1. 18 May, 2018 3 commits
  2. 17 May, 2018 9 commits
    • Linus Torvalds's avatar
      Merge tag 'hwmon-for-linus-v4.17-rc6' of... · 3acf4e39
      Linus Torvalds authored
      Merge tag 'hwmon-for-linus-v4.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
      
      Pull hwmon fixes from Guenter Roeck:
       "Two k10temp fixes:
      
         - fix race condition when accessing System Management Network
           registers
      
         - fix reading critical temperatures on F15h M60h and M70h
      
        Also add PCI ID's for the AMD Raven Ridge root bridge"
      
      * tag 'hwmon-for-linus-v4.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
        hwmon: (k10temp) Use API function to access System Management Network
        x86/amd_nb: Add support for Raven Ridge CPUs
        hwmon: (k10temp) Fix reading critical temperature register
      3acf4e39
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 58ddfe6c
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
      
       - ARM/ARM64 locking fixes
      
       - x86 fixes: PCID, UMIP, locking
      
       - improved support for recent Windows version that have a 2048 Hz APIC
         timer
      
       - rename KVM_HINTS_DEDICATED CPUID bit to KVM_HINTS_REALTIME
      
       - better behaved selftests
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        kvm: rename KVM_HINTS_DEDICATED to KVM_HINTS_REALTIME
        KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
        KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
        KVM: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity
        KVM: arm/arm64: Properly protect VGIC locks from IRQs
        KVM: X86: Lower the default timer frequency limit to 200us
        KVM: vmx: update sec exec controls for UMIP iff emulating UMIP
        kvm: x86: Suppress CR3_PCID_INVD bit only when PCIDs are enabled
        KVM: selftests: exit with 0 status code when tests cannot be run
        KVM: hyperv: idr_find needs RCU protection
        x86: Delay skip of emulated hypercall instruction
        KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs
      58ddfe6c
    • Linus Torvalds's avatar
      Merge tag 'sound-4.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 7c9a0fc7
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "We have a core fix in the compat code for covering a potential race
        (double references), but it's a very minor change.
      
        The rest are all small device-specific quirks, as well as a correction
        of the new UAC3 support code"
      
      * tag 'sound-4.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: usb-audio: Use Class Specific EP for UAC3 devices.
        ALSA: hda/realtek - Clevo P950ER ALC1220 Fixup
        ALSA: usb: mixer: volume quirk for CM102-A+/102S+
        ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
        ALSA: control: fix a redundant-copy issue
      7c9a0fc7
    • Michael S. Tsirkin's avatar
      kvm: rename KVM_HINTS_DEDICATED to KVM_HINTS_REALTIME · 633711e8
      Michael S. Tsirkin authored
      KVM_HINTS_DEDICATED seems to be somewhat confusing:
      
      Guest doesn't really care whether it's the only task running on a host
      CPU as long as it's not preempted.
      
      And there are more reasons for Guest to be preempted than host CPU
      sharing, for example, with memory overcommit it can get preempted on a
      memory access, post copy migration can cause preemption, etc.
      
      Let's call it KVM_HINTS_REALTIME which seems to better
      match what guests expect.
      
      Also, the flag most be set on all vCPUs - current guests assume this.
      Note so in the documentation.
      Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      633711e8
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 3e9245c5
      Linus Torvalds authored
      Pull s390 fixes from Martin Schwidefsky:
      
       - a fix for the vfio ccw translation code
      
       - update an incorrect email address in the MAINTAINERS file
      
       - fix a division by zero oops in the cpum_sf code found by trinity
      
       - two fixes for the error handling of the qdio code
      
       - several spectre related patches to convert all left-over indirect
         branches in the kernel to expoline branches
      
       - update defconfigs to avoid warnings due to the netfilter Kconfig
         changes
      
       - avoid several compiler warnings in the kexec_file code for s390
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/qdio: don't release memory in qdio_setup_irq()
        s390/qdio: fix access to uninitialized qdio_q fields
        s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
        s390: use expoline thunks in the BPF JIT
        s390: extend expoline to BC instructions
        s390: remove indirect branch from do_softirq_own_stack
        s390: move spectre sysfs attribute code
        s390/kernel: use expoline for indirect branches
        s390/ftrace: use expoline for indirect branches
        s390/lib: use expoline for indirect branches
        s390/crc32-vx: use expoline for indirect branches
        s390: move expoline assembler macros to a header
        vfio: ccw: fix cleanup if cp_prefetch fails
        s390/kexec_file: add declaration of purgatory related globals
        s390: update defconfigs
        MAINTAINERS: update s390 zcrypt maintainers email address
      3e9245c5
    • Linus Torvalds's avatar
      Merge tag 'selinux-pr-20180516' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux · 305bb552
      Linus Torvalds authored
      Pull SELinux fixes from Paul Moore:
       "A small pull request to fix a few regressions in the SELinux/SCTP code
        with applications that call bind() with AF_UNSPEC/INADDR_ANY.
      
        The individual commit descriptions have more information, but the
        commits themselves should be self explanatory"
      
      * tag 'selinux-pr-20180516' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
        selinux: correctly handle sa_family cases in selinux_sctp_bind_connect()
        selinux: fix address family in bind() and connect() to match address/port
        selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()
      305bb552
    • Willy Tarreau's avatar
      proc: do not access cmdline nor environ from file-backed areas · 7f7ccc2c
      Willy Tarreau authored
      proc_pid_cmdline_read() and environ_read() directly access the target
      process' VM to retrieve the command line and environment. If this
      process remaps these areas onto a file via mmap(), the requesting
      process may experience various issues such as extra delays if the
      underlying device is slow to respond.
      
      Let's simply refuse to access file-backed areas in these functions.
      For this we add a new FOLL_ANON gup flag that is passed to all calls
      to access_remote_vm(). The code already takes care of such failures
      (including unmapped areas). Accesses via /proc/pid/mem were not
      changed though.
      
      This was assigned CVE-2018-1120.
      
      Note for stable backports: the patch may apply to kernels prior to 4.11
      but silently miss one location; it must be checked that no call to
      access_remote_vm() keeps zero as the last argument.
      Reported-by: default avatarQualys Security Advisory <qsa@qualys.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarWilly Tarreau <w@1wt.eu>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7f7ccc2c
    • Dave Airlie's avatar
      Merge branch 'vmwgfx-fixes-4.17' of git://people.freedesktop.org/~thomash/linux into drm-fixes · bc91d181
      Dave Airlie authored
      A single fix for a recent regression.
      
      * 'vmwgfx-fixes-4.17' of git://people.freedesktop.org/~thomash/linux:
        drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful
      bc91d181
    • Dave Airlie's avatar
      Merge tag 'drm-misc-fixes-2018-05-16' of git://anongit.freedesktop.org/drm/drm-misc into drm-fixes · 3d3aa969
      Dave Airlie authored
      - core: Fix regression in dev node offsets (Haneen)
      - vc4: Fix memory leak on driver close (Eric)
      - dumb-buffers: Prevent overflow in DIV_ROUND_UP() (Dan)
      
      Cc: Haneen Mohammed <hamohammed.sa@gmail.com>
      Cc: Eric Anholt <eric@anholt.net>
      Cc: Dan Carpenter <dan.carpenter@oracle.com>
      
      * tag 'drm-misc-fixes-2018-05-16' of git://anongit.freedesktop.org/drm/drm-misc:
        drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl()
        drm/vc4: Fix leak of the file_priv that stored the perfmon.
        drm: Match sysfs name in link removal to link creation
      3d3aa969
  3. 16 May, 2018 6 commits
  4. 15 May, 2018 14 commits
  5. 14 May, 2018 8 commits
    • Steven Rostedt (VMware)'s avatar
      tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} · 45dd9b06
      Steven Rostedt (VMware) authored
      Doing an audit of trace events, I discovered two trace events in the xen
      subsystem that use a hack to create zero data size trace events. This is not
      what trace events are for. Trace events add memory footprint overhead, and
      if all you need to do is see if a function is hit or not, simply make that
      function noinline and use function tracer filtering.
      
      Worse yet, the hack used was:
      
       __array(char, x, 0)
      
      Which creates a static string of zero in length. There's assumptions about
      such constructs in ftrace that this is a dynamic string that is nul
      terminated. This is not the case with these tracepoints and can cause
      problems in various parts of ftrace.
      
      Nuke the trace events!
      
      Link: http://lkml.kernel.org/r/20180509144605.5a220327@gandalf.local.home
      
      Cc: stable@vger.kernel.org
      Fixes: 95a7d768 ("xen/mmu: Use Xen specific TLB flush instead of the generic one.")
      Reviewed-by: default avatarJuergen Gross <jgross@suse.com>
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      45dd9b06
    • Alexey Kodanev's avatar
      selinux: correctly handle sa_family cases in selinux_sctp_bind_connect() · 4152dc91
      Alexey Kodanev authored
      Allow to pass the socket address structure with AF_UNSPEC family for
      compatibility purposes. selinux_socket_bind() will further check it
      for INADDR_ANY and selinux_socket_connect_helper() should return
      EINVAL.
      
      For a bad address family return EINVAL instead of AFNOSUPPORT error,
      i.e. what is expected from SCTP protocol in such case.
      
      Fixes: d452930f ("selinux: Add SCTP support")
      Suggested-by: default avatarPaul Moore <paul@paul-moore.com>
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      4152dc91
    • Alexey Kodanev's avatar
      selinux: fix address family in bind() and connect() to match address/port · 88b7d370
      Alexey Kodanev authored
      Since sctp_bindx() and sctp_connectx() can have multiple addresses,
      sk_family can differ from sa_family. Therefore, selinux_socket_bind()
      and selinux_socket_connect_helper(), which process sockaddr structure
      (address and port), should use the address family from that structure
      too, and not from the socket one.
      
      The initialization of the data for the audit record is moved above,
      in selinux_socket_bind(), so that there is no duplicate changes and
      code.
      
      Fixes: d452930f ("selinux: Add SCTP support")
      Suggested-by: default avatarPaul Moore <paul@paul-moore.com>
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      88b7d370
    • Alexey Kodanev's avatar
      selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind() · 0f8db8cc
      Alexey Kodanev authored
      Commit d452930f ("selinux: Add SCTP support") breaks compatibility
      with the old programs that can pass sockaddr_in structure with AF_UNSPEC
      and INADDR_ANY to bind(). As a result, bind() returns EAFNOSUPPORT error.
      This was found with LTP/asapi_01 test.
      
      Similar to commit 29c486df ("net: ipv4: relax AF_INET check in
      bind()"), which relaxed AF_INET check for compatibility, add AF_UNSPEC
      case to AF_INET and make sure that the address is INADDR_ANY.
      
      Fixes: d452930f ("selinux: Add SCTP support")
      Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      0f8db8cc
    • David Howells's avatar
      afs: Fix the non-encryption of calls · 4776cab4
      David Howells authored
      Some AFS servers refuse to accept unencrypted traffic, so can't be accessed
      with kAFS.  Set the AF_RXRPC security level to encrypt client calls to deal
      with this.
      
      Note that incoming service calls are set by the remote client and so aren't
      affected by this.
      
      This requires an AF_RXRPC patch to pass the value set by setsockopt to calls
      begun by the kernel.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      4776cab4
    • David Howells's avatar
      afs: Fix CB.CallBack handling · 428edade
      David Howells authored
      The handling of CB.CallBack messages sent by the fileserver to the client
      is broken in that they are currently being processed after the reply has
      been transmitted.
      
      This is not what the fileserver expects, however.  It holds up change
      visibility until the reply comes so as to maintain cache coherency, and so
      expects the client to have to refetch the state on the affected files.
      
      Fix CB.CallBack handling to perform the callback break before sending the
      reply.
      
      The fileserver is free to hold up status fetches issued by other threads on
      the same client that occur in reponse to the callback until any pending
      changes have been committed.
      
      Fixes: d001648e ("rxrpc: Don't expose skbs to in-kernel users [ver #2]")
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      428edade
    • David Howells's avatar
      afs: Fix whole-volume callback handling · 68251f0a
      David Howells authored
      It's possible for an AFS file server to issue a whole-volume notification
      that callbacks on all the vnodes in the file have been broken.  This is
      done for R/O and backup volumes (which don't have per-file callbacks) and
      for things like a volume being taken offline.
      
      Fix callback handling to detect whole-volume notifications, to track it
      across operations and to check it during inode validation.
      
      Fixes: c435ee34 ("afs: Overhaul the callback handling")
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      68251f0a
    • Marc Dionne's avatar
      afs: Fix afs_find_server search loop · f9c1bba3
      Marc Dionne authored
      The code that looks up servers by addresses makes the assumption
      that the list of addresses for a server is sorted.  It exits the
      loop if it finds that the target address is larger than the
      current candidate.  As the list is not currently sorted, this
      can lead to a failure to find a matching server, which can cause
      callbacks from that server to be ignored.
      
      Remove the early exit case so that the complete list is searched.
      
      Fixes: d2ddc776 ("afs: Overhaul volume and server record caching and fileserver rotation")
      Signed-off-by: default avatarMarc Dionne <marc.dionne@auristor.com>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      f9c1bba3