1. 24 Feb, 2021 27 commits
  2. 23 Feb, 2021 13 commits
    • Linus Torvalds's avatar
      Merge tag 'clang-lto-v5.12-rc1-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux · 414eece9
      Linus Torvalds authored
      Pull more clang LTO updates from Kees Cook:
       "Clang LTO x86 enablement.
      
        Full disclosure: while this has _not_ been in linux-next (since it
        initially looked like the objtool dependencies weren't going to make
        v5.12), it has been under daily build and runtime testing by Sami for
        quite some time. These x86 portions have been discussed on lkml, with
        Peter, Josh, and others helping nail things down.
      
        The bulk of the changes are to get objtool working happily. The rest
        of the x86 enablement is very small.
      
        Summary:
      
         - Generate __mcount_loc in objtool (Peter Zijlstra)
      
         - Support running objtool against vmlinux.o (Sami Tolvanen)
      
         - Clang LTO enablement for x86 (Sami Tolvanen)"
      
      Link: https://lore.kernel.org/lkml/20201013003203.4168817-26-samitolvanen@google.com/
      Link: https://lore.kernel.org/lkml/cover.1611263461.git.jpoimboe@redhat.com/
      
      * tag 'clang-lto-v5.12-rc1-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        kbuild: lto: force rebuilds when switching CONFIG_LTO
        x86, build: allow LTO to be selected
        x86, cpu: disable LTO for cpu.c
        x86, vdso: disable LTO only for vDSO
        kbuild: lto: postpone objtool
        objtool: Split noinstr validation from --vmlinux
        x86, build: use objtool mcount
        tracing: add support for objtool mcount
        objtool: Don't autodetect vmlinux.o
        objtool: Fix __mcount_loc generation with Clang's assembler
        objtool: Add a pass for generating __mcount_loc
      414eece9
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc · 6dd580b9
      Linus Torvalds authored
      Pull sparc updates from David Miller:
       "A host of mall cleanups and adjustments that have accumulated while I
        was away, nothing major"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: (26 commits)
        sparc: make xchg() into a statement expression
        sparc64: Use arch_validate_flags() to validate ADI flag
        sparc32: Fix comparing pointer to 0 coccicheck warning
        sparc: fix led.c driver when PROC_FS is not enabled
        sparc: Fix handling of page table constructor failure
        sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set
        tty: hvcs: Drop unnecessary if block
        tty: vcc: Drop unnecessary if block
        tty: vcc: Drop impossible to hit WARN_ON
        sparc: sparc64_defconfig: add necessary configs for qemu
        sparc64: switch defconfig from the legacy ide driver to libata
        sparc32: Preserve clone syscall flags argument for restarts due to signals
        sparc32: Limit memblock allocation to low memory
        sparc: Replace test_ti_thread_flag() with test_tsk_thread_flag()
        sbus: char: Remove meaningless jump label out_free
        sparc32: signal: Fix stack trampoline for RT signals
        sparc: remove SA_STATIC_ALLOC macro definition
        sparc: use for_each_child_of_node() macro
        sparc: Use fallthrough pseudo-keyword
        sparc32: srmmu: improve type safety of __nocache_fix()
        ...
      6dd580b9
    • Linus Torvalds's avatar
      Merge tag 'dmaengine-5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine · 143983e5
      Linus Torvalds authored
      Pull dmaengine updates from Vinod Koul:
       "We have couple of drivers removed a new driver and bunch of new device
        support and few updates to drivers for this round.
      
        New drivers/devices:
         - Intel LGM SoC DMA driver
         - Actions Semi S500 DMA controller
         - Renesas r8a779a0 dma controller
         - Ingenic JZ4760(B) dma controller
         - Intel KeemBay AxiDMA controller
      
        Removed:
         - Coh901318 dma driver
         - Zte zx dma driver
         - Sirfsoc dma driver
      
        Updates:
         - mmp_pdma, mmp_tdma gained module support
         - imx-sdma become modern and dropped platform data support
         - dw-axi driver gained slave and cyclic dma support"
      
      * tag 'dmaengine-5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine: (58 commits)
        dmaengine: dw-axi-dmac: remove redundant null check on desc
        dmaengine: xilinx_dma: Alloc tx descriptors GFP_NOWAIT
        dmaengine: dw-axi-dmac: Virtually split the linked-list
        dmaengine: dw-axi-dmac: Set constraint to the Max segment size
        dmaengine: dw-axi-dmac: Add Intel KeemBay AxiDMA BYTE and HALFWORD registers
        dmaengine: dw-axi-dmac: Add Intel KeemBay AxiDMA handshake
        dmaengine: dw-axi-dmac: Add Intel KeemBay AxiDMA support
        dmaengine: drivers: Kconfig: add HAS_IOMEM dependency to DW_AXI_DMAC
        dmaengine: dw-axi-dmac: Add Intel KeemBay DMA register fields
        dt-binding: dma: dw-axi-dmac: Add support for Intel KeemBay AxiDMA
        dmaengine: dw-axi-dmac: Support burst residue granularity
        dmaengine: dw-axi-dmac: Support of_dma_controller_register()
        dmaegine: dw-axi-dmac: Support device_prep_dma_cyclic()
        dmaengine: dw-axi-dmac: Support device_prep_slave_sg
        dmaengine: dw-axi-dmac: Add device_config operation
        dmaengine: dw-axi-dmac: Add device_synchronize() callback
        dmaengine: dw-axi-dmac: move dma_pool_create() to alloc_chan_resources()
        dmaengine: dw-axi-dmac: simplify descriptor management
        dt-bindings: dma: Add YAML schemas for dw-axi-dmac
        dmaengine: ti: k3-psil: optimize struct psil_endpoint_config for size
        ...
      143983e5
    • Linus Torvalds's avatar
      Merge tag 'acpi-5.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 628af439
      Linus Torvalds authored
      Pull more ACPI updates from Rafael Wysocki:
       "Fix race condition in generic_serial_bus (I2C) and GPIO Operation
        Region handling in ACPICA and reduce some related code duplication
        (Hans de Goede)"
      
      * tag 'acpi-5.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        ACPICA: Remove some code duplication from acpi_ev_address_space_dispatch
        ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter handling
      628af439
    • Linus Torvalds's avatar
      Merge tag 'pm-5.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 005d3bd9
      Linus Torvalds authored
      Pull more power management updates from Rafael Wysocki:
       "These are fixes and cleanups on top of the power management material
        for 5.12-rc1 merged previously.
      
        Specifics:
      
         - Address cpufreq regression introduced in 5.11 that causes CPU
           frequency reporting to be distorted on systems with CPPC that use
           acpi-cpufreq as the scaling driver (Rafael Wysocki).
      
         - Fix regression introduced during the 5.10 development cycle related
           to CPU hotplug and policy recreation in the qcom-cpufreq-hw driver
           (Shawn Guo).
      
         - Fix recent regression in the operating performance points (OPP)
           framework that may cause frequency updates to be skipped by mistake
           in some cases (Jonathan Marek).
      
         - Simplify schedutil governor code and remove a misleading comment
           from it (Yue Hu).
      
         - Fix kerneldoc comment typo in the cpufreq core (Yue Hu)"
      
      * tag 'pm-5.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        cpufreq: Fix typo in kerneldoc comment
        cpufreq: schedutil: Remove update_lock comment from struct sugov_policy definition
        cpufreq: schedutil: Remove needless sg_policy parameter from ignore_dl_rate_limit()
        cpufreq: ACPI: Set cpuinfo.max_freq directly if max boost is known
        cpufreq: qcom-hw: drop devm_xxx() calls from init/exit hooks
        opp: Don't skip freq update for different frequency
      005d3bd9
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · e0fbd25b
      Linus Torvalds authored
      Pull input updates from Dmitry Torokhov:
       "Mostly existing driver fixes plus a new driver for game controllers
        directly connected to Nintendo 64, and an enhancement for keyboards
        driven by Chrome OS EC to communicate layout of the top row to
        userspace"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (47 commits)
        Input: st1232 - fix NORMAL vs. IDLE state handling
        Input: aiptek - convert sysfs sprintf/snprintf family to sysfs_emit
        Input: alps - fix spelling of "positive"
        ARM: dts: cros-ec-keyboard: Use keymap macros
        dt-bindings: input: Fix the keymap for LOCK key
        dt-bindings: input: Create macros for cros-ec keymap
        Input: cros-ec-keyb - expose function row physical map to userspace
        dt-bindings: input: cros-ec-keyb: Add a new property describing top row
        Input: applespi - fix occasional crc errors under load.
        Input: applespi - don't wait for responses to commands indefinitely.
        Input: st1232 - add IDLE state as ready condition
        Input: zinitix - fix return type of zinitix_init_touch()
        Input: i8042 - add ASUS Zenbook Flip to noselftest list
        Input: add missing dependencies on CONFIG_HAS_IOMEM
        Input: joydev - prevent potential read overflow in ioctl
        Input: elo - fix an error code in elo_connect()
        Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S
        Input: sur40 - fix an error code in sur40_probe()
        Input: elants_i2c - detect enum overflow
        Input: zinitix - remove unneeded semicolon
        ...
      e0fbd25b
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid · 69aea9d2
      Linus Torvalds authored
      Pull HID updates from Jiri Kosina:
      
       - support for "Unified Battery" feature on Logitech devices from Filipe
         Laíns
      
       - power management improvements for intel-ish driver from Zhang Lixu
      
       - support for Goodix devices from Douglas Anderson
      
       - improved handling of generic HID keyboard in order to make it easier
         for userspace to figure out the details of the device, from Dmitry
         Torokhov
      
       - Playstation DualSense support from Roderick Colenbrander
      
       - other assorted small fixes and device ID additions.
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: (49 commits)
        HID: playstation: add DualSense player LED support.
        HID: playstation: add microphone mute support for DualSense.
        HID: playstation: add initial DualSense lightbar support.
        HID: wacom: Ignore attempts to overwrite the touch_max value from HID
        HID: playstation: fix array size comparison (off-by-one)
        HID: playstation: fix unused variable in ps_battery_get_property.
        HID: playstation: report DualSense hardware and firmware version.
        HID: playstation: add DualSense classic rumble support.
        HID: playstation: add DualSense Bluetooth support.
        HID: playstation: track devices in list.
        HID: playstation: add DualSense accelerometer and gyroscope support.
        HID: playstation: add DualSense touchpad support.
        HID: playstation: add DualSense battery support.
        HID: playstation: use DualSense MAC address as unique identifier.
        HID: playstation: initial DualSense USB support.
        HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch 10E
        HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx
        HID: logitech-dj: add support for the new lightspeed connection iteration
        HID: intel-ish-hid: ipc: Add Tiger Lake H PCI device ID
        HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming
        ...
      69aea9d2
    • Rob Herring's avatar
      scripts/dtc: Add missing fdtoverlay to gitignore · c3476d2f
      Rob Herring authored
      Commit 0da6bcd9 ("scripts: dtc: Build fdtoverlay tool") enabled
      building fdtoverlay, but failed to add it to .gitignore.
      
      Also add a note to keep hostprogs in sync with .gitignore.
      
      Fixes: 0da6bcd9 ("scripts: dtc: Build fdtoverlay tool")
      Reported-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Cc: Viresh Kumar <viresh.kumar@linaro.org>
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      c3476d2f
    • Sami Tolvanen's avatar
      kbuild: lto: force rebuilds when switching CONFIG_LTO · 5e95325f
      Sami Tolvanen authored
      When doing non-clean builds and switching between CONFIG_LTO=n and
      CONFIG_LTO=y, the build system (correctly) didn't notice that assembly
      and LTO-excluded C object files were rewritten in place by objtool (to
      add the .orc_unwind* sections), since their build command lines were the
      same between CONFIG_LTO=y and CONFIG_LTO=n. The objtool step would fail:
      
      vmlinux.o: warning: objtool: file already has .orc_unwind section, skipping
      make: *** [Makefile:1194: vmlinux] Error 255
      
      Avoid this by making sure the build will see a difference between an LTO
      and non-LTO build (by including "-fno-lto" in KBUILD_*FLAGS). This will
      get ignored when CC_FLAGS_LTO is present, and will not be included at
      all when CONFIG_LTO=n.
      Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      5e95325f
    • Linus Torvalds's avatar
      Merge tag 'gfs2-for-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 · f6e1e1d1
      Linus Torvalds authored
      Pull gfs2 updates from Andreas Gruenbacher:
      
       - Log space and revoke accounting rework to fix some failed asserts.
      
       - Local resource group glock sharing for better local performance.
      
       - Add support for version 1802 filesystems: trusted xattr support and
         '-o rgrplvb' mounts by default.
      
       - Actually synchronize on the inode glock's FREEING bit during withdraw
         ("gfs2: fix glock confusion in function signal_our_withdraw").
      
       - Fix parallel recovery of multiple journals ("gfs2: keep bios separate
         for each journal").
      
       - Various other bug fixes.
      
      * tag 'gfs2-for-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2: (49 commits)
        gfs2: Don't get stuck with I/O plugged in gfs2_ail1_flush
        gfs2: Per-revoke accounting in transactions
        gfs2: Rework the log space allocation logic
        gfs2: Minor calc_reserved cleanup
        gfs2: Use resource group glock sharing
        gfs2: Allow node-wide exclusive glock sharing
        gfs2: Add local resource group locking
        gfs2: Add per-reservation reserved block accounting
        gfs2: Rename rs_{free -> requested} and rd_{reserved -> requested}
        gfs2: Check for active reservation in gfs2_release
        gfs2: Don't search for unreserved space twice
        gfs2: Only pass reservation down to gfs2_rbm_find
        gfs2: Also reflect single-block allocations in rgd->rd_extfail_pt
        gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end
        gfs2: Add trusted xattr support
        gfs2: Enable rgrplvb for sb_fs_format 1802
        gfs2: Don't skip dlm unlock if glock has an lvb
        gfs2: Lock imbalance on error path in gfs2_recover_one
        gfs2: Move function gfs2_ail_empty_tr
        gfs2: Get rid of current_tail()
        ...
      f6e1e1d1
    • Linus Torvalds's avatar
      Merge tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux · 7d6beb71
      Linus Torvalds authored
      Pull idmapped mounts from Christian Brauner:
       "This introduces idmapped mounts which has been in the making for some
        time. Simply put, different mounts can expose the same file or
        directory with different ownership. This initial implementation comes
        with ports for fat, ext4 and with Christoph's port for xfs with more
        filesystems being actively worked on by independent people and
        maintainers.
      
        Idmapping mounts handle a wide range of long standing use-cases. Here
        are just a few:
      
         - Idmapped mounts make it possible to easily share files between
           multiple users or multiple machines especially in complex
           scenarios. For example, idmapped mounts will be used in the
           implementation of portable home directories in
           systemd-homed.service(8) where they allow users to move their home
           directory to an external storage device and use it on multiple
           computers where they are assigned different uids and gids. This
           effectively makes it possible to assign random uids and gids at
           login time.
      
         - It is possible to share files from the host with unprivileged
           containers without having to change ownership permanently through
           chown(2).
      
         - It is possible to idmap a container's rootfs and without having to
           mangle every file. For example, Chromebooks use it to share the
           user's Download folder with their unprivileged containers in their
           Linux subsystem.
      
         - It is possible to share files between containers with
           non-overlapping idmappings.
      
         - Filesystem that lack a proper concept of ownership such as fat can
           use idmapped mounts to implement discretionary access (DAC)
           permission checking.
      
         - They allow users to efficiently changing ownership on a per-mount
           basis without having to (recursively) chown(2) all files. In
           contrast to chown (2) changing ownership of large sets of files is
           instantenous with idmapped mounts. This is especially useful when
           ownership of a whole root filesystem of a virtual machine or
           container is changed. With idmapped mounts a single syscall
           mount_setattr syscall will be sufficient to change the ownership of
           all files.
      
         - Idmapped mounts always take the current ownership into account as
           idmappings specify what a given uid or gid is supposed to be mapped
           to. This contrasts with the chown(2) syscall which cannot by itself
           take the current ownership of the files it changes into account. It
           simply changes the ownership to the specified uid and gid. This is
           especially problematic when recursively chown(2)ing a large set of
           files which is commong with the aforementioned portable home
           directory and container and vm scenario.
      
         - Idmapped mounts allow to change ownership locally, restricting it
           to specific mounts, and temporarily as the ownership changes only
           apply as long as the mount exists.
      
        Several userspace projects have either already put up patches and
        pull-requests for this feature or will do so should you decide to pull
        this:
      
         - systemd: In a wide variety of scenarios but especially right away
           in their implementation of portable home directories.
      
               https://systemd.io/HOME_DIRECTORY/
      
         - container runtimes: containerd, runC, LXD:To share data between
           host and unprivileged containers, unprivileged and privileged
           containers, etc. The pull request for idmapped mounts support in
           containerd, the default Kubernetes runtime is already up for quite
           a while now: https://github.com/containerd/containerd/pull/4734
      
         - The virtio-fs developers and several users have expressed interest
           in using this feature with virtual machines once virtio-fs is
           ported.
      
         - ChromeOS: Sharing host-directories with unprivileged containers.
      
        I've tightly synced with all those projects and all of those listed
        here have also expressed their need/desire for this feature on the
        mailing list. For more info on how people use this there's a bunch of
        talks about this too. Here's just two recent ones:
      
            https://www.cncf.io/wp-content/uploads/2020/12/Rootless-Containers-in-Gitpod.pdf
            https://fosdem.org/2021/schedule/event/containers_idmap/
      
        This comes with an extensive xfstests suite covering both ext4 and
        xfs:
      
            https://git.kernel.org/brauner/xfstests-dev/h/idmapped_mounts
      
        It covers truncation, creation, opening, xattrs, vfscaps, setid
        execution, setgid inheritance and more both with idmapped and
        non-idmapped mounts. It already helped to discover an unrelated xfs
        setgid inheritance bug which has since been fixed in mainline. It will
        be sent for inclusion with the xfstests project should you decide to
        merge this.
      
        In order to support per-mount idmappings vfsmounts are marked with
        user namespaces. The idmapping of the user namespace will be used to
        map the ids of vfs objects when they are accessed through that mount.
        By default all vfsmounts are marked with the initial user namespace.
        The initial user namespace is used to indicate that a mount is not
        idmapped. All operations behave as before and this is verified in the
        testsuite.
      
        Based on prior discussions we want to attach the whole user namespace
        and not just a dedicated idmapping struct. This allows us to reuse all
        the helpers that already exist for dealing with idmappings instead of
        introducing a whole new range of helpers. In addition, if we decide in
        the future that we are confident enough to enable unprivileged users
        to setup idmapped mounts the permission checking can take into account
        whether the caller is privileged in the user namespace the mount is
        currently marked with.
      
        The user namespace the mount will be marked with can be specified by
        passing a file descriptor refering to the user namespace as an
        argument to the new mount_setattr() syscall together with the new
        MOUNT_ATTR_IDMAP flag. The system call follows the openat2() pattern
        of extensibility.
      
        The following conditions must be met in order to create an idmapped
        mount:
      
         - The caller must currently have the CAP_SYS_ADMIN capability in the
           user namespace the underlying filesystem has been mounted in.
      
         - The underlying filesystem must support idmapped mounts.
      
         - The mount must not already be idmapped. This also implies that the
           idmapping of a mount cannot be altered once it has been idmapped.
      
         - The mount must be a detached/anonymous mount, i.e. it must have
           been created by calling open_tree() with the OPEN_TREE_CLONE flag
           and it must not already have been visible in the filesystem.
      
        The last two points guarantee easier semantics for userspace and the
        kernel and make the implementation significantly simpler.
      
        By default vfsmounts are marked with the initial user namespace and no
        behavioral or performance changes are observed.
      
        The manpage with a detailed description can be found here:
      
            https://git.kernel.org/brauner/man-pages/c/1d7b902e2875a1ff342e036a9f866a995640aea8
      
        In order to support idmapped mounts, filesystems need to be changed
        and mark themselves with the FS_ALLOW_IDMAP flag in fs_flags. The
        patches to convert individual filesystem are not very large or
        complicated overall as can be seen from the included fat, ext4, and
        xfs ports. Patches for other filesystems are actively worked on and
        will be sent out separately. The xfstestsuite can be used to verify
        that port has been done correctly.
      
        The mount_setattr() syscall is motivated independent of the idmapped
        mounts patches and it's been around since July 2019. One of the most
        valuable features of the new mount api is the ability to perform
        mounts based on file descriptors only.
      
        Together with the lookup restrictions available in the openat2()
        RESOLVE_* flag namespace which we added in v5.6 this is the first time
        we are close to hardened and race-free (e.g. symlinks) mounting and
        path resolution.
      
        While userspace has started porting to the new mount api to mount
        proper filesystems and create new bind-mounts it is currently not
        possible to change mount options of an already existing bind mount in
        the new mount api since the mount_setattr() syscall is missing.
      
        With the addition of the mount_setattr() syscall we remove this last
        restriction and userspace can now fully port to the new mount api,
        covering every use-case the old mount api could. We also add the
        crucial ability to recursively change mount options for a whole mount
        tree, both removing and adding mount options at the same time. This
        syscall has been requested multiple times by various people and
        projects.
      
        There is a simple tool available at
      
            https://github.com/brauner/mount-idmapped
      
        that allows to create idmapped mounts so people can play with this
        patch series. I'll add support for the regular mount binary should you
        decide to pull this in the following weeks:
      
        Here's an example to a simple idmapped mount of another user's home
        directory:
      
      	u1001@f2-vm:/$ sudo ./mount --idmap both:1000:1001:1 /home/ubuntu/ /mnt
      
      	u1001@f2-vm:/$ ls -al /home/ubuntu/
      	total 28
      	drwxr-xr-x 2 ubuntu ubuntu 4096 Oct 28 22:07 .
      	drwxr-xr-x 4 root   root   4096 Oct 28 04:00 ..
      	-rw------- 1 ubuntu ubuntu 3154 Oct 28 22:12 .bash_history
      	-rw-r--r-- 1 ubuntu ubuntu  220 Feb 25  2020 .bash_logout
      	-rw-r--r-- 1 ubuntu ubuntu 3771 Feb 25  2020 .bashrc
      	-rw-r--r-- 1 ubuntu ubuntu  807 Feb 25  2020 .profile
      	-rw-r--r-- 1 ubuntu ubuntu    0 Oct 16 16:11 .sudo_as_admin_successful
      	-rw------- 1 ubuntu ubuntu 1144 Oct 28 00:43 .viminfo
      
      	u1001@f2-vm:/$ ls -al /mnt/
      	total 28
      	drwxr-xr-x  2 u1001 u1001 4096 Oct 28 22:07 .
      	drwxr-xr-x 29 root  root  4096 Oct 28 22:01 ..
      	-rw-------  1 u1001 u1001 3154 Oct 28 22:12 .bash_history
      	-rw-r--r--  1 u1001 u1001  220 Feb 25  2020 .bash_logout
      	-rw-r--r--  1 u1001 u1001 3771 Feb 25  2020 .bashrc
      	-rw-r--r--  1 u1001 u1001  807 Feb 25  2020 .profile
      	-rw-r--r--  1 u1001 u1001    0 Oct 16 16:11 .sudo_as_admin_successful
      	-rw-------  1 u1001 u1001 1144 Oct 28 00:43 .viminfo
      
      	u1001@f2-vm:/$ touch /mnt/my-file
      
      	u1001@f2-vm:/$ setfacl -m u:1001:rwx /mnt/my-file
      
      	u1001@f2-vm:/$ sudo setcap -n 1001 cap_net_raw+ep /mnt/my-file
      
      	u1001@f2-vm:/$ ls -al /mnt/my-file
      	-rw-rwxr--+ 1 u1001 u1001 0 Oct 28 22:14 /mnt/my-file
      
      	u1001@f2-vm:/$ ls -al /home/ubuntu/my-file
      	-rw-rwxr--+ 1 ubuntu ubuntu 0 Oct 28 22:14 /home/ubuntu/my-file
      
      	u1001@f2-vm:/$ getfacl /mnt/my-file
      	getfacl: Removing leading '/' from absolute path names
      	# file: mnt/my-file
      	# owner: u1001
      	# group: u1001
      	user::rw-
      	user:u1001:rwx
      	group::rw-
      	mask::rwx
      	other::r--
      
      	u1001@f2-vm:/$ getfacl /home/ubuntu/my-file
      	getfacl: Removing leading '/' from absolute path names
      	# file: home/ubuntu/my-file
      	# owner: ubuntu
      	# group: ubuntu
      	user::rw-
      	user:ubuntu:rwx
      	group::rw-
      	mask::rwx
      	other::r--"
      
      * tag 'idmapped-mounts-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux: (41 commits)
        xfs: remove the possibly unused mp variable in xfs_file_compat_ioctl
        xfs: support idmapped mounts
        ext4: support idmapped mounts
        fat: handle idmapped mounts
        tests: add mount_setattr() selftests
        fs: introduce MOUNT_ATTR_IDMAP
        fs: add mount_setattr()
        fs: add attr_flags_to_mnt_flags helper
        fs: split out functions to hold writers
        namespace: only take read lock in do_reconfigure_mnt()
        mount: make {lock,unlock}_mount_hash() static
        namespace: take lock_mount_hash() directly when changing flags
        nfs: do not export idmapped mounts
        overlayfs: do not mount on top of idmapped mounts
        ecryptfs: do not mount on top of idmapped mounts
        ima: handle idmapped mounts
        apparmor: handle idmapped mounts
        fs: make helpers idmap mount aware
        exec: handle idmapped mounts
        would_dump: handle idmapped mounts
        ...
      7d6beb71
    • Sami Tolvanen's avatar
      x86, build: allow LTO to be selected · b33fff07
      Sami Tolvanen authored
      Pass code model and stack alignment to the linker as these are not
      stored in LLVM bitcode, and allow CONFIG_LTO_CLANG* to be enabled.
      Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
      Reviewed-by: default avatarKees Cook <keescook@chromium.org>
      b33fff07
    • Sami Tolvanen's avatar
      x86, cpu: disable LTO for cpu.c · d2dcd3e3
      Sami Tolvanen authored
      Clang incorrectly inlines functions with differing stack protector
      attributes, which breaks __restore_processor_state() that relies on
      stack protector being disabled. This change disables LTO for cpu.c
      to work aroung the bug.
      
      Link: https://bugs.llvm.org/show_bug.cgi?id=47479Suggested-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
      d2dcd3e3