Baby steps in the 5.6-rc1 merge cycle to make things easier to review
and debug.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2d3a69b5256f71ae18b500b0ef145f93e4255dbc
Baby steps in the 5.6-rc1 merge cycle to make things easier to review
and debug.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I084fc068d4c94625e63441029e08e143146d97b7
With CONFIG_THINLTO and CFI both enabled, LLVM appends a hash to the
names of all static functions. This breaks userspace tools, so strip
out the hash from output.
Bug: 147422318
Change-Id: Ie19a59d9d0681298be54e73064badc361c0f7014
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
BPF dispatcher functions are patched at runtime to perform direct
instead of indirect calls. Disable CFI for the dispatcher functions
to avoid conflicts.
(re-add due to merge conflicts previously)
Bug: 145210207
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7edf6052e121d16ccb0f3d3492ff4eefedfa509e
Baby steps in the 5.6-rc1 merge cycle to make things easier to review
and debug.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4c44b3c32065ea0ed8175b31665f2a4195a27300
This reverts commit aa2cc4ed15.
It conflicts with the upstream BPF changes so needs to be dropped for
now as it will show up throught the BPF tree.
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0a38cbaf388c3362f8fd7fad7139b16ea9967fe7
This reverts commit 22cf3ea720.
It conflicts with the BPF merge and will come in through the upstream
tree.
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I404d2e9efcd6057d481be2562cb9b2a559b70e58
This reverts commit 3ea9abc389.
It conflicts with the BPF merge from upstream and will come in through
that tree.
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I59c2176184c955d240b571d000460d89c6d2f80d
This reverts commit f6a4d900cc.
It conflicts with the BPF merge and will come in through that tree
instead.
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Idffa84def2a994a306c79803d49b7461adfae44c
This reverts commit cedd91c6f4.
It conflicts with the BPF merge and will have to be added back later "by
hand".
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9b070d804c16b12a416ddc630c4440ea85f5531b
Baby steps in the 5.6-rc1 merge cycle to make things easier to review
and debug.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I6d63f7c9484210bae7474a809defd1aaa58e15f8
Merge the upstream merge of fscrypt-for-linus, to resolve conflicts
between the fscrypt changes that went upstream in 5.6 and the inline
crypto and hardware-wrapped key support that is currently being carried
in the Android common kernels.
Conflicts:
fs/crypto/Kconfig
fs/crypto/bio.c
fs/crypto/fname.c
fs/crypto/fscrypt_private.h
fs/crypto/keyring.c
fs/crypto/keysetup.c
include/uapi/linux/fscrypt.h
Merge resolution notes:
- In fscrypt_zeroout_range(), split the inline crypto case into a
separate function fscrypt_zeroout_range_inlinecrypt(), as mixing the
two cases together became much harder due to the upstream changes.
- Allow the size of fscrypt-provisioning keys to be up to
FSCRYPT_MAX_HW_WRAPPED_KEY_SIZE rather than FSCRYPT_MAX_KEY_SIZE.
Change-Id: Ib1e6b9eda8fb5dcfc6bdc8fa89d93f72b088c5f6
Signed-off-by: Eric Biggers <ebiggers@google.com>
BPF dispatcher functions are patched at runtime to perform direct
instead of indirect calls. Disable CFI for the dispatcher functions
to avoid conflicts.
Bug: 145210207
Change-Id: I61dc7ce8a549145a79b7e69c646888578e0641ba
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
>From Intel 64 and IA-32 Architectures Optimization Reference Manual,
3.4.1.4 Code Alignment, Assembly/Compiler Coding Rule 11: All branch
targets should be 16-byte aligned.
This commits aligns branch targets according to the Intel manual.
The nops used to align branch targets make the dispatcher larger, and
therefore the number of supported dispatch points/programs are
descreased from 64 to 48.
Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20191213175112.30208-7-bjorn.topel@gmail.com
(cherry picked from commit 116eb788f5)
Bug: 145210207
Change-Id: I04996cd41bf109aaa63b5aa23773c34ef1f90d8b
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
The BPF dispatcher is a multi-way branch code generator, mainly
targeted for XDP programs. When an XDP program is executed via the
bpf_prog_run_xdp(), it is invoked via an indirect call. The indirect
call has a substantial performance impact, when retpolines are
enabled. The dispatcher transform indirect calls to direct calls, and
therefore avoids the retpoline. The dispatcher is generated using the
BPF JIT, and relies on text poking provided by bpf_arch_text_poke().
The dispatcher hijacks a trampoline function it via the __fentry__ nop
of the trampoline. One dispatcher instance currently supports up to 64
dispatch points. A user creates a dispatcher with its corresponding
trampoline with the DEFINE_BPF_DISPATCHER macro.
Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20191213175112.30208-3-bjorn.topel@gmail.com
(cherry picked from commit 75ccbef636)
Bug: 145210207
Change-Id: Ieb954fd4c968e41f1c1b9ea03ab89fd1f73df5cd
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This reverts commit 788bbf4f26.
Reason for revert: fixes a conflict with upcoming upstream BPF changes.
Bug: 145210207
Change-Id: I3bbc1279fc613be0d2e833008413ad3561b851df
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This reverts commit d9756ba082.
Reason for revert: fixes a conflict with upcoming upstream BPF changes.
Bug: 145210207
Change-Id: I0e7e76c117ab3608b6dd5a1bc6b949b9e109038f
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
For some reason a duplicated line ended up in here.
Thanks to Matthias for pointing it out.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7ebeddcd4a9bc210edd69d9ce5e9d3a30a6ef469
This reverts commit b61876ed12.
It was merged differently upstream in the 5.6-rc1 merge window so revert
this version as upstream got a different one.
Cc: Patrick Bellasi <patrick.bellasi@arm.com>
Cc: Quentin Perret <quentin.perret@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I508fd204109f0f947ede40a44116ad51e5631b64
Baby steps in the 5.6-rc1 merge cycle to make things easier to review
and debug.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I005e68433be6b1d66bd56d7e1c8f44ab8e78bebe
Pull device mapper updates from Mike Snitzer:
- Fix DM core's potential for q->make_request_fn NULL pointer in the
unlikely case that a DM device is created without a DM table and then
accessed due to upper-layer userspace code or user error.
- Fix DM thin-provisioning's metadata_pre_commit_callback to not use
memory after it is free'd. Also refactor code to disallow changing
the thin-pool's data device once in use -- doing so guarantees smae
lifetime of pool's data device relative to the pool metadata.
- Fix DM space maps used by DM thinp and DM cache to avoid reuse of a
already used block. This race was identified with extremely heavy
snapshot use in the context of DM thin provisioning.
- Fix DM raid's table status relative to an active rebuild.
- Fix DM crypt to use GFP_NOIO rather than GFP_NOFS in call to
skcipher_request_alloc(). Also fix benbi IV constructor crash if used
in authenticated mode.
- Add DM crypt support for Elephant diffuser to allow for Bitlocker
compatibility.
- Fix DM verity target to not prefetch hash blocks for data that has
already been verified.
- Fix DM writecache's incorrect flush sequence during commit when in
SSD mode.
- Improve DM writecache's sequential write performance on SSDs.
- Add DM zoned target support for zone sizes smaller than 128MiB.
- Add DM multipath 'queue_if_no_path_timeout_secs' module param to
allow timeout if path isn't reinstated. This allows users a kernel
safety-net against IO hanging indefinitely, due to no active paths,
that has historically only been provided by multipathd userspace.
- Various DM code cleanups to use true/false rather than 1/0, a
variable rename in dm-dust, and fix for a math error in comment for
DM thin metadata's ondisk format.
* tag 'for-5.6/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: (21 commits)
dm: fix potential for q->make_request_fn NULL pointer
dm writecache: improve performance of large linear writes on SSDs
dm mpath: Add timeout mechanism for queue_if_no_path
dm thin: change data device's flush_bio to be member of struct pool
dm thin: don't allow changing data device during thin-pool reload
dm thin: fix use-after-free in metadata_pre_commit_callback
dm thin metadata: use pool locking at end of dm_pool_metadata_close
dm writecache: fix incorrect flush sequence when doing SSD mode commit
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm crypt: Implement Elephant diffuser for Bitlocker compatibility
dm space map common: fix to ensure new block isn't already in use
dm verity: don't prefetch hash blocks for already-verified data
dm crypt: fix GFP flags passed to skcipher_request_alloc()
dm thin metadata: Fix trivial math error in on-disk format documentation
dm thin metadata: use true/false for bool variable
dm snapshot: use true/false for bool variable
dm bio prison v2: use true/false for bool variable
dm mpath: use true/false for bool variable
dm zoned: support zone sizes smaller than 128MiB
dm raid: table line rebuild status fixes
...
Pull documentation updates from Jonathan Corbet:
"It has been a relatively quiet cycle for documentation, but there's
still a couple of things of note:
- Conversion of the NFS documentation to RST
- A new document on how to help with documentation (and a maintainer
profile entry too)
Plus the usual collection of typo fixes, etc"
* tag 'docs-5.6' of git://git.lwn.net/linux: (40 commits)
docs: filesystems: add overlayfs to index.rst
docs: usb: remove some broken references
scripts/find-unused-docs: Fix massive false positives
docs: nvdimm: use ReST notation for subsection
zram: correct documentation about sysfs node of huge page writeback
Documentation: zram: various fixes in zram.rst
Add a maintainer entry profile for documentation
Add a document on how to contribute to the documentation
docs: Keep up with the location of NoUri
Documentation: Call out example SYM_FUNC_* usage as x86-specific
Documentation: nfs: fault_injection: convert to ReST
Documentation: nfs: pnfs-scsi-server: convert to ReST
Documentation: nfs: convert pnfs-block-server to ReST
Documentation: nfs: idmapper: convert to ReST
Documentation: convert nfsd-admin-interfaces to ReST
Documentation: nfs-rdma: convert to ReST
Documentation: nfsroot.rst: COSMETIC: refill a paragraph
Documentation: nfsroot.txt: convert to ReST
Documentation: convert nfs.txt to ReST
Documentation: filesystems: convert vfat.txt to RST
...
Pull Kselftest kunit updates from Shuah Khan:
"This kunit update consists of:
- Support for building kunit as a module from Alan Maguire
- AppArmor KUnit tests for policy unpack from Mike Salvatore"
* tag 'linux-kselftest-5.6-rc1-kunit' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
kunit: building kunit as a module breaks allmodconfig
kunit: update documentation to describe module-based build
kunit: allow kunit to be loaded as a module
kunit: remove timeout dependence on sysctl_hung_task_timeout_seconds
kunit: allow kunit tests to be loaded as a module
kunit: hide unexported try-catch interface in try-catch-impl.h
kunit: move string-stream.h to lib/kunit
apparmor: add AppArmor KUnit tests for policy unpack
Pull Kselftest update from Shuah Khan:
"This Kselftest update consists of several fixes to framework and
individual tests.
In addition, it enables LKDTM tests adding lkdtm target to kselftest
Makefile"
* tag 'linux-kselftest-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest:
selftests/ftrace: fix glob selftest
selftests: settings: tests can be in subsubdirs
kselftest: Minimise dependency of get_size on C library interfaces
selftests/livepatch: Remove unused local variable in set_ftrace_enabled()
selftests/livepatch: Replace set_dynamic_debug() with setup_config() in README
selftests/lkdtm: Add tests for LKDTM targets
selftests: Uninitialized variable in test_cgcore_proc_migration()
selftests: fix build behaviour on targets' failures
Pull y2038 updates from Arnd Bergmann:
"Core, driver and file system changes
These are updates to device drivers and file systems that for some
reason or another were not included in the kernel in the previous
y2038 series.
I've gone through all users of time_t again to make sure the kernel is
in a long-term maintainable state, replacing all remaining references
to time_t with safe alternatives.
Some related parts of the series were picked up into the nfsd, xfs,
alsa and v4l2 trees. A final set of patches in linux-mm removes the
now unused time_t/timeval/timespec types and helper functions after
all five branches are merged for linux-5.6, ensuring that no new users
get merged.
As a result, linux-5.6, or my backport of the patches to 5.4 [1],
should be the first release that can serve as a base for a 32-bit
system designed to run beyond year 2038, with a few remaining caveats:
- All user space must be compiled with a 64-bit time_t, which will be
supported in the coming musl-1.2 and glibc-2.32 releases, along
with installed kernel headers from linux-5.6 or higher.
- Applications that use the system call interfaces directly need to
be ported to use the time64 syscalls added in linux-5.1 in place of
the existing system calls. This impacts most users of futex() and
seccomp() as well as programming languages that have their own
runtime environment not based on libc.
- Applications that use a private copy of kernel uapi header files or
their contents may need to update to the linux-5.6 version, in
particular for sound/asound.h, xfs/xfs_fs.h, linux/input.h,
linux/elfcore.h, linux/sockios.h, linux/timex.h and
linux/can/bcm.h.
- A few remaining interfaces cannot be changed to pass a 64-bit
time_t in a compatible way, so they must be configured to use
CLOCK_MONOTONIC times or (with a y2106 problem) unsigned 32-bit
timestamps. Most importantly this impacts all users of 'struct
input_event'.
- All y2038 problems that are present on 64-bit machines also apply
to 32-bit machines. In particular this affects file systems with
on-disk timestamps using signed 32-bit seconds: ext4 with
ext3-style small inodes, ext2, xfs (to be fixed soon) and ufs"
[1] https://git.kernel.org/pub/scm/linux/kernel/git/arnd/playground.git/log/?h=y2038-endgame
* tag 'y2038-drivers-for-v5.6-signed' of git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground: (21 commits)
Revert "drm/etnaviv: reject timeouts with tv_nsec >= NSEC_PER_SEC"
y2038: sh: remove timeval/timespec usage from headers
y2038: sparc: remove use of struct timex
y2038: rename itimerval to __kernel_old_itimerval
y2038: remove obsolete jiffies conversion functions
nfs: fscache: use timespec64 in inode auxdata
nfs: fix timstamp debug prints
nfs: use time64_t internally
sunrpc: convert to time64_t for expiry
drm/etnaviv: avoid deprecated timespec
drm/etnaviv: reject timeouts with tv_nsec >= NSEC_PER_SEC
drm/msm: avoid using 'timespec'
hfs/hfsplus: use 64-bit inode timestamps
hostfs: pass 64-bit timestamps to/from user space
packet: clarify timestamp overflow
tsacct: add 64-bit btime field
acct: stop using get_seconds()
um: ubd: use 64-bit time_t where possible
xtensa: ISS: avoid struct timeval
dlm: use SO_SNDTIMEO_NEW instead of SO_SNDTIMEO_OLD
...
Pull printk update from Petr Mladek:
"Prevent replaying log on all consoles"
* tag 'printk-for-5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk:
printk: fix exclusive_console replaying
Pull erofs updates from Gao Xiang:
"A regression fix, several cleanups and (maybe) plus an upcoming new
mount api convert patch as a part of vfs update are considered
available for this cycle.
All commits have been in linux-next and tested with no smoke out.
Summary:
- fix an out-of-bound read access introduced in v5.3, which could
rarely cause data corruption
- various cleanup patches"
* tag 'erofs-for-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs:
erofs: clean up z_erofs_submit_queue()
erofs: fold in postsubmit_is_all_bypassed()
erofs: fix out-of-bound read for shifted uncompressed block
erofs: remove void tagging/untagging of workgroup pointers
erofs: remove unused tag argument while registering a workgroup
erofs: remove unused tag argument while finding a workgroup
erofs: correct indentation of an assigned structure inside a function
Pull openat2 support from Al Viro:
"This is the openat2() series from Aleksa Sarai.
I'm afraid that the rest of namei stuff will have to wait - it got
zero review the last time I'd posted #work.namei, and there had been a
leak in the posted series I'd caught only last weekend. I was going to
repost it on Monday, but the window opened and the odds of getting any
review during that... Oh, well.
Anyway, openat2 part should be ready; that _did_ get sane amount of
review and public testing, so here it comes"
From Aleksa's description of the series:
"For a very long time, extending openat(2) with new features has been
incredibly frustrating. This stems from the fact that openat(2) is
possibly the most famous counter-example to the mantra "don't silently
accept garbage from userspace" -- it doesn't check whether unknown
flags are present[1].
This means that (generally) the addition of new flags to openat(2) has
been fraught with backwards-compatibility issues (O_TMPFILE has to be
defined as __O_TMPFILE|O_DIRECTORY|[O_RDWR or O_WRONLY] to ensure old
kernels gave errors, since it's insecure to silently ignore the
flag[2]). All new security-related flags therefore have a tough road
to being added to openat(2).
Furthermore, the need for some sort of control over VFS's path
resolution (to avoid malicious paths resulting in inadvertent
breakouts) has been a very long-standing desire of many userspace
applications.
This patchset is a revival of Al Viro's old AT_NO_JUMPS[3] patchset
(which was a variant of David Drysdale's O_BENEATH patchset[4] which
was a spin-off of the Capsicum project[5]) with a few additions and
changes made based on the previous discussion within [6] as well as
others I felt were useful.
In line with the conclusions of the original discussion of
AT_NO_JUMPS, the flag has been split up into separate flags. However,
instead of being an openat(2) flag it is provided through a new
syscall openat2(2) which provides several other improvements to the
openat(2) interface (see the patch description for more details). The
following new LOOKUP_* flags are added:
LOOKUP_NO_XDEV:
Blocks all mountpoint crossings (upwards, downwards, or through
absolute links). Absolute pathnames alone in openat(2) do not
trigger this. Magic-link traversal which implies a vfsmount jump is
also blocked (though magic-link jumps on the same vfsmount are
permitted).
LOOKUP_NO_MAGICLINKS:
Blocks resolution through /proc/$pid/fd-style links. This is done
by blocking the usage of nd_jump_link() during resolution in a
filesystem. The term "magic-links" is used to match with the only
reference to these links in Documentation/, but I'm happy to change
the name.
It should be noted that this is different to the scope of
~LOOKUP_FOLLOW in that it applies to all path components. However,
you can do openat2(NO_FOLLOW|NO_MAGICLINKS) on a magic-link and it
will *not* fail (assuming that no parent component was a
magic-link), and you will have an fd for the magic-link.
In order to correctly detect magic-links, the introduction of a new
LOOKUP_MAGICLINK_JUMPED state flag was required.
LOOKUP_BENEATH:
Disallows escapes to outside the starting dirfd's
tree, using techniques such as ".." or absolute links. Absolute
paths in openat(2) are also disallowed.
Conceptually this flag is to ensure you "stay below" a certain
point in the filesystem tree -- but this requires some additional
to protect against various races that would allow escape using
"..".
Currently LOOKUP_BENEATH implies LOOKUP_NO_MAGICLINKS, because it
can trivially beam you around the filesystem (breaking the
protection). In future, there might be similar safety checks done
as in LOOKUP_IN_ROOT, but that requires more discussion.
In addition, two new flags are added that expand on the above ideas:
LOOKUP_NO_SYMLINKS:
Does what it says on the tin. No symlink resolution is allowed at
all, including magic-links. Just as with LOOKUP_NO_MAGICLINKS this
can still be used with NOFOLLOW to open an fd for the symlink as
long as no parent path had a symlink component.
LOOKUP_IN_ROOT:
This is an extension of LOOKUP_BENEATH that, rather than blocking
attempts to move past the root, forces all such movements to be
scoped to the starting point. This provides chroot(2)-like
protection but without the cost of a chroot(2) for each filesystem
operation, as well as being safe against race attacks that
chroot(2) is not.
If a race is detected (as with LOOKUP_BENEATH) then an error is
generated, and similar to LOOKUP_BENEATH it is not permitted to
cross magic-links with LOOKUP_IN_ROOT.
The primary need for this is from container runtimes, which
currently need to do symlink scoping in userspace[7] when opening
paths in a potentially malicious container.
There is a long list of CVEs that could have bene mitigated by
having RESOLVE_THIS_ROOT (such as CVE-2017-1002101,
CVE-2017-1002102, CVE-2018-15664, and CVE-2019-5736, just to name a
few).
In order to make all of the above more usable, I'm working on
libpathrs[8] which is a C-friendly library for safe path resolution.
It features a userspace-emulated backend if the kernel doesn't support
openat2(2). Hopefully we can get userspace to switch to using it, and
thus get openat2(2) support for free once it's ready.
Future work would include implementing things like
RESOLVE_NO_AUTOMOUNT and possibly a RESOLVE_NO_REMOTE (to allow
programs to be sure they don't hit DoSes though stale NFS handles)"
* 'work.openat2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
Documentation: path-lookup: include new LOOKUP flags
selftests: add openat2(2) selftests
open: introduce openat2(2) syscall
namei: LOOKUP_{IN_ROOT,BENEATH}: permit limited ".." resolution
namei: LOOKUP_IN_ROOT: chroot-like scoped resolution
namei: LOOKUP_BENEATH: O_BENEATH-like scoped resolution
namei: LOOKUP_NO_XDEV: block mountpoint crossing
namei: LOOKUP_NO_MAGICLINKS: block magic-link resolution
namei: LOOKUP_NO_SYMLINKS: block symlink resolution
namei: allow set_root() to produce errors
namei: allow nd_jump_link() to produce errors
nsfs: clean-up ns_get_path() signature to return int
namei: only return -ECHILD from follow_dotdot_rcu()
Pull RCU warning removal from Paul McKenney:
"A single commit that fixes an embarrassing bug discussed here:
https://lore.kernel.org/lkml/20200125131425.GB16136@zn.tnic/
which apparently also affects smaller systems"
[ This was sent to Ingo, but since I see the issue on the laptop I use for
testing during the merge window, I'm doing the pull directly - Linus ]
* 'urgent-for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu:
rcu: Forgive slow expedited grace periods at boot time
This reverts I3624fa4eb40a8aa726275027aa2b2d5bd635ceda
The build time vintf check has been updated to expect IKHEADERS=y.
Bug: 139431025
Bug: 143488798
Test: TreeHugger
Change-Id: I60ede1c1fde3b8e011450a94d467f6c393613a7a
Signed-off-by: Ram Muthiah <rammuthiah@google.com>
Pull char/misc driver updates from Greg KH:
"Here is the big char/misc/whatever driver changes for 5.6-rc1
Included in here are loads of things from a variety of different
driver subsystems:
- soundwire updates
- binder updates
- nvmem updates
- firmware drivers updates
- extcon driver updates
- various misc driver updates
- fpga driver updates
- interconnect subsystem and driver updates
- bus driver updates
- uio driver updates
- mei driver updates
- w1 driver cleanups
- various other small driver updates
All of these have been in linux-next for a while with no reported
issues"
* tag 'char-misc-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (86 commits)
mei: me: add jasper point DID
char: hpet: Use flexible-array member
binder: fix log spam for existing debugfs file creation.
mei: me: add comet point (lake) H device ids
nvmem: add QTI SDAM driver
dt-bindings: nvmem: add binding for QTI SPMI SDAM
dt-bindings: imx-ocotp: Add i.MX8MP compatible
dt-bindings: soundwire: fix example
soundwire: cadence: fix kernel-doc parameter descriptions
soundwire: intel: report slave_ids for each link to SOF driver
siox: Use the correct style for SPDX License Identifier
w1: omap-hdq: Simplify driver with PM runtime autosuspend
firmware: stratix10-svc: Remove unneeded semicolon
firmware: google: Probe for a GSMI handler in firmware
firmware: google: Unregister driver_info on failure and exit in gsmi
firmware: google: Release devices before unregistering the bus
slimbus: qcom: add missed clk_disable_unprepare in remove
slimbus: Use the correct style for SPDX License Identifier
slimbus: qcom-ngd-ctrl: Use dma_request_chan() instead dma_request_slave_channel()
dt-bindings: SLIMBus: add slim devices optional properties
...
Pull driver core updates from Greg KH:
"Here is a small set of changes for 5.6-rc1 for the driver core and
some firmware subsystem changes.
Included in here are:
- device.h splitup like you asked for months ago
- devtmpfs minor cleanups
- firmware core minor changes
- debugfs fix for lockdown mode
- kernfs cleanup fix
- cpu topology minor fix
All of these have been in linux-next for a while with no reported
issues"
* tag 'driver-core-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (22 commits)
firmware: Rename FW_OPT_NOFALLBACK to FW_OPT_NOFALLBACK_SYSFS
devtmpfs: factor out common tail of devtmpfs_{create,delete}_node
devtmpfs: initify a bit
devtmpfs: simplify initialization of mount_dev
devtmpfs: factor out setup part of devtmpfsd()
devtmpfs: fix theoretical stale pointer deref in devtmpfsd()
driver core: platform: fix u32 greater or equal to zero comparison
cpu-topology: Don't error on more than CONFIG_NR_CPUS CPUs in device tree
debugfs: Return -EPERM when locked down
driver core: Print device when resources present in really_probe()
driver core: Fix test_async_driver_probe if NUMA is disabled
driver core: platform: Prevent resouce overflow from causing infinite loops
fs/kernfs/dir.c: Clean code by removing always true condition
component: do not dereference opaque pointer in debugfs
drivers/component: remove modular code
debugfs: Fix warnings when building documentation
device.h: move 'struct driver' stuff out to device/driver.h
device.h: move 'struct class' stuff out to device/class.h
device.h: move 'struct bus' stuff out to device/bus.h
device.h: move dev_printk()-like functions to dev_printk.h
...
Pull staging and IIO updates from Greg KH:
"Here is the big staging/iio driver patches for 5.6-rc1
Included in here are:
- lots of new IIO drivers and updates for that subsystem
- the usual huge quantity of minor cleanups for staging drivers
- removal of the following staging drivers:
- isdn/avm
- isdn/gigaset
- isdn/hysdn
- octeon-usb
- octeon ethernet
Overall we deleted far more lines than we added, removing over 40k of
old and obsolete driver code.
All of these changes have been in linux-next for a while with no
reported issues"
* tag 'staging-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (353 commits)
staging: most: usb: check for NULL device
staging: next: configfs: fix release link
staging: most: core: fix logging messages
staging: most: core: remove container struct
staging: most: remove struct device core driver
staging: most: core: drop device reference
staging: most: remove device from interface structure
staging: comedi: drivers: fix spelling mistake "to" -> "too"
staging: exfat: remove fs_func struct.
staging: wilc1000: avoid mutex unlock without lock in wilc_wlan_handle_txq()
staging: wilc1000: return zero on success and non-zero on function failure
staging: axis-fifo: replace spinlock with mutex
staging: wilc1000: remove unused code prior to throughput enhancement in SPI
staging: wilc1000: added 'wilc_' prefix for 'struct assoc_resp' name
staging: wilc1000: move firmware API struct's to separate header file
staging: wilc1000: remove use of infinite loop conditions
staging: kpc2000: rename variables with kpc namespace
staging: vt6656: Remove memory buffer from vnt_download_firmware.
staging: vt6656: Just check NEWRSR_DECRYPTOK for RX_FLAG_DECRYPTED.
staging: vt6656: Use vnt_rx_tail struct for tail variables.
...
Pull tty/serial driver updates from Greg KH:
"Here are the big set of tty and serial driver updates for 5.6-rc1
Included in here are:
- dummy_con cleanups (touches lots of arch code)
- sysrq logic cleanups (touches lots of serial drivers)
- samsung driver fixes (wasn't really being built)
- conmakeshash move to tty subdir out of scripts
- lots of small tty/serial driver updates
All of these have been in linux-next for a while with no reported
issues"
* tag 'tty-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (140 commits)
tty: n_hdlc: Use flexible-array member and struct_size() helper
tty: baudrate: SPARC supports few more baud rates
tty: baudrate: Synchronise baud_table[] and baud_bits[]
tty: serial: meson_uart: Add support for kernel debugger
serial: imx: fix a race condition in receive path
serial: 8250_bcm2835aux: Document struct bcm2835aux_data
serial: 8250_bcm2835aux: Use generic remapping code
serial: 8250_bcm2835aux: Allocate uart_8250_port on stack
serial: 8250_bcm2835aux: Suppress register_port error on -EPROBE_DEFER
serial: 8250_bcm2835aux: Suppress clk_get error on -EPROBE_DEFER
serial: 8250_bcm2835aux: Fix line mismatch on driver unbind
serial_core: Remove unused member in uart_port
vt: Correct comment documenting do_take_over_console()
vt: Delete comment referencing non-existent unbind_con_driver()
arch/xtensa/setup: Drop dummy_con initialization
arch/x86/setup: Drop dummy_con initialization
arch/unicore32/setup: Drop dummy_con initialization
arch/sparc/setup: Drop dummy_con initialization
arch/sh/setup: Drop dummy_con initialization
arch/s390/setup: Drop dummy_con initialization
...
Pull USB/Thunderbolt/PHY driver updates from Greg KH:
"Here is the big USB and Thunderbolt and PHY driver updates for
5.6-rc1.
With the advent of USB4, "Thunderbolt" has really become USB4, so the
renaming of the Kconfig option and starting to share subsystem code
has begun, hence both subsystems coming in through the same tree here.
PHY driver updates also touched USB drivers, so that is coming in
through here as well.
Major stuff included in here are:
- USB 4 initial support added (i.e. Thunderbolt)
- musb driver updates
- USB gadget driver updates
- PHY driver updates
- USB PHY driver updates
- lots of USB serial stuff fixed up
- USB typec updates
- USB-IP fixes
- lots of other smaller USB driver updates
All of these have been in linux-next for a while now (the usb-serial
tree is already tested in linux-next on its own before merged into
here), with no reported issues"
[ Removed an incorrect compile test enablement for PHY_EXYNOS5250_SATA
that causes configuration warnings - Linus ]
* tag 'usb-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (207 commits)
Doc: ABI: add usb charger uevent
usb: phy: show USB charger type for user
usb: cdns3: fix spelling mistake and rework grammar in text
usb: phy: phy-gpio-vbus-usb: Convert to GPIO descriptors
USB: serial: cyberjack: fix spelling mistake "To" -> "Too"
USB: serial: ir-usb: simplify endpoint check
USB: serial: ir-usb: make set_termios synchronous
USB: serial: ir-usb: fix IrLAP framing
USB: serial: ir-usb: fix link-speed handling
USB: serial: ir-usb: add missing endpoint sanity check
usb: typec: fusb302: fix "op-sink-microwatt" default that was in mW
usb: typec: wcove: fix "op-sink-microwatt" default that was in mW
usb: dwc3: pci: add ID for the Intel Comet Lake -V variant
usb: typec: tcpci: mask event interrupts when remove driver
usb: host: xhci-tegra: set MODULE_FIRMWARE for tegra186
usb: chipidea: add inline for ci_hdrc_host_driver_init if host is not defined
usb: chipidea: handle single role for usb role class
usb: musb: fix spelling mistake: "periperal" -> "peripheral"
phy: ti: j721e-wiz: Fix build error without CONFIG_OF_ADDRESS
USB: usbfs: Always unlink URBs in reverse order
...
Pull pin control updates from Linus Walleij:
"This is the bulk of pin control changes, nothing too exciting about
this.
Some changes hit arch/sh and arch/arm but are well isolated and
acknowledged by the respective arch maintainers.
Core changes:
- Dropped the chained IRQ setup callback into GPIOLIB as we got rid
of the last users of that in this changeset.
New drivers:
- New driver for Ingenic X1830.
- New driver for Freescale i.MX8MP.
Driver enhancements:
- Fix all remaining Intel drivers to pass their IRQ chips along with
the GPIO chips.
- Intel Baytrail allocates its irqchip dynamically.
- Intel Lynxpoint is thoroughly rewritten and modernized.
- Aspeed AST2600 pin muxing and configuration is much improved.
- Qualcomm SC7180 functions are updated and wakeup interrupt map is
provided.
- A whole slew of Renesas SH-PFC cleanups and improvements.
- Fix up the Intel DT bindings to use the generic YAML DT bindings
schema (a first user of this)"
* tag 'pinctrl-v5.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: (99 commits)
pinctrl: madera: Remove extra blank line
pinctrl: qcom: Don't lock around irq_set_irq_wake()
pinctrl: mvebu: armada-37xx: use use platform api
gpio: Drop the chained IRQ handler assign function
pinctrl: freescale: Add i.MX8MP pinctrl driver support
dt-bindings: imx: Add pinctrl binding doc for i.MX8MP
pinctrl: tigerlake: Tiger Lake uses _HID enumeration
pinctrl: sunrisepoint: Add Coffee Lake-S ACPI ID
pinctrl: iproc: Use platform_get_irq_optional() to avoid error message
pinctrl: dt-bindings: Fix some errors in the lgm and pinmux schema
pinctrl: intel: Pass irqchip when adding gpiochip
pinctrl: intel: Add GPIO <-> pin mapping ranges via callback
pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
pinctrl: sunrisepoint: Add missing Interrupt Status register offset
pinctrl: sh-pfc: Split R-Car H3 support in two independent drivers
pinctrl: artpec6: fix __iomem on reg in set
pinctrl: ingenic: Use devm_platform_ioremap_resource()
pinctrl: ingenic: Factorize irq_set_type function
pinctrl: ingenic: Remove duplicated ingenic_chip_info structures
...
Pull GPIO updates from Linus Walleij:
"This is the bulk of GPIO changes for the v5.6 kernel cycle.
This is a pretty calm cycle so far, nothing special going on really.
Some more changes will come in from the irqchip and pin control trees.
I also deleted an orphan include file for FMC that was dangling since
subsystem was removed.
Core changes:
- Document the usecases for the kernelspace vs userspace handling of
GPIOs.
- Handle MSI (message signalled interrupts) properly in the core
hierarchical irqdomain code.
- Fix a rare race condition while initializing the descriptor array.
New drivers:
- Xylon LogiCVC GPIO driver.
- WDC934x GPIO controller driver.
Driver improvements:
- Implemented suspend/resume in the Tegra driver.
- MPC8xx edge detection fixup.
- Properly convert ThunderX to use hierarchical irqdomain with
GPIOLIB_IRQCHIP on top of the revert of the previous buggy
switchover. This time it works (hopefully).
Misc:
- Drop a FMC remnant file <linux/ipmi-fru.h>
- A slew of fixes"
* tag 'gpio-v5.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio: (48 commits)
MAINTAINERS: Replace Tien Hock Loh as Altera PIO maintainer
gpiolib: hold gpio devices lock until ->descs array is initialised
gpio: aspeed-sgpio: fixed typos
gpio: mvebu: clear irq in edge cause register before unmask edge irq
gpiolib: Lower verbosity when allocating hierarchy irq
gpiolib: Remove duplicated function gpio_do_set_config()
gpio: Fix the no return statement warning
gpio: wcd934x: Add support to wcd934x gpio controller
gpiolib: remove set but not used variable 'config'
gpio: vx855: fixed a typo
gpio: mockup: sort headers alphabetically
gpio: mockup: update the license tag
gpio: Remove the unused flags
gpiolib: Set lockdep class for hierarchical irq domains
gpio: thunderx: Switch to GPIOLIB_IRQCHIP
gpiolib: Add the support for the msi parent domain
gpiolib: Add support for the irqdomain which doesn't use irq_fwspec as arg
gpio: Add use guidance documentation
dt-bindings: gpio: wcd934x: Add bindings for gpio
gpio: altera: change to platform_get_irq_optional to avoid false-positive error
...
If the length of the socket buffer is 0xFFFFFFFF (max size for an
unsigned int), then payload_len becomes 0xFFFFFFF1 after subtracting 14
(ETH_HLEN). Then, mdp_len is set to payload_len + 16 (MDP_HDR_LEN)
which overflows and results in a value of 2. These values for
payload_len and mdp_len will pass current buffer size checks.
This patch checks if derived from skb->len sum may overflow.
The check is based on the following idea:
For any `unsigned V1, V2` and derived `unsigned SUM = V1 + V2`,
`V1 + V2` overflows iif `SUM < V1`.
Bug: 143560807
Reported-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Andrey Shvetsov <andrey.shvetsov@k2l.de>
Cc: stable <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20200116172238.6046-1-andrey.shvetsov@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 4d1356ac12)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I71197b2963735ba181314332737fc0c1ca2cab96
