android11-5.4
4640 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Tyler Hicks
|
2092075629 |
ima: Have the LSM free its audit rule
[ Upstream commit 9ff8a616dfab96a4fa0ddd36190907dc68886d9b ]
Ask the LSM to free its audit rule rather than directly calling kfree().
Both AppArmor and SELinux do additional work in their audit_rule_free()
hooks. Fix memory leaks by allowing the LSMs to perform necessary work.
Fixes:
|
||
Greg Kroah-Hartman
|
3a9b53bc89 |
This is the 5.4.58 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8ynngACgkQONu9yGCS
aT5cPw/9GiiNZCLyjB3jVyalmN9uDYKQ+eS8H97GG7IBVYyg9whOKIrOCZHcLINH
DV5s/qnhRWJPzmQ47410ySuPb6QMvkhWTK7i5Xf+K7BOvoz/snfFGcmdu1CA4KxR
CuuH449Y4l3sH+5fPv7+EToovBqA2cfeiz/i5d5Di/N4yODWBCbHHAsZIt0oGvuK
sI1aI1K//R7vKZQvQo85tvENbWJWQwDN7eYVQj3aSbvnq8JqVpwTKTBpKfshzgzB
RmMSOVpQoQYNivW9oleG0NTQeHqj7alG8anFs3Drgu1hs5dzQhqAFlKddhtRS69j
mtrSJuf0GgJEYA6n+PfacoM4l7kHUZcQH9+bglbCXTA3nH24DLT7h0Lybm+ETPXc
ZAYo7cHqrS1BWv8VHZggSbqPr6YNKvgeflgS394wAgNEFcaJmaPfS6+elmc0qf2t
VPSas7QQruRS1Bqwb6CF2tHsl4N+VdvxX1a2JjHHcF5N3z5aqDm1qaVVQHxAg2rE
gXepFNGkEIBhWRxPz+5quxN1XBcUDiQYrzdoaKHxwY+OcdCf635P5Ob+1WK3w1oa
qhl/2scs44D67wZSgXHo5N4vMi9HhPOSV77jklgFcg75IzM9YWwYnJADQRHxo7nT
25XEgUlMfxm0ngw+CZWR0ssaP6rB9V1rRLDqb1W5HbqA7lp2YE8=
=Fe6H
-----END PGP SIGNATURE-----
Merge 5.4.58 into android11-5.4
Changes in 5.4.58
USB: serial: qcserial: add EM7305 QDL product ID
perf/core: Fix endless multiplex timer
USB: iowarrior: fix up report size handling for some devices
usb: xhci: define IDs for various ASMedia host controllers
usb: xhci: Fix ASMedia ASM1142 DMA addressing
io_uring: prevent re-read of sqe->opcode
io_uring: Fix use-after-free in io_sq_wq_submit_work()
Revert "ALSA: hda: call runtime_allow() for all hda controllers"
ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
ALSA: hda/ca0132 - Add new quirk ID for Recon3D.
ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value.
ALSA: hda/ca0132 - Fix AE-5 microphone selection commands.
ALSA: seq: oss: Serialize ioctls
staging: android: ashmem: Fix lockdep warning for write operation
staging: rtl8712: handle firmware load failure
Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
omapfb: dss: Fix max fclk divider for omap36xx
binder: Prevent context manager from incrementing ref 0
Smack: fix use-after-free in smk_write_relabel_self()
scripts: add dummy report mode to add_namespace.cocci
vgacon: Fix for missing check in scrollback handling
mtd: properly check all write ioctls for permissions
leds: wm831x-status: fix use-after-free on unbind
leds: lm36274: fix use-after-free on unbind
leds: da903x: fix use-after-free on unbind
leds: lm3533: fix use-after-free on unbind
leds: 88pm860x: fix use-after-free on unbind
net/9p: validate fds in p9_fd_open
drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason
drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
nvme-pci: prevent SK hynix PC400 from using Write Zeroes command
drm/drm_fb_helper: fix fbdev with sparc64
i2c: slave: improve sanity check when registering
i2c: slave: add sanity check when unregistering
usb: hso: check for return value in hso_serial_common_create()
net: ethernet: mtk_eth_soc: Always call mtk_gmac0_rgmii_adjust() for mt7623
ALSA: hda: fix NULL pointer dereference during suspend
firmware: Fix a reference count leak.
cfg80211: check vendor command doit pointer before use
igb: reinit_locked() should be called with rtnl_lock
atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
tools lib traceevent: Fix memory leak in process_dynamic_array_len
Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
xattr: break delegations in {set,remove}xattr
Revert "powerpc/kasan: Fix shadow pages allocation failure"
PCI: tegra: Revert tegra124 raw_violation_fixup
ipv4: Silence suspicious RCU usage warning
ipv6: fix memory leaks on IPV6_ADDRFORM path
ipv6: Fix nexthop refcnt leak when creating ipv6 route info
net: ethernet: mtk_eth_soc: fix MTU warnings
rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
vxlan: Ensure FDB dump is performed under RCU
net: lan78xx: replace bogus endpoint lookup
appletalk: Fix atalk_proc_init() return path
dpaa2-eth: Fix passing zero to 'PTR_ERR' warning
hv_netvsc: do not use VF device if link is down
net: gre: recompute gre csum for sctp over gre tunnels
net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
Revert "vxlan: fix tos value before xmit"
selftests/net: relax cpu affinity requirement in msg_zerocopy test
tcp: apply a floor of 1 for RTT samples from TCP timestamps
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
nfsd: Fix NFSv4 READ on RDMA when using readv
Linux 5.4.58
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0e89e2c0faf90bdf1f6ac37f9a2c2395cacab054
|
||
Bruno Meneguele
|
df6aeb5235 |
ima: move APPRAISE_BOOTPARAM dependency on ARCH_POLICY to runtime
commit 311aa6aafea446c2f954cc19d66425bfed8c4b0b upstream.
The IMA_APPRAISE_BOOTPARAM config allows enabling different "ima_appraise="
modes - log, fix, enforce - at run time, but not when IMA architecture
specific policies are enabled. This prevents properly labeling the
filesystem on systems where secure boot is supported, but not enabled on the
platform. Only when secure boot is actually enabled should these IMA
appraise modes be disabled.
This patch removes the compile time dependency and makes it a runtime
decision, based on the secure boot state of that platform.
Test results as follows:
-> x86-64 with secure boot enabled
[ 0.015637] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.015668] ima: Secure boot enabled: ignoring ima_appraise=fix boot parameter option
-> powerpc with secure boot disabled
[ 0.000000] Kernel command line: <...> ima_policy=appraise_tcb ima_appraise=fix
[ 0.000000] Secure boot mode disabled
-> Running the system without secure boot and with both options set:
CONFIG_IMA_APPRAISE_BOOTPARAM=y
CONFIG_IMA_ARCH_POLICY=y
Audit prompts "missing-hash" but still allow execution and, consequently,
filesystem labeling:
type=INTEGRITY_DATA msg=audit(07/09/2020 12:30:27.778:1691) : pid=4976
uid=root auid=root ses=2
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 op=appraise_data
cause=missing-hash comm=bash name=/usr/bin/evmctl dev="dm-0" ino=493150
res=no
Cc: stable@vger.kernel.org
Fixes:
|
||
Eric Biggers
|
5f5fb7cea8 |
Smack: fix use-after-free in smk_write_relabel_self()
commit beb4ee6770a89646659e6a2178538d2b13e2654e upstream.
smk_write_relabel_self() frees memory from the task's credentials with
no locking, which can easily cause a use-after-free because multiple
tasks can share the same credentials structure.
Fix this by using prepare_creds() and commit_creds() to correctly modify
the task's credentials.
Reproducer for "BUG: KASAN: use-after-free in smk_write_relabel_self":
#include <fcntl.h>
#include <pthread.h>
#include <unistd.h>
static void *thrproc(void *arg)
{
int fd = open("/sys/fs/smackfs/relabel-self", O_WRONLY);
for (;;) write(fd, "foo", 3);
}
int main()
{
pthread_t t;
pthread_create(&t, NULL, thrproc, NULL);
thrproc(NULL);
}
Reported-by: syzbot+e6416dabb497a650da40@syzkaller.appspotmail.com
Fixes:
|
||
Blagovest Kolenichev
|
40bffd325d |
Merge android11-5.4.54 (261a54f) into msm-5.4
* refs/heads/tmp-261a54f:
Revert "soc: qcom: rpmh: Update dirty flag only when data changes"
Revert "soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data"
Revert "soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS"
Revert "soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request"
Revert "soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner"
Linux 5.4.54
ath9k: Fix regression with Atheros 9271
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
dm integrity: fix integrity recalculation that is improperly skipped
ASoC: topology: fix tlvs in error handling for widget_dmixer
ASoC: topology: fix kernel oops on route addition error
ASoC: qcom: Drop HAS_DMA dependency to fix link failure
ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10
x86, vmlinux.lds: Page-align end of ..page_aligned sections
parisc: Add atomic64_set_release() define to avoid CPU soft lockups
drm/amd/powerplay: fix a crash when overclocking Vega M
drm/amdgpu: Fix NULL dereference in dpm sysfs handlers
mmc: sdhci-of-aspeed: Fix clock divider calculation
io-mapping: indicate mapping failure
khugepaged: fix null-pointer dereference due to race
mm: memcg/slab: fix memory leak at non-root kmem_cache destroy
mm/memcg: fix refcount error while moving and swapping
mm/mmap.c: close race between munmap() and expand_upwards()/downwards()
Makefile: Fix GCC_TOOLCHAIN_DIR prefix for Clang cross compilation
vt: Reject zero-sized screen buffer size.
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
/dev/mem: Add missing memory barriers for devmem_inode
serial: 8250_mtk: Fix high-speed baud rates clamping
serial: 8250: fix null-ptr-deref in serial8250_start_tx()
serial: tegra: fix CREAD handling for PIO
staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
staging: wlan-ng: properly check endpoint types
tty: xilinx_uartps: Really fix id assignment
iwlwifi: mvm: don't call iwl_mvm_free_inactive_queue() under RCU
Revert "cifs: Fix the target file was deleted when rename failed."
usb: xhci: Fix ASM2142/ASM3142 DMA addressing
usb: xhci-mtk: fix the failure of bandwidth allocation
binder: Don't use mmput() from shrinker function.
RISC-V: Upgrade smp_mb__after_spinlock() to iorw,iorw
drivers/perf: Prevent forced unbinding of PMU drivers
asm-generic/mmiowb: Allow mmiowb_set_pending() when preemptible()
x86: math-emu: Fix up 'cmp' insn for clang ias
arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP
drivers/perf: Fix kernel panic when rmmod PMU modules during perf sampling
ALSA: hda/realtek - fixup for yet another Intel reference board
hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe()
platform/x86: asus-wmi: allow BAT1 battery name
platform/x86: ISST: Add new PCI device ids
hwmon: (nct6775) Accept PECI Calibration as temperature source for NCT6798D
drm/amdgpu: fix preemption unit test
drm/amdgpu/gfx10: fix race condition for kiq
hwmon: (adm1275) Make sure we are reading enough data for different chips
usb: cdns3: trace: fix some endian issues
usb: cdns3: ep0: fix some endian issues
usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init()
usb: dwc3: pci: add support for the Intel Jasper Lake
usb: dwc3: pci: add support for the Intel Tiger Lake PCH -H variant
Input: elan_i2c - only increment wakeup count on touch
Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
dmaengine: ioat setting ioat timeout as module parameter
dmaengine: fsl-edma: fix wrong tcd endianness for big-endian cpu
hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
regmap: dev_get_regmap_match(): fix string comparison
spi: mediatek: use correct SPI_CFG2_REG MACRO
ARM: dts: n900: remove mmc1 card detect gpio
Input: add `SW_MACHINE_COVER`
dmaengine: tegra210-adma: Fix runtime PM imbalance on error
HID: apple: Disable Fn-key key-re-mapping on clone keyboards
HID: steam: fixes race in handling device list.
HID: alps: support devices with report id 2
HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override
scripts/gdb: fix lx-symbols 'gdb.error' while loading modules
scripts/decode_stacktrace: strip basepath from all paths
serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X
geneve: fix an uninitialized value in geneve_changelink()
bonding: check return value of register_netdevice() in bond_newlink()
i2c: i2c-qcom-geni: Fix DMA transfer race
i2c: rcar: always clear ICSAR to avoid side effects
enetc: Remove the mdio bus on PF probe bailout
nfsd4: fix NULL dereference in nfsd/clients display code
Revert "PCI/PM: Assume ports without DLL Link Active train links in 100 ms"
net: ethernet: ave: Fix error returns in ave_init
ipvs: fix the connection sync failed in some cases
qed: suppress false-positives interrupt error messages on HW init
qed: suppress "don't support RoCE & iWARP" flooding on HW init
netdevsim: fix unbalaced locking in nsim_create()
net: dsa: microchip: call phy_remove_link_mode during probe
net: hns3: fix error handling for desc filling
net: ag71xx: add missed clk_disable_unprepare in error path of probe
ionic: fix up filter locks and debug msgs
ionic: use offset for ethtool regs data
mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
bonding: check error value of register_netdevice() immediately
net: smc91x: Fix possible memory leak in smc_drv_probe()
drm: sun4i: hdmi: Fix inverted HPD result
ieee802154: fix one possible memleak in adf7242_probe
net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration
ASoC: Intel: bytcht_es8316: Add missed put_device()
RDMA/mlx5: Use xa_lock_irq when access to SRQ table
ax88172a: fix ax88172a_unbind() failures
vsock/virtio: annotate 'the_virtio_vsock' RCU pointer
hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path
fpga: dfl: fix bug in port reset handshake
fpga: dfl: pci: reduce the scope of variable 'ret'
bnxt_en: Fix completion ring sizing with TPA enabled.
bnxt_en: Fix race when modifying pause settings.
btrfs: fix page leaks after failure to lock page for delalloc
btrfs: fix mount failure caused by race with umount
btrfs: fix double free on ulist after backref resolution failure
ASoC: rt5670: Correct RT5670_LDO_SEL_MASK
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
ALSA: hda/realtek: Fixed ALC298 sound bug by adding quirk for Samsung Notebook Pen S
uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression
btrfs: reloc: clear DEAD_RELOC_TREE bit for orphan roots to prevent runaway balance
btrfs: reloc: fix reloc root leak and NULL pointer dereference
SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion")
drm/amd/display: Check DMCU Exists Before Loading
dmabuf: use spinlock to access dmabuf->name
ARM: dts: imx6qdl-gw551x: fix audio SSI
ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link'
irqdomain/treewide: Keep firmware node unconditionally allocated
fuse: fix weird page warning
drivers/firmware/psci: Fix memory leakage in alloc_init_cpu_groups()
dm: use bio_uninit instead of bio_disassociate_blkg
scsi: dh: Add Fujitsu device to devinfo and dh lists
scsi: mpt3sas: Fix error returns in BRM_status_show
drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout
net: sky2: initialize return of gm_phy_read
ALSA: hda/hdmi: fix failures at PCM open on Intel ICL and later
drivers/net/wan/lapbether: Fixed the value of hard_header_len
scsi: mpt3sas: Fix unlock imbalance
xtensa: update *pos in cpuinfo_op.next
xtensa: fix __sync_fetch_and_{and,or}_4 declarations
scsi: scsi_transport_spi: Fix function pointer check
mac80211: allow rx of mesh eapol frames with default rx key
pinctrl: amd: fix npins for uart0 in kerncz_groups
gpio: arizona: put pm_runtime in case of failure
gpio: arizona: handle pm_runtime_get_sync failure case
soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner
ANDROID: build: update ABI definitions
ANDROID: update the kernel release format for GKI
ANDROID: GKI: update clocksource abi due to upstream fixes needed for VDSO backport
UPSTREAM: arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
UPSTREAM: arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
UPSTREAM: arm64: Introduce a way to disable the 32bit vdso
ANDROID: staging: android: ion: Fix compilation error for ion_trace.h
ANDROID: GKI: enable CONFIG_SCSI_UFS_BSG=y
ANDROID: Incremental fs: magic number compatible 32-bit
ANDROID: kbuild: don't merge .*..compoundliteral in modules
ANDROID: KABI updates for db845c (QCOM_COMMAND_DB fixups)
ANDROID: soc: qcom: cmd-db: Allow COMMAND_DB driver to be loaded as a module
ANDROID: GKI: preserve ABI for struct sock_cgroup_data
Revert "genetlink: remove genl_bind"
Revert "arm64/alternatives: use subsections for replacement sequences"
ANDROID: KABI updates for db845c (USB_EHCI_HCD, USB_EHCI_HCD_PLATFORM and DWC3 fixups)
ANDROID: db845c_gki.fragment: Remove DWC3 modules built into GKI
ANDROID: db845c_gki.fragment: Remove modules built into GKI
ANDROID: power: wakeup_reason: refine wakeup logs
ANDROID: power: wakeup_reason: export log_threaded_irq_wakeup_reason
Linux 5.4.53
gpio: pca953x: disable regmap locking for automatic address incrementing
drm/i915/gvt: Fix two CFL MMIO handling caused by regression.
iommu/vt-d: Make Intel SVM code 64-bit only
ionic: export features for vlans to use
spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
rxrpc: Fix trace string
libceph: don't omit recovery_deletes in target_copy()
block: fix get_max_segment_size() overflow on 32bit arch
block: fix splitting segments on boundary masks
drm/i915/gt: Ignore irq enabling on the virtual engines
drm/amdgpu/sdma5: fix wptr overwritten in ->get_wptr()
genirq/affinity: Handle affinity setting on inactive interrupts correctly
sched/fair: handle case of task_h_load() returning 0
sched: Fix unreliable rseq cpu_id for new tasks
arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
arm64: ptrace: Consistently use pseudo-singlestep exceptions
arm64: ptrace: Override SPSR.SS when single-stepping is enabled
thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power
thermal: int3403_thermal: Downgrade error message
misc: atmel-ssc: lock with mutex instead of spinlock
dmaengine: fsl-edma-common: correct DSIZE_32BYTE
dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler
dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
intel_th: Fix a NULL dereference when hub driver is not loaded
intel_th: pci: Add Emmitsburg PCH support
intel_th: pci: Add Tiger Lake PCH-H support
intel_th: pci: Add Jasper Lake CPU support
powerpc/pseries/svm: Fix incorrect check for shared_lppaca_size
powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
riscv: use 16KB kernel stack on 64-bit
timer: Fix wheel index calculation on last level
timer: Prevent base->clk from moving backward
scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
uio_pdrv_genirq: fix use without device tree and no interrupt
uio_pdrv_genirq: Remove warning when irq is not specified
Input: elan_i2c - add more hardware ID for Lenovo laptops
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
mei: bus: don't clean driver pointer
Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"
fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS
fuse: use ->reconfigure() instead of ->remount_fs()
fuse: ignore 'data' argument of mount(..., MS_REMOUNT)
ovl: fix unneeded call to ovl_change_flags()
ovl: relax WARN_ON() when decoding lower directory file handle
ovl: inode reference leak in ovl_is_inuse true case.
ovl: fix regression with re-formatted lower squashfs
serial: mxs-auart: add missed iounmap() in probe failure and remove
virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial
Revert "tty: xilinx_uartps: Fix missing id assignment to the console"
virt: vbox: Fix guest capabilities mask check
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
USB: serial: option: add Quectel EG95 LTE modem
USB: serial: option: add GosunCn GM500 series
USB: serial: ch341: add new Product ID for CH340
USB: serial: cypress_m8: enable Simply Automated UPB PIM
USB: serial: iuu_phoenix: fix memory corruption
usb: gadget: function: fix missing spinlock in f_uac1_legacy
usb: chipidea: core: add wakeup support for extcon
usb: dwc2: Fix shutdown callback in platform
USB: c67x00: fix use after free in c67x00_giveback_urb
ALSA: hda/realtek - Enable Speaker for ASUS UX563
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256
ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289
ALSA: hda/realtek - change to suitable link model for ASUS platform
ALSA: usb-audio: Fix race against the error recovery URB submission
ALSA: line6: Sync the pending work cancel at disconnection
ALSA: line6: Perform sanity check for each URB creation
HID: quirks: Ignore Simply Automated UPB PIM
HID: quirks: Always poll Obins Anne Pro 2 keyboard
HID: magicmouse: do not set up autorepeat
HID: logitech-hidpp: avoid repeated "multiplier = " log messages
slimbus: core: Fix mismatch in of_node_get/put
clk: qcom: gcc: Add missing UFS clocks for SM8150
clk: qcom: gcc: Add GPU and NPU clocks for SM8150
mtd: rawnand: oxnas: Release all devices in the _remove() path
mtd: rawnand: oxnas: Unregister all devices on error
mtd: rawnand: oxnas: Keep track of registered devices
mtd: rawnand: brcmnand: fix CS0 layout
mtd: rawnand: brcmnand: correctly verify erased pages
mtd: rawnand: timings: Fix default tR_max and tCCS_min timings
mtd: rawnand: marvell: Fix probe error path
mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered
mtd: rawnand: marvell: Fix the condition on a return code
RDMA/mlx5: Verify that QP is created with RQ or SQ
soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request
soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS
soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data
soc: qcom: rpmh: Update dirty flag only when data changes
perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode
PCI/PM: Call .bridge_d3() hook only if non-NULL
habanalabs: Align protection bits configuration of all TPCs
apparmor: ensure that dfa state tables have entries
soc: qcom: socinfo: add missing soc_id sysfs entry
arm: dts: mt7623: add phy-mode property for gmac2
copy_xstate_to_kernel: Fix typo which caused GDB regression
regmap: debugfs: Don't sleep while atomic for fast_io regmaps
keys: asymmetric: fix error return code in software_key_query()
arm64: dts: spcfpga: Align GIC, NAND and UART nodenames with dtschema
ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
xprtrdma: fix incorrect header size calculations
Revert "thermal: mediatek: fix register index error"
ARM: dts: Fix dcan driver probe failed on am437x platform
fuse: don't ignore errors from fuse_writepages_fill()
NFS: Fix interrupted slots by sending a solo SEQUENCE operation
clk: AST2600: Add mux for EMMC clock
clk: mvebu: ARMADA_AP_CPU_CLK needs to select ARMADA_AP_CP_HELPER
staging: comedi: verify array index is correct before using it
usb: gadget: udc: atmel: fix uninitialized read in debug printk
spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
dmaengine: dmatest: stop completed threads when running without set channel
dmaengine: dw: Initialize channel before each transfer
iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()'
bus: ti-sysc: Do not disable on suspend for no-idle
bus: ti-sysc: Fix sleeping function called from invalid context for RTC quirk
bus: ti-sysc: Fix wakeirq sleeping function called from invalid context
arm64: dts: meson-gxl-s805x: reduce initial Mali450 core frequency
arm64: dts: meson: add missing gxl rng clock
phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked
dmaengine: sh: usb-dmac: set tx_result parameters
soundwire: intel: fix memory leak with devm_kasprintf
iio:health:afe4404 Fix timestamp alignment and prevent data leak.
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S
bus: ti-sysc: Use optional clocks on for enable and wait for softreset bit
ACPI: video: Use native backlight on Acer TravelMate 5735Z
Input: mms114 - add extra compatible for mms345l
ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S
ACPI: video: Use native backlight on Acer Aspire 5783z
ALSA: usb-audio: Rewrite registration quirk handling
mmc: sdhci: do not enable card detect interrupt for gpio cd type
doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode
ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8)
Input: goodix - fix touch coordinates on Cube I15-TC
ALSA: usb-audio: Add support for MOTU MicroBook IIc
bus: ti-sysc: Detect EDMA and set quirk flags for tptc
arm64: dts: g12-common: add parkmode_disable_ss_quirk on DWC3 controller
bus: ti-sysc: Detect display subsystem related devices
bus: ti-sysc: Handle module unlock quirk needed for some RTC
bus: ti-sysc: Consider non-existing registers too when matching quirks
bus: ti-sysc: Rename clk related quirks to pre_reset and post_reset quirks
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled
drm/sun4i: tcon: Separate quirks for tcon0 and tcon1 on A20
ARM: at91: pm: add quirk for sam9x60's ulp1
HID: quirks: Remove ITE 8595 entry from hid_have_special_driver
mmc: mmci: Support any block sizes for ux500v2 and qcom variant
ARM: OMAP2+: use separate IOMMU pdata to fix DRA7 IPU1 boot
ARM: OMAP2+: Add workaround for DRA7 DSP MStandby errata i879
ARM: OMAP4+: remove pdata quirks for omap4+ iommus
net: sfp: add some quirks for GPON modules
net: sfp: add support for module quirks
Revert "usb/xhci-plat: Set PM runtime as active on resume"
Revert "usb/ehci-platform: Set PM runtime as active on resume"
Revert "usb/ohci-platform: Fix a warning when hibernating"
net: ethernet: mvneta: Add back interface mode validation
net: ethernet: mvneta: Do not error out in non serdes modes
net: macb: call pm_runtime_put_sync on failure path
of: of_mdio: Correct loop scanning logic
net: dsa: bcm_sf2: Fix node reference count
spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
iio:health:afe4403 Fix timestamp alignment and prevent data leak.
iio:pressure:ms5611 Fix buffer element alignment
iio:humidity:hts221 Fix alignment and data leak issues
iio: pressure: zpa2326: handle pm_runtime_get_sync failure
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
iio: core: add missing IIO_MOD_H2/ETHANOL string identifiers
iio: magnetometer: ak8974: Fix runtime PM imbalance on error
iio:humidity:hdc100x Fix alignment and data leak issues
iio:magnetometer:ak8974: Fix alignment and data leak issues
arm64/alternatives: don't patch up internal branches
i2c: eg20t: Load module automatically if ID matches
gfs2: read-only mounts should grab the sd_freeze_gl glock
tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
arm64/alternatives: use subsections for replacement sequences
cifs: prevent truncation from long to int in wait_for_free_credits
dt-bindings: mailbox: zynqmp_ipi: fix unit address
m68k: mm: fix node memblock init
m68k: nommu: register start of the memory with memblock
blk-mq-debugfs: update blk_queue_flag_name[] accordingly for new flags
thermal/drivers: imx: Fix missing of_node_put() at probe time
x86/fpu: Reset MXCSR to default in kernel_fpu_begin()
drm/exynos: fix ref count leak in mic_pre_enable
drm/exynos: Properly propagate return value in drm_iommu_attach_device()
drm/msm/dpu: allow initialization of encoder locks during encoder init
drm/msm: fix potential memleak in error branch
arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
arm64: Introduce a way to disable the 32bit vdso
ip: Fix SO_MARK in RST, ACK and ICMP packets
cgroup: Fix sock_cgroup_data on big-endian.
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
tcp: md5: allow changing MD5 keys in all socket states
tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
vlan: consolidate VLAN parsing code and limit max parsing depth
tcp: md5: do not send silly options in SYNCOOKIES
tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key()
tcp: make sure listeners don't initialize congestion-control state
tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
sched: consistently handle layer3 header accesses in the presence of VLANs
net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
net_sched: fix a memory leak in atm_tc_init()
net: dsa: microchip: set the correct number of ports
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
llc: make sure applications use ARPHRD_ETHER
l2tp: remove skb_dst_set() from l2tp_xmit_skb()
ipv6: Fix use of anycast address with loopback
ipv6: fib6_select_path can not use out path for nexthop objects
ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
genetlink: remove genl_bind
bridge: mcast: Fix MLD2 Report IPv6 payload length check
net: rmnet: fix lower interface leak
net: atlantic: fix ip dst and ipv6 address filters
crypto: atmel - Fix build error of CRYPTO_AUTHENC
crypto: atmel - Fix selection of CRYPTO_AUTHENC
ANDROID: GKI: update abi symbol lists now that CONFIG_DWC3 is enabled.
ANDROID: GKI: Enable CONFIG_USB_DWC3
ANDROID: ABI: add the symbols of dwc3.ko and sprd-dma.ko to unisoc
ANDROID: ABI: Update the ABI whitelist for QCOM
ANDROID: GKI: Update CF abi list for virtio-console
UPSTREAM: lkdtm/heap: Avoid edge and middle of slabs
UPSTREAM: lkdtm: Avoid more compiler optimizations for bad writes
ANDROID: GKI: Update ABI after RPMH config change
ANDROID: GKI: Adjust symbol lists after RPMH removed from gki_defconfig
ANDROID: db845c_gki.fragment: Add QCOM_RPMH and QCOM_RPMHPD as modules
ANDROID: gki_defconfig: Remove QCOM_RPMH from the gki_defconfig
ANDROID: Kconfig.gki: Remove GKI_QCOM_CLKS_CONFIGS and QCOM_RPMHPD from GKI_HACKS config option
FROMLIST: soc: qcom: rpmh: Allow RPMH driver to be loaded as a module
UPSTREAM: soc: qcom: rpmhpd: Allow RPMHPD driver to be loaded as a module
ANDROID: GKI: Export memblock_free to drivers
ANDROID: GKI: do not export symbol_get/put()
ANDROID: add xfs back to allmodconfig build tests
FROMLIST: rpmsg: core: Add signal API support
ANDROID: GKI: Fix x86 warning on DMA_VIRTUAL_CHANNELS
ANDROID: GKI: Update ABI and export list for qcom
Revert "ANDROID: net: enable wireless core features with GKI_LEGACY_WEXT_ALLCONFIG"
Revert "ALSA: compress: fix partial_drain completion state"
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/mailbox/xlnx,zynqmp-ipi-mailbox.txt
Documentation/devicetree/bindings/usb/dwc3.txt
android/abi_gki_aarch64_qcom
drivers/soc/qcom/Kconfig
drivers/soc/qcom/socinfo.c
drivers/usb/host/xhci-plat.c
kernel/sched/core.c
Change-Id: If4d45d5447eb2b1b86326bae8c3844fe565a0b42
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
171202d5b0 |
This is the 5.4.53 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8X674ACgkQONu9yGCS
aT5F9g/+PdG5XSPhoGEhO2FW43cQKuGp5vWJ3IhVFyEXFdboWIa5laWNBh1ZC/Kg
Ua0vxBGGJDTGZNTJAQd6Re1RfAbptEstrNlwC3BaxUQn5Qn4YQMCNbAeFEj7D2nw
Tez3r3gjpGc9uo0EqfeJStqhFZfh+D3apHz1/RFZ/12T5d4dIEtCXDUAP89zib0w
lHBOH37Mc0WqXSUPLdabIbemlbZv4prYn7gnzIeoxl3h+TKzdjM4pGjrjzKJwy2D
9XDB3Dw9BA225uoextJl3GCOm7IF+TGaR10YxuHCtxJAkdPSt2BUUAFC0XrV7KPw
fGMy8/a8EZj5PoNNjKHzDD2IJf9PhLZgcn7AjOW6x9XXu7lJls4Wx4/k5TpIO1I1
paO8kGex8jk751X4U1Bu8LowLPjiL3fKp0lSeysSw9IIzTBW1DlhSR9Mf/CEihib
xbS6k8/uF9HGtYJKIW4o/iL/3D0MGKTuOX18tlhnZ92Hp5WcAEZKrUKgYTY/exvF
WDYDRSFv17tw6XT7Jfey3veP1z+3kVMZ3KD0CnpJ7poS/f8H730yyEgIDO0dRO3I
Rd1r/uCmgr0GkeNDp46eoTYCgvhCQruxWul0/6/pw4VdzIBSRlPjsZBR+2Frnmuw
dRim972ocnvVzxKe1N2fD+whfjok85h30Xg7uvFgZGEZ7/wOUL8=
=mqst
-----END PGP SIGNATURE-----
Merge 5.4.53 into android11-5.4
Changes in 5.4.53
crypto: atmel - Fix selection of CRYPTO_AUTHENC
crypto: atmel - Fix build error of CRYPTO_AUTHENC
net: atlantic: fix ip dst and ipv6 address filters
net: rmnet: fix lower interface leak
bridge: mcast: Fix MLD2 Report IPv6 payload length check
genetlink: remove genl_bind
ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
ipv6: fib6_select_path can not use out path for nexthop objects
ipv6: Fix use of anycast address with loopback
l2tp: remove skb_dst_set() from l2tp_xmit_skb()
llc: make sure applications use ARPHRD_ETHER
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
net: dsa: microchip: set the correct number of ports
net_sched: fix a memory leak in atm_tc_init()
net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
sched: consistently handle layer3 header accesses in the presence of VLANs
tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
tcp: make sure listeners don't initialize congestion-control state
tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key()
tcp: md5: do not send silly options in SYNCOOKIES
vlan: consolidate VLAN parsing code and limit max parsing depth
tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
tcp: md5: allow changing MD5 keys in all socket states
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
cgroup: Fix sock_cgroup_data on big-endian.
ip: Fix SO_MARK in RST, ACK and ICMP packets
arm64: Introduce a way to disable the 32bit vdso
arm64: arch_timer: Allow an workaround descriptor to disable compat vdso
arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040
drm/msm: fix potential memleak in error branch
drm/msm/dpu: allow initialization of encoder locks during encoder init
drm/exynos: Properly propagate return value in drm_iommu_attach_device()
drm/exynos: fix ref count leak in mic_pre_enable
x86/fpu: Reset MXCSR to default in kernel_fpu_begin()
thermal/drivers: imx: Fix missing of_node_put() at probe time
blk-mq-debugfs: update blk_queue_flag_name[] accordingly for new flags
m68k: nommu: register start of the memory with memblock
m68k: mm: fix node memblock init
dt-bindings: mailbox: zynqmp_ipi: fix unit address
cifs: prevent truncation from long to int in wait_for_free_credits
arm64/alternatives: use subsections for replacement sequences
tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
gfs2: read-only mounts should grab the sd_freeze_gl glock
i2c: eg20t: Load module automatically if ID matches
arm64/alternatives: don't patch up internal branches
iio:magnetometer:ak8974: Fix alignment and data leak issues
iio:humidity:hdc100x Fix alignment and data leak issues
iio: magnetometer: ak8974: Fix runtime PM imbalance on error
iio: core: add missing IIO_MOD_H2/ETHANOL string identifiers
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
iio: pressure: zpa2326: handle pm_runtime_get_sync failure
iio:humidity:hts221 Fix alignment and data leak issues
iio:pressure:ms5611 Fix buffer element alignment
iio:health:afe4403 Fix timestamp alignment and prevent data leak.
spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
net: dsa: bcm_sf2: Fix node reference count
of: of_mdio: Correct loop scanning logic
net: macb: call pm_runtime_put_sync on failure path
net: ethernet: mvneta: Do not error out in non serdes modes
net: ethernet: mvneta: Add back interface mode validation
Revert "usb/ohci-platform: Fix a warning when hibernating"
Revert "usb/ehci-platform: Set PM runtime as active on resume"
Revert "usb/xhci-plat: Set PM runtime as active on resume"
net: sfp: add support for module quirks
net: sfp: add some quirks for GPON modules
ARM: OMAP4+: remove pdata quirks for omap4+ iommus
ARM: OMAP2+: Add workaround for DRA7 DSP MStandby errata i879
ARM: OMAP2+: use separate IOMMU pdata to fix DRA7 IPU1 boot
mmc: mmci: Support any block sizes for ux500v2 and qcom variant
HID: quirks: Remove ITE 8595 entry from hid_have_special_driver
ARM: at91: pm: add quirk for sam9x60's ulp1
drm/sun4i: tcon: Separate quirks for tcon0 and tcon1 on A20
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled
bus: ti-sysc: Rename clk related quirks to pre_reset and post_reset quirks
bus: ti-sysc: Consider non-existing registers too when matching quirks
bus: ti-sysc: Handle module unlock quirk needed for some RTC
bus: ti-sysc: Detect display subsystem related devices
arm64: dts: g12-common: add parkmode_disable_ss_quirk on DWC3 controller
bus: ti-sysc: Detect EDMA and set quirk flags for tptc
ALSA: usb-audio: Add support for MOTU MicroBook IIc
Input: goodix - fix touch coordinates on Cube I15-TC
ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8)
doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode
mmc: sdhci: do not enable card detect interrupt for gpio cd type
ALSA: usb-audio: Rewrite registration quirk handling
ACPI: video: Use native backlight on Acer Aspire 5783z
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S
ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2
Input: mms114 - add extra compatible for mms345l
ACPI: video: Use native backlight on Acer TravelMate 5735Z
bus: ti-sysc: Use optional clocks on for enable and wait for softreset bit
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S
iio:health:afe4404 Fix timestamp alignment and prevent data leak.
soundwire: intel: fix memory leak with devm_kasprintf
dmaengine: sh: usb-dmac: set tx_result parameters
phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked
arm64: dts: meson: add missing gxl rng clock
arm64: dts: meson-gxl-s805x: reduce initial Mali450 core frequency
bus: ti-sysc: Fix wakeirq sleeping function called from invalid context
bus: ti-sysc: Fix sleeping function called from invalid context for RTC quirk
bus: ti-sysc: Do not disable on suspend for no-idle
iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()'
dmaengine: dw: Initialize channel before each transfer
dmaengine: dmatest: stop completed threads when running without set channel
spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
usb: gadget: udc: atmel: fix uninitialized read in debug printk
staging: comedi: verify array index is correct before using it
clk: mvebu: ARMADA_AP_CPU_CLK needs to select ARMADA_AP_CP_HELPER
clk: AST2600: Add mux for EMMC clock
NFS: Fix interrupted slots by sending a solo SEQUENCE operation
fuse: don't ignore errors from fuse_writepages_fill()
ARM: dts: Fix dcan driver probe failed on am437x platform
Revert "thermal: mediatek: fix register index error"
xprtrdma: fix incorrect header size calculations
ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
arm64: dts: spcfpga: Align GIC, NAND and UART nodenames with dtschema
keys: asymmetric: fix error return code in software_key_query()
regmap: debugfs: Don't sleep while atomic for fast_io regmaps
copy_xstate_to_kernel: Fix typo which caused GDB regression
arm: dts: mt7623: add phy-mode property for gmac2
soc: qcom: socinfo: add missing soc_id sysfs entry
apparmor: ensure that dfa state tables have entries
habanalabs: Align protection bits configuration of all TPCs
PCI/PM: Call .bridge_d3() hook only if non-NULL
perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode
soc: qcom: rpmh: Update dirty flag only when data changes
soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data
soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS
soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request
RDMA/mlx5: Verify that QP is created with RQ or SQ
mtd: rawnand: marvell: Fix the condition on a return code
mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered
mtd: rawnand: marvell: Fix probe error path
mtd: rawnand: timings: Fix default tR_max and tCCS_min timings
mtd: rawnand: brcmnand: correctly verify erased pages
mtd: rawnand: brcmnand: fix CS0 layout
mtd: rawnand: oxnas: Keep track of registered devices
mtd: rawnand: oxnas: Unregister all devices on error
mtd: rawnand: oxnas: Release all devices in the _remove() path
clk: qcom: gcc: Add GPU and NPU clocks for SM8150
clk: qcom: gcc: Add missing UFS clocks for SM8150
slimbus: core: Fix mismatch in of_node_get/put
HID: logitech-hidpp: avoid repeated "multiplier = " log messages
HID: magicmouse: do not set up autorepeat
HID: quirks: Always poll Obins Anne Pro 2 keyboard
HID: quirks: Ignore Simply Automated UPB PIM
ALSA: line6: Perform sanity check for each URB creation
ALSA: line6: Sync the pending work cancel at disconnection
ALSA: usb-audio: Fix race against the error recovery URB submission
ALSA: hda/realtek - change to suitable link model for ASUS platform
ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289
ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
ALSA: hda/realtek - Enable Speaker for ASUS UX563
USB: c67x00: fix use after free in c67x00_giveback_urb
usb: dwc2: Fix shutdown callback in platform
usb: chipidea: core: add wakeup support for extcon
usb: gadget: function: fix missing spinlock in f_uac1_legacy
USB: serial: iuu_phoenix: fix memory corruption
USB: serial: cypress_m8: enable Simply Automated UPB PIM
USB: serial: ch341: add new Product ID for CH340
USB: serial: option: add GosunCn GM500 series
USB: serial: option: add Quectel EG95 LTE modem
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
virt: vbox: Fix guest capabilities mask check
Revert "tty: xilinx_uartps: Fix missing id assignment to the console"
virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial
serial: mxs-auart: add missed iounmap() in probe failure and remove
ovl: fix regression with re-formatted lower squashfs
ovl: inode reference leak in ovl_is_inuse true case.
ovl: relax WARN_ON() when decoding lower directory file handle
ovl: fix unneeded call to ovl_change_flags()
fuse: ignore 'data' argument of mount(..., MS_REMOUNT)
fuse: use ->reconfigure() instead of ->remount_fs()
fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS
Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"
mei: bus: don't clean driver pointer
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
Input: elan_i2c - add more hardware ID for Lenovo laptops
uio_pdrv_genirq: Remove warning when irq is not specified
uio_pdrv_genirq: fix use without device tree and no interrupt
scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
timer: Prevent base->clk from moving backward
timer: Fix wheel index calculation on last level
riscv: use 16KB kernel stack on 64-bit
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey
powerpc/pseries/svm: Fix incorrect check for shared_lppaca_size
intel_th: pci: Add Jasper Lake CPU support
intel_th: pci: Add Tiger Lake PCH-H support
intel_th: pci: Add Emmitsburg PCH support
intel_th: Fix a NULL dereference when hub driver is not loaded
dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler
dmaengine: fsl-edma-common: correct DSIZE_32BYTE
misc: atmel-ssc: lock with mutex instead of spinlock
thermal: int3403_thermal: Downgrade error message
thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power
arm64: ptrace: Override SPSR.SS when single-stepping is enabled
arm64: ptrace: Consistently use pseudo-singlestep exceptions
arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
sched: Fix unreliable rseq cpu_id for new tasks
sched/fair: handle case of task_h_load() returning 0
genirq/affinity: Handle affinity setting on inactive interrupts correctly
drm/amdgpu/sdma5: fix wptr overwritten in ->get_wptr()
drm/i915/gt: Ignore irq enabling on the virtual engines
block: fix splitting segments on boundary masks
block: fix get_max_segment_size() overflow on 32bit arch
libceph: don't omit recovery_deletes in target_copy()
rxrpc: Fix trace string
spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
ionic: export features for vlans to use
iommu/vt-d: Make Intel SVM code 64-bit only
drm/i915/gvt: Fix two CFL MMIO handling caused by regression.
gpio: pca953x: disable regmap locking for automatic address incrementing
Linux 5.4.53
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2347f0f12d1e95a90cff2f3999940e1f82231df2
|
||
John Johansen
|
d79e57db45 |
apparmor: ensure that dfa state tables have entries
commit c27c6bd2c4d6b6bb779f9b722d5607993e1d5e5c upstream.
Currently it is possible to specify a state machine table with 0 length,
this is not valid as optional tables are specified by not defining
the table as present. Further this allows by-passing the base tables
range check against the next/check tables.
Fixes:
|
||
|
Blagovest Kolenichev
|
c8f071d27c |
Merge android-5.4-stable.50 (a200ad5) into msm-5.4
* refs/heads/tmp-a200ad5:
Revert "usb: dwc3: gadget: Properly handle ClearFeature(halt)"
Revert "ANDROID: kbuild: merge more sections with LTO"
Revert "FROMLIST: f2fs: fix use-after-free when accessing bio->bi_crypt_context"
Linux 5.4.50
Revert "tty: hvc: Fix data abort due to race in hvc_open"
xfs: add agf freeblocks verify in xfs_agf_verify
dm writecache: add cond_resched to loop in persistent_memory_claim()
dm writecache: correct uncommitted_block when discarding uncommitted entry
xprtrdma: Fix handling of RDMA_ERROR replies
NFSv4 fix CLOSE not waiting for direct IO compeletion
pNFS/flexfiles: Fix list corruption if the mirror count changes
SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment()
sunrpc: fixed rollback in rpc_gssd_dummy_populate()
Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate()
drm/amdgpu: add fw release for sdma v5_0
drm/radeon: fix fb_div check in ni_init_smc_spll_table()
drm: rcar-du: Fix build error
drm/amd: fix potential memleak in err branch
ring-buffer: Zero out time extend if it is nested and not absolute
tracing: Fix event trigger to accept redundant spaces
arm64: dts: imx8mn-ddr4-evk: correct ldo1/ldo2 voltage range
arm64: dts: imx8mm-evk: correct ldo1/ldo2 voltage range
arm64: perf: Report the PC value in REGS_ABI_32 mode
mm/memcontrol.c: add missed css_put()
ocfs2: fix panic on nfs server over ocfs2
ocfs2: fix value of OCFS2_INVALID_SLOT
ocfs2: load global_inode_alloc
ocfs2: avoid inode removal while nfsd is accessing it
mm/slab: use memzero_explicit() in kzfree()
btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof
btrfs: check if a log root exists before locking the log_mutex on unlink
btrfs: fix data block group relocation failure due to concurrent scrub
btrfs: fix bytes_may_use underflow when running balance and scrub in parallel
x86/asm/64: Align start of __clear_user() loop to 16-bytes
x86/cpu: Use pinning mask for CR4 bits needing to be 0
KVM: VMX: Stop context switching MSR_IA32_UMWAIT_CONTROL
KVM: nVMX: Plumb L2 GPA through to PML emulation
KVM: X86: Fix MSR range of APIC registers in X2APIC mode
erofs: fix partially uninitialized misuse in z_erofs_onlinepage_fixup
ACPI: configfs: Disallow loading ACPI tables when locked down
ACPI: sysfs: Fix pm_profile_attr type
ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems
ALSA: hda/realtek - Add quirk for MSI GE63 laptop
ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table
RISC-V: Don't allow write+exec only page mapping request in mmap
block: update hctx map when use multiple maps
blktrace: break out of blktrace setup on concurrent calls
kprobes: Suppress the suspicious RCU warning on kprobes
recordmcount: support >64k sections
kbuild: improve cc-option to clean up all temporary files
arm64: sve: Fix build failure when ARM64_SVE=y and SYSCTL=n
s390/vdso: fix vDSO clock_getres()
s390/vdso: Use $(LD) instead of $(CC) to link vDSO
s390/ptrace: fix setting syscall number
s390/ptrace: pass invalid syscall numbers to tracing
pinctrl: tegra: Use noirq suspend/resume callbacks
pinctrl: qcom: spmi-gpio: fix warning about irq chip reusage
test_objagg: Fix potential memory leak in error handling
net: alx: fix race condition in alx_remove
ibmvnic: Harden device login requests
hwrng: ks-sa - Fix runtime PM imbalance on error
riscv/atomic: Fix sign extension for RV64I
drm/amd/display: Use kfree() to free rgb_user in calculate_user_regamma_ramp()
ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function
sata_rcar: handle pm_runtime_get_sync failure cases
sched/core: Fix PI boosting between RT and DEADLINE tasks
sched/deadline: Initialize ->dl_boosted
afs: Fix storage of cell names
i2c: core: check returned size of emulated smbus block read
i2c: fsi: Fix the port number field in status register
clk: sifive: allocate sufficient memory for struct __prci_data
net: bcmgenet: use hardware padding of runt frames
netfilter: ipset: fix unaligned atomic access
nvme: don't protect ns mutation with ns->head->lock
usb: renesas_usbhs: getting residue from callback_result
usb: gadget: udc: Potential Oops in error handling code
scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset()
ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
cxgb4: move handling L2T ARP failures to caller
net: qede: fix use-after-free on recovery and AER handling
net: qede: fix PTP initialization on recovery
net: qed: fix excessive QM ILT lines consumption
net: qed: fix NVMe login fails over VFs
net: qede: stop adding events on an already destroyed workqueue
net: qed: fix async event callbacks unregistering
net: qed: fix left elements count calculation
iommu/vt-d: Update scalable mode paging structure coherency
iommu/vt-d: Enable PCI ACS for platform opt in hint
selftests/net: report etf errors correctly
RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads()
s390/qeth: fix error handling for isolation mode cmds
ASoC: rockchip: Fix a reference count leak.
RDMA/cma: Protect bind_list and listen_list while finding matching cm id
RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532
RDMA/rvt: Fix potential memory leak caused by rvt_alloc_rq
rxrpc: Fix handling of rwind from an ACK packet
ARM: dts: NSP: Correct FA2 mailbox node
bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE
devmap: Use bpf_map_area_alloc() for allocating hash buckets
regmap: Fix memory leak from regmap_register_patch
x86/resctrl: Fix a NULL vs IS_ERR() static checker warning in rdt_cdp_peer_get()
ARM: dts: Fix duovero smsc interrupt for suspend
ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect
bpf, xdp, samples: Fix null pointer dereference in *_user code
samples/bpf: xdp_redirect_cpu: Set MAX_CPUS according to NR_CPUS
ASoC: fsl_ssi: Fix bclk calculation for mono channel
RDMA/siw: Fix pointer-to-int-cast warning in siw_rx_pbl()
regualtor: pfuze100: correct sw1a/sw2 on pfuze3000
ASoC: qcom: common: set correct directions for dailinks
ASoc: q6afe: add support to get port direction
efi/esrt: Fix reference count leak in esre_create_sysfs_entry.
efi/tpm: Verify event log header before parsing
ASoC: q6asm: handle EOS correctly
xfrm: Fix double ESP trailer insertion in IPsec crypto offload.
ARM: OMAP2+: Fix legacy mode dss_reset
bus: ti-sysc: Ignore clockactivity unless specified as a quirk
bus: ti-sysc: Flush posted write on enable and disable
IB/hfi1: Fix module use count flaw due to leftover module put calls
IB/mad: Fix use after free when destroying MAD agent
loop: replace kill_bdev with invalidate_bdev
cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip
xhci: Return if xHCI doesn't support LPM
xhci: Fix enumeration issue when setting max packet size for FS devices.
xhci: Fix incorrect EP_STATE_MASK
cifs/smb3: Fix data inconsistent when zero file range
cifs/smb3: Fix data inconsistent when punch hole
cifs: Fix cached_fid refcnt leak in open_shroot
scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action
scsi: qla2xxx: Keep initiator ports after RSCN
usb: cdns3: ep0: add spinlock for cdns3_check_new_setup
usb: cdns3: ep0: fix the test mode set incorrectly
usb: cdns3: trace: using correct dir value
ALSA: usb-audio: Fix OOB access of mixer element list
ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG)
ALSA: usb-audio: add quirk for Denon DCD-1500RE
ALSA: usb-audio: Add implicit feedback quirk for SSL2+.
usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs
usb: host: ehci-exynos: Fix error check in exynos_ehci_probe()
xhci: Poll for U0 after disabling USB2 LPM
usb: host: xhci-mtk: avoid runtime suspend when removing hcd
USB: ehci: reopen solution for Synopsys HC bug
usb: add USB_QUIRK_DELAY_INIT for Logitech C922
usb: dwc2: Postponed gadget registration to the udc class driver
USB: ohci-sm501: Add missed iounmap() in remove
binder: fix null deref of proc->context
ALSA: usb-audio: Fix potential use-after-free of streams
fix a braino in "sparc32: fix register window handling in genregs32_[gs]et()"
net: sched: export __netdev_watchdog_up()
btrfs: fix a block group ref counter leak after failure to remove block group
Revert "i2c: tegra: Fix suspending in active runtime PM state"
tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT
sch_cake: fix a few style nits
sch_cake: don't call diffserv parsing code when it is not needed
sch_cake: don't try to reallocate or unshare skb unconditionally
ip_tunnel: fix use-after-free in ip_tunnel_lookup()
net: phy: Check harder for errors in get_phy_id()
ip6_gre: fix use-after-free in ip6gre_tunnel_lookup()
tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes
tcp: grow window for OOO packets only for SACK flows
tcp: don't ignore ECN CWR on pure ACK
sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket
rxrpc: Fix notification call on completion of discarded calls
rocker: fix incorrect error handling in dma_rings_init
openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len
net: usb: ax88179_178a: fix packet alignment padding
net: increment xmit_recursion level in dev_direct_xmit()
net: Fix the arp error in some cases
net: fix memleak in register_netdevice()
net: Do not clear the sock TX queue in sk_set_socket()
net: core: reduce recursion limit value
net: bridge: enfore alignment for ethernet address
mvpp2: ethtool rxtx stats fix
mld: fix memory leak in ipv6_mc_destroy_dev()
ibmveth: Fix max MTU limit
geneve: allow changing DF behavior after creation
enetc: Fix tx rings bitmap iteration range, irq handling
block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed
ANDROID: GKI: revert part of the ufshcd_* export removals
ANDROID: GKI: update ABI definitions based on recent wifi backports
BACKPORT: cfg80211: Configure PMK lifetime and reauth threshold for PMKSA entries
BACKPORT: nl80211: add no pre-auth attribute and ext. feature flag for ctrl. port
BACKPORT: nl80211: modify TID-config API
BACKPORT: nl80211: Add NL command to support TID speicific configurations
BACKPORT: cfg80211: Support key configuration for Beacon protection (BIGTK)
BACKPORT: cfg80211: More error messages for key addition failures
BACKPORT: cfg80211: Enhance the AKM advertizement to support per interface.
BACKPORT: nl80211: add handling for BSS color
BACKPORT: cfg80211: VLAN offload support for set_key and set_sta_vlan
Revert "ANDROID: fscrypt: add key removal notifier chain"
UPSTREAM: scsi: ufs: Fix imprecise load calculation in devfreq window
UPSTREAM: scsi: ufs: Add trace event for UIC commands
UPSTREAM: scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices
UPSTREAM: scsi: ufs-mediatek: Allow unbound mphy
UPSTREAM: scsi: ufs-mediatek: Fix unbalanced clock on/off
UPSTREAM: scsi: ufs-mediatek: Introduce low-power mode for device power supply
UPSTREAM: scsi: ufs-mediatek: Do not gate clocks if auto-hibern8 is not entered yet
UPSTREAM: scsi: ufs-mediatek: Fix imprecise waiting time for ref-clk control
BACKPORT: scsi: ufs: Disable WriteBooster capability in non-supported UFS device
BACKPORT: scsi: ufs: Fix WriteBooster flush during runtime suspend
BACKPORT: scsi: ufs: Fix index of attributes query for WriteBooster feature
BACKPORT: scsi: ufs: Allow WriteBooster on UFS 2.2 devices
UPSTREAM: scsi: ufs-mediatek: Customize WriteBooster flush policy
UPSTREAM: scsi: ufs: Customize flush threshold for WriteBooster
BACKPORT: scsi: ufs: Introduce ufs_hba_variant_params to group customizable parameters
UPSTREAM: scsi: ufs-mediatek: Make ufs_mtk_fixup_dev_quirks static
UPSTREAM: scsi: ufs: Cleanup WriteBooster feature
UPSTREAM: scsi: ufs-mediatek: Enable WriteBooster capability
BACKPORT: scsi: ufs: Add LU Dedicated buffer mode support for WriteBooster
BACKPORT: scsi: ufs: Add "index" in parameter list of ufshcd_query_flag()
UPSTREAM: scsi: ufs-mediatek: Add fixup_dev_quirks vops
UPSTREAM: scsi: ufs: Export ufs_fixup_device_setup() function
BACKPORT: scsi: ufs: Introduce fixup_dev_quirks vops
UPSTREAM: scsi: ufs-mediatek: add error recovery for suspend and resume
UPSTREAM: scsi: ufs: export ufshcd_link_recovery
UPSTREAM: scsi: ufs-mediatek: customize the delay for enabling host
UPSTREAM: scsi: ufs: make HCE polling more compact to improve initialization latency
BACKPORT: scsi: ufs: allow custom delay prior to host enabling
UPSTREAM: scsi: ufs-mediatek: use common delay function
UPSTREAM: scsi: ufs: introduce common and flexible delay function
UPSTREAM: scsi: ufs: fix uninitialized tx_lanes in ufshcd_disable_tx_lcc()
UPSTREAM: scsi: ufs-mediatek: fix HOST_PA_TACTIVATE quirk for Samsung UFS Devices
BACKPORT: scsi: ufs: Add max_lu_supported in struct ufs_dev_info
ANDROID: GKI: remove ufshcd_* exports from whitelists
ANDROID: GKI: enable CONFIG_SCSI_UFS_DWC_TC_PLATFORM
ANDROID: GKI: enable QCOM and HISI UFS drivers
ANDROID: GKI: enable UFS for x86 gki builds and SCSI_UFSHCD_PCI
UPSTREAM: amba: Retry adding deferred devices at late_initcall
ANDROID: GKI: Enable INTERVAL_TREE
FROMGIT: binder: fix null deref of proc->context
ANDROID: Makefile: append BUILD_NUMBER to version string when defined
ANDROID: GKI: update the abi definitions due to 5.4.49 and padding
ANDROID: GKI: USB: Gadget: add Android ABI padding to struct usb_gadget
ANDROID: GKI: sound/usb/card.h: add Android ABI padding to struct snd_usb_endpoint
ANDROID: ext4: Optimize match for casefolded encrypted dirs
ANDROID: ext4: Handle casefolding with encryption
Linux 5.4.49
net: core: device_rename: Use rwsem instead of a seqcount
sched/rt, net: Use CONFIG_PREEMPTION.patch
pwm: jz4740: Enhance precision in calculation of duty cycle
net: octeon: mgmt: Repair filling of RX ring
e1000e: Do not wake up the system via WOL if device wakeup is disabled
kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex
tracing/probe: Fix memleak in fetch_op_data operations
crypto: algboss - don't wait during notifier callback
crypto: algif_skcipher - Cap recv SG list at ctx->used
Revert "drm/amd/display: disable dcn20 abm feature for bring up"
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
drm/amd/display: Use kvfree() to free coeff in build_regamma()
drm/connector: notify userspace on hotplug after register complete
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser
drm/i915/gem: Avoid iterating an empty list
drm/msm: Check for powered down HW in the devfreq callbacks
drm/i915: Fix AUX power domain toggling across TypeC mode resets
s390: fix syscall_get_error for compat processes
f2fs: avoid utf8_strncasecmp() with unstable name
f2fs: split f2fs_d_compare() from f2fs_match_name()
net/mlx5: DR, Fix freeing in dr_create_rc_qp()
block: nr_sects_write(): Disable preemption on seqcount write
x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld
drm/amd/display: Use swap() where appropriate
drm/dp_mst: Increase ACT retry timeout to 3s
ext4: avoid race conditions when remounting with options that change dax
jbd2: clean __jbd2_journal_abort_hard() and __journal_abort_soft()
selinux: fix double free
drm/amdgpu: Replace invalid device ID with a valid device ID
drm/qxl: Use correct notify port address when creating cursor ring
drm/dp_mst: Reformat drm_dp_check_act_status() a bit
ext4: avoid utf8_strncasecmp() with unstable name
ext4: fix partial cluster initialization when splitting extent
drm: encoder_slave: fix refcouting error for modules
libata: Use per port sync for detach
arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
mvpp2: remove module bugfix
block: Fix use-after-free in blkdev_get()
scsi: ufs-bsg: Fix runtime PM imbalance on error
bnxt_en: Return from timer if interface is not in open state.
afs: Fix the mapping of the UAEOVERFLOW abort code
afs: Set error flag rather than return error from file status decode
afs: Always include dir in bulk status fetch from afs_do_lookup()
afs: Fix EOF corruption
afs: afs_write_end() should change i_size under the right lock
afs: Fix non-setting of mtime when writing into mmap
powerpc: Fix kernel crash in show_instructions() w/DEBUG_VIRTUAL
bcache: fix potential deadlock problem in btree_gc_coalesce
ext4: stop overwrite the errcode in ext4_setup_super
perf stat: Fix NULL pointer dereference
perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events()
usb/ehci-platform: Set PM runtime as active on resume
usb: host: ehci-platform: add a quirk to avoid stuck
usb/xhci-plat: Set PM runtime as active on resume
bpf: Fix memlock accounting for sock_hash
iavf: fix speed reporting over virtchnl
xdp: Fix xsk_generic_xmit errno
nfs: set invalid blocks after NFSv4 writes
nvme-pci: use simple suspend when a HMB is enabled
net/filter: Permit reading NET in load_bytes_relative when MAC not set
x86/idt: Keep spurious entries unset in system_vectors
scsi: acornscsi: Fix an error handling path in acornscsi_probe()
libbpf: Handle GCC noreturn-turned-volatile quirk
drm/sun4i: hdmi ddc clk: Fix size of m divider
tracing/probe: Fix bpf_task_fd_query() for kprobes and uprobes
bpf, sockhash: Synchronize delete from bucket list on map free
bpf/sockmap: Fix kernel panic at __tcp_bpf_recvmsg
ASoC: rt5645: Add platform-data for Asus T101HA
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet
ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags
ASoC: core: only convert non DPCM link to DPCM link
afs: Fix memory leak in afs_put_sysnames()
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
selftests/net: in timestamping, strncpy needs to preserve null byte
drivers/perf: hisi: Fix wrong value for all counters enable
i2c: icy: Fix build with CONFIG_AMIGA_PCMCIA=n
NTB: ntb_test: Fix bug when counting remote files
NTB: perf: Fix race condition when run with ntb_test
NTB: perf: Fix support for hardware that doesn't have port numbers
NTB: perf: Don't require one more memory window than number of peers
NTB: Revert the change to use the NTB device dev for DMA allocations
NTB: ntb_tool: reading the link file should not end in a NULL byte
ntb_tool: pass correct struct device to dma_alloc_coherent
ntb_perf: pass correct struct device to dma_alloc_coherent
net: marvell: Fix OF_MDIO config check
gfs2: fix use-after-free on transaction ail lists
blktrace: fix endianness for blk_log_remap()
blktrace: fix endianness in get_pdu_int()
blktrace: use errno instead of bi_status
selftests/vm/pkeys: fix alloc_random_pkey() to make it really random
include/linux/bitops.h: avoid clang shift-count-overflow warnings
lib/zlib: remove outdated and incorrect pre-increment optimization
geneve: change from tx_error to tx_dropped on missing metadata
crypto: omap-sham - add proper load balancing support for multicore
drm/amd/display: Revalidate bandwidth before commiting DC updates
nfsd: safer handling of corrupted c_type
pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()'
pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
scsi: ufs: Don't update urgent bkops level when toggling auto bkops
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
gfs2: Allow lock_nolock mount to specify jid=X
nfsd4: make drc_slab global, not per-net
ceph: don't return -ESTALE if there's still an open file
drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection
openrisc: Fix issue with argument clobbering for clone/fork
rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID
mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe()
rtc: rv3028: Add missed check for devm_regmap_init_i2c()
vfio/mdev: Fix reference count leak in add_mdev_supported_type
ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
powerpc/4xx: Don't unmap NULL mbase
input: i8042 - Remove special PowerPC handling
of: Fix a refcounting bug in __of_attach_node_sysfs()
NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION
net: sunrpc: Fix off-by-one issues in 'rpc_ntop6'
/dev/mem: Revoke mappings when a driver claims the region
misc: xilinx-sdfec: improve get_user_pages_fast() error handling
clk: ast2600: Fix AHB clock divider for A1
clk: sprd: return correct type of value for _sprd_pll_recalc_rate
KVM: PPC: Book3S: Fix some RCU-list locks
KVM: PPC: Book3S HV: Ignore kmemleak false positives
scsi: ufs-qcom: Fix scheduling while atomic issue
clk: bcm2835: Fix return type of bcm2835_register_gate
scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd()
ASoC: fix incomplete error-handling in img_i2s_in_probe.
powerpc/32s: Don't warn when mapping RO data ROX.
mfd: stmfx: Disable IRQ in suspend to avoid spurious interrupt
mfd: stmfx: Fix stmfx_irq_init error path
mfd: stmfx: Reset chip on resume as supply was disabled
x86/apic: Make TSC deadline timer detection message visible
RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove
scripts: headers_install: Exit with error on config leak
usb: gadget: Fix issue with config_ep_by_speed function
usb: gadget: fix potential double-free in m66592_probe.
usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check
USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke
usb: dwc2: gadget: move gadget resume after the core is in L0 state
watchdog: da9062: No need to ping manually before setting timeout
IB/cma: Fix ports memory leak in cma_configfs
PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link
PCI: dwc: Fix inner MSI IRQ domain registration
PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone
powerpc/64s/pgtable: fix an undefined behaviour
arm64: tegra: Fix flag for 64-bit resources in 'ranges' property
arm64: tegra: Fix ethernet phy-mode for Jetson Xavier
fuse: copy_file_range should truncate cache
fuse: fix copy_file_range cache issues
firmware: imx: scu: Fix possible memory leak in imx_scu_probe()
scsi: target: tcmu: Userspace must not complete queued commands
RDMA/hns: Fix cmdq parameter of querying pf timer resource
RDMA/hns: Bugfix for querying qkey
clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
fpga: dfl: afu: Corrected error handling levels
tty: n_gsm: Fix bogus i++ in gsm_data_kick
USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
usb/ohci-platform: Fix a warning when hibernating
vfio-pci: Mask cap zero
powerpc/ps3: Fix kexec shutdown hang
drivers: phy: sr-usb: do not use internal fsm for USB2 phy init
powerpc/pseries/ras: Fix FWNMI_VALID off by one
powerpc/64s/exception: Fix machine check no-loss idle wakeup
ipmi: use vzalloc instead of kmalloc for user creation
habanalabs: increase timeout during reset
PCI/PM: Assume ports without DLL Link Active train links in 100 ms
HID: Add quirks for Trust Panora Graphic Tablet
ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback
tty: n_gsm: Fix waking up upper tty layer when room available
tty: n_gsm: Fix SOF skipping
powerpc/64: Don't initialise init_task->thread.regs
PCI: Fix pci_register_host_bridge() device_register() error handling
clk: ti: composite: fix memory leak
USB: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe()
dlm: remove BUG() before panic()
pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map
ASoC: ti: omap-mcbsp: Fix an error handling path in 'asoc_mcbsp_probe()'
ASoC: ux500: mop500: Fix some refcounted resources issues
SoC: rsnd: add interrupt support for SSI BUSIF buffer
scsi: mpt3sas: Fix double free warnings
scsi: target: loopback: Fix READ with data and sensebytes
arm64: dts: msm8996: Fix CSI IRQ types
ASoC: SOF: core: fix error return code in sof_probe_continue()
power: supply: smb347-charger: IRQSTAT_D is volatile
power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()'
ALSA: firewire-lib: fix invalid assignment to union data for directional parameter
scsi: qla2xxx: Fix warning after FC target reset
PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
PCI: rcar: Fix incorrect programming of OB windows
drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish
serial: amba-pl011: Make sure we initialize the port.lock spinlock
i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths
staging: sm750fb: add missing case while setting FB_VISUAL
staging: wilc1000: Increase the size of wid_list array
usb: dwc3: gadget: Properly handle failed kick_transfer
usb: dwc3: gadget: Properly handle ClearFeature(halt)
HID: intel-ish-hid: avoid bogus uninitialized-variable warning
soundwire: slave: don't init debugfs on device registration error
ASoC: max98373: reorder max98373_reset() in resume
clk: meson: meson8b: Don't rely on u-boot to init all GP_PLL registers
thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR
gpio: pca953x: fix handling of automatic address incrementing
clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits
clk: meson: meson8b: Fix the polarity of the RESET_N lines
clk: meson: meson8b: Fix the first parent of vid_pll_in_sel
slimbus: ngd: get drvdata from correct device
tty: hvc: Fix data abort due to race in hvc_open
s390/qdio: put thinint indicator after early error
ALSA: usb-audio: Fix racy list management in output queue
ALSA: usb-audio: Improve frames size computation
staging: gasket: Fix mapping refcnt leak when register/store fails
staging: gasket: Fix mapping refcnt leak when put attribute fails
firmware: qcom_scm: fix bogous abuse of dma-direct internals
arm64: dts: qcom: fix pm8150 gpio interrupts
virtiofs: schedule blocking async replies in separate worker
pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries
scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing
gpio: dwapb: Append MODULE_ALIAS for platform driver
RDMA/mlx5: Fix udata response upon SRQ creation
ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity
arm64: dts: qcom: msm8916: remove unit name for thermal trip points
scsi: qedi: Do not flush offload work if ARP not resolved
arm64: dts: mt8173: fix unit name warnings
staging: greybus: fix a missing-check bug in gb_lights_light_config()
x86/purgatory: Disable various profiling and sanitizing options
apparmor: fix nnp subset test for unconfined
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
scsi: sr: Fix sr_probe() missing deallocate of device minor
bpf, sockhash: Fix memory leak when unlinking sockets in sock_hash_free
ASoC: meson: add missing free_irq() in error path
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
apparmor: check/put label on apparmor_sk_clone_security()
net: dsa: lantiq_gswip: fix and improve the unsupported interface error
apparmor: fix introspection of of task mode for unconfined tasks
mksysmap: Fix the mismatch of '.L' symbols in System.map
NTB: Fix the default port and peer numbers for legacy drivers
NTB: ntb_pingpong: Choose doorbells based on port number
yam: fix possible memory leak in yam_init_driver
sparc32: mm: Don't try to free page-table pages if ctor() fails
pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
powerpc/crashkernel: Take "mem=" option into account
ASoC: qcom: q6asm-dai: kCFI fix
cifs: set up next DFS target before generic_ip_connect()
RDMA/core: Fix several reference count leaks.
PCI: vmd: Filter resource type bits from shadow register
nfsd: Fix svc_xprt refcnt leak when setup callback client failed
powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run
IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
clk: clk-flexgen: fix clock-critical handling
scsi: vhost: Notify TCM about the maximum sg entries supported per command
scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event
clk: zynqmp: fix memory leak in zynqmp_register_clocks
scsi: cxgb3i: Fix some leaks in init_act_open()
mfd: wm8994: Fix driver operation if loaded as modules
powerpc/ptdump: Add _PAGE_COHERENT flag
usb: gadget: core: sync interrupt before unbind the udc
gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration
m68k/PCI: Fix a memory leak in an error handling path
PCI: pci-bridge-emul: Fix PCIe bit conflicts
scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
RDMA/mlx5: Add init2init as a modify command
coresight: tmc: Fix TMC mode read in tmc_read_prepare_etb()
vfio/pci: fix memory leaks in alloc_perm_bits()
arm64: dts: fvp/juno: Fix node address fields
ps3disk: use the default segment boundary
PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register
arm64: dts: fvp: Fix GIC child nodes
ASoC: SOF: Do nothing when DSP PM callbacks are not set
clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling
pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2
arm64: dts: juno: Fix GIC child nodes
arm64: dts: armada-3720-turris-mox: fix SFP binding
arm64: dts: armada-3720-turris-mox: forbid SDR104 on SDIO for FCC purposes
dm mpath: switch paths in dm_blk_ioctl() code path
misc: fastrpc: fix potential fastrpc_invoke_ctx leak
misc: fastrpc: Fix an incomplete memory release in fastrpc_rpmsg_probe()
serial: 8250: Fix max baud limit in generic 8250 port
usblp: poison URBs upon disconnect
clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical
remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use
i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
f2fs: report delalloc reserve as non-free in statfs for project quota
iio: bmp280: fix compensation of humidity
rtc: mc13xxx: fix a double-unlock issue
powerpc/kasan: Fix stack overflow by increasing THREAD_SHIFT
Input: edt-ft5x06 - fix get_default register write access
scsi: qla2xxx: Fix issue with adapter's stopping state
PCI: Allow pci_resize_resource() for devices on root bus
ALSA: isa/wavefront: prevent out of bounds write in ioctl
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO
arm64: dts: meson: fixup SCP sram nodes
scsi: qedi: Check for buffer overflow in qedi_set_path()
scsi: core: free sgtables in case command setup fails
ARM: dts: stm32: Add missing ethernet PHY reset on AV96
ARM: integrator: Add some Kconfig selections
ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
ARM: dts: renesas: Fix IOMMU device node names
backlight: lp855x: Ensure regulators are disabled on probe failure
ASoC: fsl_esai: Disable exception interrupt before scheduling tasklet
clk: qcom: msm8916: Fix the address location of pll->config_reg
remoteproc: Fix IDR initialisation in rproc_alloc()
iio: pressure: bmp280: Tolerate IRQ before registering
ASoC: SOF: imx8: Fix randbuild error
i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
ASoC: tegra: tegra_wm8903: Support nvidia, headset property
clk: sunxi: Fix incorrect usage of round_down()
power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select
ANDROID: abi_gki_aarch64_qcom_whitelist: Add reboot_mode
ANDROID: Update kabi for db845c (following moving pinctrl to a module)
ANDROID: GKI: Remove msm_pinctrl-* symbols from the abi lists
ANDROID: db845c_gki.fragment: Add PINCTRL_MSM=m
ANDROID: GKI: Remove PINCTRL_MSM as built in driver
ANDROID: pinctrl: qcom: Allow pinctrl-msm code to be loadable as a module
ANDROID: GKI: update ABI after struct vm_fault changes
ANDROID: GKI: mm: add struct vm_fault fields for SPECULATIVE_PAGE_FAULTS
FROMLIST: f2fs: fix use-after-free when accessing bio->bi_crypt_context
ANDROID: GKI: Update ABI for incremental fs
ANDROID: GKI: Update whitelist and defconfig for incfs
ANDROID: gki_defconfig: x86: Enable KERNEL_LZ4
ANDROID: GKI: scripts: Makefile: update the lz4 command
ANDROID: Use depmod from the hermetic toolchain
ANDROID: ABI/Whitelist: update symbols of unisoc whitelist
Linux 5.4.48
perf symbols: Fix kernel maps for kcore and eBPF
perf symbols: Fix debuginfo search for Ubuntu
perf probe: Check address correctness by map instead of _etext
perf probe: Fix to check blacklist address correctly
perf probe: Do not show the skipped events
f2fs: fix checkpoint=disable:%u%%
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
mtd: rawnand: tmio: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: pasemi: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: sunxi: Fix the probe error path
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: ingenic: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: onfi: Fix redundancy detection check
mtd: rawnand: Fix nand_gpio_waitrdy()
sunrpc: clean up properly in gss_mech_unregister()
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/32: Disable KASAN with pages bigger than 16k
powerpc/kasan: Fix shadow pages allocation failure
powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END
powerpc/32s: Fix another build failure with CONFIG_PPC_KUAP_DEBUG
drivers/macintosh: Fix memleak in windfarm_pm112 driver
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
soc/tegra: pmc: Select GENERIC_PINCONF
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
kernel/cpu_pm: Fix uninitted local in cpu_pm
powerpc/fadump: Account for memory_limit while reserving memory
powerpc/fadump: consider reserved ranges while reserving memory
powerpc/fadump: use static allocation for reserved memory ranges
alpha: fix memory barriers so that they conform to the specification
dm crypt: avoid truncating the logical block size
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
sparc32: fix register window handling in genregs32_[gs]et()
gnss: sirf: fix error return code in sirf_probe()
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
power: supply: core: fix memory leak in HWMON error path
power: supply: core: fix HWMON temperature labels
power: vexpress: add suppress_bind_attrs to true
EDAC/amd64: Add AMD family 17h model 60h PCI IDs
hwmon: (k10temp) Add AMD family 17h model 60h PCI match
igb: Report speed and duplex as unknown when device is runtime suspended
clk: mediatek: assign the initial value to clk_init_data of mtk_mux
media: ov5640: fix use of destroyed mutex
b43_legacy: Fix connection problem with WPA3
b43: Fix connection problem with WPA3
b43legacy: Fix case where channel status is corrupted
Bluetooth: hci_bcm: fix freeing not-requested IRQ
serial: 8250: Avoid error message on reprobe
media: cedrus: Program output format during each run
media: go7007: fix a miss of snd_card_free
carl9170: remove P2P_GO support
e1000e: Relax condition to trigger reset for ME workaround
e1000e: Disable TSO for buffer overrun workaround
PCI: Program MPS for RCiEP devices
ima: Set again build_ima_appraise variable
ima: Remove redundant policy rule set in add_rules()
x86/amd_nb: Add AMD family 17h model 60h PCI IDs
serial: 8250_pci: Move Pericom IDs to pci_ids.h
PCI: Add Loongson vendor ID
x86/amd_nb: Add Family 19h PCI IDs
PCI: vmd: Add device id for VMD device 8086:9A0B
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
ext4: fix race between ext4_sync_parent() and rename()
ext4: fix error pointer dereference
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ima: Remove __init annotation from ima_pcrread()
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
ima: Directly assign the ima_default_policy pointer to ima_rules
ima: Evaluate error in init_ima()
ima: Switch to ima_hash_algo for boot aggregate
ima: Fix ima digest hash table key calculation
mm: call cond_resched() from deferred_init_memmap()
mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init
mm: initialize deferred pages with interrupts enabled
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
powerpc/mm: Fix conditions to perform MMU specific management by blocks on PPC32.
btrfs: fix space_info bytes_may_use underflow during space cache writeout
btrfs: fix space_info bytes_may_use underflow after nocow buffered write
btrfs: fix wrong file range cleanup after an error filling dealloc range
btrfs: fix error handling when submitting direct I/O bio
btrfs: force chunk allocation if our global rsv is larger than metadata
btrfs: send: emit file capabilities after chown
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: free alien device after device add
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE
selftests/bpf, flow_dissector: Close TAP device FD after the test
bpf: Fix running sk_skb program types with ktls
bpf: Refactor sockmap redirect code so its easy to reuse
bpf: Fix map permissions check
libbpf: Fix perf_buffer__free() API for sparse allocs
platform/x86: asus_wmi: Reserve more space for struct bias_args
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
cpuidle: Fix three reference count leaks
spi: dw: Return any value retrieved from the dma_transfer callback
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
iwlwifi: mvm: fix aux station leak
ixgbe: fix signed-integer-overflow warning
ice: fix potential double free in probe unrolling
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
bcache: fix refcount underflow in bcache_device_free()
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
PCI: Don't disable decoding when mmio_always_on is set
macvlan: Skip loopback packets in RX handler
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
btrfs: improve global reserve stealing logic
m68k: mac: Don't call via_flush_cache() on Mac IIfx
MIPS: tools: Fix resource leak in elf-entry.c
x86/mm: Stop printing BRK addresses
selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o
drm/amdgpu: Sync with VM root BO when switching VM to CPU update mode
drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven
crypto: stm32/crc32 - fix multi-instance
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
mips: Add udelay lpj numbers adjustment
mips: MAAR: Use more precise address mask
sched: Defend cfs and rt bandwidth quota against overflow
x86/boot: Correct relocation destination on old linkers
kgdboc: Use a platform device to handle tty drivers showing up late
mwifiex: Fix memory corruption in dump_station
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
veth: Adjust hard_start offset on redirect XDP frames
iocost: don't let vrate run wild while there's no saturation signal
raid5: remove gfp flags from scribble_alloc()
md: don't flush workqueue unconditionally in md_open
mt76: avoid rx reorder buffer overflow
drm/mcde: dsi: Fix return value check in mcde_dsi_bind()
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
ath10k: Remove msdu from idr when management pkt send fails
nvme-tcp: use bh_lock in data_ready
nvme-pci: align io queue count with allocted nvme_queue in nvme_probe
nvme: refine the Qemu Identify CNS quirk
iwlwifi: avoid debug max amsdu config overwriting itself
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
xfs: fix duplicate verification from xfs_qm_dqflush()
xfs: reset buffer write failure state on successful completion
kgdb: Fix spurious true from in_dbg_master()
mips: cm: Fix an invalid error code of INTVN_*_ERR
MIPS: Truncate link address into 32bit for 32bit kernel
Crypto/chcr: fix for ccm(aes) failed test
xfs: clean up the error handling in xfs_swap_extents
libertas_tf: avoid a null dereference in pointer priv
powerpc/spufs: fix copy_to_user while atomic
net: allwinner: Fix use correct return type for ndo_start_xmit()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
drivers: net: davinci_mdio: fix potential NULL dereference in davinci_mdio_probe()
selinux: fix error return code in policydb_read()
net: lpc-enet: fix error return code in lpc_mii_init()
iocost_monitor: drop string wrap around numbers when outputting json
drivers/perf: hisi: Fix typo in events attribute array
sched/core: Fix illegal RCU from offline CPUs
exit: Move preemption fixup up, move blocking operations down
lib/mpi: Fix 64-bit MIPS build with Clang
net: bcmgenet: Fix WoL with password after deep sleep
net: bcmgenet: set Rx mode before starting netif
selftests/bpf: Fix memory leak in extract_build_id()
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
dpaa2-eth: fix return codes used in ndo_setup_tc
Drivers: hv: vmbus: Always handle the VMBus messages on CPU0
audit: fix a net reference leak in audit_list_rules_send()
Bluetooth: btbcm: Add 2 missing models to subver tables
ath10k: add flush tx packets for SDIO chip
MIPS: Make sparse_init() using top-down allocation
media: platform: fcp: Set appropriate DMA parameters
media: dvb: return -EREMOTEIO on i2c transfer failure.
audit: fix a net reference leak in audit_send_reply()
drm/mediatek: set dpi pin mode to gpio low to avoid leakage current
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
e1000: Distribute switch variables for initialization
tools api fs: Make xxx__mountpoint() more scalable
regulator: qcom-rpmh: Fix typos in pm8150 and pm8150l
brcmfmac: fix wrong location to get firmware feature
spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource
media: staging/intel-ipu3: Implement lock for stream on/off operations
ath10k: fix kernel null pointer dereference
staging: android: ion: use vmap instead of vm_map_ram
x86: fix vmap arguments in map_irq_stack
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
spi: dw: Fix Rx-only DMA transfers
Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
ice: Fix for memory leaks and modify ICE_FREE_CQ_BUFS
ice: Fix memory leak
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
btrfs: account for trans_block_rsv in may_commit_transaction
media: dvbdev: Fix tuner->demod media controller link
clocksource: dw_apb_timer_of: Fix missing clockevent timers
clocksource: dw_apb_timer: Make CPU-affiliation being optional
spi: dw: Enable interrupts in accordance with DMA xfer mode
mips: Fix cpu_has_mips64r1/2 activation for MIPS32 CPUs
ACPI/IORT: Fix PMCG node single ID mapping handling
pmu/smmuv3: Clear IRQ affinity hint on device removal
kgdb: Prevent infinite recursive entries to the debugger
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
Bluetooth: Add SCO fallback for invalid LMP parameters error
MIPS: Loongson: Build ATI Radeon GPU driver as module
platform/x86: dell-laptop: don't register micmute LED if there is no token
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
lockdown: Allow unprivileged users to see lockdown status
drm: rcar-du: Set primary plane zpos immutably at initializing
block: reset mapping if failed to update hardware queue count
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
block: alloc map and request for new hardware queue
ACPICA: Dispatcher: add status checks
spi: dw: Zero DMA Tx and Rx configurations on stack
rtw88: fix an issue about leak system resources
media: staging: ipu3: Fix stale list entries on parameter queue failure
arm64: cacheflush: Fix KGDB trap detection
ath10k: remove the max_sched_scan_reqs value
efi/libstub/x86: Work around LLVM ELF quirk build regression
net: ena: fix error returning in ena_com_get_hash_function()
net: atlantic: make hw_get_regs optional
sched/fair: Refill bandwidth before scaling
x86,smap: Fix smap_{save,restore}() alternatives
spi: pxa2xx: Apply CS clk quirk to BXT
libbpf: Fix memory leak and possible double-free in hashmap__clear
arm64/kernel: Fix range on invalidating dcache for boot page tables
drm/amdgpu: Init data to avoid oops while reading pp_num_states.
spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices
objtool: Ignore empty alternatives
media: si2157: Better check for running tuner in init
media: vicodec: Fix error codes in probe function
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
media: staging: imgu: do not hold spinlock during freeing mmu page table
drm: bridge: adv7511: Extend list of audio sample rates
ath10k: Fix the race condition in firmware dump work queue
drm/amdgpu: fix and cleanup amdgpu_gem_object_close v4
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
writeback: Drop I_DIRTY_TIME_EXPIRE
writeback: Fix sync livelock due to b_dirty_time processing
writeback: Avoid skipping inode writeback
writeback: Protect inode->i_io_list with inode->i_lock
Revert "writeback: Avoid skipping inode writeback"
ANDROID: GKI: enable some more USB configfs options
Linux 5.4.47
KVM: arm64: Save the host's PtrAuth keys in non-preemptible context
KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
xen/pvcalls-back: test for errors when calling backend_connect()
block/floppy: fix contended case in floppy_queue_rq()
mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card()
mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()
mmc: tmio: Further fixup runtime PM management at remove
mmc: mmci_sdmmc: fix DMA API warning overlapping mappings
mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
agp/intel: Reinforce the barrier after GTT updates
perf: Add cond_resched() to task_function_call()
fat: don't allow to mount if the FAT length == 0
mm/slub: fix a memory leak in sysfs_slab_add()
drm/vkms: Hold gem object while still in-use
Smack: slab-out-of-bounds in vsscanf
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
ath9k: Fix use-after-free Read in htc_connect_service
selftests/ftrace: Return unsupported if no error_log file
scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type
scsi: megaraid_sas: TM command refire leads to controller firmware crash
KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
KVM: arm64: Stop writing aarch32's CSSELR into ACTLR
KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
KVM: nSVM: leave ASID aside in copy_vmcb_control_area
KVM: nSVM: fix condition for filtering async PF
KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
video: fbdev: w100fb: Fix a potential double free.
video: vt8500lcdfb: fix fallthrough warning
EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable
cpufreq: Fix up cpufreq_boost_set_sw()
remoteproc: Fix and restore the parenting hierarchy for vdev
remoteproc: Fall back to using parent memory pool if no dedicated available
proc: Use new_inode not new_inode_pseudo
ovl: initialize error in ovl_copy_xattr
net/mlx5e: Fix repeated XSK usage on one channel
net/mlx5: Fix fatal error handling during device load
net/mlx5: drain health workqueue in case of driver load error
selftests/net: in rxtimestamp getopt_long needs terminating null entry
dccp: Fix possible memleak in dccp_init and dccp_fini
crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req()
crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req()
crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
firmware: imx: scu: Fix corruption of header
firmware: imx-scu: Support one TX and one RX
firmware: imx: warn on unexpected RX
x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned
crypto: drbg - fix error return code in drbg_alloc_state()
crypto: algapi - Avoid spurious modprobe on LOADED
crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated
gup: document and work around "COW can break either way" issue
PM: runtime: clk: Fix clk_pm_runtime_get() error path
spi: bcm-qspi: when tx/rx buffer is NULL set to 0
spi: bcm-qspi: Handle clock probe deferral
spi: bcm2835aux: Fix controller unregister order
spi: bcm2835: Fix controller unregister order
spi: pxa2xx: Fix runtime PM ref imbalance on probe error
spi: pxa2xx: Fix controller unregister order
spi: Fix controller unregister order
spi: dw: Fix controller unregister order
nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
lib/lzo: fix ambiguous encoding bug in lzo-rle
arm64: acpi: fix UBSAN warning
ACPI: PM: Avoid using power resources if there are none for D0
ACPI: GED: add support for _Exx / _Lxx handler methods
ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock
ALSA: usb-audio: Fix inconsistent card PM state after resume
ALSA: pcm: fix snd_pcm_link() lockdep splat
ALSA: pcm: disallow linking stream to itself
ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
ALSA: fireface: fix configuration error for nominal sampling transfer frequency
ALSA: es1688: Add the missed snd_card_free()
watchdog: imx_sc_wdt: Fix reboot on crash
smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl
smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
efi/efivars: Add missing kobject_put() in sysfs entry creation error path
io_uring: use kvfree() in io_sqe_buffer_register()
ASoC: max9867: fix volume controls
powerpc/ptdump: Properly handle non standard page size
KVM: x86: Fix APIC page invalidation race
KVM: x86: respect singlestep when emulating instruction
KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated
perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel Tremont
x86/reboot/quirks: Add MacBook6,1 reboot quirk
x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
x86/speculation: Prevent rogue cross-process SSBD shutdown
x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
x86_64: Fix jiffies ODR violation
sctp: fix refcount bug in sctp_wfree
sctp: fix possibly using a bad saddr with a given dst
iwlwifi: mvm: fix NVM check for 3168 devices
ipv4: fix a RCU-list lock in fib_triestat_seq_show
aio: fix async fsync creds
fanotify: fix ignore mask logic for events on child and on dir
selftests: fix flower parent qdisc
mm: add kvfree_sensitive() for freeing sensitive data objects
perf probe: Accept the instance number of kretprobe event
PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay
KVM: x86: only do L1TF workaround on affected processors
x86/cpu/amd: Make erratum #1054 a legacy erratum
s390/pci: Log new handle in clp_disable_fh()
padata: add separate cpuhp node for CPUHP_PADATA_DEAD
RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
smack: avoid unused 'sip' variable warning
ath9k_htc: Silence undersized packet warnings
spi: dw: Fix native CS being unset
powerpc/xive: Clear the page tables for the ESB IO mapping
drivers/net/ibmvnic: Update VNIC protocol version reporting
gfs2: Even more gfs2_find_jhead fixes
csky: Fixup abiv2 syscall_trace break a4 & a5
Input: synaptics - add a second working PNP_ID for Lenovo T470s
sched/fair: Don't NUMA balance for kthreads
ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
Input: mms114 - fix handling of mms345l
elfnote: mark all .note sections SHF_ALLOC
bpf: Support llvm-objcopy for vmlinux BTF
vxlan: Avoid infinite loop when suppressing NS messages with invalid options
bridge: Avoid infinite loop when suppressing NS messages with invalid options
tun: correct header offsets in napi frags mode
net_failover: fixed rollback in net_failover_open()
mlxsw: core: Use different get_trend() callbacks for different thermal zones
ipv6: fix IPV6_ADDRFORM operation logic
fs-verity: remove unnecessary extern keywords
fs-verity: fix all kerneldoc warnings
fscrypt: add support for IV_INO_LBLK_32 policies
fscrypt: make test_dummy_encryption use v2 by default
fscrypt: support test_dummy_encryption=v2
fscrypt: add fscrypt_add_test_dummy_key()
linux/parser.h: add include guards
fscrypt: remove unnecessary extern keywords
fscrypt: name all function parameters
fscrypt: fix all kerneldoc warnings
ANDROID: GKI: enable CONFIG_EXT4_FS_POSIX_ACL.
ANDROID: arch: arm: Increase kernel command line size
ANDROID: arch: arm64: Increase kernel command line size
ANDROID: ABI: Add typec symbols to QCOM ABI whitelist
UPSTREAM: usb: typec: Remove the callback members from struct typec_capability
UPSTREAM: usb: typec: ucsi: Start using struct typec_operations
UPSTREAM: usb: typec: tps6598x: Start using struct typec_operations
UPSTREAM: usb: typec: tcpm: Start using struct typec_operations
UPSTREAM: usb: typec: Separate the operations vector
UPSTREAM: usb: typec: Introduce typec_get_drvdata()
UPSTREAM: usb: typec: Copy everything from struct typec_capability during registration
ANDROID: kbuild: merge more sections with LTO
UPSTREAM: driver core: Remove unnecessary is_fwnode_dev variable in device_add()
UPSTREAM: driver core: Remove check in driver_deferred_probe_force_trigger()
UPSTREAM: of: platform: Batch fwnode parsing when adding all top level devices
BACKPORT: driver core: fw_devlink: Add support for batching fwnode parsing
BACKPORT: driver core: Look for waiting consumers only for a fwnode's primary device
UPSTREAM: usb: musb: Add support for MediaTek musb controller
UPSTREAM: usb: musb: Add musb_clearb/w() interface
UPSTREAM: usb: musb: Add noirq type of dma create interface
UPSTREAM: usb: musb: Add get/set toggle hooks
UPSTREAM: dt-bindings: usb: musb: Add support for MediaTek musb controller
Revert "ANDROID: Remove default y on BRIDGE_IGMP_SNOOPING"
Linux 5.4.46
Revert "net/mlx5: Annotate mutex destroy for root ns"
uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned
x86/speculation: Add Ivy Bridge to affected list
x86/speculation: Add SRBDS vulnerability and mitigation documentation
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
x86/cpu: Add 'table' argument to cpu_matches()
x86/cpu: Add a steppings field to struct x86_cpu_id
x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2
nvmem: qfprom: remove incorrect write support
CDC-ACM: heed quirk also in error handling
staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK
tty: hvc_console, fix crashes on parallel open/close
vt: keyboard: avoid signed integer overflow in k_ascii
usb: musb: Fix runtime PM imbalance on error
usb: musb: start session in resume for host port
iio: adc: stm32-adc: fix a wrong error message when probing interrupts
iio:chemical:pms7003: Fix timestamp alignment and prevent data leak.
iio: vcnl4000: Fix i2c swapped word reading.
iio:chemical:sps30: Fix timestamp alignment
USB: serial: ch341: add basis for quirk detection
USB: serial: option: add Telit LE910C1-EUX compositions
USB: serial: usb_wwan: do not resubmit rx urb on fatal errors
USB: serial: qcserial: add DW5816e QDL support
net: be more gentle about silly gso requests coming from user
net: check untrusted gso_size at kernel entry
vsock: fix timeout in vsock_accept()
nfp: flower: fix used time of merge flow statistics
NFC: st21nfca: add missed kfree_skb() in an error path
net: usb: qmi_wwan: add Telit LE910C1-EUX composition
net: stmmac: enable timestamp snapshot for required PTP packets in dwmac v5.10a
net/mlx5: Fix crash upon suspend/resume
l2tp: do not use inet_hash()/inet_unhash()
l2tp: add sk_family checks to l2tp_validate_socket
devinet: fix memleak in inetdev_init()
ANDROID: GKI: Update ABI after scsi/ufs changes
FROMLIST: Documentation:sysfs-ufs: Add WriteBooster documentation
FROMGIT: scsi: ufs-qcom: Configure write booster type
FROMGIT: scsi: ufs: sysfs: Add sysfs entries for write booster
BACKPORT: FROMGIT: scsi: ufs: Add write booster feature support
ANDROID: ABI/Whitelist: update symbols of unisoc whitelist
BACKPORT: FROMGIT: scsi: ufs: Remove unnecessary memset for dev_info
ANDROID: staging: ion: Fix potential memory corruption
ANDROID: staging: ion: optimize cache operation for non-cached buffer
ANDROID: staging: ion: Skip sync if not mapped
ANDROID: staging: ion: use dma_[un]map_sg_attrs
ANDROID: arch: arm64: vdso: export the symbols for time()
ANDROID: dm-bow: Add block_size option
ANDROID: GKI: remove squashfs-needed symbols from exported abi
ANDROID: GKI: remove erofs symbols from exported abi
ANDROID: GKI: enable CONFIG_EROFS_FS=y
ANDROID: scs: fix recursive spinlock in scs_check_usage
f2fs: attach IO flags to the missing cases
f2fs: add node_io_flag for bio flags likewise data_io_flag
f2fs: remove unused parameter of f2fs_put_rpages_mapping()
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
f2fs: avoid utf8_strncasecmp() with unstable name
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
ANDROID: GKI: set CONFIG_BLK_DEV_LOOP_MIN_COUNT to 16
ANDROID: Incremental fs: Remove dependency on PKCS7_MESSAGE_PARSER
ANDROID: Incremental fs: Cache successful hash calculations
ANDROID: Incremental fs: Fix four error-path bugs
f2fs: fix retry logic in f2fs_write_cache_pages()
f2fs: fix wrong discard space
f2fs: compress: don't compress any datas after cp stop
f2fs: remove unneeded return value of __insert_discard_tree()
f2fs: fix wrong value of tracepoint parameter
f2fs: protect new segment allocation in expand_inode_data
f2fs: code cleanup by removing ifdef macro surrounding
writeback: Avoid skipping inode writeback
f2fs: avoid inifinite loop to wait for flushing node pages at cp_error
f2fs: compress: fix zstd data corruption
f2fs: add compressed/gc data read IO stat
f2fs: fix potential use-after-free issue
f2fs: compress: don't handle non-compressed data in workqueue
f2fs: remove redundant assignment to variable err
f2fs: refactor resize_fs to avoid meta updates in progress
f2fs: use round_up to enhance calculation
f2fs: introduce F2FS_IOC_RESERVE_COMPRESS_BLOCKS
f2fs: Avoid double lock for cp_rwsem during checkpoint
f2fs: report delalloc reserve as non-free in statfs for project quota
f2fs: Fix wrong stub helper update_sit_info
f2fs: compress: let lz4 compressor handle output buffer budget properly
f2fs: remove blk_plugging in block_operations
f2fs: introduce F2FS_IOC_RELEASE_COMPRESS_BLOCKS
f2fs: shrink spinlock coverage
f2fs: correctly fix the parent inode number during fsync()
f2fs: compress: support lzo-rle compress algorithm
f2fs: introduce mempool for {,de}compress intermediate page allocation
f2fs: introduce f2fs_bmap_compress()
f2fs: support fiemap on compressed inode
f2fs: support partial truncation on compressed inode
f2fs: remove redundant compress inode check
f2fs: use strcmp() in parse_options()
f2fs: Use the correct style for SPDX License Identifier
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/display/mediatek/mediatek,dpi.txt
abi_gki_aarch64_qcom_whitelist
arch/x86/configs/gki_defconfig
build.config.common
drivers/hwtracing/coresight/coresight-tmc-etf.c
drivers/mmc/host/sdhci-msm.c
drivers/pinctrl/qcom/Kconfig
drivers/pinctrl/qcom/pinctrl-msm.c
drivers/pinctrl/qcom/pinctrl-spmi-gpio.c
drivers/scsi/ufs/ufs-qcom.c
drivers/scsi/ufs/ufs-sysfs.c
drivers/scsi/ufs/ufs.h
drivers/scsi/ufs/ufs_quirks.h
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/usb/dwc3/gadget.c
drivers/usb/host/xhci-plat.c
drivers/usb/typec/ucsi/ucsi.c
include/linux/usb/composite.h
include/linux/usb/gadget.h
init/Kconfig.gki
net/wireless/nl80211.c
scripts/headers_install.sh
Change-Id: Iadbe19b28a1d459bc7378e0b9060219a92a408b6
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Blagovest Kolenichev
|
441301dd42 |
Merge android-5.4-stable.45 (a9a13ee) into msm-5.4
* refs/heads/tmp-a9a13ee: Linux 5.4.45 net: smsc911x: Fix runtime PM imbalance on error selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x net/ethernet/freescale: rework quiesce/activate for ucc_geth null_blk: return error for invalid zone size s390/mm: fix set_huge_pte_at() for empty ptes drm/edid: Add Oculus Rift S to non-desktop list net: bmac: Fix read of MAC address from ROM x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables io_uring: initialize ctx->sqo_wait earlier i2c: altera: Fix race between xfer_msg and isr thread scsi: pm: Balance pm_only counter of request queue during system resume evm: Fix RCU list related warnings ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT ARC: Fix ICCM & DCCM runtime size checks RDMA/qedr: Fix synchronization methods and memory leaks in qedr RDMA/qedr: Fix qpids xarray api used s390/ftrace: save traced function caller ASoC: intel - fix the card names spi: dw: use "smp_mb()" to avoid sending spi data error powerpc/xmon: Restrict when kernel is locked down powerpc/powernv: Avoid re-registration of imc debugfs directory scsi: hisi_sas: Check sas_port before using it drm/i915: fix port checks for MST support on gen >= 11 airo: Fix read overflows sending packets net: dsa: mt7530: set CPU port to fallback mode scsi: ufs: Release clock if DMA map fails media: staging: ipu3-imgu: Move alignment attribute to field media: Revert "staging: imgu: Address a compiler warning on alignment" mmc: fix compilation of user API kernel/relay.c: handle alloc_percpu returning NULL in relay_open mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter p54usb: add AirVasT USB stick device-id HID: i2c-hid: add Schneider SCL142ALM to descriptor override HID: multitouch: enable multi-input as a quirk for some devices HID: sony: Fix for broken buttons on DS3 USB dongles mm: Fix mremap not considering huge pmd devmap Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" ANDROID: GKI: Enable SYS_HYPERVISOR ANDROID: Update ABI representation ANDROID: GKI: disable CONFIG_I2C_CHARDEV ANDROID: GKI: remove netfilter apis from supported symbols Linux 5.4.44 perf: Make perf able to build with latest libbfd netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update netfilter: conntrack: comparison of unsigned in cthelper confirmation bonding: Fix reference count leak in bond_sysfs_slave_add. net: dsa: declare lockless TX feature for slave ports ipv4: nexthop version of fib_info_nh_uses_dev nexthop: Expand nexthop_is_multipath in a few places nexthops: don't modify published nexthop groups nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry crypto: chelsio/chtls: properly set tp->lsndtime qlcnic: fix missing release in qlcnic_83xx_interrupt_test. xsk: Add overflow check for u64 division, stored into u32 ieee80211: Fix incorrect mask for default PE duration bnxt_en: Fix accumulation of bp->net_stats_prev. esp6: get the right proto for transport mode in esp6_gso_encap netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code netfilter: nfnetlink_cthelper: unbreak userspace helper support netfilter: conntrack: make conntrack userspace helpers work again netfilter: ipset: Fix subcounter update skip netfilter: nft_reject_bridge: enable reject with bridge vlan ip_vti: receive ipip packet by calling ip_tunnel_rcv xfrm: fix error in comment xfrm: fix a NULL-ptr deref in xfrm_local_error xfrm: fix a warning in xfrm_policy_insert_list xfrm interface: fix oops when deleting a x-netns interface xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output xfrm: remove the xfrm_state_put call becofe going to out_reset xfrm: do pskb_pull properly in __xfrm_transport_prep xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input copy_xstate_to_kernel(): don't leave parts of destination uninitialized x86/dma: Fix max PFN arithmetic overflow on 32 bit systems mac80211: mesh: fix discovery timer re-arming issue / crash x86/syscalls: Revert "x86/syscalls: Make __X32_SYSCALL_BIT be unsigned long" cfg80211: fix debugfs rename crash parisc: Fix kernel panic in mem_init() iommu: Fix reference count leak in iommu_group_alloc. gpio: fix locking open drain IRQ lines Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT" include/asm-generic/topology.h: guard cpumask_of_node() macro argument fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() mm,thp: stop leaking unreleased file pages IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode drm/amd/display: drop cursor position check in atomic test RDMA/core: Fix double destruction of uobject ceph: flush release queue when handling caps for unknown inode libceph: ignore pool overlay and cache logic on redirects ALSA: hda/realtek - Add new codec supported for ALC287 ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio clk: qcom: gcc: Fix parent for gpll0_out_even exec: Always set cap_ambient in cap_bprm_set_creds ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround ALSA: hwdep: fix a left shifting 1 by 31 UB bug RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() gpio: pxa: Fix return value of pxa_gpio_probe() mmc: block: Fix use-after-free issue for rpmb ARM: dts: bcm: HR2: Fix PPI interrupt types ARM: dts: bcm2835-rpi-zero-w: Fix led polarity ARM: dts/imx6q-bx50v3: Set display interface clock parents IB/qib: Call kobject_put() when kobject_init_and_add() fails gpu/drm: Ingenic: Fix opaque pointer casted to wrong type soc: mediatek: cmdq: return send msg error code arm64: dts: mt8173: fix vcodec-enc clock gpio: exar: Fix bad handling for ida_simple_get error path ARM: uaccess: fix DACR mismatch with nested exceptions ARM: uaccess: integrate uaccess_save and uaccess_restore ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h ARM: 8970/1: decompressor: increase tag size Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() Input: synaptics-rmi4 - really fix attn_data use-after-free Input: i8042 - add ThinkPad S230u to i8042 reset list Input: dlink-dir685-touchkeys - fix a typo in driver name Input: xpad - add custom init packet for Xbox One S controllers Input: evdev - call input_flush_device() on release(), not flush() Input: usbtouchscreen - add support for BonXeon TP drivers: net: hamradio: Fix suspicious RCU usage warning in bpqether.c samples: bpf: Fix build error csky: Fixup raw_copy_from_user() cifs: Fix null pointer check in cifs_read hwmon: (nct7904) Fix incorrect range of temperature limit registers csky: Fixup remove duplicate irq_disable csky: Fixup perf callchain unwind csky: Fixup msa highest 3 bits mask clk: ti: am33xx: fix RTC clock parent riscv: stacktrace: Fix undefined reference to `walk_stackframe' IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() net: freescale: select CONFIG_FIXED_PHY where needed usb: gadget: legacy: fix redundant initialization warnings usb: phy: twl6030-usb: Fix a resource leak in an error handling path in 'twl6030_usb_probe()' usb: dwc3: pci: Enable extcon driver for Intel Merrifield cachefiles: Fix race between read_waiter and read_copier involving op->to_do drm/amdgpu: Use GEM obj reference for KFD BOs drm/amd/powerplay: perform PG ungate prior to CG ungate drm/amdgpu: drop unnecessary cancel_delayed_work_sync on PG ungate gfs2: Grab glock reference sooner in gfs2_add_revoke gfs2: move privileged user check to gfs2_quota_lock_check net: microchip: encx24j600: add missed kthread_stop ALSA: usb-audio: add mapping for ASRock TRX40 Creator gpio: tegra: mask GPIO IRQs during IRQ shutdown ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi ARM: dts: rockchip: swap clock-names of gpu nodes arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts ARM: dts: rockchip: fix phy nodename for rk3229-xms6 ARM: dts: rockchip: fix phy nodename for rk3228-evb mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload fails net/mlx4_core: fix a memory leak bug. net: sun: fix missing release regions in cas_init_one(). net/tls: free record only on encryption error net/tls: fix encryption error checking net/mlx5: Annotate mutex destroy for root ns net/mlx5: Fix error flow in case of function_setup failure net/mlx5e: Update netdev txq on completions during closure net/mlx5: Fix memory leak in mlx5_events_init net/mlx5e: Fix inner tirs handling net/mlx5e: kTLS, Destroy key object after destroying the TIS tipc: block BH before using dst_cache sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed sctp: Don't add the shutdown timer if its already been added r8152: support additional Microsoft Surface Ethernet Adapter variant nexthop: Fix attribute checking for groups net/tls: fix race condition causing kernel panic net sched: fix reporting the first-time use timestamp net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() net: nlmsg_cancel() if put fails for nhmsg net: mvpp2: fix RX hashing for non-10G ports net/mlx5: Add command entry handling completion net: ipip: fix wrong address family in init error path net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* __netif_receive_skb_core: pass skb by reference net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend net: dsa: mt7530: fix roaming from DSA user ports net: don't return invalid table id error when we fall back to PF_UNSPEC dpaa_eth: fix usage as DSA master, try 3 ax25: fix setsockopt(SO_BINDTODEVICE) ANDROID: GKI: enable CONFIG_USB_DUMMY_HCD FROMGIT: USB: dummy-hcd: use configurable endpoint naming scheme ANDROID: GKI: enable a bunch of HID config options =y UPSTREAM: usb: raw-gadget: fix null-ptr-deref when reenabling endpoints UPSTREAM: usb: raw-gadget: documentation updates UPSTREAM: usb: raw-gadget: support stalling/halting/wedging endpoints UPSTREAM: usb: raw-gadget: fix gadget endpoint selection UPSTREAM: usb: raw-gadget: improve uapi headers comments UPSTREAM: usb: raw-gadget: fix return value of ep read ioctls UPSTREAM: usb: raw-gadget: fix raw_event_queue_fetch locking UPSTREAM: usb: raw-gadget: Fix copy_to/from_user() checks ANDROID: GKI: update abi definitions after enabling PCIEPORTBUS Revert "ANDROID: gki_defconfig: Drop CONFIG_PCIEPORTBUS" ANDROID: net: bpf: permit redirect from ingress L3 to egress L2 devices at near max mtu ANDROID: GKI: update abi definitions now that sdcardfs is gone Revert "ANDROID: sdcardfs: Enable modular sdcardfs" ANDROID: remove sdcardfs-needed exports from whitelist Revert "ANDROID: vfs: Add setattr2 for filesystems with per mount permissions" Revert "ANDROID: vfs: Add permission2 for filesystems with per mount permissions" Revert "ANDROID: vfs: add d_canonical_path for stacked filesystem support" Revert "ANDROID: fs: Restore vfs_path_lookup() export" ANDROID: sdcardfs: remove sdcardfs from system FROMGIT: driver core: Update device link status correctly for SYNC_STATE_ONLY links UPSTREAM: driver core: Fix handling of SYNC_STATE_ONLY + STATELESS device links UPSTREAM: driver core: Fix SYNC_STATE_ONLY device link implementation Revert "ANDROID: Incremental fs: Avoid continually recalculating hashes" ANDROID: remove unused variable Linux 5.4.43 sched/fair: Fix enqueue_task_fair() warning some more sched/fair: Fix reordering of enqueue/dequeue_task_fair() sched/fair: Reorder enqueue/dequeue_task_fair path tpm: check event log version before reading final events rxrpc: Fix ack discard rxrpc: Trace discarded ACKs iio: adc: stm32-dfsdm: fix device used to request dma iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-adc: fix device used to request dma iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks flow_dissector: Drop BPF flow dissector prog ref on netns cleanup s390/kexec_file: fix initrd location for kdump kernel rxrpc: Fix a memory leak in rxkad_verify_response() rxrpc: Fix the excessive initial retransmission timeout kasan: disable branch tracing for core runtime rapidio: fix an error in get_user_pages_fast() error handling device-dax: don't leak kernel memory to user space after unloading kmem s390/kaslr: add support for R_390_JMP_SLOT relocation type s390/pci: Fix s390_mmio_read/write with MIO ipack: tpci200: fix error return code in tpci200_register() mei: release me_cl object reference tty: serial: add missing spin_lock_init for SiFive serial console misc: rtsx: Add short delay after exit from ASPM iio: adc: ti-ads8344: Fix channel selection iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' iio: sca3000: Remove an erroneous 'get_device()' staging: greybus: Fix uninitialized scalar variable staging: kpc2000: fix error return code in kp2000_pcie_probe() staging: iio: ad2s1210: Fix SPI reading media: fdp1: Fix R-Car M3-N naming in debug message Revert "gfs2: Don't demote a glock until its revokes are written" kbuild: Remove debug info from kallsyms linking bpf: Avoid setting bpf insns pages read-only when prog is jited powerpc/64s: Disable STRICT_KERNEL_RWX powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE drm/i915: Propagate error from completed fences drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance. vsprintf: don't obfuscate NULL and error pointers dmaengine: owl: Use correct lock in owl_dma_get_pchan() dmaengine: dmatest: Restore default for channel drm/etnaviv: Fix a leak in submit_pin_objects() dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' apparmor: Fix aa_label refcnt leak in policy_update apparmor: fix potential label refcnt leak in aa_change_profile apparmor: Fix use-after-free in aa_audit_rule_init drm/etnaviv: fix perfmon domain interation arm64: Fix PTRACE_SYSEMU semantics scsi: target: Put lun_ref at end of tmr processing scsi: qla2xxx: Do not log message when reading port speed via sysfs ALSA: hda/realtek - Add more fixup entries for Clevo machines ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme ALSA: pcm: fix incorrect hw_base increase ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 ALSA: hda/realtek: Add quirk for Samsung Notebook ALSA: hda/realtek - Add HP new mute led supported for ALC236 ALSA: hda/realtek - Add supported new mute Led for HP ALSA: hda: Manage concurrent reg access more properly ALSA: hda: patch_realtek: fix empty macro usage in if block ALSA: hda - constify and cleanup static NodeID tables scripts/gdb: repair rb_first() and rb_last() ARM: futex: Address build warning KVM: selftests: Fix build for evmcs.h drm/amd/display: Prevent dpcd reads with passive dongles iommu/amd: Call domain_flush_complete() in update_domain() platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA USB: core: Fix misleading driver bug report stmmac: fix pointer check after utilization in stmmac_interrupt ceph: fix double unlock in handle_cap_export() HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() x86/apic: Move TSC deadline timer debug printk ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set ibmvnic: Skip fatal error reset after passive init x86/mm/cpa: Flush direct map alias during cpa HID: i2c-hid: reset Synaptics SYNA2393 on resume scsi: ibmvscsi: Fix WARN_ON during event pool release net/ena: Fix build warning in ena_xdp_set() component: Silence bind error on -EPROBE_DEFER aquantia: Fix the media type of AQC100 ethernet controller in the driver vhost/vsock: fix packet delivery order to monitoring devices configfs: fix config_item refcnt leak in configfs_rmdir() scsi: qla2xxx: Delete all sessions before unregister local nvme port scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead HID: alps: Add AUI1657 device ID HID: multitouch: add eGalaxTouch P80H84 support gcc-common.h: Update for GCC 10 net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check mtd: Fix mtd not registered due to nvmem name collision afs: Don't unlock fetched data pages until the op completes successfully ubi: Fix seq_file usage in detailed_erase_block_info debugfs file i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' evm: Fix a small race in init_desc() iommu/amd: Fix over-read of ACPI UID from IVRS table i2c: fix missing pm_runtime_put_sync in i2c_device_probe ubifs: remove broken lazytime support fix multiplication overflow in copy_fdtable() mtd: spinand: Propagate ECC information to the MTD structure ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive ubifs: fix wrong use of crypto_shash_descsize() ima: Fix return value of ima_write_policy() evm: Check also if *tfm is an error pointer in init_desc() ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() KVM: SVM: Fix potential memory leak in svm_cpu_init() i2c: dev: Fix the race between the release of i2c_dev and cdev ANDROID: scsi: ufs: Handle clocks when lrbp fails ANDROID: ABI/Whitelist: add erofs whitelist to unisoc whitelist ANDROID: GKI: Update abi for 5.4.42 update UPSTREAM: serial: samsung: 32-bit access for TX/RX hold registers BACKPORT: serial: samsung: dt-bindings: Add reg-io-width compatible UPSTREAM: serial: samsung: Replace rd_regb/wr_regb with rd_reg/wr_reg ANDROID: fscrypt: handle direct I/O with IV_INO_LBLK_32 BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_32 policies Linux 5.4.42 bpf: Test_progs, fix test_get_stack_rawtp_err.c build selftest/bpf: fix backported test_select_reuseport selftest changes libbpf: Extract and generalize CPU mask parsing logic Makefile: disallow data races on gcc-10 as well KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce bpf: Fix sk_psock refcnt leak when receiving message SUNRPC: Revert |
||
|
Greg Kroah-Hartman
|
90dbaed65a |
This is the 5.4.49 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7zdl0ACgkQONu9yGCS
aT4fAg/7Bg+JHOdJpdSb4FLMjpWHnjOMJ4ICMEfEPS9vJR41HpAaC8LdI3PBZdOZ
ujEdX3ia1p3N/bnnHwVPFaycWQ6Z9TItoj6gzCLqjzVzdKJKXEx8uQFY0KWt+w4R
0orn1acd+bqMLhnRrJqMEhmRG3Y6IrkWXYr/qDC6OuZDgigtHC46mX0IdQiUomFd
As9x1cr6+j27zOf8iwyNNXWo5AL2VFR7zDhlfR+sllN6Tn90AhumFoES8GL+ylfu
OybF5LH4l9gOiFwvI7gTeihJoJOyh/cKP0glnDzRIZVIFv96At3cDt5GiRxkqbYw
u1bo5X5xPxJogN9SLUi4O6pnrmQmuK27zJcI43TDfdRguSzXWzZclyNQ9d3zqmvJ
QCmCsQkZst4K4SGg4UE2Wb6Gi51lsmV4OKll7eh61I87e8J7t7r8I5HRDdNCLzuf
3biqYn8f6307ME59fniVlQSynMt8B9lxyTS6hkYN/iCf753jHKdJRy97JcXugiCo
DUoMCNchLDg5LH9TWq6k96rCklaVGPkp8HO/davMAc5Xn+YgPqE/ZpO7hH0nCLBE
Fc0bvddiebXI5NrxIXu20vajQWi5YuVw5JWUBvcK6aONluwRomCvTIPRT1SZZiaK
5Cm5lyDGK3yYC0Dz++QzATVtNEOAkUOWgLpgOenrUVPtCtgDOrk=
=cQWB
-----END PGP SIGNATURE-----
Merge 5.4.49 into android-5.4-stable
Changes in 5.4.49
power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select
clk: sunxi: Fix incorrect usage of round_down()
ASoC: tegra: tegra_wm8903: Support nvidia, headset property
i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
ASoC: SOF: imx8: Fix randbuild error
iio: pressure: bmp280: Tolerate IRQ before registering
remoteproc: Fix IDR initialisation in rproc_alloc()
clk: qcom: msm8916: Fix the address location of pll->config_reg
ASoC: fsl_esai: Disable exception interrupt before scheduling tasklet
backlight: lp855x: Ensure regulators are disabled on probe failure
ARM: dts: renesas: Fix IOMMU device node names
ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
ARM: integrator: Add some Kconfig selections
ARM: dts: stm32: Add missing ethernet PHY reset on AV96
scsi: core: free sgtables in case command setup fails
scsi: qedi: Check for buffer overflow in qedi_set_path()
arm64: dts: meson: fixup SCP sram nodes
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO
ALSA: isa/wavefront: prevent out of bounds write in ioctl
PCI: Allow pci_resize_resource() for devices on root bus
scsi: qla2xxx: Fix issue with adapter's stopping state
Input: edt-ft5x06 - fix get_default register write access
powerpc/kasan: Fix stack overflow by increasing THREAD_SHIFT
rtc: mc13xxx: fix a double-unlock issue
iio: bmp280: fix compensation of humidity
f2fs: report delalloc reserve as non-free in statfs for project quota
i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use
clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical
usblp: poison URBs upon disconnect
serial: 8250: Fix max baud limit in generic 8250 port
misc: fastrpc: Fix an incomplete memory release in fastrpc_rpmsg_probe()
misc: fastrpc: fix potential fastrpc_invoke_ctx leak
dm mpath: switch paths in dm_blk_ioctl() code path
arm64: dts: armada-3720-turris-mox: forbid SDR104 on SDIO for FCC purposes
arm64: dts: armada-3720-turris-mox: fix SFP binding
arm64: dts: juno: Fix GIC child nodes
pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2
clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling
ASoC: SOF: Do nothing when DSP PM callbacks are not set
arm64: dts: fvp: Fix GIC child nodes
PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register
ps3disk: use the default segment boundary
arm64: dts: fvp/juno: Fix node address fields
vfio/pci: fix memory leaks in alloc_perm_bits()
coresight: tmc: Fix TMC mode read in tmc_read_prepare_etb()
RDMA/mlx5: Add init2init as a modify command
scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
PCI: pci-bridge-emul: Fix PCIe bit conflicts
m68k/PCI: Fix a memory leak in an error handling path
gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration
usb: gadget: core: sync interrupt before unbind the udc
powerpc/ptdump: Add _PAGE_COHERENT flag
mfd: wm8994: Fix driver operation if loaded as modules
scsi: cxgb3i: Fix some leaks in init_act_open()
clk: zynqmp: fix memory leak in zynqmp_register_clocks
scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event
scsi: vhost: Notify TCM about the maximum sg entries supported per command
clk: clk-flexgen: fix clock-critical handling
IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run
nfsd: Fix svc_xprt refcnt leak when setup callback client failed
PCI: vmd: Filter resource type bits from shadow register
RDMA/core: Fix several reference count leaks.
cifs: set up next DFS target before generic_ip_connect()
ASoC: qcom: q6asm-dai: kCFI fix
powerpc/crashkernel: Take "mem=" option into account
pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
sparc32: mm: Don't try to free page-table pages if ctor() fails
yam: fix possible memory leak in yam_init_driver
NTB: ntb_pingpong: Choose doorbells based on port number
NTB: Fix the default port and peer numbers for legacy drivers
mksysmap: Fix the mismatch of '.L' symbols in System.map
apparmor: fix introspection of of task mode for unconfined tasks
net: dsa: lantiq_gswip: fix and improve the unsupported interface error
apparmor: check/put label on apparmor_sk_clone_security()
f2fs: handle readonly filesystem in f2fs_ioc_shutdown()
ASoC: meson: add missing free_irq() in error path
bpf, sockhash: Fix memory leak when unlinking sockets in sock_hash_free
scsi: sr: Fix sr_probe() missing deallocate of device minor
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
apparmor: fix nnp subset test for unconfined
x86/purgatory: Disable various profiling and sanitizing options
staging: greybus: fix a missing-check bug in gb_lights_light_config()
arm64: dts: mt8173: fix unit name warnings
scsi: qedi: Do not flush offload work if ARP not resolved
arm64: dts: qcom: msm8916: remove unit name for thermal trip points
ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity
RDMA/mlx5: Fix udata response upon SRQ creation
gpio: dwapb: Append MODULE_ALIAS for platform driver
scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing
pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries
virtiofs: schedule blocking async replies in separate worker
arm64: dts: qcom: fix pm8150 gpio interrupts
firmware: qcom_scm: fix bogous abuse of dma-direct internals
staging: gasket: Fix mapping refcnt leak when put attribute fails
staging: gasket: Fix mapping refcnt leak when register/store fails
ALSA: usb-audio: Improve frames size computation
ALSA: usb-audio: Fix racy list management in output queue
s390/qdio: put thinint indicator after early error
tty: hvc: Fix data abort due to race in hvc_open
slimbus: ngd: get drvdata from correct device
clk: meson: meson8b: Fix the first parent of vid_pll_in_sel
clk: meson: meson8b: Fix the polarity of the RESET_N lines
clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits
gpio: pca953x: fix handling of automatic address incrementing
thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR
clk: meson: meson8b: Don't rely on u-boot to init all GP_PLL registers
ASoC: max98373: reorder max98373_reset() in resume
soundwire: slave: don't init debugfs on device registration error
HID: intel-ish-hid: avoid bogus uninitialized-variable warning
usb: dwc3: gadget: Properly handle ClearFeature(halt)
usb: dwc3: gadget: Properly handle failed kick_transfer
staging: wilc1000: Increase the size of wid_list array
staging: sm750fb: add missing case while setting FB_VISUAL
PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths
i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
serial: amba-pl011: Make sure we initialize the port.lock spinlock
drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish
PCI: rcar: Fix incorrect programming of OB windows
PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
scsi: qla2xxx: Fix warning after FC target reset
ALSA: firewire-lib: fix invalid assignment to union data for directional parameter
power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()'
power: supply: smb347-charger: IRQSTAT_D is volatile
ASoC: SOF: core: fix error return code in sof_probe_continue()
arm64: dts: msm8996: Fix CSI IRQ types
scsi: target: loopback: Fix READ with data and sensebytes
scsi: mpt3sas: Fix double free warnings
SoC: rsnd: add interrupt support for SSI BUSIF buffer
ASoC: ux500: mop500: Fix some refcounted resources issues
ASoC: ti: omap-mcbsp: Fix an error handling path in 'asoc_mcbsp_probe()'
pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map
dlm: remove BUG() before panic()
USB: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe()
clk: ti: composite: fix memory leak
PCI: Fix pci_register_host_bridge() device_register() error handling
powerpc/64: Don't initialise init_task->thread.regs
tty: n_gsm: Fix SOF skipping
tty: n_gsm: Fix waking up upper tty layer when room available
ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback
HID: Add quirks for Trust Panora Graphic Tablet
PCI/PM: Assume ports without DLL Link Active train links in 100 ms
habanalabs: increase timeout during reset
ipmi: use vzalloc instead of kmalloc for user creation
powerpc/64s/exception: Fix machine check no-loss idle wakeup
powerpc/pseries/ras: Fix FWNMI_VALID off by one
drivers: phy: sr-usb: do not use internal fsm for USB2 phy init
powerpc/ps3: Fix kexec shutdown hang
vfio-pci: Mask cap zero
usb/ohci-platform: Fix a warning when hibernating
drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
tty: n_gsm: Fix bogus i++ in gsm_data_kick
fpga: dfl: afu: Corrected error handling levels
clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
RDMA/hns: Bugfix for querying qkey
RDMA/hns: Fix cmdq parameter of querying pf timer resource
scsi: target: tcmu: Userspace must not complete queued commands
firmware: imx: scu: Fix possible memory leak in imx_scu_probe()
fuse: fix copy_file_range cache issues
fuse: copy_file_range should truncate cache
arm64: tegra: Fix ethernet phy-mode for Jetson Xavier
arm64: tegra: Fix flag for 64-bit resources in 'ranges' property
powerpc/64s/pgtable: fix an undefined behaviour
dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone
PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
PCI: dwc: Fix inner MSI IRQ domain registration
PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link
IB/cma: Fix ports memory leak in cma_configfs
watchdog: da9062: No need to ping manually before setting timeout
usb: dwc2: gadget: move gadget resume after the core is in L0 state
USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke
usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check
usb: gadget: fix potential double-free in m66592_probe.
usb: gadget: Fix issue with config_ep_by_speed function
scripts: headers_install: Exit with error on config leak
RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove
x86/apic: Make TSC deadline timer detection message visible
mfd: stmfx: Reset chip on resume as supply was disabled
mfd: stmfx: Fix stmfx_irq_init error path
mfd: stmfx: Disable IRQ in suspend to avoid spurious interrupt
powerpc/32s: Don't warn when mapping RO data ROX.
ASoC: fix incomplete error-handling in img_i2s_in_probe.
scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd()
clk: bcm2835: Fix return type of bcm2835_register_gate
scsi: ufs-qcom: Fix scheduling while atomic issue
KVM: PPC: Book3S HV: Ignore kmemleak false positives
KVM: PPC: Book3S: Fix some RCU-list locks
clk: sprd: return correct type of value for _sprd_pll_recalc_rate
clk: ast2600: Fix AHB clock divider for A1
misc: xilinx-sdfec: improve get_user_pages_fast() error handling
/dev/mem: Revoke mappings when a driver claims the region
net: sunrpc: Fix off-by-one issues in 'rpc_ntop6'
NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION
of: Fix a refcounting bug in __of_attach_node_sysfs()
input: i8042 - Remove special PowerPC handling
powerpc/4xx: Don't unmap NULL mbase
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
vfio/mdev: Fix reference count leak in add_mdev_supported_type
rtc: rv3028: Add missed check for devm_regmap_init_i2c()
mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe()
rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID
openrisc: Fix issue with argument clobbering for clone/fork
drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection
ceph: don't return -ESTALE if there's still an open file
nfsd4: make drc_slab global, not per-net
gfs2: Allow lock_nolock mount to specify jid=X
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
scsi: ufs: Don't update urgent bkops level when toggling auto bkops
pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()'
nfsd: safer handling of corrupted c_type
drm/amd/display: Revalidate bandwidth before commiting DC updates
crypto: omap-sham - add proper load balancing support for multicore
geneve: change from tx_error to tx_dropped on missing metadata
lib/zlib: remove outdated and incorrect pre-increment optimization
include/linux/bitops.h: avoid clang shift-count-overflow warnings
selftests/vm/pkeys: fix alloc_random_pkey() to make it really random
blktrace: use errno instead of bi_status
blktrace: fix endianness in get_pdu_int()
blktrace: fix endianness for blk_log_remap()
gfs2: fix use-after-free on transaction ail lists
net: marvell: Fix OF_MDIO config check
ntb_perf: pass correct struct device to dma_alloc_coherent
ntb_tool: pass correct struct device to dma_alloc_coherent
NTB: ntb_tool: reading the link file should not end in a NULL byte
NTB: Revert the change to use the NTB device dev for DMA allocations
NTB: perf: Don't require one more memory window than number of peers
NTB: perf: Fix support for hardware that doesn't have port numbers
NTB: perf: Fix race condition when run with ntb_test
NTB: ntb_test: Fix bug when counting remote files
i2c: icy: Fix build with CONFIG_AMIGA_PCMCIA=n
drivers/perf: hisi: Fix wrong value for all counters enable
selftests/net: in timestamping, strncpy needs to preserve null byte
f2fs: don't return vmalloc() memory from f2fs_kmalloc()
afs: Fix memory leak in afs_put_sysnames()
ASoC: core: only convert non DPCM link to DPCM link
ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet
ASoC: rt5645: Add platform-data for Asus T101HA
bpf/sockmap: Fix kernel panic at __tcp_bpf_recvmsg
bpf, sockhash: Synchronize delete from bucket list on map free
tracing/probe: Fix bpf_task_fd_query() for kprobes and uprobes
drm/sun4i: hdmi ddc clk: Fix size of m divider
libbpf: Handle GCC noreturn-turned-volatile quirk
scsi: acornscsi: Fix an error handling path in acornscsi_probe()
x86/idt: Keep spurious entries unset in system_vectors
net/filter: Permit reading NET in load_bytes_relative when MAC not set
nvme-pci: use simple suspend when a HMB is enabled
nfs: set invalid blocks after NFSv4 writes
xdp: Fix xsk_generic_xmit errno
iavf: fix speed reporting over virtchnl
bpf: Fix memlock accounting for sock_hash
usb/xhci-plat: Set PM runtime as active on resume
usb: host: ehci-platform: add a quirk to avoid stuck
usb/ehci-platform: Set PM runtime as active on resume
perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events()
perf stat: Fix NULL pointer dereference
ext4: stop overwrite the errcode in ext4_setup_super
bcache: fix potential deadlock problem in btree_gc_coalesce
powerpc: Fix kernel crash in show_instructions() w/DEBUG_VIRTUAL
afs: Fix non-setting of mtime when writing into mmap
afs: afs_write_end() should change i_size under the right lock
afs: Fix EOF corruption
afs: Always include dir in bulk status fetch from afs_do_lookup()
afs: Set error flag rather than return error from file status decode
afs: Fix the mapping of the UAEOVERFLOW abort code
bnxt_en: Return from timer if interface is not in open state.
scsi: ufs-bsg: Fix runtime PM imbalance on error
block: Fix use-after-free in blkdev_get()
mvpp2: remove module bugfix
arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
libata: Use per port sync for detach
drm: encoder_slave: fix refcouting error for modules
ext4: fix partial cluster initialization when splitting extent
ext4: avoid utf8_strncasecmp() with unstable name
drm/dp_mst: Reformat drm_dp_check_act_status() a bit
drm/qxl: Use correct notify port address when creating cursor ring
drm/amdgpu: Replace invalid device ID with a valid device ID
selinux: fix double free
jbd2: clean __jbd2_journal_abort_hard() and __journal_abort_soft()
ext4: avoid race conditions when remounting with options that change dax
drm/dp_mst: Increase ACT retry timeout to 3s
drm/amd/display: Use swap() where appropriate
x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld
block: nr_sects_write(): Disable preemption on seqcount write
net/mlx5: DR, Fix freeing in dr_create_rc_qp()
f2fs: split f2fs_d_compare() from f2fs_match_name()
f2fs: avoid utf8_strncasecmp() with unstable name
s390: fix syscall_get_error for compat processes
drm/i915: Fix AUX power domain toggling across TypeC mode resets
drm/msm: Check for powered down HW in the devfreq callbacks
drm/i915/gem: Avoid iterating an empty list
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser
drm/connector: notify userspace on hotplug after register complete
drm/amd/display: Use kvfree() to free coeff in build_regamma()
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
Revert "drm/amd/display: disable dcn20 abm feature for bring up"
crypto: algif_skcipher - Cap recv SG list at ctx->used
crypto: algboss - don't wait during notifier callback
tracing/probe: Fix memleak in fetch_op_data operations
kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex
kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
e1000e: Do not wake up the system via WOL if device wakeup is disabled
net: octeon: mgmt: Repair filling of RX ring
pwm: jz4740: Enhance precision in calculation of duty cycle
sched/rt, net: Use CONFIG_PREEMPTION.patch
net: core: device_rename: Use rwsem instead of a seqcount
Linux 5.4.49
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I93723d3c14b5de06aafb4e59a9e35a1d74389757
|
||
Tom Rix
|
ae3c09e346 |
selinux: fix double free
commit 65de50969a77509452ae590e9449b70a22b923bb upstream.
Clang's static analysis tool reports these double free memory errors.
security/selinux/ss/services.c:2987:4: warning: Attempt to free released memory [unix.Malloc]
kfree(bnames[i]);
^~~~~~~~~~~~~~~~
security/selinux/ss/services.c:2990:2: warning: Attempt to free released memory [unix.Malloc]
kfree(bvalues);
^~~~~~~~~~~~~~
So improve the security_get_bools error handling by freeing these variables
and setting their return pointers to NULL and the return len to 0
Cc: stable@vger.kernel.org
Signed-off-by: Tom Rix <trix@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
John Johansen
|
a78c65cb4b |
apparmor: fix nnp subset test for unconfined
[ Upstream commit 3ed4aaa94fc07db3cd0c91be95e3e1b9782a2710 ] The subset test is not taking into account the unconfined exception which will cause profile transitions in the stacked confinement case to fail when no_new_privs is applied. This fixes a regression introduced in the fix for https://bugs.launchpad.net/bugs/1839037 BugLink: https://bugs.launchpad.net/bugs/1844186 Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Mauricio Faria de Oliveira
|
039a79ef0b |
apparmor: check/put label on apparmor_sk_clone_security()
[ Upstream commit 3b646abc5bc6c0df649daea4c2c976bd4d47e4c8 ]
Currently apparmor_sk_clone_security() does not check for existing
label/peer in the 'new' struct sock; it just overwrites it, if any
(with another reference to the label of the source sock.)
static void apparmor_sk_clone_security(const struct sock *sk,
struct sock *newsk)
{
struct aa_sk_ctx *ctx = SK_CTX(sk);
struct aa_sk_ctx *new = SK_CTX(newsk);
new->label = aa_get_label(ctx->label);
new->peer = aa_get_label(ctx->peer);
}
This might leak label references, which might overflow under load.
Thus, check for and put labels, to prevent such errors.
Note this is similarly done on:
static int apparmor_socket_post_create(struct socket *sock, ...)
...
if (sock->sk) {
struct aa_sk_ctx *ctx = SK_CTX(sock->sk);
aa_put_label(ctx->label);
ctx->label = aa_get_label(label);
}
...
Context:
-------
The label reference count leak is observed if apparmor_sock_graft()
is called previously: this sets the 'ctx->label' field by getting
a reference to the current label (later overwritten, without put.)
static void apparmor_sock_graft(struct sock *sk, ...)
{
struct aa_sk_ctx *ctx = SK_CTX(sk);
if (!ctx->label)
ctx->label = aa_get_current_label();
}
And that is the case on crypto/af_alg.c:af_alg_accept():
int af_alg_accept(struct sock *sk, struct socket *newsock, ...)
...
struct sock *sk2;
...
sk2 = sk_alloc(...);
...
security_sock_graft(sk2, newsock);
security_sk_clone(sk, sk2);
...
Apparently both calls are done on their own right, especially for
other LSMs, being introduced in 2010/2014, before apparmor socket
mediation in 2017 (see commits [1,2,3,4]).
So, it looks OK there! Let's fix the reference leak in apparmor.
Test-case:
---------
Exercise that code path enough to overflow label reference count.
$ cat aa-refcnt-af_alg.c
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <linux/if_alg.h>
int main() {
int sockfd;
struct sockaddr_alg sa;
/* Setup the crypto API socket */
sockfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
if (sockfd < 0) {
perror("socket");
return 1;
}
memset(&sa, 0, sizeof(sa));
sa.salg_family = AF_ALG;
strcpy((char *) sa.salg_type, "rng");
strcpy((char *) sa.salg_name, "stdrng");
if (bind(sockfd, (struct sockaddr *) &sa, sizeof(sa)) < 0) {
perror("bind");
return 1;
}
/* Accept a "connection" and close it; repeat. */
while (!close(accept(sockfd, NULL, 0)));
return 0;
}
$ gcc -o aa-refcnt-af_alg aa-refcnt-af_alg.c
$ ./aa-refcnt-af_alg
<a few hours later>
[ 9928.475953] refcount_t overflow at apparmor_sk_clone_security+0x37/0x70 in aa-refcnt-af_alg[1322], uid/euid: 1000/1000
...
[ 9928.507443] RIP: 0010:apparmor_sk_clone_security+0x37/0x70
...
[ 9928.514286] security_sk_clone+0x33/0x50
[ 9928.514807] af_alg_accept+0x81/0x1c0 [af_alg]
[ 9928.516091] alg_accept+0x15/0x20 [af_alg]
[ 9928.516682] SYSC_accept4+0xff/0x210
[ 9928.519609] SyS_accept+0x10/0x20
[ 9928.520190] do_syscall_64+0x73/0x130
[ 9928.520808] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Note that other messages may be seen, not just overflow, depending on
the value being incremented by kref_get(); on another run:
[ 7273.182666] refcount_t: saturated; leaking memory.
...
[ 7273.185789] refcount_t: underflow; use-after-free.
Kprobes:
-------
Using kprobe events to monitor sk -> sk_security -> label -> count (kref):
Original v5.7 (one reference leak every iteration)
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd2
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd3
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd5
... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4
... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd6
Patched v5.7 (zero reference leak per iteration)
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593
... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594
Commits:
-------
[1] commit
|
||
|
John Johansen
|
88bc3e0603 |
apparmor: fix introspection of of task mode for unconfined tasks
[ Upstream commit dd2569fbb053719f7df7ef8fdbb45cf47156a701 ]
Fix two issues with introspecting the task mode.
1. If a task is attached to a unconfined profile that is not the
ns->unconfined profile then. Mode the mode is always reported
as -
$ ps -Z
LABEL PID TTY TIME CMD
unconfined 1287 pts/0 00:00:01 bash
test (-) 1892 pts/0 00:00:00 ps
instead of the correct value of (unconfined) as shown below
$ ps -Z
LABEL PID TTY TIME CMD
unconfined 2483 pts/0 00:00:01 bash
test (unconfined) 3591 pts/0 00:00:00 ps
2. if a task is confined by a stack of profiles that are unconfined
the output of label mode is again the incorrect value of (-) like
above, instead of (unconfined). This is because the visibile
profile count increment is skipped by the special casing of
unconfined.
Fixes:
|
||
|
Greg Kroah-Hartman
|
fa46997961 |
This is the 5.4.48 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7wXk8ACgkQONu9yGCS
aT5uyhAA1EoV9ROPRt8Vw1fzlDIrRA5X2T+FCGXskg2kKWehVHAvge4U76nZ16+i
aYcBX3lAmN7GGVw+/GiRHf9QpiwOUF5f3ZUQZ0KuLS1gcuaXx+VC1h5yyunx3tm1
CI01B2p+GQ3jABWopnhsujMVAeWjbD18NqY+a+xOzTn8CCyLAli+LiviWCR/apQp
p4r6++eevWo1yMDlJGNGoMYsFcxChWhtlnDQKWCsIDCN3I1cinGz8wopiv93WqRH
Sz3wb1YMuhXb10usNZcZFaSvDGf5XSaMxpRkyNSxN7CLv8LzbovXQOE+fFDGAYxd
lUCjRK0wFBMzRSeZ2iGYqqQf5xyYKb6hNmViGprdqwR2c3MBHN/Xs5aDLqJEgHkr
OXzZLyHUngRfp3GpagFGV6q06S6fgb9ca/7FuT4Hn8Z3tb5Xt7b/KlPcW3VymiSt
I37itASNA/Qs6Njl4tDd9GjwbcOAs+s/XabasU+pXscOkf3o8fYMy2krisy176D/
AXtRTLq4pc42I8c3tv5uCNz7Zje/qytKSPErNRBAedvOu5JX7ab6hgULPH4N7r0N
Di/LyKqYw+ZBa4AfzcsvlR3wJLWqni+aFj5yppSrNkH7kNzZGLmlw8xIo8v1CFYw
T86b13WmHPqvyFWQLpX5WCEYu0OCw5YCUyQXSsLZN5oC7gAwC7U=
=FSdI
-----END PGP SIGNATURE-----
Merge 5.4.48 into android-5.4-stable
Changes in 5.4.48
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
drm/amdgpu: fix and cleanup amdgpu_gem_object_close v4
ath10k: Fix the race condition in firmware dump work queue
drm: bridge: adv7511: Extend list of audio sample rates
media: staging: imgu: do not hold spinlock during freeing mmu page table
media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: vicodec: Fix error codes in probe function
media: si2157: Better check for running tuner in init
objtool: Ignore empty alternatives
spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices
drm/amdgpu: Init data to avoid oops while reading pp_num_states.
arm64/kernel: Fix range on invalidating dcache for boot page tables
libbpf: Fix memory leak and possible double-free in hashmap__clear
spi: pxa2xx: Apply CS clk quirk to BXT
x86,smap: Fix smap_{save,restore}() alternatives
sched/fair: Refill bandwidth before scaling
net: atlantic: make hw_get_regs optional
net: ena: fix error returning in ena_com_get_hash_function()
efi/libstub/x86: Work around LLVM ELF quirk build regression
ath10k: remove the max_sched_scan_reqs value
arm64: cacheflush: Fix KGDB trap detection
media: staging: ipu3: Fix stale list entries on parameter queue failure
rtw88: fix an issue about leak system resources
spi: dw: Zero DMA Tx and Rx configurations on stack
ACPICA: Dispatcher: add status checks
block: alloc map and request for new hardware queue
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
block: reset mapping if failed to update hardware queue count
drm: rcar-du: Set primary plane zpos immutably at initializing
lockdown: Allow unprivileged users to see lockdown status
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
platform/x86: dell-laptop: don't register micmute LED if there is no token
MIPS: Loongson: Build ATI Radeon GPU driver as module
Bluetooth: Add SCO fallback for invalid LMP parameters error
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
kgdb: Prevent infinite recursive entries to the debugger
pmu/smmuv3: Clear IRQ affinity hint on device removal
ACPI/IORT: Fix PMCG node single ID mapping handling
mips: Fix cpu_has_mips64r1/2 activation for MIPS32 CPUs
spi: dw: Enable interrupts in accordance with DMA xfer mode
clocksource: dw_apb_timer: Make CPU-affiliation being optional
clocksource: dw_apb_timer_of: Fix missing clockevent timers
media: dvbdev: Fix tuner->demod media controller link
btrfs: account for trans_block_rsv in may_commit_transaction
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
ice: Fix memory leak
ice: Fix for memory leaks and modify ICE_FREE_CQ_BUFS
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()
spi: dw: Fix Rx-only DMA transfers
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
x86: fix vmap arguments in map_irq_stack
staging: android: ion: use vmap instead of vm_map_ram
ath10k: fix kernel null pointer dereference
media: staging/intel-ipu3: Implement lock for stream on/off operations
spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource
brcmfmac: fix wrong location to get firmware feature
regulator: qcom-rpmh: Fix typos in pm8150 and pm8150l
tools api fs: Make xxx__mountpoint() more scalable
e1000: Distribute switch variables for initialization
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
drm/mediatek: set dpi pin mode to gpio low to avoid leakage current
audit: fix a net reference leak in audit_send_reply()
media: dvb: return -EREMOTEIO on i2c transfer failure.
media: platform: fcp: Set appropriate DMA parameters
MIPS: Make sparse_init() using top-down allocation
ath10k: add flush tx packets for SDIO chip
Bluetooth: btbcm: Add 2 missing models to subver tables
audit: fix a net reference leak in audit_list_rules_send()
Drivers: hv: vmbus: Always handle the VMBus messages on CPU0
dpaa2-eth: fix return codes used in ndo_setup_tc
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
selftests/bpf: Fix memory leak in extract_build_id()
net: bcmgenet: set Rx mode before starting netif
net: bcmgenet: Fix WoL with password after deep sleep
lib/mpi: Fix 64-bit MIPS build with Clang
exit: Move preemption fixup up, move blocking operations down
sched/core: Fix illegal RCU from offline CPUs
drivers/perf: hisi: Fix typo in events attribute array
iocost_monitor: drop string wrap around numbers when outputting json
net: lpc-enet: fix error return code in lpc_mii_init()
selinux: fix error return code in policydb_read()
drivers: net: davinci_mdio: fix potential NULL dereference in davinci_mdio_probe()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
net: allwinner: Fix use correct return type for ndo_start_xmit()
powerpc/spufs: fix copy_to_user while atomic
libertas_tf: avoid a null dereference in pointer priv
xfs: clean up the error handling in xfs_swap_extents
Crypto/chcr: fix for ccm(aes) failed test
MIPS: Truncate link address into 32bit for 32bit kernel
mips: cm: Fix an invalid error code of INTVN_*_ERR
kgdb: Fix spurious true from in_dbg_master()
xfs: reset buffer write failure state on successful completion
xfs: fix duplicate verification from xfs_qm_dqflush()
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
iwlwifi: avoid debug max amsdu config overwriting itself
nvme: refine the Qemu Identify CNS quirk
nvme-pci: align io queue count with allocted nvme_queue in nvme_probe
nvme-tcp: use bh_lock in data_ready
ath10k: Remove msdu from idr when management pkt send fails
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
drm/mcde: dsi: Fix return value check in mcde_dsi_bind()
mt76: avoid rx reorder buffer overflow
md: don't flush workqueue unconditionally in md_open
raid5: remove gfp flags from scribble_alloc()
iocost: don't let vrate run wild while there's no saturation signal
veth: Adjust hard_start offset on redirect XDP frames
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
mwifiex: Fix memory corruption in dump_station
kgdboc: Use a platform device to handle tty drivers showing up late
x86/boot: Correct relocation destination on old linkers
sched: Defend cfs and rt bandwidth quota against overflow
mips: MAAR: Use more precise address mask
mips: Add udelay lpj numbers adjustment
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix multi-instance
drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven
drm/amdgpu: Sync with VM root BO when switching VM to CPU update mode
selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o
x86/mm: Stop printing BRK addresses
MIPS: tools: Fix resource leak in elf-entry.c
m68k: mac: Don't call via_flush_cache() on Mac IIfx
btrfs: improve global reserve stealing logic
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
macvlan: Skip loopback packets in RX handler
PCI: Don't disable decoding when mmio_always_on is set
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
bcache: fix refcount underflow in bcache_device_free()
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
ice: fix potential double free in probe unrolling
ixgbe: fix signed-integer-overflow warning
iwlwifi: mvm: fix aux station leak
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
spi: dw: Return any value retrieved from the dma_transfer callback
cpuidle: Fix three reference count leaks
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
platform/x86: asus_wmi: Reserve more space for struct bias_args
libbpf: Fix perf_buffer__free() API for sparse allocs
bpf: Fix map permissions check
bpf: Refactor sockmap redirect code so its easy to reuse
bpf: Fix running sk_skb program types with ktls
selftests/bpf, flow_dissector: Close TAP device FD after the test
kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
btrfs: free alien device after device add
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: send: emit file capabilities after chown
btrfs: force chunk allocation if our global rsv is larger than metadata
btrfs: fix error handling when submitting direct I/O bio
btrfs: fix wrong file range cleanup after an error filling dealloc range
btrfs: fix space_info bytes_may_use underflow after nocow buffered write
btrfs: fix space_info bytes_may_use underflow during space cache writeout
powerpc/mm: Fix conditions to perform MMU specific management by blocks on PPC32.
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
mm: initialize deferred pages with interrupts enabled
mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init
mm: call cond_resched() from deferred_init_memmap()
ima: Fix ima digest hash table key calculation
ima: Switch to ima_hash_algo for boot aggregate
ima: Evaluate error in init_ima()
ima: Directly assign the ima_default_policy pointer to ima_rules
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
ima: Remove __init annotation from ima_pcrread()
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
ext4: fix error pointer dereference
ext4: fix race between ext4_sync_parent() and rename()
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: vmd: Add device id for VMD device 8086:9A0B
x86/amd_nb: Add Family 19h PCI IDs
PCI: Add Loongson vendor ID
serial: 8250_pci: Move Pericom IDs to pci_ids.h
x86/amd_nb: Add AMD family 17h model 60h PCI IDs
ima: Remove redundant policy rule set in add_rules()
ima: Set again build_ima_appraise variable
PCI: Program MPS for RCiEP devices
e1000e: Disable TSO for buffer overrun workaround
e1000e: Relax condition to trigger reset for ME workaround
carl9170: remove P2P_GO support
media: go7007: fix a miss of snd_card_free
media: cedrus: Program output format during each run
serial: 8250: Avoid error message on reprobe
Bluetooth: hci_bcm: fix freeing not-requested IRQ
b43legacy: Fix case where channel status is corrupted
b43: Fix connection problem with WPA3
b43_legacy: Fix connection problem with WPA3
media: ov5640: fix use of destroyed mutex
clk: mediatek: assign the initial value to clk_init_data of mtk_mux
igb: Report speed and duplex as unknown when device is runtime suspended
hwmon: (k10temp) Add AMD family 17h model 60h PCI match
EDAC/amd64: Add AMD family 17h model 60h PCI IDs
power: vexpress: add suppress_bind_attrs to true
power: supply: core: fix HWMON temperature labels
power: supply: core: fix memory leak in HWMON error path
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
gnss: sirf: fix error return code in sirf_probe()
sparc32: fix register window handling in genregs32_[gs]et()
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
dm crypt: avoid truncating the logical block size
alpha: fix memory barriers so that they conform to the specification
powerpc/fadump: use static allocation for reserved memory ranges
powerpc/fadump: consider reserved ranges while reserving memory
powerpc/fadump: Account for memory_limit while reserving memory
kernel/cpu_pm: Fix uninitted local in cpu_pm
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
soc/tegra: pmc: Select GENERIC_PINCONF
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
drivers/macintosh: Fix memleak in windfarm_pm112 driver
powerpc/32s: Fix another build failure with CONFIG_PPC_KUAP_DEBUG
powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END
powerpc/kasan: Fix shadow pages allocation failure
powerpc/32: Disable KASAN with pages bigger than 16k
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
sunrpc: clean up properly in gss_mech_unregister()
mtd: rawnand: Fix nand_gpio_waitrdy()
mtd: rawnand: onfi: Fix redundancy detection check
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: ingenic: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: sunxi: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: pasemi: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: tmio: Fix the probe error path
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
f2fs: fix checkpoint=disable:%u%%
perf probe: Do not show the skipped events
perf probe: Fix to check blacklist address correctly
perf probe: Check address correctness by map instead of _etext
perf symbols: Fix debuginfo search for Ubuntu
perf symbols: Fix kernel maps for kcore and eBPF
Linux 5.4.48
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9954fb3f08956419e8586bcb9078e604df207fb9
|
||
Krzysztof Struczynski
|
e131e70e21 |
ima: Set again build_ima_appraise variable
[ Upstream commit b59fda449cf07f2db3be3a67142e6c000f5e8d79 ] After adding the new add_rule() function in commit |
||
|
Krzysztof Struczynski
|
2600136eae |
ima: Remove redundant policy rule set in add_rules()
[ Upstream commit 6ee28442a465ab4c4be45e3b15015af24b1ba906 ] Function ima_appraise_flag() returns the flag to be set in temp_ima_appraise depending on the hook identifier passed as an argument. It is not necessary to set the flag again for the POLICY_CHECK hook. Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Roberto Sassu
|
6de50456fe |
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
commit 0c4395fb2aa77341269ea619c5419ea48171883f upstream.
Don't immediately return if the signature is portable and security.ima is
not present. Just set error so that memory allocated is freed before
returning from evm_calc_hmac_or_hash().
Fixes:
|
||
|
Roberto Sassu
|
ce7f038f85 |
ima: Remove __init annotation from ima_pcrread()
commit 8b8c704d913b0fe490af370631a4200e26334ec0 upstream.
Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
the digest can be recalculated for the boot_aggregate measurement entry if
the 'd' template field has been requested. For the 'd' field, only SHA1 and
MD5 digests are accepted.
Given that ima_eventdigest_init() does not have the __init annotation, all
functions called should not have it. This patch removes __init from
ima_pcrread().
Cc: stable@vger.kernel.org
Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Roberto Sassu
|
f387759c2d |
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
commit 6cc7c266e5b47d3cd2b5bb7fd3aac4e6bb2dd1d2 upstream.
If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.
This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.
Cc: stable@vger.kernel.org # 3.13.x
Fixes:
|
||
|
Roberto Sassu
|
64712383a1 |
ima: Directly assign the ima_default_policy pointer to ima_rules
commit 067a436b1b0aafa593344fddd711a755a58afb3b upstream.
This patch prevents the following oops:
[ 10.771813] BUG: kernel NULL pointer dereference, address: 0000000000000
[...]
[ 10.779790] RIP: 0010:ima_match_policy+0xf7/0xb80
[...]
[ 10.798576] Call Trace:
[ 10.798993] ? ima_lsm_policy_change+0x2b0/0x2b0
[ 10.799753] ? inode_init_owner+0x1a0/0x1a0
[ 10.800484] ? _raw_spin_lock+0x7a/0xd0
[ 10.801592] ima_must_appraise.part.0+0xb6/0xf0
[ 10.802313] ? ima_fix_xattr.isra.0+0xd0/0xd0
[ 10.803167] ima_must_appraise+0x4f/0x70
[ 10.804004] ima_post_path_mknod+0x2e/0x80
[ 10.804800] do_mknodat+0x396/0x3c0
It occurs when there is a failure during IMA initialization, and
ima_init_policy() is not called. IMA hooks still call ima_match_policy()
but ima_rules is NULL. This patch prevents the crash by directly assigning
the ima_default_policy pointer to ima_rules when ima_rules is defined. This
wouldn't alter the existing behavior, as ima_rules is always set at the end
of ima_init_policy().
Cc: stable@vger.kernel.org # 3.7.x
Fixes:
|
||
|
Roberto Sassu
|
4ce29d9b19 |
ima: Evaluate error in init_ima()
commit e144d6b265415ddbdc54b3f17f4f95133effa5a8 upstream.
Evaluate error in init_ima() before register_blocking_lsm_notifier() and
return if not zero.
Cc: stable@vger.kernel.org # 5.3.x
Fixes:
|
||
|
Roberto Sassu
|
5f7272bd22 |
ima: Switch to ima_hash_algo for boot aggregate
commit 6f1a1d103b48b1533a9c804e7a069e2c8e937ce7 upstream.
boot_aggregate is the first entry of IMA measurement list. Its purpose is
to link pre-boot measurements to IMA measurements. As IMA was designed to
work with a TPM 1.2, the SHA1 PCR bank was always selected even if a
TPM 2.0 with support for stronger hash algorithms is available.
This patch first tries to find a PCR bank with the IMA default hash
algorithm. If it does not find it, it selects the SHA256 PCR bank for
TPM 2.0 and SHA1 for TPM 1.2. Ultimately, it selects SHA1 also for TPM 2.0
if the SHA256 PCR bank is not found.
If none of the PCR banks above can be found, boot_aggregate file digest is
filled with zeros, as for TPM bypass, making it impossible to perform a
remote attestation of the system.
Cc: stable@vger.kernel.org # 5.1.x
Fixes:
|
||
|
Krzysztof Struczynski
|
0698eacdfc |
ima: Fix ima digest hash table key calculation
commit 1129d31b55d509f15e72dc68e4b5c3a4d7b4da8d upstream.
Function hash_long() accepts unsigned long, while currently only one byte
is passed from ima_hash_key(), which calculates a key for ima_htable.
Given that hashing the digest does not give clear benefits compared to
using the digest itself, remove hash_long() and return the modulus
calculated on the first two bytes of the digest with the number of slots.
Also reduce the depth of the hash table by doubling the number of slots.
Cc: stable@vger.kernel.org
Fixes:
|
||
Wei Yongjun
|
b2083327ea |
selinux: fix error return code in policydb_read()
[ Upstream commit 4c09f8b6913a779ca0c70ea8058bf21537eebb3b ]
Fix to return negative error code -ENOMEM from the kvcalloc() error
handling case instead of 0, as done elsewhere in this function.
Fixes:
|
||
Jeremy Cline
|
6eec65c9e2 |
lockdown: Allow unprivileged users to see lockdown status
[ Upstream commit 60cf7c5ed5f7087c4de87a7676b8c82d96fd166c ]
A number of userspace tools, such as systemtap, need a way to see the
current lockdown state so they can gracefully deal with the kernel being
locked down. The state is already exposed in
/sys/kernel/security/lockdown, but is only readable by root. Adjust the
permissions so unprivileged users can read the state.
Fixes:
|
||
|
Greg Kroah-Hartman
|
eaaa29ec5a |
This is the 5.4.47 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7qK2gACgkQONu9yGCS aT4kaw/8Cknc9G64S1SWchxFj4LnSYzrpeFGXOZBlHBtcCyD12JNGjA6SG6DoGLY /s/1fjBwJWrWpkI36CGNZowNPYtzRMOhyBGj7QHTpEj0vjMTKYXhVieMquQSHwRP zcrYl8f/xWJKo6XNjR1YLh5PWeD6B9dWD1RcvBZ0jCez84jyVT1EyWMWGiodkLMx gmJITO2DBaekelU0yyZJIFePO5DJpcXspf5lrPgkPG9u/U4hZf94AAGMYbXJZ5Rn BDcqGEGQe+mtcG6lq6DGRDH5VVMG4k13MrZJBfrVAhkGU+g6nKQbOXCcdcRjoM6N 9NL8RbcpL0NhphNmrKwjNcYd4kZxYgTQb87FZi+qDxwGQIWIxcET6gL5t/vqAev1 v/uKFLlt5x/2tNtpC8aY8EwdyGcXfeBXEl9AjP7HUWC/KzB8I9vLnokcMvOMYDIg 3wNIsKMYLcLzuLL8oJ7FvDkBO+H/RjSvF4UvQyLOPOJtWSV5uKbLfKIU9sw90G3i t8qo3lNC/J4saJ+jx+O7XoHjFw6biJFATvs0+HtpCkwi0aJm2SGW+OvXuZCGZPnz TW2YsGFCCwL/RPtceJVkGfV3kr7SUB5AGXjueXdC+4QWfmi3POWojjgheQrleS+3 OLxRsUVbQ6hOqEgLAaV6HhzvykkTjDj2Gq8P3I+1Y/eiRHjlpdU= =WYnW -----END PGP SIGNATURE----- Merge 5.4.47 into android-5.4-stable Changes in 5.4.47 ipv6: fix IPV6_ADDRFORM operation logic mlxsw: core: Use different get_trend() callbacks for different thermal zones net_failover: fixed rollback in net_failover_open() tun: correct header offsets in napi frags mode bridge: Avoid infinite loop when suppressing NS messages with invalid options vxlan: Avoid infinite loop when suppressing NS messages with invalid options bpf: Support llvm-objcopy for vmlinux BTF elfnote: mark all .note sections SHF_ALLOC Input: mms114 - fix handling of mms345l ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook sched/fair: Don't NUMA balance for kthreads Input: synaptics - add a second working PNP_ID for Lenovo T470s csky: Fixup abiv2 syscall_trace break a4 & a5 gfs2: Even more gfs2_find_jhead fixes drivers/net/ibmvnic: Update VNIC protocol version reporting powerpc/xive: Clear the page tables for the ESB IO mapping spi: dw: Fix native CS being unset ath9k_htc: Silence undersized packet warnings smack: avoid unused 'sip' variable warning RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated padata: add separate cpuhp node for CPUHP_PADATA_DEAD s390/pci: Log new handle in clp_disable_fh() x86/cpu/amd: Make erratum #1054 a legacy erratum KVM: x86: only do L1TF workaround on affected processors PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay perf probe: Accept the instance number of kretprobe event mm: add kvfree_sensitive() for freeing sensitive data objects selftests: fix flower parent qdisc fanotify: fix ignore mask logic for events on child and on dir aio: fix async fsync creds ipv4: fix a RCU-list lock in fib_triestat_seq_show iwlwifi: mvm: fix NVM check for 3168 devices sctp: fix possibly using a bad saddr with a given dst sctp: fix refcount bug in sctp_wfree x86_64: Fix jiffies ODR violation x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs x86/speculation: Prevent rogue cross-process SSBD shutdown x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. x86/reboot/quirks: Add MacBook6,1 reboot quirk perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel Tremont KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated KVM: x86: respect singlestep when emulating instruction KVM: x86: Fix APIC page invalidation race powerpc/ptdump: Properly handle non standard page size ASoC: max9867: fix volume controls io_uring: use kvfree() in io_sqe_buffer_register() efi/efivars: Add missing kobject_put() in sysfs entry creation error path smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl watchdog: imx_sc_wdt: Fix reboot on crash ALSA: es1688: Add the missed snd_card_free() ALSA: fireface: fix configuration error for nominal sampling transfer frequency ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines ALSA: pcm: disallow linking stream to itself ALSA: pcm: fix snd_pcm_link() lockdep splat ALSA: usb-audio: Fix inconsistent card PM state after resume ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() ACPI: GED: add support for _Exx / _Lxx handler methods ACPI: PM: Avoid using power resources if there are none for D0 arm64: acpi: fix UBSAN warning lib/lzo: fix ambiguous encoding bug in lzo-rle nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() spi: dw: Fix controller unregister order spi: Fix controller unregister order spi: pxa2xx: Fix controller unregister order spi: pxa2xx: Fix runtime PM ref imbalance on probe error spi: bcm2835: Fix controller unregister order spi: bcm2835aux: Fix controller unregister order spi: bcm-qspi: Handle clock probe deferral spi: bcm-qspi: when tx/rx buffer is NULL set to 0 PM: runtime: clk: Fix clk_pm_runtime_get() error path gup: document and work around "COW can break either way" issue crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated crypto: algapi - Avoid spurious modprobe on LOADED crypto: drbg - fix error return code in drbg_alloc_state() x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned firmware: imx: warn on unexpected RX firmware: imx-scu: Support one TX and one RX firmware: imx: scu: Fix corruption of header crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() dccp: Fix possible memleak in dccp_init and dccp_fini selftests/net: in rxtimestamp getopt_long needs terminating null entry net/mlx5: drain health workqueue in case of driver load error net/mlx5: Fix fatal error handling during device load net/mlx5e: Fix repeated XSK usage on one channel ovl: initialize error in ovl_copy_xattr proc: Use new_inode not new_inode_pseudo remoteproc: Fall back to using parent memory pool if no dedicated available remoteproc: Fix and restore the parenting hierarchy for vdev cpufreq: Fix up cpufreq_boost_set_sw() EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable video: vt8500lcdfb: fix fallthrough warning video: fbdev: w100fb: Fix a potential double free. KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 KVM: nSVM: fix condition for filtering async PF KVM: nSVM: leave ASID aside in copy_vmcb_control_area KVM: nVMX: Consult only the "basic" exit reason when routing nested exit KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data) KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits KVM: arm64: Stop writing aarch32's CSSELR into ACTLR KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts scsi: megaraid_sas: TM command refire leads to controller firmware crash scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type selftests/ftrace: Return unsupported if no error_log file ath9k: Fix use-after-free Read in htc_connect_service ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx ath9k: Fix use-after-free Write in ath9k_htc_rx_msg ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb Smack: slab-out-of-bounds in vsscanf drm/vkms: Hold gem object while still in-use mm/slub: fix a memory leak in sysfs_slab_add() fat: don't allow to mount if the FAT length == 0 perf: Add cond_resched() to task_function_call() agp/intel: Reinforce the barrier after GTT updates mmc: sdhci-msm: Clear tuning done flag while hs400 tuning mmc: mmci_sdmmc: fix DMA API warning overlapping mappings mmc: tmio: Further fixup runtime PM management at remove mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe() ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card() block/floppy: fix contended case in floppy_queue_rq() xen/pvcalls-back: test for errors when calling backend_connect() KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception KVM: arm64: Save the host's PtrAuth keys in non-preemptible context Linux 5.4.47 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3fb3216abdbc080b4ac7b827b35ff6a813e28eb8 |
||
Casey Schaufler
|
9c09a772ac |
Smack: slab-out-of-bounds in vsscanf
commit 84e99e58e8d1e26f04c097f4266e431a33987f36 upstream. Add barrier to soob. Return -EOVERFLOW if the buffer is exceeded. Suggested-by: Hillf Danton <hdanton@sina.com> Reported-by: syzbot+bfdd4a2f07be52351350@syzkaller.appspotmail.com Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Waiman Long
|
0b11ec4ae5 |
mm: add kvfree_sensitive() for freeing sensitive data objects
[ Upstream commit d4eaa2837851db2bfed572898bfc17f9a9f9151e ]
For kvmalloc'ed data object that contains sensitive information like
cryptographic keys, we need to make sure that the buffer is always cleared
before freeing it. Using memset() alone for buffer clearing may not
provide certainty as the compiler may compile it away. To be sure, the
special memzero_explicit() has to be used.
This patch introduces a new kvfree_sensitive() for freeing those sensitive
data objects allocated by kvmalloc(). The relevant places where
kvfree_sensitive() can be used are modified to use it.
Fixes: 4f0882491a14 ("KEYS: Avoid false positive ENOMEM error on key read")
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Waiman Long <longman@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Acked-by: David Howells <dhowells@redhat.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Joe Perches <joe@perches.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Uladzislau Rezki <urezki@gmail.com>
Link: http://lkml.kernel.org/r/20200407200318.11711-1-longman@redhat.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Arnd Bergmann
|
3f14df580a |
smack: avoid unused 'sip' variable warning
[ Upstream commit 00720f0e7f288d29681d265c23b22bb0f0f4e5b4 ]
The mix of IS_ENABLED() and #ifdef checks has left a combination
that causes a warning about an unused variable:
security/smack/smack_lsm.c: In function 'smack_socket_connect':
security/smack/smack_lsm.c:2838:24: error: unused variable 'sip' [-Werror=unused-variable]
2838 | struct sockaddr_in6 *sip = (struct sockaddr_in6 *)sap;
Change the code to use C-style checks consistently so the compiler
can handle it correctly.
Fixes: 87fbfffcc89b ("broken ping to ipv6 linklocal addresses on debian buster")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Preeti Nagar
|
55c09c9b96 |
RTIC: Move selinux_state to a separate 4k
We need to relocate selinux_state to a separate 4k page to enable EL2 Hypervisor to monitor changes to this variable using ARM stage 2 MMU. We will avoid getting page faults from un-related data as the MMU granularity is configured to 4k. Change-Id: I7d0e5c9eae0a2a65ca9db73e85283e164e20c11c Signed-off-by: Preeti Nagar <pnagar@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
a9a13eeea9 |
This is the 5.4.45 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7czYMACgkQONu9yGCS aT4YHA//cHSv58LPIlq8k2VYd0PG7qqg5SCU42AAQRPJWG19DavGynEkLUI35eqZ bSqrciaQkkzeoPwawzVGKy1KOaKVnNAr5f9wsFK8XB86PlreRfQfvrR2MniRY33H 5OTfw1127UIWJYuhCB6+PTXNHGNa6VaeGwDjVVczY+Ggsh2fyokxC5kb/FUsjuCN IlK41/dmiDDcP33RSQ82PMjDkEmJZsGhibaliivgV6rDvZeWW8PYnLTP+c24wIeK 6E2+XlP807FljjBPaCgKuTHx9LRDhj9CnUUuuo1LRGDtGNlW1deZ+PFXFJJ3gY0G Ja8RzZUgS6aVsBCbloIOEOwuLzeuZQTvnm5OKxPomOwE+7UIJ4e0xihzrTqji+zv yWfNwA2cErjHWZ3krL+muxbAO7CSatE4OEmn8OPbqOvp9F78r6l8mngHnWNMWkkW gGki69hQ+L/HgcIUOSnErfo+jBGhhsm2RPubl0sb8N4n9eS9TJx5NNlmsCL+uC4c 4wndNES/rPoi80vsIMB1h2PDkkWpjUZx/M6jZ1NuAlTOXgSsa0ZSz3Jvapi7cg2U weFKwAN4l/vHs9sOHASefrtj3mcZwcTJV9a9x0qmaIHpmqSICoptB5H9BTJ/c7sm U4JZ03yQSwkPhxtfDYbngMePcLyYIizGLq+3PbGPOiM1EqLEY8M= =mtHa -----END PGP SIGNATURE----- Merge 5.4.45 into android-5.4-stable Changes in 5.4.45 Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" mm: Fix mremap not considering huge pmd devmap HID: sony: Fix for broken buttons on DS3 USB dongles HID: multitouch: enable multi-input as a quirk for some devices HID: i2c-hid: add Schneider SCL142ALM to descriptor override p54usb: add AirVasT USB stick device-id mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter kernel/relay.c: handle alloc_percpu returning NULL in relay_open mmc: fix compilation of user API media: Revert "staging: imgu: Address a compiler warning on alignment" media: staging: ipu3-imgu: Move alignment attribute to field scsi: ufs: Release clock if DMA map fails net: dsa: mt7530: set CPU port to fallback mode airo: Fix read overflows sending packets drm/i915: fix port checks for MST support on gen >= 11 scsi: hisi_sas: Check sas_port before using it powerpc/powernv: Avoid re-registration of imc debugfs directory powerpc/xmon: Restrict when kernel is locked down spi: dw: use "smp_mb()" to avoid sending spi data error ASoC: intel - fix the card names s390/ftrace: save traced function caller RDMA/qedr: Fix qpids xarray api used RDMA/qedr: Fix synchronization methods and memory leaks in qedr ARC: Fix ICCM & DCCM runtime size checks ARC: [plat-eznps]: Restrict to CONFIG_ISA_ARCOMPACT evm: Fix RCU list related warnings scsi: pm: Balance pm_only counter of request queue during system resume i2c: altera: Fix race between xfer_msg and isr thread io_uring: initialize ctx->sqo_wait earlier x86/mmiotrace: Use cpumask_available() for cpumask_var_t variables net: bmac: Fix read of MAC address from ROM drm/edid: Add Oculus Rift S to non-desktop list s390/mm: fix set_huge_pte_at() for empty ptes null_blk: return error for invalid zone size net/ethernet/freescale: rework quiesce/activate for ucc_geth net: ethernet: stmmac: Enable interface clocks on probe for IPQ806x selftests: mlxsw: qos_mc_aware: Specify arping timeout as an integer net: smsc911x: Fix runtime PM imbalance on error Linux 5.4.45 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I31d3b6ccd9963bd8eb6aad70b2015cead1ec49e3 |
||
Madhuparna Bhowmik
|
1610cd913f |
evm: Fix RCU list related warnings
[ Upstream commit 770f60586d2af0590be263f55fd079226313922c ] This patch fixes the following warning and few other instances of traversal of evm_config_xattrnames list: [ 32.848432] ============================= [ 32.848707] WARNING: suspicious RCU usage [ 32.848966] 5.7.0-rc1-00006-ga8d5875ce5f0b #1 Not tainted [ 32.849308] ----------------------------- [ 32.849567] security/integrity/evm/evm_main.c:231 RCU-list traversed in non-reader section!! Since entries are only added to the list and never deleted, use list_for_each_entry_lockless() instead of list_for_each_entry_rcu for traversing the list. Also, add a relevant comment in evm_secfs.c to indicate this fact. Reported-by: kernel test robot <lkp@intel.com> Suggested-by: Paul E. McKenney <paulmck@kernel.org> Signed-off-by: Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com> Acked-by: Paul E. McKenney <paulmck@kernel.org> (RCU viewpoint) Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Christopher M. Riedl
|
99c63ba21d |
powerpc/xmon: Restrict when kernel is locked down
[ Upstream commit 69393cb03ccdf29f3b452d3482ef918469d1c098 ]
Xmon should be either fully or partially disabled depending on the
kernel lockdown state.
Put xmon into read-only mode for lockdown=integrity and prevent user
entry into xmon when lockdown=confidentiality. Xmon checks the lockdown
state on every attempted entry:
(1) during early xmon'ing
(2) when triggered via sysrq
(3) when toggled via debugfs
(4) when triggered via a previously enabled breakpoint
The following lockdown state transitions are handled:
(1) lockdown=none -> lockdown=integrity
set xmon read-only mode
(2) lockdown=none -> lockdown=confidentiality
clear all breakpoints, set xmon read-only mode,
prevent user re-entry into xmon
(3) lockdown=integrity -> lockdown=confidentiality
clear all breakpoints, set xmon read-only mode,
prevent user re-entry into xmon
Suggested-by: Andrew Donnellan <ajd@linux.ibm.com>
Signed-off-by: Christopher M. Riedl <cmr@informatik.wtf>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20190907061124.1947-3-cmr@informatik.wtf
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
f520ca124c |
This is the 5.4.44 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7XQXMACgkQONu9yGCS aT4OHw//YYuI/61rkff6/3qAE4gDwTZolVywu5HHzT5W7t7qeHPzJin2u04RBiS8 4S8Mut0RUSK/0IyB0B3S342ntia1v41Q04veWm0K90iAScScjjUapLDXC/P3StA0 iitGKJ8QFDS49+PFKFYkyXEsv6HYlDbtTmS0yxVoooSr+uqeR7m6rS1jsDsfUTaR T4tvfX8VPHkgfkfkOKCUq8/rM3uDW3lSk3JflIbPwRBQo9KvNPnfBetU9p//dCHG CB1K9K3sB6xLkKe7Ut7PlwoTq/Lc8qOma535xy3A8Iv6fVq4+hPE2jsB93WGI270 WoEZbHpon7W6g/bU+C+CGfov2zBtz1dKHfWNcK5+dEkEQjjzKvvigfUvaKjyUUKB Vo5rQ3GZQ4JsMkHEJaLOlp3/SkdRd6RV/E0YErBISNeswzqsOgTrX8mz6wfQInwd Ww7V9LKdwSD6h2DuzutUbEm1X8i8glXammWEOUuh6zzQ3+WS57R1L+Nkr/6WxpgN w2g7F0+5enUbE1kIdq5OCzY1D0gBpT1o5YlrZgdL2GF5lU1b/lhsGhV6P83fl2Mf rTGFtg5M1pNgjbUkSH3VHHof35PM9vQZ6lrYbKMCjwymVY+BcR6nsCadfLqjMGnW NCYeiAmoIVCJX7q0hONww+TevZ3T+SLUjQ2os3WzooPC51MPOAQ= =5p6V -----END PGP SIGNATURE----- Merge 5.4.44 into android-5.4-stable Changes in 5.4.44 ax25: fix setsockopt(SO_BINDTODEVICE) dpaa_eth: fix usage as DSA master, try 3 net: don't return invalid table id error when we fall back to PF_UNSPEC net: dsa: mt7530: fix roaming from DSA user ports net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend __netif_receive_skb_core: pass skb by reference net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* net: ipip: fix wrong address family in init error path net/mlx5: Add command entry handling completion net: mvpp2: fix RX hashing for non-10G ports net: nlmsg_cancel() if put fails for nhmsg net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" net sched: fix reporting the first-time use timestamp net/tls: fix race condition causing kernel panic nexthop: Fix attribute checking for groups r8152: support additional Microsoft Surface Ethernet Adapter variant sctp: Don't add the shutdown timer if its already been added sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed tipc: block BH before using dst_cache net/mlx5e: kTLS, Destroy key object after destroying the TIS net/mlx5e: Fix inner tirs handling net/mlx5: Fix memory leak in mlx5_events_init net/mlx5e: Update netdev txq on completions during closure net/mlx5: Fix error flow in case of function_setup failure net/mlx5: Annotate mutex destroy for root ns net/tls: fix encryption error checking net/tls: free record only on encryption error net: sun: fix missing release regions in cas_init_one(). net/mlx4_core: fix a memory leak bug. mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload fails ARM: dts: rockchip: fix phy nodename for rk3228-evb ARM: dts: rockchip: fix phy nodename for rk3229-xms6 arm64: dts: rockchip: fix status for &gmac2phy in rk3328-evb.dts arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node ARM: dts: rockchip: swap clock-names of gpu nodes ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi gpio: tegra: mask GPIO IRQs during IRQ shutdown ALSA: usb-audio: add mapping for ASRock TRX40 Creator net: microchip: encx24j600: add missed kthread_stop gfs2: move privileged user check to gfs2_quota_lock_check gfs2: Grab glock reference sooner in gfs2_add_revoke drm/amdgpu: drop unnecessary cancel_delayed_work_sync on PG ungate drm/amd/powerplay: perform PG ungate prior to CG ungate drm/amdgpu: Use GEM obj reference for KFD BOs cachefiles: Fix race between read_waiter and read_copier involving op->to_do usb: dwc3: pci: Enable extcon driver for Intel Merrifield usb: phy: twl6030-usb: Fix a resource leak in an error handling path in 'twl6030_usb_probe()' usb: gadget: legacy: fix redundant initialization warnings net: freescale: select CONFIG_FIXED_PHY where needed IB/i40iw: Remove bogus call to netdev_master_upper_dev_get() riscv: stacktrace: Fix undefined reference to `walk_stackframe' clk: ti: am33xx: fix RTC clock parent csky: Fixup msa highest 3 bits mask csky: Fixup perf callchain unwind csky: Fixup remove duplicate irq_disable hwmon: (nct7904) Fix incorrect range of temperature limit registers cifs: Fix null pointer check in cifs_read csky: Fixup raw_copy_from_user() samples: bpf: Fix build error drivers: net: hamradio: Fix suspicious RCU usage warning in bpqether.c Input: usbtouchscreen - add support for BonXeon TP Input: evdev - call input_flush_device() on release(), not flush() Input: xpad - add custom init packet for Xbox One S controllers Input: dlink-dir685-touchkeys - fix a typo in driver name Input: i8042 - add ThinkPad S230u to i8042 reset list Input: synaptics-rmi4 - really fix attn_data use-after-free Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() ARM: 8970/1: decompressor: increase tag size ARM: uaccess: consolidate uaccess asm to asm/uaccess-asm.h ARM: uaccess: integrate uaccess_save and uaccess_restore ARM: uaccess: fix DACR mismatch with nested exceptions gpio: exar: Fix bad handling for ida_simple_get error path arm64: dts: mt8173: fix vcodec-enc clock soc: mediatek: cmdq: return send msg error code gpu/drm: Ingenic: Fix opaque pointer casted to wrong type IB/qib: Call kobject_put() when kobject_init_and_add() fails ARM: dts/imx6q-bx50v3: Set display interface clock parents ARM: dts: bcm2835-rpi-zero-w: Fix led polarity ARM: dts: bcm: HR2: Fix PPI interrupt types mmc: block: Fix use-after-free issue for rpmb gpio: pxa: Fix return value of pxa_gpio_probe() gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() ALSA: hwdep: fix a left shifting 1 by 31 UB bug ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC exec: Always set cap_ambient in cap_bprm_set_creds clk: qcom: gcc: Fix parent for gpll0_out_even ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio ALSA: hda/realtek - Add new codec supported for ALC287 libceph: ignore pool overlay and cache logic on redirects ceph: flush release queue when handling caps for unknown inode RDMA/core: Fix double destruction of uobject drm/amd/display: drop cursor position check in atomic test IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode mm,thp: stop leaking unreleased file pages mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() include/asm-generic/topology.h: guard cpumask_of_node() macro argument Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT" gpio: fix locking open drain IRQ lines iommu: Fix reference count leak in iommu_group_alloc. parisc: Fix kernel panic in mem_init() cfg80211: fix debugfs rename crash x86/syscalls: Revert "x86/syscalls: Make __X32_SYSCALL_BIT be unsigned long" mac80211: mesh: fix discovery timer re-arming issue / crash x86/dma: Fix max PFN arithmetic overflow on 32 bit systems copy_xstate_to_kernel(): don't leave parts of destination uninitialized xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input xfrm: do pskb_pull properly in __xfrm_transport_prep xfrm: remove the xfrm_state_put call becofe going to out_reset xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output xfrm interface: fix oops when deleting a x-netns interface xfrm: fix a warning in xfrm_policy_insert_list xfrm: fix a NULL-ptr deref in xfrm_local_error xfrm: fix error in comment ip_vti: receive ipip packet by calling ip_tunnel_rcv netfilter: nft_reject_bridge: enable reject with bridge vlan netfilter: ipset: Fix subcounter update skip netfilter: conntrack: make conntrack userspace helpers work again netfilter: nfnetlink_cthelper: unbreak userspace helper support netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code esp6: get the right proto for transport mode in esp6_gso_encap bnxt_en: Fix accumulation of bp->net_stats_prev. ieee80211: Fix incorrect mask for default PE duration xsk: Add overflow check for u64 division, stored into u32 qlcnic: fix missing release in qlcnic_83xx_interrupt_test. crypto: chelsio/chtls: properly set tp->lsndtime nexthops: Move code from remove_nexthop_from_groups to remove_nh_grp_entry nexthops: don't modify published nexthop groups nexthop: Expand nexthop_is_multipath in a few places ipv4: nexthop version of fib_info_nh_uses_dev net: dsa: declare lockless TX feature for slave ports bonding: Fix reference count leak in bond_sysfs_slave_add. netfilter: conntrack: comparison of unsigned in cthelper confirmation netfilter: conntrack: Pass value of ctinfo to __nf_conntrack_update netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build perf: Make perf able to build with latest libbfd Linux 5.4.44 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idd547df1abb0bea116f30e3224a80387529adb0b |
||
Eric W. Biederman
|
68fe063327 |
exec: Always set cap_ambient in cap_bprm_set_creds
[ Upstream commit a4ae32c71fe90794127b32d26d7ad795813b502e ]
An invariant of cap_bprm_set_creds is that every field in the new cred
structure that cap_bprm_set_creds might set, needs to be set every
time to ensure the fields does not get a stale value.
The field cap_ambient is not set every time cap_bprm_set_creds is
called, which means that if there is a suid or sgid script with an
interpreter that has neither the suid nor the sgid bits set the
interpreter should be able to accept ambient credentials.
Unfortuantely because cap_ambient is not reset to it's original value
the interpreter can not accept ambient credentials.
Given that the ambient capability set is expected to be controlled by
the caller, I don't think this is particularly serious. But it is
definitely worth fixing so the code works correctly.
I have tested to verify my reading of the code is correct and the
interpreter of a sgid can receive ambient capabilities with this
change and cannot receive ambient capabilities without this change.
Cc: stable@vger.kernel.org
Cc: Andy Lutomirski <luto@kernel.org>
Fixes:
|
||
|
Greg Kroah-Hartman
|
441ba323ad |
Revert "ANDROID: sdcardfs: Enable modular sdcardfs"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
750140e3c4 |
Revert "ANDROID: vfs: Add permission2 for filesystems with per mount permissions"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
f7b4f375c7 |
This is the 5.4.43 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7Oi20ACgkQONu9yGCS aT4ipBAA1Kqh2mLEcDBISubrU4CuOl/iHmkCXyF1FeF9+vJKz25whbfYO/FNYweP 2HYxGyuqLTQ0OnsfrXeEoImlxdAcWp3TjAFPgJdonLBvnVDmvlPe6Pzk1NRPhvce zU/Y1leE+LoQ7xDfICPJ9BwuwwYTRzRqMQHmIuVlsHLSiN+rextPj6vkzD+7h4ux i9VKoDvzmWuLrHmc9RYNoGxuZ5tGogBaCxI8tnzHGcm21bNVvsKZiANQ2J+6G2bJ sJwqq5tH2gZ6cJxmJ1tVyMbXLIJanNKLeBC5sDQN4rss9pU4gtyEARqVG+9RlglQ FeSlBuoaISJYYejo6aSH7nw81bTQrXexd0sH94qYqnqPlZo+OXN8vxHTaIapYEfd fjqyEblZXqpnMNVQcZOxbrYaefuIrZ9Q8pWUFTwVj34P8RNJLBIvg5gy2dlRvHbC PGLJewOXySZaXVpD5gFU349L32d4QPw9MmMU5php+LOl4idN8RlVY0pOaUuO0idH ewO+6vijLgHq/5HBO6BBToRlNUvLauoUeAaQwoHfPiuuYnGGFCZ9GEjPRsHnCBok IAKQ2Uj+IqlMy7gKVtG1ryekil7TVktrZQ1JBokRLWQPZiED84r7P1lQqPaH/4f4 GFFRhx3tekJs4LMMUEaUR019Q9ZcQMWkikT1/HpVOYUjQd55pc4= =jmiq -----END PGP SIGNATURE----- Merge 5.4.43 into android-5.4-stable Changes in 5.4.43 i2c: dev: Fix the race between the release of i2c_dev and cdev KVM: SVM: Fix potential memory leak in svm_cpu_init() ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() evm: Check also if *tfm is an error pointer in init_desc() ima: Fix return value of ima_write_policy() ubifs: fix wrong use of crypto_shash_descsize() ACPI: EC: PM: Avoid flushing EC work when EC GPE is inactive mtd: spinand: Propagate ECC information to the MTD structure fix multiplication overflow in copy_fdtable() ubifs: remove broken lazytime support i2c: fix missing pm_runtime_put_sync in i2c_device_probe iommu/amd: Fix over-read of ACPI UID from IVRS table evm: Fix a small race in init_desc() i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' ubi: Fix seq_file usage in detailed_erase_block_info debugfs file afs: Don't unlock fetched data pages until the op completes successfully mtd: Fix mtd not registered due to nvmem name collision kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() gcc-common.h: Update for GCC 10 HID: multitouch: add eGalaxTouch P80H84 support HID: alps: Add AUI1657 device ID HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV scsi: qla2xxx: Delete all sessions before unregister local nvme port configfs: fix config_item refcnt leak in configfs_rmdir() vhost/vsock: fix packet delivery order to monitoring devices aquantia: Fix the media type of AQC100 ethernet controller in the driver component: Silence bind error on -EPROBE_DEFER net/ena: Fix build warning in ena_xdp_set() scsi: ibmvscsi: Fix WARN_ON during event pool release HID: i2c-hid: reset Synaptics SYNA2393 on resume x86/mm/cpa: Flush direct map alias during cpa ibmvnic: Skip fatal error reset after passive init ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set x86/apic: Move TSC deadline timer debug printk gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock ceph: fix double unlock in handle_cap_export() stmmac: fix pointer check after utilization in stmmac_interrupt USB: core: Fix misleading driver bug report platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA iommu/amd: Call domain_flush_complete() in update_domain() drm/amd/display: Prevent dpcd reads with passive dongles KVM: selftests: Fix build for evmcs.h ARM: futex: Address build warning scripts/gdb: repair rb_first() and rb_last() ALSA: hda - constify and cleanup static NodeID tables ALSA: hda: patch_realtek: fix empty macro usage in if block ALSA: hda: Manage concurrent reg access more properly ALSA: hda/realtek - Add supported new mute Led for HP ALSA: hda/realtek - Add HP new mute led supported for ALC236 ALSA: hda/realtek: Add quirk for Samsung Notebook ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option ALSA: pcm: fix incorrect hw_base increase ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme ALSA: hda/realtek - Add more fixup entries for Clevo machines scsi: qla2xxx: Do not log message when reading port speed via sysfs scsi: target: Put lun_ref at end of tmr processing arm64: Fix PTRACE_SYSEMU semantics drm/etnaviv: fix perfmon domain interation apparmor: Fix use-after-free in aa_audit_rule_init apparmor: fix potential label refcnt leak in aa_change_profile apparmor: Fix aa_label refcnt leak in policy_update dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' drm/etnaviv: Fix a leak in submit_pin_objects() dmaengine: dmatest: Restore default for channel dmaengine: owl: Use correct lock in owl_dma_get_pchan() vsprintf: don't obfuscate NULL and error pointers drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance. drm/i915: Propagate error from completed fences powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE powerpc/64s: Disable STRICT_KERNEL_RWX bpf: Avoid setting bpf insns pages read-only when prog is jited kbuild: Remove debug info from kallsyms linking Revert "gfs2: Don't demote a glock until its revokes are written" media: fdp1: Fix R-Car M3-N naming in debug message staging: iio: ad2s1210: Fix SPI reading staging: kpc2000: fix error return code in kp2000_pcie_probe() staging: greybus: Fix uninitialized scalar variable iio: sca3000: Remove an erroneous 'get_device()' iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' iio: adc: ti-ads8344: Fix channel selection misc: rtsx: Add short delay after exit from ASPM tty: serial: add missing spin_lock_init for SiFive serial console mei: release me_cl object reference ipack: tpci200: fix error return code in tpci200_register() s390/pci: Fix s390_mmio_read/write with MIO s390/kaslr: add support for R_390_JMP_SLOT relocation type device-dax: don't leak kernel memory to user space after unloading kmem rapidio: fix an error in get_user_pages_fast() error handling kasan: disable branch tracing for core runtime rxrpc: Fix the excessive initial retransmission timeout rxrpc: Fix a memory leak in rxkad_verify_response() s390/kexec_file: fix initrd location for kdump kernel flow_dissector: Drop BPF flow dissector prog ref on netns cleanup x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-adc: fix device used to request dma iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() iio: adc: stm32-dfsdm: fix device used to request dma rxrpc: Trace discarded ACKs rxrpc: Fix ack discard tpm: check event log version before reading final events sched/fair: Reorder enqueue/dequeue_task_fair path sched/fair: Fix reordering of enqueue/dequeue_task_fair() sched/fair: Fix enqueue_task_fair() warning some more Linux 5.4.43 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1582df67569f34c4455c482ed0eaf10fc1a34e03 |
||
Xiyu Yang
|
870a45e0b5 |
apparmor: Fix aa_label refcnt leak in policy_update
commit c6b39f070722ea9963ffe756bfe94e89218c5e63 upstream.
policy_update() invokes begin_current_label_crit_section(), which
returns a reference of the updated aa_label object to "label" with
increased refcount.
When policy_update() returns, "label" becomes invalid, so the refcount
should be decreased to keep refcount balanced.
The reference counting issue happens in one exception handling path of
policy_update(). When aa_may_manage_policy() returns not NULL, the
refcnt increased by begin_current_label_crit_section() is not decreased,
causing a refcnt leak.
Fix this issue by jumping to "end_section" label when
aa_may_manage_policy() returns not NULL.
Fixes:
|
||
|
Xiyu Yang
|
054934aa9f |
apparmor: fix potential label refcnt leak in aa_change_profile
commit a0b845ffa0d91855532b50fc040aeb2d8338dca4 upstream.
aa_change_profile() invokes aa_get_current_label(), which returns
a reference of the current task's label.
According to the comment of aa_get_current_label(), the returned
reference must be put with aa_put_label().
However, when the original object pointed by "label" becomes
unreachable because aa_change_profile() returns or a new object
is assigned to "label", reference count increased by
aa_get_current_label() is not decreased, causing a refcnt leak.
Fix this by calling aa_put_label() before aa_change_profile() return
and dropping unnecessary aa_get_current_label().
Fixes:
|
||
Navid Emamdoost
|
97d817b9ef |
apparmor: Fix use-after-free in aa_audit_rule_init
commit c54d481d71c6849e044690d3960aaebc730224cc upstream.
In the implementation of aa_audit_rule_init(), when aa_label_parse()
fails the allocated memory for rule is released using
aa_audit_rule_free(). But after this release, the return statement
tries to access the label field of the rule which results in
use-after-free. Before releasing the rule, copy errNo and return it
after release.
Fixes:
|
||
Dan Carpenter
|
dd540f2d7c |
evm: Fix a small race in init_desc()
[ Upstream commit 8433856947217ebb5697a8ff9c4c9cad4639a2cf ]
The IS_ERR_OR_NULL() function has two conditions and if we got really
unlucky we could hit a race where "ptr" started as an error pointer and
then was set to NULL. Both conditions would be false even though the
pointer at the end was NULL.
This patch fixes the problem by ensuring that "*tfm" can only be NULL
or valid. I have introduced a "tmp_tfm" variable to make that work. I
also reversed a condition and pulled the code in one tab.
Reported-by: Roberto Sassu <roberto.sassu@huawei.com>
Fixes: 53de3b080d5e ("evm: Check also if *tfm is an error pointer in init_desc()")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Roberto Sassu <roberto.sassu@huawei.com>
Acked-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Roberto Sassu
|
48bbd44f5f |
ima: Fix return value of ima_write_policy()
[ Upstream commit 2e3a34e9f409ebe83d1af7cd2f49fca7af97dfac ]
This patch fixes the return value of ima_write_policy() when a new policy
is directly passed to IMA and the current policy requires appraisal of the
file containing the policy. Currently, if appraisal is not in ENFORCE mode,
ima_write_policy() returns 0 and leads user space applications to an
endless loop. Fix this issue by denying the operation regardless of the
appraisal mode.
Cc: stable@vger.kernel.org # 4.10.x
Fixes:
|
||
|
Roberto Sassu
|
1066327bf9 |
evm: Check also if *tfm is an error pointer in init_desc()
[ Upstream commit 53de3b080d5eae31d0de219617155dcc34e7d698 ]
This patch avoids a kernel panic due to accessing an error pointer set by
crypto_alloc_shash(). It occurs especially when there are many files that
require an unsupported algorithm, as it would increase the likelihood of
the following race condition:
Task A: *tfm = crypto_alloc_shash() <= error pointer
Task B: if (*tfm == NULL) <= *tfm is not NULL, use it
Task B: rc = crypto_shash_init(desc) <= panic
Task A: *tfm = NULL
This patch uses the IS_ERR_OR_NULL macro to determine whether or not a new
crypto context must be created.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Roberto Sassu
|
4aedc534b6 |
ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
[ Upstream commit 0014cc04e8ec077dc482f00c87dfd949cfe2b98f ] Commit |
||
|
Blagovest Kolenichev
|
4e2b270d2c |
Merge android-5.4.26 (0d3cca0c) into msm-5.4
* refs/heads/tmp-0d3cca0c:
UPSTREAM: driver core: Skip unnecessary work when device doesn't have sync_state()
Linux 5.4.26
net/smc: cancel event worker during device removal
net/smc: check for valid ib_client_data
ipv6: restrict IPV6_ADDRFORM operation
iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE
i2c: acpi: put device when verifying client fails
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: nft_chain_nat: inet family is missing module ownership
netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute
netfilter: nft_tunnel: add missing attribute validation for tunnels
netfilter: nft_payload: add missing attribute validation for payload csum flags
netfilter: cthelper: add missing attribute validation for cthelper
perf bench futex-wake: Restore thread count default to online CPU count
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for critical protocol indication
i2c: gpio: suppress error on probe defer
iommu/vt-d: Fix RCU-list bugs in intel_iommu_init()
driver code: clarify and fix platform device DMA mask allocation
drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits
pinctrl: core: Remove extra kref_get which blocks hogs being freed
drm/i915/gvt: Fix dma-buf display blur issue on CFL
virtio_ring: Fix mem leak with vring_new_virtqueue()
pinctrl: imx: scu: Align imx sc msg structs to 4
pinctrl: meson-gxl: fix GPIOX sdio pins
clk: imx8mn: Fix incorrect clock defines
batman-adv: Don't schedule OGM for disabled interface
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: Fix RCU list debugging warnings
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/dma: Fix MSI reservation allocation
x86/mce: Fix logic and comments around MSR_PPIN_CTL
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
mt76: fix array overflow on receiving too many fragments for a packet
i2c: designware-pci: Fix BUG_ON during device removal
efi: Add a sanity check to efivar_store_raw()
efi: Fix a race and a buffer overflow while reading efivars via sysfs
x86/ioremap: Map EFI runtime services data as encrypted for SEV
macintosh: windfarm: fix MODINFO regression
fscrypt: don't evict dirty inodes after removing key
blk-iocost: fix incorrect vtime comparison in iocg_is_idle()
ipmi_si: Avoid spurious errors for optional IRQs
s390/dasd: fix data corruption for thin provisioned devices
fuse: fix stack use after return
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
cifs_atomic_open(): fix double-put on late allocation failure
ktest: Add timeout for ssh sync testing
pinctrl: falcon: fix syntax error
mmc: sdhci-pci-gli: Enable MSI interrupt for GL975x
drm/i915: Defer semaphore priority bumping to a workqueue
drm/i915: be more solid in checking the alignment
drm/amd/display: remove duplicated assignment to grph_obj_type
workqueue: don't use wq_select_unbound_cpu() for bound works
netfilter: x_tables: xt_mttg_seq_next should increase position index
netfilter: xt_recent: recent_seq_next should increase position index
netfilter: synproxy: synproxy_cpu_seq_next should increase position index
netfilter: nf_conntrack: ct_cpu_seq_next should increase position index
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
netfilter: nf_tables: fix infinite loop when expr is not available
cgroup: Iterate tasks that did not finish do_exit()
cgroup: cgroup_procs_next should increase position index
net: phy: Avoid multiple suspends
net: dsa: Don't instantiate phylink for CPU/DSA ports unless needed
selftests/net/fib_tests: update addr_metric_test for peer route testing
net/ipv6: remove the old peer route if change it to a new one
net/ipv6: need update peer route when modify metric
net: phy: fix MDIO bus PM PHY resuming
net: phy: avoid clearing PHY interrupts twice in irq handler
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for deactivate target
nfc: add missing attribute validation for SE API
tipc: add missing attribute validation for MTU property
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: taprio: add missing attribute validation for txtime delay
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
can: add missing attribute validation for termination
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
devlink: validate length of region addr/len
devlink: validate length of param values
net: memcg: fix lockdep splat in inet_csk_accept()
net: memcg: late association of sock to memcg
cgroup: memcg: net: do not associate sock with unrelated cgroup
bnxt_en: fix error handling when flashing from file
bnxt_en: reinitialize IRQs when MTU is modified
bonding/alb: make sure arp header is pulled before accessing it
taprio: Fix sending packets without dequeueing them
slip: make slhc_compress() more robust against malicious packets
sfc: detach from cb_page in efx_copy_channel()
r8152: check disconnect status after long sleep
net: systemport: fix index check to avoid an array out of bounds access
net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used
net: phy: bcm63xx: fix OOPS due to missing driver name
net/packet: tpacket_rcv: do not increment ring index on drop
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
netlink: Use netlink header as base to calculate bad attribute offset
net/ipv6: use configured metric when add peer route
net: hns3: fix a not link up issue when fibre port supports autoneg
net: fec: validate the new settings in fec_enet_set_coalesce()
net: dsa: mv88e6xxx: fix lockup on warm boot
net: dsa: fix phylink_start()/phylink_stop() calls
macvlan: add cond_resched() during multicast processing
ipvlan: don't deref eth hdr before checking it's set
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: do not add hardware address of master to its unicast filter list
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
inet_diag: return classid for all socket types
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported
ALSA: hda/realtek - Add Headset Mic supported for HP cPC
ALSA: hda/realtek - More constifications
virtio_balloon: Adjust label in virtballoon_probe
ANDROID: GKI: Revert "mm: unexport free_reserved_area"
ANDROID: Export functions to be used with dma_map_ops in modules
ANDROID: GKI: add android_kabi.h
ANDROID: GKI: update abi due to CONFIG_JUMP_LABEL being enabled
ANDROID: GKI: enable CONFIG_JUMP_LABEL
ANDROID: Add build.config.gki-debug.x86_64
ANDROID: update the abi signatures
ANDROID: Add build.config.gki-debug.aarch64
Revert "ANDROID: drm: edid: add support for additional CEA extension blocks"
Revert "ANDROID: drm: Parse Colorimetry data block from EDID"
ANDROID: Add build.config files for ARM 32-bit
ANDROID: Kconfig.gki: Add FRAME_VECTOR
UPSTREAM: cgroup: Iterate tasks that did not finish do_exit()
ANDROID: gki_defconfig: Enable more USB_CONFIGFS gadgets
Revert "ANDROID: tty: serdev: Fix broken serial console input"
ANDROID: serdev: restrict claim of platform devices
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
FROMGIT: ASoC: sprd: Allow the MCDT driver to build into modules
FROMGIT: thermal: sprd: Add Spreadtrum thermal driver support
FROMGIT: dt-bindings: thermal: sprd: Add the Spreadtrum thermal documentation
ANDROID: ABI update due to power supply patches being merged
FROMGIT: pinctrl: sprd: Fix the kconfig warning
FROMGIT: pinctrl: sprd: Allow the SPRD pinctrl driver building into a module
FROMGIT: pinctrl: Export some needed symbols at module load time
FROMGIT: power: reset: sc27xx: Allow the SC27XX poweroff driver building into a module
FROMGIT: power: reset: sc27xx: Change to use cpu_down()
FROMGIT: power: reset: sc27xx: Power off the external subsystems' connection
FROMGIT: power: supply: sc27xx: Add POWER_SUPPLY_PROP_CHARGE_NOW attribute
UPSTREAM: power: supply: sc27xx: Calibrate the resistance of coulomb counter
UPSTREAM: dt-bindings: power: sc27xx: Add a new property to describe the real resistance of coulomb counter chip
UPSTREAM: power: supply: sc27xx: Optimize the battery resistance with measuring temperature
UPSTREAM: power: supply: core: Add battery internal resistance temperature table support
UPSTREAM: dt-bindings: power: Introduce one property to describe the battery resistance with temperature changes
ANDROID: abi_gki_aarch64_whitelist: update after whitelist changes
ANDROID: update abi_gki_aarch64_cuttlefish_whitelist
ANDROID: update abi_gki_aarch64_db845c_whitelist
ANDROID: update abi due to interconnect changes
UPSTREAM: interconnect: Handle memory allocation errors
UPSTREAM: interconnect: Add basic tracepoints
UPSTREAM: interconnect: Add a name to struct icc_path
UPSTREAM: interconnect: Move internal structs into a separate file
Linux 5.4.25
drm/virtio: module_param_named() requires linux/moduleparam.h
csky: Implement copy_thread_tls
block, bfq: remove ifdefs from around gets/puts of bfq groups
block, bfq: get a ref to a group when adding it to a service tree
efi: READ_ONCE rng seed size before munmap
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
bus: ti-sysc: Fix 1-wire reset quirk
arm64: dts: meson: fix gxm-khadas-vim2 wifi
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
dma-buf: free dmabuf->name in dma_buf_release()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RDMA/core: Fix protection fault in ib_mr_pool_destroy
RDMA/iwcm: Fix iwcm work deallocation
RDMA/siw: Fix failure handling during device creation
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/rw: Fix error flow during RDMA context initialization
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
soc: imx-scu: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: misc: Align imx sc msg structs to 4
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
ARM: dts: imx6: phycore-som: fix emmc supply
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
drm/i915/selftests: Fix return in assert_mmap_offset()
drm/i915: Program MBUS with rmw during initialization
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: Add separate DE3 VI layer formats
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/panfrost: Don't try to map on error faults
spi: atmel-quadspi: fix possible MMIO window size overrun
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
powerpc: Convert flush_icache_range & friends to C
powerpc: define helpers to get L1 icache sizes
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
drm/virtio: fix resource id creation race
drm/virtio: make resource id workaround runtime switchable.
spi: bcm63xx-hsspi: Really keep pll clk enabled
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
arm64: dts: meson-sm1-sei610: add missing interrupt-names
dm: fix congested_fn for request-based device
dm zoned: Fix reference counter initial value of chunk works
dm writecache: verify watermark during resume
dm: report suspended device during destroy
dm cache: fix a crash due to incorrect work item cancelling
dm integrity: fix invalid table returned due to argument count mismatch
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: imx-sdma: fix context cache
s390/mm: fix panic in gup_fast on large pud
s390/pci: Fix unexpected write combine on resource
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
spi: spidev: Fix CS polarity if GPIO descriptors are used
perf arm-spe: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf intel-pt: Fix endless record after being terminated
media: v4l2-mem2mem.c: fix broken links
media: vicodec: process all 4 components for RGB32 formats
media: mc-entity.c: use & to check pad flags, not ==
media: hantro: Fix broken media controller links
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty: serial: fsl_lpuart: free IDs allocated by IDA
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
arm64: dts: socfpga: agilex: Fix gmac compatible
btrfs: fix RAID direct I/O reads with alternate csums
fat: fix uninit-memory access for partial initialized inode
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: cdns3: gadget: link trb should point to next request
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: fix rename() by ensuring source handle opened with DELETE bit
cifs: don't leak -EAGAIN for stat() during reconnect
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Add Headset Mic supported
binder: prevent UAF for binderfs devices II
binder: prevent UAF for binderfs devices
firmware: imx: scu: Ensure sequential TX
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
arch/csky: fix some Kconfig typos
csky: Fixup compile warning for three unimplemented syscalls
csky: Fixup ftrace modify panic
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/mm: Fixup export invalid_pte_table symbol
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
ice: Don't tell the OS that link is going down
nvme: Fix uninitialized-variable warning
s390/qdio: fill SL with absolute addresses
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
nvme-pci: Use single IRQ vector for old Apple models
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
iommu/amd: Disable IOMMU on Stoney Ridge systems
net/mlx5: DR, Fix matching on vport gvmi
efi: Only print errors about failing to get certs if EFI vars are found
s390: make 'install' not depend on vmlinux
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
net: atlantic: check rpc result and wait for rpc address
selftests: forwarding: vxlan_bridge_1d: fix tos value
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
drm/msm/dsi/pll: call vco set rate explicitly
drm/msm/dsi: save pll state before dsi host is powered off
scsi: megaraid_sas: silence a warning
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
drm/modes: Make sure to parse valid rotation value from cmdline
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
habanalabs: patched cb equals user cb in device memset
habanalabs: do not halt CoreSight during hard reset
habanalabs: halt the engines before hard-reset
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
ALSA: hda: do not override bus codec_mask in link_get()
blktrace: fix dereference after null check
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
kbuild: fix 'No such file or directory' warning when cleaning
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
dm thin metadata: fix lockdep complaint
net: stmmac: fix notifier registration
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
block, bfq: do not insert oom queue into position tree
block, bfq: get extra ref to prevent a queue from being freed during a group move
FROMGIT: kallsyms: unexport kallsyms_lookup_name() and kallsyms_on_each_symbol()
FROMGIT: samples/hw_breakpoint: drop use of kallsyms_lookup_name()
FROMGIT: samples/hw_breakpoint: drop HW_BREAKPOINT_R when reporting writes
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
ANDROID: ABI/Whitelist: update whitelist of unisoc upstream code
ANDROID: gki_defconfig: Enable CONFIG_VM_EVENT_COUNTERS
ANDROID: gki_defconfig: Enable CONFIG_CLEANCACHE
ANDROID: arm64: update the abi with the new gki_defconfig
ANDROID: gki_defconfig: disable CONFIG_DEBUG_DEVRES
ANDROID: Update the abi xml file
ANDROID: GKI: arm64: reserve space in cpu_hwcaps and cpu_hwcap_keys arrays
FROMGIT: power: supply: Allow charger manager can be built as a module
ANDROID: arm64: gki_defconfig: disable CONFIG_DEBUG_PREEMPT
ANDROID: iommu/iova: Fix to use __alloc_and_insert_iova_best_fit
ANDROID: enable CONFIG_WATCHDOG_CORE=y
ANDROID: kbuild: align UNUSED_KSYMS_WHITELIST with upstream
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
ANDROID: gki_defconfig: enable CONFIG_TYPEC
UPSTREAM: scsi: ufs: ufs-mediatek: add waiting time for reference clock
UPSTREAM: scsi: ufs: introduce common function to disable host TX LCC
UPSTREAM: scsi: ufs: ufs-mediatek: fix TX LCC disabling timing
UPSTREAM: scsi: ufs: ufs-mediatek: gate ref-clk during Auto-Hibern8
UPSTREAM: scsi: ufs: fix Auto-Hibern8 error detection
UPSTREAM: scsi: ufs: ufs-mediatek: support linkoff state during suspend
UPSTREAM: scsi: ufs: ufs-mediatek: ensure UniPro is not powered down before linkup
UPSTREAM: scsi: ufs: Move ufshcd_get_max_pwr_mode() to ufshcd_device_params_init()
BACKPORT: scsi: ufs: Split ufshcd_probe_hba() based on its called flow
FROMGIT: driver core: Reevaluate dev->links.need_for_probe as suppliers are added
FROMGIT: driver core: Call sync_state() even if supplier has no consumers
ANDROID: cpufreq: times: Remove per-UID time in state tracking
Revert "ANDROID: proc: Add /proc/uid directory"
Revert "ANDROID: cpufreq: Add time_in_state to /proc/uid directories"
ANDROID: cpufreq: times: Remove /proc/uid_concurrent_{active,policy}_time
ANDROID: drm: Add support for DP 1.4 Compliance edid corruption test
Revert "ANDROID: drm: Add support for DP 1.4 Compliance edid corruption test"
ANDROID: staging: ion: Add an in-kernel interface to request heap info.
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
UPSTREAM: scsi: ufs: Abort gating if clock on request is pending
UPSTREAM: scsi: ufs: Fix irq return code
UPSTREAM: scsi: ufs: Fix register dump caused sleep in atomic context
UPSTREAM: scsi: ufs-qcom: Add reset control support for host controller
UPSTREAM: scsi: ufs: Add device reset in link recovery path
FROMGIT: scsi: ufs-qcom: Delay specific time before gate ref clk
BACKPORT: FROMGIT: scsi: ufs: Add dev ref clock gating wait time support
Revert "FROMLIST: scsi: ufs: Add dev ref clock gating wait time support"
FROMGIT: scsi: ufs-qcom: Adjust bus bandwidth voting and unvoting
Revert "FROMLIST: scsi: ufs-qcom: Adjust bus bandwidth voting and unvoting"
ANDROID: CC_FLAGS_CFI add -fno-sanitize-blacklist
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/power/supply/battery.txt
Documentation/devicetree/bindings/power/supply/sc27xx-fg.txt
drivers/dma-buf/dma-buf.c
drivers/interconnect/core.c
drivers/interconnect/internal.h
drivers/scsi/ufs/ufs-qcom.c
drivers/scsi/ufs/ufs-qcom.h
drivers/scsi/ufs/ufshcd.h
drivers/thermal/Makefile
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
scripts/gen_autoksyms.sh
Change-Id: Ic3227858328ceef3f34273428d1c4f81b78757b2
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
e752c9f98d |
This is the 5.4.39 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6yVfUACgkQONu9yGCS aT5ecRAArk5nOkbDVn/o2d/ro9+C1tHxkkQblEHUldnFhwkvhZXGONkI3G3IO0F2 W3DnLYIXesPClEHxsHirGJhsiXj1+/opZDo6PVDogW7vW3fXZEp6IjSKtTODeCk1 Yqs/DBmVxOJqYONJ4O+IPq73yJo1wIrgvp3nf+hA8jAidKKBHj/bZG16gFRfwlx8 XgT6b7UJNpEijc7sD1AkqMi5dILYnTx4X/Xd0bMZh4CXobLqCX2KFMghANOu1SZQ ttVGXBfEo+3OD1IrYVOMEM9v45lyiIfE7USS00XzWPZ4Ij4i2SU3BiBTnbldZ6xk f6gxrnsY9gc2hBuz/ua1p4BLnECBL2BiQEY5WCWTHtJUix6f/i3akUEsoEL1Nn+o vfDNqVoge8W2hpsiWK4tukeJC5LhwmIFz/yVb8P9OGA93tttZLvykvXQsayh5Qjs HQZIQtci4rffQcIDotrVK4PJdXZCnBN8MPHI3HfqYQ2I2smkYog6LWj9XrNB3mXU AEHWkjXycqCENrjEFD9ZW/i8Fc+s6PfcOnFPg62pozhcqzVtFRorqXuY8XrHd2RF sbGOE4jO05vgtLUEd9PI7DMs5csGuact+jE3WAEn+9Mbfezsq0wYsV6CU5NaV1sM co6YSdHsKjcamO/WnQ2eb5VABceXAoTPUVR8vU4Qi7zmGbYER0I= =Yc8U -----END PGP SIGNATURE----- Merge 5.4.39 into android-5.4-stable Changes in 5.4.39 dma-buf: Fix SET_NAME ioctl uapi drm/edid: Fix off-by-one in DispID DTD pixel clock drm/amd/display: Fix green screen issue after suspend drm/qxl: qxl_release leak in qxl_draw_dirty_fb() drm/qxl: qxl_release leak in qxl_hw_surface_alloc() drm/qxl: qxl_release use after free NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION btrfs: fix transaction leak in btrfs_recover_relocation btrfs: fix block group leak when removing fails btrfs: fix partial loss of prealloc extent past i_size after fsync btrfs: transaction: Avoid deadlock due to bad initialization timing of fs_info::journal_info mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop mmc: sdhci-xenon: fix annoying 1.8V regulator warning mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers mmc: sdhci-msm: Enable host capabilities pertains to R1b response mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY mmc: meson-mx-sdio: remove the broken ->card_busy() op crypto: caam - fix the address of the last entry of S/G ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID ALSA: hda/hdmi: fix without unlocked before return ALSA: line6: Fix POD HD500 audio playback ALSA: pcm: oss: Place the plugin buffer overflow checks correctly i2c: amd-mp2-pci: Fix Oops in amd_mp2_pci_init() error handling Drivers: hv: vmbus: Fix Suspend-to-Idle for Generation-2 VM dlmfs_file_write(): fix the bogosity in handling non-zero *ppos IB/rdmavt: Always return ERR_PTR from rvt_create_mmap_info() PM: ACPI: Output correct message on target power state PM: hibernate: Freeze kernel threads in software_resume() dm verity fec: fix hash block number in verity_fec_decode dm writecache: fix data corruption when reloading the target dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath ARM: dts: imx6qdl-sr-som-ti: indicate powering off wifi is safe scsi: qla2xxx: set UNLOADING before waiting for session deletion scsi: qla2xxx: check UNLOADING before posting async work RDMA/mlx5: Set GRH fields in query QP on RoCE RDMA/mlx4: Initialize ib_spec on the stack RDMA/siw: Fix potential siw_mem refcnt leak in siw_fastreg_mr() RDMA/core: Prevent mixed use of FDs between shared ufiles RDMA/core: Fix race between destroy and release FD object RDMA/cm: Fix ordering of xa_alloc_cyclic() in ib_create_cm_id() RDMA/cm: Fix an error check in cm_alloc_id_priv() i2c: iproc: generate stop event for slave writes vfio: avoid possible overflow in vfio_iommu_type1_pin_pages vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() iommu/qcom: Fix local_base status check scsi: target/iblock: fix WRITE SAME zeroing iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system i2c: aspeed: Avoid i2c interrupt status clear race condition. ALSA: opti9xx: shut up gcc-10 range warning Fix use after free in get_tree_bdev() nvme: prevent double free in nvme_alloc_ns() error handling nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl dmaengine: dmatest: Fix iteration non-stop logic dmaengine: dmatest: Fix process hang when reading 'wait' parameter arm64: vdso: Add -fasynchronous-unwind-tables to cflags selinux: properly handle multiple messages in selinux_netlink_send() Linux 5.4.39 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I34596d5cedd9946e8220165099483c53ba1d01fb |
||
Paul Moore
|
eeef0d9fd4 |
selinux: properly handle multiple messages in selinux_netlink_send()
commit fb73974172ffaaf57a7c42f35424d9aece1a5af6 upstream. Fix the SELinux netlink_send hook to properly handle multiple netlink messages in a single sk_buff; each message is parsed and subject to SELinux access control. Prior to this patch, SELinux only inspected the first message in the sk_buff. Cc: stable@vger.kernel.org Reported-by: Dmitry Vyukov <dvyukov@google.com> Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
f933eb1eb4 |
ANDROID: sdcardfs: fix export symbol type
In commit
|
||
|
Greg Kroah-Hartman
|
c736c6b27a |
This is the 5.4.36 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6pkDUACgkQONu9yGCS
aT7cRxAAgnedn6pSj8x/LcbtqeQv52CDVXF0j1xOeK+o8hbIbvkjqAB1ZpPwAXaK
PPiI34lzLBRo9i5nw/rOL7TR7q+uqLE/bT4Z8rrlbeq85SmP8PI2HwpPnRc3Iwhi
RReIq00q5gBqF6AL7+Of3dEytrpOtyzf3Ff/3vadJ2WZEcblFoemGDjMbubaoI9E
e2uE6WSe4tYk/pbLu5HduMQ46YGsWvTJAnN0RIefX4WsGmK0sCJRmJ78qIabWTct
rUxoqhNHshPam7Qm6xVXe1pHa3U7zMNNtG52aJwoDzZ32rOTpBJly0F5FYYYW01Z
zZbY/8eeGn4OIwGr+wvw/XmB0uYlBw35HH8f5OYpvSnfgjmT7wa8QmRJAS6um7dD
elNqO1QuLa8lA/Tm5O9lzNIc3Vko322XQmGlsIU2xVBX0EdTig4Io+xuJkMMkU7q
JJF4Ic4xOYa330TZBIKEoXgf4hGhNgKKRML00yhDNWROWXdB9W9tLbFELDiiiF+K
ooeTB4aCsS2PheS/kZFL2U1RKlnMzBhYeZzPAg4ulfaVMHo5Zp8mBv4L17j9yU0+
MtKtS9tSV0SiDe2SpDCRKSMx+m5jpmgXxuX4HlkbSJ4d/5oAwNKQOTQj9xt3UmbL
JUghr8OOyk6V2wwgW1tFkTcFnzqCqzmvSeJf6AvBSr7ZHnqH130=
=7Fsb
-----END PGP SIGNATURE-----
Merge 5.4.36 into android-5.4-stable
Changes in 5.4.36
ext4: fix extent_status fragmentation for plain files
f2fs: fix to avoid memory leakage in f2fs_listxattr
net, ip_tunnel: fix interface lookup with no key
arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419
arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419
arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space
arm64: Silence clang warning on mismatched value/register sizes
tools/testing/nvdimm: Fix compilation failure without CONFIG_DEV_DAX_PMEM_COMPAT
watchdog: reset last_hw_keepalive time at start
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
scsi: lpfc: Fix crash after handling a pci error
scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG
scsi: libfc: If PRLI rejected, move rport to PLOGI state
ceph: return ceph_mdsc_do_request() errors from __get_parent()
ceph: don't skip updating wanted caps when cap is stale
pwm: rcar: Fix late Runtime PM enablement
nvme-tcp: fix possible crash in write_zeroes processing
scsi: iscsi: Report unbind session event when the target has been removed
tools/test/nvdimm: Fix out of tree build
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
nvme: fix deadlock caused by ANA update wrong locking
drm/amd/display: Update stream adjust in dc_stream_adjust_vmin_vmax
dma-direct: fix data truncation in dma_direct_get_required_mask()
kernel/gcov/fs.c: gcov_seq_next() should increase position index
selftests: kmod: fix handling test numbers above 9
ipc/util.c: sysvipc_find_ipc() should increase position index
kconfig: qconf: Fix a few alignment issues
lib/raid6/test: fix build on distros whose /bin/sh is not bash
s390/cio: generate delayed uevent for vfio-ccw subchannels
s390/cio: avoid duplicated 'ADD' uevents
loop: Better discard support for block devices
Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled"
powerpc/pseries: Fix MCE handling on pseries
nvme: fix compat address handling in several ioctls
pwm: renesas-tpu: Fix late Runtime PM enablement
pwm: bcm2835: Dynamically allocate base
perf/core: Disable page faults when getting phys address
drm/amd/display: Calculate scaling ratios on every medium/full update
ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet
ALSA: usb-audio: Add Pioneer DJ DJM-250MK2 quirk
xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3
xhci: Wait until link state trainsits to U0 after setting USB_SS_PORT_LS_U0
xhci: Finetune host initiated USB3 rootport link suspend and resume
drm/amd/display: Not doing optimize bandwidth if flip pending.
PCI/PM: Add pcie_wait_for_link_delay()
libbpf: Fix readelf output parsing on powerpc with recent binutils
PCI: pciehp: Prevent deadlock on disconnect
ASoC: SOF: trace: fix unconditional free in trace release
tracing/selftests: Turn off timeout setting
virtio-blk: improve virtqueue error to BLK_STS
scsi: smartpqi: fix controller lockup observed during force reboot
scsi: smartpqi: fix call trace in device discovery
scsi: smartpqi: fix problem with unique ID for physical device
PCI/ASPM: Allow re-enabling Clock PM
PCI/PM: Add missing link delays required by the PCIe spec
cxgb4: fix adapter crash due to wrong MC size
cxgb4: fix large delays in PTP synchronization
ipv4: Update fib_select_default to handle nexthop objects
ipv6: fix restrict IPV6_ADDRFORM operation
macsec: avoid to set wrong mtu
macvlan: fix null dereference in macvlan_device_event()
mlxsw: Fix some IS_ERR() vs NULL bugs
net: bcmgenet: correct per TX/RX ring statistics
net/mlx4_en: avoid indirect call in TX completion
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net: openvswitch: ovs_ct_exit to be done under ovs_lock
net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
net/x25: Fix x25_neigh refcnt leak when receiving frame
sched: etf: do not assume all sockets are full blown
selftests: Fix suppress test in fib_tests.sh
tcp: cache line align MAX_TCP_HEADER
team: fix hang in team_mode_get()
vrf: Fix IPv6 with qdisc and xfrm
net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled
net: dsa: b53: Fix valid setting for MDB entries
net: dsa: b53: Fix ARL register definitions
net: dsa: b53: Rework ARL bin logic
net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL
vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
geneve: use the correct nlattr array in NL_SET_ERR_MSG_ATTR
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
vrf: Check skb for XFRM_TRANSFORMED flag
KEYS: Avoid false positive ENOMEM error on key read
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos
ALSA: usb-audio: Add connector notifier delegation
iio: core: remove extra semi-colon from devm_iio_device_register() macro
iio: st_sensors: rely on odr mask to know if odr can be set
iio: adc: stm32-adc: fix sleep in atomic context
iio: adc: ti-ads8344: properly byte swap value
iio: xilinx-xadc: Fix ADC-B powerdown
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Make sure not exceed maximum samplerate
USB: sisusbvga: Change port variable from signed to unsigned
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: early: Handle AMD's spec-compliant identifiers, too
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: hub: Fix handling of connect changes during sleep
USB: hub: Revert commit
|
||
|
Waiman Long
|
419d8fb163 |
KEYS: Avoid false positive ENOMEM error on key read
[ Upstream commit 4f0882491a148059a52480e753b7f07fc550e188 ] By allocating a kernel buffer with a user-supplied buffer length, it is possible that a false positive ENOMEM error may be returned because the user-supplied length is just too large even if the system do have enough memory to hold the actual key data. Moreover, if the buffer length is larger than the maximum amount of memory that can be returned by kmalloc() (2^(MAX_ORDER-1) number of pages), a warning message will also be printed. To reduce this possibility, we set a threshold (PAGE_SIZE) over which we do check the actual key length first before allocating a buffer of the right size to hold it. The threshold is arbitrary, it is just used to trigger a buffer length check. It does not limit the actual key length as long as there is enough memory to satisfy the memory request. To further avoid large buffer allocation failure due to page fragmentation, kvmalloc() is used to allocate the buffer so that vmapped pages can be used when there is not a large enough contiguous set of pages available for allocation. In the extremely unlikely scenario that the key keeps on being changed and made longer (still <= buflen) in between 2 __keyctl_read_key() calls, the __keyctl_read_key() calling loop in keyctl_read_key() may have to be iterated a large number of times, but definitely not infinite. Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
5e713c48ff |
This is the 5.4.35 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6hU54ACgkQONu9yGCS
aT5/3BAAlSOFEbVYeiAjDQYfA5DvieeVN3qKk0HnErIPRm35UHqCYSMyEDiJ2c8E
01V2aFpvAZDyj/pE/prBrUH5FnKyil9tPQrg/da2f54yMiXQvQ6iFdmH/N5Zp5eu
oY6qFUo4jePTbmI/TBzz08XZ9B4VxccNRhSdF0dO4SInt3eC+vJho3dCXH8H3B7o
cDf4uIXQqyGn6t9yQQlSVRYTCK1JMwkSVxCU7uMWS5TfJSN3EyZvMMfXyTCTmgIy
13Vv3+nSHxGqgyAA3fsClCGGAeQyFGQXP28OqyzesPuYyi5z3nDKtgZcAVtvyw9I
eDsfnOUrw76StiJwRfnKkbg8TBKDWn4N9VyLyBvjRvRovSzTJ31jKVBLhByKDJQt
cnsi/Ttkm2CYmChozdJrm1Pfm6HH5etEXh6rq4sqeGLkpi+k1UiQgYlavJPOI3nz
n6dMQEyeg1dmAIBXqgvSvGVfyZuRi37ApPHMHEY4klALbRaSj2Vu/pblyeRezIXL
G5D7olchwI0X18khdoBYOT1+tmid1pDZ00WB6Iq5IKIjR5x8KBf5uMcvprAc3LsP
mhGP9+MYXhWQ/GjHjA6TZq76qhYlEZBIHBarIaNjrl3IShLTQXzxAwS8rGtI5wZP
fTlCc+FBg5w1LDiVcEYJHXR583jSgsFTd3qbtpeaaQyKcC/fkEk=
=3/4K
-----END PGP SIGNATURE-----
Merge 5.4.35 into android-5.4-stable
Changes in 5.4.35
ext4: use non-movable memory for superblock readahead
watchdog: sp805: fix restart handler
xsk: Fix out of boundary write in __xsk_rcv_memcpy
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
arm, bpf: Fix offset overflow for BPF_MEM BPF_DW
objtool: Fix switch table detection in .text.unlikely
scsi: sg: add sg_remove_request in sg_common_write
ALSA: hda: Honor PM disablement in PM freeze and thaw_noirq ops
ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN.
kbuild, btf: Fix dependencies for DEBUG_INFO_BTF
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
irqchip/mbigen: Free msi_desc on device teardown
ALSA: hda: Don't release card at firmware loading error
xsk: Add missing check on user supplied headroom size
of: unittest: kmemleak on changeset destroy
of: unittest: kmemleak in of_unittest_platform_populate()
of: unittest: kmemleak in of_unittest_overlay_high_level()
of: overlay: kmemleak in dup_and_fixup_symbol_prop()
x86/Hyper-V: Unload vmbus channel in hv panic callback
x86/Hyper-V: Trigger crash enlightenment only once during system crash.
x86/Hyper-V: Report crash register data or kmsg before running crash kernel
x86/Hyper-V: Report crash register data when sysctl_record_panic_msg is not set
x86/Hyper-V: Report crash data in die() when panic_on_oops is set
afs: Fix missing XDR advance in xdr_decode_{AFS,YFS}FSFetchStatus()
afs: Fix decoding of inline abort codes from version 1 status records
afs: Fix rename operation status delivery
afs: Fix afs_d_validate() to set the right directory version
afs: Fix race between post-modification dir edit and readdir/d_revalidate
block, bfq: turn put_queue into release_process_ref in __bfq_bic_change_cgroup
block, bfq: make reparent_leaf_entity actually work only on leaf entities
block, bfq: invoke flush_idle_tree after reparent_active_queues in pd_offline
rbd: avoid a deadlock on header_rwsem when flushing notifies
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
x86/Hyper-V: Free hv_panic_page when fail to register kmsg dump
drm/ttm: flush the fence on the bo after we individualize the reservation object
clk: Don't cache errors from clk_ops::get_phase()
clk: at91: usb: continue if clk_hw_round_rate() return zero
net/mlx5e: Enforce setting of a single FEC mode
f2fs: fix the panic in do_checkpoint()
ARM: dts: rockchip: fix vqmmc-supply property name for rk3188-bqedison2qc
arm64: dts: allwinner: a64: Fix display clock register range
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: tegra: Fix Tegra PMC clock out parents
arm64: tegra: Add PCIe endpoint controllers nodes for Tegra194
arm64: tegra: Fix Tegra194 PCIe compatible string
arm64: dts: clearfog-gt-8k: set gigabit PHY reset deassert delay
soc: imx: gpc: fix power up sequencing
dma-coherent: fix integer overflow in the reserved-memory dma allocation
rtc: 88pm860x: fix possible race condition
NFS: alloc_nfs_open_context() must use the file cred when available
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
NFSv4.2: error out when relink swapfile
ARM: dts: rockchip: fix lvds-encoder ports subnode for rk3188-bqedison2qc
KVM: PPC: Book3S HV: Fix H_CEDE return code for nested guests
f2fs: fix to show norecovery mount option
phy: uniphier-usb3ss: Add Pro5 support
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
f2fs: Fix mount failure due to SPO after a successful online resize FS
f2fs: Add a new CP flag to help fsck fix resize SPO issues
s390/cpuinfo: fix wrong output when CPU0 is offline
hibernate: Allow uswsusp to write to swap
btrfs: add RCU locks around block group initialization
powerpc/prom_init: Pass the "os-term" message to hypervisor
powerpc/maple: Fix declaration made after definition
s390/cpum_sf: Fix wrong page count in error message
ext4: do not commit super on read-only bdev
um: ubd: Prevent buffer overrun on command completion
cifs: Allocate encryption header through kmalloc
mm/hugetlb: fix build failure with HUGETLB_PAGE but not HUGEBTLBFS
drm/nouveau/svm: check for SVM initialized before migrating
drm/nouveau/svm: fix vma range check for migration
include/linux/swapops.h: correct guards for non_swap_entry()
percpu_counter: fix a data race at vm_committed_as
compiler.h: fix error in BUILD_BUG_ON() reporting
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
drm/nouveau: workaround runpm fail by disabling PCI power management on certain intel bridges
leds: core: Fix warning message when init_data
x86: ACPI: fix CPU hotplug deadlock
csky: Fixup cpu speculative execution to IO area
drm/amdkfd: kfree the wrong pointer
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
csky: Fixup get wrong psr value from phyical reg
f2fs: fix NULL pointer dereference in f2fs_write_begin()
ACPICA: Fixes for acpiExec namespace init file
um: falloc.h needs to be directly included for older libc
drm/vc4: Fix HDMI mode validation
iommu/virtio: Fix freeing of incomplete domains
iommu/vt-d: Fix mm reference leak
SUNRPC: fix krb5p mount to provide large enough buffer in rq_rcvsize
ext2: fix empty body warnings when -Wextra is used
iommu/vt-d: Silence RCU-list debugging warning in dmar_find_atsr()
iommu/vt-d: Fix page request descriptor size
ext2: fix debug reference to ext2_xattr_cache
sunrpc: Fix gss_unwrap_resp_integ() again
csky: Fixup init_fpu compile warning with __init
power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks.
libnvdimm: Out of bounds read in __nd_ioctl()
iommu/amd: Fix the configuration of GCR3 table root pointer
f2fs: fix to wait all node page writeback
drm/nouveau/gr/gp107,gp108: implement workaround for HW hanging during init
net: dsa: bcm_sf2: Fix overflow checks
dma-debug: fix displaying of dma allocation type
fbdev: potential information leak in do_fb_ioctl()
ARM: dts: sunxi: Fix DE2 clocks register range
iio: si1133: read 24-bit signed integer for measurement
fbmem: Adjust indentation in fb_prepare_logo and fb_blank
tty: evh_bytechan: Fix out of bounds accesses
locktorture: Print ratio of acquisitions, not failures
mtd: rawnand: free the nand_device object
mtd: spinand: Explicitly use MTD_OPS_RAW to write the bad block marker to OOB
docs: Fix path to MTD command line partition parser
mtd: lpddr: Fix a double free in probe()
mtd: phram: fix a double free issue in error path
KEYS: Don't write out to userspace while holding key semaphore
bpf: fix buggy r0 retval refinement for tracing helpers
bpf: Test_verifier, bpf_get_stack return value add <0
bpf: Test_progs, add test to catch retval refine error handling
bpf, test_verifier: switch bpf_get_stack's 0 s> r8 test
Linux 5.4.35
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I702aba533097c8533c12561c7f1a51f3a96f6f09
|
||
|
Waiman Long
|
f1afcf9488 |
KEYS: Don't write out to userspace while holding key semaphore
commit d3ec10aa95819bff18a0d936b18884c7816d0914 upstream. A lockdep circular locking dependency report was seen when running a keyutils test: [12537.027242] ====================================================== [12537.059309] WARNING: possible circular locking dependency detected [12537.088148] 4.18.0-147.7.1.el8_1.x86_64+debug #1 Tainted: G OE --------- - - [12537.125253] ------------------------------------------------------ [12537.153189] keyctl/25598 is trying to acquire lock: [12537.175087] 000000007c39f96c (&mm->mmap_sem){++++}, at: __might_fault+0xc4/0x1b0 [12537.208365] [12537.208365] but task is already holding lock: [12537.234507] 000000003de5b58d (&type->lock_class){++++}, at: keyctl_read_key+0x15a/0x220 [12537.270476] [12537.270476] which lock already depends on the new lock. [12537.270476] [12537.307209] [12537.307209] the existing dependency chain (in reverse order) is: [12537.340754] [12537.340754] -> #3 (&type->lock_class){++++}: [12537.367434] down_write+0x4d/0x110 [12537.385202] __key_link_begin+0x87/0x280 [12537.405232] request_key_and_link+0x483/0xf70 [12537.427221] request_key+0x3c/0x80 [12537.444839] dns_query+0x1db/0x5a5 [dns_resolver] [12537.468445] dns_resolve_server_name_to_ip+0x1e1/0x4d0 [cifs] [12537.496731] cifs_reconnect+0xe04/0x2500 [cifs] [12537.519418] cifs_readv_from_socket+0x461/0x690 [cifs] [12537.546263] cifs_read_from_socket+0xa0/0xe0 [cifs] [12537.573551] cifs_demultiplex_thread+0x311/0x2db0 [cifs] [12537.601045] kthread+0x30c/0x3d0 [12537.617906] ret_from_fork+0x3a/0x50 [12537.636225] [12537.636225] -> #2 (root_key_user.cons_lock){+.+.}: [12537.664525] __mutex_lock+0x105/0x11f0 [12537.683734] request_key_and_link+0x35a/0xf70 [12537.705640] request_key+0x3c/0x80 [12537.723304] dns_query+0x1db/0x5a5 [dns_resolver] [12537.746773] dns_resolve_server_name_to_ip+0x1e1/0x4d0 [cifs] [12537.775607] cifs_reconnect+0xe04/0x2500 [cifs] [12537.798322] cifs_readv_from_socket+0x461/0x690 [cifs] [12537.823369] cifs_read_from_socket+0xa0/0xe0 [cifs] [12537.847262] cifs_demultiplex_thread+0x311/0x2db0 [cifs] [12537.873477] kthread+0x30c/0x3d0 [12537.890281] ret_from_fork+0x3a/0x50 [12537.908649] [12537.908649] -> #1 (&tcp_ses->srv_mutex){+.+.}: [12537.935225] __mutex_lock+0x105/0x11f0 [12537.954450] cifs_call_async+0x102/0x7f0 [cifs] [12537.977250] smb2_async_readv+0x6c3/0xc90 [cifs] [12538.000659] cifs_readpages+0x120a/0x1e50 [cifs] [12538.023920] read_pages+0xf5/0x560 [12538.041583] __do_page_cache_readahead+0x41d/0x4b0 [12538.067047] ondemand_readahead+0x44c/0xc10 [12538.092069] filemap_fault+0xec1/0x1830 [12538.111637] __do_fault+0x82/0x260 [12538.129216] do_fault+0x419/0xfb0 [12538.146390] __handle_mm_fault+0x862/0xdf0 [12538.167408] handle_mm_fault+0x154/0x550 [12538.187401] __do_page_fault+0x42f/0xa60 [12538.207395] do_page_fault+0x38/0x5e0 [12538.225777] page_fault+0x1e/0x30 [12538.243010] [12538.243010] -> #0 (&mm->mmap_sem){++++}: [12538.267875] lock_acquire+0x14c/0x420 [12538.286848] __might_fault+0x119/0x1b0 [12538.306006] keyring_read_iterator+0x7e/0x170 [12538.327936] assoc_array_subtree_iterate+0x97/0x280 [12538.352154] keyring_read+0xe9/0x110 [12538.370558] keyctl_read_key+0x1b9/0x220 [12538.391470] do_syscall_64+0xa5/0x4b0 [12538.410511] entry_SYSCALL_64_after_hwframe+0x6a/0xdf [12538.435535] [12538.435535] other info that might help us debug this: [12538.435535] [12538.472829] Chain exists of: [12538.472829] &mm->mmap_sem --> root_key_user.cons_lock --> &type->lock_class [12538.472829] [12538.524820] Possible unsafe locking scenario: [12538.524820] [12538.551431] CPU0 CPU1 [12538.572654] ---- ---- [12538.595865] lock(&type->lock_class); [12538.613737] lock(root_key_user.cons_lock); [12538.644234] lock(&type->lock_class); [12538.672410] lock(&mm->mmap_sem); [12538.687758] [12538.687758] *** DEADLOCK *** [12538.687758] [12538.714455] 1 lock held by keyctl/25598: [12538.732097] #0: 000000003de5b58d (&type->lock_class){++++}, at: keyctl_read_key+0x15a/0x220 [12538.770573] [12538.770573] stack backtrace: [12538.790136] CPU: 2 PID: 25598 Comm: keyctl Kdump: loaded Tainted: G [12538.844855] Hardware name: HP ProLiant DL360 Gen9/ProLiant DL360 Gen9, BIOS P89 12/27/2015 [12538.881963] Call Trace: [12538.892897] dump_stack+0x9a/0xf0 [12538.907908] print_circular_bug.isra.25.cold.50+0x1bc/0x279 [12538.932891] ? save_trace+0xd6/0x250 [12538.948979] check_prev_add.constprop.32+0xc36/0x14f0 [12538.971643] ? keyring_compare_object+0x104/0x190 [12538.992738] ? check_usage+0x550/0x550 [12539.009845] ? sched_clock+0x5/0x10 [12539.025484] ? sched_clock_cpu+0x18/0x1e0 [12539.043555] __lock_acquire+0x1f12/0x38d0 [12539.061551] ? trace_hardirqs_on+0x10/0x10 [12539.080554] lock_acquire+0x14c/0x420 [12539.100330] ? __might_fault+0xc4/0x1b0 [12539.119079] __might_fault+0x119/0x1b0 [12539.135869] ? __might_fault+0xc4/0x1b0 [12539.153234] keyring_read_iterator+0x7e/0x170 [12539.172787] ? keyring_read+0x110/0x110 [12539.190059] assoc_array_subtree_iterate+0x97/0x280 [12539.211526] keyring_read+0xe9/0x110 [12539.227561] ? keyring_gc_check_iterator+0xc0/0xc0 [12539.249076] keyctl_read_key+0x1b9/0x220 [12539.266660] do_syscall_64+0xa5/0x4b0 [12539.283091] entry_SYSCALL_64_after_hwframe+0x6a/0xdf One way to prevent this deadlock scenario from happening is to not allow writing to userspace while holding the key semaphore. Instead, an internal buffer is allocated for getting the keys out from the read method first before copying them out to userspace without holding the lock. That requires taking out the __user modifier from all the relevant read methods as well as additional changes to not use any userspace write helpers. That is, 1) The put_user() call is replaced by a direct copy. 2) The copy_to_user() call is replaced by memcpy(). 3) All the fault handling code is removed. Compiling on a x86-64 system, the size of the rxrpc_read() function is reduced from 3795 bytes to 2384 bytes with this patch. Fixes: ^1da177e4c3f4 ("Linux-2.6.12-rc2") Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
265e61b656 |
This is the 5.4.34 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6emyEACgkQONu9yGCS aT4XDBAAhFzbxvspY/tUCArQHN6Cl05OKkcjAdhn2n6i0lpOge8qFI/2ZEUKF/rT 0BjHxn9HjMXjVZ6v7kFh1smBiv+XwWe7peG3ahNNUF7sqxwuNnK7agGynKorPjaV UX1uK8ehvAHmZM+7iRQ9I9I4NfZcnGC9E2C2YWjcfuGe8GtrO18g4dMkEmKcDprF N8M71bo8jKCDr5Y1nqNGRPO8vRpEqKecK8EayTYTLlwPjYjTEsUc7LCYwMMIHHyb 28QlSDwSEZEPwZxSath7WKPEP0Oy5Gjtc0rZDXo+Kix3E8IxJj94pJWsy3tD9X/6 CgMN4wDtpgQlYrmYuFJQNC0MGUFN3SpqWtFDkClj0SZpuRBoYKy2sLezPkX2MAsn JuMHcBdzVoVBxiDy2/BpHD4EIB0NnhJUJw+bxLXYaktTOpQWPLLoo7lG6csDPCsr Z959FayVcHxQonfCGX4qaYFb7ZcEAu/rvD5s3aqJebeflQoxEgKucHsO8B77azmC D/YxYt65tXcIXyxZvtTQHBLHrqgXeutwWueY+Wryk3taLswFqvhe+dycZn+GKxud nP0jn4sNHP6lvHNzN28FcpkbWneETT/WSyP/N3sVE9ePW57hi+bhThCZiZE7mkVw sebT2LE0FgKn20hoXTcijc/AUA81jSxxO17bP1mZGkLp5rqb1+8= =GOl9 -----END PGP SIGNATURE----- Merge 5.4.34 into android-5.4-stable Changes in 5.4.34 amd-xgbe: Use __napi_schedule() in BH context hsr: check protocol version in hsr_newlink() l2tp: Allow management of tunnels and session in user namespace net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin net: ipv6: do not consider routes via gateways for anycast address check net: phy: micrel: use genphy_read_status for KSZ9131 net: qrtr: send msgs from local of same id as broadcast net: revert default NAPI poll timeout to 2 jiffies net: tun: record RX queue in skb before do_xdp_generic() net: dsa: mt7530: move mt7623 settings out off the mt7530 net: ethernet: mediatek: move mt7623 settings out off the mt7530 net/mlx5: Fix frequent ioread PCI access during recovery net/mlx5e: Add missing release firmware call net/mlx5e: Fix nest_level for vlan pop action net/mlx5e: Fix pfnum in devlink port attribute net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes Revert "ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()" ovl: fix value of i_ino for lower hardlink corner case scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic platform/chrome: cros_ec_rpmsg: Fix race with host event jbd2: improve comments about freeing data buffers whose page mapping is NULL acpi/nfit: improve bounds checking for 'func' perf report: Fix no branch type statistics report issue pwm: pca9685: Fix PWM/GPIO inter-operation net/bpfilter: remove superfluous testing message ext4: fix incorrect group count in ext4_fill_super error message ext4: fix incorrect inodes per group in error message clk: at91: sam9x60: fix usb clock parents clk: at91: usb: use proper usbs_mask ARM: dts: imx7-colibri: fix muxing of usbc_det pin arm64: dts: librem5-devkit: add a vbus supply to usb0 usb: dwc3: gadget: Don't clear flags before transfer ended ASoC: Intel: mrfld: fix incorrect check on p->sink ASoC: Intel: mrfld: return error codes when an error occurs ALSA: hda/realtek - Enable the headset mic on Asus FX505DT ALSA: usb-audio: Filter error from connector kctl ops, too ALSA: usb-audio: Don't override ignore_ctl_error value from the map ALSA: usb-audio: Don't create jack controls for PCM terminals ALSA: usb-audio: Check mapping at creating connector controls, too arm64: vdso: don't free unallocated pages keys: Fix proc_keys_next to increase position index tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation btrfs: check commit root generation in should_ignore_root nl80211: fix NL80211_ATTR_FTM_RESPONDER policy mac80211: fix race in ieee80211_register_hw() mac80211_hwsim: Use kstrndup() in place of kasprintf() net/mlx5e: Encapsulate updating netdev queues into a function net/mlx5e: Rename hw_modify to preactivate net/mlx5e: Use preactivate hook to set the indirection table drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled drm/amdgpu: fix the hw hang during perform system reboot and reset i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT ext4: do not zeroout extents beyond i_disksize irqchip/ti-sci-inta: Fix processing of masked irqs x86/resctrl: Preserve CDP enable over CPU hotplug x86/resctrl: Fix invalid attempt at removing the default resource group scsi: target: remove boilerplate code scsi: target: fix hang when multiple threads try to destroy the same iscsi session x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE Linux 5.4.34 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ice46175a7478217e00e649fa26ee8631985746f1 |
||
Vasily Averin
|
a0aaafe7ce |
keys: Fix proc_keys_next to increase position index
commit 86d32f9a7c54ad74f4514d7fef7c847883207291 upstream.
If seq_file .next function does not change position index,
read after some lseek can generate unexpected output:
$ dd if=/proc/keys bs=1 # full usual output
0f6bfdf5 I--Q--- 2 perm 3f010000 1000 1000 user 4af2f79ab8848d0a: 740
1fb91b32 I--Q--- 3 perm 1f3f0000 1000 65534 keyring _uid.1000: 2
27589480 I--Q--- 1 perm 0b0b0000 0 0 user invocation_id: 16
2f33ab67 I--Q--- 152 perm 3f030000 0 0 keyring _ses: 2
33f1d8fa I--Q--- 4 perm 3f030000 1000 1000 keyring _ses: 1
3d427fda I--Q--- 2 perm 3f010000 1000 1000 user 69ec44aec7678e5a: 740
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
521+0 records in
521+0 records out
521 bytes copied, 0,00123769 s, 421 kB/s
But a read after lseek in middle of last line results in the partial
last line and then a repeat of the final line:
$ dd if=/proc/keys bs=500 skip=1
dd: /proc/keys: cannot skip to specified offset
g _uid_ses.1000: 1
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
97 bytes copied, 0,000135035 s, 718 kB/s
and a read after lseek beyond end of file results in the last line being
shown:
$ dd if=/proc/keys bs=1000 skip=1 # read after lseek beyond end of file
dd: /proc/keys: cannot skip to specified offset
3ead4096 I--Q--- 1 perm 1f3f0000 1000 65534 keyring _uid_ses.1000: 1
0+1 records in
0+1 records out
76 bytes copied, 0,000119981 s, 633 kB/s
See https://bugzilla.kernel.org/show_bug.cgi?id=206283
Fixes:
|
||
|
Greg Kroah-Hartman
|
a9372c6b57 |
This is the 5.4.33 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6ZbdIACgkQONu9yGCS
aT5Jqw/7BZ639nTAAmz809yOF1JBhvBptRg9tBKYAfw62DzfZe5s9IZA6znIt0f0
nlluLvnhHlDSpgycHNkFry5AkiCUpRQW6NY681xITm918w3BxsKX2pfCawojIOSw
YBaTWoWqNFQQWlC18L1CWJmIvIktSCHXBMTVDpnvRv7sw5A4Oe/zarzVDNb0A6OJ
ThaR7LAKJrUEDDLuCOuB/IrYCOpOzg2SkViFmlo4wmmhvCSi8PXvf3royrSFXxM/
Y1bs67Hu/uqeHl8Y2RaMZpXf1aW9F31sooca4GD+UnVoWppjIOKRyuGLTrXKv7pw
/goIzlE8wfJz5K0iQ4UcbXwwdY81L9UlMdVsmIWHHgxMjSp1J5mfQ5TLUC/VK3UO
Ll9tCYBwH4FjzxNRJq7if8TDAfgPzyhw4BMchgXZWzW1oasl51T2uEye3KgFXQSb
u6TwCx4KGS0w/Q81SKis83Pb0unHGanJOSCZxI1B44raf0ruCBpTYUc713pfegWT
46YtwoorAK8N+GpFQA1tsTJvVclqCF5bHVE19TMvXV4UX/VTPtbIAUE7vnvcxcqO
uh0b9Jfmd6Fcgh7VZQCH7CUYnsyJmGqj2kycB1p+T8UB6H+PCeuQBZBl8sJnf8oj
d5NIzB7WWXBQuEG5XuPtxg6+ARMPEIpd2exEVn9ZOv5qhesBo04=
=pjAq
-----END PGP SIGNATURE-----
Merge 5.4.33 into android-5.4-stable
Changes in 5.4.33
ARM: dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
ARM: dts: Fix dm814x Ethernet by changing to use rgmii-id mode
bpf: Fix deadlock with rq_lock in bpf_send_signal()
iwlwifi: mvm: Fix rate scale NSS configuration
Input: tm2-touchkey - add support for Coreriver TC360 variant
soc: fsl: dpio: register dpio irq handlers after dpio create
rxrpc: Abstract out the calculation of whether there's Tx space
rxrpc: Fix call interruptibility handling
net: stmmac: platform: Fix misleading interrupt error msg
net: vxge: fix wrong __VA_ARGS__ usage
hinic: fix a bug of waitting for IO stopped
hinic: fix the bug of clearing event queue
hinic: fix out-of-order excution in arm cpu
hinic: fix wrong para of wait_for_completion_timeout
hinic: fix wrong value of MIN_SKB_LEN
selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc
cxgb4/ptp: pass the sign of offset delta in FW CMD
drm/scheduler: fix rare NULL ptr race
cfg80211: Do not warn on same channel at the end of CSA
qlcnic: Fix bad kzalloc null test
i2c: st: fix missing struct parameter description
i2c: pca-platform: Use platform_irq_get_optional
media: rc: add keymap for Videostrong KII Pro
cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL
staging: wilc1000: avoid double unlocking of 'wilc->hif_cs' mutex
media: venus: hfi_parser: Ignore HEVC encoding for V1
firmware: arm_sdei: fix double-lock on hibernate with shared events
null_blk: Fix the null_add_dev() error path
null_blk: Handle null_add_dev() failures properly
null_blk: fix spurious IO errors after failed past-wp access
media: imx: imx7_mipi_csis: Power off the source when stopping streaming
media: imx: imx7-media-csi: Fix video field handling
xhci: bail out early if driver can't accress host in resume
ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()
x86: Don't let pgprot_modify() change the page encryption bit
dma-mapping: Fix dma_pgprot() for unencrypted coherent pages
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
debugfs: Check module state before warning in {full/open}_proxy_open()
irqchip/versatile-fpga: Handle chained IRQs properly
time/sched_clock: Expire timer in hardirq context
media: allegro: fix type of gop_length in channel_create message
sched: Avoid scale real weight down to zero
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
PCI/switchtec: Fix init_completion race condition with poll_wait()
block, bfq: move forward the getting of an extra ref in bfq_bfqq_move
media: i2c: video-i2c: fix build errors due to 'imply hwmon'
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
pstore/platform: fix potential mem leak if pstore_init_fs failed
gfs2: Do log_flush in gfs2_ail_empty_gl even if ail list is empty
gfs2: Don't demote a glock until its revokes are written
cpufreq: imx6q: fix error handling
x86/boot: Use unsigned comparison for addresses
efi/x86: Ignore the memory attributes table on i386
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
block: Fix use-after-free issue accessing struct io_cq
media: i2c: ov5695: Fix power on and off sequences
usb: dwc3: core: add support for disabling SS instances in park mode
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
md: check arrays is suspended in mddev_detach before call quiesce operations
firmware: fix a double abort case with fw_load_sysfs_fallback
spi: spi-fsl-dspi: Replace interruptible wait queue with a simple completion
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued
btrfs: remove a BUG_ON() from merge_reloc_roots()
btrfs: restart relocate_tree_blocks properly
btrfs: track reloc roots based on their commit root bytenr
ASoC: fix regwmask
ASoC: dapm: connect virtual mux with default value
ASoC: dpcm: allow start or stop during pause for backend
ASoC: topology: use name_prefix for new kcontrol
usb: gadget: f_fs: Fix use after free issue as part of queue failure
usb: gadget: composite: Inform controller driver of self-powered
ALSA: usb-audio: Add mixer workaround for TRX40 and co
ALSA: hda: Add driver blacklist
ALSA: hda: Fix potential access overflow in beep helper
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: hda/realtek: Enable mute LED on an HP system
ALSA: hda/realtek - a fake key event is triggered by running shutup
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups
ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen
ALSA: hda/realtek - Add quirk for MSI GL63
media: venus: firmware: Ignore secure call error on first resume
media: hantro: Read be32 words starting at every fourth byte
media: ti-vpe: cal: fix disable_irqs to only the intended target
media: ti-vpe: cal: fix a kernel oops when unloading module
seccomp: Add missing compat_ioctl for notify
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
ACPICA: Allow acpi_any_gpe_status_set() to skip one GPE
ACPI: PM: s2idle: Refine active GPEs check
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
nvmet-tcp: fix maxh2cdata icresp parameter
nvme-fc: Revert "add module to ops template to allow module references"
efi/x86: Add TPM related EFI tables to unencrypted mapping checks
PCI: pciehp: Fix indefinite wait on sysfs requests
PCI/ASPM: Clear the correct bits when enabling L1 substates
PCI: Add boot interrupt quirk mechanism for Xeon chipsets
PCI: qcom: Fix the fixup of PCI_VENDOR_ID_QCOM
PCI: endpoint: Fix for concurrent memory allocation in OB address region
sched/fair: Fix enqueue_task_fair warning
tpm: Don't make log failures fatal
tpm: tpm1_bios_measurements_next should increase position index
tpm: tpm2_bios_measurements_next should increase position index
KEYS: reaching the keys quotas correctly
cpu/hotplug: Ignore pm_wakeup_pending() for disable_nonboot_cpus()
genirq/debugfs: Add missing sanity checks to interrupt injection
irqchip/versatile-fpga: Apply clear-mask earlier
io_uring: remove bogus RLIMIT_NOFILE check in file registration
pstore: pstore_ftrace_seq_next should increase position index
MIPS/tlbex: Fix LDDIR usage in setup_pw() for Loongson-3
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
PM / Domains: Allow no domain-idle-states DT property in genpd when parsing
PM: sleep: wakeup: Skip wakeup_source_sysfs_remove() if device is not there
ath9k: Handle txpower changes even when TPC is disabled
signal: Extend exec_id to 64bits
x86/tsc_msr: Use named struct initializers
x86/tsc_msr: Fix MSR_FSB_FREQ mask for Cherry Trail devices
x86/tsc_msr: Make MSR derived TSC frequency more accurate
x86/entry/32: Add missing ASM_CLAC to general_protection entry
platform/x86: asus-wmi: Support laptops where the first battery is named BATT
KVM: nVMX: Properly handle userspace interrupt window request
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Gracefully handle __vmalloc() failure during VM allocation
KVM: VMX: Add a trampoline to fix VMREAD error handling
KVM: VMX: fix crash cleanup when KVM wasn't used
smb3: fix performance regression with setting mtime
CIFS: Fix bug which the return value by asynchronous read is error
mtd: spinand: Stop using spinand->oobbuf for buffering bad block markers
mtd: spinand: Do not erase the block before writing a bad block marker
btrfs: Don't submit any btree write bio if the fs has errors
Btrfs: fix crash during unmount due to race with delayed inode workers
btrfs: reloc: clean dirty subvols if we fail to start a transaction
btrfs: set update the uuid generation as soon as possible
btrfs: drop block from cache on error in relocation
btrfs: fix missing file extent item for hole after ranged fsync
btrfs: unset reloc control if we fail to recover
btrfs: fix missing semaphore unlock in btrfs_sync_file
btrfs: use nofs allocations for running delayed items
remoteproc: qcom_q6v5_mss: Don't reassign mpss region on shutdown
remoteproc: qcom_q6v5_mss: Reload the mba region on coredump
remoteproc: Fix NULL pointer dereference in rproc_virtio_notify
crypto: rng - Fix a refcounting bug in crypto_rng_reset()
crypto: mxs-dcp - fix scatterlist linearization for hash
erofs: correct the remaining shrink objects
io_uring: honor original task RLIMIT_FSIZE
mmc: sdhci-of-esdhc: fix esdhc_reset() for different controller versions
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
tools: gpio: Fix out-of-tree build regression
net: qualcomm: rmnet: Allow configuration updates to existing devices
arm64: dts: allwinner: h6: Fix PMU compatible
sched/core: Remove duplicate assignment in sched_tick_remote()
arm64: dts: allwinner: h5: Fix PMU compatible
mm, memcg: do not high throttle allocators based on wraparound
dm writecache: add cond_resched to avoid CPU hangs
dm integrity: fix a crash with unusually large tag size
dm verity fec: fix memory leak in verity_fec_dtr
dm clone: Add overflow check for number of regions
dm clone metadata: Fix return type of dm_clone_nr_of_hydrated_regions()
XArray: Fix xas_pause for large multi-index entries
xarray: Fix early termination of xas_for_each_marked
crypto: caam/qi2 - fix chacha20 data size error
crypto: caam - update xts sector size for large input length
crypto: ccree - protect against empty or NULL scatterlists
crypto: ccree - only try to map auth tag if needed
crypto: ccree - dec auth tag size from cryptlen map
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
scsi: ufs: fix Auto-Hibern8 error detection
scsi: lpfc: Fix lpfc_io_buf resource leak in lpfc_get_scsi_buf_s4 error path
ARM: dts: exynos: Fix polarity of the LCD SPI bus on UniversalC210 board
arm64: dts: ti: k3-am65: Add clocks to dwc3 nodes
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
selftests: vm: drop dependencies on page flags from mlock2 tests
selftests/vm: fix map_hugetlb length used for testing read and write
selftests/powerpc: Add tlbie_test in .gitignore
vfio: platform: Switch to platform_get_irq_optional()
drm/i915/gem: Flush all the reloc_gpu batch
drm/etnaviv: rework perfmon query infrastructure
drm: Remove PageReserved manipulation from drm_pci_alloc
drm/amdgpu/powerplay: using the FCLK DPM table to set the MCLK
drm/amdgpu: unify fw_write_wait for new gfx9 asics
powerpc/pseries: Avoid NULL pointer dereference when drmem is unavailable
nfsd: fsnotify on rmdir under nfsd/clients/
NFS: Fix use-after-free issues in nfs_pageio_add_request()
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
ext4: fix a data race at inode->i_blocks
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ocfs2: no need try to truncate file beyond i_size
perf tools: Support Python 3.8+ in Makefile
s390/diag: fix display of diagnose call statistics
Input: i8042 - add Acer Aspire 5738z to nomux list
ftrace/kprobe: Show the maxactive number on kprobe_events
clk: ingenic/jz4770: Exit with error if CGU init failed
clk: ingenic/TCU: Fix round_rate returning error
kmod: make request_module() return an error when autoloading is disabled
cpufreq: powernv: Fix use-after-free
hfsplus: fix crash and filesystem corruption when deleting files
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
ipmi: fix hung processes in __get_guid()
xen/blkfront: fix memory allocation flags in blkfront_setup_indirect()
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/64: Setup a paca before parsing device tree etc.
powerpc/xive: Fix xmon support on the PowerNV platform
powerpc/kprobes: Ignore traps that happened in real mode
powerpc/64: Prevent stack protection in early boot
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc: Make setjmp/longjmp signature standard
arm64: Always force a branch protection mode when the compiler has one
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
dm clone: replace spin_lock_irqsave with spin_lock_irq
dm clone: Fix handling of partial region discards
dm clone: Add missing casts to prevent overflows and data corruption
scsi: lpfc: Add registration for CPU Offline/Online events
scsi: lpfc: Fix Fabric hostname registration if system hostname changes
scsi: lpfc: Fix configuration of BB credit recovery in service parameters
scsi: lpfc: Fix broken Credit Recovery after driver load
Revert "drm/dp_mst: Remove VCPI while disabling topology mgr"
drm/dp_mst: Fix clearing payload state on topology disable
drm/amdgpu: fix gfx hang during suspend with video playback (v2)
drm/i915/icl+: Don't enable DDI IO power on a TypeC port in TBT mode
powerpc/kasan: Fix kasan_remap_early_shadow_ro()
mmc: sdhci: Convert sdhci_set_timeout_irq() to non-static
mmc: sdhci: Refactor sdhci_set_timeout()
bpf: Fix tnum constraints for 32-bit comparisons
mfd: dln2: Fix sanity checking for endpoints
efi/x86: Fix the deletion of variables in mixed mode
ASoC: stm32: sai: Add missing cleanup
scsi: lpfc: fix inlining of lpfc_sli4_cleanup_poll_list()
Linux 5.4.33
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I6c37e2c64801a572781c46fc5883bcc74e6a7a1a
|
||
Yang Xu
|
4b67e5afc2 |
KEYS: reaching the keys quotas correctly
commit 2e356101e72ab1361821b3af024d64877d9a798d upstream.
Currently, when we add a new user key, the calltrace as below:
add_key()
key_create_or_update()
key_alloc()
__key_instantiate_and_link
generic_key_instantiate
key_payload_reserve
......
Since commit
|
||
|
Blagovest Kolenichev
|
2e72d8932e |
Merge android-5.4.24 (ce5de62) into msm-5.4
* refs/heads/tmp-ce5de62:
Revert "BACKPORT: tracing: Remove unnecessary DEBUG_FS dependency"
Linux 5.4.24
blktrace: Protect q->blk_trace with RCU
kvm: nVMX: VMWRITE checks unsupported field before read-only field
kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
mm/gup: allow FOLL_FORCE for get_user_pages_fast()
mm/debug.c: always print flags in dump_page()
locking/lockdep: Fix lockdep_stats indentation problem
xfs: clear kernel only flags in XFS_IOC_ATTRMULTI_BY_HANDLE
bus: tegra-aconnect: Remove PM_CLK dependency
netfilter: nf_flowtable: fix documentation
netfilter: nft_tunnel: no need to call htons() when dumping ports
thermal: brcmstb_thermal: Do not use DT coefficients
thermal: db8500: Depromote debug print
ubifs: Fix ino_t format warnings in orphan_delete()
rcu: Allow only one expedited GP to run concurrently with wakeups
KVM: x86: Remove spurious clearing of async #PF MSR
KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path
x86/resctrl: Check monitoring static key in the MBM overflow handler
perf ui gtk: Add missing zalloc object
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
pwm: omap-dmtimer: put_device() after of_find_device_by_node()
lib/vdso: Update coarse timekeeper unconditionally
lib/vdso: Make __arch_update_vdso_data() logic understandable
kprobes: Set unoptimized flag after unoptimizing code
ima: ima/lsm policy rule loading logic bug fixes
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
RDMA/hns: Bugfix for posting a wqe with sge
RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs
f2fs: fix to add swap extent correctly
sched/fair: Optimize select_idle_cpu
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: delete unused mwifiex_get_intf_num()
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
kbuild: make single target builds even faster
kbuild: remove unneeded variable, single-all
kbuild: move headers_check rule to usr/include/Makefile
kbuild: remove header compile test
selftests: Install settings files to fix TIMEOUT failures
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net/smc: no peer ID in CLC decline for SMCD
net: atlantic: fix out of range usage of active_vlans array
net: atlantic: fix potential error handling
net: atlantic: fix use after free kasan warn
net: netlink: cap max groups which will be considered in netlink_bind()
s390/qeth: vnicc Fix EOPNOTSUPP precedence
nvme-pci: Hold cq_poll_lock while completing CQEs
usb: charger: assign specific number for enum value
hv_netvsc: Fix unwanted wakeup in netvsc_attach()
kbuild: fix DT binding schema rule to detect command line changes
mac80211: Remove a redundant mutex unlock
nl80211: fix potential leak in AP start
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
HID: alps: Fix an error handling path in 'alps_input_configured()'
netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()
netfilter: ipset: Fix forceadd evaluation path
vhost: Check docket sk_family instead of call getname
net/smc: transfer fasync_list in case of fallback
netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports
io_uring: fix 32-bit compatability with sendmsg/recvmsg
cpufreq: Fix policy initialization for internal governor drivers
amdgpu/gmc_v9: save/restore sdpif regs during S3
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
macintosh: therm_windtunnel: fix regression when instantiating devices
drm/radeon: Inline drm_get_pci_dev
drm/amdgpu: Drop DRIVER_USE_AGP
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: always check the netlink payload length in audit_receive_msg()
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
nvme/pci: move cqe check after device shutdown
nvme: prevent warning triggered by nvme_stop_keep_alive
nvme/tcp: fix bug on double requeue when send fails
net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples()
net: hns3: add management table after IMP reset
mac80211: fix wrong 160/80+80 MHz setting
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
ice: update Unit Load Status bitmask to check after reset
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix corruption of dev_idx_to_host_tbl
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: rss: do not allocate key when not supported
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps
soc/tegra: fuse: Fix build with Tegra194 configuration
amdgpu: Prevent build errors regarding soft/hard-float FP ABI tags
drm/amd/display: Add initialitions for PLL2 clock source
drm/amd/display: Limit minimum DPPCLK to 100MHz.
drm/amd/display: Check engine is not NULL before acquiring
RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready()
drm/amd/display: Do not set optimized_require to false after plane disable
ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi
ceph: do not execute direct write in parallel if O_APPEND is specified
perf/x86/msr: Add Tremont support
perf/x86/cstate: Add Tremont support
perf/x86/intel: Add Elkhart Lake support
perf/smmuv3: Use platform_get_irq_optional() for wired interrupt
NFSv4: Fix races between open and dentry revalidation
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
s390/zcrypt: fix card and queue total counter wrap
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
sched/fair: Prevent unlimited runtime on throttled group
timers/nohz: Update NOHZ load in remote tick
sched/core: Don't skip remote tick for idle CPUs
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
ipv6: Fix nlmsg_flags when splitting a multipath route
ipv6: Fix route replacement with dev-only route
bonding: fix lockdep warning in bond_get_stats()
net: export netdev_next_lower_dev_rcu()
bonding: add missing netdev_update_lockdep_key()
bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs.
bnxt_en: Improve device shutdown method.
sctp: move the format error check out of __sctp_sf_do_9_1_abort
udp: rehash on disconnect
Revert "net: dev: introduce support for sch BYPASS for lockless qdisc"
qede: Fix race between rdma destroy workqueue and link change event
nfc: pn544: Fix occasional HW initialization failure
net/tls: Fix to avoid gettig invalid tls record
net: sched: correct flower port blocking
net: phy: restore mdio regs in the iproc mdio driver
net: mscc: fix in frame extraction
net: macb: ensure interface is not suspended on at91rm9200
net: fib_rules: Correctly set table field when table number exceeds 8 bits
net: dsa: b53: Ensure the default VID is untagged
EDAC: skx_common: downgrade message importance on missing PCI device
io_uring: grab ->fs as part of async offload
ANDROID: abi_gki_aarch64_whitelist: add module_layout and task_struct
ANDROID: gki_defconfig: disable KPROBES, update ABI
FROMGIT: scsi: ufs: Select INITIAL ADAPT type for HS Gear4
FROMLIST: scsi: ufs: Use ufshcd_config_pwr_mode() when scale gear
FROMGIT: scsi: ufs-qcom: Apply QUIRK_HOST_TACTIVATE for WDC UFS devices
FROMGIT: scsi: ufs: Allow vendor device quirks to be applied early
BACKPORT: scsi: ufs: Delete struct ufs_dev_desc
ANDROID: gki_defconfig: enable IOMMU_LIMIT_IOVA_ALIGNMENT
FROMLIST: iommu/iova: Support limiting IOVA alignment
FROMLIST: iommu/iova: Add a best-fit algorithm
FROMLIST: iommu/dma: Allow drivers to reserve an iova range
ANDROID: Unconditionally create bridge tracepoints
ANDROID: gki_defconfig: Enable MFD_SYSCON on x86
ANDROID: update ABI for CONFIG_IIO_* changes
ANDROID: gki_defconfig: add CONFIG_IIO_BUFFER and CONFIG_IIO_TRIGGER
ANDROID: gki: set CONFIG_SERIAL_SPRD_CONSOLE for earlycon
ANDROID: Re-add default y for VIRTIO_PCI_LEGACY
ANDROID: GKI: build in HVC_DRIVER
ANDROID: Removed default m for virtual sw crypto device
ANDROID: Remove default y on BRIDGE_IGMP_SNOOPING
ANDROID: GKI: Added missing SND configs
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
ANDROID: GKI: Remove CONFIG_BRIDGE from arm64 config
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
UPSTREAM: iommu/arm-smmu: Restore naming of driver parameter prefix
ANDROID: gki_defconfig: Remove 'BRIDGE_NETFILTER is not set'
UPSTREAM: net: disable BRIDGE_NETFILTER by default
Linux 5.4.23
ASoC: SOF: Intel: hda: Add iDisp4 DAI
bpf: Selftests build error in sockmap_basic.c
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
s390/kaslr: Fix casts in get_random
net/mlx5e: Fix crash in recovery flow without devlink reporter
net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa
net/mlx5e: Reset RQ doorbell counter before moving RQ state from RST to RDY
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
io_uring: prevent sq_thread from spinning when it should stop
rxrpc: Fix call RCU cleanup using non-bh-safe locks
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
io_uring: fix __io_iopoll_check deadlock in io_sq_thread
arm64: lse: Fix LSE atomics with LLVM
bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill
genirq/proc: Reject invalid affinity masks (again)
crypto: rename sm3-256 to sm3 in hash_algo_name
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
ASoC: fsl_sai: Fix exiting path on probing failure
ASoC: atmel: fix atmel_ssc_set_audio link failure
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: dwc2: Fix in ISOC request length checking
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
drm/msm/dpu: fix BGR565 vs RGB565 confusion
drm/i915/gt: Protect defer_request() from new waiters
drm/bridge: tc358767: fix poll timeouts
drm/i915/gvt: more locking for ppgtt mm LRU list
drm/i915/execlists: Always force a context reload when rewinding RING_TAIL
drm/i915/gt: Detect if we miss WaIdleLiteRestore
Revert "dmaengine: imx-sdma: Fix memory leak"
Btrfs: fix deadlock during fast fsync when logging prealloc extents beyond eof
btrfs: don't set path->leave_spinning for truncate
Btrfs: fix race between shrinking truncate and fiemap
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: reset fs_root to NULL on error in open_ctree
btrfs: fix bytes_may_use underflow in prealloc error condtition
btrfs: destroy qgroup extent records on transaction abort
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: clear PIN_BASED_POSTED_INTR from nested pinbased_ctls only when apicv is globally disabled
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between online resizing and write operations
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
KVM: nVMX: Don't emulate instructions in guest mode
sched/psi: Fix OOB write when writing 0 bytes to PSI files
drm/i915: Update drm/i915 bug filing URL
drm/i915: Wean off drm_pci_alloc/drm_pci_free
drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets
drm/amdgpu/gfx10: disable gfxoff when reading rlc clock
drm/amdgpu/gfx9: disable gfxoff when reading rlc clock
drm/amdgpu/soc15: fix xclk for raven
mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
mm/sparsemem: pfn_to_page is not valid yet on SPARSEMEM
mm/vmscan.c: don't round up scan size for online memory cgroup
genirq/irqdomain: Make sure all irq domain flags are distinct
nvme-multipath: Fix memory leak with ana_log_buf
mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps()
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
ACPI: PM: s2idle: Check fixed wakeup events in acpi_s2idle_wake()
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: qcom_geni_serial: Fix RX cancel command failure
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
serial: 8250: Check UPF_IRQ_SHARED in advance
x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
x86/ima: use correct identifier for SetupMode variable
jbd2: fix ocfs2 corrupt when clearing block group bits
arm64: memory: Add missing brackets to untagged_addr() macro
powerpc/hugetlb: Fix 8M hugepages on 8xx
powerpc/hugetlb: Fix 512k hugepages on 8xx with 16k page size
powerpc/entry: Fix an #if which should be an #ifdef in entry_32.S
powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery
powerpc/eeh: Fix deadlock handling dead PHB
powerpc/8xx: Fix clearing of bits 20-23 in ITLB miss
drm/panfrost: perfcnt: Reserve/use the AS attached to the perfcnt MMU context
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
scsi: Revert "target/core: Inline transport_lun_remove_cmd()"
usb: dwc3: debug: fix string position formatting mixup with ret and len
usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields
usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
USB: quirks: blacklist duplicate ep on Sound Devices USBPre2
USB: core: add endpoint-blacklist quirk
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: vt_ioctl: fix race in VT_RESIZEX
vt: selection, handle pending signals in paste_selection
vt: fix scrollback flushing on background consoles
floppy: check FDC index for errors before assigning it
e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
btrfs: handle logged extent failure properly
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST
ASoC: sun8i-codec: Fix setting DAI data format
ASoC: codec2codec: avoid invalid/double-free of pcm runtime
ALSA: hda/realtek - Apply quirk for yet another MSI laptop
ALSA: hda/realtek - Apply quirk for MSI GP63, too
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
ANDROID: build.config.gki.aarch64: enable symbol trimming
ANDROID: kbuild: avoid excessively long argument lists
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: net: wireless: Add module_param(mac_prefix) to mac80211_hwsim
ANDROID: gki: Enable BINFMT_MISC as part of GKI
ANDROID: gki_defconfig: disable CONFIG_CRYPTO_MD4
FROMLIST: kbuild: generate autoksyms.h early
FROMLIST: kbuild: split adjust_autoksyms.sh in two parts
FROMLIST: kbuild: allow symbol whitelisting with TRIM_UNUSED_KSYMS
ANDROID: ABI/Whitelist: update for unisoc
ANDROID: Disable wq fp check in CFI builds
ANDROID: gki_defconfig: Disable CONFIG_RT_GROUP_SCHED
FROMGIT: of: property: Add device link support for power-domains and hwlocks
ANDROID: drm/msm/a6xx: Make a6xx_gmu_bo.iova a dma_addr_t
FROMLIST: of: of_reserved_mem: Increase limit on number of reserved regions
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
FROMLIST: drm/msm/a6xx: Use the DMA API for GMU memory objects
FROMLIST: arm64: dts: sdm845: Set the virtual address range for GMU allocations
UPSTREAM: of: Make of_dma_get_range() work on bus nodes
UPSTREAM: of/address: Fix of_pci_range_parser_one translation of DMA addresses
UPSTREAM: of/address: Translate 'dma-ranges' for parent nodes missing 'dma-ranges'
UPSTREAM: of: Factor out #{addr,size}-cells parsing
UPSTREAM: of: address: Follow DMA parent for "dma-coherent"
UPSTREAM: of/address: Introduce of_get_next_dma_parent() helper
UPSTREAM: of: Make of_dma_get_range() private
ANDROID: fix merge issue in 5.4.22
ANDROID: update ABI for 5.4.22
Linux 5.4.22
rtc: Kconfig: select REGMAP_I2C when necessary
bcache: properly initialize 'path' and 'err' in register_bcache()
drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2)
s390/pci: Recover handle in clp_set_pci_fn()
mlxsw: spectrum_dpipe: Add missing error path
fuse: don't overflow LLONG_MAX with end offset
virtio_balloon: prevent pfn array overflow
cifs: log warning message (once) if out of disk space
i40e: Relax i40e_xsk_wakeup's return value when PF is busy
help_next should increase position index
NFS: Fix memory leaks
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
asm-generic/tlb: add missing CONFIG symbol
iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta()
iwlwifi: mvm: Fix thermal zone registration
nvme-pci: remove nvmeq->tags
nvmet: Pass lockdep expression to RCU lists
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: fix incorrect data type usage in btree_flush_write()
bcache: explicity type cast in bset_bkey_last()
bcache: fix memory corruption in bch_cache_accounting_clear()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
ocfs2: make local header paths relative to C files
btrfs: do not do delalloc reservation under page lock
powerpc: Do not consider weak unresolved symbol relocations as bad
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
char: hpet: Fix out-of-bounds read bug
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
drm/amd/display: do not allocate display_mode_lib unnecessarily
rbd: work around -Wuninitialized warning
ceph: check availability of mds cluster on mount after wait timeout
powerpc/mm: Don't log user reads to 0xffffffff
bpf: map_seq_next should always increase position index
cifs: fix NULL dereference in match_prepath
cifs: Fix mount options set in automount
cifs: fix unitialized variable poential problem with network I/O cache lock patch
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
rtw88: fix potential NULL skb access in TX ISR
hostap: Adjust indentation in prism2_hostapd_add_sta
ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82
ARM: 8951/1: Fix Kexec compilation issue.
selftests/eeh: Bump EEH wait time to 60s
powerpc/pseries/lparcfg: Fix display of Maximum Memory
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
selftests: bpf: Reset global state between reuseport test runs
alarmtimer: Make alarmtimer platform device child of RTC device
iommu/vt-d: Remove unnecessary WARN_ON_ONCE()
bcache: fix use-after-free in register_bcache()
bcache: rework error unwinding in register_bcache
bcache: cached_dev_free needs to put the sb page
btrfs: Fix split-brain handling when changing FSID to metadata uuid
btrfs: separate definition of assertion failure handlers
media: uvcvideo: Add a quirk to force GEO GC6500 Camera bits-per-pixel value
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
drm/nouveau/mmu: fix comptag memory leak
sunrpc: Fix potential leaks in sunrpc_cache_unhash()
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
bpf, btf: Always output invariant hit in pahole DWARF to BTF transform
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
s390: adjust -mpacked-stack support check for clang 10
x86/decoder: Add TEST opcode to Group3-2
objtool: Fix ARCH=x86_64 build error
kbuild: use -S instead of -E for precise cc-option test in Kconfig
spi: spi-fsl-qspi: Ensure width is respected in spi-mem operations
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
regulator: core: Fix exported symbols to the exported GPL version
remoteproc: Initialize rproc_class before use
module: avoid setting info->name early in case we can fall back to info->mod->name
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
regulator: vctrl-regulator: Avoid deadlock getting and setting the voltage
ASoC: SOF: Intel: hda: Fix SKL dai count
debugobjects: Fix various data races
watchdog/softlockup: Enforce that timestamp is valid on boot
perf/x86/amd: Constrain Large Increment per Cycle events
sched/topology: Assert non-NUMA topology masks don't (partially) overlap
sched/core: Fix size of rq::uclamp initialization
arm64: dts: ti: k3-j721e-main: Add missing power-domains for smmu
KVM: PPC: Remove set but not used variable 'ra', 'rs', 'rt'
EDAC/sifive: Fix return value check in ecc_register()
drm/amd/display: fixup DML dependencies
arm64: fix alternatives with LLVM's integrated assembler
arm64: lse: fix LSE atomics with LLVM's integrated assembler
RDMA/mlx5: Don't fake udata for kernel path
ALSA: usb-audio: add implicit fb quirk for MOTU M Series
crypto: essiv - fix AEAD capitalization and preposition use in help text
scsi: iscsi: Don't destroy session if there are outstanding connections
scsi: ufs-mediatek: add apply_dev_quirks variant operation
scsi: ufs: pass device information to apply_dev_quirks
f2fs: free sysfs kobject
f2fs: set I_LINKABLE early to avoid wrong access by vfs
ALSA: usb-audio: unlock on error in probe
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
kbuild: remove *.tmp file when filechk fails
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
perf/imx_ddr: Fix cpu hotplug state cleanup
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
gpiolib: Set lockdep class for hierarchical irq domains
dm thin: don't allow changing data device during thin-pool reload
drm/nouveau/fault/gv100-: fix memory leak on module unload
drm/nouveau/drm/ttm: Remove set but not used variable 'mem'
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map
ASoC: SOF: Intel: hda-dai: fix compilation warning in pcm_prepare
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
visorbus: fix uninitialized variable access
misc: xilinx_sdfec: fix xsdfec_poll()'s return type
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
raid6/test: fix a compilation warning
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
ALSA: usb-audio: Add boot quirk for MOTU M Series
ARM: dts: rockchip: add reg property to brcmf sub node for rk3188-bqedison2qc
arm64: dts: rockchip: add reg property to brcmf sub-nodes
arm64: dts: rockchip: fix dwmmc clock name for px30
clocksource: davinci: only enable clockevents once tim34 is initialized
wan: ixp4xx_hss: fix compile-testing on 64-bit
x86/nmi: Remove irq_work from the long duration NMI handler
bnxt: Detach page from page pool before sending up the stack
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats
IB/hfi1: Add software counter for ctxt0 seq drop
staging: rtl8188: avoid excessive stack usage
drm/mediatek: Add gamma property according to hardware capability
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco
usb: dwc3: use proper initializers for property entries
drm: remove the newline for CRC source name.
RDMA/hns: Avoid printing address of mtt page
mlx5: work around high stack usage with gcc
drm/amdkfd: Fix permissions of hang_hws
iommu/vt-d: Avoid sending invalid page response
iommu/vt-d: Match CPU and IOMMU paging mode
ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch
ASoC: Intel: sof_rt5682: Ignore the speaker amp when there isn't one.
vfio/spapr/nvlink2: Skip unpinning pages on error exit
tools lib api fs: Fix gcc9 stringop-truncation compilation error
net: phy: fixed_phy: fix use-after-free when checking link GPIO
ALSA: sh: Fix compile warning wrt const
ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too
clk: uniphier: Add SCSSI clock gate for each channel
clk: Use parent node pointer during registration if necessary
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
fbdev: fix numbering of fbcon options
ASoC: soc-topology: fix endianness issues
reset: uniphier: Add SCSSI reset control for each channel
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
drm/fbdev: Fallback to non tiled mode if all tiles not present
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
PM / devfreq: exynos-ppmu: Fix excessive stack usage
x86/vdso: Provide missing include file
crypto: chtls - Fixed memory leak
net: phy: realtek: add logging for the RGMII TX delay configuration
bpf: Print error message for bpftool cgroup show
dmaengine: imx-sdma: Fix memory leak
dmaengine: Store module owner in dma_device struct
clk: actually call the clock init before any other callback of the clock
iommu/iova: Silence warnings under memory pressure
iommu/amd: Only support x2APIC with IVHD type 11h/40h
iommu/amd: Check feature support bit before accessing MSI capability registers
arm64: dts: qcom: db845c: Enable ath10k 8bit host-cap quirk
scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
ARM: dts: r8a7779: Add device node for ARM global timer
clk: renesas: rcar-gen3: Allow changing the RPC[D2] clocks
drm/mediatek: handle events when enabling/disabling crtc
crypto: inside-secure - add unspecified HAS_IOMEM dependency
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
nfsd: Clone should commit src file metadata too
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
clk: qcom: smd: Add missing bimc clock
drm/amdgpu: fix KIQ ring test fail in TDR of SRIOV
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
PCI: Add DMA alias quirk for PLX PEX NTB
PCI: Add nr_devfns parameter to pci_add_dma_alias()
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
fore200e: Fix incorrect checks of NULL pointer dereference
r8169: check that Realtek PHY driver module is loaded
samples/bpf: Set -fno-stack-protector when building BPF programs
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
selftests/net: make so_txtime more robust to timer variance
gpu/drm: ingenic: Avoid null pointer deference in plane atomic update
Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace"
PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers
PCI: Add generic quirk for increasing D3hot delay
media: cx23885: Add support for AVerMedia CE310B
PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in
bus: ti-sysc: Implement quirk handling for CLKDM_NOAUTO
ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
ARM: exynos_defconfig: Bring back explicitly wanted options
clk: imx: Add correct failure handling for clk based helpers
padata: validate cpumask without removed CPU during offline
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
opp: Free static OPPs on errors while adding them
arm: dts: allwinner: H3: Add PMU node
arm64: dts: allwinner: H5: Add PMU node
arm64: dts: allwinner: H6: Add PMU mode
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
ASoC: intel: sof_rt5682: Add support for tgl-max98357a-rt5682
ASoC: intel: sof_rt5682: Add quirk for number of HDMI DAI's
modules: lockdep: Suppress suspicious RCU usage warning
arm64: dts: rockchip: Fix NanoPC-T4 cooling maps
drm/panel: simple: Add Logic PD Type 28 display support
drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG
ath10k: correct the tlv len of ath10k_wmi_tlv_op_gen_config_pno_start
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
bpf, sockhash: Synchronize_rcu before free'ing map
drm/amdkfd: Fix a bug in SDMA RLC queue counting under HWS mode
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
clk: qcom: Don't overwrite 'cfg' in clk_rcg2_dfs_populate_freq()
kconfig: fix broken dependency in randconfig-generated .config
block, bfq: do not plug I/O for bfq_queues with no proc refs
drivers/block/zram/zram_drv.c: fix error return codes not being returned in writeback_store
Btrfs: keep pages dirty when using btrfs_writepage_fixup_worker
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
tracing: Simplify assignment parsing for hist triggers
drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
rtc: i2c/spi: Avoid inclusion of REGMAP support when not needed
selftests: settings: tests can be in subsubdirs
brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362
rtw88: fix rate mask for 1SS chip
ath10k: Correct the DMA direction for management tx buffers
ext4, jbd2: ensure panic when aborting with zero errno
ARM: 8952/1: Disable kmemleak on XIP kernels
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
powerpc/iov: Move VF pdev fixup into pcibios_fixup_iov()
s390/pci: Fix possible deadlock in recover_store()
wan/hdlc_x25: fix skb handling
dmaengine: fsl-qdma: fix duplicated argument to &&
udf: Allow writing to 'Rewritable' partitions
pwm: omap-dmtimer: Simplify error handling
x86/sysfb: Fix check for bad VRAM size
clk: ti: dra7: fix parent for gmac_clkctrl
ext4: fix deadlock allocating bio_post_read_ctx from mempool
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
drm/amd/display: Clear state after exiting fixed active VRR state
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
drm/nouveau/nouveau: fix incorrect sizeof on args.src an args.dst
spi: fsl-lpspi: fix only one cs-gpio working
drm/amdgpu/sriov: workaround on rev_id for Navi12 under sriov
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
raid6/test: fix a compilation error
net: ethernet: ixp4xx: Standard module init
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
IB/core: Let IB core distribute cache update events
kernel/module: Fix memleak in module_add_modinfo_attrs()
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
x86/fpu: Deactivate FPU state after failure during state load
iommu/vt-d: Fix off-by-one in PASID allocation
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
clk: meson: meson8b: make the CCF use the glitch-free mali mux
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
clk: at91: sam9x60: fix programmable clock prescaler
media: sun4i-csi: Fix [HV]sync polarity handling
media: sun4i-csi: Fix data sampling polarity handling
media: sun4i-csi: Deal with DRAM offset
media: i2c: mt9v032: fix enum mbus codes and frame sizes
media: ov5640: Fix check for PLL1 exceeding max allowed rate
pxa168fb: Fix the function used to release some memory in an error handling path
drm/msm/adreno: fix zap vs no-zap handling
drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank()
printk: fix exclusive_console replaying
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
drm/amd/display: Map ODM memory correctly when doing ODM combine
PCI: Fix pci_add_dma_alias() bitmask size
brcmfmac: Fix use after free in brcmf_sdio_readframes()
brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
clk: meson: pll: Fix by 0 division in __pll_params_to_rate()
media: meson: add missing allocation failure check on new_buf
f2fs: call f2fs_balance_fs outside of locked page
f2fs: preallocate DIO blocks when forcing buffered_io
rcu: Fix data-race due to atomic_t copy-by-value
rcu: Fix missed wakeup of exp_wq waiters
rcu/nocb: Fix dump_tree hierarchy print always active
drm/qxl: Complete exception handling in qxl_device_init()
wil6210: fix break that is never reached because of zero'ing of a retry counter
ath10k: Fix qmi init error handling
drm/gma500: Fixup fbdev stolen size usage evaluation
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
net/smc: fix leak of kernel memory to user space
enic: prevent waking up stopped tx queues over watchdog reset
core: Don't skip generic XDP program execution for cloned SKBs
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: rtc: class: support hctosys from modular RTC drivers
ANDROID: update the abi after clk changes
ANDROID: update abi for f2fs/fscrypt merge
ANDROID: Kconfig.gki: Remove most of the built in qcom clks
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: gki: Set CONFIG_SERIAL_SAMSUNG for early con.
UPSTREAM: tty: serial: samsung_tty: remove SERIAL_SAMSUNG_DEBUG
UPSTREAM: tty: serial: samsung_tty: build it for any platform
UPSTREAM: tty: serial: samsung_tty: do not abuse the struct uart_port unused fields
UPSTREAM: tty: serial: samsung_tty: fix blank line checkpatch warning
UPSTREAM: tty: serial: samsung_tty: fix up minor comment formatting
UPSTREAM: tty: serial: samsung_tty: use 'unsigned int' not 'unsigned'
UPSTREAM: tty: serial: samsung_tty: use standard debugging macros
UPSTREAM: tty: serial: samsung_tty: drop unneded dbg() calls
UPSTREAM: tty: serial: samsung_tty: delete samsung.h
UPSTREAM: tty: serial: samsung.h: remove reset_port callback from struct s3c24xx_uart_info
UPSTREAM: tty: serial: samsung.h: fix up minor comment issues
UPSTREAM: tty: serial: samsung_tty: fix build warning
UPSTREAM: tty: serial: samsung: allow driver to be built by anyone
UPSTREAM: tty: serial: samsung: remove variable 'ufstat' set but not used
UPSTREAM: {tty: serial, nand: onenand}: samsung: rename to fix build warning
UPSTREAM: random: ignore GRND_RANDOM in getentropy(2)
UPSTREAM: random: add GRND_INSECURE to return best-effort non-cryptographic bytes
UPSTREAM: linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
UPSTREAM: linux/random.h: Use false with bool
UPSTREAM: linux/random.h: Remove arch_has_random, arch_has_random_seed
UPSTREAM: random: remove some dead code of poolinfo
UPSTREAM: random: fix typo in add_timer_randomness()
UPSTREAM: random: Add and use pr_fmt()
UPSTREAM: random: convert to ENTROPY_BITS for better code readability
UPSTREAM: random: remove unnecessary unlikely()
UPSTREAM: random: remove kernel.random.read_wakeup_threshold
UPSTREAM: random: delete code to pull data into pools
UPSTREAM: random: remove the blocking pool
UPSTREAM: random: make /dev/random be almost like /dev/urandom
UPSTREAM: random: Add a urandom_read_nowait() for random APIs that don't warn
UPSTREAM: random: Don't wake crng_init_wait when crng_init == 1
UPSTREAM: char/random: silence a lockdep splat with printk()
ANDROID: Incremental fs: Support xattrs
BACKPORT: sched/fair: Remove wake_cap()
UPSTREAM: sched/core: Remove for_each_lower_domain()
UPSTREAM: sched/topology: Remove SD_BALANCE_WAKE on asymmetric capacity systems
UPSTREAM: sched/fair: Add asymmetric CPU capacity wakeup scan
ANDROID: ufs: add quirk to fix abnormal ocs fatal error
FROMLIST: ufs: fix a bug on printing PRDT
ANDROID: update abi for 5.4.21
ANDROID: clang: update to 10.0.4
Linux 5.4.21
mmc: core: Rework wp-gpio handling
gpio: add gpiod_toggle_active_low()
KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging
ext4: choose hardlimit when softlimit is larger than hardlimit in ext4_statfs_project()
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
Revert "drm/sun4i: drv: Allow framebuffer modifiers in mode config"
NFSv4.1 make cachethis=no for writes
perf stat: Don't report a null stalled cycles per insn metric
KVM: x86: Mask off reserved bit from #DB exception payload
arm64: dts: fast models: Fix FVP PCI interrupt-map property
cifs: fix mount option display for sec=krb5i
mac80211: fix quiet mode activation in action frames
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
spmi: pmic-arb: Set lockdep class for hierarchical irq domains
sched/uclamp: Reject negative values in cpu_uclamp_write()
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create
RDMA/iw_cxgb4: initiate CLOSE when entering TERM
RDMA/core: Fix invalid memory access in spec_filter_size
IB/umad: Fix kernel crash while unloading ib_umad
IB/rdmavt: Reset all QPs when the device is shut down
IB/hfi1: Close window for pq and request coliding
IB/hfi1: Acquire lock to release TID entries when user file is closed
IB/mlx5: Return failure when rts2rts_qp_counters_set_id is not supported
drivers: ipmi: fix off-by-one bounds check that leads to a out-of-bounds write
nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info
bus: moxtet: fix potential stack buffer overflow
drm/panfrost: Make sure the shrinker does not reclaim referenced BOs
drm/vgem: Close use-after-free race in vgem_gem_create
s390/uv: Fix handling of length extensions
s390/pkey: fix missing length of protected key on return
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
EDAC/mc: Fix use-after-free and memleaks during device removal
EDAC/sysfs: Remove csrow objects on errors
cifs: make sure we do not overflow the max EA buffer size
xprtrdma: Fix DMA scatter-gather list mapping imbalance
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
gpio: xilinx: Fix bug where the wrong GPIO register is written to
ARM: npcm: Bring back GPIOLIB support
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
btrfs: ref-verify: fix memory leaks
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: add cond_resched() to ext4_protect_reserved_inode
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000
ALSA: usb-audio: sound: usb: usb true/false for bool return type
ACPI: PM: s2idle: Prevent spurious SCIs from waking up the system
ACPICA: Introduce acpi_any_gpe_status_set()
ACPI: PM: s2idle: Avoid possible race related to the EC GPE
ACPI: EC: Fix flushing of pending work
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
ALSA: hda/realtek - Fix silent output on MSI-GL73
ALSA: hda/realtek - Add more codec supported Headset Button
ALSA: usb-audio: Fix UAC2/3 effect unit parsing
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ANDROID: ABI/Whitelist: initial unisoc whitelist
ANDROID: Fix ABI representation after enabling CONFIG_NET_NS
ANDROID: gki_defconfig: Enable CONFIG_NET_NS
ANDROID: gki_defconfig: Enable XDP_SOCKETS
ANDROID: gki_defconfig: Enable MAC80211_RC_MINSTREL
ANDROID: virtio: virtio_input: pass _DIRECT only if the device advertises _DIRECT
ANDROID: staging: ion: delete unused heap types and IDs
ANDROID: gki_defconfig: disable system_contig ion heap.
ANDROID: cf build: Use merge_configs
ANDROID: net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
ANDROID: gki_defconfig: Disable SDCARD_FS
Linux 5.4.20
selinux: fall back to ref-walk if audit is required
libertas: make lbs_ibss_join_existing() return error code on rates overflow
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
dmaengine: axi-dmac: add a check for devm_regmap_init_mmio
clk: meson: g12a: fix missing uart2 in regmap table
mfd: max77650: Select REGMAP_IRQ in Kconfig
regmap: fix writes to non incrementing registers
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control
selinux: fix regression introduced by move_mount(2) syscall
selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"
bcache: avoid unnecessary btree nodes flushing in btree_flush_write()
dt-bindings: iio: adc: ad7606: Fix wrong maxItems value
media: i2c: adv748x: Fix unsafe macros
drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe
crypto: caam/qi2 - fix typo in algorithm's driver name
crypto: atmel-sha - fix error handling when setting hmac key
crypto: artpec6 - return correct error code for failed setkey()
crypto: testmgr - don't try to decrypt uninitialized buffers
mtd: sharpslpart: Fix unsigned comparison to zero
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer
KVM: arm64: pmu: Fix chained SW_INCR counters
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm/arm64: Fix young bit from mmu notifier
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
arm64: cpufeature: Fix the type of no FP/SIMD capability
sched/uclamp: Fix a bug in propagating uclamp value in new cgroups
ARM: 8949/1: mm: mark free_memmap as __init
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: at91: pm: use of_device_id array to find the proper shdwc node
ARM: at91: pm: use SAM9X60 PMC's compatible
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths
powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX
powerpc/ptdump: Fix W+X verification call in mark_rodata_ro()
Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests"
soc: qcom: rpmhpd: Set 'active_only' for active only power domains
tools/power/acpi: fix compilation error
ARM: dts: at91: sama5d3: define clock rate range for tcb1
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP
ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP
arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node
arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: Reenable UART TX pull-ups
arm64: dts: uDPU: fix broken ethernet
arm64: dts: qcom: msm8998: Fix tcsr syscon size
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
watchdog: qcom: Use platform_get_irq_optional() for bark irq
rtc: cmos: Stop using shared IRQ
rtc: hym8563: Return -EINVAL if the time is known to be invalid
x86/boot: Handle malformed SRAT tables during early ACPI parsing
NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
NFSv4: try lease recovery on NFS4ERR_EXPIRED
NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
NFS: Fix fix of show_nfs_errors
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFS: Revalidate the file size on a fatal write error
nfs: NFS_SWAP should depend on SWAP
bpf, sockmap: Check update requirements after locking
bpf: Improve bucket_log calculation logic
selftests/bpf: Test freeing sockmap/sockhash with a socket in it
bpf, sockhash: Synchronize_rcu before free'ing map
bpf, sockmap: Don't sleep while holding RCU lock on tear-down
bpftool: Don't crash on missing xlated program instructions
iwlwifi: mvm: avoid use after free for pmsr request
PCI/AER: Initialize aer_fifo
PCI: Don't disable bridge BARs when assigning bus resources
PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30
PCI/switchtec: Fix vep_vector_number ioread width
PCI/switchtec: Use dma_set_mask_and_coherent()
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
RDMA/umem: Fix ib_umem_find_best_pgsz()
RDMA/cma: Fix unbalanced cm_id reference count during address resolve
RDMA/uverbs: Verify MR access flags
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/i40iw: fix a potential NULL pointer dereference
RDMA/netlink: Do not always generate an ACK for some netlink operations
IB/mlx4: Fix leak in id_map_find_del
IB/srp: Never use immediate data if it is disabled by a user
IB/mlx4: Fix memory leak in add_gid error flow
hv_sock: Remove the accept port restriction
ASoC: pcm: update FE/BE trigger order based on the command
ANDROID: gki_defconfig: Add CONFIG_UNICODE
ANDROID: added memory initialization tests to cuttlefish config
ANDROID: gki_defconfig: enable CONFIG_RUNTIME_TESTING_MENU
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
ubifs: use IS_ENCRYPTED() instead of ubifs_crypt_is_encrypted()
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
FROMLIST: rename missed uaccess .fixup section
ANDROID: gki_defconfig: enable heap and stack initialization.
ANDROID: ABI/Whitelist: update for db845c
ANDROID: ABI/Whitelist: update for Cuttlefish
ANDROID: update ABI representation and GKI whitelist
ANDROID: f2fs: fix missing blk-crypto changes
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
UPSTREAM: dynamic_debug: allow to work if debugfs is disabled
UPSTREAM: serial: sprd: Add polling IO support
UPSTREAM: dmaengine: sprd: Add wrap address support for link-list mode
UPSTREAM: pinctrl: sprd: Add CM4 sleep mode support
UPSTREAM: pinctrl: sprd: Add PIN_CONFIG_BIAS_DISABLE configuration support
UPSTREAM: spi: sprd: adi: Set BIT_WDG_NEW bit when rebooting
UPSTREAM: nvmem: sprd: Add Spreadtrum SoCs eFuse support
UPSTREAM: dt-bindings: nvmem: Add Spreadtrum eFuse controller documentation
UPSTREAM: scsi: ufs-mediatek: enable low-power mode for hibern8 state
BACKPORT: scsi: ufs: export some functions for vendor usage
UPSTREAM: scsi: ufs-mediatek: add dbg_register_dump implementation
UPSTREAM: scsi: ufs-mediatek: add apply_dev_quirks variant operation
UPSTREAM: scsi: ufs: pass device information to apply_dev_quirks
UPSTREAM: scsi: ufs: add device reset history for vendor implementations
UPSTREAM: scsi: ufs: fix empty check of error history
UPSTREAM: scsi: ufs-mediatek: configure and enable clk-gating
UPSTREAM: scsi: ufs-mediatek: configure customized auto-hibern8 timer
BACKPORT: scsi: ufs: export ufshcd_auto_hibern8_update for vendor usage
UPSTREAM: scsi: ufs-mediatek: introduce reference clock control
UPSTREAM: scsi: ufs-mediatek: add device reset implementation
UPSTREAM: scsi: soc: mediatek: add header for SiP service interface
BACKPORT: scsi: ufs: use ufshcd_vops_dbg_register_dump for vendor specific dumps
BACKPORT: scsi: ufs: unify scsi_block_requests usage
UPSTREAM: scsi: ufs: disable interrupt during clock-gating
UPSTREAM: scsi: ufs: disable irq before disabling clocks
UPSTREAM: scsi: ufs-mediatek: enable auto suspend capability
ANDROID: update ABI for 5.4.19
ANDROID: fix up dummy-cpufreq.c due to api changes
Linux 5.4.19
powerpc/kuap: Fix set direction in allow/prevent_user_access()
regulator fix for "regulator: core: Add regulator_is_equal() helper"
rxrpc: Fix service call disconnection
perf/core: Fix mlock accounting in perf_mmap()
clocksource: Prevent double add_timer_on() for watchdog_timer
x86/apic/msi: Plug non-maskable MSI affinity race
cifs: fail i/o on soft mounts if sessionsetup errors out
KVM: Play nice with read-only memslots when querying host page size
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: x86: fix overlap between SPTE_MMIO_MASK and generation
KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM
KVM: x86: use CPUID to locate host page table reserved bits
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
drm/dp_mst: Remove VCPI while disabling topology mgr
btrfs: free block groups after free'ing fs trees
btrfs: use bool argument in free_root_pointers()
x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode
mfd: bd70528: Fix hour register mask
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug
net/mlx5: Deprecate usage of generic TLS HW capability bit
net/mlx5: Fix deadlock in fs_core
drop_monitor: Do not cancel uninitialized work item
qed: Fix timestamping issue for L2 unicast ptp packets.
ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
taprio: Fix dropping packets when using taprio + ETF offloading
taprio: Use taprio_reset_tc() to reset Traffic Classes configuration
taprio: Add missing policy validation for flags
taprio: Fix still allowing changing the flags during runtime
taprio: Fix enabling offload with wrong number of traffic classes
net: macb: Limit maximum GEM TX length in TSO
net: macb: Remove unnecessary alignment check for TSO
net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx
net/mlx5: IPsec, Fix esp modify function attribute
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net: stmmac: fix a possible endless loop
net_sched: fix a resource leak in tcindex_set_parms()
net: mvneta: move rx_dropped and rx_errors in per-cpu stats
net: dsa: microchip: enable module autoprobe
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan()
dpaa_eth: support all modes with rate adapting PHYs
devlink: report 0 after hitting end in region read
bonding/alb: properly access headers in bond_alb_xmit()
ASoC: sgtl5000: Fix VDDA and VDDIO comparison
regulator: core: Add regulator_is_equal() helper
ubifs: Fix memory leak from c->sup_node
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
virtio_balloon: Fix memory leaks on errors in virtballoon_probe()
virtio-balloon: Fix memory leak when unloading while hinting is in progress
nfsd: Return the correct number of bytes written to the file
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/core: Fix ODP get user pages flow
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
ppp: Adjust indentation into ppp_async_input
NFC: pn544: Adjust indentation in pn544_hci_check_presence
drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
phy: qualcomm: Adjust indentation in read_poll_timeout
mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two
scsi: ufs: Recheck bkops level if bkops is disabled
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
ASoC: meson: axg-fifo: fix fifo threshold setup
percpu: Separate decrypted varaibles anytime encryption can be enabled
broken ping to ipv6 linklocal addresses on debian buster
fix up iter on short count in fuse_direct_io()
virtio-pci: check name when counting MSI-X vectors
virtio-balloon: initialize all vq callbacks
drm/amd/dm/mst: Ignore payload update failures
clk: tegra: Mark fuse clock as critical
mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high power mode
mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section
ocfs2: fix oops when writing cloned file
KVM: s390: do not clobber registers during guest reset/store status
KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation
KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu()
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: x86: Don't let userspace set host-reserved cr4 bits
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
x86/KVM: Clean up host's steal time structure
x86/kvm: Cache gfn to pfn translation
x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed
x86/kvm: Introduce kvm_(un)map_gfn()
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
kvm/svm: PKU not currently supported
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
aio: prevent potential eventfd recursion on poll
eventfd: track eventfd_signal() recursion depth
bcache: add readahead cache policy options via sysfs interface
watchdog: fix UAF in reboot notifier handling in watchdog core code
xen/balloon: Support xend-based toolstack take two
tools/kvm_stat: Fix kvm_exit filter name
media: rc: ensure lirc is initialized before registering input device
media: iguanair: fix endpoint sanity check
drm/rect: Avoid division by zero
drm: atmel-hlcdc: prefer a lower pixel-clock than requested
drm: atmel-hlcdc: enable clock before configuring timing engine
drm: atmel-hlcdc: use double rate for pixel clock only if supported
gfs2: fix O_SYNC write handling
gfs2: move setting current->backing_dev_info
gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
iwlwifi: don't throw error when trying to remove IGTK
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
btrfs: Correctly handle empty trees in find_first_clear_extent_bit
btrfs: flush write bio if we loop in extent_write_cache_pages
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: drop log root for dropped roots
btrfs: set trans->drity in btrfs_commit_transaction
Btrfs: fix infinite loop during fsync after rename operations
Btrfs: make deduplication with range including the last block work
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
ext4: fix race conditions in ->d_compare() and ->d_hash()
ext4: fix deadlock allocating crypto bounce page from mempool
jbd2_seq_info_next should increase position index
nfsd: fix filecache lookup
NFS: Directory page cache pages need to be locked when read
NFS: Fix memory leaks and corruption in readdir
scsi: qla2xxx: Fix unbound NVME response length
powerpc/futex: Fix incorrect user access blocking
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
crypto: api - Fix race condition in crypto_spawn_alg
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: arm64/ghash-neon - bump priority to 150
crypto: ccp - set max RSA modulus size for v3 platform devices as well
crypto: hisilicon - Use the offset fields in sqe to avoid need to split scatterlists
crypto: api - fix unexpectedly getting generic implementation
selftests: bpf: Ignore FIN packets for reuseport tests
selftests: bpf: Use a temporary file in test_sockmap
selftests/bpf: Skip perf hw events test if the setup disabled it
selftests/bpf: Fix test_attach_probe
samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach
samples/bpf: Don't try to remove user's homedir on clean
tc-testing: fix eBPF tests failure on linux fresh clones
libbpf: Fix realloc usage in bpf_core_find_cands
bpf, devmap: Pass lockdep expression to RCU lists
selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs
riscv, bpf: Fix broken BPF tail calls
btrfs: Handle another split brain scenario with metadata uuid feature
btrfs: fix improper setting of scanned for range cyclic write cache pages
crypto: pcrypt - Avoid deadlock by using per-instance padata queues
ftrace: Protect ftrace_graph_hash with ftrace_sync
ftrace: Add comment to why rcu_dereference_sched() is open coded
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
tracing: Annotate ftrace_graph_hash pointer with __rcu
ASoC: SOF: core: release resources on errors in probe_continue
ASoC: SOF: Introduce state machine for FW boot
scsi: qla2xxx: Fix stuck login session using prli_pend_timer
dm: fix potential for q->make_request_fn NULL pointer
dm thin metadata: use pool locking at end of dm_pool_metadata_close
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm crypt: fix GFP flags passed to skcipher_request_alloc()
dm writecache: fix incorrect flush sequence when doing SSD mode commit
dm space map common: fix to ensure new block isn't already in use
dm zoned: support zone sizes smaller than 128MiB
ARM: dma-api: fix max_pfn off-by-one error in __dma_supported()
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
cpufreq: Avoid creating excessively large stack frames
PM: core: Fix handling of devices deleted during system-wide resume
f2fs: fix race conditions in ->d_compare() and ->d_hash()
f2fs: fix dcache lookup of !casefolded directories
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
ovl: fix lseek overflow on 32bit
ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
power: supply: ltc2941-battery-gauge: fix use-after-free
power: supply: axp20x_ac_power: Fix reporting online status
cpupower: Revert library ABI changes from commit
|
||
Jeff Vander Stoep
|
84d2e30aeb |
ANDROID: selinux: modify RTM_GETLINK permission
Map the permission gating RTM_GETLINK messages to a new permission so
that it can be distinguished from the other netlink route permissions
in selinux policy.
This is a temporary Android-only patch that will be deprecated in
newer kernels once the long-term solution lands as discusssed on the
mailing list [1]. The maintainer's recommended solution is more
general, much more complex, and likely not suitable for backporting.
This patch provides the minimal change needed for Android including
the userspace settable trigger which ensures that the permission
change is only applied to the newest version of Android which
contains the changes needed for userpace compatibility.
[1]: https://lore.kernel.org/selinux/20200116142653.61738-1-jeffv@google.com/
Bug: 141455849
Bug: 148218425
Test: CtsSelinuxTargetSdkCurrentTestCases
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Set up hotspot
Test: Cast from device
Test: Pair Bluetooth device
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.
Change-Id: I7b44ce60ad98f858c412722d41b9842f8577151f
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Git-repo: https://android.googlesource.com/kernel/common
Git-commit:
|
||
|
Greg Kroah-Hartman
|
6d52041543 |
This is the 5.4.25 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5qJSMACgkQONu9yGCS
aT6/Dw//Usg9m0cBB4Ip4fYxI0EVz8BgnVe9KSdt+71gM63QCOi1ZeTS0NDMUtO0
MTsQSudUpfntrT8QHCmBwCZ5LlAAZvxDS9UOqnhkWbqNY5jGmUhH5u28RJL28dp2
8wJY6zZKg+pfOWXd81slW86uN27QZvURNEthT81sN2ucxe5DXV1gs87FILSdMpXm
I0Z3LpUoZDjpONeA6WTZqkDNA0J7Z9QjULx9/4LFi/gc0q1ApWC7FV1A9gpQHaBa
w4kDWJCGqq3mNx8Hi9BHau50VUHX5tuKvpn9RcmSl9BBba25pE5h0EVIGo8Dlq+9
T9hkVR5iXeMbFERnLm5iR0DjFHog/mOgAgUHSTTXB3BcdgIKWwUcc2gCcr2Y7KIK
CD7l+kX1nWUk4yYre7zXiG/vO9ilYgeboc8C5Qdq3XR6zaO90+8NUbCOpa2+6yEF
H7kugstb6l+iCJ1k8YJd0ORGOobl68+P79TLxAOFnkNGJRzuAoXmBH+xkqAugz1H
YKKAbE+MzW75sre7PxU1g1uPOHxfMfd5e3uRtUU5OETJv0A2kTte8ay5rqLNbe7H
QYqdfwTr2oFssnWKW5d/KdSopD5A/31/Kjkmzl6ED2xaLMEpA7zyed5p+G/Beu5s
dkPlteya8wCQ1W/KtDJRhbCauoG/NyCKIeoQitHBJwMapcEo8ZU=
=rDP8
-----END PGP SIGNATURE-----
Merge 5.4.25 into android-5.4
Changes in 5.4.25
block, bfq: get extra ref to prevent a queue from being freed during a group move
block, bfq: do not insert oom queue into position tree
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
net: stmmac: fix notifier registration
dm thin metadata: fix lockdep complaint
RDMA/core: Fix pkey and port assignment in get_new_pps
RDMA/core: Fix use of logical OR in get_new_pps
kbuild: fix 'No such file or directory' warning when cleaning
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
blktrace: fix dereference after null check
ALSA: hda: do not override bus codec_mask in link_get()
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
selftests: fix too long argument
usb: gadget: composite: Support more than 500mA MaxPower
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: serial: fix Tx stall after buffer overflow
habanalabs: halt the engines before hard-reset
habanalabs: do not halt CoreSight during hard reset
habanalabs: patched cb equals user cb in device memset
drm/msm/mdp5: rate limit pp done timeout warnings
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/modes: Make sure to parse valid rotation value from cmdline
drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters
scsi: megaraid_sas: silence a warning
drm/msm/dsi: save pll state before dsi host is powered off
drm/msm/dsi/pll: call vco set rate explicitly
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
selftests: forwarding: vxlan_bridge_1d: fix tos value
net: atlantic: check rpc result and wait for rpc address
net: ks8851-ml: Remove 8-bit bus accessors
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Fix 16-bit IO operation
net: ethernet: dm9000: Handle -EPROBE_DEFER in dm9000_parse_dt()
watchdog: da9062: do not ping the hw during stop()
s390/cio: cio_ignore_proc_seq_next should increase position index
s390: make 'install' not depend on vmlinux
efi: Only print errors about failing to get certs if EFI vars are found
net/mlx5: DR, Fix matching on vport gvmi
iommu/amd: Disable IOMMU on Stoney Ridge systems
nvme/pci: Add sleep quirk for Samsung and Toshiba drives
nvme-pci: Use single IRQ vector for old Apple models
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/qdio: fill SL with absolute addresses
nvme: Fix uninitialized-variable warning
ice: Don't tell the OS that link is going down
x86/xen: Distribute switch variables for initialization
net: thunderx: workaround BGX TX Underflow issue
csky/mm: Fixup export invalid_pte_table symbol
csky: Set regs->usp to kernel sp, when the exception is from kernel
csky/smp: Fixup boot failed when CONFIG_SMP
csky: Fixup ftrace modify panic
csky: Fixup compile warning for three unimplemented syscalls
arch/csky: fix some Kconfig typos
selftests: forwarding: vxlan_bridge_1d: use more proper tos value
firmware: imx: scu: Ensure sequential TX
binder: prevent UAF for binderfs devices
binder: prevent UAF for binderfs devices II
ALSA: hda/realtek - Add Headset Mic supported
ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
cifs: don't leak -EAGAIN for stat() during reconnect
cifs: fix rename() by ensuring source handle opened with DELETE bit
usb: storage: Add quirk for Samsung Fit flash
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: cdns3: gadget: link trb should point to next request
usb: cdns3: gadget: toggle cycle bit before reset endpoint
usb: core: hub: fix unhandled return by employing a void function
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: port: do error out if usb_autopm_get_interface() fails
vgacon: Fix a UAF in vgacon_invert_region
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled
fat: fix uninit-memory access for partial initialized inode
btrfs: fix RAID direct I/O reads with alternate csums
arm64: dts: socfpga: agilex: Fix gmac compatible
arm: dts: dra76x: Fix mmc3 max-frequency
tty:serial:mvebu-uart:fix a wrong return
tty: serial: fsl_lpuart: free IDs allocated by IDA
serial: 8250_exar: add support for ACCES cards
vt: selection, close sel_buffer race
vt: selection, push console lock down
vt: selection, push sel_lock up
media: hantro: Fix broken media controller links
media: mc-entity.c: use & to check pad flags, not ==
media: vicodec: process all 4 components for RGB32 formats
media: v4l2-mem2mem.c: fix broken links
perf intel-pt: Fix endless record after being terminated
perf intel-bts: Fix endless record after being terminated
perf cs-etm: Fix endless record after being terminated
perf arm-spe: Fix endless record after being terminated
spi: spidev: Fix CS polarity if GPIO descriptors are used
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
s390/pci: Fix unexpected write combine on resource
s390/mm: fix panic in gup_fast on large pud
dmaengine: imx-sdma: fix context cache
dmaengine: imx-sdma: Fix the event id check to include RX event for UART6
dmaengine: tegra-apb: Fix use-after-free
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dm integrity: fix recalculation when moving from journal mode to bitmap mode
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
dm integrity: fix invalid table returned due to argument count mismatch
dm cache: fix a crash due to incorrect work item cancelling
dm: report suspended device during destroy
dm writecache: verify watermark during resume
dm zoned: Fix reference counter initial value of chunk works
dm: fix congested_fn for request-based device
arm64: dts: meson-sm1-sei610: add missing interrupt-names
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
spi: bcm63xx-hsspi: Really keep pll clk enabled
drm/virtio: make resource id workaround runtime switchable.
drm/virtio: fix resource id creation race
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: SOF: Fix snd_sof_ipc_stream_posn()
ASoC: intel: skl: Fix pin debug prints
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
powerpc: define helpers to get L1 icache sizes
powerpc: Convert flush_icache_range & friends to C
powerpc/mm: Fix missing KUAP disable in flush_coherent_icache()
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: Intel: Skylake: Fix available clock counter incrementation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
spi: atmel-quadspi: fix possible MMIO window size overrun
drm/panfrost: Don't try to map on error faults
drm: kirin: Revert "Fix for hikey620 display offset problem"
drm/sun4i: Add separate DE3 VI layer formats
drm/sun4i: Fix DE2 VI layer format support
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/i915: Program MBUS with rmw during initialization
drm/i915/selftests: Fix return in assert_mmap_offset()
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
ARM: dts: imx6: phycore-som: fix emmc supply
arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY
firmware: imx: misc: Align imx sc msg structs to 4
firmware: imx: scu-pd: Align imx sc msg structs to 4
firmware: imx: Align imx_sc_msg_req_cpu_start to 4
soc: imx-scu: Align imx sc msg structs to 4
Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow"
RDMA/rw: Fix error flow during RDMA context initialization
RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
RDMA/siw: Fix failure handling during device creation
RDMA/iwcm: Fix iwcm work deallocation
RDMA/core: Fix protection fault in ib_mr_pool_destroy
regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
IB/hfi1, qib: Ensure RCU is locked when accessing list
ARM: imx: build v7_cpu_resume() unconditionally
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
dma-buf: free dmabuf->name in dma_buf_release()
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
arm64: dts: meson: fix gxm-khadas-vim2 wifi
bus: ti-sysc: Fix 1-wire reset quirk
EDAC/synopsys: Do not print an error with back-to-back snprintf() calls
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi: READ_ONCE rng seed size before munmap
block, bfq: get a ref to a group when adding it to a service tree
block, bfq: remove ifdefs from around gets/puts of bfq groups
csky: Implement copy_thread_tls
drm/virtio: module_param_named() requires linux/moduleparam.h
Linux 5.4.25
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8ba29f273c7a2b02bfa54593f7a9087c34607cd5
|
||
Javier Martinez Canillas
|
4a1e1dda56 |
efi: Only print errors about failing to get certs if EFI vars are found
[ Upstream commit 3be54d558c75562e42bc83d665df024bd79d399b ] If CONFIG_LOAD_UEFI_KEYS is enabled, the kernel attempts to load the certs from the db, dbx and MokListRT EFI variables into the appropriate keyrings. But it just assumes that the variables will be present and prints an error if the certs can't be loaded, even when is possible that the variables may not exist. For example the MokListRT variable will only be present if shim is used. So only print an error message about failing to get the certs list from an EFI variable if this is found. Otherwise these printed errors just pollute the kernel log ring buffer with confusing messages like the following: [ 5.427251] Couldn't get size: 0x800000000000000e [ 5.427261] MODSIGN: Couldn't get UEFI db list [ 5.428012] Couldn't get size: 0x800000000000000e [ 5.428023] Couldn't get UEFI MokListRT Reported-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Tested-by: Hans de Goede <hdegoede@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Blagovest Kolenichev
|
6ec8cd9d1e |
Merge android-5.4.11 (fde6e0c) into msm-5.4
* refs/heads/tmp-fde6e0c: Linux 5.4.11 usb: missing parentheses in USE_NEW_SCHEME USB: serial: option: add Telit ME910G1 0x110a composition USB: core: fix check for duplicate endpoints usb: dwc3: gadget: Fix request complete check net/mlx5: DR, Init lists that are used in rule's member net/mlx5e: Fix hairpin RSS table size net/mlx5: DR, No need for atomic refcount for internal SW steering resources net/mlx5e: Always print health reporter message to dmesg net: dsa: mv88e6xxx: force cmode write on 6141/6341 net/mlx5: Move devlink registration before interfaces load macb: Don't unregister clks unconditionally vlan: vlan_changelink() should propagate errors vlan: fix memory leak in vlan_dev_set_egress_priority net: sch_prio: When ungrafting, replace with FIFO mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO vxlan: fix tos value before xmit tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY sch_cake: avoid possible divide by zero in cake_enqueue() pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM net: usb: lan78xx: fix possible skb leak net: stmmac: Fixed link does not need MDIO Bus net: stmmac: dwmac-sunxi: Allow all RGMII modes net: stmmac: dwmac-sun8i: Allow all RGMII modes net: freescale: fec: Fix ethtool -d runtime PM net: dsa: mv88e6xxx: Preserve priority when setting CPU port. macvlan: do not assume mac_header is set in macvlan_broadcast() gtp: fix bad unlock balance in gtp_encap_enable_socket tracing: Do not create directories if lockdown is in affect selftests: pmtu: fix init mtu value in description hv_netvsc: Fix unwanted rx_table reset llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) s390/qeth: don't return -ENOTSUPP to userspace s390/qeth: fix promiscuous mode after reset s390/qeth: handle error due to unsupported transport mode sbitmap: only queue kyber's wait callback if not already active parisc: Fix compiler warnings in debug_core.c block: fix memleak when __blk_rq_map_user_iov() is failed s390/dasd: fix memleak in path handling error case s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly block: Fix a lockdep complaint triggered by request queue flushing arm64: cpu_errata: Add Hisilicon TSV110 to spectre-v2 safe list platform/x86: pcengines-apuv2: fix simswap GPIO assignment net/ixgbe: Fix concurrency issues between config flow and XSK net/i40e: Fix concurrency issues between config flow and XSK net/mlx5e: Fix concurrency issues between config flow and XSK xsk: Add rcu_read_lock around the XSK wakeup tpm/tpm_ftpm_tee: add shutdown call back drm/exynos: gsc: add missed component_del s390/purgatory: do not build purgatory with kcov, kasan and friends net: stmmac: Always arm TX Timer at end of transmission start net: stmmac: RX buffer size must be 16 byte aligned net: stmmac: xgmac: Clear previous RX buffer size net: stmmac: Do not accept invalid MTU values net: stmmac: Determine earlier the size of RX buffer net: stmmac: selftests: Needs to check the number of Multicast regs clk: Move clk_core_reparent_orphans() under CONFIG_OF io_uring: don't wait when under-submitting iommu/dma: Relax locking in iommu_dma_prepare_msi() perf/smmuv3: Remove the leftover put_cpu() in error path fs: call fsnotify_sb_delete after evict_inodes fs: avoid softlockups in s_inodes iterators block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT usb: typec: fusb302: Fix an undefined reference to 'extcon_get_state' psi: Fix a division error in psi poll() sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime perf/x86/intel: Fix PT PMI handling perf/x86: Fix potential out-of-bounds access scripts: package: mkdebian: add missing rsync dependency kconfig: don't crash on NULL expressions in expr_eq() iommu/iova: Init the struct iova to fix the possible memleak staging: axis-fifo: add unspecified HAS_IOMEM dependency clk: at91: fix possible deadlock spi: nxp-fspi: Ensure width is respected in spi-mem operations regulator: rn5t618: fix module aliases ASoC: wm8962: fix lambda value rfkill: Fix incorrect check to avoid NULL pointer dereference parisc: add missing __init annotation parisc: fix compilation when KEXEC=n and KEXEC_FILE=y net: usb: lan78xx: Fix error message format specifier cxgb4: Fix kernel panic while accessing sge_info bnx2x: Fix logic to get total no. of PFs per engine bnx2x: Do not handle requests from VFs after parity habanalabs: remove variable 'val' set but not used habanalabs: rate limit error msg on waiting for CS bpf: Clear skb->tstamp in bpf_redirect when necessary ocxl: Fix potential memory leak on context creation Btrfs: fix hole extent items with a zero size after range cloning btrfs: handle error in btrfs_cache_block_group powerpc/spinlocks: Include correct header for static key powerpc/vcpu: Assume dedicated processors as non-preempt Btrfs: fix cloning range with a hole when using the NO_HOLES feature btrfs: Fix error messages in qgroup_rescan_init powerpc: Ensure that swiotlb buffer is allocated from low memory pinctrl: pinmux: fix a possible null pointer in pinmux_can_be_used_for_gpio cfg80211: fix double-free after changing network namespace mac80211: fix TID field in monitor mode transmit clk: walk orphan list on clock provider registration bus: ti-sysc: Fix missing reset delay handling pinctrl: aspeed-g6: Fix LPC/eSPI mux configuration ARM: imx_v6_v7_defconfig: Explicitly restore CONFIG_DEBUG_FS arm64: dts: ls1028a: fix reboot node samples: bpf: fix syscall_tp due to unused syscall samples: bpf: Replace symbol compare of trace_event kselftest: Support old perl versions kselftest/runner: Print new line in print of timeout log ARM: dts: am437x-gp/epos-evm: fix panel compatible spi: spi-ti-qspi: Fix a bug when accessing non default CS perf header: Fix false warning when there are no duplicate cache entries perf metricgroup: Fix printing event names of metric group with multiple events bpftool: Don't crash on missing jited insns or ksyms bpf, mips: Limit to 33 tail calls bpf, riscv: Limit to 33 tail calls arm64: dts: ls1028a: fix typo in TMU calibration data ARM: dts: bcm283x: Fix critical trip point ARM: omap2plus_defconfig: Add back DEBUG_FS ARM: dts: am335x-sancloud-bbe: fix phy mode ASoC: SOF: Intel: split cht and byt debug window sizes ASoC: SOF: loader: snd_sof_fw_parse_ext_data log warning on unknown header ASoC: topology: Check return value for soc_tplg_pcm_create() ASoC: topology: Check return value for snd_soc_add_dai_link() reset: Do not register resource data for missing resets spi: spi-cavium-thunderx: Add missing pci_release_regions() ARM: dts: Cygnus: Fix MDIO node address/size cells ARM: exynos_defconfig: Restore debugfs support selftests: safesetid: Fix Makefile to set correct test program selftests: safesetid: Check the return value of setuid/setgid selftests: safesetid: Move link library to LDLIBS selftests/ftrace: Fix multiple kprobe testcase selftests/ftrace: Do not to use absolute debugfs path selftests/ftrace: Fix ftrace test cases to check unsupported selftests/ftrace: Fix to check the existence of set_ftrace_filter ARM: dts: BCM5301X: Fix MDIO node address/size cells netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions netfilter: nf_tables: skip module reference count bump on object updates netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets netfilter: uapi: Avoid undefined left-shift in xt_sctp.h ARM: vexpress: Set-up shared OPP table instead of individual for each CPU ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing efi/earlycon: Remap entire framebuffer after page initialization efi/gop: Fix memory leak in __gop_query32/64() efi/gop: Return EFI_SUCCESS if a usable GOP was found efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs selftests: netfilter: use randomized netns names ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage regulator: core: fix regulator_register() error paths to properly release rdev libtraceevent: Copy pkg-config file to output folder when using O= libtraceevent: Fix lib installation with O= mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() netfilter: nf_tables_offload: Check for the NETDEV_UNREGISTER event x86/intel: Disable HPET on Intel Ice Lake platforms netfilter: ctnetlink: netns exit must wait for callbacks locking/spinlock/debug: Fix various data races spi: fsl: Handle the single hardwired chipselect case gpio: Handle counting of Freescale chipselects spi: fsl: Fix GPIO descriptor support ASoC: max98090: fix possible race conditions regulator: fix use after free issue spi: pxa2xx: Add support for Intel Jasper Lake ASoC: rt5682: fix i2c arbitration lost issue bpf: Fix passing modified ctx to ld/abs/ind instruction USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein ANDROID: Kconfig.gki: Add QCOM_SCM to QCOM Hidden configs ANDROID: iommu/arm-smmu: Allow inherting stream mapping from bootloader ANDROID: iommu/arm-smmu: Expose s2cr and smr structs to impl ANDROID: iommu/arm-smmu: Don't blindly use first SMR to calculate mask ANDROID: clk: qcom: Add sync_state = clk_sync_state for db845c clock providers UPSTREAM: net: usbnet: Fix -Wcast-function-type UPSTREAM: PM / QoS: Restore DEV_PM_QOS_MIN/MAX_FREQUENCY UPSTREAM: PM / QoS: Reorder pm_qos/freq_qos/dev_pm_qos structs UPSTREAM: USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein ANDROID: update kernel ABI (perf_event changes) BACKPORT: perf_event: Add support for LSM and SELinux checks ANDROID: Enable HID_STEAM and JOYSTICK_XPAD as y Conflicts: drivers/iommu/arm-smmu.c drivers/iommu/dma-iommu.c include/linux/pm_qos.h init/Kconfig.gki kernel/sched/psi.c Restored change |
||
|
Blagovest Kolenichev
|
a728307820 |
Merge android-5.4.9 (813bf83) into msm-5.4
* refs/heads/tmp-813bf83: ANDROID: update abi for previous revert Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks" Linux 5.4.9 mm/hugetlb: defer freeing of huge pages if in non-task context hsr: fix a race condition in node list insertion and deletion hsr: fix error handling routine in hsr_dev_finalize() hsr: avoid debugfs warning message when module is remove net: annotate lockless accesses to sk->sk_pacing_shift perf/x86/intel/bts: Fix the use of page_private() efi: Don't attempt to map RCI2 config table if it doesn't exist lib/ubsan: don't serialize UBSAN report xen/blkback: Avoid unmapping unmapped grant pages mm/sparse.c: mark populate_section_memmap as __meminit s390/smp: fix physical to logical CPU map for SMT Btrfs: only associate the locked page with one async_chunk struct btrfs: get rid of unique workqueue helper functions ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps net: add annotations on hh->hh_len lockless accesses xfs: periodically yield scrub threads to the scheduler drm/i915/execlists: Fix annotation for decoupling virtual request ath9k_htc: Discard undersized packets ath9k_htc: Modify byte order for an error message fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP fs: cifs: Fix atime update check vs mtime cifs: Fix lookup of root ses in DFS referral cache tty: serial: msm_serial: Fix lockup for sysrq and oops phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq arm64: dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning dt-bindings: clock: renesas: rcar-usb2-clock-sel: Fix typo in example media: usb: fix memory leak in af9005_identify_state regulator: ab8500: Remove AB8505 USB regulator media: flexcop-usb: ensure -EIO is returned on error condition arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node arm64: dts: meson-gxl-s905x-khadas-vim: fix uart_A bluetooth node Bluetooth: Fix memory leak in hci_connect_le_scan Bluetooth: delete a stray unlock Bluetooth: btusb: fix PM leak in error case of setup powerpc/mm: Mark get_slice_psize() & slice_addr_is_low() as notrace regulator: axp20x: Fix AXP22x ELDO2 regulator enable bitmask spi: uniphier: Fix FIFO threshold regulator: bd70528: Remove .set_ramp_delay for bd70528_ldo_ops regulator: axp20x: Fix axp20x_set_ramp_delay watchdog: tqmx86_wdt: Fix build error net, sysctl: Fix compiler warning when only cBPF is present netfilter: nf_queue: enqueue skbs with NULL dst platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table xfs: don't check for AG deadlock for realtime files in bunmapi firmware: arm_scmi: Avoid double free in error flow cifs: Fix potential softlockups while refreshing DFS cache of: overlay: add_changeset_property() memory leak iommu/vt-d: Remove incorrect PSI capability check perf callchain: Fix segfault in thread__resolve_callchain_sample() ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 kernel/module.c: wakeup processes in module_wq on module unload net/sched: annotate lockless accesses to qdisc->empty HID: i2c-hid: Reset ALPS touchpads on resume powerpc: Chunk calls to flush_dcache_range in arch_*_memory nfsd4: fix up replay_matches_cache() arm64: dts: qcom: msm8998-clamshell: Remove retention idle state sunrpc: fix crash when cache_head become valid before update PM / devfreq: Check NULL governor in available_governors_show drm/msm: include linux/sched/task.h spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode ftrace: Avoid potential division by zero in function profiler arm64: Revert support for execute-only user mappings exit: panic before exit_mm() on global init exit scsi: lpfc: Fix rpi release when deleting vport ALSA: firewire-motu: Correct a typo in the clock proc string ALSA: pcm: Yet another missing check of non-cached buffer type ALSA: cs4236: fix error return comparison of an unsigned integer gen_initramfs_list.sh: fix 'bad variable name' error dmaengine: virt-dma: Fix access after free in vchan_complete() apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock mm/gup: fix memory leak in __gup_benchmark_ioctl io_uring: use current task creds instead of allocating a new one samples/trace_printk: Wait for IRQ work to finish tracing: Fix endianness bug in histogram trigger tracing: Have the histogram compare functions convert to u64 first tracing: Avoid memory leak in process_system_preds() tracing: Fix lock inversion in trace_event_enable_tgid_record() rseq/selftests: Fix: Namespace gettid() for compatibility with glibc 2.30 riscv: ftrace: correct the condition logic in function graph tracer clocksource: riscv: add notrace to riscv_sched_clock gpiolib: fix up emulated open drain outputs gpio: xtensa: fix driver build libata: Fix retrieving of active qcs ata: ahci_brcm: BCM7425 AHCI requires AHCI_HFLAG_DELAY_ENGINE ata: ahci_brcm: Add missing clock management during recovery ata: ahci_brcm: Fix AHCI resources management ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() bpf: Fix precision tracking for unbounded scalars compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE compat_ioctl: block: handle Persistent Reservations Btrfs: fix infinite loop during nocow writeback due to race dmaengine: dma-jz4780: Also break descriptor chains on JZ4725B dmaengine: Fix access to uninitialized dma_slave_caps selftests/seccomp: Catch garbage on SECCOMP_IOCTL_NOTIF_RECV samples/seccomp: Zero out members based on seccomp_notif_sizes seccomp: Check that seccomp_notif is zeroed out by the user selftests/seccomp: Zero out seccomp_notif locks: print unsigned ino in /proc/locks gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again pstore/ram: Fix error-path memory leak in persistent_ram_new() callers pstore/ram: Write new dumps to start of recycled zones ocfs2: fix the crash due to call ocfs2_get_dlm_debug once less mm/oom: fix pgtables units mismatch in Killed process message mm: move_pages: return valid node id in status if the page is already on the target node memcg: account security cred as well to kmemcg mm/zsmalloc.c: fix the migrated zspage statistics. mm/memory_hotplug: shrink zones when offlining memory media: cec: check 'transmit_in_progress', not 'transmitting' media: cec: avoid decrementing transmit_queue_sz if it is 0 media: cec: CEC 2.0-only bcast messages were ignored media: pulse8-cec: fix lost cec_transmit_attempt_done() call MIPS: Avoid VDSO ABI breakage due to global register variable MIPS: BPF: eBPF JIT: check for MIPS ISA compliance in Kconfig MIPS: BPF: Disable MIPS32 eBPF JIT drm/amdgpu/smu: add metrics table lock for vega20 (v2) drm/amdgpu/smu: add metrics table lock for navi (v2) drm/amdgpu/smu: add metrics table lock for arcturus (v2) drm/amdgpu/smu: add metrics table lock drm/sun4i: hdmi: Remove duplicate cleanup calls ALSA: hda/realtek - Add headset Mic no shutup for ALC283 ALSA: hda - Apply sync-write workaround to old Intel platforms, too ALSA: usb-audio: set the interface format after resume on Dell WD19 ALSA: usb-audio: fix set_format altsetting sanity check ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code mm: drop mmap_sem before calling balance_dirty_pages() in write fault block: add bio_truncate to fix guard_bio_eod netfilter: nft_tproxy: Fix port selector on Big Endian ALSA: hda - Downgrade error message for single-cmd fallback taskstats: fix data-race shmem: pin the file in shmem_fault() if mmap_sem is dropped tcp: fix data-race in tcp_recvmsg() ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen PCI: Fix missing inline for pci_pr3_present() ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver PCI: Add a helper to check Power Resource Requirements _PR3 existence ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker PM / hibernate: memory_bm_find_bit(): Tighten node optimisation xen/balloon: fix ballooned page accounting without hotplug enabled xen-blkback: prevent premature module unload IB/mlx5: Fix steering rule of drop and count IB/mlx4: Follow mirror sequence of device add during device removal RDMA/counter: Prevent auto-binding a QP which are not tracked with res s390/cpum_sf: Avoid SBD overflow condition in irq handler s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits md: raid1: check rdev before reference in raid1_sync_request func raid5: need to set STRIPE_HANDLE for batch head afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP afs: Fix mountpoint parsing net: make socket read/write_iter() honor IOCB_NOWAIT usb: gadget: fix wrong endpoint desc drm/nouveau/kms/nv50-: fix panel scaling drm/nouveau: Fix drm-core using atomic code-paths on pre-nv50 hardware drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit staging/wlan-ng: add CRC32 dependency in Kconfig scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func scsi: libsas: stop discovering if oob mode is disconnected scsi: iscsi: qla4xxx: fix double free in probe scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI scsi: qla2xxx: Don't defer relogin unconditonally scsi: qla2xxx: Send Notify ACK after N2N PLOGI scsi: qla2xxx: Configure local loop for N2N target scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length scsi: qla2xxx: Don't call qlt_async_event twice scsi: qla2xxx: Drop superfluous INIT_WORK of del_work scsi: qla2xxx: Use explicit LOGO in target mode scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func rxe: correctly calculate iCRC for unaligned payloads RDMA/cma: add missed unregister_pernet_subsys in init failure afs: Fix SELinux setting security label on /afs afs: Fix afs_find_server lookups for ipv4 peers PM / devfreq: Don't fail devfreq_dev_release if not in list PM / devfreq: Set scaling_max_freq to max on OPP notifier error PM / devfreq: Fix devfreq_notifier_call returning errno iio: adc: max9611: Fix too short conversion time delay iio: st_accel: Fix unused variable warning nvme/pci: Fix read queue count nvme/pci: Fix write and poll queue types drm/amd/display: update dispclk and dppclk vco frequency drm/amd/display: Reset steer fifo before unblanking the stream drm/amd/display: Change the delay time before enabling FEC drm/amd/display: Fixed kernel panic when booting with DP-to-HDMI dongle drm/amd/display: Map DSC resources 1-to-1 if numbers of OPPs and DSCs are equal drm/amdgpu: add cache flush workaround to gfx8 emit_fence drm/amdgpu: add header line for power profile on Arcturus drm/amdgpu: add check before enabling/disabling broadcast mode nvme-fc: fix double-free scenarios on hw queues nvme_fc: add module to ops template to allow module references drm/mcde: dsi: Fix invalid pointer dereference if panel cannot be found ANDROID: update kernel ABI representation BACKPORT: perf_event: Add support for LSM and SELinux checks ANDROID: Update ABI representation ANDROID: GKI: clk: Don't disable unused clocks with sync state support ANDROID: GKI: clk: Add support for clock providers with sync state ANDROID: GKI: driver core: Add dev_has_sync_state() ANDROID: sdcardfs: fix -ENOENT lookup race issue CHROMIUM: cgroups: relax permissions on moving tasks between cgroups UPSTREAM: selinux: sidtab reverse lookup hash table ANDROID: update abi for 5.4.8 release Conflicts: Documentation/devicetree/bindings Documentation/devicetree/bindings/clock/renesas,rcar-usb2-clock-sel.txt arch/arm64/mm/mmu.c include/linux/clk-provider.h Change-Id: I668e3fd58b4ad5db037f700b66f89cdf845094b5 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
2b9f49ee80 |
Merge android-5.4.8 (de197c5) into msm-5.4
* refs/heads/tmp-de197c5:
Linux 5.4.8
mm/hugetlbfs: fix for_each_hstate() loop in init_hugetlbfs_fs()
mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround
mmc: sdhci-of-esdhc: fix up erratum A-008171 workaround
vhost/vsock: accept only packets with the right dst_cid
net: ena: fix napi handler misbehavior when the napi budget is zero
net: phylink: fix interface passed to mac_link_up
ipv6/addrconf: only check invalid header values when NETLINK_F_STRICT_CHK is set
bnxt: apply computed clamp value for coalece parameter
gtp: do not allow adding duplicate tid and ms_addr pdp context
gtp: fix an use-after-free in ipv4_pdp_find()
hv_netvsc: Fix tx_table init in rndis_set_subchannel()
tcp/dccp: fix possible race __inet_lookup_established()
tcp: do not send empty skb from tcp_write_xmit()
bonding: fix active-backup transition after link failure
gtp: avoid zero size hashtable
gtp: fix wrong condition in gtp_genl_dump_pdp()
net: marvell: mvpp2: phylink requires the link interrupt
net: dsa: sja1105: Reconcile the meaning of TPID and TPID2 for E/T and P/Q/R/S
net/dst: do not confirm neighbor for vxlan and geneve pmtu update
sit: do not confirm neighbor when do pmtu update
vti: do not confirm neighbor when do pmtu update
tunnel: do not confirm neighbor when do pmtu update
net/dst: add new function skb_dst_update_pmtu_no_confirm
gtp: do not confirm neighbor when do pmtu update
ip6_gre: do not confirm neighbor when do pmtu update
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
mlxsw: spectrum: Use dedicated policer for VRRP packets
mlxsw: spectrum_router: Skip loopback RIFs during MAC validation
bnxt_en: Add missing devlink health reporters for VFs.
bnxt_en: Fix the logic that creates the health reporters.
bnxt_en: Remove unnecessary NULL checks for fw_health
bnxt_en: Fix bp->fw_health allocation and free logic.
bnxt_en: Return error if FW returns more data than dump length
bnxt_en: Free context memory in the open path if firmware has been reset.
bnxt_en: Fix MSIX request logic for RDMA driver.
udp: fix integer overflow while computing available space in sk_rcvbuf
tcp: Fix highest_sack and highest_sack_seq
ptp: fix the race between the release of ptp_clock and cdev
net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
net_sched: sch_fq: properly set sk->sk_pacing_status
net/sched: add delete_empty() to filters and use it in cls_flower
net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device
net: phy: aquantia: add suspend / resume ops for AQR105
net/mlxfw: Fix out-of-memory error in mfa2 flash burning
net: dsa: bcm_sf2: Fix IP fragment location and behavior
cxgb4/cxgb4vf: fix flow control display for auto negotiation
xfs: fix mount failure crash on invalid iclog memory access
drm: limit to INT_MAX in create_blob ioctl
uaccess: disallow > INT_MAX copy sizes
tomoyo: Don't use nifty names on sockets.
hrtimer: Annotate lockless access to timer->state
net: icmp: fix data-race in cmp_global_allow()
net: add a READ_ONCE() in skb_peek_tail()
inetpeer: fix data-race in inet_putpeer / inet_putpeer
netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
net/smc: add fallback check to connect()
powerpc: Fix __clear_user() with KUAP enabled
6pack,mkiss: fix possible deadlock
netfilter: ebtables: compat: reject all padding in matches/watchers
Revert "iwlwifi: assign directly to iwl_trans->cfg in QuZ detection"
md: make sure desc_nr less than MD_SB_DISKS
sctp: fix err handling of stream initialization
Revert "powerpc/vcpu: Assume dedicated processors as non-preempt"
userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK
kernel: sysctl: make drop_caches write-only
mm/hugetlbfs: fix error handling when setting up mounts
selftests: vm: add fragment CONFIG_TEST_VMALLOC
s390: disable preemption when switching to nodat stack with CALL_ON_STACK
mailbox: imx: Fix Tx doorbell shutdown path
ocfs2: fix passing zero to 'PTR_ERR' warning
s390/cpum_sf: Check for SDBT and SDB consistency
s390/unwind: filter out unreliable bogus %r14
libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
mailbox: imx: Clear the right interrupts at shutdown
s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR
perf regs: Make perf_reg_name() return "unknown" instead of NULL
perf script: Fix brstackinsn for AUXTRACE
perf diff: Use llabs() with 64-bit values
cifs: move cifsFileInfo_put logic into a work-queue
cdrom: respect device capabilities during opening action
of: unittest: fix memory leak in attach_node_and_children
io_uring: io_allocate_scq_urings() should return a sane state
um: virtio: Keep reading on -EAGAIN
cifs: Fix use-after-free bug in cifs_reconnect()
powerpc: Don't add -mabi= flags when building with Clang
scripts/kallsyms: fix definitely-lost memory leak
drm/amdgpu: Call find_vma under mmap_sem
apparmor: fix unsigned len comparison with less than zero
Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic
tools/power/x86/intel-speed-select: Ignore missing config level
gpio: lynxpoint: Setup correct IRQ handlers
gpio: mpc8xxx: Don't overwrite default irq_set_type callback
platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support to intel_pmc_core driver
platform/x86: intel_pmc_core: Fix the SoC naming inconsistency
gpio/mpc8xxx: fix qoriq GPIO reading
habanalabs: skip VA block list update in reset flow
f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
scsi: target: iscsi: Wait for all commands to finish before freeing a session
scsi: iscsi: Don't send data to unbound connection
scsi: ufs: Fix up auto hibern8 enablement
scsi: target: core: Release SPC-2 reservations when closing a session
scsi: NCR5380: Add disconnect_mask module parameter
scsi: scsi_debug: num_tgts must be >= 0
scsi: ufs: Fix error handing during hibern8 enter
scsi: pm80xx: Fix for SATA device discovery
powerpc/fixmap: Use __fix_to_virt() instead of fix_to_virt()
watchdog: Fix the race between the release of watchdog_core_data and cdev
watchdog: prevent deferral of watchdogd wakeup on RT
watchdog: imx7ulp: Fix reboot hang
HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device
HID: Improve Windows Precision Touchpad detection.
libnvdimm/btt: fix variable 'rc' set but not used
ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening
HID: i2c-hid: fix no irq after reset on raydium 3118
HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
dt-bindings: Improve validation build error handling
HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse
bcache: at least try to shrink 1 node in bch_mca_scan()
clk: pxa: fix one of the pxa RTC clocks
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
powerpc/book3s/mm: Update Oops message to print the correct translation in use
powerpc/eeh: differentiate duplicate detection message
powerpc/security: Fix wrong message when RFI Flush is disable
PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info
PCI: rpaphp: Annotate and correctly byte swap DRC properties
PCI: rpaphp: Don't rely on firmware feature to imply drc-info support
powerpc/pseries/cmm: Implement release() function for sysfs device
scsi: ufs: fix potential bug which ends in system hang
PCI: rpaphp: Fix up pointer to first drc-info entry
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
Input: ili210x - handle errors from input_mt_init_slots()
iomap: fix return value of iomap_dio_bio_actor on 32bit systems
i2c: stm32f7: fix & reorder remove & probe error handling
iommu/arm-smmu-v3: Don't display an error when IRQ lines are missing
fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
dma-direct: check for overflows on 32 bit DMA addresses
irqchip: ingenic: Error out if IRQ domain creation failed
irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
clk: clk-gpio: propagate rate change to parent
clk: qcom: Allow constant ratio freq tables for rcg
clk: qcom: smd: Add missing pnoc clock
f2fs: fix to update dir's i_pino during cross_rename
scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
scsi: lpfc: Fix unexpected error messages during RSCN handling
scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
jbd2: Fix statistics for the number of logged blocks
ext4: iomap that extends beyond EOF should be marked dirty
ext4: update direct I/O read lock pattern for IOCB_NOWAIT
powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
powerpc/security/book3s64: Report L1TF status in sysfs
selftests/powerpc: Skip tm-signal-sigreturn-nt if TM not available
dtc: Use pkg-config to locate libyaml
clocksource/drivers/timer-of: Use unique device name instead of timer
clocksource/drivers/asm9260: Add a check for of_clk_get
leds: trigger: netdev: fix handling on interface rename
leds: an30259a: add a check for devm_regmap_init_i2c
leds: lm3692x: Handle failure to probe the regulator
dmaengine: fsl-qdma: Handle invalid qdma-queue0 IRQ
dma-mapping: fix handling of dma-ranges for reserved memory (again)
dma-mapping: Add vmap checks to dma_map_single()
dma-debug: add a schedule point in debug_dma_dump_mappings()
powerpc/tools: Don't quote $objdump in scripts
selftests/powerpc: Fixup clobbers for TM tests
Input: st1232 - do not reset the chip too early
powerpc/pseries: Don't fail hash page table insert for bolted mapping
powerpc/pseries: Mark accumulate_stolen_time() as notrace
scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails
scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
scsi: csiostor: Don't enable IRQs too early
scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
scsi: lpfc: Fix hardlockup in lpfc_abort_handler
scsi: target: compare full CHAP_A Algorithm strings
dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset
iommu/tegra-smmu: Fix page tables in > 4 GiB memory
iommu: rockchip: Free domain on .domain_free
platform/x86: peaq-wmi: switch to using polled mode of input devices
tools/power/x86/intel-speed-select: Remove warning for unused result
powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_{get, set}
f2fs: fix to update time in lazytime mode
Input: atmel_mxt_ts - disable IRQ across suspend
scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq
gpio: mxc: Only get the second IRQ when there is more than one IRQ
scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA
scsi: lpfc: Fix locking on mailbox command completion
scsi: mpt3sas: Fix clear pending bit in ioctl status
scsi: lpfc: Fix discovery failures when target device connectivity bounces
scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd()
Revert "MIPS: futex: Emit Loongson3 sync workarounds within asm"
Revert "MIPS: futex: Restore \n after sync instructions"
UPSTREAM: exit: panic before exit_mm() on global init exit
ANDROID: serdev: Fix platform device support
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/Makefile
kernel/time/hrtimer.c
Change-Id: I271162549a080e2b747572f5c87cfd8fa111da51
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
ce5de62e20 |
This is the 5.4.24 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5hHjgACgkQONu9yGCS aT6CSBAA0c16mnDb59jgmW/sBj/p/MrlD/WJzLriqiKN5BUsPt9++I5mNj8mG+d2 Glm4086e8L826zv8oKiZm23xk93on+78ExhVFVZvZNaEUpiRNYCGSuDq2NrHW0z+ kpagkAFLfCUZFoKtmWo+bpl0YtF4dd/fg7+EjyL6qT1DBs8NVMwZx7i/v0xXv7Wc 0vsGCLYoBLzcW1FB2d9cfAUPCBuGEzL/7TdifNOXRgI9owGsZndFJgXgIzoBUt/P tqB8RLjIupCiMEPtsEAZ/rgEQLPFkb3yrBvgjd1wDI8bHUIQU0clqThKVNvmNSmv UTBSNgPAhkP8nZG7X9xCkyfEsUefejBJy66da9n4XTGGrXf9ga0BL0nNrOGwOesr m+tNnBSFsbFCMqFopQnt4zZSnaf67AOk2mzxbEu4E+sStyW943aDO9MoRRFgaYGH pfie3qOKtKta2MuNTJA+q6F0W9H+V5MtMpwbyuy1/dp2eVln2wewBBMvXYdL1YOy E/Z87nsQgalsDynz9m/niv32J4JAxHptyOyROkktDLBSzL5RawNn+Op8X5EtmZOe sPkiYicqp9CLmMj13qWXJhtuyNdD4wk6FyyAy6cX9mF44+EZGOBkyNP+n8g789Kn sqFJ7sfTfOnwLBFciMA5PaMTGNWROyWXNkvvUzO+9t0CyFAnT2U= =abGA -----END PGP SIGNATURE----- Merge 5.4.24 into android-5.4 Changes in 5.4.24 io_uring: grab ->fs as part of async offload EDAC: skx_common: downgrade message importance on missing PCI device net: dsa: b53: Ensure the default VID is untagged net: fib_rules: Correctly set table field when table number exceeds 8 bits net: macb: ensure interface is not suspended on at91rm9200 net: mscc: fix in frame extraction net: phy: restore mdio regs in the iproc mdio driver net: sched: correct flower port blocking net/tls: Fix to avoid gettig invalid tls record nfc: pn544: Fix occasional HW initialization failure qede: Fix race between rdma destroy workqueue and link change event Revert "net: dev: introduce support for sch BYPASS for lockless qdisc" udp: rehash on disconnect sctp: move the format error check out of __sctp_sf_do_9_1_abort bnxt_en: Improve device shutdown method. bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs. bonding: add missing netdev_update_lockdep_key() net: export netdev_next_lower_dev_rcu() bonding: fix lockdep warning in bond_get_stats() ipv6: Fix route replacement with dev-only route ipv6: Fix nlmsg_flags when splitting a multipath route ipmi:ssif: Handle a possible NULL pointer reference drm/msm: Set dma maximum segment size for mdss sched/core: Don't skip remote tick for idle CPUs timers/nohz: Update NOHZ load in remote tick sched/fair: Prevent unlimited runtime on throttled group dax: pass NOWAIT flag to iomap_apply mac80211: consider more elements in parsing CRC cfg80211: check wiphy driver existence for drvinfo report s390/zcrypt: fix card and queue total counter wrap qmi_wwan: re-add DW5821e pre-production variant qmi_wwan: unconditionally reject 2 ep interfaces NFSv4: Fix races between open and dentry revalidation perf/smmuv3: Use platform_get_irq_optional() for wired interrupt perf/x86/intel: Add Elkhart Lake support perf/x86/cstate: Add Tremont support perf/x86/msr: Add Tremont support ceph: do not execute direct write in parallel if O_APPEND is specified ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi drm/amd/display: Do not set optimized_require to false after plane disable RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready() drm/amd/display: Check engine is not NULL before acquiring drm/amd/display: Limit minimum DPPCLK to 100MHz. drm/amd/display: Add initialitions for PLL2 clock source amdgpu: Prevent build errors regarding soft/hard-float FP ABI tags soc/tegra: fuse: Fix build with Tegra194 configuration i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps net: ena: fix potential crash when rxfh key is NULL net: ena: fix uses of round_jiffies() net: ena: add missing ethtool TX timestamping indication net: ena: fix incorrect default RSS key net: ena: rss: do not allocate key when not supported net: ena: rss: fix failure to get indirection table net: ena: rss: store hash function as values and not bits net: ena: fix incorrectly saving queue numbers when setting RSS indirection table net: ena: fix corruption of dev_idx_to_host_tbl net: ena: ethtool: use correct value for crc32 hash net: ena: ena-com.c: prevent NULL pointer dereference ice: update Unit Load Status bitmask to check after reset cifs: Fix mode output in debugging statements cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE mac80211: fix wrong 160/80+80 MHz setting net: hns3: add management table after IMP reset net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples() nvme/tcp: fix bug on double requeue when send fails nvme: prevent warning triggered by nvme_stop_keep_alive nvme/pci: move cqe check after device shutdown ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() audit: fix error handling in audit_data_to_entry() audit: always check the netlink payload length in audit_receive_msg() ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro ACPI: watchdog: Fix gas->access_width usage KVM: VMX: check descriptor table exits on instruction emulation HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock HID: core: fix off-by-one memset in hid_report_raw_event() HID: core: increase HID report buffer size to 8KiB drm/amdgpu: Drop DRIVER_USE_AGP drm/radeon: Inline drm_get_pci_dev macintosh: therm_windtunnel: fix regression when instantiating devices tracing: Disable trace_printk() on post poned tests Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" amdgpu/gmc_v9: save/restore sdpif regs during S3 cpufreq: Fix policy initialization for internal governor drivers io_uring: fix 32-bit compatability with sendmsg/recvmsg netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports net/smc: transfer fasync_list in case of fallback vhost: Check docket sk_family instead of call getname netfilter: ipset: Fix forceadd evaluation path netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put() HID: alps: Fix an error handling path in 'alps_input_configured()' HID: hiddev: Fix race in in hiddev_disconnect() MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()' i2c: altera: Fix potential integer overflow i2c: jz4780: silence log flood on txabrt drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime drm/i915/gvt: Separate display reset from ALL_ENGINES reset nl80211: fix potential leak in AP start mac80211: Remove a redundant mutex unlock kbuild: fix DT binding schema rule to detect command line changes hv_netvsc: Fix unwanted wakeup in netvsc_attach() usb: charger: assign specific number for enum value nvme-pci: Hold cq_poll_lock while completing CQEs s390/qeth: vnicc Fix EOPNOTSUPP precedence net: netlink: cap max groups which will be considered in netlink_bind() net: atlantic: fix use after free kasan warn net: atlantic: fix potential error handling net: atlantic: fix out of range usage of active_vlans array net/smc: no peer ID in CLC decline for SMCD net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE selftests: Install settings files to fix TIMEOUT failures kbuild: remove header compile test kbuild: move headers_check rule to usr/include/Makefile kbuild: remove unneeded variable, single-all kbuild: make single target builds even faster namei: only return -ECHILD from follow_dotdot_rcu() mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() mwifiex: delete unused mwifiex_get_intf_num() KVM: SVM: Override default MMIO mask if memory encryption is enabled KVM: Check for a bad hva before dropping into the ghc slow path sched/fair: Optimize select_idle_cpu f2fs: fix to add swap extent correctly RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs RDMA/hns: Bugfix for posting a wqe with sge drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()' ima: ima/lsm policy rule loading logic bug fixes kprobes: Set unoptimized flag after unoptimizing code lib/vdso: Make __arch_update_vdso_data() logic understandable lib/vdso: Update coarse timekeeper unconditionally pwm: omap-dmtimer: put_device() after of_find_device_by_node() perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc perf ui gtk: Add missing zalloc object x86/resctrl: Check monitoring static key in the MBM overflow handler KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path KVM: x86: Remove spurious clearing of async #PF MSR rcu: Allow only one expedited GP to run concurrently with wakeups ubifs: Fix ino_t format warnings in orphan_delete() thermal: db8500: Depromote debug print thermal: brcmstb_thermal: Do not use DT coefficients netfilter: nft_tunnel: no need to call htons() when dumping ports netfilter: nf_flowtable: fix documentation bus: tegra-aconnect: Remove PM_CLK dependency xfs: clear kernel only flags in XFS_IOC_ATTRMULTI_BY_HANDLE locking/lockdep: Fix lockdep_stats indentation problem mm/debug.c: always print flags in dump_page() mm/gup: allow FOLL_FORCE for get_user_pages_fast() mm/huge_memory.c: use head to check huge zero page mm, thp: fix defrag setting if newline is not used kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field kvm: nVMX: VMWRITE checks unsupported field before read-only field blktrace: Protect q->blk_trace with RCU Linux 5.4.24 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I0b31557e16c72bd30d1e6938ed199918ff326d88 |
||
Janne Karhunen
|
e8807eb1e6 |
ima: ima/lsm policy rule loading logic bug fixes
commit 483ec26eed42bf050931d9a5c5f9f0b5f2ad5f3b upstream.
Keep the ima policy rules around from the beginning even if they appear
invalid at the time of loading, as they may become active after an lsm
policy load. However, loading a custom IMA policy with unknown LSM
labels is only safe after we have transitioned from the "built-in"
policy rules to a custom IMA policy.
Patch also fixes the rule re-use during the lsm policy reload and makes
some prints a bit more human readable.
Changelog:
v4:
- Do not allow the initial policy load refer to non-existing lsm rules.
v3:
- Fix too wide policy rule matching for non-initialized LSMs
v2:
- Fix log prints
Fixes:
|
||
|
Greg Kroah-Hartman
|
835bd1de9c |
This is the 5.4.22 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5TfSAACgkQONu9yGCS
aT4I8w//SU+w9Tj8Crpt1BI7Lk2AiTGvyZtX0wGd53vzFKGy+Wi1Oba1ybB+xyYw
UgMJJpoOgp9gTatRgjDl0vO/7U7vZckigPpog3pSW+xq2JW0kTWGS2z04hUjWKkG
W4l3sAGwHRv7MTBbpjECDSHv+6x6ZqlWcVodpkHqLNmGxR0mYuiB6Zu8QuCu1bl0
K0SAlt+yd0laUt2bU3wpEqBwGXHepz+IqsqcYp78sAeytT8ds9ZfPxKv98CvLlXs
VLVr87UqZy3Hkl6IWKGrmdhWbTZE+3AyjKnxlA8PovA0ET5xO/IFPLHVhVX+or+5
UFp/1qvacr+EIu8CKvftc2n1CflaRXIn/QNpwdemh94mi/2TqiXiqAUu1EiW56vg
/PUH8G72Q26AiWSmD3WRr09ohTu4hfz6fIDKV60qmdVe4AUffLw0SnBEE0VFA3/S
lVKZeXKkePeMlHcTyRDQ6+/y49yjfq2exdrjetypOwRa1emHxj/YsfdnEWYfwT53
sikMLjP4XA7v5rsDr9LJTwQL/V/7euu1Hr3lSGpRv8vmePprvfmivTLcY5tgvOTC
GZ51Em+CxJ+W4vCJKHuM7i0nUvf2Knn5lBidq4KsvLRUuZ31mSXSfSn4bW6Gl/Jm
RZPDC71MqT/FMtfuQLlVNqIw2umC1buNa5SwZ8GhJG6za4gU4FU=
=L+e0
-----END PGP SIGNATURE-----
Merge 5.4.22 into android-5.4
Changes in 5.4.22
core: Don't skip generic XDP program execution for cloned SKBs
enic: prevent waking up stopped tx queues over watchdog reset
net/smc: fix leak of kernel memory to user space
net: dsa: tag_qca: Make sure there is headroom for tag
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
drm/gma500: Fixup fbdev stolen size usage evaluation
ath10k: Fix qmi init error handling
wil6210: fix break that is never reached because of zero'ing of a retry counter
drm/qxl: Complete exception handling in qxl_device_init()
rcu/nocb: Fix dump_tree hierarchy print always active
rcu: Fix missed wakeup of exp_wq waiters
rcu: Fix data-race due to atomic_t copy-by-value
f2fs: preallocate DIO blocks when forcing buffered_io
f2fs: call f2fs_balance_fs outside of locked page
media: meson: add missing allocation failure check on new_buf
clk: meson: pll: Fix by 0 division in __pll_params_to_rate()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev()
brcmfmac: Fix use after free in brcmf_sdio_readframes()
PCI: Fix pci_add_dma_alias() bitmask size
drm/amd/display: Map ODM memory correctly when doing ODM combine
leds: pca963x: Fix open-drain initialization
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
ALSA: ctl: allow TLV read operation for callback type of element in locked case
gianfar: Fix TX timestamping with a stacked DSA driver
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
printk: fix exclusive_console replaying
drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank()
drm/msm/adreno: fix zap vs no-zap handling
pxa168fb: Fix the function used to release some memory in an error handling path
media: ov5640: Fix check for PLL1 exceeding max allowed rate
media: i2c: mt9v032: fix enum mbus codes and frame sizes
media: sun4i-csi: Deal with DRAM offset
media: sun4i-csi: Fix data sampling polarity handling
media: sun4i-csi: Fix [HV]sync polarity handling
clk: at91: sam9x60: fix programmable clock prescaler
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
clk: meson: meson8b: make the CCF use the glitch-free mali mux
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
iommu/vt-d: Fix off-by-one in PASID allocation
x86/fpu: Deactivate FPU state after failure during state load
char/random: silence a lockdep splat with printk()
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
kernel/module: Fix memleak in module_add_modinfo_attrs()
IB/core: Let IB core distribute cache update events
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
efi/x86: Map the entire EFI vendor string before copying it
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
sparc: Add .exit.data section.
net: ethernet: ixp4xx: Standard module init
raid6/test: fix a compilation error
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
drm/amdgpu/sriov: workaround on rev_id for Navi12 under sriov
spi: fsl-lpspi: fix only one cs-gpio working
drm/nouveau/nouveau: fix incorrect sizeof on args.src an args.dst
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
usb: dwc2: Fix IN FIFO allocation
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
drm/amd/display: Clear state after exiting fixed active VRR state
kselftest: Minimise dependency of get_size on C library interfaces
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
ext4: fix deadlock allocating bio_post_read_ctx from mempool
clk: ti: dra7: fix parent for gmac_clkctrl
x86/sysfb: Fix check for bad VRAM size
pwm: omap-dmtimer: Simplify error handling
udf: Allow writing to 'Rewritable' partitions
dmaengine: fsl-qdma: fix duplicated argument to &&
wan/hdlc_x25: fix skb handling
s390/pci: Fix possible deadlock in recover_store()
powerpc/iov: Move VF pdev fixup into pcibios_fixup_iov()
tracing: Fix tracing_stat return values in error handling paths
tracing: Fix very unlikely race of registering two stat tracers
ARM: 8952/1: Disable kmemleak on XIP kernels
ext4, jbd2: ensure panic when aborting with zero errno
ath10k: Correct the DMA direction for management tx buffers
rtw88: fix rate mask for 1SS chip
brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362
selftests: settings: tests can be in subsubdirs
rtc: i2c/spi: Avoid inclusion of REGMAP support when not needed
drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
tracing: Simplify assignment parsing for hist triggers
nbd: add a flush_workqueue in nbd_start_device
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
Btrfs: keep pages dirty when using btrfs_writepage_fixup_worker
drivers/block/zram/zram_drv.c: fix error return codes not being returned in writeback_store
block, bfq: do not plug I/O for bfq_queues with no proc refs
kconfig: fix broken dependency in randconfig-generated .config
clk: qcom: Don't overwrite 'cfg' in clk_rcg2_dfs_populate_freq()
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
drm/amdkfd: Fix a bug in SDMA RLC queue counting under HWS mode
bpf, sockhash: Synchronize_rcu before free'ing map
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
ath10k: correct the tlv len of ath10k_wmi_tlv_op_gen_config_pno_start
drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG
drm/panel: simple: Add Logic PD Type 28 display support
arm64: dts: rockchip: Fix NanoPC-T4 cooling maps
modules: lockdep: Suppress suspicious RCU usage warning
ASoC: intel: sof_rt5682: Add quirk for number of HDMI DAI's
ASoC: intel: sof_rt5682: Add support for tgl-max98357a-rt5682
regulator: rk808: Lower log level on optional GPIOs being not available
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
arm64: dts: allwinner: H6: Add PMU mode
arm64: dts: allwinner: H5: Add PMU node
arm: dts: allwinner: H3: Add PMU node
opp: Free static OPPs on errors while adding them
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
padata: validate cpumask without removed CPU during offline
clk: imx: Add correct failure handling for clk based helpers
ARM: exynos_defconfig: Bring back explicitly wanted options
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed
bus: ti-sysc: Implement quirk handling for CLKDM_NOAUTO
PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in
media: cx23885: Add support for AVerMedia CE310B
PCI: Add generic quirk for increasing D3hot delay
PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers
Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace"
gpu/drm: ingenic: Avoid null pointer deference in plane atomic update
selftests/net: make so_txtime more robust to timer variance
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
samples/bpf: Set -fno-stack-protector when building BPF programs
r8169: check that Realtek PHY driver module is loaded
fore200e: Fix incorrect checks of NULL pointer dereference
netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
PCI: Add nr_devfns parameter to pci_add_dma_alias()
PCI: Add DMA alias quirk for PLX PEX NTB
b43legacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
rtlwifi: rtl_pci: Fix -Wcast-function-type
orinoco: avoid assertion in case of NULL pointer
drm/amdgpu: fix KIQ ring test fail in TDR of SRIOV
clk: qcom: smd: Add missing bimc clock
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
nfsd: Clone should commit src file metadata too
scsi: ufs: Complete pending requests in host reset and restore path
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
crypto: inside-secure - add unspecified HAS_IOMEM dependency
drm/mediatek: handle events when enabling/disabling crtc
clk: renesas: rcar-gen3: Allow changing the RPC[D2] clocks
ARM: dts: r8a7779: Add device node for ARM global timer
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration
arm64: dts: qcom: db845c: Enable ath10k 8bit host-cap quirk
iommu/amd: Check feature support bit before accessing MSI capability registers
iommu/amd: Only support x2APIC with IVHD type 11h/40h
iommu/iova: Silence warnings under memory pressure
clk: actually call the clock init before any other callback of the clock
dmaengine: Store module owner in dma_device struct
dmaengine: imx-sdma: Fix memory leak
bpf: Print error message for bpftool cgroup show
net: phy: realtek: add logging for the RGMII TX delay configuration
crypto: chtls - Fixed memory leak
x86/vdso: Provide missing include file
PM / devfreq: exynos-ppmu: Fix excessive stack usage
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
drm/fbdev: Fallback to non tiled mode if all tiles not present
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
reset: uniphier: Add SCSSI reset control for each channel
ASoC: soc-topology: fix endianness issues
fbdev: fix numbering of fbcon options
RDMA/rxe: Fix error type of mmap_offset
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
ALSA: sh: Fix unused variable warnings
clk: Use parent node pointer during registration if necessary
clk: uniphier: Add SCSSI clock gate for each channel
ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too
ALSA: sh: Fix compile warning wrt const
net: phy: fixed_phy: fix use-after-free when checking link GPIO
tools lib api fs: Fix gcc9 stringop-truncation compilation error
vfio/spapr/nvlink2: Skip unpinning pages on error exit
ASoC: Intel: sof_rt5682: Ignore the speaker amp when there isn't one.
ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch
iommu/vt-d: Match CPU and IOMMU paging mode
iommu/vt-d: Avoid sending invalid page response
drm/amdkfd: Fix permissions of hang_hws
mlx5: work around high stack usage with gcc
RDMA/hns: Avoid printing address of mtt page
drm: remove the newline for CRC source name.
usb: dwc3: use proper initializers for property entries
ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco
usbip: Fix unsafe unaligned pointer usage
udf: Fix free space reporting for metadata and virtual partitions
drm/mediatek: Add gamma property according to hardware capability
staging: rtl8188: avoid excessive stack usage
IB/hfi1: Add software counter for ctxt0 seq drop
IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
efi/x86: Don't panic or BUG() on non-critical error conditions
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
Input: edt-ft5x06 - work around first register access error
bnxt: Detach page from page pool before sending up the stack
x86/nmi: Remove irq_work from the long duration NMI handler
wan: ixp4xx_hss: fix compile-testing on 64-bit
clocksource: davinci: only enable clockevents once tim34 is initialized
arm64: dts: rockchip: fix dwmmc clock name for px30
arm64: dts: rockchip: add reg property to brcmf sub-nodes
ARM: dts: rockchip: add reg property to brcmf sub node for rk3188-bqedison2qc
ALSA: usb-audio: Add boot quirk for MOTU M Series
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
raid6/test: fix a compilation warning
tty: synclinkmp: Adjust indentation in several functions
tty: synclink_gt: Adjust indentation in several functions
misc: xilinx_sdfec: fix xsdfec_poll()'s return type
visorbus: fix uninitialized variable access
driver core: platform: Prevent resouce overflow from causing infinite loops
driver core: Print device when resources present in really_probe()
ASoC: SOF: Intel: hda-dai: fix compilation warning in pcm_prepare
bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map
vme: bridges: reduce stack usage
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/drm/ttm: Remove set but not used variable 'mem'
drm/nouveau/fault/gv100-: fix memory leak on module unload
dm thin: don't allow changing data device during thin-pool reload
gpiolib: Set lockdep class for hierarchical irq domains
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
perf/imx_ddr: Fix cpu hotplug state cleanup
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
kbuild: remove *.tmp file when filechk fails
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
ALSA: usb-audio: unlock on error in probe
f2fs: set I_LINKABLE early to avoid wrong access by vfs
f2fs: free sysfs kobject
scsi: ufs: pass device information to apply_dev_quirks
scsi: ufs-mediatek: add apply_dev_quirks variant operation
scsi: iscsi: Don't destroy session if there are outstanding connections
crypto: essiv - fix AEAD capitalization and preposition use in help text
ALSA: usb-audio: add implicit fb quirk for MOTU M Series
RDMA/mlx5: Don't fake udata for kernel path
arm64: lse: fix LSE atomics with LLVM's integrated assembler
arm64: fix alternatives with LLVM's integrated assembler
drm/amd/display: fixup DML dependencies
EDAC/sifive: Fix return value check in ecc_register()
KVM: PPC: Remove set but not used variable 'ra', 'rs', 'rt'
arm64: dts: ti: k3-j721e-main: Add missing power-domains for smmu
sched/core: Fix size of rq::uclamp initialization
sched/topology: Assert non-NUMA topology masks don't (partially) overlap
perf/x86/amd: Constrain Large Increment per Cycle events
watchdog/softlockup: Enforce that timestamp is valid on boot
debugobjects: Fix various data races
ASoC: SOF: Intel: hda: Fix SKL dai count
regulator: vctrl-regulator: Avoid deadlock getting and setting the voltage
f2fs: fix memleak of kobject
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
cmd64x: potential buffer overflow in cmd64x_program_timings()
ide: serverworks: potential overflow in svwks_set_pio_mode()
pwm: Remove set but not set variable 'pwm'
btrfs: fix possible NULL-pointer dereference in integrity checks
btrfs: safely advance counter when looking up bio csums
btrfs: device stats, log when stats are zeroed
module: avoid setting info->name early in case we can fall back to info->mod->name
remoteproc: Initialize rproc_class before use
regulator: core: Fix exported symbols to the exported GPL version
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
spi: spi-fsl-qspi: Ensure width is respected in spi-mem operations
kbuild: use -S instead of -E for precise cc-option test in Kconfig
objtool: Fix ARCH=x86_64 build error
x86/decoder: Add TEST opcode to Group3-2
s390: adjust -mpacked-stack support check for clang 10
s390/ftrace: generate traced function stack frame
driver core: platform: fix u32 greater or equal to zero comparison
bpf, btf: Always output invariant hit in pahole DWARF to BTF transform
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
sunrpc: Fix potential leaks in sunrpc_cache_unhash()
drm/nouveau/mmu: fix comptag memory leak
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
media: uvcvideo: Add a quirk to force GEO GC6500 Camera bits-per-pixel value
btrfs: separate definition of assertion failure handlers
btrfs: Fix split-brain handling when changing FSID to metadata uuid
bcache: cached_dev_free needs to put the sb page
bcache: rework error unwinding in register_bcache
bcache: fix use-after-free in register_bcache()
iommu/vt-d: Remove unnecessary WARN_ON_ONCE()
alarmtimer: Make alarmtimer platform device child of RTC device
selftests: bpf: Reset global state between reuseport test runs
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
powerpc/pseries/lparcfg: Fix display of Maximum Memory
selftests/eeh: Bump EEH wait time to 60s
ARM: 8951/1: Fix Kexec compilation issue.
ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82
hostap: Adjust indentation in prism2_hostapd_add_sta
rtw88: fix potential NULL skb access in TX ISR
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
cifs: fix unitialized variable poential problem with network I/O cache lock patch
cifs: Fix mount options set in automount
cifs: fix NULL dereference in match_prepath
bpf: map_seq_next should always increase position index
powerpc/mm: Don't log user reads to 0xffffffff
ceph: check availability of mds cluster on mount after wait timeout
rbd: work around -Wuninitialized warning
drm/amd/display: do not allocate display_mode_lib unnecessarily
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
char: hpet: Fix out-of-bounds read bug
ftrace: fpid_next() should increase position index
trigger_next should increase position index
radeon: insert 10ms sleep in dce5_crtc_load_lut
powerpc: Do not consider weak unresolved symbol relocations as bad
btrfs: do not do delalloc reservation under page lock
ocfs2: make local header paths relative to C files
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
bcache: fix memory corruption in bch_cache_accounting_clear()
bcache: explicity type cast in bset_bkey_last()
bcache: fix incorrect data type usage in btree_flush_write()
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
nvmet: Pass lockdep expression to RCU lists
nvme-pci: remove nvmeq->tags
iwlwifi: mvm: Fix thermal zone registration
iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta()
asm-generic/tlb: add missing CONFIG symbol
microblaze: Prevent the overflow of the start
brd: check and limit max_part par
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage
NFS: Fix memory leaks
help_next should increase position index
i40e: Relax i40e_xsk_wakeup's return value when PF is busy
cifs: log warning message (once) if out of disk space
virtio_balloon: prevent pfn array overflow
fuse: don't overflow LLONG_MAX with end offset
mlxsw: spectrum_dpipe: Add missing error path
s390/pci: Recover handle in clp_set_pci_fn()
drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2)
bcache: properly initialize 'path' and 'err' in register_bcache()
rtc: Kconfig: select REGMAP_I2C when necessary
Linux 5.4.22
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iaeb3945493ecc81a0ae90ef87b19ceb2caf48164
|
||
Jaihind Yadav
|
111749fba9 |
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
[ Upstream commit 030b995ad9ece9fa2d218af4429c1c78c2342096 ]
In AVC update we don't call avc_node_kill() when avc_xperms_populate()
fails, resulting in the avc->avc_cache.active_nodes counter having a
false value. In last patch this changes was missed , so correcting it.
Fixes:
|
||
|
Paul Moore
|
0e44cd879b |
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
[ Upstream commit d8db60cb23e49a92cf8cada3297395c7fa50fdf8 ]
Fix avc_insert() to call avc_node_kill() if we've already allocated
an AVC node and the code fails to insert the node in the cache.
Fixes:
|
||
|
Greg Kroah-Hartman
|
e736cc6873 |
This is the 5.4.20 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5HElwACgkQONu9yGCS aT6GQBAAxBLl+L518k3/Jm7Fv5VGFtfk7QIJmLKSdI58Gj7aLib2CulB5dJpHu0Z uOJXEUKQoUC739MjS6IgrAUoee/GTgyeOS1gyI49IBVvrBgjQop/3FJ4Oe4EF6Wj aEy7xA1k1MRUM4XWy3PiMvIuaxWNWoEn22DS703adOKPEx2yS0sPtAf6RRRpzxW+ oWR9aJv5y+wKRi7frRvTJ8juQoeo67XHNQWBybv7v+th7KqF33EYk/faLJqTbqNd caJAG+DuGsu/oLcwlWEE5CZ8rP5OAOh12505J9XG5uXoqA2BrQFCTLW6okG1PUNI I+GugtMKWwOSP8dHkfq/jPKInG3H+mCwVW3wWzKfWBJwIi4NWokYK31SQty1BNBe if9ytUT97ykgkovVjVbu+X+wMnEes2JMrVyBAzY2cOK01KD2PUR/cLdZZXTil4A0 rEKXd+tJRN7+ko+z4EJRdstzNtB030tDeEUmwJSIlJoWPRROk69it8d4/OFXe+/u Le4T4V6w22tcP0H/2CtDSwTntDbjNoXWpTGzqp2HO0urObqZyX99leyCI8Ee9sRz 00B6ykAOnOMPdLmAGmpBXnhKRK89VlnfG5A/d609km4EPJuKZyX9KS6tZSwpJIAd 3W9FWaNyr8Z79BDJyeK0ftS5BD/WNGDLux7lylLzMsPAmF7YNsI= =Zp/p -----END PGP SIGNATURE----- Merge 5.4.20 into android-5.4 Changes in 5.4.20 ASoC: pcm: update FE/BE trigger order based on the command hv_sock: Remove the accept port restriction IB/mlx4: Fix memory leak in add_gid error flow IB/srp: Never use immediate data if it is disabled by a user IB/mlx4: Fix leak in id_map_find_del RDMA/netlink: Do not always generate an ACK for some netlink operations RDMA/i40iw: fix a potential NULL pointer dereference RDMA/core: Fix locking in ib_uverbs_event_read RDMA/uverbs: Verify MR access flags RDMA/cma: Fix unbalanced cm_id reference count during address resolve RDMA/umem: Fix ib_umem_find_best_pgsz() scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails PCI/IOV: Fix memory leak in pci_iov_add_virtfn() ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe PCI/switchtec: Use dma_set_mask_and_coherent() PCI/switchtec: Fix vep_vector_number ioread width PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30 PCI: Don't disable bridge BARs when assigning bus resources PCI/AER: Initialize aer_fifo iwlwifi: mvm: avoid use after free for pmsr request bpftool: Don't crash on missing xlated program instructions bpf, sockmap: Don't sleep while holding RCU lock on tear-down bpf, sockhash: Synchronize_rcu before free'ing map selftests/bpf: Test freeing sockmap/sockhash with a socket in it bpf: Improve bucket_log calculation logic bpf, sockmap: Check update requirements after locking nfs: NFS_SWAP should depend on SWAP NFS: Revalidate the file size on a fatal write error NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() NFS: Fix fix of show_nfs_errors NFSv4: pnfs_roc() must use cred_fscmp() to compare creds NFSv4: try lease recovery on NFS4ERR_EXPIRED NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals x86/boot: Handle malformed SRAT tables during early ACPI parsing rtc: hym8563: Return -EINVAL if the time is known to be invalid rtc: cmos: Stop using shared IRQ watchdog: qcom: Use platform_get_irq_optional() for bark irq ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node platform/x86: intel_mid_powerbtn: Take a copy of ddata arm64: dts: qcom: msm8998: Fix tcsr syscon size arm64: dts: uDPU: fix broken ethernet ARM: dts: at91: Reenable UART TX pull-ups ARM: dts: am43xx: add support for clkout1 clock arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP ARM: dts: at91: sama5d3: fix maximum peripheral clock rates ARM: dts: at91: sama5d3: define clock rate range for tcb1 tools/power/acpi: fix compilation error soc: qcom: rpmhpd: Set 'active_only' for active only power domains Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests" powerpc/ptdump: Fix W+X verification call in mark_rodata_ro() powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA ARM: at91: pm: use SAM9X60 PMC's compatible ARM: at91: pm: use of_device_id array to find the proper shdwc node KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections ARM: 8949/1: mm: mark free_memmap as __init sched/uclamp: Fix a bug in propagating uclamp value in new cgroups arm64: cpufeature: Fix the type of no FP/SIMD capability arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations KVM: arm/arm64: Fix young bit from mmu notifier KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests KVM: arm: Make inject_abt32() inject an external abort instead KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset KVM: arm64: pmu: Fix chained SW_INCR counters KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock mtd: sharpslpart: Fix unsigned comparison to zero crypto: testmgr - don't try to decrypt uninitialized buffers crypto: artpec6 - return correct error code for failed setkey() crypto: atmel-sha - fix error handling when setting hmac key crypto: caam/qi2 - fix typo in algorithm's driver name drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe media: i2c: adv748x: Fix unsafe macros dt-bindings: iio: adc: ad7606: Fix wrong maxItems value bcache: avoid unnecessary btree nodes flushing in btree_flush_write() selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" selinux: fix regression introduced by move_mount(2) syscall pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B regmap: fix writes to non incrementing registers mfd: max77650: Select REGMAP_IRQ in Kconfig clk: meson: g12a: fix missing uart2 in regmap table dmaengine: axi-dmac: add a check for devm_regmap_init_mmio mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held libertas: make lbs_ibss_join_existing() return error code on rates overflow selinux: fall back to ref-walk if audit is required Linux 5.4.20 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I68c0ac72422e279b38324afc91dc52df3eadc0f7 |
||
Stephen Smalley
|
2d8fdc5744 |
selinux: fall back to ref-walk if audit is required
commit 0188d5c025ca8fe756ba3193bd7d150139af5a88 upstream. commit |
||
|
Stephen Smalley
|
875e01dd8a |
selinux: fix regression introduced by move_mount(2) syscall
commit 98aa00345de54b8340dc2ddcd87f446d33387b5e upstream. commit |
||
|
Stephen Smalley
|
3b2e595dfe |
selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"
commit 1a37079c236d55fb31ebbf4b59945dab8ec8764c upstream. This reverts commit |
||
|
Greg Kroah-Hartman
|
87acfa0267 |
This is the 5.4.19 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5Cn6wACgkQONu9yGCS
aT789BAAkpzYCCHEL2aqDpnZQdu1kVua2nywEJCY0WqSM1lWLeU1Lk9EvS6uu99B
nHnIgoAGXR1zQy9rlhpKKt62LvCCM94QWlQRDYYeJxbFPn1ogT2/0vmwN7rqNz4M
Jdszd6gfNKtB3zpZZLJ0KXG8q6YRp5kXOHEzOXNjcVsfKRuNTWWIBV0dMmkCzduQ
Y5e62+d1FnnRFj28R7wjJfXiZSRnIGcMHohcQGXsWZsh2rktYOYsL6G37I9lCBwx
RO7/+qVOT+BImqB5fIxB98JOzOlo6uEVqPgXjMHAAZUzzA4KpOkDBn55m5hA9axf
EG67Ft4vZJc6Q3FTtHdSZZ/x6TBAJ2DUzatpKhCTDB3vlWJ6a+CsTFq3dXj4+bFr
hFuyi0u91VeudmWR8IH5Er8QaNaOq8m72XAwK22fZptZz0ZHl+Bf1QZyEY0L0P2Q
DpT/kmZVgSSDusvMtJOwI8Vr4Ibb8o46kFTQN+PCSs0pbPchEJmInHz0mIypK89N
4YIjcDZZu3WUS13pEsgNAi2FEpwZdn32LYxZg8xTYBtovzuvT1pJUEppiVSMXgKS
8vF6oCAd7pX9Fal5fYklA7gyQENnHBFI+LE+bHwMR/qwreH/3wBTLnhRPsGOxyZI
oj57YDdxZCAwEfXGoWA3Le+60lj6bGuRfmCc4VkodaOxMLb1WrE=
=rUtE
-----END PGP SIGNATURE-----
Merge 5.4.19 into android-5.4
Changes in 5.4.19
sparc32: fix struct ipc64_perm type definition
bnxt_en: Move devlink_register before registering netdev
cls_rsvp: fix rsvp_policy
gtp: use __GFP_NOWARN to avoid memalloc warning
l2tp: Allow duplicate session creation with UDP
net: hsr: fix possible NULL deref in hsr_handle_frame()
net_sched: fix an OOB access in cls_tcindex
net: stmmac: Delete txtimer in suspend()
bnxt_en: Fix TC queue mapping.
rxrpc: Fix use-after-free in rxrpc_put_local()
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix missing active use pinning of rxrpc_local object
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
tcp: clear tp->total_retrans in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
ionic: fix rxq comp packet type mask
MAINTAINERS: correct entries for ISDN/mISDN section
netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init()
bnxt_en: Fix logic that disables Bus Master during firmware reset.
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
mfd: dln2: More sanity checking for endpoints
netfilter: ipset: fix suspicious RCU usage in find_set_and_id
ipc/msg.c: consolidate all xxxctl_down() functions
tracing/kprobes: Have uname use __get_str() in print_fmt
tracing: Fix sched switch start/stop refcount racy updates
rcu: Use *_ONCE() to protect lockless ->expmask accesses
rcu: Avoid data-race in rcu_gp_fqs_check_wake()
srcu: Apply *_ONCE() to ->srcu_last_gp_end
rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
nvmet: Fix error print message at nvmet_install_queue function
nvmet: Fix controller use after free
Bluetooth: btusb: fix memory leak on fw
Bluetooth: btusb: Disable runtime suspend on Realtek devices
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
usb: dwc3: gadget: Check END_TRANSFER completion
usb: dwc3: gadget: Delay starting transfer
usb: typec: tcpci: mask event interrupts when remove driver
objtool: Silence build output
usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: f_ecm: Use atomic_t to track in-flight request
ALSA: usb-audio: Fix endianess in descriptor validation
ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk
ALSA: dummy: Fix PCM format loop in proc output
memcg: fix a crash in wb_workfn when a device disappears
mm/sparse.c: reset section's mem_map when fully deactivated
mmc: sdhci-pci: Make function amd_sdhci_reset static
utimes: Clamp the timestamps in notify_change()
mm/memory_hotplug: fix remove_memory() lockdep splat
mm: thp: don't need care deferred split queue in memcg charge move path
mm: move_pages: report the number of non-attempted pages
media/v4l2-core: set pages dirty upon releasing DMA buffers
media: v4l2-core: compat: ignore native command codes
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
irqdomain: Fix a memory leak in irq_domain_push_irq()
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
platform/x86: intel_scu_ipc: Fix interrupt support
ALSA: hda: Apply aligned MMIO access only conditionally
ALSA: hda: Add Clevo W65_67SB the power_save blacklist
ALSA: hda: Add JasperLake PCI ID and codec vid
arm64: acpi: fix DAIF manipulation with pNMI
KVM: arm64: Correct PSTATE on exception entry
KVM: arm/arm64: Correct CPSR on exception entry
KVM: arm/arm64: Correct AArch32 SPSR on exception entry
KVM: arm64: Only sign-extend MMIO up to register width
MIPS: syscalls: fix indentation of the 'SYSNR' message
MIPS: fix indentation of the 'RELOCS' message
MIPS: boot: fix typo in 'vmlinux.lzma.its' target
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
powerpc/ptdump: Fix W+X verification
powerpc/xmon: don't access ASDR in VMs
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
powerpc/32s: Fix bad_kuap_fault()
powerpc/32s: Fix CPU wake-up from sleep mode
tracing: Fix now invalid var_ref_vals assumption in trace action
PCI: tegra: Fix return value check of pm_runtime_get_sync()
PCI: keystone: Fix outbound region mapping
PCI: keystone: Fix link training retries initiation
PCI: keystone: Fix error handling when "num-viewport" DT property is not populated
mmc: spi: Toggle SPI polarity, do not hardcode it
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
ACPI / battery: Deal with design or full capacity being reported as -1
ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
ACPI / battery: Deal better with neither design nor full capacity not being reported
alarmtimer: Unregister wakeup source when module get fails
fscrypt: don't print name of busy file when removing key
ubifs: don't trigger assertion on invalid no-key filename
ubifs: Fix wrong memory allocation
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Fix deadlock in concurrent bulk-read and writepage
mmc: sdhci-of-at91: fix memleak on clk_get failure
ASoC: SOF: core: free trace on errors
hv_balloon: Balloon up according to request page number
mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
nvmem: core: fix memory abort in cleanup path
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
crypto: ccree - fix backlog memory leak
crypto: ccree - fix AEAD decrypt auth fail
crypto: ccree - fix pm wrongful error reporting
crypto: ccree - fix FDE descriptor sequence
crypto: ccree - fix PM race condition
padata: Remove broken queue flushing
fs: allow deduplication of eof block into the end of the destination file
scripts/find-unused-docs: Fix massive false positives
erofs: fix out-of-bound read for shifted uncompressed block
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
scsi: qla2xxx: Fix mtcp dump collection failure
cpupower: Revert library ABI changes from commit
|
||
|
Casey Schaufler
|
59c458d510 |
broken ping to ipv6 linklocal addresses on debian buster
commit 87fbfffcc89b92a4281b0aa53bd06af714087889 upstream.
I am seeing ping failures to IPv6 linklocal addresses with Debian
buster. Easiest example to reproduce is:
$ ping -c1 -w1 ff02::1%eth1
connect: Invalid argument
$ ping -c1 -w1 ff02::1%eth1
PING ff02::01%eth1(ff02::1%eth1) 56 data bytes
64 bytes from fe80::e0:f9ff:fe0c:37%eth1: icmp_seq=1 ttl=64 time=0.059 ms
git bisect traced the failure to
commit
|
||
|
Greg Kroah-Hartman
|
1bb7ab6685 |
This is the 5.4.18 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl47Mi4ACgkQONu9yGCS aT4zURAAiRhPVfht+amxkX2ebcimGIDO7oMICICF4vAOn9zAHHzEuxjtQms0LWRN l91qduujbVHg9/81BzCe0qp5GwYsgJRAIB5sJwuCrtM5u8zSSQXIY58sU1ZUXLha UC7Pnez+f420RO/U4Xh3BnEM6GOj97VrLw3gePdmI+e4imwP+czloYR/sVLhHES3 vHr7OFhYx8GF303RomFo4kuG9dz11ZUuPdrcHWxDRBHIf3bNCITGpjOV9ICZPL9+ UqmrFZKyqXcT29pgwtUMIxobnkgQm9KekS8iYGS7pblu5BXTuvU6TvfKwpOMOdF3 FIDV9km6LRFyydCLowuiA5gVuNQwfcXCIfPZfhX0ua0vC8e7q/DKItf7QBaChYyp tD4mjXGkOvIrZad94kSw3qVWr1bv9I4D5w+BmDoi5/zchjAcphUeij+QXEhmkD9k PB+zu3NbeY0J69QaVgCbPPHAmimIwsCKlA9FAJNMeuDwBIk7LXF7J0Y0ehlxwdTy h9/miG0UXYkeo5BhhdvvlZ9jdCVHI/fux+McObsasBL2xArmAA059GRgDag2qEo9 X+rtszl8x1JIcPZ3lfm5aSsZ/8nQhtpfsl+mZKSM/x+Kl+SoryvgYtDJHg9Rf5Cp WPx5mD82fS9g1RaQmIWa7iZj4iNvLDf4I+ppe2JbEGUq5IYzZGY= =cfYj -----END PGP SIGNATURE----- Merge 5.4.18 into android-5.4 Changes in 5.4.18 vfs: fix do_last() regression cifs: fix soft mounts hanging in the reconnect code x86/resctrl: Fix a deadlock due to inaccurate reference x86/resctrl: Fix use-after-free when deleting resource groups x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup e1000e: Drop unnecessary __E1000_DOWN bit twiddling e1000e: Revert "e1000e: Make watchdog use delayed work" gfs2: Another gfs2_find_jhead fix perf c2c: Fix return type for histogram sorting comparision functions PM / devfreq: Add new name attribute for sysfs tools lib: Fix builds when glibc contains strlcpy() arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean' mm/mempolicy.c: fix out of bounds write in mpol_parse_str() reiserfs: Fix memory leak of journal device string media: digitv: don't continue if remote control state can't be read media: af9005: uninitialized variable printked media: vp7045: do not read uninitialized values if usb transfer fails media: gspca: zero usb_buf media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 tomoyo: Use atomic_t for statistics counter ttyprintk: fix a potential deadlock in interrupt context issue Bluetooth: Fix race condition in hci_release_sock() cgroup: Prevent double killing of css when enabling threaded cgroup clk: sunxi-ng: v3s: Fix incorrect number of hw_clks. arm64: dts: meson-sm1-sei610: add gpio bluetooth interrupt ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity ARM: dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes ARM: dts: beagle-x15-common: Model 5V0 regulator soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot tools lib traceevent: Fix memory leakage in filter_event rseq: Unregister rseq for clone CLONE_VM clk: sunxi-ng: sun8i-r: Fix divider on APB0 clock clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order mac80211: mesh: restrict airtime metric to peered established plinks clk: mmp2: Fix the order of timer mux parents ASoC: rt5640: Fix NULL dereference on module unload s390/zcrypt: move ap device reset from bus to driver code i40e: Fix virtchnl_queue_select bitmap validation ixgbevf: Remove limit of 10 entries for unicast filter list ixgbe: Fix calculation of queue with VFs and flow director on interface flap igb: Fix SGMII SFP module discovery for 100FX/LX. iavf: remove current MAC address filter on VF reset platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits platform/x86: intel_pmc_core: update Comet Lake platform driver ASoC: SOF: Intel: fix HDA codec driver probe with multiple controllers ASoC: hdac_hda: Fix error in driver removal after failed probe ASoC: sti: fix possible sleep-in-atomic qmi_wwan: Add support for Quectel RM500Q parisc: Use proper printk format for resource_size_t lkdtm/bugs: fix build error in lkdtm_UNSET_SMEP wireless: fix enabling channel 12 for custom regulatory domain cfg80211: Fix radar event during another phy CAC mac80211: Fix TKIP replay protection immediately after key setup wireless: wext: avoid gcc -O3 warning perf/x86/intel/uncore: Add PCI ID of IMC for Xeon E3 V5 Family perf/x86/intel/uncore: Remove PCIe3 unit for SNR riscv: delete temporary files XArray: Fix xas_pause at ULONG_MAX iwlwifi: pcie: allocate smaller dev_cmd for TX headers iwlwifi: Don't ignore the cap field upon mcc update iwlwifi: dbg: force stop the debug monitor HW Input: evdev - convert kzalloc()/vzalloc() to kvzalloc() ARM: dts: am335x-boneblack-common: fix memory size vti[6]: fix packet tx through bpf_redirect() xfrm interface: fix packet tx through bpf_redirect() xfrm: interface: do not confirm neighbor when do pmtu update Input: max77650-onkey - add of_match table scsi: fnic: do not queue commands during fwreset ARM: 8955/1: virt: Relax arch timer version check during early boot led: max77650: add of_match table tee: optee: Fix compilation issue with nommu r8152: get default setting of WOL before initializing r8152: disable U2P3 for RTL8153B r8152: Disable PLA MCU clock speed down r8152: disable test IO for RTL8153B r8152: avoid the MCU to clear the lanwake r8152: disable DelayPhyPwrChg ARM: dts: am43x-epos-evm: set data pin directions for spi0 and spi1 qlcnic: Fix CPU soft lockup while collecting firmware dump powerpc/fsl/dts: add fsl,erratum-a011043 net/fsl: treat fsl,erratum-a011043 net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G seq_tab_next() should increase position index l2t_seq_next should increase position index netfilter: conntrack: sctp: use distinct states for new SCTP connections netfilter: nf_tables_offload: fix check the chain offload flag net: Fix skb->csum update in inet_proto_csum_replace16(). btrfs: do not zero f_bavail if we have available space cpuidle: teo: Avoid using "early hits" incorrectly flow_dissector: Fix to use new variables for port ranges in bpf hook dm thin: fix use-after-free in metadata_pre_commit_callback perf report: Fix no libunwind compiled warning break s390 issue mm/migrate.c: also overwrite error when it is bigger than zero ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj initialization order Revert "rsi: fix potential null dereference in rsi_probe()" tracing/uprobe: Fix to make trace_uprobe_filter alignment safe Linux 5.4.18 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2dcf0611b3c562c6e934f952844a90be6ace99ed |
||
Tetsuo Handa
|
99652ee9c5 |
tomoyo: Use atomic_t for statistics counter
commit a8772fad0172aeae339144598b809fd8d4823331 upstream. syzbot is reporting that there is a race at tomoyo_stat_update() [1]. Although it is acceptable to fail to track exact number of times policy was updated, convert to atomic_t because this is not a hot path. [1] https://syzkaller.appspot.com/bug?id=a4d7b973972eeed410596e6604580e0133b0fc04 Reported-by: syzbot <syzbot+efea72d4a0a1d03596cd@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Hridya Valsaraju
|
8b13219f2d |
FROMLIST: selinux: Fix typo in filesystem name
Correct the filesystem name to "binder" to enable
genfscon per-file labelling for binderfs.
Fixes: 7a4b5194747 ("selinux: allow per-file labelling for binderfs")
Signed-off-by: Hridya Valsaraju <hridya@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Bug: 136497735
Change-Id: I6139ede4eb6e85f5399f826834b062bbf33d28cf
Link: https://lore.kernel.org/patchwork/patch/1188587/
|
||
|
Hridya Valsaraju
|
31aa7f2be2 |
FROMLIST: security: selinux: allow per-file labelling for binderfs
This patch allows genfscon per-file labeling for binderfs. This is required to have separate permissions to allow access to binder, hwbinder and vndbinder devices which are relocating to binderfs. Acked-by: Jeff Vander Stoep <jeffv@google.com> Acked-by: Mark Salyzyn <salyzyn@android.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Hridya Valsaraju <hridya@google.com> Bug: 136497735 (cherry picked from commit 7a4b51947475a7f67e2bd06c4a4c768e2e64a975 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git master) Link: https://lore.kernel.org/patchwork/patch/1175776/ Change-Id: I105cc54b30ddd4120dc23a363bddc2f9d00e4dc4 |
||
|
Jeff Vander Stoep
|
020b443d55 |
Revert "ANDROID: security,perf: Allow further restriction of perf_event_open"
Unfork Android.
This reverts commit
|
||
|
Jeff Vander Stoep
|
dc34c9f193 |
ANDROID: selinux: modify RTM_GETLINK permission
Map the permission gating RTM_GETLINK messages to a new permission so that it can be distinguished from the other netlink route permissions in selinux policy. This is a temporary Android-only patch that will be deprecated in newer kernels once the long-term solution lands as discusssed on the mailing list [1]. The maintainer's recommended solution is more general, much more complex, and likely not suitable for backporting. This patch provides the minimal change needed for Android including the userspace settable trigger which ensures that the permission change is only applied to the newest version of Android which contains the changes needed for userpace compatibility. [1]: https://lore.kernel.org/selinux/20200116142653.61738-1-jeffv@google.com/ Bug: 141455849 Bug: 148218425 Test: CtsSelinuxTargetSdkCurrentTestCases Test: atest bionic-unit-tests-static Test: atest NetworkInterfaceTest Test: Connect to Wi-Fi network Test: Set up hotspot Test: Cast from device Test: Pair Bluetooth device Test: Call getifaddrs() directly from within an app. Test: Call NetworkInterface#getNetworkInterfaces() from within an app. Change-Id: I7b44ce60ad98f858c412722d41b9842f8577151f Signed-off-by: Jeff Vander Stoep <jeffv@google.com> |
||
|
Greg Kroah-Hartman
|
b0b02162a4 |
This is the 5.4.13 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4iAaQACgkQONu9yGCS aT5vIg/+Lj4wdF3UuUWonHdWBhnfG2FKCWFTYJKPpFXFRMltAa27XKns/CvR8CBW 9ztOH928CR8K9BS7HbfGtsgOEOVzILb4+akco5UhrTH93dc2T6RwSDiMpaULgeIF x/n834yNlsHs1NSmjjuimBe1j4NcZwPnnNVGKmFojkv04QPsFjP6HCp7PR2/PMXP CVO5JBXqMYtMRprY0xkpAGCStqVZPF6uwfTPrKRgaOCTpkKsqBEFJbwqOoqGQWou fQPOmEFjw+e9rIKzJgou6k4YGrWITcpNnUMdxavCszcQFTeUnY1vpLTiVxyZC1E3 R+7ulfe+/zoQvWIer9H85ySLuOjSmmXb5CM9Fc0WLSsvKmTKfUNe/g5Cce+rngPY x/+tIBvXgFSoGR4oO5dEHhXn9Hzqr0OHbZy1dLKY1RU4NzxLsAtR2DH4ps25I4ux Ty2P0kYwm5Sz43MspnFAPTaU5kC3qHVNMjanbb5I7xGF2m0HZmh0zRHBC50DqP4Y nmLUklpX4EGVAYGb94YZMa3ugksSvie2SLgk838UQG+lGqaQoxAyAeRmDdyR1zE7 GHlkNxWj8cbkBsPDSYt6Wvrt+7+e8Bbk5Y/fM5+j02h6ehs9wqOaQ985CfvrrYix RyGc7pWt1FPL7Kqv/CtbDieglS/P0BMPPGYX2rfidk6i+0knWaE= =53PP -----END PGP SIGNATURE----- Merge 5.4.13 into android-5.4 Changes in 5.4.13 HID: hidraw, uhid: Always report EPOLLOUT rtc: mt6397: fix alarm register overwrite phy: mapphone-mdm6600: Fix uninitialized status value regression RDMA/bnxt_re: Avoid freeing MR resources if dereg fails RDMA/bnxt_re: Fix Send Work Entry state check while polling completions IB/hfi1: Don't cancel unused work item mtd: rawnand: stm32_fmc2: avoid to lock the CPU bus i2c: bcm2835: Store pointer to bus clock ASoC: SOF: imx8: fix memory allocation failure check on priv->pd_dev ASoC: soc-core: Set dpcm_playback / dpcm_capture ASoC: stm32: spdifrx: fix inconsistent lock state ASoC: stm32: spdifrx: fix race condition in irq handler ASoC: stm32: spdifrx: fix input pin state management pinctrl: lochnagar: select GPIOLIB netfilter: nft_flow_offload: fix underflow in flowtable reference counter ASoC: SOF: imx8: Fix dsp_box offset mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy gpio: zynq: Fix for bug in zynq_gpio_restore_context API pinctrl: meson: Fix wrong shift value when get drive-strength selftests: loopback.sh: skip this test if the driver does not support iommu/vt-d: Unlink device if failed to add to group iommu: Remove device link to group on failure bpf: cgroup: prevent out-of-order release of cgroup bpf fs: move guard_bio_eod() after bio_set_op_attrs scsi: mpt3sas: Fix double free in attach error handling gpio: Fix error message on out-of-range GPIO in lookup table PM / devfreq: tegra: Add COMMON_CLK dependency PCI: amlogic: Fix probed clock names drm/tegra: Fix ordering of cleanup code hsr: add hsr root debugfs directory hsr: rename debugfs file when interface name is changed hsr: reset network header when supervision frame is created s390/qeth: fix qdio teardown after early init error s390/qeth: fix false reporting of VNIC CHAR config failure s390/qeth: Fix vnicc_is_in_use if rx_bcast not set s390/qeth: vnicc Fix init to default s390/qeth: fix initialization on old HW cifs: Adjust indentation in smb2_open_file scsi: smartpqi: Update attribute name to `driver_version` MAINTAINERS: Append missed file to the database ath9k: use iowrite32 over __raw_writel can: j1939: fix address claim code example dt-bindings: reset: Fix brcmstb-reset example reset: brcmstb: Remove resource checks afs: Fix missing cell comparison in afs_test_super() perf vendor events s390: Remove name from L1D_RO_EXCL_WRITES description syscalls/x86: Wire up COMPAT_SYSCALL_DEFINE0 syscalls/x86: Use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn syscalls/x86: Use the correct function type for sys_ni_syscall syscalls/x86: Fix function types in COND_SYSCALL hsr: fix slab-out-of-bounds Read in hsr_debugfs_rename() btrfs: simplify inode locking for RWF_NOWAIT netfilter: nf_tables_offload: release flow_rule on error from commit path netfilter: nft_meta: use 64-bit time arithmetic ASoC: dt-bindings: mt8183: add missing update ASoC: simple_card_utils.h: Add missing include ASoC: fsl_esai: Add spin lock to protect reset, stop and start ASoC: SOF: Intel: Broadwell: clarify mutual exclusion with legacy driver ASoC: core: Fix compile warning with CONFIG_DEBUG_FS=n ASoC: rsnd: fix DALIGN register for SSIU RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size() RDMA/hns: remove a redundant le16_to_cpu RDMA/hns: Modify return value of restrack functions RDMA/counter: Prevent QP counter manual binding in auto mode RDMA/siw: Fix port number endianness in a debug message RDMA/hns: Fix build error again RDMA/hns: Release qp resources when failed to destroy qp xprtrdma: Add unique trace points for posting Local Invalidate WRs xprtrdma: Connection becomes unstable after a reconnect xprtrdma: Fix MR list handling xprtrdma: Close window between waking RPC senders and posting Receives RDMA/hns: Fix to support 64K page for srq RDMA/hns: Bugfix for qpc/cqc timer configuration rdma: Remove nes ABI header RDMA/mlx5: Return proper error value RDMA/srpt: Report the SCSI residual to the initiator uaccess: Add non-pagefault user-space write function bpf: Make use of probe_user_write in probe write helper bpf: skmsg, fix potential psock NULL pointer dereference bpf: Support pre-2.25-binutils objcopy for vmlinux BTF libbpf: Fix Makefile' libbpf symbol mismatch diagnostic afs: Fix use-after-loss-of-ref afs: Fix afs_lookup() to not clobber the version on a new dentry keys: Fix request_key() cache scsi: enclosure: Fix stale device oops with hot replug scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI platform/mellanox: fix potential deadlock in the tmfifo driver platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 platform/x86: GPD pocket fan: Use default values when wrong modparams are given asm-generic/nds32: don't redefine cacheflush primitives Documentation/ABI: Fix documentation inconsistency for mlxreg-io sysfs interfaces Documentation/ABI: Add missed attribute for mlxreg-io sysfs interfaces xprtrdma: Fix create_qp crash on device unload xprtrdma: Fix completion wait during device removal xprtrdma: Fix oops in Receive handler after device removal dm: add dm-clone to the documentation index scsi: ufs: Give an unique ID to each ufs-bsg crypto: cavium/nitrox - fix firmware assignment to AE cores crypto: hisilicon - select NEED_SG_DMA_LENGTH in qm Kconfig crypto: arm64/aes-neonbs - add return value of skcipher_walk_done() in __xts_crypt() crypto: virtio - implement missing support for output IVs crypto: algif_skcipher - Use chunksize instead of blocksize crypto: geode-aes - convert to skcipher API and make thread-safe NFSv2: Fix a typo in encode_sattr() nfsd: Fix cld_net->cn_tfm initialization nfsd: v4 support requires CRYPTO_SHA256 NFSv4.x: Handle bad/dead sessions correctly in nfs41_sequence_process() NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn iio: imu: st_lsm6dsx: fix gyro gain definitions for LSM9DS1 iio: imu: adis16480: assign bias value only if operation succeeded mei: fix modalias documentation clk: meson: axg-audio: fix regmap last register clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume clk: Fix memory leak in clk_unregister() dmaengine: dw: platform: Mark 'hclk' clock optional clk: imx: pll14xx: Fix quick switch of S/K parameter rsi: fix potential null dereference in rsi_probe() affs: fix a memory leak in affs_remount pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call pinctrl: sh-pfc: Fix PINMUX_IPSR_PHYS() to set GPSR pinctrl: sh-pfc: Do not use platform_get_irq() to count interrupts pinctrl: lewisburg: Update pin list according to v1.1v6 PCI: pciehp: Do not disable interrupt twice on suspend Revert "drm/virtio: switch virtio_gpu_wait_ioctl() to gem helper." drm/amdgpu: cleanup creating BOs at fixed location (v2) drm/amdgpu/discovery: reserve discovery data at the top of VRAM scsi: sd: enable compat ioctls for sed-opal arm64: dts: apq8096-db820c: Increase load on l21 for SDCARD gfs2: add compat_ioctl support af_unix: add compat_ioctl support compat_ioctl: handle SIOCOUTQNSD PCI: aardvark: Use LTSSM state to build link training flag PCI: aardvark: Fix PCI_EXP_RTCTL register configuration PCI: dwc: Fix find_next_bit() usage PCI: Fix missing bridge dma_ranges resource list cleanup PCI/PM: Clear PCIe PME Status even for legacy power management tools: PCI: Fix fd leakage PCI/PTM: Remove spurious "d" from granularity message powerpc/powernv: Disable native PCIe port management MIPS: PCI: remember nasid changed by set interrupt affinity MIPS: Loongson: Fix return value of loongson_hwmon_init MIPS: SGI-IP27: Fix crash, when CPUs are disabled via nr_cpus parameter tty: serial: imx: use the sg count from dma_map_sg tty: serial: pch_uart: correct usage of dma_unmap_sg ARM: 8943/1: Fix topology setup in case of CPU hotplug for CONFIG_SCHED_MC media: ov6650: Fix incorrect use of JPEG colorspace media: ov6650: Fix some format attributes not under control media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support media: ov6650: Fix default format not applied on device probe media: rcar-vin: Fix incorrect return statement in rvin_try_format() media: hantro: h264: Fix the frame_num wraparound case media: v4l: cadence: Fix how unsued lanes are handled in 'csi2rx_start()' media: exynos4-is: Fix recursive locking in isp_video_release() media: coda: fix deadlock between decoder picture run and start command media: cedrus: Use correct H264 8x8 scaling list media: hantro: Do not reorder H264 scaling list media: aspeed-video: Fix memory leaks in aspeed_video_probe media: hantro: Set H264 FIELDPIC_FLAG_E flag correctly iommu/mediatek: Correct the flush_iotlb_all callback iommu/mediatek: Add a new tlb_lock for tlb_flush memory: mtk-smi: Add PM suspend and resume ops Revert "ubifs: Fix memory leak bug in alloc_ubifs_info() error path" ubifs: Fixed missed le64_to_cpu() in journal ubifs: do_kill_orphans: Fix a memory leak bug spi: sprd: Fix the incorrect SPI register mtd: spi-nor: fix silent truncation in spi_nor_read() mtd: spi-nor: fix silent truncation in spi_nor_read_raw() spi: pxa2xx: Set controller->max_transfer_size in dma mode spi: atmel: fix handling of cs_change set on non-last xfer spi: rspi: Use platform_get_irq_byname_optional() for optional irqs spi: lpspi: fix memory leak in fsl_lpspi_probe iwlwifi: mvm: consider ieee80211 station max amsdu value rtlwifi: Remove unnecessary NULL check in rtl_regd_init iwlwifi: mvm: fix support for single antenna diversity sch_cake: Add missing NLA policy entry TCA_CAKE_SPLIT_GSO f2fs: fix potential overflow NFSD fixing possible null pointer derefering in copy offload rtc: msm6242: Fix reading of 10-hour digit rtc: brcmstb-waketimer: add missed clk_disable_unprepare rtc: bd70528: Add MODULE ALIAS to autoload module gpio: mpc8xxx: Add platform device to gpiochip->parent scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() scsi: target/iblock: Fix protection error with blocks greater than 512B selftests: firmware: Fix it to do root uid check and skip rseq/selftests: Turn off timeout setting riscv: export flush_icache_all to modules mips: cacheinfo: report shared CPU map mips: Fix gettimeofday() in the vdso library tomoyo: Suppress RCU warning at list_for_each_entry_rcu(). MIPS: Prevent link failure with kcov instrumentation drm/arm/mali: make malidp_mw_connector_helper_funcs static rxrpc: Unlock new call in rxrpc_new_incoming_call() rather than the caller rxrpc: Don't take call->user_mutex in rxrpc_new_incoming_call() rxrpc: Fix missing security check on incoming calls dmaengine: k3dma: Avoid null pointer traversal s390/qeth: lock the card while changing its hsuid ioat: ioat_alloc_ring() failure handling. drm/amdgpu: enable gfxoff for raven1 refresh media: intel-ipu3: Align struct ipu3_uapi_awb_fr_config_s to 32 bytes kbuild/deb-pkg: annotate libelf-dev dependency as :native hexagon: parenthesize registers in asm predicates hexagon: work around compiler crash ocfs2: call journal flush to mark journal as empty after journal recovery when mount Linux 5.4.13 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I90734cd9d80f000e05a8109a529916ae641cdede |
||
|
Tetsuo Handa
|
1b32e6ea73 |
tomoyo: Suppress RCU warning at list_for_each_entry_rcu().
[ Upstream commit 6bd5ce6089b561f5392460bfb654dea89356ab1b ] John Garry has reported that allmodconfig kernel on arm64 causes flood of "RCU-list traversed in non-reader section!!" warning. I don't know what change caused this warning, but this warning is safe because TOMOYO uses SRCU lock instead. Let's suppress this warning by explicitly telling that the caller is holding SRCU lock. Reported-and-tested-by: John Garry <john.garry@huawei.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Vinayak Menon
|
44103384ae |
selinux: stop flooding the log buffer
The avc allocations are marked with GFP_NOWAIT and thus considered to be non-fatal allocations. This also makes these allocations easy to fail thus filling the log buffer with page allocation failure messages. There are no known cases of these messages being of any importance for debugging. Disable them. Change-Id: I3517a134ad0e8deb307f0d140f4b16cb303a9f7f Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Joel Fernandes (Google)
|
ad70668a3d |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org Bug: 137092007 (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: resolved merge conflicts with perf_event_paranoid=3 code ] Signed-off-by: Ryan Savitski <rsavitski@google.com> [ Ryan Savitski: Folded in upstream ae79d5588a04 (perf/core: Fix !CONFIG_PERF_EVENTS build warnings and failures). This should fix the build errors from the previous backport attempt, where certain configurations would end up with functions referring to the perf_event struct prior to its declaration (and therefore declaring it with a different scope). ] Signed-off-by: Ryan Savitski <rsavitski@google.com> Change-Id: I50769ede23fbfd8996657c6dae99cab98a3042bc |
||
|
Greg Kroah-Hartman
|
813bf83282 |
This is the 5.4.9 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4W8EgACgkQONu9yGCS aT4szA//fqXI1OQ3xcCt5s9MYZYYa6IpX/VZ0H7lNC/7pkJzccKo+aSer7ppEn4o ND8sHNx/lhfZorhvLdqJK4PLThC+fXmXnLvFOzqvZeUVyesnv9zlhd/5JNu18Fvc RNjcIRIAHFwanZLAw8uft1DIZXcZ8wNkAAugn/WQV3FN/TG+FsrDzWYnmbBhRIQS XC/2jSlFpMTKoExNzEdbduG0XH5plWeE+AdY3a+DQsOBUO2XrAuk5HTEByM1jzPV W7U9vMqvw3OyrERcA0lmjs37Waw1e0qzfUaa8Bman5Uc0StOTq0UwschX21SB5yP MvbAKhqaKtSff7b4lNrDP9Kj1O/lH84WPSn/aao9D083m/ZYdkkd4AWMlS480lL5 oJ28tFbgwLayIqDbwCggHluTsNUdQSTwahVbnp4GMqxfjWrApdLPCqloSb+x9JCF 9pWJf3awI53mA864pH/uOM7pDOz5/c/oJ4QzVmOmR48dsddorY+gPcwk+YpElJcZ +xCBQDN5JkNC7lwqu2lvaoq/5cMC5lO/v6aeTfsYCRVnlNY12TY8z352zzMZfCKG GRkNvDqWZ5ZmQ+LblWRVbgdGxU42wIYXUS1jUdFd+5DRzz17+ZKUy7YbLNmZMcpY UyiM2Ij7X7HsNGrYDKFq0lZPw6k7v3FshvMwQ8C6dNk+l3o9oCA= =M+hs -----END PGP SIGNATURE----- Merge 5.4.9 into android-5.4 Changes in 5.4.9 drm/mcde: dsi: Fix invalid pointer dereference if panel cannot be found nvme_fc: add module to ops template to allow module references nvme-fc: fix double-free scenarios on hw queues drm/amdgpu: add check before enabling/disabling broadcast mode drm/amdgpu: add header line for power profile on Arcturus drm/amdgpu: add cache flush workaround to gfx8 emit_fence drm/amd/display: Map DSC resources 1-to-1 if numbers of OPPs and DSCs are equal drm/amd/display: Fixed kernel panic when booting with DP-to-HDMI dongle drm/amd/display: Change the delay time before enabling FEC drm/amd/display: Reset steer fifo before unblanking the stream drm/amd/display: update dispclk and dppclk vco frequency nvme/pci: Fix write and poll queue types nvme/pci: Fix read queue count iio: st_accel: Fix unused variable warning iio: adc: max9611: Fix too short conversion time delay PM / devfreq: Fix devfreq_notifier_call returning errno PM / devfreq: Set scaling_max_freq to max on OPP notifier error PM / devfreq: Don't fail devfreq_dev_release if not in list afs: Fix afs_find_server lookups for ipv4 peers afs: Fix SELinux setting security label on /afs RDMA/cma: add missed unregister_pernet_subsys in init failure rxe: correctly calculate iCRC for unaligned payloads scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func scsi: qla2xxx: Use explicit LOGO in target mode scsi: qla2xxx: Drop superfluous INIT_WORK of del_work scsi: qla2xxx: Don't call qlt_async_event twice scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length scsi: qla2xxx: Configure local loop for N2N target scsi: qla2xxx: Send Notify ACK after N2N PLOGI scsi: qla2xxx: Don't defer relogin unconditonally scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI scsi: iscsi: qla4xxx: fix double free in probe scsi: libsas: stop discovering if oob mode is disconnected scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func staging/wlan-ng: add CRC32 dependency in Kconfig drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit drm/nouveau: Fix drm-core using atomic code-paths on pre-nv50 hardware drm/nouveau/kms/nv50-: fix panel scaling usb: gadget: fix wrong endpoint desc net: make socket read/write_iter() honor IOCB_NOWAIT afs: Fix mountpoint parsing afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP raid5: need to set STRIPE_HANDLE for batch head md: raid1: check rdev before reference in raid1_sync_request func s390/cpum_sf: Adjust sampling interval to avoid hitting sample limits s390/cpum_sf: Avoid SBD overflow condition in irq handler RDMA/counter: Prevent auto-binding a QP which are not tracked with res IB/mlx4: Follow mirror sequence of device add during device removal IB/mlx5: Fix steering rule of drop and count xen-blkback: prevent premature module unload xen/balloon: fix ballooned page accounting without hotplug enabled PM / hibernate: memory_bm_find_bit(): Tighten node optimisation ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC PCI: Add a helper to check Power Resource Requirements _PR3 existence ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver PCI: Fix missing inline for pci_pr3_present() ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen tcp: fix data-race in tcp_recvmsg() shmem: pin the file in shmem_fault() if mmap_sem is dropped taskstats: fix data-race ALSA: hda - Downgrade error message for single-cmd fallback netfilter: nft_tproxy: Fix port selector on Big Endian block: add bio_truncate to fix guard_bio_eod mm: drop mmap_sem before calling balance_dirty_pages() in write fault ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code ALSA: usb-audio: fix set_format altsetting sanity check ALSA: usb-audio: set the interface format after resume on Dell WD19 ALSA: hda - Apply sync-write workaround to old Intel platforms, too ALSA: hda/realtek - Add headset Mic no shutup for ALC283 drm/sun4i: hdmi: Remove duplicate cleanup calls drm/amdgpu/smu: add metrics table lock drm/amdgpu/smu: add metrics table lock for arcturus (v2) drm/amdgpu/smu: add metrics table lock for navi (v2) drm/amdgpu/smu: add metrics table lock for vega20 (v2) MIPS: BPF: Disable MIPS32 eBPF JIT MIPS: BPF: eBPF JIT: check for MIPS ISA compliance in Kconfig MIPS: Avoid VDSO ABI breakage due to global register variable media: pulse8-cec: fix lost cec_transmit_attempt_done() call media: cec: CEC 2.0-only bcast messages were ignored media: cec: avoid decrementing transmit_queue_sz if it is 0 media: cec: check 'transmit_in_progress', not 'transmitting' mm/memory_hotplug: shrink zones when offlining memory mm/zsmalloc.c: fix the migrated zspage statistics. memcg: account security cred as well to kmemcg mm: move_pages: return valid node id in status if the page is already on the target node mm/oom: fix pgtables units mismatch in Killed process message ocfs2: fix the crash due to call ocfs2_get_dlm_debug once less pstore/ram: Write new dumps to start of recycled zones pstore/ram: Fix error-path memory leak in persistent_ram_new() callers gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again locks: print unsigned ino in /proc/locks selftests/seccomp: Zero out seccomp_notif seccomp: Check that seccomp_notif is zeroed out by the user samples/seccomp: Zero out members based on seccomp_notif_sizes selftests/seccomp: Catch garbage on SECCOMP_IOCTL_NOTIF_RECV dmaengine: Fix access to uninitialized dma_slave_caps dmaengine: dma-jz4780: Also break descriptor chains on JZ4725B Btrfs: fix infinite loop during nocow writeback due to race compat_ioctl: block: handle Persistent Reservations compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES bpf: Fix precision tracking for unbounded scalars ata: libahci_platform: Export again ahci_platform_<en/dis>able_phys() ata: ahci_brcm: Fix AHCI resources management ata: ahci_brcm: Add missing clock management during recovery ata: ahci_brcm: BCM7425 AHCI requires AHCI_HFLAG_DELAY_ENGINE libata: Fix retrieving of active qcs gpio: xtensa: fix driver build gpiolib: fix up emulated open drain outputs clocksource: riscv: add notrace to riscv_sched_clock riscv: ftrace: correct the condition logic in function graph tracer rseq/selftests: Fix: Namespace gettid() for compatibility with glibc 2.30 tracing: Fix lock inversion in trace_event_enable_tgid_record() tracing: Avoid memory leak in process_system_preds() tracing: Have the histogram compare functions convert to u64 first tracing: Fix endianness bug in histogram trigger samples/trace_printk: Wait for IRQ work to finish io_uring: use current task creds instead of allocating a new one mm/gup: fix memory leak in __gup_benchmark_ioctl apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock dmaengine: virt-dma: Fix access after free in vchan_complete() gen_initramfs_list.sh: fix 'bad variable name' error ALSA: cs4236: fix error return comparison of an unsigned integer ALSA: pcm: Yet another missing check of non-cached buffer type ALSA: firewire-motu: Correct a typo in the clock proc string scsi: lpfc: Fix rpi release when deleting vport exit: panic before exit_mm() on global init exit arm64: Revert support for execute-only user mappings ftrace: Avoid potential division by zero in function profiler spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode drm/msm: include linux/sched/task.h PM / devfreq: Check NULL governor in available_governors_show sunrpc: fix crash when cache_head become valid before update arm64: dts: qcom: msm8998-clamshell: Remove retention idle state nfsd4: fix up replay_matches_cache() powerpc: Chunk calls to flush_dcache_range in arch_*_memory HID: i2c-hid: Reset ALPS touchpads on resume net/sched: annotate lockless accesses to qdisc->empty kernel/module.c: wakeup processes in module_wq on module unload ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 perf callchain: Fix segfault in thread__resolve_callchain_sample() iommu/vt-d: Remove incorrect PSI capability check of: overlay: add_changeset_property() memory leak cifs: Fix potential softlockups while refreshing DFS cache firmware: arm_scmi: Avoid double free in error flow xfs: don't check for AG deadlock for realtime files in bunmapi platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table netfilter: nf_queue: enqueue skbs with NULL dst net, sysctl: Fix compiler warning when only cBPF is present watchdog: tqmx86_wdt: Fix build error regulator: axp20x: Fix axp20x_set_ramp_delay regulator: bd70528: Remove .set_ramp_delay for bd70528_ldo_ops spi: uniphier: Fix FIFO threshold regulator: axp20x: Fix AXP22x ELDO2 regulator enable bitmask powerpc/mm: Mark get_slice_psize() & slice_addr_is_low() as notrace Bluetooth: btusb: fix PM leak in error case of setup Bluetooth: delete a stray unlock Bluetooth: Fix memory leak in hci_connect_le_scan arm64: dts: meson-gxl-s905x-khadas-vim: fix uart_A bluetooth node arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node media: flexcop-usb: ensure -EIO is returned on error condition regulator: ab8500: Remove AB8505 USB regulator media: usb: fix memory leak in af9005_identify_state dt-bindings: clock: renesas: rcar-usb2-clock-sel: Fix typo in example arm64: dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq tty: serial: msm_serial: Fix lockup for sysrq and oops cifs: Fix lookup of root ses in DFS referral cache fs: cifs: Fix atime update check vs mtime fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP ath9k_htc: Modify byte order for an error message ath9k_htc: Discard undersized packets drm/i915/execlists: Fix annotation for decoupling virtual request xfs: periodically yield scrub threads to the scheduler net: add annotations on hh->hh_len lockless accesses ubifs: ubifs_tnc_start_commit: Fix OOB in layout_in_gaps btrfs: get rid of unique workqueue helper functions Btrfs: only associate the locked page with one async_chunk struct s390/smp: fix physical to logical CPU map for SMT mm/sparse.c: mark populate_section_memmap as __meminit xen/blkback: Avoid unmapping unmapped grant pages lib/ubsan: don't serialize UBSAN report efi: Don't attempt to map RCI2 config table if it doesn't exist perf/x86/intel/bts: Fix the use of page_private() net: annotate lockless accesses to sk->sk_pacing_shift hsr: avoid debugfs warning message when module is remove hsr: fix error handling routine in hsr_dev_finalize() hsr: fix a race condition in node list insertion and deletion mm/hugetlb: defer freeing of huge pages if in non-task context Linux 5.4.9 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8eebcdac421faf74f70af8e8666abfdcdc45c86b |
||
|
Greg Kroah-Hartman
|
49a04248ba |
Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks"
This reverts commit
|
||
|
John Johansen
|
e0d2bf5a01 |
apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock
commit 8c62ed27a12c00e3db1c9f04bc0f272bdbb06734 upstream.
aa_xattrs_match() is unfortunately calling vfs_getxattr_alloc() from a
context protected by an rcu_read_lock. This can not be done as
vfs_getxattr_alloc() may sleep regardles of the gfp_t value being
passed to it.
Fix this by breaking the rcu_read_lock on the policy search when the
xattr match feature is requested and restarting the search if a policy
changes occur.
Fixes:
|
||
|
Joel Fernandes (Google)
|
3605586e90 |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org Bug: 137092007 Change-Id: I5df32b668e2dd5f2dd3ab472dfc74f533bc4d8db (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: resolved merge conflicts with perf_event_paranoid=3 code ] Signed-off-by: Ryan Savitski <rsavitski@google.com> |
||
|
Jeff Vander Stoep
|
20810a2469 |
UPSTREAM: selinux: sidtab reverse lookup hash table
This replaces the reverse table lookup and reverse cache with a
hashtable which improves cache-miss reverse-lookup times from
O(n) to O(1)* and maintains the same performance as a reverse
cache hit.
This reduces the time needed to add a new sidtab entry from ~500us
to 5us on a Pixel 3 when there are ~10,000 sidtab entries.
The implementation uses the kernel's generic hashtable API,
It uses the context's string represtation as the hash source,
and the kernels generic string hashing algorithm full_name_hash()
to reduce the string to a 32 bit value.
This change also maintains the improvement introduced in
commit
|
||
|
Greg Kroah-Hartman
|
de197c5a4f |
This is the 5.4.8 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4Q1ycACgkQONu9yGCS
aT5YRg//SPO6yX/WxWjac/ZHnKrarTqnIF1jxK++pLYZLpBeSHs/n5BhguJoL37s
KVhCEdilnp1Fb49nuM65RJKqgvGyKxn9p380vNTkU6VUf/6O2lFN28nWVqWaSJqj
kjb+7Jkn0iJ4LTHwGPeFSqvxG66SsjOJfFsR6bqXaGGFZgSwC4yVTqYhkuCV6TGP
hEEcy7IgB9LT3lXHSQelG7cuc2Zs5MJSeLx+Ji+UQYyRIZwsMHJ1M8BvAI5Zd1J4
WrdJIVpyNAh5b65cXGuDYmSSIiqIFDNY43JbTII5RVEj/SjnJfnxDZ3+joJswJlo
noty2f7cg7GiKH8BhNXvuVopFu3Ycz1/deMIu3S8boWBVFawwECb0akLuB7Ms1n1
QHeXFExZyHxhPnBPfJ2dYwXMIgImvVS/3nPW4CcBsRbBjqUKhQeImoqk41+gfGDb
cZ0F7VUZ7Mq5O4raNYICMWoANqQTrXF9DUuA1e909CufP7BQBpw1X5XjITUBa0Gs
gvFrAU4oyqkX9xUVNb+n5qR6X1OjBTTNhaet6l06fuDNeWf7T0gVoVlKOf4dLCqP
uKy62Ps9QZsTsjgnjbdKuSFwlbu8S/qKrEqCnUS6vRYbrM2bUxkJL3D1xr6JHnGS
aMzPOxdt4JvrppYtBCJQr+/ETQzv2A1l3IeIujldiKzNnsoIUeY=
=mI67
-----END PGP SIGNATURE-----
Merge 5.4.8 into android-5.4
Changes in 5.4.8
Revert "MIPS: futex: Restore \n after sync instructions"
Revert "MIPS: futex: Emit Loongson3 sync workarounds within asm"
scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd()
scsi: lpfc: Fix discovery failures when target device connectivity bounces
scsi: mpt3sas: Fix clear pending bit in ioctl status
scsi: lpfc: Fix locking on mailbox command completion
scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA
gpio: mxc: Only get the second IRQ when there is more than one IRQ
scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq
Input: atmel_mxt_ts - disable IRQ across suspend
f2fs: fix to update time in lazytime mode
powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_{get, set}
tools/power/x86/intel-speed-select: Remove warning for unused result
platform/x86: peaq-wmi: switch to using polled mode of input devices
iommu: rockchip: Free domain on .domain_free
iommu/tegra-smmu: Fix page tables in > 4 GiB memory
dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset
scsi: target: compare full CHAP_A Algorithm strings
scsi: lpfc: Fix hardlockup in lpfc_abort_handler
scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices
scsi: csiostor: Don't enable IRQs too early
scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails
powerpc/pseries: Mark accumulate_stolen_time() as notrace
powerpc/pseries: Don't fail hash page table insert for bolted mapping
Input: st1232 - do not reset the chip too early
selftests/powerpc: Fixup clobbers for TM tests
powerpc/tools: Don't quote $objdump in scripts
dma-debug: add a schedule point in debug_dma_dump_mappings()
dma-mapping: Add vmap checks to dma_map_single()
dma-mapping: fix handling of dma-ranges for reserved memory (again)
dmaengine: fsl-qdma: Handle invalid qdma-queue0 IRQ
leds: lm3692x: Handle failure to probe the regulator
leds: an30259a: add a check for devm_regmap_init_i2c
leds: trigger: netdev: fix handling on interface rename
clocksource/drivers/asm9260: Add a check for of_clk_get
clocksource/drivers/timer-of: Use unique device name instead of timer
dtc: Use pkg-config to locate libyaml
selftests/powerpc: Skip tm-signal-sigreturn-nt if TM not available
powerpc/security/book3s64: Report L1TF status in sysfs
powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
ext4: update direct I/O read lock pattern for IOCB_NOWAIT
ext4: iomap that extends beyond EOF should be marked dirty
jbd2: Fix statistics for the number of logged blocks
scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6)
scsi: lpfc: Fix unexpected error messages during RSCN handling
scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow
f2fs: fix to update dir's i_pino during cross_rename
clk: qcom: smd: Add missing pnoc clock
clk: qcom: Allow constant ratio freq tables for rcg
clk: clk-gpio: propagate rate change to parent
irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary
irqchip: ingenic: Error out if IRQ domain creation failed
dma-direct: check for overflows on 32 bit DMA addresses
fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long
iommu/arm-smmu-v3: Don't display an error when IRQ lines are missing
i2c: stm32f7: fix & reorder remove & probe error handling
iomap: fix return value of iomap_dio_bio_actor on 32bit systems
Input: ili210x - handle errors from input_mt_init_slots()
scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences
scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane)
PCI: rpaphp: Fix up pointer to first drc-info entry
scsi: ufs: fix potential bug which ends in system hang
powerpc/pseries/cmm: Implement release() function for sysfs device
PCI: rpaphp: Don't rely on firmware feature to imply drc-info support
PCI: rpaphp: Annotate and correctly byte swap DRC properties
PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info
powerpc/security: Fix wrong message when RFI Flush is disable
powerpc/eeh: differentiate duplicate detection message
powerpc/book3s/mm: Update Oops message to print the correct translation in use
scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
clk: pxa: fix one of the pxa RTC clocks
bcache: at least try to shrink 1 node in bch_mca_scan()
HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse
dt-bindings: Improve validation build error handling
HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
HID: i2c-hid: fix no irq after reset on raydium 3118
ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening
libnvdimm/btt: fix variable 'rc' set but not used
HID: Improve Windows Precision Touchpad detection.
HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device
watchdog: imx7ulp: Fix reboot hang
watchdog: prevent deferral of watchdogd wakeup on RT
watchdog: Fix the race between the release of watchdog_core_data and cdev
powerpc/fixmap: Use __fix_to_virt() instead of fix_to_virt()
scsi: pm80xx: Fix for SATA device discovery
scsi: ufs: Fix error handing during hibern8 enter
scsi: scsi_debug: num_tgts must be >= 0
scsi: NCR5380: Add disconnect_mask module parameter
scsi: target: core: Release SPC-2 reservations when closing a session
scsi: ufs: Fix up auto hibern8 enablement
scsi: iscsi: Don't send data to unbound connection
scsi: target: iscsi: Wait for all commands to finish before freeing a session
f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
habanalabs: skip VA block list update in reset flow
gpio/mpc8xxx: fix qoriq GPIO reading
platform/x86: intel_pmc_core: Fix the SoC naming inconsistency
platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support to intel_pmc_core driver
gpio: mpc8xxx: Don't overwrite default irq_set_type callback
gpio: lynxpoint: Setup correct IRQ handlers
tools/power/x86/intel-speed-select: Ignore missing config level
Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic
apparmor: fix unsigned len comparison with less than zero
drm/amdgpu: Call find_vma under mmap_sem
scripts/kallsyms: fix definitely-lost memory leak
powerpc: Don't add -mabi= flags when building with Clang
cifs: Fix use-after-free bug in cifs_reconnect()
um: virtio: Keep reading on -EAGAIN
io_uring: io_allocate_scq_urings() should return a sane state
of: unittest: fix memory leak in attach_node_and_children
cdrom: respect device capabilities during opening action
cifs: move cifsFileInfo_put logic into a work-queue
perf diff: Use llabs() with 64-bit values
perf script: Fix brstackinsn for AUXTRACE
perf regs: Make perf_reg_name() return "unknown" instead of NULL
s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR
mailbox: imx: Clear the right interrupts at shutdown
libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h
s390/unwind: filter out unreliable bogus %r14
s390/cpum_sf: Check for SDBT and SDB consistency
ocfs2: fix passing zero to 'PTR_ERR' warning
mailbox: imx: Fix Tx doorbell shutdown path
s390: disable preemption when switching to nodat stack with CALL_ON_STACK
selftests: vm: add fragment CONFIG_TEST_VMALLOC
mm/hugetlbfs: fix error handling when setting up mounts
kernel: sysctl: make drop_caches write-only
userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK
Revert "powerpc/vcpu: Assume dedicated processors as non-preempt"
sctp: fix err handling of stream initialization
md: make sure desc_nr less than MD_SB_DISKS
Revert "iwlwifi: assign directly to iwl_trans->cfg in QuZ detection"
netfilter: ebtables: compat: reject all padding in matches/watchers
6pack,mkiss: fix possible deadlock
powerpc: Fix __clear_user() with KUAP enabled
net/smc: add fallback check to connect()
netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
inetpeer: fix data-race in inet_putpeer / inet_putpeer
net: add a READ_ONCE() in skb_peek_tail()
net: icmp: fix data-race in cmp_global_allow()
hrtimer: Annotate lockless access to timer->state
tomoyo: Don't use nifty names on sockets.
uaccess: disallow > INT_MAX copy sizes
drm: limit to INT_MAX in create_blob ioctl
xfs: fix mount failure crash on invalid iclog memory access
cxgb4/cxgb4vf: fix flow control display for auto negotiation
net: dsa: bcm_sf2: Fix IP fragment location and behavior
net/mlxfw: Fix out-of-memory error in mfa2 flash burning
net: phy: aquantia: add suspend / resume ops for AQR105
net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device
net/sched: add delete_empty() to filters and use it in cls_flower
net_sched: sch_fq: properly set sk->sk_pacing_status
net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
ptp: fix the race between the release of ptp_clock and cdev
tcp: Fix highest_sack and highest_sack_seq
udp: fix integer overflow while computing available space in sk_rcvbuf
bnxt_en: Fix MSIX request logic for RDMA driver.
bnxt_en: Free context memory in the open path if firmware has been reset.
bnxt_en: Return error if FW returns more data than dump length
bnxt_en: Fix bp->fw_health allocation and free logic.
bnxt_en: Remove unnecessary NULL checks for fw_health
bnxt_en: Fix the logic that creates the health reporters.
bnxt_en: Add missing devlink health reporters for VFs.
mlxsw: spectrum_router: Skip loopback RIFs during MAC validation
mlxsw: spectrum: Use dedicated policer for VRRP packets
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
ip6_gre: do not confirm neighbor when do pmtu update
gtp: do not confirm neighbor when do pmtu update
net/dst: add new function skb_dst_update_pmtu_no_confirm
tunnel: do not confirm neighbor when do pmtu update
vti: do not confirm neighbor when do pmtu update
sit: do not confirm neighbor when do pmtu update
net/dst: do not confirm neighbor for vxlan and geneve pmtu update
net: dsa: sja1105: Reconcile the meaning of TPID and TPID2 for E/T and P/Q/R/S
net: marvell: mvpp2: phylink requires the link interrupt
gtp: fix wrong condition in gtp_genl_dump_pdp()
gtp: avoid zero size hashtable
bonding: fix active-backup transition after link failure
tcp: do not send empty skb from tcp_write_xmit()
tcp/dccp: fix possible race __inet_lookup_established()
hv_netvsc: Fix tx_table init in rndis_set_subchannel()
gtp: fix an use-after-free in ipv4_pdp_find()
gtp: do not allow adding duplicate tid and ms_addr pdp context
bnxt: apply computed clamp value for coalece parameter
ipv6/addrconf: only check invalid header values when NETLINK_F_STRICT_CHK is set
net: phylink: fix interface passed to mac_link_up
net: ena: fix napi handler misbehavior when the napi budget is zero
vhost/vsock: accept only packets with the right dst_cid
mmc: sdhci-of-esdhc: fix up erratum A-008171 workaround
mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround
mm/hugetlbfs: fix for_each_hstate() loop in init_hugetlbfs_fs()
Linux 5.4.8
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9962505e7207f0004499de4666df6862105e990d
|
||
|
Tetsuo Handa
|
9c24cc6a9d |
tomoyo: Don't use nifty names on sockets.
commit 6f7c41374b62fd80bbd8aae3536c43688c54d95e upstream. syzbot is reporting that use of SOCKET_I()->sk from open() can result in use after free problem [1], for socket's inode is still reachable via /proc/pid/fd/n despite destruction of SOCKET_I()->sk already completed. At first I thought that this race condition applies to only open/getattr permission checks. But James Morris has pointed out that there are more permission checks where this race condition applies to. Thus, get rid of tomoyo_get_socket_name() instead of conditionally bypassing permission checks on sockets. As a side effect of this patch, "socket:[family=\$:type=\$:protocol=\$]" in the policy files has to be rewritten to "socket:[\$]". [1] https://syzkaller.appspot.com/bug?id=73d590010454403d55164cca23bd0565b1eb3b74 Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reported-by: syzbot <syzbot+0341f6a4d729d4e0acf1@syzkaller.appspotmail.com> Reported-by: James Morris <jmorris@namei.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Colin Ian King
|
4f13232aa6 |
apparmor: fix unsigned len comparison with less than zero
[ Upstream commit 00e0590dbaec6f1bcaa36a85467d7e3497ced522 ]
The sanity check in macro update_for_len checks to see if len
is less than zero, however, len is a size_t so it can never be
less than zero, so this sanity check is a no-op. Fix this by
making len a ssize_t so the comparison will work and add ulen
that is a size_t copy of len so that the min() macro won't
throw warnings about comparing different types.
Addresses-Coverity: ("Macro compares unsigned to 0")
Fixes:
|
||
Mark Salyzyn
|
3484eba91d |
FROMLIST: Add flags option to get xattr method paired to __vfs_getxattr
Add a flag option to get xattr method that could have a bit flag of XATTR_NOSECURITY passed to it. XATTR_NOSECURITY is generally then set in the __vfs_getxattr path when called by security infrastructure. This handles the case of a union filesystem driver that is being requested by the security layer to report back the xattr data. For the use case where access is to be blocked by the security layer. The path then could be security(dentry) -> __vfs_getxattr(dentry...XATTR_NOSECURITY) -> handler->get(dentry...XATTR_NOSECURITY) -> __vfs_getxattr(lower_dentry...XATTR_NOSECURITY) -> lower_handler->get(lower_dentry...XATTR_NOSECURITY) which would report back through the chain data and success as expected, the logging security layer at the top would have the data to determine the access permissions and report back the target context that was blocked. Without the get handler flag, the path on a union filesystem would be the errant security(dentry) -> __vfs_getxattr(dentry) -> handler->get(dentry) -> vfs_getxattr(lower_dentry) -> nested -> security(lower_dentry, log off) -> lower_handler->get(lower_dentry) which would report back through the chain no data, and -EACCES. For selinux for both cases, this would translate to a correctly determined blocked access. In the first case with this change a correct avc log would be reported, in the second legacy case an incorrect avc log would be reported against an uninitialized u:object_r:unlabeled:s0 context making the logs cosmetically useless for audit2allow. This patch series is inert and is the wide-spread addition of the flags option for xattr functions, and a replacement of __vfs_getxattr with __vfs_getxattr(...XATTR_NOSECURITY). Signed-off-by: Mark Salyzyn <salyzyn@android.com> Reviewed-by: Jan Kara <jack@suse.cz> Acked-by: Jan Kara <jack@suse.cz> Acked-by: Jeff Layton <jlayton@kernel.org> Acked-by: David Sterba <dsterba@suse.com> Acked-by: Darrick J. Wong <darrick.wong@oracle.com> Acked-by: Mike Marshall <hubcap@omnibond.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: linux-kernel@vger.kernel.org Cc: kernel-team@android.com Cc: linux-security-module@vger.kernel.org (cherry picked from (rejected from archive because of too many recipients)) Signed-off-by: Mark Salyzyn <salyzyn@google.com> Bug: 133515582 Bug: 136124883 Bug: 129319403 Change-Id: Iabbb8771939d5f66667a26bb23ddf4c562c349a1 |
||
|
Greg Kroah-Hartman
|
2a71bdee3f |
Linux 5.4-rc6
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2/T6oeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGB7kH/2asrl7RylHPQfsI pkjPPq32MHLq6Zmr8y0N0hyJCm1Dxu8qCIktqrEV5vsbKdv5pb8EMdQRlhJUtR8e TZdYDGHiL0sFb2HYiEvL0qD9BNeI+Kftw/kUffVXRzyMWex/f5S6mW5QNTuv9SQT Zfa+sXreFPCCyd3jhQFRyguogaCXBmTYvO6glmc96Yi4nA1URtIxNXhXumoklElF 8Ka7UqtoJk2nPns+oV9I5xohghgJHHjA3A96WURku1UdO9dRoHiyS05RjnijBxsk ffenk09qbGvnvvgP93Q23CoTO8ndIm12ZL8C9jX49CS21j5SVG0PLPhS08f70vEf h5K/OtE= =nmDP -----END PGP SIGNATURE----- Merge 5.4-rc6 into android-mainline Linux 5.4-rc6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I211f7159a46cf2a3dbb18afe56777cae1c13ac73 |
||
|
Javier Martinez Canillas
|
359efcc2c9 |
efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
The driver exposes EFI runtime services to user-space through an IOCTL interface, calling the EFI services function pointers directly without using the efivar API. Disallow access to the /dev/efi_test character device when the kernel is locked down to prevent arbitrary user-space to call EFI runtime services. Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged users to call the EFI runtime services, instead of just relying on the chardev file mode bits for this. The main user of this driver is the fwts [0] tool that already checks if the effective user ID is 0 and fails otherwise. So this change shouldn't cause any regression to this tool. [0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Matthew Garrett <mjg59@google.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Link: https://lkml.kernel.org/r/20191029173755.27149-7-ardb@kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Greg Kroah-Hartman
|
630839ac24 |
Linux 5.4-rc3
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2jtUYeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGL28H/Akb3JEXNKHCv3MI 89dzKlLgf/W/e0qJirb9/YdcUL462NUFoC0Bg0qLgLFYdhT94Zp5J68C4oZPJfxA /LrTDsHWrbUtTvhxJqMueVT3JTpkF36ZTvTGwLTHzTqexM/o3kuDWjWTTxZlMGbX Uais/ywmmCVCmaX8IJ3GJFGCJse+T1W73VOSo7bm6C+Ruy6Euwasa9kc40uHiPpD 6Xew9j9AJ0xIV96sLzDFOYAXYFQBZnAbFLA+Ho53TiuG78J6MP4Pm9+1VhMyF1uH mgeA5GAfKpqq/QXf32iMU7s7HTdoF5r1UaQJtu+p6BFTGhd7LrDrh4gA/9Wyv7+t 9stS20U= =ima3 -----END PGP SIGNATURE----- Merge 5.4-rc3 into android-mainline Linux 5.4-rc3 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia87ba662738dd58ddb917e32c1fbd812861e7a46 |
||
Linus Torvalds
|
2ef459167a |
selinux/stable-5.4 PR 20191007
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl2bu6kUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXMsxhAAtoljww3Xur0JpD7y+g2yzKGZqn9F ovqH103NOdpXY3vRN5TL0ZfKEWZz/a2Rjyjz/9+Ix5kKFQuaguk9TVenp4LuAWjy yyo8aSArqwJEpPbrgQDRkjvq08zCcsHSQHwyR44L5MEB8w03Hr+GKFbroR7DkB8R qthF5nRoarblEpdc88s3WbPN/Yz32zRwl3EppSRriIBSBUNr6OP5yO6YDvBdwJso CvmQybMK/iGiZrDzm5jAXzUyI79MHkrrB55roNXIdam9Rnyb9Wqjt9SQgzDLTvO1 Z7c4pXqDn1iMSECAqR7EeKLmsEvnp8omDMqbZOsGiWwka93nuNM4NRhswMF6X3pf EbmBAuj0CokWlRoJAxyxrw/Tn+KXWjyOpOMoNQR7dyyewenzPTWw4zLhiSsl4Epo e1+3PDkJeZhlrtqMcQhep/OgfnPp/8FlgZXNkq1wsMK6SawIiwvxH3mpELE4I8Zk 3yzYZvnxIDNLcx6TmDgDcJyp+P/iuFGK707G6ogCoCK9VqyTs+nwdZn3s2o1KRDW 00LdiuXiqOyfdDthfY/q5suKJoWExh+K1dhQ7Llx169yx3uOjlnzTaSTt8dcvhkh Y+Nf5pEk0MVgnldaIRy/Zzr4y81Q7QW6ZwD62NHCIhcSevYczFOP7K6V/mYFmDT1 xlCDPXeHyuR5DrM= =btWt -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinuxfix from Paul Moore: "One patch to ensure we don't copy bad memory up into userspace" * tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix context string corruption in convert_context() |
||
|
Greg Kroah-Hartman
|
8e9e0abf99 |
Linux 5.4-rc2
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2aXEoeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGZKUH/1S+unzPxmXwraBl ORnOSMCaoepaCS2kc4nFim3hpnwzuFLn8NHPSARPPBO7Jy9Shtku0om66rF6R4DD zoe/QSLvtUqiVU6xuPR8ymjeizN+qj+9RT8tDftCs2QCBqZ/jr/kKiiA32aipnrz IBC+I6eKFN0WqBep5NwAkIAok+JiUBMIEuEXjkF2q0Vw9fnmmNRMm6rPDk1dHgQi K6mr8N3Vbsdadn/XBt4DRje2c593cfOnryPUwyIIBGw5W6EECX6k9CeD+CNNxLYb mPNC34wQsqvbAOsP6Y+2lBLZw+0AG5uLytDrwNNO1JKSEYMSG6wH4t7C6w0IlTQt OkYK3S0= =0ny6 -----END PGP SIGNATURE----- Merge 5.4-rc2 into android-mainline Linux 5.4-rc2 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idfe13500feef5c1095d06c419fa121f751daa459 |
||
Masahiro Yamada
|
7a8beb7ad5 |
integrity: remove pointless subdir-$(CONFIG_...)
The ima/ and evm/ sub-directories contain built-in objects, so obj-$(CONFIG_...) is the correct way to descend into them. subdir-$(CONFIG_...) is redundant. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> |
||
|
Masahiro Yamada
|
6b190d3ce0 |
integrity: remove unneeded, broken attempt to add -fshort-wchar
I guess commit |
||
Ondrej Mosnacek
|
2a5243937c |
selinux: fix context string corruption in convert_context()
string_to_context_struct() may garble the context string, so we need to
copy back the contents again from the old context struct to avoid
storing the corrupted context.
Since string_to_context_struct() tokenizes (and therefore truncates) the
context string and we are later potentially copying it with kstrdup(),
this may eventually cause pieces of uninitialized kernel memory to be
disclosed to userspace (when copying to userspace based on the stored
length and not the null character).
How to reproduce on Fedora and similar:
# dnf install -y memcached
# systemctl start memcached
# semodule -d memcached
# load_policy
# load_policy
# systemctl stop memcached
# ausearch -m AVC
type=AVC msg=audit(1570090572.648:313): avc: denied { signal } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon=73797374656D5F75007400000000000070BE6E847296FFFF726F6D000096FFFF76
Cc: stable@vger.kernel.org
Reported-by: Milos Malik <mmalik@redhat.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
cb33d78781 |
Linux 5.4-rc1
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl2SPPkeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiG3dcH/2iCaNvD0Ify+Ke/ d0Ncf7KhBejfW1pjGjfpfbAQkdaY/gSLsWPJmQ2HT00SmnTJ4y3zvr/HmEE8mIBA fMzY4TFHMRNNEOrCugoNxzjU5ycgIMq5doontDdHeS7Pfa8mgDLLwH/dzoORA0+b T1ZZT3yDsQ92/jW97LEhTv7UcKqgBdVT5PauU/pe6LHpqmzn8XwdiKaNTM1uY8vw U9rIrYnfxCuLfxyK7xUp6bRUlqluZrY4U+pqEnGOVlFYX1xMjjPIE9sDHJ/z5WvY JSH4/aOqVxRII2oU0+uITsO658tS912iUsa8++F6Z5R1gZSqQD1FqrvW7Z0S58Ay vjXIX3Q= =epsM -----END PGP SIGNATURE----- Merge 5.4-rc1 into android-mainline Linux 5.4-rc1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I15eec52df70f829acf81ff614a1c2a5fb443a4e0 |
||
|
Greg Kroah-Hartman
|
94139142d9 |
Merge 5.4-rc1-prelrease into android-mainline
To make the 5.4-rc1 merge easier, merge at a prerelease point in time before the final release happens. Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: If613d657fd0abf9910c5bf3435a745f01b89765e |
||
|
Linus Torvalds
|
aefcf2f4b5 |
Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull kernel lockdown mode from James Morris:
"This is the latest iteration of the kernel lockdown patchset, from
Matthew Garrett, David Howells and others.
From the original description:
This patchset introduces an optional kernel lockdown feature,
intended to strengthen the boundary between UID 0 and the kernel.
When enabled, various pieces of kernel functionality are restricted.
Applications that rely on low-level access to either hardware or the
kernel may cease working as a result - therefore this should not be
enabled without appropriate evaluation beforehand.
The majority of mainstream distributions have been carrying variants
of this patchset for many years now, so there's value in providing a
doesn't meet every distribution requirement, but gets us much closer
to not requiring external patches.
There are two major changes since this was last proposed for mainline:
- Separating lockdown from EFI secure boot. Background discussion is
covered here: https://lwn.net/Articles/751061/
- Implementation as an LSM, with a default stackable lockdown LSM
module. This allows the lockdown feature to be policy-driven,
rather than encoding an implicit policy within the mechanism.
The new locked_down LSM hook is provided to allow LSMs to make a
policy decision around whether kernel functionality that would allow
tampering with or examining the runtime state of the kernel should be
permitted.
The included lockdown LSM provides an implementation with a simple
policy intended for general purpose use. This policy provides a coarse
level of granularity, controllable via the kernel command line:
lockdown={integrity|confidentiality}
Enable the kernel lockdown feature. If set to integrity, kernel features
that allow userland to modify the running kernel are disabled. If set to
confidentiality, kernel features that allow userland to extract
confidential information from the kernel are also disabled.
This may also be controlled via /sys/kernel/security/lockdown and
overriden by kernel configuration.
New or existing LSMs may implement finer-grained controls of the
lockdown features. Refer to the lockdown_reason documentation in
include/linux/security.h for details.
The lockdown feature has had signficant design feedback and review
across many subsystems. This code has been in linux-next for some
weeks, with a few fixes applied along the way.
Stephen Rothwell noted that commit
|
||
|
Linus Torvalds
|
f1f2f614d5 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar: "The major feature in this time is IMA support for measuring and appraising appended file signatures. In addition are a couple of bug fixes and code cleanup to use struct_size(). In addition to the PE/COFF and IMA xattr signatures, the kexec kernel image may be signed with an appended signature, using the same scripts/sign-file tool that is used to sign kernel modules. Similarly, the initramfs may contain an appended signature. This contained a lot of refactoring of the existing appended signature verification code, so that IMA could retain the existing framework of calculating the file hash once, storing it in the IMA measurement list and extending the TPM, verifying the file's integrity based on a file hash or signature (eg. xattrs), and adding an audit record containing the file hash, all based on policy. (The IMA support for appended signatures patch set was posted and reviewed 11 times.) The support for appended signature paves the way for adding other signature verification methods, such as fs-verity, based on a single system-wide policy. The file hash used for verifying the signature and the signature, itself, can be included in the IMA measurement list" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: ima_api: Use struct_size() in kzalloc() ima: use struct_size() in kzalloc() sefltest/ima: support appended signatures (modsig) ima: Fix use after free in ima_read_modsig() MODSIGN: make new include file self contained ima: fix freeing ongoing ahash_request ima: always return negative code for error ima: Store the measurement again when appraising a modsig ima: Define ima-modsig template ima: Collect modsig ima: Implement support for module-style appended signatures ima: Factor xattr_verify() out of ima_appraise_measurement() ima: Add modsig appraise_type option for module-style appended signatures integrity: Select CONFIG_KEYS instead of depending on it PKCS#7: Introduce pkcs7_get_digest() PKCS#7: Refactor verify_pkcs7_signature() MODSIGN: Export module signature definitions ima: initialize the "template" field with the default template |
||
|
Roberto Sassu
|
9f75c82246 |
KEYS: trusted: correctly initialize digests and fix locking issue
Commit |
||
|
Linus Torvalds
|
e94f8ccde4 |
I have four patches for v5.4. Nothing is major. All but one are in
response to mechanically detected potential issues. The remaining patch cleans up kernel-doc notations. -----BEGIN PGP SIGNATURE----- iQJLBAABCAA1FiEEC+9tH1YyUwIQzUIeOKUVfIxDyBEFAl2JI5wXHGNhc2V5QHNj aGF1Zmxlci1jYS5jb20ACgkQOKUVfIxDyBEOJQ/5AXdQTd09LMp9jB54u9Usdm71 +kyJ/KudEja8/pCDDNboiXSfoagRqJ8AbuBAbGLtWLXc3smUcL1mncdfJDJAk88J mbIB+qWMls5fC25udD+B2bF2py+eyVJ7dsnvHZg1mS5KUxYBMWVEqgX9zW0EFgNH xd2/nB314GhULrfqagxxCd/HpbZ3GV1sM+BkfRPx2zm3gJ8xAuXm1xMMgchP9WqH MFJDqk8r1wXCog8OkjQjAYR8zGRJTrP9W6UY9p1L6rp9rtfyPObBuAMLKv3WlXx8 Jz7idqSDNa49V7W3UrWcjXCunbjyPR7HszuuxhTC+EmB1MRU4IdX9I6ZdAaTuxEM jFNwSSjIWRgXkJfLxrDX1ukFPU0JCd8ms7Lzw5YHq2TWt/V/7h4jyUCN8o9BN80r 7WzqdzT4v+Exc6TpqlpkHiQjJFL4ByEzNt3xNVZ3UFIyxnogVi45kL/78PsqDk/j XWqM9bED8dBjM/K3EGqzj0mPCtILLnTm9ZyDvFF75jabf4rk0E354yGcuamoF+eM UTT+3NTPQB/kI5i9av8ibGezInVVRQeHuI1/qIaD/Hsr8K7VJbqlB1k/rUxUZaSy 6g9e0mU2GLgM+eW0EKW0GWpV6/STqzskxu2TW46tobpOykwH9dNKJHhJzx7nEWJi +5kMcGIvFCha6922/sM= =QV1S -----END PGP SIGNATURE----- Merge tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next Pull smack updates from Casey Schaufler: "Four patches for v5.4. Nothing is major. All but one are in response to mechanically detected potential issues. The remaining patch cleans up kernel-doc notations" * tag 'smack-for-5.4-rc1' of git://github.com/cschaufler/smack-next: smack: use GFP_NOFS while holding inode_smack::smk_lock security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() smack: fix some kernel-doc notations Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set |
||
|
Linus Torvalds
|
1b5fb41544 |
Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux
Pull SafeSetID fix from Micah Morton: "Jann Horn sent some patches to fix some bugs in SafeSetID for 5.3. After he had done his testing there were a couple small code tweaks that went in and caused this bug. From what I can see SafeSetID is broken in 5.3 and crashes the kernel every time during initialization if you try to use it. I came across this bug when backporting Jann's changes for 5.3 to older kernels (4.14 and 4.19). I've tested on a Chrome OS device with those kernels and verified that this change fixes things. It doesn't seem super useful to have this bake in linux-next, since it is completely broken in 5.3 and nobody noticed" * tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux: LSM: SafeSetID: Stop releasing uninitialized ruleset |
||
|
Linus Torvalds
|
5825a95fe9 |
selinux/stable-5.4 PR 20190917
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl2BLvcUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXP9pA/+Ls9sRGZoEipycbgRnwkL9/6yFtn4 UCFGMP0eobrjL82i8uMOa/72Budsp3ZaZRxf36NpbMDPyB9ohp5jf7o1WFTELESv EwxVvOMNwrxO2UbzRv3iywnhdPVJ4gHPa4GWfBHu2EEfhz3/Bv0tPIBdeXAbq4aC R0p+M9X0FFEp9eP4ftwOvFGpbZ8zKo1kwgdvCnqLhHDkyqtapqO/ByCTe1VATERP fyxjYDZNnITmI0plaIxCeeudklOTtVSAL4JPh1rk8rZIkUznZ4EBDHxdKiaz3j9C ZtAthiAA9PfAwf4DZSPHnGsfINxeNBKLD65jZn/PUne/gNJEx4DK041X9HXBNwjv OoArw58LCzxtTNZ//WB4CovRpeSdKvmKv0oh61k8cdQahLeHhzXE1wLQbnnBJLI3 CTsumIp4ZPEOX5r4ogdS3UIQpo3KrZump7VO85yUTRni150JpZR3egYpmcJ0So1A QTPemBhC2CHJVTpycYZ9fVTlPeC4oNwosPmvpB8XeGu3w5JpuNSId+BDR/ZlQAmq xWiIocGL3UMuPuJUrTGChifqBAgzK+gLa7S7RYPEnTCkj6LVQwsuP4gBXf75QTG4 FPwVcoMSDFxUDF0oFqwz4GfJlCxBSzX+BkWUn6jIiXKXBnQjU+1gu6KTwE25mf/j snJznFk25hFYFaM= =n4ht -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux updates from Paul Moore: - Add LSM hooks, and SELinux access control hooks, for dnotify, fanotify, and inotify watches. This has been discussed with both the LSM and fs/notify folks and everybody is good with these new hooks. - The LSM stacking changes missed a few calls to current_security() in the SELinux code; we fix those and remove current_security() for good. - Improve our network object labeling cache so that we always return the object's label, even when under memory pressure. Previously we would return an error if we couldn't allocate a new cache entry, now we always return the label even if we can't create a new cache entry for it. - Convert the sidtab atomic_t counter to a normal u32 with READ/WRITE_ONCE() and memory barrier protection. - A few patches to policydb.c to clean things up (remove forward declarations, long lines, bad variable names, etc) * tag 'selinux-pr-20190917' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: lsm: remove current_security() selinux: fix residual uses of current_security() for the SELinux blob selinux: avoid atomic_t usage in sidtab fanotify, inotify, dnotify, security: add security hook for fs notifications selinux: always return a secid from the network caches if we find one selinux: policydb - rename type_val_to_struct_array selinux: policydb - fix some checkpatch.pl warnings selinux: shuffle around policydb.c to get rid of forward declarations |
||
Micah Morton
|
21ab8580b3 |
LSM: SafeSetID: Stop releasing uninitialized ruleset
The first time a rule set is configured for SafeSetID, we shouldn't be trying to release the previously configured ruleset, since there isn't one. Currently, the pointer that would point to a previously configured ruleset is uninitialized on first rule set configuration, leading to a crash when we try to call release_ruleset with that pointer. Acked-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
Matthew Garrett
|
f8a9bc623a |
security: constify some arrays in lockdown LSM
No reason for these not to be const. Signed-off-by: Matthew Garrett <mjg59@google.com> Suggested-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Greg Kroah-Hartman
|
b7ee32b12f |
Linux 5.3-rc8
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl11ZZIeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGUEYH/3dOHJ00BhSQNL39 KSk1cuVq0UHIGcdOK+qp+3YLzaO6rpKJ7HYuQQ4ddLJwZ8wWGUZ03eDkp689axkb XMMhcbuaQ5AZT017UPPU/9ECqJtKmLHZEm3y4cU2ybFhI76eDD4S07xfC/L5h/xc aWyRRPBQhjZHIdCejg9eSJNMQJycW7l7npMEBeE9qDRmCWxZUHten2jBcL0XpXPw BJ0T7XKFHsbh/RP7K/7GHFxVZXPO8rl8pIlRaX+3bKqgUV721LwR+gyHbFYYntlC 7tfL4KcG9lQvCoUuh1cMtnZuMzc88TGdI5xb7Y1Gq6HtR7LTLLrfpp3nwqst912u xq8iHpw= =WnfD -----END PGP SIGNATURE----- Merge 5.3-rc8 into android-mainline Linux 5.3-rc8 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2908bd47266c7645d360bbe273bb10ada3cc8e3c |
||
Hillf Danton
|
d41a3effbb |
keys: Fix missing null pointer check in request_key_auth_describe()
If a request_key authentication token key gets revoked, there's a window in
which request_key_auth_describe() can see it with a NULL payload - but it
makes no check for this and something like the following oops may occur:
BUG: Kernel NULL pointer dereference at 0x00000038
Faulting instruction address: 0xc0000000004ddf30
Oops: Kernel access of bad area, sig: 11 [#1]
...
NIP [...] request_key_auth_describe+0x90/0xd0
LR [...] request_key_auth_describe+0x54/0xd0
Call Trace:
[...] request_key_auth_describe+0x54/0xd0 (unreliable)
[...] proc_keys_show+0x308/0x4c0
[...] seq_read+0x3d0/0x540
[...] proc_reg_read+0x90/0x110
[...] __vfs_read+0x3c/0x70
[...] vfs_read+0xb4/0x1b0
[...] ksys_read+0x7c/0x130
[...] system_call+0x5c/0x70
Fix this by checking for a NULL pointer when describing such a key.
Also make the read routine check for a NULL pointer to be on the safe side.
[DH: Modified to not take already-held rcu lock and modified to also check
in the read routine]
Fixes:
|
||
|
Stephen Smalley
|
169ce0c081 |
selinux: fix residual uses of current_security() for the SELinux blob
We need to use selinux_cred() to fetch the SELinux cred blob instead
of directly using current->security or current_security(). There
were a couple of lingering uses of current_security() in the SELinux code
that were apparently missed during the earlier conversions. IIUC, this
would only manifest as a bug if multiple security modules including
SELinux are enabled and SELinux is not first in the lsm order. After
this change, there appear to be no other users of current_security()
in-tree; perhaps we should remove it altogether.
Fixes:
|
||
|
Eric Biggers
|
e5bfad3d7a
|
smack: use GFP_NOFS while holding inode_smack::smk_lock
inode_smack::smk_lock is taken during smack_d_instantiate(), which is called during a filesystem transaction when creating a file on ext4. Therefore to avoid a deadlock, all code that takes this lock must use GFP_NOFS, to prevent memory reclaim from waiting for the filesystem transaction to complete. Reported-by: syzbot+0eefc1e06a77d327a056@syzkaller.appspotmail.com Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> |
||
Jia-Ju Bai
|
3f4287e7d9
|
security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
In smack_socket_sock_rcv_skb(), there is an if statement
on line 3920 to check whether skb is NULL:
if (skb && skb->secmark != 0)
This check indicates skb can be NULL in some cases.
But on lines 3931 and 3932, skb is used:
ad.a.u.net->netif = skb->skb_iif;
ipv6_skb_to_auditdata(skb, &ad.a, NULL);
Thus, possible null-pointer dereferences may occur when skb is NULL.
To fix these possible bugs, an if statement is added to check skb.
These bugs are found by a static analysis tool STCheck written by us.
Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
|
||
luanshi
|
a1a07f2234
|
smack: fix some kernel-doc notations
Fix/add kernel-doc notation and fix typos in security/smack/. Signed-off-by: Liguang Zhang <zhangliguang@linux.alibaba.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> |
||
Jann Horn
|
3675f052b4
|
Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
There is a logic bug in the current smack_bprm_set_creds():
If LSM_UNSAFE_PTRACE is set, but the ptrace state is deemed to be
acceptable (e.g. because the ptracer detached in the meantime), the other
->unsafe flags aren't checked. As far as I can tell, this means that
something like the following could work (but I haven't tested it):
- task A: create task B with fork()
- task B: set NO_NEW_PRIVS
- task B: install a seccomp filter that makes open() return 0 under some
conditions
- task B: replace fd 0 with a malicious library
- task A: attach to task B with PTRACE_ATTACH
- task B: execve() a file with an SMACK64EXEC extended attribute
- task A: while task B is still in the middle of execve(), exit (which
destroys the ptrace relationship)
Make sure that if any flags other than LSM_UNSAFE_PTRACE are set in
bprm->unsafe, we reject the execve().
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
94cc606e3e |
Linux 5.3-rc7
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl1tSg4eHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiG018IAJGV7SbXggW/iC+e cSMlo8kPnuU7dKCUW+ngXnZY1xuDYWPhXMX9+yDYf2NfMYGdDGYZ+GRjSFim816w HsNsovnYiyxhkh+wA/DmZPWKdTgYrIxbPRO+MlO5ZfbxWNaLgSjqirz0iBITSv3S r2XLmFw8GVACv/GkNGrWBM53wpkJLHzvwaV9hg6dr8HFDipaEn7vEY9/LAN3S3fw reVwW6Q4N4+RSofM1eIGgAZsTYbYBDfri94mRQZ3y+Q8EkRGkJ270WKA0OAVFYS7 KA6nrjvGSYVtmDK3HORjbINQn3bXwIKeMZHl15c+LGM9ePwoHbsN3+smBswRX+R3 JDQjkhY= =DV37 -----END PGP SIGNATURE----- Merge 5.3-rc7' into android-mainline Linux 5.3-rc7 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idb7a4bac47aad24a134ab4e98ea40e7bf201895b |
||
|
Eric Biggers
|
846d2db3e0 |
keys: ensure that ->match_free() is called in request_key_and_link()
If check_cached_key() returns a non-NULL value, we still need to call
key_type::match_free() to undo key_type::match_preparse().
Fixes:
|
||
Gustavo A. R. Silva
|
2a7f0e53da |
ima: ima_api: Use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct ima_template_entry {
...
struct ima_field_data template_data[0]; /* template related data */
};
instance = kzalloc(sizeof(struct ima_template_entry) + count * sizeof(struct ima_field_data), GFP_NOFS);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_NOFS);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
|
Gustavo A. R. Silva
|
fa5b571753 |
ima: use struct_size() in kzalloc()
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct foo {
int stuff;
struct boo entry[];
};
instance = kzalloc(sizeof(struct foo) + count * sizeof(struct boo), GFP_KERNEL);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kzalloc(struct_size(instance, entry, count), GFP_KERNEL);
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
|
||
Thiago Jung Bauermann
|
556d971bda |
ima: Fix use after free in ima_read_modsig()
If we can't parse the PKCS7 in the appended modsig, we will free the modsig
structure and then access one of its members to determine the error value.
Fixes:
|
||
|
Ondrej Mosnacek
|
116f21bb96 |
selinux: avoid atomic_t usage in sidtab
As noted in Documentation/atomic_t.txt, if we don't need the RMW atomic operations, we should only use READ_ONCE()/WRITE_ONCE() + smp_rmb()/smp_wmb() where necessary (or the combined variants smp_load_acquire()/smp_store_release()). This patch converts the sidtab code to use regular u32 for the counter and reverse lookup cache and use the appropriate operations instead of atomic_get()/atomic_set(). Note that when reading/updating the reverse lookup cache we don't need memory barriers as it doesn't need to be consistent or accurate. We can now also replace some atomic ops with regular loads (when under spinlock) and stores (for conversion target fields that are always accessed under the master table's spinlock). We can now also bump SIDTAB_MAX to U32_MAX as we can use the full u32 range again. Suggested-by: Jann Horn <jannh@google.com> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Reviewed-by: Jann Horn <jannh@google.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Greg Kroah-Hartman
|
a5bd47ef3f |
Linux 5.3-rc5
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl1Zw6ceHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGbiUH/0kqDBzkpne1odxW LeAPtTgmxDbcOE/bgIk374e95mn3EP3arna01BLc5ztwkQ521f4Iw5mKW5InZcyu 3/IvpYeQUcdazphWSu72VnUZ8QfYNh4NJDjAx6iyliQ1NpJF9LLYLWWjlqwGbWHQ USbwp7A+56m1AWWmce2r50DK7jEZShKxRBQrXNXtvn8+YaVMvmdZpT6ejyG52J+4 zr9yYrT9sa5jcPGPnWN/sx03/BPij+yOFKKe8L9vprb3uEmNKPvqtAbUpI0QYw6j T+eZELLxAOsUk84kxQyTLCU/GMesP6hIaE93HlpmgcQkBBzK7H5SBN37r8OJjOeS IXlJX4c= =9Iey -----END PGP SIGNATURE----- Merge 5.3-rc5 into android-mainline Linux 5.3-rc5 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ibfaea1b9aca9f04a59def096f327c2afbd0cb296 |
||
|
Matthew Garrett
|
b602614a81 |
lockdown: Print current->comm in restriction messages
Print the content of current->comm in messages generated by lockdown to
indicate a restriction that was hit. This makes it a bit easier to find
out what caused the message.
The message now patterned something like:
Lockdown: <comm>: <what> is restricted; see man kernel_lockdown.7
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
ccbd54ff54 |
tracefs: Restrict tracefs when the kernel is locked down
Tracefs may release more information about the kernel than desirable, so restrict it when the kernel is locked down in confidentiality mode by preventing open(). (Fixed by Ben Hutchings to avoid a null dereference in default_file_open()) Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Cc: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: James Morris <jmorris@namei.org> |
||
David Howells
|
5496197f9b |
debugfs: Restrict debugfs when the kernel is locked down
Disallow opening of debugfs files that might be used to muck around when
the kernel is locked down as various drivers give raw access to hardware
through debugfs. Given the effort of auditing all 2000 or so files and
manually fixing each one as necessary, I've chosen to apply a heuristic
instead. The following changes are made:
(1) chmod and chown are disallowed on debugfs objects (though the root dir
can be modified by mount and remount, but I'm not worried about that).
(2) When the kernel is locked down, only files with the following criteria
are permitted to be opened:
- The file must have mode 00444
- The file must not have ioctl methods
- The file must not have mmap
(3) When the kernel is locked down, files may only be opened for reading.
Normal device interaction should be done through configfs, sysfs or a
miscdev, not debugfs.
Note that this makes it unnecessary to specifically lock down show_dsts(),
show_devs() and show_call() in the asus-wmi driver.
I would actually prefer to lock down all files by default and have the
the files unlocked by the creator. This is tricky to manage correctly,
though, as there are 19 creation functions and ~1600 call sites (some of
them in loops scanning tables).
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Andy Shevchenko <andy.shevchenko@gmail.com>
cc: acpi4asus-user@lists.sourceforge.net
cc: platform-driver-x86@vger.kernel.org
cc: Matthew Garrett <mjg59@srcf.ucam.org>
cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Greg KH <greg@kroah.com>
Cc: Rafael J. Wysocki <rafael@kernel.org>
Signed-off-by: Matthew Garrett <matthewgarrett@google.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
29d3c1c8df |
kexec: Allow kexec_file() with appropriate IMA policy when locked down
Systems in lockdown mode should block the kexec of untrusted kernels. For x86 and ARM we can ensure that a kernel is trustworthy by validating a PE signature, but this isn't possible on other architectures. On those platforms we can use IMA digital signatures instead. Add a function to determine whether IMA has or will verify signatures for a given event type, and if so permit kexec_file() even if the kernel is otherwise locked down. This is restricted to cases where CONFIG_INTEGRITY_TRUSTED_KEYRING is set in order to prevent an attacker from loading additional keys at runtime. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Mimi Zohar <zohar@linux.ibm.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: linux-integrity@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
b0c8fdc7fd |
lockdown: Lock down perf when in confidentiality mode
Disallow the use of certain perf facilities that might allow userspace to access kernel data. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
9d1f8be5cf |
bpf: Restrict bpf when kernel lockdown is in confidentiality mode
bpf_read() and bpf_read_str() could potentially be abused to (eg) allow private keys in kernel memory to be leaked. Disable them if the kernel has been locked down in confidentiality mode. Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: netdev@vger.kernel.org cc: Chun-Yi Lee <jlee@suse.com> cc: Alexei Starovoitov <alexei.starovoitov@gmail.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
a94549dd87 |
lockdown: Lock down tracing and perf kprobes when in confidentiality mode
Disallow the creation of perf and ftrace kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data, but continues to allow the use of kprobes from signed modules. Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Masami Hiramatsu <mhiramat@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com> Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> Cc: davem@davemloft.net Cc: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
02e935bf5b |
lockdown: Lock down /proc/kcore
Disallow access to /proc/kcore when the kernel is locked down to prevent access to cryptographic data. This is limited to lockdown confidentiality mode and is still permitted in integrity mode. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
906357f77a |
x86/mmiotrace: Lock down the testmmiotrace module
The testmmiotrace module shouldn't be permitted when the kernel is locked down as it can be used to arbitrarily read and write MMIO space. This is a runtime check rather than buildtime in order to allow configurations where the same kernel may be run in both locked down or permissive modes depending on local policy. Suggested-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Reviewed-by: Kees Cook <keescook@chromium.org> cc: Thomas Gleixner <tglx@linutronix.de> cc: Steven Rostedt <rostedt@goodmis.org> cc: Ingo Molnar <mingo@kernel.org> cc: "H. Peter Anvin" <hpa@zytor.com> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
20657f66ef |
lockdown: Lock down module params that specify hardware parameters (eg. ioport)
Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). Suggested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Jessica Yu <jeyu@kernel.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
794edf30ee |
lockdown: Lock down TIOCSSERIAL
Lock down TIOCSSERIAL as that can be used to change the ioport and irq settings on a serial port. This only appears to be an issue for the serial drivers that use the core serial code. All other drivers seem to either ignore attempts to change port/irq or give an error. Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: Jiri Slaby <jslaby@suse.com> Cc: linux-serial@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
3f19cad3fa |
lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
Prohibit replacement of the PCMCIA Card Information Structure when the kernel is locked down. Suggested-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org> |
||
Matthew Garrett
|
f474e1486b |
ACPI: Limit access to custom_method when the kernel is locked down
custom_method effectively allows arbitrary access to system memory, making it possible for an attacker to circumvent restrictions on module loading. Disable it if the kernel is locked down. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: linux-acpi@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
95f5e95f41 |
x86/msr: Restrict MSR access when the kernel is locked down
Writing to MSRs should not be allowed if the kernel is locked down, since it could lead to execution of arbitrary code in kernel mode. Based on a patch by Kees Cook. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
96c4f67293 |
x86: Lock down IO port access when the kernel is locked down
IO port access would permit users to gain access to PCI configuration registers, which in turn (on a lot of hardware) give access to MMIO register space. This would potentially permit root to trigger arbitrary DMA, so lock it down by default. This also implicitly locks down the KDADDIO, KDDELIO, KDENABIO and KDDISABIO console ioctls. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
eb627e1772 |
PCI: Lock down BAR access when the kernel is locked down
Any hardware that can potentially generate DMA has to be locked down in order to avoid it being possible for an attacker to modify kernel code, allowing them to circumvent disabled module loading or module signing. Default to paranoid - in future we can potentially relax this for sufficiently IOMMU-isolated devices. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Bjorn Helgaas <bhelgaas@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: linux-pci@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Josh Boyer
|
38bd94b8a1 |
hibernate: Disable when the kernel is locked down
There is currently no way to verify the resume image when returning from hibernate. This might compromise the signed modules trust model, so until we can work with signed hibernate images we disable it when the kernel is locked down. Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: rjw@rjwysocki.net Cc: pavel@ucw.cz cc: linux-pm@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
Jiri Bohac
|
99d5cadfde |
kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE
This is a preparatory patch for kexec_file_load() lockdown. A locked down kernel needs to prevent unsigned kernel images from being loaded with kexec_file_load(). Currently, the only way to force the signature verification is compiling with KEXEC_VERIFY_SIG. This prevents loading usigned images even when the kernel is not locked down at runtime. This patch splits KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE. Analogous to the MODULE_SIG and MODULE_SIG_FORCE for modules, KEXEC_SIG turns on the signature verification but allows unsigned images to be loaded. KEXEC_SIG_FORCE disallows images without a valid signature. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
7d31f4602f |
kexec_load: Disable at runtime if the kernel is locked down
The kexec_load() syscall permits the loading and execution of arbitrary code in ring 0, which is something that lock-down is meant to prevent. It makes sense to disable kexec_load() in this situation. This does not affect kexec_file_load() syscall which can check for a signature on the image to be booted. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Dave Young <dyoung@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> cc: kexec@lists.infradead.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
9b9d8dda1e |
lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down
Allowing users to read and write to core kernel memory makes it possible for the kernel to be subverted, avoiding module loading restrictions, and also to steal cryptographic information. Disallow /dev/mem and /dev/kmem from being opened this when the kernel has been locked down to prevent this. Also disallow /dev/port from being opened to prevent raw ioport access and thus DMA from being used to accomplish the same thing. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: x86@kernel.org Signed-off-by: James Morris <jmorris@namei.org> |
||
|
David Howells
|
49fcf732bd |
lockdown: Enforce module signatures if the kernel is locked down
If the kernel is locked down, require that all modules have valid
signatures that we can verify.
I have adjusted the errors generated:
(1) If there's no signature (ENODATA) or we can't check it (ENOPKG,
ENOKEY), then:
(a) If signatures are enforced then EKEYREJECTED is returned.
(b) If there's no signature or we can't check it, but the kernel is
locked down then EPERM is returned (this is then consistent with
other lockdown cases).
(2) If the signature is unparseable (EBADMSG, EINVAL), the signature fails
the check (EKEYREJECTED) or a system error occurs (eg. ENOMEM), we
return the error we got.
Note that the X.509 code doesn't check for key expiry as the RTC might not
be valid or might not have been transferred to the kernel's clock yet.
[Modified by Matthew Garrett to remove the IMA integration. This will
be replaced with integration with the IMA architecture policy
patchset.]
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <matthewgarrett@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Jessica Yu <jeyu@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
|
||
|
Matthew Garrett
|
000d388ed3 |
security: Add a static lockdown policy LSM
While existing LSMs can be extended to handle lockdown policy, distributions generally want to be able to apply a straightforward static policy. This patch adds a simple LSM that can be configured to reject either integrity or all lockdown queries, and can be configured at runtime (through securityfs), boot time (via a kernel parameter) or build time (via a kconfig option). Based on initial code by David Howells. Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
9e47d31d6a |
security: Add a "locked down" LSM hook
Add a mechanism to allow LSMs to make a policy decision around whether kernel functionality that would allow tampering with or examining the runtime state of the kernel should be permitted. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Matthew Garrett
|
e6b1db98cf |
security: Support early LSMs
The lockdown module is intended to allow for kernels to be locked down early in boot - sufficiently early that we don't have the ability to kmalloc() yet. Add support for early initialisation of some LSMs, and then add them to the list of names when we do full initialisation later. Early LSMs are initialised in link order and cannot be overridden via boot parameters, and cannot make use of kmalloc() (since the allocator isn't initialised yet). (Fixed by Stephen Rothwell to include a stub to fix builds when !CONFIG_SECURITY) Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: James Morris <jmorris@namei.org> |
||
|
Roberto Sassu
|
2d6c25215a |
KEYS: trusted: allow module init if TPM is inactive or deactivated
Commit |
||
Aaron Goidel
|
ac5656d8a4 |
fanotify, inotify, dnotify, security: add security hook for fs notifications
As of now, setting watches on filesystem objects has, at most, applied a check for read access to the inode, and in the case of fanotify, requires CAP_SYS_ADMIN. No specific security hook or permission check has been provided to control the setting of watches. Using any of inotify, dnotify, or fanotify, it is possible to observe, not only write-like operations, but even read access to a file. Modeling the watch as being merely a read from the file is insufficient for the needs of SELinux. This is due to the fact that read access should not necessarily imply access to information about when another process reads from a file. Furthermore, fanotify watches grant more power to an application in the form of permission events. While notification events are solely, unidirectional (i.e. they only pass information to the receiving application), permission events are blocking. Permission events make a request to the receiving application which will then reply with a decision as to whether or not that action may be completed. This causes the issue of the watching application having the ability to exercise control over the triggering process. Without drawing a distinction within the permission check, the ability to read would imply the greater ability to control an application. Additionally, mount and superblock watches apply to all files within the same mount or superblock. Read access to one file should not necessarily imply the ability to watch all files accessed within a given mount or superblock. In order to solve these issues, a new LSM hook is implemented and has been placed within the system calls for marking filesystem objects with inotify, fanotify, and dnotify watches. These calls to the hook are placed at the point at which the target path has been resolved and are provided with the path struct, the mask of requested notification events, and the type of object on which the mark is being set (inode, superblock, or mount). The mask and obj_type have already been translated into common FS_* values shared by the entirety of the fs notification infrastructure. The path struct is passed rather than just the inode so that the mount is available, particularly for mount watches. This also allows for use of the hook by pathname-based security modules. However, since the hook is intended for use even by inode based security modules, it is not placed under the CONFIG_SECURITY_PATH conditional. Otherwise, the inode-based security modules would need to enable all of the path hooks, even though they do not use any of them. This only provides a hook at the point of setting a watch, and presumes that permission to set a particular watch implies the ability to receive all notification about that object which match the mask. This is all that is required for SELinux. If other security modules require additional hooks or infrastructure to control delivery of notification, these can be added by them. It does not make sense for us to propose hooks for which we have no implementation. The understanding that all notifications received by the requesting application are all strictly of a type for which the application has been granted permission shows that this implementation is sufficient in its coverage. Security modules wishing to provide complete control over fanotify must also implement a security_file_open hook that validates that the access requested by the watching application is authorized. Fanotify has the issue that it returns a file descriptor with the file mode specified during fanotify_init() to the watching process on event. This is already covered by the LSM security_file_open hook if the security module implements checking of the requested file mode there. Otherwise, a watching process can obtain escalated access to a file for which it has not been authorized. The selinux_path_notify hook implementation works by adding five new file permissions: watch, watch_mount, watch_sb, watch_reads, and watch_with_perm (descriptions about which will follow), and one new filesystem permission: watch (which is applied to superblock checks). The hook then decides which subset of these permissions must be held by the requesting application based on the contents of the provided mask and the obj_type. The selinux_file_open hook already checks the requested file mode and therefore ensures that a watching process cannot escalate its access through fanotify. The watch, watch_mount, and watch_sb permissions are the baseline permissions for setting a watch on an object and each are a requirement for any watch to be set on a file, mount, or superblock respectively. It should be noted that having either of the other two permissions (watch_reads and watch_with_perm) does not imply the watch, watch_mount, or watch_sb permission. Superblock watches further require the filesystem watch permission to the superblock. As there is no labeled object in view for mounts, there is no specific check for mount watches beyond watch_mount to the inode. Such a check could be added in the future, if a suitable labeled object existed representing the mount. The watch_reads permission is required to receive notifications from read-exclusive events on filesystem objects. These events include accessing a file for the purpose of reading and closing a file which has been opened read-only. This distinction has been drawn in order to provide a direct indication in the policy for this otherwise not obvious capability. Read access to a file should not necessarily imply the ability to observe read events on a file. Finally, watch_with_perm only applies to fanotify masks since it is the only way to set a mask which allows for the blocking, permission event. This permission is needed for any watch which is of this type. Though fanotify requires CAP_SYS_ADMIN, this is insufficient as it gives implicit trust to root, which we do not do, and does not support least privilege. Signed-off-by: Aaron Goidel <acgoide@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Jan Kara <jack@suse.cz> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
Sascha Hauer
|
4ece3125f2 |
ima: fix freeing ongoing ahash_request
integrity_kernel_read() can fail in which case we forward to call ahash_request_free() on a currently running request. We have to wait for its completion before we can free the request. This was observed by interrupting a "find / -type f -xdev -print0 | xargs -0 cat 1>/dev/null" with ctrl-c on an IMA enabled filesystem. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Sascha Hauer
|
f5e1040196 |
ima: always return negative code for error
integrity_kernel_read() returns the number of bytes read. If this is a short read then this positive value is returned from ima_calc_file_hash_atfm(). Currently this is only indirectly called from ima_calc_file_hash() and this function only tests for the return value being zero or nonzero and also doesn't forward the return value. Nevertheless there's no point in returning a positive value as an error, so translate a short read into -EINVAL. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
e5092255bb |
ima: Store the measurement again when appraising a modsig
If the IMA template contains the "modsig" or "d-modsig" field, then the modsig should be added to the measurement list when the file is appraised. And that is what normally happens, but if a measurement rule caused a file containing a modsig to be measured before a different rule causes it to be appraised, the resulting measurement entry will not contain the modsig because it is only fetched during appraisal. When the appraisal rule triggers, it won't store a new measurement containing the modsig because the file was already measured. We need to detect that situation and store an additional measurement with the modsig. This is done by adding an IMA_MEASURE action flag if we read a modsig and the IMA template contains a modsig field. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
3878d505aa |
ima: Define ima-modsig template
Define new "d-modsig" template field which holds the digest that is expected to match the one contained in the modsig, and also new "modsig" template field which holds the appended file signature. Add a new "ima-modsig" defined template descriptor with the new fields as well as the ones from the "ima-sig" descriptor. Change ima_store_measurement() to accept a struct modsig * argument so that it can be passed along to the templates via struct ima_event_data. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
15588227e0 |
ima: Collect modsig
Obtain the modsig and calculate its corresponding hash in ima_collect_measurement(). Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
39b0709636 |
ima: Implement support for module-style appended signatures
Implement the appraise_type=imasig|modsig option, allowing IMA to read and verify modsig signatures. In case a file has both an xattr signature and an appended modsig, IMA will only use the appended signature if the key used by the xattr signature isn't present in the IMA or platform keyring. Because modsig verification needs to convert from an integrity keyring id to the keyring itself, add an integrity_keyring_from_id() function in digsig.c so that integrity_modsig_verify() can use it. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
a5fbeb615c |
ima: Factor xattr_verify() out of ima_appraise_measurement()
Verify xattr signature in a separate function so that the logic in ima_appraise_measurement() remains clear when it gains the ability to also verify an appended module signature. The code in the switch statement is unchanged except for having to dereference the status and cause variables (since they're now pointers), and fixing the style of a block comment to appease checkpatch. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
9044d627fd |
ima: Add modsig appraise_type option for module-style appended signatures
Introduce the modsig keyword to the IMA policy syntax to specify that a given hook should expect the file to have the IMA signature appended to it. Here is how it can be used in a rule: appraise func=KEXEC_KERNEL_CHECK appraise_type=imasig|modsig With this rule, IMA will accept either a signature stored in the extended attribute or an appended signature. For now, the rule above will behave exactly the same as if appraise_type=imasig was specified. The actual modsig implementation will be introduced separately. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
cf38fed1e1 |
integrity: Select CONFIG_KEYS instead of depending on it
This avoids a dependency cycle in soon-to-be-introduced CONFIG_IMA_APPRAISE_MODSIG: it will select CONFIG_MODULE_SIG_FORMAT which in turn selects CONFIG_KEYS. Kconfig then complains that CONFIG_INTEGRITY_SIGNATURE depends on CONFIG_KEYS. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Paul Moore
|
9b80c36353 |
selinux: always return a secid from the network caches if we find one
Previously if we couldn't find an entry in the cache and we failed to allocate memory for a new cache entry we would fail the network object label lookup; this is obviously not ideal. This patch fixes this so that we return the object label even if we can't cache the object at this point in time due to memory pressure. The GitHub issue tracker is below: * https://github.com/SELinuxProject/selinux-kernel/issues/3 Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Ondrej Mosnacek
|
f07ea1d4ed |
selinux: policydb - rename type_val_to_struct_array
The name is overly long and inconsistent with the other *_val_to_struct members. Dropping the "_array" prefix makes the code easier to read and gets rid of one line over 80 characters warning. Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Ondrej Mosnacek
|
2492acaf1e |
selinux: policydb - fix some checkpatch.pl warnings
Fix most of the code style warnings discovered when moving code around. Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Paul Moore
|
0eb2f29624 |
selinux: shuffle around policydb.c to get rid of forward declarations
No code changes, but move a lot of the policydb destructors higher up so we can get rid of a forward declaration. This patch does expose a few old checkpatch.pl errors, but those will be dealt with in a separate (set of) patches. Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Greg Kroah-Hartman
|
bb7558ad30 |
Merge 5.3-rc3 into android-mainline
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1f0fb3deeb086ca6f4f362f298c01cb13b3d9c2b |
||
|
Linus Torvalds
|
4f1a6ef1df |
selinux/stable-5.3 PR 20190801
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl1DbfsUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXPB9A/+Kr17ng4Oygg0fIO+dW1KrHu64ZCm TkLff1+9uNmWSu1NOsctJDQ5kSbBV7XgCT/wv8dT0TfA55D3CX11LtbhqVsIaASA 8iSq2FNgt91d8AIlw0X+5tXljswWLHTJw29ROY/SC2Eyhj5G2fT8eOwMtz59AmJv rHlFt9VfAw7Faf4/egccmxS6fqE7p6gt4Prf77ZYSB8r9dlLDKqW8HT59UyE58MU 09mK1hqE40U6+wZVuU95ATqtQRMrn4pRgTOEgO9j7xUeLKC6z9cbVRAWtzAcWMRr /bHuRm30ij83kHI18gYvXjMBr9Jierg+brW1s/sTV7KSXAyTYYXzUnQYgTHqbhJq Do+dggZwCbze19IGfPafI8fjUoGU1tBuPkcy3+Ag8r4+2yB+z+fuN1PxP+AqWZZC X1lQhtUlNfHNFmB/1XBTVzDaozKmKp56DiDjCmPvgcH5kWtc35ZTUuXk1YmYtB+a O76haRE5386K0SzEAJ4SaPpHPyWzg1Qgi7EQlJy2x8uGc2R4QkXZrj/uGyOL90QJ zjPNUPtqSAoLVzemA+PG7BZ/gcGVXuwrwHIPHprg/l/VVNl+4azW5b595pyHh5xL 0d8A0j/zz1E+A8vzqK9/G0nlLgYw6+yIuI42aT3qBhbxDJDRzvZH8w07W93F4+df 9+y0Fx+2HSsvbVA= =pIeX -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux fix from Paul Moore: "One more small fix for a potential memory leak in an error path" * tag 'selinux-pr-20190801' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix memory leak in policydb_init() |
||
Mimi Zohar
|
b36f281f4a |
ima: initialize the "template" field with the default template
IMA policy rules are walked sequentially. Depending on the ordering of
the policy rules, the "template" field might be defined in one rule, but
will be replaced by subsequent, applicable rules, even if the rule does
not explicitly define the "template" field.
This patch initializes the "template" once and only replaces the
"template", when explicitly defined.
Fixes:
|
||
|
Ondrej Mosnacek
|
45385237f6 |
selinux: fix memory leak in policydb_init()
Since roles_init() adds some entries to the role hash table, we need to
destroy also its keys/values on error, otherwise we get a memory leak in
the error path.
Cc: <stable@vger.kernel.org>
Reported-by: syzbot+fee3a14d4cdf92646287@syzkaller.appspotmail.com
Fixes:
|
||
|
Greg Kroah-Hartman
|
bea0791583 |
Linux 5.3-rc2
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl09+8IeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGMtgH/3yxnVbzgPatWSd9 w5ahpB+nQ2sludZQXcqmychDsNoGlhxmSxxufxUJ6OL7/lOnfjb4Bc3icNltVlCk s32YyOH7Z/f+zGBE2IkCUK0ttr5bDdENmwJUOjoB39KsPXNK1y46x83QLeorKvBA kOyPtjhgy0nL2UaiM0HKuzMoypslKqwaw4ptXzHQBUkib+WdxVGYLQrTjflkpUMl 71EYwNnVgKwYRuvnMATB5bSgQCASInuF5eHJv9N7XbnBjJ9yVZNARvWW1sX4gNVe vCET+mCRWsMD80Sdnt9RJ8Nt2AEf0dgk2fAVwKqX58vuMIXlD27dayIYkVmJojE0 YuAvnAU= =X832 -----END PGP SIGNATURE----- Merge 5.3-rc2 into android-mainline Linux 5.3-rc2 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4d36fd27ccc8cd773ba1b97dc3bd382e99a4dd7a |
||
|
Linus Torvalds
|
c622fc5f54 |
meminit fix
- Disable gcc-based stack variable auto-init under KASAN (Arnd Bergmann) -----BEGIN PGP SIGNATURE----- Comment: Kees Cook <kees@outflux.net> iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAl099MsWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJr6GD/0Xl/YxeXPnKIHoafoqMCBAY12f OnRZ2N6YCikYfLwgBnTAAyQi3P0qU8ffjt4LjoPxzByUPBmZ+VkUBXU1eNUuU0mT 4CX+ZakeWp5atbg7Ja7DAThBrJS4DYRzXiGB1Is8IACD/zkkRDoGU1tN+3nubtlk F2SYtmJBz/6pje2ksLDmuSS1sapaom7Cs4khB/oDb8HOsqydS0CpzN7Oa/Di3HoZ yUbyM3bcgmYECasGt7zVOLzr/EcI4T7rtLhMTnFBMbfckQJBPc7UpaLTt9pxMVqO Vo7SH/q8atmp3aThT3XbEYbSvx4kUdHZYcuMogPe8T+3Bx4i9gWGnmpqF94P0Kl8 SZgY92JEhF92PwVTi7ztAfAZQDunVm60c/Lp44r0q/lGQKZLXP8jQXd7KmL6dnPI gDnispJnNdNxVSVDx/r3yjSRh0VCA3yv01ed/pusCrxX48sEw7ExwswEJBy12O3s rUY7Xx/U+eIP+E+4B7ddlzTFy+0t6HQ0q0LLtbiim1ELF+8ZBnAvCMnm49SQbpEQ UMgO/bCAGkGu88uR3sclIwUbaR9oCCxkZO0YuLvAnGoMJ7JaYQlDmDqe/lWP7VjV HEmJxDpJE9SgmVtYkfz3aOEds5nSspRQOQfQpnq/JxjRQTSfriSpDpl72d5qk1CH WHAM8lviqVg/uT6r2Q== =z0XP -----END PGP SIGNATURE----- Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull structleak fix from Kees Cook: "Disable gcc-based stack variable auto-init under KASAN (Arnd Bergmann). This fixes a bunch of build warnings under KASAN and the gcc-plugin-based stack auto-initialization features (which are arguably redundant, so better to let KASAN control this)" * tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK |
||
|
Linus Torvalds
|
40233e7c44 |
selinux/stable-5.3 PR 20190726
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl07eQIUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXORlg/9GoL9NMb5A6SMkkd+FrMM3Gn4A8iC 15jn2AXBL8WMY64EB8DofPPhBrdss5EFVLNSeZTvpOVko3aITemsFdrytKNHqY9v FbtKAfNOuJI7DWak1yMeuKrgSurxd/ZFfze3qUxlwDzO6recf9RbNQkZ60n/LIr2 vSnJDWqlDOQiUN5+qNzTL6ztpXAhmoT2D0Nx6GjZd/XBuvcY5Xf4gX+/UhlGpL3O e8bJO3b8kQbyBb3aaak/YYsesfzsPxzy5eGZdKFWmNnbsRL6L6Y4vDHP3xxNPsSd s0rhibAYNYzeM0MJNj5TD0KDl/vxildaLKPtmRo+vvLGtZeyKxPgyrmnA7AlBa7K 6yQ9X4nM5VS/Gs68gzLzpz9IzViJBuX18+oMbCdUDM5Xfu+9/zpKBFW06OMEdxcr MIbXpCD02Zq6KrduAWP4WSdni2oTTXzOjY9YbyDjhKvo/xF9vloY8XJ9JfyQXqJi 6uNG1rGhPgF9cQKHX6M84lp0PXdwLB1sUo0BqJvU39+tOqmBxfvOJmghDSuqbJPa BKuWNnsPhiRqRN6LIw/yCTxxlF2+cg0fywFl1981PIxUDnfTTYuNL+Rb+cyzo3L2 QLABdl2sLTfl7GOXOKcBQEE6yHs11m6eYLOKhvdDNhFVy5EmOFF4IUFO69I6YNok R3IUowNF8JLYByE= =Bojy -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux fix from Paul Moore: "One small SELinux patch to add some proper bounds/overflow checking when adding a new sid/secid" * tag 'selinux-pr-20190726' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: check sidtab limit before adding a new entry |
||
|
Arnd Bergmann
|
173e6ee21e |
structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
The combination of KASAN_STACK and GCC_PLUGIN_STRUCTLEAK_BYREF
leads to much larger kernel stack usage, as seen from the warnings
about functions that now exceed the 2048 byte limit:
drivers/media/i2c/tvp5150.c:253:1: error: the frame size of 3936 bytes is larger than 2048 bytes
drivers/media/tuners/r820t.c:1327:1: error: the frame size of 2816 bytes is larger than 2048 bytes
drivers/net/wireless/broadcom/brcm80211/brcmsmac/phy/phy_n.c:16552:1: error: the frame size of 3144 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]
fs/ocfs2/aops.c:1892:1: error: the frame size of 2088 bytes is larger than 2048 bytes
fs/ocfs2/dlm/dlmrecovery.c:737:1: error: the frame size of 2088 bytes is larger than 2048 bytes
fs/ocfs2/namei.c:1677:1: error: the frame size of 2584 bytes is larger than 2048 bytes
fs/ocfs2/super.c:1186:1: error: the frame size of 2640 bytes is larger than 2048 bytes
fs/ocfs2/xattr.c:3678:1: error: the frame size of 2176 bytes is larger than 2048 bytes
net/bluetooth/l2cap_core.c:7056:1: error: the frame size of 2144 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]
net/bluetooth/l2cap_core.c: In function 'l2cap_recv_frame':
net/bridge/br_netlink.c:1505:1: error: the frame size of 2448 bytes is larger than 2048 bytes
net/ieee802154/nl802154.c:548:1: error: the frame size of 2232 bytes is larger than 2048 bytes
net/wireless/nl80211.c:1726:1: error: the frame size of 2224 bytes is larger than 2048 bytes
net/wireless/nl80211.c:2357:1: error: the frame size of 4584 bytes is larger than 2048 bytes
net/wireless/nl80211.c:5108:1: error: the frame size of 2760 bytes is larger than 2048 bytes
net/wireless/nl80211.c:6472:1: error: the frame size of 2112 bytes is larger than 2048 bytes
The structleak plugin was previously disabled for CONFIG_COMPILE_TEST,
but meant we missed some bugs, so this time we should address them.
The frame size warnings are distracting, and risking a kernel stack
overflow is generally not beneficial to performance, so it may be best
to disallow that particular combination. This can be done by turning
off either one. I picked the dependency in GCC_PLUGIN_STRUCTLEAK_BYREF
and GCC_PLUGIN_STRUCTLEAK_BYREF_ALL, as this option is designed to
make uninitialized stack usage less harmful when enabled on its own,
but it also prevents KASAN from detecting those cases in which it was
in fact needed.
KASAN_STACK is currently implied by KASAN on gcc, but could be made a
user selectable option if we want to allow combining (non-stack) KASAN
with GCC_PLUGIN_STRUCTLEAK_BYREF.
Note that it would be possible to specifically address the files that
print the warning, but presumably the overall stack usage is still
significantly higher than in other configurations, so this would not
address the full problem.
I could not test this with CONFIG_INIT_STACK_ALL, which may or may not
suffer from a similar problem.
Fixes:
|
||
|
Ondrej Mosnacek
|
acbc372e61 |
selinux: check sidtab limit before adding a new entry
We need to error out when trying to add an entry above SIDTAB_MAX in
sidtab_reverse_lookup() to avoid overflow on the odd chance that this
happens.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
37766c2946 |
Linus 5.3-rc1
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl0006weHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGaDUIAJ4oTyVWpMRZkfG6 vVY8qVMU3zlzEqRiyLYjkXoe/mGpuU/UVTyyStllxZ+Gg9da0mGwlugScKriPJof 4KRUDDTGX5DrfEOo+0brKvM+PYh9uGViPgKXzyv7i6BrnX2z3JdBR4bKNuEYlAJ9 N93Qg7v05SBHIq2Gfp3klrdWbsTTW2EaDTLbcgifXLnfKyFr47kwsmXAHPlTFP0p dYsZHHmf14Y9n1+ToZeVINgjQFr6mFn6ygY/PqTnd6vCgEEfP9eENJ4BZCtN1ZL/ V0BO9MyJ5iZV0AfwSEKydk+kDEvO16TG/nyDrECVuur7AXsBx18ZplVc787f6GK+ dyCQJ3U= =XLAF -----END PGP SIGNATURE----- Merge 5.3.0-rc1 into android-mainline Linus 5.3-rc1 release Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic171e37d4c21ffa495240c5538852bbb5a9dcce8 |
||
Daniel Rosenberg
|
4fd07efd90 |
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
This allows filesystems to use their mount private data to
influence the permssions they return in permission2. It has
been separated into a new call to avoid disrupting current
permission users.
Test: HiKey/X15 + Pie + android-mainline,
and HiKey + AOSP Maser + android-mainline,
directories under /sdcard created,
output of mount is right,
CTS test collecting device infor works
Bug: 35848445
Change-Id: I9d416e3b8b6eca84ef3e336bd2af89ddd51df6ca
Signed-off-by: Daniel Rosenberg <drosen@google.com>
[AmitP: Minor refactoring of original patch to align with
changes from the following upstream commit
|
||
|
Daniel Rosenberg
|
c0dbfed5ff |
ANDROID: sdcardfs: Enable modular sdcardfs
Export the following symbols:
- copy_fs_struct
- free_fs_struct
- security_path_chown
- set_fs_pwd
- vfs_read
- vfs_write
These are needed to build sdcardfs as a module.
Test: HiKey/X15 + Pie + android-mainline,
and HiKey + AOSP Maser + android-mainline,
directories under /sdcard created,
output of mount is right,
CTS test collecting device infor works
Bug: 35142419
Change-Id: If6e14f0b3bdc858a9f684e6c209927a9232091f0
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
[astrachan: Folded the following changes into this patch:
e19f69662df5 ("ANDROID: Revert "fs: unexport vfs_read and vfs_write"")
17071a8e1e7d ("ANDROID: fs: Export free_fs_struct and set_fs_pwd")
2e9a639597cd ("ANDROID: export security_path_chown")]
Signed-off-by: Alistair Strachan <astrachan@google.com>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
|
||
|
Linus Torvalds
|
933a90bf4f |
Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull vfs mount updates from Al Viro: "The first part of mount updates. Convert filesystems to use the new mount API" * 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (63 commits) mnt_init(): call shmem_init() unconditionally constify ksys_mount() string arguments don't bother with registering rootfs init_rootfs(): don't bother with init_ramfs_fs() vfs: Convert smackfs to use the new mount API vfs: Convert selinuxfs to use the new mount API vfs: Convert securityfs to use the new mount API vfs: Convert apparmorfs to use the new mount API vfs: Convert openpromfs to use the new mount API vfs: Convert xenfs to use the new mount API vfs: Convert gadgetfs to use the new mount API vfs: Convert oprofilefs to use the new mount API vfs: Convert ibmasmfs to use the new mount API vfs: Convert qib_fs/ipathfs to use the new mount API vfs: Convert efivarfs to use the new mount API vfs: Convert configfs to use the new mount API vfs: Convert binfmt_misc to use the new mount API convenience helper: get_tree_single() convenience helper get_tree_nodev() vfs: Kill sget_userns() ... |
||
Matteo Croce
|
eec4844fae |
proc/sysctl: add shared variables for range check
In the sysctl code the proc_dointvec_minmax() function is often used to
validate the user supplied value between an allowed range. This
function uses the extra1 and extra2 members from struct ctl_table as
minimum and maximum allowed value.
On sysctl handler declaration, in every source file there are some
readonly variables containing just an integer which address is assigned
to the extra1 and extra2 members, so the sysctl range is enforced.
The special values 0, 1 and INT_MAX are very often used as range
boundary, leading duplication of variables like zero=0, one=1,
int_max=INT_MAX in different source files:
$ git grep -E '\.extra[12].*&(zero|one|int_max)' |wc -l
248
Add a const int array containing the most commonly used values, some
macros to refer more easily to the correct array member, and use them
instead of creating a local one for every object file.
This is the bloat-o-meter output comparing the old and new binary
compiled with the default Fedora config:
# scripts/bloat-o-meter -d vmlinux.o.old vmlinux.o
add/remove: 2/2 grow/shrink: 0/2 up/down: 24/-188 (-164)
Data old new delta
sysctl_vals - 12 +12
__kstrtab_sysctl_vals - 12 +12
max 14 10 -4
int_max 16 - -16
one 68 - -68
zero 128 28 -100
Total: Before=20583249, After=20583085, chg -0.00%
[mcroce@redhat.com: tipc: remove two unused variables]
Link: http://lkml.kernel.org/r/20190530091952.4108-1-mcroce@redhat.com
[akpm@linux-foundation.org: fix net/ipv6/sysctl_net_ipv6.c]
[arnd@arndb.de: proc/sysctl: make firmware loader table conditional]
Link: http://lkml.kernel.org/r/20190617130014.1713870-1-arnd@arndb.de
[akpm@linux-foundation.org: fix fs/eventpoll.c]
Link: http://lkml.kernel.org/r/20190430180111.10688-1-mcroce@redhat.com
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Aaron Tomlin <atomlin@redhat.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Linus Torvalds
|
c309b6f242 |
docs conversion for v5.3-rc1
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE+QmuaPwR3wnBdVwACF8+vY7k4RUFAl0tpocACgkQCF8+vY7k 4RWoxA//b/fmDXP3WPzrjjSmpyB9ml0/epKzPbT5S2j0lftqKBmet29k+PCjVrTx Nq2QauehY9ug5h8UMVUCmzPr95F0tSIGRoqk1vrn7z0K3q6k1SHrtvqbY1Bgb2Uk Qvh2YFU4fQLJg8WAbExCjxCdbdmBKQVGKTwCtM+tP5OMxwAFOmQrjGaUaKCKIIA2 7Wzrx8CpSji+bJ3uK/d36c+4M9oDly5eaxBhoboL3BI0y+GqwiSASGwTO7BxrPOg 0wq5IZHnqS8+bprT9xQdDOqf+UOY9U1cxE/+sqsHxblfUEx9gfLy/R+FLmJn+SS9 Z3yLy4SqVHQMpWBjEAGodohikF60PAuTdymSC11jqFaKCUxWrIZg5xO+0blMrxPF 7vYIexutCkaBMHBlNaNsHIqB7B/2FGGKoN7QW64hwvwJCGvF7OmJcV+R4bROGvh4 nFuis9/Nm66Fq7I3aw37ThyZ0aWZdaQ0QJTH9ksxU/ZCz2hhMNYu/rXggrDvkS4U nr77ZT5Gd7nj4b110zf8+99uiGiinY6hTfzPAuTCLBhaxwrv4/xDHAhpwdEB5T4j 8gOkxV8c0XWtL7sKqhGJvs/RRe2za0Y9XH6fyxsYfWcfuLjEvug8ouXMad9gxFWH DL3WnKJEMGLScei2wux4kGOwEbkR1bUf2cHJfh3GpCB/y8vgLOc= =smxY -----END PGP SIGNATURE----- Merge tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media Pull rst conversion of docs from Mauro Carvalho Chehab: "As agreed with Jon, I'm sending this big series directly to you, c/c him, as this series required a special care, in order to avoid conflicts with other trees" * tag 'docs/v5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (77 commits) docs: kbuild: fix build with pdf and fix some minor issues docs: block: fix pdf output docs: arm: fix a breakage with pdf output docs: don't use nested tables docs: gpio: add sysfs interface to the admin-guide docs: locking: add it to the main index docs: add some directories to the main documentation index docs: add SPDX tags to new index files docs: add a memory-devices subdir to driver-api docs: phy: place documentation under driver-api docs: serial: move it to the driver-api docs: driver-api: add remaining converted dirs to it docs: driver-api: add xilinx driver API documentation docs: driver-api: add a series of orphaned documents docs: admin-guide: add a series of orphaned documents docs: cgroup-v1: add it to the admin-guide book docs: aoe: add it to the driver-api book docs: add some documentation dirs to the driver-api book docs: driver-model: move it to the driver-api book docs: lp855x-driver.rst: add it to the driver-api book ... |
||
|
Jann Horn
|
e10337daef |
LSM: SafeSetID: fix use of literal -1 in capable hook
The capable() hook returns an error number. -EPERM is actually the same as -1, so this doesn't make a difference in behavior. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
4f72123da5 |
LSM: SafeSetID: verify transitive constrainedness
Someone might write a ruleset like the following, expecting that it
securely constrains UID 1 to UIDs 1, 2 and 3:
1:2
1:3
However, because no constraints are applied to UIDs 2 and 3, an attacker
with UID 1 can simply first switch to UID 2, then switch to any UID from
there. The secure way to write this ruleset would be:
1:2
1:3
2:2
3:3
, which uses "transition to self" as a way to inhibit the default-allow
policy without allowing anything specific.
This is somewhat unintuitive. To make sure that policy authors don't
accidentally write insecure policies because of this, let the kernel verify
that a new ruleset does not contain any entries that are constrained, but
transitively unconstrained.
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
|
||
|
Jann Horn
|
fbd9acb2dc |
LSM: SafeSetID: add read handler
For debugging a running system, it is very helpful to be able to see what policy the system is using. Add a read handler that can dump out a copy of the loaded policy. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
03638e62f5 |
LSM: SafeSetID: rewrite userspace API to atomic updates
The current API of the SafeSetID LSM uses one write() per rule, and applies each written rule instantly. This has several downsides: - While a policy is being loaded, once a single parent-child pair has been loaded, the parent is restricted to that specific child, even if subsequent rules would allow transitions to other child UIDs. This means that during policy loading, set*uid() can randomly fail. - To replace the policy without rebooting, it is necessary to first flush all old rules. This creates a time window in which no constraints are placed on the use of CAP_SETUID. - If we want to perform sanity checks on the final policy, this requires that the policy isn't constructed in a piecemeal fashion without telling the kernel when it's done. Other kernel APIs - including things like the userns code and netfilter - avoid this problem by performing updates atomically. Luckily, SafeSetID hasn't landed in a stable (upstream) release yet, so maybe it's not too late to completely change the API. The new API for SafeSetID is: If you want to change the policy, open "safesetid/whitelist_policy" and write the entire policy, newline-delimited, in there. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
71a98971b9 |
LSM: SafeSetID: fix userns handling in securityfs
Looking at current_cred() in write handlers is bad form, stop doing that. Also, let's just require that the write is coming from the initial user namespace. Especially SAFESETID_WHITELIST_FLUSH requires privilege over all namespaces, and SAFESETID_WHITELIST_ADD should probably require it as well. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
78ae7df96d |
LSM: SafeSetID: refactor policy parsing
In preparation for changing the policy parsing logic, refactor the line parsing logic to be less verbose and move it into a separate function. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
8068866c4a |
LSM: SafeSetID: refactor safesetid_security_capable()
At the moment, safesetid_security_capable() has two nested conditional blocks, and one big comment for all the logic. Chop it up and reduce the amount of indentation. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
1cd02a27a9 |
LSM: SafeSetID: refactor policy hash table
parent_kuid and child_kuid are kuids, there is no reason to make them uint64_t. (And anyway, in the kernel, the normal name for that would be u64, not uint64_t.) check_setuid_policy_hashtable_key() and check_setuid_policy_hashtable_key_value() are basically the same thing, merge them. Also fix the comment that claimed that (1<<8)==128. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
7ef6b3062f |
LSM: SafeSetID: fix check for setresuid(new1, new2, new3)
With the old code, when a process with the (real,effective,saved) UID set (1,1,1) calls setresuid(2,3,4), safesetid_task_fix_setuid() only checks whether the transition 1->2 is permitted; the transitions 1->3 and 1->4 are not checked. Fix this. This is also a good opportunity to refactor safesetid_task_fix_setuid() to be less verbose - having one branch per set*uid() syscall is unnecessary. Note that this slightly changes semantics: The UID transition check for UIDs that were not in the old cred struct is now always performed against the policy of the RUID. I think that's more consistent anyway, since the RUID is also the one that decides whether any policy is enforced at all. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|
Jann Horn
|
c783d525f9 |
LSM: SafeSetID: fix pr_warn() to include newline
Fix the pr_warn() calls in the SafeSetID LSM to have newlines at the end. Without this, denial messages will be buffered as incomplete lines in log_output(), and will then only show up once something else prints into dmesg. Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
Mauro Carvalho Chehab
|
da82c92f11 |
docs: cgroup-v1: add it to the admin-guide book
Those files belong to the admin guide, so add them. Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org> |
||
|
Mauro Carvalho Chehab
|
e8d776f20f |
docs: x86: move two x86-specific files to x86 arch dir
Those two docs belong to the x86 architecture: Documentation/Intel-IOMMU.txt -> Documentation/x86/intel-iommu.rst Documentation/intel_txt.txt -> Documentation/x86/intel_txt.rst Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org> |
||
|
Linus Torvalds
|
ef8f3d48af |
Merge branch 'akpm' (patches from Andrew)
Merge updates from Andrew Morton:
"Am experimenting with splitting MM up into identifiable subsystems
perhaps with a view to gitifying it in complex ways. Also with more
verbose "incoming" emails.
Most of MM is here and a few other trees.
Subsystems affected by this patch series:
- hotfixes
- iommu
- scripts
- arch/sh
- ocfs2
- mm:slab-generic
- mm:slub
- mm:kmemleak
- mm:kasan
- mm:cleanups
- mm:debug
- mm:pagecache
- mm:swap
- mm:memcg
- mm:gup
- mm:pagemap
- mm:infrastructure
- mm:vmalloc
- mm:initialization
- mm:pagealloc
- mm:vmscan
- mm:tools
- mm:proc
- mm:ras
- mm:oom-kill
hotfixes:
mm: vmscan: scan anonymous pages on file refaults
mm/nvdimm: add is_ioremap_addr and use that to check ioremap address
mm/memcontrol: fix wrong statistics in memory.stat
mm/z3fold.c: lock z3fold page before __SetPageMovable()
nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header
MAINTAINERS: nilfs2: update email address
iommu:
include/linux/dmar.h: replace single-char identifiers in macros
scripts:
scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
scripts/decode_stacktrace: look for modules with .ko.debug extension
scripts/spelling.txt: drop "sepc" from the misspelling list
scripts/spelling.txt: add spelling fix for prohibited
scripts/decode_stacktrace: Accept dash/underscore in modules
scripts/spelling.txt: add more spellings to spelling.txt
arch/sh:
arch/sh/configs/sdk7786_defconfig: remove CONFIG_LOGFS
sh: config: remove left-over BACKLIGHT_LCD_SUPPORT
sh: prevent warnings when using iounmap
ocfs2:
fs: ocfs: fix spelling mistake "hearbeating" -> "heartbeat"
ocfs2/dlm: use struct_size() helper
ocfs2: add last unlock times in locking_state
ocfs2: add locking filter debugfs file
ocfs2: add first lock wait time in locking_state
ocfs: no need to check return value of debugfs_create functions
fs/ocfs2/dlmglue.c: unneeded variable: "status"
ocfs2: use kmemdup rather than duplicating its implementation
mm:slab-generic:
Patch series "mm/slab: Improved sanity checking":
mm/slab: validate cache membership under freelist hardening
mm/slab: sanity-check page type when looking up cache
lkdtm/heap: add tests for freelist hardening
mm:slub:
mm/slub.c: avoid double string traverse in kmem_cache_flags()
slub: don't panic for memcg kmem cache creation failure
mm:kmemleak:
mm/kmemleak.c: fix check for softirq context
mm/kmemleak.c: change error at _write when kmemleak is disabled
docs: kmemleak: add more documentation details
mm:kasan:
mm/kasan: print frame description for stack bugs
Patch series "Bitops instrumentation for KASAN", v5:
lib/test_kasan: add bitops tests
x86: use static_cpu_has in uaccess region to avoid instrumentation
asm-generic, x86: add bitops instrumentation for KASAN
Patch series "mm/kasan: Add object validation in ksize()", v3:
mm/kasan: introduce __kasan_check_{read,write}
mm/kasan: change kasan_check_{read,write} to return boolean
lib/test_kasan: Add test for double-kzfree detection
mm/slab: refactor common ksize KASAN logic into slab_common.c
mm/kasan: add object validation in ksize()
mm:cleanups:
include/linux/pfn_t.h: remove pfn_t_to_virt()
Patch series "remove ARCH_SELECT_MEMORY_MODEL where it has no effect":
arm: remove ARCH_SELECT_MEMORY_MODEL
s390: remove ARCH_SELECT_MEMORY_MODEL
sparc: remove ARCH_SELECT_MEMORY_MODEL
mm/gup.c: make follow_page_mask() static
mm/memory.c: trivial clean up in insert_page()
mm: make !CONFIG_HUGE_PAGE wrappers into static inlines
include/linux/mm_types.h: ifdef struct vm_area_struct::swap_readahead_info
mm: remove the account_page_dirtied export
mm/page_isolation.c: change the prototype of undo_isolate_page_range()
include/linux/vmpressure.h: use spinlock_t instead of struct spinlock
mm: remove the exporting of totalram_pages
include/linux/pagemap.h: document trylock_page() return value
mm:debug:
mm/failslab.c: by default, do not fail allocations with direct reclaim only
Patch series "debug_pagealloc improvements":
mm, debug_pagelloc: use static keys to enable debugging
mm, page_alloc: more extensive free page checking with debug_pagealloc
mm, debug_pagealloc: use a page type instead of page_ext flag
mm:pagecache:
Patch series "fix filler_t callback type mismatches", v2:
mm/filemap.c: fix an overly long line in read_cache_page
mm/filemap: don't cast ->readpage to filler_t for do_read_cache_page
jffs2: pass the correct prototype to read_cache_page
9p: pass the correct prototype to read_cache_page
mm/filemap.c: correct the comment about VM_FAULT_RETRY
mm:swap:
mm, swap: fix race between swapoff and some swap operations
mm/swap_state.c: simplify total_swapcache_pages() with get_swap_device()
mm, swap: use rbtree for swap_extent
mm/mincore.c: fix race between swapoff and mincore
mm:memcg:
memcg, oom: no oom-kill for __GFP_RETRY_MAYFAIL
memcg, fsnotify: no oom-kill for remote memcg charging
mm, memcg: introduce memory.events.local
mm: memcontrol: dump memory.stat during cgroup OOM
Patch series "mm: reparent slab memory on cgroup removal", v7:
mm: memcg/slab: postpone kmem_cache memcg pointer initialization to memcg_link_cache()
mm: memcg/slab: rename slab delayed deactivation functions and fields
mm: memcg/slab: generalize postponed non-root kmem_cache deactivation
mm: memcg/slab: introduce __memcg_kmem_uncharge_memcg()
mm: memcg/slab: unify SLAB and SLUB page accounting
mm: memcg/slab: don't check the dying flag on kmem_cache creation
mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock
mm: memcg/slab: rework non-root kmem_cache lifecycle management
mm: memcg/slab: stop setting page->mem_cgroup pointer for slab pages
mm: memcg/slab: reparent memcg kmem_caches on cgroup removal
mm, memcg: add a memcg_slabinfo debugfs file
mm:gup:
Patch series "switch the remaining architectures to use generic GUP", v4:
mm: use untagged_addr() for get_user_pages_fast addresses
mm: simplify gup_fast_permitted
mm: lift the x86_32 PAE version of gup_get_pte to common code
MIPS: use the generic get_user_pages_fast code
sh: add the missing pud_page definition
sh: use the generic get_user_pages_fast code
sparc64: add the missing pgd_page definition
sparc64: define untagged_addr()
sparc64: use the generic get_user_pages_fast code
mm: rename CONFIG_HAVE_GENERIC_GUP to CONFIG_HAVE_FAST_GUP
mm: reorder code blocks in gup.c
mm: consolidate the get_user_pages* implementations
mm: validate get_user_pages_fast flags
mm: move the powerpc hugepd code to mm/gup.c
mm: switch gup_hugepte to use try_get_compound_head
mm: mark the page referenced in gup_hugepte
mm/gup: speed up check_and_migrate_cma_pages() on huge page
mm/gup.c: remove some BUG_ONs from get_gate_page()
mm/gup.c: mark undo_dev_pagemap as __maybe_unused
mm:pagemap:
asm-generic, x86: introduce generic pte_{alloc,free}_one[_kernel]
alpha: switch to generic version of pte allocation
arm: switch to generic version of pte allocation
arm64: switch to generic version of pte allocation
csky: switch to generic version of pte allocation
m68k: sun3: switch to generic version of pte allocation
mips: switch to generic version of pte allocation
nds32: switch to generic version of pte allocation
nios2: switch to generic version of pte allocation
parisc: switch to generic version of pte allocation
riscv: switch to generic version of pte allocation
um: switch to generic version of pte allocation
unicore32: switch to generic version of pte allocation
mm/pgtable: drop pgtable_t variable from pte_fn_t functions
mm/memory.c: fail when offset == num in first check of __vm_map_pages()
mm:infrastructure:
mm/mmu_notifier: use hlist_add_head_rcu()
mm:vmalloc:
Patch series "Some cleanups for the KVA/vmalloc", v5:
mm/vmalloc.c: remove "node" argument
mm/vmalloc.c: preload a CPU with one object for split purpose
mm/vmalloc.c: get rid of one single unlink_va() when merge
mm/vmalloc.c: switch to WARN_ON() and move it under unlink_va()
mm/vmalloc.c: spelling> s/informaion/information/
mm:initialization:
mm/large system hash: use vmalloc for size > MAX_ORDER when !hashdist
mm/large system hash: clear hashdist when only one node with memory is booted
mm:pagealloc:
arm64: move jump_label_init() before parse_early_param()
Patch series "add init_on_alloc/init_on_free boot options", v10:
mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
mm: init: report memory auto-initialization features at boot time
mm:vmscan:
mm: vmscan: remove double slab pressure by inc'ing sc->nr_scanned
mm: vmscan: correct some vmscan counters for THP swapout
mm:tools:
tools/vm/slabinfo: order command line options
tools/vm/slabinfo: add partial slab listing to -X
tools/vm/slabinfo: add option to sort by partial slabs
tools/vm/slabinfo: add sorting info to help menu
mm:proc:
proc: use down_read_killable mmap_sem for /proc/pid/maps
proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup
proc: use down_read_killable mmap_sem for /proc/pid/pagemap
proc: use down_read_killable mmap_sem for /proc/pid/clear_refs
proc: use down_read_killable mmap_sem for /proc/pid/map_files
mm: use down_read_killable for locking mmap_sem in access_remote_vm
mm: smaps: split PSS into components
mm: vmalloc: show number of vmalloc pages in /proc/meminfo
mm:ras:
mm/memory-failure.c: clarify error message
mm:oom-kill:
mm: memcontrol: use CSS_TASK_ITER_PROCS at mem_cgroup_scan_tasks()
mm, oom: refactor dump_tasks for memcg OOMs
mm, oom: remove redundant task_in_mem_cgroup() check
oom: decouple mems_allowed from oom_unkillable_task
mm/oom_kill.c: remove redundant OOM score normalization in select_bad_process()"
* akpm: (147 commits)
mm/oom_kill.c: remove redundant OOM score normalization in select_bad_process()
oom: decouple mems_allowed from oom_unkillable_task
mm, oom: remove redundant task_in_mem_cgroup() check
mm, oom: refactor dump_tasks for memcg OOMs
mm: memcontrol: use CSS_TASK_ITER_PROCS at mem_cgroup_scan_tasks()
mm/memory-failure.c: clarify error message
mm: vmalloc: show number of vmalloc pages in /proc/meminfo
mm: smaps: split PSS into components
mm: use down_read_killable for locking mmap_sem in access_remote_vm
proc: use down_read_killable mmap_sem for /proc/pid/map_files
proc: use down_read_killable mmap_sem for /proc/pid/clear_refs
proc: use down_read_killable mmap_sem for /proc/pid/pagemap
proc: use down_read_killable mmap_sem for /proc/pid/smaps_rollup
proc: use down_read_killable mmap_sem for /proc/pid/maps
tools/vm/slabinfo: add sorting info to help menu
tools/vm/slabinfo: add option to sort by partial slabs
tools/vm/slabinfo: add partial slab listing to -X
tools/vm/slabinfo: order command line options
mm: vmscan: correct some vmscan counters for THP swapout
mm: vmscan: remove double slab pressure by inc'ing sc->nr_scanned
...
|
||
Alexander Potapenko
|
6471384af2 |
mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
Patch series "add init_on_alloc/init_on_free boot options", v10. Provide init_on_alloc and init_on_free boot options. These are aimed at preventing possible information leaks and making the control-flow bugs that depend on uninitialized values more deterministic. Enabling either of the options guarantees that the memory returned by the page allocator and SL[AU]B is initialized with zeroes. SLOB allocator isn't supported at the moment, as its emulation of kmem caches complicates handling of SLAB_TYPESAFE_BY_RCU caches correctly. Enabling init_on_free also guarantees that pages and heap objects are initialized right after they're freed, so it won't be possible to access stale data by using a dangling pointer. As suggested by Michal Hocko, right now we don't let the heap users to disable initialization for certain allocations. There's not enough evidence that doing so can speed up real-life cases, and introducing ways to opt-out may result in things going out of control. This patch (of 2): The new options are needed to prevent possible information leaks and make control-flow bugs that depend on uninitialized values more deterministic. This is expected to be on-by-default on Android and Chrome OS. And it gives the opportunity for anyone else to use it under distros too via the boot args. (The init_on_free feature is regularly requested by folks where memory forensics is included in their threat models.) init_on_alloc=1 makes the kernel initialize newly allocated pages and heap objects with zeroes. Initialization is done at allocation time at the places where checks for __GFP_ZERO are performed. init_on_free=1 makes the kernel initialize freed pages and heap objects with zeroes upon their deletion. This helps to ensure sensitive data doesn't leak via use-after-free accesses. Both init_on_alloc=1 and init_on_free=1 guarantee that the allocator returns zeroed memory. The two exceptions are slab caches with constructors and SLAB_TYPESAFE_BY_RCU flag. Those are never zero-initialized to preserve their semantics. Both init_on_alloc and init_on_free default to zero, but those defaults can be overridden with CONFIG_INIT_ON_ALLOC_DEFAULT_ON and CONFIG_INIT_ON_FREE_DEFAULT_ON. If either SLUB poisoning or page poisoning is enabled, those options take precedence over init_on_alloc and init_on_free: initialization is only applied to unpoisoned allocations. Slowdown for the new features compared to init_on_free=0, init_on_alloc=0: hackbench, init_on_free=1: +7.62% sys time (st.err 0.74%) hackbench, init_on_alloc=1: +7.75% sys time (st.err 2.14%) Linux build with -j12, init_on_free=1: +8.38% wall time (st.err 0.39%) Linux build with -j12, init_on_free=1: +24.42% sys time (st.err 0.52%) Linux build with -j12, init_on_alloc=1: -0.13% wall time (st.err 0.42%) Linux build with -j12, init_on_alloc=1: +0.57% sys time (st.err 0.40%) The slowdown for init_on_free=0, init_on_alloc=0 compared to the baseline is within the standard error. The new features are also going to pave the way for hardware memory tagging (e.g. arm64's MTE), which will require both on_alloc and on_free hooks to set the tags for heap objects. With MTE, tagging will have the same cost as memory initialization. Although init_on_free is rather costly, there are paranoid use-cases where in-memory data lifetime is desired to be minimized. There are various arguments for/against the realism of the associated threat models, but given that we'll need the infrastructure for MTE anyway, and there are people who want wipe-on-free behavior no matter what the performance cost, it seems reasonable to include it in this series. [glider@google.com: v8] Link: http://lkml.kernel.org/r/20190626121943.131390-2-glider@google.com [glider@google.com: v9] Link: http://lkml.kernel.org/r/20190627130316.254309-2-glider@google.com [glider@google.com: v10] Link: http://lkml.kernel.org/r/20190628093131.199499-2-glider@google.com Link: http://lkml.kernel.org/r/20190617151050.92663-2-glider@google.com Signed-off-by: Alexander Potapenko <glider@google.com> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Michal Hocko <mhocko@suse.cz> [page and dmapool parts Acked-by: James Morris <jamorris@linux.microsoft.com>] Cc: Christoph Lameter <cl@linux.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Kostya Serebryany <kcc@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Sandeep Patil <sspatil@android.com> Cc: Laura Abbott <labbott@redhat.com> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: Jann Horn <jannh@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Marco Elver <elver@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
c079512aad |
security/loadpin improvement
- Allow exclusion of specific file types (Ke Wu) -----BEGIN PGP SIGNATURE----- Comment: Kees Cook <kees@outflux.net> iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAl0kFSgWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJjQ+D/sFRaH6jqo1svYBmD1UZ8rSCYsq qXuBFfuZMNGkP2tWEXKVKc3+dKWxv+gHnXNO9K7lGeIQkH0LpEGy+ObqE+dnrdLp wjVF6gWuZJ2iKzD+ZgaQnN+AmXcuRz/0NHRE2xvmw1u7V2wvZQoEasTNNe+P8yIZ +VU9bTegdhZ0gEpPHbVyKNqOcRsX0cvReD5LsE5XTuNElTo3i0FH7tr+EXRAPnKU gxtr+LGGldyZ0w618tHuWTwZJWVZw9V9uxdxxfQ41qKoZGRA2bvG3h8PGE6AwwWo KrTEAHjiWoCXDzQgZuZpLPvpqkCcW71+jCCdqz3KKs0NS8zp1Rba6WVxcKFZioa5 ROqCxwt/8sJQDF/vI/pZOhG0SsADZdAduUAwR+oNJmy4Y8ZPBPSTzJHcIsV9zUVN /OhKljyta8H30XpIQN56eQgIYl+M4MqXqFmEkTNziYclpZR64Td1umMcb831va0J dAbxHK4v3Uf9/w5PqKsFkOECBwzaRT0colHPlEl77Qlh9lC6/cZrY2JtO9zr/f1D yvZwQMCW/qk0jikKUqbERCv2GH3DOrBUQrAxgm+GCbS4ZTAjIXHOjjLIJIJPDvBz jzkk/zgYJqW3LKwHIgdVw0Ilh4FnFS+SG4OLfUsH5uauaedU2t0exvFakEwtK3Uc LCI7pT0GGnM0EKbxQQ== =eVyy -----END PGP SIGNATURE----- Merge tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull security/loadpin updates from Kees Cook: - Allow exclusion of specific file types (Ke Wu) * tag 'loadpin-v5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: security/loadpin: Allow to exclude specific file types |
||
|
Linus Torvalds
|
237f83dfbe |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller:
"Some highlights from this development cycle:
1) Big refactoring of ipv6 route and neigh handling to support
nexthop objects configurable as units from userspace. From David
Ahern.
2) Convert explored_states in BPF verifier into a hash table,
significantly decreased state held for programs with bpf2bpf
calls, from Alexei Starovoitov.
3) Implement bpf_send_signal() helper, from Yonghong Song.
4) Various classifier enhancements to mvpp2 driver, from Maxime
Chevallier.
5) Add aRFS support to hns3 driver, from Jian Shen.
6) Fix use after free in inet frags by allocating fqdirs dynamically
and reworking how rhashtable dismantle occurs, from Eric Dumazet.
7) Add act_ctinfo packet classifier action, from Kevin
Darbyshire-Bryant.
8) Add TFO key backup infrastructure, from Jason Baron.
9) Remove several old and unused ISDN drivers, from Arnd Bergmann.
10) Add devlink notifications for flash update status to mlxsw driver,
from Jiri Pirko.
11) Lots of kTLS offload infrastructure fixes, from Jakub Kicinski.
12) Add support for mv88e6250 DSA chips, from Rasmus Villemoes.
13) Various enhancements to ipv6 flow label handling, from Eric
Dumazet and Willem de Bruijn.
14) Support TLS offload in nfp driver, from Jakub Kicinski, Dirk van
der Merwe, and others.
15) Various improvements to axienet driver including converting it to
phylink, from Robert Hancock.
16) Add PTP support to sja1105 DSA driver, from Vladimir Oltean.
17) Add mqprio qdisc offload support to dpaa2-eth, from Ioana
Radulescu.
18) Add devlink health reporting to mlx5, from Moshe Shemesh.
19) Convert stmmac over to phylink, from Jose Abreu.
20) Add PTP PHC (Physical Hardware Clock) support to mlxsw, from
Shalom Toledo.
21) Add nftables SYNPROXY support, from Fernando Fernandez Mancera.
22) Convert tcp_fastopen over to use SipHash, from Ard Biesheuvel.
23) Track spill/fill of constants in BPF verifier, from Alexei
Starovoitov.
24) Support bounded loops in BPF, from Alexei Starovoitov.
25) Various page_pool API fixes and improvements, from Jesper Dangaard
Brouer.
26) Just like ipv4, support ref-countless ipv6 route handling. From
Wei Wang.
27) Support VLAN offloading in aquantia driver, from Igor Russkikh.
28) Add AF_XDP zero-copy support to mlx5, from Maxim Mikityanskiy.
29) Add flower GRE encap/decap support to nfp driver, from Pieter
Jansen van Vuuren.
30) Protect against stack overflow when using act_mirred, from John
Hurley.
31) Allow devmap map lookups from eBPF, from Toke Høiland-Jørgensen.
32) Use page_pool API in netsec driver, Ilias Apalodimas.
33) Add Google gve network driver, from Catherine Sullivan.
34) More indirect call avoidance, from Paolo Abeni.
35) Add kTLS TX HW offload support to mlx5, from Tariq Toukan.
36) Add XDP_REDIRECT support to bnxt_en, from Andy Gospodarek.
37) Add MPLS manipulation actions to TC, from John Hurley.
38) Add sending a packet to connection tracking from TC actions, and
then allow flower classifier matching on conntrack state. From
Paul Blakey.
39) Netfilter hw offload support, from Pablo Neira Ayuso"
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (2080 commits)
net/mlx5e: Return in default case statement in tx_post_resync_params
mlx5: Return -EINVAL when WARN_ON_ONCE triggers in mlx5e_tls_resync().
net: dsa: add support for BRIDGE_MROUTER attribute
pkt_sched: Include const.h
net: netsec: remove static declaration for netsec_set_tx_de()
net: netsec: remove superfluous if statement
netfilter: nf_tables: add hardware offload support
net: flow_offload: rename tc_cls_flower_offload to flow_cls_offload
net: flow_offload: add flow_block_cb_is_busy() and use it
net: sched: remove tcf block API
drivers: net: use flow block API
net: sched: use flow block API
net: flow_offload: add flow_block_cb_{priv, incref, decref}()
net: flow_offload: add list handling functions
net: flow_offload: add flow_block_cb_alloc() and flow_block_cb_free()
net: flow_offload: rename TCF_BLOCK_BINDER_TYPE_* to FLOW_BLOCK_BINDER_TYPE_*
net: flow_offload: rename TC_BLOCK_{UN}BIND to FLOW_BLOCK_{UN}BIND
net: flow_offload: add flow_block_cb_setup_simple()
net: hisilicon: Add an tx_desc to adapt HI13X1_GMAC
net: hisilicon: Add an rx_desc to adapt HI13X1_GMAC
...
|
||
|
Linus Torvalds
|
028db3e290 |
Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"
This reverts merge |
||
|
Linus Torvalds
|
e9a83bd232 |
It's been a relatively busy cycle for docs:
- A fair pile of RST conversions, many from Mauro. These create more
than the usual number of simple but annoying merge conflicts with other
trees, unfortunately. He has a lot more of these waiting on the wings
that, I think, will go to you directly later on.
- A new document on how to use merges and rebases in kernel repos, and one
on Spectre vulnerabilities.
- Various improvements to the build system, including automatic markup of
function() references because some people, for reasons I will never
understand, were of the opinion that :c:func:``function()`` is
unattractive and not fun to type.
- We now recommend using sphinx 1.7, but still support back to 1.4.
- Lots of smaller improvements, warning fixes, typo fixes, etc.
-----BEGIN PGP SIGNATURE-----
iQFDBAABCAAtFiEEIw+MvkEiF49krdp9F0NaE2wMflgFAl0krAEPHGNvcmJldEBs
d24ubmV0AAoJEBdDWhNsDH5Yg98H/AuLqO9LpOgUjF4LhyjxGPdzJkY9RExSJ7km
gznyreLCZgFaJR+AY6YDsd4Jw6OJlPbu1YM/Qo3C3WrZVFVhgL/s2ebvBgCo50A8
raAFd8jTf4/mGCHnAqRotAPQ3mETJUk315B66lBJ6Oc+YdpRhwXWq8ZW2bJxInFF
3HDvoFgMf0KhLuMHUkkL0u3fxH1iA+KvDu8diPbJYFjOdOWENz/CV8wqdVkXRSEW
DJxIq89h/7d+hIG3d1I7Nw+gibGsAdjSjKv4eRKauZs4Aoxd1Gpl62z0JNk6aT3m
dtq4joLdwScydonXROD/Twn2jsu4xYTrPwVzChomElMowW/ZBBY=
=D0eO
-----END PGP SIGNATURE-----
Merge tag 'docs-5.3' of git://git.lwn.net/linux
Pull Documentation updates from Jonathan Corbet:
"It's been a relatively busy cycle for docs:
- A fair pile of RST conversions, many from Mauro. These create more
than the usual number of simple but annoying merge conflicts with
other trees, unfortunately. He has a lot more of these waiting on
the wings that, I think, will go to you directly later on.
- A new document on how to use merges and rebases in kernel repos,
and one on Spectre vulnerabilities.
- Various improvements to the build system, including automatic
markup of function() references because some people, for reasons I
will never understand, were of the opinion that
:c:func:``function()`` is unattractive and not fun to type.
- We now recommend using sphinx 1.7, but still support back to 1.4.
- Lots of smaller improvements, warning fixes, typo fixes, etc"
* tag 'docs-5.3' of git://git.lwn.net/linux: (129 commits)
docs: automarkup.py: ignore exceptions when seeking for xrefs
docs: Move binderfs to admin-guide
Disable Sphinx SmartyPants in HTML output
doc: RCU callback locks need only _bh, not necessarily _irq
docs: format kernel-parameters -- as code
Doc : doc-guide : Fix a typo
platform: x86: get rid of a non-existent document
Add the RCU docs to the core-api manual
Documentation: RCU: Add TOC tree hooks
Documentation: RCU: Rename txt files to rst
Documentation: RCU: Convert RCU UP systems to reST
Documentation: RCU: Convert RCU linked list to reST
Documentation: RCU: Convert RCU basic concepts to reST
docs: filesystems: Remove uneeded .rst extension on toctables
scripts/sphinx-pre-install: fix out-of-tree build
docs: zh_CN: submitting-drivers.rst: Remove a duplicated Documentation/
Documentation: PGP: update for newer HW devices
Documentation: Add section about CPU vulnerabilities for Spectre
Documentation: platform: Delete x86-laptop-drivers.txt
docs: Note that :c:func: should no longer be used
...
|
||
|
Linus Torvalds
|
9d22167f34 |
Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull capabilities update from James Morris:
"Minor fixes for capabilities:
- Update the commoncap.c code to utilize XATTR_SECURITY_PREFIX_LEN,
from Carmeli tamir.
- Make the capability hooks static, from Yue Haibing"
* 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
security/commoncap: Use xattr security prefix len
security: Make capability_hooks static
|
||
|
Linus Torvalds
|
5ad18b2e60 |
Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull force_sig() argument change from Eric Biederman: "A source of error over the years has been that force_sig has taken a task parameter when it is only safe to use force_sig with the current task. The force_sig function is built for delivering synchronous signals such as SIGSEGV where the userspace application caused a synchronous fault (such as a page fault) and the kernel responded with a signal. Because the name force_sig does not make this clear, and because the force_sig takes a task parameter the function force_sig has been abused for sending other kinds of signals over the years. Slowly those have been fixed when the oopses have been tracked down. This set of changes fixes the remaining abusers of force_sig and carefully rips out the task parameter from force_sig and friends making this kind of error almost impossible in the future" * 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (27 commits) signal/x86: Move tsk inside of CONFIG_MEMORY_FAILURE in do_sigbus signal: Remove the signal number and task parameters from force_sig_info signal: Factor force_sig_info_to_task out of force_sig_info signal: Generate the siginfo in force_sig signal: Move the computation of force into send_signal and correct it. signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal signal: Remove the task parameter from force_sig_fault signal: Use force_sig_fault_to_task for the two calls that don't deliver to current signal: Explicitly call force_sig_fault on current signal/unicore32: Remove tsk parameter from __do_user_fault signal/arm: Remove tsk parameter from __do_user_fault signal/arm: Remove tsk parameter from ptrace_break signal/nds32: Remove tsk parameter from send_sigtrap signal/riscv: Remove tsk parameter from do_trap signal/sh: Remove tsk parameter from force_sig_info_fault signal/um: Remove task parameter from send_sigtrap signal/x86: Remove task parameter from send_sigtrap signal: Remove task parameter from force_sig_mceerr signal: Remove task parameter from force_sig signal: Remove task parameter from force_sigsegv ... |
||
|
Linus Torvalds
|
92c1d65221 |
Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
Pull cgroup updates from Tejun Heo: "Documentation updates and the addition of cgroup_parse_float() which will be used by new controllers including blk-iocost" * 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: docs: cgroup-v1: convert docs to ReST and rename to *.rst cgroup: Move cgroup_parse_float() implementation out of CONFIG_SYSFS cgroup: add cgroup_parse_float() |
||
|
Linus Torvalds
|
8b68150883 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar:
"Bug fixes, code clean up, and new features:
- IMA policy rules can be defined in terms of LSM labels, making the
IMA policy dependent on LSM policy label changes, in particular LSM
label deletions. The new environment, in which IMA-appraisal is
being used, frequently updates the LSM policy and permits LSM label
deletions.
- Prevent an mmap'ed shared file opened for write from also being
mmap'ed execute. In the long term, making this and other similar
changes at the VFS layer would be preferable.
- The IMA per policy rule template format support is needed for a
couple of new/proposed features (eg. kexec boot command line
measurement, appended signatures, and VFS provided file hashes).
- Other than the "boot-aggregate" record in the IMA measuremeent
list, all other measurements are of file data. Measuring and
storing the kexec boot command line in the IMA measurement list is
the first buffer based measurement included in the measurement
list"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
integrity: Introduce struct evm_xattr
ima: Update MAX_TEMPLATE_NAME_LEN to fit largest reasonable definition
KEXEC: Call ima_kexec_cmdline to measure the boot command line args
IMA: Define a new template field buf
IMA: Define a new hook to measure the kexec boot command line arguments
IMA: support for per policy rule template formats
integrity: Fix __integrity_init_keyring() section mismatch
ima: Use designated initializers for struct ima_event_data
ima: use the lsm policy update notifier
LSM: switch to blocking policy update notifiers
x86/ima: fix the Kconfig dependency for IMA_ARCH_POLICY
ima: Make arch_policy_entry static
ima: prevent a file already mmap'ed write to be mmap'ed execute
x86/ima: check EFI SetupMode too
|
||
|
Linus Torvalds
|
0f75ef6a9c |
Keyrings ACL
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRyyVvu3V2unywtrAQL3xQ//eifjlELkRAPm2EReWwwahdM+9QL/0bAy
e8eAzP9EaphQGUhpIzM9Y7Cx+a8XW2xACljY8hEFGyxXhDMoLa35oSoJOeay6vQt
QcgWnDYsET8Z7HOsFCP3ZQqlbbqfsB6CbIKtZoEkZ8ib7eXpYcy1qTydu7wqrl4A
AaJalAhlUKKUx9hkGGJTh2xvgmxgSJkxx3cNEWJQ2uGgY/ustBpqqT4iwFDsgA/q
fcYTQFfNQBsC8/SmvQgxJSc+reUdQdp0z1vd8qjpSdFFcTq1qOtK0qDdz1Bbyl24
hAxvNM1KKav83C8aF7oHhEwLrkD+XiYKixdEiCJJp+A2i+vy2v8JnfgtFTpTgLNK
5xu2VmaiWmee9SLCiDIBKE4Ghtkr8DQ/5cKFCwthT8GXgQUtdsdwAaT3bWdCNfRm
DqgU/AyyXhoHXrUM25tPeF3hZuDn2yy6b1TbKA9GCpu5TtznZIHju40Px/XMIpQH
8d6s/pg+u/SnkhjYWaTvTcvsQ2FB/vZY/UzAVyosnoMBkVfL4UtAHGbb8FBVj1nf
Dv5VjSjl4vFjgOr3jygEAeD2cJ7L6jyKbtC/jo4dnOmPrSRShIjvfSU04L3z7FZS
XFjMmGb2Jj8a7vAGFmsJdwmIXZ1uoTwX56DbpNL88eCgZWFPGKU7TisdIWAmJj8U
N9wholjHJgw=
=E3bF
-----END PGP SIGNATURE-----
Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull keyring ACL support from David Howells:
"This changes the permissions model used by keys and keyrings to be
based on an internal ACL by the following means:
- Replace the permissions mask internally with an ACL that contains a
list of ACEs, each with a specific subject with a permissions mask.
Potted default ACLs are available for new keys and keyrings.
ACE subjects can be macroised to indicate the UID and GID specified
on the key (which remain). Future commits will be able to add
additional subject types, such as specific UIDs or domain
tags/namespaces.
Also split a number of permissions to give finer control. Examples
include splitting the revocation permit from the change-attributes
permit, thereby allowing someone to be granted permission to revoke
a key without allowing them to change the owner; also the ability
to join a keyring is split from the ability to link to it, thereby
stopping a process accessing a keyring by joining it and thus
acquiring use of possessor permits.
- Provide a keyctl to allow the granting or denial of one or more
permits to a specific subject. Direct access to the ACL is not
granted, and the ACL cannot be viewed"
* tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Provide KEYCTL_GRANT_PERMISSION
keys: Replace uid/gid/perm permissions checking with an ACL
|
||
|
Linus Torvalds
|
c84ca912b0 |
Keyrings namespacing
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRU89Pu3V2unywtrAQIdBBAAmMBsrfv+LUN4Vru/D6KdUO4zdYGcNK6m
S56bcNfP6oIDEj6HrNNnzKkWIZpdZ61Odv1zle96+v4WZ/6rnLCTpcsdaFNTzaoO
YT2jk7jplss0ImrMv1DSoykGqO3f0ThMIpGCxHKZADGSu0HMbjSEh+zLPV4BaMtT
BVuF7P3eZtDRLdDtMtYcgvf5UlbdoBEY8w1FUjReQx8hKGxVopGmCo5vAeiY8W9S
ybFSZhPS5ka33ynVrLJH2dqDo5A8pDhY8I4bdlcxmNtRhnPCYZnuvTqeAzyUKKdI
YN9zJeDu1yHs9mi8dp45NPJiKy6xLzWmUwqH8AvR8MWEkrwzqbzNZCEHZ41j74hO
YZWI0JXi72cboszFvOwqJERvITKxrQQyVQLPRQE2vVbG0bIZPl8i7oslFVhitsl+
evWqHb4lXY91rI9cC6JIXR1OiUjp68zXPv7DAnxv08O+PGcioU1IeOvPivx8QSx4
5aUeCkYIIAti/GISzv7xvcYh8mfO76kBjZSB35fX+R9DkeQpxsHmmpWe+UCykzWn
EwhHQn86+VeBFP6RAXp8CgNCLbrwkEhjzXQl/70s1eYbwvK81VcpDAQ6+cjpf4Hb
QUmrUJ9iE0wCNl7oqvJZoJvWVGlArvPmzpkTJk3N070X2R0T7x1WCsMlPDMJGhQ2
fVHvA3QdgWs=
=Push
-----END PGP SIGNATURE-----
Merge tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull keyring namespacing from David Howells:
"These patches help make keys and keyrings more namespace aware.
Firstly some miscellaneous patches to make the process easier:
- Simplify key index_key handling so that the word-sized chunks
assoc_array requires don't have to be shifted about, making it
easier to add more bits into the key.
- Cache the hash value in the key so that we don't have to calculate
on every key we examine during a search (it involves a bunch of
multiplications).
- Allow keying_search() to search non-recursively.
Then the main patches:
- Make it so that keyring names are per-user_namespace from the point
of view of KEYCTL_JOIN_SESSION_KEYRING so that they're not
accessible cross-user_namespace.
keyctl_capabilities() shows KEYCTL_CAPS1_NS_KEYRING_NAME for this.
- Move the user and user-session keyrings to the user_namespace
rather than the user_struct. This prevents them propagating
directly across user_namespaces boundaries (ie. the KEY_SPEC_*
flags will only pick from the current user_namespace).
- Make it possible to include the target namespace in which the key
shall operate in the index_key. This will allow the possibility of
multiple keys with the same description, but different target
domains to be held in the same keyring.
keyctl_capabilities() shows KEYCTL_CAPS1_NS_KEY_TAG for this.
- Make it so that keys are implicitly invalidated by removal of a
domain tag, causing them to be garbage collected.
- Institute a network namespace domain tag that allows keys to be
differentiated by the network namespace in which they operate. New
keys that are of a type marked 'KEY_TYPE_NET_DOMAIN' are assigned
the network domain in force when they are created.
- Make it so that the desired network namespace can be handed down
into the request_key() mechanism. This allows AFS, NFS, etc. to
request keys specific to the network namespace of the superblock.
This also means that the keys in the DNS record cache are
thenceforth namespaced, provided network filesystems pass the
appropriate network namespace down into dns_query().
For DNS, AFS and NFS are good, whilst CIFS and Ceph are not. Other
cache keyrings, such as idmapper keyrings, also need to set the
domain tag - for which they need access to the network namespace of
the superblock"
* tag 'keys-namespace-20190627' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Pass the network namespace into request_key mechanism
keys: Network namespace domain tag
keys: Garbage collect keys for which the domain has been removed
keys: Include target namespace in match criteria
keys: Move the user and user-session keyrings to the user_namespace
keys: Namespace keyring names
keys: Add a 'recurse' flag for keyring searches
keys: Cache the hash value to avoid lots of recalculation
keys: Simplify key description management
|
||
|
Linus Torvalds
|
c236b6dd48 |
request_key improvements
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXRPObfu3V2unywtrAQJLKA//WENO5pZDHe49T+4GCY0ZmnGHKBUnU7g9
DUjxSNS8a/nwCyEdApZk9uHp2xsOedP6pjQ4VRWMQfrIPx0Yh9o3J+BQxvyP7PDf
jEH+5CYC8dZnJJjjteWCcPEGrUoNb1YKfDRBU745YY+rLdHWvhHc27B6SYBg5BGT
OwW3qyHvp0WMp7TehMALdnkqGph5gR5QMr45tOrH6DkGAhN8mAIKD699d3MqZG73
+S5KlQOlDlEVrxbD/BgzlzEJQUBQyq8hd61taBFT7LXBNlLJJOnMhd7UJY5IJE7J
Vi9NpcLj4Emwv4wvZ2xneV0rMbsCbxRMKZLDRuqQ6Tm17xjpjro4n1ujneTAqmmy
d+XlrVQ2ZMciMNmGleezOoBib9QbY5NWdilc2ls5ydFGiBVL73bIOYtEQNai8lWd
LBBIIrxOmLO7bnipgqVKRnqeMdMkpWaLISoRfSeJbRt4lGxmka9bDBrSgONnxzJK
JG+sB8ahSVZaBbhERW8DKnBz61Yf8ka7ijVvjH3zCXu0rbLTy+LLUz5kbzbBP9Fc
LiUapLV/v420gD2ZRCgPQwtQui4TpBkSGJKS1Ippyn7LGBNCZLM4Y8vOoo4nqr7z
RhpEKbKeOdVjORaYjO8Zttj8gN9rT6WnPcyCTHdNEnyjotU1ykyVBkzexj+VYvjM
C3eIdjG7Jk0=
=c2FO
-----END PGP SIGNATURE-----
Merge tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull request_key improvements from David Howells:
"These are all request_key()-related, including a fix and some improvements:
- Fix the lack of a Link permission check on a key found by
request_key(), thereby enabling request_key() to link keys that
don't grant this permission to the target keyring (which must still
grant Write permission).
Note that the key must be in the caller's keyrings already to be
found.
- Invalidate used request_key authentication keys rather than
revoking them, so that they get cleaned up immediately rather than
hanging around till the expiry time is passed.
- Move the RCU locks outwards from the keyring search functions so
that a request_key_rcu() can be provided. This can be called in RCU
mode, so it can't sleep and can't upcall - but it can be called
from LOOKUP_RCU pathwalk mode.
- Cache the latest positive result of request_key*() temporarily in
task_struct so that filesystems that make a lot of request_key()
calls during pathwalk can take advantage of it to avoid having to
redo the searching. This requires CONFIG_KEYS_REQUEST_CACHE=y.
It is assumed that the key just found is likely to be used multiple
times in each step in an RCU pathwalk, and is likely to be reused
for the next step too.
Note that the cleanup of the cache is done on TIF_NOTIFY_RESUME,
just before userspace resumes, and on exit"
* tag 'keys-request-20190626' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Kill off request_key_async{,_with_auxdata}
keys: Cache result of request_key*() temporarily in task_struct
keys: Provide request_key_rcu()
keys: Move the RCU locks outwards from the keyring search functions
keys: Invalidate used request_key authentication keys
keys: Fix request_key() lack of Link perm check on found key
|
||
|
Linus Torvalds
|
d44a62742d |
Keyrings miscellany
-----BEGIN PGP SIGNATURE-----
iQIVAwUAXQo23fu3V2unywtrAQJghA/+Oi2W9tSfz67zMupYiqa71x5Zg5XlUVIz
RJxSIwYhE4bhGwodTmqgRlT6f64Gbgt0K8YapGUIbtV/T6d1w02oEmt0V9vad9Zi
wTH79hH5QKNvewUDhrWODsWhtOBWu1sGt9OozI+c65lsvTpHY4Ox7zIl4DtfBdNK
nLUxl82h7EHF9H4TtIKxfKlLkIkmt7NRbK3z1eUP+IG/7MBzoyXgXo/gvoHUCOMR
lhGxttZfxYdZuR9JoR2FBckvKulgafbwjoUc69EDfr8a8IZZrpaUuSTvSPbCfzj1
j0yXfoowiWvsI1lFFBHeE0BfteJRQ9O2Pkwh1Z9M6v4zjwNNprDOw9a3VroeSgS/
OWJyHNjeNLDMMZDm1YYCYs0B416q+lZtdAoE/nhR/lGZlBfKTyAa6Cfo4r0RBpYb
zAxk6K4HcLBL0dkxkTXkxUJPnoDts5bMEL3YuZeVWd7Ef5s5GHW34JI+CFrMR29s
fC9W+ZEZ74fVo2goPz2ekeiSyp28TkWusXxUCk07g0BsXQzB7v5XXUGtU9hAJ6pe
aMBfLwAvQkkGi56CPnGWn6WlZ+AgxbRqnlYWpWf0q+PLiuyo4OeRZzhn6AdNQcCR
2QsTBILOvZbhjEki84ZfsuLLq2k79C2xluEd9JlSAvx5/D93xjMB2qVzR1M6DbdA
+u1nS8Z6WHA=
=Oy7N
-----END PGP SIGNATURE-----
Merge tag 'keys-misc-20190619' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull misc keyring updates from David Howells:
"These are some miscellaneous keyrings fixes and improvements:
- Fix a bunch of warnings from sparse, including missing RCU bits and
kdoc-function argument mismatches
- Implement a keyctl to allow a key to be moved from one keyring to
another, with the option of prohibiting key replacement in the
destination keyring.
- Grant Link permission to possessors of request_key_auth tokens so
that upcall servicing daemons can more easily arrange things such
that only the necessary auth key is passed to the actual service
program, and not all the auth keys a daemon might possesss.
- Improvement in lookup_user_key().
- Implement a keyctl to allow keyrings subsystem capabilities to be
queried.
The keyutils next branch has commits to make available, document and
test the move-key and capabilities code:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/log
They're currently on the 'next' branch"
* tag 'keys-misc-20190619' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
keys: Add capability-checking keyctl function
keys: Reuse keyring_index_key::desc_len in lookup_user_key()
keys: Grant Link permission to possessers of request_key auth keys
keys: Add a keyctl to move a key between keyrings
keys: Hoist locking out of __key_link_begin()
keys: Break bits out of key_unlink()
keys: Change keyring_serialise_link_sem to a mutex
keys: sparse: Fix kdoc mismatches
keys: sparse: Fix incorrect RCU accesses
keys: sparse: Fix key_fs[ug]id_changed()
|
||
|
Linus Torvalds
|
7c0f896348 |
selinux/stable-5.3 PR 20190702
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAl0bgMAUHHBhdWxAcGF1
bC1tb29yZS5jb20ACgkQ6iDy2pc3iXNHGBAAhzLWq9IKtjNAro2TT9G6YQsO6Q/J
ZGIgmL5ZlfRAMP8X7/iHz4Jp6oC7q38l0pfyM/NGgwYF4zT37mMPMxV03tHUSzNq
cKE0PtpN3v0k1+zR8U9C9qK3yWhFRFPEdECEgqy6KBEVYc4bAvLH12iXUN6leizU
ZWfJC5NRG0IzvA+WMAEpw5R7Lyk6r3avpSr00wudxo4Kb/YOsVpZ4bUWmIZPbZAG
5S72R6F12DTEYXCdZPb1duj8iGfBBAnphMWfhkDLkgsNCWuED2ihLEAXpVl+V+Ao
pJ30J4ov5mVwsNHtALsdgfOq81dMLnXZalZcynHx50u9hlk3XxM/4Y+K3EbQs9fO
qVBXt1jn3Znftq+nq+KTeGPttbsqxKEFxTgooY/6PfFiXqGUE0471kD0UkMRDFlj
GaNSi8h6DhhHCaf8gmFXZN/hUbYEPeRklesggR1d+GHjAFPg0ySukPEZZaKifAbo
WIPcMPpClWmIap5gPt394IXca/5yXZLDQBuDfZHjSUMboEOvwtuWMU05mLZi2wWI
i9Kmd/gIq021xlIsi0FaumVNFuMVAFEKt012cDEtUYi7TTbKylZb3zxx9g2AfBm4
5K8UT1M6Z48l1OMSwbytYTNbd3nP5IrYvcxX1Jf7DuHYamZJCFFQ9H2Acb4nQ5BA
mX36B/AwhrMNo+8=
=e6OO
-----END PGP SIGNATURE-----
Merge tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore:
"Like the audit pull request this is a little early due to some
upcoming vacation plans and uncertain network access while I'm away.
Also like the audit PR, the list of patches here is pretty minor, the
highlights include:
- Explicitly use __le variables to make sure "sparse" can verify
proper byte endian handling.
- Remove some BUG_ON()s that are no longer needed.
- Allow zero-byte writes to the "keycreate" procfs attribute without
requiring key:create to make it easier for userspace to reset the
keycreate label.
- Consistently log the "invalid_context" field as an untrusted string
in the AUDIT_SELINUX_ERR audit records"
* tag 'selinux-pr-20190702' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: format all invalid context as untrusted
selinux: fix empty write to keycreate file
selinux: remove some no-op BUG_ONs
selinux: provide __le variables explicitly
|
||
|
Linus Torvalds
|
e192832869 |
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull locking updates from Ingo Molnar: "The main changes in this cycle are: - rwsem scalability improvements, phase #2, by Waiman Long, which are rather impressive: "On a 2-socket 40-core 80-thread Skylake system with 40 reader and writer locking threads, the min/mean/max locking operations done in a 5-second testing window before the patchset were: 40 readers, Iterations Min/Mean/Max = 1,807/1,808/1,810 40 writers, Iterations Min/Mean/Max = 1,807/50,344/151,255 After the patchset, they became: 40 readers, Iterations Min/Mean/Max = 30,057/31,359/32,741 40 writers, Iterations Min/Mean/Max = 94,466/95,845/97,098" There's a lot of changes to the locking implementation that makes it similar to qrwlock, including owner handoff for more fair locking. Another microbenchmark shows how across the spectrum the improvements are: "With a locking microbenchmark running on 5.1 based kernel, the total locking rates (in kops/s) on a 2-socket Skylake system with equal numbers of readers and writers (mixed) before and after this patchset were: # of Threads Before Patch After Patch ------------ ------------ ----------- 2 2,618 4,193 4 1,202 3,726 8 802 3,622 16 729 3,359 32 319 2,826 64 102 2,744" The changes are extensive and the patch-set has been through several iterations addressing various locking workloads. There might be more regressions, but unless they are pathological I believe we want to use this new implementation as the baseline going forward. - jump-label optimizations by Daniel Bristot de Oliveira: the primary motivation was to remove IPI disturbance of isolated RT-workload CPUs, which resulted in the implementation of batched jump-label updates. Beyond the improvement of the real-time characteristics kernel, in one test this patchset improved static key update overhead from 57 msecs to just 1.4 msecs - which is a nice speedup as well. - atomic64_t cross-arch type cleanups by Mark Rutland: over the last ~10 years of atomic64_t existence the various types used by the APIs only had to be self-consistent within each architecture - which means they became wildly inconsistent across architectures. Mark puts and end to this by reworking all the atomic64 implementations to use 's64' as the base type for atomic64_t, and to ensure that this type is consistently used for parameters and return values in the API, avoiding further problems in this area. - A large set of small improvements to lockdep by Yuyang Du: type cleanups, output cleanups, function return type and othr cleanups all around the place. - A set of percpu ops cleanups and fixes by Peter Zijlstra. - Misc other changes - please see the Git log for more details" * 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (82 commits) locking/lockdep: increase size of counters for lockdep statistics locking/atomics: Use sed(1) instead of non-standard head(1) option locking/lockdep: Move mark_lock() inside CONFIG_TRACE_IRQFLAGS && CONFIG_PROVE_LOCKING x86/jump_label: Make tp_vec_nr static x86/percpu: Optimize raw_cpu_xchg() x86/percpu, sched/fair: Avoid local_clock() x86/percpu, x86/irq: Relax {set,get}_irq_regs() x86/percpu: Relax smp_processor_id() x86/percpu: Differentiate this_cpu_{}() and __this_cpu_{}() locking/rwsem: Guard against making count negative locking/rwsem: Adaptive disabling of reader optimistic spinning locking/rwsem: Enable time-based spinning on reader-owned rwsem locking/rwsem: Make rwsem->owner an atomic_long_t locking/rwsem: Enable readers spinning on writer locking/rwsem: Clarify usage of owner's nonspinaable bit locking/rwsem: Wake up almost all readers in wait queue locking/rwsem: More optimal RT task handling of null owner locking/rwsem: Always release wait_lock before waking up tasks locking/rwsem: Implement lock handoff to prevent lock starvation locking/rwsem: Make rwsem_spin_on_owner() return owner state ... |
||
Carmeli Tamir
|
c5eaab1d13 |
security/commoncap: Use xattr security prefix len
Using the existing defined XATTR_SECURITY_PREFIX_LEN instead of sizeof(XATTR_SECURITY_PREFIX) - 1. Pretty simple cleanup. Signed-off-by: Carmeli Tamir <carmeli.tamir@gmail.com> Signed-off-by: James Morris <jamorris@linux.microsoft.com> |
||
|
David Howells
|
5afdd0f1e6 |
vfs: Convert smackfs to use the new mount API
Convert the smackfs filesystem to the new internal mount API as the old one will be obsoleted and removed. This allows greater flexibility in communication of mount parameters between userspace, the VFS and the filesystem. See Documentation/filesystems/mount_api.txt for more information. Signed-off-by: David Howells <dhowells@redhat.com> cc: Casey Schaufler <casey@schaufler-ca.com> cc: linux-security-module@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
David Howells
|
920f50b2a4 |
vfs: Convert selinuxfs to use the new mount API
Convert the selinuxfs filesystem to the new internal mount API as the old one will be obsoleted and removed. This allows greater flexibility in communication of mount parameters between userspace, the VFS and the filesystem. See Documentation/filesystems/mount_api.txt for more information. Signed-off-by: David Howells <dhowells@redhat.com> cc: Paul Moore <paul@paul-moore.com> cc: Stephen Smalley <sds@tycho.nsa.gov> cc: Eric Paris <eparis@parisplace.org> cc: selinux@vger.kernel.org cc: linux-security-module@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
David Howells
|
5c86d7e043 |
vfs: Convert securityfs to use the new mount API
Convert the securityfs filesystem to the new internal mount API as the old one will be obsoleted and removed. This allows greater flexibility in communication of mount parameters between userspace, the VFS and the filesystem. See Documentation/filesystems/mount_api.txt for more information. Signed-off-by: David Howells <dhowells@redhat.com> cc: linux-security-module@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
David Howells
|
b0ecc9da5f |
vfs: Convert apparmorfs to use the new mount API
Convert the apparmorfs filesystem to the new internal mount API as the old one will be obsoleted and removed. This allows greater flexibility in communication of mount parameters between userspace, the VFS and the filesystem. See Documentation/filesystems/mount_api.txt for more information. Signed-off-by: David Howells <dhowells@redhat.com> cc: John Johansen <john.johansen@canonical.com> cc: apparmor@lists.ubuntu.com cc: linux-security-module@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
David Howells
|
7a1ade8475 |
keys: Provide KEYCTL_GRANT_PERMISSION
Provide a keyctl() operation to grant/remove permissions. The grant operation, wrapped by libkeyutils, looks like: int ret = keyctl_grant_permission(key_serial_t key, enum key_ace_subject_type type, unsigned int subject, unsigned int perm); Where key is the key to be modified, type and subject represent the subject to which permission is to be granted (or removed) and perm is the set of permissions to be granted. 0 is returned on success. SET_SECURITY permission is required for this. The subject type currently must be KEY_ACE_SUBJ_STANDARD for the moment (other subject types will come along later). For subject type KEY_ACE_SUBJ_STANDARD, the following subject values are available: KEY_ACE_POSSESSOR The possessor of the key KEY_ACE_OWNER The owner of the key KEY_ACE_GROUP The key's group KEY_ACE_EVERYONE Everyone perm lists the permissions to be granted: KEY_ACE_VIEW Can view the key metadata KEY_ACE_READ Can read the key content KEY_ACE_WRITE Can update/modify the key content KEY_ACE_SEARCH Can find the key by searching/requesting KEY_ACE_LINK Can make a link to the key KEY_ACE_SET_SECURITY Can set security KEY_ACE_INVAL Can invalidate KEY_ACE_REVOKE Can revoke KEY_ACE_JOIN Can join this keyring KEY_ACE_CLEAR Can clear this keyring If an ACE already exists for the subject, then the permissions mask will be overwritten; if perm is 0, it will be deleted. Currently, the internal ACL is limited to a maximum of 16 entries. For example: int ret = keyctl_grant_permission(key, KEY_ACE_SUBJ_STANDARD, KEY_ACE_OWNER, KEY_ACE_VIEW | KEY_ACE_READ); Signed-off-by: David Howells <dhowells@redhat.com> |
||
Richard Guy Briggs
|
ea74a685ad |
selinux: format all invalid context as untrusted
The userspace tools expect all fields of the same name to be logged consistently with the same encoding. Since the invalid_context fields contain untrusted strings in selinux_inode_setxattr() and selinux_setprocattr(), encode all instances of this field the same way as though they were untrusted even though compute_sid_handle_invalid_context() and security_sid_mls_copy() are trusted. Please see github issue https://github.com/linux-audit/audit-kernel/issues/57 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Thiago Jung Bauermann
|
650b29dbdf |
integrity: Introduce struct evm_xattr
Even though struct evm_ima_xattr_data includes a fixed-size array to hold a SHA1 digest, most of the code ignores the array and uses the struct to mean "type indicator followed by data of unspecified size" and tracks the real size of what the struct represents in a separate length variable. The only exception to that is the EVM code, which correctly uses the definition of struct evm_ima_xattr_data. So make this explicit in the code by removing the length specification from the array in struct evm_ima_xattr_data. Also, change the name of the element from digest to data since in most places the array doesn't hold a digest. A separate struct evm_xattr is introduced, with the original definition of evm_ima_xattr_data to be used in the places that actually expect that definition, specifically the EVM HMAC code. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Thiago Jung Bauermann
|
337619eb44 |
ima: Update MAX_TEMPLATE_NAME_LEN to fit largest reasonable definition
MAX_TEMPLATE_NAME_LEN is used when restoring measurements carried over from a kexec. It should be set to the length of a template containing all fields except for 'd' and 'n', which don't need to be accounted for since they shouldn't be defined in the same template description as 'd-ng' and 'n-ng'. That length is greater than the current 15, so update using a sizeof() to show where the number comes from and also can be visually shown to be correct. The sizeof() is calculated at compile time. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
Prakhar Srivastava
|
86b4da8c0e |
IMA: Define a new template field buf
A buffer(kexec boot command line arguments) measured into IMA measuremnt list cannot be appraised, without already being aware of the buffer contents. Since hashes are non-reversible, raw buffer is needed for validation or regenerating hash for appraisal/attestation. Add support to store/read the buffer contents in HEX. The kexec cmdline hash is stored in the "d-ng" field of the template data. It can be verified using sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum - Add two new fields to ima_event_data to hold the buf and buf_len - Add a new template field 'buf' to be used to store/read the buffer data. - Updated process_buffer_meaurement to add the buffer to ima_event_data. process_buffer_measurement added in "Define a new IMA hook to measure the boot command line arguments" - Add a new template policy name ima-buf to represent 'd-ng|n-ng|buf' Signed-off-by: Prakhar Srivastava <prsriva02@gmail.com> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: James Morris <jamorris@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
David Howells
|
2e12256b9a |
keys: Replace uid/gid/perm permissions checking with an ACL
Replace the uid/gid/perm permissions checking on a key with an ACL to allow
the SETATTR and SEARCH permissions to be split. This will also allow a
greater range of subjects to represented.
============
WHY DO THIS?
============
The problem is that SETATTR and SEARCH cover a slew of actions, not all of
which should be grouped together.
For SETATTR, this includes actions that are about controlling access to a
key:
(1) Changing a key's ownership.
(2) Changing a key's security information.
(3) Setting a keyring's restriction.
And actions that are about managing a key's lifetime:
(4) Setting an expiry time.
(5) Revoking a key.
and (proposed) managing a key as part of a cache:
(6) Invalidating a key.
Managing a key's lifetime doesn't really have anything to do with
controlling access to that key.
Expiry time is awkward since it's more about the lifetime of the content
and so, in some ways goes better with WRITE permission. It can, however,
be set unconditionally by a process with an appropriate authorisation token
for instantiating a key, and can also be set by the key type driver when a
key is instantiated, so lumping it with the access-controlling actions is
probably okay.
As for SEARCH permission, that currently covers:
(1) Finding keys in a keyring tree during a search.
(2) Permitting keyrings to be joined.
(3) Invalidation.
But these don't really belong together either, since these actions really
need to be controlled separately.
Finally, there are number of special cases to do with granting the
administrator special rights to invalidate or clear keys that I would like
to handle with the ACL rather than key flags and special checks.
===============
WHAT IS CHANGED
===============
The SETATTR permission is split to create two new permissions:
(1) SET_SECURITY - which allows the key's owner, group and ACL to be
changed and a restriction to be placed on a keyring.
(2) REVOKE - which allows a key to be revoked.
The SEARCH permission is split to create:
(1) SEARCH - which allows a keyring to be search and a key to be found.
(2) JOIN - which allows a keyring to be joined as a session keyring.
(3) INVAL - which allows a key to be invalidated.
The WRITE permission is also split to create:
(1) WRITE - which allows a key's content to be altered and links to be
added, removed and replaced in a keyring.
(2) CLEAR - which allows a keyring to be cleared completely. This is
split out to make it possible to give just this to an administrator.
(3) REVOKE - see above.
Keys acquire ACLs which consist of a series of ACEs, and all that apply are
unioned together. An ACE specifies a subject, such as:
(*) Possessor - permitted to anyone who 'possesses' a key
(*) Owner - permitted to the key owner
(*) Group - permitted to the key group
(*) Everyone - permitted to everyone
Note that 'Other' has been replaced with 'Everyone' on the assumption that
you wouldn't grant a permit to 'Other' that you wouldn't also grant to
everyone else.
Further subjects may be made available by later patches.
The ACE also specifies a permissions mask. The set of permissions is now:
VIEW Can view the key metadata
READ Can read the key content
WRITE Can update/modify the key content
SEARCH Can find the key by searching/requesting
LINK Can make a link to the key
SET_SECURITY Can change owner, ACL, expiry
INVAL Can invalidate
REVOKE Can revoke
JOIN Can join this keyring
CLEAR Can clear this keyring
The KEYCTL_SETPERM function is then deprecated.
The KEYCTL_SET_TIMEOUT function then is permitted if SET_SECURITY is set,
or if the caller has a valid instantiation auth token.
The KEYCTL_INVALIDATE function then requires INVAL.
The KEYCTL_REVOKE function then requires REVOKE.
The KEYCTL_JOIN_SESSION_KEYRING function then requires JOIN to join an
existing keyring.
The JOIN permission is enabled by default for session keyrings and manually
created keyrings only.
======================
BACKWARD COMPATIBILITY
======================
To maintain backward compatibility, KEYCTL_SETPERM will translate the
permissions mask it is given into a new ACL for a key - unless
KEYCTL_SET_ACL has been called on that key, in which case an error will be
returned.
It will convert possessor, owner, group and other permissions into separate
ACEs, if each portion of the mask is non-zero.
SETATTR permission turns on all of INVAL, REVOKE and SET_SECURITY. WRITE
permission turns on WRITE, REVOKE and, if a keyring, CLEAR. JOIN is turned
on if a keyring is being altered.
The KEYCTL_DESCRIBE function translates the ACL back into a permissions
mask to return depending on possessor, owner, group and everyone ACEs.
It will make the following mappings:
(1) INVAL, JOIN -> SEARCH
(2) SET_SECURITY -> SETATTR
(3) REVOKE -> WRITE if SETATTR isn't already set
(4) CLEAR -> WRITE
Note that the value subsequently returned by KEYCTL_DESCRIBE may not match
the value set with KEYCTL_SETATTR.
=======
TESTING
=======
This passes the keyutils testsuite for all but a couple of tests:
(1) tests/keyctl/dh_compute/badargs: The first wrong-key-type test now
returns EOPNOTSUPP rather than ENOKEY as READ permission isn't removed
if the type doesn't have ->read(). You still can't actually read the
key.
(2) tests/keyctl/permitting/valid: The view-other-permissions test doesn't
work as Other has been replaced with Everyone in the ACL.
Signed-off-by: David Howells <dhowells@redhat.com>
|
||
|
David Howells
|
a58946c158 |
keys: Pass the network namespace into request_key mechanism
Create a request_key_net() function and use it to pass the network namespace domain tag into DNS revolver keys and rxrpc/AFS keys so that keys for different domains can coexist in the same keyring. Signed-off-by: David Howells <dhowells@redhat.com> cc: netdev@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: linux-cifs@vger.kernel.org cc: linux-afs@lists.infradead.org |
||
|
David Howells
|
9b24261051 |
keys: Network namespace domain tag
Create key domain tags for network namespaces and make it possible to automatically tag keys that are used by networked services (e.g. AF_RXRPC, AFS, DNS) with the default network namespace if not set by the caller. This allows keys with the same description but in different namespaces to coexist within a keyring. Signed-off-by: David Howells <dhowells@redhat.com> cc: netdev@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: linux-cifs@vger.kernel.org cc: linux-afs@lists.infradead.org |
||
|
David Howells
|
218e6424e7 |
keys: Garbage collect keys for which the domain has been removed
If a key operation domain (such as a network namespace) has been removed then attempt to garbage collect all the keys that use it. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
3b6e4de05e |
keys: Include target namespace in match criteria
Currently a key has a standard matching criteria of { type, description }
and this is used to only allow keys with unique criteria in a keyring.
This means, however, that you cannot have keys with the same type and
description but a different target namespace in the same keyring.
This is a potential problem for a containerised environment where, say, a
container is made up of some parts of its mount space involving netfs
superblocks from two different network namespaces.
This is also a problem for shared system management keyrings such as the
DNS records keyring or the NFS idmapper keyring that might contain keys
from different network namespaces.
Fix this by including a namespace component in a key's matching criteria.
Keyring types are marked to indicate which, if any, namespace is relevant
to keys of that type, and that namespace is set when the key is created
from the current task's namespace set.
The capability bit KEYCTL_CAPS1_NS_KEY_TAG is set if the kernel is
employing this feature.
Signed-off-by: David Howells <dhowells@redhat.com>
|
||
|
David Howells
|
0f44e4d976 |
keys: Move the user and user-session keyrings to the user_namespace
Move the user and user-session keyrings to the user_namespace struct rather than pinning them from the user_struct struct. This prevents these keyrings from propagating across user-namespaces boundaries with regard to the KEY_SPEC_* flags, thereby making them more useful in a containerised environment. The issue is that a single user_struct may be represent UIDs in several different namespaces. The way the patch does this is by attaching a 'register keyring' in each user_namespace and then sticking the user and user-session keyrings into that. It can then be searched to retrieve them. Signed-off-by: David Howells <dhowells@redhat.com> cc: Jann Horn <jannh@google.com> |
||
|
David Howells
|
b206f281d0 |
keys: Namespace keyring names
Keyring names are held in a single global list that any process can pick
from by means of keyctl_join_session_keyring (provided the keyring grants
Search permission). This isn't very container friendly, however.
Make the following changes:
(1) Make default session, process and thread keyring names begin with a
'.' instead of '_'.
(2) Keyrings whose names begin with a '.' aren't added to the list. Such
keyrings are system specials.
(3) Replace the global list with per-user_namespace lists. A keyring adds
its name to the list for the user_namespace that it is currently in.
(4) When a user_namespace is deleted, it just removes itself from the
keyring name list.
The global keyring_name_lock is retained for accessing the name lists.
This allows (4) to work.
This can be tested by:
# keyctl newring foo @s
995906392
# unshare -U
$ keyctl show
...
995906392 --alswrv 65534 65534 \_ keyring: foo
...
$ keyctl session foo
Joined session keyring: 935622349
As can be seen, a new session keyring was created.
The capability bit KEYCTL_CAPS1_NS_KEYRING_NAME is set if the kernel is
employing this feature.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Eric W. Biederman <ebiederm@xmission.com>
|
||
|
David Howells
|
dcf49dbc80 |
keys: Add a 'recurse' flag for keyring searches
Add a 'recurse' flag for keyring searches so that the flag can be omitted and recursion disabled, thereby allowing just the nominated keyring to be searched and none of the children. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
355ef8e158 |
keys: Cache the hash value to avoid lots of recalculation
Cache the hash of the key's type and description in the index key so that we're not recalculating it every time we look at a key during a search. The hash function does a bunch of multiplications, so evading those is probably worthwhile - especially as this is done for every key examined during a search. This also allows the methods used by assoc_array to get chunks of index-key to be simplified. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
f771fde820 |
keys: Simplify key description management
Simplify key description management by cramming the word containing the length with the first few chars of the description also. This simplifies the code that generates the index-key used by assoc_array. It should speed up key searching a bit too. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
3b8c4a08a4 |
keys: Kill off request_key_async{,_with_auxdata}
Kill off request_key_async{,_with_auxdata}() as they're not currently used.
Signed-off-by: David Howells <dhowells@redhat.com>
|
||
|
Prakhar Srivastava
|
b0935123a1 |
IMA: Define a new hook to measure the kexec boot command line arguments
Currently during soft reboot(kexec_file_load) boot command line arguments are not measured. Define hooks needed to measure kexec command line arguments during soft reboot(kexec_file_load). - A new ima hook ima_kexec_cmdline is defined to be called by the kexec code. - A new function process_buffer_measurement is defined to measure the buffer hash into the IMA measurement list. - A new func policy KEXEC_CMDLINE is defined to control the measurement. Signed-off-by: Prakhar Srivastava <prsriva02@gmail.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
Greg Kroah-Hartman
|
9a7ed8b83e |
Linux 5.2-rc6
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl0Os1seHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGtx4H/j6i482XzcGFKTBm A7mBoQpy+kLtoUov4EtBAR62OuwI8rsahW9di37QKndPoQrczWaKBmr3De6LCdPe v3pl3O6wBbvH5ru+qBPFX9PdNbDvimEChh7LHxmMxNQq3M+AjZAZVJyfpoiFnx35 Fbge+LZaH/k8HMwZmkMr5t9Mpkip715qKg2o9Bua6dkH0AqlcpLlC8d9a+HIVw/z aAsyGSU8jRwhoAOJsE9bJf0acQ/pZSqmFp0rDKqeFTSDMsbDRKLGq/dgv4nW0RiW s7xqsjb/rdcvirRj3rv9+lcTVkOtEqwk0PVdL9WOf7g4iYrb3SOIZh8ZyViaDSeH VTS5zps= =huBY -----END PGP SIGNATURE----- Merge 5.2-rc6 into android-mainline Linux 5.2-rc6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
David S. Miller
|
92ad6325cb |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Minor SPDX change conflict. Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Linus Torvalds
|
c884d8ac7f |
SPDX update for 5.2-rc6
Another round of SPDX updates for 5.2-rc6 Here is what I am guessing is going to be the last "big" SPDX update for 5.2. It contains all of the remaining GPLv2 and GPLv2+ updates that were "easy" to determine by pattern matching. The ones after this are going to be a bit more difficult and the people on the spdx list will be discussing them on a case-by-case basis now. Another 5000+ files are fixed up, so our overall totals are: Files checked: 64545 Files with SPDX: 45529 Compared to the 5.1 kernel which was: Files checked: 63848 Files with SPDX: 22576 This is a huge improvement. Also, we deleted another 20000 lines of boilerplate license crud, always nice to see in a diffstat. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -----BEGIN PGP SIGNATURE----- iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCXQyQYA8cZ3JlZ0Brcm9h aC5jb20ACgkQMUfUDdst+ymnGQCghETUBotn1p3hTjY56VEs6dGzpHMAnRT0m+lv kbsjBGEJpLbMRB2krnaU =RMcT -----END PGP SIGNATURE----- Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx Pull still more SPDX updates from Greg KH: "Another round of SPDX updates for 5.2-rc6 Here is what I am guessing is going to be the last "big" SPDX update for 5.2. It contains all of the remaining GPLv2 and GPLv2+ updates that were "easy" to determine by pattern matching. The ones after this are going to be a bit more difficult and the people on the spdx list will be discussing them on a case-by-case basis now. Another 5000+ files are fixed up, so our overall totals are: Files checked: 64545 Files with SPDX: 45529 Compared to the 5.1 kernel which was: Files checked: 63848 Files with SPDX: 22576 This is a huge improvement. Also, we deleted another 20000 lines of boilerplate license crud, always nice to see in a diffstat" * tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx: (65 commits) treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 507 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 506 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 504 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 503 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 502 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 501 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 499 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 498 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 496 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 495 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 491 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 490 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 489 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 488 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 487 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 486 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 485 ... |
||
|
Matthew Garrett
|
19453ce0bc |
IMA: support for per policy rule template formats
Admins may wish to log different measurements using different IMA templates. Add support for overriding the default template on a per-rule basis. Inspired-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
||
|
David Howells
|
7743c48e54 |
keys: Cache result of request_key*() temporarily in task_struct
If a filesystem uses keys to hold authentication tokens, then it needs a
token for each VFS operation that might perform an authentication check -
either by passing it to the server, or using to perform a check based on
authentication data cached locally.
For open files this isn't a problem, since the key should be cached in the
file struct since it represents the subject performing operations on that
file descriptor.
During pathwalk, however, there isn't anywhere to cache the key, except
perhaps in the nameidata struct - but that isn't exposed to the
filesystems. Further, a pathwalk can incur a lot of operations, calling
one or more of the following, for instance:
->lookup()
->permission()
->d_revalidate()
->d_automount()
->get_acl()
->getxattr()
on each dentry/inode it encounters - and each one may need to call
request_key(). And then, at the end of pathwalk, it will call the actual
operation:
->mkdir()
->mknod()
->getattr()
->open()
...
which may need to go and get the token again.
However, it is very likely that all of the operations on a single
dentry/inode - and quite possibly a sequence of them - will all want to use
the same authentication token, which suggests that caching it would be a
good idea.
To this end:
(1) Make it so that a positive result of request_key() and co. that didn't
require upcalling to userspace is cached temporarily in task_struct.
(2) The cache is 1 deep, so a new result displaces the old one.
(3) The key is released by exit and by notify-resume.
(4) The cache is cleared in a newly forked process.
Signed-off-by: David Howells <dhowells@redhat.com>
|
||
|
David Howells
|
896f1950e5 |
keys: Provide request_key_rcu()
Provide a request_key_rcu() function that can be used to request a key under RCU conditions. It can only search and check permissions; it cannot allocate a new key, upcall or wait for an upcall to complete. It may return a partially constructed key. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
e59428f721 |
keys: Move the RCU locks outwards from the keyring search functions
Move the RCU locks outwards from the keyring search functions so that it will become possible to provide an RCU-capable partial request_key() function in a later commit. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
a09003b5d7 |
keys: Invalidate used request_key authentication keys
Invalidate used request_key authentication keys rather than revoking them so that they get cleaned up immediately rather than potentially hanging around. There doesn't seem any need to keep the revoked keys around. Signed-off-by: David Howells <dhowells@redhat.com> |
||
|
David Howells
|
504b69eb3c |
keys: Fix request_key() lack of Link perm check on found key
The request_key() syscall allows a process to gain access to the 'possessor' permits of any key that grants it Search permission by virtue of request_key() not checking whether a key it finds grants Link permission to the caller. Signed-off-by: David Howells <dhowells@redhat.com> |
||
Thomas Gleixner
|
d2912cb15b |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
Based on 2 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation # extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 4122 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Enrico Weigelt <info@metux.net> Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
David Howells
|
45e0f30c30 |
keys: Add capability-checking keyctl function
Add a keyctl function that requests a set of capability bits to find out what features are supported. Signed-off-by: David Howells <dhowells@redhat.com> |
||
Mike Salvatore
|
156e42996b |
apparmor: reset pos on failure to unpack for various functions
Each function that manipulates the aa_ext struct should reset it's "pos"
member on failure. This ensures that, on failure, no changes are made to
the state of the aa_ext struct.
There are paths were elements are optional and the error path is
used to indicate the optional element is not present. This means
instead of just aborting on error the unpack stream can become
unsynchronized on optional elements, if using one of the affected
functions.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Jann Horn
|
8404d7a674 |
apparmor: enforce nullbyte at end of tag string
A packed AppArmor policy contains null-terminated tag strings that are read
by unpack_nameX(). However, unpack_nameX() uses string functions on them
without ensuring that they are actually null-terminated, potentially
leading to out-of-bounds accesses.
Make sure that the tag string is null-terminated before passing it to
strcmp().
Cc: stable@vger.kernel.org
Fixes:
|
||
|
John Johansen
|
23375b13f9 |
apparmor: fix PROFILE_MEDIATES for untrusted input
While commit |
||
|
David S. Miller
|
13091aa305 |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Honestly all the conflicts were simple overlapping changes, nothing really interesting to report. Signed-off-by: David S. Miller <davem@davemloft.net> |
||
Geert Uytterhoeven
|
8c655784e2 |
integrity: Fix __integrity_init_keyring() section mismatch
With gcc-4.6.3:
WARNING: vmlinux.o(.text.unlikely+0x24c64): Section mismatch in reference from the function __integrity_init_keyring() to the function .init.text:set_platform_trusted_keys()
The function __integrity_init_keyring() references
the function __init set_platform_trusted_keys().
This is often because __integrity_init_keyring lacks a __init
annotation or the annotation of set_platform_trusted_keys is wrong.
Indeed, if the compiler decides not to inline __integrity_init_keyring(),
a warning is issued.
Fix this by adding the missing __init annotation.
Fixes:
|
||
Nikolay Borisov
|
9ffbe8ac05 |
locking/lockdep: Rename lockdep_assert_held_exclusive() -> lockdep_assert_held_write()
All callers of lockdep_assert_held_exclusive() use it to verify the correct locking state of either a semaphore (ldisc_sem in tty, mmap_sem for perf events, i_rwsem of inode for dax) or rwlock by apparmor. Thus it makes sense to rename _exclusive to _write since that's the semantics callers care. Additionally there is already lockdep_assert_held_read(), which this new naming is more consistent with. No functional changes. Signed-off-by: Nikolay Borisov <nborisov@suse.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Link: https://lkml.kernel.org/r/20190531100651.3969-1-nborisov@suse.com Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Greg Kroah-Hartman
|
879ebb9016 |
Linux 5.2-rc5
-----BEGIN PGP SIGNATURE----- iQFSBAABCAA8FiEEq68RxlopcLEwq+PEeb4+QwBBGIYFAl0Gj1MeHHRvcnZhbGRz QGxpbnV4LWZvdW5kYXRpb24ub3JnAAoJEHm+PkMAQRiGctkH/0At3+SQPY2JJSy8 i6+TDeytFx9OggeGLPHChRfehkAlvMb/kd34QHnuEvDqUuCAMU6HZQJFKoK9mvFI sDJVayPGDSqpm+iv8qLpMBPShiCXYVnGZeVfOdv36jUswL0k6wHV1pz4avFkDeZa 1F4pmI6O2XRkNTYQawbUaFkAngWUCBG9ECLnHJnuIY6ohShBvjI4+E2JUaht+8gO M2h2b9ieddWmjxV3LTKgsK1v+347RljxdZTWnJ62SCDSEVZvsgSA9W2wnebVhBkJ drSmrFLxNiM+W45mkbUFmQixRSmjv++oRR096fxAnodBxMw0TDxE1RiMQWE6rVvG N6MC6xA= =+B0P -----END PGP SIGNATURE----- Merge 5.2-rc5 into android-mainline Linux 5.2-rc5 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Casey Schaufler
|
6e7739fc93 |
Smack: Restore the smackfsdef mount option and add missing prefixes
The 5.1 mount system rework changed the smackfsdef mount option to
smackfsdefault. This fixes the regression by making smackfsdef treated
the same way as smackfsdefault.
Also fix the smack_param_specs[] to have "smack" prefixes on all the
names. This isn't visible to a user unless they either:
(a) Try to mount a filesystem that's converted to the internal mount API
and that implements the ->parse_monolithic() context operation - and
only then if they call security_fs_context_parse_param() rather than
security_sb_eat_lsm_opts().
There are no examples of this upstream yet, but nfs will probably want
to do this for nfs2 or nfs3.
(b) Use fsconfig() to configure the filesystem - in which case
security_fs_context_parse_param() will be called.
This issue is that smack_sb_eat_lsm_opts() checks for the "smack" prefix
on the options, but smack_fs_context_parse_param() does not.
Fixes:
|