox()
vxlan: move debug check after netdev unregister
ocfs2: fix a use after free on error
mm/memory.c: fix potential pte_unmap_unlock pte error
mm/hugetlb: fix potential double free in hugetlb_register_node() error path
mm/compaction: fix misbehaviors of fast_find_migrateblock()
r8169: fix jumbo packet handling on RTL8168e
arm64: Add missing ISB after invalidating TLB in __primary_switch
i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition
mm/rmap: fix potential pte_unmap on an not mapped pte
scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
blk-settings: align max_sectors on "logical_block_size" boundary
ACPI: property: Fix fwnode string properties matching
ACPI: configfs: add missing check after configfs_register_default_group()
HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming
HID: wacom: Ignore attempts to overwrite the touch_max value from HID
Input: raydium_ts_i2c - do not send zero length
Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
Input: joydev - prevent potential read overflow in ioctl
Input: i8042 - add ASUS Zenbook Flip to noselftest list
media: mceusb: Fix potential out-of-bounds shift
USB: serial: option: update interface mapping for ZTE P685M
usb: musb: Fix runtime PM race in musb_queue_resume_work
usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
USB: serial: ftdi_sio: fix FTX sub-integer prescaler
USB: serial: mos7840: fix error code in mos7840_write()
USB: serial: mos7720: fix error code in mos7720_write()
ALSA: hda: Add another CometLake-H PCI ID
ALSA: hda/realtek: modify EAPD in the ALC886
Revert "bcache: Kill btree_io_wq"
bcache: Give btree_io_wq correct semantics again
bcache: Move journal work to new flush wq
drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1
drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2)
drm/nouveau/kms: handle mDP connectors
drm/sched: Cancel and flush all outstanding jobs before finish.
erofs: initialized fields can only be observed after bit is set
tpm_tis: Fix check_locality for correct locality acquisition
tpm_tis: Clean up locality release
KEYS: trusted: Fix migratable=1 failing
btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
btrfs: fix reloc root leak with 0 ref reloc roots on recovery
btrfs: splice remaining dirty_bg's onto the transaction dirty bg list
btrfs: fix extent buffer leak on failure to copy root
crypto: arm64/sha - add missing module aliases
crypto: aesni - prevent misaligned buffers on the stack
crypto: sun4i-ss - checking sg length is not sufficient
crypto: sun4i-ss - handle BigEndian for cipher
crypto: sun4i-ss - initialize need_fallback
seccomp: Add missing return in non-void function
misc: rtsx: init of rts522a add OCP power off when no card is present
drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue
pstore: Fix typo in compression option name
dts64: mt7622: fix slow sd card access
staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c
staging: gdm724x: Fix DMA from stack
staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt()
x86/virt: Eat faults on VMXOFF in reboot flows
x86/reboot: Force all cpus to exit VMX root if VMX is supported
powerpc/prom: Fix "ibm,arch-vec-5-platform-support" scan
rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers
rcu/nocb: Perform deferred wake up before last idle's need_resched() check
floppy: reintroduce O_NDELAY fix
arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() fails
arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ
watchdog: mei_wdt: request stop on unregister
mtd: spi-nor: sfdp: Fix last erase region marking
mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region
mtd: spi-nor: core: Fix erase type discovery for overlaid region
mtd: spi-nor: core: Add erase size check for erase command initialization
mtd: spi-nor: hisi-sfc: Put child node np on error path
fs/affs: release old buffer head on error path
seq_file: document how per-entry resources are managed.
x86: fix seq_file iteration for pat/memtype.c
hugetlb: fix update_and_free_page contig page struct assumption
hugetlb: fix copy_huge_page_from_user contig page struct assumption
arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55
media: smipcie: fix interrupt handling and IR timeout
module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
mmc: sdhci-esdhc-imx: fix kernel panic when remove module
powerpc/32s: Add missing call to kuep_lock on syscall entry
spmi: spmi-pmic-arb: Fix hw_irq overflow
gpio: pcf857x: Fix missing first interrupt
printk: fix deadlock when kernel panic
cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available
s390/vtime: fix inline assembly clobber list
virtio/s390: implement virtio-ccw revision 2 correctly
um: mm: check more comprehensively for stub changes
f2fs: fix out-of-repair __setattr_copy()
sparc32: fix a user-triggerable oops in clear_user()
spi: spi-synquacer: fix set_cs handling
gfs2: Don't skip dlm unlock if glock has an lvb
gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end
dm: fix deadlock when swapping to encrypted device
dm writecache: fix writing beyond end of underlying device when shrinking
dm era: Recover committed writeset after crash
dm era: Verify the data block size hasn't changed
dm era: Fix bitset memory leaks
dm era: Use correct value size in equality function of writeset tree
dm era: Reinitialize bitset cache before digesting a new writeset
dm era: only resize metadata in preresume
drm/i915: Reject 446-480MHz HDMI clock on GLK
icmp: introduce helper for nat'd source address in network device context
icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n
gtp: use icmp_ndo_send helper
sunvnet: use icmp_ndo_send helper
xfrm: interface: use icmp_ndo_send helper
ipv6: icmp6: avoid indirect call for icmpv6_send()
ipv6: silence compilation warning for non-IPV6 builds
net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
net: sched: fix police ext initialization
dm era: Update in-core bitset after committing the metadata
net: qrtr: Fix memory leak in qrtr_tun_open
ARM: dts: aspeed: Add LCLK to lpc-snoop
Linux 5.4.102
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie4d4b39755277412c370c011e32092624d593765
|
||
David Howells
|
0fec3272ab |
certs: Fix blacklist flag type confusion
[ Upstream commit 4993e1f9479a4161fd7d93e2b8b30b438f00cb0f ]
KEY_FLAG_KEEP is not meant to be passed to keyring_alloc() or key_alloc(),
as these only take KEY_ALLOC_* flags. KEY_FLAG_KEEP has the same value as
KEY_ALLOC_BYPASS_RESTRICTION, but fortunately only key_create_or_update()
uses it. LSMs using the key_alloc hook don't check that flag.
KEY_FLAG_KEEP is then ignored but fortunately (again) the root user cannot
write to the blacklist keyring, so it is not possible to remove a key/hash
from it.
Fix this by adding a KEY_ALLOC_SET_KEEP flag that tells key_alloc() to set
KEY_FLAG_KEEP on the new key. blacklist_init() can then, correctly, pass
this to keyring_alloc().
We can also use this in ima_mok_init() rather than setting the flag
manually.
Note that this doesn't fix an observable bug with the current
implementation but it is required to allow addition of new hashes to the
blacklist in the future without making it possible for them to be removed.
Fixes:
|
||
Lakshmi Ramasubramanian
|
091b409383 |
ima: Free IMA measurement buffer after kexec syscall
[ Upstream commit f31e3386a4e92ba6eda7328cb508462956c94c64 ]
IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function. This buffer is not freed before
completing the kexec system call resulting in memory leak.
Add ima_buffer field in "struct kimage" to store the virtual address
of the buffer allocated for the IMA measurement list.
Free the memory allocated for the IMA measurement list in
kimage_file_post_load_cleanup() function.
Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes:
|
||
|
Lakshmi Ramasubramanian
|
e436d3f7bd |
ima: Free IMA measurement buffer on error
[ Upstream commit 6d14c6517885fa68524238787420511b87d671df ]
IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function. In error code paths this memory
is not freed resulting in memory leak.
Free the memory allocated for the IMA measurement list in
the error code paths in ima_add_kexec_buffer() function.
Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes:
|
||
Dinghao Liu
|
3d5afcae9a |
evm: Fix memleak in init_desc
[ Upstream commit ccf11dbaa07b328fa469415c362d33459c140a37 ]
tmp_tfm is allocated, but not freed on subsequent kmalloc failure, which
leads to a memory leak. Free tmp_tfm.
Fixes:
|
||
|
Greg Kroah-Hartman
|
d45416b62b |
This is the 5.4.86 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/sW9MACgkQONu9yGCS
aT5SwBAAo6dgHqwmPfuf98/8oVeVqTxcmE7GpzpVRH2+yI7Zwk2ez29tAflcM7lT
LKtR2WFGAxoCL4DUKXeO7Ubwpue5NoBIsJ8/dAYBesojps3WDaFGL55PvJLWwFJ7
5gPtPzynITaqIC1JCFcrJ7OTp7REiCUZRc1CJXJINWAYL1VbEbH8pH904xfFcivy
XnNyL9UiWp1lSB8oF3CRJOaK5M5gY1+wdCFaLVqQn306XDEM8PvZK4G3at/jXWgH
jQjArdtC8M8NwjyTwtqW9JAMV+6CD0/HXk0QboTZg6yiaRrtUsfzMqJ1cvhKcQgO
kLE3rwdnr3/MxuzSnGWbswflG2WCutoah58g0uN8H0nCiui5mKN6x5K+emgDZIoO
ndDnh+/5OE247EK+3CGn/0N8i/fOymrLAnLL4wCXVdlQLMCalnL37ibdfGbAptXi
N3GOGZ2iEglvTsEr5w0r86+AzNskm5EqA7mFGFiAyf9viR2xwYk3RrWf2ZyMRos2
2S7mKcZmw7voDu2TIDIhqydToBKxmYI/mUn3mFFme1h3lwzM3zYG1aovVLfd5NkY
Gx5E/CA/ut/3n0u/dXJ8SxEitBWkqImp5UdYcElQNxQoXnVU4yKmjf6dDL9Wqh+1
ujCiaCUJd3PY0uXXIb6RWWGs2VaL4xiEnk+ZBm0VI9WEUWksSx0=
=jnmv
-----END PGP SIGNATURE-----
Merge 5.4.86 into android11-5.4-lts
Changes in 5.4.86
ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY
ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator
ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node
pinctrl: merrifield: Set default bias in case no particular value given
pinctrl: baytrail: Avoid clearing debounce value when turning it off
ARM: dts: sun8i: v3s: fix GIC node memory range
ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY
ARM: dts: imx6qdl-wandboard-revd1: Remove PAD_GPIO_6 from enetgrp
ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin
PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter
gpio: zynq: fix reference leak in zynq_gpio functions
gpio: mvebu: fix potential user-after-free on probe
scsi: bnx2i: Requires MMU
xsk: Fix xsk_poll()'s return type
xsk: Replace datagram_poll by sock_poll_wait
can: softing: softing_netdev_open(): fix error handling
clk: renesas: r9a06g032: Drop __packed for portability
block: Simplify REQ_OP_ZONE_RESET_ALL handling
block: factor out requeue handling from dispatch code
blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick
pinctrl: aspeed: Fix GPIO requests on pass-through banks
netfilter: x_tables: Switch synchronization to RCU
netfilter: nft_compat: make sure xtables destructors have run
netfilter: nft_dynset: fix timeouts later than 23 days
afs: Fix memory leak when mounting with multiple source parameters
Revert "gpio: eic-sprd: Use devm_platform_ioremap_resource()"
gpio: eic-sprd: break loop when getting NULL device resource
netfilter: nft_ct: Remove confirmation check for NFT_CT_ID
selftests/bpf/test_offload.py: Reset ethtool features after failed setting
RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
i40e: Refactor rx_bi accesses
i40e: optimise prefetch page refcount
i40e: avoid premature Rx buffer reuse
ixgbe: avoid premature Rx buffer reuse
selftests: fix poll error in udpgro.sh
net: mvpp2: add mvpp2_phylink_to_port() helper
drm/tegra: replace idr_init() by idr_init_base()
kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling
drm/tegra: sor: Disable clocks on error in tegra_sor_init()
habanalabs: put devices before driver removal
arm64: syscall: exit userspace before unmasking exceptions
vxlan: Add needed_headroom for lower device
vxlan: Copy needed_tailroom from lowerdev
scsi: mpt3sas: Increase IOCInit request timeout to 30s
dm table: Remove BUG_ON(in_interrupt())
iwlwifi: pcie: add one missing entry for AX210
drm/amd/display: Init clock value by current vbios CLKs
perf/x86/intel: Check PEBS status correctly
kbuild: avoid split lines in .mod files
soc/tegra: fuse: Fix index bug in get_process_id
usb: mtu3: fix memory corruption in mtu3_debugfs_regset()
USB: serial: option: add interface-number sanity check to flag handling
USB: gadget: f_acm: add support for SuperSpeed Plus
USB: gadget: f_midi: setup SuperSpeed Plus descriptors
usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus
USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU
ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410
ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU
coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf()
coresight: tmc-etr: Check if page is valid before dma_map_page()
coresight: tmc-etr: Fix barrier packet insertion for perf buffer
coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf()
scsi: megaraid_sas: Check user-provided offsets
HID: i2c-hid: add Vero K147 to descriptor override
serial_core: Check for port state when tty is in error state
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
quota: Sanity-check quota file headers on load
media: msi2500: assign SPI bus number dynamically
crypto: af_alg - avoid undefined behavior accessing salg_name
md: fix a warning caused by a race between concurrent md_ioctl()s
drm/gma500: fix double free of gma_connector
drm/aspeed: Fix Kconfig warning & subsequent build errors
drm/mcde: Fix handling of platform_get_irq() error
drm/tve200: Fix handling of platform_get_irq() error
arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node
arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node
soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains()
soc: mediatek: Check if power domains can be powered on at boot time
soc: qcom: geni: More properly switch to DMA mode
Revert "i2c: i2c-qcom-geni: Fix DMA transfer race"
RDMA/bnxt_re: Set queue pair state when being queried
rtc: pcf2127: fix pcf2127_nvmem_read/write() returns
selinux: fix error initialization in inode_doinit_with_dentry()
ARM: dts: aspeed: s2600wf: Fix VGA memory region location
RDMA/rxe: Compute PSN windows correctly
x86/mm/ident_map: Check for errors from ident_pud_init()
ARM: p2v: fix handling of LPAE translation in BE mode
x86/apic: Fix x2apic enablement without interrupt remapping
sched/deadline: Fix sched_dl_global_validate()
sched: Reenable interrupts in do_sched_yield()
drm/amdgpu: fix incorrect enum type
crypto: talitos - Endianess in current_desc_hdr()
crypto: talitos - Fix return type of current_desc_hdr()
crypto: inside-secure - Fix sizeof() mismatch
ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode
ARM: dts: aspeed: tiogapass: Remove vuart
drm/amdgpu: fix build_coefficients() argument
powerpc/64: Set up a kernel stack for secondaries before cpu_restore()
spi: img-spfi: fix reference leak in img_spfi_resume
f2fs: call f2fs_get_meta_page_retry for nat page
drm/msm/dsi_pll_10nm: restore VCO rate during restore_state
spi: spi-mem: fix reference leak in spi_mem_access_start
ASoC: pcm: DRAIN support reactivation
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
spi: stm32: fix reference leak in stm32_spi_resume
brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free}
arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7
arm64: dts: exynos: Correct psci compatible used on Exynos7
Bluetooth: Fix null pointer dereference in hci_event_packet()
Bluetooth: hci_h5: fix memory leak in h5_close
spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe
spi: tegra20-slink: fix reference leak in slink ops of tegra20
spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
spi: tegra114: fix reference leak in tegra spi ops
spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume
mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
selftest/bpf: Add missed ip6ip6 test back
ASoC: wm8998: Fix PM disable depth imbalance on error
spi: sprd: fix reference leak in sprd_spi_remove
ASoC: arizona: Fix a wrong free in wm8997_probe
RDMa/mthca: Work around -Wenum-conversion warning
MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
staging: greybus: codecs: Fix reference counter leak in error handling
staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c
media: tm6000: Fix sizeof() mismatches
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm()
media: v4l2-fwnode: Return -EINVAL for invalid bus-type
ASoC: meson: fix COMPILE_TEST error
scsi: core: Fix VPD LUN ID designator priorities
media: solo6x10: fix missing snd_card_free in error handling case
video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init()
drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
Input: ads7846 - fix race that causes missing releases
Input: ads7846 - fix integer overflow on Rt calculation
Input: ads7846 - fix unaligned access on 7845
usb/max3421: fix return error code in max3421_probe()
spi: mxs: fix reference leak in mxs_spi_probe
selftests/bpf: Fix broken riscv build
powerpc: Avoid broken GCC __attribute__((optimize))
powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId
crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd
crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe
spi: fix resource leak for drivers without .remove callback
soc: ti: knav_qmss: fix reference leak in knav_queue_probe
soc: ti: Fix reference imbalance in knav_dma_probe
drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
Input: omap4-keypad - fix runtime PM error handling
clk: meson: Kconfig: fix dependency for G12A
RDMA/cxgb4: Validate the number of CQEs
memstick: fix a double-free bug in memstick_check
ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
mmc: pxamci: Fix error return code in pxamci_probe
orinoco: Move context allocation after processing the skb
qtnfmac: fix error return code in qtnf_pcie_probe()
rsi: fix error return code in rsi_reset_card()
cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe()
arm64: tegra: Fix DT binding for IO High Voltage entry
media: siano: fix memory leak of debugfs members in smsdvb_hotplug
platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration
platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration
samples: bpf: Fix lwt_len_hist reusing previous BPF map
media: imx214: Fix stop streaming
mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
media: max2175: fix max2175_set_csm_mode() error code
slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI
HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
ARM: dts: Remove non-existent i2c1 from 98dx3236
arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name
arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc
power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching
power: supply: bq24190_charger: fix reference leak
genirq/irqdomain: Don't try to free an interrupt that has no mapping
arm64: dts: ls1028a: fix ENETC PTP clock input
arm64: dts: qcom: c630: Polish i2c-hid devices
PCI: Bounds-check command-line resource alignment requests
PCI: Fix overflow in command-line resource alignment requests
PCI: iproc: Fix out-of-bound array accesses
arm64: dts: meson: fix spi-max-frequency on Khadas VIM2
arm64: dts: meson-sm1: fix typo in opp table
soc: amlogic: canvas: add missing put_device() call in meson_canvas_get()
ARM: dts: at91: at91sam9rl: fix ADC triggers
platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init
ath10k: Fix the parsing error in service available event
ath10k: Fix an error handling path
ath10k: Release some resources in an error handling path
SUNRPC: rpc_wake_up() should wake up tasks in the correct order
NFSv4.2: condition READDIR's mask for security label based on LSM state
SUNRPC: xprt_load_transport() needs to support the netid "rdma6"
NFSv4: Fix the alignment of page data in the getdeviceinfo reply
net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs'
lockd: don't use interval-based rebinding over TCP
NFS: switch nfsiod to be an UNBOUND workqueue.
selftests/seccomp: Update kernel config
vfio-pci: Use io_remap_pfn_range() for PCI IO memory
hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
media: saa7146: fix array overflow in vidioc_s_audio()
powerpc/perf: Fix crash with is_sier_available when pmu is not set
powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S
clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path
clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent()
iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context
ARM: dts: at91: sama5d2: map securam as device
bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address()
pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
arm64: dts: rockchip: Fix UART pull-ups on rk3328
memstick: r592: Fix error return in r592_probe()
MIPS: Don't round up kernel sections size for memblock_add()
net/mlx5: Properly convey driver version to firmware
ASoC: jz4740-i2s: add missed checks for clk_get()
dm ioctl: fix error return code in target_message
phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure
clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne
clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI
cpufreq: ap806: Add missing MODULE_DEVICE_TABLE
cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE
cpufreq: qcom: Add missing MODULE_DEVICE_TABLE
cpufreq: st: Add missing MODULE_DEVICE_TABLE
cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE
cpufreq: loongson1: Add missing MODULE_ALIAS
cpufreq: scpi: Add missing MODULE_ALIAS
Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware()
Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware()
arm64: dts: meson: fix PHY deassert timing requirements
ARM: dts: meson: fix PHY deassert timing requirements
arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements
scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe
scsi: pm80xx: Fix error return in pm8001_pci_probe()
seq_buf: Avoid type mismatch for seq_buf_init
scsi: fnic: Fix error return code in fnic_probe()
platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems
powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops
powerpc/pseries/hibernation: remove redundant cacheinfo update
drm/mediatek: avoid dereferencing a null hdmi_phy on an error message
ASoC: amd: change clk_get() to devm_clk_get() and add missed checks
powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S
usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe
usb: oxu210hp-hcd: Fix memory leak in oxu_create
speakup: fix uninitialized flush_lock
nfsd: Fix message level for normal termination
nfs_common: need lock during iterate through the list
x86/kprobes: Restore BTF if the single-stepping is cancelled
platform/chrome: cros_ec_spi: Don't overwrite spi::mode
bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
s390/cio: fix use-after-free in ccw_device_destroy_console
iwlwifi: mvm: hook up missing RX handlers
erofs: avoid using generic_block_bmap
can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit
RDMA/core: Do not indicate device ready when device enablement fails
remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable
remoteproc: qcom: fix reference leak in adsp_start
remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio()
clk: tegra: Fix duplicated SE clock entry
mtd: rawnand: gpmi: fix reference count leak in gpmi ops
mtd: rawnand: meson: Fix a resource leak in init
mtd: rawnand: gpmi: Fix the random DMA timeout issue
extcon: max77693: Fix modalias string
crypto: atmel-i2c - select CONFIG_BITREVERSE
mac80211: don't set set TDLS STA bandwidth wider than possible
ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control()
irqchip/alpine-msi: Fix freeing of interrupts on allocation error path
watchdog: armada_37xx: Add missing dependency on HAS_IOMEM
watchdog: sirfsoc: Add missing dependency on HAS_IOMEM
watchdog: sprd: remove watchdog disable from resume fail path
watchdog: sprd: check busy bit before new loading rather than after that
watchdog: Fix potential dereferencing of null pointer
ubifs: Fix error return code in ubifs_init_authentication()
um: Monitor error events in IRQ controller
um: tty: Fix handling of close in tty lines
um: chan_xterm: Fix fd leak
sunrpc: fix xs_read_xdr_buf for partial pages receive
RDMA/cma: Don't overwrite sgid_attr after device is released
nfc: s3fwrn5: Release the nfc firmware
powerpc/ps3: use dma_mapping_error()
sparc: fix handling of page table constructor failure
mm: don't wake kswapd prematurely when watermark boosting is disabled
checkpatch: fix unescaped left brace
lan743x: fix rx_napi_poll/interrupt ping-pong
net: bcmgenet: Fix a resource leak in an error handling path in the probe functin
net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function
net: korina: fix return value
libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
watchdog: qcom: Avoid context switch in restart handler
watchdog: coh901327: add COMMON_CLK dependency
clk: ti: Fix memleak in ti_fapll_synth_setup
pwm: zx: Add missing cleanup in error path
pwm: lp3943: Dynamically allocate PWM chip base
perf record: Fix memory leak when using '--user-regs=?' to list registers
qlcnic: Fix error code in probe
virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed()
virtio_net: Fix error code in probe()
virtio_ring: Fix two use after free bugs
clk: at91: sam9x60: remove atmel,osc-bypass support
clk: s2mps11: Fix a resource leak in error handling paths in the probe function
clk: sunxi-ng: Make sure divider tables have sentinel
kconfig: fix return value of do_error_if()
perf probe: Fix memory leak when synthesizing SDT probes
ARM: sunxi: Add machine match for the Allwinner V3 SoC
cfg80211: initialize rekey_data
fix namespaced fscaps when !CONFIG_SECURITY
lwt: Disable BH too in run_lwt_bpf()
drm/amd/display: Prevent bandwidth overflow
drm/amdkfd: Fix leak in dmabuf import
Input: cros_ec_keyb - send 'scancodes' in addition to key events
initramfs: fix clang build failure
Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU
media: gspca: Fix memory leak in probe
media: sunxi-cir: ensure IR is handled when it is continuous
media: netup_unidvb: Don't leak SPI master in probe error path
media: ipu3-cio2: Remove traces of returned buffers
media: ipu3-cio2: Return actual subdev format
media: ipu3-cio2: Serialise access to pad format
media: ipu3-cio2: Validate mbus format in setting subdev format
media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE
Input: cyapa_gen6 - fix out-of-bounds stack access
ALSA: hda/ca0132 - Change Input Source enum strings.
PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup()
Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks"
ACPI: PNP: compare the string length in the matching_id()
ALSA: hda: Fix regressions on clear and reconfig sysfs
ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg.
ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop
ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256
ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255
ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: core: memalloc: add page alignment for iram
s390/smp: perform initial CPU reset also for SMT siblings
s390/kexec_file: fix diag308 subcode when loading crash kernel
s390/dasd: fix hanging device offline processing
s390/dasd: prevent inconsistent LCU device data
s390/dasd: fix list corruption of pavgroup group list
s390/dasd: fix list corruption of lcu list
binder: add flag to clear buffer on txn complete
ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams
staging: comedi: mf6x4: Fix AI end-of-conversion detection
perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY
perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake
powerpc/perf: Exclude kernel samples while counting events in user space.
crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata
EDAC/i10nm: Use readl() to access MMIO registers
EDAC/amd64: Fix PCI component registration
cpuset: fix race between hotplug work and later CPU offline
USB: serial: mos7720: fix parallel-port state restore
USB: serial: digi_acceleport: fix write-wakeup deadlocks
USB: serial: keyspan_pda: fix dropped unthrottle interrupts
USB: serial: keyspan_pda: fix write deadlock
USB: serial: keyspan_pda: fix stalled writes
USB: serial: keyspan_pda: fix write-wakeup use-after-free
USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
USB: serial: keyspan_pda: fix write unthrottling
btrfs: do not shorten unpin len for caching block groups
btrfs: trim: fix underflow in trim length to prevent access beyond device boundary
ext4: fix a memory leak of ext4_free_data
ext4: fix deadlock with fs freezing and EA inodes
KVM: arm64: Introduce handling of AArch32 TTBCR2 traps
ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES
ARM: dts: at91: sama5d2: fix CAN message ram offset and size
xprtrdma: Fix XDRBUF_SPARSE_PAGES support
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter
powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE
powerpc/xmon: Change printk() to pr_cont()
powerpc/8xx: Fix early debug when SMC1 is relocated
powerpc/mm: Fix verification of MMU_FTR_TYPE_44x
powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU
powerpc/powernv/memtrace: Don't leak kernel memory to user space
powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently
ima: Don't modify file descriptor mode on the fly
um: Remove use of asprinf in umid.c
ceph: fix race in concurrent __ceph_remove_cap invocations
SMB3: avoid confusing warning message on mount to Azure
ubifs: wbuf: Don't leak kernel memory to flash
jffs2: Fix GC exit abnormally
jffs2: Fix ignoring mounting options problem during remounting
jfs: Fix array index bounds check in dbAdjTree
platform/x86: mlx-platform: remove an unused variable
drm/amd/display: Fix memory leaks in S3 resume
drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor()
drm/i915: Fix mismatch between misplaced vma check and vma insert
spi: pxa2xx: Fix use-after-free on unbind
spi: spi-sh: Fix use-after-free on unbind
spi: atmel-quadspi: Fix use-after-free on unbind
spi: davinci: Fix use-after-free on unbind
spi: fsl: fix use of spisel_boot signal on MPC8309
spi: gpio: Don't leak SPI master in probe error path
spi: mxic: Don't leak SPI master in probe error path
spi: pic32: Don't leak DMA channels in probe error path
spi: rb4xx: Don't leak SPI master in probe error path
spi: sc18is602: Don't leak SPI master in probe error path
spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path
spi: synquacer: Disable clock in probe error path
spi: mt7621: Disable clock in probe error path
spi: mt7621: Don't leak SPI master in probe error path
spi: atmel-quadspi: Disable clock in probe error path
spi: atmel-quadspi: Fix AHB memory accesses
soc: qcom: smp2p: Safely acquire spinlock without IRQs
mtd: spinand: Fix OOB read
mtd: parser: cmdline: Fix parsing of part-names with colons
mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read
mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments
scsi: qla2xxx: Fix crash during driver load on big endian machines
scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc()
scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()
iio: buffer: Fix demux update
iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume
iio:light:rpr0521: Fix timestamp alignment and prevent data leak.
iio:light:st_uvis25: Fix timestamp alignment and prevent data leak.
iio:magnetometer:mag3110: Fix alignment and data leak issues.
iio:pressure:mpl3115: Force alignment of buffer
iio:imu:bmi160: Fix too large a buffer.
iio:adc:ti-ads124s08: Fix buffer being too long.
iio:adc:ti-ads124s08: Fix alignment and data leak issues.
md/cluster: block reshape with remote resync job
md/cluster: fix deadlock when node is doing resync job
pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler
clk: ingenic: Fix divider calculation with div tables
clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9
clk: tegra: Do not return 0 on failure
device-dax/core: Fix memory leak when rmmod dax.ko
dma-buf/dma-resv: Respect num_fences when initializing the shared fence list.
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
xen/xenbus: Allow watches discard events before queueing
xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path()
xen/xenbus/xen_bus_type: Support will_handle watch callback
xen/xenbus: Count pending messages for each watch
xenbus/xenbus_backend: Disallow pending watch messages
libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels
platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12
PCI: Fix pci_slot_release() NULL pointer dereference
regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x
rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time
Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"
x86/CPU/AMD: Save AMD NodeId as cpu_die_id
Linux 5.4.86
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: If271639b9a7c833718f8cfdfbacce5affe7f4189
|
||
Roberto Sassu
|
26d72a8460 |
ima: Don't modify file descriptor mode on the fly
commit 207cdd565dfc95a0a5185263a567817b7ebf5467 upstream. Commit |
||
|
Greg Kroah-Hartman
|
5a742c2b56 |
This is the 5.4.82 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/PSigACgkQONu9yGCS aT6bSw//eDCpWcnLDa1Rt4bOrnO82484ebr1PZeYPfca/3QVS59j8DsVOf6Xklmz z2ponI6SRFxZwO2SmXrfoiOhUVI9Kd3ohTH+LSo3ezpk0klamIf60L914RBc7QFE wmVgOPz5LwLxfkU5a148/H4rwLGlM9oBxVcCXpnLkN03Ul4JM/P6A/T3rFrX8ZkW 3r4NYu3jOHgNz+irosW8zAea+jIf7ALg4Gch3ILwrbM4KSQiyXbAp0mJsY+li7HE BSa1RJHBXkqCwK/mWT4LWuJNf871T656kKr04/rxipRu2lEcGCPghO4DGba1mjqR NdnuMWBjoxetlRAbWOylWT+2ngQNx+E9hFrBxg1+js/mcHvfpeM4EuSK4YCnI7rO 6r5JZqYdw7GGHqvy51JPLx1m+NMt8XhTp5+1vOIZhjtdNrcTMBz0kxIiGbvTwdlb BbO+LDjmBmQYwmTcadbBPPMRLKnvx5bbNtTAzdwkvYEC8ev5RfxebFO/StTbmVRd JIUKkwmNw803OjhMgs+dXVw0lX8C1nLSSROKHf4+lCGFhCDnDhos5DpKpfBIwXxP Xv0Uf1YA4ygFVId+kuJOoXWNBkzB6UOlKMxoU1YcuRwpZHFk8b+MvTAzaCbSSl3A nJT6CK3K3H6WSiF9PC8i85kFJbAJbwifjx904nGBekaqU0bgI+s= =Faec -----END PGP SIGNATURE----- Merge 5.4.82 into android11-5.4-lts Changes in 5.4.82 devlink: Hold rtnl lock while reading netdev attributes ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init net/af_iucv: set correct sk_protocol for child sockets net/tls: missing received data after fast remote close net/tls: Protect from calling tls_dev_del for TLS RX twice rose: Fix Null pointer dereference in rose_send_frame() sock: set sk_err to ee_errno on dequeue from errq tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control tun: honor IOCB_NOWAIT flag usbnet: ipheth: fix connectivity with iOS 14 bonding: wait for sysfs kobject destruction before freeing struct slave staging/octeon: fix up merge error ima: extend boot_aggregate with kernel measurements sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal ipv4: Fix tos mask in inet_rtm_getroute() dt-bindings: net: correct interrupt flags in examples chelsio/chtls: fix panic during unload reload chtls ibmvnic: Ensure that SCRQ entry reads are correctly ordered ibmvnic: Fix TX completion error handling inet_ecn: Fix endianness of checksum update when setting ECT(1) geneve: pull IP header before ECN decapsulation net: ip6_gre: set dev->hard_header_len when using header_ops net/x25: prevent a couple of overflows cxgb3: fix error return code in t3_sge_alloc_qset() net: pasemi: fix error return code in pasemi_mac_open() vxlan: fix error return code in __vxlan_dev_create() chelsio/chtls: fix a double free in chtls_setkey() net: mvpp2: Fix error return code in mvpp2_open() net: skbuff: ensure LSE is pullable before decrementing the MPLS ttl net: openvswitch: ensure LSE is pullable before reading it net/sched: act_mpls: ensure LSE is pullable before reading it net/mlx5: DR, Proper handling of unsupported Connect-X6DX SW steering net/mlx5: Fix wrong address reclaim when command interface is down ALSA: usb-audio: US16x08: fix value count for level meters Input: xpad - support Ardwiino Controllers Input: i8042 - add ByteSpeed touchpad to noloop table tracing: Remove WARN_ON in start_thread() RDMA/i40iw: Address an mmap handler exploit in i40iw Linux 5.4.82 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie7c035895e3413f7a58012c372cfc64deb2e6081 |
||
Maurizio Drocco
|
c4405cdf96 |
ima: extend boot_aggregate with kernel measurements
[ Upstream commit 20c59ce010f84300f6c655d32db2610d3433f85c ] Registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled). IMA should include them in the boot aggregate. Registers 8-9 should be only included in non-SHA1 digests to avoid ambiguity. Signed-off-by: Maurizio Drocco <maurizio.drocco@ibm.com> Reviewed-by: Bruno Meneguele <bmeneg@redhat.com> Tested-by: Bruno Meneguele <bmeneg@redhat.com> (TPM 1.2, TPM 2.0) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
15fd930b92 |
This is the 5.4.74 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+elYEACgkQONu9yGCS aT4DfQ/+OoCvKzPm/gxmJejGNUvagBhMLXxNw62jvmLwHnagWNchXMQEoplmwpIz D3FeSnH6VjBj8QfXCzxZJVazuPNaiSfxrwvaboakvVnvJw66rC0LgiXUJ5MuMhmr YVBJ9YfA73Lpv96ySrXWdqEO6QIMgYnlR95Ep+33IBUb5x2QuQB+8ho+qQ3h6I4r uoVAzFLaliCpRF/Hz9pwjZjSo3zDbyYx29XVFXYkrHn8cJWE6oBZtNo+K1cyY3wH dNY9CXPRh4oC5G+w579m5GvnW5Ac5hTHKONNURCu9NgsEJgHfpuXXiK+ve1yS7xa LFj1qFuYW90scgvmcx/YSKIWkNdCGCsqLlp3OJwVDm573touy6NZOag5GW2S35iD GcPRvJjWHay8NJSwKteKN9YH92xBxaSWJalrIQcY4Q4VAgJpXizIxZskGieWRdYv 2XrSAOyXfSPP3nEsRXANEC2RY38Vp6zQt5G4a5duvztNU8knRjuQijMU7vvUbjvU V7D+kpamoqSiEkKmPYi3ViH80BkBNaxVrh54AMW9BQiFxUum5X/8sD7PDnKg+p8R tPPFsFHKAyVSQQe/7VlAfDq1D9xCfgfzA4TiMYqseyBBFs4UZ1dkLBQTL7Xza9ma H4NrA6SQibzYXH5F8OPWFqLPye1hmzAvojhskLk6ijeCw+koLk4= =zfx+ -----END PGP SIGNATURE----- Merge 5.4.74 into android11-5.4-lts Changes in 5.4.74 netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_create socket: don't clear SOCK_TSTAMP_NEW when SO_TIMESTAMPNS is disabled objtool: Support Clang non-section symbols in ORC generation scripts/setlocalversion: make git describe output more reliable arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs arm64: link with -z norelro regardless of CONFIG_RELOCATABLE x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled efivarfs: Replace invalid slashes with exclamation marks in dentries. bnxt_en: Check abort error state in bnxt_open_nic(). bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally. chelsio/chtls: fix deadlock issue chelsio/chtls: fix memory leaks in CPL handlers chelsio/chtls: fix tls record info to user cxgb4: set up filter action after rewrites gtp: fix an use-before-init in gtp_newlink() ibmvnic: fix ibmvnic_set_mac mlxsw: core: Fix memory leak on module removal netem: fix zero division in tabledist net/sched: act_mpls: Add softdep on mpls_gso.ko r8169: fix issue with forced threading in combination with shared interrupts ravb: Fix bit fields checking in ravb_hwtstamp_get() tcp: Prevent low rmem stalls with SO_RCVLOWAT. tipc: fix memory leak caused by tipc_buf_append() net: hns3: Clear the CMDQ registers before unmapping BAR region bnxt_en: Re-write PCI BARs after PCI fatal error. bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one(). bnxt_en: Invoke cancel_delayed_work_sync() for PFs also. erofs: avoid duplicated permission check for "trusted." xattrs arch/x86/amd/ibs: Fix re-arming IBS Fetch x86/xen: disable Firmware First mode for correctable memory errors ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 fuse: fix page dereference after free bpf: Fix comment for helper bpf_current_task_under_cgroup() evm: Check size of security.evm before using it p54: avoid accessing the data mapped to streaming DMA cxl: Rework error message for incompatible slots RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() mtd: lpddr: Fix bad logic in print_drs_error serial: qcom_geni_serial: To correct QUP Version detection logic serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt PM: runtime: Fix timer_expires data type on 32-bit arches ata: sata_rcar: Fix DMA boundary mask xen/gntdev.c: Mark pages as dirty crypto: x86/crc32c - fix building with clang ias openrisc: Fix issue with get_user for 64-bit values misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() phy: marvell: comphy: Convert internal SMCC firmware return codes to errno Linux 5.4.74 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I33acff93a227456d73b104b89a902df744de0db9 |
||
|
Roberto Sassu
|
801863f634 |
evm: Check size of security.evm before using it
commit 455b6c9112eff8d249e32ba165742085678a80a4 upstream.
This patch checks the size for the EVM_IMA_XATTR_DIGSIG and
EVM_XATTR_PORTABLE_DIGSIG types to ensure that the algorithm is read from
the buffer returned by vfs_getxattr_alloc().
Cc: stable@vger.kernel.org # 4.19.x
Fixes:
|
||
|
Greg Kroah-Hartman
|
7ee5d73d3e |
This is the 5.4.73 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+ahE8ACgkQONu9yGCS
aT4j1A/9HzkKKoqZ2vXYQ1/uEnUqZech9ly1KxpNTBrSZYAtx3MaWY7tGDEx2BqD
y6iw9x4MymhHEbpwLg6YmmdWuMQLNNYJGoyLiPJgWhkE4c7zHadhNz1DcPEI8F7z
bSlUJ3Oebr8gzv0FvUmeVXw7Z2EuOqM1zGgTAZfnKY3DkYHbLnrzUJ4AiI8TNeba
pPIhjfIJ1TvhF+s5ggf2m8OtSWLZ0doCWCPmCFe2WyERX2WYCzPgsm0yL7L7oXME
ZqWpOcClBsiYekBNcZ4kxozhJtArCnv24n9VoXJ/YJIlWKvCA6uC8r527nGN/z08
dfFelj1nDs7/VrCSP4+109EjxLQnSYGgIWP0g0OsC+9wOmrQsYJ1azP1eNjm+NuC
hPa8uYVEZxwVyJuEfu4ZB4NMZBlD2qnHoskvBKbyZ8yaVnbvlMp552XMwsmJBpCs
8wArzabrJEz396LUUIYG829D7NBDuRav1Miu+FTzlbn+xZ/Y/S8OmhoG2stWa4wV
y5x0M0DWgrqiZ9rMkz9A03UNnCInQVTfIBoMl63xFitW4/0vLsln3+CjzlKm7H46
rD/tKACUoCDjR5DN+JwQzmTdL9zBb4p1cXwWjWb6rON3BkXmO0JVAxzurxI9PfX0
ZWDydZ3HNmrm0d3J12zf3kTX56PfPFAGWUsEc4Ntb5zdWXSQJsE=
=fZ3T
-----END PGP SIGNATURE-----
Merge 5.4.73 into android11-5.4-lts
Changes in 5.4.73
ibmveth: Switch order of ibmveth_helper calls.
ibmveth: Identify ingress large send packets.
ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
mlx4: handle non-napi callers to napi_poll
net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
net: fec: Fix PHY init after phy_reset_after_clk_enable()
net: fix pos incrementment in ipv6_route_seq_next
net/smc: fix valid DMBE buffer sizes
net/tls: sendfile fails with ktls offload
net: usb: qmi_wwan: add Cellient MPL200 card
tipc: fix the skb_unshare() in tipc_buf_append()
socket: fix option SO_TIMESTAMPING_NEW
can: m_can_platform: don't call m_can_class_suspend in runtime suspend
can: j1935: j1939_tp_tx_dat_new(): fix missing initialization of skbcnt
net: j1939: j1939_session_fresh_new(): fix missing initialization of skbcnt
net/ipv4: always honour route mtu during forwarding
net_sched: remove a redundant goto chain check
r8169: fix data corruption issue on RTL8402
cxgb4: handle 4-tuple PEDIT to NAT mode translation
binder: fix UAF when releasing todo list
ALSA: bebob: potential info leak in hwdep_read()
ALSA: hda: fix jack detection with Realtek codecs when in D3
ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close
nvme-pci: disable the write zeros command for Intel 600P/P3100
chelsio/chtls: fix socket lock
chelsio/chtls: correct netdevice for vlan interface
chelsio/chtls: correct function return and return type
ibmvnic: save changed mac address to adapter->mac_addr
net: ftgmac100: Fix Aspeed ast2600 TX hang issue
net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup
net: Properly typecast int values to set sk_max_pacing_rate
net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
nexthop: Fix performance regression in nexthop deletion
nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download()
r8169: fix operation under forced interrupt threading
selftests: forwarding: Add missing 'rp_filter' configuration
selftests: rtnetlink: load fou module for kci_test_encap_fou() test
tcp: fix to update snd_wl1 in bulk receiver fast path
icmp: randomize the global rate limiter
ALSA: hda/realtek - The front Mic on a HP machine doesn't work
ALSA: hda/realtek - set mic to auto detect on a HP AIO machine
ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
cifs: remove bogus debug code
cifs: Return the error from crypt_message when enc/dec key not found.
SMB3: Resolve data corruption of TCP server info fields
KVM: nVMX: Reset the segment cache when stuffing guest segs
KVM: nVMX: Reload vmcs01 if getting vmcs12's pages fails
KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
KVM: SVM: Initialize prev_ga_tag before use
ima: Don't ignore errors from crypto_shash_update()
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
crypto: caam/qi - add fallback for XTS with more than 8B IV
EDAC/i5100: Fix error handling order in i5100_init_one()
EDAC/aspeed: Fix handling of platform_get_irq() error
EDAC/ti: Fix handling of platform_get_irq() error
perf/x86/intel/ds: Fix x86_pmu_stop warning for large PEBS
x86/fpu: Allow multiple bits in clearcpuid= parameter
drivers/perf: xgene_pmu: Fix uninitialized resource struct
drivers/perf: thunderx2_pmu: Fix memory resource error handling
sched/fair: Fix wrong cpu selecting from isolated domain
perf/x86/intel/uncore: Update Ice Lake uncore units
perf/x86/intel/uncore: Reduce the number of CBOX counters
x86/nmi: Fix nmi_handle() duration miscalculation
x86/events/amd/iommu: Fix sizeof mismatch
crypto: algif_skcipher - EBUSY on aio should be an error
crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
crypto: picoxcell - Fix potential race condition bug
media: tuner-simple: fix regression in simple_set_radio_freq
media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()"
media: ov5640: Correct Bit Div register in clock tree diagram
media: m5mols: Check function pointer in m5mols_sensor_power
media: uvcvideo: Set media controller entity functions
media: uvcvideo: Silence shift-out-of-bounds warning
media: staging/intel-ipu3: css: Correctly reset some memory
media: omap3isp: Fix memleak in isp_probe
media: i2c: ov5640: Remain in power down for DVP mode unless streaming
media: i2c: ov5640: Separate out mipi configuration from s_power
media: i2c: ov5640: Enable data pins on poweron for DVP mode
media: rcar_drif: Fix fwnode reference leak when parsing DT
media: rcar_drif: Allocate v4l2_async_subdev dynamically
media: rcar-csi2: Allocate v4l2_async_subdev dynamically
crypto: omap-sham - fix digcnt register handling with export/import
hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
cypto: mediatek - fix leaks in mtk_desc_ring_alloc
media: mx2_emmaprp: Fix memleak in emmaprp_probe
media: tc358743: initialize variable
media: tc358743: cleanup tc358743_cec_isr
media: rcar-vin: Fix a reference count leak.
media: rockchip/rga: Fix a reference count leak.
media: platform: fcp: Fix a reference count leak.
media: camss: Fix a reference count leak.
media: s5p-mfc: Fix a reference count leak
media: stm32-dcmi: Fix a reference count leak
media: ti-vpe: Fix a missing check and reference count leak
regulator: resolve supply after creating regulator
pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
spi: spi-s3c64xx: Check return values
blk-mq: move cancel of hctx->run_work to the front of blk_exit_queue
ath10k: provide survey info as accumulated data
drm/vkms: fix xrgb on compute crc
Bluetooth: hci_uart: Cancel init work before unregistering
drm/amd/display: Fix wrong return value in dm_update_plane_state()
drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path
wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
ASoC: qcom: lpass-platform: fix memory leak
ASoC: qcom: lpass-cpu: fix concurrency issue
brcmfmac: check ndev pointer
mwifiex: Do not use GFP_KERNEL in atomic context
staging: rtl8192u: Do not use GFP_KERNEL in atomic context
drm/gma500: fix error check
scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg()
scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba()
scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
backlight: sky81452-backlight: Fix refcount imbalance on error
staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
VMCI: check return value of get_user_pages_fast() for errors
mm/error_inject: Fix allow_error_inject function signatures.
drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel
drm/crc-debugfs: Fix memleak in crc_control_write
binder: Remove bogus warning on failed same-process transaction
tty: serial: earlycon dependency
tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup()
pty: do tty_flip_buffer_push without port->lock in pty_write
pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
pwm: lpss: Add range limit check for the base_unit register value
drivers/virt/fsl_hypervisor: Fix error handling path
video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
video: fbdev: sis: fix null ptr dereference
video: fbdev: radeon: Fix memleak in radeonfb_pci_register
ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe()
HID: roccat: add bounds checking in kone_sysfs_write_settings()
drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check()
drm/panfrost: Ensure GPU quirks are always initialised
iomap: Clear page error before beginning a write
pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
pinctrl: mcp23s08: Fix mcp23x17 precious range
net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow
scsi: mpt3sas: Fix sync irqs
net: stmmac: use netif_tx_start|stop_all_queues() function
cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE
drm: mxsfb: check framebuffer pitch
coresight: etm4x: Handle unreachable sink in perf mode
xhci: don't create endpoint debugfs entry before ring buffer is set.
net: dsa: rtl8366: Check validity of passed VLANs
net: dsa: rtl8366: Refactor VLAN/PVID init
net: dsa: rtl8366: Skip PVID setting if not requested
net: wilc1000: clean up resource in error path of init mon interface
ASoC: tlv320aic32x4: Fix bdiv clock rate derivation
net: dsa: rtl8366rb: Support all 4096 VLANs
spi: omap2-mcspi: Improve performance waiting for CHSTAT
ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
dmaengine: dmatest: Check list for emptiness before access its last entry
misc: mic: scif: Fix error handling path
ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
usb: dwc2: Fix parameter type in function pointer prototype
quota: clear padding in v2r1_mem2diskdqb()
slimbus: core: check get_addr before removing laddr ida
slimbus: core: do not enter to clock pause mode in core
slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback
ASoC: fsl_sai: Instantiate snd_soc_dai_driver
HID: hid-input: fix stylus battery reporting
nvmem: core: fix possibly memleak when use nvmem_cell_info_to_nvmem_cell()
nl80211: fix OBSS PD min and max offset validation
coresight: etm: perf: Fix warning caused by etm_setup_aux failure
ibmvnic: set up 200GBPS speed
qtnfmac: fix resource leaks on unsupported iftype error return path
iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling
net: enic: Cure the enic api locking trainwreck
mfd: sm501: Fix leaks in probe()
iwlwifi: mvm: split a print to avoid a WARNING in ROC
usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
nl80211: fix non-split wiphy information
usb: dwc2: Fix INTR OUT transfers in DDMA mode.
scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
ipmi_si: Fix wrong return value in try_smi_init()
platform/x86: mlx-platform: Remove PSU EEPROM configuration
mwifiex: fix double free
ipvs: clear skb->tstamp in forwarding path
net: korina: fix kfree of rx/tx descriptor array
netfilter: nf_log: missing vlan offload tag and proto
mm/swapfile.c: fix potential memory leak in sys_swapon
mm/memcg: fix device private memcg accounting
mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
fs: fix NULL dereference due to data race in prepend_path()
selftests/ftrace: Change synthetic event name for inter-event-combined test
i3c: master add i3c_master_attach_boardinfo to preserve boardinfo
IB/mlx4: Fix starvation in paravirt mux/demux
IB/mlx4: Adjust delayed work when a dup is observed
powerpc/pseries: Fix missing of_node_put() in rng_init()
powerpc/icp-hv: Fix missing of_node_put() in success path
RDMA/ucma: Fix locking for ctx->events_reported
RDMA/ucma: Add missing locking around rdma_leave_multicast()
mtd: lpddr: fix excessive stack usage with clang
RDMA/hns: Add a check for current state before modifying QP
RDMA/umem: Fix signature of stub ib_umem_find_best_pgsz()
powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
pseries/drmem: don't cache node id in drmem_lmb struct
RDMA/mlx5: Fix potential race between destroy and CQE poll
mtd: mtdoops: Don't write panic data twice
ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
ida: Free allocated bitmap in error path
xfs: limit entries returned when counting fsmap records
xfs: fix deadlock and streamline xfs_getfsmap performance
xfs: fix high key handling in the rt allocator's query_range function
RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page boundary
RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz()
RDMA/qedr: Fix qp structure memory leak
RDMA/qedr: Fix use of uninitialized field
RDMA/qedr: Fix return code if accept is called on a destroyed qp
RDMA/qedr: Fix inline size returned for iWARP
powerpc/book3s64/hash/4k: Support large linear mapping range with 4K
powerpc/tau: Use appropriate temperature sample interval
powerpc/tau: Convert from timer to workqueue
powerpc/tau: Remove duplicated set_thresholds() call
powerpc/tau: Check processor type before enabling TAU interrupt
powerpc/tau: Disable TAU between measurements
powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm
RDMA/cma: Remove dead code for kernel rdmacm multicast
RDMA/cma: Consolidate the destruction of a cma_multicast in one place
perf intel-pt: Fix "context_switch event has no tid" error
RDMA/hns: Set the unsupported wr opcode
RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work
i40iw: Add support to make destroy QP synchronous
perf stat: Skip duration_time in setup_system_wide
RDMA/hns: Fix the wrong value of rnr_retry when querying qp
RDMA/hns: Fix missing sq_sig_type when querying QP
mtd: rawnand: vf610: disable clk on error handling path in probe
mtd: spinand: gigadevice: Only one dummy byte in QUADIO
mtd: spinand: gigadevice: Add QE Bit
kdb: Fix pager search for multi-line strings
overflow: Include header file with SIZE_MAX declaration
RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces
powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
powerpc/perf/hv-gpci: Fix starting index value
i3c: master: Fix error return in cdns_i3c_master_probe()
cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
IB/rdmavt: Fix sizeof mismatch
RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt()
maiblox: mediatek: Fix handling of platform_get_irq() error
selftests/powerpc: Fix eeh-basic.sh exit codes
f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
RDMA/rxe: Handle skb_clone() failure in rxe_recv.c
mm/page_owner: change split_page_owner to take a count
lib/crc32.c: fix trivial typo in preprocessor condition
ramfs: fix nommu mmap with gaps in the page cache
rapidio: fix error handling path
rapidio: fix the missed put_device() for rio_mport_add_riodev
mailbox: avoid timer start from callback
i2c: rcar: Auto select RESET_CONTROLLER
clk: meson: g12a: mark fclk_div2 as critical
PCI: aardvark: Check for errors from pci_bridge_emul_init() call
PCI: iproc: Set affinity mask on MSI interrupts
rpmsg: smd: Fix a kobj leak in in qcom_smd_parse_edge()
PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY
vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn
clk: qcom: gcc-sdm660: Fix wrong parent_map
clk: keystone: sci-clk: fix parsing assigned-clock data during probe
pwm: img: Fix null pointer access in probe
clk: rockchip: Initialize hw to error to avoid undefined behavior
clk: mediatek: add UART0 clock support
module: statically initialize init section freeing data
clk: at91: clk-main: update key before writing AT91_CKGR_MOR
clk: bcm2835: add missing release if devm_clk_hw_register fails
watchdog: Fix memleak in watchdog_cdev_register
watchdog: Use put_device on error
watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3
svcrdma: fix bounce buffers for unaligned offsets and multiple pages
ext4: limit entries returned when counting fsmap records
vfio/pci: Clear token on bypass registration failure
vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
clk: imx8mq: Fix usdhc parents order
SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
Input: stmfts - fix a & vs && typo
Input: ep93xx_keypad - fix handling of platform_get_irq() error
Input: omap4-keypad - fix handling of platform_get_irq() error
Input: twl4030_keypad - fix handling of platform_get_irq() error
Input: sun4i-ps2 - fix handling of platform_get_irq() error
KVM: x86: emulating RDPID failure shall return #UD rather than #GP
scsi: bfa: Fix error return in bfad_pci_init()
netfilter: conntrack: connection timeout after re-register
netfilter: ebtables: Fixes dropping of small packets in bridge nat
netfilter: nf_fwd_netdev: clear timestamp in forwarding path
arm64: dts: meson: vim3: correct led polarity
ARM: dts: imx6sl: fix rng node
ARM: at91: pm: of_node_put() after its usage
ARM: s3c24xx: fix mmc gpio lookup tables
ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator
arm64: dts: allwinner: h5: remove Mali GPU PMU module
memory: omap-gpmc: Fix a couple off by ones
memory: omap-gpmc: Fix build error without CONFIG_OF
memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
arm64: dts: imx8mq: Add missing interrupts to GPC
arm64: dts: qcom: msm8916: Remove one more thermal trip point unit name
arm64: dts: qcom: pm8916: Remove invalid reg size from wcd_codec
arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
arm64: dts: renesas: r8a77990: Fix MSIOF1 DMA channels
arm64: dts: renesas: r8a774c0: Fix MSIOF1 DMA channels
arm64: dts: actions: limit address range for pinctrl node
ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
soc: fsl: qbman: Fix return value on success
ARM: OMAP2+: Restore MPU power domain if cpu_cluster_pm_enter() fails
arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
ARM: dts: meson8: remove two invalid interrupt lines from the GPU node
lightnvm: fix out-of-bounds write to array devices->info[]
powerpc/powernv/dump: Fix race while processing OPAL dump
powerpc/pseries: Avoid using addr_to_pfn in real mode
nvmet: fix uninitialized work for zero kato
NTB: hw: amd: fix an issue about leak system resources
sched/features: Fix !CONFIG_JUMP_LABEL case
perf: correct SNOOPX field offset
i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs
md/bitmap: fix memory leak of temporary bitmap
block: ratelimit handle_bad_sector() message
crypto: ccp - fix error handling
x86/asm: Replace __force_order with a memory clobber
x86/mce: Add Skylake quirk for patrol scrub reported errors
media: firewire: fix memory leak
media: ati_remote: sanity check for both endpoints
media: st-delta: Fix reference count leak in delta_run_work
media: sti: Fix reference count leaks
media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak
media: vsp1: Fix runtime PM imbalance on error
media: platform: s3c-camif: Fix runtime PM imbalance on error
media: platform: sti: hva: Fix runtime PM imbalance on error
media: bdisp: Fix runtime PM imbalance on error
media: media/pci: prevent memory leak in bttv_probe
x86/mce: Make mce_rdmsrl() panic on an inaccessible MSR
media: uvcvideo: Ensure all probed info is returned to v4l2
mmc: sdio: Check for CISTPL_VERS_1 buffer size
media: saa7134: avoid a shift overflow
media: venus: fixes for list corruption
fs: dlm: fix configfs memory leak
media: venus: core: Fix runtime PM imbalance in venus_probe
ntfs: add check for mft record size in superblock
ip_gre: set dev->hard_header_len and dev->needed_headroom properly
mac80211: handle lack of sband->bitrates in rates
PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
scsi: mvumi: Fix error return in mvumi_io_attach()
scsi: target: core: Add CONTROL field for trace events
mic: vop: copy data to kernel space then write to io memory
misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc
usb: gadget: function: printer: fix use-after-free in __lock_acquire
udf: Limit sparing table size
udf: Avoid accessing uninitialized data on failed inode read
rtw88: increse the size of rx buffer size
USB: cdc-acm: handle broken union descriptors
usb: dwc3: simple: add support for Hikey 970
can: flexcan: flexcan_chip_stop(): add error handling and propagate error value
ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs()
drm/panfrost: add amlogic reset quirk callback
bpf: Limit caller's stack depth 256 for subprogs with tailcalls
misc: rtsx: Fix memory leak in rtsx_pci_probe
reiserfs: only call unlock_new_inode() if I_NEW
opp: Prevent memory leak in dev_pm_opp_attach_genpd()
xfs: make sure the rt allocator doesn't run off the end
usb: ohci: Default to per-port over-current protection
Bluetooth: Only mark socket zapped after unlocking
drm/msm/a6xx: fix a potential overflow issue
iomap: fix WARN_ON_ONCE() from unprivileged users
scsi: ibmvfc: Fix error return in ibmvfc_probe()
scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change
brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
rtl8xxxu: prevent potential memory leak
Fix use after free in get_capset_info callback.
HID: ite: Add USB id match for Acer One S1003 keyboard dock
scsi: qedf: Return SUCCESS if stale rport is encountered
scsi: qedi: Protect active command list to avoid list corruption
scsi: qedi: Fix list_del corruption while removing active I/O
fbmem: add margin check to fb_check_caps()
tty: ipwireless: fix error handling
Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb
ipvs: Fix uninit-value in do_ip_vs_set_ctl()
reiserfs: Fix memory leak in reiserfs_parse_options()
mwifiex: don't call del_timer_sync() on uninitialized timer
ALSA: hda/ca0132 - Add AE-7 microphone selection commands.
ALSA: hda/ca0132 - Add new quirk ID for SoundBlaster AE-7.
scsi: smartpqi: Avoid crashing kernel for controller issues
brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
usb: core: Solve race condition in anchor cleanup functions
scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
dmaengine: dw: Add DMA-channels mask cell support
dmaengine: dw: Activate FIFO-mode for memory peripherals only
ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
net: korina: cast KSEG0 address to pointer in kfree
s390/qeth: don't let HW override the configured port role
tty: serial: lpuart: fix lpuart32_write usage
tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
usb: cdns3: gadget: free interrupt after gadget has deleted
eeprom: at25: set minimum read/write access stride to 1
usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
Linux 5.4.73
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3245a6f313462f8b4ea408c7657a1027ab95b78c
|
||
|
Roberto Sassu
|
68e3b25444 |
ima: Don't ignore errors from crypto_shash_update()
commit 60386b854008adc951c470067f90a2d85b5d520f upstream.
Errors returned by crypto_shash_update() are not checked in
ima_calc_boot_aggregate_tfm() and thus can be overwritten at the next
iteration of the loop. This patch adds a check after calling
crypto_shash_update() and returns immediately if the result is not zero.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
c0b1779755 |
This is the 5.4.59 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl88xTwACgkQONu9yGCS
aT60Lw/9HV3JZ0KDYKHRRS/n4UWh2w7jHe5hwFTfX8/KibexzGzgV3gTaXsyQx75
Bj2ruJTGZKDvy+a9/IsjTe1v1/HPwPydDyfABNl/Rn8vQuyHzyyGzQo2owqGb57w
4wVuoqhPASn0n2QAMG05caAx1uqPlXcT/I4H8vpzieNEHbB/2TbwFiWvrDC2d+nw
mw1PkRmaFp2GSMOHSb68n2oYUv19EBHDtxF9WkwyftdKALQYz5x4O/n4lhpzMSmO
OeiUg/dpLi0bptL1SQAfaY/Lxa1gFb62YvP47WbWp/P6zespOInk2n8kmpoHxol3
MMZelRCdl9NtIKVXMEOFEv/asXPlF2wARGmNejGCYLaRqal1bH67yG4eja7biIJe
gr5OBOFVPol83sPAnb6V4P2SEs650WR95hshYpRL9lbmcHY4q5zoXVm9ul/Hp49R
qjjfxHDNQQoQgX4ZhEJLp2a5AEJUM4Kz28pZXHyczKYc2R6/AZWqHfnbQVURf+au
0xJ/tOFxn3yqRtTkmuuifkZcUTJ5iRnzxUUYiGyhTqZOTNZTD0FgiI+S7gckI//K
idoWGTszHZb6YkNBEwz4WJFtxCGpO95xgD95jOpJVxFcJ5f5PpfZE7RkXUDLR5UO
XzJopB3nOT1h3EoI3xq7aPDF1hKbkp+VRMWcVrBeP9KgcpLisS4=
=Tk2c
-----END PGP SIGNATURE-----
Merge 5.4.59 into android11-5.4
Changes in 5.4.59
tracepoint: Mark __tracepoint_string's __used
HID: input: Fix devices that return multiple bytes in battery report
nvme: add a Identify Namespace Identification Descriptor list quirk
fs/io_uring.c: Fix uninitialized variable is referenced in io_submit_sqe
clk: qcom: clk-rpmh: Wait for completion when enabling clocks
x86/mce/inject: Fix a wrong assignment of i_mce.status
sched/fair: Fix NOHZ next idle balance
sched: correct SD_flags returned by tl->sd_flags()
arm64: dts: rockchip: fix rk3368-lion gmac reset gpio
arm64: dts: rockchip: fix rk3399-puma vcc5v0-host gpio
arm64: dts: rockchip: fix rk3399-puma gmac reset gpio
EDAC: Fix reference count leaks
crc-t10dif: Fix potential crypto notify dead-lock
arm64: dts: qcom: msm8916: Replace invalid bias-pull-none property
blktrace: fix debugfs use after free
crypto: ccree - fix resource leak on error path
ARM: exynos: MCPM: Restore big.LITTLE cpuidle support
firmware: arm_scmi: Fix SCMI genpd domain probing
arm64: dts: exynos: Fix silent hang after boot on Espresso
sched/uclamp: Fix initialization of struct uclamp_rq
clk: scmi: Fix min and max rate when registering clocks with discrete rates
m68k: mac: Don't send IOP message until channel is idle
m68k: mac: Fix IOP status/control register writes
platform/x86: intel-hid: Fix return value check in check_acpi_dev()
platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
ARM: dts: gose: Fix ports node name for adv7180
ARM: dts: gose: Fix ports node name for adv7612
ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Add regulator supply to all CPU cores
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages
spi: lantiq: fix: Rx overflow error in full duplex mode
tpm: Require that all digests are present in TCG_PCR_EVENT2 structures
recordmcount: only record relocation of type R_AARCH64_CALL26 on arm64.
regulator: fix memory leak on error path of regulator_register()
io_uring: fix sq array offset calculation
spi: rockchip: Fix error in SPI slave pio read
ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh()
iocost: Fix check condition of iocg abs_vdebt
irqchip/ti-sci-inta: Fix return value about devm_ioremap_resource()
seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID
md: raid0/linear: fix dereference before null check on pointer mddev
nvme-tcp: fix controller reset hang during traffic
nvme-rdma: fix controller reset hang during traffic
nvme-multipath: fix logic for non-optimized paths
nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths
drm/tilcdc: fix leak & null ref in panel_connector_get_modes
soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
loop: be paranoid on exit and prevent new additions / removals
fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls
drm/amdgpu: avoid dereferencing a NULL pointer
drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
crypto: aesni - Fix build with LLVM_IAS=1
video: fbdev: savage: fix memory leak on error handling path in probe
video: fbdev: neofb: fix memory leak in neo_scan_monitor()
bus: ti-sysc: Add missing quirk flags for usb_host_hs
md-cluster: fix wild pointer of unlock_all_bitmaps()
drm/nouveau/kms/nv50-: Fix disabling dithering
arm64: dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding
drm/etnaviv: fix ref count leak via pm_runtime_get_sync
drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek
drm/nouveau: fix multiple instances of reference count leaks
mmc: sdhci-cadence: do not use hardware tuning for SD mode
btrfs: fix lockdep splat from btrfs_dump_space_info
usb: mtu3: clear dual mode of u3port when disable device
drm: msm: a6xx: fix gpu failure after system resume
drm/msm: Fix a null pointer access in msm_gem_shrinker_count()
drm/debugfs: fix plain echo to connector "force" attribute
drm/radeon: disable AGP by default
irqchip/irq-mtk-sysirq: Replace spinlock with raw_spinlock
mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls
drm/amdgpu/display bail early in dm_pp_get_static_clocks
drm/amd/powerplay: fix compile error with ARCH=arc
bpf: Fix fds_example SIGSEGV error
brcmfmac: keep SDIO watchdog running when console_interval is non-zero
brcmfmac: To fix Bss Info flag definition Bug
brcmfmac: set state of hanger slot to FREE when flushing PSQ
platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15
iwlegacy: Check the return value of pcie_capability_read_*()
gpu: host1x: debug: Fix multiple channels emitting messages simultaneously
ionic: update eid test for overflow
mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1
usb: gadget: net2280: fix memory leak on probe error handling paths
bdc: Fix bug causing crash after multiple disconnects
usb: bdc: Halt controller on suspend
dyndbg: fix a BUG_ON in ddebug_describe_flags
bcache: fix super block seq numbers comparision in register_cache_set()
ACPICA: Do not increment operation_region reference counts for field units
drm/msm: ratelimit crtc event overflow error
drm/gem: Fix a leak in drm_gem_objects_lookup()
drm/bridge: ti-sn65dsi86: Clear old error bits before AUX transfers
agp/intel: Fix a memory leak on module initialisation failure
mwifiex: Fix firmware filename for sd8977 chipset
mwifiex: Fix firmware filename for sd8997 chipset
btmrvl: Fix firmware filename for sd8977 chipset
btmrvl: Fix firmware filename for sd8997 chipset
video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
console: newport_con: fix an issue about leak related system resources
video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call
ath10k: Acquire tx_lock in tx error paths
iio: improve IIO_CONCENTRATION channel type description
drm/etnaviv: Fix error path on failure to enable bus clk
drm/arm: fix unintentional integer overflow on left shift
clk: bcm63xx-gate: fix last clock availability
leds: lm355x: avoid enum conversion warning
Bluetooth: btusb: fix up firmware download sequence
Bluetooth: btmtksdio: fix up firmware download sequence
media: cxusb-analog: fix V4L2 dependency
media: marvell-ccic: Add missed v4l2_async_notifier_cleanup()
media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities()
ASoC: SOF: nocodec: add missing .owner field
ASoC: Intel: bxt_rt298: add missing .owner field
scsi: cumana_2: Fix different dev_id between request_irq() and free_irq()
drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline
cxl: Fix kobject memleak
drm/radeon: fix array out-of-bounds read and write issues
staging: vchiq_arm: Add a matching unregister call
iavf: fix error return code in iavf_init_get_resources()
iavf: Fix updating statistics
RDMA/core: Fix bogus WARN_ON during ib_unregister_device_queued()
scsi: powertec: Fix different dev_id between request_irq() and free_irq()
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
ipvs: allow connection reuse for unconfirmed conntrack
media: firewire: Using uninitialized values in node_probe()
media: exynos4-is: Add missed check for pinctrl_lookup_state()
media: cros-ec-cec: do not bail on device_init_wakeup failure
xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork
xfs: fix reflink quota reservation accounting error
RDMA/rxe: Skip dgid check in loopback mode
PCI: Fix pci_cfg_wait queue locking problem
drm/stm: repair runtime power management
kobject: Avoid premature parent object freeing in kobject_cleanup()
leds: core: Flush scheduled work for system suspend
drm: panel: simple: Fix bpc for LG LB070WV8 panel
phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY
drm/bridge: sil_sii8620: initialize return of sii8620_readb
scsi: scsi_debug: Add check for sdebug_max_queue during module init
mwifiex: Prevent memory corruption handling keys
kernfs: do not call fsnotify() with name without a parent
powerpc/rtas: don't online CPUs for partition suspend
powerpc/vdso: Fix vdso cpu truncation
RDMA/qedr: SRQ's bug fixes
RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue
ima: Have the LSM free its audit rule
staging: rtl8192u: fix a dubious looking mask before a shift
ASoC: meson: fixes the missed kfree() for axg_card_add_tdm_loopback
PCI/ASPM: Add missing newline in sysfs 'policy'
phy: renesas: rcar-gen3-usb2: move irq registration to init
powerpc/book3s64/pkeys: Use PVR check instead of cpu feature
drm/imx: fix use after free
drm/imx: tve: fix regulator_disable error path
gpu: ipu-v3: Restore RGB32, BGR32
spi: lantiq-ssc: Fix warning by using WQ_MEM_RECLAIM
USB: serial: iuu_phoenix: fix led-activity helpers
usb: core: fix quirks_param_set() writing to a const pointer
thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor()
coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb()
powerpc/perf: Fix missing is_sier_aviable() during build
mt76: mt7615: fix potential memory leak in mcu message handler
phy: armada-38x: fix NETA lockup when repeatedly switching speeds
MIPS: OCTEON: add missing put_device() call in dwc3_octeon_device_init()
usb: dwc2: Fix error path in gadget registration
usb: gadget: f_uac2: fix AC Interface Header Descriptor wTotalLength
scsi: megaraid_sas: Clear affinity hint
scsi: mesh: Fix panic after host or bus reset
net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
macintosh/via-macii: Access autopoll_devs when inside lock
PCI: cadence: Fix updating Vendor ID and Subsystem Vendor ID register
RDMA/core: Fix return error value in _ib_modify_qp() to negative
Smack: fix another vsscanf out of bounds
Smack: prevent underflow in smk_set_cipso()
power: supply: check if calc_soc succeeded in pm860x_init_battery
Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags
Bluetooth: hci_serdev: Only unregister device if it was registered
net: dsa: rtl8366: Fix VLAN semantics
net: dsa: rtl8366: Fix VLAN set-up
xfs: fix inode allocation block res calculation precedence
selftests/powerpc: Squash spurious errors due to device removal
powerpc/32s: Fix CONFIG_BOOK3S_601 uses
powerpc/boot: Fix CONFIG_PPC_MPC52XX references
selftests/powerpc: Fix CPU affinity for child process
RDMA/netlink: Remove CAP_NET_RAW check when dump a raw QP
PCI: Release IVRS table in AMD ACS quirk
cpufreq: ap806: fix cpufreq driver needs ap cpu clk
selftests/powerpc: Fix online CPU selection
ASoC: meson: axg-tdm-interface: fix link fmt setup
ASoC: meson: axg-tdmin: fix g12a skew
ASoC: meson: axg-tdm-formatters: fix sclk inversion
ASoC: fsl_sai: Fix value of FSL_SAI_CR1_RFW_MASK
s390/qeth: don't process empty bridge port events
ice: Graceful error handling in HW table calloc failure
rtw88: fix LDPC field for RA info
rtw88: fix short GI capability based on current bandwidth
rtw88: coex: only skip coex triggered by BT info
wl1251: fix always return 0 error
tools, build: Propagate build failures from tools/build/Makefile.build
tools, bpftool: Fix wrong return value in do_dump()
net/mlx5: DR, Change push vlan action sequence
net/mlx5: Delete extra dump stack that gives nothing
net: ethernet: aquantia: Fix wrong return value
liquidio: Fix wrong return value in cn23xx_get_pf_num()
net: spider_net: Fix the size used in a 'dma_free_coherent()' call
fsl/fman: use 32-bit unsigned integer
fsl/fman: fix dereference null return value
fsl/fman: fix unreachable code
fsl/fman: check dereferencing null pointer
fsl/fman: fix eth hash table allocation
net: thunderx: initialize VF's mailbox mutex before first usage
dlm: Fix kobject memleak
ocfs2: fix unbalanced locking
pinctrl-single: fix pcs_parse_pinconf() return value
svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
SUNRPC: Fix ("SUNRPC: Add "@len" parameter to gss_unwrap()")
x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task
crypto: aesni - add compatibility with IAS
af_packet: TPACKET_V3: fix fill status rwlock imbalance
drivers/net/wan/lapbether: Added needed_headroom and a skb->len check
net: Fix potential memory leak in proto_register()
net/nfc/rawsock.c: add CAP_NET_RAW check.
net: phy: fix memory leak in device-create error path
net: Set fput_needed iff FDPUT_FPUT is set
net/tls: Fix kmap usage
tcp: correct read of TFO keys on big endian systems
vmxnet3: use correct tcp hdr length when packet is encapsulated
net: refactor bind_bucket fastreuse into helper
net: initialize fastreuse on inet_inherit_port
USB: serial: cp210x: re-enable auto-RTS on open
USB: serial: cp210x: enable usb generic throttle/unthrottle
ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
9p: Fix memory leak in v9fs_mount
media: media-request: Fix crash if memory allocation fails
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
io_uring: set ctx sq/cq entry count earlier
NFS: Don't move layouts to plh_return_segs list while in use
NFS: Don't return layout segments that are in use
cpufreq: Fix locking issues with governors
cpufreq: dt: fix oops on armada37xx
include/asm-generic/vmlinux.lds.h: align ro_after_init
spi: spidev: Align buffers for DMA
mtd: rawnand: qcom: avoid write to unavailable register
erofs: fix extended inode could cross boundary
Revert "parisc: Drop LDCW barrier in CAS code when running UP"
Revert "parisc: Use ldcw instruction for SMP spinlock release barrier"
Revert "parisc: Revert "Release spinlocks using ordered store""
parisc: Do not use an ordered store in pa_tlb_lock()
parisc: Implement __smp_store_release and __smp_load_acquire barriers
parisc: mask out enable and reserved bits from sba imask
ARM: 8992/1: Fix unwind_frame for clang-built kernels
irqdomain/treewide: Free firmware node after domain removal
ALSA: usb-audio: add quirk for Pioneer DDJ-RB
tpm: Unify the mismatching TPM space buffer sizes
pstore: Fix linking when crypto API disabled
crypto: hisilicon - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
crypto: qat - fix double free in qat_uclo_create_batch_init_list
crypto: ccp - Fix use of merged scatterlists
crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
bitfield.h: don't compile-time validate _val in FIELD_FIT
fs/minix: check return value of sb_getblk()
fs/minix: don't allow getting deleted inodes
fs/minix: reject too-large maximum file size
xen/balloon: fix accounting in alloc_xenballooned_pages error path
xen/balloon: make the balloon wait interruptible
xen/gntdev: Fix dmabuf import with non-zero sgt offset
s390/dasd: fix inability to use DASD with DIAG driver
s390/gmap: improve THP splitting
io_uring: Fix NULL pointer dereference in loop_rw_iter()
Linux 5.4.59
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4bc685ec9234d8f72a9c66ee2d509a2975f6d711
|
||
Tyler Hicks
|
2092075629 |
ima: Have the LSM free its audit rule
[ Upstream commit 9ff8a616dfab96a4fa0ddd36190907dc68886d9b ]
Ask the LSM to free its audit rule rather than directly calling kfree().
Both AppArmor and SELinux do additional work in their audit_rule_free()
hooks. Fix memory leaks by allowing the LSMs to perform necessary work.
Fixes:
|
||
|
Greg Kroah-Hartman
|
3a9b53bc89 |
This is the 5.4.58 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8ynngACgkQONu9yGCS
aT5cPw/9GiiNZCLyjB3jVyalmN9uDYKQ+eS8H97GG7IBVYyg9whOKIrOCZHcLINH
DV5s/qnhRWJPzmQ47410ySuPb6QMvkhWTK7i5Xf+K7BOvoz/snfFGcmdu1CA4KxR
CuuH449Y4l3sH+5fPv7+EToovBqA2cfeiz/i5d5Di/N4yODWBCbHHAsZIt0oGvuK
sI1aI1K//R7vKZQvQo85tvENbWJWQwDN7eYVQj3aSbvnq8JqVpwTKTBpKfshzgzB
RmMSOVpQoQYNivW9oleG0NTQeHqj7alG8anFs3Drgu1hs5dzQhqAFlKddhtRS69j
mtrSJuf0GgJEYA6n+PfacoM4l7kHUZcQH9+bglbCXTA3nH24DLT7h0Lybm+ETPXc
ZAYo7cHqrS1BWv8VHZggSbqPr6YNKvgeflgS394wAgNEFcaJmaPfS6+elmc0qf2t
VPSas7QQruRS1Bqwb6CF2tHsl4N+VdvxX1a2JjHHcF5N3z5aqDm1qaVVQHxAg2rE
gXepFNGkEIBhWRxPz+5quxN1XBcUDiQYrzdoaKHxwY+OcdCf635P5Ob+1WK3w1oa
qhl/2scs44D67wZSgXHo5N4vMi9HhPOSV77jklgFcg75IzM9YWwYnJADQRHxo7nT
25XEgUlMfxm0ngw+CZWR0ssaP6rB9V1rRLDqb1W5HbqA7lp2YE8=
=Fe6H
-----END PGP SIGNATURE-----
Merge 5.4.58 into android11-5.4
Changes in 5.4.58
USB: serial: qcserial: add EM7305 QDL product ID
perf/core: Fix endless multiplex timer
USB: iowarrior: fix up report size handling for some devices
usb: xhci: define IDs for various ASMedia host controllers
usb: xhci: Fix ASMedia ASM1142 DMA addressing
io_uring: prevent re-read of sqe->opcode
io_uring: Fix use-after-free in io_sq_wq_submit_work()
Revert "ALSA: hda: call runtime_allow() for all hda controllers"
ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
ALSA: hda/ca0132 - Add new quirk ID for Recon3D.
ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value.
ALSA: hda/ca0132 - Fix AE-5 microphone selection commands.
ALSA: seq: oss: Serialize ioctls
staging: android: ashmem: Fix lockdep warning for write operation
staging: rtl8712: handle firmware load failure
Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
omapfb: dss: Fix max fclk divider for omap36xx
binder: Prevent context manager from incrementing ref 0
Smack: fix use-after-free in smk_write_relabel_self()
scripts: add dummy report mode to add_namespace.cocci
vgacon: Fix for missing check in scrollback handling
mtd: properly check all write ioctls for permissions
leds: wm831x-status: fix use-after-free on unbind
leds: lm36274: fix use-after-free on unbind
leds: da903x: fix use-after-free on unbind
leds: lm3533: fix use-after-free on unbind
leds: 88pm860x: fix use-after-free on unbind
net/9p: validate fds in p9_fd_open
drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason
drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
nvme-pci: prevent SK hynix PC400 from using Write Zeroes command
drm/drm_fb_helper: fix fbdev with sparc64
i2c: slave: improve sanity check when registering
i2c: slave: add sanity check when unregistering
usb: hso: check for return value in hso_serial_common_create()
net: ethernet: mtk_eth_soc: Always call mtk_gmac0_rgmii_adjust() for mt7623
ALSA: hda: fix NULL pointer dereference during suspend
firmware: Fix a reference count leak.
cfg80211: check vendor command doit pointer before use
igb: reinit_locked() should be called with rtnl_lock
atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
tools lib traceevent: Fix memory leak in process_dynamic_array_len
Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
xattr: break delegations in {set,remove}xattr
Revert "powerpc/kasan: Fix shadow pages allocation failure"
PCI: tegra: Revert tegra124 raw_violation_fixup
ipv4: Silence suspicious RCU usage warning
ipv6: fix memory leaks on IPV6_ADDRFORM path
ipv6: Fix nexthop refcnt leak when creating ipv6 route info
net: ethernet: mtk_eth_soc: fix MTU warnings
rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
vxlan: Ensure FDB dump is performed under RCU
net: lan78xx: replace bogus endpoint lookup
appletalk: Fix atalk_proc_init() return path
dpaa2-eth: Fix passing zero to 'PTR_ERR' warning
hv_netvsc: do not use VF device if link is down
net: gre: recompute gre csum for sctp over gre tunnels
net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
Revert "vxlan: fix tos value before xmit"
selftests/net: relax cpu affinity requirement in msg_zerocopy test
tcp: apply a floor of 1 for RTT samples from TCP timestamps
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
nfsd: Fix NFSv4 READ on RDMA when using readv
Linux 5.4.58
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0e89e2c0faf90bdf1f6ac37f9a2c2395cacab054
|
||
Bruno Meneguele
|
df6aeb5235 |
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
commit 311aa6aafea446c2f954cc19d66425bfed8c4b0b upstream.
The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise="
modes - log, fix, enforce - at run time, but not when IMA architecture
specific policies are enabled. This prevents properly labeling the
filesystem on systems where secure boot is supported, but not enabled on the
platform. Only when secure boot is actually enabled should these IMA
appraise modes be disabled.
This patch removes the compile time dependency and makes it a runtime
decision, based on the secure boot state of that platform.
Test results as follows:
-> x86-64 with secure boot enabled
[ 0.015637] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.015668] ima: Secure boot enabled: ignoring ima_appraise=fix boot parameter option
-> powerpc with secure boot disabled
[ 0.000000] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.000000] Secure boot mode disabled
-> Running the system without secure boot and with both options set:
CONFIG_IMA_APPRAISE_BOOTPARAM=y
CONFIG_IMA_ARCH_POLICY=y
Audit prompts "missing-hash" but still allow execution and, consequently,
filesystem labeling:
type=INTEGRITY_DATA msg=audit(07/09/2020 12:30:27.778:1691) : pid=4976
uid=root auid=root ses=2
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 op=appraise_data
cause=missing-hash comm=bash name=/usr/bin/evmctl dev="dm-0" ino=493150
res=no
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
fa46997961 |
This is the 5.4.48 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7wXk8ACgkQONu9yGCS
aT5uyhAA1EoV9ROPRt8Vw1fzlDIrRA5X2T+FCGXskg2kKWehVHAvge4U76nZ16+i
aYcBX3lAmN7GGVw+/GiRHf9QpiwOUF5f3ZUQZ0KuLS1gcuaXx+VC1h5yyunx3tm1
CI01B2p+GQ3jABWopnhsujMVAeWjbD18NqY+a+xOzTn8CCyLAli+LiviWCR/apQp
p4r6++eevWo1yMDlJGNGoMYsFcxChWhtlnDQKWCsIDCN3I1cinGz8wopiv93WqRH
Sz3wb1YMuhXb10usNZcZFaSvDGf5XSaMxpRkyNSxN7CLv8LzbovXQOE+fFDGAYxd
lUCjRK0wFBMzRSeZ2iGYqqQf5xyYKb6hNmViGprdqwR2c3MBHN/Xs5aDLqJEgHkr
OXzZLyHUngRfp3GpagFGV6q06S6fgb9ca/7FuT4Hn8Z3tb5Xt7b/KlPcW3VymiSt
I37itASNA/Qs6Njl4tDd9GjwbcOAs+s/XabasU+pXscOkf3o8fYMy2krisy176D/
AXtRTLq4pc42I8c3tv5uCNz7Zje/qytKSPErNRBAedvOu5JX7ab6hgULPH4N7r0N
Di/LyKqYw+ZBa4AfzcsvlR3wJLWqni+aFj5yppSrNkH7kNzZGLmlw8xIo8v1CFYw
T86b13WmHPqvyFWQLpX5WCEYu0OCw5YCUyQXSsLZN5oC7gAwC7U=
=FSdI
-----END PGP SIGNATURE-----
Merge 5.4.48 into android-5.4-stable
Changes in 5.4.48
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
drm/amdgpu: fix and cleanup amdgpu_gem_object_close v4
ath10k: Fix the race condition in firmware dump work queue
drm: bridge: adv7511: Extend list of audio sample rates
media: staging: imgu: do not hold spinlock during freeing mmu page table
media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: vicodec: Fix error codes in probe function
media: si2157: Better check for running tuner in init
objtool: Ignore empty alternatives
spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices
drm/amdgpu: Init data to avoid oops while reading pp_num_states.
arm64/kernel: Fix range on invalidating dcache for boot page tables
libbpf: Fix memory leak and possible double-free in hashmap__clear
spi: pxa2xx: Apply CS clk quirk to BXT
x86,smap: Fix smap_{save,restore}() alternatives
sched/fair: Refill bandwidth before scaling
net: atlantic: make hw_get_regs optional
net: ena: fix error returning in ena_com_get_hash_function()
efi/libstub/x86: Work around LLVM ELF quirk build regression
ath10k: remove the max_sched_scan_reqs value
arm64: cacheflush: Fix KGDB trap detection
media: staging: ipu3: Fix stale list entries on parameter queue failure
rtw88: fix an issue about leak system resources
spi: dw: Zero DMA Tx and Rx configurations on stack
ACPICA: Dispatcher: add status checks
block: alloc map and request for new hardware queue
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
block: reset mapping if failed to update hardware queue count
drm: rcar-du: Set primary plane zpos immutably at initializing
lockdown: Allow unprivileged users to see lockdown status
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
platform/x86: dell-laptop: don't register micmute LED if there is no token
MIPS: Loongson: Build ATI Radeon GPU driver as module
Bluetooth: Add SCO fallback for invalid LMP parameters error
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
kgdb: Prevent infinite recursive entries to the debugger
pmu/smmuv3: Clear IRQ affinity hint on device removal
ACPI/IORT: Fix PMCG node single ID mapping handling
mips: Fix cpu_has_mips64r1/2 activation for MIPS32 CPUs
spi: dw: Enable interrupts in accordance with DMA xfer mode
clocksource: dw_apb_timer: Make CPU-affiliation being optional
clocksource: dw_apb_timer_of: Fix missing clockevent timers
media: dvbdev: Fix tuner->demod media controller link
btrfs: account for trans_block_rsv in may_commit_transaction
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
ice: Fix memory leak
ice: Fix for memory leaks and modify ICE_FREE_CQ_BUFS
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()
spi: dw: Fix Rx-only DMA transfers
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
x86: fix vmap arguments in map_irq_stack
staging: android: ion: use vmap instead of vm_map_ram
ath10k: fix kernel null pointer dereference
media: staging/intel-ipu3: Implement lock for stream on/off operations
spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource
brcmfmac: fix wrong location to get firmware feature
regulator: qcom-rpmh: Fix typos in pm8150 and pm8150l
tools api fs: Make xxx__mountpoint() more scalable
e1000: Distribute switch variables for initialization
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
drm/mediatek: set dpi pin mode to gpio low to avoid leakage current
audit: fix a net reference leak in audit_send_reply()
media: dvb: return -EREMOTEIO on i2c transfer failure.
media: platform: fcp: Set appropriate DMA parameters
MIPS: Make sparse_init() using top-down allocation
ath10k: add flush tx packets for SDIO chip
Bluetooth: btbcm: Add 2 missing models to subver tables
audit: fix a net reference leak in audit_list_rules_send()
Drivers: hv: vmbus: Always handle the VMBus messages on CPU0
dpaa2-eth: fix return codes used in ndo_setup_tc
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
selftests/bpf: Fix memory leak in extract_build_id()
net: bcmgenet: set Rx mode before starting netif
net: bcmgenet: Fix WoL with password after deep sleep
lib/mpi: Fix 64-bit MIPS build with Clang
exit: Move preemption fixup up, move blocking operations down
sched/core: Fix illegal RCU from offline CPUs
drivers/perf: hisi: Fix typo in events attribute array
iocost_monitor: drop string wrap around numbers when outputting json
net: lpc-enet: fix error return code in lpc_mii_init()
selinux: fix error return code in policydb_read()
drivers: net: davinci_mdio: fix potential NULL dereference in davinci_mdio_probe()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
net: allwinner: Fix use correct return type for ndo_start_xmit()
powerpc/spufs: fix copy_to_user while atomic
libertas_tf: avoid a null dereference in pointer priv
xfs: clean up the error handling in xfs_swap_extents
Crypto/chcr: fix for ccm(aes) failed test
MIPS: Truncate link address into 32bit for 32bit kernel
mips: cm: Fix an invalid error code of INTVN_*_ERR
kgdb: Fix spurious true from in_dbg_master()
xfs: reset buffer write failure state on successful completion
xfs: fix duplicate verification from xfs_qm_dqflush()
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
iwlwifi: avoid debug max amsdu config overwriting itself
nvme: refine the Qemu Identify CNS quirk
nvme-pci: align io queue count with allocted nvme_queue in nvme_probe
nvme-tcp: use bh_lock in data_ready
ath10k: Remove msdu from idr when management pkt send fails
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
drm/mcde: dsi: Fix return value check in mcde_dsi_bind()
mt76: avoid rx reorder buffer overflow
md: don't flush workqueue unconditionally in md_open
raid5: remove gfp flags from scribble_alloc()
iocost: don't let vrate run wild while there's no saturation signal
veth: Adjust hard_start offset on redirect XDP frames
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
mwifiex: Fix memory corruption in dump_station
kgdboc: Use a platform device to handle tty drivers showing up late
x86/boot: Correct relocation destination on old linkers
sched: Defend cfs and rt bandwidth quota against overflow
mips: MAAR: Use more precise address mask
mips: Add udelay lpj numbers adjustment
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix multi-instance
drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven
drm/amdgpu: Sync with VM root BO when switching VM to CPU update mode
selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o
x86/mm: Stop printing BRK addresses
MIPS: tools: Fix resource leak in elf-entry.c
m68k: mac: Don't call via_flush_cache() on Mac IIfx
btrfs: improve global reserve stealing logic
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
macvlan: Skip loopback packets in RX handler
PCI: Don't disable decoding when mmio_always_on is set
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
bcache: fix refcount underflow in bcache_device_free()
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
ice: fix potential double free in probe unrolling
ixgbe: fix signed-integer-overflow warning
iwlwifi: mvm: fix aux station leak
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
spi: dw: Return any value retrieved from the dma_transfer callback
cpuidle: Fix three reference count leaks
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
platform/x86: asus_wmi: Reserve more space for struct bias_args
libbpf: Fix perf_buffer__free() API for sparse allocs
bpf: Fix map permissions check
bpf: Refactor sockmap redirect code so its easy to reuse
bpf: Fix running sk_skb program types with ktls
selftests/bpf, flow_dissector: Close TAP device FD after the test
kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
btrfs: free alien device after device add
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: send: emit file capabilities after chown
btrfs: force chunk allocation if our global rsv is larger than metadata
btrfs: fix error handling when submitting direct I/O bio
btrfs: fix wrong file range cleanup after an error filling dealloc range
btrfs: fix space_info bytes_may_use underflow after nocow buffered write
btrfs: fix space_info bytes_may_use underflow during space cache writeout
powerpc/mm: Fix conditions to perform MMU specific management by blocks on PPC32.
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
mm: initialize deferred pages with interrupts enabled
mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init
mm: call cond_resched() from deferred_init_memmap()
ima: Fix ima digest hash table key calculation
ima: Switch to ima_hash_algo for boot aggregate
ima: Evaluate error in init_ima()
ima: Directly assign the ima_default_policy pointer to ima_rules
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
ima: Remove __init annotation from ima_pcrread()
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
ext4: fix error pointer dereference
ext4: fix race between ext4_sync_parent() and rename()
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: vmd: Add device id for VMD device 8086:9A0B
x86/amd_nb: Add Family 19h PCI IDs
PCI: Add Loongson vendor ID
serial: 8250_pci: Move Pericom IDs to pci_ids.h
x86/amd_nb: Add AMD family 17h model 60h PCI IDs
ima: Remove redundant policy rule set in add_rules()
ima: Set again build_ima_appraise variable
PCI: Program MPS for RCiEP devices
e1000e: Disable TSO for buffer overrun workaround
e1000e: Relax condition to trigger reset for ME workaround
carl9170: remove P2P_GO support
media: go7007: fix a miss of snd_card_free
media: cedrus: Program output format during each run
serial: 8250: Avoid error message on reprobe
Bluetooth: hci_bcm: fix freeing not-requested IRQ
b43legacy: Fix case where channel status is corrupted
b43: Fix connection problem with WPA3
b43_legacy: Fix connection problem with WPA3
media: ov5640: fix use of destroyed mutex
clk: mediatek: assign the initial value to clk_init_data of mtk_mux
igb: Report speed and duplex as unknown when device is runtime suspended
hwmon: (k10temp) Add AMD family 17h model 60h PCI match
EDAC/amd64: Add AMD family 17h model 60h PCI IDs
power: vexpress: add suppress_bind_attrs to true
power: supply: core: fix HWMON temperature labels
power: supply: core: fix memory leak in HWMON error path
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
gnss: sirf: fix error return code in sirf_probe()
sparc32: fix register window handling in genregs32_[gs]et()
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
dm crypt: avoid truncating the logical block size
alpha: fix memory barriers so that they conform to the specification
powerpc/fadump: use static allocation for reserved memory ranges
powerpc/fadump: consider reserved ranges while reserving memory
powerpc/fadump: Account for memory_limit while reserving memory
kernel/cpu_pm: Fix uninitted local in cpu_pm
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
soc/tegra: pmc: Select GENERIC_PINCONF
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
drivers/macintosh: Fix memleak in windfarm_pm112 driver
powerpc/32s: Fix another build failure with CONFIG_PPC_KUAP_DEBUG
powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END
powerpc/kasan: Fix shadow pages allocation failure
powerpc/32: Disable KASAN with pages bigger than 16k
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
sunrpc: clean up properly in gss_mech_unregister()
mtd: rawnand: Fix nand_gpio_waitrdy()
mtd: rawnand: onfi: Fix redundancy detection check
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: ingenic: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: sunxi: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: pasemi: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: tmio: Fix the probe error path
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
f2fs: fix checkpoint=disable:%u%%
perf probe: Do not show the skipped events
perf probe: Fix to check blacklist address correctly
perf probe: Check address correctness by map instead of _etext
perf symbols: Fix debuginfo search for Ubuntu
perf symbols: Fix kernel maps for kcore and eBPF
Linux 5.4.48
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9954fb3f08956419e8586bcb9078e604df207fb9
|
||
Krzysztof Struczynski
|
e131e70e21 |
ima: Set again build_ima_appraise variable
[ Upstream commit b59fda449cf07f2db3be3a67142e6c000f5e8d79 ] After adding the new add_rule() function in commit |
||
|
Krzysztof Struczynski
|
2600136eae |
ima: Remove redundant policy rule set in add_rules()
[ Upstream commit 6ee28442a465ab4c4be45e3b15015af24b1ba906 ] Function ima_appraise_flag() returns the flag to be set in temp_ima_appraise depending on the hook identifier passed as an argument. It is not necessary to set the flag again for the POLICY_CHECK hook. Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Roberto Sassu
|
6de50456fe |
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
commit 0c4395fb2aa77341269ea619c5419ea48171883f upstream.
Don't immediately return if the signature is portable and security.ima is
not present. Just set error so that memory allocated is freed before
returning from evm_calc_hmac_or_hash().
Fixes:
|
||
|
Roberto Sassu
|
ce7f038f85 |
ima: Remove __init annotation from ima_pcrread()
commit 8b8c704d913b0fe490af370631a4200e26334ec0 upstream.
Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
the digest can be recalculated for the boot_aggregate measurement entry if
the 'd' template field has been requested. For the 'd' field, only SHA1 and
MD5 digests are accepted.
Given that ima_eventdigest_init() does not have the __init annotation, all
functions called should not have it. This patch removes __init from
ima_pcrread().
Cc: stable@vger.kernel.org
Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Roberto Sassu
|
f387759c2d |
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
commit 6cc7c266e5b47d3cd2b5bb7fd3aac4e6bb2dd1d2 upstream.
If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.
This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.
Cc: stable@vger.kernel.org # 3.13.x
Fixes:
|
||
|
Roberto Sassu
|
64712383a1 |
ima: Directly assign the ima_default_policy pointer to ima_rules
commit 067a436b1b0aafa593344fddd711a755a58afb3b upstream.
This patch prevents the following oops:
[ 10.771813] BUG: kernel NULL pointer dereference, address: 0000000000000
[...]
[ 10.779790] RIP: 0010:ima_match_policy+0xf7/0xb80
[...]
[ 10.798576] Call Trace:
[ 10.798993] ? ima_lsm_policy_change+0x2b0/0x2b0
[ 10.799753] ? inode_init_owner+0x1a0/0x1a0
[ 10.800484] ? _raw_spin_lock+0x7a/0xd0
[ 10.801592] ima_must_appraise.part.0+0xb6/0xf0
[ 10.802313] ? ima_fix_xattr.isra.0+0xd0/0xd0
[ 10.803167] ima_must_appraise+0x4f/0x70
[ 10.804004] ima_post_path_mknod+0x2e/0x80
[ 10.804800] do_mknodat+0x396/0x3c0
It occurs when there is a failure during IMA initialization, and
ima_init_policy() is not called. IMA hooks still call ima_match_policy()
but ima_rules is NULL. This patch prevents the crash by directly assigning
the ima_default_policy pointer to ima_rules when ima_rules is defined. This
wouldn't alter the existing behavior, as ima_rules is always set at the end
of ima_init_policy().
Cc: stable@vger.kernel.org # 3.7.x
Fixes:
|
||
|
Roberto Sassu
|
4ce29d9b19 |
ima: Evaluate error in init_ima()
commit e144d6b265415ddbdc54b3f17f4f95133effa5a8 upstream.
Evaluate error in init_ima() before register_blocking_lsm_notifier() and
return if not zero.
Cc: stable@vger.kernel.org # 5.3.x
Fixes:
|
||
|
Roberto Sassu
|
5f7272bd22 |
ima: Switch to ima_hash_algo for boot aggregate
commit 6f1a1d103b48b1533a9c804e7a069e2c8e937ce7 upstream.
boot_aggregate is the first entry of IMA measurement list. Its purpose is
to link pre-boot measurements to IMA measurements. As IMA was designed to
work with a TPM 1.2, the SHA1 PCR bank was always selected even if a
TPM 2.0 with support for stronger hash algorithms is available.
This patch first tries to find a PCR bank with the IMA default hash
algorithm. If it does not find it, it selects the SHA256 PCR bank for
TPM 2.0 and SHA1 for TPM 1.2. Ultimately, it selects SHA1 also for TPM 2.0
if the SHA256 PCR bank is not found.
If none of the PCR banks above can be found, boot_aggregate file digest is
filled with zeros, as for TPM bypass, making it impossible to perform a
remote attestation of the system.
Cc: stable@vger.kernel.org # 5.1.x
Fixes:
|
||
|
Krzysztof Struczynski
|
0698eacdfc |
ima: Fix ima digest hash table key calculation
commit 1129d31b55d509f15e72dc68e4b5c3a4d7b4da8d upstream.
Function hash_long() accepts unsigned long, while currently only one byte
is passed from ima_hash_key(), which calculates a key for ima_htable.
Given that hashing the digest does not give clear benefits compared to
using the digest itself, remove hash_long() and return the modulus
calculated on the first two bytes of the digest with the number of slots.
Also reduce the depth of the hash table by doubling the number of slots.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
a9a13eeea9 |
This is the 5.4.45 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7czYMACgkQONu9yGCS aT4YHA//cHSv58LPIlq8k2VYd0PG7qqg5SCU42AAQRPJWG19DavGynEkLUI35eqZ bSqrciaQkkzeoPwawzVGKy1KOaKVnNAr5f9wsFK8XB86PlreRfQfvrR2MniRY33H 5OTfw1127UIWJYuhCB6+PTXNHGNa6VaeGwDjVVczY+Ggsh2fyokxC5kb/FUsjuCN IlK41/dmiDDcP33RSQ82PMjDkEmJZsGhibaliivgV6rDvZeWW8PYnLTP+c24wIeK 6E2+XlP807FljjBPaCgKuTHx9LRDhj9CnUUuuo1LRGDtGNlW1deZ+PFXFJJ3gY0G Ja8RzZUgS6aVsBCbloIOEOwuLzeuZQTvnm5OKxPomOwE+7UIJ4e0xihzrTqji+zv yWfNwA2cErjHWZ3krL+muxbAO7CSatE4OEmn8OPbqOvp9F78r6l8mngHnWNMWkkW gGki69hQ+L/HgcIUOSnErfo+jBGhhsm2RPubl0sb8N4n9eS9TJx5NNlmsCL+uC4c 4wndNES/rPoi80vsIMB1h2PDkkWpjUZx/M6jZ1NuAlTOXgSsa0ZSz3Jvapi7cg2U weFKwAN4l/vHs9sOHASefrtj3mcZwcTJV9a9x0qmaIHpmqSICoptB5H9BTJ/c7sm U4JZ03yQSwkPhxtfDYbngMePcLyYIizGLq+3PbGPOiM1EqLEY8M= =mtHa -----END PGP SIGNATURE----- Merge 5.4.45 into android-5.4-stable Changes in 5.4.45 Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" mm: Fix mremap not considering huge pmd devmap HID: sony: Fix for broken buttons on DS3 USB dongles HID: multitouch: enable multi-input as a quirk for some devices HID: i2c-hid: add Schneider SCL142ALM to descriptor override p54usb: add AirVasT USB stick device-id mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter kernel/relay.c: handle alloc_percpu returning NULL in relay_open mmc: fix compilation of user API media: Revert "staging: imgu: Address a compiler warning on alignment" media: staging: ipu3-imgu: Move alignment attribute to field scsi: ufs: Release clock if DMA map fails net: dsa: mt7530: set CPU port to fallback mode airo: Fix read overflows sending packets drm/i915: fix port checks for MST support on gen >= 11 scsi: hisi_sas: Check sas_port before using it powerpc/powernv: Avoid re-registration of imc debugfs directory powerpc/xmon: Restrict when kernel is locked down spi: dw: use "smp_mb()" to avoid sending spi data error ASoC: intel - fix the card names s390/ftrace: save traced function caller RDMA/qedr: Fix qpids xarray api used RDMA/qedr: Fix synchronization methods and memory leaks in qedr ARC: Fix ICCM & DCCM runtime size checks ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT evm: Fix RCU list related warnings scsi: pm: Balance pm_only counter of request queue during system resume i2c: altera: Fix race between xfer_msg and isr thread io_uring: initialize ctx->sqo_wait earlier x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables net: bmac: Fix read of MAC address from ROM drm/edid: Add Oculus Rift S to non-desktop list s390/mm: fix set_huge_pte_at() for empty ptes null_blk: return error for invalid zone size net/ethernet/freescale: rework quiesce/activate for ucc_geth net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer net: smsc911x: Fix runtime PM imbalance on error Linux 5.4.45 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I31d3b6ccd9963bd8eb6aad70b2015cead1ec49e3 |
||
Madhuparna Bhowmik
|
1610cd913f |
evm: Fix RCU list related warnings
[ Upstream commit 770f60586d2af0590be263f55fd079226313922c ] This patch fixes the following warning and few other instances of traversal of evm_config_xattrnames list: [ 32.848432] ============================= [ 32.848707] WARNING: suspicious RCU usage [ 32.848966] 5.7.0-rc1-00006-ga8d5875ce5f0b #1 Not tainted [ 32.849308] ----------------------------- [ 32.849567] security/integrity/evm/evm_main.c:231 RCU-list traversed in non-reader section!! Since entries are only added to the list and never deleted, use list_for_each_entry_lockless() instead of list_for_each_entry_rcu for traversing the list. Also, add a relevant comment in evm_secfs.c to indicate this fact. Reported-by: kernel test robot <lkp@intel.com> Suggested-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com> Acked-by: Paul E. McKenney <paulmck@kernel.org> (RCU viewpoint) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
f7b4f375c7 |
This is the 5.4.43 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7Oi20ACgkQONu9yGCS aT4ipBAA1Kqh2mLEcDBISubrU4CuOl/iHmkCXyF1FeF9+vJKz25whbfYO/FNYweP 2HYxGyuqLTQ0OnsfrXeEoImlxdAcWp3TjAFPgJdonLBvnVDmvlPe6Pzk1NRPhvce zU/Y1leE+LoQ7xDfICPJ9BwuwwYTRzRqMQHmIuVlsHLSiN+rextPj6vkzD+7h4ux i9VKoDvzmWuLrHmc9RYNoGxuZ5tGogBaCxI8tnzHGcm21bNVvsKZiANQ2J+6G2bJ sJwqq5tH2gZ6cJxmJ1tVyMbXLIJanNKLeBC5sDQN4rss9pU4gtyEARqVG+9RlglQ FeSlBuoaISJYYejo6aSH7nw81bTQrXexd0sH94qYqnqPlZo+OXN8vxHTaIapYEfd fjqyEblZXqpnMNVQcZOxbrYaefuIrZ9Q8pWUFTwVj34P8RNJLBIvg5gy2dlRvHbC PGLJewOXySZaXVpD5gFU349L32d4QPw9MmMU5php+LOl4idN8RlVY0pOaUuO0idH ewO+6vijLgHq/5HBO6BBToRlNUvLauoUeAaQwoHfPiuuYnGGFCZ9GEjPRsHnCBok IAKQ2Uj+IqlMy7gKVtG1ryekil7TVktrZQ1JBokRLWQPZiED84r7P1lQqPaH/4f4 GFFRhx3tekJs4LMMUEaUR019Q9ZcQMWkikT1/HpVOYUjQd55pc4= =jmiq -----END PGP SIGNATURE----- Merge 5.4.43 into android-5.4-stable Changes in 5.4.43 i2c: dev: Fix the race between the release of i2c_dev and cdev KVM: SVM: Fix potential memory leak in svm_cpu_init() ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() evm: Check also if *tfm is an error pointer in init_desc() ima: Fix return value of ima_write_policy() ubifs: fix wrong use of crypto_shash_descsize() ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive mtd: spinand: Propagate ECC information to the MTD structure fix multiplication overflow in copy_fdtable() ubifs: remove broken lazytime support i2c: fix missing pm_runtime_put_sync in i2c_device_probe iommu/amd: Fix over-read of ACPI UID from IVRS table evm: Fix a small race in init_desc() i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' ubi: Fix seq_file usage in detailed_erase_block_info debugfs file afs: Don't unlock fetched data pages until the op completes successfully mtd: Fix mtd not registered due to nvmem name collision kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() gcc-common.h: Update for GCC 10 HID: multitouch: add eGalaxTouch P80H84 support HID: alps: Add AUI1657 device ID HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV scsi: qla2xxx: Delete all sessions before unregister local nvme port configfs: fix config_item refcnt leak in configfs_rmdir() vhost/vsock: fix packet delivery order to monitoring devices aquantia: Fix the media type of AQC100 ethernet controller in the driver component: Silence bind error on -EPROBE_DEFER net/ena: Fix build warning in ena_xdp_set() scsi: ibmvscsi: Fix WARN_ON during event pool release HID: i2c-hid: reset Synaptics SYNA2393 on resume x86/mm/cpa: Flush direct map alias during cpa ibmvnic: Skip fatal error reset after passive init ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set x86/apic: Move TSC deadline timer debug printk gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock ceph: fix double unlock in handle_cap_export() stmmac: fix pointer check after utilization in stmmac_interrupt USB: core: Fix misleading driver bug report platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA iommu/amd: Call domain_flush_complete() in update_domain() drm/amd/display: Prevent dpcd reads with passive dongles KVM: selftests: Fix build for evmcs.h ARM: futex: Address build warning scripts/gdb: repair rb_first() and rb_last() ALSA: hda - constify and cleanup static NodeID tables ALSA: hda: patch_realtek: fix empty macro usage in if block ALSA: hda: Manage concurrent reg access more properly ALSA: hda/realtek - Add supported new mute Led for HP ALSA: hda/realtek - Add HP new mute led supported for ALC236 ALSA: hda/realtek: Add quirk for Samsung Notebook ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option ALSA: pcm: fix incorrect hw_base increase ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme ALSA: hda/realtek - Add more fixup entries for Clevo machines scsi: qla2xxx: Do not log message when reading port speed via sysfs scsi: target: Put lun_ref at end of tmr processing arm64: Fix PTRACE_SYSEMU semantics drm/etnaviv: fix perfmon domain interation apparmor: Fix use-after-free in aa_audit_rule_init apparmor: fix potential label refcnt leak in aa_change_profile apparmor: Fix aa_label refcnt leak in policy_update dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' drm/etnaviv: Fix a leak in submit_pin_objects() dmaengine: dmatest: Restore default for channel dmaengine: owl: Use correct lock in owl_dma_get_pchan() vsprintf: don't obfuscate NULL and error pointers drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance. drm/i915: Propagate error from completed fences powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE powerpc/64s: Disable STRICT_KERNEL_RWX bpf: Avoid setting bpf insns pages read-only when prog is jited kbuild: Remove debug info from kallsyms linking Revert "gfs2: Don't demote a glock until its revokes are written" media: fdp1: Fix R-Car M3-N naming in debug message staging: iio: ad2s1210: Fix SPI reading staging: kpc2000: fix error return code in kp2000_pcie_probe() staging: greybus: Fix uninitialized scalar variable iio: sca3000: Remove an erroneous 'get_device()' iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' iio: adc: ti-ads8344: Fix channel selection misc: rtsx: Add short delay after exit from ASPM tty: serial: add missing spin_lock_init for SiFive serial console mei: release me_cl object reference ipack: tpci200: fix error return code in tpci200_register() s390/pci: Fix s390_mmio_read/write with MIO s390/kaslr: add support for R_390_JMP_SLOT relocation type device-dax: don't leak kernel memory to user space after unloading kmem rapidio: fix an error in get_user_pages_fast() error handling kasan: disable branch tracing for core runtime rxrpc: Fix the excessive initial retransmission timeout rxrpc: Fix a memory leak in rxkad_verify_response() s390/kexec_file: fix initrd location for kdump kernel flow_dissector: Drop BPF flow dissector prog ref on netns cleanup x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-adc: fix device used to request dma iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-dfsdm: fix device used to request dma rxrpc: Trace discarded ACKs rxrpc: Fix ack discard tpm: check event log version before reading final events sched/fair: Reorder enqueue/dequeue_task_fair path sched/fair: Fix reordering of enqueue/dequeue_task_fair() sched/fair: Fix enqueue_task_fair() warning some more Linux 5.4.43 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1582df67569f34c4455c482ed0eaf10fc1a34e03 |
||
Dan Carpenter
|
dd540f2d7c |
evm: Fix a small race in init_desc()
[ Upstream commit 8433856947217ebb5697a8ff9c4c9cad4639a2cf ]
The IS_ERR_OR_NULL() function has two conditions and if we got really
unlucky we could hit a race where "ptr" started as an error pointer and
then was set to NULL. Both conditions would be false even though the
pointer at the end was NULL.
This patch fixes the problem by ensuring that "*tfm" can only be NULL
or valid. I have introduced a "tmp_tfm" variable to make that work. I
also reversed a condition and pulled the code in one tab.
Reported-by: Roberto Sassu <roberto.sassu@huawei.com>
Fixes: 53de3b080d5e ("evm: Check also if *tfm is an error pointer in init_desc()")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Roberto Sassu <roberto.sassu@huawei.com>
Acked-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Roberto Sassu
|
48bbd44f5f |
ima: Fix return value of ima_write_policy()
[ Upstream commit 2e3a34e9f409ebe83d1af7cd2f49fca7af97dfac ]
This patch fixes the return value of ima_write_policy() when a new policy
is directly passed to IMA and the current policy requires appraisal of the
file containing the policy. Currently, if appraisal is not in ENFORCE mode,
ima_write_policy() returns 0 and leads user space applications to an
endless loop. Fix this issue by denying the operation regardless of the
appraisal mode.
Cc: stable@vger.kernel.org # 4.10.x
Fixes:
|
||
|
Roberto Sassu
|
1066327bf9 |
evm: Check also if *tfm is an error pointer in init_desc()
[ Upstream commit 53de3b080d5eae31d0de219617155dcc34e7d698 ]
This patch avoids a kernel panic due to accessing an error pointer set by
crypto_alloc_shash(). It occurs especially when there are many files that
require an unsupported algorithm, as it would increase the likelihood of
the following race condition:
Task A: *tfm = crypto_alloc_shash() <= error pointer
Task B: if (*tfm == NULL) <= *tfm is not NULL, use it
Task B: rc = crypto_shash_init(desc) <= panic
Task A: *tfm = NULL
This patch uses the IS_ERR_OR_NULL macro to determine whether or not a new
crypto context must be created.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Roberto Sassu
|
4aedc534b6 |
ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
[ Upstream commit 0014cc04e8ec077dc482f00c87dfd949cfe2b98f ] Commit |
||
|
Greg Kroah-Hartman
|
6d52041543 |
This is the 5.4.25 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5qJSMACgkQONu9yGCS
aT6/Dw//Usg9m0cBB4Ip4fYxI0EVz8BgnVe9KSdt+71gM63QCOi1ZeTS0NDMUtO0
MTsQSudUpfntrT8QHCmBwCZ5LlAAZvxDS9UOqnhkWbqNY5jGmUhH5u28RJL28dp2
8wJY6zZKg+pfOWXd81slW86uN27QZvURNEthT81sN2ucxe5DXV1gs87FILSdMpXm
I0Z3LpUoZDjpONeA6WTZqkDNA0J7Z9QjULx9/4LFi/gc0q1ApWC7FV1A9gpQHaBa
w4kDWJCGqq3mNx8Hi9BHau50VUHX5tuKvpn9RcmSl9BBba25pE5h0EVIGo8Dlq+9
T9hkVR5iXeMbFERnLm5iR0DjFHog/mOgAgUHSTTXB3BcdgIKWwUcc2gCcr2Y7KIK
CD7l+kX1nWUk4yYre7zXiG/vO9ilYgeboc8C5Qdq3XR6zaO90+8NUbCOpa2+6yEF
H7kugstb6l+iCJ1k8YJd0ORGOobl68+P79TLxAOFnkNGJRzuAoXmBH+xkqAugz1H
YKKAbE+MzW75sre7PxU1g1uPOHxfMfd5e3uRtUU5OETJv0A2kTte8ay5rqLNbe7H
QYqdfwTr2oFssnWKW5d/KdSopD5A/31/Kjkmzl6ED2xaLMEpA7zyed5p+G/Beu5s
dkPlteya8wCQ1W/KtDJRhbCauoG/NyCKIeoQitHBJwMapcEo8ZU=
=rDP8
-----END PGP SIGNATURE-----
Merge 5.4.25 into android-5.4
Changes in 5.4.25
block, bfq: get extra ref to prevent a queue from being freed during a group move
block, bfq: do not insert oom queue into position tree
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
net: stmmac: fix notifier registration
dm thin metadata: fix lockdep complaint
RDMA/core: Fix pkey and port assignment in get_new_pps
RDMA/core: Fix use of logical OR in get_new_pps
kbuild: fix 'No such file or directory' warning when cleaning
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
blktrace: fix dereference after null check
ALSA: hda: do not override bus codec_mask in link_get()
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
selftests: fix too long argument
usb: gadget: composite: Support more than 500mA MaxPower
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: serial: fix Tx stall after buffer overflow
habanalabs: halt the engines before hard-reset
habanalabs: do not halt CoreSight during hard reset
habanalabs: patched cb equals user cb in device memset
drm/msm/mdp5: rate limit pp done timeout warnings
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/modes: Make sure to parse valid rotation value from cmdline
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
scsi: megaraid_sas: silence a warning
drm/msm/dsi: save pll state before dsi host is powered off
drm/msm/dsi/pll: call vco set rate explicitly
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
selftests: forwarding: vxlan_bridge_1d: fix tos value
net: atlantic: check rpc result and wait for rpc address
net: ks8851-ml: Remove 8-bit bus accessors
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Fix 16-bit IO operation
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
watchdog: da9062: do not ping the hw during stop()
s390/cio: cio_ignore_proc_seq_next should increase position index
s390: make 'install' not depend on vmlinux
efi: Only print errors about failing to get certs if EFI vars are found
net/mlx5: DR, Fix matching on vport gvmi
iommu/amd: Disable IOMMU on Stoney Ridge systems
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
nvme-pci: Use single IRQ vector for old Apple models
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/qdio: fill SL with absolute addresses
nvme: Fix uninitialized-variable warning
ice: Don't tell the OS that link is going down
x86/xen: Distribute switch variables for initialization
net: thunderx: workaround BGX TX Underflow issue
csky/mm: Fixup export invalid_pte_table symbol
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Fixup ftrace modify panic
csky: Fixup compile warning for three unimplemented syscalls
arch/csky: fix some Kconfig typos
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
firmware: imx: scu: Ensure sequential TX
binder: prevent UAF for binderfs devices
binder: prevent UAF for binderfs devices II
ALSA: hda/realtek - Add Headset Mic supported
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
cifs: don't leak -EAGAIN for stat() during reconnect
cifs: fix rename() by ensuring source handle opened with DELETE bit
usb: storage: Add quirk for Samsung Fit flash
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: cdns3: gadget: link trb should point to next request
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: core: hub: fix unhandled return by employing a void function
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: port: do error out if usb_autopm_get_interface() fails
vgacon: Fix a UAF in vgacon_invert_region
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
fat: fix uninit-memory access for partial initialized inode
btrfs: fix RAID direct I/O reads with alternate csums
arm64: dts: socfpga: agilex: Fix gmac compatible
arm: dts: dra76x: Fix mmc3 max-frequency
tty:serial:mvebu-uart:fix a wrong return
tty: serial: fsl_lpuart: free IDs allocated by IDA
serial: 8250_exar: add support for ACCES cards
vt: selection, close sel_buffer race
vt: selection, push console lock down
vt: selection, push sel_lock up
media: hantro: Fix broken media controller links
media: mc-entity.c: use & to check pad flags, not ==
media: vicodec: process all 4 components for RGB32 formats
media: v4l2-mem2mem.c: fix broken links
perf intel-pt: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf arm-spe: Fix endless record after being terminated
spi: spidev: Fix CS polarity if GPIO descriptors are used
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
s390/pci: Fix unexpected write combine on resource
s390/mm: fix panic in gup_fast on large pud
dmaengine: imx-sdma: fix context cache
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: tegra-apb: Fix use-after-free
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix invalid table returned due to argument count mismatch
dm cache: fix a crash due to incorrect work item cancelling
dm: report suspended device during destroy
dm writecache: verify watermark during resume
dm zoned: Fix reference counter initial value of chunk works
dm: fix congested_fn for request-based device
arm64: dts: meson-sm1-sei610: add missing interrupt-names
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
spi: bcm63xx-hsspi: Really keep pll clk enabled
drm/virtio: make resource id workaround runtime switchable.
drm/virtio: fix resource id creation race
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: intel: skl: Fix pin debug prints
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
powerpc: define helpers to get L1 icache sizes
powerpc: Convert flush_icache_range & friends to C
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
spi: atmel-quadspi: fix possible MMIO window size overrun
drm/panfrost: Don't try to map on error faults
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/sun4i: Add separate DE3 VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/i915: Program MBUS with rmw during initialization
drm/i915/selftests: Fix return in assert_mmap_offset()
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
ARM: dts: imx6: phycore-som: fix emmc supply
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
firmware: imx: misc: Align imx sc msg structs to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
soc: imx-scu: Align imx sc msg structs to 4
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
RDMA/rw: Fix error flow during RDMA context initialization
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/siw: Fix failure handling during device creation
RDMA/iwcm: Fix iwcm work deallocation
RDMA/core: Fix protection fault in ib_mr_pool_destroy
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
IB/hfi1, qib: Ensure RCU is locked when accessing list
ARM: imx: build v7_cpu_resume() unconditionally
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
dma-buf: free dmabuf->name in dma_buf_release()
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
arm64: dts: meson: fix gxm-khadas-vim2 wifi
bus: ti-sysc: Fix 1-wire reset quirk
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi: READ_ONCE rng seed size before munmap
block, bfq: get a ref to a group when adding it to a service tree
block, bfq: remove ifdefs from around gets/puts of bfq groups
csky: Implement copy_thread_tls
drm/virtio: module_param_named() requires linux/moduleparam.h
Linux 5.4.25
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8ba29f273c7a2b02bfa54593f7a9087c34607cd5
|
||
Javier Martinez Canillas
|
4a1e1dda56 |
efi: Only print errors about failing to get certs if EFI vars are found
[ Upstream commit 3be54d558c75562e42bc83d665df024bd79d399b ] If CONFIG_LOAD_UEFI_KEYS is enabled, the kernel attempts to load the certs from the db, dbx and MokListRT EFI variables into the appropriate keyrings. But it just assumes that the variables will be present and prints an error if the certs can't be loaded, even when is possible that the variables may not exist. For example the MokListRT variable will only be present if shim is used. So only print an error message about failing to get the certs list from an EFI variable if this is found. Otherwise these printed errors just pollute the kernel log ring buffer with confusing messages like the following: [ 5.427251] Couldn't get size: 0x800000000000000e [ 5.427261] MODSIGN: Couldn't get UEFI db list [ 5.428012] Couldn't get size: 0x800000000000000e [ 5.428023] Couldn't get UEFI MokListRT Reported-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Hans de Goede <hdegoede@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
ce5de62e20 |
This is the 5.4.24 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5hHjgACgkQONu9yGCS aT6CSBAA0c16mnDb59jgmW/sBj/p/MrlD/WJzLriqiKN5BUsPt9++I5mNj8mG+d2 Glm4086e8L826zv8oKiZm23xk93on+78ExhVFVZvZNaEUpiRNYCGSuDq2NrHW0z+ kpagkAFLfCUZFoKtmWo+bpl0YtF4dd/fg7+EjyL6qT1DBs8NVMwZx7i/v0xXv7Wc 0vsGCLYoBLzcW1FB2d9cfAUPCBuGEzL/7TdifNOXRgI9owGsZndFJgXgIzoBUt/P tqB8RLjIupCiMEPtsEAZ/rgEQLPFkb3yrBvgjd1wDI8bHUIQU0clqThKVNvmNSmv UTBSNgPAhkP8nZG7X9xCkyfEsUefejBJy66da9n4XTGGrXf9ga0BL0nNrOGwOesr m+tNnBSFsbFCMqFopQnt4zZSnaf67AOk2mzxbEu4E+sStyW943aDO9MoRRFgaYGH pfie3qOKtKta2MuNTJA+q6F0W9H+V5MtMpwbyuy1/dp2eVln2wewBBMvXYdL1YOy E/Z87nsQgalsDynz9m/niv32J4JAxHptyOyROkktDLBSzL5RawNn+Op8X5EtmZOe sPkiYicqp9CLmMj13qWXJhtuyNdD4wk6FyyAy6cX9mF44+EZGOBkyNP+n8g789Kn sqFJ7sfTfOnwLBFciMA5PaMTGNWROyWXNkvvUzO+9t0CyFAnT2U= =abGA -----END PGP SIGNATURE----- Merge 5.4.24 into android-5.4 Changes in 5.4.24 io_uring: grab ->fs as part of async offload EDAC: skx_common: downgrade message importance on missing PCI device net: dsa: b53: Ensure the default VID is untagged net: fib_rules: Correctly set table field when table number exceeds 8 bits net: macb: ensure interface is not suspended on at91rm9200 net: mscc: fix in frame extraction net: phy: restore mdio regs in the iproc mdio driver net: sched: correct flower port blocking net/tls: Fix to avoid gettig invalid tls record nfc: pn544: Fix occasional HW initialization failure qede: Fix race between rdma destroy workqueue and link change event Revert "net: dev: introduce support for sch BYPASS for lockless qdisc" udp: rehash on disconnect sctp: move the format error check out of __sctp_sf_do_9_1_abort bnxt_en: Improve device shutdown method. bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs. bonding: add missing netdev_update_lockdep_key() net: export netdev_next_lower_dev_rcu() bonding: fix lockdep warning in bond_get_stats() ipv6: Fix route replacement with dev-only route ipv6: Fix nlmsg_flags when splitting a multipath route ipmi:ssif: Handle a possible NULL pointer reference drm/msm: Set dma maximum segment size for mdss sched/core: Don't skip remote tick for idle CPUs timers/nohz: Update NOHZ load in remote tick sched/fair: Prevent unlimited runtime on throttled group dax: pass NOWAIT flag to iomap_apply mac80211: consider more elements in parsing CRC cfg80211: check wiphy driver existence for drvinfo report s390/zcrypt: fix card and queue total counter wrap qmi_wwan: re-add DW5821e pre-production variant qmi_wwan: unconditionally reject 2 ep interfaces NFSv4: Fix races between open and dentry revalidation perf/smmuv3: Use platform_get_irq_optional() for wired interrupt perf/x86/intel: Add Elkhart Lake support perf/x86/cstate: Add Tremont support perf/x86/msr: Add Tremont support ceph: do not execute direct write in parallel if O_APPEND is specified ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi drm/amd/display: Do not set optimized_require to false after plane disable RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready() drm/amd/display: Check engine is not NULL before acquiring drm/amd/display: Limit minimum DPPCLK to 100MHz. drm/amd/display: Add initialitions for PLL2 clock source amdgpu: Prevent build errors regarding soft/hard-float FP ABI tags soc/tegra: fuse: Fix build with Tegra194 configuration i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps net: ena: fix potential crash when rxfh key is NULL net: ena: fix uses of round_jiffies() net: ena: add missing ethtool TX timestamping indication net: ena: fix incorrect default RSS key net: ena: rss: do not allocate key when not supported net: ena: rss: fix failure to get indirection table net: ena: rss: store hash function as values and not bits net: ena: fix incorrectly saving queue numbers when setting RSS indirection table net: ena: fix corruption of dev_idx_to_host_tbl net: ena: ethtool: use correct value for crc32 hash net: ena: ena-com.c: prevent NULL pointer dereference ice: update Unit Load Status bitmask to check after reset cifs: Fix mode output in debugging statements cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE mac80211: fix wrong 160/80+80 MHz setting net: hns3: add management table after IMP reset net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples() nvme/tcp: fix bug on double requeue when send fails nvme: prevent warning triggered by nvme_stop_keep_alive nvme/pci: move cqe check after device shutdown ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() audit: fix error handling in audit_data_to_entry() audit: always check the netlink payload length in audit_receive_msg() ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro ACPI: watchdog: Fix gas->access_width usage KVM: VMX: check descriptor table exits on instruction emulation HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock HID: core: fix off-by-one memset in hid_report_raw_event() HID: core: increase HID report buffer size to 8KiB drm/amdgpu: Drop DRIVER_USE_AGP drm/radeon: Inline drm_get_pci_dev macintosh: therm_windtunnel: fix regression when instantiating devices tracing: Disable trace_printk() on post poned tests Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" amdgpu/gmc_v9: save/restore sdpif regs during S3 cpufreq: Fix policy initialization for internal governor drivers io_uring: fix 32-bit compatability with sendmsg/recvmsg netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports net/smc: transfer fasync_list in case of fallback vhost: Check docket sk_family instead of call getname netfilter: ipset: Fix forceadd evaluation path netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put() HID: alps: Fix an error handling path in 'alps_input_configured()' HID: hiddev: Fix race in in hiddev_disconnect() MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()' i2c: altera: Fix potential integer overflow i2c: jz4780: silence log flood on txabrt drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime drm/i915/gvt: Separate display reset from ALL_ENGINES reset nl80211: fix potential leak in AP start mac80211: Remove a redundant mutex unlock kbuild: fix DT binding schema rule to detect command line changes hv_netvsc: Fix unwanted wakeup in netvsc_attach() usb: charger: assign specific number for enum value nvme-pci: Hold cq_poll_lock while completing CQEs s390/qeth: vnicc Fix EOPNOTSUPP precedence net: netlink: cap max groups which will be considered in netlink_bind() net: atlantic: fix use after free kasan warn net: atlantic: fix potential error handling net: atlantic: fix out of range usage of active_vlans array net/smc: no peer ID in CLC decline for SMCD net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE selftests: Install settings files to fix TIMEOUT failures kbuild: remove header compile test kbuild: move headers_check rule to usr/include/Makefile kbuild: remove unneeded variable, single-all kbuild: make single target builds even faster namei: only return -ECHILD from follow_dotdot_rcu() mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() mwifiex: delete unused mwifiex_get_intf_num() KVM: SVM: Override default MMIO mask if memory encryption is enabled KVM: Check for a bad hva before dropping into the ghc slow path sched/fair: Optimize select_idle_cpu f2fs: fix to add swap extent correctly RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs RDMA/hns: Bugfix for posting a wqe with sge drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' ima: ima/lsm policy rule loading logic bug fixes kprobes: Set unoptimized flag after unoptimizing code lib/vdso: Make __arch_update_vdso_data() logic understandable lib/vdso: Update coarse timekeeper unconditionally pwm: omap-dmtimer: put_device() after of_find_device_by_node() perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc perf ui gtk: Add missing zalloc object x86/resctrl: Check monitoring static key in the MBM overflow handler KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path KVM: x86: Remove spurious clearing of async #PF MSR rcu: Allow only one expedited GP to run concurrently with wakeups ubifs: Fix ino_t format warnings in orphan_delete() thermal: db8500: Depromote debug print thermal: brcmstb_thermal: Do not use DT coefficients netfilter: nft_tunnel: no need to call htons() when dumping ports netfilter: nf_flowtable: fix documentation bus: tegra-aconnect: Remove PM_CLK dependency xfs: clear kernel only flags in XFS_IOC_ATTRMULTI_BY_HANDLE locking/lockdep: Fix lockdep_stats indentation problem mm/debug.c: always print flags in dump_page() mm/gup: allow FOLL_FORCE for get_user_pages_fast() mm/huge_memory.c: use head to check huge zero page mm, thp: fix defrag setting if newline is not used kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field kvm: nVMX: VMWRITE checks unsupported field before read-only field blktrace: Protect q->blk_trace with RCU Linux 5.4.24 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0b31557e16c72bd30d1e6938ed199918ff326d88 |
||
Janne Karhunen
|
e8807eb1e6 |
ima: ima/lsm policy rule loading logic bug fixes
commit 483ec26eed42bf050931d9a5c5f9f0b5f2ad5f3b upstream.
Keep the ima policy rules around from the beginning even if they appear
invalid at the time of loading, as they may become active after an lsm
policy load. However, loading a custom IMA policy with unknown LSM
labels is only safe after we have transitioned from the "built-in"
policy rules to a custom IMA policy.
Patch also fixes the rule re-use during the lsm policy reload and makes
some prints a bit more human readable.
Changelog:
v4:
- Do not allow the initial policy load refer to non-existing lsm rules.
v3:
- Fix too wide policy rule matching for non-initialized LSMs
v2:
- Fix log prints
Fixes:
|
||
Mark Salyzyn
|
3484eba91d |
FROMLIST: Add flags option to get xattr method paired to __vfs_getxattr
Add a flag option to get xattr method that could have a bit flag of XATTR_NOSECURITY passed to it. XATTR_NOSECURITY is generally then set in the __vfs_getxattr path when called by security infrastructure. This handles the case of a union filesystem driver that is being requested by the security layer to report back the xattr data. For the use case where access is to be blocked by the security layer. The path then could be security(dentry) -> __vfs_getxattr(dentry...XATTR_NOSECURITY) -> handler->get(dentry...XATTR_NOSECURITY) -> __vfs_getxattr(lower_dentry...XATTR_NOSECURITY) -> lower_handler->get(lower_dentry...XATTR_NOSECURITY) which would report back through the chain data and success as expected, the logging security layer at the top would have the data to determine the access permissions and report back the target context that was blocked. Without the get handler flag, the path on a union filesystem would be the errant security(dentry) -> __vfs_getxattr(dentry) -> handler->get(dentry) -> vfs_getxattr(lower_dentry) -> nested -> security(lower_dentry, log off) -> lower_handler->get(lower_dentry) which would report back through the chain no data, and -EACCES. For selinux for both cases, this would translate to a correctly determined blocked access. In the first case with this change a correct avc log would be reported, in the second legacy case an incorrect avc log would be reported against an uninitialized u:object_r:unlabeled:s0 context making the logs cosmetically useless for audit2allow. This patch series is inert and is the wide-spread addition of the flags option for xattr functions, and a replacement of __vfs_getxattr with __vfs_getxattr(...XATTR_NOSECURITY). Signed-off-by: Mark Salyzyn <salyzyn@android.com> Reviewed-by: Jan Kara <jack@suse.cz> Acked-by: Jan Kara <jack@suse.cz> Acked-by: Jeff Layton <jlayton@kernel.org> Acked-by: David Sterba <dsterba@suse.com> Acked-by: Darrick J. Wong <darrick.wong@oracle.com> Acked-by: Mike Marshall <hubcap@omnibond.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: linux-kernel@vger.kernel.org Cc: kernel-team@android.com Cc: linux-security-module@vger.kernel.org (cherry picked from (rejected from archive because of too many recipients)) Signed-off-by: Mark Salyzyn <salyzyn@google.com> Bug: 133515582 Bug: 136124883 Bug: 129319403 Change-Id: Iabbb8771939d5f66667a26bb23ddf4c562c349a1 |
||
Masahiro Yamada
|
7a8beb7ad5 |
integrity: remove pointless subdir-$(CONFIG_...)
The ima/ and evm/ sub-directories contain built-in objects, so obj-$(CONFIG_...) is the correct way to descend into them. subdir-$(CONFIG_...) is redundant. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> |
||
|
Masahiro Yamada
|
6b190d3ce0 |
integrity: remove unneeded, broken attempt to add -fshort-wchar
I guess commit |
||
Linus Torvalds
|
aefcf2f4b5 |
Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull kernel lockdown mode from James Morris:
"This is the latest iteration of the kernel lockdown patchset, from
Matthew Garrett, David Howells and others.
From the original description:
This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel.
When enabled, various pieces of kernel functionality are restricted.
Applications that rely on low-level access to either hardware or the
kernel may cease working as a result - therefore this should not be
enabled without appropriate evaluation beforehand.
The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.
There are two major changes since this was last proposed for mainline:
- Separating lockdown from EFI secure boot. Background discussion is
covered here: https://lwn.net/Articles/751061/
- Implementation as an LSM, with a default stackable lockdown LSM
module. This allows the lockdown feature to be policy-driven,
rather than encoding an implicit policy within the mechanism.
The new locked_down LSM hook is provided to allow LSMs to make a
policy decision around whether kernel functionality that would allow
tampering with or examining the runtime state of the kernel should be
permitted.
The included lockdown LSM provides an implementation with a simple
policy intended for general purpose use. This policy provides a coarse
level of granularity, controllable via the kernel command line:
lockdown={integrity|confidentiality}
Enable the kernel lockdown feature. If set to integrity, kernel features
that allow userland to modify the running kernel are disabled. If set to
confidentiality, kernel features that allow userland to extract
confidential information from the kernel are also disabled.
This may also be controlled via /sys/kernel/security/lockdown and
overriden by kernel configuration.
New or existing LSMs may implement finer-grained controls of the
lockdown features. Refer to the lockdown_reason documentation in
include/linux/security.h for details.
The lockdown feature has had signficant design feedback and review
across many subsystems. This code has been in linux-next for some
weeks, with a few fixes applied along the way.
Stephen Rothwell noted that commit
|
||
Gustavo A. R. Silva
|
2a7f0e53da |
ima: ima_api: Use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct ima_template_entry {
...
struct ima_field_data template_data[0]; /* template related data */
};
instance = kzalloc(sizeof(struct ima_template_entry) + count * sizeof(struct ima_field_data), GFP_NOFS);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_NOFS);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
|
Gustavo A. R. Silva
|
fa5b571753 |
ima: use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct foo {
int stuff;
struct boo entry[];
};
instance = kzalloc(sizeof(struct foo) + count * sizeof(struct boo), GFP_KERNEL);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_KERNEL);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
Thiago Jung Bauermann
|
556d971bda |
ima: Fix use after free in ima_read_modsig()
If we can't parse the PKCS7 in the appended modsig, we will free the modsig
structure and then access one of its members to determine the error value.
Fixes:
|
||
Matthew Garrett
|
29d3c1c8df |
kexec: Allow kexec_file() with appropriate IMA policy when locked down
Systems in lockdown mode should block the kexec of untrusted kernels. For x86 and ARM we can ensure that a kernel is trustworthy by validating a PE signature, but this isn't possible on other architectures. On those platforms we can use IMA digital signatures instead. Add a function to determine whether IMA has or will verify signatures for a given event type, and if so permit kexec_file() even if the kernel is otherwise locked down. This is restricted to cases where CONFIG_INTEGRITY_TRUSTED_KEYRING is set in order to prevent an attacker from loading additional keys at runtime. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: linux-integrity@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Jiri Bohac
|
99d5cadfde |
kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
This is a preparatory patch for kexec_file_load() lockdown. A locked down kernel needs to prevent unsigned kernel images from being loaded with kexec_file_load(). Currently, the only way to force the signature verification is compiling with KEXEC_VERIFY_SIG. This prevents loading usigned images even when the kernel is not locked down at runtime. This patch splits KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE. Analogous to the MODULE_SIG and MODULE_SIG_FORCE for modules, KEXEC_SIG turns on the signature verification but allows unsigned images to be loaded. KEXEC_SIG_FORCE disallows images without a valid signature. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Sascha Hauer
|
4ece3125f2 |
ima: fix freeing ongoing ahash_request
integrity_kernel_read() can fail in which case we forward to call ahash_request_free() on a currently running request. We have to wait for its completion before we can free the request. This was observed by interrupting a "find / -type f -xdev -print0 | xargs -0 cat 1>/dev/null" with ctrl-c on an IMA enabled filesystem. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Sascha Hauer
|
f5e1040196 |
ima: always return negative code for error
integrity_kernel_read() returns the number of bytes read. If this is a short read then this positive value is returned from ima_calc_file_hash_atfm(). Currently this is only indirectly called from ima_calc_file_hash() and this function only tests for the return value being zero or nonzero and also doesn't forward the return value. Nevertheless there's no point in returning a positive value as an error, so translate a short read into -EINVAL. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
e5092255bb |
ima: Store the measurement again when appraising a modsig
If the IMA template contains the "modsig" or "d-modsig" field, then the modsig should be added to the measurement list when the file is appraised. And that is what normally happens, but if a measurement rule caused a file containing a modsig to be measured before a different rule causes it to be appraised, the resulting measurement entry will not contain the modsig because it is only fetched during appraisal. When the appraisal rule triggers, it won't store a new measurement containing the modsig because the file was already measured. We need to detect that situation and store an additional measurement with the modsig. This is done by adding an IMA_MEASURE action flag if we read a modsig and the IMA template contains a modsig field. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
3878d505aa |
ima: Define ima-modsig template
Define new "d-modsig" template field which holds the digest that is expected to match the one contained in the modsig, and also new "modsig" template field which holds the appended file signature. Add a new "ima-modsig" defined template descriptor with the new fields as well as the ones from the "ima-sig" descriptor. Change ima_store_measurement() to accept a struct modsig * argument so that it can be passed along to the templates via struct ima_event_data. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
15588227e0 |
ima: Collect modsig
Obtain the modsig and calculate its corresponding hash in ima_collect_measurement(). Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
39b0709636 |
ima: Implement support for module-style appended signatures
Implement the appraise_type=imasig|modsig option, allowing IMA to read and verify modsig signatures. In case a file has both an xattr signature and an appended modsig, IMA will only use the appended signature if the key used by the xattr signature isn't present in the IMA or platform keyring. Because modsig verification needs to convert from an integrity keyring id to the keyring itself, add an integrity_keyring_from_id() function in digsig.c so that integrity_modsig_verify() can use it. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
a5fbeb615c |
ima: Factor xattr_verify() out of ima_appraise_measurement()
Verify xattr signature in a separate function so that the logic in ima_appraise_measurement() remains clear when it gains the ability to also verify an appended module signature. The code in the switch statement is unchanged except for having to dereference the status and cause variables (since they're now pointers), and fixing the style of a block comment to appease checkpatch. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
9044d627fd |
ima: Add modsig appraise_type option for module-style appended signatures
Introduce the modsig keyword to the IMA policy syntax to specify that a given hook should expect the file to have the IMA signature appended to it. Here is how it can be used in a rule: appraise func=KEXEC_KERNEL_CHECK appraise_type=imasig|modsig With this rule, IMA will accept either a signature stored in the extended attribute or an appended signature. For now, the rule above will behave exactly the same as if appraise_type=imasig was specified. The actual modsig implementation will be introduced separately. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
cf38fed1e1 |
integrity: Select CONFIG_KEYS instead of depending on it
This avoids a dependency cycle in soon-to-be-introduced CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT which in turn selects CONFIG_KEYS. Kconfig then complains that CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Mimi Zohar
|
b36f281f4a |
ima: initialize the "template" field with the default template
IMA policy rules are walked sequentially. Depending on the ordering of
the policy rules, the "template" field might be defined in one rule, but
will be replaced by subsequent, applicable rules, even if the rule does
not explicitly define the "template" field.
This patch initializes the "template" once and only replaces the
"template", when explicitly defined.
Fixes:
|
||
|
Linus Torvalds
|
028db3e290 |
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
This reverts merge |
||
|
Linus Torvalds
|
8b68150883 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar:
"Bug fixes, code clean up, and new features:
- IMA policy rules can be defined in terms of LSM labels, making the
IMA policy dependent on LSM policy label changes, in particular LSM
label deletions. The new environment, in which IMA-appraisal is
being used, frequently updates the LSM policy and permits LSM label
deletions.
- Prevent an mmap'ed shared file opened for write from also being
mmap'ed execute. In the long term, making this and other similar
changes at the VFS layer would be preferable.
- The IMA per policy rule template format support is needed for a
couple of new/proposed features (eg. kexec boot command line
measurement, appended signatures, and VFS provided file hashes).
- Other than the "boot-aggregate" record in the IMA measuremeent
list, all other measurements are of file data. Measuring and
storing the kexec boot command line in the IMA measurement list is
the first buffer based measurement included in the measurement
list"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
integrity: Introduce struct evm_xattr
ima: Update MAX_TEMPLATE_NAME_LEN to fit largest reasonable definition
KEXEC: Call ima_kexec_cmdline to measure the boot command line args
IMA: Define a new template field buf
IMA: Define a new hook to measure the kexec boot command line arguments
IMA: support for per policy rule template formats
integrity: Fix __integrity_init_keyring() section mismatch
ima: Use designated initializers for struct ima_event_data
ima: use the lsm policy update notifier
LSM: switch to blocking policy update notifiers
x86/ima: fix the Kconfig dependency for IMA_ARCH_POLICY
ima: Make arch_policy_entry static
ima: prevent a file already mmap'ed write to be mmap'ed execute
x86/ima: check EFI SetupMode too
|
||
|
Linus Torvalds
|
0f75ef6a9c |
Keyrings ACL
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRyyVvu3V2unywtrAQL3xQ//eifjlELkRAPm2EReWwwahdM+9QL/0bAy
e8eAzP9EaphQGUhpIzM9Y7Cx+a8XW2xACljY8hEFGyxXhDMoLa35oSoJOeay6vQt
QcgWnDYsET8Z7HOsFCP3ZQqlbbqfsB6CbIKtZoEkZ8ib7eXpYcy1qTydu7wqrl4A
AaJalAhlUKKUx9hkGGJTh2xvgmxgSJkxx3cNEWJQ2uGgY/ustBpqqT4iwFDsgA/q
fcYTQFfNQBsC8/SmvQgxJSc+reUdQdp0z1vd8qjpSdFFcTq1qOtK0qDdz1Bbyl24
hAxvNM1KKav83C8aF7oHhEwLrkD+XiYKixdEiCJJp+A2i+vy2v8JnfgtFTpTgLNK
5xu2VmaiWmee9SLCiDIBKE4Ghtkr8DQ/5cKFCwthT8GXgQUtdsdwAaT3bWdCNfRm
DqgU/AyyXhoHXrUM25tPeF3hZuDn2yy6b1TbKA9GCpu5TtznZIHju40Px/XMIpQH
8d6s/pg+u/SnkhjYWaTvTcvsQ2FB/vZY/UzAVyosnoMBkVfL4UtAHGbb8FBVj1nf
Dv5VjSjl4vFjgOr3jygEAeD2cJ7L6jyKbtC/jo4dnOmPrSRShIjvfSU04L3z7FZS
XFjMmGb2Jj8a7vAGFmsJdwmIXZ1uoTwX56DbpNL88eCgZWFPGKU7TisdIWAmJj8U
N9wholjHJgw=
=E3bF
-----END PGP SIGNATURE-----
Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull keyring ACL support from David Howells:
"This changes the permissions model used by keys and keyrings to be
based on an internal ACL by the following means:
- Replace the permissions mask internally with an ACL that contains a
list of ACEs, each with a specific subject with a permissions mask.
Potted default ACLs are available for new keys and keyrings.
ACE subjects can be macroised to indicate the UID and GID specified
on the key (which remain). Future commits will be able to add
additional subject types, such as specific UIDs or domain
tags/namespaces.
Also split a number of permissions to give finer control. Examples
include splitting the revocation permit from the change-attributes
permit, thereby allowing someone to be granted permission to revoke
a key without allowing them to change the owner; also the ability
to join a keyring is split from the ability to link to it, thereby
stopping a process accessing a keyring by joining it and thus
acquiring use of possessor permits.
- Provide a keyctl to allow the granting or denial of one or more
permits to a specific subject. Direct access to the ACL is not
granted, and the ACL cannot be viewed"
* tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Provide KEYCTL_GRANT_PERMISSION
keys: Replace uid/gid/perm permissions checking with an ACL
|
||
|
Linus Torvalds
|
c84ca912b0 |
Keyrings namespacing
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRU89Pu3V2unywtrAQIdBBAAmMBsrfv+LUN4Vru/D6KdUO4zdYGcNK6m
S56bcNfP6oIDEj6HrNNnzKkWIZpdZ61Odv1zle96+v4WZ/6rnLCTpcsdaFNTzaoO
YT2jk7jplss0ImrMv1DSoykGqO3f0ThMIpGCxHKZADGSu0HMbjSEh+zLPV4BaMtT
BVuF7P3eZtDRLdDtMtYcgvf5UlbdoBEY8w1FUjReQx8hKGxVopGmCo5vAeiY8W9S
ybFSZhPS5ka33ynVrLJH2dqDo5A8pDhY8I4bdlcxmNtRhnPCYZnuvTqeAzyUKKdI
YN9zJeDu1yHs9mi8dp45NPJiKy6xLzWmUwqH8AvR8MWEkrwzqbzNZCEHZ41j74hO
YZWI0JXi72cboszFvOwqJERvITKxrQQyVQLPRQE2vVbG0bIZPl8i7oslFVhitsl+
evWqHb4lXY91rI9cC6JIXR1OiUjp68zXPv7DAnxv08O+PGcioU1IeOvPivx8QSx4
5aUeCkYIIAti/GISzv7xvcYh8mfO76kBjZSB35fX+R9DkeQpxsHmmpWe+UCykzWn
EwhHQn86+VeBFP6RAXp8CgNCLbrwkEhjzXQl/70s1eYbwvK81VcpDAQ6+cjpf4Hb
QUmrUJ9iE0wCNl7oqvJZoJvWVGlArvPmzpkTJk3N070X2R0T7x1WCsMlPDMJGhQ2
fVHvA3QdgWs=
=Push
-----END PGP SIGNATURE-----
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull keyring namespacing from David Howells:
"These patches help make keys and keyrings more namespace aware.
Firstly some miscellaneous patches to make the process easier:
- Simplify key index_key handling so that the word-sized chunks
assoc_array requires don't have to be shifted about, making it
easier to add more bits into the key.
- Cache the hash value in the key so that we don't have to calculate
on every key we examine during a search (it involves a bunch of
multiplications).
- Allow keying_search() to search non-recursively.
Then the main patches:
- Make it so that keyring names are per-user_namespace from the point
of view of KEYCTL_JOIN_SESSION_KEYRING so that they're not
accessible cross-user_namespace.
keyctl_capabilities() shows KEYCTL_CAPS1_NS_KEYRING_NAME for this.
- Move the user and user-session keyrings to the user_namespace
rather than the user_struct. This prevents them propagating
directly across user_namespaces boundaries (ie. the KEY_SPEC_*
flags will only pick from the current user_namespace).
- Make it possible to include the target namespace in which the key
shall operate in the index_key. This will allow the possibility of
multiple keys with the same description, but different target
domains to be held in the same keyring.
keyctl_capabilities() shows KEYCTL_CAPS1_NS_KEY_TAG for this.
- Make it so that keys are implicitly invalidated by removal of a
domain tag, causing them to be garbage collected.
- Institute a network namespace domain tag that allows keys to be
differentiated by the network namespace in which they operate. New
keys that are of a type marked 'KEY_TYPE_NET_DOMAIN' are assigned
the network domain in force when they are created.
- Make it so that the desired network namespace can be handed down
into the request_key() mechanism. This allows AFS, NFS, etc. to
request keys specific to the network namespace of the superblock.
This also means that the keys in the DNS record cache are
thenceforth namespaced, provided network filesystems pass the
appropriate network namespace down into dns_query().
For DNS, AFS and NFS are good, whilst CIFS and Ceph are not. Other
cache keyrings, such as idmapper keyrings, also need to set the
domain tag - for which they need access to the network namespace of
the superblock"
* tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Pass the network namespace into request_key mechanism
keys: Network namespace domain tag
keys: Garbage collect keys for which the domain has been removed
keys: Include target namespace in match criteria
keys: Move the user and user-session keyrings to the user_namespace
keys: Namespace keyring names
keys: Add a 'recurse' flag for keyring searches
keys: Cache the hash value to avoid lots of recalculation
keys: Simplify key description management
|
||
|
Thiago Jung Bauermann
|
650b29dbdf |
integrity: Introduce struct evm_xattr
Even though struct evm_ima_xattr_data includes a fixed-size array to hold a SHA1 digest, most of the code ignores the array and uses the struct to mean "type indicator followed by data of unspecified size" and tracks the real size of what the struct represents in a separate length variable. The only exception to that is the EVM code, which correctly uses the definition of struct evm_ima_xattr_data. So make this explicit in the code by removing the length specification from the array in struct evm_ima_xattr_data. Also, change the name of the element from digest to data since in most places the array doesn't hold a digest. A separate struct evm_xattr is introduced, with the original definition of evm_ima_xattr_data to be used in the places that actually expect that definition, specifically the EVM HMAC code. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
337619eb44 |
ima: Update MAX_TEMPLATE_NAME_LEN to fit largest reasonable definition
MAX_TEMPLATE_NAME_LEN is used when restoring measurements carried over from a kexec. It should be set to the length of a template containing all fields except for 'd' and 'n', which don't need to be accounted for since they shouldn't be defined in the same template description as 'd-ng' and 'n-ng'. That length is greater than the current 15, so update using a sizeof() to show where the number comes from and also can be visually shown to be correct. The sizeof() is calculated at compile time. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
Prakhar Srivastava
|
86b4da8c0e |
IMA: Define a new template field buf
A buffer(kexec boot command line arguments) measured into IMA measuremnt list cannot be appraised, without already being aware of the buffer contents. Since hashes are non-reversible, raw buffer is needed for validation or regenerating hash for appraisal/attestation. Add support to store/read the buffer contents in HEX. The kexec cmdline hash is stored in the "d-ng" field of the template data. It can be verified using sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum - Add two new fields to ima_event_data to hold the buf and buf_len - Add a new template field 'buf' to be used to store/read the buffer data. - Updated process_buffer_meaurement to add the buffer to ima_event_data. process_buffer_measurement added in "Define a new IMA hook to measure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava <prsriva02@gmail.com> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: James Morris <jamorris@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
David Howells
|
2e12256b9a |
keys: Replace uid/gid/perm permissions checking with an ACL
Replace the uid/gid/perm permissions checking on a key with an ACL to allow
the SETATTR and SEARCH permissions to be split. This will also allow a
greater range of subjects to represented.
============
WHY DO THIS?
============
The problem is that SETATTR and SEARCH cover a slew of actions, not all of
which should be grouped together.
For SETATTR, this includes actions that are about controlling access to a
key:
(1) Changing a key's ownership.
(2) Changing a key's security information.
(3) Setting a keyring's restriction.
And actions that are about managing a key's lifetime:
(4) Setting an expiry time.
(5) Revoking a key.
and (proposed) managing a key as part of a cache:
(6) Invalidating a key.
Managing a key's lifetime doesn't really have anything to do with
controlling access to that key.
Expiry time is awkward since it's more about the lifetime of the content
and so, in some ways goes better with WRITE permission. It can, however,
be set unconditionally by a process with an appropriate authorisation token
for instantiating a key, and can also be set by the key type driver when a
key is instantiated, so lumping it with the access-controlling actions is
probably okay.
As for SEARCH permission, that currently covers:
(1) Finding keys in a keyring tree during a search.
(2) Permitting keyrings to be joined.
(3) Invalidation.
But these don't really belong together either, since these actions really
need to be controlled separately.
Finally, there are number of special cases to do with granting the
administrator special rights to invalidate or clear keys that I would like
to handle with the ACL rather than key flags and special checks.
===============
WHAT IS CHANGED
===============
The SETATTR permission is split to create two new permissions:
(1) SET_SECURITY - which allows the key's owner, group and ACL to be
changed and a restriction to be placed on a keyring.
(2) REVOKE - which allows a key to be revoked.
The SEARCH permission is split to create:
(1) SEARCH - which allows a keyring to be search and a key to be found.
(2) JOIN - which allows a keyring to be joined as a session keyring.
(3) INVAL - which allows a key to be invalidated.
The WRITE permission is also split to create:
(1) WRITE - which allows a key's content to be altered and links to be
added, removed and replaced in a keyring.
(2) CLEAR - which allows a keyring to be cleared completely. This is
split out to make it possible to give just this to an administrator.
(3) REVOKE - see above.
Keys acquire ACLs which consist of a series of ACEs, and all that apply are
unioned together. An ACE specifies a subject, such as:
(*) Possessor - permitted to anyone who 'possesses' a key
(*) Owner - permitted to the key owner
(*) Group - permitted to the key group
(*) Everyone - permitted to everyone
Note that 'Other' has been replaced with 'Everyone' on the assumption that
you wouldn't grant a permit to 'Other' that you wouldn't also grant to
everyone else.
Further subjects may be made available by later patches.
The ACE also specifies a permissions mask. The set of permissions is now:
VIEW Can view the key metadata
READ Can read the key content
WRITE Can update/modify the key content
SEARCH Can find the key by searching/requesting
LINK Can make a link to the key
SET_SECURITY Can change owner, ACL, expiry
INVAL Can invalidate
REVOKE Can revoke
JOIN Can join this keyring
CLEAR Can clear this keyring
The KEYCTL_SETPERM function is then deprecated.
The KEYCTL_SET_TIMEOUT function then is permitted if SET_SECURITY is set,
or if the caller has a valid instantiation auth token.
The KEYCTL_INVALIDATE function then requires INVAL.
The KEYCTL_REVOKE function then requires REVOKE.
The KEYCTL_JOIN_SESSION_KEYRING function then requires JOIN to join an
existing keyring.
The JOIN permission is enabled by default for session keyrings and manually
created keyrings only.
======================
BACKWARD COMPATIBILITY
======================
To maintain backward compatibility, KEYCTL_SETPERM will translate the
permissions mask it is given into a new ACL for a key - unless
KEYCTL_SET_ACL has been called on that key, in which case an error will be
returned.
It will convert possessor, owner, group and other permissions into separate
ACEs, if each portion of the mask is non-zero.
SETATTR permission turns on all of INVAL, REVOKE and SET_SECURITY. WRITE
permission turns on WRITE, REVOKE and, if a keyring, CLEAR. JOIN is turned
on if a keyring is being altered.
The KEYCTL_DESCRIBE function translates the ACL back into a permissions
mask to return depending on possessor, owner, group and everyone ACEs.
It will make the following mappings:
(1) INVAL, JOIN -> SEARCH
(2) SET_SECURITY -> SETATTR
(3) REVOKE -> WRITE if SETATTR isn't already set
(4) CLEAR -> WRITE
Note that the value subsequently returned by KEYCTL_DESCRIBE may not match
the value set with KEYCTL_SETATTR.
=======
TESTING
=======
This passes the keyutils testsuite for all but a couple of tests:
(1) tests/keyctl/dh_compute/badargs: The first wrong-key-type test now
returns EOPNOTSUPP rather than ENOKEY as READ permission isn't removed
if the type doesn't have ->read(). You still can't actually read the
key.
(2) tests/keyctl/permitting/valid: The view-other-permissions test doesn't
work as Other has been replaced with Everyone in the ACL.
Signed-off-by: David Howells <dhowells@redhat.com>
|
||
|
David Howells
|
dcf49dbc80 |
keys: Add a 'recurse' flag for keyring searches
Add a 'recurse' flag for keyring searches so that the flag can be omitted and recursion disabled, thereby allowing just the nominated keyring to be searched and none of the children. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
Prakhar Srivastava
|
b0935123a1 |
IMA: Define a new hook to measure the kexec boot command line arguments
Currently during soft reboot(kexec_file_load) boot command line arguments are not measured. Define hooks needed to measure kexec command line arguments during soft reboot(kexec_file_load). - A new ima hook ima_kexec_cmdline is defined to be called by the kexec code. - A new function process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement. Signed-off-by: Prakhar Srivastava <prsriva02@gmail.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Matthew Garrett
|
19453ce0bc |
IMA: support for per policy rule template formats
Admins may wish to log different measurements using different IMA templates. Add support for overriding the default template on a per-rule basis. Inspired-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
Geert Uytterhoeven
|
8c655784e2 |
integrity: Fix __integrity_init_keyring() section mismatch
With gcc-4.6.3:
WARNING: vmlinux.o(.text.unlikely+0x24c64): Section mismatch in reference from the function __integrity_init_keyring() to the function .init.text:set_platform_trusted_keys()
The function __integrity_init_keyring() references
the function __init set_platform_trusted_keys().
This is often because __integrity_init_keyring lacks a __init
annotation or the annotation of set_platform_trusted_keys is wrong.
Indeed, if the compiler decides not to inline __integrity_init_keyring(),
a warning is issued.
Fix this by adding the missing __init annotation.
Fixes:
|
||
|
Thiago Jung Bauermann
|
e038f5f691 |
ima: Use designated initializers for struct ima_event_data
Designated initializers allow specifying only the members of the struct that need initialization. Non-mentioned members are initialized to zero. This makes the code a bit clearer (particularly in ima_add_boot_aggregate) and also allows adding a new member to the struct without having to update all struct initializations. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Janne Karhunen
|
b169424551 |
ima: use the lsm policy update notifier
Don't do lazy policy updates while running the rule matching,
run the updates as they happen.
Depends on commit f242064c5df3 ("LSM: switch to blocking policy update notifiers")
Signed-off-by: Janne Karhunen <janne.karhunen@gmail.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
|
Nayna Jain
|
9e1e5d4372 |
x86/ima: fix the Kconfig dependency for IMA_ARCH_POLICY
If enabled, ima arch specific policies always adds the measurements rules,
this makes it dependent on CONFIG_IMA. CONFIG_IMA_APPRAISE implicitly takes
care of this, however it is needed explicitly for CONFIG_KEXEC_VERIFY_SIG.
This patch adds the CONFIG_IMA dependency in combination with
CONFIG_KEXEC_VERIFY_SIG for CONFIG_IMA_ARCH_POLICY
Fixes:
|
||
YueHaibing
|
68f2529078 |
ima: Make arch_policy_entry static
Fix sparse warning:
security/integrity/ima/ima_policy.c:202:23: warning:
symbol 'arch_policy_entry' was not declared. Should it be static?
Fixes:
|
||
Thomas Gleixner
|
b886d83c5b |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation version 2 of the license extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 315 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Armijn Hemel <armijn@tjaldur.nl> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190531190115.503150771@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Mimi Zohar
|
2cd4737bc8 |
ima: prevent a file already mmap'ed write to be mmap'ed execute
The kernel calls deny_write_access() to prevent a file already opened for write from being executed and also prevents files being executed from being opened for write. For some reason this does not extend to files being mmap'ed execute. From an IMA perspective, measuring/appraising the integrity of a file being mmap'ed shared execute, without first making sure the file cannot be modified, makes no sense. This patch prevents files, in policy, already mmap'ed shared write, from being mmap'ed execute. Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Linus Torvalds
|
d266b3f5ca |
Merge branch 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity subsystem fixes from Mimi Zohar: "Four bug fixes, none 5.2-specific, all marked for stable. The first two are related to the architecture specific IMA policy support. The other two patches, one is related to EVM signatures, based on additional hash algorithms, and the other is related to displaying the IMA policy" * 'next-fixes-for-5.2-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: show rules with IMA_INMASK correctly evm: check hash algorithm passed to init_desc() ima: fix wrong signed policy requirement when not appraising x86/ima: Check EFI_RUNTIME_SERVICES before using |
||
|
Thomas Gleixner
|
2874c5fd28 |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation either version 2 of the license or at your option any later version extracted by the scancode license scanner the SPDX license identifier GPL-2.0-or-later has been chosen to replace the boilerplate/reference in 3029 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Roberto Sassu
|
8cdc23a3d9 |
ima: show rules with IMA_INMASK correctly
Show the '^' character when a policy rule has flag IMA_INMASK.
Fixes:
|
||
|
Roberto Sassu
|
221be106d7 |
evm: check hash algorithm passed to init_desc()
This patch prevents memory access beyond the evm_tfm array by checking the
validity of the index (hash algorithm) passed to init_desc(). The hash
algorithm can be arbitrarily set if the security.ima xattr type is not
EVM_XATTR_HMAC.
Fixes:
|
||
|
Thomas Gleixner
|
ec8f24b7fa |
treewide: Add SPDX license identifier - Makefile/Kconfig
Add SPDX license identifiers to all Make/Kconfig files which: - Have no license information of any form These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Petr Vorel
|
f40019475b |
ima: fix wrong signed policy requirement when not appraising
Kernel booted just with ima_policy=tcb (not with
ima_policy=appraise_tcb) shouldn't require signed policy.
Regression found with LTP test ima_policy.sh.
Fixes:
|
||
|
Linus Torvalds
|
02aff8db64 |
audit/stable-5.2 PR 20190507
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAlzRrzoUHHBhdWxAcGF1
bC1tb29yZS5jb20ACgkQ6iDy2pc3iXNc7hAApgsi+3Jf9i29mgrKdrTciZ35TegK
C8pTlOIndpBcmdwDakR50/PgfMHdHll8M9TReVNEjbe0S+Ww5GTE7eWtL3YqoPC2
MuXEqcriz6UNi5Xma6vCZrDznWLXkXnzMDoDoYGDSoKuUYxef0fuqxDBnERM60Ht
s52+0XvR5ZseBw7I1KIv/ix2fXuCGq6eCdqassm0rvLPQ7bq6nWzFAlNXOLud303
DjIWu6Op2EL0+fJSmG+9Z76zFjyEbhMIhw5OPDeH4eO3pxX29AIv0m0JlI7ZXxfc
/VVC3r5G4WrsWxwKMstOokbmsQxZ5pB3ZaceYpco7U+9N2e3SlpsNM9TV+Y/0ac/
ynhYa//GK195LpMXx1BmWmLpjBHNgL8MvQkVTIpDia0GT+5sX7+haDxNLGYbocmw
A/mR+KM2jAU3QzNseGh6c659j3K4tbMIFMNxt7pUBxVPLafcccNngFGTpzCwu5GU
b7y4d21g6g/3Irj14NYU/qS8dTjW0rYrCMDquTpxmMfZ2xYuSvQmnBw91NQzVBp2
98L2/fsUG3yOa5MApgv+ryJySsIM+SW+7leKS5tjy/IJINzyPEZ85l3o8ck8X4eT
nohpKc/ELmeyi3omFYq18ecvFf2YRS5jRnz89i9q65/3ESgGiC0wyGOhNTvjvsyv
k4jT0slIK614aGk=
=p8Fp
-----END PGP SIGNATURE-----
Merge tag 'audit-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
Pull audit updates from Paul Moore:
"We've got a reasonably broad set of audit patches for the v5.2 merge
window, the highlights are below:
- The biggest change, and the source of all the arch/* changes, is
the patchset from Dmitry to help enable some of the work he is
doing around PTRACE_GET_SYSCALL_INFO.
To be honest, including this in the audit tree is a bit of a
stretch, but it does help move audit a little further along towards
proper syscall auditing for all arches, and everyone else seemed to
agree that audit was a "good" spot for this to land (or maybe they
just didn't want to merge it? dunno.).
- We can now audit time/NTP adjustments.
- We continue the work to connect associated audit records into a
single event"
* tag 'audit-pr-20190507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: (21 commits)
audit: fix a memory leak bug
ntp: Audit NTP parameters adjustment
timekeeping: Audit clock adjustments
audit: purge unnecessary list_empty calls
audit: link integrity evm_write_xattrs record to syscall event
syscall_get_arch: add "struct task_struct *" argument
unicore32: define syscall_get_arch()
Move EM_UNICORE to uapi/linux/elf-em.h
nios2: define syscall_get_arch()
nds32: define syscall_get_arch()
Move EM_NDS32 to uapi/linux/elf-em.h
m68k: define syscall_get_arch()
hexagon: define syscall_get_arch()
Move EM_HEXAGON to uapi/linux/elf-em.h
h8300: define syscall_get_arch()
c6x: define syscall_get_arch()
arc: define syscall_get_arch()
Move EM_ARCOMPACT and EM_ARCV2 to uapi/linux/elf-em.h
audit: Make audit_log_cap and audit_copy_inode static
audit: connect LOGIN record to its syscall record
...
|
||
|
Linus Torvalds
|
81ff5d2cba |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto update from Herbert Xu: "API: - Add support for AEAD in simd - Add fuzz testing to testmgr - Add panic_on_fail module parameter to testmgr - Use per-CPU struct instead multiple variables in scompress - Change verify API for akcipher Algorithms: - Convert x86 AEAD algorithms over to simd - Forbid 2-key 3DES in FIPS mode - Add EC-RDSA (GOST 34.10) algorithm Drivers: - Set output IV with ctr-aes in crypto4xx - Set output IV in rockchip - Fix potential length overflow with hashing in sun4i-ss - Fix computation error with ctr in vmx - Add SM4 protected keys support in ccree - Remove long-broken mxc-scc driver - Add rfc4106(gcm(aes)) cipher support in cavium/nitrox" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (179 commits) crypto: ccree - use a proper le32 type for le32 val crypto: ccree - remove set but not used variable 'du_size' crypto: ccree - Make cc_sec_disable static crypto: ccree - fix spelling mistake "protedcted" -> "protected" crypto: caam/qi2 - generate hash keys in-place crypto: caam/qi2 - fix DMA mapping of stack memory crypto: caam/qi2 - fix zero-length buffer DMA mapping crypto: stm32/cryp - update to return iv_out crypto: stm32/cryp - remove request mutex protection crypto: stm32/cryp - add weak key check for DES crypto: atmel - remove set but not used variable 'alg_name' crypto: picoxcell - Use dev_get_drvdata() crypto: crypto4xx - get rid of redundant using_sd variable crypto: crypto4xx - use sync skcipher for fallback crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues crypto: crypto4xx - fix ctr-aes missing output IV crypto: ecrdsa - select ASN1 and OID_REGISTRY for EC-RDSA crypto: ux500 - use ccflags-y instead of CFLAGS_<basename>.o crypto: ccree - handle tee fips error during power management resume crypto: ccree - add function to handle cryptocell tee fips error ... |
||
Martin Schwidefsky
|
9641b8cc73 |
s390/ipl: read IPL report at early boot
Read the IPL Report block provided by secure-boot, add the entries of the certificate list to the system key ring and print the list of components. PR: Adjust to Vasilys bootdata_preserved patch set. Preserve ipl_cert_list for later use in kexec_file. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Philipp Rudo <prudo@linux.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> |
||
Eric Biggers
|
877b5691f2 |
crypto: shash - remove shash_desc::flags
The flags field in 'struct shash_desc' never actually does anything. The only ostensibly supported flag is CRYPTO_TFM_REQ_MAY_SLEEP. However, no shash algorithm ever sleeps, making this flag a no-op. With this being the case, inevitably some users who can't sleep wrongly pass MAY_SLEEP. These would all need to be fixed if any shash algorithm actually started sleeping. For example, the shash_ahash_*() functions, which wrap a shash algorithm with the ahash API, pass through MAY_SLEEP from the ahash API to the shash API. However, the shash functions are called under kmap_atomic(), so actually they're assumed to never sleep. Even if it turns out that some users do need preemption points while hashing large buffers, we could easily provide a helper function crypto_shash_update_large() which divides the data into smaller chunks and calls crypto_shash_update() and cond_resched() for each chunk. It's not necessary to have a flag in 'struct shash_desc', nor is it necessary to make individual shash algorithms aware of this at all. Therefore, remove shash_desc::flags, and document that the crypto_shash_*() functions can be called from any context. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
Vitaly Chikunov
|
be08f0c681 |
integrity: support EC-RDSA signatures for asymmetric_verify
Allow to use EC-RDSA signatures for IMA by determining signature type by the hash algorithm name. This works good for EC-RDSA since Streebog and EC-RDSA should always be used together. Cc: Mimi Zohar <zohar@linux.ibm.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: linux-integrity@vger.kernel.org Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
Richard Guy Briggs
|
a1aa08a01f |
audit: link integrity evm_write_xattrs record to syscall event
In commit
|
||
|
Linus Torvalds
|
5af7f11588 |
Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull tpm updates from James Morris:
- Clean up the transmission flow
Cleaned up the whole transmission flow. Locking of the chip is now
done in the level of tpm_try_get_ops() and tpm_put_ops() instead
taking the chip lock inside tpm_transmit(). The nested calls inside
tpm_transmit(), used with the resource manager, have been refactored
out.
Should make easier to perform more complex transactions with the TPM
without making the subsystem a bigger mess (e.g. encrypted channel
patches by James Bottomley).
- PPI 1.3 support
TPM PPI 1.3 introduces an additional optional command parameter that
may be needed for some commands. Display the parameter if the command
requires such a parameter. Only command 23 (SetPCRBanks) needs one.
The PPI request file will show output like this then:
# echo "23 16" > request
# cat request
23 16
# echo "5" > request
# cat request
5
- Extend all PCR banks in IMA
Instead of static PCR banks array, the array of available PCR banks
is now allocated dynamically. The digests sizes are determined
dynamically using a probe PCR read without relying crypto's static
list of hash algorithms.
This should finally make sealing of measurements in IMA safe and
secure.
- TPM 2.0 selftests
Added a test suite to tools/testing/selftests/tpm2 previously outside
of the kernel tree: https://github.com/jsakkine-intel/tpm2-scripts
* 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (37 commits)
tpm/ppi: Enable submission of optional command parameter for PPI 1.3
tpm/ppi: Possibly show command parameter if TPM PPI 1.3 is used
tpm/ppi: Display up to 101 operations as define for version 1.3
tpm/ppi: rename TPM_PPI_REVISION_ID to TPM_PPI_REVISION_ID_1
tpm/ppi: pass function revision ID to tpm_eval_dsm()
tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()
KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
tpm: move tpm_chip definition to include/linux/tpm.h
tpm: retrieve digest size of unknown algorithms with PCR read
tpm: rename and export tpm2_digest and tpm2_algorithms
tpm: dynamically allocate the allocated_banks array
tpm: remove @flags from tpm_transmit()
tpm: take TPM chip power gating out of tpm_transmit()
tpm: introduce tpm_chip_start() and tpm_chip_stop()
tpm: remove TPM_TRANSMIT_UNLOCKED flag
tpm: use tpm_try_get_ops() in tpm-sysfs.c.
tpm: remove @space from tpm_transmit()
tpm: move TPM space code out of tpm_transmit()
tpm: move tpm_validate_commmand() to tpm2-space.c
tpm: clean up tpm_try_transmit() error handling flow
...
|
||
|
Linus Torvalds
|
c3665a6be5 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull integrity updates from James Morris:
"Mimi Zohar says:
'Linux 5.0 introduced the platform keyring to allow verifying the IMA
kexec kernel image signature using the pre-boot keys. This pull
request similarly makes keys on the platform keyring accessible for
verifying the PE kernel image signature.
Also included in this pull request is a new IMA hook that tags tmp
files, in policy, indicating the file hash needs to be calculated.
The remaining patches are cleanup'"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
evm: Use defined constant for UUID representation
ima: define ima_post_create_tmpfile() hook and add missing call
evm: remove set but not used variable 'xattr'
encrypted-keys: fix Opt_err/Opt_error = -1
kexec, KEYS: Make use of platform keyring for signature verify
integrity, KEYS: add a reference to platform keyring
|
||
|
Linus Torvalds
|
be37f21a08 |
audit/stable-5.1 PR 20190305
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAlx+8ZgUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXOlDhAAiGlirQ9syyG2fYzaARZZ2QoU/GGD PSAeiNmP3jvJzXArCvugRCw+YSNDdQOBM3SrLQC+cM0MAIDRYXN0NdcrsbTchlMA 51Fx1egZ9Fyj+Ehgida3muh2lRUy7DQwMCL6tAVqwz7vYkSTGDUf+MlYqOqXDka5 74pEExOS3Jdi7560BsE8b6QoW9JIJqEJnirXGkG9o2qC0oFHCR6PKxIyQ7TJrLR1 F23aFTqLTH1nbPUQjnox2PTf13iQVh4j2gwzd+9c9KBfxoGSge3dmxId7BJHy2aG M27fPdCYTNZAGWpPVujsCPAh1WPQ9NQqg3mA9+g14PEbiLqPcqU+kWmnDU7T7bEw Qx0kt6Y8GiknwCqq8pDbKYclgRmOjSGdfutzd0z8uDpbaeunS4/NqnDb/FUaDVcr jA4d6ep7qEgHpYbL8KgOeZCexfaTfz6mcwRWNq3Uu9cLZbZqSSQ7PXolMADHvoRs LS7VH2jcP7q4p4GWmdfjv67xyUUo9HG5HHX74h5pLfQSYXiBWo4ht0UOAzX/6EcE CJNHAFHv+OanI5Rg/6JQ8b3/bJYxzAJVyLZpCuMtlKk6lYBGNeADk9BezEDIYsm8 tSe4/GqqyR9+Qz8rSdpAZ0KKkfqS535IcHUPUJau7Bzg1xqSEP5gzZN6QsjdXg0+ 5wFFfdFICTfJFXo= =57/1 -----END PGP SIGNATURE----- Merge tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit Pull audit updates from Paul Moore: "A lucky 13 audit patches for v5.1. Despite the rather large diffstat, most of the changes are from two bug fix patches that move code from one Kconfig option to another. Beyond that bit of churn, the remaining changes are largely cleanups and bug-fixes as we slowly march towards container auditing. It isn't all boring though, we do have a couple of new things: file capabilities v3 support, and expanded support for filtering on filesystems to solve problems with remote filesystems. All changes pass the audit-testsuite. Please merge for v5.1" * tag 'audit-pr-20190305' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit: mark expected switch fall-through audit: hide auditsc_get_stamp and audit_serial prototypes audit: join tty records to their syscall audit: remove audit_context when CONFIG_ AUDIT and not AUDITSYSCALL audit: remove unused actx param from audit_rule_match audit: ignore fcaps on umount audit: clean up AUDITSYSCALL prototypes and stubs audit: more filter PATH records keyed on filesystem magic audit: add support for fcaps v3 audit: move loginuid and sessionid from CONFIG_AUDITSYSCALL to CONFIG_AUDIT audit: add syscall information to CONFIG_CHANGE records audit: hand taken context to audit_kill_trees for syscall logging audit: give a clue what CONFIG_CHANGE op was involved |
||
|
Linus Torvalds
|
ae5906ceee |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: - Extend LSM stacking to allow sharing of cred, file, ipc, inode, and task blobs. This paves the way for more full-featured LSMs to be merged, and is specifically aimed at LandLock and SARA LSMs. This work is from Casey and Kees. - There's a new LSM from Micah Morton: "SafeSetID gates the setid family of syscalls to restrict UID/GID transitions from a given UID/GID to only those approved by a system-wide whitelist." This feature is currently shipping in ChromeOS. * 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (62 commits) keys: fix missing __user in KEYCTL_PKEY_QUERY LSM: Update list of SECURITYFS users in Kconfig LSM: Ignore "security=" when "lsm=" is specified LSM: Update function documentation for cap_capable security: mark expected switch fall-throughs and add a missing break tomoyo: Bump version. LSM: fix return value check in safesetid_init_securityfs() LSM: SafeSetID: add selftest LSM: SafeSetID: remove unused include LSM: SafeSetID: 'depend' on CONFIG_SECURITY LSM: Add 'name' field for SafeSetID in DEFINE_LSM LSM: add SafeSetID module that gates setid calls LSM: add SafeSetID module that gates setid calls tomoyo: Allow multiple use_group lines. tomoyo: Coding style fix. tomoyo: Swicth from cred->security to task_struct->security. security: keys: annotate implicit fall throughs security: keys: annotate implicit fall throughs security: keys: annotate implicit fall through capabilities:: annotate implicit fall through ... |
||
|
Linus Torvalds
|
736706bee3 |
get rid of legacy 'get_ds()' function
Every in-kernel use of this function defined it to KERNEL_DS (either as an actual define, or as an inline function). It's an entirely historical artifact, and long long long ago used to actually read the segment selector valueof '%ds' on x86. Which in the kernel is always KERNEL_DS. Inspired by a patch from Jann Horn that just did this for a very small subset of users (the ones in fs/), along with Al who suggested a script. I then just took it to the logical extreme and removed all the remaining gunk. Roughly scripted with git grep -l '(get_ds())' -- :^tools/ | xargs sed -i 's/(get_ds())/(KERNEL_DS)/' git grep -lw 'get_ds' -- :^tools/ | xargs sed -i '/^#define get_ds()/d' plus manual fixups to remove a few unusual usage patterns, the couple of inline function cases and to fix up a comment that had become stale. The 'get_ds()' function remains in an x86 kvm selftest, since in user space it actually does something relevant. Inspired-by: Jann Horn <jannh@google.com> Inspired-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Gustavo A. R. Silva
|
09186e5034 |
security: mark expected switch fall-throughs and add a missing break
In preparation to enabling -Wimplicit-fallthrough, mark switch cases where we are expecting to fall through. This patch fixes the following warnings: security/integrity/ima/ima_template_lib.c:85:10: warning: this statement may fall through [-Wimplicit-fallthrough=] security/integrity/ima/ima_policy.c:940:18: warning: this statement may fall through [-Wimplicit-fallthrough=] security/integrity/ima/ima_policy.c:943:7: warning: this statement may fall through [-Wimplicit-fallthrough=] security/integrity/ima/ima_policy.c:972:21: warning: this statement may fall through [-Wimplicit-fallthrough=] security/integrity/ima/ima_policy.c:974:7: warning: this statement may fall through [-Wimplicit-fallthrough=] security/smack/smack_lsm.c:3391:9: warning: this statement may fall through [-Wimplicit-fallthrough=] security/apparmor/domain.c:569:6: warning: this statement may fall through [-Wimplicit-fallthrough=] Warning level 3 was used: -Wimplicit-fallthrough=3 Also, add a missing break statement to fix the following warning: security/integrity/ima/ima_appraise.c:116:26: warning: this statement may fall through [-Wimplicit-fallthrough=] Acked-by: John Johansen <john.johansen@canonical.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: James Morris <james.morris@microsoft.com> |
||
|
Roberto Sassu
|
0b6cf6b97b |
tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()
Currently, tpm_pcr_extend() accepts as an input only a SHA1 digest. This patch replaces the hash parameter of tpm_pcr_extend() with an array of tpm_digest structures, so that the caller can provide a digest for each PCR bank currently allocated in the TPM. tpm_pcr_extend() will not extend banks for which no digest was provided, as it happened before this patch, but instead it requires that callers provide the full set of digests. Since the number of digests will always be chip->nr_allocated_banks, the count parameter has been removed. Due to the API change, ima_pcr_extend() and pcrlock() have been modified. Since the number of allocated banks is not known in advance, the memory for the digests must be dynamically allocated. To avoid performance degradation and to avoid that a PCR extend is not done due to lack of memory, the array of tpm_digest structures is allocated by the users of the TPM driver at initialization time. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Mimi Zohar <zohar@linux.ibm.com> (on x86 for TPM 1.2 & PTT TPM 2.0) Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
||
|
Roberto Sassu
|
879b589210 |
tpm: retrieve digest size of unknown algorithms with PCR read
Currently, the TPM driver retrieves the digest size from a table mapping TPM algorithms identifiers to identifiers defined by the crypto subsystem. If the algorithm is not defined by the latter, the digest size can be retrieved from the output of the PCR read command. The patch modifies the definition of tpm_pcr_read() and tpm2_pcr_read() to pass the desired hash algorithm and obtain the digest size at TPM startup. Algorithms and corresponding digest sizes are stored in the new structure tpm_bank_info, member of tpm_chip, so that the information can be used by other kernel subsystems. tpm_bank_info contains: the TPM algorithm identifier, necessary to generate the event log as defined by Trusted Computing Group (TCG); the digest size, to pad/truncate a digest calculated with a different algorithm; the crypto subsystem identifier, to calculate the digest of event data. This patch also protects against data corruption that could happen in the bus, by checking that the digest size returned by the TPM during a PCR read matches the size of the algorithm passed to tpm2_pcr_read(). For the initial PCR read, when digest sizes are not yet available, this patch ensures that the amount of data copied from the output returned by the TPM does not exceed the size of the array data are copied to. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |