- 07 Jun, 2020 10 commits
-
-
Linus Torvalds authored
Merge tag 'apparmor-pr-2020-06-07' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull apparmor updates from John Johansen: "Features: - Replace zero-length array with flexible-array - add a valid state flags check - add consistency check between state and dfa diff encode flags - add apparmor subdir to proc attr interface - fail unpack if profile mode is unknown - add outofband transition and use it in xattr match - ensure that dfa state tables have entries Cleanups: - Use true and false for bool variable - Remove semicolon - Clean code by removing redundant instructions - Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint() - remove duplicate check of xattrs on profile attachment - remove useless aafs_create_symlink Bug fixes: - Fix memory leak of profile proxy - fix introspection of of task mode for unconfined tasks - fix nnp subset test for unconfined - check/put label on apparmor_sk_clone_security()" * tag 'apparmor-pr-2020-06-07' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: apparmor: Fix memory leak of profile proxy apparmor: fix introspection of of task mode for unconfined tasks apparmor: check/put label on apparmor_sk_clone_security() apparmor: Use true and false for bool variable security/apparmor/label.c: Clean code by removing redundant instructions apparmor: Replace zero-length array with flexible-array apparmor: ensure that dfa state tables have entries apparmor: remove duplicate check of xattrs on profile attachment. apparmor: add outofband transition and use it in xattr match apparmor: fail unpack if profile mode is unknown apparmor: fix nnp subset test for unconfined apparmor: remove useless aafs_create_symlink apparmor: add proc subdir to attrs apparmor: add consistency check between state and dfa diff encode flags apparmor: add a valid state flags check AppArmor: Remove semicolon apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
-
Roberto Sassu authored
Commit 6cc7c266 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that the digest can be recalculated for the boot_aggregate measurement entry if the 'd' template field has been requested. For the 'd' field, only SHA1 and MD5 digests are accepted. Given that ima_eventdigest_init() does not have the __init annotation, all functions called should not have it. This patch removes __init from ima_pcrread(). Cc: stable@vger.kernel.org Fixes: 6cc7c266 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()") Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
John Johansen authored
When the proxy isn't replaced and the profile is removed, the proxy is being leaked resulting in a kmemleak check message of unreferenced object 0xffff888077a3a490 (size 16): comm "apparmor_parser", pid 128041, jiffies 4322684109 (age 1097.028s) hex dump (first 16 bytes): 03 00 00 00 00 00 00 00 b0 92 fd 4b 81 88 ff ff ...........K.... backtrace: [<0000000084d5daf2>] aa_alloc_proxy+0x58/0xe0 [<00000000ecc0e21a>] aa_alloc_profile+0x159/0x1a0 [<000000004cc9ce15>] unpack_profile+0x275/0x1c40 [<000000007332b3ca>] aa_unpack+0x1e7/0x7e0 [<00000000e25e31bd>] aa_replace_profiles+0x18a/0x1d10 [<00000000350d9415>] policy_update+0x237/0x650 [<000000003fbf934e>] profile_load+0x122/0x160 [<0000000047f7b781>] vfs_write+0x139/0x290 [<000000008ad12358>] ksys_write+0xcd/0x170 [<000000001a9daa7b>] do_syscall_64+0x70/0x310 [<00000000b9efb0cf>] entry_SYSCALL_64_after_hwframe+0x49/0xb3 Make sure to cleanup the profile's embedded label which will result on the proxy being properly freed. Fixes: 637f688d ("apparmor: switch from profiles to using labels on contexts") Signed-off-by: John Johansen <john.johansen@canonical.com>
-
John Johansen authored
Fix two issues with introspecting the task mode. 1. If a task is attached to a unconfined profile that is not the ns->unconfined profile then. Mode the mode is always reported as - $ ps -Z LABEL PID TTY TIME CMD unconfined 1287 pts/0 00:00:01 bash test (-) 1892 pts/0 00:00:00 ps instead of the correct value of (unconfined) as shown below $ ps -Z LABEL PID TTY TIME CMD unconfined 2483 pts/0 00:00:01 bash test (unconfined) 3591 pts/0 00:00:00 ps 2. if a task is confined by a stack of profiles that are unconfined the output of label mode is again the incorrect value of (-) like above, instead of (unconfined). This is because the visibile profile count increment is skipped by the special casing of unconfined. Fixes: f1bd9041 ("apparmor: add the base fns() for domain labels") Signed-off-by: John Johansen <john.johansen@canonical.com>
-
Mauricio Faria de Oliveira authored
Currently apparmor_sk_clone_security() does not check for existing label/peer in the 'new' struct sock; it just overwrites it, if any (with another reference to the label of the source sock.) static void apparmor_sk_clone_security(const struct sock *sk, struct sock *newsk) { struct aa_sk_ctx *ctx = SK_CTX(sk); struct aa_sk_ctx *new = SK_CTX(newsk); new->label = aa_get_label(ctx->label); new->peer = aa_get_label(ctx->peer); } This might leak label references, which might overflow under load. Thus, check for and put labels, to prevent such errors. Note this is similarly done on: static int apparmor_socket_post_create(struct socket *sock, ...) ... if (sock->sk) { struct aa_sk_ctx *ctx = SK_CTX(sock->sk); aa_put_label(ctx->label); ctx->label = aa_get_label(label); } ... Context: ------- The label reference count leak is observed if apparmor_sock_graft() is called previously: this sets the 'ctx->label' field by getting a reference to the current label (later overwritten, without put.) static void apparmor_sock_graft(struct sock *sk, ...) { struct aa_sk_ctx *ctx = SK_CTX(sk); if (!ctx->label) ctx->label = aa_get_current_label(); } And that is the case on crypto/af_alg.c:af_alg_accept(): int af_alg_accept(struct sock *sk, struct socket *newsock, ...) ... struct sock *sk2; ... sk2 = sk_alloc(...); ... security_sock_graft(sk2, newsock); security_sk_clone(sk, sk2); ... Apparently both calls are done on their own right, especially for other LSMs, being introduced in 2010/2014, before apparmor socket mediation in 2017 (see commits [1,2,3,4]). So, it looks OK there! Let's fix the reference leak in apparmor. Test-case: --------- Exercise that code path enough to overflow label reference count. $ cat aa-refcnt-af_alg.c #include <stdio.h> #include <string.h> #include <unistd.h> #include <sys/socket.h> #include <linux/if_alg.h> int main() { int sockfd; struct sockaddr_alg sa; /* Setup the crypto API socket */ sockfd = socket(AF_ALG, SOCK_SEQPACKET, 0); if (sockfd < 0) { perror("socket"); return 1; } memset(&sa, 0, sizeof(sa)); sa.salg_family = AF_ALG; strcpy((char *) sa.salg_type, "rng"); strcpy((char *) sa.salg_name, "stdrng"); if (bind(sockfd, (struct sockaddr *) &sa, sizeof(sa)) < 0) { perror("bind"); return 1; } /* Accept a "connection" and close it; repeat. */ while (!close(accept(sockfd, NULL, 0))); return 0; } $ gcc -o aa-refcnt-af_alg aa-refcnt-af_alg.c $ ./aa-refcnt-af_alg <a few hours later> [ 9928.475953] refcount_t overflow at apparmor_sk_clone_security+0x37/0x70 in aa-refcnt-af_alg[1322], uid/euid: 1000/1000 ... [ 9928.507443] RIP: 0010:apparmor_sk_clone_security+0x37/0x70 ... [ 9928.514286] security_sk_clone+0x33/0x50 [ 9928.514807] af_alg_accept+0x81/0x1c0 [af_alg] [ 9928.516091] alg_accept+0x15/0x20 [af_alg] [ 9928.516682] SYSC_accept4+0xff/0x210 [ 9928.519609] SyS_accept+0x10/0x20 [ 9928.520190] do_syscall_64+0x73/0x130 [ 9928.520808] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Note that other messages may be seen, not just overflow, depending on the value being incremented by kref_get(); on another run: [ 7273.182666] refcount_t: saturated; leaking memory. ... [ 7273.185789] refcount_t: underflow; use-after-free. Kprobes: ------- Using kprobe events to monitor sk -> sk_security -> label -> count (kref): Original v5.7 (one reference leak every iteration) ... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd2 ... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4 ... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd3 ... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd5 ... (af_alg_accept+0x0/0x1c0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd4 ... (af_alg_release_parent+0x0/0xd0) label=0xffff8a0f36c25eb0 label_refcnt=0x11fd6 Patched v5.7 (zero reference leak per iteration) ... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593 ... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594 ... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593 ... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594 ... (af_alg_accept+0x0/0x1c0) label=0xffff9ff376c25eb0 label_refcnt=0x593 ... (af_alg_release_parent+0x0/0xd0) label=0xffff9ff376c25eb0 label_refcnt=0x594 Commits: ------- [1] commit 507cad35 ("crypto: af_alg - Make sure sk_security is initialized on accept()ed sockets") [2] commit 4c63f83c ("crypto: af_alg - properly label AF_ALG socket") [3] commit 2acce6aa ("Networking") a.k.a ("crypto: af_alg - Avoid sock_graft call warning) [4] commit 56974a6f ("apparmor: add base infastructure for socket mediation") Fixes: 56974a6f ("apparmor: add base infastructure for socket mediation") Reported-by: Brian Moyles <bmoyles@netflix.com> Signed-off-by: Mauricio Faria de Oliveira <mfo@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-miscLinus Torvalds authored
Pull char/misc driver updates from Greg KH: "Here is the large set of char/misc driver patches for 5.8-rc1 Included in here are: - habanalabs driver updates, loads - mhi bus driver updates - extcon driver updates - clk driver updates (approved by the clock maintainer) - firmware driver updates - fpga driver updates - gnss driver updates - coresight driver updates - interconnect driver updates - parport driver updates (it's still alive!) - nvmem driver updates - soundwire driver updates - visorbus driver updates - w1 driver updates - various misc driver updates In short, loads of different driver subsystem updates along with the drivers as well. All have been in linux-next for a while with no reported issues" * tag 'char-misc-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (233 commits) habanalabs: correctly cast u64 to void* habanalabs: initialize variable to default value extcon: arizona: Fix runtime PM imbalance on error extcon: max14577: Add proper dt-compatible strings extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' extcon: remove redundant assignment to variable idx w1: omap-hdq: print dev_err if irq flags are not cleared w1: omap-hdq: fix interrupt handling which did show spurious timeouts w1: omap-hdq: fix return value to be -1 if there is a timeout w1: omap-hdq: cleanup to add missing newline for some dev_dbg /dev/mem: Revoke mappings when a driver claims the region misc: xilinx-sdfec: convert get_user_pages() --> pin_user_pages() misc: xilinx-sdfec: cleanup return value in xsdfec_table_write() misc: xilinx-sdfec: improve get_user_pages_fast() error handling nvmem: qfprom: remove incorrect write support habanalabs: handle MMU cache invalidation timeout habanalabs: don't allow hard reset with open processes habanalabs: GAUDI does not support soft-reset habanalabs: add print for soft reset due to event habanalabs: improve MMU cache invalidation code ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-coreLinus Torvalds authored
Pull driver core updates from Greg KH: "Here is the set of driver core patches for 5.8-rc1. Not all that huge this release, just a number of small fixes and updates: - software node fixes - kobject now sends KOBJ_REMOVE when it is removed from sysfs, not when it is removed from memory (which could come much later) - device link additions and fixes based on testing on more devices - firmware core cleanups - other minor changes, full details in the shortlog All have been in linux-next for a while with no reported issues" * tag 'driver-core-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (23 commits) driver core: Update device link status correctly for SYNC_STATE_ONLY links firmware_loader: change enum fw_opt to u32 software node: implement software_node_unregister() kobject: send KOBJ_REMOVE uevent when the object is removed from sysfs driver core: Remove unnecessary is_fwnode_dev variable in device_add() drivers property: When no children in primary, try secondary driver core: platform: Fix spelling errors in platform.c driver core: Remove check in driver_deferred_probe_force_trigger() of: platform: Batch fwnode parsing when adding all top level devices driver core: fw_devlink: Add support for batching fwnode parsing driver core: Look for waiting consumers only for a fwnode's primary device driver core: Move code to the right part of the file Revert "Revert "driver core: Set fw_devlink to "permissive" behavior by default"" drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish firmware_loader: move fw_fallback_config to a private kernel symbol namespace driver core: Add missing '\n' in log messages driver/base/soc: Use kobj_to_dev() API Add documentation on meaning of -EPROBE_DEFER driver core: platform: remove redundant assignment to variable ret debugfs: Use the correct style for SPDX License Identifier ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/stagingLinus Torvalds authored
Pull staging/IIO driver updates from Greg KH: "Here is the large set of staging and IIO driver changes for 5.8-rc1 Nothing major, but a lot of new IIO drivers are included in here, along with other core iio cleanups and changes. On the staging driver front, again, nothing noticable. No new deletions or additions, just a ton of tiny cleanups all over the tree done by a lot of different people. Most coding style, but many actual real fixes and cleanups that are nice to see. All of these have been in linux-next for a while with no reported issues" * tag 'staging-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (618 commits) staging: rtl8723bs: Use common packet header constants staging: sm750fb: Add names to proc_setBLANK args staging: most: usb: init return value in default path of switch/case expression staging: vchiq: Get rid of VCHIQ_SERVICE_OPENEND callback reason staging: vchiq: move vchiq_release_message() into vchiq staging: vchi: Get rid of C++ guards staging: vchi: Get rid of not implemented function declarations staging: vchi: Get rid of vchiq_status_to_vchi() staging: vchi: Get rid of vchi_service_set_option() staging: vchi: Merge vchi_msg_queue() into vchi_queue_kernel_message() staging: vchiq: Move copy callback handling into vchiq staging: vchi: Get rid of vchi_queue_user_message() staging: vchi: Get rid of vchi_service_destroy() staging: most: usb: use function sysfs_streq staging: most: usb: add missing put_device calls staging: most: usb: use correct error codes staging: most: usb: replace code to calculate array index staging: most: usb: don't use error path to exit function on success staging: most: usb: move allocation of URB out of critical section staging: most: usb: return 0 instead of variable ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/ttyLinus Torvalds authored
Pull tty/serial driver updates from Greg KH: "Here is the tty and serial driver updates for 5.8-rc1 Nothing huge at all, just a lot of little serial driver fixes, updates for new devices and features, and other small things. Full details are in the shortlog. All of these have been in linux-next with no issues for a while" * tag 'tty-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (67 commits) tty: serial: qcom_geni_serial: Add 51.2MHz frequency support tty: serial: imx: clear Ageing Timer Interrupt in handler serial: 8250_fintek: Add F81966 Support sc16is7xx: Add flag to activate IrDA mode dt-bindings: sc16is7xx: Add flag to activate IrDA mode serial: 8250: Support rs485 bus termination GPIO serial: 8520_port: Fix function param documentation dt-bindings: serial: Add binding for rs485 bus termination GPIO vt: keyboard: avoid signed integer overflow in k_ascii serial: 8250: Enable 16550A variants by default on non-x86 tty: hvc_console, fix crashes on parallel open/close serial: imx: Initialize lock for non-registered console sc16is7xx: Read the LSR register for basic device presence check sc16is7xx: Allow sharing the IRQ line sc16is7xx: Use threaded IRQ sc16is7xx: Always use falling edge IRQ tty: n_gsm: Fix bogus i++ in gsm_data_kick tty: n_gsm: Remove unnecessary test in gsm_print_packet() serial: stm32: add no_console_suspend support tty: serial: fsl_lpuart: Use __maybe_unused instead of #if CONFIG_PM_SLEEP ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usbLinus Torvalds authored
Pull USB/PHY driver updates from Greg KH: "Here are the large set of USB and PHY driver updates for 5.8-rc1. Nothing huge, just lots of little things: - USB gadget fixes and additions all over the place - new PHY drivers - PHY driver fixes and updates - XHCI driver updates - musb driver updates - more USB-serial driver ids added - various USB quirks added - thunderbolt minor updates and fixes - typec updates and additions All of these have been in linux-next for a while with no reported issues" * tag 'usb-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (245 commits) usb: dwc3: meson-g12a: fix USB2 PHY initialization on G12A and A1 SoCs usb: dwc3: meson-g12a: fix error path when fetching the reset line fails Revert "dt-bindings: usb: qcom,dwc3: Convert USB DWC3 bindings" Revert "dt-bindings: usb: qcom,dwc3: Add compatible for SC7180" Revert "dt-bindings: usb: qcom,dwc3: Introduce interconnect properties for Qualcomm DWC3 driver" USB: serial: ch341: fix lockup of devices with limited prescaler USB: serial: ch341: add basis for quirk detection CDC-ACM: heed quirk also in error handling USB: serial: option: add Telit LE910C1-EUX compositions usb: musb: Fix runtime PM imbalance on error usb: musb: jz4740: Prevent lockup when CONFIG_SMP is set usb: musb: mediatek: add reset FADDR to zero in reset interrupt handle usb: musb: use true for 'use_dma' usb: musb: start session in resume for host port usb: musb: return -ESHUTDOWN in urb when three-strikes error happened USB: serial: qcserial: add DW5816e QDL support thunderbolt: Add trivial .shutdown usb: dwc3: keystone: Turn on USB3 PHY before controller dt-bindings: usb: ti,keystone-dwc3.yaml: Add USB3.0 PHY property dt-bindings: usb: convert keystone-usb.txt to YAML ...
-
- 06 Jun, 2020 30 commits
-
-
git://git.libc.org/linux-shLinus Torvalds authored
Pull arch/sh updates from Rich Felker: "Fix for arch/sh build regression with newer binutils, removal of SH5, fixes for module exports, and misc cleanup" * tag 'sh-for-5.8' of git://git.libc.org/linux-sh: sh: remove sh5 support sh: add missing EXPORT_SYMBOL() for __delay sh: Convert ins[bwl]/outs[bwl] macros to inline functions sh: Convert iounmap() macros to inline functions sh: Add missing DECLARE_EXPORT() for __ashiftrt_r4_xx sh: configs: Cleanup old Kconfig IO scheduler options arch/sh: vmlinux.scr sh: Replace CONFIG_MTD_M25P80 with CONFIG_MTD_SPI_NOR in sh7757lcr_defconfig sh: sh4a: Bring back tmu3_device early device
-
git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuildLinus Torvalds authored
Pull Kconfig updates from Masahiro Yamada: - allow only 'config', 'comment', 'if' statements inside 'choice' since the other statements are not sensible inside 'choice' and should be grammatical error - support LMC_KEEP env variable for 'make local{yes,mod}config' to preserve some CONFIG options - deprecate 'make kvmconfig' and 'make xenconfig' in favor of 'make kvm_guest.config' and 'make xen.config' - code cleanups * tag 'kconfig-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: kconfig: announce removal of 'kvmconfig' and 'xenconfig' shorthands streamline_config.pl: add LMC_KEEP to preserve some kconfigs kconfig: allow only 'config', 'comment', and 'if' inside 'choice' kconfig: tests: remove randconfig test for choice in choice kconfig: do not assign a variable in the return statement kconfig: do not use OR-assignment for zero-cleared structure
-
git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuildLinus Torvalds authored
Pull Kbuild updates from Masahiro Yamada: - fix warnings in 'make clean' for ARCH=um, hexagon, h8300, unicore32 - ensure to rebuild all objects when the compiler is upgraded - exclude system headers from dependency tracking and fixdep processing - fix potential bit-size mismatch between the kernel and BPF user-mode helper - add the new syntax 'userprogs' to build user-space programs for the target architecture (the same arch as the kernel) - compile user-space sample code under samples/ for the target arch instead of the host arch - make headers_install fail if a CONFIG option is leaked to user-space - sanitize the output format of scripts/checkstack.pl - handle ARM 'push' instruction in scripts/checkstack.pl - error out before modpost if a module name conflict is found - error out when multiple directories are passed to M= because this feature is broken for a long time - add CONFIG_DEBUG_INFO_COMPRESSED to support compressed debug info - a lot of cleanups of modpost - dump vmlinux symbols out into vmlinux.symvers, and reuse it in the second pass of modpost - do not run the second pass of modpost if nothing in modules is updated - install modules.builtin(.modinfo) by 'make install' as well as by 'make modules_install' because it is useful even when CONFIG_MODULES=n - add new command line variables, GZIP, BZIP2, LZOP, LZMA, LZ4, and XZ to allow users to use alternatives such as pigz, pbzip2, etc. * tag 'kbuild-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: (96 commits) kbuild: add variables for compression tools Makefile: install modules.builtin even if CONFIG_MODULES=n mksysmap: Fix the mismatch of '.L' symbols in System.map kbuild: doc: rename LDFLAGS to KBUILD_LDFLAGS modpost: change elf_info->size to size_t modpost: remove is_vmlinux() helper modpost: strip .o from modname before calling new_module() modpost: set have_vmlinux in new_module() modpost: remove mod->skip struct member modpost: add mod->is_vmlinux struct member modpost: remove is_vmlinux() call in check_for_{gpl_usage,unused}() modpost: remove mod->is_dot_o struct member modpost: move -d option in scripts/Makefile.modpost modpost: remove -s option modpost: remove get_next_text() and make {grab,release_}file static modpost: use read_text_file() and get_line() for reading text files modpost: avoid false-positive file open error modpost: fix potential mmap'ed file overrun in get_src_version() modpost: add read_text_file() and get_line() helpers modpost: do not call get_modinfo() for vmlinux(.o) ...
-
git://git.infradead.org/users/hch/dma-mappingLinus Torvalds authored
Pull dma-mapping helpers from Christoph Hellwig: "These were in a separate stable branch so that various media and drm trees could pull the in for bug fixes, but looking at linux-next that hasn't actually happened yet. Still sending the APIs to you in the hope that these bug fixes get picked up for 5.8 in one way or another. Summary: - add DMA mapping helpers for struct sg_table (Marek Szyprowski)" * tag 'dma-mapping-5.8-2' of git://git.infradead.org/users/hch/dma-mapping: iommu: add generic helper for mapping sgtable objects scatterlist: add generic wrappers for iterating over sgtable objects dma-mapping: add generic helpers for mapping sgtable objects
-
git://git.infradead.org/users/hch/dma-mappingLinus Torvalds authored
Pull dma-mapping updates from Christoph Hellwig: - enhance the dma pool to allow atomic allocation on x86 with AMD SEV (David Rientjes) - two small cleanups (Jason Yan and Peter Collingbourne) * tag 'dma-mapping-5.8' of git://git.infradead.org/users/hch/dma-mapping: dma-contiguous: fix comment for dma_release_from_contiguous dma-pool: scale the default DMA coherent pool size with memory capacity x86/mm: unencrypted non-blocking DMA allocations use coherent pools dma-pool: add pool sizes to debugfs dma-direct: atomic allocations must come from atomic coherent pools dma-pool: dynamically expanding atomic pools dma-pool: add additional coherent pools to map to gfp mask dma-remap: separate DMA atomic pools from direct remap code dma-debug: make __dma_entry_alloc_check_leak() static
-
git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/stagingLinus Torvalds authored
Pull dmi update from Jean Delvare. * 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging: firmware/dmi: Report DMI Bios & EC firmware release
-
git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pciLinus Torvalds authored
Pull PCI updates from Bjorn Helgaas: "Enumeration: - Program MPS for RCiEP devices (Ashok Raj) - Fix pci_register_host_bridge() device_register() error handling (Rob Herring) - Fix pci_host_bridge struct device release/free handling (Rob Herring) Resource management: - Allow resizing BARs for devices on root bus (Ard Biesheuvel) Power management: - Reduce Thunderbolt resume time by working around devices that don't support DLL Link Active reporting (Mika Westerberg) - Work around a Pericom USB controller OHCI/EHCI PME# defect (Kai-Heng Feng) Virtualization: - Add ACS quirk for Intel Root Complex Integrated Endpoints (Ashok Raj) - Avoid FLR for AMD Starship USB 3.0 (Kevin Buettner) - Avoid FLR for AMD Matisse HD Audio & USB 3.0 (Marcos Scriven) Error handling: - Use only _OSC (not HEST FIRMWARE_FIRST) to determine AER ownership (Alexandru Gagniuc, Kuppuswamy Sathyanarayanan) - Reduce verbosity by logging only ACPI_NOTIFY_DISCONNECT_RECOVER events (Kuppuswamy Sathyanarayanan) - Don't enable AER by default in Kconfig (Bjorn Helgaas) Peer-to-peer DMA: - Add AMD Zen Raven and Renoir Root Ports to whitelist (Alex Deucher) ASPM: - Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges (Kai-Heng Feng) Endpoint framework: - Fix DMA channel release in test (Kunihiko Hayashi) - Add page size as argument to pci_epc_mem_init() (Lad Prabhakar) - Add support to handle multiple base for mapping outbound memory (Lad Prabhakar) Generic host bridge driver: - Support building as module (Rob Herring) - Eliminate pci_host_common_probe wrappers (Rob Herring) Amlogic Meson PCIe controller driver: - Don't use FAST_LINK_MODE to set up link (Marc Zyngier) Broadcom STB PCIe controller driver: - Disable ASPM L0s if 'aspm-no-l0s' in DT (Jim Quinlan) - Fix clk_put() error (Jim Quinlan) - Fix window register offset (Jim Quinlan) - Assert fundamental reset on initialization (Nicolas Saenz Julienne) - Add notify xHCI reset property (Nicolas Saenz Julienne) - Add init routine for Raspberry Pi 4 VL805 USB controller (Nicolas Saenz Julienne) - Sync with Raspberry Pi 4 firmware for VL805 initialization (Nicolas Saenz Julienne) Cadence PCIe controller driver: - Remove "cdns,max-outbound-regions" DT property (replaced by "ranges") (Kishon Vijay Abraham I) - Read 32-bit (not 16-bit) Vendor ID/Device ID property from DT (Kishon Vijay Abraham I) Marvell Aardvark PCIe controller driver: - Improve link training (Marek Behún) - Add PHY support (Marek Behún) - Add "phys", "max-link-speed", "reset-gpios" to dt-binding (Marek Behún) - Train link immediately after enabling training to work around detection issues with some cards (Pali Rohár) - Issue PERST via GPIO to work around detection issues (Pali Rohár) - Don't blindly enable ASPM L0s (Pali Rohár) - Replace custom macros by standard linux/pci_regs.h macros (Pali Rohár) Microsoft Hyper-V host bridge driver: - Fix probe failure path to release resource (Wei Hu) - Retry PCI bus D0 entry on invalid device state for kdump (Wei Hu) Renesas R-Car PCIe controller driver: - Fix incorrect programming of OB windows (Andrew Murray) - Add suspend/resume (Kazufumi Ikeda) - Rename pcie-rcar.c to pcie-rcar-host.c (Lad Prabhakar) - Add endpoint controller driver (Lad Prabhakar) - Fix PCIEPAMR mask calculation (Lad Prabhakar) - Add r8a77961 to DT binding (Yoshihiro Shimoda) Socionext UniPhier Pro5 controller driver: - Add endpoint controller driver (Kunihiko Hayashi) Synopsys DesignWare PCIe controller driver: - Program outbound ATU upper limit register (Alan Mikhak) - Fix inner MSI IRQ domain registration (Marc Zyngier) Miscellaneous: - Check for platform_get_irq() failure consistently (negative return means failure) (Aman Sharma) - Fix several runtime PM get/put imbalances (Dinghao Liu) - Use flexible-array and struct_size() helpers for code cleanup (Gustavo A. R. Silva) - Update & fix issues in bridge emulation of PCIe registers (Jon Derrick) - Add macros for bridge window names (PCI_BRIDGE_IO_WINDOW, etc) (Krzysztof Wilczyński) - Work around Intel PCH MROMs that have invalid BARs (Xiaochun Lee)" * tag 'pci-v5.8-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: (100 commits) PCI: uniphier: Add Socionext UniPhier Pro5 PCIe endpoint controller driver PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints PCI/DPC: Print IRQ number used by port PCI/AER: Use "aer" variable for capability offset PCI/AER: Remove redundant dev->aer_cap checks PCI/AER: Remove redundant pci_is_pcie() checks PCI/AER: Remove HEST/FIRMWARE_FIRST parsing for AER ownership PCI: tegra: Fix runtime PM imbalance on error PCI: vmd: Filter resource type bits from shadow register PCI: tegra194: Fix runtime PM imbalance on error dt-bindings: PCI: Add UniPhier PCIe endpoint controller description PCI: hv: Use struct_size() helper PCI: Rename _DSM constants to align with spec PCI: Avoid FLR for AMD Starship USB 3.0 PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 x86/PCI: Drop unused xen_register_pirq() gsi_override parameter PCI: dwc: Use private data pointer of "struct irq_domain" to get pcie_port PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link PCI: dwc: Fix inner MSI IRQ domain registration PCI: dwc: pci-dra7xx: Use devm_platform_ioremap_resource_byname() ...
-
Zou Wei authored
Fixes coccicheck warning: fs/hpfs/buffer.c:56:2-3: Unneeded semicolon Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Zou Wei <zou_wei@huawei.com> Signed-off-by: Mikulas Patocka <mikulas@twibright.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/wqLinus Torvalds authored
Pull workqueue updates from Tejun Heo: "Mostly cleanups and other trivial changes. The only interesting change is Sebastian's rcuwait conversion for RT" * 'for-5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: workqueue: use BUILD_BUG_ON() for compile time test instead of WARN_ON() workqueue: fix a piece of comment about reserved bits for work flags workqueue: remove useless unlock() and lock() in series workqueue: void unneeded requeuing the pwq in rescuer thread workqueue: Convert the pool::lock and wq_mayday_lock to raw_spinlock_t workqueue: Use rcuwait for wq_manager_wait workqueue: Remove unnecessary kfree() call in rcu_free_wq() workqueue: Fix an use after free in init_rescuer() workqueue: Use IS_ERR and PTR_ERR instead of PTR_ERR_OR_ZERO.
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroupLinus Torvalds authored
Pull cgroup updates from Tejun Heo: "Just two patches: one to add system-level cpu.stat to the root cgroup for convenience and a trivial comment update" * 'for-5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: cgroup: add cpu.stat file to root cgroup cgroup: Remove stale comments
-
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrityLinus Torvalds authored
Pull integrity updates from Mimi Zohar: "The main changes are extending the TPM 2.0 PCR banks with bank specific file hashes, calculating the "boot_aggregate" based on other TPM PCR banks, using the default IMA hash algorithm, instead of SHA1, as the basis for the cache hash table key, and preventing the mprotect syscall to circumvent an IMA mmap appraise policy rule. - In preparation for extending TPM 2.0 PCR banks with bank specific digests, commit 0b6cf6b9 ("tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()") modified tpm_pcr_extend(). The original SHA1 file digests were padded/truncated, before being extended into the other TPM PCR banks. This pull request calculates and extends the TPM PCR banks with bank specific file hashes completing the above change. - The "boot_aggregate", the first IMA measurement list record, is the "trusted boot" link between the pre-boot environment and the running OS. With TPM 2.0, the "boot_aggregate" record is not limited to being based on the SHA1 TPM PCR bank, but can be calculated based on any enabled bank, assuming the hash algorithm is also enabled in the kernel. Other changes include the following and five other bug fixes/code clean up: - supporting both a SHA1 and a larger "boot_aggregate" digest in a custom template format containing both the the SHA1 ('d') and larger digests ('d-ng') fields. - Initial hash table key fix, but additional changes would be good" * tag 'integrity-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: ima: Directly free *entry in ima_alloc_init_template() if digests is NULL ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() ima: Directly assign the ima_default_policy pointer to ima_rules ima: verify mprotect change is consistent with mmap policy evm: Fix possible memory leak in evm_calc_hmac_or_hash() ima: Set again build_ima_appraise variable ima: Remove redundant policy rule set in add_rules() ima: Fix ima digest hash table key calculation ima: Use ima_hash_algo for collision detection in the measurement list ima: Calculate and extend PCR with digests in ima_template_entry ima: Allocate and initialize tfm for each PCR bank ima: Switch to dynamically allocated buffer for template digests ima: Store template digest directly in ima_template_entry ima: Evaluate error in init_ima() ima: Switch to ima_hash_algo for boot aggregate
-
Denis Efremov authored
Allow user to use alternative implementations of compression tools, such as pigz, pbzip2, pxz. For example, multi-threaded tools to speed up the build: $ make GZIP=pigz BZIP2=pbzip2 Variables _GZIP, _BZIP2, _LZOP are used internally because original env vars are reserved by the tools. The use of GZIP in gzip tool is obsolete since 2015. However, alternative implementations (e.g., pigz) still rely on it. BZIP2, BZIP, LZOP vars are not obsolescent. The credit goes to @grsecurity. As a sidenote, for multi-threaded lzma, xz compression one can use: $ export XZ_OPT="--threads=0" Signed-off-by: Denis Efremov <efremov@linux.com> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Jonas Zeiger authored
Many applications check for available kernel features via: - /proc/modules (loaded modules, present if CONFIG_MODULES=y) - $(MODLIB)/modules.builtin (builtin modules) They fail to detect features if the kernel was built with CONFIG_MODULES=n and modules.builtin isn't installed. Therefore, add the target "_builtin_inst_" and make "install" and "modules_install" depend on it. Tests results: - make install: kernel image is copied as before, modules.builtin copied - make modules_install: (CONFIG_MODULES=n) nothing is copied, exit 1 Signed-off-by: Jonas Zeiger <jonas.zeiger@talpidae.net> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
ashimida authored
When System.map was generated, the kernel used mksysmap to filter the kernel symbols, but all the symbols with the second letter 'L' in the kernel were filtered out, not just the symbols starting with 'dot + L'. For example: ashimida@ubuntu:~/linux$ cat System.map |grep ' .L' ashimida@ubuntu:~/linux$ nm -n vmlinux |grep ' .L' ffff0000088028e0 t bLength_show ...... ffff0000092e0408 b PLLP_OUTC_lock ffff0000092e0410 b PLLP_OUTA_lock The original intent should be to filter out all local symbols starting with '.L', so the dot should be escaped. Fixes: 00902e98 ("mksysmap: Add h8300 local symbol pattern") Signed-off-by: ashimida <ashimida@linux.alibaba.com> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Commit d503ac53 ("kbuild: rename LDFLAGS to KBUILD_LDFLAGS") missed to update the documentation. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Align with the mmap / munmap APIs. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Now that is_vmlinux() is called only in new_module(), we can inline the function call. modname is the basename with '.o' is stripped. No need to compare it with 'vmlinux.o'. vmlinux is always located at the current working directory. No need to strip the directory path. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
new_module() conditionally strips the .o because the modname has .o suffix when it is called from read_symbols(), but no .o when it is called from read_dump(). It is clearer to strip .o in read_symbols(). I also used flexible-array for mod->name. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Set have_vmlinux flag in a single place. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
The meaning of 'skip' is obscure since it does not explain "what to skip". mod->skip is set when it is vmlinux or the module info came from a dump file. So, mod->skip is equivalent to (mod->is_vmlinux || mod->from_dump). For the check in write_namespace_deps_files(), mod->is_vmlinux is unneeded because the -d option is not passed in the first pass of modpost. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
is_vmlinux() is called in several places to check whether the current module is vmlinux or not. It is faster and clearer to check mod->is_vmlinux flag. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
check_exports() is never called for vmlinux because mod->skip is set for vmlinux. Hence, check_for_gpl_usage() and check_for_unused() are not called for vmlinux, either. is_vmlinux() is always false here. Remove the is_vmlinux() calls, and hard-code the ".ko" suffix. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Previously, there were two cases where mod->is_dot_o is unset: [1] the executable 'vmlinux' in the second pass of modpost [2] modules loaded by read_dump() I think [1] was intended usage to distinguish 'vmlinux.o' and 'vmlinux'. Now that modpost does not parse the executable 'vmlinux', this case does not happen. [2] is obscure, maybe a bug. Module.symver stores module paths without extension. So, none of modules loaded by read_dump() has the .o suffix, and new_module() unsets ->is_dot_o. Anyway, it is not a big deal because handle_symbol() is not called for the case. To sum up, all the parsed ELF files are .o files. mod->is_dot_o is unneeded. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
Collect options for modules into a single place. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
The -s option was added by commit 8d8d8289 ("kbuild: do not do section mismatch checks on vmlinux in 2nd pass"). Now that the second pass does not parse vmlinux, this option is unneeded. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
get_next_line() is no longer used. Remove. grab_file() and release_file() are only used in modpost.c. Make them static. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
grab_file() mmaps a file, but it is not so efficient here because get_next_line() copies every line to the temporary buffer anyway. read_text_file() and get_line() are simpler. get_line() exploits the library function strchr(). Going forward, the missing *.symvers or *.cmd is a fatal error. This should not happen because scripts/Makefile.modpost guards the -i option files with $(wildcard $(input-symdump)). Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
One problem of grab_file() is that it cannot distinguish the following two cases: - It cannot read the file (the file does not exist, or read permission is not set) - It can read the file, but the file size is zero This is because grab_file() calls mmap(), which requires the mapped length is greater than 0. Hence, grab_file() fails for both cases. If an empty header file were included for checksum calculation, the following warning would be printed: WARNING: modpost: could not open ...: Invalid argument An empty file is a valid source file, so it should not fail. Use read_text_file() instead. It can read a zero-length file. Then, parse_file() will succeed with doing nothing. Going forward, the first case (it cannot read the file) is a fatal error. If the source file from which an object was compiled is missing, something went wrong. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
I do not know how reliably this function works, but it looks dangerous to me. strchr(sources, '\n'); ... continues searching until it finds '\n' or it reaches the '\0' terminator. In other words, 'sources' should be a null-terminated string. However, grab_file() just mmaps a file, so 'sources' is not terminated with null byte. If the file does not contain '\n' at all, strchr() will go beyond the mmap'ed memory. Use read_text_file(), which loads the file content into a malloc'ed buffer, appending null byte. Here we are interested only in the first line of *.mod files. Use get_line() helper to get the first line. This also makes missing *.mod file a fatal error. Commit 4be40e22 ("kbuild: do not emit src version warning for non-modules") ignored missing *.mod files. I do not fully understand what that commit addressed, but commit 91341d4b ("kbuild: introduce new option to enhance section mismatch analysis") introduced partial section checks by using modpost. built-in.o was parsed by modpost. Even modules had a problem because *.mod files were created after the modpost check. Commit b7dca6dd ("kbuild: create *.mod with full directory path and remove MODVERDIR") stopped doing that. Now that modpost is only invoked after the directory descend, *.mod files should always exist at the modpost stage. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-
Masahiro Yamada authored
modpost uses grab_file() to open a file, but it is not suitable for a text file because the mmap'ed file is not terminated by null byte. Actually, I see some issues for the use of grab_file(). The new helper, read_text_file() loads the whole file content into a malloc'ed buffer, and appends a null byte. Then, get_line() reads each line. To handle text files, I intend to replace as follows: grab_file() -> read_text_file() get_new_line() -> get_line() Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
-