1. 05 Oct, 2018 3 commits
    • Peter Huewe's avatar
      tpm: Make SECURITYFS a weak dependency · 2f7d8dbb
      Peter Huewe authored
      While having SECURITYFS enabled for the tpm subsystem is beneficial in
      most cases, it is not strictly necessary to have it enabled at all.
      Especially on platforms without any boot firmware integration of the TPM
      (e.g. raspberry pi) it does not add any value for the tpm subsystem,
      as there is no eventlog present.
      
      By turning it from 'select' to 'imply' it still gets selected per
      default, but enables users who want to save some kb of ram by turning
      SECURITYFS off.
      Signed-off-by: default avatarPeter Huewe <peterhuewe@gmx.de>
      Reviewed-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Signed-off-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      2f7d8dbb
    • Javier Martinez Canillas's avatar
      tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated · 0d6d0d62
      Javier Martinez Canillas authored
      For TPM 1.2 chips the system setup utility allows to set the TPM device in
      one of the following states:
      
        * Active: Security chip is functional
        * Inactive: Security chip is visible, but is not functional
        * Disabled: Security chip is hidden and is not functional
      
      When choosing the "Inactive" state, the TPM 1.2 device is enumerated and
      registered, but sending TPM commands fail with either TPM_DEACTIVATED or
      TPM_DISABLED depending if the firmware deactivated or disabled the TPM.
      
      Since these TPM 1.2 error codes don't have special treatment, inactivating
      the TPM leads to a very noisy kernel log buffer that shows messages like
      the following:
      
        tpm_tis 00:05: 1.2 TPM (device-id 0x0, rev-id 78)
        tpm tpm0: A TPM error (6) occurred attempting to read a pcr value
        tpm tpm0: TPM is disabled/deactivated (0x6)
        tpm tpm0: A TPM error (6) occurred attempting get random
        tpm tpm0: A TPM error (6) occurred attempting to read a pcr value
        ima: No TPM chip found, activating TPM-bypass! (rc=6)
        tpm tpm0: A TPM error (6) occurred attempting get random
        tpm tpm0: A TPM error (6) occurred attempting get random
        tpm tpm0: A TPM error (6) occurred attempting get random
        tpm tpm0: A TPM error (6) occurred attempting get random
      
      Let's just suppress error log messages for the TPM_{DEACTIVATED,DISABLED}
      return codes, since this is expected when the TPM 1.2 is set to Inactive.
      
      In that case the kernel log is cleaner and less confusing for users, i.e:
      
        tpm_tis 00:05: 1.2 TPM (device-id 0x0, rev-id 78)
        tpm tpm0: TPM is disabled/deactivated (0x6)
        ima: No TPM chip found, activating TPM-bypass! (rc=6)
      Reported-by: default avatarHans de Goede <hdegoede@redhat.com>
      Signed-off-by: default avatarJavier Martinez Canillas <javierm@redhat.com>
      Reviewed-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Signed-off-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      0d6d0d62
    • Jarkko Sakkinen's avatar
      tpm: fix response size validation in tpm_get_random() · 84b59f64
      Jarkko Sakkinen authored
      When checking whether the response is large enough to be able to contain
      the received random bytes in tpm_get_random() and tpm2_get_random(),
      they fail to take account the header size, which should be added to the
      minimum size. This commit fixes this issue.
      
      Cc: stable@vger.kernel.org
      Fixes: c659af78 ("tpm: Check size of response before accessing data")
      Signed-off-by: default avatarJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      84b59f64
  2. 28 Sep, 2018 1 commit
    • David Howells's avatar
      keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h · 2ecefa0a
      David Howells authored
      The keyctl_dh_params struct in uapi/linux/keyctl.h contains the symbol
      "private" which means that the header file will cause compilation failure
      if #included in to a C++ program.  Further, the patch that added the same
      struct to the keyutils package named the symbol "priv", not "private".
      
      The previous attempt to fix this (commit 8a2336e5) did so by simply
      renaming the kernel's copy of the field to dh_private, but this then breaks
      existing userspace and as such has been reverted (commit 8c0f9f5b).
      
      [And note, to those who think that wrapping the struct in extern "C" {}
       will work: it won't; that only changes how symbol names are presented to
       the assembler and linker.].
      
      Instead, insert an anonymous union around the "private" member and add a
      second member in there with the name "priv" to match the one in the
      keyutils package.  The "private" member is then wrapped in !__cplusplus
      cpp-conditionals to hide it from C++.
      
      Fixes: ddbb4114 ("KEYS: Add KEYCTL_DH_COMPUTE command")
      Fixes: 8a2336e5 ("uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name")
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Randy Dunlap <rdunlap@infradead.org>
      cc: Lubomir Rintel <lkundrak@v3.sk>
      cc: James Morris <jmorris@namei.org>
      cc: Mat Martineau <mathew.j.martineau@linux.intel.com>
      cc: Stephan Mueller <smueller@chronox.de>
      cc: Andrew Morton <akpm@linux-foundation.org>
      cc: Linus Torvalds <torvalds@linux-foundation.org>
      cc: stable@vger.kernel.org
      Signed-off-by: default avatarJames Morris <james.morris@microsoft.com>
      2ecefa0a
  3. 06 Sep, 2018 1 commit
  4. 04 Sep, 2018 2 commits
  5. 02 Sep, 2018 8 commits
    • Linus Torvalds's avatar
      Linux 4.19-rc2 · 57361846
      Linus Torvalds authored
      57361846
    • Linus Torvalds's avatar
      Merge tag 'devicetree-fixes-for-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux · fd6868d8
      Linus Torvalds authored
      Pull devicetree updates from Rob Herring:
       "A couple of new helper functions in preparation for some tree wide
        clean-ups.
      
        I'm sending these new helpers now for rc2 in order to simplify the
        dependencies on subsequent cleanups across the tree in 4.20"
      
      * tag 'devicetree-fixes-for-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux:
        of: Add device_type access helper functions
        of: add node name compare helper functions
        of: add helper to lookup compatible child node
      fd6868d8
    • Linus Torvalds's avatar
      Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc · a3ea9911
      Linus Torvalds authored
      Pull ARM SoC fixes from Olof Johansson:
       "First batch of fixes post-merge window:
      
         - A handful of devicetree changes for i.MX2{3,8} to change over to
           new panel bindings. The platforms were moved from legacy
           framebuffers to DRM and some development board panels hadn't yet
           been converted.
      
         - OMAP fixes related to ti-sysc driver conversion fallout, fixing
           some register offsets, no_console_suspend fixes, etc.
      
         - Droid4 changes to fix flaky eMMC probing and vibrator DTS mismerge.
      
         - Fixed 0755->0644 permissions on a newly added file.
      
         - Defconfig changes to make ARM Versatile more useful with QEMU
           (helps testing).
      
         - Enable defconfig options for new TI SoC platform that was merged
           this window (AM6)"
      
      * tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
        arm64: defconfig: Enable TI's AM6 SoC platform
        ARM: defconfig: Update the ARM Versatile defconfig
        ARM: dts: omap4-droid4: Fix emmc errors seen on some devices
        ARM: dts: Fix file permission for am335x-osd3358-sm-red.dts
        ARM: imx_v6_v7_defconfig: Select CONFIG_DRM_PANEL_SEIKO_43WVF1G
        ARM: mxs_defconfig: Select CONFIG_DRM_PANEL_SEIKO_43WVF1G
        ARM: dts: imx23-evk: Convert to the new display bindings
        ARM: dts: imx23-evk: Move regulators outside simple-bus
        ARM: dts: imx28-evk: Convert to the new display bindings
        ARM: dts: imx28-evk: Move regulators outside simple-bus
        Revert "ARM: dts: imx7d: Invert legacy PCI irq mapping"
        arm: dts: am4372: setup rtc as system-power-controller
        ARM: dts: omap4-droid4: fix vibrations on Droid 4
        bus: ti-sysc: Fix no_console_suspend handling
        bus: ti-sysc: Fix module register ioremap for larger offsets
        ARM: OMAP2+: Fix module address for modules using mpu_rt_idx
        ARM: OMAP2+: Fix null hwmod for ti-sysc debug
      a3ea9911
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 899ba795
      Linus Torvalds authored
      Pull x86 fixes from Thomas Gleixner:
       "Speculation:
      
         - Make the microcode check more robust
      
         - Make the L1TF memory limit depend on the internal cache physical
           address space and not on the CPUID advertised physical address
           space, which might be significantly smaller. This avoids disabling
           L1TF on machines which utilize the full physical address space.
      
         - Fix the GDT mapping for EFI calls on 32bit PTI
      
         - Fix the MCE nospec implementation to prevent #GP
      
        Fixes and robustness:
      
         - Use the proper operand order for LSL in the VDSO
      
         - Prevent NMI uaccess race against CR3 switching
      
         - Add a lockdep check to verify that text_mutex is held in
           text_poke() functions
      
         - Repair the fallout of giving native_restore_fl() a prototype
      
         - Prevent kernel memory dumps based on usermode RIP
      
         - Wipe KASAN shadow stack before rewinding the stack to prevent false
           positives
      
         - Move the AMS GOTO enforcement to the actual build stage to allow
           user API header extraction without a compiler
      
         - Fix a section mismatch introduced by the on demand VDSO mapping
           change
      
        Miscellaneous:
      
         - Trivial typo, GCC quirk removal and CC_SET/OUT() cleanups"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/pti: Fix section mismatch warning/error
        x86/vdso: Fix lsl operand order
        x86/mce: Fix set_mce_nospec() to avoid #GP fault
        x86/efi: Load fixmap GDT in efi_call_phys_epilog()
        x86/nmi: Fix NMI uaccess race against CR3 switching
        x86: Allow generating user-space headers without a compiler
        x86/dumpstack: Don't dump kernel memory based on usermode RIP
        x86/asm: Use CC_SET()/CC_OUT() in __gen_sigismember()
        x86/alternatives: Lockdep-enforce text_mutex in text_poke*()
        x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit()
        x86/irqflags: Mark native_restore_fl extern inline
        x86/build: Remove jump label quirk for GCC older than 4.5.2
        x86/Kconfig: Fix trivial typo
        x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
        x86/spectre: Add missing family 6 check to microcode check
      899ba795
    • Linus Torvalds's avatar
      Merge branch 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 1395d109
      Linus Torvalds authored
      Pull CPU hotplug fix from Thomas Gleixner:
       "Remove the stale skip_onerr member from the hotplug states"
      
      * 'smp-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        cpu/hotplug: Remove skip_onerr field from cpuhp_step structure
      1395d109
    • Linus Torvalds's avatar
      Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 501dacbc
      Linus Torvalds authored
      Pull core fixes from Thomas Gleixner:
       "A small set of updates for core code:
      
         - Prevent tracing in functions which are called from trace patching
           via stop_machine() to prevent executing half patched function trace
           entries.
      
         - Remove old GCC workarounds
      
         - Remove pointless includes of notifier.h"
      
      * 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        objtool: Remove workaround for unreachable warnings from old GCC
        notifier: Remove notifier header file wherever not used
        watchdog: Mark watchdog touch functions as notrace
      501dacbc
    • Randy Dunlap's avatar
      x86/pti: Fix section mismatch warning/error · ff924c5a
      Randy Dunlap authored
      Fix the section mismatch warning in arch/x86/mm/pti.c:
      
      WARNING: vmlinux.o(.text+0x6972a): Section mismatch in reference from the function pti_clone_pgtable() to the function .init.text:pti_user_pagetable_walk_pte()
      The function pti_clone_pgtable() references
      the function __init pti_user_pagetable_walk_pte().
      This is often because pti_clone_pgtable lacks a __init
      annotation or the annotation of pti_user_pagetable_walk_pte is wrong.
      FATAL: modpost: Section mismatches detected.
      
      Fixes: 85900ea5 ("x86/pti: Map the vsyscall page if needed")
      Reported-by: default avatarkbuild test robot <lkp@intel.com>
      Signed-off-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Andy Lutomirski <luto@kernel.org>
      Link: https://lkml.kernel.org/r/43a6d6a3-d69d-5eda-da09-0b1c88215a2a@infradead.org
      
      ff924c5a
    • Olof Johansson's avatar
      Merge tag 'omap-for-v4.19/fixes-v2-signed' of... · a72b44a8
      Olof Johansson authored
      Merge tag 'omap-for-v4.19/fixes-v2-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes
      
      Fixes for omap variants against v4.19-rc1
      
      These are mostly fixes related to using ti-sysc interconnect target module
      driver for accessing right register offsets for sgx and cpsw and for
      no_console_suspend regression.
      
      There is also a droid4 emmc fix where emmc may not get detected for some
      models, and vibrator dts mismerge fix.
      
      And we have a file permission fix for am335x-osd3358-sm-red.dts that
      just got added. And we must tag RTC as system-power-controller for
      am437x for PMIC to shut down during poweroff.
      
      * tag 'omap-for-v4.19/fixes-v2-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
        ARM: dts: omap4-droid4: Fix emmc errors seen on some devices
        ARM: dts: Fix file permission for am335x-osd3358-sm-red.dts
        arm: dts: am4372: setup rtc as system-power-controller
        ARM: dts: omap4-droid4: fix vibrations on Droid 4
        bus: ti-sysc: Fix no_console_suspend handling
        bus: ti-sysc: Fix module register ioremap for larger offsets
        ARM: OMAP2+: Fix module address for modules using mpu_rt_idx
        ARM: OMAP2+: Fix null hwmod for ti-sysc debug
      Signed-off-by: default avatarOlof Johansson <olof@lixom.net>
      a72b44a8
  6. 01 Sep, 2018 4 commits
  7. 31 Aug, 2018 15 commits
  8. 30 Aug, 2018 6 commits