Use the correct function type to avoid tripping Control-Flow
Integrity checking.
Bug: 133186739
Change-Id: I6a145ba075f8902a5883e6374328643b3771b1eb
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Although a syscall defined using SYSCALL_DEFINE0 doesn't accept
parameters, use the correct function type to avoid type mismatches
with Control-Flow Integrity checking.
Bug: 133186739
Change-Id: I246d27e4418695231979f4f9a6d98c8eb6776167
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Instead of disabling LTO for all the code in the directory, only
disable it for the VDSO itself.
Bug: 133186739
Change-Id: I02e34b75e022982f9884e238aec89486890dd4bb
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
LLVM's assembler doesn't accept the short form inl (%%dx) instruction,
but instead insists on the output register to be explicitly specified:
<inline asm>:1:7: error: invalid operand for instruction
inl (%dx)
^
LLVM ERROR: Error parsing inline asm
Bug: 133186739
Change-Id: I0519034f4a66bd72f23d206d4638578836a49ff5
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Calling a stand-alone assembly function trips clang's Control-Flow
Integrity checking. Add a static inline stub to convert indirect calls
to direct calls for pmull_ghash_update_p(64|8).
Bug: 133186739
Change-Id: Ib4899cdae60d83961f78ed3451a919f7c9c713bc
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Calling a stand-alone assembly function trips clang's Control-Flow
Integrity checking. Add static inline stubs to convert indirect calls
to direct calls for sha[12]_ce_transform
Bug: 67506682
Bug: 133186739
Change-Id: If872f30095994206bc768eee13670be552b2a247
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Disable CFI for code that runs at EL2 because __cfi_check only
understands EL1 addresses.
Bug: 67506682
Bug: 133186739
Change-Id: Ia582943be0b31669d88464fd99228a5368b1aa6a
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
4.9.93 panics on boot when CFI_CLANG and UNMAP_KERNEL_AT_EL0 are both
enabled. From Sami Tolvanen:
"kpti_install_ng_mappings makes an indirect call to a physical address,
which trips CFI. Adding the __nocfi attribute to this function should
fix the problem."
Bug: 77811249
Bug: 133186739
Change-Id: I87d1ceb29f1ba2caee8954547596f4236bdfc31f
Reported-by: Jean-Baptiste Theou <jb@essential.com>
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Disable CFI to allow an indirect call to a physical address.
Bug: 67506682
Bug: 133186739
Change-Id: I0ec38f34245a4ad52f508f6989093526d3bf442f
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Calling sys_ni_syscall through a syscall_fn_t pointer trips indirect
call Control-Flow Integrity checking due to a function type
mismatch. Use SYSCALL_DEFINE0 for __arm64_sys_ni_syscall instead and
remove the now unnecessary casts.
Bug: 133186739
Change-Id: Id01f505b333b864477335e87e0c3100fa60be1eb
Link: https://lkml.org/lkml/2019/5/3/690
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Although a syscall defined using SYSCALL_DEFINE0 doesn't accept
parameters, use the correct function type to avoid indirect call
type mismatches with Control-Flow Integrity checking.
Bug: 133186739
Change-Id: I45d1235f4b93c69451ed3610b676d0948cef5ee1
Link: https://lkml.org/lkml/2019/5/3/691
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Syscall wrappers in <asm/syscall_wrapper.h> use const struct pt_regs *
as the argument type. Use const in syscall_fn_t as well to fix indirect
call type mismatches with Control-Flow Integrity checking.
Bug: 133186739
Change-Id: I23d26aef5107985631a9aac500f2ceefc0b25419
Link: https://lkml.org/lkml/2019/5/3/689
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
When CONFIG_CFI_CLANG is enabled, LLVM renames all address taken
functions by appending a .cfi postfix to their names, and creates
function stubs with the original names. The compiler always injects
these stubs to the text section, even if the function itself is
placed into init or exit sections, which creates modpost warnings.
This commit adds a modpost exception for CFI stubs to prevent the
warnings.
Bug: 117237524
Bug: 133186739
Change-Id: Ieb8bf20d0c3ad7b7295c535f598370220598cdb0
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This change fixes indirect call mismatches with function and function
graph tracing, which trip Control-Flow Integrity (CFI) checking.
Bug: 79510107
Bug: 67506682
Bug: 133186739
Change-Id: I5de08c113fb970ffefedce93c58e0161f22c7ca2
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Fix the callback 9p passes to read_cache_page to actually have the
proper type expected. Casting around function pointers can easily
hide typing bugs, and defeats control flow protection.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Change-Id: I3738b7c0c7f77f85cd7007141400c36516dac6b8
Bug: 133186739
Link: https://lkml.org/lkml/2019/5/1/374
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Fix the callback jffs2 passes to read_cache_page to actually have the
proper type expected. Casting around function pointers can easily
hide typing bugs, and defeats control flow protection.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Bug: 133186739
Change-Id: Ie5bfeff009a555c1894784458d2fe79a87f1be03
Link: https://lkml.org/lkml/2019/5/1/295
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Fix the callbacks NFS passes to read_cache_page to actually have the
proper type expected. Casting around function pointers can easily
hide typing bugs, and defeats control flow protection.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Change-Id: Ia245fc02d550d34d80f4e8ebdeb6b744115ffdb3
(cherry picked from commit a46126ccc7)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
We can just pass a NULL filler and do the right thing inside of
do_read_cache_page based on the NULL parameter.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Bug: 133186739
Change-Id: I720afb2e0c28d5649b62ed3852b48ac63dc0d7a8
Link: https://lkml.org/lkml/2019/5/1/294
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Use struct device_attribute instead of struct idletimer_tg_attr, and
the correct callback function type to avoid indirect call mismatches
with Control Flow Integrity checking.
Bug: 117299373
Change-Id: I5cc50171e01a5162ef504a726fe3ed4b51941b34
(cherry-picked from commit 20fdaf6e1e)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
With CFI enabled, LLVM appends .cfi to most function names, which
potentially breaks user space tools. While stripping the postfix is
not optimal either, this should at least create less confusion.
Bug: 67506682
Bug: 73328469
Bug: 133186739
Change-Id: I253f34a562629032ddd792b8498e171109ea7cbc
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This change adds the CONFIG_CFI_CLANG option, CFI error handling,
and a faster look-up table for cross module CFI checks.
Bug: 67506682
Bug: 133186739
Change-Id: Ic009f0a629b552a0eb16e6d89808c7029e91447d
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
__ll_sc_* functions are only referenced in inline assembly, which means lld
won't see them when CONFIG_LTO_CLANG is enabled due to a bug in LLVM:
https://bugs.llvm.org/show_bug.cgi?id=35841
When LTO and CONFIG_ARM64_LSE_ATOMICS are both enabled, linking fails with
the following type of errors:
ld.lld: error: relocation R_AARCH64_CALL26 cannot refer to absolute
symbol: __ll_sc_atomic64_add_return_acquire
>>> defined in vmlinux.o
>>> referenced by atomic_lse.h:299 (arch/arm64/include/asm/atomic_lse.h:299)
>>> vmlinux.o:(kernel_init_freeable)
...
This change works around the problem by always linking in atomic_ll_sc.o to
vmlinux, instead of placing it in arch/arm64/lib/lib.a.
Bug: 63740206
Bug: 117299373
Bug: 124318741
Bug: 133186739
Change-Id: Idf2211034cce9cb0b6b2007bbdb1dfc1c1a1053d
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
LLVM's integrated assembler is always used for inline assembly with
CONFIG_LTO_CLANG. Unlike gcc, LLVM considers each inline assembly
block to be independent and therefore, any preambles that enable
features must be included in each block.
This change adds the necessary preamble to ARM64_LSE_ATOMIC_INSN to
allow CONFIG_ARM64_LSE_ATOMICS to be enabled with LTO.
Bug: 117299373
Bug: 133186739
Change-Id: Icc06361dc2a2dba0f5f967d7f540cac2753b3e9c
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Due to a bug in clang, vdso fails to build when both LTO_CLANG and
CC_OPTIMIZE_FOR_SIZE are enabled:
https://bugs.llvm.org/show_bug.cgi?id=32155
Disable LTO for vdso to work around the problem.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: I1d0279535fd389db4c829e4556f9ef728f240a34
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Clang's integrated assembler does not allow assembly macros defined
in one inline asm block using the .macro directive to be used across
separate asm blocks. LLVM developers consider this a feature and not a
bug, recommending code refactoring:
https://bugs.llvm.org/show_bug.cgi?id=19749
As binutils doesn't allow macros to be redefined, this change uses
UNDEFINE_MRS_S and UNDEFINE_MSR_S to define corresponding macros
in-place and workaround gcc and clang limitations on redefining macros
across different assembler blocks.
Specifically, the current state after preprocessing looks like this:
asm volatile(".macro mXX_s ... .endm");
void f()
{
asm volatile("mXX_s a, b");
}
With GCC, it gives macro redefinition error because sysreg.h is included
in multiple source files, and assembler code for all of them is later
combined for LTO (I've seen an intermediate file with hundreds of
identical definitions).
With clang, it gives macro undefined error because clang doesn't allow
sharing macros between inline asm statements.
I also seem to remember catching another sort of undefined error with
GCC due to reordering of macro definition asm statement and generated
asm code for function that uses the macro.
The solution with defining and undefining for each use, while certainly
not elegant, satisfies both GCC and clang, LTO and non-LTO.
Co-developed-by: Alex Matveev <alxmtvv@gmail.com>
Co-developed-by: Yury Norov <ynorov@caviumnetworks.com>
Co-developed-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit be604c616c)
Change-Id: I803fff57f639b0921ef81f90ec4befe802e7eecf
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With LTO, LLVM sorts initcalls in a single translation unit alphabetically
based on the name of the function (or actually, the variable stored in
the initcall section). Use __COUNTER__ in the variable name in an attempt
to preserve the intended order.
In addition, LTO requires all initcall variables to have unique names. Use
__LINE__ in the name to reduce the chance of name collisions.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: I4fa3cb93cba967a1440ac53328eb6b8ac649ff36
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Disable LTO for lkdtm_rodata.o to allow objcopy to be used to
manipulate sections.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: Iedd1a3a2a9b06f44e7ceb6ac287ea764eaf5ef0a
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CONFIG_LTO_CLANG, we produce LLVM IR instead of object files. Since LTO
is not really needed here and the Makefile assumes we produce an object file,
disable LTO for libstub.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: Ieaa3d7e2c694655788f480f4351bf7c4d3fce090
(am from https://patchwork.kernel.org/patch/10060309/)
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CONFIG_LTO_CLANG, clang generates LLVM IR instead of ELF object
files. As empty.o is used for probing target properties, disable LTO
for it to produce an object file instead.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: I0c7ac7ee0134465cac4a8c3a9c7e8b6347076a2b
(am from https://patchwork.kernel.org/patch/10060317/)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Using LTO with KASAN currently results in "inlinable function call
in a function with debug info must have a !dbg location" errors for
memset and several of the __asan_report_* functions.
As combining these options doesn't provide significant benefits,
this change disables LTO_CLANG when KASAN is selected.
Bug: 113246877
Bug: 133186739
Change-Id: I06cd27d1e9ab74627de4771548453abe3593fcb5
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CONFIG_LTO_CLANG enabled, LLVM IR won't be compiled into object
files until modpost_link. This change postpones calls to recordmcount
until after this step.
In order to exclude ftrace_process_locs from inspection, we add a new
code section .text..ftrace, which we tell recordmcount to ignore, and
a __norecordmcount attribute for moving functions to this section.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: Iba2c053968206acf533fadab1eb34a743b5088ee
(am from https://patchwork.kernel.org/patch/10060327/)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This change adds the configuration option CONFIG_LTO_CLANG, and
build system support for clang's Link Time Optimization (LTO). In
preparation for LTO support for other compilers, potentially common
parts of the changes are gated behind CONFIG_LTO instead.
With -flto, instead of object files, clang produces LLVM bitcode,
which is compiled into a native object at link time, allowing the
final binary to be optimized globally. For more details, see:
https://llvm.org/docs/LinkTimeOptimization.html
While the kernel normally uses GNU ld for linking, LLVM supports LTO
only with lld or GNU gold linkers. This patch set assumes lld will
be used.
Bug: 62093296
Bug: 67506682
Bug: 133186739
Change-Id: Ibcd9fc7ec501b4f30b43b4877897615645f8655f
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Similarly to the CC_IS_CLANG config, add LD_IS_LLD to simplify feature
selection based on the linker.
Bug: 133186739
Change-Id: I175ee4b33832afd1369d48dbd131fc5c39c2f71a
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
LLVM uses profiling data that's deliberately similar to GCC, but has a
very different way of exporting that data. LLVM calls llvm_gcov_init()
once per module, and provides a couple of callbacks that we can use to
ask for more data.
We care about the "writeout" callback, which in turn calls back into
compiler-rt/this module to dump all the gathered coverage data to disk:
llvm_gcda_start_file()
llvm_gcda_emit_function()
llvm_gcda_emit_arcs()
llvm_gcda_emit_function()
llvm_gcda_emit_arcs()
[... repeats for each function ...]
llvm_gcda_summary_info()
llvm_gcda_end_file()
This design is much more stateless and unstructured than gcc's, and is
intended to run at process exit. This forces us to keep some local
state about which module we're dealing with at the moment. On the other
hand, it also means we don't depend as much on how LLVM represents
profiling data internally.
See LLVM's lib/Transforms/Instrumentation/GCOVProfiling.cpp for more
details on how this works, particularly GCOVProfiler::emitProfileArcs(),
GCOVProfiler::insertCounterWriteout(), and GCOVProfiler::insertFlush().
[akpm@linux-foundation.org: coding-style fixes]
Link: http://lkml.kernel.org/r/20190417225328.208129-1-trong@android.com
Signed-off-by: Greg Hackmann <ghackmann@android.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Tri Vo <trong@android.com>
Co-developed-by: Nick Desaulniers <ndesaulniers@google.com>
Co-developed-by: Tri Vo <trong@android.com>
Tested-by: Trilok Soni <tsoni@quicinc.com>
Tested-by: Prasad Sodagudi <psodagud@quicinc.com>
Tested-by: Tri Vo <trong@android.com>
Tested-by: Daniel Mentz <danielmentz@google.com>
Tested-by: Petri Gynther <pgynther@google.com>
Reviewed-by: Peter Oberparleiter <oberpar@linux.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit e178a5beb3)
Bug: 132997968
Test: defconfig + CONFIG_GCOV_KERNEL records coverage
Change-Id: Id72b3ee32571f0e555d5a7407d3f1e933850b390
For iptable module to load a bpf program from a pinned location, it
only retrieve a loaded program and cannot change the program content so
requiring a write permission for it might not be necessary.
Also when adding or removing an unrelated iptable rule, it might need to
flush and reload the xt_bpf related rules as well and triggers the inode
permission check. It might be better to remove the write premission
check for the inode so we won't need to grant write access to all the
processes that flush and restore iptables rules.
Signed-off-by: Chenbo Feng <fengc@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
(cherry picked from commit e547ff3f80)
Bug: 129650054
Change-Id: I71487ad6f4d22e0a8be3757d9b72d1c04c92104d
(cherry picked from commit 9e74c1b9e8418aa0209b15db24f0b3d4876f52aa)
Changes in 4.19.44
bfq: update internal depth state when queue depth changes
platform/x86: sony-laptop: Fix unintentional fall-through
platform/x86: thinkpad_acpi: Disable Bluetooth for some machines
platform/x86: dell-laptop: fix rfkill functionality
hwmon: (pwm-fan) Disable PWM if fetching cooling data fails
kernfs: fix barrier usage in __kernfs_new_node()
virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace
USB: serial: fix unthrottle races
iio: adc: xilinx: fix potential use-after-free on remove
iio: adc: xilinx: fix potential use-after-free on probe
iio: adc: xilinx: prevent touching unclocked h/w on remove
acpi/nfit: Always dump _DSM output payload
libnvdimm/namespace: Fix a potential NULL pointer dereference
HID: input: add mapping for Expose/Overview key
HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
HID: input: add mapping for "Toggle Display" key
libnvdimm/btt: Fix a kmemdup failure check
s390/dasd: Fix capacity calculation for large volumes
mac80211: fix unaligned access in mesh table hash function
mac80211: Increase MAX_MSG_LEN
cfg80211: Handle WMM rules in regulatory domain intersection
mac80211: fix memory accounting with A-MSDU aggregation
nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands
libnvdimm/pmem: fix a possible OOB access when read and write pmem
s390/3270: fix lockdep false positive on view->lock
drm/amd/display: extending AUX SW Timeout
clocksource/drivers/npcm: select TIMER_OF
clocksource/drivers/oxnas: Fix OX820 compatible
selftests: fib_tests: Fix 'Command line is not complete' errors
mISDN: Check address length before reading address family
vxge: fix return of a free'd memblock on a failed dma mapping
qede: fix write to free'd pointer error and double free of ptp
afs: Unlock pages for __pagevec_release()
drm/amd/display: If one stream full updates, full update all planes
s390/pkey: add one more argument space for debug feature entry
x86/build/lto: Fix truncated .bss with -fdata-sections
x86/reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
KVM: fix spectrev1 gadgets
KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing
tools lib traceevent: Fix missing equality check for strcmp
ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash
ocelot: Don't sleep in atomic context (irqs_disabled())
scsi: aic7xxx: fix EISA support
mm: fix inactive list balancing between NUMA nodes and cgroups
init: initialize jump labels before command line option parsing
selftests: netfilter: check icmp pkttoobig errors are set as related
ipvs: do not schedule icmp errors from tunnels
netfilter: ctnetlink: don't use conntrack/expect object addresses as id
netfilter: nf_tables: prevent shift wrap in nft_chain_parse_hook()
MIPS: perf: ath79: Fix perfcount IRQ assignment
s390: ctcm: fix ctcm_new_device error return code
drm/sun4i: Set device driver data at bind time for use in unbind
drm/sun4i: Fix component unbinding and component master deletion
selftests/net: correct the return value for run_netsocktests
netfilter: fix nf_l4proto_log_invalid to log invalid packets
gpu: ipu-v3: dp: fix CSC handling
drm/imx: don't skip DP channel disable for background plane
ARM: 8856/1: NOMMU: Fix CCR register faulty initialization when MPU is disabled
spi: Micrel eth switch: declare missing of table
spi: ST ST95HF NFC: declare missing of table
drm/sun4i: Unbind components before releasing DRM and memory
Input: synaptics-rmi4 - fix possible double free
RDMA/hns: Bugfix for mapping user db
mm/memory_hotplug.c: drop memory device reference after find_memory_block()
powerpc/smp: Fix NMI IPI timeout
powerpc/smp: Fix NMI IPI xmon timeout
net: dsa: mv88e6xxx: fix few issues in mv88e6390x_port_set_cmode
mm/memory.c: fix modifying of page protection by insert_pfn()
usb: typec: Fix unchecked return value
netfilter: nf_tables: use-after-free in dynamic operations
netfilter: nf_tables: add missing ->release_ops() in error path of newrule()
net: fec: manage ahb clock in runtime pm
mlxsw: spectrum_switchdev: Add MDB entries in prepare phase
mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue
mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue
mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue
net/tls: fix the IV leaks
net: strparser: partially revert "strparser: Call skb_unclone conditionally"
NFC: nci: Add some bounds checking in nci_hci_cmd_received()
nfc: nci: Potential off by one in ->pipes[] array
x86/kprobes: Avoid kretprobe recursion bug
cw1200: fix missing unlock on error in cw1200_hw_scan()
mwl8k: Fix rate_idx underflow
rtlwifi: rtl8723ae: Fix missing break in switch statement
Don't jump to compute_result state from check_result state
um: Don't hardcode path as it is architecture dependent
powerpc/64s: Include cpu header
bonding: fix arp_validate toggling in active-backup mode
bridge: Fix error path for kobject_init_and_add()
dpaa_eth: fix SG frame cleanup
fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied
ipv4: Fix raw socket lookup for local traffic
net: dsa: Fix error cleanup path in dsa_init_module
net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering
net: macb: Change interrupt and napi enable order in open
net: seeq: fix crash caused by not set dev.parent
net: ucc_geth - fix Oops when changing number of buffers in the ring
packet: Fix error path in packet_init
selinux: do not report error on connect(AF_UNSPEC)
vlan: disable SIOCSHWTSTAMP in container
vrf: sit mtu should not be updated when vrf netdev is the link
tuntap: fix dividing by zero in ebpf queue selection
tuntap: synchronize through tfiles array instead of tun->numqueues
isdn: bas_gigaset: use usb_fill_int_urb() properly
tipc: fix hanging clients using poll with EPOLLOUT flag
drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl
drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl
powerpc/book3s/64: check for NULL pointer in pgd_alloc()
powerpc/powernv/idle: Restore IAMR after idle
powerpc/booke64: set RI in default MSR
PCI: hv: Fix a memory leak in hv_eject_device_work()
PCI: hv: Add hv_pci_remove_slots() when we unload the driver
PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary
Linux 4.19.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
