1. 07 Aug, 2015 8 commits
    • David Howells's avatar
      MODSIGN: Use PKCS#7 messages as module signatures · 3f1e1bea
      David Howells authored
      Move to using PKCS#7 messages as module signatures because:
      
       (1) We have to be able to support the use of X.509 certificates that don't
           have a subjKeyId set.  We're currently relying on this to look up the
           X.509 certificate in the trusted keyring list.
      
       (2) PKCS#7 message signed information blocks have a field that supplies the
           data required to match with the X.509 certificate that signed it.
      
       (3) The PKCS#7 certificate carries fields that specify the digest algorithm
           used to generate the signature in a standardised way and the X.509
           certificates specify the public key algorithm in a standardised way - so
           we don't need our own methods of specifying these.
      
       (4) We now have PKCS#7 message support in the kernel for signed kexec purposes
           and we can make use of this.
      
      To make this work, the old sign-file script has been replaced with a program
      that needs compiling in a previous patch.  The rules to build it are added
      here.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarVivek Goyal <vgoyal@redhat.com>
      3f1e1bea
    • David Howells's avatar
      MODSIGN: Provide a utility to append a PKCS#7 signature to a module · bc1c373d
      David Howells authored
      Provide a utility that:
      
       (1) Digests a module using the specified hash algorithm (typically sha256).
      
           [The digest can be dumped into a file by passing the '-d' flag]
      
       (2) Generates a PKCS#7 message that:
      
           (a) Has detached data (ie. the module content).
      
           (b) Is signed with the specified private key.
      
           (c) Refers to the specified X.509 certificate.
      
           (d) Has an empty X.509 certificate list.
      
           [The PKCS#7 message can be dumped into a file by passing the '-p' flag]
      
       (3) Generates a signed module by concatenating the old module, the PKCS#7
           message, a descriptor and a magic string.  The descriptor contains the
           size of the PKCS#7 message and indicates the id_type as PKEY_ID_PKCS7.
      
       (4) Either writes the signed module to the specified destination or renames
           it over the source module.
      
      This allows module signing to reuse the PKCS#7 handling code that was added
      for PE file parsing for signed kexec.
      
      Note that the utility is written in C and must be linked against the OpenSSL
      crypto library.
      
      Note further that I have temporarily dropped support for handling externally
      created signatures until we can work out the best way to do those.  Hopefully,
      whoever creates the signature can give me a PKCS#7 certificate.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarVivek Goyal <vgoyal@redhat.com>
      bc1c373d
    • David Howells's avatar
      PKCS#7: Allow detached data to be supplied for signature checking purposes · 4ebdb76f
      David Howells authored
      It is possible for a PKCS#7 message to have detached data.  However, to verify
      the signatures on a PKCS#7 message, we have to be able to digest the data.
      Provide a function to supply that data.  An error is given if the PKCS#7
      message included embedded data.
      
      This is used in a subsequent patch to supply the data to module signing where
      the signature is in the form of a PKCS#7 message with detached data, whereby
      the detached data is the module content that is signed.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarVivek Goyal <vgoyal@redhat.com>
      4ebdb76f
    • David Howells's avatar
      X.509: Support X.509 lookup by Issuer+Serial form AuthorityKeyIdentifier · 4573b64a
      David Howells authored
      If an X.509 certificate has an AuthorityKeyIdentifier extension that provides
      an issuer and serialNumber, then make it so that these are used in preference
      to the keyIdentifier field also held therein for searching for the signing
      certificate.
      
      If both the issuer+serialNumber and the keyIdentifier are supplied, then the
      certificate is looked up by the former but the latter is checked as well.  If
      the latter doesn't match the subjectKeyIdentifier of the parent certificate,
      EKEYREJECTED is returned.
      
      This makes it possible to chain X.509 certificates based on the issuer and
      serialNumber fields rather than on subjectKeyIdentifier.  This is necessary as
      we are having to deal with keys that are represented by X.509 certificates
      that lack a subjectKeyIdentifier.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarVivek Goyal <vgoyal@redhat.com>
      4573b64a
    • David Howells's avatar
      X.509: Extract both parts of the AuthorityKeyIdentifier · b92e6570
      David Howells authored
      Extract both parts of the AuthorityKeyIdentifier, not just the keyIdentifier,
      as the second part can be used to match X.509 certificates by issuer and
      serialNumber.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarVivek Goyal <vgoyal@redhat.com>
      b92e6570
    • David Howells's avatar
      ASN.1: Copy string names to tokens in ASN.1 compiler · c05cae9a
      David Howells authored
      Copy string names to tokens in ASN.1 compiler rather than storing a pointer
      into the source text.  This means we don't have to use "%*.*s" all over the
      place.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      c05cae9a
    • David Howells's avatar
      ASN.1: Add an ASN.1 compiler option to dump the element tree · ae44a2f6
      David Howells authored
      Add an ASN.1 compiler option to dump the element tree to stdout.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-By: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      ae44a2f6
    • James Morris's avatar
      Merge tag 'asn1-fixes-20150805' of... · 459c15e5
      James Morris authored
      Merge tag 'asn1-fixes-20150805' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next
      459c15e5
  2. 05 Aug, 2015 4 commits
    • David Howells's avatar
      ASN.1: Handle 'ANY OPTIONAL' in grammar · 233ce79d
      David Howells authored
      An ANY object in an ASN.1 grammar that is marked OPTIONAL should be skipped
      if there is no more data to be had.
      
      This can be tested by editing X.509 certificates or PKCS#7 messages to
      remove the NULL from subobjects that look like the following:
      
      	SEQUENCE {
      	  OBJECT(2a864886f70d01010b);
      	  NULL();
      	}
      
      This is an algorithm identifier plus an optional parameter.
      
      The modified DER can be passed to one of:
      
      	keyctl padd asymmetric "" @s </tmp/modified.x509
      	keyctl padd pkcs7_test foo @s </tmp/modified.pkcs7
      
      It should work okay with the patch and produce EBADMSG without.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      Reviewed-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      233ce79d
    • David Howells's avatar
      ASN.1: Fix non-match detection failure on data overrun · 0d62e9dd
      David Howells authored
      If the ASN.1 decoder is asked to parse a sequence of objects, non-optional
      matches get skipped if there's no more data to be had rather than a
      data-overrun error being reported.
      
      This is due to the code segment that decides whether to skip optional
      matches (ie. matches that could get ignored because an element is marked
      OPTIONAL in the grammar) due to a lack of data also skips non-optional
      elements if the data pointer has reached the end of the buffer.
      
      This can be tested with the data decoder for the new RSA akcipher algorithm
      that takes three non-optional integers.  Currently, it skips the last
      integer if there is insufficient data.
      
      Without the fix, #defining DEBUG in asn1_decoder.c will show something
      like:
      
      	next_op: pc=0/13 dp=0/270 C=0 J=0
      	- match? 30 30 00
      	- TAG: 30 266 CONS
      	next_op: pc=2/13 dp=4/270 C=1 J=0
      	- match? 02 02 00
      	- TAG: 02 257
      	- LEAF: 257
      	next_op: pc=5/13 dp=265/270 C=1 J=0
      	- match? 02 02 00
      	- TAG: 02 3
      	- LEAF: 3
      	next_op: pc=8/13 dp=270/270 C=1 J=0
      	next_op: pc=11/13 dp=270/270 C=1 J=0
      	- end cons t=4 dp=270 l=270/270
      
      The next_op line for pc=8/13 should be followed by a match line.
      
      This is not exploitable for X.509 certificates by means of shortening the
      message and fixing up the ASN.1 CONS tags because:
      
       (1) The relevant records being built up are cleared before use.
      
       (2) If the message is shortened sufficiently to remove the public key, the
           ASN.1 parse of the RSA key will fail quickly due to a lack of data.
      
       (3) Extracted signature data is either turned into MPIs (which cope with a
           0 length) or is simpler integers specifying algoritms and suchlike
           (which can validly be 0); and
      
       (4) The AKID and SKID extensions are optional and their removal is handled
           without risking passing a NULL to asymmetric_key_generate_id().
      
       (5) If the certificate is truncated sufficiently to remove the subject,
           issuer or serialNumber then the ASN.1 decoder will fail with a 'Cons
           stack underflow' return.
      
      This is not exploitable for PKCS#7 messages by means of removal of elements
      from such a message from the tail end of a sequence:
      
       (1) Any shortened X.509 certs embedded in the PKCS#7 message are survivable
           as detailed above.
      
       (2) The message digest content isn't used if it shows a NULL pointer,
           similarly, the authattrs aren't used if that shows a NULL pointer.
      
       (3) A missing signature results in a NULL MPI - which the MPI routines deal
           with.
      
       (4) If data is NULL, it is expected that the message has detached content and
           that is handled appropriately.
      
       (5) If the serialNumber is excised, the unconditional action associated
           with it will pick up the containing SEQUENCE instead, so no NULL
           pointer will be seen here.
      
           If both the issuer and the serialNumber are excised, the ASN.1 decode
           will fail with an 'Unexpected tag' return.
      
           In either case, there's no way to get to asymmetric_key_generate_id()
           with a NULL pointer.
      
       (6) Other fields are decoded to simple integers.  Shortening the message
           to omit an algorithm ID field will cause checks on this to fail early
           in the verification process.
      
      
      This can also be tested by snipping objects off of the end of the ASN.1 stream
      such that mandatory tags are removed - or even from the end of internal
      SEQUENCEs.  If any mandatory tag is missing, the error EBADMSG *should* be
      produced.  Without this patch ERANGE or ENOPKG might be produced or the parse
      may apparently succeed, perhaps with ENOKEY or EKEYREJECTED being produced
      later, depending on what gets snipped.
      
      Just snipping off the final BIT_STRING or OCTET_STRING from either sample
      should be a start since both are mandatory and neither will cause an EBADMSG
      without the patches
      Reported-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Tested-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      Reviewed-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      0d62e9dd
    • David Howells's avatar
      ASN.1: Fix actions on CHOICE elements with IMPLICIT tags · 3f3af97d
      David Howells authored
      In an ASN.1 description where there is a CHOICE construct that contains
      elements with IMPLICIT tags that refer to constructed types, actions to be
      taken on those elements should be conditional on the corresponding element
      actually being matched.  Currently, however, such actions are performed
      unconditionally in the middle of processing the CHOICE.
      
      For example, look at elements 'b' and 'e' here:
      
      	A ::= SEQUENCE {
      			CHOICE {
      			b [0] IMPLICIT B ({ do_XXXXXXXXXXXX_b }),
      			c [1] EXPLICIT C ({ do_XXXXXXXXXXXX_c }),
      			d [2] EXPLICIT B ({ do_XXXXXXXXXXXX_d }),
      			e [3] IMPLICIT C ({ do_XXXXXXXXXXXX_e }),
      			f [4] IMPLICIT INTEGER ({ do_XXXXXXXXXXXX_f })
      			}
      		} ({ do_XXXXXXXXXXXX_A })
      
      	B ::= SET OF OBJECT IDENTIFIER ({ do_XXXXXXXXXXXX_oid })
      
      	C ::= SET OF INTEGER ({ do_XXXXXXXXXXXX_int })
      
      They each have an action (do_XXXXXXXXXXXX_b and do_XXXXXXXXXXXX_e) that
      should only be processed if that element is matched.
      
      The problem is that there's no easy place to hang the action off in the
      subclause (type B for element 'b' and type C for element 'e') because
      subclause opcode sequences can be shared.
      
      To fix this, introduce a conditional action opcode(ASN1_OP_MAYBE_ACT) that
      the decoder only processes if the preceding match was successful.  This can
      be seen in an excerpt from the output of the fixed ASN.1 compiler for the
      above ASN.1 description:
      
      	[  13] =  ASN1_OP_COND_MATCH_JUMP_OR_SKIP,		// e
      	[  14] =  _tagn(CONT, CONS,  3),
      	[  15] =  _jump_target(45),		// --> C
      	[  16] =  ASN1_OP_MAYBE_ACT,
      	[  17] =  _action(ACT_do_XXXXXXXXXXXX_e),
      
      In this, if the op at [13] is matched (ie. element 'e' above) then the
      action at [16] will be performed.  However, if the op at [13] doesn't match
      or is skipped because it is conditional and some previous op matched, then
      the action at [16] will be ignored.
      
      Note that to make this work in the decoder, the ASN1_OP_RETURN op must set
      the flag to indicate that a match happened.  This is necessary because the
      _jump_target() seen above introduces a subclause (in this case an object of
      type 'C') which is likely to alter the flag.  Setting the flag here is okay
      because to process a subclause, a match must have happened and caused a
      jump.
      
      This cannot be tested with the code as it stands, but rather affects future
      code.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      3f3af97d
    • David Howells's avatar
      ASN.1: Fix handling of CHOICE in ASN.1 compiler · 8d9b21dc
      David Howells authored
      Fix the handling of CHOICE types in the ASN.1 compiler to make SEQUENCE and
      SET elements in a CHOICE be correctly rendered as skippable and conditional
      as appropriate.
      
      For example, in the following ASN.1:
      
      	Foo ::= SEQUENCE { w1 INTEGER, w2 Bar, w3 OBJECT IDENTIFIER }
      	Bar ::= CHOICE {
      		x1 Seq1,
      		x2 [0] IMPLICIT OCTET STRING,
      		x3 Seq2,
      		x4 SET OF INTEGER
      	}
      	Seq1 ::= SEQUENCE { y1 INTEGER, y2 INTEGER, y3 INTEGER }
      	Seq2 ::= SEQUENCE { z1 BOOLEAN, z2 BOOLEAN, z3 BOOLEAN }
      
      the output in foo.c generated by:
      
      	./scripts/asn1_compiler foo.asn1 foo.c foo.h
      
      included:
      
      	// Bar
      	// Seq1
      	[   4] =  ASN1_OP_MATCH,
      	[   5] =  _tag(UNIV, CONS, SEQ),
      	...
      	[  13] =  ASN1_OP_COND_MATCH_OR_SKIP,		// x2
      	[  14] =  _tagn(CONT, PRIM,  0),
      	// Seq2
      	[  15] =  ASN1_OP_MATCH,
      	[  16] =  _tag(UNIV, CONS, SEQ),
      	...
      	[  24] =  ASN1_OP_COND_MATCH_JUMP_OR_SKIP,		// x4
      	[  25] =  _tag(UNIV, CONS, SET),
      	...
      	[  27] =  ASN1_OP_COND_FAIL,
      
      as a result of the CHOICE - but this is wrong on lines 4 and 15 because
      both of these should be skippable (one and only one of the four can be
      picked) and the one on line 15 should also be conditional so that it is
      ignored if anything before it matches.
      
      After the patch, it looks like:
      
      	// Bar
      	// Seq1
      	[   4] =  ASN1_OP_MATCH_JUMP_OR_SKIP,		// x1
      	[   5] =  _tag(UNIV, CONS, SEQ),
      	...
      	[   7] =  ASN1_OP_COND_MATCH_OR_SKIP,		// x2
      	[   8] =  _tagn(CONT, PRIM,  0),
      	// Seq2
      	[   9] =  ASN1_OP_COND_MATCH_JUMP_OR_SKIP,		// x3
      	[  10] =  _tag(UNIV, CONS, SEQ),
      	...
      	[  12] =  ASN1_OP_COND_MATCH_JUMP_OR_SKIP,		// x4
      	[  13] =  _tag(UNIV, CONS, SET),
      	...
      	[  15] =  ASN1_OP_COND_FAIL,
      
      where all four options are skippable and the second, third and fourth are
      all conditional, as is the backstop at the end.
      
      This hasn't been a problem so far because in the ASN.1 specs we have are
      either using primitives or are using SET OF and SEQUENCE OF which are
      handled correctly.
      
      Whilst we're at it, also make sure that element labels get included in
      comments in the output for elements that have complex types.
      
      This cannot be tested with the code as it stands, but rather affects future
      code.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-By: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
      8d9b21dc
  3. 28 Jul, 2015 1 commit
  4. 20 Jul, 2015 1 commit
  5. 19 Jul, 2015 8 commits
  6. 18 Jul, 2015 12 commits
    • Linus Torvalds's avatar
      Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · 9d37e667
      Linus Torvalds authored
      Pull ARM fixes from Russell King:
       "A small set of ARM fixes for -rc3, most of them not far off
        one-liners, with the exception of fixing the V7 cache invalidation for
        incoming SMP processors which was causing problems for SoCFPGA
        devices"
      
      * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        ARM: fix __virt_to_idmap build error on !MMU
        ARM: invalidate L1 before enabling coherency
        ARM: 8404/1: dma-mapping: fix off-by-one error in bitmap size check
        ARM: 8402/1: perf: Don't use of_node after putting it
        ARM: 8400/1: use virt_to_idmap to get phys_reset address
      9d37e667
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 0e1dbccd
      Linus Torvalds authored
      Pull x86 fixes from Ingo Molnar:
       "Two families of fixes:
      
         - Fix an FPU context related boot crash on newer x86 hardware with
           larger context sizes than what most people test.  To fix this
           without ugly kludges or extensive reverts we had to touch core task
           allocator, to allow x86 to determine the task size dynamically, at
           boot time.
      
           I've tested it on a number of x86 platforms, and I cross-built it
           to a handful of architectures:
      
                                              (warns)               (warns)
             testing     x86-64:  -git:  pass (    0),  -tip:  pass (    0)
             testing     x86-32:  -git:  pass (    0),  -tip:  pass (    0)
             testing        arm:  -git:  pass ( 1359),  -tip:  pass ( 1359)
             testing       cris:  -git:  pass ( 1031),  -tip:  pass ( 1031)
             testing       m32r:  -git:  pass ( 1135),  -tip:  pass ( 1135)
             testing       m68k:  -git:  pass ( 1471),  -tip:  pass ( 1471)
             testing       mips:  -git:  pass ( 1162),  -tip:  pass ( 1162)
             testing    mn10300:  -git:  pass ( 1058),  -tip:  pass ( 1058)
             testing     parisc:  -git:  pass ( 1846),  -tip:  pass ( 1846)
             testing      sparc:  -git:  pass ( 1185),  -tip:  pass ( 1185)
      
           ... so I hope the cross-arch impact 'none', as intended.
      
           (by Dave Hansen)
      
         - Fix various NMI handling related bugs unearthed by the big asm code
           rewrite and generally make the NMI code more robust and more
           maintainable while at it.  These changes are a bit late in the
           cycle, I hope they are still acceptable.
      
           (by Andy Lutomirski)"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/fpu, sched: Introduce CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT and use it on x86
        x86/fpu, sched: Dynamically allocate 'struct fpu'
        x86/entry/64, x86/nmi/64: Add CONFIG_DEBUG_ENTRY NMI testing code
        x86/nmi/64: Make the "NMI executing" variable more consistent
        x86/nmi/64: Minor asm simplification
        x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection
        x86/nmi/64: Reorder nested NMI checks
        x86/nmi/64: Improve nested NMI comments
        x86/nmi/64: Switch stacks on userspace NMI entry
        x86/nmi/64: Remove asm code that saves CR2
        x86/nmi: Enable nested do_nmi() handling for 64-bit kernels
      0e1dbccd
    • Linus Torvalds's avatar
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · dae57fb6
      Linus Torvalds authored
      Pull timer fix from Ingo Molnar:
       "Fix for a misplaced export that can cause build failures in certain
        (rare) Kconfig situations"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        tick: Move the export of tick_broadcast_oneshot_control to the proper place
      dae57fb6
    • Linus Torvalds's avatar
      Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · d65b78f5
      Linus Torvalds authored
      Pull scheduler fix from Ingo Molnar:
       "A oneliner rq throttling fix"
      
      * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched/fair: Test list head instead of list entry in throttle_cfs_rq()
      d65b78f5
    • Linus Torvalds's avatar
      Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · f79a17bf
      Linus Torvalds authored
      Pull perf fixes from Ingo Molnar:
       "Mostly tooling fixes, plus a static key fix fixing /sys/devices/cpu/rdpmc"
      
      * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf tools: Really allow to specify custom CC, AR or LD
        perf auxtrace: Fix misplaced check for HAVE_SYNC_COMPARE_AND_SWAP_SUPPORT
        perf hists browser: Take the --comm, --dsos, etc filters into account
        perf symbols: Store if there is a filter in place
        x86, perf: Fix static_key bug in load_mm_cr4()
        tools: Copy lib/hweight.c from the kernel sources
        perf tools: Fix the detached tarball wrt rbtree copy
        perf thread_map: Fix the sizeof() calculation for map entries
        tools lib: Improve clean target
        perf stat: Fix shadow declaration of close
        perf tools: Fix lockup using 32-bit compat vdso
      f79a17bf
    • Linus Torvalds's avatar
      Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 59ee7621
      Linus Torvalds authored
      Pull irq fixes from Ingo Molnar:
       "Misc irq fixes:
      
         - two driver fixes
         - a Xen regression fix
         - a nested irq thread crash fix"
      
      * 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        irqchip/gicv3-its: Fix mapping of LPIs to collections
        genirq: Prevent resend to interrupts marked IRQ_NESTED_THREAD
        genirq: Revert sparse irq locking around __cpu_up() and move it to x86 for now
        gpio/davinci: Fix race in installing chained irq handler
      59ee7621
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · 3a26a5b1
      Linus Torvalds authored
      Merge fixes from Andrew Morton:
       "25 fixes"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (25 commits)
        lib/decompress: set the compressor name to NULL on error
        mm/cma_debug: correct size input to bitmap function
        mm/cma_debug: fix debugging alloc/free interface
        mm/page_owner: set correct gfp_mask on page_owner
        mm/page_owner: fix possible access violation
        fsnotify: fix oops in fsnotify_clear_marks_by_group_flags()
        /proc/$PID/cmdline: fixup empty ARGV case
        dma-debug: skip debug_dma_assert_idle() when disabled
        hexdump: fix for non-aligned buffers
        checkpatch: fix long line messages about patch context
        mm: clean up per architecture MM hook header files
        MAINTAINERS: uclinux-h8-devel is moderated for non-subscribers
        mailmap: update Sudeep Holla's email id
        Update Viresh Kumar's email address
        mm, meminit: suppress unused memory variable warning
        configfs: fix kernel infoleak through user-controlled format string
        include, lib: add __printf attributes to several function prototypes
        s390/hugetlb: add hugepages_supported define
        mm: hugetlb: allow hugepages_supported to be architecture specific
        revert "s390/mm: make hugepages_supported a boot time decision"
        ...
      3a26a5b1
    • Linus Torvalds's avatar
      Merge branch 'for-linus-4.2' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs · 8be57013
      Linus Torvalds authored
      Pull btrfs fixes from Chris Mason:
       "These are all from Filipe, and cover a few problems we've had reported
        on the list recently (along with ones he found on his own)"
      
      * 'for-linus-4.2' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
        Btrfs: fix file corruption after cloning inline extents
        Btrfs: fix order by which delayed references are run
        Btrfs: fix list transaction->pending_ordered corruption
        Btrfs: fix memory leak in the extent_same ioctl
        Btrfs: fix shrinking truncate when the no_holes feature is enabled
      8be57013
    • Linus Torvalds's avatar
      Merge tag 'rtc-v4.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux · dfe91c97
      Linus Torvalds authored
      Pull rtc fixes from Alexandre Belloni:
       "A few fixes for the RTC susbsystem for 4.2.
      
        The mt6397 driver was introduce in 4.2 so it is worth fixing before
        the final release.  I though the compilation warning for armada38x was
        fixed by akpm in commit f98b733e ("rtc-armada38x.c: remove unused
        local `flags'") but he actually missed some occurrences of the
        variables.  Since I received 4 patches for that, I think we can
        include it now.
      
        Summary:
         - fix mt6397 wakealarm creation
         - remove a compilation warning for armada38x that was forgotten"
      
      * tag 'rtc-v4.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux:
        rtc: armada38x: Remove unused variable from armada38x_rtc_set_time()
        rtc: mt6397: enable wakeup before registering rtc device
      dfe91c97
    • Linus Torvalds's avatar
      Merge tag 'dm-4.2-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm · 3f8476fe
      Linus Torvalds authored
      Pull device mapper fixes from Mike Snitzer:
      
       - revert a request-based DM core change that caused IO latency to
         increase and adversely impact both throughput and system load
      
       - fix for a use after free bug in DM core's device cleanup
      
       - a couple DM btree removal fixes (used by dm-thinp)
      
       - a DM thinp fix for order-5 allocation failure
      
       - a DM thinp fix to not degrade to read-only metadata mode when in
         out-of-data-space mode for longer than the 'no_space_timeout'
      
       - fix a long-standing oversight in both dm-thinp and dm-cache by now
         exporting 'needs_check' in status if it was set in metadata
      
       - fix an embarrassing dm-cache busy-loop that caused worker threads to
         eat cpu even if no IO was actively being issued to the cache device
      
      * tag 'dm-4.2-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
        dm cache: avoid calls to prealloc_free_structs() if possible
        dm cache: avoid preallocation if no work in writeback_some_dirty_blocks()
        dm cache: do not wake_worker() in free_migration()
        dm cache: display 'needs_check' in status if it is set
        dm thin: display 'needs_check' in status if it is set
        dm thin: stay in out-of-data-space mode once no_space_timeout expires
        dm: fix use after free crash due to incorrect cleanup sequence
        Revert "dm: only run the queue on completion if congested or no requests pending"
        dm btree: silence lockdep lock inversion in dm_btree_del()
        dm thin: allocate the cell_sort_array dynamically
        dm btree remove: fix bug in redistribute3
      3f8476fe
    • Ingo Molnar's avatar
      x86/fpu, sched: Introduce CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT and use it on x86 · 5aaeb5c0
      Ingo Molnar authored
      Don't burden architectures without dynamic task_struct sizing
      with the overhead of dynamic sizing.
      
      Also optimize the x86 code a bit by caching task_struct_size.
      Acked-and-Tested-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dave Hansen <dave@sr71.net>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/1437128892-9831-3-git-send-email-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      5aaeb5c0
    • Dave Hansen's avatar
      x86/fpu, sched: Dynamically allocate 'struct fpu' · 0c8c0f03
      Dave Hansen authored
      The FPU rewrite removed the dynamic allocations of 'struct fpu'.
      But, this potentially wastes massive amounts of memory (2k per
      task on systems that do not have AVX-512 for instance).
      
      Instead of having a separate slab, this patch just appends the
      space that we need to the 'task_struct' which we dynamically
      allocate already.  This saves from doing an extra slab
      allocation at fork().
      
      The only real downside here is that we have to stick everything
      and the end of the task_struct.  But, I think the
      BUILD_BUG_ON()s I stuck in there should keep that from being too
      fragile.
      Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dave Hansen <dave@sr71.net>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/1437128892-9831-2-git-send-email-mingo@kernel.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      0c8c0f03
  7. 17 Jul, 2015 6 commits