1. 07 Nov, 2021 21 commits
  2. 06 Nov, 2021 1 commit
  3. 03 Nov, 2021 12 commits
  4. 02 Nov, 2021 6 commits
    • Linus Torvalds's avatar
      Merge tag 'x86_core_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · cc0356d6
      Linus Torvalds authored
      Pull x86 core updates from Borislav Petkov:
      
       - Do not #GP on userspace use of CLI/STI but pretend it was a NOP to
         keep old userspace from breaking. Adjust the corresponding iopl
         selftest to that.
      
       - Improve stack overflow warnings to say which stack got overflowed and
         raise the exception stack sizes to 2 pages since overflowing the
         single page of exception stack is very easy to do nowadays with all
         the tracing machinery enabled. With that, rip out the custom mapping
         of AMD SEV's too.
      
       - A bunch of changes in preparation for FGKASLR like supporting more
         than 64K section headers in the relocs tool, correct ORC lookup table
         size to cover the whole kernel .text and other adjustments.
      
      * tag 'x86_core_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        selftests/x86/iopl: Adjust to the faked iopl CLI/STI usage
        vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext
        x86/boot/compressed: Avoid duplicate malloc() implementations
        x86/boot: Allow a "silent" kaslr random byte fetch
        x86/tools/relocs: Support >64K section headers
        x86/sev: Make the #VC exception stacks part of the default stacks storage
        x86: Increase exception stack sizes
        x86/mm/64: Improve stack overflow warnings
        x86/iopl: Fake iopl(3) CLI/STI usage
      cc0356d6
    • Linus Torvalds's avatar
      Merge tag 'net-next-for-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next · fc02cb2b
      Linus Torvalds authored
      Pull networking updates from Jakub Kicinski:
       "Core:
      
         - Remove socket skb caches
      
         - Add a SO_RESERVE_MEM socket op to forward allocate buffer space and
           avoid memory accounting overhead on each message sent
      
         - Introduce managed neighbor entries - added by control plane and
           resolved by the kernel for use in acceleration paths (BPF / XDP
           right now, HW offload users will benefit as well)
      
         - Make neighbor eviction on link down controllable by userspace to
           work around WiFi networks with bad roaming implementations
      
         - vrf: Rework interaction with netfilter/conntrack
      
         - fq_codel: implement L4S style ce_threshold_ect1 marking
      
         - sch: Eliminate unnecessary RCU waits in mini_qdisc_pair_swap()
      
        BPF:
      
         - Add support for new btf kind BTF_KIND_TAG, arbitrary type tagging
           as implemented in LLVM14
      
         - Introduce bpf_get_branch_snapshot() to capture Last Branch Records
      
         - Implement variadic trace_printk helper
      
         - Add a new Bloomfilter map type
      
         - Track <8-byte scalar spill and refill
      
         - Access hw timestamp through BPF's __sk_buff
      
         - Disallow unprivileged BPF by default
      
         - Document BPF licensing
      
        Netfilter:
      
         - Introduce egress hook for looking at raw outgoing packets
      
         - Allow matching on and modifying inner headers / payload data
      
         - Add NFT_META_IFTYPE to match on the interface type either from
           ingress or egress
      
        Protocols:
      
         - Multi-Path TCP:
            - increase default max additional subflows to 2
            - rework forward memory allocation
            - add getsockopts: MPTCP_INFO, MPTCP_TCPINFO, MPTCP_SUBFLOW_ADDRS
      
         - MCTP flow support allowing lower layer drivers to configure msg
           muxing as needed
      
         - Automatic Multicast Tunneling (AMT) driver based on RFC7450
      
         - HSR support the redbox supervision frames (IEC-62439-3:2018)
      
         - Support for the ip6ip6 encapsulation of IOAM
      
         - Netlink interface for CAN-FD's Transmitter Delay Compensation
      
         - Support SMC-Rv2 eliminating the current same-subnet restriction, by
           exploiting the UDP encapsulation feature of RoCE adapters
      
         - TLS: add SM4 GCM/CCM crypto support
      
         - Bluetooth: initial support for link quality and audio/codec offload
      
        Driver APIs:
      
         - Add a batched interface for RX buffer allocation in AF_XDP buffer
           pool
      
         - ethtool: Add ability to control transceiver modules' power mode
      
         - phy: Introduce supported interfaces bitmap to express MAC
           capabilities and simplify PHY code
      
         - Drop rtnl_lock from DSA .port_fdb_{add,del} callbacks
      
        New drivers:
      
         - WiFi driver for Realtek 8852AE 802.11ax devices (rtw89)
      
         - Ethernet driver for ASIX AX88796C SPI device (x88796c)
      
        Drivers:
      
         - Broadcom PHYs
            - support 72165, 7712 16nm PHYs
            - support IDDQ-SR for additional power savings
      
         - PHY support for QCA8081, QCA9561 PHYs
      
         - NXP DPAA2: support for IRQ coalescing
      
         - NXP Ethernet (enetc): support for software TCP segmentation
      
         - Renesas Ethernet (ravb) - support DMAC and EMAC blocks of
           Gigabit-capable IP found on RZ/G2L SoC
      
         - Intel 100G Ethernet
            - support for eswitch offload of TC/OvS flow API, including
              offload of GRE, VxLAN, Geneve tunneling
            - support application device queues - ability to assign Rx and Tx
              queues to application threads
            - PTP and PPS (pulse-per-second) extensions
      
         - Broadcom Ethernet (bnxt)
            - devlink health reporting and device reload extensions
      
         - Mellanox Ethernet (mlx5)
            - offload macvlan interfaces
            - support HW offload of TC rules involving OVS internal ports
            - support HW-GRO and header/data split
            - support application device queues
      
         - Marvell OcteonTx2:
            - add XDP support for PF
            - add PTP support for VF
      
         - Qualcomm Ethernet switch (qca8k): support for QCA8328
      
         - Realtek Ethernet DSA switch (rtl8366rb)
            - support bridge offload
            - support STP, fast aging, disabling address learning
            - support for Realtek RTL8365MB-VC, a 4+1 port 10M/100M/1GE switch
      
         - Mellanox Ethernet/IB switch (mlxsw)
            - multi-level qdisc hierarchy offload (e.g. RED, prio and shaping)
            - offload root TBF qdisc as port shaper
            - support multiple routing interface MAC address prefixes
            - support for IP-in-IP with IPv6 underlay
      
         - MediaTek WiFi (mt76)
            - mt7921 - ASPM, 6GHz, SDIO and testmode support
            - mt7915 - LED and TWT support
      
         - Qualcomm WiFi (ath11k)
            - include channel rx and tx time in survey dump statistics
            - support for 80P80 and 160 MHz bandwidths
            - support channel 2 in 6 GHz band
            - spectral scan support for QCN9074
            - support for rx decapsulation offload (data frames in 802.3
              format)
      
         - Qualcomm phone SoC WiFi (wcn36xx)
            - enable Idle Mode Power Save (IMPS) to reduce power consumption
              during idle
      
         - Bluetooth driver support for MediaTek MT7922 and MT7921
      
         - Enable support for AOSP Bluetooth extension in Qualcomm WCN399x and
           Realtek 8822C/8852A
      
         - Microsoft vNIC driver (mana)
            - support hibernation and kexec
      
         - Google vNIC driver (gve)
            - support for jumbo frames
            - implement Rx page reuse
      
        Refactor:
      
         - Make all writes to netdev->dev_addr go thru helpers, so that we can
           add this address to the address rbtree and handle the updates
      
         - Various TCP cleanups and optimizations including improvements to
           CPU cache use
      
         - Simplify the gnet_stats, Qdisc stats' handling and remove
           qdisc->running sequence counter
      
         - Driver changes and API updates to address devlink locking
           deficiencies"
      
      * tag 'net-next-for-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (2122 commits)
        Revert "net: avoid double accounting for pure zerocopy skbs"
        selftests: net: add arp_ndisc_evict_nocarrier
        net: ndisc: introduce ndisc_evict_nocarrier sysctl parameter
        net: arp: introduce arp_evict_nocarrier sysctl parameter
        libbpf: Deprecate AF_XDP support
        kbuild: Unify options for BTF generation for vmlinux and modules
        selftests/bpf: Add a testcase for 64-bit bounds propagation issue.
        bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
        bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and var_off.
        net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c
        net: avoid double accounting for pure zerocopy skbs
        tcp: rename sk_wmem_free_skb
        netdevsim: fix uninit value in nsim_drv_configure_vfs()
        selftests/bpf: Fix also no-alu32 strobemeta selftest
        bpf: Add missing map_delete_elem method to bloom filter map
        selftests/bpf: Add bloom map success test for userspace calls
        bpf: Add alignment padding for "map_extra" + consolidate holes
        bpf: Bloom filter map naming fixups
        selftests/bpf: Add test cases for struct_ops prog
        bpf: Add dummy BPF STRUCT_OPS for test purpose
        ...
      fc02cb2b
    • Jakub Kicinski's avatar
      Revert "net: avoid double accounting for pure zerocopy skbs" · 84882cf7
      Jakub Kicinski authored
      This reverts commit f1a456f8.
      
        WARNING: CPU: 1 PID: 6819 at net/core/skbuff.c:5429 skb_try_coalesce+0x78b/0x7e0
        CPU: 1 PID: 6819 Comm: xxxxxxx Kdump: loaded Tainted: G S                5.15.0-04194-gd852503f7711 #16
        RIP: 0010:skb_try_coalesce+0x78b/0x7e0
        Code: e8 2a bf 41 ff 44 8b b3 bc 00 00 00 48 8b 7c 24 30 e8 19 c0 41 ff 44 89 f0 48 03 83 c0 00 00 00 48 89 44 24 40 e9 47 fb ff ff <0f> 0b e9 ca fc ff ff 4c 8d 70 ff 48 83 c0 07 48 89 44 24 38 e9 61
        RSP: 0018:ffff88881f449688 EFLAGS: 00010282
        RAX: 00000000fffffe96 RBX: ffff8881566e4460 RCX: ffffffff82079f7e
        RDX: 0000000000000003 RSI: dffffc0000000000 RDI: ffff8881566e47b0
        RBP: ffff8881566e46e0 R08: ffffed102619235d R09: ffffed102619235d
        R10: ffff888130c91ae3 R11: ffffed102619235c R12: ffff88881f4498a0
        R13: 0000000000000056 R14: 0000000000000009 R15: ffff888130c91ac0
        FS:  00007fec2cbb9700(0000) GS:ffff88881f440000(0000) knlGS:0000000000000000
        CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
        CR2: 00007fec1b060d80 CR3: 00000003acf94005 CR4: 00000000003706e0
        DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
        DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
        Call Trace:
         <IRQ>
         tcp_try_coalesce+0xeb/0x290
         ? tcp_parse_options+0x610/0x610
         ? mark_held_locks+0x79/0xa0
         tcp_queue_rcv+0x69/0x2f0
         tcp_rcv_established+0xa49/0xd40
         ? tcp_data_queue+0x18a0/0x18a0
         tcp_v6_do_rcv+0x1c9/0x880
         ? rt6_mtu_change_route+0x100/0x100
         tcp_v6_rcv+0x1624/0x1830
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      84882cf7
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · bfc484fe
      Linus Torvalds authored
      Pull crypto updates from Herbert Xu:
       "API:
      
         - Delay boot-up self-test for built-in algorithms
      
        Algorithms:
      
         - Remove fallback path on arm64 as SIMD now runs with softirq off
      
        Drivers:
      
         - Add Keem Bay OCS ECC Driver"
      
      * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (61 commits)
        crypto: testmgr - fix wrong key length for pkcs1pad
        crypto: pcrypt - Delay write to padata->info
        crypto: ccp - Make use of the helper macro kthread_run()
        crypto: sa2ul - Use the defined variable to clean code
        crypto: s5p-sss - Add error handling in s5p_aes_probe()
        crypto: keembay-ocs-ecc - Add Keem Bay OCS ECC Driver
        dt-bindings: crypto: Add Keem Bay ECC bindings
        crypto: ecc - Export additional helper functions
        crypto: ecc - Move ecc.h to include/crypto/internal
        crypto: engine - Add KPP Support to Crypto Engine
        crypto: api - Do not create test larvals if manager is disabled
        crypto: tcrypt - fix skcipher multi-buffer tests for 1420B blocks
        hwrng: s390 - replace snprintf in show functions with sysfs_emit
        crypto: octeontx2 - set assoclen in aead_do_fallback()
        crypto: ccp - Fix whitespace in sev_cmd_buffer_len()
        hwrng: mtk - Force runtime pm ops for sleep ops
        crypto: testmgr - Only disable migration in crypto_disable_simd_for_test()
        crypto: qat - share adf_enable_pf2vf_comms() from adf_pf2vf_msg.c
        crypto: qat - extract send and wait from adf_vf2pf_request_version()
        crypto: qat - add VF and PF wrappers to common send function
        ...
      bfc484fe
    • Linus Torvalds's avatar
      Merge tag 'audit-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit · d2fac0af
      Linus Torvalds authored
      Pull audit updates from Paul Moore:
       "Add some additional audit logging to capture the openat2() syscall
        open_how struct info.
      
        Previous variations of the open()/openat() syscalls allowed audit
        admins to inspect the syscall args to get the information contained in
        the new open_how struct used in openat2()"
      
      * tag 'audit-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit:
        audit: return early if the filter rule has a lower priority
        audit: add OPENAT2 record to list "how" info
        audit: add support for the openat2 syscall
        audit: replace magic audit syscall class numbers with macros
        lsm_audit: avoid overloading the "key" audit field
        audit: Convert to SPDX identifier
        audit: rename struct node to struct audit_node to prevent future name collisions
      d2fac0af
    • Linus Torvalds's avatar
      Merge tag 'selinux-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux · cdab10bf
      Linus Torvalds authored
      Pull selinux updates from Paul Moore:
      
       - Add LSM/SELinux/Smack controls and auditing for io-uring.
      
         As usual, the individual commit descriptions have more detail, but we
         were basically missing two things which we're adding here:
      
            + establishment of a proper audit context so that auditing of
              io-uring ops works similarly to how it does for syscalls (with
              some io-uring additions because io-uring ops are *not* syscalls)
      
            + additional LSM hooks to enable access control points for some of
              the more unusual io-uring features, e.g. credential overrides.
      
         The additional audit callouts and LSM hooks were done in conjunction
         with the io-uring folks, based on conversations and RFC patches
         earlier in the year.
      
       - Fixup the binder credential handling so that the proper credentials
         are used in the LSM hooks; the commit description and the code
         comment which is removed in these patches are helpful to understand
         the background and why this is the proper fix.
      
       - Enable SELinux genfscon policy support for securityfs, allowing
         improved SELinux filesystem labeling for other subsystems which make
         use of securityfs, e.g. IMA.
      
      * tag 'selinux-pr-20211101' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
        security: Return xattr name from security_dentry_init_security()
        selinux: fix a sock regression in selinux_ip_postroute_compat()
        binder: use cred instead of task for getsecid
        binder: use cred instead of task for selinux checks
        binder: use euid from cred instead of using task
        LSM: Avoid warnings about potentially unused hook variables
        selinux: fix all of the W=1 build warnings
        selinux: make better use of the nf_hook_state passed to the NF hooks
        selinux: fix race condition when computing ocontext SIDs
        selinux: remove unneeded ipv6 hook wrappers
        selinux: remove the SELinux lockdown implementation
        selinux: enable genfscon labeling for securityfs
        Smack: Brutalist io_uring support
        selinux: add support for the io_uring access controls
        lsm,io_uring: add LSM hooks to io_uring
        io_uring: convert io_uring to the secure anon inode interface
        fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
        audit: add filtering for io_uring records
        audit,io_uring,io-wq: add some basic audit support to io_uring
        audit: prepare audit_context for use in calling contexts beyond syscalls
      cdab10bf