udc
79 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Michael Bestas
|
87cf1c2fc1 |
Merge remote-tracking branch 'common/android-4.9-q' into android-msm-pixel-4.9
* common/android-4.9-q:
Linux 4.9.321
swiotlb: skip swiotlb_bounce when orig_addr is zero
kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
fdt: Update CRC check for rng-seed
xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
drm: remove drm_fb_helper_modinit
powerpc/pseries: wire up rng during setup_arch()
modpost: fix section mismatch check for exported init/exit sections
ARM: cns3xxx: Fix refcount leak in cns3xxx_init
ARM: Fix refcount leak in axxia_boot_secondary
ARM: exynos: Fix refcount leak in exynos_map_pmu
ARM: dts: imx6qdl: correct PU regulator ramp delay
powerpc: Enable execve syscall exit tracepoint
xtensa: Fix refcount leak bug in time.c
xtensa: xtfpga: Fix refcount leak bug in setup
iio: trigger: sysfs: fix use-after-free on remove
iio: accel: mma8452: ignore the return value of reset operation
iio:accel:bma180: rearrange iio trigger get and register
usb: chipidea: udc: check request status before setting device address
iio: adc: vf610: fix conversion mode sysfs node name
igb: Make DMA faster when CPU is active on the PCIe link
MIPS: Remove repetitive increase irq_err_count
x86/xen: Remove undefined behavior in setup_features()
bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
USB: serial: option: add Telit LE910Cx 0x1250 composition
random: quiet urandom warning ratelimit suppression message
dm era: commit metadata in postsuspend after worker stops
ata: libata: add qc->flags in ata_qc_complete_template tracepoint
random: schedule mix_interrupt_randomness() less often
vt: drop old FONT ioctls
BACKPORT: l2tp: fix race in pppol2tp_release with session object destroy
BACKPORT: l2tp: don't use inet_shutdown on ppp session destroy
Linux 4.9.320
tcp: drop the hash_32() part from the index calculation
tcp: increase source port perturb table to 2^16
tcp: dynamically allocate the perturb table used by source ports
tcp: add small random increments to the source port
tcp: use different parts of the port_offset for index and offset
secure_seq: use the 64 bits of the siphash for port offset calculation
tcp: add some entropy in __inet_hash_connect()
tcp: change source port randomizarion at connect() time
fuse: fix pipe buffer lifetime for direct_io
Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
swiotlb: fix info leak with DMA_FROM_DEVICE
xprtrdma: fix incorrect header size calculations
s390/mm: use non-quiescing sske for KVM switch to keyed guest
l2tp: fix race in pppol2tp_release with session object destroy
l2tp: don't use inet_shutdown on ppp session destroy
ext4: add reserved GDT blocks check
ext4: make variable "count" signed
ext4: fix bug_on ext4_mb_use_inode_pa
serial: 8250: Store to lsr_save_flags after lsr read
usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
USB: serial: io_ti: add Agilent E5805A support
USB: serial: option: add support for Cinterion MV31 with new baseline
comedi: vmk80xx: fix expression for tx buffer size
irqchip/gic-v3: Iterate over possible CPUs by for_each_possible_cpu()
irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
misc: atmel-ssc: Fix IRQ check in ssc_probe
pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
random: credit cpu and bootloader seeds by default
net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed
scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
ASoC: wm8962: Fix suspend while playing music
ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
ASoC: cs42l56: Correct typo in minimum level for SX volume controls
ASoC: cs42l52: Correct TLV for Bypass Volume
ASoC: cs53l30: Correct number of volume levels on SX controls
ASoC: cs42l52: Fix TLV scales for mixer controls
random: account for arch randomness in bits
random: mark bootloader randomness code as __init
random: avoid checking crng_ready() twice in random_init()
crypto: drbg - make reseeding from get_random_bytes() synchronous
crypto: drbg - always try to free Jitter RNG instance
crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
crypto: drbg - prepare for more fine-grained tracking of seeding state
crypto: drbg - always seeded with SP800-90B compliant noise source
crypto: drbg - add FIPS 140-2 CTRNG for noise source
Revert "random: use static branch for crng_ready()"
random: check for signals after page of pool writes
random: wire up fops->splice_{read,write}_iter()
random: convert to using fops->write_iter()
random: move randomize_page() into mm where it belongs
random: move initialization functions out of hot pages
random: use proper return types on get_random_{int,long}_wait()
random: remove extern from functions in header
random: use static branch for crng_ready()
random: credit architectural init the exact amount
random: handle latent entropy and command line from random_init()
random: use proper jiffies comparison macro
random: remove ratelimiting for in-kernel unseeded randomness
random: avoid initializing twice in credit race
random: use symbolic constants for crng_init states
siphash: use one source of truth for siphash permutations
random: help compiler out with fast_mix() by using simpler arguments
random: do not use input pool from hard IRQs
random: order timer entropy functions below interrupt functions
random: do not pretend to handle premature next security model
random: do not use batches when !crng_ready()
random: insist on random_get_entropy() existing in order to simplify
uapi: rename ext2_swab() to swab() and share globally in swab.h
xtensa: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
arm: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
m68k: use fallback for random_get_entropy() instead of zero
timekeeping: Add raw clock fallback for random_get_entropy()
powerpc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
ia64: define get_cycles macro for arch-override
init: call time_init() before rand_initialize()
random: fix sysctl documentation nits
random: document crng_fast_key_erasure() destination possibility
random: make random_get_entropy() return an unsigned long
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: check for signal_pending() outside of need_resched() check
random: do not allow user to keep crng key around on stack
random: do not split fast init input in add_hwgenerator_randomness()
random: mix build-time latent entropy into pool at init
random: re-add removed comment about get_random_{u32,u64} reseeding
random: treat bootloader trust toggle the same way as cpu trust toggle
random: skip fast_init if hwrng provides large chunk of entropy
random: check for signal and try earlier when generating entropy
random: reseed more often immediately after booting
random: make consistent usage of crng_ready()
random: use SipHash as interrupt entropy accumulator
random: replace custom notifier chain with standard one
random: don't let 644 read-only sysctls be written to
random: give sysctl_random_min_urandom_seed a more sensible value
random: do crng pre-init loading in worker rather than irq
random: unify cycles_t and jiffies usage and types
random: cleanup UUID handling
random: only wake up writers after zap if threshold was passed
random: round-robin registers as ulong, not u32
random: clear fast pool, crng, and batches in cpuhp bring up
random: pull add_hwgenerator_randomness() declaration into random.h
hwrng: remember rng chosen by user
hwrng: use rng source with best quality
hwrng: core - remove unused PFX macro
hwrng: core - Move hwrng miscdev minor number to include/linux/miscdevice.h
hwrng: core - Rewrite the header
hwrng: core - rewrite better comparison to NULL
hwrng: core - do not use multiple blank lines
random: check for crng_init == 0 in add_device_randomness()
random: unify early init crng load accounting
random: do not take pool spinlock at boot
random: defer fast pool mixing to worker
workqueue: make workqueue available early during boot
random: rewrite header introductory comment
random: group sysctl functions
random: group userspace read/write functions
random: group entropy collection functions
random: group entropy extraction functions
random: group initialization wait functions
random: remove whitespace and reorder includes
random: remove useless header comment
random: introduce drain_entropy() helper to declutter crng_reseed()
random: deobfuscate irq u32/u64 contributions
random: add proper SPDX header
random: remove unused tracepoints
random: remove ifdef'd out interrupt bench
random: tie batched entropy generation to base_crng generation
random: zero buffer after reading entropy from userspace
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: use hash function for crng_slow_load()
random: absorb fast pool into input pool after fast load
random: do not xor RDRAND when writing into /dev/random
random: ensure early RDSEED goes through mixer on init
random: inline leaves of rand_initialize()
random: use RDSEED instead of RDRAND in entropy extraction
random: fix locking in crng_fast_load()
random: remove batched entropy locking
random: remove use_input_pool parameter from crng_reseed()
random: make credit_entropy_bits() always safe
random: always wake up entropy writers after extraction
random: use linear min-entropy accumulation crediting
random: simplify entropy debiting
random: use computational hash for entropy extraction
random: only call crng_finalize_init() for primary_crng
random: access primary_pool directly rather than through pointer
random: continually use hwgenerator randomness
random: simplify arithmetic function flow in account()
random: access input_pool_data directly rather than through pointer
random: cleanup fractional entropy shift constants
random: prepend remaining pool constants with POOL_
random: de-duplicate INPUT_POOL constants
random: remove unused OUTPUT_POOL constants
random: rather than entropy_store abstraction, use global
random: try to actively add entropy rather than passively wait for it
random: remove unused extract_entropy() reserved argument
random: remove incomplete last_data logic
random: cleanup integer types
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
random: cleanup poolinfo abstraction
random: fix typo in comments
random: don't reset crng_init_cnt on urandom_read()
random: avoid superfluous call to RDRAND in CRNG extraction
random: early initialization of ChaCha constants
random: initialize ChaCha20 constants with correct endianness
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: harmonize "crng init done" messages
random: mix bootloader randomness into pool
random: do not re-init if crng_reseed completes before primary init
random: do not sign extend bytes for rotation when mixing
random: use BLAKE2s instead of SHA1 in extraction
random: remove unused irq_flags argument from add_interrupt_randomness()
random: document add_hwgenerator_randomness() with other input functions
crypto: blake2s - adjust include guard naming
crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
MAINTAINERS: co-maintain random.c
random: remove dead code left over from blocking pool
random: avoid arch_get_random_seed_long() when collecting IRQ randomness
random: add arch_get_random_*long_early()
powerpc: Use bool in archrandom.h
linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
linux/random.h: Use false with bool
linux/random.h: Remove arch_has_random, arch_has_random_seed
powerpc: Remove arch_has_random, arch_has_random_seed
x86: Remove arch_has_random, arch_has_random_seed
random: avoid warnings for !CONFIG_NUMA builds
random: split primary/secondary crng init paths
random: remove some dead code of poolinfo
random: fix typo in add_timer_randomness()
random: Add and use pr_fmt()
random: convert to ENTROPY_BITS for better code readability
random: remove unnecessary unlikely()
random: remove kernel.random.read_wakeup_threshold
random: delete code to pull data into pools
random: remove the blocking pool
random: fix crash on multiple early calls to add_bootloader_randomness()
random: make /dev/random be almost like /dev/urandom
random: ignore GRND_RANDOM in getentropy(2)
random: add GRND_INSECURE to return best-effort non-cryptographic bytes
random: Add a urandom_read_nowait() for random APIs that don't warn
random: Don't wake crng_init_wait when crng_init == 1
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: move hmac construction into wireguard
crypto: blake2s - generic C library implementation and selftest
crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array()
Revert "hwrng: core - Freeze khwrng thread during suspend"
char/random: Add a newline at the end of the file
random: Use wait_event_freezable() in add_hwgenerator_randomness()
fdt: add support for rng-seed
random: Support freezable kthreads in add_hwgenerator_randomness()
random: fix soft lockup when trying to read from an uninitialized blocking pool
latent_entropy: avoid build error when plugin cflags are not set
random: document get_random_int() family
random: move rand_initialize() earlier
random: only read from /dev/random after its pool has received 128 bits
drivers/char/random.c: make primary_crng static
drivers/char/random.c: remove unused stuct poolinfo::poolbits
drivers/char/random.c: constify poolinfo_table
random: make CPU trust a boot parameter
random: Make crng state queryable
random: remove preempt disabled region
random: add a config option to trust the CPU's hwrng
random: Return nbytes filled from hw RNG
random: Fix whitespace pre random-bytes work
drivers/char/random.c: remove unused dont_count_entropy
random: optimize add_interrupt_randomness
random: always fill buffer in get_random_bytes_wait
crypto: chacha20 - Fix keystream alignment for chacha20_block()
random: fix data race on crng_node_pool
random: always use batched entropy for get_random_u{32,64}
Revert "char/random: silence a lockdep splat with printk()"
char/random: silence a lockdep splat with printk()
random: add a spinlock_t to struct batched_entropy
random: rate limit unseeded randomness warnings
random: fix possible sleeping allocation from irq context
random: set up the NUMA crng instances after the CRNG is fully initialized
random: use a different mixing algorithm for add_device_randomness()
random: fix warning message on ia64 and parisc
random: reorder READ_ONCE() in get_random_uXX
random: suppress spammy warnings about unseeded randomness
random: do not ignore early device randomness
random: warn when kernel uses unseeded randomness
random: add get_random_{bytes,u32,u64,int,long,once}_wait family
random: add wait_for_random_bytes() API
random: silence compiler warnings and fix race
random: invalidate batched entropy after crng init
random: move random_min_urandom_seed into CONFIG_SYSCTL ifdef block
random: convert get_random_int/long into get_random_u32/u64
random: fix comment for unused random_min_urandom_seed
random: remove variable limit
random: remove stale urandom_init_wait
random: remove stale maybe_reseed_primary_crng
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
Linux 4.9.319
x86/speculation/mmio: Print SMT warning
KVM: x86/speculation: Disable Fill buffer clear within guests
x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
x86/speculation/srbds: Update SRBDS mitigation selection
x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
x86/speculation: Add a common function for MD_CLEAR mitigation update
x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
Documentation: Add documentation for Processor MMIO Stale Data
x86/cpu: Add another Alder Lake CPU to the Intel family
x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family
x86/cpu: Add Comet Lake to the Intel CPU models header
x86/CPU: Add more Icelake model numbers
x86/CPU: Add Icelake model number
x86/cpu: Add Cannonlake to Intel family
x86/cpu: Add Jasper Lake to Intel family
cpu/speculation: Add prototype for cpu_show_srbds()
x86/cpu: Add Elkhart Lake to Intel family
ANDROID: arch: fix backported syscall numbers
Linux 4.9.318
tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
PCI: qcom: Fix unbalanced PHY init on probe errors
mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
powerpc/32: Fix overread/overwrite of thread_struct via ptrace
Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
cifs: return errors during session setup during reconnects
ALSA: hda/conexant - Fix loopback issue with CX20632
vringh: Fix loop descriptors check in the indirect cases
nodemask: Fix return values to be unsigned
modpost: fix undefined behavior of is_arm_mapping_symbol()
drm/radeon: fix a possible null pointer dereference
Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
md: protect md_unregister_thread from reentrancy
serial: msm_serial: disable interrupts in __msm_console_write()
staging: rtl8712: fix uninit-value in r871xu_drv_init()
clocksource/drivers/sp804: Avoid error on multiple instances
misc: rtsx: set NULL intfdata when probe fails
usb: dwc2: gadget: don't reset gadget's driver->bus
USB: hcd-pci: Fully suspend across freeze/thaw cycle
drivers: usb: host: Fix deadlock in oxu_bus_suspend()
drivers: tty: serial: Fix deadlock in sa1100_set_termios()
USB: host: isp116x: check return value after calling platform_get_resource()
drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
tty: Fix a possible resource leak in icom_probe
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
lkdtm/usercopy: Expand size of "out of frame" object
iio: dummy: iio_simple_dummy: check the return value of kstrdup()
net: altera: Fix refcount leak in altera_tse_mdio_create
net: xfrm: unexport __init-annotated xfrm4_protocol_init()
SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
net: fix nla_strcmp to handle more then one trailing null character
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
m68knommu: fix undefined reference to `_init_sp'
m68knommu: set ZERO_PAGE() to the allocated zeroed page
i2c: cadence: Increase timeout per message if necessary
tracing: Avoid adding tracer option before update_tracer_options
tcp: tcp_rtx_synack() can be called from process context
jffs2: fix memory leak in jffs2_do_fill_super
modpost: fix removing numeric suffixes
net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
serial: sh-sci: Don't allow CS5-6
serial: txx9: Don't allow CS5-6
serial: digicolor-usart: Don't allow CS5-6
serial: meson: acquire port->lock in startup()
rtc: mt6397: check return value after calling platform_get_resource()
rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
pwm: lp3943: Fix duty calculation in case period was clamped
USB: storage: karma: fix rio_karma_init return
usb: usbip: add missing device lock on tweak configuration cmd
usb: usbip: fix a refcount leak in stub_probe()
staging: greybus: codecs: fix type confusion of list iterator variable
pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
netfilter: nf_tables: disallow non-stateful expression in sets earlier
MIPS: IP27: Remove incorrect `cpu_has_fpu' override
RDMA/rxe: Generate a completion for unsupported/invalid opcode
dt-bindings: gpio: altera: correct interrupt-cells
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
gma500: fix an incorrect NULL check on list iterator
carl9170: tx: fix an incorrect use of list iterator
ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
rtl818x: Prevent using not initialized queues
hugetlb: fix huge_pmd_unshare address update
nodemask.h: fix compilation error with GCC12
iommu/msm: Fix an incorrect NULL check on list iterator
um: Fix out-of-bounds read in LDT setup
um: chan_user: Fix winch_tramp() return value
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
irqchip: irq-xtensa-mx: fix initial IRQ affinity
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
RDMA/hfi1: Fix potential integer multiplication overflow errors
md: fix an incorrect NULL check in md_reload_sb
md: fix an incorrect NULL check in does_sb_need_changing
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
scsi: dc395x: Fix a missing check on list iterator
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
dlm: fix missing lkb refcount handling
dlm: fix plock invalid read
ext4: verify dir block before splitting it
ext4: fix bug_on in ext4_writepages
ext4: fix use-after-free in ext4_rename_dir_prepare
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
iwlwifi: mvm: fix assert 1F04 upon reconfig
wifi: mac80211: fix use-after-free in chanctx code
iommu/amd: Increase timeout waiting for GA log enablement
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
Input: sparcspkr - fix refcount leak in bbc_beep_probe
tty: fix deadlock caused by calling printk() under tty_port->lock
powerpc/4xx/cpm: Fix return value of __setup() handler
powerpc/idle: Fix return value of __setup() handler
powerpc/8xx: export 'cpm_setbrg' for modules
drivers/base/node.c: fix compaction sysfs file leak
scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
mfd: ipaq-micro: Fix error check return value of platform_get_irq()
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
rxrpc: Don't try to resend the request if we're receiving the reply
rxrpc: Fix listen() setting the bar too high for the prealloc rings
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
sctp: read sk->sk_bound_dev_if once in sctp_rcv()
m68k: math-emu: Fix dependencies of math emulation support
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: exynos4-is: Change clk_disable to clk_disable_unprepare
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
media: uvcvideo: Fix missing check to determine if element is found in list
drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
x86/mm: Cleanup the control_va_addr_alignment() __setup handler
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/dsi: fix error checks and return values for DSI xmit functions
x86/pm: Fix false positive kmemleak report in msr_build_context()
inotify: show inotify mask flags in proc fdinfo
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
spi: img-spfi: Fix pm_runtime_get_sync() error checking
HID: hid-led: fix maximum brightness for Dream Cheeky
NFC: NULL out the dev->rfkill to prevent UAF
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
drm/mediatek: Fix mtk_cec_mask()
x86/delay: Fix the wrong asm constraint in delay_loop()
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
drm: fix EDID struct for old ARM OABI format
macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
powerpc/xics: fix refcount leak in icp_opal_init()
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
ARM: hisi: Add missing of_node_put after of_find_compatible_node
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
ARM: versatile: Add missing of_node_put in dcscb_init
fat: add ratelimit to fat*_ent_bread()
ARM: OMAP1: clock: Fix UART rate reporting algorithm
fs: jfs: fix possible NULL pointer dereference in dbFree()
eth: tg3: silence the GCC 12 array-bounds warning
rxrpc: Return an error to sendmsg if call failed
media: exynos4-is: Fix compile warning
ASoC: rt5645: Fix errorenous cleanup order
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
openrisc: start CPU timer early in boot
ipmi:ssif: Check for NULL msg when handling events and messages
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
ASoC: dapm: Don't fold register value changes into notifications
ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
drm/amd/pm: fix the compile warning
scsi: megaraid: Fix error check return value of register_chrdev()
media: cx25821: Fix the warning when removing the module
ath9k: fix QCA9561 PA bias level
drm/amd/pm: fix double free in si_parse_power_table()
ALSA: jack: Access input_dev under mutex
ACPICA: Avoid cache flush inside virtual machines
ipw2x00: Fix potential NULL dereference in libipw_xmit()
b43: Fix assigning negative value to unsigned variable
b43legacy: Fix assigning negative value to unsigned variable
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
btrfs: add "0x" prefix for unsupported optional features
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
USB: new quirk for Dell Gen 2 devices
BACKPORT: psi: Fix uaf issue when psi trigger is destroyed while being polled
Conflicts:
drivers/char/Kconfig
drivers/char/random.c
fs/fat/fatent.c
include/linux/random.h
init/main.c
kernel/cpu.c
lib/Makefile
Change-Id: I06579fa22a0347a0d8d2fa32bd6b7b6b54db626f
|
||
|
Jason A. Donenfeld
|
855aac499e |
random: mark bootloader randomness code as __init
commit 39e0f991a62ed5efabd20711a7b6e7da92603170 upstream. add_bootloader_randomness() and the variables it touches are only used during __init and not after, so mark these as __init. At the same time, unexport this, since it's only called by other __init code that's built-in. Cc: stable@vger.kernel.org Fixes: 428826f5358c ("fdt: add support for rng-seed") Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
46eac53a04 |
random: move randomize_page() into mm where it belongs
commit 5ad7dd882e45d7fe432c32e896e2aaa0b21746ea upstream. randomize_page is an mm function. It is documented like one. It contains the history of one. It has the naming convention of one. It looks just like another very similar function in mm, randomize_stack_top(). And it has always been maintained and updated by mm people. There is no need for it to be in random.c. In the "which shape does not look like the other ones" test, pointing to randomize_page() is correct. So move randomize_page() into mm/util.c, right next to the similar randomize_stack_top() function. This commit contains no actual code changes. Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
e279897ef0 |
random: use proper return types on get_random_{int,long}_wait()
commit 7c3a8a1db5e03d02cc0abb3357a84b8b326dfac3 upstream. Before these were returning signed values, but the API is intended to be used with unsigned values. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
9bb0c18aef |
random: remove extern from functions in header
commit 7782cfeca7d420e8bb707613d4cfb0f7ff29bb3a upstream. Accoriding to the kernel style guide, having `extern` on functions in headers is old school and deprecated, and doesn't add anything. So remove them from random.h, and tidy up the file a little bit too. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
47172dad2b |
random: handle latent entropy and command line from random_init()
commit 2f14062bb14b0fcfcc21e6dc7d5b5c0d25966164 upstream. Currently, start_kernel() adds latent entropy and the command line to the entropy bool *after* the RNG has been initialized, deferring when it's actually used by things like stack canaries until the next time the pool is seeded. This surely is not intended. Rather than splitting up which entropy gets added where and when between start_kernel() and random_init(), just do everything in random_init(), which should eliminate these kinds of bugs in the future. While we're at it, rename the awkwardly titled "rand_initialize()" to the more standard "random_init()" nomenclature. Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
3ddb66f469 |
random: replace custom notifier chain with standard one
commit 5acd35487dc911541672b3ffc322851769c32a56 upstream. We previously rolled our own randomness readiness notifier, which only has two users in the whole kernel. Replace this with a more standard atomic notifier block that serves the same purpose with less code. Also unexport the symbols, because no modules use it, only unconditional builtins. The only drawback is that it's possible for a notification handler returning the "stop" code to prevent further processing, but given that there are only two users, and that we're unexporting this anyway, that doesn't seem like a significant drawback for the simplification we receive here. Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> [Jason: for stable, also backported to crypto/drbg.c, not unexporting.] Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
ed20ec409e |
random: clear fast pool, crng, and batches in cpuhp bring up
commit 3191dd5a1179ef0fad5a050a1702ae98b6251e8f upstream. For the irq randomness fast pool, rather than having to use expensive atomics, which were visibly the most expensive thing in the entire irq handler, simply take care of the extreme edge case of resetting count to zero in the cpuhp online handler, just after workqueues have been reenabled. This simplifies the code a bit and lets us use vanilla variables rather than atomics, and performance should be improved. As well, very early on when the CPU comes up, while interrupts are still disabled, we clear out the per-cpu crng and its batches, so that it always starts with fresh randomness. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Theodore Ts'o <tytso@mit.edu> Cc: Sultan Alsawaf <sultan@kerneltoast.com> Cc: Dominik Brodowski <linux@dominikbrodowski.net> Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
75cc37f461 |
random: pull add_hwgenerator_randomness() declaration into random.h
commit b777c38239fec5a528e59f55b379e31b1a187524 upstream. add_hwgenerator_randomness() is a function implemented and documented inside of random.c. It is the way that hardware RNGs push data into it. Therefore, it should be declared in random.h. Otherwise sparse complains with: random.c:1137:6: warning: symbol 'add_hwgenerator_randomness' was not declared. Should it be static? The alternative would be to include hw_random.h into random.c, but that wouldn't really be good for anything except slowing down compile time. Cc: Matt Mackall <mpm@selenic.com> Cc: Theodore Ts'o <tytso@mit.edu> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
64155f45cd |
random: remove useless header comment
commit 6071a6c0fba2d747742cadcbb3ba26ed756ed73b upstream. This really adds nothing at all useful. Cc: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
508bad0b71 |
random: use hash function for crng_slow_load()
commit 66e4c2b9541503d721e936cc3898c9f25f4591ff upstream. Since we have a hash function that's really fast, and the goal of crng_slow_load() is reportedly to "touch all of the crng's state", we can just hash the old state together with the new state and call it a day. This way we dont need to reason about another LFSR or worry about various attacks there. This code is only ever used at early boot and then never again. Cc: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Sebastian Andrzej Siewior
|
37b962834b |
random: remove unused irq_flags argument from add_interrupt_randomness()
commit 703f7066f40599c290babdb79dd61319264987e9 upstream.
Since commit
|
||
|
Mark Rutland
|
42c54fcc96 |
random: add arch_get_random_*long_early()
commit 253d3194c2b58152fe830fd27c2fd83ebc6fe5ee upstream. Some architectures (e.g. arm64) can have heterogeneous CPUs, and the boot CPU may be able to provide entropy while secondary CPUs cannot. On such systems, arch_get_random_long() and arch_get_random_seed_long() will fail unless support for RNG instructions has been detected on all CPUs. This prevents the boot CPU from being able to provide (potentially) trusted entropy when seeding the primary CRNG. To make it possible to seed the primary CRNG from the boot CPU without adversely affecting the runtime versions of arch_get_random_long() and arch_get_random_seed_long(), this patch adds new early versions of the functions used when initializing the primary CRNG. Default implementations are provided atop of the existing arch_get_random_long() and arch_get_random_seed_long() so that only architectures with such constraints need to provide the new helpers. There should be no functional change as a result of this patch. Signed-off-by: Mark Rutland <mark.rutland@arm.com> Cc: Mark Brown <broonie@kernel.org> Cc: Theodore Ts'o <tytso@mit.edu> Link: https://lore.kernel.org/r/20200210130015.17664-3-mark.rutland@arm.com Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Richard Henderson
|
78b28324aa |
linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
commit 904caa6413c87aacbf7d0682da617c39ca18cf1a upstream. We must not use the pointer output without validating the success of the random read. Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Mark Brown <broonie@kernel.org> Link: https://lore.kernel.org/r/20200110145422.49141-7-broonie@kernel.org Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Richard Henderson
|
2295356d23 |
linux/random.h: Use false with bool
commit 66f5ae899ada79c0e9a3d8d954f93a72344cd350 upstream. Keep the generic fallback versions in sync with the other architecture specific implementations and use the proper name for false. Suggested-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Mark Brown <broonie@kernel.org> Link: https://lore.kernel.org/r/20200110145422.49141-6-broonie@kernel.org Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Richard Henderson
|
cbcd67f44e |
linux/random.h: Remove arch_has_random, arch_has_random_seed
commit 647f50d5d9d933b644b29c54f13ac52af1b1774d upstream. The arm64 version of archrandom.h will need to be able to test for support and read the random number without preemption, so a separate query predicate is not practical. Since this part of the generic interface is unused, remove it. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Mark Brown <broonie@kernel.org> Link: https://lore.kernel.org/r/20200110145422.49141-5-broonie@kernel.org Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Hsin-Yi Wang
|
c288318b4c |
fdt: add support for rng-seed
commit 428826f5358c922dc378830a1717b682c0823160 upstream. Introducing a chosen node, rng-seed, which is an entropy that can be passed to kernel called very early to increase initial device randomness. Bootloader should provide this entropy and the value is read from /chosen/rng-seed in DT. Obtain of_fdt_crc32 for CRC check after early_init_dt_scan_nodes(), since early_init_dt_scan_chosen() would modify fdt to erase rng-seed. Add a new interface add_bootloader_randomness() for rng-seed use case. Depends on whether the seed is trustworthy, rng seed would be passed to add_hwgenerator_randomness(). Otherwise it would be passed to add_device_randomness(). Decision is controlled by kernel config RANDOM_TRUST_BOOTLOADER. Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org> Reviewed-by: Stephen Boyd <swboyd@chromium.org> Reviewed-by: Rob Herring <robh@kernel.org> Reviewed-by: Theodore Ts'o <tytso@mit.edu> # drivers/char/random.c Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Vasily Gorbik
|
a4fb822be2 |
latent_entropy: avoid build error when plugin cflags are not set
commit 7e756f423af808b6571fed3144747db2ef7fa1c5 upstream.
Some architectures set up CFLAGS for linux decompressor phase from
scratch and do not include GCC_PLUGINS_CFLAGS. Since "latent_entropy"
variable declaration is generated by the plugin code itself including
linux/random.h in decompressor code then would cause a build
error. E.g. on s390:
In file included from ./include/linux/net.h:22,
from ./include/linux/skbuff.h:29,
from ./include/linux/if_ether.h:23,
from ./arch/s390/include/asm/diag.h:12,
from arch/s390/boot/startup.c:8:
./include/linux/random.h: In function 'add_latent_entropy':
./include/linux/random.h:26:39: error: 'latent_entropy' undeclared
(first use in this function); did you mean 'add_latent_entropy'?
26 | add_device_randomness((const void *)&latent_entropy,
| ^~~~~~~~~~~~~~
| add_latent_entropy
./include/linux/random.h:26:39: note: each undeclared identifier is
reported only once for each function it appears in
The build error is triggered by commit a80313ff91ab ("s390/kernel:
introduce .dma sections") which made it into 5.2 merge window.
To address that avoid using CONFIG_GCC_PLUGIN_LATENT_ENTROPY in
favour of LATENT_ENTROPY_PLUGIN definition which is defined as a
part of gcc plugins cflags and hence reflect more accurately when gcc
plugin is active. Besides that it is also used for similar purpose in
linux/compiler-gcc.h for latent_entropy attribute definition.
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Kees Cook
|
166a592cad |
random: move rand_initialize() earlier
commit d55535232c3dbde9a523a9d10d68670f5fe5dec3 upstream. Right now rand_initialize() is run as an early_initcall(), but it only depends on timekeeping_init() (for mixing ktime_get_real() into the pools). However, the call to boot_init_stack_canary() for stack canary initialization runs earlier, which triggers a warning at boot: random: get_random_bytes called from start_kernel+0x357/0x548 with crng_init=0 Instead, this moves rand_initialize() to after timekeeping_init(), and moves canary initialization here as well. Note that this warning may still remain for machines that do not have UEFI RNG support (which initializes the RNG pools during setup_arch()), or for x86 machines without RDRAND (or booting without "random.trust=on" or CONFIG_RANDOM_TRUST_CPU=y). Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
9bb501015b |
random: Make crng state queryable
commit 9a47249d444d344051c7c0e909fad0e88515a5c2 upstream. It is very useful to be able to know whether or not get_random_bytes_wait / wait_for_random_bytes is going to block or not, or whether plain get_random_bytes is going to return good randomness or bad randomness. The particular use case is for mitigating certain attacks in WireGuard. A handshake packet arrives and is queued up. Elsewhere a worker thread takes items from the queue and processes them. In replying to these items, it needs to use some random data, and it has to be good random data. If we simply block until we can have good randomness, then it's possible for an attacker to fill the queue up with packets waiting to be processed. Upon realizing the queue is full, WireGuard will detect that it's under a denial of service attack, and behave accordingly. A better approach is just to drop incoming handshake packets if the crng is not yet initialized. This patch, therefore, makes that information directly accessible. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Tobin C. Harding
|
c184f7c001 |
random: Return nbytes filled from hw RNG
commit 753d433b586d1d43c487e3d660f5778c7c8d58ea upstream. Currently the function get_random_bytes_arch() has return value 'void'. If the hw RNG fails we currently fall back to using get_random_bytes(). This defeats the purpose of requesting random material from the hw RNG in the first place. There are currently no intree users of get_random_bytes_arch(). Only get random bytes from the hw RNG, make function return the number of bytes retrieved from the hw RNG. Acked-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
1e8f4f59a0 |
random: always fill buffer in get_random_bytes_wait
commit 25e3fca492035a2e1d4ac6e3b1edd9c1acd48897 upstream. In the unfortunate event that a developer fails to check the return value of get_random_bytes_wait, or simply wants to make a "best effort" attempt, for whatever that's worth, it's much better to still fill the buffer with _something_ rather than catastrophically failing in the case of an interruption. This is both a defense in depth measure against inevitable programming bugs, as well as a means of making the API a bit more useful. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
ca8f215ec5 |
random: add get_random_{bytes,u32,u64,int,long,once}_wait family
commit da9ba564bd683374b8d319756f312821b8265b06 upstream. These functions are simple convenience wrappers that call wait_for_random_bytes before calling the respective get_random_* function. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Jason A. Donenfeld
|
89548752d8 |
random: add wait_for_random_bytes() API
commit e297a783e41560b44e3c14f38e420cba518113b8 upstream.
This enables users of get_random_{bytes,u32,u64,int,long} to wait until
the pool is ready before using this function, in case they actually want
to have reliable randomness.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Jason A. Donenfeld
|
7c8ed90ae3 |
random: convert get_random_int/long into get_random_u32/u64
commit c440408cf6901eeb2c09563397e24a9097907078 upstream. Many times, when a user wants a random number, he wants a random number of a guaranteed size. So, thinking of get_random_int and get_random_long in terms of get_random_u32 and get_random_u64 makes it much easier to achieve this. It also makes the code simpler. On 32-bit platforms, get_random_int and get_random_long are both aliased to get_random_u32. On 64-bit platforms, int->u32 and long->u64. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
lucaswei
|
28f89a6c66 |
Merge android-4.9-q (4.9.234) into android-msm-pixel-4.9-lts
Merge 4.9.234 into android-4.9-q
Linux 4.9.234
KVM: arm/arm64: Don't reschedule in unmap_stage2_range()
xen: don't reschedule in preemption off sections
mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible
* do_epoll_ctl(): clean the failure exits up a bit
fs/eventpoll.c
* epoll: Keep a reference on files added to the check list
fs/eventpoll.c
powerpc: Allow 4224 bytes of stack expansion for the signal frame
powerpc/pseries: Do not initiate shutdown when system is running on UPS
net: dsa: b53: check for timeout
ASoC: intel: Fix memleak in sst_media_open
net: fec: correct the error path for regulator disable in probe
i40e: Set RX_ONLY mode for unicast promiscuous on VLAN
* ext4: fix potential negative array index in do_split()
fs/ext4/namei.c
alpha: fix annotation of io{read,write}{16,32}be()
xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init
virtio_ring: Avoid loop when vq is broken in virtqueue_poll
scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases
jffs2: fix UAF problem
xfs: fix inode quota reservation checks
m68knommu: fix overwriting of bits in ColdFire V3 cache control
Input: psmouse - add a newline when printing 'proto' by sysfs
media: vpss: clean up resources in init
media: budget-core: Improve exception handling in budget_register()
* scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices
drivers/scsi/ufs/ufs_quirks.h
drivers/scsi/ufs/ufshcd.c
* ext4: fix checking of directory entry validity for inline directories
fs/ext4/namei.c
* ext4: clean up ext4_match() and callers
fs/ext4/namei.c
* mm, page_alloc: fix core hung in free_pcppages_bulk()
mm/page_alloc.c
* mm: include CMA pages in lowmem_reserve at boot
mm/page_alloc.c
kernel/relay.c: fix memleak on destroy relay channel
romfs: fix uninitialized memory leak in romfs_dev_read()
btrfs: don't show full path of bind mounts in subvol=
btrfs: export helpers for subvolume name/id resolution
khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter()
khugepaged: khugepaged_test_exit() check mmget_still_valid()
tracing/hwlat: Honor the tracing_cpumask
tracing: Clean up the hwlat binding code
perf probe: Fix memory leakage when the probe point is not found
drm/imx: imx-ldb: Disable both channels for split mode in enc->disable()
x86/asm: Add instruction suffixes to bitops
x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates
* ANDROID: fix a bug in quota2
net/netfilter/xt_quota2.c
Merge 4.9.233 into android-4.9-q
* UPSTREAM: binder: Prevent context manager from incrementing ref 0
drivers/android/binder.c
Linux 4.9.233
* mm: Avoid calling build_all_zonelists_init under hotplug context
include/linux/mmzone.h
init/main.c
mm/page_alloc.c
khugepaged: retract_page_tables() remember to test exit
sh: landisk: Add missing initialization of sh_io_port_base
ALSA: echoaudio: Fix potential Oops in snd_echo_resume()
mfd: dln2: Run event handler loop under spinlock
fs/ufs: avoid potential u32 multiplication overflow
nfs: Fix getxattr kernel panic and memory overflow
net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init
drm/vmwgfx: Fix two list_for_each loop exit tests
Input: sentelic - fix error return when fsp_reg_write fails
pwm: bcm-iproc: handle clk_get_rate() return
clk: clk-atlas6: fix return value check in atlas6_clk_init()
i2c: rcar: slave: only send STOP event when we have been addressed
iommu/vt-d: Enforce PASID devTLB field mask
iommu/omap: Check for failure of a call to omap_iommu_dump_ctx
gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers
USB: serial: ftdi_sio: clean up receive processing
USB: serial: ftdi_sio: make process-packet buffer unsigned
mfd: arizona: Ensure 32k clock is put on driver unbind and error
pseries: Fix 64 bit logical memory block panic
watchdog: f71808e_wdt: clear watchdog timeout occurred flag
watchdog: f71808e_wdt: remove use of wrong watchdog_info option
watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options
kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
ftrace: Setup correct FTRACE_FL_REGS flags for module
ocfs2: change slot number type s16 to u16
ext2: fix missing percpu_counter_inc
MIPS: CPU#0 is not hotpluggable
mac80211: fix misplaced while instead of if
bcache: allocate meta data pages as compound pages
md/raid5: Fix Force reconstruct-write io stuck in degraded raid5
* net/compat: Add missing sock updates for SCM_RIGHTS
include/net/sock.h
net/compat.c
net/core/sock.c
net: stmmac: dwmac1000: provide multicast filter fallback
net: ethernet: stmmac: Disable hardware multicast filter
powerpc: Fix circular dependency between percpu.h and mmu.h
xtensa: fix xtensa_pmu_setup prototype
iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw()
btrfs: fix memory leaks after failure to lookup checksums during inode logging
btrfs: only search for left_info if there is no right_info in try_merge_free_space
btrfs: don't allocate anonymous block device for user invisible roots
PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context()
smb3: warn on confusing error scenario with sec=krb5
xen/balloon: make the balloon wait interruptible
xen/balloon: fix accounting in alloc_xenballooned_pages error path
ARM: 8992/1: Fix unwind_frame for clang-built kernels
parisc: mask out enable and reserved bits from sba imask
9p: Fix memory leak in v9fs_mount
* ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
sound/usb/card.h
sound/usb/pcm.c
sound/usb/quirks.c
sound/usb/stream.c
fs/minix: reject too-large maximum file size
fs/minix: don't allow getting deleted inodes
fs/minix: check return value of sb_getblk()
crypto: ccp - Fix use of merged scatterlists
crypto: qat - fix double free in qat_uclo_create_batch_init_list
* ALSA: usb-audio: add quirk for Pioneer DDJ-RB
sound/usb/quirks-table.h
* ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
sound/usb/quirks-table.h
* ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
sound/usb/mixer_quirks.c
USB: serial: cp210x: enable usb generic throttle/unthrottle
USB: serial: cp210x: re-enable auto-RTS on open
* net: Set fput_needed iff FDPUT_FPUT is set
net/socket.c
net/nfc/rawsock.c: add CAP_NET_RAW check.
drivers/net/wan/lapbether: Added needed_headroom and a skb->len check
pinctrl-single: fix pcs_parse_pinconf() return value
dlm: Fix kobject memleak
fsl/fman: fix eth hash table allocation
fsl/fman: check dereferencing null pointer
fsl/fman: fix unreachable code
fsl/fman: fix dereference null return value
fsl/fman: use 32-bit unsigned integer
net: spider_net: Fix the size used in a 'dma_free_coherent()' call
wl1251: fix always return 0 error
s390/qeth: don't process empty bridge port events
selftests/powerpc: Fix online CPU selection
selftests/powerpc: Fix CPU affinity for child process
power: supply: check if calc_soc succeeded in pm860x_init_battery
* Smack: prevent underflow in smk_set_cipso()
security/smack/smackfs.c
* Smack: fix another vsscanf out of bounds
security/smack/smackfs.c
scsi: mesh: Fix panic after host or bus reset
usb: dwc2: Fix error path in gadget registration
USB: serial: iuu_phoenix: fix led-activity helpers
drm/imx: tve: fix regulator_disable error path
PCI/ASPM: Add missing newline in sysfs 'policy'
staging: rtl8192u: fix a dubious looking mask before a shift
powerpc/vdso: Fix vdso cpu truncation
mwifiex: Prevent memory corruption handling keys
scsi: scsi_debug: Add check for sdebug_max_queue during module init
drm: panel: simple: Fix bpc for LG LB070WV8 panel
* leds: core: Flush scheduled work for system suspend
drivers/leds/led-class.c
* PCI: Fix pci_cfg_wait queue locking problem
drivers/pci/access.c
xfs: fix reflink quota reservation accounting error
media: exynos4-is: Add missed check for pinctrl_lookup_state()
media: firewire: Using uninitialized values in node_probe()
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
scsi: powertec: Fix different dev_id between request_irq() and free_irq()
drm/radeon: fix array out-of-bounds read and write issues
cxl: Fix kobject memleak
* drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline
drivers/gpu/drm/drm_mipi_dsi.c
scsi: cumana_2: Fix different dev_id between request_irq() and free_irq()
media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities()
leds: lm355x: avoid enum conversion warning
iio: improve IIO_CONCENTRATION channel type description
video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call
console: newport_con: fix an issue about leak related system resources
video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
agp/intel: Fix a memory leak on module initialisation failure
ACPICA: Do not increment operation_region reference counts for field units
bcache: fix super block seq numbers comparision in register_cache_set()
* dyndbg: fix a BUG_ON in ddebug_describe_flags
lib/dynamic_debug.c
bdc: Fix bug causing crash after multiple disconnects
usb: gadget: net2280: fix memory leak on probe error handling paths
iwlegacy: Check the return value of pcie_capability_read_*()
brcmfmac: To fix Bss Info flag definition Bug
* mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls
mm/mmap.c
* drm/debugfs: fix plain echo to connector "force" attribute
drivers/gpu/drm/drm_debugfs.c
drm/nouveau: fix multiple instances of reference count leaks
md-cluster: fix wild pointer of unlock_all_bitmaps()
video: fbdev: neofb: fix memory leak in neo_scan_monitor()
drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
drm/tilcdc: fix leak & null ref in panel_connector_get_modes
ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh()
ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
platform/x86: intel-hid: Fix return value check in check_acpi_dev()
m68k: mac: Fix IOP status/control register writes
m68k: mac: Don't send IOP message until channel is idle
arm64: dts: exynos: Fix silent hang after boot on Espresso
arm64: dts: qcom: msm8916: Replace invalid bias-pull-none property
* EDAC: Fix reference count leaks
drivers/edac/edac_device_sysfs.c
drivers/edac/edac_pci_sysfs.c
* cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
kernel/cgroup.c
* gpio: fix oops resulting from calling of_get_named_gpio(NULL, ...)
drivers/gpio/gpiolib-of.c
* tracepoint: Mark __tracepoint_string's __used
include/linux/tracepoint.h
* Smack: fix use-after-free in smk_write_relabel_self()
security/smack/smackfs.c
usb: hso: check for return value in hso_serial_common_create()
Revert "vxlan: fix tos value before xmit"
net: lan78xx: replace bogus endpoint lookup
vxlan: Ensure FDB dump is performed under RCU
* ipv6: fix memory leaks on IPV6_ADDRFORM path
include/net/addrconf.h
net/ipv6/anycast.c
net/ipv6/ipv6_sockglue.c
* ipv4: Silence suspicious RCU usage warning
net/ipv4/fib_trie.c
* binder: Prevent context manager from incrementing ref 0
drivers/android/binder.c
* xattr: break delegations in {set,remove}xattr
fs/xattr.c
include/linux/xattr.h
tools lib traceevent: Fix memory leak in process_dynamic_array_len
atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
igb: reinit_locked() should be called with rtnl_lock
* cfg80211: check vendor command doit pointer before use
net/wireless/nl80211.c
drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason
net/9p: validate fds in p9_fd_open
leds: 88pm860x: fix use-after-free on unbind
leds: lm3533: fix use-after-free on unbind
leds: da903x: fix use-after-free on unbind
leds: wm831x-status: fix use-after-free on unbind
mtd: properly check all write ioctls for permissions
vgacon: Fix for missing check in scrollback handling
omapfb: dss: Fix max fclk divider for omap36xx
* Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
net/bluetooth/hci_event.c
* Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
net/bluetooth/hci_event.c
* Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
net/bluetooth/hci_event.c
ALSA: seq: oss: Serialize ioctls
net/mlx5e: Don't support phys switch id if not in switchdev mode
USB: serial: qcserial: add EM7305 QDL product ID
* ext4: fix direct I/O read error
fs/ext4/inode.c
* random32: move the pseudo-random 32-bit definitions to prandom.h
include/linux/prandom.h
include/linux/random.h
* random32: remove net_rand_state from the latent entropy gcc plugin
include/linux/random.h
lib/random32.c
* random: fix circular include dependency on arm64 after addition of percpu.h
include/linux/random.h
ARM: percpu.h: fix build error
* random32: update the net random state on interrupt and activity
drivers/char/random.c
include/linux/random.h
kernel/time/timer.c
lib/random32.c
x86/i8259: Use printk_deferred() to prevent deadlock
KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled
xen-netfront: fix potential deadlock in xennet_remove()
Revert "i2c: cadence: Fix the hold bit setting"
net: ethernet: ravb: exit if re-initialization fails in tx timeout
parisc: add support for cmpxchg on u8 pointers
nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame
qed: Disable "MFW indication via attention" SPAM every 5 minutes
usb: hso: Fix debug compile warning on sparc32
* arm64: csum: Fix handling of bad packets
arch/arm64/include/asm/checksum.h
mac80211: mesh: Free pending skb when destroying a mpath
mac80211: mesh: Free ie data when leaving mesh
ibmvnic: Fix IRQ mapping disposal in error path
mlxsw: core: Free EMAD transactions using kfree_rcu()
mlxsw: core: Increase scope of RCU read-side critical section
mlx4: disable device on shutdown
net: lan78xx: fix transfer-buffer memory leak
net: lan78xx: add missing endpoint sanity check
sh: Fix validation of system call number
net/x25: Fix null-ptr-deref in x25_disconnect
net/x25: Fix x25_neigh refcnt leak when x25 disconnect
install several missing uapi headers
* uapi: includes linux/types.h before exporting files
include/uapi/linux/cryptouser.h
include/uapi/linux/pr.h
xfs: fix missed wakeup on l_flush_wait
rds: Prevent kernel-infoleak in rds_notify_queue_get()
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
* x86, vmlinux.lds: Page-align end of ..page_aligned sections
include/asm-generic/vmlinux.lds.h
x86/build/lto: Fix truncated .bss with -fdata-sections
9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work
9p/trans_fd: abort p9_read_work if req status changed
* f2fs: check if file namelen exceeds max value
fs/f2fs/dir.c
* f2fs: check memory boundary by insane namelen
fs/f2fs/dir.c
* drm: hold gem reference until object is no longer accessed
drivers/gpu/drm/drm_gem.c
drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
* PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
drivers/pci/quirks.c
ath9k: release allocated buffer if timed out
ath9k_htc: release allocated buffer if timed out
media: rc: prevent memory leak in cx23888_ir_probe
crypto: ccp - Release all allocated memory if sha type is invalid
net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe()
xfs: don't call xfs_da_shrink_inode with NULL bp
xfs: validate cached inodes are free when allocated
xfs: catch inode allocation state mismatch corruption
* BACKPORT: loop: Fix wrong masking of status flags
drivers/block/loop.c
* BACKPORT: loop: Add LOOP_CONFIGURE ioctl
drivers/block/loop.c
include/uapi/linux/loop.h
* BACKPORT: loop: Clean up LOOP_SET_STATUS lo_flags handling
drivers/block/loop.c
include/uapi/linux/loop.h
* BACKPORT: loop: Rework lo_ioctl() __user argument casting
drivers/block/loop.c
* BACKPORT: loop: Move loop_set_status_from_info() and friends up
drivers/block/loop.c
* BACKPORT: loop: Factor out configuring loop from status
drivers/block/loop.c
* BACKPORT: loop: Remove figure_loop_size()
drivers/block/loop.c
* BACKPORT: loop: Refactor loop_set_status() size calculation
drivers/block/loop.c
* BACKPORT: loop: Factor out setting loop device size
drivers/block/loop.c
* BACKPORT: loop: Remove sector_t truncation checks
drivers/block/loop.c
* BACKPORT: loop: Call loop_config_discard() only after new config is applied
drivers/block/loop.c
Change-Id: Ic8aad76543057de6fe453c1790dd17f9df90955c
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Linus Torvalds
|
82461648c6 |
random32: move the pseudo-random 32-bit definitions to prandom.h
commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a upstream.
The addition of percpu.h to the list of includes in random.h revealed
some circular dependencies on arm64 and possibly other platforms. This
include was added solely for the pseudo-random definitions, which have
nothing to do with the rest of the definitions in this file but are
still there for legacy reasons.
This patch moves the pseudo-random parts to linux/prandom.h and the
percpu.h include with it, which is now guarded by _LINUX_PRANDOM_H and
protected against recursive inclusion.
A further cleanup step would be to remove this from <linux/random.h>
entirely, and make people who use the prandom infrastructure include
just the new header file. That's a bit of a churn patch, but grepping
for "prandom_" and "next_pseudo_random32" "struct rnd_state" should
catch most users.
But it turns out that that nice cleanup step is fairly painful, because
a _lot_ of code currently seems to depend on the implicit include of
<linux/random.h>, which can currently come in a lot of ways, including
such fairly core headfers as <linux/net.h>.
So the "nice cleanup" part may or may never happen.
Fixes: 1c9df907da83 ("random: fix circular include dependency on arm64 after addition of percpu.h")
Tested-by: Guenter Roeck <linux@roeck-us.net>
Acked-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Linus Torvalds
|
8ce7dd3f42 |
random32: remove net_rand_state from the latent entropy gcc plugin
commit 83bdc7275e6206f560d247be856bceba3e1ed8f2 upstream.
It turns out that the plugin right now ends up being really unhappy
about the change from 'static' to 'extern' storage that happened in
commit f227e3ec3b5c ("random32: update the net random state on interrupt
and activity").
This is probably a trivial fix for the latent_entropy plugin, but for
now, just remove net_rand_state from the list of things the plugin
worries about.
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Emese Revfy <re.emese@gmail.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Willy Tarreau <w@1wt.eu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Willy Tarreau
|
746fe49675 |
random: fix circular include dependency on arm64 after addition of percpu.h
commit 1c9df907da83812e4f33b59d3d142c864d9da57f upstream.
Daniel Díaz and Kees Cook independently reported that commit
f227e3ec3b5c ("random32: update the net random state on interrupt and
activity") broke arm64 due to a circular dependency on include files
since the addition of percpu.h in random.h.
The correct fix would definitely be to move all the prandom32 stuff out
of random.h but for backporting, a smaller solution is preferred.
This one replaces linux/percpu.h with asm/percpu.h, and this fixes the
problem on x86_64, arm64, arm, and mips. Note that moving percpu.h
around didn't change anything and that removing it entirely broke
differently. When backporting, such options might still be considered
if this patch fails to help.
[ It turns out that an alternate fix seems to be to just remove the
troublesome <asm/pointer_auth.h> remove from the arm64 <asm/smp.h>
that causes the circular dependency.
But we might as well do the whole belt-and-suspenders thing, and
minimize inclusion in <linux/random.h> too. Either will fix the
problem, and both are good changes. - Linus ]
Reported-by: Daniel Díaz <daniel.diaz@linaro.org>
Reported-by: Kees Cook <keescook@chromium.org>
Tested-by: Marc Zyngier <maz@kernel.org>
Fixes: f227e3ec3b5c
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Willy Tarreau
|
5aa78397e2 |
random32: update the net random state on interrupt and activity
commit f227e3ec3b5cad859ad15666874405e8c1bbc1d4 upstream. This modifies the first 32 bits out of the 128 bits of a random CPU's net_rand_state on interrupt or CPU activity to complicate remote observations that could lead to guessing the network RNG's internal state. Note that depending on some network devices' interrupt rate moderation or binding, this re-seeding might happen on every packet or even almost never. In addition, with NOHZ some CPUs might not even get timer interrupts, leaving their local state rarely updated, while they are running networked processes making use of the random state. For this reason, we also perform this update in update_process_times() in order to at least update the state when there is user or system activity, since it's the only case we care about. Reported-by: Amit Klein <aksecurity@gmail.com> Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Eric Dumazet <edumazet@google.com> Cc: "Jason A. Donenfeld" <Jason@zx2c4.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Kees Cook <keescook@chromium.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: <stable@vger.kernel.org> Signed-off-by: Willy Tarreau <w@1wt.eu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Rik van Riel
|
5d8ff1e598 |
random,stackprotect: introduce get_random_canary function
Patch series "stackprotector: ascii armor the stack canary", v2. Zero out the first byte of the stack canary value on 64 bit systems, in order to mitigate unterminated C string overflows. The null byte both prevents C string functions from reading the canary, and from writing it if the canary value were guessed or obtained through some other means. Reducing the entropy by 8 bits is acceptable on 64-bit systems, which will still have 56 bits of entropy left, but not on 32 bit systems, so the "ascii armor" canary is only implemented on 64-bit systems. Inspired by the "ascii armor" code in execshield and Daniel Micay's linux-hardened tree. Also see https://github.com/thestinger/linux-hardened/ This patch (of 5): Introduce get_random_canary(), which provides a random unsigned long canary value with the first byte zeroed out on 64 bit architectures, in order to mitigate non-terminated C string overflows. The null byte both prevents C string functions from reading the canary, and from writing it if the canary value were guessed or obtained through some other means. Reducing the entropy by 8 bits is acceptable on 64-bit systems, which will still have 56 bits of entropy left, but not on 32 bit systems, so the "ascii armor" canary is only implemented on 64-bit systems. Inspired by the "ascii armor" code in the old execshield patches, and Daniel Micay's linux-hardened tree. Change-Id: Ie16a7ac0e46aa4b97866bfbdfbaa3ae96ca401f2 Link: http://lkml.kernel.org/r/20170524155751.424-2-riel@redhat.com Signed-off-by: Rik van Riel <riel@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Daniel Micay <danielmicay@gmail.com> Cc: "Theodore Ts'o" <tytso@mit.edu> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Ingo Molnar <mingo@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Git-commit: 022c204040f3fd22d6445bc35517786195b7ae80 Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Signed-off-by: Olav Haugan <ohaugan@codeaurora.org> |
||
|
Jason A. Donenfeld
|
1ac040b152 |
random: convert get_random_int/long into get_random_u32/u64
Many times, when a user wants a random number, he wants a random number of a guaranteed size. So, thinking of get_random_int and get_random_long in terms of get_random_u32 and get_random_u64 makes it much easier to achieve this. It also makes the code simpler. On 32-bit platforms, get_random_int and get_random_long are both aliased to get_random_u32. On 64-bit platforms, int->u32 and long->u64. Change-Id: Ifd5a3a6be1ef44cb8f312b7545b4835c4f82089d Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Git-commit: c440408cf6901eeb2c09563397e24a9097907078 Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Signed-off-by: Olav Haugan <ohaugan@codeaurora.org> |
||
|
Jason A. Donenfeld
|
7c03613344 |
random: use chacha20 for get_random_int/long
commit f5b98461cb8167ba362ad9f74c41d126b7becea7 upstream. Now that our crng uses chacha20, we can rely on its speedy characteristics for replacing MD5, while simultaneously achieving a higher security guarantee. Before the idea was to use these functions if you wanted random integers that aren't stupidly insecure but aren't necessarily secure either, a vague gray zone, that hopefully was "good enough" for its users. With chacha20, we can strengthen this claim, since either we're using an rdrand-like instruction, or we're using the same crng as /dev/urandom. And it's faster than what was before. We could have chosen to replace this with a SipHash-derived function, which might be slightly faster, but at the cost of having yet another RNG construction in the kernel. By moving to chacha20, we have a single RNG to analyze and verify, and we also already get good performance improvements on all platforms. Implementation-wise, rather than use a generic buffer for both get_random_int/long and memcpy based on the size needs, we use a specific buffer for 32-bit reads and for 64-bit reads. This way, we're guaranteed to always have aligned accesses on all platforms. While slightly more verbose in C, the assembly this generates is a lot simpler than otherwise. Finally, on 32-bit platforms where longs and ints are the same size, we simply alias get_random_int to get_random_long. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Suggested-by: Theodore Ts'o <tytso@mit.edu> Cc: Theodore Ts'o <tytso@mit.edu> Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Cc: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Linus Torvalds
|
9ffc66941d |
Merge tag 'gcc-plugins-v4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull gcc plugins update from Kees Cook: "This adds a new gcc plugin named "latent_entropy". It is designed to extract as much possible uncertainty from a running system at boot time as possible, hoping to capitalize on any possible variation in CPU operation (due to runtime data differences, hardware differences, SMP ordering, thermal timing variation, cache behavior, etc). At the very least, this plugin is a much more comprehensive example for how to manipulate kernel code using the gcc plugin internals" * tag 'gcc-plugins-v4.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: latent_entropy: Mark functions with __latent_entropy gcc-plugins: Add latent_entropy plugin |
||
|
Jason Cooper
|
7425154d3b |
random: remove unused randomize_range()
All call sites for randomize_range have been updated to use the much simpler and more robust randomize_addr(). Remove the now unnecessary code. Link: http://lkml.kernel.org/r/20160803233913.32511-8-jason@lakedaemon.net Signed-off-by: Jason Cooper <jason@lakedaemon.net> Acked-by: Kees Cook <keescook@chromium.org> Cc: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Jason Cooper
|
99fdafdeac |
random: simplify API for random address requests
To date, all callers of randomize_range() have set the length to 0, and check for a zero return value. For the current callers, the only way to get zero returned is if end <= start. Since they are all adding a constant to the start address, this is unnecessary. We can remove a bunch of needless checks by simplifying the API to do just what everyone wants, return an address between [start, start + range). While we're here, s/get_random_int/get_random_long/. No current call site is adversely affected by get_random_int(), since all current range requests are < UINT_MAX. However, we should match caller expectations to avoid coming up short (ha!) in the future. All current callers to randomize_range() chose to use the start address if randomize_range() failed. Therefore, we simplify things by just returning the start address on error. randomize_range() will be removed once all callers have been converted over to randomize_addr(). Link: http://lkml.kernel.org/r/20160803233913.32511-2-jason@lakedaemon.net Signed-off-by: Jason Cooper <jason@lakedaemon.net> Acked-by: Kees Cook <keescook@chromium.org> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: "Roberts, William C" <william.c.roberts@intel.com> Cc: Yann Droneaud <ydroneaud@opteya.com> Cc: Russell King <linux@arm.linux.org.uk> Cc: "Theodore Ts'o" <tytso@mit.edu> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Paul Mackerras <paulus@samba.org> Cc: "David S. Miller" <davem@davemloft.net> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: "H . Peter Anvin" <hpa@zytor.com> Cc: Nick Kralevich <nnk@google.com> Cc: Jeffrey Vander Stoep <jeffv@google.com> Cc: Daniel Cashman <dcashman@android.com> Cc: Chris Metcalf <cmetcalf@mellanox.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Emese Revfy
|
0766f788eb |
latent_entropy: Mark functions with __latent_entropy
The __latent_entropy gcc attribute can be used only on functions and variables. If it is on a function then the plugin will instrument it for gathering control-flow entropy. If the attribute is on a variable then the plugin will initialize it with random contents. The variable must be an integer, an integer array type or a structure with integer fields. These specific functions have been selected because they are init functions (to help gather boot-time entropy), are called at unpredictable times, or they have variable loops, each of which provide some level of latent entropy. Signed-off-by: Emese Revfy <re.emese@gmail.com> [kees: expanded commit message] Signed-off-by: Kees Cook <keescook@chromium.org> |
||
|
Emese Revfy
|
38addce8b6 |
gcc-plugins: Add latent_entropy plugin
This adds a new gcc plugin named "latent_entropy". It is designed to extract as much possible uncertainty from a running system at boot time as possible, hoping to capitalize on any possible variation in CPU operation (due to runtime data differences, hardware differences, SMP ordering, thermal timing variation, cache behavior, etc). At the very least, this plugin is a much more comprehensive example for how to manipulate kernel code using the gcc plugin internals. The need for very-early boot entropy tends to be very architecture or system design specific, so this plugin is more suited for those sorts of special cases. The existing kernel RNG already attempts to extract entropy from reliable runtime variation, but this plugin takes the idea to a logical extreme by permuting a global variable based on any variation in code execution (e.g. a different value (and permutation function) is used to permute the global based on loop count, case statement, if/then/else branching, etc). To do this, the plugin starts by inserting a local variable in every marked function. The plugin then adds logic so that the value of this variable is modified by randomly chosen operations (add, xor and rol) and random values (gcc generates separate static values for each location at compile time and also injects the stack pointer at runtime). The resulting value depends on the control flow path (e.g., loops and branches taken). Before the function returns, the plugin mixes this local variable into the latent_entropy global variable. The value of this global variable is added to the kernel entropy pool in do_one_initcall() and _do_fork(), though it does not credit any bytes of entropy to the pool; the contents of the global are just used to mix the pool. Additionally, the plugin can pre-initialize arrays with build-time random contents, so that two different kernel builds running on identical hardware will not have the same starting values. Signed-off-by: Emese Revfy <re.emese@gmail.com> [kees: expanded commit message and code comments] Signed-off-by: Kees Cook <keescook@chromium.org> |
||
|
H. Peter Anvin
|
117780eef7 |
x86, asm: use bool for bitops and other assembly outputs
The gcc people have confirmed that using "bool" when combined with inline assembly always is treated as a byte-sized operand that can be assumed to be 0 or 1, which is exactly what the SET instruction emits. Change the output types and intermediate variables of as many operations as practical to "bool". Signed-off-by: H. Peter Anvin <hpa@zytor.com> Link: http://lkml.kernel.org/r/1465414726-197858-3-git-send-email-hpa@linux.intel.com Reviewed-by: Andy Lutomirski <luto@kernel.org> Reviewed-by: Borislav Petkov <bp@suse.de> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> |
||
|
Andy Shevchenko
|
8da4b8c48e |
lib/uuid.c: move generate_random_uuid() to uuid.c
Let's gather the UUID related functions under one hood. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk> Cc: Arnd Bergmann <arnd@arndb.de> Cc: "Theodore Ts'o" <tytso@mit.edu> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Jens Axboe <axboe@kernel.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Daniel Cashman
|
ec9ee4acd9 |
drivers: char: random: add get_random_long()
Commit
|
||
|
Daniel Borkmann
|
897ece56e7 |
random32: add prandom_init_once helper for own rngs
Add a prandom_init_once() facility that works on the rnd_state, so that users that are keeping their own state independent from prandom_u32() can initialize their taus113 per cpu states. The motivation here is similar to net_get_random_once(): initialize the state as late as possible in the hope that enough entropy has been collected for the seeding. prandom_init_once() makes use of the recently introduced prandom_seed_full_state() helper and is generic enough so that it could also be used on fast-paths due to the DO_ONCE(). Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Herbert Xu
|
c2719503f5 |
random: Remove kernel blocking API
This patch removes the kernel blocking API as it has been completely replaced by the callback API. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Herbert Xu
|
205a525c33 |
random: Add callback API for random pool readiness
The get_blocking_random_bytes API is broken because the wait can be arbitrarily long (potentially forever) so there is no safe way of calling it from within the kernel. This patch replaces it with a callback API instead. The callback is invoked potentially from interrupt context so the user needs to schedule their own work thread if necessary. In addition to adding callbacks, they can also be removed as otherwise this opens up a way for user-space to allocate kernel memory with no bound (by opening algif_rng descriptors and then closing them). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Stephan Mueller
|
16b369a91d |
random: Blocking API for accessing nonblocking_pool
The added API calls provide a synchronous function call get_blocking_random_bytes where the caller is blocked until the nonblocking_pool is initialized. CC: Andreas Steffen <andreas.steffen@strongswan.org> CC: Theodore Ts'o <tytso@mit.edu> CC: Sandy Harris <sandyinchina@gmail.com> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
||
|
Daniel Borkmann
|
a98406e22c |
random32: improvements to prandom_bytes
This patch addresses a couple of minor items, mostly addesssing
prandom_bytes(): 1) prandom_bytes{,_state}() should use size_t
for length arguments, 2) We can use put_unaligned() when filling
the array instead of open coding it [ perhaps some archs will
further benefit from their own arch specific implementation when
GCC cannot make up for it ], 3) Fix a typo, 4) Better use unsigned
int as type for getting the arch seed, 5) Make use of
prandom_u32_max() for timer slack.
Regarding the change to put_unaligned(), callers of prandom_bytes()
which internally invoke prandom_bytes_state(), don't bother as
they expect the array to be filled randomly and don't have any
control of the internal state what-so-ever (that's also why we
have periodic reseeding there, etc), so they really don't care.
Now for the direct callers of prandom_bytes_state(), which
are solely located in test cases for MTD devices, that is,
drivers/mtd/tests/{oobtest.c,pagetest.c,subpagetest.c}:
These tests basically fill a test write-vector through
prandom_bytes_state() with an a-priori defined seed each time
and write that to a MTD device. Later on, they set up a read-vector
and read back that blocks from the device. So in the verification
phase, the write-vector is being re-setup [ so same seed and
prandom_bytes_state() called ], and then memcmp()'ed against the
read-vector to check if the data is the same.
Akinobu, Lothar and I also tested this patch and it runs through
the 3 relevant MTD test cases w/o any errors on the nandsim device
(simulator for MTD devs) for x86_64, ppc64, ARM (i.MX28, i.MX53
and i.MX6):
# modprobe nandsim first_id_byte=0x20 second_id_byte=0xac \
third_id_byte=0x00 fourth_id_byte=0x15
# modprobe mtd_oobtest dev=0
# modprobe mtd_pagetest dev=0
# modprobe mtd_subpagetest dev=0
We also don't have any users depending directly on a particular
result of the PRNG (except the PRNG self-test itself), and that's
just fine as it e.g. allowed us easily to do things like upgrading
from taus88 to taus113.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Tested-by: Akinobu Mita <akinobu.mita@gmail.com>
Tested-by: Lothar Waßmann <LW@KARO-electronics.de>
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||
|
H. Peter Anvin
|
7b878d4b48 |
random: Add arch_has_random[_seed]()
Add predicate functions for having arch_get_random[_seed]*(). The only current use is to avoid the loop in arch_random_refill() when arch_get_random_seed_long() is unavailable. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Michael Ellerman <michael@ellerman.id.au> Signed-off-by: Theodore Ts'o <tytso@mit.edu> |
||
|
H. Peter Anvin
|
d20f78d252 |
x86, random: Enable the RDSEED instruction
Upcoming Intel silicon adds a new RDSEED instruction, which is similar
to RDRAND but provides a stronger guarantee: unlike RDRAND, RDSEED
will always reseed the PRNG from the true random number source between
each read. Thus, the output of RDSEED is guaranteed to be 100%
entropic, unlike RDRAND which is only architecturally guaranteed to be
1/512 entropic (although in practice is much more.)
The RDSEED instruction takes the same time to execute as RDRAND, but
RDSEED unlike RDRAND can legitimately return failure (CF=0) due to
entropy exhaustion if too many threads on too many cores are hammering
the RDSEED instruction at the same time. Therefore, we have to be
more conservative and only use it in places where we can tolerate
failures.
This patch introduces the primitives arch_get_random_seed_{int,long}()
but does not use it yet.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
||
|
Daniel Borkmann
|
f337db64af |
random32: add prandom_u32_max and convert open coded users
Many functions have open coded a function that returns a random number in range [0,N-1]. Under the assumption that we have a PRNG such as taus113 with being well distributed in [0, ~0U] space, we can implement such a function as uword t = (n*m')>>32, where m' is a random number obtained from PRNG, n the right open interval border and t our resulting random number, with n,m',t in u32 universe. Lets go with Joe and simply call it prandom_u32_max(), although technically we have an right open interval endpoint, but that we have documented. Other users can further be migrated to the new prandom_u32_max() function later on; for now, we need to make sure to migrate reciprocal_divide() users for the reciprocal_divide() follow-up fixup since their function signatures are going to change. Joint work with Hannes Frederic Sowa. Cc: Jakub Zawadzki <darkjames-ws@darkjames.pl> Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: linux-kernel@vger.kernel.org Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Daniel Borkmann
|
a98814cef8 |
random32: upgrade taus88 generator to taus113 from errata paper
Since we use prandom*() functions quite often in networking code
i.e. in UDP port selection, netfilter code, etc, upgrade the PRNG
from Pierre L'Ecuyer's original paper "Maximally Equidistributed
Combined Tausworthe Generators", Mathematics of Computation, 65,
213 (1996), 203--213 to the version published in his errata paper [1].
The Tausworthe generator is a maximally-equidistributed generator,
that is fast and has good statistical properties [1].
The version presented there upgrades the 3 state LFSR to a 4 state
LFSR with increased periodicity from about 2^88 to 2^113. The
algorithm is presented in [1] by the very same author who also
designed the original algorithm in [2].
Also, by increasing the state, we make it a bit harder for attackers
to "guess" the PRNGs internal state. See also discussion in [3].
Now, as we use this sort of weak initialization discussed in [3]
only between core_initcall() until late_initcall() time [*] for
prandom32*() users, namely in prandom_init(), it is less relevant
from late_initcall() onwards as we overwrite seeds through
prandom_reseed() anyways with a seed source of higher entropy, that
is, get_random_bytes(). In other words, a exhaustive keysearch of
96 bit would be needed. Now, with the help of this patch, this
state-search increases further to 128 bit. Initialization needs
to make sure that s1 > 1, s2 > 7, s3 > 15, s4 > 127.
taus88 and taus113 algorithm is also part of GSL. I added a test
case in the next patch to verify internal behaviour of this patch
with GSL and ran tests with the dieharder 3.31.1 RNG test suite:
$ dieharder -g 052 -a -m 10 -s 1 -S 4137730333 #taus88
$ dieharder -g 054 -a -m 10 -s 1 -S 4137730333 #taus113
With this seed configuration, in order to compare both, we get
the following differences:
algorithm taus88 taus113
rands/second [**] 1.61e+08 1.37e+08
sts_serial(4, 1st run) WEAK PASSED
sts_serial(9, 2nd run) WEAK PASSED
rgb_lagged_sum(31) WEAK PASSED
We took out diehard_sums test as according to the authors it is
considered broken and unusable [4]. Despite that and the slight
decrease in performance (which is acceptable), taus113 here passes
all 113 tests (only rgb_minimum_distance_5 in WEAK, the rest PASSED).
In general, taus/taus113 is considered "very good" by the authors
of dieharder [5].
The papers [1][2] states a single warm-up step is sufficient by
running quicktaus once on each state to ensure proper initialization
of ~s_{0}:
Our selection of (s) according to Table 1 of [1] row 1 holds the
condition L - k <= r - s, that is,
(32 32 32 32) - (31 29 28 25) <= (25 27 15 22) - (18 2 7 13)
with r = k - q and q = (6 2 13 3) as also stated by the paper.
So according to [2] we are safe with one round of quicktaus for
initialization. However we decided to include the warm-up phase
of the PRNG as done in GSL in every case as a safety net. We also
use the warm up phase to make the output of the RNG easier to
verify by the GSL output.
In prandom_init(), we also mix random_get_entropy() into it, just
like drivers/char/random.c does it, jiffies ^ random_get_entropy().
random-get_entropy() is get_cycles(). xor is entropy preserving so
it is fine if it is not implemented by some architectures.
Note, this PRNG is *not* used for cryptography in the kernel, but
rather as a fast PRNG for various randomizations i.e. in the
networking code, or elsewhere for debugging purposes, for example.
[*]: In order to generate some "sort of pseduo-randomness", since
get_random_bytes() is not yet available for us, we use jiffies and
initialize states s1 - s3 with a simple linear congruential generator
(LCG), that is x <- x * 69069; and derive s2, s3, from the 32bit
initialization from s1. So the above quote from [3] accounts only
for the time from core to late initcall, not afterwards.
[**] Single threaded run on MacBook Air w/ Intel Core i5-3317U
[1] http://www.iro.umontreal.ca/~lecuyer/myftp/papers/tausme2.ps
[2] http://www.iro.umontreal.ca/~lecuyer/myftp/papers/tausme.ps
[3] http://thread.gmane.org/gmane.comp.encryption.general/12103/
[4] http://code.google.com/p/dieharder/source/browse/trunk/libdieharder/diehard_sums.c?spec=svn490&r=490#20
[5] http://www.phy.duke.edu/~rgb/General/dieharder.php
Joint work with Hannes Frederic Sowa.
Cc: Florian Weimer <fweimer@redhat.com>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|