5183d3514ae6e8257386cc2d1384438d3da170b5
320 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Ivaylo Georgiev
|
cb4e55266e |
Merge android-4.19.110:wq(1984fff) into msm-4.19
* refs/heads/tmp-1984fff:
Revert "ANDROID: staging: android: ion: enable modularizing the ion driver"
Revert "BACKPORT: sched/rt: Make RT capacity-aware"
Revert "ANDROID: GKI: Add devm_thermal_of_virtual_sensor_register API."
Linux 4.19.110
KVM: SVM: fix up incorrect backport
ANDROID: gki_defconfig: Enable USB_CONFIGFS_MASS_STORAGE
UPSTREAM: arm64: memory: Add missing brackets to untagged_addr() macro
UPSTREAM: mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
Revert "ANDROID: tty: serdev: Fix broken serial console input"
ANDROID: serdev: restrict claim of platform devices
ANDROID: update the ABI xml representation
ANDROID: GKI: add a USB TypeC vendor field for ABI compat
UPSTREAM: usb: typec: mux: Switch to use fwnode_property_count_uXX()
UPSTREAM: usb: typec: Make sure an alt mode exist before getting its partner
UPSTREAM: usb: typec: Registering real device entries for the muxes
UPSTREAM: usb: typec: mux: remove redundant check on variable match
UPSTREAM: usb: typec: mux: Fix unsigned comparison with less than zero
UPSTREAM: usb: typec: mux: Find the muxes by also matching against the device node
UPSTREAM: usb: typec: Find the ports by also matching against the device node
UPSTREAM: usb: typec: Rationalize the API for the muxes
UPSTREAM: device property: Add helpers to count items in an array
UPSTREAM: platform/x86: intel_cht_int33fe: Remove old style mux connections
UPSTREAM: platform/x86: intel_cht_int33fe: Prepare for better mux naming scheme
UPSTREAM: usb: typec: Prepare alt mode enter/exit reporting for UCSI alt mode support
ANDROID: GKI: Update ABI
ANDROID: GKI: drivers: of: Add API to find ddr device type
UPSTREAM: Input: reset device timestamp on sync
UPSTREAM: Input: allow drivers specify timestamp for input events
ANDROID: GKI: usb: dwc3: Add USB_DR_MODE_DRD as dual role mode
ANDROID: GKI: Add devm_thermal_of_virtual_sensor_register API.
UPSTREAM: crypto: skcipher - Introduce crypto_sync_skcipher
ANDROID: GKI: cfg80211: Add AP stopped interface
UPSTREAM: device connection: Add fwnode member to struct device_connection
FROMGIT: kallsyms: unexport kallsyms_lookup_name() and kallsyms_on_each_symbol()
FROMGIT: samples/hw_breakpoint: drop use of kallsyms_lookup_name()
FROMGIT: samples/hw_breakpoint: drop HW_BREAKPOINT_R when reporting writes
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
ANDROID: gki_defconfig: Enable CONFIG_VM_EVENT_COUNTERS
ANDROID: gki_defconfig: Enable CONFIG_CLEANCACHE
ANDROID: Update ABI representation
ANDROID: gki_defconfig: disable CONFIG_DEBUG_DEVRES
Linux 4.19.109
scsi: pm80xx: Fixed kernel panic during error recovery for SATA drive
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
efi/x86: Handle by-ref arguments covering multiple pages in mixed mode
efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: dts: imx7-colibri: Fix frequency for sd/mmc
ARM: dts: am437x-idk-evm: Fix incorrect OPP node names
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
RDMA/iwcm: Fix iwcm work deallocation
ARM: dts: imx6: phycore-som: fix emmc supply
phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval
phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling
drm/sun4i: de2/de3: Remove unsupported VI layer formats
drm/sun4i: Fix DE2 VI layer format support
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
dmaengine: imx-sdma: remove dma_slave_config direction usage and leave sdma_event_enable()
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
spi: bcm63xx-hsspi: Really keep pll clk enabled
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
dm writecache: verify watermark during resume
dm: report suspended device during destroy
dm cache: fix a crash due to incorrect work item cancelling
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
media: v4l2-mem2mem.c: fix broken links
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
fat: fix uninit-memory access for partial initialized inode
mm: fix possible PMD dirty bit lost in set_pmd_migration_entry()
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: dwc3: gadget: Update chain bit correctly when using sg list
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: don't leak -EAGAIN for stat() during reconnect
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
ALSA: hda/realtek - Add Headset Mic supported
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
ice: Don't tell the OS that link is going down
nvme: Fix uninitialized-variable warning
s390/qdio: fill SL with absolute addresses
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390: make 'install' not depend on vmlinux
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
net: dsa: b53: Ensure the default VID is untagged
selftests: forwarding: use proto icmp for {gretap, ip6gretap}_mac testing
drm/msm/dsi/pll: call vco set rate explicitly
drm/msm/dsi: save pll state before dsi host is powered off
scsi: megaraid_sas: silence a warning
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
ALSA: hda: do not override bus codec_mask in link_get()
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
EDAC/amd64: Set grain per DIMM
ANDROID: Fix kernelci build-break for arm32
ANDROID: enable CONFIG_WATCHDOG_CORE=y
ANDROID: kbuild: align UNUSED_KSYMS_WHITELIST with upstream
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
FROMGIT: driver core: Reevaluate dev->links.need_for_probe as suppliers are added
FROMGIT: driver core: Call sync_state() even if supplier has no consumers
FROMGIT: of: property: Add device link support for power-domains and hwlocks
UPSTREAM: binder: prevent UAF for binderfs devices II
UPSTREAM: binder: prevent UAF for binderfs devices
ANDROID: GKI: enable PM_GENERIC_DOMAINS by default
ANDROID: GKI: pci: framework: disable auto suspend link
ANDROID: GKI: gpio: Add support for hierarchical IRQ domains
ANDROID: GKI: of: property: Add device links support for pinctrl-[0-3]
ANDROID: GKI: of: property: Ignore properties that start with "qcom,"
ANDROID: GKI: of: property: Add support for parsing qcom,msm-bus,name property
ANDROID: GKI: genirq: Export symbols to compile irqchip drivers as modules
ANDROID: GKI: of: irq: add helper to remap interrupts to another irqdomain
ANDROID: GKI: genirq/irqdomain: add export symbols for modularizing
ANDROID: GKI: genirq: Introduce irq_chip_get/set_parent_state calls
ANDROID: Update ABI representation
ANDROID: arm64: gki_defconfig: disable CONFIG_ZONE_DMA32
ANDROID: GKI: drivers: thermal: Fix ABI diff for struct thermal_cooling_device
ANDROID: GKI: drivers: thermal: Indicate in DT the trips are for temperature falling
ANDROID: Update ABI representation
ANDROID: Update ABI whitelist for qcom SoCs
ANDROID: gki_defconfig: enable CONFIG_TYPEC
ANDROID: Fix kernelci build-break on !CONFIG_CMA builds
ANDROID: GKI: mm: fix cma accounting in zone_watermark_ok
ANDROID: CC_FLAGS_CFI add -fno-sanitize-blacklist
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
Linux 4.19.108
audit: always check the netlink payload length in audit_receive_msg()
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
netfilter: nf_flowtable: fix documentation
netfilter: nft_tunnel: no need to call htons() when dumping ports
thermal: brcmstb_thermal: Do not use DT coefficients
KVM: x86: Remove spurious clearing of async #PF MSR
KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
pwm: omap-dmtimer: put_device() after of_find_device_by_node()
kprobes: Set unoptimized flag after unoptimizing code
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
perf stat: Fix shadow stats for clock events
perf stat: Use perf_evsel__is_clocki() for clock events
sched/fair: Fix O(nr_cgroups) in the load balancing path
sched/fair: Optimize update_blocked_averages()
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: delete unused mwifiex_get_intf_num()
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net/smc: no peer ID in CLC decline for SMCD
net: atlantic: fix potential error handling
net: atlantic: fix use after free kasan warn
net: netlink: cap max groups which will be considered in netlink_bind()
s390/qeth: vnicc Fix EOPNOTSUPP precedence
usb: charger: assign specific number for enum value
hv_netvsc: Fix unwanted wakeup in netvsc_attach()
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
HID: alps: Fix an error handling path in 'alps_input_configured()'
vhost: Check docket sk_family instead of call getname
amdgpu/gmc_v9: save/restore sdpif regs during S3
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
macintosh: therm_windtunnel: fix regression when instantiating devices
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
net/tls: Fix to avoid gettig invalid tls record
qede: Fix race between rdma destroy workqueue and link change event
ipv6: Fix nlmsg_flags when splitting a multipath route
ipv6: Fix route replacement with dev-only route
sctp: move the format error check out of __sctp_sf_do_9_1_abort
nfc: pn544: Fix occasional HW initialization failure
net: sched: correct flower port blocking
net: phy: restore mdio regs in the iproc mdio driver
net: mscc: fix in frame extraction
net: fib_rules: Correctly set table field when table number exceeds 8 bits
sysrq: Remove duplicated sysrq message
sysrq: Restore original console_loglevel when sysrq disabled
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
soc/tegra: fuse: Fix build with Tegra194 configuration
ARM: dts: sti: fixup sound frame-inversion for stihxxx-b2120.dtsi
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
s390/zcrypt: fix card and queue total counter wrap
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
iwlwifi: pcie: fix rb_allocator workqueue allocation
irqchip/gic-v3-its: Fix misuse of GENMASK macro
ANDROID: Update ABI representation
ANDROID: abi_gki_aarch64_whitelist: add module_layout and task_struct
ANDROID: gki_defconfig: disable KPROBES, update ABI
ANDROID: GKI: mm: add cma pcp list
ANDROID: GKI: cma: redirect page allocation to CMA
BACKPORT: mm, compaction: be selective about what pageblocks to clear skip hints
BACKPORT: mm: reclaim small amounts of memory when an external fragmentation event occurs
BACKPORT: mm: move zone watermark accesses behind an accessor
UPSTREAM: mm: use alloc_flags to record if kswapd can wake
UPSTREAM: mm, page_alloc: spread allocations across zones before introducing fragmentation
ANDROID: GKI: update abi for ufshcd changes
ANDROID: Unconditionally create bridge tracepoints
ANDROID: gki_defconfig: Enable MFD_SYSCON on x86
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
ANDROID: Re-add default y for VIRTIO_PCI_LEGACY
ANDROID: GKI: build in HVC_DRIVER
ANDROID: Removed default m for virtual sw crypto device
ANDROID: Remove default y on BRIDGE_IGMP_SNOOPING
ANDROID: GKI: Added missing SND configs
FROMLIST: ufs: fix a bug on printing PRDT
UPSTREAM: sched/uclamp: Reject negative values in cpu_uclamp_write()
ANDROID: gki_defconfig: Disable CONFIG_RT_GROUP_SCHED
ANDROID: GKI: Remove CONFIG_BRIDGE from arm64 config
ANDROID: Add ABI Whitelist for qcom
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
UPSTREAM: regulator/of_get_regulator: add child path to find the regulator supplier
ANDROID: gki_defconfig: Remove 'BRIDGE_NETFILTER is not set'
BACKPORT: net: disable BRIDGE_NETFILTER by default
ANDROID: kbuild: fix UNUSED_KSYMS_WHITELIST backport
Linux 4.19.107
Revert "char/random: silence a lockdep splat with printk()"
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
rxrpc: Fix call RCU cleanup using non-bh-safe locks
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill
genirq/proc: Reject invalid affinity masks (again)
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: dwc2: Fix in ISOC request length checking
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
Revert "dmaengine: imx-sdma: Fix memory leak"
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: reset fs_root to NULL on error in open_ctree
btrfs: fix bytes_may_use underflow in prealloc error condtition
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between online resizing and write operations
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
tty: serial: qcom_geni_serial: Fix RX cancel command failure
tty: serial: qcom_geni_serial: Remove xfer_mode variable
tty: serial: qcom_geni_serial: Remove set_rfr_wm() and related variables
tty: serial: qcom_geni_serial: Remove use of *_relaxed() and mb()
tty: serial: qcom_geni_serial: Remove interrupt storm
tty: serial: qcom_geni_serial: Fix UART hang
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
KVM: nVMX: Don't emulate instructions in guest mode
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
drm/amdgpu/soc15: fix xclk for raven
mm/vmscan.c: don't round up scan size for online memory cgroup
genirq/irqdomain: Make sure all irq domain flags are distinct
nvme-multipath: Fix memory leak with ana_log_buf
mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps()
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
serial: 8250: Check UPF_IRQ_SHARED in advance
x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
jbd2: fix ocfs2 corrupt when clearing block group bits
powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields
usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
USB: quirks: blacklist duplicate ep on Sound Devices USBPre2
USB: core: add endpoint-blacklist quirk
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: vt_ioctl: fix race in VT_RESIZEX
vt: selection, handle pending signals in paste_selection
vt: fix scrollback flushing on background consoles
floppy: check FDC index for errors before assigning it
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ASoC: sun8i-codec: Fix setting DAI data format
ALSA: hda/realtek - Apply quirk for yet another MSI laptop
ALSA: hda/realtek - Apply quirk for MSI GP63, too
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
UPSTREAM: psi: Fix a division error in psi poll()
UPSTREAM: sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime
UPSTREAM: sched/psi: Correct overly pessimistic size calculation
ANDROID: build.config.gki.aarch64: enable symbol trimming
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: sdcardfs: fix -ENOENT lookup race issue
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: gki: Enable BINFMT_MISC as part of GKI
ANDROID: gki_defconfig: disable CONFIG_CRYPTO_MD4
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
BACKPORT: FROMLIST: kbuild: generate autoksyms.h early
BACKPORT: FROMLIST: kbuild: split adjust_autoksyms.sh in two parts
BACKPORT: FROMLIST: kbuild: allow symbol whitelisting with TRIM_UNUSED_KSYMS
ANDROID: kbuild: use modules.order in adjust_autoksyms.sh
UPSTREAM: kbuild: source include/config/auto.conf instead of ${KCONFIG_CONFIG}
ANDROID: Disable wq fp check in CFI builds
ANDROID: increase limit on sched-tune boost groups
BACKPORT: nvmem: core: fix regression in of_nvmem_cell_get()
BACKPORT: nvmem: hide unused nvmem_find_cell_by_index function
BACKPORT: nvmem: resolve cells from DT at registration time
Linux 4.19.106
drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2)
mlxsw: spectrum_dpipe: Add missing error path
virtio_balloon: prevent pfn array overflow
cifs: log warning message (once) if out of disk space
help_next should increase position index
NFS: Fix memory leaks
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage
drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
iwlwifi: mvm: Fix thermal zone registration
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: explicity type cast in bset_bkey_last()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
rbd: work around -Wuninitialized warning
ceph: check availability of mds cluster on mount after wait timeout
bpf: map_seq_next should always increase position index
cifs: fix NULL dereference in match_prepath
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
hostap: Adjust indentation in prism2_hostapd_add_sta
ARM: 8951/1: Fix Kexec compilation issue.
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
selftests: bpf: Reset global state between reuseport test runs
iommu/vt-d: Remove unnecessary WARN_ON_ONCE()
bcache: cached_dev_free needs to put the sb page
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
drm/nouveau/mmu: fix comptag memory leak
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
s390: adjust -mpacked-stack support check for clang 10
x86/decoder: Add TEST opcode to Group3-2
kbuild: use -S instead of -E for precise cc-option test in Kconfig
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
remoteproc: Initialize rproc_class before use
module: avoid setting info->name early in case we can fall back to info->mod->name
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
watchdog/softlockup: Enforce that timestamp is valid on boot
drm/amd/display: fixup DML dependencies
arm64: fix alternatives with LLVM's integrated assembler
scsi: iscsi: Don't destroy session if there are outstanding connections
f2fs: free sysfs kobject
f2fs: set I_LINKABLE early to avoid wrong access by vfs
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
drm/nouveau/fault/gv100-: fix memory leak on module unload
drm/nouveau/drm/ttm: Remove set but not used variable 'mem'
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
bpf: Return -EBADRQC for invalid map type in __bpf_tx_xdp_map
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
visorbus: fix uninitialized variable access
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
wan: ixp4xx_hss: fix compile-testing on 64-bit
x86/nmi: Remove irq_work from the long duration NMI handler
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add software counter for ctxt0 seq drop
staging: rtl8188: avoid excessive stack usage
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco
drm: remove the newline for CRC source name.
mlx5: work around high stack usage with gcc
ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch
tools lib api fs: Fix gcc9 stringop-truncation compilation error
ALSA: sh: Fix compile warning wrt const
clk: uniphier: Add SCSSI clock gate for each channel
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
reset: uniphier: Add SCSSI reset control for each channel
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
x86/vdso: Provide missing include file
crypto: chtls - Fixed memory leak
dmaengine: imx-sdma: Fix memory leak
dmaengine: Store module owner in dma_device struct
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
ARM: dts: r8a7779: Add device node for ARM global timer
drm/mediatek: handle events when enabling/disabling crtc
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy
fore200e: Fix incorrect checks of NULL pointer dereference
r8169: check that Realtek PHY driver module is loaded
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers
PCI: Add generic quirk for increasing D3hot delay
media: cx23885: Add support for AVerMedia CE310B
PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in
ARM: dts: imx6: rdu2: Limit USBH1 to Full Speed
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
selinux: ensure we cleanup the internal AVC counters on error in avc_insert()
arm: dts: allwinner: H3: Add PMU node
arm64: dts: allwinner: H6: Add PMU mode
selinux: fall back to ref-walk if audit is required
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
kconfig: fix broken dependency in randconfig-generated .config
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
ath10k: Correct the DMA direction for management tx buffers
ext4, jbd2: ensure panic when aborting with zero errno
ARM: 8952/1: Disable kmemleak on XIP kernels
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
powerpc/iov: Move VF pdev fixup into pcibios_fixup_iov()
s390/pci: Fix possible deadlock in recover_store()
pwm: omap-dmtimer: Simplify error handling
x86/sysfb: Fix check for bad VRAM size
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
iommu/vt-d: Fix off-by-one in PASID allocation
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
media: i2c: mt9v032: fix enum mbus codes and frame sizes
pxa168fb: Fix the function used to release some memory in an error handling path
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
brcmfmac: Fix use after free in brcmf_sdio_readframes()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
drm/gma500: Fixup fbdev stolen size usage evaluation
KVM: nVMX: Use correct root level for nested EPT shadow page tables
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
Revert "KVM: nVMX: Use correct root level for nested EPT shadow page tables"
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
net/smc: fix leak of kernel memory to user space
enic: prevent waking up stopped tx queues over watchdog reset
core: Don't skip generic XDP program execution for cloned SKBs
ANDROID: arm64: update the abi with the new gki_defconfig
ANDROID: arm64: gki_defconfig: disable CONFIG_DEBUG_PREEMPT
ANDROID: GKI: arm64: gki_defconfig: follow-up to removing DRM_MSM driver
ANDROID: drm/msm: Remove Kconfig default
ANDROID: GKI: arm64: gki_defconfig: remove qcom,cmd-db driver
ANDROID: GKI: drivers: qcom: cmd-db: Allow compiling qcom,cmd-db driver as module
ANDROID: GKI: arm64: gki_defconfig: remove qcom,rpmh-rsc driver
ANDROID: GKI: drivers: qcom: rpmh-rsc: Add tristate support for qcom,rpmh-rsc driver
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: rtc: class: support hctosys from modular RTC drivers
ANDROID: Incremental fs: Support xattrs
ANDROID: abi update for 4.19.105
UPSTREAM: random: ignore GRND_RANDOM in getentropy(2)
UPSTREAM: random: add GRND_INSECURE to return best-effort non-cryptographic bytes
UPSTREAM: linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
UPSTREAM: linux/random.h: Use false with bool
UPSTREAM: linux/random.h: Remove arch_has_random, arch_has_random_seed
UPSTREAM: random: remove some dead code of poolinfo
UPSTREAM: random: fix typo in add_timer_randomness()
UPSTREAM: random: Add and use pr_fmt()
UPSTREAM: random: convert to ENTROPY_BITS for better code readability
UPSTREAM: random: remove unnecessary unlikely()
UPSTREAM: random: remove kernel.random.read_wakeup_threshold
UPSTREAM: random: delete code to pull data into pools
UPSTREAM: random: remove the blocking pool
UPSTREAM: random: make /dev/random be almost like /dev/urandom
UPSTREAM: random: Add a urandom_read_nowait() for random APIs that don't warn
UPSTREAM: random: Don't wake crng_init_wait when crng_init == 1
UPSTREAM: char/random: silence a lockdep splat with printk()
BACKPORT: fdt: add support for rng-seed
BACKPORT: arm64: map FDT as RW for early_init_dt_scan()
UPSTREAM: random: fix soft lockup when trying to read from an uninitialized blocking pool
UPSTREAM: random: document get_random_int() family
UPSTREAM: random: move rand_initialize() earlier
UPSTREAM: random: only read from /dev/random after its pool has received 128 bits
UPSTREAM: drivers/char/random.c: make primary_crng static
UPSTREAM: drivers/char/random.c: remove unused stuct poolinfo::poolbits
UPSTREAM: drivers/char/random.c: constify poolinfo_table
ANDROID: clang: update to 10.0.4
Linux 4.19.105
KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
NFSv4.1 make cachethis=no for writes
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create
RDMA/core: Fix invalid memory access in spec_filter_size
IB/rdmavt: Reset all QPs when the device is shut down
IB/hfi1: Close window for pq and request coliding
IB/hfi1: Acquire lock to release TID entries when user file is closed
nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
ARM: npcm: Bring back GPIOLIB support
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
btrfs: ref-verify: fix memory leaks
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: add cond_resched() to ext4_protect_reserved_inode
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000
ALSA: usb-audio: sound: usb: usb true/false for bool return type
arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
ALSA: hda/realtek - Fix silent output on MSI-GL73
ALSA: usb-audio: Fix UAC2/3 effect unit parsing
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ANDROID: Fix ABI representation after enabling CONFIG_NET_NS
ANDROID: gki_defconfig: Enable CONFIG_NET_NS
ANDROID: gki_defconfig: Enable XDP_SOCKETS
UPSTREAM: sched/topology: Introduce a sysctl for Energy Aware Scheduling
ANDROID: gki_defconfig: Enable MAC80211_RC_MINSTREL
ANDROID: f2fs: remove unused function
ANDROID: virtio: virtio_input: pass _DIRECT only if the device advertises _DIRECT
ANDROID: cf build: Use merge_configs
ANDROID: net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
ANDROID: gki_defconfig: Disable SDCARD_FS
Linux 4.19.104
padata: fix null pointer deref of pd->pinst
serial: uartps: Move the spinlock after the read of the tx empty
x86/stackframe, x86/ftrace: Add pt_regs frame annotations
x86/stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
libertas: make lbs_ibss_join_existing() return error code on rates overflow
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
media: i2c: adv748x: Fix unsafe macros
crypto: atmel-sha - fix error handling when setting hmac key
crypto: artpec6 - return correct error code for failed setkey()
mtd: sharpslpart: Fix unsigned comparison to zero
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm/arm64: Fix young bit from mmu notifier
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Fix the type of no FP/SIMD capability
ARM: 8949/1: mm: mark free_memmap as __init
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
tools/power/acpi: fix compilation error
ARM: dts: at91: sama5d3: define clock rate range for tcb1
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: Reenable UART TX pull-ups
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
rtc: cmos: Stop using shared IRQ
rtc: hym8563: Return -EINVAL if the time is known to be invalid
spi: spi-mem: Fix inverted logic in op sanity check
spi: spi-mem: Add extra sanity checks on the op param
gpio: zynq: Report gpio direction at boot
serial: uartps: Add a timeout to the tx empty wait
NFSv4: try lease recovery on NFS4ERR_EXPIRED
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFS: Revalidate the file size on a fatal write error
nfs: NFS_SWAP should depend on SWAP
PCI: Don't disable bridge BARs when assigning bus resources
PCI/switchtec: Fix vep_vector_number ioread width
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
RDMA/uverbs: Verify MR access flags
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/netlink: Do not always generate an ACK for some netlink operations
IB/mlx4: Fix memory leak in add_gid error flow
hv_sock: Remove the accept port restriction
ASoC: pcm: update FE/BE trigger order based on the command
ANDROID: gki_defconfig: Add CONFIG_UNICODE
ANDROID: added memory initialization tests to cuttlefish config
ANDROID: gki_defconfig: enable CONFIG_RUNTIME_TESTING_MENU
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
FROMLIST: rename missed uaccess .fixup section
ANDROID: f2fs: fix missing blk-crypto changes
ANDROID: gki_defconfig: enable heap and stack initialization.
UPSTREAM: lib/test_stackinit: Handle Clang auto-initialization pattern
UPSTREAM: lib: Introduce test_stackinit module
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
UPSTREAM: dynamic_debug: allow to work if debugfs is disabled
UPSTREAM: lib: dynamic_debug: no need to check return value of debugfs_create functions
ANDROID: ABI/Whitelist: update for Cuttlefish
ANDROID: update ABI representation and GKI whitelist
ANDROID: gki_defconfig: Set CONFIG_ANDROID_BINDERFS=y
Linux 4.19.103
rxrpc: Fix service call disconnection
perf/core: Fix mlock accounting in perf_mmap()
clocksource: Prevent double add_timer_on() for watchdog_timer
x86/apic/msi: Plug non-maskable MSI affinity race
cifs: fail i/o on soft mounts if sessionsetup errors out
mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section
mm: return zero_resv_unavail optimization
mm: zero remaining unavailable struct pages
KVM: Play nice with read-only memslots when querying host page size
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
btrfs: flush write bio if we loop in extent_write_cache_pages
drm/dp_mst: Remove VCPI while disabling topology mgr
drm: atmel-hlcdc: enable clock before configuring timing engine
btrfs: free block groups after free'ing fs trees
btrfs: use bool argument in free_root_pointers()
ext4: fix deadlock allocating crypto bounce page from mempool
net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan()
net: macb: Limit maximum GEM TX length in TSO
net: macb: Remove unnecessary alignment check for TSO
net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx
net/mlx5: IPsec, Fix esp modify function attribute
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net_sched: fix a resource leak in tcindex_set_parms()
net: mvneta: move rx_dropped and rx_errors in per-cpu stats
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
bonding/alb: properly access headers in bond_alb_xmit()
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
nfsd: Return the correct number of bytes written to the file
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/core: Fix ODP get user pages flow
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
ppp: Adjust indentation into ppp_async_input
NFC: pn544: Adjust indentation in pn544_hci_check_presence
drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
phy: qualcomm: Adjust indentation in read_poll_timeout
scsi: ufs: Recheck bkops level if bkops is disabled
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
percpu: Separate decrypted varaibles anytime encryption can be enabled
drm/amd/dm/mst: Ignore payload update failures
clk: tegra: Mark fuse clock as critical
KVM: s390: do not clobber registers during guest reset/store status
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: x86: Don't let userspace set host-reserved cr4 bits
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
aio: prevent potential eventfd recursion on poll
eventfd: track eventfd_signal() recursion depth
bcache: add readahead cache policy options via sysfs interface
watchdog: fix UAF in reboot notifier handling in watchdog core code
xen/balloon: Support xend-based toolstack take two
tools/kvm_stat: Fix kvm_exit filter name
media: rc: ensure lirc is initialized before registering input device
drm/rect: Avoid division by zero
gfs2: fix O_SYNC write handling
gfs2: move setting current->backing_dev_info
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
iwlwifi: don't throw error when trying to remove IGTK
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: set trans->drity in btrfs_commit_transaction
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
jbd2_seq_info_next should increase position index
NFS: Directory page cache pages need to be locked when read
NFS: Fix memory leaks and corruption in readdir
scsi: qla2xxx: Fix unbound NVME response length
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
crypto: api - Fix race condition in crypto_spawn_alg
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: ccp - set max RSA modulus size for v3 platform devices as well
samples/bpf: Don't try to remove user's homedir on clean
ftrace: Protect ftrace_graph_hash with ftrace_sync
ftrace: Add comment to why rcu_dereference_sched() is open coded
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
tracing: Annotate ftrace_graph_hash pointer with __rcu
padata: Remove broken queue flushing
dm writecache: fix incorrect flush sequence when doing SSD mode commit
dm: fix potential for q->make_request_fn NULL pointer
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm space map common: fix to ensure new block isn't already in use
dm zoned: support zone sizes smaller than 128MiB
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
PM: core: Fix handling of devices deleted during system-wide resume
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
power: supply: ltc2941-battery-gauge: fix use-after-free
scsi: qla2xxx: Fix mtcp dump collection failure
scripts/find-unused-docs: Fix massive false positives
crypto: ccree - fix PM race condition
crypto: ccree - fix pm wrongful error reporting
crypto: ccree - fix backlog memory leak
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
hv_balloon: Balloon up according to request page number
mmc: sdhci-of-at91: fix memleak on clk_get failure
PCI: keystone: Fix link training retries initiation
crypto: geode-aes - convert to skcipher API and make thread-safe
ubifs: Fix deadlock in concurrent bulk-read and writepage
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: don't trigger assertion on invalid no-key filename
ubifs: Reject unsupported ioctl flags explicitly
alarmtimer: Unregister wakeup source when module get fails
ACPI / battery: Deal better with neither design nor full capacity not being reported
ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
ACPI / battery: Deal with design or full capacity being reported as -1
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
mmc: spi: Toggle SPI polarity, do not hardcode it
PCI: tegra: Fix return value check of pm_runtime_get_sync()
smb3: fix signing verification of large reads
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
powerpc/xmon: don't access ASDR in VMs
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
MIPS: boot: fix typo in 'vmlinux.lzma.its' target
MIPS: fix indentation of the 'RELOCS' message
KVM: arm64: Only sign-extend MMIO up to register width
KVM: arm/arm64: Correct AArch32 SPSR on exception entry
KVM: arm/arm64: Correct CPSR on exception entry
KVM: arm64: Correct PSTATE on exception entry
ALSA: hda: Add Clevo W65_67SB the power_save blacklist
platform/x86: intel_scu_ipc: Fix interrupt support
irqdomain: Fix a memory leak in irq_domain_push_irq()
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
media: v4l2-core: compat: ignore native command codes
media/v4l2-core: set pages dirty upon releasing DMA buffers
mm: move_pages: report the number of non-attempted pages
mm/memory_hotplug: fix remove_memory() lockdep splat
ALSA: dummy: Fix PCM format loop in proc output
ALSA: usb-audio: Fix endianess in descriptor validation
usb: gadget: f_ecm: Use atomic_t to track in-flight request
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: legacy: set max_speed to super-speed
usb: typec: tcpci: mask event interrupts when remove driver
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
rcu: Avoid data-race in rcu_gp_fqs_check_wake()
tracing: Fix sched switch start/stop refcount racy updates
ipc/msg.c: consolidate all xxxctl_down() functions
mfd: dln2: More sanity checking for endpoints
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
rxrpc: Fix missing active use pinning of rxrpc_local object
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix use-after-free in rxrpc_put_local()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->total_retrans in tcp_disconnect()
bnxt_en: Fix TC queue mapping.
net: stmmac: Delete txtimer in suspend()
net_sched: fix an OOB access in cls_tcindex
net: hsr: fix possible NULL deref in hsr_handle_frame()
l2tp: Allow duplicate session creation with UDP
gtp: use __GFP_NOWARN to avoid memalloc warning
cls_rsvp: fix rsvp_policy
sparc32: fix struct ipc64_perm type definition
iwlwifi: mvm: fix NVM check for 3168 devices
printk: fix exclusive_console replaying
udf: Allow writing to 'Rewritable' partitions
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
ocfs2: fix oops when writing cloned file
media: iguanair: fix endpoint sanity check
kernel/module: Fix memleak in module_add_modinfo_attrs()
ovl: fix lseek overflow on 32bit
Revert "drm/sun4i: dsi: Change the start delay calculation"
ANDROID: Revert "ANDROID: gki_defconfig: removed CONFIG_PM_WAKELOCKS"
ANDROID: dm: prevent default-key from being enabled without needed hooks
ANDROID: gki: x86: Enable PCI_MSI, WATCHDOG, HPET
ANDROID: Incremental fs: Fix crash on failed lookup
ANDROID: Incremental fs: Make files writeable
ANDROID: update abi for 4.19.102
ANDROID: Incremental fs: Remove C++-style comments
Linux 4.19.102
mm/migrate.c: also overwrite error when it is bigger than zero
perf report: Fix no libunwind compiled warning break s390 issue
btrfs: do not zero f_bavail if we have available space
net: Fix skb->csum update in inet_proto_csum_replace16().
l2t_seq_next should increase position index
seq_tab_next() should increase position index
net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G
net/fsl: treat fsl,erratum-a011043
powerpc/fsl/dts: add fsl,erratum-a011043
qlcnic: Fix CPU soft lockup while collecting firmware dump
ARM: dts: am43x-epos-evm: set data pin directions for spi0 and spi1
r8152: get default setting of WOL before initializing
airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE
tee: optee: Fix compilation issue with nommu
ARM: 8955/1: virt: Relax arch timer version check during early boot
scsi: fnic: do not queue commands during fwreset
xfrm: interface: do not confirm neighbor when do pmtu update
xfrm interface: fix packet tx through bpf_redirect()
vti[6]: fix packet tx through bpf_redirect()
ARM: dts: am335x-boneblack-common: fix memory size
iwlwifi: Don't ignore the cap field upon mcc update
riscv: delete temporary files
bnxt_en: Fix ipv6 RFS filter matching logic.
net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec
netfilter: nft_tunnel: ERSPAN_VERSION must not be null
wireless: wext: avoid gcc -O3 warning
mac80211: Fix TKIP replay protection immediately after key setup
cfg80211: Fix radar event during another phy CAC
wireless: fix enabling channel 12 for custom regulatory domain
parisc: Use proper printk format for resource_size_t
qmi_wwan: Add support for Quectel RM500Q
ASoC: sti: fix possible sleep-in-atomic
platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits
igb: Fix SGMII SFP module discovery for 100FX/LX.
ixgbe: Fix calculation of queue with VFs and flow director on interface flap
ixgbevf: Remove limit of 10 entries for unicast filter list
ASoC: rt5640: Fix NULL dereference on module unload
clk: mmp2: Fix the order of timer mux parents
mac80211: mesh: restrict airtime metric to peered established plinks
clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order
rseq: Unregister rseq for clone CLONE_VM
tools lib traceevent: Fix memory leakage in filter_event
soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot
ARM: dts: beagle-x15-common: Model 5V0 regulator
ARM: dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes
ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity
media: si470x-i2c: Move free() past last use of 'radio'
cgroup: Prevent double killing of css when enabling threaded cgroup
Bluetooth: Fix race condition in hci_release_sock()
ttyprintk: fix a potential deadlock in interrupt context issue
tomoyo: Use atomic_t for statistics counter
media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
media: gspca: zero usb_buf
media: vp7045: do not read uninitialized values if usb transfer fails
media: af9005: uninitialized variable printked
media: digitv: don't continue if remote control state can't be read
reiserfs: Fix memory leak of journal device string
mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
ext4: validate the debug_want_extra_isize mount option at parse time
arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean'
tools lib: Fix builds when glibc contains strlcpy()
PM / devfreq: Add new name attribute for sysfs
perf c2c: Fix return type for histogram sorting comparision functions
rsi: fix use-after-free on failed probe and unbind
rsi: add hci detach for hibernation and poweroff
crypto: pcrypt - Fix user-after-free on module unload
x86/resctrl: Fix a deadlock due to inaccurate reference
x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup
x86/resctrl: Fix use-after-free when deleting resource groups
vfs: fix do_last() regression
ANDROID: update abi definitions
BACKPORT: clk: core: clarify the check for runtime PM
UPSTREAM: sched/fair/util_est: Implement faster ramp-up EWMA on utilization increases
ANDROID: Re-use SUGOV_RT_MAX_FREQ to control uclamp rt behavior
BACKPORT: sched/fair: Make EAS wakeup placement consider uclamp restrictions
BACKPORT: sched/fair: Make task_fits_capacity() consider uclamp restrictions
ANDROID: sched/core: Move SchedTune task API into UtilClamp wrappers
ANDROID: sched/core: Add a latency-sensitive flag to uclamp
ANDROID: sched/tune: Move SchedTune cpu API into UtilClamp wrappers
ANDROID: init: kconfig: Only allow sched tune if !uclamp
FROMGIT: sched/core: Fix size of rq::uclamp initialization
FROMGIT: sched/uclamp: Fix a bug in propagating uclamp value in new cgroups
FROMGIT: sched/uclamp: Rename uclamp_util_with() into uclamp_rq_util_with()
FROMGIT: sched/uclamp: Make uclamp util helpers use and return UL values
FROMGIT: sched/uclamp: Remove uclamp_util()
BACKPORT: sched/rt: Make RT capacity-aware
UPSTREAM: tools headers UAPI: Sync sched.h with the kernel
UPSTREAM: sched/uclamp: Fix overzealous type replacement
UPSTREAM: sched/uclamp: Fix incorrect condition
UPSTREAM: sched/core: Fix compilation error when cgroup not selected
UPSTREAM: sched/core: Fix uclamp ABI bug, clean up and robustify sched_read_attr() ABI logic and code
UPSTREAM: sched/uclamp: Always use 'enum uclamp_id' for clamp_id values
UPSTREAM: sched/uclamp: Update CPU's refcount on TG's clamp changes
UPSTREAM: sched/uclamp: Use TG's clamps to restrict TASK's clamps
UPSTREAM: sched/uclamp: Propagate system defaults to the root group
UPSTREAM: sched/uclamp: Propagate parent clamps
UPSTREAM: sched/uclamp: Extend CPU's cgroup controller
BACKPORT: sched/uclamp: Add uclamp support to energy_compute()
UPSTREAM: sched/uclamp: Add uclamp_util_with()
BACKPORT: sched/cpufreq, sched/uclamp: Add clamps for FAIR and RT tasks
UPSTREAM: sched/uclamp: Set default clamps for RT tasks
UPSTREAM: sched/uclamp: Reset uclamp values on RESET_ON_FORK
UPSTREAM: sched/uclamp: Extend sched_setattr() to support utilization clamping
UPSTREAM: sched/core: Allow sched_setattr() to use the current policy
UPSTREAM: sched/uclamp: Add system default clamps
UPSTREAM: sched/uclamp: Enforce last task's UCLAMP_MAX
UPSTREAM: sched/uclamp: Add bucket local max tracking
UPSTREAM: sched/uclamp: Add CPU's clamp buckets refcounting
UPSTREAM: cgroup: add cgroup_parse_float()
Linux 4.19.101
KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE
block: fix 32 bit overflow in __blkdev_issue_discard()
block: cleanup __blkdev_issue_discard()
random: try to actively add entropy rather than passively wait for it
crypto: af_alg - Use bh_lock_sock in sk_destruct
rsi: fix non-atomic allocation in completion handler
rsi: fix memory leak on failed URB submission
rsi: fix use-after-free on probe errors
sched/fair: Fix insertion in rq->leaf_cfs_rq_list
sched/fair: Add tmp_alone_branch assertion
usb-storage: Disable UAS on JMicron SATA enclosure
ARM: OMAP2+: SmartReflex: add omap_sr_pdata definition
iommu/amd: Support multiple PCI DMA aliases in IRQ Remapping
PCI: Add DMA alias quirk for Intel VCA NTB
platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx
HID: steam: Fix input device disappearing
atm: eni: fix uninitialized variable warning
gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP
net: wan: sdla: Fix cast from pointer to integer of different size
drivers/net/b44: Change to non-atomic bit operations on pwol_mask
spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls
watchdog: rn5t618_wdt: fix module aliases
watchdog: max77620_wdt: fix potential build errors
phy: cpcap-usb: Prevent USB line glitches from waking up modem
phy: qcom-qmp: Increase PHY ready timeout
drivers/hid/hid-multitouch.c: fix a possible null pointer access.
HID: Add quirk for incorrect input length on Lenovo Y720
HID: ite: Add USB id match for Acer SW5-012 keyboard dock
HID: Add quirk for Xin-Mo Dual Controller
arc: eznps: fix allmodconfig kconfig warning
HID: multitouch: Add LG MELF0410 I2C touchscreen support
net_sched: fix ops->bind_class() implementations
net_sched: ematch: reject invalid TCF_EM_SIMPLE
zd1211rw: fix storage endpoint lookup
rtl8xxxu: fix interface sanity check
brcmfmac: fix interface sanity check
ath9k: fix storage endpoint lookup
cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()
crypto: chelsio - fix writing tfm flags to wrong place
iio: st_gyro: Correct data for LSM9DS0 gyro
mei: me: add comet point (lake) H device ids
component: do not dereference opaque pointer in debugfs
serial: 8250_bcm2835aux: Fix line mismatch on driver unbind
staging: vt6656: Fix false Tx excessive retries reporting.
staging: vt6656: use NULLFUCTION stack on mac80211
staging: vt6656: correct packet types for CTS protect, mode.
staging: wlan-ng: ensure error return is actually returned
staging: most: net: fix buffer overflow
usb: dwc3: turn off VBUS when leaving host mode
USB: serial: ir-usb: fix IrLAP framing
USB: serial: ir-usb: fix link-speed handling
USB: serial: ir-usb: add missing endpoint sanity check
usb: dwc3: pci: add ID for the Intel Comet Lake -V variant
rsi_91x_usb: fix interface sanity check
orinoco_usb: fix interface sanity check
ANDROID: gki: Removed cf modules from gki_defconfig
ANDROID: Remove default y for VIRTIO_PCI_LEGACY
ANDROID: gki_defconfig: Remove SND_8X0
ANDROID: gki: Fixed some typos in Kconfig.gki
ANDROID: modularize BLK_MQ_VIRTIO
ANDROID: kallsyms: strip hashes from function names with ThinLTO
ANDROID: Incremental fs: Remove unneeded compatibility typedef
ANDROID: Incremental fs: Enable incrementalfs in GKI
ANDROID: Incremental fs: Fix sparse errors
ANDROID: Fixing incremental fs style issues
ANDROID: Make incfs selftests pass
ANDROID: Initial commit of Incremental FS
ANDROID: gki_defconfig: Enable req modules in GKI
ANDROID: gki_defconfig: Set IKHEADERS back to =y
UPSTREAM: UAPI: ndctl: Remove use of PAGE_SIZE
Linux 4.19.100
mm/memory_hotplug: shrink zones when offlining memory
mm/memory_hotplug: fix try_offline_node()
mm/memunmap: don't access uninitialized memmap in memunmap_pages()
drivers/base/node.c: simplify unregister_memory_block_under_nodes()
mm/hotplug: kill is_dev_zone() usage in __remove_pages()
mm/memory_hotplug: remove "zone" parameter from sparse_remove_one_section
mm/memory_hotplug: make unregister_memory_block_under_nodes() never fail
mm/memory_hotplug: remove memory block devices before arch_remove_memory()
mm/memory_hotplug: create memory block devices after arch_add_memory()
drivers/base/memory: pass a block_id to init_memory_block()
mm/memory_hotplug: allow arch_remove_memory() without CONFIG_MEMORY_HOTREMOVE
s390x/mm: implement arch_remove_memory()
mm/memory_hotplug: make __remove_pages() and arch_remove_memory() never fail
powerpc/mm: Fix section mismatch warning
mm/memory_hotplug: make __remove_section() never fail
mm/memory_hotplug: make unregister_memory_section() never fail
mm, memory_hotplug: update a comment in unregister_memory()
drivers/base/memory.c: clean up relics in function parameters
mm/memory_hotplug: release memory resource after arch_remove_memory()
mm, memory_hotplug: add nid parameter to arch_remove_memory
drivers/base/memory.c: remove an unnecessary check on NR_MEM_SECTIONS
mm, sparse: pass nid instead of pgdat to sparse_add_one_section()
mm, sparse: drop pgdat_resize_lock in sparse_add/remove_one_section()
mm/memory_hotplug: make remove_memory() take the device_hotplug_lock
net/x25: fix nonblocking connect
netfilter: nf_tables: add __nft_chain_type_get()
netfilter: ipset: use bitmap infrastructure completely
scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func
media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT
libertas: Fix two buffer overflows at parsing bss descriptor
coresight: tmc-etf: Do not call smp_processor_id from preemptible
coresight: etb10: Do not call smp_processor_id from preemptible
crypto: geode-aes - switch to skcipher for cbc(aes) fallback
sd: Fix REQ_OP_ZONE_REPORT completion handling
tracing: Fix histogram code when expression has same var as value
tracing: Remove open-coding of hist trigger var_ref management
tracing: Use hist trigger's var_ref array to destroy var_refs
net/sonic: Prevent tx watchdog timeout
net/sonic: Fix CAM initialization
net/sonic: Fix command register usage
net/sonic: Quiesce SONIC before re-initializing descriptor memory
net/sonic: Fix receive buffer replenishment
net/sonic: Improve receive descriptor status flag check
net/sonic: Avoid needless receive descriptor EOL flag updates
net/sonic: Fix receive buffer handling
net/sonic: Fix interface error stats collection
net/sonic: Use MMIO accessors
net/sonic: Clear interrupt flags immediately
net/sonic: Add mutual exclusion for accessing shared state
do_last(): fetch directory ->i_mode and ->i_uid before it's too late
tracing: xen: Ordered comparison of function pointers
scsi: RDMA/isert: Fix a recently introduced regression related to logout
hwmon: (nct7802) Fix voltage limits to wrong registers
netfilter: nft_osf: add missing check for DREG attribute
Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register
Input: pegasus_notetaker - fix endpoint sanity check
Input: aiptek - fix endpoint sanity check
Input: gtco - fix endpoint sanity check
Input: sur40 - fix interface sanity checks
Input: pm8xxx-vib - fix handling of separate enable register
Documentation: Document arm64 kpti control
mmc: sdhci: fix minimum clock rate for v3 controller
mmc: tegra: fix SDR50 tuning override
ARM: 8950/1: ftrace/recordmcount: filter relocation types
Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers"
Input: keyspan-remote - fix control-message timeouts
tracing: trigger: Replace unneeded RCU-list traversals
PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken
hwmon: (core) Do not use device managed functions for memory allocations
hwmon: (adt7475) Make volt2reg return same reg as reg2volt input
afs: Fix characters allowed into cell names
tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()
tcp: do not leave dangling pointers in tp->highest_sack
tcp_bbr: improve arithmetic division in bbr_update_bw()
Revert "udp: do rmem bulk free even if the rx sk queue is empty"
net: usb: lan78xx: Add .ndo_features_check
net-sysfs: Fix reference count leak
net-sysfs: Call dev_hold always in rx_queue_add_kobject
net-sysfs: Call dev_hold always in netdev_queue_add_kobject
net-sysfs: fix netdev_queue_add_kobject() breakage
net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject
net_sched: fix datalen for ematch
net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
net, ip_tunnel: fix namespaces move
net, ip6_tunnel: fix namespaces move
net: ip6_gre: fix moving ip6gre between namespaces
net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM
net: bcmgenet: Use netif_tx_napi_add() for TX NAPI
ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions
gtp: make sure only SOCK_DGRAM UDP sockets are accepted
firestream: fix memory leaks
can, slip: Protect tty->disc_data in write_wakeup and close with RCU
ANDROID: update abi definitions
UPSTREAM: staging: most: net: fix buffer overflow
ANDROID: gki_defconfig: Enable CONFIG_BTT
ANDROID: gki_defconfig: Temporarily disable CFI
f2fs: fix race conditions in ->d_compare() and ->d_hash()
f2fs: fix dcache lookup of !casefolded directories
f2fs: Add f2fs stats to sysfs
f2fs: delete duplicate information on sysfs nodes
f2fs: change to use rwsem for gc_mutex
f2fs: update f2fs document regarding to fsync_mode
f2fs: add a way to turn off ipu bio cache
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: show the CP_PAUSE reason in checkpoint traces
f2fs: fix deadlock allocating bio_post_read_ctx from mempool
f2fs: remove unneeded check for error allocating bio_post_read_ctx
f2fs: convert inline_dir early before starting rename
f2fs: fix memleak of kobject
f2fs: fix to add swap extent correctly
mm: export add_swap_extent()
f2fs: run fsck when getting bad inode during GC
f2fs: support data compression
f2fs: free sysfs kobject
f2fs: declare nested quota_sem and remove unnecessary sems
f2fs: don't put new_page twice in f2fs_rename
f2fs: set I_LINKABLE early to avoid wrong access by vfs
f2fs: don't keep META_MAPPING pages used for moving verity file blocks
f2fs: introduce private bioset
f2fs: cleanup duplicate stats for atomic files
f2fs: set GFP_NOFS when moving inline dentries
f2fs: should avoid recursive filesystem ops
f2fs: keep quota data on write_begin failure
f2fs: call f2fs_balance_fs outside of locked page
f2fs: preallocate DIO blocks when forcing buffered_io
Linux 4.19.99
m68k: Call timer_interrupt() with interrupts disabled
arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node
serial: stm32: fix clearing interrupt error flags
IB/iser: Fix dma_nents type definition
usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON
samples/bpf: Fix broken xdp_rxq_info due to map order assumptions
arm64: dts: juno: Fix UART frequency
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
dmaengine: ti: edma: fix missed failure handling
afs: Remove set but not used variables 'before', 'after'
affs: fix a memory leak in affs_remount
mmc: core: fix wl1251 sdio quirks
mmc: sdio: fix wl1251 vendor id
i2c: stm32f7: report dma error during probe
packet: fix data-race in fanout_flow_is_huge()
net: neigh: use long type to store jiffies delta
hv_netvsc: flag software created hash value
MIPS: Loongson: Fix return value of loongson_hwmon_init
dpaa_eth: avoid timestamp read on error paths
dpaa_eth: perform DMA unmapping before read
hwrng: omap3-rom - Fix missing clock by probing with device tree
drm: panel-lvds: Potential Oops in probe error handling
afs: Fix large file support
hv_netvsc: Fix send_table offset in case of a host bug
hv_netvsc: Fix offset usage in netvsc_send_table()
net: qca_spi: Move reset_count to struct qcaspi
afs: Fix missing timeout reset
bpf, offload: Unlock on error in bpf_offload_dev_create()
xsk: Fix registration of Rx-only sockets
net: netem: correct the parent's backlog when corrupted packet was dropped
net: netem: fix error path for corrupted GSO frames
arm64: hibernate: check pgd table allocation
firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
dmaengine: imx-sdma: fix size check for sdma script_number
vhost/test: stop device before reset
drm/msm/dsi: Implement reset correctly
net/smc: receive pending data after RCV_SHUTDOWN
net/smc: receive returns without data
tcp: annotate lockless access to tcp_memory_pressure
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
net: avoid possible false sharing in sk_leave_memory_pressure()
act_mirred: Fix mirred_init_module error handling
s390/qeth: Fix initialization of vnicc cmd masks during set online
s390/qeth: Fix error handling during VNICC initialization
sctp: add chunks to sk_backlog when the newsk sk_socket is not set
net: stmmac: fix disabling flexible PPS output
net: stmmac: fix length of PTP clock's name string
ip6erspan: remove the incorrect mtu limit for ip6erspan
llc: fix sk_buff refcounting in llc_conn_state_process()
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
mac80211: accept deauth frames in IBSS mode
rxrpc: Fix trace-after-put looking at the put connection record
net: stmmac: gmac4+: Not all Unicast addresses may be available
nvme: retain split access workaround for capability reads
net: sched: cbs: Avoid division by zero when calculating the port rate
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
net: nixge: Fix a signedness bug in nixge_probe()
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: axienet: fix a signedness bug in probe
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: socionext: Fix a signedness bug in ave_probe()
net: netsec: Fix signedness bug in netsec_probe()
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
cxgb4: Signedness bug in init_one()
net: aquantia: Fix aq_vec_isr_legacy() return value
iommu/amd: Wait for completion of IOTLB flush in attach_device
crypto: hisilicon - Matching the dma address for dma_pool_free()
bpf: fix BTF limits
powerpc/mm/mce: Keep irqs disabled during lockless page table walk
clk: actions: Fix factor clk struct member access
mailbox: qcom-apcs: fix max_register value
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands
um: Fix off by one error in IRQ enumeration
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
RDMA/cma: Fix false error message
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
gpio/aspeed: Fix incorrect number of banks
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
net: sonic: replace dev_kfree_skb in sonic_send_packet
hwmon: (shtc1) fix shtc1 and shtw1 id mask
ixgbe: sync the first fragment unconditionally
btrfs: use correct count in btrfs_file_write_iter()
Btrfs: fix inode cache waiters hanging on path allocation failure
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix hang when loading existing inode cache off disk
scsi: fnic: fix msix interrupt allocation
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: fix wrong error injection path in inc_valid_block_count()
ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux
rtlwifi: Fix file release memory leak
net: hns3: fix error VF index when setting VLAN offload
net: sonic: return NETDEV_TX_OK if failed to map buffer
led: triggers: Fix dereferencing of null pointer
xsk: avoid store-tearing when assigning umem
xsk: avoid store-tearing when assigning queues
ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
wcn36xx: use dynamic allocation for large variables
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
netfilter: ctnetlink: honor IPS_OFFLOAD flag
iio: dac: ad5380: fix incorrect assignment to val
bcache: Fix an error code in bch_dump_read()
usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
staging: greybus: light: fix a couple double frees
x86, perf: Fix the dependency of the x86 insn decoder selftest
power: supply: Init device wakeup after device_add()
net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate
hwmon: (lm75) Fix write operations for negative temperatures
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
ahci: Do not export local variable ahci_em_messages
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
media: em28xx: Fix exception handling in em28xx_alloc_urbs()
mips: avoid explicit UB in assignment of mips_io_port_base
rtc: pcf2127: bugfix: read rtc disables watchdog
ARM: 8896/1: VDSO: Don't leak kernel addresses
media: atmel: atmel-isi: fix timeout value for stop streaming
i40e: reduce stack usage in i40e_set_fc
mac80211: minstrel_ht: fix per-group max throughput rate initialization
rtc: rv3029: revert error handling patch to rv3029_eeprom_write()
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
ASoC: sun4i-i2s: RX and TX counter registers are swapped
powerpc/64s/radix: Fix memory hot-unplug page table split
signal: Allow cifs and drbd to receive their terminating signals
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
drm: rcar-du: lvds: Fix bridge_to_rcar_lvds
tools: bpftool: fix format strings and arguments for jsonw_printf()
tools: bpftool: fix arguments for p_err() in do_event_pipe()
net/rds: Add a few missing rds_stat_names entries
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
ext4: set error return correctly when ext4_htree_store_dirent fails
crypto: caam - free resources in case caam_rng registration failed
cxgb4: smt: Add lock for atomic_dec_and_test
spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode
net: fix bpf_xdp_adjust_head regression for generic-XDP
iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
tipc: reduce risk of wakeup queue starvation
arm64: dts: renesas: r8a77995: Fix register range of display node
ALSA: aoa: onyx: always initialize register read value
crypto: ccp - Reduce maximum stack usage
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
mic: avoid statically declaring a 'struct device'.
media: rcar-vin: Clean up correct notifier in error path
usb: host: xhci-hub: fix extra endianness conversion
qed: reduce maximum stack frame size
libertas_tf: Use correct channel range in lbtf_geo_init
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
clk: sunxi-ng: v3s: add the missing PLL_DDR1
drm/panel: make drm_panel.h self-contained
xfrm interface: ifname may be wrong in logs
scsi: libfc: fix null pointer dereference on a null lport
ARM: stm32: use "depends on" instead of "if" after prompt
xdp: fix possible cq entry leak
x86/pgtable/32: Fix LOWMEM_PAGES constant
net/tls: fix socket wmem accounting on fallback with netem
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
ceph: fix "ceph.dir.rctime" vxattr value
PCI: mobiveil: Fix the valid check for inbound and outbound windows
PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device()
PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI
RDMA/hns: Fixs hw access invalid dma memory error
fsi: sbefifo: Don't fail operations when in SBE IPL state
devres: allow const resource arguments
fsi/core: Fix error paths on CFAM init
ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS
ACPI: PM: Simplify and fix PM domain hibernation callbacks
PM: ACPI/PCI: Resume all devices during hibernation
um: Fix IRQ controller regression on console read
xprtrdma: Fix use-after-free in rpcrdma_post_recvs
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
mfd: intel-lpss: Release IDA resources
iommu/amd: Make iommu_disable safer
bnxt_en: Suppress error messages when querying DSCP DCB capabilities.
bnxt_en: Fix ethtool selftest crash under error conditions.
fork,memcg: alloc_thread_stack_node needs to set tsk->stack
backlight: pwm_bl: Fix heuristic to determine number of brightness levels
tools: bpftool: use correct argument in cgroup errors
nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
clk: qcom: Fix -Wunused-const-variable
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
perf/ioctl: Add check for the sample_period value
ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1()
drm/msm/a3xx: remove TPL1 regs from snapshot
arm64: dts: allwinner: h6: Pine H64: Add interrupt line for RTC
net/sched: cbs: Fix error path of cbs_module_init
ARM: dts: iwg20d-q7-common: Fix SDHI1 VccQ regularor
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
rtc: pcf8563: Fix interrupt trigger method
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
net/af_iucv: always register net_device notifier
net/af_iucv: build proper skbs for HiperTransport
net/udp_gso: Allow TX timestamp with UDP GSO
net: netem: fix backlog accounting for corrupted GSO frames
drm/msm/mdp5: Fix mdp5_cfg_init error return
IB/hfi1: Handle port down properly in pio
bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
qed: iWARP - fix uninitialized callback
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
ASoC: meson: axg-tdmout: right_j is not supported
ASoC: meson: axg-tdmin: right_j is not supported
ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev()
firmware: arm_scmi: update rate_discrete in clock_describe_rates_get
firmware: arm_scmi: fix bitfield definitions for SENSOR_DESC attributes
phy: usb: phy-brcm-usb: Remove sysfs attributes upon driver removal
iommu/vt-d: Duplicate iommu_resv_region objects per device list
arm64: dts: meson-gxm-khadas-vim2: fix Bluetooth support
arm64: dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node
serial: stm32: fix a recursive locking in stm32_config_rs485
mpls: fix warning with multi-label encap
arm64: dts: renesas: ebisu: Remove renesas, no-ether-link property
crypto: inside-secure - fix queued len computation
crypto: inside-secure - fix zeroing of the request in ahash_exit_inv
media: vivid: fix incorrect assignment operation when setting video mode
clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable
net: don't clear sock->sk early to avoid trouble in strparser
RDMA/uverbs: check for allocation failure in uapi_add_elm()
net: core: support XDP generic on stacked devices.
netvsc: unshare skb in VF rx handler
crypto: talitos - fix AEAD processing.
net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
iommu: Use right function to get group for device
iommu: Add missing new line for dma type
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
serial: stm32: fix wakeup source initialization
serial: stm32: Add support of TC bit status check
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: fix rx data length when parity enabled
serial: stm32: fix rx error handling
serial: stm32: fix word length configuration
crypto: ccp - Fix 3DES complaint from ccp-crypto module
crypto: ccp - fix AES CFB error exposed by new test vectors
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
RDMA/qedr: Fix incorrect device rate.
arm64: dts: meson: libretech-cc: set eMMC as removable
dmaengine: tegra210-adma: Fix crash during probe
clk: meson: axg: spread spectrum is on mpll2
clk: meson: gxbb: no spread spectrum on mpll0
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
afs: Fix double inc of vnode->cb_break
afs: Fix lock-wait/callback-break double locking
afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set
afs: Fix key leak in afs_release() and afs_evict_inode()
EDAC/mc: Fix edac_mc_find() in case no device is found
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
thermal: rcar_gen3_thermal: fix interrupt type
backlight: lm3630a: Return 0 on success in update_status functions
netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value
kdb: do a sanity check on the cpu in kdb_per_cpu()
nfp: bpf: fix static check error through tightening shift amount adjustment
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
pwm: meson: Don't disable PWM when setting duty repeatedly
pwm: meson: Consider 128 a valid pre-divider
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
crypto: caam - fix caam_dump_sg that iterates through scatterlist
platform/x86: alienware-wmi: printing the wrong error code
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
ALSA: aica: Fix a long-time build breakage
l2tp: Fix possible NULL pointer dereference
vfio/mdev: Fix aborting mdev child device removal if one fails
vfio/mdev: Follow correct remove sequence
vfio/mdev: Avoid release parent reference during error path
afs: Fix the afs.cell and afs.volume xattr handlers
ath10k: Fix encoding for protected management frames
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
mmc: core: fix possible use after free of host
watchdog: rtd119x_wdt: Fix remove function
dmaengine: tegra210-adma: restore channel status
net: ena: fix ena_com_fill_hash_function() implementation
net: ena: fix incorrect test of supported hash function
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
RDMA/rxe: Consider skb reserve space based on netdev of GID
IB/mlx5: Add missing XRC options to QP optional params mask
dwc2: gadget: Fix completed transfer size calculation in DDMA
usb: gadget: fsl: fix link error against usb-gadget module
ASoC: fix valid stream condition
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
ARM: dts: logicpd-som-lv: Fix MMC1 card detect
PCI: iproc: Enable iProc config read for PAXBv2
netfilter: nft_flow_offload: add entry to flowtable after confirmation
KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd()
scsi: qla2xxx: Fix a format specifier
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
s390/kexec_file: Fix potential segment overlap in ELF loader
coresight: catu: fix clang build warning
NFS: Don't interrupt file writeout due to fatal errors
afs: Further fix file locking
afs: Fix AFS file locking to allow fine grained locks
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
dmaengine: axi-dmac: Don't check the number of frames for alignment
6lowpan: Off by one handling ->nexthdr
media: ov2659: fix unbalanced mutex_lock/unlock
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
powerpc: vdso: Make vdso32 installation conditional in vdso_install
net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info()
selftests/ipc: Fix msgque compiler warnings
usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs
tipc: set sysctl_tipc_rmem and named_timeout right range
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask
PCI: dwc: Fix dw_pcie_ep_find_capability() to return correct capability offset
staging: android: vsoc: fix copy_from_user overrun
perf/core: Fix the address filtering fix
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
net: hns3: fix for vport->bw_limit overflow problem
PCI: rockchip: Fix rockchip_pcie_ep_assert_intx() bitwise operations
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
brcmfmac: fix leak of mypkt on error return path
scsi: target/core: Fix a race condition in the LUN lookup code
rxrpc: Fix detection of out of order acks
firmware: arm_scmi: fix of_node leak in scmi_mailbox_check
ACPI: button: reinitialize button state upon resume
clk: qcom: Skip halt checks on gcc_pcie_0_pipe_clk for 8998
net/sched: cbs: fix port_rate miscalculation
of: use correct function prototype for of_overlay_fdt_apply()
scsi: qla2xxx: Unregister chrdev if module initialization fails
drm/vmwgfx: Remove set but not used variable 'restart'
bpf: Add missed newline in verifier verbose log
ehea: Fix a copy-paste err in ehea_init_port_res
rtc: mt6397: Don't call irq_dispose_mapping.
rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900
arm64/vdso: don't leak kernel addresses
drm/fb-helper: generic: Call drm_client_add() after setup is done
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
soc/fsl/qe: Fix an error code in qe_pin_request()
bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated
spi: tegra114: configure dma burst size to fifo trig level
spi: tegra114: flush fifos
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: clear packed bit for unpacked mode
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
media: davinci-isif: avoid uninitialized variable use
soc: qcom: cmd-db: Fix an error code in cmd_db_dev_probe()
net: dsa: Avoid null pointer when failing to connect to PHY
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
net: phy: don't clear BMCR in genphy_soft_reset
ARM: dts: sun9i: optimus: Fix fixed-regulators
arm64: dts: allwinner: a64: Add missing PIO clocks
ARM: dts: sun8i: a33: Reintroduce default pinctrl muxing
m68k: mac: Fix VIA timer counter accesses
tipc: tipc clang warning
jfs: fix bogus variable self-initialization
crypto: ccree - reduce kernel stack usage with clang
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
media: cx23885: check allocation return
media: wl128x: Fix an error code in fm_download_firmware()
media: cx18: update *pos correctly in cx18_read_pos()
media: ivtv: update *pos correctly in ivtv_read_pos()
soc: amlogic: gx-socinfo: Add mask for each SoC packages
regulator: lp87565: Fix missing register for LP87565_BUCK_0
net: sh_eth: fix a missing check of of_get_phy_mode
net/mlx5e: IPoIB, Fix RX checksum statistics update
net/mlx5: Fix multiple updates of steering rules in parallel
xen, cpu_hotplug: Prevent an out of bounds access
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
nfp: fix simple vNIC mailbox length
scsi: megaraid_sas: reduce module load time
x86/mm: Remove unused variable 'cpu'
nios2: ksyms: Add missing symbol exports
PCI: Fix "try" semantics of bus and slot reset
rbd: clear ->xferred on error from rbd_obj_issue_copyup()
media: dvb/earth-pt1: fix wrong initialization for demod blocks
powerpc/mm: Check secondary hash page table
net: aquantia: fixed instack structure overflow
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
NFS: Add missing encode / decode sequence_maxsz to v4.2 operations
iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm()
hwrng: bcm2835 - fix probe as platform device
net: sched: act_csum: Fix csum calc for tagged packets
netfilter: nft_set_hash: bogus element self comparison from deactivation path
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
ath10k: Fix length of wmi tlv command for protected mgmt frames
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
ARM: 8849/1: NOMMU: Fix encodings for PMSAv8's PRBAR4/PRLAR4
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
iommu: Fix IOMMU debugfs fallout
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
platform/x86: wmi: fix potential null pointer dereference
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
perf, pt, coresight: Fix address filters for vmas with non-zero offset
perf: Copy parent's address filter offsets on clone
NFS: Fix a soft lockup in the delegation recovery code
powerpc/64s: Fix logic when handling unknown CPU features
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
fs/nfs: Fix nfs_parse_devname to not modify it's argument
net: dsa: fix unintended change of bridge interface STP state
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
driver core: Fix PM-runtime for links added during consumer probe
drm/nouveau: fix missing break in switch statement
drm/nouveau/pmu: don't print reply values if exec is false
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
net/mlx5: Delete unused FPGA QPN variable
net: dsa: qca8k: Enable delay for RGMII_ID mode
regulator: pv88090: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88060: Fix array out-of-bounds access
brcmfmac: create debugfs files for bus-specific layer
cdc-wdm: pass return value of recover_from_urb_loss
dmaengine: mv_xor: Use correct device for DMA API
staging: r8822be: check kzalloc return or bail
KVM: PPC: Release all hardware TCE tables attached to a group
mdio_bus: Fix PTR_ERR() usage after initialization to constant
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
vfio_pci: Enable memory accesses before calling pci_map_rom
media: sh: migor: Include missing dma-mapping header
mt76: usb: fix possible memory leak in mt76u_buf_free
net: dsa: b53: Do not program CPU port's PVID
net: dsa: b53: Properly account for VLAN filtering
net: dsa: b53: Fix default VLAN ID
keys: Timestamp new keys
block: don't use bio->bi_vcnt to figure out segment number
usb: phy: twl6030-usb: fix possible use-after-free on remove
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
driver core: Fix possible supplier PM-usage counter imbalance
RDMA/mlx5: Fix memory leak in case we fail to add an IB device
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: emev2: Add missing pinmux functions
ntb_hw_switchtec: NT req id mapping table register entry number should be 512
ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers
drm/etnaviv: potential NULL dereference
xsk: add missing smp_rmb() in xsk_mmap
ipmi: kcs_bmc: handle devm_kasprintf() failure case
iw_cxgb4: use tos when finding ipv6 routes
iw_cxgb4: use tos when importing the endpoint
fbdev: chipsfb: remove set but not used variable 'size'
rtc: pm8xxx: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: 88pm860x: fix unintended sign extension
net/smc: original socket family in inet_sock_diag
rtc: ds1307: rx8130: Fix alarm handling
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
ath10k: fix dma unmap direction for management frames
arm64: dts: msm8916: remove bogus argument to the cpu clock
thermal: mediatek: fix register index error
rtc: ds1672: fix unintended sign extension
clk: ingenic: jz4740: Fix gating of UDC clock
staging: most: cdev: add missing check for cdev_add failure
iwlwifi: mvm: fix RSS config command
drm/xen-front: Fix mmap attributes for display buffers
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: add required clocks property to keypad device node
driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link()
driver core: Fix handling of runtime PM flags in device_link_add()
driver core: Do not resume suppliers under device_links_write_lock()
driver core: Avoid careless re-use of existing device links
driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver: uio: fix possible use-after-free in __uio_register_device
driver: uio: fix possible memory leak in __uio_register_device
tty: ipwireless: Fix potential NULL pointer dereference
bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe()
iwlwifi: mvm: fix A-MPDU reference assignment
arm64: dts: allwinner: h6: Move GIC device node fix base address ordering
ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit
net/mlx5: Take lock with IRQs disabled to avoid deadlock
iwlwifi: mvm: avoid possible access out of array.
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
ARM: dts: sun8i-a23-a33: Move NAND controller device node to sort by address
net: hns3: fix bug of ethtool_ops.get_channels for VF
spi/topcliff_pch: Fix potential NULL dereference on allocation error
rtc: cmos: ignore bogus century byte
IB/mlx5: Don't override existing ip_protocol
media: tw9910: Unregister subdevice with v4l2-async
net: hns3: fix wrong combined count returned by ethtool -l
IB/iser: Pass the correct number of entries for dma mapped SGL
ASoC: imx-sgtl5000: put of nodes if finding codec fails
crypto: tgr192 - fix unaligned memory access
crypto: brcm - Fix some set-but-not-used warning
kbuild: mark prepare0 as PHONY to fix external module build
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20
net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031
RDMA/iw_cxgb4: Fix the unchecked ep dereference
spi: cadence: Correct initialisation of runtime PM
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
drm/shmob: Fix return value check in shmob_drm_probe
RDMA/qedr: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
IB/usnic: Fix out of bounds index check in query pkey
fork, memcg: fix cached_stacks case
drm/fb-helper: generic: Fix setup error path
drm/etnaviv: fix some off by one bugs
ARM: dts: r8a7743: Remove generic compatible string from iic3
drm: Fix error handling in drm_legacy_addctx
remoteproc: qcom: q6v5-mss: Add missing regulator for MSM8996
remoteproc: qcom: q6v5-mss: Add missing clocks for MSM8996
arm64: defconfig: Re-enable bcm2835-thermal driver
MIPS: BCM63XX: drop unused and broken DSP platform device
clk: dove: fix refcount leak in dove_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: socfpga: fix refcount leak
clk: ti: fix refcount leak in ti_dt_clocks_register()
clk: qoriq: fix refcount leak in clockgen_init()
clk: highbank: fix refcount leak in hb_clk_init()
fork,memcg: fix crash in free_thread_stack on memcg charge fail
Input: nomadik-ske-keypad - fix a loop timeout test
vxlan: changelink: Fix handling of default remotes
net: hns3: fix error handling int the hns3_get_vector_ring_chain
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a77980: Add missing MOD_SEL0 field
pinctrl: sh-pfc: r8a77970: Add missing MOD_SEL0 field
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
ipv6: add missing tx timestamping on IPPROTO_RAW
switchtec: Remove immediate status check after submitting MRPC command
staging: bcm2835-camera: fix module autoloading
staging: bcm2835-camera: Abort probe if there is no camera
mailbox: ti-msgmgr: Off by one in ti_msgmgr_of_xlate()
IB/rxe: Fix incorrect cache cleanup in error flow
OPP: Fix missing debugfs supply directory for OPPs
IB/hfi1: Correctly process FECN and BECN in packets
net: phy: Fix not to call phy_resume() if PHY is not attached
arm64: dts: renesas: r8a7795-es1: Add missing power domains to IPMMU nodes
arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply
drm/dp_mst: Skip validating ports during destruction, just ref
net: always initialize pagedlen
drm: rcar-du: Fix vblank initialization
drm: rcar-du: Fix the return value in case of error in 'rcar_du_crtc_set_crc_source()'
exportfs: fix 'passing zero to ERR_PTR()' warning
bus: ti-sysc: Add mcasp optional clocks flag
pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins
ASoC: sun8i-codec: add missing route for ADC
pcrypt: use format specifier in kobject_add
ARM: dts: bcm283x: Correct mailbox register sizes
ASoC: wm97xx: fix uninitialized regmap pointer problem
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
mlxsw: spectrum: Set minimum shaper on MC TCs
mlxsw: reg: QEEC: Add minimum shaper fields
net: hns3: add error handler for hns3_nic_init_vector_data()
drm/sun4i: hdmi: Fix double flag assignation
net: socionext: Add dummy PHY register read in phy_write()
tipc: eliminate message disordering during binding table update
powerpc/kgdb: add kgdb_arch_set/remove_breakpoint()
netfilter: nf_flow_table: do not remove offload when other netns's interface is down
RDMA/bnxt_re: Add missing spin lock initialization
rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version
powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index
pwm: lpss: Release runtime-pm reference from the driver's remove callback
netfilter: nft_osf: usage from output path is not valid
staging: comedi: ni_mio_common: protect register write overflow
iwlwifi: nvm: get num of hw addresses from firmware
ALSA: usb-audio: update quirk for B&W PX to remove microphone
of: Fix property name in of_node_get_device_type
drm/msm: fix unsigned comparison with less than zero
mei: replace POLL* with EPOLL* for write queues.
cfg80211: regulatory: make initialization more robust
usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure
usb: dwc3: add EXTCON dependency for qcom
genirq/debugfs: Reinstate full OF path for domain name
IB/hfi1: Add mtu check for operational data VLs
IB/rxe: replace kvfree with vfree
mailbox: mediatek: Add check for possible failure of kzalloc
ASoC: wm9712: fix unused variable warning
signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn
signal/ia64: Use the generic force_sigsegv in setup_frame
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER
PCI: iproc: Remove PAXC slot check to allow VF support
firmware: coreboot: Let OF core populate platform device
ARM: qcom_defconfig: Enable MAILBOX
apparmor: don't try to replace stale label in ptrace access check
ALSA: hda: fix unused variable warning
apparmor: Fix network performance issue in aa_label_sk_perm
iio: fix position relative kernel version
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
ixgbe: don't clear IPsec sa counters on HW clearing
ARM: dts: at91: nattis: make the SD-card slot work
ARM: dts: at91: nattis: set the PRLUD and HIPOW signals low
drm/sti: do not remove the drm_bridge that was never added
ipmi: Fix memory leak in __ipmi_bmc_register
watchdog: sprd: Fix the incorrect pointer getting from driver data
soc: aspeed: Fix snoop_file_poll()'s return type
perf map: No need to adjust the long name of modules
crypto: sun4i-ss - fix big endian issues
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
tipc: fix wrong timeout input for tipc_wait_for_cond()
tipc: update mon's self addr when node addr generated
powerpc/archrandom: fix arch_get_random_seed_int()
powerpc/pseries: Enable support for ibm,drc-info property
SUNRPC: Fix svcauth_gss_proxy_init()
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop
i2c: stm32f7: rework slave_id allocation
xfs: Sanity check flags of Q_XQUOTARM call
Revert "efi: Fix debugobjects warning on 'efi_rts_work'"
FROMGIT: ext4: Add EXT4_IOC_FSGETXATTR/EXT4_IOC_FSSETXATTR to compat_ioctl.
ANDROID: gki_defconfig: Set IKHEADERS back to =m
ANDROID: gki_defconfig: enable NVDIMM/PMEM options
UPSTREAM: virtio-pmem: Add virtio pmem driver
UPSTREAM: libnvdimm: nd_region flush callback support
UPSTREAM: libnvdimm/of_pmem: Provide a unique name for bus provider
UPSTREAM: libnvdimm/of_pmem: Fix platform_no_drv_owner.cocci warnings
ANDROID: x86: gki_defconfig: enable LTO and CFI
ANDROID: x86: map CFI jump tables in pti_clone_entry_text
ANDROID: BACKPORT: x86, module: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86, relocs: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86/extable: Do not mark exception callback as CFI
FROMLIST: crypto, x86/sha: Eliminate casts on asm implementations
UPSTREAM: crypto: x86 - Rename functions to avoid conflict with crypto/sha256.h
UPSTREAM: x86/vmlinux: Actually use _etext for the end of the text segment
ANDROID: update ABI following inline crypto changes
ANDROID: gki_defconfig: enable dm-default-key
ANDROID: dm: add dm-default-key target for metadata encryption
ANDROID: dm: enable may_passthrough_inline_crypto on some targets
ANDROID: dm: add support for passing through inline crypto support
ANDROID: block: Introduce passthrough keyslot manager
ANDROID: ext4, f2fs: enable direct I/O with inline encryption
FROMLIST: scsi: ufs: add program_key() variant op
ANDROID: block: export symbols needed for modules to use inline crypto
ANDROID: block: fix some inline crypto bugs
UPSTREAM: mm/page_io.c: annotate refault stalls from swap_readpage
UPSTREAM: lib/test_meminit.c: add bulk alloc/free tests
UPSTREAM: lib/test_meminit: add a kmem_cache_alloc_bulk() test
UPSTREAM: mm/slub.c: init_on_free=1 should wipe freelist ptr for bulk allocations
ANDROID: mm/cma.c: Export symbols
ANDROID: gki_defconfig: Set CONFIG_ION=m
ANDROID: lib/plist: Export symbol plist_add
ANDROID: staging: android: ion: enable modularizing the ion driver
Revert "ANDROID: security,perf: Allow further restriction of perf_event_open"
ANDROID: selinux: modify RTM_GETLINK permission
FROMLIST: security: selinux: allow per-file labelling for binderfs
BACKPORT: tracing: Remove unnecessary DEBUG_FS dependency
BACKPORT: debugfs: Fix !DEBUG_FS debugfs_create_automount
ANDROID: update abi for 4.19.98
Linux 4.19.98
hwmon: (pmbus/ibm-cffps) Switch LEDs to blocking brightness call
regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id
clk: sprd: Use IS_ERR() to validate the return value of syscon_regmap_lookup_by_phandle()
perf probe: Fix wrong address verification
scsi: core: scsi_trace: Use get_unaligned_be*()
scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan
scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI
scsi: target: core: Fix a pr_debug() argument
scsi: bnx2i: fix potential use after free
scsi: qla4xxx: fix double free bug
scsi: esas2r: unlock on error in esas2r_nvram_read_direct()
reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr
drm/nouveau/mmu: qualify vmm during dtor
drm/nouveau/bar/gf100: ensure BAR is mapped
drm/nouveau/bar/nv50: check bar1 vmm return value
mtd: devices: fix mchp23k256 read and write
Revert "arm64: dts: juno: add dma-ranges property"
arm64: dts: marvell: Fix CP110 NAND controller node multi-line comment alignment
tick/sched: Annotate lockless access to last_jiffies_update
cfg80211: check for set_wiphy_params
arm64: dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node
cw1200: Fix a signedness bug in cw1200_load_firmware()
irqchip: Place CONFIG_SIFIVE_PLIC into the menu
tcp: refine rule to allow EPOLLOUT generation under mem pressure
xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk
mlxsw: spectrum_qdisc: Include MC TCs in Qdisc counters
mlxsw: spectrum: Wipe xstats.backlog of down ports
sh_eth: check sh_eth_cpu_data::dual_port when dumping registers
tcp: fix marked lost packets not being retransmitted
r8152: add missing endpoint sanity check
ptp: free ptp device pin descriptors properly
net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info
net: usb: lan78xx: limit size of local TSO packets
net: hns: fix soft lockup when there is not enough memory
net: dsa: tag_qca: fix doubled Tx statistics
hv_netvsc: Fix memory leak when removing rndis device
macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()
batman-adv: Fix DAT candidate selection on little endian systems
NFC: pn533: fix bulk-message timeout
netfilter: nf_tables: fix flowtable list del corruption
netfilter: nf_tables: store transaction list locally while requesting module
netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
netfilter: nft_tunnel: fix null-attribute check
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
netfilter: fix a use-after-free in mtype_destroy()
cfg80211: fix page refcount issue in A-MSDU decap
cfg80211: fix memory leak in cfg80211_cqm_rssi_update
cfg80211: fix deadlocks in autodisconnect work
bpf: Fix incorrect verifier simulation of ARSH under ALU32
arm64: dts: agilex/stratix10: fix pmu interrupt numbers
mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment
mm/huge_memory.c: make __thp_get_unmapped_area static
net: stmmac: Enable 16KB buffer size
net: stmmac: 16KB buffer must be 16 byte aligned
ARM: dts: imx7: Fix Toradex Colibri iMX7S 256MB NAND flash support
ARM: dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL
ARM: dts: imx6qdl: Add Engicam i.Core 1.5 MX6
mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio()
btrfs: fix memory leak in qgroup accounting
btrfs: do not delete mismatched root refs
btrfs: fix invalid removal of root ref
btrfs: rework arguments of btrfs_unlink_subvol
mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid
mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment
perf report: Fix incorrectly added dimensions as switch perf data file
perf hists: Fix variable name's inconsistency in hists__for_each() macro
x86/resctrl: Fix potential memory leak
drm/i915: Add missing include file <linux/math64.h>
x86/efistub: Disable paging at mixed mode entry
x86/CPU/AMD: Ensure clearing of SME/SEV features is maintained
x86/resctrl: Fix an imbalance in domain_remove_cpu()
usb: core: hub: Improved device recognition on remote wakeup
ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()
LSM: generalize flag passing to security_capable
ARM: dts: am571x-idk: Fix gpios property to have the correct gpio number
block: fix an integer overflow in logical block size
Fix built-in early-load Intel microcode alignment
arm64: dts: allwinner: a64: olinuxino: Fix SDIO supply regulator
ALSA: usb-audio: fix sync-ep altsetting sanity check
ALSA: seq: Fix racy access for queue timer in proc read
ALSA: dice: fix fallback from protocol extension into limited functionality
ARM: dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection
ASoC: msm8916-wcd-analog: Fix MIC BIAS Internal1
ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1
scsi: mptfusion: Fix double fetch bug in ioctl
scsi: fnic: fix invalid stack access
USB: serial: quatech2: handle unbound ports
USB: serial: keyspan: handle unbound ports
USB: serial: io_edgeport: add missing active-port sanity check
USB: serial: io_edgeport: handle unbound ports on URB completion
USB: serial: ch341: handle unbound port at reset_resume
USB: serial: suppress driver bind attributes
USB: serial: option: add support for Quectel RM500Q in QDL mode
USB: serial: opticon: fix control-message timeouts
USB: serial: option: Add support for Quectel RM500Q
USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx
iio: buffer: align the size of scan bytes to size of the largest element
ASoC: msm8916-wcd-digital: Reset RX interpolation path after use
clk: Don't try to enable critical clocks if prepare failed
ARM: dts: imx6q-dhcom: fix rtc compatible
dt-bindings: reset: meson8b: fix duplicate reset IDs
clk: qcom: gcc-sdm845: Add missing flag to votable GDSCs
ARM: dts: meson8: fix the size of the PMU registers
ANDROID: gki: Make GKI specific modules builtins
ANDROID: fscrypt: add support for hardware-wrapped keys
ANDROID: block: add KSM op to derive software secret from wrapped key
ANDROID: block: provide key size as input to inline crypto APIs
ANDROID: ufshcd-crypto: export cap find API
ANDROID: build config for cuttlefish ramdisk
ANDROID: Update ABI representation and whitelist
Linux 4.19.97
ocfs2: call journal flush to mark journal as empty after journal recovery when mount
hexagon: work around compiler crash
hexagon: parenthesize registers in asm predicates
ioat: ioat_alloc_ring() failure handling.
dmaengine: k3dma: Avoid null pointer traversal
drm/arm/mali: make malidp_mw_connector_helper_funcs static
MIPS: Prevent link failure with kcov instrumentation
mips: cacheinfo: report shared CPU map
rseq/selftests: Turn off timeout setting
selftests: firmware: Fix it to do root uid check and skip
scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy()
gpio: mpc8xxx: Add platform device to gpiochip->parent
rtc: brcmstb-waketimer: add missed clk_disable_unprepare
rtc: msm6242: Fix reading of 10-hour digit
f2fs: fix potential overflow
rtlwifi: Remove unnecessary NULL check in rtl_regd_init
spi: atmel: fix handling of cs_change set on non-last xfer
mtd: spi-nor: fix silent truncation in spi_nor_read_raw()
mtd: spi-nor: fix silent truncation in spi_nor_read()
iommu/mediatek: Correct the flush_iotlb_all callback
media: exynos4-is: Fix recursive locking in isp_video_release()
media: v4l: cadence: Fix how unsued lanes are handled in 'csi2rx_start()'
media: rcar-vin: Fix incorrect return statement in rvin_try_format()
media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support
media: ov6650: Fix some format attributes not under control
media: ov6650: Fix incorrect use of JPEG colorspace
tty: serial: pch_uart: correct usage of dma_unmap_sg
tty: serial: imx: use the sg count from dma_map_sg
powerpc/powernv: Disable native PCIe port management
PCI/PTM: Remove spurious "d" from granularity message
PCI: dwc: Fix find_next_bit() usage
compat_ioctl: handle SIOCOUTQNSD
af_unix: add compat_ioctl support
arm64: dts: apq8096-db820c: Increase load on l21 for SDCARD
scsi: sd: enable compat ioctls for sed-opal
pinctrl: lewisburg: Update pin list according to v1.1v6
pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call
clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume
mei: fix modalias documentation
iio: imu: adis16480: assign bias value only if operation succeeded
NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn
NFSv2: Fix a typo in encode_sattr()
crypto: virtio - implement missing support for output IVs
xprtrdma: Fix completion wait during device removal
platform/x86: GPD pocket fan: Use default values when wrong modparams are given
platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0
scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI
scsi: enclosure: Fix stale device oops with hot replug
RDMA/srpt: Report the SCSI residual to the initiator
RDMA/mlx5: Return proper error value
btrfs: simplify inode locking for RWF_NOWAIT
drm/ttm: fix incrementing the page pointer for huge pages
drm/ttm: fix start page for huge page check in ttm_put_pages()
afs: Fix missing cell comparison in afs_test_super()
cifs: Adjust indentation in smb2_open_file
s390/qeth: Fix vnicc_is_in_use if rx_bcast not set
s390/qeth: fix false reporting of VNIC CHAR config failure
hsr: reset network header when supervision frame is created
gpio: Fix error message on out-of-range GPIO in lookup table
iommu: Remove device link to group on failure
gpio: zynq: Fix for bug in zynq_gpio_restore_context API
mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy
ASoC: stm32: spdifrx: fix race condition in irq handler
ASoC: stm32: spdifrx: fix inconsistent lock state
ASoC: soc-core: Set dpcm_playback / dpcm_capture
RDMA/bnxt_re: Fix Send Work Entry state check while polling completions
RDMA/bnxt_re: Avoid freeing MR resources if dereg fails
rtc: mt6397: fix alarm register overwrite
drm/i915: Fix use-after-free when destroying GEM context
dccp: Fix memleak in __feat_register_sp
RDMA: Fix goto target to release the allocated memory
iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init
iwlwifi: dbg_ini: fix memory leak in alloc_sgtable
media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
f2fs: check if file namelen exceeds max value
f2fs: check memory boundary by insane namelen
f2fs: Move err variable to function scope in f2fs_fill_dentries()
mac80211: Do not send Layer 2 Update frame before authorization
cfg80211/mac80211: make ieee80211_send_layer2_update a public function
fs/select: avoid clang stack usage warning
ethtool: reduce stack usage with clang
HID: hidraw, uhid: Always report EPOLLOUT
HID: hidraw: Fix returning EPOLLOUT from hidraw_poll
hidraw: Return EPOLLOUT from hidraw_poll
ANDROID: update ABI whitelist
ANDROID: update kernel ABI for CONFIG_DUMMY
GKI: enable CONFIG_DUMMY=y
UPSTREAM: kcov: fix struct layout for kcov_remote_arg
UPSTREAM: vhost, kcov: collect coverage from vhost_worker
UPSTREAM: usb, kcov: collect coverage from hub_event
ANDROID: update kernel ABI for kcov changes
UPSTREAM: kcov: remote coverage support
UPSTREAM: kcov: improve CONFIG_ARCH_HAS_KCOV help text
UPSTREAM: kcov: convert kcov.refcount to refcount_t
UPSTREAM: kcov: no need to check return value of debugfs_create functions
GKI: enable CONFIG_NETFILTER_XT_MATCH_QUOTA2_LOG=y
Linux 4.19.96
drm/i915/gen9: Clear residual context state on context switch
netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
netfilter: conntrack: dccp, sctp: handle null timeout argument
netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
phy: cpcap-usb: Fix flakey host idling and enumerating of devices
phy: cpcap-usb: Fix error path when no host driver is loaded
USB: Fix: Don't skip endpoint descriptors with maxpacket=0
HID: hiddev: fix mess in hiddev_open()
ath10k: fix memory leak
rtl8xxxu: prevent leaking urb
scsi: bfa: release allocated memory in case of error
mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf
mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
tty: always relink the port
tty: link tty and port before configuring it as console
serdev: Don't claim unsupported ACPI serial devices
staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713
usb: musb: dma: Correct parameter passed to IRQ handler
usb: musb: Disable pullup at init
usb: musb: fix idling for suspend after disconnect interrupt
USB: serial: option: add ZLP support for 0x1bc7/0x9010
staging: vt6656: set usb_set_intfdata on driver fail.
gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism
gpiolib: acpi: Turn dmi_system_id table into a generic quirk table
can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs
can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode
can: gs_usb: gs_usb_probe(): use descriptors of current altsetting
can: kvaser_usb: fix interface sanity check
drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ
drm/fb-helper: Round up bits_per_pixel if possible
drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model
Input: input_event - fix struct padding on sparc64
Input: add safety guards to input_set_keycode()
HID: hid-input: clear unmapped usages
HID: uhid: Fix returning EPOLLOUT from uhid_char_poll
HID: Fix slab-out-of-bounds read in hid_field_extract
tracing: Change offset type to s32 in preempt/irq tracepoints
tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined
kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail
ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen
ALSA: hda/realtek - Set EAPD control to default for ALC222
ALSA: hda/realtek - Add new codec supported for ALCS1200A
ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5
usb: chipidea: host: Disable port power only if previously enabled
i2c: fix bus recovery stop mode timing
chardev: Avoid potential use-after-free in 'chrdev_open()'
ANDROID: Enable HID_STEAM, HID_SONY, JOYSTICK_XPAD as y
ANDROID: gki_defconfig: Enable blk-crypto fallback
BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series
docs: fs-verity: mention statx() support
f2fs: support STATX_ATTR_VERITY
ext4: support STATX_ATTR_VERITY
statx: define STATX_ATTR_VERITY
docs: fs-verity: document first supported kernel version
f2fs: add support for IV_INO_LBLK_64 encryption policies
ext4: add support for IV_INO_LBLK_64 encryption policies
fscrypt: add support for IV_INO_LBLK_64 policies
fscrypt: avoid data race on fscrypt_mode::logged_impl_name
fscrypt: zeroize fscrypt_info before freeing
fscrypt: remove struct fscrypt_ctx
fscrypt: invoke crypto API for ESSIV handling
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/bus/ti-sysc.txt
Documentation/devicetree/bindings/thermal/thermal.txt
Documentation/sysctl/vm.txt
arch/arm64/mm/mmu.c
block/blk-crypto-fallback.c
block/blk-merge.c
block/keyslot-manager.c
drivers/char/Kconfig
drivers/clk/qcom/clk-rcg2.c
drivers/gpio/gpiolib.c
drivers/hid/hid-quirks.c
drivers/irqchip/Kconfig
drivers/md/Kconfig
drivers/md/dm-default-key.c
drivers/md/dm.c
drivers/nvmem/core.c
drivers/of/Kconfig
drivers/of/fdt.c
drivers/of/irq.c
drivers/scsi/ufs/ufshcd-crypto.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/scsi/ufs/ufshci.h
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
fs/crypto/bio.c
fs/crypto/fname.c
fs/crypto/fscrypt_private.h
fs/crypto/keyring.c
fs/crypto/keysetup.c
fs/f2fs/data.c
fs/f2fs/file.c
include/crypto/skcipher.h
include/linux/gfp.h
include/linux/keyslot-manager.h
include/linux/of_fdt.h
include/sound/soc.h
kernel/sched/cpufreq_schedutil.c
kernel/sched/fair.c
kernel/sched/psi.c
kernel/sched/rt.c
kernel/sched/sched.h
kernel/sched/topology.c
kernel/sched/tune.h
kernel/sysctl.c
mm/compaction.c
mm/page_alloc.c
mm/vmscan.c
security/commoncap.c
security/selinux/avc.c
Change-Id: I9a08175c4892e533ecde8da847f75dc4874b303a
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Gaurav Kashyap
|
2ceec83a4f |
Revert existing FBE changes for ICE FBE
Revert existing FBE kernel changes for ICE upstream. Revert UFS qcom specific ice changes. Revert all sdhci related ICE changes formatted. defconfig: Remove old FBE/ICE defconfigs. Change-Id: I4d77927b6373b3bb3edfe3b060d1de272a54a426 Signed-off-by: Gaurav Kashyap <gaurkash@codeaurora.org> Signed-off-by: Neeraj Soni <neersoni@codeaurora.org> |
||
|
Ivaylo Georgiev
|
4c30d46517 |
Merge android-4.19.95 (5da1114) into msm-4.19
* refs/heads/tmp-5da1114:
Revert crypto changes from android-4.19.79-95
Revert "UPSTREAM: PM / wakeup updates"
Revert "ANDROID: of: property: Enable of_devlink by default"
Revert "UPSTREAM: dt-bindings: arm: coresight: Add support for coresight-loses-context-with-cpu"
UPSTREAM: net: usbnet: Fix -Wcast-function-type
UPSTREAM: USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein
UPSTREAM: USB: dummy-hcd: increase max number of devices to 32
ANDROID: tty: serdev: Fix broken serial console input
ANDROID: update kernel ABI (perf_event changes)
BACKPORT: perf_event: Add support for LSM and SELinux checks
UPSTREAM: iommu: Allow io-pgtable to be used outside of drivers/iommu/
ANDROID: update abi for 4.19.94 release
ANDROID: update abi due to revert
Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks"
UPSTREAM: selinux: sidtab reverse lookup hash table
UPSTREAM: selinux: avoid atomic_t usage in sidtab
UPSTREAM: selinux: check sidtab limit before adding a new entry
UPSTREAM: selinux: fix context string corruption in convert_context()
UPSTREAM: selinux: overhaul sidtab to fix bug and improve performance
UPSTREAM: selinux: refactor mls_context_to_sid() and make it stricter
UPSTREAM: selinux: use separate table for initial SID lookup
UPSTREAM: selinux: make "selinux_policycap_names[]" const char *
UPSTREAM: selinux: refactor sidtab conversion
ANDROID: Update ABI representation
ANDROID: GKI: clk: Don't disable unused clocks with sync state support
ANDROID: GKI: clk: Add support for clock providers with sync state
ANDROID: GKI: driver core: Add dev_has_sync_state()
ANDROID: update kernel ABI representation
BACKPORT: perf_event: Add support for LSM and SELinux checks
ANDROID: update ABI representation
UPSTREAM: exit: panic before exit_mm() on global init exit
ANDROID: serdev: Fix platform device support
ANDROID: Kconfig.gki: Add Hidden SPRD DRM configs
ANDROID: gki_defconfig: Disable TRANSPARENT_HUGEPAGE
ANDROID: gki_defconfig: Enable CONFIG_GNSS_CMDLINE_SERIAL
ANDROID: gnss: Add command line test driver
ANDROID: serdev: add platform device support
ANDROID: gki_defconfig: enable ARM64_SW_TTBR0_PAN
ANDROID: gki_defconfig: Set BINFMT_MISC as =m
UPSTREAM: binder: fix incorrect calculation for num_valid
ABI: Update ABI after f2fs merge
ANDROID: add initial ABI whitelist for android-4.19
ANDROID: staging: android: ion: Fix build when CONFIG_ION_SYSTEM_HEAP=n
ANDROID: staging: android: ion: Expose total heap and pool sizes via sysfs
ANDROID: Update ABI representation due to vmstat counter changes
UPSTREAM: include/linux/slab.h: fix sparse warning in kmalloc_type()
UPSTREAM: mm, slab: shorten kmalloc cache names for large sizes
UPSTREAM: mm, proc: add KReclaimable to /proc/meminfo
UPSTREAM: mm: rename and change semantics of nr_indirectly_reclaimable_bytes
UPSTREAM: dcache: allocate external names from reclaimable kmalloc caches
UPSTREAM: mm, slab/slub: introduce kmalloc-reclaimable caches
UPSTREAM: mm, slab: combine kmalloc_caches and kmalloc_dma_caches
ANDROID: abi update for 4.19.89
ANDROID: update abi_gki_aarch64.xml for LTO, CFI, and SCS
ANDROID: gki_defconfig: enable LTO, CFI, and SCS
ANDROID: update abi_gki_aarch64.xml for CONFIG_GNSS
ANDROID: cuttlefish_defconfig: Enable CONFIG_GNSS
UPSTREAM: arm64: Validate tagged addresses in access_ok() called from kernel threads
ANDROID: mm: Throttle rss_stat tracepoint
UPSTREAM: mm: slub: really fix slab walking for init_on_free
ANDROID: update abi_gki_aarch64.xml for nf change
ANDROID: kbuild: limit LTO inlining
ANDROID: kbuild: merge module sections with LTO
ANDROID: netfilter: nf_nat: remove static from nf_nat_ipv4_fn
UPSTREAM: drm/client: remove the exporting of drm_client_close
ANDROID: f2fs: fix possible merge of unencrypted with encrypted I/O
UPSTREAM: binder: Add binder_proc logging to binderfs
UPSTREAM: binder: Make transaction_log available in binderfs
UPSTREAM: binder: Add stats, state and transactions files
UPSTREAM: binder: add a mount option to show global stats
UPSTREAM: binder: Validate the default binderfs device names.
UPSTREAM: binder: Add default binder devices through binderfs when configured
UPSTREAM: binder: fix CONFIG_ANDROID_BINDER_DEVICES
UPSTREAM: android: binder: use kstrdup instead of open-coding it
UPSTREAM: binderfs: remove separate device_initcall()
UPSTREAM: binderfs: respect limit on binder control creation
UPSTREAM: binderfs: switch from d_add() to d_instantiate()
UPSTREAM: binderfs: drop lock in binderfs_binder_ctl_create
UPSTREAM: binderfs: kill_litter_super() before cleanup
UPSTREAM: binderfs: rework binderfs_binder_device_create()
UPSTREAM: binderfs: rework binderfs_fill_super()
UPSTREAM: binderfs: prevent renaming the control dentry
UPSTREAM: binderfs: remove outdated comment
UPSTREAM: binderfs: fix error return code in binderfs_fill_super()
UPSTREAM: binderfs: handle !CONFIG_IPC_NS builds
UPSTREAM: binderfs: reserve devices for initial mount
UPSTREAM: binderfs: rename header to binderfs.h
UPSTREAM: binderfs: implement "max" mount option
UPSTREAM: binderfs: make each binderfs mount a new instance
UPSTREAM: binderfs: remove wrong kern_mount() call
UPSTREAM: binder: implement binderfs
UPSTREAM: binder: remove BINDER_DEBUG_ENTRY()
ANDROID: Don't base allmodconfig on gki_defconfig
ANDROID: Disable UNWINDER_ORC for allmodconfig
ANDROID: update abi_gki_aarch64.xml for 4.19.87
BACKPORT: ARM: 8905/1: Emit __gnu_mcount_nc when using Clang 10.0.0 or newer
ANDROID: update abi_gki_aarch64.xml
ANDROID: gki_defconfig: =m's applied for virtio configs in arm64
UPSTREAM: of: property: Add device link support for interrupt-parent, dmas and -gpio(s)
UPSTREAM: of: property: Add device link support for "iommu-map"
UPSTREAM: of: property: Fix the semantics of of_is_ancestor_of()
UPSTREAM: i2c: of: Populate fwnode in of_i2c_get_board_info()
UPSTREAM: driver core: Clarify documentation for fwnode_operations.add_links()
UPSTREAM: dt-bindings: arm: coresight: Add support for coresight-loses-context-with-cpu
BACKPORT: coresight: etm4x: Save/restore state across CPU low power states
ANDROID: Update ABI representation
ANDROID: gki_defconfig: IIO=y
f2fs: stop GC when the victim becomes fully valid
f2fs: expose main_blkaddr in sysfs
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
f2fs: show f2fs instance in printk_ratelimited
f2fs: fix potential overflow
f2fs: fix to update dir's i_pino during cross_rename
f2fs: support aligned pinned file
f2fs: avoid kernel panic on corruption test
f2fs: fix wrong description in document
f2fs: cache global IPU bio
f2fs: fix to avoid memory leakage in f2fs_listxattr
f2fs: check total_segments from devices in raw_super
f2fs: update multi-dev metadata in resize_fs
f2fs: mark recovery flag correctly in read_raw_super_block()
f2fs: fix to update time in lazytime mode
vfs: don't allow writes to swap files
mm: set S_SWAPFILE on blockdev swap devices
BACKPORT: ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang
ANDROID: update abi_gki_aarch64.xml for 4.19.87
ANDROID: gki_defconfig: FW_CACHE to no
FROMGIT: firmware_class: make firmware caching configurable
FROMLIST: arm64: implement Shadow Call Stack
FROMLIST: arm64: disable SCS for hypervisor code
BACKPORT: FROMLIST: arm64: vdso: disable Shadow Call Stack
FROMLIST: arm64: efi: restore x18 if it was corrupted
FROMLIST: arm64: preserve x18 when CPU is suspended
FROMLIST: arm64: reserve x18 from general allocation with SCS
FROMLIST: arm64: disable function graph tracing with SCS
FROMLIST: scs: add support for stack usage debugging
FROMLIST: scs: add accounting
FROMLIST: add support for Clang's Shadow Call Stack (SCS)
FROMLIST: arm64: kernel: avoid x18 in __cpu_soft_restart
FROMLIST: arm64: kvm: stop treating register x18 as caller save
FROMLIST: arm64/lib: copy_page: avoid x18 register in assembler code
FROMLIST: arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings
ANDROID: use non-canonical CFI jump tables
ANDROID: arm64: add __nocfi to __apply_alternatives
ANDROID: arm64: add __pa_function
ANDROID: arm64: allow ThinLTO to be selected
ANDROID: soc/tegra: disable ARCH_TEGRA_210_SOC with LTO
FROMLIST: arm64: fix alternatives with LLVM's integrated assembler
ANDROID: irqchip/gic-v3: rename gic_of_init to work around a ThinLTO+CFI bug
ANDROID: init: ensure initcall ordering with LTO
Revert "ANDROID: init: ensure initcall ordering with LTO"
ANDROID: add support for ThinLTO
ANDROID: clang: update to 10.0.1
ANDROID: gki_defconfig: enable CONFIG_REGULATOR_FIXED_VOLTAGE
ANDROID: gki_defconfig: removed CONFIG_PM_WAKELOCKS
ANDROID: gki_defconfig: enable CONFIG_IKHEADERS as m
FROMGIT: pinctrl: devicetree: Avoid taking direct reference to device name string
ANDROID: update abi_gki_aarch64.xml for 4.19.86 update
ANDROID: Update ABI representation
ANDROID: gki_defconfig: disable FUNCTION_TRACER
ANDROID: Update the ABI representation
ANDROID: update ABI representation
ANDROID: add unstripped modules to the distribution
FROMLIST: vsprintf: Inline call to ptr_to_hashval
UPSTREAM: rss_stat: Add support to detect RSS updates of external mm
UPSTREAM: mm: emit tracepoint when RSS changes
FROMGIT: driver core: Allow device link operations inside sync_state()
ANDROID: uid_sys_stats: avoid double accounting of dying threads
ANDROID: scsi: ufs-qcom: Enable BROKEN_CRYPTO quirk flag
ANDROID: scsi: ufs-hisi: Enable BROKEN_CRYPTO quirk flag
ANDROID: scsi: ufs: Add quirk bit for controllers that don't play well with inline crypto
ANDROID: scsi: ufs: UFS init should not require inline crypto
ANDROID: scsi: ufs: UFS crypto variant operations API
ANDROID: gki_defconfig: enable inline encryption
BACKPORT: FROMLIST: ext4: add inline encryption support
BACKPORT: FROMLIST: f2fs: add inline encryption support
BACKPORT: FROMLIST: fscrypt: add inline encryption support
BACKPORT: FROMLIST: scsi: ufs: Add inline encryption support to UFS
BACKPORT: FROMLIST: scsi: ufs: UFS crypto API
BACKPORT: FROMLIST: scsi: ufs: UFS driver v2.1 spec crypto additions
BACKPORT: FROMLIST: block: blk-crypto for Inline Encryption
ANDROID: block: Fix bio_crypt_should_process WARN_ON
BACKPORT: FROMLIST: block: Add encryption context to struct bio
BACKPORT: FROMLIST: block: Keyslot Manager for Inline Encryption
FROMLIST: f2fs: add support for IV_INO_LBLK_64 encryption policies
FROMLIST: ext4: add support for IV_INO_LBLK_64 encryption policies
BACKPORT: FROMLIST: fscrypt: add support for IV_INO_LBLK_64 policies
FROMLIST: fscrypt: zeroize fscrypt_info before freeing
FROMLIST: fscrypt: remove struct fscrypt_ctx
BACKPORT: FROMLIST: fscrypt: invoke crypto API for ESSIV handling
ANDROID: build kernels with llvm-nm and llvm-objcopy
ANDROID: Fix allmodconfig build with CC=clang
UPSTREAM: mm/page_poison: expose page_poisoning_enabled to kernel modules
FROMGIT: of: property: Add device link support for iommus, mboxes and io-channels
FROMGIT: of: property: Make it easy to add device links from DT properties
FROMGIT: of: property: Minor style clean up of of_link_to_phandle()
Revert "ANDROID: of/property: Add device link support for iommus"
ANDROID: Add allmodconfig build.configs for x86_64 and aarch64
ANDROID: fix allmodconfig build
ANDROID: nf: IDLETIMER: Fix possible use before initialization in idletimer_resume
BACKPORT: coresight: funnel: Support static funnel
BACKPORT:FROMGIT: coresight: replicator: Fix missing spin_lock_init()
BACKPORT:FROMGIT: coresight: funnel: Fix missing spin_lock_init()
BACKPORT:FROMGIT: coresight: Serialize enabling/disabling a link device.
UPSTREAM: coresight: tmc-etr: Add barrier packets when moving offset forward
UPSTREAM: coresight: tmc-etr: Decouple buffer sync and barrier packet insertion
UPSTREAM: coresight: tmc: Make memory width mask computation into a function
UPSTREAM: coresight: tmc-etr: Fix perf_data check
UPSTREAM: coresight: tmc-etr: Fix updating buffer in not-snapshot mode.
UPSTREAM: coresight: tmc-etr: Check if non-secure access is enabled
UPSTREAM: coresight: tmc-etr: Handle memory errors
BACKPORT: coresight: etr_buf: Consolidate refcount initialization
UPSTREAM: coresight: Fix DEBUG_LOCKS_WARN_ON for uninitialized attribute
UPSTREAM: coresight: Use coresight device names for sinks in PMU attribute
UPSTREAM: coresight: tmc-etr: alloc_perf_buf: Do not call smp_processor_id from preemptible
UPSTREAM: coresight: tmc-etr: Do not call smp_processor_id() from preemptible
UPSTREAM: coresight: perf: Don't set the truncated flag in snapshot mode
UPSTREAM: coresight: tmc-etf: Fix snapshot mode update function
UPSTREAM: coresight: tmc-etr: Properly set AUX buffer head in snapshot mode
UPSTREAM: coresight: tmc-etr: Add support for CPU-wide trace scenarios
UPSTREAM: coresight: tmc-etr: Allocate and free ETR memory buffers for CPU-wide scenarios
UPSTREAM: coresight: tmc-etr: Introduce the notion of IDR to ETR devices
UPSTREAM: coresight: tmc-etr: Introduce the notion of reference counting to ETR devices
UPSTREAM: coresight: tmc-etr: Introduce the notion of process ID to ETR devices
UPSTREAM: coresight: tmc-etr: Create per-thread buffer allocation function
UPSTREAM: coresight: tmc-etr: Refactor function tmc_etr_setup_perf_buf()
UPSTREAM: coresight: Communicate perf event to sink buffer allocation functions
UPSTREAM: coresight: perf: Refactor function free_event_data()
UPSTREAM: coresight: perf: Clean up function etm_setup_aux()
UPSTREAM: coresight: Properly address concurrency in sink::update() functions
UPSTREAM: coresight: Properly address errors in sink::disable() functions
UPSTREAM: coresight: Move reference counting inside sink drivers
UPSTREAM: coresight: Adding return code to sink::disable() operation
UPSTREAM: coresight: etm4x: Configure tracers to emit timestamps
UPSTREAM: coresight: etm4x: Skip selector pair 0
UPSTREAM: coresight: etm4x: Add kernel configuration for CONTEXTID
UPSTREAM: coresight: pmu: Adding ITRACE property to cs_etm PMU
UPSTREAM: coresight: tmc: Cleanup power management
UPSTREAM: coresight: Fix freeing up the coresight connections
UPSTREAM: coresight: tmc: Report DMA setup failures
UPSTREAM: coresight: catu: fix clang build warning
UPSTREAM: perf/core: Fix the address filtering fix
UPSTREAM: perf, pt, coresight: Fix address filters for vmas with non-zero offset
UPSTREAM: perf: Copy parent's address filter offsets on clone
UPSTREAM: coresight: Use event attributes for sink selection
UPSTREAM: coresight: perf: Add "sinks" group to PMU directory
UPSTREAM: coresight: etb10: Add support for CLAIM tag
UPSTREAM: coreisght: tmc: Claim device before use
UPSTREAM: coresight: dynamic-replicator: Claim device for use
UPSTREAM: coresight: funnel: Claim devices before use
UPSTREAM: coresight: etmx: Claim devices before use
UPSTREAM: coresight: Add support for CLAIM tag protocol
UPSTREAM: coresight: dynamic-replicator: Handle multiple connections
UPSTREAM: coresight: etb10: Handle errors enabling the device
UPSTREAM: coresight: etm3: Add support for handling errors
UPSTREAM: coresight: etm4x: Add support for handling errors
UPSTREAM: coresight: tmc-etb/etf: Prepare to handle errors enabling
UPSTREAM: coresight: tmc-etr: Handle errors enabling CATU
UPSTREAM: coresight: tmc-etr: Refactor for handling errors
UPSTREAM: coresight: Handle failures in enabling a trace path
UPSTREAM: coresight: tmc: Fix byte-address alignment for RRP
UPSTREAM: coresight: etm4x: Configure EL2 exception level when kernel is running in HYP
UPSTREAM: coresight: etb10: Splitting function etb_enable()
UPSTREAM: coresight: etb10: Refactor etb_drvdata::mode handling
UPSTREAM: coresight: etm-perf: Add support for ETR backend
UPSTREAM: coresight: perf: Remove set_buffer call back
UPSTREAM: coresight: perf: Add helper to retrieve sink configuration
UPSTREAM: coresight: perf: Remove reset_buffer call back for sinks
UPSTREAM: coresight: Convert driver messages to dev_dbg
UPSTREAM: coresight: tmc-etr: Relax collection of trace from sysfs mode
UPSTREAM: coresight: tmc-etr: Handle driver mode specific ETR buffers
UPSTREAM: coresight: perf: Disable trace path upon source error
UPSTREAM: coresight: perf: Allow tracing on hotplugged CPUs
UPSTREAM: coresight: perf: Avoid unncessary CPU hotplug read lock
UPSTREAM: coresight: perf: Fix per cpu path management
UPSTREAM: coresight: Fix handling of sinks
UPSTREAM: coresight: Use ERR_CAST instead of ERR_PTR
UPSTREAM: coresight: Fix remote endpoint parsing
UPSTREAM: coresight: platform: Fix leaking device reference
UPSTREAM: coresight: platform: Fix refcounting for graph nodes
UPSTREAM: coresight: platform: Refactor graph endpoint parsing
UPSTREAM: coresight: Document error handling in coresight_register
ANDROID: regression introduced override_creds=off
ANDROID: overlayfs: internal getxattr operations without sepolicy checking
ANDROID: overlayfs: add __get xattr method
ANDROID: Add optional __get xattr method paired to __vfs_getxattr
UPSTREAM: scsi: ufs: override auto suspend tunables for ufs
UPSTREAM: scsi: core: allow auto suspend override by low-level driver
FROMGIT: of: property: Skip adding device links to suppliers that aren't devices
ANDROID: gki_defconfig: enable CONFIG_KEYBOARD_GPIO
UPSTREAM: dm bufio: introduce a global cache replacement
UPSTREAM: dm bufio: remove old-style buffer cleanup
UPSTREAM: dm bufio: introduce a global queue
UPSTREAM: dm bufio: refactor adjust_total_allocated
UPSTREAM: dm bufio: call adjust_total_allocated from __link_buffer and __unlink_buffer
ANDROID: dummy_cpufreq: Implement get()
ANDROID: gki_defconfig: enable CONFIG_CPUSETS
ANDROID: virtio: virtio_input: Set the amount of multitouch slots in virtio input
rtlwifi: Fix potential overflow on P2P code
ANDROID: cpufreq: create dummy cpufreq driver
ANDROID: Allow DRM_IOCTL_MODE_*_DUMB for render clients.
Cuttlefish Wifi: Add data ops in virt_wifi driver for scan data simulation
ANDROID: of: property: Enable of_devlink by default
ANDROID: of: property: Make sure child dependencies don't block probing of parent
ANDROID: driver core: Allow fwnode_operations.add_links to differentiate errors
ANDROID: driver core: Allow a device to wait on optional suppliers
ANDROID: driver core: Add device link support for SYNC_STATE_ONLY flag
FROMGIT: docs: driver-model: Add documentation for sync_state
FROMGIT: driver: core: Improve documentation for fwnode_operations.add_links()
FROMGIT: of: property: Minor code formatting/style clean ups
ANDROID: of/property: Add device link support for iommus
ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
BACKPORT: arm64: tags: Preserve tags for addresses translated via TTBR1
UPSTREAM: arm64: memory: Implement __tag_set() as common function
UPSTREAM: arm64/mm: fix variable 'tag' set but not used
UPSTREAM: arm64: avoid clang warning about self-assignment
ANDROID: sdcardfs: evict dentries on fscrypt key removal
ANDROID: fscrypt: add key removal notifier chain
ANDROID: refactor build.config files to remove duplication
ANDROID: Move from clang r353983c to r365631c
ANDROID: gki_defconfig: remove PWRSEQ_EMMC and PWRSEQ_SIMPLE
ANDROID: unconditionally compile sig_ok in struct module
ANDROID: gki_defconfig: enable fs-verity
UPSTREAM: mm: vmalloc: show number of vmalloc pages in /proc/meminfo
BACKPORT: PM/sleep: Expose suspend stats in sysfs
UPSTREAM: power: supply: Init device wakeup after device_add()
UPSTREAM: PM / wakeup: Unexport wakeup_source_sysfs_{add,remove}()
UPSTREAM: PM / wakeup: Register wakeup class kobj after device is added
UPSTREAM: PM / wakeup: Fix sysfs registration error path
UPSTREAM: PM / wakeup: Show wakeup sources stats in sysfs
UPSTREAM: PM / wakeup: Use wakeup_source_register() in wakelock.c
UPSTREAM: PM / wakeup: Drop wakeup_source_init(), wakeup_source_prepare()
UPSTREAM: PM / wakeup: Drop wakeup_source_drop()
UPSTREAM: PM / core: Add support to skip power management in device/driver model
gki_defconfig: Enable CONFIG_DM_SNAPSHOT
ANDROID: gki_defconfig: enable accelerated AES and SHA-256
ANDROID: fix overflow in /proc/uid_cputime/remove_uid_range
ANDROID: kasan: fix has_attribute check on older GCC versions
ANDROID: gki_defconfig: enable CONFIG_PARAVIRT and CONFIG_HYPERVISOR_GUEST
ANDROID: gki_defconfig: enable CONFIG_NLS_*
ANDROID: gki_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
FROMGIT: of: property: Create device links for all child-supplier depencencies
FROMGIT: of/platform: Pause/resume sync state during init and of_platform_populate()
BACKPORT: FROMGIT: driver core: Add sync_state driver/bus callback
BACKPORT: FROMGIT: of: property: Add functional dependency link from DT bindings
FROMGIT: driver core: Add support for linking devices during device addition
FROMGIT: driver core: Add fwnode_to_dev() to look up device from fwnode
UPSTREAM: mm: untag user pointers in mmap/munmap/mremap/brk
UPSTREAM: vfio/type1: untag user pointers in vaddr_get_pfn
UPSTREAM: tee/shm: untag user pointers in tee_shm_register
UPSTREAM: media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get
UPSTREAM: drm/radeon: untag user pointers in radeon_gem_userptr_ioctl
BACKPORT: drm/amdgpu: untag user pointers
UPSTREAM: userfaultfd: untag user pointers
UPSTREAM: fs/namespace: untag user pointers in copy_mount_options
UPSTREAM: mm: untag user pointers in get_vaddr_frames
UPSTREAM: mm: untag user pointers in mm/gup.c
UPSTREAM: mm: untag user pointers passed to memory syscalls
BACKPORT: lib: untag user pointers in strn*_user
UPSTREAM: arm64: Fix reference to docs for ARM64_TAGGED_ADDR_ABI
UPSTREAM: selftests, arm64: add kernel headers path for tags_test
BACKPORT: arm64: Relax Documentation/arm64/tagged-pointers.rst
UPSTREAM: arm64: Define Documentation/arm64/tagged-address-abi.rst
UPSTREAM: arm64: Change the tagged_addr sysctl control semantics to only prevent the opt-in
UPSTREAM: arm64: Tighten the PR_{SET, GET}_TAGGED_ADDR_CTRL prctl() unused arguments
UPSTREAM: selftests, arm64: fix uninitialized symbol in tags_test.c
UPSTREAM: arm64: mm: Really fix sparse warning in untagged_addr()
UPSTREAM: selftests, arm64: add a selftest for passing tagged pointers to kernel
BACKPORT: arm64: Introduce prctl() options to control the tagged user addresses ABI
UPSTREAM: arm64: untag user pointers in access_ok and __uaccess_mask_ptr
UPSTREAM: uaccess: add noop untagged_addr definition
BACKPORT: block: annotate refault stalls from IO submission
f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
f2fs: fix to add missing F2FS_IO_ALIGNED() condition
f2fs: fix to fallback to buffered IO in IO aligned mode
f2fs: fix to handle error path correctly in f2fs_map_blocks
f2fs: fix extent corrupotion during directIO in LFS mode
f2fs: check all the data segments against all node ones
f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
f2fs: fix inode rwsem regression
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
f2fs: avoid infinite GC loop due to stale atomic files
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: convert inline_data in prior to i_size_write
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: add missing documents of reserve_root/resuid/resgid
f2fs: fix flushing node pages when checkpoint is disabled
f2fs: enhance f2fs_is_checkpoint_ready()'s readability
f2fs: clean up __bio_alloc()'s parameter
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix to writeout dirty inode during node flush
f2fs: optimize case-insensitive lookups
f2fs: introduce f2fs_match_name() for cleanup
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: allocate memory in batch in build_sit_info()
f2fs: support FS_IOC_{GET,SET}FSLABEL
f2fs: fix to avoid data corruption by forbidding SSR overwrite
f2fs: Fix build error while CONFIG_NLS=m
Revert "f2fs: avoid out-of-range memory access"
f2fs: cleanup the code in build_sit_entries.
f2fs: fix wrong available node count calculation
f2fs: remove duplicate code in f2fs_file_write_iter
f2fs: fix to migrate blocks correctly during defragment
f2fs: use wrapped f2fs_cp_error()
f2fs: fix to use more generic EOPNOTSUPP
f2fs: use wrapped IS_SWAPFILE()
f2fs: Support case-insensitive file name lookups
f2fs: include charset encoding information in the superblock
fs: Reserve flag for casefolding
f2fs: fix to avoid call kvfree under spinlock
fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
f2fs: disallow direct IO in atomic write
f2fs: fix to handle quota_{on,off} correctly
f2fs: fix to detect cp error in f2fs_setxattr()
f2fs: fix to spread f2fs_is_checkpoint_ready()
f2fs: support fiemap() for directory inode
f2fs: fix to avoid discard command leak
f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
f2fs: fix to drop meta/node pages during umount
f2fs: disallow switching io_bits option during remount
f2fs: fix panic of IO alignment feature
f2fs: introduce {page,io}_is_mergeable() for readability
f2fs: fix livelock in swapfile writes
f2fs: add fs-verity support
ext4: update on-disk format documentation for fs-verity
ext4: add fs-verity read support
ext4: add basic fs-verity support
fs-verity: support builtin file signatures
fs-verity: add SHA-512 support
fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
fs-verity: add data verification hooks for ->readpages()
fs-verity: add the hook for file ->setattr()
fs-verity: add the hook for file ->open()
fs-verity: add inode and superblock fields
fs-verity: add Kconfig and the helper functions for hashing
fs: uapi: define verity bit for FS_IOC_GETFLAGS
fs-verity: add UAPI header
fs-verity: add MAINTAINERS file entry
fs-verity: add a documentation file
ext4: fix kernel oops caused by spurious casefold flag
ext4: fix coverity warning on error path of filename setup
ext4: optimize case-insensitive lookups
ext4: fix dcache lookup of !casefolded directories
unicode: update to Unicode 12.1.0 final
unicode: add missing check for an error return from utf8lookup()
ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
unicode: refactor the rule for regenerating utf8data.h
ext4: Support case-insensitive file name lookups
ext4: include charset encoding information in the superblock
unicode: update unicode database unicode version 12.1.0
unicode: introduce test module for normalized utf8 implementation
unicode: implement higher level API for string handling
unicode: reduce the size of utf8data[]
unicode: introduce code for UTF-8 normalization
unicode: introduce UTF-8 character database
ext4 crypto: fix to check feature status before get policy
fscrypt: document the new ioctls and policy version
ubifs: wire up new fscrypt ioctls
f2fs: wire up new fscrypt ioctls
ext4: wire up new fscrypt ioctls
fscrypt: require that key be added when setting a v2 encryption policy
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
fscrypt: allow unprivileged users to add/remove keys for v2 policies
fscrypt: v2 encryption policy support
fscrypt: add an HKDF-SHA512 implementation
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
fscrypt: rename keyinfo.c to keysetup.c
fscrypt: move v1 policy key setup to keysetup_v1.c
fscrypt: refactor key setup code in preparation for v2 policies
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
fscrypt: add ->ci_inode to fscrypt_info
fscrypt: use FSCRYPT_* definitions, not FS_*
fscrypt: use FSCRYPT_ prefix for uapi constants
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
fscrypt: use ENOPKG when crypto API support missing
fscrypt: improve warnings for missing crypto API support
fscrypt: improve warning messages for unsupported encryption contexts
fscrypt: make fscrypt_msg() take inode instead of super_block
fscrypt: clean up base64 encoding/decoding
fscrypt: remove loadable module related code
Updated following files to fix build errors:
drivers/gpu/msm/kgsl_pool.c
drivers/hwtracing/coresight/coresight-dummy.c
drivers/iommu/dma-mapping-fast.c
drivers/iommu/io-pgtable-fast.c
drivers/iommu/io-pgtable-msm-secure.c
kernel/taskstats.c
mm/vmalloc.c
security/selinux/ss/sidtab.h
Conflicts:
arch/arm/Makefile
arch/arm64/Kconfig
arch/x86/include/asm/syscall_wrapper.h
build.config.common
drivers/clk/clk.c
drivers/hwtracing/coresight/coresight-etm-perf.c
drivers/hwtracing/coresight/coresight-funnel.c
drivers/hwtracing/coresight/coresight-tmc-etf.c
drivers/hwtracing/coresight/coresight-tmc-etr.c
drivers/hwtracing/coresight/coresight-tmc.c
drivers/hwtracing/coresight/coresight-tmc.h
drivers/hwtracing/coresight/coresight.c
drivers/hwtracing/coresight/of_coresight.c
drivers/iommu/arm-smmu.c
drivers/iommu/io-pgtable-arm.c
drivers/iommu/io-pgtable.c
drivers/scsi/scsi_sysfs.c
drivers/scsi/sd.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/staging/android/ion/ion.c
drivers/staging/android/ion/ion.h
drivers/staging/android/ion/ion_page_pool.c
fs/ext4/readpage.c
fs/f2fs/data.c
fs/f2fs/f2fs.h
fs/f2fs/file.c
fs/f2fs/segment.c
fs/f2fs/super.c
include/linux/clk-provider.h
include/linux/compiler_types.h
include/linux/coresight.h
include/linux/mmzone.h
include/scsi/scsi_device.h
include/trace/events/kmem.h
kernel/events/core.c
kernel/sched/core.c
mm/vmstat.c
Change-Id: I2eca52b08b484f2b5c30437671cab8cb0195b8d6
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Joel Fernandes (Google)
|
89ae5a7cad |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: Resolved conflicts with existing code, and folded in upstream ae79d5588a04 (perf/core: Fix !CONFIG_PERF_EVENTS build warnings and failures). This should fix the build errors from the previous backport attempt, where certain configurations would end up with functions referring to the perf_event struct prior to its declaration (and therefore declaring it with a different scope). ] Bug: 137092007 Signed-off-by: Ryan Savitski <rsavitski@google.com> Change-Id: Ief8c669083c81f4ea2fa75d5c0d947d19ea741b3 |
||
|
Greg Kroah-Hartman
|
58fd41cb2d |
Revert "BACKPORT: perf_event: Add support for LSM and SELinux checks"
This reverts commit
|
||
|
Joel Fernandes (Google)
|
8af21ac176 |
BACKPORT: perf_event: Add support for LSM and SELinux checks
In current mainline, the degree of access to perf_event_open(2) system call depends on the perf_event_paranoid sysctl. This has a number of limitations: 1. The sysctl is only a single value. Many types of accesses are controlled based on the single value thus making the control very limited and coarse grained. 2. The sysctl is global, so if the sysctl is changed, then that means all processes get access to perf_event_open(2) opening the door to security issues. This patch adds LSM and SELinux access checking which will be used in Android to access perf_event_open(2) for the purposes of attaching BPF programs to tracepoints, perf profiling and other operations from userspace. These operations are intended for production systems. 5 new LSM hooks are added: 1. perf_event_open: This controls access during the perf_event_open(2) syscall itself. The hook is called from all the places that the perf_event_paranoid sysctl is checked to keep it consistent with the systctl. The hook gets passed a 'type' argument which controls CPU, kernel and tracepoint accesses (in this context, CPU, kernel and tracepoint have the same semantics as the perf_event_paranoid sysctl). Additionally, I added an 'open' type which is similar to perf_event_paranoid sysctl == 3 patch carried in Android and several other distros but was rejected in mainline [1] in 2016. 2. perf_event_alloc: This allocates a new security object for the event which stores the current SID within the event. It will be useful when the perf event's FD is passed through IPC to another process which may try to read the FD. Appropriate security checks will limit access. 3. perf_event_free: Called when the event is closed. 4. perf_event_read: Called from the read(2) and mmap(2) syscalls for the event. 5. perf_event_write: Called from the ioctl(2) syscalls for the event. [1] https://lwn.net/Articles/696240/ Since Peter had suggest LSM hooks in 2016 [1], I am adding his Suggested-by tag below. To use this patch, we set the perf_event_paranoid sysctl to -1 and then apply selinux checking as appropriate (default deny everything, and then add policy rules to give access to domains that need it). In the future we can remove the perf_event_paranoid sysctl altogether. Suggested-by: Peter Zijlstra <peterz@infradead.org> Co-developed-by: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: James Morris <jmorris@namei.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: rostedt@goodmis.org Cc: Yonghong Song <yhs@fb.com> Cc: Kees Cook <keescook@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: jeffv@google.com Cc: Jiri Olsa <jolsa@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: primiano@google.com Cc: Song Liu <songliubraving@fb.com> Cc: rsavitski@google.com Cc: Namhyung Kim <namhyung@kernel.org> Cc: Matthew Garrett <matthewgarrett@google.com> Link: https://lkml.kernel.org/r/20191014170308.70668-1-joel@joelfernandes.org Bug: 137092007 Change-Id: I591c6ad6c82ab9133409e51383d2c9b9f6ae4545 (cherry picked from commit da97e18458fb42d7c00fac5fd1c56a3896ec666e) [ Ryan Savitski: Resolved conflicts with existing code, no new functionality ] Signed-off-by: Ryan Savitski <rsavitski@google.com> |
||
|
Zhen Kong
|
ee7bdc62fd |
FBE: Add support for hardware based FBE on f2fs and adapt ext4 fs
This is a snapshot of the crypto drivers as of msm-4.14 commit 367c46b1 (Enable hardware based FBE on f2fs and adapt ext4 fs). Change-Id: Ifb52ed101d6e971c5823037f7895049b830c78c5 Signed-off-by: Zhen Kong <zkong@codeaurora.org> |
||
|
Linus Torvalds
|
92d4a03674 |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: - kstrdup() return value fix from Eric Biggers - Add new security_load_data hook to differentiate security checking of kernel-loaded binaries in the case of there being no associated file descriptor, from Mimi Zohar. - Add ability to IMA to specify a policy at build-time, rather than just via command line params or by loading a custom policy, from Mimi. - Allow IMA and LSMs to prevent sysfs firmware load fallback (e.g. if using signed firmware), from Mimi. - Allow IMA to deny loading of kexec kernel images, as they cannot be measured by IMA, from Mimi. * 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: security: check for kstrdup() failure in lsm_append() security: export security_kernel_load_data function ima: based on policy warn about loading firmware (pre-allocated buffer) module: replace the existing LSM hook in init_module ima: add build time policy ima: based on policy require signed firmware (sysfs fallback) firmware: add call to LSM hook before firmware sysfs fallback ima: based on policy require signed kexec kernel images kexec: add call to LSM hook in original kexec_load syscall security: define new LSM hook named security_kernel_load_data MAINTAINERS: remove the outdated "LINUX SECURITY MODULE (LSM) FRAMEWORK" entry |
||
|
Mimi Zohar
|
377179cd28 |
security: define new LSM hook named security_kernel_load_data
Differentiate between the kernel reading a file specified by userspace from the kernel loading a buffer containing data provided by userspace. This patch defines a new LSM hook named security_kernel_load_data(). Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: Eric Biederman <ebiederm@xmission.com> Cc: Luis R. Rodriguez <mcgrof@kernel.org> Cc: Kees Cook <keescook@chromium.org> Cc: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Serge Hallyn <serge@hallyn.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.morris@microsoft.com> |
||
|
Al Viro
|
e3f20ae210 |
security_file_open(): lose cred argument
Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
David Herrmann
|
aae7cfcbb7 |
security: add hook for socketpair()
Right now the LSM labels for socketpairs are always uninitialized, since there is no security hook for the socketpair() syscall. This patch adds the required hooks so LSMs can properly label socketpairs. This allows SO_PEERSEC to return useful information on those sockets. Note that the behavior of socketpair() can be emulated by creating a listener socket, connecting to it, and then discarding the initial listener socket. With this workaround, SO_PEERSEC would return the caller's security context. However, with socketpair(), the uninitialized context is returned unconditionally. This is unexpected and makes socketpair() less useful in situations where the security context is crucial to the application. With the new socketpair-hook this disparity can be solved by making socketpair() return the expected security context. Acked-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: Tom Gundersen <teg@jklm.no> Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Signed-off-by: James Morris <james.morris@microsoft.com> |
||
|
James Morris
|
b393a707c8 |
Merge tag 'v4.17-rc2' into next-general
Sync to Linux 4.17-rc2 for developers. |
||
|
Sargun Dhillon
|
e59644b720 |
security: remove security_settime
security_settime was a wrapper around security_settime64. There are no more
users of it. Therefore it can be removed. It was removed in:
commit
|
||
|
Linus Torvalds
|
f8cf2f16a7 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull integrity updates from James Morris:
"A mixture of bug fixes, code cleanup, and continues to close
IMA-measurement, IMA-appraisal, and IMA-audit gaps.
Also note the addition of a new cred_getsecid LSM hook by Matthew
Garrett:
For IMA purposes, we want to be able to obtain the prepared secid
in the bprm structure before the credentials are committed. Add a
cred_getsecid hook that makes this possible.
which is used by a new CREDS_CHECK target in IMA:
In ima_bprm_check(), check with both the existing process
credentials and the credentials that will be committed when the new
process is started. This will not change behaviour unless the
system policy is extended to include CREDS_CHECK targets -
BPRM_CHECK will continue to check the same credentials that it did
previously"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
ima: Fallback to the builtin hash algorithm
ima: Add smackfs to the default appraise/measure list
evm: check for remount ro in progress before writing
ima: Improvements in ima_appraise_measurement()
ima: Simplify ima_eventsig_init()
integrity: Remove unused macro IMA_ACTION_RULE_FLAGS
ima: drop vla in ima_audit_measurement()
ima: Fix Kconfig to select TPM 2.0 CRB interface
evm: Constify *integrity_status_msg[]
evm: Move evm_hmac and evm_hash from evm_main.c to evm_crypto.c
fuse: define the filesystem as untrusted
ima: fail signature verification based on policy
ima: clear IMA_HASH
ima: re-evaluate files on privileged mounted filesystems
ima: fail file signature verification on non-init mounted filesystems
IMA: Support using new creds in appraisal policy
security: Add a cred_getsecid hook
|
||
|
Linus Torvalds
|
3612605a5a |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull general security layer updates from James Morris: - Convert security hooks from list to hlist, a nice cleanup, saving about 50% of space, from Sargun Dhillon. - Only pass the cred, not the secid, to kill_pid_info_as_cred and security_task_kill (as the secid can be determined from the cred), from Stephen Smalley. - Close a potential race in kernel_read_file(), by making the file unwritable before calling the LSM check (vs after), from Kees Cook. * 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: security: convert security hooks to use hlist exec: Set file unwritable before LSM check usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as_cred and security_task_kill |
||
|
Linus Torvalds
|
9eda2d2dca |
Merge tag 'selinux-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull SELinux updates from Paul Moore:
"A bigger than usual pull request for SELinux, 13 patches (lucky!)
along with a scary looking diffstat.
Although if you look a bit closer, excluding the usual minor
tweaks/fixes, there are really only two significant changes in this
pull request: the addition of proper SELinux access controls for SCTP
and the encapsulation of a lot of internal SELinux state.
The SCTP changes are the result of a multi-month effort (maybe even a
year or longer?) between the SELinux folks and the SCTP folks to add
proper SELinux controls. A special thanks go to Richard for seeing
this through and keeping the effort moving forward.
The state encapsulation work is a bit of janitorial work that came out
of some early work on SELinux namespacing. The question of namespacing
is still an open one, but I believe there is some real value in the
encapsulation work so we've split that out and are now sending that up
to you"
* tag 'selinux-pr-20180403' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: wrap AVC state
selinux: wrap selinuxfs state
selinux: fix handling of uninitialized selinux state in get_bools/classes
selinux: Update SELinux SCTP documentation
selinux: Fix ltp test connect-syscall failure
selinux: rename the {is,set}_enforcing() functions
selinux: wrap global selinux state
selinux: fix typo in selinux_netlbl_sctp_sk_clone declaration
selinux: Add SCTP support
sctp: Add LSM hooks
sctp: Add ip option support
security: Add support for SCTP security hooks
netlabel: If PF_INET6, check sk_buff ip header version
|
||
|
Matthew Garrett
|
3ec3011326 |
security: Add a cred_getsecid hook
For IMA purposes, we want to be able to obtain the prepared secid in the bprm structure before the credentials are committed. Add a cred_getsecid hook that makes this possible. Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Paul Moore <paul@paul-moore.com> Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> |
||
|
Eric W. Biederman
|
d8c6e85432 |
msg/security: Pass kern_ipc_perm not msg_queue into the msg_queue security hooks
All of the implementations of security hooks that take msg_queue only access q_perm the struct kern_ipc_perm member. This means the dependencies of the msg_queue security hooks can be simplified by passing the kern_ipc_perm member of msg_queue. Making this change will allow struct msg_queue to become private to ipc/msg.c. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Eric W. Biederman
|
7191adff2a |
shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooks
All of the implementations of security hooks that take shmid_kernel only access shm_perm the struct kern_ipc_perm member. This means the dependencies of the shm security hooks can be simplified by passing the kern_ipc_perm member of shmid_kernel.. Making this change will allow struct shmid_kernel to become private to ipc/shm.c. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Eric W. Biederman
|
aefad9593e |
sem/security: Pass kern_ipc_perm not sem_array into the sem security hooks
All of the implementations of security hooks that take sem_array only access sem_perm the struct kern_ipc_perm member. This means the dependencies of the sem security hooks can be simplified by passing the kern_ipc_perm member of sem_array. Making this change will allow struct sem and struct sem_array to become private to ipc/sem.c. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Stephen Smalley
|
6b4f3d0105 |
usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as_cred and security_task_kill
commit
|
||
|
Richard Haines
|
72e89f5008 |
security: Add support for SCTP security hooks
The SCTP security hooks are explained in: Documentation/security/LSM-sctp.rst Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Jakub Kicinski
|
1495dc9f0a |
security: bpf: replace include of linux/bpf.h with forward declarations
Touching linux/bpf.h makes us rebuild a surprisingly large portion of the kernel. Remove the unnecessary dependency from security.h, it only needs forward declarations. Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Chenbo Feng
|
afdb09c720 |
security: bpf: Add LSM hooks for bpf object related syscall
Introduce several LSM hooks for the syscalls that will allow the userspace to access to eBPF object such as eBPF programs and eBPF maps. The security check is aimed to enforce a per object security protection for eBPF object so only processes with the right priviliges can read/write to a specific map or use a specific eBPF program. Besides that, a general security hook is added before the multiplexer of bpf syscall to check the cmd and the attribute used for the command. The actual security module can decide which command need to be checked and how the cmd should be checked. Signed-off-by: Chenbo Feng <fengc@google.com> Acked-by: James Morris <james.l.morris@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|
Linus Torvalds
|
7f85565a3f |
Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore: "A relatively quiet period for SELinux, 11 patches with only two/three having any substantive changes. These noteworthy changes include another tweak to the NNP/nosuid handling, per-file labeling for cgroups, and an object class fix for AF_UNIX/SOCK_RAW sockets; the rest of the changes are minor tweaks or administrative updates (Stephen's email update explains the file explosion in the diffstat). Everything passes the selinux-testsuite" [ Also a couple of small patches from the security tree from Tetsuo Handa for Tomoyo and LSM cleanup. The separation of security policy updates wasn't all that clean - Linus ] * tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: constify nf_hook_ops selinux: allow per-file labeling for cgroupfs lsm_audit: update my email address selinux: update my email address MAINTAINERS: update the NetLabel and Labeled Networking information selinux: use GFP_NOWAIT in the AVC kmem_caches selinux: Generalize support for NNP/nosuid SELinux domain transitions selinux: genheaders should fail if too many permissions are defined selinux: update the selinux info in MAINTAINERS credits: update Paul Moore's info selinux: Assign proper class to PF_UNIX/SOCK_RAW sockets tomoyo: Update URLs in Documentation/admin-guide/LSM/tomoyo.rst LSM: Remove security_task_create() hook. |
||
|
Linus Torvalds
|
dd198ce714 |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace updates from Eric Biederman:
"Life has been busy and I have not gotten half as much done this round
as I would have liked. I delayed it so that a minor conflict
resolution with the mips tree could spend a little time in linux-next
before I sent this pull request.
This includes two long delayed user namespace changes from Kirill
Tkhai. It also includes a very useful change from Serge Hallyn that
allows the security capability attribute to be used inside of user
namespaces. The practical effect of this is people can now untar
tarballs and install rpms in user namespaces. It had been suggested to
generalize this and encode some of the namespace information
information in the xattr name. Upon close inspection that makes the
things that should be hard easy and the things that should be easy
more expensive.
Then there is my bugfix/cleanup for signal injection that removes the
magic encoding of the siginfo union member from the kernel internal
si_code. The mips folks reported the case where I had used FPE_FIXME
me is impossible so I have remove FPE_FIXME from mips, while at the
same time including a return statement in that case to keep gcc from
complaining about unitialized variables.
I almost finished the work to get make copy_siginfo_to_user a trivial
copy to user. The code is available at:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git neuter-copy_siginfo_to_user-v3
But I did not have time/energy to get the code posted and reviewed
before the merge window opened.
I was able to see that the security excuse for just copying fields
that we know are initialized doesn't work in practice there are buggy
initializations that don't initialize the proper fields in siginfo. So
we still sometimes copy unitialized data to userspace"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
Introduce v3 namespaced file capabilities
mips/signal: In force_fcr31_sig return in the impossible case
signal: Remove kernel interal si_code magic
fcntl: Don't use ambiguous SIG_POLL si_codes
prctl: Allow local CAP_SYS_ADMIN changing exe_file
security: Use user_namespace::level to avoid redundant iterations in cap_capable()
userns,pidns: Verify the userns for new pid namespaces
signal/testing: Don't look for __SI_FAULT in userspace
signal/mips: Document a conflict with SI_USER with SIGFPE
signal/sparc: Document a conflict with SI_USER with SIGFPE
signal/ia64: Document a conflict with SI_USER with SIGFPE
signal/alpha: Document a conflict with SI_USER for SIGTRAP
|
||
|
Serge E. Hallyn
|
8db6c34f1d |
Introduce v3 namespaced file capabilities
Root in a non-initial user ns cannot be trusted to write a traditional
security.capability xattr. If it were allowed to do so, then any
unprivileged user on the host could map his own uid to root in a private
namespace, write the xattr, and execute the file with privilege on the
host.
However supporting file capabilities in a user namespace is very
desirable. Not doing so means that any programs designed to run with
limited privilege must continue to support other methods of gaining and
dropping privilege. For instance a program installer must detect
whether file capabilities can be assigned, and assign them if so but set
setuid-root otherwise. The program in turn must know how to drop
partial capabilities, and do so only if setuid-root.
This patch introduces v3 of the security.capability xattr. It builds a
vfs_ns_cap_data struct by appending a uid_t rootid to struct
vfs_cap_data. This is the absolute uid_t (that is, the uid_t in user
namespace which mounted the filesystem, usually init_user_ns) of the
root id in whose namespaces the file capabilities may take effect.
When a task asks to write a v2 security.capability xattr, if it is
privileged with respect to the userns which mounted the filesystem, then
nothing should change. Otherwise, the kernel will transparently rewrite
the xattr as a v3 with the appropriate rootid. This is done during the
execution of setxattr() to catch user-space-initiated capability writes.
Subsequently, any task executing the file which has the noted kuid as
its root uid, or which is in a descendent user_ns of such a user_ns,
will run the file with capabilities.
Similarly when asking to read file capabilities, a v3 capability will
be presented as v2 if it applies to the caller's namespace.
If a task writes a v3 security.capability, then it can provide a uid for
the xattr so long as the uid is valid in its own user namespace, and it
is privileged with CAP_SETFCAP over its namespace. The kernel will
translate that rootid to an absolute uid, and write that to disk. After
this, a task in the writer's namespace will not be able to use those
capabilities (unless rootid was 0), but a task in a namespace where the
given uid is root will.
Only a single security.capability xattr may exist at a time for a given
file. A task may overwrite an existing xattr so long as it is
privileged over the inode. Note this is a departure from previous
semantics, which required privilege to remove a security.capability
xattr. This check can be re-added if deemed useful.
This allows a simple setxattr to work, allows tar/untar to work, and
allows us to tar in one namespace and untar in another while preserving
the capability, without risking leaking privilege into a parent
namespace.
Example using tar:
$ cp /bin/sleep sleepx
$ mkdir b1 b2
$ lxc-usernsexec -m b:0:100000:1 -m b:1:$(id -u):1 -- chown 0:0 b1
$ lxc-usernsexec -m b:0:100001:1 -m b:1:$(id -u):1 -- chown 0:0 b2
$ lxc-usernsexec -m b:0:100000:1000 -- tar --xattrs-include=security.capability --xattrs -cf b1/sleepx.tar sleepx
$ lxc-usernsexec -m b:0:100001:1000 -- tar --xattrs-include=security.capability --xattrs -C b2 -xf b1/sleepx.tar
$ lxc-usernsexec -m b:0:100001:1000 -- getcap b2/sleepx
b2/sleepx = cap_sys_admin+ep
# /opt/ltp/testcases/bin/getv3xattr b2/sleepx
v3 xattr, rootid is 100001
A patch to linux-test-project adding a new set of tests for this
functionality is in the nsfscaps branch at github.com/hallyn/ltp
Changelog:
Nov 02 2016: fix invalid check at refuse_fcap_overwrite()
Nov 07 2016: convert rootid from and to fs user_ns
(From ebiederm: mar 28 2017)
commoncap.c: fix typos - s/v4/v3
get_vfs_caps_from_disk: clarify the fs_ns root access check
nsfscaps: change the code split for cap_inode_setxattr()
Apr 09 2017:
don't return v3 cap for caps owned by current root.
return a v2 cap for a true v2 cap in non-init ns
Apr 18 2017:
. Change the flow of fscap writing to support s_user_ns writing.
. Remove refuse_fcap_overwrite(). The value of the previous
xattr doesn't matter.
Apr 24 2017:
. incorporate Eric's incremental diff
. move cap_convert_nscap to setxattr and simplify its usage
May 8, 2017:
. fix leaking dentry refcount in cap_inode_getsecurity
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
|
||
|
Kees Cook
|
2af6228026 |
LSM: drop bprm_secureexec hook
This removes the bprm_secureexec hook since the logic has been folded into the bprm_set_creds hook for all LSMs now. Cc: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: John Johansen <john.johansen@canonical.com> Acked-by: James Morris <james.l.morris@oracle.com> Acked-by: Serge Hallyn <serge@hallyn.com> |
||
|
Kees Cook
|
46d98eb4e1 |
commoncap: Refactor to remove bprm_secureexec hook
The commoncap implementation of the bprm_secureexec hook is the only LSM that depends on the final call to its bprm_set_creds hook (since it may be called for multiple files, it ignores bprm->called_set_creds). As a result, it cannot safely _clear_ bprm->secureexec since other LSMs may have set it. Instead, remove the bprm_secureexec hook by introducing a new flag to bprm specific to commoncap: cap_elevated. This is similar to cap_effective, but that is used for a specific subset of elevated privileges, and exists solely to track state from bprm_set_creds to bprm_secureexec. As such, it will be removed in the next patch. Here, set the new bprm->cap_elevated flag when setuid/setgid has happened from bprm_fill_uid() or fscapabilities have been prepared. This temporarily moves the bprm_secureexec hook to a static inline. The helper will be removed in the next patch; this makes the step easier to review and bisect, since this does not introduce any changes to inputs nor outputs to the "elevated privileges" calculation. The new flag is merged with the bprm->secureexec flag in setup_new_exec() since this marks the end of any further prepare_binprm() calls. Cc: Andy Lutomirski <luto@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Andy Lutomirski <luto@kernel.org> Acked-by: James Morris <james.l.morris@oracle.com> Acked-by: Serge Hallyn <serge@hallyn.com> |
||
|
Tetsuo Handa
|
3cf2993145 |
LSM: Remove security_task_create() hook.
Since commit
|
||
|
James Morris
|
5965453d5e | Merge branch 'stable-4.13' of git://git.infradead.org/users/pcmoore/selinux into next | ||
|
Scott Mayhew
|
0b4d3452b8 |
security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior
When an NFSv4 client performs a mount operation, it first mounts the NFSv4 root and then does path walk to the exported path and performs a submount on that, cloning the security mount options from the root's superblock to the submount's superblock in the process. Unless the NFS server has an explicit fsid=0 export with the "security_label" option, the NFSv4 root superblock will not have SBLABEL_MNT set, and neither will the submount superblock after cloning the security mount options. As a result, setxattr's of security labels over NFSv4.2 will fail. In a similar fashion, NFSv4.2 mounts mounted with the context= mount option will not show the correct labels because the nfs_server->caps flags of the cloned superblock will still have NFS_CAP_SECURITY_LABEL set. Allowing the NFSv4 client to enable or disable SECURITY_LSM_NATIVE_LABELS behavior will ensure that the SBLABEL_MNT flag has the correct value when the client traverses from an exported path without the "security_label" option to one with the "security_label" option and vice versa. Similarly, checking to see if SECURITY_LSM_NATIVE_LABELS is set upon return from security_sb_clone_mnt_opts() and clearing NFS_CAP_SECURITY_LABEL if necessary will allow the correct labels to be displayed for NFSv4.2 mounts mounted with the context= mount option. Resolves: https://github.com/SELinuxProject/selinux-kernel/issues/35 Signed-off-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov> Tested-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
John Johansen
|
6623ec7c4d |
securityfs: add the ability to support symlinks
Signed-off-by: John Johansen <john.johansen@canonical.com> Reviewed-by: Seth Arnold <seth.arnold@canonical.com> Acked-by: Kees Cook <keescook@chromium.org> |
||
|
Daniel Jurgens
|
47a2b338fe |
IB/core: Enforce security on management datagrams
Allocate and free a security context when creating and destroying a MAD agent. This context is used for controlling access to PKeys and sending and receiving SMPs. When sending or receiving a MAD check that the agent has permission to access the PKey for the Subnet Prefix of the port. During MAD and snoop agent registration for SMI QPs check that the calling process has permission to access the manage the subnet and register a callback with the LSM to be notified of policy changes. When notificaiton of a policy change occurs recheck permission and set a flag indicating sending and receiving SMPs is allowed. When sending and receiving MADs check that the agent has access to the SMI if it's on an SMI QP. Because security policy can change it's possible permission was allowed when creating the agent, but no longer is. Signed-off-by: Daniel Jurgens <danielj@mellanox.com> Acked-by: Doug Ledford <dledford@redhat.com> [PM: remove the LSM hook init code] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Daniel Jurgens
|
8f408ab64b |
selinux lsm IB/core: Implement LSM notification system
Add a generic notificaiton mechanism in the LSM. Interested consumers can register a callback with the LSM and security modules can produce events. Because access to Infiniband QPs are enforced in the setup phase of a connection security should be enforced again if the policy changes. Register infiniband devices for policy change notification and check all QPs on that device when the notification is received. Add a call to the notification mechanism from SELinux when the AVC cache changes or setenforce is cleared. Signed-off-by: Daniel Jurgens <danielj@mellanox.com> Acked-by: James Morris <james.l.morris@oracle.com> Acked-by: Doug Ledford <dledford@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Daniel Jurgens
|
d291f1a652 |
IB/core: Enforce PKey security on QPs
Add new LSM hooks to allocate and free security contexts and check for permission to access a PKey. Allocate and free a security context when creating and destroying a QP. This context is used for controlling access to PKeys. When a request is made to modify a QP that changes the port, PKey index, or alternate path, check that the QP has permission for the PKey in the PKey table index on the subnet prefix of the port. If the QP is shared make sure all handles to the QP also have access. Store which port and PKey index a QP is using. After the reset to init transition the user can modify the port, PKey index and alternate path independently. So port and PKey settings changes can be a merge of the previous settings and the new ones. In order to maintain access control if there are PKey table or subnet prefix change keep a list of all QPs are using each PKey index on each port. If a change occurs all QPs using that device and port must have access enforced for the new cache settings. These changes add a transaction to the QP modify process. Association with the old port and PKey index must be maintained if the modify fails, and must be removed if it succeeds. Association with the new port and PKey index must be established prior to the modify and removed if the modify fails. 1. When a QP is modified to a particular Port, PKey index or alternate path insert that QP into the appropriate lists. 2. Check permission to access the new settings. 3. If step 2 grants access attempt to modify the QP. 4a. If steps 2 and 3 succeed remove any prior associations. 4b. If ether fails remove the new setting associations. If a PKey table or subnet prefix changes walk the list of QPs and check that they have permission. If not send the QP to the error state and raise a fatal error event. If it's a shared QP make sure all the QPs that share the real_qp have permission as well. If the QP that owns a security structure is denied access the security structure is marked as such and the QP is added to an error_list. Once the moving the QP to error is complete the security structure mark is cleared. Maintaining the lists correctly turns QP destroy into a transaction. The hardware driver for the device frees the ib_qp structure, so while the destroy is in progress the ib_qp pointer in the ib_qp_security struct is undefined. When the destroy process begins the ib_qp_security structure is marked as destroying. This prevents any action from being taken on the QP pointer. After the QP is destroyed successfully it could still listed on an error_list wait for it to be processed by that flow before cleaning up the structure. If the destroy fails the QPs port and PKey settings are reinserted into the appropriate lists, the destroying flag is cleared, and access control is enforced, in case there were any cache changes during the destroy flow. To keep the security changes isolated a new file is used to hold security related functionality. Signed-off-by: Daniel Jurgens <danielj@mellanox.com> Acked-by: Doug Ledford <dledford@redhat.com> [PM: merge fixup in ib_verbs.h and uverbs_cmd.c] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Tetsuo Handa
|
e4e55b47ed |
LSM: Revive security_task_alloc() hook and per "struct task_struct" security blob.
We switched from "struct task_struct"->security to "struct cred"->security in Linux 2.6.29. But not all LSM modules were happy with that change. TOMOYO LSM module is an example which want to use per "struct task_struct" security blob, for TOMOYO's security context is defined based on "struct task_struct" rather than "struct cred". AppArmor LSM module is another example which want to use it, for AppArmor is currently abusing the cred a little bit to store the change_hat and setexeccon info. Although security_task_free() hook was revived in Linux 3.4 because Yama LSM module wanted to release per "struct task_struct" security blob, security_task_alloc() hook and "struct task_struct"->security field were not revived. Nowadays, we are getting proposals of lightweight LSM modules which want to use per "struct task_struct" security blob. We are already allowing multiple concurrent LSM modules (up to one fully armored module which uses "struct cred"->security field or exclusive hooks like security_xfrm_state_pol_flow_match(), plus unlimited number of lightweight modules which do not use "struct cred"->security nor exclusive hooks) as long as they are built into the kernel. But this patch does not implement variable length "struct task_struct"->security field which will become needed when multiple LSM modules want to use "struct task_struct"-> security field. Although it won't be difficult to implement variable length "struct task_struct"->security field, let's think about it after we merged this patch. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: John Johansen <john.johansen@canonical.com> Acked-by: Serge Hallyn <serge@hallyn.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Tested-by: Djalal Harouni <tixxdz@gmail.com> Acked-by: José Bollo <jobol@nonadev.net> Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Eric Paris <eparis@parisplace.org> Cc: Kees Cook <keescook@chromium.org> Cc: James Morris <james.l.morris@oracle.com> Cc: José Bollo <jobol@nonadev.net> Signed-off-by: James Morris <james.l.morris@oracle.com> |
||
|
Stephen Smalley
|
791ec491c3 |
prlimit,security,selinux: add a security hook for prlimit
When SELinux was first added to the kernel, a process could only get and set its own resource limits via getrlimit(2) and setrlimit(2), so no MAC checks were required for those operations, and thus no security hooks were defined for them. Later, SELinux introduced a hook for setlimit(2) with a check if the hard limit was being changed in order to be able to rely on the hard limit value as a safe reset point upon context transitions. Later on, when prlimit(2) was added to the kernel with the ability to get or set resource limits (hard or soft) of another process, LSM/SELinux was not updated other than to pass the target process to the setrlimit hook. This resulted in incomplete control over both getting and setting the resource limits of another process. Add a new security_task_prlimit() hook to the check_prlimit_permission() function to provide complete mediation. The hook is only called when acting on another task, and only if the existing DAC/capability checks would allow access. Pass flags down to the hook to indicate whether the prlimit(2) call will read, write, or both read and write the resource limits of the target process. The existing security_task_setrlimit() hook is left alone; it continues to serve a purpose in supporting the ability to make decisions based on the old and/or new resource limit values when setting limits. This is consistent with the DAC/capability logic, where check_prlimit_permission() performs generic DAC/capability checks for acting on another task, while do_prlimit() performs a capability check based on a comparison of the old and new resource limits. Fix the inline documentation for the hook to match the code. Implement the new hook for SELinux. For setting resource limits, we reuse the existing setrlimit permission. Note that this does overload the setrlimit permission to mean the ability to set the resource limit (soft or hard) of another process or the ability to change one's own hard limit. For getting resource limits, a new getrlimit permission is defined. This was not originally defined since getrlimit(2) could only be used to obtain a process' own limits. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <james.l.morris@oracle.com> |
||
|
Linus Torvalds
|
f1ef09fde1 |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace updates from Eric Biederman: "There is a lot here. A lot of these changes result in subtle user visible differences in kernel behavior. I don't expect anything will care but I will revert/fix things immediately if any regressions show up. From Seth Forshee there is a continuation of the work to make the vfs ready for unpriviled mounts. We had thought the previous changes prevented the creation of files outside of s_user_ns of a filesystem, but it turns we missed the O_CREAT path. Ooops. Pavel Tikhomirov and Oleg Nesterov worked together to fix a long standing bug in the implemenation of PR_SET_CHILD_SUBREAPER where only children that are forked after the prctl are considered and not children forked before the prctl. The only known user of this prctl systemd forks all children after the prctl. So no userspace regressions will occur. Holding earlier forked children to the same rules as later forked children creates a semantic that is sane enough to allow checkpoing of processes that use this feature. There is a long delayed change by Nikolay Borisov to limit inotify instances inside a user namespace. Michael Kerrisk extends the API for files used to maniuplate namespaces with two new trivial ioctls to allow discovery of the hierachy and properties of namespaces. Konstantin Khlebnikov with the help of Al Viro adds code that when a network namespace exits purges it's sysctl entries from the dcache. As in some circumstances this could use a lot of memory. Vivek Goyal fixed a bug with stacked filesystems where the permissions on the wrong inode were being checked. I continue previous work on ptracing across exec. Allowing a file to be setuid across exec while being ptraced if the tracer has enough credentials in the user namespace, and if the process has CAP_SETUID in it's own namespace. Proc files for setuid or otherwise undumpable executables are now owned by the root in the user namespace of their mm. Allowing debugging of setuid applications in containers to work better. A bug I introduced with permission checking and automount is now fixed. The big change is to mark the mounts that the kernel initiates as a result of an automount. This allows the permission checks in sget to be safely suppressed for this kind of mount. As the permission check happened when the original filesystem was mounted. Finally a special case in the mount namespace is removed preventing unbounded chains in the mount hash table, and making the semantics simpler which benefits CRIU. The vfs fix along with related work in ima and evm I believe makes us ready to finish developing and merge fully unprivileged mounts of the fuse filesystem. The cleanups of the mount namespace makes discussing how to fix the worst case complexity of umount. The stacked filesystem fixes pave the way for adding multiple mappings for the filesystem uids so that efficient and safer containers can be implemented" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: proc/sysctl: Don't grab i_lock under sysctl_lock. vfs: Use upper filesystem inode in bprm_fill_uid() proc/sysctl: prune stale dentries during unregistering mnt: Tuck mounts under others instead of creating shadow/side mounts. prctl: propagate has_child_subreaper flag to every descendant introduce the walk_process_tree() helper nsfs: Add an ioctl() to return owner UID of a userns fs: Better permission checking for submounts exit: fix the setns() && PR_SET_CHILD_SUBREAPER interaction vfs: open() with O_CREAT should not create inodes with unknown ids nsfs: Add an ioctl() to return the namespace type proc: Better ownership of files for non-dumpable tasks in user namespaces exec: Remove LSM_UNSAFE_PTRACE_CAP exec: Test the ptracer's saved cred to see if the tracee can gain caps exec: Don't reset euid and egid when the tracee has CAP_SETUID inotify: Convert to using per-namespace limits |
||
|
Eric W. Biederman
|
9227dd2a84 |
exec: Remove LSM_UNSAFE_PTRACE_CAP
With previous changes every location that tests for LSM_UNSAFE_PTRACE_CAP also tests for LSM_UNSAFE_PTRACE making the LSM_UNSAFE_PTRACE_CAP redundant, so remove it. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Stephen Smalley
|
3a2f5a59a6 |
security,selinux,smack: kill security_task_wait hook
As reported by yangshukui, a permission denial from security_task_wait() can lead to a soft lockup in zap_pid_ns_processes() since it only expects sys_wait4() to return 0 or -ECHILD. Further, security_task_wait() can in general lead to zombies; in the absence of some way to automatically reparent a child process upon a denial, the hook is not useful. Remove the security hook and its implementations in SELinux and Smack. Smack already removed its check from its hook. Reported-by: yangshukui <yangshukui@huawei.com> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Stephen Smalley
|
b21507e272 |
proc,security: move restriction on writing /proc/pid/attr nodes to proc
Processes can only alter their own security attributes via /proc/pid/attr nodes. This is presently enforced by each individual security module and is also imposed by the Linux credentials implementation, which only allows a task to alter its own credentials. Move the check enforcing this restriction from the individual security modules to proc_pid_attr_write() before calling the security hook, and drop the unnecessary task argument to the security hook since it can only ever be the current task. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
James Morris
|
de2f4b3453 | Merge branch 'stable-4.9' of git://git.infradead.org/users/pcmoore/selinux into next | ||
|
Mickaël Salaün
|
a4f4528a31 |
module: Fully remove the kernel_module_from_file hook
Remove remaining kernel_module_from_file hook left by commit
|
||
|
Vivek Goyal
|
2602625b7e |
security, overlayfs: Provide hook to correctly label newly created files
During a new file creation we need to make sure new file is created with the right label. New file is created in upper/ so effectively file should get label as if task had created file in upper/. We switched to mounter's creds for actual file creation. Also if there is a whiteout present, then file will be created in work/ dir first and then renamed in upper. In none of the cases file will be labeled as we want it to be. This patch introduces a new hook dentry_create_files_as(), which determines the label/context dentry will get if it had been created by task in upper and modify passed set of creds appropriately. Caller makes use of these new creds for file creation. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: fix whitespace issues found with checkpatch.pl] [PM: changes to use stat->mode in ovl_create_or_link()] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Vivek Goyal
|
121ab822ef |
security,overlayfs: Provide security hook for copy up of xattrs for overlay file
Provide a security hook which is called when xattrs of a file are being copied up. This hook is called once for each xattr and LSM can return 0 if the security module wants the xattr to be copied up, 1 if the security module wants the xattr to be discarded on the copy, -EOPNOTSUPP if the security module does not handle/manage the xattr, or a -errno upon an error. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: whitespace cleanup for checkpatch.pl] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Vivek Goyal
|
d8ad8b4961 |
security, overlayfs: provide copy up security hook for unioned files
Provide a security hook to label new file correctly when a file is copied up from lower layer to upper layer of a overlay/union mount. This hook can prepare a new set of creds which are suitable for new file creation during copy up. Caller will use new creds to create file and then revert back to old creds and release new creds. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: whitespace cleanup to appease checkpatch.pl] Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
|
Al Viro
|
4f3ccd7657 |
qstr: constify dentry_init_security
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> |
||
|
Linus Torvalds
|
c52b76185b |
Merge branch 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull 'struct path' constification update from Al Viro:
"'struct path' is passed by reference to a bunch of Linux security
methods; in theory, there's nothing to stop them from modifying the
damn thing and LSM community being what it is, sooner or later some
enterprising soul is going to decide that it's a good idea.
Let's remove the temptation and constify all of those..."
* 'work.const-path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
constify ima_d_path()
constify security_sb_pivotroot()
constify security_path_chroot()
constify security_path_{link,rename}
apparmor: remove useless checks for NULL ->mnt
constify security_path_{mkdir,mknod,symlink}
constify security_path_{unlink,rmdir}
apparmor: constify common_perm_...()
apparmor: constify aa_path_link()
apparmor: new helper - common_path_perm()
constify chmod_common/security_path_chmod
constify security_sb_mount()
constify chown_common/security_path_chown
tomoyo: constify assorted struct path *
apparmor_path_truncate(): path->mnt is never NULL
constify vfs_truncate()
constify security_path_truncate()
[apparmor] constify struct path * in a bunch of helpers
|
||
|
Baolin Wang
|
457db29bfc |
security: Introduce security_settime64()
security_settime() uses a timespec, which is not year 2038 safe on 32bit systems. Thus this patch introduces the security_settime64() function with timespec64 type. We also convert the cap_settime() helper function to use the 64bit types. This patch then moves security_settime() to the header file as an inline helper function so that existing users can be iteratively converted. None of the existing hooks is using the timespec argument and therefor the patch is not making any functional changes. Cc: Serge Hallyn <serge.hallyn@canonical.com>, Cc: James Morris <james.l.morris@oracle.com>, Cc: "Serge E. Hallyn" <serge@hallyn.com>, Cc: Paul Moore <pmoore@redhat.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Kees Cook <keescook@chromium.org> Cc: Prarit Bhargava <prarit@redhat.com> Cc: Richard Cochran <richardcochran@gmail.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@kernel.org> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Baolin Wang <baolin.wang@linaro.org> [jstultz: Reworded commit message] Signed-off-by: John Stultz <john.stultz@linaro.org> |