android11-5.4
4640 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Nayna Jain
|
06ab9df09e |
x86/efi: move common keyring handler functions to new file
[ Upstream commit ad723674d6758478829ee766e3f1a2a24d56236f ] The handlers to add the keys to the .platform keyring and blacklisted hashes to the .blacklist keyring is common for both the uefi and powerpc mechanisms of loading the keys/hashes from the firmware. This patch moves the common code from load_uefi.c to keyring_handler.c Signed-off-by: Nayna Jain <nayna@linux.ibm.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1573441836-3632-4-git-send-email-nayna@linux.ibm.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Bram Bonné
|
6f8540b744 |
ANDROID: selinux: modify RTM_GETNEIGH{TBL}
Map the permission gating RTM_GETNEIGH/RTM_GETNEIGHTBL messages to a
new permission so that it can be distinguished from the other netlink
route permissions in selinux policy. The new permission is triggered by
a flag set in system images T and up.
This change is intended to be backported to all kernels that a T system
image can run on top of.
Bug: 171572148
Test: atest NetworkInterfaceTest
Test: atest CtsSelinuxTargetSdkCurrentTestCases
Test: atest bionic-unit-tests-static
Test: On Cuttlefish, run combinations of:
- Policy bit set or omitted (see https://r.android.com/1701847)
- This patch applied or omitted
- App having nlmsg_readneigh permission or not
Verify that only the combination of this patch + the policy bit being
set + the app not having the nlmsg_readneigh permission prevents the
app from sending RTM_GETNEIGH messages.
Change-Id: I4bcfce4decb34ea9388eeedfc4be67403de8a980
Signed-off-by: Bram Bonné <brambonne@google.com>
(cherry picked from commit fac07550bdac9adea0dbe3edbdbec7a9a690a178)
|
||
Greg Kroah-Hartman
|
8063cb860d |
This is the 5.4.118 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmCacuMACgkQONu9yGCS
aT7jXQ/+N95y28rkW+9aG33bMKwodiGO3pax1ZT59SwVICDQQQhK6zXmsVtWP3hv
oaDqbfN+ap/Ms0dARSxhq4NxtGc1RX8Jv+0XJ0nJ10JkJqAizNwglhtfA4NDAeB1
w0M4b6vYYpotjReo86ZB8SC870eKUIocJKiayksIvgOTJewvq+4qDqn3h6VKdV3s
p9Gxjz/8l2koGfUix+lPvPRx2c7juw49Nje0fWQzfHYUwtOYn8s7e6NZxtIJtYtq
F80lqdXjGAXkUCf1omW+6TifSUPfmx1aPgOPBiP8WBlNwJ8hvsq6s+2MGdC+0PkZ
4UPTllSe/Q2g1xbO67yFHNYFYE4PKojZ8NKvJXcp5nvBDNpbiefaRROM7PbkQQmm
p1Bayy39Hlsmxb6/d/9HOANOZZeCaF1PchaLviwfkrq64U/Yg2csFHl/uX71fJoT
RchzeLRWPCqN91Bm5tgUeBGibqNsfkZNzfbiOEGN7MzZNsU3BZm0KbKpqnXzSvgG
6guZD1m4cjmyT7BzRsSremecIn9n8TmxT/lutAGtUi8TWodWBc3kvtxe3/xBILQ1
MOWhBIhO9/2HAjJ+h/GIFGOrwhGtFmA5x1gGXOSE+Kkxx1jUiPE9zvPFQrgYrdAQ
yL25fPyfNO5MTUC2rEF7s0hW5dWbcL7H8r8ZbXSh2oaUokn+a00=
=FHFi
-----END PGP SIGNATURE-----
Merge 5.4.118 into android11-5.4-lts
Changes in 5.4.118
s390/disassembler: increase ebpf disasm buffer size
ACPI: custom_method: fix potential use-after-free issue
ACPI: custom_method: fix a possible memory leak
ftrace: Handle commands when closing set_ftrace_filter file
ARM: 9056/1: decompressor: fix BSS size calculation for LLVM ld.lld
arm64: dts: marvell: armada-37xx: add syscon compatible to NB clk node
arm64: dts: mt8173: fix property typo of 'phys' in dsi node
ecryptfs: fix kernel panic with null dev_name
mtd: spinand: core: add missing MODULE_DEVICE_TABLE()
mtd: rawnand: atmel: Update ecc_stats.corrected counter
erofs: add unsupported inode i_format check
spi: spi-ti-qspi: Free DMA resources
scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
scsi: mpt3sas: Block PCI config access from userspace during reset
mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
mmc: uniphier-sd: Fix a resource leak in the remove function
mmc: sdhci: Check for reset prior to DMA address unmap
mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based controllers
mmc: block: Update ext_csd.cache_ctrl if it was written
mmc: block: Issue a cache flush only when it's enabled
mmc: core: Do a power cycle when the CMD11 fails
mmc: core: Set read only for SD cards with permanent write protect bit
mmc: core: Fix hanging on I/O during system suspend for removable cards
modules: mark ref_module static
modules: mark find_symbol static
modules: mark each_symbol_section static
modules: unexport __module_text_address
modules: unexport __module_address
modules: rename the licence field in struct symsearch to license
modules: return licensing information from find_symbol
modules: inherit TAINT_PROPRIETARY_MODULE
irqchip/gic-v3: Do not enable irqs when handling spurious interrups
cifs: Return correct error code from smb2_get_enc_key
btrfs: fix metadata extent leak after failure to create subvolume
intel_th: pci: Add Rocket Lake CPU support
posix-timers: Preserve return value in clock_adjtime32()
fbdev: zero-fill colormap in fbcmap.c
bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first
staging: wimax/i2400m: fix byte-order issue
spi: ath79: always call chipselect function
spi: ath79: remove spi-master setup and cleanup assignment
crypto: api - check for ERR pointers in crypto_destroy_tfm()
crypto: qat - fix unmap invalid dma address
usb: gadget: uvc: add bInterval checking for HS mode
usb: webcam: Invalid size of Processing Unit Descriptor
genirq/matrix: Prevent allocation counter corruption
usb: gadget: f_uac2: validate input parameters
usb: gadget: f_uac1: validate input parameters
usb: dwc3: gadget: Ignore EP queue requests during bus reset
usb: xhci: Fix port minor revision
PCI: PM: Do not read power state in pci_enable_device_flags()
x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS)
tee: optee: do not check memref size on return from Secure World
perf/arm_pmu_platform: Fix error handling
usb: xhci-mtk: support quirk to disable usb2 lpm
xhci: check control context is valid before dereferencing it.
xhci: fix potential array out of bounds with several interrupters
spi: dln2: Fix reference leak to master
spi: omap-100k: Fix reference leak to master
spi: qup: fix PM reference leak in spi_qup_remove()
usb: musb: fix PM reference leak in musb_irq_work()
usb: core: hub: Fix PM reference leak in usb_port_resume()
tty: n_gsm: check error while registering tty devices
intel_th: Consistency and off-by-one fix
phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove()
crypto: stm32/hash - Fix PM reference leak on stm32-hash.c
crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c
crypto: omap-aes - Fix PM reference leak on omap-aes.c
platform/x86: intel_pmc_core: Don't use global pmcdev in quirks
btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s
drm: Added orientation quirk for OneGX1 Pro
drm/qxl: release shadow on shutdown
drm/amd/display: Check for DSC support instead of ASIC revision
drm/amd/display: Don't optimize bandwidth before disabling planes
scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
scsi: lpfc: Fix pt2pt connection does not recover after LOGO
scsi: target: pscsi: Fix warning in pscsi_complete_cmd()
media: ite-cir: check for receive overflow
media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
power: supply: bq27xxx: fix power_avg for newer ICs
extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged
extcon: arizona: Fix various races on driver unbind
media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
media: gspca/sq905.c: fix uninitialized variable
power: supply: Use IRQF_ONESHOT
drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
drm/amdkfd: Fix UBSAN shift-out-of-bounds warning
drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
drm/amd/display: Fix UBSAN warning for not a valid value for type '_Bool'
drm/amd/display: fix dml prefetch validation
scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
drm/vkms: fix misuse of WARN_ON
scsi: qla2xxx: Fix use after free in bsg
mmc: sdhci-pci: Add PCI IDs for Intel LKF
ata: ahci: Disable SXS for Hisilicon Kunpeng920
scsi: smartpqi: Correct request leakage during reset operations
scsi: smartpqi: Add new PCI IDs
scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg()
media: em28xx: fix memory leak
media: vivid: update EDID
clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
power: supply: generic-adc-battery: fix possible use-after-free in gab_remove()
power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove()
media: tc358743: fix possible use-after-free in tc358743_remove()
media: adv7604: fix possible use-after-free in adv76xx_remove()
media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove()
media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
media: platform: sti: Fix runtime PM imbalance in regs_show
media: dvb-usb: fix memory leak in dvb_usb_adapter_init
media: gscpa/stv06xx: fix memory leak
sched/fair: Ignore percpu threads for imbalance pulls
drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal
drm/msm/mdp5: Do not multiply vclk line count by 100
drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
amdgpu: avoid incorrect %hu format string
drm/amdgpu: fix NULL pointer dereference
scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response
scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
mfd: arizona: Fix rumtime PM imbalance on error
scsi: libfc: Fix a format specifier
s390/archrandom: add parameter check for s390_arch_random_generate
ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
ALSA: hda/conexant: Re-order CX5066 quirk table entries
ALSA: sb: Fix two use after free in snd_sb_qsound_build
ALSA: usb-audio: Explicitly set up the clock selector
ALSA: usb-audio: More constifications
ALSA: usb-audio: Add dB range mapping for Sennheiser Communications Headset PC 8
ALSA: hda/realtek: GA503 use same quirks as GA401
ALSA: hda/realtek: fix mic boost on Intel NUC 8
ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops
ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx
btrfs: fix race when picking most recent mod log operation for an old root
arm64/vdso: Discard .note.gnu.property sections in vDSO
Makefile: Move -Wno-unused-but-set-variable out of GCC only block
virtiofs: fix memory leak in virtio_fs_probe()
ubifs: Only check replay with inode type to judge if inode linked
f2fs: fix to avoid out-of-bounds memory access
mlxsw: spectrum_mr: Update egress RIF list before route's action
openvswitch: fix stack OOB read while fragmenting IPv4 packets
ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
NFS: Don't discard pNFS layout segments that are marked for return
NFSv4: Don't discard segments marked for return in _pnfs_return_layout()
Input: ili210x - add missing negation for touch indication on ili210x
jffs2: Fix kasan slab-out-of-bounds problem
powerpc/eeh: Fix EEH handling for hugepages in ioremap space.
powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h
intel_th: pci: Add Alder Lake-M support
tpm: efi: Use local variable for calculating final log size
tpm: vtpm_proxy: Avoid reading host log when using a virtual device
crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
md/raid1: properly indicate failure when ending a failed write request
dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences
fuse: fix write deadlock
security: commoncap: fix -Wstringop-overread warning
Fix misc new gcc warnings
jffs2: check the validity of dstlen in jffs2_zlib_compress()
Revert
|
||
Arnd Bergmann
|
8aa7285682 |
security: commoncap: fix -Wstringop-overread warning
commit 82e5d8cc768b0c7b03c551a9ab1f8f3f68d5f83f upstream.
gcc-11 introdces a harmless warning for cap_inode_getsecurity:
security/commoncap.c: In function ‘cap_inode_getsecurity’:
security/commoncap.c:440:33: error: ‘memcpy’ reading 16 bytes from a region of size 0 [-Werror=stringop-overread]
440 | memcpy(&nscap->data, &cap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The problem here is that tmpbuf is initialized to NULL, so gcc assumes
it is not accessible unless it gets set by vfs_getxattr_alloc(). This is
a legitimate warning as far as I can tell, but the code is correct since
it correctly handles the error when that function fails.
Add a separate NULL check to tell gcc about it as well.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: James Morris <jamorris@linux.microsoft.com>
Cc: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Srinivasarao P
|
b403cd66bd |
Merge android11-5.4.86+ (75c93eb) into msm-5.4
* refs/heads/tmp-75c93eb: Revert one chunk from |
||
|
Greg Kroah-Hartman
|
0c438f72d3 |
This is the 5.4.109 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBjGy8ACgkQONu9yGCS aT6P4Q//RUTmWKIEvODK9Hyac0qfvd1CsIgebVR/1hkadYO8OVssIVjSZoyHvfgg B2rsjrY1+ywwPl+IYFe4V29SIEuy+YWNo7rjavAPP7W1ybYzhaUXog7KSapho8cy hqTlLyWq/TeSehdomz2Luv5vM794RgEV4NjgxnBsncfjUchx5smGQH80xbKRbWFB QNq2h1coPbABv3dj1cBb1v2jiCc58QD8rfJuguaHjAiGem2HaMat2iWYo8T2Qcre UDb1yrOxCbwltc8+aRRcXI4QuS/4edPz3ZH8H9zdqMQVoS5RX0Alse+w6+F26c1c fRZmtg6t70wsznIQ+Jn6ouMY3Ea1jtrF4oVjMCMnno+4V7BgDGW+A+CAqbCC90mt QTwaObNyJRjUYjlLmTml7t+S3GqW2YoC2jALs2P3hx/ht0wOl6TIt7YmHCh3/tnR wZjyofl+2ml/z+cPqP7/IWGJzzNCEwxreZNcvjgx+k/L/zeNri4q/+fLETe0VE0H LNU04JBl2oOOMpkyX8MJODH5Gm9sOg+GiQ3tEZWsgls0mwtxKMxRuu6zNPQvIY93 cGntM1kVTtQ8fzIUugZR0JgElnosg1xFup3nQKyoids+SEGDgDpC4O5pxYvNW8oo jThLWud1waFzhnVXGRGviI0irQPUeYh7Bfw///c7hPHbqw9+F0k= =6s9w -----END PGP SIGNATURE----- Merge 5.4.109 into android11-5.4-lts Changes in 5.4.109 hugetlbfs: hugetlb_fault_mutex_hash() cleanup net: fec: ptp: avoid register access when ipg clock is disabled powerpc/4xx: Fix build errors from mfdcr() atm: eni: dont release is never initialized atm: lanai: dont run lanai_dev_close if not open Revert "r8152: adjust the settings about MAC clock speed down for RTL8153" ALSA: hda: ignore invalid NHLT table ixgbe: Fix memleak in ixgbe_configure_clsu32 net: tehuti: fix error return code in bdx_probe() net: intel: iavf: fix error return code of iavf_init_get_resources() sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count gianfar: fix jumbo packets+napi+rx overrun crash cifs: ask for more credit on async read/write code paths cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev gpiolib: acpi: Add missing IRQF_ONESHOT nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default NFS: Correct size calculation for create reply length net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() net: wan: fix error return code of uhdlc_init() net: davicom: Use platform_get_irq_optional() atm: uPD98402: fix incorrect allocation atm: idt77252: fix null-ptr-dereference cifs: change noisy error message to FYI irqchip/ingenic: Add support for the JZ4760 sparc64: Fix opcode filtering in handling of no fault loads habanalabs: Call put_pid() when releasing control device u64_stats,lockdep: Fix u64_stats_init() vs lockdep regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck drm/amd/display: Revert dram_clock_change_latency for DCN2.1 drm/amdgpu: fb BO should be ttm_bo_type_device drm/radeon: fix AGP dependency nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a nfs: we don't support removing system.nfs4_acl block: Suppress uevent for hidden device when removed ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign netsec: restore phy power state after controller reset platform/x86: intel-vbtn: Stop reporting SW_DOCK events squashfs: fix inode lookup sanity checks squashfs: fix xattr id and id lookup sanity checks kasan: fix per-page tags for non-page_alloc pages gcov: fix clang-11+ support ACPI: video: Add missing callback back for Sony VPCEH3U1E arm64: dts: ls1046a: mark crypto engine dma coherent arm64: dts: ls1012a: mark crypto engine dma coherent arm64: dts: ls1043a: mark crypto engine dma coherent ARM: dts: at91-sama5d27_som1: fix phy address to 7 integrity: double check iint_cache was initialized dm verity: fix DM_VERITY_OPTS_MAX value dm ioctl: fix out of bounds array access when no devices bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD veth: Store queue_mapping independently of XDP prog presence libbpf: Fix INSTALL flag order net/mlx5e: Don't match on Geneve options in case option masks are all zero ipv6: fix suspecious RCU usage warning macvlan: macvlan_count_rx() needs to be aware of preemption net: sched: validate stab values net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port igc: Fix Pause Frame Advertising igc: Fix Supported Pause Frame Link Setting e1000e: add rtnl_lock() to e1000_reset_task e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template ftgmac100: Restart MAC HW once selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed netfilter: ctnetlink: fix dump of the expect mask attribute tcp: relookup sock for RST+ACK packets handled by obsolete req sock can: peak_usb: add forgotten supported devices can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate can: kvaser_pciefd: Always disable bus load reporting can: c_can_pci: c_can_pci_remove(): fix use-after-free can: c_can: move runtime PM enable/disable to c_can_platform can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors mac80211: fix rate mask reset nfp: flower: fix pre_tun mask id allocation libbpf: Use SOCK_CLOEXEC when opening the netlink socket octeontx2-af: Fix irq free in rvu teardown octeontx2-af: fix infinite loop in unmapping NPC counter net: cdc-phonet: fix data-interface release on probe failure r8152: limit the RX buffer size of RTL8153A for USB 2.0 net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value libbpf: Fix BTF dump of pointer-to-array-of-struct drm/msm: fix shutdown hook in case GPU components failed to bind arm64: kdump: update ppos when reading elfcorehdr PM: runtime: Defer suspending suppliers net/mlx5e: Fix error path for ethtool set-priv-flag PM: EM: postpone creating the debugfs dir till fs_initcall RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs Revert "netfilter: x_tables: Switch synchronization to RCU" netfilter: x_tables: Use correct memory barriers. Revert "netfilter: x_tables: Update remaining dereference to RCU" ACPI: scan: Rearrange memory allocation in acpi_device_add() ACPI: scan: Use unique number for instance_no perf auxtrace: Fix auxtrace queue conflict block: recalculate segment count for multi-segment discards correctly scsi: Revert "qla2xxx: Make sure that aborted commands are freed" scsi: qedi: Fix error return code of qedi_alloc_global_queues() scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() locking/mutex: Fix non debug version of mutex_lock_io_nested() x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() can: dev: Move device back to init netns on owning netns delete net: dsa: b53: VLAN filtering is global to all users net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() mac80211: fix double free in ibss_leave ext4: add reclaim checks to xattr code can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" xen-blkback: don't leak persistent grants from xen_blkbk_map() Linux 5.4.109 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Iccbd7139d673f2def3675ef3f3d973ace2eb6e4d |
||
Mimi Zohar
|
752589cd4e |
integrity: double check iint_cache was initialized
commit 92063f3ca73aab794bd5408d3361fd5b5ea33079 upstream.
The kernel may be built with multiple LSMs, but only a subset may be
enabled on the boot command line by specifying "lsm=". Not including
"integrity" on the ordered LSM list may result in a NULL deref.
As reported by Dmitry Vyukov:
in qemu:
qemu-system-x86_64 -enable-kvm -machine q35,nvdimm -cpu
max,migratable=off -smp 4 -m 4G,slots=4,maxmem=16G -hda
wheezy.img -kernel arch/x86/boot/bzImage -nographic -vga std
-soundhw all -usb -usbdevice tablet -bt hci -bt device:keyboard
-net user,host=10.0.2.10,hostfwd=tcp::10022-:22 -net
nic,model=virtio-net-pci -object
memory-backend-file,id=pmem1,share=off,mem-path=/dev/zero,size=64M
-device nvdimm,id=nvdimm1,memdev=pmem1 -append "console=ttyS0
root=/dev/sda earlyprintk=serial rodata=n oops=panic panic_on_warn=1
panic=86400 lsm=smack numa=fake=2 nopcid dummy_hcd.num=8" -pidfile
vm_pid -m 2G -cpu host
But it crashes on NULL deref in integrity_inode_get during boot:
Run /sbin/init as init process
BUG: kernel NULL pointer dereference, address: 000000000000001c
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 3 PID: 1 Comm: swapper/0 Not tainted 5.12.0-rc2+ #97
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.13.0-44-g88ab0c15525c-prebuilt.qemu.org 04/01/2014
RIP: 0010:kmem_cache_alloc+0x2b/0x370 mm/slub.c:2920
Code: 57 41 56 41 55 41 54 41 89 f4 55 48 89 fd 53 48 83 ec 10 44 8b
3d d9 1f 90 0b 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 31 c0 <8b> 5f
1c 4cf
RSP: 0000:ffffc9000032f9d8 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff888017fc4f00 RCX: 0000000000000000
RDX: ffff888040220000 RSI: 0000000000000c40 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: ffff888019263627
R10: ffffffff83937cd1 R11: 0000000000000000 R12: 0000000000000c40
R13: ffff888019263538 R14: 0000000000000000 R15: 0000000000ffffff
FS: 0000000000000000(0000) GS:ffff88802d180000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000001c CR3: 000000000b48e000 CR4: 0000000000750ee0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
integrity_inode_get+0x47/0x260 security/integrity/iint.c:105
process_measurement+0x33d/0x17e0 security/integrity/ima/ima_main.c:237
ima_bprm_check+0xde/0x210 security/integrity/ima/ima_main.c:474
security_bprm_check+0x7d/0xa0 security/security.c:845
search_binary_handler fs/exec.c:1708 [inline]
exec_binprm fs/exec.c:1761 [inline]
bprm_execve fs/exec.c:1830 [inline]
bprm_execve+0x764/0x19a0 fs/exec.c:1792
kernel_execve+0x370/0x460 fs/exec.c:1973
try_to_run_init_process+0x14/0x4e init/main.c:1366
kernel_init+0x11d/0x1b8 init/main.c:1477
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
Modules linked in:
CR2: 000000000000001c
---[ end trace 22d601a500de7d79 ]---
Since LSMs and IMA may be configured at build time, but not enabled at
run time, panic the system if "integrity" was not initialized before use.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
25491b4ff3 |
This is the 5.4.106 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBSKIcACgkQONu9yGCS
aT6nww//RYwO4quTQO9h/SnVtYta3C0bkgSjLCuLjM6LY20L5sHiPxMXKn3LTb67
SSFtW7vyR4gOmIduQ783yoDxzSGuKZvQ48zh5OZYXD4GlhP9JZ5y4IkEf5r0SGIA
k4pYYX8rPLNaeOu8TprjdGdaDFC4XplFfZEN19sympvv2q20qD+JzvcjjhyCFmvk
4A9NibAStU4jUK8AvY4STJb9XmaYo337Btv3Y2j+qUBVj6fMsNCfUif1SdGHA4de
TPzaPVOIm5p4USOy/m+hsc0e/q+nzz+VYYk+T7X9NDU+kAiEOjdyMqwNOtfAUl9A
k7aca4oQMjO+MNVGrvER7xF0Se+wlTomTINzLYf0YTfkCMh9+Me+pFr8Fivdvhv9
/mBFOJ0qqYXpezUETh7F5tgzMUHkzEcOiOpEG/sINxnsZXJaa09VJrS2GYIjILFN
Epe83Z4ekbZtIzfUY+RWYVEP44fvV1lmLqKIs7z4xoz/IgF2NR++ABwyScCY1E2X
GstK4fJ7wHA/usbmQofyfLMEF9hvawOu/GwWP2IVQRbK3E5Miux+tTkLXvVhqlr+
CrLXHb8OZSb4+bzZb3fFLg/B6mR+MiNKXYp2WW1/7pqhTfJHHg8P7Ui72nAcM5Jw
+W0Gezv/DtPqbhK6rGGTUxOTYOvWqJEuh6QAI4mDx1kIeevw13o=
=MKFy
-----END PGP SIGNATURE-----
Merge 5.4.106 into android11-5.4-lts
Changes in 5.4.106
uapi: nfnetlink_cthelper.h: fix userspace compilation error
powerpc/pseries: Don't enforce MSI affinity with kdump
ethernet: alx: fix order of calls on resume
ath9k: fix transmitting to stations in dynamic SMPS mode
net: Fix gro aggregation for udp encaps with zero csum
net: check if protocol extracted by virtio_net_hdr_set_proto is correct
net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
sh_eth: fix TRSCER mask for SH771x
can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership
can: flexcan: assert FRZ bit in flexcan_chip_freeze()
can: flexcan: enable RX FIFO after FRZ/HALT valid
can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before entering Normal Mode
tcp: add sanity tests to TCP_QUEUE_SEQ
netfilter: nf_nat: undo erroneous tcp edemux lookup
netfilter: x_tables: gpf inside xt_find_revision()
selftests/bpf: No need to drop the packet when there is no geneve opt
selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier
samples, bpf: Add missing munmap in xdpsock
ibmvnic: always store valid MAC address
mt76: dma: do not report truncated frames to mac80211
powerpc/603: Fix protection of user pages mapped with PROT_NONE
mount: fix mounting of detached mounts onto targets that reside on shared mounts
cifs: return proper error code in statfs(2)
Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
net: enetc: don't overwrite the RSS indirection table when initializing
net/mlx4_en: update moderation when config reset
net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10
nexthop: Do not flush blackhole nexthops when loopback goes down
net: sched: avoid duplicates in classes dump
net: usb: qmi_wwan: allow qmimux add/del with master up
netdevsim: init u64 stats for 32bit hardware
cipso,calipso: resolve a number of problems with the DOI refcounts
net: lapbether: Remove netif_start_queue / netif_stop_queue
net: davicom: Fix regulator not turned off on failed probe
net: davicom: Fix regulator not turned off on driver removal
net: qrtr: fix error return code of qrtr_sendmsg()
ixgbe: fail to create xfrm offload of IPsec tunnel mode SA
net: stmmac: stop each tx channel independently
net: stmmac: fix watchdog timeout during suspend/resume stress test
selftests: forwarding: Fix race condition in mirror installation
perf traceevent: Ensure read cmdlines are null terminated.
net: hns3: fix query vlan mask value error for flow director
net: hns3: fix bug when calculating the TCAM table info
s390/cio: return -EFAULT if copy_to_user() fails again
bnxt_en: reliably allocate IRQ table on reset to avoid crash
drm/compat: Clear bounce structures
drm/shmem-helper: Check for purged buffers in fault handler
drm/shmem-helper: Don't remove the offset in vm_area_struct pgoff
drm: meson_drv add shutdown function
s390/cio: return -EFAULT if copy_to_user() fails
s390/crypto: return -EFAULT if copy_to_user() fails
qxl: Fix uninitialised struct field head.surface_id
sh_eth: fix TRSCER mask for R7S9210
media: usbtv: Fix deadlock on suspend
media: v4l: vsp1: Fix uif null pointer access
media: v4l: vsp1: Fix bru null pointer access
media: rc: compile rc-cec.c into rc-core
net: hns3: fix error mask definition of flow director
net: enetc: initialize RFS/RSS memories for unused ports too
net: phy: fix save wrong speed and duplex problem if autoneg is on
i2c: rcar: faster irq code to minimize HW race condition
i2c: rcar: optimize cacheline to minimize HW race condition
udf: fix silent AED tagLocation corruption
mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()'
mmc: mediatek: fix race condition between msdc_request_timeout and irq
Platform: OLPC: Fix probe error handling
powerpc/pci: Add ppc_md.discover_phbs()
spi: stm32: make spurious and overrun interrupts visible
powerpc: improve handling of unrecoverable system reset
powerpc/perf: Record counter overflow always if SAMPLE_IP is unset
HID: logitech-dj: add support for the new lightspeed connection iteration
powerpc/64: Fix stack trace not displaying final frame
iommu/amd: Fix performance counter initialization
sparc32: Limit memblock allocation to low memory
sparc64: Use arch_validate_flags() to validate ADI flag
Input: applespi - don't wait for responses to commands indefinitely.
PCI: xgene-msi: Fix race in installing chained irq handler
PCI: mediatek: Add missing of_node_put() to fix reference leak
kbuild: clamp SUBLEVEL to 255
PCI: Fix pci_register_io_range() memory leak
i40e: Fix memory leak in i40e_probe
s390/smp: __smp_rescan_cpus() - move cpumask away from stack
sysctl.c: fix underflow value setting risk in vm_table
scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling
scsi: target: core: Add cmd length set before cmd complete
scsi: target: core: Prevent underflow for service actions
ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk
ALSA: hda/hdmi: Cancel pending works before suspend
ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support
ALSA: hda: Drop the BATCH workaround for AMD controllers
ALSA: hda: Flush pending unsolicited events before suspend
ALSA: hda: Avoid spurious unsol event handling during S3/S4
ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar
ALSA: usb-audio: Apply the control quirk to Plantronics headsets
Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities")
arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL
s390/dasd: fix hanging DASD driver unbind
s390/dasd: fix hanging IO request during DASD driver unbind
software node: Fix node registration
mmc: core: Fix partition switch time for eMMC
mmc: cqhci: Fix random crash when remove mmc module/card
Goodix Fingerprint device is not a modem
USB: gadget: u_ether: Fix a configfs return code
usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot
usb: gadget: f_uac1: stop playback on function disable
usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement
usb: dwc3: qcom: Honor wakeup enabled/disabled state
USB: usblp: fix a hang in poll() if disconnected
usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
usb: xhci: do not perform Soft Retry for some xHCI hosts
xhci: Improve detection of device initiated wake signal.
usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing
xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state
USB: serial: io_edgeport: fix memory leak in edge_startup
USB: serial: ch341: add new Product ID
USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
USB: serial: cp210x: add some more GE USB IDs
usbip: fix stub_dev to check for stream socket
usbip: fix vhci_hcd to check for stream socket
usbip: fix vudc to check for stream socket
usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
usbip: fix vhci_hcd attach_store() races leading to gpf
usbip: fix vudc usbip_sockfd_store races leading to gpf
misc/pvpanic: Export module FDT device table
misc: fastrpc: restrict user apps from sending kernel RPC messages
staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
staging: rtl8712: unterminated string leads to read overflow
staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data()
staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
staging: comedi: addi_apci_1032: Fix endian problem for COS sample
staging: comedi: addi_apci_1500: Fix endian problem for command sample
staging: comedi: adv_pci1710: Fix endian problem for AI command data
staging: comedi: das6402: Fix endian problem for AI command data
staging: comedi: das800: Fix endian problem for AI command data
staging: comedi: dmm32at: Fix endian problem for AI command data
staging: comedi: me4000: Fix endian problem for AI command data
staging: comedi: pcl711: Fix endian problem for AI command data
staging: comedi: pcl818: Fix endian problem for AI command data
sh_eth: fix TRSCER mask for R7S72100
arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory
SUNRPC: Set memalloc_nofs_save() for sync tasks
NFS: Don't revalidate the directory permissions on a lookup failure
NFS: Don't gratuitously clear the inode cache when lookup failed
NFSv4.2: fix return value of _nfs4_get_security_label()
block: rsxx: fix error return code of rsxx_pci_probe()
configfs: fix a use-after-free in __configfs_open_file
arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds
hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event()
stop_machine: mark helpers __always_inline
include/linux/sched/mm.h: use rcu_dereference in in_vfork()
zram: fix return value on writeback_store
sched/membarrier: fix missing local execution of ipi_sync_rq_state()
powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
binfmt_misc: fix possible deadlock in bm_register_write
x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2
KVM: arm64: Fix exclusive limit for IPA size
nvme: unlink head after removing last namespace
nvme: release namespace head reference on error
KVM: arm64: Ensure I-cache isolation between vcpus of a same VM
KVM: arm64: Reject VM creation when the default IPA size is unsupported
xen/events: reset affinity of 2-level event when tearing it down
xen/events: don't unmask an event channel when an eoi is pending
xen/events: avoid handling the same event on two cpus at the same time
Linux 5.4.106
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I14a7c69a857d6b64e7cf72003120c99610279bae
|
||
Eric W. Biederman
|
47a5d1b63f |
Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities")
commit 3b0c2d3eaa83da259d7726192cf55a137769012f upstream. It turns out that there are in fact userspace implementations that care and this recent change caused a regression. https://github.com/containers/buildah/issues/3071 As the motivation for the original change was future development, and the impact is existing real world code just revert this change and allow the ambiguity in v3 file caps. Cc: stable@vger.kernel.org Fixes: 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
ffef593e93 |
This is the 5.4.103 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBEt1AACgkQONu9yGCS aT5UcBAAuobHx4KFrA3/SWKQo81k7oyyXdbb8BJK3hYLCl+RFD7aYguZlvqITVw+ Hme5PQPnLvY3jc/TwhuIDOG2o2020mT79J8Ggo5ccP/pMIumOwi4LXLvcFQiUevo PnYbXM+QCmxyrm+d10gYeARaGDjP+rI5V46AeB+lkn9SgjzJB649d7BQxnQUxPfB bm+PyOhX7WgqvZFmkPR4RmLBBC57OfUtZoPID/mLW0w6kKYcy3GD1uHEp3TeG3Pe PVxjC57kEiHqnEck2df2XhaB12QlGUGxJXPDmhx6djsvpr3Ss4XOMOYVkZcfsWW5 hThRdiBEgoOhjhqpfpuKYXE0IrB41Uxd6LNd4piCGF1xfiPSWF2x0m8a0NmgAynN Ungl6BbvgSyawI0luZeocSStD2POEbx264qxvA2t+XlxGCxw8PpS4X5mtNAk7vao VathiQFdt9LVtFftq7tVcy1XMt7U6SSOj84opLig5S4LHrUPY+/E0qCgZ4V786eo fkE13zUpixsxgbvYphAYIErXrq9o0B3WtaAa4jFB/RBugHy5mDGCavM/MNVgitJr Y7L9dNzdx2FpAez/dbod+n/CH5wXsnmLa2ZGqqIBVhxHRMOlYTVKa1ioc0bHrjab 8giS1lm1EXOFgIPW7xI9aEG5alLy9s2ai29nAPmhpi1N72WUtQQ= =OmY7 -----END PGP SIGNATURE----- Merge 5.4.103 into android11-5.4-lts Changes in 5.4.103 net: usb: qmi_wwan: support ZTE P685M modem Input: elantech - fix protocol errors for some trackpoints in SMBus mode nvme-pci: refactor nvme_unmap_data nvme-pci: fix error unwind in nvme_map_data arm64 module: set plt* section addresses to 0x0 MIPS: VDSO: Use CLANG_FLAGS instead of filtering out '--target=' JFS: more checks for invalid superblock udlfb: Fix memory leak in dlfb_usb_probe media: mceusb: sanity check for prescaler value erofs: fix shift-out-of-bounds of blkszbits media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate xfs: Fix assert failure in xfs_setattr_size() net/af_iucv: remove WARN_ONCE on malformed RX packets smackfs: restrict bytes count in smackfs write functions net: fix up truesize of cloned skb in skb_prepare_for_shift() nbd: handle device refs for DESTROY_ON_DISCONNECT properly mm/hugetlb.c: fix unnecessary address expansion of pmd sharing net: bridge: use switchdev for port flags set through sysfs too net: ag71xx: remove unnecessary MTU reservation net: fix dev_ifsioc_locked() race condition dt-bindings: ethernet-controller: fix fixed-link specification dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ MIPS: Drop 32-bit asm string functions drm/virtio: use kvmalloc for large allocations rsi: Fix TX EAPOL packet handling against iwlwifi AP rsi: Move card interrupt handling to RX thread staging: fwserial: Fix error handling in fwserial_create x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk vt/consolemap: do font sum unsigned wlcore: Fix command execute failure 19 for wl12xx Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() ath10k: fix wmi mgmt tx queue full due to race condition x86/build: Treat R_386_PLT32 relocation as R_386_PC32 Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data staging: most: sound: add sanity check for function argument staging: bcm2835-audio: Replace unsafe strcpy() with strscpy() brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet drm/hisilicon: Fix use-after-free crypto: tcrypt - avoid signed overflow in byte count drm/amdgpu: Add check to prevent IH overflow PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails media: uvcvideo: Allow entities with no pads f2fs: handle unallocated section and zone on pinned/atgc f2fs: fix to set/clear I_LINKABLE under i_lock nvme-core: add cancel tagset helpers nvme-rdma: add clean action for failed reconnection nvme-tcp: add clean action for failed reconnection ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() btrfs: fix error handling in commit_fs_roots perf/x86/kvm: Add Cascade Lake Xeon steppings to isolation_ucodes[] parisc: Bump 64-bit IRQ stack size to 64 KB sched/features: Fix hrtick reprogramming ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet scsi: iscsi: Restrict sessions and handles to admin capabilities sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE scsi: iscsi: Verify lengths on passthrough PDUs Xen/gnttab: handle p2m update errors on a per-slot basis xen-netback: respect gnttab_map_refs()'s return value zsmalloc: account the number of compacted pages correctly swap: fix swapfile read/write offset media: v4l: ioctl: Fix memory leak in video_usercopy ALSA: hda/realtek: Add quirk for Clevo NH55RZQ ALSA: hda/realtek: Add quirk for Intel NUC 10 ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board Linux 5.4.103 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I01d8e054de227c576cd495475b66aaf960017adb |
||
Sabyrzhan Tasbolatov
|
4ceb5ca9e6 |
smackfs: restrict bytes count in smackfs write functions
commit 7ef4c19d245f3dc233fd4be5acea436edd1d83d8 upstream.
syzbot found WARNINGs in several smackfs write operations where
bytes count is passed to memdup_user_nul which exceeds
GFP MAX_ORDER. Check count size if bigger than PAGE_SIZE.
Per smackfs doc, smk_write_net4addr accepts any label or -CIPSO,
smk_write_net6addr accepts any label or -DELETE. I couldn't find
any general rule for other label lengths except SMK_LABELLEN,
SMK_LONGLABEL, SMK_CIPSOMAX which are documented.
Let's constrain, in general, smackfs label lengths for PAGE_SIZE.
Although fuzzer crashes write to smackfs/netlabel on 0x400000 length.
Here is a quick way to reproduce the WARNING:
python -c "print('A' * 0x400000)" > /sys/fs/smackfs/netlabel
Reported-by: syzbot+a71a442385a0b2815497@syzkaller.appspotmail.com
Signed-off-by: Sabyrzhan Tasbolatov <snovitoll@gmail.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
172cf44d0d |
This is the 5.4.102 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBAqDoACgkQONu9yGCS
aT7R4A//RC4/R+Uc+cX8I2al+B017epRXRtfMDz7cd/dO1SAAhgDi4zrebAxs1XP
6g/t37NuDZ0rjKxMBRzATSwizDLP9gKpeWCVQTtvlHGf+tm/5sn2bt7pckoPvXvo
GqXPT4YgUgZQSHE+YG5Rhjtv0xMcOEu9yNTsPNZJU6BDdYJylQX/D97MPVjJjbXJ
Sz+U98wHt0zIbwkg13/2FZvPMdEKL0z8Ub/SIKDaXfFSPJMDYb/5UcEfdnDctSbI
B3i2i1/IXa97EmNG/MNDi1zPI2l9+PtRrtIzpfLASRNx3ySceiC25EyDk0mp5JnZ
czxXJ0NxG9z9Pk9X6Isvaz6X5Nqv70LORTFeZRBEp0ohYbsxH/yBuPZ0T8bukjgU
MA/uZDQryfeNgBN1aEJlTRCAmGyyD6NIICsNPnetmmowgqYxhHXt0tVafMvWpH9F
vbM3eHcOfOfNejoQiPqTj5vX7NF0BZGQYa5LywKHeGe5q2nwaMj++Kffj9ERCo49
OZFylFPiQVdEjse07JJb5vGWQkvvTv1FDB+zb7GVgHwJNnb9Lswv2VQbjdZBS++h
YUuDSxkhEYR+vdKKLcFBbjAYkJXrpiSeXzywjR5N0c90OJdaBX1kpAbBHHXYiwo1
P39l5/hsxWljQ1ZJqbeFWr2ef27xDiEz7aPojLUlyjBRgBC4eYc=
=JSQX
-----END PGP SIGNATURE-----
Merge 5.4.102 into android11-5.4-lts
Changes in 5.4.102
vmlinux.lds.h: add DWARF v5 sections
kvm: x86: replace kvm_spec_ctrl_test_value with runtime test on the host
debugfs: be more robust at handling improper input in debugfs_lookup()
debugfs: do not attempt to create a new file before the filesystem is initalized
kdb: Make memory allocations more robust
PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064
PCI: Decline to resize resources if boot config must be preserved
virt: vbox: Do not use wait_event_interruptible when called from kernel context
bfq: Avoid false bfq queue merging
ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode
MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section
random: fix the RNDRESEEDCRNG ioctl
ath10k: Fix error handling in case of CE pipe init failure
Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function
Bluetooth: hci_uart: Fix a race for write_work scheduling
Bluetooth: Fix initializing response id after clearing struct
ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family
arm64: dts: exynos: correct PMIC interrupt trigger level on TM2
arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso
memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops
bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h
bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args
arm64: dts: allwinner: A64: properly connect USB PHY to port 0
arm64: dts: allwinner: H6: properly connect USB PHY to port 0
arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card
arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency
arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz
cpufreq: brcmstb-avs-cpufreq: Free resources in error path
cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove()
ACPICA: Fix exception code class checks
usb: gadget: u_audio: Free requests only after callback
Bluetooth: drop HCI device reference before return
Bluetooth: Put HCI device if inquiry procedure interrupts
memory: ti-aemif: Drop child node when jumping out loop
ARM: dts: Configure missing thermal interrupt for 4430
usb: dwc2: Do not update data length if it is 0 on inbound transfers
usb: dwc2: Abort transaction after errors with unknown reason
usb: dwc2: Make "trimming xfer length" a debug message
staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules
ARM: dts: armada388-helios4: assign pinctrl to LEDs
ARM: dts: armada388-helios4: assign pinctrl to each fan
arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to a53-firmware
Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv
arm64: dts: msm8916: Fix reserved and rfsa nodes unit address
ARM: s3c: fix fiq for clang IAS
soc: aspeed: snoop: Add clock control logic
bpf_lru_list: Read double-checked variable once without lock
ath9k: fix data bus crash when setting nf_override via debugfs
ibmvnic: Set to CLOSED state even on error
bnxt_en: reverse order of TX disable and carrier off
xen/netback: fix spurious event detection for common event case
mac80211: fix potential overflow when multiplying to u32 integers
bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx
tcp: fix SO_RCVLOWAT related hangs under mem pressure
net: axienet: Handle deferred probe on clock properly
cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds
b43: N-PHY: Fix the update of coef for the PHY revision >= 3case
ibmvnic: add memory barrier to protect long term buffer
ibmvnic: skip send_request_unmap for timeout reset
net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
net: amd-xgbe: Reset link when the link never comes back
net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP
net: mvneta: Remove per-cpu queue mapping for Armada 3700
fbdev: aty: SPARC64 requires FB_ATY_CT
drm/gma500: Fix error return code in psb_driver_load()
gma500: clean up error handling in init
drm/fb-helper: Add missed unlocks in setcmap_legacy()
crypto: sun4i-ss - linearize buffers content must be kept
crypto: sun4i-ss - fix kmap usage
crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled
drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition
MIPS: c-r4k: Fix section mismatch for loongson2_sc_init
MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0
media: i2c: ov5670: Fix PIXEL_RATE minimum value
media: imx: Unregister csc/scaler only if registered
media: imx: Fix csc/scaler unregister
media: camss: missing error code in msm_video_register()
media: vsp1: Fix an error handling path in the probe function
media: em28xx: Fix use-after-free in em28xx_alloc_urbs
media: media/pci: Fix memleak in empress_init
media: tm6000: Fix memleak in tm6000_start_stream
media: aspeed: fix error return code in aspeed_video_setup_video()
ASoC: cs42l56: fix up error handling in probe
evm: Fix memleak in init_desc
crypto: bcm - Rename struct device_private to bcm_device_private
drm/sun4i: tcon: fix inverted DCLK polarity
MIPS: properly stop .eh_frame generation
bsg: free the request before return error code
drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction.
drm/amd/display: Fix HDMI deep color output for DCE 6-11.
media: software_node: Fix refcounts in software_node_get_next_child()
media: lmedm04: Fix misuse of comma
media: qm1d1c0042: fix error return code in qm1d1c0042_init()
media: cx25821: Fix a bug when reallocating some dma memory
media: pxa_camera: declare variable when DEBUG is defined
media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values
sched/eas: Don't update misfit status if the task is pinned
mtd: parser: imagetag: fix error codes in bcm963xx_parse_imagetag_partitions()
crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error)
drm/nouveau: bail out of nouveau_channel_new if channel init fails
ata: ahci_brcm: Add back regulators management
ASoC: cpcap: fix microphone timeslot mask
mtd: parsers: afs: Fix freeing the part name memory in failure
f2fs: fix to avoid inconsistent quota data
drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask()
f2fs: fix a wrong condition in __submit_bio
Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind()
ASoC: SOF: debug: Fix a potential issue on string buffer termination
btrfs: clarify error returns values in __load_free_space_cache
hwrng: timeriomem - Fix cooldown period calculation
crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()
ima: Free IMA measurement buffer on error
ima: Free IMA measurement buffer after kexec syscall
ASoC: simple-card-utils: Fix device module clock
fs/jfs: fix potential integer overflow on shift of a int
jffs2: fix use after free in jffs2_sum_write_data()
ubifs: Fix memleak in ubifs_init_authentication
ubifs: Fix error return code in alloc_wbufs()
capabilities: Don't allow writing ambiguous v3 file capabilities
HSI: Fix PM usage counter unbalance in ssi_hw_init
clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL
clk: meson: clk-pll: make "ret" a signed integer
clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate()
selftests/powerpc: Make the test check in eeh-basic.sh posix compliant
quota: Fix memory leak when handling corrupted quota file
i2c: iproc: handle only slave interrupts which are enabled
i2c: iproc: update slave isr mask (ISR_MASK_SLAVE)
i2c: iproc: handle master read request
spi: cadence-quadspi: Abort read if dummy cycles required are too many
clk: sunxi-ng: h6: Fix CEC clock
HID: core: detect and skip invalid inputs to snto32()
RDMA/siw: Fix handling of zero-sized Read and Receive Queues.
dmaengine: fsldma: Fix a resource leak in the remove function
dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function
dmaengine: owl-dma: Fix a resource leak in the remove function
dmaengine: hsu: disable spurious interrupt
mfd: bd9571mwv: Use devm_mfd_add_devices()
fdt: Properly handle "no-map" field in the memory region
of/fdt: Make sure no-map does not remove already reserved regions
power: reset: at91-sama5d2_shdwc: fix wkupdbc mask
rtc: s5m: select REGMAP_I2C
clocksource/drivers/ixp4xx: Select TIMER_OF when needed
clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined
RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation
clk: sunxi-ng: h6: Fix clock divider range on some clocks
regulator: axp20x: Fix reference cout leak
certs: Fix blacklist flag type confusion
regulator: s5m8767: Fix reference count leak
spi: atmel: Put allocated master before return
regulator: s5m8767: Drop regulators OF node reference
regulator: core: Avoid debugfs: Directory ... already present! error
isofs: release buffer head before return
auxdisplay: ht16k33: Fix refresh rate handling
objtool: Fix error handling for STD/CLD warnings
objtool: Fix ".cold" section suffix check for newer versions of GCC
IB/umad: Return EIO in case of when device disassociated
IB/umad: Return EPOLLERR in case of when device disassociated
KVM: PPC: Make the VMX instruction emulation routines static
powerpc/47x: Disable 256k page size
mmc: sdhci-sprd: Fix some resource leaks in the remove function
mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe
mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes
ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct
amba: Fix resource leak for drivers without .remove
IB/mlx5: Return appropriate error code instead of ENOMEM
IB/cm: Avoid a loop when device has 255 ports
tracepoint: Do not fail unregistering a probe due to memory failure
perf tools: Fix DSO filtering when not finding a map for a sampled address
perf vendor events arm64: Fix Ampere eMag event typo
RDMA/rxe: Fix coding error in rxe_recv.c
RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt
RDMA/rxe: Correct skb on loopback path
spi: stm32: properly handle 0 byte transfer
mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
powerpc/pseries/dlpar: handle ibm, configure-connector delay status
powerpc/8xx: Fix software emulation interrupt
clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs
RDMA/hns: Fixed wrong judgments in the goto branch
RDMA/siw: Fix calculation of tx_valid_cpus size
RDMA/hns: Fix type of sq_signal_bits
spi: pxa2xx: Fix the controller numbering for Wildcat Point
regulator: qcom-rpmh: fix pm8009 ldo7
clk: aspeed: Fix APLL calculate formula from ast2600-A2
nfsd: register pernet ops last, unregister first
RDMA/hns: Fixes missing error code of CMDQ
Input: sur40 - fix an error code in sur40_probe()
perf intel-pt: Fix missing CYC processing in PSB
perf intel-pt: Fix premature IPC
perf test: Fix unaligned access in sample parsing test
Input: elo - fix an error code in elo_connect()
sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
misc: eeprom_93xx46: Fix module alias to enable module autoprobe
phy: rockchip-emmc: emmc_phy_init() always return 0
misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users
soundwire: cadence: fix ACK/NAK handling
pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
VMCI: Use set_page_dirty_lock() when unregistering guest memory
PCI: Align checking of syscall user config accessors
mei: hbm: call mei_set_devstate() on hbm stop response
drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY)
drm/msm/mdp5: Fix wait-for-commit for cmd panels
vfio/iommu_type1: Fix some sanity checks in detach group
ext4: fix potential htree index checksum corruption
nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of()
nvmem: core: skip child nodes not matching binding
regmap: sdw: use _no_pm functions in regmap_read/write
i40e: Fix flow for IPv6 next header (extension header)
i40e: Add zero-initialization of AQ command structures
i40e: Fix overwriting flow control settings during driver loading
i40e: Fix addition of RX filters after enabling FW LLDP agent
i40e: Fix VFs not created
i40e: Fix add TC filter for IPv6
vfio/type1: Use follow_pte()
net/mlx4_core: Add missed mlx4_free_cmd_mailbox()
vxlan: move debug check after netdev unregister
ocfs2: fix a use after free on error
mm/memory.c: fix potential pte_unmap_unlock pte error
mm/hugetlb: fix potential double free in hugetlb_register_node() error path
mm/compaction: fix misbehaviors of fast_find_migrateblock()
r8169: fix jumbo packet handling on RTL8168e
arm64: Add missing ISB after invalidating TLB in __primary_switch
i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition
mm/rmap: fix potential pte_unmap on an not mapped pte
scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
blk-settings: align max_sectors on "logical_block_size" boundary
ACPI: property: Fix fwnode string properties matching
ACPI: configfs: add missing check after configfs_register_default_group()
HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming
HID: wacom: Ignore attempts to overwrite the touch_max value from HID
Input: raydium_ts_i2c - do not send zero length
Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
Input: joydev - prevent potential read overflow in ioctl
Input: i8042 - add ASUS Zenbook Flip to noselftest list
media: mceusb: Fix potential out-of-bounds shift
USB: serial: option: update interface mapping for ZTE P685M
usb: musb: Fix runtime PM race in musb_queue_resume_work
usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1
usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt
USB: serial: ftdi_sio: fix FTX sub-integer prescaler
USB: serial: mos7840: fix error code in mos7840_write()
USB: serial: mos7720: fix error code in mos7720_write()
ALSA: hda: Add another CometLake-H PCI ID
ALSA: hda/realtek: modify EAPD in the ALC886
Revert "bcache: Kill btree_io_wq"
bcache: Give btree_io_wq correct semantics again
bcache: Move journal work to new flush wq
drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1
drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2)
drm/nouveau/kms: handle mDP connectors
drm/sched: Cancel and flush all outstanding jobs before finish.
erofs: initialized fields can only be observed after bit is set
tpm_tis: Fix check_locality for correct locality acquisition
tpm_tis: Clean up locality release
KEYS: trusted: Fix migratable=1 failing
btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
btrfs: fix reloc root leak with 0 ref reloc roots on recovery
btrfs: splice remaining dirty_bg's onto the transaction dirty bg list
btrfs: fix extent buffer leak on failure to copy root
crypto: arm64/sha - add missing module aliases
crypto: aesni - prevent misaligned buffers on the stack
crypto: sun4i-ss - checking sg length is not sufficient
crypto: sun4i-ss - handle BigEndian for cipher
crypto: sun4i-ss - initialize need_fallback
seccomp: Add missing return in non-void function
misc: rtsx: init of rts522a add OCP power off when no card is present
drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue
pstore: Fix typo in compression option name
dts64: mt7622: fix slow sd card access
staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c
staging: gdm724x: Fix DMA from stack
staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table
media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt()
x86/virt: Eat faults on VMXOFF in reboot flows
x86/reboot: Force all cpus to exit VMX root if VMX is supported
powerpc/prom: Fix "ibm,arch-vec-5-platform-support" scan
rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers
rcu/nocb: Perform deferred wake up before last idle's need_resched() check
floppy: reintroduce O_NDELAY fix
arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() fails
arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ
watchdog: mei_wdt: request stop on unregister
mtd: spi-nor: sfdp: Fix last erase region marking
mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region
mtd: spi-nor: core: Fix erase type discovery for overlaid region
mtd: spi-nor: core: Add erase size check for erase command initialization
mtd: spi-nor: hisi-sfc: Put child node np on error path
fs/affs: release old buffer head on error path
seq_file: document how per-entry resources are managed.
x86: fix seq_file iteration for pat/memtype.c
hugetlb: fix update_and_free_page contig page struct assumption
hugetlb: fix copy_huge_page_from_user contig page struct assumption
arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55
media: smipcie: fix interrupt handling and IR timeout
module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
mmc: sdhci-esdhc-imx: fix kernel panic when remove module
powerpc/32s: Add missing call to kuep_lock on syscall entry
spmi: spmi-pmic-arb: Fix hw_irq overflow
gpio: pcf857x: Fix missing first interrupt
printk: fix deadlock when kernel panic
cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available
s390/vtime: fix inline assembly clobber list
virtio/s390: implement virtio-ccw revision 2 correctly
um: mm: check more comprehensively for stub changes
f2fs: fix out-of-repair __setattr_copy()
sparc32: fix a user-triggerable oops in clear_user()
spi: spi-synquacer: fix set_cs handling
gfs2: Don't skip dlm unlock if glock has an lvb
gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end
dm: fix deadlock when swapping to encrypted device
dm writecache: fix writing beyond end of underlying device when shrinking
dm era: Recover committed writeset after crash
dm era: Verify the data block size hasn't changed
dm era: Fix bitset memory leaks
dm era: Use correct value size in equality function of writeset tree
dm era: Reinitialize bitset cache before digesting a new writeset
dm era: only resize metadata in preresume
drm/i915: Reject 446-480MHz HDMI clock on GLK
icmp: introduce helper for nat'd source address in network device context
icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n
gtp: use icmp_ndo_send helper
sunvnet: use icmp_ndo_send helper
xfrm: interface: use icmp_ndo_send helper
ipv6: icmp6: avoid indirect call for icmpv6_send()
ipv6: silence compilation warning for non-IPV6 builds
net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
net: sched: fix police ext initialization
dm era: Update in-core bitset after committing the metadata
net: qrtr: Fix memory leak in qrtr_tun_open
ARM: dts: aspeed: Add LCLK to lpc-snoop
Linux 5.4.102
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie4d4b39755277412c370c011e32092624d593765
|
||
Jarkko Sakkinen
|
2910038c09 |
KEYS: trusted: Fix migratable=1 failing
commit 8da7520c80468c48f981f0b81fc1be6599e3b0ad upstream.
Consider the following transcript:
$ keyctl add trusted kmk "new 32 blobauth=helloworld keyhandle=80000000 migratable=1" @u
add_key: Invalid argument
The documentation has the following description:
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
The consequence is that "migratable=1" should succeed. Fix this by
allowing this condition to pass instead of return -EINVAL.
[*] Documentation/security/keys/trusted-encrypted.rst
Cc: stable@vger.kernel.org
Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Fixes:
|
||
David Howells
|
0fec3272ab |
certs: Fix blacklist flag type confusion
[ Upstream commit 4993e1f9479a4161fd7d93e2b8b30b438f00cb0f ]
KEY_FLAG_KEEP is not meant to be passed to keyring_alloc() or key_alloc(),
as these only take KEY_ALLOC_* flags. KEY_FLAG_KEEP has the same value as
KEY_ALLOC_BYPASS_RESTRICTION, but fortunately only key_create_or_update()
uses it. LSMs using the key_alloc hook don't check that flag.
KEY_FLAG_KEEP is then ignored but fortunately (again) the root user cannot
write to the blacklist keyring, so it is not possible to remove a key/hash
from it.
Fix this by adding a KEY_ALLOC_SET_KEEP flag that tells key_alloc() to set
KEY_FLAG_KEEP on the new key. blacklist_init() can then, correctly, pass
this to keyring_alloc().
We can also use this in ima_mok_init() rather than setting the flag
manually.
Note that this doesn't fix an observable bug with the current
implementation but it is required to allow addition of new hashes to the
blacklist in the future without making it possible for them to be removed.
Fixes:
|
||
|
Eric W. Biederman
|
33a2e62473 |
capabilities: Don't allow writing ambiguous v3 file capabilities
[ Upstream commit 95ebabde382c371572297915b104e55403674e73 ]
The v3 file capabilities have a uid field that records the filesystem
uid of the root user of the user namespace the file capabilities are
valid in.
When someone is silly enough to have the same underlying uid as the
root uid of multiple nested containers a v3 filesystem capability can
be ambiguous.
In the spirit of don't do that then, forbid writing a v3 filesystem
capability if it is ambiguous.
Fixes:
|
||
Lakshmi Ramasubramanian
|
091b409383 |
ima: Free IMA measurement buffer after kexec syscall
[ Upstream commit f31e3386a4e92ba6eda7328cb508462956c94c64 ]
IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function. This buffer is not freed before
completing the kexec system call resulting in memory leak.
Add ima_buffer field in "struct kimage" to store the virtual address
of the buffer allocated for the IMA measurement list.
Free the memory allocated for the IMA measurement list in
kimage_file_post_load_cleanup() function.
Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes:
|
||
|
Lakshmi Ramasubramanian
|
e436d3f7bd |
ima: Free IMA measurement buffer on error
[ Upstream commit 6d14c6517885fa68524238787420511b87d671df ]
IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function. In error code paths this memory
is not freed resulting in memory leak.
Free the memory allocated for the IMA measurement list in
the error code paths in ima_add_kexec_buffer() function.
Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes:
|
||
Dinghao Liu
|
3d5afcae9a |
evm: Fix memleak in init_desc
[ Upstream commit ccf11dbaa07b328fa469415c362d33459c140a37 ]
tmp_tfm is allocated, but not freed on subsequent kmalloc failure, which
leads to a memory leak. Free tmp_tfm.
Fixes:
|
||
|
Greg Kroah-Hartman
|
7834d8fef1 |
This is the 5.4.99 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmAs43QACgkQONu9yGCS aT4omw/+JPBAZB5ClIOSDuf3/yJkbigVRFNVmQJy4/cluG32cxlcpudoau7AXq3N 0Sn/rfSdldl5eI98OTA+Y0yPIsVnQJdei228A5gmULkkc+rEFugorSJKRmmA7tH0 VdZ1C4NlhhmjoIT/W8mMNzv14dtyGQvRbT+zzfxqwqL6tF9+alcdBYTP/Z691K6x 8Csfe05MZ8VkvBizStaTXC+dtMhU917Ikd5i5v4ZzaesZJcUTLS7J82FhtKeoz7q tDoA/Bl+pN1KjyIIE61/zJ8DKzBtOeuo1PWJFpO+EBVhKVosr3oWJfTAiM7Fsnu5 dbKHYPsbe3mB79JdQibr7TpU7vSjDr5a/HTuYtp7WM1R5IssiFeVOdpXTGim/s/E Flao5LYSUcj0X/Io6TyUnxQWw8sJz3PGKYiLUn8/9DBpzNFzynQ+vuapXCoGxJzh W108q32PIx2ZTJsD5RUUqZbytG/zKzI1+SxXo2uOhs9/k5qT+35Yp9epsE2Cp8v1 Oiw3P/ZUDNk6zPj0dsHcTsqTofRK07l71HnM8iIbCWSPw834IoGBuB8c3H7HaHn4 v5M4tMTDAaKi/e09K92fR6SZDgZz8D0N+sLLneA4NEASXIJanCUwcgVCUbja+BO1 H1hiYTTZQa7kOkSxBa/wGsWkdfvOpOvCSFr+c6LPmB9sHMe4K8o= =3BI0 -----END PGP SIGNATURE----- Merge 5.4.99 into android11-5.4-lts Changes in 5.4.99 gpio: ep93xx: fix BUG_ON port F usage gpio: ep93xx: Fix single irqchip with multi gpiochips tracing: Do not count ftrace events in top level enable output tracing: Check length before giving out the filter buffer arm/xen: Don't probe xenbus as part of an early initcall cgroup: fix psi monitor for root cgroup arm64: dts: rockchip: Fix PCIe DT properties on rk3399 arm64: dts: qcom: sdm845: Reserve LPASS clocks in gcc ARM: OMAP2+: Fix suspcious RCU usage splats for omap_enter_idle_coupled platform/x86: hp-wmi: Disable tablet-mode reporting by default ovl: perform vfs_getxattr() with mounter creds cap: fix conversions on getxattr ovl: skip getxattr of security labels nvme-pci: ignore the subsysem NQN on Phison E16 drm/amd/display: Add more Clock Sources to DCN2.1 drm/amd/display: Fix dc_sink kref count in emulated_link_detect drm/amd/display: Free atomic state after drm_atomic_commit drm/amd/display: Decrement refcount of dc_sink before reassignment riscv: virt_addr_valid must check the address belongs to linear mapping bfq-iosched: Revert "bfq: Fix computation of shallow depth" ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL ARM: ensure the signal page contains defined contents ARM: kexec: fix oops after TLB are invalidated vmlinux.lds.h: Create section for protection against instrumentation lkdtm: don't move ctors to .rodata mt76: dma: fix a possible memory leak in mt76_add_fragment() drm/vc4: hvs: Fix buffer overflow with the dlist handling bpf: Check for integer overflow when using roundup_pow_of_two() netfilter: xt_recent: Fix attempt to update deleted entry netfilter: nftables: fix possible UAF over chains from packet path in netns netfilter: flowtable: fix tcp and udp header checksum update xen/netback: avoid race in xenvif_rx_ring_slots_available() net: enetc: initialize the RFS and RSS memories selftests: txtimestamp: fix compilation issue net: stmmac: set TxQ mode back to DCB after disabling CBS ibmvnic: Clear failover_pending if unable to schedule netfilter: conntrack: skip identical origin tuple in same zone only x86/build: Disable CET instrumentation in the kernel for 32-bit too net: hns3: add a check for queue_id in hclge_reset_vf_queue() firmware_loader: align .builtin_fw to 8 drm/sun4i: tcon: set sync polarity for tcon1 channel drm/sun4i: Fix H6 HDMI PHY configuration drm/sun4i: dw-hdmi: Fix max. frequency for H6 clk: sunxi-ng: mp: fix parent rate change flag check i2c: stm32f7: fix configuration of the digital filter h8300: fix PREEMPTION build, TI_PRE_COUNT undefined usb: dwc3: ulpi: fix checkpatch warning usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one rxrpc: Fix clearance of Tx/Rx ring when releasing a call udp: fix skb_copy_and_csum_datagram with odd segment sizes net: dsa: call teardown method on probe failure net: gro: do not keep too many GRO packets in napi->rx_list net: fix iteration for sctp transport seq_files net/vmw_vsock: improve locking in vsock_connect_timeout() net: watchdog: hold device global xmit lock during tx disable vsock/virtio: update credit only if socket is not closed vsock: fix locking in vsock_shutdown() net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS net/qrtr: restrict user-controlled length in qrtr_tun_write_iter() ovl: expand warning in ovl_d_real() Linux 5.4.99 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I28713d7ddd79d24b3007872877e51063df21a01e |
||
Miklos Szeredi
|
43e3cf46af |
cap: fix conversions on getxattr
[ Upstream commit f2b00be488730522d0fb7a8a5de663febdcefe0a ] If a capability is stored on disk in v2 format cap_inode_getsecurity() will currently return in v2 format unconditionally. This is wrong: v2 cap should be equivalent to a v3 cap with zero rootid, and so the same conversions performed on it. If the rootid cannot be mapped, v3 is returned unconverted. Fix this so that both v2 and v3 return -EOVERFLOW if the rootid (or the owner of the fs user namespace in case of v2) cannot be mapped into the current user namespace. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
1b01e2e342 |
This is the 5.4.91 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmAHFkkACgkQONu9yGCS aT5DMg//TWHV1loe76Jy6mT7SavddKkO+C6YXdGMYN4vVKJqYzASSqqmkIGYZVOj G5GnILybNjA9aJIqX4vXTXs3YslWZN+rd//GYRyBTE7SwlNI8Lho1ZJq8VqtWo+x jxm+2QNX8wBb9QuCqsnLOVidWVOQ9dcz0GC6/N8gKcAWJ71B2RpwKQxnEXjlJp3f m5cX+Vnm3XnJkdT4mmycV3h4gnOrwhIUGbu8iLbPTmfZf5aZ14eD2Su8gpcunWat 7JY2z1u4jSpkKspG5eVn8wmL1aB5+WhkqU5+rOtHZ+KJZvRY0wTnmIQEBCw0bAW+ 49tIthuJF8wC7oa3hXoXMNG8K112ffeeF2Hm29WFbpFYRinIjGt/MPmg2A1sM+C1 jVQewVOArNLA0lo5m1jun2/c56EEGFKKODzJR7Epphdi+bsY7DSttIfIIzwUqTc5 9wgZG81+l9uP/ohTm7vG8hQcANt0DN+X8wet+HqpuO5Mj5T6150dKW4zQhdOljBH GL/O/31DfIUmLJL50+X6kn47c0noZlwEmZc+buVxdO5bC27cK6awEE3gQeCTgsWj Ok1Sa+3FwwEPnKs8zInYP69U/obvNxBhdxrccrUOViGBxsXKHMPEnXG2bUuiV/7v KnuO9z1Pj3+YAdZTwWygdJcZNdCAwGL4ekQV9N/Pxeg6ejq2E3Q= =TOgX -----END PGP SIGNATURE----- Merge 5.4.91 into android11-5.4-lts Changes in 5.4.91 kbuild: enforce -Werror=return-type btrfs: prevent NULL pointer dereference in extent_io_tree_panic ASoC: dapm: remove widget from dirty list on free x86/hyperv: check cpu mask after interrupt has been disabled tracing/kprobes: Do the notrace functions check without kprobes on ftrace mips: fix Section mismatch in reference mips: lib: uncached: fix non-standard usage of variable 'sp' MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB MIPS: relocatable: fix possible boot hangup with KASLR enabled RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() ACPI: scan: Harden acpi_device_add() against device ID overflows mm/hugetlb: fix potential missing huge page size info dm raid: fix discard limits for raid1 dm snapshot: flush merged data before committing metadata dm integrity: fix the maximum number of arguments r8152: Add Lenovo Powered USB-C Travel Hub btrfs: tree-checker: check if chunk item end overflows drm/i915/backlight: fix CPU mode backlight takeover on LPT ext4: fix bug for rename with RENAME_WHITEOUT ext4: don't leak old mountpoint samples smb3: remove unused flag passed into close functions cifs: fix interrupted close commands dm integrity: fix flush with external metadata device ARC: build: remove non-existing bootpImage from KBUILD_IMAGE ARC: build: add uImage.lzma to the top-level target ARC: build: add boot_targets to PHONY ARC: build: move symlink creation to arch/arc/Makefile to avoid race netfilter: ipset: fixes possible oops in mtype_resize btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan regulator: bd718x7: Add enable times ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram habanalabs: register to pci shutdown callback habanalabs: Fix memleak in hl_device_reset hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values lib/raid6: Let $(UNROLL) rules work with macOS userland bfq: Fix computation of shallow depth arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC misdn: dsp: select CONFIG_BITREVERSE net: ethernet: fs_enet: Add missing MODULE_LICENSE selftests: fix the return value for UDP GRO test nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN nvmet-rdma: Fix list_del corruption on queue establishment failure drm/amdgpu: fix a GPU hang issue when remove device usb: typec: Fix copy paste error for NVIDIA alt-mode description ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI drm/msm: Call msm_init_vram before binding the gpu ARM: picoxcell: fix missing interrupt-parent properties perf intel-pt: Fix 'CPU too large' error dump_common_audit_data(): fix racy accesses to ->d_name ASoC: meson: axg-tdm-interface: fix loopback ASoC: meson: axg-tdmin: fix axg skew offset ASoC: Intel: fix error code cnl_set_dsp_D0() nvme-tcp: fix possible data corruption with bio merges NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock pNFS: We want return-on-close to complete when evicting the inode pNFS: Mark layout for return if return-on-close was not sent pNFS: Stricter ordering of layoutget and layoutreturn NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter NFS: nfs_igrab_and_active must first reference the superblock ext4: fix superblock checksum failure when setting password salt RDMA/restrack: Don't treat as an error allocation ID wrapping RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp bnxt_en: Improve stats context resource accounting with RDMA driver loaded. RDMA/mlx5: Fix wrong free of blue flame register on error IB/mlx5: Fix error unwinding when set_has_smi_cap fails drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence mm, slub: consider rest of partial list if acquire_slab() fails iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev() net: sunrpc: interpret the return value of kstrtou32 correctly dm: eliminate potential source of excessive kernel log noise ALSA: fireface: Fix integer overflow in transmit_midi_msg() ALSA: firewire-tascam: Fix integer overflow in midi_port_work() netfilter: conntrack: fix reading nf_conntrack_buckets netfilter: nf_nat: Fix memleak in nf_nat_init netfilter: nft_compat: remove flush counter optimization Linux 5.4.91 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I855c7cfa591772da34ca62ad0e5519af7dfbcaaa |
||
Al Viro
|
08eb8a735c |
dump_common_audit_data(): fix racy accesses to ->d_name
commit d36a1dd9f77ae1e72da48f4123ed35627848507d upstream. We are not guaranteed the locking environment that would prevent dentry getting renamed right under us. And it's possible for old long name to be freed after rename, leading to UAF here. Cc: stable@kernel.org # v2.6.2+ Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
d45416b62b |
This is the 5.4.86 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/sW9MACgkQONu9yGCS
aT5SwBAAo6dgHqwmPfuf98/8oVeVqTxcmE7GpzpVRH2+yI7Zwk2ez29tAflcM7lT
LKtR2WFGAxoCL4DUKXeO7Ubwpue5NoBIsJ8/dAYBesojps3WDaFGL55PvJLWwFJ7
5gPtPzynITaqIC1JCFcrJ7OTp7REiCUZRc1CJXJINWAYL1VbEbH8pH904xfFcivy
XnNyL9UiWp1lSB8oF3CRJOaK5M5gY1+wdCFaLVqQn306XDEM8PvZK4G3at/jXWgH
jQjArdtC8M8NwjyTwtqW9JAMV+6CD0/HXk0QboTZg6yiaRrtUsfzMqJ1cvhKcQgO
kLE3rwdnr3/MxuzSnGWbswflG2WCutoah58g0uN8H0nCiui5mKN6x5K+emgDZIoO
ndDnh+/5OE247EK+3CGn/0N8i/fOymrLAnLL4wCXVdlQLMCalnL37ibdfGbAptXi
N3GOGZ2iEglvTsEr5w0r86+AzNskm5EqA7mFGFiAyf9viR2xwYk3RrWf2ZyMRos2
2S7mKcZmw7voDu2TIDIhqydToBKxmYI/mUn3mFFme1h3lwzM3zYG1aovVLfd5NkY
Gx5E/CA/ut/3n0u/dXJ8SxEitBWkqImp5UdYcElQNxQoXnVU4yKmjf6dDL9Wqh+1
ujCiaCUJd3PY0uXXIb6RWWGs2VaL4xiEnk+ZBm0VI9WEUWksSx0=
=jnmv
-----END PGP SIGNATURE-----
Merge 5.4.86 into android11-5.4-lts
Changes in 5.4.86
ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY
ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator
ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node
pinctrl: merrifield: Set default bias in case no particular value given
pinctrl: baytrail: Avoid clearing debounce value when turning it off
ARM: dts: sun8i: v3s: fix GIC node memory range
ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY
ARM: dts: imx6qdl-wandboard-revd1: Remove PAD_GPIO_6 from enetgrp
ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin
PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter
gpio: zynq: fix reference leak in zynq_gpio functions
gpio: mvebu: fix potential user-after-free on probe
scsi: bnx2i: Requires MMU
xsk: Fix xsk_poll()'s return type
xsk: Replace datagram_poll by sock_poll_wait
can: softing: softing_netdev_open(): fix error handling
clk: renesas: r9a06g032: Drop __packed for portability
block: Simplify REQ_OP_ZONE_RESET_ALL handling
block: factor out requeue handling from dispatch code
blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick
pinctrl: aspeed: Fix GPIO requests on pass-through banks
netfilter: x_tables: Switch synchronization to RCU
netfilter: nft_compat: make sure xtables destructors have run
netfilter: nft_dynset: fix timeouts later than 23 days
afs: Fix memory leak when mounting with multiple source parameters
Revert "gpio: eic-sprd: Use devm_platform_ioremap_resource()"
gpio: eic-sprd: break loop when getting NULL device resource
netfilter: nft_ct: Remove confirmation check for NFT_CT_ID
selftests/bpf/test_offload.py: Reset ethtool features after failed setting
RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
i40e: Refactor rx_bi accesses
i40e: optimise prefetch page refcount
i40e: avoid premature Rx buffer reuse
ixgbe: avoid premature Rx buffer reuse
selftests: fix poll error in udpgro.sh
net: mvpp2: add mvpp2_phylink_to_port() helper
drm/tegra: replace idr_init() by idr_init_base()
kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling
drm/tegra: sor: Disable clocks on error in tegra_sor_init()
habanalabs: put devices before driver removal
arm64: syscall: exit userspace before unmasking exceptions
vxlan: Add needed_headroom for lower device
vxlan: Copy needed_tailroom from lowerdev
scsi: mpt3sas: Increase IOCInit request timeout to 30s
dm table: Remove BUG_ON(in_interrupt())
iwlwifi: pcie: add one missing entry for AX210
drm/amd/display: Init clock value by current vbios CLKs
perf/x86/intel: Check PEBS status correctly
kbuild: avoid split lines in .mod files
soc/tegra: fuse: Fix index bug in get_process_id
usb: mtu3: fix memory corruption in mtu3_debugfs_regset()
USB: serial: option: add interface-number sanity check to flag handling
USB: gadget: f_acm: add support for SuperSpeed Plus
USB: gadget: f_midi: setup SuperSpeed Plus descriptors
usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus
USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU
ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410
ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU
coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf()
coresight: tmc-etr: Check if page is valid before dma_map_page()
coresight: tmc-etr: Fix barrier packet insertion for perf buffer
coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf()
scsi: megaraid_sas: Check user-provided offsets
HID: i2c-hid: add Vero K147 to descriptor override
serial_core: Check for port state when tty is in error state
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
quota: Sanity-check quota file headers on load
media: msi2500: assign SPI bus number dynamically
crypto: af_alg - avoid undefined behavior accessing salg_name
md: fix a warning caused by a race between concurrent md_ioctl()s
drm/gma500: fix double free of gma_connector
drm/aspeed: Fix Kconfig warning & subsequent build errors
drm/mcde: Fix handling of platform_get_irq() error
drm/tve200: Fix handling of platform_get_irq() error
arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node
arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node
soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains()
soc: mediatek: Check if power domains can be powered on at boot time
soc: qcom: geni: More properly switch to DMA mode
Revert "i2c: i2c-qcom-geni: Fix DMA transfer race"
RDMA/bnxt_re: Set queue pair state when being queried
rtc: pcf2127: fix pcf2127_nvmem_read/write() returns
selinux: fix error initialization in inode_doinit_with_dentry()
ARM: dts: aspeed: s2600wf: Fix VGA memory region location
RDMA/rxe: Compute PSN windows correctly
x86/mm/ident_map: Check for errors from ident_pud_init()
ARM: p2v: fix handling of LPAE translation in BE mode
x86/apic: Fix x2apic enablement without interrupt remapping
sched/deadline: Fix sched_dl_global_validate()
sched: Reenable interrupts in do_sched_yield()
drm/amdgpu: fix incorrect enum type
crypto: talitos - Endianess in current_desc_hdr()
crypto: talitos - Fix return type of current_desc_hdr()
crypto: inside-secure - Fix sizeof() mismatch
ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode
ARM: dts: aspeed: tiogapass: Remove vuart
drm/amdgpu: fix build_coefficients() argument
powerpc/64: Set up a kernel stack for secondaries before cpu_restore()
spi: img-spfi: fix reference leak in img_spfi_resume
f2fs: call f2fs_get_meta_page_retry for nat page
drm/msm/dsi_pll_10nm: restore VCO rate during restore_state
spi: spi-mem: fix reference leak in spi_mem_access_start
ASoC: pcm: DRAIN support reactivation
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
spi: stm32: fix reference leak in stm32_spi_resume
brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free}
arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7
arm64: dts: exynos: Correct psci compatible used on Exynos7
Bluetooth: Fix null pointer dereference in hci_event_packet()
Bluetooth: hci_h5: fix memory leak in h5_close
spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe
spi: tegra20-slink: fix reference leak in slink ops of tegra20
spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
spi: tegra114: fix reference leak in tegra spi ops
spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume
mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
selftest/bpf: Add missed ip6ip6 test back
ASoC: wm8998: Fix PM disable depth imbalance on error
spi: sprd: fix reference leak in sprd_spi_remove
ASoC: arizona: Fix a wrong free in wm8997_probe
RDMa/mthca: Work around -Wenum-conversion warning
MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
staging: greybus: codecs: Fix reference counter leak in error handling
staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c
media: tm6000: Fix sizeof() mismatches
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm()
media: v4l2-fwnode: Return -EINVAL for invalid bus-type
ASoC: meson: fix COMPILE_TEST error
scsi: core: Fix VPD LUN ID designator priorities
media: solo6x10: fix missing snd_card_free in error handling case
video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init()
drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
Input: ads7846 - fix race that causes missing releases
Input: ads7846 - fix integer overflow on Rt calculation
Input: ads7846 - fix unaligned access on 7845
usb/max3421: fix return error code in max3421_probe()
spi: mxs: fix reference leak in mxs_spi_probe
selftests/bpf: Fix broken riscv build
powerpc: Avoid broken GCC __attribute__((optimize))
powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId
crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd
crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe
spi: fix resource leak for drivers without .remove callback
soc: ti: knav_qmss: fix reference leak in knav_queue_probe
soc: ti: Fix reference imbalance in knav_dma_probe
drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
Input: omap4-keypad - fix runtime PM error handling
clk: meson: Kconfig: fix dependency for G12A
RDMA/cxgb4: Validate the number of CQEs
memstick: fix a double-free bug in memstick_check
ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
mmc: pxamci: Fix error return code in pxamci_probe
orinoco: Move context allocation after processing the skb
qtnfmac: fix error return code in qtnf_pcie_probe()
rsi: fix error return code in rsi_reset_card()
cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe()
arm64: tegra: Fix DT binding for IO High Voltage entry
media: siano: fix memory leak of debugfs members in smsdvb_hotplug
platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration
platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration
samples: bpf: Fix lwt_len_hist reusing previous BPF map
media: imx214: Fix stop streaming
mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
media: max2175: fix max2175_set_csm_mode() error code
slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI
HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
ARM: dts: Remove non-existent i2c1 from 98dx3236
arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name
arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc
power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching
power: supply: bq24190_charger: fix reference leak
genirq/irqdomain: Don't try to free an interrupt that has no mapping
arm64: dts: ls1028a: fix ENETC PTP clock input
arm64: dts: qcom: c630: Polish i2c-hid devices
PCI: Bounds-check command-line resource alignment requests
PCI: Fix overflow in command-line resource alignment requests
PCI: iproc: Fix out-of-bound array accesses
arm64: dts: meson: fix spi-max-frequency on Khadas VIM2
arm64: dts: meson-sm1: fix typo in opp table
soc: amlogic: canvas: add missing put_device() call in meson_canvas_get()
ARM: dts: at91: at91sam9rl: fix ADC triggers
platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init
ath10k: Fix the parsing error in service available event
ath10k: Fix an error handling path
ath10k: Release some resources in an error handling path
SUNRPC: rpc_wake_up() should wake up tasks in the correct order
NFSv4.2: condition READDIR's mask for security label based on LSM state
SUNRPC: xprt_load_transport() needs to support the netid "rdma6"
NFSv4: Fix the alignment of page data in the getdeviceinfo reply
net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs'
lockd: don't use interval-based rebinding over TCP
NFS: switch nfsiod to be an UNBOUND workqueue.
selftests/seccomp: Update kernel config
vfio-pci: Use io_remap_pfn_range() for PCI IO memory
hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
media: saa7146: fix array overflow in vidioc_s_audio()
powerpc/perf: Fix crash with is_sier_available when pmu is not set
powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S
clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path
clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent()
iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context
ARM: dts: at91: sama5d2: map securam as device
bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address()
pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
arm64: dts: rockchip: Fix UART pull-ups on rk3328
memstick: r592: Fix error return in r592_probe()
MIPS: Don't round up kernel sections size for memblock_add()
net/mlx5: Properly convey driver version to firmware
ASoC: jz4740-i2s: add missed checks for clk_get()
dm ioctl: fix error return code in target_message
phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure
clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne
clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI
cpufreq: ap806: Add missing MODULE_DEVICE_TABLE
cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE
cpufreq: qcom: Add missing MODULE_DEVICE_TABLE
cpufreq: st: Add missing MODULE_DEVICE_TABLE
cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE
cpufreq: loongson1: Add missing MODULE_ALIAS
cpufreq: scpi: Add missing MODULE_ALIAS
Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware()
Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware()
arm64: dts: meson: fix PHY deassert timing requirements
ARM: dts: meson: fix PHY deassert timing requirements
arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements
scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe
scsi: pm80xx: Fix error return in pm8001_pci_probe()
seq_buf: Avoid type mismatch for seq_buf_init
scsi: fnic: Fix error return code in fnic_probe()
platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems
powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops
powerpc/pseries/hibernation: remove redundant cacheinfo update
drm/mediatek: avoid dereferencing a null hdmi_phy on an error message
ASoC: amd: change clk_get() to devm_clk_get() and add missed checks
powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S
usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe
usb: oxu210hp-hcd: Fix memory leak in oxu_create
speakup: fix uninitialized flush_lock
nfsd: Fix message level for normal termination
nfs_common: need lock during iterate through the list
x86/kprobes: Restore BTF if the single-stepping is cancelled
platform/chrome: cros_ec_spi: Don't overwrite spi::mode
bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
s390/cio: fix use-after-free in ccw_device_destroy_console
iwlwifi: mvm: hook up missing RX handlers
erofs: avoid using generic_block_bmap
can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit
RDMA/core: Do not indicate device ready when device enablement fails
remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable
remoteproc: qcom: fix reference leak in adsp_start
remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio()
clk: tegra: Fix duplicated SE clock entry
mtd: rawnand: gpmi: fix reference count leak in gpmi ops
mtd: rawnand: meson: Fix a resource leak in init
mtd: rawnand: gpmi: Fix the random DMA timeout issue
extcon: max77693: Fix modalias string
crypto: atmel-i2c - select CONFIG_BITREVERSE
mac80211: don't set set TDLS STA bandwidth wider than possible
ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control()
irqchip/alpine-msi: Fix freeing of interrupts on allocation error path
watchdog: armada_37xx: Add missing dependency on HAS_IOMEM
watchdog: sirfsoc: Add missing dependency on HAS_IOMEM
watchdog: sprd: remove watchdog disable from resume fail path
watchdog: sprd: check busy bit before new loading rather than after that
watchdog: Fix potential dereferencing of null pointer
ubifs: Fix error return code in ubifs_init_authentication()
um: Monitor error events in IRQ controller
um: tty: Fix handling of close in tty lines
um: chan_xterm: Fix fd leak
sunrpc: fix xs_read_xdr_buf for partial pages receive
RDMA/cma: Don't overwrite sgid_attr after device is released
nfc: s3fwrn5: Release the nfc firmware
powerpc/ps3: use dma_mapping_error()
sparc: fix handling of page table constructor failure
mm: don't wake kswapd prematurely when watermark boosting is disabled
checkpatch: fix unescaped left brace
lan743x: fix rx_napi_poll/interrupt ping-pong
net: bcmgenet: Fix a resource leak in an error handling path in the probe functin
net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function
net: korina: fix return value
libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
watchdog: qcom: Avoid context switch in restart handler
watchdog: coh901327: add COMMON_CLK dependency
clk: ti: Fix memleak in ti_fapll_synth_setup
pwm: zx: Add missing cleanup in error path
pwm: lp3943: Dynamically allocate PWM chip base
perf record: Fix memory leak when using '--user-regs=?' to list registers
qlcnic: Fix error code in probe
virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed()
virtio_net: Fix error code in probe()
virtio_ring: Fix two use after free bugs
clk: at91: sam9x60: remove atmel,osc-bypass support
clk: s2mps11: Fix a resource leak in error handling paths in the probe function
clk: sunxi-ng: Make sure divider tables have sentinel
kconfig: fix return value of do_error_if()
perf probe: Fix memory leak when synthesizing SDT probes
ARM: sunxi: Add machine match for the Allwinner V3 SoC
cfg80211: initialize rekey_data
fix namespaced fscaps when !CONFIG_SECURITY
lwt: Disable BH too in run_lwt_bpf()
drm/amd/display: Prevent bandwidth overflow
drm/amdkfd: Fix leak in dmabuf import
Input: cros_ec_keyb - send 'scancodes' in addition to key events
initramfs: fix clang build failure
Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU
media: gspca: Fix memory leak in probe
media: sunxi-cir: ensure IR is handled when it is continuous
media: netup_unidvb: Don't leak SPI master in probe error path
media: ipu3-cio2: Remove traces of returned buffers
media: ipu3-cio2: Return actual subdev format
media: ipu3-cio2: Serialise access to pad format
media: ipu3-cio2: Validate mbus format in setting subdev format
media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE
Input: cyapa_gen6 - fix out-of-bounds stack access
ALSA: hda/ca0132 - Change Input Source enum strings.
PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup()
Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks"
ACPI: PNP: compare the string length in the matching_id()
ALSA: hda: Fix regressions on clear and reconfig sysfs
ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg.
ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop
ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256
ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255
ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: core: memalloc: add page alignment for iram
s390/smp: perform initial CPU reset also for SMT siblings
s390/kexec_file: fix diag308 subcode when loading crash kernel
s390/dasd: fix hanging device offline processing
s390/dasd: prevent inconsistent LCU device data
s390/dasd: fix list corruption of pavgroup group list
s390/dasd: fix list corruption of lcu list
binder: add flag to clear buffer on txn complete
ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams
staging: comedi: mf6x4: Fix AI end-of-conversion detection
perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY
perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake
powerpc/perf: Exclude kernel samples while counting events in user space.
crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata
EDAC/i10nm: Use readl() to access MMIO registers
EDAC/amd64: Fix PCI component registration
cpuset: fix race between hotplug work and later CPU offline
USB: serial: mos7720: fix parallel-port state restore
USB: serial: digi_acceleport: fix write-wakeup deadlocks
USB: serial: keyspan_pda: fix dropped unthrottle interrupts
USB: serial: keyspan_pda: fix write deadlock
USB: serial: keyspan_pda: fix stalled writes
USB: serial: keyspan_pda: fix write-wakeup use-after-free
USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
USB: serial: keyspan_pda: fix write unthrottling
btrfs: do not shorten unpin len for caching block groups
btrfs: trim: fix underflow in trim length to prevent access beyond device boundary
ext4: fix a memory leak of ext4_free_data
ext4: fix deadlock with fs freezing and EA inodes
KVM: arm64: Introduce handling of AArch32 TTBCR2 traps
ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES
ARM: dts: at91: sama5d2: fix CAN message ram offset and size
xprtrdma: Fix XDRBUF_SPARSE_PAGES support
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter
powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE
powerpc/xmon: Change printk() to pr_cont()
powerpc/8xx: Fix early debug when SMC1 is relocated
powerpc/mm: Fix verification of MMU_FTR_TYPE_44x
powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU
powerpc/powernv/memtrace: Don't leak kernel memory to user space
powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently
ima: Don't modify file descriptor mode on the fly
um: Remove use of asprinf in umid.c
ceph: fix race in concurrent __ceph_remove_cap invocations
SMB3: avoid confusing warning message on mount to Azure
ubifs: wbuf: Don't leak kernel memory to flash
jffs2: Fix GC exit abnormally
jffs2: Fix ignoring mounting options problem during remounting
jfs: Fix array index bounds check in dbAdjTree
platform/x86: mlx-platform: remove an unused variable
drm/amd/display: Fix memory leaks in S3 resume
drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor()
drm/i915: Fix mismatch between misplaced vma check and vma insert
spi: pxa2xx: Fix use-after-free on unbind
spi: spi-sh: Fix use-after-free on unbind
spi: atmel-quadspi: Fix use-after-free on unbind
spi: davinci: Fix use-after-free on unbind
spi: fsl: fix use of spisel_boot signal on MPC8309
spi: gpio: Don't leak SPI master in probe error path
spi: mxic: Don't leak SPI master in probe error path
spi: pic32: Don't leak DMA channels in probe error path
spi: rb4xx: Don't leak SPI master in probe error path
spi: sc18is602: Don't leak SPI master in probe error path
spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path
spi: synquacer: Disable clock in probe error path
spi: mt7621: Disable clock in probe error path
spi: mt7621: Don't leak SPI master in probe error path
spi: atmel-quadspi: Disable clock in probe error path
spi: atmel-quadspi: Fix AHB memory accesses
soc: qcom: smp2p: Safely acquire spinlock without IRQs
mtd: spinand: Fix OOB read
mtd: parser: cmdline: Fix parsing of part-names with colons
mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read
mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments
scsi: qla2xxx: Fix crash during driver load on big endian machines
scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc()
scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()
iio: buffer: Fix demux update
iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume
iio:light:rpr0521: Fix timestamp alignment and prevent data leak.
iio:light:st_uvis25: Fix timestamp alignment and prevent data leak.
iio:magnetometer:mag3110: Fix alignment and data leak issues.
iio:pressure:mpl3115: Force alignment of buffer
iio:imu:bmi160: Fix too large a buffer.
iio:adc:ti-ads124s08: Fix buffer being too long.
iio:adc:ti-ads124s08: Fix alignment and data leak issues.
md/cluster: block reshape with remote resync job
md/cluster: fix deadlock when node is doing resync job
pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler
clk: ingenic: Fix divider calculation with div tables
clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9
clk: tegra: Do not return 0 on failure
device-dax/core: Fix memory leak when rmmod dax.ko
dma-buf/dma-resv: Respect num_fences when initializing the shared fence list.
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
xen/xenbus: Allow watches discard events before queueing
xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path()
xen/xenbus/xen_bus_type: Support will_handle watch callback
xen/xenbus: Count pending messages for each watch
xenbus/xenbus_backend: Disallow pending watch messages
libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels
platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12
PCI: Fix pci_slot_release() NULL pointer dereference
regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x
rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time
Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"
x86/CPU/AMD: Save AMD NodeId as cpu_die_id
Linux 5.4.86
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: If271639b9a7c833718f8cfdfbacce5affe7f4189
|
||
Roberto Sassu
|
26d72a8460 |
ima: Don't modify file descriptor mode on the fly
commit 207cdd565dfc95a0a5185263a567817b7ebf5467 upstream. Commit |
||
Paul Moore
|
c807042f2d |
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
[ Upstream commit 200ea5a2292dc444a818b096ae6a32ba3caa51b9 ]
A previous fix, commit 83370b31a915 ("selinux: fix error initialization
in inode_doinit_with_dentry()"), changed how failures were handled
before a SELinux policy was loaded. Unfortunately that patch was
potentially problematic for two reasons: it set the isec->initialized
state without holding a lock, and it didn't set the inode's SELinux
label to the "default" for the particular filesystem. The later can
be a problem if/when a later attempt to revalidate the inode fails
and SELinux reverts to the existing inode label.
This patch should restore the default inode labeling that existed
before the original fix, without affecting the LABEL_INVALID marking
such that revalidation will still be attempted in the future.
Fixes: 83370b31a915 ("selinux: fix error initialization in inode_doinit_with_dentry()")
Reported-by: Sven Schnelle <svens@linux.ibm.com>
Tested-by: Sven Schnelle <svens@linux.ibm.com>
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Tianyue Ren
|
4aae08a71e |
selinux: fix error initialization in inode_doinit_with_dentry()
[ Upstream commit 83370b31a915493231e5b9addc72e4bef69f8d31 ]
Mark the inode security label as invalid if we cannot find
a dentry so that we will retry later rather than marking it
initialized with the unlabeled SID.
Fixes:
|
||
|
Greg Kroah-Hartman
|
5a742c2b56 |
This is the 5.4.82 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/PSigACgkQONu9yGCS aT6bSw//eDCpWcnLDa1Rt4bOrnO82484ebr1PZeYPfca/3QVS59j8DsVOf6Xklmz z2ponI6SRFxZwO2SmXrfoiOhUVI9Kd3ohTH+LSo3ezpk0klamIf60L914RBc7QFE wmVgOPz5LwLxfkU5a148/H4rwLGlM9oBxVcCXpnLkN03Ul4JM/P6A/T3rFrX8ZkW 3r4NYu3jOHgNz+irosW8zAea+jIf7ALg4Gch3ILwrbM4KSQiyXbAp0mJsY+li7HE BSa1RJHBXkqCwK/mWT4LWuJNf871T656kKr04/rxipRu2lEcGCPghO4DGba1mjqR NdnuMWBjoxetlRAbWOylWT+2ngQNx+E9hFrBxg1+js/mcHvfpeM4EuSK4YCnI7rO 6r5JZqYdw7GGHqvy51JPLx1m+NMt8XhTp5+1vOIZhjtdNrcTMBz0kxIiGbvTwdlb BbO+LDjmBmQYwmTcadbBPPMRLKnvx5bbNtTAzdwkvYEC8ev5RfxebFO/StTbmVRd JIUKkwmNw803OjhMgs+dXVw0lX8C1nLSSROKHf4+lCGFhCDnDhos5DpKpfBIwXxP Xv0Uf1YA4ygFVId+kuJOoXWNBkzB6UOlKMxoU1YcuRwpZHFk8b+MvTAzaCbSSl3A nJT6CK3K3H6WSiF9PC8i85kFJbAJbwifjx904nGBekaqU0bgI+s= =Faec -----END PGP SIGNATURE----- Merge 5.4.82 into android11-5.4-lts Changes in 5.4.82 devlink: Hold rtnl lock while reading netdev attributes ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init net/af_iucv: set correct sk_protocol for child sockets net/tls: missing received data after fast remote close net/tls: Protect from calling tls_dev_del for TLS RX twice rose: Fix Null pointer dereference in rose_send_frame() sock: set sk_err to ee_errno on dequeue from errq tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control tun: honor IOCB_NOWAIT flag usbnet: ipheth: fix connectivity with iOS 14 bonding: wait for sysfs kobject destruction before freeing struct slave staging/octeon: fix up merge error ima: extend boot_aggregate with kernel measurements sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal ipv4: Fix tos mask in inet_rtm_getroute() dt-bindings: net: correct interrupt flags in examples chelsio/chtls: fix panic during unload reload chtls ibmvnic: Ensure that SCRQ entry reads are correctly ordered ibmvnic: Fix TX completion error handling inet_ecn: Fix endianness of checksum update when setting ECT(1) geneve: pull IP header before ECN decapsulation net: ip6_gre: set dev->hard_header_len when using header_ops net/x25: prevent a couple of overflows cxgb3: fix error return code in t3_sge_alloc_qset() net: pasemi: fix error return code in pasemi_mac_open() vxlan: fix error return code in __vxlan_dev_create() chelsio/chtls: fix a double free in chtls_setkey() net: mvpp2: Fix error return code in mvpp2_open() net: skbuff: ensure LSE is pullable before decrementing the MPLS ttl net: openvswitch: ensure LSE is pullable before reading it net/sched: act_mpls: ensure LSE is pullable before reading it net/mlx5: DR, Proper handling of unsupported Connect-X6DX SW steering net/mlx5: Fix wrong address reclaim when command interface is down ALSA: usb-audio: US16x08: fix value count for level meters Input: xpad - support Ardwiino Controllers Input: i8042 - add ByteSpeed touchpad to noloop table tracing: Remove WARN_ON in start_thread() RDMA/i40iw: Address an mmap handler exploit in i40iw Linux 5.4.82 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie7c035895e3413f7a58012c372cfc64deb2e6081 |
||
Maurizio Drocco
|
c4405cdf96 |
ima: extend boot_aggregate with kernel measurements
[ Upstream commit 20c59ce010f84300f6c655d32db2610d3433f85c ] Registers 8-9 are used to store measurements of the kernel and its command line (e.g., grub2 bootloader with tpm module enabled). IMA should include them in the boot aggregate. Registers 8-9 should be only included in non-SHA1 digests to avoid ambiguity. Signed-off-by: Maurizio Drocco <maurizio.drocco@ibm.com> Reviewed-by: Bruno Meneguele <bmeneg@redhat.com> Tested-by: Bruno Meneguele <bmeneg@redhat.com> (TPM 1.2, TPM 2.0) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
qctecmdr
|
f79ed0dbae | Merge "selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND" | ||
Ravi Kumar Siddojigari
|
b61d4fc525 |
selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND
Move cache based pkey sid retrieval code which was added with Commit "409dcf31" under CONFIG_SECURITY_INFINIBAND. As its going to alloc a new cache which impacts low ram devices which was enabled by default. Change-Id: I179a461386a09ebd58591fe835e3e0e0002db392 Suggested-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> |
||
Blagovest Kolenichev
|
c47e2335cc |
Merge android11-5.4.61+ (3720133) into msm-5.4
* refs/heads/tmp-3720133: ANDROID: ABI: Update allowed list for QCOM FROMGIT: Input: Add devices for HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE ANDROID: GKI: add allowed list for Exynosauto SoC ANDROID: GKI: update allowed list for Exynosauto SoC UPSTREAM: mfd: sprd: Add wakeup capability for PMIC IRQ UPSTREAM: tick/common: Touch watchdog in tick_unfreeze() on all CPUs FROMLIST: thermal: Fix NULL pointer dereference issue ANDROID: ABI: Update allowed list for QCOM UPSTREAM: spi: Fix regression to return zero on success instead of positive value UPSTREAM: thermal: power_allocator: Fix Kconfig warning UPSTREAM: of/platform: Unconditionally pause/resume sync state during kernel init UPSTREAM: selinux: ensure the policy has been loaded before reading the sidtab stats UPSTREAM: MIPS: vdso: Define BUILD_VDSO32 when building a 32bit kernel UPSTREAM: mfd: syscon: Fix syscon_regmap_lookup_by_phandle_args() dummy UPSTREAM: ARM: bcm2835_defconfig: Explicitly restore CONFIG_DEBUG_FS UPSTREAM: ARM: socfpga_defconfig: Add back DEBUG_FS UPSTREAM: um: Fix header inclusion UPSTREAM: net: fix fraglist segmentation reference count leak UPSTREAM: ipv6: ndisc: RFC-ietf-6man-ra-pref64-09 is now published as RFC8781 UPSTREAM: of: property: Fix create device links for all child-supplier dependencies UPSTREAM: of: property: Do not link to disabled devices UPSTREAM: mmc: sdhci: Fix SDHCI_QUIRK_BROKEN_CQE UPSTREAM: usb: renesas-xhci: include correct header for get_unaligned_le16() UPSTREAM: wil6210: account for napi_gro_receive never returning GRO_DROP UPSTREAM: nl80211: fix memory leak when parsing NL80211_ATTR_HE_BSS_COLOR UPSTREAM: thermal/drivers/sprd: Fix return value of sprd_thm_probe() UPSTREAM: fscrypt: restrict IV_INO_LBLK_* to AES-256-XTS UPSTREAM: fscrypt: use smp_load_acquire() for fscrypt_prepared_key UPSTREAM: nvmem: sprd: Fix return value of sprd_efuse_probe() UPSTREAM: mac80211: fix warning in 6 GHz IE addition in mesh mode UPSTREAM: scsi: ufs: Fix interrupt error message for shared interrupts UPSTREAM: sched/fair: Fix wrong negative conversion in find_energy_efficient_cpu() UPSTREAM: driver core: Fix device_pm_lock() locking for device links UPSTREAM: fscrypt: restrict IV_INO_LBLK_32 to ino_bits <= 32 UPSTREAM: scsi: ufs: ufs-mediatek: Eliminate error message for unbound mphy UPSTREAM: scsi: ufs: ufs-mediatek: Fix HOST_PA_TACTIVATE quirk UPSTREAM: cfg80211: fix 6 GHz channel conversion ANDROID: GKI: update symbol list for exynosauto soc ANDROID: ABI: update allowed list for galaxy ANDROID: GKI: initial upload list for exynosauto soc ANDROID: ABI: Update allowed list for QCOM Conflicts: drivers/thermal/thermal_sysfs.c kernel/sched/fair.c Change-Id: I9a0af53ba055157468e6b3cee41f4c8bda1f34af Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
118da4b0e4 |
This is the 5.4.78 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+1Zg0ACgkQONu9yGCS
aT75KBAAqvo33a5xoTM+FQQRsRSKaRNOhCQooXEB1bJcas3y+yQ6ehmwCJ8/K1tC
JilD+NQt6uuwH2f2cLrH0e4EQcvno390qF/wOCF377bUnKklsxydyaLSLhGYTqR9
5u/vZVf/QoWZc6BvDwPWNo/NwuRPgJ+sVjuFvtt08l0pGQou26WGujl6ElJKBiLV
SbbRDlx/f8cJa/oqN8TL/V/VDqJfVLcv6hFRvf44newSUJK05LgCVoM76WEcSQLj
GYrtCNwffJtnCUzUr/SctNymsgmjj65df6tKmS0vntWH5kTBnCKK/Mnly38gQbeB
nvci1siOUjnnrkBhydKixO4Q6OZmrbuM0g3vXmW5/Az7HjRcX84BRu+yE7aArE3/
GMAIO/D1Wj9Dhxs59cu12IWxRaljkT+5FsZYV55TgcRMmWHq/YzBYFSW15fZ9xEw
ehel9m5ou+HqVtz+bR+ar3v6M2bhedJ0fFvXnbN2OhMwHsEUTuYqfTb7k/21dUwE
P5k8qGGcYKE1q1gb/Dp3p/hDBjr5h4Mg7z7S8diGsVv3klgrtttgqkOo79JfTESz
BS5vsF9yS0k23xemCl3jZ41X9uReXnE3lvEeuDBDdYvHPwnjyzPeUN5jgN6abQm7
CTxp0oPIFW+O8MV+vgF1joK6ykbK8rJRjIUcfzHeI6oKt+HQBJY=
=gimO
-----END PGP SIGNATURE-----
Merge 5.4.78 into android11-5.4-lts
Changes in 5.4.78
drm/i915/gem: Flush coherency domains on first set-domain-ioctl
time: Prevent undefined behaviour in timespec64_to_ns()
nbd: don't update block size after device is started
KVM: arm64: Force PTE mapping on fault resulting in a device mapping
PCI: qcom: Make sure PCIe is reset before init for rev 2.1.0
usb: dwc3: gadget: Continue to process pending requests
usb: dwc3: gadget: Reclaim extra TRBs after request completion
btrfs: tracepoints: output proper root owner for trace_find_free_extent()
btrfs: sysfs: init devices outside of the chunk_mutex
btrfs: reschedule when cloning lots of extents
ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function
genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
hv_balloon: disable warning when floor reached
net: xfrm: fix a race condition during allocing spi
ASoC: codecs: wcd9335: Set digital gain range correctly
xfs: set xefi_discard when creating a deferred agfl free log intent item
netfilter: use actual socket sk rather than skb sk when routing harder
netfilter: nf_tables: missing validation from the abort path
netfilter: ipset: Update byte and packet counters regardless of whether they match
powerpc/eeh_cache: Fix a possible debugfs deadlock
perf trace: Fix segfault when trying to trace events by cgroup
perf tools: Add missing swap for ino_generation
ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
iommu/vt-d: Fix a bug for PDP check in prq_event_thread
afs: Fix warning due to unadvanced marshalling pointer
can: rx-offload: don't call kfree_skb() from IRQ context
can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames
can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
can: j1939: swap addr and pgn in the send example
can: j1939: j1939_sk_bind(): return failure if netdev is down
can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path
can: xilinx_can: handle failure cases of pm_runtime_get_sync
can: peak_usb: add range checking in decode operations
can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on
can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A
can: flexcan: flexcan_remove(): disable wakeup completely
xfs: flush new eof page on truncate to avoid post-eof corruption
xfs: fix scrub flagging rtinherit even if there is no rt device
tpm: efi: Don't create binary_bios_measurements file for an empty log
random32: make prandom_u32() output unpredictable
KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED
KVM: x86: don't expose MSR_IA32_UMWAIT_CONTROL unconditionally
ath9k_htc: Use appropriate rs_datalen type
ASoC: qcom: sdm845: set driver name correctly
ASoC: cs42l51: manage mclk shutdown delay
usb: dwc3: pci: add support for the Intel Alder Lake-S
opp: Reduce the size of critical section in _opp_table_kref_release()
usb: gadget: goku_udc: fix potential crashes in probe
selftests/ftrace: check for do_sys_openat2 in user-memory test
selftests: pidfd: fix compilation errors due to wait.h
ALSA: hda: Separate runtime and system suspend
ALSA: hda: Reinstate runtime_allow() for all hda controllers
gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
gfs2: Add missing truncate_inode_pages_final for sd_aspace
gfs2: check for live vs. read-only file system in gfs2_fitrim
scsi: hpsa: Fix memory leak in hpsa_init_one()
drm/amdgpu: perform srbm soft reset always on SDMA resume
drm/amd/pm: perform SMC reset on suspend/hibernation
drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
mac80211: fix use of skb payload instead of header
cfg80211: initialize wdev data earlier
cfg80211: regulatory: Fix inconsistent format argument
tracing: Fix the checking of stackidx in __ftrace_trace_stack
scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
scsi: mpt3sas: Fix timeouts observed while reenabling IRQ
nvme: introduce nvme_sync_io_queues
nvme-rdma: avoid race between time out and tear down
nvme-tcp: avoid race between time out and tear down
nvme-rdma: avoid repeated request completion
nvme-tcp: avoid repeated request completion
iommu/amd: Increase interrupt remapping table limit to 512 entries
s390/smp: move rcu_cpu_starting() earlier
vfio: platform: fix reference leak in vfio_platform_open
vfio/pci: Bypass IGD init in case of -ENODEV
i2c: mediatek: move dma reset before i2c reset
amd/amdgpu: Disable VCN DPG mode for Picasso
selftests: proc: fix warning: _GNU_SOURCE redefined
riscv: Set text_offset correctly for M-Mode
i2c: sh_mobile: implement atomic transfers
tpm_tis: Disable interrupts on ThinkPad T490s
spi: bcm2835: remove use of uninitialized gpio flags variable
tick/common: Touch watchdog in tick_unfreeze() on all CPUs
mfd: sprd: Add wakeup capability for PMIC IRQ
pinctrl: intel: Set default bias in case no particular value given
ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE
pinctrl: aspeed: Fix GPI only function problem.
net/mlx5: Fix deletion of duplicate rules
SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow()
bpf: Zero-fill re-used per-cpu map element
nbd: fix a block_device refcount leak in nbd_release
igc: Fix returning wrong statistics
xfs: fix flags argument to rmap lookup when converting shared file rmaps
xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents
xfs: fix rmap key and record comparison functions
xfs: fix brainos in the refcount scrubber's rmap fragment processor
lan743x: fix "BUG: invalid wait context" when setting rx mode
xfs: fix a missing unlock on error in xfs_fs_map_blocks
of/address: Fix of_node memory leak in of_dma_is_coherent
cosa: Add missing kfree in error path of cosa_write
vrf: Fix fast path output packet handling with async Netfilter rules
perf: Fix get_recursion_context()
erofs: derive atime instead of leaving it empty
ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA
ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod
btrfs: fix min reserved size calculation in merge_reloc_root
btrfs: dev-replace: fail mount if we don't have replace item with target device
KVM: arm64: Don't hide ID registers from userspace
thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services()
thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
uio: Fix use-after-free in uio_unregister_device()
usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
xhci: hisilicon: fix refercence leak in xhci_histb_probe
virtio: virtio_console: fix DMA memory allocation for rproc serial
mei: protect mei_cl_mtu from null dereference
futex: Don't enable IRQs unconditionally in put_pi_state()
jbd2: fix up sparse warnings in checkpoint code
mm/slub: fix panic in slab_alloc_node()
Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
reboot: fix overflow parsing reboot cpu number
ocfs2: initialize ip_next_orphan
btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch
selinux: Fix error return code in sel_ib_pkey_sid_slow()
gpio: pcie-idio-24: Fix irq mask when masking
gpio: pcie-idio-24: Fix IRQ Enable Register value
gpio: pcie-idio-24: Enable PEX8311 interrupts
mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs
mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove
don't dump the threads that had been already exiting when zapped.
drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
pinctrl: amd: use higher precision for 512 RtcClk
pinctrl: amd: fix incorrect way to disable debounce filter
swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
IPv6: Set SIT tunnel hard_header_len to zero
net/af_iucv: fix null pointer dereference on shutdown
net: udp: fix UDP header access on Fast/frag0 UDP GRO
net: Update window_clamp if SOCK_RCVBUF is set
net/x25: Fix null-ptr-deref in x25_connect
tipc: fix memory leak in tipc_topsrv_start()
r8169: fix potential skb double free in an error path
drm/i915: Correctly set SFC capability for video engines
powerpc/603: Always fault when _PAGE_ACCESSED is not set
x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP
perf scripting python: Avoid declaring function pointers with a visibility attribute
perf/core: Fix race in the perf_mmap_close() function
net: sch_generic: fix the missing new qdisc assignment bug
Convert trailing spaces and periods in path components
Linux 5.4.78
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iac77690a370f99dc3518ab5bd4660fc31d0832c0
|
||
Chen Zhou
|
68dae71b7c |
selinux: Fix error return code in sel_ib_pkey_sid_slow()
commit c350f8bea271782e2733419bd2ab9bf4ec2051ef upstream.
Fix to return a negative error code from the error handling case
instead of 0 in function sel_ib_pkey_sid_slow(), as done elsewhere
in this function.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
d0bd13a1b2 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Paul Moore
|
26d0b8dd3a |
UPSTREAM: selinux: ensure the policy has been loaded before reading the sidtab stats
Check to make sure we have loaded a policy before we query the
sidtab's hash stats. Failure to do so could result in a kernel
panic/oops due to a dereferenced NULL pointer.
Fixes: 66f8e2f03c02 ("selinux: sidtab reverse lookup hash table")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 15b590a81fcdd44ddcb4810f2a6334df8b6ca512)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9c9309341634ba0bdc6d151ec1ae4040a71dcd40
|
||
|
Greg Kroah-Hartman
|
15fd930b92 |
This is the 5.4.74 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+elYEACgkQONu9yGCS aT4DfQ/+OoCvKzPm/gxmJejGNUvagBhMLXxNw62jvmLwHnagWNchXMQEoplmwpIz D3FeSnH6VjBj8QfXCzxZJVazuPNaiSfxrwvaboakvVnvJw66rC0LgiXUJ5MuMhmr YVBJ9YfA73Lpv96ySrXWdqEO6QIMgYnlR95Ep+33IBUb5x2QuQB+8ho+qQ3h6I4r uoVAzFLaliCpRF/Hz9pwjZjSo3zDbyYx29XVFXYkrHn8cJWE6oBZtNo+K1cyY3wH dNY9CXPRh4oC5G+w579m5GvnW5Ac5hTHKONNURCu9NgsEJgHfpuXXiK+ve1yS7xa LFj1qFuYW90scgvmcx/YSKIWkNdCGCsqLlp3OJwVDm573touy6NZOag5GW2S35iD GcPRvJjWHay8NJSwKteKN9YH92xBxaSWJalrIQcY4Q4VAgJpXizIxZskGieWRdYv 2XrSAOyXfSPP3nEsRXANEC2RY38Vp6zQt5G4a5duvztNU8knRjuQijMU7vvUbjvU V7D+kpamoqSiEkKmPYi3ViH80BkBNaxVrh54AMW9BQiFxUum5X/8sD7PDnKg+p8R tPPFsFHKAyVSQQe/7VlAfDq1D9xCfgfzA4TiMYqseyBBFs4UZ1dkLBQTL7Xza9ma H4NrA6SQibzYXH5F8OPWFqLPye1hmzAvojhskLk6ijeCw+koLk4= =zfx+ -----END PGP SIGNATURE----- Merge 5.4.74 into android11-5.4-lts Changes in 5.4.74 netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_create socket: don't clear SOCK_TSTAMP_NEW when SO_TIMESTAMPNS is disabled objtool: Support Clang non-section symbols in ORC generation scripts/setlocalversion: make git describe output more reliable arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs arm64: link with -z norelro regardless of CONFIG_RELOCATABLE x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled efivarfs: Replace invalid slashes with exclamation marks in dentries. bnxt_en: Check abort error state in bnxt_open_nic(). bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally. chelsio/chtls: fix deadlock issue chelsio/chtls: fix memory leaks in CPL handlers chelsio/chtls: fix tls record info to user cxgb4: set up filter action after rewrites gtp: fix an use-before-init in gtp_newlink() ibmvnic: fix ibmvnic_set_mac mlxsw: core: Fix memory leak on module removal netem: fix zero division in tabledist net/sched: act_mpls: Add softdep on mpls_gso.ko r8169: fix issue with forced threading in combination with shared interrupts ravb: Fix bit fields checking in ravb_hwtstamp_get() tcp: Prevent low rmem stalls with SO_RCVLOWAT. tipc: fix memory leak caused by tipc_buf_append() net: hns3: Clear the CMDQ registers before unmapping BAR region bnxt_en: Re-write PCI BARs after PCI fatal error. bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one(). bnxt_en: Invoke cancel_delayed_work_sync() for PFs also. erofs: avoid duplicated permission check for "trusted." xattrs arch/x86/amd/ibs: Fix re-arming IBS Fetch x86/xen: disable Firmware First mode for correctable memory errors ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 fuse: fix page dereference after free bpf: Fix comment for helper bpf_current_task_under_cgroup() evm: Check size of security.evm before using it p54: avoid accessing the data mapped to streaming DMA cxl: Rework error message for incompatible slots RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() mtd: lpddr: Fix bad logic in print_drs_error serial: qcom_geni_serial: To correct QUP Version detection logic serial: pl011: Fix lockdep splat when handling magic-sysrq interrupt PM: runtime: Fix timer_expires data type on 32-bit arches ata: sata_rcar: Fix DMA boundary mask xen/gntdev.c: Mark pages as dirty crypto: x86/crc32c - fix building with clang ias openrisc: Fix issue with get_user for 64-bit values misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() phy: marvell: comphy: Convert internal SMCC firmware return codes to errno Linux 5.4.74 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I33acff93a227456d73b104b89a902df744de0db9 |
||
|
Roberto Sassu
|
801863f634 |
evm: Check size of security.evm before using it
commit 455b6c9112eff8d249e32ba165742085678a80a4 upstream.
This patch checks the size for the EVM_IMA_XATTR_DIGSIG and
EVM_XATTR_PORTABLE_DIGSIG types to ensure that the algorithm is read from
the buffer returned by vfs_getxattr_alloc().
Cc: stable@vger.kernel.org # 4.19.x
Fixes:
|
||
|
Greg Kroah-Hartman
|
7ee5d73d3e |
This is the 5.4.73 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+ahE8ACgkQONu9yGCS
aT4j1A/9HzkKKoqZ2vXYQ1/uEnUqZech9ly1KxpNTBrSZYAtx3MaWY7tGDEx2BqD
y6iw9x4MymhHEbpwLg6YmmdWuMQLNNYJGoyLiPJgWhkE4c7zHadhNz1DcPEI8F7z
bSlUJ3Oebr8gzv0FvUmeVXw7Z2EuOqM1zGgTAZfnKY3DkYHbLnrzUJ4AiI8TNeba
pPIhjfIJ1TvhF+s5ggf2m8OtSWLZ0doCWCPmCFe2WyERX2WYCzPgsm0yL7L7oXME
ZqWpOcClBsiYekBNcZ4kxozhJtArCnv24n9VoXJ/YJIlWKvCA6uC8r527nGN/z08
dfFelj1nDs7/VrCSP4+109EjxLQnSYGgIWP0g0OsC+9wOmrQsYJ1azP1eNjm+NuC
hPa8uYVEZxwVyJuEfu4ZB4NMZBlD2qnHoskvBKbyZ8yaVnbvlMp552XMwsmJBpCs
8wArzabrJEz396LUUIYG829D7NBDuRav1Miu+FTzlbn+xZ/Y/S8OmhoG2stWa4wV
y5x0M0DWgrqiZ9rMkz9A03UNnCInQVTfIBoMl63xFitW4/0vLsln3+CjzlKm7H46
rD/tKACUoCDjR5DN+JwQzmTdL9zBb4p1cXwWjWb6rON3BkXmO0JVAxzurxI9PfX0
ZWDydZ3HNmrm0d3J12zf3kTX56PfPFAGWUsEc4Ntb5zdWXSQJsE=
=fZ3T
-----END PGP SIGNATURE-----
Merge 5.4.73 into android11-5.4-lts
Changes in 5.4.73
ibmveth: Switch order of ibmveth_helper calls.
ibmveth: Identify ingress large send packets.
ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
mlx4: handle non-napi callers to napi_poll
net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
net: fec: Fix PHY init after phy_reset_after_clk_enable()
net: fix pos incrementment in ipv6_route_seq_next
net/smc: fix valid DMBE buffer sizes
net/tls: sendfile fails with ktls offload
net: usb: qmi_wwan: add Cellient MPL200 card
tipc: fix the skb_unshare() in tipc_buf_append()
socket: fix option SO_TIMESTAMPING_NEW
can: m_can_platform: don't call m_can_class_suspend in runtime suspend
can: j1935: j1939_tp_tx_dat_new(): fix missing initialization of skbcnt
net: j1939: j1939_session_fresh_new(): fix missing initialization of skbcnt
net/ipv4: always honour route mtu during forwarding
net_sched: remove a redundant goto chain check
r8169: fix data corruption issue on RTL8402
cxgb4: handle 4-tuple PEDIT to NAT mode translation
binder: fix UAF when releasing todo list
ALSA: bebob: potential info leak in hwdep_read()
ALSA: hda: fix jack detection with Realtek codecs when in D3
ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close
nvme-pci: disable the write zeros command for Intel 600P/P3100
chelsio/chtls: fix socket lock
chelsio/chtls: correct netdevice for vlan interface
chelsio/chtls: correct function return and return type
ibmvnic: save changed mac address to adapter->mac_addr
net: ftgmac100: Fix Aspeed ast2600 TX hang issue
net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup
net: Properly typecast int values to set sk_max_pacing_rate
net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
nexthop: Fix performance regression in nexthop deletion
nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download()
r8169: fix operation under forced interrupt threading
selftests: forwarding: Add missing 'rp_filter' configuration
selftests: rtnetlink: load fou module for kci_test_encap_fou() test
tcp: fix to update snd_wl1 in bulk receiver fast path
icmp: randomize the global rate limiter
ALSA: hda/realtek - The front Mic on a HP machine doesn't work
ALSA: hda/realtek - set mic to auto detect on a HP AIO machine
ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
cifs: remove bogus debug code
cifs: Return the error from crypt_message when enc/dec key not found.
SMB3: Resolve data corruption of TCP server info fields
KVM: nVMX: Reset the segment cache when stuffing guest segs
KVM: nVMX: Reload vmcs01 if getting vmcs12's pages fails
KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages
KVM: SVM: Initialize prev_ga_tag before use
ima: Don't ignore errors from crypto_shash_update()
crypto: algif_aead - Do not set MAY_BACKLOG on the async path
crypto: caam/qi - add fallback for XTS with more than 8B IV
EDAC/i5100: Fix error handling order in i5100_init_one()
EDAC/aspeed: Fix handling of platform_get_irq() error
EDAC/ti: Fix handling of platform_get_irq() error
perf/x86/intel/ds: Fix x86_pmu_stop warning for large PEBS
x86/fpu: Allow multiple bits in clearcpuid= parameter
drivers/perf: xgene_pmu: Fix uninitialized resource struct
drivers/perf: thunderx2_pmu: Fix memory resource error handling
sched/fair: Fix wrong cpu selecting from isolated domain
perf/x86/intel/uncore: Update Ice Lake uncore units
perf/x86/intel/uncore: Reduce the number of CBOX counters
x86/nmi: Fix nmi_handle() duration miscalculation
x86/events/amd/iommu: Fix sizeof mismatch
crypto: algif_skcipher - EBUSY on aio should be an error
crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
crypto: picoxcell - Fix potential race condition bug
media: tuner-simple: fix regression in simple_set_radio_freq
media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()"
media: ov5640: Correct Bit Div register in clock tree diagram
media: m5mols: Check function pointer in m5mols_sensor_power
media: uvcvideo: Set media controller entity functions
media: uvcvideo: Silence shift-out-of-bounds warning
media: staging/intel-ipu3: css: Correctly reset some memory
media: omap3isp: Fix memleak in isp_probe
media: i2c: ov5640: Remain in power down for DVP mode unless streaming
media: i2c: ov5640: Separate out mipi configuration from s_power
media: i2c: ov5640: Enable data pins on poweron for DVP mode
media: rcar_drif: Fix fwnode reference leak when parsing DT
media: rcar_drif: Allocate v4l2_async_subdev dynamically
media: rcar-csi2: Allocate v4l2_async_subdev dynamically
crypto: omap-sham - fix digcnt register handling with export/import
hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61}
cypto: mediatek - fix leaks in mtk_desc_ring_alloc
media: mx2_emmaprp: Fix memleak in emmaprp_probe
media: tc358743: initialize variable
media: tc358743: cleanup tc358743_cec_isr
media: rcar-vin: Fix a reference count leak.
media: rockchip/rga: Fix a reference count leak.
media: platform: fcp: Fix a reference count leak.
media: camss: Fix a reference count leak.
media: s5p-mfc: Fix a reference count leak
media: stm32-dcmi: Fix a reference count leak
media: ti-vpe: Fix a missing check and reference count leak
regulator: resolve supply after creating regulator
pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB
spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath()
spi: spi-s3c64xx: Check return values
blk-mq: move cancel of hctx->run_work to the front of blk_exit_queue
ath10k: provide survey info as accumulated data
drm/vkms: fix xrgb on compute crc
Bluetooth: hci_uart: Cancel init work before unregistering
drm/amd/display: Fix wrong return value in dm_update_plane_state()
drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path
wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
ASoC: qcom: lpass-platform: fix memory leak
ASoC: qcom: lpass-cpu: fix concurrency issue
brcmfmac: check ndev pointer
mwifiex: Do not use GFP_KERNEL in atomic context
staging: rtl8192u: Do not use GFP_KERNEL in atomic context
drm/gma500: fix error check
scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()'
scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg()
scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba()
scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
backlight: sky81452-backlight: Fix refcount imbalance on error
staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
VMCI: check return value of get_user_pages_fast() for errors
mm/error_inject: Fix allow_error_inject function signatures.
drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel
drm/crc-debugfs: Fix memleak in crc_control_write
binder: Remove bogus warning on failed same-process transaction
tty: serial: earlycon dependency
tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup()
pty: do tty_flip_buffer_push without port->lock in pty_write
pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
pwm: lpss: Add range limit check for the base_unit register value
drivers/virt/fsl_hypervisor: Fix error handling path
video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error
video: fbdev: sis: fix null ptr dereference
video: fbdev: radeon: Fix memleak in radeonfb_pci_register
ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe()
HID: roccat: add bounds checking in kone_sysfs_write_settings()
drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check()
drm/panfrost: Ensure GPU quirks are always initialised
iomap: Clear page error before beginning a write
pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser
pinctrl: mcp23s08: Fix mcp23x17 precious range
net/mlx5: Don't call timecounter cyc2time directly from 1PPS flow
scsi: mpt3sas: Fix sync irqs
net: stmmac: use netif_tx_start|stop_all_queues() function
cpufreq: armada-37xx: Add missing MODULE_DEVICE_TABLE
drm: mxsfb: check framebuffer pitch
coresight: etm4x: Handle unreachable sink in perf mode
xhci: don't create endpoint debugfs entry before ring buffer is set.
net: dsa: rtl8366: Check validity of passed VLANs
net: dsa: rtl8366: Refactor VLAN/PVID init
net: dsa: rtl8366: Skip PVID setting if not requested
net: wilc1000: clean up resource in error path of init mon interface
ASoC: tlv320aic32x4: Fix bdiv clock rate derivation
net: dsa: rtl8366rb: Support all 4096 VLANs
spi: omap2-mcspi: Improve performance waiting for CHSTAT
ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd()
dmaengine: dmatest: Check list for emptiness before access its last entry
misc: mic: scif: Fix error handling path
ALSA: seq: oss: Avoid mutex lock for a long-time ioctl
usb: dwc2: Fix parameter type in function pointer prototype
quota: clear padding in v2r1_mem2diskdqb()
slimbus: core: check get_addr before removing laddr ida
slimbus: core: do not enter to clock pause mode in core
slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback
ASoC: fsl_sai: Instantiate snd_soc_dai_driver
HID: hid-input: fix stylus battery reporting
nvmem: core: fix possibly memleak when use nvmem_cell_info_to_nvmem_cell()
nl80211: fix OBSS PD min and max offset validation
coresight: etm: perf: Fix warning caused by etm_setup_aux failure
ibmvnic: set up 200GBPS speed
qtnfmac: fix resource leaks on unsupported iftype error return path
iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling
net: enic: Cure the enic api locking trainwreck
mfd: sm501: Fix leaks in probe()
iwlwifi: mvm: split a print to avoid a WARNING in ROC
usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above.
usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
nl80211: fix non-split wiphy information
usb: dwc2: Fix INTR OUT transfers in DDMA mode.
scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
ipmi_si: Fix wrong return value in try_smi_init()
platform/x86: mlx-platform: Remove PSU EEPROM configuration
mwifiex: fix double free
ipvs: clear skb->tstamp in forwarding path
net: korina: fix kfree of rx/tx descriptor array
netfilter: nf_log: missing vlan offload tag and proto
mm/swapfile.c: fix potential memory leak in sys_swapon
mm/memcg: fix device private memcg accounting
mm, oom_adj: don't loop through tasks in __set_oom_adj when not necessary
fs: fix NULL dereference due to data race in prepend_path()
selftests/ftrace: Change synthetic event name for inter-event-combined test
i3c: master add i3c_master_attach_boardinfo to preserve boardinfo
IB/mlx4: Fix starvation in paravirt mux/demux
IB/mlx4: Adjust delayed work when a dup is observed
powerpc/pseries: Fix missing of_node_put() in rng_init()
powerpc/icp-hv: Fix missing of_node_put() in success path
RDMA/ucma: Fix locking for ctx->events_reported
RDMA/ucma: Add missing locking around rdma_leave_multicast()
mtd: lpddr: fix excessive stack usage with clang
RDMA/hns: Add a check for current state before modifying QP
RDMA/umem: Fix signature of stub ib_umem_find_best_pgsz()
powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
pseries/drmem: don't cache node id in drmem_lmb struct
RDMA/mlx5: Fix potential race between destroy and CQE poll
mtd: mtdoops: Don't write panic data twice
ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values
arc: plat-hsdk: fix kconfig dependency warning when !RESET_CONTROLLER
ida: Free allocated bitmap in error path
xfs: limit entries returned when counting fsmap records
xfs: fix deadlock and streamline xfs_getfsmap performance
xfs: fix high key handling in the rt allocator's query_range function
RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page boundary
RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz()
RDMA/qedr: Fix qp structure memory leak
RDMA/qedr: Fix use of uninitialized field
RDMA/qedr: Fix return code if accept is called on a destroyed qp
RDMA/qedr: Fix inline size returned for iWARP
powerpc/book3s64/hash/4k: Support large linear mapping range with 4K
powerpc/tau: Use appropriate temperature sample interval
powerpc/tau: Convert from timer to workqueue
powerpc/tau: Remove duplicated set_thresholds() call
powerpc/tau: Check processor type before enabling TAU interrupt
powerpc/tau: Disable TAU between measurements
powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm
RDMA/cma: Remove dead code for kernel rdmacm multicast
RDMA/cma: Consolidate the destruction of a cma_multicast in one place
perf intel-pt: Fix "context_switch event has no tid" error
RDMA/hns: Set the unsupported wr opcode
RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work
i40iw: Add support to make destroy QP synchronous
perf stat: Skip duration_time in setup_system_wide
RDMA/hns: Fix the wrong value of rnr_retry when querying qp
RDMA/hns: Fix missing sq_sig_type when querying QP
mtd: rawnand: vf610: disable clk on error handling path in probe
mtd: spinand: gigadevice: Only one dummy byte in QUADIO
mtd: spinand: gigadevice: Add QE Bit
kdb: Fix pager search for multi-line strings
overflow: Include header file with SIZE_MAX declaration
RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces
powerpc/perf: Exclude pmc5/6 from the irrelevant PMU group constraints
powerpc/perf/hv-gpci: Fix starting index value
i3c: master: Fix error return in cdns_i3c_master_probe()
cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier
IB/rdmavt: Fix sizeof mismatch
RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt()
maiblox: mediatek: Fix handling of platform_get_irq() error
selftests/powerpc: Fix eeh-basic.sh exit codes
f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
RDMA/rxe: Handle skb_clone() failure in rxe_recv.c
mm/page_owner: change split_page_owner to take a count
lib/crc32.c: fix trivial typo in preprocessor condition
ramfs: fix nommu mmap with gaps in the page cache
rapidio: fix error handling path
rapidio: fix the missed put_device() for rio_mport_add_riodev
mailbox: avoid timer start from callback
i2c: rcar: Auto select RESET_CONTROLLER
clk: meson: g12a: mark fclk_div2 as critical
PCI: aardvark: Check for errors from pci_bridge_emul_init() call
PCI: iproc: Set affinity mask on MSI interrupts
rpmsg: smd: Fix a kobj leak in in qcom_smd_parse_edge()
PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY
vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn
clk: qcom: gcc-sdm660: Fix wrong parent_map
clk: keystone: sci-clk: fix parsing assigned-clock data during probe
pwm: img: Fix null pointer access in probe
clk: rockchip: Initialize hw to error to avoid undefined behavior
clk: mediatek: add UART0 clock support
module: statically initialize init section freeing data
clk: at91: clk-main: update key before writing AT91_CKGR_MOR
clk: bcm2835: add missing release if devm_clk_hw_register fails
watchdog: Fix memleak in watchdog_cdev_register
watchdog: Use put_device on error
watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3
svcrdma: fix bounce buffers for unaligned offsets and multiple pages
ext4: limit entries returned when counting fsmap records
vfio/pci: Clear token on bypass registration failure
vfio iommu type1: Fix memory leak in vfio_iommu_type1_pin_pages
clk: imx8mq: Fix usdhc parents order
SUNRPC: fix copying of multiple pages in gss_read_proxy_verf()
Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
Input: stmfts - fix a & vs && typo
Input: ep93xx_keypad - fix handling of platform_get_irq() error
Input: omap4-keypad - fix handling of platform_get_irq() error
Input: twl4030_keypad - fix handling of platform_get_irq() error
Input: sun4i-ps2 - fix handling of platform_get_irq() error
KVM: x86: emulating RDPID failure shall return #UD rather than #GP
scsi: bfa: Fix error return in bfad_pci_init()
netfilter: conntrack: connection timeout after re-register
netfilter: ebtables: Fixes dropping of small packets in bridge nat
netfilter: nf_fwd_netdev: clear timestamp in forwarding path
arm64: dts: meson: vim3: correct led polarity
ARM: dts: imx6sl: fix rng node
ARM: at91: pm: of_node_put() after its usage
ARM: s3c24xx: fix mmc gpio lookup tables
ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator
arm64: dts: allwinner: h5: remove Mali GPU PMU module
memory: omap-gpmc: Fix a couple off by ones
memory: omap-gpmc: Fix build error without CONFIG_OF
memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
arm64: dts: imx8mq: Add missing interrupts to GPC
arm64: dts: qcom: msm8916: Remove one more thermal trip point unit name
arm64: dts: qcom: pm8916: Remove invalid reg size from wcd_codec
arm64: dts: qcom: msm8916: Fix MDP/DSI interrupts
arm64: dts: renesas: r8a77990: Fix MSIOF1 DMA channels
arm64: dts: renesas: r8a774c0: Fix MSIOF1 DMA channels
arm64: dts: actions: limit address range for pinctrl node
ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers
soc: fsl: qbman: Fix return value on success
ARM: OMAP2+: Restore MPU power domain if cpu_cluster_pm_enter() fails
arm64: dts: zynqmp: Remove additional compatible string for i2c IPs
ARM: dts: meson8: remove two invalid interrupt lines from the GPU node
lightnvm: fix out-of-bounds write to array devices->info[]
powerpc/powernv/dump: Fix race while processing OPAL dump
powerpc/pseries: Avoid using addr_to_pfn in real mode
nvmet: fix uninitialized work for zero kato
NTB: hw: amd: fix an issue about leak system resources
sched/features: Fix !CONFIG_JUMP_LABEL case
perf: correct SNOOPX field offset
i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs
md/bitmap: fix memory leak of temporary bitmap
block: ratelimit handle_bad_sector() message
crypto: ccp - fix error handling
x86/asm: Replace __force_order with a memory clobber
x86/mce: Add Skylake quirk for patrol scrub reported errors
media: firewire: fix memory leak
media: ati_remote: sanity check for both endpoints
media: st-delta: Fix reference count leak in delta_run_work
media: sti: Fix reference count leaks
media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
media: exynos4-is: Fix a reference count leak
media: vsp1: Fix runtime PM imbalance on error
media: platform: s3c-camif: Fix runtime PM imbalance on error
media: platform: sti: hva: Fix runtime PM imbalance on error
media: bdisp: Fix runtime PM imbalance on error
media: media/pci: prevent memory leak in bttv_probe
x86/mce: Make mce_rdmsrl() panic on an inaccessible MSR
media: uvcvideo: Ensure all probed info is returned to v4l2
mmc: sdio: Check for CISTPL_VERS_1 buffer size
media: saa7134: avoid a shift overflow
media: venus: fixes for list corruption
fs: dlm: fix configfs memory leak
media: venus: core: Fix runtime PM imbalance in venus_probe
ntfs: add check for mft record size in superblock
ip_gre: set dev->hard_header_len and dev->needed_headroom properly
mac80211: handle lack of sband->bitrates in rates
PM: hibernate: remove the bogus call to get_gendisk() in software_resume()
scsi: mvumi: Fix error return in mvumi_io_attach()
scsi: target: core: Add CONTROL field for trace events
mic: vop: copy data to kernel space then write to io memory
misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
usb: dwc3: Add splitdisable quirk for Hisilicon Kirin Soc
usb: gadget: function: printer: fix use-after-free in __lock_acquire
udf: Limit sparing table size
udf: Avoid accessing uninitialized data on failed inode read
rtw88: increse the size of rx buffer size
USB: cdc-acm: handle broken union descriptors
usb: dwc3: simple: add support for Hikey 970
can: flexcan: flexcan_chip_stop(): add error handling and propagate error value
ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs()
drm/panfrost: add amlogic reset quirk callback
bpf: Limit caller's stack depth 256 for subprogs with tailcalls
misc: rtsx: Fix memory leak in rtsx_pci_probe
reiserfs: only call unlock_new_inode() if I_NEW
opp: Prevent memory leak in dev_pm_opp_attach_genpd()
xfs: make sure the rt allocator doesn't run off the end
usb: ohci: Default to per-port over-current protection
Bluetooth: Only mark socket zapped after unlocking
drm/msm/a6xx: fix a potential overflow issue
iomap: fix WARN_ON_ONCE() from unprivileged users
scsi: ibmvfc: Fix error return in ibmvfc_probe()
scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change
brcmsmac: fix memory leak in wlc_phy_attach_lcnphy
rtl8xxxu: prevent potential memory leak
Fix use after free in get_capset_info callback.
HID: ite: Add USB id match for Acer One S1003 keyboard dock
scsi: qedf: Return SUCCESS if stale rport is encountered
scsi: qedi: Protect active command list to avoid list corruption
scsi: qedi: Fix list_del corruption while removing active I/O
fbmem: add margin check to fb_check_caps()
tty: ipwireless: fix error handling
Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb
ipvs: Fix uninit-value in do_ip_vs_set_ctl()
reiserfs: Fix memory leak in reiserfs_parse_options()
mwifiex: don't call del_timer_sync() on uninitialized timer
ALSA: hda/ca0132 - Add AE-7 microphone selection commands.
ALSA: hda/ca0132 - Add new quirk ID for SoundBlaster AE-7.
scsi: smartpqi: Avoid crashing kernel for controller issues
brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach
usb: core: Solve race condition in anchor cleanup functions
scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
dmaengine: dw: Add DMA-channels mask cell support
dmaengine: dw: Activate FIFO-mode for memory peripherals only
ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n()
net: korina: cast KSEG0 address to pointer in kfree
s390/qeth: don't let HW override the configured port role
tty: serial: lpuart: fix lpuart32_write usage
tty: serial: fsl_lpuart: fix lpuart32_poll_get_char
usb: cdc-acm: add quirk to blacklist ETAS ES58X devices
USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync().
usb: cdns3: gadget: free interrupt after gadget has deleted
eeprom: at25: set minimum read/write access stride to 1
usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets.
Linux 5.4.73
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3245a6f313462f8b4ea408c7657a1027ab95b78c
|
||
|
Roberto Sassu
|
68e3b25444 |
ima: Don't ignore errors from crypto_shash_update()
commit 60386b854008adc951c470067f90a2d85b5d520f upstream.
Errors returned by crypto_shash_update() are not checked in
ima_calc_boot_aggregate_tfm() and thus can be overwritten at the next
iteration of the loop. This patch adds a check after calling
crypto_shash_update() and returns immediately if the result is not zero.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
e772bef401 |
This is the 5.4.69 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl91u0cACgkQONu9yGCS aT7KmhAAvuW3edfAfzD/F5h4vHaa9rMRmtvp2/FwefBoE4LEi3F6p2gBrUZMA3ds DNQ8Nheafeqd63wFkfE//TXYR0rYTxTxa0jTrhtuJCUZ4+anRyG00fEbHPOxvMnJ aPwQQVNOfCaUAvRbFdQ4RbuIm5chhX8Bml0ZtqvsAAFJ9XkCh1UPF0VHtSrS7PRL lRMBlamLgZqU72naaJaFY2nMp+pvMFPZrzkR7tpv0Z1bqxuJp6L2n/EmcHpmTOJy Ze+Wvt1wKk8Ep5Vql5ekXt5lEiInjacwsJZXbb5HfHO++Y+1b+ABt1kSjJx+R3/q 2Qdztq+9Eoj0N1A4gXdVFoZHqKihhbD49k8YqX4qO5ujTzqgnNyHGSEXyIKvaU6z b3b12IvjbcMhM1zm3qvFfrVbbQI3kJf66zSi9NAwsZHlsvxRzslALR8I7mila4r5 fVOyfGoZxFs44FNW9JG7I85/isAxgg0ogYraMZbk8gmhTtb1ZaN+r7kJeXuTpzOg UBAIDYPclMyZeny6tn1/qFuzNGYQQ0R9kxFcTC21Cf2zNLWHNfwCL1vE3Ob+ROIS IHcsce6IqWQKGlD8UPjkZiXTLfqCAVi51PsGTVrnidXfa1IBOuvDsVqlghPsjHSD 30N4VB++9Gbw7LFEP4e33cOZLBLjDEdYd4VuoQFYywDZ3cy6xXo= =OoZD -----END PGP SIGNATURE----- Merge 5.4.69 into android11-5.4-lts Changes in 5.4.69 kernel/sysctl-test: Add null pointer test for sysctl.c:proc_dointvec() scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs scsi: mpt3sas: Free diag buffer without any status check selinux: allow labeling before policy is loaded media: mc-device.c: fix memleak in media_device_register_entity drm/amd/display: Do not double-buffer DTO adjustments drm/amdkfd: Fix race in gfx10 context restore handler dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) scsi: qla2xxx: Add error handling for PLOGI ELS passthrough ath10k: fix array out-of-bounds access ath10k: fix memory leak for tpc_stats_final PCI/IOV: Serialize sysfs sriov_numvfs reads vs writes mm: fix double page fault on arm64 if PTE_AF is cleared scsi: aacraid: fix illegal IO beyond last LBA m68k: q40: Fix info-leak in rtc_ioctl xfs: fix inode fork extent count overflow gma/gma500: fix a memory disclosure bug due to uninitialized bytes ASoC: kirkwood: fix IRQ error handling soundwire: intel/cadence: fix startup sequence media: smiapp: Fix error handling at NVM reading drm/amd/display: Free gamma after calculating legacy transfer function xfs: properly serialise fallocate against AIO+DIO leds: mlxreg: Fix possible buffer overflow dm table: do not allow request-based DM to stack on partitions PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out scsi: fnic: fix use after free scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce powerpc/64s: Always disable branch profiling for prom_init.o net: silence data-races on sk_backlog.tail dax: Fix alloc_dax_region() compile warning iomap: Fix overflow in iomap_page_mkwrite f2fs: avoid kernel panic on corruption test clk/ti/adpll: allocate room for terminating null drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table ice: Fix to change Rx/Tx ring descriptor size via ethtool with DCBx mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() mfd: mfd-core: Protect against NULL call-back function pointer drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table tpm_crb: fix fTPM on AMD Zen+ CPUs tracing: Verify if trace array exists before destroying it. tracing: Adding NULL checks for trace_array descriptor pointer bcache: fix a lost wake-up problem caused by mca_cannibalize_lock dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails x86/kdump: Always reserve the low 1M when the crashkernel option is specified RDMA/qedr: Fix potential use after free RDMA/i40iw: Fix potential use after free PCI: Avoid double hpmemsize MMIO window assignment fix dget_parent() fastpath race xfs: fix attr leaf header freemap.size underflow RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' ubi: Fix producing anchor PEBs mmc: core: Fix size overflow for mmc partitions gfs2: clean up iopen glock mess in gfs2_create_inode scsi: pm80xx: Cleanup command when a reset times out mt76: do not use devm API for led classdev mt76: add missing locking around ampdu action debugfs: Fix !DEBUG_FS debugfs_create_automount SUNRPC: Capture completion of all RPC tasks CIFS: Use common error handling code in smb2_ioctl_query_info() CIFS: Properly process SMB3 lease breaks f2fs: stop GC when the victim becomes fully valid ASoC: max98090: remove msleep in PLL unlocked workaround xtensa: fix system_call interaction with ptrace s390: avoid misusing CALL_ON_STACK for task stack setup xfs: fix realtime file data space leak drm/amdgpu: fix calltrace during kmd unload(v3) arm64: insn: consistently handle exit text selftests/bpf: De-flake test_tcpbpf kernel/notifier.c: intercept duplicate registrations to avoid infinite loops kernel/sys.c: avoid copying possible padding bytes in copy_to_user KVM: arm/arm64: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() module: Remove accidental change of module_enable_x() xfs: fix log reservation overflows when allocating large rt extents ALSA: hda: enable regmap internal locking tipc: fix link overflow issue at socket shutdown vcc_seq_next should increase position index neigh_stat_seq_next() should increase position index rt_cpu_seq_next should increase position index ipv6_route_seq_next should increase position index drm/mcde: Handle pending vblank while disabling display seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier drm/scheduler: Avoid accessing freed bad job. media: ti-vpe: cal: Restrict DMA to avoid memory corruption opp: Replace list_kref with a local counter scsi: qla2xxx: Fix stuck session in GNL scsi: lpfc: Fix incomplete NVME discovery when target sctp: move trace_sctp_probe_path into sctp_outq_sack ACPI: EC: Reference count query handlers under lock scsi: ufs: Make ufshcd_add_command_trace() easier to read scsi: ufs: Fix a race condition in the tracing code drm/amd/display: Initialize DSC PPS variables to 0 i2c: tegra: Prevent interrupt triggering after transfer timeout btrfs: tree-checker: Check leaf chunk item size dmaengine: zynqmp_dma: fix burst length configuration s390/cpum_sf: Use kzalloc and minor changes nfsd: Fix a soft lockup race in nfsd_file_mark_find_or_create() powerpc/eeh: Only dump stack once if an MMIO loop is detected Bluetooth: btrtl: Use kvmalloc for FW allocations tracing: Set kernel_stack's caller size properly ARM: 8948/1: Prevent OOB access in stacktrace ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter ceph: ensure we have a new cap before continuing in fill_inode selftests/ftrace: fix glob selftest tools/power/x86/intel_pstate_tracer: changes for python 3 compatibility Bluetooth: Fix refcount use-after-free issue mm/swapfile.c: swap_next should increase position index mm: pagewalk: fix termination condition in walk_pte_range() Bluetooth: prefetch channel before killing sock KVM: fix overflow of zero page refcount with ksm running ALSA: hda: Clear RIRB status before reading WP skbuff: fix a data race in skb_queue_len() nfsd: Fix a perf warning drm/amd/display: fix workaround for incorrect double buffer register for DLG ADL and TTU audit: CONFIG_CHANGE don't log internal bookkeeping as an event selinux: sel_avc_get_stat_idx should increase position index scsi: lpfc: Fix RQ buffer leakage when no IOCBs available scsi: lpfc: Fix release of hwq to clear the eq relationship scsi: lpfc: Fix coverity errors in fmdi attribute handling drm/omap: fix possible object reference leak locking/lockdep: Decrement IRQ context counters when removing lock chain clk: stratix10: use do_div() for 64-bit calculation crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test mt76: clear skb pointers from rx aggregation reorder buffer during cleanup mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw ALSA: usb-audio: Don't create a mixer element with bogus volume range perf test: Fix test trace+probe_vfs_getname.sh on s390 RDMA/rxe: Fix configuration of atomic queue pair attributes KVM: x86: fix incorrect comparison in trace event KVM: nVMX: Hold KVM's srcu lock when syncing vmcs12->shadow dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all media: staging/imx: Missing assignment in imx_media_capture_device_register() x86/pkeys: Add check for pkey "overflow" bpf: Remove recursion prevention from rcu free callback dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all dmaengine: tegra-apb: Prevent race conditions on channel's freeing soundwire: bus: disable pm_runtime in sdw_slave_delete drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic drm/omap: dss: Cleanup DSS ports on initialisation failure iavf: use tc_cls_can_offload_and_chain0() instead of chain check firmware: arm_sdei: Use cpus_read_lock() to avoid races with cpuhp random: fix data races at timer_rand_state bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal ASoC: SOF: ipc: check ipc return value before data copy media: go7007: Fix URB type for interrupt handling Bluetooth: guard against controllers sending zero'd events timekeeping: Prevent 32bit truncation in scale64_check_overflow() powerpc/book3s64: Fix error handling in mm_iommu_do_alloc() drm/amd/display: fix image corruption with ODM 2:1 DSC 2 slice ext4: fix a data race at inode->i_disksize perf jevents: Fix leak of mapfile memory mm: avoid data corruption on CoW fault into PFN-mapped VMA drm/amdgpu: increase atombios cmd timeout ARM: OMAP2+: Handle errors for cpu_pm drm/amd/display: Stop if retimer is not available clk: imx: Fix division by zero warning on pfdv2 cpu-topology: Fix the potential data corruption s390/irq: replace setup_irq() by request_irq() perf cs-etm: Swap packets for instruction samples perf cs-etm: Correct synthesizing instruction samples ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read scsi: aacraid: Disabling TM path and only processing IOP reset Bluetooth: L2CAP: handle l2cap config request during open state media: tda10071: fix unsigned sign extension overflow tty: sifive: Finish transmission before changing the clock xfs: don't ever return a stale pointer from __xfs_dir3_free_read xfs: mark dir corrupt when lookup-by-hash fails ext4: mark block bitmap corrupted when found instead of BUGON tpm: ibmvtpm: Wait for buffer to be set before proceeding rtc: sa1100: fix possible race condition rtc: ds1374: fix possible race condition nfsd: Don't add locks to closed or closing open stateids RDMA/cm: Remove a race freeing timewait_info intel_th: Disallow multi mode on devices where it's broken KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones drm/msm: fix leaks if initialization fails drm/msm/a5xx: Always set an OPP supported hardware value tracing: Use address-of operator on section symbols thermal: rcar_thermal: Handle probe error gracefully KVM: LAPIC: Mark hrtimer for period or oneshot mode to expire in hard interrupt context perf parse-events: Fix 3 use after frees found with clang ASAN btrfs: do not init a reloc root if we aren't relocating btrfs: free the reloc_control in a consistent way r8169: improve RTL8168b FIFO overflow workaround serial: 8250_port: Don't service RX FIFO if throttled serial: 8250_omap: Fix sleeping function called from invalid context during probe serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout perf cpumap: Fix snprintf overflow check net: axienet: Convert DMA error handler to a work queue net: axienet: Propagate failure of DMA descriptor setup cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn tools: gpio-hammer: Avoid potential overflow in main exec: Add exec_update_mutex to replace cred_guard_mutex exec: Fix a deadlock in strace selftests/ptrace: add test cases for dead-locks kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve proc: Use new infrastructure to fix deadlocks in execve proc: io_accounting: Use new infrastructure to fix deadlocks in execve perf: Use new infrastructure to fix deadlocks in execve nvme-multipath: do not reset on unknown status nvme: Fix ctrl use-after-free during sysfs deletion nvme: Fix controller creation races with teardown flow brcmfmac: Fix double freeing in the fmac usb data path xfs: prohibit fs freezing when using empty transactions RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices IB/iser: Always check sig MR before putting it to the free pool scsi: hpsa: correct race condition in offload enabled SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' svcrdma: Fix leak of transport addresses netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup() PCI: Use ioremap(), not phys_to_virt() for platform ROM ubifs: ubifs_jnl_write_inode: Fix a memory leak bug ubifs: ubifs_add_orphan: Fix a memory leak bug ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor PCI: pciehp: Fix MSI interrupt race NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() drm/amdgpu/vcn2.0: stall DPG when WPTR/RPTR reset powerpc/perf: Implement a global lock to avoid races between trace, core and thread imc events. mm/kmemleak.c: use address-of operator on section symbols mm/filemap.c: clear page error before actual read mm/swapfile: fix data races in try_to_unuse() mm/vmscan.c: fix data races using kswapd_classzone_idx SUNRPC: Don't start a timer on an already queued rpc task nvmet-rdma: fix double free of rdma queue workqueue: Remove the warning in wq_worker_sleeping() drm/amdgpu/sriov add amdgpu_amdkfd_pre_reset in gpu reset mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area ALSA: hda: Skip controller resume if not needed scsi: qedi: Fix termination timeouts in session logout serial: uartps: Wait for tx_empty in console setup btrfs: fix setting last_trans for reloc roots KVM: Remove CREATE_IRQCHIP/SET_PIT2 race perf stat: Force error in fallback on :k events bdev: Reduce time holding bd_mutex in sync in blkdev_close() drivers: char: tlclk.c: Avoid data race between init and interrupt handler KVM: arm64: vgic-v3: Retire all pending LPIs on vcpu destroy KVM: arm64: vgic-its: Fix memory leak on the error path of vgic_add_lpi() net: openvswitch: use u64 for meter bucket scsi: aacraid: Fix error handling paths in aac_probe_one() staging:r8188eu: avoid skb_clone for amsdu to msdu conversion sparc64: vcc: Fix error return code in vcc_probe() arm64: cpufeature: Relax checks for AArch32 support at EL[0-2] sched/fair: Eliminate bandwidth race between throttling and distribution dpaa2-eth: fix error return code in setup_dpni() dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion devlink: Fix reporter's recovery condition atm: fix a memory leak of vcc->user_back media: venus: vdec: Init registered list unconditionally perf mem2node: Avoid double free related to realloc mm/slub: fix incorrect interpretation of s->offset i2c: tegra: Restore pinmux on system resume power: supply: max17040: Correct voltage reading phy: samsung: s5pv210-usb2: Add delay after reset Bluetooth: Handle Inquiry Cancel error after Inquiry Complete USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() KVM: x86: handle wrap around 32-bit address space tipc: fix memory leak in service subscripting tty: serial: samsung: Correct clock selection logic ALSA: hda: Fix potential race in unsol event handler drm/exynos: dsi: Remove bridge node reference in error handling path in probe function ipmi:bt-bmc: Fix error handling and status check powerpc/traps: Make unrecoverable NMIs die instead of panic svcrdma: Fix backchannel return code fuse: don't check refcount after stealing page fuse: update attr_version counter on fuse_notify_inval_inode() USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int coresight: etm4x: Fix use-after-free of per-cpu etm drvdata arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work scsi: cxlflash: Fix error return code in cxlflash_probe() arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register drm/amdkfd: fix restore worker race condition e1000: Do not perform reset in reset_task if we are already down drm/nouveau/debugfs: fix runtime pm imbalance on error drm/nouveau: fix runtime pm imbalance on error drm/nouveau/dispnv50: fix runtime pm imbalance on error printk: handle blank console arguments passed in. usb: dwc3: Increase timeout for CmdAct cleared by device controller btrfs: don't force read-only after error in drop snapshot btrfs: fix double __endio_write_update_ordered in direct I/O gpio: rcar: Fix runtime PM imbalance on error vfio/pci: fix memory leaks of eventfd ctx KVM: PPC: Book3S HV: Close race with page faults around memslot flushes perf evsel: Fix 2 memory leaks perf trace: Fix the selection for architectures to generate the errno name tables perf stat: Fix duration_time value for higher intervals perf util: Fix memory leak of prefix_if_not_in perf metricgroup: Free metric_events on error perf kcore_copy: Fix module map when there are no modules loaded PCI: tegra194: Fix runtime PM imbalance on error ASoC: img-i2s-out: Fix runtime PM imbalance on error wlcore: fix runtime pm imbalance in wl1271_tx_work wlcore: fix runtime pm imbalance in wlcore_regdomain_config mtd: rawnand: gpmi: Fix runtime PM imbalance on error mtd: rawnand: omap_elm: Fix runtime PM imbalance on error PCI: tegra: Fix runtime PM imbalance on error ceph: fix potential race in ceph_check_caps mm/swap_state: fix a data race in swapin_nr_pages mm: memcontrol: fix stat-corrupting race in charge moving rapidio: avoid data race between file operation callbacks and mport_cdev_add(). mtd: parser: cmdline: Support MTD names containing one or more colons x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline NFS: nfs_xdr_status should record the procedure name vfio/pci: Clear error and request eventfd ctx after releasing cifs: Fix double add page to memcg when cifs_readpages nvme: fix possible deadlock when I/O is blocked mac80211: skip mpath lookup also for control port tx scsi: libfc: Handling of extra kref scsi: libfc: Skip additional kref updating work event selftests/x86/syscall_nt: Clear weird flags after each test vfio/pci: fix racy on error and request eventfd ctx btrfs: qgroup: fix data leak caused by race between writeback and truncate perf tests: Fix test 68 zstd compression for s390 scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure ubi: fastmap: Free unused fastmap anchor peb during detach mt76: fix LED link time failure opp: Increase parsed_static_opps in _of_add_opp_table_v1() perf parse-events: Use strcmp() to compare the PMU name ALSA: hda: Always use jackpoll helper for jack update after resume ALSA: hda: Workaround for spurious wakeups on some Intel platforms net: openvswitch: use div_u64() for 64-by-32 divisions nvme: explicitly update mpath disk capacity on revalidation device_cgroup: Fix RCU list debugging warning ASoC: pcm3168a: ignore 0 Hz settings ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 RISC-V: Take text_mutex in ftrace_init_nop() i2c: aspeed: Mask IRQ status to relevant bits s390/init: add missing __init annotations lockdep: fix order in trace_hardirqs_off_caller() EDAC/ghes: Check whether the driver is on the safe list correctly drm/amdkfd: fix a memory leak issue drm/amd/display: update nv1x stutter latencies drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() objtool: Fix noreturn detection for ignored functions ieee802154: fix one possible memleak in ca8210_dev_com_init ieee802154/adf7242: check status of adf7242_read_reg clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() mwifiex: Increase AES key storage size to 256 bits batman-adv: bla: fix type misuse for backbone_gw hash indexing atm: eni: fix the missed pci_disable_device() for eni_init_one() batman-adv: mcast/TT: fix wrongly dropped or rerouted packets netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled mac802154: tx: fix use-after-free bpf: Fix clobbering of r2 in bpf_gen_ld_abs drm/vc4/vc4_hdmi: fill ASoC card owner net: qed: Disable aRFS for NPAR and 100G net: qede: Disable aRFS for NPAR and 100G net: qed: RDMA personality shouldn't fail VF load drm/sun4i: sun8i-csc: Secondary CSC register correction batman-adv: Add missing include for in_interrupt() nvme-tcp: fix kconfig dependency warning when !CRYPTO batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh bpf: Fix a rcu warning for bpffs map pretty-print lib80211: fix unmet direct dependendices config warning when !CRYPTO ALSA: asihpi: fix iounmap in error handler regmap: fix page selection for noinc reads regmap: fix page selection for noinc writes MIPS: Add the missing 'CPU_1074K' into __get_cpu_type() regulator: axp20x: fix LDO2/4 description KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE KVM: SVM: Add a dedicated INVD intercept routine mm: validate pmd after splitting arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback x86/ioapic: Unbreak check_timer() scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported ALSA: usb-audio: Add delay quirk for H570e USB headsets ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 lib/string.c: implement stpcpy tracing: fix double free s390/dasd: Fix zero write for FBA devices kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot btrfs: fix overflow when copying corrupt csums for a message dmabuf: fix NULL pointer dereference in dma_buf_release() mm, THP, swap: fix allocating cluster for swapfile by mistake mm/gup: fix gup_fast with dynamic page table folding s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch dm: fix bio splitting and its bio completion order for regular IO kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE ata: define AC_ERR_OK ata: make qc_prep return ata_completion_errors ata: sata_mv, avoid trigerrable BUG_ON Linux 5.4.69 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2a26b4f6fd89b641fa80e339ee72089da51a1415 |
||
Amol Grover
|
8ebf2b77d7 |
device_cgroup: Fix RCU list debugging warning
[ Upstream commit bc62d68e2a0a69fcdcf28aca8edb01abf306b698 ] exceptions may be traversed using list_for_each_entry_rcu() outside of an RCU read side critical section BUT under the protection of decgroup_mutex. Hence add the corresponding lockdep expression to fix the following false-positive warning: [ 2.304417] ============================= [ 2.304418] WARNING: suspicious RCU usage [ 2.304420] 5.5.4-stable #17 Tainted: G E [ 2.304422] ----------------------------- [ 2.304424] security/device_cgroup.c:355 RCU-list traversed in non-reader section!! Signed-off-by: Amol Grover <frextrite@gmail.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Vasily Averin
|
f72a51eab2 |
selinux: sel_avc_get_stat_idx should increase position index
[ Upstream commit 8d269a8e2a8f0bca89022f4ec98de460acb90365 ] If seq_file .next function does not change position index, read after some lseek can generate unexpected output. $ dd if=/sys/fs/selinux/avc/cache_stats # usual output lookups hits misses allocations reclaims frees 817223 810034 7189 7189 6992 7037 1934894 1926896 7998 7998 7632 7683 1322812 1317176 5636 5636 5456 5507 1560571 1551548 9023 9023 9056 9115 0+1 records in 0+1 records out 189 bytes copied, 5,1564e-05 s, 3,7 MB/s $# read after lseek to midle of last line $ dd if=/sys/fs/selinux/avc/cache_stats bs=180 skip=1 dd: /sys/fs/selinux/avc/cache_stats: cannot skip to specified offset 056 9115 <<<< end of last line 1560571 1551548 9023 9023 9056 9115 <<< whole last line once again 0+1 records in 0+1 records out 45 bytes copied, 8,7221e-05 s, 516 kB/s $# read after lseek beyond end of of file $ dd if=/sys/fs/selinux/avc/cache_stats bs=1000 skip=1 dd: /sys/fs/selinux/avc/cache_stats: cannot skip to specified offset 1560571 1551548 9023 9023 9056 9115 <<<< generates whole last line 0+1 records in 0+1 records out 36 bytes copied, 9,0934e-05 s, 396 kB/s https://bugzilla.kernel.org/show_bug.cgi?id=206283 Signed-off-by: Vasily Averin <vvs@virtuozzo.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Jonathan Lebon
|
b7316f505f |
selinux: allow labeling before policy is loaded
[ Upstream commit 3e3e24b42043eceb97ed834102c2d094dfd7aaa6 ] Currently, the SELinux LSM prevents one from setting the `security.selinux` xattr on an inode without a policy first being loaded. However, this restriction is problematic: it makes it impossible to have newly created files with the correct label before actually loading the policy. This is relevant in distributions like Fedora, where the policy is loaded by systemd shortly after pivoting out of the initrd. In such instances, all files created prior to pivoting will be unlabeled. One then has to relabel them after pivoting, an operation which inherently races with other processes trying to access those same files. Going further, there are use cases for creating the entire root filesystem on first boot from the initrd (e.g. Container Linux supports this today[1], and we'd like to support it in Fedora CoreOS as well[2]). One can imagine doing this in two ways: at the block device level (e.g. laying down a disk image), or at the filesystem level. In the former, labeling can simply be part of the image. But even in the latter scenario, one still really wants to be able to set the right labels when populating the new filesystem. This patch enables this by changing behaviour in the following two ways: 1. allow `setxattr` if we're not initialized 2. don't try to set the in-core inode SID if we're not initialized; instead leave it as `LABEL_INVALID` so that revalidation may be attempted at a later time Note the first hunk of this patch is mostly the same as a previously discussed one[3], though it was part of a larger series which wasn't accepted. [1] https://coreos.com/os/docs/latest/root-filesystem-placement.html [2] https://github.com/coreos/fedora-coreos-tracker/issues/94 [3] https://www.spinics.net/lists/linux-initramfs/msg04593.html Co-developed-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Jonathan Lebon <jlebon@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Blagovest Kolenichev
|
06f4c52a92 |
Merge android11-5.4.61+ (a564726) into msm-5.4
* refs/heads/tmp-a564726: ANDROID: gki_defconfig: initialize locals with zeroes UPSTREAM: security: allow using Clang's zero initialization for stack variables BACKPORT: net: core: use listified Rx for GRO_NORMAL in napi_gro_receive() UPSTREAM: spi: add power control when set_cs UPSTREAM: nl80211: fix NL80211_ATTR_HE_6GHZ_CAPABILITY usage ANDROID: ABI: Update allowed list for QCOM Change-Id: If9451d95dac1c5414d25aff4bb115bc1a94df07b Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
glider@google.com
|
1b6a6a2efe |
UPSTREAM: security: allow using Clang's zero initialization for stack variables
Upstream commit f0fe00d4972a8cd4b98cc2c29758615e4d51cdfe. In addition to -ftrivial-auto-var-init=pattern (used by CONFIG_INIT_STACK_ALL now) Clang also supports zero initialization for locals enabled by -ftrivial-auto-var-init=zero. The future of this flag is still being debated (see https://bugs.llvm.org/show_bug.cgi?id=45497). Right now it is guarded by another flag, -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang, which means it may not be supported by future Clang releases. Another possible resolution is that -ftrivial-auto-var-init=zero will persist (as certain users have already started depending on it), but the name of the guard flag will change. In the meantime, zero initialization has proven itself as a good production mitigation measure against uninitialized locals. Unlike pattern initialization, which has a higher chance of triggering existing bugs, zero initialization provides safe defaults for strings, pointers, indexes, and sizes. On the other hand, pattern initialization remains safer for return values. Chrome OS and Android are moving to using zero initialization for production builds. Performance-wise, the difference between pattern and zero initialization is usually negligible, although the generated code for zero initialization is more compact. This patch renames CONFIG_INIT_STACK_ALL to CONFIG_INIT_STACK_ALL_PATTERN and introduces another config option, CONFIG_INIT_STACK_ALL_ZERO, that enables zero initialization for locals if the corresponding flags are supported by Clang. Cc: Kees Cook <keescook@chromium.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Alexander Potapenko <glider@google.com> Link: https://lore.kernel.org/r/20200616083435.223038-1-glider@google.com Reviewed-by: Maciej Żenczykowski <maze@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Change-Id: I3c69570e7e3d3bbb666709de6feb531000bce2bf |
||
Ivaylo Georgiev
|
125c29efb1 |
Merge android11-5.4.60 (8ae87ad) into msm-5.4
* refs/heads/tmp-8ae87ad:
Linux 5.4.60
drm/amd/display: dchubbub p-state warning during surface planes switch
drm/amdgpu: Fix bug where DPM is not enabled after hibernate and resume
drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi
drm: Added orientation quirk for ASUS tablet model T103HAF
drm/panfrost: Use kvfree() to free bo->sgts
arm64: dts: marvell: espressobin: add ethernet alias
khugepaged: retract_page_tables() remember to test exit
sh: landisk: Add missing initialization of sh_io_port_base
perf/x86/rapl: Fix missing psys sysfs attributes
tools build feature: Quote CC and CXX for their arguments
perf bench mem: Always memset source before memcpy
ALSA: echoaudio: Fix potential Oops in snd_echo_resume()
crypto: algif_aead - fix uninitialized ctx->init
mfd: dln2: Run event handler loop under spinlock
i2c: iproc: fix race between client unreg and isr
test_kmod: avoid potential double free in trigger_config_run_type()
fs/ufs: avoid potential u32 multiplication overflow
fs/minix: remove expected error message in block_to_path()
fs/minix: fix block limit check for V1 filesystems
fs/minix: set s_maxbytes correctly
nfs: Fix getxattr kernel panic and memory overflow
net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init
drm/vmwgfx: Fix two list_for_each loop exit tests
drm/vmwgfx: Use correct vmw_legacy_display_unit pointer
recordmcount: Fix build failure on non arm64
Input: sentelic - fix error return when fsp_reg_write fails
x86/tsr: Fix tsc frequency enumeration bug on Lightning Mountain SoC
md-cluster: Fix potential error pointer dereference in resize_bitmaps()
watchdog: initialize device before misc_register
nfs: nfs_file_write() should check for writeback errors
scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport
openrisc: Fix oops caused when dumping stack
libnvdimm/security: ensure sysfs poll thread woke up and fetch updated attr
libnvdimm/security: fix a typo
clk: bcm2835: Do not use prediv with bcm2711's PLLs
ubifs: Fix wrong orphan node deletion in ubifs_jnl_update|rename
nfs: ensure correct writeback errors are returned on close()
i2c: rcar: avoid race when unregistering slave
tools build feature: Use CC and CXX from parent
pwm: bcm-iproc: handle clk_get_rate() return
clk: clk-atlas6: fix return value check in atlas6_clk_init()
clk: qcom: gcc-sdm660: Fix up gcc_mss_mnoc_bimc_axi_clk
i2c: rcar: slave: only send STOP event when we have been addressed
iommu/vt-d: Enforce PASID devTLB field mask
clk: qcom: clk-alpha-pll: remove unused/incorrect PLL_CAL_VAL
clk: qcom: gcc: fix sm8150 GPU and NPU clocks
iommu/omap: Check for failure of a call to omap_iommu_dump_ctx
selftests/powerpc: ptrace-pkey: Don't update expected UAMOR value
selftests/powerpc: ptrace-pkey: Update the test to mark an invalid pkey correctly
selftests/powerpc: ptrace-pkey: Rename variables to make it easier to follow code
clk: actions: Fix h_clk for Actions S500 SoC
dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue()
gpu: ipu-v3: image-convert: Wait for all EOFs before completing a tile
gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers
crypto: caam - Remove broken arc4 support
mmc: renesas_sdhi_internal_dmac: clean up the code for dma complete
RDMA/counter: Allow manually bind QPs with different pids to same counter
RDMA/counter: Only bind user QPs in auto mode
devres: keep both device name and resource name in pretty name
crypto: af_alg - Fix regression on empty requests
USB: serial: ftdi_sio: clean up receive processing
USB: serial: ftdi_sio: make process-packet buffer unsigned
selftests/bpf: test_progs use another shell exit on non-actions
selftests/bpf: Test_progs indicate to shell on non-actions
IB/uverbs: Set IOVA on IB MR in uverbs layer
media: rockchip: rga: Only set output CSC mode for RGB input
media: rockchip: rga: Introduce color fmt macros and refactor CSC mode logic
RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah()
RDMA/ipoib: Return void from ipoib_ib_dev_stop()
platform/chrome: cros_ec_ishtp: Fix a double-unlock issue
mtd: rawnand: fsl_upm: Remove unused mtd var
octeontx2-af: change (struct qmem)->entry_sz from u8 to u16
mfd: arizona: Ensure 32k clock is put on driver unbind and error
crypto: algif_aead - Only wake up when ctx->more is zero
pinctrl: ingenic: Properly detect GPIO direction when configured for IRQ
orangefs: get rid of knob code...
drm/imx: imx-ldb: Disable both channels for split mode in enc->disable()
remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load
remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load
remoteproc: qcom: q6v5: Update running state before requesting stop
perf intel-pt: Fix duplicate branch after CBR
perf intel-pt: Fix FUP packet state
module: Correctly truncate sysfs sections output
pseries: Fix 64 bit logical memory block panic
ceph: handle zero-length feature mask in session messages
ceph: set sec_context xattr on symlink creation
watchdog: f71808e_wdt: clear watchdog timeout occurred flag
watchdog: f71808e_wdt: remove use of wrong watchdog_info option
watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options
tracing: Move pipe reference to trace array instead of current_tracer
tracing: Use trace_sched_process_free() instead of exit() for pid tracing
tracing/hwlat: Honor the tracing_cpumask
kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
ftrace: Setup correct FTRACE_FL_REGS flags for module
mm/memory_hotplug: fix unpaired mem_hotplug_begin/done
mm/page_counter.c: fix protection usage propagation
ocfs2: change slot number type s16 to u16
khugepaged: collapse_pte_mapped_thp() protect the pmd lock
khugepaged: collapse_pte_mapped_thp() flush the right range
ext2: fix missing percpu_counter_inc
MIPS: qi_lb60: Fix routing to audio amplifier
MIPS: CPU#0 is not hotpluggable
driver core: Avoid binding drivers to dead devices
mac80211: fix misplaced while instead of if
bcache: fix overflow in offset_to_stripe()
bcache: allocate meta data pages as compound pages
md/raid5: Fix Force reconstruct-write io stuck in degraded raid5
net/compat: Add missing sock updates for SCM_RIGHTS
net: stmmac: dwmac1000: provide multicast filter fallback
net: ethernet: stmmac: Disable hardware multicast filter
media: vsp1: dl: Fix NULL pointer dereference on unbind
pinctrl: ingenic: Enhance support for IRQ_TYPE_EDGE_BOTH
powerpc: Fix circular dependency between percpu.h and mmu.h
powerpc: Allow 4224 bytes of stack expansion for the signal frame
powerpc/ptdump: Fix build failure in hashpagetable.c
cifs: Fix leak when handling lease break for cached root fid
xtensa: fix xtensa_pmu_setup prototype
xtensa: add missing exclusive access state management
iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw()
dt-bindings: iio: io-channel-mux: Fix compatible string in example code
arm64: perf: Correct the event index in sysfs
btrfs: fix return value mixup in btrfs_get_extent
btrfs: make sure SB_I_VERSION doesn't get unset by remount
btrfs: fix memory leaks after failure to lookup checksums during inode logging
btrfs: inode: fix NULL pointer dereference if inode doesn't need compression
btrfs: only search for left_info if there is no right_info in try_merge_free_space
btrfs: fix messages after changing compression level by remount
btrfs: fix race between page release and a fast fsync
btrfs: don't WARN if we abort a transaction with EROFS
btrfs: sysfs: use NOFS for device creation
btrfs: avoid possible signal interruption of btrfs_drop_snapshot() on relocation tree
btrfs: add missing check for nocow and compression inode flags
btrfs: relocation: review the call sites which can be interrupted by signal
btrfs: move the chunk_mutex in btrfs_read_chunk_tree
btrfs: open device without device_list_mutex
btrfs: don't traverse into the seed devices in show_devname
btrfs: remove no longer needed use of log_writers for the log root tree
btrfs: stop incremening log_batch for the log root tree when syncing log
btrfs: ref-verify: fix memory leak in add_block_entry
btrfs: don't allocate anonymous block device for user invisible roots
btrfs: free anon block device right after subvolume deletion
btrfs: allow use of global block reserve for balance item deletion
PCI: qcom: Add support for tx term offset for rev 2.1.0
PCI: qcom: Define some PARF params needed for ipq8064 SoC
PCI: Add device even if driver attach failed
PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken
PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context()
genirq/PM: Always unlock IRQ descriptor in rearm_wake_irq()
genirq/affinity: Make affinity setting if activated opt-in
smb3: warn on confusing error scenario with sec=krb5
ANDROID: ABI: FPSIMD save/restore using vendor_hooks
ANDROID: vendor_hooks: FPSIMD save/restore by using vendor_hooks
ANDROID: futex: Add vendor hook for wait queue
ANDROID: sched: add vendor hooks to handle scheduling priority
ANDROID: rwsem: Add vendor hook to the rw-semaphore
ANDROID: binder: Add vendor hook to the binder
FROMLIST: ufs: introduce a callback to get info of command completion
ANDROID: scsi: ufs: export ufshcd_wb_ctrl func
ANDROID: GKI: enable some USB_NET_ config options
ANDROID: sched: add restrict vendor hook to modify task placement policy in EAS
BACKPORT: kthread: Do not preempt current task if it is going to call schedule()
ANDROID: GKI: enable CONFIG_USB_ROLE_SWITCH
ANDROID: ABI: Update ABI after UFS error recovery patches
BACKPORT: FROMGIT: scsi: ufs: Properly release resources if a task is aborted successfully
BACKPORT: FROMGIT: scsi: ufs: Fix a race condition between error handler and runtime PM ops
FROMGIT: scsi: ufs: Move dumps in IRQ handler to error handler
BACKPORT: FROMGIT: scsi: ufs: Recover HBA runtime PM error in error handler
BACKPORT: FROMGIT: scsi: ufs: Fix concurrency of error handler and other error recovery paths
BACKPORT: FROMGIT: scsi: ufs: Add some debug information to ufshcd_print_host_state()
FROMGIT: scsi: ufs-qcom: Remove testbus dump in ufs_qcom_dump_dbg_regs
FROMGIT: scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config()
FROMGIT: scsi: ufs: Add checks before setting clk-gating states
ANDROID: kbuild: don't preprocess module-lto.lds
ANDROID: vendor_hooks: Add vendor hook to the net
Revert "ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109"
Linux 5.4.59
io_uring: Fix NULL pointer dereference in loop_rw_iter()
s390/gmap: improve THP splitting
s390/dasd: fix inability to use DASD with DIAG driver
xen/gntdev: Fix dmabuf import with non-zero sgt offset
xen/balloon: make the balloon wait interruptible
xen/balloon: fix accounting in alloc_xenballooned_pages error path
fs/minix: reject too-large maximum file size
fs/minix: don't allow getting deleted inodes
fs/minix: check return value of sb_getblk()
bitfield.h: don't compile-time validate _val in FIELD_FIT
crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
crypto: ccp - Fix use of merged scatterlists
crypto: qat - fix double free in qat_uclo_create_batch_init_list
crypto: hisilicon - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
pstore: Fix linking when crypto API disabled
tpm: Unify the mismatching TPM space buffer sizes
ALSA: usb-audio: add quirk for Pioneer DDJ-RB
irqdomain/treewide: Free firmware node after domain removal
ARM: 8992/1: Fix unwind_frame for clang-built kernels
parisc: mask out enable and reserved bits from sba imask
parisc: Implement __smp_store_release and __smp_load_acquire barriers
parisc: Do not use an ordered store in pa_tlb_lock()
Revert "parisc: Revert "Release spinlocks using ordered store""
Revert "parisc: Use ldcw instruction for SMP spinlock release barrier"
Revert "parisc: Drop LDCW barrier in CAS code when running UP"
erofs: fix extended inode could cross boundary
mtd: rawnand: qcom: avoid write to unavailable register
spi: spidev: Align buffers for DMA
include/asm-generic/vmlinux.lds.h: align ro_after_init
cpufreq: dt: fix oops on armada37xx
cpufreq: Fix locking issues with governors
NFS: Don't return layout segments that are in use
NFS: Don't move layouts to plh_return_segs list while in use
io_uring: set ctx sq/cq entry count earlier
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
media: media-request: Fix crash if memory allocation fails
9p: Fix memory leak in v9fs_mount
ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
USB: serial: cp210x: enable usb generic throttle/unthrottle
USB: serial: cp210x: re-enable auto-RTS on open
net: initialize fastreuse on inet_inherit_port
net: refactor bind_bucket fastreuse into helper
vmxnet3: use correct tcp hdr length when packet is encapsulated
tcp: correct read of TFO keys on big endian systems
net/tls: Fix kmap usage
net: Set fput_needed iff FDPUT_FPUT is set
net: phy: fix memory leak in device-create error path
net/nfc/rawsock.c: add CAP_NET_RAW check.
net: Fix potential memory leak in proto_register()
drivers/net/wan/lapbether: Added needed_headroom and a skb->len check
af_packet: TPACKET_V3: fix fill status rwlock imbalance
crypto: aesni - add compatibility with IAS
x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task
SUNRPC: Fix ("SUNRPC: Add "@len" parameter to gss_unwrap()")
svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
pinctrl-single: fix pcs_parse_pinconf() return value
ocfs2: fix unbalanced locking
dlm: Fix kobject memleak
net: thunderx: initialize VF's mailbox mutex before first usage
fsl/fman: fix eth hash table allocation
fsl/fman: check dereferencing null pointer
fsl/fman: fix unreachable code
fsl/fman: fix dereference null return value
fsl/fman: use 32-bit unsigned integer
net: spider_net: Fix the size used in a 'dma_free_coherent()' call
liquidio: Fix wrong return value in cn23xx_get_pf_num()
net: ethernet: aquantia: Fix wrong return value
net/mlx5: Delete extra dump stack that gives nothing
net/mlx5: DR, Change push vlan action sequence
tools, bpftool: Fix wrong return value in do_dump()
tools, build: Propagate build failures from tools/build/Makefile.build
wl1251: fix always return 0 error
rtw88: coex: only skip coex triggered by BT info
rtw88: fix short GI capability based on current bandwidth
rtw88: fix LDPC field for RA info
ice: Graceful error handling in HW table calloc failure
s390/qeth: don't process empty bridge port events
ASoC: fsl_sai: Fix value of FSL_SAI_CR1_RFW_MASK
ASoC: meson: axg-tdm-formatters: fix sclk inversion
ASoC: meson: axg-tdmin: fix g12a skew
ASoC: meson: axg-tdm-interface: fix link fmt setup
selftests/powerpc: Fix online CPU selection
cpufreq: ap806: fix cpufreq driver needs ap cpu clk
PCI: Release IVRS table in AMD ACS quirk
RDMA/netlink: Remove CAP_NET_RAW check when dump a raw QP
selftests/powerpc: Fix CPU affinity for child process
powerpc/boot: Fix CONFIG_PPC_MPC52XX references
powerpc/32s: Fix CONFIG_BOOK3S_601 uses
selftests/powerpc: Squash spurious errors due to device removal
xfs: fix inode allocation block res calculation precedence
net: dsa: rtl8366: Fix VLAN set-up
net: dsa: rtl8366: Fix VLAN semantics
Bluetooth: hci_serdev: Only unregister device if it was registered
Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags
power: supply: check if calc_soc succeeded in pm860x_init_battery
Smack: prevent underflow in smk_set_cipso()
Smack: fix another vsscanf out of bounds
RDMA/core: Fix return error value in _ib_modify_qp() to negative
PCI: cadence: Fix updating Vendor ID and Subsystem Vendor ID register
macintosh/via-macii: Access autopoll_devs when inside lock
net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
scsi: mesh: Fix panic after host or bus reset
scsi: megaraid_sas: Clear affinity hint
usb: gadget: f_uac2: fix AC Interface Header Descriptor wTotalLength
usb: dwc2: Fix error path in gadget registration
MIPS: OCTEON: add missing put_device() call in dwc3_octeon_device_init()
phy: armada-38x: fix NETA lockup when repeatedly switching speeds
mt76: mt7615: fix potential memory leak in mcu message handler
powerpc/perf: Fix missing is_sier_aviable() during build
coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb()
thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor()
usb: core: fix quirks_param_set() writing to a const pointer
USB: serial: iuu_phoenix: fix led-activity helpers
spi: lantiq-ssc: Fix warning by using WQ_MEM_RECLAIM
gpu: ipu-v3: Restore RGB32, BGR32
drm/imx: tve: fix regulator_disable error path
drm/imx: fix use after free
powerpc/book3s64/pkeys: Use PVR check instead of cpu feature
phy: renesas: rcar-gen3-usb2: move irq registration to init
PCI/ASPM: Add missing newline in sysfs 'policy'
ASoC: meson: fixes the missed kfree() for axg_card_add_tdm_loopback
staging: rtl8192u: fix a dubious looking mask before a shift
ima: Have the LSM free its audit rule
RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue
RDMA/qedr: SRQ's bug fixes
powerpc/vdso: Fix vdso cpu truncation
powerpc/rtas: don't online CPUs for partition suspend
kernfs: do not call fsnotify() with name without a parent
mwifiex: Prevent memory corruption handling keys
scsi: scsi_debug: Add check for sdebug_max_queue during module init
drm/bridge: sil_sii8620: initialize return of sii8620_readb
phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY
drm: panel: simple: Fix bpc for LG LB070WV8 panel
leds: core: Flush scheduled work for system suspend
kobject: Avoid premature parent object freeing in kobject_cleanup()
drm/stm: repair runtime power management
PCI: Fix pci_cfg_wait queue locking problem
RDMA/rxe: Skip dgid check in loopback mode
xfs: fix reflink quota reservation accounting error
xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork
media: cros-ec-cec: do not bail on device_init_wakeup failure
media: exynos4-is: Add missed check for pinctrl_lookup_state()
media: firewire: Using uninitialized values in node_probe()
ipvs: allow connection reuse for unconfirmed conntrack
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
scsi: powertec: Fix different dev_id between request_irq() and free_irq()
RDMA/core: Fix bogus WARN_ON during ib_unregister_device_queued()
iavf: Fix updating statistics
iavf: fix error return code in iavf_init_get_resources()
staging: vchiq_arm: Add a matching unregister call
drm/radeon: fix array out-of-bounds read and write issues
cxl: Fix kobject memleak
drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline
scsi: cumana_2: Fix different dev_id between request_irq() and free_irq()
ASoC: Intel: bxt_rt298: add missing .owner field
ASoC: SOF: nocodec: add missing .owner field
media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities()
media: marvell-ccic: Add missed v4l2_async_notifier_cleanup()
media: cxusb-analog: fix V4L2 dependency
Bluetooth: btmtksdio: fix up firmware download sequence
Bluetooth: btusb: fix up firmware download sequence
leds: lm355x: avoid enum conversion warning
clk: bcm63xx-gate: fix last clock availability
drm/arm: fix unintentional integer overflow on left shift
drm/etnaviv: Fix error path on failure to enable bus clk
iio: improve IIO_CONCENTRATION channel type description
ath10k: Acquire tx_lock in tx error paths
video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call
console: newport_con: fix an issue about leak related system resources
video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
btmrvl: Fix firmware filename for sd8997 chipset
btmrvl: Fix firmware filename for sd8977 chipset
mwifiex: Fix firmware filename for sd8997 chipset
mwifiex: Fix firmware filename for sd8977 chipset
agp/intel: Fix a memory leak on module initialisation failure
drm/bridge: ti-sn65dsi86: Clear old error bits before AUX transfers
drm/gem: Fix a leak in drm_gem_objects_lookup()
drm/msm: ratelimit crtc event overflow error
ACPICA: Do not increment operation_region reference counts for field units
bcache: fix super block seq numbers comparision in register_cache_set()
dyndbg: fix a BUG_ON in ddebug_describe_flags
usb: bdc: Halt controller on suspend
bdc: Fix bug causing crash after multiple disconnects
usb: gadget: net2280: fix memory leak on probe error handling paths
mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1
ionic: update eid test for overflow
gpu: host1x: debug: Fix multiple channels emitting messages simultaneously
iwlegacy: Check the return value of pcie_capability_read_*()
platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15
brcmfmac: set state of hanger slot to FREE when flushing PSQ
brcmfmac: To fix Bss Info flag definition Bug
brcmfmac: keep SDIO watchdog running when console_interval is non-zero
bpf: Fix fds_example SIGSEGV error
drm/amd/powerplay: fix compile error with ARCH=arc
drm/amdgpu/display bail early in dm_pp_get_static_clocks
mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls
irqchip/irq-mtk-sysirq: Replace spinlock with raw_spinlock
drm/radeon: disable AGP by default
drm/debugfs: fix plain echo to connector "force" attribute
drm/msm: Fix a null pointer access in msm_gem_shrinker_count()
drm: msm: a6xx: fix gpu failure after system resume
usb: mtu3: clear dual mode of u3port when disable device
btrfs: fix lockdep splat from btrfs_dump_space_info
mmc: sdhci-cadence: do not use hardware tuning for SD mode
drm/nouveau: fix multiple instances of reference count leaks
drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek
drm/etnaviv: fix ref count leak via pm_runtime_get_sync
arm64: dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding
drm/nouveau/kms/nv50-: Fix disabling dithering
md-cluster: fix wild pointer of unlock_all_bitmaps()
bus: ti-sysc: Add missing quirk flags for usb_host_hs
video: fbdev: neofb: fix memory leak in neo_scan_monitor()
video: fbdev: savage: fix memory leak on error handling path in probe
crypto: aesni - Fix build with LLVM_IAS=1
drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
drm/amdgpu: avoid dereferencing a NULL pointer
fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls
ANDROID: fix a bug in quota2
loop: be paranoid on exit and prevent new additions / removals
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag
drm/tilcdc: fix leak & null ref in panel_connector_get_modes
nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths
nvme-multipath: fix logic for non-optimized paths
nvme-rdma: fix controller reset hang during traffic
nvme-tcp: fix controller reset hang during traffic
md: raid0/linear: fix dereference before null check on pointer mddev
seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID
irqchip/ti-sci-inta: Fix return value about devm_ioremap_resource()
iocost: Fix check condition of iocg abs_vdebt
ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh()
spi: rockchip: Fix error in SPI slave pio read
io_uring: fix sq array offset calculation
regulator: fix memory leak on error path of regulator_register()
recordmcount: only record relocation of type R_AARCH64_CALL26 on arm64.
tpm: Require that all digests are present in TCG_PCR_EVENT2 structures
spi: lantiq: fix: Rx overflow error in full duplex mode
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Add regulator supply to all CPU cores
ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
ARM: dts: gose: Fix ports node name for adv7612
ARM: dts: gose: Fix ports node name for adv7180
platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
platform/x86: intel-hid: Fix return value check in check_acpi_dev()
m68k: mac: Fix IOP status/control register writes
m68k: mac: Don't send IOP message until channel is idle
clk: scmi: Fix min and max rate when registering clocks with discrete rates
sched/uclamp: Fix initialization of struct uclamp_rq
arm64: dts: exynos: Fix silent hang after boot on Espresso
firmware: arm_scmi: Fix SCMI genpd domain probing
ARM: exynos: MCPM: Restore big.LITTLE cpuidle support
crypto: ccree - fix resource leak on error path
blktrace: fix debugfs use after free
arm64: dts: qcom: msm8916: Replace invalid bias-pull-none property
crc-t10dif: Fix potential crypto notify dead-lock
EDAC: Fix reference count leaks
arm64: dts: rockchip: fix rk3399-puma gmac reset gpio
arm64: dts: rockchip: fix rk3399-puma vcc5v0-host gpio
arm64: dts: rockchip: fix rk3368-lion gmac reset gpio
sched: correct SD_flags returned by tl->sd_flags()
sched/fair: Fix NOHZ next idle balance
x86/mce/inject: Fix a wrong assignment of i_mce.status
clk: qcom: clk-rpmh: Wait for completion when enabling clocks
fs/io_uring.c: Fix uninitialized variable is referenced in io_submit_sqe
nvme: add a Identify Namespace Identification Descriptor list quirk
HID: input: Fix devices that return multiple bytes in battery report
tracepoint: Mark __tracepoint_string's __used
ANDROID: ABI: Update allowed list for QCOM
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/iio/multiplexer/io-channel-mux.txt
android/abi_gki_aarch64_qcom
drivers/clk/qcom/clk-rpmh.c
drivers/hwtracing/coresight/coresight-tmc-etf.c
drivers/scsi/ufs/ufs-qcom.c
drivers/scsi/ufs/ufshcd.c
Change-Id: Ifd7b8337005ddb6c64a6f4e017e470e745170d98
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Blagovest Kolenichev
|
8d910feef8 |
Merge android11-5.4.58 (3a9b53b) into msm-5.4
* refs/heads/tmp-3a9b53b
Revert "binder: Prevent context manager from incrementing ref 0"
Revert "drm/drm_fb_helper: fix fbdev with sparc64"
ANDROID: fix redefinition error for restricted vendor hooks
Linux 5.4.58
nfsd: Fix NFSv4 READ on RDMA when using readv
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
tcp: apply a floor of 1 for RTT samples from TCP timestamps
selftests/net: relax cpu affinity requirement in msg_zerocopy test
Revert "vxlan: fix tos value before xmit"
openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
net: gre: recompute gre csum for sctp over gre tunnels
hv_netvsc: do not use VF device if link is down
dpaa2-eth: Fix passing zero to 'PTR_ERR' warning
appletalk: Fix atalk_proc_init() return path
net: lan78xx: replace bogus endpoint lookup
vxlan: Ensure FDB dump is performed under RCU
rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
net: ethernet: mtk_eth_soc: fix MTU warnings
ipv6: Fix nexthop refcnt leak when creating ipv6 route info
ipv6: fix memory leaks on IPV6_ADDRFORM path
ipv4: Silence suspicious RCU usage warning
PCI: tegra: Revert tegra124 raw_violation_fixup
Revert "powerpc/kasan: Fix shadow pages allocation failure"
xattr: break delegations in {set,remove}xattr
Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
tools lib traceevent: Fix memory leak in process_dynamic_array_len
atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
igb: reinit_locked() should be called with rtnl_lock
cfg80211: check vendor command doit pointer before use
firmware: Fix a reference count leak.
ALSA: hda: fix NULL pointer dereference during suspend
net: ethernet: mtk_eth_soc: Always call mtk_gmac0_rgmii_adjust() for mt7623
usb: hso: check for return value in hso_serial_common_create()
i2c: slave: add sanity check when unregistering
i2c: slave: improve sanity check when registering
drm/drm_fb_helper: fix fbdev with sparc64
nvme-pci: prevent SK hynix PC400 from using Write Zeroes command
drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason
net/9p: validate fds in p9_fd_open
leds: 88pm860x: fix use-after-free on unbind
leds: lm3533: fix use-after-free on unbind
leds: da903x: fix use-after-free on unbind
leds: lm36274: fix use-after-free on unbind
leds: wm831x-status: fix use-after-free on unbind
mtd: properly check all write ioctls for permissions
vgacon: Fix for missing check in scrollback handling
scripts: add dummy report mode to add_namespace.cocci
Smack: fix use-after-free in smk_write_relabel_self()
binder: Prevent context manager from incrementing ref 0
omapfb: dss: Fix max fclk divider for omap36xx
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
staging: rtl8712: handle firmware load failure
staging: android: ashmem: Fix lockdep warning for write operation
ALSA: seq: oss: Serialize ioctls
ALSA: hda/ca0132 - Fix AE-5 microphone selection commands.
ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value.
ALSA: hda/ca0132 - Add new quirk ID for Recon3D.
ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
Revert "ALSA: hda: call runtime_allow() for all hda controllers"
io_uring: Fix use-after-free in io_sq_wq_submit_work()
io_uring: prevent re-read of sqe->opcode
usb: xhci: Fix ASMedia ASM1142 DMA addressing
usb: xhci: define IDs for various ASMedia host controllers
USB: iowarrior: fix up report size handling for some devices
perf/core: Fix endless multiplex timer
USB: serial: qcserial: add EM7305 QDL product ID
ANDROID: GKI: update abi based on wifi 6GHz changes
BACKPORT: cfg80211: require HE capabilities for 6 GHz band
BACKPORT: cfg80211: reject HT/VHT capabilities on 6 GHz band
BACKPORT: cfg80211: treat 6 GHz channels as valid regardless of capability
BACKPORT: mac80211: Add HE 6GHz capabilities element to probe request
BACKPORT: mac80211: add HE 6 GHz Band Capability element
BACKPORT: cfg80211: add and expose HE 6 GHz band capabilities
BACKPORT: cfg80211: handle 6 GHz capability of new station
BACKPORT: ieee80211: add HE ext EIDs and 6 GHz capability defines
BACKPORT: ieee80211: add code to obtain and parse 6 GHz operation field
BACKPORT: cfg80211: add a helper to identify 6 GHz PSCs
BACKPORT: cfg80211: adapt to new channelization of the 6GHz band
BACKPORT: cfg80211: fix 6 GHz frequencies to kHz
BACKPORT: cfg80211: express channels with a KHz component
Revert "Revert "Revert "ANDROID: ALSA: jack: Update supported ja..."
UPSTREAM: loop: Fix wrong masking of status flags
UPSTREAM: loop: Add LOOP_CONFIGURE ioctl
UPSTREAM: loop: Clean up LOOP_SET_STATUS lo_flags handling
UPSTREAM: loop: Rework lo_ioctl() __user argument casting
UPSTREAM: loop: Move loop_set_status_from_info() and friends up
BACKPORT: loop: Factor out configuring loop from status
UPSTREAM: loop: Remove figure_loop_size()
UPSTREAM: loop: Refactor loop_set_status() size calculation
UPSTREAM: loop: Factor out setting loop device size
UPSTREAM: loop: Remove sector_t truncation checks
UPSTREAM: loop: Call loop_config_discard() only after new config is applied
ANDROID: Revert "module: Refactor section attr into bin attribute"
ANDROID: Revert "module: Do not expose section addresses to non-CAP_SYSLOG"
FROMLIST: rpmsg: Guard against null endpoint ops in destroy
ANDROID: GKI: Add some symbols to symbol list
Conflicts:
android/abi_gki_aarch64_qcom
Change-Id: I626db7277bb4eb964d24336294e6a2a5ce3fab0a
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
c0b1779755 |
This is the 5.4.59 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl88xTwACgkQONu9yGCS
aT60Lw/9HV3JZ0KDYKHRRS/n4UWh2w7jHe5hwFTfX8/KibexzGzgV3gTaXsyQx75
Bj2ruJTGZKDvy+a9/IsjTe1v1/HPwPydDyfABNl/Rn8vQuyHzyyGzQo2owqGb57w
4wVuoqhPASn0n2QAMG05caAx1uqPlXcT/I4H8vpzieNEHbB/2TbwFiWvrDC2d+nw
mw1PkRmaFp2GSMOHSb68n2oYUv19EBHDtxF9WkwyftdKALQYz5x4O/n4lhpzMSmO
OeiUg/dpLi0bptL1SQAfaY/Lxa1gFb62YvP47WbWp/P6zespOInk2n8kmpoHxol3
MMZelRCdl9NtIKVXMEOFEv/asXPlF2wARGmNejGCYLaRqal1bH67yG4eja7biIJe
gr5OBOFVPol83sPAnb6V4P2SEs650WR95hshYpRL9lbmcHY4q5zoXVm9ul/Hp49R
qjjfxHDNQQoQgX4ZhEJLp2a5AEJUM4Kz28pZXHyczKYc2R6/AZWqHfnbQVURf+au
0xJ/tOFxn3yqRtTkmuuifkZcUTJ5iRnzxUUYiGyhTqZOTNZTD0FgiI+S7gckI//K
idoWGTszHZb6YkNBEwz4WJFtxCGpO95xgD95jOpJVxFcJ5f5PpfZE7RkXUDLR5UO
XzJopB3nOT1h3EoI3xq7aPDF1hKbkp+VRMWcVrBeP9KgcpLisS4=
=Tk2c
-----END PGP SIGNATURE-----
Merge 5.4.59 into android11-5.4
Changes in 5.4.59
tracepoint: Mark __tracepoint_string's __used
HID: input: Fix devices that return multiple bytes in battery report
nvme: add a Identify Namespace Identification Descriptor list quirk
fs/io_uring.c: Fix uninitialized variable is referenced in io_submit_sqe
clk: qcom: clk-rpmh: Wait for completion when enabling clocks
x86/mce/inject: Fix a wrong assignment of i_mce.status
sched/fair: Fix NOHZ next idle balance
sched: correct SD_flags returned by tl->sd_flags()
arm64: dts: rockchip: fix rk3368-lion gmac reset gpio
arm64: dts: rockchip: fix rk3399-puma vcc5v0-host gpio
arm64: dts: rockchip: fix rk3399-puma gmac reset gpio
EDAC: Fix reference count leaks
crc-t10dif: Fix potential crypto notify dead-lock
arm64: dts: qcom: msm8916: Replace invalid bias-pull-none property
blktrace: fix debugfs use after free
crypto: ccree - fix resource leak on error path
ARM: exynos: MCPM: Restore big.LITTLE cpuidle support
firmware: arm_scmi: Fix SCMI genpd domain probing
arm64: dts: exynos: Fix silent hang after boot on Espresso
sched/uclamp: Fix initialization of struct uclamp_rq
clk: scmi: Fix min and max rate when registering clocks with discrete rates
m68k: mac: Don't send IOP message until channel is idle
m68k: mac: Fix IOP status/control register writes
platform/x86: intel-hid: Fix return value check in check_acpi_dev()
platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
ARM: dts: gose: Fix ports node name for adv7180
ARM: dts: gose: Fix ports node name for adv7612
ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Add regulator supply to all CPU cores
ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages
spi: lantiq: fix: Rx overflow error in full duplex mode
tpm: Require that all digests are present in TCG_PCR_EVENT2 structures
recordmcount: only record relocation of type R_AARCH64_CALL26 on arm64.
regulator: fix memory leak on error path of regulator_register()
io_uring: fix sq array offset calculation
spi: rockchip: Fix error in SPI slave pio read
ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh()
iocost: Fix check condition of iocg abs_vdebt
irqchip/ti-sci-inta: Fix return value about devm_ioremap_resource()
seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID
md: raid0/linear: fix dereference before null check on pointer mddev
nvme-tcp: fix controller reset hang during traffic
nvme-rdma: fix controller reset hang during traffic
nvme-multipath: fix logic for non-optimized paths
nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths
drm/tilcdc: fix leak & null ref in panel_connector_get_modes
soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
loop: be paranoid on exit and prevent new additions / removals
fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls
drm/amdgpu: avoid dereferencing a NULL pointer
drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
crypto: aesni - Fix build with LLVM_IAS=1
video: fbdev: savage: fix memory leak on error handling path in probe
video: fbdev: neofb: fix memory leak in neo_scan_monitor()
bus: ti-sysc: Add missing quirk flags for usb_host_hs
md-cluster: fix wild pointer of unlock_all_bitmaps()
drm/nouveau/kms/nv50-: Fix disabling dithering
arm64: dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding
drm/etnaviv: fix ref count leak via pm_runtime_get_sync
drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek
drm/nouveau: fix multiple instances of reference count leaks
mmc: sdhci-cadence: do not use hardware tuning for SD mode
btrfs: fix lockdep splat from btrfs_dump_space_info
usb: mtu3: clear dual mode of u3port when disable device
drm: msm: a6xx: fix gpu failure after system resume
drm/msm: Fix a null pointer access in msm_gem_shrinker_count()
drm/debugfs: fix plain echo to connector "force" attribute
drm/radeon: disable AGP by default
irqchip/irq-mtk-sysirq: Replace spinlock with raw_spinlock
mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls
drm/amdgpu/display bail early in dm_pp_get_static_clocks
drm/amd/powerplay: fix compile error with ARCH=arc
bpf: Fix fds_example SIGSEGV error
brcmfmac: keep SDIO watchdog running when console_interval is non-zero
brcmfmac: To fix Bss Info flag definition Bug
brcmfmac: set state of hanger slot to FREE when flushing PSQ
platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15
iwlegacy: Check the return value of pcie_capability_read_*()
gpu: host1x: debug: Fix multiple channels emitting messages simultaneously
ionic: update eid test for overflow
mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1
usb: gadget: net2280: fix memory leak on probe error handling paths
bdc: Fix bug causing crash after multiple disconnects
usb: bdc: Halt controller on suspend
dyndbg: fix a BUG_ON in ddebug_describe_flags
bcache: fix super block seq numbers comparision in register_cache_set()
ACPICA: Do not increment operation_region reference counts for field units
drm/msm: ratelimit crtc event overflow error
drm/gem: Fix a leak in drm_gem_objects_lookup()
drm/bridge: ti-sn65dsi86: Clear old error bits before AUX transfers
agp/intel: Fix a memory leak on module initialisation failure
mwifiex: Fix firmware filename for sd8977 chipset
mwifiex: Fix firmware filename for sd8997 chipset
btmrvl: Fix firmware filename for sd8977 chipset
btmrvl: Fix firmware filename for sd8997 chipset
video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
console: newport_con: fix an issue about leak related system resources
video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call
ath10k: Acquire tx_lock in tx error paths
iio: improve IIO_CONCENTRATION channel type description
drm/etnaviv: Fix error path on failure to enable bus clk
drm/arm: fix unintentional integer overflow on left shift
clk: bcm63xx-gate: fix last clock availability
leds: lm355x: avoid enum conversion warning
Bluetooth: btusb: fix up firmware download sequence
Bluetooth: btmtksdio: fix up firmware download sequence
media: cxusb-analog: fix V4L2 dependency
media: marvell-ccic: Add missed v4l2_async_notifier_cleanup()
media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities()
ASoC: SOF: nocodec: add missing .owner field
ASoC: Intel: bxt_rt298: add missing .owner field
scsi: cumana_2: Fix different dev_id between request_irq() and free_irq()
drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline
cxl: Fix kobject memleak
drm/radeon: fix array out-of-bounds read and write issues
staging: vchiq_arm: Add a matching unregister call
iavf: fix error return code in iavf_init_get_resources()
iavf: Fix updating statistics
RDMA/core: Fix bogus WARN_ON during ib_unregister_device_queued()
scsi: powertec: Fix different dev_id between request_irq() and free_irq()
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
ipvs: allow connection reuse for unconfirmed conntrack
media: firewire: Using uninitialized values in node_probe()
media: exynos4-is: Add missed check for pinctrl_lookup_state()
media: cros-ec-cec: do not bail on device_init_wakeup failure
xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork
xfs: fix reflink quota reservation accounting error
RDMA/rxe: Skip dgid check in loopback mode
PCI: Fix pci_cfg_wait queue locking problem
drm/stm: repair runtime power management
kobject: Avoid premature parent object freeing in kobject_cleanup()
leds: core: Flush scheduled work for system suspend
drm: panel: simple: Fix bpc for LG LB070WV8 panel
phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY
drm/bridge: sil_sii8620: initialize return of sii8620_readb
scsi: scsi_debug: Add check for sdebug_max_queue during module init
mwifiex: Prevent memory corruption handling keys
kernfs: do not call fsnotify() with name without a parent
powerpc/rtas: don't online CPUs for partition suspend
powerpc/vdso: Fix vdso cpu truncation
RDMA/qedr: SRQ's bug fixes
RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue
ima: Have the LSM free its audit rule
staging: rtl8192u: fix a dubious looking mask before a shift
ASoC: meson: fixes the missed kfree() for axg_card_add_tdm_loopback
PCI/ASPM: Add missing newline in sysfs 'policy'
phy: renesas: rcar-gen3-usb2: move irq registration to init
powerpc/book3s64/pkeys: Use PVR check instead of cpu feature
drm/imx: fix use after free
drm/imx: tve: fix regulator_disable error path
gpu: ipu-v3: Restore RGB32, BGR32
spi: lantiq-ssc: Fix warning by using WQ_MEM_RECLAIM
USB: serial: iuu_phoenix: fix led-activity helpers
usb: core: fix quirks_param_set() writing to a const pointer
thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor()
coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb()
powerpc/perf: Fix missing is_sier_aviable() during build
mt76: mt7615: fix potential memory leak in mcu message handler
phy: armada-38x: fix NETA lockup when repeatedly switching speeds
MIPS: OCTEON: add missing put_device() call in dwc3_octeon_device_init()
usb: dwc2: Fix error path in gadget registration
usb: gadget: f_uac2: fix AC Interface Header Descriptor wTotalLength
scsi: megaraid_sas: Clear affinity hint
scsi: mesh: Fix panic after host or bus reset
net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
macintosh/via-macii: Access autopoll_devs when inside lock
PCI: cadence: Fix updating Vendor ID and Subsystem Vendor ID register
RDMA/core: Fix return error value in _ib_modify_qp() to negative
Smack: fix another vsscanf out of bounds
Smack: prevent underflow in smk_set_cipso()
power: supply: check if calc_soc succeeded in pm860x_init_battery
Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags
Bluetooth: hci_serdev: Only unregister device if it was registered
net: dsa: rtl8366: Fix VLAN semantics
net: dsa: rtl8366: Fix VLAN set-up
xfs: fix inode allocation block res calculation precedence
selftests/powerpc: Squash spurious errors due to device removal
powerpc/32s: Fix CONFIG_BOOK3S_601 uses
powerpc/boot: Fix CONFIG_PPC_MPC52XX references
selftests/powerpc: Fix CPU affinity for child process
RDMA/netlink: Remove CAP_NET_RAW check when dump a raw QP
PCI: Release IVRS table in AMD ACS quirk
cpufreq: ap806: fix cpufreq driver needs ap cpu clk
selftests/powerpc: Fix online CPU selection
ASoC: meson: axg-tdm-interface: fix link fmt setup
ASoC: meson: axg-tdmin: fix g12a skew
ASoC: meson: axg-tdm-formatters: fix sclk inversion
ASoC: fsl_sai: Fix value of FSL_SAI_CR1_RFW_MASK
s390/qeth: don't process empty bridge port events
ice: Graceful error handling in HW table calloc failure
rtw88: fix LDPC field for RA info
rtw88: fix short GI capability based on current bandwidth
rtw88: coex: only skip coex triggered by BT info
wl1251: fix always return 0 error
tools, build: Propagate build failures from tools/build/Makefile.build
tools, bpftool: Fix wrong return value in do_dump()
net/mlx5: DR, Change push vlan action sequence
net/mlx5: Delete extra dump stack that gives nothing
net: ethernet: aquantia: Fix wrong return value
liquidio: Fix wrong return value in cn23xx_get_pf_num()
net: spider_net: Fix the size used in a 'dma_free_coherent()' call
fsl/fman: use 32-bit unsigned integer
fsl/fman: fix dereference null return value
fsl/fman: fix unreachable code
fsl/fman: check dereferencing null pointer
fsl/fman: fix eth hash table allocation
net: thunderx: initialize VF's mailbox mutex before first usage
dlm: Fix kobject memleak
ocfs2: fix unbalanced locking
pinctrl-single: fix pcs_parse_pinconf() return value
svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
SUNRPC: Fix ("SUNRPC: Add "@len" parameter to gss_unwrap()")
x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task
crypto: aesni - add compatibility with IAS
af_packet: TPACKET_V3: fix fill status rwlock imbalance
drivers/net/wan/lapbether: Added needed_headroom and a skb->len check
net: Fix potential memory leak in proto_register()
net/nfc/rawsock.c: add CAP_NET_RAW check.
net: phy: fix memory leak in device-create error path
net: Set fput_needed iff FDPUT_FPUT is set
net/tls: Fix kmap usage
tcp: correct read of TFO keys on big endian systems
vmxnet3: use correct tcp hdr length when packet is encapsulated
net: refactor bind_bucket fastreuse into helper
net: initialize fastreuse on inet_inherit_port
USB: serial: cp210x: re-enable auto-RTS on open
USB: serial: cp210x: enable usb generic throttle/unthrottle
ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
9p: Fix memory leak in v9fs_mount
media: media-request: Fix crash if memory allocation fails
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
io_uring: set ctx sq/cq entry count earlier
NFS: Don't move layouts to plh_return_segs list while in use
NFS: Don't return layout segments that are in use
cpufreq: Fix locking issues with governors
cpufreq: dt: fix oops on armada37xx
include/asm-generic/vmlinux.lds.h: align ro_after_init
spi: spidev: Align buffers for DMA
mtd: rawnand: qcom: avoid write to unavailable register
erofs: fix extended inode could cross boundary
Revert "parisc: Drop LDCW barrier in CAS code when running UP"
Revert "parisc: Use ldcw instruction for SMP spinlock release barrier"
Revert "parisc: Revert "Release spinlocks using ordered store""
parisc: Do not use an ordered store in pa_tlb_lock()
parisc: Implement __smp_store_release and __smp_load_acquire barriers
parisc: mask out enable and reserved bits from sba imask
ARM: 8992/1: Fix unwind_frame for clang-built kernels
irqdomain/treewide: Free firmware node after domain removal
ALSA: usb-audio: add quirk for Pioneer DDJ-RB
tpm: Unify the mismatching TPM space buffer sizes
pstore: Fix linking when crypto API disabled
crypto: hisilicon - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
crypto: qat - fix double free in qat_uclo_create_batch_init_list
crypto: ccp - Fix use of merged scatterlists
crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
bitfield.h: don't compile-time validate _val in FIELD_FIT
fs/minix: check return value of sb_getblk()
fs/minix: don't allow getting deleted inodes
fs/minix: reject too-large maximum file size
xen/balloon: fix accounting in alloc_xenballooned_pages error path
xen/balloon: make the balloon wait interruptible
xen/gntdev: Fix dmabuf import with non-zero sgt offset
s390/dasd: fix inability to use DASD with DIAG driver
s390/gmap: improve THP splitting
io_uring: Fix NULL pointer dereference in loop_rw_iter()
Linux 5.4.59
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4bc685ec9234d8f72a9c66ee2d509a2975f6d711
|
||
Dan Carpenter
|
b2b8438ed8 |
Smack: prevent underflow in smk_set_cipso()
[ Upstream commit 42a2df3e829f3c5562090391b33714b2e2e5ad4a ]
We have an upper bound on "maplevel" but forgot to check for negative
values.
Fixes:
|
||
|
Dan Carpenter
|
674992659a |
Smack: fix another vsscanf out of bounds
[ Upstream commit a6bd4f6d9b07452b0b19842044a6c3ea384b0b88 ]
This is similar to commit 84e99e58e8d1 ("Smack: slab-out-of-bounds in
vsscanf") where we added a bounds check on "rule".
Reported-by: syzbot+a22c6092d003d6fe1122@syzkaller.appspotmail.com
Fixes:
|
||
Tyler Hicks
|
2092075629 |
ima: Have the LSM free its audit rule
[ Upstream commit 9ff8a616dfab96a4fa0ddd36190907dc68886d9b ]
Ask the LSM to free its audit rule rather than directly calling kfree().
Both AppArmor and SELinux do additional work in their audit_rule_free()
hooks. Fix memory leaks by allowing the LSMs to perform necessary work.
Fixes:
|
||
|
Greg Kroah-Hartman
|
3a9b53bc89 |
This is the 5.4.58 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8ynngACgkQONu9yGCS
aT5cPw/9GiiNZCLyjB3jVyalmN9uDYKQ+eS8H97GG7IBVYyg9whOKIrOCZHcLINH
DV5s/qnhRWJPzmQ47410ySuPb6QMvkhWTK7i5Xf+K7BOvoz/snfFGcmdu1CA4KxR
CuuH449Y4l3sH+5fPv7+EToovBqA2cfeiz/i5d5Di/N4yODWBCbHHAsZIt0oGvuK
sI1aI1K//R7vKZQvQo85tvENbWJWQwDN7eYVQj3aSbvnq8JqVpwTKTBpKfshzgzB
RmMSOVpQoQYNivW9oleG0NTQeHqj7alG8anFs3Drgu1hs5dzQhqAFlKddhtRS69j
mtrSJuf0GgJEYA6n+PfacoM4l7kHUZcQH9+bglbCXTA3nH24DLT7h0Lybm+ETPXc
ZAYo7cHqrS1BWv8VHZggSbqPr6YNKvgeflgS394wAgNEFcaJmaPfS6+elmc0qf2t
VPSas7QQruRS1Bqwb6CF2tHsl4N+VdvxX1a2JjHHcF5N3z5aqDm1qaVVQHxAg2rE
gXepFNGkEIBhWRxPz+5quxN1XBcUDiQYrzdoaKHxwY+OcdCf635P5Ob+1WK3w1oa
qhl/2scs44D67wZSgXHo5N4vMi9HhPOSV77jklgFcg75IzM9YWwYnJADQRHxo7nT
25XEgUlMfxm0ngw+CZWR0ssaP6rB9V1rRLDqb1W5HbqA7lp2YE8=
=Fe6H
-----END PGP SIGNATURE-----
Merge 5.4.58 into android11-5.4
Changes in 5.4.58
USB: serial: qcserial: add EM7305 QDL product ID
perf/core: Fix endless multiplex timer
USB: iowarrior: fix up report size handling for some devices
usb: xhci: define IDs for various ASMedia host controllers
usb: xhci: Fix ASMedia ASM1142 DMA addressing
io_uring: prevent re-read of sqe->opcode
io_uring: Fix use-after-free in io_sq_wq_submit_work()
Revert "ALSA: hda: call runtime_allow() for all hda controllers"
ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
ALSA: hda/ca0132 - Add new quirk ID for Recon3D.
ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value.
ALSA: hda/ca0132 - Fix AE-5 microphone selection commands.
ALSA: seq: oss: Serialize ioctls
staging: android: ashmem: Fix lockdep warning for write operation
staging: rtl8712: handle firmware load failure
Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
omapfb: dss: Fix max fclk divider for omap36xx
binder: Prevent context manager from incrementing ref 0
Smack: fix use-after-free in smk_write_relabel_self()
scripts: add dummy report mode to add_namespace.cocci
vgacon: Fix for missing check in scrollback handling
mtd: properly check all write ioctls for permissions
leds: wm831x-status: fix use-after-free on unbind
leds: lm36274: fix use-after-free on unbind
leds: da903x: fix use-after-free on unbind
leds: lm3533: fix use-after-free on unbind
leds: 88pm860x: fix use-after-free on unbind
net/9p: validate fds in p9_fd_open
drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason
drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
nvme-pci: prevent SK hynix PC400 from using Write Zeroes command
drm/drm_fb_helper: fix fbdev with sparc64
i2c: slave: improve sanity check when registering
i2c: slave: add sanity check when unregistering
usb: hso: check for return value in hso_serial_common_create()
net: ethernet: mtk_eth_soc: Always call mtk_gmac0_rgmii_adjust() for mt7623
ALSA: hda: fix NULL pointer dereference during suspend
firmware: Fix a reference count leak.
cfg80211: check vendor command doit pointer before use
igb: reinit_locked() should be called with rtnl_lock
atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
tools lib traceevent: Fix memory leak in process_dynamic_array_len
Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
xattr: break delegations in {set,remove}xattr
Revert "powerpc/kasan: Fix shadow pages allocation failure"
PCI: tegra: Revert tegra124 raw_violation_fixup
ipv4: Silence suspicious RCU usage warning
ipv6: fix memory leaks on IPV6_ADDRFORM path
ipv6: Fix nexthop refcnt leak when creating ipv6 route info
net: ethernet: mtk_eth_soc: fix MTU warnings
rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
vxlan: Ensure FDB dump is performed under RCU
net: lan78xx: replace bogus endpoint lookup
appletalk: Fix atalk_proc_init() return path
dpaa2-eth: Fix passing zero to 'PTR_ERR' warning
hv_netvsc: do not use VF device if link is down
net: gre: recompute gre csum for sctp over gre tunnels
net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
Revert "vxlan: fix tos value before xmit"
selftests/net: relax cpu affinity requirement in msg_zerocopy test
tcp: apply a floor of 1 for RTT samples from TCP timestamps
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
nfsd: Fix NFSv4 READ on RDMA when using readv
Linux 5.4.58
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0e89e2c0faf90bdf1f6ac37f9a2c2395cacab054
|
||
Bruno Meneguele
|
df6aeb5235 |
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
commit 311aa6aafea446c2f954cc19d66425bfed8c4b0b upstream.
The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise="
modes - log, fix, enforce - at run time, but not when IMA architecture
specific policies are enabled. This prevents properly labeling the
filesystem on systems where secure boot is supported, but not enabled on the
platform. Only when secure boot is actually enabled should these IMA
appraise modes be disabled.
This patch removes the compile time dependency and makes it a runtime
decision, based on the secure boot state of that platform.
Test results as follows:
-> x86-64 with secure boot enabled
[ 0.015637] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.015668] ima: Secure boot enabled: ignoring ima_appraise=fix boot parameter option
-> powerpc with secure boot disabled
[ 0.000000] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.000000] Secure boot mode disabled
-> Running the system without secure boot and with both options set:
CONFIG_IMA_APPRAISE_BOOTPARAM=y
CONFIG_IMA_ARCH_POLICY=y
Audit prompts "missing-hash" but still allow execution and, consequently,
filesystem labeling:
type=INTEGRITY_DATA msg=audit(07/09/2020 12:30:27.778:1691) : pid=4976
uid=root auid=root ses=2
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 op=appraise_data
cause=missing-hash comm=bash name=/usr/bin/evmctl dev="dm-0" ino=493150
res=no
Cc: stable@vger.kernel.org
Fixes:
|
||
Eric Biggers
|
5f5fb7cea8 |
Smack: fix use-after-free in smk_write_relabel_self()
commit beb4ee6770a89646659e6a2178538d2b13e2654e upstream.
smk_write_relabel_self() frees memory from the task's credentials with
no locking, which can easily cause a use-after-free because multiple
tasks can share the same credentials structure.
Fix this by using prepare_creds() and commit_creds() to correctly modify
the task's credentials.
Reproducer for "BUG: KASAN: use-after-free in smk_write_relabel_self":
#include <fcntl.h>
#include <pthread.h>
#include <unistd.h>
static void *thrproc(void *arg)
{
int fd = open("/sys/fs/smackfs/relabel-self", O_WRONLY);
for (;;) write(fd, "foo", 3);
}
int main()
{
pthread_t t;
pthread_create(&t, NULL, thrproc, NULL);
thrproc(NULL);
}
Reported-by: syzbot+e6416dabb497a650da40@syzkaller.appspotmail.com
Fixes:
|
||
|
Blagovest Kolenichev
|
40bffd325d |
Merge android11-5.4.54 (261a54f) into msm-5.4
* refs/heads/tmp-261a54f:
Revert "soc: qcom: rpmh: Update dirty flag only when data changes"
Revert "soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data"
Revert "soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS"
Revert "soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request"
Revert "soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner"
Linux 5.4.54
ath9k: Fix regression with Atheros 9271
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
dm integrity: fix integrity recalculation that is improperly skipped
ASoC: topology: fix tlvs in error handling for widget_dmixer
ASoC: topology: fix kernel oops on route addition error
ASoC: qcom: Drop HAS_DMA dependency to fix link failure
ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10
x86, vmlinux.lds: Page-align end of ..page_aligned sections
parisc: Add atomic64_set_release() define to avoid CPU soft lockups
drm/amd/powerplay: fix a crash when overclocking Vega M
drm/amdgpu: Fix NULL dereference in dpm sysfs handlers
mmc: sdhci-of-aspeed: Fix clock divider calculation
io-mapping: indicate mapping failure
khugepaged: fix null-pointer dereference due to race
mm: memcg/slab: fix memory leak at non-root kmem_cache destroy
mm/memcg: fix refcount error while moving and swapping
mm/mmap.c: close race between munmap() and expand_upwards()/downwards()
Makefile: Fix GCC_TOOLCHAIN_DIR prefix for Clang cross compilation
vt: Reject zero-sized screen buffer size.
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
/dev/mem: Add missing memory barriers for devmem_inode
serial: 8250_mtk: Fix high-speed baud rates clamping
serial: 8250: fix null-ptr-deref in serial8250_start_tx()
serial: tegra: fix CREAD handling for PIO
staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
staging: wlan-ng: properly check endpoint types
tty: xilinx_uartps: Really fix id assignment
iwlwifi: mvm: don't call iwl_mvm_free_inactive_queue() under RCU
Revert "cifs: Fix the target file was deleted when rename failed."
usb: xhci: Fix ASM2142/ASM3142 DMA addressing
usb: xhci-mtk: fix the failure of bandwidth allocation
binder: Don't use mmput() from shrinker function.
RISC-V: Upgrade smp_mb__after_spinlock() to iorw,iorw
drivers/perf: Prevent forced unbinding of PMU drivers
asm-generic/mmiowb: Allow mmiowb_set_pending() when preemptible()
x86: math-emu: Fix up 'cmp' insn for clang ias
arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP
drivers/perf: Fix kernel panic when rmmod PMU modules during perf sampling
ALSA: hda/realtek - fixup for yet another Intel reference board
hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe()
platform/x86: asus-wmi: allow BAT1 battery name
platform/x86: ISST: Add new PCI device ids
hwmon: (nct6775) Accept PECI Calibration as temperature source for NCT6798D
drm/amdgpu: fix preemption unit test
drm/amdgpu/gfx10: fix race condition for kiq
hwmon: (adm1275) Make sure we are reading enough data for different chips
usb: cdns3: trace: fix some endian issues
usb: cdns3: ep0: fix some endian issues
usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init()
usb: dwc3: pci: add support for the Intel Jasper Lake
usb: dwc3: pci: add support for the Intel Tiger Lake PCH -H variant
Input: elan_i2c - only increment wakeup count on touch
Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
dmaengine: ioat setting ioat timeout as module parameter
dmaengine: fsl-edma: fix wrong tcd endianness for big-endian cpu
hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
regmap: dev_get_regmap_match(): fix string comparison
spi: mediatek: use correct SPI_CFG2_REG MACRO
ARM: dts: n900: remove mmc1 card detect gpio
Input: add `SW_MACHINE_COVER`
dmaengine: tegra210-adma: Fix runtime PM imbalance on error
HID: apple: Disable Fn-key key-re-mapping on clone keyboards
HID: steam: fixes race in handling device list.
HID: alps: support devices with report id 2
HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override
scripts/gdb: fix lx-symbols 'gdb.error' while loading modules
scripts/decode_stacktrace: strip basepath from all paths
serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X
geneve: fix an uninitialized value in geneve_changelink()
bonding: check return value of register_netdevice() in bond_newlink()
i2c: i2c-qcom-geni: Fix DMA transfer race
i2c: rcar: always clear ICSAR to avoid side effects
enetc: Remove the mdio bus on PF probe bailout
nfsd4: fix NULL dereference in nfsd/clients display code
Revert "PCI/PM: Assume ports without DLL Link Active train links in 100 ms"
net: ethernet: ave: Fix error returns in ave_init
ipvs: fix the connection sync failed in some cases
qed: suppress false-positives interrupt error messages on HW init
qed: suppress "don't support RoCE & iWARP" flooding on HW init
netdevsim: fix unbalaced locking in nsim_create()
net: dsa: microchip: call phy_remove_link_mode during probe
net: hns3: fix error handling for desc filling
net: ag71xx: add missed clk_disable_unprepare in error path of probe
ionic: fix up filter locks and debug msgs
ionic: use offset for ethtool regs data
mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
bonding: check error value of register_netdevice() immediately
net: smc91x: Fix possible memory leak in smc_drv_probe()
drm: sun4i: hdmi: Fix inverted HPD result
ieee802154: fix one possible memleak in adf7242_probe
net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration
ASoC: Intel: bytcht_es8316: Add missed put_device()
RDMA/mlx5: Use xa_lock_irq when access to SRQ table
ax88172a: fix ax88172a_unbind() failures
vsock/virtio: annotate 'the_virtio_vsock' RCU pointer
hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path
fpga: dfl: fix bug in port reset handshake
fpga: dfl: pci: reduce the scope of variable 'ret'
bnxt_en: Fix completion ring sizing with TPA enabled.
bnxt_en: Fix race when modifying pause settings.
btrfs: fix page leaks after failure to lock page for delalloc
btrfs: fix mount failure caused by race with umount
btrfs: fix double free on ulist after backref resolution failure
ASoC: rt5670: Correct RT5670_LDO_SEL_MASK
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
ALSA: hda/realtek: Fixed ALC298 sound bug by adding quirk for Samsung Notebook Pen S
uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression
btrfs: reloc: clear DEAD_RELOC_TREE bit for orphan roots to prevent runaway balance
btrfs: reloc: fix reloc root leak and NULL pointer dereference
SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion")
drm/amd/display: Check DMCU Exists Before Loading
dmabuf: use spinlock to access dmabuf->name
ARM: dts: imx6qdl-gw551x: fix audio SSI
ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link'
irqdomain/treewide: Keep firmware node unconditionally allocated
fuse: fix weird page warning
drivers/firmware/psci: Fix memory leakage in alloc_init_cpu_groups()
dm: use bio_uninit instead of bio_disassociate_blkg
scsi: dh: Add Fujitsu device to devinfo and dh lists
scsi: mpt3sas: Fix error returns in BRM_status_show
drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout
net: sky2: initialize return of gm_phy_read
ALSA: hda/hdmi: fix failures at PCM open on Intel ICL and later
drivers/net/wan/lapbether: Fixed the value of hard_header_len
scsi: mpt3sas: Fix unlock imbalance
xtensa: update *pos in cpuinfo_op.next
xtensa: fix __sync_fetch_and_{and,or}_4 declarations
scsi: scsi_transport_spi: Fix function pointer check
mac80211: allow rx of mesh eapol frames with default rx key
pinctrl: amd: fix npins for uart0 in kerncz_groups
gpio: arizona: put pm_runtime in case of failure
gpio: arizona: handle pm_runtime_get_sync failure case
soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner
ANDROID: build: update ABI definitions
ANDROID: update the kernel release format for GKI
ANDROID: GKI: update clocksource abi due to upstream fixes needed for VDSO backport
UPSTREAM: arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
UPSTREAM: arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
UPSTREAM: arm64: Introduce a way to disable the 32bit vdso
ANDROID: staging: android: ion: Fix compilation error for ion_trace.h
ANDROID: GKI: enable CONFIG_SCSI_UFS_BSG=y
ANDROID: Incremental fs: magic number compatible 32-bit
ANDROID: kbuild: don't merge .*..compoundliteral in modules
ANDROID: KABI updates for db845c (QCOM_COMMAND_DB fixups)
ANDROID: soc: qcom: cmd-db: Allow COMMAND_DB driver to be loaded as a module
ANDROID: GKI: preserve ABI for struct sock_cgroup_data
Revert "genetlink: remove genl_bind"
Revert "arm64/alternatives: use subsections for replacement sequences"
ANDROID: KABI updates for db845c (USB_EHCI_HCD, USB_EHCI_HCD_PLATFORM and DWC3 fixups)
ANDROID: db845c_gki.fragment: Remove DWC3 modules built into GKI
ANDROID: db845c_gki.fragment: Remove modules built into GKI
ANDROID: power: wakeup_reason: refine wakeup logs
ANDROID: power: wakeup_reason: export log_threaded_irq_wakeup_reason
Linux 5.4.53
gpio: pca953x: disable regmap locking for automatic address incrementing
drm/i915/gvt: Fix two CFL MMIO handling caused by regression.
iommu/vt-d: Make Intel SVM code 64-bit only
ionic: export features for vlans to use
spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
rxrpc: Fix trace string
libceph: don't omit recovery_deletes in target_copy()
block: fix get_max_segment_size() overflow on 32bit arch
block: fix splitting segments on boundary masks
drm/i915/gt: Ignore irq enabling on the virtual engines
drm/amdgpu/sdma5: fix wptr overwritten in ->get_wptr()
genirq/affinity: Handle affinity setting on inactive interrupts correctly
sched/fair: handle case of task_h_load() returning 0
sched: Fix unreliable rseq cpu_id for new tasks
arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
arm64: ptrace: Consistently use pseudo-singlestep exceptions
arm64: ptrace: Override SPSR.SS when single-stepping is enabled
thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power
thermal: int3403_thermal: Downgrade error message
misc: atmel-ssc: lock with mutex instead of spinlock
dmaengine: fsl-edma-common: correct DSIZE_32BYTE
dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler
dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
intel_th: Fix a NULL dereference when hub driver is not loaded
intel_th: pci: Add Emmitsburg PCH support
intel_th: pci: Add Tiger Lake PCH-H support
intel_th: pci: Add Jasper Lake CPU support
powerpc/pseries/svm: Fix incorrect check for shared_lppaca_size
powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
riscv: use 16KB kernel stack on 64-bit
timer: Fix wheel index calculation on last level
timer: Prevent base->clk from moving backward
scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
uio_pdrv_genirq: fix use without device tree and no interrupt
uio_pdrv_genirq: Remove warning when irq is not specified
Input: elan_i2c - add more hardware ID for Lenovo laptops
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
mei: bus: don't clean driver pointer
Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"
fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS
fuse: use ->reconfigure() instead of ->remount_fs()
fuse: ignore 'data' argument of mount(..., MS_REMOUNT)
ovl: fix unneeded call to ovl_change_flags()
ovl: relax WARN_ON() when decoding lower directory file handle
ovl: inode reference leak in ovl_is_inuse true case.
ovl: fix regression with re-formatted lower squashfs
serial: mxs-auart: add missed iounmap() in probe failure and remove
virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial
Revert "tty: xilinx_uartps: Fix missing id assignment to the console"
virt: vbox: Fix guest capabilities mask check
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
USB: serial: option: add Quectel EG95 LTE modem
USB: serial: option: add GosunCn GM500 series
USB: serial: ch341: add new Product ID for CH340
USB: serial: cypress_m8: enable Simply Automated UPB PIM
USB: serial: iuu_phoenix: fix memory corruption
usb: gadget: function: fix missing spinlock in f_uac1_legacy
usb: chipidea: core: add wakeup support for extcon
usb: dwc2: Fix shutdown callback in platform
USB: c67x00: fix use after free in c67x00_giveback_urb
ALSA: hda/realtek - Enable Speaker for ASUS UX563
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256
ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289
ALSA: hda/realtek - change to suitable link model for ASUS platform
ALSA: usb-audio: Fix race against the error recovery URB submission
ALSA: line6: Sync the pending work cancel at disconnection
ALSA: line6: Perform sanity check for each URB creation
HID: quirks: Ignore Simply Automated UPB PIM
HID: quirks: Always poll Obins Anne Pro 2 keyboard
HID: magicmouse: do not set up autorepeat
HID: logitech-hidpp: avoid repeated "multiplier = " log messages
slimbus: core: Fix mismatch in of_node_get/put
clk: qcom: gcc: Add missing UFS clocks for SM8150
clk: qcom: gcc: Add GPU and NPU clocks for SM8150
mtd: rawnand: oxnas: Release all devices in the _remove() path
mtd: rawnand: oxnas: Unregister all devices on error
mtd: rawnand: oxnas: Keep track of registered devices
mtd: rawnand: brcmnand: fix CS0 layout
mtd: rawnand: brcmnand: correctly verify erased pages
mtd: rawnand: timings: Fix default tR_max and tCCS_min timings
mtd: rawnand: marvell: Fix probe error path
mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered
mtd: rawnand: marvell: Fix the condition on a return code
RDMA/mlx5: Verify that QP is created with RQ or SQ
soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request
soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS
soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data
soc: qcom: rpmh: Update dirty flag only when data changes
perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode
PCI/PM: Call .bridge_d3() hook only if non-NULL
habanalabs: Align protection bits configuration of all TPCs
apparmor: ensure that dfa state tables have entries
soc: qcom: socinfo: add missing soc_id sysfs entry
arm: dts: mt7623: add phy-mode property for gmac2
copy_xstate_to_kernel: Fix typo which caused GDB regression
regmap: debugfs: Don't sleep while atomic for fast_io regmaps
keys: asymmetric: fix error return code in software_key_query()
arm64: dts: spcfpga: Align GIC, NAND and UART nodenames with dtschema
ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
xprtrdma: fix incorrect header size calculations
Revert "thermal: mediatek: fix register index error"
ARM: dts: Fix dcan driver probe failed on am437x platform
fuse: don't ignore errors from fuse_writepages_fill()
NFS: Fix interrupted slots by sending a solo SEQUENCE operation
clk: AST2600: Add mux for EMMC clock
clk: mvebu: ARMADA_AP_CPU_CLK needs to select ARMADA_AP_CP_HELPER
staging: comedi: verify array index is correct before using it
usb: gadget: udc: atmel: fix uninitialized read in debug printk
spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
dmaengine: dmatest: stop completed threads when running without set channel
dmaengine: dw: Initialize channel before each transfer
iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()'
bus: ti-sysc: Do not disable on suspend for no-idle
bus: ti-sysc: Fix sleeping function called from invalid context for RTC quirk
bus: ti-sysc: Fix wakeirq sleeping function called from invalid context
arm64: dts: meson-gxl-s805x: reduce initial Mali450 core frequency
arm64: dts: meson: add missing gxl rng clock
phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked
dmaengine: sh: usb-dmac: set tx_result parameters
soundwire: intel: fix memory leak with devm_kasprintf
iio:health:afe4404 Fix timestamp alignment and prevent data leak.
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S
bus: ti-sysc: Use optional clocks on for enable and wait for softreset bit
ACPI: video: Use native backlight on Acer TravelMate 5735Z
Input: mms114 - add extra compatible for mms345l
ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S
ACPI: video: Use native backlight on Acer Aspire 5783z
ALSA: usb-audio: Rewrite registration quirk handling
mmc: sdhci: do not enable card detect interrupt for gpio cd type
doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode
ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8)
Input: goodix - fix touch coordinates on Cube I15-TC
ALSA: usb-audio: Add support for MOTU MicroBook IIc
bus: ti-sysc: Detect EDMA and set quirk flags for tptc
arm64: dts: g12-common: add parkmode_disable_ss_quirk on DWC3 controller
bus: ti-sysc: Detect display subsystem related devices
bus: ti-sysc: Handle module unlock quirk needed for some RTC
bus: ti-sysc: Consider non-existing registers too when matching quirks
bus: ti-sysc: Rename clk related quirks to pre_reset and post_reset quirks
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled
drm/sun4i: tcon: Separate quirks for tcon0 and tcon1 on A20
ARM: at91: pm: add quirk for sam9x60's ulp1
HID: quirks: Remove ITE 8595 entry from hid_have_special_driver
mmc: mmci: Support any block sizes for ux500v2 and qcom variant
ARM: OMAP2+: use separate IOMMU pdata to fix DRA7 IPU1 boot
ARM: OMAP2+: Add workaround for DRA7 DSP MStandby errata i879
ARM: OMAP4+: remove pdata quirks for omap4+ iommus
net: sfp: add some quirks for GPON modules
net: sfp: add support for module quirks
Revert "usb/xhci-plat: Set PM runtime as active on resume"
Revert "usb/ehci-platform: Set PM runtime as active on resume"
Revert "usb/ohci-platform: Fix a warning when hibernating"
net: ethernet: mvneta: Add back interface mode validation
net: ethernet: mvneta: Do not error out in non serdes modes
net: macb: call pm_runtime_put_sync on failure path
of: of_mdio: Correct loop scanning logic
net: dsa: bcm_sf2: Fix node reference count
spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
iio:health:afe4403 Fix timestamp alignment and prevent data leak.
iio:pressure:ms5611 Fix buffer element alignment
iio:humidity:hts221 Fix alignment and data leak issues
iio: pressure: zpa2326: handle pm_runtime_get_sync failure
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
iio: core: add missing IIO_MOD_H2/ETHANOL string identifiers
iio: magnetometer: ak8974: Fix runtime PM imbalance on error
iio:humidity:hdc100x Fix alignment and data leak issues
iio:magnetometer:ak8974: Fix alignment and data leak issues
arm64/alternatives: don't patch up internal branches
i2c: eg20t: Load module automatically if ID matches
gfs2: read-only mounts should grab the sd_freeze_gl glock
tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
arm64/alternatives: use subsections for replacement sequences
cifs: prevent truncation from long to int in wait_for_free_credits
dt-bindings: mailbox: zynqmp_ipi: fix unit address
m68k: mm: fix node memblock init
m68k: nommu: register start of the memory with memblock
blk-mq-debugfs: update blk_queue_flag_name[] accordingly for new flags
thermal/drivers: imx: Fix missing of_node_put() at probe time
x86/fpu: Reset MXCSR to default in kernel_fpu_begin()
drm/exynos: fix ref count leak in mic_pre_enable
drm/exynos: Properly propagate return value in drm_iommu_attach_device()
drm/msm/dpu: allow initialization of encoder locks during encoder init
drm/msm: fix potential memleak in error branch
arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
arm64: Introduce a way to disable the 32bit vdso
ip: Fix SO_MARK in RST, ACK and ICMP packets
cgroup: Fix sock_cgroup_data on big-endian.
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
tcp: md5: allow changing MD5 keys in all socket states
tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
vlan: consolidate VLAN parsing code and limit max parsing depth
tcp: md5: do not send silly options in SYNCOOKIES
tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key()
tcp: make sure listeners don't initialize congestion-control state
tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
sched: consistently handle layer3 header accesses in the presence of VLANs
net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
net_sched: fix a memory leak in atm_tc_init()
net: dsa: microchip: set the correct number of ports
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
llc: make sure applications use ARPHRD_ETHER
l2tp: remove skb_dst_set() from l2tp_xmit_skb()
ipv6: Fix use of anycast address with loopback
ipv6: fib6_select_path can not use out path for nexthop objects
ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
genetlink: remove genl_bind
bridge: mcast: Fix MLD2 Report IPv6 payload length check
net: rmnet: fix lower interface leak
net: atlantic: fix ip dst and ipv6 address filters
crypto: atmel - Fix build error of CRYPTO_AUTHENC
crypto: atmel - Fix selection of CRYPTO_AUTHENC
ANDROID: GKI: update abi symbol lists now that CONFIG_DWC3 is enabled.
ANDROID: GKI: Enable CONFIG_USB_DWC3
ANDROID: ABI: add the symbols of dwc3.ko and sprd-dma.ko to unisoc
ANDROID: ABI: Update the ABI whitelist for QCOM
ANDROID: GKI: Update CF abi list for virtio-console
UPSTREAM: lkdtm/heap: Avoid edge and middle of slabs
UPSTREAM: lkdtm: Avoid more compiler optimizations for bad writes
ANDROID: GKI: Update ABI after RPMH config change
ANDROID: GKI: Adjust symbol lists after RPMH removed from gki_defconfig
ANDROID: db845c_gki.fragment: Add QCOM_RPMH and QCOM_RPMHPD as modules
ANDROID: gki_defconfig: Remove QCOM_RPMH from the gki_defconfig
ANDROID: Kconfig.gki: Remove GKI_QCOM_CLKS_CONFIGS and QCOM_RPMHPD from GKI_HACKS config option
FROMLIST: soc: qcom: rpmh: Allow RPMH driver to be loaded as a module
UPSTREAM: soc: qcom: rpmhpd: Allow RPMHPD driver to be loaded as a module
ANDROID: GKI: Export memblock_free to drivers
ANDROID: GKI: do not export symbol_get/put()
ANDROID: add xfs back to allmodconfig build tests
FROMLIST: rpmsg: core: Add signal API support
ANDROID: GKI: Fix x86 warning on DMA_VIRTUAL_CHANNELS
ANDROID: GKI: Update ABI and export list for qcom
Revert "ANDROID: net: enable wireless core features with GKI_LEGACY_WEXT_ALLCONFIG"
Revert "ALSA: compress: fix partial_drain completion state"
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/mailbox/xlnx,zynqmp-ipi-mailbox.txt
Documentation/devicetree/bindings/usb/dwc3.txt
android/abi_gki_aarch64_qcom
drivers/soc/qcom/Kconfig
drivers/soc/qcom/socinfo.c
drivers/usb/host/xhci-plat.c
kernel/sched/core.c
Change-Id: If4d45d5447eb2b1b86326bae8c3844fe565a0b42
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
171202d5b0 |
This is the 5.4.53 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8X674ACgkQONu9yGCS
aT5F9g/+PdG5XSPhoGEhO2FW43cQKuGp5vWJ3IhVFyEXFdboWIa5laWNBh1ZC/Kg
Ua0vxBGGJDTGZNTJAQd6Re1RfAbptEstrNlwC3BaxUQn5Qn4YQMCNbAeFEj7D2nw
Tez3r3gjpGc9uo0EqfeJStqhFZfh+D3apHz1/RFZ/12T5d4dIEtCXDUAP89zib0w
lHBOH37Mc0WqXSUPLdabIbemlbZv4prYn7gnzIeoxl3h+TKzdjM4pGjrjzKJwy2D
9XDB3Dw9BA225uoextJl3GCOm7IF+TGaR10YxuHCtxJAkdPSt2BUUAFC0XrV7KPw
fGMy8/a8EZj5PoNNjKHzDD2IJf9PhLZgcn7AjOW6x9XXu7lJls4Wx4/k5TpIO1I1
paO8kGex8jk751X4U1Bu8LowLPjiL3fKp0lSeysSw9IIzTBW1DlhSR9Mf/CEihib
xbS6k8/uF9HGtYJKIW4o/iL/3D0MGKTuOX18tlhnZ92Hp5WcAEZKrUKgYTY/exvF
WDYDRSFv17tw6XT7Jfey3veP1z+3kVMZ3KD0CnpJ7poS/f8H730yyEgIDO0dRO3I
Rd1r/uCmgr0GkeNDp46eoTYCgvhCQruxWul0/6/pw4VdzIBSRlPjsZBR+2Frnmuw
dRim972ocnvVzxKe1N2fD+whfjok85h30Xg7uvFgZGEZ7/wOUL8=
=mqst
-----END PGP SIGNATURE-----
Merge 5.4.53 into android11-5.4
Changes in 5.4.53
crypto: atmel - Fix selection of CRYPTO_AUTHENC
crypto: atmel - Fix build error of CRYPTO_AUTHENC
net: atlantic: fix ip dst and ipv6 address filters
net: rmnet: fix lower interface leak
bridge: mcast: Fix MLD2 Report IPv6 payload length check
genetlink: remove genl_bind
ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
ipv6: fib6_select_path can not use out path for nexthop objects
ipv6: Fix use of anycast address with loopback
l2tp: remove skb_dst_set() from l2tp_xmit_skb()
llc: make sure applications use ARPHRD_ETHER
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
net: dsa: microchip: set the correct number of ports
net_sched: fix a memory leak in atm_tc_init()
net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
sched: consistently handle layer3 header accesses in the presence of VLANs
tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
tcp: make sure listeners don't initialize congestion-control state
tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key()
tcp: md5: do not send silly options in SYNCOOKIES
vlan: consolidate VLAN parsing code and limit max parsing depth
tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
tcp: md5: allow changing MD5 keys in all socket states
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
cgroup: Fix sock_cgroup_data on big-endian.
ip: Fix SO_MARK in RST, ACK and ICMP packets
arm64: Introduce a way to disable the 32bit vdso
arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
drm/msm: fix potential memleak in error branch
drm/msm/dpu: allow initialization of encoder locks during encoder init
drm/exynos: Properly propagate return value in drm_iommu_attach_device()
drm/exynos: fix ref count leak in mic_pre_enable
x86/fpu: Reset MXCSR to default in kernel_fpu_begin()
thermal/drivers: imx: Fix missing of_node_put() at probe time
blk-mq-debugfs: update blk_queue_flag_name[] accordingly for new flags
m68k: nommu: register start of the memory with memblock
m68k: mm: fix node memblock init
dt-bindings: mailbox: zynqmp_ipi: fix unit address
cifs: prevent truncation from long to int in wait_for_free_credits
arm64/alternatives: use subsections for replacement sequences
tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
gfs2: read-only mounts should grab the sd_freeze_gl glock
i2c: eg20t: Load module automatically if ID matches
arm64/alternatives: don't patch up internal branches
iio:magnetometer:ak8974: Fix alignment and data leak issues
iio:humidity:hdc100x Fix alignment and data leak issues
iio: magnetometer: ak8974: Fix runtime PM imbalance on error
iio: core: add missing IIO_MOD_H2/ETHANOL string identifiers
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
iio: pressure: zpa2326: handle pm_runtime_get_sync failure
iio:humidity:hts221 Fix alignment and data leak issues
iio:pressure:ms5611 Fix buffer element alignment
iio:health:afe4403 Fix timestamp alignment and prevent data leak.
spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
net: dsa: bcm_sf2: Fix node reference count
of: of_mdio: Correct loop scanning logic
net: macb: call pm_runtime_put_sync on failure path
net: ethernet: mvneta: Do not error out in non serdes modes
net: ethernet: mvneta: Add back interface mode validation
Revert "usb/ohci-platform: Fix a warning when hibernating"
Revert "usb/ehci-platform: Set PM runtime as active on resume"
Revert "usb/xhci-plat: Set PM runtime as active on resume"
net: sfp: add support for module quirks
net: sfp: add some quirks for GPON modules
ARM: OMAP4+: remove pdata quirks for omap4+ iommus
ARM: OMAP2+: Add workaround for DRA7 DSP MStandby errata i879
ARM: OMAP2+: use separate IOMMU pdata to fix DRA7 IPU1 boot
mmc: mmci: Support any block sizes for ux500v2 and qcom variant
HID: quirks: Remove ITE 8595 entry from hid_have_special_driver
ARM: at91: pm: add quirk for sam9x60's ulp1
drm/sun4i: tcon: Separate quirks for tcon0 and tcon1 on A20
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled
bus: ti-sysc: Rename clk related quirks to pre_reset and post_reset quirks
bus: ti-sysc: Consider non-existing registers too when matching quirks
bus: ti-sysc: Handle module unlock quirk needed for some RTC
bus: ti-sysc: Detect display subsystem related devices
arm64: dts: g12-common: add parkmode_disable_ss_quirk on DWC3 controller
bus: ti-sysc: Detect EDMA and set quirk flags for tptc
ALSA: usb-audio: Add support for MOTU MicroBook IIc
Input: goodix - fix touch coordinates on Cube I15-TC
ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8)
doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode
mmc: sdhci: do not enable card detect interrupt for gpio cd type
ALSA: usb-audio: Rewrite registration quirk handling
ACPI: video: Use native backlight on Acer Aspire 5783z
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S
ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2
Input: mms114 - add extra compatible for mms345l
ACPI: video: Use native backlight on Acer TravelMate 5735Z
bus: ti-sysc: Use optional clocks on for enable and wait for softreset bit
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S
iio:health:afe4404 Fix timestamp alignment and prevent data leak.
soundwire: intel: fix memory leak with devm_kasprintf
dmaengine: sh: usb-dmac: set tx_result parameters
phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked
arm64: dts: meson: add missing gxl rng clock
arm64: dts: meson-gxl-s805x: reduce initial Mali450 core frequency
bus: ti-sysc: Fix wakeirq sleeping function called from invalid context
bus: ti-sysc: Fix sleeping function called from invalid context for RTC quirk
bus: ti-sysc: Do not disable on suspend for no-idle
iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()'
dmaengine: dw: Initialize channel before each transfer
dmaengine: dmatest: stop completed threads when running without set channel
spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
usb: gadget: udc: atmel: fix uninitialized read in debug printk
staging: comedi: verify array index is correct before using it
clk: mvebu: ARMADA_AP_CPU_CLK needs to select ARMADA_AP_CP_HELPER
clk: AST2600: Add mux for EMMC clock
NFS: Fix interrupted slots by sending a solo SEQUENCE operation
fuse: don't ignore errors from fuse_writepages_fill()
ARM: dts: Fix dcan driver probe failed on am437x platform
Revert "thermal: mediatek: fix register index error"
xprtrdma: fix incorrect header size calculations
ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
arm64: dts: spcfpga: Align GIC, NAND and UART nodenames with dtschema
keys: asymmetric: fix error return code in software_key_query()
regmap: debugfs: Don't sleep while atomic for fast_io regmaps
copy_xstate_to_kernel: Fix typo which caused GDB regression
arm: dts: mt7623: add phy-mode property for gmac2
soc: qcom: socinfo: add missing soc_id sysfs entry
apparmor: ensure that dfa state tables have entries
habanalabs: Align protection bits configuration of all TPCs
PCI/PM: Call .bridge_d3() hook only if non-NULL
perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode
soc: qcom: rpmh: Update dirty flag only when data changes
soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data
soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS
soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request
RDMA/mlx5: Verify that QP is created with RQ or SQ
mtd: rawnand: marvell: Fix the condition on a return code
mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered
mtd: rawnand: marvell: Fix probe error path
mtd: rawnand: timings: Fix default tR_max and tCCS_min timings
mtd: rawnand: brcmnand: correctly verify erased pages
mtd: rawnand: brcmnand: fix CS0 layout
mtd: rawnand: oxnas: Keep track of registered devices
mtd: rawnand: oxnas: Unregister all devices on error
mtd: rawnand: oxnas: Release all devices in the _remove() path
clk: qcom: gcc: Add GPU and NPU clocks for SM8150
clk: qcom: gcc: Add missing UFS clocks for SM8150
slimbus: core: Fix mismatch in of_node_get/put
HID: logitech-hidpp: avoid repeated "multiplier = " log messages
HID: magicmouse: do not set up autorepeat
HID: quirks: Always poll Obins Anne Pro 2 keyboard
HID: quirks: Ignore Simply Automated UPB PIM
ALSA: line6: Perform sanity check for each URB creation
ALSA: line6: Sync the pending work cancel at disconnection
ALSA: usb-audio: Fix race against the error recovery URB submission
ALSA: hda/realtek - change to suitable link model for ASUS platform
ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289
ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
ALSA: hda/realtek - Enable Speaker for ASUS UX563
USB: c67x00: fix use after free in c67x00_giveback_urb
usb: dwc2: Fix shutdown callback in platform
usb: chipidea: core: add wakeup support for extcon
usb: gadget: function: fix missing spinlock in f_uac1_legacy
USB: serial: iuu_phoenix: fix memory corruption
USB: serial: cypress_m8: enable Simply Automated UPB PIM
USB: serial: ch341: add new Product ID for CH340
USB: serial: option: add GosunCn GM500 series
USB: serial: option: add Quectel EG95 LTE modem
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
virt: vbox: Fix guest capabilities mask check
Revert "tty: xilinx_uartps: Fix missing id assignment to the console"
virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial
serial: mxs-auart: add missed iounmap() in probe failure and remove
ovl: fix regression with re-formatted lower squashfs
ovl: inode reference leak in ovl_is_inuse true case.
ovl: relax WARN_ON() when decoding lower directory file handle
ovl: fix unneeded call to ovl_change_flags()
fuse: ignore 'data' argument of mount(..., MS_REMOUNT)
fuse: use ->reconfigure() instead of ->remount_fs()
fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS
Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"
mei: bus: don't clean driver pointer
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
Input: elan_i2c - add more hardware ID for Lenovo laptops
uio_pdrv_genirq: Remove warning when irq is not specified
uio_pdrv_genirq: fix use without device tree and no interrupt
scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
timer: Prevent base->clk from moving backward
timer: Fix wheel index calculation on last level
riscv: use 16KB kernel stack on 64-bit
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey
powerpc/pseries/svm: Fix incorrect check for shared_lppaca_size
intel_th: pci: Add Jasper Lake CPU support
intel_th: pci: Add Tiger Lake PCH-H support
intel_th: pci: Add Emmitsburg PCH support
intel_th: Fix a NULL dereference when hub driver is not loaded
dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler
dmaengine: fsl-edma-common: correct DSIZE_32BYTE
misc: atmel-ssc: lock with mutex instead of spinlock
thermal: int3403_thermal: Downgrade error message
thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power
arm64: ptrace: Override SPSR.SS when single-stepping is enabled
arm64: ptrace: Consistently use pseudo-singlestep exceptions
arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
sched: Fix unreliable rseq cpu_id for new tasks
sched/fair: handle case of task_h_load() returning 0
genirq/affinity: Handle affinity setting on inactive interrupts correctly
drm/amdgpu/sdma5: fix wptr overwritten in ->get_wptr()
drm/i915/gt: Ignore irq enabling on the virtual engines
block: fix splitting segments on boundary masks
block: fix get_max_segment_size() overflow on 32bit arch
libceph: don't omit recovery_deletes in target_copy()
rxrpc: Fix trace string
spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
ionic: export features for vlans to use
iommu/vt-d: Make Intel SVM code 64-bit only
drm/i915/gvt: Fix two CFL MMIO handling caused by regression.
gpio: pca953x: disable regmap locking for automatic address incrementing
Linux 5.4.53
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2347f0f12d1e95a90cff2f3999940e1f82231df2
|
||
John Johansen
|
d79e57db45 |
apparmor: ensure that dfa state tables have entries
commit c27c6bd2c4d6b6bb779f9b722d5607993e1d5e5c upstream.
Currently it is possible to specify a state machine table with 0 length,
this is not valid as optional tables are specified by not defining
the table as present. Further this allows by-passing the base tables
range check against the next/check tables.
Fixes:
|
||
|
Blagovest Kolenichev
|
c8f071d27c |
Merge android-5.4-stable.50 (a200ad5) into msm-5.4
* refs/heads/tmp-a200ad5:
Revert "usb: dwc3: gadget: Properly handle ClearFeature(halt)"
Revert "ANDROID: kbuild: merge more sections with LTO"
Revert "FROMLIST: f2fs: fix use-after-free when accessing bio->bi_crypt_context"
Linux 5.4.50
Revert "tty: hvc: Fix data abort due to race in hvc_open"
xfs: add agf freeblocks verify in xfs_agf_verify
dm writecache: add cond_resched to loop in persistent_memory_claim()
dm writecache: correct uncommitted_block when discarding uncommitted entry
xprtrdma: Fix handling of RDMA_ERROR replies
NFSv4 fix CLOSE not waiting for direct IO compeletion
pNFS/flexfiles: Fix list corruption if the mirror count changes
SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment()
sunrpc: fixed rollback in rpc_gssd_dummy_populate()
Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate()
drm/amdgpu: add fw release for sdma v5_0
drm/radeon: fix fb_div check in ni_init_smc_spll_table()
drm: rcar-du: Fix build error
drm/amd: fix potential memleak in err branch
ring-buffer: Zero out time extend if it is nested and not absolute
tracing: Fix event trigger to accept redundant spaces
arm64: dts: imx8mn-ddr4-evk: correct ldo1/ldo2 voltage range
arm64: dts: imx8mm-evk: correct ldo1/ldo2 voltage range
arm64: perf: Report the PC value in REGS_ABI_32 mode
mm/memcontrol.c: add missed css_put()
ocfs2: fix panic on nfs server over ocfs2
ocfs2: fix value of OCFS2_INVALID_SLOT
ocfs2: load global_inode_alloc
ocfs2: avoid inode removal while nfsd is accessing it
mm/slab: use memzero_explicit() in kzfree()
btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof
btrfs: check if a log root exists before locking the log_mutex on unlink
btrfs: fix data block group relocation failure due to concurrent scrub
btrfs: fix bytes_may_use underflow when running balance and scrub in parallel
x86/asm/64: Align start of __clear_user() loop to 16-bytes
x86/cpu: Use pinning mask for CR4 bits needing to be 0
KVM: VMX: Stop context switching MSR_IA32_UMWAIT_CONTROL
KVM: nVMX: Plumb L2 GPA through to PML emulation
KVM: X86: Fix MSR range of APIC registers in X2APIC mode
erofs: fix partially uninitialized misuse in z_erofs_onlinepage_fixup
ACPI: configfs: Disallow loading ACPI tables when locked down
ACPI: sysfs: Fix pm_profile_attr type
ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems
ALSA: hda/realtek - Add quirk for MSI GE63 laptop
ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table
RISC-V: Don't allow write+exec only page mapping request in mmap
block: update hctx map when use multiple maps
blktrace: break out of blktrace setup on concurrent calls
kprobes: Suppress the suspicious RCU warning on kprobes
recordmcount: support >64k sections
kbuild: improve cc-option to clean up all temporary files
arm64: sve: Fix build failure when ARM64_SVE=y and SYSCTL=n
s390/vdso: fix vDSO clock_getres()
s390/vdso: Use $(LD) instead of $(CC) to link vDSO
s390/ptrace: fix setting syscall number
s390/ptrace: pass invalid syscall numbers to tracing
pinctrl: tegra: Use noirq suspend/resume callbacks
pinctrl: qcom: spmi-gpio: fix warning about irq chip reusage
test_objagg: Fix potential memory leak in error handling
net: alx: fix race condition in alx_remove
ibmvnic: Harden device login requests
hwrng: ks-sa - Fix runtime PM imbalance on error
riscv/atomic: Fix sign extension for RV64I
drm/amd/display: Use kfree() to free rgb_user in calculate_user_regamma_ramp()
ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function
sata_rcar: handle pm_runtime_get_sync failure cases
sched/core: Fix PI boosting between RT and DEADLINE tasks
sched/deadline: Initialize ->dl_boosted
afs: Fix storage of cell names
i2c: core: check returned size of emulated smbus block read
i2c: fsi: Fix the port number field in status register
clk: sifive: allocate sufficient memory for struct __prci_data
net: bcmgenet: use hardware padding of runt frames
netfilter: ipset: fix unaligned atomic access
nvme: don't protect ns mutation with ns->head->lock
usb: renesas_usbhs: getting residue from callback_result
usb: gadget: udc: Potential Oops in error handling code
scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset()
ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
cxgb4: move handling L2T ARP failures to caller
net: qede: fix use-after-free on recovery and AER handling
net: qede: fix PTP initialization on recovery
net: qed: fix excessive QM ILT lines consumption
net: qed: fix NVMe login fails over VFs
net: qede: stop adding events on an already destroyed workqueue
net: qed: fix async event callbacks unregistering
net: qed: fix left elements count calculation
iommu/vt-d: Update scalable mode paging structure coherency
iommu/vt-d: Enable PCI ACS for platform opt in hint
selftests/net: report etf errors correctly
RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads()
s390/qeth: fix error handling for isolation mode cmds
ASoC: rockchip: Fix a reference count leak.
RDMA/cma: Protect bind_list and listen_list while finding matching cm id
RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532
RDMA/rvt: Fix potential memory leak caused by rvt_alloc_rq
rxrpc: Fix handling of rwind from an ACK packet
ARM: dts: NSP: Correct FA2 mailbox node
bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE
devmap: Use bpf_map_area_alloc() for allocating hash buckets
regmap: Fix memory leak from regmap_register_patch
x86/resctrl: Fix a NULL vs IS_ERR() static checker warning in rdt_cdp_peer_get()
ARM: dts: Fix duovero smsc interrupt for suspend
ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect
bpf, xdp, samples: Fix null pointer dereference in *_user code
samples/bpf: xdp_redirect_cpu: Set MAX_CPUS according to NR_CPUS
ASoC: fsl_ssi: Fix bclk calculation for mono channel
RDMA/siw: Fix pointer-to-int-cast warning in siw_rx_pbl()
regualtor: pfuze100: correct sw1a/sw2 on pfuze3000
ASoC: qcom: common: set correct directions for dailinks
ASoc: q6afe: add support to get port direction
efi/esrt: Fix reference count leak in esre_create_sysfs_entry.
efi/tpm: Verify event log header before parsing
ASoC: q6asm: handle EOS correctly
xfrm: Fix double ESP trailer insertion in IPsec crypto offload.
ARM: OMAP2+: Fix legacy mode dss_reset
bus: ti-sysc: Ignore clockactivity unless specified as a quirk
bus: ti-sysc: Flush posted write on enable and disable
IB/hfi1: Fix module use count flaw due to leftover module put calls
IB/mad: Fix use after free when destroying MAD agent
loop: replace kill_bdev with invalidate_bdev
cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip
xhci: Return if xHCI doesn't support LPM
xhci: Fix enumeration issue when setting max packet size for FS devices.
xhci: Fix incorrect EP_STATE_MASK
cifs/smb3: Fix data inconsistent when zero file range
cifs/smb3: Fix data inconsistent when punch hole
cifs: Fix cached_fid refcnt leak in open_shroot
scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action
scsi: qla2xxx: Keep initiator ports after RSCN
usb: cdns3: ep0: add spinlock for cdns3_check_new_setup
usb: cdns3: ep0: fix the test mode set incorrectly
usb: cdns3: trace: using correct dir value
ALSA: usb-audio: Fix OOB access of mixer element list
ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG)
ALSA: usb-audio: add quirk for Denon DCD-1500RE
ALSA: usb-audio: Add implicit feedback quirk for SSL2+.
usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs
usb: host: ehci-exynos: Fix error check in exynos_ehci_probe()
xhci: Poll for U0 after disabling USB2 LPM
usb: host: xhci-mtk: avoid runtime suspend when removing hcd
USB: ehci: reopen solution for Synopsys HC bug
usb: add USB_QUIRK_DELAY_INIT for Logitech C922
usb: dwc2: Postponed gadget registration to the udc class driver
USB: ohci-sm501: Add missed iounmap() in remove
binder: fix null deref of proc->context
ALSA: usb-audio: Fix potential use-after-free of streams
fix a braino in "sparc32: fix register window handling in genregs32_[gs]et()"
net: sched: export __netdev_watchdog_up()
btrfs: fix a block group ref counter leak after failure to remove block group
Revert "i2c: tegra: Fix suspending in active runtime PM state"
tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT
sch_cake: fix a few style nits
sch_cake: don't call diffserv parsing code when it is not needed
sch_cake: don't try to reallocate or unshare skb unconditionally
ip_tunnel: fix use-after-free in ip_tunnel_lookup()
net: phy: Check harder for errors in get_phy_id()
ip6_gre: fix use-after-free in ip6gre_tunnel_lookup()
tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes
tcp: grow window for OOO packets only for SACK flows
tcp: don't ignore ECN CWR on pure ACK
sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket
rxrpc: Fix notification call on completion of discarded calls
rocker: fix incorrect error handling in dma_rings_init
openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len
net: usb: ax88179_178a: fix packet alignment padding
net: increment xmit_recursion level in dev_direct_xmit()
net: Fix the arp error in some cases
net: fix memleak in register_netdevice()
net: Do not clear the sock TX queue in sk_set_socket()
net: core: reduce recursion limit value
net: bridge: enfore alignment for ethernet address
mvpp2: ethtool rxtx stats fix
mld: fix memory leak in ipv6_mc_destroy_dev()
ibmveth: Fix max MTU limit
geneve: allow changing DF behavior after creation
enetc: Fix tx rings bitmap iteration range, irq handling
block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed
ANDROID: GKI: revert part of the ufshcd_* export removals
ANDROID: GKI: update ABI definitions based on recent wifi backports
BACKPORT: cfg80211: Configure PMK lifetime and reauth threshold for PMKSA entries
BACKPORT: nl80211: add no pre-auth attribute and ext. feature flag for ctrl. port
BACKPORT: nl80211: modify TID-config API
BACKPORT: nl80211: Add NL command to support TID speicific configurations
BACKPORT: cfg80211: Support key configuration for Beacon protection (BIGTK)
BACKPORT: cfg80211: More error messages for key addition failures
BACKPORT: cfg80211: Enhance the AKM advertizement to support per interface.
BACKPORT: nl80211: add handling for BSS color
BACKPORT: cfg80211: VLAN offload support for set_key and set_sta_vlan
Revert "ANDROID: fscrypt: add key removal notifier chain"
UPSTREAM: scsi: ufs: Fix imprecise load calculation in devfreq window
UPSTREAM: scsi: ufs: Add trace event for UIC commands
UPSTREAM: scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices
UPSTREAM: scsi: ufs-mediatek: Allow unbound mphy
UPSTREAM: scsi: ufs-mediatek: Fix unbalanced clock on/off
UPSTREAM: scsi: ufs-mediatek: Introduce low-power mode for device power supply
UPSTREAM: scsi: ufs-mediatek: Do not gate clocks if auto-hibern8 is not entered yet
UPSTREAM: scsi: ufs-mediatek: Fix imprecise waiting time for ref-clk control
BACKPORT: scsi: ufs: Disable WriteBooster capability in non-supported UFS device
BACKPORT: scsi: ufs: Fix WriteBooster flush during runtime suspend
BACKPORT: scsi: ufs: Fix index of attributes query for WriteBooster feature
BACKPORT: scsi: ufs: Allow WriteBooster on UFS 2.2 devices
UPSTREAM: scsi: ufs-mediatek: Customize WriteBooster flush policy
UPSTREAM: scsi: ufs: Customize flush threshold for WriteBooster
BACKPORT: scsi: ufs: Introduce ufs_hba_variant_params to group customizable parameters
UPSTREAM: scsi: ufs-mediatek: Make ufs_mtk_fixup_dev_quirks static
UPSTREAM: scsi: ufs: Cleanup WriteBooster feature
UPSTREAM: scsi: ufs-mediatek: Enable WriteBooster capability
BACKPORT: scsi: ufs: Add LU Dedicated buffer mode support for WriteBooster
BACKPORT: scsi: ufs: Add "index" in parameter list of ufshcd_query_flag()
UPSTREAM: scsi: ufs-mediatek: Add fixup_dev_quirks vops
UPSTREAM: scsi: ufs: Export ufs_fixup_device_setup() function
BACKPORT: scsi: ufs: Introduce fixup_dev_quirks vops
UPSTREAM: scsi: ufs-mediatek: add error recovery for suspend and resume
UPSTREAM: scsi: ufs: export ufshcd_link_recovery
UPSTREAM: scsi: ufs-mediatek: customize the delay for enabling host
UPSTREAM: scsi: ufs: make HCE polling more compact to improve initialization latency
BACKPORT: scsi: ufs: allow custom delay prior to host enabling
UPSTREAM: scsi: ufs-mediatek: use common delay function
UPSTREAM: scsi: ufs: introduce common and flexible delay function
UPSTREAM: scsi: ufs: fix uninitialized tx_lanes in ufshcd_disable_tx_lcc()
UPSTREAM: scsi: ufs-mediatek: fix HOST_PA_TACTIVATE quirk for Samsung UFS Devices
BACKPORT: scsi: ufs: Add max_lu_supported in struct ufs_dev_info
ANDROID: GKI: remove ufshcd_* exports from whitelists
ANDROID: GKI: enable CONFIG_SCSI_UFS_DWC_TC_PLATFORM
ANDROID: GKI: enable QCOM and HISI UFS drivers
ANDROID: GKI: enable UFS for x86 gki builds and SCSI_UFSHCD_PCI
UPSTREAM: amba: Retry adding deferred devices at late_initcall
ANDROID: GKI: Enable INTERVAL_TREE
FROMGIT: binder: fix null deref of proc->context
ANDROID: Makefile: append BUILD_NUMBER to version string when defined
ANDROID: GKI: update the abi definitions due to 5.4.49 and padding
ANDROID: GKI: USB: Gadget: add Android ABI padding to struct usb_gadget
ANDROID: GKI: sound/usb/card.h: add Android ABI padding to struct snd_usb_endpoint
ANDROID: ext4: Optimize match for casefolded encrypted dirs
ANDROID: ext4: Handle casefolding with encryption
Linux 5.4.49
net: core: device_rename: Use rwsem instead of a seqcount
sched/rt, net: Use CONFIG_PREEMPTION.patch
pwm: jz4740: Enhance precision in calculation of duty cycle
net: octeon: mgmt: Repair filling of RX ring
e1000e: Do not wake up the system via WOL if device wakeup is disabled
kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex
tracing/probe: Fix memleak in fetch_op_data operations
crypto: algboss - don't wait during notifier callback
crypto: algif_skcipher - Cap recv SG list at ctx->used
Revert "drm/amd/display: disable dcn20 abm feature for bring up"
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
drm/amd/display: Use kvfree() to free coeff in build_regamma()
drm/connector: notify userspace on hotplug after register complete
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser
drm/i915/gem: Avoid iterating an empty list
drm/msm: Check for powered down HW in the devfreq callbacks
drm/i915: Fix AUX power domain toggling across TypeC mode resets
s390: fix syscall_get_error for compat processes
f2fs: avoid utf8_strncasecmp() with unstable name
f2fs: split f2fs_d_compare() from f2fs_match_name()
net/mlx5: DR, Fix freeing in dr_create_rc_qp()
block: nr_sects_write(): Disable preemption on seqcount write
x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld
drm/amd/display: Use swap() where appropriate
drm/dp_mst: Increase ACT retry timeout to 3s
ext4: avoid race conditions when remounting with options that change dax
jbd2: clean __jbd2_journal_abort_hard() and __journal_abort_soft()
selinux: fix double free
drm/amdgpu: Replace invalid device ID with a valid device ID
drm/qxl: Use correct notify port address when creating cursor ring
drm/dp_mst: Reformat drm_dp_check_act_status() a bit
ext4: avoid utf8_strncasecmp() with unstable name
ext4: fix partial cluster initialization when splitting extent
drm: encoder_slave: fix refcouting error for modules
libata: Use per port sync for detach
arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
mvpp2: remove module bugfix
block: Fix use-after-free in blkdev_get()
scsi: ufs-bsg: Fix runtime PM imbalance on error
bnxt_en: Return from timer if interface is not in open state.
afs: Fix the mapping of the UAEOVERFLOW abort code
afs: Set error flag rather than return error from file status decode
afs: Always include dir in bulk status fetch from afs_do_lookup()
afs: Fix EOF corruption
afs: afs_write_end() should change i_size under the right lock
afs: Fix non-setting of mtime when writing into mmap
powerpc: Fix kernel crash in show_instructions() w/DEBUG_VIRTUAL
bcache: fix potential deadlock problem in btree_gc_coalesce
ext4: stop overwrite the errcode in ext4_setup_super
perf stat: Fix NULL pointer dereference
perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events()
usb/ehci-platform: Set PM runtime as active on resume
usb: host: ehci-platform: add a quirk to avoid stuck
usb/xhci-plat: Set PM runtime as active on resume
bpf: Fix memlock accounting for sock_hash
iavf: fix speed reporting over virtchnl
xdp: Fix xsk_generic_xmit errno
nfs: set invalid blocks after NFSv4 writes
nvme-pci: use simple suspend when a HMB is enabled
net/filter: Permit reading NET in load_bytes_relative when MAC not set
x86/idt: Keep spurious entries unset in system_vectors
scsi: acornscsi: Fix an error handling path in acornscsi_probe()
libbpf: Handle GCC noreturn-turned-volatile quirk
drm/sun4i: hdmi ddc clk: Fix size of m divider
tracing/probe: Fix bpf_task_fd_query() for kprobes and uprobes
bpf, sockhash: Synchronize delete from bucket list on map free
bpf/sockmap: Fix kernel panic at __tcp_bpf_recvmsg
ASoC: rt5645: Add platform-data for Asus T101HA
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet
ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags
ASoC: core: only convert non DPCM link to DPCM link
afs: Fix memory leak in afs_put_sysnames()
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
selftests/net: in timestamping, strncpy needs to preserve null byte
drivers/perf: hisi: Fix wrong value for all counters enable
i2c: icy: Fix build with CONFIG_AMIGA_PCMCIA=n
NTB: ntb_test: Fix bug when counting remote files
NTB: perf: Fix race condition when run with ntb_test
NTB: perf: Fix support for hardware that doesn't have port numbers
NTB: perf: Don't require one more memory window than number of peers
NTB: Revert the change to use the NTB device dev for DMA allocations
NTB: ntb_tool: reading the link file should not end in a NULL byte
ntb_tool: pass correct struct device to dma_alloc_coherent
ntb_perf: pass correct struct device to dma_alloc_coherent
net: marvell: Fix OF_MDIO config check
gfs2: fix use-after-free on transaction ail lists
blktrace: fix endianness for blk_log_remap()
blktrace: fix endianness in get_pdu_int()
blktrace: use errno instead of bi_status
selftests/vm/pkeys: fix alloc_random_pkey() to make it really random
include/linux/bitops.h: avoid clang shift-count-overflow warnings
lib/zlib: remove outdated and incorrect pre-increment optimization
geneve: change from tx_error to tx_dropped on missing metadata
crypto: omap-sham - add proper load balancing support for multicore
drm/amd/display: Revalidate bandwidth before commiting DC updates
nfsd: safer handling of corrupted c_type
pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()'
pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
scsi: ufs: Don't update urgent bkops level when toggling auto bkops
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
gfs2: Allow lock_nolock mount to specify jid=X
nfsd4: make drc_slab global, not per-net
ceph: don't return -ESTALE if there's still an open file
drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection
openrisc: Fix issue with argument clobbering for clone/fork
rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID
mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe()
rtc: rv3028: Add missed check for devm_regmap_init_i2c()
vfio/mdev: Fix reference count leak in add_mdev_supported_type
ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
powerpc/4xx: Don't unmap NULL mbase
input: i8042 - Remove special PowerPC handling
of: Fix a refcounting bug in __of_attach_node_sysfs()
NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION
net: sunrpc: Fix off-by-one issues in 'rpc_ntop6'
/dev/mem: Revoke mappings when a driver claims the region
misc: xilinx-sdfec: improve get_user_pages_fast() error handling
clk: ast2600: Fix AHB clock divider for A1
clk: sprd: return correct type of value for _sprd_pll_recalc_rate
KVM: PPC: Book3S: Fix some RCU-list locks
KVM: PPC: Book3S HV: Ignore kmemleak false positives
scsi: ufs-qcom: Fix scheduling while atomic issue
clk: bcm2835: Fix return type of bcm2835_register_gate
scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd()
ASoC: fix incomplete error-handling in img_i2s_in_probe.
powerpc/32s: Don't warn when mapping RO data ROX.
mfd: stmfx: Disable IRQ in suspend to avoid spurious interrupt
mfd: stmfx: Fix stmfx_irq_init error path
mfd: stmfx: Reset chip on resume as supply was disabled
x86/apic: Make TSC deadline timer detection message visible
RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove
scripts: headers_install: Exit with error on config leak
usb: gadget: Fix issue with config_ep_by_speed function
usb: gadget: fix potential double-free in m66592_probe.
usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check
USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke
usb: dwc2: gadget: move gadget resume after the core is in L0 state
watchdog: da9062: No need to ping manually before setting timeout
IB/cma: Fix ports memory leak in cma_configfs
PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link
PCI: dwc: Fix inner MSI IRQ domain registration
PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone
powerpc/64s/pgtable: fix an undefined behaviour
arm64: tegra: Fix flag for 64-bit resources in 'ranges' property
arm64: tegra: Fix ethernet phy-mode for Jetson Xavier
fuse: copy_file_range should truncate cache
fuse: fix copy_file_range cache issues
firmware: imx: scu: Fix possible memory leak in imx_scu_probe()
scsi: target: tcmu: Userspace must not complete queued commands
RDMA/hns: Fix cmdq parameter of querying pf timer resource
RDMA/hns: Bugfix for querying qkey
clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
fpga: dfl: afu: Corrected error handling levels
tty: n_gsm: Fix bogus i++ in gsm_data_kick
USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
usb/ohci-platform: Fix a warning when hibernating
vfio-pci: Mask cap zero
powerpc/ps3: Fix kexec shutdown hang
drivers: phy: sr-usb: do not use internal fsm for USB2 phy init
powerpc/pseries/ras: Fix FWNMI_VALID off by one
powerpc/64s/exception: Fix machine check no-loss idle wakeup
ipmi: use vzalloc instead of kmalloc for user creation
habanalabs: increase timeout during reset
PCI/PM: Assume ports without DLL Link Active train links in 100 ms
HID: Add quirks for Trust Panora Graphic Tablet
ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback
tty: n_gsm: Fix waking up upper tty layer when room available
tty: n_gsm: Fix SOF skipping
powerpc/64: Don't initialise init_task->thread.regs
PCI: Fix pci_register_host_bridge() device_register() error handling
clk: ti: composite: fix memory leak
USB: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe()
dlm: remove BUG() before panic()
pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map
ASoC: ti: omap-mcbsp: Fix an error handling path in 'asoc_mcbsp_probe()'
ASoC: ux500: mop500: Fix some refcounted resources issues
SoC: rsnd: add interrupt support for SSI BUSIF buffer
scsi: mpt3sas: Fix double free warnings
scsi: target: loopback: Fix READ with data and sensebytes
arm64: dts: msm8996: Fix CSI IRQ types
ASoC: SOF: core: fix error return code in sof_probe_continue()
power: supply: smb347-charger: IRQSTAT_D is volatile
power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()'
ALSA: firewire-lib: fix invalid assignment to union data for directional parameter
scsi: qla2xxx: Fix warning after FC target reset
PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
PCI: rcar: Fix incorrect programming of OB windows
drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish
serial: amba-pl011: Make sure we initialize the port.lock spinlock
i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths
staging: sm750fb: add missing case while setting FB_VISUAL
staging: wilc1000: Increase the size of wid_list array
usb: dwc3: gadget: Properly handle failed kick_transfer
usb: dwc3: gadget: Properly handle ClearFeature(halt)
HID: intel-ish-hid: avoid bogus uninitialized-variable warning
soundwire: slave: don't init debugfs on device registration error
ASoC: max98373: reorder max98373_reset() in resume
clk: meson: meson8b: Don't rely on u-boot to init all GP_PLL registers
thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR
gpio: pca953x: fix handling of automatic address incrementing
clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits
clk: meson: meson8b: Fix the polarity of the RESET_N lines
clk: meson: meson8b: Fix the first parent of vid_pll_in_sel
slimbus: ngd: get drvdata from correct device
tty: hvc: Fix data abort due to race in hvc_open
s390/qdio: put thinint indicator after early error
ALSA: usb-audio: Fix racy list management in output queue
ALSA: usb-audio: Improve frames size computation
staging: gasket: Fix mapping refcnt leak when register/store fails
staging: gasket: Fix mapping refcnt leak when put attribute fails
firmware: qcom_scm: fix bogous abuse of dma-direct internals
arm64: dts: qcom: fix pm8150 gpio interrupts
virtiofs: schedule blocking async replies in separate worker
pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries
scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing
gpio: dwapb: Append MODULE_ALIAS for platform driver
RDMA/mlx5: Fix udata response upon SRQ creation
ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity
arm64: dts: qcom: msm8916: remove unit name for thermal trip points
scsi: qedi: Do not flush offload work if ARP not resolved
arm64: dts: mt8173: fix unit name warnings
staging: greybus: fix a missing-check bug in gb_lights_light_config()
x86/purgatory: Disable various profiling and sanitizing options
apparmor: fix nnp subset test for unconfined
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
scsi: sr: Fix sr_probe() missing deallocate of device minor
bpf, sockhash: Fix memory leak when unlinking sockets in sock_hash_free
ASoC: meson: add missing free_irq() in error path
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
apparmor: check/put label on apparmor_sk_clone_security()
net: dsa: lantiq_gswip: fix and improve the unsupported interface error
apparmor: fix introspection of of task mode for unconfined tasks
mksysmap: Fix the mismatch of '.L' symbols in System.map
NTB: Fix the default port and peer numbers for legacy drivers
NTB: ntb_pingpong: Choose doorbells based on port number
yam: fix possible memory leak in yam_init_driver
sparc32: mm: Don't try to free page-table pages if ctor() fails
pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
powerpc/crashkernel: Take "mem=" option into account
ASoC: qcom: q6asm-dai: kCFI fix
cifs: set up next DFS target before generic_ip_connect()
RDMA/core: Fix several reference count leaks.
PCI: vmd: Filter resource type bits from shadow register
nfsd: Fix svc_xprt refcnt leak when setup callback client failed
powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run
IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
clk: clk-flexgen: fix clock-critical handling
scsi: vhost: Notify TCM about the maximum sg entries supported per command
scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event
clk: zynqmp: fix memory leak in zynqmp_register_clocks
scsi: cxgb3i: Fix some leaks in init_act_open()
mfd: wm8994: Fix driver operation if loaded as modules
powerpc/ptdump: Add _PAGE_COHERENT flag
usb: gadget: core: sync interrupt before unbind the udc
gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration
m68k/PCI: Fix a memory leak in an error handling path
PCI: pci-bridge-emul: Fix PCIe bit conflicts
scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
RDMA/mlx5: Add init2init as a modify command
coresight: tmc: Fix TMC mode read in tmc_read_prepare_etb()
vfio/pci: fix memory leaks in alloc_perm_bits()
arm64: dts: fvp/juno: Fix node address fields
ps3disk: use the default segment boundary
PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register
arm64: dts: fvp: Fix GIC child nodes
ASoC: SOF: Do nothing when DSP PM callbacks are not set
clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling
pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2
arm64: dts: juno: Fix GIC child nodes
arm64: dts: armada-3720-turris-mox: fix SFP binding
arm64: dts: armada-3720-turris-mox: forbid SDR104 on SDIO for FCC purposes
dm mpath: switch paths in dm_blk_ioctl() code path
misc: fastrpc: fix potential fastrpc_invoke_ctx leak
misc: fastrpc: Fix an incomplete memory release in fastrpc_rpmsg_probe()
serial: 8250: Fix max baud limit in generic 8250 port
usblp: poison URBs upon disconnect
clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical
remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use
i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
f2fs: report delalloc reserve as non-free in statfs for project quota
iio: bmp280: fix compensation of humidity
rtc: mc13xxx: fix a double-unlock issue
powerpc/kasan: Fix stack overflow by increasing THREAD_SHIFT
Input: edt-ft5x06 - fix get_default register write access
scsi: qla2xxx: Fix issue with adapter's stopping state
PCI: Allow pci_resize_resource() for devices on root bus
ALSA: isa/wavefront: prevent out of bounds write in ioctl
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO
arm64: dts: meson: fixup SCP sram nodes
scsi: qedi: Check for buffer overflow in qedi_set_path()
scsi: core: free sgtables in case command setup fails
ARM: dts: stm32: Add missing ethernet PHY reset on AV96
ARM: integrator: Add some Kconfig selections
ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
ARM: dts: renesas: Fix IOMMU device node names
backlight: lp855x: Ensure regulators are disabled on probe failure
ASoC: fsl_esai: Disable exception interrupt before scheduling tasklet
clk: qcom: msm8916: Fix the address location of pll->config_reg
remoteproc: Fix IDR initialisation in rproc_alloc()
iio: pressure: bmp280: Tolerate IRQ before registering
ASoC: SOF: imx8: Fix randbuild error
i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
ASoC: tegra: tegra_wm8903: Support nvidia, headset property
clk: sunxi: Fix incorrect usage of round_down()
power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select
ANDROID: abi_gki_aarch64_qcom_whitelist: Add reboot_mode
ANDROID: Update kabi for db845c (following moving pinctrl to a module)
ANDROID: GKI: Remove msm_pinctrl-* symbols from the abi lists
ANDROID: db845c_gki.fragment: Add PINCTRL_MSM=m
ANDROID: GKI: Remove PINCTRL_MSM as built in driver
ANDROID: pinctrl: qcom: Allow pinctrl-msm code to be loadable as a module
ANDROID: GKI: update ABI after struct vm_fault changes
ANDROID: GKI: mm: add struct vm_fault fields for SPECULATIVE_PAGE_FAULTS
FROMLIST: f2fs: fix use-after-free when accessing bio->bi_crypt_context
ANDROID: GKI: Update ABI for incremental fs
ANDROID: GKI: Update whitelist and defconfig for incfs
ANDROID: gki_defconfig: x86: Enable KERNEL_LZ4
ANDROID: GKI: scripts: Makefile: update the lz4 command
ANDROID: Use depmod from the hermetic toolchain
ANDROID: ABI/Whitelist: update symbols of unisoc whitelist
Linux 5.4.48
perf symbols: Fix kernel maps for kcore and eBPF
perf symbols: Fix debuginfo search for Ubuntu
perf probe: Check address correctness by map instead of _etext
perf probe: Fix to check blacklist address correctly
perf probe: Do not show the skipped events
f2fs: fix checkpoint=disable:%u%%
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
mtd: rawnand: tmio: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: pasemi: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: sunxi: Fix the probe error path
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: ingenic: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: onfi: Fix redundancy detection check
mtd: rawnand: Fix nand_gpio_waitrdy()
sunrpc: clean up properly in gss_mech_unregister()
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/32: Disable KASAN with pages bigger than 16k
powerpc/kasan: Fix shadow pages allocation failure
powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END
powerpc/32s: Fix another build failure with CONFIG_PPC_KUAP_DEBUG
drivers/macintosh: Fix memleak in windfarm_pm112 driver
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
soc/tegra: pmc: Select GENERIC_PINCONF
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
kernel/cpu_pm: Fix uninitted local in cpu_pm
powerpc/fadump: Account for memory_limit while reserving memory
powerpc/fadump: consider reserved ranges while reserving memory
powerpc/fadump: use static allocation for reserved memory ranges
alpha: fix memory barriers so that they conform to the specification
dm crypt: avoid truncating the logical block size
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
sparc32: fix register window handling in genregs32_[gs]et()
gnss: sirf: fix error return code in sirf_probe()
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
power: supply: core: fix memory leak in HWMON error path
power: supply: core: fix HWMON temperature labels
power: vexpress: add suppress_bind_attrs to true
EDAC/amd64: Add AMD family 17h model 60h PCI IDs
hwmon: (k10temp) Add AMD family 17h model 60h PCI match
igb: Report speed and duplex as unknown when device is runtime suspended
clk: mediatek: assign the initial value to clk_init_data of mtk_mux
media: ov5640: fix use of destroyed mutex
b43_legacy: Fix connection problem with WPA3
b43: Fix connection problem with WPA3
b43legacy: Fix case where channel status is corrupted
Bluetooth: hci_bcm: fix freeing not-requested IRQ
serial: 8250: Avoid error message on reprobe
media: cedrus: Program output format during each run
media: go7007: fix a miss of snd_card_free
carl9170: remove P2P_GO support
e1000e: Relax condition to trigger reset for ME workaround
e1000e: Disable TSO for buffer overrun workaround
PCI: Program MPS for RCiEP devices
ima: Set again build_ima_appraise variable
ima: Remove redundant policy rule set in add_rules()
x86/amd_nb: Add AMD family 17h model 60h PCI IDs
serial: 8250_pci: Move Pericom IDs to pci_ids.h
PCI: Add Loongson vendor ID
x86/amd_nb: Add Family 19h PCI IDs
PCI: vmd: Add device id for VMD device 8086:9A0B
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
ext4: fix race between ext4_sync_parent() and rename()
ext4: fix error pointer dereference
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ima: Remove __init annotation from ima_pcrread()
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
ima: Directly assign the ima_default_policy pointer to ima_rules
ima: Evaluate error in init_ima()
ima: Switch to ima_hash_algo for boot aggregate
ima: Fix ima digest hash table key calculation
mm: call cond_resched() from deferred_init_memmap()
mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init
mm: initialize deferred pages with interrupts enabled
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
powerpc/mm: Fix conditions to perform MMU specific management by blocks on PPC32.
btrfs: fix space_info bytes_may_use underflow during space cache writeout
btrfs: fix space_info bytes_may_use underflow after nocow buffered write
btrfs: fix wrong file range cleanup after an error filling dealloc range
btrfs: fix error handling when submitting direct I/O bio
btrfs: force chunk allocation if our global rsv is larger than metadata
btrfs: send: emit file capabilities after chown
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: free alien device after device add
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE
selftests/bpf, flow_dissector: Close TAP device FD after the test
bpf: Fix running sk_skb program types with ktls
bpf: Refactor sockmap redirect code so its easy to reuse
bpf: Fix map permissions check
libbpf: Fix perf_buffer__free() API for sparse allocs
platform/x86: asus_wmi: Reserve more space for struct bias_args
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
cpuidle: Fix three reference count leaks
spi: dw: Return any value retrieved from the dma_transfer callback
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
iwlwifi: mvm: fix aux station leak
ixgbe: fix signed-integer-overflow warning
ice: fix potential double free in probe unrolling
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
bcache: fix refcount underflow in bcache_device_free()
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
PCI: Don't disable decoding when mmio_always_on is set
macvlan: Skip loopback packets in RX handler
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
btrfs: improve global reserve stealing logic
m68k: mac: Don't call via_flush_cache() on Mac IIfx
MIPS: tools: Fix resource leak in elf-entry.c
x86/mm: Stop printing BRK addresses
selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o
drm/amdgpu: Sync with VM root BO when switching VM to CPU update mode
drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven
crypto: stm32/crc32 - fix multi-instance
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
mips: Add udelay lpj numbers adjustment
mips: MAAR: Use more precise address mask
sched: Defend cfs and rt bandwidth quota against overflow
x86/boot: Correct relocation destination on old linkers
kgdboc: Use a platform device to handle tty drivers showing up late
mwifiex: Fix memory corruption in dump_station
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
veth: Adjust hard_start offset on redirect XDP frames
iocost: don't let vrate run wild while there's no saturation signal
raid5: remove gfp flags from scribble_alloc()
md: don't flush workqueue unconditionally in md_open
mt76: avoid rx reorder buffer overflow
drm/mcde: dsi: Fix return value check in mcde_dsi_bind()
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
ath10k: Remove msdu from idr when management pkt send fails
nvme-tcp: use bh_lock in data_ready
nvme-pci: align io queue count with allocted nvme_queue in nvme_probe
nvme: refine the Qemu Identify CNS quirk
iwlwifi: avoid debug max amsdu config overwriting itself
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
xfs: fix duplicate verification from xfs_qm_dqflush()
xfs: reset buffer write failure state on successful completion
kgdb: Fix spurious true from in_dbg_master()
mips: cm: Fix an invalid error code of INTVN_*_ERR
MIPS: Truncate link address into 32bit for 32bit kernel
Crypto/chcr: fix for ccm(aes) failed test
xfs: clean up the error handling in xfs_swap_extents
libertas_tf: avoid a null dereference in pointer priv
powerpc/spufs: fix copy_to_user while atomic
net: allwinner: Fix use correct return type for ndo_start_xmit()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
drivers: net: davinci_mdio: fix potential NULL dereference in davinci_mdio_probe()
selinux: fix error return code in policydb_read()
net: lpc-enet: fix error return code in lpc_mii_init()
iocost_monitor: drop string wrap around numbers when outputting json
drivers/perf: hisi: Fix typo in events attribute array
sched/core: Fix illegal RCU from offline CPUs
exit: Move preemption fixup up, move blocking operations down
lib/mpi: Fix 64-bit MIPS build with Clang
net: bcmgenet: Fix WoL with password after deep sleep
net: bcmgenet: set Rx mode before starting netif
selftests/bpf: Fix memory leak in extract_build_id()
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
dpaa2-eth: fix return codes used in ndo_setup_tc
Drivers: hv: vmbus: Always handle the VMBus messages on CPU0
audit: fix a net reference leak in audit_list_rules_send()
Bluetooth: btbcm: Add 2 missing models to subver tables
ath10k: add flush tx packets for SDIO chip
MIPS: Make sparse_init() using top-down allocation
media: platform: fcp: Set appropriate DMA parameters
media: dvb: return -EREMOTEIO on i2c transfer failure.
audit: fix a net reference leak in audit_send_reply()
drm/mediatek: set dpi pin mode to gpio low to avoid leakage current
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
e1000: Distribute switch variables for initialization
tools api fs: Make xxx__mountpoint() more scalable
regulator: qcom-rpmh: Fix typos in pm8150 and pm8150l
brcmfmac: fix wrong location to get firmware feature
spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource
media: staging/intel-ipu3: Implement lock for stream on/off operations
ath10k: fix kernel null pointer dereference
staging: android: ion: use vmap instead of vm_map_ram
x86: fix vmap arguments in map_irq_stack
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
spi: dw: Fix Rx-only DMA transfers
Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
ice: Fix for memory leaks and modify ICE_FREE_CQ_BUFS
ice: Fix memory leak
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
btrfs: account for trans_block_rsv in may_commit_transaction
media: dvbdev: Fix tuner->demod media controller link
clocksource: dw_apb_timer_of: Fix missing clockevent timers
clocksource: dw_apb_timer: Make CPU-affiliation being optional
spi: dw: Enable interrupts in accordance with DMA xfer mode
mips: Fix cpu_has_mips64r1/2 activation for MIPS32 CPUs
ACPI/IORT: Fix PMCG node single ID mapping handling
pmu/smmuv3: Clear IRQ affinity hint on device removal
kgdb: Prevent infinite recursive entries to the debugger
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
Bluetooth: Add SCO fallback for invalid LMP parameters error
MIPS: Loongson: Build ATI Radeon GPU driver as module
platform/x86: dell-laptop: don't register micmute LED if there is no token
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
lockdown: Allow unprivileged users to see lockdown status
drm: rcar-du: Set primary plane zpos immutably at initializing
block: reset mapping if failed to update hardware queue count
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
block: alloc map and request for new hardware queue
ACPICA: Dispatcher: add status checks
spi: dw: Zero DMA Tx and Rx configurations on stack
rtw88: fix an issue about leak system resources
media: staging: ipu3: Fix stale list entries on parameter queue failure
arm64: cacheflush: Fix KGDB trap detection
ath10k: remove the max_sched_scan_reqs value
efi/libstub/x86: Work around LLVM ELF quirk build regression
net: ena: fix error returning in ena_com_get_hash_function()
net: atlantic: make hw_get_regs optional
sched/fair: Refill bandwidth before scaling
x86,smap: Fix smap_{save,restore}() alternatives
spi: pxa2xx: Apply CS clk quirk to BXT
libbpf: Fix memory leak and possible double-free in hashmap__clear
arm64/kernel: Fix range on invalidating dcache for boot page tables
drm/amdgpu: Init data to avoid oops while reading pp_num_states.
spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices
objtool: Ignore empty alternatives
media: si2157: Better check for running tuner in init
media: vicodec: Fix error codes in probe function
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
media: staging: imgu: do not hold spinlock during freeing mmu page table
drm: bridge: adv7511: Extend list of audio sample rates
ath10k: Fix the race condition in firmware dump work queue
drm/amdgpu: fix and cleanup amdgpu_gem_object_close v4
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
writeback: Drop I_DIRTY_TIME_EXPIRE
writeback: Fix sync livelock due to b_dirty_time processing
writeback: Avoid skipping inode writeback
writeback: Protect inode->i_io_list with inode->i_lock
Revert "writeback: Avoid skipping inode writeback"
ANDROID: GKI: enable some more USB configfs options
Linux 5.4.47
KVM: arm64: Save the host's PtrAuth keys in non-preemptible context
KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
xen/pvcalls-back: test for errors when calling backend_connect()
block/floppy: fix contended case in floppy_queue_rq()
mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card()
mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
mmc: tmio: Further fixup runtime PM management at remove
mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
agp/intel: Reinforce the barrier after GTT updates
perf: Add cond_resched() to task_function_call()
fat: don't allow to mount if the FAT length == 0
mm/slub: fix a memory leak in sysfs_slab_add()
drm/vkms: Hold gem object while still in-use
Smack: slab-out-of-bounds in vsscanf
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
ath9k: Fix use-after-free Read in htc_connect_service
selftests/ftrace: Return unsupported if no error_log file
scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type
scsi: megaraid_sas: TM command refire leads to controller firmware crash
KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
KVM: arm64: Stop writing aarch32's CSSELR into ACTLR
KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
KVM: nSVM: leave ASID aside in copy_vmcb_control_area
KVM: nSVM: fix condition for filtering async PF
KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
video: fbdev: w100fb: Fix a potential double free.
video: vt8500lcdfb: fix fallthrough warning
EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable
cpufreq: Fix up cpufreq_boost_set_sw()
remoteproc: Fix and restore the parenting hierarchy for vdev
remoteproc: Fall back to using parent memory pool if no dedicated available
proc: Use new_inode not new_inode_pseudo
ovl: initialize error in ovl_copy_xattr
net/mlx5e: Fix repeated XSK usage on one channel
net/mlx5: Fix fatal error handling during device load
net/mlx5: drain health workqueue in case of driver load error
selftests/net: in rxtimestamp getopt_long needs terminating null entry
dccp: Fix possible memleak in dccp_init and dccp_fini
crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req()
crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req()
crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
firmware: imx: scu: Fix corruption of header
firmware: imx-scu: Support one TX and one RX
firmware: imx: warn on unexpected RX
x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned
crypto: drbg - fix error return code in drbg_alloc_state()
crypto: algapi - Avoid spurious modprobe on LOADED
crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated
gup: document and work around "COW can break either way" issue
PM: runtime: clk: Fix clk_pm_runtime_get() error path
spi: bcm-qspi: when tx/rx buffer is NULL set to 0
spi: bcm-qspi: Handle clock probe deferral
spi: bcm2835aux: Fix controller unregister order
spi: bcm2835: Fix controller unregister order
spi: pxa2xx: Fix runtime PM ref imbalance on probe error
spi: pxa2xx: Fix controller unregister order
spi: Fix controller unregister order
spi: dw: Fix controller unregister order
nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
lib/lzo: fix ambiguous encoding bug in lzo-rle
arm64: acpi: fix UBSAN warning
ACPI: PM: Avoid using power resources if there are none for D0
ACPI: GED: add support for _Exx / _Lxx handler methods
ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock
ALSA: usb-audio: Fix inconsistent card PM state after resume
ALSA: pcm: fix snd_pcm_link() lockdep splat
ALSA: pcm: disallow linking stream to itself
ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
ALSA: fireface: fix configuration error for nominal sampling transfer frequency
ALSA: es1688: Add the missed snd_card_free()
watchdog: imx_sc_wdt: Fix reboot on crash
smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl
smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
efi/efivars: Add missing kobject_put() in sysfs entry creation error path
io_uring: use kvfree() in io_sqe_buffer_register()
ASoC: max9867: fix volume controls
powerpc/ptdump: Properly handle non standard page size
KVM: x86: Fix APIC page invalidation race
KVM: x86: respect singlestep when emulating instruction
KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated
perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel Tremont
x86/reboot/quirks: Add MacBook6,1 reboot quirk
x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
x86/speculation: Prevent rogue cross-process SSBD shutdown
x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
x86_64: Fix jiffies ODR violation
sctp: fix refcount bug in sctp_wfree
sctp: fix possibly using a bad saddr with a given dst
iwlwifi: mvm: fix NVM check for 3168 devices
ipv4: fix a RCU-list lock in fib_triestat_seq_show
aio: fix async fsync creds
fanotify: fix ignore mask logic for events on child and on dir
selftests: fix flower parent qdisc
mm: add kvfree_sensitive() for freeing sensitive data objects
perf probe: Accept the instance number of kretprobe event
PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
KVM: x86: only do L1TF workaround on affected processors
x86/cpu/amd: Make erratum #1054 a legacy erratum
s390/pci: Log new handle in clp_disable_fh()
padata: add separate cpuhp node for CPUHP_PADATA_DEAD
RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
smack: avoid unused 'sip' variable warning
ath9k_htc: Silence undersized packet warnings
spi: dw: Fix native CS being unset
powerpc/xive: Clear the page tables for the ESB IO mapping
drivers/net/ibmvnic: Update VNIC protocol version reporting
gfs2: Even more gfs2_find_jhead fixes
csky: Fixup abiv2 syscall_trace break a4 & a5
Input: synaptics - add a second working PNP_ID for Lenovo T470s
sched/fair: Don't NUMA balance for kthreads
ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
Input: mms114 - fix handling of mms345l
elfnote: mark all .note sections SHF_ALLOC
bpf: Support llvm-objcopy for vmlinux BTF
vxlan: Avoid infinite loop when suppressing NS messages with invalid options
bridge: Avoid infinite loop when suppressing NS messages with invalid options
tun: correct header offsets in napi frags mode
net_failover: fixed rollback in net_failover_open()
mlxsw: core: Use different get_trend() callbacks for different thermal zones
ipv6: fix IPV6_ADDRFORM operation logic
fs-verity: remove unnecessary extern keywords
fs-verity: fix all kerneldoc warnings
fscrypt: add support for IV_INO_LBLK_32 policies
fscrypt: make test_dummy_encryption use v2 by default
fscrypt: support test_dummy_encryption=v2
fscrypt: add fscrypt_add_test_dummy_key()
linux/parser.h: add include guards
fscrypt: remove unnecessary extern keywords
fscrypt: name all function parameters
fscrypt: fix all kerneldoc warnings
ANDROID: GKI: enable CONFIG_EXT4_FS_POSIX_ACL.
ANDROID: arch: arm: Increase kernel command line size
ANDROID: arch: arm64: Increase kernel command line size
ANDROID: ABI: Add typec symbols to QCOM ABI whitelist
UPSTREAM: usb: typec: Remove the callback members from struct typec_capability
UPSTREAM: usb: typec: ucsi: Start using struct typec_operations
UPSTREAM: usb: typec: tps6598x: Start using struct typec_operations
UPSTREAM: usb: typec: tcpm: Start using struct typec_operations
UPSTREAM: usb: typec: Separate the operations vector
UPSTREAM: usb: typec: Introduce typec_get_drvdata()
UPSTREAM: usb: typec: Copy everything from struct typec_capability during registration
ANDROID: kbuild: merge more sections with LTO
UPSTREAM: driver core: Remove unnecessary is_fwnode_dev variable in device_add()
UPSTREAM: driver core: Remove check in driver_deferred_probe_force_trigger()
UPSTREAM: of: platform: Batch fwnode parsing when adding all top level devices
BACKPORT: driver core: fw_devlink: Add support for batching fwnode parsing
BACKPORT: driver core: Look for waiting consumers only for a fwnode's primary device
UPSTREAM: usb: musb: Add support for MediaTek musb controller
UPSTREAM: usb: musb: Add musb_clearb/w() interface
UPSTREAM: usb: musb: Add noirq type of dma create interface
UPSTREAM: usb: musb: Add get/set toggle hooks
UPSTREAM: dt-bindings: usb: musb: Add support for MediaTek musb controller
Revert "ANDROID: Remove default y on BRIDGE_IGMP_SNOOPING"
Linux 5.4.46
Revert "net/mlx5: Annotate mutex destroy for root ns"
uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned
x86/speculation: Add Ivy Bridge to affected list
x86/speculation: Add SRBDS vulnerability and mitigation documentation
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
x86/cpu: Add 'table' argument to cpu_matches()
x86/cpu: Add a steppings field to struct x86_cpu_id
x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2
nvmem: qfprom: remove incorrect write support
CDC-ACM: heed quirk also in error handling
staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
tty: hvc_console, fix crashes on parallel open/close
vt: keyboard: avoid signed integer overflow in k_ascii
usb: musb: Fix runtime PM imbalance on error
usb: musb: start session in resume for host port
iio: adc: stm32-adc: fix a wrong error message when probing interrupts
iio:chemical:pms7003: Fix timestamp alignment and prevent data leak.
iio: vcnl4000: Fix i2c swapped word reading.
iio:chemical:sps30: Fix timestamp alignment
USB: serial: ch341: add basis for quirk detection
USB: serial: option: add Telit LE910C1-EUX compositions
USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
USB: serial: qcserial: add DW5816e QDL support
net: be more gentle about silly gso requests coming from user
net: check untrusted gso_size at kernel entry
vsock: fix timeout in vsock_accept()
nfp: flower: fix used time of merge flow statistics
NFC: st21nfca: add missed kfree_skb() in an error path
net: usb: qmi_wwan: add Telit LE910C1-EUX composition
net: stmmac: enable timestamp snapshot for required PTP packets in dwmac v5.10a
net/mlx5: Fix crash upon suspend/resume
l2tp: do not use inet_hash()/inet_unhash()
l2tp: add sk_family checks to l2tp_validate_socket
devinet: fix memleak in inetdev_init()
ANDROID: GKI: Update ABI after scsi/ufs changes
FROMLIST: Documentation:sysfs-ufs: Add WriteBooster documentation
FROMGIT: scsi: ufs-qcom: Configure write booster type
FROMGIT: scsi: ufs: sysfs: Add sysfs entries for write booster
BACKPORT: FROMGIT: scsi: ufs: Add write booster feature support
ANDROID: ABI/Whitelist: update symbols of unisoc whitelist
BACKPORT: FROMGIT: scsi: ufs: Remove unnecessary memset for dev_info
ANDROID: staging: ion: Fix potential memory corruption
ANDROID: staging: ion: optimize cache operation for non-cached buffer
ANDROID: staging: ion: Skip sync if not mapped
ANDROID: staging: ion: use dma_[un]map_sg_attrs
ANDROID: arch: arm64: vdso: export the symbols for time()
ANDROID: dm-bow: Add block_size option
ANDROID: GKI: remove squashfs-needed symbols from exported abi
ANDROID: GKI: remove erofs symbols from exported abi
ANDROID: GKI: enable CONFIG_EROFS_FS=y
ANDROID: scs: fix recursive spinlock in scs_check_usage
f2fs: attach IO flags to the missing cases
f2fs: add node_io_flag for bio flags likewise data_io_flag
f2fs: remove unused parameter of f2fs_put_rpages_mapping()
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
f2fs: avoid utf8_strncasecmp() with unstable name
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
ANDROID: GKI: set CONFIG_BLK_DEV_LOOP_MIN_COUNT to 16
ANDROID: Incremental fs: Remove dependency on PKCS7_MESSAGE_PARSER
ANDROID: Incremental fs: Cache successful hash calculations
ANDROID: Incremental fs: Fix four error-path bugs
f2fs: fix retry logic in f2fs_write_cache_pages()
f2fs: fix wrong discard space
f2fs: compress: don't compress any datas after cp stop
f2fs: remove unneeded return value of __insert_discard_tree()
f2fs: fix wrong value of tracepoint parameter
f2fs: protect new segment allocation in expand_inode_data
f2fs: code cleanup by removing ifdef macro surrounding
writeback: Avoid skipping inode writeback
f2fs: avoid inifinite loop to wait for flushing node pages at cp_error
f2fs: compress: fix zstd data corruption
f2fs: add compressed/gc data read IO stat
f2fs: fix potential use-after-free issue
f2fs: compress: don't handle non-compressed data in workqueue
f2fs: remove redundant assignment to variable err
f2fs: refactor resize_fs to avoid meta updates in progress
f2fs: use round_up to enhance calculation
f2fs: introduce F2FS_IOC_RESERVE_COMPRESS_BLOCKS
f2fs: Avoid double lock for cp_rwsem during checkpoint
f2fs: report delalloc reserve as non-free in statfs for project quota
f2fs: Fix wrong stub helper update_sit_info
f2fs: compress: let lz4 compressor handle output buffer budget properly
f2fs: remove blk_plugging in block_operations
f2fs: introduce F2FS_IOC_RELEASE_COMPRESS_BLOCKS
f2fs: shrink spinlock coverage
f2fs: correctly fix the parent inode number during fsync()
f2fs: compress: support lzo-rle compress algorithm
f2fs: introduce mempool for {,de}compress intermediate page allocation
f2fs: introduce f2fs_bmap_compress()
f2fs: support fiemap on compressed inode
f2fs: support partial truncation on compressed inode
f2fs: remove redundant compress inode check
f2fs: use strcmp() in parse_options()
f2fs: Use the correct style for SPDX License Identifier
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/display/mediatek/mediatek,dpi.txt
abi_gki_aarch64_qcom_whitelist
arch/x86/configs/gki_defconfig
build.config.common
drivers/hwtracing/coresight/coresight-tmc-etf.c
drivers/mmc/host/sdhci-msm.c
drivers/pinctrl/qcom/Kconfig
drivers/pinctrl/qcom/pinctrl-msm.c
drivers/pinctrl/qcom/pinctrl-spmi-gpio.c
drivers/scsi/ufs/ufs-qcom.c
drivers/scsi/ufs/ufs-sysfs.c
drivers/scsi/ufs/ufs.h
drivers/scsi/ufs/ufs_quirks.h
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/usb/dwc3/gadget.c
drivers/usb/host/xhci-plat.c
drivers/usb/typec/ucsi/ucsi.c
include/linux/usb/composite.h
include/linux/usb/gadget.h
init/Kconfig.gki
net/wireless/nl80211.c
scripts/headers_install.sh
Change-Id: Iadbe19b28a1d459bc7378e0b9060219a92a408b6
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Blagovest Kolenichev
|
441301dd42 |
Merge android-5.4-stable.45 (a9a13ee) into msm-5.4
* refs/heads/tmp-a9a13ee: Linux 5.4.45 net: smsc911x: Fix runtime PM imbalance on error selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x net/ethernet/freescale: rework quiesce/activate for ucc_geth null_blk: return error for invalid zone size s390/mm: fix set_huge_pte_at() for empty ptes drm/edid: Add Oculus Rift S to non-desktop list net: bmac: Fix read of MAC address from ROM x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables io_uring: initialize ctx->sqo_wait earlier i2c: altera: Fix race between xfer_msg and isr thread scsi: pm: Balance pm_only counter of request queue during system resume evm: Fix RCU list related warnings ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT ARC: Fix ICCM & DCCM runtime size checks RDMA/qedr: Fix synchronization methods and memory leaks in qedr RDMA/qedr: Fix qpids xarray api used s390/ftrace: save traced function caller ASoC: intel - fix the card names spi: dw: use "smp_mb()" to avoid sending spi data error powerpc/xmon: Restrict when kernel is locked down powerpc/powernv: Avoid re-registration of imc debugfs directory scsi: hisi_sas: Check sas_port before using it drm/i915: fix port checks for MST support on gen >= 11 airo: Fix read overflows sending packets net: dsa: mt7530: set CPU port to fallback mode scsi: ufs: Release clock if DMA map fails media: staging: ipu3-imgu: Move alignment attribute to field media: Revert "staging: imgu: Address a compiler warning on alignment" mmc: fix compilation of user API kernel/relay.c: handle alloc_percpu returning NULL in relay_open mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter p54usb: add AirVasT USB stick device-id HID: i2c-hid: add Schneider SCL142ALM to descriptor override HID: multitouch: enable multi-input as a quirk for some devices HID: sony: Fix for broken buttons on DS3 USB dongles mm: Fix mremap not considering huge pmd devmap Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" ANDROID: GKI: Enable SYS_HYPERVISOR ANDROID: Update ABI representation ANDROID: GKI: disable CONFIG_I2C_CHARDEV ANDROID: GKI: remove netfilter apis from supported symbols Linux 5.4.44 perf: Make perf able to build with latest libbfd netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update netfilter: conntrack: comparison of unsigned in cthelper confirmation bonding: Fix reference count leak in bond_sysfs_slave_add. net: dsa: declare lockless TX feature for slave ports ipv4: nexthop version of fib_info_nh_uses_dev nexthop: Expand nexthop_is_multipath in a few places nexthops: don't modify published nexthop groups nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry crypto: chelsio/chtls: properly set tp->lsndtime qlcnic: fix missing release in qlcnic_83xx_interrupt_test. xsk: Add overflow check for u64 division, stored into u32 ieee80211: Fix incorrect mask for default PE duration bnxt_en: Fix accumulation of bp->net_stats_prev. esp6: get the right proto for transport mode in esp6_gso_encap netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code netfilter: nfnetlink_cthelper: unbreak userspace helper support netfilter: conntrack: make conntrack userspace helpers work again netfilter: ipset: Fix subcounter update skip netfilter: nft_reject_bridge: enable reject with bridge vlan ip_vti: receive ipip packet by calling ip_tunnel_rcv xfrm: fix error in comment xfrm: fix a NULL-ptr deref in xfrm_local_error xfrm: fix a warning in xfrm_policy_insert_list xfrm interface: fix oops when deleting a x-netns interface xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output xfrm: remove the xfrm_state_put call becofe going to out_reset xfrm: do pskb_pull properly in __xfrm_transport_prep xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input copy_xstate_to_kernel(): don't leave parts of destination uninitialized x86/dma: Fix max PFN arithmetic overflow on 32 bit systems mac80211: mesh: fix discovery timer re-arming issue / crash x86/syscalls: Revert "x86/syscalls: Make __X32_SYSCALL_BIT be unsigned long" cfg80211: fix debugfs rename crash parisc: Fix kernel panic in mem_init() iommu: Fix reference count leak in iommu_group_alloc. gpio: fix locking open drain IRQ lines Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT" include/asm-generic/topology.h: guard cpumask_of_node() macro argument fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() mm,thp: stop leaking unreleased file pages IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode drm/amd/display: drop cursor position check in atomic test RDMA/core: Fix double destruction of uobject ceph: flush release queue when handling caps for unknown inode libceph: ignore pool overlay and cache logic on redirects ALSA: hda/realtek - Add new codec supported for ALC287 ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio clk: qcom: gcc: Fix parent for gpll0_out_even exec: Always set cap_ambient in cap_bprm_set_creds ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround ALSA: hwdep: fix a left shifting 1 by 31 UB bug RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() gpio: pxa: Fix return value of pxa_gpio_probe() mmc: block: Fix use-after-free issue for rpmb ARM: dts: bcm: HR2: Fix PPI interrupt types ARM: dts: bcm2835-rpi-zero-w: Fix led polarity ARM: dts/imx6q-bx50v3: Set display interface clock parents IB/qib: Call kobject_put() when kobject_init_and_add() fails gpu/drm: Ingenic: Fix opaque pointer casted to wrong type soc: mediatek: cmdq: return send msg error code arm64: dts: mt8173: fix vcodec-enc clock gpio: exar: Fix bad handling for ida_simple_get error path ARM: uaccess: fix DACR mismatch with nested exceptions ARM: uaccess: integrate uaccess_save and uaccess_restore ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h ARM: 8970/1: decompressor: increase tag size Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() Input: synaptics-rmi4 - really fix attn_data use-after-free Input: i8042 - add ThinkPad S230u to i8042 reset list Input: dlink-dir685-touchkeys - fix a typo in driver name Input: xpad - add custom init packet for Xbox One S controllers Input: evdev - call input_flush_device() on release(), not flush() Input: usbtouchscreen - add support for BonXeon TP drivers: net: hamradio: Fix suspicious RCU usage warning in bpqether.c samples: bpf: Fix build error csky: Fixup raw_copy_from_user() cifs: Fix null pointer check in cifs_read hwmon: (nct7904) Fix incorrect range of temperature limit registers csky: Fixup remove duplicate irq_disable csky: Fixup perf callchain unwind csky: Fixup msa highest 3 bits mask clk: ti: am33xx: fix RTC clock parent riscv: stacktrace: Fix undefined reference to `walk_stackframe' IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() net: freescale: select CONFIG_FIXED_PHY where needed usb: gadget: legacy: fix redundant initialization warnings usb: phy: twl6030-usb: Fix a resource leak in an error handling path in 'twl6030_usb_probe()' usb: dwc3: pci: Enable extcon driver for Intel Merrifield cachefiles: Fix race between read_waiter and read_copier involving op->to_do drm/amdgpu: Use GEM obj reference for KFD BOs drm/amd/powerplay: perform PG ungate prior to CG ungate drm/amdgpu: drop unnecessary cancel_delayed_work_sync on PG ungate gfs2: Grab glock reference sooner in gfs2_add_revoke gfs2: move privileged user check to gfs2_quota_lock_check net: microchip: encx24j600: add missed kthread_stop ALSA: usb-audio: add mapping for ASRock TRX40 Creator gpio: tegra: mask GPIO IRQs during IRQ shutdown ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi ARM: dts: rockchip: swap clock-names of gpu nodes arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts ARM: dts: rockchip: fix phy nodename for rk3229-xms6 ARM: dts: rockchip: fix phy nodename for rk3228-evb mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload fails net/mlx4_core: fix a memory leak bug. net: sun: fix missing release regions in cas_init_one(). net/tls: free record only on encryption error net/tls: fix encryption error checking net/mlx5: Annotate mutex destroy for root ns net/mlx5: Fix error flow in case of function_setup failure net/mlx5e: Update netdev txq on completions during closure net/mlx5: Fix memory leak in mlx5_events_init net/mlx5e: Fix inner tirs handling net/mlx5e: kTLS, Destroy key object after destroying the TIS tipc: block BH before using dst_cache sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed sctp: Don't add the shutdown timer if its already been added r8152: support additional Microsoft Surface Ethernet Adapter variant nexthop: Fix attribute checking for groups net/tls: fix race condition causing kernel panic net sched: fix reporting the first-time use timestamp net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() net: nlmsg_cancel() if put fails for nhmsg net: mvpp2: fix RX hashing for non-10G ports net/mlx5: Add command entry handling completion net: ipip: fix wrong address family in init error path net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* __netif_receive_skb_core: pass skb by reference net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend net: dsa: mt7530: fix roaming from DSA user ports net: don't return invalid table id error when we fall back to PF_UNSPEC dpaa_eth: fix usage as DSA master, try 3 ax25: fix setsockopt(SO_BINDTODEVICE) ANDROID: GKI: enable CONFIG_USB_DUMMY_HCD FROMGIT: USB: dummy-hcd: use configurable endpoint naming scheme ANDROID: GKI: enable a bunch of HID config options =y UPSTREAM: usb: raw-gadget: fix null-ptr-deref when reenabling endpoints UPSTREAM: usb: raw-gadget: documentation updates UPSTREAM: usb: raw-gadget: support stalling/halting/wedging endpoints UPSTREAM: usb: raw-gadget: fix gadget endpoint selection UPSTREAM: usb: raw-gadget: improve uapi headers comments UPSTREAM: usb: raw-gadget: fix return value of ep read ioctls UPSTREAM: usb: raw-gadget: fix raw_event_queue_fetch locking UPSTREAM: usb: raw-gadget: Fix copy_to/from_user() checks ANDROID: GKI: update abi definitions after enabling PCIEPORTBUS Revert "ANDROID: gki_defconfig: Drop CONFIG_PCIEPORTBUS" ANDROID: net: bpf: permit redirect from ingress L3 to egress L2 devices at near max mtu ANDROID: GKI: update abi definitions now that sdcardfs is gone Revert "ANDROID: sdcardfs: Enable modular sdcardfs" ANDROID: remove sdcardfs-needed exports from whitelist Revert "ANDROID: vfs: Add setattr2 for filesystems with per mount permissions" Revert "ANDROID: vfs: Add permission2 for filesystems with per mount permissions" Revert "ANDROID: vfs: add d_canonical_path for stacked filesystem support" Revert "ANDROID: fs: Restore vfs_path_lookup() export" ANDROID: sdcardfs: remove sdcardfs from system FROMGIT: driver core: Update device link status correctly for SYNC_STATE_ONLY links UPSTREAM: driver core: Fix handling of SYNC_STATE_ONLY + STATELESS device links UPSTREAM: driver core: Fix SYNC_STATE_ONLY device link implementation Revert "ANDROID: Incremental fs: Avoid continually recalculating hashes" ANDROID: remove unused variable Linux 5.4.43 sched/fair: Fix enqueue_task_fair() warning some more sched/fair: Fix reordering of enqueue/dequeue_task_fair() sched/fair: Reorder enqueue/dequeue_task_fair path tpm: check event log version before reading final events rxrpc: Fix ack discard rxrpc: Trace discarded ACKs iio: adc: stm32-dfsdm: fix device used to request dma iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-adc: fix device used to request dma iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks flow_dissector: Drop BPF flow dissector prog ref on netns cleanup s390/kexec_file: fix initrd location for kdump kernel rxrpc: Fix a memory leak in rxkad_verify_response() rxrpc: Fix the excessive initial retransmission timeout kasan: disable branch tracing for core runtime rapidio: fix an error in get_user_pages_fast() error handling device-dax: don't leak kernel memory to user space after unloading kmem s390/kaslr: add support for R_390_JMP_SLOT relocation type s390/pci: Fix s390_mmio_read/write with MIO ipack: tpci200: fix error return code in tpci200_register() mei: release me_cl object reference tty: serial: add missing spin_lock_init for SiFive serial console misc: rtsx: Add short delay after exit from ASPM iio: adc: ti-ads8344: Fix channel selection iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' iio: sca3000: Remove an erroneous 'get_device()' staging: greybus: Fix uninitialized scalar variable staging: kpc2000: fix error return code in kp2000_pcie_probe() staging: iio: ad2s1210: Fix SPI reading media: fdp1: Fix R-Car M3-N naming in debug message Revert "gfs2: Don't demote a glock until its revokes are written" kbuild: Remove debug info from kallsyms linking bpf: Avoid setting bpf insns pages read-only when prog is jited powerpc/64s: Disable STRICT_KERNEL_RWX powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE drm/i915: Propagate error from completed fences drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance. vsprintf: don't obfuscate NULL and error pointers dmaengine: owl: Use correct lock in owl_dma_get_pchan() dmaengine: dmatest: Restore default for channel drm/etnaviv: Fix a leak in submit_pin_objects() dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' apparmor: Fix aa_label refcnt leak in policy_update apparmor: fix potential label refcnt leak in aa_change_profile apparmor: Fix use-after-free in aa_audit_rule_init drm/etnaviv: fix perfmon domain interation arm64: Fix PTRACE_SYSEMU semantics scsi: target: Put lun_ref at end of tmr processing scsi: qla2xxx: Do not log message when reading port speed via sysfs ALSA: hda/realtek - Add more fixup entries for Clevo machines ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme ALSA: pcm: fix incorrect hw_base increase ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 ALSA: hda/realtek: Add quirk for Samsung Notebook ALSA: hda/realtek - Add HP new mute led supported for ALC236 ALSA: hda/realtek - Add supported new mute Led for HP ALSA: hda: Manage concurrent reg access more properly ALSA: hda: patch_realtek: fix empty macro usage in if block ALSA: hda - constify and cleanup static NodeID tables scripts/gdb: repair rb_first() and rb_last() ARM: futex: Address build warning KVM: selftests: Fix build for evmcs.h drm/amd/display: Prevent dpcd reads with passive dongles iommu/amd: Call domain_flush_complete() in update_domain() platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA USB: core: Fix misleading driver bug report stmmac: fix pointer check after utilization in stmmac_interrupt ceph: fix double unlock in handle_cap_export() HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() x86/apic: Move TSC deadline timer debug printk ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set ibmvnic: Skip fatal error reset after passive init x86/mm/cpa: Flush direct map alias during cpa HID: i2c-hid: reset Synaptics SYNA2393 on resume scsi: ibmvscsi: Fix WARN_ON during event pool release net/ena: Fix build warning in ena_xdp_set() component: Silence bind error on -EPROBE_DEFER aquantia: Fix the media type of AQC100 ethernet controller in the driver vhost/vsock: fix packet delivery order to monitoring devices configfs: fix config_item refcnt leak in configfs_rmdir() scsi: qla2xxx: Delete all sessions before unregister local nvme port scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead HID: alps: Add AUI1657 device ID HID: multitouch: add eGalaxTouch P80H84 support gcc-common.h: Update for GCC 10 net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check mtd: Fix mtd not registered due to nvmem name collision afs: Don't unlock fetched data pages until the op completes successfully ubi: Fix seq_file usage in detailed_erase_block_info debugfs file i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' evm: Fix a small race in init_desc() iommu/amd: Fix over-read of ACPI UID from IVRS table i2c: fix missing pm_runtime_put_sync in i2c_device_probe ubifs: remove broken lazytime support fix multiplication overflow in copy_fdtable() mtd: spinand: Propagate ECC information to the MTD structure ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive ubifs: fix wrong use of crypto_shash_descsize() ima: Fix return value of ima_write_policy() evm: Check also if *tfm is an error pointer in init_desc() ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() KVM: SVM: Fix potential memory leak in svm_cpu_init() i2c: dev: Fix the race between the release of i2c_dev and cdev ANDROID: scsi: ufs: Handle clocks when lrbp fails ANDROID: ABI/Whitelist: add erofs whitelist to unisoc whitelist ANDROID: GKI: Update abi for 5.4.42 update UPSTREAM: serial: samsung: 32-bit access for TX/RX hold registers BACKPORT: serial: samsung: dt-bindings: Add reg-io-width compatible UPSTREAM: serial: samsung: Replace rd_regb/wr_regb with rd_reg/wr_reg ANDROID: fscrypt: handle direct I/O with IV_INO_LBLK_32 BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_32 policies Linux 5.4.42 bpf: Test_progs, fix test_get_stack_rawtp_err.c build selftest/bpf: fix backported test_select_reuseport selftest changes libbpf: Extract and generalize CPU mask parsing logic Makefile: disallow data races on gcc-10 as well KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce bpf: Fix sk_psock refcnt leak when receiving message SUNRPC: Revert |
||
|
Greg Kroah-Hartman
|
90dbaed65a |
This is the 5.4.49 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7zdl0ACgkQONu9yGCS
aT4fAg/7Bg+JHOdJpdSb4FLMjpWHnjOMJ4ICMEfEPS9vJR41HpAaC8LdI3PBZdOZ
ujEdX3ia1p3N/bnnHwVPFaycWQ6Z9TItoj6gzCLqjzVzdKJKXEx8uQFY0KWt+w4R
0orn1acd+bqMLhnRrJqMEhmRG3Y6IrkWXYr/qDC6OuZDgigtHC46mX0IdQiUomFd
As9x1cr6+j27zOf8iwyNNXWo5AL2VFR7zDhlfR+sllN6Tn90AhumFoES8GL+ylfu
OybF5LH4l9gOiFwvI7gTeihJoJOyh/cKP0glnDzRIZVIFv96At3cDt5GiRxkqbYw
u1bo5X5xPxJogN9SLUi4O6pnrmQmuK27zJcI43TDfdRguSzXWzZclyNQ9d3zqmvJ
QCmCsQkZst4K4SGg4UE2Wb6Gi51lsmV4OKll7eh61I87e8J7t7r8I5HRDdNCLzuf
3biqYn8f6307ME59fniVlQSynMt8B9lxyTS6hkYN/iCf753jHKdJRy97JcXugiCo
DUoMCNchLDg5LH9TWq6k96rCklaVGPkp8HO/davMAc5Xn+YgPqE/ZpO7hH0nCLBE
Fc0bvddiebXI5NrxIXu20vajQWi5YuVw5JWUBvcK6aONluwRomCvTIPRT1SZZiaK
5Cm5lyDGK3yYC0Dz++QzATVtNEOAkUOWgLpgOenrUVPtCtgDOrk=
=cQWB
-----END PGP SIGNATURE-----
Merge 5.4.49 into android-5.4-stable
Changes in 5.4.49
power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select
clk: sunxi: Fix incorrect usage of round_down()
ASoC: tegra: tegra_wm8903: Support nvidia, headset property
i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
ASoC: SOF: imx8: Fix randbuild error
iio: pressure: bmp280: Tolerate IRQ before registering
remoteproc: Fix IDR initialisation in rproc_alloc()
clk: qcom: msm8916: Fix the address location of pll->config_reg
ASoC: fsl_esai: Disable exception interrupt before scheduling tasklet
backlight: lp855x: Ensure regulators are disabled on probe failure
ARM: dts: renesas: Fix IOMMU device node names
ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
ARM: integrator: Add some Kconfig selections
ARM: dts: stm32: Add missing ethernet PHY reset on AV96
scsi: core: free sgtables in case command setup fails
scsi: qedi: Check for buffer overflow in qedi_set_path()
arm64: dts: meson: fixup SCP sram nodes
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO
ALSA: isa/wavefront: prevent out of bounds write in ioctl
PCI: Allow pci_resize_resource() for devices on root bus
scsi: qla2xxx: Fix issue with adapter's stopping state
Input: edt-ft5x06 - fix get_default register write access
powerpc/kasan: Fix stack overflow by increasing THREAD_SHIFT
rtc: mc13xxx: fix a double-unlock issue
iio: bmp280: fix compensation of humidity
f2fs: report delalloc reserve as non-free in statfs for project quota
i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use
clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical
usblp: poison URBs upon disconnect
serial: 8250: Fix max baud limit in generic 8250 port
misc: fastrpc: Fix an incomplete memory release in fastrpc_rpmsg_probe()
misc: fastrpc: fix potential fastrpc_invoke_ctx leak
dm mpath: switch paths in dm_blk_ioctl() code path
arm64: dts: armada-3720-turris-mox: forbid SDR104 on SDIO for FCC purposes
arm64: dts: armada-3720-turris-mox: fix SFP binding
arm64: dts: juno: Fix GIC child nodes
pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2
clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling
ASoC: SOF: Do nothing when DSP PM callbacks are not set
arm64: dts: fvp: Fix GIC child nodes
PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register
ps3disk: use the default segment boundary
arm64: dts: fvp/juno: Fix node address fields
vfio/pci: fix memory leaks in alloc_perm_bits()
coresight: tmc: Fix TMC mode read in tmc_read_prepare_etb()
RDMA/mlx5: Add init2init as a modify command
scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
PCI: pci-bridge-emul: Fix PCIe bit conflicts
m68k/PCI: Fix a memory leak in an error handling path
gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration
usb: gadget: core: sync interrupt before unbind the udc
powerpc/ptdump: Add _PAGE_COHERENT flag
mfd: wm8994: Fix driver operation if loaded as modules
scsi: cxgb3i: Fix some leaks in init_act_open()
clk: zynqmp: fix memory leak in zynqmp_register_clocks
scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event
scsi: vhost: Notify TCM about the maximum sg entries supported per command
clk: clk-flexgen: fix clock-critical handling
IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run
nfsd: Fix svc_xprt refcnt leak when setup callback client failed
PCI: vmd: Filter resource type bits from shadow register
RDMA/core: Fix several reference count leaks.
cifs: set up next DFS target before generic_ip_connect()
ASoC: qcom: q6asm-dai: kCFI fix
powerpc/crashkernel: Take "mem=" option into account
pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
sparc32: mm: Don't try to free page-table pages if ctor() fails
yam: fix possible memory leak in yam_init_driver
NTB: ntb_pingpong: Choose doorbells based on port number
NTB: Fix the default port and peer numbers for legacy drivers
mksysmap: Fix the mismatch of '.L' symbols in System.map
apparmor: fix introspection of of task mode for unconfined tasks
net: dsa: lantiq_gswip: fix and improve the unsupported interface error
apparmor: check/put label on apparmor_sk_clone_security()
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
ASoC: meson: add missing free_irq() in error path
bpf, sockhash: Fix memory leak when unlinking sockets in sock_hash_free
scsi: sr: Fix sr_probe() missing deallocate of device minor
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
apparmor: fix nnp subset test for unconfined
x86/purgatory: Disable various profiling and sanitizing options
staging: greybus: fix a missing-check bug in gb_lights_light_config()
arm64: dts: mt8173: fix unit name warnings
scsi: qedi: Do not flush offload work if ARP not resolved
arm64: dts: qcom: msm8916: remove unit name for thermal trip points
ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity
RDMA/mlx5: Fix udata response upon SRQ creation
gpio: dwapb: Append MODULE_ALIAS for platform driver
scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing
pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries
virtiofs: schedule blocking async replies in separate worker
arm64: dts: qcom: fix pm8150 gpio interrupts
firmware: qcom_scm: fix bogous abuse of dma-direct internals
staging: gasket: Fix mapping refcnt leak when put attribute fails
staging: gasket: Fix mapping refcnt leak when register/store fails
ALSA: usb-audio: Improve frames size computation
ALSA: usb-audio: Fix racy list management in output queue
s390/qdio: put thinint indicator after early error
tty: hvc: Fix data abort due to race in hvc_open
slimbus: ngd: get drvdata from correct device
clk: meson: meson8b: Fix the first parent of vid_pll_in_sel
clk: meson: meson8b: Fix the polarity of the RESET_N lines
clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits
gpio: pca953x: fix handling of automatic address incrementing
thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR
clk: meson: meson8b: Don't rely on u-boot to init all GP_PLL registers
ASoC: max98373: reorder max98373_reset() in resume
soundwire: slave: don't init debugfs on device registration error
HID: intel-ish-hid: avoid bogus uninitialized-variable warning
usb: dwc3: gadget: Properly handle ClearFeature(halt)
usb: dwc3: gadget: Properly handle failed kick_transfer
staging: wilc1000: Increase the size of wid_list array
staging: sm750fb: add missing case while setting FB_VISUAL
PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths
i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
serial: amba-pl011: Make sure we initialize the port.lock spinlock
drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish
PCI: rcar: Fix incorrect programming of OB windows
PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
scsi: qla2xxx: Fix warning after FC target reset
ALSA: firewire-lib: fix invalid assignment to union data for directional parameter
power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()'
power: supply: smb347-charger: IRQSTAT_D is volatile
ASoC: SOF: core: fix error return code in sof_probe_continue()
arm64: dts: msm8996: Fix CSI IRQ types
scsi: target: loopback: Fix READ with data and sensebytes
scsi: mpt3sas: Fix double free warnings
SoC: rsnd: add interrupt support for SSI BUSIF buffer
ASoC: ux500: mop500: Fix some refcounted resources issues
ASoC: ti: omap-mcbsp: Fix an error handling path in 'asoc_mcbsp_probe()'
pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map
dlm: remove BUG() before panic()
USB: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe()
clk: ti: composite: fix memory leak
PCI: Fix pci_register_host_bridge() device_register() error handling
powerpc/64: Don't initialise init_task->thread.regs
tty: n_gsm: Fix SOF skipping
tty: n_gsm: Fix waking up upper tty layer when room available
ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback
HID: Add quirks for Trust Panora Graphic Tablet
PCI/PM: Assume ports without DLL Link Active train links in 100 ms
habanalabs: increase timeout during reset
ipmi: use vzalloc instead of kmalloc for user creation
powerpc/64s/exception: Fix machine check no-loss idle wakeup
powerpc/pseries/ras: Fix FWNMI_VALID off by one
drivers: phy: sr-usb: do not use internal fsm for USB2 phy init
powerpc/ps3: Fix kexec shutdown hang
vfio-pci: Mask cap zero
usb/ohci-platform: Fix a warning when hibernating
drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
tty: n_gsm: Fix bogus i++ in gsm_data_kick
fpga: dfl: afu: Corrected error handling levels
clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
RDMA/hns: Bugfix for querying qkey
RDMA/hns: Fix cmdq parameter of querying pf timer resource
scsi: target: tcmu: Userspace must not complete queued commands
firmware: imx: scu: Fix possible memory leak in imx_scu_probe()
fuse: fix copy_file_range cache issues
fuse: copy_file_range should truncate cache
arm64: tegra: Fix ethernet phy-mode for Jetson Xavier
arm64: tegra: Fix flag for 64-bit resources in 'ranges' property
powerpc/64s/pgtable: fix an undefined behaviour
dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone
PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
PCI: dwc: Fix inner MSI IRQ domain registration
PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link
IB/cma: Fix ports memory leak in cma_configfs
watchdog: da9062: No need to ping manually before setting timeout
usb: dwc2: gadget: move gadget resume after the core is in L0 state
USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke
usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check
usb: gadget: fix potential double-free in m66592_probe.
usb: gadget: Fix issue with config_ep_by_speed function
scripts: headers_install: Exit with error on config leak
RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove
x86/apic: Make TSC deadline timer detection message visible
mfd: stmfx: Reset chip on resume as supply was disabled
mfd: stmfx: Fix stmfx_irq_init error path
mfd: stmfx: Disable IRQ in suspend to avoid spurious interrupt
powerpc/32s: Don't warn when mapping RO data ROX.
ASoC: fix incomplete error-handling in img_i2s_in_probe.
scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd()
clk: bcm2835: Fix return type of bcm2835_register_gate
scsi: ufs-qcom: Fix scheduling while atomic issue
KVM: PPC: Book3S HV: Ignore kmemleak false positives
KVM: PPC: Book3S: Fix some RCU-list locks
clk: sprd: return correct type of value for _sprd_pll_recalc_rate
clk: ast2600: Fix AHB clock divider for A1
misc: xilinx-sdfec: improve get_user_pages_fast() error handling
/dev/mem: Revoke mappings when a driver claims the region
net: sunrpc: Fix off-by-one issues in 'rpc_ntop6'
NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION
of: Fix a refcounting bug in __of_attach_node_sysfs()
input: i8042 - Remove special PowerPC handling
powerpc/4xx: Don't unmap NULL mbase
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
vfio/mdev: Fix reference count leak in add_mdev_supported_type
rtc: rv3028: Add missed check for devm_regmap_init_i2c()
mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe()
rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID
openrisc: Fix issue with argument clobbering for clone/fork
drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection
ceph: don't return -ESTALE if there's still an open file
nfsd4: make drc_slab global, not per-net
gfs2: Allow lock_nolock mount to specify jid=X
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
scsi: ufs: Don't update urgent bkops level when toggling auto bkops
pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()'
nfsd: safer handling of corrupted c_type
drm/amd/display: Revalidate bandwidth before commiting DC updates
crypto: omap-sham - add proper load balancing support for multicore
geneve: change from tx_error to tx_dropped on missing metadata
lib/zlib: remove outdated and incorrect pre-increment optimization
include/linux/bitops.h: avoid clang shift-count-overflow warnings
selftests/vm/pkeys: fix alloc_random_pkey() to make it really random
blktrace: use errno instead of bi_status
blktrace: fix endianness in get_pdu_int()
blktrace: fix endianness for blk_log_remap()
gfs2: fix use-after-free on transaction ail lists
net: marvell: Fix OF_MDIO config check
ntb_perf: pass correct struct device to dma_alloc_coherent
ntb_tool: pass correct struct device to dma_alloc_coherent
NTB: ntb_tool: reading the link file should not end in a NULL byte
NTB: Revert the change to use the NTB device dev for DMA allocations
NTB: perf: Don't require one more memory window than number of peers
NTB: perf: Fix support for hardware that doesn't have port numbers
NTB: perf: Fix race condition when run with ntb_test
NTB: ntb_test: Fix bug when counting remote files
i2c: icy: Fix build with CONFIG_AMIGA_PCMCIA=n
drivers/perf: hisi: Fix wrong value for all counters enable
selftests/net: in timestamping, strncpy needs to preserve null byte
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
afs: Fix memory leak in afs_put_sysnames()
ASoC: core: only convert non DPCM link to DPCM link
ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet
ASoC: rt5645: Add platform-data for Asus T101HA
bpf/sockmap: Fix kernel panic at __tcp_bpf_recvmsg
bpf, sockhash: Synchronize delete from bucket list on map free
tracing/probe: Fix bpf_task_fd_query() for kprobes and uprobes
drm/sun4i: hdmi ddc clk: Fix size of m divider
libbpf: Handle GCC noreturn-turned-volatile quirk
scsi: acornscsi: Fix an error handling path in acornscsi_probe()
x86/idt: Keep spurious entries unset in system_vectors
net/filter: Permit reading NET in load_bytes_relative when MAC not set
nvme-pci: use simple suspend when a HMB is enabled
nfs: set invalid blocks after NFSv4 writes
xdp: Fix xsk_generic_xmit errno
iavf: fix speed reporting over virtchnl
bpf: Fix memlock accounting for sock_hash
usb/xhci-plat: Set PM runtime as active on resume
usb: host: ehci-platform: add a quirk to avoid stuck
usb/ehci-platform: Set PM runtime as active on resume
perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events()
perf stat: Fix NULL pointer dereference
ext4: stop overwrite the errcode in ext4_setup_super
bcache: fix potential deadlock problem in btree_gc_coalesce
powerpc: Fix kernel crash in show_instructions() w/DEBUG_VIRTUAL
afs: Fix non-setting of mtime when writing into mmap
afs: afs_write_end() should change i_size under the right lock
afs: Fix EOF corruption
afs: Always include dir in bulk status fetch from afs_do_lookup()
afs: Set error flag rather than return error from file status decode
afs: Fix the mapping of the UAEOVERFLOW abort code
bnxt_en: Return from timer if interface is not in open state.
scsi: ufs-bsg: Fix runtime PM imbalance on error
block: Fix use-after-free in blkdev_get()
mvpp2: remove module bugfix
arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
libata: Use per port sync for detach
drm: encoder_slave: fix refcouting error for modules
ext4: fix partial cluster initialization when splitting extent
ext4: avoid utf8_strncasecmp() with unstable name
drm/dp_mst: Reformat drm_dp_check_act_status() a bit
drm/qxl: Use correct notify port address when creating cursor ring
drm/amdgpu: Replace invalid device ID with a valid device ID
selinux: fix double free
jbd2: clean __jbd2_journal_abort_hard() and __journal_abort_soft()
ext4: avoid race conditions when remounting with options that change dax
drm/dp_mst: Increase ACT retry timeout to 3s
drm/amd/display: Use swap() where appropriate
x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld
block: nr_sects_write(): Disable preemption on seqcount write
net/mlx5: DR, Fix freeing in dr_create_rc_qp()
f2fs: split f2fs_d_compare() from f2fs_match_name()
f2fs: avoid utf8_strncasecmp() with unstable name
s390: fix syscall_get_error for compat processes
drm/i915: Fix AUX power domain toggling across TypeC mode resets
drm/msm: Check for powered down HW in the devfreq callbacks
drm/i915/gem: Avoid iterating an empty list
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser
drm/connector: notify userspace on hotplug after register complete
drm/amd/display: Use kvfree() to free coeff in build_regamma()
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
Revert "drm/amd/display: disable dcn20 abm feature for bring up"
crypto: algif_skcipher - Cap recv SG list at ctx->used
crypto: algboss - don't wait during notifier callback
tracing/probe: Fix memleak in fetch_op_data operations
kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex
kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
e1000e: Do not wake up the system via WOL if device wakeup is disabled
net: octeon: mgmt: Repair filling of RX ring
pwm: jz4740: Enhance precision in calculation of duty cycle
sched/rt, net: Use CONFIG_PREEMPTION.patch
net: core: device_rename: Use rwsem instead of a seqcount
Linux 5.4.49
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I93723d3c14b5de06aafb4e59a9e35a1d74389757
|
||
Tom Rix
|
ae3c09e346 |
selinux: fix double free
commit 65de50969a77509452ae590e9449b70a22b923bb upstream.
Clang's static analysis tool reports these double free memory errors.
security/selinux/ss/services.c:2987:4: warning: Attempt to free released memory [unix.Malloc]
kfree(bnames[i]);
^~~~~~~~~~~~~~~~
security/selinux/ss/services.c:2990:2: warning: Attempt to free released memory [unix.Malloc]
kfree(bvalues);
^~~~~~~~~~~~~~
So improve the security_get_bools error handling by freeing these variables
and setting their return pointers to NULL and the return len to 0
Cc: stable@vger.kernel.org
Signed-off-by: Tom Rix <trix@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
John Johansen
|
a78c65cb4b |
apparmor: fix nnp subset test for unconfined
[ Upstream commit 3ed4aaa94fc07db3cd0c91be95e3e1b9782a2710 ] The subset test is not taking into account the unconfined exception which will cause profile transitions in the stacked confinement case to fail when no_new_privs is applied. This fixes a regression introduced in the fix for https://bugs.launchpad.net/bugs/1839037 BugLink: https://bugs.launchpad.net/bugs/1844186 Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Mauricio Faria de Oliveira
|
039a79ef0b |
apparmor: check/put label on apparmor_sk_clone_security()
[ Upstream commit 3b646abc5bc6c0df649daea4c2c976bd4d47e4c8 ]
Currently apparmor_sk_clone_security() does not check for existing
label/peer in the 'new' struct sock; it just overwrites it, if any
(with another reference to the label of the source sock.)
static void apparmor_sk_clone_security(const struct sock *sk,
struct sock *newsk)
{
struct aa_sk_ctx *ctx = SK_CTX(sk);
struct aa_sk_ctx *new = SK_CTX(newsk);
new->label = aa_get_label(ctx->label);
new->peer = aa_get_label(ctx->peer);
}
This might leak label references, which might overflow under load.
Thus, check for and put labels, to prevent such errors.
Note this is similarly done on:
static int apparmor_socket_post_create(struct socket *sock, ...)
...
if (sock->sk) {
struct aa_sk_ctx *ctx = SK_CTX(sock->sk);
aa_put_label(ctx->label);
ctx->label = aa_get_label(label);
}
...
Context:
-------
The label reference count leak is observed if apparmor_sock_graft()
is called previously: this sets the 'ctx->label' field by getting
a reference to the current label (later overwritten, without put.)
static void apparmor_sock_graft(struct sock *sk, ...)
{
struct aa_sk_ctx *ctx = SK_CTX(sk);
if (!ctx->label)
ctx->label = aa_get_current_label();
}
And that is the case on crypto/af_alg.c:af_alg_accept():
int af_alg_accept(struct sock *sk, struct socket *newsock, ...)
...
struct sock *sk2;
...
sk2 = sk_alloc(...);
...
security_sock_graft(sk2, newsock);
security_sk_clone(sk, sk2);
...
Apparently both calls are done on their own right, especially for
other LSMs, being introduced in 2010/2014, before apparmor socket
mediation in 2017 (see commits [1,2,3,4]).
So, it looks OK there! Let's fix the reference leak in apparmor.
Test-case:
---------
Exercise that code path enough to overflow label reference count.
$ cat aa-refcnt-af_alg.c
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <linux/if_alg.h>
int main() {
int sockfd;
struct sockaddr_alg sa;
/* Setup the crypto API socket */
sockfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
if (sockfd < 0) {
perror("socket");
return 1;
}
memset(&sa, 0, sizeof(sa));
sa.salg_family = AF_ALG;
strcpy((char *) sa.salg_type, "rng");
strcpy((char *) sa.salg_name, "stdrng");
if (bind(sockfd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
perror("bind");
return 1;
}
/* Accept a "connection" and close it; repeat. */
while (!close(accept(sockfd, NULL, 0)));
return 0;
}
$ gcc -o aa-refcnt-af_alg aa-refcnt-af_alg.c
$ ./aa-refcnt-af_alg
<a few hours later>
[ 9928.475953] refcount_t overflow at apparmor_sk_clone_security+0x37/0x70 in aa-refcnt-af_alg[1322], uid/euid: 1000/1000
...
[ 9928.507443] RIP: 0010:apparmor_sk_clone_security+0x37/0x70
...
[ 9928.514286] security_sk_clone+0x33/0x50
[ 9928.514807] af_alg_accept+0x81/0x1c0 [af_alg]
[ 9928.516091] alg_accept+0x15/0x20 [af_alg]
[ 9928.516682] SYSC_accept4+0xff/0x210
[ 9928.519609] SyS_accept+0x10/0x20
[ 9928.520190] do_syscall_64+0x73/0x130
[ 9928.520808] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Note that other messages may be seen, not just overflow, depending on
the value being incremented by kref_get(); on another run:
[ 7273.182666] refcount_t: saturated; leaking memory.
...
[ 7273.185789] refcount_t: underflow; use-after-free.
Kprobes:
-------
Using kprobe events to monitor sk -> sk_security -> label -> count (kref):
Original v5.7 (one reference leak every iteration)
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd2
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd3
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd5
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd6
Patched v5.7 (zero reference leak per iteration)
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
Commits:
-------
[1] commit
|
||
|
John Johansen
|
88bc3e0603 |
apparmor: fix introspection of of task mode for unconfined tasks
[ Upstream commit dd2569fbb053719f7df7ef8fdbb45cf47156a701 ]
Fix two issues with introspecting the task mode.
1. If a task is attached to a unconfined profile that is not the
ns->unconfined profile then. Mode the mode is always reported
as -
$ ps -Z
LABEL PID TTY TIME CMD
unconfined 1287 pts/0 00:00:01 bash
test (-) 1892 pts/0 00:00:00 ps
instead of the correct value of (unconfined) as shown below
$ ps -Z
LABEL PID TTY TIME CMD
unconfined 2483 pts/0 00:00:01 bash
test (unconfined) 3591 pts/0 00:00:00 ps
2. if a task is confined by a stack of profiles that are unconfined
the output of label mode is again the incorrect value of (-) like
above, instead of (unconfined). This is because the visibile
profile count increment is skipped by the special casing of
unconfined.
Fixes:
|
||
|
Greg Kroah-Hartman
|
fa46997961 |
This is the 5.4.48 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7wXk8ACgkQONu9yGCS
aT5uyhAA1EoV9ROPRt8Vw1fzlDIrRA5X2T+FCGXskg2kKWehVHAvge4U76nZ16+i
aYcBX3lAmN7GGVw+/GiRHf9QpiwOUF5f3ZUQZ0KuLS1gcuaXx+VC1h5yyunx3tm1
CI01B2p+GQ3jABWopnhsujMVAeWjbD18NqY+a+xOzTn8CCyLAli+LiviWCR/apQp
p4r6++eevWo1yMDlJGNGoMYsFcxChWhtlnDQKWCsIDCN3I1cinGz8wopiv93WqRH
Sz3wb1YMuhXb10usNZcZFaSvDGf5XSaMxpRkyNSxN7CLv8LzbovXQOE+fFDGAYxd
lUCjRK0wFBMzRSeZ2iGYqqQf5xyYKb6hNmViGprdqwR2c3MBHN/Xs5aDLqJEgHkr
OXzZLyHUngRfp3GpagFGV6q06S6fgb9ca/7FuT4Hn8Z3tb5Xt7b/KlPcW3VymiSt
I37itASNA/Qs6Njl4tDd9GjwbcOAs+s/XabasU+pXscOkf3o8fYMy2krisy176D/
AXtRTLq4pc42I8c3tv5uCNz7Zje/qytKSPErNRBAedvOu5JX7ab6hgULPH4N7r0N
Di/LyKqYw+ZBa4AfzcsvlR3wJLWqni+aFj5yppSrNkH7kNzZGLmlw8xIo8v1CFYw
T86b13WmHPqvyFWQLpX5WCEYu0OCw5YCUyQXSsLZN5oC7gAwC7U=
=FSdI
-----END PGP SIGNATURE-----
Merge 5.4.48 into android-5.4-stable
Changes in 5.4.48
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
drm/amdgpu: fix and cleanup amdgpu_gem_object_close v4
ath10k: Fix the race condition in firmware dump work queue
drm: bridge: adv7511: Extend list of audio sample rates
media: staging: imgu: do not hold spinlock during freeing mmu page table
media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: vicodec: Fix error codes in probe function
media: si2157: Better check for running tuner in init
objtool: Ignore empty alternatives
spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices
drm/amdgpu: Init data to avoid oops while reading pp_num_states.
arm64/kernel: Fix range on invalidating dcache for boot page tables
libbpf: Fix memory leak and possible double-free in hashmap__clear
spi: pxa2xx: Apply CS clk quirk to BXT
x86,smap: Fix smap_{save,restore}() alternatives
sched/fair: Refill bandwidth before scaling
net: atlantic: make hw_get_regs optional
net: ena: fix error returning in ena_com_get_hash_function()
efi/libstub/x86: Work around LLVM ELF quirk build regression
ath10k: remove the max_sched_scan_reqs value
arm64: cacheflush: Fix KGDB trap detection
media: staging: ipu3: Fix stale list entries on parameter queue failure
rtw88: fix an issue about leak system resources
spi: dw: Zero DMA Tx and Rx configurations on stack
ACPICA: Dispatcher: add status checks
block: alloc map and request for new hardware queue
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
block: reset mapping if failed to update hardware queue count
drm: rcar-du: Set primary plane zpos immutably at initializing
lockdown: Allow unprivileged users to see lockdown status
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
platform/x86: dell-laptop: don't register micmute LED if there is no token
MIPS: Loongson: Build ATI Radeon GPU driver as module
Bluetooth: Add SCO fallback for invalid LMP parameters error
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
kgdb: Prevent infinite recursive entries to the debugger
pmu/smmuv3: Clear IRQ affinity hint on device removal
ACPI/IORT: Fix PMCG node single ID mapping handling
mips: Fix cpu_has_mips64r1/2 activation for MIPS32 CPUs
spi: dw: Enable interrupts in accordance with DMA xfer mode
clocksource: dw_apb_timer: Make CPU-affiliation being optional
clocksource: dw_apb_timer_of: Fix missing clockevent timers
media: dvbdev: Fix tuner->demod media controller link
btrfs: account for trans_block_rsv in may_commit_transaction
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
ice: Fix memory leak
ice: Fix for memory leaks and modify ICE_FREE_CQ_BUFS
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()
spi: dw: Fix Rx-only DMA transfers
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
x86: fix vmap arguments in map_irq_stack
staging: android: ion: use vmap instead of vm_map_ram
ath10k: fix kernel null pointer dereference
media: staging/intel-ipu3: Implement lock for stream on/off operations
spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource
brcmfmac: fix wrong location to get firmware feature
regulator: qcom-rpmh: Fix typos in pm8150 and pm8150l
tools api fs: Make xxx__mountpoint() more scalable
e1000: Distribute switch variables for initialization
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
drm/mediatek: set dpi pin mode to gpio low to avoid leakage current
audit: fix a net reference leak in audit_send_reply()
media: dvb: return -EREMOTEIO on i2c transfer failure.
media: platform: fcp: Set appropriate DMA parameters
MIPS: Make sparse_init() using top-down allocation
ath10k: add flush tx packets for SDIO chip
Bluetooth: btbcm: Add 2 missing models to subver tables
audit: fix a net reference leak in audit_list_rules_send()
Drivers: hv: vmbus: Always handle the VMBus messages on CPU0
dpaa2-eth: fix return codes used in ndo_setup_tc
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
selftests/bpf: Fix memory leak in extract_build_id()
net: bcmgenet: set Rx mode before starting netif
net: bcmgenet: Fix WoL with password after deep sleep
lib/mpi: Fix 64-bit MIPS build with Clang
exit: Move preemption fixup up, move blocking operations down
sched/core: Fix illegal RCU from offline CPUs
drivers/perf: hisi: Fix typo in events attribute array
iocost_monitor: drop string wrap around numbers when outputting json
net: lpc-enet: fix error return code in lpc_mii_init()
selinux: fix error return code in policydb_read()
drivers: net: davinci_mdio: fix potential NULL dereference in davinci_mdio_probe()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
net: allwinner: Fix use correct return type for ndo_start_xmit()
powerpc/spufs: fix copy_to_user while atomic
libertas_tf: avoid a null dereference in pointer priv
xfs: clean up the error handling in xfs_swap_extents
Crypto/chcr: fix for ccm(aes) failed test
MIPS: Truncate link address into 32bit for 32bit kernel
mips: cm: Fix an invalid error code of INTVN_*_ERR
kgdb: Fix spurious true from in_dbg_master()
xfs: reset buffer write failure state on successful completion
xfs: fix duplicate verification from xfs_qm_dqflush()
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
iwlwifi: avoid debug max amsdu config overwriting itself
nvme: refine the Qemu Identify CNS quirk
nvme-pci: align io queue count with allocted nvme_queue in nvme_probe
nvme-tcp: use bh_lock in data_ready
ath10k: Remove msdu from idr when management pkt send fails
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
drm/mcde: dsi: Fix return value check in mcde_dsi_bind()
mt76: avoid rx reorder buffer overflow
md: don't flush workqueue unconditionally in md_open
raid5: remove gfp flags from scribble_alloc()
iocost: don't let vrate run wild while there's no saturation signal
veth: Adjust hard_start offset on redirect XDP frames
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
mwifiex: Fix memory corruption in dump_station
kgdboc: Use a platform device to handle tty drivers showing up late
x86/boot: Correct relocation destination on old linkers
sched: Defend cfs and rt bandwidth quota against overflow
mips: MAAR: Use more precise address mask
mips: Add udelay lpj numbers adjustment
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix multi-instance
drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven
drm/amdgpu: Sync with VM root BO when switching VM to CPU update mode
selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o
x86/mm: Stop printing BRK addresses
MIPS: tools: Fix resource leak in elf-entry.c
m68k: mac: Don't call via_flush_cache() on Mac IIfx
btrfs: improve global reserve stealing logic
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
macvlan: Skip loopback packets in RX handler
PCI: Don't disable decoding when mmio_always_on is set
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
bcache: fix refcount underflow in bcache_device_free()
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
ice: fix potential double free in probe unrolling
ixgbe: fix signed-integer-overflow warning
iwlwifi: mvm: fix aux station leak
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
spi: dw: Return any value retrieved from the dma_transfer callback
cpuidle: Fix three reference count leaks
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
platform/x86: asus_wmi: Reserve more space for struct bias_args
libbpf: Fix perf_buffer__free() API for sparse allocs
bpf: Fix map permissions check
bpf: Refactor sockmap redirect code so its easy to reuse
bpf: Fix running sk_skb program types with ktls
selftests/bpf, flow_dissector: Close TAP device FD after the test
kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
btrfs: free alien device after device add
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: send: emit file capabilities after chown
btrfs: force chunk allocation if our global rsv is larger than metadata
btrfs: fix error handling when submitting direct I/O bio
btrfs: fix wrong file range cleanup after an error filling dealloc range
btrfs: fix space_info bytes_may_use underflow after nocow buffered write
btrfs: fix space_info bytes_may_use underflow during space cache writeout
powerpc/mm: Fix conditions to perform MMU specific management by blocks on PPC32.
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
mm: initialize deferred pages with interrupts enabled
mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init
mm: call cond_resched() from deferred_init_memmap()
ima: Fix ima digest hash table key calculation
ima: Switch to ima_hash_algo for boot aggregate
ima: Evaluate error in init_ima()
ima: Directly assign the ima_default_policy pointer to ima_rules
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
ima: Remove __init annotation from ima_pcrread()
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
ext4: fix error pointer dereference
ext4: fix race between ext4_sync_parent() and rename()
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: vmd: Add device id for VMD device 8086:9A0B
x86/amd_nb: Add Family 19h PCI IDs
PCI: Add Loongson vendor ID
serial: 8250_pci: Move Pericom IDs to pci_ids.h
x86/amd_nb: Add AMD family 17h model 60h PCI IDs
ima: Remove redundant policy rule set in add_rules()
ima: Set again build_ima_appraise variable
PCI: Program MPS for RCiEP devices
e1000e: Disable TSO for buffer overrun workaround
e1000e: Relax condition to trigger reset for ME workaround
carl9170: remove P2P_GO support
media: go7007: fix a miss of snd_card_free
media: cedrus: Program output format during each run
serial: 8250: Avoid error message on reprobe
Bluetooth: hci_bcm: fix freeing not-requested IRQ
b43legacy: Fix case where channel status is corrupted
b43: Fix connection problem with WPA3
b43_legacy: Fix connection problem with WPA3
media: ov5640: fix use of destroyed mutex
clk: mediatek: assign the initial value to clk_init_data of mtk_mux
igb: Report speed and duplex as unknown when device is runtime suspended
hwmon: (k10temp) Add AMD family 17h model 60h PCI match
EDAC/amd64: Add AMD family 17h model 60h PCI IDs
power: vexpress: add suppress_bind_attrs to true
power: supply: core: fix HWMON temperature labels
power: supply: core: fix memory leak in HWMON error path
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
gnss: sirf: fix error return code in sirf_probe()
sparc32: fix register window handling in genregs32_[gs]et()
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
dm crypt: avoid truncating the logical block size
alpha: fix memory barriers so that they conform to the specification
powerpc/fadump: use static allocation for reserved memory ranges
powerpc/fadump: consider reserved ranges while reserving memory
powerpc/fadump: Account for memory_limit while reserving memory
kernel/cpu_pm: Fix uninitted local in cpu_pm
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
soc/tegra: pmc: Select GENERIC_PINCONF
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
drivers/macintosh: Fix memleak in windfarm_pm112 driver
powerpc/32s: Fix another build failure with CONFIG_PPC_KUAP_DEBUG
powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END
powerpc/kasan: Fix shadow pages allocation failure
powerpc/32: Disable KASAN with pages bigger than 16k
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
sunrpc: clean up properly in gss_mech_unregister()
mtd: rawnand: Fix nand_gpio_waitrdy()
mtd: rawnand: onfi: Fix redundancy detection check
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: ingenic: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: sunxi: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: pasemi: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: tmio: Fix the probe error path
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
f2fs: fix checkpoint=disable:%u%%
perf probe: Do not show the skipped events
perf probe: Fix to check blacklist address correctly
perf probe: Check address correctness by map instead of _etext
perf symbols: Fix debuginfo search for Ubuntu
perf symbols: Fix kernel maps for kcore and eBPF
Linux 5.4.48
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9954fb3f08956419e8586bcb9078e604df207fb9
|
||
Krzysztof Struczynski
|
e131e70e21 |
ima: Set again build_ima_appraise variable
[ Upstream commit b59fda449cf07f2db3be3a67142e6c000f5e8d79 ] After adding the new add_rule() function in commit |
||
|
Krzysztof Struczynski
|
2600136eae |
ima: Remove redundant policy rule set in add_rules()
[ Upstream commit 6ee28442a465ab4c4be45e3b15015af24b1ba906 ] Function ima_appraise_flag() returns the flag to be set in temp_ima_appraise depending on the hook identifier passed as an argument. It is not necessary to set the flag again for the POLICY_CHECK hook. Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Roberto Sassu
|
6de50456fe |
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
commit 0c4395fb2aa77341269ea619c5419ea48171883f upstream.
Don't immediately return if the signature is portable and security.ima is
not present. Just set error so that memory allocated is freed before
returning from evm_calc_hmac_or_hash().
Fixes:
|
||
|
Roberto Sassu
|
ce7f038f85 |
ima: Remove __init annotation from ima_pcrread()
commit 8b8c704d913b0fe490af370631a4200e26334ec0 upstream.
Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
the digest can be recalculated for the boot_aggregate measurement entry if
the 'd' template field has been requested. For the 'd' field, only SHA1 and
MD5 digests are accepted.
Given that ima_eventdigest_init() does not have the __init annotation, all
functions called should not have it. This patch removes __init from
ima_pcrread().
Cc: stable@vger.kernel.org
Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Roberto Sassu
|
f387759c2d |
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
commit 6cc7c266e5b47d3cd2b5bb7fd3aac4e6bb2dd1d2 upstream.
If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.
This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.
Cc: stable@vger.kernel.org # 3.13.x
Fixes:
|
||
|
Roberto Sassu
|
64712383a1 |
ima: Directly assign the ima_default_policy pointer to ima_rules
commit 067a436b1b0aafa593344fddd711a755a58afb3b upstream.
This patch prevents the following oops:
[ 10.771813] BUG: kernel NULL pointer dereference, address: 0000000000000
[...]
[ 10.779790] RIP: 0010:ima_match_policy+0xf7/0xb80
[...]
[ 10.798576] Call Trace:
[ 10.798993] ? ima_lsm_policy_change+0x2b0/0x2b0
[ 10.799753] ? inode_init_owner+0x1a0/0x1a0
[ 10.800484] ? _raw_spin_lock+0x7a/0xd0
[ 10.801592] ima_must_appraise.part.0+0xb6/0xf0
[ 10.802313] ? ima_fix_xattr.isra.0+0xd0/0xd0
[ 10.803167] ima_must_appraise+0x4f/0x70
[ 10.804004] ima_post_path_mknod+0x2e/0x80
[ 10.804800] do_mknodat+0x396/0x3c0
It occurs when there is a failure during IMA initialization, and
ima_init_policy() is not called. IMA hooks still call ima_match_policy()
but ima_rules is NULL. This patch prevents the crash by directly assigning
the ima_default_policy pointer to ima_rules when ima_rules is defined. This
wouldn't alter the existing behavior, as ima_rules is always set at the end
of ima_init_policy().
Cc: stable@vger.kernel.org # 3.7.x
Fixes:
|
||
|
Roberto Sassu
|
4ce29d9b19 |
ima: Evaluate error in init_ima()
commit e144d6b265415ddbdc54b3f17f4f95133effa5a8 upstream.
Evaluate error in init_ima() before register_blocking_lsm_notifier() and
return if not zero.
Cc: stable@vger.kernel.org # 5.3.x
Fixes:
|
||
|
Roberto Sassu
|
5f7272bd22 |
ima: Switch to ima_hash_algo for boot aggregate
commit 6f1a1d103b48b1533a9c804e7a069e2c8e937ce7 upstream.
boot_aggregate is the first entry of IMA measurement list. Its purpose is
to link pre-boot measurements to IMA measurements. As IMA was designed to
work with a TPM 1.2, the SHA1 PCR bank was always selected even if a
TPM 2.0 with support for stronger hash algorithms is available.
This patch first tries to find a PCR bank with the IMA default hash
algorithm. If it does not find it, it selects the SHA256 PCR bank for
TPM 2.0 and SHA1 for TPM 1.2. Ultimately, it selects SHA1 also for TPM 2.0
if the SHA256 PCR bank is not found.
If none of the PCR banks above can be found, boot_aggregate file digest is
filled with zeros, as for TPM bypass, making it impossible to perform a
remote attestation of the system.
Cc: stable@vger.kernel.org # 5.1.x
Fixes:
|
||
|
Krzysztof Struczynski
|
0698eacdfc |
ima: Fix ima digest hash table key calculation
commit 1129d31b55d509f15e72dc68e4b5c3a4d7b4da8d upstream.
Function hash_long() accepts unsigned long, while currently only one byte
is passed from ima_hash_key(), which calculates a key for ima_htable.
Given that hashing the digest does not give clear benefits compared to
using the digest itself, remove hash_long() and return the modulus
calculated on the first two bytes of the digest with the number of slots.
Also reduce the depth of the hash table by doubling the number of slots.
Cc: stable@vger.kernel.org
Fixes:
|
||
Wei Yongjun
|
b2083327ea |
selinux: fix error return code in policydb_read()
[ Upstream commit 4c09f8b6913a779ca0c70ea8058bf21537eebb3b ]
Fix to return negative error code -ENOMEM from the kvcalloc() error
handling case instead of 0, as done elsewhere in this function.
Fixes:
|
||
Jeremy Cline
|
6eec65c9e2 |
lockdown: Allow unprivileged users to see lockdown status
[ Upstream commit 60cf7c5ed5f7087c4de87a7676b8c82d96fd166c ]
A number of userspace tools, such as systemtap, need a way to see the
current lockdown state so they can gracefully deal with the kernel being
locked down. The state is already exposed in
/sys/kernel/security/lockdown, but is only readable by root. Adjust the
permissions so unprivileged users can read the state.
Fixes:
|
||
|
Greg Kroah-Hartman
|
eaaa29ec5a |
This is the 5.4.47 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7qK2gACgkQONu9yGCS aT4kaw/8Cknc9G64S1SWchxFj4LnSYzrpeFGXOZBlHBtcCyD12JNGjA6SG6DoGLY /s/1fjBwJWrWpkI36CGNZowNPYtzRMOhyBGj7QHTpEj0vjMTKYXhVieMquQSHwRP zcrYl8f/xWJKo6XNjR1YLh5PWeD6B9dWD1RcvBZ0jCez84jyVT1EyWMWGiodkLMx gmJITO2DBaekelU0yyZJIFePO5DJpcXspf5lrPgkPG9u/U4hZf94AAGMYbXJZ5Rn BDcqGEGQe+mtcG6lq6DGRDH5VVMG4k13MrZJBfrVAhkGU+g6nKQbOXCcdcRjoM6N 9NL8RbcpL0NhphNmrKwjNcYd4kZxYgTQb87FZi+qDxwGQIWIxcET6gL5t/vqAev1 v/uKFLlt5x/2tNtpC8aY8EwdyGcXfeBXEl9AjP7HUWC/KzB8I9vLnokcMvOMYDIg 3wNIsKMYLcLzuLL8oJ7FvDkBO+H/RjSvF4UvQyLOPOJtWSV5uKbLfKIU9sw90G3i t8qo3lNC/J4saJ+jx+O7XoHjFw6biJFATvs0+HtpCkwi0aJm2SGW+OvXuZCGZPnz TW2YsGFCCwL/RPtceJVkGfV3kr7SUB5AGXjueXdC+4QWfmi3POWojjgheQrleS+3 OLxRsUVbQ6hOqEgLAaV6HhzvykkTjDj2Gq8P3I+1Y/eiRHjlpdU= =WYnW -----END PGP SIGNATURE----- Merge 5.4.47 into android-5.4-stable Changes in 5.4.47 ipv6: fix IPV6_ADDRFORM operation logic mlxsw: core: Use different get_trend() callbacks for different thermal zones net_failover: fixed rollback in net_failover_open() tun: correct header offsets in napi frags mode bridge: Avoid infinite loop when suppressing NS messages with invalid options vxlan: Avoid infinite loop when suppressing NS messages with invalid options bpf: Support llvm-objcopy for vmlinux BTF elfnote: mark all .note sections SHF_ALLOC Input: mms114 - fix handling of mms345l ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook sched/fair: Don't NUMA balance for kthreads Input: synaptics - add a second working PNP_ID for Lenovo T470s csky: Fixup abiv2 syscall_trace break a4 & a5 gfs2: Even more gfs2_find_jhead fixes drivers/net/ibmvnic: Update VNIC protocol version reporting powerpc/xive: Clear the page tables for the ESB IO mapping spi: dw: Fix native CS being unset ath9k_htc: Silence undersized packet warnings smack: avoid unused 'sip' variable warning RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated padata: add separate cpuhp node for CPUHP_PADATA_DEAD s390/pci: Log new handle in clp_disable_fh() x86/cpu/amd: Make erratum #1054 a legacy erratum KVM: x86: only do L1TF workaround on affected processors PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay perf probe: Accept the instance number of kretprobe event mm: add kvfree_sensitive() for freeing sensitive data objects selftests: fix flower parent qdisc fanotify: fix ignore mask logic for events on child and on dir aio: fix async fsync creds ipv4: fix a RCU-list lock in fib_triestat_seq_show iwlwifi: mvm: fix NVM check for 3168 devices sctp: fix possibly using a bad saddr with a given dst sctp: fix refcount bug in sctp_wfree x86_64: Fix jiffies ODR violation x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs x86/speculation: Prevent rogue cross-process SSBD shutdown x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. x86/reboot/quirks: Add MacBook6,1 reboot quirk perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel Tremont KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated KVM: x86: respect singlestep when emulating instruction KVM: x86: Fix APIC page invalidation race powerpc/ptdump: Properly handle non standard page size ASoC: max9867: fix volume controls io_uring: use kvfree() in io_sqe_buffer_register() efi/efivars: Add missing kobject_put() in sysfs entry creation error path smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl watchdog: imx_sc_wdt: Fix reboot on crash ALSA: es1688: Add the missed snd_card_free() ALSA: fireface: fix configuration error for nominal sampling transfer frequency ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines ALSA: pcm: disallow linking stream to itself ALSA: pcm: fix snd_pcm_link() lockdep splat ALSA: usb-audio: Fix inconsistent card PM state after resume ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() ACPI: GED: add support for _Exx / _Lxx handler methods ACPI: PM: Avoid using power resources if there are none for D0 arm64: acpi: fix UBSAN warning lib/lzo: fix ambiguous encoding bug in lzo-rle nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() spi: dw: Fix controller unregister order spi: Fix controller unregister order spi: pxa2xx: Fix controller unregister order spi: pxa2xx: Fix runtime PM ref imbalance on probe error spi: bcm2835: Fix controller unregister order spi: bcm2835aux: Fix controller unregister order spi: bcm-qspi: Handle clock probe deferral spi: bcm-qspi: when tx/rx buffer is NULL set to 0 PM: runtime: clk: Fix clk_pm_runtime_get() error path gup: document and work around "COW can break either way" issue crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated crypto: algapi - Avoid spurious modprobe on LOADED crypto: drbg - fix error return code in drbg_alloc_state() x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned firmware: imx: warn on unexpected RX firmware: imx-scu: Support one TX and one RX firmware: imx: scu: Fix corruption of header crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() dccp: Fix possible memleak in dccp_init and dccp_fini selftests/net: in rxtimestamp getopt_long needs terminating null entry net/mlx5: drain health workqueue in case of driver load error net/mlx5: Fix fatal error handling during device load net/mlx5e: Fix repeated XSK usage on one channel ovl: initialize error in ovl_copy_xattr proc: Use new_inode not new_inode_pseudo remoteproc: Fall back to using parent memory pool if no dedicated available remoteproc: Fix and restore the parenting hierarchy for vdev cpufreq: Fix up cpufreq_boost_set_sw() EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable video: vt8500lcdfb: fix fallthrough warning video: fbdev: w100fb: Fix a potential double free. KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 KVM: nSVM: fix condition for filtering async PF KVM: nSVM: leave ASID aside in copy_vmcb_control_area KVM: nVMX: Consult only the "basic" exit reason when routing nested exit KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data) KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits KVM: arm64: Stop writing aarch32's CSSELR into ACTLR KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts scsi: megaraid_sas: TM command refire leads to controller firmware crash scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type selftests/ftrace: Return unsupported if no error_log file ath9k: Fix use-after-free Read in htc_connect_service ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx ath9k: Fix use-after-free Write in ath9k_htc_rx_msg ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb Smack: slab-out-of-bounds in vsscanf drm/vkms: Hold gem object while still in-use mm/slub: fix a memory leak in sysfs_slab_add() fat: don't allow to mount if the FAT length == 0 perf: Add cond_resched() to task_function_call() agp/intel: Reinforce the barrier after GTT updates mmc: sdhci-msm: Clear tuning done flag while hs400 tuning mmc: mmci_sdmmc: fix DMA API warning overlapping mappings mmc: tmio: Further fixup runtime PM management at remove mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe() ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card() block/floppy: fix contended case in floppy_queue_rq() xen/pvcalls-back: test for errors when calling backend_connect() KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception KVM: arm64: Save the host's PtrAuth keys in non-preemptible context Linux 5.4.47 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3fb3216abdbc080b4ac7b827b35ff6a813e28eb8 |
||
Casey Schaufler
|
9c09a772ac |
Smack: slab-out-of-bounds in vsscanf
commit 84e99e58e8d1e26f04c097f4266e431a33987f36 upstream. Add barrier to soob. Return -EOVERFLOW if the buffer is exceeded. Suggested-by: Hillf Danton <hdanton@sina.com> Reported-by: syzbot+bfdd4a2f07be52351350@syzkaller.appspotmail.com Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Waiman Long
|
0b11ec4ae5 |
mm: add kvfree_sensitive() for freeing sensitive data objects
[ Upstream commit d4eaa2837851db2bfed572898bfc17f9a9f9151e ]
For kvmalloc'ed data object that contains sensitive information like
cryptographic keys, we need to make sure that the buffer is always cleared
before freeing it. Using memset() alone for buffer clearing may not
provide certainty as the compiler may compile it away. To be sure, the
special memzero_explicit() has to be used.
This patch introduces a new kvfree_sensitive() for freeing those sensitive
data objects allocated by kvmalloc(). The relevant places where
kvfree_sensitive() can be used are modified to use it.
Fixes: 4f0882491a14 ("KEYS: Avoid false positive ENOMEM error on key read")
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Acked-by: David Howells <dhowells@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Joe Perches <joe@perches.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Uladzislau Rezki <urezki@gmail.com>
Link: http://lkml.kernel.org/r/20200407200318.11711-1-longman@redhat.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Arnd Bergmann
|
3f14df580a |
smack: avoid unused 'sip' variable warning
[ Upstream commit 00720f0e7f288d29681d265c23b22bb0f0f4e5b4 ]
The mix of IS_ENABLED() and #ifdef checks has left a combination
that causes a warning about an unused variable:
security/smack/smack_lsm.c: In function 'smack_socket_connect':
security/smack/smack_lsm.c:2838:24: error: unused variable 'sip' [-Werror=unused-variable]
2838 | struct sockaddr_in6 *sip = (struct sockaddr_in6 *)sap;
Change the code to use C-style checks consistently so the compiler
can handle it correctly.
Fixes: 87fbfffcc89b ("broken ping to ipv6 linklocal addresses on debian buster")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Preeti Nagar
|
55c09c9b96 |
RTIC: Move selinux_state to a separate 4k
We need to relocate selinux_state to a separate 4k page to enable EL2 Hypervisor to monitor changes to this variable using ARM stage 2 MMU. We will avoid getting page faults from un-related data as the MMU granularity is configured to 4k. Change-Id: I7d0e5c9eae0a2a65ca9db73e85283e164e20c11c Signed-off-by: Preeti Nagar <pnagar@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
a9a13eeea9 |
This is the 5.4.45 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7czYMACgkQONu9yGCS aT4YHA//cHSv58LPIlq8k2VYd0PG7qqg5SCU42AAQRPJWG19DavGynEkLUI35eqZ bSqrciaQkkzeoPwawzVGKy1KOaKVnNAr5f9wsFK8XB86PlreRfQfvrR2MniRY33H 5OTfw1127UIWJYuhCB6+PTXNHGNa6VaeGwDjVVczY+Ggsh2fyokxC5kb/FUsjuCN IlK41/dmiDDcP33RSQ82PMjDkEmJZsGhibaliivgV6rDvZeWW8PYnLTP+c24wIeK 6E2+XlP807FljjBPaCgKuTHx9LRDhj9CnUUuuo1LRGDtGNlW1deZ+PFXFJJ3gY0G Ja8RzZUgS6aVsBCbloIOEOwuLzeuZQTvnm5OKxPomOwE+7UIJ4e0xihzrTqji+zv yWfNwA2cErjHWZ3krL+muxbAO7CSatE4OEmn8OPbqOvp9F78r6l8mngHnWNMWkkW gGki69hQ+L/HgcIUOSnErfo+jBGhhsm2RPubl0sb8N4n9eS9TJx5NNlmsCL+uC4c 4wndNES/rPoi80vsIMB1h2PDkkWpjUZx/M6jZ1NuAlTOXgSsa0ZSz3Jvapi7cg2U weFKwAN4l/vHs9sOHASefrtj3mcZwcTJV9a9x0qmaIHpmqSICoptB5H9BTJ/c7sm U4JZ03yQSwkPhxtfDYbngMePcLyYIizGLq+3PbGPOiM1EqLEY8M= =mtHa -----END PGP SIGNATURE----- Merge 5.4.45 into android-5.4-stable Changes in 5.4.45 Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" mm: Fix mremap not considering huge pmd devmap HID: sony: Fix for broken buttons on DS3 USB dongles HID: multitouch: enable multi-input as a quirk for some devices HID: i2c-hid: add Schneider SCL142ALM to descriptor override p54usb: add AirVasT USB stick device-id mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter kernel/relay.c: handle alloc_percpu returning NULL in relay_open mmc: fix compilation of user API media: Revert "staging: imgu: Address a compiler warning on alignment" media: staging: ipu3-imgu: Move alignment attribute to field scsi: ufs: Release clock if DMA map fails net: dsa: mt7530: set CPU port to fallback mode airo: Fix read overflows sending packets drm/i915: fix port checks for MST support on gen >= 11 scsi: hisi_sas: Check sas_port before using it powerpc/powernv: Avoid re-registration of imc debugfs directory powerpc/xmon: Restrict when kernel is locked down spi: dw: use "smp_mb()" to avoid sending spi data error ASoC: intel - fix the card names s390/ftrace: save traced function caller RDMA/qedr: Fix qpids xarray api used RDMA/qedr: Fix synchronization methods and memory leaks in qedr ARC: Fix ICCM & DCCM runtime size checks ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT evm: Fix RCU list related warnings scsi: pm: Balance pm_only counter of request queue during system resume i2c: altera: Fix race between xfer_msg and isr thread io_uring: initialize ctx->sqo_wait earlier x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables net: bmac: Fix read of MAC address from ROM drm/edid: Add Oculus Rift S to non-desktop list s390/mm: fix set_huge_pte_at() for empty ptes null_blk: return error for invalid zone size net/ethernet/freescale: rework quiesce/activate for ucc_geth net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer net: smsc911x: Fix runtime PM imbalance on error Linux 5.4.45 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I31d3b6ccd9963bd8eb6aad70b2015cead1ec49e3 |
||
Madhuparna Bhowmik
|
1610cd913f |
evm: Fix RCU list related warnings
[ Upstream commit 770f60586d2af0590be263f55fd079226313922c ] This patch fixes the following warning and few other instances of traversal of evm_config_xattrnames list: [ 32.848432] ============================= [ 32.848707] WARNING: suspicious RCU usage [ 32.848966] 5.7.0-rc1-00006-ga8d5875ce5f0b #1 Not tainted [ 32.849308] ----------------------------- [ 32.849567] security/integrity/evm/evm_main.c:231 RCU-list traversed in non-reader section!! Since entries are only added to the list and never deleted, use list_for_each_entry_lockless() instead of list_for_each_entry_rcu for traversing the list. Also, add a relevant comment in evm_secfs.c to indicate this fact. Reported-by: kernel test robot <lkp@intel.com> Suggested-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com> Acked-by: Paul E. McKenney <paulmck@kernel.org> (RCU viewpoint) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Christopher M. Riedl
|
99c63ba21d |
powerpc/xmon: Restrict when kernel is locked down
[ Upstream commit 69393cb03ccdf29f3b452d3482ef918469d1c098 ]
Xmon should be either fully or partially disabled depending on the
kernel lockdown state.
Put xmon into read-only mode for lockdown=integrity and prevent user
entry into xmon when lockdown=confidentiality. Xmon checks the lockdown
state on every attempted entry:
(1) during early xmon'ing
(2) when triggered via sysrq
(3) when toggled via debugfs
(4) when triggered via a previously enabled breakpoint
The following lockdown state transitions are handled:
(1) lockdown=none -> lockdown=integrity
set xmon read-only mode
(2) lockdown=none -> lockdown=confidentiality
clear all breakpoints, set xmon read-only mode,
prevent user re-entry into xmon
(3) lockdown=integrity -> lockdown=confidentiality
clear all breakpoints, set xmon read-only mode,
prevent user re-entry into xmon
Suggested-by: Andrew Donnellan <ajd@linux.ibm.com>
Signed-off-by: Christopher M. Riedl <cmr@informatik.wtf>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20190907061124.1947-3-cmr@informatik.wtf
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
f520ca124c |
This is the 5.4.44 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7XQXMACgkQONu9yGCS aT4OHw//YYuI/61rkff6/3qAE4gDwTZolVywu5HHzT5W7t7qeHPzJin2u04RBiS8 4S8Mut0RUSK/0IyB0B3S342ntia1v41Q04veWm0K90iAScScjjUapLDXC/P3StA0 iitGKJ8QFDS49+PFKFYkyXEsv6HYlDbtTmS0yxVoooSr+uqeR7m6rS1jsDsfUTaR T4tvfX8VPHkgfkfkOKCUq8/rM3uDW3lSk3JflIbPwRBQo9KvNPnfBetU9p//dCHG CB1K9K3sB6xLkKe7Ut7PlwoTq/Lc8qOma535xy3A8Iv6fVq4+hPE2jsB93WGI270 WoEZbHpon7W6g/bU+C+CGfov2zBtz1dKHfWNcK5+dEkEQjjzKvvigfUvaKjyUUKB Vo5rQ3GZQ4JsMkHEJaLOlp3/SkdRd6RV/E0YErBISNeswzqsOgTrX8mz6wfQInwd Ww7V9LKdwSD6h2DuzutUbEm1X8i8glXammWEOUuh6zzQ3+WS57R1L+Nkr/6WxpgN w2g7F0+5enUbE1kIdq5OCzY1D0gBpT1o5YlrZgdL2GF5lU1b/lhsGhV6P83fl2Mf rTGFtg5M1pNgjbUkSH3VHHof35PM9vQZ6lrYbKMCjwymVY+BcR6nsCadfLqjMGnW NCYeiAmoIVCJX7q0hONww+TevZ3T+SLUjQ2os3WzooPC51MPOAQ= =5p6V -----END PGP SIGNATURE----- Merge 5.4.44 into android-5.4-stable Changes in 5.4.44 ax25: fix setsockopt(SO_BINDTODEVICE) dpaa_eth: fix usage as DSA master, try 3 net: don't return invalid table id error when we fall back to PF_UNSPEC net: dsa: mt7530: fix roaming from DSA user ports net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend __netif_receive_skb_core: pass skb by reference net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* net: ipip: fix wrong address family in init error path net/mlx5: Add command entry handling completion net: mvpp2: fix RX hashing for non-10G ports net: nlmsg_cancel() if put fails for nhmsg net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" net sched: fix reporting the first-time use timestamp net/tls: fix race condition causing kernel panic nexthop: Fix attribute checking for groups r8152: support additional Microsoft Surface Ethernet Adapter variant sctp: Don't add the shutdown timer if its already been added sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed tipc: block BH before using dst_cache net/mlx5e: kTLS, Destroy key object after destroying the TIS net/mlx5e: Fix inner tirs handling net/mlx5: Fix memory leak in mlx5_events_init net/mlx5e: Update netdev txq on completions during closure net/mlx5: Fix error flow in case of function_setup failure net/mlx5: Annotate mutex destroy for root ns net/tls: fix encryption error checking net/tls: free record only on encryption error net: sun: fix missing release regions in cas_init_one(). net/mlx4_core: fix a memory leak bug. mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload fails ARM: dts: rockchip: fix phy nodename for rk3228-evb ARM: dts: rockchip: fix phy nodename for rk3229-xms6 arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node ARM: dts: rockchip: swap clock-names of gpu nodes ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi gpio: tegra: mask GPIO IRQs during IRQ shutdown ALSA: usb-audio: add mapping for ASRock TRX40 Creator net: microchip: encx24j600: add missed kthread_stop gfs2: move privileged user check to gfs2_quota_lock_check gfs2: Grab glock reference sooner in gfs2_add_revoke drm/amdgpu: drop unnecessary cancel_delayed_work_sync on PG ungate drm/amd/powerplay: perform PG ungate prior to CG ungate drm/amdgpu: Use GEM obj reference for KFD BOs cachefiles: Fix race between read_waiter and read_copier involving op->to_do usb: dwc3: pci: Enable extcon driver for Intel Merrifield usb: phy: twl6030-usb: Fix a resource leak in an error handling path in 'twl6030_usb_probe()' usb: gadget: legacy: fix redundant initialization warnings net: freescale: select CONFIG_FIXED_PHY where needed IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() riscv: stacktrace: Fix undefined reference to `walk_stackframe' clk: ti: am33xx: fix RTC clock parent csky: Fixup msa highest 3 bits mask csky: Fixup perf callchain unwind csky: Fixup remove duplicate irq_disable hwmon: (nct7904) Fix incorrect range of temperature limit registers cifs: Fix null pointer check in cifs_read csky: Fixup raw_copy_from_user() samples: bpf: Fix build error drivers: net: hamradio: Fix suspicious RCU usage warning in bpqether.c Input: usbtouchscreen - add support for BonXeon TP Input: evdev - call input_flush_device() on release(), not flush() Input: xpad - add custom init packet for Xbox One S controllers Input: dlink-dir685-touchkeys - fix a typo in driver name Input: i8042 - add ThinkPad S230u to i8042 reset list Input: synaptics-rmi4 - really fix attn_data use-after-free Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() ARM: 8970/1: decompressor: increase tag size ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h ARM: uaccess: integrate uaccess_save and uaccess_restore ARM: uaccess: fix DACR mismatch with nested exceptions gpio: exar: Fix bad handling for ida_simple_get error path arm64: dts: mt8173: fix vcodec-enc clock soc: mediatek: cmdq: return send msg error code gpu/drm: Ingenic: Fix opaque pointer casted to wrong type IB/qib: Call kobject_put() when kobject_init_and_add() fails ARM: dts/imx6q-bx50v3: Set display interface clock parents ARM: dts: bcm2835-rpi-zero-w: Fix led polarity ARM: dts: bcm: HR2: Fix PPI interrupt types mmc: block: Fix use-after-free issue for rpmb gpio: pxa: Fix return value of pxa_gpio_probe() gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() ALSA: hwdep: fix a left shifting 1 by 31 UB bug ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC exec: Always set cap_ambient in cap_bprm_set_creds clk: qcom: gcc: Fix parent for gpll0_out_even ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio ALSA: hda/realtek - Add new codec supported for ALC287 libceph: ignore pool overlay and cache logic on redirects ceph: flush release queue when handling caps for unknown inode RDMA/core: Fix double destruction of uobject drm/amd/display: drop cursor position check in atomic test IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode mm,thp: stop leaking unreleased file pages mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() include/asm-generic/topology.h: guard cpumask_of_node() macro argument Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT" gpio: fix locking open drain IRQ lines iommu: Fix reference count leak in iommu_group_alloc. parisc: Fix kernel panic in mem_init() cfg80211: fix debugfs rename crash x86/syscalls: Revert "x86/syscalls: Make __X32_SYSCALL_BIT be unsigned long" mac80211: mesh: fix discovery timer re-arming issue / crash x86/dma: Fix max PFN arithmetic overflow on 32 bit systems copy_xstate_to_kernel(): don't leave parts of destination uninitialized xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input xfrm: do pskb_pull properly in __xfrm_transport_prep xfrm: remove the xfrm_state_put call becofe going to out_reset xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output xfrm interface: fix oops when deleting a x-netns interface xfrm: fix a warning in xfrm_policy_insert_list xfrm: fix a NULL-ptr deref in xfrm_local_error xfrm: fix error in comment ip_vti: receive ipip packet by calling ip_tunnel_rcv netfilter: nft_reject_bridge: enable reject with bridge vlan netfilter: ipset: Fix subcounter update skip netfilter: conntrack: make conntrack userspace helpers work again netfilter: nfnetlink_cthelper: unbreak userspace helper support netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code esp6: get the right proto for transport mode in esp6_gso_encap bnxt_en: Fix accumulation of bp->net_stats_prev. ieee80211: Fix incorrect mask for default PE duration xsk: Add overflow check for u64 division, stored into u32 qlcnic: fix missing release in qlcnic_83xx_interrupt_test. crypto: chelsio/chtls: properly set tp->lsndtime nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry nexthops: don't modify published nexthop groups nexthop: Expand nexthop_is_multipath in a few places ipv4: nexthop version of fib_info_nh_uses_dev net: dsa: declare lockless TX feature for slave ports bonding: Fix reference count leak in bond_sysfs_slave_add. netfilter: conntrack: comparison of unsigned in cthelper confirmation netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build perf: Make perf able to build with latest libbfd Linux 5.4.44 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idd547df1abb0bea116f30e3224a80387529adb0b |
||
|
Eric W. Biederman
|
68fe063327 |
exec: Always set cap_ambient in cap_bprm_set_creds
[ Upstream commit a4ae32c71fe90794127b32d26d7ad795813b502e ]
An invariant of cap_bprm_set_creds is that every field in the new cred
structure that cap_bprm_set_creds might set, needs to be set every
time to ensure the fields does not get a stale value.
The field cap_ambient is not set every time cap_bprm_set_creds is
called, which means that if there is a suid or sgid script with an
interpreter that has neither the suid nor the sgid bits set the
interpreter should be able to accept ambient credentials.
Unfortuantely because cap_ambient is not reset to it's original value
the interpreter can not accept ambient credentials.
Given that the ambient capability set is expected to be controlled by
the caller, I don't think this is particularly serious. But it is
definitely worth fixing so the code works correctly.
I have tested to verify my reading of the code is correct and the
interpreter of a sgid can receive ambient capabilities with this
change and cannot receive ambient capabilities without this change.
Cc: stable@vger.kernel.org
Cc: Andy Lutomirski <luto@kernel.org>
Fixes:
|
||
|
Greg Kroah-Hartman
|
441ba323ad |
Revert "ANDROID: sdcardfs: Enable modular sdcardfs"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
750140e3c4 |
Revert "ANDROID: vfs: Add permission2 for filesystems with per mount permissions"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
f7b4f375c7 |
This is the 5.4.43 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7Oi20ACgkQONu9yGCS aT4ipBAA1Kqh2mLEcDBISubrU4CuOl/iHmkCXyF1FeF9+vJKz25whbfYO/FNYweP 2HYxGyuqLTQ0OnsfrXeEoImlxdAcWp3TjAFPgJdonLBvnVDmvlPe6Pzk1NRPhvce zU/Y1leE+LoQ7xDfICPJ9BwuwwYTRzRqMQHmIuVlsHLSiN+rextPj6vkzD+7h4ux i9VKoDvzmWuLrHmc9RYNoGxuZ5tGogBaCxI8tnzHGcm21bNVvsKZiANQ2J+6G2bJ sJwqq5tH2gZ6cJxmJ1tVyMbXLIJanNKLeBC5sDQN4rss9pU4gtyEARqVG+9RlglQ FeSlBuoaISJYYejo6aSH7nw81bTQrXexd0sH94qYqnqPlZo+OXN8vxHTaIapYEfd fjqyEblZXqpnMNVQcZOxbrYaefuIrZ9Q8pWUFTwVj34P8RNJLBIvg5gy2dlRvHbC PGLJewOXySZaXVpD5gFU349L32d4QPw9MmMU5php+LOl4idN8RlVY0pOaUuO0idH ewO+6vijLgHq/5HBO6BBToRlNUvLauoUeAaQwoHfPiuuYnGGFCZ9GEjPRsHnCBok IAKQ2Uj+IqlMy7gKVtG1ryekil7TVktrZQ1JBokRLWQPZiED84r7P1lQqPaH/4f4 GFFRhx3tekJs4LMMUEaUR019Q9ZcQMWkikT1/HpVOYUjQd55pc4= =jmiq -----END PGP SIGNATURE----- Merge 5.4.43 into android-5.4-stable Changes in 5.4.43 i2c: dev: Fix the race between the release of i2c_dev and cdev KVM: SVM: Fix potential memory leak in svm_cpu_init() ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() evm: Check also if *tfm is an error pointer in init_desc() ima: Fix return value of ima_write_policy() ubifs: fix wrong use of crypto_shash_descsize() ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive mtd: spinand: Propagate ECC information to the MTD structure fix multiplication overflow in copy_fdtable() ubifs: remove broken lazytime support i2c: fix missing pm_runtime_put_sync in i2c_device_probe iommu/amd: Fix over-read of ACPI UID from IVRS table evm: Fix a small race in init_desc() i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' ubi: Fix seq_file usage in detailed_erase_block_info debugfs file afs: Don't unlock fetched data pages until the op completes successfully mtd: Fix mtd not registered due to nvmem name collision kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() gcc-common.h: Update for GCC 10 HID: multitouch: add eGalaxTouch P80H84 support HID: alps: Add AUI1657 device ID HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV scsi: qla2xxx: Delete all sessions before unregister local nvme port configfs: fix config_item refcnt leak in configfs_rmdir() vhost/vsock: fix packet delivery order to monitoring devices aquantia: Fix the media type of AQC100 ethernet controller in the driver component: Silence bind error on -EPROBE_DEFER net/ena: Fix build warning in ena_xdp_set() scsi: ibmvscsi: Fix WARN_ON during event pool release HID: i2c-hid: reset Synaptics SYNA2393 on resume x86/mm/cpa: Flush direct map alias during cpa ibmvnic: Skip fatal error reset after passive init ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set x86/apic: Move TSC deadline timer debug printk gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock ceph: fix double unlock in handle_cap_export() stmmac: fix pointer check after utilization in stmmac_interrupt USB: core: Fix misleading driver bug report platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA iommu/amd: Call domain_flush_complete() in update_domain() drm/amd/display: Prevent dpcd reads with passive dongles KVM: selftests: Fix build for evmcs.h ARM: futex: Address build warning scripts/gdb: repair rb_first() and rb_last() ALSA: hda - constify and cleanup static NodeID tables ALSA: hda: patch_realtek: fix empty macro usage in if block ALSA: hda: Manage concurrent reg access more properly ALSA: hda/realtek - Add supported new mute Led for HP ALSA: hda/realtek - Add HP new mute led supported for ALC236 ALSA: hda/realtek: Add quirk for Samsung Notebook ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option ALSA: pcm: fix incorrect hw_base increase ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme ALSA: hda/realtek - Add more fixup entries for Clevo machines scsi: qla2xxx: Do not log message when reading port speed via sysfs scsi: target: Put lun_ref at end of tmr processing arm64: Fix PTRACE_SYSEMU semantics drm/etnaviv: fix perfmon domain interation apparmor: Fix use-after-free in aa_audit_rule_init apparmor: fix potential label refcnt leak in aa_change_profile apparmor: Fix aa_label refcnt leak in policy_update dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' drm/etnaviv: Fix a leak in submit_pin_objects() dmaengine: dmatest: Restore default for channel dmaengine: owl: Use correct lock in owl_dma_get_pchan() vsprintf: don't obfuscate NULL and error pointers drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance. drm/i915: Propagate error from completed fences powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE powerpc/64s: Disable STRICT_KERNEL_RWX bpf: Avoid setting bpf insns pages read-only when prog is jited kbuild: Remove debug info from kallsyms linking Revert "gfs2: Don't demote a glock until its revokes are written" media: fdp1: Fix R-Car M3-N naming in debug message staging: iio: ad2s1210: Fix SPI reading staging: kpc2000: fix error return code in kp2000_pcie_probe() staging: greybus: Fix uninitialized scalar variable iio: sca3000: Remove an erroneous 'get_device()' iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' iio: adc: ti-ads8344: Fix channel selection misc: rtsx: Add short delay after exit from ASPM tty: serial: add missing spin_lock_init for SiFive serial console mei: release me_cl object reference ipack: tpci200: fix error return code in tpci200_register() s390/pci: Fix s390_mmio_read/write with MIO s390/kaslr: add support for R_390_JMP_SLOT relocation type device-dax: don't leak kernel memory to user space after unloading kmem rapidio: fix an error in get_user_pages_fast() error handling kasan: disable branch tracing for core runtime rxrpc: Fix the excessive initial retransmission timeout rxrpc: Fix a memory leak in rxkad_verify_response() s390/kexec_file: fix initrd location for kdump kernel flow_dissector: Drop BPF flow dissector prog ref on netns cleanup x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-adc: fix device used to request dma iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-dfsdm: fix device used to request dma rxrpc: Trace discarded ACKs rxrpc: Fix ack discard tpm: check event log version before reading final events sched/fair: Reorder enqueue/dequeue_task_fair path sched/fair: Fix reordering of enqueue/dequeue_task_fair() sched/fair: Fix enqueue_task_fair() warning some more Linux 5.4.43 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1582df67569f34c4455c482ed0eaf10fc1a34e03 |
||
Xiyu Yang
|
870a45e0b5 |
apparmor: Fix aa_label refcnt leak in policy_update
commit c6b39f070722ea9963ffe756bfe94e89218c5e63 upstream.
policy_update() invokes begin_current_label_crit_section(), which
returns a reference of the updated aa_label object to "label" with
increased refcount.
When policy_update() returns, "label" becomes invalid, so the refcount
should be decreased to keep refcount balanced.
The reference counting issue happens in one exception handling path of
policy_update(). When aa_may_manage_policy() returns not NULL, the
refcnt increased by begin_current_label_crit_section() is not decreased,
causing a refcnt leak.
Fix this issue by jumping to "end_section" label when
aa_may_manage_policy() returns not NULL.
Fixes:
|
||
|
Xiyu Yang
|
054934aa9f |
apparmor: fix potential label refcnt leak in aa_change_profile
commit a0b845ffa0d91855532b50fc040aeb2d8338dca4 upstream.
aa_change_profile() invokes aa_get_current_label(), which returns
a reference of the current task's label.
According to the comment of aa_get_current_label(), the returned
reference must be put with aa_put_label().
However, when the original object pointed by "label" becomes
unreachable because aa_change_profile() returns or a new object
is assigned to "label", reference count increased by
aa_get_current_label() is not decreased, causing a refcnt leak.
Fix this by calling aa_put_label() before aa_change_profile() return
and dropping unnecessary aa_get_current_label().
Fixes:
|
||
Navid Emamdoost
|
97d817b9ef |
apparmor: Fix use-after-free in aa_audit_rule_init
commit c54d481d71c6849e044690d3960aaebc730224cc upstream.
In the implementation of aa_audit_rule_init(), when aa_label_parse()
fails the allocated memory for rule is released using
aa_audit_rule_free(). But after this release, the return statement
tries to access the label field of the rule which results in
use-after-free. Before releasing the rule, copy errNo and return it
after release.
Fixes:
|
||
|
Dan Carpenter
|
dd540f2d7c |
evm: Fix a small race in init_desc()
[ Upstream commit 8433856947217ebb5697a8ff9c4c9cad4639a2cf ]
The IS_ERR_OR_NULL() function has two conditions and if we got really
unlucky we could hit a race where "ptr" started as an error pointer and
then was set to NULL. Both conditions would be false even though the
pointer at the end was NULL.
This patch fixes the problem by ensuring that "*tfm" can only be NULL
or valid. I have introduced a "tmp_tfm" variable to make that work. I
also reversed a condition and pulled the code in one tab.
Reported-by: Roberto Sassu <roberto.sassu@huawei.com>
Fixes: 53de3b080d5e ("evm: Check also if *tfm is an error pointer in init_desc()")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Roberto Sassu <roberto.sassu@huawei.com>
Acked-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Roberto Sassu
|
48bbd44f5f |
ima: Fix return value of ima_write_policy()
[ Upstream commit 2e3a34e9f409ebe83d1af7cd2f49fca7af97dfac ]
This patch fixes the return value of ima_write_policy() when a new policy
is directly passed to IMA and the current policy requires appraisal of the
file containing the policy. Currently, if appraisal is not in ENFORCE mode,
ima_write_policy() returns 0 and leads user space applications to an
endless loop. Fix this issue by denying the operation regardless of the
appraisal mode.
Cc: stable@vger.kernel.org # 4.10.x
Fixes:
|
||
|
Roberto Sassu
|
1066327bf9 |
evm: Check also if *tfm is an error pointer in init_desc()
[ Upstream commit 53de3b080d5eae31d0de219617155dcc34e7d698 ]
This patch avoids a kernel panic due to accessing an error pointer set by
crypto_alloc_shash(). It occurs especially when there are many files that
require an unsupported algorithm, as it would increase the likelihood of
the following race condition:
Task A: *tfm = crypto_alloc_shash() <= error pointer
Task B: if (*tfm == NULL) <= *tfm is not NULL, use it
Task B: rc = crypto_shash_init(desc) <= panic
Task A: *tfm = NULL
This patch uses the IS_ERR_OR_NULL macro to determine whether or not a new
crypto context must be created.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Roberto Sassu
|
4aedc534b6 |
ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
[ Upstream commit 0014cc04e8ec077dc482f00c87dfd949cfe2b98f ] Commit |
||
|
Blagovest Kolenichev
|
4e2b270d2c |
Merge android-5.4.26 (0d3cca0c) into msm-5.4
* refs/heads/tmp-0d3cca0c:
UPSTREAM: driver core: Skip unnecessary work when device doesn't have sync_state()
Linux 5.4.26
net/smc: cancel event worker during device removal
net/smc: check for valid ib_client_data
ipv6: restrict IPV6_ADDRFORM operation
iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE
i2c: acpi: put device when verifying client fails
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: nft_chain_nat: inet family is missing module ownership
netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute
netfilter: nft_tunnel: add missing attribute validation for tunnels
netfilter: nft_payload: add missing attribute validation for payload csum flags
netfilter: cthelper: add missing attribute validation for cthelper
perf bench futex-wake: Restore thread count default to online CPU count
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for critical protocol indication
i2c: gpio: suppress error on probe defer
iommu/vt-d: Fix RCU-list bugs in intel_iommu_init()
driver code: clarify and fix platform device DMA mask allocation
drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits
pinctrl: core: Remove extra kref_get which blocks hogs being freed
drm/i915/gvt: Fix dma-buf display blur issue on CFL
virtio_ring: Fix mem leak with vring_new_virtqueue()
pinctrl: imx: scu: Align imx sc msg structs to 4
pinctrl: meson-gxl: fix GPIOX sdio pins
clk: imx8mn: Fix incorrect clock defines
batman-adv: Don't schedule OGM for disabled interface
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: Fix RCU list debugging warnings
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/dma: Fix MSI reservation allocation
x86/mce: Fix logic and comments around MSR_PPIN_CTL
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
mt76: fix array overflow on receiving too many fragments for a packet
i2c: designware-pci: Fix BUG_ON during device removal
efi: Add a sanity check to efivar_store_raw()
efi: Fix a race and a buffer overflow while reading efivars via sysfs
x86/ioremap: Map EFI runtime services data as encrypted for SEV
macintosh: windfarm: fix MODINFO regression
fscrypt: don't evict dirty inodes after removing key
blk-iocost: fix incorrect vtime comparison in iocg_is_idle()
ipmi_si: Avoid spurious errors for optional IRQs
s390/dasd: fix data corruption for thin provisioned devices
fuse: fix stack use after return
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
cifs_atomic_open(): fix double-put on late allocation failure
ktest: Add timeout for ssh sync testing
pinctrl: falcon: fix syntax error
mmc: sdhci-pci-gli: Enable MSI interrupt for GL975x
drm/i915: Defer semaphore priority bumping to a workqueue
drm/i915: be more solid in checking the alignment
drm/amd/display: remove duplicated assignment to grph_obj_type
workqueue: don't use wq_select_unbound_cpu() for bound works
netfilter: x_tables: xt_mttg_seq_next should increase position index
netfilter: xt_recent: recent_seq_next should increase position index
netfilter: synproxy: synproxy_cpu_seq_next should increase position index
netfilter: nf_conntrack: ct_cpu_seq_next should increase position index
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
netfilter: nf_tables: fix infinite loop when expr is not available
cgroup: Iterate tasks that did not finish do_exit()
cgroup: cgroup_procs_next should increase position index
net: phy: Avoid multiple suspends
net: dsa: Don't instantiate phylink for CPU/DSA ports unless needed
selftests/net/fib_tests: update addr_metric_test for peer route testing
net/ipv6: remove the old peer route if change it to a new one
net/ipv6: need update peer route when modify metric
net: phy: fix MDIO bus PM PHY resuming
net: phy: avoid clearing PHY interrupts twice in irq handler
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for deactivate target
nfc: add missing attribute validation for SE API
tipc: add missing attribute validation for MTU property
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: taprio: add missing attribute validation for txtime delay
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
can: add missing attribute validation for termination
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
devlink: validate length of region addr/len
devlink: validate length of param values
net: memcg: fix lockdep splat in inet_csk_accept()
net: memcg: late association of sock to memcg
cgroup: memcg: net: do not associate sock with unrelated cgroup
bnxt_en: fix error handling when flashing from file
bnxt_en: reinitialize IRQs when MTU is modified
bonding/alb: make sure arp header is pulled before accessing it
taprio: Fix sending packets without dequeueing them
slip: make slhc_compress() more robust against malicious packets
sfc: detach from cb_page in efx_copy_channel()
r8152: check disconnect status after long sleep
net: systemport: fix index check to avoid an array out of bounds access
net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used
net: phy: bcm63xx: fix OOPS due to missing driver name
net/packet: tpacket_rcv: do not increment ring index on drop
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
netlink: Use netlink header as base to calculate bad attribute offset
net/ipv6: use configured metric when add peer route
net: hns3: fix a not link up issue when fibre port supports autoneg
net: fec: validate the new settings in fec_enet_set_coalesce()
net: dsa: mv88e6xxx: fix lockup on warm boot
net: dsa: fix phylink_start()/phylink_stop() calls
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
inet_diag: return classid for all socket types
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported
ALSA: hda/realtek - Add Headset Mic supported for HP cPC
ALSA: hda/realtek - More constifications
virtio_balloon: Adjust label in virtballoon_probe
ANDROID: GKI: Revert "mm: unexport free_reserved_area"
ANDROID: Export functions to be used with dma_map_ops in modules
ANDROID: GKI: add android_kabi.h
ANDROID: GKI: update abi due to CONFIG_JUMP_LABEL being enabled
ANDROID: GKI: enable CONFIG_JUMP_LABEL
ANDROID: Add build.config.gki-debug.x86_64
ANDROID: update the abi signatures
ANDROID: Add build.config.gki-debug.aarch64
Revert "ANDROID: drm: edid: add support for additional CEA extension blocks"
Revert "ANDROID: drm: Parse Colorimetry data block from EDID"
ANDROID: Add build.config files for ARM 32-bit
ANDROID: Kconfig.gki: Add FRAME_VECTOR
UPSTREAM: cgroup: Iterate tasks that did not finish do_exit()
ANDROID: gki_defconfig: Enable more USB_CONFIGFS gadgets
Revert "ANDROID: tty: serdev: Fix broken serial console input"
ANDROID: serdev: restrict claim of platform devices
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
FROMGIT: ASoC: sprd: Allow the MCDT driver to build into modules
FROMGIT: thermal: sprd: Add Spreadtrum thermal driver support
FROMGIT: dt-bindings: thermal: sprd: Add the Spreadtrum thermal documentation
ANDROID: ABI update due to power supply patches being merged
FROMGIT: pinctrl: sprd: Fix the kconfig warning
FROMGIT: pinctrl: sprd: Allow the SPRD pinctrl driver building into a module
FROMGIT: pinctrl: Export some needed symbols at module load time
FROMGIT: power: reset: sc27xx: Allow the SC27XX poweroff driver building into a module
FROMGIT: power: reset: sc27xx: Change to use cpu_down()
FROMGIT: power: reset: sc27xx: Power off the external subsystems' connection
FROMGIT: power: supply: sc27xx: Add POWER_SUPPLY_PROP_CHARGE_NOW attribute
UPSTREAM: power: supply: sc27xx: Calibrate the resistance of coulomb counter
UPSTREAM: dt-bindings: power: sc27xx: Add a new property to describe the real resistance of coulomb counter chip
UPSTREAM: power: supply: sc27xx: Optimize the battery resistance with measuring temperature
UPSTREAM: power: supply: core: Add battery internal resistance temperature table support
UPSTREAM: dt-bindings: power: Introduce one property to describe the battery resistance with temperature changes
ANDROID: abi_gki_aarch64_whitelist: update after whitelist changes
ANDROID: update abi_gki_aarch64_cuttlefish_whitelist
ANDROID: update abi_gki_aarch64_db845c_whitelist
ANDROID: update abi due to interconnect changes
UPSTREAM: interconnect: Handle memory allocation errors
UPSTREAM: interconnect: Add basic tracepoints
UPSTREAM: interconnect: Add a name to struct icc_path
UPSTREAM: interconnect: Move internal structs into a separate file
Linux 5.4.25
drm/virtio: module_param_named() requires linux/moduleparam.h
csky: Implement copy_thread_tls
block, bfq: remove ifdefs from around gets/puts of bfq groups
block, bfq: get a ref to a group when adding it to a service tree
efi: READ_ONCE rng seed size before munmap
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
bus: ti-sysc: Fix 1-wire reset quirk
arm64: dts: meson: fix gxm-khadas-vim2 wifi
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
dma-buf: free dmabuf->name in dma_buf_release()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RDMA/core: Fix protection fault in ib_mr_pool_destroy
RDMA/iwcm: Fix iwcm work deallocation
RDMA/siw: Fix failure handling during device creation
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/rw: Fix error flow during RDMA context initialization
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
soc: imx-scu: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: misc: Align imx sc msg structs to 4
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
ARM: dts: imx6: phycore-som: fix emmc supply
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
drm/i915/selftests: Fix return in assert_mmap_offset()
drm/i915: Program MBUS with rmw during initialization
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: Add separate DE3 VI layer formats
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/panfrost: Don't try to map on error faults
spi: atmel-quadspi: fix possible MMIO window size overrun
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
powerpc: Convert flush_icache_range & friends to C
powerpc: define helpers to get L1 icache sizes
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
drm/virtio: fix resource id creation race
drm/virtio: make resource id workaround runtime switchable.
spi: bcm63xx-hsspi: Really keep pll clk enabled
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
arm64: dts: meson-sm1-sei610: add missing interrupt-names
dm: fix congested_fn for request-based device
dm zoned: Fix reference counter initial value of chunk works
dm writecache: verify watermark during resume
dm: report suspended device during destroy
dm cache: fix a crash due to incorrect work item cancelling
dm integrity: fix invalid table returned due to argument count mismatch
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: imx-sdma: fix context cache
s390/mm: fix panic in gup_fast on large pud
s390/pci: Fix unexpected write combine on resource
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
spi: spidev: Fix CS polarity if GPIO descriptors are used
perf arm-spe: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf intel-pt: Fix endless record after being terminated
media: v4l2-mem2mem.c: fix broken links
media: vicodec: process all 4 components for RGB32 formats
media: mc-entity.c: use & to check pad flags, not ==
media: hantro: Fix broken media controller links
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty: serial: fsl_lpuart: free IDs allocated by IDA
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
arm64: dts: socfpga: agilex: Fix gmac compatible
btrfs: fix RAID direct I/O reads with alternate csums
fat: fix uninit-memory access for partial initialized inode
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: cdns3: gadget: link trb should point to next request
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: fix rename() by ensuring source handle opened with DELETE bit
cifs: don't leak -EAGAIN for stat() during reconnect
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Add Headset Mic supported
binder: prevent UAF for binderfs devices II
binder: prevent UAF for binderfs devices
firmware: imx: scu: Ensure sequential TX
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
arch/csky: fix some Kconfig typos
csky: Fixup compile warning for three unimplemented syscalls
csky: Fixup ftrace modify panic
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/mm: Fixup export invalid_pte_table symbol
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
ice: Don't tell the OS that link is going down
nvme: Fix uninitialized-variable warning
s390/qdio: fill SL with absolute addresses
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
nvme-pci: Use single IRQ vector for old Apple models
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
iommu/amd: Disable IOMMU on Stoney Ridge systems
net/mlx5: DR, Fix matching on vport gvmi
efi: Only print errors about failing to get certs if EFI vars are found
s390: make 'install' not depend on vmlinux
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
net: atlantic: check rpc result and wait for rpc address
selftests: forwarding: vxlan_bridge_1d: fix tos value
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
drm/msm/dsi/pll: call vco set rate explicitly
drm/msm/dsi: save pll state before dsi host is powered off
scsi: megaraid_sas: silence a warning
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
drm/modes: Make sure to parse valid rotation value from cmdline
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
habanalabs: patched cb equals user cb in device memset
habanalabs: do not halt CoreSight during hard reset
habanalabs: halt the engines before hard-reset
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
ALSA: hda: do not override bus codec_mask in link_get()
blktrace: fix dereference after null check
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
kbuild: fix 'No such file or directory' warning when cleaning
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
dm thin metadata: fix lockdep complaint
net: stmmac: fix notifier registration
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
block, bfq: do not insert oom queue into position tree
block, bfq: get extra ref to prevent a queue from being freed during a group move
FROMGIT: kallsyms: unexport kallsyms_lookup_name() and kallsyms_on_each_symbol()
FROMGIT: samples/hw_breakpoint: drop use of kallsyms_lookup_name()
FROMGIT: samples/hw_breakpoint: drop HW_BREAKPOINT_R when reporting writes
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
ANDROID: ABI/Whitelist: update whitelist of unisoc upstream code
ANDROID: gki_defconfig: Enable CONFIG_VM_EVENT_COUNTERS
ANDROID: gki_defconfig: Enable CONFIG_CLEANCACHE
ANDROID: arm64: update the abi with the new gki_defconfig
ANDROID: gki_defconfig: disable CONFIG_DEBUG_DEVRES
ANDROID: Update the abi xml file
ANDROID: GKI: arm64: reserve space in cpu_hwcaps and cpu_hwcap_keys arrays
FROMGIT: power: supply: Allow charger manager can be built as a module
ANDROID: arm64: gki_defconfig: disable CONFIG_DEBUG_PREEMPT
ANDROID: iommu/iova: Fix to use __alloc_and_insert_iova_best_fit
ANDROID: enable CONFIG_WATCHDOG_CORE=y
ANDROID: kbuild: align UNUSED_KSYMS_WHITELIST with upstream
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
ANDROID: gki_defconfig: enable CONFIG_TYPEC
UPSTREAM: scsi: ufs: ufs-mediatek: add waiting time for reference clock
UPSTREAM: scsi: ufs: introduce common function to disable host TX LCC
UPSTREAM: scsi: ufs: ufs-mediatek: fix TX LCC disabling timing
UPSTREAM: scsi: ufs: ufs-mediatek: gate ref-clk during Auto-Hibern8
UPSTREAM: scsi: ufs: fix Auto-Hibern8 error detection
UPSTREAM: scsi: ufs: ufs-mediatek: support linkoff state during suspend
UPSTREAM: scsi: ufs: ufs-mediatek: ensure UniPro is not powered down before linkup
UPSTREAM: scsi: ufs: Move ufshcd_get_max_pwr_mode() to ufshcd_device_params_init()
BACKPORT: scsi: ufs: Split ufshcd_probe_hba() based on its called flow
FROMGIT: driver core: Reevaluate dev->links.need_for_probe as suppliers are added
FROMGIT: driver core: Call sync_state() even if supplier has no consumers
ANDROID: cpufreq: times: Remove per-UID time in state tracking
Revert "ANDROID: proc: Add /proc/uid directory"
Revert "ANDROID: cpufreq: Add time_in_state to /proc/uid directories"
ANDROID: cpufreq: times: Remove /proc/uid_concurrent_{active,policy}_time
ANDROID: drm: Add support for DP 1.4 Compliance edid corruption test
Revert "ANDROID: drm: Add support for DP 1.4 Compliance edid corruption test"
ANDROID: staging: ion: Add an in-kernel interface to request heap info.
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
UPSTREAM: scsi: ufs: Abort gating if clock on request is pending
UPSTREAM: scsi: ufs: Fix irq return code
UPSTREAM: scsi: ufs: Fix register dump caused sleep in atomic context
UPSTREAM: scsi: ufs-qcom: Add reset control support for host controller
UPSTREAM: scsi: ufs: Add device reset in link recovery path
FROMGIT: scsi: ufs-qcom: Delay specific time before gate ref clk
BACKPORT: FROMGIT: scsi: ufs: Add dev ref clock gating wait time support
Revert "FROMLIST: scsi: ufs: Add dev ref clock gating wait time support"
FROMGIT: scsi: ufs-qcom: Adjust bus bandwidth voting and unvoting
Revert "FROMLIST: scsi: ufs-qcom: Adjust bus bandwidth voting and unvoting"
ANDROID: CC_FLAGS_CFI add -fno-sanitize-blacklist
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/power/supply/battery.txt
Documentation/devicetree/bindings/power/supply/sc27xx-fg.txt
drivers/dma-buf/dma-buf.c
drivers/interconnect/core.c
drivers/interconnect/internal.h
drivers/scsi/ufs/ufs-qcom.c
drivers/scsi/ufs/ufs-qcom.h
drivers/scsi/ufs/ufshcd.h
drivers/thermal/Makefile
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
scripts/gen_autoksyms.sh
Change-Id: Ic3227858328ceef3f34273428d1c4f81b78757b2
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
e752c9f98d |
This is the 5.4.39 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6yVfUACgkQONu9yGCS aT5ecRAArk5nOkbDVn/o2d/ro9+C1tHxkkQblEHUldnFhwkvhZXGONkI3G3IO0F2 W3DnLYIXesPClEHxsHirGJhsiXj1+/opZDo6PVDogW7vW3fXZEp6IjSKtTODeCk1 Yqs/DBmVxOJqYONJ4O+IPq73yJo1wIrgvp3nf+hA8jAidKKBHj/bZG16gFRfwlx8 XgT6b7UJNpEijc7sD1AkqMi5dILYnTx4X/Xd0bMZh4CXobLqCX2KFMghANOu1SZQ ttVGXBfEo+3OD1IrYVOMEM9v45lyiIfE7USS00XzWPZ4Ij4i2SU3BiBTnbldZ6xk f6gxrnsY9gc2hBuz/ua1p4BLnECBL2BiQEY5WCWTHtJUix6f/i3akUEsoEL1Nn+o vfDNqVoge8W2hpsiWK4tukeJC5LhwmIFz/yVb8P9OGA93tttZLvykvXQsayh5Qjs HQZIQtci4rffQcIDotrVK4PJdXZCnBN8MPHI3HfqYQ2I2smkYog6LWj9XrNB3mXU AEHWkjXycqCENrjEFD9ZW/i8Fc+s6PfcOnFPg62pozhcqzVtFRorqXuY8XrHd2RF sbGOE4jO05vgtLUEd9PI7DMs5csGuact+jE3WAEn+9Mbfezsq0wYsV6CU5NaV1sM co6YSdHsKjcamO/WnQ2eb5VABceXAoTPUVR8vU4Qi7zmGbYER0I= =Yc8U -----END PGP SIGNATURE----- Merge 5.4.39 into android-5.4-stable Changes in 5.4.39 dma-buf: Fix SET_NAME ioctl uapi drm/edid: Fix off-by-one in DispID DTD pixel clock drm/amd/display: Fix green screen issue after suspend drm/qxl: qxl_release leak in qxl_draw_dirty_fb() drm/qxl: qxl_release leak in qxl_hw_surface_alloc() drm/qxl: qxl_release use after free NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION btrfs: fix transaction leak in btrfs_recover_relocation btrfs: fix block group leak when removing fails btrfs: fix partial loss of prealloc extent past i_size after fsync btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop mmc: sdhci-xenon: fix annoying 1.8V regulator warning mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers mmc: sdhci-msm: Enable host capabilities pertains to R1b response mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY mmc: meson-mx-sdio: remove the broken ->card_busy() op crypto: caam - fix the address of the last entry of S/G ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID ALSA: hda/hdmi: fix without unlocked before return ALSA: line6: Fix POD HD500 audio playback ALSA: pcm: oss: Place the plugin buffer overflow checks correctly i2c: amd-mp2-pci: Fix Oops in amd_mp2_pci_init() error handling Drivers: hv: vmbus: Fix Suspend-to-Idle for Generation-2 VM dlmfs_file_write(): fix the bogosity in handling non-zero *ppos IB/rdmavt: Always return ERR_PTR from rvt_create_mmap_info() PM: ACPI: Output correct message on target power state PM: hibernate: Freeze kernel threads in software_resume() dm verity fec: fix hash block number in verity_fec_decode dm writecache: fix data corruption when reloading the target dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath ARM: dts: imx6qdl-sr-som-ti: indicate powering off wifi is safe scsi: qla2xxx: set UNLOADING before waiting for session deletion scsi: qla2xxx: check UNLOADING before posting async work RDMA/mlx5: Set GRH fields in query QP on RoCE RDMA/mlx4: Initialize ib_spec on the stack RDMA/siw: Fix potential siw_mem refcnt leak in siw_fastreg_mr() RDMA/core: Prevent mixed use of FDs between shared ufiles RDMA/core: Fix race between destroy and release FD object RDMA/cm: Fix ordering of xa_alloc_cyclic() in ib_create_cm_id() RDMA/cm: Fix an error check in cm_alloc_id_priv() i2c: iproc: generate stop event for slave writes vfio: avoid possible overflow in vfio_iommu_type1_pin_pages vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() iommu/qcom: Fix local_base status check scsi: target/iblock: fix WRITE SAME zeroing iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system i2c: aspeed: Avoid i2c interrupt status clear race condition. ALSA: opti9xx: shut up gcc-10 range warning Fix use after free in get_tree_bdev() nvme: prevent double free in nvme_alloc_ns() error handling nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl dmaengine: dmatest: Fix iteration non-stop logic dmaengine: dmatest: Fix process hang when reading 'wait' parameter arm64: vdso: Add -fasynchronous-unwind-tables to cflags selinux: properly handle multiple messages in selinux_netlink_send() Linux 5.4.39 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I34596d5cedd9946e8220165099483c53ba1d01fb |
||
|
Paul Moore
|
eeef0d9fd4 |
selinux: properly handle multiple messages in selinux_netlink_send()
commit fb73974172ffaaf57a7c42f35424d9aece1a5af6 upstream. Fix the SELinux netlink_send hook to properly handle multiple netlink messages in a single sk_buff; each message is parsed and subject to SELinux access control. Prior to this patch, SELinux only inspected the first message in the sk_buff. Cc: stable@vger.kernel.org Reported-by: Dmitry Vyukov <dvyukov@google.com> Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
f933eb1eb4 |
ANDROID: sdcardfs: fix export symbol type
In commit
|
||
|
Greg Kroah-Hartman
|
c736c6b27a |
This is the 5.4.36 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6pkDUACgkQONu9yGCS
aT7cRxAAgnedn6pSj8x/LcbtqeQv52CDVXF0j1xOeK+o8hbIbvkjqAB1ZpPwAXaK
PPiI34lzLBRo9i5nw/rOL7TR7q+uqLE/bT4Z8rrlbeq85SmP8PI2HwpPnRc3Iwhi
RReIq00q5gBqF6AL7+Of3dEytrpOtyzf3Ff/3vadJ2WZEcblFoemGDjMbubaoI9E
e2uE6WSe4tYk/pbLu5HduMQ46YGsWvTJAnN0RIefX4WsGmK0sCJRmJ78qIabWTct
rUxoqhNHshPam7Qm6xVXe1pHa3U7zMNNtG52aJwoDzZ32rOTpBJly0F5FYYYW01Z
zZbY/8eeGn4OIwGr+wvw/XmB0uYlBw35HH8f5OYpvSnfgjmT7wa8QmRJAS6um7dD
elNqO1QuLa8lA/Tm5O9lzNIc3Vko322XQmGlsIU2xVBX0EdTig4Io+xuJkMMkU7q
JJF4Ic4xOYa330TZBIKEoXgf4hGhNgKKRML00yhDNWROWXdB9W9tLbFELDiiiF+K
ooeTB4aCsS2PheS/kZFL2U1RKlnMzBhYeZzPAg4ulfaVMHo5Zp8mBv4L17j9yU0+
MtKtS9tSV0SiDe2SpDCRKSMx+m5jpmgXxuX4HlkbSJ4d/5oAwNKQOTQj9xt3UmbL
JUghr8OOyk6V2wwgW1tFkTcFnzqCqzmvSeJf6AvBSr7ZHnqH130=
=7Fsb
-----END PGP SIGNATURE-----
Merge 5.4.36 into android-5.4-stable
Changes in 5.4.36
ext4: fix extent_status fragmentation for plain files
f2fs: fix to avoid memory leakage in f2fs_listxattr
net, ip_tunnel: fix interface lookup with no key
arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419
arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419
arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space
arm64: Silence clang warning on mismatched value/register sizes
tools/testing/nvdimm: Fix compilation failure without CONFIG_DEV_DAX_PMEM_COMPAT
watchdog: reset last_hw_keepalive time at start
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
scsi: lpfc: Fix crash after handling a pci error
scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG
scsi: libfc: If PRLI rejected, move rport to PLOGI state
ceph: return ceph_mdsc_do_request() errors from __get_parent()
ceph: don't skip updating wanted caps when cap is stale
pwm: rcar: Fix late Runtime PM enablement
nvme-tcp: fix possible crash in write_zeroes processing
scsi: iscsi: Report unbind session event when the target has been removed
tools/test/nvdimm: Fix out of tree build
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
nvme: fix deadlock caused by ANA update wrong locking
drm/amd/display: Update stream adjust in dc_stream_adjust_vmin_vmax
dma-direct: fix data truncation in dma_direct_get_required_mask()
kernel/gcov/fs.c: gcov_seq_next() should increase position index
selftests: kmod: fix handling test numbers above 9
ipc/util.c: sysvipc_find_ipc() should increase position index
kconfig: qconf: Fix a few alignment issues
lib/raid6/test: fix build on distros whose /bin/sh is not bash
s390/cio: generate delayed uevent for vfio-ccw subchannels
s390/cio: avoid duplicated 'ADD' uevents
loop: Better discard support for block devices
Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled"
powerpc/pseries: Fix MCE handling on pseries
nvme: fix compat address handling in several ioctls
pwm: renesas-tpu: Fix late Runtime PM enablement
pwm: bcm2835: Dynamically allocate base
perf/core: Disable page faults when getting phys address
drm/amd/display: Calculate scaling ratios on every medium/full update
ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet
ALSA: usb-audio: Add Pioneer DJ DJM-250MK2 quirk
xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3
xhci: Wait until link state trainsits to U0 after setting USB_SS_PORT_LS_U0
xhci: Finetune host initiated USB3 rootport link suspend and resume
drm/amd/display: Not doing optimize bandwidth if flip pending.
PCI/PM: Add pcie_wait_for_link_delay()
libbpf: Fix readelf output parsing on powerpc with recent binutils
PCI: pciehp: Prevent deadlock on disconnect
ASoC: SOF: trace: fix unconditional free in trace release
tracing/selftests: Turn off timeout setting
virtio-blk: improve virtqueue error to BLK_STS
scsi: smartpqi: fix controller lockup observed during force reboot
scsi: smartpqi: fix call trace in device discovery
scsi: smartpqi: fix problem with unique ID for physical device
PCI/ASPM: Allow re-enabling Clock PM
PCI/PM: Add missing link delays required by the PCIe spec
cxgb4: fix adapter crash due to wrong MC size
cxgb4: fix large delays in PTP synchronization
ipv4: Update fib_select_default to handle nexthop objects
ipv6: fix restrict IPV6_ADDRFORM operation
macsec: avoid to set wrong mtu
macvlan: fix null dereference in macvlan_device_event()
mlxsw: Fix some IS_ERR() vs NULL bugs
net: bcmgenet: correct per TX/RX ring statistics
net/mlx4_en: avoid indirect call in TX completion
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net: openvswitch: ovs_ct_exit to be done under ovs_lock
net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
net/x25: Fix x25_neigh refcnt leak when receiving frame
sched: etf: do not assume all sockets are full blown
selftests: Fix suppress test in fib_tests.sh
tcp: cache line align MAX_TCP_HEADER
team: fix hang in team_mode_get()
vrf: Fix IPv6 with qdisc and xfrm
net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled
net: dsa: b53: Fix valid setting for MDB entries
net: dsa: b53: Fix ARL register definitions
net: dsa: b53: Rework ARL bin logic
net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL
vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
geneve: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
vrf: Check skb for XFRM_TRANSFORMED flag
KEYS: Avoid false positive ENOMEM error on key read
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos
ALSA: usb-audio: Add connector notifier delegation
iio: core: remove extra semi-colon from devm_iio_device_register() macro
iio: st_sensors: rely on odr mask to know if odr can be set
iio: adc: stm32-adc: fix sleep in atomic context
iio: adc: ti-ads8344: properly byte swap value
iio: xilinx-xadc: Fix ADC-B powerdown
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Make sure not exceed maximum samplerate
USB: sisusbvga: Change port variable from signed to unsigned
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: early: Handle AMD's spec-compliant identifiers, too
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: hub: Fix handling of connect changes during sleep
USB: hub: Revert commit
|
||
|
Waiman Long
|
419d8fb163 |
KEYS: Avoid false positive ENOMEM error on key read
[ Upstream commit 4f0882491a148059a52480e753b7f07fc550e188 ] By allocating a kernel buffer with a user-supplied buffer length, it is possible that a false positive ENOMEM error may be returned because the user-supplied length is just too large even if the system do have enough memory to hold the actual key data. Moreover, if the buffer length is larger than the maximum amount of memory that can be returned by kmalloc() (2^(MAX_ORDER-1) number of pages), a warning message will also be printed. To reduce this possibility, we set a threshold (PAGE_SIZE) over which we do check the actual key length first before allocating a buffer of the right size to hold it. The threshold is arbitrary, it is just used to trigger a buffer length check. It does not limit the actual key length as long as there is enough memory to satisfy the memory request. To further avoid large buffer allocation failure due to page fragmentation, kvmalloc() is used to allocate the buffer so that vmapped pages can be used when there is not a large enough contiguous set of pages available for allocation. In the extremely unlikely scenario that the key keeps on being changed and made longer (still <= buflen) in between 2 __keyctl_read_key() calls, the __keyctl_read_key() calling loop in keyctl_read_key() may have to be iterated a large number of times, but definitely not infinite. Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
5e713c48ff |
This is the 5.4.35 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6hU54ACgkQONu9yGCS
aT5/3BAAlSOFEbVYeiAjDQYfA5DvieeVN3qKk0HnErIPRm35UHqCYSMyEDiJ2c8E
01V2aFpvAZDyj/pE/prBrUH5FnKyil9tPQrg/da2f54yMiXQvQ6iFdmH/N5Zp5eu
oY6qFUo4jePTbmI/TBzz08XZ9B4VxccNRhSdF0dO4SInt3eC+vJho3dCXH8H3B7o
cDf4uIXQqyGn6t9yQQlSVRYTCK1JMwkSVxCU7uMWS5TfJSN3EyZvMMfXyTCTmgIy
13Vv3+nSHxGqgyAA3fsClCGGAeQyFGQXP28OqyzesPuYyi5z3nDKtgZcAVtvyw9I
eDsfnOUrw76StiJwRfnKkbg8TBKDWn4N9VyLyBvjRvRovSzTJ31jKVBLhByKDJQt
cnsi/Ttkm2CYmChozdJrm1Pfm6HH5etEXh6rq4sqeGLkpi+k1UiQgYlavJPOI3nz
n6dMQEyeg1dmAIBXqgvSvGVfyZuRi37ApPHMHEY4klALbRaSj2Vu/pblyeRezIXL
G5D7olchwI0X18khdoBYOT1+tmid1pDZ00WB6Iq5IKIjR5x8KBf5uMcvprAc3LsP
mhGP9+MYXhWQ/GjHjA6TZq76qhYlEZBIHBarIaNjrl3IShLTQXzxAwS8rGtI5wZP
fTlCc+FBg5w1LDiVcEYJHXR583jSgsFTd3qbtpeaaQyKcC/fkEk=
=3/4K
-----END PGP SIGNATURE-----
Merge 5.4.35 into android-5.4-stable
Changes in 5.4.35
ext4: use non-movable memory for superblock readahead
watchdog: sp805: fix restart handler
xsk: Fix out of boundary write in __xsk_rcv_memcpy
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
arm, bpf: Fix offset overflow for BPF_MEM BPF_DW
objtool: Fix switch table detection in .text.unlikely
scsi: sg: add sg_remove_request in sg_common_write
ALSA: hda: Honor PM disablement in PM freeze and thaw_noirq ops
ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN.
kbuild, btf: Fix dependencies for DEBUG_INFO_BTF
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
irqchip/mbigen: Free msi_desc on device teardown
ALSA: hda: Don't release card at firmware loading error
xsk: Add missing check on user supplied headroom size
of: unittest: kmemleak on changeset destroy
of: unittest: kmemleak in of_unittest_platform_populate()
of: unittest: kmemleak in of_unittest_overlay_high_level()
of: overlay: kmemleak in dup_and_fixup_symbol_prop()
x86/Hyper-V: Unload vmbus channel in hv panic callback
x86/Hyper-V: Trigger crash enlightenment only once during system crash.
x86/Hyper-V: Report crash register data or kmsg before running crash kernel
x86/Hyper-V: Report crash register data when sysctl_record_panic_msg is not set
x86/Hyper-V: Report crash data in die() when panic_on_oops is set
afs: Fix missing XDR advance in xdr_decode_{AFS,YFS}FSFetchStatus()
afs: Fix decoding of inline abort codes from version 1 status records
afs: Fix rename operation status delivery
afs: Fix afs_d_validate() to set the right directory version
afs: Fix race between post-modification dir edit and readdir/d_revalidate
block, bfq: turn put_queue into release_process_ref in __bfq_bic_change_cgroup
block, bfq: make reparent_leaf_entity actually work only on leaf entities
block, bfq: invoke flush_idle_tree after reparent_active_queues in pd_offline
rbd: avoid a deadlock on header_rwsem when flushing notifies
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
x86/Hyper-V: Free hv_panic_page when fail to register kmsg dump
drm/ttm: flush the fence on the bo after we individualize the reservation object
clk: Don't cache errors from clk_ops::get_phase()
clk: at91: usb: continue if clk_hw_round_rate() return zero
net/mlx5e: Enforce setting of a single FEC mode
f2fs: fix the panic in do_checkpoint()
ARM: dts: rockchip: fix vqmmc-supply property name for rk3188-bqedison2qc
arm64: dts: allwinner: a64: Fix display clock register range
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: tegra: Fix Tegra PMC clock out parents
arm64: tegra: Add PCIe endpoint controllers nodes for Tegra194
arm64: tegra: Fix Tegra194 PCIe compatible string
arm64: dts: clearfog-gt-8k: set gigabit PHY reset deassert delay
soc: imx: gpc: fix power up sequencing
dma-coherent: fix integer overflow in the reserved-memory dma allocation
rtc: 88pm860x: fix possible race condition
NFS: alloc_nfs_open_context() must use the file cred when available
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
NFSv4.2: error out when relink swapfile
ARM: dts: rockchip: fix lvds-encoder ports subnode for rk3188-bqedison2qc
KVM: PPC: Book3S HV: Fix H_CEDE return code for nested guests
f2fs: fix to show norecovery mount option
phy: uniphier-usb3ss: Add Pro5 support
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
f2fs: Fix mount failure due to SPO after a successful online resize FS
f2fs: Add a new CP flag to help fsck fix resize SPO issues
s390/cpuinfo: fix wrong output when CPU0 is offline
hibernate: Allow uswsusp to write to swap
btrfs: add RCU locks around block group initialization
powerpc/prom_init: Pass the "os-term" message to hypervisor
powerpc/maple: Fix declaration made after definition
s390/cpum_sf: Fix wrong page count in error message
ext4: do not commit super on read-only bdev
um: ubd: Prevent buffer overrun on command completion
cifs: Allocate encryption header through kmalloc
mm/hugetlb: fix build failure with HUGETLB_PAGE but not HUGEBTLBFS
drm/nouveau/svm: check for SVM initialized before migrating
drm/nouveau/svm: fix vma range check for migration
include/linux/swapops.h: correct guards for non_swap_entry()
percpu_counter: fix a data race at vm_committed_as
compiler.h: fix error in BUILD_BUG_ON() reporting
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
drm/nouveau: workaround runpm fail by disabling PCI power management on certain intel bridges
leds: core: Fix warning message when init_data
x86: ACPI: fix CPU hotplug deadlock
csky: Fixup cpu speculative execution to IO area
drm/amdkfd: kfree the wrong pointer
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
csky: Fixup get wrong psr value from phyical reg
f2fs: fix NULL pointer dereference in f2fs_write_begin()
ACPICA: Fixes for acpiExec namespace init file
um: falloc.h needs to be directly included for older libc
drm/vc4: Fix HDMI mode validation
iommu/virtio: Fix freeing of incomplete domains
iommu/vt-d: Fix mm reference leak
SUNRPC: fix krb5p mount to provide large enough buffer in rq_rcvsize
ext2: fix empty body warnings when -Wextra is used
iommu/vt-d: Silence RCU-list debugging warning in dmar_find_atsr()
iommu/vt-d: Fix page request descriptor size
ext2: fix debug reference to ext2_xattr_cache
sunrpc: Fix gss_unwrap_resp_integ() again
csky: Fixup init_fpu compile warning with __init
power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks.
libnvdimm: Out of bounds read in __nd_ioctl()
iommu/amd: Fix the configuration of GCR3 table root pointer
f2fs: fix to wait all node page writeback
drm/nouveau/gr/gp107,gp108: implement workaround for HW hanging during init
net: dsa: bcm_sf2: Fix overflow checks
dma-debug: fix displaying of dma allocation type
fbdev: potential information leak in do_fb_ioctl()
ARM: dts: sunxi: Fix DE2 clocks register range
iio: si1133: read 24-bit signed integer for measurement
fbmem: Adjust indentation in fb_prepare_logo and fb_blank
tty: evh_bytechan: Fix out of bounds accesses
locktorture: Print ratio of acquisitions, not failures
mtd: rawnand: free the nand_device object
mtd: spinand: Explicitly use MTD_OPS_RAW to write the bad block marker to OOB
docs: Fix path to MTD command line partition parser
mtd: lpddr: Fix a double free in probe()
mtd: phram: fix a double free issue in error path
KEYS: Don't write out to userspace while holding key semaphore
bpf: fix buggy r0 retval refinement for tracing helpers
bpf: Test_verifier, bpf_get_stack return value add <0
bpf: Test_progs, add test to catch retval refine error handling
bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test
Linux 5.4.35
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I702aba533097c8533c12561c7f1a51f3a96f6f09
|
||
|
Waiman Long
|
f1afcf9488 |
KEYS: Don't write out to userspace while holding key semaphore
commit d3ec10aa95819bff18a0d936b18884c7816d0914 upstream. A lockdep circular locking dependency report was seen when running a keyutils test: [12537.027242] ====================================================== [12537.059309] WARNING: possible circular locking dependency detected [12537.088148] 4.18.0-147.7.1.el8_1.x86_64+debug #1 Tainted: G OE --------- - - [12537.125253] ------------------------------------------------------ [12537.153189] keyctl/25598 is trying to acquire lock: [12537.175087] 000000007c39f96c (&mm->mmap_sem){++++}, at: __might_fault+0xc4/0x1b0 [12537.208365] [12537.208365] but task is already holding lock: [12537.234507] 000000003de5b58d (&type->lock_class){++++}, at: keyctl_read_key+0x15a/0x220 [12537.270476] [12537.270476] which lock already depends on the new lock. [12537.270476] [12537.307209] [12537.307209] the existing dependency chain (in reverse order) is: [12537.340754] [12537.340754] -> #3 (&type->lock_class){++++}: [12537.367434] down_write+0x4d/0x110 [12537.385202] __key_link_begin+0x87/0x280 [12537.405232] request_key_and_link+0x483/0xf70 [12537.427221] request_key+0x3c/0x80 [12537.444839] dns_query+0x1db/0x5a5 [dns_resolver] [12537.468445] dns_resolve_server_name_to_ip+0x1e1/0x4d0 [cifs] [12537.496731] cifs_reconnect+0xe04/0x2500 [cifs] [12537.519418] cifs_readv_from_socket+0x461/0x690 [cifs] [12537.546263] cifs_read_from_socket+0xa0/0xe0 [cifs] [12537.573551] cifs_demultiplex_thread+0x311/0x2db0 [cifs] [12537.601045] kthread+0x30c/0x3d0 [12537.617906] ret_from_fork+0x3a/0x50 [12537.636225] [12537.636225] -> #2 (root_key_user.cons_lock){+.+.}: [12537.664525] __mutex_lock+0x105/0x11f0 [12537.683734] request_key_and_link+0x35a/0xf70 [12537.705640] request_key+0x3c/0x80 [12537.723304] dns_query+0x1db/0x5a5 [dns_resolver] [12537.746773] dns_resolve_server_name_to_ip+0x1e1/0x4d0 [cifs] [12537.775607] cifs_reconnect+0xe04/0x2500 [cifs] [12537.798322] cifs_readv_from_socket+0x461/0x690 [cifs] [12537.823369] cifs_read_from_socket+0xa0/0xe0 [cifs] [12537.847262] cifs_demultiplex_thread+0x311/0x2db0 [cifs] [12537.873477] kthread+0x30c/0x3d0 [12537.890281] ret_from_fork+0x3a/0x50 [12537.908649] [12537.908649] -> #1 (&tcp_ses->srv_mutex){+.+.}: [12537.935225] __mutex_lock+0x105/0x11f0 [12537.954450] cifs_call_async+0x102/0x7f0 [cifs] [12537.977250] smb2_async_readv+0x6c3/0xc90 [cifs] [12538.000659] cifs_readpages+0x120a/0x1e50 [cifs] [12538.023920] read_pages+0xf5/0x560 [12538.041583] __do_page_cache_readahead+0x41d/0x4b0 [12538.067047] ondemand_readahead+0x44c/0xc10 [12538.092069] filemap_fault+0xec1/0x1830 [12538.111637] __do_fault+0x82/0x260 [12538.129216] do_fault+0x419/0xfb0 [12538.146390] __handle_mm_fault+0x862/0xdf0 [12538.167408] handle_mm_fault+0x154/0x550 [12538.187401] __do_page_fault+0x42f/0xa60 [12538.207395] do_page_fault+0x38/0x5e0 [12538.225777] page_fault+0x1e/0x30 [12538.243010] [12538.243010] -> #0 (&mm->mmap_sem){++++}: [12538.267875] lock_acquire+0x14c/0x420 [12538.286848] __might_fault+0x119/0x1b0 [12538.306006] keyring_read_iterator+0x7e/0x170 [12538.327936] assoc_array_subtree_iterate+0x97/0x280 [12538.352154] keyring_read+0xe9/0x110 [12538.370558] keyctl_read_key+0x1b9/0x220 [12538.391470] do_syscall_64+0xa5/0x4b0 [12538.410511] entry_SYSCALL_64_after_hwframe+0x6a/0xdf [12538.435535] [12538.435535] other info that might help us debug this: [12538.435535] [12538.472829] Chain exists of: [12538.472829] &mm->mmap_sem --> root_key_user.cons_lock --> &type->lock_class [12538.472829] [12538.524820] Possible unsafe locking scenario: [12538.524820] [12538.551431] CPU0 CPU1 [12538.572654] ---- ---- [12538.595865] lock(&type->lock_class); [12538.613737] lock(root_key_user.cons_lock); [12538.644234] lock(&type->lock_class); [12538.672410] lock(&mm->mmap_sem); [12538.687758] [12538.687758] *** DEADLOCK *** [12538.687758] [12538.714455] 1 lock held by keyctl/25598: [12538.732097] #0: 000000003de5b58d (&type->lock_class){++++}, at: keyctl_read_key+0x15a/0x220 [12538.770573] [12538.770573] stack backtrace: [12538.790136] CPU: 2 PID: 25598 Comm: keyctl Kdump: loaded Tainted: G [12538.844855] Hardware name: HP ProLiant DL360 Gen9/ProLiant DL360 Gen9, BIOS P89 12/27/2015 [12538.881963] Call Trace: [12538.892897] dump_stack+0x9a/0xf0 [12538.907908] print_circular_bug.isra.25.cold.50+0x1bc/0x279 [12538.932891] ? save_trace+0xd6/0x250 [12538.948979] check_prev_add.constprop.32+0xc36/0x14f0 [12538.971643] ? keyring_compare_object+0x104/0x190 [12538.992738] ? check_usage+0x550/0x550 [12539.009845] ? sched_clock+0x5/0x10 [12539.025484] ? sched_clock_cpu+0x18/0x1e0 [12539.043555] __lock_acquire+0x1f12/0x38d0 [12539.061551] ? trace_hardirqs_on+0x10/0x10 [12539.080554] lock_acquire+0x14c/0x420 [12539.100330] ? __might_fault+0xc4/0x1b0 [12539.119079] __might_fault+0x119/0x1b0 [12539.135869] ? __might_fault+0xc4/0x1b0 [12539.153234] keyring_read_iterator+0x7e/0x170 [12539.172787] ? keyring_read+0x110/0x110 [12539.190059] assoc_array_subtree_iterate+0x97/0x280 [12539.211526] keyring_read+0xe9/0x110 [12539.227561] ? keyring_gc_check_iterator+0xc0/0xc0 [12539.249076] keyctl_read_key+0x1b9/0x220 [12539.266660] do_syscall_64+0xa5/0x4b0 [12539.283091] entry_SYSCALL_64_after_hwframe+0x6a/0xdf One way to prevent this deadlock scenario from happening is to not allow writing to userspace while holding the key semaphore. Instead, an internal buffer is allocated for getting the keys out from the read method first before copying them out to userspace without holding the lock. That requires taking out the __user modifier from all the relevant read methods as well as additional changes to not use any userspace write helpers. That is, 1) The put_user() call is replaced by a direct copy. 2) The copy_to_user() call is replaced by memcpy(). 3) All the fault handling code is removed. Compiling on a x86-64 system, the size of the rxrpc_read() function is reduced from 3795 bytes to 2384 bytes with this patch. Fixes: ^1da177e4c3f4 ("Linux-2.6.12-rc2") Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
265e61b656 |
This is the 5.4.34 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6emyEACgkQONu9yGCS aT4XDBAAhFzbxvspY/tUCArQHN6Cl05OKkcjAdhn2n6i0lpOge8qFI/2ZEUKF/rT 0BjHxn9HjMXjVZ6v7kFh1smBiv+XwWe7peG3ahNNUF7sqxwuNnK7agGynKorPjaV UX1uK8ehvAHmZM+7iRQ9I9I4NfZcnGC9E2C2YWjcfuGe8GtrO18g4dMkEmKcDprF N8M71bo8jKCDr5Y1nqNGRPO8vRpEqKecK8EayTYTLlwPjYjTEsUc7LCYwMMIHHyb 28QlSDwSEZEPwZxSath7WKPEP0Oy5Gjtc0rZDXo+Kix3E8IxJj94pJWsy3tD9X/6 CgMN4wDtpgQlYrmYuFJQNC0MGUFN3SpqWtFDkClj0SZpuRBoYKy2sLezPkX2MAsn JuMHcBdzVoVBxiDy2/BpHD4EIB0NnhJUJw+bxLXYaktTOpQWPLLoo7lG6csDPCsr Z959FayVcHxQonfCGX4qaYFb7ZcEAu/rvD5s3aqJebeflQoxEgKucHsO8B77azmC D/YxYt65tXcIXyxZvtTQHBLHrqgXeutwWueY+Wryk3taLswFqvhe+dycZn+GKxud nP0jn4sNHP6lvHNzN28FcpkbWneETT/WSyP/N3sVE9ePW57hi+bhThCZiZE7mkVw sebT2LE0FgKn20hoXTcijc/AUA81jSxxO17bP1mZGkLp5rqb1+8= =GOl9 -----END PGP SIGNATURE----- Merge 5.4.34 into android-5.4-stable Changes in 5.4.34 amd-xgbe: Use __napi_schedule() in BH context hsr: check protocol version in hsr_newlink() l2tp: Allow management of tunnels and session in user namespace net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin net: ipv6: do not consider routes via gateways for anycast address check net: phy: micrel: use genphy_read_status for KSZ9131 net: qrtr: send msgs from local of same id as broadcast net: revert default NAPI poll timeout to 2 jiffies net: tun: record RX queue in skb before do_xdp_generic() net: dsa: mt7530: move mt7623 settings out off the mt7530 net: ethernet: mediatek: move mt7623 settings out off the mt7530 net/mlx5: Fix frequent ioread PCI access during recovery net/mlx5e: Add missing release firmware call net/mlx5e: Fix nest_level for vlan pop action net/mlx5e: Fix pfnum in devlink port attribute net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes Revert "ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()" ovl: fix value of i_ino for lower hardlink corner case scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic platform/chrome: cros_ec_rpmsg: Fix race with host event jbd2: improve comments about freeing data buffers whose page mapping is NULL acpi/nfit: improve bounds checking for 'func' perf report: Fix no branch type statistics report issue pwm: pca9685: Fix PWM/GPIO inter-operation net/bpfilter: remove superfluous testing message ext4: fix incorrect group count in ext4_fill_super error message ext4: fix incorrect inodes per group in error message clk: at91: sam9x60: fix usb clock parents clk: at91: usb: use proper usbs_mask ARM: dts: imx7-colibri: fix muxing of usbc_det pin arm64: dts: librem5-devkit: add a vbus supply to usb0 usb: dwc3: gadget: Don't clear flags before transfer ended ASoC: Intel: mrfld: fix incorrect check on p->sink ASoC: Intel: mrfld: return error codes when an error occurs ALSA: hda/realtek - Enable the headset mic on Asus FX505DT ALSA: usb-audio: Filter error from connector kctl ops, too ALSA: usb-audio: Don't override ignore_ctl_error value from the map ALSA: usb-audio: Don't create jack controls for PCM terminals ALSA: usb-audio: Check mapping at creating connector controls, too arm64: vdso: don't free unallocated pages keys: Fix proc_keys_next to increase position index tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation btrfs: check commit root generation in should_ignore_root nl80211: fix NL80211_ATTR_FTM_RESPONDER policy mac80211: fix race in ieee80211_register_hw() mac80211_hwsim: Use kstrndup() in place of kasprintf() net/mlx5e: Encapsulate updating netdev queues into a function net/mlx5e: Rename hw_modify to preactivate net/mlx5e: Use preactivate hook to set the indirection table drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled drm/amdgpu: fix the hw hang during perform system reboot and reset i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT ext4: do not zeroout extents beyond i_disksize irqchip/ti-sci-inta: Fix processing of masked irqs x86/resctrl: Preserve CDP enable over CPU hotplug x86/resctrl: Fix invalid attempt at removing the default resource group scsi: target: remove boilerplate code scsi: target: fix hang when multiple threads try to destroy the same iscsi session x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE Linux 5.4.34 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ice46175a7478217e00e649fa26ee8631985746f1 |
||
|
Vasily Averin
|
a0aaafe7ce |
keys: Fix proc_keys_next to increase position index
commit 86d32f9a7c54ad74f4514d7fef7c847883207291 upstream.
If seq_file .next function does not change position index,
read after some lseek can generate unexpected output:
$ dd if=/proc/keys bs=1 # full usual output
0f6bfdf5 I--Q--- 2 perm 3f010000 1000 1000 user 4af2f79ab8848d0a: 740
1fb91b32 I--Q--- 3 perm 1f3f0000 1000 65534 keyring _uid.1000: 2
27589480 I--Q--- 1 perm 0b0b0000 0 0 user invocation_id: 16
2f33ab67 I--Q--- 152 perm 3f030000 0 0 keyring _ses: 2
33f1d8fa I--Q--- 4 perm 3f030000 1000 1000 keyring _ses: 1
3d427fda I--Q--- 2 perm 3f010000 1000 1000 user 69ec44aec7678e5a: 740
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
521+0 records in
521+0 records out
521 bytes copied, 0,00123769 s, 421 kB/s
But a read after lseek in middle of last line results in the partial
last line and then a repeat of the final line:
$ dd if=/proc/keys bs=500 skip=1
dd: /proc/keys: cannot skip to specified offset
g _uid_ses.1000: 1
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
97 bytes copied, 0,000135035 s, 718 kB/s
and a read after lseek beyond end of file results in the last line being
shown:
$ dd if=/proc/keys bs=1000 skip=1 # read after lseek beyond end of file
dd: /proc/keys: cannot skip to specified offset
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
76 bytes copied, 0,000119981 s, 633 kB/s
See https://bugzilla.kernel.org/show_bug.cgi?id=206283
Fixes:
|
||
|
Greg Kroah-Hartman
|
a9372c6b57 |
This is the 5.4.33 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6ZbdIACgkQONu9yGCS
aT5Jqw/7BZ639nTAAmz809yOF1JBhvBptRg9tBKYAfw62DzfZe5s9IZA6znIt0f0
nlluLvnhHlDSpgycHNkFry5AkiCUpRQW6NY681xITm918w3BxsKX2pfCawojIOSw
YBaTWoWqNFQQWlC18L1CWJmIvIktSCHXBMTVDpnvRv7sw5A4Oe/zarzVDNb0A6OJ
ThaR7LAKJrUEDDLuCOuB/IrYCOpOzg2SkViFmlo4wmmhvCSi8PXvf3royrSFXxM/
Y1bs67Hu/uqeHl8Y2RaMZpXf1aW9F31sooca4GD+UnVoWppjIOKRyuGLTrXKv7pw
/goIzlE8wfJz5K0iQ4UcbXwwdY81L9UlMdVsmIWHHgxMjSp1J5mfQ5TLUC/VK3UO
Ll9tCYBwH4FjzxNRJq7if8TDAfgPzyhw4BMchgXZWzW1oasl51T2uEye3KgFXQSb
u6TwCx4KGS0w/Q81SKis83Pb0unHGanJOSCZxI1B44raf0ruCBpTYUc713pfegWT
46YtwoorAK8N+GpFQA1tsTJvVclqCF5bHVE19TMvXV4UX/VTPtbIAUE7vnvcxcqO
uh0b9Jfmd6Fcgh7VZQCH7CUYnsyJmGqj2kycB1p+T8UB6H+PCeuQBZBl8sJnf8oj
d5NIzB7WWXBQuEG5XuPtxg6+ARMPEIpd2exEVn9ZOv5qhesBo04=
=pjAq
-----END PGP SIGNATURE-----
Merge 5.4.33 into android-5.4-stable
Changes in 5.4.33
ARM: dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
ARM: dts: Fix dm814x Ethernet by changing to use rgmii-id mode
bpf: Fix deadlock with rq_lock in bpf_send_signal()
iwlwifi: mvm: Fix rate scale NSS configuration
Input: tm2-touchkey - add support for Coreriver TC360 variant
soc: fsl: dpio: register dpio irq handlers after dpio create
rxrpc: Abstract out the calculation of whether there's Tx space
rxrpc: Fix call interruptibility handling
net: stmmac: platform: Fix misleading interrupt error msg
net: vxge: fix wrong __VA_ARGS__ usage
hinic: fix a bug of waitting for IO stopped
hinic: fix the bug of clearing event queue
hinic: fix out-of-order excution in arm cpu
hinic: fix wrong para of wait_for_completion_timeout
hinic: fix wrong value of MIN_SKB_LEN
selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc
cxgb4/ptp: pass the sign of offset delta in FW CMD
drm/scheduler: fix rare NULL ptr race
cfg80211: Do not warn on same channel at the end of CSA
qlcnic: Fix bad kzalloc null test
i2c: st: fix missing struct parameter description
i2c: pca-platform: Use platform_irq_get_optional
media: rc: add keymap for Videostrong KII Pro
cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL
staging: wilc1000: avoid double unlocking of 'wilc->hif_cs' mutex
media: venus: hfi_parser: Ignore HEVC encoding for V1
firmware: arm_sdei: fix double-lock on hibernate with shared events
null_blk: Fix the null_add_dev() error path
null_blk: Handle null_add_dev() failures properly
null_blk: fix spurious IO errors after failed past-wp access
media: imx: imx7_mipi_csis: Power off the source when stopping streaming
media: imx: imx7-media-csi: Fix video field handling
xhci: bail out early if driver can't accress host in resume
ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()
x86: Don't let pgprot_modify() change the page encryption bit
dma-mapping: Fix dma_pgprot() for unencrypted coherent pages
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
debugfs: Check module state before warning in {full/open}_proxy_open()
irqchip/versatile-fpga: Handle chained IRQs properly
time/sched_clock: Expire timer in hardirq context
media: allegro: fix type of gop_length in channel_create message
sched: Avoid scale real weight down to zero
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
PCI/switchtec: Fix init_completion race condition with poll_wait()
block, bfq: move forward the getting of an extra ref in bfq_bfqq_move
media: i2c: video-i2c: fix build errors due to 'imply hwmon'
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
pstore/platform: fix potential mem leak if pstore_init_fs failed
gfs2: Do log_flush in gfs2_ail_empty_gl even if ail list is empty
gfs2: Don't demote a glock until its revokes are written
cpufreq: imx6q: fix error handling
x86/boot: Use unsigned comparison for addresses
efi/x86: Ignore the memory attributes table on i386
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
block: Fix use-after-free issue accessing struct io_cq
media: i2c: ov5695: Fix power on and off sequences
usb: dwc3: core: add support for disabling SS instances in park mode
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
md: check arrays is suspended in mddev_detach before call quiesce operations
firmware: fix a double abort case with fw_load_sysfs_fallback
spi: spi-fsl-dspi: Replace interruptible wait queue with a simple completion
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued
btrfs: remove a BUG_ON() from merge_reloc_roots()
btrfs: restart relocate_tree_blocks properly
btrfs: track reloc roots based on their commit root bytenr
ASoC: fix regwmask
ASoC: dapm: connect virtual mux with default value
ASoC: dpcm: allow start or stop during pause for backend
ASoC: topology: use name_prefix for new kcontrol
usb: gadget: f_fs: Fix use after free issue as part of queue failure
usb: gadget: composite: Inform controller driver of self-powered
ALSA: usb-audio: Add mixer workaround for TRX40 and co
ALSA: hda: Add driver blacklist
ALSA: hda: Fix potential access overflow in beep helper
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: hda/realtek: Enable mute LED on an HP system
ALSA: hda/realtek - a fake key event is triggered by running shutup
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups
ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen
ALSA: hda/realtek - Add quirk for MSI GL63
media: venus: firmware: Ignore secure call error on first resume
media: hantro: Read be32 words starting at every fourth byte
media: ti-vpe: cal: fix disable_irqs to only the intended target
media: ti-vpe: cal: fix a kernel oops when unloading module
seccomp: Add missing compat_ioctl for notify
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
ACPICA: Allow acpi_any_gpe_status_set() to skip one GPE
ACPI: PM: s2idle: Refine active GPEs check
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
nvmet-tcp: fix maxh2cdata icresp parameter
nvme-fc: Revert "add module to ops template to allow module references"
efi/x86: Add TPM related EFI tables to unencrypted mapping checks
PCI: pciehp: Fix indefinite wait on sysfs requests
PCI/ASPM: Clear the correct bits when enabling L1 substates
PCI: Add boot interrupt quirk mechanism for Xeon chipsets
PCI: qcom: Fix the fixup of PCI_VENDOR_ID_QCOM
PCI: endpoint: Fix for concurrent memory allocation in OB address region
sched/fair: Fix enqueue_task_fair warning
tpm: Don't make log failures fatal
tpm: tpm1_bios_measurements_next should increase position index
tpm: tpm2_bios_measurements_next should increase position index
KEYS: reaching the keys quotas correctly
cpu/hotplug: Ignore pm_wakeup_pending() for disable_nonboot_cpus()
genirq/debugfs: Add missing sanity checks to interrupt injection
irqchip/versatile-fpga: Apply clear-mask earlier
io_uring: remove bogus RLIMIT_NOFILE check in file registration
pstore: pstore_ftrace_seq_next should increase position index
MIPS/tlbex: Fix LDDIR usage in setup_pw() for Loongson-3
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
PM / Domains: Allow no domain-idle-states DT property in genpd when parsing
PM: sleep: wakeup: Skip wakeup_source_sysfs_remove() if device is not there
ath9k: Handle txpower changes even when TPC is disabled
signal: Extend exec_id to 64bits
x86/tsc_msr: Use named struct initializers
x86/tsc_msr: Fix MSR_FSB_FREQ mask for Cherry Trail devices
x86/tsc_msr: Make MSR derived TSC frequency more accurate
x86/entry/32: Add missing ASM_CLAC to general_protection entry
platform/x86: asus-wmi: Support laptops where the first battery is named BATT
KVM: nVMX: Properly handle userspace interrupt window request
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Gracefully handle __vmalloc() failure during VM allocation
KVM: VMX: Add a trampoline to fix VMREAD error handling
KVM: VMX: fix crash cleanup when KVM wasn't used
smb3: fix performance regression with setting mtime
CIFS: Fix bug which the return value by asynchronous read is error
mtd: spinand: Stop using spinand->oobbuf for buffering bad block markers
mtd: spinand: Do not erase the block before writing a bad block marker
btrfs: Don't submit any btree write bio if the fs has errors
Btrfs: fix crash during unmount due to race with delayed inode workers
btrfs: reloc: clean dirty subvols if we fail to start a transaction
btrfs: set update the uuid generation as soon as possible
btrfs: drop block from cache on error in relocation
btrfs: fix missing file extent item for hole after ranged fsync
btrfs: unset reloc control if we fail to recover
btrfs: fix missing semaphore unlock in btrfs_sync_file
btrfs: use nofs allocations for running delayed items
remoteproc: qcom_q6v5_mss: Don't reassign mpss region on shutdown
remoteproc: qcom_q6v5_mss: Reload the mba region on coredump
remoteproc: Fix NULL pointer dereference in rproc_virtio_notify
crypto: rng - Fix a refcounting bug in crypto_rng_reset()
crypto: mxs-dcp - fix scatterlist linearization for hash
erofs: correct the remaining shrink objects
io_uring: honor original task RLIMIT_FSIZE
mmc: sdhci-of-esdhc: fix esdhc_reset() for different controller versions
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
tools: gpio: Fix out-of-tree build regression
net: qualcomm: rmnet: Allow configuration updates to existing devices
arm64: dts: allwinner: h6: Fix PMU compatible
sched/core: Remove duplicate assignment in sched_tick_remote()
arm64: dts: allwinner: h5: Fix PMU compatible
mm, memcg: do not high throttle allocators based on wraparound
dm writecache: add cond_resched to avoid CPU hangs
dm integrity: fix a crash with unusually large tag size
dm verity fec: fix memory leak in verity_fec_dtr
dm clone: Add overflow check for number of regions
dm clone metadata: Fix return type of dm_clone_nr_of_hydrated_regions()
XArray: Fix xas_pause for large multi-index entries
xarray: Fix early termination of xas_for_each_marked
crypto: caam/qi2 - fix chacha20 data size error
crypto: caam - update xts sector size for large input length
crypto: ccree - protect against empty or NULL scatterlists
crypto: ccree - only try to map auth tag if needed
crypto: ccree - dec auth tag size from cryptlen map
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
scsi: ufs: fix Auto-Hibern8 error detection
scsi: lpfc: Fix lpfc_io_buf resource leak in lpfc_get_scsi_buf_s4 error path
ARM: dts: exynos: Fix polarity of the LCD SPI bus on UniversalC210 board
arm64: dts: ti: k3-am65: Add clocks to dwc3 nodes
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
selftests: vm: drop dependencies on page flags from mlock2 tests
selftests/vm: fix map_hugetlb length used for testing read and write
selftests/powerpc: Add tlbie_test in .gitignore
vfio: platform: Switch to platform_get_irq_optional()
drm/i915/gem: Flush all the reloc_gpu batch
drm/etnaviv: rework perfmon query infrastructure
drm: Remove PageReserved manipulation from drm_pci_alloc
drm/amdgpu/powerplay: using the FCLK DPM table to set the MCLK
drm/amdgpu: unify fw_write_wait for new gfx9 asics
powerpc/pseries: Avoid NULL pointer dereference when drmem is unavailable
nfsd: fsnotify on rmdir under nfsd/clients/
NFS: Fix use-after-free issues in nfs_pageio_add_request()
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
ext4: fix a data race at inode->i_blocks
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ocfs2: no need try to truncate file beyond i_size
perf tools: Support Python 3.8+ in Makefile
s390/diag: fix display of diagnose call statistics
Input: i8042 - add Acer Aspire 5738z to nomux list
ftrace/kprobe: Show the maxactive number on kprobe_events
clk: ingenic/jz4770: Exit with error if CGU init failed
clk: ingenic/TCU: Fix round_rate returning error
kmod: make request_module() return an error when autoloading is disabled
cpufreq: powernv: Fix use-after-free
hfsplus: fix crash and filesystem corruption when deleting files
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
ipmi: fix hung processes in __get_guid()
xen/blkfront: fix memory allocation flags in blkfront_setup_indirect()
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/64: Setup a paca before parsing device tree etc.
powerpc/xive: Fix xmon support on the PowerNV platform
powerpc/kprobes: Ignore traps that happened in real mode
powerpc/64: Prevent stack protection in early boot
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc: Make setjmp/longjmp signature standard
arm64: Always force a branch protection mode when the compiler has one
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
dm clone: replace spin_lock_irqsave with spin_lock_irq
dm clone: Fix handling of partial region discards
dm clone: Add missing casts to prevent overflows and data corruption
scsi: lpfc: Add registration for CPU Offline/Online events
scsi: lpfc: Fix Fabric hostname registration if system hostname changes
scsi: lpfc: Fix configuration of BB credit recovery in service parameters
scsi: lpfc: Fix broken Credit Recovery after driver load
Revert "drm/dp_mst: Remove VCPI while disabling topology mgr"
drm/dp_mst: Fix clearing payload state on topology disable
drm/amdgpu: fix gfx hang during suspend with video playback (v2)
drm/i915/icl+: Don't enable DDI IO power on a TypeC port in TBT mode
powerpc/kasan: Fix kasan_remap_early_shadow_ro()
mmc: sdhci: Convert sdhci_set_timeout_irq() to non-static
mmc: sdhci: Refactor sdhci_set_timeout()
bpf: Fix tnum constraints for 32-bit comparisons
mfd: dln2: Fix sanity checking for endpoints
efi/x86: Fix the deletion of variables in mixed mode
ASoC: stm32: sai: Add missing cleanup
scsi: lpfc: fix inlining of lpfc_sli4_cleanup_poll_list()
Linux 5.4.33
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I6c37e2c64801a572781c46fc5883bcc74e6a7a1a
|
||
Yang Xu
|
4b67e5afc2 |
KEYS: reaching the keys quotas correctly
commit 2e356101e72ab1361821b3af024d64877d9a798d upstream.
Currently, when we add a new user key, the calltrace as below:
add_key()
key_create_or_update()
key_alloc()
__key_instantiate_and_link
generic_key_instantiate
key_payload_reserve
......
Since commit
|
||
|
Blagovest Kolenichev
|
2e72d8932e |
Merge android-5.4.24 (ce5de62) into msm-5.4
* refs/heads/tmp-ce5de62:
Revert "BACKPORT: tracing: Remove unnecessary DEBUG_FS dependency"
Linux 5.4.24
blktrace: Protect q->blk_trace with RCU
kvm: nVMX: VMWRITE checks unsupported field before read-only field
kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
mm/gup: allow FOLL_FORCE for get_user_pages_fast()
mm/debug.c: always print flags in dump_page()
locking/lockdep: Fix lockdep_stats indentation problem
xfs: clear kernel only flags in XFS_IOC_ATTRMULTI_BY_HANDLE
bus: tegra-aconnect: Remove PM_CLK dependency
netfilter: nf_flowtable: fix documentation
netfilter: nft_tunnel: no need to call htons() when dumping ports
thermal: brcmstb_thermal: Do not use DT coefficients
thermal: db8500: Depromote debug print
ubifs: Fix ino_t format warnings in orphan_delete()
rcu: Allow only one expedited GP to run concurrently with wakeups
KVM: x86: Remove spurious clearing of async #PF MSR
KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path
x86/resctrl: Check monitoring static key in the MBM overflow handler
perf ui gtk: Add missing zalloc object
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
pwm: omap-dmtimer: put_device() after of_find_device_by_node()
lib/vdso: Update coarse timekeeper unconditionally
lib/vdso: Make __arch_update_vdso_data() logic understandable
kprobes: Set unoptimized flag after unoptimizing code
ima: ima/lsm policy rule loading logic bug fixes
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
RDMA/hns: Bugfix for posting a wqe with sge
RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs
f2fs: fix to add swap extent correctly
sched/fair: Optimize select_idle_cpu
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: delete unused mwifiex_get_intf_num()
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
kbuild: make single target builds even faster
kbuild: remove unneeded variable, single-all
kbuild: move headers_check rule to usr/include/Makefile
kbuild: remove header compile test
selftests: Install settings files to fix TIMEOUT failures
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net/smc: no peer ID in CLC decline for SMCD
net: atlantic: fix out of range usage of active_vlans array
net: atlantic: fix potential error handling
net: atlantic: fix use after free kasan warn
net: netlink: cap max groups which will be considered in netlink_bind()
s390/qeth: vnicc Fix EOPNOTSUPP precedence
nvme-pci: Hold cq_poll_lock while completing CQEs
usb: charger: assign specific number for enum value
hv_netvsc: Fix unwanted wakeup in netvsc_attach()
kbuild: fix DT binding schema rule to detect command line changes
mac80211: Remove a redundant mutex unlock
nl80211: fix potential leak in AP start
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
HID: alps: Fix an error handling path in 'alps_input_configured()'
netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()
netfilter: ipset: Fix forceadd evaluation path
vhost: Check docket sk_family instead of call getname
net/smc: transfer fasync_list in case of fallback
netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports
io_uring: fix 32-bit compatability with sendmsg/recvmsg
cpufreq: Fix policy initialization for internal governor drivers
amdgpu/gmc_v9: save/restore sdpif regs during S3
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
macintosh: therm_windtunnel: fix regression when instantiating devices
drm/radeon: Inline drm_get_pci_dev
drm/amdgpu: Drop DRIVER_USE_AGP
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: always check the netlink payload length in audit_receive_msg()
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
nvme/pci: move cqe check after device shutdown
nvme: prevent warning triggered by nvme_stop_keep_alive
nvme/tcp: fix bug on double requeue when send fails
net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples()
net: hns3: add management table after IMP reset
mac80211: fix wrong 160/80+80 MHz setting
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
ice: update Unit Load Status bitmask to check after reset
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix corruption of dev_idx_to_host_tbl
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: rss: do not allocate key when not supported
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps
soc/tegra: fuse: Fix build with Tegra194 configuration
amdgpu: Prevent build errors regarding soft/hard-float FP ABI tags
drm/amd/display: Add initialitions for PLL2 clock source
drm/amd/display: Limit minimum DPPCLK to 100MHz.
drm/amd/display: Check engine is not NULL before acquiring
RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready()
drm/amd/display: Do not set optimized_require to false after plane disable
ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi
ceph: do not execute direct write in parallel if O_APPEND is specified
perf/x86/msr: Add Tremont support
perf/x86/cstate: Add Tremont support
perf/x86/intel: Add Elkhart Lake support
perf/smmuv3: Use platform_get_irq_optional() for wired interrupt
NFSv4: Fix races between open and dentry revalidation
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
s390/zcrypt: fix card and queue total counter wrap
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
sched/fair: Prevent unlimited runtime on throttled group
timers/nohz: Update NOHZ load in remote tick
sched/core: Don't skip remote tick for idle CPUs
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
ipv6: Fix nlmsg_flags when splitting a multipath route
ipv6: Fix route replacement with dev-only route
bonding: fix lockdep warning in bond_get_stats()
net: export netdev_next_lower_dev_rcu()
bonding: add missing netdev_update_lockdep_key()
bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs.
bnxt_en: Improve device shutdown method.
sctp: move the format error check out of __sctp_sf_do_9_1_abort
udp: rehash on disconnect
Revert "net: dev: introduce support for sch BYPASS for lockless qdisc"
qede: Fix race between rdma destroy workqueue and link change event
nfc: pn544: Fix occasional HW initialization failure
net/tls: Fix to avoid gettig invalid tls record
net: sched: correct flower port blocking
net: phy: restore mdio regs in the iproc mdio driver
net: mscc: fix in frame extraction
net: macb: ensure interface is not suspended on at91rm9200
net: fib_rules: Correctly set table field when table number exceeds 8 bits
net: dsa: b53: Ensure the default VID is untagged
EDAC: skx_common: downgrade message importance on missing PCI device
io_uring: grab ->fs as part of async offload
ANDROID: abi_gki_aarch64_whitelist: add module_layout and task_struct
ANDROID: gki_defconfig: disable KPROBES, update ABI
FROMGIT: scsi: ufs: Select INITIAL ADAPT type for HS Gear4
FROMLIST: scsi: ufs: Use ufshcd_config_pwr_mode() when scale gear
FROMGIT: scsi: ufs-qcom: Apply QUIRK_HOST_TACTIVATE for WDC UFS devices
FROMGIT: scsi: ufs: Allow vendor device quirks to be applied early
BACKPORT: scsi: ufs: Delete struct ufs_dev_desc
ANDROID: gki_defconfig: enable IOMMU_LIMIT_IOVA_ALIGNMENT
FROMLIST: iommu/iova: Support limiting IOVA alignment
FROMLIST: iommu/iova: Add a best-fit algorithm
FROMLIST: iommu/dma: Allow drivers to reserve an iova range
ANDROID: Unconditionally create bridge tracepoints
ANDROID: gki_defconfig: Enable MFD_SYSCON on x86
ANDROID: update ABI for CONFIG_IIO_* changes
ANDROID: gki_defconfig: add CONFIG_IIO_BUFFER and CONFIG_IIO_TRIGGER
ANDROID: gki: set CONFIG_SERIAL_SPRD_CONSOLE for earlycon
ANDROID: Re-add default y for VIRTIO_PCI_LEGACY
ANDROID: GKI: build in HVC_DRIVER
ANDROID: Removed default m for virtual sw crypto device
ANDROID: Remove default y on BRIDGE_IGMP_SNOOPING
ANDROID: GKI: Added missing SND configs
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
ANDROID: GKI: Remove CONFIG_BRIDGE from arm64 config
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
UPSTREAM: iommu/arm-smmu: Restore naming of driver parameter prefix
ANDROID: gki_defconfig: Remove 'BRIDGE_NETFILTER is not set'
UPSTREAM: net: disable BRIDGE_NETFILTER by default
Linux 5.4.23
ASoC: SOF: Intel: hda: Add iDisp4 DAI
bpf: Selftests build error in sockmap_basic.c
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
s390/kaslr: Fix casts in get_random
net/mlx5e: Fix crash in recovery flow without devlink reporter
net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa
net/mlx5e: Reset RQ doorbell counter before moving RQ state from RST to RDY
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
io_uring: prevent sq_thread from spinning when it should stop
rxrpc: Fix call RCU cleanup using non-bh-safe locks
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
io_uring: fix __io_iopoll_check deadlock in io_sq_thread
arm64: lse: Fix LSE atomics with LLVM
bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill
genirq/proc: Reject invalid affinity masks (again)
crypto: rename sm3-256 to sm3 in hash_algo_name
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
ASoC: fsl_sai: Fix exiting path on probing failure
ASoC: atmel: fix atmel_ssc_set_audio link failure
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: dwc2: Fix in ISOC request length checking
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
drm/msm/dpu: fix BGR565 vs RGB565 confusion
drm/i915/gt: Protect defer_request() from new waiters
drm/bridge: tc358767: fix poll timeouts
drm/i915/gvt: more locking for ppgtt mm LRU list
drm/i915/execlists: Always force a context reload when rewinding RING_TAIL
drm/i915/gt: Detect if we miss WaIdleLiteRestore
Revert "dmaengine: imx-sdma: Fix memory leak"
Btrfs: fix deadlock during fast fsync when logging prealloc extents beyond eof
btrfs: don't set path->leave_spinning for truncate
Btrfs: fix race between shrinking truncate and fiemap
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: reset fs_root to NULL on error in open_ctree
btrfs: fix bytes_may_use underflow in prealloc error condtition
btrfs: destroy qgroup extent records on transaction abort
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: clear PIN_BASED_POSTED_INTR from nested pinbased_ctls only when apicv is globally disabled
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between online resizing and write operations
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
KVM: nVMX: Don't emulate instructions in guest mode
sched/psi: Fix OOB write when writing 0 bytes to PSI files
drm/i915: Update drm/i915 bug filing URL
drm/i915: Wean off drm_pci_alloc/drm_pci_free
drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets
drm/amdgpu/gfx10: disable gfxoff when reading rlc clock
drm/amdgpu/gfx9: disable gfxoff when reading rlc clock
drm/amdgpu/soc15: fix xclk for raven
mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
mm/sparsemem: pfn_to_page is not valid yet on SPARSEMEM
mm/vmscan.c: don't round up scan size for online memory cgroup
genirq/irqdomain: Make sure all irq domain flags are distinct
nvme-multipath: Fix memory leak with ana_log_buf
mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps()
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
ACPI: PM: s2idle: Check fixed wakeup events in acpi_s2idle_wake()
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: qcom_geni_serial: Fix RX cancel command failure
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
serial: 8250: Check UPF_IRQ_SHARED in advance
x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
x86/ima: use correct identifier for SetupMode variable
jbd2: fix ocfs2 corrupt when clearing block group bits
arm64: memory: Add missing brackets to untagged_addr() macro
powerpc/hugetlb: Fix 8M hugepages on 8xx
powerpc/hugetlb: Fix 512k hugepages on 8xx with 16k page size
powerpc/entry: Fix an #if which should be an #ifdef in entry_32.S
powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery
powerpc/eeh: Fix deadlock handling dead PHB
powerpc/8xx: Fix clearing of bits 20-23 in ITLB miss
drm/panfrost: perfcnt: Reserve/use the AS attached to the perfcnt MMU context
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
scsi: Revert "target/core: Inline transport_lun_remove_cmd()"
usb: dwc3: debug: fix string position formatting mixup with ret and len
usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields
usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
USB: quirks: blacklist duplicate ep on Sound Devices USBPre2
USB: core: add endpoint-blacklist quirk
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: vt_ioctl: fix race in VT_RESIZEX
vt: selection, handle pending signals in paste_selection
vt: fix scrollback flushing on background consoles
floppy: check FDC index for errors before assigning it
e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
btrfs: handle logged extent failure properly
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
ASoC: sun8i-codec: Fix setting DAI data format
ASoC: codec2codec: avoid invalid/double-free of pcm runtime
ALSA: hda/realtek - Apply quirk for yet another MSI laptop
ALSA: hda/realtek - Apply quirk for MSI GP63, too
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
ANDROID: build.config.gki.aarch64: enable symbol trimming
ANDROID: kbuild: avoid excessively long argument lists
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: net: wireless: Add module_param(mac_prefix) to mac80211_hwsim
ANDROID: gki: Enable BINFMT_MISC as part of GKI
ANDROID: gki_defconfig: disable CONFIG_CRYPTO_MD4
FROMLIST: kbuild: generate autoksyms.h early
FROMLIST: kbuild: split adjust_autoksyms.sh in two parts
FROMLIST: kbuild: allow symbol whitelisting with TRIM_UNUSED_KSYMS
ANDROID: ABI/Whitelist: update for unisoc
ANDROID: Disable wq fp check in CFI builds
ANDROID: gki_defconfig: Disable CONFIG_RT_GROUP_SCHED
FROMGIT: of: property: Add device link support for power-domains and hwlocks
ANDROID: drm/msm/a6xx: Make a6xx_gmu_bo.iova a dma_addr_t
FROMLIST: of: of_reserved_mem: Increase limit on number of reserved regions
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
FROMLIST: drm/msm/a6xx: Use the DMA API for GMU memory objects
FROMLIST: arm64: dts: sdm845: Set the virtual address range for GMU allocations
UPSTREAM: of: Make of_dma_get_range() work on bus nodes
UPSTREAM: of/address: Fix of_pci_range_parser_one translation of DMA addresses
UPSTREAM: of/address: Translate 'dma-ranges' for parent nodes missing 'dma-ranges'
UPSTREAM: of: Factor out #{addr,size}-cells parsing
UPSTREAM: of: address: Follow DMA parent for "dma-coherent"
UPSTREAM: of/address: Introduce of_get_next_dma_parent() helper
UPSTREAM: of: Make of_dma_get_range() private
ANDROID: fix merge issue in 5.4.22
ANDROID: update ABI for 5.4.22
Linux 5.4.22
rtc: Kconfig: select REGMAP_I2C when necessary
bcache: properly initialize 'path' and 'err' in register_bcache()
drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2)
s390/pci: Recover handle in clp_set_pci_fn()
mlxsw: spectrum_dpipe: Add missing error path
fuse: don't overflow LLONG_MAX with end offset
virtio_balloon: prevent pfn array overflow
cifs: log warning message (once) if out of disk space
i40e: Relax i40e_xsk_wakeup's return value when PF is busy
help_next should increase position index
NFS: Fix memory leaks
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
asm-generic/tlb: add missing CONFIG symbol
iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta()
iwlwifi: mvm: Fix thermal zone registration
nvme-pci: remove nvmeq->tags
nvmet: Pass lockdep expression to RCU lists
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: fix incorrect data type usage in btree_flush_write()
bcache: explicity type cast in bset_bkey_last()
bcache: fix memory corruption in bch_cache_accounting_clear()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
ocfs2: make local header paths relative to C files
btrfs: do not do delalloc reservation under page lock
powerpc: Do not consider weak unresolved symbol relocations as bad
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
char: hpet: Fix out-of-bounds read bug
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
drm/amd/display: do not allocate display_mode_lib unnecessarily
rbd: work around -Wuninitialized warning
ceph: check availability of mds cluster on mount after wait timeout
powerpc/mm: Don't log user reads to 0xffffffff
bpf: map_seq_next should always increase position index
cifs: fix NULL dereference in match_prepath
cifs: Fix mount options set in automount
cifs: fix unitialized variable poential problem with network I/O cache lock patch
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
rtw88: fix potential NULL skb access in TX ISR
hostap: Adjust indentation in prism2_hostapd_add_sta
ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82
ARM: 8951/1: Fix Kexec compilation issue.
selftests/eeh: Bump EEH wait time to 60s
powerpc/pseries/lparcfg: Fix display of Maximum Memory
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
selftests: bpf: Reset global state between reuseport test runs
alarmtimer: Make alarmtimer platform device child of RTC device
iommu/vt-d: Remove unnecessary WARN_ON_ONCE()
bcache: fix use-after-free in register_bcache()
bcache: rework error unwinding in register_bcache
bcache: cached_dev_free needs to put the sb page
btrfs: Fix split-brain handling when changing FSID to metadata uuid
btrfs: separate definition of assertion failure handlers
media: uvcvideo: Add a quirk to force GEO GC6500 Camera bits-per-pixel value
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
drm/nouveau/mmu: fix comptag memory leak
sunrpc: Fix potential leaks in sunrpc_cache_unhash()
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
bpf, btf: Always output invariant hit in pahole DWARF to BTF transform
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
s390: adjust -mpacked-stack support check for clang 10
x86/decoder: Add TEST opcode to Group3-2
objtool: Fix ARCH=x86_64 build error
kbuild: use -S instead of -E for precise cc-option test in Kconfig
spi: spi-fsl-qspi: Ensure width is respected in spi-mem operations
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
regulator: core: Fix exported symbols to the exported GPL version
remoteproc: Initialize rproc_class before use
module: avoid setting info->name early in case we can fall back to info->mod->name
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
regulator: vctrl-regulator: Avoid deadlock getting and setting the voltage
ASoC: SOF: Intel: hda: Fix SKL dai count
debugobjects: Fix various data races
watchdog/softlockup: Enforce that timestamp is valid on boot
perf/x86/amd: Constrain Large Increment per Cycle events
sched/topology: Assert non-NUMA topology masks don't (partially) overlap
sched/core: Fix size of rq::uclamp initialization
arm64: dts: ti: k3-j721e-main: Add missing power-domains for smmu
KVM: PPC: Remove set but not used variable 'ra', 'rs', 'rt'
EDAC/sifive: Fix return value check in ecc_register()
drm/amd/display: fixup DML dependencies
arm64: fix alternatives with LLVM's integrated assembler
arm64: lse: fix LSE atomics with LLVM's integrated assembler
RDMA/mlx5: Don't fake udata for kernel path
ALSA: usb-audio: add implicit fb quirk for MOTU M Series
crypto: essiv - fix AEAD capitalization and preposition use in help text
scsi: iscsi: Don't destroy session if there are outstanding connections
scsi: ufs-mediatek: add apply_dev_quirks variant operation
scsi: ufs: pass device information to apply_dev_quirks
f2fs: free sysfs kobject
f2fs: set I_LINKABLE early to avoid wrong access by vfs
ALSA: usb-audio: unlock on error in probe
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
kbuild: remove *.tmp file when filechk fails
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
perf/imx_ddr: Fix cpu hotplug state cleanup
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
gpiolib: Set lockdep class for hierarchical irq domains
dm thin: don't allow changing data device during thin-pool reload
drm/nouveau/fault/gv100-: fix memory leak on module unload
drm/nouveau/drm/ttm: Remove set but not used variable 'mem'
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map
ASoC: SOF: Intel: hda-dai: fix compilation warning in pcm_prepare
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
visorbus: fix uninitialized variable access
misc: xilinx_sdfec: fix xsdfec_poll()'s return type
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
raid6/test: fix a compilation warning
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
ALSA: usb-audio: Add boot quirk for MOTU M Series
ARM: dts: rockchip: add reg property to brcmf sub node for rk3188-bqedison2qc
arm64: dts: rockchip: add reg property to brcmf sub-nodes
arm64: dts: rockchip: fix dwmmc clock name for px30
clocksource: davinci: only enable clockevents once tim34 is initialized
wan: ixp4xx_hss: fix compile-testing on 64-bit
x86/nmi: Remove irq_work from the long duration NMI handler
bnxt: Detach page from page pool before sending up the stack
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats
IB/hfi1: Add software counter for ctxt0 seq drop
staging: rtl8188: avoid excessive stack usage
drm/mediatek: Add gamma property according to hardware capability
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco
usb: dwc3: use proper initializers for property entries
drm: remove the newline for CRC source name.
RDMA/hns: Avoid printing address of mtt page
mlx5: work around high stack usage with gcc
drm/amdkfd: Fix permissions of hang_hws
iommu/vt-d: Avoid sending invalid page response
iommu/vt-d: Match CPU and IOMMU paging mode
ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch
ASoC: Intel: sof_rt5682: Ignore the speaker amp when there isn't one.
vfio/spapr/nvlink2: Skip unpinning pages on error exit
tools lib api fs: Fix gcc9 stringop-truncation compilation error
net: phy: fixed_phy: fix use-after-free when checking link GPIO
ALSA: sh: Fix compile warning wrt const
ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too
clk: uniphier: Add SCSSI clock gate for each channel
clk: Use parent node pointer during registration if necessary
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
fbdev: fix numbering of fbcon options
ASoC: soc-topology: fix endianness issues
reset: uniphier: Add SCSSI reset control for each channel
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
drm/fbdev: Fallback to non tiled mode if all tiles not present
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
PM / devfreq: exynos-ppmu: Fix excessive stack usage
x86/vdso: Provide missing include file
crypto: chtls - Fixed memory leak
net: phy: realtek: add logging for the RGMII TX delay configuration
bpf: Print error message for bpftool cgroup show
dmaengine: imx-sdma: Fix memory leak
dmaengine: Store module owner in dma_device struct
clk: actually call the clock init before any other callback of the clock
iommu/iova: Silence warnings under memory pressure
iommu/amd: Only support x2APIC with IVHD type 11h/40h
iommu/amd: Check feature support bit before accessing MSI capability registers
arm64: dts: qcom: db845c: Enable ath10k 8bit host-cap quirk
scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
ARM: dts: r8a7779: Add device node for ARM global timer
clk: renesas: rcar-gen3: Allow changing the RPC[D2] clocks
drm/mediatek: handle events when enabling/disabling crtc
crypto: inside-secure - add unspecified HAS_IOMEM dependency
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
nfsd: Clone should commit src file metadata too
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
clk: qcom: smd: Add missing bimc clock
drm/amdgpu: fix KIQ ring test fail in TDR of SRIOV
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
PCI: Add DMA alias quirk for PLX PEX NTB
PCI: Add nr_devfns parameter to pci_add_dma_alias()
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
fore200e: Fix incorrect checks of NULL pointer dereference
r8169: check that Realtek PHY driver module is loaded
samples/bpf: Set -fno-stack-protector when building BPF programs
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
selftests/net: make so_txtime more robust to timer variance
gpu/drm: ingenic: Avoid null pointer deference in plane atomic update
Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace"
PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers
PCI: Add generic quirk for increasing D3hot delay
media: cx23885: Add support for AVerMedia CE310B
PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in
bus: ti-sysc: Implement quirk handling for CLKDM_NOAUTO
ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
ARM: exynos_defconfig: Bring back explicitly wanted options
clk: imx: Add correct failure handling for clk based helpers
padata: validate cpumask without removed CPU during offline
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
opp: Free static OPPs on errors while adding them
arm: dts: allwinner: H3: Add PMU node
arm64: dts: allwinner: H5: Add PMU node
arm64: dts: allwinner: H6: Add PMU mode
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
ASoC: intel: sof_rt5682: Add support for tgl-max98357a-rt5682
ASoC: intel: sof_rt5682: Add quirk for number of HDMI DAI's
modules: lockdep: Suppress suspicious RCU usage warning
arm64: dts: rockchip: Fix NanoPC-T4 cooling maps
drm/panel: simple: Add Logic PD Type 28 display support
drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG
ath10k: correct the tlv len of ath10k_wmi_tlv_op_gen_config_pno_start
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
bpf, sockhash: Synchronize_rcu before free'ing map
drm/amdkfd: Fix a bug in SDMA RLC queue counting under HWS mode
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
clk: qcom: Don't overwrite 'cfg' in clk_rcg2_dfs_populate_freq()
kconfig: fix broken dependency in randconfig-generated .config
block, bfq: do not plug I/O for bfq_queues with no proc refs
drivers/block/zram/zram_drv.c: fix error return codes not being returned in writeback_store
Btrfs: keep pages dirty when using btrfs_writepage_fixup_worker
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
tracing: Simplify assignment parsing for hist triggers
drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
rtc: i2c/spi: Avoid inclusion of REGMAP support when not needed
selftests: settings: tests can be in subsubdirs
brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362
rtw88: fix rate mask for 1SS chip
ath10k: Correct the DMA direction for management tx buffers
ext4, jbd2: ensure panic when aborting with zero errno
ARM: 8952/1: Disable kmemleak on XIP kernels
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
powerpc/iov: Move VF pdev fixup into pcibios_fixup_iov()
s390/pci: Fix possible deadlock in recover_store()
wan/hdlc_x25: fix skb handling
dmaengine: fsl-qdma: fix duplicated argument to &&
udf: Allow writing to 'Rewritable' partitions
pwm: omap-dmtimer: Simplify error handling
x86/sysfb: Fix check for bad VRAM size
clk: ti: dra7: fix parent for gmac_clkctrl
ext4: fix deadlock allocating bio_post_read_ctx from mempool
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
drm/amd/display: Clear state after exiting fixed active VRR state
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
drm/nouveau/nouveau: fix incorrect sizeof on args.src an args.dst
spi: fsl-lpspi: fix only one cs-gpio working
drm/amdgpu/sriov: workaround on rev_id for Navi12 under sriov
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
raid6/test: fix a compilation error
net: ethernet: ixp4xx: Standard module init
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
IB/core: Let IB core distribute cache update events
kernel/module: Fix memleak in module_add_modinfo_attrs()
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
x86/fpu: Deactivate FPU state after failure during state load
iommu/vt-d: Fix off-by-one in PASID allocation
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
clk: meson: meson8b: make the CCF use the glitch-free mali mux
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
clk: at91: sam9x60: fix programmable clock prescaler
media: sun4i-csi: Fix [HV]sync polarity handling
media: sun4i-csi: Fix data sampling polarity handling
media: sun4i-csi: Deal with DRAM offset
media: i2c: mt9v032: fix enum mbus codes and frame sizes
media: ov5640: Fix check for PLL1 exceeding max allowed rate
pxa168fb: Fix the function used to release some memory in an error handling path
drm/msm/adreno: fix zap vs no-zap handling
drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank()
printk: fix exclusive_console replaying
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
drm/amd/display: Map ODM memory correctly when doing ODM combine
PCI: Fix pci_add_dma_alias() bitmask size
brcmfmac: Fix use after free in brcmf_sdio_readframes()
brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
clk: meson: pll: Fix by 0 division in __pll_params_to_rate()
media: meson: add missing allocation failure check on new_buf
f2fs: call f2fs_balance_fs outside of locked page
f2fs: preallocate DIO blocks when forcing buffered_io
rcu: Fix data-race due to atomic_t copy-by-value
rcu: Fix missed wakeup of exp_wq waiters
rcu/nocb: Fix dump_tree hierarchy print always active
drm/qxl: Complete exception handling in qxl_device_init()
wil6210: fix break that is never reached because of zero'ing of a retry counter
ath10k: Fix qmi init error handling
drm/gma500: Fixup fbdev stolen size usage evaluation
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
net/smc: fix leak of kernel memory to user space
enic: prevent waking up stopped tx queues over watchdog reset
core: Don't skip generic XDP program execution for cloned SKBs
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: rtc: class: support hctosys from modular RTC drivers
ANDROID: update the abi after clk changes
ANDROID: update abi for f2fs/fscrypt merge
ANDROID: Kconfig.gki: Remove most of the built in qcom clks
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: gki: Set CONFIG_SERIAL_SAMSUNG for early con.
UPSTREAM: tty: serial: samsung_tty: remove SERIAL_SAMSUNG_DEBUG
UPSTREAM: tty: serial: samsung_tty: build it for any platform
UPSTREAM: tty: serial: samsung_tty: do not abuse the struct uart_port unused fields
UPSTREAM: tty: serial: samsung_tty: fix blank line checkpatch warning
UPSTREAM: tty: serial: samsung_tty: fix up minor comment formatting
UPSTREAM: tty: serial: samsung_tty: use 'unsigned int' not 'unsigned'
UPSTREAM: tty: serial: samsung_tty: use standard debugging macros
UPSTREAM: tty: serial: samsung_tty: drop unneded dbg() calls
UPSTREAM: tty: serial: samsung_tty: delete samsung.h
UPSTREAM: tty: serial: samsung.h: remove reset_port callback from struct s3c24xx_uart_info
UPSTREAM: tty: serial: samsung.h: fix up minor comment issues
UPSTREAM: tty: serial: samsung_tty: fix build warning
UPSTREAM: tty: serial: samsung: allow driver to be built by anyone
UPSTREAM: tty: serial: samsung: remove variable 'ufstat' set but not used
UPSTREAM: {tty: serial, nand: onenand}: samsung: rename to fix build warning
UPSTREAM: random: ignore GRND_RANDOM in getentropy(2)
UPSTREAM: random: add GRND_INSECURE to return best-effort non-cryptographic bytes
UPSTREAM: linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
UPSTREAM: linux/random.h: Use false with bool
UPSTREAM: linux/random.h: Remove arch_has_random, arch_has_random_seed
UPSTREAM: random: remove some dead code of poolinfo
UPSTREAM: random: fix typo in add_timer_randomness()
UPSTREAM: random: Add and use pr_fmt()
UPSTREAM: random: convert to ENTROPY_BITS for better code readability
UPSTREAM: random: remove unnecessary unlikely()
UPSTREAM: random: remove kernel.random.read_wakeup_threshold
UPSTREAM: random: delete code to pull data into pools
UPSTREAM: random: remove the blocking pool
UPSTREAM: random: make /dev/random be almost like /dev/urandom
UPSTREAM: random: Add a urandom_read_nowait() for random APIs that don't warn
UPSTREAM: random: Don't wake crng_init_wait when crng_init == 1
UPSTREAM: char/random: silence a lockdep splat with printk()
ANDROID: Incremental fs: Support xattrs
BACKPORT: sched/fair: Remove wake_cap()
UPSTREAM: sched/core: Remove for_each_lower_domain()
UPSTREAM: sched/topology: Remove SD_BALANCE_WAKE on asymmetric capacity systems
UPSTREAM: sched/fair: Add asymmetric CPU capacity wakeup scan
ANDROID: ufs: add quirk to fix abnormal ocs fatal error
FROMLIST: ufs: fix a bug on printing PRDT
ANDROID: update abi for 5.4.21
ANDROID: clang: update to 10.0.4
Linux 5.4.21
mmc: core: Rework wp-gpio handling
gpio: add gpiod_toggle_active_low()
KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging
ext4: choose hardlimit when softlimit is larger than hardlimit in ext4_statfs_project()
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
Revert "drm/sun4i: drv: Allow framebuffer modifiers in mode config"
NFSv4.1 make cachethis=no for writes
perf stat: Don't report a null stalled cycles per insn metric
KVM: x86: Mask off reserved bit from #DB exception payload
arm64: dts: fast models: Fix FVP PCI interrupt-map property
cifs: fix mount option display for sec=krb5i
mac80211: fix quiet mode activation in action frames
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
spmi: pmic-arb: Set lockdep class for hierarchical irq domains
sched/uclamp: Reject negative values in cpu_uclamp_write()
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create
RDMA/iw_cxgb4: initiate CLOSE when entering TERM
RDMA/core: Fix invalid memory access in spec_filter_size
IB/umad: Fix kernel crash while unloading ib_umad
IB/rdmavt: Reset all QPs when the device is shut down
IB/hfi1: Close window for pq and request coliding
IB/hfi1: Acquire lock to release TID entries when user file is closed
IB/mlx5: Return failure when rts2rts_qp_counters_set_id is not supported
drivers: ipmi: fix off-by-one bounds check that leads to a out-of-bounds write
nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info
bus: moxtet: fix potential stack buffer overflow
drm/panfrost: Make sure the shrinker does not reclaim referenced BOs
drm/vgem: Close use-after-free race in vgem_gem_create
s390/uv: Fix handling of length extensions
s390/pkey: fix missing length of protected key on return
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
EDAC/mc: Fix use-after-free and memleaks during device removal
EDAC/sysfs: Remove csrow objects on errors
cifs: make sure we do not overflow the max EA buffer size
xprtrdma: Fix DMA scatter-gather list mapping imbalance
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
gpio: xilinx: Fix bug where the wrong GPIO register is written to
ARM: npcm: Bring back GPIOLIB support
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
btrfs: ref-verify: fix memory leaks
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: add cond_resched() to ext4_protect_reserved_inode
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000
ALSA: usb-audio: sound: usb: usb true/false for bool return type
ACPI: PM: s2idle: Prevent spurious SCIs from waking up the system
ACPICA: Introduce acpi_any_gpe_status_set()
ACPI: PM: s2idle: Avoid possible race related to the EC GPE
ACPI: EC: Fix flushing of pending work
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
ALSA: hda/realtek - Fix silent output on MSI-GL73
ALSA: hda/realtek - Add more codec supported Headset Button
ALSA: usb-audio: Fix UAC2/3 effect unit parsing
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ANDROID: ABI/Whitelist: initial unisoc whitelist
ANDROID: Fix ABI representation after enabling CONFIG_NET_NS
ANDROID: gki_defconfig: Enable CONFIG_NET_NS
ANDROID: gki_defconfig: Enable XDP_SOCKETS
ANDROID: gki_defconfig: Enable MAC80211_RC_MINSTREL
ANDROID: virtio: virtio_input: pass _DIRECT only if the device advertises _DIRECT
ANDROID: staging: ion: delete unused heap types and IDs
ANDROID: gki_defconfig: disable system_contig ion heap.
ANDROID: cf build: Use merge_configs
ANDROID: net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
ANDROID: gki_defconfig: Disable SDCARD_FS
Linux 5.4.20
selinux: fall back to ref-walk if audit is required
libertas: make lbs_ibss_join_existing() return error code on rates overflow
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
dmaengine: axi-dmac: add a check for devm_regmap_init_mmio
clk: meson: g12a: fix missing uart2 in regmap table
mfd: max77650: Select REGMAP_IRQ in Kconfig
regmap: fix writes to non incrementing registers
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control
selinux: fix regression introduced by move_mount(2) syscall
selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"
bcache: avoid unnecessary btree nodes flushing in btree_flush_write()
dt-bindings: iio: adc: ad7606: Fix wrong maxItems value
media: i2c: adv748x: Fix unsafe macros
drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe
crypto: caam/qi2 - fix typo in algorithm's driver name
crypto: atmel-sha - fix error handling when setting hmac key
crypto: artpec6 - return correct error code for failed setkey()
crypto: testmgr - don't try to decrypt uninitialized buffers
mtd: sharpslpart: Fix unsigned comparison to zero
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer
KVM: arm64: pmu: Fix chained SW_INCR counters
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm/arm64: Fix young bit from mmu notifier
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
arm64: cpufeature: Fix the type of no FP/SIMD capability
sched/uclamp: Fix a bug in propagating uclamp value in new cgroups
ARM: 8949/1: mm: mark free_memmap as __init
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: at91: pm: use of_device_id array to find the proper shdwc node
ARM: at91: pm: use SAM9X60 PMC's compatible
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths
powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX
powerpc/ptdump: Fix W+X verification call in mark_rodata_ro()
Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests"
soc: qcom: rpmhpd: Set 'active_only' for active only power domains
tools/power/acpi: fix compilation error
ARM: dts: at91: sama5d3: define clock rate range for tcb1
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP
ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP
arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node
arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: Reenable UART TX pull-ups
arm64: dts: uDPU: fix broken ethernet
arm64: dts: qcom: msm8998: Fix tcsr syscon size
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
watchdog: qcom: Use platform_get_irq_optional() for bark irq
rtc: cmos: Stop using shared IRQ
rtc: hym8563: Return -EINVAL if the time is known to be invalid
x86/boot: Handle malformed SRAT tables during early ACPI parsing
NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
NFSv4: try lease recovery on NFS4ERR_EXPIRED
NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
NFS: Fix fix of show_nfs_errors
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFS: Revalidate the file size on a fatal write error
nfs: NFS_SWAP should depend on SWAP
bpf, sockmap: Check update requirements after locking
bpf: Improve bucket_log calculation logic
selftests/bpf: Test freeing sockmap/sockhash with a socket in it
bpf, sockhash: Synchronize_rcu before free'ing map
bpf, sockmap: Don't sleep while holding RCU lock on tear-down
bpftool: Don't crash on missing xlated program instructions
iwlwifi: mvm: avoid use after free for pmsr request
PCI/AER: Initialize aer_fifo
PCI: Don't disable bridge BARs when assigning bus resources
PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30
PCI/switchtec: Fix vep_vector_number ioread width
PCI/switchtec: Use dma_set_mask_and_coherent()
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
RDMA/umem: Fix ib_umem_find_best_pgsz()
RDMA/cma: Fix unbalanced cm_id reference count during address resolve
RDMA/uverbs: Verify MR access flags
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/i40iw: fix a potential NULL pointer dereference
RDMA/netlink: Do not always generate an ACK for some netlink operations
IB/mlx4: Fix leak in id_map_find_del
IB/srp: Never use immediate data if it is disabled by a user
IB/mlx4: Fix memory leak in add_gid error flow
hv_sock: Remove the accept port restriction
ASoC: pcm: update FE/BE trigger order based on the command
ANDROID: gki_defconfig: Add CONFIG_UNICODE
ANDROID: added memory initialization tests to cuttlefish config
ANDROID: gki_defconfig: enable CONFIG_RUNTIME_TESTING_MENU
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
ubifs: use IS_ENCRYPTED() instead of ubifs_crypt_is_encrypted()
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
FROMLIST: rename missed uaccess .fixup section
ANDROID: gki_defconfig: enable heap and stack initialization.
ANDROID: ABI/Whitelist: update for db845c
ANDROID: ABI/Whitelist: update for Cuttlefish
ANDROID: update ABI representation and GKI whitelist
ANDROID: f2fs: fix missing blk-crypto changes
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
UPSTREAM: dynamic_debug: allow to work if debugfs is disabled
UPSTREAM: serial: sprd: Add polling IO support
UPSTREAM: dmaengine: sprd: Add wrap address support for link-list mode
UPSTREAM: pinctrl: sprd: Add CM4 sleep mode support
UPSTREAM: pinctrl: sprd: Add PIN_CONFIG_BIAS_DISABLE configuration support
UPSTREAM: spi: sprd: adi: Set BIT_WDG_NEW bit when rebooting
UPSTREAM: nvmem: sprd: Add Spreadtrum SoCs eFuse support
UPSTREAM: dt-bindings: nvmem: Add Spreadtrum eFuse controller documentation
UPSTREAM: scsi: ufs-mediatek: enable low-power mode for hibern8 state
BACKPORT: scsi: ufs: export some functions for vendor usage
UPSTREAM: scsi: ufs-mediatek: add dbg_register_dump implementation
UPSTREAM: scsi: ufs-mediatek: add apply_dev_quirks variant operation
UPSTREAM: scsi: ufs: pass device information to apply_dev_quirks
UPSTREAM: scsi: ufs: add device reset history for vendor implementations
UPSTREAM: scsi: ufs: fix empty check of error history
UPSTREAM: scsi: ufs-mediatek: configure and enable clk-gating
UPSTREAM: scsi: ufs-mediatek: configure customized auto-hibern8 timer
BACKPORT: scsi: ufs: export ufshcd_auto_hibern8_update for vendor usage
UPSTREAM: scsi: ufs-mediatek: introduce reference clock control
UPSTREAM: scsi: ufs-mediatek: add device reset implementation
UPSTREAM: scsi: soc: mediatek: add header for SiP service interface
BACKPORT: scsi: ufs: use ufshcd_vops_dbg_register_dump for vendor specific dumps
BACKPORT: scsi: ufs: unify scsi_block_requests usage
UPSTREAM: scsi: ufs: disable interrupt during clock-gating
UPSTREAM: scsi: ufs: disable irq before disabling clocks
UPSTREAM: scsi: ufs-mediatek: enable auto suspend capability
ANDROID: update ABI for 5.4.19
ANDROID: fix up dummy-cpufreq.c due to api changes
Linux 5.4.19
powerpc/kuap: Fix set direction in allow/prevent_user_access()
regulator fix for "regulator: core: Add regulator_is_equal() helper"
rxrpc: Fix service call disconnection
perf/core: Fix mlock accounting in perf_mmap()
clocksource: Prevent double add_timer_on() for watchdog_timer
x86/apic/msi: Plug non-maskable MSI affinity race
cifs: fail i/o on soft mounts if sessionsetup errors out
KVM: Play nice with read-only memslots when querying host page size
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: x86: fix overlap between SPTE_MMIO_MASK and generation
KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM
KVM: x86: use CPUID to locate host page table reserved bits
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
drm/dp_mst: Remove VCPI while disabling topology mgr
btrfs: free block groups after free'ing fs trees
btrfs: use bool argument in free_root_pointers()
x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode
mfd: bd70528: Fix hour register mask
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug
net/mlx5: Deprecate usage of generic TLS HW capability bit
net/mlx5: Fix deadlock in fs_core
drop_monitor: Do not cancel uninitialized work item
qed: Fix timestamping issue for L2 unicast ptp packets.
ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
taprio: Fix dropping packets when using taprio + ETF offloading
taprio: Use taprio_reset_tc() to reset Traffic Classes configuration
taprio: Add missing policy validation for flags
taprio: Fix still allowing changing the flags during runtime
taprio: Fix enabling offload with wrong number of traffic classes
net: macb: Limit maximum GEM TX length in TSO
net: macb: Remove unnecessary alignment check for TSO
net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx
net/mlx5: IPsec, Fix esp modify function attribute
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net: stmmac: fix a possible endless loop
net_sched: fix a resource leak in tcindex_set_parms()
net: mvneta: move rx_dropped and rx_errors in per-cpu stats
net: dsa: microchip: enable module autoprobe
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan()
dpaa_eth: support all modes with rate adapting PHYs
devlink: report 0 after hitting end in region read
bonding/alb: properly access headers in bond_alb_xmit()
ASoC: sgtl5000: Fix VDDA and VDDIO comparison
regulator: core: Add regulator_is_equal() helper
ubifs: Fix memory leak from c->sup_node
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
virtio_balloon: Fix memory leaks on errors in virtballoon_probe()
virtio-balloon: Fix memory leak when unloading while hinting is in progress
nfsd: Return the correct number of bytes written to the file
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/core: Fix ODP get user pages flow
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
ppp: Adjust indentation into ppp_async_input
NFC: pn544: Adjust indentation in pn544_hci_check_presence
drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
phy: qualcomm: Adjust indentation in read_poll_timeout
mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two
scsi: ufs: Recheck bkops level if bkops is disabled
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
ASoC: meson: axg-fifo: fix fifo threshold setup
percpu: Separate decrypted varaibles anytime encryption can be enabled
broken ping to ipv6 linklocal addresses on debian buster
fix up iter on short count in fuse_direct_io()
virtio-pci: check name when counting MSI-X vectors
virtio-balloon: initialize all vq callbacks
drm/amd/dm/mst: Ignore payload update failures
clk: tegra: Mark fuse clock as critical
mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high power mode
mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section
ocfs2: fix oops when writing cloned file
KVM: s390: do not clobber registers during guest reset/store status
KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation
KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu()
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: x86: Don't let userspace set host-reserved cr4 bits
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
x86/KVM: Clean up host's steal time structure
x86/kvm: Cache gfn to pfn translation
x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed
x86/kvm: Introduce kvm_(un)map_gfn()
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
kvm/svm: PKU not currently supported
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
aio: prevent potential eventfd recursion on poll
eventfd: track eventfd_signal() recursion depth
bcache: add readahead cache policy options via sysfs interface
watchdog: fix UAF in reboot notifier handling in watchdog core code
xen/balloon: Support xend-based toolstack take two
tools/kvm_stat: Fix kvm_exit filter name
media: rc: ensure lirc is initialized before registering input device
media: iguanair: fix endpoint sanity check
drm/rect: Avoid division by zero
drm: atmel-hlcdc: prefer a lower pixel-clock than requested
drm: atmel-hlcdc: enable clock before configuring timing engine
drm: atmel-hlcdc: use double rate for pixel clock only if supported
gfs2: fix O_SYNC write handling
gfs2: move setting current->backing_dev_info
gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
iwlwifi: don't throw error when trying to remove IGTK
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
btrfs: Correctly handle empty trees in find_first_clear_extent_bit
btrfs: flush write bio if we loop in extent_write_cache_pages
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: drop log root for dropped roots
btrfs: set trans->drity in btrfs_commit_transaction
Btrfs: fix infinite loop during fsync after rename operations
Btrfs: make deduplication with range including the last block work
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
ext4: fix race conditions in ->d_compare() and ->d_hash()
ext4: fix deadlock allocating crypto bounce page from mempool
jbd2_seq_info_next should increase position index
nfsd: fix filecache lookup
NFS: Directory page cache pages need to be locked when read
NFS: Fix memory leaks and corruption in readdir
scsi: qla2xxx: Fix unbound NVME response length
powerpc/futex: Fix incorrect user access blocking
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
crypto: api - Fix race condition in crypto_spawn_alg
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: arm64/ghash-neon - bump priority to 150
crypto: ccp - set max RSA modulus size for v3 platform devices as well
crypto: hisilicon - Use the offset fields in sqe to avoid need to split scatterlists
crypto: api - fix unexpectedly getting generic implementation
selftests: bpf: Ignore FIN packets for reuseport tests
selftests: bpf: Use a temporary file in test_sockmap
selftests/bpf: Skip perf hw events test if the setup disabled it
selftests/bpf: Fix test_attach_probe
samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach
samples/bpf: Don't try to remove user's homedir on clean
tc-testing: fix eBPF tests failure on linux fresh clones
libbpf: Fix realloc usage in bpf_core_find_cands
bpf, devmap: Pass lockdep expression to RCU lists
selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs
riscv, bpf: Fix broken BPF tail calls
btrfs: Handle another split brain scenario with metadata uuid feature
btrfs: fix improper setting of scanned for range cyclic write cache pages
crypto: pcrypt - Avoid deadlock by using per-instance padata queues
ftrace: Protect ftrace_graph_hash with ftrace_sync
ftrace: Add comment to why rcu_dereference_sched() is open coded
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
tracing: Annotate ftrace_graph_hash pointer with __rcu
ASoC: SOF: core: release resources on errors in probe_continue
ASoC: SOF: Introduce state machine for FW boot
scsi: qla2xxx: Fix stuck login session using prli_pend_timer
dm: fix potential for q->make_request_fn NULL pointer
dm thin metadata: use pool locking at end of dm_pool_metadata_close
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm crypt: fix GFP flags passed to skcipher_request_alloc()
dm writecache: fix incorrect flush sequence when doing SSD mode commit
dm space map common: fix to ensure new block isn't already in use
dm zoned: support zone sizes smaller than 128MiB
ARM: dma-api: fix max_pfn off-by-one error in __dma_supported()
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
cpufreq: Avoid creating excessively large stack frames
PM: core: Fix handling of devices deleted during system-wide resume
f2fs: fix race conditions in ->d_compare() and ->d_hash()
f2fs: fix dcache lookup of !casefolded directories
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
ovl: fix lseek overflow on 32bit
ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
power: supply: ltc2941-battery-gauge: fix use-after-free
power: supply: axp20x_ac_power: Fix reporting online status
cpupower: Revert library ABI changes from commit
|
||
Jeff Vander Stoep
|
84d2e30aeb |
ANDROID: selinux: modify RTM_GETLINK permission
Map the permission gating RTM_GETLINK messages to a new permission so
that it can be distinguished from the other netlink route permissions
in selinux policy.
This is a temporary Android-only patch that will be deprecated in
newer kernels once the long-term solution lands as discusssed on the
mailing list [1]. The maintainer's recommended solution is more
general, much more complex, and likely not suitable for backporting.
This patch provides the minimal change needed for Android including
the userspace settable trigger which ensures that the permission
change is only applied to the newest version of Android which
contains the changes needed for userpace compatibility.
[1]: https://lore.kernel.org/selinux/20200116142653.61738-1-jeffv@google.com/
Bug: 141455849
Bug: 148218425
Test: CtsSelinuxTargetSdkCurrentTestCases
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Set up hotspot
Test: Cast from device
Test: Pair Bluetooth device
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.
Change-Id: I7b44ce60ad98f858c412722d41b9842f8577151f
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Git-repo: https://android.googlesource.com/kernel/common
Git-commit:
|
||
|
Greg Kroah-Hartman
|
6d52041543 |
This is the 5.4.25 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5qJSMACgkQONu9yGCS
aT6/Dw//Usg9m0cBB4Ip4fYxI0EVz8BgnVe9KSdt+71gM63QCOi1ZeTS0NDMUtO0
MTsQSudUpfntrT8QHCmBwCZ5LlAAZvxDS9UOqnhkWbqNY5jGmUhH5u28RJL28dp2
8wJY6zZKg+pfOWXd81slW86uN27QZvURNEthT81sN2ucxe5DXV1gs87FILSdMpXm
I0Z3LpUoZDjpONeA6WTZqkDNA0J7Z9QjULx9/4LFi/gc0q1ApWC7FV1A9gpQHaBa
w4kDWJCGqq3mNx8Hi9BHau50VUHX5tuKvpn9RcmSl9BBba25pE5h0EVIGo8Dlq+9
T9hkVR5iXeMbFERnLm5iR0DjFHog/mOgAgUHSTTXB3BcdgIKWwUcc2gCcr2Y7KIK
CD7l+kX1nWUk4yYre7zXiG/vO9ilYgeboc8C5Qdq3XR6zaO90+8NUbCOpa2+6yEF
H7kugstb6l+iCJ1k8YJd0ORGOobl68+P79TLxAOFnkNGJRzuAoXmBH+xkqAugz1H
YKKAbE+MzW75sre7PxU1g1uPOHxfMfd5e3uRtUU5OETJv0A2kTte8ay5rqLNbe7H
QYqdfwTr2oFssnWKW5d/KdSopD5A/31/Kjkmzl6ED2xaLMEpA7zyed5p+G/Beu5s
dkPlteya8wCQ1W/KtDJRhbCauoG/NyCKIeoQitHBJwMapcEo8ZU=
=rDP8
-----END PGP SIGNATURE-----
Merge 5.4.25 into android-5.4
Changes in 5.4.25
block, bfq: get extra ref to prevent a queue from being freed during a group move
block, bfq: do not insert oom queue into position tree
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
net: stmmac: fix notifier registration
dm thin metadata: fix lockdep complaint
RDMA/core: Fix pkey and port assignment in get_new_pps
RDMA/core: Fix use of logical OR in get_new_pps
kbuild: fix 'No such file or directory' warning when cleaning
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
blktrace: fix dereference after null check
ALSA: hda: do not override bus codec_mask in link_get()
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
selftests: fix too long argument
usb: gadget: composite: Support more than 500mA MaxPower
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: serial: fix Tx stall after buffer overflow
habanalabs: halt the engines before hard-reset
habanalabs: do not halt CoreSight during hard reset
habanalabs: patched cb equals user cb in device memset
drm/msm/mdp5: rate limit pp done timeout warnings
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/modes: Make sure to parse valid rotation value from cmdline
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
scsi: megaraid_sas: silence a warning
drm/msm/dsi: save pll state before dsi host is powered off
drm/msm/dsi/pll: call vco set rate explicitly
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
selftests: forwarding: vxlan_bridge_1d: fix tos value
net: atlantic: check rpc result and wait for rpc address
net: ks8851-ml: Remove 8-bit bus accessors
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Fix 16-bit IO operation
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
watchdog: da9062: do not ping the hw during stop()
s390/cio: cio_ignore_proc_seq_next should increase position index
s390: make 'install' not depend on vmlinux
efi: Only print errors about failing to get certs if EFI vars are found
net/mlx5: DR, Fix matching on vport gvmi
iommu/amd: Disable IOMMU on Stoney Ridge systems
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
nvme-pci: Use single IRQ vector for old Apple models
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/qdio: fill SL with absolute addresses
nvme: Fix uninitialized-variable warning
ice: Don't tell the OS that link is going down
x86/xen: Distribute switch variables for initialization
net: thunderx: workaround BGX TX Underflow issue
csky/mm: Fixup export invalid_pte_table symbol
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Fixup ftrace modify panic
csky: Fixup compile warning for three unimplemented syscalls
arch/csky: fix some Kconfig typos
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
firmware: imx: scu: Ensure sequential TX
binder: prevent UAF for binderfs devices
binder: prevent UAF for binderfs devices II
ALSA: hda/realtek - Add Headset Mic supported
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
cifs: don't leak -EAGAIN for stat() during reconnect
cifs: fix rename() by ensuring source handle opened with DELETE bit
usb: storage: Add quirk for Samsung Fit flash
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: cdns3: gadget: link trb should point to next request
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: core: hub: fix unhandled return by employing a void function
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: port: do error out if usb_autopm_get_interface() fails
vgacon: Fix a UAF in vgacon_invert_region
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
fat: fix uninit-memory access for partial initialized inode
btrfs: fix RAID direct I/O reads with alternate csums
arm64: dts: socfpga: agilex: Fix gmac compatible
arm: dts: dra76x: Fix mmc3 max-frequency
tty:serial:mvebu-uart:fix a wrong return
tty: serial: fsl_lpuart: free IDs allocated by IDA
serial: 8250_exar: add support for ACCES cards
vt: selection, close sel_buffer race
vt: selection, push console lock down
vt: selection, push sel_lock up
media: hantro: Fix broken media controller links
media: mc-entity.c: use & to check pad flags, not ==
media: vicodec: process all 4 components for RGB32 formats
media: v4l2-mem2mem.c: fix broken links
perf intel-pt: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf arm-spe: Fix endless record after being terminated
spi: spidev: Fix CS polarity if GPIO descriptors are used
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
s390/pci: Fix unexpected write combine on resource
s390/mm: fix panic in gup_fast on large pud
dmaengine: imx-sdma: fix context cache
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: tegra-apb: Fix use-after-free
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix invalid table returned due to argument count mismatch
dm cache: fix a crash due to incorrect work item cancelling
dm: report suspended device during destroy
dm writecache: verify watermark during resume
dm zoned: Fix reference counter initial value of chunk works
dm: fix congested_fn for request-based device
arm64: dts: meson-sm1-sei610: add missing interrupt-names
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
spi: bcm63xx-hsspi: Really keep pll clk enabled
drm/virtio: make resource id workaround runtime switchable.
drm/virtio: fix resource id creation race
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: intel: skl: Fix pin debug prints
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
powerpc: define helpers to get L1 icache sizes
powerpc: Convert flush_icache_range & friends to C
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
spi: atmel-quadspi: fix possible MMIO window size overrun
drm/panfrost: Don't try to map on error faults
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/sun4i: Add separate DE3 VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/i915: Program MBUS with rmw during initialization
drm/i915/selftests: Fix return in assert_mmap_offset()
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
ARM: dts: imx6: phycore-som: fix emmc supply
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
firmware: imx: misc: Align imx sc msg structs to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
soc: imx-scu: Align imx sc msg structs to 4
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
RDMA/rw: Fix error flow during RDMA context initialization
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/siw: Fix failure handling during device creation
RDMA/iwcm: Fix iwcm work deallocation
RDMA/core: Fix protection fault in ib_mr_pool_destroy
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
IB/hfi1, qib: Ensure RCU is locked when accessing list
ARM: imx: build v7_cpu_resume() unconditionally
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
dma-buf: free dmabuf->name in dma_buf_release()
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
arm64: dts: meson: fix gxm-khadas-vim2 wifi
bus: ti-sysc: Fix 1-wire reset quirk
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi: READ_ONCE rng seed size before munmap
block, bfq: get a ref to a group when adding it to a service tree
block, bfq: remove ifdefs from around gets/puts of bfq groups
csky: Implement copy_thread_tls
drm/virtio: module_param_named() requires linux/moduleparam.h
Linux 5.4.25
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8ba29f273c7a2b02bfa54593f7a9087c34607cd5
|
||
Javier Martinez Canillas
|
4a1e1dda56 |
efi: Only print errors about failing to get certs if EFI vars are found
[ Upstream commit 3be54d558c75562e42bc83d665df024bd79d399b ] If CONFIG_LOAD_UEFI_KEYS is enabled, the kernel attempts to load the certs from the db, dbx and MokListRT EFI variables into the appropriate keyrings. But it just assumes that the variables will be present and prints an error if the certs can't be loaded, even when is possible that the variables may not exist. For example the MokListRT variable will only be present if shim is used. So only print an error message about failing to get the certs list from an EFI variable if this is found. Otherwise these printed errors just pollute the kernel log ring buffer with confusing messages like the following: [ 5.427251] Couldn't get size: 0x800000000000000e [ 5.427261] MODSIGN: Couldn't get UEFI db list [ 5.428012] Couldn't get size: 0x800000000000000e [ 5.428023] Couldn't get UEFI MokListRT Reported-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Hans de Goede <hdegoede@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Blagovest Kolenichev
|
6ec8cd9d1e |
Merge android-5.4.11 (fde6e0c) into msm-5.4
* refs/heads/tmp-fde6e0c: Linux 5.4.11 usb: missing parentheses in USE_NEW_SCHEME USB: serial: option: add Telit ME910G1 0x110a composition USB: core: fix check for duplicate endpoints usb: dwc3: gadget: Fix request complete check net/mlx5: DR, Init lists that are used in rule's member net/mlx5e: Fix hairpin RSS table size net/mlx5: DR, No need for atomic refcount for internal SW steering resources net/mlx5e: Always print health reporter message to dmesg net: dsa: mv88e6xxx: force cmode write on 6141/6341 net/mlx5: Move devlink registration before interfaces load macb: Don't unregister clks unconditionally vlan: vlan_changelink() should propagate errors vlan: fix memory leak in vlan_dev_set_egress_priority net: sch_prio: When ungrafting, replace with FIFO mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO vxlan: fix tos value before xmit tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY sch_cake: avoid possible divide by zero in cake_enqueue() pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM net: usb: lan78xx: fix possible skb leak net: stmmac: Fixed link does not need MDIO Bus net: stmmac: dwmac-sunxi: Allow all RGMII modes net: stmmac: dwmac-sun8i: Allow all RGMII modes net: freescale: fec: Fix ethtool -d runtime PM net: dsa: mv88e6xxx: Preserve priority when setting CPU port. macvlan: do not assume mac_header is set in macvlan_broadcast() gtp: fix bad unlock balance in gtp_encap_enable_socket tracing: Do not create directories if lockdown is in affect selftests: pmtu: fix init mtu value in description hv_netvsc: Fix unwanted rx_table reset llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) s390/qeth: don't return -ENOTSUPP to userspace s390/qeth: fix promiscuous mode after reset s390/qeth: handle error due to unsupported transport mode sbitmap: only queue kyber's wait callback if not already active parisc: Fix compiler warnings in debug_core.c block: fix memleak when __blk_rq_map_user_iov() is failed s390/dasd: fix memleak in path handling error case s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly block: Fix a lockdep complaint triggered by request queue flushing arm64: cpu_errata: Add Hisilicon TSV110 to spectre-v2 safe list platform/x86: pcengines-apuv2: fix simswap GPIO assignment net/ixgbe: Fix concurrency issues between config flow and XSK net/i40e: Fix concurrency issues between config flow and XSK net/mlx5e: Fix concurrency issues between config flow and XSK xsk: Add rcu_read_lock around the XSK wakeup tpm/tpm_ftpm_tee: add shutdown call back drm/exynos: gsc: add missed component_del s390/purgatory: do not build purgatory with kcov, kasan and friends net: stmmac: Always arm TX Timer at end of transmission start net: stmmac: RX buffer size must be 16 byte aligned net: stmmac: xgmac: Clear previous RX buffer size net: stmmac: Do not accept invalid MTU values net: stmmac: Determine earlier the size of RX buffer net: stmmac: selftests: Needs to check the number of Multicast regs clk: Move clk_core_reparent_orphans() under CONFIG_OF io_uring: don't wait when under-submitting iommu/dma: Relax locking in iommu_dma_prepare_msi() perf/smmuv3: Remove the leftover put_cpu() in error path fs: call fsnotify_sb_delete after evict_inodes fs: avoid softlockups in s_inodes iterators block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT usb: typec: fusb302: Fix an undefined reference to 'extcon_get_state' psi: Fix a division error in psi poll() sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime perf/x86/intel: Fix PT PMI handling perf/x86: Fix potential out-of-bounds access scripts: package: mkdebian: add missing rsync dependency kconfig: don't crash on NULL expressions in expr_eq() iommu/iova: Init the struct iova to fix the possible memleak staging: axis-fifo: add unspecified HAS_IOMEM dependency clk: at91: fix possible deadlock spi: nxp-fspi: Ensure width is respected in spi-mem operations regulator: rn5t618: fix module aliases ASoC: wm8962: fix lambda value rfkill: Fix incorrect check to avoid NULL pointer dereference parisc: add missing __init annotation parisc: fix compilation when KEXEC=n and KEXEC_FILE=y net: usb: lan78xx: Fix error message format specifier cxgb4: Fix kernel panic while accessing sge_info bnx2x: Fix logic to get total no. of PFs per engine bnx2x: Do not handle requests from VFs after parity habanalabs: remove variable 'val' set but not used habanalabs: rate limit error msg on waiting for CS bpf: Clear skb->tstamp in bpf_redirect when necessary ocxl: Fix potential memory leak on context creation Btrfs: fix hole extent items with a zero size after range cloning btrfs: handle error in btrfs_cache_block_group powerpc/spinlocks: Include correct header for static key powerpc/vcpu: Assume dedicated processors as non-preempt Btrfs: fix cloning range with a hole when using the NO_HOLES feature btrfs: Fix error messages in qgroup_rescan_init powerpc: Ensure that swiotlb buffer is allocated from low memory pinctrl: pinmux: fix a possible null pointer in pinmux_can_be_used_for_gpio cfg80211: fix double-free after changing network namespace mac80211: fix TID field in monitor mode transmit clk: walk orphan list on clock provider registration bus: ti-sysc: Fix missing reset delay handling pinctrl: aspeed-g6: Fix LPC/eSPI mux configuration ARM: imx_v6_v7_defconfig: Explicitly restore CONFIG_DEBUG_FS arm64: dts: ls1028a: fix reboot node samples: bpf: fix syscall_tp due to unused syscall samples: bpf: Replace symbol compare of trace_event kselftest: Support old perl versions kselftest/runner: Print new line in print of timeout log ARM: dts: am437x-gp/epos-evm: fix panel compatible spi: spi-ti-qspi: Fix a bug when accessing non default CS perf header: Fix false warning when there are no duplicate cache entries perf metricgroup: Fix printing event names of metric group with multiple events bpftool: Don't crash on missing jited insns or ksyms bpf, mips: Limit to 33 tail calls bpf, riscv: Limit to 33 tail calls arm64: dts: ls1028a: fix typo in TMU calibration data ARM: dts: bcm283x: Fix critical trip point ARM: omap2plus_defconfig: Add back DEBUG_FS ARM: dts: am335x-sancloud-bbe: fix phy mode ASoC: SOF: Intel: split cht and byt debug window sizes ASoC: SOF: loader: snd_sof_fw_parse_ext_data log warning on unknown header ASoC: topology: Check return value for soc_tplg_pcm_create() ASoC: topology: Check return value for snd_soc_add_dai_link() reset: Do not register resource data for missing resets spi: spi-cavium-thunderx: Add missing pci_release_regions() ARM: dts: Cygnus: Fix MDIO node address/size cells ARM: exynos_defconfig: Restore debugfs support selftests: safesetid: Fix Makefile to set correct test program selftests: safesetid: Check the return value of setuid/setgid selftests: safesetid: Move link library to LDLIBS selftests/ftrace: Fix multiple kprobe testcase selftests/ftrace: Do not to use absolute debugfs path selftests/ftrace: Fix ftrace test cases to check unsupported selftests/ftrace: Fix to check the existence of set_ftrace_filter ARM: dts: BCM5301X: Fix MDIO node address/size cells netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions netfilter: nf_tables: skip module reference count bump on object updates netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets netfilter: uapi: Avoid undefined left-shift in xt_sctp.h ARM: vexpress: Set-up shared OPP table instead of individual for each CPU ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing efi/earlycon: Remap entire framebuffer after page initialization efi/gop: Fix memory leak in __gop_query32/64() efi/gop: Return EFI_SUCCESS if a usable GOP was found efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs selftests: netfilter: use randomized netns names ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage regulator: core: fix regulator_register() error paths to properly release rdev libtraceevent: Copy pkg-config file to output folder when using O= libtraceevent: Fix lib installation with O= mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() netfilter: nf_tables_offload: Check for the NETDEV_UNREGISTER event x86/intel: Disable HPET on Intel Ice Lake platforms netfilter: ctnetlink: netns exit must wait for callbacks locking/spinlock/debug: Fix various data races spi: fsl: Handle the single hardwired chipselect case gpio: Handle counting of Freescale chipselects spi: fsl: Fix GPIO descriptor support ASoC: max98090: fix possible race conditions regulator: fix use after free issue spi: pxa2xx: Add support for Intel Jasper Lake ASoC: rt5682: fix i2c arbitration lost issue bpf: Fix passing modified ctx to ld/abs/ind instruction USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein ANDROID: Kconfig.gki: Add QCOM_SCM to QCOM Hidden configs ANDROID: iommu/arm-smmu: Allow inherting stream mapping from bootloader ANDROID: iommu/arm-smmu: Expose s2cr and smr structs to impl ANDROID: iommu/arm-smmu: Don't blindly use first SMR to calculate mask ANDROID: clk: qcom: Add sync_state = clk_sync_state for db845c clock providers UPSTREAM: net: usbnet: Fix -Wcast-function-type UPSTREAM: PM / QoS: Restore DEV_PM_QOS_MIN/MAX_FREQUENCY UPSTREAM: PM / QoS: Reorder pm_qos/freq_qos/dev_pm_qos structs UPSTREAM: USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein ANDROID: update kernel ABI (perf_event changes) BACKPORT: perf_event: Add support for LSM and SELinux checks ANDROID: Enable HID_STEAM and JOYSTICK_XPAD as y Conflicts: drivers/iommu/arm-smmu.c drivers/iommu/dma-iommu.c include/linux/pm_qos.h init/Kconfig.gki kernel/sched/psi.c Restored change |
||
|
Blagovest Kolenichev
|
a728307820 |
Merge android-5.4.9 (813bf83) into msm-5.4
* refs/heads/tmp-813bf83: ANDROID: update abi for previous revert Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks" Linux 5.4.9 mm/hugetlb: defer freeing of huge pages if in non-task context hsr: fix a race condition in node list insertion and deletion hsr: fix error handling routine in hsr_dev_finalize() hsr: avoid debugfs warning message when module is remove net: annotate lockless accesses to sk->sk_pacing_shift perf/x86/intel/bts: Fix the use of page_private() efi: Don't attempt to map RCI2 config table if it doesn't exist lib/ubsan: don't serialize UBSAN report xen/blkback: Avoid unmapping unmapped grant pages mm/sparse.c: mark populate_section_memmap as __meminit s390/smp: fix physical to logical CPU map for SMT Btrfs: only associate the locked page with one async_chunk struct btrfs: get rid of unique workqueue helper functions ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps net: add annotations on hh->hh_len lockless accesses xfs: periodically yield scrub threads to the scheduler drm/i915/execlists: Fix annotation for decoupling virtual request ath9k_htc: Discard undersized packets ath9k_htc: Modify byte order for an error message fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP fs: cifs: Fix atime update check vs mtime cifs: Fix lookup of root ses in DFS referral cache tty: serial: msm_serial: Fix lockup for sysrq and oops phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq arm64: dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning dt-bindings: clock: renesas: rcar-usb2-clock-sel: Fix typo in example media: usb: fix memory leak in af9005_identify_state regulator: ab8500: Remove AB8505 USB regulator media: flexcop-usb: ensure -EIO is returned on error condition arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node arm64: dts: meson-gxl-s905x-khadas-vim: fix uart_A bluetooth node Bluetooth: Fix memory leak in hci_connect_le_scan Bluetooth: delete a stray unlock Bluetooth: btusb: fix PM leak in error case of setup powerpc/mm: Mark get_slice_psize() & slice_addr_is_low() as notrace regulator: axp20x: Fix AXP22x ELDO2 regulator enable bitmask spi: uniphier: Fix FIFO threshold regulator: bd70528: Remove .set_ramp_delay for bd70528_ldo_ops regulator: axp20x: Fix axp20x_set_ramp_delay watchdog: tqmx86_wdt: Fix build error net, sysctl: Fix compiler warning when only cBPF is present netfilter: nf_queue: enqueue skbs with NULL dst platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table xfs: don't check for AG deadlock for realtime files in bunmapi firmware: arm_scmi: Avoid double free in error flow cifs: Fix potential softlockups while refreshing DFS cache of: overlay: add_changeset_property() memory leak iommu/vt-d: Remove incorrect PSI capability check perf callchain: Fix segfault in thread__resolve_callchain_sample() ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 kernel/module.c: wakeup processes in module_wq on module unload net/sched: annotate lockless accesses to qdisc->empty HID: i2c-hid: Reset ALPS touchpads on resume powerpc: Chunk calls to flush_dcache_range in arch_*_memory nfsd4: fix up replay_matches_cache() arm64: dts: qcom: msm8998-clamshell: Remove retention idle state sunrpc: fix crash when cache_head become valid before update PM / devfreq: Check NULL governor in available_governors_show drm/msm: include linux/sched/task.h spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode ftrace: Avoid potential division by zero in function profiler arm64: Revert support for execute-only user mappings exit: panic before exit_mm() on global init exit scsi: lpfc: Fix rpi release when deleting vport ALSA: firewire-motu: Correct a typo in the clock proc string ALSA: pcm: Yet another missing check of non-cached buffer type ALSA: cs4236: fix error return comparison of an unsigned integer gen_initramfs_list.sh: fix 'bad variable name' error dmaengine: virt-dma: Fix access after free in vchan_complete() apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock mm/gup: fix memory leak in __gup_benchmark_ioctl io_uring: use current task creds instead of allocating a new one samples/trace_printk: Wait for IRQ work to finish tracing: Fix endianness bug in histogram trigger tracing: Have the histogram compare functions convert to u64 first tracing: Avoid memory leak in process_system_preds() tracing: Fix lock inversion in trace_event_enable_tgid_record() rseq/selftests: Fix: Namespace gettid() for compatibility with glibc 2.30 riscv: ftrace: correct the condition logic in function graph tracer clocksource: riscv: add notrace to riscv_sched_clock gpiolib: fix up emulated open drain outputs gpio: xtensa: fix driver build libata: Fix retrieving of active qcs ata: ahci_brcm: BCM7425 AHCI requires AHCI_HFLAG_DELAY_ENGINE ata: ahci_brcm: Add missing clock management during recovery ata: ahci_brcm: Fix AHCI resources management ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() bpf: Fix precision tracking for unbounded scalars compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE compat_ioctl: block: handle Persistent Reservations Btrfs: fix infinite loop during nocow writeback due to race dmaengine: dma-jz4780: Also break descriptor chains on JZ4725B dmaengine: Fix access to uninitialized dma_slave_caps selftests/seccomp: Catch garbage on SECCOMP_IOCTL_NOTIF_RECV samples/seccomp: Zero out members based on seccomp_notif_sizes seccomp: Check that seccomp_notif is zeroed out by the user selftests/seccomp: Zero out seccomp_notif locks: print unsigned ino in /proc/locks gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again pstore/ram: Fix error-path memory leak in persistent_ram_new() callers pstore/ram: Write new dumps to start of recycled zones ocfs2: fix the crash due to call ocfs2_get_dlm_debug once less mm/oom: fix pgtables units mismatch in Killed process message mm: move_pages: return valid node id in status if the page is already on the target node memcg: account security cred as well to kmemcg mm/zsmalloc.c: fix the migrated zspage statistics. mm/memory_hotplug: shrink zones when offlining memory media: cec: check 'transmit_in_progress', not 'transmitting' media: cec: avoid decrementing transmit_queue_sz if it is 0 media: cec: CEC 2.0-only bcast messages were ignored media: pulse8-cec: fix lost cec_transmit_attempt_done() call MIPS: Avoid VDSO ABI breakage due to global register variable MIPS: BPF: eBPF JIT: check for MIPS ISA compliance in Kconfig MIPS: BPF: Disable MIPS32 eBPF JIT drm/amdgpu/smu: add metrics table lock for vega20 (v2) drm/amdgpu/smu: add metrics table lock for navi (v2) drm/amdgpu/smu: add metrics table lock for arcturus (v2) drm/amdgpu/smu: add metrics table lock drm/sun4i: hdmi: Remove duplicate cleanup calls ALSA: hda/realtek - Add headset Mic no shutup for ALC283 ALSA: hda - Apply sync-write workaround to old Intel platforms, too ALSA: usb-audio: set the interface format after resume on Dell WD19 ALSA: usb-audio: fix set_format altsetting sanity check ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code mm: drop mmap_sem before calling balance_dirty_pages() in write fault block: add bio_truncate to fix guard_bio_eod netfilter: nft_tproxy: Fix port selector on Big Endian ALSA: hda - Downgrade error message for single-cmd fallback taskstats: fix data-race shmem: pin the file in shmem_fault() if mmap_sem is dropped tcp: fix data-race in tcp_recvmsg() ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen PCI: Fix missing inline for pci_pr3_present() ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver PCI: Add a helper to check Power Resource Requirements _PR3 existence ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker PM / hibernate: memory_bm_find_bit(): Tighten node optimisation xen/balloon: fix ballooned page accounting without hotplug enabled xen-blkback: prevent premature module unload IB/mlx5: Fix steering rule of drop and count IB/mlx4: Follow mirror sequence of device add during device removal RDMA/counter: Prevent auto-binding a QP which are not tracked with res s390/cpum_sf: Avoid SBD overflow condition in irq handler s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits md: raid1: check rdev before reference in raid1_sync_request func raid5: need to set STRIPE_HANDLE for batch head afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP afs: Fix mountpoint parsing net: make socket read/write_iter() honor IOCB_NOWAIT usb: gadget: fix wrong endpoint desc drm/nouveau/kms/nv50-: fix panel scaling drm/nouveau: Fix drm-core using atomic code-paths on pre-nv50 hardware drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit staging/wlan-ng: add CRC32 dependency in Kconfig scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func scsi: libsas: stop discovering if oob mode is disconnected scsi: iscsi: qla4xxx: fix double free in probe scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI scsi: qla2xxx: Don't defer relogin unconditonally scsi: qla2xxx: Send Notify ACK after N2N PLOGI scsi: qla2xxx: Configure local loop for N2N target scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length scsi: qla2xxx: Don't call qlt_async_event twice scsi: qla2xxx: Drop superfluous INIT_WORK of del_work scsi: qla2xxx: Use explicit LOGO in target mode scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func rxe: correctly calculate iCRC for unaligned payloads RDMA/cma: add missed unregister_pernet_subsys in init failure afs: Fix SELinux setting security label on /afs afs: Fix afs_find_server lookups for ipv4 peers PM / devfreq: Don't fail devfreq_dev_release if not in list PM / devfreq: Set scaling_max_freq to max on OPP notifier error PM / devfreq: Fix devfreq_notifier_call returning errno iio: adc: max9611: Fix too short conversion time delay iio: st_accel: Fix unused variable warning nvme/pci: Fix read queue count nvme/pci: Fix write and poll queue types drm/amd/display: update dispclk and dppclk vco frequency drm/amd/display: Reset steer fifo before unblanking the stream drm/amd/display: Change the delay time before enabling FEC drm/amd/display: Fixed kernel panic when booting with DP-to-HDMI dongle drm/amd/display: Map DSC resources 1-to-1 if numbers of OPPs and DSCs are equal drm/amdgpu: add cache flush workaround to gfx8 emit_fence drm/amdgpu: add header line for power profile on Arcturus drm/amdgpu: add check before enabling/disabling broadcast mode nvme-fc: fix double-free scenarios on hw queues nvme_fc: add module to ops template to allow module references drm/mcde: dsi: Fix invalid pointer dereference if panel cannot be found ANDROID: update kernel ABI representation BACKPORT: perf_event: Add support for LSM and SELinux checks ANDROID: Update ABI representation ANDROID: GKI: clk: Don't disable unused clocks with sync state support ANDROID: GKI: clk: Add support for clock providers with sync state ANDROID: GKI: driver core: Add dev_has_sync_state() ANDROID: sdcardfs: fix -ENOENT lookup race issue CHROMIUM: cgroups: relax permissions on moving tasks between cgroups UPSTREAM: selinux: sidtab reverse lookup hash table ANDROID: update abi for 5.4.8 release Conflicts: Documentation/devicetree/bindings Documentation/devicetree/bindings/clock/renesas,rcar-usb2-clock-sel.txt arch/arm64/mm/mmu.c include/linux/clk-provider.h Change-Id: I668e3fd58b4ad5db037f700b66f89cdf845094b5 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
2b9f49ee80 |
Merge android-5.4.8 (de197c5) into msm-5.4
* refs/heads/tmp-de197c5:
Linux 5.4.8
mm/hugetlbfs: fix for_each_hstate() loop in init_hugetlbfs_fs()
mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround
mmc: sdhci-of-esdhc: fix up erratum A-008171 workaround
vhost/vsock: accept only packets with the right dst_cid
net: ena: fix napi handler misbehavior when the napi budget is zero
net: phylink: fix interface passed to mac_link_up
ipv6/addrconf: only check invalid header values when NETLINK_F_STRICT_CHK is set
bnxt: apply computed clamp value for coalece parameter
gtp: do not allow adding duplicate tid and ms_addr pdp context
gtp: fix an use-after-free in ipv4_pdp_find()
hv_netvsc: Fix tx_table init in rndis_set_subchannel()
tcp/dccp: fix possible race __inet_lookup_established()
tcp: do not send empty skb from tcp_write_xmit()
bonding: fix active-backup transition after link failure
gtp: avoid zero size hashtable
gtp: fix wrong condition in gtp_genl_dump_pdp()
net: marvell: mvpp2: phylink requires the link interrupt
net: dsa: sja1105: Reconcile the meaning of TPID and TPID2 for E/T and P/Q/R/S
net/dst: do not confirm neighbor for vxlan and geneve pmtu update
sit: do not confirm neighbor when do pmtu update
vti: do not confirm neighbor when do pmtu update
tunnel: do not confirm neighbor when do pmtu update
net/dst: add new function skb_dst_update_pmtu_no_confirm
gtp: do not confirm neighbor when do pmtu update
ip6_gre: do not confirm neighbor when do pmtu update
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
mlxsw: spectrum: Use dedicated policer for VRRP packets
mlxsw: spectrum_router: Skip loopback RIFs during MAC validation
bnxt_en: Add missing devlink health reporters for VFs.
bnxt_en: Fix the logic that creates the health reporters.
bnxt_en: Remove unnecessary NULL checks for fw_health
bnxt_en: Fix bp->fw_health allocation and free logic.
bnxt_en: Return error if FW returns more data than dump length
bnxt_en: Free context memory in the open path if firmware has been reset.
bnxt_en: Fix MSIX request logic for RDMA driver.
udp: fix integer overflow while computing available space in sk_rcvbuf
tcp: Fix highest_sack and highest_sack_seq
ptp: fix the race between the release of ptp_clock and cdev
net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
net_sched: sch_fq: properly set sk->sk_pacing_status
net/sched: add delete_empty() to filters and use it in cls_flower
net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device
net: phy: aquantia: add suspend / resume ops for AQR105
net/mlxfw: Fix out-of-memory error in mfa2 flash burning
net: dsa: bcm_sf2: Fix IP fragment location and behavior
cxgb4/cxgb4vf: fix flow control display for auto negotiation
xfs: fix mount failure crash on invalid iclog memory access
drm: limit to INT_MAX in create_blob ioctl
uaccess: disallow > INT_MAX copy sizes
tomoyo: Don't use nifty names on sockets.
hrtimer: Annotate lockless access to timer->state
net: icmp: fix data-race in cmp_global_allow()
net: add a READ_ONCE() in skb_peek_tail()
inetpeer: fix data-race in inet_putpeer / inet_putpeer
netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
net/smc: add fallback check to connect()
powerpc: Fix __clear_user() with KUAP enabled
6pack,mkiss: fix possible deadlock
netfilter: ebtables: compat: reject all padding in matches/watchers
Revert "iwlwifi: assign directly to iwl_trans->cfg in QuZ detection"
md: make sure desc_nr less than MD_SB_DISKS
sctp: fix err handling of stream initialization
Revert "powerpc/vcpu: Assume dedicated processors as non-preempt"
userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK
kernel: sysctl: make drop_caches write-only
mm/hugetlbfs: fix error handling when setting up mounts
selftests: vm: add fragment CONFIG_TEST_VMALLOC
s390: disable preemption when switching to nodat stack with CALL_ON_STACK
mailbox: imx: Fix Tx doorbell shutdown path
ocfs2: fix passing zero to 'PTR_ERR' warning
s390/cpum_sf: Check for SDBT and SDB consistency
s390/unwind: filter out unreliable bogus %r14
libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
mailbox: imx: Clear the right interrupts at shutdown
s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR
perf regs: Make perf_reg_name() return "unknown" instead of NULL
perf script: Fix brstackinsn for AUXTRACE
perf diff: Use llabs() with 64-bit values
cifs: move cifsFileInfo_put logic into a work-queue
cdrom: respect device capabilities during opening action
of: unittest: fix memory leak in attach_node_and_children
io_uring: io_allocate_scq_urings() should return a sane state
um: virtio: Keep reading on -EAGAIN
cifs: Fix use-after-free bug in cifs_reconnect()
powerpc: Don't add -mabi= flags when building with Clang
scripts/kallsyms: fix definitely-lost memory leak
drm/amdgpu: Call find_vma under mmap_sem
apparmor: fix unsigned len comparison with less than zero
Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic
tools/power/x86/intel-speed-select: Ignore missing config level
gpio: lynxpoint: Setup correct IRQ handlers
gpio: mpc8xxx: Don't overwrite default irq_set_type callback
platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support to intel_pmc_core driver
platform/x86: intel_pmc_core: Fix the SoC naming inconsistency
gpio/mpc8xxx: fix qoriq GPIO reading
habanalabs: skip VA block list update in reset flow
f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
scsi: target: iscsi: Wait for all commands to finish before freeing a session
scsi: iscsi: Don't send data to unbound connection
scsi: ufs: Fix up auto hibern8 enablement
scsi: target: core: Release SPC-2 reservations when closing a session
scsi: NCR5380: Add disconnect_mask module parameter
scsi: scsi_debug: num_tgts must be >= 0
scsi: ufs: Fix error handing during hibern8 enter
scsi: pm80xx: Fix for SATA device discovery
powerpc/fixmap: Use __fix_to_virt() instead of fix_to_virt()
watchdog: Fix the race between the release of watchdog_core_data and cdev
watchdog: prevent deferral of watchdogd wakeup on RT
watchdog: imx7ulp: Fix reboot hang
HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device
HID: Improve Windows Precision Touchpad detection.
libnvdimm/btt: fix variable 'rc' set but not used
ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening
HID: i2c-hid: fix no irq after reset on raydium 3118
HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
dt-bindings: Improve validation build error handling
HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse
bcache: at least try to shrink 1 node in bch_mca_scan()
clk: pxa: fix one of the pxa RTC clocks
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
powerpc/book3s/mm: Update Oops message to print the correct translation in use
powerpc/eeh: differentiate duplicate detection message
powerpc/security: Fix wrong message when RFI Flush is disable
PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info
PCI: rpaphp: Annotate and correctly byte swap DRC properties
PCI: rpaphp: Don't rely on firmware feature to imply drc-info support
powerpc/pseries/cmm: Implement release() function for sysfs device
scsi: ufs: fix potential bug which ends in system hang
PCI: rpaphp: Fix up pointer to first drc-info entry
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
Input: ili210x - handle errors from input_mt_init_slots()
iomap: fix return value of iomap_dio_bio_actor on 32bit systems
i2c: stm32f7: fix & reorder remove & probe error handling
iommu/arm-smmu-v3: Don't display an error when IRQ lines are missing
fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
dma-direct: check for overflows on 32 bit DMA addresses
irqchip: ingenic: Error out if IRQ domain creation failed
irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
clk: clk-gpio: propagate rate change to parent
clk: qcom: Allow constant ratio freq tables for rcg
clk: qcom: smd: Add missing pnoc clock
f2fs: fix to update dir's i_pino during cross_rename
scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
scsi: lpfc: Fix unexpected error messages during RSCN handling
scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
jbd2: Fix statistics for the number of logged blocks
ext4: iomap that extends beyond EOF should be marked dirty
ext4: update direct I/O read lock pattern for IOCB_NOWAIT
powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
powerpc/security/book3s64: Report L1TF status in sysfs
selftests/powerpc: Skip tm-signal-sigreturn-nt if TM not available
dtc: Use pkg-config to locate libyaml
clocksource/drivers/timer-of: Use unique device name instead of timer
clocksource/drivers/asm9260: Add a check for of_clk_get
leds: trigger: netdev: fix handling on interface rename
leds: an30259a: add a check for devm_regmap_init_i2c
leds: lm3692x: Handle failure to probe the regulator
dmaengine: fsl-qdma: Handle invalid qdma-queue0 IRQ
dma-mapping: fix handling of dma-ranges for reserved memory (again)
dma-mapping: Add vmap checks to dma_map_single()
dma-debug: add a schedule point in debug_dma_dump_mappings()
powerpc/tools: Don't quote $objdump in scripts
selftests/powerpc: Fixup clobbers for TM tests
Input: st1232 - do not reset the chip too early
powerpc/pseries: Don't fail hash page table insert for bolted mapping
powerpc/pseries: Mark accumulate_stolen_time() as notrace
scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails
scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
scsi: csiostor: Don't enable IRQs too early
scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
scsi: lpfc: Fix hardlockup in lpfc_abort_handler
scsi: target: compare full CHAP_A Algorithm strings
dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset
iommu/tegra-smmu: Fix page tables in > 4 GiB memory
iommu: rockchip: Free domain on .domain_free
platform/x86: peaq-wmi: switch to using polled mode of input devices
tools/power/x86/intel-speed-select: Remove warning for unused result
powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_{get, set}
f2fs: fix to update time in lazytime mode
Input: atmel_mxt_ts - disable IRQ across suspend
scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq
gpio: mxc: Only get the second IRQ when there is more than one IRQ
scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA
scsi: lpfc: Fix locking on mailbox command completion
scsi: mpt3sas: Fix clear pending bit in ioctl status
scsi: lpfc: Fix discovery failures when target device connectivity bounces
scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd()
Revert "MIPS: futex: Emit Loongson3 sync workarounds within asm"
Revert "MIPS: futex: Restore \n after sync instructions"
UPSTREAM: exit: panic before exit_mm() on global init exit
ANDROID: serdev: Fix platform device support
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/Makefile
kernel/time/hrtimer.c
Change-Id: I271162549a080e2b747572f5c87cfd8fa111da51
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
ce5de62e20 |
This is the 5.4.24 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5hHjgACgkQONu9yGCS aT6CSBAA0c16mnDb59jgmW/sBj/p/MrlD/WJzLriqiKN5BUsPt9++I5mNj8mG+d2 Glm4086e8L826zv8oKiZm23xk93on+78ExhVFVZvZNaEUpiRNYCGSuDq2NrHW0z+ kpagkAFLfCUZFoKtmWo+bpl0YtF4dd/fg7+EjyL6qT1DBs8NVMwZx7i/v0xXv7Wc 0vsGCLYoBLzcW1FB2d9cfAUPCBuGEzL/7TdifNOXRgI9owGsZndFJgXgIzoBUt/P tqB8RLjIupCiMEPtsEAZ/rgEQLPFkb3yrBvgjd1wDI8bHUIQU0clqThKVNvmNSmv UTBSNgPAhkP8nZG7X9xCkyfEsUefejBJy66da9n4XTGGrXf9ga0BL0nNrOGwOesr m+tNnBSFsbFCMqFopQnt4zZSnaf67AOk2mzxbEu4E+sStyW943aDO9MoRRFgaYGH pfie3qOKtKta2MuNTJA+q6F0W9H+V5MtMpwbyuy1/dp2eVln2wewBBMvXYdL1YOy E/Z87nsQgalsDynz9m/niv32J4JAxHptyOyROkktDLBSzL5RawNn+Op8X5EtmZOe sPkiYicqp9CLmMj13qWXJhtuyNdD4wk6FyyAy6cX9mF44+EZGOBkyNP+n8g789Kn sqFJ7sfTfOnwLBFciMA5PaMTGNWROyWXNkvvUzO+9t0CyFAnT2U= =abGA -----END PGP SIGNATURE----- Merge 5.4.24 into android-5.4 Changes in 5.4.24 io_uring: grab ->fs as part of async offload EDAC: skx_common: downgrade message importance on missing PCI device net: dsa: b53: Ensure the default VID is untagged net: fib_rules: Correctly set table field when table number exceeds 8 bits net: macb: ensure interface is not suspended on at91rm9200 net: mscc: fix in frame extraction net: phy: restore mdio regs in the iproc mdio driver net: sched: correct flower port blocking net/tls: Fix to avoid gettig invalid tls record nfc: pn544: Fix occasional HW initialization failure qede: Fix race between rdma destroy workqueue and link change event Revert "net: dev: introduce support for sch BYPASS for lockless qdisc" udp: rehash on disconnect sctp: move the format error check out of __sctp_sf_do_9_1_abort bnxt_en: Improve device shutdown method. bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs. bonding: add missing netdev_update_lockdep_key() net: export netdev_next_lower_dev_rcu() bonding: fix lockdep warning in bond_get_stats() ipv6: Fix route replacement with dev-only route ipv6: Fix nlmsg_flags when splitting a multipath route ipmi:ssif: Handle a possible NULL pointer reference drm/msm: Set dma maximum segment size for mdss sched/core: Don't skip remote tick for idle CPUs timers/nohz: Update NOHZ load in remote tick sched/fair: Prevent unlimited runtime on throttled group dax: pass NOWAIT flag to iomap_apply mac80211: consider more elements in parsing CRC cfg80211: check wiphy driver existence for drvinfo report s390/zcrypt: fix card and queue total counter wrap qmi_wwan: re-add DW5821e pre-production variant qmi_wwan: unconditionally reject 2 ep interfaces NFSv4: Fix races between open and dentry revalidation perf/smmuv3: Use platform_get_irq_optional() for wired interrupt perf/x86/intel: Add Elkhart Lake support perf/x86/cstate: Add Tremont support perf/x86/msr: Add Tremont support ceph: do not execute direct write in parallel if O_APPEND is specified ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi drm/amd/display: Do not set optimized_require to false after plane disable RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready() drm/amd/display: Check engine is not NULL before acquiring drm/amd/display: Limit minimum DPPCLK to 100MHz. drm/amd/display: Add initialitions for PLL2 clock source amdgpu: Prevent build errors regarding soft/hard-float FP ABI tags soc/tegra: fuse: Fix build with Tegra194 configuration i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps net: ena: fix potential crash when rxfh key is NULL net: ena: fix uses of round_jiffies() net: ena: add missing ethtool TX timestamping indication net: ena: fix incorrect default RSS key net: ena: rss: do not allocate key when not supported net: ena: rss: fix failure to get indirection table net: ena: rss: store hash function as values and not bits net: ena: fix incorrectly saving queue numbers when setting RSS indirection table net: ena: fix corruption of dev_idx_to_host_tbl net: ena: ethtool: use correct value for crc32 hash net: ena: ena-com.c: prevent NULL pointer dereference ice: update Unit Load Status bitmask to check after reset cifs: Fix mode output in debugging statements cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE mac80211: fix wrong 160/80+80 MHz setting net: hns3: add management table after IMP reset net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples() nvme/tcp: fix bug on double requeue when send fails nvme: prevent warning triggered by nvme_stop_keep_alive nvme/pci: move cqe check after device shutdown ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() audit: fix error handling in audit_data_to_entry() audit: always check the netlink payload length in audit_receive_msg() ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro ACPI: watchdog: Fix gas->access_width usage KVM: VMX: check descriptor table exits on instruction emulation HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock HID: core: fix off-by-one memset in hid_report_raw_event() HID: core: increase HID report buffer size to 8KiB drm/amdgpu: Drop DRIVER_USE_AGP drm/radeon: Inline drm_get_pci_dev macintosh: therm_windtunnel: fix regression when instantiating devices tracing: Disable trace_printk() on post poned tests Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" amdgpu/gmc_v9: save/restore sdpif regs during S3 cpufreq: Fix policy initialization for internal governor drivers io_uring: fix 32-bit compatability with sendmsg/recvmsg netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports net/smc: transfer fasync_list in case of fallback vhost: Check docket sk_family instead of call getname netfilter: ipset: Fix forceadd evaluation path netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put() HID: alps: Fix an error handling path in 'alps_input_configured()' HID: hiddev: Fix race in in hiddev_disconnect() MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()' i2c: altera: Fix potential integer overflow i2c: jz4780: silence log flood on txabrt drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime drm/i915/gvt: Separate display reset from ALL_ENGINES reset nl80211: fix potential leak in AP start mac80211: Remove a redundant mutex unlock kbuild: fix DT binding schema rule to detect command line changes hv_netvsc: Fix unwanted wakeup in netvsc_attach() usb: charger: assign specific number for enum value nvme-pci: Hold cq_poll_lock while completing CQEs s390/qeth: vnicc Fix EOPNOTSUPP precedence net: netlink: cap max groups which will be considered in netlink_bind() net: atlantic: fix use after free kasan warn net: atlantic: fix potential error handling net: atlantic: fix out of range usage of active_vlans array net/smc: no peer ID in CLC decline for SMCD net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE selftests: Install settings files to fix TIMEOUT failures kbuild: remove header compile test kbuild: move headers_check rule to usr/include/Makefile kbuild: remove unneeded variable, single-all kbuild: make single target builds even faster namei: only return -ECHILD from follow_dotdot_rcu() mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() mwifiex: delete unused mwifiex_get_intf_num() KVM: SVM: Override default MMIO mask if memory encryption is enabled KVM: Check for a bad hva before dropping into the ghc slow path sched/fair: Optimize select_idle_cpu f2fs: fix to add swap extent correctly RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs RDMA/hns: Bugfix for posting a wqe with sge drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' ima: ima/lsm policy rule loading logic bug fixes kprobes: Set unoptimized flag after unoptimizing code lib/vdso: Make __arch_update_vdso_data() logic understandable lib/vdso: Update coarse timekeeper unconditionally pwm: omap-dmtimer: put_device() after of_find_device_by_node() perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc perf ui gtk: Add missing zalloc object x86/resctrl: Check monitoring static key in the MBM overflow handler KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path KVM: x86: Remove spurious clearing of async #PF MSR rcu: Allow only one expedited GP to run concurrently with wakeups ubifs: Fix ino_t format warnings in orphan_delete() thermal: db8500: Depromote debug print thermal: brcmstb_thermal: Do not use DT coefficients netfilter: nft_tunnel: no need to call htons() when dumping ports netfilter: nf_flowtable: fix documentation bus: tegra-aconnect: Remove PM_CLK dependency xfs: clear kernel only flags in XFS_IOC_ATTRMULTI_BY_HANDLE locking/lockdep: Fix lockdep_stats indentation problem mm/debug.c: always print flags in dump_page() mm/gup: allow FOLL_FORCE for get_user_pages_fast() mm/huge_memory.c: use head to check huge zero page mm, thp: fix defrag setting if newline is not used kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field kvm: nVMX: VMWRITE checks unsupported field before read-only field blktrace: Protect q->blk_trace with RCU Linux 5.4.24 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0b31557e16c72bd30d1e6938ed199918ff326d88 |
||
Janne Karhunen
|
e8807eb1e6 |
ima: ima/lsm policy rule loading logic bug fixes
commit 483ec26eed42bf050931d9a5c5f9f0b5f2ad5f3b upstream.
Keep the ima policy rules around from the beginning even if they appear
invalid at the time of loading, as they may become active after an lsm
policy load. However, loading a custom IMA policy with unknown LSM
labels is only safe after we have transitioned from the "built-in"
policy rules to a custom IMA policy.
Patch also fixes the rule re-use during the lsm policy reload and makes
some prints a bit more human readable.
Changelog:
v4:
- Do not allow the initial policy load refer to non-existing lsm rules.
v3:
- Fix too wide policy rule matching for non-initialized LSMs
v2:
- Fix log prints
Fixes:
|
||
|
Greg Kroah-Hartman
|
835bd1de9c |
This is the 5.4.22 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5TfSAACgkQONu9yGCS
aT4I8w//SU+w9Tj8Crpt1BI7Lk2AiTGvyZtX0wGd53vzFKGy+Wi1Oba1ybB+xyYw
UgMJJpoOgp9gTatRgjDl0vO/7U7vZckigPpog3pSW+xq2JW0kTWGS2z04hUjWKkG
W4l3sAGwHRv7MTBbpjECDSHv+6x6ZqlWcVodpkHqLNmGxR0mYuiB6Zu8QuCu1bl0
K0SAlt+yd0laUt2bU3wpEqBwGXHepz+IqsqcYp78sAeytT8ds9ZfPxKv98CvLlXs
VLVr87UqZy3Hkl6IWKGrmdhWbTZE+3AyjKnxlA8PovA0ET5xO/IFPLHVhVX+or+5
UFp/1qvacr+EIu8CKvftc2n1CflaRXIn/QNpwdemh94mi/2TqiXiqAUu1EiW56vg
/PUH8G72Q26AiWSmD3WRr09ohTu4hfz6fIDKV60qmdVe4AUffLw0SnBEE0VFA3/S
lVKZeXKkePeMlHcTyRDQ6+/y49yjfq2exdrjetypOwRa1emHxj/YsfdnEWYfwT53
sikMLjP4XA7v5rsDr9LJTwQL/V/7euu1Hr3lSGpRv8vmePprvfmivTLcY5tgvOTC
GZ51Em+CxJ+W4vCJKHuM7i0nUvf2Knn5lBidq4KsvLRUuZ31mSXSfSn4bW6Gl/Jm
RZPDC71MqT/FMtfuQLlVNqIw2umC1buNa5SwZ8GhJG6za4gU4FU=
=L+e0
-----END PGP SIGNATURE-----
Merge 5.4.22 into android-5.4
Changes in 5.4.22
core: Don't skip generic XDP program execution for cloned SKBs
enic: prevent waking up stopped tx queues over watchdog reset
net/smc: fix leak of kernel memory to user space
net: dsa: tag_qca: Make sure there is headroom for tag
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
drm/gma500: Fixup fbdev stolen size usage evaluation
ath10k: Fix qmi init error handling
wil6210: fix break that is never reached because of zero'ing of a retry counter
drm/qxl: Complete exception handling in qxl_device_init()
rcu/nocb: Fix dump_tree hierarchy print always active
rcu: Fix missed wakeup of exp_wq waiters
rcu: Fix data-race due to atomic_t copy-by-value
f2fs: preallocate DIO blocks when forcing buffered_io
f2fs: call f2fs_balance_fs outside of locked page
media: meson: add missing allocation failure check on new_buf
clk: meson: pll: Fix by 0 division in __pll_params_to_rate()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev()
brcmfmac: Fix use after free in brcmf_sdio_readframes()
PCI: Fix pci_add_dma_alias() bitmask size
drm/amd/display: Map ODM memory correctly when doing ODM combine
leds: pca963x: Fix open-drain initialization
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
ALSA: ctl: allow TLV read operation for callback type of element in locked case
gianfar: Fix TX timestamping with a stacked DSA driver
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
printk: fix exclusive_console replaying
drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank()
drm/msm/adreno: fix zap vs no-zap handling
pxa168fb: Fix the function used to release some memory in an error handling path
media: ov5640: Fix check for PLL1 exceeding max allowed rate
media: i2c: mt9v032: fix enum mbus codes and frame sizes
media: sun4i-csi: Deal with DRAM offset
media: sun4i-csi: Fix data sampling polarity handling
media: sun4i-csi: Fix [HV]sync polarity handling
clk: at91: sam9x60: fix programmable clock prescaler
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
clk: meson: meson8b: make the CCF use the glitch-free mali mux
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
iommu/vt-d: Fix off-by-one in PASID allocation
x86/fpu: Deactivate FPU state after failure during state load
char/random: silence a lockdep splat with printk()
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
kernel/module: Fix memleak in module_add_modinfo_attrs()
IB/core: Let IB core distribute cache update events
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
efi/x86: Map the entire EFI vendor string before copying it
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
sparc: Add .exit.data section.
net: ethernet: ixp4xx: Standard module init
raid6/test: fix a compilation error
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
drm/amdgpu/sriov: workaround on rev_id for Navi12 under sriov
spi: fsl-lpspi: fix only one cs-gpio working
drm/nouveau/nouveau: fix incorrect sizeof on args.src an args.dst
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
usb: dwc2: Fix IN FIFO allocation
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
drm/amd/display: Clear state after exiting fixed active VRR state
kselftest: Minimise dependency of get_size on C library interfaces
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
ext4: fix deadlock allocating bio_post_read_ctx from mempool
clk: ti: dra7: fix parent for gmac_clkctrl
x86/sysfb: Fix check for bad VRAM size
pwm: omap-dmtimer: Simplify error handling
udf: Allow writing to 'Rewritable' partitions
dmaengine: fsl-qdma: fix duplicated argument to &&
wan/hdlc_x25: fix skb handling
s390/pci: Fix possible deadlock in recover_store()
powerpc/iov: Move VF pdev fixup into pcibios_fixup_iov()
tracing: Fix tracing_stat return values in error handling paths
tracing: Fix very unlikely race of registering two stat tracers
ARM: 8952/1: Disable kmemleak on XIP kernels
ext4, jbd2: ensure panic when aborting with zero errno
ath10k: Correct the DMA direction for management tx buffers
rtw88: fix rate mask for 1SS chip
brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362
selftests: settings: tests can be in subsubdirs
rtc: i2c/spi: Avoid inclusion of REGMAP support when not needed
drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
tracing: Simplify assignment parsing for hist triggers
nbd: add a flush_workqueue in nbd_start_device
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
Btrfs: keep pages dirty when using btrfs_writepage_fixup_worker
drivers/block/zram/zram_drv.c: fix error return codes not being returned in writeback_store
block, bfq: do not plug I/O for bfq_queues with no proc refs
kconfig: fix broken dependency in randconfig-generated .config
clk: qcom: Don't overwrite 'cfg' in clk_rcg2_dfs_populate_freq()
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
drm/amdkfd: Fix a bug in SDMA RLC queue counting under HWS mode
bpf, sockhash: Synchronize_rcu before free'ing map
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
ath10k: correct the tlv len of ath10k_wmi_tlv_op_gen_config_pno_start
drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG
drm/panel: simple: Add Logic PD Type 28 display support
arm64: dts: rockchip: Fix NanoPC-T4 cooling maps
modules: lockdep: Suppress suspicious RCU usage warning
ASoC: intel: sof_rt5682: Add quirk for number of HDMI DAI's
ASoC: intel: sof_rt5682: Add support for tgl-max98357a-rt5682
regulator: rk808: Lower log level on optional GPIOs being not available
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
arm64: dts: allwinner: H6: Add PMU mode
arm64: dts: allwinner: H5: Add PMU node
arm: dts: allwinner: H3: Add PMU node
opp: Free static OPPs on errors while adding them
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
padata: validate cpumask without removed CPU during offline
clk: imx: Add correct failure handling for clk based helpers
ARM: exynos_defconfig: Bring back explicitly wanted options
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed
bus: ti-sysc: Implement quirk handling for CLKDM_NOAUTO
PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in
media: cx23885: Add support for AVerMedia CE310B
PCI: Add generic quirk for increasing D3hot delay
PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers
Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace"
gpu/drm: ingenic: Avoid null pointer deference in plane atomic update
selftests/net: make so_txtime more robust to timer variance
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
samples/bpf: Set -fno-stack-protector when building BPF programs
r8169: check that Realtek PHY driver module is loaded
fore200e: Fix incorrect checks of NULL pointer dereference
netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
PCI: Add nr_devfns parameter to pci_add_dma_alias()
PCI: Add DMA alias quirk for PLX PEX NTB
b43legacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
rtlwifi: rtl_pci: Fix -Wcast-function-type
orinoco: avoid assertion in case of NULL pointer
drm/amdgpu: fix KIQ ring test fail in TDR of SRIOV
clk: qcom: smd: Add missing bimc clock
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
nfsd: Clone should commit src file metadata too
scsi: ufs: Complete pending requests in host reset and restore path
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
crypto: inside-secure - add unspecified HAS_IOMEM dependency
drm/mediatek: handle events when enabling/disabling crtc
clk: renesas: rcar-gen3: Allow changing the RPC[D2] clocks
ARM: dts: r8a7779: Add device node for ARM global timer
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration
arm64: dts: qcom: db845c: Enable ath10k 8bit host-cap quirk
iommu/amd: Check feature support bit before accessing MSI capability registers
iommu/amd: Only support x2APIC with IVHD type 11h/40h
iommu/iova: Silence warnings under memory pressure
clk: actually call the clock init before any other callback of the clock
dmaengine: Store module owner in dma_device struct
dmaengine: imx-sdma: Fix memory leak
bpf: Print error message for bpftool cgroup show
net: phy: realtek: add logging for the RGMII TX delay configuration
crypto: chtls - Fixed memory leak
x86/vdso: Provide missing include file
PM / devfreq: exynos-ppmu: Fix excessive stack usage
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
drm/fbdev: Fallback to non tiled mode if all tiles not present
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
reset: uniphier: Add SCSSI reset control for each channel
ASoC: soc-topology: fix endianness issues
fbdev: fix numbering of fbcon options
RDMA/rxe: Fix error type of mmap_offset
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
ALSA: sh: Fix unused variable warnings
clk: Use parent node pointer during registration if necessary
clk: uniphier: Add SCSSI clock gate for each channel
ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too
ALSA: sh: Fix compile warning wrt const
net: phy: fixed_phy: fix use-after-free when checking link GPIO
tools lib api fs: Fix gcc9 stringop-truncation compilation error
vfio/spapr/nvlink2: Skip unpinning pages on error exit
ASoC: Intel: sof_rt5682: Ignore the speaker amp when there isn't one.
ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch
iommu/vt-d: Match CPU and IOMMU paging mode
iommu/vt-d: Avoid sending invalid page response
drm/amdkfd: Fix permissions of hang_hws
mlx5: work around high stack usage with gcc
RDMA/hns: Avoid printing address of mtt page
drm: remove the newline for CRC source name.
usb: dwc3: use proper initializers for property entries
ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco
usbip: Fix unsafe unaligned pointer usage
udf: Fix free space reporting for metadata and virtual partitions
drm/mediatek: Add gamma property according to hardware capability
staging: rtl8188: avoid excessive stack usage
IB/hfi1: Add software counter for ctxt0 seq drop
IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
efi/x86: Don't panic or BUG() on non-critical error conditions
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
Input: edt-ft5x06 - work around first register access error
bnxt: Detach page from page pool before sending up the stack
x86/nmi: Remove irq_work from the long duration NMI handler
wan: ixp4xx_hss: fix compile-testing on 64-bit
clocksource: davinci: only enable clockevents once tim34 is initialized
arm64: dts: rockchip: fix dwmmc clock name for px30
arm64: dts: rockchip: add reg property to brcmf sub-nodes
ARM: dts: rockchip: add reg property to brcmf sub node for rk3188-bqedison2qc
ALSA: usb-audio: Add boot quirk for MOTU M Series
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
raid6/test: fix a compilation warning
tty: synclinkmp: Adjust indentation in several functions
tty: synclink_gt: Adjust indentation in several functions
misc: xilinx_sdfec: fix xsdfec_poll()'s return type
visorbus: fix uninitialized variable access
driver core: platform: Prevent resouce overflow from causing infinite loops
driver core: Print device when resources present in really_probe()
ASoC: SOF: Intel: hda-dai: fix compilation warning in pcm_prepare
bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map
vme: bridges: reduce stack usage
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/drm/ttm: Remove set but not used variable 'mem'
drm/nouveau/fault/gv100-: fix memory leak on module unload
dm thin: don't allow changing data device during thin-pool reload
gpiolib: Set lockdep class for hierarchical irq domains
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
perf/imx_ddr: Fix cpu hotplug state cleanup
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
kbuild: remove *.tmp file when filechk fails
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
ALSA: usb-audio: unlock on error in probe
f2fs: set I_LINKABLE early to avoid wrong access by vfs
f2fs: free sysfs kobject
scsi: ufs: pass device information to apply_dev_quirks
scsi: ufs-mediatek: add apply_dev_quirks variant operation
scsi: iscsi: Don't destroy session if there are outstanding connections
crypto: essiv - fix AEAD capitalization and preposition use in help text
ALSA: usb-audio: add implicit fb quirk for MOTU M Series
RDMA/mlx5: Don't fake udata for kernel path
arm64: lse: fix LSE atomics with LLVM's integrated assembler
arm64: fix alternatives with LLVM's integrated assembler
drm/amd/display: fixup DML dependencies
EDAC/sifive: Fix return value check in ecc_register()
KVM: PPC: Remove set but not used variable 'ra', 'rs', 'rt'
arm64: dts: ti: k3-j721e-main: Add missing power-domains for smmu
sched/core: Fix size of rq::uclamp initialization
sched/topology: Assert non-NUMA topology masks don't (partially) overlap
perf/x86/amd: Constrain Large Increment per Cycle events
watchdog/softlockup: Enforce that timestamp is valid on boot
debugobjects: Fix various data races
ASoC: SOF: Intel: hda: Fix SKL dai count
regulator: vctrl-regulator: Avoid deadlock getting and setting the voltage
f2fs: fix memleak of kobject
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
cmd64x: potential buffer overflow in cmd64x_program_timings()
ide: serverworks: potential overflow in svwks_set_pio_mode()
pwm: Remove set but not set variable 'pwm'
btrfs: fix possible NULL-pointer dereference in integrity checks
btrfs: safely advance counter when looking up bio csums
btrfs: device stats, log when stats are zeroed
module: avoid setting info->name early in case we can fall back to info->mod->name
remoteproc: Initialize rproc_class before use
regulator: core: Fix exported symbols to the exported GPL version
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
spi: spi-fsl-qspi: Ensure width is respected in spi-mem operations
kbuild: use -S instead of -E for precise cc-option test in Kconfig
objtool: Fix ARCH=x86_64 build error
x86/decoder: Add TEST opcode to Group3-2
s390: adjust -mpacked-stack support check for clang 10
s390/ftrace: generate traced function stack frame
driver core: platform: fix u32 greater or equal to zero comparison
bpf, btf: Always output invariant hit in pahole DWARF to BTF transform
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
sunrpc: Fix potential leaks in sunrpc_cache_unhash()
drm/nouveau/mmu: fix comptag memory leak
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
media: uvcvideo: Add a quirk to force GEO GC6500 Camera bits-per-pixel value
btrfs: separate definition of assertion failure handlers
btrfs: Fix split-brain handling when changing FSID to metadata uuid
bcache: cached_dev_free needs to put the sb page
bcache: rework error unwinding in register_bcache
bcache: fix use-after-free in register_bcache()
iommu/vt-d: Remove unnecessary WARN_ON_ONCE()
alarmtimer: Make alarmtimer platform device child of RTC device
selftests: bpf: Reset global state between reuseport test runs
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
powerpc/pseries/lparcfg: Fix display of Maximum Memory
selftests/eeh: Bump EEH wait time to 60s
ARM: 8951/1: Fix Kexec compilation issue.
ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82
hostap: Adjust indentation in prism2_hostapd_add_sta
rtw88: fix potential NULL skb access in TX ISR
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
cifs: fix unitialized variable poential problem with network I/O cache lock patch
cifs: Fix mount options set in automount
cifs: fix NULL dereference in match_prepath
bpf: map_seq_next should always increase position index
powerpc/mm: Don't log user reads to 0xffffffff
ceph: check availability of mds cluster on mount after wait timeout
rbd: work around -Wuninitialized warning
drm/amd/display: do not allocate display_mode_lib unnecessarily
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
char: hpet: Fix out-of-bounds read bug
ftrace: fpid_next() should increase position index
trigger_next should increase position index
radeon: insert 10ms sleep in dce5_crtc_load_lut
powerpc: Do not consider weak unresolved symbol relocations as bad
btrfs: do not do delalloc reservation under page lock
ocfs2: make local header paths relative to C files
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
bcache: fix memory corruption in bch_cache_accounting_clear()
bcache: explicity type cast in bset_bkey_last()
bcache: fix incorrect data type usage in btree_flush_write()
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
nvmet: Pass lockdep expression to RCU lists
nvme-pci: remove nvmeq->tags
iwlwifi: mvm: Fix thermal zone registration
iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta()
asm-generic/tlb: add missing CONFIG symbol
microblaze: Prevent the overflow of the start
brd: check and limit max_part par
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage
NFS: Fix memory leaks
help_next should increase position index
i40e: Relax i40e_xsk_wakeup's return value when PF is busy
cifs: log warning message (once) if out of disk space
virtio_balloon: prevent pfn array overflow
fuse: don't overflow LLONG_MAX with end offset
mlxsw: spectrum_dpipe: Add missing error path
s390/pci: Recover handle in clp_set_pci_fn()
drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2)
bcache: properly initialize 'path' and 'err' in register_bcache()
rtc: Kconfig: select REGMAP_I2C when necessary
Linux 5.4.22
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iaeb3945493ecc81a0ae90ef87b19ceb2caf48164
|
||
Jaihind Yadav
|
111749fba9 |
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
[ Upstream commit 030b995ad9ece9fa2d218af4429c1c78c2342096 ]
In AVC update we don't call avc_node_kill() when avc_xperms_populate()
fails, resulting in the avc->avc_cache.active_nodes counter having a
false value. In last patch this changes was missed , so correcting it.
Fixes:
|
||
|
Paul Moore
|
0e44cd879b |
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
[ Upstream commit d8db60cb23e49a92cf8cada3297395c7fa50fdf8 ]
Fix avc_insert() to call avc_node_kill() if we've already allocated
an AVC node and the code fails to insert the node in the cache.
Fixes:
|
||
|
Greg Kroah-Hartman
|
e736cc6873 |
This is the 5.4.20 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5HElwACgkQONu9yGCS aT6GQBAAxBLl+L518k3/Jm7Fv5VGFtfk7QIJmLKSdI58Gj7aLib2CulB5dJpHu0Z uOJXEUKQoUC739MjS6IgrAUoee/GTgyeOS1gyI49IBVvrBgjQop/3FJ4Oe4EF6Wj aEy7xA1k1MRUM4XWy3PiMvIuaxWNWoEn22DS703adOKPEx2yS0sPtAf6RRRpzxW+ oWR9aJv5y+wKRi7frRvTJ8juQoeo67XHNQWBybv7v+th7KqF33EYk/faLJqTbqNd caJAG+DuGsu/oLcwlWEE5CZ8rP5OAOh12505J9XG5uXoqA2BrQFCTLW6okG1PUNI I+GugtMKWwOSP8dHkfq/jPKInG3H+mCwVW3wWzKfWBJwIi4NWokYK31SQty1BNBe if9ytUT97ykgkovVjVbu+X+wMnEes2JMrVyBAzY2cOK01KD2PUR/cLdZZXTil4A0 rEKXd+tJRN7+ko+z4EJRdstzNtB030tDeEUmwJSIlJoWPRROk69it8d4/OFXe+/u Le4T4V6w22tcP0H/2CtDSwTntDbjNoXWpTGzqp2HO0urObqZyX99leyCI8Ee9sRz 00B6ykAOnOMPdLmAGmpBXnhKRK89VlnfG5A/d609km4EPJuKZyX9KS6tZSwpJIAd 3W9FWaNyr8Z79BDJyeK0ftS5BD/WNGDLux7lylLzMsPAmF7YNsI= =Zp/p -----END PGP SIGNATURE----- Merge 5.4.20 into android-5.4 Changes in 5.4.20 ASoC: pcm: update FE/BE trigger order based on the command hv_sock: Remove the accept port restriction IB/mlx4: Fix memory leak in add_gid error flow IB/srp: Never use immediate data if it is disabled by a user IB/mlx4: Fix leak in id_map_find_del RDMA/netlink: Do not always generate an ACK for some netlink operations RDMA/i40iw: fix a potential NULL pointer dereference RDMA/core: Fix locking in ib_uverbs_event_read RDMA/uverbs: Verify MR access flags RDMA/cma: Fix unbalanced cm_id reference count during address resolve RDMA/umem: Fix ib_umem_find_best_pgsz() scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails PCI/IOV: Fix memory leak in pci_iov_add_virtfn() ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe PCI/switchtec: Use dma_set_mask_and_coherent() PCI/switchtec: Fix vep_vector_number ioread width PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30 PCI: Don't disable bridge BARs when assigning bus resources PCI/AER: Initialize aer_fifo iwlwifi: mvm: avoid use after free for pmsr request bpftool: Don't crash on missing xlated program instructions bpf, sockmap: Don't sleep while holding RCU lock on tear-down bpf, sockhash: Synchronize_rcu before free'ing map selftests/bpf: Test freeing sockmap/sockhash with a socket in it bpf: Improve bucket_log calculation logic bpf, sockmap: Check update requirements after locking nfs: NFS_SWAP should depend on SWAP NFS: Revalidate the file size on a fatal write error NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() NFS: Fix fix of show_nfs_errors NFSv4: pnfs_roc() must use cred_fscmp() to compare creds NFSv4: try lease recovery on NFS4ERR_EXPIRED NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals x86/boot: Handle malformed SRAT tables during early ACPI parsing rtc: hym8563: Return -EINVAL if the time is known to be invalid rtc: cmos: Stop using shared IRQ watchdog: qcom: Use platform_get_irq_optional() for bark irq ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node platform/x86: intel_mid_powerbtn: Take a copy of ddata arm64: dts: qcom: msm8998: Fix tcsr syscon size arm64: dts: uDPU: fix broken ethernet ARM: dts: at91: Reenable UART TX pull-ups ARM: dts: am43xx: add support for clkout1 clock arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP ARM: dts: at91: sama5d3: fix maximum peripheral clock rates ARM: dts: at91: sama5d3: define clock rate range for tcb1 tools/power/acpi: fix compilation error soc: qcom: rpmhpd: Set 'active_only' for active only power domains Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests" powerpc/ptdump: Fix W+X verification call in mark_rodata_ro() powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA ARM: at91: pm: use SAM9X60 PMC's compatible ARM: at91: pm: use of_device_id array to find the proper shdwc node KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections ARM: 8949/1: mm: mark free_memmap as __init sched/uclamp: Fix a bug in propagating uclamp value in new cgroups arm64: cpufeature: Fix the type of no FP/SIMD capability arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations KVM: arm/arm64: Fix young bit from mmu notifier KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests KVM: arm: Make inject_abt32() inject an external abort instead KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset KVM: arm64: pmu: Fix chained SW_INCR counters KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock mtd: sharpslpart: Fix unsigned comparison to zero crypto: testmgr - don't try to decrypt uninitialized buffers crypto: artpec6 - return correct error code for failed setkey() crypto: atmel-sha - fix error handling when setting hmac key crypto: caam/qi2 - fix typo in algorithm's driver name drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe media: i2c: adv748x: Fix unsafe macros dt-bindings: iio: adc: ad7606: Fix wrong maxItems value bcache: avoid unnecessary btree nodes flushing in btree_flush_write() selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" selinux: fix regression introduced by move_mount(2) syscall pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B regmap: fix writes to non incrementing registers mfd: max77650: Select REGMAP_IRQ in Kconfig clk: meson: g12a: fix missing uart2 in regmap table dmaengine: axi-dmac: add a check for devm_regmap_init_mmio mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held libertas: make lbs_ibss_join_existing() return error code on rates overflow selinux: fall back to ref-walk if audit is required Linux 5.4.20 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I68c0ac72422e279b38324afc91dc52df3eadc0f7 |
||
Stephen Smalley
|
2d8fdc5744 |
selinux: fall back to ref-walk if audit is required
commit 0188d5c025ca8fe756ba3193bd7d150139af5a88 upstream. commit |
||
|
Stephen Smalley
|
875e01dd8a |
selinux: fix regression introduced by move_mount(2) syscall
commit 98aa00345de54b8340dc2ddcd87f446d33387b5e upstream. commit |
||
|
Stephen Smalley
|
3b2e595dfe |
selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"
commit 1a37079c236d55fb31ebbf4b59945dab8ec8764c upstream. This reverts commit |
||
|
Greg Kroah-Hartman
|
87acfa0267 |
This is the 5.4.19 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5Cn6wACgkQONu9yGCS
aT789BAAkpzYCCHEL2aqDpnZQdu1kVua2nywEJCY0WqSM1lWLeU1Lk9EvS6uu99B
nHnIgoAGXR1zQy9rlhpKKt62LvCCM94QWlQRDYYeJxbFPn1ogT2/0vmwN7rqNz4M
Jdszd6gfNKtB3zpZZLJ0KXG8q6YRp5kXOHEzOXNjcVsfKRuNTWWIBV0dMmkCzduQ
Y5e62+d1FnnRFj28R7wjJfXiZSRnIGcMHohcQGXsWZsh2rktYOYsL6G37I9lCBwx
RO7/+qVOT+BImqB5fIxB98JOzOlo6uEVqPgXjMHAAZUzzA4KpOkDBn55m5hA9axf
EG67Ft4vZJc6Q3FTtHdSZZ/x6TBAJ2DUzatpKhCTDB3vlWJ6a+CsTFq3dXj4+bFr
hFuyi0u91VeudmWR8IH5Er8QaNaOq8m72XAwK22fZptZz0ZHl+Bf1QZyEY0L0P2Q
DpT/kmZVgSSDusvMtJOwI8Vr4Ibb8o46kFTQN+PCSs0pbPchEJmInHz0mIypK89N
4YIjcDZZu3WUS13pEsgNAi2FEpwZdn32LYxZg8xTYBtovzuvT1pJUEppiVSMXgKS
8vF6oCAd7pX9Fal5fYklA7gyQENnHBFI+LE+bHwMR/qwreH/3wBTLnhRPsGOxyZI
oj57YDdxZCAwEfXGoWA3Le+60lj6bGuRfmCc4VkodaOxMLb1WrE=
=rUtE
-----END PGP SIGNATURE-----
Merge 5.4.19 into android-5.4
Changes in 5.4.19
sparc32: fix struct ipc64_perm type definition
bnxt_en: Move devlink_register before registering netdev
cls_rsvp: fix rsvp_policy
gtp: use __GFP_NOWARN to avoid memalloc warning
l2tp: Allow duplicate session creation with UDP
net: hsr: fix possible NULL deref in hsr_handle_frame()
net_sched: fix an OOB access in cls_tcindex
net: stmmac: Delete txtimer in suspend()
bnxt_en: Fix TC queue mapping.
rxrpc: Fix use-after-free in rxrpc_put_local()
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix missing active use pinning of rxrpc_local object
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
tcp: clear tp->total_retrans in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
ionic: fix rxq comp packet type mask
MAINTAINERS: correct entries for ISDN/mISDN section
netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init()
bnxt_en: Fix logic that disables Bus Master during firmware reset.
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
mfd: dln2: More sanity checking for endpoints
netfilter: ipset: fix suspicious RCU usage in find_set_and_id
ipc/msg.c: consolidate all xxxctl_down() functions
tracing/kprobes: Have uname use __get_str() in print_fmt
tracing: Fix sched switch start/stop refcount racy updates
rcu: Use *_ONCE() to protect lockless ->expmask accesses
rcu: Avoid data-race in rcu_gp_fqs_check_wake()
srcu: Apply *_ONCE() to ->srcu_last_gp_end
rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
nvmet: Fix error print message at nvmet_install_queue function
nvmet: Fix controller use after free
Bluetooth: btusb: fix memory leak on fw
Bluetooth: btusb: Disable runtime suspend on Realtek devices
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
usb: dwc3: gadget: Check END_TRANSFER completion
usb: dwc3: gadget: Delay starting transfer
usb: typec: tcpci: mask event interrupts when remove driver
objtool: Silence build output
usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: f_ecm: Use atomic_t to track in-flight request
ALSA: usb-audio: Fix endianess in descriptor validation
ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk
ALSA: dummy: Fix PCM format loop in proc output
memcg: fix a crash in wb_workfn when a device disappears
mm/sparse.c: reset section's mem_map when fully deactivated
mmc: sdhci-pci: Make function amd_sdhci_reset static
utimes: Clamp the timestamps in notify_change()
mm/memory_hotplug: fix remove_memory() lockdep splat
mm: thp: don't need care deferred split queue in memcg charge move path
mm: move_pages: report the number of non-attempted pages
media/v4l2-core: set pages dirty upon releasing DMA buffers
media: v4l2-core: compat: ignore native command codes
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
irqdomain: Fix a memory leak in irq_domain_push_irq()
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
platform/x86: intel_scu_ipc: Fix interrupt support
ALSA: hda: Apply aligned MMIO access only conditionally
ALSA: hda: Add Clevo W65_67SB the power_save blacklist
ALSA: hda: Add JasperLake PCI ID and codec vid
arm64: acpi: fix DAIF manipulation with pNMI
KVM: arm64: Correct PSTATE on exception entry
KVM: arm/arm64: Correct CPSR on exception entry
KVM: arm/arm64: Correct AArch32 SPSR on exception entry
KVM: arm64: Only sign-extend MMIO up to register width
MIPS: syscalls: fix indentation of the 'SYSNR' message
MIPS: fix indentation of the 'RELOCS' message
MIPS: boot: fix typo in 'vmlinux.lzma.its' target
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
powerpc/ptdump: Fix W+X verification
powerpc/xmon: don't access ASDR in VMs
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
powerpc/32s: Fix bad_kuap_fault()
powerpc/32s: Fix CPU wake-up from sleep mode
tracing: Fix now invalid var_ref_vals assumption in trace action
PCI: tegra: Fix return value check of pm_runtime_get_sync()
PCI: keystone: Fix outbound region mapping
PCI: keystone: Fix link training retries initiation
PCI: keystone: Fix error handling when "num-viewport" DT property is not populated
mmc: spi: Toggle SPI polarity, do not hardcode it
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
ACPI / battery: Deal with design or full capacity being reported as -1
ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
ACPI / battery: Deal better with neither design nor full capacity not being reported
alarmtimer: Unregister wakeup source when module get fails
fscrypt: don't print name of busy file when removing key
ubifs: don't trigger assertion on invalid no-key filename
ubifs: Fix wrong memory allocation
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Fix deadlock in concurrent bulk-read and writepage
mmc: sdhci-of-at91: fix memleak on clk_get failure
ASoC: SOF: core: free trace on errors
hv_balloon: Balloon up according to request page number
mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
nvmem: core: fix memory abort in cleanup path
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
crypto: ccree - fix backlog memory leak
crypto: ccree - fix AEAD decrypt auth fail
crypto: ccree - fix pm wrongful error reporting
crypto: ccree - fix FDE descriptor sequence
crypto: ccree - fix PM race condition
padata: Remove broken queue flushing
fs: allow deduplication of eof block into the end of the destination file
scripts/find-unused-docs: Fix massive false positives
erofs: fix out-of-bound read for shifted uncompressed block
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
scsi: qla2xxx: Fix mtcp dump collection failure
cpupower: Revert library ABI changes from commit
|
||
|
Casey Schaufler
|
59c458d510 |
broken ping to ipv6 linklocal addresses on debian buster
commit 87fbfffcc89b92a4281b0aa53bd06af714087889 upstream.
I am seeing ping failures to IPv6 linklocal addresses with Debian
buster. Easiest example to reproduce is:
$ ping -c1 -w1 ff02::1%eth1
connect: Invalid argument
$ ping -c1 -w1 ff02::1%eth1
PING ff02::01%eth1(ff02::1%eth1) 56 data bytes
64 bytes from fe80::e0:f9ff:fe0c:37%eth1: icmp_seq=1 ttl=64 time=0.059 ms
git bisect traced the failure to
commit
|
||
|
Greg Kroah-Hartman
|
1bb7ab6685 |
This is the 5.4.18 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl47Mi4ACgkQONu9yGCS aT4zURAAiRhPVfht+amxkX2ebcimGIDO7oMICICF4vAOn9zAHHzEuxjtQms0LWRN l91qduujbVHg9/81BzCe0qp5GwYsgJRAIB5sJwuCrtM5u8zSSQXIY58sU1ZUXLha UC7Pnez+f420RO/U4Xh3BnEM6GOj97VrLw3gePdmI+e4imwP+czloYR/sVLhHES3 vHr7OFhYx8GF303RomFo4kuG9dz11ZUuPdrcHWxDRBHIf3bNCITGpjOV9ICZPL9+ UqmrFZKyqXcT29pgwtUMIxobnkgQm9KekS8iYGS7pblu5BXTuvU6TvfKwpOMOdF3 FIDV9km6LRFyydCLowuiA5gVuNQwfcXCIfPZfhX0ua0vC8e7q/DKItf7QBaChYyp tD4mjXGkOvIrZad94kSw3qVWr1bv9I4D5w+BmDoi5/zchjAcphUeij+QXEhmkD9k PB+zu3NbeY0J69QaVgCbPPHAmimIwsCKlA9FAJNMeuDwBIk7LXF7J0Y0ehlxwdTy h9/miG0UXYkeo5BhhdvvlZ9jdCVHI/fux+McObsasBL2xArmAA059GRgDag2qEo9 X+rtszl8x1JIcPZ3lfm5aSsZ/8nQhtpfsl+mZKSM/x+Kl+SoryvgYtDJHg9Rf5Cp WPx5mD82fS9g1RaQmIWa7iZj4iNvLDf4I+ppe2JbEGUq5IYzZGY= =cfYj -----END PGP SIGNATURE----- Merge 5.4.18 into android-5.4 Changes in 5.4.18 vfs: fix do_last() regression cifs: fix soft mounts hanging in the reconnect code x86/resctrl: Fix a deadlock due to inaccurate reference x86/resctrl: Fix use-after-free when deleting resource groups x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup e1000e: Drop unnecessary __E1000_DOWN bit twiddling e1000e: Revert "e1000e: Make watchdog use delayed work" gfs2: Another gfs2_find_jhead fix perf c2c: Fix return type for histogram sorting comparision functions PM / devfreq: Add new name attribute for sysfs tools lib: Fix builds when glibc contains strlcpy() arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean' mm/mempolicy.c: fix out of bounds write in mpol_parse_str() reiserfs: Fix memory leak of journal device string media: digitv: don't continue if remote control state can't be read media: af9005: uninitialized variable printked media: vp7045: do not read uninitialized values if usb transfer fails media: gspca: zero usb_buf media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 tomoyo: Use atomic_t for statistics counter ttyprintk: fix a potential deadlock in interrupt context issue Bluetooth: Fix race condition in hci_release_sock() cgroup: Prevent double killing of css when enabling threaded cgroup clk: sunxi-ng: v3s: Fix incorrect number of hw_clks. arm64: dts: meson-sm1-sei610: add gpio bluetooth interrupt ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity ARM: dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes ARM: dts: beagle-x15-common: Model 5V0 regulator soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot tools lib traceevent: Fix memory leakage in filter_event rseq: Unregister rseq for clone CLONE_VM clk: sunxi-ng: sun8i-r: Fix divider on APB0 clock clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order mac80211: mesh: restrict airtime metric to peered established plinks clk: mmp2: Fix the order of timer mux parents ASoC: rt5640: Fix NULL dereference on module unload s390/zcrypt: move ap device reset from bus to driver code i40e: Fix virtchnl_queue_select bitmap validation ixgbevf: Remove limit of 10 entries for unicast filter list ixgbe: Fix calculation of queue with VFs and flow director on interface flap igb: Fix SGMII SFP module discovery for 100FX/LX. iavf: remove current MAC address filter on VF reset platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits platform/x86: intel_pmc_core: update Comet Lake platform driver ASoC: SOF: Intel: fix HDA codec driver probe with multiple controllers ASoC: hdac_hda: Fix error in driver removal after failed probe ASoC: sti: fix possible sleep-in-atomic qmi_wwan: Add support for Quectel RM500Q parisc: Use proper printk format for resource_size_t lkdtm/bugs: fix build error in lkdtm_UNSET_SMEP wireless: fix enabling channel 12 for custom regulatory domain cfg80211: Fix radar event during another phy CAC mac80211: Fix TKIP replay protection immediately after key setup wireless: wext: avoid gcc -O3 warning perf/x86/intel/uncore: Add PCI ID of IMC for Xeon E3 V5 Family perf/x86/intel/uncore: Remove PCIe3 unit for SNR riscv: delete temporary files XArray: Fix xas_pause at ULONG_MAX iwlwifi: pcie: allocate smaller dev_cmd for TX headers iwlwifi: Don't ignore the cap field upon mcc update iwlwifi: dbg: force stop the debug monitor HW Input: evdev - convert kzalloc()/vzalloc() to kvzalloc() ARM: dts: am335x-boneblack-common: fix memory size vti[6]: fix packet tx through bpf_redirect() xfrm interface: fix packet tx through bpf_redirect() xfrm: interface: do not confirm neighbor when do pmtu update Input: max77650-onkey - add of_match table scsi: fnic: do not queue commands during fwreset ARM: 8955/1: virt: Relax arch timer version check during early boot led: max77650: add of_match table tee: optee: Fix compilation issue with nommu r8152: get default setting of WOL before initializing r8152: disable U2P3 for RTL8153B r8152: Disable PLA MCU clock speed down r8152: disable test IO for RTL8153B r8152: avoid the MCU to clear the lanwake r8152: disable DelayPhyPwrChg ARM: dts: am43x-epos-evm: set data pin directions for spi0 and spi1 qlcnic: Fix CPU soft lockup while collecting firmware dump powerpc/fsl/dts: add fsl,erratum-a011043 net/fsl: treat fsl,erratum-a011043 net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G seq_tab_next() should increase position index l2t_seq_next should increase position index netfilter: conntrack: sctp: use distinct states for new SCTP connections netfilter: nf_tables_offload: fix check the chain offload flag net: Fix skb->csum update in inet_proto_csum_replace16(). btrfs: do not zero f_bavail if we have available space cpuidle: teo: Avoid using "early hits" incorrectly flow_dissector: Fix to use new variables for port ranges in bpf hook dm thin: fix use-after-free in metadata_pre_commit_callback perf report: Fix no libunwind compiled warning break s390 issue mm/migrate.c: also overwrite error when it is bigger than zero ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj initialization order Revert "rsi: fix potential null dereference in rsi_probe()" tracing/uprobe: Fix to make trace_uprobe_filter alignment safe Linux 5.4.18 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2dcf0611b3c562c6e934f952844a90be6ace99ed |
||
Tetsuo Handa
|
99652ee9c5 |
tomoyo: Use atomic_t for statistics counter
commit a8772fad0172aeae339144598b809fd8d4823331 upstream. syzbot is reporting that there is a race at tomoyo_stat_update() [1]. Although it is acceptable to fail to track exact number of times policy was updated, convert to atomic_t because this is not a hot path. [1] https://syzkaller.appspot.com/bug?id=a4d7b973972eeed410596e6604580e0133b0fc04 Reported-by: syzbot <syzbot+efea72d4a0a1d03596cd@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Hridya Valsaraju
|
8b13219f2d |
FROMLIST: selinux: Fix typo in filesystem name
Correct the filesystem name to "binder" to enable
genfscon per-file labelling for binderfs.
Fixes: 7a4b5194747 ("selinux: allow per-file labelling for binderfs")
Signed-off-by: Hridya Valsaraju <hridya@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Bug: 136497735
Change-Id: I6139ede4eb6e85f5399f826834b062bbf33d28cf
Link: https://lore.kernel.org/patchwork/patch/1188587/
|
||
|
Hridya Valsaraju
|
31aa7f2be2 |
FROMLIST: security: selinux: allow per-file labelling for binderfs
This patch allows genfscon per-file labeling for binderfs. This is required to have separate permissions to allow access to binder, hwbinder and vndbinder devices which are relocating to binderfs. Acked-by: Jeff Vander Stoep <jeffv@google.com> Acked-by: Mark Salyzyn <salyzyn@android.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Hridya Valsaraju <hridya@google.com> Bug: 136497735 (cherry picked from commit 7a4b51947475a7f67e2bd06c4a4c768e2e64a975 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git master) Link: https://lore.kernel.org/patchwork/patch/1175776/ Change-Id: I105cc54b30ddd4120dc23a363bddc2f9d00e4dc4 |
||
|
Jeff Vander Stoep
|
020b443d55 |
Revert "ANDROID: security,perf: Allow further restriction of perf_event_open"
Unfork Android.
This reverts commit
|
||
|
Jeff Vander Stoep
|
dc34c9f193 |
ANDROID: selinux: modify RTM_GETLINK permission
Map the permission gating RTM_GETLINK messages to a new permission so that it can be distinguished from the other netlink route permissions in selinux policy. This is a temporary Android-only patch that will be deprecated in newer kernels once the long-term solution lands as discusssed on the mailing list [1]. The maintainer's recommended solution is more general, much more complex, and likely not suitable for backporting. This patch provides the minimal change needed for Android including the userspace settable trigger which ensures that the permission change is only applied to the newest version of Android which contains the changes needed for userpace compatibility. [1]: https://lore.kernel.org/selinux/20200116142653.61738-1-jeffv@google.com/ Bug: 141455849 Bug: 148218425 Test: CtsSelinuxTargetSdkCurrentTestCases Test: atest bionic-unit-tests-static Test: atest NetworkInterfaceTest Test: Connect to Wi-Fi network Test: Set up hotspot Test: Cast from device Test: Pair Bluetooth device Test: Call getifaddrs() directly from within an app. Test: Call NetworkInterface#getNetworkInterfaces() from within an app. Change-Id: I7b44ce60ad98f858c412722d41b9842f8577151f Signed-off-by: Jeff Vander Stoep <jeffv@google.com> |
||
|
Greg Kroah-Hartman
|
b0b02162a4 |
This is the 5.4.13 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4iAaQACgkQONu9yGCS aT5vIg/+Lj4wdF3UuUWonHdWBhnfG2FKCWFTYJKPpFXFRMltAa27XKns/CvR8CBW 9ztOH928CR8K9BS7HbfGtsgOEOVzILb4+akco5UhrTH93dc2T6RwSDiMpaULgeIF x/n834yNlsHs1NSmjjuimBe1j4NcZwPnnNVGKmFojkv04QPsFjP6HCp7PR2/PMXP CVO5JBXqMYtMRprY0xkpAGCStqVZPF6uwfTPrKRgaOCTpkKsqBEFJbwqOoqGQWou fQPOmEFjw+e9rIKzJgou6k4YGrWITcpNnUMdxavCszcQFTeUnY1vpLTiVxyZC1E3 R+7ulfe+/zoQvWIer9H85ySLuOjSmmXb5CM9Fc0WLSsvKmTKfUNe/g5Cce+rngPY x/+tIBvXgFSoGR4oO5dEHhXn9Hzqr0OHbZy1dLKY1RU4NzxLsAtR2DH4ps25I4ux Ty2P0kYwm5Sz43MspnFAPTaU5kC3qHVNMjanbb5I7xGF2m0HZmh0zRHBC50DqP4Y nmLUklpX4EGVAYGb94YZMa3ugksSvie2SLgk838UQG+lGqaQoxAyAeRmDdyR1zE7 GHlkNxWj8cbkBsPDSYt6Wvrt+7+e8Bbk5Y/fM5+j02h6ehs9wqOaQ985CfvrrYix RyGc7pWt1FPL7Kqv/CtbDieglS/P0BMPPGYX2rfidk6i+0knWaE= =53PP -----END PGP SIGNATURE----- Merge 5.4.13 into android-5.4 Changes in 5.4.13 HID: hidraw, uhid: Always report EPOLLOUT rtc: mt6397: fix alarm register overwrite phy: mapphone-mdm6600: Fix uninitialized status value regression RDMA/bnxt_re: Avoid freeing MR resources if dereg fails RDMA/bnxt_re: Fix Send Work Entry state check while polling completions IB/hfi1: Don't cancel unused work item mtd: rawnand: stm32_fmc2: avoid to lock the CPU bus i2c: bcm2835: Store pointer to bus clock ASoC: SOF: imx8: fix memory allocation failure check on priv->pd_dev ASoC: soc-core: Set dpcm_playback / dpcm_capture ASoC: stm32: spdifrx: fix inconsistent lock state ASoC: stm32: spdifrx: fix race condition in irq handler ASoC: stm32: spdifrx: fix input pin state management pinctrl: lochnagar: select GPIOLIB netfilter: nft_flow_offload: fix underflow in flowtable reference counter ASoC: SOF: imx8: Fix dsp_box offset mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy gpio: zynq: Fix for bug in zynq_gpio_restore_context API pinctrl: meson: Fix wrong shift value when get drive-strength selftests: loopback.sh: skip this test if the driver does not support iommu/vt-d: Unlink device if failed to add to group iommu: Remove device link to group on failure bpf: cgroup: prevent out-of-order release of cgroup bpf fs: move guard_bio_eod() after bio_set_op_attrs scsi: mpt3sas: Fix double free in attach error handling gpio: Fix error message on out-of-range GPIO in lookup table PM / devfreq: tegra: Add COMMON_CLK dependency PCI: amlogic: Fix probed clock names drm/tegra: Fix ordering of cleanup code hsr: add hsr root debugfs directory hsr: rename debugfs file when interface name is changed hsr: reset network header when supervision frame is created s390/qeth: fix qdio teardown after early init error s390/qeth: fix false reporting of VNIC CHAR config failure s390/qeth: Fix vnicc_is_in_use if rx_bcast not set s390/qeth: vnicc Fix init to default s390/qeth: fix initialization on old HW cifs: Adjust indentation in smb2_open_file scsi: smartpqi: Update attribute name to `driver_version` MAINTAINERS: Append missed file to the database ath9k: use iowrite32 over __raw_writel can: j1939: fix address claim code example dt-bindings: reset: Fix brcmstb-reset example reset: brcmstb: Remove resource checks afs: Fix missing cell comparison in afs_test_super() perf vendor events s390: Remove name from L1D_RO_EXCL_WRITES description syscalls/x86: Wire up COMPAT_SYSCALL_DEFINE0 syscalls/x86: Use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn syscalls/x86: Use the correct function type for sys_ni_syscall syscalls/x86: Fix function types in COND_SYSCALL hsr: fix slab-out-of-bounds Read in hsr_debugfs_rename() btrfs: simplify inode locking for RWF_NOWAIT netfilter: nf_tables_offload: release flow_rule on error from commit path netfilter: nft_meta: use 64-bit time arithmetic ASoC: dt-bindings: mt8183: add missing update ASoC: simple_card_utils.h: Add missing include ASoC: fsl_esai: Add spin lock to protect reset, stop and start ASoC: SOF: Intel: Broadwell: clarify mutual exclusion with legacy driver ASoC: core: Fix compile warning with CONFIG_DEBUG_FS=n ASoC: rsnd: fix DALIGN register for SSIU RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size() RDMA/hns: remove a redundant le16_to_cpu RDMA/hns: Modify return value of restrack functions RDMA/counter: Prevent QP counter manual binding in auto mode RDMA/siw: Fix port number endianness in a debug message RDMA/hns: Fix build error again RDMA/hns: Release qp resources when failed to destroy qp xprtrdma: Add unique trace points for posting Local Invalidate WRs xprtrdma: Connection becomes unstable after a reconnect xprtrdma: Fix MR list handling xprtrdma: Close window between waking RPC senders and posting Receives RDMA/hns: Fix to support 64K page for srq RDMA/hns: Bugfix for qpc/cqc timer configuration rdma: Remove nes ABI header RDMA/mlx5: Return proper error value RDMA/srpt: Report the SCSI residual to the initiator uaccess: Add non-pagefault user-space write function bpf: Make use of probe_user_write in probe write helper bpf: skmsg, fix potential psock NULL pointer dereference bpf: Support pre-2.25-binutils objcopy for vmlinux BTF libbpf: Fix Makefile' libbpf symbol mismatch diagnostic afs: Fix use-after-loss-of-ref afs: Fix afs_lookup() to not clobber the version on a new dentry keys: Fix request_key() cache scsi: enclosure: Fix stale device oops with hot replug scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI platform/mellanox: fix potential deadlock in the tmfifo driver platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 platform/x86: GPD pocket fan: Use default values when wrong modparams are given asm-generic/nds32: don't redefine cacheflush primitives Documentation/ABI: Fix documentation inconsistency for mlxreg-io sysfs interfaces Documentation/ABI: Add missed attribute for mlxreg-io sysfs interfaces xprtrdma: Fix create_qp crash on device unload xprtrdma: Fix completion wait during device removal xprtrdma: Fix oops in Receive handler after device removal dm: add dm-clone to the documentation index scsi: ufs: Give an unique ID to each ufs-bsg crypto: cavium/nitrox - fix firmware assignment to AE cores crypto: hisilicon - select NEED_SG_DMA_LENGTH in qm Kconfig crypto: arm64/aes-neonbs - add return value of skcipher_walk_done() in __xts_crypt() crypto: virtio - implement missing support for output IVs crypto: algif_skcipher - Use chunksize instead of blocksize crypto: geode-aes - convert to skcipher API and make thread-safe NFSv2: Fix a typo in encode_sattr() nfsd: Fix cld_net->cn_tfm initialization nfsd: v4 support requires CRYPTO_SHA256 NFSv4.x: Handle bad/dead sessions correctly in nfs41_sequence_process() NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn iio: imu: st_lsm6dsx: fix gyro gain definitions for LSM9DS1 iio: imu: adis16480: assign bias value only if operation succeeded mei: fix modalias documentation clk: meson: axg-audio: fix regmap last register clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume clk: Fix memory leak in clk_unregister() dmaengine: dw: platform: Mark 'hclk' clock optional clk: imx: pll14xx: Fix quick switch of S/K parameter rsi: fix potential null dereference in rsi_probe() affs: fix a memory leak in affs_remount pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call pinctrl: sh-pfc: Fix PINMUX_IPSR_PHYS() to set GPSR pinctrl: sh-pfc: Do not use platform_get_irq() to count interrupts pinctrl: lewisburg: Update pin list according to v1.1v6 PCI: pciehp: Do not disable interrupt twice on suspend Revert "drm/virtio: switch virtio_gpu_wait_ioctl() to gem helper." drm/amdgpu: cleanup creating BOs at fixed location (v2) drm/amdgpu/discovery: reserve discovery data at the top of VRAM scsi: sd: enable compat ioctls for sed-opal arm64: dts: apq8096-db820c: Increase load on l21 for SDCARD gfs2: add compat_ioctl support af_unix: add compat_ioctl support compat_ioctl: handle SIOCOUTQNSD PCI: aardvark: Use LTSSM state to build link training flag PCI: aardvark: Fix PCI_EXP_RTCTL register configuration PCI: dwc: Fix find_next_bit() usage PCI: Fix missing bridge dma_ranges resource list cleanup PCI/PM: Clear PCIe PME Status even for legacy power management tools: PCI: Fix fd leakage PCI/PTM: Remove spurious "d" from granularity message powerpc/powernv: Disable native PCIe port management MIPS: PCI: remember nasid changed by set interrupt affinity MIPS: Loongson: Fix return value of loongson_hwmon_init MIPS: SGI-IP27: Fix crash, when CPUs are disabled via nr_cpus parameter tty: serial: imx: use the sg count from dma_map_sg tty: serial: pch_uart: correct usage of dma_unmap_sg ARM: 8943/1: Fix topology setup in case of CPU hotplug for CONFIG_SCHED_MC media: ov6650: Fix incorrect use of JPEG colorspace media: ov6650: Fix some format attributes not under control media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support media: ov6650: Fix default format not applied on device probe media: rcar-vin: Fix incorrect return statement in rvin_try_format() media: hantro: h264: Fix the frame_num wraparound case media: v4l: cadence: Fix how unsued lanes are handled in 'csi2rx_start()' media: exynos4-is: Fix recursive locking in isp_video_release() media: coda: fix deadlock between decoder picture run and start command media: cedrus: Use correct H264 8x8 scaling list media: hantro: Do not reorder H264 scaling list media: aspeed-video: Fix memory leaks in aspeed_video_probe media: hantro: Set H264 FIELDPIC_FLAG_E flag correctly iommu/mediatek: Correct the flush_iotlb_all callback iommu/mediatek: Add a new tlb_lock for tlb_flush memory: mtk-smi: Add PM suspend and resume ops Revert "ubifs: Fix memory leak bug in alloc_ubifs_info() error path" ubifs: Fixed missed le64_to_cpu() in journal ubifs: do_kill_orphans: Fix a memory leak bug spi: sprd: Fix the incorrect SPI register mtd: spi-nor: fix silent truncation in spi_nor_read() mtd: spi-nor: fix silent truncation in spi_nor_read_raw() spi: pxa2xx: Set controller->max_transfer_size in dma mode spi: atmel: fix handling of cs_change set on non-last xfer spi: rspi: Use platform_get_irq_byname_optional() for optional irqs spi: lpspi: fix memory leak in fsl_lpspi_probe iwlwifi: mvm: consider ieee80211 station max amsdu value rtlwifi: Remove unnecessary NULL check in rtl_regd_init iwlwifi: mvm: fix support for single antenna diversity sch_cake: Add missing NLA policy entry TCA_CAKE_SPLIT_GSO f2fs: fix potential overflow NFSD fixing possible null pointer derefering in copy offload rtc: msm6242: Fix reading of 10-hour digit rtc: brcmstb-waketimer: add missed clk_disable_unprepare rtc: bd70528: Add MODULE ALIAS to autoload module gpio: mpc8xxx: Add platform device to gpiochip->parent scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() scsi: target/iblock: Fix protection error with blocks greater than 512B selftests: firmware: Fix it to do root uid check and skip rseq/selftests: Turn off timeout setting riscv: export flush_icache_all to modules mips: cacheinfo: report shared CPU map mips: Fix gettimeofday() in the vdso library tomoyo: Suppress RCU warning at list_for_each_entry_rcu(). MIPS: Prevent link failure with kcov instrumentation drm/arm/mali: make malidp_mw_connector_helper_funcs static rxrpc: Unlock new call in rxrpc_new_incoming_call() rather than the caller rxrpc: Don't take call->user_mutex in rxrpc_new_incoming_call() rxrpc: Fix missing security check on incoming calls dmaengine: k3dma: Avoid null pointer traversal s390/qeth: lock the card while changing its hsuid ioat: ioat_alloc_ring() failure handling. drm/amdgpu: enable gfxoff for raven1 refresh media: intel-ipu3: Align struct ipu3_uapi_awb_fr_config_s to 32 bytes kbuild/deb-pkg: annotate libelf-dev dependency as :native hexagon: parenthesize registers in asm predicates hexagon: work around compiler crash ocfs2: call journal flush to mark journal as empty after journal recovery when mount Linux 5.4.13 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I90734cd9d80f000e05a8109a529916ae641cdede |
||
|
Tetsuo Handa
|
1b32e6ea73 |
tomoyo: Suppress RCU warning at list_for_each_entry_rcu().
[ Upstream commit 6bd5ce6089b561f5392460bfb654dea89356ab1b ] John Garry has reported that allmodconfig kernel on arm64 causes flood of "RCU-list traversed in non-reader section!!" warning. I don't know what change caused this warning, but this warning is safe because TOMOYO uses SRCU lock instead. Let's suppress this warning by explicitly telling that the caller is holding SRCU lock. Reported-and-tested-by: John Garry <john.garry@huawei.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Vinayak Menon
|
44103384ae |
selinux: stop flooding the log buffer
The avc allocations are marked with GFP_NOWAIT and thus considered to be non-fatal allocations. This also makes these allocations easy to fail thus filling the log buffer with page allocation failure messages. There are no known cases of these messages being of any importance for debugging. Disable them. Change-Id: I3517a134ad0e8deb307f0d140f4b16cb303a9f7f Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Joel Fernandes (Google)
|
ad70668a3d |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org Bug: 137092007 (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: resolved merge conflicts with perf_event_paranoid=3 code ] Signed-off-by: Ryan Savitski <rsavitski@google.com> [ Ryan Savitski: Folded in upstream ae79d5588a04 (perf/core: Fix !CONFIG_PERF_EVENTS build warnings and failures). This should fix the build errors from the previous backport attempt, where certain configurations would end up with functions referring to the perf_event struct prior to its declaration (and therefore declaring it with a different scope). ] Signed-off-by: Ryan Savitski <rsavitski@google.com> Change-Id: I50769ede23fbfd8996657c6dae99cab98a3042bc |
||
|
Greg Kroah-Hartman
|
813bf83282 |
This is the 5.4.9 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4W8EgACgkQONu9yGCS aT4szA//fqXI1OQ3xcCt5s9MYZYYa6IpX/VZ0H7lNC/7pkJzccKo+aSer7ppEn4o ND8sHNx/lhfZorhvLdqJK4PLThC+fXmXnLvFOzqvZeUVyesnv9zlhd/5JNu18Fvc RNjcIRIAHFwanZLAw8uft1DIZXcZ8wNkAAugn/WQV3FN/TG+FsrDzWYnmbBhRIQS XC/2jSlFpMTKoExNzEdbduG0XH5plWeE+AdY3a+DQsOBUO2XrAuk5HTEByM1jzPV W7U9vMqvw3OyrERcA0lmjs37Waw1e0qzfUaa8Bman5Uc0StOTq0UwschX21SB5yP MvbAKhqaKtSff7b4lNrDP9Kj1O/lH84WPSn/aao9D083m/ZYdkkd4AWMlS480lL5 oJ28tFbgwLayIqDbwCggHluTsNUdQSTwahVbnp4GMqxfjWrApdLPCqloSb+x9JCF 9pWJf3awI53mA864pH/uOM7pDOz5/c/oJ4QzVmOmR48dsddorY+gPcwk+YpElJcZ +xCBQDN5JkNC7lwqu2lvaoq/5cMC5lO/v6aeTfsYCRVnlNY12TY8z352zzMZfCKG GRkNvDqWZ5ZmQ+LblWRVbgdGxU42wIYXUS1jUdFd+5DRzz17+ZKUy7YbLNmZMcpY UyiM2Ij7X7HsNGrYDKFq0lZPw6k7v3FshvMwQ8C6dNk+l3o9oCA= =M+hs -----END PGP SIGNATURE----- Merge 5.4.9 into android-5.4 Changes in 5.4.9 drm/mcde: dsi: Fix invalid pointer dereference if panel cannot be found nvme_fc: add module to ops template to allow module references nvme-fc: fix double-free scenarios on hw queues drm/amdgpu: add check before enabling/disabling broadcast mode drm/amdgpu: add header line for power profile on Arcturus drm/amdgpu: add cache flush workaround to gfx8 emit_fence drm/amd/display: Map DSC resources 1-to-1 if numbers of OPPs and DSCs are equal drm/amd/display: Fixed kernel panic when booting with DP-to-HDMI dongle drm/amd/display: Change the delay time before enabling FEC drm/amd/display: Reset steer fifo before unblanking the stream drm/amd/display: update dispclk and dppclk vco frequency nvme/pci: Fix write and poll queue types nvme/pci: Fix read queue count iio: st_accel: Fix unused variable warning iio: adc: max9611: Fix too short conversion time delay PM / devfreq: Fix devfreq_notifier_call returning errno PM / devfreq: Set scaling_max_freq to max on OPP notifier error PM / devfreq: Don't fail devfreq_dev_release if not in list afs: Fix afs_find_server lookups for ipv4 peers afs: Fix SELinux setting security label on /afs RDMA/cma: add missed unregister_pernet_subsys in init failure rxe: correctly calculate iCRC for unaligned payloads scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func scsi: qla2xxx: Use explicit LOGO in target mode scsi: qla2xxx: Drop superfluous INIT_WORK of del_work scsi: qla2xxx: Don't call qlt_async_event twice scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length scsi: qla2xxx: Configure local loop for N2N target scsi: qla2xxx: Send Notify ACK after N2N PLOGI scsi: qla2xxx: Don't defer relogin unconditonally scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI scsi: iscsi: qla4xxx: fix double free in probe scsi: libsas: stop discovering if oob mode is disconnected scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func staging/wlan-ng: add CRC32 dependency in Kconfig drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit drm/nouveau: Fix drm-core using atomic code-paths on pre-nv50 hardware drm/nouveau/kms/nv50-: fix panel scaling usb: gadget: fix wrong endpoint desc net: make socket read/write_iter() honor IOCB_NOWAIT afs: Fix mountpoint parsing afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP raid5: need to set STRIPE_HANDLE for batch head md: raid1: check rdev before reference in raid1_sync_request func s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits s390/cpum_sf: Avoid SBD overflow condition in irq handler RDMA/counter: Prevent auto-binding a QP which are not tracked with res IB/mlx4: Follow mirror sequence of device add during device removal IB/mlx5: Fix steering rule of drop and count xen-blkback: prevent premature module unload xen/balloon: fix ballooned page accounting without hotplug enabled PM / hibernate: memory_bm_find_bit(): Tighten node optimisation ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC PCI: Add a helper to check Power Resource Requirements _PR3 existence ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver PCI: Fix missing inline for pci_pr3_present() ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen tcp: fix data-race in tcp_recvmsg() shmem: pin the file in shmem_fault() if mmap_sem is dropped taskstats: fix data-race ALSA: hda - Downgrade error message for single-cmd fallback netfilter: nft_tproxy: Fix port selector on Big Endian block: add bio_truncate to fix guard_bio_eod mm: drop mmap_sem before calling balance_dirty_pages() in write fault ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code ALSA: usb-audio: fix set_format altsetting sanity check ALSA: usb-audio: set the interface format after resume on Dell WD19 ALSA: hda - Apply sync-write workaround to old Intel platforms, too ALSA: hda/realtek - Add headset Mic no shutup for ALC283 drm/sun4i: hdmi: Remove duplicate cleanup calls drm/amdgpu/smu: add metrics table lock drm/amdgpu/smu: add metrics table lock for arcturus (v2) drm/amdgpu/smu: add metrics table lock for navi (v2) drm/amdgpu/smu: add metrics table lock for vega20 (v2) MIPS: BPF: Disable MIPS32 eBPF JIT MIPS: BPF: eBPF JIT: check for MIPS ISA compliance in Kconfig MIPS: Avoid VDSO ABI breakage due to global register variable media: pulse8-cec: fix lost cec_transmit_attempt_done() call media: cec: CEC 2.0-only bcast messages were ignored media: cec: avoid decrementing transmit_queue_sz if it is 0 media: cec: check 'transmit_in_progress', not 'transmitting' mm/memory_hotplug: shrink zones when offlining memory mm/zsmalloc.c: fix the migrated zspage statistics. memcg: account security cred as well to kmemcg mm: move_pages: return valid node id in status if the page is already on the target node mm/oom: fix pgtables units mismatch in Killed process message ocfs2: fix the crash due to call ocfs2_get_dlm_debug once less pstore/ram: Write new dumps to start of recycled zones pstore/ram: Fix error-path memory leak in persistent_ram_new() callers gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again locks: print unsigned ino in /proc/locks selftests/seccomp: Zero out seccomp_notif seccomp: Check that seccomp_notif is zeroed out by the user samples/seccomp: Zero out members based on seccomp_notif_sizes selftests/seccomp: Catch garbage on SECCOMP_IOCTL_NOTIF_RECV dmaengine: Fix access to uninitialized dma_slave_caps dmaengine: dma-jz4780: Also break descriptor chains on JZ4725B Btrfs: fix infinite loop during nocow writeback due to race compat_ioctl: block: handle Persistent Reservations compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES bpf: Fix precision tracking for unbounded scalars ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() ata: ahci_brcm: Fix AHCI resources management ata: ahci_brcm: Add missing clock management during recovery ata: ahci_brcm: BCM7425 AHCI requires AHCI_HFLAG_DELAY_ENGINE libata: Fix retrieving of active qcs gpio: xtensa: fix driver build gpiolib: fix up emulated open drain outputs clocksource: riscv: add notrace to riscv_sched_clock riscv: ftrace: correct the condition logic in function graph tracer rseq/selftests: Fix: Namespace gettid() for compatibility with glibc 2.30 tracing: Fix lock inversion in trace_event_enable_tgid_record() tracing: Avoid memory leak in process_system_preds() tracing: Have the histogram compare functions convert to u64 first tracing: Fix endianness bug in histogram trigger samples/trace_printk: Wait for IRQ work to finish io_uring: use current task creds instead of allocating a new one mm/gup: fix memory leak in __gup_benchmark_ioctl apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock dmaengine: virt-dma: Fix access after free in vchan_complete() gen_initramfs_list.sh: fix 'bad variable name' error ALSA: cs4236: fix error return comparison of an unsigned integer ALSA: pcm: Yet another missing check of non-cached buffer type ALSA: firewire-motu: Correct a typo in the clock proc string scsi: lpfc: Fix rpi release when deleting vport exit: panic before exit_mm() on global init exit arm64: Revert support for execute-only user mappings ftrace: Avoid potential division by zero in function profiler spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode drm/msm: include linux/sched/task.h PM / devfreq: Check NULL governor in available_governors_show sunrpc: fix crash when cache_head become valid before update arm64: dts: qcom: msm8998-clamshell: Remove retention idle state nfsd4: fix up replay_matches_cache() powerpc: Chunk calls to flush_dcache_range in arch_*_memory HID: i2c-hid: Reset ALPS touchpads on resume net/sched: annotate lockless accesses to qdisc->empty kernel/module.c: wakeup processes in module_wq on module unload ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 perf callchain: Fix segfault in thread__resolve_callchain_sample() iommu/vt-d: Remove incorrect PSI capability check of: overlay: add_changeset_property() memory leak cifs: Fix potential softlockups while refreshing DFS cache firmware: arm_scmi: Avoid double free in error flow xfs: don't check for AG deadlock for realtime files in bunmapi platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table netfilter: nf_queue: enqueue skbs with NULL dst net, sysctl: Fix compiler warning when only cBPF is present watchdog: tqmx86_wdt: Fix build error regulator: axp20x: Fix axp20x_set_ramp_delay regulator: bd70528: Remove .set_ramp_delay for bd70528_ldo_ops spi: uniphier: Fix FIFO threshold regulator: axp20x: Fix AXP22x ELDO2 regulator enable bitmask powerpc/mm: Mark get_slice_psize() & slice_addr_is_low() as notrace Bluetooth: btusb: fix PM leak in error case of setup Bluetooth: delete a stray unlock Bluetooth: Fix memory leak in hci_connect_le_scan arm64: dts: meson-gxl-s905x-khadas-vim: fix uart_A bluetooth node arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node media: flexcop-usb: ensure -EIO is returned on error condition regulator: ab8500: Remove AB8505 USB regulator media: usb: fix memory leak in af9005_identify_state dt-bindings: clock: renesas: rcar-usb2-clock-sel: Fix typo in example arm64: dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq tty: serial: msm_serial: Fix lockup for sysrq and oops cifs: Fix lookup of root ses in DFS referral cache fs: cifs: Fix atime update check vs mtime fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP ath9k_htc: Modify byte order for an error message ath9k_htc: Discard undersized packets drm/i915/execlists: Fix annotation for decoupling virtual request xfs: periodically yield scrub threads to the scheduler net: add annotations on hh->hh_len lockless accesses ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps btrfs: get rid of unique workqueue helper functions Btrfs: only associate the locked page with one async_chunk struct s390/smp: fix physical to logical CPU map for SMT mm/sparse.c: mark populate_section_memmap as __meminit xen/blkback: Avoid unmapping unmapped grant pages lib/ubsan: don't serialize UBSAN report efi: Don't attempt to map RCI2 config table if it doesn't exist perf/x86/intel/bts: Fix the use of page_private() net: annotate lockless accesses to sk->sk_pacing_shift hsr: avoid debugfs warning message when module is remove hsr: fix error handling routine in hsr_dev_finalize() hsr: fix a race condition in node list insertion and deletion mm/hugetlb: defer freeing of huge pages if in non-task context Linux 5.4.9 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8eebcdac421faf74f70af8e8666abfdcdc45c86b |
||
|
Greg Kroah-Hartman
|
49a04248ba |
Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks"
This reverts commit
|
||
|
John Johansen
|
e0d2bf5a01 |
apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock
commit 8c62ed27a12c00e3db1c9f04bc0f272bdbb06734 upstream.
aa_xattrs_match() is unfortunately calling vfs_getxattr_alloc() from a
context protected by an rcu_read_lock. This can not be done as
vfs_getxattr_alloc() may sleep regardles of the gfp_t value being
passed to it.
Fix this by breaking the rcu_read_lock on the policy search when the
xattr match feature is requested and restarting the search if a policy
changes occur.
Fixes:
|
||
|
Joel Fernandes (Google)
|
3605586e90 |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org Bug: 137092007 Change-Id: I5df32b668e2dd5f2dd3ab472dfc74f533bc4d8db (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: resolved merge conflicts with perf_event_paranoid=3 code ] Signed-off-by: Ryan Savitski <rsavitski@google.com> |
||
|
Jeff Vander Stoep
|
20810a2469 |
UPSTREAM: selinux: sidtab reverse lookup hash table
This replaces the reverse table lookup and reverse cache with a
hashtable which improves cache-miss reverse-lookup times from
O(n) to O(1)* and maintains the same performance as a reverse
cache hit.
This reduces the time needed to add a new sidtab entry from ~500us
to 5us on a Pixel 3 when there are ~10,000 sidtab entries.
The implementation uses the kernel's generic hashtable API,
It uses the context's string represtation as the hash source,
and the kernels generic string hashing algorithm full_name_hash()
to reduce the string to a 32 bit value.
This change also maintains the improvement introduced in
commit
|
||
|
Greg Kroah-Hartman
|
de197c5a4f |
This is the 5.4.8 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4Q1ycACgkQONu9yGCS
aT5YRg//SPO6yX/WxWjac/ZHnKrarTqnIF1jxK++pLYZLpBeSHs/n5BhguJoL37s
KVhCEdilnp1Fb49nuM65RJKqgvGyKxn9p380vNTkU6VUf/6O2lFN28nWVqWaSJqj
kjb+7Jkn0iJ4LTHwGPeFSqvxG66SsjOJfFsR6bqXaGGFZgSwC4yVTqYhkuCV6TGP
hEEcy7IgB9LT3lXHSQelG7cuc2Zs5MJSeLx+Ji+UQYyRIZwsMHJ1M8BvAI5Zd1J4
WrdJIVpyNAh5b65cXGuDYmSSIiqIFDNY43JbTII5RVEj/SjnJfnxDZ3+joJswJlo
noty2f7cg7GiKH8BhNXvuVopFu3Ycz1/deMIu3S8boWBVFawwECb0akLuB7Ms1n1
QHeXFExZyHxhPnBPfJ2dYwXMIgImvVS/3nPW4CcBsRbBjqUKhQeImoqk41+gfGDb
cZ0F7VUZ7Mq5O4raNYICMWoANqQTrXF9DUuA1e909CufP7BQBpw1X5XjITUBa0Gs
gvFrAU4oyqkX9xUVNb+n5qR6X1OjBTTNhaet6l06fuDNeWf7T0gVoVlKOf4dLCqP
uKy62Ps9QZsTsjgnjbdKuSFwlbu8S/qKrEqCnUS6vRYbrM2bUxkJL3D1xr6JHnGS
aMzPOxdt4JvrppYtBCJQr+/ETQzv2A1l3IeIujldiKzNnsoIUeY=
=mI67
-----END PGP SIGNATURE-----
Merge 5.4.8 into android-5.4
Changes in 5.4.8
Revert "MIPS: futex: Restore \n after sync instructions"
Revert "MIPS: futex: Emit Loongson3 sync workarounds within asm"
scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd()
scsi: lpfc: Fix discovery failures when target device connectivity bounces
scsi: mpt3sas: Fix clear pending bit in ioctl status
scsi: lpfc: Fix locking on mailbox command completion
scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA
gpio: mxc: Only get the second IRQ when there is more than one IRQ
scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq
Input: atmel_mxt_ts - disable IRQ across suspend
f2fs: fix to update time in lazytime mode
powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_{get, set}
tools/power/x86/intel-speed-select: Remove warning for unused result
platform/x86: peaq-wmi: switch to using polled mode of input devices
iommu: rockchip: Free domain on .domain_free
iommu/tegra-smmu: Fix page tables in > 4 GiB memory
dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset
scsi: target: compare full CHAP_A Algorithm strings
scsi: lpfc: Fix hardlockup in lpfc_abort_handler
scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
scsi: csiostor: Don't enable IRQs too early
scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails
powerpc/pseries: Mark accumulate_stolen_time() as notrace
powerpc/pseries: Don't fail hash page table insert for bolted mapping
Input: st1232 - do not reset the chip too early
selftests/powerpc: Fixup clobbers for TM tests
powerpc/tools: Don't quote $objdump in scripts
dma-debug: add a schedule point in debug_dma_dump_mappings()
dma-mapping: Add vmap checks to dma_map_single()
dma-mapping: fix handling of dma-ranges for reserved memory (again)
dmaengine: fsl-qdma: Handle invalid qdma-queue0 IRQ
leds: lm3692x: Handle failure to probe the regulator
leds: an30259a: add a check for devm_regmap_init_i2c
leds: trigger: netdev: fix handling on interface rename
clocksource/drivers/asm9260: Add a check for of_clk_get
clocksource/drivers/timer-of: Use unique device name instead of timer
dtc: Use pkg-config to locate libyaml
selftests/powerpc: Skip tm-signal-sigreturn-nt if TM not available
powerpc/security/book3s64: Report L1TF status in sysfs
powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
ext4: update direct I/O read lock pattern for IOCB_NOWAIT
ext4: iomap that extends beyond EOF should be marked dirty
jbd2: Fix statistics for the number of logged blocks
scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
scsi: lpfc: Fix unexpected error messages during RSCN handling
scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
f2fs: fix to update dir's i_pino during cross_rename
clk: qcom: smd: Add missing pnoc clock
clk: qcom: Allow constant ratio freq tables for rcg
clk: clk-gpio: propagate rate change to parent
irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
irqchip: ingenic: Error out if IRQ domain creation failed
dma-direct: check for overflows on 32 bit DMA addresses
fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
iommu/arm-smmu-v3: Don't display an error when IRQ lines are missing
i2c: stm32f7: fix & reorder remove & probe error handling
iomap: fix return value of iomap_dio_bio_actor on 32bit systems
Input: ili210x - handle errors from input_mt_init_slots()
scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
PCI: rpaphp: Fix up pointer to first drc-info entry
scsi: ufs: fix potential bug which ends in system hang
powerpc/pseries/cmm: Implement release() function for sysfs device
PCI: rpaphp: Don't rely on firmware feature to imply drc-info support
PCI: rpaphp: Annotate and correctly byte swap DRC properties
PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info
powerpc/security: Fix wrong message when RFI Flush is disable
powerpc/eeh: differentiate duplicate detection message
powerpc/book3s/mm: Update Oops message to print the correct translation in use
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
clk: pxa: fix one of the pxa RTC clocks
bcache: at least try to shrink 1 node in bch_mca_scan()
HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse
dt-bindings: Improve validation build error handling
HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
HID: i2c-hid: fix no irq after reset on raydium 3118
ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening
libnvdimm/btt: fix variable 'rc' set but not used
HID: Improve Windows Precision Touchpad detection.
HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device
watchdog: imx7ulp: Fix reboot hang
watchdog: prevent deferral of watchdogd wakeup on RT
watchdog: Fix the race between the release of watchdog_core_data and cdev
powerpc/fixmap: Use __fix_to_virt() instead of fix_to_virt()
scsi: pm80xx: Fix for SATA device discovery
scsi: ufs: Fix error handing during hibern8 enter
scsi: scsi_debug: num_tgts must be >= 0
scsi: NCR5380: Add disconnect_mask module parameter
scsi: target: core: Release SPC-2 reservations when closing a session
scsi: ufs: Fix up auto hibern8 enablement
scsi: iscsi: Don't send data to unbound connection
scsi: target: iscsi: Wait for all commands to finish before freeing a session
f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
habanalabs: skip VA block list update in reset flow
gpio/mpc8xxx: fix qoriq GPIO reading
platform/x86: intel_pmc_core: Fix the SoC naming inconsistency
platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support to intel_pmc_core driver
gpio: mpc8xxx: Don't overwrite default irq_set_type callback
gpio: lynxpoint: Setup correct IRQ handlers
tools/power/x86/intel-speed-select: Ignore missing config level
Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic
apparmor: fix unsigned len comparison with less than zero
drm/amdgpu: Call find_vma under mmap_sem
scripts/kallsyms: fix definitely-lost memory leak
powerpc: Don't add -mabi= flags when building with Clang
cifs: Fix use-after-free bug in cifs_reconnect()
um: virtio: Keep reading on -EAGAIN
io_uring: io_allocate_scq_urings() should return a sane state
of: unittest: fix memory leak in attach_node_and_children
cdrom: respect device capabilities during opening action
cifs: move cifsFileInfo_put logic into a work-queue
perf diff: Use llabs() with 64-bit values
perf script: Fix brstackinsn for AUXTRACE
perf regs: Make perf_reg_name() return "unknown" instead of NULL
s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR
mailbox: imx: Clear the right interrupts at shutdown
libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
s390/unwind: filter out unreliable bogus %r14
s390/cpum_sf: Check for SDBT and SDB consistency
ocfs2: fix passing zero to 'PTR_ERR' warning
mailbox: imx: Fix Tx doorbell shutdown path
s390: disable preemption when switching to nodat stack with CALL_ON_STACK
selftests: vm: add fragment CONFIG_TEST_VMALLOC
mm/hugetlbfs: fix error handling when setting up mounts
kernel: sysctl: make drop_caches write-only
userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK
Revert "powerpc/vcpu: Assume dedicated processors as non-preempt"
sctp: fix err handling of stream initialization
md: make sure desc_nr less than MD_SB_DISKS
Revert "iwlwifi: assign directly to iwl_trans->cfg in QuZ detection"
netfilter: ebtables: compat: reject all padding in matches/watchers
6pack,mkiss: fix possible deadlock
powerpc: Fix __clear_user() with KUAP enabled
net/smc: add fallback check to connect()
netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
inetpeer: fix data-race in inet_putpeer / inet_putpeer
net: add a READ_ONCE() in skb_peek_tail()
net: icmp: fix data-race in cmp_global_allow()
hrtimer: Annotate lockless access to timer->state
tomoyo: Don't use nifty names on sockets.
uaccess: disallow > INT_MAX copy sizes
drm: limit to INT_MAX in create_blob ioctl
xfs: fix mount failure crash on invalid iclog memory access
cxgb4/cxgb4vf: fix flow control display for auto negotiation
net: dsa: bcm_sf2: Fix IP fragment location and behavior
net/mlxfw: Fix out-of-memory error in mfa2 flash burning
net: phy: aquantia: add suspend / resume ops for AQR105
net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device
net/sched: add delete_empty() to filters and use it in cls_flower
net_sched: sch_fq: properly set sk->sk_pacing_status
net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
ptp: fix the race between the release of ptp_clock and cdev
tcp: Fix highest_sack and highest_sack_seq
udp: fix integer overflow while computing available space in sk_rcvbuf
bnxt_en: Fix MSIX request logic for RDMA driver.
bnxt_en: Free context memory in the open path if firmware has been reset.
bnxt_en: Return error if FW returns more data than dump length
bnxt_en: Fix bp->fw_health allocation and free logic.
bnxt_en: Remove unnecessary NULL checks for fw_health
bnxt_en: Fix the logic that creates the health reporters.
bnxt_en: Add missing devlink health reporters for VFs.
mlxsw: spectrum_router: Skip loopback RIFs during MAC validation
mlxsw: spectrum: Use dedicated policer for VRRP packets
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
ip6_gre: do not confirm neighbor when do pmtu update
gtp: do not confirm neighbor when do pmtu update
net/dst: add new function skb_dst_update_pmtu_no_confirm
tunnel: do not confirm neighbor when do pmtu update
vti: do not confirm neighbor when do pmtu update
sit: do not confirm neighbor when do pmtu update
net/dst: do not confirm neighbor for vxlan and geneve pmtu update
net: dsa: sja1105: Reconcile the meaning of TPID and TPID2 for E/T and P/Q/R/S
net: marvell: mvpp2: phylink requires the link interrupt
gtp: fix wrong condition in gtp_genl_dump_pdp()
gtp: avoid zero size hashtable
bonding: fix active-backup transition after link failure
tcp: do not send empty skb from tcp_write_xmit()
tcp/dccp: fix possible race __inet_lookup_established()
hv_netvsc: Fix tx_table init in rndis_set_subchannel()
gtp: fix an use-after-free in ipv4_pdp_find()
gtp: do not allow adding duplicate tid and ms_addr pdp context
bnxt: apply computed clamp value for coalece parameter
ipv6/addrconf: only check invalid header values when NETLINK_F_STRICT_CHK is set
net: phylink: fix interface passed to mac_link_up
net: ena: fix napi handler misbehavior when the napi budget is zero
vhost/vsock: accept only packets with the right dst_cid
mmc: sdhci-of-esdhc: fix up erratum A-008171 workaround
mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround
mm/hugetlbfs: fix for_each_hstate() loop in init_hugetlbfs_fs()
Linux 5.4.8
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9962505e7207f0004499de4666df6862105e990d
|
||
|
Tetsuo Handa
|
9c24cc6a9d |
tomoyo: Don't use nifty names on sockets.
commit 6f7c41374b62fd80bbd8aae3536c43688c54d95e upstream. syzbot is reporting that use of SOCKET_I()->sk from open() can result in use after free problem [1], for socket's inode is still reachable via /proc/pid/fd/n despite destruction of SOCKET_I()->sk already completed. At first I thought that this race condition applies to only open/getattr permission checks. But James Morris has pointed out that there are more permission checks where this race condition applies to. Thus, get rid of tomoyo_get_socket_name() instead of conditionally bypassing permission checks on sockets. As a side effect of this patch, "socket:[family=\$:type=\$:protocol=\$]" in the policy files has to be rewritten to "socket:[\$]". [1] https://syzkaller.appspot.com/bug?id=73d590010454403d55164cca23bd0565b1eb3b74 Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reported-by: syzbot <syzbot+0341f6a4d729d4e0acf1@syzkaller.appspotmail.com> Reported-by: James Morris <jmorris@namei.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Colin Ian King
|
4f13232aa6 |
apparmor: fix unsigned len comparison with less than zero
[ Upstream commit 00e0590dbaec6f1bcaa36a85467d7e3497ced522 ]
The sanity check in macro update_for_len checks to see if len
is less than zero, however, len is a size_t so it can never be
less than zero, so this sanity check is a no-op. Fix this by
making len a ssize_t so the comparison will work and add ulen
that is a size_t copy of len so that the min() macro won't
throw warnings about comparing different types.
Addresses-Coverity: ("Macro compares unsigned to 0")
Fixes:
|
||
Mark Salyzyn
|
3484eba91d |
FROMLIST: Add flags option to get xattr method paired to __vfs_getxattr
Add a flag option to get xattr method that could have a bit flag of XATTR_NOSECURITY passed to it. XATTR_NOSECURITY is generally then set in the __vfs_getxattr path when called by security infrastructure. This handles the case of a union filesystem driver that is being requested by the security layer to report back the xattr data. For the use case where access is to be blocked by the security layer. The path then could be security(dentry) -> __vfs_getxattr(dentry...XATTR_NOSECURITY) -> handler->get(dentry...XATTR_NOSECURITY) -> __vfs_getxattr(lower_dentry...XATTR_NOSECURITY) -> lower_handler->get(lower_dentry...XATTR_NOSECURITY) which would report back through the chain data and success as expected, the logging security layer at the top would have the data to determine the access permissions and report back the target context that was blocked. Without the get handler flag, the path on a union filesystem would be the errant security(dentry) -> __vfs_getxattr(dentry) -> handler->get(dentry) -> vfs_getxattr(lower_dentry) -> nested -> security(lower_dentry, log off) -> lower_handler->get(lower_dentry) which would report back through the chain no data, and -EACCES. For selinux for both cases, this would translate to a correctly determined blocked access. In the first case with this change a correct avc log would be reported, in the second legacy case an incorrect avc log would be reported against an uninitialized u:object_r:unlabeled:s0 context making the logs cosmetically useless for audit2allow. This patch series is inert and is the wide-spread addition of the flags option for xattr functions, and a replacement of __vfs_getxattr with __vfs_getxattr(...XATTR_NOSECURITY). Signed-off-by: Mark Salyzyn <salyzyn@android.com> Reviewed-by: Jan Kara <jack@suse.cz> Acked-by: Jan Kara <jack@suse.cz> Acked-by: Jeff Layton <jlayton@kernel.org> Acked-by: David Sterba <dsterba@suse.com> Acked-by: Darrick J. Wong <darrick.wong@oracle.com> Acked-by: Mike Marshall <hubcap@omnibond.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: linux-kernel@vger.kernel.org Cc: kernel-team@android.com Cc: linux-security-module@vger.kernel.org (cherry picked from (rejected from archive because of too many recipients)) Signed-off-by: Mark Salyzyn <salyzyn@google.com> Bug: 133515582 Bug: 136124883 Bug: 129319403 Change-Id: Iabbb8771939d5f66667a26bb23ddf4c562c349a1 |
||
|
Greg Kroah-Hartman
|
2a71bdee3f |
Linux 5.4-rc6
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2/T6oeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGB7kH/2asrl7RylHPQfsI pkjPPq32MHLq6Zmr8y0N0hyJCm1Dxu8qCIktqrEV5vsbKdv5pb8EMdQRlhJUtR8e TZdYDGHiL0sFb2HYiEvL0qD9BNeI+Kftw/kUffVXRzyMWex/f5S6mW5QNTuv9SQT Zfa+sXreFPCCyd3jhQFRyguogaCXBmTYvO6glmc96Yi4nA1URtIxNXhXumoklElF 8Ka7UqtoJk2nPns+oV9I5xohghgJHHjA3A96WURku1UdO9dRoHiyS05RjnijBxsk ffenk09qbGvnvvgP93Q23CoTO8ndIm12ZL8C9jX49CS21j5SVG0PLPhS08f70vEf h5K/OtE= =nmDP -----END PGP SIGNATURE----- Merge 5.4-rc6 into android-mainline Linux 5.4-rc6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I211f7159a46cf2a3dbb18afe56777cae1c13ac73 |
||
|
Javier Martinez Canillas
|
359efcc2c9 |
efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
The driver exposes EFI runtime services to user-space through an IOCTL interface, calling the EFI services function pointers directly without using the efivar API. Disallow access to the /dev/efi_test character device when the kernel is locked down to prevent arbitrary user-space to call EFI runtime services. Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged users to call the EFI runtime services, instead of just relying on the chardev file mode bits for this. The main user of this driver is the fwts [0] tool that already checks if the effective user ID is 0 and fails otherwise. So this change shouldn't cause any regression to this tool. [0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Matthew Garrett <mjg59@google.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Link: https://lkml.kernel.org/r/20191029173755.27149-7-ardb@kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Greg Kroah-Hartman
|
630839ac24 |
Linux 5.4-rc3
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2jtUYeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGL28H/Akb3JEXNKHCv3MI 89dzKlLgf/W/e0qJirb9/YdcUL462NUFoC0Bg0qLgLFYdhT94Zp5J68C4oZPJfxA /LrTDsHWrbUtTvhxJqMueVT3JTpkF36ZTvTGwLTHzTqexM/o3kuDWjWTTxZlMGbX Uais/ywmmCVCmaX8IJ3GJFGCJse+T1W73VOSo7bm6C+Ruy6Euwasa9kc40uHiPpD 6Xew9j9AJ0xIV96sLzDFOYAXYFQBZnAbFLA+Ho53TiuG78J6MP4Pm9+1VhMyF1uH mgeA5GAfKpqq/QXf32iMU7s7HTdoF5r1UaQJtu+p6BFTGhd7LrDrh4gA/9Wyv7+t 9stS20U= =ima3 -----END PGP SIGNATURE----- Merge 5.4-rc3 into android-mainline Linux 5.4-rc3 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia87ba662738dd58ddb917e32c1fbd812861e7a46 |
||
Linus Torvalds
|
2ef459167a |
selinux/stable-5.4 PR 20191007
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl2bu6kUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXMsxhAAtoljww3Xur0JpD7y+g2yzKGZqn9F ovqH103NOdpXY3vRN5TL0ZfKEWZz/a2Rjyjz/9+Ix5kKFQuaguk9TVenp4LuAWjy yyo8aSArqwJEpPbrgQDRkjvq08zCcsHSQHwyR44L5MEB8w03Hr+GKFbroR7DkB8R qthF5nRoarblEpdc88s3WbPN/Yz32zRwl3EppSRriIBSBUNr6OP5yO6YDvBdwJso CvmQybMK/iGiZrDzm5jAXzUyI79MHkrrB55roNXIdam9Rnyb9Wqjt9SQgzDLTvO1 Z7c4pXqDn1iMSECAqR7EeKLmsEvnp8omDMqbZOsGiWwka93nuNM4NRhswMF6X3pf EbmBAuj0CokWlRoJAxyxrw/Tn+KXWjyOpOMoNQR7dyyewenzPTWw4zLhiSsl4Epo e1+3PDkJeZhlrtqMcQhep/OgfnPp/8FlgZXNkq1wsMK6SawIiwvxH3mpELE4I8Zk 3yzYZvnxIDNLcx6TmDgDcJyp+P/iuFGK707G6ogCoCK9VqyTs+nwdZn3s2o1KRDW 00LdiuXiqOyfdDthfY/q5suKJoWExh+K1dhQ7Llx169yx3uOjlnzTaSTt8dcvhkh Y+Nf5pEk0MVgnldaIRy/Zzr4y81Q7QW6ZwD62NHCIhcSevYczFOP7K6V/mYFmDT1 xlCDPXeHyuR5DrM= =btWt -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinuxfix from Paul Moore: "One patch to ensure we don't copy bad memory up into userspace" * tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix context string corruption in convert_context() |
||
|
Greg Kroah-Hartman
|
8e9e0abf99 |
Linux 5.4-rc2
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2aXEoeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGZKUH/1S+unzPxmXwraBl ORnOSMCaoepaCS2kc4nFim3hpnwzuFLn8NHPSARPPBO7Jy9Shtku0om66rF6R4DD zoe/QSLvtUqiVU6xuPR8ymjeizN+qj+9RT8tDftCs2QCBqZ/jr/kKiiA32aipnrz IBC+I6eKFN0WqBep5NwAkIAok+JiUBMIEuEXjkF2q0Vw9fnmmNRMm6rPDk1dHgQi K6mr8N3Vbsdadn/XBt4DRje2c593cfOnryPUwyIIBGw5W6EECX6k9CeD+CNNxLYb mPNC34wQsqvbAOsP6Y+2lBLZw+0AG5uLytDrwNNO1JKSEYMSG6wH4t7C6w0IlTQt OkYK3S0= =0ny6 -----END PGP SIGNATURE----- Merge 5.4-rc2 into android-mainline Linux 5.4-rc2 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idfe13500feef5c1095d06c419fa121f751daa459 |
||
Masahiro Yamada
|
7a8beb7ad5 |
integrity: remove pointless subdir-$(CONFIG_...)
The ima/ and evm/ sub-directories contain built-in objects, so obj-$(CONFIG_...) is the correct way to descend into them. subdir-$(CONFIG_...) is redundant. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> |
||
|
Masahiro Yamada
|
6b190d3ce0 |
integrity: remove unneeded, broken attempt to add -fshort-wchar
I guess commit |
||
Ondrej Mosnacek
|
2a5243937c |
selinux: fix context string corruption in convert_context()
string_to_context_struct() may garble the context string, so we need to
copy back the contents again from the old context struct to avoid
storing the corrupted context.
Since string_to_context_struct() tokenizes (and therefore truncates) the
context string and we are later potentially copying it with kstrdup(),
this may eventually cause pieces of uninitialized kernel memory to be
disclosed to userspace (when copying to userspace based on the stored
length and not the null character).
How to reproduce on Fedora and similar:
# dnf install -y memcached
# systemctl start memcached
# semodule -d memcached
# load_policy
# load_policy
# systemctl stop memcached
# ausearch -m AVC
type=AVC msg=audit(1570090572.648:313): avc: denied { signal } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon=73797374656D5F75007400000000000070BE6E847296FFFF726F6D000096FFFF76
Cc: stable@vger.kernel.org
Reported-by: Milos Malik <mmalik@redhat.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
cb33d78781 |
Linux 5.4-rc1
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2SPPkeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiG3dcH/2iCaNvD0Ify+Ke/ d0Ncf7KhBejfW1pjGjfpfbAQkdaY/gSLsWPJmQ2HT00SmnTJ4y3zvr/HmEE8mIBA fMzY4TFHMRNNEOrCugoNxzjU5ycgIMq5doontDdHeS7Pfa8mgDLLwH/dzoORA0+b T1ZZT3yDsQ92/jW97LEhTv7UcKqgBdVT5PauU/pe6LHpqmzn8XwdiKaNTM1uY8vw U9rIrYnfxCuLfxyK7xUp6bRUlqluZrY4U+pqEnGOVlFYX1xMjjPIE9sDHJ/z5WvY JSH4/aOqVxRII2oU0+uITsO658tS912iUsa8++F6Z5R1gZSqQD1FqrvW7Z0S58Ay vjXIX3Q= =epsM -----END PGP SIGNATURE----- Merge 5.4-rc1 into android-mainline Linux 5.4-rc1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I15eec52df70f829acf81ff614a1c2a5fb443a4e0 |
||
|
Greg Kroah-Hartman
|
94139142d9 |
Merge 5.4-rc1-prelrease into android-mainline
To make the 5.4-rc1 merge easier, merge at a prerelease point in time before the final release happens. Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: If613d657fd0abf9910c5bf3435a745f01b89765e |
||
|
Linus Torvalds
|
aefcf2f4b5 |
Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull kernel lockdown mode from James Morris:
"This is the latest iteration of the kernel lockdown patchset, from
Matthew Garrett, David Howells and others.
From the original description:
This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel.
When enabled, various pieces of kernel functionality are restricted.
Applications that rely on low-level access to either hardware or the
kernel may cease working as a result - therefore this should not be
enabled without appropriate evaluation beforehand.
The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.
There are two major changes since this was last proposed for mainline:
- Separating lockdown from EFI secure boot. Background discussion is
covered here: https://lwn.net/Articles/751061/
- Implementation as an LSM, with a default stackable lockdown LSM
module. This allows the lockdown feature to be policy-driven,
rather than encoding an implicit policy within the mechanism.
The new locked_down LSM hook is provided to allow LSMs to make a
policy decision around whether kernel functionality that would allow
tampering with or examining the runtime state of the kernel should be
permitted.
The included lockdown LSM provides an implementation with a simple
policy intended for general purpose use. This policy provides a coarse
level of granularity, controllable via the kernel command line:
lockdown={integrity|confidentiality}
Enable the kernel lockdown feature. If set to integrity, kernel features
that allow userland to modify the running kernel are disabled. If set to
confidentiality, kernel features that allow userland to extract
confidential information from the kernel are also disabled.
This may also be controlled via /sys/kernel/security/lockdown and
overriden by kernel configuration.
New or existing LSMs may implement finer-grained controls of the
lockdown features. Refer to the lockdown_reason documentation in
include/linux/security.h for details.
The lockdown feature has had signficant design feedback and review
across many subsystems. This code has been in linux-next for some
weeks, with a few fixes applied along the way.
Stephen Rothwell noted that commit
|
||
|
Linus Torvalds
|
f1f2f614d5 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar: "The major feature in this time is IMA support for measuring and appraising appended file signatures. In addition are a couple of bug fixes and code cleanup to use struct_size(). In addition to the PE/COFF and IMA xattr signatures, the kexec kernel image may be signed with an appended signature, using the same scripts/sign-file tool that is used to sign kernel modules. Similarly, the initramfs may contain an appended signature. This contained a lot of refactoring of the existing appended signature verification code, so that IMA could retain the existing framework of calculating the file hash once, storing it in the IMA measurement list and extending the TPM, verifying the file's integrity based on a file hash or signature (eg. xattrs), and adding an audit record containing the file hash, all based on policy. (The IMA support for appended signatures patch set was posted and reviewed 11 times.) The support for appended signature paves the way for adding other signature verification methods, such as fs-verity, based on a single system-wide policy. The file hash used for verifying the signature and the signature, itself, can be included in the IMA measurement list" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: ima_api: Use struct_size() in kzalloc() ima: use struct_size() in kzalloc() sefltest/ima: support appended signatures (modsig) ima: Fix use after free in ima_read_modsig() MODSIGN: make new include file self contained ima: fix freeing ongoing ahash_request ima: always return negative code for error ima: Store the measurement again when appraising a modsig ima: Define ima-modsig template ima: Collect modsig ima: Implement support for module-style appended signatures ima: Factor xattr_verify() out of ima_appraise_measurement() ima: Add modsig appraise_type option for module-style appended signatures integrity: Select CONFIG_KEYS instead of depending on it PKCS#7: Introduce pkcs7_get_digest() PKCS#7: Refactor verify_pkcs7_signature() MODSIGN: Export module signature definitions ima: initialize the "template" field with the default template |
||
|
Roberto Sassu
|
9f75c82246 |
KEYS: trusted: correctly initialize digests and fix locking issue
Commit |
||
|
Linus Torvalds
|
e94f8ccde4 |
I have four patches for v5.4. Nothing is major. All but one are in
response to mechanically detected potential issues. The remaining patch cleans up kernel-doc notations. -----BEGIN PGP SIGNATURE----- iQJLBAABCAA1FiEEC+9tH1YyUwIQzUIeOKUVfIxDyBEFAl2JI5wXHGNhc2V5QHNj aGF1Zmxlci1jYS5jb20ACgkQOKUVfIxDyBEOJQ/5AXdQTd09LMp9jB54u9Usdm71 +kyJ/KudEja8/pCDDNboiXSfoagRqJ8AbuBAbGLtWLXc3smUcL1mncdfJDJAk88J mbIB+qWMls5fC25udD+B2bF2py+eyVJ7dsnvHZg1mS5KUxYBMWVEqgX9zW0EFgNH xd2/nB314GhULrfqagxxCd/HpbZ3GV1sM+BkfRPx2zm3gJ8xAuXm1xMMgchP9WqH MFJDqk8r1wXCog8OkjQjAYR8zGRJTrP9W6UY9p1L6rp9rtfyPObBuAMLKv3WlXx8 Jz7idqSDNa49V7W3UrWcjXCunbjyPR7HszuuxhTC+EmB1MRU4IdX9I6ZdAaTuxEM jFNwSSjIWRgXkJfLxrDX1ukFPU0JCd8ms7Lzw5YHq2TWt/V/7h4jyUCN8o9BN80r 7WzqdzT4v+Exc6TpqlpkHiQjJFL4ByEzNt3xNVZ3UFIyxnogVi45kL/78PsqDk/j XWqM9bED8dBjM/K3EGqzj0mPCtILLnTm9ZyDvFF75jabf4rk0E354yGcuamoF+eM UTT+3NTPQB/kI5i9av8ibGezInVVRQeHuI1/qIaD/Hsr8K7VJbqlB1k/rUxUZaSy 6g9e0mU2GLgM+eW0EKW0GWpV6/STqzskxu2TW46tobpOykwH9dNKJHhJzx7nEWJi +5kMcGIvFCha6922/sM= =QV1S -----END PGP SIGNATURE----- Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next Pull smack updates from Casey Schaufler: "Four patches for v5.4. Nothing is major. All but one are in response to mechanically detected potential issues. The remaining patch cleans up kernel-doc notations" * tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next: smack: use GFP_NOFS while holding inode_smack::smk_lock security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() smack: fix some kernel-doc notations Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set |
||
|
Linus Torvalds
|
1b5fb41544 |
Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux
Pull SafeSetID fix from Micah Morton: "Jann Horn sent some patches to fix some bugs in SafeSetID for 5.3. After he had done his testing there were a couple small code tweaks that went in and caused this bug. From what I can see SafeSetID is broken in 5.3 and crashes the kernel every time during initialization if you try to use it. I came across this bug when backporting Jann's changes for 5.3 to older kernels (4.14 and 4.19). I've tested on a Chrome OS device with those kernels and verified that this change fixes things. It doesn't seem super useful to have this bake in linux-next, since it is completely broken in 5.3 and nobody noticed" * tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux: LSM: SafeSetID: Stop releasing uninitialized ruleset |
||
|
Linus Torvalds
|
5825a95fe9 |
selinux/stable-5.4 PR 20190917
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl2BLvcUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXP9pA/+Ls9sRGZoEipycbgRnwkL9/6yFtn4 UCFGMP0eobrjL82i8uMOa/72Budsp3ZaZRxf36NpbMDPyB9ohp5jf7o1WFTELESv EwxVvOMNwrxO2UbzRv3iywnhdPVJ4gHPa4GWfBHu2EEfhz3/Bv0tPIBdeXAbq4aC R0p+M9X0FFEp9eP4ftwOvFGpbZ8zKo1kwgdvCnqLhHDkyqtapqO/ByCTe1VATERP fyxjYDZNnITmI0plaIxCeeudklOTtVSAL4JPh1rk8rZIkUznZ4EBDHxdKiaz3j9C ZtAthiAA9PfAwf4DZSPHnGsfINxeNBKLD65jZn/PUne/gNJEx4DK041X9HXBNwjv OoArw58LCzxtTNZ//WB4CovRpeSdKvmKv0oh61k8cdQahLeHhzXE1wLQbnnBJLI3 CTsumIp4ZPEOX5r4ogdS3UIQpo3KrZump7VO85yUTRni150JpZR3egYpmcJ0So1A QTPemBhC2CHJVTpycYZ9fVTlPeC4oNwosPmvpB8XeGu3w5JpuNSId+BDR/ZlQAmq xWiIocGL3UMuPuJUrTGChifqBAgzK+gLa7S7RYPEnTCkj6LVQwsuP4gBXf75QTG4 FPwVcoMSDFxUDF0oFqwz4GfJlCxBSzX+BkWUn6jIiXKXBnQjU+1gu6KTwE25mf/j snJznFk25hFYFaM= =n4ht -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux updates from Paul Moore: - Add LSM hooks, and SELinux access control hooks, for dnotify, fanotify, and inotify watches. This has been discussed with both the LSM and fs/notify folks and everybody is good with these new hooks. - The LSM stacking changes missed a few calls to current_security() in the SELinux code; we fix those and remove current_security() for good. - Improve our network object labeling cache so that we always return the object's label, even when under memory pressure. Previously we would return an error if we couldn't allocate a new cache entry, now we always return the label even if we can't create a new cache entry for it. - Convert the sidtab atomic_t counter to a normal u32 with READ/WRITE_ONCE() and memory barrier protection. - A few patches to policydb.c to clean things up (remove forward declarations, long lines, bad variable names, etc) * tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: lsm: remove current_security() selinux: fix residual uses of current_security() for the SELinux blob selinux: avoid atomic_t usage in sidtab fanotify, inotify, dnotify, security: add security hook for fs notifications selinux: always return a secid from the network caches if we find one selinux: policydb - rename type_val_to_struct_array selinux: policydb - fix some checkpatch.pl warnings selinux: shuffle around policydb.c to get rid of forward declarations |
||
Micah Morton
|
21ab8580b3 |
LSM: SafeSetID: Stop releasing uninitialized ruleset
The first time a rule set is configured for SafeSetID, we shouldn't be trying to release the previously configured ruleset, since there isn't one. Currently, the pointer that would point to a previously configured ruleset is uninitialized on first rule set configuration, leading to a crash when we try to call release_ruleset with that pointer. Acked-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
Matthew Garrett
|
f8a9bc623a |
security: constify some arrays in lockdown LSM
No reason for these not to be const. Signed-off-by: Matthew Garrett <mjg59@google.com> Suggested-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Greg Kroah-Hartman
|
b7ee32b12f |
Linux 5.3-rc8
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl11ZZIeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGUEYH/3dOHJ00BhSQNL39 KSk1cuVq0UHIGcdOK+qp+3YLzaO6rpKJ7HYuQQ4ddLJwZ8wWGUZ03eDkp689axkb XMMhcbuaQ5AZT017UPPU/9ECqJtKmLHZEm3y4cU2ybFhI76eDD4S07xfC/L5h/xc aWyRRPBQhjZHIdCejg9eSJNMQJycW7l7npMEBeE9qDRmCWxZUHten2jBcL0XpXPw BJ0T7XKFHsbh/RP7K/7GHFxVZXPO8rl8pIlRaX+3bKqgUV721LwR+gyHbFYYntlC 7tfL4KcG9lQvCoUuh1cMtnZuMzc88TGdI5xb7Y1Gq6HtR7LTLLrfpp3nwqst912u xq8iHpw= =WnfD -----END PGP SIGNATURE----- Merge 5.3-rc8 into android-mainline Linux 5.3-rc8 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2908bd47266c7645d360bbe273bb10ada3cc8e3c |
||
Hillf Danton
|
d41a3effbb |
keys: Fix missing null pointer check in request_key_auth_describe()
If a request_key authentication token key gets revoked, there's a window in
which request_key_auth_describe() can see it with a NULL payload - but it
makes no check for this and something like the following oops may occur:
BUG: Kernel NULL pointer dereference at 0x00000038
Faulting instruction address: 0xc0000000004ddf30
Oops: Kernel access of bad area, sig: 11 [#1]
...
NIP [...] request_key_auth_describe+0x90/0xd0
LR [...] request_key_auth_describe+0x54/0xd0
Call Trace:
[...] request_key_auth_describe+0x54/0xd0 (unreliable)
[...] proc_keys_show+0x308/0x4c0
[...] seq_read+0x3d0/0x540
[...] proc_reg_read+0x90/0x110
[...] __vfs_read+0x3c/0x70
[...] vfs_read+0xb4/0x1b0
[...] ksys_read+0x7c/0x130
[...] system_call+0x5c/0x70
Fix this by checking for a NULL pointer when describing such a key.
Also make the read routine check for a NULL pointer to be on the safe side.
[DH: Modified to not take already-held rcu lock and modified to also check
in the read routine]
Fixes:
|
||
|
Stephen Smalley
|
169ce0c081 |
selinux: fix residual uses of current_security() for the SELinux blob
We need to use selinux_cred() to fetch the SELinux cred blob instead
of directly using current->security or current_security(). There
were a couple of lingering uses of current_security() in the SELinux code
that were apparently missed during the earlier conversions. IIUC, this
would only manifest as a bug if multiple security modules including
SELinux are enabled and SELinux is not first in the lsm order. After
this change, there appear to be no other users of current_security()
in-tree; perhaps we should remove it altogether.
Fixes:
|
||
|
Eric Biggers
|
e5bfad3d7a
|
smack: use GFP_NOFS while holding inode_smack::smk_lock
inode_smack::smk_lock is taken during smack_d_instantiate(), which is called during a filesystem transaction when creating a file on ext4. Therefore to avoid a deadlock, all code that takes this lock must use GFP_NOFS, to prevent memory reclaim from waiting for the filesystem transaction to complete. Reported-by: syzbot+0eefc1e06a77d327a056@syzkaller.appspotmail.com Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> |
||
Jia-Ju Bai
|
3f4287e7d9
|
security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
In smack_socket_sock_rcv_skb(), there is an if statement
on line 3920 to check whether skb is NULL:
if (skb && skb->secmark != 0)
This check indicates skb can be NULL in some cases.
But on lines 3931 and 3932, skb is used:
ad.a.u.net->netif = skb->skb_iif;
ipv6_skb_to_auditdata(skb, &ad.a, NULL);
Thus, possible null-pointer dereferences may occur when skb is NULL.
To fix these possible bugs, an if statement is added to check skb.
These bugs are found by a static analysis tool STCheck written by us.
Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
|
||
luanshi
|
a1a07f2234
|
smack: fix some kernel-doc notations
Fix/add kernel-doc notation and fix typos in security/smack/. Signed-off-by: Liguang Zhang <zhangliguang@linux.alibaba.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> |
||
Jann Horn
|
3675f052b4
|
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
There is a logic bug in the current smack_bprm_set_creds():
If LSM_UNSAFE_PTRACE is set, but the ptrace state is deemed to be
acceptable (e.g. because the ptracer detached in the meantime), the other
->unsafe flags aren't checked. As far as I can tell, this means that
something like the following could work (but I haven't tested it):
- task A: create task B with fork()
- task B: set NO_NEW_PRIVS
- task B: install a seccomp filter that makes open() return 0 under some
conditions
- task B: replace fd 0 with a malicious library
- task A: attach to task B with PTRACE_ATTACH
- task B: execve() a file with an SMACK64EXEC extended attribute
- task A: while task B is still in the middle of execve(), exit (which
destroys the ptrace relationship)
Make sure that if any flags other than LSM_UNSAFE_PTRACE are set in
bprm->unsafe, we reject the execve().
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
94cc606e3e |
Linux 5.3-rc7
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl1tSg4eHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiG018IAJGV7SbXggW/iC+e cSMlo8kPnuU7dKCUW+ngXnZY1xuDYWPhXMX9+yDYf2NfMYGdDGYZ+GRjSFim816w HsNsovnYiyxhkh+wA/DmZPWKdTgYrIxbPRO+MlO5ZfbxWNaLgSjqirz0iBITSv3S r2XLmFw8GVACv/GkNGrWBM53wpkJLHzvwaV9hg6dr8HFDipaEn7vEY9/LAN3S3fw reVwW6Q4N4+RSofM1eIGgAZsTYbYBDfri94mRQZ3y+Q8EkRGkJ270WKA0OAVFYS7 KA6nrjvGSYVtmDK3HORjbINQn3bXwIKeMZHl15c+LGM9ePwoHbsN3+smBswRX+R3 JDQjkhY= =DV37 -----END PGP SIGNATURE----- Merge 5.3-rc7' into android-mainline Linux 5.3-rc7 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idb7a4bac47aad24a134ab4e98ea40e7bf201895b |
||
|
Eric Biggers
|
846d2db3e0 |
keys: ensure that ->match_free() is called in request_key_and_link()
If check_cached_key() returns a non-NULL value, we still need to call
key_type::match_free() to undo key_type::match_preparse().
Fixes:
|
||
Gustavo A. R. Silva
|
2a7f0e53da |
ima: ima_api: Use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct ima_template_entry {
...
struct ima_field_data template_data[0]; /* template related data */
};
instance = kzalloc(sizeof(struct ima_template_entry) + count * sizeof(struct ima_field_data), GFP_NOFS);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_NOFS);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
|
Gustavo A. R. Silva
|
fa5b571753 |
ima: use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct foo {
int stuff;
struct boo entry[];
};
instance = kzalloc(sizeof(struct foo) + count * sizeof(struct boo), GFP_KERNEL);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_KERNEL);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
Thiago Jung Bauermann
|
556d971bda |
ima: Fix use after free in ima_read_modsig()
If we can't parse the PKCS7 in the appended modsig, we will free the modsig
structure and then access one of its members to determine the error value.
Fixes:
|
||
|
Ondrej Mosnacek
|
116f21bb96 |
selinux: avoid atomic_t usage in sidtab
As noted in Documentation/atomic_t.txt, if we don't need the RMW atomic operations, we should only use READ_ONCE()/WRITE_ONCE() + smp_rmb()/smp_wmb() where necessary (or the combined variants smp_load_acquire()/smp_store_release()). This patch converts the sidtab code to use regular u32 for the counter and reverse lookup cache and use the appropriate operations instead of atomic_get()/atomic_set(). Note that when reading/updating the reverse lookup cache we don't need memory barriers as it doesn't need to be consistent or accurate. We can now also replace some atomic ops with regular loads (when under spinlock) and stores (for conversion target fields that are always accessed under the master table's spinlock). We can now also bump SIDTAB_MAX to U32_MAX as we can use the full u32 range again. Suggested-by: Jann Horn <jannh@google.com> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Reviewed-by: Jann Horn <jannh@google.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Greg Kroah-Hartman
|
a5bd47ef3f |
Linux 5.3-rc5
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl1Zw6ceHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGbiUH/0kqDBzkpne1odxW LeAPtTgmxDbcOE/bgIk374e95mn3EP3arna01BLc5ztwkQ521f4Iw5mKW5InZcyu 3/IvpYeQUcdazphWSu72VnUZ8QfYNh4NJDjAx6iyliQ1NpJF9LLYLWWjlqwGbWHQ USbwp7A+56m1AWWmce2r50DK7jEZShKxRBQrXNXtvn8+YaVMvmdZpT6ejyG52J+4 zr9yYrT9sa5jcPGPnWN/sx03/BPij+yOFKKe8L9vprb3uEmNKPvqtAbUpI0QYw6j T+eZELLxAOsUk84kxQyTLCU/GMesP6hIaE93HlpmgcQkBBzK7H5SBN37r8OJjOeS IXlJX4c= =9Iey -----END PGP SIGNATURE----- Merge 5.3-rc5 into android-mainline Linux 5.3-rc5 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ibfaea1b9aca9f04a59def096f327c2afbd0cb296 |
||
|
Matthew Garrett
|
b602614a81 |
lockdown: Print current->comm in restriction messages
Print the content of current->comm in messages generated by lockdown to
indicate a restriction that was hit. This makes it a bit easier to find
out what caused the message.
The message now patterned something like:
Lockdown: <comm>: <what> is restricted; see man kernel_lockdown.7
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
ccbd54ff54 |
tracefs: Restrict tracefs when the kernel is locked down
Tracefs may release more information about the kernel than desirable, so restrict it when the kernel is locked down in confidentiality mode by preventing open(). (Fixed by Ben Hutchings to avoid a null dereference in default_file_open()) Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Cc: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
5496197f9b |
debugfs: Restrict debugfs when the kernel is locked down
Disallow opening of debugfs files that might be used to muck around when
the kernel is locked down as various drivers give raw access to hardware
through debugfs. Given the effort of auditing all 2000 or so files and
manually fixing each one as necessary, I've chosen to apply a heuristic
instead. The following changes are made:
(1) chmod and chown are disallowed on debugfs objects (though the root dir
can be modified by mount and remount, but I'm not worried about that).
(2) When the kernel is locked down, only files with the following criteria
are permitted to be opened:
- The file must have mode 00444
- The file must not have ioctl methods
- The file must not have mmap
(3) When the kernel is locked down, files may only be opened for reading.
Normal device interaction should be done through configfs, sysfs or a
miscdev, not debugfs.
Note that this makes it unnecessary to specifically lock down show_dsts(),
show_devs() and show_call() in the asus-wmi driver.
I would actually prefer to lock down all files by default and have the
the files unlocked by the creator. This is tricky to manage correctly,
though, as there are 19 creation functions and ~1600 call sites (some of
them in loops scanning tables).
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Andy Shevchenko <andy.shevchenko@gmail.com>
cc: acpi4asus-user@lists.sourceforge.net
cc: platform-driver-x86@vger.kernel.org
cc: Matthew Garrett <mjg59@srcf.ucam.org>
cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Greg KH <greg@kroah.com>
Cc: Rafael J. Wysocki <rafael@kernel.org>
Signed-off-by: Matthew Garrett <matthewgarrett@google.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
29d3c1c8df |
kexec: Allow kexec_file() with appropriate IMA policy when locked down
Systems in lockdown mode should block the kexec of untrusted kernels. For x86 and ARM we can ensure that a kernel is trustworthy by validating a PE signature, but this isn't possible on other architectures. On those platforms we can use IMA digital signatures instead. Add a function to determine whether IMA has or will verify signatures for a given event type, and if so permit kexec_file() even if the kernel is otherwise locked down. This is restricted to cases where CONFIG_INTEGRITY_TRUSTED_KEYRING is set in order to prevent an attacker from loading additional keys at runtime. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: linux-integrity@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
b0c8fdc7fd |
lockdown: Lock down perf when in confidentiality mode
Disallow the use of certain perf facilities that might allow userspace to access kernel data. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
9d1f8be5cf |
bpf: Restrict bpf when kernel lockdown is in confidentiality mode
bpf_read() and bpf_read_str() could potentially be abused to (eg) allow private keys in kernel memory to be leaked. Disable them if the kernel has been locked down in confidentiality mode. Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: netdev@vger.kernel.org cc: Chun-Yi Lee <jlee@suse.com> cc: Alexei Starovoitov <alexei.starovoitov@gmail.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
a94549dd87 |
lockdown: Lock down tracing and perf kprobes when in confidentiality mode
Disallow the creation of perf and ftrace kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data, but continues to allow the use of kprobes from signed modules. Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Masami Hiramatsu <mhiramat@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com> Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> Cc: davem@davemloft.net Cc: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
02e935bf5b |
lockdown: Lock down /proc/kcore
Disallow access to /proc/kcore when the kernel is locked down to prevent access to cryptographic data. This is limited to lockdown confidentiality mode and is still permitted in integrity mode. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
906357f77a |
x86/mmiotrace: Lock down the testmmiotrace module
The testmmiotrace module shouldn't be permitted when the kernel is locked down as it can be used to arbitrarily read and write MMIO space. This is a runtime check rather than buildtime in order to allow configurations where the same kernel may be run in both locked down or permissive modes depending on local policy. Suggested-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Reviewed-by: Kees Cook <keescook@chromium.org> cc: Thomas Gleixner <tglx@linutronix.de> cc: Steven Rostedt <rostedt@goodmis.org> cc: Ingo Molnar <mingo@kernel.org> cc: "H. Peter Anvin" <hpa@zytor.com> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
20657f66ef |
lockdown: Lock down module params that specify hardware parameters (eg. ioport)
Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). Suggested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Jessica Yu <jeyu@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
794edf30ee |
lockdown: Lock down TIOCSSERIAL
Lock down TIOCSSERIAL as that can be used to change the ioport and irq settings on a serial port. This only appears to be an issue for the serial drivers that use the core serial code. All other drivers seem to either ignore attempts to change port/irq or give an error. Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: Jiri Slaby <jslaby@suse.com> Cc: linux-serial@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
3f19cad3fa |
lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
Prohibit replacement of the PCMCIA Card Information Structure when the kernel is locked down. Suggested-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
Matthew Garrett
|
f474e1486b |
ACPI: Limit access to custom_method when the kernel is locked down
custom_method effectively allows arbitrary access to system memory, making it possible for an attacker to circumvent restrictions on module loading. Disable it if the kernel is locked down. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: linux-acpi@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
95f5e95f41 |
x86/msr: Restrict MSR access when the kernel is locked down
Writing to MSRs should not be allowed if the kernel is locked down, since it could lead to execution of arbitrary code in kernel mode. Based on a patch by Kees Cook. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
96c4f67293 |
x86: Lock down IO port access when the kernel is locked down
IO port access would permit users to gain access to PCI configuration registers, which in turn (on a lot of hardware) give access to MMIO register space. This would potentially permit root to trigger arbitrary DMA, so lock it down by default. This also implicitly locks down the KDADDIO, KDDELIO, KDENABIO and KDDISABIO console ioctls. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
eb627e1772 |
PCI: Lock down BAR access when the kernel is locked down
Any hardware that can potentially generate DMA has to be locked down in order to avoid it being possible for an attacker to modify kernel code, allowing them to circumvent disabled module loading or module signing. Default to paranoid - in future we can potentially relax this for sufficiently IOMMU-isolated devices. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Bjorn Helgaas <bhelgaas@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: linux-pci@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Josh Boyer
|
38bd94b8a1 |
hibernate: Disable when the kernel is locked down
There is currently no way to verify the resume image when returning from hibernate. This might compromise the signed modules trust model, so until we can work with signed hibernate images we disable it when the kernel is locked down. Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: rjw@rjwysocki.net Cc: pavel@ucw.cz cc: linux-pm@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Jiri Bohac
|
99d5cadfde |
kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
This is a preparatory patch for kexec_file_load() lockdown. A locked down kernel needs to prevent unsigned kernel images from being loaded with kexec_file_load(). Currently, the only way to force the signature verification is compiling with KEXEC_VERIFY_SIG. This prevents loading usigned images even when the kernel is not locked down at runtime. This patch splits KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE. Analogous to the MODULE_SIG and MODULE_SIG_FORCE for modules, KEXEC_SIG turns on the signature verification but allows unsigned images to be loaded. KEXEC_SIG_FORCE disallows images without a valid signature. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
7d31f4602f |
kexec_load: Disable at runtime if the kernel is locked down
The kexec_load() syscall permits the loading and execution of arbitrary code in ring 0, which is something that lock-down is meant to prevent. It makes sense to disable kexec_load() in this situation. This does not affect kexec_file_load() syscall which can check for a signature on the image to be booted. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Dave Young <dyoung@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
9b9d8dda1e |
lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down
Allowing users to read and write to core kernel memory makes it possible for the kernel to be subverted, avoiding module loading restrictions, and also to steal cryptographic information. Disallow /dev/mem and /dev/kmem from being opened this when the kernel has been locked down to prevent this. Also disallow /dev/port from being opened to prevent raw ioport access and thus DMA from being used to accomplish the same thing. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
49fcf732bd |
lockdown: Enforce module signatures if the kernel is locked down
If the kernel is locked down, require that all modules have valid
signatures that we can verify.
I have adjusted the errors generated:
(1) If there's no signature (ENODATA) or we can't check it (ENOPKG,
ENOKEY), then:
(a) If signatures are enforced then EKEYREJECTED is returned.
(b) If there's no signature or we can't check it, but the kernel is
locked down then EPERM is returned (this is then consistent with
other lockdown cases).
(2) If the signature is unparseable (EBADMSG, EINVAL), the signature fails
the check (EKEYREJECTED) or a system error occurs (eg. ENOMEM), we
return the error we got.
Note that the X.509 code doesn't check for key expiry as the RTC might not
be valid or might not have been transferred to the kernel's clock yet.
[Modified by Matthew Garrett to remove the IMA integration. This will
be replaced with integration with the IMA architecture policy
patchset.]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <matthewgarrett@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Jessica Yu <jeyu@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
000d388ed3 |
security: Add a static lockdown policy LSM
While existing LSMs can be extended to handle lockdown policy, distributions generally want to be able to apply a straightforward static policy. This patch adds a simple LSM that can be configured to reject either integrity or all lockdown queries, and can be configured at runtime (through securityfs), boot time (via a kernel parameter) or build time (via a kconfig option). Based on initial code by David Howells. Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
9e47d31d6a |
security: Add a "locked down" LSM hook
Add a mechanism to allow LSMs to make a policy decision around whether kernel functionality that would allow tampering with or examining the runtime state of the kernel should be permitted. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <jmorris@namei.org> |