and associated inet_is_local_unbindable_port() helper function:
use it to make explicitly binding to an unbindable port return
-EPERM 'Operation not permitted'.
Autobind doesn't honour this new sysctl since:
(a) you can simply set both if that's the behaviour you desire
(b) there could be a use for preventing explicit while allowing auto
(c) it's faster in the relatively critical path of doing port selection
during connect() to only check one bitmap instead of both
Various ports may have special use cases which are not suitable for
use by general userspace applications. Currently, ports specified in
ip_local_reserved_ports sysctl will not be returned only in case of
automatic port assignment, but nothing prevents you from explicitly
binding to them - even from an entirely unprivileged process.
In certain cases it is desirable to prevent the host from assigning the
ports even in case of explicit binds, even from superuser processes.
Example use cases might be:
- a port being stolen by the nic for remote serial console, remote
power management or some other sort of debugging functionality
(crash collection, gdb, direct access to some other microcontroller
on the nic or motherboard, remote management of the nic itself).
- a transparent proxy where packets are being redirected: in case
a socket matches this connection, packets from this application
would be incorrectly sent to one of the endpoints.
Initially I wanted to solve this problem via the simple one line:
static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port) {
- return port < net->ipv4.sysctl_ip_prot_sock;
+ return port < net->ipv4.sysctl_ip_prot_sock || inet_is_local_reserved_port(net, port);
}
However, this doesn't work for two reasons:
(a) it changes userspace visible behaviour of the existing local
reserved ports sysctl, and there appears to be enough documentation
on the internet talking about setting it to make this a bad idea
(b) it doesn't prevent privileged apps from using these ports,
CAP_BIND_SERVICE is relatively likely to be available to, for example,
a recursive DNS server so it can listed on port 53, which also needs
to do src port randomization for outgoing queries due to security
reasons (and it thus does manual port binding).
If we *know* that certain ports are simply unusable, then it's better
nothing even gets the opportunity to try to use them. This way we at
least get a quick failure, instead of some sort of timeout (or possibly
even corruption of the data stream of the non-kernel based use case).
Test:
vm:~# cat /proc/sys/net/ipv4/ip_local_unbindable_ports
vm:~# python -c 'import socket; s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0); s.bind(("::", 3967))'
vm:~# python -c 'import socket; s = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM, 0); s.bind(("::", 3967))'
vm:~# echo 3967 > /proc/sys/net/ipv4/ip_local_unbindable_ports
vm:~# cat /proc/sys/net/ipv4/ip_local_unbindable_ports
3967
vm:~# python -c 'import socket; s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0); s.bind(("::", 3967))'
socket.error: (1, 'Operation not permitted')
vm:~# python -c 'import socket; s = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM, 0); s.bind(("::", 3967))'
socket.error: (1, 'Operation not permitted')
Cc: Sean Tranchetti <stranche@codeaurora.org>
Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Linux SCTP <linux-sctp@vger.kernel.org>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Bug: 140404597
Change-Id: Ie96207bea90ae1345adf7b45724d0caf4d6e52c2
Signed-off-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
PD Spec Revision 3.0 Version 2.0 + ECNs 2020-12-10
6.4.4.2.3 Structured VDM Version
"The Structured VDM Version field of the Discover Identity Command
sent and received during VDM discovery Shall be used to determine the
lowest common Structured VDM Version supported by the Port Partners or
Cable Plug and Shall continue to operate using this Specification
Revision until they are Detached."
Also clear the fields newly defined in SVDM version 2.0 if the
negotiated SVDM version is 1.0.
Acked-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Signed-off-by: Kyle Tso <kyletso@google.com>
Link: https://lore.kernel.org/r/20210205033415.3320439-4-kyletso@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 5e1d4c49fbhttps://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-next)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0cecaf9d32384f76984544c9bc9b99e703ae2fbb
PD Spec Revision 3.0 Version 2.0 + ECNs 2020-12-10
6.4.4.2.3 Structured VDM Version
"The Structured VDM Version field of the Discover Identity Command
sent and received during VDM discovery Shall be used to determine the
lowest common Structured VDM Version supported by the Port Partners or
Cable Plug and Shall continue to operate using this Specification
Revision until they are Detached."
Add a variable in typec_capability to specify the highest SVDM version
supported by the port and another variable in typec_partner to cache the
negotiated SVDM version between the port and the partner.
Also add setter/getter functions for the negotiated SVDM version.
Acked-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Signed-off-by: Kyle Tso <kyletso@google.com>
Link: https://lore.kernel.org/r/20210205033415.3320439-2-kyletso@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 3c5960c055https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-next)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iaf1dc903f51ea7865a159d0686946ffd40b2749a
This reverts commit 67e762efc7.
Unwinder incompatibilities have been reported as fixed.
Bug: 172699078
Bug: 173653853
Bug: 174803347
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Change-Id: I68bc21ebb84545ac06100ac76f14ca7e8b7c5f4d
Changes in 5.10.14
net: dsa: microchip: Adjust reset release timing to match reference reset circuit
net: stmmac: dwmac-intel-plat: remove config data on error
net: fec: put child node on error path
net: octeontx2: Make sure the buffer is 128 byte aligned
stmmac: intel: Configure EHL PSE0 GbE and PSE1 GbE to 32 bits DMA addressing
mlxsw: spectrum_span: Do not overwrite policer configuration
net: dsa: bcm_sf2: put device node before return
net: switchdev: don't set port_obj_info->handled true when -EOPNOTSUPP
ibmvnic: Ensure that CRQ entry read are correctly ordered
iommu/io-pgtable-arm: Support coherency for Mali LPAE
drm/panfrost: Support cache-coherent integrations
arm64: dts: meson: Describe G12b GPU as coherent
arm64: Fix kernel address detection of __is_lm_address()
arm64: Do not pass tagged addresses to __is_lm_address()
Revert "x86/setup: don't remove E820_TYPE_RAM for pfn 0"
ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD
iommu/vt-d: Do not use flush-queue when caching-mode is on
phy: cpcap-usb: Fix warning for missing regulator_disable
tools/power/x86/intel-speed-select: Set scaling_max_freq to base_frequency
tools/power/x86/intel-speed-select: Set higher of cpuinfo_max_freq or base_frequency
platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet
platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352
habanalabs: fix dma_addr passed to dma_mmap_coherent
locking/lockdep: Avoid noinstr warning for DEBUG_LOCKDEP
x86: __always_inline __{rd,wr}msr()
scsi: scsi_transport_srp: Don't block target in failfast state
scsi: libfc: Avoid invoking response handler twice if ep is already completed
scsi: fnic: Fix memleak in vnic_dev_init_devcmd2
ASoC: SOF: Intel: hda: Resume codec to do jack detection
ALSA: hda: Add AlderLake-P PCI ID and HDMI codec vid
objtool: Don't add empty symbols to the rbtree
mac80211: fix incorrect strlen of .write in debugfs
mac80211: fix fast-rx encryption check
mac80211: fix encryption key selection for 802.3 xmit
scsi: ibmvfc: Set default timeout to avoid crash during migration
ALSA: hda: Add Cometlake-R PCI ID
i2c: tegra: Create i2c_writesl_vi() to use with VI I2C for filling TX FIFO
udf: fix the problem that the disc content is not displayed
nvme: check the PRINFO bit before deciding the host buffer length
nvme-rdma: avoid request double completion for concurrent nvme_rdma_timeout
nvme-tcp: avoid request double completion for concurrent nvme_tcp_timeout
nvme-pci: allow use of cmb on v1.4 controllers
nvmet: set right status on error in id-ns handler
platform/x86: thinkpad_acpi: Add P53/73 firmware to fan_quirk_table for dual fan control
selftests/powerpc: Only test lwm/stmw on big endian
drm/amd/display: Update dram_clock_change_latency for DCN2.1
drm/amd/display: Allow PSTATE chnage when no displays are enabled
drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping
drm/amd/display: Use hardware sequencer functions for PG control
drm/amd/display: Fixed corruptions on HPDRX link loss restore
habanalabs: zero pci counters packet before submit to FW
habanalabs: fix backward compatibility of idle check
habanalabs: disable FW events on device removal
objtool: Don't fail the kernel build on fatal errors
x86/cpu: Add another Alder Lake CPU to the Intel family
kthread: Extract KTHREAD_IS_PER_CPU
workqueue: Restrict affinity change to rescuer
Linux 5.10.14
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I14bb472e4128e97ea84e91547b9223d1157b93c8
When removing memory subsections, we need to ensure that subsections are
not in use or online before we try to remove them. Previously, we used
test_pages_isolated() which works only if pages were onlined and added to
a zone before. However, we should allow subsection addition and removal
without them being added to buddy i.e. onlined. test_pages_isolated() would
not help in such cases. Instead, check for valid offlined sections before
the subsections within can be allowed to be removed.
Bug: 170460867
Fixes: 417ac617ea ("ANDROID: mm/memory_hotplug: implement {add/remove}_memory_subsection")
Change-Id: I09b46582cd21e9e5370ebd5434209530edb89e58
Signed-off-by: Sudarshan Rajagopalan <sudaraja@codeaurora.org>
Enable NL80211_TESTMODE for x86 and arm64 architectures.
Also, update the ABI snapshot:
Leaf changes summary: 4 artifacts changed
Changed leaf types summary: 2 leaf types changed
Removed/Changed/Added functions summary: 0 Removed, 2 Changed, 0 Added
function
Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 0 Added
variable
2 functions with some sub-type change:
[C] 'function ieee80211_hw* ieee80211_alloc_hw_nm(size_t, const
ieee80211_ops*, const char*)' at main.c:527:1 has some sub-type changes:
CRC (modversions) changed from 0x3556def to 0xea1cbc8
[C] 'function wiphy* wiphy_new_nm(const cfg80211_ops*, int, const
char*)' at core.c:400:1 has some sub-type changes:
CRC (modversions) changed from 0x396b5fc7 to 0x478b4ccd
'struct cfg80211_ops at cfg80211.h:3925:1' changed:
type size changed from 7168 to 7296 (in bits)
2 data member insertions:
'int (wiphy*, wireless_dev*, void*, int)*
cfg80211_ops::testmode_cmd', at offset 3456 (in bits) at
cfg80211.h:4067:1
'int (wiphy*, sk_buff*, netlink_callback*, void*, int)*
cfg80211_ops::testmode_dump', at offset 3520 (in bits) at
cfg80211.h:4069:1
there are data member changes:
58 ('int (wiphy*, net_device*, const u8*, const
cfg80211_bitrate_mask*)* cfg80211_ops::set_bitrate_mask' .. 'int
(wiphy*, net_device*, const u8*, typedef u8)*
cfg80211_ops::reset_tid_config') offsets changed (by +128 bits)
one impacted interface
'struct ieee80211_ops at mac80211.h:3881:1' changed:
type size changed from 6592 to 6720 (in bits)
2 data member insertions:
'int (ieee80211_hw*, ieee80211_vif*, void*, int)*
ieee80211_ops::testmode_cmd', at offset 3200 (in bits) at
mac80211.h:4038:1
'int (ieee80211_hw*, sk_buff*, netlink_callback*, void*, int)*
ieee80211_ops::testmode_dump', at offset 3264 (in bits) at
mac80211.h:4040:1
there are data member changes:
53 ('void (ieee80211_hw*, ieee80211_vif*, typedef u32, typedef
bool)* ieee80211_ops::flush' .. 'void (ieee80211_hw*, ieee80211_vif*,
ieee80211_sta*, typedef bool)* ieee80211_ops::sta_set_4addr') offsets
changed (by +128 bits)
one impacted interface
Bug: 179291676
Change-Id: Ib1b233b0a180100f1fc30caaa0b7c72cca6fb085
Signed-off-by: Raghavendra Rao Ananta <rananta@codeaurora.org>
The generic USB properties have been described in the legacy bindings
text file: Documentation/devicetree/bindings/usb/generic.txt . Let's
convert its content into the generic USB, USB HCD and USB DRD DT
schemas. So the Generic USB schema will be applicable to all USB
controllers, USB HCD - for the generic USB Host controllers and the USB
DRD - for the USB Dual-role controllers.
Note the USB DRD schema is supposed to work in conjunction with
the USB peripheral/gadget and USB host controllers DT schemas.
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Link: https://lore.kernel.org/r/20201210090944.16283-3-Sergey.Semin@baikalelectronics.ru
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit b0864e1a4dhttps://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-next)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ibdf6a5a671ac00cb5156e133419ff12fe5a922b6
There can be three distinctive types of the USB controllers: USB hosts,
USB peripherals/gadgets and USB OTG, which can switch from one role to
another. In order to have that hierarchy handled in the DT binding files,
we need to collect common properties in a common DT schema and specific
properties in dedicated schemas. Seeing the usb-hcd.yaml DT schema is
dedicated for the USB host controllers only, let's move some common
properties from there into the usb.yaml schema. So the later would be
available to evaluate all currently supported types of the USB
controllers.
While at it add an explicit "additionalProperties: true" into the
usb-hcd.yaml as setting the additionalProperties/unevaluateProperties
properties is going to be get mandatory soon.
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Serge Semin <Sergey.Semin@baikalelectronics.ru>
Link: https://lore.kernel.org/r/20201210090944.16283-2-Sergey.Semin@baikalelectronics.ru
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit aa62401644https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-next)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iea4f305b32e7e7d991f2a8b2280934c9d7b96b82
[ Upstream commit 640f17c824 ]
create_worker() will already set the right affinity using
kthread_bind_mask(), this means only the rescuer will need to change
it's affinity.
Howveer, while in cpu-hot-unplug a regular task is not allowed to run
on online&&!active as it would be pushed away quite agressively. We
need KTHREAD_IS_PER_CPU to survive in that environment.
Therefore set the affinity after getting that magic flag.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Valentin Schneider <valentin.schneider@arm.com>
Tested-by: Valentin Schneider <valentin.schneider@arm.com>
Link: https://lkml.kernel.org/r/20210121103506.826629830@infradead.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit ac687e6e8c ]
There is a need to distinguish geniune per-cpu kthreads from kthreads
that happen to have a single CPU affinity.
Geniune per-cpu kthreads are kthreads that are CPU affine for
correctness, these will obviously have PF_KTHREAD set, but must also
have PF_NO_SETAFFINITY set, lest userspace modify their affinity and
ruins things.
However, these two things are not sufficient, PF_NO_SETAFFINITY is
also set on other tasks that have their affinities controlled through
other means, like for instance workqueues.
Therefore another bit is needed; it turns out kthread_create_per_cpu()
already has such a bit: KTHREAD_IS_PER_CPU, which is used to make
kthread_park()/kthread_unpark() work correctly.
Expose this flag and remove the implicit setting of it from
kthread_create_on_cpu(); the io_uring usage of it seems dubious at
best.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Valentin Schneider <valentin.schneider@arm.com>
Tested-by: Valentin Schneider <valentin.schneider@arm.com>
Link: https://lkml.kernel.org/r/20210121103506.557620262@infradead.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 655cf86548 ]
This is basically a revert of commit 644592d328 ("objtool: Fail the
kernel build on fatal errors").
That change turned out to be more trouble than it's worth. Failing the
build is an extreme measure which sometimes gets too much attention and
blocks CI build testing.
These fatal-type warnings aren't yet as rare as we'd hope, due to the
ever-increasing matrix of supported toolchains/plugins and their
fast-changing nature as of late.
Also, there are more people (and bots) looking for objtool warnings than
ever before, so even non-fatal warnings aren't likely to be ignored for
long.
Suggested-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 2dc4a6d791 ]
When device is removed, we need to make sure the F/W won't send us
any more events because during the remove process we disable the
interrupts.
Signed-off-by: Oded Gabbay <ogabbay@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
