1. 20 Mar, 2023 17 commits
  2. 13 Mar, 2023 11 commits
  3. 12 Mar, 2023 12 commits
    • Linus Torvalds's avatar
      Linux 6.3-rc2 · eeac8ede
      Linus Torvalds authored
      eeac8ede
    • Hector Martin's avatar
      wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" · 79d1ed5c
      Hector Martin authored
      This reverts part of commit 015b8cc5 ("wifi: cfg80211: Fix use after
      free for wext")
      
      This commit broke WPA offload by unconditionally clearing the crypto
      modes for non-WEP connections. Drop that part of the patch.
      Signed-off-by: default avatarHector Martin <marcan@marcan.st>
      Reported-by: default avatarIlya <me@0upti.me>
      Reported-and-tested-by: default avatarJanne Grunau <j@jannau.net>
      Reviewed-by: default avatarEric Curtin <ecurtin@redhat.com>
      Fixes: 015b8cc5 ("wifi: cfg80211: Fix use after free for wext")
      Cc: stable@kernel.org
      Link: https://lore.kernel.org/linux-wireless/ZAx0TWRBlGfv7pNl@kroah.com/T/#m11e6e0915ab8fa19ce8bc9695ab288c0fe018edfSigned-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      79d1ed5c
    • Linus Torvalds's avatar
      Merge tag 'tpm-v6.3-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd · c4ecd87f
      Linus Torvalds authored
      Pull tpm fixes from Jarkko Sakkinen:
       "Two additional bug fixes for v6.3"
      
      * tag 'tpm-v6.3-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
        tpm: disable hwrng for fTPM on some AMD designs
        tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address
      c4ecd87f
    • Mario Limonciello's avatar
      tpm: disable hwrng for fTPM on some AMD designs · f1324bbc
      Mario Limonciello authored
      AMD has issued an advisory indicating that having fTPM enabled in
      BIOS can cause "stuttering" in the OS.  This issue has been fixed
      in newer versions of the fTPM firmware, but it's up to system
      designers to decide whether to distribute it.
      
      This issue has existed for a while, but is more prevalent starting
      with kernel 6.1 because commit b006c439 ("hwrng: core - start
      hwrng kthread also for untrusted sources") started to use the fTPM
      for hwrng by default. However, all uses of /dev/hwrng result in
      unacceptable stuttering.
      
      So, simply disable registration of the defective hwrng when detecting
      these faulty fTPM versions.  As this is caused by faulty firmware, it
      is plausible that such a problem could also be reproduced by other TPM
      interactions, but this hasn't been shown by any user's testing or reports.
      
      It is hypothesized to be triggered more frequently by the use of the RNG
      because userspace software will fetch random numbers regularly.
      
      Intentionally continue to register other TPM functionality so that users
      that rely upon PCR measurements or any storage of data will still have
      access to it.  If it's found later that another TPM functionality is
      exacerbating this problem a module parameter it can be turned off entirely
      and a module parameter can be introduced to allow users who rely upon
      fTPM functionality to turn it on even though this problem is present.
      
      Link: https://www.amd.com/en/support/kb/faq/pa-410
      Link: https://bugzilla.kernel.org/show_bug.cgi?id=216989
      Link: https://lore.kernel.org/all/20230209153120.261904-1-Jason@zx2c4.com/
      Fixes: b006c439 ("hwrng: core - start hwrng kthread also for untrusted sources")
      Cc: stable@vger.kernel.org
      Cc: Jarkko Sakkinen <jarkko@kernel.org>
      Cc: Thorsten Leemhuis <regressions@leemhuis.info>
      Cc: James Bottomley <James.Bottomley@hansenpartnership.com>
      Tested-by: reach622@mailcuk.com
      Tested-by: default avatarBell <1138267643@qq.com>
      Co-developed-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: default avatarMario Limonciello <mario.limonciello@amd.com>
      Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
      Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
      f1324bbc
    • Morten Linderud's avatar
      tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address · 80a6c216
      Morten Linderud authored
      tpm_read_log_acpi() should return -ENODEV when no eventlog from the ACPI
      table is found. If the firmware vendor includes an invalid log address
      we are unable to map from the ACPI memory and tpm_read_log() returns -EIO
      which would abort discovery of the eventlog.
      
      Change the return value from -EIO to -ENODEV when acpi_os_map_iomem()
      fails to map the event log.
      
      The following hardware was used to test this issue:
          Framework Laptop (Pre-production)
          BIOS: INSYDE Corp, Revision: 3.2
          TPM Device: NTC, Firmware Revision: 7.2
      
      Dump of the faulty ACPI TPM2 table:
          [000h 0000   4]                    Signature : "TPM2"    [Trusted Platform Module hardware interface Table]
          [004h 0004   4]                 Table Length : 0000004C
          [008h 0008   1]                     Revision : 04
          [009h 0009   1]                     Checksum : 2B
          [00Ah 0010   6]                       Oem ID : "INSYDE"
          [010h 0016   8]                 Oem Table ID : "TGL-ULT"
          [018h 0024   4]                 Oem Revision : 00000002
          [01Ch 0028   4]              Asl Compiler ID : "ACPI"
          [020h 0032   4]        Asl Compiler Revision : 00040000
      
          [024h 0036   2]               Platform Class : 0000
          [026h 0038   2]                     Reserved : 0000
          [028h 0040   8]              Control Address : 0000000000000000
          [030h 0048   4]                 Start Method : 06 [Memory Mapped I/O]
      
          [034h 0052  12]            Method Parameters : 00 00 00 00 00 00 00 00 00 00 00 00
          [040h 0064   4]           Minimum Log Length : 00010000
          [044h 0068   8]                  Log Address : 000000004053D000
      
      Fixes: 0cf577a0 ("tpm: Fix handling of missing event log")
      Tested-by: default avatarErkki Eilonen <erkki@bearmetal.eu>
      Signed-off-by: default avatarMorten Linderud <morten@linderud.pw>
      Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
      Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
      80a6c216
    • Linus Torvalds's avatar
      Merge tag 'xfs-6.3-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux · 2e545d69
      Linus Torvalds authored
      Pull xfs fixes from Darrick Wong:
      
       - Fix a crash if mount time quotacheck fails when there are inodes
         queued for garbage collection.
      
       - Fix an off by one error when discarding folios after writeback
         failure.
      
      * tag 'xfs-6.3-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
        xfs: fix off-by-one-block in xfs_discard_folio()
        xfs: quotacheck failure can race with background inode inactivation
      2e545d69
    • Linus Torvalds's avatar
      Merge tag 'staging-6.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 13423166
      Linus Torvalds authored
      Pull staging driver fixes and removal from Greg KH:
       "Here are four small staging driver fixes, and one big staging driver
        deletion for 6.3-rc2.
      
        The fixes are:
      
         - rtl8192e driver fixes for where the driver was attempting to
           execute various programs directly from the disk for unknown reasons
      
         - rtl8723bs driver fixes for issues found by Hans in testing
      
        The deleted driver is the removal of the r8188eu wireless driver as
        now in 6.3-rc1 we have a "real" wifi driver for one that includes
        support for many many more devices than this old driver did. So it's
        time to remove it as it is no longer needed. The maintainers of this
        driver all have acked its removal. Many thanks to them over the years
        for working to clean it up and keep it working while the real driver
        was being developed.
      
        All of these have been in linux-next this week with no reported
        problems"
      
      * tag 'staging-6.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging: r8188eu: delete driver
        staging: rtl8723bs: Pass correct parameters to cfg80211_get_bss()
        staging: rtl8723bs: Fix key-store index handling
        staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
        staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script
      13423166
    • Linus Torvalds's avatar
      Merge tag 'x86_urgent_for_v6.3_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · d3d0cac6
      Linus Torvalds authored
      Pull x86 fix from Borislav Petkov:
       "A single erratum fix for AMD machines:
      
         - Disable XSAVES on AMD Zen1 and Zen2 machines due to an erratum. No
           impact to anything as those machines will fallback to XSAVEC which
           is equivalent there"
      
      * tag 'x86_urgent_for_v6.3_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/CPU/AMD: Disable XSAVES on AMD family 0x17
      d3d0cac6
    • Linus Torvalds's avatar
      Merge tag 'kernel.fork.v6.3-rc2' of gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux · f5eded1f
      Linus Torvalds authored
      Pull clone3 fix from Christian Brauner:
       "A simple fix for the clone3() system call.
      
        The CLONE_NEWTIME allows the creation of time namespaces. The flag
        reuses a bit from the CSIGNAL bits that are used in the legacy clone()
        system call to set the signal that gets sent to the parent after the
        child exits.
      
        The clone3() system call doesn't rely on CSIGNAL anymore as it uses a
        dedicated .exit_signal field in struct clone_args. So we blocked all
        CSIGNAL bits in clone3_args_valid(). When CLONE_NEWTIME was introduced
        and reused a CSIGNAL bit we forgot to adapt clone3_args_valid()
        causing CLONE_NEWTIME with clone3() to be rejected. Fix this"
      
      * tag 'kernel.fork.v6.3-rc2' of gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux:
        selftests/clone3: test clone3 with CLONE_NEWTIME
        fork: allow CLONE_NEWTIME in clone3 flags
      f5eded1f
    • Linus Torvalds's avatar
      Merge tag 'vfs.misc.v6.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping · 3b11717f
      Linus Torvalds authored
      Pull vfs fixes from Christian Brauner:
      
       - When allocating pages for a watch queue failed, we didn't return an
         error causing userspace to proceed even though all subsequent
         notifcations would be lost. Make sure to return an error.
      
       - Fix a misformed tree entry for the idmapping maintainers entry.
      
       - When setting file leases from an idmapped mount via
         generic_setlease() we need to take the idmapping into account
         otherwise taking a lease would fail from an idmapped mount.
      
       - Remove two redundant assignments, one in splice code and the other in
         locks code, that static checkers complained about.
      
      * tag 'vfs.misc.v6.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping:
        filelocks: use mount idmapping for setlease permission check
        fs/locks: Remove redundant assignment to cmd
        splice: Remove redundant assignment to ret
        MAINTAINERS: repair a malformed T: entry in IDMAPPED MOUNTS
        watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths
      3b11717f
    • Linus Torvalds's avatar
      Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 40d0c090
      Linus Torvalds authored
      Pull ext4 fixes from Ted Ts'o:
       "Bug fixes and regressions for ext4, the most serious of which is a
        potential deadlock during directory renames that was introduced during
        the merge window discovered by a combination of syzbot and lockdep"
      
      * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: zero i_disksize when initializing the bootloader inode
        ext4: make sure fs error flag setted before clear journal error
        ext4: commit super block if fs record error when journal record without error
        ext4, jbd2: add an optimized bmap for the journal inode
        ext4: fix WARNING in ext4_update_inline_data
        ext4: move where set the MAY_INLINE_DATA flag is set
        ext4: Fix deadlock during directory rename
        ext4: Fix comment about the 64BIT feature
        docs: ext4: modify the group desc size to 64
        ext4: fix another off-by-one fsmap error on 1k block filesystems
        ext4: fix RENAME_WHITEOUT handling for inline directories
        ext4: make kobj_type structures constant
        ext4: fix cgroup writeback accounting with fs-layer encryption
      40d0c090
    • Linus Torvalds's avatar
      cpumask: relax sanity checking constraints · e7304080
      Linus Torvalds authored
      The cpumask_check() was unnecessarily tight, and causes problems for the
      users of cpumask_next().
      
      We have a number of users that take the previous return value of one of
      the bit scanning functions and subtract one to keep it in "range".  But
      since the scanning functions end up returning up to 'small_cpumask_bits'
      instead of the tighter 'nr_cpumask_bits', the range really needs to be
      using that widened form.
      
      [ This "previous-1" behavior is also the reason we have all those
        comments about /* -1 is a legal arg here. */ and separate checks for
        that being ok.  So we could have just made "small_cpumask_bits-1"
        be a similar special "don't check this" value.
      
        Tetsuo Handa even suggested a patch that only does that for
        cpumask_next(), since that seems to be the only actual case that
        triggers, but that all makes it even _more_ magical and special. So
        just relax the check ]
      
      One example of this kind of pattern being the 'c_start()' function in
      arch/x86/kernel/cpu/proc.c, but also duplicated in various forms on
      other architectures.
      
      Reported-by: syzbot+96cae094d90877641f32@syzkaller.appspotmail.com
      Link: https://syzkaller.appspot.com/bug?extid=96cae094d90877641f32Reported-by: default avatarTetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
      Link: https://lore.kernel.org/lkml/c1f4cc16-feea-b83c-82cf-1a1f007b7eb9@I-love.SAKURA.ne.jp/
      Fixes: 596ff4a0 ("cpumask: re-introduce constant-sized cpumask optimizations")
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e7304080