1. 13 Dec, 2018 1 commit
    • Nayna Jain's avatar
      integrity: Define a trusted platform keyring · 9dc92c45
      Nayna Jain authored
      On secure boot enabled systems, a verified kernel may need to kexec
      additional kernels. For example, it may be used as a bootloader needing
      to kexec a target kernel or it may need to kexec a crashdump kernel. In
      such cases, it may want to verify the signature of the next kernel
      image.
      
      It is further possible that the kernel image is signed with third party
      keys which are stored as platform or firmware keys in the 'db' variable.
      The kernel, however, can not directly verify these platform keys, and an
      administrator may therefore not want to trust them for arbitrary usage.
      In order to differentiate platform keys from other keys and provide the
      necessary separation of trust, the kernel needs an additional keyring to
      store platform keys.
      
      This patch creates the new keyring called ".platform" to isolate keys
      provided by platform from keys by kernel. These keys are used to
      facilitate signature verification during kexec. Since the scope of this
      keyring is only the platform/firmware keys, it cannot be updated from
      userspace.
      
      This keyring can be enabled by setting CONFIG_INTEGRITY_PLATFORM_KEYRING.
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Reviewed-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
      Reviewed-by: default avatarJames Morris <james.morris@microsoft.com>
      Reviewed-by: default avatarThiago Jung Bauermann <bauerman@linux.ibm.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      9dc92c45
  2. 11 Dec, 2018 8 commits
    • Mimi Zohar's avatar
      selftests/ima: kexec_load syscall test · a802ed0d
      Mimi Zohar authored
      The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a
      kernel image's signature, when loaded via the kexec_file_load syscall.
      There is no method for verifying a kernel image's signature loaded
      via the kexec_load syscall.
      
      This test verifies loading the kernel image via the kexec_load syscall
      fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on
      systems with secureboot enabled[1].
      
      [1] Detecting secureboot enabled is architecture specific.
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      a802ed0d
    • Mimi Zohar's avatar
      ima: don't measure/appraise files on efivarfs · 060190fb
      Mimi Zohar authored
      Update the builtin IMA policies specified on the boot command line
      (eg. ima_policy="tcb|appraise_tcb") to permit accessing efivar files.
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      060190fb
    • Mimi Zohar's avatar
      x86/ima: retry detecting secure boot mode · 399574c6
      Mimi Zohar authored
      The secure boot mode may not be detected on boot for some reason (eg.
      buggy firmware).  This patch attempts one more time to detect the
      secure boot mode.
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      399574c6
    • Stefan Berger's avatar
      docs: Extend trusted keys documentation for TPM 2.0 · 4264f27a
      Stefan Berger authored
      Extend the documentation for trusted keys with documentation for how to
      set up a key for a TPM 2.0 so it can be used with a TPM 2.0 as well.
      Signed-off-by: default avatarStefan Berger <stefanb@linux.ibm.com>
      Reviewed-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      Reviewed-by: default avatarDave Jiang <dave.jiang@intel.com>
      Acked-by: default avatarDan Williams <dan.j.williams@intel.com>
      Acked-by: default avatarJerry Snitselaar <jsnitsel@redhat.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      4264f27a
    • Eric Richter's avatar
      x86/ima: define arch_get_ima_policy() for x86 · d958083a
      Eric Richter authored
      On x86, there are two methods of verifying a kexec'ed kernel image
      signature being loaded via the kexec_file_load syscall - an architecture
      specific implementaton or a IMA KEXEC_KERNEL_CHECK appraisal rule. Neither
      of these methods verify the kexec'ed kernel image signature being loaded
      via the kexec_load syscall.
      
      Secure boot enabled systems require kexec images to be signed. Therefore,
      this patch loads an IMA KEXEC_KERNEL_CHECK policy rule on secure boot
      enabled systems not configured with CONFIG_KEXEC_VERIFY_SIG enabled.
      
      When IMA_APPRAISE_BOOTPARAM is configured, different IMA appraise modes
      (eg. fix, log) can be specified on the boot command line, allowing unsigned
      or invalidly signed kernel images to be kexec'ed. This patch permits
      enabling IMA_APPRAISE_BOOTPARAM or IMA_ARCH_POLICY, but not both.
      Signed-off-by: default avatarEric Richter <erichte@linux.ibm.com>
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Eric Biederman <ebiederm@xmission.com>
      Cc: Peter Jones <pjones@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Dave Young <dyoung@redhat.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      d958083a
    • Nayna Jain's avatar
      ima: add support for arch specific policies · 61917062
      Nayna Jain authored
      Builtin IMA policies can be enabled on the boot command line, and replaced
      with a custom policy, normally during early boot in the initramfs. Build
      time IMA policy rules were recently added. These rules are automatically
      enabled on boot and persist after loading a custom policy.
      
      There is a need for yet another type of policy, an architecture specific
      policy, which is derived at runtime during kernel boot, based on the
      runtime secure boot flags.  Like the build time policy rules, these rules
      persist after loading a custom policy.
      
      This patch adds support for loading an architecture specific IMA policy.
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Co-Developed-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      61917062
    • Nayna Jain's avatar
      ima: refactor ima_init_policy() · c52657d9
      Nayna Jain authored
      This patch removes the code duplication in ima_init_policy() by defining
      a new function named add_rules(). The new function adds the rules to the
      initial IMA policy, the custom policy or both based on the policy mask
      (IMA_DEFAULT_POLICY, IMA_CUSTOM_POLICY).
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      c52657d9
    • Nayna Jain's avatar
      ima: prevent kexec_load syscall based on runtime secureboot flag · b5ca1173
      Nayna Jain authored
      When CONFIG_KEXEC_VERIFY_SIG is enabled, the kexec_file_load syscall
      requires the kexec'd kernel image to be signed. Distros are concerned
      about totally disabling the kexec_load syscall. As a compromise, the
      kexec_load syscall will only be disabled when CONFIG_KEXEC_VERIFY_SIG
      is configured and the system is booted with secureboot enabled.
      
      This patch disables the kexec_load syscall only for systems booted with
      secureboot enabled.
      
      [zohar@linux.ibm.com: add missing mesage on kexec_load failure]
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Eric Biederman <ebiederm@xmission.com>
      Cc: Peter Jones <pjones@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Dave Young <dyoung@redhat.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      b5ca1173
  3. 13 Nov, 2018 2 commits
    • Nayna Jain's avatar
      x86/ima: define arch_ima_get_secureboot · 0914ade2
      Nayna Jain authored
      Distros are concerned about totally disabling the kexec_load syscall.
      As a compromise, the kexec_load syscall will only be disabled when
      CONFIG_KEXEC_VERIFY_SIG is configured and the system is booted with
      secureboot enabled.
      
      This patch defines the new arch specific function called
      arch_ima_get_secureboot() to retrieve the secureboot state of the system.
      Signed-off-by: default avatarNayna Jain <nayna@linux.ibm.com>
      Suggested-by: default avatarSeth Forshee <seth.forshee@canonical.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Eric Biederman <ebiederm@xmission.com>
      Cc: Peter Jones <pjones@redhat.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Dave Young <dyoung@redhat.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      0914ade2
    • Mimi Zohar's avatar
      integrity: support new struct public_key_signature encoding field · 59637d5e
      Mimi Zohar authored
      On systems with IMA-appraisal enabled with a policy requiring file
      signatures, the "good" signature values are stored on the filesystem as
      extended attributes (security.ima).  Signature verification failure
      would normally be limited to just a particular file (eg. executable),
      but during boot signature verification failure could result in a system
      hang.
      
      Defining and requiring a new public_key_signature field requires all
      callers of asymmetric signature verification to be updated to reflect
      the change.  This patch updates the integrity asymmetric_verify()
      caller.
      
      Fixes: 82f94f24 ("KEYS: Provide software public key query function [ver #2]")
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      Cc: David Howells <dhowells@redhat.com>
      Acked-by: default avatarDenis Kenzior <denkenz@gmail.com>
      59637d5e
  4. 12 Nov, 2018 1 commit
  5. 11 Nov, 2018 18 commits
    • Linus Torvalds's avatar
      Linux 4.20-rc2 · ccda4af0
      Linus Torvalds authored
      ccda4af0
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 7a3765ed
      Linus Torvalds authored
      Pull networking fixes from David Miller:
       "One last pull request before heading to Vancouver for LPC, here we have:
      
         1) Don't forget to free VSI contexts during ice driver unload, from
            Victor Raj.
      
         2) Don't forget napi delete calls during device remove in ice driver,
            from Dave Ertman.
      
         3) Don't request VLAN tag insertion of ibmvnic device when SKB
            doesn't have VLAN tags at all.
      
         4) IPV4 frag handling code has to accomodate the situation where two
            threads try to insert the same fragment into the hash table at the
            same time. From Eric Dumazet.
      
         5) Relatedly, don't flow separate on protocol ports for fragmented
            frames, also from Eric Dumazet.
      
         6) Memory leaks in qed driver, from Denis Bolotin.
      
         7) Correct valid MTU range in smsc95xx driver, from Stefan Wahren.
      
         8) Validate cls_flower nested policies properly, from Jakub Kicinski.
      
         9) Clearing of stats counters in mc88e6xxx driver doesn't retain
            important bits in the G1_STATS_OP register causing the chip to
            hang. Fix from Andrew Lunn"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (41 commits)
        act_mirred: clear skb->tstamp on redirect
        net: dsa: mv88e6xxx: Fix clearing of stats counters
        tipc: fix link re-establish failure
        net: sched: cls_flower: validate nested enc_opts_policy to avoid warning
        net: mvneta: correct typo
        flow_dissector: do not dissect l4 ports for fragments
        net: qualcomm: rmnet: Fix incorrect assignment of real_dev
        net: aquantia: allow rx checksum offload configuration
        net: aquantia: invalid checksumm offload implementation
        net: aquantia: fixed enable unicast on 32 macvlan
        net: aquantia: fix potential IOMMU fault after driver unbind
        net: aquantia: synchronized flow control between mac/phy
        net: smsc95xx: Fix MTU range
        net: stmmac: Fix RX packet size > 8191
        qed: Fix potential memory corruption
        qed: Fix SPQ entries not returned to pool in error flows
        qed: Fix blocking/unlimited SPQ entries leak
        qed: Fix memory/entry leak in qed_init_sp_request()
        inet: frags: better deal with smp races
        net: hns3: bugfix for not checking return value
        ...
      7a3765ed
    • Linus Torvalds's avatar
      Merge tag 'kbuild-fixes-v4.20' of... · e12e00e3
      Linus Torvalds authored
      Merge tag 'kbuild-fixes-v4.20' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
      
      Pull Kbuild fixes from Masahiro Yamada:
      
       - fix build errors in binrpm-pkg and bindeb-pkg targets
      
       - fix false positive matches in merge_config.sh
      
       - fix build version mismatch in deb-pkg target
      
       - fix dtbs_install handling in (bin)deb-pkg target
      
       - revert a commit that allows setlocalversion to write to source tree
      
      * tag 'kbuild-fixes-v4.20' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
        builddeb: Fix inclusion of dtbs in debian package
        Revert "scripts/setlocalversion: git: Make -dirty check more robust"
        kbuild: deb-pkg: fix too low build version number
        kconfig: merge_config: avoid false positive matches from comment lines
        kbuild: deb-pkg: fix bindeb-pkg breakage when O= is used
        kbuild: rpm-pkg: fix binrpm-pkg breakage when O= is used
      e12e00e3
    • Linus Torvalds's avatar
      Merge tag 'for-4.20-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · 63a42e1a
      Linus Torvalds authored
      Pull btrfs fixes from David Sterba:
       "Several fixes to recent release (4.19, fixes tagged for stable) and
        other fixes"
      
      * tag 'for-4.20-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        Btrfs: fix missing delayed iputs on unmount
        Btrfs: fix data corruption due to cloning of eof block
        Btrfs: fix infinite loop on inode eviction after deduplication of eof block
        Btrfs: fix deadlock on tree root leaf when finding free extent
        btrfs: avoid link error with CONFIG_NO_AUTO_INLINE
        btrfs: tree-checker: Fix misleading group system information
        Btrfs: fix missing data checksums after a ranged fsync (msync)
        btrfs: fix pinned underflow after transaction aborted
        Btrfs: fix cur_offset in the error case for nocow
      63a42e1a
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · c140f8b0
      Linus Torvalds authored
      Pull ext4 fixes from Ted Ts'o:
       "A large number of ext4 bug fixes, mostly buffer and memory leaks on
        error return cleanup paths"
      
      * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: missing !bh check in ext4_xattr_inode_write()
        ext4: fix buffer leak in __ext4_read_dirblock() on error path
        ext4: fix buffer leak in ext4_expand_extra_isize_ea() on error path
        ext4: fix buffer leak in ext4_xattr_move_to_block() on error path
        ext4: release bs.bh before re-using in ext4_xattr_block_find()
        ext4: fix buffer leak in ext4_xattr_get_block() on error path
        ext4: fix possible leak of s_journal_flag_rwsem in error path
        ext4: fix possible leak of sbi->s_group_desc_leak in error path
        ext4: remove unneeded brelse call in ext4_xattr_inode_update_ref()
        ext4: avoid possible double brelse() in add_new_gdb() on error path
        ext4: avoid buffer leak in ext4_orphan_add() after prior errors
        ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty()
        ext4: fix possible inode leak in the retry loop of ext4_resize_fs()
        ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing
        ext4: add missing brelse() update_backups()'s error path
        ext4: add missing brelse() add_new_gdb_meta_bg()'s error path
        ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path
        ext4: avoid potential extra brelse in setup_new_flex_group_blocks()
      c140f8b0
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · b6df7b6d
      Linus Torvalds authored
      Pull x86 fixes from Thomas Gleixner:
       "A set of x86 fixes:
      
         - Cure the LDT remapping to user space on 5 level paging which ended
           up in the KASLR space
      
         - Remove LDT mapping before freeing the LDT pages
      
         - Make NFIT MCE handling more robust
      
         - Unbreak the VSMP build by removing the dependency on paravirt ops
      
         - Support broken PIT emulation on Microsoft hyperV
      
         - Don't trace vmware_sched_clock() to avoid tracer recursion
      
         - Remove -pipe from KBUILD CFLAGS which breaks clang and is also
           slower on GCC
      
         - Trivial coding style and typo fixes"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/cpu/vmware: Do not trace vmware_sched_clock()
        x86/vsmp: Remove dependency on pv_irq_ops
        x86/ldt: Remove unused variable in map_ldt_struct()
        x86/ldt: Unmap PTEs for the slot before freeing LDT pages
        x86/mm: Move LDT remap out of KASLR region on 5-level paging
        acpi/nfit, x86/mce: Validate a MCE's address before using it
        acpi/nfit, x86/mce: Handle only uncorrectable machine checks
        x86/build: Remove -pipe from KBUILD_CFLAGS
        x86/hyper-v: Fix indentation in hv_do_fast_hypercall16()
        Documentation/x86: Fix typo in zero-page.txt
        x86/hyper-v: Enable PIT shutdown quirk
        clockevents/drivers/i8253: Add support for PIT shutdown quirk
      b6df7b6d
    • Linus Torvalds's avatar
      Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 655c6b97
      Linus Torvalds authored
      Pull perf fixes from Thomas Gleixner:
       "A bunch of perf tooling fixes:
      
         - Make the Intel PT SQL viewer more robust
      
         - Make the Intel PT debug log more useful
      
         - Support weak groups in perf record so it's behaving the same way as
           perf stat
      
         - Display the LBR stats in callchain entries properly in perf top
      
         - Handle different PMu names with common prefix properlin in pert
           stat
      
         - Start syscall augmenting in perf trace. Preparation for
           architecture independent eBPF instrumentation of syscalls.
      
         - Fix build breakage in JVMTI perf lib
      
         - Fix arm64 tools build failure wrt smp_load_{acquire,release}"
      
      * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf tools: Do not zero sample_id_all for group members
        perf tools: Fix undefined symbol scnprintf in libperf-jvmti.so
        perf beauty: Use SRCARCH, ARCH=x86_64 must map to "x86" to find the headers
        perf intel-pt: Add MTC and CYC timestamps to debug log
        perf intel-pt: Add more event information to debug log
        perf scripts python: exported-sql-viewer.py: Fix table find when table re-ordered
        perf scripts python: exported-sql-viewer.py: Add help window
        perf scripts python: exported-sql-viewer.py: Add Selected branches report
        perf scripts python: exported-sql-viewer.py: Fall back to /usr/local/lib/libxed.so
        perf top: Display the LBR stats in callchain entry
        perf stat: Handle different PMU names with common prefix
        perf record: Support weak groups
        perf evlist: Move perf_evsel__reset_weak_group into evlist
        perf augmented_syscalls: Start collecting pathnames in the BPF program
        perf trace: Fix setting of augmented payload when using eBPF + raw_syscalls
        perf trace: When augmenting raw_syscalls plug raw_syscalls:sys_exit too
        perf examples bpf: Start augmenting raw_syscalls:sys_{start,exit}
        tools headers barrier: Fix arm64 tools build failure wrt smp_load_{acquire,release}
      655c6b97
    • Linus Torvalds's avatar
      Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 08b52786
      Linus Torvalds authored
      Pull timer fix from Thomas Gleixner:
       "Just the removal of a redundant call into the sched deadline overrun
        check"
      
      * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        posix-cpu-timers: Remove useless call to check_dl_overrun()
      08b52786
    • Linus Torvalds's avatar
      Merge branch 'sched/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 024d4d4c
      Linus Torvalds authored
      Pull scheduler fixes from Thomas Gleixner:
       "Two small scheduler fixes:
      
         - Take hotplug lock in sched_init_smp(). Technically not really
           required, but lockdep will complain other.
      
         - Trivial comment fix in sched/fair"
      
      * 'sched/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched/fair: Fix a comment in task_numa_fault()
        sched/core: Take the hotplug lock in sched_init_smp()
      024d4d4c
    • Linus Torvalds's avatar
      Merge branch 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 1acf93ca
      Linus Torvalds authored
      Pull locking build fix from Thomas Gleixner:
       "A single fix for a build fail with CONFIG_PROFILE_ALL_BRANCHES=y in
        the qspinlock code"
      
      * 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/qspinlock: Fix compile error
      1acf93ca
    • Linus Torvalds's avatar
      Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 0b002cdd
      Linus Torvalds authored
      Pull core fixes from Thomas Gleixner:
       "A couple of fixlets for the core:
      
         - Kernel doc function documentation fixes
      
         - Missing prototypes for weak watchdog functions"
      
      * 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        resource/docs: Complete kernel-doc style function documentation
        watchdog/core: Add missing prototypes for weak functions
        resource/docs: Fix new kernel-doc warnings
      0b002cdd
    • Eric Dumazet's avatar
      act_mirred: clear skb->tstamp on redirect · 7236ead1
      Eric Dumazet authored
      If sch_fq is used at ingress, skbs that might have been
      timestamped by net_timestamp_set() if a packet capture
      is requesting timestamps could be delayed by arbitrary
      amount of time, since sch_fq time base is MONOTONIC.
      
      Fix this problem by moving code from sch_netem.c to act_mirred.c.
      
      Fixes: fb420d5d ("tcp/fq: move back to CLOCK_MONOTONIC")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7236ead1
    • Andrew Lunn's avatar
      net: dsa: mv88e6xxx: Fix clearing of stats counters · a9049ff9
      Andrew Lunn authored
      The mv88e6161 would sometime fail to probe with a timeout waiting for
      the switch to complete an operation. This operation is supposed to
      clear the statistics counters. However, due to a read/modify/write,
      without the needed mask, the operation actually carried out was more
      random, with invalid parameters, resulting in the switch not
      responding. We need to preserve the histogram mode bits, so apply a
      mask to keep them.
      Reported-by: default avatarChris Healy <Chris.Healy@zii.aero>
      Fixes: 40cff8fc ("net: dsa: mv88e6xxx: Fix stats histogram mode")
      Signed-off-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a9049ff9
    • Jon Maloy's avatar
      tipc: fix link re-establish failure · 7ab412d3
      Jon Maloy authored
      When a link failure is detected locally, the link is reset, the flag
      link->in_session is set to false, and a RESET_MSG with the 'stopping'
      bit set is sent to the peer.
      
      The purpose of this bit is to inform the peer that this endpoint just
      is going down, and that the peer should handle the reception of this
      particular RESET message as a local failure. This forces the peer to
      accept another RESET or ACTIVATE message from this endpoint before it
      can re-establish the link. This again is necessary to ensure that
      link session numbers are properly exchanged before the link comes up
      again.
      
      If a failure is detected locally at the same time at the peer endpoint
      this will do the same, which is also a correct behavior.
      
      However, when receiving such messages, the endpoints will not
      distinguish between 'stopping' RESETs and ordinary ones when it comes
      to updating session numbers. Both endpoints will copy the received
      session number and set their 'in_session' flags to true at the
      reception, while they are still expecting another RESET from the
      peer before they can go ahead and re-establish. This is contradictory,
      since, after applying the validation check referred to below, the
      'in_session' flag will cause rejection of all such messages, and the
      link will never come up again.
      
      We now fix this by not only handling received RESET/STOPPING messages
      as a local failure, but also by omitting to set a new session number
      and the 'in_session' flag in such cases.
      
      Fixes: 7ea817f4 ("tipc: check session number before accepting link protocol messages")
      Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ab412d3
    • Rob Herring's avatar
      builddeb: Fix inclusion of dtbs in debian package · d5615e47
      Rob Herring authored
      Commit 37c8a5fa ("kbuild: consolidate Devicetree dtb build rules")
      moved the location of 'dtbs_install' target which caused dtbs to not be
      installed when building debian package with 'bindeb-pkg' target. Update
      the builddeb script to use the same logic that determines if there's a
      'dtbs_install' target which is presence of the arch dts directory. Also,
      use CONFIG_OF_EARLY_FLATTREE instead of CONFIG_OF as that's a better
      indication of whether we are building dtbs.
      
      This commit will also have the side effect of installing dtbs on any
      arch that has dts files. Previously, it was dependent on whether the
      arch defined 'dtbs_install'.
      
      Fixes: 37c8a5fa ("kbuild: consolidate Devicetree dtb build rules")
      Reported-by: default avatarNuno Gonçalves <nunojpg@gmail.com>
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      d5615e47
    • Guenter Roeck's avatar
      Revert "scripts/setlocalversion: git: Make -dirty check more robust" · 8ef14c2c
      Guenter Roeck authored
      This reverts commit 6147b1cf.
      
      The reverted patch results in attempted write access to the source
      repository, even if that repository is mounted read-only.
      
      Output from "strace git status -uno --porcelain":
      
      getcwd("/tmp/linux-test", 129)          = 16
      open("/tmp/linux-test/.git/index.lock", O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC, 0666) =
      	-1 EROFS (Read-only file system)
      
      While git appears to be able to handle this situation, a monitored
      build environment (such as the one used for Chrome OS kernel builds)
      may detect it and bail out with an access violation error. On top of
      that, the attempted write access suggests that git _will_ write to the
      file even if a build output directory is specified. Users may have the
      reasonable expectation that the source repository remains untouched in
      that situation.
      
      Fixes: 6147b1cf ("scripts/setlocalversion: git: Make -dirty check more robust"
      Cc: Genki Sky <sky@genki.is>
      Signed-off-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Reviewed-by: default avatarBrian Norris <briannorris@chromium.org>
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      8ef14c2c
    • Masahiro Yamada's avatar
      kbuild: deb-pkg: fix too low build version number · bbcde0a7
      Masahiro Yamada authored
      Since commit b41d920a ("kbuild: deb-pkg: split generating packaging
      and build"), the build version of the kernel contained in a deb package
      is too low by 1.
      
      Prior to the bad commit, the kernel was built first, then the number
      in .version file was read out, and written into the debian control file.
      
      Now, the debian control file is created before the kernel is actually
      compiled, which is causing the version number mismatch.
      
      Let the mkdebian script pass KBUILD_BUILD_VERSION=${revision} to require
      the build system to use the specified version number.
      
      Fixes: b41d920a ("kbuild: deb-pkg: split generating packaging and build")
      Reported-by: default avatarDoug Smythies <dsmythies@telus.net>
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      Tested-by: default avatarDoug Smythies <dsmythies@telus.net>
      bbcde0a7
    • Masahiro Yamada's avatar
      kconfig: merge_config: avoid false positive matches from comment lines · 6bbe4385
      Masahiro Yamada authored
      The current SED_CONFIG_EXP could match to comment lines in config
      fragment files, especially when CONFIG_PREFIX_ is empty. For example,
      Buildroot uses empty prefixing; starting symbols with BR2_ is just
      convention.
      
      Make the sed expression more robust against false positives from
      comment lines. The new sed expression matches to only valid patterns.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      Reviewed-by: default avatarPetr Vorel <petr.vorel@gmail.com>
      Reviewed-by: default avatarArnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
      6bbe4385
  6. 10 Nov, 2018 10 commits