/dev/random and getrandom() never warn. Split the meat of
urandom_read() into urandom_read_nowarn() and leave the warning code
in urandom_read().
This has no effect on kernel behavior, but it makes subsequent
patches more straightforward. It also makes the fact that
getrandom() never warns more obvious.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Link: https://lore.kernel.org/r/c87ab200588de746431d9f916501ef11e5242b13.1577088521.git.luto@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit c6f1deb158)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: Iaf34ab88dac9c6a0e217d48543d1d26be32591e5
Introducing a chosen node, rng-seed, which is an entropy that can be
passed to kernel called very early to increase initial device
randomness. Bootloader should provide this entropy and the value is
read from /chosen/rng-seed in DT.
Obtain of_fdt_crc32 for CRC check after early_init_dt_scan_nodes(),
since early_init_dt_scan_chosen() would modify fdt to erase rng-seed.
Add a new interface add_bootloader_randomness() for rng-seed use case.
Depends on whether the seed is trustworthy, rng seed would be passed to
add_hwgenerator_randomness(). Otherwise it would be passed to
add_device_randomness(). Decision is controlled by kernel config
RANDOM_TRUST_BOOTLOADER.
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-by: Rob Herring <robh@kernel.org>
Reviewed-by: Theodore Ts'o <tytso@mit.edu> # drivers/char/random.c
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit 428826f535)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I54fb81eb88b955ead400fd39180c0fa41de37c8e
Currently in arm64, FDT is mapped to RO before it's passed to
early_init_dt_scan(). However, there might be some codes
(eg. commit "fdt: add support for rng-seed") that need to modify FDT
during init. Map FDT to RO after early fixups are done.
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Reviewed-by: Mike Rapoport <rppt@linux.ibm.com>
Signed-off-by: Will Deacon <will@kernel.org>
(cherry picked from commit e112b032a7)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I578edbb824fd5aaaf72af5cdb75abaa3b98e6ddd
Fixes: eb9d1bf079: "random: only read from /dev/random after its pool has received 128 bits"
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 58be0106c5)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I87df025423848df2e8ff2ccb6856da073a385750
Explain what these functions are for and when they offer
an advantage over get_random_bytes().
(We still need documentation on rng_is_initialized(), the
random_ready_callback system, and early boot in general.)
Signed-off-by: George Spelvin <lkml@sdf.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 92e507d216)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I8a218b2569a10ec1106ad04eebccbf26fd7e1ca3
Right now rand_initialize() is run as an early_initcall(), but it only
depends on timekeeping_init() (for mixing ktime_get_real() into the
pools). However, the call to boot_init_stack_canary() for stack canary
initialization runs earlier, which triggers a warning at boot:
random: get_random_bytes called from start_kernel+0x357/0x548 with crng_init=0
Instead, this moves rand_initialize() to after timekeeping_init(), and moves
canary initialization here as well.
Note that this warning may still remain for machines that do not have
UEFI RNG support (which initializes the RNG pools during setup_arch()),
or for x86 machines without RDRAND (or booting without "random.trust=on"
or CONFIG_RANDOM_TRUST_CPU=y).
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit d55535232c)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: If2aec7b464244ae89bdcd0ce2c363c36645aaa6c
Immediately after boot, we allow reads from /dev/random before its
entropy pool has been fully initialized. Fix this so that we don't
allow this until the blocking pool has received 128 bits.
We do this by repurposing the initialized flag in the entropy pool
struct, and use the initialized flag in the blocking pool to indicate
whether it is safe to pull from the blocking pool.
To do this, we needed to rework when we decide to push entropy from the
input pool to the blocking pool, since the initialized flag for the
input pool was used for this purpose. To simplify things, we no
longer use the initialized flag for that purpose, nor do we use the
entropy_total field any more.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit eb9d1bf079)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: Ic0f66f7f04b514446cdec4cab4a47a0d3a184886
Since the definition of struct crng_state is private to random.c, and
primary_crng is neither declared or used elsewhere, there's no reason
for that symbol to have external linkage.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 764ed189c8)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I717cda431b78bb99f3339461b6868308dd31cf12
This field is never used, might as well remove it.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 3bd0b5bf7d)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I29de002717f8b600adb741e469fada15a9c0d25c
Never modified, might as well be put in .rodata.
Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
(cherry picked from commit 26e0854ab3)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 148665638
Change-Id: I764d96db977cdf1a6a890897033999793dc53848
Leaf changes summary: 4 artifacts changed (1 filtered out)
Changed leaf types summary: 4 (1 filtered out) leaf types changed
Removed/Changed/Added functions summary: 0 Removed, 0 Changed, 0 Added function
Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 0 Added variable
'struct net_device at netdevice.h:1747:1' changed:
type size hasn't changed
there are data member changes:
'possible_net_t net_device::nd_net' size changed from 0 to 64 (in bits) (by +64 bits)
offset changed from 9472 to 9536 (in bits) (by +64 bits)
'device net_device::dev' offset changed from 9536 to 9600 (in bits) (by +64 bits)
'const attribute_group* net_device::sysfs_groups[4]' offset changed from 15744 to 15808 (in bits) (by +64 bits)
'const attribute_group* net_device::sysfs_rx_queue_group' offset changed from 16000 to 16064 (in bits) (by +64 bits)
'const rtnl_link_ops* net_device::rtnl_link_ops' offset changed from 16064 to 16128 (in bits) (by +64 bits)
'unsigned int net_device::gso_max_size' offset changed from 16128 to 16192 (in bits) (by +64 bits)
'u16 net_device::gso_max_segs' offset changed from 16160 to 16224 (in bits) (by +64 bits)
's16 net_device::num_tc' offset changed from 16176 to 16240 (in bits) (by +64 bits)
'netdev_tc_txq net_device::tc_to_txq[16]' offset changed from 16192 to 16256 (in bits) (by +64 bits)
'u8 net_device::prio_tc_map[16]' offset changed from 16704 to 16768 (in bits) (by +64 bits)
'phy_device* net_device::phydev' offset changed from 16832 to 16896 (in bits) (by +64 bits)
'sfp_bus* net_device::sfp_bus' offset changed from 16896 to 16960 (in bits) (by +64 bits)
'lock_class_key* net_device::qdisc_tx_busylock' offset changed from 16960 to 17024 (in bits) (by +64 bits)
'lock_class_key* net_device::qdisc_running_key' offset changed from 17024 to 17088 (in bits) (by +64 bits)
'bool net_device::proto_down' offset changed from 17088 to 17152 (in bits) (by +64 bits)
95 impacted interfaces
'struct request_sock at request_sock.h:50:1' changed:
type size changed from 1728 to 1792 (in bits)
there are data member changes:
type 'struct sock_common' of 'request_sock::__req_common' changed:
, size changed from 1024 to 1088 (in bits) (by +64 bits)
'request_sock* request_sock::dl_next' offset changed from 1024 to 1088 (in bits) (by +64 bits)
'u16 request_sock::mss' offset changed from 1088 to 1152 (in bits) (by +64 bits)
'u8 request_sock::num_retrans' offset changed from 1104 to 1168 (in bits) (by +64 bits)
'u8 request_sock::num_timeout' offset changed from 1112 to 1176 (in bits) (by +64 bits)
'u32 request_sock::ts_recent' offset changed from 1120 to 1184 (in bits) (by +64 bits)
'timer_list request_sock::rsk_timer' offset changed from 1152 to 1216 (in bits) (by +64 bits)
'const request_sock_ops* request_sock::rsk_ops' offset changed from 1472 to 1536 (in bits) (by +64 bits)
'sock* request_sock::sk' offset changed from 1536 to 1600 (in bits) (by +64 bits)
'u32* request_sock::saved_syn' offset changed from 1600 to 1664 (in bits) (by +64 bits)
'u32 request_sock::secid' offset changed from 1664 to 1728 (in bits) (by +64 bits)
'u32 request_sock::peer_secid' offset changed from 1696 to 1760 (in bits) (by +64 bits)
29 impacted interfaces
'struct sock at sock.h:327:1' changed:
type size changed from 5696 to 5760 (in bits)
there are data member changes:
type 'struct sock_common' of 'sock::__sk_common' changed:
type size changed from 1024 to 1088 (in bits)
there are data member changes:
'possible_net_t sock_common::skc_net' size changed from 0 to 64 (in bits) (by +64 bits)
'in6_addr sock_common::skc_v6_daddr' offset changed from 384 to 448 (in bits) (by +64 bits)
'in6_addr sock_common::skc_v6_rcv_saddr' offset changed from 512 to 576 (in bits) (by +64 bits)
'atomic64_t sock_common::skc_cookie' offset changed from 640 to 704 (in bits) (by +64 bits)
'int sock_common::skc_dontcopy_begin[]' offset changed from 768 to 832 (in bits) (by +64 bits)
'unsigned short int sock_common::skc_tx_queue_mapping' offset changed from 896 to 960 (in bits) (by +64 bits)
'unsigned short int sock_common::skc_rx_queue_mapping' offset changed from 912 to 976 (in bits) (by +64 bits)
'refcount_t sock_common::skc_refcnt' offset changed from 960 to 1024 (in bits) (by +64 bits)
'int sock_common::skc_dontcopy_end[]' offset changed from 992 to 1056 (in bits) (by +64 bits)
29 impacted interfaces
, offset changed from 1728 to 1792 (in bits) (by +64 bits)
'int sock::sk_forward_alloc' offset changed from 1920 to 1984 (in bits) (by +64 bits)
'unsigned int sock::sk_ll_usec' offset changed from 1952 to 2016 (in bits) (by +64 bits)
'unsigned int sock::sk_napi_id' offset changed from 1984 to 2048 (in bits) (by +64 bits)
'int sock::sk_rcvbuf' offset changed from 2016 to 2080 (in bits) (by +64 bits)
'sk_filter* sock::sk_filter' offset changed from 2048 to 2112 (in bits) (by +64 bits)
offset changed from 2112 to 2176 (in bits) (by +64 bits)
'xfrm_policy* sock::sk_policy[2]' offset changed from 2176 to 2240 (in bits) (by +64 bits)
'dst_entry* sock::sk_rx_dst' offset changed from 2304 to 2368 (in bits) (by +64 bits)
'dst_entry* sock::sk_dst_cache' offset changed from 2368 to 2432 (in bits) (by +64 bits)
'atomic_t sock::sk_omem_alloc' offset changed from 2432 to 2496 (in bits) (by +64 bits)
'int sock::sk_sndbuf' offset changed from 2464 to 2528 (in bits) (by +64 bits)
'int sock::sk_wmem_queued' offset changed from 2496 to 2560 (in bits) (by +64 bits)
'refcount_t sock::sk_wmem_alloc' offset changed from 2528 to 2592 (in bits) (by +64 bits)
'unsigned long int sock::sk_tsq_flags' offset changed from 2560 to 2624 (in bits) (by +64 bits)
'sk_buff_head sock::sk_write_queue' offset changed from 2688 to 2752 (in bits) (by +64 bits)
'__s32 sock::sk_peek_off' offset changed from 2880 to 2944 (in bits) (by +64 bits)
'int sock::sk_write_pending' offset changed from 2912 to 2976 (in bits) (by +64 bits)
'__u32 sock::sk_dst_pending_confirm' offset changed from 2944 to 3008 (in bits) (by +64 bits)
'u32 sock::sk_pacing_status' offset changed from 2976 to 3040 (in bits) (by +64 bits)
'long int sock::sk_sndtimeo' offset changed from 3008 to 3072 (in bits) (by +64 bits)
'timer_list sock::sk_timer' offset changed from 3072 to 3136 (in bits) (by +64 bits)
'__u32 sock::sk_priority' offset changed from 3392 to 3456 (in bits) (by +64 bits)
'__u32 sock::sk_mark' offset changed from 3424 to 3488 (in bits) (by +64 bits)
'u32 sock::sk_pacing_rate' offset changed from 3456 to 3520 (in bits) (by +64 bits)
'u32 sock::sk_max_pacing_rate' offset changed from 3488 to 3552 (in bits) (by +64 bits)
'page_frag sock::sk_frag' offset changed from 3520 to 3584 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_caps' offset changed from 3648 to 3712 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_nocaps' offset changed from 3712 to 3776 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_forced_caps' offset changed from 3776 to 3840 (in bits) (by +64 bits)
'int sock::sk_gso_type' offset changed from 3840 to 3904 (in bits) (by +64 bits)
'unsigned int sock::sk_gso_max_size' offset changed from 3872 to 3936 (in bits) (by +64 bits)
'gfp_t sock::sk_allocation' offset changed from 3904 to 3968 (in bits) (by +64 bits)
'__u32 sock::sk_txhash' offset changed from 3936 to 4000 (in bits) (by +64 bits)
'unsigned int sock::__sk_flags_offset[]' offset changed from 3968 to 4032 (in bits) (by +64 bits)
'unsigned int sock::sk_type' offset changed from 3968 to 4032 (in bits) (by +64 bits)
'u16 sock::sk_gso_max_segs' offset changed from 4000 to 4064 (in bits) (by +64 bits)
'u8 sock::sk_pacing_shift' offset changed from 4016 to 4080 (in bits) (by +64 bits)
'unsigned long int sock::sk_lingertime' offset changed from 4032 to 4096 (in bits) (by +64 bits)
'proto* sock::sk_prot_creator' offset changed from 4096 to 4160 (in bits) (by +64 bits)
'rwlock_t sock::sk_callback_lock' offset changed from 4160 to 4224 (in bits) (by +64 bits)
'int sock::sk_err' offset changed from 4224 to 4288 (in bits) (by +64 bits)
'int sock::sk_err_soft' offset changed from 4256 to 4320 (in bits) (by +64 bits)
'u32 sock::sk_ack_backlog' offset changed from 4288 to 4352 (in bits) (by +64 bits)
'u32 sock::sk_max_ack_backlog' offset changed from 4320 to 4384 (in bits) (by +64 bits)
'kuid_t sock::sk_uid' offset changed from 4352 to 4416 (in bits) (by +64 bits)
'pid* sock::sk_peer_pid' offset changed from 4416 to 4480 (in bits) (by +64 bits)
'const cred* sock::sk_peer_cred' offset changed from 4480 to 4544 (in bits) (by +64 bits)
'long int sock::sk_rcvtimeo' offset changed from 4544 to 4608 (in bits) (by +64 bits)
'ktime_t sock::sk_stamp' offset changed from 4608 to 4672 (in bits) (by +64 bits)
'u16 sock::sk_tsflags' offset changed from 4672 to 4736 (in bits) (by +64 bits)
'u8 sock::sk_shutdown' offset changed from 4688 to 4752 (in bits) (by +64 bits)
'u32 sock::sk_tskey' offset changed from 4704 to 4768 (in bits) (by +64 bits)
'atomic_t sock::sk_zckey' offset changed from 4736 to 4800 (in bits) (by +64 bits)
'u8 sock::sk_clockid' offset changed from 4768 to 4832 (in bits) (by +64 bits)
'u8 sock::sk_txtime_unused' offset changed from 4776 to 4840 (in bits) (by +64 bits)
'socket* sock::sk_socket' offset changed from 4800 to 4864 (in bits) (by +64 bits)
'void* sock::sk_user_data' offset changed from 4864 to 4928 (in bits) (by +64 bits)
'void* sock::sk_security' offset changed from 4928 to 4992 (in bits) (by +64 bits)
'sock_cgroup_data sock::sk_cgrp_data' offset changed from 4992 to 5056 (in bits) (by +64 bits)
'mem_cgroup* sock::sk_memcg' offset changed from 5056 to 5120 (in bits) (by +64 bits)
'void ()* sock::sk_state_change' offset changed from 5120 to 5184 (in bits) (by +64 bits)
'void ()* sock::sk_data_ready' offset changed from 5184 to 5248 (in bits) (by +64 bits)
'void ()* sock::sk_write_space' offset changed from 5248 to 5312 (in bits) (by +64 bits)
'void ()* sock::sk_error_report' offset changed from 5312 to 5376 (in bits) (by +64 bits)
'void ()* sock::sk_backlog_rcv' offset changed from 5376 to 5440 (in bits) (by +64 bits)
'void ()* sock::sk_destruct' offset changed from 5440 to 5504 (in bits) (by +64 bits)
'sock_reuseport* sock::sk_reuseport_cb' offset changed from 5504 to 5568 (in bits) (by +64 bits)
'callback_head sock::sk_rcu' offset changed from 5568 to 5632 (in bits) (by +64 bits)
29 impacted interfaces
'struct sock_common at sock.h:152:1' changed:
details were reported earlier
Fixes: c05bf9c3e6 ("ANDROID: gki_defconfig: Enable CONFIG_NET_NS")
Change-Id: Ib996c420fdd2b347c5ea65309543721a174fdc9c
Signed-off-by: Matthias Maennich <maennich@google.com>
Changes in 4.19.104
ASoC: pcm: update FE/BE trigger order based on the command
hv_sock: Remove the accept port restriction
IB/mlx4: Fix memory leak in add_gid error flow
RDMA/netlink: Do not always generate an ACK for some netlink operations
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/uverbs: Verify MR access flags
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/switchtec: Fix vep_vector_number ioread width
PCI: Don't disable bridge BARs when assigning bus resources
nfs: NFS_SWAP should depend on SWAP
NFS: Revalidate the file size on a fatal write error
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFSv4: try lease recovery on NFS4ERR_EXPIRED
serial: uartps: Add a timeout to the tx empty wait
gpio: zynq: Report gpio direction at boot
spi: spi-mem: Add extra sanity checks on the op param
spi: spi-mem: Fix inverted logic in op sanity check
rtc: hym8563: Return -EINVAL if the time is known to be invalid
rtc: cmos: Stop using shared IRQ
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARM: dts: at91: Reenable UART TX pull-ups
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
tools/power/acpi: fix compilation error
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: 8949/1: mm: mark free_memmap as __init
arm64: cpufeature: Fix the type of no FP/SIMD capability
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
KVM: arm/arm64: Fix young bit from mmu notifier
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
mtd: sharpslpart: Fix unsigned comparison to zero
crypto: artpec6 - return correct error code for failed setkey()
crypto: atmel-sha - fix error handling when setting hmac key
media: i2c: adv748x: Fix unsafe macros
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
x86/stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h
x86/stackframe, x86/ftrace: Add pt_regs frame annotations
serial: uartps: Move the spinlock after the read of the tx empty
padata: fix null pointer deref of pd->pinst
Linux 4.19.104
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I42a465b140183dcc8cf49e19903d0e8f4b688930
This feature was noticed missing on the android emulator, but it's
normally default 'on', we just were able to disable it because we
turn CONFIG_EXPERT on too.
Bug: 147493341
Change-Id: Ia81b4f841a5b5d4a37ad8a1f3450dff70abc341d
Signed-off-by: Alistair Delva <adelva@google.com>
This was added when merging LTS.
Fixes: 44b82a3d1b ("Merge 4.19.85 into android-4.19")
Change-Id: Ic3ef52ec8f092f6a0e83ddb40ed57f1fa305b21c
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
advertises _DIRECT
INPUT_MT_DIRECT should be used only if the device advertises
INPUT_PROP_DIRECT.
Bug: 147493341
Bug: 149250379
Test: boot emulator with 5.4 kernel, check if touchscreen works
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Ic06ae2b9d0ab7c77cb8829e5392fd048139500a2
Previously the cuttlefish build was cat'ng the cuttlefish.fragment
with the gki_defconfig. The correct way to merge fragments is to use
the merge_configs script.
Bug: 139431025
Bug: 148247383
Test: Treehugger
Signed-off-by: Ram Muthiah <rammuthiah@google.com>
Change-Id: I0a62e6c5395b6933955894c8d5ad0484f5c7102d
This enables ebpf tethering offload from a cellular interface with
no L2 mac header to a wifi/ethernet/usb interface with one.
Will pursue upstreaming this along with further mtu related fixups.
Test: builds, real testing with identical patch on a 4.14 flame device
Bug: 149724482
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ic182320bf1abb248d0f86fa2973c60208710f664
Move SDCARD_FS into the fragments for cuttlefish and db845c as this
feature is still being used by AOSP master. These will be removed later.
Bug: 149410031
Change-Id: I9142338cd0709aa8ec067b9e7d8c22390630de02
Signed-off-by: Alistair Delva <adelva@google.com>
The 4.19 backport dc34710a7a ("padata: Remove broken queue flushing")
removed padata_alloc_pd()'s assignment to pd->pinst, resulting in:
Unable to handle kernel NULL pointer dereference ...
...
pc : padata_reorder+0x144/0x2e0
...
Call trace:
padata_reorder+0x144/0x2e0
padata_do_serial+0xc8/0x128
pcrypt_aead_enc+0x60/0x70 [pcrypt]
padata_parallel_worker+0xd8/0x138
process_one_work+0x1bc/0x4b8
worker_thread+0x164/0x580
kthread+0x134/0x138
ret_from_fork+0x10/0x18
This happened because the backport was based on an enhancement that
moved this assignment but isn't in 4.19:
bfde23ce20 ("padata: unbind parallel jobs from specific CPUs")
Simply restore the assignment to fix the crash.
Fixes: dc34710a7a ("padata: Remove broken queue flushing")
Reported-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Sasha Levin <sashal@kernel.org>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 107475685a upstream.
Currently we are doing a read of the status register.
Move the spinlock after that as the reads need not be spinlock
protected. This patch prevents relaxing the cpu with spinlock held.
Signed-off-by: Shubhrajyoti Datta <shubhrajyoti.datta@xilinx.com>
Cc: Pavel Machek <pavel@denx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 1754c4f60a ]
Commit e5e884b426 ("libertas: Fix two buffer overflows at parsing bss
descriptor") introduced a bounds check on the number of supplied rates to
lbs_ibss_join_existing() and made it to return on overflow.
However, the aforementioned commit doesn't set the return value accordingly
and thus, lbs_ibss_join_existing() would return with zero even though it
failed.
Make lbs_ibss_join_existing return -EINVAL in case the bounds check on the
number of supplied rates fails.
Fixes: e5e884b426 ("libertas: Fix two buffer overflows at parsing bss descriptor")
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit c7bf1fb7dd ]
Commit e5e884b426 ("libertas: Fix two buffer overflows at parsing bss
descriptor") introduced a bounds check on the number of supplied rates to
lbs_ibss_join_existing().
Unfortunately, it introduced a return path from within a RCU read side
critical section without a corresponding rcu_read_unlock(). Fix this.
Fixes: e5e884b426 ("libertas: Fix two buffer overflows at parsing bss descriptor")
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit b70261a288 ]
mwifiex_cmd_append_vsie_tlv() calls memcpy() without checking
the destination size may trigger a buffer overflower,
which a local user could use to cause denial of service
or the execution of arbitrary code.
Fix it by putting the length check before calling memcpy().
Signed-off-by: Qing Xu <m1s5p6688@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 3a9b153c55 ]
mwifiex_ret_wmm_get_status() calls memcpy() without checking the
destination size.Since the source is given from remote AP which
contains illegal wmm elements , this may trigger a heap buffer
overflow.
Fix it by putting the length check before calling memcpy().
Signed-off-by: Qing Xu <m1s5p6688@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 0d962e061a upstream.
Enclose multiple macro parameters in parentheses in order to
make such macros safer and fix the Clang warning below:
drivers/media/i2c/adv748x/adv748x-afe.c:452:12: warning: operator '?:'
has lower precedence than '|'; '|' will be evaluated first
[-Wbitwise-conditional-parentheses]
ret = sdp_clrset(state, ADV748X_SDP_FRP, ADV748X_SDP_FRP_MASK, enable
? ctrl->val - 1 : 0);
Fixes: 3e89586a64 ("media: i2c: adv748x: add adv748x driver")
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Reviewed-by: Kieran Bingham <kieran.bingham+renesas@ideasonboard.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit f33113b542 upstream.
The unsigned variable log_num is being assigned a return value
from the call to sharpsl_nand_get_logical_num that can return
-EINVAL.
Detected using Coccinelle:
./drivers/mtd/parsers/sharpslpart.c:207:6-13: WARNING: Unsigned expression compared with zero: log_num > 0
Fixes: 8a4580e4d2 ("mtd: sharpslpart: Add sharpslpart partition parser")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 0e7ca83e82 upstream.
Clang warns:
../drivers/mtd/nand/onenand/onenand_base.c:1269:3: warning: misleading
indentation; statement is not part of the previous 'if'
[-Wmisleading-indentation]
while (!ret) {
^
../drivers/mtd/nand/onenand/onenand_base.c:1266:2: note: previous
statement is here
if (column + thislen > writesize)
^
1 warning generated.
This warning occurs because there is a space before the tab of the while
loop. There are spaces at the beginning of a lot of the lines in this
block, remove them so that the indentation is consistent with the Linux
kernel coding style and clang no longer warns.
Fixes: a8de85d557 ("[MTD] OneNAND: Implement read-while-load")
Link: https://github.com/ClangBuiltLinux/linux/issues/794
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 21aecdbd7f upstream.
KVM's inject_abt64() injects an external-abort into an aarch64 guest.
The KVM_CAP_ARM_INJECT_EXT_DABT is intended to do exactly this, but
for an aarch32 guest inject_abt32() injects an implementation-defined
exception, 'Lockdown fault'.
Change this to external abort. For non-LPAE we now get the documented:
| Unhandled fault: external abort on non-linefetch (0x008) at 0x9c800f00
and for LPAE:
| Unhandled fault: synchronous external abort (0x210) at 0x9c800f00
Fixes: 74a64a9816 ("KVM: arm/arm64: Unify 32bit fault injection")
Reported-by: Beata Michalska <beata.michalska@linaro.org>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121123356.203000-3-james.morse@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 018f22f95e upstream.
Beata reports that KVM_SET_VCPU_EVENTS doesn't inject the expected
exception to a non-LPAE aarch32 guest.
The host intends to inject DFSR.FS=0x14 "IMPLEMENTATION DEFINED fault
(Lockdown fault)", but the guest receives DFSR.FS=0x04 "Fault on
instruction cache maintenance". This fault is hooked by
do_translation_fault() since ARMv6, which goes on to silently 'handle'
the exception, and restart the faulting instruction.
It turns out, when TTBCR.EAE is clear DFSR is split, and FS[4] has
to shuffle up to DFSR[10].
As KVM only does this in one place, fix up the static values. We
now get the expected:
| Unhandled fault: lock abort (0x404) at 0x9c800f00
Fixes: 74a64a9816 ("KVM: arm/arm64: Unify 32bit fault injection")
Reported-by: Beata Michalska <beata.michalska@linaro.org>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121123356.203000-2-james.morse@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit cf2d23e0ba upstream.
kvm_test_age_hva() is called upon mmu_notifier_test_young(), but wrong
address range has been passed to handle_hva_to_gpa(). With the wrong
address range, no young bits will be checked in handle_hva_to_gpa().
It means zero is always returned from mmu_notifier_test_young().
This fixes the issue by passing correct address range to the underly
function handle_hva_to_gpa(), so that the hardware young (access) bit
will be visited.
Fixes: 35307b9a5f ("arm/arm64: KVM: Implement Stage-2 page aging")
Signed-off-by: Gavin Shan <gshan@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121055659.19560-1-gshan@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 449443c03d upstream.
The NO_FPSIMD capability is defined with scope SYSTEM, which implies
that the "absence" of FP/SIMD on at least one CPU is detected only
after all the SMP CPUs are brought up. However, we use the status
of this capability for every context switch. So, let us change
the scope to LOCAL_CPU to allow the detection of this capability
as and when the first CPU without FP is brought up.
Also, the current type allows hotplugged CPU to be brought up without
FP/SIMD when all the current CPUs have FP/SIMD and we have the userspace
up. Fix both of these issues by changing the capability to
BOOT_RESTRICTED_LOCAL_CPU_FEATURE.
Fixes: 82e0191a1a ("arm64: Support systems without FP/ASIMD")
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 31f3010e60 upstream.
As of commit ac7c3e4ff4 ("compiler: enable CONFIG_OPTIMIZE_INLINING
forcibly"), free_memmap() might not always be inlined, and thus is
triggering a section warning:
WARNING: vmlinux.o(.text.unlikely+0x904): Section mismatch in reference from the function free_memmap() to the function .meminit.text:memblock_free()
Mark it as __init, since the faller (free_unused_memmap) already is.
Fixes: ac7c3e4ff4 ("compiler: enable CONFIG_OPTIMIZE_INLINING forcibly")
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
