mirror of
https://github.com/hardkernel/linux.git
synced 2026-04-02 19:23:01 +09:00
dd09367e7a70facaeaa8a6ebaa0b4e288c61a135
3064 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Paul Moore
|
cbc5bcf810 |
selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-0255)
PD#SWPL-29581
commit
|
||
|
Greg Kroah-Hartman
|
42a730adb6 |
Merge 4.9.107 into android-4.9
Changes in 4.9.107
arm64: lse: Add early clobbers to some input/output asm operands
powerpc/64s: Clear PCR on boot
USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
Revert "pinctrl: msm: Use dynamic GPIO numbering"
xfs: detect agfl count corruption and reset agfl
Revert "ima: limit file hash setting by user to fix and log modes"
Input: elan_i2c_smbus - fix corrupted stack
tracing: Fix crash when freeing instances with event triggers
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
cfg80211: further limit wiphy names to 64 bytes
dma-buf: remove redundant initialization of sg_table
rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
ASoC: Intel: sst: remove redundant variable dma_dev_name
platform/chrome: cros_ec_lpc: remove redundant pointer request
x86/amd: revert commit
|
||
|
Sachin Grover
|
c738c80649 |
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
commit
|
||
|
Mimi Zohar
|
28fffa9066 |
Revert "ima: limit file hash setting by user to fix and log modes"
commit |
||
|
Greg Kroah-Hartman
|
9797dcb8c7 |
Merge 4.9.104 into android-4.9
Changes in 4.9.104
MIPS: c-r4k: Fix data corruption related to cache coherence
MIPS: ptrace: Expose FIR register through FP regset
MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
affs_lookup(): close a race with affs_remove_link()
aio: fix io_destroy(2) vs. lookup_ioctx() race
ALSA: timer: Fix pause event notification
do d_instantiate/unlock_new_inode combinations safely
mmc: sdhci-iproc: remove hard coded mmc cap 1.8v
mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
libata: Blacklist some Sandisk SSDs for NCQ
libata: blacklist Micron 500IT SSD with MU01 firmware
xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros
IB/hfi1: Use after free race condition in send context error path
Revert "ipc/shm: Fix shmat mmap nil-page protection"
ipc/shm: fix shmat() nil address after round-down when remapping
kasan: fix memory hotplug during boot
kernel/sys.c: fix potential Spectre v1 issue
kernel/signal.c: avoid undefined behaviour in kill_something_info
KVM/VMX: Expose SSBD properly to guests
KVM: s390: vsie: fix < 8k check for the itdba
KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
kvm: x86: IA32_ARCH_CAPABILITIES is always supported
firewire-ohci: work around oversized DMA reads on JMicron controllers
x86/tsc: Allow TSC calibration without PIT
NFSv4: always set NFS_LOCK_LOST when a lock is lost.
ALSA: hda - Use IS_REACHABLE() for dependency on input
kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account
PCI: Add function 1 DMA alias quirk for Marvell 9128
Input: psmouse - fix Synaptics detection when protocol is disabled
i40iw: Zero-out consumer key on allocate stag for FMR
tools lib traceevent: Simplify pointer print logic and fix %pF
perf callchain: Fix attr.sample_max_stack setting
tools lib traceevent: Fix get_field_str() for dynamic strings
perf record: Fix failed memory allocation for get_cpuid_str
iommu/vt-d: Use domain instead of cache fetching
dm thin: fix documentation relative to low water mark threshold
net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
nfs: Do not convert nfs_idmap_cache_timeout to jiffies
watchdog: sp5100_tco: Fix watchdog disable bit
kconfig: Don't leak main menus during parsing
kconfig: Fix automatic menu creation mem leak
kconfig: Fix expr_free() E_NOT leak
mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
ipmi/powernv: Fix error return code in ipmi_powernv_probe()
Btrfs: set plug for fsync
btrfs: Fix out of bounds access in btrfs_search_slot
Btrfs: fix scrub to repair raid6 corruption
btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
fm10k: fix "failed to kill vid" message for VF
device property: Define type of PROPERTY_ENRTY_*() macros
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
powerpc/numa: Ensure nodes initialized for hotplug
RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
ntb_transport: Fix bug with max_mw_size parameter
gianfar: prevent integer wrapping in the rx handler
tcp_nv: fix potential integer overflow in tcpnv_acked
kvm: Map PFN-type memory regions as writable (if possible)
ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
ocfs2: return error when we attempt to access a dirty bh in jbd2
mm/mempolicy: fix the check of nodemask from user
mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
asm-generic: provide generic_pmdp_establish()
sparc64: update pmdp_invalidate() to return old pmd value
mm: thp: use down_read_trylock() in khugepaged to avoid long block
mm: pin address_space before dereferencing it while isolating an LRU page
mm/fadvise: discard partial page if endbyte is also EOF
openvswitch: Remove padding from packet before L3+ conntrack processing
IB/ipoib: Fix for potential no-carrier state
drm/nouveau/pmu/fuc: don't use movw directly anymore
netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
x86/power: Fix swsusp_arch_resume prototype
firmware: dmi_scan: Fix handling of empty DMI strings
ACPI: processor_perflib: Do not send _PPC change notification if not ready
ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
MIPS: generic: Fix machine compatible matching
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
xen-netfront: Fix race between device setup and open
xen/grant-table: Use put_page instead of free_page
RDS: IB: Fix null pointer issue
arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
proc: fix /proc/*/map_files lookup
cifs: silence compiler warnings showing up with gcc-8.0.0
bcache: properly set task state in bch_writeback_thread()
bcache: fix for allocator and register thread race
bcache: fix for data collapse after re-attaching an attached device
bcache: return attach error when no cache set exist
tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
bpf: fix rlimit in reuseport net selftest
vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page
locking/qspinlock: Ensure node->count is updated before initialising node
irqchip/gic-v3: Ignore disabled ITS nodes
cpumask: Make for_each_cpu_wrap() available on UP as well
irqchip/gic-v3: Change pr_debug message to pr_devel
ARC: Fix malformed ARC_EMUL_UNALIGNED default
ptr_ring: prevent integer overflow when calculating size
libata: Fix compile warning with ATA_DEBUG enabled
selftests: pstore: Adding config fragment CONFIG_PSTORE_RAM=m
selftests: memfd: add config fragment for fuse
ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
ARM: OMAP3: Fix prm wake interrupt for resume
ARM: OMAP1: clock: Fix debugfs_create_*() usage
ibmvnic: Free RX socket buffer in case of adapter error
iwlwifi: mvm: fix security bug in PN checking
iwlwifi: mvm: always init rs with 20mhz bandwidth rates
NFC: llcp: Limit size of SDP URI
rxrpc: Work around usercopy check
mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
mac80211: fix a possible leak of station stats
mac80211: fix calling sleeping function in atomic context
mac80211: Do not disconnect on invalid operating class
md raid10: fix NULL deference in handle_write_completed()
drm/exynos: g2d: use monotonic timestamps
drm/exynos: fix comparison to bitshift when dealing with a mask
locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
md: raid5: avoid string overflow warning
kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
s390/cio: fix ccw_device_start_timeout API
s390/cio: fix return code after missing interrupt
s390/cio: clear timer when terminating driver I/O
PKCS#7: fix direct verification of SignerInfo signature
ARM: OMAP: Fix dmtimer init for omap1
smsc75xx: fix smsc75xx_set_features()
regulatory: add NUL to request alpha2
integrity/security: fix digsig.c build error with header file
locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations
mac80211: drop frames with unexpected DS bits from fast-rx to slow path
arm64: fix unwind_frame() for filtered out fn for function graph tracing
macvlan: fix use-after-free in macvlan_common_newlink()
kvm: fix warning for CONFIG_HAVE_KVM_EVENTFD builds
fs: dcache: Avoid livelock between d_alloc_parallel and __d_add
fs: dcache: Use READ_ONCE when accessing i_dir_seq
md: fix a potential deadlock of raid5/raid10 reshape
md/raid1: fix NULL pointer dereference
batman-adv: fix packet checksum in receive path
batman-adv: invalidate checksum on fragment reassembly
netfilter: ebtables: convert BUG_ONs to WARN_ONs
batman-adv: Ignore invalid batadv_iv_gw during netlink send
batman-adv: Ignore invalid batadv_v_gw during netlink send
batman-adv: Fix netlink dumping of BLA claims
batman-adv: Fix netlink dumping of BLA backbones
nvme-pci: Fix nvme queue cleanup if IRQ setup fails
clocksource/drivers/fsl_ftm_timer: Fix error return checking
ceph: fix dentry leak when failing to init debugfs
ARM: orion5x: Revert commit
|
||
|
Petr Vorel
|
99d8240f0d |
ima: Fallback to the builtin hash algorithm
[ Upstream commit
|
||
|
Randy Dunlap
|
8a5a436aca |
integrity/security: fix digsig.c build error with header file
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
8683408f8e |
Merge 4.9.94 into android-4.9
Changes in 4.9.94 qed: Fix overriding of supported autoneg value. cfg80211: make RATE_INFO_BW_20 the default md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock rtc: snvs: fix an incorrect check of return value x86/asm: Don't use RBP as a temporary register in csum_partial_copy_generic() x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility ovl: persistent inode numbers for upper hardlinks NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION x86/boot: Declare error() as noreturn IB/srpt: Fix abort handling IB/srpt: Avoid that aborting a command triggers a kernel warning af_key: Fix slab-out-of-bounds in pfkey_compile_policy. mac80211: bail out from prep_connection() if a reconfig is ongoing bna: Avoid reading past end of buffer qlge: Avoid reading past end of buffer ubi: fastmap: Fix slab corruption ipmi_ssif: unlock on allocation failure net: cdc_ncm: Fix TX zero padding net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control lockd: fix lockd shutdown race drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests pidns: disable pid allocation if pid_ns_prepare_proc() is failed in alloc_pid() s390: move _text symbol to address higher than zero net/mlx4_en: Avoid adding steering rules with invalid ring qed: Correct doorbell configuration for !4Kb pages NFSv4.1: Work around a Linux server bug... CIFS: silence lockdep splat in cifs_relock_file() perf/callchain: Force USER_DS when invoking perf_callchain_user() blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split op net: qca_spi: Fix alignment issues in rx path netxen_nic: set rcode to the return status from the call to netxen_issue_cmd mdio: mux: Correct mdio_mux_init error path issues Input: elan_i2c - check if device is there before really probing Input: elantech - force relative mode on a certain module KVM: PPC: Book3S PR: Check copy_to/from_user return values irqchip/mbigen: Fix the clear register offset calculation vmxnet3: ensure that adapter is in proper state during force_close mm, vmstat: Remove spurious WARN() during zoneinfo print SMB2: Fix share type handling bus: brcmstb_gisb: Use register offsets with writes too bus: brcmstb_gisb: correct support for 64-bit address output PowerCap: Fix an error code in powercap_register_zone() iio: pressure: zpa2326: report interrupted case as failure ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before calling hfa384x_drvr_setconfig16, also fixes relative sparse warning clk: renesas: rcar-gen2: Fix PLL0 on R-Car V2H and E2 x86/tsc: Provide 'tsc=unstable' boot parameter powerpc/modules: If mprofile-kernel is enabled add it to vermagic ARM: dts: imx6qdl-wandboard: Fix audio channel swap i2c: mux: reg: put away the parent i2c adapter on probe failure arm64: perf: Ignore exclude_hv when kernel is running in HYP mdio: mux: fix device_node_continue.cocci warnings ipv6: avoid dad-failures for addresses with NODAD async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome() KVM: arm: Restore banked registers and physical timer access on hyp_panic() KVM: arm64: Restore host physical timer access on hyp_panic() usb: dwc3: keystone: check return value btrfs: fix incorrect error return ret being passed to mapping_set_error ata: libahci: properly propagate return value of platform_get_irq() ipmr: vrf: Find VIFs using the actual device uio: fix incorrect memory leak cleanup neighbour: update neigh timestamps iff update is effective arp: honour gratuitous ARP _replies_ ARM: dts: rockchip: fix rk322x i2s1 pinctrl error usb: chipidea: properly handle host or gadget initialization failure pxa_camera: fix module remove codepath for v4l2 clock USB: ene_usb6250: fix first command execution net: x25: fix one potential use-after-free issue USB: ene_usb6250: fix SCSI residue overwriting serial: 8250: omap: Disable DMA for console UART serial: sh-sci: Fix race condition causing garbage during shutdown net/wan/fsl_ucc_hdlc: fix unitialized variable warnings net/wan/fsl_ucc_hdlc: fix incorrect memory allocation fsl/qe: add bit description for SYNL register for GUMR sh_eth: Use platform device for printing before register_netdev() mlxsw: spectrum: Avoid possible NULL pointer dereference scsi: csiostor: fix use after free in csio_hw_use_fwconfig() powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash ath5k: fix memory leak on buf on failed eeprom read selftests/powerpc: Fix TM resched DSCR test with some compilers xfrm: fix state migration copy replay sequence numbers ASoC: simple-card: fix mic jack initialization iio: hi8435: avoid garbage event at first enable iio: hi8435: cleanup reset gpio iio: light: rpr0521 poweroff for probe fails ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors md-cluster: fix potential lock issue in add_new_disk ARM: davinci: da8xx: Create DSP device only when assigned memory ray_cs: Avoid reading past end of buffer net/wan/fsl_ucc_hdlc: fix muram allocation error leds: pca955x: Correct I2C Functionality perf/core: Fix error handling in perf_event_alloc() sched/numa: Use down_read_trylock() for the mmap_sem gpio: crystalcove: Do not write regular gpio registers for virtual GPIOs net/mlx5: Tolerate irq_set_affinity_hint() failures selinux: do not check open permission on sockets block: fix an error code in add_partition() mlx5: fix bug reading rss_hash_type from CQE net: ieee802154: fix net_device reference release too early libceph: NULL deref on crush_decode() error path perf report: Fix off-by-one for non-activation frames netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize pNFS/flexfiles: missing error code in ff_layout_alloc_lseg() ASoC: rsnd: SSI PIO adjust to 24bit mode scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats() fix race in drivers/char/random.c:get_reg() ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() ARM64: PCI: Fix struct acpi_pci_root_ops allocation failure path tcp: better validation of received ack sequences net: move somaxconn init from sysctl code Input: elan_i2c - clear INT before resetting controller bonding: Don't update slave->link until ready to commit cpuhotplug: Link lock stacks for hotplug callbacks PCI/msi: fix the pci_alloc_irq_vectors_affinity stub KVM: X86: Fix preempt the preemption timer cancel KVM: nVMX: Fix handling of lmsw instruction net: llc: add lock_sock in llc_ui_bind to avoid a race condition drm/msm: Take the mutex before calling msm_gem_new_impl i40iw: Fix sequence number for the first partial FPDU i40iw: Correct Q1/XF object count equation ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node thermal: power_allocator: fix one race condition issue for thermal_instances list perf probe: Add warning message if there is unexpected event name l2tp: fix missing print session offset info rds; Reset rs->rs_bound_addr in rds_add_bound() failure path ACPI / video: Default lcd_only to true on Win8-ready and newer machines net/mlx4_en: Change default QoS settings VFS: close race between getcwd() and d_move() PM / devfreq: Fix potential NULL pointer dereference in governor_store hwmon: (ina2xx) Make calibration register value fixed media: videobuf2-core: don't go out of the buffer range ASoC: Intel: Skylake: Disable clock gating during firmware and library download ASoC: Intel: cht_bsw_rt5645: Analog Mic support scsi: libiscsi: Allow sd_shutdown on bad transport scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag. irqchip/gic-v3: Fix the driver probe() fail due to disabled GICC entry ACPI: EC: Fix debugfs_create_*() usage mac80211: Fix setting TX power on monitor interfaces vfb: fix video mode and line_length being set when loaded gpio: label descriptors using the device name IB/rdmavt: Allocate CQ memory on the correct node blk-mq: fix race between updating nr_hw_queues and switching io sched backlight: tdo24m: Fix the SPI CS between transfers pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' rt2x00: do not pause queue unconditionally on error path wl1251: check return from call to wl1251_acx_arp_ip_filter hdlcdrv: Fix divide by zero in hdlcdrv_ioctl x86/efi: Disable runtime services on kexec kernel if booted with efi=old_map netfilter: conntrack: don't call iter for non-confirmed conntracks HID: i2c: Call acpi_device_fix_up_power for ACPI-enumerated devices ovl: filter trusted xattr for non-admin powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE] dmaengine: imx-sdma: Handle return value of clk_prepare_enable backlight: Report error on failure arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage net/mlx5: avoid build warning for uniprocessor cxgb4: FW upgrade fixes cxgb4: Fix netdev_features flag rtc: m41t80: fix SQW dividers override when setting a date i40evf: fix merge error in older patch rtc: opal: Handle disabled TPO in opal_get_tpo_time() rtc: interface: Validate alarm-time before handling rollover SUNRPC: ensure correct error is reported by xs_tcp_setup_socket() net: freescale: fix potential null pointer dereference clk: at91: fix clk-generated parenting drm/sun4i: Ignore the generic connectors for components dt-bindings: display: sun4i: Add allwinner,tcon-channel property mtd: nand: gpmi: Fix gpmi_nand_init() error path mtd: nand: check ecc->total sanity in nand_scan_tail KVM: SVM: do not zero out segment attributes if segment is unusable or not present clk: scpi: fix return type of __scpi_dvfs_round_rate clk: Fix __set_clk_rates error print-string powerpc/spufs: Fix coredump of SPU contexts drm/amdkfd: NULL dereference involving create_process() ath10k: add BMI parameters to fix calibration from DT/pre-cal perf trace: Add mmap alias for s390 qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and qlcnic_82xx_hw_read_wx_2M arm64: kernel: restrict /dev/mem read() calls to linear region mISDN: Fix a sleep-in-atomic bug net: phy: micrel: Restore led_mode and clk_sel on resume RDMA/iw_cxgb4: Avoid touch after free error in ARP failure handlers RDMA/hfi1: fix array termination by appending NULL to attr array drm/omap: fix tiled buffer stride calculations powerpc/8xx: fix mpc8xx_get_irq() return on no irq cxgb4: fix incorrect cim_la output for T6 Fix serial console on SNI RM400 machines bio-integrity: Do not allocate integrity context for bio w/o data ip6_tunnel: fix traffic class routing for tunnels skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow macsec: check return value of skb_to_sgvec always sit: reload iphdr in ipip6_rcv net/mlx4: Fix the check in attaching steering rules net/mlx4: Check if Granular QoS per VF has been enabled before updating QP qos_vport perf header: Set proper module name when build-id event found perf report: Ensure the perf DSO mapping matches what libdw sees iwlwifi: mvm: fix firmware debug restart recording watchdog: f71808e_wdt: Add F71868 support iwlwifi: mvm: Fix command queue number on d0i3 flow iwlwifi: tt: move ucode_loaded check under mutex iwlwifi: pcie: only use d0i3 in suspend/resume if system_pm is set to d0i3 iwlwifi: fix min API version for 7265D, 3168, 8000 and 8265 tags: honor COMPILED_SOURCE with apart output directory ARM: dts: qcom: ipq4019: fix i2c_0 node e1000e: fix race condition around skb_tstamp_tx() igb: fix race condition with PTP_TX_IN_PROGRESS bits cxl: Unlock on error in probe cx25840: fix unchecked return values mceusb: sporadic RX truncation corruption fix net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull nvme-pci: fix multiple ctrl removal scheduling nvme: fix hang in remove path KVM: nVMX: Update vmcs12->guest_linear_address on nested VM-exit e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails perf/core: Correct event creation with PERF_FORMAT_GROUP sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks MIPS: mm: fixed mappings: correct initialisation MIPS: mm: adjust PKMAP location MIPS: kprobes: flush_insn_slot should flush only if probe initialised ARM: dts: armadillo800eva: Split LCD mux and gpio Fix loop device flush before configure v3 net: emac: fix reset timeout with AR8035 phy perf tools: Decompress kernel module when reading DSO data perf tests: Decompress kernel module before objdump skbuff: only inherit relevant tx_flags xen: avoid type warning in xchg_xen_ulong X.509: Fix error code in x509_cert_parse() pinctrl: meson-gxbb: remove non-existing pin GPIOX_22 coresight: Fix reference count for software sources coresight: tmc: Configure DMA mask appropriately stmmac: fix ptp header for GMAC3 hw timestamp geneve: add missing rx stats accounting crypto: omap-sham - buffer handling fixes for hashing later crypto: omap-sham - fix closing of hash with separate finalize call bnx2x: Allow vfs to disable txvlan offload sctp: fix recursive locking warning in sctp_do_peeloff net: fec: Add a fec_enet_clear_ethtool_stats() stub for CONFIG_M5272 sparc64: ldc abort during vds iso boot iio: magnetometer: st_magn_spi: fix spi_device_id table net: ena: fix rare uncompleted admin command false alarm net: ena: fix race condition between submit and completion admin command net: ena: add missing return when ena_com_get_io_handlers() fails net: ena: add missing unmap bars on device removal net: ena: disable admin msix while working in polling mode clk: meson: meson8b: add compatibles for Meson8 and Meson8m2 Bluetooth: Send HCI Set Event Mask Page 2 command only when needed cpuidle: dt: Add missing 'of_node_put()' ACPICA: OSL: Add support to exclude stdarg.h ACPICA: Events: Add runtime stub support for event APIs ACPICA: Disassembler: Abort on an invalid/unknown AML opcode s390/dasd: fix hanging safe offline vxlan: dont migrate permanent fdb entries during learn hsr: fix incorrect warning selftests: kselftest_harness: Fix compile warning drm/vc4: Fix resource leak in 'vc4_get_hang_state_ioctl()' in error handling path bcache: stop writeback thread after detaching bcache: segregate flash only volume write streams scsi: libsas: fix memory leak in sas_smp_get_phy_events() scsi: libsas: fix error when getting phy events scsi: libsas: initialize sas_phy status according to response of DISCOVER blk-mq: fix kernel oops in blk_mq_tag_idle() tty: n_gsm: Allow ADM response in addition to UA for control dlci EDAC, mv64x60: Fix an error handling path cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages sdhci: Advertise 2.0v supply on SDIO host controller Input: goodix - disable IRQs while suspended mtd: mtd_oobtest: Handle bitflips during reads perf tools: Fix copyfile_offset update of output offset ipsec: check return value of skb_to_sgvec always rxrpc: check return value of skb_to_sgvec always virtio_net: check return value of skb_to_sgvec always virtio_net: check return value of skb_to_sgvec in one more location random: use lockless method of accessing and updating f->reg_idx clk: at91: fix clk-generated compilation arp: fix arp_filter on l3slave devices ipv6: the entire IPv6 header chain must fit the first fragment net: fix possible out-of-bound read in skb_network_protocol() net/ipv6: Fix route leaking between VRFs net/ipv6: Increment OUTxxx counters after netfilter hook netlink: make sure nladdr has correct size in netlink_connect() net/sched: fix NULL dereference in the error path of tcf_bpf_init() pptp: remove a buggy dst release in pptp_connect() r8169: fix setting driver_data after register_netdev sctp: do not leak kernel memory to user space sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 sky2: Increase D3 delay to sky2 stops working after suspend vhost: correctly remove wait queue during poll failure vlan: also check phy_driver ts_info for vlan's real device bonding: fix the err path for dev hwaddr sync in bond_enslave bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave bonding: process the err returned by dev_set_allmulti properly in bond_enslave net: fool proof dev_valid_name() ip_tunnel: better validate user provided tunnel names ipv6: sit: better validate user provided tunnel names ip6_gre: better validate user provided tunnel names ip6_tunnel: better validate user provided tunnel names vti6: better validate user provided tunnel names net/mlx5e: Sync netdev vxlan ports at open net/sched: fix NULL dereference in the error path of tunnel_key_init() net/sched: fix NULL dereference on the error path of tcf_skbmod_init() net/mlx4_en: Fix mixed PFC and Global pause user control requests vhost: validate log when IOTLB is enabled route: check sysctl_fib_multipath_use_neigh earlier than hash team: move dev_mc_sync after master_upper_dev_link in team_port_add vhost_net: add missing lock nesting notation net/mlx4_core: Fix memory leak while delete slave's resources strparser: Fix sign of err codes net sched actions: fix dumping which requires several messages to user space vrf: Fix use after free and double free in vrf_finish_output Revert "xhci: plat: Register shutdown for xhci_plat" Linux 4.9.94 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Stephen Smalley
|
b983b2a596 |
selinux: do not check open permission on sockets
[ Upstream commit
|
||
|
Greg Hackmann
|
05baf14727 |
Merge tag 'v4.9.93' into android-4.9
This is the 4.9.93 stable release Change-Id: I4293d83f45982c6fd479bddbf9b0f811248ddc30 Signed-off-by: Greg Hackmann <ghackmann@google.com> |
||
|
Matthias Kaehlcke
|
1978d829a6 |
selinux: Remove redundant check for unknown labeling behavior
commit
|
||
|
Matthias Kaehlcke
|
00972acdcf |
selinux: Remove unnecessary check of array base in selinux_set_mapping()
commit
|
||
|
Greg Kroah-Hartman
|
960923fdc2 |
Merge 4.9.89 into android-4.9
Changes in 4.9.89
blkcg: fix double free of new_blkg in blkcg_init_queue
Input: tsc2007 - check for presence and power down tsc2007 during probe
perf stat: Issue a HW watchdog disable hint
staging: speakup: Replace BUG_ON() with WARN_ON().
staging: wilc1000: add check for kmalloc allocation failure.
HID: reject input outside logical range only if null state is set
drm: qxl: Don't alloc fbdev if emulation is not supported
ARM: dts: r8a7791: Remove unit-address and reg from integrated cache
ARM: dts: r8a7792: Remove unit-address and reg from integrated cache
ARM: dts: r8a7793: Remove unit-address and reg from integrated cache
ARM: dts: r8a7794: Remove unit-address and reg from integrated cache
arm64: dts: r8a7796: Remove unit-address and reg from integrated cache
drm/sun4i: Fix up error path cleanup for master bind function
drm/sun4i: Set drm_crtc.port to the underlying TCON's output port node
ath10k: fix a warning during channel switch with multiple vaps
drm/sun4i: Fix TCON clock and regmap initialization sequence
PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
selinux: check for address length in selinux_socket_bind()
x86/mm: Make mmap(MAP_32BIT) work correctly
perf sort: Fix segfault with basic block 'cycles' sort dimension
x86/mce: Handle broadcasted MCE gracefully with kexec
eventpoll.h: fix epoll event masks
i40e: Acquire NVM lock before reads on all devices
i40e: fix ethtool to get EEPROM data from X722 interface
perf tools: Make perf_event__synthesize_mmap_events() scale
ARM: brcmstb: Enable ZONE_DMA for non 64-bit capable peripherals
drivers: net: xgene: Fix hardware checksum setting
drivers: net: phy: xgene: Fix mdio write
drivers: net: xgene: Fix wrong logical operation
drivers: net: xgene: Fix Rx checksum validation logic
drm: Defer disabling the vblank IRQ until the next interrupt (for instant-off)
ath10k: disallow DFS simulation if DFS channel is not enabled
ath10k: fix fetching channel during potential radar detection
usb: misc: lvs: fix race condition in disconnect handling
ARM: bcm2835: Enable missing CMA settings for VC4 driver
net: ethernet: bgmac: Allow MAC address to be specified in DTB
netem: apply correct delay when rate throttling
x86/mce: Init some CPU features early
omapfb: dss: Handle return errors in dss_init_ports()
perf probe: Fix concat_probe_trace_events
perf probe: Return errno when not hitting any event
HID: clamp input to logical range if no null state
net/8021q: create device with all possible features in wanted_features
ARM: dts: Adjust moxart IRQ controller and flags
qed: Always publish VF link from leading hwfn
s390/topology: fix typo in early topology code
zd1211rw: fix NULL-deref at probe
batman-adv: handle race condition for claims between gateways
of: fix of_device_get_modalias returned length when truncating buffers
solo6x10: release vb2 buffers in solo_stop_streaming()
x86/boot/32: Defer resyncing initial_page_table until per-cpu is set up
scsi: fnic: Fix for "Number of Active IOs" in fnicstats becoming negative
scsi: ipr: Fix missed EH wakeup
media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
timers, sched_clock: Update timeout for clock wrap
sysrq: Reset the watchdog timers while displaying high-resolution timers
Input: qt1070 - add OF device ID table
sched: act_csum: don't mangle TCP and UDP GSO packets
PCI: hv: Properly handle PCI bus remove
PCI: hv: Lock PCI bus on device eject
ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
tcp: sysctl: Fix a race to avoid unexpected 0 window from space
dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
usb: dwc3: make sure UX_EXIT_PX is cleared
ARM: dts: bcm2835: add index to the ethernet alias
perf annotate: Fix a bug following symbolic link of a build-id file
perf buildid: Do not assume that readlink() returns a null terminated string
i40e/i40evf: Fix use after free in Rx cleanup path
scsi: be2iscsi: Check tag in beiscsi_mccq_compl_wait
driver: (adm1275) set the m,b and R coefficients correctly for power
bonding: make speed, duplex setting consistent with link state
mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
ALSA: firewire-lib: add a quirk of packet without valid EOH in CIP format
ARM: dts: r8a7794: Add DU1 clock to device tree
ARM: dts: r8a7794: Correct clock of DU1
ARM: dts: silk: Correct clock of DU1
blk-throttle: make sure expire time isn't too big
regulator: core: Limit propagation of parent voltage count and list
perf trace: Handle unpaired raw_syscalls:sys_exit event
f2fs: relax node version check for victim data in gc
drm/ttm: never add BO that failed to validate to the LRU list
bonding: refine bond_fold_stats() wrap detection
PCI: Apply Cavium ACS quirk only to CN81xx/CN83xx/CN88xx devices
powerpc/mm/hugetlb: Filter out hugepage size not supported by page table layout
braille-console: Fix value returned by _braille_console_setup
drm/vmwgfx: Fixes to vmwgfx_fb
vxlan: vxlan dev should inherit lowerdev's gso_max_size
NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
NFC: nfcmrvl: double free on error path
NFC: pn533: change order of free_irq and dev unregistration
ARM: dts: r7s72100: fix ethernet clock parent
ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
ARM: dts: r8a7793: Correct parent of SSI[0-9] clocks
powerpc: Avoid taking a data miss on every userspace instruction miss
net: hns: Correct HNS RSS key set function
net/faraday: Add missing include of of.h
qed: Fix TM block ILT allocation
rtmutex: Fix PI chain order integrity
printk: Correctly handle preemption in console_unlock()
drm: rcar-du: Handle event when disabling CRTCs
ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
reiserfs: Make cancel_old_flush() reliable
ASoC: rt5677: Add OF device ID table
IB/hfi1: Check for QSFP presence before attempting reads
ALSA: firewire-digi00x: add support for console models of Digi00x series
ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
fm10k: correctly check if interface is removed
EDAC, altera: Fix peripheral warnings for Cyclone5
scsi: ses: don't get power status of SES device slot on probe
qed: Correct MSI-x for storage
apparmor: Make path_max parameter readonly
iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
kvm/svm: Setup MCG_CAP on AMD properly
kvm: nVMX: Disallow userspace-injected exceptions in guest mode
video: ARM CLCD: fix dma allocation size
drm/radeon: Fail fb creation from imported dma-bufs.
drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
drm/rockchip: vop: Enable pm domain before vop_initial
i40e: only register client on iWarp-capable devices
coresight: Fixes coresight DT parse to get correct output port ID.
lkdtm: turn off kcov for lkdtm_rodata_do_nothing:
tty: amba-pl011: Fix spurious TX interrupts
serial: imx: setup DCEDTE early and ensure DCD and RI irqs to be off
MIPS: BPF: Quit clobbering callee saved registers in JIT code.
MIPS: BPF: Fix multiple problems in JIT skb access helpers.
MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
v4l: vsp1: Prevent multiple streamon race commencing pipeline early
v4l: vsp1: Register pipe with output WPF
regulator: isl9305: fix array size
md/raid6: Fix anomily when recovering a single device in RAID6.
md.c:didn't unlock the mddev before return EINVAL in array_size_store
powerpc/nohash: Fix use of mmu_has_feature() in setup_initial_memory_limit()
usb: dwc2: Make sure we disconnect the gadget state
usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in dummy_hub_control()
perf evsel: Return exact sub event which failed with EPERM for wildcards
iwlwifi: mvm: fix RX SKB header size and align it properly
drivers/perf: arm_pmu: handle no platform_device
perf inject: Copy events when reordering events in pipe mode
net: fec: add phy-reset-gpios PROBE_DEFER check
perf session: Don't rely on evlist in pipe mode
vfio/powerpc/spapr_tce: Enforce IOMMU type compatibility check
vfio/spapr_tce: Check kzalloc() return when preregistering memory
scsi: sg: check for valid direction before starting the request
scsi: sg: close race condition in sg_remove_sfp_usercontext()
ALSA: hda: Add Geminilake id to SKL_PLUS
kprobes/x86: Fix kprobe-booster not to boost far call instructions
kprobes/x86: Set kprobes pages read-only
pwm: tegra: Increase precision in PWM rate calculation
clk: qcom: msm8996: Fix the vfe1 powerdomain name
Bluetooth: Avoid bt_accept_unlink() double unlinking
Bluetooth: 6lowpan: fix delay work init in add_peer_chan()
mac80211_hwsim: use per-interface power level
ath10k: fix compile time sanity check for CE4 buffer size
wil6210: fix protection against connections during reset
wil6210: fix memory access violation in wil_memcpy_from/toio_32
perf stat: Fix bug in handling events in error state
mwifiex: Fix invalid port issue
drm/edid: set ELD connector type in drm_edid_to_eld()
video/hdmi: Allow "empty" HDMI infoframes
HID: elo: clear BTN_LEFT mapping
iwlwifi: mvm: rs: don't override the rate history in the search cycle
clk: meson: gxbb: fix wrong clock for SARADC/SANA
ARM: dts: exynos: Correct Trats2 panel reset line
sched: Stop switched_to_rt() from sending IPIs to offline CPUs
sched: Stop resched_cpu() from sending IPIs to offline CPUs
test_firmware: fix setting old custom fw path back on exit
net: ieee802154: adf7242: Fix bug if defined DEBUG
net: xfrm: allow clearing socket xfrm policies.
mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
net: thunderx: Set max queue count taking XDP_TX into account
ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
mtd: nand: ifc: update bufnum mask for ver >= 2.0.0
userns: Don't fail follow_automount based on s_user_ns
leds: pm8058: Silence pointer to integer size warning
power: supply: ab8500_charger: Fix an error handling path
power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()'
ath10k: update tdls teardown state to target
scsi: ses: don't ask for diagnostic pages repeatedly during probe
pwm: stmpe: Fix wrong register offset for hwpwm=2 case
clk: qcom: msm8916: fix mnd_width for codec_digcodec
mwifiex: cfg80211: do not change virtual interface during scan processing
ath10k: fix invalid STS_CAP_OFFSET_MASK
tools/usbip: fixes build with musl libc toolchain
spi: sun6i: disable/unprepare clocks on remove
bnxt_en: Don't print "Link speed -1 no longer supported" messages.
scsi: core: scsi_get_device_flags_keyed(): Always return device flags
scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
scsi: dh: add new rdac devices
media: vsp1: Prevent suspending and resuming DRM pipelines
media: cpia2: Fix a couple off by one bugs
veth: set peer GSO values
drm/amdkfd: Fix memory leaks in kfd topology
powerpc/modules: Don't try to restore r2 after a sibling call
agp/intel: Flush all chipset writes after updating the GGTT
mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
mac80211: remove BUG() when interface type is invalid
ASoC: nuc900: Fix a loop timeout test
ipvlan: add L2 check for packets arriving via virtual devices
rcutorture/configinit: Fix build directory error message
locking/locktorture: Fix num reader/writer corner cases
ima: relax requiring a file signature for new files with zero length
net: hns: Some checkpatch.pl script & warning fixes
x86/boot/32: Fix UP boot on Quark and possibly other platforms
x86/cpufeatures: Add Intel PCONFIG cpufeature
selftests/x86/entry_from_vm86: Exit with 1 if we fail
selftests/x86: Add tests for User-Mode Instruction Prevention
selftests/x86: Add tests for the STR and SLDT instructions
selftests/x86/entry_from_vm86: Add test cases for POPF
x86/vm86/32: Fix POPF emulation
x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
x86/mm: Fix vmalloc_fault to use pXd_large
parisc: Handle case where flush_cache_range is called with no context
ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
ALSA: hda - Revert power_save option default value
ALSA: seq: Fix possible UAF in snd_seq_check_queue()
ALSA: seq: Clear client entry before deleting else at closing
drm/amdgpu: fix prime teardown order
drm/amdgpu/dce: Don't turn off DP sink when disconnected
fs: Teach path_connected to handle nfs filesystems with multiple roots.
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
fs/aio: Add explicit RCU grace period when freeing kioctx
fs/aio: Use RCU accessors for kioctx_table->table[]
irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
scsi: sg: fix SG_DXFER_FROM_DEV transfers
scsi: sg: fix static checker warning in sg_is_valid_dxfer
scsi: sg: only check for dxfer_len greater than 256M
btrfs: alloc_chunk: fix DUP stripe size handling
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
scsi: qla2xxx: Fix extraneous ref on sp's after adapter break
USB: gadget: udc: Add missing platform_device_put() on error in bdc_pci_probe()
usb: dwc3: Fix GDBGFIFOSPACE_TYPE values
usb: gadget: bdc: 64-bit pointer capability check
Linux 4.9.89
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Mimi Zohar
|
27a0856c21 |
ima: relax requiring a file signature for new files with zero length
[ Upstream commit |
||
|
John Johansen
|
d55a55bc88 |
apparmor: Make path_max parameter readonly
[ Upstream commit
|
||
|
Alexander Potapenko
|
b243aa88a7 |
selinux: check for address length in selinux_socket_bind()
[ Upstream commit
|
||
|
Kees Cook
|
24da2c84bd |
BACKPORT: treewide: Fix function prototypes for module_param_call()
Several function prototypes for the set/get functions defined by
module_param_call() have a slightly wrong argument types. This fixes
those in an effort to clean up the calls when running under type-enforced
compiler instrumentation for CFI. This is the result of running the
following semantic patch:
@match_module_param_call_function@
declarer name module_param_call;
identifier _name, _set_func, _get_func;
expression _arg, _mode;
@@
module_param_call(_name, _set_func, _get_func, _arg, _mode);
@fix_set_prototype
depends on match_module_param_call_function@
identifier match_module_param_call_function._set_func;
identifier _val, _param;
type _val_type, _param_type;
@@
int _set_func(
-_val_type _val
+const char * _val
,
-_param_type _param
+const struct kernel_param * _param
) { ... }
@fix_get_prototype
depends on match_module_param_call_function@
identifier match_module_param_call_function._get_func;
identifier _val, _param;
type _val_type, _param_type;
@@
int _get_func(
-_val_type _val
+char * _val
,
-_param_type _param
+const struct kernel_param * _param
) { ... }
Two additional by-hand changes are included for places where the above
Coccinelle script didn't notice them:
drivers/platform/x86/thinkpad_acpi.c
fs/lockd/svc.c
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Bug: 67506682
Change-Id: I2c9c0ee8ed28065e63270a52c155e5e7d2791295
(cherry picked from commit
|
||
|
Greg Kroah-Hartman
|
a9d027374a |
Merge 4.9.84 into android-4.9
Changes in 4.9.84
vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()
kcm: Check if sk_user_data already set in kcm_attach
kcm: Only allow TCP sockets to be attached to a KCM mux
cfg80211: check dev_set_name() return value
xfrm: skip policies marked as dead while rehashing
mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
xfrm: Fix stack-out-of-bounds read on socket policy lookup.
xfrm: check id proto in validate_tmpl()
sctp: set frag_point in sctp_setsockopt_maxseg correctly
blktrace: fix unlocked registration of tracepoints
drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE
Provide a function to create a NUL-terminated string from unterminated data
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
selinux: skip bounded transition processing if the policy isn't loaded
crypto: x86/twofish-3way - Fix %rbp usage
staging: android: ion: Add __GFP_NOWARN for system contig heap
staging: android: ion: Switch from WARN to pr_warn
blk_rq_map_user_iov: fix error override
KVM: x86: fix escape of guest dr6 to the host
kcov: detect double association with a single task
netfilter: x_tables: fix int overflow in xt_alloc_table_info()
netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
netfilter: on sockopt() acquire sock lock only in the required scope
netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete
net: avoid skb_warn_bad_offload on IS_ERR
crypto: hash - annotate algorithms taking optional key
crypto: hash - prevent using keyed hashes without setting key
ASoC: ux500: add MODULE_LICENSE tag
video: fbdev/mmp: add MODULE_LICENSE
ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag
arm64: dts: add #cooling-cells to CPU nodes
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
staging: android: ashmem: Fix a race condition in pin ioctls
binder: check for binder_thread allocation failure in binder_poll()
staging: iio: adc: ad7192: fix external frequency setting
staging: iio: ad5933: switch buffer mode to software
usbip: keep usbip_device sockfd state in sync with tcp_socket
usb: build drivers/usb/common/ when USB_SUPPORT is set
ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
ARM: dts: logicpd-som-lv: Fix gpmc addresses for NAND and enet
ARM: dts: logicpd-somlv: Fix wl127x pinmux
ARM: dts: am4372: Correct the interrupts_properties of McASP
ARM: dts: am437x-cm-t43: Correct the dmas property of spi0
perf top: Fix window dimensions change handling
perf bench numa: Fixup discontiguous/sparse numa nodes
media: s5k6aa: describe some function parameters
pinctrl: sunxi: Fix A80 interrupt pin bank
pinctrl: sunxi: Fix A64 UART mux value
i40iw: Correct ARP index mask
RDMA/cma: Make sure that PSN is not over max allowed
sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune
scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none
ipvlan: Add the skb->mark as flow4's member to lookup route
m68k: add missing SOFTIRQENTRY_TEXT linker section
powerpc/perf: Fix oops when grouping different pmu events
s390/dasd: prevent prefix I/O error
ARM: dts: Fix elm interrupt compiler warning
gianfar: fix a flooded alignment reports because of padding issue.
net_sched: red: Avoid devision by zero
net_sched: red: Avoid illegal values
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
brcmfmac: Avoid build error with make W=1
net: ethernet: arc: fix error handling in emac_rockchip_probe
509: fix printing uninitialized stack memory when OID is empty
gianfar: Disable EEE autoneg by default
dmaengine: ioat: Fix error handling path
dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved
clk: fix a panic error caused by accessing NULL pointer
ASoC: rockchip: disable clock on error
spi: sun4i: disable clocks in the remove function
xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
drm/armada: fix leak of crtc structure
dmaengine: jz4740: disable/unprepare clk if probe fails
usb: dwc3: gadget: Wait longer for controller to end command processing
usb: dwc3: of-simple: fix missing clk_disable_unprepare
mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410
xen: XEN_ACPI_PROCESSOR is Dom0-only
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
powerpc/64s: Fix conversion of slb_miss_common to use RFI_TO_USER/KERNEL
powerpc/64s: Simple RFI macro conversions
powerpc/64s: Improve RFI L1-D cache flush fallback
crypto: talitos - fix Kernel Oops on hashing an empty file
drm/i915: fix intel_backlight_device_register declaration
shmem: avoid maybe-uninitialized warning
clk: sunxi-ng: fix build error without CONFIG_RESET_CONTROLLER
vmxnet3: prevent building with 64K pages
perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
PCI: vmd: Fix suspend handlers defined-but-not-used warning
gpio: intel-mid: Fix build warning when !CONFIG_PM
platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
usb: musb: fix compilation warning on unused function
PCI: Change pci_host_common_probe() visibility
perf: xgene: Include module.h
video: fbdev: via: remove possibly unused variables
scsi: advansys: fix build warning for PCI=n
x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
gpio: xgene: mark PM functions as __maybe_unused
arm64: define BUG() instruction without CONFIG_BUG
x86/fpu/math-emu: Fix possible uninitialized variable use
tools build: Add tools tree support for 'make -s'
x86/build: Silence the build with "make -s"
thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
x86: add MULTIUSER dependency for KVM
dmaengine: zx: fix build warning
x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
x86/vm86: Fix unused variable warning if THP is disabled
scsi: advansys: fix uninitialized data access
arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
ALSA: hda/ca0132 - fix possible NULL pointer use
reiserfs: avoid a -Wmaybe-uninitialized warning
cw1200: fix bogus maybe-uninitialized warning
security/keys: BIG_KEY requires CONFIG_CRYPTO
drm: exynos: mark pm functions as __maybe_unused
rbd: silence bogus -Wmaybe-uninitialized warning
drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
KVM: add X86_LOCAL_APIC dependency
shmem: fix compilation warnings on unused functions
tc358743: fix register i2c_rd/wr functions
go7007: add MEDIA_CAMERA_SUPPORT dependency
em28xx: only use mt9v011 if camera support is enabled
tw5864: use dev_warn instead of WARN to shut up warning
ISDN: eicon: reduce stack size of sig_ind function
clk: meson: gxbb: fix build error without RESET_CONTROLLER
kasan: rework Kconfig settings
drm/i915: hide unused intel_panel_set_backlight function
arm64: sunxi: always enable reset controller
binfmt_elf: compat: avoid unused function warning
spi: bcm-qspi: shut up warning about cfi header inclusion
idle: i7300: add PCI dependency
arm64: fix warning about swapper_pg_dir overflow
usb: phy: msm add regulator dependency
x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix preemptibility bug
KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously
KVM: VMX: clean up declaration of VPID/EPT invalidation types
KVM: nVMX: invvpid handling improvements
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
Linux 4.9.84
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Arnd Bergmann
|
077463be4f |
security/keys: BIG_KEY requires CONFIG_CRYPTO
commit |
||
|
Paul Moore
|
5e6f51aac1 |
selinux: skip bounded transition processing if the policy isn't loaded
commit
|
||
|
Paul Moore
|
fe1cb580e8 |
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
commit
|
||
|
Greg Kroah-Hartman
|
f8bbe517d0 |
Merge 4.9.81 into android-4.9
Changes in 4.9.81
powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
powerpc/64: Add macros for annotating the destination of rfid/hrfid
powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL
powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL
powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL
powerpc/64s: Add support for RFI flush of L1-D cache
powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti
powerpc/pseries: Query hypervisor for RFI flush settings
powerpc/powernv: Check device-tree for RFI flush settings
powerpc/64s: Wire up cpu_show_meltdown()
powerpc/64s: Allow control of RFI flush via debugfs
auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
kaiser: fix intel_bts perf crashes
x86/pti: Make unpoison of pgd for trusted boot work for real
kaiser: allocate pgd with order 0 when pti=off
serial: core: mark port as initialized after successful IRQ change
ip6mr: fix stale iterator
net: igmp: add a missing rcu locking section
qlcnic: fix deadlock bug
qmi_wwan: Add support for Quectel EP06
r8169: fix RTL8168EP take too long to complete driver initialization.
tcp: release sk_frag.page in tcp_disconnect
vhost_net: stop device during reset owner
tcp_bbr: fix pacing_gain to always be unity when using lt_bw
cls_u32: add missing RCU annotation.
ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only
soreuseport: fix mem leak in reuseport_add_sock()
x86/asm: Fix inline asm call constraints for GCC 4.4
x86/microcode/AMD: Do not load when running on a hypervisor
media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
b43: Add missing MODULE_FIRMWARE()
KEYS: encrypted: fix buffer overread in valid_master_desc()
x86/retpoline: Remove the esp/rsp thunk
KVM: x86: Make indirect calls in emulator speculation safe
KVM: VMX: Make indirect call speculation safe
module/retpoline: Warn about missing retpoline in module
x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
x86/cpufeatures: Add Intel feature bits for Speculation Control
x86/cpufeatures: Add AMD feature bits for Speculation Control
x86/msr: Add definitions for new speculation control MSRs
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
x86/nospec: Fix header guards names
x86/bugs: Drop one "mitigation" from dmesg
x86/cpu/bugs: Make retpoline module warning conditional
x86/cpufeatures: Clean up Spectre v2 related CPUID flags
x86/retpoline: Simplify vmexit_fill_RSB()
x86/spectre: Check CONFIG_RETPOLINE in command line parser
x86/entry/64: Remove the SYSCALL64 fast path
x86/entry/64: Push extra regs right away
x86/asm: Move 'status' from thread_struct to thread_info
Documentation: Document array_index_nospec
array_index_nospec: Sanitize speculative array de-references
x86: Implement array_index_mask_nospec
x86: Introduce barrier_nospec
x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
x86/get_user: Use pointer masking to limit speculation
x86/syscall: Sanitize syscall table de-references under speculation
vfs, fdtable: Prevent bounds-check bypass via speculative execution
nl80211: Sanitize array index in parse_txq_params
x86/spectre: Report get_user mitigation for spectre_v1
x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
x86/paravirt: Remove 'noreplace-paravirt' cmdline option
x86/kvm: Update spectre-v1 mitigation
x86/retpoline: Avoid retpolines for built-in __init functions
x86/spectre: Simplify spectre_v2 command line parsing
x86/pti: Mark constant arrays as __initconst
x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
KVM: nVMX: kmap() can't fail
KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
KVM: nVMX: mark vmcs12 pages dirty on L2 exit
KVM: nVMX: Eliminate vmcs02 pool
KVM: VMX: introduce alloc_loaded_vmcs
KVM: VMX: make MSR bitmaps per-VCPU
KVM/x86: Add IBPB support
KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
crypto: tcrypt - fix S/G table for test_aead_speed()
ASoC: simple-card: Fix misleading error message
ASoC: rsnd: don't call free_irq() on Parent SSI
ASoC: rsnd: avoid duplicate free_irq()
drm: rcar-du: Use the VBK interrupt for vblank events
drm: rcar-du: Fix race condition when disabling planes at CRTC stop
x86/microcode: Do the family check first
Linux 4.9.81
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Eric Biggers
|
9692602ab8 |
KEYS: encrypted: fix buffer overread in valid_master_desc()
commit
|
||
|
Greg Kroah-Hartman
|
bc7ff9b998 |
Merge 4.9.75 into android-4.9
Changes in 4.9.75 tcp_bbr: reset full pipe detection on loss recovery undo tcp_bbr: reset long-term bandwidth sampling on loss recovery undo x86/boot: Add early cmdline parsing for options with arguments KAISER: Kernel Address Isolation kaiser: merged update kaiser: do not set _PAGE_NX on pgd_none kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE kaiser: fix build and FIXME in alloc_ldt_struct() kaiser: KAISER depends on SMP kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER kaiser: fix perf crashes kaiser: ENOMEM if kaiser_pagetable_walk() NULL kaiser: tidied up asm/kaiser.h somewhat kaiser: tidied up kaiser_add/remove_mapping slightly kaiser: align addition to x86/mm/Makefile kaiser: cleanups while trying for gold link kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET kaiser: delete KAISER_REAL_SWITCH option kaiser: vmstat show NR_KAISERTABLE as nr_overhead kaiser: enhanced by kernel and user PCIDs kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user kaiser: PCID 0 for kernel and 128 for user kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user kaiser: paranoid_entry pass cr3 need to paranoid_exit kaiser: kaiser_remove_mapping() move along the pgd kaiser: fix unlikely error in alloc_ldt_struct() kaiser: add "nokaiser" boot option, using ALTERNATIVE x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling x86/kaiser: Check boottime cmdline params kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush kaiser: drop is_atomic arg to kaiser_pagetable_walk() kaiser: asm/tlbflush.h handle noPGE at lower level kaiser: kaiser_flush_tlb_on_return_to_user() check PCID x86/paravirt: Dont patch flush_tlb_single x86/kaiser: Reenable PARAVIRT kaiser: disabled on Xen PV x86/kaiser: Move feature detection up KPTI: Rename to PAGE_TABLE_ISOLATION KPTI: Report when enabled kaiser: Set _PAGE_NX only if supported Linux 4.9.75 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Kees Cook
|
e71fac0172 |
KPTI: Rename to PAGE_TABLE_ISOLATION
This renames CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Borislav Petkov
|
2c2721754a |
x86/kaiser: Reenable PARAVIRT
Now that the required bits have been addressed, reenable PARAVIRT. Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Hugh Dickins
|
1ce27de401 |
kaiser: delete KAISER_REAL_SWITCH option
We fail to see what CONFIG_KAISER_REAL_SWITCH is for: it seems to be left over from early development, and now just obscures tricky parts of the code. Delete it before adding PCIDs, or nokaiser boot option. (Or if there is some good reason to keep the option, then it needs a help text - and a "depends on KAISER", so that all those without KAISER are not asked the question. But we'd much rather delete it.) Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Hugh Dickins
|
639c005dae |
kaiser: KAISER depends on SMP
It is absurd that KAISER should depend on SMP, but apparently nobody has tried a UP build before: which breaks on implicit declaration of function 'per_cpu_offset' in arch/x86/mm/kaiser.c. Now, you would expect that to be trivially fixed up; but looking at the System.map when that block is #ifdef'ed out of kaiser_init(), I see that in a UP build __per_cpu_user_mapped_end is precisely at __per_cpu_user_mapped_start, and the items carefully gathered into that section for user-mapping on SMP, dispersed elsewhere on UP. So, some other kind of section assignment will be needed on UP, but implementing that is not a priority: just make KAISER depend on SMP for now. Also inserted a blank line before the option, tidied up the brief Kconfig help message, and added an "If unsure, Y". Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Dave Hansen
|
8f0baadf2b |
kaiser: merged update
Merged fixes and cleanups, rebased to 4.9.51 tree (no 5-level paging). Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Richard Fellner
|
13be4483bb |
KAISER: Kernel Address Isolation
This patch introduces our implementation of KAISER (Kernel Address Isolation to
have Side-channels Efficiently Removed), a kernel isolation technique to close
hardware side channels on kernel address information.
More information about the patch can be found on:
https://github.com/IAIK/KAISER
From: Richard Fellner <richard.fellner@student.tugraz.at>
From: Daniel Gruss <daniel.gruss@iaik.tugraz.at>
Subject: [RFC, PATCH] x86_64: KAISER - do not map kernel in user mode
Date: Thu, 4 May 2017 14:26:50 +0200
Link: http://marc.info/?l=linux-kernel&m=149390087310405&w=2
Kaiser-4.10-SHA1: c4b1831d44c6144d3762ccc72f0c4e71a0c713e5
To: <linux-kernel@vger.kernel.org>
To: <kernel-hardening@lists.openwall.com>
Cc: <clementine.maurice@iaik.tugraz.at>
Cc: <moritz.lipp@iaik.tugraz.at>
Cc: Michael Schwarz <michael.schwarz@iaik.tugraz.at>
Cc: Richard Fellner <richard.fellner@student.tugraz.at>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: <kirill.shutemov@linux.intel.com>
Cc: <anders.fogh@gdata-adan.de>
After several recent works [1,2,3] KASLR on x86_64 was basically
considered dead by many researchers. We have been working on an
efficient but effective fix for this problem and found that not mapping
the kernel space when running in user mode is the solution to this
problem [4] (the corresponding paper [5] will be presented at ESSoS17).
With this RFC patch we allow anybody to configure their kernel with the
flag CONFIG_KAISER to add our defense mechanism.
If there are any questions we would love to answer them.
We also appreciate any comments!
Cheers,
Daniel (+ the KAISER team from Graz University of Technology)
[1] http://www.ieee-security.org/TC/SP2013/papers/4977a191.pdf
[2] https://www.blackhat.com/docs/us-16/materials/us-16-Fogh-Using-Undocumented-CPU-Behaviour-To-See-Into-Kernel-Mode-And-Break-KASLR-In-The-Process.pdf
[3] https://www.blackhat.com/docs/us-16/materials/us-16-Jang-Breaking-Kernel-Address-Space-Layout-Randomization-KASLR-With-Intel-TSX.pdf
[4] https://github.com/IAIK/KAISER
[5] https://gruss.cc/files/kaiser.pdf
[patch based also on
https://raw.githubusercontent.com/IAIK/KAISER/master/KAISER/0001-KAISER-Kernel-Address-Isolation.patch]
Signed-off-by: Richard Fellner <richard.fellner@student.tugraz.at>
Signed-off-by: Moritz Lipp <moritz.lipp@iaik.tugraz.at>
Signed-off-by: Daniel Gruss <daniel.gruss@iaik.tugraz.at>
Signed-off-by: Michael Schwarz <michael.schwarz@iaik.tugraz.at>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
3f1d77ca5f |
Merge 4.9.69 into android-4.9
Changes in 4.9.69 usb: gadget: udc: renesas_usb3: fix number of the pipes can: ti_hecc: Fix napi poll return value for repoll can: kvaser_usb: free buf in error paths can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() can: kvaser_usb: ratelimit errors if incomplete messages are received can: kvaser_usb: cancel urb on -EPIPE and -EPROTO can: ems_usb: cancel urb on -EPIPE and -EPROTO can: esd_usb2: cancel urb on -EPIPE and -EPROTO can: usb_8dev: cancel urb on -EPIPE and -EPROTO virtio: release virtio index when fail to device_register hv: kvp: Avoid reading past allocated blocks from KVP file isa: Prevent NULL dereference in isa_bus driver callbacks scsi: dma-mapping: always provide dma_get_cache_alignment scsi: use dma_get_cache_alignment() as minimum DMA alignment scsi: libsas: align sata_device's rps_resp on a cacheline efi: Move some sysfs files to be read-only by root efi/esrt: Use memunmap() instead of kfree() to free the remapping ASN.1: fix out-of-bounds read when parsing indefinite length item ASN.1: check for error from ASN1_OP_END__ACT actions KEYS: add missing permission check for request_key() destination X.509: reject invalid BIT STRING for subjectPublicKey X.509: fix comparisons of ->pkey_algo x86/PCI: Make broadcom_postcore_init() check acpi_disabled KVM: x86: fix APIC page invalidation btrfs: fix missing error return in btrfs_drop_snapshot ALSA: pcm: prevent UAF in snd_pcm_info ALSA: seq: Remove spurious WARN_ON() at timer check ALSA: usb-audio: Fix out-of-bound error ALSA: usb-audio: Add check return value for usb_string() iommu/vt-d: Fix scatterlist offset handling smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place s390: fix compat system call table KVM: s390: Fix skey emulation permission check powerpc/64s: Initialize ISAv3 MMU registers before setting partition table brcmfmac: change driver unbind order of the sdio function devices kdb: Fix handling of kallsyms_symbol_next() return value drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU media: dvb: i2c transfers over usb cannot be done from stack arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one KVM: VMX: remove I/O port 0x80 bypass on Intel hosts KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion KVM: arm/arm64: vgic-irqfd: Fix MSI entry allocation KVM: arm/arm64: vgic-its: Check result of allocation before use arm64: fpsimd: Prevent registers leaking from dead tasks bus: arm-cci: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: Check memory allocation failure bus: arm-ccn: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. crypto: talitos - fix AEAD test failures crypto: talitos - fix memory corruption on SEC2 crypto: talitos - fix setkey to check key weakness crypto: talitos - fix AEAD for sha224 on non sha224 capable chips crypto: talitos - fix use of sg_link_tbl_len crypto: talitos - fix ctr-aes-talitos usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT ARM: BUG if jumping to usermode address in kernel mode ARM: avoid faulting on qemu thp: reduce indentation level in change_huge_pmd() thp: fix MADV_DONTNEED vs. numa balancing race mm: drop unused pmdp_huge_get_and_clear_notify() Revert "drm/armada: Fix compile fail" Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA" ARM: 8657/1: uaccess: consistently check object sizes vti6: Don't report path MTU below IPV6_MIN_MTU. ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure x86/selftests: Add clobbers for int80 on x86_64 x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register sched/fair: Make select_idle_cpu() more aggressive x86/hpet: Prevent might sleep splat on resume powerpc/64: Invalidate process table caching after setting process table selftest/powerpc: Fix false failures for skipped tests powerpc: Fix compiling a BE kernel with a powerpc64le toolchain lirc: fix dead lock between open and wakeup_filter module: set __jump_table alignment to 8 powerpc/64: Fix checksum folding in csum_add() ARM: OMAP2+: Fix device node reference counts ARM: OMAP2+: Release device node after it is no longer needed. ASoC: rcar: avoid SSI_MODEx settings for SSI8 gpio: altera: Use handle_level_irq when configured as a level_high HID: chicony: Add support for another ASUS Zen AiO keyboard usb: gadget: configs: plug memory leak USB: gadgetfs: Fix a potential memory leak in 'dev_config()' usb: dwc3: gadget: Fix system suspend/resume on TI platforms usb: gadget: pxa27x: Test for a valid argument pointer usb: gadget: udc: net2280: Fix tmp reusage in net2280 driver kvm: nVMX: VMCLEAR should not cause the vCPU to shut down libata: drop WARN from protocol error in ata_sff_qc_issue() workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq scsi: qla2xxx: Fix ql_dump_buffer scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters irqchip/crossbar: Fix incorrect type of register size KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset arm: KVM: Survive unknown traps from guests arm64: KVM: Survive unknown traps from guests KVM: arm/arm64: VGIC: Fix command handling while ITS being disabled spi_ks8995: fix "BUG: key accdaa28 not in .data!" spi_ks8995: regs_size incorrect for some devices bnx2x: prevent crash when accessing PTP with interface down bnx2x: fix possible overrun of VFPF multicast addresses array bnx2x: fix detection of VLAN filtering feature for VF bnx2x: do not rollback VF MAC/VLAN filters we did not configure rds: tcp: Sequence teardown of listen and acceptor sockets to avoid races ibmvnic: Fix overflowing firmware/hardware TX queue ibmvnic: Allocate number of rx/tx buffers agreed on by firmware ipv6: reorder icmpv6_init() and ip6_mr_init() crypto: s5p-sss - Fix completing crypto request in IRQ handler i2c: riic: fix restart condition blk-mq: initialize mq kobjects in blk_mq_init_allocated_queue() zram: set physical queue limits to avoid array out of bounds accesses netfilter: don't track fragmented packets axonram: Fix gendisk handling drm/amd/amdgpu: fix console deadlock if late init failed powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro EDAC, i5000, i5400: Fix definition of NRECMEMB register kbuild: pkg: use --transform option to prefix paths in tar coccinelle: fix parallel build with CHECK=scripts/coccicheck x86/mpx/selftests: Fix up weird arrays mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() gre6: use log_ecn_error module parameter in ip6_tnl_rcv() route: also update fnhe_genid when updating a route cache route: update fnhe_expires for redirect when the fnhe exists drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' lib/genalloc.c: make the avail variable an atomic_long_t dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 NFS: Fix a typo in nfs_rename() sunrpc: Fix rpc_task_begin trace point xfs: fix forgotten rcu read unlock when skipping inode reclaim dt-bindings: usb: fix reg-property port-number range block: wake up all tasks blocked in get_request() sparc64/mm: set fields in deferred pages zsmalloc: calling zs_map_object() from irq is a bug sctp: do not free asoc when it is already dead in sctp_sendmsg sctp: use the right sk after waking up from wait_buf sleep bpf: fix lockdep splat clk: uniphier: fix DAPLL2 clock rate of Pro5 atm: horizon: Fix irq release error jump_label: Invoke jump_label_test() via early_initcall() xfrm: Copy policy family in clone_policy IB/mlx4: Increase maximal message size under UD QP IB/mlx5: Assign send CQ and recv CQ of UMR QP afs: Connect up the CB.ProbeUuid Linux 4.9.69 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Biggers
|
982707eb4f |
KEYS: add missing permission check for request_key() destination
commit |
||
|
Greg Kroah-Hartman
|
fdeec8fdb7 |
Merge 4.9.68 into android-4.9
Changes in 4.9.68 bcache: only permit to recovery read error when cache device is clean bcache: recover data from backing when data is clean drm/fsl-dcu: avoid disabling pixel clock twice on suspend drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() Revert "crypto: caam - get rid of tasklet" mm, oom_reaper: gather each vma to prevent leaking TLB entry uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub serial: 8250_pci: Add Amazon PCI serial device ID s390/runtime instrumentation: simplify task exit handling USB: serial: option: add Quectel BG96 id ima: fix hash algorithm initialization s390/pci: do not require AIS facility selftests/x86/ldt_get: Add a few additional tests for limits staging: greybus: loopback: Fix iteration count on async path m68k: fix ColdFire node shift size calculation serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() staging: rtl8188eu: avoid a null dereference on pmlmepriv spi: sh-msiof: Fix DMA transfer size check spi: spi-axi: fix potential use-after-free after deregistration mmc: sdhci-msm: fix issue with power irq usb: phy: tahvo: fix error handling in tahvo_usb_probe() serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() EDAC, sb_edac: Fix missing break in switch sysrq : fix Show Regs call trace on ARM usbip: tools: Install all headers needed for libusbip development perf test attr: Fix ignored test case result kprobes/x86: Disable preemption in ftrace-based jprobes tools include: Do not use poison with C++ iio: adc: ti-ads1015: add 10% to conversion wait time dax: Avoid page invalidation races and unnecessary radix tree traversals net/mlx4_en: Fix type mismatch for 32-bit systems l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups dmaengine: stm32-dma: Set correct args number for DMA request from DT dmaengine: stm32-dma: Fix null pointer dereference in stm32_dma_tx_status usb: gadget: f_fs: Fix ExtCompat descriptor validation libcxgb: fix error check for ip6_route_output() net: systemport: Utilize skb_put_padto() net: systemport: Pad packet before inserting TSB ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate ARM: OMAP1: DMA: Correct the number of logical channels vti6: fix device register to report IFLA_INFO_KIND be2net: fix accesses to unicast list be2net: fix unicast list filling net/appletalk: Fix kernel memory disclosure libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount net: qrtr: Mark 'buf' as little endian mm: fix remote numa hits statistics mac80211: calculate min channel width correctly ravb: Remove Rx overflow log messages nfs: Don't take a reference on fl->fl_file for LOCK operation drm/exynos/decon5433: update shadow registers iff there are active windows drm/exynos/decon5433: set STANDALONE_UPDATE_F also if planes are disabled KVM: arm/arm64: Fix occasional warning from the timer work function mac80211: prevent skb/txq mismatch NFSv4: Fix client recovery when server reboots multiple times perf/x86/intel: Account interrupts for PEBS errors powerpc/mm: Fix memory hotplug BUG() on radix qla2xxx: Fix wrong IOCB type assumption drm/amdgpu: fix bug set incorrect value to vce register drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement net: sctp: fix array overrun read on sctp_timer_tbl x86/fpu: Set the xcomp_bv when we fake up a XSAVES area drm/amdgpu: fix unload driver issue for virtual display mac80211: don't try to sleep in rate_control_rate_init() RDMA/qedr: Return success when not changing QP state RDMA/qedr: Fix RDMA CM loopback tipc: fix nametbl_lock soft lockup at module exit tipc: fix cleanup at module unload dmaengine: pl330: fix double lock tcp: correct memory barrier usage in tcp_check_space() i2c: i2c-cadence: Initialize configuration before probing devices nvmet: cancel fatal error and flush async work before free controller gtp: clear DF bit on GTP packet tx gtp: fix cross netns recv on gtp socket net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause net: thunderx: avoid dereferencing xcv when NULL be2net: fix initial MAC setting vfio/spapr: Fix missing mutex unlock when creating a window mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers xen-netfront: Improve error handling during initialization cec: initiator should be the same as the destination for, poll xen-netback: vif counters from int/long to u64 net: fec: fix multicast filtering hardware setup dma-buf/dma-fence: Extract __dma_fence_is_later() dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound dma-buf/sw-sync: Prevent user overflow on timeline advance dma-buf/sw-sync: Reduce irqsave/irqrestore from known context dma-buf/sw-sync: sync_pt is private and of fixed size dma-buf/sw-sync: Fix locking around sync_timeline lists dma-buf/sw-sync: Use an rbtree to sort fences in the timeline dma-buf/sw_sync: move timeline_fence_ops around dma-buf/sw_sync: clean up list before signaling the fence dma-fence: Clear fence->status during dma_fence_init() dma-fence: Wrap querying the fence->status dma-fence: Introduce drm_fence_set_error() helper dma-buf/sw_sync: force signal all unsignaled fences on dying timeline dma-buf/sync_file: hold reference to fence when creating sync_file dma-buf: Update kerneldoc for sync_file_create usb: hub: Cycle HUB power when initialization fails usb: xhci: fix panic in xhci_free_virt_devices_depth_first USB: core: Add type-specific length check of BOS descriptors USB: Increase usbfs transfer limit USB: devio: Prevent integer overflow in proc_do_submiturb() USB: usbfs: Filter flags passed in from user space usb: host: fix incorrect updating of offset xen-netfront: avoid crashing on resume after a failure in talk_to_netback() Linux 4.9.68 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Boshi Wang
|
b0a46089fe |
ima: fix hash algorithm initialization
[ Upstream commit |
||
|
Greg Kroah-Hartman
|
ea83e4a902 |
Merge 4.9.65 into android-4.9
Changes in 4.9.65 tcp_nv: fix division by zero in tcpnv_acked() net: vrf: correct FRA_L3MDEV encode type tcp: do not mangle skb->cb[] in tcp_make_synack() netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed bonding: discard lowest hash bit for 802.3ad layer3+4 net: cdc_ether: fix divide by 0 on bad descriptors net: qmi_wwan: fix divide by 0 on bad descriptors qmi_wwan: Add missing skb_reset_mac_header-call net: usb: asix: fill null-ptr-deref in asix_suspend vlan: fix a use-after-free in vlan_device_event() af_netlink: ensure that NLMSG_DONE never fails in dumps sctp: do not peel off an assoc from one netns to another one fealnx: Fix building error on MIPS net/sctp: Always set scope_id in sctp_inet6_skb_msgname crypto: dh - fix memleak in setkey crypto: dh - Fix double free of ctx->p ima: do not update security.ima if appraisal status is not INTEGRITY_PASS serial: omap: Fix EFR write on RTS deassertion serial: 8250_fintek: Fix finding base_port with activated SuperIO dmaengine: dmatest: warn user when dma test times out ocfs2: fix cluster hang after a node dies ocfs2: should wait dio before inode lock in ocfs2_setattr() ipmi: fix unsigned long underflow mm/page_alloc.c: broken deferred calculation coda: fix 'kernel memory exposure attempt' in fsync mm/pagewalk.c: report holes in hugetlb ranges Linux 4.9.65 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Roberto Sassu
|
2cfbb32f6c |
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
commit |
||
|
Greg Kroah-Hartman
|
44a3afcce1 |
Merge 4.9.63 into android-4.9
Changes in 4.9.63 gso: fix payload length when gso_size is zero tun/tap: sanitize TUNSETSNDBUF input ipv6: addrconf: increment ifp refcount before ipv6_del_addr() netlink: do not set cb_running if dump's start() errs net: call cgroup_sk_alloc() earlier in sk_clone_lock() tcp: fix tcp_mtu_probe() vs highest_sack l2tp: check ps->sock before running pppol2tp_session_ioctl() tun: call dev_get_valid_name() before register_netdevice() sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect tcp/dccp: fix ireq->opt races packet: avoid panic in packet_getsockopt() soreuseport: fix initialization race ipv6: flowlabel: do not leave opt->tot_len with garbage sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND tcp/dccp: fix lockdep splat in inet_csk_route_req() tcp/dccp: fix other lockdep splats accessing ireq_opt net/unix: don't show information about sockets from other namespaces tap: double-free in error path in tap_open() ipip: only increase err_count for some certain type icmp in ipip_err ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err ip6_gre: update dst pmtu if dev mtu has been updated by toobig in __gre6_xmit tun: allow positive return values on dev_get_valid_name() call sctp: reset owner sk for data chunks on out queues when migrating a sock net_sched: avoid matching qdisc with zero handle ppp: fix race in ppp device destruction mac80211: accept key reinstall without changing anything mac80211: use constant time comparison with keys mac80211: don't compare TKIP TX MIC key in reinstall prevention usb: usbtest: fix NULL pointer dereference Input: ims-psu - check if CDC union descriptor is sane ALSA: seq: Cancel pending autoload work at unbinding device Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config" netfilter: nat: avoid use of nf_conn_nat extension netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" security/keys: add CONFIG_KEYS_COMPAT to Kconfig brcmfmac: remove setting IBSS mode when stopping AP target/iscsi: Fix iSCSI task reassignment handling qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) misc: panel: properly restore atomic counter on error path Linux 4.9.63 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Bilal Amarni
|
31c8c49428 |
security/keys: add CONFIG_KEYS_COMPAT to Kconfig
commit
|
||
|
Greg Kroah-Hartman
|
a6d71ba679 |
Merge 4.9.62 into android-4.9
Changes in 4.9.62 adv7604: Initialize drive strength to default when using DT video: fbdev: pmag-ba-fb: Remove bad `__init' annotation PCI: mvebu: Handle changes to the bridge windows while enabled sched/core: Add missing update_rq_clock() call in sched_move_task() xen/netback: set default upper limit of tx/rx queues to 8 ARM: dts: imx53-qsb-common: fix FEC pinmux config dt-bindings: clockgen: Add compatible string for LS1012A EDAC, amd64: Add x86cpuid sanity check during init PM / OPP: Error out on failing to add static OPPs for v1 bindings clk: samsung: exynos5433: Add IDs for PHYCLK_MIPIDPHY0_* clocks drm: drm_minor_register(): Clean up debugfs on failure KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter iommu/arm-smmu-v3: Clear prior settings when updating STEs pinctrl: baytrail: Fix debugfs offset output powerpc/corenet: explicitly disable the SDHC controller on kmcoge4 cxl: Force psl data-cache flush during device shutdown ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6 arm64: dma-mapping: Only swizzle DMA ops for IOMMU_DOMAIN_DMA crypto: vmx - disable preemption to enable vsx in aes_ctr.c drm: mali-dp: fix Lx_CONTROL register fields clobber iio: trigger: free trigger resource correctly iio: pressure: ms5611: claim direct mode during oversampling changes iio: magnetometer: mag3110: claim direct mode during raw writes iio: proximity: sx9500: claim direct mode during raw proximity reads dt-bindings: Add LEGO MINDSTORMS EV3 compatible specification dt-bindings: Add vendor prefix for LEGO phy: increase size of MII_BUS_ID_SIZE and bus_id serial: sh-sci: Fix register offsets for the IRDA serial port libertas: fix improper return value usb: hcd: initialize hcd->flags to 0 when rm hcd netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family brcmfmac: setup wiphy bands after registering it first rt2800usb: mark tx failure on timeout apparmor: fix undefined reference to `aa_g_hash_policy' IPsec: do not ignore crypto err in ah4 input EDAC, amd64: Save and return err code from probe_one_instance() s390/topology: make "topology=off" parameter work Input: mpr121 - handle multiple bits change of status register Input: mpr121 - set missing event capability sched/cputime, powerpc32: Fix stale scaled stime on context switch IB/ipoib: Change list_del to list_del_init in the tx object ARM: dts: STiH410-family: fix wrong parent clock frequency s390/qeth: fix retrieval of vipa and proxy-arp addresses s390/qeth: issue STARTLAN as first IPA command wcn36xx: Don't use the destroyed hal_mutex IB/rxe: Fix reference leaks in memory key invalidation code clk: mvebu: adjust AP806 CPU clock frequencies to production chip net: dsa: select NET_SWITCHDEV platform/x86: hp-wmi: Fix detection for dock and tablet mode cdc_ncm: Set NTB format again after altsetting switch for Huawei devices KEYS: trusted: sanitize all key material KEYS: trusted: fix writing past end of buffer in trusted_read() platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state platform/x86: hp-wmi: Do not shadow error values x86/uaccess, sched/preempt: Verify access_ok() context workqueue: Fix NULL pointer dereference crypto: ccm - preserve the IV buffer crypto: x86/sha1-mb - fix panic due to unaligned access crypto: x86/sha256-mb - fix panic due to unaligned access KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2] ARM: 8720/1: ensure dump_instr() checks addr_limit ALSA: seq: Fix OSS sysex delivery in OSS emulation ALSA: seq: Avoid invalid lockdep class warning drm/i915: Do not rely on wm preservation for ILK watermarks MIPS: microMIPS: Fix incorrect mask in insn_table_MM MIPS: Fix CM region target definitions MIPS: SMP: Use a completion event to signal CPU up MIPS: Fix race on setting and getting cpu_online_mask MIPS: SMP: Fix deadlock & online race selftests: firmware: send expected errors to /dev/null tools: firmware: check for distro fallback udev cancel rule ASoC: sun4i-spdif: remove legacy dapm components MIPS: BMIPS: Fix missing cbr address MIPS: AR7: Defer registration of GPIO MIPS: AR7: Ensure that serial ports are properly set up Input: elan_i2c - add ELAN060C to the ACPI table rbd: use GFP_NOIO for parent stat and data requests drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue drm/bridge: adv7511: Rework adv7511_power_on/off() so they can be reused internally drm/bridge: adv7511: Reuse __adv7511_power_on/off() when probing EDID drm/bridge: adv7511: Re-write the i2c address before EDID probing can: sun4i: handle overrun in RX FIFO can: ifi: Fix transmitter delay calculation can: c_can: don't indicate triple sampling support for D_CAN x86/smpboot: Make optimization of delay calibration work correctly x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context Linux 4.9.62 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Biggers
|
419ec342d3 |
KEYS: trusted: fix writing past end of buffer in trusted_read()
commit |
||
|
Eric Biggers
|
64a234537a |
KEYS: trusted: sanitize all key material
commit
|
||
|
John Johansen
|
ab71bee531 |
apparmor: fix undefined reference to `aa_g_hash_policy'
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
c4789f87f6 |
Merge 4.9.61 into android-4.9
Changes in 4.9.61 ALSA: timer: Add missing mutex lock for compat ioctls ALSA: seq: Fix nested rwsem annotation for lockdep splat cifs: check MaxPathNameComponentLength != 0 before using it KEYS: return full count in keyring_read() if buffer is too small KEYS: fix out-of-bounds read during ASN.1 parsing ASoC: adau17x1: Workaround for noise bug in ADC arm64: ensure __dump_instr() checks addr_limit arm/arm64: KVM: set right LR register value for 32 bit guest when inject abort arm/arm64: kvm: Disable branch profiling in HYP code ARM: 8715/1: add a private asm/unaligned.h drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting ocfs2: fstrim: Fix start offset of first cluster group during fstrim drm/i915/edp: read edp display control registers unconditionally drm/msm: Fix potential buffer overflow issue drm/msm: fix an integer overflow test tracing/samples: Fix creation and deletion of simple_thread_fn creation Fix tracing sample code warning. cpufreq: Do not clear real_cpus mask on policy init crypto: ccp - Set the AES size field for all modes staging: fsl-mc: Add missing header IB/mlx5: Assign DSCP for R-RoCE QPs Address Path PM / wakeirq: report a wakeup_event on dedicated wekup irq scsi: megaraid_sas: Do not set fp_possible if TM capable for non-RW syspdIO, change fp_possible to bool mmc: s3cmci: include linux/interrupt.h for tasklet_struct mfd: ab8500-sysctrl: Handle probe deferral mfd: axp20x: Fix axp288 PEK_DBR and PEK_DBF irqs being swapped bnxt_en: Added PCI IDs for BCM57452 and BCM57454 ASICs staging: rtl8712u: Fix endian settings for structs describing network packets PCI/MSI: Return failure when msix_setup_entries() fails net: mvneta: fix build errors when linux/phy*.h is removed from net/dsa.h ext4: fix stripe-unaligned allocations ext4: do not use stripe_width if it is not set net/ena: change driver's default timeouts i2c: riic: correctly finish transfers drm/amdgpu: when dpm disabled, also need to stop/start vce. perf tools: Only increase index if perf_evsel__new_idx() succeeds iwlwifi: mvm: use the PROBE_RESP_QUEUE to send deauth to unknown station drm/fsl-dcu: check for clk_prepare_enable() error clocksource/drivers/arm_arch_timer: Add dt binding for hisilicon-161010101 erratum net: phy: dp83867: Recover from "port mirroring" N/A MODE4 cx231xx: Fix I2C on Internal Master 3 Bus ath10k: fix reading sram contents for QCA4019 clk: sunxi-ng: Check kzalloc() for errors and cleanup error path mtd: nand: sunxi: Fix the non-polling case in sunxi_nfc_wait_events() gpio: mcp23s08: Select REGMAP/REGMAP_I2C to fix build error xen/manage: correct return value check on xenbus_scanf() scsi: aacraid: Process Error for response I/O platform/x86: intel_mid_thermal: Fix module autoload staging: lustre: llite: don't invoke direct_IO for the EOF case staging: lustre: hsm: stack overrun in hai_dump_data_field staging: lustre: ptlrpc: skip lock if export failed staging: lustre: lmv: Error not handled for lmv_find_target brcmfmac: check brcmf_bus_get_memdump result for error vfs: open() with O_CREAT should not create inodes with unknown ids ASoC: Intel: boards: remove .pm_ops in all Atom/DPCM machine drivers exynos4-is: fimc-is: Unmap region obtained by of_iomap() mei: return error on notification request to a disconnected client s390/dasd: check for device error pointer within state change interrupts s390/prng: Adjust generation of entropy to produce real 256 bits. s390/crypto: Extend key length check for AES-XTS in fips mode. bt8xx: fix memory leak drm/exynos: g2d: prevent integer overflow in PCI: Avoid possible deadlock on pci_lock and p->pi_lock powerpc/64: Don't try to use radix MMU under a hypervisor xen: don't print error message in case of missing Xenstore entry staging: r8712u: Fix Sparse warning in rtl871x_xmit.c ARM: dts: mvebu: pl310-cache disable double-linefill Linux 4.9.61 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Biggers
|
0be72aebbf |
KEYS: return full count in keyring_read() if buffer is too small
commit |
||
|
Chenbo Feng
|
0521e0b3fc |
UPSTREAM: selinux: bpf: Add addtional check for bpf object file receive
Introduce a bpf object related check when sending and receiving files
through unix domain socket as well as binder. It checks if the receiving
process have privilege to read/write the bpf map or use the bpf program.
This check is necessary because the bpf maps and programs are using a
anonymous inode as their shared inode so the normal way of checking the
files and sockets when passing between processes cannot work properly on
eBPF object. This check only works when the BPF_SYSCALL is configured.
Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry-pick from net-next:
|
||
|
Chenbo Feng
|
9b62913289 |
UPSTREAM: selinux: bpf: Add selinux check for eBPF syscall operations
Implement the actual checks introduced to eBPF related syscalls. This
implementation use the security field inside bpf object to store a sid that
identify the bpf object. And when processes try to access the object,
selinux will check if processes have the right privileges. The creation
of eBPF object are also checked at the general bpf check hook and new
cmd introduced to eBPF domain can also be checked there.
Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry-pick from net-next:
|
||
|
Chenbo Feng
|
f3ad3766a9 |
BACKPORT: security: bpf: Add LSM hooks for bpf object related syscall
Introduce several LSM hooks for the syscalls that will allow the
userspace to access to eBPF object such as eBPF programs and eBPF maps.
The security check is aimed to enforce a per object security protection
for eBPF object so only processes with the right priviliges can
read/write to a specific map or use a specific eBPF program. Besides
that, a general security hook is added before the multiplexer of bpf
syscall to check the cmd and the attribute used for the command. The
actual security module can decide which command need to be checked and
how the cmd should be checked.
Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Added the LIST_HEAD_INIT call for security hooks, it nolonger exist in
uptream code.
(cherry-pick from net-next:
|
||
|
Greg Kroah-Hartman
|
16cc920a0f |
Merge 4.9.59 into android-4.9
Changes in 4.9.59 USB: devio: Revert "USB: devio: Don't corrupt user memory" USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() USB: serial: metro-usb: add MS7820 device id usb: cdc_acm: Add quirk for Elatec TWN3 usb: quirks: add quirk for WORLDE MINI MIDI keyboard usb: hub: Allow reset retry for USB2 devices on connect bounce ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital can: gs_usb: fix busy loop if no more TX context is available parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels iio: dummy: events: Add missing break usb: musb: sunxi: Explicitly release USB PHY on exit usb: musb: Check for host-mode using is_host_active() on reset interrupt xhci: Identify USB 3.1 capable hosts by their port protocol capability can: esd_usb2: Fix can_dlc value for received RTR, frames drm/nouveau/bsp/g92: disable by default drm/nouveau/mmu: flush tlbs before deleting page tables ALSA: seq: Enable 'use' locking in all configurations ALSA: hda: Remove superfluous '-' added by printk conversion ALSA: hda: Abort capability probe at invalid register read i2c: ismt: Separate I2C block read from SMBus block read i2c: piix4: Fix SMBus port selection for AMD Family 17h chips brcmfmac: Add check for short event packets brcmsmac: make some local variables 'static const' to reduce stack size bus: mbus: fix window size calculation for 4GB windows clockevents/drivers/cs5535: Improve resilience to spurious interrupts rtlwifi: rtl8821ae: Fix connection lost problem x86/microcode/intel: Disable late loading on model 79 KEYS: encrypted: fix dereference of NULL user_key_payload lib/digsig: fix dereference of NULL user_key_payload KEYS: don't let add_key() update an uninstantiated key pkcs7: Prevent NULL pointer dereference, since sinfo is not always set. vmbus: fix missing signaling in hv_signal_on_read() xfs: don't unconditionally clear the reflink flag on zero-block files xfs: evict CoW fork extents when performing finsert/fcollapse fs/xfs: Use %pS printk format for direct addresses xfs: report zeroed or not correctly in xfs_zero_range() xfs: update i_size after unwritten conversion in dio completion xfs: perag initialization should only touch m_ag_max_usable for AG 0 xfs: Capture state of the right inode in xfs_iflush_done xfs: always swap the cow forks when swapping extents xfs: handle racy AIO in xfs_reflink_end_cow xfs: Don't log uninitialised fields in inode structures xfs: move more RT specific code under CONFIG_XFS_RT xfs: don't change inode mode if ACL update fails xfs: reinit btree pointer on attr tree inactivation walk xfs: handle error if xfs_btree_get_bufs fails xfs: cancel dirty pages on invalidation xfs: trim writepage mapping to within eof fscrypt: fix dereference of NULL user_key_payload KEYS: Fix race between updating and finding a negative key FS-Cache: fix dereference of NULL user_key_payload Linux 4.9.59 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
David Howells
|
63c8e45255 |
KEYS: Fix race between updating and finding a negative key
commit |
||
|
David Howells
|
da0c7503c0 |
KEYS: don't let add_key() update an uninstantiated key
commit
|